diff options
author | makefu <github@syntax-fehler.de> | 2015-11-14 01:51:36 +0100 |
---|---|---|
committer | makefu <github@syntax-fehler.de> | 2015-11-14 01:51:36 +0100 |
commit | 773a67a983cbe1928da6c524db24a25229a6f5fe (patch) | |
tree | 2a00ed5a39f85b837578625cf49d193f4d308f14 | |
parent | a0fbe917ac45cda4de0f16bced3ce3ebfc556fe8 (diff) | |
parent | e7d22252dcad25fd5594e9a431f5a39aa620906d (diff) |
Merge remote-tracking branch 'cloudkrebs/master' into pre-merge
40 files changed, 1055 insertions, 336 deletions
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index b4e7f9254..6d62b2e38 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -13,6 +13,7 @@ let ./exim-smarthost.nix ./github-hosts-sync.nix ./git.nix + ./go.nix ./iptables.nix ./nginx.nix ./per-user.nix diff --git a/lass/3modules/go.nix b/krebs/3modules/go.nix index aa900f118..793d1f60d 100644 --- a/lass/3modules/go.nix +++ b/krebs/3modules/go.nix @@ -4,10 +4,10 @@ with builtins; with lib; let - cfg = config.lass.go; + cfg = config.krebs.go; out = { - options.lass.go = api; + options.krebs.go = api; config = mkIf cfg.enable imp; }; @@ -26,6 +26,11 @@ let }; imp = { + services.redis = { + enable = mkDefault true; + bind = mkDefault "127.0.0.1"; + }; + users.extraUsers.go = { name = "go"; uid = 42774411; #genid go diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 2ad4353bd..c99263fe8 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -2,35 +2,7 @@ with lib; -let - testHosts = lib.genAttrs [ - "test-arch" - "test-centos6" - "test-centos7" - ] (name: { - inherit name; - cores = 1; - nets = { - retiolum = { - addrs4 = ["10.243.111.111"]; - addrs6 = ["42:0:0:0:0:0:0:7357"]; - aliases = [ - "test.retiolum" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAy41YKF/wpHLnN370MSdnAo63QUW30aw+6O79cnaJyxoL6ZQkk4Nd - mrX2tBIfb2hhhgm4Jecy33WVymoEL7EiRZ6gshJaYwte51Jnrac6IFQyiRGMqHY5 - TG/6IzzTOkeQrT1fw3Yfh0NRfqLBZLr0nAFoqgzIVRxvy+QO1gCU2UDKkQ/y5df1 - K+YsMipxU08dsOkPkmLdC/+vDaZiEdYljIS3Omd+ED5JmLM3MSs/ZPQ8xjkjEAy8 - QqD9/67bDoeXyg1ZxED2n0+aRKtU/CK/66Li//yev6yv38OQSEM4t/V0dr9sjLcY - VIdkxKf96F9r3vcDf/9xw2HrqVoy+D5XYQIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - }); -in { +{ hosts = addNames { echelon = { cores = 2; @@ -241,7 +213,7 @@ in { }; }; - } // testHosts; + }; users = addNames { lass = { pubkey = readFile ../../Zpubkeys/lass.ssh.pub; diff --git a/krebs/3modules/shared/default.nix b/krebs/3modules/shared/default.nix index 24dd7b782..13aae886b 100644 --- a/krebs/3modules/shared/default.nix +++ b/krebs/3modules/shared/default.nix @@ -2,7 +2,35 @@ with lib; -{ +let + testHosts = lib.genAttrs [ + "test-arch" + "test-centos6" + "test-centos7" + ] (name: { + inherit name; + cores = 1; + nets = { + retiolum = { + addrs4 = ["10.243.111.111"]; + addrs6 = ["42:0:0:0:0:0:0:7357"]; + aliases = [ + "test.retiolum" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAy41YKF/wpHLnN370MSdnAo63QUW30aw+6O79cnaJyxoL6ZQkk4Nd + mrX2tBIfb2hhhgm4Jecy33WVymoEL7EiRZ6gshJaYwte51Jnrac6IFQyiRGMqHY5 + TG/6IzzTOkeQrT1fw3Yfh0NRfqLBZLr0nAFoqgzIVRxvy+QO1gCU2UDKkQ/y5df1 + K+YsMipxU08dsOkPkmLdC/+vDaZiEdYljIS3Omd+ED5JmLM3MSs/ZPQ8xjkjEAy8 + QqD9/67bDoeXyg1ZxED2n0+aRKtU/CK/66Li//yev6yv38OQSEM4t/V0dr9sjLcY + VIdkxKf96F9r3vcDf/9xw2HrqVoy+D5XYQIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }); +in { hosts = addNames { wolf = { #dc = "shack"; @@ -32,7 +60,7 @@ with lib; ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKYMXMWZIK0jjnZDM9INiYAKcwjXs2241vew54K8veCR"; }; - }; + } // testHosts; users = addNames { shared = { mail = "spam@krebsco.de"; diff --git a/lass/5pkgs/go/default.nix b/krebs/5pkgs/go/default.nix index 9dd166adc..9dd166adc 100644 --- a/lass/5pkgs/go/default.nix +++ b/krebs/5pkgs/go/default.nix diff --git a/lass/5pkgs/go/packages.nix b/krebs/5pkgs/go/packages.nix index 9acfd7658..9acfd7658 100644 --- a/lass/5pkgs/go/packages.nix +++ b/krebs/5pkgs/go/packages.nix diff --git a/lass/1systems/echelon.nix b/lass/1systems/echelon.nix index dc0ca0274..39af4a96f 100644 --- a/lass/1systems/echelon.nix +++ b/lass/1systems/echelon.nix @@ -13,7 +13,7 @@ in { ../2configs/realwallpaper-server.nix ../2configs/privoxy-retiolum.nix ../2configs/git.nix - ../2configs/redis.nix + #../2configs/redis.nix ../2configs/go.nix ../2configs/ircd.nix ../2configs/newsbot-js.nix diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index 7db3f8333..7b91fa6be 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -18,10 +18,37 @@ ../2configs/chromium-patched.nix ../2configs/git.nix ../2configs/retiolum.nix - ../2configs/wordpress.nix + #../2configs/wordpress.nix ../2configs/bitlbee.nix ../2configs/firefoxPatched.nix ../2configs/skype.nix + { + #risk of rain port + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p tcp --dport 11100"; target = "ACCEPT"; } + ]; + } + { + #wordpress-test + #imports = singleton (sitesGenerators.createWordpress "testserver.de"); + imports = [ + ../3modules/wordpress_nginx.nix + ]; + lass.wordpress."testserver.de" = { + }; + + services.mysql = { + enable = true; + package = pkgs.mariadb; + rootPassword = "<secrets>/mysql_rootPassword"; + }; + networking.extraHosts = '' + 10.243.0.2 testserver.de + ''; + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; precedence = 9998; } + ]; + } ]; krebs.build.host = config.krebs.hosts.mors; diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index 87334c3c2..599f4704e 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -10,6 +10,8 @@ in { ../2configs/downloading.nix ../2configs/git.nix ../2configs/ts3.nix + ../2configs/bitlbee.nix + ../2configs/weechat.nix { users.extraGroups = { # ● systemd-tmpfiles-setup.service - Create Volatile Files and Directories @@ -87,6 +89,33 @@ in { { nixpkgs.config.allowUnfree = true; } + { + #stuff for juhulian + users.extraUsers.juhulian = { + name = "juhulian"; + uid = 1339; + home = "/home/juhulian"; + group = "users"; + createHome = true; + useDefaultShell = true; + extraGroups = [ + ]; + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBQhLGvfv4hyQ/nqJGy1YgHXPSVl6igeWTroJSvAhUFgoh+rG+zvqY0EahKXNb3sq0/OYDCTJVuucc0hgCg7T2KqTqMtTb9EEkRmCFbD7F7DWZojCrh/an6sHneqT5eFvzAPZ8E5hup7oVQnj5P5M3I9keRHBWt1rq6q0IcOEhsFvne4qJc73aLASTJkxzlo5U8ju3JQOl6474ECuSn0lb1fTrQ/SR1NgF7jV11eBldkS8SHEB+2GXjn4Yrn+QUKOnDp+B85vZmVlJSI+7XR1/U/xIbtAjGTEmNwB6cTbBv9NCG9jloDDOZG4ZvzzHYrlBXjaigtQh2/4mrHoKa5eV juhulian@juhulian" + ]; + }; + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p udp --dport 60000:61000"; target = "ACCEPT";} + ]; + } + { + environment.systemPackages = [ + pkgs.perlPackages.Plack + ]; + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p tcp --dport 8080"; target = "ACCEPT";} + ]; + } ]; krebs.build.host = config.krebs.hosts.prism; diff --git a/lass/2configs/base.nix b/lass/2configs/base.nix index 11bc4f089..61023057b 100644 --- a/lass/2configs/base.nix +++ b/lass/2configs/base.nix @@ -48,7 +48,7 @@ with lib; source = { git.nixpkgs = { url = https://github.com/Lassulus/nixpkgs; - rev = "6d31e9b81dcd4ab927bb3dc91b612dd5abfa2f80"; + rev = "8d1ce129361312334bf914ce0d27e463cb0bb21b"; }; dir.secrets = { host = config.krebs.hosts.mors; @@ -92,6 +92,10 @@ with lib; most rxvt_unicode.terminfo + #monitoring tools + htop + iotop + #network iptables diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 3be3676aa..4e46c18d2 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -5,7 +5,8 @@ let in { imports = [ ./base.nix - ./urxvt.nix + #./urxvt.nix + ./xserver ]; users.extraUsers.mainUser.extraGroups = [ "audio" ]; @@ -34,38 +35,39 @@ in { sxiv much push + zathura #window manager stuff - haskellPackages.xmobar - haskellPackages.yeganesh - dmenu2 - xlibs.fontschumachermisc + #haskellPackages.xmobar + #haskellPackages.yeganesh + #dmenu2 + #xlibs.fontschumachermisc ]; - fonts.fonts = [ - pkgs.xlibs.fontschumachermisc - ]; - - services.xserver = { - enable = true; - - windowManager.xmonad.extraPackages = hspkgs: with hspkgs; [ - X11-xshape - ]; - windowManager.xmonad.enable = true; - windowManager.xmonad.enableContribAndExtras = true; - windowManager.default = "xmonad"; - desktopManager.default = "none"; - desktopManager.xterm.enable = false; - displayManager.slim.enable = true; - displayManager.auto.enable = true; - displayManager.auto.user = mainUser.name; - - layout = "us"; - xkbModel = "evdev"; - xkbVariant = "altgr-intl"; - xkbOptions = "caps:backspace"; - }; + #fonts.fonts = [ + # pkgs.xlibs.fontschumachermisc + #]; + + #services.xserver = { + # enable = true; + + # windowManager.xmonad.extraPackages = hspkgs: with hspkgs; [ + # X11-xshape + # ]; + # windowManager.xmonad.enable = true; + # windowManager.xmonad.enableContribAndExtras = true; + # windowManager.default = "xmonad"; + # desktopManager.default = "none"; + # desktopManager.xterm.enable = false; + # displayManager.slim.enable = true; + # displayManager.auto.enable = true; + # displayManager.auto.user = mainUser.name; + + # layout = "us"; + # xkbModel = "evdev"; + # xkbVariant = "altgr-intl"; + # xkbOptions = "caps:backspace"; + #}; services.logind.extraConfig = '' HandleLidSwitch=ignore diff --git a/lass/2configs/bitlbee.nix b/lass/2configs/bitlbee.nix index fa14c7fea..b23628dc5 100644 --- a/lass/2configs/bitlbee.nix +++ b/lass/2configs/bitlbee.nix @@ -1,16 +1,12 @@ { config, pkgs, ... }: -let - lpkgs = import ../5pkgs { inherit pkgs; }; -in { - - imports = [ - ../3modules/bitlbee.nix - ]; - - lass.bitlbee = { +{ + services.bitlbee = { enable = true; - bitlbeePkg = lpkgs.bitlbee; portNumber = 6666; + plugins = [ + pkgs.bitlbee-facebook + pkgs.bitlbee-steam + ]; }; } diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix index 5a1857973..849778a7a 100644 --- a/lass/2configs/browsers.nix +++ b/lass/2configs/browsers.nix @@ -1,7 +1,15 @@ { config, lib, pkgs, ... }: let - inherit (import ../4lib { inherit pkgs lib; }) simpleScript; + simpleScript = name: content: + pkgs.stdenv.mkDerivation { + inherit name; + phases = [ "installPhase" ]; + installPhase = '' + mkdir -p $out/bin + ln -s ${pkgs.writeScript name content} $out/bin/${name} + ''; + }; mainUser = config.users.extraUsers.mainUser; createChromiumUser = name: extraGroups: packages: diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index 7e8fc03c7..16ecaefec 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with import ../../tv/4lib { inherit lib pkgs; }; +with lib; let @@ -43,19 +43,19 @@ let collaborators = with config.krebs.users; [ tv makefu ]; }; } // - import /root/src/secrets/repos.nix { inherit config lib pkgs; } + import <secrets/repos.nix> { inherit config lib pkgs; } ); make-public-repo = name: { desc ? null, ... }: { inherit name desc; public = true; hooks = { - post-receive = git.irc-announce { + post-receive = pkgs.git-hooks.irc-announce { # TODO make nick = config.krebs.build.host.name the default nick = config.krebs.build.host.name; channel = "#retiolum"; server = "cd.retiolum"; - verbose = config.krebs.build.host.name == "echelon"; + verbose = config.krebs.build.host.name == "prism"; }; }; }; diff --git a/lass/2configs/go.nix b/lass/2configs/go.nix index 81a02ec7c..f4c2ac289 100644 --- a/lass/2configs/go.nix +++ b/lass/2configs/go.nix @@ -2,13 +2,10 @@ with lib; { - imports = [ - ../3modules/go.nix - ]; environment.systemPackages = [ pkgs.go ]; - lass.go = { + krebs.go = { enable = true; }; krebs.nginx = { diff --git a/lass/2configs/mc.nix b/lass/2configs/mc.nix index 87880ed00..b7d5a4ceb 100644 --- a/lass/2configs/mc.nix +++ b/lass/2configs/mc.nix @@ -159,37 +159,25 @@ let ### Images ### - type/^GIF + shell/i/.gif Include=image - type/^JPEG + regex/i/\.jpe?g$ Include=image - type/^PC\ bitmap + shell/i/.bmp Include=image - type/^PNG + shell/i/.png Include=image - type/^JNG + shell/i/.jng Include=image - type/^MNG + shell/i/.mng Include=image - type/^TIFF - Include=image - - type/^PBM - Include=image - - type/^PGM - Include=image - - type/^PPM - Include=image - - type/^Netpbm + shell/i/.tiff Include=image shell/.ico @@ -283,7 +271,7 @@ let ### Documents ### # PDF - type/^PDF + shell/i/.pdf Open=zathura %f View=zathura %f diff --git a/lass/2configs/skype.nix b/lass/2configs/skype.nix index 7e4618a7b..6a226441b 100644 --- a/lass/2configs/skype.nix +++ b/lass/2configs/skype.nix @@ -4,10 +4,6 @@ let mainUser = config.users.extraUsers.mainUser; in { - imports = [ - ../3modules/per-user.nix - ]; - users.extraUsers = { skype = { name = "skype"; @@ -20,7 +16,7 @@ in { }; }; - lass.per-user.skype.packages = [ + krebs.per-user.skype.packages = [ pkgs.skype ]; diff --git a/lass/2configs/weechat.nix b/lass/2configs/weechat.nix index cfcc1a2f6..18007ed61 100644 --- a/lass/2configs/weechat.nix +++ b/lass/2configs/weechat.nix @@ -1,22 +1,37 @@ { config, lib, pkgs, ... }: -with lib; { - imports = [ - ../3modules/per-user.nix - ]; - - lass.per-user.chat.packages = [ + krebs.per-user.chat.packages = [ pkgs.weechat pkgs.tmux ]; users.extraUsers.chat = { home = "/home/chat"; + uid = 986764891; # genid chat useDefaultShell = true; createHome = true; - openssh.authorizedKeys.keys = map readFile [ - ../../krebs/Zpubkeys/lass.ssh.pub + openssh.authorizedKeys.keys = [ + config.krebs.users.lass.pubkey ]; }; + + #systemd.services.chat = { + # description = "chat environment setup"; + # after = [ "network.target" ]; + # wantedBy = [ "multi-user.target" ]; + + # path = with pkgs; [ + # weechat + # tmux + # ]; + + # restartIfChanged = true; + + # serviceConfig = { + # User = "chat"; + # Restart = "always"; + # ExecStart = "${pkgs.tmux}/bin/tmux new -s IM weechat"; + # }; + #}; } diff --git a/lass/2configs/xserver/Xresources.nix b/lass/2configs/xserver/Xresources.nix new file mode 100644 index 000000000..d52418897 --- /dev/null +++ b/lass/2configs/xserver/Xresources.nix @@ -0,0 +1,27 @@ +{ config, lib, pkgs, ... }: + +with lib; + +pkgs.writeText "Xresources" '' + URxvt*scrollBar: false + URxvt*urgentOnBell: true + URxvt*font: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-* + URxvt*boldFont: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-* + + ! ref https://github.com/muennich/urxvt-perls + URxvt.perl-lib: ${pkgs.urxvt_perls}/lib/urxvt/perl + URxvt.perl-ext-common: default,clipboard,url-select,keyboard-select + URxvt.url-select.launcher: browser-select + URxvt.url-select.underline: true + URxvt.keysym.M-u: perl:url-select:select_next + URxvt.keysym.M-Escape: perl:keyboard-select:activate + URxvt.keysym.M-s: perl:keyboard-select:search + + URxvt.intensityStyles: false + + URxvt*background: #000000 + URxvt*foreground: #ffffff + + !change unreadable blue + URxvt*color4: #268bd2 +'' diff --git a/lass/2configs/xserver/default.nix b/lass/2configs/xserver/default.nix new file mode 100644 index 000000000..ceccf5fee --- /dev/null +++ b/lass/2configs/xserver/default.nix @@ -0,0 +1,161 @@ +{ config, lib, pkgs, ... }@args: + +with lib; + +let + # TODO krebs.build.user + user = config.users.users.mainUser; + + out = { + + services.xserver = { + display = 11; + tty = 11; + + synaptics = { + enable = true; + twoFingerScroll = true; + accelFactor = "0.035"; + }; + + #keyboard stuff + layout = "us"; + xkbVariant = "altgr-intl"; + xkbOptions = "caps:backspace"; + }; + + fonts.fonts = [ + pkgs.xlibs.fontschumachermisc + ]; + + systemd.services.urxvtd = { + wantedBy = [ "multi-user.target" ]; + reloadIfChanged = true; + serviceConfig = { + ExecReload = need-reload "urxvtd.service"; + ExecStart = "${pkgs.rxvt_unicode}/bin/urxvtd"; + Restart = "always"; + RestartSec = "2s"; + StartLimitBurst = 0; + User = user.name; + }; + }; + + environment.systemPackages = [ + pkgs.gitAndTools.qgit + pkgs.mpv + pkgs.pavucontrol + pkgs.slock + pkgs.sxiv + pkgs.xsel + pkgs.zathura + ]; + + security.setuidPrograms = [ + "slock" + ]; + + systemd.services.display-manager = mkForce {}; + + services.xserver.enable = true; + + systemd.services.xmonad = { + wantedBy = [ "multi-user.target" ]; + requires = [ "xserver.service" ]; + environment = xmonad-environment; + serviceConfig = { + ExecStart = "${xmonad-start}/bin/xmonad"; + ExecStop = "${xmonad-stop}/bin/xmonad-stop"; + User = user.name; + WorkingDirectory = user.home; + }; + }; + + systemd.services.xserver = { + after = [ + "systemd-udev-settle.service" + "local-fs.target" + "acpid.service" + ]; + reloadIfChanged = true; + environment = xserver-environment; + serviceConfig = { + ExecReload = need-reload "xserver.service"; + ExecStart = "${xserver}/bin/xserver"; + }; + }; + }; + + xmonad-environment = { + DISPLAY = ":${toString config.services.xserver.display}"; + XMONAD_STATE = "/tmp/xmonad.state"; + + # XXX JSON is close enough :) + XMONAD_WORKSPACES0_FILE = pkgs.writeText "xmonad.workspaces0" (toJSON [ + "cr" + "gm" + "ff" + "IM" + "mail" + "stockholm" + ]); + }; + + xmonad-start = pkgs.writeScriptBin "xmonad" '' + #! ${pkgs.bash}/bin/bash + set -efu + export PATH; PATH=${makeSearchPath "bin" ([ + pkgs.rxvt_unicode + pkgs.i3lock + pkgs.haskellPackages.yeganesh + pkgs.haskellPackages.xmobar + pkgs.dmenu + ] ++ config.environment.systemPackages)}:/var/setuid-wrappers + settle() {( + # Use PATH for a clean journal + command=''${1##*/} + PATH=''${1%/*}; export PATH + shift + until "$command" "$@"; do + ${pkgs.coreutils}/bin/sleep 1 + done + )&} + settle ${pkgs.xorg.xhost}/bin/xhost +LOCAL: + settle ${pkgs.xorg.xrdb}/bin/xrdb -merge ${import ./Xresources.nix args} + settle ${pkgs.xorg.xsetroot}/bin/xsetroot -solid '#1c1c1c' + exec ${pkgs.xmonad-lass}/bin/xmonad + ''; + + xmonad-stop = pkgs.writeScriptBin "xmonad-stop" '' + #! /bin/sh + exec ${pkgs.xmonad-lass}/bin/xmonad --shutdown + ''; + + xserver-environment = { + XKB_BINDIR = "${pkgs.xorg.xkbcomp}/bin"; # Needed for the Xkb extension. + XORG_DRI_DRIVER_PATH = "/run/opengl-driver/lib/dri"; # !!! Depends on the driver selected at runtime. + LD_LIBRARY_PATH = concatStringsSep ":" ( + [ "${pkgs.xorg.libX11}/lib" "${pkgs.xorg.libXext}/lib" ] + ++ concatLists (catAttrs "libPath" config.services.xserver.drivers)); + }; + + xserver = pkgs.writeScriptBin "xserver" '' + #! /bin/sh + set -efu + exec ${pkgs.xorg.xorgserver}/bin/X \ + :${toString config.services.xserver.display} \ + vt${toString config.services.xserver.tty} \ + -config ${import ./xserver.conf.nix args} \ + -logfile /var/log/X.${toString config.services.xserver.display}.log \ + -nolisten tcp \ + -xkbdir ${p |