Merge remote-tracking branch 'prism/master'

author: tv <tv@krebsco.de> 2018-10-27 15:02:39 +0200
committer: tv <tv@krebsco.de> 2018-10-27 15:02:39 +0200
commit: 212bc39249f9792cbedf2e9a6b3fed90c52c63e7 (patch)
tree: de2a5cf0be852b8beb8317481649460194f40d5b /lass
parent: 34e1f09bf5e233bee78ee63166d2a1d9944a51f9 (diff)
parent: 24f4e8dcf0eca55378fa018a9ed980625222653d (diff)
17 files changed, 150 insertions, 127 deletions
diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix
index 69954a3e9..6d65b58c2 100644
--- a/lass/1systems/mors/config.nix
+++ b/lass/1systems/mors/config.nix
@@ -77,6 +77,7 @@ with import <stockholm/lib>;
       environment.systemPackages = [
         pkgs.ovh-zone
         pkgs.bank
+        pkgs.adb-sync
       ];
     }
     {
@@ -143,7 +144,6 @@ with import <stockholm/lib>;
     OnCalendar = "00:37";
   };
 
-  nix.package = pkgs.nixUnstable;
   programs.adb.enable = true;
   users.users.mainUser.extraGroups = [ "adbusers" "docker" ];
   virtualisation.docker.enable = true;
diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index f83721070..bf7de6fc5 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -291,16 +291,6 @@ with import <stockholm/lib>;
       ];
     }
     {
-      services.nginx = {
-        enable = true;
-        virtualHosts."radio.lassul.us" = {
-          forceSSL = true;
-          enableACME = true;
-          locations."/".extraConfig = ''
-            proxy_pass http://localhost:8000;
-          '';
-        };
-      };
     }
     {
       lass.nichtparasoup.enable = true;
diff --git a/lass/1systems/prism/physical.nix b/lass/1systems/prism/physical.nix
index 83f127c22..56348d0ab 100644
--- a/lass/1systems/prism/physical.nix
+++ b/lass/1systems/prism/physical.nix
@@ -3,27 +3,39 @@
   imports = [
     ./config.nix
     {
-      networking.interfaces.et0.ipv4.addresses = [
-        {
-          address = config.krebs.build.host.nets.internet.ip4.addr;
+      boot.kernelParams = [ "net.ifnames=0" ];
+      networking = {
+        defaultGateway = "46.4.114.225";
+        # Use google's public DNS server
+        nameservers = [ "8.8.8.8" ];
+        interfaces.eth0 = {
+          ipAddress = "46.4.114.247";
           prefixLength = 27;
-        }
-        {
-          address = "46.4.114.243";
-          prefixLength = 27;
-        }
-      ];
-      networking.defaultGateway = "46.4.114.225";
-      networking.nameservers = [
-        "8.8.8.8"
-      ];
-      services.udev.extraRules = ''
-        SUBSYSTEM=="net", ATTR{address}=="08:60:6e:e7:87:04", NAME="et0"
-      '';
+        };
+      };
+      # TODO use this network config
+      #networking.interfaces.et0.ipv4.addresses = [
+      #  {
+      #    address = config.krebs.build.host.nets.internet.ip4.addr;
+      #    prefixLength = 27;
+      #  }
+      #  {
+      #    address = "46.4.114.243";
+      #    prefixLength = 27;
+      #  }
+      #];
+      #networking.defaultGateway = "46.4.114.225";
+      #networking.nameservers = [
+      #  "8.8.8.8"
+      #];
+      #services.udev.extraRules = ''
+      #  SUBSYSTEM=="net", ATTR{address}=="08:60:6e:e7:87:04", NAME="et0"
+      #'';
     }
     {
       imports = [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix> ];
 
+      networking.hostId = "fb4173ea";
       boot.loader.grub = {
         devices = [
           "/dev/sda"
@@ -40,45 +52,25 @@
 
       boot.kernelModules = [ "kvm-intel" ];
 
-      fileSystems."/" = {
-        device = "/dev/pool/nix_root";
-        fsType = "ext4";
-      };
-
-      fileSystems."/tmp" = {
-        device = "tmpfs";
-        fsType = "tmpfs";
-        options = ["nosuid" "nodev" "noatime"];
-      };
-
-      fileSystems."/var/download" = {
-        device = "/dev/pool/download";
-        fsType = "ext4";
-      };
+      sound.enable = false;
+      nixpkgs.config.allowUnfree = true;
+      time.timeZone = "Europe/Berlin";
 
-      fileSystems."/srv/http" = {
-        device = "/dev/pool/http";
-        fsType = "ext4";
+      fileSystems."/" = {
+        device = "rpool/root/nixos";
+        fsType = "zfs";
       };
 
       fileSystems."/home" = {
-        device = "/dev/pool/home";
-        fsType = "ext4";
+        device = "rpool/home";
+        fsType = "zfs";
       };
 
-      fileSystems."/bku" = {
-        device = "/dev/pool/bku";
+      fileSystems."/boot" = {
+        device = "/dev/disk/by-uuid/b67c3370-1597-4ce8-8a46-e257ca32150d";
         fsType = "ext4";
       };
 
-      swapDevices = [
-        { label = "swap1"; }
-        { label = "swap2"; }
-      ];
-
-      sound.enable = false;
-      nixpkgs.config.allowUnfree = true;
-      time.timeZone = "Europe/Berlin";
     }
   ];
 
diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix
index 95aac2d18..e8a2539f3 100644
--- a/lass/2configs/baseX.nix
+++ b/lass/2configs/baseX.nix
@@ -71,7 +71,6 @@ in {
     lm_sensors
     ncdu
     nix-index
-    nix-repl
     nmap
     pavucontrol
     powertop
diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix
index 846000a3a..6ef3c8595 100644
--- a/lass/2configs/exim-smarthost.nix
+++ b/lass/2configs/exim-smarthost.nix
@@ -89,6 +89,7 @@ with import <stockholm/lib>;
       { from = "cis@lassul.us"; to = lass.mail; }
       { from = "afra@lassul.us"; to = lass.mail; }
       { from = "ksp@lassul.us"; to = lass.mail; }
+      { from = "ccc@lassul.us"; to = lass.mail; }
     ];
     system-aliases = [
       { from = "mailer-daemon"; to = "postmaster"; }
diff --git a/lass/2configs/games.nix b/lass/2configs/games.nix
index 81f53bf69..17c3cf3be 100644
--- a/lass/2configs/games.nix
+++ b/lass/2configs/games.nix
@@ -57,7 +57,6 @@ let
 
 in {
   environment.systemPackages = with pkgs; [
-    (dwarf-fortress.override { theme = dwarf-fortress-packages.phoebus-theme; })
     doom1
     doom2
     vdoom1
diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix
index 97def9df3..c5b5c01fb 100644
--- a/lass/2configs/git.nix
+++ b/lass/2configs/git.nix
@@ -50,18 +50,38 @@ let
       cgit.desc = "take a description of your disk layout and produce a format script";
       cgit.section = "software";
     };
+    go = {
+      cgit.desc = "url shortener";
+      cgit.section = "software";
+    };
     krebspage = {
       cgit.desc = "homepage of krebs";
       cgit.section = "configuration";
     };
+    krops = {
+      cgit.desc = "krebs deployment";
+      cgit.section = "software";
+    };
     news = {
       cgit.desc = "take a rss feed and a timeout and print it to stdout";
       cgit.section = "software";
     };
+    newsbot-js = {
+      cgit.desc = "print rss feeds to irc channels";
+      cgit.section = "software";
+    };
+    nix-user-chroot = {
+      cgit.desc = "Fork of nix-user-chroot by lethalman";
+      cgit.section = "software";
+    };
     nix-writers = {
       cgit.desc = "high level writers for nix";
       cgit.section = "software";
     };
+    nixos-generators = {
+      cgit.desc = "custom image builders";
+      cgit.section = "software";
+    };
     nixpkgs = {
       cgit.desc = "nixpkgs fork";
       cgit.section = "configuration";
@@ -81,14 +101,6 @@ let
       cgit.desc = "Good Music collection + tools";
       cgit.section  = "art";
     };
-    nix-user-chroot = {
-      cgit.desc = "Fork of nix-user-chroot by lethalman";
-      cgit.section = "software";
-    };
-    krops = {
-      cgit.desc = "krebs deployment";
-      cgit.section = "software";
-    };
     xmonad-stockholm = {
       cgit.desc = "krebs xmonad modules";
       cgit.section = "configuration";
diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix
index 9246abfed..e50689254 100644
--- a/lass/2configs/mail.nix
+++ b/lass/2configs/mail.nix
@@ -210,6 +210,7 @@ in {
   environment.systemPackages = [
     msmtp
     mutt
+    pkgs.notmuch
     pkgs.much
     tag-new-mails
     tag-old-mails
diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix
index a83d51f1d..bf6855804 100644
--- a/lass/2configs/radio.nix
+++ b/lass/2configs/radio.nix
@@ -36,8 +36,9 @@ in {
       home = "/home/${name}";
       useDefaultShell = true;
       createHome = true;
-      openssh.authorizedKeys.keys = [
-        config.krebs.users.lass.pubkey
+      openssh.authorizedKeys.keys = with config.krebs.users; [
+        lass.pubkey
+        lass-mors.pubkey
       ];
     };
   };
@@ -131,6 +132,30 @@ in {
     };
   };
 
+  systemd.services.radio-recent = let
+    recentlyPlayed = pkgs.writeDash "recentlyPlayed" ''
+      LIMIT=1000 #how many tracks to keep in the history
+      HISTORY_FILE=/tmp/played
+      while :; do
+        ${pkgs.mpc_cli}/bin/mpc idle player > /dev/null
+        ${pkgs.mpc_cli}/bin/mpc current -f %file%
+      done | while read track; do
+        echo "$(date -Is)" "$track" | tee -a "$HISTORY_FILE"
+        echo "$(tail -$LIMIT "$HISTORY_FILE")" > "$HISTORY_FILE"
+      done
+    '';
+  in {
+    description = "radio recently played";
+    after = [ "mpd.service" "network.target" ];
+    wantedBy = [ "multi-user.target" ];
+
+    restartIfChanged = true;
+
+    serviceConfig = {
+      ExecStart = recentlyPlayed;
+    };
+  };
+
   krebs.Reaktor.playlist = {
     nickname = "the_playlist|r";
     channels = [
@@ -157,27 +182,40 @@ in {
       })
     ];
   };
-  services.nginx.virtualHosts."lassul.us".locations."/the_playlist".extraConfig = let
-    html = pkgs.writeText "index.html" ''
-      <!DOCTYPE html>
-      <html lang="en">
-        <head>
-          <meta charset="utf-8">
-          <title>lassulus playlist</title>
-        </head>
-        <body>
-          <div style="display:inline-block;margin:0px;padding:0px;overflow:hidden">
-            <iframe src="https://kiwiirc.com/client/irc.freenode.org/?nick=kiwi_test|?&theme=cli#the_playlist" frameborder="0" style="overflow:hidden;overflow-x:hidden;overflow-y:hidden;height:95%;width:100%;position:absolute;top:0px;left:0px;right:0px;bottom:0px" height="95%" width="100%"></iframe>
-          </div>
-          <div style="position:absolute;bottom:1px;display:inline-block;background-color:red;">
-            <audio controls autoplay="autoplay"><source src="http://lassul.us:8000/radio.ogg" type="audio/ogg">Your browser does not support the audio element.</audio>
-          </div>
-          <!-- page content -->
-        </body>
-      </html>
+  services.nginx = {
+    enable = true;
+    virtualHosts."radio.lassul.us" = {
+      forceSSL = true;
+      enableACME = true;
+      locations."/".extraConfig = ''
+        proxy_pass http://localhost:8000;
+      '';
+      locations."/recent".extraConfig = ''
+        alias /tmp/played;
+      '';
+    };
+    virtualHosts."lassul.us".locations."/the_playlist".extraConfig = let
+      html = pkgs.writeText "index.html" ''
+        <!DOCTYPE html>
+        <html lang="en">
+          <head>
+            <meta charset="utf-8">
+            <title>lassulus playlist</title>
+          </head>
+          <body>
+            <div style="display:inline-block;margin:0px;padding:0px;overflow:hidden">
+              <iframe src="https://kiwiirc.com/client/irc.freenode.org/?nick=kiwi_test|?&theme=cli#the_playlist" frameborder="0" style="overflow:hidden;overflow-x:hidden;overflow-y:hidden;height:95%;width:100%;position:absolute;top:0px;left:0px;right:0px;bottom:0px" height="95%" width="100%"></iframe>
+            </div>
+            <div style="position:absolute;bottom:1px;display:inline-block;background-color:red;">
+              <audio controls autoplay="autoplay"><source src="http://lassul.us:8000/radio.ogg" type="audio/ogg">Your browser does not support the audio element.</audio>
+            </div>
+            <!-- page content -->
+          </body>
+        </html>
+      '';
+    in ''
+      default_type "text/html";
+      alias ${html};
     '';
-  in ''
-    default_type "text/html";
-    alias ${html};
-  '';
+  };
 }
diff --git a/lass/2configs/reaktor-coders.nix b/lass/2configs/reaktor-coders.nix
index 44d8984d7..7cdcdf20c 100644
--- a/lass/2configs/reaktor-coders.nix
+++ b/lass/2configs/reaktor-coders.nix
@@ -63,24 +63,6 @@ with import <stockholm/lib>;
             -e "@kind $1"
         '';
       })
-      (buildSimpleReaktorPlugin "random-unicorn-porn" {
-        pattern = "^!rup$$";
-        script = pkgs.writePython2 "rup" {} ''
-          t1 = """
-                              _.
-                           ;=',_ ()
-                 8===D~~  S" .--`||
-                         sS  \__ ||
-                      __.' ( \-->||
-                   _=/    _./-\/ ||
-          8===D~~ ((\( /-'   -'l ||
-                   ) |/ \\      (_))
-                      \\  \\
-                       '~ '~
-          """
-          print(t1)
-        '';
-      })
       (buildSimpleReaktorPlugin "ping" {
         pattern = "^!ping (?P<args>.*)$$";
         script = pkgs.writeDash "ping" ''
diff --git a/lass/2configs/urxvt.nix b/lass/2configs/urxvt.nix
index fa63ddf25..82f3fb2e6 100644
--- a/lass/2configs/urxvt.nix
+++ b/lass/2configs/urxvt.nix
@@ -5,7 +5,7 @@ with import <stockholm/lib>;
   services.urxvtd.enable = true;
 
   krebs.xresources.resources.urxvt = ''
-    URxvt*SaveLines: 1000000
+    URxvt.saveLines:            100000
     URxvt*scrollBar:            false
     URxvt*urgentOnBell:         true
     URxvt.perl-ext-common:      default,clipboard,url-select,keyboard-select
diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix
index 823d9a8ca..4f7bd4437 100644
--- a/lass/2configs/vim.nix
+++ b/lass/2configs/vim.nix
@@ -2,20 +2,13 @@
 
 with import <stockholm/lib>;
 let
-  unstable_nixpkgs = import (pkgs.fetchFromGitHub {
-    owner = "NixOS";
-    repo = "nixpkgs";
-    rev = "a8c71037e041725d40fbf2f3047347b6833b1703";
-    sha256 = "1z4cchcw7qgjhy0x6mnz7iqvpswc2nfjpdynxc54zpm66khfrjqw";
-  }) {};
   out = {
     environment.systemPackages = [
       (hiPrio vim)
-      pkgs.python35Packages.flake8
       (pkgs.writeDashBin "govet" ''
         go vet "$@"
       '')
-      (hiPrio (unstable_nixpkgs.python3.withPackages (ps: [
+      (hiPrio (pkgs.python3.withPackages (ps: [
         ps.python-language-server
         ps.pyls-isort
       ])))
@@ -70,6 +63,8 @@ let
     au Syntax * syn match Garbage containedin=ALL /\s\+$/
             \ | syn match TabStop containedin=ALL /\t\+/
             \ | syn keyword Todo containedin=ALL TODO
+            \ | syn match NBSP '\%xa0'
+            \ | syn match NarrowNBSP '\%u202F'
 
     au BufRead,BufNewFile *.hs so ${hs.vim}
 
@@ -135,7 +130,7 @@ let
     pkgs.vimPlugins.undotree
     pkgs.vimPlugins.vim-go
     pkgs.vimPlugins.fzf-vim
-    unstable_nixpkgs.vimPlugins.LanguageClient-neovim
+    pkgs.vimPlugins.LanguageClient-neovim
     (pkgs.vimUtils.buildVimPlugin {
       name = "file-line-1.0";
       src = pkgs.fetchFromGitHub {
@@ -172,6 +167,8 @@ let
 
         hi Garbage      ctermbg=088
         hi TabStop      ctermbg=016
+        hi NBSP         ctermbg=094
+        hi NarrowNBSP   ctermbg=097
         hi Todo         ctermfg=174 ctermbg=NONE
 
         hi NixCode      ctermfg=148
diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix
index e1c1313ea..828cab95f 100644
--- a/lass/2configs/websites/domsen.nix
+++ b/lass/2configs/websites/domsen.nix
@@ -66,6 +66,12 @@ in {
     ])
   ];
 
+  services.mysql.ensureDatabases = [ "ubikmedia_de" "o_ubikmedia_de" ];
+  services.mysql.ensureUsers = [
+    { ensurePermissions = { "ubikmedia_de.*" = "ALL"; }; name = "nginx"; }
+    { ensurePermissions = { "o_ubikmedia_de.*" = "ALL"; }; name = "nginx"; }
+  ];
+
   services.nginx.virtualHosts."ubikmedia.de".locations."/piwika".extraConfig = ''
     try_files $uri $uri/ /index.php?$args;
   '';
diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix
index 4c29831a2..b72b20928 100644
--- a/lass/2configs/websites/lassulus.nix
+++ b/lass/2configs/websites/lassulus.nix
@@ -145,8 +145,9 @@ in {
     home = "/srv/http/lassul.us";
     useDefaultShell = true;
     createHome = true;
-    openssh.authorizedKeys.keys = [
-      config.krebs.users.lass.pubkey
+    openssh.authorizedKeys.keys = with config.krebs.users; [
+      lass.pubkey
+      lass-mors.pubkey
     ];
   };
 }
diff --git a/lass/3modules/xjail.nix b/lass/3modules/xjail.nix
index 5b450ed42..974e11c6e 100644
--- a/lass/3modules/xjail.nix
+++ b/lass/3modules/xjail.nix
@@ -120,10 +120,13 @@ with import <stockholm/lib>;
           ${pkgs.coreutils}/bin/kill $WM_PID
           ${pkgs.coreutils}/bin/kill $XEPHYR_PID
         '';
+        # TODO fix xephyr which doesn't honor resizes anymore
         sudo_ = pkgs.writeDash "${cfg.name}-sudo" (if cfg.vglrun then ''
           /var/run/wrappers/bin/sudo -u ${cfg.name} -i ${vglrun_} "$@"
         '' else ''
-          /var/run/wrappers/bin/sudo -u ${cfg.name} -i env DISPLAY=:${cfg.display} ${cfg.script} "$@"
+          #/var/run/wrappers/bin/sudo -u ${cfg.name} -i env DISPLAY=:${cfg.display} ${cfg.script} "$@"
+          /var/run/wrappers/bin/sudo -u ${cfg.name} -i ${cfg.script} "$@"
+
         '');
         vglrun_ = pkgs.writeDash "${cfg.name}-vglrun" ''
           DISPLAY=:${cfg.display} ${pkgs.virtualgl}/bin/vglrun ${cfg.extraVglrunArgs} ${cfg.script} "$@"
@@ -163,7 +166,7 @@ with import <stockholm/lib>;
 
     lass.xjail-bins = mapAttrs' (name: cfg:
       nameValuePair name (pkgs.writeScriptBin cfg.name ''
-        ${scripts.${name}.existing} "$@"
+        ${scripts.${name}.sudo} "$@"
       '')
     ) config.lass.xjail;
   };
diff --git a/lass/5pkgs/custom/xmonad-lass/default.nix b/lass/5pkgs/custom/xmonad-lass/default.nix
index 3bff9d450..087d54eca 100644
--- a/lass/5pkgs/custom/xmonad-lass/default.nix
+++ b/lass/5pkgs/custom/xmonad-lass/default.nix
@@ -31,6 +31,7 @@ import XMonad.Actions.CycleWS (toggleWS)
 import XMonad.Actions.DynamicWorkspaces ( addWorkspacePrompt, renameWorkspace, removeEmptyWorkspace)
 import XMonad.Actions.DynamicWorkspaces (withWorkspace)
 import XMonad.Actions.GridSelect (GSConfig(..), gridselectWorkspace, navNSearch)
+import XMonad.Actions.Minimize (minimizeWindow, maximizeWindow, withLastMinimized)
 import XMonad.Hooks.EwmhDesktops (ewmh)
 import XMonad.Hooks.FloatNext (floatNext)
 import XMonad.Hooks.FloatNext (floatNextHook)
@@ -39,7 +40,7 @@ import XMonad.Hooks.Place (placeHook, smart)
 import XMonad.Hooks.UrgencyHook (focusUrgent)
 import XMonad.Hooks.UrgencyHook (withUrgencyHook, UrgencyHook(..))
 import XMonad.Layout.FixedColumn (FixedColumn(..))
-import XMonad.Layout.Minimize (minimize, minimizeWindow, MinimizeMsg(RestoreNextMinimizedWin))
+import XMonad.Layout.Minimize (minimize)
 import XMonad.Layout.NoBorders (smartBorders)
 import XMonad.Layout.SimplestFloat (simplestFloat)
 import XMonad.Prompt (autoComplete, font, searchPredicate, XPConfig)
@@ -135,7 +136,7 @@ myKeyMap =
     , ("M4-C-v", withWorkspace autoXPConfig (windows . copy))
 
     , ("M4-m", withFocused minimizeWindow)
-    , ("M4-S-m", sendMessage RestoreNextMinimizedWin)
+    , ("M4-S-m", withLastMinimized maximizeWindow)
 
     , ("M4-q", windowPromptGoto infixAutoXPConfig)
     , ("M4-C-q", windowPromptBringCopy infixAutoXPConfig)
diff --git a/lass/krops.nix b/lass/krops.nix
index 4e045c6db..a898164c3 100644
--- a/lass/krops.nix
+++ b/lass/krops.nix
@@ -22,13 +22,14 @@
 
 in {
   # usage: $(nix-build --no-out-link --argstr name HOSTNAME -A deploy)
-  deploy = pkgs.krops.writeDeploy "${name}-deploy" {
+  deploy = { target ? "root@${name}/var/src" }: pkgs.krops.writeDeploy "${name}-deploy" {
     source = source { test = false; };
-    target = "root@${name}/var/src";
+    inherit target;
   };
 
   # usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test)
   test = { target }: pkgs.krops.writeTest "${name}-test" {
+    force = true;
     inherit target;
     source = source { test = true; };
   };
author	tv <tv@krebsco.de>	2018-10-27 15:02:39 +0200
committer	tv <tv@krebsco.de>	2018-10-27 15:02:39 +0200
commit	212bc39249f9792cbedf2e9a6b3fed90c52c63e7 (patch)
tree	de2a5cf0be852b8beb8317481649460194f40d5b /lass
parent	34e1f09bf5e233bee78ee63166d2a1d9944a51f9 (diff)
parent	24f4e8dcf0eca55378fa018a9ed980625222653d (diff)