summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/2configs/reaktor-krebs.nix6
-rw-r--r--krebs/2configs/reaktor-retiolum.nix6
-rw-r--r--krebs/3modules/per-user.nix2
-rw-r--r--krebs/3modules/tinc.nix1
-rw-r--r--krebs/5pkgs/simple/Reaktor/plugins.nix68
-rw-r--r--lass/1systems/prism/physical.nix10
-rw-r--r--lass/2configs/gc.nix2
-rw-r--r--lass/2configs/mail.nix2
-rw-r--r--lass/2configs/websites/domsen.nix14
-rw-r--r--lass/2configs/websites/lassulus.nix3
-rw-r--r--tv/1systems/xu/config.nix6
-rw-r--r--tv/2configs/backup.nix4
-rw-r--r--tv/2configs/default.nix1
-rw-r--r--tv/2configs/gitrepos.nix3
-rw-r--r--tv/2configs/htop.nix2
-rw-r--r--tv/2configs/xserver/Xmodmap.nix1
-rw-r--r--tv/2configs/xserver/xkiller.nix14
-rw-r--r--tv/3modules/default.nix1
-rw-r--r--tv/3modules/ejabberd/default.nix2
-rw-r--r--tv/3modules/nixpkgs-overlays.nix23
-rw-r--r--tv/3modules/slock.nix20
-rw-r--r--tv/5pkgs/default.nix6
-rw-r--r--tv/5pkgs/simple/xkiller.nix25
23 files changed, 121 insertions, 101 deletions
diff --git a/krebs/2configs/reaktor-krebs.nix b/krebs/2configs/reaktor-krebs.nix
index dc2838cae..862c9b991 100644
--- a/krebs/2configs/reaktor-krebs.nix
+++ b/krebs/2configs/reaktor-krebs.nix
@@ -14,12 +14,8 @@ with import <stockholm/lib>;
};
plugins = with pkgs.ReaktorPlugins; [
sed-plugin
- task-add
- task-delete
- task-done
- task-list
] ++
- (attrValues (todo "agenda"))
+ (attrValues (task "agenda"))
;
};
krebs.secret.files.nix-serve-key = {
diff --git a/krebs/2configs/reaktor-retiolum.nix b/krebs/2configs/reaktor-retiolum.nix
index 824f59d09..69fc4b202 100644
--- a/krebs/2configs/reaktor-retiolum.nix
+++ b/krebs/2configs/reaktor-retiolum.nix
@@ -10,12 +10,8 @@ with import <stockholm/lib>;
};
plugins = with pkgs.ReaktorPlugins; [
sed-plugin
- task-add
- task-delete
- task-done
- task-list
] ++
- (attrValues (todo "agenda"))
+ (attrValues (task "agenda"))
;
};
}
diff --git a/krebs/3modules/per-user.nix b/krebs/3modules/per-user.nix
index a7a07a8e6..5beb859aa 100644
--- a/krebs/3modules/per-user.nix
+++ b/krebs/3modules/per-user.nix
@@ -13,7 +13,7 @@ in {
});
default = {};
};
- config = {
+ config = mkIf (cfg != {}) {
environment = {
etc =
mapAttrs'
diff --git a/krebs/3modules/tinc.nix b/krebs/3modules/tinc.nix
index ecd449b09..24eac7158 100644
--- a/krebs/3modules/tinc.nix
+++ b/krebs/3modules/tinc.nix
@@ -27,6 +27,7 @@ let
"tinc.conf" = pkgs.writeText "${netname}-tinc.conf" ''
Name = ${tinc.config.host.name}
Interface = ${netname}
+ Broadcast = no
${concatMapStrings (c: "ConnectTo = ${c}\n") tinc.config.connectTo}
PrivateKeyFile = ${tinc.config.privkey.path}
Port = ${toString tinc.config.host.nets.${netname}.tinc.port}
diff --git a/krebs/5pkgs/simple/Reaktor/plugins.nix b/krebs/5pkgs/simple/Reaktor/plugins.nix
index 6f59ad1de..1b19a1178 100644
--- a/krebs/5pkgs/simple/Reaktor/plugins.nix
+++ b/krebs/5pkgs/simple/Reaktor/plugins.nix
@@ -146,58 +146,36 @@ rec {
'';
});
- taskrcFile = builtins.toFile "taskrc" ''
- confirmation=no
- '';
-
- task-add = buildSimpleReaktorPlugin "task-add" {
- pattern = "^task-add: (?P<args>.*)$$";
- script = pkgs.writeDash "task-add" ''
- ${pkgs.taskwarrior}/bin/task rc:${taskrcFile} add "$*"
- '';
- };
-
- task-list = buildSimpleReaktorPlugin "task-list" {
- pattern = "^task-list";
- script = pkgs.writeDash "task-list" ''
- ${pkgs.taskwarrior}/bin/task rc:${taskrcFile} export | ${pkgs.jq}/bin/jq -r '.[] | select(.id != 0) | "\(.id) \(.description)"'
- '';
- };
-
- task-delete = buildSimpleReaktorPlugin "task-delete" {
- pattern = "^task-delete: (?P<args>.*)$$";
- script = pkgs.writeDash "task-delete" ''
- ${pkgs.taskwarrior}/bin/task rc:${taskrcFile} delete "$*"
- '';
- };
-
- task-done = buildSimpleReaktorPlugin "task-done" {
- pattern = "^task-done: (?P<args>.*)$$";
- script = pkgs.writeDash "task-done" ''
- ${pkgs.taskwarrior}/bin/task rc:${taskrcFile} done "$*"
- '';
- };
-
- todo = name: {
- add = buildSimpleReaktorPlugin "${name}-add" {
+ task = name: let
+ rcFile = builtins.toFile "taskrc" ''
+ confirmation=no
+ '';
+ in {
+ add = buildSimpleReaktorPlugin "${name}-task-add" {
pattern = "^${name}-add: (?P<args>.*)$$";
script = pkgs.writeDash "${name}-add" ''
- echo "$*" >> ${name}-todo
- echo "added ${name} todo"
+ TASKDATA=$HOME/${name} ${pkgs.taskwarrior}/bin/task rc:${rcFile} add "$*"
'';
};
- delete = buildSimpleReaktorPlugin "${name}-delete" {
+
+ list = buildSimpleReaktorPlugin "task-list" {
+ pattern = "^${name}-list";
+ script = pkgs.writeDash "task-list" ''
+ TASKDATA=$HOME/${name} ${pkgs.taskwarrior}/bin/task rc:${rcFile} export | ${pkgs.jq}/bin/jq -r '.[] | select(.id != 0) | "\(.id) \(.description)"'
+ '';
+ };
+
+ delete = buildSimpleReaktorPlugin "task-delete" {
pattern = "^${name}-delete: (?P<args>.*)$$";
- script = pkgs.writeDash "${name}-delete" ''
- ${pkgs.gnugrep}/bin/grep -Fvxe "$*" ${name}-todo > ${name}-todo.tmp
- ${pkgs.coreutils}/bin/mv ${name}-todo.tmp ${name}-todo
- echo "removed ${name} todo: $*"
+ script = pkgs.writeDash "task-delete" ''
+ TASKDATA=$HOME/${name} ${pkgs.taskwarrior}/bin/task rc:${rcFile} delete "$*"
'';
};
- show = buildSimpleReaktorPlugin "${name}-show" {
- pattern = "^${name}-show$";
- script = pkgs.writeDash "${name}-show" ''
- ${pkgs.coreutils}/bin/cat ${name}-todo
+
+ done = buildSimpleReaktorPlugin "task-done" {
+ pattern = "^${name}-done: (?P<args>.*)$$";
+ script = pkgs.writeDash "task-done" ''
+ TASKDATA=$HOME/${name} ${pkgs.taskwarrior}/bin/task rc:${rcFile} done "$*"
'';
};
};
diff --git a/lass/1systems/prism/physical.nix b/lass/1systems/prism/physical.nix
index 116bdb92f..a2b5efb29 100644
--- a/lass/1systems/prism/physical.nix
+++ b/lass/1systems/prism/physical.nix
@@ -40,6 +40,16 @@
fsType = "zfs";
};
+ fileSystems."/var/lib/nextcloud" = {
+ device = "tank/nextcloud";
+ fsType = "zfs";
+ };
+
+ fileSystems."/var/lib/libvirt" = {
+ device = "tank/libvirt";
+ fsType = "zfs";
+ };
+
nix.maxJobs = lib.mkDefault 8;
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
diff --git a/lass/2configs/gc.nix b/lass/2configs/gc.nix
index c5073e384..a1bb26049 100644
--- a/lass/2configs/gc.nix
+++ b/lass/2configs/gc.nix
@@ -3,6 +3,6 @@
with import <stockholm/lib>;
{
nix.gc = {
- automatic = ! (elem config.krebs.build.host.name [ "prism" "mors" "helios" ] || config.boot.isContainer);
+ automatic = ! (elem config.krebs.build.host.name [ "mors" "helios" ] || config.boot.isContainer);
};
}
diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix
index 21b9d7b49..3c19fe061 100644
--- a/lass/2configs/mail.nix
+++ b/lass/2configs/mail.nix
@@ -51,7 +51,7 @@ let
eloop = [ "to:eloop.org" ];
github = [ "to:github@lassul.us" ];
gmail = [ "to:gmail@lassul.us" "to:lassulus@gmail.com" "lassulus@googlemail.com" ];
- india = [ "to:hillhackers@lists.hillhacks.in" "to:hackbeach@lists.hackbeach.in" ];
+ india = [ "to:hillhackers@lists.hillhacks.in" "to:hackbeach@lists.hackbeach.in" "to:hackbeach@mail.hackbeach.in" ];
kaosstuff = [ "to:gearbest@lassul.us" "to:banggood@lassul.us" "to:tomtop@lassul.us" ];
lugs = [ "to:lugs@lug-s.org" ];
meetup = [ "to:meetup@lassul.us" ];
diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix
index 25dac0ac4..223fc73ba 100644
--- a/lass/2configs/websites/domsen.nix
+++ b/lass/2configs/websites/domsen.nix
@@ -88,6 +88,20 @@ in {
file_uploads = on
'';
+ services.nextcloud = {
+ enable = true;
+ hostName = "o.xanf.org";
+ config = {
+ adminpassFile = toString <secrets> + "/nextcloud_pw";
+ };
+ #https = true;
+ nginx.enable = true;
+ };
+ services.nginx.virtualHosts."o.xanf.org" = {
+ enableACME = true;
+ forceSSL = true;
+ };
+
# MAIL STUFF
# TODO: make into its own module
services.dovecot2 = {
diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix
index 307f1c2b3..27cadd100 100644
--- a/lass/2configs/websites/lassulus.nix
+++ b/lass/2configs/websites/lassulus.nix
@@ -101,6 +101,9 @@ in {
locations."/pub".extraConfig = ''
alias ${pkgs.writeText "pub" config.krebs.users.lass.pubkey};
'';
+ locations."/pub1".extraConfig = ''
+ alias ${pkgs.writeText "pub" config.krebs.users.lass-mors.pubkey};
+ '';
};
security.acme.certs."cgit.lassul.us" = {
diff --git a/tv/1systems/xu/config.nix b/tv/1systems/xu/config.nix
index b9c76cf49..33f9539c9 100644
--- a/tv/1systems/xu/config.nix
+++ b/tv/1systems/xu/config.nix
@@ -20,6 +20,7 @@ with import <stockholm/lib>;
<stockholm/tv/2configs/br.nix>
<stockholm/tv/2configs/xp-332.nix>
<stockholm/tv/2configs/xserver>
+ <stockholm/tv/2configs/xserver/xkiller.nix>
{
environment.systemPackages = with pkgs; [
@@ -156,10 +157,5 @@ with import <stockholm/lib>;
# The NixOS release to be compatible with for stateful data such as databases.
system.stateVersion = "15.09";
- tv.nixpkgs-overlays = {
- krebs = "/home/tv/stockholm/krebs/5pkgs";
- tv = "/home/tv/stockholm/tv/5pkgs";
- };
-
virtualisation.virtualbox.host.enable = true;
}
diff --git a/tv/2configs/backup.nix b/tv/2configs/backup.nix
index f8de72d00..b8dec8da4 100644
--- a/tv/2configs/backup.nix
+++ b/tv/2configs/backup.nix
@@ -60,7 +60,7 @@ with import <stockholm/lib>;
};
xu-pull-ni-ejabberd = {
method = "pull";
- src = { host = config.krebs.hosts.ni; path = "/var/ejabberd"; };
+ src = { host = config.krebs.hosts.ni; path = "/var/lib/ejabberd"; };
dst = { host = config.krebs.hosts.xu; path = "/bku/ni-ejabberd"; };
startAt = "07:00";
};
@@ -78,7 +78,7 @@ with import <stockholm/lib>;
};
zu-pull-ni-ejabberd = {
method = "pull";
- src = { host = config.krebs.hosts.ni; path = "/var/ejabberd"; };
+ src = { host = config.krebs.hosts.ni; path = "/var/lib/ejabberd"; };
dst = { host = config.krebs.hosts.zu; path = "/bku/ni-ejabberd"; };
startAt = "06:00";
};
diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix
index 484a337b7..e18ba31b0 100644
--- a/tv/2configs/default.nix
+++ b/tv/2configs/default.nix
@@ -92,7 +92,6 @@ with import <stockholm/lib>;
environment.variables = {
NIX_PATH = mkForce (concatStringsSep ":" [
"secrets=/var/src/stockholm/null"
- "nixpkgs-overlays=${config.tv.nixpkgs-overlays}"
"/var/src"
]);
};
diff --git a/tv/2configs/gitrepos.nix b/tv/2configs/gitrepos.nix
index a89d1302c..725ddefa8 100644
--- a/tv/2configs/gitrepos.nix
+++ b/tv/2configs/gitrepos.nix
@@ -67,10 +67,12 @@ let {
cgit.desc = "source code installer";
};
q = {};
+ reaktor2 = {};
regfish = {};
stockholm = {
cgit.desc = "NixOS configuration";
};
+ with-ssh = {};
} // mapAttrs (_: recursiveUpdate { cgit.section = "2. Host configurations"; }) {
ni = {
};
@@ -102,6 +104,7 @@ let {
nixos-infest = {};
painload = {};
push = {};
+ Reaktor = {};
with-tmpdir = {};
get = {};
load-env = {};
diff --git a/tv/2configs/htop.nix b/tv/2configs/htop.nix
index d7d2d7bfd..e78caeb5f 100644
--- a/tv/2configs/htop.nix
+++ b/tv/2configs/htop.nix
@@ -22,7 +22,7 @@ with import <stockholm/lib>;
highlight_megabytes=1
highlight_threads=1
tree_view=1
- header_margin=1
+ header_margin=0
detailed_cpu_time=0
cpu_count_from_zero=0
update_process_names=0
diff --git a/tv/2configs/xserver/Xmodmap.nix b/tv/2configs/xserver/Xmodmap.nix
index d2b1b2604..8e8e3dfdd 100644
--- a/tv/2configs/xserver/Xmodmap.nix
+++ b/tv/2configs/xserver/Xmodmap.nix
@@ -17,6 +17,7 @@ pkgs.writeText "Xmodmap" ''
keycode 39 = s S ssharp
keycode 33 = p P Greek_pi Greek_PI
+ keycode 40 = d D Greek_delta Greek_DELTA
keycode 46 = l L Greek_lambda Greek_LAMBDA
keycode 54 = c C cacute Cacute
diff --git a/tv/2configs/xserver/xkiller.nix b/tv/2configs/xserver/xkiller.nix
new file mode 100644
index 000000000..2f9763093
--- /dev/null
+++ b/tv/2configs/xserver/xkiller.nix
@@ -0,0 +1,14 @@
+{ pkgs, ... }: {
+
+ services.acpid.enable = true;
+ services.acpid.handlers.xkiller = {
+ action = /* sh */ ''
+ event=($1)
+ if test "''${event[2]}" = 00000080; then
+ ${pkgs.systemd}/bin/systemd-cat -t xkiller ${pkgs.xkiller}
+ fi
+ '';
+ event = "button/prog1";
+ };
+
+}
diff --git a/tv/3modules/default.nix b/tv/3modules/default.nix
index f53a58e9a..67fb3f650 100644
--- a/tv/3modules/default.nix
+++ b/tv/3modules/default.nix
@@ -5,7 +5,6 @@
./ejabberd
./hosts.nix
./iptables.nix
- ./nixpkgs-overlays.nix
./slock.nix
./x0vncserver.nix
];
diff --git a/tv/3modules/ejabberd/default.nix b/tv/3modules/ejabberd/default.nix
index e99b94ff9..f16dfac86 100644
--- a/tv/3modules/ejabberd/default.nix
+++ b/tv/3modules/ejabberd/default.nix
@@ -67,7 +67,7 @@ in {
type = types.user;
default = {
name = "ejabberd";
- home = "/var/ejabberd";
+ home = "/var/lib/ejabberd";
};
};
};
diff --git a/tv/3modules/nixpkgs-overlays.nix b/tv/3modules/nixpkgs-overlays.nix
deleted file mode 100644
index 4eb7a86bd..000000000
--- a/tv/3modules/nixpkgs-overlays.nix
+++ /dev/null
@@ -1,23 +0,0 @@
-with import <stockholm/lib>;
-{ config, pkgs, ... }: {
-
- options.tv.nixpkgs-overlays = mkOption {
- apply = src:
- pkgs.runCommand "nixpkgs-overlays" {} ''
- mkdir $out
- ${concatStringsSep "\n" (mapAttrsToList (name: path:
- "ln -s ${shell.escape path} $out/${shell.escape name}"
- ) src)}
- '' // {
- inherit src;
- };
- type = types.attrsOf types.absolute-pathname;
- };
-
- config = {
- tv.nixpkgs-overlays = {
- krebs = mkDefault "/var/src/stockholm/krebs/5pkgs";
- tv = mkDefault "/var/src/stockholm/tv/5pkgs";
- };
- };
-}
diff --git a/tv/3modules/slock.nix b/tv/3modules/slock.nix
index 1c84b1e9e..53f7f1f62 100644
--- a/tv/3modules/slock.nix
+++ b/tv/3modules/slock.nix
@@ -5,10 +5,12 @@ in {
options.tv.slock = {
enable = mkEnableOption "tv.slock";
package = mkOption {
- default = pkgs.execBin "slock" rec {
- filename = "${pkgs.systemd}/bin/systemctl";
- argv = [ filename "start" "slock-${cfg.user.name}.service" ];
- };
+ default = pkgs.writeDashBin "slock" ''
+ set -efu
+ display=''${DISPLAY#:}
+ service=slock-$LOGNAME@$display.service
+ exec ${pkgs.systemd}/bin/systemctl start "$service"
+ '';
type = types.package;
};
user = mkOption {
@@ -18,16 +20,16 @@ in {
config = mkIf cfg.enable {
security.polkit.extraConfig = /* js */ ''
polkit.addRule(function(action, subject) {
- if (action.id == "org.freedesktop.systemd1.manage-units" &&
- action.lookup("unit") == "slock-${cfg.user.name}.service" &&
- subject.user == ${toJSON cfg.user.name}) {
+ if (action.id === "org.freedesktop.systemd1.manage-units" &&
+ subject.user === ${toJSON cfg.user.name} &&
+ /^slock-${cfg.user.name}@[0-9]+\.service$/.test(action.lookup("unit")) ) {
return polkit.Result.YES;
}
});
'';
- systemd.services."slock-${cfg.user.name}" = {
+ systemd.services."slock-${cfg.user.name}@" = {
environment = {
- DISPLAY = ":${toString config.services.xserver.display}";
+ DISPLAY = ":%I";
LD_PRELOAD = pkgs.runCommandCC "slock-${cfg.user.name}.so" {
passAsFile = ["text"];
text = /* c */ ''
diff --git a/tv/5pkgs/default.nix b/tv/5pkgs/default.nix
index c5c800b55..605d827ef 100644
--- a/tv/5pkgs/default.nix
+++ b/tv/5pkgs/default.nix
@@ -24,6 +24,12 @@ foldl' mergeAttrs {}
"$@"
'';
+ dhcpcd = overrideDerivation super.dhcpcd (old: {
+ configureFlags = old.configureFlags ++ [
+ "--dbdir=/var/lib/dhcpcd"
+ ];
+ });
+
gitAndTools = super.gitAndTools // {
inherit (self) diff-so-fancy;
};
diff --git a/tv/5pkgs/simple/xkiller.nix b/tv/5pkgs/simple/xkiller.nix
new file mode 100644
index 000000000..8d8f01690
--- /dev/null
+++ b/tv/5pkgs/simple/xkiller.nix
@@ -0,0 +1,25 @@
+{ pkgs }:
+pkgs.writeDash "xkiller" ''
+ set -efu
+ exec >&2
+ ${pkgs.iproute}/bin/ss -lp src unix:/tmp/.X11-unix/X* |
+ ${pkgs.gnused}/bin/sed -n '
+ s|.*/tmp/.X11-unix/X\([0-9]\+\)\>.*("X[^"]*",pid=\([0-9]\+\)\>.*|\1 \2|p
+ ' |
+ while read -r display pid; do
+ {
+ exit_code=$(
+ DISPLAY=:$display ${pkgs.coreutils}/bin/timeout 1 \
+ ${pkgs.xorg.xset}/bin/xset q >/dev/null 2>&1 &&
+ echo 0 || echo $?
+ )
+ if test $exit_code = 124; then
+ echo "X on display :$display is locked up; killing PID $pid..."
+ ${pkgs.coreutils}/bin/kill -SIGKILL "$pid"
+ else
+ echo "X on display :$display is healthy"
+ fi
+ } &
+ done
+ wait
+''