From ce0b1e987a4bd99ed204e9ce06a7c882060dcbcf Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 26 Feb 2016 23:38:50 +0100 Subject: ma 2 laptop-utils: init --- makefu/1systems/pornocauster.nix | 4 ++++ makefu/2configs/laptop-utils.nix | 13 ++++++------- 2 files changed, 10 insertions(+), 7 deletions(-) diff --git a/makefu/1systems/pornocauster.nix b/makefu/1systems/pornocauster.nix index b2cf0be7..9415f234 100644 --- a/makefu/1systems/pornocauster.nix +++ b/makefu/1systems/pornocauster.nix @@ -8,6 +8,7 @@ [ # Include the results of the hardware scan. ../. ../2configs/main-laptop.nix #< base-gui + zsh + ../2configs/laptop-utils.nix # Krebs ../2configs/tinc-basic-retiolum.nix @@ -39,6 +40,9 @@ nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; }; + # steam + hardware.opengl.driSupport32Bit = true; + hardware.pulseaudio.support32Bit = true; # configure pulseAudio to provide a HDMI sink as well networking.firewall.enable = true; diff --git a/makefu/2configs/laptop-utils.nix b/makefu/2configs/laptop-utils.nix index b5ba2ec3..8a1c0e18 100644 --- a/makefu/2configs/laptop-utils.nix +++ b/makefu/2configs/laptop-utils.nix @@ -6,7 +6,7 @@ # essentially `nix-env -q` of the main user # TODO: split gui and non-gui { - environment.systemPackages = with pkgs; [ + krebs.per-user.makefu.packages = with pkgs; [ # core at_spi2_core acpi @@ -27,11 +27,14 @@ # gui + chromium clipit feh + firefox keepassx pcmanfm skype + mirage tightvnc gnome3.dconf vlc @@ -39,10 +42,6 @@ wireshark xdotool - # browser - firefox - chromium - # sectools aria2 binwalk @@ -53,10 +52,10 @@ # stuff - cac-cli + cac-api cac-panel krebspaste ledger - password-store + pass ]; } -- cgit v1.2.3 From a437d304d60760c66c085dd2d6cf9fdfdf6599c4 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 26 Feb 2016 23:39:14 +0100 Subject: ma 5 mycube: bump 0.2.3.4 --- makefu/5pkgs/mycube-flask/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/makefu/5pkgs/mycube-flask/default.nix b/makefu/5pkgs/mycube-flask/default.nix index d01abbbd..5bf85a66 100644 --- a/makefu/5pkgs/mycube-flask/default.nix +++ b/makefu/5pkgs/mycube-flask/default.nix @@ -2,7 +2,7 @@ with pkgs.pythonPackages;buildPythonPackage rec { name = "mycube-flask-${version}"; - version = "0.2.3"; + version = "0.2.3.4"; propagatedBuildInputs = [ flask redis -- cgit v1.2.3 From 113d6006bbfcb58b0d4263a56c62a34d41c89f8e Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 26 Feb 2016 23:39:52 +0100 Subject: ma 2 mail-client: += gnupg,w3m,openssl --- makefu/2configs/mail-client.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/makefu/2configs/mail-client.nix b/makefu/2configs/mail-client.nix index 03692407..793daa6f 100644 --- a/makefu/2configs/mail-client.nix +++ b/makefu/2configs/mail-client.nix @@ -4,11 +4,13 @@ with config.krebs.lib; { environment.systemPackages = with pkgs; [ abook + gnupg + imapfilter msmtp mutt-kz notmuch offlineimap - imapfilter - gnupg + openssl + w3m ]; } -- cgit v1.2.3 From da20505f5d187f2bbe649543125f1097c6d87d85 Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 27 Feb 2016 12:26:06 +0100 Subject: ma 2 default: fix path to glibc patch --- makefu/2configs/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix index 3043a1af..7166c0cc 100644 --- a/makefu/2configs/default.nix +++ b/makefu/2configs/default.nix @@ -6,7 +6,7 @@ with config.krebs.lib; system.replaceRuntimeDependencies = with pkgs.lib; [{original = pkgs.glibc; replacement = pkgs.stdenv.lib.overrideDerivation pkgs.glibc (oldAttr: { patches = oldAttr.patches ++ - [(pkgs.fetchurl { url = "https://raw.githubusercontent.com/NixOS/nixpkgs/master/pkgs/development/libraries/glibc/cve-2015-7547.patch"; + [(pkgs.fetchurl { url = "https://raw.githubusercontent.com/NixOS/nixpkgs/fc48bf5a2ceb908b73dc035374e2ec5a31086aa2/pkgs/development/libraries/glibc/cve-2015-7547.patch"; sha256 = "0awpc4rp2x27rjpj83ps0rclmn73hsgfv2xxk18k82w4hdxqpp5r";})]; });} ]; -- cgit v1.2.3 From 217c4840d8ebc5ffff15bb3f9c679689a4139edb Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 28 Feb 2016 01:11:21 +0100 Subject: k 3 bepasty: create build environment for recursive package inclusion --- krebs/3modules/bepasty-server.nix | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/krebs/3modules/bepasty-server.nix b/krebs/3modules/bepasty-server.nix index 9e777a5e..cbf87b2a 100644 --- a/krebs/3modules/bepasty-server.nix +++ b/krebs/3modules/bepasty-server.nix @@ -96,9 +96,13 @@ let wantedBy = [ "multi-user.target" ]; after = [ "network.target" ]; restartIfChanged = true; - environment = { + environment = let + penv = python.buildEnv.override { + extraLibs = [ bepasty gevent ]; + }; + in { BEPASTY_CONFIG = "${server.workDir}/bepasty-${name}.conf"; - PYTHONPATH= "${bepasty}/lib/${python.libPrefix}/site-packages:${gevent}/lib/${python.libPrefix}/site-packages"; + PYTHONPATH= "${penv}/${python.sitePackages}/"; }; serviceConfig = { -- cgit v1.2.3 From 6dd129a4641b6f720c4c93f16bf6c94f77e7327e Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 28 Feb 2016 01:52:40 +0100 Subject: ma 2 iodined: now requires listen addres --- makefu/2configs/iodined.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/makefu/2configs/iodined.nix b/makefu/2configs/iodined.nix index db8a1bfe..2e69d167 100644 --- a/makefu/2configs/iodined.nix +++ b/makefu/2configs/iodined.nix @@ -1,4 +1,4 @@ -{ services,builtins,environment,pkgs, ... }: +{ pkgs, config, ... }: let # TODO: make this a parameter @@ -10,7 +10,7 @@ in { enable = true; domain = domain; ip = "172.16.10.1/24"; - extraConfig = "-P ${pw}"; + extraConfig = "-P ${pw} -l ${pkgs.lib.head config.krebs.build.host.nets.internet.addrs4}"; }; } -- cgit v1.2.3 From 9b1996625451f46c605f4b77ad760ba401319232 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 28 Feb 2016 01:53:41 +0100 Subject: ma 2 mycube: not necessary to include implicit deps with nixpkgs@2016-02-14 --- makefu/2configs/deployment/mycube.connector.one.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/makefu/2configs/deployment/mycube.connector.one.nix b/makefu/2configs/deployment/mycube.connector.one.nix index 38fc4a24..125b3dff 100644 --- a/makefu/2configs/deployment/mycube.connector.one.nix +++ b/makefu/2configs/deployment/mycube.connector.one.nix @@ -16,7 +16,7 @@ in { vassals = { mycube-flask = { type = "normal"; - python2Packages = self: with self; [ pkgs.mycube-flask flask redis werkzeug jinja2 markupsafe itsdangerous ]; + pythonPackages = self: with self; [ pkgs.mycube-flask ]; socket = wsgi-sock; }; }; -- cgit v1.2.3 From 9af9b562b578ec3a1ccb2b870f49ad3d7a4c467c Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 28 Feb 2016 02:24:52 +0100 Subject: k 3 default: add `via` to gum, fix wry pubkey --- krebs/3modules/makefu/default.nix | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index d309c171..24f0cdd8 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -221,17 +221,17 @@ with config.krebs.lib; ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- - MIICCgKCAgEAvmCBVNKT/Su4v9nl/Nm3STPo5QxWPg7xEkzIs3Oh39BS8+r6/7UQ - rebib7mczb+ebZd+Rg2yFoGrWO8cmM0VcLy5bYRMK7in8XroLEjWecNNM4TRfNR4 - e53+LhcPdkxo0A3/D+yiut+A2Mkqe+4VXDm/JhAiAYkZTn7jUtj00Atrc7CWW1gN - sP3jIgv4+CGftdSYOB4dm699B7OD9XDLci2kOaFqFl4cjDYUok03G0AduUlRx10v - CKbKOTIdm8C36A902/3ms+Hyzkruu+VagGIZuPSwqXHJPCu7Ju+jarKQstMmpQi0 - PubweWDL0o/Dfz2qT3DuL4xDecIvGE6kv3m41hHJYiK+2/azTSehyPFbsVbL7w0V - LgKN3usnZNcpTsBWxRGT7nMFSnX2FLDu7d9OfCuaXYxHVFLZaNrpccOq8NF/7Hbk - DDW81W7CvLyJDlp0WLnAawSOGTUTPoYv/2wAapJ89i8QGCueGvEc6o2EcnBVMFEW - ejWTQzyD816f4RsplnrRqLVlIMbr9Q/n5TvlgjjhX7IMEfMy4+7qLGRQkNbFzgwK - jxNG2fFSCjOEQitm0gAtx7QRIyvYr6c7/xiHz4AwxYzBmvQsL/OK57NO4+Krwgj5 - Vk8TQ2jGO7J4bB38zaxK+Lrtfl8i1AK1171JqFMhOc34JSJ7T4LWDMECAwEAAQ== + MIICCgKCAgEAs9bq++H4HF8EpZMfWGfoIsh/C+YNO2pg74UPBsP/tFFe71yzWwUn + U9LW0n3bBqCMQ/oDthbSMwCkS9JzcUi22QJEdjbQs/aay9gZR115b+UxWPocw0Ms + ZoREKo3Oe0hETk7Ing8NdBDI0kCBh9QnvqQ3iKd0rBae3DYvcWlDsY93GLGMddgA + 7E9oa3EHVYH/MPZaeJtTknaJduanBSbiEb/xQOqxTadHoQASKU6DQD1czMH3hLG2 + 8Wn4MBj9fgKBAoIy092tIzPtE2QwAHO73yz4mSW/3r190hREgVbjuEPiw4w5mEyQ + j+NeN3f3heFKx+GCgdWH9xPw6m6qPdqUiGUPq91KXMOhNa8lLcTp95mHdCMesZCF + TFj7hf6y+SVt17Vo+YUL7UqnMtAm3eZZmwyDu0DfKFrdgz6MtDD+5dQp9g8VHpqw + RfbaB1Srlr24EUYYoOBEF9CcIacFbsr+MKh+hQk5R0uEMSeAWARzxvvr69iMgdEC + zDiu0rrRLN+CrfgkDir7pkRKxeA1lz8KpySyIZRziNg6mSHjKjih4++Bbu4N2ack + 86h84qBrA8lq2xsub4+HgKZGH2l5Y8tvlr+rx0mQKEJkT6XDKCXZFPfl2N0QrWGT + Dv7l2vn0QMj9E6+BdRhYaO/m3+cIZ9faM851nRj/gq2OOtzW3ekrne0CAwEAAQ== -----END RSA PUBLIC KEY----- ''; }; @@ -323,7 +323,7 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB cgit.euer IN A ${head nets.internet.addrs4} ''; }; - nets = { + nets = rec { internet = { addrs4 = ["195.154.108.70"]; aliases = [ @@ -331,6 +331,7 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB ]; }; retiolum = { + via = internet; addrs4 = ["10.243.0.211"]; addrs6 = ["42:f9f0:0000:0000:0000:0000:0000:70d2"]; aliases = [ -- cgit v1.2.3 From 321b831755f8d8572e30e9b735617a90525b311a Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 28 Feb 2016 02:25:53 +0100 Subject: ma 2 laptop-utils: FF with flash --- makefu/1systems/wry.nix | 4 ++-- makefu/2configs/laptop-utils.nix | 4 ++++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/makefu/1systems/wry.nix b/makefu/1systems/wry.nix index 74732196..462ec4fa 100644 --- a/makefu/1systems/wry.nix +++ b/makefu/1systems/wry.nix @@ -11,7 +11,6 @@ in { # TODO: copy this config or move to krebs ../../tv/2configs/hw/CAC.nix ../../tv/2configs/fs/CAC-CentOS-7-64bit.nix - ../2configs/unstable-sources.nix ../2configs/headless.nix ../2configs/tinc-basic-retiolum.nix @@ -28,7 +27,8 @@ in { # collectd ../2configs/collectd/collectd-base.nix ]; - + services.nixosManual.enable = false; + programs.man.enable = false; krebs.build.host = config.krebs.hosts.wry; krebs.Reaktor = { diff --git a/makefu/2configs/laptop-utils.nix b/makefu/2configs/laptop-utils.nix index 8a1c0e18..815ff748 100644 --- a/makefu/2configs/laptop-utils.nix +++ b/makefu/2configs/laptop-utils.nix @@ -6,6 +6,10 @@ # essentially `nix-env -q` of the main user # TODO: split gui and non-gui { + nixpkgs.config.firefox = { + enableAdobeFlash = true; + }; + krebs.per-user.makefu.packages = with pkgs; [ # core at_spi2_core -- cgit v1.2.3 From 64a1dc64a3a7daf57e1ebc677e35c4dc89d9c36b Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 28 Feb 2016 02:26:20 +0100 Subject: ma 2 default: back to unstable, remove runtime-patch --- makefu/2configs/default.nix | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix index 7166c0cc..313ccbec 100644 --- a/makefu/2configs/default.nix +++ b/makefu/2configs/default.nix @@ -4,13 +4,6 @@ with config.krebs.lib; { system.stateVersion = "15.09"; - system.replaceRuntimeDependencies = with pkgs.lib; - [{original = pkgs.glibc; replacement = pkgs.stdenv.lib.overrideDerivation pkgs.glibc (oldAttr: { patches = oldAttr.patches ++ - [(pkgs.fetchurl { url = "https://raw.githubusercontent.com/NixOS/nixpkgs/fc48bf5a2ceb908b73dc035374e2ec5a31086aa2/pkgs/development/libraries/glibc/cve-2015-7547.patch"; - sha256 = "0awpc4rp2x27rjpj83ps0rclmn73hsgfv2xxk18k82w4hdxqpp5r";})]; - });} - ]; - imports = [ { users.extraUsers = @@ -29,7 +22,7 @@ with config.krebs.lib; source = mapAttrs (_: mkDefault) { nixpkgs = { url = https://github.com/nixos/nixpkgs; - rev = "77f8f35d57618c1ba456d968524f2fb2c3448295"; # unstable @ 2015-01-27, tested on wry + rev = "40c586b7ce2c559374df435f46d673baf711c543"; # unstable @ 2016-02-27, tested on wry }; secrets = "/home/makefu/secrets/${config.krebs.build.host.name}/"; stockholm = "/home/makefu/stockholm"; -- cgit v1.2.3