From 5747398b0e4d42c86eeb4463275b0f032d51968f Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 5 Dec 2017 20:03:55 +0100 Subject: l browsers: add precedence --- lass/2configs/browsers.nix | 43 ++++++++++++++++++++++++++++++------------- 1 file changed, 30 insertions(+), 13 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix index 6c381863c..a858d3fec 100644 --- a/lass/2configs/browsers.nix +++ b/lass/2configs/browsers.nix @@ -5,19 +5,23 @@ let mainUser = config.users.extraUsers.mainUser; - browser-select = pkgs.writeScriptBin "browser-select" '' - BROWSER=$(echo -e "${concatStringsSep "\\n" (attrNames config.lass.browser.paths)}" | ${pkgs.dmenu}/bin/dmenu) + browser-select = let + sortedPaths = sort (a: b: a.value.precedence > b.value.precedence) + (mapAttrsToList (name: value: { inherit name value; }) + config.lass.browser.paths); + in pkgs.writeScriptBin "browser-select" '' + BROWSER=$(echo -e "${concatStringsSep "\\n" (map (getAttr "name") sortedPaths)}" | ${pkgs.dmenu}/bin/dmenu) case $BROWSER in ${concatMapStringsSep "\n" (n: '' - ${n}) - export BIN=${config.lass.browser.paths.${n}}/bin/${n} + ${n.name}) + export BIN=${n.value.path}/bin/${n.name} ;; - '') (attrNames config.lass.browser.paths)} + '') (sortedPaths)} esac $BIN "$@" ''; - createChromiumUser = name: extraGroups: + createChromiumUser = name: extraGroups: precedence: let bin = pkgs.writeScriptBin name '' /var/run/wrappers/bin/sudo -u ${name} -i ${pkgs.chromium}/bin/chromium $@ @@ -31,7 +35,7 @@ let useDefaultShell = true; createHome = true; }; - lass.browser.paths.${name} = bin; + lass.browser.paths.${name}.path = bin; security.sudo.extraConfig = '' ${mainUser.name} ALL=(${name}) NOPASSWD: ALL ''; @@ -40,7 +44,7 @@ let ]; }; - createFirefoxUser = name: extraGroups: + createFirefoxUser = name: extraGroups: precedence: let bin = pkgs.writeScriptBin name '' /var/run/wrappers/bin/sudo -u ${name} -i ${pkgs.firefox}/bin/firefox $@ @@ -54,7 +58,10 @@ let useDefaultShell = true; createHome = true; }; - lass.browser.paths.${name} = bin; + lass.browser.paths.${name} = { + path = bin; + inherit precedence; + }; security.sudo.extraConfig = '' ${mainUser.name} ALL=(${name}) NOPASSWD: ALL ''; @@ -79,14 +86,24 @@ in { type = types.path; }; options.lass.browser.paths = mkOption { - type = with types; attrsOf path; + type = types.attrsOf (types.submodule ({ + options = { + path = mkOption { + type = types.path; + }; + precedence = mkOption { + type = types.int; + default = 0; + }; + }; + })); }; } - ( createFirefoxUser "ff" [ "audio" ] ) - ( createChromiumUser "cr" [ "video" "audio" ] ) + ( createFirefoxUser "ff" [ "audio" ] 10 ) + ( createChromiumUser "cr" [ "video" "audio" ] 9 ) + ( createChromiumUser "gm" [ "video" "audio" ] 8 ) ( createChromiumUser "wk" [ "video" "audio" ] ) ( createChromiumUser "fb" [ "video" "audio" ] ) - ( createChromiumUser "gm" [ "video" "audio" ] ) ( createChromiumUser "com" [ "video" "audio" ] ) ]; } -- cgit v1.2.3 From a9b72bd2901ca232eb7b6523c535c593a36521ef Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 7 Dec 2017 17:33:08 +0100 Subject: l: add gpd-pocket hardware --- lass/2configs/hw/gpd-pocket.nix | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 lass/2configs/hw/gpd-pocket.nix (limited to 'lass/2configs') diff --git a/lass/2configs/hw/gpd-pocket.nix b/lass/2configs/hw/gpd-pocket.nix new file mode 100644 index 000000000..e3d212741 --- /dev/null +++ b/lass/2configs/hw/gpd-pocket.nix @@ -0,0 +1,20 @@ +{ pkgs, ... }: + +let + dummy_firmware = pkgs.writeTextFile { + name = "brcmfmac4356-pcie.txt"; + text = builtins.readFile ./brcmfmac4356-pcie.txt; + destination = "/lib/firmware/brcm/brcmfmac4356-pcie.txt"; + }; +in { + hardware.firmware = [ dummy_firmware ]; + + boot.kernelPackages = pkgs.linuxPackages_4_14; + boot.kernelParams = [ + "fbcon=rotate:1" + ]; + services.tlp.enable = true; + services.xserver.displayManager.sessionCommands = '' + (sleep 2 && ${pkgs.xorg.xrandr}/bin/xrandr --output DSI1 --rotate right) + ''; +} -- cgit v1.2.3 From b4fb85aa44a7094a8adb9fd60ffde75d13841ae9 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 11 Dec 2017 20:24:24 +0100 Subject: l: add xerxes.r --- lass/2configs/default.nix | 1 + lass/2configs/hw/gpd-pocket.nix | 9 +++++++++ 2 files changed, 10 insertions(+) (limited to 'lass/2configs') diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index f8b750093..0e00dc2fd 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -22,6 +22,7 @@ with import ; config.krebs.users.lass.pubkey config.krebs.users.lass-shodan.pubkey config.krebs.users.lass-icarus.pubkey + config.krebs.users.lass-xerxes.pubkey ]; }; mainUser = { diff --git a/lass/2configs/hw/gpd-pocket.nix b/lass/2configs/hw/gpd-pocket.nix index e3d212741..193c12c13 100644 --- a/lass/2configs/hw/gpd-pocket.nix +++ b/lass/2configs/hw/gpd-pocket.nix @@ -7,8 +7,11 @@ let destination = "/lib/firmware/brcm/brcmfmac4356-pcie.txt"; }; in { + #imports = [ ]; hardware.firmware = [ dummy_firmware ]; + hardware.enableRedistributableFirmware = true; + boot.initrd.availableKernelModules = [ "xhci_pci" "usbhid" "usb_storage" "sd_mod" "sdhci_acpi" "sdhci_pci" ]; boot.kernelPackages = pkgs.linuxPackages_4_14; boot.kernelParams = [ "fbcon=rotate:1" @@ -16,5 +19,11 @@ in { services.tlp.enable = true; services.xserver.displayManager.sessionCommands = '' (sleep 2 && ${pkgs.xorg.xrandr}/bin/xrandr --output DSI1 --rotate right) + (sleep 2 && ${pkgs.xorg.xinput}/bin/xinput set-prop 'Goodix Capacitive TouchScreen' 'Coordinate Transformation Matrix' 0 1 0 -1 0 1 0 0 1) ''; + services.xserver.dpi = 200; + fonts.fontconfig.dpi = 200; + lass.fonts.regular = "xft:Hack-Regular:pixelsize=22,xft:Symbola"; + lass.fonts.bold = "xft:Hack-Bold:pixelsize=22,xft:Symbola"; + lass.fonts.italic = "xft:Hack-RegularOblique:pixelsize=22,xft:Symbol"; } -- cgit v1.2.3 From 17860a36557ff31d589ad88d3f9aa98b81204d27 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 13 Dec 2017 18:20:44 +0100 Subject: l: ignore lidswitch only on x220 --- lass/2configs/baseX.nix | 4 ---- lass/2configs/hw/x220.nix | 5 +++++ 2 files changed, 5 insertions(+), 4 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 32a9f66cf..9712bafff 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -112,10 +112,6 @@ in { xkbOptions = "caps:backspace"; }; - services.logind.extraConfig = '' - HandleLidSwitch=ignore - ''; - services.urxvtd.enable = true; services.xresources.enable = true; lass.screenlock.enable = true; diff --git a/lass/2configs/hw/x220.nix b/lass/2configs/hw/x220.nix index bf7decc40..f5651da13 100644 --- a/lass/2configs/hw/x220.nix +++ b/lass/2configs/hw/x220.nix @@ -29,4 +29,9 @@ options = ["nosuid" "nodev" "noatime"]; }; }; + + services.logind.extraConfig = '' + HandleLidSwitch=ignore + ''; + } -- cgit v1.2.3 From e556f8a67c0e1840da041813585f9127d2015682 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 13 Dec 2017 18:26:30 +0100 Subject: l br: fix scanner ip --- lass/2configs/br.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/br.nix b/lass/2configs/br.nix index 35bac8fee..ad307c797 100644 --- a/lass/2configs/br.nix +++ b/lass/2configs/br.nix @@ -18,7 +18,7 @@ with import ; netDevices = { bra = { model = "MFCL2700DN"; - ip = "10.23.42.221"; + ip = "10.42.23.221"; }; }; }; -- cgit v1.2.3 From 0065b8306daf343d83379e2ea5ec461bcc933c91 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 13 Dec 2017 18:26:49 +0100 Subject: l browsers: use devedition for ff --- lass/2configs/browsers.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix index a858d3fec..9459cfd6f 100644 --- a/lass/2configs/browsers.nix +++ b/lass/2configs/browsers.nix @@ -47,7 +47,7 @@ let createFirefoxUser = name: extraGroups: precedence: let bin = pkgs.writeScriptBin name '' - /var/run/wrappers/bin/sudo -u ${name} -i ${pkgs.firefox}/bin/firefox $@ + /var/run/wrappers/bin/sudo -u ${name} -i ${pkgs.firefox-devedition-bin}/bin/firefox-devedition $@ ''; in { users.extraUsers.${name} = { -- cgit v1.2.3 From 7aa1155d675186e09e663963368a1db2056aae27 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 13 Dec 2017 18:27:34 +0100 Subject: l dcso-dev: authorize lass-android --- lass/2configs/dcso-dev.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass/2configs') diff --git a/lass/2configs/dcso-dev.nix b/lass/2configs/dcso-dev.nix index b7fcc7aab..63702a77e 100644 --- a/lass/2configs/dcso-dev.nix +++ b/lass/2configs/dcso-dev.nix @@ -15,6 +15,7 @@ in { createHome = true; openssh.authorizedKeys.keys = [ config.krebs.users.lass.pubkey + config.krebs.users.lass-android.pubkey "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDhQdDQFMxXOjbC+Avx3mlcFHqQpFUk/q9sO6ATA65jCV3YzN11vhZDDv54hABVS2h8TPXs7Lu3PCvK9qouASd2h4Ie9cExUmn50G/iwgFIODsCugVYBzVt1iwaAdwz1Hb9DKYXbVXanzVJjimmrrlQNvsyZg85lcnfyedpPX5ad+4FdSP68LHqEHC18LTitldR6V4P1omaKHlOtVpDgR/72tDgbtNZDBn3EU+TPk9OLTzjc6PinPw4iIvjEfiu14APwXpFDIqT7P7SjOEFpa0v/1z7dhxIy/Z9XbqyEdUfhv3PjZR5K2C+VzR7g6jVEVR2xFId51MpLv/Un4/lalbphBEw3I90Rr8tatOJiFhyrXbaKTcLqp1sIu05OxdPkm3hzfmLIhoKxhaIlXH7WQ9sAqxL1NAQ7O+J6yT4DMnwKzvpkkJjBaGtV84Pp1cccfNRH8XXID3FkWkrUpdgXWBpyLnRq4ilUJTajkU0GSdXkq8kLL3mWg9LPRTg3dmDj61ZB/qhjM61ppwHJvDRN9WI5HruXIU6nOQjh5yE2C/JZfLcsZD4Y1UDBy5/JSZrCVT2sQjFopkkYEkRCbX7oITHOH4iyRdxZkKWLUPboFrcmBpXO+owCEhO4JZrtfFWMC6qM++nrmiZWOrdIOIvdYHWluhKR2shlkisEKQP5pUqkw== markus.hihn@dcso.de" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1T5+2epslFARSnETdr4wdolA6ocJaD4H9tmz6BZFQKXlwIq+OMp+sSEdwYwW3Lu9+mNbBHPxVVJDWg/We9DXB0ezXPM5Bs1+FcehmkoGwkmgKaFCDt0sL+CfSnog/3wEkN21O/rQxVFqMmiJ7WUDGci6IKCFZ5ZjOsmmfHg5p3LYxU9xv33fNr2v+XauhrGbFtQ7eDz4kSywxN/aw73LN4d8em0V0UV8VPI3Qkw7MamDFwefA+K1TfK8pBzMeruU6N7HLuNkpkAp7kS+K4Zzd72aQtR37a5qMiFUbOxQ9B7iFypuPx0iu6ZwY1s/sM8t3kLmcDJ9O4FOTzlbpneet3as6iJ+Ckr/TlfKor2Tl5pWcXh2FXHoG8VUu5bYmIViJBrKihAlAQfQN0mJ9fdFTnCXVTtbYTy11s4eEVHgUlb7oSpgBnx5bnBONgApbsOX9zyoo8wz8KkZBcf1SQpkV5br8uUAHCcZtHuY6I3kKlv+8lJmgUipiYzMdTi7+dHa49gVEcEKL4ZnJ0msQkl4XT7JjKETLvumC4/TIqVuRu48wuYalkCR9OzxCsTXQ/msBJBztPdYLrEOXVb2HfzuCT+43UuMQ5rP/EoPy0TWQO9BaqfEXqvbOvWjVxj/GMvglQ2ChZTwHxwwTKB8qRVvJLnbZQwizQiSrkzjb6hRJfQ== u0_a165@localhost" ]; -- cgit v1.2.3 From 7d08a64baff20c3dd62029825750f6f92bb3fd4f Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 13 Dec 2017 18:27:55 +0100 Subject: l dcso-dev: add go to devs pkgs --- lass/2configs/dcso-dev.nix | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'lass/2configs') diff --git a/lass/2configs/dcso-dev.nix b/lass/2configs/dcso-dev.nix index 63702a77e..2b91f91d6 100644 --- a/lass/2configs/dcso-dev.nix +++ b/lass/2configs/dcso-dev.nix @@ -43,6 +43,10 @@ in { }; }; + krebs.per-user.dev.packages = [ + pkgs.go + ]; + security.sudo.extraConfig = '' ${mainUser.name} ALL=(dev) NOPASSWD: ALL ''; -- cgit v1.2.3 From 7da08e8e1949c2d095b7ff48a45b68b853a7da54 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 13 Dec 2017 18:29:15 +0100 Subject: l: add payeer@lassul.us --- lass/2configs/exim-smarthost.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass/2configs') diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix index 763633dd9..2d848773f 100644 --- a/lass/2configs/exim-smarthost.nix +++ b/lass/2configs/exim-smarthost.nix @@ -48,6 +48,7 @@ with import ; { from = "tomtop@lassul.us"; to = lass.mail; } { from = "aliexpress@lassul.us"; to = lass.mail; } { from = "business@lassul.us"; to = lass.mail; } + { from = "payeer@lassul.us"; to = lass.mail; } ]; system-aliases = [ { from = "mailer-daemon"; to = "postmaster"; } -- cgit v1.2.3 From ca46531d1b11b5ece8acb482d40d8fd8d3b21908 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 13 Dec 2017 18:29:40 +0100 Subject: l games: add df with tileset --- lass/2configs/games.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/games.nix b/lass/2configs/games.nix index d114a826d..6cea271c1 100644 --- a/lass/2configs/games.nix +++ b/lass/2configs/games.nix @@ -57,7 +57,7 @@ let in { environment.systemPackages = with pkgs; [ - dwarf_fortress + (dwarf-fortress.override { theme = dwarf-fortress-packages.phoebus-theme; }) doom1 doom2 vdoom1 -- cgit v1.2.3 From 6d12698fe0d08b959ab92bc1a772ebd0b210bf86 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 13 Dec 2017 18:30:04 +0100 Subject: l gpd-pocket: remove duplicate tlp --- lass/2configs/hw/gpd-pocket.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/hw/gpd-pocket.nix b/lass/2configs/hw/gpd-pocket.nix index 193c12c13..87b4c518b 100644 --- a/lass/2configs/hw/gpd-pocket.nix +++ b/lass/2configs/hw/gpd-pocket.nix @@ -16,7 +16,6 @@ in { boot.kernelParams = [ "fbcon=rotate:1" ]; - services.tlp.enable = true; services.xserver.displayManager.sessionCommands = '' (sleep 2 && ${pkgs.xorg.xrandr}/bin/xrandr --output DSI1 --rotate right) (sleep 2 && ${pkgs.xorg.xinput}/bin/xinput set-prop 'Goodix Capacitive TouchScreen' 'Coordinate Transformation Matrix' 0 1 0 -1 0 1 0 0 1) -- cgit v1.2.3 From 337ae5f4890dade45b58a180b72d61c861a788eb Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 13 Dec 2017 18:30:34 +0100 Subject: l lassul.us: fix acme --- lass/2configs/websites/lassulus.nix | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index 77f0c79e3..25ca1f455 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -153,15 +153,15 @@ in { }; security.acme.certs."cgit.lassul.us" = { - email = "lassulus@gmail.com"; - webroot = "/var/lib/acme/acme-challenges"; + email = "lassulus@lassul.us"; + webroot = "/var/lib/acme/acme-challenge"; plugins = [ "account_key.json" - "key.pem" "fullchain.pem" + "key.pem" ]; group = "nginx"; - allowKeysForGroup = true; + user = "nginx"; }; @@ -170,6 +170,9 @@ in { addSSL = true; sslCertificate = "/var/lib/acme/cgit.lassul.us/fullchain.pem"; sslCertificateKey = "/var/lib/acme/cgit.lassul.us/key.pem"; + locations."/.well-known/acme-challenge".extraConfig = '' + root /var/lib/acme/acme-challenge; + ''; }; users.users.blog = { -- cgit v1.2.3