summaryrefslogtreecommitdiffstats
path: root/lass/2configs
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2021-06-06 19:15:44 +0200
committermakefu <github@syntax-fehler.de>2021-06-06 19:15:44 +0200
commit74058abe0b5da0753c2167d6bab29eb1eae88366 (patch)
tree748e9e75c0498161629597f7469933e69303168b /lass/2configs
parent88a845f7a1a037bf6bcf23863d41f36c4cedcd7e (diff)
parenta5bc9126db72f59062ff9d6a72b2fa35437b42cb (diff)
Merge branch '21.05'
Diffstat (limited to 'lass/2configs')
-rw-r--r--lass/2configs/bitcoin.nix27
-rw-r--r--lass/2configs/ciko.nix1
-rw-r--r--lass/2configs/default.nix5
-rw-r--r--lass/2configs/elster.nix1
-rw-r--r--lass/2configs/games.nix1
-rw-r--r--lass/2configs/gg23.nix2
-rw-r--r--lass/2configs/htop.nix1
-rw-r--r--lass/2configs/mpv.nix2
-rw-r--r--lass/2configs/pass.nix2
-rw-r--r--lass/2configs/power-action.nix9
-rw-r--r--lass/2configs/review.nix14
-rw-r--r--lass/2configs/websites/domsen.nix45
-rw-r--r--lass/2configs/websites/lassulus.nix1
-rw-r--r--lass/2configs/wine.nix3
-rw-r--r--lass/2configs/xonsh.nix7
15 files changed, 96 insertions, 25 deletions
diff --git a/lass/2configs/bitcoin.nix b/lass/2configs/bitcoin.nix
index 9f6fd3bf0..9aa97a8ce 100644
--- a/lass/2configs/bitcoin.nix
+++ b/lass/2configs/bitcoin.nix
@@ -4,12 +4,6 @@ let
mainUser = config.users.extraUsers.mainUser;
in {
- krebs.per-user.bch.packages = [
- pkgs.electron-cash
- ];
- krebs.per-user.bitcoin.packages = [
- pkgs.electrum
- ];
users.extraUsers = {
bch = {
name = "bch";
@@ -17,6 +11,8 @@ in {
home = "/home/bch";
useDefaultShell = true;
createHome = true;
+ packages = [ pkgs.electron-cash ];
+ isNormalUser = true;
};
bitcoin = {
name = "bitcoin";
@@ -24,10 +20,25 @@ in {
home = "/home/bitcoin";
useDefaultShell = true;
createHome = true;
+ packages = [ pkgs.electrum ];
+ isNormalUser = true;
+ };
+ monero = {
+ name = "monero";
+ description = "user for monero stuff";
+ home = "/home/monero";
+ useDefaultShell = true;
+ createHome = true;
+ packages = [
+ pkgs.monero
+ pkgs.monero-gui
+ ];
+ isNormalUser = true;
};
};
security.sudo.extraConfig = ''
- ${mainUser.name} ALL=(bitcoin) NOPASSWD: ALL
- ${mainUser.name} ALL=(bch) NOPASSWD: ALL
+ ${mainUser.name} ALL=(bch) ALL
+ ${mainUser.name} ALL=(bitcoin) ALL
+ ${mainUser.name} ALL=(monero) ALL
'';
}
diff --git a/lass/2configs/ciko.nix b/lass/2configs/ciko.nix
index 3d87fb620..f32f062ff 100644
--- a/lass/2configs/ciko.nix
+++ b/lass/2configs/ciko.nix
@@ -10,6 +10,7 @@ with import <stockholm/lib>;
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTUWm/fISw/gbuHvf3kwxGEuk1aY5HrNNvr8QXCQv0khDdaYmZSELbtFQtE04WGTWmackNcLpld5mETVyCM0BjOgqMJYQNhtywxfYcodEY5xxHCuGgA3S1t94MZub+DRodXCfB0yUV85Wbb0sltkMTJufMwYmLEGxSLRukxAOcNsXdjlyro96csmYrIiV6R7+REnz8OcR7sKlI4tvKA1mbvWmjbDBd1MZ8Jc0Lwf+b0H/rH69wEQIcB5HRHHJIChoAk0t2azSjXagk1+4AebONZTCKvTHxs/D2wUBIzoxyjmh5S0aso/cKw8qpKcl/A2mZiIvW3KMlJAM5U+RQKMrr"
];
+ isNormalUser = true;
};
system.activationScripts.user-shadow = ''
diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix
index 7b6f01148..193f4bef1 100644
--- a/lass/2configs/default.nix
+++ b/lass/2configs/default.nix
@@ -32,6 +32,7 @@ with import <stockholm/lib>;
group = "users";
createHome = true;
useDefaultShell = true;
+ isNormalUser = true;
extraGroups = [
"audio"
"fuse"
@@ -88,9 +89,7 @@ with import <stockholm/lib>;
services.timesyncd.enable = mkForce true;
- systemd.tmpfiles.rules = [
- "d /tmp 1777 root root - -"
- ];
+ boot.tmpOnTmpfs = true;
# multiple-definition-problem when defining environment.variables.EDITOR
environment.extraInit = ''
diff --git a/lass/2configs/elster.nix b/lass/2configs/elster.nix
index e3a88c789..5d68def35 100644
--- a/lass/2configs/elster.nix
+++ b/lass/2configs/elster.nix
@@ -12,6 +12,7 @@ in {
useDefaultShell = true;
extraGroups = [];
createHome = true;
+ isNormalUser = true;
};
};
krebs.per-user.elster.packages = [
diff --git a/lass/2configs/games.nix b/lass/2configs/games.nix
index 67f250ef3..829773b87 100644
--- a/lass/2configs/games.nix
+++ b/lass/2configs/games.nix
@@ -78,6 +78,7 @@ in {
# vdoomserver
retroarchBare
];
+ isNormalUser = true;
};
};
diff --git a/lass/2configs/gg23.nix b/lass/2configs/gg23.nix
index 3d4c1e306..89ccae408 100644
--- a/lass/2configs/gg23.nix
+++ b/lass/2configs/gg23.nix
@@ -8,6 +8,8 @@ with import <stockholm/lib>;
prefixLength = 24;
}];
+ networking.domain = "gg23";
+
services.dhcpd4 = {
enable = true;
interfaces = [ "int0" ];
diff --git a/lass/2configs/htop.nix b/lass/2configs/htop.nix
index d9307347e..629d74235 100644
--- a/lass/2configs/htop.nix
+++ b/lass/2configs/htop.nix
@@ -3,7 +3,6 @@
with import <stockholm/lib>;
{
- security.hideProcessInformation = true;
nixpkgs.config.packageOverrides = super: {
htop = pkgs.symlinkJoin {
name = "htop";
diff --git a/lass/2configs/mpv.nix b/lass/2configs/mpv.nix
index 210551a62..7512787fe 100644
--- a/lass/2configs/mpv.nix
+++ b/lass/2configs/mpv.nix
@@ -80,7 +80,7 @@ let
name = "mpv";
paths = [
(pkgs.writeDashBin "mpv" ''
- exec ${pkgs.mpv}/bin/mpv -vo=gpu --no-config --script=${autosub} "$@"
+ exec ${pkgs.mpv}/bin/mpv -vo=gpu --no-config "$@" # TODO renable autosub when subliminal is in 21.05 again
'')
pkgs.mpv
];
diff --git a/lass/2configs/pass.nix b/lass/2configs/pass.nix
index 6b2a0142a..48070ea06 100644
--- a/lass/2configs/pass.nix
+++ b/lass/2configs/pass.nix
@@ -1,7 +1,7 @@
{ config, pkgs, ... }:
{
- users.users.lass.packages = with pkgs; [
+ users.users.mainUser.packages = with pkgs; [
(pass.withExtensions (ext: [ ext.pass-otp ]))
gnupg
];
diff --git a/lass/2configs/power-action.nix b/lass/2configs/power-action.nix
index c7bdb525d..648ffc784 100644
--- a/lass/2configs/power-action.nix
+++ b/lass/2configs/power-action.nix
@@ -32,9 +32,12 @@ in {
user = "lass";
};
- users.users.power-action.extraGroups = [
- "audio"
- ];
+ users.users.power-action = {
+ isNormalUser = true;
+ extraGroups = [
+ "audio"
+ ];
+ };
security.sudo.extraConfig = ''
${config.krebs.power-action.user} ALL= (root) NOPASSWD: ${suspend}
diff --git a/lass/2configs/review.nix b/lass/2configs/review.nix
new file mode 100644
index 000000000..658f32084
--- /dev/null
+++ b/lass/2configs/review.nix
@@ -0,0 +1,14 @@
+{ config, pkgs, ... }:
+
+let
+ mainUser = config.users.extraUsers.mainUser;
+in {
+
+ users.users.review = {
+ isNormalUser = true;
+ packages = [ pkgs.nixpkgs-review ];
+ };
+ security.sudo.extraConfig = ''
+ ${mainUser.name} ALL=(review) NOPASSWD: ALL
+ '';
+}
diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix
index c43c8c902..e603f49da 100644
--- a/lass/2configs/websites/domsen.nix
+++ b/lass/2configs/websites/domsen.nix
@@ -170,6 +170,7 @@ in {
home = "/home/UBIK-SFTP";
useDefaultShell = true;
createHome = true;
+ isNormalUser = true;
};
users.users.xanf = {
@@ -178,6 +179,7 @@ in {
home = "/home/xanf";
useDefaultShell = true;
createHome = true;
+ isNormalUser = true;
};
users.users.domsen = {
@@ -185,8 +187,9 @@ in {
description = "maintenance acc for domsen";
home = "/home/domsen";
useDefaultShell = true;
- extraGroups = [ "nginx" "download" ];
+ extraGroups = [ "syncthing" "download" "xanf" ];
createHome = true;
+ isNormalUser = true;
};
users.users.bruno = {
@@ -194,6 +197,7 @@ in {
home = "/home/bruno";
useDefaultShell = true;
createHome = true;
+ isNormalUser = true;
};
users.users.jla-trading = {
@@ -201,6 +205,7 @@ in {
home = "/home/jla-trading";
useDefaultShell = true;
createHome = true;
+ isNormalUser = true;
};
users.users.jms = {
@@ -208,6 +213,7 @@ in {
home = "/home/jms";
useDefaultShell = true;
createHome = true;
+ isNormalUser = true;
};
users.users.ms = {
@@ -215,6 +221,7 @@ in {
home = "/home/ms";
useDefaultShell = true;
createHome = true;
+ isNormalUser = true;
};
users.users.testuser = {
@@ -222,20 +229,23 @@ in {
home = "/home/testuser";
useDefaultShell = true;
createHome = true;
+ isNormalUser = true;
};
- users.users.akayguen = {
- uid = genid_uint31 "akayguen";
- home = "/home/akayguen";
- useDefaultShell = true;
- createHome = true;
- };
+ #users.users.akayguen = {
+ # uid = genid_uint31 "akayguen";
+ # home = "/home/akayguen";
+ # useDefaultShell = true;
+ # createHome = true;
+ # isNormalUser = true;
+ #};
users.users.bui = {
uid = genid_uint31 "bui";
home = "/home/bui";
useDefaultShell = true;
createHome = true;
+ isNormalUser = true;
};
users.users.klabusterbeere = {
@@ -243,6 +253,7 @@ in {
home = "/home/klabusterbeere";
useDefaultShell = true;
createHome = true;
+ isNormalUser = true;
};
users.users.kasia = {
@@ -250,6 +261,7 @@ in {
home = "/home/kasia";
useDefaultShell = true;
createHome = true;
+ isNormalUser = true;
};
users.users.XANF_TEAM = {
@@ -258,6 +270,25 @@ in {
home = "/home/XANF_TEAM";
useDefaultShell = true;
createHome = true;
+ isNormalUser = true;
+ };
+
+ users.users.dif = {
+ uid = genid_uint31 "dif";
+ home = "/home/dif";
+ useDefaultShell = true;
+ extraGroups = [ "xanf" ];
+ createHome = true;
+ isNormalUser = true;
+ };
+
+ users.users.lavafilms = {
+ uid = genid_uint31 "lavafilms";
+ home = "/home/lavafilms";
+ useDefaultShell = true;
+ extraGroups = [ "xanf" ];
+ createHome = true;
+ isNormalUser = true;
};
users.groups.xanf = {};
diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix
index 17df71310..bb983b78e 100644
--- a/lass/2configs/websites/lassulus.nix
+++ b/lass/2configs/websites/lassulus.nix
@@ -97,6 +97,7 @@ in {
home = "/srv/http/lassul.us";
useDefaultShell = true;
createHome = true;
+ isSystemUser = true;
openssh.authorizedKeys.keys = with config.krebs.users; [
lass.pubkey
lass-mors.pubkey
diff --git a/lass/2configs/wine.nix b/lass/2configs/wine.nix
index 5cb019c13..5476624c9 100644
--- a/lass/2configs/wine.nix
+++ b/lass/2configs/wine.nix
@@ -14,8 +14,9 @@ in {
];
createHome = true;
packages = [
- pkgs.wineMinimal
+ pkgs.wineWowPackages.stable
];
+ isNormalUser = true;
};
};
security.sudo.extraConfig = ''
diff --git a/lass/2configs/xonsh.nix b/lass/2configs/xonsh.nix
new file mode 100644
index 000000000..23ed28847
--- /dev/null
+++ b/lass/2configs/xonsh.nix
@@ -0,0 +1,7 @@
+{ config, lib, pkgs, ... }:
+{
+ environment.systemPackages = [
+ pkgs.xonsh
+ pkgs.xonsh2
+ ];
+}