diff options
author | makefu <github@syntax-fehler.de> | 2017-11-02 14:24:48 +0100 |
---|---|---|
committer | makefu <github@syntax-fehler.de> | 2017-11-02 14:24:48 +0100 |
commit | 4baad9d4226f15ff1ff326ebcb36fc1bd83a98c5 (patch) | |
tree | 4c68d68d78903f12a681e57051ba2b420099a00c /lass | |
parent | 2e39f7b3d1805346e067bdc7236bd7dfe87381a2 (diff) | |
parent | 6934b5d83f245b723cf7d685d7ab0a758947bdc8 (diff) |
Merge remote-tracking branch 'lass/master'
Diffstat (limited to 'lass')
-rw-r--r-- | lass/1systems/helios/config.nix | 2 | ||||
-rw-r--r-- | lass/1systems/mors/config.nix | 1 | ||||
-rw-r--r-- | lass/1systems/prism/config.nix | 8 | ||||
-rw-r--r-- | lass/2configs/baseX.nix | 8 | ||||
-rw-r--r-- | lass/2configs/br.nix | 48 | ||||
-rw-r--r-- | lass/2configs/default.nix | 3 | ||||
-rw-r--r-- | lass/2configs/dns-stuff.nix | 1 | ||||
-rw-r--r-- | lass/2configs/exim-smarthost.nix | 1 | ||||
-rw-r--r-- | lass/2configs/screenlock.nix | 17 | ||||
-rw-r--r-- | lass/2configs/websites/domsen.nix | 2 | ||||
-rw-r--r-- | lass/3modules/default.nix | 1 | ||||
-rw-r--r-- | lass/3modules/screenlock.nix | 37 | ||||
-rw-r--r-- | lass/5pkgs/xmonad-lass.nix | 4 | ||||
-rw-r--r-- | lass/source.nix | 2 |
14 files changed, 111 insertions, 24 deletions
diff --git a/lass/1systems/helios/config.nix b/lass/1systems/helios/config.nix index 6db6f8fd1..70aa3832d 100644 --- a/lass/1systems/helios/config.nix +++ b/lass/1systems/helios/config.nix @@ -115,4 +115,6 @@ with import <stockholm/lib>; (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC2G1.pem"; sha256 = "1z2qkyhgjvri13bvi06ynkb7mjmpcznmc9yw8chx1lnwc3cxa7kf"; }) (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC3G1.pem"; sha256 = "0smdjjvz95n652cb45yhzdb2lr83zg52najgbzf6lm3w71f8mv7f"; }) ]; + + lass.screenlock.command = "${pkgs.i3lock}/bin/i3lock -i /home/lass/lock.png -t -f"; } diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix index 610bfef8e..6a61ce1fa 100644 --- a/lass/1systems/mors/config.nix +++ b/lass/1systems/mors/config.nix @@ -29,6 +29,7 @@ with import <stockholm/lib>; <stockholm/lass/2configs/syncthing.nix> <stockholm/lass/2configs/otp-ssh.nix> <stockholm/lass/2configs/c-base.nix> + <stockholm/tv/2configs/br.nix> { #risk of rain port krebs.iptables.tables.filter.INPUT.rules = [ diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 30d5c8dab..a0bc1b900 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -168,6 +168,14 @@ in { "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBQhLGvfv4hyQ/nqJGy1YgHXPSVl6igeWTroJSvAhUFgoh+rG+zvqY0EahKXNb3sq0/OYDCTJVuucc0hgCg7T2KqTqMtTb9EEkRmCFbD7F7DWZojCrh/an6sHneqT5eFvzAPZ8E5hup7oVQnj5P5M3I9keRHBWt1rq6q0IcOEhsFvne4qJc73aLASTJkxzlo5U8ju3JQOl6474ECuSn0lb1fTrQ/SR1NgF7jV11eBldkS8SHEB+2GXjn4Yrn+QUKOnDp+B85vZmVlJSI+7XR1/U/xIbtAjGTEmNwB6cTbBv9NCG9jloDDOZG4ZvzzHYrlBXjaigtQh2/4mrHoKa5eV juhulian@juhulian" ]; }; + users.users.hellrazor = { + uid = genid "hellrazor"; + isNormalUser = true; + extraGroups = [ + "download" + ]; + openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDQFaYOWRUvHP6I37q9Dd4PJOq8FNQqAeJZ8pLx0G62uC450kbPGcG80rHHvXmk7HqQP6biJmMg48bOsvXAScPot2Qhp1Qc35CuUqVhLiTvUAsi8l/iJjhjZ23yRGDCAmW5+JIOzIvECkcbMnG7YoYAQ9trNGHe9qwGzQGhpt3QVClE23WtE3PVKRLQx1VbiabSnAm6tXVd2zpUoSdpWt8Gpi2taM4XXJ5+l744MNxFHvDapN5xqpYzwrA34Ii13jNLWcGbtgxESpR+VjnamdWByrkBsW4X5/xn2K1I1FrujaM/DBHV1QMaDKst9V8+uL5X7aYNt0OUBu2eyZdg6aujY2BYovB9uRyR1JIuSbA/a54MM96yN9WirMUufJF/YZrV0L631t9EW8ORyWUo1GRzMuBHVHQlfApj7NCU/jEddUuTqKgwyRgTmMFMUI4M0tRULAB/7pBE1Vbcx9tg6RsKIk8VkskfbBJW9Y6Sx6YoFlxPdgMNIrBefqEjIV62piP7YLMlvfIDCJ7TNd9dLN86XGggZ/nD5zt6SL1o61vVnw9If8pHosppxADPJsJvcdN6fOe16/tFAeE0JRo0jTcyFVTBGfhpey+rFfuW8wtUyuO5WPUxkOn7xMHGMWHJAtWX2vwVIDtLxvqn48B4SmEOpPD6ii+vcpwqAex3ycqBUQ==" ]; + }; } { #hotdog diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 9d4ad8c6a..a8bb8693f 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -6,7 +6,6 @@ in { imports = [ ./mpv.nix ./power-action.nix - ./screenlock.nix ./copyq.nix ./xresources.nix ./livestream.nix @@ -31,15 +30,15 @@ in { options.lass.fonts = { regular = mkOption { type = types.str; - default = "xft:Hack-Regular:pixelsize=11,xft:Symbola"; + default = "-*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1"; }; bold = mkOption { type = types.str; - default = "xft:Hack-Bold:pixelsize=11,xft:Symbola"; + default = "-*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1"; }; italic = mkOption { type = types.str; - default = "xft:Hack-RegularOblique:pixelsize=11,xft:Symbol"; + default = "-*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1"; }; }; } @@ -136,4 +135,5 @@ in { }; services.urxvtd.enable = true; + lass.screenlock.enable = true; } diff --git a/lass/2configs/br.nix b/lass/2configs/br.nix new file mode 100644 index 000000000..35bac8fee --- /dev/null +++ b/lass/2configs/br.nix @@ -0,0 +1,48 @@ +with import <stockholm/lib>; +{ config, pkgs, ... }: { + + imports = [ + <nixpkgs/nixos/modules/services/hardware/sane_extra_backends/brscan4.nix> + ]; + + krebs.nixpkgs.allowUnfreePredicate = pkg: any (flip hasPrefix pkg.name) [ + "brother-udev-rule-type1-" + "brscan4-" + "mfcl2700dnlpr-" + ]; + + hardware.sane = { + enable = true; + brscan4 = { + enable = true; + netDevices = { + bra = { + model = "MFCL2700DN"; + ip = "10.23.42.221"; + }; + }; + }; + }; + + services.saned.enable = true; + + # usage: scanimage -d "$(find-scanner bra)" --batch --format=tiff --resolution 150 -x 211 -y 298 + environment.systemPackages = [ + (pkgs.writeDashBin "find-scanner" '' + set -efu + name=$1 + ${pkgs.sane-backends}/bin/scanimage -f '%m %d + ' \ + | ${pkgs.gawk}/bin/awk -v dev="*$name" '$1 == dev { print $2; exit }' \ + | ${pkgs.gnugrep}/bin/grep . + '') + ]; + + services.printing = { + enable = true; + drivers = [ + pkgs.mfcl2700dncupswrapper + ]; + }; + +} diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index f745dc4a1..180647a6d 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -50,7 +50,7 @@ with import <stockholm/lib>; NIX_PATH = mkForce "secrets=/var/src/stockholm/null:/var/src"; }; } - (let ca-bundle = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; in { + (let ca-bundle = "/etc/ssl/certs/ca-bundle.crt"; in { environment.variables = { CURL_CA_BUNDLE = ca-bundle; GIT_SSL_CAINFO = ca-bundle; @@ -210,6 +210,7 @@ with import <stockholm/lib>; { predicate = "-p tcp -i retiolum"; target = "REJECT --reject-with tcp-reset"; precedence = -10000; } { predicate = "-p udp -i retiolum"; target = "REJECT --reject-with icmp-port-unreachable"; v6 = false; precedence = -10000; } { predicate = "-i retiolum"; target = "REJECT --reject-with icmp-proto-unreachable"; v6 = false; precedence = -10000; } + { predicate = "-i retiolum -p udp -m udp --dport 53"; target = "ACCEPT"; } ]; }; }; diff --git a/lass/2configs/dns-stuff.nix b/lass/2configs/dns-stuff.nix index e305145f5..411b07503 100644 --- a/lass/2configs/dns-stuff.nix +++ b/lass/2configs/dns-stuff.nix @@ -13,6 +13,7 @@ with import <stockholm/lib>; }; services.dnsmasq = { enable = true; + resolveLocalQueries = false; extraConfig = '' server=127.1.0.1 #no-resolv diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix index 0b56f6f47..f9c8f8ebc 100644 --- a/lass/2configs/exim-smarthost.nix +++ b/lass/2configs/exim-smarthost.nix @@ -45,6 +45,7 @@ with import <stockholm/lib>; { from = "raf@lassul.us"; to = lass.mail; } { from = "apple@lassul.us"; to = lass.mail; } { from = "coinbase@lassul.us"; to = lass.mail; } + { from = "tomtop@lassul.us"; to = lass.mail; } ]; system-aliases = [ { from = "mailer-daemon"; to = "postmaster"; } diff --git a/lass/2configs/screenlock.nix b/lass/2configs/screenlock.nix deleted file mode 100644 index b5bc4ee2a..000000000 --- a/lass/2configs/screenlock.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ pkgs, config, ... }: - -{ - systemd.services.screenlock = { - before = [ "sleep.target" ]; - wantedBy = [ "sleep.target" ]; - environment = { - DISPLAY = ":0"; - }; - serviceConfig = { - SyslogIdentifier = "screenlock"; - ExecStart = "${pkgs.i3lock}/bin/i3lock -i /var/lib/wallpaper/wallpaper -f"; - Type = "forking"; - User = "lass"; - }; - }; -} diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 10ff142f9..6fbd4d0df 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -126,6 +126,8 @@ in { { from = "dominik@apanowicz.de"; to = "dominik_a@gmx.de"; } { from = "dma@ubikmedia.de"; to = "domsen"; } { from = "dma@ubikmedia.eu"; to = "domsen"; } + { from = "mail@habsys.de"; to = "domsen"; } + { from = "mail@habsys.eu"; to = "domsen"; } { from = "bruno@apanowicz.de"; to = "bruno"; } { from = "mail@jla-trading.com"; to = "jla-trading"; } { from = "jms@ubikmedia.eu"; to = "jms"; } diff --git a/lass/3modules/default.nix b/lass/3modules/default.nix index e7744395d..e14e39bc2 100644 --- a/lass/3modules/default.nix +++ b/lass/3modules/default.nix @@ -8,6 +8,7 @@ _: ./mysql-backup.nix ./news.nix ./pyload.nix + ./screenlock.nix ./umts.nix ./usershadow.nix ./xresources.nix diff --git a/lass/3modules/screenlock.nix b/lass/3modules/screenlock.nix new file mode 100644 index 000000000..06ca1f27d --- /dev/null +++ b/lass/3modules/screenlock.nix @@ -0,0 +1,37 @@ +{ pkgs, config, ... }: + +with import <stockholm/lib>; + +let + cfg = config.lass.screenlock; + + out = { + options.lass.screenlock = api; + config = mkIf cfg.enable imp; + }; + + api = { + enable = mkEnableOption "screenlock"; + command = mkOption { + type = types.str; + default = "${pkgs.i3lock}/bin/i3lock -i /var/lib/wallpaper/wallpaper -f"; + }; + }; + + imp = { + systemd.services.screenlock = { + before = [ "sleep.target" ]; + wantedBy = [ "sleep.target" ]; + environment = { + DISPLAY = ":0"; + }; + serviceConfig = { + SyslogIdentifier = "screenlock"; + ExecStart = cfg.command; + Type = "forking"; + User = "lass"; + }; + }; + }; + +in out diff --git a/lass/5pkgs/xmonad-lass.nix b/lass/5pkgs/xmonad-lass.nix index 997b60b8f..12c078940 100644 --- a/lass/5pkgs/xmonad-lass.nix +++ b/lass/5pkgs/xmonad-lass.nix @@ -97,7 +97,7 @@ displaySomeException = displayException myKeyMap :: [([Char], X ())] myKeyMap = - [ ("M4-<F11>", spawn "${pkgs.i3lock}/bin/i3lock -i /var/lib/wallpaper/wallpaper -f") + [ ("M4-<F11>", spawn "${config.lass.screenlock.command}") , ("M4-C-p", spawn "${pkgs.scrot}/bin/scrot ~/public_html/scrot.png") , ("M4-p", spawn "${pkgs.pass}/bin/passmenu --type") , ("M4-o", spawn "${pkgs.brain}/bin/brainmenu --type") @@ -139,6 +139,8 @@ myKeyMap = , ("M4-<F6>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 10") , ("M4-<F7>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 33") , ("M4-<F8>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 100") + + , ("<Pause>", spawn "${pkgs.xcalib}/bin/xcalib -invert -alter") ] forkFile :: FilePath -> [String] -> Maybe [(String, String)] -> X () diff --git a/lass/source.nix b/lass/source.nix index bd0395bcd..4849cadcc 100644 --- a/lass/source.nix +++ b/lass/source.nix @@ -10,7 +10,7 @@ in nixos-config.symlink = "stockholm/lass/1systems/${name}/config.nix"; nixpkgs.git = { url = https://github.com/nixos/nixpkgs; - ref = "68ef4b1"; + ref = "6a0a00d"; }; secrets.file = getAttr builder { buildbot = toString <stockholm/lass/2configs/tests/dummy-secrets>; |