diff options
-rw-r--r-- | jeschli/1systems/bolide/config.nix | 27 | ||||
-rw-r--r-- | jeschli/1systems/bolide/home.nix | 171 | ||||
-rw-r--r-- | jeschli/1systems/brauerei/config.nix | 23 | ||||
-rw-r--r-- | jeschli/krops.nix | 4 | ||||
-rw-r--r-- | krebs/1systems/hotdog/config.nix | 1 | ||||
-rw-r--r-- | krebs/1systems/wolf/config.nix | 2 | ||||
-rw-r--r-- | krebs/3modules/external/default.nix | 62 | ||||
-rw-r--r-- | krebs/3modules/external/ssh/0x4A6F.pub (renamed from krebs/3modules/external/ssh/0x4a6f.pub) | 0 | ||||
-rw-r--r-- | krebs/3modules/external/ssh/qubasa.pub | 2 | ||||
-rw-r--r-- | krebs/3modules/lass/default.nix | 4 | ||||
-rw-r--r-- | krebs/3modules/lass/ssh/android.rsa | 2 | ||||
-rw-r--r-- | krebs/nixpkgs.json | 6 | ||||
-rw-r--r-- | lass/1systems/xerxes/config.nix | 79 | ||||
-rw-r--r-- | lass/1systems/xerxes/icarus/config.nix | 33 | ||||
-rw-r--r-- | lass/1systems/xerxes/icarus/physical.nix | 25 | ||||
-rw-r--r-- | lass/1systems/xerxes/physical.nix | 24 | ||||
-rw-r--r-- | lass/2configs/nfs-dl.nix | 15 | ||||
-rw-r--r-- | lass/3modules/autowifi.nix | 111 | ||||
-rw-r--r-- | lass/3modules/default.nix | 1 |
19 files changed, 301 insertions, 291 deletions
diff --git a/jeschli/1systems/bolide/config.nix b/jeschli/1systems/bolide/config.nix index a9f564f75..5cb6ef568 100644 --- a/jeschli/1systems/bolide/config.nix +++ b/jeschli/1systems/bolide/config.nix @@ -3,12 +3,14 @@ # and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, lib, ... }: +let + unstable = import <nixpkgs-unstable> { config = { allowUnfree = true; }; }; +in { imports = [ ./hardware-configuration.nix <stockholm/jeschli> - <home-manager/nixos> <stockholm/jeschli/2configs/urxvt.nix> # <stockholm/jeschli/2configs/emacs.nix> ]; @@ -31,6 +33,7 @@ # networking.hostName = "bolide"; # Define your hostname. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. networking.networkmanager.enable = true; + networking.enableB43Firmware = true; #new # Select internationalisation properties. # i18n = { @@ -53,8 +56,6 @@ }; nixpkgs.config.allowUnfree = true; environment.systemPackages = with pkgs; [ - home-manager - wget vim # system helper ag @@ -78,7 +79,9 @@ google-chrome # programming languages go - gcc + gcc9 + ccls + unstable.clang_8 ghc python35 python35Packages.pip @@ -95,22 +98,6 @@ zathura ]; - home-manager.useUserPackages = true; - home-manager.users.jeschli = { - home.stateVersion = "19.03"; - }; - - home-manager.users.jeschli.home.file = { - ".emacs.d" = { - source = pkgs.fetchFromGitHub { - owner = "jeschli"; - repo = "emacs.d"; - rev = "8ed6c40"; - sha256 = "1q2y478srwp9f58l8cixnd2wj51909gp1z68k8pjlbjy2mrvibs0"; - }; - recursive = true; - }; - }; # Some programs need SUID wrappers, can be configured further or are # started in user sessions. # programs.bash.enableCompletion = true; diff --git a/jeschli/1systems/bolide/home.nix b/jeschli/1systems/bolide/home.nix deleted file mode 100644 index 60fee8b67..000000000 --- a/jeschli/1systems/bolide/home.nix +++ /dev/null @@ -1,171 +0,0 @@ -{ pkgs, ... }: - -{ - home.file = { - ".emacs.d" = { - source = pkgs.fetchFromGitHub { - owner = "jeschli"; - repo = "emacs.d"; - rev = "8ed6c40"; - sha256 = "1q2y478srwp9f58l8cixnd2wj51909gp1z68k8pjlbjy2mrvibs0"; - }; - recursive = true; - }; - ".config/i3/config".text = '' - -set $mod Mod4 - -font pango:monospace 8 - -floating_modifier $mod - -bindsym $mod+Return exec i3-sensible-terminal - -bindsym $mod+Shift+q kill - -bindsym $mod+d exec rofi -modi drun#run -combi-modi drun#run -show combi -show-icons -display-combi run - -bindsym $mod+x exec rofi -modi window -show window -auto-select - -# switch to last used window -bindsym $mod+Tab exec rofi -show window& sleep 0.15 && xdotool key Down - -# change focus -bindsym $mod+j focus left -bindsym $mod+k focus down -bindsym $mod+l focus up -bindsym $mod+semicolon focus right - -# alternatively, you can use the cursor keys: -bindsym $mod+Left focus left -bindsym $mod+Down focus down -bindsym $mod+Up focus up -bindsym $mod+Right focus right - -# Resizing windows by 10 in i3 using keyboard only -bindsym $mod+Ctrl+Shift+Right resize shrink width 10 px or 10 ppt -bindsym $mod+Ctrl+Shift+Up resize grow height 10 px or 10 ppt -bindsym $mod+Ctrl+Shift+Down resize shrink height 10 px or 10 ppt -bindsym $mod+Ctrl+Shift+Left resize grow width 10 px or 10 ppt - -# move focused window -bindsym $mod+Shift+j move left -bindsym $mod+Shift+k move down -bindsym $mod+Shift+l move up -bindsym $mod+Shift+semicolon move right - -# alternatively, you can use the cursor keys: -bindsym $mod+Shift+Left move left -bindsym $mod+Shift+Down move down -bindsym $mod+Shift+Up move up -bindsym $mod+Shift+Right move right - -# split in horizontal orientation -bindsym $mod+h split h - -# split in vertical orientation -bindsym $mod+v split v - -# enter fullscreen mode for the focused container -bindsym $mod+f fullscreen toggle - -# change container layout (stacked, tabbed, toggle split) -bindsym $mod+s layout stacking -bindsym $mod+w layout tabbed -bindsym $mod+e layout toggle split - -# toggle tiling / floating -bindsym $mod+Shift+space floating toggle - -# change focus between tiling / floating windows -bindsym $mod+space focus mode_toggle - -# focus the parent container -bindsym $mod+a focus parent - -# focus the child container -#bindsym $mod+d focus child - -# Define names for default workspaces for which we configure key bindings later on. -# We use variables to avoid repeating the names in multiple places. -set $ws1 "1" -set $ws2 "2" -set $ws3 "3" -set $ws4 "4" -set $ws5 "5" -set $ws6 "6" -set $ws7 "7" -set $ws8 "8" -set $ws9 "9" -set $ws10 "10" - -# switch to workspace -bindsym $mod+1 workspace $ws1 -bindsym $mod+2 workspace $ws2 -bindsym $mod+3 workspace $ws3 -bindsym $mod+4 workspace $ws4 -bindsym $mod+5 workspace $ws5 -bindsym $mod+6 workspace $ws6 -bindsym $mod+7 workspace $ws7 -bindsym $mod+8 workspace $ws8 -bindsym $mod+9 workspace $ws9 -bindsym $mod+0 workspace $ws10 - -# move focused container to workspace -bindsym $mod+Shift+1 move container to workspace $ws1 -bindsym $mod+Shift+2 move container to workspace $ws2 -bindsym $mod+Shift+3 move container to workspace $ws3 -bindsym $mod+Shift+4 move container to workspace $ws4 -bindsym $mod+Shift+5 move container to workspace $ws5 -bindsym $mod+Shift+6 move container to workspace $ws6 -bindsym $mod+Shift+7 move container to workspace $ws7 -bindsym $mod+Shift+8 move container to workspace $ws8 -bindsym $mod+Shift+9 move container to workspace $ws9 -bindsym $mod+Shift+0 move container to workspace $ws10 - -# reload the configuration file -bindsym $mod+Shift+c reload -# restart i3 inplace (preserves your layout/session, can be used to upgrade i3) -bindsym $mod+Shift+r restart -# exit i3 (logs you out of your X session) -bindsym $mod+Shift+e exec "i3-nagbar -t warning -m 'You pressed the exit shortcut. Do you really want to exit i3? This will end your X session.' -b 'Yes, exit i3' 'i3-msg exit'" - -bindsym $mod+p exec i3-sensible-pager - -# resize window (you can also use the mouse for that) -mode "resize" { - # These bindings trigger as soon as you enter the resize mode - - # Pressing left will shrink the window’s width. - # Pressing right will grow the window’s width. - # Pressing up will shrink the window’s height. - # Pressing down will grow the window’s height. - bindsym j resize shrink width 10 px or 10 ppt - bindsym k resize grow height 10 px or 10 ppt - bindsym l resize shrink height 10 px or 10 ppt - bindsym semicolon resize grow width 10 px or 10 ppt - - # same bindings, but for the arrow keys - bindsym Left resize shrink width 10 px or 10 ppt - bindsym Down resize grow height 10 px or 10 ppt - bindsym Up resize shrink height 10 px or 10 ppt - bindsym Right resize grow width 10 px or 10 ppt - - # back to normal: Enter or Escape or $mod+r - bindsym Return mode "default" - bindsym Escape mode "default" - bindsym $mod+r mode "default" -} - -bindsym $mod+r mode "resize" - -# Start i3bar to display a workspace bar (plus the system information i3status -# finds out, if available) -bar { - position top - status_command i3status -} - ''; - }; - -} diff --git a/jeschli/1systems/brauerei/config.nix b/jeschli/1systems/brauerei/config.nix index 059ec6d71..aabb4b7ba 100644 --- a/jeschli/1systems/brauerei/config.nix +++ b/jeschli/1systems/brauerei/config.nix @@ -2,6 +2,7 @@ let xmonad-jeschli = pkgs.callPackage <stockholm/jeschli/5pkgs/simple/xmonad-jeschli> { inherit config; }; mainUser = config.krebs.build.user.name; + unstable = import <nixpkgs-unstable> { config = { allowUnfree = true; }; }; in { imports = [ @@ -52,6 +53,8 @@ in copyq curl dmenu + aspell + ispell rofi xdotool git @@ -75,22 +78,14 @@ in elixir elmPackages.elm exercism - gcc + gcc9 + ccls + unstable.clang_8 ghc go - python35 - python35Packages.pip - (vagrant.override { - bundlerEnv = bundlerEnv.override { - bundler = bundler.overrideAttrs (old: { - name = "bundler-1.16.1"; - src = fetchurl { - url = "https://rubygems.org/gems/bundler-1.16.1.gem"; - sha256 = "1s2nq4qnffxg3kwrk7cnwxcvfihlhxm9absl2l6d3qckf3sy1f22"; - }; - }); - }; - }) + python37 + python37Packages.pip + pipenv # dev tools gnumake jetbrains.clion diff --git a/jeschli/krops.nix b/jeschli/krops.nix index f3964a553..30b06c1e6 100644 --- a/jeschli/krops.nix +++ b/jeschli/krops.nix @@ -9,6 +9,10 @@ (krebs-source { test = test; }) { nixos-config.symlink = "stockholm/jeschli/1systems/${name}/config.nix"; + nixpkgs-unstable.git = { + url = "https://github.com/nixos/nixpkgs-channels"; + ref = "nixos-unstable"; + }; secrets = if test then { file = toString ./2configs/tests/dummy-secrets; } else { diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix index 32e416831..60ec625f2 100644 --- a/krebs/1systems/hotdog/config.nix +++ b/krebs/1systems/hotdog/config.nix @@ -14,7 +14,6 @@ <stockholm/krebs/2configs/ircd.nix> <stockholm/krebs/2configs/nscd-fix.nix> <stockholm/krebs/2configs/reaktor2.nix> - <stockholm/krebs/2configs/repo-sync.nix> ]; krebs.build.host = config.krebs.hosts.hotdog; diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix index c6622fdec..6e53637e6 100644 --- a/krebs/1systems/wolf/config.nix +++ b/krebs/1systems/wolf/config.nix @@ -122,7 +122,7 @@ in ]; users.extraUsers.root.openssh.authorizedKeys.keys = [ - config.krebs.users."0x4a6f".pubkey + config.krebs.users."0x4A6F".pubkey config.krebs.users.ulrich.pubkey config.krebs.users.raute.pubkey "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDb9NPa2Hf51afcG1H13UPbE5E02J8aC9a1sGCRls592wAVlQbmojYR1jWDPA2m32Bsyv0ztqi81zDyndWWZPQVJVBk00VjYBcgk6D5ifqoAuWLzfuHJPWZGOvBf/U74/LNFNUkj1ywjneK7HYTRPXrRBBfBSQNmQzkvue7s599L2vdueZKyjNsMpx2m6nm2SchaMuDskSQut/168JgU1l4M8BeT68Bo4WdelhBYnhSI1a59FGkgdu2SCjyighLQRy2sOH3ksnkHWENPkA+wwQOlKl7R3DsEybrNd4NU9FSwFDyDmdhfv5gJp8UGSFdjAwx43+8zM5t5ruZ25J0LnVb0PuTuRA00UsW83MkLxFpDQLrQV08tlsY6iGrqxP67C3VJ6t4v6oTp7/vaRLhEFc1PhOLh+sZ18o8MLO+e2rGmHGHQnSKfBOLUvDMGa4jb01XBGjdnIXLOkVo79YR5jZn7jJb2gTZ95OD6bWSDADoURSuwuLa7kh4ti1ItAKuhkIvbuky3rRVvQEc92kJ6aNUswIUXJa0K2ibbIY6ycKAA3Ljksl3Mm9KzOn6yc/i/lSF+SOrTGhabPJigKkIoqKIwnV5IU3gkfsxPQJOBMPqHDGAOeYQe3WpWedEPYuhQEczw4exMb9TkNE96F71PzuQPJDl5sPAWyPLeMKpy5XbfRiF2by4nxN3ZIQvjtoyVkjNV+qM0q0yKBzLxuRAEQOZ2yCEaBudZQkQiwHD97H2vu4SRQ/2aOie1XiOnmdbQRDZSO3BsoDK569K1w+gDfSnqY7zVUMj6tw+uKx6Gstck5lbvYMtdWKsfPv/pDM8eyIVFLL93dKTX+ertcQj6xDwLfOiNubE5ayFXhYkjwImV6NgfBuq+3hLK0URP2rPlOZbbZTQ0WlKD6CCRZPMSZCU9oD2zYfqpvRArBUcdkAwGePezORkfJQLE6mYEJp6pdFkJ/IeFLbO6M0lZVlfnpzAC9kjjkMCRofZUETcFSppyTImCbgo3+ok59/PkNU5oavBXyW80ue2tWHr08HX/QALNte3UITmIIlU6SFMCPMWJqadK1eDPWfJ4H4iDXRNn3D5wqN++iMloKvpaj0wieqXLY4+YfvNTNr177OU48GEWW8DnoEkbpwsCbjPxznGDQhdDqdYyMY/fDgRQReKITvKYGHRzesGysw5cKsp9LEfXD0R6WE2TeiiENla5AWzTgXJB0AyZEcOiIfqOgT9Nr9S8q5gc/BdA7P+jhGGJgEHhV3dVlfIZ7pmZc27Yu7UTQ0lbAKWqcMSTOdne+QL6ILzbvLrQwdvax4tQdm5opfU16SrOox1AMwAbkdq84z6uJqYVx3cUXfMJgTyDNrVv3or root@plattenschwein" # for backup diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index 66f9620c7..f12dda097 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -229,6 +229,32 @@ in { }; }; }; + jongepad = { + owner = config.krebs.users.jonge; + nets = { + retiolum = { + ip4.addr = "10.243.5.6"; + aliases = [ + "jongepad.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAtJsF5jL/M72PCptLFC5iIEt0qAL544H/VLijvZEG9gnoqbs94aNJ + MM5Sr3yMB01WkcT1Lph3r4dxV0/QECu3Ca4xxuUntu42tFXhkikQGcZLuo2h4zr4 + +wReudCCc7VqMcJDxriyyoW3i7smZnQGzo36gpKHbZfil8dJo0QE8mnujqkQCA0G + hjR7xdG+/usDgRUarfpNgoHKyZfLcomQLUuR8I3aHsdaCLgMJ8v5DjGymp2bIswT + puPx3IEZSXH8y6MZoISvLn+hwcWat34Bj1PF7vfgldivqHaDFpifpXvjbCmxcel9 + WVZRSEvLSVT4FnpaJ7JkAaUpG+GOHVlPWARq9t9AZXKR1Zex9MIkHzWi/TIIkawj + wJNvUwvBYJ1UCuCby4/3nKlY7zWjj23YM6dTJDGMhJKR5m2SHp9SC0m0QdfSjN5z + 8sJauCigGZ6rlmxkO4/2BBGshY8jWDl/z2oFiQfo7R2oZkJdWNHLGKtTZtqQQ3e6 + SAE/HQvipiv35rMzHw3E9AJBhhQqT3vTLLZvMTBS6BRFvpqDNhXik1aFenNV4tjZ + XeYU1eXI4XzQqoW/avPTuLt8O0Ya/nziLXCaIy+hlx5Hd49hkGb+1saQ5yPUgoEt + wE9sy5+9b5ebn8B+N0yw7wnUYN8V8dmPmRwLt71IuBwHn/aAoXyWwFsCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; rose = { owner = config.krebs.users.Mic92; nets = rec { @@ -588,6 +614,34 @@ in { }; }; }; + crustacea = { + owner = config.krebs.users."0x4A6F"; + nets = { + retiolum = { + ip4.addr = "10.243.42.63"; + ip6.addr = "42:4a6f::4263"; + aliases = [ + "crustacea.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEA1dA67Uq6IcWTWVVcg5kO4OUcmYY/mUzERK6WwrU7m+Qq2ovA2Fh1 + VTxfNzJg8zgyrBbUwpaLE4LuRgyrYbPABwgNMXS6wnHdunbm0x5RUcih/IRNobV1 + uf2Q/rVcrXHZD5+YL09hTZnU7PVkZm6WX0fc79rEKYIEopPpomCs2mECPSmqZPaW + L9wprtRTuQ3V0xxrCuUKX7SxANEursM8SvNfKydWdaUxjIV2iGVKuVUkAZHwx5jJ + roKEriWsIJ6FHTMb1v5yWXrvngMgYlKrpF6/m/AHEkQoPsEJ+oBkn0fop9pfyZjM + WzMhZHcKFYebSI4HqFRuQOc1scIzUdpC/sZYLYlddbwpJHj4xdJwIUN03Uga/KRQ + n1SrJnhmXonHvJZFBYcNDR6aTtdN7mJVBv8bQ7DGt1q6Gp8QItQqvpdzq314+Pw6 + 0EVKPaqdz6Cqpwn8RtJ9ZGb6BE3yUrpJkU25DyCSO86LmeCchApwssghWvPsbBDg + iF4QCyrWJ2HFnl7jJDGbEajHaE/xko2dt1F5frTWxsmDHRKSRhaGDwp5qgFUpCa0 + 2h+zZqkG4boV6CrMEjStb15EOXTUVfq0DPojFik6agCltslsJAwp+f1fb7NSee4d + TNWb1CHfIQWLPnm1LFwphSqyHY/9ehcsX3PJ7oXI+/BnV8ivvoApWA0CAwEAAQ== + -----END RSA PUBLIC KEY----- + Ed25519PublicKey = DWfh6H8Qco+GURdVRhKhLBAsN5epsEYhOM2+88dTdTE + ''; + }; + }; + }; unnamed = { owner = config.krebs.users.pie_; nets = { @@ -657,6 +711,9 @@ in { jan = { mail = "jan.heidbrink@posteo.de"; }; + jonge = { + mail = "jacek.galowicz@gmail.com"; + }; kmein = { mail = "kieran.meinhardt@gmail.com"; pubkey = ssh-for "kmein"; @@ -667,6 +724,7 @@ in { }; qubasa = { mail = "luis.nixos@gmail.com"; + pubkey = ssh-for "qubasa"; }; raute = { mail = "macxylo@gmail.com"; @@ -678,9 +736,9 @@ in { mail = "shackspace.de@myvdr.de"; pubkey = ssh-for "ulrich"; }; - "0x4a6f" = { + "0x4A6F" = { mail = "0x4a6f@shackspace.de"; - pubkey = ssh-for "0x4a6f"; + pubkey = ssh-for "0x4A6F"; }; miaoski = { }; diff --git a/krebs/3modules/external/ssh/0x4a6f.pub b/krebs/3modules/external/ssh/0x4A6F.pub index 1ea084bad..1ea084bad 100644 --- a/krebs/3modules/external/ssh/0x4a6f.pub +++ b/krebs/3modules/external/ssh/0x4A6F.pub diff --git a/krebs/3modules/external/ssh/qubasa.pub b/krebs/3modules/external/ssh/qubasa.pub new file mode 100644 index 000000000..e9e1e6a29 --- /dev/null +++ b/krebs/3modules/external/ssh/qubasa.pub @@ -0,0 +1,2 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDB0d0JA20Vqn7I4lCte6Ne2EOmLZyMJyS9yIKJYXNLjbLwkQ4AYoQKantPBkTxR75M09E7d3j5heuWnCjWH45TrfQfe1EOSSC3ppCI6C6aIVlaNs+KhAYZS0m2Y8WkKn+TT5JLEa8yybYVN/RlZPOilpj/1QgjU6CQK+eJ1k/kK+QFXcwN82GDVh5kbTVcKUNp2tiyxFA+z9LY0xFDg/JHif2ROpjJVLQBJ+YPuOXZN5LDnVcuyLWKThjxy5srQ8iDjoxBg7dwLHjby5Mv41K4W61Gq6xM53gDEgfXk4cQhJnmx7jA/pUnsn2ZQDeww3hcc7vRf8soogXXz2KC9maiq0M/svaATsa9Ul4hrKnqPZP9Q8ScSEAUX+VI+x54iWrnW0p/yqBiRAzwsczdPzaQroUFTBxrq8R/n5TFdSHRMX7fYNOeVMjhfNca/gtfw9dYBVquCvuqUuFiRc0I7yK44rrMjjVQRcAbw6F8O7+04qWCmaJ8MPlmApwu2c05VMv9hiJo5p6PnzterRSLCqF6rIdhSnuOwrUIt1s/V+EEZXHCwSaNLaQJnYL0H9YjaIuGz4c8kVzxw4c0B6nl+hqW5y5/B2cuHiumnlRIDKOIzlv8ufhh21iN7QpIsPizahPezGoT1XqvzeXfH4qryo8O4yTN/PWoA+f7o9POU7L6hQ== lhebendanz@nixos + diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 217edfdd1..a8314e11c 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -595,12 +595,12 @@ in { aliases = [ "phone.w" ]; - wireguard.pubkey = "MRicxap2VxPnzmXoOqqjQNGWJ54cQC8Tfy28+IXXsxM="; + wireguard.pubkey = "FY4PB8E/RC2JvtLgq/IDyMmZ9Ln6pz6eGyoytmUFMgk="; }; }; external = true; ci = false; - syncthing.id = "DUFMX7V-HNR6WXM-LZB5LJE-TM6QIOH-MTGHEUJ-QSD3XIY-YRFJLOR-G6Y3XQB"; + syncthing.id = "PWKVXPB-JCNO6E4-KVIQ7CK-6FSOWHM-AWORMDU-HVVYLKW-44DQTYW-XZT7DQJ"; }; morpheus = { cores = 1; diff --git a/krebs/3modules/lass/ssh/android.rsa b/krebs/3modules/lass/ssh/android.rsa index 675ba8df2..21b8e015e 100644 --- a/krebs/3modules/lass/ssh/android.rsa +++ b/krebs/3modules/lass/ssh/android.rsa @@ -1 +1 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPF7RHU4q6w1f3xWcfeAD6u23jDs2fd/H3IuxdT5G1ZL +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEpP5YExkzwfmn7GpvnmZZRx1S+jmZyYrOf7b5cZZnbF diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index aff83847e..a72f5cad5 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "973a2705351605915bda866f01f65c8fae304985", - "date": "2019-07-16T21:39:25+03:00", - "sha256": "06sp132w8difm9kjz71gh9q6pbcy3k9l8cbzpab44m5mwsm0z8x9", + "rev": "8a30e242181410931bcd0384f7147b6f1ce286a2", + "date": "2019-09-10T08:24:01-04:00", + "sha256": "0574zwcgy3pqjcxli4948sd3sy6h0qw6fvsm4r530gqj41gpwf6b", "fetchSubmodules": false } diff --git a/lass/1systems/xerxes/config.nix b/lass/1systems/xerxes/config.nix index c120c17d7..2d25bc88a 100644 --- a/lass/1systems/xerxes/config.nix +++ b/lass/1systems/xerxes/config.nix @@ -22,16 +22,19 @@ krebs.build.host = config.krebs.hosts.xerxes; + environment.shellAliases = { + deploy = pkgs.writeDash "deploy" '' + set -eu + export SYSTEM="$1" + $(nix-build $HOME/sync/stockholm/lass/krops.nix --no-out-link --argstr name "$SYSTEM" -A deploy) + ''; + }; + services.xserver = { displayManager.lightdm.autoLogin.enable = true; displayManager.lightdm.autoLogin.user = "lass"; }; - boot.blacklistedKernelModules = [ - "xpad" - ]; - - lass.screenlock.enable = lib.mkForce false; krebs.syncthing = { folders = { the_playlist = { @@ -47,4 +50,70 @@ umask = "0007"; }; }; + + boot.blacklistedKernelModules = [ "xpad" ]; + systemd.services.xboxdrv = { + wantedBy = [ "multi-user.target" ]; + script = '' + ${pkgs.xboxdrv.overrideAttrs(o: { + patches = [ (pkgs.fetchurl { + url = "https://patch-diff.githubusercontent.com/raw/xboxdrv/xboxdrv/pull/251.patch"; + sha256 = "17784y20mxqrlhgvwvszh8lprxrvgmb7ah9dknmbhj5jhkjl8wq5"; + }) ]; + })}/bin/xboxdrv --type xbox360 --dbus disabled -D + ''; + }; + + programs.adb.enable = true; + + services.logind.lidSwitch = "ignore"; + services.acpid = { + enable = true; + lidEventCommands = '' + export DISPLAY=:${toString config.services.xserver.display} + case "$1" in + "button/lid LID close") + ${pkgs.xorg.xinput}/bin/xinput disable 'pointer: Mouse for Windows' + ${pkgs.xorg.xinput}/bin/xinput disable 'keyboard: Mouse for Windows' + ${pkgs.acpilight}/bin/xbacklight -get > /tmp/pre_lid_brightness + ${pkgs.acpilight}/bin/xbacklight -set 0 + ;; + "button/lid LID open") + ${pkgs.xorg.xinput}/bin/xinput enable 'pointer: Mouse for Windows' + ${pkgs.xorg.xinput}/bin/xinput enable 'keyboard: Mouse for Windows' + ${pkgs.acpilight}/bin/xbacklight -set $(cat /tmp/pre_lid_brightness) + ;; + esac + ''; + }; + + systemd.services.suspend-again = { + after = [ "suspend.target" ]; + requiredBy = [ "suspend.target" ]; + # environment = { + # DISPLAY = ":${toString config.services.xserver.display}"; + # }; + serviceConfig = { + ExecStart = pkgs.writeDash "suspend-again" '' + ${pkgs.gnugrep}/bin/grep -q closed /proc/acpi/button/lid/LID0/state + if [ "$?" -eq 0 ]; then + echo 'wakeup with closed lid' + ${pkgs.systemd}/bin/systemctl suspend + fi + ''; + Type = "simple"; + }; + }; + + hardware.bluetooth.enable = true; + hardware.pulseaudio.package = pkgs.pulseaudioFull; + # hardware.pulseaudio.configFile = pkgs.writeText "default.pa" '' + # load-module module-bluetooth-policy + # load-module module-bluetooth-discover + # ## module fails to load with + # ## module-bluez5-device.c: Failed to get device path from module arguments + # ## module.c: Failed to load module "module-bluez5-device" (argument: ""): initialization failed. + # # load-module module-bluez5-device + # # load-module module-bluez5-discover + # ''; } diff --git a/lass/1systems/xerxes/icarus/config.nix b/lass/1systems/xerxes/icarus/config.nix deleted file mode 100644 index dada4949e..000000000 --- a/lass/1systems/xerxes/icarus/config.nix +++ /dev/null @@ -1,33 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - imports = [ - <stockholm/lass> - - <stockholm/lass/2configs/mouse.nix> - <stockholm/lass/2configs/retiolum.nix> - <stockholm/lass/2configs/git.nix> - <stockholm/lass/2configs/exim-retiolum.nix> - <stockholm/lass/2configs/baseX.nix> - #<stockholm/lass/2configs/browsers.nix> - <stockholm/lass/2configs/programs.nix> - <stockholm/lass/2configs/fetchWallpaper.nix> - <stockholm/lass/2configs/games.nix> - <stockholm/lass/2configs/bitcoin.nix> - <stockholm/lass/2configs/wine.nix> - #<stockholm/lass/2configs/blue-host.nix> - #<stockholm/lass/2configs/xtreemfs.nix> - <stockholm/lass/2configs/syncthing.nix> - <stockholm/lass/2configs/nfs-dl.nix> - #<stockholm/lass/2configs/prism-share.nix> - <stockholm/lass/2configs/ssh-cryptsetup.nix> - ]; - - krebs.build.host = config.krebs.hosts.icarus; - - environment.systemPackages = with pkgs; [ - macchanger - nix-review - ]; - programs.adb.enable = true; -} diff --git a/lass/1systems/xerxes/icarus/physical.nix b/lass/1systems/xerxes/icarus/physical.nix deleted file mode 100644 index e9e09bc05..000000000 --- a/lass/1systems/xerxes/icarus/physical.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ - imports = [ - ./config.nix - <stockholm/lass/2configs/hw/x220.nix> - <stockholm/lass/2configs/boot/coreboot.nix> - ]; - - fileSystems = { - "/bku" = { - device = "/dev/mapper/pool-bku"; - fsType = "btrfs"; - options = ["defaults" "noatime" "ssd" "compress=lzo"]; - }; - }; - - services.udev.extraRules = '' - SUBSYSTEM=="net", ATTR{address}=="00:24:d7:f0:a0:0c", NAME="wl0" - SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:71:cb:35", NAME="et0" - ''; - - services.thinkfan.enable = true; - services.tlp.extraConfig = '' - START_CHARGE_THRESH_BAT0=80 - ''; -} diff --git a/lass/1systems/xerxes/physical.nix b/lass/1systems/xerxes/physical.nix index f88578e19..5d60dfc45 100644 --- a/lass/1systems/xerxes/physical.nix +++ b/lass/1systems/xerxes/physical.nix @@ -17,6 +17,7 @@ boot.blacklistedKernelModules = [ "goodix" ]; + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "sd_mod" ]; boot.initrd.kernelModules = [ ]; boot.initrd.luks.devices.crypted.device = "/dev/sda3"; @@ -27,11 +28,6 @@ "boot.shell_on_fail" ]; - services.xserver.displayManager.sessionCommands = '' - (sleep 2 && ${pkgs.xorg.xrandr}/bin/xrandr --output eDP-1 --rotate right) - (sleep 2 && ${pkgs.xorg.xinput}/bin/xinput set-prop 'Goodix Capacitive TouchScreen' 'Coordinate Transformation Matrix' 0 1 0 -1 0 1 0 0 1) - ''; - fileSystems."/" = { device = "rpool/root"; fsType = "zfs"; @@ -76,11 +72,15 @@ IdleActionSec=300 ''; - services.xserver.extraConfig = '' - Section "Device" - Identifier "Intel Graphics" - Driver "Intel" - Option "TearFree" "true" - EndSection - ''; + services.xserver = { + videoDrivers = [ "intel" ]; + deviceSection = '' + Option "TearFree" "true" + ''; + displayManager.sessionCommands = '' + echo nonono > /tmp/xxyy + (sleep 2 && ${pkgs.xorg.xrandr}/bin/xrandr --output eDP1 --rotate right) + (sleep 2 && ${pkgs.xorg.xinput}/bin/xinput set-prop 'Goodix Capacitive TouchScreen' 'Coordinate Transformation Matrix' 0 1 0 -1 0 1 0 0 1) + ''; + }; } diff --git a/lass/2configs/nfs-dl.nix b/lass/2configs/nfs-dl.nix index abbcc1d42..ba53321b9 100644 --- a/lass/2configs/nfs-dl.nix +++ b/lass/2configs/nfs-dl.nix @@ -1,7 +1,20 @@ { fileSystems."/mnt/prism" = { - device = "prism.w:/export"; + device = "prism.w:/export/download"; fsType = "nfs"; + options = [ + "timeo=14" + "noauto" + "noatime" + "nodiratime" + "noac" + "nocto" + "x-systemd.automount" + "x-systemd.device-timeout=1" + "x-systemd.idle-timeout=1min" + "x-systemd.requires=retiolum.service" + "x-systemd.requires=wpa_supplicant.service" + ]; }; } diff --git a/lass/3modules/autowifi.nix b/lass/3modules/autowifi.nix new file mode 100644 index 000000000..930d99727 --- /dev/null +++ b/lass/3modules/autowifi.nix @@ -0,0 +1,111 @@ +{ config, lib, pkgs, ... }: +with import <stockholm/lib>; +let + + cfg = config.lass.autowifi; + +in { + options.lass.autowifi = { + enable = mkEnableOption "automatic wifi connector"; + knownWifisFile = mkOption { + type = types.str; + default = "/etc/wifis"; + }; + }; + + config = { + systemd.services.autowifi = { + description = "Automatic wifi connector"; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + Type = "simple"; + Restart = "always"; + RestartSec = "10s"; + ExecStart = pkgs.writers.writePython3 "autowifi" {} /* python3 */ '' + import subprocess + import time + import urllib.request + + + def connect(ssid, psk=None): + subprocess.run(["${pkgs.networkmanager}/bin/nmcli", "connection", "delete", "autowifi"]) + print("connecting to {}".format(ssid)) + if psk is None: + subprocess.run(["${pkgs.networkmanager}/bin/nmcli", "device", "wifi", "connect", ssid, "name", "autowifi"]) + else: + subprocess.run(["${pkgs.networkmanager}/bin/nmcli", "device", "wifi", "connect", ssid, "name", "autowifi", "password", psk]) + + + def scan(): + wifis_raw = subprocess.check_output(["${pkgs.networkmanager}/bin/nmcli", "-t", "device", "wifi", "list", "--rescan", "yes"]) + wifis_list = wifis_raw.split(b'\n') + wifis = [] + for line in wifis_list: + ls = line.split(b':') + if len(ls) == 8: + wifis.append({"ssid": ls[1], "signal": int(ls[5]), "crypto": ls[7]}) + return wifis + + + def get_known_wifis(): + wifis_lines = [] + with open('${cfg.knownWifisFile}') as f: + wifis_lines = f.read().splitlines() + wifis = [] + for line in wifis_lines: + ls = line.split(':') + wifis.append({"ssid": ls[0].encode(), "psk": ls[1].encode()}) + return wifis + + + def check_internet(): + try: + beacon = urllib.request.urlopen('http://krebsco.de/secret') + except: # noqa + print("no internet") + return False + if beacon.read() == b'1337\n': + return True + print("no internet") + return False + + + def is_wifi_open(wifi): + if wifi['crypto'] == ${"b''"}: + return True + else: + return False + + + def is_wifi_seen(wifi, seen_wifis): + for seen_wifi in seen_wifis: + if seen_wifi["ssid"] == wifi["ssid"]: + return True + return False + + + def bloop(): + while True: + if not check_internet(): + wifis = scan() + known_wifis = get_known_wifis() + known_seen_wifis = [wifi for wifi in known_wifis if is_wifi_seen(wifi, wifis)] + for wifi in known_seen_wifis: + connect(wifi['ssid'], wifi['psk']) + if check_internet(): + continue + open_wifis = filter(is_wifi_open, wifis) + for wifi in open_wifis: + connect(wifi['ssid']) + if check_internet(): + continue + time.sleep(10) + + + bloop() + ''; + }; + }; + }; +} + diff --git a/lass/3modules/default.nix b/lass/3modules/default.nix index 613c7c8ac..1195cd3d4 100644 --- a/lass/3modules/default.nix +++ b/lass/3modules/default.nix @@ -14,5 +14,6 @@ _: ./umts.nix ./usershadow.nix ./xjail.nix + ./autowifi.nix ]; } |