From eb0d4361a218a8c9a9489829822a72601e941e2f Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 2 Oct 2019 11:48:16 +0200 Subject: krebs exim-smarthost: update eloop addresses --- krebs/2configs/exim-smarthost.nix | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/krebs/2configs/exim-smarthost.nix b/krebs/2configs/exim-smarthost.nix index 5dc24f1d..698e20da 100644 --- a/krebs/2configs/exim-smarthost.nix +++ b/krebs/2configs/exim-smarthost.nix @@ -25,12 +25,11 @@ in { in { "anmeldung@eloop.org" = eloop-ml; "brain@krebsco.de" = brain-ml; - "cfp@eloop.org" = eloop-ml; + "cfp2019@eloop.org" = eloop-ml; + "eloop2019@krebsco.de" = eloop-ml; "kontakt@eloop.org" = eloop-ml; "root@eloop.org" = eloop-ml; "youtube@eloop.org" = eloop-ml; - "eloop2016@krebsco.de" = eloop-ml; - "eloop2017@krebsco.de" = eloop-ml; "postmaster@krebsco.de" = spam-ml; # RFC 822 "lass@krebsco.de" = lass; "makefu@krebsco.de" = makefu; -- cgit v1.2.3 From 005d456ef42ca1a371131a558e834944ce2e616f Mon Sep 17 00:00:00 2001 From: Ingolf Wagner Date: Tue, 15 Oct 2019 16:27:10 +0200 Subject: external: remove kruck and add sterni to retiolum --- krebs/3modules/external/palo.nix | 23 ++++++++++------------- 1 file changed, 10 insertions(+), 13 deletions(-) diff --git a/krebs/3modules/external/palo.nix b/krebs/3modules/external/palo.nix index 05808714..e81dd9b5 100644 --- a/krebs/3modules/external/palo.nix +++ b/krebs/3modules/external/palo.nix @@ -28,31 +28,30 @@ in { }; }; }; - kruck = { + schasch = { owner = config.krebs.users.palo; nets = { retiolum = { - ip4.addr = "10.243.23.3"; + ip4.addr = "10.243.23.2"; tinc.port = 720; - aliases = [ - "kruck.r" - "video.kruck.r" - ]; + aliases = [ "schasch.r" ]; tinc.pubkey = tinc-for "palo"; }; }; + syncthing.id = "FLY7DHI-TJLEQBJ-JZNC4YV-NBX53Z2-ZBRWADL-BKSFXYZ-L4FMDVH-MOSEVAQ"; }; - schasch = { + sterni = { owner = config.krebs.users.palo; nets = { retiolum = { - ip4.addr = "10.243.23.2"; + ip4.addr = "10.243.23.3"; tinc.port = 720; - aliases = [ "schasch.r" ]; + aliases = [ + "sterni.r" + ]; tinc.pubkey = tinc-for "palo"; }; }; - syncthing.id = "FLY7DHI-TJLEQBJ-JZNC4YV-NBX53Z2-ZBRWADL-BKSFXYZ-L4FMDVH-MOSEVAQ"; }; workhorse = { owner = config.krebs.users.palo; @@ -79,9 +78,7 @@ in { }; users = { palo = { - }; - palo-pepe = { - pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCe3j1dk8o7e0cFn+RepOjdeYcS0YcG0d6NnsMoq8pjqzLRuvOVN4CmsuRo4UJtWOUVv8kIWLcegks2RXbKOSTFAnvEIpPlSmL3BgvFGmUiOmPw1w93yxdVnfd9kJ6SBNuS+kFspKPvOEV9yVpjTywKZ0qKWjRd89Vz2+8aFJ/R3hyE+YqpzlzYbrucEIXbEWESqnzrx61NrWwd1ueHj0RYMDBjIJjVfIIK3W32vQ//pYJio1di0PpOPK2Ya0yugSixymuQBvzCgaedVeLdJ0k1d7d5iVb4LjCR8zg0Jnf1RLfpqRrFYwMJpwuhtIEevfNrhzqZA58QgHO6iOg50FeaD5k1rlWfoOvX2rcV5iqCC9jClIfMKzePdm+MeVorBXp+bflOhyPJG+Qrz6NTE9Ohe5A71Z0bBa96MEoW1hyrLCn0+z+Cx5kt7n2QzAAa/VPNjRDZeHbsu26MrvViEoh+FcPqx4DUIUaDRs/TNIvMGAl14E6gur68AI01a0PZJ/gnqZeOJKuyz4pKT0nIcg0EvkjXM2uEJ9m8h4IBAqTUYMZYm7iJBfpbwT6ePxFfah4q960orBUwW87CyPu/wDGmDblQ7dpkuw+skpzNgOGzerDyGAGKOsjGfYZpqsv9303S2f7884NAIK1ohgpMELytEYpY4YNi2KQYfHhgoQRJ5w== palo@pepe"; + pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDBYNJVuyyZmc2pCkLWjhl0/hMMb7elmI81/9LAGtk8Tz4TmVderTMohwQkaTYznwPOPuKfU1sSMLCB8rYXdAO5nqWC4bGjXJ/+D8/UKfGjSqRQ7UkfpOF3NAm+pqUSFjaVXi1BWd+jxmsD0uRks0PyNSywZfgjn5LYpD3SpxyFy/17P/PJ9vX6PELjeYvNGH3l5cXDwYky3ZZJol7quBJ5yrA6I536A4wNDzg2ow+MRVu51/nIJdnbbsC/dDHgmdRWnStOzvsA+xSEMeKvLW3CaSPINr/bMGxOPrefr79bg59gkw9Wxp51fkx0o18N1liTRfWXau+GFNGMxFluELhfGXYOH9HLedLt8H38zs5vgJ9IY+tlOzMKud5njiNkuG503AiqY2H7coN7VeVA5+6L7tmwFbCMhPal4MS0VKHNBmCTDY5QMURYUajKiUh8n5IcbuTsPM+lEszm16g5iB+XQ1vpjza5ds6DRL1H6pUF/UpUzYUlqh2RnE+CyLsFO2MB/o72NoSWRfmn7/nsg6eEg/9kSn+dwj2ythjuEkMG28Yhm/XjaGnuAE/ZpIeRDozIQNGcHpzPHMd95olfNJW7+fLi+CvSFZa9l+tdS8PoRnCdHOsO4zvESJZ2rDn0Zt0Az6XNRJfYTABDlYPGCnWN4vmlnEJqQARSSiKBDhSgPw== palo@workout"; }; }; } -- cgit v1.2.3 From 2727ce115349ca65c5728acf846a537cb539a4c7 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 16 Oct 2019 09:21:17 +0200 Subject: tv: explicitly disable libinput --- tv/1systems/alnus/config.nix | 3 +++ tv/1systems/mu/config.nix | 1 + tv/1systems/querel/config.nix | 1 + 3 files changed, 5 insertions(+) diff --git a/tv/1systems/alnus/config.nix b/tv/1systems/alnus/config.nix index 949a98b2..d54d5fc2 100644 --- a/tv/1systems/alnus/config.nix +++ b/tv/1systems/alnus/config.nix @@ -65,10 +65,13 @@ with import ; enable = true; layout = "de"; xkbOptions = "eurosign:e"; + + libinput.enable = false; synaptics = { enable = true; twoFingerScroll = true; }; + desktopManager.xfce.enable = true; displayManager.auto = { enable = true; diff --git a/tv/1systems/mu/config.nix b/tv/1systems/mu/config.nix index 98332b2d..145c73c0 100644 --- a/tv/1systems/mu/config.nix +++ b/tv/1systems/mu/config.nix @@ -102,6 +102,7 @@ with import ; services.xserver.xkbOptions = "eurosign:e"; # TODO this is host specific + services.xserver.libinput.enable = false; services.xserver.synaptics = { enable = true; twoFingerScroll = true; diff --git a/tv/1systems/querel/config.nix b/tv/1systems/querel/config.nix index 6e7944cd..ac51f54e 100644 --- a/tv/1systems/querel/config.nix +++ b/tv/1systems/querel/config.nix @@ -68,6 +68,7 @@ with import ; services.xserver.layout = "de"; services.xserver.xkbOptions = "eurosign:e"; + services.xserver.libinput.enable = false; services.xserver.synaptics = { enable = true; twoFingerScroll = true; -- cgit v1.2.3 From 08f183cda3e61e94dbda359763daef665b211066 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 16 Oct 2019 11:52:05 +0200 Subject: l browsers: generate correct browser-select script --- lass/3modules/browsers.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/3modules/browsers.nix b/lass/3modules/browsers.nix index ccb108f8..0c77d4da 100644 --- a/lass/3modules/browsers.nix +++ b/lass/3modules/browsers.nix @@ -31,7 +31,7 @@ let else let name = (lib.head sortedPaths).name; - in pkgs.writeScriptBin "browser-select2" '' + in pkgs.writeScriptBin "browser-select" '' ${config.lass.xjail-bins.${name}}/bin/${name} "$@" '' ; -- cgit v1.2.3 From 8d7afcf703eba4b8757d778b2d2184c6c3c9e620 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 17 Oct 2019 16:59:12 +0200 Subject: l: remove deprecated users & keys --- krebs/3modules/lass/default.nix | 37 ------------------------ krebs/3modules/lass/pgp/helios.pgp | 51 ---------------------------------- krebs/3modules/lass/pgp/icarus.pgp | 51 ---------------------------------- krebs/3modules/lass/pgp/shodan.pgp | 30 -------------------- krebs/3modules/lass/ssh/daedalus.rsa | 1 - krebs/3modules/lass/ssh/helios.rsa | 1 - krebs/3modules/lass/ssh/icarus.rsa | 1 - krebs/3modules/lass/ssh/shodan.rsa | 1 - krebs/3modules/lass/ssh/uriel.rsa | 1 - krebs/3modules/lass/ssh/xerxes.ed25519 | 1 - lass/1systems/iso.nix | 2 -- lass/1systems/prism/config.nix | 5 ---- lass/2configs/default.nix | 2 -- lass/2configs/git.nix | 2 +- lass/2configs/ssh-cryptsetup.nix | 2 -- 15 files changed, 1 insertion(+), 187 deletions(-) delete mode 100644 krebs/3modules/lass/pgp/helios.pgp delete mode 100644 krebs/3modules/lass/pgp/icarus.pgp delete mode 100644 krebs/3modules/lass/pgp/shodan.pgp delete mode 100644 krebs/3modules/lass/ssh/daedalus.rsa delete mode 100644 krebs/3modules/lass/ssh/helios.rsa delete mode 100644 krebs/3modules/lass/ssh/icarus.rsa delete mode 100644 krebs/3modules/lass/ssh/shodan.rsa delete mode 100644 krebs/3modules/lass/ssh/uriel.rsa delete mode 100644 krebs/3modules/lass/ssh/xerxes.ed25519 diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index dc5c9ca3..30c7b085 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -664,42 +664,5 @@ in { mail = "lassulus@gmail.com"; pubkey = builtins.readFile ./ssh/android.rsa; }; - lass-helios = { - mail = "lass@helios.r"; - pubkey = builtins.readFile ./ssh/helios.rsa; - }; - lass-uriel = { - mail = "lass@uriel.r"; - pubkey = builtins.readFile ./ssh/uriel.rsa; - }; - lass-shodan = { - mail = "lass@shodan.r"; - pubkey = builtins.readFile ./ssh/shodan.rsa; - pgp.pubkeys.default = builtins.readFile ./pgp/shodan.pgp; - }; - lass-icarus = { - mail = "lass@icarus.r"; - pubkey = builtins.readFile ./ssh/icarus.rsa; - pgp.pubkeys.default = builtins.readFile ./pgp/icarus.pgp; - }; - lass-xerxes = { - mail = "lass@xerxes.r"; - pubkey = builtins.readFile ./ssh/xerxes.ed25519; - }; - lass-daedalus = { - mail = "lass@daedalus.r"; - pubkey = builtins.readFile ./ssh/daedalus.rsa; - }; - prism-repo-sync = { - pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKhpCKTnSq6VDJPB+0NiHu2ZxSKEIxHN6uPAPnbXYNCe"; - mail = "lass@prism.r"; - }; - mors-repo-sync = { - pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGv6N/UjFnX5vUicT9Sw0+3x4mR0760iaVWZ/JDtdV4h"; - mail = "lass@mors.r"; - }; - wine-mors = { - pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEKfTIKmbe1RjX1fjAn//08363zAsI0CijWnaYyAC842"; - }; }; } diff --git a/krebs/3modules/lass/pgp/helios.pgp b/krebs/3modules/lass/pgp/helios.pgp deleted file mode 100644 index dc6d07d6..00000000 --- a/krebs/3modules/lass/pgp/helios.pgp +++ /dev/null @@ -1,51 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- - -mQINBFm/8D0BEAC+kY6ELukGkQh4xJ+haYGYi6FdCCUgM+BqAXQ9s7FnzyrNCbTq -x5O2b3Np96NANCCWSMIcAIXt/AzfvxY7awtsFNlXolMMMEdkHbEXQCgJahK1P5iD -q7DWlwwXNy+oPdl7ZGtfhK+d698aI6eFS0SamElH4B4IFaGzSXC0ec1Cva+3QM1d -FPRmRByMllTxEcxI6P1gIAtZGXwPLPGVPYuoRQFM+3w+VPgBcWTLPYcLyvLj0r8o -Gv/JSyZHNEu5Rtyl+8G6/8W/u7+J4lzO4V6Y6+UPomvfyCkreqsQp/bB8Nw9LYN2 -zNttaxM5zu7FBY2e+OwFsxNC5nnIvSVY2qYUps6Lxuv1cxKY+3lZKhMcc8+p+j2g -QNdfys3Hk4fdZ5YBaQ/v30kS7ZpAkILCYw7g5HJ18pdoULNWYMUaJF/1Qim2mU72 -5wuCzwsWyA6BQFoBSlDPQ24ypGMVKynl6Xh3uGG/K1OcTvhUgzF3J+jcntOY698b -4Lum/zffWQsVuXZlroydMjtn7Pfr3W8nzLynhCTWruW8+irb/Qut8q04KjfR0UyE -hdc+kohQemfhk4y0CA0xuzRBRxagKo2LUFTUL312r2TZV+vLWtdToV3HzDuFJokq -FCxoVm/4M6BQQ3IxDHBVO6BmqIlAGq9cheao3t9XciERPMSHXZzZKV/3CQARAQAB -tA1sYXNzQGhlbGlvcy5yiQJOBBMBCAA4FiEEwAWygS5dtGA5vC/hQM6NxyLSe0oF -Alm/8D0CGwMFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQQM6NxyLSe0rm5hAA -jxqcevdjJt+b4FstIiiNhhjU62/9Tl4qoKgR1/BwAIfDoMWduPrw9ldQky36O923 -VMYKiZBoUzdXRLzL0ay/ewXdSONllUwnFLvil78SQOuJTe5JKM6N0IiEVSEhNjRr -zylFk7SpY2MOIc0p3eHutD4oq0PcWnOer5R1z7u0mVJRYVoJOu7IIxqj7jb8JRAh -FbLBbu2mFBcXMLKyWFCTB4nROeoTBcfKTnBuDYhaIEUCLo2RpMYqBJiVJvvFLglA -XowKFjuE/g5Yne2GB5zx1GVRkjZsE9mGL7L5mlyucMwYqWeJzkNfB7cz58ZFN9EG -9hzUlaEahPxnC6/AeF9ev/9/SF6bPM/nq36xBXj7W5lOewc5p5GigHkh94VN+bdw -/KluD5rUErO+v3ag+5Tr8FzjtbjlARRo/vz5YWRGS4yqGiXlUUchAPEzflLYxfD1 -CSH+i0eWMrm5t+BYiPZHL8DSbGI1BM5EhHZ69dS7bUAO1qL7oQObQv+755fLV6+q -+ir7GHuxtNma58PS+BDiWJnIqmDJ029u188YM4dGL+EWF2AS4cUh2y6CZCOq77Gt -NmMCZyQjg2KB1jsL5XHySB14/uN3vlSSz9V+ZT/sAK09Z4atfYNnMHBAbC00GSbH -VqQf+OIascVZWAzqExk4fjnVYjTaoIZHaNd5aT/61S25Ag0EWb/wPQEQAJwoiiHG -NhuBFBEjZYJsONfJayGE4qWSU//54gJaitSgDLV8G0NYQrxqSNAZMAux6g9BSSrD -s/LbN5U1KgKpLTHjiSXUFoQFZ44AeTSQkUeelbtMVz13ohjpDInkye3sM9Jr4Zw+ -wwgg3zRi49YR6EU78c81ehPjVyxBPg2mmguBShz1zn5r6GjzniU4p3P5Hwf5F+eu -kRekG9hlCbVz+Ibl8U/t1JQZBqSIX45svdIYqeal5LWSgUG4o8gbenggNFPi3Olz -IOoTRMGKe6HCjTzv+xML7Q9bCMkUdyIfrrG0QDj3g+VZmZYAXdKjLLujAAU18Sh0 -SekPenVE0DNvmB7HHw+Bo+4aq6wWC9+BDb31NpJzNY64zEuUZsnustEmAXM2UIKS -HRzfgnZRRyD99H128a95FNpZrG5H+QgpdTE4PxsZn6fFtCRy6/a/W79VfCdHCahz -ptthyMeE81uZ28VTBXOHgK8Wawt3xjJCRksCau3xNUgRuSPoAWUPY2tLrJ9wKbxp -uL4fY8x8M2d9G4U03DfQDGP9JUskqLThnJf7Jo42XTmkJd9hRBL0kMCIfolEcyEh -pSQqbevUnFRiipv1x90Tn9Cax06ZkHkovuyIniRve/MvX8mCzzlUv1bjVNC0d71+ -z3G8fXlhDZGCkLQu6M1MlmUZxu05UfQnk5kBABEBAAGJAjYEGAEIACAWIQTABbKB -Ll20YDm8L+FAzo3HItJ7SgUCWb/wPQIbDAAKCRBAzo3HItJ7SuI3D/0Y3A2+ZbeH -q3SCAXBs4yOv7cffT4KwDHIC2vp9I868xj0Fw9hCdN1X9Y6hfj6nilI4EKW5ozsg -xs1kqGlclqqpag5ZmFbD1y/DzEpgdlysDJPgdD9FlF0mN+tTS543d0SOyydD2N8X -el5h4T2VaEBYfwKoDyN7LnCtGoiUSE3Nw99BNJ7zGma+46NRUWjv1eByMMhxvXJF -ASKn4Ok1olhINH43tQ3TGx9XdG19GS0+OnyOlfdagKwma73A2caUAyjIXBrmR5NU -Pb3aiyMzxm6DpCupqWkQgCC/EG8HgYhPGJ6TAK2QfMWX1TjERcPGtVbTE7BbRNLd -LdaIuo+5ROVseBTYDC8VbACkV7eh1fVhUmpZa81uQotCRJ+jsYGT4Lyon44roSGn -7G+rYgS2yv/2JXSTMBa45MReEPCgkSwZ6u9jvbs7vWzao+4tILsgO9RqNw1kiN9o -LMLMVVCFmgNMCHxegmNIJYRryQkFZA5vQR2gPS3FYY3NfVGhFHMvsOK+jx415o2O -gF76EJcexglPWhyqBc5meyw1x6pjoPTNGLnFzH1rdyyYilUyFexy3TSam60Ov/Aj -cszX0D4M2Fnk9ncSq03ujflVYpVTNtkSVH0K9OY7rwjp78WycxiYzk1OQHogh18L -Du4S2e/am91kQGaz490BV9XNw4I70e4dQQ== -=gkzg ------END PGP PUBLIC KEY BLOCK----- diff --git a/krebs/3modules/lass/pgp/icarus.pgp b/krebs/3modules/lass/pgp/icarus.pgp deleted file mode 100644 index f41478a0..00000000 --- a/krebs/3modules/lass/pgp/icarus.pgp +++ /dev/null @@ -1,51 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- - -mQINBFpqAGEBEADWiwVYVFXuK9kM7Y1XFL70jb2ZAZBRIpcZF81URMDFhm6ulvHq -fEhXTpiKKmfnv5Mz6r6wAWLJFKOKZuEvg8NwplRrlBHMkR3iEx4+7sP/dVey7U6f -+gI61ytFHTOKr52gstPVdXO3xhNmdrAI1hFuF2DxoXKloz8tPP92dZcCdm7+5C+2 -KSYEBrIp/Zv1cjkbAFwek5y4ut65sBh/VM+RhSLbqwzyCxwfBE9QAJdIEiSmChql -Lcz6CToYrdXhOY0ykx+QhT092k/6Xh66JeZ63WVHGrF+SSabq5NNcbWi7EISioHd -N6JXZmbXMpS/BxgMe145e3mWnd3KOSeOxaiORqev8VOycjRQJfSm8Ky+GtWIyxp7 -rwEHbY8vlG2X9RMW5UxVmSRPWLykZoX0Xvmnrpwcohb5WdkuCp9NjqF0gDswU8do -bCqASfeWBvJAQkoAlMLU7YH+ymmeQcSVdLy4Jpv1fk5FocQBihTBnC1+ztt7Rm8m -8VGEpH1h174/z4Xn+bCkRZqopl9GlvpilLT8m8N8jdL7QLZJlQwrHVtima8Rg3XZ -TriW1Ha/NxHZ8nN7pbisqXHCrJB0szzu++yVeQ7Ebr7HA0tIHqDhqVR0s6a1g5AX -JYI8vCErowhvPf+BVCUYfmh5dJAY6tt9zrvCneaZ7ogPzOH9kRnZXYi7ZQARAQAB -tBZpY2FydXMgPGxhc3NAaWNhcnVzLnI+iQJOBBMBCAA4FiEEbimq9dgDayT9DrQy -FSODpr2bDFMFAlpqAGECGwMFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQFSOD -pr2bDFNVohAAiY6Pp4whrAIKwNkzqLkUl2SyQCVSGOce906jthKSixdfaUORZPdD -AnyYUmPyVpWxKYjZl7IfmDDo7D6m21tP8FxCRK8/oYAtz3uRK5b5sb0/5YR77O9+ -s65sNhU8jiHetUEHQ0Z9UJKfm1DpanJ37uIhVcye8BC8OuSD0v0s+hZ+2ZaN1qdn -qqCkujAILxOWo1ZDqpXfHaV11AotzlgyYmxlXzClsLB0SGhU7HUZesKETn3JUmrV -88kkpug8gn9MpTSPDIWsTeNUWpNhqdDRA+2TUygtpQSKzJC8sdkFaWkMrH3cF6wA -BZ+4tS2mRMQWq9BNMK+xnkWPvYO9e6v4ddXtlcVgGTUhSo+opCXza3dcXE5Xbv8x -a1T5HJSV0HQPTrlAUoXZveu7ZgYVO5SOTCm1jBNKX8WCmvO6yJRalxo9N/d6gswq -tKAGm9tlXpTXnG6tvebmSxjzjVwjbQMDJGy4Cj4bw0GGCdapDFrPidUDY/INmU7D -TWtNsAJlJRuu7ddxIVTspZ7rmDBAOhYzXxGuU3ntZFTiFm9BpCmHYWpeQ5EKuxhJ -mgxzC9wKDoS8NRKwt5ak/mX0vpXkJjF2Lrza0wCAZ1ZYWFNaehEwhNT51s9kZIi3 -w1v2z8xmu7VDq/n2sMRtMe7MVIOh1Nu7l/5Uqeb+EYnEc1NGZsFxcYK5Ag0EWmoA -YQEQALMaaF9HeDpeqDjDpxanjjIz4YXMZoMkXwrLS/Rn2mobG5lJzxU+1AkwXxTD -K45A0YHWsnAH1S8V9Gx+NlUMS/S/m9BruSXNohUKARIJLbltEM/EufOThjgfhW0Y -cLorZ1kOSZvORR9+Ctuq/RcvGFwyLB/4OpcGHUezTIcAkLUo0lKPS4HtT2ogSUIx -UstAMwEOSQIDR6sDDiS0BXNdlkKK6daLpH+snQMGP+ILAyRHGu1MlYkACDQZa5aP -9vpany7zC9Ls7vaewCevZCUJfs00VF72pdCRdBV8oPQqwPfhS+uSCV58WwWCqHTq -8PtxCVVzQdngOvScRvjrijtzlseyyTW3w9DPoDsQ16oM3y0kcnnv2hdfTVuv4+YK -9fVRIrWEAlU3cxud7iws9+vUO9GwyWy+epFLiCgNgJR/RVIIjcHUExn/XAcFStjw -QtW+3BxjYmdJpsh5wvmMJSMZDJFMEdKYPm4RI7ZfKVwl6yFeJt3hNkLxxF7k2fXB -84pIvl03hXA3tRQ5t46wS7L2EPlWT00+MCraczvbIS+SX1nCp4ZXLBs0YmicioBS -Os0zEtVs+80eWMf86MTT7YLwre4t+QRbM/RyIvJFTqBT3ad7/7ZMyEuVJBwDJlpx -LGwZGa6zwnbzcf8Us4kAIRzQoK8VOg/xC/ymJYCk3oJCKD9RABEBAAGJAjYEGAEI -ACAWIQRuKar12ANrJP0OtDIVI4OmvZsMUwUCWmoAYQIbDAAKCRAVI4OmvZsMU1vw -EACDJDmZR5BIPxwr9+1Z5ZgT7XcBUbu4F2w84J3xqCUYqcti6I4lSMtxfw94crMp -HoexOVOhvoTneIliv0a4ZSu84u4CGoFn4M7RA0Ka1SVvbuasXf57sVwRptXjr3LL -f/0olra5rkIyZbsvKm0g2N/bfmCfmtOClFDst2yK/FovW5PJBRx2mT38qBhHG8j2 -P7zG0/vO846FxjAGvOMGlEVGmN+R9BeecomOKsKgvUbsycAwzZi/2vWAUGbJBYjx -Yd+K8wjPE8g5CumxaLSH/dlY/0BOZygjank+aHLrwMtNnplYVJmmqDhdbgwN6DDk -cCQNLQyk61IdhtZ7UzJyFTkXnXiirrO4WzL6GJjunNzvcTUAU5vNiG+2he1GdxZF -WiLRrcC+oIMWVST8fNRwJZU+Ibw/UIfEV/rHau0fJlxZatks7Qd8gjxSHIyElUVj -CYrizbFPZ85IhkCirX2tvhycK/nseAYjDuJkJIp3Io0sl3cQ9M8Kx790LUbYzNC4 -bZn8vA1YwTr1ny3+vEhMhaaVSTeVrWYV8023kwzcLRWra7F1hJcc9+LNmqHvXR67 -uBW2KPIrXKrjJmGkMVBSrf9PJu5jNfvCWOntck7C7xOWoUcgyt3uTpP7FkHVdolh -HFNPouS3w0HoB20zdCpmyFNs6Rjhey2r5JIttd6ATVRVYA== -=gJia ------END PGP PUBLIC KEY BLOCK----- diff --git a/krebs/3modules/lass/pgp/shodan.pgp b/krebs/3modules/lass/pgp/shodan.pgp deleted file mode 100644 index 543b05b7..00000000 --- a/krebs/3modules/lass/pgp/shodan.pgp +++ /dev/null @@ -1,30 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- -Version: GnuPG v2 - -mQENBFc/U8EBCADaPobNwlm8oI3cVtDhsdHpW7gyNTloqM1JdUPoJ30kS8xIbKfF -U+UWEj+/G0hXg3jGpqsYKzCegLcZuvKrLuyWas3nFync/KeWjPpmQWh8h/AQ63gi -6FjikRS9iDHEnUBqXXymG6JOo9NrGX7viWcPx+rQzvXOFxVYt1JJY+Ki30tSL+0l -igJBJ+x2qndnlPZE9uyKjYC9+9NlZ04h5WOponTtgIddBlBPhIOAW+f5mBVeWuaK -8wPBY2z98ZIclwdTohCpBRjs/EAEhN+2djSjyJti2TARceMKV2ZLRoUh6bNqj3xV -Y4IkDe47dS8rRmH/xj+9odJjtlbFHDmtElcfABEBAAG0HWxhc3NAc2hvZGFuLnIg -PGxhc3NAc2hvZGFuLnI+iQE3BBMBCAAhBQJXP1PBAhsDBQsJCAcCBhUICQoLAgQW -AgMBAh4BAheAAAoJECOf1I8qjNLnWCsH/Rr70NVjCpqou5JRJqc9NMYJflH8qUSR -xxYsVXaLjf1sa5X0qbq1u5EaYQGsdP7qKuLggoom7CGBhG3WZnfhuLi9y2IXAFo8 -RprBmrTmXgpXqm8IrcWMDJUEwhjUn+x1iCnGUfmbUpIdBIj8HsCfDUmg+WT0GflT -9tfYR0v1vRzK6WWYEobP9abhZdjOHIS8cXDgFVREllKjjOcLzsB23I9g1nlvX3+W -J7iliC4s1OGvcpw0MHl/1KRpSBXK3we0WTNZLIJXr8W+BvURYxhVfbvgjHuv6K0h -J0a/me8nkh05pdRLLGL+C8eFjAXALnTIxgiVNGjtXBAR+/HN2//iG665AQ0EVz9T -wQEIAMsxDQ3Y5SL2gI1EjEuCc6RyTSBmsna9g/wKjzUbcB9zpEN9i85NDRvvfGn6 -ihxI9Z1rvn8zr8MKu9OcZB2XEQDriHUcS4IxnZzdbUIKOtR+1BjZvMKupbw+KHag -WoeUh+tfb50bEMy/Z6Mp5mLOyXMyyiGS3CHJ6sHUXTub6kuHQnAOqiMsqnegZMcS -sF+NpSNoSngC060jgh7fl4T8M3Vuv9NKGu9+0J48QR+LFsKe/7LwRQ9HFSH4sPeD -vQI1BEo4piXthwd6mUHCbish38H77PGO0kKHaJ0HkBu+3tKXP1JJdm9SiN+ypUIB -FyfLpaWf6pcc/0QX6qE4gL00MI0AEQEAAYkBHwQYAQgACQUCVz9TwQIbDAAKCRAj -n9SPKozS5w85B/4o2Zf7oLqjNmOu+YE0fNJmbGCETNotNnE/GToiejNAM9B/rYJe -qjM9/kq0GJKVfKKrBGA0YQy9O847TVW26gPeiEgS7DO1Dl9YiLJJVzUGlOPijTIJ -A3LmMCLU/M3+a/33HGjm7gYk+aRwqOwHeC+f1pder8InoC3ebWupfcQsWkwTVqZk -lrLzoywjqQcdjAYFJp1c0ZxXyrgOS4dIGMU+o+DDCyK/ry9UGd3ZacMqDsyWO51A -iXDMtvVsuxbIP5o3muF9kEX7hx4EF7+MzRI3FjYwlHLNw+v3OVhfOxuPSt71VOiC -G2aT2z4sz8+qbOIIG3JX99osG6v683lvDUCW -=s4OM ------END PGP PUBLIC KEY BLOCK----- diff --git a/krebs/3modules/lass/ssh/daedalus.rsa b/krebs/3modules/lass/ssh/daedalus.rsa deleted file mode 100644 index ad484797..00000000 --- a/krebs/3modules/lass/ssh/daedalus.rsa +++ /dev/null @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgF3311cZ/JV7lOzo/Crmy6pi0oBYu5klbTb8lU/Yic55XVRyYFtm+KGrNvqkcFgOx803aS7jogJ1N6HCdUAaEl5MzlkOX++h97ihZ/NeQZKDjYEEQYl4ElmIbCRiddpDm0HVX1OGSCtUzhlyDHJ8ieMCb+QVNrpwovlQnp53c/+Z6rGSZWgBMrzP7stlw+XjC1Alhi1M5L+bJfroa7cEcF+J5ZN+J2mWSmkPiQ6+iuk9zRkc5ELO1Vz4MsLoeKwbJrz+uuNVsY7u070pHtsLwbAsYU5vOWJeN/vtEwy51SY/so30FowvivTD9jIJ0xcmAdC56XjWaxttKuqUVBjJqhwqsUI6+AxLESekFXzkfghmG+AJPPkb2pvpVF3k0Ivn14bFBuFv0T2qPHq68Fs19WLTZn+dK3V+RfVkI6bEZaMOUezyBv59yFEY42wMISPw53jkaWqKIxyGCBECi3XlbeQ61FkwE9TElSY+NmoeMu6jPWw7XGDY4Jt6mtKiYu3hVqI5pg4hq3bxB8r2W7LnkDiYfArbzwmrc2zAmgJtY60/Pcwq7hP3LSDEuDDc4gYgpkLNwHjs+CLWqpbQffCFv+oOZj8G92if+dMBOUSBCr6FDqH6wLxZp2cfhud0p/0kLz09nv/PcRohOHdaQSEW7OAhJ5kgg3DuxhwUwOf/3UX5iLvm4WwE/mb7Iki4U3AENKHUWQ7TOrXcQq9AJX57e9CTI+N4phtzp9qur8vjVl2OpYl2Qb/0yQSGM+4wQ/nM4acePMk80oXLb3OJBlPp0CswzoI7kFBD0TUOnFTCkrJWPaZhgjQXyvCzgFKAvXgqWy4riczqLhdBAhc1vT3a18HsqKXE3mhJa6Kjl6r/ZQaDl2zw7uLmWTHhGuUI9w487L36extGuC3Tv8zEvu2UHqhdEcaSDzRQYcv1kRobfhTWjzFHzdA97Kkc+HuFfJk3MzchsjCxqIuDP4r5YauMBMHAIsUlP7Ar/t29WreAGJbCCd2oulkFL+P+8Sp6SksMMhKQvuRcj74n6BETfailv64z2FjT+qzkCsr/gzvWD08EJRZUCpidX2WfMoL396nBf+EgwhFykqoFg2jlJJ7Vggod8CSHUSeBkslhNk/tkv4y+NnsAIgNluVZlxIeKj1UgazohSNQVRHozs2lkuK0Ytl4TsFrE0X3ar7LpwEVvCLj3eh2kg4kNKNN/vOwWxvMlF9uCBq5FUHaBCst/OXeigjfGZ0ZK5iHsZN+R/iIlG+3V3VN1Rm29aPJPSuAgwl/lfPUfUP5c8QiwnDgdHqMi7VcuCpEtcTLjqDHBssqosRTLodcIZY6qLepm5kQgJ2FfcTPi+ZwT3Z/IFH6p/H7NeVbb8rVYeF/zqDJiWbI+gDy0xFnGgOLpFSBdHq679FjtjZk7Exgz3rVD+QsoSB8VYVOSqpHB1LQyQ2qBry+33CNpxlX5GaaLx5sbEKEguaJ+9R7Mbf8zQMa8EAXhqoT96kIj66IEk= lass@daedalus diff --git a/krebs/3modules/lass/ssh/helios.rsa b/krebs/3modules/lass/ssh/helios.rsa deleted file mode 100644 index 58f81726..00000000 --- a/krebs/3modules/lass/ssh/helios.rsa +++ /dev/null @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgGZE0z5+0A42GHI2VYrN9Ra60EwlKqARZUi9e0pbiQxwKi42Y3+Jy2UIAB9rUW51Pw0K6L2FzHZyk9w4fMWjAB+OSaGi8CViGOrBmP8Xm0TSd6a725RSOKTH1jv4u54W6+VQcZpe4RepsuasvN4Rd3FYz1O0ffiroPYS0Hs7ui3HG5rZZsz+FArJ/s2mL525P9VQwMlCAdrepWXgGSPSa/ogmhMCSRttV5R0WCnvXYA4aq45scxjxIWXu/Y/FggslSpRGEnRChHiua5kPWqREC1eNbMOjYJc7OxDIZjzcwHcDHH3U1oIBEjNY8UqMFy3t87cm0BTH9yA6qQnkexCmbRGA0mnAJ1XskgL6KcZuYw+zRo6zVmnZCgRyheenBJhQy/28ZDSwCDBOayl6tAbWivesUZb0/nqucvbdRxTDd6nbSH8q8Cp1qZvP1yrhZ9X2m4Rm66UenHOPOEiyOoVQgfYb2EFHsYVN62shGcfaaL8g4rjUXsUJEheGX5ll5MOMSclUhI8Zk31APq/xuLGGIn+tipjOSX2OVZrSE+KkgitMxOOF1kx33IQGnBKQD8K/a9vVmpTrTAnfXR5oJrXp+XRZ3viXr0rUkG5KfS/zjL8ZC8ckeSkX75BLbPbimUa6TfA/lddipb76zOOOREiD4Sw+MkGDh5xnzwxMY05fjOUmk/v++WcOTTNyrknygdaC8Qx0Gv4Wxmcd+LzmIc5wZZjenwYhp4KpR55EIP966uBUcD+HlkHZnNNZUzOJA8NE+oPQbaM3qCuThe9q9hVYt08/rZ9ANwgb/ChCwEOYLNnofdgrvDb91qenwEUiE9wy79Dwgqh2SRAMN4ZTxRrVjw3potBMRuNc5HMDDXbKfGF1T6O+vBPpcQ8x+rztBDpF/lqjGqoCqyFNG/VnFHFZ5kjLkLmx6S69iRL7wg/KI1NA14tdSLJZ2qDqo5n8rbnGeAWTQB8ZgzhPO39fyOYGCdTJ8e2dIDEw8SUWaVsTnkc/PHOcGAMt2LrL6USszrLSQgU4ediPBWJjX4jk2wxLRPyBz8Z2QLWrsxV0bh1CstIsbBh1p8jMXAKJ+UXqzRWGR5T6d7lensqM0/uWqzu++w6/whQQh9Hzs6GX8l+ELMn0szkRaM9dZpAz5p9HHdYkANwsIIe8CPznRvudQ0CPManTQsjR8GZ3RjGx002VUdbDh5xx7P9Efsa6m8kkNCbUNMSHjmvC9M2sR5ww2WsnvpGBCU8sNYf4y9QvKI1LIYkG1MObhEKHyf5wxFp25bwHyxPkHGULhJKM/MdDT42flddEJCTEwiCPVuaJsr7Adr6Oni4kzY+S7CiP7YArM0v2Vg9mgVmi11koF9hcZ6zyyKAWVviDRLVIA0/eY66T/FiSS/g12zW1keuhFipNEWyZdD/r8LwfDpInAAqN5g65dx6eoyoB6AZatEwwsnn6zcDP51B1q0TC9Y+TXK5TSBE50oFxa2SLu4Gj7YOi1AoRqKxSPVktE= lass@helios diff --git a/krebs/3modules/lass/ssh/icarus.rsa b/krebs/3modules/lass/ssh/icarus.rsa deleted file mode 100644 index 1126c331..00000000 --- a/krebs/3modules/lass/ssh/icarus.rsa +++ /dev/null @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgEuFS5MwYQRF+0MKAQvyv6O+0ky0QnOKGMVZgFXE4g2JrByTCXQAeQmyJquM1wl9IRD63res8ZguMoAz2PkHfNbRSSsR7pH/G3DaJRl0VGf14zO3bjBbogQ45j1Bwxi78h44SDmuBAkp0t76ca16kWGhwEVt03+8sqmbLV90RjHZlrFw2sDgTu35SDz1q/ZzkdyFP3xSIBUnsQD64qRLMx64yLcBp0uu2h7gBBCVyA1T+VR3Nc1yIOyv0nUaqEHz+CDATtFlgGTgT6cCXoIPN0QAuIa3pDxt7htD/POsWuFbpbqrBQVcgun5s3J5X0OmNyoqGqqubcycvuYipZUjBCxyTb7RxCqj2oR8alSaeGZm64I0VSGX/iSCtXKaEJqBbxwNUgDH6B2oUeZbRwgPl/SG8vBku1oKzt/36IBoY8HttcosqLkfTquyyO7KVtOBu04geCmmiqJpSV4j5iYMxvrD0AQ3JJmrcbzUYoCGxlYO19TPsa+Ybhn/E8suach75+DIPj5LacYAh9Wjirw67Kg5QyYEt8XGTR2xxF78CFi0JGBRcyorPfFPLznmVntqJLe6dGNL3njgdD0Ocz8V5ktk1pjY5D2nG8GXfd45NQl2QjTLYnYX4dGuudBXth0nEJMv/MRHZrXVViIqwazdq4mA5z1Yu4Tb3l17d2cAZobzdut6JuZbd7itXAPIiY0vEWXr8lpEuE8Uz9mz8aPxZlhmHSXvNcwhq+i2+cFO8OPwUGbnE2cAHpymlQ3aDRgpptAIMU2LjIAblqsvA72asJpuRqu7ZOoy0vVRCOhktIzZXWR9hF5/CM/7NZ5skvHzYlmgkvnuu4jDDGusF32Zyiip0WJg+Iijqe8VpOqCup5UEF5QG32yQwaZDrKd71hq7Z1xNe0vEPN8yCxpes8hWafYY9m8YRrUduDVlOon7SzmdU76RPn2oF6udCGP7A/hEeRiwrDaRuIwchh99Xw3LioxXNzLYB1aXd+yKuZyhW+witC20ISdyZz7JPIrb49JCGH8FtbcDzD1B8Xd1By34POfhxriSr9UG5Hj9LGbA3/aKMOajZdcbrKXorUrKdhAuZv1z4rjW5iwYgXF2G/nseeCOw+DPEcB3GexsyCTUzSjJ6fy3Aqlzppwttx5MfkbNhPZWRCfDX3i0g8e0aFlgvlj99aGgUQeEpYg8peZhe1lxl25Ftc0R7pYmXPDeCY1yWxZiXZ3YtVVr43c/FEaQHXfkZ2I+t5lG6CmgJhhYjUry5Sx4/NgfBvpmU22cIBWNmyTn9q3gDFmeoIiTwlF654K7NnsWrdKr2L2fGI10Xe/J/GYkkzX39e5bToQPXh23gUfIr7faYEPBsVU/SaEkWNHojzf/NKjPT0utvlFr0HqnFYSdk4wpWzcrhii7E/UhgKvpA/k2Vlj4ZhkejfZXQWxRbJzejkVSJcUGim+Dt1WUZJXVOgEkJ3WA6z+ha2FN2sBDdvRKlad55aelvRrbu3/vPzEuE= lass@icarus diff --git a/krebs/3modules/lass/ssh/shodan.rsa b/krebs/3modules/lass/ssh/shodan.rsa deleted file mode 100644 index 36a8901f..00000000 --- a/krebs/3modules/lass/ssh/shodan.rsa +++ /dev/null @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDH31q4qmu8dbnu5BJMEW5CAMW9xlZg5dNTREy6vHE5OofmDEzi5YTBYr543ppGYQL/PzepChGl8RKZETeU+pnqTTHgnUh3KkOnX0GmpKgDgFgDrdVwyU137P6RyOo/kLvfbzAu1bFC5Q5hUDdbd5dDAQGN23wsRQxx1EI1uMrrMbMUKxpk/x5+AZi0JfAOY4SJNYIRfnim5v9jAt1JHeOjKy3sT3/ZEaJqK8DAKEHo0/kYyizWn5M7do5bw2+WpG/gHpdtTD0NlKwFUyMzhFJh4ahDt9FtExnmDA45rAcVSsinhUmrPqPwBKEnUxle5tw3A4YRHUvqhHTo6G852iiPHE0DUlCKsDJwr+lw3DXjK+HYOdKMFC6nsh4x+SFrwg6JKCXPzeCH2w7VP5xJGlb3YS+NcvbYWRbiqJ/M2hVdn/Atxq2VUAdKnrNtNW4ZYH6yJTGOkcXkyKJzcTj5JZIvJd1DL0pI9aGWNxnmfyOVMgaKfdafBqU/PB8RPPAZH9RCVRH0g+Cnu0NoJmkwKaq0K+z+FF9eNqVpNnYnjVLsPvjLIXCn8kJl4/2mimDlOarj/I9Hs+k0/gbzx4PKUS87+rUVA4Hfz+MltzZQUGoIBQxciAgVVh7zLrMgnPWwvqHnMKAQ9nzgme3A4ew2Ocyl30+skLstr9e08VqErguYSw== lass@shodan diff --git a/krebs/3modules/lass/ssh/uriel.rsa b/krebs/3modules/lass/ssh/uriel.rsa deleted file mode 100644 index 015b5783..00000000 --- a/krebs/3modules/lass/ssh/uriel.rsa +++ /dev/null @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDExWuRcltGM2FqXO695nm6/QY3wU3r1bDTyCpMrLfUSym7TxcXDSmZSWcueexPXV6GENuUfjJPZswOdWqIo5u2AXw9t0aGvwEDmI6uJ7K5nzQOsXIneGMdYuoOaAzWI8pxZ4N+lIP1HsOYttIPDp8RwU6kyG+Ud8mnVHWSTO13C7xC9vePnDP6b+44nHS691Zj3X/Cq35Ls0ISC3EM17jreucdP62L3TKk2R4NCm3Sjqj+OYEv0LAqIpgqSw5FypTYQgNByxRcIcNDlri63Q1yVftUP1338UiUfxtraUu6cqa2CdsHQmtX5mTNWEluVWO3uUKTz9zla3rShC+d3qvr lass@uriel diff --git a/krebs/3modules/lass/ssh/xerxes.ed25519 b/krebs/3modules/lass/ssh/xerxes.ed25519 deleted file mode 100644 index 87a40ca2..00000000 --- a/krebs/3modules/lass/ssh/xerxes.ed25519 +++ /dev/null @@ -1 +0,0 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGwCq56DGqj/kz8d8ax0xIl29jV9f3tUtDgtnCnS1b4q lass@xerxes diff --git a/lass/1systems/iso.nix b/lass/1systems/iso.nix index a814cc6b..a7b9f21b 100644 --- a/lass/1systems/iso.nix +++ b/lass/1systems/iso.nix @@ -52,8 +52,6 @@ with import ; root = { openssh.authorizedKeys.keys = [ config.krebs.users.lass.pubkey - config.krebs.users.lass-shodan.pubkey - config.krebs.users.lass-icarus.pubkey ]; }; }; diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index e957279e..f4c011dc 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -364,13 +364,8 @@ with import ; uid = genid "download"; openssh.authorizedKeys.keys = with config.krebs.users; [ lass.pubkey - lass-shodan.pubkey - lass-icarus.pubkey - lass-daedalus.pubkey - lass-helios.pubkey lass-android.pubkey makefu.pubkey - wine-mors.pubkey ]; }; }; diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index 27242b12..dcae2f3e 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -23,7 +23,6 @@ with import ; openssh.authorizedKeys.keys = [ config.krebs.users.lass-mors.pubkey config.krebs.users.lass-blue.pubkey - config.krebs.users.lass-xerxes.pubkey config.krebs.users.lass-yubikey.pubkey ]; }; @@ -42,7 +41,6 @@ with import ; openssh.authorizedKeys.keys = [ config.krebs.users.lass-mors.pubkey config.krebs.users.lass-blue.pubkey - config.krebs.users.lass-xerxes.pubkey config.krebs.users.lass-yubikey.pubkey ]; }; diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index ced0d795..eba68c0b 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -180,7 +180,7 @@ let with git // config.krebs.users; repo: singleton { - user = [ lass lass-mors lass-shodan lass-icarus lass-blue lass-xerxes ]; + user = [ lass lass-mors lass-blue lass-yubikey ]; repo = [ repo ]; perm = push "refs/*" [ non-fast-forward create delete merge ]; } ++ diff --git a/lass/2configs/ssh-cryptsetup.nix b/lass/2configs/ssh-cryptsetup.nix index c5e1c592..f08f85b4 100644 --- a/lass/2configs/ssh-cryptsetup.nix +++ b/lass/2configs/ssh-cryptsetup.nix @@ -8,8 +8,6 @@ authorizedKeys = with config.krebs.users; [ config.krebs.users.lass-mors.pubkey config.krebs.users.lass-blue.pubkey - config.krebs.users.lass-shodan.pubkey - config.krebs.users.lass-icarus.pubkey ]; }; }; -- cgit v1.2.3 From b4d549fe8f443a5c0f60da2aa9418625faafdb67 Mon Sep 17 00:00:00 2001 From: Jeschli Date: Mon, 21 Oct 2019 07:35:12 +0200 Subject: j emacs: synaptics -> libinput ; disableWhileTyping = True; --- jeschli/1systems/reagenzglas/config.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/jeschli/1systems/reagenzglas/config.nix b/jeschli/1systems/reagenzglas/config.nix index b56b76ac..73395583 100644 --- a/jeschli/1systems/reagenzglas/config.nix +++ b/jeschli/1systems/reagenzglas/config.nix @@ -49,7 +49,9 @@ isNormalUser = true; }; - services.xserver.synaptics.enable = true; +# services.xserver.synaptics.enable = true; + services.xserver.libinput.enable = true; + services.xserver.libinput.disableWhileTyping = true; #Enable ssh daemon services.openssh.enable = true; -- cgit v1.2.3 From b1ff2cdd351b07c4b8b6d62101057b6363712d23 Mon Sep 17 00:00:00 2001 From: Jeschli Date: Mon, 21 Oct 2019 07:40:55 +0200 Subject: j: add firefox overlay made by luis --- jeschli/1systems/reagenzglas/config.nix | 2 +- jeschli/2configs/firefox.nix | 53 +++ jeschli/2configs/overlays/firefox-with-config.nix | 488 +++++++++++++++++++++ .../audio-fingerprint-defender/default.nix | 40 ++ .../canvas-fingerprint-defender/default.nix | 40 ++ jeschli/2configs/own-pkgs/dark-reader/default.nix | 28 ++ .../own-pkgs/font-fingerprint-defender/default.nix | 40 ++ jeschli/2configs/own-pkgs/hopper/default.nix | 45 ++ .../2configs/own-pkgs/https-everywhere/default.nix | 29 ++ jeschli/2configs/own-pkgs/pyocclient/default.nix | 26 ++ jeschli/2configs/own-pkgs/rmount/default.nix | 34 ++ .../2configs/own-pkgs/ublock-origin/default.nix | 28 ++ .../own-pkgs/user-agent-switcher/default.nix | 40 ++ .../webgl-fingerprint-defender/default.nix | 40 ++ jeschli/2configs/own-pkgs/wl-clipboard/default.nix | 25 ++ 15 files changed, 957 insertions(+), 1 deletion(-) create mode 100644 jeschli/2configs/firefox.nix create mode 100644 jeschli/2configs/overlays/firefox-with-config.nix create mode 100644 jeschli/2configs/own-pkgs/audio-fingerprint-defender/default.nix create mode 100644 jeschli/2configs/own-pkgs/canvas-fingerprint-defender/default.nix create mode 100644 jeschli/2configs/own-pkgs/dark-reader/default.nix create mode 100644 jeschli/2configs/own-pkgs/font-fingerprint-defender/default.nix create mode 100644 jeschli/2configs/own-pkgs/hopper/default.nix create mode 100644 jeschli/2configs/own-pkgs/https-everywhere/default.nix create mode 100644 jeschli/2configs/own-pkgs/pyocclient/default.nix create mode 100644 jeschli/2configs/own-pkgs/rmount/default.nix create mode 100644 jeschli/2configs/own-pkgs/ublock-origin/default.nix create mode 100644 jeschli/2configs/own-pkgs/user-agent-switcher/default.nix create mode 100644 jeschli/2configs/own-pkgs/webgl-fingerprint-defender/default.nix create mode 100644 jeschli/2configs/own-pkgs/wl-clipboard/default.nix diff --git a/jeschli/1systems/reagenzglas/config.nix b/jeschli/1systems/reagenzglas/config.nix index 73395583..b6ae3c20 100644 --- a/jeschli/1systems/reagenzglas/config.nix +++ b/jeschli/1systems/reagenzglas/config.nix @@ -5,6 +5,7 @@ [ + ./desktop.nix ./i3-configuration.nix @@ -35,7 +36,6 @@ # $ nix search wget environment.systemPackages = with pkgs; [ wget vim git - firefox rofi ag ]; diff --git a/jeschli/2configs/firefox.nix b/jeschli/2configs/firefox.nix new file mode 100644 index 00000000..d171fa82 --- /dev/null +++ b/jeschli/2configs/firefox.nix @@ -0,0 +1,53 @@ +{ config, pkgs, ... }: + +let + + # Firefox addons + https-everywhere = pkgs.callPackage ./own-pkgs/https-everywhere {}; + ublock-origin = pkgs.callPackage ./own-pkgs/ublock-origin {}; + webgl-fingerprint-defender = pkgs.callPackage ./own-pkgs/webgl-fingerprint-defender {}; + canvas-fingerprint-defender = pkgs.callPackage ./own-pkgs/canvas-fingerprint-defender {}; + audio-fingerprint-defender = pkgs.callPackage ./own-pkgs/audio-fingerprint-defender {}; + font-fingerprint-defender = pkgs.callPackage ./own-pkgs/font-fingerprint-defender {}; + user-agent-switcher = pkgs.callPackage ./own-pkgs/user-agent-switcher {}; + dark-reader = pkgs.callPackage ./own-pkgs/dark-reader {}; + + wrapper = pkgs.callPackage ./overlays/firefox-with-config.nix { }; + myFirefox = wrapper pkgs.firefox-unwrapped { + + extraExtensions = [ + dark-reader + https-everywhere + ublock-origin + audio-fingerprint-defender + canvas-fingerprint-defender + webgl-fingerprint-defender + font-fingerprint-defender + user-agent-switcher + ]; + + extraPolicies = { + CaptivePortal = false; + }; + + disablePocket = true; + disableFirefoxSync = true; + allowNonSigned = true; + clearDataOnShutdown = true; + disableDrmPlugin = true; + +}; + +in { + + +environment.variables = { + BROWSER = ["firefox"]; +}; + + +environment.systemPackages = with pkgs; [ + myFirefox +]; + +} diff --git a/jeschli/2configs/overlays/firefox-with-config.nix b/jeschli/2configs/overlays/firefox-with-config.nix new file mode 100644 index 00000000..9be6250d --- /dev/null +++ b/jeschli/2configs/overlays/firefox-with-config.nix @@ -0,0 +1,488 @@ +{ stdenv, lib, pkgs, makeDesktopItem, makeWrapper, lndir, replace, config + +## various stuff that can be plugged in +, flashplayer, hal-flash +, MPlayerPlugin, ffmpeg, xorg, libpulseaudio, libcanberra-gtk2 +, jrePlugin, icedtea_web +, bluejeans, djview4, adobe-reader +, google_talk_plugin, fribid, gnome3/*.gnome-shell*/ +, esteidfirefoxplugin ? "" +, browserpass, chrome-gnome-shell, uget-integrator, plasma-browser-integration, bukubrow +, udev +, kerberos + +}: + +## configurability of the wrapper itself + +browser: + +let + wrapper = + { browserName ? browser.browserName or (builtins.parseDrvName browser.name).name + , name ? (browserName + "-" + (builtins.parseDrvName browser.name).version) + , desktopName ? # browserName with first letter capitalized + (lib.toUpper (lib.substring 0 1 browserName) + lib.substring 1 (-1) browserName) + , nameSuffix ? "" + , icon ? browserName + , extraPlugins ? [] + , extraPrefs ? "" + , extraExtensions ? [ ] + , allowNonSigned ? false + , disablePocket ? false + , disableTelemetry ? true + , disableDrmPlugin ? false + , showPunycodeUrls ? true + , disableFirefoxStudies ? true + , disableFirefoxSync ? false + , useSystemCertificates ? true + , dontCheckDefaultBrowser ? false + # For more information about anti tracking + # vist https://wiki.kairaven.de/open/app/firefox + , activateAntiTracking ? true + , disableFeedbackCommands ? true + , disableDNSOverHTTPS ? true + , disableGoogleSafebrowsing ? false + , clearDataOnShutdown ? false + , homepage ? "about:blank" + # For more information about policies visit + # https://github.com/mozilla/policy-templates#enterprisepoliciesenabled + , extraPolicies ? {} + , extraNativeMessagingHosts ? [] + , gdkWayland ? false + }: + + assert gdkWayland -> (browser ? gtk3); # Can only use the wayland backend if gtk3 is being used + + let + + # If extraExtensions has been set disable manual extensions + disableManualExtensions = if lib.count (x: true) extraExtensions > 0 then true else false; + + cfg = config.${browserName} or {}; + enableAdobeFlash = cfg.enableAdobeFlash or false; + ffmpegSupport = browser.ffmpegSupport or false; + gssSupport = browser.gssSupport or false; + jre = cfg.jre or false; + icedtea = cfg.icedtea or false; + supportsJDK = + stdenv.hostPlatform.system == "i686-linux" || + stdenv.hostPlatform.system == "x86_64-linux" || + stdenv.hostPlatform.system == "armv7l-linux" || + stdenv.hostPlatform.system == "aarch64-linux"; + + plugins = + assert !(jre && icedtea); + if builtins.hasAttr "enableVLC" cfg + then throw "The option \"${browserName}.enableVLC\" has been removed since Firefox no longer supports npapi plugins" + else + ([ ] + ++ lib.optional enableAdobeFlash flashplayer + ++ lib.optional (cfg.enableDjvu or false) (djview4) + ++ lib.optional (cfg.enableMPlayer or false) (MPlayerPlugin browser) + ++ lib.optional (supportsJDK && jre && jrePlugin ? mozillaPlugin) jrePlugin + ++ lib.optional icedtea icedtea_web + ++ lib.optional (cfg.enableGoogleTalkPlugin or false) google_talk_plugin + ++ lib.optional (cfg.enableFriBIDPlugin or false) fribid + ++ lib.optional (cfg.enableGnomeExtensions or false) gnome3.gnome-shell + ++ lib.optional (cfg.enableBluejeans or false) bluejeans + ++ lib.optional (cfg.enableAdobeReader or false) adobe-reader + ++ lib.optional (cfg.enableEsteid or false) esteidfirefoxplugin + ++ extraPlugins + ); + nativeMessagingHosts = + ([ ] + ++ lib.optional (cfg.enableBrowserpass or false) (lib.getBin browserpass) + ++ lib.optional (cfg.enableBukubrow or false) bukubrow + ++ lib.optional (cfg.enableGnomeExtensions or false) chrome-gnome-shell + ++ lib.optional (cfg.enableUgetIntegrator or false) uget-integrator + ++ lib.optional (cfg.enablePlasmaBrowserIntegration or false) plasma-browser-integration + ++ extraNativeMessagingHosts + ); + libs = lib.optional stdenv.isLinux udev + ++ lib.optional ffmpegSupport ffmpeg + ++ lib.optional gssSupport kerberos + ++ lib.optionals (cfg.enableQuakeLive or false) + (with xorg; [ stdenv.cc libX11 libXxf86dga libXxf86vm libXext libXt alsaLib zlib ]) + ++ lib.optional (enableAdobeFlash && (cfg.enableAdobeFlashDRM or false)) hal-flash + ++ lib.optional (config.pulseaudio or true) libpulseaudio; + gtk_modules = [ libcanberra-gtk2 ]; + + enterprisePolicies = + { + policies = { + DisableAppUpdate = true; + } // lib.optionalAttrs disableManualExtensions ( + { + ExtensionSettings = { + "*" = { + blocked_install_message = "You can't have manual extension mixed with nix extensions"; + installation_mode = "blocked"; + }; + + } // lib.foldr (e: ret: + ret // { + "${e.extid}" = { + installation_mode = "allowed"; + }; + } + ) {} extraExtensions; + } + ) // lib.optionalAttrs disablePocket ( + { + DisablePocket = true; + } + ) // lib.optionalAttrs disableTelemetry ( + { + DisableTelemetry = true; + } + ) // lib.optionalAttrs disableFirefoxStudies ( + { + DisableFirefoxStudies = true; + } + ) // lib.optionalAttrs disableFirefoxSync ( + { + DisableFirefoxAccounts = true; + } + ) // lib.optionalAttrs useSystemCertificates ( + { + # Disable useless firefox certificate store + Certificates = { + ImportEnterpriseRoots = true; + }; + } + ) // lib.optionalAttrs ( + if lib.count (x: true) extraExtensions > 0 then true else false) ( + { + # Don't try to update nix installed addons + DisableSystemAddonUpdate = true; + + # But update manually installed addons + ExtensionUpdate = false; + } + ) // lib.optionalAttrs dontCheckDefaultBrowser ( + { + DontCheckDefaultBrowser = true; + } + )// lib.optionalAttrs disableDNSOverHTTPS ( + { + DNSOverHTTPS = { + Enabled = false; + }; + } + ) // lib.optionalAttrs clearDataOnShutdown ( + { + SanitizeOnShutdown = true; + } + ) // lib.optionalAttrs disableFeedbackCommands ( + { + DisableFeedbackCommands = true; + } + ) // lib.optionalAttrs ( if homepage == "" then false else true) ( + { + Homepage = { + URL = homepage; + Locked = true; + }; + } + ) // extraPolicies ;} ; + + + extensions = builtins.map (a: + if ! (builtins.hasAttr "signed" a) || ! (builtins.isBool a.signed) then + throw "Addon ${a.pname} needs boolean attribute 'signed' " + else if ! (builtins.hasAttr "extid" a) || ! (builtins.isString a.extid) then + throw "Addon ${a.pname} needs a string attribute 'extid'" + else if a.signed == false && !allowNonSigned then + throw "Disable signature checking in firefox if you want ${a.pname} addon" + else a + ) extraExtensions; + + policiesJson = builtins.toFile "policies.json" + (builtins.toJSON enterprisePolicies); + + mozillaCfg = builtins.toFile "mozilla.cfg" '' + // First line must be a comment + + // Remove default top sites + lockPref("browser.newtabpage.pinned", ""); + lockPref("browser.newtabpage.activity-stream.default.sites", ""); + + // Deactivate first run homepage + lockPref("browser.startup.firstrunSkipsHomepage", false); + + // If true, don't show the privacy policy tab on first run + lockPref("datareporting.policy.dataSubmissionPolicyBypassNotification", true); + + ${ + if allowNonSigned == true then + ''lockPref("xpinstall.signatures.required", false)'' + else + "" + } + + ${ + if showPunycodeUrls == true then + '' + lockPref("network.IDN_show_punycode", true); + '' + else + "" + } + + ${ + if disableManualExtensions == true then + '' + lockPref("extensions.getAddons.showPane", false); + lockPref("extensions.htmlaboutaddons.recommendations.enabled", false); + lockPref("app.update.auto", false); + '' + else + "" + } + + ${ + if disableDrmPlugin == true then + '' + lockPref("media.gmp-gmpopenh264.enabled", false); + lockPref("media.gmp-widevinecdm.enabled", false); + '' + else + "" + } + + ${ + if activateAntiTracking == true then + '' + // Tracking + lockPref("browser.send_pings", false); + lockPref("browser.send_pings.require_same_host", true); + lockPref("network.dns.disablePrefetch", true); + lockPref("browser.contentblocking.trackingprotection.control-center.ui.enabled", false); + lockPref("browser.search.geoip.url", ""); + lockPref("privacy.firstparty.isolate", true); + lockPref("privacy.userContext.enabled", true); + lockPref("privacy.userContext.ui.enabled", true); + lockPref("privacy.firstparty.isolate.restrict_opener_access", false); + lockPref("network.http.referer.XOriginPolicy", 1); + lockPref("network.http.referer.hideOnionSource", true); + lockPref(" privacy.spoof_english", true); + + // This option is currently not usable because of bug: + // https://bugzilla.mozilla.org/show_bug.cgi?id=1557620 + // lockPref("privacy.resistFingerprinting", true); + '' + else "" + } + ${ + if disableTelemetry == true then + '' + // Telemetry + lockPref("browser.newtabpage.activity-stream.feeds.telemetry", false); + lockPref("browser.ping-centre.telemetry", false); + lockPref("devtools.onboarding.telemetry.logged", false); + lockPref("toolkit.telemetry.archive.enabled", false); + lockPref("toolkit.telemetry.bhrPing.enabled", false); + lockPref("toolkit.telemetry.enabled", false); + lockPref("toolkit.telemetry.firstShutdownPing.enabled", false); + lockPref("toolkit.telemetry.hybridContent.enabled", false); + lockPref("toolkit.telemetry.newProfilePing.enabled", false); + lockPref("toolkit.telemetry.shutdownPingSender.enabled", false); + lockPref("toolkit.telemetry.reportingpolicy.firstRun", false); + lockPref("dom.push.enabled", false); + lockPref("browser.newtabpage.activity-stream.feeds.snippets", false); + lockPref("security.ssl.errorReporting.enabled", false); + '' + else "" + } + + ${ + if disableGoogleSafebrowsing == true then + '' + // Google data sharing + lockPref("browser.safebrowsing.blockedURIs.enabled", false); + lockPref("browser.safebrowsing.downloads.enabled", false); + lockPref("browser.safebrowsing.malware.enabled", false); + lockPref("browser.safebrowsing.passwords.enabled", false); + lockPref("browser.safebrowsing.provider.google4.dataSharing.enabled", false); + lockPref("browser.safebrowsing.malware.enabled", false); + lockPref("browser.safebrowsing.phishing.enabled", false); + lockPref("browser.safebrowsing.provider.mozilla.gethashURL", ""); + lockPref("browser.safebrowsing.provider.mozilla.updateURL", ""); + '' + else "" + } + + // User customization + ${extraPrefs} + ''; + in stdenv.mkDerivation { + inherit name; + + desktopItem = makeDesktopItem { + name = browserName; + exec = "${browserName}${nameSuffix} %U"; + inherit icon; + comment = ""; + desktopName = "${desktopName}${nameSuffix}${lib.optionalString gdkWayland " (Wayland)"}"; + genericName = "Web Browser"; + categories = "Application;Network;WebBrowser;"; + mimeType = stdenv.lib.concatStringsSep ";" [ + "text/html" + "text/xml" + "application/xhtml+xml" + "application/vnd.mozilla.xul+xml" + "x-scheme-handler/http" + "x-scheme-handler/https" + "x-scheme-handler/ftp" + ]; + }; + + nativeBuildInputs = [ makeWrapper lndir ]; + buildInputs = lib.optional (browser ? gtk3) browser.gtk3; + + buildCommand = lib.optionalString stdenv.isDarwin '' + mkdir -p $out/Applications + cp -R --no-preserve=mode,ownership ${browser}/Applications/${browserName}.app $out/Applications + rm -f $out${browser.execdir or "/bin"}/${browserName} + '' + '' + + # Link the runtime. The executable itself has to be copied, + # because it will resolve paths relative to its true location. + # Any symbolic links have to be replicated as well. + cd "${browser}" + find . -type d -exec mkdir -p "$out"/{} \; + + find . -type f \( -not -name "${browserName}" \) -exec ln -sT "${browser}"/{} "$out"/{} \; + + find . -type f -name "${browserName}" -print0 | while read -d $'\0' f; do + cp -P --no-preserve=mode,ownership "${browser}/$f" "$out/$f" + chmod a+rwx "$out/$f" + done + + # fix links and absolute references + cd "${browser}" + + find . -type l -print0 | while read -d $'\0' l; do + target="$(readlink "$l" | ${replace}/bin/replace-literal -es -- "${browser}" "$out")" + ln -sfT "$target" "$out/$l" + done + + # This will not patch binaries, only "text" files. + # Its there for the wrapper mostly. + cd "$out" + ${replace}/bin/replace-literal -esfR -- "${browser}" "$out" + + # create the wrapper + + executablePrefix="$out${browser.execdir or "/bin"}" + executablePath="$executablePrefix/${browserName}" + + if [ ! -x "$executablePath" ] + then + echo "cannot find executable file \`${browser}${browser.execdir or "/bin"}/${browserName}'" + exit 1 + fi + + if [ ! -L "$executablePath" ] + then + # Careful here, the file at executablePath may already be + # a wrapper. That is why we postfix it with -old instead + # of -wrapped. + oldExe="$executablePrefix"/".${browserName}"-old + mv "$executablePath" "$oldExe" + else + oldExe="$(readlink -v --canonicalize-existing "$executablePath")" + fi + + + makeWrapper "$oldExe" "$out${browser.execdir or "/bin"}/${browserName}${nameSuffix}" \ + --suffix-each MOZ_PLUGIN_PATH ':' "$plugins" \ + --suffix LD_LIBRARY_PATH ':' "$libs" \ + --suffix-each GTK_PATH ':' "$gtk_modules" \ + --suffix-each LD_PRELOAD ':' "$(cat $(filterExisting $(addSuffix /extra-ld-preload $plugins)))" \ + --prefix-contents PATH ':' "$(filterExisting $(addSuffix /extra-bin-path $plugins))" \ + --suffix PATH ':' "$out${browser.execdir or "/bin"}" \ + --set MOZ_APP_LAUNCHER "${browserName}${nameSuffix}" \ + --set MOZ_SYSTEM_DIR "$out/lib/mozilla" \ + ${lib.optionalString gdkWayland '' + --set GDK_BACKEND "wayland" \ + ''}${lib.optionalString (browser ? gtk3) + ''--prefix XDG_DATA_DIRS : "$GSETTINGS_SCHEMAS_PATH" \ + --suffix XDG_DATA_DIRS : '${gnome3.adwaita-icon-theme}/share' + '' + } + + if [ -e "${browser}/share/icons" ]; then + mkdir -p "$out/share" + ln -s "${browser}/share/icons" "$out/share/icons" + else + for res in 16 32 48 64 128; do + mkdir -p "$out/share/icons/hicolor/''${res}x''${res}/apps" + icon=( "${browser}/lib/"*"/browser/chrome/icons/default/default''${res}.png" ) + if [ -e "$icon" ]; then ln -s "$icon" \ + "$out/share/icons/hicolor/''${res}x''${res}/apps/${browserName}.png" + fi + done + fi + + install -D -t $out/share/applications $desktopItem/share/applications/* + + mkdir -p $out/lib/mozilla + for ext in ${toString nativeMessagingHosts}; do + lndir -silent $ext/lib/mozilla $out/lib/mozilla + done + + # For manpages, in case the program supplies them + mkdir -p $out/nix-support + echo ${browser} > $out/nix-support/propagated-user-env-packages + + # user customization + mkdir -p $out/lib/firefox + + # creating policies.json + mkdir -p "$out/lib/firefox/distribution" + + cat > "$out/lib/firefox/distribution/policies.json" < ${policiesJson} + + # preparing for autoconfig + mkdir -p "$out/lib/firefox/defaults/pref" + + cat > "$out/lib/firefox/defaults/pref/autoconfig.js" < "$out/lib/firefox/mozilla.cfg" < ${mozillaCfg} + + mkdir -p $out/lib/firefox/distribution/extensions + + for i in ${toString extensions}; do + ln -s -t $out/lib/firefox/distribution/extensions $i/* + done + ''; + + preferLocalBuild = true; + + # Let each plugin tell us (through its `mozillaPlugin') attribute + # where to find the plugin in its tree. + plugins = map (x: x + x.mozillaPlugin) plugins; + libs = lib.makeLibraryPath libs + ":" + lib.makeSearchPathOutput "lib" "lib64" libs; + gtk_modules = map (x: x + x.gtkModule) gtk_modules; + + passthru = { unwrapped = browser; }; + + disallowedRequisites = [ stdenv.cc ]; + + meta = browser.meta // { + description = + browser.meta.description + + " (with plugins: " + + lib.concatStrings (lib.intersperse ", " (map (x: x.name) plugins)) + + ")"; + hydraPlatforms = []; + priority = (browser.meta.priority or 0) - 1; # prefer wrapper over the package + }; + }; +in + lib.makeOverridable wrapper diff --git a/jeschli/2configs/own-pkgs/audio-fingerprint-defender/default.nix b/jeschli/2configs/own-pkgs/audio-fingerprint-defender/default.nix new file mode 100644 index 00000000..05815e13 --- /dev/null +++ b/jeschli/2configs/own-pkgs/audio-fingerprint-defender/default.nix @@ -0,0 +1,40 @@ +{ stdenv, fetchurl, unzip, jq, zip }: + +stdenv.mkDerivation rec { + pname = "audio-fingerprint-defender-${version}"; + version = "0.1.3"; + + extid = "@audio-fingerprint-defender"; + signed = false; + + src = fetchurl { + url = "https://addons.mozilla.org/firefox/downloads/file/3363623/audiocontext_fingerprint_defender-${version}-an+fx.xpi"; + sha256 = "0yfk5vqwjg4g25c98psj56sw3kv8imxav3nss4hbibflgla1h5pb"; + }; + + phases = [ "buildPhase" ]; + + buildInputs = [ zip unzip jq ]; + + buildPhase = '' + mkdir -p $out/${extid} + unzip ${src} -d $out/${extid} + NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json) + echo "$NEW_MANIFEST" > $out/${extid}/manifest.json + cd $out/${extid} + zip -r -FS $out/${extid}.xpi * + rm -r $out/${extid} + ''; + + meta = with stdenv.lib; { + description = "Audio context fingerprint defender firefox browser addon"; + homepage = https://mybrowseraddon.com/audiocontext-defender.html; + license = { + fullName = "Mozilla Public License Version 2.0"; + shortName = "moz2"; + spdxId = "mozilla-2.0"; + url = "https://www.mozilla.org/en-US/MPL/2.0/"; }; + maintainers = []; + platforms = stdenv.lib.platforms.all; + }; +} diff --git a/jeschli/2configs/own-pkgs/canvas-fingerprint-defender/default.nix b/jeschli/2configs/own-pkgs/canvas-fingerprint-defender/default.nix new file mode 100644 index 00000000..21b4b3f9 --- /dev/null +++ b/jeschli/2configs/own-pkgs/canvas-fingerprint-defender/default.nix @@ -0,0 +1,40 @@ +{ stdenv, fetchurl, unzip, jq, zip }: + +stdenv.mkDerivation rec { + pname = "canvas-fingerprint-defender-${version}"; + version = "0.1.5"; + + extid = "@canvas-fingerprint-defender"; + signed = false; + + src = fetchurl { + url = "https://addons.mozilla.org/firefox/downloads/file/3362272/canvas_fingerprint_defender-${version}-an+fx.xpi?src=recommended"; + sha256 = "1hg00zsrw7ij7bc222j83g2wm3ml1aj34zg5im1802cjq4qqvbld"; + }; + + phases = [ "buildPhase" ]; + + buildInputs = [ zip unzip jq ]; + + buildPhase = '' + mkdir -p $out/${extid} + unzip ${src} -d $out/${extid} + NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json) + echo "$NEW_MANIFEST" > $out/${extid}/manifest.json + cd $out/${extid} + zip -r -FS $out/${extid}.xpi * + rm -r $out/${extid} + ''; + + meta = with stdenv.lib; { + description = "Canvas fingerprint defender firefox browser addon"; + homepage = https://mybrowseraddon.com/webgl-defender.html; + license = { + fullName = "Mozilla Public License Version 2.0"; + shortName = "moz2"; + spdxId = "mozilla-2.0"; + url = "https://www.mozilla.org/en-US/MPL/2.0/"; }; + maintainers = []; + platforms = stdenv.lib.platforms.all; + }; +} diff --git a/jeschli/2configs/own-pkgs/dark-reader/default.nix b/jeschli/2configs/own-pkgs/dark-reader/default.nix new file mode 100644 index 00000000..44f4f905 --- /dev/null +++ b/jeschli/2configs/own-pkgs/dark-reader/default.nix @@ -0,0 +1,28 @@ +{ stdenv, fetchurl }: + +stdenv.mkDerivation rec { + pname = "dark-reader-${version}"; + version = "4.8.1"; + + extid = "addon@darkreader.org"; + signed = true; + + src = fetchurl { + url = "https://addons.mozilla.org/firefox/downloads/file/3404143/dark_reader-${version}-an+fx.xpi"; + sha256 = "0ic0i56jhmxymvy68bs5hqcjvdvw3vks5r58i2ygmpsm190rlldb"; + }; + + phases = [ "installPhase" ]; + + installPhase = '' + install -D ${src} "$out/${extid}.xpi" + ''; + + meta = with stdenv.lib; { + description = "Dark mode for every website. Take care of your eyes, use dark theme for night and daily browsing."; + homepage = https://github.com/darkreader/darkreader; + license = licenses.mit; + maintainers = []; + platforms = stdenv.lib.platforms.all; + }; +} diff --git a/jeschli/2configs/own-pkgs/font-fingerprint-defender/default.nix b/jeschli/2configs/own-pkgs/font-fingerprint-defender/default.nix new file mode 100644 index 00000000..26751bee --- /dev/null +++ b/jeschli/2configs/own-pkgs/font-fingerprint-defender/default.nix @@ -0,0 +1,40 @@ +{ stdenv, fetchurl, unzip, jq, zip }: + +stdenv.mkDerivation rec { + pname = "font-fingerprint-defender-${version}"; + version = "0.1.0"; + + extid = "@font-fingerprint-defender"; + signed = false; + + src = fetchurl { + url = "https://addons.mozilla.org/firefox/downloads/file/3387637/font_fingerprint_defender-${version}-an+fx.xpi"; + sha256 = "1aidkvisnx6qd7hn2x756rvzmbnaz6laqbwq0j5yd86g1kc56dr0"; + }; + + phases = [ "buildPhase" ]; + + buildInputs = [ zip unzip jq ]; + + buildPhase = '' + mkdir -p $out/${extid} + unzip ${src} -d $out/${extid} + NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json) + echo "$NEW_MANIFEST" > $out/${extid}/manifest.json + cd $out/${extid} + zip -r -FS $out/${extid}.xpi * + rm -r $out/${extid} + ''; + + meta = with stdenv.lib; { + description = "Font fingerprint defender firefox browser addon"; + homepage = https://mybrowseraddon.com/font-defender.html; + license = { + fullName = "Mozilla Public License Version 2.0"; + shortName = "moz2"; + spdxId = "mozilla-2.0"; + url = "https://www.mozilla.org/en-US/MPL/2.0/"; }; + maintainers = []; + platforms = stdenv.lib.platforms.all; + }; +} diff --git a/jeschli/2configs/own-pkgs/hopper/default.nix b/jeschli/2configs/own-pkgs/hopper/default.nix new file mode 100644 index 00000000..569fc6aa --- /dev/null +++ b/jeschli/2configs/own-pkgs/hopper/default.nix @@ -0,0 +1,45 @@ +{ stdenv, fetchurl, pkgs, makeWrapper, lib }: + +stdenv.mkDerivation rec { + name = "${pname}-${version}"; + pname = "hopper"; + version = "4.5.16"; + rev = "v${lib.versions.major version}"; + + src = fetchurl { + url = "https://d2ap6ypl1xbe4k.cloudfront.net/Hopper-${rev}-${version}-Linux.pkg.tar.xz"; + sha256 = "0gjnn7f6ibfx46k4bbj8ra7k04s0mrpq7316brgzks6x5yd1m584"; + }; + + sourceRoot = "."; + + ldLibraryPath = with pkgs; stdenv.lib.makeLibraryPath [ +libbsd.out libffi.out gmpxx.out python27Full.out python27Packages.libxml2.out qt5.qtbase zlib xlibs.libX11.out xorg_sys_opengl.out xlibs.libXrender.out gcc-unwrapped.lib + ]; + + nativeBuildInputs = [ makeWrapper ]; + + installPhase = '' + mkdir -p $out/bin + mkdir -p $out/lib + mkdir -p $out/share + cp $sourceRoot/opt/hopper-${rev}/bin/Hopper $out/bin/hopper + cp -r $sourceRoot/opt/hopper-${rev}/lib $out + cp -r $sourceRoot/usr/share $out/share + patchelf \ + --set-interpreter ${stdenv.glibc}/lib/ld-linux-x86-64.so.2 \ + $out/bin/hopper + # Details: https://nixos.wiki/wiki/Qt + wrapProgram $out/bin/hopper \ + --suffix LD_LIBRARY_PATH : ${ldLibraryPath} \ + --suffix QT_PLUGIN_PATH : ${pkgs.qt5.qtbase}/lib/qt-${pkgs.qt5.qtbase.qtCompatVersion}/plugins + ''; + + meta = { + homepage = "https://www.hopperapp.com/index.html"; + description = "A macOS and Linux Disassembler"; + license = stdenv.lib.licenses.unfree; + maintainers = [ stdenv.lib.maintainers.luis ]; + platforms = stdenv.lib.platforms.linux; + }; +} diff --git a/jeschli/2configs/own-pkgs/https-everywhere/default.nix b/jeschli/2configs/own-pkgs/https-everywhere/default.nix new file mode 100644 index 00000000..66fede43 --- /dev/null +++ b/jeschli/2configs/own-pkgs/https-everywhere/default.nix @@ -0,0 +1,29 @@ +{ stdenv, fetchurl }: + +stdenv.mkDerivation rec { + pname = "https-everywhere-${version}"; + version = "2019.6.27"; + + extid = "https-everywhere@eff.org"; + signed = true; + + src = fetchurl { + url = "https://addons.mozilla.org/firefox/downloads/file/3060290/https_everywhere-${version}-an+fx.xpi"; + sha256 = "0743lhn9phn7n6c0886h9ddn1n8vhzbl0vrw177zs43995aj3frp"; + }; + + phases = [ "installPhase" ]; + + installPhase = '' + install -D ${src} "$out/${extid}.xpi" + + ''; + + meta = { + description = "Https everywhere browser addon"; + homepage = https://www.eff.org/https-everywhere; + license = stdenv.lib.licenses.gpl2Plus; + maintainers = []; + platforms = stdenv.lib.platforms.all; + }; +} diff --git a/jeschli/2configs/own-pkgs/pyocclient/default.nix b/jeschli/2configs/own-pkgs/pyocclient/default.nix new file mode 100644 index 00000000..cd91f617 --- /dev/null +++ b/jeschli/2configs/own-pkgs/pyocclient/default.nix @@ -0,0 +1,26 @@ +{ lib, python37Packages }: + +python37Packages.buildPythonPackage rec { + pname = "pyocclient"; + version = "0.4"; + + src = python37Packages.fetchPypi { + inherit pname version; + sha256 = "19k3slrk2idixsdw61in9a3jxglvkigkn5kvwl37lj8hrwr4yq6q"; + }; + + doCheck = false; + + propagatedBuildInputs = with python37Packages; [ + requests + six + ]; + + meta = with lib; { + homepage = https://github.com/owncloud/pyocclient/; + description = "Nextcloud / Owncloud library for python"; + license = licenses.mit; + maintainers = with maintainers; [ ]; + }; + +} diff --git a/jeschli/2configs/own-pkgs/rmount/default.nix b/jeschli/2configs/own-pkgs/rmount/default.nix new file mode 100644 index 00000000..22631f42 --- /dev/null +++ b/jeschli/2configs/own-pkgs/rmount/default.nix @@ -0,0 +1,34 @@ +{ stdenv, fetchgit, makeWrapper, lib, pkgs ? import {} }: +with pkgs; + +stdenv.mkDerivation rec { + name = "rmount-${version}"; + version = "1.0.1"; + rev = "v${version}"; + + src = fetchgit { + rev = "9df124780d2e66f01c70afaecf92090669c5ffb6"; + url = "https://github.com/Luis-Hebendanz/rmount"; + sha256 = "0ydb6sspfnfa3y6gg1r8sk4r58il6636lpqwb2rw7dzmb4b8hpd2"; + }; + + buildInputs = [ stdenv makeWrapper ]; + + installPhase = '' + mkdir -p $out/bin + mkdir -p $out/share/man/man1 + cp ${src}/rmount.man $out/share/man/man1/rmount.1 + cp ${src}/rmount.bash $out/bin/rmount-noenv + cp ${src}/config.json $out/share/config.json + chmod +x $out/bin/rmount-noenv + + makeWrapper $out/bin/rmount-noenv $out/bin/rmount \ + --prefix PATH : ${lib.makeBinPath [ nmap jq cifs-utils sshfs ]} + ''; + + meta = { + homepage = "https://github.com/Luis-Hebendanz/rmount"; + description = "Remote mount utility which parses a json file"; + license = stdenv.lib.licenses.mit; + }; +} diff --git a/jeschli/2configs/own-pkgs/ublock-origin/default.nix b/jeschli/2configs/own-pkgs/ublock-origin/default.nix new file mode 100644 index 00000000..45465d48 --- /dev/null +++ b/jeschli/2configs/own-pkgs/ublock-origin/default.nix @@ -0,0 +1,28 @@ +{ stdenv, fetchurl }: + +stdenv.mkDerivation rec { + pname = "ublock-origin-${version}"; + version = "1.21.2"; + + extid = "uBlock0@raymondhill.net"; + signed = true; + + src = fetchurl { + url = "https://addons.mozilla.org/firefox/downloads/file/3361355/ublock_origin-${version}-an+fx.xpi"; + sha256 = "0ypdq3z61mrymknl37qlq6379bx9f2fsgbgr0czbhqs9f2vwszkc"; + }; + + phases = [ "installPhase" ]; + + installPhase = '' + install -D ${src} "$out/${extid}.xpi" + ''; + + meta = with stdenv.lib; { + description = "ublock origin firefox browser addon"; + homepage = https://github.com/gorhill/uBlock; + license = licenses.gnu3; + maintainers = []; + platforms = stdenv.lib.platforms.all; + }; +} diff --git a/jeschli/2configs/own-pkgs/user-agent-switcher/default.nix b/jeschli/2configs/own-pkgs/user-agent-switcher/default.nix new file mode 100644 index 00000000..c96f1112 --- /dev/null +++ b/jeschli/2configs/own-pkgs/user-agent-switcher/default.nix @@ -0,0 +1,40 @@ +{ stdenv, fetchurl, unzip, jq, zip }: + +stdenv.mkDerivation rec { + pname = "user-agent-switcher-${version}"; + version = "0.3.2"; + +