diff options
author | tv <tv@krebsco.de> | 2023-07-25 20:39:35 +0200 |
---|---|---|
committer | tv <tv@krebsco.de> | 2023-07-25 20:39:35 +0200 |
commit | 5d1b0675cf179f863a5b34b67661a953197b6057 (patch) | |
tree | dd9c83dff894fd97cee61dd1b2df3eaeecbbd740 | |
parent | a2c9ad05b2e8237b915a100e1e38ca0f3d18526c (diff) | |
parent | 8eab63eaa81717391269a61355cb7fb64341fd1a (diff) |
Merge remote-tracking branch 'orange/master'
67 files changed, 1329 insertions, 472 deletions
@@ -36,6 +36,7 @@ hosts = self.nixosConfigurations.hotdog.config.krebs.hosts; users = self.nixosConfigurations.hotdog.config.krebs.users; }; + overlays.default = import ./krebs/5pkgs/default.nix; lib = import (self.outPath + "/lib/pure.nix") { lib = nixpkgs.lib; }; }; } diff --git a/kartei/lass/mors.nix b/kartei/lass/mors.nix index c483fe5a3..f3a4b2447 100644 --- a/kartei/lass/mors.nix +++ b/kartei/lass/mors.nix @@ -1,5 +1,6 @@ { r6, w6, ... }: { + consul = false; nets = { retiolum = { ip4.addr = "10.243.0.2"; diff --git a/kartei/lass/neoprism.nix b/kartei/lass/neoprism.nix index 9538c3003..a122fa207 100644 --- a/kartei/lass/neoprism.nix +++ b/kartei/lass/neoprism.nix @@ -20,6 +20,7 @@ ip6.addr = r6 "99"; aliases = [ "neoprism.r" + "cache.neoprism.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- diff --git a/kartei/lass/prism.nix b/kartei/lass/prism.nix index ac7974731..ecb56264f 100644 --- a/kartei/lass/prism.nix +++ b/kartei/lass/prism.nix @@ -14,31 +14,31 @@ rec { @ IN SOA dns16.ovh.net. tech.ovh.net. (2017093001 86400 3600 3600000 300) 60 IN NS ns16.ovh.net. 60 IN NS dns16.ovh.net. - 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} - 60 IN AAAA ${config.krebs.hosts.prism.nets.internet.ip6.addr} + 60 IN A ${nets.internet.ip4.addr} + 60 IN AAAA ${nets.internet.ip4.addr} IN MX 5 mail.lassul.us. 60 IN TXT "v=spf1 mx -all" 60 IN TXT ( "v=DKIM1; k=rsa; t=s; s=*; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUv3DMndFellqu208feABEzT/PskOfTSdJCOF/HELBR0PHnbBeRoeHEm9XAcOe/Mz2t/ysgZ6JFXeFxCtoM5fG20brUMRzsVRxb9Ur5cEvOYuuRrbChYcKa+fopu8pYrlrqXD3miHISoy6ErukIYCRpXWUJHi1TlNQhLWFYqAaywIDAQAB" ) default._domainkey 60 IN TXT "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUv3DMndFellqu208feABEzT/PskOfTSdJCOF/HELBR0PHnbBeRoeHEm9XAcOe/Mz2t/ysgZ6JFXeFxCtoM5fG20brUMRzsVRxb9Ur5cEvOYuuRrbChYcKa+fopu8pYrlrqXD3miHISoy6ErukIYCRpXWUJHi1TlNQhLWFYqAaywIDAQAB" - cache 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} - cgit 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} - pad 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} - codi 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} - go 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} + cache 60 IN A ${nets.internet.ip4.addr} + cgit 60 IN A ${nets.internet.ip4.addr} + pad 60 IN A ${nets.internet.ip4.addr} + codi 60 IN A ${nets.internet.ip4.addr} + go 60 IN A ${nets.internet.ip4.addr} io 60 IN NS ions.lassul.us. - ions 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} - lol 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} - matrix 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} - paste 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} - radio 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} - jitsi 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} - streaming 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} - mumble 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} - mail 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} - mail 60 IN AAAA ${config.krebs.hosts.prism.nets.internet.ip6.addr} - flix 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} - testing 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} - schrott 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} + ions 60 IN A ${nets.internet.ip4.addr} + lol 60 IN A ${nets.internet.ip4.addr} + matrix 60 IN A ${nets.internet.ip4.addr} + paste 60 IN A ${nets.internet.ip4.addr} + radio 60 IN A ${nets.internet.ip4.addr} + jitsi 60 IN A ${nets.internet.ip4.addr} + streaming 60 IN A ${nets.internet.ip4.addr} + mumble 60 IN A ${nets.internet.ip4.addr} + mail 60 IN A ${nets.internet.ip4.addr} + mail 60 IN AAAA ${nets.internet.ip6.addr} + flix 60 IN A ${nets.internet.ip4.addr} + testing 60 IN A ${nets.internet.ip4.addr} + schrott 60 IN A ${nets.internet.ip4.addr} ''; }; nets = rec { diff --git a/kartei/mic92/default.nix b/kartei/mic92/default.nix index 5b9d41413..720b362fd 100644 --- a/kartei/mic92/default.nix +++ b/kartei/mic92/default.nix @@ -476,15 +476,21 @@ in { aliases = [ "ryan.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA0RE5jmBiEGmaYLVFmpCyVvlb6K3Zh2uxh7sVm44k31d9PEHHm4Wz - HQH+ueaefGVu19xLRJQGu4ZMl7oRbb5awiqKdSGgInhQaNzxUIHW4cCCdOVkgZSy - NjI9LMcc8tQtkoFGt6OhAzaViuGMo+aJAkLuXNf8hz5uR2flqQEeKfG5Kc7Z1DAQ - QNoBRtY0pltyK2y/Ip8cZ9cdxR5oLww67ykhY+eLy9tZLfKs6uWSq+2CV0cpNNQ9 - Sh8fSbkjb4+JkxWAHDOyAnwFxnxstMcW0cscOW7nXYDi5IpvvesJlk698un7bLhm - vCkAd+WiNuTGfs9t0r6FDDVDREBhNk1sLwIDAQAB + MIICCgKCAgEApu7U9HP1Uo+kTDI+KTCs+YFLcSYct1qPuMkntKonYgdiW9Z4Ud99 + tU0VmJWdDnKaRxIcjC2Bmy342G3QN+UgdnTxyEWggWRKHUDjWMXBuj5n+uBgzTyM + XDwuQR7RZmStBG6vDRIQWL07/b0u/wzyrhXDERx7o2msOLfnaU271aVrDM/Y67fL + PMfKBtfckv7+W5e7KspJRIyhj7mqXMsSHaroqgoikK+Xyv44OxlklV7VnmACaNLf + Yg0AiSjIrMtkTQ85m9t6q147lWBKlAK7yqEHUPyVNGMf/Mh6M1Xg1t0oc9hcb7/F + VAPNbwFiwm0rR8ugjW5Gn5i/uZDeDDSQcc8m1tsB+86peuS16sfOXZewXH9bYDFo + 9n28+vFjyF5FRI1J6fAjneFm5PyoLvowgwvVECEDRgUF2+ySwfWawF+LPDpRZiZ4 + NfHN2qT81QWa1UfWdaudCYbwMK5iQskCUtRw20ABsR0Kg6oHGG/uiLZ4pYReeM/n + agefDCe9PN5bkjonwOxN2klV8QgYQeznm1gdsFjMdvJUcba2kZICpRy8Wx9Sc0ai + oO8HKLqRoO5sV4Nv1FcY6EFq05AR1PPt6LoE0AY5REwVuNZSyiBp8lzzDj2E3JYf + obeZ8RtCYmNkXL3I+wfm/73SrIrX/ombqeaWGJB/rX2DEwco0IFau4ECAwEAAQ== -----END RSA PUBLIC KEY----- ''; - tinc.pubkey_ed25519 = "sOD149OLZ2yUEjRpwbGdwHULKF2qNY3F+9AsEi1G0ZM"; + + tinc.pubkey_ed25519 = "/KoqKeQsdRWnhva7/YTX65mUxuyKaFNjA8LlxmAUQXP"; }; }; }; diff --git a/kartei/samularity/default.nix b/kartei/samularity/default.nix new file mode 100644 index 000000000..93748cd87 --- /dev/null +++ b/kartei/samularity/default.nix @@ -0,0 +1,31 @@ +{ config, lib, ... }: let + slib = import ../../lib/pure.nix { inherit lib; }; +in { + users.samularity = { + mail = "samularity@murks.r"; + }; + hosts.murks = { + owner = config.krebs.users.samularity; + nets.retiolum = { + aliases = [ "murks.r" ]; + ip6.addr = (slib.krebs.genipv6 "retiolum" "samularity" { hostName = "murks"; }).address; + ip4.addr = "10.243.0.42"; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAsooKgG5zkt4lPY7ROxnwuGuDTfN9YZPsKHnENjmzvMkfdwdM3aGW + 2fkZfn8Q8pQ0eJaTJ8/Lavk1LKOB5pgkuloyOtPfpmJY++LAn37rNxnQvUWP3kS4 + JJ78whRJqczO4b3TEh2Dm/DsvH3E/Gpwq5TXiRzbjQ9hspZlPptRkda0UveAh1fn + wFVBtUEOmQZ3cpGCAdo2sMcBoZwJXSQAm4z2P+eTXXo2IIjWgS8zQu5nvX/y4RG8 + D+HSe/X58yVRww4ABU4g7cNzzqLVKFEAuznlmpiZZ6EMGZ7xbZQlDmJuAIHIXrn+ + JVc1Yo/WmFYbN/6CmIUHE80/434Zg1dK87honUXizeDO2cyIb1vEG432Eqd3TsG7 + 3YjJOHqaiNqBd60tFrT87mjbuCiD6jKlA5AQtzSSdDhq8G0i0Il8Do6SnpY2ACx2 + CvF6s3sWXP3YtY/AupB+okPoqvC+96Oxs2KJwQSatQlDr0aarror19NKC6b/Y4qo + C0tcDa7VZiOB+rM6iIjRiM3QEyWEBia3nj2n5T98DgPooqmSF2p4NKYcaBMSv3f5 + aD2oZzdBqZnPAbi2CNoNN9pdVOB0Ckt9DaiMaiROEeAvxL3xxwaWhMPBFbSvGhca + ciMdqaPlgqKu7WGtmU4a0U3JXhWTjin1mroD3kduykgek4fAmvcP540CAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "4ZAQxhHBUT9KSof2tjadgMHD5kxND0AtXgjdTzs/F+L"; + }; + }; +} diff --git a/krebs/2configs/ircd.nix b/krebs/2configs/ircd.nix index c56883d3e..b82aba45a 100644 --- a/krebs/2configs/ircd.nix +++ b/krebs/2configs/ircd.nix @@ -38,7 +38,6 @@ hidden = false; password = "$2a$04$0AtVycWQJ07ymrDdKyAm2un3UVSVIzpzL3wsWbWb3PF95d1CZMcMO"; }; - server.max-line-length = 1024; server.lookup-hostnames = true; }; }; diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix index 231c3d46c..61b44fc27 100644 --- a/krebs/2configs/reaktor2.nix +++ b/krebs/2configs/reaktor2.nix @@ -253,6 +253,24 @@ let }; }; + vicuna = { + pattern = "^!vicuna (.*)$"; + activate = "match"; + arguments = [1]; + timeoutSec = 1337; + command = { + filename = pkgs.writeDash "vicuna" '' + set -efu + + mkdir -p ${stateDir}/vicuna + export CONTEXT=${stateDir}/vicuna/"$_msgtarget".context + ${pkgs.vicuna-chat}/bin/vicuna-chat "$@" | + echo "$_from: $(cat)" | + fold -s -w 426 + ''; + }; + }; + locationsLib = pkgs.writeText "locations.sh" '' ENDPOINT=http://c.r/poi.json get_locations() { @@ -413,6 +431,7 @@ let hooks.sed interrogate say + vicuna (generators.command_hook { inherit (commands) dance random-emoji nixos-version; tell = { @@ -607,6 +626,7 @@ in { channels = [ "#noise" "#xxx" + "#fin" ]; }; } diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 28ce09941..5d12ea7af 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -1,7 +1,6 @@ { config, lib, ... }: { imports = [ - ../../kartei ./acl.nix ./airdcpp.nix ./announce-activation.nix @@ -28,9 +27,10 @@ ./iana-etc.nix ./iptables.nix ./kapacitor.nix + ./kartei.nix ./konsens.nix - ./krebs.nix ./krebs-pages.nix + ./krebs.nix ./monit.nix ./nixpkgs.nix ./on-failure.nix @@ -45,8 +45,8 @@ ./secret.nix ./setuid.nix ./shadow.nix - ./ssh.nix ./sitemap.nix + ./ssh.nix ./ssl.nix ./sync-containers.nix ./sync-containers3.nix diff --git a/krebs/3modules/exim-smarthost.nix b/krebs/3modules/exim-smarthost.nix index 7b3dace6a..093ae2030 100644 --- a/krebs/3modules/exim-smarthost.nix +++ b/krebs/3modules/exim-smarthost.nix @@ -40,7 +40,7 @@ let }; extraRouters = mkOption { - type = types.nullOr types.str; + type = types.nullOr types.lines; default = null; }; diff --git a/krebs/3modules/kartei.nix b/krebs/3modules/kartei.nix new file mode 100644 index 000000000..3dcb65ff6 --- /dev/null +++ b/krebs/3modules/kartei.nix @@ -0,0 +1,3 @@ +{ + imports = [ ../../kartei ]; +} diff --git a/krebs/5pkgs/simple/fzfmenu/default.nix b/krebs/5pkgs/simple/fzfmenu/default.nix index fe5d5e27a..eb2441330 100644 --- a/krebs/5pkgs/simple/fzfmenu/default.nix +++ b/krebs/5pkgs/simple/fzfmenu/default.nix @@ -39,7 +39,7 @@ let }; in -pkgs.writeDashBin "fzfmenu" '' +pkgs.writers.writeDashBin "fzfmenu" '' set -efu # Spawn terminal if called without one, like e.g. from a window manager. diff --git a/krebs/5pkgs/simple/htgen-paste/src/htgen-paste b/krebs/5pkgs/simple/htgen-paste/src/htgen-paste index bc806e870..74266e53a 100644 --- a/krebs/5pkgs/simple/htgen-paste/src/htgen-paste +++ b/krebs/5pkgs/simple/htgen-paste/src/htgen-paste @@ -46,8 +46,8 @@ case "$Method $abs_path" in cp -v $content $item >&2 fi - if test -n ${reg_content_type-}; then - echo -n "$req_content_type" > "$item".content_type + if test -n "${req_content_type_override-}"; then + echo -n "$req_content_type_override" > "$item".content_type fi base32short=$(echo $base32 | cut -b-7) diff --git a/krebs/5pkgs/simple/irc-announce/default.nix b/krebs/5pkgs/simple/irc-announce/default.nix index 7b2af0307..75036d41c 100644 --- a/krebs/5pkgs/simple/irc-announce/default.nix +++ b/krebs/5pkgs/simple/irc-announce/default.nix @@ -1,6 +1,6 @@ { pkgs, lib, ... }: -pkgs.writeDashBin "irc-announce" '' +pkgs.writers.writeDashBin "irc-announce" '' set -euf IRC_SERVER=$1 diff --git a/krebs/5pkgs/simple/reaktor2-plugins.nix b/krebs/5pkgs/simple/reaktor2-plugins.nix index 651062b0a..b51b53a48 100644 --- a/krebs/5pkgs/simple/reaktor2-plugins.nix +++ b/krebs/5pkgs/simple/reaktor2-plugins.nix @@ -59,7 +59,7 @@ rec { filename = pkgs.writers.writeDash "sed-plugin" '' set -efu exec ${pkgs.python3}/bin/python \ - ${stockholm.outPath + "/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py"} "$@" + ${./Reaktor/scripts/sed-plugin.py} "$@" ''; }; }; diff --git a/krebs/5pkgs/simple/realwallpaper/default.nix b/krebs/5pkgs/simple/realwallpaper/default.nix index 236d75d72..544abb3a3 100644 --- a/krebs/5pkgs/simple/realwallpaper/default.nix +++ b/krebs/5pkgs/simple/realwallpaper/default.nix @@ -9,7 +9,7 @@ pkgs.writers.writeDashBin "generate-wallpaper" '' gnused file findutils - imagemagick6 + imagemagick inkscape jq nomads-cloud diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json index 83131c2b8..20bfd0ec4 100644 --- a/krebs/nixpkgs-unstable.json +++ b/krebs/nixpkgs-unstable.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "645ff62e09d294a30de823cb568e9c6d68e92606", - "date": "2023-07-01T19:09:17+02:00", - "path": "/nix/store/s5zy1prlscbr2iz6h9fj5la3973isaxw-nixpkgs", - "sha256": "02hpby5ln7p5kix9518hn0ady4q3i41z5ycamvwsarv3gvlzbsb4", + "rev": "b12803b6d90e2e583429bb79b859ca53c348b39a", + "date": "2023-07-24T08:16:24+02:00", + "path": "/nix/store/786lhas0jmp3nihbb28pbp7sm1sjzsy7-nixpkgs", + "sha256": "1l9sa8hd242xrb2j18mj4f62f3cw0bf5pafp58gdl0jkl61dpapr", "fetchLFS": false, "fetchSubmodules": false, "deepClone": false, diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index aed82e9f3..4ceb87230 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "0de86059128947b2438995450f2c2ca08cc783d5", - "date": "2023-07-01T05:19:59+03:00", - "path": "/nix/store/fwazy7k5nlavyj4637jnsqabdzdiad90-nixpkgs", - "sha256": "0m3aqg2xx5705v4yglal1ksknqnj3cbdyzcyw1dvz6qqvn9ng7i5", + "rev": "98da3dd0de6660d4abed7bb74e748694bd803413", + "date": "2023-07-12T12:54:32+08:00", + "path": "/nix/store/h9ncvz7aq1aqhjmxngnnhwaw359prh2g-nixpkgs", + "sha256": "0qzflsmxfgqz07jlx7njfsq752n1la8a6007mmx7rvqspp30g6j1", "fetchLFS": false, "fetchSubmodules": false, "deepClone": false, diff --git a/lass/1systems/aergia/config.nix b/lass/1systems/aergia/config.nix index d49040a7a..618938ce8 100644 --- a/lass/1systems/aergia/config.nix +++ b/lass/1systems/aergia/config.nix @@ -27,6 +27,83 @@ <stockholm/lass/2configs/print.nix> <stockholm/lass/2configs/br.nix> <stockholm/lass/2configs/c-base.nix> + # steam-deck like experience https://github.com/Jovian-Experiments/Jovian-NixOS + { + imports = [ + "${builtins.fetchTarball "https://github.com/Jovian-Experiments/Jovian-NixOS/archive/master.tar.gz"}/modules" + ]; + jovian.steam.enable = true; + } + { # autorandrs + services.autorandr = { + enable = true; + hooks.postswitch.reset_usb = '' + echo 0 > /sys/bus/usb/devices/usb9/authorized; echo 1 > /sys/bus/usb/devices/usb9/authorized + ${pkgs.xorg.xmodmap}/bin/xmodmap -e 'keycode 96 = F12 Insert F12 F12' # rebind shift + F12 to shift + insert + ''; + profiles = { + default = { + fingerprint = { + eDP = "00ffffffffffff00288931000100000016200104805932780a0dc9a05747982712484c0000000101010101010101010101010101010108700088a1401360c820a300d9870000001ead4a0088a1401360c820a30020c23100001e000000fd0016480f5a1e000a202020202020000000fc0047504431303031480a2020202000cf"; + }; + config = { + eDP = { + enable = true; + primary = true; + position = "0x0"; + |