From 3f04bdd19a877020aa6713f166c8aeb756739b7f Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 8 May 2019 13:53:48 +0200 Subject: ma mqtt: be more insecure --- makefu/2configs/mqtt.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'makefu') diff --git a/makefu/2configs/mqtt.nix b/makefu/2configs/mqtt.nix index c56521812..8b77df962 100644 --- a/makefu/2configs/mqtt.nix +++ b/makefu/2configs/mqtt.nix @@ -5,6 +5,9 @@ host = "0.0.0.0"; users = {}; # TODO: secure that shit + aclExtraConf = '' + pattern readwrite /# + ''; allowAnonymous = true; }; } -- cgit v1.2.3 From 1a42b74ddd167037c337ec91ad05ba9d044124af Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 8 May 2019 13:54:04 +0200 Subject: ma backup/ssh: add wbob --- makefu/2configs/backup/ssh/wbob.pub | 1 + 1 file changed, 1 insertion(+) create mode 100644 makefu/2configs/backup/ssh/wbob.pub (limited to 'makefu') diff --git a/makefu/2configs/backup/ssh/wbob.pub b/makefu/2configs/backup/ssh/wbob.pub new file mode 100644 index 000000000..52d56d956 --- /dev/null +++ b/makefu/2configs/backup/ssh/wbob.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOUZcfi2SXxCo1if0oU3x9qPK8/O5FmiXy2HFZyTp/P1 makefu@x -- cgit v1.2.3 From 98d0dc01af77fa29fe6a1e23369d11e5b7ac7d8d Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 8 May 2019 13:54:37 +0200 Subject: ma bureautomation: add thierry --- makefu/2configs/bureautomation/hass.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'makefu') diff --git a/makefu/2configs/bureautomation/hass.nix b/makefu/2configs/bureautomation/hass.nix index 02465520c..ace1d10ce 100644 --- a/makefu/2configs/bureautomation/hass.nix +++ b/makefu/2configs/bureautomation/hass.nix @@ -146,6 +146,7 @@ in { "device_tracker.ecki_tablet" "device_tracker.daniel_phone" "device_tracker.carsten_phone" + "device_tracker.thierry_phone" # "person.thorsten" # "person.felix" # "person.ecki" -- cgit v1.2.3 From afed4c7e2d31fe5e1200033f4903da12798a3466 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 8 May 2019 13:55:00 +0200 Subject: ma taskd: define dataDir as state --- makefu/2configs/taskd.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'makefu') diff --git a/makefu/2configs/taskd.nix b/makefu/2configs/taskd.nix index 5ca3b9904..122ad66a7 100644 --- a/makefu/2configs/taskd.nix +++ b/makefu/2configs/taskd.nix @@ -1,5 +1,6 @@ {config, ... }: { + state = [ config.services.taskserver.dataDir ]; services.taskserver.enable = true; services.taskserver.fqdn = config.krebs.build.host.name; services.taskserver.listenHost = "::"; -- cgit v1.2.3 From 6067519d8d12af2b9dc9f8abfd2a86206effd4e4 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 8 May 2019 13:55:28 +0200 Subject: ma task-client: remove shell-aliases --- makefu/2configs/task-client.nix | 7 ------- 1 file changed, 7 deletions(-) (limited to 'makefu') diff --git a/makefu/2configs/task-client.nix b/makefu/2configs/task-client.nix index 470193d6c..1fdddb9b1 100644 --- a/makefu/2configs/task-client.nix +++ b/makefu/2configs/task-client.nix @@ -4,11 +4,4 @@ pkgs.taskwarrior ]; - environment.shellAliases = { - tshack = "task project:shack"; - twork = "task project:soc"; - tpki = "task project:pki"; - tkrebs = "task project:krebs"; - t = "task project: "; - }; } -- cgit v1.2.3 From 6f82bc0e459db88bc9a671565e43aee504dd0e8f Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 8 May 2019 13:56:04 +0200 Subject: ma zsh.nix: manually load direnv --- makefu/2configs/home-manager/zsh.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'makefu') diff --git a/makefu/2configs/home-manager/zsh.nix b/makefu/2configs/home-manager/zsh.nix index 267a2e878..d24969ef0 100644 --- a/makefu/2configs/home-manager/zsh.nix +++ b/makefu/2configs/home-manager/zsh.nix @@ -25,12 +25,12 @@ then [ -d .direnv ] || mkdir .direnv local tmp=$(nix-shell --show-trace "$@" \ - --run "\"$direnv\" dump bash") + --run "\"$direnv\" dump zsh") echo "$tmp" > "$cache" fi local path_backup=$PATH term_backup=$TERM - direnv_load cat "$cache" + . "$cache" export PATH=$PATH:$path_backup TERM=$term_backup -- cgit v1.2.3 From 28f095aa0940166b6628882b539d55cdabff9828 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 8 May 2019 13:57:29 +0200 Subject: ma stats/arafetch: use latest version --- makefu/2configs/stats/arafetch.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'makefu') diff --git a/makefu/2configs/stats/arafetch.nix b/makefu/2configs/stats/arafetch.nix index c16629cc5..6ab9d3774 100644 --- a/makefu/2configs/stats/arafetch.nix +++ b/makefu/2configs/stats/arafetch.nix @@ -2,7 +2,7 @@ with import ; let pkg = with pkgs.python3Packages;buildPythonPackage rec { - rev = "762d747"; + rev = "775d0c2"; name = "arafetch-${rev}"; propagatedBuildInputs = [ requests @@ -13,7 +13,7 @@ let src = pkgs.fetchgit { url = "http://cgit.euer.krebsco.de/arafetch"; inherit rev; - sha256 = "164xiqbrr914lz0nh3i1dxz8iwg6vm2af3i3803cd3242nznw0ws"; + sha256 = "0z35avn7vmbd1661ca1zkc9i4lwcm03kpwgiqxddpkp1yxhl548p"; }; }; home = "/var/lib/arafetch"; @@ -34,7 +34,7 @@ in { path = [ pkg pkgs.git pkgs.wget ]; serviceConfig = { User = "arafetch"; - Restart = "always"; + # Restart = "always"; WorkingDirectory = home; PrivateTmp = true; ExecStart = pkgs.writeDash "start-weekrun" '' -- cgit v1.2.3 From 4ee6d7e34e0d5546ab2d74a26a6e64edc85e43e3 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 8 May 2019 13:58:28 +0200 Subject: ma vim: disable languageClient again --- makefu/2configs/editor/vim.nix | 1 - makefu/2configs/editor/vimrc | 11 ----------- 2 files changed, 12 deletions(-) (limited to 'makefu') diff --git a/makefu/2configs/editor/vim.nix b/makefu/2configs/editor/vim.nix index 8a58e44de..d14a611b4 100644 --- a/makefu/2configs/editor/vim.nix +++ b/makefu/2configs/editor/vim.nix @@ -23,7 +23,6 @@ in { vimrcConfig.vam.pluginDictionaries = [ { names = [ "undotree" # "YouCompleteMe" - "LanguageClient-neovim" "vim-better-whitespace" ]; } # vim-nix handles indentation better but does not perform sanity { names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; } diff --git a/makefu/2configs/editor/vimrc b/makefu/2configs/editor/vimrc index 96c505ba8..8cdab55db 100644 --- a/makefu/2configs/editor/vimrc +++ b/makefu/2configs/editor/vimrc @@ -96,14 +96,3 @@ augroup Binary au BufWritePost *.bin if &bin | %!xxd au BufWritePost *.bin set nomod | endif augroup END - -let g:LanguageClient_serverCommands = { -\ 'python': ['pyls'] -\ } -nnoremap :call LanguageClient_contextMenu() -nnoremap gh :call LanguageClient_textDocument_hover() -nnoremap gd :call LanguageClient_textDocument_definition() -nnoremap gr :call LanguageClient_textDocument_references() -nnoremap gs :call LanguageClient_textDocument_documentSymbol() -nnoremap :call LanguageClient_textDocument_rename() -nnoremap gf :call LanguageClient_textDocument_formatting() -- cgit v1.2.3 From f6a0f6bfd274927bfaafdc411f93827ebf029358 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 8 May 2019 13:58:51 +0200 Subject: ma fs: more documentation --- makefu/2configs/fs/sda-crypto-root-home.nix | 26 +++++++++++++++++++++++++- makefu/2configs/fs/sda-crypto-root.nix | 3 +-- 2 files changed, 26 insertions(+), 3 deletions(-) (limited to 'makefu') diff --git a/makefu/2configs/fs/sda-crypto-root-home.nix b/makefu/2configs/fs/sda-crypto-root-home.nix index e790ed6a8..4f0cf8c6b 100644 --- a/makefu/2configs/fs/sda-crypto-root-home.nix +++ b/makefu/2configs/fs/sda-crypto-root-home.nix @@ -8,7 +8,31 @@ # / (main-root) # /home (main-home) -with import ; +# clean the boot sector: +# dd if=/dev/zero of=/dev/sda count=2048 +# Installation Instruction on ISO: +# fdisk /dev/sda + # boot 500M + # rest rest +# cryptsetup luksFormat /dev/sda2 +# mkfs.ext4 -L nixboot /dev/sda1 +# cryptsetup luksOpen /dev/sda2 cryptoluks +# pvcreate /dev/mapper/cryptoluks +# vgcreate main /dev/mapper/cryptoluks +# lvcreate -L 200Gib main -n root +# lvcreate -L 800Gib main -n home +# mkfs.ext4 /dev/main/root +# mkfs.ext4 /dev/main/home +# mount /dev/mapper/main-root /mnt +# mkdir -p /mnt/{boot,home,var/src} /var/src +# mount /dev/sda1 /mnt/boot +# mount /dev/mapper/main-home /mnt/home +# touch /mnt/var/src/.populate +# mount -o bind /mnt/var/src /var/src +# nix-channel --add https://nixos.org/channels/nixos-19.03 nixpkgs && # nix-channel --update +# nix-env -iA nixpkgs.gitMinimal +# (on deploy-host) $(nix-build ~/stockholm/makefu/krops.nix --no-out-link --argstr name x --argstr target 10.42.22.91 -A deploy --show-trace) +# NIXOS_CONFIG=/var/src/nixos-config nixos-install -I /var/src --no-root-passwd --no-channel-copy { imports = [ diff --git a/makefu/2configs/fs/sda-crypto-root.nix b/makefu/2configs/fs/sda-crypto-root.nix index 55cfd74f5..e49843cfe 100644 --- a/makefu/2configs/fs/sda-crypto-root.nix +++ b/makefu/2configs/fs/sda-crypto-root.nix @@ -9,8 +9,7 @@ # boot 500M # rest rest # cryptsetup luksFormat /dev/sda2 -# -with import ; +# mkfs.ext4 -L nixboot /dev/sda1 { boot = { loader.grub.enable = true; -- cgit v1.2.3 From da44703a861c56e954cb350ec65b87b30b6e4ace Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 8 May 2019 13:59:13 +0200 Subject: ma printer: cups as state dir --- makefu/2configs/printer.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'makefu') diff --git a/makefu/2configs/printer.nix b/makefu/2configs/printer.nix index 0889ebbc1..d297483b2 100644 --- a/makefu/2configs/printer.nix +++ b/makefu/2configs/printer.nix @@ -32,4 +32,5 @@ in { tcp 192.168.1.5 ''; #home printer SCX-3205W }; + state = [ "/var/lib/cups" ]; } -- cgit v1.2.3 From 8de1b7553ced70a449655024fbcbad431ab0a1ca Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 8 May 2019 14:00:01 +0200 Subject: ma mail.euer: use new mailserver release, set state --- makefu/2configs/mail/mail.euer.nix | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'makefu') diff --git a/makefu/2configs/mail/mail.euer.nix b/makefu/2configs/mail/mail.euer.nix index f8f82e76b..d27b888a7 100644 --- a/makefu/2configs/mail/mail.euer.nix +++ b/makefu/2configs/mail/mail.euer.nix @@ -1,7 +1,7 @@ { config, pkgs, ... }: { imports = [ - (builtins.fetchTarball "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/v2.2.0/nixos-mailserver-v2.2.0.tar.gz") + (builtins.fetchTarball "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/v2.2.1/nixos-mailserver-v2.2.1.tar.gz") ]; mailserver = { @@ -32,8 +32,12 @@ }; services.dovecot2.extraConfig = '' - ssl_dh = Date: Wed, 8 May 2019 22:34:01 +0200 Subject: ma pkgs.pico2wave: init --- makefu/5pkgs/pico2wave/default.nix | 44 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) create mode 100644 makefu/5pkgs/pico2wave/default.nix (limited to 'makefu') diff --git a/makefu/5pkgs/pico2wave/default.nix b/makefu/5pkgs/pico2wave/default.nix new file mode 100644 index 000000000..5302e8bf3 --- /dev/null +++ b/makefu/5pkgs/pico2wave/default.nix @@ -0,0 +1,44 @@ +{ stdenv, lib, fetchurl +, popt +, libredirect +, dpkg +, makeWrapper +, autoPatchelfHook +, ... +}: +# https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=svox-pico-bin +let + pkgrel="8"; + _arch = "amd64"; +in +stdenv.mkDerivation rec { + name = "pico2wave"; # svox-pico-bin + version = "1.0+git20130326"; + srcs = [ + (fetchurl { url = "http://mirrors.kernel.org/ubuntu/pool/multiverse/s/svox/libttspico0_${version}-${pkgrel}_${_arch}.deb"; sha256 = "0b8r7r8by5kamnm960bsicimnj1a40ghy3475nzy1jvwj5xgqhrj"; }) + (fetchurl { url = "http://mirrors.kernel.org/ubuntu/pool/multiverse/s/svox/libttspico-dev_${version}-${pkgrel}_${_arch}.deb"; sha256 = "1knjiwi117h02nbf7k6ll080vl65gxwx3rpj0fq5xkvxbqpjjbvz"; }) + (fetchurl { url = "http://mirrors.kernel.org/ubuntu/pool/multiverse/s/svox/libttspico-data_${version}-${pkgrel}_all.deb"; sha256 = "0k0x5jh5qzzasrg766pfmls3ksj18wwdbssysvpxkq98aqg4fgmx"; }) + (fetchurl { url = "http://mirrors.kernel.org/ubuntu/pool/multiverse/s/svox/libttspico-utils_${version}-${pkgrel}_${_arch}.deb"; sha256 = "11yk25fh4n7qz4xjg0dri68ygc3aapj1bk9cvhcwkfvm46j5lrjv"; }) + ] ; + + nativeBuildInputs = [ dpkg makeWrapper autoPatchelfHook ]; + + dontBuild = true; + + buildInputs = [ popt ]; + + unpackPhase = lib.concatMapStringsSep ";" (src: "dpkg-deb -x ${src} .") srcs; + + installPhase = '' + mkdir -p $out + cp -r usr/. $out/ + + mv $out/lib/*-linux-gnu/* $out/lib/ + rmdir $out/lib/*-linux-gnu + + wrapProgram "$out/bin/pico2wave" \ + --set LD_PRELOAD "${libredirect}/lib/libredirect.so" \ + --set NIX_REDIRECTS /usr/share/pico/lang=$out/share/pico/lang + ''; + +} -- cgit v1.2.3 From c07c0412418e3979e609fd5200a34dd1830e9334 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 9 May 2019 08:42:23 +0200 Subject: prison-break: finish move from makefu to krebs namespace --- makefu/2configs/hw/network-manager.nix | 5 ++++- makefu/2configs/nur.nix | 6 +++--- makefu/5pkgs/default.nix | 1 + 3 files changed, 8 insertions(+), 4 deletions(-) (limited to 'makefu') diff --git a/makefu/2configs/hw/network-manager.nix b/makefu/2configs/hw/network-manager.nix index d7b262b91..e781c7ed1 100644 --- a/makefu/2configs/hw/network-manager.nix +++ b/makefu/2configs/hw/network-manager.nix @@ -1,4 +1,7 @@ { pkgs, lib, ... }: +let + prison-break = pkgs.callPackage ../../../krebs/5pkgs/simple/prison-break {}; +in { users.users.makefu = { extraGroups = [ "networkmanager" ]; @@ -31,6 +34,6 @@ "/etc/NetworkManager/system-connections" #NM stateful config files ]; networking.networkmanager.dispatcherScripts = [ - { source = "${pkgs.prison-break}/bin/prison-break"; } + { source = "${prison-break}/bin/prison-break"; } ]; } diff --git a/makefu/2configs/nur.nix b/makefu/2configs/nur.nix index dda00063a..3cb4981e0 100644 --- a/makefu/2configs/nur.nix +++ b/makefu/2configs/nur.nix @@ -1,7 +1,7 @@ { pkgs, ... }:{ nixpkgs.config.packageOverrides = pkgs: { - nur = pkgs.callPackage (import (builtins.fetchGit { - url = "https://github.com/nix-community/NUR"; - })) {}; + nur = import (builtins.fetchTarball "https://github.com/nix-community/NUR/archive/master.tar.gz") { + inherit pkgs; + }; }; } diff --git a/makefu/5pkgs/default.nix b/makefu/5pkgs/default.nix index 1ae10459f..a3c489ccc 100644 --- a/makefu/5pkgs/default.nix +++ b/makefu/5pkgs/default.nix @@ -40,6 +40,7 @@ in { qcma = super.pkgs.libsForQt5.callPackage ./custom/qcma { }; inherit (callPackage ./devpi {}) devpi-web ; nodemcu-uploader = super.pkgs.callPackage ./nodemcu-uploader {}; + prison-break = abort "`prison-break` moved from this namespace to `nur.repos.krebs.prison-break`"; } // (mapAttrs (_: flip callPackage {}) -- cgit v1.2.3 From 135dc5297ab71045a1f58e053c4584f694988146 Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 14 May 2019 09:18:08 +0200 Subject: ma pkgs.prison-break: move back to own namespace, use nur.repos.makefu.prison-break for krebs --- makefu/5pkgs/prison-break/default.nix | 20 ++++++++++++++++++++ makefu/5pkgs/prison-break/straight-plugin.nix | 22 ++++++++++++++++++++++ 2 files changed, 42 insertions(+) create mode 100644 makefu/5pkgs/prison-break/default.nix create mode 100644 makefu/5pkgs/prison-break/straight-plugin.nix (limited to 'makefu') diff --git a/makefu/5pkgs/prison-break/default.nix b/makefu/5pkgs/prison-break/default.nix new file mode 100644 index 000000000..672e0b3a0 --- /dev/null +++ b/makefu/5pkgs/prison-break/default.nix @@ -0,0 +1,20 @@ +{pkgs, fetchFromGitHub}: +with pkgs.python3.pkgs; + +buildPythonPackage rec { + pname = "prison-break"; + version = "1.2.0"; + src = fetchFromGitHub { + owner = "makefu"; + repo = pname; + rev = version; + sha256 = "07wy6f06vj9s131c16gw1xl1jf9gq5xiqia8awfb26s99gxlv7l9"; + }; + propagatedBuildInputs = [ + docopt + requests + beautifulsoup4 + (callPackage ./straight-plugin.nix {}) + ]; + checkInputs = [ black ]; +} diff --git a/makefu/5pkgs/prison-break/straight-plugin.nix b/makefu/5pkgs/prison-break/straight-plugin.nix new file mode 100644 index 000000000..606c60b5d --- /dev/null +++ b/makefu/5pkgs/prison-break/straight-plugin.nix @@ -0,0 +1,22 @@ +{ lib +, buildPythonPackage +, fetchPypi +}: + +buildPythonPackage rec { + pname = "straight-plugin"; + version = "1.5.0"; + + src = fetchPypi { + pname = "straight.plugin"; + inherit version; + sha256 = "818a7641068932ed6436d0af0a3bb77bbbde29df0a7142c8bd1a249e7c2f0d38"; + }; + + meta = with lib; { + description = "A simple namespaced plugin facility"; + homepage = https://github.com/ironfroggy/straight.plugin; + license = licenses.mit; + maintainers = [ maintainers.makefu ]; + }; +} -- cgit v1.2.3 From 1340e3fb77beaf1d35d21bd885ce3673a84307a7 Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 14 May 2019 09:30:48 +0200 Subject: ma network-manager: use prison-break from pkgs --- makefu/2configs/hw/network-manager.nix | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) (limited to 'makefu') diff --git a/makefu/2configs/hw/network-manager.nix b/makefu/2configs/hw/network-manager.nix index e781c7ed1..d7b262b91 100644 --- a/makefu/2configs/hw/network-manager.nix +++ b/makefu/2configs/hw/network-manager.nix @@ -1,7 +1,4 @@ { pkgs, lib, ... }: -let - prison-break = pkgs.callPackage ../../../krebs/5pkgs/simple/prison-break {}; -in { users.users.makefu = { extraGroups = [ "networkmanager" ]; @@ -34,6 +31,6 @@ in "/etc/NetworkManager/system-connections" #NM stateful config files ]; networking.networkmanager.dispatcherScripts = [ - { source = "${prison-break}/bin/prison-break"; } + { source = "${pkgs.prison-break}/bin/prison-break"; } ]; } -- cgit v1.2.3