From 472b52e98a2d36604c7f090b6e73fb2ee5b83796 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 11 Jan 2020 20:29:21 +0100 Subject: l hilum.r: get autoiso.cfg easier via git --- lass/1systems/hilum/config.nix | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) (limited to 'lass/1systems') diff --git a/lass/1systems/hilum/config.nix b/lass/1systems/hilum/config.nix index d4a389a4..f66a0abe 100644 --- a/lass/1systems/hilum/config.nix +++ b/lass/1systems/hilum/config.nix @@ -21,13 +21,6 @@ source /grub/autoiso.cfg } ''; - extraFiles."/grub/autoiso.cfg" = (pkgs.stdenv.mkDerivation { - name = "autoiso.cfg"; - src = pkgs.grub2.src; - phases = [ "unpackPhase" "installPhase" ]; - installPhase = '' - cp docs/autoiso.cfg $out - ''; - }); + extraFiles."/grub/autoiso.cfg" = "${pkgs.grub2.src}/docs/autoiso.cfg"; }; } -- cgit v1.2.3 From 18f073cecfdb596e553cae4b81df006fddb08f70 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 11 Jan 2020 20:30:04 +0100 Subject: l hilum.r: don't suspend on lid close --- lass/1systems/hilum/config.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'lass/1systems') diff --git a/lass/1systems/hilum/config.nix b/lass/1systems/hilum/config.nix index f66a0abe..470dd3af 100644 --- a/lass/1systems/hilum/config.nix +++ b/lass/1systems/hilum/config.nix @@ -23,4 +23,7 @@ ''; extraFiles."/grub/autoiso.cfg" = "${pkgs.grub2.src}/docs/autoiso.cfg"; }; + + services.logind.lidSwitch = "ignore"; + services.logind.lidSwitchDocked = "ignore"; } -- cgit v1.2.3 From 1a73dffbddb934355b7994bb3558441bbeed9abd Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 11 Jan 2020 20:30:32 +0100 Subject: l icarus.r: reinstall after 36c3 --- lass/1systems/icarus/config.nix | 1 + lass/1systems/icarus/physical.nix | 47 ++++++++++++++++++++++++++++++++------- 2 files changed, 40 insertions(+), 8 deletions(-) (limited to 'lass/1systems') diff --git a/lass/1systems/icarus/config.nix b/lass/1systems/icarus/config.nix index 46f0892a..5e16052a 100644 --- a/lass/1systems/icarus/config.nix +++ b/lass/1systems/icarus/config.nix @@ -20,6 +20,7 @@ with import ; # + ]; #media center diff --git a/lass/1systems/icarus/physical.nix b/lass/1systems/icarus/physical.nix index d764dabc..861bd8b0 100644 --- a/lass/1systems/icarus/physical.nix +++ b/lass/1systems/icarus/physical.nix @@ -1,22 +1,53 @@ +{ config, lib, pkgs, ... }: { imports = [ ./config.nix - - + # + # + + ]; - fileSystems = { - "/bku" = { - device = "/dev/mapper/pool-bku"; - fsType = "btrfs"; - options = ["defaults" "noatime" "ssd" "compress=lzo"]; - }; + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + boot.loader.grub.efiSupport = true; + boot.loader.grub.efiInstallAsRemovable = true; + boot.loader.grub.device = "/dev/disk/by-id/wwn-0x5002538d702f5ac6"; + boot.initrd.luks.devices.ssd.device = "/dev/disk/by-id/wwn-0x5002538d702f5ac6-part3"; + + boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" "xhci_pci" "sd_mod" "sdhci_pci" ]; + boot.initrd.kernelModules = [ "dm-snapshot" ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/298eb635-8db2-4c15-a73d-2e0d6afa10e8"; + fsType = "xfs"; + }; + + fileSystems."/home" = { + device = "/dev/disk/by-uuid/eec94bef-e745-4d95-ad17-4df728f5fd31"; + fsType = "xfs"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/D975-2CAB"; + fsType = "vfat"; }; + swapDevices = [ ]; + + nix.maxJobs = lib.mkDefault 4; + powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; + services.udev.extraRules = '' SUBSYSTEM=="net", ATTR{address}=="00:24:d7:f0:a0:0c", NAME="wl0" SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:71:cb:35", NAME="et0" ''; services.thinkfan.enable = true; + + services.logind.lidSwitch = "ignore"; + services.logind.lidSwitchDocked = "ignore"; + } -- cgit v1.2.3 From 919b0ad48e39ff78d90342383d010c08cc0b28c5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 11 Jan 2020 20:39:18 +0100 Subject: l iso: rework for wizard magic --- lass/1systems/iso.nix | 193 ---------------------------------- lass/1systems/iso/default.nix | 212 ++++++++++++++++++++++++++++++++++++++ lass/1systems/iso/generate-iso.sh | 7 ++ 3 files changed, 219 insertions(+), 193 deletions(-) delete mode 100644 lass/1systems/iso.nix create mode 100644 lass/1systems/iso/default.nix create mode 100755 lass/1systems/iso/generate-iso.sh (limited to 'lass/1systems') diff --git a/lass/1systems/iso.nix b/lass/1systems/iso.nix deleted file mode 100644 index a7b9f21b..00000000 --- a/lass/1systems/iso.nix +++ /dev/null @@ -1,193 +0,0 @@ -{ config, pkgs, ... }: - -with import ; -{ - imports = [ - - - - - - { - # /dev/stderr doesn't work. I don't know why - # /proc/self doesn't seem to work correctly - # /dev/pts is empty except for 1 file - # my life sucks - nixpkgs.config.packageOverrides = super: { - irc-announce = super.callPackage { - pkgs = pkgs // { - coreutils = pkgs.symlinkJoin { - name = "coreutils-hack"; - paths = [ - (pkgs.writeDashBin "tee" '' - if test "$1" = /dev/stderr; then - while read -r line; do - echo "$line" - echo "$line" >&2 - done - else - ${super.coreutils}/bin/tee "$@" - fi - '') - pkgs.coreutils - ]; - }; - }; - }; - }; - boot.kernelParams = [ "copytoram" ]; - networking.hostName = "lass-iso"; - } - { - nixpkgs.config.packageOverrides = import pkgs; - krebs.enable = true; - krebs.build.user = config.krebs.users.lass; - krebs.build.host = {}; - } - { - nixpkgs.config.allowUnfree = true; - } - { - users.extraUsers = { - root = { - openssh.authorizedKeys.keys = [ - config.krebs.users.lass.pubkey - ]; - }; - }; - } - { - environment.extraInit = '' - EDITOR=vim - ''; - } - { - environment.systemPackages = with pkgs; [ - #stockholm - git - gnumake - jq - parallel - proot - populate - - #style - most - rxvt_unicode.terminfo - - #monitoring tools - htop - iotop - - #network - iptables - iftop - - #stuff for dl - aria2 - - #neat utils - hashPassword - krebspaste - pciutils - pop - psmisc - q - rs - tmux - untilport - usbutils - - #unpack stuff - p7zip - unzip - unrar - - #data recovery - ddrescue - ntfs3g - dosfstools - ]; - } - { - programs.bash = { - enableCompletion = true; - interactiveShellInit = '' - HISTCONTROL='erasedups:ignorespace' - HISTSIZE=65536 - HISTFILESIZE=$HISTSIZE - - shopt -s checkhash - shopt -s histappend histreedit histverify - shopt -s no_empty_cmd_completion - complete -d cd - ''; - promptInit = '' - if test $UID = 0; then - PS1='\[\033[1;31m\]\w\[\033[0m\] ' - PROMPT_COMMAND='echo -ne "\033]0;$$ $USER@$PWD\007"' - elif test $UID = 1337; then - PS1='\[\033[1;32m\]\w\[\033[0m\] ' - PROMPT_COMMAND='echo -ne "\033]0;$$ $PWD\007"' - else - PS1='\[\033[1;33m\]\u@\w\[\033[0m\] ' - PROMPT_COMMAND='echo -ne "\033]0;$$ $USER@$PWD\007"' - fi - if test -n "$SSH_CLIENT"; then - PS1='\[\033[35m\]\h'" $PS1" - PROMPT_COMMAND='echo -ne "\033]0;$$ $HOSTNAME $USER@$PWD\007"' - fi - ''; - }; - } - { - services.openssh = { - enable = true; - hostKeys = [ - # XXX bits here make no science - { bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; } - ]; - }; - systemd.services.sshd.wantedBy = mkForce [ "multi-user.target" ]; - } - { - networking.firewall = { - enable = true; - allowedTCPPorts = [ 22 ]; - }; - } - { - krebs.hidden-ssh.enable = true; - } - { - services.xserver = { - enable = true; - #videoDrivers = mkForce [ "ati_unfree" ]; - - desktopManager.xterm.enable = false; - desktopManager.default = "none"; - displayManager.lightdm.enable = true; - displayManager.lightdm.autoLogin = { - enable = true; - user = "lass"; - }; - windowManager.default = "xmonad"; - windowManager.session = let - xmonad-lass = pkgs.callPackage { inherit config; }; - in [{ - name = "xmonad"; - start = '' - ${pkgs.xorg.xhost}/bin/xhost +LOCAL: - ${xmonad-lass}/bin/xmonad & - waitPID=$! - ''; - }]; - - layout = "us"; - xkbModel = "evdev"; - xkbVariant = "altgr-intl"; - xkbOptions = "caps:backspace"; - }; - } - ]; -} diff --git a/lass/1systems/iso/default.nix b/lass/1systems/iso/default.nix new file mode 100644 index 00000000..ba483f5f --- /dev/null +++ b/lass/1systems/iso/default.nix @@ -0,0 +1,212 @@ +{ config, pkgs, ... }: +with import ; + +let + + wizard = pkgs.writers.writeBash "wizard" '' + set -x + shopt -s extglob + + echo -n ' + welcome to the computer wizard + first we will check for internet connectivity + (press enter to continue) + ' + read -n 1 -s + if ! ping -c1 lassul.us; then + echo 'no internet detectio, you will have to provide credentials' + read -n 1 -s + nmtui + fi + + # ping -c1 lassuls.us || ${pkgs.writeDash "nm-dmenu" '' + # set -x + # export PATH=$PATH:${pkgs.dmenu}/bin:${pkgs.networkmanagerapplet}/bin + # exec ${pkgs.networkmanager_dmenu}/bin/networkmanager_dmenu "$@" + # ''} + + mode=$(echo -n ' + 1. help of the wizard + 2. let the wizard watch and help if needed + 3. I will do it alone + ' | ${pkgs.fzf}/bin/fzf --reverse) + case "$mode" in + 1*) + echo 'mode_1' > /tmp/mode + systemctl start hidden-ssh-announce.service + tmux new -s help + ;; + 2*) + echo 'mode_2' > /tmp/mode + ;; + 3*) + echo 'mode_3' > /tmp/mode + ;; + *) + echo 'no mode selected' + ;; + esac + ''; + +in { + imports = [ + + + + { + nixpkgs.config.packageOverrides = import pkgs; + krebs.enable = true; + krebs.build.user = config.krebs.users.lass; + krebs.build.host = {}; + } + # { + # systemd.services.wizard = { + # description = "Computer Wizard"; + # wantedBy = [ "multi-user.target" ]; + # serviceConfig = { + # ExecStart = pkgs.writers.writeDash "wizard" '' + # set -efu + # cat < Date: Sat, 11 Jan 2020 20:40:38 +0100 Subject: l xerxes.r: reinstall with xfs --- lass/1systems/xerxes/physical.nix | 16 ++++------------ 1 file changed, 4 insertions(+), 12 deletions(-) (limited to 'lass/1systems') diff --git a/lass/1systems/xerxes/physical.nix b/lass/1systems/xerxes/physical.nix index 77cf2206..2e9e62a8 100644 --- a/lass/1systems/xerxes/physical.nix +++ b/lass/1systems/xerxes/physical.nix @@ -5,40 +5,32 @@ ]; - boot.zfs.enableUnstable = true; boot.loader.grub = { enable = true; device = "/dev/sda"; efiSupport = true; + efiInstallAsRemovable = true; }; - boot.loader.efi.canTouchEfiVariables = true; boot.blacklistedKernelModules = [ "sdhci_pci" ]; boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "sd_mod" ]; - boot.initrd.kernelModules = [ ]; boot.initrd.luks.devices.crypted.device = "/dev/sda3"; boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; boot.kernelParams = [ "fbcon=rotate:1" "boot.shell_on_fail" ]; fileSystems."/" = { - device = "rpool/root"; - fsType = "zfs"; - }; - - fileSystems."/home" = { - device = "rpool/home"; - fsType = "zfs"; + device = "/dev/disk/by-uuid/8efd0c22-f712-46bf-baad-1fbf19d9ec25"; + fsType = "xfs"; }; fileSystems."/boot" = { - device = "/dev/disk/by-uuid/E749-784C"; + device = "/dev/disk/by-uuid/7F23-DDB4"; fsType = "vfat"; }; -- cgit v1.2.3 From 3367cc374a6739331681032427b2f53197537251 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 11 Jan 2020 20:41:03 +0100 Subject: l xerxes.r: remove debug output --- lass/1systems/xerxes/physical.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'lass/1systems') diff --git a/lass/1systems/xerxes/physical.nix b/lass/1systems/xerxes/physical.nix index 2e9e62a8..5a6f0721 100644 --- a/lass/1systems/xerxes/physical.nix +++ b/lass/1systems/xerxes/physical.nix @@ -66,7 +66,6 @@ services.xserver = { videoDrivers = [ "intel" ]; displayManager.sessionCommands = '' - echo nonono > /tmp/xxyy (sleep 2 && ${pkgs.xorg.xrandr}/bin/xrandr --output eDP1 --rotate right) (sleep 2 && ${pkgs.xorg.xinput}/bin/xinput set-prop "pointer:Goodix Capacitive TouchScreen" --type=float "Coordinate Transformation Matrix" 0 1 0 -1 0 1 0 0 1) ''; -- cgit v1.2.3 From 88e7821ed2ae331082ad3cad6d2885c3125316ea Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 11 Jan 2020 20:41:28 +0100 Subject: l yellow.r: remove broken fancyindex theme --- lass/1systems/yellow/config.nix | 13 ------------- 1 file changed, 13 deletions(-) (limited to 'lass/1systems') diff --git a/lass/1systems/yellow/config.nix b/lass/1systems/yellow/config.nix index d049bdee..abbc0045 100644 --- a/lass/1systems/yellow/config.nix +++ b/lass/1systems/yellow/config.nix @@ -47,17 +47,6 @@ with import ; }; virtualHosts.default = { default = true; - locations."=/Nginx-Fancyindex-Theme-dark" = { - extraConfig = '' - alias ${pkgs.fetchFromGitHub { - owner = "Naereen"; - repo = "Nginx-Fancyindex-Theme"; - rev = "e84f7d6a32085c2b6238f85f5fdebe9ceb710fc4"; - sha256 = "0wzl4ws2w8f0749vxfd1c8c21p3jw463wishgfcmaljbh4dwplg6"; - }}/Nginx-Fancyindex-Theme-dark; - autoindex on; - ''; - }; locations."/dl".extraConfig = '' return 301 /; ''; @@ -65,8 +54,6 @@ with import ; root = "/var/download/finished"; extraConfig = '' fancyindex on; - fancyindex_header "/Nginx-Fancyindex-Theme-dark/header.html"; - fancyindex_footer "/Nginx-Fancyindex-Theme-dark/footer.html"; dav_methods PUT DELETE MKCOL COPY MOVE; create_full_put_path on; -- cgit v1.2.3 From 2e4c0684cc9b5696222d2c3e807dda6b3c4a45a1 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 11 Jan 2020 20:57:45 +0100 Subject: l iso: remove debug output --- lass/1systems/iso/default.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'lass/1systems') diff --git a/lass/1systems/iso/default.nix b/lass/1systems/iso/default.nix index ba483f5f..a77a74fb 100644 --- a/lass/1systems/iso/default.nix +++ b/lass/1systems/iso/default.nix @@ -4,7 +4,6 @@ with import ; let wizard = pkgs.writers.writeBash "wizard" '' - set -x shopt -s extglob echo -n ' -- cgit v1.2.3 From f1a507bb48cca25ec89d3657098f4f9034823a4d Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 11 Jan 2020 21:01:13 +0100 Subject: l shodan.r: add scanner support --- lass/1systems/shodan/config.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass/1systems') diff --git a/lass/1systems/shodan/config.nix b/lass/1systems/shodan/config.nix index b3de1583..9bb31191 100644 --- a/lass/1systems/shodan/config.nix +++ b/lass/1systems/shodan/config.nix @@ -19,6 +19,7 @@ with import ; + ]; krebs.build.host = config.krebs.hosts.shodan; -- cgit v1.2.3