From c0a4063c2d183ecf1cf7a1dc4e1a35f1f1be0733 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 13 Sep 2017 21:13:53 +0200 Subject: l bepasty: forceSSL conflicts with enableSSL --- lass/2configs/bepasty.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/bepasty.nix b/lass/2configs/bepasty.nix index b2d40d4f..43647892 100644 --- a/lass/2configs/bepasty.nix +++ b/lass/2configs/bepasty.nix @@ -31,7 +31,6 @@ in { } // genAttrs ext-doms (ext-dom: { nginx = { - enableSSL = true; forceSSL = true; enableACME = true; }; -- cgit v1.2.3 From 8bd9894a2af5a0db91c0cb7943a34f60e2252c32 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 30 Sep 2017 18:06:21 +0200 Subject: add new prism.r binary-cache key --- lass/2configs/binary-cache/client.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass/2configs') diff --git a/lass/2configs/binary-cache/client.nix b/lass/2configs/binary-cache/client.nix index 9dba5fbf..b0e0a8b8 100644 --- a/lass/2configs/binary-cache/client.nix +++ b/lass/2configs/binary-cache/client.nix @@ -8,6 +8,7 @@ ]; binaryCachePublicKeys = [ "cache.prism-1:+S+6Lo/n27XEtvdlQKuJIcb1yO5NUqUCE2lolmTgNJU=" + "cache.prism-2:YwmCm3/s/D+SxrPKN/ETjlpw/219pNUbpnluatp6FKI=" "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=" ]; }; -- cgit v1.2.3 From cad6fa36cb5d50ba7debd642258f37d1ba7aa4b2 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 30 Sep 2017 19:11:08 +0200 Subject: l exim-smarthost: add aplle & coinbase mail --- lass/2configs/exim-smarthost.nix | 2 ++ 1 file changed, 2 insertions(+) (limited to 'lass/2configs') diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix index c9d7a369..0b56f6f4 100644 --- a/lass/2configs/exim-smarthost.nix +++ b/lass/2configs/exim-smarthost.nix @@ -43,6 +43,8 @@ with import ; { from = "radio@lassul.us"; to = lass.mail; } { from = "btce@lassul.us"; to = lass.mail; } { from = "raf@lassul.us"; to = lass.mail; } + { from = "apple@lassul.us"; to = lass.mail; } + { from = "coinbase@lassul.us"; to = lass.mail; } ]; system-aliases = [ { from = "mailer-daemon"; to = "postmaster"; } -- cgit v1.2.3 From ea21ba775c11a5ff4b79c18445895cf95956220c Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 30 Sep 2017 19:11:44 +0200 Subject: l git: add nix-user-chroot repo --- lass/2configs/git.nix | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'lass/2configs') diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index 3991acad..920da98c 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -53,6 +53,10 @@ let cgit.desc = "Good Music collection + tools"; cgit.section = "art"; }; + nix-user-chroot = { + cgit.desc = "Fork of nix-user-chroot my lethalman"; + cgit.section = "software"; + }; } // mapAttrs make-public-repo-silent { }; -- cgit v1.2.3 From 0971a0709b976b0f86651d2635709569f15adc12 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 30 Sep 2017 19:12:12 +0200 Subject: l vim: use python3.5 flake8 --- lass/2configs/vim.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix index 7f36fcd9..6e271711 100644 --- a/lass/2configs/vim.nix +++ b/lass/2configs/vim.nix @@ -5,7 +5,7 @@ let out = { environment.systemPackages = [ (hiPrio vim) - pkgs.pythonPackages.flake8 + pkgs.python35Packages.flake8 ]; environment.etc.vimrc.source = vimrc; -- cgit v1.2.3 From 2cca99fadc19f81c52beb71d1d0ad8ea97380f97 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 30 Sep 2017 19:12:30 +0200 Subject: l vim: add vimPlugins.vim-go --- lass/2configs/vim.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass/2configs') diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix index 6e271711..71c3aaad 100644 --- a/lass/2configs/vim.nix +++ b/lass/2configs/vim.nix @@ -104,6 +104,7 @@ let pkgs.vimPlugins.Gundo pkgs.vimPlugins.Syntastic pkgs.vimPlugins.undotree + pkgs.vimPlugins.vim-go (pkgs.vimUtils.buildVimPlugin { name = "file-line-1.0"; src = pkgs.fetchFromGitHub { -- cgit v1.2.3 From ec1482b0bf98a551348d6f0de6d966d81dbd663e Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 30 Sep 2017 19:36:54 +0200 Subject: l Reaktors: archprism.r -> prism.r --- lass/2configs/reaktor-retiolum.nix | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 lass/2configs/reaktor-retiolum.nix (limited to 'lass/2configs') diff --git a/lass/2configs/reaktor-retiolum.nix b/lass/2configs/reaktor-retiolum.nix new file mode 100644 index 00000000..b2a21f80 --- /dev/null +++ b/lass/2configs/reaktor-retiolum.nix @@ -0,0 +1,15 @@ +{ config, lib, pkgs, ... }: +with import ; + +{ + krebs.Reaktor.retiolum = { + nickname = "Reaktor|lass"; + channels = [ "#retiolum" ]; + extraEnviron = { + REAKTOR_HOST = "ni.r"; + }; + plugins = with pkgs.ReaktorPlugins; [ + sed-plugin + ]; + }; +} -- cgit v1.2.3 From e1842266b3787337cac76b6d7297fd3186978fd2 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 1 Oct 2017 13:35:30 +0200 Subject: l: #retiolum@ni.r -> #krebs@irc.r --- lass/2configs/git.nix | 8 ++++---- lass/2configs/monitoring/monit-alarms.nix | 2 +- lass/2configs/monitoring/server.nix | 2 +- lass/2configs/reaktor-retiolum.nix | 4 ++-- lass/2configs/repo-sync.nix | 4 ++-- 5 files changed, 10 insertions(+), 10 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index 920da98c..91318b53 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -77,8 +77,8 @@ let post-receive = pkgs.git-hooks.irc-announce { # TODO make nick = config.krebs.build.host.name the default nick = config.krebs.build.host.name; - channel = "#retiolum"; - server = "ni.r"; + channel = "#krebs"; + server = "irc.r"; verbose = config.krebs.build.host.name == "prism"; # TODO define branches in some kind of option per repo branches = [ "master" "staging*" ]; @@ -98,8 +98,8 @@ let post-receive = pkgs.git-hooks.irc-announce { # TODO make nick = config.krebs.build.host.name the default nick = config.krebs.build.host.name; - channel = "#retiolum"; - server = "ni.r"; + channel = "#krebs"; + server = "irc.r"; verbose = true; # TODO define branches in some kind of option per repo branches = [ "master" "staging*" ]; diff --git a/lass/2configs/monitoring/monit-alarms.nix b/lass/2configs/monitoring/monit-alarms.nix index 65b91a74..2cfc292e 100644 --- a/lass/2configs/monitoring/monit-alarms.nix +++ b/lass/2configs/monitoring/monit-alarms.nix @@ -6,7 +6,7 @@ let set -euf export LOGNAME=prism-alarm ${pkgs.irc-announce}/bin/irc-announce \ - ni.r 6667 ${config.networking.hostName}-alarm \#noise "${msg}" >/dev/null + irc.r 6667 ${config.networking.hostName}-alarm \#noise "${msg}" >/dev/null ''; in { diff --git a/lass/2configs/monitoring/server.nix b/lass/2configs/monitoring/server.nix index d1ff234e..adaecde2 100644 --- a/lass/2configs/monitoring/server.nix +++ b/lass/2configs/monitoring/server.nix @@ -29,7 +29,7 @@ with import ; data="$(${pkgs.jq}/bin/jq -r .message)" export LOGNAME=prism-alarm ${pkgs.irc-announce}/bin/irc-announce \ - ni.r 6667 prism-alarm \#noise "$data" >/dev/null + irc.r 6667 prism-alarm \#noise "$data" >/dev/null ''; in { enable = true; diff --git a/lass/2configs/reaktor-retiolum.nix b/lass/2configs/reaktor-retiolum.nix index b2a21f80..0ec82552 100644 --- a/lass/2configs/reaktor-retiolum.nix +++ b/lass/2configs/reaktor-retiolum.nix @@ -4,9 +4,9 @@ with import ; { krebs.Reaktor.retiolum = { nickname = "Reaktor|lass"; - channels = [ "#retiolum" ]; + channels = [ "#krebs" ]; extraEnviron = { - REAKTOR_HOST = "ni.r"; + REAKTOR_HOST = "irc.r"; }; plugins = with pkgs.ReaktorPlugins; [ sed-plugin diff --git a/lass/2configs/repo-sync.nix b/lass/2configs/repo-sync.nix index f0c0ebfe..12a2c0fe 100644 --- a/lass/2configs/repo-sync.nix +++ b/lass/2configs/repo-sync.nix @@ -15,8 +15,8 @@ let post-receive = pkgs.git-hooks.irc-announce { nick = config.networking.hostName; verbose = false; - channel = "#retiolum"; - server = "ni.r"; + channel = "#krebs"; + server = "irc.r"; branches = [ "newest" ]; }; }); -- cgit v1.2.3 From f0053f2dca7b5089aa7f22fb09d9cf2109b5835a Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 1 Oct 2017 14:21:34 +0200 Subject: l #krebs@irc.r -> #xxx@irc.r --- lass/2configs/git.nix | 4 ++-- lass/2configs/reaktor-retiolum.nix | 2 +- lass/2configs/repo-sync.nix | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index 91318b53..4a2199b3 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -77,7 +77,7 @@ let post-receive = pkgs.git-hooks.irc-announce { # TODO make nick = config.krebs.build.host.name the default nick = config.krebs.build.host.name; - channel = "#krebs"; + channel = "#xxx"; server = "irc.r"; verbose = config.krebs.build.host.name == "prism"; # TODO define branches in some kind of option per repo @@ -98,7 +98,7 @@ let post-receive = pkgs.git-hooks.irc-announce { # TODO make nick = config.krebs.build.host.name the default nick = config.krebs.build.host.name; - channel = "#krebs"; + channel = "#xxx"; server = "irc.r"; verbose = true; # TODO define branches in some kind of option per repo diff --git a/lass/2configs/reaktor-retiolum.nix b/lass/2configs/reaktor-retiolum.nix index 0ec82552..144b7d48 100644 --- a/lass/2configs/reaktor-retiolum.nix +++ b/lass/2configs/reaktor-retiolum.nix @@ -4,7 +4,7 @@ with import ; { krebs.Reaktor.retiolum = { nickname = "Reaktor|lass"; - channels = [ "#krebs" ]; + channels = [ "#xxx" ]; extraEnviron = { REAKTOR_HOST = "irc.r"; }; diff --git a/lass/2configs/repo-sync.nix b/lass/2configs/repo-sync.nix index 12a2c0fe..f3ef23e6 100644 --- a/lass/2configs/repo-sync.nix +++ b/lass/2configs/repo-sync.nix @@ -15,7 +15,7 @@ let post-receive = pkgs.git-hooks.irc-announce { nick = config.networking.hostName; verbose = false; - channel = "#krebs"; + channel = "#xxx"; server = "irc.r"; branches = [ "newest" ]; }; -- cgit v1.2.3 From 543291b53368c6124c9095e7227cd5176cb3fe65 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 1 Oct 2017 18:39:38 +0200 Subject: l authorized lass-android for weechat --- lass/2configs/weechat.nix | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/weechat.nix b/lass/2configs/weechat.nix index 1e5f2d17..4b644561 100644 --- a/lass/2configs/weechat.nix +++ b/lass/2configs/weechat.nix @@ -13,10 +13,11 @@ in { uid = genid "chat"; useDefaultShell = true; createHome = true; - openssh.authorizedKeys.keys = [ - config.krebs.users.lass.pubkey - config.krebs.users.lass-shodan.pubkey - config.krebs.users.lass-icarus.pubkey + openssh.authorizedKeys.keys = with config.krebs.users; [ + lass.pubkey + lass-shodan.pubkey + lass-icarus.pubkey + lass-android.pubkey ]; }; -- cgit v1.2.3 From 5ab273b5364a35fed96473e4290147940425c6b3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 2 Oct 2017 18:45:28 +0200 Subject: l wine: pkgs.wineFull -> pkgs.wine --- lass/2configs/wine.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/wine.nix b/lass/2configs/wine.nix index 2444d32d..0d2b731c 100644 --- a/lass/2configs/wine.nix +++ b/lass/2configs/wine.nix @@ -5,7 +5,7 @@ let in { krebs.per-user.wine.packages = with pkgs; [ - wineFull + wine #(wineFull.override { wineBuild = "wine64"; }) ]; users.users= { -- cgit v1.2.3 From 958e86fadf2a2ca2901e7bd5fd8a0fcc16cbe103 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 3 Oct 2017 11:38:11 +0200 Subject: l copyq: fix startup --- lass/2configs/copyq.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/copyq.nix b/lass/2configs/copyq.nix index b255254f..fa01a99c 100644 --- a/lass/2configs/copyq.nix +++ b/lass/2configs/copyq.nix @@ -25,12 +25,15 @@ in { environment = { DISPLAY = ":0"; }; + path = with pkgs; [ + qt5.full + ]; serviceConfig = { SyslogIdentifier = "copyq"; ExecStart = "${pkgs.copyq}/bin/copyq"; ExecStartPost = copyqConfig; Restart = "always"; - RestartSec = "2s"; + RestartSec = "15s"; StartLimitBurst = 0; User = "lass"; }; -- cgit v1.2.3 From c54d84b9efe01a7f4f8837b2308b7e2d61f1926f Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 3 Oct 2017 13:43:13 +0200 Subject: l sqlBackup: set mysql.dataDir to /var/mysql --- lass/2configs/websites/sqlBackup.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/websites/sqlBackup.nix b/lass/2configs/websites/sqlBackup.nix index 7cb4b320..2fffa6cc 100644 --- a/lass/2configs/websites/sqlBackup.nix +++ b/lass/2configs/websites/sqlBackup.nix @@ -3,12 +3,13 @@ { krebs.secret.files.mysql_rootPassword = { path = "${config.services.mysql.dataDir}/mysql_rootPassword"; - owner.name = "root"; + owner.name = "mysql"; source-path = toString + "/mysql_rootPassword"; }; services.mysql = { enable = true; + dataDir = "/var/mysql"; package = pkgs.mariadb; rootPassword = config.krebs.secret.files.mysql_rootPassword.path; }; -- cgit v1.2.3 From c37c047ee6c080f7d76f2e19269162615a9aacfb Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 3 Oct 2017 13:43:31 +0200 Subject: l weechat: open mosh port --- lass/2configs/weechat.nix | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'lass/2configs') diff --git a/lass/2configs/weechat.nix b/lass/2configs/weechat.nix index 4b644561..d5496ac0 100644 --- a/lass/2configs/weechat.nix +++ b/lass/2configs/weechat.nix @@ -21,6 +21,11 @@ in { ]; }; + # mosh + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p udp --dport 60000:61000"; target = "ACCEPT";} + ]; + #systemd.services.chat = { # description = "chat environment setup"; # after = [ "network.target" ]; -- cgit v1.2.3 From 3be76df6c9ea70c56eee66935476bd4738912171 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 3 Oct 2017 23:51:11 +0200 Subject: l websites lass: use addSSL --- lass/2configs/websites/lassulus.nix | 32 +++----------------------------- 1 file changed, 3 insertions(+), 29 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index 17c39a5f..77790e8b 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -73,17 +73,6 @@ in { allowKeysForGroup = true; group = "lasscert"; }; - certs."cgit.lassul.us" = { - email = "lassulus@gmail.com"; - webroot = "/var/lib/acme/acme-challenges"; - plugins = [ - "account_key.json" - "key.pem" - "fullchain.pem" - ]; - group = "nginx"; - allowKeysForGroup = true; - }; }; krebs.tinc_graphs.enable = true; @@ -119,6 +108,7 @@ in { ]; services.nginx.virtualHosts."lassul.us" = { + addSSL = true; enableACME = true; serverAliases = [ "lassul.us" ]; locations."/".extraConfig = '' @@ -158,30 +148,14 @@ in { in '' alias ${initscript}; ''; - - enableSSL = true; - extraConfig = '' - listen 80; - listen [::]:80; - ''; - sslCertificate = "/var/lib/acme/lassul.us/fullchain.pem"; - sslCertificateKey = "/var/lib/acme/lassul.us/key.pem"; }; services.nginx.virtualHosts.cgit = { + addSSL = true; + enableACME = true; serverAliases = [ "cgit.lassul.us" ]; - locations."/.well-known/acme-challenge".extraConfig = '' - root /var/lib/acme/acme-challenges; - ''; - enableSSL = true; - extraConfig = '' - listen 80; - listen [::]:80; - ''; - sslCertificate = "/var/lib/acme/cgit.lassul.us/fullchain.pem"; - sslCertificateKey = "/var/lib/acme/cgit.lassul.us/key.pem"; }; users.users.blog = { -- cgit v1.2.3 From 387bf34e82a5cb5cf82288cf3c58fff5b1bb4ce5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 3 Oct 2017 23:53:43 +0200 Subject: l pass: gnupg1 -> gnupg --- lass/2configs/pass.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/pass.nix b/lass/2configs/pass.nix index 5bd2f2f7..43eb0db9 100644 --- a/lass/2configs/pass.nix +++ b/lass/2configs/pass.nix @@ -3,7 +3,7 @@ { krebs.per-user.lass.packages = with pkgs; [ pass - gnupg1 + gnupg ]; } -- cgit v1.2.3 From 579b2cbecf8cec8786864bb2bdf6ffaf6bcf65b4 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 5 Oct 2017 05:01:00 +0200 Subject: l websites: remove deprecated attributes --- lass/2configs/websites/lassulus.nix | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index 77790e8b..6e185a4d 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -110,7 +110,6 @@ in { services.nginx.virtualHosts."lassul.us" = { addSSL = true; enableACME = true; - serverAliases = [ "lassul.us" ]; locations."/".extraConfig = '' root /srv/http/lassul.us; ''; @@ -151,11 +150,9 @@ in { }; services.nginx.virtualHosts.cgit = { + serverName = "cgit.lassul.us"; addSSL = true; enableACME = true; - serverAliases = [ - "cgit.lassul.us" - ]; }; users.users.blog = { -- cgit v1.2.3 From be4bfed6eddb2e957301a6734725a99d181d3753 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 5 Oct 2017 05:05:00 +0200 Subject: l pass: activate gnupg-agent --- lass/2configs/pass.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass/2configs') diff --git a/lass/2configs/pass.nix b/lass/2configs/pass.nix index 43eb0db9..1c253a6c 100644 --- a/lass/2configs/pass.nix +++ b/lass/2configs/pass.nix @@ -6,4 +6,5 @@ gnupg ]; + programs.gnupg.agent.enable = true; } -- cgit v1.2.3 From 4e6827b8cd1e1edce7a27a6d6b2afda6ce6b7bc9 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 5 Oct 2017 05:28:32 +0200 Subject: l gc: deactivate on helios --- lass/2configs/gc.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/gc.nix b/lass/2configs/gc.nix index 00f318e5..ad015180 100644 --- a/lass/2configs/gc.nix +++ b/lass/2configs/gc.nix @@ -3,6 +3,6 @@ with import ; { nix.gc = { - automatic = ! elem config.krebs.build.host.name [ "prism" "mors" ]; + automatic = ! elem config.krebs.build.host.name [ "prism" "mors" "helios" ]; }; } -- cgit v1.2.3 From ba663f044508ec596b6f9ab22a43e39677bcf3c2 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 5 Oct 2017 15:50:45 +0200 Subject: l helios.r: add dcsovpn --- lass/2configs/dcso-vpn.nix | 44 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) create mode 100644 lass/2configs/dcso-vpn.nix (limited to 'lass/2configs') diff --git a/lass/2configs/dcso-vpn.nix b/lass/2configs/dcso-vpn.nix new file mode 100644 index 00000000..0a5623bf --- /dev/null +++ b/lass/2configs/dcso-vpn.nix @@ -0,0 +1,44 @@ +with import ; +{ ... }: + +{ + + users.extraUsers = { + dcsovpn = rec { + name = "dcsovpn"; + uid = genid "dcsovpn"; + description = "user for running dcso openvpn"; + home = "/home/${name}"; + }; + }; + + users.extraGroups.dcsovpn.gid = genid "dcsovpn"; + + services.openvpn.servers = { + dcso = { + config = '' + client + dev tun + tun-mtu 1356 + mssfix + proto udp + float + remote 217.111.55.41 1194 + nobind + user dcsovpn + group dcsovpn + persist-key + persist-tun + ca ${toString } + cert ${toString } + key ${toString } + verb 3 + mute 20 + auth-user-pass ${toString } + route-method exe + route-delay 2 + ''; + updateResolvConf = true; + }; + }; +} -- cgit v1.2.3 From 54d20b612f126ae64c807aa2b68f18836e824d69 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 5 Oct 2017 16:08:55 +0200 Subject: l dummy-secrets: add dcsovpn --- lass/2configs/tests/dummy-secrets/dcsovpn/ca.pem | 0 lass/2configs/tests/dummy-secrets/dcsovpn/cert.key | 0 lass/2configs/tests/dummy-secrets/dcsovpn/cert.pem | 0 lass/2configs/tests/dummy-secrets/dcsovpn/login.txt | 0 4 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 lass/2configs/tests/dummy-secrets/dcsovpn/ca.pem create mode 100644 lass/2configs/tests/dummy-secrets/dcsovpn/cert.key create mode 100644 lass/2configs/tests/dummy-secrets/dcsovpn/cert.pem create mode 100644 lass/2configs/tests/dummy-secrets/dcsovpn/login.txt (limited to 'lass/2configs') diff --git a/lass/2configs/tests/dummy-secrets/dcsovpn/ca.pem b/lass/2configs/tests/dummy-secrets/dcsovpn/ca.pem new file mode 100644 index 00000000..e69de29b diff --git a/lass/2configs/tests/dummy-secrets/dcsovpn/cert.key b/lass/2configs/tests/dummy-secrets/dcsovpn/cert.key new file mode 100644 index 00000000..e69de29b diff --git a/lass/2configs/tests/dummy-secrets/dcsovpn/cert.pem b/lass/2configs/tests/dummy-secrets/dcsovpn/cert.pem new file mode 100644 index 00000000..e69de29b diff --git a/lass/2configs/tests/dummy-secrets/dcsovpn/login.txt b/lass/2configs/tests/dummy-secrets/dcsovpn/login.txt new file mode 100644 index 00000000..e69de29b -- cgit v1.2.3 From 1124548642eeda9225cd223b2c4de12e0240d02f Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 7 Oct 2017 11:56:36 +0200 Subject: move Reaktors to hotdog.r --- lass/2configs/reaktor-krebs.nix | 25 ------------------------- lass/2configs/reaktor-retiolum.nix | 15 --------------- 2 files changed, 40 deletions(-) delete mode 100644 lass/2configs/reaktor-krebs.nix delete mode 100644 lass/2configs/reaktor-retiolum.nix (limited to 'lass/2configs') diff --git a/lass/2configs/reaktor-krebs.nix b/lass/2configs/reaktor-krebs.nix deleted file mode 100644 index 6b17b457..00000000 --- a/lass/2configs/reaktor-krebs.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ config, lib, pkgs, ... }: -with import ; - -{ - krebs.Reaktor.krebs = { - nickname = "Reaktor|krebs"; - channels = [ - "#krebs" - "#nixos-wiki" - ]; - extraEnviron = { - REAKTOR_HOST = "irc.freenode.org"; - }; - plugins = with pkgs.ReaktorPlugins; [ - sed-plugin - wiki-todo-add - wiki-todo-done - wiki-todo-show - ]; - }; - services.nginx.virtualHosts."lassul.us".locations."/wiki-todo".extraConfig = '' - default_type "text/plain"; - alias /var/lib/Reaktor/state/wiki-todo; - ''; -} diff --git a/lass/2configs/reaktor-retiolum.nix b/lass/2configs/reaktor-retiolum.nix deleted file mode 100644 index 144b7d48..00000000 --- a/lass/2configs/reaktor-retiolum.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ config, lib, pkgs, ... }: -with import ; - -{ - krebs.Reaktor.retiolum = { - nickname = "Reaktor|lass"; - channels = [ "#xxx" ]; - extraEnviron = { - REAKTOR_HOST = "irc.r"; - }; - plugins = with pkgs.ReaktorPlugins; [ - sed-plugin - ]; - }; -} -- cgit v1.2.3 From a3f45e80aeffe7223631793dcb48f9cabfe7215a Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 9 Oct 2017 13:02:14 +0200 Subject: l: use hack fonts everywhere --- lass/2configs/baseX.nix | 23 ++++++++++++++++++----- lass/2configs/xresources.nix | 6 ++++-- 2 files changed, 22 insertions(+), 7 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index f6390ce4..9d4ad8c6 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -28,9 +28,19 @@ in { ''; } { #font magic - options.lass.myFont = mkOption { - type = types.str; - default = "-schumacher-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1"; + options.lass.fonts = { + regular = mkOption { + type = types.str; + default = "xft:Hack-Regular:pixelsize=11,xft:Symbola"; + }; + bold = mkOption { + type = types.str; + default = "xft:Hack-Bold:pixelsize=11,xft:Symbola"; + }; + italic = mkOption { + type = types.str; + default = "xft:Hack-RegularOblique:pixelsize=11,xft:Symbol"; + }; }; } ]; @@ -82,8 +92,11 @@ in { termite ]; - fonts.fonts = [ - pkgs.xlibs.fontschumachermisc + fonts.fonts = with pkgs; [ + hack-font + hasklig + symbola + xlibs.fontschumachermisc ]; services.xserver = { diff --git a/lass/2configs/xresources.nix b/lass/2configs/xresources.nix index adbcd353..a3c54f3a 100644 --- a/lass/2configs/xresources.nix +++ b/lass/2configs/xresources.nix @@ -8,8 +8,10 @@ let URxvt*scrollBar: false URxvt*urgentOnBell: true URxvt*SaveLines: 4096 - URxvt*font: ${config.lass.myFont} - URxvt*boldFont: ${config.lass.myFont} + + URxvt.font: ${config.lass.fonts.regular} + URxvt.boldFont: ${config.lass.fonts.bold} + URxvt.italicFont: ${config.lass.fonts.italic} ! ref https://github.com/muennich/urxvt-perls URxvt.perl-lib: ${pkgs.urxvt_perls}/lib/urxvt/perl -- cgit v1.2.3 From acb02ae901ec6d94ff0133d7c92286bc285b62d3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 9 Oct 2017 13:22:42 +0200 Subject: l: add pkgs.file --- lass/2configs/default.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass/2configs') diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index e96f4dc7..f745dc4a 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -119,6 +119,7 @@ with import ; aria2 #neat utils + file kpaste krebspaste mosh -- cgit v1.2.3 From f34e78cab5f4a10a8e8e2a5c8ef99a1e643c23cf Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 9 Oct 2017 13:23:11 +0200 Subject: l dns-stuff: add gum as resolver --- lass/2configs/dns-stuff.nix | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/dns-stuff.nix b/lass/2configs/dns-stuff.nix index 0c96e6e9..e305145f 100644 --- a/lass/2configs/dns-stuff.nix +++ b/lass/2configs/dns-stuff.nix @@ -4,7 +4,12 @@ with import ; services.dnscrypt-proxy = { enable = true; localAddress = "127.1.0.1"; - resolverName = "cs-de"; + customResolver = { + address = config.krebs.hosts.gum.nets.internet.ip4.addr; + port = 15251; + name = "2.dnscrypt-cert.euer.krebsco.de"; + key = "1AFC:E58D:F242:0FBB:9EE9:4E51:47F4:5373:D9AE:C2AB:DD96:8448:333D:5D79:272C:A44C"; + }; }; services.dnsmasq = { enable = true; @@ -17,8 +22,6 @@ with import ; all-servers dnssec trust-anchor=.,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5 - address=/blog/127.0.0.1 - address=/blog/::1 rebind-domain-ok=/onion/ server=/.onion/127.0.0.1#9053 port=53 -- cgit v1.2.3 From 80788b158f5b13ad7b638cc8252d5a7b905092df Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 9 Oct 2017 13:23:49 +0200 Subject: l mail: show inbox less strictly --- lass/2configs/mail.nix | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix index 7a988118..91127f73 100644 --- a/lass/2configs/mail.nix +++ b/lass/2configs/mail.nix @@ -74,12 +74,9 @@ let virtual-mailboxes \ "Unread" "notmuch://?query=tag:unread"\ "INBOX" "notmuch://?query=tag:inbox \ - and NOT tag:killed \ - and NOT to:shackspace \ - and NOT to:c-base \ - and NOT from:security-alert@hpe.com \ and NOT to:nix-devel\ - and NOT to:radio"\ + and NOT to:shackspace\ + and NOT to:c-base" \ "shack" "notmuch://?query=to:shackspace"\ "c-base" "notmuch://?query=to:c-base"\ "security" "notmuch://?query=to:securityfocus or from:security-alert@hpe.com"\ -- cgit v1.2.3 From 95d1e35049e786415116e262062f3dba6ea736c0 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 9 Oct 2017 13:24:54 +0200 Subject: l vim: add ack-vim --- lass/2configs/vim.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix index 71c3aaad..698344b0 100644 --- a/lass/2configs/vim.nix +++ b/lass/2configs/vim.nix @@ -97,10 +97,13 @@ let noremap [b | noremap! [b noremap [c | noremap! [c noremap [d | noremap! [d - vnoremap u + + let g:ackprg = 'ag --vimgrep' + cnoreabbrev Ack Ack! ''; extra-runtimepath = concatMapStringsSep "," (pkg: "${pkg.rtp}") [ + pkgs.vimPlugins.ack-vim pkgs.vimPlugins.Gundo pkgs.vimPlugins.Syntastic pkgs.vimPlugins.undotree -- cgit v1.2.3