From 3128953fa34d3683444e843d80a6adc2d67bf7ea Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 14 May 2019 14:30:21 +0200 Subject: l vim: reactivate flake8 --- lass/2configs/vim.nix | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix index 4f7bd443..4b15e6cb 100644 --- a/lass/2configs/vim.nix +++ b/lass/2configs/vim.nix @@ -11,6 +11,7 @@ let (hiPrio (pkgs.python3.withPackages (ps: [ ps.python-language-server ps.pyls-isort + ps.flake8 ]))) ]; @@ -73,8 +74,8 @@ let au BufRead,BufNewFile /dev/shm/* set nobackup nowritebackup noswapfile "Syntastic config - "let g:syntastic_python_checkers=['flake8'] - "let g:syntastic_python_flake8_post_args='--ignore=E501' + let g:syntastic_python_checkers=['flake8'] + let g:syntastic_python_flake8_post_args='--ignore=E501' nnoremap :call LanguageClient_contextMenu() set hidden @@ -126,7 +127,7 @@ let extra-runtimepath = concatMapStringsSep "," (pkg: "${pkg.rtp}") [ pkgs.vimPlugins.ack-vim pkgs.vimPlugins.Gundo - #pkgs.vimPlugins.Syntastic + pkgs.vimPlugins.Syntastic pkgs.vimPlugins.undotree pkgs.vimPlugins.vim-go pkgs.vimPlugins.fzf-vim -- cgit v1.2.3 From 62535247901c883e8bb0fb2ec61248566a7ff60e Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 14 May 2019 14:53:13 +0200 Subject: l vim: remove syntastic (flake8 works over lsp) --- lass/2configs/vim.nix | 5 ----- 1 file changed, 5 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix index 4b15e6cb..2d4196f1 100644 --- a/lass/2configs/vim.nix +++ b/lass/2configs/vim.nix @@ -73,10 +73,6 @@ let au BufRead,BufNewFile /dev/shm/* set nobackup nowritebackup noswapfile - "Syntastic config - let g:syntastic_python_checkers=['flake8'] - let g:syntastic_python_flake8_post_args='--ignore=E501' - nnoremap :call LanguageClient_contextMenu() set hidden let g:LanguageClient_serverCommands = { @@ -127,7 +123,6 @@ let extra-runtimepath = concatMapStringsSep "," (pkg: "${pkg.rtp}") [ pkgs.vimPlugins.ack-vim pkgs.vimPlugins.Gundo - pkgs.vimPlugins.Syntastic pkgs.vimPlugins.undotree pkgs.vimPlugins.vim-go pkgs.vimPlugins.fzf-vim -- cgit v1.2.3 From e9f96d7757f48000c6c4a4c1317bf4debab16a27 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 14 May 2019 15:11:42 +0200 Subject: l vim: add more python lsp tools --- lass/2configs/vim.nix | 2 ++ 1 file changed, 2 insertions(+) (limited to 'lass/2configs') diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix index 2d4196f1..a26255d4 100644 --- a/lass/2configs/vim.nix +++ b/lass/2configs/vim.nix @@ -11,7 +11,9 @@ let (hiPrio (pkgs.python3.withPackages (ps: [ ps.python-language-server ps.pyls-isort + ps.pyflakes ps.flake8 + ps.yapf ]))) ]; -- cgit v1.2.3 From 73997358e457b51c72d954546451008560a4adfc Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 20 May 2019 13:30:22 +0200 Subject: l vim lsp: show errors in ASCII --- lass/2configs/vim.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix index a26255d4..f55886e2 100644 --- a/lass/2configs/vim.nix +++ b/lass/2configs/vim.nix @@ -82,7 +82,10 @@ let \ 'go': ['~/go/bin/go-langserver'] \ } - let g:LanguageClient_diagnosticsDisplay = { 2: { "signText": "W" } } + let g:LanguageClient_diagnosticsDisplay = { + \ 1: { "signText": "E" }, + \ 2: { "signText": "W" } + \ } nmap q :buffer nmap :buffer -- cgit v1.2.3 From 86e5815ba3b05acbd49aa910dbabdfbb21de0e23 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:20:45 +0200 Subject: l prism.r: enable codimd --- lass/2configs/codimd.nix | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 lass/2configs/codimd.nix (limited to 'lass/2configs') diff --git a/lass/2configs/codimd.nix b/lass/2configs/codimd.nix new file mode 100644 index 00000000..5f802148 --- /dev/null +++ b/lass/2configs/codimd.nix @@ -0,0 +1,28 @@ +{ config, pkgs, ... }: +with import ; + +{ + services.nginx.virtualHosts.codimd = { + enableACME = true; + addSSL = true; + serverName = "codi.lassul.us"; + locations."/".extraConfig = '' + client_max_body_size 4G; + proxy_set_header Host $host; + proxy_pass http://localhost:3091; + ''; + }; + + services.codimd = { + enable = true; + configuration = { + db = { + dialect = "sqlite"; + storage = "/var/lib/codimd/db.codimd.sqlite"; + useCDN = false; + }; + port = 3091; + }; + }; +} + -- cgit v1.2.3 From 14b4c59c5bcc9c6414ecd147436f234f5aa3f133 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:34:59 +0200 Subject: l browsers: remove broken krebsgold :( --- lass/2configs/browsers.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix index d214e224..c0085995 100644 --- a/lass/2configs/browsers.nix +++ b/lass/2configs/browsers.nix @@ -66,7 +66,6 @@ in { extensions = [ "cjpalhdlnbpafiamejdnhcphjbkeiagm" # ublock origin "dbepggeogbaibhgnhhndojpepiihcmeb" # vimium - "liloimnbhkghhdhlamdjipkmadhpcjmn" # krebsgold ]; }; -- cgit v1.2.3 From 74d0821e3a1207952cf639ac24009e7533aeff17 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:35:43 +0200 Subject: l: add more mail addresses --- lass/2configs/exim-smarthost.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'lass/2configs') diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix index 4216bd67..d1e6b195 100644 --- a/lass/2configs/exim-smarthost.nix +++ b/lass/2configs/exim-smarthost.nix @@ -103,6 +103,9 @@ with import ; { from = "lobsters@lassul.us"; to = lass.mail; } { from = "fysitech@lassul.us"; to = lass.mail; } { from = "threema@lassul.us"; to = lass.mail; } + { from = "ubisoft@lassul.us"; to = lass.mail; } + { from = "kottezeller@lassul.us"; to = lass.mail; } + { from = "pie@lassul.us"; to = lass.mail; } ]; system-aliases = [ { from = "mailer-daemon"; to = "postmaster"; } -- cgit v1.2.3 From a5160c8d4f17fd9baf66aabcc8c5535e4f471a3e Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:37:05 +0200 Subject: l radio: add correct hostname headers --- lass/2configs/radio.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix index 88899c55..7960db56 100644 --- a/lass/2configs/radio.nix +++ b/lass/2configs/radio.nix @@ -97,7 +97,7 @@ in { services.icecast = { enable = true; - hostname = "config.krebs.build.host.name"; + hostname = "radio.lassul.us"; admin.password = admin-password; extraConf = '' @@ -218,6 +218,11 @@ in { forceSSL = true; enableACME = true; locations."/".extraConfig = '' + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Server $host; + proxy_set_header X-Real-IP $remote_addr; proxy_pass http://localhost:8000; ''; locations."/recent".extraConfig = '' -- cgit v1.2.3 From ab0d80fde8a990c3522ac13e4ddd91c23e349391 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:37:33 +0200 Subject: l network-manager: randomize mac addresses --- lass/2configs/network-manager.nix | 2 ++ 1 file changed, 2 insertions(+) (limited to 'lass/2configs') diff --git a/lass/2configs/network-manager.nix b/lass/2configs/network-manager.nix index 5b890b59..ab27eb84 100644 --- a/lass/2configs/network-manager.nix +++ b/lass/2configs/network-manager.nix @@ -15,6 +15,8 @@ }; }; networking.networkmanager = { + ethernet.macAddress = "random"; + wifi.macAddress = "random"; enable = true; unmanaged = [ "docker*" -- cgit v1.2.3 From 4c7f444c70c48b0230019d4b2e7f17519a4f3d1a Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:38:23 +0200 Subject: l radio: secure radio mounts with password --- lass/2configs/radio.nix | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix index 7960db56..49d093a6 100644 --- a/lass/2configs/radio.nix +++ b/lass/2configs/radio.nix @@ -100,9 +100,14 @@ in { hostname = "radio.lassul.us"; admin.password = admin-password; extraConf = '' - - ${source-password} - + + /radio.mp3 + ${source-password} + + + /radio.ogg + ${source-password} + ''; }; -- cgit v1.2.3 From 78a3cfb6fff1488437d22834709ffd04b287b819 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:39:56 +0200 Subject: l radio: fix Reaktor pattern --- lass/2configs/radio.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix index 49d093a6..b4efd42f 100644 --- a/lass/2configs/radio.nix +++ b/lass/2configs/radio.nix @@ -199,8 +199,8 @@ in { workdir = config.krebs.reaktor2.the_playlist.stateDir; hooks.PRIVMSG = [ { - activate = "match"; - pattern = ''!([^ ]+)(?:\s*(.*))?''; + #activate = "match"; + pattern = "^\\s*([0-9A-Za-z._][0-9A-Za-z._-]*)(?:\\s+(.*\\S))?\\s*$"; command = 1; arguments = [2]; commands = { -- cgit v1.2.3 From a122fec9e559e8050f03e6cd0c348490636bc9dd Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:40:24 +0200 Subject: l retiolum: remove dishfire as supernode --- lass/2configs/retiolum.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/retiolum.nix b/lass/2configs/retiolum.nix index fb76c573..5a87d52a 100644 --- a/lass/2configs/retiolum.nix +++ b/lass/2configs/retiolum.nix @@ -20,7 +20,6 @@ "prism" "gum" "ni" - "dishfire" ]; }; -- cgit v1.2.3 From 65c2a882482a8c9ceeebff68dc38be83ab44ee12 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:40:44 +0200 Subject: l retiolum: enable localDiscovery --- lass/2configs/retiolum.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'lass/2configs') diff --git a/lass/2configs/retiolum.nix b/lass/2configs/retiolum.nix index 5a87d52a..9932f817 100644 --- a/lass/2configs/retiolum.nix +++ b/lass/2configs/retiolum.nix @@ -21,6 +21,9 @@ "gum" "ni" ]; + extraConfig = '' + LocalDiscovery = yes + ''; }; nixpkgs.config.packageOverrides = pkgs: { -- cgit v1.2.3 From b216553984b5b3fadb297bdf2f8f019daa1c957b Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:47:34 +0200 Subject: l syncthing: don't share sync with phone --- lass/2configs/syncthing.nix | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/syncthing.nix b/lass/2configs/syncthing.nix index 48f2625c..25712f4f 100644 --- a/lass/2configs/syncthing.nix +++ b/lass/2configs/syncthing.nix @@ -1,5 +1,7 @@ { config, pkgs, ... }: with import ; let - peers = mapAttrs (n: v: { id = v.syncthing.id; }) (filterAttrs (n: v: v.syncthing.id != null) config.krebs.hosts); + all_peers = filterAttrs (n: v: v.syncthing.id != null) config.krebs.hosts; + own_peers = filterAttrs (n: v: v.owner.name == "lass") all_peers; + mk_peers = mapAttrs (n: v: { id = v.syncthing.id; }); in { services.syncthing = { enable = true; @@ -14,8 +16,8 @@ in { enable = true; cert = toString ; key = toString ; - peers = peers; - folders."/home/lass/sync".peers = attrNames peers; + peers = mk_peers all_peers; + folders."/home/lass/sync".peers = attrNames (filterAttrs (n: v: n != "phone") own_peers); }; system.activationScripts.syncthing-home = '' -- cgit v1.2.3 From dda92fcf0bc438186d6880b6bd6650f799d249b5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:47:58 +0200 Subject: l syncthing: fix permissions of sync --- lass/2configs/syncthing.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/syncthing.nix b/lass/2configs/syncthing.nix index 25712f4f..d4df17b9 100644 --- a/lass/2configs/syncthing.nix +++ b/lass/2configs/syncthing.nix @@ -25,8 +25,9 @@ in { ''; krebs.permown."/home/lass/sync" = { + file-mode = "u+rw,g+rw"; owner = "lass"; group = "syncthing"; - umask = "0007"; + umask = "0002"; }; } -- cgit v1.2.3 From 0c9a0c690e6ec575f7e72af3a8a91096c60c21e3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:48:42 +0200 Subject: l domsen: add jarugadesign user, mail & page --- lass/2configs/websites/domsen.nix | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'lass/2configs') diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 2131c7c6..86518648 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -26,6 +26,7 @@ in { ./default.nix ./sqlBackup.nix (servePage [ "reich-gebaeudereinigung.de" "www.reich-gebaeudereinigung.de" ]) + (servePage [ "jarugadesign.de" "www.jarugadesign.de" ]) (servePage [ "freemonkey.art" "www.freemonkey.art" @@ -141,6 +142,7 @@ in { { from = "akayguen@freemonkey.art"; to ="akayguen"; } { from = "bui@freemonkey.art"; to ="bui"; } { from = "kontakt@alewis.de"; to ="klabusterbeere"; } + { from = "hallo@jarugadesign.de"; to ="kasia"; } { from = "testuser@lassul.us"; to = "testuser"; } { from = "testuser@ubikmedia.eu"; to = "testuser"; } @@ -150,6 +152,7 @@ in { "ubikmedia.eu" "ubikmedia.de" "alewis.de" + "jarugadesign.de" ]; ssl_cert = "/var/lib/acme/lassul.us/fullchain.pem"; ssl_key = "/var/lib/acme/lassul.us/key.pem"; @@ -235,6 +238,12 @@ in { }; krebs.on-failure.plans.restic-backups-domsen = {}; + users.users.kasia = { + uid = genid_uint31 "kasia"; + home = "/home/kasia"; + useDefaultShell = true; + createHome = true; + }; services.restic.backups.domsen = { initialize = true; extraOptions = [ "sftp.command='ssh efOVcMWSZ@wilhelmstr2.duckdns.org -S none -v -p 52222 -i ${toString + "/ssh.id_ed25519"} -s sftp'" ]; -- cgit v1.2.3 From d68e0e2e2d9f2aa07e5daf950971f4f6ff1634b7 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:49:10 +0200 Subject: l domsen: set nextcloud overwriteProtocol --- lass/2configs/websites/domsen.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass/2configs') diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 86518648..912d5692 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -94,6 +94,7 @@ in { hostName = "o.xanf.org"; config = { adminpassFile = toString + "/nextcloud_pw"; + overwriteProtocol = "https"; }; https = true; nginx.enable = true; -- cgit v1.2.3 From f8164a8e32b646464376afa951232085c9f1322b Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:49:29 +0200 Subject: l domsen: increase journalctl lines in backup errors --- lass/2configs/websites/domsen.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 912d5692..c99bd7b1 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -238,13 +238,18 @@ in { createHome = true; }; - krebs.on-failure.plans.restic-backups-domsen = {}; users.users.kasia = { uid = genid_uint31 "kasia"; home = "/home/kasia"; useDefaultShell = true; createHome = true; }; + + krebs.on-failure.plans.restic-backups-domsen = { + journalctl = { + lines = 1000; + }; + }; services.restic.backups.domsen = { initialize = true; extraOptions = [ "sftp.command='ssh efOVcMWSZ@wilhelmstr2.duckdns.org -S none -v -p 52222 -i ${toString + "/ssh.id_ed25519"} -s sftp'" ]; -- cgit v1.2.3 From 70a58ef2e310521029de794caba6c8351ac99e86 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:49:45 +0200 Subject: l domsen: use permown for permissions --- lass/2configs/websites/domsen.nix | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) (limited to 'lass/2configs') diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index c99bd7b1..9980e050 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -262,11 +262,41 @@ in { "/home/ms/Mail" "/home/klabusterbeere/Mail" "/home/jms/Mail" + "/home/kasia/Mail" "/home/bruno/Mail" "/home/akayguen/Mail" "/backups/sql_dumps" ]; }; + boot.kernel.sysctl."fs.inotify.max_user_watches" = "1048576"; + krebs.permown = { + "/srv/http/ubikmedia.de" = { + owner = "domsen"; + group = "nginx"; + umask = "0007"; + }; + "/srv/http/o.ubikmedia.de" = { + owner = "domsen"; + group = "nginx"; + umask = "0007"; + }; + "/srv/http/freemonkey.art" = { + owner = "domsen"; + group = "nginx"; + umask = "0002"; + }; + "/srv/http/jarugadesign.de" = { + owner = "domsen"; + group = "nginx"; + umask = "0002"; + }; + "/srv/http/reich-gebaeudereinigung.de" = { + owner = "domsen"; + group = "nginx"; + umask = "0002"; + }; + }; + } -- cgit v1.2.3