From 50d91aa83f1ed2fda1771387845ab254b576ad7c Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 19 Dec 2018 20:54:01 +0100 Subject: nixpkgs: 5d4a1a3 -> 7e88992 --- krebs/nixpkgs.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index 61fd085b..62fd7d20 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "5d4a1a3897e2d674522bcb3aa0026c9e32d8fd7c", - "date": "2018-11-24T00:40:22-05:00", - "sha256": "19kryzx9a6x68mpyxks3dajraf92hkbnw1zf952k73s2k4qw9jlq", + "rev": "7e88992a8c7b2de0bcb89182d8686b27bd93e46a", + "date": "2018-12-14T12:54:27+01:00", + "sha256": "1f6lf4addczi81hchqbzjlhrsmkrj575dmdjdhyl0jkm7ypy2lgk", "fetchSubmodules": false } -- cgit v1.2.3 From 2e4266297a5b735639c34a52ec8a21f07512d479 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 24 Dec 2018 15:48:35 +0100 Subject: l wiregrill: remove obsolete ipv4 --- krebs/3modules/lass/default.nix | 3 --- 1 file changed, 3 deletions(-) diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 9d1d56ad..703e54e2 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -91,7 +91,6 @@ in { }; wiregrill = { via = internet; - ip4.addr = "10.244.1.1"; ip6.addr = w6 "1"; aliases = [ "prism.w" @@ -99,7 +98,6 @@ in { wireguard = { pubkey = "oKJotppdEJqQBjrqrommEUPw+VFryvEvNJr/WikXohk="; subnets = [ - "10.244.1.0/24" (krebs.genipv6 "wiregrill" "external" 0).subnetCIDR (krebs.genipv6 "wiregrill" "lass" 0).subnetCIDR ]; @@ -474,7 +472,6 @@ in { phone = { nets = { wiregrill = { - ip4.addr = "10.244.1.2"; ip6.addr = w6 "a"; aliases = [ "phone.w" -- cgit v1.2.3 From 53bea08c263fa5f481255ed51da8ec79a88e11a8 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 24 Dec 2018 15:48:57 +0100 Subject: l daedalus: kill games & steam --- lass/1systems/daedalus/config.nix | 2 -- 1 file changed, 2 deletions(-) diff --git a/lass/1systems/daedalus/config.nix b/lass/1systems/daedalus/config.nix index 305b3f70..4472711e 100644 --- a/lass/1systems/daedalus/config.nix +++ b/lass/1systems/daedalus/config.nix @@ -6,8 +6,6 @@ with import ; - - { # bubsy config -- cgit v1.2.3 From 54d220f7fd758adb3e7289331a77ee27097aae9b Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 24 Dec 2018 15:49:17 +0100 Subject: l daedalus: add torbrowser to pkgs --- lass/1systems/daedalus/config.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/1systems/daedalus/config.nix b/lass/1systems/daedalus/config.nix index 4472711e..a43603f5 100644 --- a/lass/1systems/daedalus/config.nix +++ b/lass/1systems/daedalus/config.nix @@ -70,6 +70,7 @@ with import ; #remote control environment.systemPackages = with pkgs; [ x11vnc + torbrowser ]; krebs.iptables.tables.filter.INPUT.rules = [ { predicate = "-p tcp -i retiolum --dport 5900"; target = "ACCEPT"; } -- cgit v1.2.3 From e8f21e098edb2c3af5fc36f5df616e8f76f7f7b3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 24 Dec 2018 15:49:45 +0100 Subject: l mors: accept android sdk license --- lass/1systems/mors/config.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix index 46cdbbb6..b39f03df 100644 --- a/lass/1systems/mors/config.nix +++ b/lass/1systems/mors/config.nix @@ -147,6 +147,7 @@ with import ; OnCalendar = "00:37"; }; + nixpkgs.config.android_sdk.accept_license = true; programs.adb.enable = true; users.users.mainUser.extraGroups = [ "adbusers" "docker" ]; virtualisation.docker.enable = true; -- cgit v1.2.3 From d5db3117b570e2afaa9133e44b7f04fd10bb0ad1 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 24 Dec 2018 15:50:05 +0100 Subject: l prism: add wiregrill nfs export --- lass/1systems/prism/config.nix | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 6c454b4a..03472166 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -390,6 +390,28 @@ with import ; ln -fnsT /var/lib/containers/yellow/var/download/finished /var/download/finished || : chown download: /var/download/finished ''; + + fileSystems."/export/download" = { + device = "/var/lib/containers/yellow/var/download"; + options = [ "bind" ]; + }; + services.nfs.server = { + enable = true; + exports = '' + /export 42::/16(insecure,ro,crossmnt) + ''; + lockdPort = 4001; + mountdPort = 4002; + statdPort = 4000; + }; + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-i wiregrill -p tcp --dport 111"; target = "ACCEPT"; } + { predicate = "-i wiregrill -p udp --dport 111"; target = "ACCEPT"; } + { predicate = "-i wiregrill -p tcp --dport 2049"; target = "ACCEPT"; } + { predicate = "-i wiregrill -p udp --dport 2049"; target = "ACCEPT"; } + { predicate = "-i wiregrill -p tcp --dport 4000:4002"; target = "ACCEPT"; } + { predicate = "-i wiregrill -p udp --dport 4000:4002"; target = "ACCEPT"; } + ]; } ]; -- cgit v1.2.3 From 7657a92d85e967a6a753a428e1ddacee7eb73154 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 24 Dec 2018 15:50:39 +0100 Subject: l xmonad: add copyToAll button --- lass/5pkgs/custom/xmonad-lass/default.nix | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/lass/5pkgs/custom/xmonad-lass/default.nix b/lass/5pkgs/custom/xmonad-lass/default.nix index 79e6416e..483e37bc 100644 --- a/lass/5pkgs/custom/xmonad-lass/default.nix +++ b/lass/5pkgs/custom/xmonad-lass/default.nix @@ -11,10 +11,7 @@ pkgs.writeHaskellPackage "xmonad-lass" { "xmonad-stockholm" ]; text = /* haskell */ '' -{-# LANGUAGE DeriveDataTypeable #-} -- for XS -{-# LANGUAGE FlexibleContexts #-} -- for xmonad' {-# LANGUAGE LambdaCase #-} -{-# LANGUAGE ScopedTypeVariables #-} module Main where @@ -28,7 +25,7 @@ import System.Environment (getArgs, lookupEnv) import System.Exit (exitFailure) import System.IO (hPutStrLn, stderr) import System.Posix.Process (executeFile) -import XMonad.Actions.CopyWindow (copy, kill1) +import XMonad.Actions.CopyWindow (copy, copyToAll, kill1) import XMonad.Actions.CycleWS (toggleWS) import XMonad.Actions.DynamicWorkspaces ( addWorkspacePrompt, renameWorkspace, removeEmptyWorkspace) import XMonad.Actions.DynamicWorkspaces (withWorkspace) @@ -149,6 +146,8 @@ myKeyMap = , ("M4-d", floatNext True >> spawn "${pkgs.copyq}/bin/copyq show") + , ("M4-", windows copyToAll) + , ("M4-", spawn "${pkgs.writeDash "nm-dmenu" '' export PATH=$PATH:${pkgs.dmenu}/bin:${pkgs.networkmanagerapplet}/bin exec ${pkgs.networkmanager_dmenu}/bin/networkmanager_dmenu "$@" -- cgit v1.2.3 From 4c60ad0e085702eb9291c20374f1c80fe5cfa05e Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 24 Dec 2018 16:32:19 +0100 Subject: l daedalus: fix typo in ipv6 --- krebs/3modules/lass/default.nix | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 703e54e2..018998c9 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -276,7 +276,7 @@ in { nets = rec { retiolum = { ip4.addr = "10.243.133.115"; - ip6.addr = r6 "dead"; + ip6.addr = r6 "daed"; aliases = [ "daedalus.r" "cgit.daedalus.r" @@ -292,8 +292,14 @@ in { -----END RSA PUBLIC KEY----- ''; }; + wiregrill = { + ip6.addr = w6 "daed"; + aliases = [ + "dapdalus.w" + ]; + wireguard.pubkey = "ZVTTWbJfe8Oq6E6QW1qgXU91FnkuKDGJO3MF3I3gDFI="; + }; }; - secure = true; ssh.privkey.path = ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5Ovdcsljr5dOl7+2sQNKpGpdX0SlOIuCZKEiWEp8g"; }; -- cgit v1.2.3 From 7a7dc91f179520bcc78ee1bd6e907979e1508260 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 24 Dec 2018 16:32:41 +0100 Subject: l: add nfs-dl.nix --- lass/1systems/daedalus/config.nix | 1 + lass/2configs/baseX.nix | 1 + lass/2configs/nfs-dl.nix | 7 +++++++ 3 files changed, 9 insertions(+) create mode 100644 lass/2configs/nfs-dl.nix diff --git a/lass/1systems/daedalus/config.nix b/lass/1systems/daedalus/config.nix index a43603f5..e28fbf2f 100644 --- a/lass/1systems/daedalus/config.nix +++ b/lass/1systems/daedalus/config.nix @@ -7,6 +7,7 @@ with import ; + { # bubsy config users.users.bubsy = { diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 1b6a1d59..1f2bb511 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -9,6 +9,7 @@ in { ./power-action.nix ./copyq.nix ./urxvt.nix + ./nfs-dl.nix { hardware.pulseaudio = { enable = true; diff --git a/lass/2configs/nfs-dl.nix b/lass/2configs/nfs-dl.nix new file mode 100644 index 00000000..abbcc1d4 --- /dev/null +++ b/lass/2configs/nfs-dl.nix @@ -0,0 +1,7 @@ +{ + fileSystems."/mnt/prism" = { + device = "prism.w:/export"; + fsType = "nfs"; + }; +} + -- cgit v1.2.3 From cabb397b83afbe2726a4da33f4d230da30704a63 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 24 Dec 2018 16:34:34 +0100 Subject: nixpkgs: 7e88992 -> b9fa31c --- krebs/nixpkgs.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index 62fd7d20..821c79cd 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "7e88992a8c7b2de0bcb89182d8686b27bd93e46a", - "date": "2018-12-14T12:54:27+01:00", - "sha256": "1f6lf4addczi81hchqbzjlhrsmkrj575dmdjdhyl0jkm7ypy2lgk", + "rev": "b9fa31cea0e119ecf1867af4944ddc2f7633aacd", + "date": "2018-12-22T15:37:52+00:00", + "sha256": "1iqdra7nvcwbydjirjsk71rpzk4ljc0gzqy33fcp8l18y8iwh47k", "fetchSubmodules": false } -- cgit v1.2.3 From 371e22366526d8fe9695e6ac4d1d0b5fcb66bd6b Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 25 Dec 2018 14:21:45 +0100 Subject: external: set wiregrill ip6 --- krebs/3modules/external/default.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index fc450b66..441fda45 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -8,6 +8,9 @@ with import ; } // optionalAttrs (host.nets?retiolum) { nets.retiolum.ip6.addr = (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; + } // optionalAttrs (host.nets?wiregrill) { + nets.wiregrill.ip6.addr = + (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address; }); ssh-for = name: builtins.readFile (./ssh + "/${name}.pub"); tinc-for = name: builtins.readFile (./tinc + "/${name}.pub"); -- cgit v1.2.3 From 8b4beb8138aa283f99b0cbb3adb84d08c05aad5a Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 25 Dec 2018 14:23:22 +0100 Subject: l daedalus.w: fix alias --- krebs/3modules/lass/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 018998c9..630c14f1 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -295,7 +295,7 @@ in { wiregrill = { ip6.addr = w6 "daed"; aliases = [ - "dapdalus.w" + "daedalus.w" ]; wireguard.pubkey = "ZVTTWbJfe8Oq6E6QW1qgXU91FnkuKDGJO3MF3I3gDFI="; }; -- cgit v1.2.3 From 48847ca8154fdc8db62ff151effdb3e39cae87f7 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 25 Dec 2018 14:38:29 +0100 Subject: external: add miaoski --- krebs/3modules/external/default.nix | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index 441fda45..e5b201f7 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -344,6 +344,20 @@ in { }; }; }; + miaoski = { + owner = config.krebs.users.miaoski; + nets = { + wiregrill = { + aliases = [ "miaoski.w" ]; + wireguard = { + pubkey = "8haz9JX5nAMORzNy89VdHC1Z9XA94ogaZsY3d2Rfkl4="; + subnets = [ + (krebs.genipv6 "wiregrill" "external" 0).subnetCIDR + ]; + }; + }; + }; + }; }; users = { ciko = { @@ -374,6 +388,8 @@ in { mail = "shackspace.de@myvdr.de"; pubkey = ssh-for "ulrich"; }; + miaoski = { + }; }; } -- cgit v1.2.3 From 712ef03b7afce99f359cf1a5072b63f493ed461b Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 25 Dec 2018 14:24:32 +0100 Subject: l prism: fix MASQUERADING for externals --- lass/1systems/prism/config.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 03472166..dd8ab0dd 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -309,7 +309,7 @@ with import ; { precedence = 1000; predicate = "-i retiolum -o wiregrill"; target = "ACCEPT"; } ]; krebs.iptables.tables.nat.POSTROUTING.rules = [ - { v4 = false; predicate = "-s 42:1:ce16::/48 ! -d 42:1:ce16::48"; target = "MASQUERADE"; } + { v4 = false; predicate = "-s 42:1::/32 ! -d 42:1::/48"; target = "MASQUERADE"; } { v6 = false; predicate = "-s 10.244.1.0/24 ! -d 10.244.1.0/24"; target = "MASQUERADE"; } ]; services.dnsmasq = { -- cgit v1.2.3 From 16bfb80f528bf51610bf621b7eb4dfae7ed010db Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 25 Dec 2018 14:24:51 +0100 Subject: l: add nintendo@lassul.us --- lass/2configs/exim-smarthost.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix index 1acfe505..f487a991 100644 --- a/lass/2configs/exim-smarthost.nix +++ b/lass/2configs/exim-smarthost.nix @@ -95,6 +95,7 @@ with import ; { from = "lesswrong@lassul.us"; to = lass.mail; } { from = "nordvpn@lassul.us"; to = lass.mail; } { from = "csv-direct@lassul.us"; to = lass.mail; } + { from = "nintendo@lassul.us"; to = lass.mail; } ]; system-aliases = [ { from = "mailer-daemon"; to = "postmaster"; } -- cgit v1.2.3 From a46b64750512ebc167a65a39b563eeca8ce8d8b9 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 25 Dec 2018 14:28:41 +0100 Subject: l websites: add wireguard-key location --- lass/2configs/websites/lassulus.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index 17af0d00..307f1c2b 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -63,6 +63,9 @@ in { locations."= /retiolum.hosts".extraConfig = '' alias ${pkgs.retiolum-hosts}; ''; + locations."= /wireguard-key".extraConfig = '' + alias ${pkgs.writeText "prism.wg" config.krebs.hosts.prism.nets.wiregrill.wireguard.pubkey}; + ''; locations."/tinc".extraConfig = '' alias ${config.krebs.tinc_graphs.workingDir}/external; ''; -- cgit v1.2.3 From 81de4a0473da780b449c9a5e502c2c6a12f57d3d Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 25 Dec 2018 14:29:41 +0100 Subject: l sqlBackup: fix permissions/folders --- lass/2configs/websites/sqlBackup.nix | 4 +--- lass/3modules/mysql-backup.nix | 16 ++++++++-------- 2 files changed, 9 insertions(+), 11 deletions(-) diff --git a/lass/2configs/websites/sqlBackup.nix b/lass/2configs/websites/sqlBackup.nix index 897e35e6..10a6e464 100644 --- a/lass/2configs/websites/sqlBackup.nix +++ b/lass/2configs/websites/sqlBackup.nix @@ -20,9 +20,7 @@ lass.mysqlBackup = { enable = true; - config.all = { - password = toString (); - }; + config.all = {}; }; } diff --git a/lass/3modules/mysql-backup.nix b/lass/3modules/mysql-backup.nix index d2ae6717..516f96c3 100644 --- a/lass/3modules/mysql-backup.nix +++ b/lass/3modules/mysql-backup.nix @@ -41,7 +41,7 @@ let }; location = mkOption { type = str; - default = "/bku/sql_dumps"; + default = "/backups/sql_dumps"; }; }; })); @@ -51,11 +51,9 @@ let imp = { - #systemd.timers = - # mapAttrs (_: plan: { - # wantedBy = [ "timers.target" ]; - # timerConfig = plan.timerConfig; - #}) cfg.config; + services.mysql.ensureUsers = [ + { ensurePermissions = { "*.*" = "ALL"; }; name = "root"; } + ]; systemd.services = mapAttrs' (_: plan: nameValuePair "mysqlBackup-${plan.name}" { @@ -75,8 +73,10 @@ let start = plan: let - backupScript = plan: db: - "mysqldump -u ${plan.user} ${optionalString (plan.password != null) "-p$(cat ${plan.password})"} ${db} | gzip -c > ${plan.location}/${db}.gz"; + backupScript = plan: db: '' + mkdir -p ${plan.location} + mysqldump -u ${plan.user} ${optionalString (plan.password != null) "-p$(cat ${plan.password})"} ${db} | gzip -c > ${plan.location}/${db}.gz + ''; in pkgs.pkgs.writeDash "mysqlBackup.${plan.name}" '' ${concatMapStringsSep "\n" (backupScript plan) plan.databases} -- cgit v1.2.3 From 7a4ec8bdb5c156efc57b58f15b62922a6fa0bbb8 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 26 Dec 2018 16:28:46 +0100 Subject: external: add kmein pubkey --- krebs/3modules/external/default.nix | 2 ++ krebs/3modules/external/ssh/kmein.pub | 1 + 2 files changed, 3 insertions(+) create mode 100644 krebs/3modules/external/ssh/kmein.pub diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index e5b201f7..760521ef 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -368,6 +368,8 @@ in { pubkey = ssh-for "exco"; }; kmein = { + mail = "kieran.meinhardt@gmail.com"; + pubkey = ssh-for "kmein"; }; Mic92 = { mail = "joerg@higgsboson.tk"; diff --git a/krebs/3modules/external/ssh/kmein.pub b/krebs/3modules/external/ssh/kmein.pub new file mode 100644 index 00000000..5711a2c1 --- /dev/null +++ b/krebs/3modules/external/ssh/kmein.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC19H0FhSNWcfBRPKzbTVSMJikIWZl0CoM8zCm+/3fdMgoaLRpeZWe/AfDK6b4qOjk/sez/J0JUFCGr+JbMwjsduoazsuQowu9L9DLP9Q5UkJje4BD7MHznaeu9/XfVng/MvyaEWArA/VUJeKQesHe76tR511/+n3+bdzlIh8Zw/3wfFxmg1OTNA99/vLkXrQzHDTuV/yj1pxykL4xFtN0OIssW1IKncJeKtkO/OHGT55ypz52Daj6bNKqvxiTuzeEhv5M+5ppyIPcRf1uj/7IaPKttCgZAntEqBTIR9MbyXFeAZVayzaFnLl2okeam5XreeZbj+Y1h2ZjxiIuWoab3MLndSekVfLtfa63gtcWIf8CIvZO2wJoH8v73y0U78JsfWVaTM09ZCfFlHHA/bWqZ6laAjW+mWLO/c77DcYkB3IBzaMVNfc6mfTcGFIC+biWeYpKgA0zC6rByUPbmbIoMueP9zqJwqUaM90Nwd6559inBB107/BK3Ktb3b+37mMCstetIPB9e4EFpGMjhmnL/G81jS53ACWLXJYzt7mKU/fEsiW93MtaB+Le46OEC18y/4G8F7p/nnH7i0kO74ukxbnc4PlpiM7iWT6ra2Cyy+nzEgdXCNXywIxr05TbCQDwX6/NY8k7Hokgdfyz+1Pq3sX0yCcWRPaoB26YF12KYFQ== kieran.meinhardt@gmail.com -- cgit v1.2.3 From e4138df4aa790fca87223dee67c921627bf28a26 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 26 Dec 2018 16:44:25 +0100 Subject: l prism: add kmein user --- lass/1systems/prism/config.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index dd8ab0dd..df2778be 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -82,6 +82,13 @@ with import ; ]; openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDQFaYOWRUvHP6I37q9Dd4PJOq8FNQqAeJZ8pLx0G62uC450kbPGcG80rHHvXmk7HqQP6biJmMg48bOsvXAScPot2Qhp1Qc35CuUqVhLiTvUAsi8l/iJjhjZ23yRGDCAmW5+JIOzIvECkcbMnG7YoYAQ9trNGHe9qwGzQGhpt3QVClE23WtE3PVKRLQx1VbiabSnAm6tXVd2zpUoSdpWt8Gpi2taM4XXJ5+l744MNxFHvDapN5xqpYzwrA34Ii13jNLWcGbtgxESpR+VjnamdWByrkBsW4X5/xn2K1I1FrujaM/DBHV1QMaDKst9V8+uL5X7aYNt0OUBu2eyZdg6aujY2BYovB9uRyR1JIuSbA/a54MM96yN9WirMUufJF/YZrV0L631t9EW8ORyWUo1GRzMuBHVHQlfApj7NCU/jEddUuTqKgwyRgTmMFMUI4M0tRULAB/7pBE1Vbcx9tg6RsKIk8VkskfbBJW9Y6Sx6YoFlxPdgMNIrBefqEjIV62piP7YLMlvfIDCJ7TNd9dLN86XGggZ/nD5zt6SL1o61vVnw9If8pHosppxADPJsJvcdN6fOe16/tFAeE0JRo0jTcyFVTBGfhpey+rFfuW8wtUyuO5WPUxkOn7xMHGMWHJAtWX2vwVIDtLxvqn48B4SmEOpPD6ii+vcpwqAex3ycqBUQ==" ]; }; + users.users.kmein = { + uid = genid_uint31 "kmein"; + isNormalUser = true; + openssh.authorizedKeys.keys = [ + config.krebs.users.kmein.pubkey + ]; + }; } { #hotdog -- cgit v1.2.3 From fb254e60949f029cc7cb48764093b49932d0acde Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 26 Dec 2018 23:48:54 +0100 Subject: external: remove miaoski wrong subnet --- krebs/3modules/external/default.nix | 3 --- 1 file changed, 3 deletions(-) diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index 760521ef..baa49dbe 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -351,9 +351,6 @@ in { aliases = [ "miaoski.w" ]; wireguard = { pubkey = "8haz9JX5nAMORzNy89VdHC1Z9XA94ogaZsY3d2Rfkl4="; - subnets = [ - (krebs.genipv6 "wiregrill" "external" 0).subnetCIDR - ]; }; }; }; -- cgit v1.2.3 From 84411177954db9f4fde99eaa87565168e296b6a4 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 28 Dec 2018 01:23:05 +0100 Subject: l: remove confusing deprecated x config --- lass/3modules/default.nix | 1 - lass/3modules/xserver/default.nix | 103 --------------------------------- lass/3modules/xserver/xserver.conf.nix | 40 ------------- 3 files changed, 144 deletions(-) delete mode 100644 lass/3modules/xserver/default.nix delete mode 100644 lass/3modules/xserver/xserver.conf.nix diff --git a/lass/3modules/default.nix b/lass/3modules/default.nix index 2cf6a66b..613c7c8a 100644 --- a/lass/3modules/default.nix +++ b/lass/3modules/default.nix @@ -14,6 +14,5 @@ _: ./umts.nix ./usershadow.nix ./xjail.nix - ./xserver ]; } diff --git a/lass/3modules/xserver/default.nix b/lass/3modules/xserver/default.nix deleted file mode 100644 index cdd80857..00000000 --- a/lass/3modules/xserver/default.nix +++ /dev/null @@ -1,103 +0,0 @@ -{ config, pkgs, ... }@args: -with import ; -let - - out = { - options.lass.xserver = api; - config = mkIf cfg.enable imp; - }; - - user = config.krebs.build.user; - - cfg = config.lass.xserver; - xcfg = config.services.xserver; - api = { - enable = mkEnableOption "lass xserver"; - }; - imp = { - - services.xserver = { - enable = true; - display = 11; - tty = 11; - }; - - systemd.services.display-manager.enable = false; - - systemd.services.xmonad = { - wantedBy = [ "multi-user.target" ]; - requires = [ "xserver.service" ]; - environment = { - DISPLAY = ":${toString xcfg.display}"; - - XMONAD_STARTUP_HOOK = pkgs.writeDash "xmonad-startup-hook" '' - ${pkgs.xorg.xhost}/bin/xhost +LOCAL: & - ${xcfg.displayManager.sessionCommands} - if test -z "$DBUS_SESSION_BUS_ADDRESS"; then - exec ${pkgs.dbus.dbus-launch} --exit-with-session "$0" "" - fi - export DBUS_SESSION_BUS_ADDRESS - ${config.systemd.package}/bin/systemctl --user import-environment DISPLAY DBUS_SESSION_BUS_ADDRESS - wait - ''; - - XMONAD_DATA_DIR = "/tmp"; - }; - serviceConfig = { - SyslogIdentifier = "xmonad"; - ExecStart = "${pkgs.xmonad-lass}/bin/xmonad"; - ExecStop = "${pkgs.xmonad-lass}/bin/xmonad --shutdown"; - User = user.name; - WorkingDirectory = user.home; - }; - }; - - systemd.services.xserver = { - after = [ - "systemd-udev-settle.service" - "local-fs.target" - "acpid.service" - ]; - reloadIfChanged = true; - environment = { - XKB_BINDIR = "${pkgs.xorg.xkbcomp}/bin"; # Needed for the Xkb extension. - XORG_DRI_DRIVER_PATH = "/run/opengl-driver/lib/dri"; # !!! Depends on the driver selected at runtime. - LD_LIBRARY_PATH = concatStringsSep ":" ( - [ "${pkgs.xorg.libX11}/lib" "${pkgs.xorg.libXext}/lib" ] - ++ concatLists (catAttrs "libPath" xcfg.drivers)); - }; - serviceConfig = { - SyslogIdentifier = "xserver"; - ExecReload = "${pkgs.coreutils}/bin/echo NOP"; - ExecStart = toString [ - "${pkgs.xorg.xorgserver}/bin/X" - ":${toString xcfg.display}" - "vt${toString xcfg.tty}" - "-config ${import ./xserver.conf.nix args}" - "-logfile /dev/null -logverbose 0 -verbose 3" - "-nolisten tcp" - "-xkbdir ${pkgs.xkeyboard_config}/etc/X11/xkb" - (optional (xcfg.dpi != null) "-dpi ${toString xcfg.dpi}") - ]; - User = user.name; - }; - }; - krebs.xresources.resources.dpi = '' - ${optionalString (xcfg.dpi != null) "Xft.dpi: ${toString xcfg.dpi}"} - ''; - systemd.services.urxvtd = { - wantedBy = [ "multi-user.target" ]; - reloadIfChanged = true; - serviceConfig = { - SyslogIdentifier = "urxvtd"; - ExecReload = "${pkgs.coreutils}/bin/echo NOP"; - ExecStart = "${pkgs.rxvt_unicode_with-plugins}/bin/urxvtd"; - Restart = "always"; - RestartSec = "2s"; - StartLimitBurst = 0; - User = user.name; - }; - }; - }; - -in out diff --git a/lass/3modules/xserver/xserver.conf.nix b/lass/3modules/xserver/xserver.conf.nix deleted file mode 100644 index 6f34e015..00000000 --- a/lass/3modules/xserver/xserver.conf.nix +++ /dev/null @@ -1,40 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; - -let - cfg = config.services.xserver; -in - -pkgs.stdenv.mkDerivation { - name = "xserver.conf"; - - xfs = optionalString (cfg.useXFS != false) - ''FontPath "${toString cfg.useXFS}"''; - - inherit (cfg) config; - - buildCommand = - '' - echo 'Section "Files"' >> $out - echo $xfs >> $out - - for i in ${toString config.fonts.fonts}; do - if test "''${i:0:''${#NIX_STORE}}" == "$NIX_STORE"; then - for j in $(find $i -name fonts.dir); do - echo " FontPath \"$(dirname $j)\"" >> $out - done - fi - done - - for i in $(find ${toString cfg.modules} -type d); do - if test $(echo $i/*.so* | wc -w) -ne 0; then - echo " ModulePath \"$i\"" >> $out - fi - done - - echo 'EndSection' >> $out - - echo "$config" >> $out - ''; -} -- cgit v1.2.3 From de6ca6e60b0ac70042262d0d735c8f0991f0d7f4 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 2 Jan 2019 21:41:05 +0100 Subject: external: add matchbox --- krebs/3modules/external/default.nix | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index baa49dbe..1363df1a 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -344,6 +344,30 @@ in { }; }; }; + matchbox = { + owner = config.krebs.users.Mic92; + nets = { + retiolum = { + ip4.addr = "10.243.29.172"; + aliases = [ "matchbox.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAqwB9pzV889vpMp/am+T0sfm5qO/wAWS/tv0auYK3Zyx3ChxrQX2m + VrxO5a/bjR/g1fi/t2kJIV/6tsVSRHfzKuKHprE2KxeNOmwUuSjjiM4CboASMR+w + nra6U0Ldf5vBxtEj5bj384QxwxxVLhSw8NbE43FCM07swSvAT8Y/ZmGUd738674u + TNC6zM6zwLvN0dxCDLuD5bwUq7y73JNQTm2YXv1Hfw3T8XqJK/Xson2Atv2Y5ZbE + TA0RaH3PoEkhkVeJG/EuUIJhvmunS5bBjFSiOiUZ8oEOSjo9nHUMD0u+x1BZIg/1 + yy5B5iB4YSGPAtjMJhwD/LRIoI8msWpdVCCnA+FlKCKAsgC7JbJgcOUtK9eDFdbO + 4FyzdUJbK+4PDguraPGzIX7p+K3SY8bbyo3SSp5rEb+CEWtFf26oJm7eBhDBT6K4 + Ofmzp0GjFbS8qkqEGCQcfi4cAsXMVCn4AJ6CKs89y19pLZ42fUtWg7WgUZA7GWV/ + bPE2RSBMUkGb0ovgoe7Z7NXsL3AST8EQEy+3lAEyUrPFLiwoeGJZmfTDTy1VBFI4 + nCShp7V+MSmz4DnLK1HLksLVLmGyZmouGsLjYUnEa414EI6NJF3bfEO2ZRGaswyR + /vW066YCTe7wi+YrvrMDgkdbyfn/ecMTn2iXsTb4k9/fuO0+hsqL+isCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; miaoski = { owner = config.krebs.users.miaoski; nets = { -- cgit v1.2.3 From 6db1a249e64c4be07c2db8daa2b305f3d35decb9 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 3 Jan 2019 17:24:50 +0100 Subject: nixpkgs: b9fa31c -> 0396345 --- krebs/nixpkgs.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index 821c79cd..d3f681a6 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "b9fa31cea0e119ecf1867af4944ddc2f7633aacd", - "date": "2018-12-22T15:37:52+00:00", - "sha256": "1iqdra7nvcwbydjirjsk71rpzk4ljc0gzqy33fcp8l18y8iwh47k", + "rev": "0396345b79436f54920f7eb651ab42acf2eb7973", + "date": "2018-12-30T21:22:33-05:00", + "sha256": "10wd0wsair6dlilgaviqw2p9spgcf8qg736bzs08jha0f4zfqjs4", "fetchSubmodules": false } -- cgit v1.2.3 From cc26a9e93d36ac5e9f01d6ee7339703ce3c8c1ab Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 3 Jan 2019 19:12:52 +0100 Subject: l baseX: don't automount prism.r --- lass/2configs/baseX.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 1f2bb511..1b6a1d59 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -9,7 +9,6 @@ in { ./power-action.nix ./copyq.nix ./urxvt.nix - ./nfs-dl.nix { hardware.pulseaudio = { enable = true; -- cgit v1.2.3 From 1664ce39b368d65cac9ca24e80db3b4959cb8435 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 3 Jan 2019 19:13:36 +0100 Subject: l mors: automount prims.r --- lass/1systems/mors/config.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix index b39f03df..b6565dc6 100644 --- a/lass/1systems/mors/config.nix +++ b/lass/1systems/mors/config.nix @@ -35,6 +35,7 @@ with import ; + { krebs.iptables.tables.filter.INPUT.rules = [ #risk of rain -- cgit v1.2.3 From 7e814620a137b7b85b7d601ffa092caab05a6929 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 3 Jan 2019 19:14:09 +0100 Subject: l baseX: remove xephyrify from pkgs --- lass/2configs/baseX.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 1b6a1d59..b8a0a9f2 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -79,7 +79,6 @@ in { taskwarrior termite xclip - xephyrify xorg.xbacklight xorg.xhost xsel -- cgit v1.2.3 From 05f9389e4f9e17be04e1bdef5b1cf695d3a8687b Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 3 Jan 2019 21:32:23 +0100 Subject: krops: use nixpkgs derivation for ci --- krebs/krops.nix | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/krebs/krops.nix b/krebs/krops.nix index ab752494..76bca026 100644 --- a/krebs/krops.nix +++ b/krebs/krops.nix @@ -9,15 +9,15 @@ krebs-source = { test ? false }: rec { nixpkgs = if test then { - file = { - path = toString (pkgs.fetchFromGitHub { + derivation = '' + with import {}; + pkgs.fetchFromGitHub { owner = "nixos"; repo = "nixpkgs"; - rev = (lib.importJSON ./nixpkgs.json).rev; - sha256 = (lib.importJSON ./nixpkgs.json).sha256; - }); - useChecksum = true; - }; + rev = "${(lib.importJSON ./nixpkgs.json).rev}"; + sha256 = "${(lib.importJSON ./nixpkgs.json).sha256}"; + } + ''; } else { git = { ref = (lib.importJSON ./nixpkgs.json).rev; -- cgit v1.2.3 From 069fd9be579b5257520ed7ab3578f19cb28badcd Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 3 Jan 2019 21:37:14 +0100 Subject: makefu krops.nix: use nixpkgs derivation for ci --- makefu/krops.nix | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/makefu/krops.nix b/makefu/krops.nix index 2a2f70a0..30db0766 100644 --- a/makefu/krops.nix +++ b/makefu/krops.nix @@ -27,15 +27,15 @@ # TODO: we want to track the unstable channel symlink = "/nix/var/nix/profiles/per-user/root/channels/nixos/"; } else { - file = { - path = toString (pkgs.fetchFromGitHub { + derivation = '' + with import {}; + pkgs.fetchFromGitHub { owner = "makefu"; repo = "nixpkgs"; - rev = nixpkgs-src.rev; - sha256 = nixpkgs-src.sha256; - }); - useChecksum = true; - }; + rev = "${nixpkgs-src.rev}"; + sha256 = "${nixpkgs-src.sha256}"; + } + ''; }; nixos-config.symlink = "stockholm/makefu/1systems/${name}/config.nix"; -- cgit v1.2.3 From 2766a860a84d357f918a44d7d2d6a9c532f892c0 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 3 Jan 2019 21:41:17 +0100 Subject: l blue source: use derivation for nixpkgs --- lass/1systems/blue/source.nix | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/lass/1systems/blue/source.nix b/lass/1systems/blue/source.nix index 8f748ab8..a32c3a82 100644 --- a/lass/1systems/blue/source.nix +++ b/lass/1systems/blue/source.nix @@ -1,11 +1,14 @@ { lib, pkgs, ... }: { nixpkgs = lib.mkForce { - file = toString (pkgs.fetchFromGitHub { - owner = "nixos"; - repo = "nixpkgs"; - rev = (lib.importJSON ../../../krebs/nixpkgs.json).rev; - sha256 = (lib.importJSON ../../../krebs/nixpkgs.json).sha256; - }); + derivation = '' + with import {}; + pkgs.fetchFromGitHub { + owner = "nixos"; + repo = "nixpkgs"; + rev = "${(lib.importJSON ../../../krebs/nixpkgs.json).rev}"; + sha256 = "${(lib.importJSON ../../../krebs/nixpkgs.json).sha256}"; + } + ''; }; } -- cgit v1.2.3 From 2ce824f21f933710ef9f36864e1e585644da6eb5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 3 Jan 2019 21:49:05 +0100 Subject: ci: build in stockholm-build --- ci.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci.nix b/ci.nix index a383a063..16c866e7 100644 --- a/ci.nix +++ b/ci.nix @@ -16,6 +16,6 @@ let ci-systems = filterAttrs (_: v: v.ci) system.config.krebs.hosts; build = host: owner: - ((import (toString ./. + "/${owner}/krops.nix") { name = host; }).test {target = "${getEnv "HOME"}/stockholm-tmp";}); + ((import (toString ./. + "/${owner}/krops.nix") { name = host; }).test {target = "${getEnv "HOME"}/stockholm-build";}); in mapAttrs (n: h: build n h.owner.name) ci-systems -- cgit v1.2.3