From 2a8485d852539c80467cb2cca33fa2bec9bf30b3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 9 Nov 2015 02:26:12 +0100 Subject: l 2 baseX: add zathura to pkgs --- lass/2configs/baseX.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass') diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 3be3676aa..e373c3d9a 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -34,6 +34,7 @@ in { sxiv much push + zathura #window manager stuff haskellPackages.xmobar -- cgit v1.2.3 From cea5826d1f2cd81b2effbe7324b05cefac160fc6 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 9 Nov 2015 02:27:22 +0100 Subject: l 1 prism: activate bitlbee --- lass/1systems/prism.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass') diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index 87334c3c2..8707c04c1 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -10,6 +10,7 @@ in { ../2configs/downloading.nix ../2configs/git.nix ../2configs/ts3.nix + ../2configs/bitlbee.nix { users.extraGroups = { # ● systemd-tmpfiles-setup.service - Create Volatile Files and Directories -- cgit v1.2.3 From 870b379dd9ed6151673d6acaaf3ed2c28454a0c7 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 9 Nov 2015 02:33:30 +0100 Subject: l 1 prism: add stuff for juhulian --- lass/1systems/prism.nix | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) (limited to 'lass') diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index 8707c04c1..ff5fad75f 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -88,6 +88,25 @@ in { { nixpkgs.config.allowUnfree = true; } + { + #stuff for juhulian + users.extraUsers.juhulian = { + name = "juhulian"; + uid = 1339; + home = "/home/juhulian"; + group = "users"; + createHome = true; + useDefaultShell = true; + extraGroups = [ + ]; + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBQhLGvfv4hyQ/nqJGy1YgHXPSVl6igeWTroJSvAhUFgoh+rG+zvqY0EahKXNb3sq0/OYDCTJVuucc0hgCg7T2KqTqMtTb9EEkRmCFbD7F7DWZojCrh/an6sHneqT5eFvzAPZ8E5hup7oVQnj5P5M3I9keRHBWt1rq6q0IcOEhsFvne4qJc73aLASTJkxzlo5U8ju3JQOl6474ECuSn0lb1fTrQ/SR1NgF7jV11eBldkS8SHEB+2GXjn4Yrn+QUKOnDp+B85vZmVlJSI+7XR1/U/xIbtAjGTEmNwB6cTbBv9NCG9jloDDOZG4ZvzzHYrlBXjaigtQh2/4mrHoKa5eV juhulian@juhulian" + ]; + }; + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p udp --dport 60000:61000"; target = "ACCEPT";} + ]; + } ]; krebs.build.host = config.krebs.hosts.prism; -- cgit v1.2.3 From c1565290601cd15168f08db8fd4362ae4c696070 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 9 Nov 2015 02:34:37 +0100 Subject: l 2 mc: fix image + pdf integration --- lass/2configs/mc.nix | 28 ++++++++-------------------- 1 file changed, 8 insertions(+), 20 deletions(-) (limited to 'lass') diff --git a/lass/2configs/mc.nix b/lass/2configs/mc.nix index 87880ed00..b7d5a4ceb 100644 --- a/lass/2configs/mc.nix +++ b/lass/2configs/mc.nix @@ -159,37 +159,25 @@ let ### Images ### - type/^GIF + shell/i/.gif Include=image - type/^JPEG + regex/i/\.jpe?g$ Include=image - type/^PC\ bitmap + shell/i/.bmp Include=image - type/^PNG + shell/i/.png Include=image - type/^JNG + shell/i/.jng Include=image - type/^MNG + shell/i/.mng Include=image - type/^TIFF - Include=image - - type/^PBM - Include=image - - type/^PGM - Include=image - - type/^PPM - Include=image - - type/^Netpbm + shell/i/.tiff Include=image shell/.ico @@ -283,7 +271,7 @@ let ### Documents ### # PDF - type/^PDF + shell/i/.pdf Open=zathura %f View=zathura %f -- cgit v1.2.3 From 9ff1f770f6f3703fad34ef4ce2d24116d84a5665 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 9 Nov 2015 02:36:07 +0100 Subject: l 3: add wordpress_nginx.nix --- lass/3modules/default.nix | 1 + lass/3modules/wordpress_nginx.nix | 195 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 196 insertions(+) create mode 100644 lass/3modules/wordpress_nginx.nix (limited to 'lass') diff --git a/lass/3modules/default.nix b/lass/3modules/default.nix index b081dc3cc..d0b96d2fd 100644 --- a/lass/3modules/default.nix +++ b/lass/3modules/default.nix @@ -9,5 +9,6 @@ _: ./per-user.nix ./urxvtd.nix ./xresources.nix + ./wordpress_nginx.nix ]; } diff --git a/lass/3modules/wordpress_nginx.nix b/lass/3modules/wordpress_nginx.nix new file mode 100644 index 000000000..65170698f --- /dev/null +++ b/lass/3modules/wordpress_nginx.nix @@ -0,0 +1,195 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.lass.wordpress; + + out = { + options.lass.wordpress = api; + config = imp; + }; + + api = mkOption { + type = with types; attrsOf (submodule ({ config, ... }: { + options = { + domain = mkOption { + type = str; + default = config._module.args.name; + }; + dbUser = mkOption { + type = str; + default = replaceStrings ["."] ["_"] config.domain; + }; + dbName = mkOption { + type = str; + default = replaceStrings ["."] ["_"] config.domain; + }; + folder = mkOption { + type = str; + default = "/srv/http/${config.domain}"; + }; + auto = mkOption { + type = bool; + default = false; + }; + charset = mkOption { + type = str; + default = "utf8mb4"; + }; + collate = mkOption { + type = str; + default = ""; + }; + debug = mkOption { + type = bool; + default = false; + }; + }; + })); + default = {}; + }; + + dataFolder = "/srv/http"; + user = config.services.nginx.user; + group = config.services.nginx.group; + + imp = { + krebs.nginx.servers = flip mapAttrs cfg ( name: { domain, ... }: { + server-names = [ + "${domain}" + "www.${domain}" + ]; + locations = [ + (nameValuePair "/" '' + try_files $uri $uri/ /index.php?$args; + '') + (nameValuePair "~ \.php$" '' + fastcgi_pass unix:${dataFolder}/${domain}/phpfpm.pool; + include ${pkgs.nginx}/conf/fastcgi.conf; + '') + (nameValuePair "~ /\\." '' + deny all; + '') + ]; + extraConfig = '' + root ${dataFolder}/${domain}/; + index index.php; + access_log /tmp/nginx_acc.log; + error_log /tmp/nginx_err.log; + error_page 404 /404.html; + error_page 500 502 503 504 /50x.html; + ''; + }); + services.phpfpm.poolConfigs = flip mapAttrs cfg (name: { domain, ... }: '' + listen = ${dataFolder}/${domain}/phpfpm.pool + user = ${user} + group = ${group} + pm = dynamic + pm.max_children = 5 + pm.start_servers = 2 + pm.min_spare_servers = 1 + pm.max_spare_servers = 3 + listen.owner = ${user} + listen.group = ${group} + # errors to journal + php_admin_value[error_log] = 'stderr' + php_admin_flag[log_errors] = on + catch_workers_output = yes + ''); + systemd.services = flip mapAttrs' cfg (name: { domain, folder, charset, collate, dbName, dbUser, debug, ... }: { + name = "wordpressInit-${name}"; + value = { + path = [ + pkgs.mysql + pkgs.su + pkgs.gawk + pkgs.jq + ]; + requiredBy = [ "nginx.service" ]; + serviceConfig = let + php.define = name: value: + "define(${php.newdoc name}, ${php.newdoc value});"; + php.toString = x: + "'${x}'"; + php.newdoc = s: + let b = "EOF${builtins.hashString "sha256" s}"; in + ''<<<'${b}' + ${s} + ${b} + ''; + in { + Type = "oneshot"; + ExecStart = pkgs.writeScript "wordpressInit" '' + #!/bin/sh + set -euf + wp_secrets=${shell.escape "${toString }/${domain}/wp-secrets"} + db_password=$(cat ${shell.escape "${toString }/${domain}/sql-db-pw"}) + get_secret() { + echo "define('$1', $(jq -r ."$1" "$wp_secrets" | to_php_string));" + } + to_php_string() { + echo "base64_decode('$(base64)')" + } + { + cat ${toString } + password=$(cat ${shell.escape (toString ())}) + # TODO passwordhash=$(su nobody2 -c mysql <<< "SELECT PASSWORD($(toSqlString <<< "$password"));") + # TODO as package pkgs.sqlHashPassword + # TODO not using mysql + # SET SESSION sql_mode = 'NO_BACKSLASH_ESCAPES'; + passwordhash=$(su nobody2 -c 'mysql -u nobody --silent' <<< "SELECT PASSWORD('$db_password');") + user=${shell.escape dbUser}@localhost + database=${shell.escape dbName} + cat << EOF + CREATE DATABASE IF NOT EXISTS $database; + GRANT USAGE ON *.* TO $user IDENTIFIED BY PASSWORD '$passwordhash'; + GRANT ALL PRIVILEGES ON $database.* TO $user; + FLUSH PRIVILEGES; + EOF + } | mysql -u root -p + # TODO nix2php for wp-config.php + cat > ${folder}/wp-config.php << EOF + Date: Fri, 13 Nov 2015 00:42:17 +0100 Subject: l 2 git: get irc-announce from pkgs --- lass/2configs/git.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index 7e8fc03c7..f35c8fccc 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -50,7 +50,7 @@ let inherit name desc; public = true; hooks = { - post-receive = git.irc-announce { + post-receive = pkgs.git-hooks.irc-announce { # TODO make nick = config.krebs.build.host.name the default nick = config.krebs.build.host.name; channel = "#retiolum"; -- cgit v1.2.3 From f2ec685c7cab342eefc227e6d9363d73f57d83b5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 13 Nov 2015 00:43:28 +0100 Subject: l 2 git: adapt to new lib architecture --- lass/2configs/git.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index f35c8fccc..743263022 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with import ../../tv/4lib { inherit lib pkgs; }; +with lib; let -- cgit v1.2.3 From b1613c0a20e661205ebb203ae238600b280ab396 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 13 Nov 2015 00:47:19 +0100 Subject: l 2 git: get secrets the new way --- lass/2configs/git.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index 743263022..539a9bbd2 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -43,7 +43,7 @@ let collaborators = with config.krebs.users; [ tv makefu ]; }; } // - import /root/src/secrets/repos.nix { inherit config lib pkgs; } + import { inherit config lib pkgs; } ); make-public-repo = name: { desc ? null, ... }: { -- cgit v1.2.3 From cda6bf1abe03b679d19591e45e1f981a643a9959 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 13 Nov 2015 00:48:09 +0100 Subject: l 2 configs: use krebs.per-user --- lass/2configs/skype.nix | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) (limited to 'lass') diff --git a/lass/2configs/skype.nix b/lass/2configs/skype.nix index 7e4618a7b..6a226441b 100644 --- a/lass/2configs/skype.nix +++ b/lass/2configs/skype.nix @@ -4,10 +4,6 @@ let mainUser = config.users.extraUsers.mainUser; in { - imports = [ - ../3modules/per-user.nix - ]; - users.extraUsers = { skype = { name = "skype"; @@ -20,7 +16,7 @@ in { }; }; - lass.per-user.skype.packages = [ + krebs.per-user.skype.packages = [ pkgs.skype ]; -- cgit v1.2.3 From 0580070f86ea64fd5e21ae1a212f25a3caf8b3e7 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 13 Nov 2015 00:50:02 +0100 Subject: l 3 go: activate redis via mkDefault --- lass/3modules/go.nix | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'lass') diff --git a/lass/3modules/go.nix b/lass/3modules/go.nix index aa900f118..b83d2e5a1 100644 --- a/lass/3modules/go.nix +++ b/lass/3modules/go.nix @@ -26,6 +26,11 @@ let }; imp = { + services.redis = { + enable = mkDefault true; + bind = mkDefault "127.0.0.1"; + }; + users.extraUsers.go = { name = "go"; uid = 42774411; #genid go -- cgit v1.2.3 From b6491e3b43e6d9bc4d76ce2845645b001b9d23c1 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 13 Nov 2015 00:59:07 +0100 Subject: l 4: remove simpleScript --- lass/4lib/default.nix | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) (limited to 'lass') diff --git a/lass/4lib/default.nix b/lass/4lib/default.nix index 6a8a28972..a751a2995 100644 --- a/lass/4lib/default.nix +++ b/lass/4lib/default.nix @@ -1,19 +1,9 @@ -{ lib, pkgs, ... }: +{ lib, ... }: with lib; { - simpleScript = name: content: - pkgs.stdenv.mkDerivation { - inherit name; - phases = [ "installPhase" ]; - installPhase = '' - mkdir -p $out/bin - ln -s ${pkgs.writeScript name content} $out/bin/${name} - ''; - }; - getDefaultGateway = ip: concatStringsSep "." (take 3 (splitString "." ip) ++ ["1"]); -- cgit v1.2.3 From 3c77b638c73ce6b57619371cc9636b8e701056d9 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 13 Nov 2015 00:59:34 +0100 Subject: l 2 browsers: add simpleScript --- lass/2configs/browsers.nix | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix index 5a1857973..849778a7a 100644 --- a/lass/2configs/browsers.nix +++ b/lass/2configs/browsers.nix @@ -1,7 +1,15 @@ { config, lib, pkgs, ... }: let - inherit (import ../4lib { inherit pkgs lib; }) simpleScript; + simpleScript = name: content: + pkgs.stdenv.mkDerivation { + inherit name; + phases = [ "installPhase" ]; + installPhase = '' + mkdir -p $out/bin + ln -s ${pkgs.writeScript name content} $out/bin/${name} + ''; + }; mainUser = config.users.extraUsers.mainUser; createChromiumUser = name: extraGroups: packages: -- cgit v1.2.3 From 2fa3c56b10508400c2290937564bdd1c30b0c1d0 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 13 Nov 2015 01:01:45 +0100 Subject: l 2 base: nixpkgs rev 6d31e9b -> 7ae05ed --- lass/2configs/base.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/base.nix b/lass/2configs/base.nix index 11bc4f089..944db83e0 100644 --- a/lass/2configs/base.nix +++ b/lass/2configs/base.nix @@ -48,7 +48,7 @@ with lib; source = { git.nixpkgs = { url = https://github.com/Lassulus/nixpkgs; - rev = "6d31e9b81dcd4ab927bb3dc91b612dd5abfa2f80"; + rev = "7ae05edcdd14f6ace83ead9bf0d114e97c89a83a"; }; dir.secrets = { host = config.krebs.hosts.mors; -- cgit v1.2.3 From 40cb49f5246ad59abbda628244bb6edbe30058c0 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 13 Nov 2015 01:02:28 +0100 Subject: l 1 echelon: disable redis --- lass/1systems/echelon.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/1systems/echelon.nix b/lass/1systems/echelon.nix index dc0ca0274..39af4a96f 100644 --- a/lass/1systems/echelon.nix +++ b/lass/1systems/echelon.nix @@ -13,7 +13,7 @@ in { ../2configs/realwallpaper-server.nix ../2configs/privoxy-retiolum.nix ../2configs/git.nix - ../2configs/redis.nix + #../2configs/redis.nix ../2configs/go.nix ../2configs/ircd.nix ../2configs/newsbot-js.nix -- cgit v1.2.3 From ccb6884708f8106a4f02dcd9dc98e9fd02668add Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 13 Nov 2015 01:06:16 +0100 Subject: l 1 prism: add stuff for oneline httpserver --- lass/1systems/prism.nix | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'lass') diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index ff5fad75f..85021887f 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -107,6 +107,14 @@ in { { predicate = "-p udp --dport 60000:61000"; target = "ACCEPT";} ]; } + { + environment.systemPackages = [ + pkgs.perlPackages.Plack + ]; + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p tcp --dport 8080"; target = "ACCEPT";} + ]; + } ]; krebs.build.host = config.krebs.hosts.prism; -- cgit v1.2.3 From 58890bc80b28ed02e98b21a054849220a69919cb Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 13 Nov 2015 01:07:54 +0100 Subject: l: use new xserver architecture --- lass/2configs/baseX.nix | 59 +++---- lass/2configs/xserver/Xresources.nix | 27 +++ lass/2configs/xserver/default.nix | 161 ++++++++++++++++++ lass/2configs/xserver/xserver.conf.nix | 40 +++++ lass/5pkgs/default.nix | 3 + lass/5pkgs/xmonad-lass/.gitignore | 1 + lass/5pkgs/xmonad-lass/Main.hs | 190 ++++++++++++++++++++++ lass/5pkgs/xmonad-lass/Makefile | 6 + lass/5pkgs/xmonad-lass/Util/PerWorkspaceConfig.hs | 52 ++++++ lass/5pkgs/xmonad-lass/xmonad.cabal | 17 ++ 10 files changed, 527 insertions(+), 29 deletions(-) create mode 100644 lass/2configs/xserver/Xresources.nix create mode 100644 lass/2configs/xserver/default.nix create mode 100644 lass/2configs/xserver/xserver.conf.nix create mode 100644 lass/5pkgs/xmonad-lass/.gitignore create mode 100644 lass/5pkgs/xmonad-lass/Main.hs create mode 100644 lass/5pkgs/xmonad-lass/Makefile create mode 100644 lass/5pkgs/xmonad-lass/Util/PerWorkspaceConfig.hs create mode 100644 lass/5pkgs/xmonad-lass/xmonad.cabal (limited to 'lass') diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index e373c3d9a..4e46c18d2 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -5,7 +5,8 @@ let in { imports = [ ./base.nix - ./urxvt.nix + #./urxvt.nix + ./xserver ]; users.extraUsers.mainUser.extraGroups = [ "audio" ]; @@ -37,36 +38,36 @@ in { zathura #window manager stuff - haskellPackages.xmobar - haskellPackages.yeganesh - dmenu2 - xlibs.fontschumachermisc + #haskellPackages.xmobar + #haskellPackages.yeganesh + #dmenu2 + #xlibs.fontschumachermisc ]; - fonts.fonts = [ - pkgs.xlibs.fontschumachermisc - ]; - - services.xserver = { - enable = true; - - windowManager.xmonad.extraPackages = hspkgs: with hspkgs; [ - X11-xshape - ]; - windowManager.xmonad.enable = true; - windowManager.xmonad.enableContribAndExtras = true; - windowManager.default = "xmonad"; - desktopManager.default = "none"; - desktopManager.xterm.enable = false; - displayManager.slim.enable = true; - displayManager.auto.enable = true; - displayManager.auto.user = mainUser.name; - - layout = "us"; - xkbModel = "evdev"; - xkbVariant = "altgr-intl"; - xkbOptions = "caps:backspace"; - }; + #fonts.fonts = [ + # pkgs.xlibs.fontschumachermisc + #]; + + #services.xserver = { + # enable = true; + + # windowManager.xmonad.extraPackages = hspkgs: with hspkgs; [ + # X11-xshape + # ]; + # windowManager.xmonad.enable = true; + # windowManager.xmonad.enableContribAndExtras = true; + # windowManager.default = "xmonad"; + # desktopManager.default = "none"; + # desktopManager.xterm.enable = false; + # displayManager.slim.enable = true; + # displayManager.auto.enable = true; + # displayManager.auto.user = mainUser.name; + + # layout = "us"; + # xkbModel = "evdev"; + # xkbVariant = "altgr-intl"; + # xkbOptions = "caps:backspace"; + #}; services.logind.extraConfig = '' HandleLidSwitch=ignore diff --git a/lass/2configs/xserver/Xresources.nix b/lass/2configs/xserver/Xresources.nix new file mode 100644 index 000000000..d52418897 --- /dev/null +++ b/lass/2configs/xserver/Xresources.nix @@ -0,0 +1,27 @@ +{ config, lib, pkgs, ... }: + +with lib; + +pkgs.writeText "Xresources" '' + URxvt*scrollBar: false + URxvt*urgentOnBell: true + URxvt*font: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-* + URxvt*boldFont: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-* + + ! ref https://github.com/muennich/urxvt-perls + URxvt.perl-lib: ${pkgs.urxvt_perls}/lib/urxvt/perl + URxvt.perl-ext-common: default,clipboard,url-select,keyboard-select + URxvt.url-select.launcher: browser-select + URxvt.url-select.underline: true + URxvt.keysym.M-u: perl:url-select:select_next + URxvt.keysym.M-Escape: perl:keyboard-select:activate + URxvt.keysym.M-s: perl:keyboard-select:search + + URxvt.intensityStyles: false + + URxvt*background: #000000 + URxvt*foreground: #ffffff + + !change unreadable blue + URxvt*color4: #268bd2 +'' diff --git a/lass/2configs/xserver/default.nix b/lass/2configs/xserver/default.nix new file mode 100644 index 000000000..ceccf5fee --- /dev/null +++ b/lass/2configs/xserver/default.nix @@ -0,0 +1,161 @@ +{ config, lib, pkgs, ... }@args: + +with lib; + +let + # TODO krebs.build.user + user = config.users.users.mainUser; + + out = { + + services.xserver = { + display = 11; + tty = 11; + + synaptics = { + enable = true; + twoFingerScroll = true; + accelFactor = "0.035"; + }; + + #keyboard stuff + layout = "us"; + xkbVariant = "altgr-intl"; + xkbOptions = "caps:backspace"; + }; + + fonts.fonts = [ + pkgs.xlibs.fontschumachermisc + ]; + + systemd.services.urxvtd = { + wantedBy = [ "multi-user.target" ]; + reloadIfChanged = true; + serviceConfig = { + ExecReload = need-reload "urxvtd.service"; + ExecStart = "${pkgs.rxvt_unicode}/bin/urxvtd"; + Restart = "always"; + RestartSec = "2s"; + StartLimitBurst = 0; + User = user.name; + }; + }; + + environment.systemPackages = [ + pkgs.gitAndTools.qgit + pkgs.mpv + pkgs.pavucontrol + pkgs.slock + pkgs.sxiv + pkgs.xsel + pkgs.zathura + ]; + + security.setuidPrograms = [ + "slock" + ]; + + systemd.services.display-manager = mkForce {}; + + services.xserver.enable = true; + + systemd.services.xmonad = { + wantedBy = [ "multi-user.target" ]; + requires = [ "xserver.service" ]; + environment = xmonad-environment; + serviceConfig = { + ExecStart = "${xmonad-start}/bin/xmonad"; + ExecStop = "${xmonad-stop}/bin/xmonad-stop"; + User = user.name; + WorkingDirectory = user.home; + }; + }; + + systemd.services.xserver = { + after = [ + "systemd-udev-settle.service" + "local-fs.target" + "acpid.service" + ]; + reloadIfChanged = true; + environment = xserver-environment; + serviceConfig = { + ExecReload = need-reload "xserver.service"; + ExecStart = "${xserver}/bin/xserver"; + }; + }; + }; + + xmonad-environment = { + DISPLAY = ":${toString config.services.xserver.display}"; + XMONAD_STATE = "/tmp/xmonad.state"; + + # XXX JSON is close enough :) + XMONAD_WORKSPACES0_FILE = pkgs.writeText "xmonad.workspaces0" (toJSON [ + "cr" + "gm" + "ff" + "IM" + "mail" + "stockholm" + ]); + }; + + xmonad-start = pkgs.writeScriptBin "xmonad" '' + #! ${pkgs.bash}/bin/bash + set -efu + export PATH; PATH=${makeSearchPath "bin" ([ + pkgs.rxvt_unicode + pkgs.i3lock + pkgs.haskellPackages.yeganesh + pkgs.haskellPackages.xmobar + pkgs.dmenu + ] ++ config.environment.systemPackages)}:/var/setuid-wrappers + settle() {( + # Use PATH for a clean journal + command=''${1##*/} + PATH=''${1%/*}; export PATH + shift + until "$command" "$@"; do + ${pkgs.coreutils}/bin/sleep 1 + done + )&} + settle ${pkgs.xorg.xhost}/bin/xhost +LOCAL: + settle ${pkgs.xorg.xrdb}/bin/xrdb -merge ${import ./Xresources.nix args} + settle ${pkgs.xorg.xsetroot}/bin/xsetroot -solid '#1c1c1c' + exec ${pkgs.xmonad-lass}/bin/xmonad + ''; + + xmonad-stop = pkgs.writeScriptBin "xmonad-stop" '' + #! /bin/sh + exec ${pkgs.xmonad-lass}/bin/xmonad --shutdown + ''; + + xserver-environment = { + XKB_BINDIR = "${pkgs.xorg.xkbcomp}/bin"; # Needed for the Xkb extension. + XORG_DRI_DRIVER_PATH = "/run/opengl-driver/lib/dri"; # !!! Depends on the driver selected at runtime. + LD_LIBRARY_PATH = concatStringsSep ":" ( + [ "${pkgs.xorg.libX11}/lib" "${pkgs.xorg.libXext}/lib" ] + ++ concatLists (catAttrs "libPath" config.services.xserver.drivers)); + }; + + xserver = pkgs.writeScriptBin "xserver" '' + #! /bin/sh + set -efu + exec ${pkgs.xorg.xorgserver}/bin/X \ + :${toString config.services.xserver.display} \ + vt${toString config.services.xserver.tty} \ + -config ${import ./xserver.conf.nix args} \ + -logfile /var/log/X.${toString config.services.xserver.display}.log \ + -nolisten tcp \ + -xkbdir ${pkgs.xkeyboard_config}/etc/X11/xkb \ + ''; + + need-reload = s: let + pkg = pkgs.writeScriptBin "need-reload" '' + #! /bin/sh + echo "$*" + ''; + in "${pkg}/bin/need-reload ${s}"; + +in out diff --git a/lass/2configs/xserver/xserver.conf.nix b/lass/2configs/xserver/xserver.conf.nix new file mode 100644 index 000000000..e8a997a99 --- /dev/null +++ b/lass/2configs/xserver/xserver.conf.nix @@ -0,0 +1,40 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.xserver; +in + +pkgs.stdenv.mkDerivation { + name = "xserver.conf"; + + xfs = optionalString (cfg.useXFS != false) + ''FontPath "${toString cfg.useXFS}"''; + + inherit (cfg) config; + + buildCommand = + '' + echo 'Section "Files"' >> $out + echo $xfs >> $out + + for i in ${toString config.fonts.fonts}; do + if test "''${i:0:''${#NIX_STORE}}" == "$NIX_STORE"; then + for j in $(find $i -name fonts.dir); do + echo " FontPath \"$(dirname $j)\"" >> $out + done + fi + done + + for i in $(find ${toString cfg.modules} -type d); do + if test $(echo $i/*.so* | wc -w) -ne 0; then + echo " ModulePath \"$i\"" >> $out + fi + done + + echo 'EndSection' >> $out + + echo "$config" >> $out + ''; +} diff --git a/lass/5pkgs/default.nix b/lass/5pkgs/default.nix index 869f808ce..844d68a45 100644 --- a/lass/5pkgs/default.nix +++ b/lass/5pkgs/default.nix @@ -15,4 +15,7 @@ rec { }; go = callPackage ./go/default.nix {}; newsbot-js = callPackage ./newsbot-js/default.nix {}; + xmonad-lass = + let src = pkgs.writeNixFromCabal "xmonad-lass.nix" ./xmonad-lass; in + pkgs.haskellPackages.callPackage src {}; } diff --git a/lass/5pkgs/xmonad-lass/.gitignore b/lass/5pkgs/xmonad-lass/.gitignore new file mode 100644 index 000000000..616204547 --- /dev/null +++ b/lass/5pkgs/xmonad-lass/.gitignore @@ -0,0 +1 @@ +/shell.nix diff --git a/lass/5pkgs/xmonad-lass/Main.hs b/lass/5pkgs/xmonad-lass/Main.hs new file mode 100644 index 000000000..10a3c5638 --- /dev/null +++ b/lass/5pkgs/xmonad-lass/Main.hs @@ -0,0 +1,190 @@ +{-# LANGUAGE DeriveDataTypeable #-} -- for XS +{-# LANGUAGE FlexibleContexts #-} -- for xmonad' +{-# LANGUAGE LambdaCase #-} +{-# LANGUAGE ScopedTypeVariables #-} + + +module Main where + +import Control.Exception +import Text.Read (readEither) +import XMonad +import System.IO (hPutStrLn, stderr) +import System.Environment (getArgs, withArgs, getEnv, getEnvironment) +import System.Posix.Process (executeFile) +import XMonad.Prompt (defaultXPConfig) +import XMonad.Actions.DynamicWorkspaces ( addWorkspacePrompt, renameWorkspace + , removeEmptyWorkspace) +import XMonad.Actions.GridSelect +import XMonad.Actions.CycleWS (toggleWS) +--import XMonad.Actions.CopyWindow ( copy ) +import XMonad.Layout.NoBorders ( smartBorders ) +import qualified XMonad.StackSet as W +import Data.Map (Map) +import qualified Data.Map as Map +-- TODO import XMonad.Layout.WorkspaceDir +import XMonad.Hooks.UrgencyHook (SpawnUrgencyHook(..), withUrgencyHook) +-- import XMonad.Layout.Tabbed +--import XMonad.Layout.MouseResizableTile +import XMonad.Layout.Reflect (reflectVert) +import XMonad.Layout.FixedColumn (FixedColumn(..)) +import XMonad.Hooks.Place (placeHook, smart) +import XMonad.Hooks.FloatNext (floatNextHook) +import XMonad.Actions.PerWorkspaceKeys (chooseAction) +import XMonad.Layout.PerWorkspace (onWorkspace) +--import XMonad.Layout.BinarySpacePartition +import XMonad.Util.EZConfig (additionalKeysP) + +import XMonad.Prompt (autoComplete, defaultXPConfig, XPConfig, mkXPrompt) +import XMonad.Hooks.UrgencyHook (focusUrgent, withUrgencyHook, urgencyBorderColor, BorderUrgencyHook(BorderUrgencyHook)) +import XMonad.Actions.DynamicWorkspaces (addWorkspacePrompt, removeEmptyWorkspace, renameWorkspace, withWorkspace) +import XMonad.Hooks.FloatNext (floatNext, floatNextHook) +import XMonad.Prompt.Workspace +import XMonad.Actions.CopyWindow (copy, kill1) +import qualified Data.Map as M +import XMonad.Hooks.ManageDocks (avoidStruts, manageDocks, ToggleStruts(ToggleStruts)) + +--import XMonad.Actions.Submap +import XMonad.Stockholm.Pager +import XMonad.Stockholm.Rhombus +import XMonad.Stockholm.Shutdown + +myTerm :: String +myTerm = "urxvtc" + +myRootTerm :: String +myRootTerm = "urxvtc -name root-urxvt -e su -" + +myFont :: String +myFont = "-schumacher-*-*-*-*-*-*-*-*-*-*-*-iso10646-*" + +main :: IO () +main = getArgs >>= \case + ["--shutdown"] -> sendShutdownEvent + _ -> mainNoArgs + +mainNoArgs :: IO () +mainNoArgs = do + xmonad' + -- $ withUrgencyHookC dzenUrgencyHook { args = ["-bg", "magenta", "-fg", "magenta", "-h", "2"], duration = 500000 } + -- urgencyConfig { remindWhen = Every 1 } + -- $ withUrgencyHook borderUrgencyHook "magenta" + -- $ withUrgencyHookC BorderUrgencyHook { urgencyBorderColor = "magenta" } urgencyConfig { suppressWhen = Never } + $ withUrgencyHook (SpawnUrgencyHook "echo emit Urgency ") + $ defaultConfig + { terminal = myTerm + , modMask = mod4Mask + , layoutHook = smartBorders $ myLayoutHook + -- , handleEventHook = myHandleEventHooks <+> handleTimerEvent + --, handleEventHook = handleTimerEvent + , manageHook = placeHook (smart (1,0)) <+> floatNextHook + , startupHook = spawn "echo emit XMonadStartup" + , normalBorderColor = "#1c1c1c" + , focusedBorderColor = "#f000b0" + , handleEventHook = handleShutdownEvent + } `additionalKeysP` myKeyMap + +myLayoutHook = defLayout + where + defLayout = (avoidStruts $ Tall 1 (3/100) (1/2) ||| Full ||| Mirror (Tall 1 (3/100) (1/2))) ||| FixedColumn 2 80 80 1 + + +xmonad' :: (LayoutClass l Window, Read (l Window)) => XConfig l -> IO () +xmonad' conf = do + path <- getEnv "XMONAD_STATE" + try (readFile path) >>= \case + Right content -> do + hPutStrLn stderr ("resuming from " ++ path) + withArgs ("--resume" : lines content) (xmonad conf) + Left e -> do + hPutStrLn stderr (displaySomeException e) + xmonad conf + + +displaySomeException :: SomeException -> String +displaySomeException = displayException + + +myKeyMap = + [ ("M4-", spawn "i3lock -i ~/lock.png -u" ) + , ("M4-p", spawn "passmenu --type") + , ("M4-r", spawn "exe=$(yeganesh -x) && eval \"exec $exe\"") + -- , ("M4-r", io (readProcess "yeganesh" ["-x"] "" >>= putStrLn ) ) + , ("", spawn "pactl -- set-sink-volume 0 +4%") + , ("", spawn "pactl -- set-sink-volume 0 -4%") + , ("", gridselectWorkspace myWSConfig W.view) + + , ("M4-a", focusUrgent) + , ("M4-S-r", renameWorkspace defaultXPConfig) + , ("M4-S-a", addWorkspacePrompt defaultXPConfig) + , ("M4-S-", removeEmptyWorkspace) + , ("M4-S-c", kill1) + , ("M4-", toggleWS) + , ("M4-S-", spawn myTerm) + , ("M4-x", floatNext True >> spawn myTerm) + , ("M4-f", floatNext True) + , ("M4-b", sendMessage ToggleStruts) + + , ("M4-v", withWorkspace myXPConfig (windows . W.view)) + , ("M4-S-v", withWorkspace myXPConfig (windows . W.shift)) + , ("M4-C-v", withWorkspace myXPConfig (windows . copy)) + + -- , (_4 , xK_q ) & \k -> (k, goToSelected myCNConfig { gs_navigate = makeGSNav k } ) + -- , (_4S, xK_q ) & \k -> (k, bringSelected myCNConfig { gs_navigate = makeGSNav k } ) + -- , (_4C, xK_q ) & \k -> (k, withSelectedWindow ( \a -> get >>= \s -> put s { windowset = copyWindow a (W.tag $ W.workspace $ W.current $ windowset s) (windowset s) } ) myCNConfig { gs_navigate = makeGSNav k } ) + + --, ("M4-", perWorkspaceAction workspaceConfigs) + , ("M4-S-q", return ()) + ] + +myGSConfig = defaultGSConfig + { gs_cellheight = 50 + , gs_cellpadding = 2 + , gs_navigate = navNSearch + , gs_font = myFont + } + +myXPConfig :: XPConfig +myXPConfig = defaultXPConfig + { autoComplete = Just 5000 + } + +myWSConfig = myGSConfig + { gs_cellwidth = 50 + } + +pagerConfig :: PagerConfig +pagerConfig = defaultPagerConfig + { pc_font = myFont + , pc_cellwidth = 64 + --, pc_cellheight = 36 -- TODO automatically keep screen aspect + --, pc_borderwidth = 1 + --, pc_matchcolor = "#f0b000" + , pc_matchmethod = MatchPrefix + --, pc_colors = pagerWorkspaceColors + , pc_windowColors = windowColors + } + where + windowColors _ _ _ True _ = ("#ef4242","#ff2323") + windowColors wsf m c u wf = do + let def = defaultWindowColors wsf m c u wf + if m == False && wf == True + then ("#402020", snd def) + else def + +wGSConfig :: GSConfig Window +wGSConfig = defaultGSConfig + { gs_cellheight = 20 + , gs_cellwidth = 192 + , gs_cellpadding = 5 + , gs_font = myFont + , gs_navigate = navNSearch + } + + +(&) :: a -> (a -> c) -> c +(&) = flip ($) + +allWorkspaceNames :: W.StackSet i l a sid sd -> X [i] +allWorkspaceNames ws = + return $ map W.tag (W.hidden ws) ++ [W.tag $ W.workspace $ W.current ws] diff --git a/lass/5pkgs/xmonad-lass/Makefile b/lass/5pkgs/xmonad-lass/Makefile new file mode 100644 index 000000000..cbb0776e6 --- /dev/null +++ b/lass/5pkgs/xmonad-lass/Makefile @@ -0,0 +1,6 @@ +.PHONY: ghci +ghci: shell.nix + nix-shell --command 'exec ghci -Wall' + +shell.nix: xmonad.cabal + cabal2nix --shell . > $@ diff --git a/lass/5pkgs/xmonad-lass/Util/PerWorkspaceConfig.hs b/lass/5pkgs/xmonad-lass/Util/PerWorkspaceConfig.hs new file mode 100644 index 000000000..bba7c8c60 --- /dev/null +++ b/lass/5pkgs/xmonad-lass/Util/PerWorkspaceConfig.hs @@ -0,0 +1,52 @@ +module Util.PerWorkspaceConfig + ( WorkspaceConfig (..) + , WorkspaceConfigs + , switchToWorkspace + , defaultWorkspaceConfig + , perWorkspaceAction + , perWorkspaceTermAction +-- , myLayoutHack + ) +where + +import XMonad +import XMonad.Core (LayoutClass) +import Control.Monad (when) + +import qualified Data.Map as M +import qualified XMonad.StackSet as W + +data WorkspaceConfig l = + WorkspaceConfig + { switchAction :: X () + , startAction :: X () + , keyAction :: X () + , termAction :: X () + } + +type WorkspaceConfigs l = M.Map WorkspaceId (WorkspaceConfig l) + +defaultWorkspaceConfig = WorkspaceConfig + { switchAction = return () + , startAction = return () + , keyAction = return () + , termAction = spawn "urxvtc" + } + +whenLookup wsId cfg a = + when (M.member wsId cfg) (a $ cfg M.! wsId) + +switchToWorkspace :: WorkspaceConfigs l -> WorkspaceId -> X () +switchToWorkspace cfg wsId = do + windows $ W.greedyView wsId + wins <- gets (W.integrate' . W.stack . W.workspace . W.current . windowset) + when (null wins) $ whenLookup wsId cfg startAction + whenLookup wsId cfg switchAction + +perWorkspaceAction :: WorkspaceConfigs l -> X () +perWorkspaceAction cfg = withWindowSet $ \s -> whenLookup (W.currentTag s) cfg keyAction + +perWorkspaceTermAction :: WorkspaceConfigs l -> X () +perWorkspaceTermAction cfg = withWindowSet $ \s -> case M.lookup (W.currentTag s) cfg of + Just x -> termAction x + _ -> termAction defaultWorkspaceConfig diff --git a/lass/5pkgs/xmonad-lass/xmonad.cabal b/lass/5pkgs/xmonad-lass/xmonad.cabal new file mode 100644 index 000000000..37809b599 --- /dev/null +++ b/lass/5pkgs/xmonad-lass/xmonad.cabal @@ -0,0 +1,17 @@ +Author: lass +Build-Type: Simple +Cabal-Version: >= 1.2 +License: MIT +Name: xmonad-lass +Version: 0 + +Executable xmonad + Build-Depends: + base, + containers, + unix, + xmonad, + xmonad-contrib, + xmonad-stockholm + GHC-Options: -Wall -O3 -threaded -rtsopts + Main-Is: Main.hs -- cgit v1.2.3 From c373eac636525a65d28c1f39cbf599edbcf60ebc Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 13 Nov 2015 01:10:55 +0100 Subject: l 1 mors: use new wordpress test --- lass/1systems/mors.nix | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index 7db3f8333..803c149b8 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -18,10 +18,31 @@ ../2configs/chromium-patched.nix ../2configs/git.nix ../2configs/retiolum.nix - ../2configs/wordpress.nix + #../2configs/wordpress.nix ../2configs/bitlbee.nix ../2configs/firefoxPatched.nix ../2configs/skype.nix + { + #wordpress-test + #imports = singleton (sitesGenerators.createWordpress "testserver.de"); + imports = [ + ../3modules/wordpress_nginx.nix + ]; + lass.wordpress."testserver.de" = { + }; + + services.mysql = { + enable = true; + package = pkgs.mariadb; + rootPassword = "/mysql_rootPassword"; + }; + networking.extraHosts = '' + 10.243.0.2 testserver.de + ''; + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; precedence = 9998; } + ]; + } ]; krebs.build.host = config.krebs.hosts.mors; -- cgit v1.2.3 From 8cc4395e15498aa607e96fef09d9f7b9827567fc Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 13 Nov 2015 01:12:07 +0100 Subject: l 1 mors: open risk of rain port for lan --- lass/1systems/mors.nix | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'lass') diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index 803c149b8..7b91fa6be 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -22,6 +22,12 @@ ../2configs/bitlbee.nix ../2configs/firefoxPatched.nix ../2configs/skype.nix + { + #risk of rain port + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p tcp --dport 11100"; target = "ACCEPT"; } + ]; + } { #wordpress-test #imports = singleton (sitesGenerators.createWordpress "testserver.de"); -- cgit v1.2.3 From 58eab5df691efd6933063ba1ec9278cd940a1ba1 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 13 Nov 2015 01:16:15 +0100 Subject: l 3 go -> k 3 go --- lass/3modules/default.nix | 1 - lass/3modules/go.nix | 66 ----------------------------------------------- 2 files changed, 67 deletions(-) delete mode 100644 lass/3modules/go.nix (limited to 'lass') diff --git a/lass/3modules/default.nix b/lass/3modules/default.nix index d0b96d2fd..7c85af3a4 100644 --- a/lass/3modules/default.nix +++ b/lass/3modules/default.nix @@ -4,7 +4,6 @@ _: ./xresources.nix ./bitlbee.nix ./folderPerms.nix - ./go.nix ./newsbot-js.nix ./per-user.nix ./urxvtd.nix diff --git a/lass/3modules/go.nix b/lass/3modules/go.nix deleted file mode 100644 index b83d2e5a1..000000000 --- a/lass/3modules/go.nix +++ /dev/null @@ -1,66 +0,0 @@ -{ config, lib, pkgs, ... }: - -with builtins; -with lib; - -let - cfg = config.lass.go; - - out = { - options.lass.go = api; - config = mkIf cfg.enable imp; - }; - - api = { - enable = mkEnableOption "Enable go url shortener"; - port = mkOption { - type = types.str; - default = "1337"; - description = "on which port go should run on"; - }; - redisKeyPrefix = mkOption { - type = types.str; - default = "go:"; - description = "change the Redis key prefix which defaults to `go:`"; - }; - }; - - imp = { - services.redis = { - enable = mkDefault true; - bind = mkDefault "127.0.0.1"; - }; - - users.extraUsers.go = { - name = "go"; - uid = 42774411; #genid go - description = "go url shortener user"; - home = "/var/lib/go"; - createHome = true; - }; - - systemd.services.go = { - description = "go url shortener"; - after = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; - - path = with pkgs; [ - go - ]; - - environment = { - PORT = cfg.port; - REDIS_KEY_PREFIX = cfg.redisKeyPrefix; - }; - - restartIfChanged = true; - - serviceConfig = { - User = "go"; - Restart = "always"; - ExecStart = "${pkgs.go}/bin/go"; - }; - }; - }; - -in out -- cgit v1.2.3 From 103f99d7a45d10b1beb67eead5c7713dd65807d6 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 13 Nov 2015 01:18:40 +0100 Subject: l 2 go: adapt to lass.go -> krebs.go --- lass/2configs/go.nix | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) (limited to 'lass') diff --git a/lass/2configs/go.nix b/lass/2configs/go.nix index 81a02ec7c..f4c2ac289 100644 --- a/lass/2configs/go.nix +++ b/lass/2configs/go.nix @@ -2,13 +2,10 @@ with lib; { - imports = [ - ../3modules/go.nix - ]; environment.systemPackages = [ pkgs.go ]; - lass.go = { + krebs.go = { enable = true; }; krebs.nginx = { -- cgit v1.2.3 From 222d959ee45de47bbbf70c64df8840a5f9e40aa5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 13 Nov 2015 11:08:56 +0100 Subject: l 2 git: make prism verbose host --- lass/2configs/git.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index 539a9bbd2..16ecaefec 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -55,7 +55,7 @@ let nick = config.krebs.build.host.name; channel = "#retiolum"; server = "cd.retiolum"; - verbose = config.krebs.build.host.name == "echelon"; + verbose = config.krebs.build.host.name == "prism"; }; }; }; -- cgit v1.2.3 From bd71d3367b73eafb1bb6c59e858c195f6cf9952a Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 13 Nov 2015 11:10:34 +0100 Subject: l 2 base: add monitoring tools --- lass/2configs/base.nix | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'lass') diff --git a/lass/2configs/base.nix b/lass/2configs/base.nix index 944db83e0..a76ed4d6b 100644 --- a/lass/2configs/base.nix +++ b/lass/2configs/base.nix @@ -92,6 +92,10 @@ with lib; most rxvt_unicode.terminfo + #monitoring tools + htop + iotop + #network iptables -- cgit v1.2.3 From a204949071a964584bf27889277c8890ed724979 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 13 Nov 2015 13:05:19 +0100 Subject: move testhosts to shared from lass --- lass/1systems/test-arch.nix | 36 ------------------------------------ lass/1systems/test-centos6.nix | 30 ------------------------------ lass/1systems/test-centos7.nix | 31 ------------------------------- 3 files changed, 97 deletions(-) delete mode 100644 lass/1systems/test-arch.nix delete mode 100644 lass/1systems/test-centos6.nix delete mode 100644 lass/1systems/test-centos7.nix (limited to 'lass') diff --git a/lass/1systems/test-arch.nix b/lass/1systems/test-arch.nix deleted file mode 100644 index 0ab9da2f3..000000000 --- a/lass/1systems/test-arch.nix +++ /dev/null @@ -1,36 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - inherit (import ../4lib { inherit pkgs lib; }) getDefaultGateway; - inherit (lib) head; - -in { - imports = [ - ../2configs/base.nix - { - boot.loader.grub = { - device = "/dev/sda"; - splashImage = null; - }; - - boot.initrd.availableKernelModules = [ - "ata_piix" - "vmw_pvscsi" - ]; - - fileSystems."/" = { - device = "/dev/sda1"; - }; - } - { - networking.dhcpcd.allowInterfaces = [ - "enp*" - ]; - } - { - sound.enable = false; - } - ]; - - krebs.build.host = config.krebs.hosts.test-arch; -} diff --git a/lass/1systems/test-centos6.nix b/lass/1systems/test-centos6.nix deleted file mode 100644 index 7270c2262..000000000 --- a/lass/1systems/test-centos6.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - inherit (import ../4lib { inherit pkgs lib; }) getDefaultGateway; - inherit (lib) head; - - ip = "168.235.148.52"; -in { - imports = [ - ../2configs/base.nix - ../2configs/os-templates/CAC-CentOS-6.5-64bit.nix - { - networking.interfaces.enp11s0.ip4 = [ - { - address = ip; - prefixLength = 24; - } - ]; - networking.defaultGateway = getDefaultGateway ip; - networking.nameservers = [ - "8.8.8.8" - ]; - } - { - sound.enable = false; - } - ]; - - krebs.build.host = config.krebs.hosts.test-centos6; -} diff --git a/lass/1systems/test-centos7.nix b/lass/1systems/test-centos7.nix deleted file mode 100644 index 91bd3e0fe..000000000 --- a/lass/1systems/test-centos7.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - inherit (import ../4lib { inherit pkgs lib; }) getDefaultGateway; - inherit (lib) head; - - ip = "168.235.145.85"; -in { - imports = [ - ../2configs/base.nix - ../2configs/os-templates/CAC-CentOS-7-64bit.nix - { - networking.interfaces.enp2s1.ip4 = [ - { - address = ip; - prefixLength = 24; - } - ]; - networking.defaultGateway = getDefaultGateway ip; - networking.nameservers = [ - "8.8.8.8" - ]; - - } - { - sound.enable = false; - } - ]; - - krebs.build.host = config.krebs.hosts.test-centos7; -} -- cgit v1.2.3 From 07dca519636f07ee4887e14e0e9a9739ec9f8034 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 13 Nov 2015 14:53:26 +0100 Subject: l 5 go -> k 5 go --- lass/5pkgs/default.nix | 7 +++--- lass/5pkgs/go/default.nix | 57 ---------------------------------------------- lass/5pkgs/go/packages.nix | 44 ----------------------------------- 3 files changed, 3 insertions(+), 105 deletions(-) delete mode 100644 lass/5pkgs/go/default.nix delete mode 100644 lass/5pkgs/go/packages.nix (limited to 'lass') diff --git a/lass/5pkgs/default.nix b/lass/5pkgs/default.nix index 844d68a45..b3857ce97 100644 --- a/lass/5pkgs/default.nix +++ b/lass/5pkgs/default.nix @@ -5,15 +5,14 @@ let in rec { - bitlbee-dev = callPackage ./bitlbee-dev.nix {}; - bitlbee-steam = callPackage ./bitlbee-steam.nix { inherit bitlbee-dev; }; - bitlbee = callPackage ./bitlbee.nix { inherit bitlbee-steam; }; + #bitlbee-dev = callPackage ./bitlbee-dev.nix {}; + #bitlbee-steam = callPackage ./bitlbee-steam.nix { inherit bitlbee-dev; }; + #bitlbee = callPackage ./bitlbee.nix { inherit bitlbee-steam; }; firefoxPlugins = { noscript = callPackage ./firefoxPlugins/noscript.nix {}; ublock = callPackage ./firefoxPlugins/ublock.nix {}; vimperator = callPackage ./firefoxPlugins/vimperator.nix {}; }; - go = callPackage ./go/default.nix {}; newsbot-js = callPackage ./newsbot-js/default.nix {}; xmonad-lass = let src = pkgs.writeNixFromCabal "xmonad-lass.nix" ./xmonad-lass; in diff --git a/lass/5pkgs/go/default.nix b/lass/5pkgs/go/default.nix deleted file mode 100644 index 9dd166adc..000000000 --- a/lass/5pkgs/go/default.nix +++ /dev/null @@ -1,57 +0,0 @@ -{ stdenv, makeWrapper, lib, buildEnv, fetchgit, nodePackages, nodejs }: - -with lib; - -let - np = nodePackages.override { - generated = ./packages.nix; - self = np; - }; - - node_env = buildEnv { - name = "node_env"; - paths = [ - np.redis - np."formidable" - ]; - pathsToLink = [ "/lib" ]; - ignoreCollisions = true; - }; - -in nodePackages.buildNodePackage { - name = "go"; - - src = fetchgit { - url = "http://cgit.echelon/go/"; - rev = "05d02740e0adbb36cc461323647f0c1e7f493156"; - sha256 = "6015c9a93317375ae8099c7ab982df0aa93a59ec2b48972e253887bb6ca0004f"; - }; - - phases = [ - "unpackPhase" - "installPhase" - ]; - - deps = (filter (v: nixType v == "derivation") (attrValues np)); - - buildInputs = [ - nodejs - makeWrapper - ]; - - installPhase = '' - mkdir -p $out/bin - - cp index.js $out/ - cat > $out/go << EOF - ${nodejs}/bin/node $out/index.js - EOF - chmod +x $out/go - - wrapProgram $out/go \ - --prefix NODE_PATH : ${node_env}/lib/node_modules - - ln -s $out/go /$out/bin/go - ''; - -} diff --git a/lass/5pkgs/go/packages.nix b/lass/5pkgs/go/packages.nix deleted file mode 100644 index 9acfd7658..000000000 --- a/lass/5pkgs/go/packages.nix +++ /dev/null @@ -1,44 +0,0 @@ -{ self, fetchurl, fetchgit ? null, lib }: - -{ - by-spec."formidable"."*" = - self.by-version."formidable"."1.0.17"; - by-version."formidable"."1.0.17" = self.buildNodePackage { - name = "formidable-1.0.17"; - version = "1.0.17"; - bin = false; - src = fetchurl { - url = "http://registry.npmjs.org/formidable/-/formidable-1.0.17.tgz"; - name = "formidable-1.0.17.tgz"; - sha1 = "ef5491490f9433b705faa77249c99029ae348559"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - "formidable" = self.by-version."formidable"."1.0.17"; - by-spec."redis"."*" = - self.by-version."redis"."2.1.0"; - by-version."redis"."2.1.0" = self.buildNodePackage { - name = "redis-2.1.0"; - version = "2.1.0"; - bin = false; - src = fetchurl { - url = "http://registry.npmjs.org/redis/-/redis-2.1.0.tgz"; - name = "redis-2.1.0.tgz"; - sha1 = "38acb208f90750250f9451219b73ff08ae907f94"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - "redis" = self.by-version."redis"."2.1.0"; -} -- cgit v1.2.3 From 88e0f5b0370efe9b93493c21d487917a29e44a1c Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 13 Nov 2015 14:54:52 +0100 Subject: l 2 base: nixpkgs 7ae05ed -> 8d1ce12 --- lass/2configs/base.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/base.nix b/lass/2configs/base.nix index a76ed4d6b..61023057b 100644 --- a/lass/2configs/base.nix +++ b/lass/2configs/base.nix @@ -48,7 +48,7 @@ with lib; source = { git.nixpkgs = { url = https://github.com/Lassulus/nixpkgs; - rev = "7ae05edcdd14f6ace83ead9bf0d114e97c89a83a"; + rev = "8d1ce129361312334bf914ce0d27e463cb0bb21b"; }; dir.secrets = { host = config.krebs.hosts.mors; -- cgit v1.2.3 From 2e2e5196d149379643244f92239f88f5d2eb2237 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 13 Nov 2015 14:56:37 +0100 Subject: l: use bitlbee plugin architecture from nixpkgs --- lass/2configs/bitlbee.nix | 16 ++++------ lass/5pkgs/bitlbee-dev.nix | 20 ------------- lass/5pkgs/bitlbee-steam.nix | 31 ------------------- lass/5pkgs/bitlbee.nix | 71 -------------------------------------------- lass/5pkgs/default.nix | 3 -- 5 files changed, 6 insertions(+), 135 deletions(-) delete mode 100644 lass/5pkgs/bitlbee-dev.nix delete mode 100644 lass/5pkgs/bitlbee-steam.nix delete mode 100644 lass/5pkgs/bitlbee.nix (limited to 'lass') diff --git a/lass/2configs/bitlbee.nix b/lass/2configs/bitlbee.nix index fa14c7fea..b23628dc5 100644 --- a/lass/2configs/bitlbee.nix +++ b/lass/2configs/bitlbee.nix @@ -1,16 +1,12 @@ { config, pkgs, ... }: -let - lpkgs = import ../5pkgs { inherit pkgs; }; -in { - - imports = [ - ../3modules/bitlbee.nix - ]; - - lass.bitlbee = { +{ + services.bitlbee = { enable = true; - bitlbeePkg = lpkgs.bitlbee; portNumber = 6666; + plugins = [ + pkgs.bitlbee-facebook + pkgs.bitlbee-steam + ]; }; } diff --git a/lass/5pkgs/bitlbee-dev.nix b/lass/5pkgs/bitlbee-dev.nix deleted file mode 100644 index dd129591e..000000000 --- a/lass/5pkgs/bitlbee-dev.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ fetchurl, stdenv, gnutls, glib, pkgconfig, check, libotr, python }: - -stdenv.mkDerivation rec { - name = "bitlbee-3.4.1"; - - src = fetchurl { - url = "mirror://bitlbee/src/${name}.tar.gz"; - sha256 = "1qf0ypa9ba5jvsnpg9slmaran16hcc5fnfzbb1sdch1hjhchn2jh"; - }; - - buildInputs = [ gnutls glib pkgconfig libotr python ]; - - buildPhase = ""; - - installPhase = '' - make install-dev - ''; - -} - diff --git a/lass/5pkgs/bitlbee-steam.nix b/lass/5pkgs/bitlbee-steam.nix deleted file mode 100644 index d869eaac5..000000000 --- a/lass/5pkgs/bitlbee-steam.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ stdenv, fetchgit, autoconf, automake, bitlbee-dev, glib, libgcrypt, libtool, pkgconfig }: - -stdenv.mkDerivation rec { - name = "bitlbee-steam-1.3.1"; - - src = fetchgit { - url = "https://github.com/jgeboski/bitlbee-steam"; - rev = "439d777c7e8d06712ffc15c3e51d61799f4c0d0c"; - sha256 = "493924da1083a3b23073c595a9e1989a7ae09a196524ad66ca99c4d8ccc20d2a"; - }; - - buildInputs = [ - autoconf - automake - bitlbee-dev - glib - libgcrypt - libtool - pkgconfig - ]; - - configurePhase = '' - ./autogen.sh - ''; - - installPhase = '' - mkdir -p $out - cp steam/.libs/steam.la $out/ - cp steam/.libs/steam.so $out/ - ''; -} diff --git a/lass/5pkgs/bitlbee.nix b/lass/5pkgs/bitlbee.nix deleted file mode 100644 index 2a5a8d86d..000000000 --- a/lass/5pkgs/bitlbee.nix +++ /dev/null @@ -1,71 +0,0 @@ -{ fetchurl, stdenv, gnutls, glib, pkgconfig, check, libotr, python - , bitlbee-facebook ? null - , bitlbee-steam ? null -}: - -with stdenv.lib; -stdenv.mkDerivation rec { - name = "bitlbee-3.4.1"; - - src = fetchurl { - url = "mirror://bitlbee/src/${name}.tar.gz"; - sha256 = "1qf0ypa9ba5jvsnpg9slmaran16hcc5fnfzbb1sdch1hjhchn2jh"; - }; - - - buildInputs = [ gnutls glib pkgconfig libotr python ] - ++ optional doCheck check; - - configureFlags = [ - "--gcov=1" - "--otr=1" - "--ssl=gnutls" - ]; - - postBuild = '' - ${if (bitlbee-steam != null) then - '' - mkdir -p $out/lib/bitlbee/ - find ${bitlbee-steam} - cp ${bitlbee-steam}/* $out/lib/bitlbee/ - '' - else - "" - } - ''; - #${concatMapStringsSep "\n" ([] ++ - # (if (bitlbee-facebook != null) then - # "cp ${bitlbee-faceook}/* $out/" - # else - # "" - # ) ++ - # (if (bitlbee-steam != null) then - # "cp ${bitlbee-steam}/* $out/" - # else - # "" - # ) - #)} - - doCheck = true; - - meta = { - description = "IRC instant messaging gateway"; - - longDescription = '' - BitlBee brings IM (instant messaging) to IRC clients. It's a - great solution for people who have an IRC client running all the - time and don't want to run an additional MSN/AIM/whatever - client. - - BitlBee currently supports the following IM networks/protocols: - XMPP/Jabber (including Google Talk), MSN Messenger, Yahoo! - Messenger, AIM and ICQ. - ''; - - homepage = http://www.bitlbee.org/; - license = licenses.gpl2Plus; - - maintainers = with maintainers; [ wkennington pSub ]; - platforms = platforms.gnu; # arbitrary choice - }; -} diff --git a/lass/5pkgs/default.nix b/lass/5pkgs/default.nix index b3857ce97..2b9582912 100644 --- a/lass/5pkgs/default.nix +++ b/lass/5pkgs/default.nix @@ -5,9 +5,6 @@ let in rec { - #bitlbee-dev = callPackage ./bitlbee-dev.nix {}; - #bitlbee-steam = callPackage ./bitlbee-steam.nix { inherit bitlbee-dev; }; - #bitlbee = callPackage ./bitlbee.nix { inherit bitlbee-steam; }; firefoxPlugins = { noscript = callPackage ./firefoxPlugins/noscript.nix {}; ublock = callPackage ./firefoxPlugins/ublock.nix {}; -- cgit v1.2.3 From f2e4288052b8b21e45a577fde8b8761e6295be5a Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 13 Nov 2015 14:57:19 +0100 Subject: l 2 weechat: bring everything up2date --- lass/2configs/weechat.nix | 31 +++++++++++++++++++++++-------- 1 file changed, 23 insertions(+), 8 deletions(-) (limited to 'lass') diff --git a/lass/2configs/weechat.nix b/lass/2configs/weechat.nix index cfcc1a2f6..18007ed61 100644 --- a/lass/2configs/weechat.nix +++ b/lass/2configs/weechat.nix @@ -1,22 +1,37 @@ { config, lib, pkgs, ... }: -with lib; { - imports = [ - ../3modules/per-user.nix - ]; - - lass.per-user.chat.packages = [ + krebs.per-user.chat.packages = [ pkgs.weechat pkgs.tmux ]; users.extraUsers.chat = { home = "/home/chat"; + uid = 986764891; # genid chat useDefaultShell = true; createHome = true; - openssh.authorizedKeys.keys = map readFile [ - ../../krebs/Zpubkeys/lass.ssh.pub + openssh.authorizedKeys.keys = [ + config.krebs.users.lass.pubkey ]; }; + + #systemd.services.chat = { + # description = "chat environment setup"; + # after = [ "network.target" ]; + # wantedBy = [ "multi-user.target" ]; + + # path = with pkgs; [ + # weechat + # tmux + # ]; + + # restartIfChanged = true; + + # serviceConfig = { + # User = "chat"; + # Restart = "always"; + # ExecStart = "${pkgs.tmux}/bin/tmux new -s IM weechat"; + # }; + #}; } -- cgit v1.2.3 From a1142b25c62e4009e56b881234829fb734196d93 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 13 Nov 2015 14:57:51 +0100 Subject: l 1 prism: import weechat.nix --- lass/1systems/prism.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass') diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index 85021887f..599f4704e 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -11,6 +11,7 @@ in { ../2configs/git.nix ../2configs/ts3.nix ../2configs/bitlbee.nix + ../2configs/weechat.nix { users.extraGroups = { # ● systemd-tmpfiles-setup.service - Create Volatile Files and Directories -- cgit v1.2.3 From 452f8d8e23b14d10158e748c222228a6704f9a11 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 14 Nov 2015 14:11:38 +0100 Subject: l 3: remove bitlbee --- lass/3modules/bitlbee.nix | 153 ---------------------------------------------- lass/3modules/default.nix | 1 - 2 files changed, 154 deletions(-) delete mode 100644 lass/3modules/bitlbee.nix (limited to 'lass') diff --git a/lass/3modules/bitlbee.nix b/lass/3modules/bitlbee.nix deleted file mode 100644 index 8ce560146..000000000 --- a/lass/3modules/bitlbee.nix +++ /dev/null @@ -1,153 +0,0 @@ -{ config, lib, pkgs, ... }: - - -let - - inherit (lib) - mkIf - mkOption - types - singleton - ; - - authModeCheck = v: - v == "Open" || - v == "Closed" || - v == "Registered" - ; - - bitlbeeConfig = pkgs.writeText "bitlbee.conf" '' - [settings] - RunMode = Daemon - User = bitlbee - ConfigDir = ${cfg.configDir} - DaemonInterface = ${cfg.interface} - DaemonPort = ${toString cfg.portNumber} - AuthMode = ${cfg.authMode} - ${lib.optionalString (cfg.hostName != "") "HostName = ${cfg.hostName}"} - ${lib.optionalString (cfg.protocols != "") "Protocols = ${cfg.protocols}"} - ${cfg.extraSettings} - - [defaults] - ${cfg.extraDefaults} - ''; - - cfg = config.lass.bitlbee; - - out = { - options.lass.bitlbee = api; - config = mkIf cfg.enable imp; - }; - - api = { - enable = mkOption { - default = false; - description = '' - Whether to run the BitlBee IRC to other chat network gateway. - Running it allows you to access the MSN, Jabber, Yahoo! and ICQ chat - networks via an IRC client. - ''; - }; - - interface = mkOption { - default = "127.0.0.1"; - description = '' - The interface the BitlBee deamon will be listening to. If `127.0.0.1', - only clients on the local host can connect to it; if `0.0.0.0', clients - can access it from any network interface. - ''; - }; - - portNumber = mkOption { - default = 6667; - description = '' - Number of the port BitlBee will be listening to. - ''; - }; - - authMode = mkOption { - default = "Open"; - type = types.addCheck types.str authModeCheck; - description = '' - The following authentication modes are available: - Open -- Accept connections from anyone, use NickServ for user authentication. - Closed -- Require authorization (using the PASS command during login) before allowing the user to connect at all. - Registered -- Only allow registered users to use this server; this disables the register- and the account command until the user identifies himself. - ''; - }; - - hostName = mkOption { - default = ""; - type = types.str; - description = '' - Normally, BitlBee gets a hostname using getsockname(). If you have a nicer - alias for your BitlBee daemon, you can set it here and BitlBee will identify - itself with that name instead. - ''; - }; - - configDir = mkOption { - default = "/var/lib/bitlbee"; - type = types.path; - description = '' - Specify an alternative directory to store all the per-user configuration - files. - ''; - }; - - protocols = mkOption { - default = ""; - type = types.str; - description = '' - This option allows to remove the support of protocol, even if compiled - in. If nothing is given, there are no restrictions. - ''; - }; - - extraSettings = mkOption { - default = ""; - description = '' - Will be inserted in the Settings section of the config file. - ''; - }; - - extraDefaults = mkOption { - default = ""; - description = '' - Will be inserted in the Default section of the config file. - ''; - }; - - bitlbeePkg = mkOption { - default = pkgs.bitlbee; - description = '' - the bitlbee pkg to use. - ''; - }; - }; - - imp = { - users.extraUsers = singleton { - name = "bitlbee"; - uid = config.ids.uids.bitlbee; - description = "BitlBee user"; - home = "/var/lib/bitlbee"; - createHome = true; - }; - - users.extraGroups = singleton { - name = "bitlbee"; - gid = config.ids.gids.bitlbee; - }; - - systemd.services.bitlbee = { - description = "BitlBee IRC to other chat networks gateway"; - after = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; - serviceConfig.User = "bitlbee"; - serviceConfig.ExecStart = "${cfg.bitlbeePkg}/sbin/bitlbee -F -n -c ${bitlbeeConfig}"; - }; - }; - -in -out diff --git a/lass/3modules/default.nix b/lass/3modules/default.nix index 7c85af3a4..0dcad971c 100644 --- a/lass/3modules/default.nix +++ b/lass/3modules/default.nix @@ -2,7 +2,6 @@ _: { imports = [ ./xresources.nix - ./bitlbee.nix ./folderPerms.nix ./newsbot-js.nix ./per-user.nix -- cgit v1.2.3 From ff3dc90d1c1ced94bf4105febee7cb9afd687064 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 14 Nov 2015 17:54:45 +0100 Subject: l 3 dnsmasq: remove dead code --- lass/3modules/dnsmasq.nix | 7 ------- 1 file changed, 7 deletions(-) (limited to 'lass') diff --git a/lass/3modules/dnsmasq.nix b/lass/3modules/dnsmasq.nix index 99c165479..83a9cb180 100644 --- a/lass/3modules/dnsmasq.nix +++ b/lass/3modules/dnsmasq.nix @@ -25,13 +25,6 @@ let configFile = pkgs.writeText "dnsmasq.conf" cfg.config; imp = { - #users.extraUsers.go = { - # name = "go"; - # uid = 42774411; #genid go - # description = "go url shortener user"; - # home = "/var/lib/go"; - # createHome = true; - #}; systemd.services.dnsmasq = { description = "dnsmasq"; -- cgit v1.2.3 From 5fde514b88336b3ed00d41ef2e72ad4e2da23deb Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 12 Dec 2015 17:50:33 +0100 Subject: l 3: add fetchWallpaper.nix --- lass/3modules/default.nix | 1 + lass/3modules/fetchWallpaper.nix | 89 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 90 insertions(+) create mode 100644 lass/3modules/fetchWallpaper.nix (limited to 'lass') diff --git a/lass/3modules/default.nix b/lass/3modules/default.nix index 0dcad971c..5fa5160ee 100644 --- a/lass/3modules/default.nix +++ b/lass/3modules/default.nix @@ -8,5 +8,6 @@ _: ./urxvtd.nix ./xresources.nix ./wordpress_nginx.nix + ./fetchWallpaper.nix ]; } diff --git a/lass/3modules/fetchWallpaper.nix b/lass/3modules/fetchWallpaper.nix new file mode 100644 index 000000000..9baebedbd --- /dev/null +++ b/lass/3modules/fetchWallpaper.nix @@ -0,0 +1,89 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.lass.fetchWallpaper; + + out = { + options.lass.fetchWallpaper = api; + config = mkIf cfg.enable imp; + }; + + api = { + enable = mkEnableOption "fetch wallpaper"; + predicate = mkOption { + type = with types; nullOr path; + default = null; + }; + url = mkOption { + type = types.str; + }; + timerConfig = mkOption { + type = types.unspecified; + default = { + OnCalendar = "*:00,10,20,30,40,50"; + }; + }; + stateDir = mkOption { + type = types.str; + default = "/tmp/wallpaper"; + }; + display = mkOption { + type = types.str; + default = ":11"; + }; + }; + + fetchWallpaperScript = pkgs.writeScript "fetchWallpaper" '' + #! ${pkgs.bash}/bin/bash + ${if (cfg.predicate == null) then "" else '' + ${cfg.predicate} + if [ $? -ne 0 ]; then + echo "predicate failed" + exit 23 + fi + ''} + mkdir -p ${shell.escape cfg.stateDir} + curl -s -o ${shell.escape cfg.stateDir}/wallpaper -z ${shell.escape cfg.stateDir}/wallpaper ${shell.escape cfg.url} + feh --no-fehbg --bg-scale ${shell.escape cfg.stateDir}/wallpaper + ''; + + imp = { + users.extraUsers.fetchWallpaper = { + name = "fetchWallpaper"; + uid = 3332383611; #genid fetchWallpaper + description = "fetchWallpaper user"; + home = "/var/empty"; + }; + + systemd.timers.fetchWallpaper = { + description = "fetch wallpaper timer"; + wantedBy = [ "timers.target" ]; + + timerConfig = cfg.timerConfig; + }; + systemd.services.fetchWallpaper = { + description = "fetch wallpaper"; + after = [ "network.target" ]; + + path = with pkgs; [ + curl + feh + ]; + + environment = { + URL = cfg.url; + DISPLAY = cfg.display; + }; + + restartIfChanged = true; + + serviceConfig = { + Type = "simple"; + ExecStart = fetchWallpaperScript; + User = "fetchWallpaper"; + }; + }; + }; +in out -- cgit v1.2.3 From 576483bc63e1c6e5531f90ebd2133a29a7923943 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 12 Dec 2015 17:56:49 +0100 Subject: l 2 base: remove video permission for gm --- lass/2configs/base.nix | 2 ++ 1 file changed, 2 insertions(+) (limited to 'lass') diff --git a/lass/2configs/base.nix b/lass/2configs/base.nix index 61023057b..fa5ee4f19 100644 --- a/lass/2configs/base.nix +++ b/lass/2configs/base.nix @@ -17,6 +17,7 @@ with lib; root = { openssh.authorizedKeys.keys = [ config.krebs.users.lass.pubkey + config.krebs.users.uriel.pubkey ]; }; mainUser = { @@ -30,6 +31,7 @@ with lib; ]; openssh.authorizedKeys.keys = [ config.krebs.users.lass.pubkey + config.krebs.users.uriel.pubkey ]; }; }; -- cgit v1.2.3 From 866c9f69d9e6233fd2f39a8dbee4e7facf365d55 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 12 Dec 2015 17:58:21 +0100 Subject: l 1 prism: add juiceSSH key for chat --- lass/1systems/prism.nix | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'lass') diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index 599f4704e..d65f4a185 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -116,6 +116,11 @@ in { { predicate = "-p tcp --dport 8080"; target = "ACCEPT";} ]; } + { + users.users.chat.openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDJJKlOeAHyi7lToCqRF/hdA2TrtVbrTUd2ayuWsXe9JWiyeyKH/LNY3SrgxCWPZSItE9VK68ghMuVYK/A8IAcgzNhzFYLDxmtsidjiOJBj2ZGsjqevoQ5HuKB/pob8CLW3dr1Rx38Any/XXxpfeO6vemCJMGLTe5gSlrCI+Tk1qNt0Rz+rke73Hwt9wW39g8X3prF2q9ryL9OFCcsoYUE7PIOV9xM1GaDFfTR4bKux7HyFKmG+rBvmJHB5OPW8UAtVZGY/FIChwlmF6QNO5Zym497bG1RCOGplaLpRXVJrmoUkZUO7EazePPxIjz2duWYqFtwl5R9YGy1+a+F58G19DS7wJHM29td117/ZANjRTxE5q/aJm2okJYOVSqhYzdhji+BWVZ5ai7cktpAdtPo++yiZN90LvogXNB64kFxVGuX52xZcA3KLKmvrd47o9k0pzO+oCoArxPFIx0YkHfy/yw7OG8Z+KLK8l9WXWBZO5TpjcydnEcRZ8OEqVhtmDh+9h1zhPphuFBtT1JPbt8m132RUy23qsNRtZ/lnnfQbrxgHPRzVuvA8o4ahOEUdvV9SYnzKb6qMFXGp25EhlcWnR4/toyG6I3paBtByeHkaxjgCuvm9Hob6f/xFr3kEJ4WXTVguyrcFgNg2EcEfdkrTMhNn9OIHEFFQ8whIBv5jlw== JuiceSSH" + ]; + } ]; krebs.build.host = config.krebs.hosts.prism; -- cgit v1.2.3 From 1e81cb2151336859eed949bb6d8a17a93960bf10 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 12 Dec 2015 17:58:58 +0100 Subject: l 1 prism: set timezone to Europe/Berlin --- lass/1systems/prism.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'lass') diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index d65f4a185..fe9967837 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -121,6 +121,9 @@ in { "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDJJKlOeAHyi7lToCqRF/hdA2TrtVbrTUd2ayuWsXe9JWiyeyKH/LNY3SrgxCWPZSItE9VK68ghMuVYK/A8IAcgzNhzFYLDxmtsidjiOJBj2ZGsjqevoQ5HuKB/pob8CLW3dr1Rx38Any/XXxpfeO6vemCJMGLTe5gSlrCI+Tk1qNt0Rz+rke73Hwt9wW39g8X3prF2q9ryL9OFCcsoYUE7PIOV9xM1GaDFfTR4bKux7HyFKmG+rBvmJHB5OPW8UAtVZGY/FIChwlmF6QNO5Zym497bG1RCOGplaLpRXVJrmoUkZUO7EazePPxIjz2duWYqFtwl5R9YGy1+a+F58G19DS7wJHM29td117/ZANjRTxE5q/aJm2okJYOVSqhYzdhji+BWVZ5ai7cktpAdtPo++yiZN90LvogXNB64kFxVGuX52xZcA3KLKmvrd47o9k0pzO+oCoArxPFIx0YkHfy/yw7OG8Z+KLK8l9WXWBZO5TpjcydnEcRZ8OEqVhtmDh+9h1zhPphuFBtT1JPbt8m132RUy23qsNRtZ/lnnfQbrxgHPRzVuvA8o4ahOEUdvV9SYnzKb6qMFXGp25EhlcWnR4/toyG6I3paBtByeHkaxjgCuvm9Hob6f/xFr3kEJ4WXTVguyrcFgNg2EcEfdkrTMhNn9OIHEFFQ8whIBv5jlw== JuiceSSH" ]; } + { + time.timeZone = "Europe/Berlin"; + } ]; krebs.build.host = config.krebs.hosts.prism; -- cgit v1.2.3 From e59542f12d269f4f10b1f32f2f58e3c26c27585a Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 12 Dec 2015 18:04:51 +0100 Subject: l 2: add teamviewer.nix --- lass/2configs/teamviewer.nix | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 lass/2configs/teamviewer.nix (limited to 'lass') diff --git a/lass/2configs/teamviewer.nix b/lass/2configs/teamviewer.nix new file mode 100644 index 000000000..48053d7db --- /dev/null +++ b/lass/2configs/teamviewer.nix @@ -0,0 +1,6 @@ +{ config, lib, pkgs, ... }: + +with lib; +{ + services.teamviewer.enable = true; +} -- cgit v1.2.3 From c8b82b0336f0913c70b5d1e51b0c1194ba9570d4 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 12 Dec 2015 18:05:19 +0100 Subject: l 2: add libvirt.nix --- lass/2configs/libvirt.nix | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 lass/2configs/libvirt.nix (limited to 'lass') diff --git a/lass/2configs/libvirt.nix b/lass/2configs/libvirt.nix new file mode 100644 index 000000000..368722e77 --- /dev/null +++ b/lass/2configs/libvirt.nix @@ -0,0 +1,22 @@ +{ config, pkgs, ... }: + +let + mainUser = config.users.extraUsers.mainUser; + +in { + virtualisation.libvirtd.enable = true; + + users.extraUsers = { + libvirt = { + uid = 358821352; # genid libvirt + description = "user for running libvirt stuff"; + home = "/home/libvirt"; + useDefaultShell = true; + extraGroups = [ "libvirtd" "audio" ]; + createHome = true; + }; + }; + security.sudo.extraConfig = '' + ${mainUser.name} ALL=(libvirt) NOPASSWD: ALL + ''; +} -- cgit v1.2.3 From 717c6f4adec48ac65050c693fd0722cd93355e81 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 12 Dec 2015 18:20:50 +0100 Subject: l 3: add nginx site modules --- lass/3modules/owncloud_nginx.nix | 215 ++++++++++++++++++++++++++++++++++++++ lass/3modules/static_nginx.nix | 49 +++++++++ lass/3modules/wordpress_nginx.nix | 66 ++++++++++-- 3 files changed, 319 insertions(+), 11 deletions(-) create mode 100644 lass/3modules/owncloud_nginx.nix create mode 100644 lass/3modules/static_nginx.nix (limited to 'lass') diff --git a/lass/3modules/owncloud_nginx.nix b/lass/3modules/owncloud_nginx.nix new file mode 100644 index 000000000..a0db87b0b --- /dev/null +++ b/lass/3modules/owncloud_nginx.nix @@ -0,0 +1,215 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.lass.owncloud; + + out = { + options.lass.owncloud = api; + config = imp; + }; + + api = mkOption { + type = with types; attrsOf (submodule ({ config, ... }: { + options = { + domain = mkOption { + type = str; + default = config._module.args.name; + }; + dataDir = mkOption { + type = str; + default = "${config.folder}/data"; + }; + dbUser = mkOption { + type = str; + default = replaceStrings ["."] ["_"] config.domain; + }; + dbName = mkOption { + type = str; + default = replaceStrings ["."] ["_"] config.domain; + }; + dbType = mkOption { + # TODO: check for valid dbType + type = str; + default = "mysql"; + }; + folder = mkOption { + type = str; + default = "/srv/http/${config.domain}"; + }; + auto = mkOption { + type = bool; + default = false; + }; + instanceid = mkOption { + type = str; + }; + ssl = mkOption { + type = bool; + default = false; + }; + }; + })); + default = {}; + }; + + user = config.services.nginx.user; + group = config.services.nginx.group; + + imp = { + krebs.nginx.servers = flip mapAttrs cfg ( name: { domain, folder, ... }: { + server-names = [ + "${domain}" + "www.${domain}" + ]; + locations = [ + (nameValuePair "/" '' + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + + try_files $uri $uri/ /index.php; + '') + (nameValuePair "~ \.php$" '' + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include ${pkgs.nginx}/conf/fastcgi.conf; + fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_pass unix:${folder}/phpfpm.pool; + '') + (nameValuePair "~ /\\." '' + deny all; + '') + ]; + extraConfig = '' + root ${folder}/; + #index index.php; + access_log /tmp/nginx_acc.log; + error_log /tmp/nginx_err.log; + + # set max upload size + client_max_body_size 10G; + fastcgi_buffers 64 4K; + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 /core/templates/403.php; + error_page 404 /core/templates/404.php; + ''; + }); + services.phpfpm.poolConfigs = flip mapAttrs cfg (name: { domain, folder, ... }: '' + listen = ${folder}/phpfpm.pool + user = ${user} + group = ${group} + pm = dynamic + pm.max_children = 5 + pm.start_servers = 2 + pm.min_spare_servers = 1 + pm.max_spare_servers = 3 + listen.owner = ${user} + listen.group = ${group} + # errors to journal + php_admin_value[error_log] = 'stderr' + php_admin_flag[log_errors] = on + catch_workers_output = yes + ''); + #systemd.services = flip mapAttrs' cfg (name: { domain, folder, dbName, dbUser, dbType, dataDir, instanceid, ... }: { + # name = "owncloudInit-${name}"; + # value = { + # path = [ + # pkgs.mysql + # pkgs.su + # pkgs.gawk + # pkgs.jq + # ]; + # requiredBy = [ "nginx.service" ]; + # serviceConfig = let + # php.define = name: value: + # "define(${php.newdoc name}, ${php.newdoc value});"; + # php.toString = x: + # "'${x}'"; + # php.newdoc = s: + # let b = "EOF${builtins.hashString "sha256" s}"; in + # ''<<<'${b}' + # ${s} + # ${b} + # ''; + # in { + # Type = "oneshot"; + # ExecStart = pkgs.writeScript "wordpressInit" '' + # #!/bin/sh + # set -euf + # oc_secrets=${shell.escape "${toString }/${domain}/oc-secrets"} + # db_password=$(cat ${shell.escape "${toString }/${domain}/sql-db-pw"}) + # get_secret() { + # echo "'$1' => $(jq -r ."$1" "$oc_secrets" | to_php_string)," + # } + # to_php_string() { + # echo "base64_decode('$(base64)')" + # } + # { + # cat ${toString } + # password=$(cat ${shell.escape (toString ())}) + # # TODO passwordhash=$(su nobody_oc -c mysql <<< "SELECT PASSWORD($(toSqlString <<< "$password"));") + # # TODO as package pkgs.sqlHashPassword + # # TODO not using mysql + # # SET SESSION sql_mode = 'NO_BACKSLASH_ESCAPES'; + # passwordhash=$(su nobody_oc -c 'mysql -u nobody --silent' <<< "SELECT PASSWORD('$db_password');") + # user=${shell.escape dbUser}@localhost + # database=${shell.escape dbName} + # cat << EOF + # CREATE DATABASE IF NOT EXISTS $database; + # GRANT USAGE ON *.* TO $user IDENTIFIED BY PASSWORD '$passwordhash'; + # GRANT ALL PRIVILEGES ON $database.* TO $user; + # FLUSH PRIVILEGES; + # EOF + # } | mysql -u root -p + # # TODO nix2php for wp-config.php + # mkdir -p ${folder}/config + # cat > ${folder}/config/config.php << EOF + # 'localhost', + # 'dbtableprefix' => 'oc_', + # 'dbpassword' => '$db_password', + # 'installed' => 'true', + # 'trusted_domains' => + # array ( + # 0 => '${domain}', + # ), + # 'overwrite.cli.url' => 'http://${domain}', + + # ${concatStringsSep "\n" (mapAttrsToList (name: value: + # "'${name}' => $(printf '%s' ${shell.escape value} | to_php_string)," + # ) { + # instanceid = instanceid; + # datadirectory = dataDir; + # dbtype = dbType; + # dbname = dbName; + # dbuser = dbUser; + # })} + + # ${concatMapStringsSep "\n" (key: "$(get_secret ${shell.escape key})") [ + # "secret" + # "passwordsalt" + # ]} + # ); + # EOF + # ''; + # }; + # }; + #}); + users.users.nobody_oc = { + uid = 1651469147; # genid nobody_oc + useDefaultShell = true; + }; + }; + +in out diff --git a/lass/3modules/static_nginx.nix b/lass/3modules/static_nginx.nix new file mode 100644 index 000000000..cc2641af2 --- /dev/null +++ b/lass/3modules/static_nginx.nix @@ -0,0 +1,49 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.lass.staticPage; + + out = { + options.lass.staticPage = api; + config = imp; + }; + + api = mkOption { + type = with types; attrsOf (submodule ({ config, ... }: { + options = { + domain = mkOption { + type = str; + default = config._module.args.name; + }; + folder = mkOption { + type = str; + default = "/srv/http/${config.domain}"; + }; + }; + })); + default = {}; + }; + + user = config.services.nginx.user; + group = config.services.nginx.group; + + imp = { + krebs.nginx.servers = flip mapAttrs cfg ( name: { domain, folder, ... }: { + server-names = [ + "${domain}" + "www.${domain}" + ]; + locations = [ + (nameValuePair "/" '' + root ${folder}; + '') + (nameValuePair "~ /\\." '' + deny all; + '') + ]; + }); + }; + +in out diff --git a/lass/3modules/wordpress_nginx.nix b/lass/3modules/wordpress_nginx.nix index 65170698f..2f31f6e02 100644 --- a/lass/3modules/wordpress_nginx.nix +++ b/lass/3modules/wordpress_nginx.nix @@ -45,35 +45,70 @@ let type = bool; default = false; }; + multiSite = mkOption { + type = attrsOf str; + default = {}; + example = { + "0" = "bla.testsite.de"; + "1" = "test.testsite.de"; + }; + }; }; })); default = {}; }; - dataFolder = "/srv/http"; user = config.services.nginx.user; group = config.services.nginx.group; imp = { - krebs.nginx.servers = flip mapAttrs cfg ( name: { domain, ... }: { + #services.nginx.appendConfig = mkIf (cfg.multiSite != {}) '' + # map $http_host $blogid { + # ${concatStringsSep "\n" (mapAttrsToList (n: v: indent "v n;") multiSite)} + # } + #''; + + krebs.nginx.servers = flip mapAttrs cfg ( name: { domain, folder, multiSite, ... }: { server-names = [ "${domain}" "www.${domain}" ]; - locations = [ + #(mkIf (multiSite != {}) + #) + locations = (if (multiSite != {}) then + [ + (nameValuePair "~ ^/files/(.*)$" '' + try_files /wp-content/blogs.dir/$blogid/$uri /wp-includes/ms-files.php?file=$1 ; + '') + (nameValuePair "^~ /blogs.dir" '' + internal; + alias ${folder}/wp-content/blogs.dir ; + access_log off; log_not_found off; expires max; + '') + ] + else + [] + ) ++ + [ (nameValuePair "/" '' try_files $uri $uri/ /index.php?$args; '') (nameValuePair "~ \.php$" '' - fastcgi_pass unix:${dataFolder}/${domain}/phpfpm.pool; + fastcgi_pass unix:${folder}/phpfpm.pool; include ${pkgs.nginx}/conf/fastcgi.conf; '') (nameValuePair "~ /\\." '' deny all; '') + #Directives to send expires headers and turn off 404 error logging. + (nameValuePair "~* ^.+\.(xml|ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$" '' + access_log off; + log_not_found off; + expires max; + '') ]; extraConfig = '' - root ${dataFolder}/${domain}/; + root ${folder}/; index index.php; access_log /tmp/nginx_acc.log; error_log /tmp/nginx_err.log; @@ -81,8 +116,8 @@ let error_page 500 502 503 504 /50x.html; ''; }); - services.phpfpm.poolConfigs = flip mapAttrs cfg (name: { domain, ... }: '' - listen = ${dataFolder}/${domain}/phpfpm.pool + services.phpfpm.poolConfigs = flip mapAttrs cfg (name: { domain, folder, ... }: '' + listen = ${folder}/phpfpm.pool user = ${user} group = ${group} pm = dynamic @@ -97,7 +132,7 @@ let php_admin_flag[log_errors] = on catch_workers_output = yes ''); - systemd.services = flip mapAttrs' cfg (name: { domain, folder, charset, collate, dbName, dbUser, debug, ... }: { + systemd.services = flip mapAttrs' cfg (name: { domain, folder, charset, collate, dbName, dbUser, debug, multiSite, ... }: { name = "wordpressInit-${name}"; value = { path = [ @@ -175,6 +210,13 @@ let ]} \$table_prefix = 'wp_'; + + ${if (multiSite != {}) then + "define('WP_ALLOW_MULTISITE', true);" + else + "" + } + define('WP_DEBUG', ${toJSON debug}); if ( !defined('ABSPATH') ) define('ABSPATH', dirname(__FILE__) . '/'); @@ -186,10 +228,12 @@ let }; }; }); - users.users.nobody2 = { - uid = 125816384; # genid nobody2 - useDefaultShell = true; + users.users.nobody2 = mkDefault { + uid = mkDefault 125816384; # genid nobody2 + useDefaultShell = mkDefault true; }; }; + indent = replaceChars ["\n"] ["\n "]; + in out -- cgit v1.2.3 From ec8cd8502dd3439cf7c9f1069d875d0291a51130 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 12 Dec 2015 18:21:50 +0100 Subject: l 2: add websites --- lass/2configs/websites/domsen.nix | 35 +++++++++++++++++++++++++++ lass/2configs/websites/wohnprojekt-rhh.de.nix | 12 +++++++++ 2 files changed, 47 insertions(+) create mode 100644 lass/2configs/websites/domsen.nix create mode 100644 lass/2configs/websites/wohnprojekt-rhh.de.nix (limited to 'lass') diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix new file mode 100644 index 000000000..109c216c0 --- /dev/null +++ b/lass/2configs/websites/domsen.nix @@ -0,0 +1,35 @@ +{ config, pkgs, ... }: + +{ + imports = [ + ../../3modules/static_nginx.nix + ../../3modules/owncloud_nginx.nix + ../../3modules/wordpress_nginx.nix + ]; + + lass.staticPage = { + "karlaskop.de" = {}; + "makeup.apanowicz.de" = {}; + "pixelpocket.de" = {}; + "reich-gebaeudereinigung.de" = {}; + }; + + lass.owncloud = { + "o.ubikmedia.de" = { + instanceid = "oc8n8ddbftgh"; + }; + }; + + services.mysql = { + enable = true; + package = pkgs.mariadb; + rootPassword = toString (); + }; + + #lass.wordpress = { + # "ubikmedia.de" = { + # }; + #}; + +} + diff --git a/lass/2configs/websites/wohnprojekt-rhh.de.nix b/lass/2configs/websites/wohnprojekt-rhh.de.nix new file mode 100644 index 000000000..cd31450c5 --- /dev/null +++ b/lass/2configs/websites/wohnprojekt-rhh.de.nix @@ -0,0 +1,12 @@ +{ config, ... }: + +{ + imports = [ + ../../3modules/static_nginx.nix + ]; + + lass.staticPage = { + "wohnprojekt-rhh.de" = {}; + }; +} + -- cgit v1.2.3 From 75ab577d4922f3b57a890af668b9c0fb405a50b0 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 12 Dec 2015 18:22:09 +0100 Subject: l 1 mors: import stuff --- lass/1systems/mors.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'lass') diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index 7b91fa6be..4ba9df6f9 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -22,6 +22,9 @@ ../2configs/bitlbee.nix ../2configs/firefoxPatched.nix ../2configs/skype.nix + ../2configs/teamviewer.nix + ../2configs/libvirt.nix + ../2configs/fetchWallpaper.nix { #risk of rain port krebs.iptables.tables.filter.INPUT.rules = [ -- cgit v1.2.3 From 24105297bd9ff8af57befeb56f4ef42d439a531d Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 12 Dec 2015 18:22:47 +0100 Subject: l 1 prism: activate websites --- lass/1systems/prism.nix | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'lass') diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index fe9967837..95c55533c 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -124,6 +124,15 @@ in { { time.timeZone = "Europe/Berlin"; } + { + imports = [ + ../2configs/websites/wohnprojekt-rhh.de.nix + ../2configs/websites/domsen.nix + ]; + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p tcp --dport 80"; target = "ACCEPT"; } + ]; + } ]; krebs.build.host = config.krebs.hosts.prism; -- cgit v1.2.3 From 43613fa6fca279301fcf0d014c0c9f71f394d9a1 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 12 Dec 2015 18:23:32 +0100 Subject: l 2 base: nixpkgs 8d1ce12 -> 363c843 --- lass/2configs/base.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/base.nix b/lass/2configs/base.nix index fa5ee4f19..40f4e12c7 100644 --- a/lass/2configs/base.nix +++ b/lass/2configs/base.nix @@ -50,7 +50,7 @@ with lib; source = { git.nixpkgs = { url = https://github.com/Lassulus/nixpkgs; - rev = "8d1ce129361312334bf914ce0d27e463cb0bb21b"; + rev = "363c8430f1efad8b03d5feae6b3a4f2fe7b29251"; }; dir.secrets = { host = config.krebs.hosts.mors; -- cgit v1.2.3 From d567f9374529bf3fb2517ff270f8f0c973605722 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 12 Dec 2015 18:24:32 +0100 Subject: l 2 browsers: use writeScriptBin --- lass/2configs/browsers.nix | 20 +++++--------------- 1 file changed, 5 insertions(+), 15 deletions(-) (limited to 'lass') diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix index 849778a7a..580db8b2c 100644 --- a/lass/2configs/browsers.nix +++ b/lass/2configs/browsers.nix @@ -1,16 +1,6 @@ { config, lib, pkgs, ... }: let - simpleScript = name: content: - pkgs.stdenv.mkDerivation { - inherit name; - phases = [ "installPhase" ]; - installPhase = '' - mkdir -p $out/bin - ln -s ${pkgs.writeScript name content} $out/bin/${name} - ''; - }; - mainUser = config.users.extraUsers.mainUser; createChromiumUser = name: extraGroups: packages: { @@ -26,8 +16,8 @@ let ${mainUser.name} ALL=(${name}) NOPASSWD: ALL ''; environment.systemPackages = [ - (simpleScript name '' - sudo -u ${name} -i chromium $@ + (pkgs.writeScriptBin name '' + /var/setuid-wrappers/sudo -u ${name} -i chromium $@ '') ]; }; @@ -46,8 +36,8 @@ let ${mainUser.name} ALL=(${name}) NOPASSWD: ALL ''; environment.systemPackages = [ - (simpleScript name '' - sudo -u ${name} -i firefox $@ + (pkgs.writeScriptBin name '' + /var/setuid-wrappers/sudo -u ${name} -i firefox $@ '') ]; }; @@ -57,7 +47,7 @@ let in { environment.systemPackages = [ - (simpleScript "browser-select" '' + (pkgs.writeScriptBin "browser-select" '' BROWSER=$(echo -e "ff\ncr\nfb\ngm\nflash" | dmenu) $BROWSER $@ '') -- cgit v1.2.3 From f913904eba26b0819c7ed02c69ee09fb310f8478 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 12 Dec 2015 18:25:08 +0100 Subject: l 2 browsers: activate flash browser --- lass/2configs/browsers.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix index 580db8b2c..d36801863 100644 --- a/lass/2configs/browsers.nix +++ b/lass/2configs/browsers.nix @@ -60,7 +60,7 @@ in { ( createChromiumUser "cr" [ "audio" ] [ pkgs.chromium ] ) ( createChromiumUser "fb" [ ] [ pkgs.chromium ] ) ( createChromiumUser "gm" [ ] [ pkgs.chromium ] ) - # ( createChromiumUser "flash" [ ] [ pkgs.flash ] ) + ( createChromiumUser "flash" [ ] [ pkgs.flash ] ) ]; nixpkgs.config.packageOverrides = pkgs : { -- cgit v1.2.3 From e5d46002e5aded1780c3a00a28866a5569978335 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 12 Dec 2015 18:25:37 +0100 Subject: l 2 elster: use chromium package --- lass/2configs/elster.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'lass') diff --git a/lass/2configs/elster.nix b/lass/2configs/elster.nix index 1edd01896..e3a88c789 100644 --- a/lass/2configs/elster.nix +++ b/lass/2configs/elster.nix @@ -14,6 +14,9 @@ in { createHome = true; }; }; + krebs.per-user.elster.packages = [ + pkgs.chromium + ]; security.sudo.extraConfig = '' ${mainUser.name} ALL=(elster) NOPASSWD: ALL ''; -- cgit v1.2.3 From bd25fd61c8eaa780e827419760accd47140f9236 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 12 Dec 2015 18:27:17 +0100 Subject: l 2: add fetchWallpaper.nix --- lass/2configs/fetchWallpaper.nix | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 lass/2configs/fetchWallpaper.nix (limited to 'lass') diff --git a/lass/2configs/fetchWallpaper.nix b/lass/2configs/fetchWallpaper.nix new file mode 100644 index 000000000..effbd6c85 --- /dev/null +++ b/lass/2configs/fetchWallpaper.nix @@ -0,0 +1,11 @@ +{ config, pkgs, ... }: + +let + +in { + lass.fetchWallpaper = { + enable = true; + url = "echelon/wallpaper.png"; + }; +} + -- cgit v1.2.3 From 8bb93b93fdacdcca75176392ad9f66dd3b2dc6dc Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 12 Dec 2015 18:27:45 +0100 Subject: l 2 xserver: remove xmobar --- lass/2configs/xserver/default.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/xserver/default.nix b/lass/2configs/xserver/default.nix index ceccf5fee..da337f6a7 100644 --- a/lass/2configs/xserver/default.nix +++ b/lass/2configs/xserver/default.nix @@ -108,7 +108,6 @@ let pkgs.rxvt_unicode pkgs.i3lock pkgs.haskellPackages.yeganesh - pkgs.haskellPackages.xmobar pkgs.dmenu ] ++ config.environment.systemPackages)}:/var/setuid-wrappers settle() {( -- cgit v1.2.3 From 1b9a044b44d12096dbad27db3a44d5c911ec9eb4 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 12 Dec 2015 19:37:13 +0100 Subject: l 3 fetchWallpaper -> k 3 fetchWallpaper --- lass/2configs/fetchWallpaper.nix | 2 +- lass/3modules/default.nix | 1 - lass/3modules/fetchWallpaper.nix | 89 ---------------------------------------- 3 files changed, 1 insertion(+), 91 deletions(-) delete mode 100644 lass/3modules/fetchWallpaper.nix (limited to 'lass') diff --git a/lass/2configs/fetchWallpaper.nix b/lass/2configs/fetchWallpaper.nix index effbd6c85..9c27706cb 100644 --- a/lass/2configs/fetchWallpaper.nix +++ b/lass/2configs/fetchWallpaper.nix @@ -3,7 +3,7 @@ let in { - lass.fetchWallpaper = { + krebs.fetchWallpaper = { enable = true; url = "echelon/wallpaper.png"; }; diff --git a/lass/3modules/default.nix b/lass/3modules/default.nix index 5fa5160ee..0dcad971c 100644 --- a/lass/3modules/default.nix +++ b/lass/3modules/default.nix @@ -8,6 +8,5 @@ _: ./urxvtd.nix ./xresources.nix ./wordpress_nginx.nix - ./fetchWallpaper.nix ]; } diff --git a/lass/3modules/fetchWallpaper.nix b/lass/3modules/fetchWallpaper.nix deleted file mode 100644 index 9baebedbd..000000000 --- a/lass/3modules/fetchWallpaper.nix +++ /dev/null @@ -1,89 +0,0 @@ -{ config, lib, pkgs, ... }: - -with lib; - -let - cfg = config.lass.fetchWallpaper; - - out = { - options.lass.fetchWallpaper = api; - config = mkIf cfg.enable imp; - }; - - api = { - enable = mkEnableOption "fetch wallpaper"; - predicate = mkOption { - type = with types; nullOr path; - default = null; - }; - url = mkOption { - type = types.str; - }; - timerConfig = mkOption { - type = types.unspecified; - default = { - OnCalendar = "*:00,10,20,30,40,50"; - }; - }; - stateDir = mkOption { - type = types.str; - default = "/tmp/wallpaper"; - }; - display = mkOption { - type = types.str; - default = ":11"; - }; - }; - - fetchWallpaperScript = pkgs.writeScript "fetchWallpaper" '' - #! ${pkgs.bash}/bin/bash - ${if (cfg.predicate == null) then "" else '' - ${cfg.predicate} - if [ $? -ne 0 ]; then - echo "predicate failed" - exit 23 - fi - ''} - mkdir -p ${shell.escape cfg.stateDir} - curl -s -o ${shell.escape cfg.stateDir}/wallpaper -z ${shell.escape cfg.stateDir}/wallpaper ${shell.escape cfg.url} - feh --no-fehbg --bg-scale ${shell.escape cfg.stateDir}/wallpaper - ''; - - imp = { - users.extraUsers.fetchWallpaper = { - name = "fetchWallpaper"; - uid = 3332383611; #genid fetchWallpaper - description = "fetchWallpaper user"; - home = "/var/empty"; - }; - - systemd.timers.fetchWallpaper = { - description = "fetch wallpaper timer"; - wantedBy = [ "timers.target" ]; - - timerConfig = cfg.timerConfig; - }; - systemd.services.fetchWallpaper = { - description = "fetch wallpaper"; - after = [ "network.target" ]; - - path = with pkgs; [ - curl - feh - ]; - - environment = { - URL = cfg.url; - DISPLAY = cfg.display; - }; - - restartIfChanged = true; - - serviceConfig = { - Type = "simple"; - ExecStart = fetchWallpaperScript; - User = "fetchWallpaper"; - }; - }; - }; -in out -- cgit v1.2.3 From c0786aee72507e08ab61b5e9391afb4e7fba76fa Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 12 Dec 2015 19:40:44 +0100 Subject: l 5 xmonad-lass: deactivate yeganesh, workspace0 --- lass/5pkgs/xmonad-lass/Main.hs | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) (limited to 'lass') diff --git a/lass/5pkgs/xmonad-lass/Main.hs b/lass/5pkgs/xmonad-lass/Main.hs index 10a3c5638..ce5afe33a 100644 --- a/lass/5pkgs/xmonad-lass/Main.hs +++ b/lass/5pkgs/xmonad-lass/Main.hs @@ -49,6 +49,7 @@ import XMonad.Stockholm.Pager import XMonad.Stockholm.Rhombus import XMonad.Stockholm.Shutdown + myTerm :: String myTerm = "urxvtc" @@ -65,6 +66,7 @@ main = getArgs >>= \case mainNoArgs :: IO () mainNoArgs = do + workspaces0 <- getWorkspaces0 xmonad' -- $ withUrgencyHookC dzenUrgencyHook { args = ["-bg", "magenta", "-fg", "magenta", "-h", "2"], duration = 500000 } -- urgencyConfig { remindWhen = Every 1 } @@ -74,6 +76,7 @@ mainNoArgs = do $ defaultConfig { terminal = myTerm , modMask = mod4Mask + , workspaces = workspaces0 , layoutHook = smartBorders $ myLayoutHook -- , handleEventHook = myHandleEventHooks <+> handleTimerEvent --, handleEventHook = handleTimerEvent @@ -100,16 +103,26 @@ xmonad' conf = do hPutStrLn stderr (displaySomeException e) xmonad conf +getWorkspaces0 :: IO [String] +getWorkspaces0 = + try (getEnv "XMONAD_WORKSPACES0_FILE") >>= \case + Left e -> warn (displaySomeException e) + Right p -> try (readFile p) >>= \case + Left e -> warn (displaySomeException e) + Right x -> case readEither x of + Left e -> warn e + Right y -> return y + where + warn msg = hPutStrLn stderr ("getWorkspaces0: " ++ msg) >> return [] displaySomeException :: SomeException -> String displaySomeException = displayException myKeyMap = - [ ("M4-", spawn "i3lock -i ~/lock.png -u" ) + [ ("M4-", spawn "/var/setuid-wrappers/slock") , ("M4-p", spawn "passmenu --type") - , ("M4-r", spawn "exe=$(yeganesh -x) && eval \"exec $exe\"") - -- , ("M4-r", io (readProcess "yeganesh" ["-x"] "" >>= putStrLn ) ) + --, ("M4-r", spawn "exe=$(yeganesh -x) && eval \"exec $exe\"") , ("", spawn "pactl -- set-sink-volume 0 +4%") , ("", spawn "pactl -- set-sink-volume 0 -4%") , ("", gridselectWorkspace myWSConfig W.view) -- cgit v1.2.3 [cgit] Unable to lock slot /tmp/cgit/c4000000.lock: No such file or directory (2)