From 8b1cb0b262f2b5aef8cbe7cb89afc6162750846f Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 4 Dec 2021 22:19:35 +0100 Subject: ma ham/mqtt: remove obsolete checkPasswords --- makefu/2configs/home/ham/mqtt.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/makefu/2configs/home/ham/mqtt.nix b/makefu/2configs/home/ham/mqtt.nix index 0eca1574..c90afff4 100644 --- a/makefu/2configs/home/ham/mqtt.nix +++ b/makefu/2configs/home/ham/mqtt.nix @@ -9,8 +9,7 @@ listeners = [ { port = 1883; - omitPasswordAuth = true; - checkPasswords = true; + omitPasswordAuth = false; users.sensor = { hashedPassword = "$6$2DXU7W1bvqXPqxkF$vtdz5KTd/T09hmoc9LjgEGFjvpwQbQth6vlVcr5hJNLgcBHv4U03YCKC8TKXbmQAa8xiJ76xJIg25kcL+KI3tg=="; acl = [ "topic readwrite #" ]; -- cgit v1.2.3 From 22766982a2a5a76d79c4e846d451d795f0e20183 Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 4 Dec 2021 22:20:50 +0100 Subject: module urlwatch: create group for user --- krebs/3modules/urlwatch.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/krebs/3modules/urlwatch.nix b/krebs/3modules/urlwatch.nix index 6a159a5b..2e336de2 100644 --- a/krebs/3modules/urlwatch.nix +++ b/krebs/3modules/urlwatch.nix @@ -194,7 +194,9 @@ let home = cfg.dataDir; createHome = true; isSystemUser = true; + group = user.name; }; + users.groups.${user.name} = {}; }; user = rec { -- cgit v1.2.3 From 28d5d0233a863ff87eb8b5e964f5d5f627585dee Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 4 Dec 2021 22:43:59 +0100 Subject: module airdcpp: make group explicit --- krebs/3modules/airdcpp.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/krebs/3modules/airdcpp.nix b/krebs/3modules/airdcpp.nix index 4ac6e30e..259f613c 100644 --- a/krebs/3modules/airdcpp.nix +++ b/krebs/3modules/airdcpp.nix @@ -269,6 +269,7 @@ let home = cfg.stateDir; createHome = true; isSystemUser = true; + group = "airdcpp"; inherit (cfg) extraGroups; }; groups.airdcpp.gid = genid "airdcpp"; -- cgit v1.2.3 From 1c92d9a7af6cf5dbac915dfb544578d8e4a6287b Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 4 Dec 2021 23:02:52 +0100 Subject: ma share: more groups for more users --- makefu/2configs/share/omo.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/makefu/2configs/share/omo.nix b/makefu/2configs/share/omo.nix index 308142f0..93536b63 100644 --- a/makefu/2configs/share/omo.nix +++ b/makefu/2configs/share/omo.nix @@ -14,7 +14,9 @@ in { uid = config.ids.uids.smbguest; description = "smb guest user"; home = "/var/empty"; + group = "share"; }; + users.groups.share = {}; services.samba = { enable = true; shares = { -- cgit v1.2.3 From cd98b7c6299fa74a1c0e65e8c085133b06e3a865 Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 4 Dec 2021 23:03:12 +0100 Subject: ma omo.r: disable collectd server --- makefu/1systems/omo/config.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix index 6afe792e..0b4aaacb 100644 --- a/makefu/1systems/omo/config.nix +++ b/makefu/1systems/omo/config.nix @@ -75,7 +75,7 @@ in { # Logging #influx + grafana - + # # logs to influx -- cgit v1.2.3 From 3045a2c57b79087ab2e96687f82eb1aec96742b1 Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 4 Dec 2021 23:04:34 +0100 Subject: ma dcpp: fix typo --- makefu/2configs/dcpp/hub.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/makefu/2configs/dcpp/hub.nix b/makefu/2configs/dcpp/hub.nix index 8b43b2fc..fce607d5 100644 --- a/makefu/2configs/dcpp/hub.nix +++ b/makefu/2configs/dcpp/hub.nix @@ -83,7 +83,7 @@ in { isSystemUser = true; group = "uhub"; }; - users.group.uhub = {}; + users.groups.uhub = {}; services.uhub.home = { enable = true; port = 1511; -- cgit v1.2.3 From 74ac65471e6ccf55aafce467095d6f302cc899f9 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 5 Dec 2021 14:04:25 +0100 Subject: ma uhub: move to new configuration, add more groups to users --- makefu/2configs/dcpp/hub.nix | 45 +++++++++++++++++++----------------- makefu/2configs/nsupdate-data.nix | 6 +++-- makefu/5pkgs/uhub/default.nix | 48 --------------------------------------- 3 files changed, 28 insertions(+), 71 deletions(-) delete mode 100644 makefu/5pkgs/uhub/default.nix diff --git a/makefu/2configs/dcpp/hub.nix b/makefu/2configs/dcpp/hub.nix index fce607d5..b8ca49b7 100644 --- a/makefu/2configs/dcpp/hub.nix +++ b/makefu/2configs/dcpp/hub.nix @@ -39,7 +39,9 @@ in { home = stateDir; isSystemUser = true; createHome = true; + group = ddclientUser; }; + users.groups.${ddclientUser} = {}; systemd.services = { ddclient-nsupdate-uhub = { @@ -86,29 +88,30 @@ in { users.groups.uhub = {}; services.uhub.home = { enable = true; - port = 1511; enableTLS = true; - hubConfig = '' - hub_name = "krebshub" - tls_certificate = ${uhubDir}/uhub.crt - tls_private_key = ${uhubDir}/uhub.key - registered_users_only = true - ''; - plugins = { - welcome = { - enable = true; - motd = "shareit"; - rules = "1. Don't be an asshole"; - }; - history = { - enable = true; - }; - authSqlite = { - enable = true; - file = "${uhubDir}/uhub.sql"; - }; - + settings = { + server_port = 1511; + hub_name = "krebshub"; + tls_certificate = "${uhubDir}/uhub.crt"; + tls_private_key = "${uhubDir}/uhub.key"; + registered_users_only = true; }; + plugins = [ + { + plugin = "${pkgs.uhub}/plugins/mod_auth_sqlite.so"; + settings.file = "${uhubDir}/uhub.sql"; + } + { + plugin = "${pkgs.uhub}/plugins/mod_welcome.so"; + settings.motd = "shareit"; + settings.rules = "1. Don't be an asshole"; + } + { + plugin = "${pkgs.uhub}/plugins/mod_history.so"; + settings.motd = "shareit"; + settings.rules = "1. Don't be an asshole"; + } + ]; }; networking.firewall.allowedTCPPorts = [ 411 1511 ]; } diff --git a/makefu/2configs/nsupdate-data.nix b/makefu/2configs/nsupdate-data.nix index 2f8f4acc..3b6518f6 100644 --- a/makefu/2configs/nsupdate-data.nix +++ b/makefu/2configs/nsupdate-data.nix @@ -28,14 +28,16 @@ let ''; in { - users.extraUsers = singleton { + users.users.${ddclientUser} = { name = ddclientUser; - uid = genid "ddclient"; + uid = genid ddclientUser; description = "ddclient daemon user"; home = stateDir; createHome = true; isSystemUser = true; + group = ddclientUser; }; + users.groups.${ddclientUser} = {}; systemd.services = { ddclient-nsupdate-elchos = { diff --git a/makefu/5pkgs/uhub/default.nix b/makefu/5pkgs/uhub/default.nix deleted file mode 100644 index e0ee035e..00000000 --- a/makefu/5pkgs/uhub/default.nix +++ /dev/null @@ -1,48 +0,0 @@ -{ stdenv, lib, fetchpatch, fetchFromGitHub, cmake, openssl, sqlite, pkgconfig, systemd -, tlsSupport ? false }: - -assert tlsSupport -> openssl != null; - -stdenv.mkDerivation rec { - pname = "uhub"; - version = "2019-06-18"; - - src = fetchFromGitHub { - owner = "janvidar"; - repo = "uhub"; - rev = "78a703924064a92cedeb0a5aab5a80d8f77db73e"; - sha256 = "1dqmj08salhbcdlkglbi03hn9jzgmhjqlb0iysafpzrrwi0mca1z"; - }; - - nativeBuildInputs = [ pkgconfig ]; - buildInputs = [ cmake sqlite systemd ] ++ lib.optional tlsSupport openssl; - - outputs = [ "out" - "mod_example" - "mod_welcome" - "mod_logging" - "mod_auth_simple" - "mod_auth_sqlite" - "mod_chat_history" - "mod_chat_only" - "mod_topic" - "mod_no_guest_downloads" - ]; - - patches = [ - - ]; - - cmakeFlags = '' - -DSYSTEMD_SUPPORT=ON - ${if tlsSupport then "-DSSL_SUPPORT=ON" else "-DSSL_SUPPORT=OFF"} - ''; - - meta = with lib; { - description = "High performance peer-to-peer hub for the ADC network"; - homepage = https://www.uhub.org/; - license = licenses.gpl3; - maintainers = [ maintainers.ehmry ]; - platforms = platforms.unix; - }; -} -- cgit v1.2.3 From 1c636371dcae1bc623bb9b440ad7dbf7c1f917cf Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 5 Dec 2021 14:21:19 +0100 Subject: ma: fix warnings for wbob --- makefu/2configs/bureautomation/zigbee2mqtt/default.nix | 2 +- makefu/2configs/gui/wbob-kiosk.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/makefu/2configs/bureautomation/zigbee2mqtt/default.nix b/makefu/2configs/bureautomation/zigbee2mqtt/default.nix index ba10ae74..b3501979 100644 --- a/makefu/2configs/bureautomation/zigbee2mqtt/default.nix +++ b/makefu/2configs/bureautomation/zigbee2mqtt/default.nix @@ -12,7 +12,7 @@ in services.zigbee2mqtt = { enable = true; inherit dataDir; - config = { + settings = { permit_join = true; serial.port = "/dev/cc2531"; homeassistant = true; diff --git a/makefu/2configs/gui/wbob-kiosk.nix b/makefu/2configs/gui/wbob-kiosk.nix index 2f6a26d8..dc28cf4d 100644 --- a/makefu/2configs/gui/wbob-kiosk.nix +++ b/makefu/2configs/gui/wbob-kiosk.nix @@ -17,7 +17,7 @@ user = "makefu"; }; displayManager.defaultSession = "gnome"; - desktopManager.gnome3.enable = true; + desktopManager.gnome.enable = true; displayManager.sessionCommands = '' ${pkgs.xlibs.xset}/bin/xset -display :0 s off -dpms ${pkgs.xlibs.xrandr}/bin/xrandr --output HDMI2 --right-of HDMI1 -- cgit v1.2.3 From 584a477ac6724367b12e51e2d2ceb020193afed9 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 5 Dec 2021 14:31:53 +0100 Subject: ma gum.r: disable shiori --- makefu/1systems/gum/config.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index 1cd56994..39c0554e 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -159,7 +159,7 @@ in { # - + # # -- cgit v1.2.3 From 7c87ed750bb0c58a0870f6444e77fd7e46df8575 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 5 Dec 2021 14:37:43 +0100 Subject: nixpkgs: a640d83 -> a640d83 --- krebs/nixpkgs.json | 1 - 1 file changed, 1 deletion(-) diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index e219581a..126c0a32 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -4,7 +4,6 @@ "date": "2021-12-01T16:06:54+01:00", "path": "/nix/store/88zw2qrbzaq3bnnsmz9qc4lvkwg0168g-nixpkgs", "sha256": "1dyyzgcmlhpsdb4ngiy8m0x10qmh0r56ky75r8ppvvh730m3lhfj", - "fetchLFS": false, "fetchSubmodules": false, "deepClone": false, "leaveDotGit": false -- cgit v1.2.3 From 5816264a41b7b0eb759dcf8e8dd1ca8c032665c4 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 5 Dec 2021 14:38:46 +0100 Subject: ma krops: update home-manager --- makefu/krops.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/makefu/krops.nix b/makefu/krops.nix index fd53f004..1db4401a 100644 --- a/makefu/krops.nix +++ b/makefu/krops.nix @@ -77,7 +77,7 @@ (lib.mkIf ( host-src.home-manager ) { home-manager.git = { url = https://github.com/rycee/home-manager; - ref = "fd5fbb0a241f644908cdf01ccd1821d0606fb4fd"; + ref = "6ce1d64073f48b9bc9425218803b1b607454c1e7"; }; }) ]; -- cgit v1.2.3 From 1f2a7c7ad7f363f3c42e7235859ef3981be0d8f2 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 5 Dec 2021 15:00:39 +0100 Subject: ma binaergewitter: bump gecloudpad --- makefu/2configs/deployment/gecloudpad/gecloudpad.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/makefu/2configs/deployment/gecloudpad/gecloudpad.nix b/makefu/2configs/deployment/gecloudpad/gecloudpad.nix index 7d51dfa0..6f20ff57 100644 --- a/makefu/2configs/deployment/gecloudpad/gecloudpad.nix +++ b/makefu/2configs/deployment/gecloudpad/gecloudpad.nix @@ -11,8 +11,8 @@ with pkgs.python3Packages;buildPythonPackage rec { src = fetchFromGitHub { owner = "binaergewitter"; repo = "gecloudpad"; - rev = "master"; - sha256 = "0p9lcphp3r7hyypxadzw4x9ix6d0anmspxnjnj0v2jjll8gxqlhf"; + rev = "1399ede4e609f63fbf1c4560979a6b22b924e0c5"; + sha256 = "1w74j5ks7naalzrib87r0adq20ik5x3x5l520apagb7baszn17lb"; }; meta = { -- cgit v1.2.3 From 78930db930a3f222feb72d344ff4f9f581bcfad9 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 5 Dec 2021 15:07:39 +0100 Subject: ma pkgs.drozer: mark as broken --- makefu/2configs/tools/android-pentest.nix | 2 +- makefu/5pkgs/drozer/default.nix | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/makefu/2configs/tools/android-pentest.nix b/makefu/2configs/tools/android-pentest.nix index 766aacb9..1f622a8e 100644 --- a/makefu/2configs/tools/android-pentest.nix +++ b/makefu/2configs/tools/android-pentest.nix @@ -6,7 +6,7 @@ # mitmproxy nmap msf - drozer + #drozer #dex2jar apktool jd-gui diff --git a/makefu/5pkgs/drozer/default.nix b/makefu/5pkgs/drozer/default.nix index 1f353e47..22d720f3 100644 --- a/makefu/5pkgs/drozer/default.nix +++ b/makefu/5pkgs/drozer/default.nix @@ -30,5 +30,6 @@ pythonPackages.buildPythonApplication rec { homepage = https://github.com/mwrlabs/drozer/; description = "The Leading Security Assessment Framework for Android"; license = lib.licenses.bsd2; + broken = true; }; } -- cgit v1.2.3