From dd2a4f2094636dd6bb2e6825591d3d8b5f4b3ccf Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 9 Nov 2017 17:08:58 +0100 Subject: l audit: RIP --- lass/2configs/audit.nix | 9 --------- lass/2configs/default.nix | 1 - 2 files changed, 10 deletions(-) delete mode 100644 lass/2configs/audit.nix (limited to 'lass/2configs') diff --git a/lass/2configs/audit.nix b/lass/2configs/audit.nix deleted file mode 100644 index 644741a5..00000000 --- a/lass/2configs/audit.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ ... }: - -{ - security.audit = { - rules = [ - "-a task,never" - ]; - }; -} diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index 180647a6..f8b75009 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -2,7 +2,6 @@ with import ; { imports = [ - ../2configs/audit.nix ../2configs/binary-cache/client.nix ../2configs/gc.nix ../2configs/mc.nix -- cgit v1.2.3 From da362e792dcc11416e0e1b5aaf94232b652b2a51 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 12 Nov 2017 13:04:42 +0100 Subject: l baseX: add screengrab to pkgs --- lass/2configs/baseX.nix | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index a8bb8693..1638264d 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -74,21 +74,20 @@ in { pavucontrol powertop push + rxvt_unicode + screengrab slock sxiv + termite xclip xorg.xbacklight xorg.xhost xsel - zathura - - mpv-poll - yt-next - youtube-tools + yt-next + zathura - rxvt_unicode - termite + cabal2nix ]; fonts.fonts = with pkgs; [ -- cgit v1.2.3 From ad3e2a7401d8be4e85fa055b0602f757b113f92d Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 12 Nov 2017 13:16:52 +0100 Subject: l exim: add aliexpress & business addresses --- lass/2configs/exim-smarthost.nix | 2 ++ 1 file changed, 2 insertions(+) (limited to 'lass/2configs') diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix index f9c8f8eb..763633dd 100644 --- a/lass/2configs/exim-smarthost.nix +++ b/lass/2configs/exim-smarthost.nix @@ -46,6 +46,8 @@ with import ; { from = "apple@lassul.us"; to = lass.mail; } { from = "coinbase@lassul.us"; to = lass.mail; } { from = "tomtop@lassul.us"; to = lass.mail; } + { from = "aliexpress@lassul.us"; to = lass.mail; } + { from = "business@lassul.us"; to = lass.mail; } ]; system-aliases = [ { from = "mailer-daemon"; to = "postmaster"; } -- cgit v1.2.3 From fdc128beb420b5559152e3e6c55c5c7d770e3c1e Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 12 Nov 2017 13:19:36 +0100 Subject: l vim: modify clipboard handling --- lass/2configs/vim.nix | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'lass/2configs') diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix index 698344b0..f6c736fb 100644 --- a/lass/2configs/vim.nix +++ b/lass/2configs/vim.nix @@ -98,8 +98,13 @@ let noremap [c | noremap! [c noremap [d | noremap! [d + " search with ack let g:ackprg = 'ag --vimgrep' cnoreabbrev Ack Ack! + + " copy/paste from/to xclipboard + noremap x "_x + set clipboard=unnamedplus ''; extra-runtimepath = concatMapStringsSep "," (pkg: "${pkg.rtp}") [ -- cgit v1.2.3 From bfd75eb50477aaf2adcab8742e6eabd705abde05 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 12 Nov 2017 13:22:34 +0100 Subject: l lassul.us: add /pub --- lass/2configs/websites/lassulus.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'lass/2configs') diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index 6e185a4d..1eca2efd 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -147,6 +147,9 @@ in { in '' alias ${initscript}; ''; + locations."/pub".extraConfig = '' + alias ${pkgs.writeText "pub" config.krebs.users.lass.pubkey}; + ''; }; services.nginx.virtualHosts.cgit = { -- cgit v1.2.3 From aac78c4822aec5c017fb3d072d09e7de64cd15ef Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 12 Nov 2017 13:23:06 +0100 Subject: l cgit.lassul.us: fix acme --- lass/2configs/websites/lassulus.nix | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index 1eca2efd..77f0c79e 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -152,10 +152,24 @@ in { ''; }; + security.acme.certs."cgit.lassul.us" = { + email = "lassulus@gmail.com"; + webroot = "/var/lib/acme/acme-challenges"; + plugins = [ + "account_key.json" + "key.pem" + "fullchain.pem" + ]; + group = "nginx"; + allowKeysForGroup = true; + }; + + services.nginx.virtualHosts.cgit = { serverName = "cgit.lassul.us"; addSSL = true; - enableACME = true; + sslCertificate = "/var/lib/acme/cgit.lassul.us/fullchain.pem"; + sslCertificateKey = "/var/lib/acme/cgit.lassul.us/key.pem"; }; users.users.blog = { -- cgit v1.2.3 From d7b599e301b04d35f493445acd94fd62ce061793 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 28 Nov 2017 18:03:30 +0100 Subject: l mail: don't show security mails --- lass/2configs/mail.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass/2configs') diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix index 91127f73..962efaf3 100644 --- a/lass/2configs/mail.nix +++ b/lass/2configs/mail.nix @@ -76,6 +76,7 @@ let "INBOX" "notmuch://?query=tag:inbox \ and NOT to:nix-devel\ and NOT to:shackspace\ + and NOT to:security\ and NOT to:c-base" \ "shack" "notmuch://?query=to:shackspace"\ "c-base" "notmuch://?query=to:c-base"\ -- cgit v1.2.3 From 613ee4c9ba347cd6b0c96b1193c8cc34451f2c63 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 Nov 2017 15:39:14 +0100 Subject: l: refactor xresources --- lass/2configs/baseX.nix | 8 +++++- lass/2configs/urxvt.nix | 42 ++++++++++++----------------- lass/2configs/xresources.nix | 63 -------------------------------------------- 3 files changed, 24 insertions(+), 89 deletions(-) delete mode 100644 lass/2configs/xresources.nix (limited to 'lass/2configs') diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 1638264d..f7f39050 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -7,9 +7,9 @@ in { ./mpv.nix ./power-action.nix ./copyq.nix - ./xresources.nix ./livestream.nix ./dns-stuff.nix + ./urxvt.nix { hardware.pulseaudio = { enable = true; @@ -41,6 +41,11 @@ in { default = "-*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1"; }; }; + config.services.xresources.resources.X = '' + *.font: ${config.lass.fonts.regular} + *.boldFont: ${config.lass.fonts.bold} + *.italicFont: ${config.lass.fonts.italic} + ''; } ]; @@ -134,5 +139,6 @@ in { }; services.urxvtd.enable = true; + services.xresources.enable = true; lass.screenlock.enable = true; } diff --git a/lass/2configs/urxvt.nix b/lass/2configs/urxvt.nix index 1358dde7..ee50b338 100644 --- a/lass/2configs/urxvt.nix +++ b/lass/2configs/urxvt.nix @@ -1,40 +1,32 @@ { config, pkgs, ... }: - -let - inherit (config.users.extraUsers) mainUser; - -in +with import ; { - imports = [ - ../3modules/urxvtd.nix - ../3modules/xresources.nix - ]; - - services.urxvtd = { - enable = true; - users = [ mainUser.name ]; - urxvtPackage = pkgs.rxvt_unicode_with-plugins; - }; - services.xresources.enable = true; + services.urxvtd.enable = true; + services.xresources.resources.urxvt = '' - URxvt*scrollBar: false - URxvt*urgentOnBell: true - URxvt*font: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-* - URxvt*boldFont: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-* + URxvt*SaveLines: 4096 + URxvt*scrollBar: false + URxvt*urgentOnBell: true URxvt.perl-ext-common: default,clipboard,url-select,keyboard-select - URxvt.url-select.launcher: browser-select + + ${optionalString (hasAttr "browser" config.lass) + "URxvt.url-select.launcher: ${config.lass.browser.select}/bin/browser-select" + } + URxvt.url-select.underline: true URxvt.keysym.M-u: perl:url-select:select_next URxvt.keysym.M-Escape: perl:keyboard-select:activate URxvt.keysym.M-s: perl:keyboard-select:search - URxvt.intensityStyles: false + URxvt.intensityStyles: false - URxvt*background: #000000 - URxvt*foreground: #ffffff + URxvt*background: #000000 + URxvt*foreground: #ffffff !change unreadable blue - URxvt*color4: #268bd2 + URxvt*color4: #268bd2 + + URxvt*color0: #232342 ''; } diff --git a/lass/2configs/xresources.nix b/lass/2configs/xresources.nix deleted file mode 100644 index a3c54f3a..00000000 --- a/lass/2configs/xresources.nix +++ /dev/null @@ -1,63 +0,0 @@ -{ config, pkgs, ... }: - -with import ; - -let - - xresources = pkgs.writeText "Xresources" '' - URxvt*scrollBar: false - URxvt*urgentOnBell: true - URxvt*SaveLines: 4096 - - URxvt.font: ${config.lass.fonts.regular} - URxvt.boldFont: ${config.lass.fonts.bold} - URxvt.italicFont: ${config.lass.fonts.italic} - - ! ref https://github.com/muennich/urxvt-perls - URxvt.perl-lib: ${pkgs.urxvt_perls}/lib/urxvt/perl - URxvt.perl-ext-common: default,clipboard,url-select,keyboard-select - ${optionalString (hasAttr "browser" config.lass) - "URxvt.url-select.launcher: ${config.lass.browser.select}/bin/browser-select" - } - URxvt.url-select.underline: true - URxvt.keysym.M-u: perl:url-select:select_next - URxvt.keysym.M-Escape: perl:keyboard-select:activate - URxvt.keysym.M-s: perl:keyboard-select:search - - URxvt.intensityStyles: false - - URxvt*background: #000000 - URxvt*foreground: #d0d7d0 - - URxvt*cursorColor: #f042b0 - URxvt*cursorColor2: #f0b000 - URxvt*cursorBlink: off - - URxvt*.pointerBlank: true - URxvt*.pointerBlankDelay: 987654321 - URxvt*.pointerColor: #f042b0 - URxvt*.pointerColor2: #050505 - - URxvt*color0: #232342 - ''; - -in { - systemd.services.xresources = { - description = "xresources"; - wantedBy = [ "multi-user.target" ]; - after = [ "display-manager.service" ]; - - environment = { - DISPLAY = ":0"; - }; - - restartIfChanged = true; - - serviceConfig = { - Type = "simple"; - ExecStart = "${pkgs.xorg.xrdb}/bin/xrdb -merge ${xresources}"; - Restart = "on-failure"; - User = "lass"; - }; - }; -} -- cgit v1.2.3 From 7e57f6ee6dcc61bee31f10c2eff8a2d0d074565a Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 Nov 2017 16:15:10 +0100 Subject: l baseX: more pkgs --- lass/2configs/baseX.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index f7f39050..d489ecfa 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -69,9 +69,11 @@ in { dic dmenu gi + git-preview gitAndTools.qgit - lm_sensors haskellPackages.hledger + lm_sensors + mpv-poll much ncdu nix-repl -- cgit v1.2.3 From 53e45b128688d6fa103e8f117aa35a793781662a Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 Nov 2017 16:21:30 +0100 Subject: l wine: add wine64 --- lass/2configs/wine.nix | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/wine.nix b/lass/2configs/wine.nix index 0d2b731c..d60b1fee 100644 --- a/lass/2configs/wine.nix +++ b/lass/2configs/wine.nix @@ -4,10 +4,6 @@ let mainUser = config.users.extraUsers.mainUser; in { - krebs.per-user.wine.packages = with pkgs; [ - wine - #(wineFull.override { wineBuild = "wine64"; }) - ]; users.users= { wine = { name = "wine"; @@ -19,9 +15,27 @@ in { "video" ]; createHome = true; + packages = [ + pkgs.wine + ]; + }; + wine64 = { + name = "wine64"; + description = "user for running wine in 64bit"; + home = "/home/wine64"; + useDefaultShell = true; + extraGroups = [ + "audio" + "video" + ]; + createHome = true; + packages = [ + (pkgs.wine.override { wineBuild = "wineWow"; }) + ]; }; }; security.sudo.extraConfig = '' ${mainUser.name} ALL=(wine) NOPASSWD: ALL + ${mainUser.name} ALL=(wine64) NOPASSWD: ALL ''; } -- cgit v1.2.3 From ff3e1c0d031ad18d6e7bb6720358cd55e115b4f8 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 Nov 2017 16:22:10 +0100 Subject: l helios.r: add dcso coop env --- lass/2configs/dcso-dev.nix | 46 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) create mode 100644 lass/2configs/dcso-dev.nix (limited to 'lass/2configs') diff --git a/lass/2configs/dcso-dev.nix b/lass/2configs/dcso-dev.nix new file mode 100644 index 00000000..8aadaa7b --- /dev/null +++ b/lass/2configs/dcso-dev.nix @@ -0,0 +1,46 @@ +{ config, lib, pkgs, ... }: + +let + mainUser = config.users.extraUsers.mainUser; + inherit (import ) genid; + +in { + users.extraUsers = { + dev = { + name = "dev"; + uid = genid "dev"; + description = "user for collaborative development"; + home = "/home/dev"; + useDefaultShell = true; + createHome = true; + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDhQdDQFMxXOjbC+Avx3mlcFHqQpFUk/q9sO6ATA65jCV3YzN11vhZDDv54hABVS2h8TPXs7Lu3PCvK9qouASd2h4Ie9cExUmn50G/iwgFIODsCugVYBzVt1iwaAdwz1Hb9DKYXbVXanzVJjimmrrlQNvsyZg85lcnfyedpPX5ad+4FdSP68LHqEHC18LTitldR6V4P1omaKHlOtVpDgR/72tDgbtNZDBn3EU+TPk9OLTzjc6PinPw4iIvjEfiu14APwXpFDIqT7P7SjOEFpa0v/1z7dhxIy/Z9XbqyEdUfhv3PjZR5K2C+VzR7g6jVEVR2xFId51MpLv/Un4/lalbphBEw3I90Rr8tatOJiFhyrXbaKTcLqp1sIu05OxdPkm3hzfmLIhoKxhaIlXH7WQ9sAqxL1NAQ7O+J6yT4DMnwKzvpkkJjBaGtV84Pp1cccfNRH8XXID3FkWkrUpdgXWBpyLnRq4ilUJTajkU0GSdXkq8kLL3mWg9LPRTg3dmDj61ZB/qhjM61ppwHJvDRN9WI5HruXIU6nOQjh5yE2C/JZfLcsZD4Y1UDBy5/JSZrCVT2sQjFopkkYEkRCbX7oITHOH4iyRdxZkKWLUPboFrcmBpXO+owCEhO4JZrtfFWMC6qM++nrmiZWOrdIOIvdYHWluhKR2shlkisEKQP5pUqkw== markus.hihn@dcso.de" + ]; + packages = with pkgs; [ + emacs25-nox + + (pkgs.symlinkJoin { + name = "tmux"; + paths = [ + (pkgs.writeDashBin "tmux" '' + exec ${pkgs.tmux}/bin/tmux -f ${pkgs.writeText "tmux.conf" '' + set-option -g default-terminal screen-256color + + #use session instead of windows + bind-key c new-session + bind-key p switch-client -p + bind-key n switch-client -n + bind-key C-s switch-client -l + ''} "$@" + '') + pkgs.tmux + ]; + }) + ]; + }; + }; + + security.sudo.extraConfig = '' + ${mainUser.name} ALL=(dev) NOPASSWD: ALL + ''; +} -- cgit v1.2.3 From d7185c7283954ca572b9dda1179e67d06042890a Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 3 Dec 2017 22:48:49 +0100 Subject: l baseX: use urxvt with plugins --- lass/2configs/baseX.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index d489ecfa..784b97d3 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -81,7 +81,7 @@ in { pavucontrol powertop push - rxvt_unicode + rxvt_unicode_with-plugins screengrab slock sxiv -- cgit v1.2.3 From 4c50faee7eab3580d96e2c1df05d0504612a4447 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 3 Dec 2017 23:09:06 +0100 Subject: l baseX: use xserver module --- lass/2configs/baseX.nix | 26 +------------------------- 1 file changed, 1 insertion(+), 25 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 784b97d3..32a9f66c 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -104,26 +104,8 @@ in { xlibs.fontschumachermisc ]; + lass.xserver.enable = true; services.xserver = { - enable = true; - - desktopManager.xterm.enable = false; - desktopManager.default = "none"; - displayManager.lightdm.enable = true; - displayManager.lightdm.autoLogin = { - enable = true; - user = "lass"; - }; - windowManager.default = "xmonad"; - windowManager.session = [{ - name = "xmonad"; - start = '' - ${pkgs.xorg.xhost}/bin/xhost +LOCAL: - ${pkgs.xmonad-lass}/bin/xmonad & - waitPID=$! - ''; - }]; - layout = "us"; xkbModel = "evdev"; xkbVariant = "altgr-intl"; @@ -134,12 +116,6 @@ in { HandleLidSwitch=ignore ''; - services.xserver.synaptics = { - enable = true; - twoFingerScroll = true; - accelFactor = "0.035"; - }; - services.urxvtd.enable = true; services.xresources.enable = true; lass.screenlock.enable = true; -- cgit v1.2.3 From 0aba986658bbf743902881f771dc9c0da30d8fe0 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 3 Dec 2017 23:13:01 +0100 Subject: l copyq: get DISPLAY from xserver.display --- lass/2configs/copyq.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/copyq.nix b/lass/2configs/copyq.nix index fa01a99c..cd10313f 100644 --- a/lass/2configs/copyq.nix +++ b/lass/2configs/copyq.nix @@ -21,9 +21,9 @@ let in { systemd.services.copyq = { wantedBy = [ "multi-user.target" ]; - requires = [ "display-manager.service" ]; + requires = [ "xserver.service" ]; environment = { - DISPLAY = ":0"; + DISPLAY = ":${toString config.services.xserver.display}"; }; path = with pkgs; [ qt5.full -- cgit v1.2.3 From aab2624a60c87ba3ce5e495e823eeeb0a5446fe0 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 3 Dec 2017 23:13:25 +0100 Subject: l dsco-dev: add more pubkeys --- lass/2configs/dcso-dev.nix | 2 ++ 1 file changed, 2 insertions(+) (limited to 'lass/2configs') diff --git a/lass/2configs/dcso-dev.nix b/lass/2configs/dcso-dev.nix index 8aadaa7b..b7fcc7aa 100644 --- a/lass/2configs/dcso-dev.nix +++ b/lass/2configs/dcso-dev.nix @@ -14,7 +14,9 @@ in { useDefaultShell = true; createHome = true; openssh.authorizedKeys.keys = [ + config.krebs.users.lass.pubkey "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDhQdDQFMxXOjbC+Avx3mlcFHqQpFUk/q9sO6ATA65jCV3YzN11vhZDDv54hABVS2h8TPXs7Lu3PCvK9qouASd2h4Ie9cExUmn50G/iwgFIODsCugVYBzVt1iwaAdwz1Hb9DKYXbVXanzVJjimmrrlQNvsyZg85lcnfyedpPX5ad+4FdSP68LHqEHC18LTitldR6V4P1omaKHlOtVpDgR/72tDgbtNZDBn3EU+TPk9OLTzjc6PinPw4iIvjEfiu14APwXpFDIqT7P7SjOEFpa0v/1z7dhxIy/Z9XbqyEdUfhv3PjZR5K2C+VzR7g6jVEVR2xFId51MpLv/Un4/lalbphBEw3I90Rr8tatOJiFhyrXbaKTcLqp1sIu05OxdPkm3hzfmLIhoKxhaIlXH7WQ9sAqxL1NAQ7O+J6yT4DMnwKzvpkkJjBaGtV84Pp1cccfNRH8XXID3FkWkrUpdgXWBpyLnRq4ilUJTajkU0GSdXkq8kLL3mWg9LPRTg3dmDj61ZB/qhjM61ppwHJvDRN9WI5HruXIU6nOQjh5yE2C/JZfLcsZD4Y1UDBy5/JSZrCVT2sQjFopkkYEkRCbX7oITHOH4iyRdxZkKWLUPboFrcmBpXO+owCEhO4JZrtfFWMC6qM++nrmiZWOrdIOIvdYHWluhKR2shlkisEKQP5pUqkw== markus.hihn@dcso.de" + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1T5+2epslFARSnETdr4wdolA6ocJaD4H9tmz6BZFQKXlwIq+OMp+sSEdwYwW3Lu9+mNbBHPxVVJDWg/We9DXB0ezXPM5Bs1+FcehmkoGwkmgKaFCDt0sL+CfSnog/3wEkN21O/rQxVFqMmiJ7WUDGci6IKCFZ5ZjOsmmfHg5p3LYxU9xv33fNr2v+XauhrGbFtQ7eDz4kSywxN/aw73LN4d8em0V0UV8VPI3Qkw7MamDFwefA+K1TfK8pBzMeruU6N7HLuNkpkAp7kS+K4Zzd72aQtR37a5qMiFUbOxQ9B7iFypuPx0iu6ZwY1s/sM8t3kLmcDJ9O4FOTzlbpneet3as6iJ+Ckr/TlfKor2Tl5pWcXh2FXHoG8VUu5bYmIViJBrKihAlAQfQN0mJ9fdFTnCXVTtbYTy11s4eEVHgUlb7oSpgBnx5bnBONgApbsOX9zyoo8wz8KkZBcf1SQpkV5br8uUAHCcZtHuY6I3kKlv+8lJmgUipiYzMdTi7+dHa49gVEcEKL4ZnJ0msQkl4XT7JjKETLvumC4/TIqVuRu48wuYalkCR9OzxCsTXQ/msBJBztPdYLrEOXVb2HfzuCT+43UuMQ5rP/EoPy0TWQO9BaqfEXqvbOvWjVxj/GMvglQ2ChZTwHxwwTKB8qRVvJLnbZQwizQiSrkzjb6hRJfQ== u0_a165@localhost" ]; packages = with pkgs; [ emacs25-nox -- cgit v1.2.3 From 704096c93e91f0b71d257028401b52d6da03c073 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 5 Dec 2017 15:15:21 +0100 Subject: l repo-sync: add public ssh access --- lass/2configs/repo-sync.nix | 25 ++++++++++++++++--------- 1 file changed, 16 insertions(+), 9 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/repo-sync.nix b/lass/2configs/repo-sync.nix index f3ef23e6..98dbdc22 100644 --- a/lass/2configs/repo-sync.nix +++ b/lass/2configs/repo-sync.nix @@ -22,15 +22,22 @@ let }); }; in { - rules = with git; singleton { - user = with config.krebs.users; [ - config.krebs.users."${config.networking.hostName}-repo-sync" - lass - lass-shodan - ]; - repo = [ repo ]; - perm = push ''refs/*'' [ non-fast-forward create delete merge ]; - }; + rules = with git; [ + { + user = with config.krebs.users; [ + config.krebs.users."${config.networking.hostName}-repo-sync" + lass + lass-shodan + ]; + repo = [ repo ]; + perm = push ''refs/*'' [ non-fast-forward create delete merge ]; + } + { + user = attrValues config.krebs.users; + repo = [ repo ]; + perm = fetch; + } + ]; repos."${name}" = repo; }; -- cgit v1.2.3 From 5747398b0e4d42c86eeb4463275b0f032d51968f Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 5 Dec 2017 20:03:55 +0100 Subject: l browsers: add precedence --- lass/2configs/browsers.nix | 43 ++++++++++++++++++++++++++++++------------- 1 file changed, 30 insertions(+), 13 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix index 6c381863..a858d3fe 100644 --- a/lass/2configs/browsers.nix +++ b/lass/2configs/browsers.nix @@ -5,19 +5,23 @@ let mainUser = config.users.extraUsers.mainUser; - browser-select = pkgs.writeScriptBin "browser-select" '' - BROWSER=$(echo -e "${concatStringsSep "\\n" (attrNames config.lass.browser.paths)}" | ${pkgs.dmenu}/bin/dmenu) + browser-select = let + sortedPaths = sort (a: b: a.value.precedence > b.value.precedence) + (mapAttrsToList (name: value: { inherit name value; }) + config.lass.browser.paths); + in pkgs.writeScriptBin "browser-select" '' + BROWSER=$(echo -e "${concatStringsSep "\\n" (map (getAttr "name") sortedPaths)}" | ${pkgs.dmenu}/bin/dmenu) case $BROWSER in ${concatMapStringsSep "\n" (n: '' - ${n}) - export BIN=${config.lass.browser.paths.${n}}/bin/${n} + ${n.name}) + export BIN=${n.value.path}/bin/${n.name} ;; - '') (attrNames config.lass.browser.paths)} + '') (sortedPaths)} esac $BIN "$@" ''; - createChromiumUser = name: extraGroups: + createChromiumUser = name: extraGroups: precedence: let bin = pkgs.writeScriptBin name '' /var/run/wrappers/bin/sudo -u ${name} -i ${pkgs.chromium}/bin/chromium $@ @@ -31,7 +35,7 @@ let useDefaultShell = true; createHome = true; }; - lass.browser.paths.${name} = bin; + lass.browser.paths.${name}.path = bin; security.sudo.extraConfig = '' ${mainUser.name} ALL=(${name}) NOPASSWD: ALL ''; @@ -40,7 +44,7 @@ let ]; }; - createFirefoxUser = name: extraGroups: + createFirefoxUser = name: extraGroups: precedence: let bin = pkgs.writeScriptBin name '' /var/run/wrappers/bin/sudo -u ${name} -i ${pkgs.firefox}/bin/firefox $@ @@ -54,7 +58,10 @@ let useDefaultShell = true; createHome = true; }; - lass.browser.paths.${name} = bin; + lass.browser.paths.${name} = { + path = bin; + inherit precedence; + }; security.sudo.extraConfig = '' ${mainUser.name} ALL=(${name}) NOPASSWD: ALL ''; @@ -79,14 +86,24 @@ in { type = types.path; }; options.lass.browser.paths = mkOption { - type = with types; attrsOf path; + type = types.attrsOf (types.submodule ({ + options = { + path = mkOption { + type = types.path; + }; + precedence = mkOption { + type = types.int; + default = 0; + }; + }; + })); }; } - ( createFirefoxUser "ff" [ "audio" ] ) - ( createChromiumUser "cr" [ "video" "audio" ] ) + ( createFirefoxUser "ff" [ "audio" ] 10 ) + ( createChromiumUser "cr" [ "video" "audio" ] 9 ) + ( createChromiumUser "gm" [ "video" "audio" ] 8 ) ( createChromiumUser "wk" [ "video" "audio" ] ) ( createChromiumUser "fb" [ "video" "audio" ] ) - ( createChromiumUser "gm" [ "video" "audio" ] ) ( createChromiumUser "com" [ "video" "audio" ] ) ]; } -- cgit v1.2.3 From a9b72bd2901ca232eb7b6523c535c593a36521ef Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 7 Dec 2017 17:33:08 +0100 Subject: l: add gpd-pocket hardware --- lass/2configs/hw/gpd-pocket.nix | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 lass/2configs/hw/gpd-pocket.nix (limited to 'lass/2configs') diff --git a/lass/2configs/hw/gpd-pocket.nix b/lass/2configs/hw/gpd-pocket.nix new file mode 100644 index 00000000..e3d21274 --- /dev/null +++ b/lass/2configs/hw/gpd-pocket.nix @@ -0,0 +1,20 @@ +{ pkgs, ... }: + +let + dummy_firmware = pkgs.writeTextFile { + name = "brcmfmac4356-pcie.txt"; + text = builtins.readFile ./brcmfmac4356-pcie.txt; + destination = "/lib/firmware/brcm/brcmfmac4356-pcie.txt"; + }; +in { + hardware.firmware = [ dummy_firmware ]; + + boot.kernelPackages = pkgs.linuxPackages_4_14; + boot.kernelParams = [ + "fbcon=rotate:1" + ]; + services.tlp.enable = true; + services.xserver.displayManager.sessionCommands = '' + (sleep 2 && ${pkgs.xorg.xrandr}/bin/xrandr --output DSI1 --rotate right) + ''; +} -- cgit v1.2.3 From b4fb85aa44a7094a8adb9fd60ffde75d13841ae9 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 11 Dec 2017 20:24:24 +0100 Subject: l: add xerxes.r --- lass/2configs/default.nix | 1 + lass/2configs/hw/gpd-pocket.nix | 9 +++++++++ 2 files changed, 10 insertions(+) (limited to 'lass/2configs') diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index f8b75009..0e00dc2f 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -22,6 +22,7 @@ with import ; config.krebs.users.lass.pubkey config.krebs.users.lass-shodan.pubkey config.krebs.users.lass-icarus.pubkey + config.krebs.users.lass-xerxes.pubkey ]; }; mainUser = { diff --git a/lass/2configs/hw/gpd-pocket.nix b/lass/2configs/hw/gpd-pocket.nix index e3d21274..193c12c1 100644 --- a/lass/2configs/hw/gpd-pocket.nix +++ b/lass/2configs/hw/gpd-pocket.nix @@ -7,8 +7,11 @@ let destination = "/lib/firmware/brcm/brcmfmac4356-pcie.txt"; }; in { + #imports = [ ]; hardware.firmware = [ dummy_firmware ]; + hardware.enableRedistributableFirmware = true; + boot.initrd.availableKernelModules = [ "xhci_pci" "usbhid" "usb_storage" "sd_mod" "sdhci_acpi" "sdhci_pci" ]; boot.kernelPackages = pkgs.linuxPackages_4_14; boot.kernelParams = [ "fbcon=rotate:1" @@ -16,5 +19,11 @@ in { services.tlp.enable = true; services.xserver.displayManager.sessionCommands = '' (sleep 2 && ${pkgs.xorg.xrandr}/bin/xrandr --output DSI1 --rotate right) + (sleep 2 && ${pkgs.xorg.xinput}/bin/xinput set-prop 'Goodix Capacitive TouchScreen' 'Coordinate Transformation Matrix' 0 1 0 -1 0 1 0 0 1) ''; + services.xserver.dpi = 200; + fonts.fontconfig.dpi = 200; + lass.fonts.regular = "xft:Hack-Regular:pixelsize=22,xft:Symbola"; + lass.fonts.bold = "xft:Hack-Bold:pixelsize=22,xft:Symbola"; + lass.fonts.italic = "xft:Hack-RegularOblique:pixelsize=22,xft:Symbol"; } -- cgit v1.2.3 From 17860a36557ff31d589ad88d3f9aa98b81204d27 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 13 Dec 2017 18:20:44 +0100 Subject: l: ignore lidswitch only on x220 --- lass/2configs/baseX.nix | 4 ---- lass/2configs/hw/x220.nix | 5 +++++ 2 files changed, 5 insertions(+), 4 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 32a9f66c..9712baff 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -112,10 +112,6 @@ in { xkbOptions = "caps:backspace"; }; - services.logind.extraConfig = '' - HandleLidSwitch=ignore - ''; - services.urxvtd.enable = true; services.xresources.enable = true; lass.screenlock.enable = true; diff --git a/lass/2configs/hw/x220.nix b/lass/2configs/hw/x220.nix index bf7decc4..f5651da1 100644 --- a/lass/2configs/hw/x220.nix +++ b/lass/2configs/hw/x220.nix @@ -29,4 +29,9 @@ options = ["nosuid" "nodev" "noatime"]; }; }; + + services.logind.extraConfig = '' + HandleLidSwitch=ignore + ''; + } -- cgit v1.2.3 From e556f8a67c0e1840da041813585f9127d2015682 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 13 Dec 2017 18:26:30 +0100 Subject: l br: fix scanner ip --- lass/2configs/br.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/br.nix b/lass/2configs/br.nix index 35bac8fe..ad307c79 100644 --- a/lass/2configs/br.nix +++ b/lass/2configs/br.nix @@ -18,7 +18,7 @@ with import ; netDevices = { bra = { model = "MFCL2700DN"; - ip = "10.23.42.221"; + ip = "10.42.23.221"; }; }; }; -- cgit v1.2.3 From 0065b8306daf343d83379e2ea5ec461bcc933c91 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 13 Dec 2017 18:26:49 +0100 Subject: l browsers: use devedition for ff --- lass/2configs/browsers.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix index a858d3fe..9459cfd6 100644 --- a/lass/2configs/browsers.nix +++ b/lass/2configs/browsers.nix @@ -47,7 +47,7 @@ let createFirefoxUser = name: extraGroups: precedence: let bin = pkgs.writeScriptBin name '' - /var/run/wrappers/bin/sudo -u ${name} -i ${pkgs.firefox}/bin/firefox $@ + /var/run/wrappers/bin/sudo -u ${name} -i ${pkgs.firefox-devedition-bin}/bin/firefox-devedition $@ ''; in { users.extraUsers.${name} = { -- cgit v1.2.3 From 7aa1155d675186e09e663963368a1db2056aae27 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 13 Dec 2017 18:27:34 +0100 Subject: l dcso-dev: authorize lass-android --- lass/2configs/dcso-dev.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass/2configs') diff --git a/lass/2configs/dcso-dev.nix b/lass/2configs/dcso-dev.nix index b7fcc7aa..63702a77 100644 --- a/lass/2configs/dcso-dev.nix +++ b/lass/2configs/dcso-dev.nix @@ -15,6 +15,7 @@ in { createHome = true; openssh.authorizedKeys.keys = [ config.krebs.users.lass.pubkey + config.krebs.users.lass-android.pubkey "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDhQdDQFMxXOjbC+Avx3mlcFHqQpFUk/q9sO6ATA65jCV3YzN11vhZDDv54hABVS2h8TPXs7Lu3PCvK9qouASd2h4Ie9cExUmn50G/iwgFIODsCugVYBzVt1iwaAdwz1Hb9DKYXbVXanzVJjimmrrlQNvsyZg85lcnfyedpPX5ad+4FdSP68LHqEHC18LTitldR6V4P1omaKHlOtVpDgR/72tDgbtNZDBn3EU+TPk9OLTzjc6PinPw4iIvjEfiu14APwXpFDIqT7P7SjOEFpa0v/1z7dhxIy/Z9XbqyEdUfhv3PjZR5K2C+VzR7g6jVEVR2xFId51MpLv/Un4/lalbphBEw3I90Rr8tatOJiFhyrXbaKTcLqp1sIu05OxdPkm3hzfmLIhoKxhaIlXH7WQ9sAqxL1NAQ7O+J6yT4DMnwKzvpkkJjBaGtV84Pp1cccfNRH8XXID3FkWkrUpdgXWBpyLnRq4ilUJTajkU0GSdXkq8kLL3mWg9LPRTg3dmDj61ZB/qhjM61ppwHJvDRN9WI5HruXIU6nOQjh5yE2C/JZfLcsZD4Y1UDBy5/JSZrCVT2sQjFopkkYEkRCbX7oITHOH4iyRdxZkKWLUPboFrcmBpXO+owCEhO4JZrtfFWMC6qM++nrmiZWOrdIOIvdYHWluhKR2shlkisEKQP5pUqkw== markus.hihn@dcso.de" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1T5+2epslFARSnETdr4wdolA6ocJaD4H9tmz6BZFQKXlwIq+OMp+sSEdwYwW3Lu9+mNbBHPxVVJDWg/We9DXB0ezXPM5Bs1+FcehmkoGwkmgKaFCDt0sL+CfSnog/3wEkN21O/rQxVFqMmiJ7WUDGci6IKCFZ5ZjOsmmfHg5p3LYxU9xv33fNr2v+XauhrGbFtQ7eDz4kSywxN/aw73LN4d8em0V0UV8VPI3Qkw7MamDFwefA+K1TfK8pBzMeruU6N7HLuNkpkAp7kS+K4Zzd72aQtR37a5qMiFUbOxQ9B7iFypuPx0iu6ZwY1s/sM8t3kLmcDJ9O4FOTzlbpneet3as6iJ+Ckr/TlfKor2Tl5pWcXh2FXHoG8VUu5bYmIViJBrKihAlAQfQN0mJ9fdFTnCXVTtbYTy11s4eEVHgUlb7oSpgBnx5bnBONgApbsOX9zyoo8wz8KkZBcf1SQpkV5br8uUAHCcZtHuY6I3kKlv+8lJmgUipiYzMdTi7+dHa49gVEcEKL4ZnJ0msQkl4XT7JjKETLvumC4/TIqVuRu48wuYalkCR9OzxCsTXQ/msBJBztPdYLrEOXVb2HfzuCT+43UuMQ5rP/EoPy0TWQO9BaqfEXqvbOvWjVxj/GMvglQ2ChZTwHxwwTKB8qRVvJLnbZQwizQiSrkzjb6hRJfQ== u0_a165@localhost" ]; -- cgit v1.2.3 From 7d08a64baff20c3dd62029825750f6f92bb3fd4f Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 13 Dec 2017 18:27:55 +0100 Subject: l dcso-dev: add go to devs pkgs --- lass/2configs/dcso-dev.nix | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'lass/2configs') diff --git a/lass/2configs/dcso-dev.nix b/lass/2configs/dcso-dev.nix index 63702a77..2b91f91d 100644 --- a/lass/2configs/dcso-dev.nix +++ b/lass/2configs/dcso-dev.nix @@ -43,6 +43,10 @@ in { }; }; + krebs.per-user.dev.packages = [ + pkgs.go + ]; + security.sudo.extraConfig = '' ${mainUser.name} ALL=(dev) NOPASSWD: ALL ''; -- cgit v1.2.3 From 7da08e8e1949c2d095b7ff48a45b68b853a7da54 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 13 Dec 2017 18:29:15 +0100 Subject: l: add payeer@lassul.us --- lass/2configs/exim-smarthost.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass/2configs') diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix index 763633dd..2d848773 100644 --- a/lass/2configs/exim-smarthost.nix +++ b/lass/2configs/exim-smarthost.nix @@ -48,6 +48,7 @@ with import ; { from = "tomtop@lassul.us"; to = lass.mail; } { from = "aliexpress@lassul.us"; to = lass.mail; } { from = "business@lassul.us"; to = lass.mail; } + { from = "payeer@lassul.us"; to = lass.mail; } ]; system-aliases = [ { from = "mailer-daemon"; to = "postmaster"; } -- cgit v1.2.3 From ca46531d1b11b5ece8acb482d40d8fd8d3b21908 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 13 Dec 2017 18:29:40 +0100 Subject: l games: add df with tileset --- lass/2configs/games.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/games.nix b/lass/2configs/games.nix index d114a826..6cea271c 100644 --- a/lass/2configs/games.nix +++ b/lass/2configs/games.nix @@ -57,7 +57,7 @@ let in { environment.systemPackages = with pkgs; [ - dwarf_fortress + (dwarf-fortress.override { theme = dwarf-fortress-packages.phoebus-theme; }) doom1 doom2 vdoom1 -- cgit v1.2.3 From 6d12698fe0d08b959ab92bc1a772ebd0b210bf86 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 13 Dec 2017 18:30:04 +0100 Subject: l gpd-pocket: remove duplicate tlp --- lass/2configs/hw/gpd-pocket.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/hw/gpd-pocket.nix b/lass/2configs/hw/gpd-pocket.nix index 193c12c1..87b4c518 100644 --- a/lass/2configs/hw/gpd-pocket.nix +++ b/lass/2configs/hw/gpd-pocket.nix @@ -16,7 +16,6 @@ in { boot.kernelParams = [ "fbcon=rotate:1" ]; - services.tlp.enable = true; services.xserver.displayManager.sessionCommands = '' (sleep 2 && ${pkgs.xorg.xrandr}/bin/xrandr --output DSI1 --rotate right) (sleep 2 && ${pkgs.xorg.xinput}/bin/xinput set-prop 'Goodix Capacitive TouchScreen' 'Coordinate Transformation Matrix' 0 1 0 -1 0 1 0 0 1) -- cgit v1.2.3 From 337ae5f4890dade45b58a180b72d61c861a788eb Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 13 Dec 2017 18:30:34 +0100 Subject: l lassul.us: fix acme --- lass/2configs/websites/lassulus.nix | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index 77f0c79e..25ca1f45 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -153,15 +153,15 @@ in { }; security.acme.certs."cgit.lassul.us" = { - email = "lassulus@gmail.com"; - webroot = "/var/lib/acme/acme-challenges"; + email = "lassulus@lassul.us"; + webroot = "/var/lib/acme/acme-challenge"; plugins = [ "account_key.json" - "key.pem" "fullchain.pem" + "key.pem" ]; group = "nginx"; - allowKeysForGroup = true; + user = "nginx"; }; @@ -170,6 +170,9 @@ in { addSSL = true; sslCertificate = "/var/lib/acme/cgit.lassul.us/fullchain.pem"; sslCertificateKey = "/var/lib/acme/cgit.lassul.us/key.pem"; + locations."/.well-known/acme-challenge".extraConfig = '' + root /var/lib/acme/acme-challenge; + ''; }; users.users.blog = { -- cgit v1.2.3