diff options
-rw-r--r-- | krebs/2configs/reaktor-krebs.nix | 6 | ||||
-rw-r--r-- | krebs/2configs/reaktor-retiolum.nix | 6 | ||||
-rw-r--r-- | krebs/3modules/per-user.nix | 2 | ||||
-rw-r--r-- | krebs/3modules/tinc.nix | 1 | ||||
-rw-r--r-- | krebs/5pkgs/simple/Reaktor/plugins.nix | 68 | ||||
-rw-r--r-- | lass/1systems/prism/physical.nix | 10 | ||||
-rw-r--r-- | lass/2configs/gc.nix | 2 | ||||
-rw-r--r-- | lass/2configs/mail.nix | 2 | ||||
-rw-r--r-- | lass/2configs/websites/domsen.nix | 14 | ||||
-rw-r--r-- | lass/2configs/websites/lassulus.nix | 3 | ||||
-rw-r--r-- | tv/1systems/xu/config.nix | 6 | ||||
-rw-r--r-- | tv/2configs/backup.nix | 4 | ||||
-rw-r--r-- | tv/2configs/default.nix | 1 | ||||
-rw-r--r-- | tv/2configs/gitrepos.nix | 3 | ||||
-rw-r--r-- | tv/2configs/htop.nix | 2 | ||||
-rw-r--r-- | tv/2configs/xserver/Xmodmap.nix | 1 | ||||
-rw-r--r-- | tv/2configs/xserver/xkiller.nix | 14 | ||||
-rw-r--r-- | tv/3modules/default.nix | 1 | ||||
-rw-r--r-- | tv/3modules/ejabberd/default.nix | 2 | ||||
-rw-r--r-- | tv/3modules/nixpkgs-overlays.nix | 23 | ||||
-rw-r--r-- | tv/3modules/slock.nix | 20 | ||||
-rw-r--r-- | tv/5pkgs/default.nix | 6 | ||||
-rw-r--r-- | tv/5pkgs/simple/xkiller.nix | 25 |
23 files changed, 121 insertions, 101 deletions
diff --git a/krebs/2configs/reaktor-krebs.nix b/krebs/2configs/reaktor-krebs.nix index dc2838cae..862c9b991 100644 --- a/krebs/2configs/reaktor-krebs.nix +++ b/krebs/2configs/reaktor-krebs.nix @@ -14,12 +14,8 @@ with import <stockholm/lib>; }; plugins = with pkgs.ReaktorPlugins; [ sed-plugin - task-add - task-delete - task-done - task-list ] ++ - (attrValues (todo "agenda")) + (attrValues (task "agenda")) ; }; krebs.secret.files.nix-serve-key = { diff --git a/krebs/2configs/reaktor-retiolum.nix b/krebs/2configs/reaktor-retiolum.nix index 824f59d09..69fc4b202 100644 --- a/krebs/2configs/reaktor-retiolum.nix +++ b/krebs/2configs/reaktor-retiolum.nix @@ -10,12 +10,8 @@ with import <stockholm/lib>; }; plugins = with pkgs.ReaktorPlugins; [ sed-plugin - task-add - task-delete - task-done - task-list ] ++ - (attrValues (todo "agenda")) + (attrValues (task "agenda")) ; }; } diff --git a/krebs/3modules/per-user.nix b/krebs/3modules/per-user.nix index a7a07a8e6..5beb859aa 100644 --- a/krebs/3modules/per-user.nix +++ b/krebs/3modules/per-user.nix @@ -13,7 +13,7 @@ in { }); default = {}; }; - config = { + config = mkIf (cfg != {}) { environment = { etc = mapAttrs' diff --git a/krebs/3modules/tinc.nix b/krebs/3modules/tinc.nix index ecd449b09..24eac7158 100644 --- a/krebs/3modules/tinc.nix +++ b/krebs/3modules/tinc.nix @@ -27,6 +27,7 @@ let "tinc.conf" = pkgs.writeText "${netname}-tinc.conf" '' Name = ${tinc.config.host.name} Interface = ${netname} + Broadcast = no ${concatMapStrings (c: "ConnectTo = ${c}\n") tinc.config.connectTo} PrivateKeyFile = ${tinc.config.privkey.path} Port = ${toString tinc.config.host.nets.${netname}.tinc.port} diff --git a/krebs/5pkgs/simple/Reaktor/plugins.nix b/krebs/5pkgs/simple/Reaktor/plugins.nix index 6f59ad1de..1b19a1178 100644 --- a/krebs/5pkgs/simple/Reaktor/plugins.nix +++ b/krebs/5pkgs/simple/Reaktor/plugins.nix @@ -146,58 +146,36 @@ rec { ''; }); - taskrcFile = builtins.toFile "taskrc" '' - confirmation=no - ''; - - task-add = buildSimpleReaktorPlugin "task-add" { - pattern = "^task-add: (?P<args>.*)$$"; - script = pkgs.writeDash "task-add" '' - ${pkgs.taskwarrior}/bin/task rc:${taskrcFile} add "$*" - ''; - }; - - task-list = buildSimpleReaktorPlugin "task-list" { - pattern = "^task-list"; - script = pkgs.writeDash "task-list" '' - ${pkgs.taskwarrior}/bin/task rc:${taskrcFile} export | ${pkgs.jq}/bin/jq -r '.[] | select(.id != 0) | "\(.id) \(.description)"' - ''; - }; - - task-delete = buildSimpleReaktorPlugin "task-delete" { - pattern = "^task-delete: (?P<args>.*)$$"; - script = pkgs.writeDash "task-delete" '' - ${pkgs.taskwarrior}/bin/task rc:${taskrcFile} delete "$*" - ''; - }; - - task-done = buildSimpleReaktorPlugin "task-done" { - pattern = "^task-done: (?P<args>.*)$$"; - script = pkgs.writeDash "task-done" '' - ${pkgs.taskwarrior}/bin/task rc:${taskrcFile} done "$*" - ''; - }; - - todo = name: { - add = buildSimpleReaktorPlugin "${name}-add" { + task = name: let + rcFile = builtins.toFile "taskrc" '' + confirmation=no + ''; + in { + add = buildSimpleReaktorPlugin "${name}-task-add" { pattern = "^${name}-add: (?P<args>.*)$$"; script = pkgs.writeDash "${name}-add" '' - echo "$*" >> ${name}-todo - echo "added ${name} todo" + TASKDATA=$HOME/${name} ${pkgs.taskwarrior}/bin/task rc:${rcFile} add "$*" ''; }; - delete = buildSimpleReaktorPlugin "${name}-delete" { + + list = buildSimpleReaktorPlugin "task-list" { + pattern = "^${name}-list"; + script = pkgs.writeDash "task-list" '' + TASKDATA=$HOME/${name} ${pkgs.taskwarrior}/bin/task rc:${rcFile} export | ${pkgs.jq}/bin/jq -r '.[] | select(.id != 0) | "\(.id) \(.description)"' + ''; + }; + + delete = buildSimpleReaktorPlugin "task-delete" { pattern = "^${name}-delete: (?P<args>.*)$$"; - script = pkgs.writeDash "${name}-delete" '' - ${pkgs.gnugrep}/bin/grep -Fvxe "$*" ${name}-todo > ${name}-todo.tmp - ${pkgs.coreutils}/bin/mv ${name}-todo.tmp ${name}-todo - echo "removed ${name} todo: $*" + script = pkgs.writeDash "task-delete" '' + TASKDATA=$HOME/${name} ${pkgs.taskwarrior}/bin/task rc:${rcFile} delete "$*" ''; }; - show = buildSimpleReaktorPlugin "${name}-show" { - pattern = "^${name}-show$"; - script = pkgs.writeDash "${name}-show" '' - ${pkgs.coreutils}/bin/cat ${name}-todo + + done = buildSimpleReaktorPlugin "task-done" { + pattern = "^${name}-done: (?P<args>.*)$$"; + script = pkgs.writeDash "task-done" '' + TASKDATA=$HOME/${name} ${pkgs.taskwarrior}/bin/task rc:${rcFile} done "$*" ''; }; }; diff --git a/lass/1systems/prism/physical.nix b/lass/1systems/prism/physical.nix index 116bdb92f..a2b5efb29 100644 --- a/lass/1systems/prism/physical.nix +++ b/lass/1systems/prism/physical.nix @@ -40,6 +40,16 @@ fsType = "zfs"; }; + fileSystems."/var/lib/nextcloud" = { + device = "tank/nextcloud"; + fsType = "zfs"; + }; + + fileSystems."/var/lib/libvirt" = { + device = "tank/libvirt"; + fsType = "zfs"; + }; + nix.maxJobs = lib.mkDefault 8; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; diff --git a/lass/2configs/gc.nix b/lass/2configs/gc.nix index c5073e384..a1bb26049 100644 --- a/lass/2configs/gc.nix +++ b/lass/2configs/gc.nix @@ -3,6 +3,6 @@ with import <stockholm/lib>; { nix.gc = { - automatic = ! (elem config.krebs.build.host.name [ "prism" "mors" "helios" ] || config.boot.isContainer); + automatic = ! (elem config.krebs.build.host.name [ "mors" "helios" ] || config.boot.isContainer); }; } diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix index 21b9d7b49..3c19fe061 100644 --- a/lass/2configs/mail.nix +++ b/lass/2configs/mail.nix @@ -51,7 +51,7 @@ let eloop = [ "to:eloop.org" ]; github = [ "to:github@lassul.us" ]; gmail = [ "to:gmail@lassul.us" "to:lassulus@gmail.com" "lassulus@googlemail.com" ]; - india = [ "to:hillhackers@lists.hillhacks.in" "to:hackbeach@lists.hackbeach.in" ]; + india = [ "to:hillhackers@lists.hillhacks.in" "to:hackbeach@lists.hackbeach.in" "to:hackbeach@mail.hackbeach.in" ]; kaosstuff = [ "to:gearbest@lassul.us" "to:banggood@lassul.us" "to:tomtop@lassul.us" ]; lugs = [ "to:lugs@lug-s.org" ]; meetup = [ "to:meetup@lassul.us" ]; diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 25dac0ac4..223fc73ba 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -88,6 +88,20 @@ in { file_uploads = on ''; + services.nextcloud = { + enable = true; + hostName = "o.xanf.org"; + config = { + adminpassFile = toString <secrets> + "/nextcloud_pw"; + }; + #https = true; + nginx.enable = true; + }; + services.nginx.virtualHosts."o.xanf.org" = { + enableACME = true; + forceSSL = true; + }; + # MAIL STUFF # TODO: make into its own module services.dovecot2 = { diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index 307f1c2b3..27cadd100 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -101,6 +101,9 @@ in { locations."/pub".extraConfig = '' alias ${pkgs.writeText "pub" config.krebs.users.lass.pubkey}; ''; + locations."/pub1".extraConfig = '' + alias ${pkgs.writeText "pub" config.krebs.users.lass-mors.pubkey}; + ''; }; security.acme.certs."cgit.lassul.us" = { diff --git a/tv/1systems/xu/config.nix b/tv/1systems/xu/config.nix index b9c76cf49..33f9539c9 100644 --- a/tv/1systems/xu/config.nix +++ b/tv/1systems/xu/config.nix @@ -20,6 +20,7 @@ with import <stockholm/lib>; <stockholm/tv/2configs/br.nix> <stockholm/tv/2configs/xp-332.nix> <stockholm/tv/2configs/xserver> + <stockholm/tv/2configs/xserver/xkiller.nix> { environment.systemPackages = with pkgs; [ @@ -156,10 +157,5 @@ with import <stockholm/lib>; # The NixOS release to be compatible with for stateful data such as databases. system.stateVersion = "15.09"; - tv.nixpkgs-overlays = { - krebs = "/home/tv/stockholm/krebs/5pkgs"; - tv = "/home/tv/stockholm/tv/5pkgs"; - }; - virtualisation.virtualbox.host.enable = true; } diff --git a/tv/2configs/backup.nix b/tv/2configs/backup.nix index f8de72d00..b8dec8da4 100644 --- a/tv/2configs/backup.nix +++ b/tv/2configs/backup.nix @@ -60,7 +60,7 @@ with import <stockholm/lib>; }; xu-pull-ni-ejabberd = { method = "pull"; - src = { host = config.krebs.hosts.ni; path = "/var/ejabberd"; }; + src = { host = config.krebs.hosts.ni; path = "/var/lib/ejabberd"; }; dst = { host = config.krebs.hosts.xu; path = "/bku/ni-ejabberd"; }; startAt = "07:00"; }; @@ -78,7 +78,7 @@ with import <stockholm/lib>; }; zu-pull-ni-ejabberd = { method = "pull"; - src = { host = config.krebs.hosts.ni; path = "/var/ejabberd"; }; + src = { host = config.krebs.hosts.ni; path = "/var/lib/ejabberd"; }; dst = { host = config.krebs.hosts.zu; path = "/bku/ni-ejabberd"; }; startAt = "06:00"; }; diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix index 484a337b7..e18ba31b0 100644 --- a/tv/2configs/default.nix +++ b/tv/2configs/default.nix @@ -92,7 +92,6 @@ with import <stockholm/lib>; environment.variables = { NIX_PATH = mkForce (concatStringsSep ":" [ "secrets=/var/src/stockholm/null" - "nixpkgs-overlays=${config.tv.nixpkgs-overlays}" "/var/src" ]); }; diff --git a/tv/2configs/gitrepos.nix b/tv/2configs/gitrepos.nix index a89d1302c..725ddefa8 100644 --- a/tv/2configs/gitrepos.nix +++ b/tv/2configs/gitrepos.nix @@ -67,10 +67,12 @@ let { cgit.desc = "source code installer"; }; q = {}; + reaktor2 = {}; regfish = {}; stockholm = { cgit.desc = "NixOS configuration"; }; + with-ssh = {}; } // mapAttrs (_: recursiveUpdate { cgit.section = "2. Host configurations"; }) { ni = { }; @@ -102,6 +104,7 @@ let { nixos-infest = {}; painload = {}; push = {}; + Reaktor = {}; with-tmpdir = {}; get = {}; load-env = {}; diff --git a/tv/2configs/htop.nix b/tv/2configs/htop.nix index d7d2d7bfd..e78caeb5f 100644 --- a/tv/2configs/htop.nix +++ b/tv/2configs/htop.nix @@ -22,7 +22,7 @@ with import <stockholm/lib>; highlight_megabytes=1 highlight_threads=1 tree_view=1 - header_margin=1 + header_margin=0 detailed_cpu_time=0 cpu_count_from_zero=0 update_process_names=0 diff --git a/tv/2configs/xserver/Xmodmap.nix b/tv/2configs/xserver/Xmodmap.nix index d2b1b2604..8e8e3dfdd 100644 --- a/tv/2configs/xserver/Xmodmap.nix +++ b/tv/2configs/xserver/Xmodmap.nix @@ -17,6 +17,7 @@ pkgs.writeText "Xmodmap" '' keycode 39 = s S ssharp keycode 33 = p P Greek_pi Greek_PI + keycode 40 = d D Greek_delta Greek_DELTA keycode 46 = l L Greek_lambda Greek_LAMBDA keycode 54 = c C cacute Cacute diff --git a/tv/2configs/xserver/xkiller.nix b/tv/2configs/xserver/xkiller.nix new file mode 100644 index 000000000..2f9763093 --- /dev/null +++ b/tv/2configs/xserver/xkiller.nix @@ -0,0 +1,14 @@ +{ pkgs, ... }: { + + services.acpid.enable = true; + services.acpid.handlers.xkiller = { + action = /* sh */ '' + event=($1) + if test "''${event[2]}" = 00000080; then + ${pkgs.systemd}/bin/systemd-cat -t xkiller ${pkgs.xkiller} + fi + ''; + event = "button/prog1"; + }; + +} diff --git a/tv/3modules/default.nix b/tv/3modules/default.nix index f53a58e9a..67fb3f650 100644 --- a/tv/3modules/default.nix +++ b/tv/3modules/default.nix @@ -5,7 +5,6 @@ ./ejabberd ./hosts.nix ./iptables.nix - ./nixpkgs-overlays.nix ./slock.nix ./x0vncserver.nix ]; diff --git a/tv/3modules/ejabberd/default.nix b/tv/3modules/ejabberd/default.nix index e99b94ff9..f16dfac86 100644 --- a/tv/3modules/ejabberd/default.nix +++ b/tv/3modules/ejabberd/default.nix @@ -67,7 +67,7 @@ in { type = types.user; default = { name = "ejabberd"; - home = "/var/ejabberd"; + home = "/var/lib/ejabberd"; }; }; }; diff --git a/tv/3modules/nixpkgs-overlays.nix b/tv/3modules/nixpkgs-overlays.nix deleted file mode 100644 index 4eb7a86bd..000000000 --- a/tv/3modules/nixpkgs-overlays.nix +++ /dev/null @@ -1,23 +0,0 @@ -with import <stockholm/lib>; -{ config, pkgs, ... }: { - - options.tv.nixpkgs-overlays = mkOption { - apply = src: - pkgs.runCommand "nixpkgs-overlays" {} '' - mkdir $out - ${concatStringsSep "\n" (mapAttrsToList (name: path: - "ln -s ${shell.escape path} $out/${shell.escape name}" - ) src)} - '' // { - inherit src; - }; - type = types.attrsOf types.absolute-pathname; - }; - - config = { - tv.nixpkgs-overlays = { - krebs = mkDefault "/var/src/stockholm/krebs/5pkgs"; - tv = mkDefault "/var/src/stockholm/tv/5pkgs"; - }; - }; -} diff --git a/tv/3modules/slock.nix b/tv/3modules/slock.nix index 1c84b1e9e..53f7f1f62 100644 --- a/tv/3modules/slock.nix +++ b/tv/3modules/slock.nix @@ -5,10 +5,12 @@ in { options.tv.slock = { enable = mkEnableOption "tv.slock"; package = mkOption { - default = pkgs.execBin "slock" rec { - filename = "${pkgs.systemd}/bin/systemctl"; - argv = [ filename "start" "slock-${cfg.user.name}.service" ]; - }; + default = pkgs.writeDashBin "slock" '' + set -efu + display=''${DISPLAY#:} + service=slock-$LOGNAME@$display.service + exec ${pkgs.systemd}/bin/systemctl start "$service" + ''; type = types.package; }; user = mkOption { @@ -18,16 +20,16 @@ in { config = mkIf cfg.enable { security.polkit.extraConfig = /* js */ '' polkit.addRule(function(action, subject) { - if (action.id == "org.freedesktop.systemd1.manage-units" && - action.lookup("unit") == "slock-${cfg.user.name}.service" && - subject.user == ${toJSON cfg.user.name}) { + if (action.id === "org.freedesktop.systemd1.manage-units" && + subject.user === ${toJSON cfg.user.name} && + /^slock-${cfg.user.name}@[0-9]+\.service$/.test(action.lookup("unit")) ) { return polkit.Result.YES; } }); ''; - systemd.services."slock-${cfg.user.name}" = { + systemd.services."slock-${cfg.user.name}@" = { environment = { - DISPLAY = ":${toString config.services.xserver.display}"; + DISPLAY = ":%I"; LD_PRELOAD = pkgs.runCommandCC "slock-${cfg.user.name}.so" { passAsFile = ["text"]; text = /* c */ '' diff --git a/tv/5pkgs/default.nix b/tv/5pkgs/default.nix index c5c800b55..605d827ef 100644 --- a/tv/5pkgs/default.nix +++ b/tv/5pkgs/default.nix @@ -24,6 +24,12 @@ foldl' mergeAttrs {} "$@" ''; + dhcpcd = overrideDerivation super.dhcpcd (old: { + configureFlags = old.configureFlags ++ [ + "--dbdir=/var/lib/dhcpcd" + ]; + }); + gitAndTools = super.gitAndTools // { inherit (self) diff-so-fancy; }; diff --git a/tv/5pkgs/simple/xkiller.nix b/tv/5pkgs/simple/xkiller.nix new file mode 100644 index 000000000..8d8f01690 --- /dev/null +++ b/tv/5pkgs/simple/xkiller.nix @@ -0,0 +1,25 @@ +{ pkgs }: +pkgs.writeDash "xkiller" '' + set -efu + exec >&2 + ${pkgs.iproute}/bin/ss -lp src unix:/tmp/.X11-unix/X* | + ${pkgs.gnused}/bin/sed -n ' + s|.*/tmp/.X11-unix/X\([0-9]\+\)\>.*("X[^"]*",pid=\([0-9]\+\)\>.*|\1 \2|p + ' | + while read -r display pid; do + { + exit_code=$( + DISPLAY=:$display ${pkgs.coreutils}/bin/timeout 1 \ + ${pkgs.xorg.xset}/bin/xset q >/dev/null 2>&1 && + echo 0 || echo $? + ) + if test $exit_code = 124; then + echo "X on display :$display is locked up; killing PID $pid..." + ${pkgs.coreutils}/bin/kill -SIGKILL "$pid" + else + echo "X on display :$display is healthy" + fi + } & + done + wait +'' |