From 920436365aafe5d02153f2c16919d2a4c5644aaa Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 9 Feb 2017 15:32:37 +0100 Subject: l 2 websites: enable ipv6 on all sites --- lass/2configs/websites/lassulus.nix | 10 ++++++++-- lass/2configs/websites/util.nix | 8 +++++++- 2 files changed, 15 insertions(+), 3 deletions(-) (limited to 'lass') diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index 024d2eeb..3a897942 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -110,7 +110,10 @@ in { ''; enableSSL = true; - extraConfig = "listen 80;"; + extraConfig = '' + listen 80; + listen [::]:80; + ''; sslCertificate = "/var/lib/acme/lassul.us/fullchain.pem"; sslCertificateKey = "/var/lib/acme/lassul.us/key.pem"; }; @@ -123,7 +126,10 @@ in { root /var/lib/acme/acme-challenges; ''; enableSSL = true; - extraConfig = "listen 80;"; + extraConfig = '' + listen 80; + listen [::]:80; + ''; sslCertificate = "/var/lib/acme/cgit.lassul.us/fullchain.pem"; sslCertificateKey = "/var/lib/acme/cgit.lassul.us/key.pem"; }; diff --git a/lass/2configs/websites/util.nix b/lass/2configs/websites/util.nix index 6e236ab6..d596e9db 100644 --- a/lass/2configs/websites/util.nix +++ b/lass/2configs/websites/util.nix @@ -17,7 +17,10 @@ rec { services.nginx.virtualHosts.${domain} = { enableACME = true; enableSSL = true; - extraConfig = "listen 80;"; + extraConfig = '' + listen 80; + listen [::]:80; + ''; serverAliases = domains; locations."/".extraConfig = '' root /srv/http/${domain}; @@ -35,6 +38,7 @@ rec { serverAliases = domains; extraConfig = '' listen 80; + listen [::]:80; # Add headers to serve security related headers add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; @@ -148,6 +152,8 @@ rec { serverAliases = domains; extraConfig = '' listen 80; + listen [::]:80; + root /srv/http/${domain}/; index index.php; access_log /tmp/nginx_acc.log; -- cgit v1.2.3 From 137c49b847a896009972a3fa7ad2f60358c0a643 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 9 Feb 2017 16:57:45 +0100 Subject: l 1 mors: add ipfs testing stuff --- lass/1systems/mors.nix | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'lass') diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index a5eaaed9..d0f835c6 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -126,6 +126,10 @@ with import ; # }; # }; #} + { + #ipfs-testing + services.ipfs.enable = true; + } ]; krebs.build.host = config.krebs.hosts.mors; -- cgit v1.2.3 From 51761c3b9ba7c994e269328ab68e71318c9fbc34 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 9 Feb 2017 16:57:54 +0100 Subject: l 2: allow ipv6-icmp --- lass/2configs/default.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass') diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index d1810c00..2441f1b7 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -202,6 +202,7 @@ with import ; filter.INPUT.rules = [ { predicate = "-m conntrack --ctstate RELATED,ESTABLISHED"; target = "ACCEPT"; precedence = 10001; } { predicate = "-p icmp"; target = "ACCEPT"; precedence = 10000; } + { predicate = "-p ipv6-icmp"; target = "ACCEPT"; v4 = false; precedence = 10000; } { predicate = "-i lo"; target = "ACCEPT"; precedence = 9999; } { predicate = "-p tcp --dport 22"; target = "ACCEPT"; precedence = 9998; } { predicate = "-p tcp -i retiolum"; target = "REJECT --reject-with tcp-reset"; precedence = -10000; } -- cgit v1.2.3 From a947c088b3cb996abc9eb3cb89ffbf7efb0c196c Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 12 Feb 2017 10:33:44 +0100 Subject: l 2 nixpkgs: f7b7d8e -> 6651c72 --- lass/2configs/nixpkgs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix index aef9dd8b..ad39848b 100644 --- a/lass/2configs/nixpkgs.nix +++ b/lass/2configs/nixpkgs.nix @@ -3,6 +3,6 @@ { krebs.build.source.nixpkgs.git = { url = https://github.com/nixos/nixpkgs; - ref = "f7b7d8e"; + ref = "6651c72"; }; } -- cgit v1.2.3 From baf325a8d8542dd6fef6cc7b97fd3211c5b174f5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 12 Feb 2017 22:30:46 +0100 Subject: l 2: add dnscrypt as default --- lass/2configs/default.nix | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'lass') diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index 2441f1b7..2292b5ce 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -62,6 +62,12 @@ with import ; pkgs.pythonPackages.python ]; } + { + services.dnscrypt-proxy.enable = true; + networking.extraResolvconfConf = '' + name_servers='127.0.0.1' + ''; + } ]; networking.hostName = config.krebs.build.host.name; -- cgit v1.2.3 From bfcf167c38925f5e12619d7afe8565d7df03194b Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 13 Feb 2017 09:44:18 +0100 Subject: l: remove obsolete page --- lass/1systems/prism.nix | 1 - lass/2configs/websites/wohnprojekt-rhh.de.nix | 23 ----------------------- 2 files changed, 24 deletions(-) delete mode 100644 lass/2configs/websites/wohnprojekt-rhh.de.nix (limited to 'lass') diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index c0c22a0d..5c6a59c7 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -164,7 +164,6 @@ in { } { imports = [ - ../2configs/websites/wohnprojekt-rhh.de.nix ../2configs/websites/domsen.nix ../2configs/websites/lassulus.nix ]; diff --git a/lass/2configs/websites/wohnprojekt-rhh.de.nix b/lass/2configs/websites/wohnprojekt-rhh.de.nix deleted file mode 100644 index 0c409ca8..00000000 --- a/lass/2configs/websites/wohnprojekt-rhh.de.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ config, pkgs, lib, ... }: - -let - inherit (import ) - genid - ; - inherit (import {inherit lib pkgs;}) - ssl - servePage - ; -in { - imports = [ - ( ssl [ "wohnprojekt-rhh.de" ]) - ( servePage [ "wohnprojekt-rhh.de" ]) - ]; - - users.users.laura = { - home = "/srv/http/wohnprojekt-rhh.de"; - createHome = true; - useDefaultShell = true; - }; -} - -- cgit v1.2.3 From fe46163e586b2b19126fffd1a7710e1b61349389 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 13 Feb 2017 14:32:00 +0100 Subject: l 2 monitoring: add monit-alarms --- lass/2configs/monitoring/monit-alarms.nix | 34 +++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 lass/2configs/monitoring/monit-alarms.nix (limited to 'lass') diff --git a/lass/2configs/monitoring/monit-alarms.nix b/lass/2configs/monitoring/monit-alarms.nix new file mode 100644 index 00000000..a8573853 --- /dev/null +++ b/lass/2configs/monitoring/monit-alarms.nix @@ -0,0 +1,34 @@ +{pkgs, config, ...}: +with import ; +let + echoToIrc = msg: + pkgs.writeDash "echo_irc" '' + set -euf + export LOGNAME=prism-alarm + ${pkgs.irc-announce}/bin/irc-announce \ + ni.r 6667 prism-alarm \#retiolum "${msg}" >/dev/null + ''; + +in { + krebs.monit = { + enable = true; + http.enable = true; + alarms.nirwanabluete = { + test = "${pkgs.curl}/bin/curl -sf 'https://nirwanabluete.de/'"; + alarm = echoToIrc "test nirwanabluete failed"; + }; + alarms.ubik = { + test = "${pkgs.curl}/bin/curl -sf 'https://ubikmedia.de'"; + alarm = echoToIrc "test ubik failed"; + }; + alarms.hfos = { + test = "${pkgs.curl}/bin/curl -sf --insecure 'https://hfos.hackerfleet.de'"; + alarm = echoToIrc "test hfos failed"; + }; + alarms.cac-panel = { + test = "${pkgs.curl}/bin/curl -sf 'https://panel.cloudatcost.com/login.php'"; + alarm = echoToIrc "test cac-panel failed"; + }; + }; +} + -- cgit v1.2.3 From 8281365719165547a08cadc37b2c3ff08a119846 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 13 Feb 2017 16:16:01 +0100 Subject: l 1 mors: add krebszones --- lass/1systems/mors.nix | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'lass') diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index d0f835c6..1ad9cd4b 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -130,6 +130,11 @@ with import ; #ipfs-testing services.ipfs.enable = true; } + { + environment.systemPackages = [ + pkgs.krebszones + ]; + } ]; krebs.build.host = config.krebs.hosts.mors; -- cgit v1.2.3 From 0c7740b6e47cf77e155cdd7fc1ae4c0f187e45bb Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 13 Feb 2017 17:17:44 +0100 Subject: l 1 mors: remove dead icinga code --- lass/1systems/mors.nix | 50 -------------------------------------------------- 1 file changed, 50 deletions(-) (limited to 'lass') diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index 1ad9cd4b..bffb08ad 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -76,56 +76,6 @@ with import ; { services.redis.enable = true; } - #{ - # #gitit magic - # imports = [ ]; - # services.gitit = { - # enable = true; - # haskellPackages = pkgs.haskell.packages.ghc7103; - # }; - #} - #{ - # lass.icinga2 = { - # enable = true; - # configFiles = [ - # '' - # template Service "generic-service" { - # max_check_attempts = 3 - # check_interval = 5m - # retry_interval = 1m - # enable_perfdata = true - # } - # apply Service "ping4" { - # } - # '' - # ]; - # }; - # services.mysql = { - # enable = true; - # package = pkgs.mariadb; - # rootPassword = "/mysql_rootPassword"; - # }; - # lass.icingaweb2 = { - # enable = true; - # initialRootPasswordHash = "$1$HpWDCehI$ITbAoyfOB6HEN1ftooxZq0"; - # resources = { - # icinga2db = { - # type = "mysql"; - # host = "localhost"; - # user = "icingaweb2"; - # db = "icinga"; - # passfile = ; - # }; - # icingaweb2db = { - # type = "mysql"; - # host = "localhost"; - # user = "icingaweb2"; - # db = "icingaweb2"; - # passfile = ; - # }; - # }; - # }; - #} { #ipfs-testing services.ipfs.enable = true; -- cgit v1.2.3 From 08973e5e00cf27b0548c4924ab4afe1768d79217 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 13 Feb 2017 17:17:55 +0100 Subject: l 1 prism: import monit-alarms --- lass/1systems/prism.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass') diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index 5c6a59c7..a62b5cd7 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -44,6 +44,7 @@ in { ../2configs/hfos.nix ../2configs/makefu-sip.nix ../2configs/monitoring/server.nix + ../2configs/monitoring/monit-alarms.nix { imports = [ ../2configs/bepasty.nix -- cgit v1.2.3 From 6dabaf5afef5767eedbaadcba8e3e06e46c645a4 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 13 Feb 2017 20:56:34 +0100 Subject: l 2 monit: add radio test --- lass/2configs/monitoring/monit-alarms.nix | 40 +++++++++++++++++++------------ 1 file changed, 25 insertions(+), 15 deletions(-) (limited to 'lass') diff --git a/lass/2configs/monitoring/monit-alarms.nix b/lass/2configs/monitoring/monit-alarms.nix index a8573853..d14275c1 100644 --- a/lass/2configs/monitoring/monit-alarms.nix +++ b/lass/2configs/monitoring/monit-alarms.nix @@ -13,21 +13,31 @@ in { krebs.monit = { enable = true; http.enable = true; - alarms.nirwanabluete = { - test = "${pkgs.curl}/bin/curl -sf 'https://nirwanabluete.de/'"; - alarm = echoToIrc "test nirwanabluete failed"; - }; - alarms.ubik = { - test = "${pkgs.curl}/bin/curl -sf 'https://ubikmedia.de'"; - alarm = echoToIrc "test ubik failed"; - }; - alarms.hfos = { - test = "${pkgs.curl}/bin/curl -sf --insecure 'https://hfos.hackerfleet.de'"; - alarm = echoToIrc "test hfos failed"; - }; - alarms.cac-panel = { - test = "${pkgs.curl}/bin/curl -sf 'https://panel.cloudatcost.com/login.php'"; - alarm = echoToIrc "test cac-panel failed"; + alarms = { + nirwanabluete = { + test = "${pkgs.curl}/bin/curl -sf 'https://nirwanabluete.de/'"; + alarm = echoToIrc "test nirwanabluete failed"; + }; + ubik = { + test = "${pkgs.curl}/bin/curl -sf 'https://ubikmedia.de'"; + alarm = echoToIrc "test ubik failed"; + }; + hfos = { + test = "${pkgs.curl}/bin/curl -sf --insecure 'https://hfos.hackerfleet.de'"; + alarm = echoToIrc "test hfos failed"; + }; + cac-panel = { + test = "${pkgs.curl}/bin/curl -sf 'https://panel.cloudatcost.com/login.php'"; + alarm = echoToIrc "test cac-panel failed"; + }; + radio = { + test = pkgs.writeBash "check_stream" '' + ${pkgs.curl}/bin/curl -sif http://lassul.us:8000/radio.ogg \ + | ${pkgs.gawk}/bin/awk '/^\r$/{exit}{print $0}' \ + | ${pkgs.gnugrep}/bin/grep -q "200 OK" || exit "''${PIPESTATUS[0]}" + ''; + alarm = echoToIrc "test radio failed"; + }; }; }; } -- cgit v1.2.3 From e7f12c4d865c5556b408a8301de6e2eabb39165b Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 13 Feb 2017 20:58:29 +0100 Subject: l 2 monit: open monit port to retiolum --- lass/2configs/monitoring/monit-alarms.nix | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'lass') diff --git a/lass/2configs/monitoring/monit-alarms.nix b/lass/2configs/monitoring/monit-alarms.nix index d14275c1..063fadb1 100644 --- a/lass/2configs/monitoring/monit-alarms.nix +++ b/lass/2configs/monitoring/monit-alarms.nix @@ -40,5 +40,9 @@ in { }; }; }; + + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p tcp -i retiolum --dport 9093"; target = "ACCEPT"; } + ]; } -- cgit v1.2.3 From 4e8d61d8f74e547c6718d55b13ae1d5eb2287bfd Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 14 Feb 2017 13:20:14 +0100 Subject: l 2 hfos: forward https from localhost --- lass/2configs/hfos.nix | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'lass') diff --git a/lass/2configs/hfos.nix b/lass/2configs/hfos.nix index 7d4d544a..a4020dad 100644 --- a/lass/2configs/hfos.nix +++ b/lass/2configs/hfos.nix @@ -32,4 +32,8 @@ with import ; { v6 = false; precedence = 1000; predicate = "-d 192.168.122.208 -p tcp --dport 1080 -m state --state NEW,ESTABLISHED,RELATED"; target = "ACCEPT"; } { v6 = false; precedence = 1000; predicate = "-d 192.168.122.208 -p tcp --dport 1443 -m state --state NEW,ESTABLISHED,RELATED"; target = "ACCEPT"; } ]; + + krebs.iptables.tables.nat.OUTPUT.rules = [ + { v6 = false; precedence = 1000; predicate = "-d 213.239.205.246 -p tcp --dport 443"; target = "DNAT --to-destination 192.168.122.208:1443"; } + ]; } -- cgit v1.2.3 From 1b5196f4fdc8dc32fb771d518f08a769329b5fd9 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 16 Feb 2017 00:07:36 +0100 Subject: l 2: add copyq.nix --- lass/2configs/copyq.nix | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 lass/2configs/copyq.nix (limited to 'lass') diff --git a/lass/2configs/copyq.nix b/lass/2configs/copyq.nix new file mode 100644 index 00000000..0616c402 --- /dev/null +++ b/lass/2configs/copyq.nix @@ -0,0 +1,38 @@ +{ config, pkgs, ... }: +with import ; +let + copyqConfig = pkgs.writeDash "copyq-config" '' + ${pkgs.copyq}/bin/copyq config check_clipboard true + ${pkgs.copyq}/bin/copyq config check_selection true + ${pkgs.copyq}/bin/copyq config copy_clipboard true + ${pkgs.copyq}/bin/copyq config copy_selection true + + ${pkgs.copyq}/bin/copyq config activate_closes true + ${pkgs.copyq}/bin/copyq config clipboard_notification_lines 0 + ${pkgs.copyq}/bin/copyq config clipboard_tab clipboard + ${pkgs.copyq}/bin/copyq config disable_tray true + ${pkgs.copyq}/bin/copyq config hide_tabs true + ${pkgs.copyq}/bin/copyq config hide_toolbar true + ${pkgs.copyq}/bin/copyq config item_popup_interval true + ${pkgs.copyq}/bin/copyq config maxitems 1000 + ${pkgs.copyq}/bin/copyq config move true + ${pkgs.copyq}/bin/copyq config text_wrap true + ''; +in { + systemd.user.services.copyq = { + after = [ "graphical.target" ]; + wants = [ "graphical.target" ]; + wantedBy = [ "default.target" ]; + environment = { + DISPLAY = ":0"; + }; + serviceConfig = { + SyslogIdentifier = "copyq"; + ExecStart = "${pkgs.copyq}/bin/copyq"; + ExecStartPost = copyqConfig; + Restart = "always"; + RestartSec = "2s"; + StartLimitBurst = 0; + }; + }; +} -- cgit v1.2.3 From 679ccce6bd5feef4edd7533a67536836f7b7aa26 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 16 Feb 2017 00:05:38 +0100 Subject: l 2: use upstream xserver --- lass/2configs/baseX.nix | 60 +++++++------- lass/2configs/fetchWallpaper.nix | 4 - lass/2configs/xserver/Xresources.nix | 66 --------------- lass/2configs/xserver/default.nix | 147 --------------------------------- lass/2configs/xserver/xserver.conf.nix | 40 --------- lass/5pkgs/xmonad-lass.nix | 22 +---- 6 files changed, 31 insertions(+), 308 deletions(-) delete mode 100644 lass/2configs/xserver/Xresources.nix delete mode 100644 lass/2configs/xserver/default.nix delete mode 100644 lass/2configs/xserver/xserver.conf.nix (limited to 'lass') diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 2933ca0e..539fdc87 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -1,13 +1,13 @@ { config, pkgs, ... }: - +with import ; let - mainUser = config.users.extraUsers.mainUser; + user = config.krebs.build.user; in { imports = [ - ./xserver ./mpv.nix ./power-action.nix ./screenlock.nix + ./copyq.nix { hardware.pulseaudio = { enable = true; @@ -66,37 +66,31 @@ in { youtube-tools rxvt_unicode - #window manager stuff - #haskellPackages.xmobar - #haskellPackages.yeganesh - #dmenu2 - #xlibs.fontschumachermisc ]; - #fonts.fonts = [ - # pkgs.xlibs.fontschumachermisc - #]; - - #services.xserver = { - # enable = true; - - # windowManager.xmonad.extraPackages = hspkgs: with hspkgs; [ - # X11-xshape - # ]; - # windowManager.xmonad.enable = true; - # windowManager.xmonad.enableContribAndExtras = true; - # windowManager.default = "xmonad"; - # desktopManager.default = "none"; - # desktopManager.xterm.enable = false; - # displayManager.slim.enable = true; - # displayManager.auto.enable = true; - # displayManager.auto.user = mainUser.name; - - # layout = "us"; - # xkbModel = "evdev"; - # xkbVariant = "altgr-intl"; - # xkbOptions = "caps:backspace"; - #}; + fonts.fonts = [ + pkgs.xlibs.fontschumachermisc + ]; + + services.xserver = { + enable = true; + + desktopManager.xterm.enable = false; + displayManager.slim.enable = true; + windowManager.session = [{ + name = "xmonad"; + start = '' + ${pkgs.xorg.xhost}/bin/xhost +LOCAL: + ${pkgs.xmonad-lass}/bin/xmonad & + waitPID=$! + ''; + }]; + + layout = "us"; + xkbModel = "evdev"; + xkbVariant = "altgr-intl"; + xkbOptions = "caps:backspace"; + }; services.logind.extraConfig = '' HandleLidSwitch=ignore @@ -107,4 +101,6 @@ in { twoFingerScroll = true; accelFactor = "0.035"; }; + + services.urxvtd.enable = true; } diff --git a/lass/2configs/fetchWallpaper.nix b/lass/2configs/fetchWallpaper.nix index 29f32199..971be958 100644 --- a/lass/2configs/fetchWallpaper.nix +++ b/lass/2configs/fetchWallpaper.nix @@ -9,9 +9,5 @@ in { url = "prism/wallpaper.png"; maxTime = 10; }; - systemd.services.fetchWallpaper = { - after = [ "xmonad.service" ]; - wantedBy = [ "xmonad.service" ]; - }; } diff --git a/lass/2configs/xserver/Xresources.nix b/lass/2configs/xserver/Xresources.nix deleted file mode 100644 index 3049774f..00000000 --- a/lass/2configs/xserver/Xresources.nix +++ /dev/null @@ -1,66 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; - -pkgs.writeText "Xresources" '' - URxvt*scrollBar: false - URxvt*urgentOnBell: true - URxvt*font: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-* - URxvt*boldFont: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-* - - ! ref https://github.com/muennich/urxvt-perls - URxvt.perl-lib: ${pkgs.urxvt_perls}/lib/urxvt/perl - URxvt.perl-ext-common: default,clipboard,url-select,keyboard-select - URxvt.url-select.launcher: ${config.lass.browser.select}/bin/browser-select - URxvt.url-select.underline: true - URxvt.keysym.M-u: perl:url-select:select_next - URxvt.keysym.M-Escape: perl:keyboard-select:activate - URxvt.keysym.M-s: perl:keyboard-select:search - - URxvt.intensityStyles: false - - URxvt*background: #050505 - ! URxvt*background: #041204 - - !URxvt.depth: 32 - !URxvt*background: rgba:0500/0500/0500/cccc - - ! URxvt*background: #080810 - URxvt*foreground: #d0d7d0 - ! URxvt*background: black - ! URxvt*foreground: white - ! URxvt*background: rgb:00/00/40 - ! URxvt*foreground: rgb:a0/a0/d0 - ! XTerm*cursorColor: rgb:00/00/60 - URxvt*cursorColor: #f042b0 - URxvt*cursorColor2: #f0b000 - URxvt*cursorBlink: off - ! URxvt*cursorUnderline: true - ! URxvt*highlightColor: #232323 - ! URxvt*highlightTextColor: #b0ffb0 - - URxvt*.pointerBlank: true - URxvt*.pointerBlankDelay: 987654321 - URxvt*.pointerColor: #f042b0 - URxvt*.pointerColor2: #050505 - - ! URxvt*color0: #000000 - ! URxvt*color1: #c00000 - ! URxvt*color2: #80c070 - URxvt*color3: #c07000 - ! URxvt*color4: #0000c0 - URxvt*color4: #4040c0 - ! URxvt*color5: #c000c0 - ! URxvt*color6: #008080 - URxvt*color7: #c0c0c0 - - URxvt*color8: #707070 - URxvt*color9: #ff6060 - URxvt*color10: #70ff70 - URxvt*color11: #ffff70 - URxvt*color12: #7070ff - URxvt*color13: #ff50ff - URxvt*color14: #70ffff - URxvt*color15: #ffffff - -'' diff --git a/lass/2configs/xserver/default.nix b/lass/2configs/xserver/default.nix deleted file mode 100644 index cba4db76..00000000 --- a/lass/2configs/xserver/default.nix +++ /dev/null @@ -1,147 +0,0 @@ -{ config, pkgs, ... }@args: -with import ; -let - user = config.krebs.build.user; - - copyqConfig = pkgs.writeDash "copyq-config" '' - ${pkgs.copyq}/bin/copyq config check_clipboard true - ${pkgs.copyq}/bin/copyq config check_selection true - ${pkgs.copyq}/bin/copyq config copy_clipboard true - ${pkgs.copyq}/bin/copyq config copy_selection true - - ${pkgs.copyq}/bin/copyq config activate_closes true - ${pkgs.copyq}/bin/copyq config clipboard_notification_lines 0 - ${pkgs.copyq}/bin/copyq config clipboard_tab &clipboard - ${pkgs.copyq}/bin/copyq config disable_tray true - ${pkgs.copyq}/bin/copyq config hide_tabs true - ${pkgs.copyq}/bin/copyq config hide_toolbar true - ${pkgs.copyq}/bin/copyq config item_popup_interval true - ${pkgs.copyq}/bin/copyq config maxitems 1000 - ${pkgs.copyq}/bin/copyq config move true - ${pkgs.copyq}/bin/copyq config text_wrap true - ''; -in { - - environment.systemPackages = [ - pkgs.gitAndTools.qgit - pkgs.mpv - pkgs.sxiv - pkgs.xsel - pkgs.zathura - ]; - - fonts.fonts = [ - pkgs.xlibs.fontschumachermisc - ]; - - services.xserver = { - enable = true; - display = 11; - tty = 11; - - synaptics = { - enable = true; - twoFingerScroll = true; - accelFactor = "0.035"; - }; - - layout = "us"; - xkbVariant = "altgr-intl"; - xkbOptions = "caps:backspace"; - }; - - systemd.services.display-manager.enable = false; - - systemd.services.xmonad = { - wantedBy = [ "multi-user.target" ]; - requires = [ "xserver.service" ]; - environment = { - DISPLAY = ":${toString config.services.xserver.display}"; - - XMONAD_STARTUP_HOOK = pkgs.writeDash "xmonad-startup-hook" '' - ${pkgs.xorg.xhost}/bin/xhost +LOCAL: & - ${pkgs.xorg.xrdb}/bin/xrdb -merge ${import ./Xresources.nix args} & - ${pkgs.xorg.xsetroot}/bin/xsetroot -solid '#1c1c1c' & - wait - ''; - - XMONAD_STATE = "/tmp/xmonad.state"; - - # XXX JSON is close enough :) - XMONAD_WORKSPACES0_FILE = pkgs.writeText "xmonad.workspaces0" (toJSON [ - "dashboard" # we start here - ]); - }; - serviceConfig = { - SyslogIdentifier = "xmonad"; - ExecStart = "${pkgs.xmonad-lass}/bin/xmonad"; - ExecStop = pkgs.writeScript "xmonad-stop" '' - #! /bin/sh - ${pkgs.xmonad-lass}/bin/xmonad --shutdown - ${pkgs.coreutils}/bin/sleep 2s - ''; - User = user.name; - WorkingDirectory = user.home; - }; - }; - - systemd.services.xserver = { - after = [ - "systemd-udev-settle.service" - "local-fs.target" - "acpid.service" - ]; - reloadIfChanged = true; - environment = { - XKB_BINDIR = "${pkgs.xorg.xkbcomp}/bin"; # Needed for the Xkb extension. - XORG_DRI_DRIVER_PATH = "/run/opengl-driver/lib/dri"; # !!! Depends on the driver selected at runtime. - LD_LIBRARY_PATH = concatStringsSep ":" ( - [ "${pkgs.xorg.libX11}/lib" "${pkgs.xorg.libXext}/lib" ] - ++ concatLists (catAttrs "libPath" config.services.xserver.drivers)); - }; - serviceConfig = { - SyslogIdentifier = "xserver"; - ExecReload = "${pkgs.coreutils}/bin/echo NOP"; - ExecStart = toString [ - "${pkgs.xorg.xorgserver}/bin/X" - ":${toString config.services.xserver.display}" - "vt${toString config.services.xserver.tty}" - "-config ${import ./xserver.conf.nix args}" - "-logfile /dev/null -logverbose 0 -verbose 3" - "-nolisten tcp" - "-xkbdir ${pkgs.xkeyboard_config}/etc/X11/xkb" - ]; - }; - }; - - systemd.services.urxvtd = { - wantedBy = [ "multi-user.target" ]; - reloadIfChanged = true; - serviceConfig = { - SyslogIdentifier = "urxvtd"; - ExecReload = "${pkgs.coreutils}/bin/echo NOP"; - ExecStart = "${pkgs.rxvt_unicode}/bin/urxvtd"; - Restart = "always"; - RestartSec = "2s"; - StartLimitBurst = 0; - User = user.name; - }; - }; - - systemd.services.copyq = { - wantedBy = [ "multi-user.target" ]; - requires = [ "xserver.service" ]; - environment = { - DISPLAY = ":${toString config.services.xserver.display}"; - }; - serviceConfig = { - SyslogIdentifier = "copyq"; - ExecStart = "${pkgs.copyq}/bin/copyq"; - ExecStartPost = copyqConfig; - Restart = "always"; - RestartSec = "2s"; - StartLimitBurst = 0; - User = user.name; - }; - }; -} diff --git a/lass/2configs/xserver/xserver.conf.nix b/lass/2configs/xserver/xserver.conf.nix deleted file mode 100644 index 6f34e015..00000000 --- a/lass/2configs/xserver/xserver.conf.nix +++ /dev/null @@ -1,40 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; - -let - cfg = config.services.xserver; -in - -pkgs.stdenv.mkDerivation { - name = "xserver.conf"; - - xfs = optionalString (cfg.useXFS != false) - ''FontPath "${toString cfg.useXFS}"''; - - inherit (cfg) config; - - buildCommand = - '' - echo 'Section "Files"' >> $out - echo $xfs >> $out - - for i in ${toString config.fonts.fonts}; do - if test "''${i:0:''${#NIX_STORE}}" == "$NIX_STORE"; then - for j in $(find $i -name fonts.dir); do - echo " FontPath \"$(dirname $j)\"" >> $out - done - fi - done - - for i in $(find ${toString cfg.modules} -type d); do - if test $(echo $i/*.so* | wc -w) -ne 0; then - echo " ModulePath \"$i\"" >> $out - fi - done - - echo 'EndSection' >> $out - - echo "$config" >> $out - ''; -} diff --git a/lass/5pkgs/xmonad-lass.nix b/lass/5pkgs/xmonad-lass.nix index dd4d8803..22ec7efa 100644 --- a/lass/5pkgs/xmonad-lass.nix +++ b/lass/5pkgs/xmonad-lass.nix @@ -22,7 +22,7 @@ import XMonad import qualified XMonad.StackSet as W import Control.Exception import Data.List (isInfixOf) -import System.Environment (getArgs, withArgs, getEnv) +import System.Environment (getArgs, withArgs) import System.IO (hPutStrLn, stderr) import System.Posix.Process (executeFile) import Text.Read (readEither) @@ -60,21 +60,17 @@ main = getArgs >>= \case mainNoArgs :: IO () mainNoArgs = do - workspaces0 <- getWorkspaces0 xmonad' $ withUrgencyHook (SpawnUrgencyHook "echo emit Urgency ") $ def { terminal = urxvtcPath , modMask = mod4Mask - , workspaces = workspaces0 , layoutHook = smartBorders $ myLayoutHook , manageHook = placeHook (smart (1,0)) <+> floatNextHook - , startupHook = do - path <- liftIO (getEnv "XMONAD_STARTUP_HOOK") - forkFile path [] Nothing , normalBorderColor = "#1c1c1c" , focusedBorderColor = "#f000b0" , handleEventHook = handleShutdownEvent + , workspaces = [ "dashboard" ] } `additionalKeysP` myKeyMap myLayoutHook = defLayout @@ -84,7 +80,7 @@ myLayoutHook = defLayout xmonad' :: (LayoutClass l Window, Read (l Window)) => XConfig l -> IO () xmonad' conf = do - path <- getEnv "XMONAD_STATE" + let path = "/tmp/xmonad.state" try (readFile path) >>= \case Right content -> do hPutStrLn stderr ("resuming from " ++ path) @@ -93,18 +89,6 @@ xmonad' conf = do hPutStrLn stderr (displaySomeException e) xmonad conf -getWorkspaces0 :: IO [String] -getWorkspaces0 = - try (getEnv "XMONAD_WORKSPACES0_FILE") >>= \case - Left e -> warn (displaySomeException e) - Right p -> try (readFile p) >>= \case - Left e -> warn (displaySomeException e) - Right x -> case readEither x of - Left e -> warn e - Right y -> return y - where - warn msg = hPutStrLn stderr ("getWorkspaces0: " ++ msg) >> return [] - displaySomeException :: SomeException -> String displaySomeException = displayException -- cgit v1.2.3 From 47a4df4558803937823e3c671153bda372d60de5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 16 Feb 2017 00:06:15 +0100 Subject: l 2: use #noise on ni for noisy stuff --- lass/2configs/buildbot-standalone.nix | 2 +- lass/2configs/monitoring/monit-alarms.nix | 2 +- lass/2configs/monitoring/server.nix | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) (limited to 'lass') diff --git a/lass/2configs/buildbot-standalone.nix b/lass/2configs/buildbot-standalone.nix index cd11254d..2bd3e991 100644 --- a/lass/2configs/buildbot-standalone.nix +++ b/lass/2configs/buildbot-standalone.nix @@ -216,7 +216,7 @@ in { enable = true; nick = "buildbot-lass"; server = "ni.r"; - channels = [ { channel = "retiolum"; } ]; + channels = [ { channel = "retiolum"; } { channel = "noise"; } ]; allowForce = true; }; }; diff --git a/lass/2configs/monitoring/monit-alarms.nix b/lass/2configs/monitoring/monit-alarms.nix index 063fadb1..05d64c04 100644 --- a/lass/2configs/monitoring/monit-alarms.nix +++ b/lass/2configs/monitoring/monit-alarms.nix @@ -6,7 +6,7 @@ let set -euf export LOGNAME=prism-alarm ${pkgs.irc-announce}/bin/irc-announce \ - ni.r 6667 prism-alarm \#retiolum "${msg}" >/dev/null + ni.r 6667 prism-alarm \#noise "${msg}" >/dev/null ''; in { diff --git a/lass/2configs/monitoring/server.nix b/lass/2configs/monitoring/server.nix index bbae4511..b6ccf9cc 100644 --- a/lass/2configs/monitoring/server.nix +++ b/lass/2configs/monitoring/server.nix @@ -29,7 +29,7 @@ with import ; data="$(${pkgs.jq}/bin/jq -r .message)" export LOGNAME=prism-alarm ${pkgs.irc-announce}/bin/irc-announce \ - ni.r 6667 prism-alarm \#retiolum "$data" >/dev/null + ni.r 6667 prism-alarm \#noise "$data" >/dev/null ''; in { enable = true; -- cgit v1.2.3 From f959d410b60ef7fe7b99546e18f0b473c1a8ac42 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 16 Feb 2017 00:06:38 +0100 Subject: l 2: disable dark blue folders --- lass/2configs/default.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass') diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index 2292b5ce..8100a433 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -161,6 +161,7 @@ with import ; shopt -s histappend histreedit histverify shopt -s no_empty_cmd_completion complete -d cd + LS_COLORS=$LS_COLORS:'di=1;31:' ; export LS_COLORS ''; promptInit = '' if test $UID = 0; then -- cgit v1.2.3 From 66cb7e01eb9b7bf9d4348b31fa38492270fa8ec0 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 16 Feb 2017 00:06:57 +0100 Subject: l 2 hw tp-x220: disable touchpad by default --- lass/2configs/hw/tp-x220.nix | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'lass') diff --git a/lass/2configs/hw/tp-x220.nix b/lass/2configs/hw/tp-x220.nix index d551cd44..1e75271c 100644 --- a/lass/2configs/hw/tp-x220.nix +++ b/lass/2configs/hw/tp-x220.nix @@ -48,4 +48,9 @@ with import ; ]; security.rngd.enable = true; + + services.xserver.synaptics = { + enable = true; + additionalOptions = ''Option "TouchpadOff" "1"''; + }; } -- cgit v1.2.3 From 43d6c89dd68a6c2cda969d716ff381bd47c0545d Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 16 Feb 2017 13:15:58 +0100 Subject: l 2 screenlock: use DISPLAY :0 --- lass/2configs/screenlock.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/screenlock.nix b/lass/2configs/screenlock.nix index 237127f6..b5bc4ee2 100644 --- a/lass/2configs/screenlock.nix +++ b/lass/2configs/screenlock.nix @@ -5,7 +5,7 @@ before = [ "sleep.target" ]; wantedBy = [ "sleep.target" ]; environment = { - DISPLAY = ":${toString config.services.xserver.display}"; + DISPLAY = ":0"; }; serviceConfig = { SyslogIdentifier = "screenlock"; -- cgit v1.2.3 From ef8dbbe206d2eae5a160b4a4a85f0b947cd85e08 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 17 Feb 2017 16:04:41 +0100 Subject: l 1 prism: run repo-sync more often --- lass/1systems/prism.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index a62b5cd7..81520ad5 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -215,7 +215,7 @@ in { } { krebs.repo-sync.timerConfig = { - OnUnitInactiveSec = "5min"; + OnUnitInactiveSec = "3min"; RandomizedDelaySec = "2min"; }; } -- cgit v1.2.3 From 763b9b4688bcd6719a5f4f6f5c59bcc56204e6e2 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 17 Feb 2017 16:12:12 +0100 Subject: l 2 vim: enable ruler --- lass/2configs/vim.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix index c3eac8f3..4d6dfe36 100644 --- a/lass/2configs/vim.nix +++ b/lass/2configs/vim.nix @@ -25,7 +25,7 @@ let set hlsearch set incsearch set mouse=a - set noruler + set ruler set pastetoggle= set runtimepath=${extra-runtimepath},$VIMRUNTIME set shortmess+=I -- cgit v1.2.3 From d4445947aeacf9f133eaad375106cd1cfad84e25 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 21 Feb 2017 14:30:21 +0100 Subject: l 1 shodan: setup hfos monitoring --- lass/1systems/shodan.nix | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) (limited to 'lass') diff --git a/lass/1systems/shodan.nix b/lass/1systems/shodan.nix index 232e91d9..82622d15 100644 --- a/lass/1systems/shodan.nix +++ b/lass/1systems/shodan.nix @@ -42,6 +42,26 @@ with import ; pkgs.python27Packages.python ]; } + { + krebs.monit = let + echoToIrc = msg: + pkgs.writeDash "echo_irc" '' + set -euf + export LOGNAME=prism-alarm + ${pkgs.irc-announce}/bin/irc-announce \ + ni.r 6667 ${config.networking.hostName}-alarm \#noise "${msg}" >/dev/null + ''; + in { + enable = true; + http.enable = true; + alarms = { + hfos = { + test = "${pkgs.curl}/bin/curl -sf --insecure 'https://hfos.hackerfleet.de'"; + alarm = echoToIrc "test hfos failed"; + }; + }; + }; + } ]; krebs.build.host = config.krebs.hosts.shodan; -- cgit v1.2.3 From 5829d6726070b037d5698faedb77fa79b311c9f2 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 21 Feb 2017 14:30:49 +0100 Subject: l 2 hfos: run krebs-iptables after libvirtd --- lass/2configs/hfos.nix | 2 ++ 1 file changed, 2 insertions(+) (limited to 'lass') diff --git a/lass/2configs/hfos.nix b/lass/2configs/hfos.nix index a4020dad..dcd50dd7 100644 --- a/lass/2configs/hfos.nix +++ b/lass/2configs/hfos.nix @@ -36,4 +36,6 @@ with import ; krebs.iptables.tables.nat.OUTPUT.rules = [ { v6 = false; precedence = 1000; predicate = "-d 213.239.205.246 -p tcp --dport 443"; target = "DNAT --to-destination 192.168.122.208:1443"; } ]; + + systemd.services.krebs-iptables.after = [ "libvirtd.service" ]; } -- cgit v1.2.3 From af93c8cba606813007bab84e8d1d8d822764333a Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 21 Feb 2017 14:31:15 +0100 Subject: l 2 monitoring monit: use hostname in irc alarm --- lass/2configs/monitoring/monit-alarms.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/monitoring/monit-alarms.nix b/lass/2configs/monitoring/monit-alarms.nix index 05d64c04..9333ef9d 100644 --- a/lass/2configs/monitoring/monit-alarms.nix +++ b/lass/2configs/monitoring/monit-alarms.nix @@ -6,7 +6,7 @@ let set -euf export LOGNAME=prism-alarm ${pkgs.irc-announce}/bin/irc-announce \ - ni.r 6667 prism-alarm \#noise "${msg}" >/dev/null + ni.r 6667 ${config.networking.hostName}-alarm \#noise "${msg}" >/dev/null ''; in { -- cgit v1.2.3 From 5b3b825a520a13052f39ab209234a7451c8f8539 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 21 Feb 2017 14:31:49 +0100 Subject: l 2 monitoring monit: remove hfos test --- lass/2configs/monitoring/monit-alarms.nix | 4 ---- 1 file changed, 4 deletions(-) (limited to 'lass') diff --git a/lass/2configs/monitoring/monit-alarms.nix b/lass/2configs/monitoring/monit-alarms.nix index 9333ef9d..65b91a74 100644 --- a/lass/2configs/monitoring/monit-alarms.nix +++ b/lass/2configs/monitoring/monit-alarms.nix @@ -22,10 +22,6 @@ in { test = "${pkgs.curl}/bin/curl -sf 'https://ubikmedia.de'"; alarm = echoToIrc "test ubik failed"; }; - hfos = { - test = "${pkgs.curl}/bin/curl -sf --insecure 'https://hfos.hackerfleet.de'"; - alarm = echoToIrc "test hfos failed"; - }; cac-panel = { test = "${pkgs.curl}/bin/curl -sf 'https://panel.cloudatcost.com/login.php'"; alarm = echoToIrc "test cac-panel failed"; -- cgit v1.2.3 From cf64d51cc5e9b06a6fef68b2f60738b15a522e2e Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 22 Feb 2017 18:20:30 +0100 Subject: l 1 shodan: open monit port --- lass/1systems/shodan.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'lass') diff --git a/lass/1systems/shodan.nix b/lass/1systems/shodan.nix index 82622d15..dca61693 100644 --- a/lass/1systems/shodan.nix +++ b/lass/1systems/shodan.nix @@ -61,6 +61,9 @@ with import ; }; }; }; + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p tcp -i retiolum --dport 9093"; target = "ACCEPT"; } + ]; } ]; -- cgit v1.2.3 From d7a20e7ab8e1374ff34ff98b9c5764a9a8a44b82 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 22 Feb 2017 18:21:00 +0100 Subject: l 2 games: remove obsolete marinevoice pack --- lass/2configs/games.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/games.nix b/lass/2configs/games.nix index 1bcb8c67..5ff31426 100644 --- a/lass/2configs/games.nix +++ b/lass/2configs/games.nix @@ -11,7 +11,6 @@ let DOOM_DIR=''${DOOM_DIR:-~/doom/} ${vdoom} \ -file $DOOM_DIR/lib/brutalv20.pk3 \ - -file $DOOM_DIR/lib/RebotStarcraftMarines.pk3 \ "$@" ''; doom1 = pkgs.writeDashBin "doom1" '' -- cgit v1.2.3 From 9c686779e840eeddc6a74106b0a98362d5d1705b Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 22 Feb 2017 18:21:30 +0100 Subject: l 2 games: add vdoomserver executeable --- lass/2configs/games.nix | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) (limited to 'lass') diff --git a/lass/2configs/games.nix b/lass/2configs/games.nix index 5ff31426..e47cf22c 100644 --- a/lass/2configs/games.nix +++ b/lass/2configs/games.nix @@ -30,6 +30,31 @@ let ${vdoom} -iwad $DOOM_DIR/wads/stock/doom2.wad "$@" ''; + doomservercfg = pkgs.writeText "doomserver.cfg" '' + skill 7 + #survival true + #sv_maxlives 4 + #sv_norespawn true + #sv_weapondrop true + no_jump true + #sv_noweaponspawn true + sv_sharekeys true + sv_survivalcountdowntime 1 + sv_noteamselect true + sv_updatemaster false + #sv_coop_loseinventory true + #cl_startasspectator false + #lms_spectatorview false + ''; + + vdoomserver = pkgs.writeDashBin "vdoomserver" '' + DOOM_DIR=''${DOOM_DIR:-~/doom/} + + ${pkgs.zandronum-bin}/bin/zandronum-server \ + +exec ${doomservercfg} \ + "$@" + ''; + in { environment.systemPackages = with pkgs; [ dwarf_fortress @@ -37,6 +62,7 @@ in { doom2 vdoom1 vdoom2 + vdoomserver ]; users.extraUsers = { -- cgit v1.2.3 From 437dea4e645778a691f0292f86d98d50a605ffdd Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 22 Feb 2017 18:22:06 +0100 Subject: l 2 games: open up doom port --- lass/2configs/games.nix | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'lass') diff --git a/lass/2configs/games.nix b/lass/2configs/games.nix index e47cf22c..58051560 100644 --- a/lass/2configs/games.nix +++ b/lass/2configs/games.nix @@ -81,4 +81,8 @@ in { security.sudo.extraConfig = '' ${mainUser.name} ALL=(games) NOPASSWD: ALL ''; + + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p tcp --dport 10666"; target = "ACCEPT"; } + ]; } -- cgit v1.2.3 From 8d8f26db46a739f6eb7d78a2cbd23ef8fc4e10d5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 22 Feb 2017 21:57:48 +0100 Subject: l 2 git: also start nginx --- lass/2configs/git.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass') diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index bdd65ce0..3e1b2c6e 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -5,6 +5,7 @@ with import ; let out = { + services.nginx.enable = true; krebs.git = { enable = true; cgit = { -- cgit v1.2.3 From 953b7f0a8e99ee5925276001d1eeacbc54cb6d36 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 22 Feb 2017 21:58:13 +0100 Subject: l 2: add xresources.nix --- lass/2configs/baseX.nix | 1 + lass/2configs/xresources.nix | 54 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 55 insertions(+) create mode 100644 lass/2configs/xresources.nix (limited to 'lass') diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 539fdc87..446814c5 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -8,6 +8,7 @@ in { ./power-action.nix ./screenlock.nix ./copyq.nix + ./xresources.nix { hardware.pulseaudio = { enable = true; diff --git a/lass/2configs/xresources.nix b/lass/2configs/xresources.nix new file mode 100644 index 00000000..58f1623b --- /dev/null +++ b/lass/2configs/xresources.nix @@ -0,0 +1,54 @@ +{ config, pkgs, ... }: + +with import ; + +let + + xresources = pkgs.writeText "Xresources" '' + URxvt*scrollBar: false + URxvt*urgentOnBell: true + URxvt*SaveLines: 4096 + URxvt*font: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1 + URxvt*boldFont: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1 + + ! ref https://github.com/muennich/urxvt-perls + URxvt.perl-lib: ${pkgs.urxvt_perls}/lib/urxvt/perl + URxvt.perl-ext-common: default,clipboard,url-select,keyboard-select + URxvt.url-select.launcher: ${config.lass.browser.select}/bin/browser-select + URxvt.url-select.underline: true + URxvt.keysym.M-u: perl:url-select:select_next + URxvt.keysym.M-Escape: perl:keyboard-select:activate + URxvt.keysym.M-s: perl:keyboard-select:search + + URxvt.intensityStyles: false + + URxvt*background: #000000 + URxvt*foreground: #d0d7d0 + + URxvt*cursorColor: #f042b0 + URxvt*cursorColor2: #f0b000 + URxvt*cursorBlink: off + + URxvt*.pointerBlank: true + URxvt*.pointerBlankDelay: 987654321 + URxvt*.pointerColor: #f042b0 + URxvt*.pointerColor2: #050505 + ''; + +in { + systemd.user.services.xresources = { + description = "xresources"; + wantedBy = [ "default.target" ]; + + environment = { + DISPLAY = ":0"; + }; + + restartIfChanged = true; + + serviceConfig = { + Type = "simple"; + ExecStart = "${pkgs.xorg.xrdb}/bin/xrdb -merge ${xresources}"; + }; + }; +} -- cgit v1.2.3 From 6b289f8b2cd51d56c84049eab474b3f6a538bd53 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 23 Feb 2017 16:31:52 +0100 Subject: l 2 baseX: automatically login --- lass/2configs/baseX.nix | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 446814c5..179d5dbe 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -77,7 +77,13 @@ in { enable = true; desktopManager.xterm.enable = false; - displayManager.slim.enable = true; + desktopManager.default = "none"; + displayManager.lightdm.enable = true; + displayManager.lightdm.autoLogin = { + enable = true; + user = "lass"; + }; + windowManager.default = "xmonad"; windowManager.session = [{ name = "xmonad"; start = '' -- cgit v1.2.3 From 923e6edb155259d198ea5f1742426d3d6b75503b Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 23 Feb 2017 16:32:16 +0100 Subject: l 2 binary-cache: add cache.nixos.org --- lass/2configs/binary-cache/client.nix | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'lass') diff --git a/lass/2configs/binary-cache/client.nix b/lass/2configs/binary-cache/client.nix index 108ff7a1..9dba5fbf 100644 --- a/lass/2configs/binary-cache/client.nix +++ b/lass/2configs/binary-cache/client.nix @@ -2,8 +2,14 @@ { nix = { - binaryCaches = ["http://cache.prism.r"]; - binaryCachePublicKeys = ["cache.prism-1:+S+6Lo/n27XEtvdlQKuJIcb1yO5NUqUCE2lolmTgNJU="]; + binaryCaches = [ + "http://cache.prism.r" + "https://cache.nixos.org/" + ]; + binaryCachePublicKeys = [ + "cache.prism-1:+S+6Lo/n27XEtvdlQKuJIcb1yO5NUqUCE2lolmTgNJU=" + "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=" + ]; }; } -- cgit v1.2.3 From 4aee8108bd8863d52bc23cfd573d68abef0f562a Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 23 Feb 2017 16:32:46 +0100 Subject: l 2 games: open doom port for udp --- lass/2configs/games.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass') diff --git a/lass/2configs/games.nix b/lass/2configs/games.nix index 58051560..d114a826 100644 --- a/lass/2configs/games.nix +++ b/lass/2configs/games.nix @@ -84,5 +84,6 @@ in { krebs.iptables.tables.filter.INPUT.rules = [ { predicate = "-p tcp --dport 10666"; target = "ACCEPT"; } + { predicate = "-p udp --dport 10666"; target = "ACCEPT"; } ]; } -- cgit v1.2.3 From 20be651e7a8ed0c0cd99d6147331912099f8a7de Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 23 Feb 2017 16:33:00 +0100 Subject: l 2 xresources: try until success --- lass/2configs/xresources.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass') diff --git a/lass/2configs/xresources.nix b/lass/2configs/xresources.nix index 58f1623b..35dbe204 100644 --- a/lass/2configs/xresources.nix +++ b/lass/2configs/xresources.nix @@ -49,6 +49,7 @@ in { serviceConfig = { Type = "simple"; ExecStart = "${pkgs.xorg.xrdb}/bin/xrdb -merge ${xresources}"; + Restart = "on-failure"; }; }; } -- cgit v1.2.3 From 8a3515e1a6fa8dfc6b7377a0567426d11774e144 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 23 Feb 2017 16:34:29 +0100 Subject: l 2: add termite.nix --- lass/2configs/termite.nix | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 lass/2configs/termite.nix (limited to 'lass') diff --git a/lass/2configs/termite.nix b/lass/2configs/termite.nix new file mode 100644 index 00000000..245b89e9 --- /dev/null +++ b/lass/2configs/termite.nix @@ -0,0 +1,22 @@ +{ config, pkgs, ... }: +with import ; + +{ + environment.systemPackages = [ + pkgs.termite + ]; + + krebs.per-user.lass.packages = let + termitecfg = pkgs.writeTextFile { + name = "termite-config"; + destination = "/etc/xdg/termite/config"; + text = '' + [colors] + foreground = #d0d7d0 + background = #000000 + ''; + }; + in [ + termitecfg + ]; +} -- cgit v1.2.3 From 21ccde0d722c49a584486e882e5d4a304468949e Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 26 Feb 2017 00:02:06 +0100 Subject: l 2: add security-workarounds --- lass/2configs/default.nix | 4 ++-- lass/2configs/security-workarounds.nix | 8 ++++++++ 2 files changed, 10 insertions(+), 2 deletions(-) create mode 100644 lass/2configs/security-workarounds.nix (limited to 'lass') diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index 8100a433..5f383a91 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -1,5 +1,4 @@ -{ config, lib, pkgs, ... }: - +{ config, pkgs, ... }: with import ; { imports = [ @@ -11,6 +10,7 @@ with import ; ../2configs/vim.nix ../2configs/monitoring/client.nix ./backups.nix + ./security-workarounds.nix { users.extraUsers = mapAttrs (_: h: { hashedPassword = h; }) diff --git a/lass/2configs/security-workarounds.nix b/lass/2configs/security-workarounds.nix new file mode 100644 index 00000000..537c8a59 --- /dev/null +++ b/lass/2configs/security-workarounds.nix @@ -0,0 +1,8 @@ +{ config, pkgs, ... }: +with import ; +{ + # http://seclists.org/oss-sec/2017/q1/471 + boot.extraModprobeConfig = '' + install dccp /run/current-system/sw/bin/false + ''; +} -- cgit v1.2.3 From 26ccfbc834f0312b9c439c92994982c616008d3f Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 28 Feb 2017 17:45:42 +0100 Subject: l 2 vim: ignore E501 with flake8 --- lass/2configs/vim.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass') diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix index 4d6dfe36..4e0af0dc 100644 --- a/lass/2configs/vim.nix +++ b/lass/2configs/vim.nix @@ -66,6 +66,7 @@ let "Syntastic config let g:syntastic_python_checkers=['flake8'] + let g:syntastic_python_flake8_post_args='--ignore=E501' nmap q :buffer nmap :buffer -- cgit v1.2.3 From b8949604aae84355d52cdba884f3da919fb67dfb Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 28 Feb 2017 17:47:11 +0100 Subject: l 5 xmonad: use new wallpaper location --- lass/5pkgs/xmonad-lass.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/5pkgs/xmonad-lass.nix b/lass/5pkgs/xmonad-lass.nix index 22ec7efa..bc70417f 100644 --- a/lass/5pkgs/xmonad-lass.nix +++ b/lass/5pkgs/xmonad-lass.nix @@ -95,7 +95,7 @@ displaySomeException = displayException myKeyMap :: [([Char], X ())] myKeyMap = - [ ("M4-", spawn "${pkgs.i3lock}/bin/i3lock -i /var/lib/wallpaper/wallpaper -f") + [ ("M4-", spawn "${pkgs.i3lock}/bin/i3lock -i $HOME/wallpaper -f") , ("M4-C-p", spawn "${pkgs.scrot}/bin/scrot ~/public_html/scrot.png") , ("M4-p", spawn "${pkgs.pass}/bin/passmenu --type") , ("", spawn "${pkgs.pulseaudioLight.out}/bin/pactl -- set-sink-volume @DEFAULT_SINK@ +4%") -- cgit v1.2.3 From 836a7186a03623ad34d8c523ae66fc184180a01b Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 18 Feb 2017 20:31:42 +0100 Subject: l 1 prism: use lambdabot from nixpkgs lambdabot is broken with LTS Haskell 8.0 so we use the commit prior --- lass/1systems/prism.nix | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) (limited to 'lass') diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index 81520ad5..1f983da1 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -247,7 +247,13 @@ in { ]; } { - krebs.Reaktor.coders = { + krebs.Reaktor.coders = let + lambdabot = (import (pkgs.fetchFromGitHub { + owner = "NixOS"; repo = "nixpkgs"; + rev = "a4ec1841da14fc98c5c35cc72242c23bb698d4ac"; + sha256 = "148fpw31s922hxrf28yhrci296f7c7zd81hf0k6zs05rq0i3szgy"; + }) {}).lambdabot; + in { nickname = "reaktor-lass"; channels = [ "#coders" ]; extraEnviron = { @@ -263,7 +269,7 @@ in { (buildSimpleReaktorPlugin "lambdabot-pl" { pattern = "^@pl (?P.*)$$"; script = pkgs.writeDash "lambda-pl" '' - exec ${pkgs.lambdabot}/bin/lambdabot \ + exec ${lambdabot}/bin/lambdabot \ ${indent lambdabotflags} -e "@pl $1" ''; @@ -271,7 +277,7 @@ in { (buildSimpleReaktorPlugin "lambdabot-type" { pattern = "^@type (?P.*)$$"; script = pkgs.writeDash "lambda-type" '' - exec ${pkgs.lambdabot}/bin/lambdabot \ + exec ${lambdabot}/bin/lambdabot \ ${indent lambdabotflags} -e "@type $1" ''; @@ -279,7 +285,7 @@ in { (buildSimpleReaktorPlugin "lambdabot-let" { pattern = "^@let (?P.*)$$"; script = pkgs.writeDash "lambda-let" '' - exec ${pkgs.lambdabot}/bin/lambdabot \ + exec ${lambdabot}/bin/lambdabot \ ${indent lambdabotflags} -e "@let $1" ''; @@ -287,7 +293,7 @@ in { (buildSimpleReaktorPlugin "lambdabot-run" { pattern = "^@run (?P.*)$$"; script = pkgs.writeDash "lambda-run" '' - exec ${pkgs.lambdabot}/bin/lambdabot \ + exec ${lambdabot}/bin/lambdabot \ ${indent lambdabotflags} -e "@run $1" ''; @@ -295,7 +301,7 @@ in { (buildSimpleReaktorPlugin "lambdabot-kind" { pattern = "^@kind (?P.*)$$"; script = pkgs.writeDash "lambda-kind" '' - exec ${pkgs.lambdabot}/bin/lambdabot \ + exec ${lambdabot}/bin/lambdabot \ ${indent lambdabotflags} -e "@kind $1" ''; @@ -303,7 +309,7 @@ in { (buildSimpleReaktorPlugin "lambdabot-kind" { pattern = "^@kind (?P.*)$$"; script = pkgs.writeDash "lambda-kind" '' - exec ${pkgs.lambdabot}/bin/lambdabot \ + exec ${lambdabot}/bin/lambdabot \ ${indent lambdabotflags} -e "@kind $1" ''; -- cgit v1.2.3 From 984a21d274089e51ae39f6fb6f2b201f705fe3f1 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 18 Feb 2017 20:38:41 +0100 Subject: l 2 baesX: remove obsolete setuid for xlock --- lass/2configs/baseX.nix | 2 -- 1 file changed, 2 deletions(-) (limited to 'lass') diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 179d5dbe..bca7e93d 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -33,8 +33,6 @@ in { programs.ssh.startAgent = false; - security.setuidPrograms = [ "slock" ]; - services.printing = { enable = true; drivers = [ pkgs.foomatic_filters ]; -- cgit v1.2.3 From 567668c6c95241a125447765c81d506d651c30a5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 18 Feb 2017 20:39:14 +0100 Subject: l 2 browsers: use new setuid location --- lass/2configs/browsers.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lass') diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix index 88ee7080..6c381863 100644 --- a/lass/2configs/browsers.nix +++ b/lass/2configs/browsers.nix @@ -20,7 +20,7 @@ let createChromiumUser = name: extraGroups: let bin = pkgs.writeScriptBin name '' - /var/setuid-wrappers/sudo -u ${name} -i ${pkgs.chromium}/bin/chromium $@ + /var/run/wrappers/bin/sudo -u ${name} -i ${pkgs.chromium}/bin/chromium $@ ''; in { users.extraUsers.${name} = { @@ -43,7 +43,7 @@ let createFirefoxUser = name: extraGroups: let bin = pkgs.writeScriptBin name '' - /var/setuid-wrappers/sudo -u ${name} -i ${pkgs.firefox}/bin/firefox $@ + /var/run/wrappers/bin/sudo -u ${name} -i ${pkgs.firefox}/bin/firefox $@ ''; in { users.extraUsers.${name} = { -- cgit v1.2.3 From 8901f987309486c85607e2da02f1d357ff157911 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 18 Feb 2017 20:39:34 +0100 Subject: l 2 exim-smarthost: use ipv6 addresses of hosts --- lass/2configs/exim-smarthost.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix index d120dfca..360d839d 100644 --- a/lass/2configs/exim-smarthost.nix +++ b/lass/2configs/exim-smarthost.nix @@ -12,7 +12,7 @@ with import ; "lassul.us" "aidsballs.de" ]; - relay_from_hosts = map (host: host.nets.retiolum.ip4.addr) [ + relay_from_hosts = map (host: host.nets.retiolum.ip6.addr) [ config.krebs.hosts.mors config.krebs.hosts.uriel config.krebs.hosts.helios -- cgit v1.2.3 From 3503876c06f510f99c2184ddbcd57dbb79a3a91f Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 18 Feb 2017 20:40:54 +0100 Subject: l 2 nixpkgs: 6651c72 -> a9584c9 --- lass/2configs/nixpkgs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix index ad39848b..a0ba8116 100644 --- a/lass/2configs/nixpkgs.nix +++ b/lass/2configs/nixpkgs.nix @@ -3,6 +3,6 @@ { krebs.build.source.nixpkgs.git = { url = https://github.com/nixos/nixpkgs; - ref = "6651c72"; + ref = "a9584c9"; }; } -- cgit v1.2.3 From 9541497b437d713bb9a9d6ddcaafca190d17d45d Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 1 Mar 2017 16:02:35 +0100 Subject: l 2 websites util: use php56 for owncloud --- lass/2configs/websites/util.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass') diff --git a/lass/2configs/websites/util.nix b/lass/2configs/websites/util.nix index d596e9db..f83463bb 100644 --- a/lass/2configs/websites/util.nix +++ b/lass/2configs/websites/util.nix @@ -32,6 +32,7 @@ rec { let domain = head domains; in { + services.phpfpm.phpPackage = pkgs.php56; services.nginx.virtualHosts."${domain}" = { enableACME = true; enableSSL = true; -- cgit v1.2.3 From f081d1577784f6493bb99919f81c31df3432569a Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 1 Mar 2017 16:03:12 +0100 Subject: l 2 websites util: more power for wordpress --- lass/2configs/websites/util.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'lass') diff --git a/lass/2configs/websites/util.nix b/lass/2configs/websites/util.nix index f83463bb..6d14de73 100644 --- a/lass/2configs/websites/util.nix +++ b/lass/2configs/websites/util.nix @@ -182,10 +182,10 @@ rec { user = nginx group = nginx pm = dynamic - pm.max_children = 5 - pm.start_servers = 2 + pm.max_children = 15 + pm.start_servers = 3 pm.min_spare_servers = 1 - pm.max_spare_servers = 3 + pm.max_spare_servers = 10 listen.owner = nginx listen.group = nginx php_admin_value[error_log] = 'stderr' -- cgit v1.2.3 From d51656224f5fe0b73f13739044c467db9b878387 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 2 Mar 2017 15:15:25 +0100 Subject: l 2 baseX: install gutenprint for cups --- lass/2configs/baseX.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index bca7e93d..a8d9b4ff 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -35,7 +35,10 @@ in { services.printing = { enable = true; - drivers = [ pkgs.foomatic_filters ]; + drivers = [ + pkgs.foomatic_filters + pkgs.gutenprint + ]; }; environment.systemPackages = with pkgs; [ -- cgit v1.2.3 From ee9695482704af0c8371399bdf74045d5723f450 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 2 Mar 2017 15:15:45 +0100 Subject: l 2 hfos: remove lass pubkey from riot --- lass/2configs/hfos.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/hfos.nix b/lass/2configs/hfos.nix index dcd50dd7..a28a6a5d 100644 --- a/lass/2configs/hfos.nix +++ b/lass/2configs/hfos.nix @@ -8,7 +8,6 @@ with import ; extraGroups = [ "libvirtd" ]; openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMkyCwdwBrsbs3qrNQcy/SqQpex4aaQoAMuT+NDefFc8KVHOMfmkDccEyAggDTgQhUrEVIvo/fFUmGBd9sm1vN1IthO2Qh5nX+qiK/A2R7sxci0Ry6piU03R27JfpZqi6g8TSPNi1C9rC8eBqOfO3OB8oQOkFmM48Q9cmS8AV3ERLR0LaHoEqUbs86JELbtHrMdKk4Hzo8zTM/isP3GO8iDHRt4dBS/03Ve7+WVxgNwWU2HW3a3jJd3tWHrqGmS/ZfCEC/47eIj4WSW+JiH9Q0BarNEbkkMV1Mvm32MX52stGPd5FaIIUtFqD4745iVSiw8esUGFUxJ1RjWgUHr99h riot@vortex" - config.krebs.users.lass.pubkey ]; }; -- cgit v1.2.3 From 7f0dd39a8fa8872c7cc02830ab3b86dc675b8691 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 2 Mar 2017 19:28:52 +0100 Subject: l 2 nixpkgs: a9584c9 -> 53a2baa --- lass/2configs/nixpkgs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix index a0ba8116..fbf67187 100644 --- a/lass/2configs/nixpkgs.nix +++ b/lass/2configs/nixpkgs.nix @@ -3,6 +3,6 @@ { krebs.build.source.nixpkgs.git = { url = https://github.com/nixos/nixpkgs; - ref = "a9584c9"; + ref = "53a2baa"; }; } -- cgit v1.2.3 From dd30ebef45b63b4c8bb8b586f750ff877f60f565 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 4 Mar 2017 19:49:39 +0100 Sub