28 files changed, 868 insertions, 209 deletions

diff --git a/lass/1systems/icarus.nix b/lass/1systems/icarus.nix
index 3998fc177..b869a67a7 100644
--- a/lass/1systems/icarus.nix
+++ b/lass/1systems/icarus.nix
@@ -14,15 +14,6 @@ with import <stockholm/lib>;
     ../2configs/fetchWallpaper.nix
     ../2configs/backups.nix
     ../2configs/games.nix
-    #{
-    #  users.extraUsers = {
-    #    root = {
-    #      openssh.authorizedKeys.keys = map readFile [
-    #        ../../krebs/Zpubkeys/uriel.ssh.pub
-    #      ];
-    #    };
-    #  };
-    #}
   ];
 
   krebs.build.host = config.krebs.hosts.icarus;
@@ -31,20 +22,27 @@ with import <stockholm/lib>;
     loader.grub.enable = true;
     loader.grub.version = 2;
     loader.grub.device = "/dev/sda";
+    loader.grub.enableCryptodisk = true;
 
     initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; } ];
     initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
     initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
-    #kernelModules = [ "kvm-intel" "msr" ];
   };
   fileSystems = {
     "/" = {
-      device = "/dev/pool/nix";
+      device = "/dev/mapper/pool-root";
       fsType = "btrfs";
+      options = ["defaults" "noatime" "ssd" "compress=lzo"];
     };
-
-    "/boot" = {
-      device = "/dev/sda1";
+    "/bku" = {
+      device = "/dev/mapper/pool-bku";
+      fsType = "btrfs";
+      options = ["defaults" "noatime" "ssd" "compress=lzo"];
+    };
+    "/home" = {
+      device = "/dev/mapper/pool-home";
+      fsType = "btrfs";
+      options = ["defaults" "noatime" "ssd" "compress=lzo"];
     };
     "/tmp" = {
       device = "tmpfs";
@@ -54,7 +52,7 @@ with import <stockholm/lib>;
   };
 
   services.udev.extraRules = ''
-    SUBSYSTEM=="net", ATTR{address}=="a0:88:b4:29:26:bc", NAME="wl0"
-    SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:0c:a7:63", NAME="et0"
+    SUBSYSTEM=="net", ATTR{address}=="08:11:96:0a:5d:6c", NAME="wl0"
+    SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:71:cb:35", NAME="et0"
   '';
 }
diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix
index 012bd359f..dde867eb3 100644
--- a/lass/1systems/mors.nix
+++ b/lass/1systems/mors.nix
@@ -256,11 +256,6 @@ with import <stockholm/lib>;
       fsType = "ext4";
     };
 
-    "/bku" = {
-      device = "/dev/big/backups";
-      fsType = "ext4";
-    };
-
     "/home/games/.local/share/Steam" = {
       device = "/dev/big/steam";
       fsType = "ext4";
@@ -289,7 +284,7 @@ with import <stockholm/lib>;
 
   services.udev.extraRules = ''
     SUBSYSTEM=="net", ATTR{address}=="00:24:d7:f0:a0:0c", NAME="wl0"
-    SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:8f:85:c9", NAME="et0"
+    SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:71:cb:35", NAME="et0"
   '';
 
   #TODO activationScripts seem broken, fix them!
diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix
index 854c98f46..d8980a10c 100644
--- a/lass/1systems/prism.nix
+++ b/lass/1systems/prism.nix
@@ -12,6 +12,22 @@ let
 in {
   imports = [
     ../.
+    {
+      networking.interfaces.et0.ip4 = [
+        {
+          address = ip;
+          prefixLength = 24;
+        }
+      ];
+      networking.defaultGateway = "213.239.205.225";
+      networking.nameservers = [
+        "8.8.8.8"
+      ];
+      services.udev.extraRules = ''
+        SUBSYSTEM=="net", ATTR{address}=="54:04:a6:7e:f4:06", NAME="et0"
+      '';
+
+    }
     ../2configs/retiolum.nix
     ../2configs/exim-smarthost.nix
     ../2configs/downloading.nix
@@ -49,22 +65,6 @@ in {
       };
     }
     {
-      networking.interfaces.et0.ip4 = [
-        {
-          address = ip;
-          prefixLength = 24;
-        }
-      ];
-      networking.defaultGateway = "213.239.205.225";
-      networking.nameservers = [
-        "8.8.8.8"
-      ];
-      services.udev.extraRules = ''
-        SUBSYSTEM=="net", ATTR{address}=="54:04:a6:7e:f4:06", NAME="et0"
-      '';
-
-    }
-    {
       boot.loader.grub = {
         devices = [
           "/dev/sda"
@@ -226,6 +226,130 @@ in {
         enable = true;
       };
     }
+    {
+      users.users.nin = {
+        uid = genid "nin";
+        inherit (config.krebs.users.nin) home;
+        group = "users";
+        createHome = true;
+        useDefaultShell = true;
+        openssh.authorizedKeys.keys = [
+          config.krebs.users.nin.pubkey
+        ];
+        extraGroups = [
+          "libvirtd"
+        ];
+      };
+      krebs.git.rules = [
+        {
+          user = [ config.krebs.users.nin ];
+          repo = [ config.krebs.git.repos.stockholm ];
+          perm = with git; push "refs/heads/nin" [ fast-forward non-fast-forward create delete merge ];
+        }
+      ];
+      krebs.repo-sync.repos.stockholm.nin = {
+        origin.url = "http://cgit.prism/stockholm";
+        origin.ref = "heads/nin";
+        mirror.url = "git@${config.networking.hostName}:stockholm";
+      };
+      krebs.iptables.tables.nat.PREROUTING.rules = [
+        { v6 = false; precedence = 1000; predicate = "-d 213.239.205.240 -p tcp --dport 1337"; target = "DNAT --to-destination 192.168.122.24:22"; }
+      ];
+      krebs.iptables.tables.filter.FORWARD.rules = [
+        { v6 = false; precedence = 1000; predicate = "-d 192.168.122.24 -p tcp --dport 22 -m state --state NEW,ESTABLISHED,RELATED"; target = "ACCEPT"; }
+      ];
+    }
+    {
+      krebs.Reaktor.coders = {
+        nickname = "reaktor-lass";
+        channels = [ "#coders" ];
+        extraEnviron = {
+          REAKTOR_HOST = "irc.hackint.org";
+        };
+        plugins = with pkgs.ReaktorPlugins; let
+          lambdabotflags = ''
+            -XStandaloneDeriving -XGADTs -XFlexibleContexts \
+            -XFlexibleInstances -XMultiParamTypeClasses \
+            -XOverloadedStrings -XFunctionalDependencies \'';
+        in [
+          sed-plugin
+          url-title
+          (buildSimpleReaktorPlugin "lambdabot-pl" {
+            pattern = "^@pl (?P<args>.*)$$";
+            script = pkgs.writeDash "lambda-pl" ''
+              exec ${pkgs.lambdabot}/bin/lambdabot \
+                ${indent lambdabotflags}
+                -e "@pl $1"
+            '';
+          })
+          (buildSimpleReaktorPlugin "lambdabot-type" {
+            pattern = "^@type (?P<args>.*)$$";
+            script = pkgs.writeDash "lambda-type" ''
+              exec ${pkgs.lambdabot}/bin/lambdabot \
+                ${indent lambdabotflags}
+                -e "@type $1"
+            '';
+          })
+          (buildSimpleReaktorPlugin "lambdabot-let" {
+            pattern = "^@let (?P<args>.*)$$";
+            script = pkgs.writeDash "lambda-let" ''
+              exec ${pkgs.lambdabot}/bin/lambdabot \
+                ${indent lambdabotflags}
+                -e "@let $1"
+            '';
+          })
+          (buildSimpleReaktorPlugin "lambdabot-run" {
+            pattern = "^@run (?P<args>.*)$$";
+            script = pkgs.writeDash "lambda-run" ''
+              exec ${pkgs.lambdabot}/bin/lambdabot \
+                ${indent lambdabotflags}
+                -e "@run $1"
+            '';
+          })
+          (buildSimpleReaktorPlugin "lambdabot-kind" {
+            pattern = "^@kind (?P<args>.*)$$";
+            script = pkgs.writeDash "lambda-kind" ''
+              exec ${pkgs.lambdabot}/bin/lambdabot \
+                ${indent lambdabotflags}
+                -e "@kind $1"
+            '';
+          })
+          (buildSimpleReaktorPlugin "lambdabot-kind" {
+            pattern = "^@kind (?P<args>.*)$$";
+            script = pkgs.writeDash "lambda-kind" ''
+              exec ${pkgs.lambdabot}/bin/lambdabot \
+                ${indent lambdabotflags}
+                -e "@kind $1"
+            '';
+          })
+          (buildSimpleReaktorPlugin "random-unicorn-porn" {
+            pattern = "^!rup$$";
+            script = pkgs.writePython2 "rup" ''
+              #!${pkgs.python2}/bin/python
+              t1 = """
+                                    _.
+                                 ;=',_ ()
+                       8===D~~  S" .--`||
+                               sS  \__ ||
+                            __.' ( \-->||
+                         _=/    _./-\/ ||
+                8===D~~ ((\( /-'   -'l ||
+                         ) |/ \\      (_))
+                            \\  \\
+                             '~ '~
+              """
+              print(t1)
+            '';
+          })
+          (buildSimpleReaktorPlugin "ping" {
+            pattern = "^!ping (?P<args>.*)$$";
+            script = pkgs.writeDash "ping" ''
+              exec /var/setuid-wrappers/ping -q -c1 "$1" 2>&1 | tail -1
+            '';
+          })
+        ];
+      };
+    }
   ];
 
   krebs.build.host = config.krebs.hosts.prism;
diff --git a/lass/1systems/shodan.nix b/lass/1systems/shodan.nix
index 095898380..232e91d90 100644
--- a/lass/1systems/shodan.nix
+++ b/lass/1systems/shodan.nix
@@ -59,17 +59,13 @@ with import <stockholm/lib>;
   fileSystems = {
     "/" = {
       device = "/dev/pool/nix";
-      fsType = "ext4";
+      fsType = "btrfs";
     };
 
     "/boot" = {
       device = "/dev/sda1";
     };
 
-    "/home/lass" = {
-      device = "/dev/pool/home-lass";
-      fsType = "ext4";
-    };
     "/tmp" = {
       device = "tmpfs";
       fsType = "tmpfs";
@@ -77,7 +73,7 @@ with import <stockholm/lib>;
     };
     "/bku" = {
       device = "/dev/pool/bku";
-      fsType = "ext4";
+      fsType = "btrfs";
     };
   };
 
diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix
index 1e796015a..e879e8e58 100644
--- a/lass/2configs/baseX.nix
+++ b/lass/2configs/baseX.nix
@@ -7,12 +7,21 @@ in {
     ./xserver
     ./mpv.nix
     ./power-action.nix
+    ./screenlock.nix
     {
       hardware.pulseaudio = {
         enable = true;
         systemWide = true;
       };
     }
+    {
+      krebs.per-user.lass.packages = [
+        pkgs.sshuttle
+      ];
+      security.sudo.extraConfig = ''
+        lass ALL= (root) NOPASSWD:SETENV: ${pkgs.sshuttle}/bin/.sshuttle-wrapped
+      '';
+    }
   ];
 
   users.extraUsers.mainUser.extraGroups = [ "audio" "video" ];
diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix
index 6fea97728..911b7738a 100644
--- a/lass/2configs/default.nix
+++ b/lass/2configs/default.nix
@@ -9,7 +9,6 @@ with import <stockholm/lib>;
     ../2configs/mc.nix
     ../2configs/nixpkgs.nix
     ../2configs/vim.nix
-    ../2configs/zsh.nix
     ./backups.nix
     {
       users.extraUsers =
@@ -56,6 +55,12 @@ with import <stockholm/lib>;
         SSL_CERT_FILE = ca-bundle;
       };
     })
+    {
+      #for sshuttle
+      environment.systemPackages = [
+        pkgs.pythonPackages.python
+      ];
+    }
   ];
 
   networking.hostName = config.krebs.build.host.name;
@@ -86,8 +91,6 @@ with import <stockholm/lib>;
   #why is this on in the first place?
   services.nscd.enable = false;
 
-  boot.tmpOnTmpfs = true;
-  # see tmpfiles.d(5)
   systemd.tmpfiles.rules = [
     "d /tmp 1777 root root - -"
   ];
@@ -156,13 +159,17 @@ with import <stockholm/lib>;
     promptInit = ''
       if test $UID = 0; then
         PS1='\[\033[1;31m\]\w\[\033[0m\] '
+        PROMPT_COMMAND='echo -ne "\033]0;$$ $USER@$PWD\007"'
       elif test $UID = 1337; then
         PS1='\[\033[1;32m\]\w\[\033[0m\] '
+        PROMPT_COMMAND='echo -ne "\033]0;$$ $PWD\007"'
       else
         PS1='\[\033[1;33m\]\u@\w\[\033[0m\] '
+        PROMPT_COMMAND='echo -ne "\033]0;$$ $USER@$PWD\007"'
       fi
       if test -n "$SSH_CLIENT"; then
         PS1='\[\033[35m\]\h'" $PS1"
+        PROMPT_COMMAND='echo -ne "\033]0;$$ $HOSTNAME $USER@$PWD\007"'
       fi
     '';
   };
diff --git a/lass/2configs/fetchWallpaper.nix b/lass/2configs/fetchWallpaper.nix
index a724e2e45..cf084ea8f 100644
--- a/lass/2configs/fetchWallpaper.nix
+++ b/lass/2configs/fetchWallpaper.nix
@@ -8,5 +8,9 @@ in {
     unitConfig.ConditionPathExists = "!/var/run/ppp0.pid";
     url = "prism/wallpaper.png";
   };
+  systemd.services.fetchWallpaper = {
+    after = [ "xmonad.service" ];
+    wantedBy = [ "xmonad.service" ];
+  };
 }
 
diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix
index ded0922b8..d7ec39f2d 100644
--- a/lass/2configs/git.nix
+++ b/lass/2configs/git.nix
@@ -56,7 +56,8 @@ let
         channel = "#retiolum";
         server = "ni.r";
         verbose = config.krebs.build.host.name == "prism";
-        branches = [ "master" ];
+        # TODO define branches in some kind of option per repo
+        branches = [ "master" "newest" "nin" ];
       };
     };
   };
diff --git a/lass/2configs/hfos.nix b/lass/2configs/hfos.nix
index f6f09e226..7d4d544aa 100644
--- a/lass/2configs/hfos.nix
+++ b/lass/2configs/hfos.nix
@@ -7,7 +7,7 @@ with import <stockholm/lib>;
     isNormalUser = true;
     extraGroups = [ "libvirtd" ];
     openssh.authorizedKeys.keys = [
-      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC5NnADMRySix1kcxQwseHfem/SCDmkbvwc+ZZu7HFz4zss1k4Fh1knsukMY83zlno8p/8bBPWyixLTxuZHNy26af8GP95bvV3brnpRmrijkE4dOlpd+wvPcIyTKNunJvMzNDP/ry9g2GczEZKGWvQZudq/nI54HaCaRWM2kzEMEg8Rr9SGlZEKo8B+8HGVsz1a8USOnm8dqYP9dmfLdpy/s+7yWJSPh8wokvWeOOrahirOhO99ZfXm2gcdHqSKvbD2+4EYEm5w8iFrbYBT2wZ3u9ZOiooL/JuEBBdnDrcqZqeaTw0vOdKPvkUP8/rzRjvIwSkynMSD8fixpdGRNeIB riot@lagrange"
+      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMkyCwdwBrsbs3qrNQcy/SqQpex4aaQoAMuT+NDefFc8KVHOMfmkDccEyAggDTgQhUrEVIvo/fFUmGBd9sm1vN1IthO2Qh5nX+qiK/A2R7sxci0Ry6piU03R27JfpZqi6g8TSPNi1C9rC8eBqOfO3OB8oQOkFmM48Q9cmS8AV3ERLR0LaHoEqUbs86JELbtHrMdKk4Hzo8zTM/isP3GO8iDHRt4dBS/03Ve7+WVxgNwWU2HW3a3jJd3tWHrqGmS/ZfCEC/47eIj4WSW+JiH9Q0BarNEbkkMV1Mvm32MX52stGPd5FaIIUtFqD4745iVSiw8esUGFUxJ1RjWgUHr99h riot@vortex"
       config.krebs.users.lass.pubkey
     ];
   };
@@ -21,12 +21,14 @@ with import <stockholm/lib>;
 
   krebs.iptables.tables.nat.PREROUTING.rules = [
     { v6 = false; precedence = 1000; predicate = "-d 213.239.205.246 -p tcp --dport 22"; target = "DNAT --to-destination 192.168.122.208:22"; }
+    { v6 = false; precedence = 1000; predicate = "-d 213.239.205.246 -p tcp --dport 25"; target = "DNAT --to-destination 192.168.122.208:25"; }
     { v6 = false; precedence = 1000; predicate = "-d 213.239.205.246 -p tcp --dport 80"; target = "DNAT --to-destination 192.168.122.208:1080"; }
     { v6 = false; precedence = 1000; predicate = "-d 213.239.205.246 -p tcp --dport 443"; target = "DNAT --to-destination 192.168.122.208:1443"; }
   ];
 
   krebs.iptables.tables.filter.FORWARD.rules = [
     { v6 = false; precedence = 1000; predicate = "-d 192.168.122.208 -p tcp --dport 22 -m state --state NEW,ESTABLISHED,RELATED"; target = "ACCEPT"; }
+    { v6 = false; precedence = 1000; predicate = "-d 192.168.122.208 -p tcp --dport 25 -m state --state NEW,ESTABLISHED,RELATED"; target = "ACCEPT"; }
     { v6 = false; precedence = 1000; predicate = "-d 192.168.122.208 -p tcp --dport 1080 -m state --state NEW,ESTABLISHED,RELATED"; target = "ACCEPT"; }
     { v6 = false; precedence = 1000; predicate = "-d 192.168.122.208 -p tcp --dport 1443 -m state --state NEW,ESTABLISHED,RELATED"; target = "ACCEPT"; }
   ];
diff --git a/lass/2configs/hw/tp-x220.nix b/lass/2configs/hw/tp-x220.nix
index 4a7d0bbcd..ec36fa96a 100644
--- a/lass/2configs/hw/tp-x220.nix
+++ b/lass/2configs/hw/tp-x220.nix
@@ -2,6 +2,9 @@
 
 with import <stockholm/lib>;
 {
+  imports = [
+    ../smartd.nix
+  ];
   networking.wireless.enable = lib.mkDefault true;
 
   hardware.enableAllFirmware = true;
@@ -36,6 +39,7 @@ with import <stockholm/lib>;
   boot = {
     kernelModules = [ "kvm-intel" "acpi_call" "tpm-rng" ];
     extraModulePackages = [ config.boot.kernelPackages.tp_smapi ];
+    kernelParams = [ "acpi_backlight=none" ];
   };
 
   hardware.opengl.extraPackages = [
diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix
index 6885ef59d..27b7c2439 100644
--- a/lass/2configs/nixpkgs.nix
+++ b/lass/2configs/nixpkgs.nix
@@ -2,7 +2,7 @@
 
 {
   krebs.build.source.nixpkgs.git = {
-    url = https://github.com/lassulus/nixpkgs;
-    ref = "819c1ab486a9c81d6a6b76c759aedece2df39037";
+    url = https://github.com/nixos/nixpkgs;
+    ref = "39098270855c171f0824c09d071b606ae991ff87";
   };
 }
diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix
index 18574471e..6e96f8845 100644
--- a/lass/2configs/radio.nix
+++ b/lass/2configs/radio.nix
@@ -60,28 +60,20 @@ in {
     musicDirectory = "/home/radio/the_playlist/music";
     extraConfig = ''
       audio_output {
-          type        "shout"
-          encoding    "ogg"
-          name        "the_playlist"
-          host        "localhost"
-          port        "8000"
-          mount       "/radio.ogg"
-
-      # This is the source password in icecast.xml
-          password    "${source-password}"
-
-      # Set either quality or bit rate
-      #   quality     "5.0"
-          bitrate     "128"
-
-          format      "44100:16:1"
-
-      # Optional Parameters
-          user        "source"
-      #   description "here is my long description"
-         genre       "good music"
-      } # end of audio_output
-
+        type        "shout"
+        encoding    "ogg"
+        name        "the_playlist"
+        host        "localhost"
+        port        "8000"
+        mount       "/radio.ogg"
+        password    "${source-password}"
+        bitrate     "128"
+
+        format      "44100:16:2"
+
+        user        "source"
+        genre       "good music"
+      }
     '';
   };
 
@@ -138,8 +130,7 @@ in {
     };
   };
 
-  krebs.Reaktor = {
-    enable = true;
+  krebs.Reaktor.playlist = {
     nickname = "the_playlist|r";
     channels = [ "#the_playlist" ];
     extraEnviron = {
diff --git a/lass/2configs/retiolum.nix b/lass/2configs/retiolum.nix
index eba40532d..7a7bf95be 100644
--- a/lass/2configs/retiolum.nix
+++ b/lass/2configs/retiolum.nix
@@ -16,9 +16,9 @@
     enable = true;
     connectTo = [
       "prism"
-      "pigstarter"
       "gum"
-      "flap"
+      "ni"
+      "dishfire"
     ];
   };
 
diff --git a/lass/2configs/screenlock.nix b/lass/2configs/screenlock.nix
new file mode 100644
index 000000000..237127f69
--- /dev/null
+++ b/lass/2configs/screenlock.nix
@@ -0,0 +1,17 @@
+{ pkgs, config, ... }:
+
+{
+  systemd.services.screenlock = {
+    before = [ "sleep.target" ];
+    wantedBy = [ "sleep.target" ];
+    environment = {
+      DISPLAY = ":${toString config.services.xserver.display}";
+    };
+    serviceConfig = {
+      SyslogIdentifier = "screenlock";
+      ExecStart = "${pkgs.i3lock}/bin/i3lock -i /var/lib/wallpaper/wallpaper -f";
+      Type = "forking";
+      User = "lass";
+    };
+  };
+}
diff --git a/lass/2configs/smartd.nix b/lass/2configs/smartd.nix
new file mode 100644
index 000000000..859812bed
--- /dev/null
+++ b/lass/2configs/smartd.nix
@@ -0,0 +1,17 @@
+{ config, pkgs, ... }:
+
+{
+  services.smartd = {
+    enable = true;
+    devices = [
+      {
+        device = "DEVICESCAN";
+        options = toString [
+          "-a"
+          "-m ${config.krebs.users.lass.mail}"
+          "-s (O/../.././09|S/../.././04|L/../../6/05)"
+        ];
+      }
+    ];
+  };
+}
diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix
index bfaae24c8..c3eac8f38 100644
--- a/lass/2configs/vim.nix
+++ b/lass/2configs/vim.nix
@@ -5,6 +5,7 @@ let
   out = {
     environment.systemPackages = [
       vim
+      pkgs.pythonPackages.flake8
     ];
 
     environment.etc.vimrc.source = vimrc;
@@ -13,6 +14,91 @@ let
     environment.variables.VIMINIT = ":so /etc/vimrc";
   };
 
+  vimrc = pkgs.writeText "vimrc" ''
+    set nocompatible
+
+    set autoindent
+    set backspace=indent,eol,start
+    set backup
+    set backupdir=${dirs.backupdir}/
+    set directory=${dirs.swapdir}//
+    set hlsearch
+    set incsearch
+    set mouse=a
+    set noruler
+    set pastetoggle=<INS>
+    set runtimepath=${extra-runtimepath},$VIMRUNTIME
+    set shortmess+=I
+    set showcmd
+    set showmatch
+    set ttimeoutlen=0
+    set undodir=${dirs.undodir}
+    set undofile
+    set undolevels=1000000
+    set undoreload=1000000
+    set viminfo='20,<1000,s100,h,n${files.viminfo}
+    set visualbell
+    set wildignore+=*.o,*.class,*.hi,*.dyn_hi,*.dyn_o
+    set wildmenu
+    set wildmode=longest,full
+
+    set title
+    set titleold=
+    set titlestring=(vim)\ %t%(\ %M%)%(\ (%{expand(\"%:p:h\")})%)%(\ %a%)\ -\ %{v:servername}
+
+    set et ts=2 sts=2 sw=2
+
+    filetype plugin indent on
+
+    set t_Co=256
+    colorscheme hack
+    syntax on
+
+    au Syntax * syn match Garbage containedin=ALL /\s\+$/
+            \ | syn match TabStop containedin=ALL /\t\+/
+            \ | syn keyword Todo containedin=ALL TODO
+
+    au BufRead,BufNewFile *.hs so ${hs.vim}
+
+    au BufRead,BufNewFile *.nix so ${nix.vim}
+
+    au BufRead,BufNewFile /dev/shm/* set nobackup nowritebackup noswapfile
+
+    "Syntastic config
+    let g:syntastic_python_checkers=['flake8']
+
+    nmap <esc>q :buffer 
+    nmap <M-q> :buffer 
+
+    cnoremap <C-A> <Home>
+
+    noremap  <C-c> :q<cr>
+    vnoremap < <gv
+    vnoremap > >gv
+
+    nnoremap <esc>[5^  :tabp<cr>
+    nnoremap <esc>[6^  :tabn<cr>
+    nnoremap <esc>[5@  :tabm -1<cr>
+    nnoremap <esc>[6@  :tabm +1<cr>
+
+    nnoremap <f1> :tabp<cr>
+    nnoremap <f2> :tabn<cr>
+    inoremap <f1> <esc>:tabp<cr>
+    inoremap <f2> <esc>:tabn<cr>
+
+    " <C-{Up,Down,Right,Left>
+    noremap <esc>Oa <nop> | noremap! <esc>Oa <nop>
+    noremap <esc>Ob <nop> | noremap! <esc>Ob <nop>
+    noremap <esc>Oc <nop> | noremap! <esc>Oc <nop>
+    noremap <esc>Od <nop> | noremap! <esc>Od <nop>
+    " <[C]S-{Up,Down,Right,Left>
+    noremap <esc>[a <nop> | noremap! <esc>[a <nop>
+    noremap <esc>[b <nop> | noremap! <esc>[b <nop>
+    noremap <esc>[c <nop> | noremap! <esc>[c <nop>
+    noremap <esc>[d <nop> | noremap! <esc>[d <nop>
+    vnoremap u <nop>
+  '';
+
   extra-runtimepath = concatMapStringsSep "," (pkg: "${pkg.rtp}") [
     pkgs.vimPlugins.Gundo
     pkgs.vimPlugins.Syntastic
@@ -126,87 +212,6 @@ let
     exec ${pkgs.vim}/bin/vim "$@"
   '';
 
-  vimrc = pkgs.writeText "vimrc" ''
-    set nocompatible
-
-    set autoindent
-    set backspace=indent,eol,start
-    set backup
-    set backupdir=${dirs.backupdir}/
-    set directory=${dirs.swapdir}//
-    set hlsearch
-    set incsearch
-    set mouse=a
-    set noruler
-    set pastetoggle=<INS>
-    set runtimepath=${extra-runtimepath},$VIMRUNTIME
-    set shortmess+=I
-    set showcmd
-    set showmatch
-    set ttimeoutlen=0
-    set undodir=${dirs.undodir}
-    set undofile
-    set undolevels=1000000
-    set undoreload=1000000
-    set viminfo='20,<1000,s100,h,n${files.viminfo}
-    set visualbell
-    set wildignore+=*.o,*.class,*.hi,*.dyn_hi,*.dyn_o
-    set wildmenu
-    set wildmode=longest,full
-
-    set et ts=2 sts=2 sw=2
-
-    filetype plugin indent on
-
-    set t_Co=256
-    colorscheme hack
-    syntax on
-
-    au Syntax * syn match Garbage containedin=ALL /\s\+$/
-            \ | syn match TabStop containedin=ALL /\t\+/
-            \ | syn keyword Todo containedin=ALL TODO
-
-    au BufRead,BufNewFile *.hs so ${hs.vim}
-
-    au BufRead,BufNewFile *.nix so ${nix.vim}
-
-    au BufRead,BufNewFile /dev/shm/* set nobackup nowritebackup noswapfile
-
-    "Syntastic config
-    let g:syntastic_python_checkers=['flake8']
-
-    nmap <esc>q :buffer 
-    nmap <M-q> :buffer 
-
-    cnoremap <C-A> <Home>
-
-    noremap  <C-c> :q<cr>
-    vnoremap < <gv
-    vnoremap > >gv
-
-    nnoremap <esc>[5^  :tabp<cr>
-    nnoremap <esc>[6^  :tabn<cr>
-    nnoremap <esc>[5@  :tabm -1<cr>
-    nnoremap <esc>[6@  :tabm +1<cr>
-
-    nnoremap <f1> :tabp<cr>
-    nnoremap <f2> :tabn<cr>
-    inoremap <f1> <esc>:tabp<cr>
-    inoremap <f2> <esc>:tabn<cr>
-
-    " <C-{Up,Down,Right,Left>
-    noremap <esc>Oa <nop> | noremap! <esc>Oa <nop>
-    noremap <esc>Ob <nop> | noremap! <esc>Ob <nop>
-    noremap <esc>Oc <nop> | noremap! <esc>Oc <nop>
-    noremap <esc>Od <nop> | noremap! <esc>Od <nop>
-    " <[C]S-{Up,Down,Right,Left>
-    noremap <esc>[a <nop> | noremap! <esc>[a <nop>
-    noremap <esc>[b <nop> | noremap! <esc>[b <nop>
-    noremap <esc>[c <nop> | noremap! <esc>[c <nop>
-    noremap <esc>[d <nop> | noremap! <esc>[d <nop>
-    vnoremap u <nop>
-  '';
-
   hs.vim = pkgs.writeText "hs.vim" ''
     syn region String start=+\[[[:alnum:]]*|+ end=+|]+
 
diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix
index 2bbfe7333..e79973a66 100644
--- a/lass/2configs/websites/domsen.nix
+++ b/lass/2configs/websites/domsen.nix
@@ -7,7 +7,6 @@ let
     genid_signed
   ;
   inherit (import <stockholm/lass/2configs/websites/util.nix> {inherit lib pkgs;})
-    ssl
     servePage
     serveOwncloud
     serveWordpress;
@@ -25,47 +24,16 @@ let
 in {
   imports = [
     ./sqlBackup.nix
-    (ssl [ "reich-gebaeudereinigung.de" "www.reich-gebaeudereinigung.de" ])
     (servePage [ "reich-gebaeudereinigung.de" "www.reich-gebaeudereinigung.de" ])
 
-    (ssl [ "kar