From 32b2aff200edf3e73f6a2c9e3d6548e4985ecd9f Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 28 Dec 2018 14:49:44 +0100 Subject: tv gitrepos: with-ssh --- tv/2configs/gitrepos.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/tv/2configs/gitrepos.nix b/tv/2configs/gitrepos.nix index a89d1302..9409246e 100644 --- a/tv/2configs/gitrepos.nix +++ b/tv/2configs/gitrepos.nix @@ -71,6 +71,7 @@ let { stockholm = { cgit.desc = "NixOS configuration"; }; + with-ssh = {}; } // mapAttrs (_: recursiveUpdate { cgit.section = "2. Host configurations"; }) { ni = { }; -- cgit v1.2.3 From 9a5415b662e9aad91eb518bfb2aa3feffc5e7cd5 Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 29 Dec 2018 12:18:14 +0100 Subject: tv nixpkgs-overlays: RIP --- tv/1systems/xu/config.nix | 5 ----- tv/2configs/default.nix | 1 - tv/3modules/default.nix | 1 - tv/3modules/nixpkgs-overlays.nix | 23 ----------------------- 4 files changed, 30 deletions(-) delete mode 100644 tv/3modules/nixpkgs-overlays.nix diff --git a/tv/1systems/xu/config.nix b/tv/1systems/xu/config.nix index b9c76cf4..c47608aa 100644 --- a/tv/1systems/xu/config.nix +++ b/tv/1systems/xu/config.nix @@ -156,10 +156,5 @@ with import ; # The NixOS release to be compatible with for stateful data such as databases. system.stateVersion = "15.09"; - tv.nixpkgs-overlays = { - krebs = "/home/tv/stockholm/krebs/5pkgs"; - tv = "/home/tv/stockholm/tv/5pkgs"; - }; - virtualisation.virtualbox.host.enable = true; } diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix index 484a337b..e18ba31b 100644 --- a/tv/2configs/default.nix +++ b/tv/2configs/default.nix @@ -92,7 +92,6 @@ with import ; environment.variables = { NIX_PATH = mkForce (concatStringsSep ":" [ "secrets=/var/src/stockholm/null" - "nixpkgs-overlays=${config.tv.nixpkgs-overlays}" "/var/src" ]); }; diff --git a/tv/3modules/default.nix b/tv/3modules/default.nix index f53a58e9..67fb3f65 100644 --- a/tv/3modules/default.nix +++ b/tv/3modules/default.nix @@ -5,7 +5,6 @@ ./ejabberd ./hosts.nix ./iptables.nix - ./nixpkgs-overlays.nix ./slock.nix ./x0vncserver.nix ]; diff --git a/tv/3modules/nixpkgs-overlays.nix b/tv/3modules/nixpkgs-overlays.nix deleted file mode 100644 index 4eb7a86b..00000000 --- a/tv/3modules/nixpkgs-overlays.nix +++ /dev/null @@ -1,23 +0,0 @@ -with import ; -{ config, pkgs, ... }: { - - options.tv.nixpkgs-overlays = mkOption { - apply = src: - pkgs.runCommand "nixpkgs-overlays" {} '' - mkdir $out - ${concatStringsSep "\n" (mapAttrsToList (name: path: - "ln -s ${shell.escape path} $out/${shell.escape name}" - ) src)} - '' // { - inherit src; - }; - type = types.attrsOf types.absolute-pathname; - }; - - config = { - tv.nixpkgs-overlays = { - krebs = mkDefault "/var/src/stockholm/krebs/5pkgs"; - tv = mkDefault "/var/src/stockholm/tv/5pkgs"; - }; - }; -} -- cgit v1.2.3 From 4a3650b3e3091343cc30034ac88bda8516306ea9 Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 29 Dec 2018 12:58:45 +0100 Subject: tv ejabberd: move home to /var/lib --- tv/2configs/backup.nix | 4 ++-- tv/3modules/ejabberd/default.nix | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/tv/2configs/backup.nix b/tv/2configs/backup.nix index f8de72d0..b8dec8da 100644 --- a/tv/2configs/backup.nix +++ b/tv/2configs/backup.nix @@ -60,7 +60,7 @@ with import ; }; xu-pull-ni-ejabberd = { method = "pull"; - src = { host = config.krebs.hosts.ni; path = "/var/ejabberd"; }; + src = { host = config.krebs.hosts.ni; path = "/var/lib/ejabberd"; }; dst = { host = config.krebs.hosts.xu; path = "/bku/ni-ejabberd"; }; startAt = "07:00"; }; @@ -78,7 +78,7 @@ with import ; }; zu-pull-ni-ejabberd = { method = "pull"; - src = { host = config.krebs.hosts.ni; path = "/var/ejabberd"; }; + src = { host = config.krebs.hosts.ni; path = "/var/lib/ejabberd"; }; dst = { host = config.krebs.hosts.zu; path = "/bku/ni-ejabberd"; }; startAt = "06:00"; }; diff --git a/tv/3modules/ejabberd/default.nix b/tv/3modules/ejabberd/default.nix index e99b94ff..f16dfac8 100644 --- a/tv/3modules/ejabberd/default.nix +++ b/tv/3modules/ejabberd/default.nix @@ -67,7 +67,7 @@ in { type = types.user; default = { name = "ejabberd"; - home = "/var/ejabberd"; + home = "/var/lib/ejabberd"; }; }; }; -- cgit v1.2.3 From 45359e7db5ec7fe9e33624e15e362c2b9e6ef9d9 Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 29 Dec 2018 14:22:24 +0100 Subject: tv dhcpcd: set saner dbdir --- tv/5pkgs/default.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tv/5pkgs/default.nix b/tv/5pkgs/default.nix index c5c800b5..605d827e 100644 --- a/tv/5pkgs/default.nix +++ b/tv/5pkgs/default.nix @@ -24,6 +24,12 @@ foldl' mergeAttrs {} "$@" ''; + dhcpcd = overrideDerivation super.dhcpcd (old: { + configureFlags = old.configureFlags ++ [ + "--dbdir=/var/lib/dhcpcd" + ]; + }); + gitAndTools = super.gitAndTools // { inherit (self) diff-so-fancy; }; -- cgit v1.2.3 From 6e5a61b676eea8a066be7848e2a879f57f2c0c4a Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 5 Jan 2019 20:16:17 +0100 Subject: per-user module: enable only if configured --- krebs/3modules/per-user.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/3modules/per-user.nix b/krebs/3modules/per-user.nix index a7a07a8e..5beb859a 100644 --- a/krebs/3modules/per-user.nix +++ b/krebs/3modules/per-user.nix @@ -13,7 +13,7 @@ in { }); default = {}; }; - config = { + config = mkIf (cfg != {}) { environment = { etc = mapAttrs' -- cgit v1.2.3 From 7c84b32f2de5c759f18fe449597e0edba493ad9d Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 7 Jan 2019 11:23:25 +0100 Subject: tv slock service: support multiple displays --- tv/3modules/slock.nix | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/tv/3modules/slock.nix b/tv/3modules/slock.nix index 1c84b1e9..53f7f1f6 100644 --- a/tv/3modules/slock.nix +++ b/tv/3modules/slock.nix @@ -5,10 +5,12 @@ in { options.tv.slock = { enable = mkEnableOption "tv.slock"; package = mkOption { - default = pkgs.execBin "slock" rec { - filename = "${pkgs.systemd}/bin/systemctl"; - argv = [ filename "start" "slock-${cfg.user.name}.service" ]; - }; + default = pkgs.writeDashBin "slock" '' + set -efu + display=''${DISPLAY#:} + service=slock-$LOGNAME@$display.service + exec ${pkgs.systemd}/bin/systemctl start "$service" + ''; type = types.package; }; user = mkOption { @@ -18,16 +20,16 @@ in { config = mkIf cfg.enable { security.polkit.extraConfig = /* js */ '' polkit.addRule(function(action, subject) { - if (action.id == "org.freedesktop.systemd1.manage-units" && - action.lookup("unit") == "slock-${cfg.user.name}.service" && - subject.user == ${toJSON cfg.user.name}) { + if (action.id === "org.freedesktop.systemd1.manage-units" && + subject.user === ${toJSON cfg.user.name} && + /^slock-${cfg.user.name}@[0-9]+\.service$/.test(action.lookup("unit")) ) { return polkit.Result.YES; } }); ''; - systemd.services."slock-${cfg.user.name}" = { + systemd.services."slock-${cfg.user.name}@" = { environment = { - DISPLAY = ":${toString config.services.xserver.display}"; + DISPLAY = ":%I"; LD_PRELOAD = pkgs.runCommandCC "slock-${cfg.user.name}.so" { passAsFile = ["text"]; text = /* c */ '' -- cgit v1.2.3 From e0bbedff27bd3ca6d69b147f2f3dbc183de72243 Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 7 Jan 2019 15:29:48 +0100 Subject: tv xkiller: init --- tv/5pkgs/simple/xkiller.nix | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 tv/5pkgs/simple/xkiller.nix diff --git a/tv/5pkgs/simple/xkiller.nix b/tv/5pkgs/simple/xkiller.nix new file mode 100644 index 00000000..8d8f0169 --- /dev/null +++ b/tv/5pkgs/simple/xkiller.nix @@ -0,0 +1,25 @@ +{ pkgs }: +pkgs.writeDash "xkiller" '' + set -efu + exec >&2 + ${pkgs.iproute}/bin/ss -lp src unix:/tmp/.X11-unix/X* | + ${pkgs.gnused}/bin/sed -n ' + s|.*/tmp/.X11-unix/X\([0-9]\+\)\>.*("X[^"]*",pid=\([0-9]\+\)\>.*|\1 \2|p + ' | + while read -r display pid; do + { + exit_code=$( + DISPLAY=:$display ${pkgs.coreutils}/bin/timeout 1 \ + ${pkgs.xorg.xset}/bin/xset q >/dev/null 2>&1 && + echo 0 || echo $? + ) + if test $exit_code = 124; then + echo "X on display :$display is locked up; killing PID $pid..." + ${pkgs.coreutils}/bin/kill -SIGKILL "$pid" + else + echo "X on display :$display is healthy" + fi + } & + done + wait +'' -- cgit v1.2.3 From c4a8e1380df895e5c5a94fea4d042410b0e850fd Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 7 Jan 2019 15:31:55 +0100 Subject: tv xkiller service: init --- tv/2configs/xserver/xkiller.nix | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 tv/2configs/xserver/xkiller.nix diff --git a/tv/2configs/xserver/xkiller.nix b/tv/2configs/xserver/xkiller.nix new file mode 100644 index 00000000..2f976309 --- /dev/null +++ b/tv/2configs/xserver/xkiller.nix @@ -0,0 +1,14 @@ +{ pkgs, ... }: { + + services.acpid.enable = true; + services.acpid.handlers.xkiller = { + action = /* sh */ '' + event=($1) + if test "''${event[2]}" = 00000080; then + ${pkgs.systemd}/bin/systemd-cat -t xkiller ${pkgs.xkiller} + fi + ''; + event = "button/prog1"; + }; + +} -- cgit v1.2.3 From 3e46d0d057053ed0aa5b1f2d259ccee64beedcd8 Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 7 Jan 2019 15:32:43 +0100 Subject: tv xu: add xkiller service --- tv/1systems/xu/config.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/tv/1systems/xu/config.nix b/tv/1systems/xu/config.nix index c47608aa..33f9539c 100644 --- a/tv/1systems/xu/config.nix +++ b/tv/1systems/xu/config.nix @@ -20,6 +20,7 @@ with import ; + { environment.systemPackages = with pkgs; [ -- cgit v1.2.3 From 9475684bedcec695e196931a764b6e2e208349c4 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 8 Jan 2019 21:08:19 +0100 Subject: tv htop: header_margin=0 --- tv/2configs/htop.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tv/2configs/htop.nix b/tv/2configs/htop.nix index d7d2d7bf..e78caeb5 100644 --- a/tv/2configs/htop.nix +++ b/tv/2configs/htop.nix @@ -22,7 +22,7 @@ with import ; highlight_megabytes=1 highlight_threads=1 tree_view=1 - header_margin=1 + header_margin=0 detailed_cpu_time=0 cpu_count_from_zero=0 update_process_names=0 -- cgit v1.2.3 From 5e87f121a3b010705f255aa503ad428da05e7da7 Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 13 Jan 2019 18:38:23 +0100 Subject: =?UTF-8?q?tv=20xmodmap:=20add=20=CE=B4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- tv/2configs/xserver/Xmodmap.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/tv/2configs/xserver/Xmodmap.nix b/tv/2configs/xserver/Xmodmap.nix index d2b1b260..8e8e3dfd 100644 --- a/tv/2configs/xserver/Xmodmap.nix +++ b/tv/2configs/xserver/Xmodmap.nix @@ -17,6 +17,7 @@ pkgs.writeText "Xmodmap" '' keycode 39 = s S ssharp keycode 33 = p P Greek_pi Greek_PI + keycode 40 = d D Greek_delta Greek_DELTA keycode 46 = l L Greek_lambda Greek_LAMBDA keycode 54 = c C cacute Cacute -- cgit v1.2.3 From a4bb3ee1d3afbee5e8b4676d481382be3a60a750 Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 13 Jan 2019 23:42:14 +0100 Subject: tv gitrepos: add Reaktor --- tv/2configs/gitrepos.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/tv/2configs/gitrepos.nix b/tv/2configs/gitrepos.nix index 9409246e..3eab1ce6 100644 --- a/tv/2configs/gitrepos.nix +++ b/tv/2configs/gitrepos.nix @@ -103,6 +103,7 @@ let { nixos-infest = {}; painload = {}; push = {}; + Reaktor = {}; with-tmpdir = {}; get = {}; load-env = {}; -- cgit v1.2.3 From 1e37db3b790cd4c01efd37722f2cc2fc40966b4e Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 13 Jan 2019 23:42:22 +0100 Subject: tv gitrepos: add reaktor2 --- tv/2configs/gitrepos.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/tv/2configs/gitrepos.nix b/tv/2configs/gitrepos.nix index 3eab1ce6..725ddefa 100644 --- a/tv/2configs/gitrepos.nix +++ b/tv/2configs/gitrepos.nix @@ -67,6 +67,7 @@ let { cgit.desc = "source code installer"; }; q = {}; + reaktor2 = {}; regfish = {}; stockholm = { cgit.desc = "NixOS configuration"; -- cgit v1.2.3 From 2d2ab95f0707209c4c248d43cb57877a50a37991 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 16 Jan 2019 11:10:34 +0100 Subject: krebs tinc: Broadcast = no --- krebs/3modules/tinc.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/krebs/3modules/tinc.nix b/krebs/3modules/tinc.nix index ecd449b0..24eac715 100644 --- a/krebs/3modules/tinc.nix +++ b/krebs/3modules/tinc.nix @@ -27,6 +27,7 @@ let "tinc.conf" = pkgs.writeText "${netname}-tinc.conf" '' Name = ${tinc.config.host.name} Interface = ${netname} + Broadcast = no ${concatMapStrings (c: "ConnectTo = ${c}\n") tinc.config.connectTo} PrivateKeyFile = ${tinc.config.privkey.path} Port = ${toString tinc.config.host.nets.${netname}.tinc.port} -- cgit v1.2.3