diff options
| -rw-r--r-- | jeschli/1systems/bln/config.nix | 9 | ||||
| -rw-r--r-- | jeschli/1systems/brauerei/config.nix | 20 | ||||
| -rw-r--r-- | jeschli/1systems/brauerei/hardware-configuration.nix | 1 | ||||
| -rw-r--r-- | jeschli/2configs/emacs.nix | 21 | ||||
| -rw-r--r-- | jeschli/2configs/officevpn.nix | 19 | ||||
| -rw-r--r-- | jeschli/2configs/xserver/Xresources.nix | 4 | ||||
| -rw-r--r-- | krebs/2configs/news-spam.nix | 4 | ||||
| -rw-r--r-- | krebs/5pkgs/simple/Reaktor/plugins.nix | 2 | ||||
| -rw-r--r-- | krebs/krops.nix | 2 | ||||
| -rw-r--r-- | lass/1systems/helios/config.nix | 3 | ||||
| -rw-r--r-- | lass/2configs/blue.nix | 1 | ||||
| -rw-r--r-- | lass/2configs/browsers.nix | 3 | ||||
| -rw-r--r-- | lass/2configs/ciko.nix | 2 | ||||
| -rw-r--r-- | lass/2configs/dcso-dev.nix | 12 | ||||
| -rw-r--r-- | lass/2configs/exim-smarthost.nix | 1 | ||||
| -rw-r--r-- | lass/2configs/websites/domsen.nix | 18 | ||||
| -rw-r--r-- | lass/3modules/xjail.nix | 2 | ||||
| -rw-r--r-- | lass/5pkgs/custom/xmonad-lass/default.nix | 2 | ||||
| -rw-r--r-- | lass/5pkgs/knav/default.nix | 26 | ||||
| -rw-r--r-- | lib/default.nix | 2 |
20 files changed, 104 insertions, 50 deletions
diff --git a/jeschli/1systems/bln/config.nix b/jeschli/1systems/bln/config.nix index 716b9c484..6e3c3bec8 100644 --- a/jeschli/1systems/bln/config.nix +++ b/jeschli/1systems/bln/config.nix @@ -9,6 +9,8 @@ <stockholm/jeschli/2configs/emacs.nix> <stockholm/jeschli/2configs/xdg.nix> <stockholm/jeschli/2configs/xserver> +# <stockholm/jeschli/1systems/bln/dcso-vpn.nix> + <stockholm/jeschli/2configs/officevpn.nix> ]; # boot.loader.systemd-boot.enable = true; @@ -94,6 +96,8 @@ vagrant # document viewer zathura + + samba ]; @@ -161,4 +165,9 @@ hardware.bluetooth.enable = true; krebs.build.host = config.krebs.hosts.bln; + + networking.interfaces.enp0s31f6.ipv4.addresses = [ + { address = "10.99.23.2"; prefixLength = 24; } + ]; + } diff --git a/jeschli/1systems/brauerei/config.nix b/jeschli/1systems/brauerei/config.nix index 5a6ad7652..e200cbcd4 100644 --- a/jeschli/1systems/brauerei/config.nix +++ b/jeschli/1systems/brauerei/config.nix @@ -25,21 +25,11 @@ preLVM = true; allowDiscards = true; } ]; -# networking.hostName = "brauerei"; - # Define your hostname. -# networking.wireless.enable = true; networking.networkmanager.enable = true; - # Enables wireless support via wpa_supplicant. - # Select internationalisation properties. - # i18n = { - # consoleFont = "Lat2-Terminus16"; - # consoleKeyMap = "us"; - # defaultLocale = "en_US.UTF-8"; - # }; - # Set your time zone. # time.timeZone = "Europe/Amsterdam"; + nixpkgs.config.allowUnfree = true; - # List packages installed in system profile. To search by name, run: # $ nix-env -qaP | grep wget + environment.shellAliases = { n = "nix-shell"; stocki = pkgs.writeDash "deploy" '' @@ -47,6 +37,7 @@ exec nix-shell -I stockholm="$PWD" --run 'deploy --system="brauerei"' ''; }; + environment.systemPackages = with pkgs; [ # system helper ag @@ -103,6 +94,7 @@ zathura # xorg xorg.xbacklight + taskwarrior ]; # Some programs need SUID wrappers, can be configured further or are @@ -126,7 +118,7 @@ display = 11; tty = 11; - dpi = 96; + dpi = 144; # videoDrivers = [ "nvidia" ]; synaptics = { @@ -138,7 +130,7 @@ users.extraUsers.jeschli = { # TODO: define as krebs.users isNormalUser = true; - extraGroups = ["docker" "vboxusers"]; + extraGroups = ["docker" "vboxusers" "audio"]; uid = 1000; }; users.extraUsers.jamie = { diff --git a/jeschli/1systems/brauerei/hardware-configuration.nix b/jeschli/1systems/brauerei/hardware-configuration.nix index 75fdb89fd..2cb3e6661 100644 --- a/jeschli/1systems/brauerei/hardware-configuration.nix +++ b/jeschli/1systems/brauerei/hardware-configuration.nix @@ -29,5 +29,6 @@ swapDevices = [ ]; + hardware.pulseaudio.enable = true; nix.maxJobs = lib.mkDefault 4; } diff --git a/jeschli/2configs/emacs.nix b/jeschli/2configs/emacs.nix index 4c52432d3..3bd2dbfc4 100644 --- a/jeschli/2configs/emacs.nix +++ b/jeschli/2configs/emacs.nix @@ -17,18 +17,19 @@ let ''; evilMode = '' ;; Evil Mode - (add-to-list 'load-path "~/.emacs.d/evil") (require 'evil) (evil-mode 1) - (require 'evil-org) - (add-hook 'org-mode-hook 'evil-org-mode) - (evil-org-set-key-theme '(navigation insert textobjects additional calendar)) - (require 'evil-org-agenda) - (evil-org-agenda-set-keys) + ;; (require 'evil-org) + ;; (add-hook 'org-mode-hook 'evil-org-mode) + ;; (evil-org-set-key-theme '(navigation insert textobjects additional calendar)) + ;; (require 'evil-org-agenda) + ;; (evil-org-agenda-set-keys) ''; windowCosmetics = '' + (menu-bar-mode -1) (tool-bar-mode -1) ; Disable the button bar atop screen (scroll-bar-mode -1) ; Disable scroll bar + (toggle-scroll-bar -1) (setq inhibit-startup-screen t) ; Disable startup screen with graphics (setq-default indent-tabs-mode nil) ; Use spaces instead of tabs (setq default-tab-width 2) ; Two spaces is a tab @@ -41,28 +42,36 @@ let (global-set-key "\C-cl" 'org-store-link) (global-set-key "\C-ca" 'org-agenda) (global-set-key "\C-cb" 'org-iswitchb) + (setq org-link-frame-setup '((file . find-file))) ; open link in same frame. (if (boundp 'org-user-agenda-files) (setq org-agenda-files org-user-agenda-files) (setq org-agenda-files (quote ("~/projects/notes"))) ) ''; + theme = '' + (load-theme 'monokai-alt) + ''; recentFiles = '' (recentf-mode 1) (setq recentf-max-menu-items 25) (global-set-key "\C-x\ \C-r" 'recentf-open-files) ''; dotEmacs = pkgs.writeText "dot-emacs" '' + ${evilMode} ${packageRepos} ${orgMode} ${recentFiles} + ${theme} ${windowCosmetics} ''; emacsWithCustomPackages = (pkgs.emacsPackagesNgGen pkgs.emacs).emacsWithPackages (epkgs: [ + epkgs.melpaPackages.evil epkgs.melpaStablePackages.magit epkgs.melpaPackages.mmm-mode epkgs.melpaPackages.nix-mode epkgs.melpaPackages.go-mode epkgs.melpaPackages.google-this + epkgs.melpaPackages.monokai-alt-theme ]); myEmacs = pkgs.writeDashBin "my-emacs" '' exec ${emacsWithCustomPackages}/bin/emacs -q -l ${dotEmacs} "$@" diff --git a/jeschli/2configs/officevpn.nix b/jeschli/2configs/officevpn.nix new file mode 100644 index 000000000..eb0477d51 --- /dev/null +++ b/jeschli/2configs/officevpn.nix @@ -0,0 +1,19 @@ +{ config, pkgs, ... }: + +{ + nixpkgs.config.packageOverrides = pkgs: { + openvpn = pkgs.openvpn.override { pkcs11Support = true; useSystemd = false;}; + }; + + environment.systemPackages = with pkgs; [ + opensc + openvpn + yubikey-manager + ]; + + services.pcscd.enable = true; + + # To start the vpn manually execute + # $ openvpn --config clien.ovpn +} + diff --git a/jeschli/2configs/xserver/Xresources.nix b/jeschli/2configs/xserver/Xresources.nix index adf06ee63..ebe7159ff 100644 --- a/jeschli/2configs/xserver/Xresources.nix +++ b/jeschli/2configs/xserver/Xresources.nix @@ -5,7 +5,6 @@ with import <stockholm/lib>; pkgs.writeText "Xresources" /* xdefaults */ '' Xcursor.theme: aero-large-drop Xcursor.size: 128 - Xft.dpi: 144 URxvt*cutchars: "\\`\"'&()*,;<=>?@[]^{|}‘’" URxvt*eightBitInput: false @@ -22,7 +21,8 @@ pkgs.writeText "Xresources" /* xdefaults */ '' URxvt*charClass: 33:48,37:48,45-47:48,64:48,38:48,61:48,63:48 URxvt*cutNewline: False URxvt*cutToBeginningOfLine: False - + URxvt*font: xft:Monospace:size=12 + URxvt*font: xft:Monospace:size=12:bold URxvt*color0: #232342 URxvt*color3: #c07000 URxvt*color4: #4040c0 diff --git a/krebs/2configs/news-spam.nix b/krebs/2configs/news-spam.nix index a3f39b40e..88b7e1072 100644 --- a/krebs/2configs/news-spam.nix +++ b/krebs/2configs/news-spam.nix @@ -7,7 +7,6 @@ [SPAM]aje|http://www.aljazeera.com/Services/Rss/?PostingId=2007731105943979989|#snews [SPAM]allafrica|http://allafrica.com/tools/headlines/rdf/latest/headlines.rdf|#snews [SPAM]antirez|http://antirez.com/rss|#snews - [SPAM]arbor|http://feeds2.feedburner.com/asert/|#snews [SPAM]archlinux|http://www.archlinux.org/feeds/news/|#snews [SPAM]ars|http://feeds.arstechnica.com/arstechnica/index?format=xml|#snews [SPAM]augustl|http://augustl.com/atom.xml|#snews @@ -131,7 +130,6 @@ [SPAM]slashdot|http://rss.slashdot.org/Slashdot/slashdot|#snews [SPAM]slate|http://feeds.slate.com/slate|#snews [SPAM]spiegel_eil|http://www.spiegel.de/schlagzeilen/eilmeldungen/index.rss|#snews - [SPAM]spiegelfechter|http://feeds.feedburner.com/DerSpiegelfechter?format=xml|#snews [SPAM]spiegel_top|http://www.spiegel.de/schlagzeilen/tops/index.rss|#snews [SPAM]standardmedia_ke|http://www.standardmedia.co.ke/rss/headlines.php|#snews [SPAM]stern|http://www.stern.de/feed/standard/all/|#snews @@ -146,7 +144,6 @@ [SPAM]the_insider|http://www.theinsider.org/rss/news/headlines-xml.asp|#snews [SPAM]tigsource|http://www.tigsource.com/feed/|#snews [SPAM]tinc|http://tinc-vpn.org/news/index.rss|#snews - [SPAM]topix_b|http://www.topix.com/rss/wire/de/berlin|#snews [SPAM]torr_bits|http://feeds.feedburner.com/TorrentfreakBits|#snews [SPAM]torrentfreak|http://feeds.feedburner.com/Torrentfreak|#snews [SPAM]torr_news|http://feed.torrentfreak.com/Torrentfreak/|#snews @@ -160,7 +157,6 @@ [SPAM]us_math_society|http://www.ams.org/cgi-bin/content/news_items.cgi?rss=1|#snews [SPAM]vimperator|https://sites.google.com/a/vimperator.org/www/blog/posts.xml|#snews [SPAM]weechat|http://dev.weechat.org/feed/atom|#snews - [SPAM]wp_world|http://feeds.washingtonpost.com/rss/rss_blogpost|#snews [SPAM]xkcd|https://xkcd.com/rss.xml|#snews [SPAM]zdnet|http://www.zdnet.com/news/rss.xml|#snews ''; diff --git a/krebs/5pkgs/simple/Reaktor/plugins.nix b/krebs/5pkgs/simple/Reaktor/plugins.nix index db578c457..c6e601475 100644 --- a/krebs/5pkgs/simple/Reaktor/plugins.nix +++ b/krebs/5pkgs/simple/Reaktor/plugins.nix @@ -165,7 +165,7 @@ rec { }; task-delete = buildSimpleReaktorPlugin "task-delete" { - pattern = "^task-remove: (?P<args>.*)$$"; + pattern = "^task-delete: (?P<args>.*)$$"; script = pkgs.writeDash "task-delete" '' ${pkgs.taskwarrior}/bin/task rc:${taskrcFile} delete "$*" ''; diff --git a/krebs/krops.nix b/krebs/krops.nix index 861f2d323..0e80aec0e 100644 --- a/krebs/krops.nix +++ b/krebs/krops.nix @@ -12,7 +12,7 @@ krebs-source = { nixpkgs.git = { - ref = "56fad146a12a6f934d1d5ef875eb729be1b19129"; + ref = "d0c868ec17c2cb2ca845f33fbfe381e9c7e55516"; url = https://github.com/NixOS/nixpkgs; }; stockholm.file = toString ../.; diff --git a/lass/1systems/helios/config.nix b/lass/1systems/helios/config.nix index 5657742a6..40150b80e 100644 --- a/lass/1systems/helios/config.nix +++ b/lass/1systems/helios/config.nix @@ -98,7 +98,7 @@ with import <stockholm/lib>; ]; programs.adb.enable = true; - users.users.mainUser.extraGroups = [ "adbusers" "docker" ]; + users.users.mainUser.extraGroups = [ "adbusers" ]; services.printing.drivers = [ pkgs.postscript-lexmark ]; @@ -106,5 +106,4 @@ with import <stockholm/lib>; HandleLidSwitch=ignore ''; - virtualisation.docker.enable = true; } diff --git a/lass/2configs/blue.nix b/lass/2configs/blue.nix index 363705edc..16c63ff38 100644 --- a/lass/2configs/blue.nix +++ b/lass/2configs/blue.nix @@ -12,6 +12,7 @@ with (import <stockholm/lib>); environment.systemPackages = with pkgs; [ ag nmap + git-preview ]; services.tor.enable = true; diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix index 272169e92..425e0ee13 100644 --- a/lass/2configs/browsers.nix +++ b/lass/2configs/browsers.nix @@ -29,7 +29,7 @@ let environment.systemPackages = [ config.lass.xjail-bins.${name} (pkgs.writeDashBin "cx-${name}" '' - DISPLAY=:${toString (genid_signed name)} ${pkgs.xclip}/bin/xclip -o | DISPLAY=:0 ${pkgs.xclip}/bin/xclip + DISPLAY=:${toString (genid_uint31 name)} ${pkgs.xclip}/bin/xclip -o | DISPLAY=:0 ${pkgs.xclip}/bin/xclip '') ]; lass.browser.paths.${name} = { @@ -66,6 +66,7 @@ in { extensions = [ "cjpalhdlnbpafiamejdnhcphjbkeiagm" # ublock origin "dbepggeogbaibhgnhhndojpepiihcmeb" # vimium + "liloimnbhkghhdhlamdjipkmadhpcjmn" # krebsgold ]; }; diff --git a/lass/2configs/ciko.nix b/lass/2configs/ciko.nix index 56c9a286c..b08cf9307 100644 --- a/lass/2configs/ciko.nix +++ b/lass/2configs/ciko.nix @@ -2,7 +2,7 @@ with import <stockholm/lib>; { users.users.ciko = { - uid = genid_signed "ciko"; + uid = genid_uint31 "ciko"; description = "acc for ciko"; home = "/home/ciko"; useDefaultShell = true; diff --git a/lass/2configs/dcso-dev.nix b/lass/2configs/dcso-dev.nix index 4d8d308fb..830acb2e1 100644 --- a/lass/2configs/dcso-dev.nix +++ b/lass/2configs/dcso-dev.nix @@ -9,7 +9,7 @@ in { dev = { name = "dev"; uid = genid "dev"; - extraGroups = [ "docker" "vboxusers" ]; + extraGroups = [ "vboxusers" ]; description = "user for collaborative development"; home = "/home/dev"; useDefaultShell = true; @@ -52,6 +52,10 @@ in { { predicate = "-p tcp --dport 9000"; target = "ACCEPT";} ]; + krebs.iptables.tables.filter.OUTPUT.rules = [ + { predicate = "-p tcp --dport 21"; target = "REJECT";} + ]; + krebs.per-user.dev.packages = [ pkgs.go ]; @@ -64,12 +68,6 @@ in { networking.interfaces.et0.ipv4.addresses = [ { address = "10.99.23.1"; prefixLength = 24; } ]; - virtualisation.docker.enable = true; - environment.etc."docker/daemon.json".source = pkgs.writeText "daemon.json" '' - { - "bip": "172.25.0.1/16" - } - ''; services.rabbitmq.enable = true; services.postgresql.enable = true; } diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix index db6bda005..30757964c 100644 --- a/lass/2configs/exim-smarthost.nix +++ b/lass/2configs/exim-smarthost.nix @@ -84,6 +84,7 @@ with import <stockholm/lib>; { from = "boardgamegeek@lassul.us"; to = lass.mail; } { from = "qwertee@lassul.us"; to = lass.mail; } { from = "zazzle@lassul.us"; to = lass.mail; } + { from = "hackbeach@lassul.us"; to = lass.mail; } ]; system-aliases = [ { from = "mailer-daemon"; to = "postmaster"; } diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index d19f534fe..e1c1313ea 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -4,7 +4,7 @@ let inherit (import <stockholm/lib>) genid - genid_signed + genid_uint31 ; inherit (import <stockholm/lass/2configs/websites/util.nix> {inherit lib pkgs;}) servePage @@ -134,7 +134,7 @@ in { }; users.users.domsen = { - uid = genid_signed "domsen"; + uid = genid_uint31 "domsen"; description = "maintenance acc for domsen"; home = "/home/domsen"; useDefaultShell = true; @@ -143,49 +143,49 @@ in { }; users.users.bruno = { - uid = genid_signed "bruno"; + uid = genid_uint31 "bruno"; home = "/home/bruno"; useDefaultShell = true; createHome = true; }; users.users.jla-trading = { - uid = genid_signed "jla-trading"; + uid = genid_uint31 "jla-trading"; home = "/home/jla-trading"; useDefaultShell = true; createHome = true; }; users.users.jms = { - uid = genid_signed "jms"; + uid = genid_uint31 "jms"; home = "/home/jms"; useDefaultShell = true; createHome = true; }; users.users.ms = { - uid = genid_signed "ms"; + uid = genid_uint31 "ms"; home = "/home/ms"; useDefaultShell = true; createHome = true; }; users.users.testuser = { - uid = genid_signed "testuser"; + uid = genid_uint31 "testuser"; home = "/home/testuser"; useDefaultShell = true; createHome = true; }; users.users.akayguen = { - uid = genid_signed "akayguen"; + uid = genid_uint31 "akayguen"; home = "/home/akayguen"; useDefaultShell = true; createHome = true; }; users.users.bui = { - uid = genid_signed "bui"; + uid = genid_uint31 "bui"; home = "/home/bui"; useDefaultShell = true; createHome = true; diff --git a/lass/3modules/xjail.nix b/lass/3modules/xjail.nix index 8f5f05bc2..5b450ed42 100644 --- a/lass/3modules/xjail.nix +++ b/lass/3modules/xjail.nix @@ -23,7 +23,7 @@ with import <stockholm/lib>; }; display = mkOption { type = types.string; - default = toString (genid_signed config._module.args.name); + default = toString (genid_uint31 config._module.args.name); }; dpi = mkOption { type = types.int; diff --git a/lass/5pkgs/custom/xmonad-lass/default.nix b/lass/5pkgs/custom/xmonad-lass/default.nix index 694f3c033..8b508ae6a 100644 --- a/lass/5pkgs/custom/xmonad-lass/default.nix +++ b/lass/5pkgs/custom/xmonad-lass/default.nix @@ -160,6 +160,8 @@ myKeyMap = , ("<Pause>", spawn "${pkgs.xcalib}/bin/xcalib -invert -alter") + , ("M4-s", spawn "${pkgs.knav}/bin/knav") + --, ("M4-w", screenWorkspace 0 >>= (windows . W.greedyView)) --, ("M4-e", screenWorkspace 1 >>= (windows . W.greedyView)) --, ("M4-r", screenWorkspace 2 >>= (windows . W.greedyView)) diff --git a/lass/5pkgs/knav/default.nix b/lass/5pkgs/knav/default.nix new file mode 100644 index 000000000..30d49a1b3 --- /dev/null +++ b/lass/5pkgs/knav/default.nix @@ -0,0 +1,26 @@ +{ pkgs, ... }: let + + keynavrc = pkgs.writeText "keynavrc" '' + clear + Escape quit + q record ~/.keynav_macros + shift+at playback + u history-back + a cut-left + s cut-down + w cut-up + d cut-right + shift+a move-left + shift+s move-down + shift+w move-up + shift+d move-right + t windowzoom + c cursorzoom 300 300 + e warp + 1 click 1 + 2 click 2 + 3 click 3 + ''; +in pkgs.writeScriptBin "knav" '' + ${pkgs.keynav}/bin/keynav "loadconfig ${keynavrc}, start" +'' diff --git a/lib/default.nix b/lib/default.nix index e5e40975e..a40225c49 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -13,7 +13,7 @@ let mod = x: y: x - y * (x / y); genid = import ./genid.nix { inherit lib; }; - genid_signed = x: ((lib.genid x) + 16777216) / 2; + genid_uint31 = x: ((lib.genid x) + 16777216) / 2; lpad = n: c: s: if lib.stringLength s < n |