summaryrefslogtreecommitdiffstats
path: root/lass
diff options
context:
space:
mode:
Diffstat (limited to 'lass')
-rw-r--r--lass/1systems/cloudkrebs.nix23
-rw-r--r--lass/1systems/echelon.nix33
-rw-r--r--lass/1systems/mors.nix37
-rw-r--r--lass/1systems/test-arch.nix36
-rw-r--r--lass/1systems/test-centos6.nix30
-rw-r--r--lass/1systems/test-centos7.nix31
-rw-r--r--lass/1systems/uriel.nix31
-rw-r--r--lass/2configs/base.nix31
-rw-r--r--lass/2configs/baseX.nix (renamed from lass/2configs/desktop-base.nix)2
-rw-r--r--lass/2configs/newsbot-js.nix203
-rw-r--r--lass/2configs/os-templates/CAC-CentOS-6.5-64bit.nix47
-rw-r--r--lass/2configs/sshkeys.nix11
-rw-r--r--lass/3modules/default.nix8
-rw-r--r--lass/3modules/dnsmasq.nix55
-rw-r--r--lass/3modules/newsbot-js.nix87
-rw-r--r--lass/3modules/sshkeys.nix26
-rw-r--r--lass/4lib/default.nix8
-rw-r--r--lass/5pkgs/newsbot-js/default.nix4
18 files changed, 553 insertions, 150 deletions
diff --git a/lass/1systems/cloudkrebs.nix b/lass/1systems/cloudkrebs.nix
index 17915e087..ab24b584b 100644
--- a/lass/1systems/cloudkrebs.nix
+++ b/lass/1systems/cloudkrebs.nix
@@ -27,30 +27,9 @@ in {
}
{
- nix.maxJobs = 1;
sound.enable = false;
}
];
- krebs.build = {
- user = config.krebs.users.lass;
- host = config.krebs.hosts.cloudkrebs;
- source = {
- dir.secrets = {
- host = config.krebs.hosts.mors;
- path = "/home/lass/secrets/${config.krebs.build.host.name}";
- };
- dir.stockholm = {
- host = config.krebs.hosts.mors;
- path = "/home/lass/dev/stockholm";
- };
- };
- };
-
- networking.hostName = "cloudkrebs";
-
- environment.systemPackages = [
- pkgs.dic
- ];
-
+ krebs.build.host = config.krebs.hosts.cloudkrebs;
}
diff --git a/lass/1systems/echelon.nix b/lass/1systems/echelon.nix
index feaf77ef6..94c793b08 100644
--- a/lass/1systems/echelon.nix
+++ b/lass/1systems/echelon.nix
@@ -31,26 +31,23 @@ in {
}
{
- nix.maxJobs = 1;
sound.enable = false;
}
- ];
-
- krebs.build = {
- user = config.krebs.users.lass;
- host = config.krebs.hosts.echelon;
- source = {
- dir.secrets = {
- host = config.krebs.hosts.mors;
- path = "/home/lass/secrets/${config.krebs.build.host.name}";
- };
- dir.stockholm = {
- host = config.krebs.hosts.mors;
- path = "/home/lass/dev/stockholm";
+ {
+ imports = [
+ ../3modules/dnsmasq.nix
+ ];
+ lass.dnsmasq = {
+ enable = true;
+ config = ''
+ interface=retiolum
+ '';
};
- };
- };
-
- networking.hostName = config.krebs.build.host.name;
+ krebs.iptables.tables.filter.INPUT.rules = [
+ { predicate = "-i retiolum -p udp --dport 53"; target = "ACCEPT"; }
+ ];
+ }
+ ];
+ krebs.build.host = config.krebs.hosts.echelon;
}
diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix
index 7076c8b14..b0b8ff573 100644
--- a/lass/1systems/mors.nix
+++ b/lass/1systems/mors.nix
@@ -2,7 +2,7 @@
{
imports = [
- ../2configs/desktop-base.nix
+ ../2configs/baseX.nix
../2configs/programs.nix
../2configs/bitcoin.nix
../2configs/browsers.nix
@@ -10,7 +10,6 @@
../2configs/pass.nix
../2configs/virtualbox.nix
../2configs/elster.nix
- ../2configs/urxvt.nix
../2configs/steam.nix
../2configs/wine.nix
../2configs/texlive.nix
@@ -18,7 +17,6 @@
#../2configs/ircd.nix
../2configs/chromium-patched.nix
../2configs/git.nix
- #../../2configs/tv/synaptics.nix
../2configs/retiolum.nix
../2configs/wordpress.nix
../2configs/bitlbee.nix
@@ -26,22 +24,8 @@
../2configs/skype.nix
];
- krebs.build = {
- user = config.krebs.users.lass;
- host = config.krebs.hosts.mors;
- source = {
- dir.secrets = {
- host = config.krebs.hosts.mors;
- path = "/home/lass/secrets/${config.krebs.build.host.name}";
- };
- dir.stockholm = {
- host = config.krebs.hosts.mors;
- path = "/home/lass/dev/stockholm";
- };
- };
- };
+ krebs.build.host = config.krebs.hosts.mors;
- networking.hostName = "mors";
networking.wireless.enable = true;
networking.extraHosts = ''
@@ -52,8 +36,6 @@
10.243.206.102 apanowicz.de
'';
- nix.maxJobs = 4;
-
hardware.enableAllFirmware = true;
nixpkgs.config.allowUnfree = true;
@@ -159,11 +141,6 @@
emulateWheel = true;
};
- #system.activationScripts.trackpoint = ''
- # echo 0 > '/sys/devices/platform/i8042/serio1/serio2/speed'
- # echo 220 > '/sys/devices/platform/i8042/serio1/serio2/sensitivity'
- #'';
-
services.xserver = {
videoDriver = "intel";
vaapiDrivers = [ pkgs.vaapiIntel ];
@@ -210,9 +187,19 @@
];
};
};
+
#touchpad config
services.xserver.synaptics = {
enable = true;
+ accelFactor = "0.035";
+ additionalOptions = ''
+ Option "FingerHigh" "60"
+ Option "FingerLow" "60"
+ '';
tapButtons = false;
+ twoFingerScroll = true;
};
+
+ #for google hangout
+ users.extraUsers.gm.extraGroups = [ "audio" "video" ];
}
diff --git a/lass/1systems/test-arch.nix b/lass/1systems/test-arch.nix
new file mode 100644
index 000000000..0ab9da2f3
--- /dev/null
+++ b/lass/1systems/test-arch.nix
@@ -0,0 +1,36 @@
+{ config, lib, pkgs, ... }:
+
+let
+ inherit (import ../4lib { inherit pkgs lib; }) getDefaultGateway;
+ inherit (lib) head;
+
+in {
+ imports = [
+ ../2configs/base.nix
+ {
+ boot.loader.grub = {
+ device = "/dev/sda";
+ splashImage = null;
+ };
+
+ boot.initrd.availableKernelModules = [
+ "ata_piix"
+ "vmw_pvscsi"
+ ];
+
+ fileSystems."/" = {
+ device = "/dev/sda1";
+ };
+ }
+ {
+ networking.dhcpcd.allowInterfaces = [
+ "enp*"
+ ];
+ }
+ {
+ sound.enable = false;
+ }
+ ];
+
+ krebs.build.host = config.krebs.hosts.test-arch;
+}
diff --git a/lass/1systems/test-centos6.nix b/lass/1systems/test-centos6.nix
new file mode 100644
index 000000000..7270c2262
--- /dev/null
+++ b/lass/1systems/test-centos6.nix
@@ -0,0 +1,30 @@
+{ config, lib, pkgs, ... }:
+
+let
+ inherit (import ../4lib { inherit pkgs lib; }) getDefaultGateway;
+ inherit (lib) head;
+
+ ip = "168.235.148.52";
+in {
+ imports = [
+ ../2configs/base.nix
+ ../2configs/os-templates/CAC-CentOS-6.5-64bit.nix
+ {
+ networking.interfaces.enp11s0.ip4 = [
+ {
+ address = ip;
+ prefixLength = 24;
+ }
+ ];
+ networking.defaultGateway = getDefaultGateway ip;
+ networking.nameservers = [
+ "8.8.8.8"
+ ];
+ }
+ {
+ sound.enable = false;
+ }
+ ];
+
+ krebs.build.host = config.krebs.hosts.test-centos6;
+}
diff --git a/lass/1systems/test-centos7.nix b/lass/1systems/test-centos7.nix
new file mode 100644
index 000000000..91bd3e0fe
--- /dev/null
+++ b/lass/1systems/test-centos7.nix
@@ -0,0 +1,31 @@
+{ config, lib, pkgs, ... }:
+
+let
+ inherit (import ../4lib { inherit pkgs lib; }) getDefaultGateway;
+ inherit (lib) head;
+
+ ip = "168.235.145.85";
+in {
+ imports = [
+ ../2configs/base.nix
+ ../2configs/os-templates/CAC-CentOS-7-64bit.nix
+ {
+ networking.interfaces.enp2s1.ip4 = [
+ {
+ address = ip;
+ prefixLength = 24;
+ }
+ ];
+ networking.defaultGateway = getDefaultGateway ip;
+ networking.nameservers = [
+ "8.8.8.8"
+ ];
+
+ }
+ {
+ sound.enable = false;
+ }
+ ];
+
+ krebs.build.host = config.krebs.hosts.test-centos7;
+}
diff --git a/lass/1systems/uriel.nix b/lass/1systems/uriel.nix
index 62338d054..1b008cbfd 100644
--- a/lass/1systems/uriel.nix
+++ b/lass/1systems/uriel.nix
@@ -3,11 +3,10 @@
with builtins;
{
imports = [
- ../2configs/desktop-base.nix
+ ../2configs/baseX.nix
../2configs/browsers.nix
../2configs/games.nix
../2configs/pass.nix
- ../2configs/urxvt.nix
../2configs/bird.nix
../2configs/git.nix
../2configs/chromium-patched.nix
@@ -25,26 +24,9 @@ with builtins;
}
];
- krebs.build = {
- user = config.krebs.users.lass;
- target = "root@uriel";
- host = config.krebs.hosts.uriel;
- source = {
- dir.secrets = {
- host = config.krebs.hosts.mors;
- path = "/home/lass/secrets/${config.krebs.build.host.name}";
- };
- dir.stockholm = {
- host = config.krebs.hosts.mors;
- path = "/home/lass/dev/stockholm";
- };
- };
- };
-
- networking.hostName = "uriel";
+ krebs.build.host = config.krebs.hosts.uriel;
networking.wireless.enable = true;
- nix.maxJobs = 2;
hardware.enableAllFirmware = true;
nixpkgs.config.allowUnfree = true;
@@ -65,8 +47,6 @@ with builtins;
initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
#kernelModules = [ "kvm-intel" "msr" ];
kernelModules = [ "msr" ];
- extraModprobeConfig = ''
- '';
};
fileSystems = {
"/" = {
@@ -93,11 +73,4 @@ with builtins;
Option "FingerLow" "60"
'';
};
-
- environment.systemPackages = with pkgs; [
- ];
-
- #for google hangout
-
- users.extraUsers.google.extraGroups = [ "audio" "video" ];
}
diff --git a/lass/2configs/base.nix b/lass/2configs/base.nix
index f313054d9..6fa9c5b2d 100644
--- a/lass/2configs/base.nix
+++ b/lass/2configs/base.nix
@@ -38,14 +38,28 @@ with lib;
}
];
+ networking.hostName = config.krebs.build.host.name;
+ nix.maxJobs = config.krebs.build.host.cores;
+
krebs = {
enable = true;
search-domain = "retiolum";
exim-retiolum.enable = true;
- build.source = {
- git.nixpkgs = {
- url = https://github.com/Lassulus/nixpkgs;
- rev = "b9270a2e8ac3d2cf4c95075a9529528aa1d859da";
+ build = {
+ user = config.krebs.users.lass;
+ source = {
+ git.nixpkgs = {
+ url = https://github.com/Lassulus/nixpkgs;
+ rev = "33bdc011f5360288cd10b9fda90da2950442b2ab";
+ };
+ dir.secrets = {
+ host = config.krebs.hosts.mors;
+ path = "/home/lass/secrets/${config.krebs.build.host.name}";
+ };
+ dir.stockholm = {
+ host = config.krebs.hosts.mors;
+ path = "/home/lass/stockholm";
+ };
};
};
};
@@ -82,6 +96,9 @@ with lib;
#network
iptables
+
+ #stuff for dl
+ aria2
];
programs.bash = {
@@ -123,12 +140,6 @@ with lib;
"sendmail"
];
- #services.gitolite = {
- # enable = true;
- # dataDir = "/home/gitolite";
- # adminPubkey = config.sshKeys.lass.pub;
- #};
-
services.openssh = {
enable = true;
hostKeys = [
diff --git a/lass/2configs/desktop-base.nix b/lass/2configs/baseX.nix
index 4e693997d..1f5c3de55 100644
--- a/lass/2configs/desktop-base.nix
+++ b/lass/2configs/baseX.nix
@@ -5,6 +5,7 @@ let
in {
imports = [
./base.nix
+ ./urxvt.nix
];
time.timeZone = "Europe/Berlin";
@@ -30,6 +31,7 @@ in {
powertop
sxiv
much
+ push
#window manager stuff
haskellPackages.xmobar
diff --git a/lass/2configs/newsbot-js.nix b/lass/2configs/newsbot-js.nix
new file mode 100644
index 000000000..74d09b7fa
--- /dev/null
+++ b/lass/2configs/newsbot-js.nix
@@ -0,0 +1,203 @@
+{ config, pkgs, ... }:
+
+let
+ newsfile = pkgs.writeText "feeds" ''
+ aje|http://www.aljazeera.com/Services/Rss/?PostingId=2007731105943979989|#news
+ aktuelle_themen|http://bundestag.de/service/rss/Bundestag_Aktuelle_Themen.rss|#news #bundestag
+ allafrica|http://allafrica.com/tools/headlines/rdf/latest/headlines.rdf|#news
+ anon|http://anoninsiders.net/feed/|#news
+ antirez|http://antirez.com/rss|#news
+ arbor|http://feeds2.feedburner.com/asert/|#news
+ archlinux|http://www.archlinux.org/feeds/news/|#news
+ ars|http://feeds.arstechnica.com/arstechnica/index?format=xml|#news
+ asiaone_asia|http://news.asiaone.com/rss/asia|#news
+ asiaone_business|http://business.asiaone.com/rss.xml|#news
+ asiaone_sci|http://news.asiaone.com/rss/science-and-tech|#news
+ asiaone_world|http://news.asiaone.com/rss/world|#news
+ augustl|http://augustl.com/atom.xml|#news
+ bbc|http://feeds.bbci.co.uk/news/rss.xml|#news
+ bdt_drucksachen|http://www.bundestag.de/dip21rss/bundestag_drucksachen.rss|#news #bundestag
+ bdt_plenarproto|http://www.bundestag.de/rss_feeds/plenarprotokolle.rss|#news #bundestag
+ bdt_pressemitteilungen|http://bundestag.de/service/rss/Bundestag_Presse.rss|#news #bundestag
+ bdt_wd|http://bundestag.de/service/rss/Bundestag_WD.rss|#news #bundestag
+ bitcoinpakistan|https://bitcoinspakistan.com/feed/|#news #financial
+ c|http://www.tempolimit-lichtgeschwindigkeit.de/news.xml|#news
+ cancer|http://feeds.feedburner.com/ncinewsreleases?format=xml|#news
+ carta|http://feeds2.feedburner.com/carta-standard-rss|#news
+ catholic_news|http://feeds.feedburner.com/catholicnewsagency/dailynews|#news
+ cbc_busi|http://rss.cbc.ca/lineup/business.xml|#news
+ cbc_offbeat|http://www.cbc.ca/cmlink/rss-offbeat|#news
+ cbc_pol|http://rss.cbc.ca/lineup/politics.xml|#news
+ cbc_tech|http://rss.cbc.ca/lineup/technology.xml|#news
+ cbc_top|http://rss.cbc.ca/lineup/topstories.xml|#news
+ ccc|http://www.ccc.de/rss/updates.rdf|#news
+ chan_b|https://boards.4chan.org/b/index.rss|#brainfuck
+ chan_biz|https://boards.4chan.org/biz/index.rss|#news #brainfuck
+ chan_int|https://boards.4chan.org/int/index.rss|#news #brainfuck
+ cna|http://www.channelnewsasia.com/starterkit/servlet/cna/rss/home.xml|#news
+ coinspotting|http://coinspotting.com/rss|#news #financial
+ cryptanalysis|https://cryptanalys.is/rss.php|#news
+ cryptocoinsnews|http://www.cryptocoinsnews.com/feed/|#news #financial
+ cryptogon|http://www.cryptogon.com/?feed=rss2|#news
+ csm|http://rss.csmonitor.com/feeds/csm|#news
+ csm_world|http://rss.csmonitor.com/feeds/world|#news
+ cyberguerrilla|https://www.cyberguerrilla.org/a/2012/?feed=rss2|#news
+ danisch|http://www.danisch.de/blog/feed/|#news
+ dod|http://www.defense.gov/news/afps2.xml|#news
+ dwn|http://deutsche-wirtschafts-nachrichten.de/feed/customfeed/|#news
+ ecat|http://ecat.com/feed|#news
+ eia_press|http://www.eia.gov/rss/press_rss.xml|#news
+ eia_today|http://www.eia.gov/rss/todayinenergy.xml|#news
+ embargowatch|https://embargowatch.wordpress.com/feed/|#news
+ ethereum-comments|http://blog.ethereum.org/comments/feed|#news
+ ethereum|http://blog.ethereum.org/feed|#news
+ europa_ric|http://ec.europa.eu/research/infocentre/rss/infocentre-rss.xml|#news
+ eu_survei|http://www.eurosurveillance.org/public/RSSFeed/RSS.aspx|#news
+ exploitdb|http://www.exploit-db.com/rss.xml|#news
+ fars|http://www.farsnews.com/rss.php|#news #test
+ faz_feui|http://www.faz.net/rss/aktuell/feuilleton/|#news
+ faz_politik|http://www.faz.net/rss/aktuell/politik/|#news
+ faz_wirtschaft|http://www.faz.net/rss/aktuell/wirtschaft/|#news #financial
+ fbi|http://www.fbi.gov/homepage/RSS|#news #bullerei
+ fbi_news|http://www.fbi.gov/news/news_blog/rss.xml|#news
+ fbi_press|http://www.fbi.gov/news/current/rss.xml|#news #bullerei
+ fbi_stories|http://www.fbi.gov/news/stories/all-stories/rss.xml|#news #bullerei
+ fedreserve|http://www.federalreserve.gov/feeds/press_all.xml|#news #financial
+ fefe|http://blog.fefe.de/rss.xml|#news
+ forbes|http://www.forbes.com/forbes/feed2/|#news
+ forbes_realtime|http://www.forbes.com/real-time/feed2/|#news
+ fox|http://feeds.foxnews.com/foxnews/latest|#news
+ geheimorganisation|http://geheimorganisation.org/feed/|#news
+ GerForPol|http://www.german-foreign-policy.com/de/news/rss-2.0|#news
+ gmanet|http://www.gmanetwork.com/news/rss/news|#news
+ golem|http://www.golem.de/rss.php?feed=RSS1.0|#news
+ google|http://news.google.com/?output=rss|#news
+ greenpeace|http://feeds.feedburner.com/GreenpeaceNews|#news
+ guardian_uk|http://feeds.theguardian.com/theguardian/uk-news/rss|#news
+ gulli|http://ticker.gulli.com/rss/|#news
+ handelsblatt|http://www.handelsblatt.com/contentexport/feed/schlagzeilen|#news #financial
+ heise|http://heise.de.feedsportal.com/c/35207/f/653902/index.rss|#news
+ hindu_business|http://www.thehindubusinessline.com/?service=rss|#news #financial
+ hindu|http://www.thehindu.com/?service=rss|#news
+ hintergrund|http://www.hintergrund.de/index.php?option=com_bca-rss-syndicator&feed_id=8|#news
+ ign|http://feeds.ign.com/ign/all|#news
+ independent|http://www.independent.com/rss/headlines/|#news
+ indymedia|http://de.indymedia.org/RSS/newswire.xml|#news
+ info_libera|http://www.informationliberation.com/rss.xml|#news
+ klagen-gegen-rundfuckbeitrag|http://klagen-gegen-rundfunkbeitrag.blogspot.com/feeds/posts/default|#news
+ korea_herald|http://www.koreaherald.com/rss_xml.php|#news
+ linuxinsider|http://www.linuxinsider.com/perl/syndication/rssfull.pl|#news
+ lisp|http://planet.lisp.org/rss20.xml|#news
+ liveleak|http://www.liveleak.com/rss|#news
+ lolmythesis|http://lolmythesis.com/rss|#news
+ LtU|http://lambda-the-ultimate.org/rss.xml|#news
+ lukepalmer|http://lukepalmer.wordpress.com/feed/|#news
+ mit|http://web.mit.edu/newsoffice/rss-feeds.feed?type=rss|#news
+ mongrel2_master|https://github.com/zedshaw/mongrel2/commits/master.atom|#news
+ nds|http://www.nachdenkseiten.de/?feed=atom|#news
+ netzpolitik|https://netzpolitik.org/feed/|#news
+ newsbtc|http://newsbtc.com/feed/|#news #financial
+ nnewsg|http://www.net-news-global.net/rss/rssfeed.xml|#news
+ npr_busi|http://www.npr.org/rss/rss.php?id=1006|#news
+ npr_headlines|http://www.npr.org/rss/rss.php?id=1001|#news
+ npr_pol|http://www.npr.org/rss/rss.php?id=1012|#news
+ npr_world|http://www.npr.org/rss/rss.php?id=1004|#news
+ nsa|http://www.nsa.gov/rss.shtml|#news #bullerei
+ nytimes|http://rss.nytimes.com/services/xml/rss/nyt/World.xml|#news
+ painload|https://github.com/krebscode/painload/commits/master.atom|#news
+ phys|http://phys.org/rss-feed/|#news
+ piraten|https://www.piratenpartei.de/feed/|#news
+ polizei_berlin|http://www.berlin.de/polizei/presse-fahndung/_rss_presse.xml|#news #bullerei
+ presse_polizei|http://www.presseportal.de/rss/polizei.rss2|#news #bullerei
+ presseportal|http://www.presseportal.de/rss/presseportal.rss2|#news
+ prisonplanet|http://prisonplanet.com/feed.rss|#news
+ proofmarket|https://proofmarket.org/feed_problem|#news
+ rawstory|http://www.rawstory.com/rs/feed/|#news
+ reddit_4chan|http://www.reddit.com/r/4chan/new/.rss|#news #brainfuck
+ reddit_anticonsum|http://www.reddit.com/r/Anticonsumption/new/.rss|#news
+ reddit_btc|http://www.reddit.com/r/Bitcoin/new/.rss|#news #financial
+ reddit_prog|http://www.reddit.com/r/programming/new/.rss|#news
+ reddit_tpp|http://www.reddit.com/r/twitchplayspokemon/.rss|#news #tpp
+ reddit_world|http://www.reddit.com/r/worldnews/.rss|#news
+ r-ethereum|http://www.reddit.com/r/ethereum/.rss|#news
+ reuters|http://feeds.reuters.com/Reuters/worldNews|#news
+ reuters-odd|http://feeds.reuters.com/reuters/oddlyEnoughNews?format=xml|#news
+ rt|http://rt.com/rss/news/|#news
+ schallurauch|http://feeds.feedburner.com/SchallUndRauch|#news
+ sciencemag|http://news.sciencemag.org/rss/current.xml|#news
+ scmp|http://www.scmp.com/rss/91/feed|#news
+ sec-db|http://feeds.security-database.com/SecurityDatabaseToolsWatch|#news
+ shackspace|http://shackspace.de/?feed=rss2|#news
+ shz_news|http://www.shz.de/nachrichten/newsticker/rss|#news
+ sky_busi|http://news.sky.com/feeds/rss/business.xml|#news
+ sky_pol|http://news.sky.com/feeds/rss/politics.xml|#news
+ sky_strange|http://news.sky.com/feeds/rss/strange.xml|#news
+ sky_tech|http://news.sky.com/feeds/rss/technology.xml|#news
+ sky_world|http://news.sky.com/feeds/rss/world.xml|#news
+ slashdot|http://rss.slashdot.org/Slashdot/slashdot|#news
+ slate|http://feeds.slate.com/slate|#news
+ spiegel_eil|http://www.spiegel.de/schlagzeilen/eilmeldungen/index.rss|#news
+ spiegelfechter|http://feeds.feedburner.com/DerSpiegelfechter?format=xml|#news
+ spiegel_top|http://www.spiegel.de/schlagzeilen/tops/index.rss|#news
+ standardmedia_ke|http://www.standardmedia.co.ke/rss/headlines.php|#news
+ stern|http://www.stern.de/feed/standard/all/|#news
+ stz|http://www.stuttgarter-zeitung.de/rss/topthemen.rss.feed|#news
+ sz_politik|http://rss.sueddeutsche.de/rss/Politik|#news
+ sz_wirtschaft|http://rss.sueddeutsche.de/rss/Wirtschaft|#news #financial
+ sz_wissen|http://suche.sueddeutsche.de/rss/Wissen|#news
+ tagesschau|http://www.tagesschau.de/newsticker.rdf|#news
+ taz|http://taz.de/Themen-des-Tages/!p15;rss/|#news
+ telegraph_finance|http://www.telegraph.co.uk/finance/rss|#news #financial
+ telegraph_pol|http://www.telegraph.co.uk/news/politics/rss|#news
+ telegraph_uk|http://www.telegraph.co.uk/news/uknews/rss|#news
+ telegraph_world|http://www.telegraph.co.uk/news/worldnews/rss|#news
+ telepolis|http://www.heise.de/tp/rss/news-atom.xml|#news
+ the_insider|http://www.theinsider.org/rss/news/headlines-xml.asp|#news
+ tigsource|http://www.tigsource.com/feed/|#news
+ times|http://www.thetimes.co.uk/tto/news/rss|#news
+ tinc|http://tinc-vpn.org/news/index.rss|#news
+ topix_b|http://www.topix.com/rss/wire/de/berlin|#news
+ torr_bits|http://feeds.feedburner.com/TorrentfreakBits|#news
+ torrentfreak|http://feeds.feedburner.com/Torrentfreak|#news
+ torr_news|http://feed.torrentfreak.com/Torrentfreak/|#news
+ travel_warnings|http://feeds.travel.state.gov/ca/travelwarnings-alerts|#news
+ truther|http://truthernews.wordpress.com/feed/|#news
+ un_afr|http://www.un.org/apps/news/rss/rss_africa.asp|#news
+ un_am|http://www.un.org/apps/news/rss/rss_americas.asp|#news
+ un_eu|http://www.un.org/apps/news/rss/rss_europe.asp|#news
+ un_me|http://www.un.org/apps/news/rss/rss_mideast.asp|#news
+ un_pac|http://www.un.org/apps/news/rss/rss_asiapac.asp|#news
+ un_top|http://www.un.org/apps/news/rss/rss_top.asp|#news
+ us_math_society|http://www.ams.org/cgi-bin/content/news_items.cgi?rss=1|#news
+ vimperator|https://sites.google.com/a/vimperator.org/www/blog/posts.xml|#news
+ weechat|http://dev.weechat.org/feed/atom|#news
+ wired_sci|http://www.wired.com/category/science/feed/|#news
+ wp_world|http://feeds.washingtonpost.com/rss/rss_blogpost|#news
+ xkcd|https://xkcd.com/rss.xml|#news
+ zdnet|http://www.zdnet.com/news/rss.xml|#news
+
+ chan_g|https://boards.4chan.org/g/index.rss|#news
+ chan_x|https://boards.4chan.org/x/index.rss|#news
+ chan_sci|https://boards.4chan.org/sci/index.rss|#news
+ reddit_consp|http://reddit.com/r/conspiracy/.rss|#news
+ reddit_sci|http://www.reddit.com/r/science/.rss|#news
+ reddit_tech|http://www.reddit.com/r/technology/.rss|#news
+ reddit_nix|http://www.reddit.com/r/nixos/.rss|#news
+ reddit_haskell|http://www.reddit.com/r/haskell/.rss|#news
+ hackernews|https://news.ycombinator.com/rss|#news
+ '';
+in {
+ imports = [
+ ../3modules/newsbot-js.nix
+ ];
+ environment.systemPackages = [
+ pkgs.newsbot-js
+ ];
+ lass.newsbot-js = {
+ enable = true;
+ ircServer = "localhost";
+ feeds = newsfile;
+ urlShortenerHost = "go";
+ urlShortenerPort = "80";
+ };
+}
diff --git a/lass/2configs/os-templates/CAC-CentOS-6.5-64bit.nix b/lass/2configs/os-templates/CAC-CentOS-6.5-64bit.nix
new file mode 100644
index 000000000..b5ec722a0
--- /dev/null
+++ b/lass/2configs/os-templates/CAC-CentOS-6.5-64bit.nix
@@ -0,0 +1,47 @@
+_:
+
+{
+ boot.loader.grub = {
+ device = "/dev/sda";
+ splashImage = null;
+ };
+
+ boot.initrd.availableKernelModules = [
+ "ata_piix"
+ "vmw_pvscsi"
+ ];
+
+ fileSystems."/" = {
+ device = "/dev/VolGroup/lv_root";
+ fsType = "ext4";
+ };
+
+ fileSystems."/boot" = {
+ device = "/dev/sda1";
+ fsType = "ext4";
+ };
+
+ swapDevices = [
+ { device = "/dev/VolGroup/lv_swap"; }
+ ];
+
+ users.extraGroups = {
+ # ● systemd-tmpfiles-setup.service - Create Volatile Files and Directories
+ # Loaded: loaded (/nix/store/2l33gg7nmncqkpysq9f5fxyhlw6ncm2j-systemd-217/example/systemd/system/systemd-tmpfiles-setup.service)
+ # Active: failed (Result: exit-code) since Mon 2015-03-16 10:29:18 UTC; 4s ago
+ # Docs: man:tmpfiles.d(5)
+ # man:systemd-tmpfiles(8)
+ # Process: 19272 ExecStart=/nix/store/2l33gg7nmncqkpysq9f5fxyhlw6ncm2j-systemd-217/bin/systemd-tmpfiles --create --remove --boot --exclude-prefix=/dev (code=exited, status=1/FAILURE)
+ # Main PID: 19272 (code=exited, status=1/FAILURE)
+ #
+ # Mar 16 10:29:17 cd systemd-tmpfiles[19272]: [/usr/lib/tmpfiles.d/legacy.conf:26] Unknown group 'lock'.
+ # Mar 16 10:29:18 cd systemd-tmpfiles[19272]: Two or more conflicting lines for /var/log/journal configured, ignoring.
+ # Mar 16 10:29:18 cd systemd-tmpfiles[19272]: Two or more conflicting lines for /var/log/journal/7b35116927d74ea58785e00b47ac0f0d configured, ignoring.
+ # Mar 16 10:29:18 cd systemd[1]: systemd-tmpfiles-setup.service: main process exited, code=exited, status=1/FAILURE
+ # Mar 16 10:29:18 cd systemd[1]: Failed to start Create Volatile Files and Directories.
+ # Mar 16 10:29:18 cd systemd[1]: Unit systemd-tmpfiles-setup.service entered failed state.
+ # Mar 16 10:29:18 cd systemd[1]: systemd-tmpfiles-setup.service failed.
+ # warning: error(s) occured while switching to the new configuration
+ lock.gid = 10001;
+ };
+}
diff --git a/lass/2configs/sshkeys.nix b/lass/2configs/sshkeys.nix
deleted file mode 100644
index f6081cf37..000000000
--- a/lass/2configs/sshkeys.nix
+++ /dev/null
@@ -1,11 +0,0 @@
-{ config, ... }:
-
-{
- imports = [
- ../3modules/sshkeys.nix
- ];
-
- config.sshKeys.lass.pub = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAp83zynhIueJJsWlSEykVSBrrgBFKq38+vT8bRfa+csqyjZBl2SQFuCPo+Qbh49mwchpZRshBa9jQEIGqmXxv/PYdfBFQuOFgyUq9ZcTZUXqeynicg/SyOYFW86iiqYralIAkuGPfQ4howLPVyjTZtWeEeeEttom6p6LMY5Aumjz2em0FG0n9rRFY2fBzrdYAgk9C0N6ojCs/Gzknk9SGntA96MDqHJ1HXWFMfmwOLCnxtE5TY30MqSmkrJb7Fsejwjoqoe9Y/mCaR0LpG2cStC1+37GbHJNH0caCMaQCX8qdfgMVbWTVeFWtV6aWOaRgwLrPDYn4cHWQJqTfhtPrNQ== lass@mors";
-
- config.sshKeys.uriel.pub = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDExWuRcltGM2FqXO695nm6/QY3wU3r1bDTyCpMrLfUSym7TxcXDSmZSWcueexPXV6GENuUfjJPZswOdWqIo5u2AXw9t0aGvwEDmI6uJ7K5nzQOsXIneGMdYuoOaAzWI8pxZ4N+lIP1HsOYttIPDp8RwU6kyG+Ud8mnVHWSTO13C7xC9vePnDP6b+44nHS691Zj3X/Cq35Ls0ISC3EM17jreucdP62L3TKk2R4NCm3Sjqj+OYEv0LAqIpgqSw5FypTYQgNByxRcIcNDlri63Q1yVftUP1338UiUfxtraUu6cqa2CdsHQmtX5mTNWEluVWO3uUKTz9zla3rShC+d3qvr lass@uriel";
-}
diff --git a/lass/3modules/default.nix b/lass/3modules/default.nix
index 9de987bf3..b081dc3cc 100644
--- a/lass/3modules/default.nix
+++ b/lass/3modules/default.nix
@@ -1,7 +1,13 @@
_:
-
{
imports = [
./xresources.nix
+ ./bitlbee.nix
+ ./folderPerms.nix
+ ./go.nix
+ ./newsbot-js.nix
+ ./per-user.nix
+ ./urxvtd.nix
+ ./xresources.nix
];
}
diff --git a/lass/3modules/dnsmasq.nix b/lass/3modules/dnsmasq.nix
new file mode 100644
index 000000000..99c165479
--- /dev/null
+++ b/lass/3modules/dnsmasq.nix
@@ -0,0 +1,55 @@
+{ config, lib, pkgs, ... }:
+
+with builtins;
+with lib;
+
+let
+ cfg = config.lass.dnsmasq;
+
+ out = {
+ options.lass.dnsmasq = api;
+ config = mkIf cfg.enable imp;
+ };
+
+ api = {
+ enable = mkEnableOption "dnsmasq";
+ config = mkOption {
+ type = types.str;
+ #TODO: find a good default
+ default = ''
+ '';
+ description = "configuration dnsmasq is started with";
+ };
+ };
+
+ configFile = pkgs.writeText "dnsmasq.conf" cfg.config;
+
+ imp = {
+ #users.extraUsers.go = {
+ # name = "go";
+ # uid = 42774411; #genid go
+ # description = "go url shortener user";
+ # home = "/var/lib/go";
+ # createHome = true;
+ #};
+
+ systemd.services.dnsmasq = {
+ description = "dnsmasq";
+ after = [ "network.target" ];
+ wantedBy = [ "multi-user.target" ];
+
+ path = with pkgs; [
+ dnsmasq
+ ];
+
+
+ restartIfChanged = true;
+
+ serviceConfig = {
+ Restart = "always";
+ ExecStart = "${pkgs.dnsmasq}/bin/dnsmasq -k -C ${configFile}";
+ };
+ };
+ };
+
+in out
diff --git a/lass/3modules/newsbot-js.nix b/lass/3modules/newsbot-js.nix
new file mode 100644
index 000000000..6d87d256d
--- /dev/null
+++ b/lass/3modules/newsbot-js.nix
@@ -0,0 +1,87 @@
+{ config, lib, pkgs, ... }:
+
+with builtins;
+with lib;
+
+let
+ cfg = config.lass.newsbot-js;
+
+ out = {
+ options.lass.newsbot-js = api;
+ config = mkIf cfg.enable imp;
+ };
+
+ api = {
+ enable = mkEnableOption "Enable krebs newsbot";
+ ircServer = mkOption {
+ type = types.str;
+ default = "echelon.retiolum";
+ description = "to which server the bot should connect";
+ };
+ channel = mkOption {
+ type = types.str;
+ default = "#news";
+ description = "post the news in this channel";
+ };
+ masterNick = mkOption {
+ type = types.str;
+ default = "knews";
+ description = "nickname of the master bot";
+ };
+ feeds = mkOption {
+ type = types.path;
+ description = ''
+ file with feeds to post
+ format:
+ $nick|$feedURI
+ '';
+ };
+ urlShortenerHost = mkOption {
+ type = types.str;
+ default = "echelon";
+ description = "what server to use for url shortening, host";
+ };
+ urlShortenerPort = mkOption {
+ type = types.str;
+ default = "80";
+ description = "what server to use for url shortening, port";
+ };
+ };
+
+ imp = {
+ users.extraUsers.newsbot-js = {
+ name = "newsbot-js";
+ uid = 1616759810; #genid newsbot-js
+ description = "newsbot-js user";
+ home = "/var/empty";
+ };
+
+ systemd.services.newsbot-js = {
+ description = "krebs newsbot";
+ after = [ "network.target" ];
+ wantedBy = [ "multi-user.target" ];
+
+ path = with pkgs; [
+ newsbot-js
+ ];
+
+ environment = {
+ irc_server = cfg.ircServer;
+ master_nick = cfg.masterNick;
+ news_channel = cfg.channel;
+ feeds_file = cfg.feeds;
+ url_shortener_host = cfg.urlShortenerHost;
+ url_shortener_port = cfg.urlShortenerPort;
+ };
+
+ restartIfChanged = true;
+
+ serviceConfig = {
+ User = "newsbot-js";
+ Restart = "always";
+ ExecStart = "${pkgs.newsbot-js}/bin/newsbot";
+ };
+ };
+ };
+
+in out
diff --git a/lass/3modules/sshkeys.nix b/lass/3modules/sshkeys.nix
deleted file mode 100644
index 5f1c60668..000000000
--- a/lass/3modules/sshkeys.nix
+++ /dev/null
@@ -1,26 +0,0 @@
-{ lib, ... }:
-
-with lib;
-
-{
- options = {
- sshKeys = mkOption {
- type = types.attrsOf (types.submodule (
- { config, ... }:
- {
- options = {
- pub = mkOption {
- type = types.str;
- description = "Public part of the ssh key.";
- };
-
- priv = mkOption