From 3fa63a4f312a885d353177db911f8a52ce7a1e1c Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 22 Oct 2016 15:26:16 +0200 Subject: m 2 mycube: fix redis mimimi --- makefu/2configs/deployment/mycube.connector.one.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/makefu/2configs/deployment/mycube.connector.one.nix b/makefu/2configs/deployment/mycube.connector.one.nix index 8f51c91dd..daadad05d 100644 --- a/makefu/2configs/deployment/mycube.connector.one.nix +++ b/makefu/2configs/deployment/mycube.connector.one.nix @@ -6,7 +6,11 @@ let external-ip = config.krebs.build.host.nets.internet.ip4.addr; wsgi-sock = "${config.services.uwsgi.runDir}/uwsgi.sock"; in { - services.redis.enable = true; + services.redis = { + enable = true; + }; + systemd.services.redis.serviceConfig.LimitNOFILE=10032; + services.uwsgi = { enable = true; user = "nginx"; -- cgit v1.2.3 From e15b9e5a44b69c7b2c81ab6d3d6c91edc6d69712 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 26 Oct 2016 15:12:52 +0200 Subject: Revert "l 2 websites domsen: remove obsolete code" This reverts commit 0398342657a9548b9ada4524335b3ca864fd9c2e. --- lass/2configs/websites/domsen.nix | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 18c771fad..0a53bc93b 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -22,6 +22,25 @@ let exec ${pkgs.msmtp}/bin/msmtp --read-envelope-from -C ${msmtprc} "$@" ''; + check-password = pkgs.writeDash "check-password" '' + read pw + + file="/home/$PAM_USER/.shadow" + + #check if shadow file exists + test -e "$file" || exit 123 + + hash="$(${pkgs.coreutils}/bin/head -1 $file)" + salt="$(echo $hash | ${pkgs.gnused}/bin/sed 's/.*\$\(.*\)\$.*/\1/')" + + calc_hash="$(echo "$pw" | ${pkgs.mkpasswd}/bin/mkpasswd -m sha-512 -S $salt)" + if [ "$calc_hash" == $hash ]; then + exit 0 + else + exit 1 + fi + ''; + in { imports = [ ./sqlBackup.nix @@ -145,6 +164,19 @@ in { { predicate = "-p tcp --dport 465"; target = "ACCEPT"; } ]; + security.pam.services.exim.text = '' + auth required pam_env.so + auth sufficient pam_exec.so debug expose_authtok ${check-password} + auth sufficient pam_unix.so likeauth nullok + auth required pam_deny.so + account required pam_unix.so + password required pam_cracklib.so retry=3 type= + password sufficient pam_unix.so nullok use_authtok md5shadow + password required pam_deny.so + session required pam_limits.so + session required pam_unix.so + ''; + krebs.exim-smarthost = { authenticators.PLAIN = '' driver = plaintext -- cgit v1.2.3 From d1de9cb59f18144e34dd9744ba9535aa787dfecd Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 27 Oct 2016 12:49:48 +0200 Subject: l 1 prism: enable usershadow --- lass/1systems/prism.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index 76710ac9d..5da66d265 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -224,6 +224,11 @@ in { OnCalendar = "*:0/5"; }; } + { + lass.usershadow = { + enable = true; + }; + } ]; krebs.build.host = config.krebs.hosts.prism; -- cgit v1.2.3 From 7e809cfc8b6112068b872b85c400794b5b102cc5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 27 Oct 2016 12:50:03 +0200 Subject: l 2: globally set CA/SSL stuff --- lass/2configs/default.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index 43c4d5b0d..a7d2a6cef 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -46,6 +46,13 @@ with import ; NIX_PATH = mkForce "secrets=/var/src/stockholm/null:/var/src"; }; } + (let ca-bundle = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; in { + environment.variables = { + CURL_CA_BUNDLE = ca-bundle; + GIT_SSL_CAINFO = ca-bundle; + SSL_CERT_FILE = ca-bundle; + }; + }) ]; networking.hostName = config.krebs.build.host.name; -- cgit v1.2.3 From d06da3496447d369bef0c9f52d3eb0ebdef8a801 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 27 Oct 2016 12:50:28 +0200 Subject: l 2 nixpkgs: 686bc9c -> 0195ab8 --- lass/2configs/nixpkgs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix index 4ef4c6ce7..e665b6c6f 100644 --- a/lass/2configs/nixpkgs.nix +++ b/lass/2configs/nixpkgs.nix @@ -3,6 +3,6 @@ { krebs.build.source.nixpkgs.git = { url = https://github.com/nixos/nixpkgs; - ref = "686bc9c5ccafbec2b6d2db61bd0803c2b7bc2b7d"; + ref = "0195ab84607ac3a3aa07a79d2d6c2781b1bb6731"; }; } -- cgit v1.2.3 From 809a42339d2fa3e52d69a5d6966e60ae45968be5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 27 Oct 2016 13:16:51 +0200 Subject: l 2 repo-sync: sync painload --- lass/2configs/repo-sync.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/2configs/repo-sync.nix b/lass/2configs/repo-sync.nix index f88149730..f2e4de6a7 100644 --- a/lass/2configs/repo-sync.nix +++ b/lass/2configs/repo-sync.nix @@ -93,6 +93,7 @@ in { (sync-remote "xintmap" "https://github.com/4z3/xintmap") (sync-remote "realwallpaper" "https://github.com/lassulus/realwallpaper") (sync-remote "lassulus-blog" "https://github.com/lassulus/lassulus-blog") + (sync-remote "painload" "https://github.com/krebscode/painload") (sync-remote-silent "nixpkgs" "https://github.com/nixos/nixpkgs") (sync-retiolum "go") (sync-retiolum "much") -- cgit v1.2.3 From d0198ecd07ac825ebb6841619c4d3039aa476c54 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 27 Oct 2016 13:29:03 +0200 Subject: l 3 usershadow: more validators, expose path --- lass/3modules/usershadow.nix | 41 +++++++++++++++++++++++++++++++++++------ 1 file changed, 35 insertions(+), 6 deletions(-) diff --git a/lass/3modules/usershadow.nix b/lass/3modules/usershadow.nix index 1ee01e8d9..a8ab1c52a 100644 --- a/lass/3modules/usershadow.nix +++ b/lass/3modules/usershadow.nix @@ -13,22 +13,27 @@ type = types.str; default = "/home/%/.shadow"; }; + path = mkOption { + type = types.str; + }; }; imp = { environment.systemPackages = [ usershadow ]; + lass.usershadow.path = "${usershadow}"; security.pam.services.sshd.text = '' - auth required pam_exec.so expose_authtok ${usershadow}/bin/verify ${cfg.pattern} + auth required pam_exec.so expose_authtok ${usershadow}/bin/verify_pam ${cfg.pattern} auth required pam_permit.so account required pam_permit.so session required pam_permit.so ''; - security.pam.services.exim.text = '' - auth required pam_exec.so expose_authtok ${usershadow}/bin/verify ${cfg.pattern} + security.pam.services.dovecot2.text = '' + auth required pam_exec.so expose_authtok ${usershadow}/bin/verify_pam ${cfg.pattern} auth required pam_permit.so account required pam_permit.so session required pam_permit.so + session required pam_env.so envfile=${config.system.build.pamEnvironment} ''; }; @@ -38,7 +43,7 @@ "bytestring" ]; body = pkgs.writeHaskell "passwords" { - executables.verify = { + executables.verify_pam = { extra-depends = deps; text = '' import Data.Monoid @@ -61,18 +66,42 @@ if res then exitSuccess else exitFailure ''; }; + executables.verify_arg = { + extra-depends = deps; + text = '' + import Data.Monoid + import System.IO + import Data.Char (chr) + import System.Environment (getEnv, getArgs) + import Crypto.PasswordStore (verifyPasswordWith, pbkdf2) + import qualified Data.ByteString.Char8 as BS8 + import System.Exit (exitFailure, exitSuccess) + + main :: IO () + main = do + argsList <- getArgs + let shadowFilePattern = argsList !! 0 + let user = argsList !! 1 + let password = argsList !! 2 + let shadowFile = lhs <> user <> tail rhs + (lhs, rhs) = span (/= '%') shadowFilePattern + hash <- readFile shadowFile + let res = verifyPasswordWith pbkdf2 (2^) (BS8.pack password) (BS8.pack hash) + if res then do (putStr "yes") else exitFailure + ''; + }; executables.passwd = { extra-depends = deps; text = '' import System.Environment (getEnv) import Crypto.PasswordStore (makePasswordWith, pbkdf2) import qualified Data.ByteString.Char8 as BS8 - import System.IO (stdin, hSetEcho, putStr) + import System.IO (stdin, hSetEcho, putStrLn) main :: IO () main = do home <- getEnv "HOME" - putStr "password:" + putStrLn "password:" hSetEcho stdin False password <- BS8.hGetLine stdin hash <- makePasswordWith pbkdf2 password 10 -- cgit v1.2.3 From b97145eedd566925d6c94fb2039f6de86cfec9c8 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 27 Oct 2016 13:30:16 +0200 Subject: l 2 websites fritz: update phpConfig --- lass/2configs/websites/fritz.nix | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/lass/2configs/websites/fritz.nix b/lass/2configs/websites/fritz.nix index d93d310da..52914f444 100644 --- a/lass/2configs/websites/fritz.nix +++ b/lass/2configs/websites/fritz.nix @@ -88,13 +88,7 @@ in { ]; }; - services.phpfpm.phpIni = pkgs.runCommand "php.ini" { - options = '' - extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so - sendmail_path = "${sendmail} -t -i" - ''; - } '' - cat ${pkgs.php}/etc/php-recommended.ini > $out - echo "$options" >> $out + services.phpfpm.phpOptions = '' + sendmail_path = ${sendmail} -t ''; } -- cgit v1.2.3 From 01f313bf9e17fc3e1cbe108aeea4acc1cdcdcea9 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 27 Oct 2016 13:31:12 +0200 Subject: k 3 exim-smarthost: indent dkim config --- krebs/3modules/exim-smarthost.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/krebs/3modules/exim-smarthost.nix b/krebs/3modules/exim-smarthost.nix index 2ed5607f1..c96b14723 100644 --- a/krebs/3modules/exim-smarthost.nix +++ b/krebs/3modules/exim-smarthost.nix @@ -246,12 +246,12 @@ let remote_smtp: driver = smtp - ${optionalString (cfg.dkim != []) '' + ${optionalString (cfg.dkim != []) (indent '' dkim_canon = relaxed dkim_domain = $sender_address_domain dkim_private_key = ''${lookup{$sender_address_domain}lsearch{${lsearch.dkim_private_key}}} dkim_selector = ''${lookup{$sender_address_domain}lsearch{${lsearch.dkim_selector}}} - ''} + '')} helo_data = ''${if eq{$acl_m_special_dom}{} \ {$primary_hostname} \ {$acl_m_special_dom} } -- cgit v1.2.3 From c4bd497f1e680a751fe54c83734e790e3ea33cfa Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 27 Oct 2016 14:19:04 +0200 Subject: l 5 xmonad-lass: add binding for termite --- lass/5pkgs/xmonad-lass.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/5pkgs/xmonad-lass.nix b/lass/5pkgs/xmonad-lass.nix index 96b12b9d4..70be61022 100644 --- a/lass/5pkgs/xmonad-lass.nix +++ b/lass/5pkgs/xmonad-lass.nix @@ -129,6 +129,7 @@ myKeyMap = , ("M4-", toggleWS) , ("M4-S-", spawn urxvtcPath) , ("M4-x", floatNext True >> spawn urxvtcPath) + , ("M4-z", floatNext True >> spawn "${pkgs.termite}/bin/termite") , ("M4-f", floatNext True) , ("M4-b", sendMessage ToggleStruts) -- cgit v1.2.3 From c091949a151e0a613ad31fd390b1c19bfddfde3a Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 27 Oct 2016 14:19:26 +0200 Subject: l 2 websites domsen: make smtp/imap finally work --- lass/2configs/websites/domsen.nix | 46 +++++---------------------------------- 1 file changed, 6 insertions(+), 40 deletions(-) diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 0a53bc93b..fa56d0e12 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -22,25 +22,6 @@ let exec ${pkgs.msmtp}/bin/msmtp --read-envelope-from -C ${msmtprc} "$@" ''; - check-password = pkgs.writeDash "check-password" '' - read pw - - file="/home/$PAM_USER/.shadow" - - #check if shadow file exists - test -e "$file" || exit 123 - - hash="$(${pkgs.coreutils}/bin/head -1 $file)" - salt="$(echo $hash | ${pkgs.gnused}/bin/sed 's/.*\$\(.*\)\$.*/\1/')" - - calc_hash="$(echo "$pw" | ${pkgs.mkpasswd}/bin/mkpasswd -m sha-512 -S $salt)" - if [ "$calc_hash" == $hash ]; then - exit 0 - else - exit 1 - fi - ''; - in { imports = [ ./sqlBackup.nix @@ -161,41 +142,26 @@ in { krebs.iptables.tables.filter.INPUT.rules = [ { predicate = "-p tcp --dport pop3s"; target = "ACCEPT"; } { predicate = "-p tcp --dport imaps"; target = "ACCEPT"; } - { predicate = "-p tcp --dport 465"; target = "ACCEPT"; } ]; - security.pam.services.exim.text = '' - auth required pam_env.so - auth sufficient pam_exec.so debug expose_authtok ${check-password} - auth sufficient pam_unix.so likeauth nullok - auth required pam_deny.so - account required pam_unix.so - password required pam_cracklib.so retry=3 type= - password sufficient pam_unix.so nullok use_authtok md5shadow - password required pam_deny.so - session required pam_limits.so - session required pam_unix.so - ''; - krebs.exim-smarthost = { authenticators.PLAIN = '' driver = plaintext - server_prompts = : - server_condition = "''${if pam{$auth2:$auth3}{yes}{no}}" - server_set_id = $auth2 + public_name = PLAIN + server_condition = ''${run{${config.lass.usershadow.path}/bin/verify_arg ${config.lass.usershadow.pattern} $auth2 $auth3}{yes}{no}} ''; authenticators.LOGIN = '' driver = plaintext + public_name = LOGIN server_prompts = "Username:: : Password::" - server_condition = "''${if pam{$auth1:$auth2}{yes}{no}}" - server_set_id = $auth1 + server_condition = ''${run{${config.lass.usershadow.path}/bin/verify_arg ${config.lass.usershadow.pattern} $auth1 $auth2}{yes}{no}} ''; internet-aliases = [ { from = "dominik@apanowicz.de"; to = "dominik_a@gmx.de"; } { from = "mail@jla-trading.com"; to = "jla-trading"; } - { from = "testuser@lassul.us"; to = "testuser"; } ]; - system-aliases = [ + sender_domains = [ + "jla-trading.com" ]; ssl_cert = "/var/lib/acme/lassul.us/fullchain.pem"; ssl_key = "/var/lib/acme/lassul.us/key.pem"; -- cgit v1.2.3 From 38a6281fbd8d34c0404c8f2bfffe55be431ba73d Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 27 Oct 2016 14:47:21 +0200 Subject: pkgs.go -> pkgs.go-shortener --- krebs/3modules/go.nix | 4 +-- krebs/5pkgs/go-shortener/default.nix | 57 +++++++++++++++++++++++++++++++++++ krebs/5pkgs/go-shortener/packages.nix | 44 +++++++++++++++++++++++++++ krebs/5pkgs/go/default.nix | 57 ----------------------------------- krebs/5pkgs/go/packages.nix | 44 --------------------------- lass/2configs/go.nix | 2 +- 6 files changed, 104 insertions(+), 104 deletions(-) create mode 100644 krebs/5pkgs/go-shortener/default.nix create mode 100644 krebs/5pkgs/go-shortener/packages.nix delete mode 100644 krebs/5pkgs/go/default.nix delete mode 100644 krebs/5pkgs/go/packages.nix diff --git a/krebs/3modules/go.nix b/krebs/3modules/go.nix index a86f444dc..218ac9221 100644 --- a/krebs/3modules/go.nix +++ b/krebs/3modules/go.nix @@ -44,7 +44,7 @@ let wantedBy = [ "multi-user.target" ]; path = with pkgs; [ - go + go-shortener ]; environment = { @@ -57,7 +57,7 @@ let serviceConfig = { User = "go"; Restart = "always"; - ExecStart = "${pkgs.go}/bin/go"; + ExecStart = "${pkgs.go-shortener}/bin/go"; }; }; }; diff --git a/krebs/5pkgs/go-shortener/default.nix b/krebs/5pkgs/go-shortener/default.nix new file mode 100644 index 000000000..996f7072a --- /dev/null +++ b/krebs/5pkgs/go-shortener/default.nix @@ -0,0 +1,57 @@ +{ stdenv, makeWrapper, callPackage, lib, buildEnv, fetchgit, nodePackages, nodejs }: + +with lib; + +let + np = (callPackage ) { + generated = ./packages.nix; + self = np; + }; + + node_env = buildEnv { + name = "node_env"; + paths = [ + np.redis + np."formidable" + ]; + pathsToLink = [ "/lib" ]; + ignoreCollisions = true; + }; + +in np.buildNodePackage { + name = "go-shortener"; + + src = fetchgit { + url = "http://cgit.lassul.us/go/"; + rev = "05d02740e0adbb36cc461323647f0c1e7f493156"; + sha256 = "6015c9a93317375ae8099c7ab982df0aa93a59ec2b48972e253887bb6ca0004f"; + }; + + phases = [ + "unpackPhase" + "installPhase" + ]; + + deps = (filter (v: nixType v == "derivation") (attrValues np)); + + buildInputs = [ + nodejs + makeWrapper + ]; + + installPhase = '' + mkdir -p $out/bin + + cp index.js $out/ + cat > $out/go << EOF + ${nodejs}/bin/node $out/index.js + EOF + chmod +x $out/go + + wrapProgram $out/go \ + --prefix NODE_PATH : ${node_env}/lib/node_modules + + ln -s $out/go /$out/bin/go + ''; + +} diff --git a/krebs/5pkgs/go-shortener/packages.nix b/krebs/5pkgs/go-shortener/packages.nix new file mode 100644 index 000000000..9acfd7658 --- /dev/null +++ b/krebs/5pkgs/go-shortener/packages.nix @@ -0,0 +1,44 @@ +{ self, fetchurl, fetchgit ? null, lib }: + +{ + by-spec."formidable"."*" = + self.by-version."formidable"."1.0.17"; + by-version."formidable"."1.0.17" = self.buildNodePackage { + name = "formidable-1.0.17"; + version = "1.0.17"; + bin = false; + src = fetchurl { + url = "http://registry.npmjs.org/formidable/-/formidable-1.0.17.tgz"; + name = "formidable-1.0.17.tgz"; + sha1 = "ef5491490f9433b705faa77249c99029ae348559"; + }; + deps = { + }; + optionalDependencies = { + }; + peerDependencies = []; + os = [ ]; + cpu = [ ]; + }; + "formidable" = self.by-version."formidable"."1.0.17"; + by-spec."redis"."*" = + self.by-version."redis"."2.1.0"; + by-version."redis"."2.1.0" = self.buildNodePackage { + name = "redis-2.1.0"; + version = "2.1.0"; + bin = false; + src = fetchurl { + url = "http://registry.npmjs.org/redis/-/redis-2.1.0.tgz"; + name = "redis-2.1.0.tgz"; + sha1 = "38acb208f90750250f9451219b73ff08ae907f94"; + }; + deps = { + }; + optionalDependencies = { + }; + peerDependencies = []; + os = [ ]; + cpu = [ ]; + }; + "redis" = self.by-version."redis"."2.1.0"; +} diff --git a/krebs/5pkgs/go/default.nix b/krebs/5pkgs/go/default.nix deleted file mode 100644 index 2871e5a99..000000000 --- a/krebs/5pkgs/go/default.nix +++ /dev/null @@ -1,57 +0,0 @@ -{ stdenv, makeWrapper, callPackage, lib, buildEnv, fetchgit, nodePackages, nodejs }: - -with lib; - -let - np = (callPackage ) { - generated = ./packages.nix; - self = np; - }; - - node_env = buildEnv { - name = "node_env"; - paths = [ - np.redis - np."formidable" - ]; - pathsToLink = [ "/lib" ]; - ignoreCollisions = true; - }; - -in np.buildNodePackage { - name = "go"; - - src = fetchgit { - url = "http://cgit.lassul.us/go/"; - rev = "05d02740e0adbb36cc461323647f0c1e7f493156"; - sha256 = "6015c9a93317375ae8099c7ab982df0aa93a59ec2b48972e253887bb6ca0004f"; - }; - - phases = [ - "unpackPhase" - "installPhase" - ]; - - deps = (filter (v: nixType v == "derivation") (attrValues np)); - - buildInputs = [ - nodejs - makeWrapper - ]; - - installPhase = '' - mkdir -p $out/bin - - cp index.js $out/ - cat > $out/go << EOF - ${nodejs}/bin/node $out/index.js - EOF - chmod +x $out/go - - wrapProgram $out/go \ - --prefix NODE_PATH : ${node_env}/lib/node_modules - - ln -s $out/go /$out/bin/go - ''; - -} diff --git a/krebs/5pkgs/go/packages.nix b/krebs/5pkgs/go/packages.nix deleted file mode 100644 index 9acfd7658..000000000 --- a/krebs/5pkgs/go/packages.nix +++ /dev/null @@ -1,44 +0,0 @@ -{ self, fetchurl, fetchgit ? null, lib }: - -{ - by-spec."formidable"."*" = - self.by-version."formidable"."1.0.17"; - by-version."formidable"."1.0.17" = self.buildNodePackage { - name = "formidable-1.0.17"; - version = "1.0.17"; - bin = false; - src = fetchurl { - url = "http://registry.npmjs.org/formidable/-/formidable-1.0.17.tgz"; - name = "formidable-1.0.17.tgz"; - sha1 = "ef5491490f9433b705faa77249c99029ae348559"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - "formidable" = self.by-version."formidable"."1.0.17"; - by-spec."redis"."*" = - self.by-version."redis"."2.1.0"; - by-version."redis"."2.1.0" = self.buildNodePackage { - name = "redis-2.1.0"; - version = "2.1.0"; - bin = false; - src = fetchurl { - url = "http://registry.npmjs.org/redis/-/redis-2.1.0.tgz"; - name = "redis-2.1.0.tgz"; - sha1 = "38acb208f90750250f9451219b73ff08ae907f94"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - "redis" = self.by-version."redis"."2.1.0"; -} diff --git a/lass/2configs/go.nix b/lass/2configs/go.nix index 7d694c173..f6ddbe96d 100644 --- a/lass/2configs/go.nix +++ b/lass/2configs/go.nix @@ -3,7 +3,7 @@ with import ; { environment.systemPackages = [ - pkgs.go + pkgs.go-shortener ]; krebs.go = { enable = true; -- cgit v1.2.3 From 3306e32498fc0c784ec6975a7911bf84d5ff1091 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 27 Oct 2016 14:50:12 +0200 Subject: l 1 mors: activate docker --- lass/1systems/mors.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index c3d027edc..742d42bf8 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -54,7 +54,7 @@ with import ; enable = true; package = pkgs.postgresql; }; - #virtualisation.docker.enable = true; + virtualisation.docker.enable = true; #users.users.mainUser.extraGroups = [ "docker" ]; } { -- cgit v1.2.3 From 2e22fa7234c95cccb1680fb47954f339e6e0b326 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 27 Oct 2016 14:55:50 +0200 Subject: m 2 hw: Plot twist - x220 was an x230 ALL ALONG! --- makefu/1systems/x.nix | 6 +++--- makefu/2configs/hw/tp-x220.nix | 34 -------------------------------- makefu/2configs/hw/tp-x230.nix | 44 ++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 47 insertions(+), 37 deletions(-) delete mode 100644 makefu/2configs/hw/tp-x220.nix create mode 100644 makefu/2configs/hw/tp-x230.nix diff --git a/makefu/1systems/x.nix b/makefu/1systems/x.nix index e7f5d0dae..e1aec360d 100644 --- a/makefu/1systems/x.nix +++ b/makefu/1systems/x.nix @@ -32,7 +32,7 @@ # ../2configs/buildbot-standalone.nix # hardware specifics are in here - ../2configs/hw/tp-x220.nix + ../2configs/hw/tp-x230.nix ../2configs/hw/rtl8812au.nix ../2configs/hw/bcm4352.nix # mount points @@ -46,7 +46,7 @@ # temporary modules ../2configs/temp/share-samba.nix ../2configs/laptop-backup.nix - ../2configs/temp/elkstack.nix + #../2configs/temp/elkstack.nix # ../2configs/temp/sabnzbd.nix ../2configs/tinc/siem.nix #../2configs/torrent.nix @@ -62,7 +62,7 @@ environment.systemPackages = [ pkgs.passwdqc-utils pkgs.bintray-upload ]; - # virtualisation.docker.enable = true; + virtualisation.docker.enable = true; # configure pulseAudio to provide a HDMI sink as well networking.firewall.enable = true; diff --git a/makefu/2configs/hw/tp-x220.nix b/makefu/2configs/hw/tp-x220.nix deleted file mode 100644 index ce3e34ad3..000000000 --- a/makefu/2configs/hw/tp-x220.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -{ - - imports = [ ./tp-x2x0.nix ]; - boot = { - kernelModules = [ "kvm-intel" "acpi_call" "tpm-rng" "tp_smapi" ]; - extraModulePackages = [ config.boot.kernelPackages.tp_smapi ]; - }; - hardware.opengl.extraPackages = [ pkgs.vaapiIntel pkgs.vaapiVdpau ]; - services.xserver = { - videoDriver = "intel"; - deviceSection = '' - Option "AccelMethod" "sna" - ''; - }; - - security.rngd.enable = true; - - services.xserver.displayManager.sessionCommands ='' - xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation" 8 1 - xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Button" 8 2 - xinput set-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Axes" 6 7 4 5 - # xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Timeout" 8 200 - ''; - - # enable HDMI output switching with pulseaudio - hardware.pulseaudio.configFile = pkgs.writeText "pulse-default-pa" '' - ${builtins.readFile "${config.hardware.pulseaudio.package.out}/etc/pulse/default.pa"} - load-module module-alsa-sink device=hw:0,3 sink_properties=device.description="HDMIOutput" sink_name="HDMI" - ''; - -} diff --git a/makefu/2configs/hw/tp-x230.nix b/makefu/2configs/hw/tp-x230.nix new file mode 100644 index 000000000..99563a771 --- /dev/null +++ b/makefu/2configs/hw/tp-x230.nix @@ -0,0 +1,44 @@ +{ config, lib, pkgs, ... }: + +with import ; +{ + + imports = [ ./tp-x2x0.nix ]; + boot = { + # tp-smapi is not supported bt x230 anymore + kernelModules = [ + "kvm-intel" + "thinkpad_ec" + # "acpi_call" + # "thinkpad_acpi" + # "tpm-rng" + ]; + extraModulePackages = [ + # config.boot.kernelPackages.acpi_call + ]; + }; + services.acpid.enable = true; + hardware.opengl.extraPackages = [ pkgs.vaapiIntel pkgs.vaapiVdpau ]; + services.xserver = { + videoDriver = "intel"; + deviceSection = '' + Option "AccelMethod" "sna" + ''; + }; + # no entropy source working + # security.rngd.enable = true; + + services.xserver.displayManager.sessionCommands ='' + xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation" 8 1 + xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Button" 8 2 + xinput set-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Axes" 6 7 4 5 + # xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Timeout" 8 200 + ''; + + # enable HDMI output switching with pulseaudio + hardware.pulseaudio.configFile = pkgs.writeText "pulse-default-pa" '' + ${builtins.readFile "${config.hardware.pulseaudio.package.out}/etc/pulse/default.pa"} + load-module module-alsa-sink device=hw:0,3 sink_properties=device.description="HDMIOutput" sink_name="HDMI" + ''; + +} -- cgit v1.2.3 From ebd5e96517a001376d927ac147e0cadb0bde1c14 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 28 Oct 2016 14:06:09 +0200 Subject: m 2 euer.wiki: remove comment as it supposently breaks phpfpm config --- makefu/2configs/nginx/euer.wiki.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/makefu/2configs/nginx/euer.wiki.nix b/makefu/2configs/nginx/euer.wiki.nix index 22cf9c9b7..9d0b74871 100644 --- a/makefu/2configs/nginx/euer.wiki.nix +++ b/makefu/2configs/nginx/euer.wiki.nix @@ -44,7 +44,6 @@ in { pm.min_spare_servers = 1 pm.max_spare_servers = 3 chdir = / - # errors to journal php_admin_value[error_log] = 'stderr' php_admin_flag[log_errors] = on catch_workers_output = yes -- cgit v1.2.3 From 121c5cb92cba3594cbe4743ff80e46b6e85aeb4d Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 28 Oct 2016 14:07:29 +0200 Subject: m 2 default: use ca-bundle for CURL GIT, PIP --- makefu/2configs/default.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix index cb6fe55b8..bbe108074 100644 --- a/makefu/2configs/default.nix +++ b/makefu/2configs/default.nix @@ -90,9 +90,14 @@ with import ; "d /tmp 1777 root root - -" ]; nix.nixPath = [ "/var/src" ]; - environment.variables = { + environment.variables = let + ca-bundle = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; + in { NIX_PATH = mkForce "/var/src"; EDITOR = mkForce "vim"; + CURL_CA_BUNDLE = ca-bundle; + GIT_SSL_CAINFO = ca-bundle; + SSL_CERT_FILE = ca-bundle; }; environment.systemPackages = with pkgs; [ -- cgit v1.2.3 From 255af71a2511d7e819d5724fb792ee75a7999783 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 28 Oct 2016 14:09:58 +0200 Subject: m 2 urlwatch: use git-upload-pack --- makefu/2configs/urlwatch.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/makefu/2configs/urlwatch.nix b/makefu/2configs/urlwatch.nix index 0d8f888fa..d575d18bc 100644 --- a/makefu/2configs/urlwatch.nix +++ b/makefu/2configs/urlwatch.nix @@ -15,7 +15,7 @@ http://guest:derpi@cvs2svn.tigris.org/svn/cvs2svn/tags/ http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/ https://github.com/amadvance/snapraid/releases.atom - https://erdgeist.org/gitweb/opentracker/commit/ + https://erdgeist.org/gitweb/opentracker/info/refs?service=git-upload-pack ]; }; } -- cgit v1.2.3 From 4056d9b66db3a2b6968a2b7dcb48b0a5f6205a52 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 28 Oct 2016 14:10:40 +0200 Subject: m 2 hw: fix bcm and rfkill after resume --- makefu/2configs/hw/bcm4352.nix | 1 + makefu/2configs/hw/tp-x2x0.nix | 7 ++++--- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/makefu/2configs/hw/bcm4352.nix b/makefu/2configs/hw/bcm4352.nix index 516637eb8..5dc8a1449 100644 --- a/makefu/2configs/hw/bcm4352.nix +++ b/makefu/2configs/hw/bcm4352.nix @@ -1,6 +1,7 @@ {config, ...}: { networking.enableB43Firmware = true; + boot.kernelModules = [ "wl" ]; boot.extraModulePackages = [ config.boot.kernelPackages.broadcom_sta ]; } diff --git a/makefu/2configs/hw/tp-x2x0.nix b/makefu/2configs/hw/tp-x2x0.nix index 2b615ecfa..02bd8bb01 100644 --- a/makefu/2configs/hw/tp-x2x0.nix +++ b/makefu/2configs/hw/tp-x2x0.nix @@ -28,8 +28,9 @@ with import ; services.tlp.enable = true; services.tlp.extraConfig = '' # BUG: http://linrunner.de/en/tlp/docs/tlp-faq.html#erratic-battery - #START_CHARGE_THRESH_BAT0=80 - STOP_CHARGE_THRESH_BAT0=95 + START_CHARGE_THRESH_BAT0=67 + STOP_CHARGE_THRESH_BAT0=100 + CPU_SCALING_GOVERNOR_ON_AC=performance CPU_SCALING_GOVERNOR_ON_BAT=ondemand @@ -40,6 +41,6 @@ with import ; ''; powerManagement.resumeCommands = '' - {pkgs.rfkill}/bin/rfkill unblock all + ${pkgs.rfkill}/bin/rfkill unblock all ''; } -- cgit v1.2.3 From c26a3ce4b465db07f3d94e263588b96d167e53fa Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 28 Oct 2016 14:11:31 +0200 Subject: m 1 gum: add gum-share --- makefu/1systems/gum.nix | 1 + makefu/2configs/gum-share.nix | 39 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 40 insertions(+) create mode 100644 makefu/2configs/gum-share.nix diff --git a/makefu/1systems/gum.nix b/makefu/1systems/gum.nix index bfd880b88..8a43d25ff 100644 --- a/makefu/1systems/gum.nix +++ b/makefu/1systems/gum.nix @@ -24,6 +24,7 @@ in { ../2configs/torrent.nix ../2configs/graphite-standalone.nix ../2configs/sabnzbd.nix + ../2configs/gum-share.nix ../2configs/opentracker.nix diff --git a/makefu/2configs/gum-share.nix b/makefu/2configs/gum-share.nix new file mode 100644 index 000000000..e578f43d3 --- /dev/null +++ b/makefu/2configs/gum-share.nix @@ -0,0 +1,39 @@ +{ config, lib, pkgs, ... }: + +with config.krebs.lib; +let + hostname = config.krebs.build.host.name; +in { + # users.users.smbguest = { + # name = "smbguest"; + # uid = config.ids.uids.smbguest; + # description = "smb guest user"; + # home = "/var/empty"; + # }; + + users.users.download = { }; + services.samba = { + enable = true; + shares = { + download = { + path = "/var/download"; + "read only" = "no"; + browseable = "yes"; + "guest ok" = "no"; + "valid users" = "download"; + }; + }; + extraConfig = '' + # guest account = smbguest + # map to guest = bad user + # disable printing + load printers = no + printing = bsd + printcap name = /dev/null + disable spoolss = yes + ''; + }; + networking.firewall.extraCommands = '' + iptables -A INPUT -i retiolum -p tcp --dport 445 -j ACCEPT + ''; +} -- cgit v1.2.3 From 94656118ada956904bf266ba21bb83ace59e6082 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 28 Oct 2016 14:42:13 +0200 Subject: l 5 xmonad-lass: implement screenshot-share --- lass/5pkgs/xmonad-lass.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/5pkgs/xmonad-lass.nix b/lass/5pkgs/xmonad-lass.nix index 70be61022..471577a94 100644 --- a/lass/5pkgs/xmonad-lass.nix +++ b/lass/5pkgs/xmonad-lass.nix @@ -112,6 +112,7 @@ displaySomeException = displayException myKeyMap :: [([Char], X ())] myKeyMap = [ ("M4-", spawn "${pkgs.i3lock}/bin/i3lock -i /var/lib/wallpaper/wallpaper -f") + , ("M4-C-p", spawn "${pkgs.scrot}/bin/scrot ~/public_html/scrot.png") , ("M4-p", spawn "${pkgs.pass}/bin/passmenu --type") , ("", spawn "${pkgs.pulseaudioLight.out}/bin/pactl -- set-sink-volume 0 +4%") , ("", spawn "${pkgs.pulseaudioLight.out}/bin/pactl -- set-sink-volume 0 -4%") -- cgit v1.2.3 From 4683b176044dc2b4ef8f7bce9da65b995ad979d6 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 28 Oct 2016 14:48:31 +0200 Subject: l 1 prism: enable libvirtd --- lass/1systems/prism.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index 5da66d265..555e7fe1a 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -229,6 +229,9 @@ in { enable = true; }; } + { + virtualisation.libvirtd.enable = true; + } ]; krebs.build.host = config.krebs.hosts.prism; -- cgit v1.2.3 From 2ebd0a1fdd2c8e82f3a960ba7fb09bb66ace89ca Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 28 Oct 2016 15:02:46 +0200 Subject: l 2 websites domsen: disable backups until fixed --- lass/2configs/websites/domsen.nix | 21 --------------------- 1 file changed, 21 deletions(-) diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index fa56d0e12..2a6df06ff 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -103,27 +103,6 @@ in { "o_ubikmedia_de" ]; - krebs.backup.plans = { - prism-sql-domsen = { - method = "push"; - src = { host = config.krebs.hosts.prism; path = "/bku/sql_dumps"; }; - dst = { host = config.krebs.hosts.domsen-nas; path = "/mnt/UBIK-9TB-Pool/BACKUP/XXXX-MAX-UND-ANDERES/prism-sql"; }; - startAt = "00:01"; - }; - prism-http-domsen = { - method = "push"; - src = { host = config.krebs.hosts.prism; path = "/srv/http"; }; - dst = { host = config.krebs.hosts.domsen-nas; path = "/mnt/UBIK-9TB-Pool/BACKUP/XXXX-MAX-UND-ANDERES/prism-http"; }; - startAt = "00:10"; - }; - prism-o-ubikmedia-domsen = { - method = "push"; - src = { host = config.krebs.hosts.prism; path = "/srv/o.ubikmedia.de-data"; }; - dst = { host = config.krebs.hosts.domsen-nas; path = "/mnt/UBIK-9TB-Pool/BACKUP/XXXX-MAX-UND-ANDERES/prism-owncloud"; }; - startAt = "00:30"; - }; - }; - services.phpfpm.phpOptions = '' sendmail_path = ${sendmail} -t upload_max_filesize = 100M -- cgit v1.2.3 From 09fac6376315022edb27d53974d9c31eb672badb Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 30 Oct 2016 19:59:12 +0100 Subject: m 2 retiolum: only use prism cache if in retiolum --- makefu/2configs/default.nix | 1 - makefu/2configs/tinc/retiolum.nix | 3 +++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix index bbe108074..db69be2fa 100644 --- a/makefu/2configs/default.nix +++ b/makefu/2configs/default.nix @@ -10,7 +10,6 @@ with import ; } ./vim.nix ./binary-cache/nixos.nix - ./binary-cache/lass.nix ]; nixpkgs.config.allowUnfreePredicate = (pkg: pkgs.lib.hasPrefix "unrar-" pkg.name); diff --git a/makefu/2configs/tinc/retiolum.nix b/makefu/2configs/tinc/retiolum.nix index dcb072461..c55b94466 100644 --- a/makefu/2configs/tinc/retiolum.nix +++ b/makefu/2configs/tinc/retiolum.nix @@ -1,4 +1,7 @@ _: { + imports = [ + ../binary-cache/lass.nix + ]; krebs.tinc.retiolum.enable = true; } -- cgit v1.2.3 From f4007fc84d0ae7ddf3726dae433d403b7502564b Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 2 Nov 2016 18:59:34 +0100 Subject: l 5 xmonad-lass: remove backlight controls --- lass/5pkgs/xmonad-lass.nix | 2 -- 1 file changed, 2 deletions(-) diff --git a/lass/5pkgs/xmonad-lass.nix b/lass/5pkgs/xmonad-lass.nix index 471577a94..0b05d514a 100644 --- a/lass/5pkgs/xmonad-lass.nix +++ b/lass/5pkgs/xmonad-lass.nix @@ -119,8 +119,6 @@ myKeyMap = , ("", spawn "${pkgs.pulseaudioLight.out}/bin/pactl -- set-sink-mute 0 toggle") , ("", spawn "${pkgs.pulseaudioLight.out}/bin/pactl -- set-source-mute 1 toggle") , ("", gridselectWorkspace gridConfig W.view) - , ("", spawn "xbacklight -steps 1 -time 1 -inc 10") - , ("", spawn "xbacklight -steps 1 -time 1 -dec 10") , ("M4-a", focusUrgent) , ("M4-S-r", renameWorkspace def) -- cgit v1.2.3 From 72f152793062e23b2b3cac9b38bfbf8a2fe06ae9 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 7 Nov 2016 22:14:38 +0100 Subject: l 1 shodan: add /bku --- lass/1systems/shodan.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lass/1systems/shodan.nix b/lass/1systems/shodan.nix index 9d1df1d72..095898380 100644 --- a/lass/1systems/shodan.nix +++ b/lass/1systems/shodan.nix @@ -75,6 +75,10 @@ with import ; fsType = "tmpfs"; options = ["nosuid" "nodev" "noatime"]; }; + "/bku" = { + device = "/dev/pool/bku"; + fsType = "ext4"; + }; }; services.udev.extraRules = '' -- cgit v1.2.3 From d02cebe5cef7ac6c12d8971f2a49a43a9a51e6bb Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 10 Nov 2016 22:34:15 +0100 Subject: l 2 websites lass: add some experimental stuff --- lass/2configs/websites/lassulus.nix | 47 +++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index b8342e148..29374e97d 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -37,6 +37,31 @@ in { }; }; + krebs.tinc_graphs.enable = true; + + users.users.lass-stuff = { + uid = genid "lass-stuff"; + description = "lassul.us blog cgi stuff"; + home = "/var/empty"; + }; + + services.phpfpm.poolConfigs."lass-stuff" = '' + listen = /var/run/lass-stuff.socket + user = lass-stuff + group = nginx + pm = dynamic + pm.max_children = 5 + pm.start_servers = 1 + pm.min_spare_servers = 1 + pm.max_spare_servers = 1 + listen.owner = lass-stuff + listen.group = nginx + php_admin_value[error_log] = 'stderr' + php_admin_flag[log_errors] = on + catch_workers_output = yes + security.limit_extensions = + ''; + users.groups.lasscert.members = [ "dovecot2" "ejabberd" @@ -53,6 +78,28 @@ in { (nameValuePair "/.well-known/acme-challenge" '' root /var/lib/acme/challenges/lassul.us/; '') + (nameValuePair "= /retiolum-hosts.tar.bz2" '' + alias ${config.krebs.tinc.retiolum.hostsArchive}; + '') + (nameValuePair "/tinc" '' + alias ${config.krebs.tinc_graphs.workingDir}/external; + '') + (let + script = pkgs.writeBash "test" '' + echo "hello world" + ''; + #script = pkgs.execve "ddate-wrapper" { + # filename = "${pkgs.ddate}/bin/ddate"; + # argv = []; + #}; + in nameValuePair "= /ddate" '' + gzip off; + fastcgi_pass unix:/var/run/lass-stuff.socket; + include ${pkgs.nginx}/conf/fastcgi_params; + fastcgi_param DOCUMENT_ROOT /var/empty; + fastcgi_param SCRIPT_FILENAME ${script}; + fastcgi_param SCRIPT_NAME ${script}; + '') ]; ssl = { enable = true; -- cgit v1.2.3 From dd67d49ea87d4248e7ad12844564302025d603c4 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 10 Nov 2016 22:34:34 +0100 Subject: l 2 websites util: add ownloud headers --- lass/2configs/websites/util.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lass/2configs/websites/util.nix b/lass/2configs/websites/util.nix index 23f417195..55be8a8d9 100644 --- a/lass/2configs/websites/util.nix +++ b/lass/2configs/websites/util.nix @@ -79,6 +79,8 @@ rec { add_header X-Frame-Options "SAMEORIGIN"; add_header X-XSS-Protection "1; mode=block"; add_header X-Robots-Tag none; + add_header X-Download-Options noopen; + add_header X-Permitted-Cross-Domain-Policies none; # Path to the root of your installation root /srv/http/${domain}/; -- cgit v1.2.3 From f88b7c81f76b1f8048863dfc660c6378550edc19 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 10 Nov 2016 22:34:59 +0100 Subject: l 5 xmonad: add xkill binding --- lass/5pkgs/xmonad-lass.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/5pkgs/xmonad-lass.nix b/lass/5pkgs/xmonad-lass.nix index 0b05d514a..ec3ad82af 100644 --- a/lass/5pkgs/xmonad-lass.nix +++ b/lass/5pkgs/xmonad-lass.nix @@ -119,6 +119,7 @@ myKeyMap = , ("", spawn "${pkgs.pulseaudioLight.out}/bin/pactl -- set-sink-mute 0 toggle") , ("", spawn "${pkgs.pulseaudioLight.out}/bin/pactl -- set-source-mute 1 toggle") , ("", gridselectWorkspace gridConfig W.view) + , ("M4-C-k", spawn "${pkgs.xorg.xkill}/bin/xkill") , ("M4-a", focusUrgent) , ("M4-S-r", renameWorkspace def) -- cgit v1.2.3 From 46a27e5aa0b6c23f3be70484db0a390a2a0dbe10 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 10 Nov 2016 22:40:39 +0100 Subject: l 2 buildbot: disable fast-tests (broken anyway)t --- lass/2configs/buildbot-standalone.nix | 51 ----------------------------------- 1 file changed, 51 deletions(-) diff --git a/lass/2configs/buildbot-standalone.nix b/lass/2configs/buildbot-standalone.nix index df01a84c0..d453479d2 100644 --- a/lass/2configs/buildbot-standalone.nix +++ b/lass/2configs/buildbot-standalone.nix @@ -25,20 +25,6 @@ in { pollinterval=120)) ''; scheduler = { - force-scheduler = '' - sched.append(schedulers.ForceScheduler( - name="force", - builderNames=["fast-tests"])) - ''; - fast-tests-scheduler = '' - # test everything real quick - sched.append(schedulers.SingleBranchScheduler( - ## all branches - change_filter=util.ChangeFilter(branch_re=".*"), - treeStableTimer=10, - name="fast-all-branches", - builderNames=["fast-tests"])) - ''; build-scheduler = '' # build all hosts sched.append(schedulers.SingleBranchScheduler( @@ -113,43 +99,6 @@ in { ''; - fast-tests = '' - f = util.BuildFactory() - f.addStep(grab_repo) - for i in [ "mors", "uriel", "shodan", "helios", "cloudkrebs", "echelon", "dishfire", "prism" ]: - addShell(f,name="build-{}".format(i),env=env_lass, - command=nixshell + \ - ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \ - make \ - test \ - target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \ - method=eval \ - system={}".format(i)]) - - for i in [ "x", "wry", "vbob", "wbob", "shoney" ]: - addShell(f,name="build-{}".format(i),env=env_makefu, - command=nixshell + \ - ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \ - make \ - test \ - target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \ - method=eval \ - system={}".format(i)]) - - for i in [ "test-minimal-deploy", "test-all-krebs-modules", "wolf" ]: - addShell(f,name="build-{}".format(i),env=env_shared, - command=nixshell + \ - ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \ - make \ - test \ - target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \ - method=eval \ - system={}".format(i)]) - - bu.append(util.BuilderConfig(name="fast-tests", - slavenames=slavenames, - factory=f)) - ''; build-pkgs = '' f = util.BuildFactory() f.addStep(grab_repo) -- cgit v1.2.3 From 18e9bfd04a9e99d9ac68c45337e9508880663770 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 10 Nov 2016 22:41:01 +0100 Subject: l 5 q: get battery & brightness stuff from tv --- lass/5pkgs/q/default.nix | 183 ++++++++++++++++++++++++++++++++++++----------- 1 file changed, 142 insertions(+), 41 deletions(-) diff --git a/lass/5pkgs/q/default.nix b/lass/5pkgs/q/default.nix index 571932b1d..2f41ac927 100644 --- a/lass/5pkgs/q/default.nix +++ b/lass/5pkgs/q/default.nix @@ -55,47 +55,143 @@ let fi ''; - q-power_supply = '' + q-intel_backlight = '' + cd /sys/class/backlight/intel_backlight + = .42) t_col = "1;32" + else if (r >= 23) t_col = "1;33" + else if (r >= 11) t_col = "1;31" + else t_col = "5;1;31" + return sgr(t_col) strdup("■", t1) sgr(";30") strdup("■", t2) sgr() + } + + function sgr(p) { + return "\x1b[" p "m" + } + + function strdup(s,n,t) { + t = sprintf("%"n"s","") + gsub(/ /,s,t) + return t + } + + END { + name = ENVIRON["POWER_SUPPLY_NAME"] + + charge_unit = "Ah" + charge_now = ENVIRON["POWER_SUPPLY_CHARGE_NOW"] / 10^6 + charge_full = ENVIRON["POWER_SUPPLY_CHARGE_FULL"] / 10^6 + + current_unit = "A" + current_now = ENVIRON["POWER_SUPPLY_CURRENT_NOW"] / 10^6 + + energy_unit = "Wh" + energy_now = ENVIRON["POWER_SUPPLY_ENERGY_NOW"] / 10^6 + energy_full = ENVIRON["POWER_SUPPLY_ENERGY_FULL"] / 10^6 + + power_unit = "W" + power_now = ENVIRON["POWER_SUPPLY_POWER_NOW"] / 10^6 + + voltage_unit = "V" + voltage_now = ENVIRON["POWER_SUPPLY_VOLTAGE_NOW"] / 10^6 + voltage_min_design = ENVIRON["POWER_SUPPLY_VOLTAGE_MIN_DESIGN"] / 10^6 + + #printf "charge_now: %s\n", charge_now + #printf "charge_full: %s\n", charge_full + #printf "current_now: %s\n", current_now + #printf "energy_now: %s\n", energy_now + #printf "energy_full: %s\n", energy_full + #printf "energy_full: %s\n", ENVIRON["POWER_SUPPLY_ENERGY_FULL"] + #printf "energy_full: %s\n", ENVIRON["POWER_SUPPLY_ENERGY_FULL"] / 10^6 + #printf "power_now: %s\n", power_now + #printf "voltage_now: %s\n", voltage_now + + if (current_now == 0 && voltage_now != 0) { + current_now = power_now / voltage_now + } + if (power_now == 0) { + power_now = current_now * voltage_now + } + if (charge_now == 0 && voltage_min_design != 0) { + charge_now = energy_now / voltage_min_design + } + if (energy_now == 0) { + energy_now = charge_now * voltage_min_design + } + if (charge_full == 0 && voltage_min_design != 0) { + charge_full = energy_full / voltage_min_design + } + if (energy_full == 0) { + energy_full = charge_full * voltage_min_design + } + + if (charge_now == 0 || charge_full == 0) { + die("unknown charge") + } + + charge_ratio = charge_now / charge_full + + out = out name + out = out sprintf(" %s", print_bar(10, charge_ratio)) + out = out sprintf(" %d%", charge_ratio * 100) + out = out sprintf(" %.2f%s", charge_now, charge_unit) + if (current_now != 0) { + out = out sprintf("/%.1f%s", current_now, current_unit) + } + out = out sprintf(" %d%s", energy_full, energy_unit) + if (power_now != 0) { + out = out sprintf("/%.1f%s", power_now, power_unit) + } + if (current_now != 0) { + out = out sprintf(" %s", print_hm(charge_now / current_now)) + } + + print out + } + ' + ''; + in '' for uevent in /sys/class/power_supply/*/uevent; do - if test -f $uevent; then - eval "$(${pkgs.gnused}/bin/sed -n ' - s/^\([A-Z_]\+=\)\(.*\)/\1'\'''\2'\'''/p - ' $uevent)" - - if test "x''${POWER_SUPPLY_CHARGE_NOW-}" = x; then - continue - fi - - charge_percentage=$(echo " - scale=2 - $POWER_SUPPLY_CHARGE_NOW / $POWER_SUPPLY_CHARGE_FULL - " | ${pkgs.bc}/bin/bc) - - lfc=$POWER_SUPPLY_CHARGE_FULL - rc=$POWER_SUPPLY_CHARGE_NOW - #rc=2800 - N=78; N=76 - N=10 - n=$(echo $N-1 | ${pkgs.bc}/bin/bc) - centi=$(echo "$rc*100/$lfc" | ${pkgs.bc}/bin/bc) - deci=$(echo "$rc*$N/$lfc" | ${pkgs.bc}/bin/bc) - energy_evel=$( - echo -n '☳ ' # TRIGRAM FOR THUNDER - if test $centi -ge 42; then echo -n '' - elif test $centi -ge 23; then echo -n '' - elif test $centi -ge 11; then echo -n '' - else echo -n ''; fi - for i in $(${pkgs.coreutils}/bin/seq 1 $deci); do - echo -n ■ - done - echo -n '' - for i in $(${pkgs.coreutils}/bin/seq $deci $n); do - echo -n ■ - done - echo '' $rc #/ $lfc - ) - echo "$energy_evel $charge_percentage" - fi + ${power_supply} "$uevent" || : done ''; @@ -171,15 +267,20 @@ in pkgs.writeBashBin "q" '' set -eu export PATH=/var/empty + (${q-todo}) || : + if [ "$PWD" != "$HOME" ]; then + (HOME=$PWD; ${q-todo}) || : + fi + echo ${q-cal} echo ${q-isodate} (${q-gitdir}) & + (${q-intel_backlight}) & (${q-power_supply}) & (${q-virtualization}) & (${q-wireless}) & (${q-online}) & (${q-thermal_zone}) & wait - ${q-todo} '' -- cgit v1.2.3 From e6c7b13f5990d96e269ee12b9bf6b15bfa7d5b82 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 10 Nov 2016 23:20:05 +0100 Subject: l 2 repo-sync: fetch from ni (was cd) --- lass/2configs/repo-sync.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/2configs/repo-sync.nix b/lass/2configs/repo-sync.nix index f2e4de6a7..f5879a824 100644 --- a/lass/2configs/repo-sync.nix +++ b/lass/2configs/repo-sync.nix @@ -41,7 +41,7 @@ let mirror.url = "${mirror}${name}"; }; tv = { - origin.url = "http://cgit.cd/${name}"; + origin.url = "http://cgit.ni.i/${name}"; mirror.url = "${mirror}${name}"; }; lassulus = { -- cgit v1.2.3