summaryrefslogtreecommitdiffstats
path: root/lass
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2021-06-10 21:42:06 +0200
committertv <tv@krebsco.de>2021-06-10 21:42:06 +0200
commit0e6e8b7188b4a2aab7ca467cb20514a70ba09011 (patch)
treecfa9ab8a1a83e0dd139255cf7f7b29bf9a37fdf6 /lass
parent44c4cb6a453f5bc34c870caa6802548c099e9435 (diff)
parent04a081a3be600cc5e74aadd4f0fee899d6987a85 (diff)
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'lass')
-rw-r--r--lass/1systems/coaxmetal/config.nix44
-rw-r--r--lass/1systems/coaxmetal/physical.nix1
-rw-r--r--lass/1systems/daedalus/config.nix1
-rw-r--r--lass/1systems/green/config.nix2
-rw-r--r--lass/1systems/icarus/physical.nix11
-rw-r--r--lass/1systems/prism/config.nix1
-rw-r--r--lass/1systems/uriel/config.nix1
-rw-r--r--lass/1systems/xerxes/config.nix5
-rw-r--r--lass/2configs/bitcoin.nix27
-rw-r--r--lass/2configs/ciko.nix1
-rw-r--r--lass/2configs/default.nix5
-rw-r--r--lass/2configs/elster.nix1
-rw-r--r--lass/2configs/games.nix1
-rw-r--r--lass/2configs/gg23.nix2
-rw-r--r--lass/2configs/htop.nix1
-rw-r--r--lass/2configs/pass.nix2
-rw-r--r--lass/2configs/power-action.nix9
-rw-r--r--lass/2configs/radio.nix35
-rw-r--r--lass/2configs/review.nix14
-rw-r--r--lass/2configs/websites/domsen.nix45
-rw-r--r--lass/2configs/websites/lassulus.nix1
-rw-r--r--lass/2configs/wine.nix3
-rw-r--r--lass/2configs/xonsh.nix7
-rw-r--r--lass/3modules/browsers.nix13
-rw-r--r--lass/3modules/xjail.nix1
-rw-r--r--lass/5pkgs/tdlib-purple/default.nix22
-rw-r--r--lass/5pkgs/xonsh2/default.nix56
27 files changed, 247 insertions, 65 deletions
diff --git a/lass/1systems/coaxmetal/config.nix b/lass/1systems/coaxmetal/config.nix
index 3e0b1674a..227c5e1e9 100644
--- a/lass/1systems/coaxmetal/config.nix
+++ b/lass/1systems/coaxmetal/config.nix
@@ -16,38 +16,54 @@
<stockholm/lass/2configs/steam.nix>
<stockholm/lass/2configs/wine.nix>
<stockholm/lass/2configs/fetchWallpaper.nix>
- <stockholm/lass/2configs/nfs-dl.nix>
+ # <stockholm/lass/2configs/nfs-dl.nix>
<stockholm/lass/2configs/pass.nix>
<stockholm/lass/2configs/mail.nix>
<stockholm/lass/2configs/bitcoin.nix>
+
+ <stockholm/lass/2configs/xonsh.nix>
+ <stockholm/lass/2configs/review.nix>
+ <stockholm/lass/2configs/dunst.nix>
+ # <stockholm/krebs/2configs/ircd.nix>
];
krebs.build.host = config.krebs.hosts.coaxmetal;
- environment.shellAliases = {
- deploy = pkgs.writeDash "deploy" ''
+ environment.systemPackages = with pkgs; [
+ brain
+ bank
+ l-gen-secrets
+ (pkgs.writeDashBin "deploy" ''
set -eu
export SYSTEM="$1"
$(nix-build $HOME/sync/stockholm/lass/krops.nix --no-out-link --argstr name "$SYSTEM" -A deploy)
- '';
- usb-tether-on = pkgs.writeDash "usb-tether-on" ''
+ '')
+ (pkgs.writeDashBin "usb-tether-on" ''
adb shell su -c service call connectivity 33 i32 1 s16 text
- '';
- usb-tether-off = pkgs.writeDash "usb-tether-off" ''
+ '')
+ (pkgs.writeDashBin "usb-tether-off" ''
adb shell su -c service call connectivity 33 i32 0 s16 text
- '';
- };
+ '')
+ ];
programs.adb.enable = true;
hardware.bluetooth = {
enable = true;
powerOnBoot = true;
- # config.General.Disable = "Headset";
- extraConfig = ''
- [General]
- Disable = Headset
- '';
};
hardware.pulseaudio.package = pkgs.pulseaudioFull;
+
+ lass.browser.config = {
+ dc = { browser = "chromium"; groups = [ "audio" "video" ]; hidden = true; };
+ ff = { browser = "firefox"; groups = [ "audio" "video" ]; hidden = true; };
+ fy = { browser = "chromium"; groups = [ "audio" "video" ]; hidden = true; };
+ };
+
+ nix.trustedUsers = [ "root" "lass" ];
+
+ services.tor = {
+ enable = true;
+ client.enable = true;
+ };
}
diff --git a/lass/1systems/coaxmetal/physical.nix b/lass/1systems/coaxmetal/physical.nix
index c94740c54..3632ffd3e 100644
--- a/lass/1systems/coaxmetal/physical.nix
+++ b/lass/1systems/coaxmetal/physical.nix
@@ -7,6 +7,7 @@
networking.hostId = "e0c335ea";
boot.zfs.requestEncryptionCredentials = true;
+ boot.zfs.enableUnstable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.grub = {
enable = true;
diff --git a/lass/1systems/daedalus/config.nix b/lass/1systems/daedalus/config.nix
index d84502b3f..b84ce6acf 100644
--- a/lass/1systems/daedalus/config.nix
+++ b/lass/1systems/daedalus/config.nix
@@ -19,6 +19,7 @@ with import <stockholm/lib>;
"networkmanager"
];
useDefaultShell = true;
+ isNormalUser = true;
};
networking.networkmanager.enable = true;
networking.wireless.enable = mkForce false;
diff --git a/lass/1systems/green/config.nix b/lass/1systems/green/config.nix
index fbd2d223f..d7bf62b40 100644
--- a/lass/1systems/green/config.nix
+++ b/lass/1systems/green/config.nix
@@ -23,7 +23,7 @@ with import <stockholm/lib>;
users.users.mainUser.openssh.authorizedKeys.keys = [
config.krebs.users.lass-android.pubkey
- "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICMe23IAHn4Ow4J4i8M9GJshqvY80U11NKPLum6b1XLn" # weechat ssh tunnel
+ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK0rn3003CkJMk3jZrh/3MC6nVorHRymlFSI4x1brCKY" # weechat ssh tunnel
];
krebs.bindfs = {
diff --git a/lass/1systems/icarus/physical.nix b/lass/1systems/icarus/physical.nix
index 837872bf5..0b1aff4a8 100644
--- a/lass/1systems/icarus/physical.nix
+++ b/lass/1systems/icarus/physical.nix
@@ -45,16 +45,5 @@
SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:71:cb:35", NAME="et0"
'';
- services.thinkfan.enable = true;
- services.thinkfan.levels = ''
- (0, 0, 55)
- (1, 48, 60)
- (2, 50, 61)
- (3, 52, 63)
- (6, 60, 85)
- (7, 80, 90)
- (127, 89, 32767)
- '';
-
services.logind.lidSwitch = "ignore";
}
diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index 25d688696..89a386139 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -345,6 +345,7 @@ with import <stockholm/lib>;
home = "/var/download";
useDefaultShell = true;
uid = genid "download";
+ isSystemUser = true;
openssh.authorizedKeys.keys = with config.krebs.users; [
lass.pubkey
lass-android.pubkey
diff --git a/lass/1systems/uriel/config.nix b/lass/1systems/uriel/config.nix
index b50dc63f5..c3ce8fced 100644
--- a/lass/1systems/uriel/config.nix
+++ b/lass/1systems/uriel/config.nix
@@ -23,6 +23,7 @@ with import <stockholm/lib>;
"networkmanager"
];
useDefaultShell = true;
+ isNormalUser = true;
};
networking.networkmanager.enable = true;
hardware.pulseaudio = {
diff --git a/lass/1systems/xerxes/config.nix b/lass/1systems/xerxes/config.nix
index 22c80b4da..bf818a9b2 100644
--- a/lass/1systems/xerxes/config.nix
+++ b/lass/1systems/xerxes/config.nix
@@ -81,11 +81,6 @@
hardware.bluetooth = {
enable = true;
powerOnBoot = true;
- # config.General.Disable = "Headset";
- extraConfig = ''
- [General]
- Disable = Headset
- '';
};
hardware.pulseaudio.package = pkgs.pulseaudioFull;
# hardware.pulseaudio.configFile = pkgs.writeText "default.pa" ''
diff --git a/lass/2configs/bitcoin.nix b/lass/2configs/bitcoin.nix
index 9f6fd3bf0..9aa97a8ce 100644
--- a/lass/2configs/bitcoin.nix
+++ b/lass/2configs/bitcoin.nix
@@ -4,12 +4,6 @@ let
mainUser = config.users.extraUsers.mainUser;
in {
- krebs.per-user.bch.packages = [
- pkgs.electron-cash
- ];
- krebs.per-user.bitcoin.packages = [
- pkgs.electrum
- ];
users.extraUsers = {
bch = {
name = "bch";
@@ -17,6 +11,8 @@ in {
home = "/home/bch";
useDefaultShell = true;
createHome = true;
+ packages = [ pkgs.electron-cash ];
+ isNormalUser = true;
};
bitcoin = {
name = "bitcoin";
@@ -24,10 +20,25 @@ in {
home = "/home/bitcoin";
useDefaultShell = true;
createHome = true;
+ packages = [ pkgs.electrum ];
+ isNormalUser = true;
+ };
+ monero = {
+ name = "monero";
+ description = "user for monero stuff";
+ home = "/home/monero";
+ useDefaultShell = true;
+ createHome = true;
+ packages = [
+ pkgs.monero
+ pkgs.monero-gui
+ ];
+ isNormalUser = true;
};
};
security.sudo.extraConfig = ''
- ${mainUser.name} ALL=(bitcoin) NOPASSWD: ALL
- ${mainUser.name} ALL=(bch) NOPASSWD: ALL
+ ${mainUser.name} ALL=(bch) ALL
+ ${mainUser.name} ALL=(bitcoin) ALL
+ ${mainUser.name} ALL=(monero) ALL
'';
}
diff --git a/lass/2configs/ciko.nix b/lass/2configs/ciko.nix
index 3d87fb620..f32f062ff 100644
--- a/lass/2configs/ciko.nix
+++ b/lass/2configs/ciko.nix
@@ -10,6 +10,7 @@ with import <stockholm/lib>;
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTUWm/fISw/gbuHvf3kwxGEuk1aY5HrNNvr8QXCQv0khDdaYmZSELbtFQtE04WGTWmackNcLpld5mETVyCM0BjOgqMJYQNhtywxfYcodEY5xxHCuGgA3S1t94MZub+DRodXCfB0yUV85Wbb0sltkMTJufMwYmLEGxSLRukxAOcNsXdjlyro96csmYrIiV6R7+REnz8OcR7sKlI4tvKA1mbvWmjbDBd1MZ8Jc0Lwf+b0H/rH69wEQIcB5HRHHJIChoAk0t2azSjXagk1+4AebONZTCKvTHxs/D2wUBIzoxyjmh5S0aso/cKw8qpKcl/A2mZiIvW3KMlJAM5U+RQKMrr"
];
+ isNormalUser = true;
};
system.activationScripts.user-shadow = ''
diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix
index 7b6f01148..193f4bef1 100644
--- a/lass/2configs/default.nix
+++ b/lass/2configs/default.nix
@@ -32,6 +32,7 @@ with import <stockholm/lib>;
group = "users";
createHome = true;
useDefaultShell = true;
+ isNormalUser = true;
extraGroups = [
"audio"
"fuse"
@@ -88,9 +89,7 @@ with import <stockholm/lib>;
services.timesyncd.enable = mkForce true;
- systemd.tmpfiles.rules = [
- "d /tmp 1777 root root - -"
- ];
+ boot.tmpOnTmpfs = true;
# multiple-definition-problem when defining environment.variables.EDITOR
environment.extraInit = ''
diff --git a/lass/2configs/elster.nix b/lass/2configs/elster.nix
index e3a88c789..5d68def35 100644
--- a/lass/2configs/elster.nix
+++ b/lass/2configs/elster.nix
@@ -12,6 +12,7 @@ in {
useDefaultShell = true;
extraGroups = [];
createHome = true;
+ isNormalUser = true;
};
};
krebs.per-user.elster.packages = [
diff --git a/lass/2configs/games.nix b/lass/2configs/games.nix
index 67f250ef3..829773b87 100644
--- a/lass/2configs/games.nix
+++ b/lass/2configs/games.nix
@@ -78,6 +78,7 @@ in {
# vdoomserver
retroarchBare
];
+ isNormalUser = true;
};
};
diff --git a/lass/2configs/gg23.nix b/lass/2configs/gg23.nix
index 3d4c1e306..89ccae408 100644
--- a/lass/2configs/gg23.nix
+++ b/lass/2configs/gg23.nix
@@ -8,6 +8,8 @@ with import <stockholm/lib>;
prefixLength = 24;
}];
+ networking.domain = "gg23";
+
services.dhcpd4 = {
enable = true;
interfaces = [ "int0" ];
diff --git a/lass/2configs/htop.nix b/lass/2configs/htop.nix
index d9307347e..629d74235 100644
--- a/lass/2configs/htop.nix
+++ b/lass/2configs/htop.nix
@@ -3,7 +3,6 @@
with import <stockholm/lib>;
{
- security.hideProcessInformation = true;
nixpkgs.config.packageOverrides = super: {
htop = pkgs.symlinkJoin {
name = "htop";
diff --git a/lass/2configs/pass.nix b/lass/2configs/pass.nix
index 6b2a0142a..48070ea06 100644
--- a/lass/2configs/pass.nix
+++ b/lass/2configs/pass.nix
@@ -1,7 +1,7 @@
{ config, pkgs, ... }:
{
- users.users.lass.packages = with pkgs; [
+ users.users.mainUser.packages = with pkgs; [
(pass.withExtensions (ext: [ ext.pass-otp ]))
gnupg
];
diff --git a/lass/2configs/power-action.nix b/lass/2configs/power-action.nix
index c7bdb525d..648ffc784 100644
--- a/lass/2configs/power-action.nix
+++ b/lass/2configs/power-action.nix
@@ -32,9 +32,12 @@ in {
user = "lass";
};
- users.users.power-action.extraGroups = [
- "audio"
- ];
+ users.users.power-action = {
+ isNormalUser = true;
+ extraGroups = [
+ "audio"
+ ];
+ };
security.sudo.extraConfig = ''
${config.krebs.power-action.user} ALL= (root) NOPASSWD: ${suspend}
diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix
index cfc280e50..a474b0ebc 100644
--- a/lass/2configs/radio.nix
+++ b/lass/2configs/radio.nix
@@ -4,7 +4,6 @@ with import <stockholm/lib>;
let
name = "radio";
- mainUser = config.users.extraUsers.mainUser;
music_dir = "/home/radio/music";
@@ -84,6 +83,17 @@ let
}'
'';
+ set_irc_topic = pkgs.writeDash "set_irc_topic" ''
+ ${pkgs.curl}/bin/curl -fsSv --unix-socket /home/radio/reaktor.sock http://z/ \
+ -H content-type:application/json \
+ -d "$(${pkgs.jq}/bin/jq -n \
+ --arg text "$1" '{
+ command:"TOPIC",
+ params:["#the_playlist",$text]
+ }'
+ )"
+ '';
+
write_to_irc = pkgs.writeDash "write_to_irc" ''
${pkgs.curl}/bin/curl -fsSv --unix-socket /home/radio/reaktor.sock http://z/ \
-H content-type:application/json \
@@ -128,11 +138,25 @@ in {
services.mpd = {
enable = true;
- group = "radio";
+ user = "radio";
musicDirectory = "${music_dir}";
+ dataDir = "/home/radio/state"; # TODO create this somwhere
extraConfig = ''
log_level "default"
auto_update "yes"
+ volume_normalization "yes"
+
+ audio_output {
+ type "httpd"
+ name "lassulus radio mp3"
+ encoder "lame" # optional
+ port "8002"
+ quality "5.0" # do not define if bitrate is defined
+ # bitrate "128" # do not define if quality is defined
+ format "44100:16:2"
+ always_on "yes" # prevent MPD from disconnecting all listeners when playback is stopped.
+ tags "yes" # httpd supports sending tags to listening streams.
+ }
audio_output {
type "httpd"
@@ -152,6 +176,7 @@ in {
tables = {
filter.INPUT.rules = [
{ predicate = "-p tcp --dport 8000"; target = "ACCEPT"; }
+ { predicate = "-p tcp --dport 8002"; target = "ACCEPT"; }
{ predicate = "-i retiolum -p tcp --dport 8001"; target = "ACCEPT"; }
];
};
@@ -200,10 +225,10 @@ in {
${pkgs.mpc_cli}/bin/mpc idle player > /dev/null
${pkgs.mpc_cli}/bin/mpc current -f %file%
done | while read track; do
- listeners=$(${pkgs.iproute}/bin/ss -Hno state established 'sport = :8000' | wc -l)
+ listeners=$(${pkgs.iproute}/bin/ss -Hno state established 'sport = :8000' | grep '^mptcp' | wc -l)
echo "$(date -Is)" "$track" | tee -a "$HISTORY_FILE"
echo "$(tail -$LIMIT "$HISTORY_FILE")" > "$HISTORY_FILE"
- ${write_to_irc} "playing: $track listeners: $listeners"
+ ${set_irc_topic} "playing: $track listeners: $listeners"
done
'';
in {
@@ -349,7 +374,7 @@ in {
};
services.syncthing.declarative.folders."the_playlist" = {
path = "/home/radio/music/the_playlist";
- devices = [ "mors" "phone" "prism" "xerxes" ];
+ devices = [ "mors" "phone" "prism" ];
};
krebs.permown."/home/radio/music/the_playlist" = {
owner = "radio";
diff --git a/lass/2configs/review.nix b/lass/2configs/review.nix
new file mode 100644
index 000000000..658f32084
--- /dev/null
+++ b/lass/2configs/review.nix
@@ -0,0 +1,14 @@
+{ config, pkgs, ... }:
+
+let
+ mainUser = config.users.extraUsers.mainUser;
+in {
+
+ users.users.review = {
+ isNormalUser = true;
+ packages = [ pkgs.nixpkgs-review ];
+ };
+ security.sudo.extraConfig = ''
+ ${mainUser.name} ALL=(review) NOPASSWD: ALL
+ '';
+}
diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix
index c43c8c902..e603f49da 100644
--- a/lass/2configs/websites/domsen.nix
+++ b/lass/2configs/websites/domsen.nix
@@ -170,6 +170,7 @@ in {
home = "/home/UBIK-SFTP";
useDefaultShell = true;
createHome = true;
+ isNormalUser = true;
};
users.users.xanf = {
@@ -178,6 +179,7 @@ in {
home = "/home/xanf";
useDefaultShell = true;
createHome = true;
+ isNormalUser = true;
};
users.users.domsen = {
@@ -185,8 +187,9 @@ in {
description = "maintenance acc for domsen";
home = "/home/domsen";
useDefaultShell = true;
- extraGroups = [ "nginx" "download" ];
+ extraGroups = [ "syncthing" "download" "xanf" ];
createHome = true;
+ isNormalUser = true;
};
users.users.bruno = {
@@ -194,6 +197,7 @@ in {
home = "/home/bruno";
useDefaultShell = true;
createHome = true;
+ isNormalUser = true;
};
users.users.jla-trading = {
@@ -201,6 +205,7 @@ in {
home = "/home/jla-trading";
useDefaultShell = true;
createHome = true;
+ isNormalUser = true;
};
users.users.jms = {
@@ -208,6 +213,7 @@ in {
home = "/home/jms";
useDefaultShell = true;
createHome = true;
+ isNormalUser = true;
};
users.users.ms = {
@@ -215,6 +221,7 @@ in {
home = "/home/ms";
useDefaultShell = true;
createHome = true;
+ isNormalUser = true;
};
users.users.testuser = {
@@ -222,20 +229,23 @@ in {
home = "/home/testuser";
useDefaultShell = true;
createHome = true;
+ isNormalUser = true;
};
- users.users.akayguen = {
- uid = genid_uint31 "akayguen";
- home = "/home/akayguen";
- useDefaultShell = true;
- createHome = true;
- };
+ #users.users.akayguen = {
+ # uid = genid_uint31 "akayguen";
+ # home = "/home/akayguen";
+ # useDefaultShell = true;
+ # createHome = true;
+ # isNormalUser = true;
+ #};
users.users.bui = {
uid = genid_uint31 "bui";
home = "/home/bui";
useDefaultShell = true;
createHome = true;
+ isNormalUser = true;
};
users.users.klabusterbeere = {
@@ -243,6 +253,7 @@ in {
home = "/home/klabusterbeere";
useDefaultShell = true;
createHome = true;
+ isNormalUser = true;
};
users.users.kasia = {
@@ -250,6 +261,7 @@ in {
home = "/home/kasia";
useDefaultShell = true;
createHome = true;
+ isNormalUser = true;
};
users.users.XANF_TEAM = {
@@ -258,6 +270,25 @@ in {
home = "/home/XANF_TEAM";
useDefaultShell = true;
createHome = true;
+ isNormalUser = true;
+ };
+
+ users.users.dif = {
+ uid = genid_uint31 "dif";
+ home = "/home/dif";
+ useDefaultShell = true;
+ extraGroups = [ "xanf" ];
+ createHome = true;
+ isNormalUser = true;
+ };
+
+ users.users.lavafilms = {
+ uid = genid_uint31 "lavafilms";
+ home = "/home/lavafilms";
+ useDefaultShell = true;
+ extraGroups = [ "xanf" ];
+ createHome = true;
+ isNormalUser = true;
};
users.groups.xanf = {};
diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix
index 17df71310..bb983b78e 100644
--- a/lass/2configs/websites/lassulus.nix
+++ b/lass/2configs/websites/lassulus.nix
@@ -97,6 +97,7 @@ in {
home = "/srv/http/lassul.us";
useDefaultShell = true;
createHome = true;
+ isSystemUser = true;
openssh.authorizedKeys.keys = with config.krebs.users; [
lass.pubkey
lass-mors.pubkey
diff --git a/lass/2configs/wine.nix b/lass/2configs/wine.nix
index 5cb019c13..5476624c9 100644
--- a/lass/2configs/wine.nix
+++ b/lass/2configs/wine.nix
@@ -14,8 +14,9 @@ in {
];
createHome = true;
packages = [
- pkgs.wineMinimal
+ pkgs.wineWowPackages.stable
];
+ isNormalUser = true;
};
};
security.sudo.extraConfig = ''
diff --git a/lass/2configs/xonsh.nix b/lass/2configs/xonsh.nix
new file mode 100644
index 000000000..23ed28847
--- /dev/null
+++ b/lass/2configs/xonsh.nix
@@ -0,0 +1,7 @@
+{ config, lib, pkgs, ... }:
+{
+ environment.systemPackages = [
+ pkgs.xonsh
+ pkgs.xonsh2
+ ];
+}
diff --git a/lass/3modules/browsers.nix b/lass/3modules/browsers.nix
index 0c77d4da8..4171abdb6 100644
--- a/lass/3modules/browsers.nix
+++ b/lass/3modules/browsers.nix
@@ -5,7 +5,9 @@ let
cfg = config.lass.browser;
browserScripts = {
- chromium = "${pkgs.chromium}/bin/chromium";
+ brave = "${pkgs.brave}/bin/brave";
+ chrome = "${pkgs.google-chrome}/bin/chrome";
+ chromium = "${pkgs.ungoogled-chromium}/bin/chromium";
firefox = "${pkgs.firefox.override {
extraNativeMessagingHosts = [ pkgs.tridactyl-native ];
}}/bin/firefox";
@@ -14,8 +16,9 @@ let
browser-select = let
sortedPaths = sort (a: b: a.value.precedence > b.value.precedence)
+ (filter (x: ! x.value.hidden)
(mapAttrsToList (name: value: { inherit name value; })
- cfg.config);
+ cfg.config));
in if (lib.length sortedPaths) > 1 then
pkgs.writeScriptBin "browser-select" ''
BROWSER=$(echo -e "${concatStringsSep "\\n" (map (getAttr "name") sortedPaths)}" | ${pkgs.dmenu}/bin/dmenu)
@@ -48,6 +51,10 @@ in {
type = types.str;
default = config._module.args.name;
};
+ hidden = mkOption {
+ type = types.bool;
+ default = false;
+ };
precedence = mkOption {
type = types.int;
default = 0;
@@ -58,7 +65,7 @@ in {
};
browser = mkOption {
type = types.enum (attrNames browserScripts);
- default = "chromium";
+ default = "brave";
};
groups = mkOption {
type = types.listOf types.str;
diff --git a/lass/3modules/xjail.nix b/lass/3modules/xjail.nix
index 37f90ee1c..526e12db7 100644
--- a/lass/3modules/xjail.nix
+++ b/lass/3modules/xjail.nix
@@ -147,6 +147,7 @@ with import <stockholm/lib>;
useDefaultShell = true;
createHome = true;
extraGroups = cfg.groups;
+ isNormalUser = true;
}
) config.lass.xjail;
diff --git a/lass/5pkgs/tdlib-purple/default.nix b/lass/5pkgs/tdlib-purple/default.nix
index 54841588e..d7937da58 100644
--- a/lass/5pkgs/tdlib-purple/default.nix
+++ b/lass/5pkgs/tdlib-purple/default.nix
@@ -1,6 +1,24 @@
-{ stdenv, fetchFromGitHub, cmake, tdlib, pidgin, libwebp, libtgvoip } :
+{ stdenv, pkgs, fetchFromGitHub, cmake, pidgin, libwebp, libtgvoip } :
-stdenv.mkDerivation rec {
+let
+
+ tdlib = stdenv.mkDerivation rec {
+ version = "1.6.0";
+ pname = "tdlib";
+
+ src = fetchFromGitHub {
+ owner = "tdlib";
+ repo = "td";
+ rev = "v${version}";
+ sha256 = "0zlzpl6fgszg18kwycyyyrnkm255dvc6fkq0b0y32m5wvwwl36cv";
+ };
+
+ buildInputs = with pkgs; [ gperf openssl readline zlib ];
+ nativeBuildInputs = [ pkgs.cmake ];
+
+ };
+
+in stdenv.mkDerivation rec {
pname = "tdlib-purple";
version = "0.7.8";
diff --git a/lass/5pkgs/xonsh2/default.nix b/lass/5pkgs/xonsh2/default.nix
new file mode 100644
index 000000000..d55d22445
--- /dev/null
+++ b/lass/5pkgs/xonsh2/default.nix
@@ -0,0 +1,56 @@
+{ lib, stdenv
+, fetchFromGitHub
+, python39Packages
+, glibcLocales
+, coreutils
+, git
+, extraInputs ? []
+}: let
+
+ python3Packages = python39Packages;
+
+in python3Packages.buildPythonApplication rec {
+ pname = "xonsh2";
+ version = "master";
+
+ # fetch from github because the pypi package ships incomplete tests
+ src = fetchFromGitHub {
+ owner = "anki-code";
+ repo = "xonsh2";
+ rev = "bd96fcdce9319ab6b90c7d9ac47d2249b61144d0";
+ sha256 = "0b632rac8macfp2mmvhh1f34cf1m5qfpjajwnf676qk7jzn79vx6";
+ };
+
+ LC_ALL = "en_US.UTF-8";
+
+ postPatch = ''
+ sed -ie 's|/usr/bin/env|${coreutils}/bin/env|' scripts/xon.sh
+ find scripts -name 'xonsh*' -exec sed -i -e "s|env -S|env|" {} \;
+ find -name "*.xsh" | xargs sed -ie 's|/usr/bin/env|${coreutils}/bin/env|'
+ patchShebangs .
+ '';
+
+ doCheck = false;
+
+ checkPhase = ''
+ HOME=$TMPDIR pytest -k 'not test_repath_backslash and not test_os and not test_man_completion and not test_builtins and not test_main and not test_ptk_highlight and not test_pyghooks'
+ HOME=$TMPDIR pytest -k 'test_builtins or test_main' --reruns 5
+ HOME=$TMPDIR pytest -k 'test_ptk_highlight'
+ '';
+
+ checkInputs = [ python3Packages.pytest python3Packages.pytest-rerunfailures glibcLocales git ];
+
+ propagatedBuildInputs = with python3Packages; [ ply prompt_toolkit pygments ] ++ extraInputs;
+
+ meta = with lib; {
+ description = "A Python-ish, BASHwards-compatible shell";
+ homepage = "https://xon.sh/";
+ # changelog = "https://github.com/xonsh/xonsh/releases/tag/${version}";
+ license = licenses.bsd3;
+ platforms = platforms.all;
+ };
+
+ passthru = {
+ shellPath = "/bin/xonsh2";
+ };
+}