From 270f385c72beea35d797d807c28a08811ebb614b Mon Sep 17 00:00:00 2001 From: nin Date: Thu, 12 Jan 2017 22:21:21 +0100 Subject: nin: init --- nin/1systems/hiawatha.nix | 125 +++++++++++++++++++++++++++++++++++ nin/2configs/default.nix | 165 ++++++++++++++++++++++++++++++++++++++++++++++ nin/2configs/nixpkgs.nix | 8 +++ nin/2configs/retiolum.nix | 28 ++++++++ nin/default.nix | 7 ++ 5 files changed, 333 insertions(+) create mode 100644 nin/1systems/hiawatha.nix create mode 100644 nin/2configs/default.nix create mode 100644 nin/2configs/nixpkgs.nix create mode 100644 nin/2configs/retiolum.nix create mode 100644 nin/default.nix (limited to 'nin') diff --git a/nin/1systems/hiawatha.nix b/nin/1systems/hiawatha.nix new file mode 100644 index 000000000..26de00d18 --- /dev/null +++ b/nin/1systems/hiawatha.nix @@ -0,0 +1,125 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, lib, pkgs, ... }: + +with lib; + +{ + imports = [ + ../. + + ../2configs/retiolum.nix + ]; + + krebs.build.host = config.krebs.hosts.hiawatha; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "sd_mod" "sr_mod" "rtsx_pci_sdmmc" ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/b83f8830-84f3-4282-b10e-015c4b76bd9e"; + fsType = "ext4"; + }; + + fileSystems."/tmp" = + { device = "tmpfs"; + fsType = "tmpfs"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/2f319b08-2560-401d-b53c-2abd28f1a010"; + fsType = "ext2"; + }; + + boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; } ]; + boot.initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; + + swapDevices = [ ]; + + nix.maxJobs = lib.mkDefault 4; + # Use the GRUB 2 boot loader. + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + # Define on which hard drive you want to install Grub. + boot.loader.grub.device = "/dev/sda"; + + # Enable the OpenSSH daemon. + services.openssh.enable = true; + + # Enable CUPS to print documents. + # services.printing.enable = true; + + fileSystems."/home/nin/.local/share/Steam" = { + device = "/dev/fam/steam"; + }; + + # nin config + time.timeZone = "Europe/Berlin"; + services.xserver.enable = true; + + networking.networkmanager.enable = true; + #networking.wireless.enable = true; + + hardware.pulseaudio = { + enable = true; + systemWide = true; + }; + + hardware.bluetooth.enable = true; + + hardware.opengl.driSupport32Bit = true; + + #nixpkgs.config.steam.java = true; + + environment.variables.EDITOR = mkForce "vim"; + environment.variables.VIMINIT = ":so /etc/vimrc"; + environment.etc.vimrc.source = pkgs.writeText "vimrc" '' + set nocp + ''; + + environment.systemPackages = with pkgs; [ + firefox + steam + thunderbird + vim + git + hexchat + networkmanagerapplet + ]; + + nixpkgs.config = { + + allowUnfree = true; + + firefox = { + enableGoogleTalkPlugin = true; + enableAdobeFlash = true; + }; + }; + + #services.logind.extraConfig = "HandleLidSwitch=ignore"; + + services.xserver.synaptics = { + enable = true; + }; + + + services.xserver.desktopManager.xfce = let + xbindConfig = pkgs.writeText "xbindkeysrc" '' + "${pkgs.pass}/bin/passmenu --type" + Control + p + ''; + in { + enable = true; + extraSessionCommands = '' + ${pkgs.xbindkeys}/bin/xbindkeys -f ${xbindConfig} + ''; + }; + + # The NixOS release to be compatible with for stateful data such as databases. + system.stateVersion = "17.03"; + +} diff --git a/nin/2configs/default.nix b/nin/2configs/default.nix new file mode 100644 index 000000000..9b33e9c4a --- /dev/null +++ b/nin/2configs/default.nix @@ -0,0 +1,165 @@ +{ config, lib, pkgs, ... }: + +with import ; +{ + imports = [ + ../2configs/nixpkgs.nix + { + users.extraUsers = + mapAttrs (_: h: { hashedPassword = h; }) + (import ); + } + { + users.extraUsers = { + root = { + openssh.authorizedKeys.keys = [ + config.krebs.users.nin.pubkey + ]; + }; + mainUser = { + name = "nin"; + uid = 1337; + home = "/home/nin"; + group = "users"; + createHome = true; + useDefaultShell = true; + extraGroups = [ + "audio" + "fuse" + ]; + openssh.authorizedKeys.keys = [ + config.krebs.users.nin.pubkey + ]; + }; + }; + } + { + environment.variables = { + NIX_PATH = mkForce "secrets=/var/src/stockholm/null:/var/src"; + }; + } + (let ca-bundle = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; in { + environment.variables = { + CURL_CA_BUNDLE = ca-bundle; + GIT_SSL_CAINFO = ca-bundle; + SSL_CERT_FILE = ca-bundle; + }; + }) + ]; + + networking.hostName = config.krebs.build.host.name; + nix.maxJobs = config.krebs.build.host.cores; + + krebs = { + enable = true; + search-domain = "retiolum"; + build = { + user = config.krebs.users.nin; + source = let inherit (config.krebs.build) host; in { + nixos-config.symlink = "stockholm/nin/1systems/${host.name}.nix"; + secrets.file = "/home/nin/secrets/${host.name}"; + stockholm.file = getEnv "PWD"; + }; + }; + }; + + nix.useSandbox = true; + + services.timesyncd.enable = true; + + #why is this on in the first place? + services.nscd.enable = false; + + boot.tmpOnTmpfs = true; + # see tmpfiles.d(5) + systemd.tmpfiles.rules = [ + "d /tmp 1777 root root - -" + ]; + + # multiple-definition-problem when defining environment.variables.EDITOR + environment.extraInit = '' + EDITOR=vim + MANPAGER=most + ''; + + nixpkgs.config.allowUnfree = true; + + environment.systemPackages = with pkgs; [ + #stockholm + git + gnumake + jq + proot + populate + p7zip + unzip + unrar + ]; + + programs.bash = { + enableCompletion = true; + interactiveShellInit = '' + HISTCONTROL='erasedups:ignorespace' + HISTSIZE=65536 + HISTFILESIZE=$HISTSIZE + + shopt -s checkhash + shopt -s histappend histreedit histverify + shopt -s no_empty_cmd_completion + complete -d cd + ''; + promptInit = '' + if test $UID = 0; then + PS1='\[\033[1;31m\]\w\[\033[0m\] ' + elif test $UID = 1337; then + PS1='\[\033[1;32m\]\w\[\033[0m\] ' + else + PS1='\[\033[1;33m\]\u@\w\[\033[0m\] ' + fi + if test -n "$SSH_CLIENT"; then + PS1='\[\033[35m\]\h'" $PS1" + fi + ''; + }; + + services.openssh = { + enable = true; + hostKeys = [ + # XXX bits here make no science + { bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; } + ]; + }; + + services.journald.extraConfig = '' + SystemMaxUse=1G + RuntimeMaxUse=128M + ''; + + krebs.iptables = { + enable = true; + tables = { + nat.PREROUTING.rules = [ + { predicate = "! -i retiolum -p tcp -m tcp --dport 22"; target = "REDIRECT --to-ports 0"; precedence = 100; } + { predicate = "-p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 99; } + ]; + nat.OUTPUT.rules = [ + { predicate = "-o lo -p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 100; } + ]; + filter.INPUT.policy = "DROP"; + filter.FORWARD.policy = "DROP"; + filter.INPUT.rules = [ + { predicate = "-m conntrack --ctstate RELATED,ESTABLISHED"; target = "ACCEPT"; precedence = 10001; } + { predicate = "-p icmp"; target = "ACCEPT"; precedence = 10000; } + { predicate = "-i lo"; target = "ACCEPT"; precedence = 9999; } + { predicate = "-p tcp --dport 22"; target = "ACCEPT"; precedence = 9998; } + { predicate = "-p tcp -i retiolum"; target = "REJECT --reject-with tcp-reset"; precedence = -10000; } + { predicate = "-p udp -i retiolum"; target = "REJECT --reject-with icmp-port-unreachable"; v6 = false; precedence = -10000; } + { predicate = "-i retiolum"; target = "REJECT --reject-with icmp-proto-unreachable"; v6 = false; precedence = -10000; } + ]; + }; + }; + + networking.dhcpcd.extraConfig = '' + noipv4ll + ''; +} diff --git a/nin/2configs/nixpkgs.nix b/nin/2configs/nixpkgs.nix new file mode 100644 index 000000000..eceab7e7b --- /dev/null +++ b/nin/2configs/nixpkgs.nix @@ -0,0 +1,8 @@ +{ ... }: + +{ + krebs.build.source.nixpkgs.git = { + url = https://github.com/nixos/nixpkgs; + ref = "fd1dbe551cf6338c5f4e4f80c2f5dde9f9e6a271"; + }; +} diff --git a/nin/2configs/retiolum.nix b/nin/2configs/retiolum.nix new file mode 100644 index 000000000..821e3cc00 --- /dev/null +++ b/nin/2configs/retiolum.nix @@ -0,0 +1,28 @@ +{ ... }: + +{ + + krebs.iptables = { + tables = { + filter.INPUT.rules = [ + { predicate = "-i retiolum -p tcp --dport smtp"; target = "ACCEPT"; } + { predicate = "-p tcp --dport tinc"; target = "ACCEPT"; } + { predicate = "-p udp --dport tinc"; target = "ACCEPT"; } + ]; + }; + }; + + krebs.tinc.retiolum = { + enable = true; + connectTo = [ + "prism" + "pigstarter" + "gum" + "flap" + ]; + }; + + nixpkgs.config.packageOverrides = pkgs: { + tinc = pkgs.tinc_pre; + }; +} diff --git a/nin/default.nix b/nin/default.nix new file mode 100644 index 000000000..c31d6d949 --- /dev/null +++ b/nin/default.nix @@ -0,0 +1,7 @@ +_: +{ + imports = [ + ../krebs + ./2configs + ]; +} -- cgit v1.2.3 From f907f9d330ada8956ae3ab1f80b50d657bb8fe3d Mon Sep 17 00:00:00 2001 From: nin Date: Sun, 15 Jan 2017 19:39:25 +0100 Subject: n 2: set user to nin --- nin/2configs/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'nin') diff --git a/nin/2configs/default.nix b/nin/2configs/default.nix index 9b33e9c4a..7644d088c 100644 --- a/nin/2configs/default.nix +++ b/nin/2configs/default.nix @@ -16,7 +16,7 @@ with import ; config.krebs.users.nin.pubkey ]; }; - mainUser = { + nin = { name = "nin"; uid = 1337; home = "/home/nin"; -- cgit v1.2.3 From 923570be43130c79b794182f427c040df9d7214b Mon Sep 17 00:00:00 2001 From: nin Date: Sun, 15 Jan 2017 19:41:22 +0100 Subject: n 2: use new user interface --- nin/2configs/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'nin') diff --git a/nin/2configs/default.nix b/nin/2configs/default.nix index 7644d088c..9058757d2 100644 --- a/nin/2configs/default.nix +++ b/nin/2configs/default.nix @@ -10,7 +10,7 @@ with import ; (import ); } { - users.extraUsers = { + users.users = { root = { openssh.authorizedKeys.keys = [ config.krebs.users.nin.pubkey -- cgit v1.2.3 From f6e6b7da2beabd9a3bcb49c152f02ee37776a3e0 Mon Sep 17 00:00:00 2001 From: nin Date: Sun, 15 Jan 2017 19:43:28 +0100 Subject: n 2: set mutable users to false --- nin/2configs/default.nix | 2 ++ 1 file changed, 2 insertions(+) (limited to 'nin') diff --git a/nin/2configs/default.nix b/nin/2configs/default.nix index 9058757d2..4a5ebf3df 100644 --- a/nin/2configs/default.nix +++ b/nin/2configs/default.nix @@ -65,6 +65,8 @@ with import ; nix.useSandbox = true; + users.mutableUsers = false; + services.timesyncd.enable = true; #why is this on in the first place? -- cgit v1.2.3 From ed8281aaf5ff94223b1773f5da483f893a70026c Mon Sep 17 00:00:00 2001 From: nin Date: Sun, 15 Jan 2017 19:54:54 +0100 Subject: n 2: add vim.nix --- nin/1systems/hiawatha.nix | 6 - nin/2configs/default.nix | 1 + nin/2configs/vim.nix | 354 ++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 355 insertions(+), 6 deletions(-) create mode 100644 nin/2configs/vim.nix (limited to 'nin') diff --git a/nin/1systems/hiawatha.nix b/nin/1systems/hiawatha.nix index 26de00d18..ca7071408 100644 --- a/nin/1systems/hiawatha.nix +++ b/nin/1systems/hiawatha.nix @@ -74,12 +74,6 @@ with lib; #nixpkgs.config.steam.java = true; - environment.variables.EDITOR = mkForce "vim"; - environment.variables.VIMINIT = ":so /etc/vimrc"; - environment.etc.vimrc.source = pkgs.writeText "vimrc" '' - set nocp - ''; - environment.systemPackages = with pkgs; [ firefox steam diff --git a/nin/2configs/default.nix b/nin/2configs/default.nix index 4a5ebf3df..bb7bba424 100644 --- a/nin/2configs/default.nix +++ b/nin/2configs/default.nix @@ -4,6 +4,7 @@ with import ; { imports = [ ../2configs/nixpkgs.nix + ../2configs/vim.nix { users.extraUsers = mapAttrs (_: h: { hashedPassword = h; }) diff --git a/nin/2configs/vim.nix b/nin/2configs/vim.nix new file mode 100644 index 000000000..101a80cc0 --- /dev/null +++ b/nin/2configs/vim.nix @@ -0,0 +1,354 @@ +{ config, lib, pkgs, ... }: + +with import ; +let + out = { + environment.systemPackages = [ + vim + pkgs.pythonPackages.flake8 + ]; + + environment.etc.vimrc.source = vimrc; + + environment.variables.EDITOR = mkForce "vim"; + environment.variables.VIMINIT = ":so /etc/vimrc"; + }; + + vimrc = pkgs.writeText "vimrc" '' + set nocompatible + + set autoindent + set backspace=indent,eol,start + set backup + set backupdir=${dirs.backupdir}/ + set directory=${dirs.swapdir}// + set hlsearch + set incsearch + set laststatus=2 + set mouse=a + set noruler + set pastetoggle= + set runtimepath=${extra-runtimepath},$VIMRUNTIME + set shortmess+=I + set showcmd + set showmatch + set ttimeoutlen=0 + set undodir=${dirs.undodir} + set undofile + set undolevels=1000000 + set undoreload=1000000 + set viminfo='20,<1000,s100,h,n${files.viminfo} + set visualbell + set wildignore+=*.o,*.class,*.hi,*.dyn_hi,*.dyn_o + set wildmenu + set wildmode=longest,full + + set et ts=2 sts=2 sw=2 + + filetype plugin indent on + + set t_Co=256 + colorscheme hack + syntax on + + au Syntax * syn match Garbage containedin=ALL /\s\+$/ + \ | syn match TabStop containedin=ALL /\t\+/ + \ | syn keyword Todo containedin=ALL TODO + + au BufRead,BufNewFile *.hs so ${hs.vim} + + au BufRead,BufNewFile *.nix so ${nix.vim} + + au BufRead,BufNewFile /dev/shm/* set nobackup nowritebackup noswapfile + + "Syntastic config + let g:syntastic_python_checkers=['flake8'] + + nmap q :buffer + nmap :buffer + + cnoremap + + noremap :q + vnoremap < >gv + + nnoremap [5^ :tabp + nnoremap [6^ :tabn + nnoremap [5@ :tabm -1 + nnoremap [6@ :tabm +1 + + nnoremap :tabp + nnoremap :tabn + inoremap :tabp + inoremap :tabn + + " + noremap Oa | noremap! Oa + noremap Ob | noremap! Ob + noremap Oc | noremap! Oc + noremap Od | noremap! Od + " <[C]S-{Up,Down,Right,Left> + noremap [a | noremap! [a + noremap [b | noremap! [b + noremap [c | noremap! [c + noremap [d | noremap! [d + vnoremap u + ''; + + extra-runtimepath = concatMapStringsSep "," (pkg: "${pkg.rtp}") [ + pkgs.vimPlugins.Syntastic + pkgs.vimPlugins.undotree + pkgs.vimPlugins.airline + (pkgs.vimUtils.buildVimPlugin { + name = "file-line-1.0"; + src = pkgs.fetchgit { + url = git://github.com/bogado/file-line; + rev = "refs/tags/1.0"; + sha256 = "0z47zq9rqh06ny0q8lpcdsraf3lyzn9xvb59nywnarf3nxrk6hx0"; + }; + }) + ((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let + name = "hack"; + in { + name = "vim-color-${name}-1.0.2"; + destination = "/colors/${name}.vim"; + text = /* vim */ '' + set background=dark + hi clear + if exists("syntax_on") + syntax clear + endif + + let colors_name = ${toJSON name} + + hi Normal ctermbg=235 + hi Comment ctermfg=242 + hi Constant ctermfg=062 + hi Identifier ctermfg=068 + hi Function ctermfg=041 + hi Statement ctermfg=167 + hi PreProc ctermfg=167 + hi Type ctermfg=041 + hi Delimiter ctermfg=251 + hi Special ctermfg=062 + + hi Garbage ctermbg=088 + hi TabStop ctermbg=016 + hi Todo ctermfg=174 ctermbg=NONE + + hi NixCode ctermfg=148 + hi NixData ctermfg=149 + hi NixQuote ctermfg=150 + + hi diffNewFile ctermfg=207 + hi diffFile ctermfg=207 + hi diffLine ctermfg=207 + hi diffSubname ctermfg=207 + hi diffAdded ctermfg=010 + hi diffRemoved ctermfg=009 + ''; + }))) + ((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let + name = "vim"; + in { + name = "vim-syntax-${name}-1.0.0"; + destination = "/syntax/${name}.vim"; + text = /* vim */ '' + ${concatMapStringsSep "\n" (s: /* vim */ '' + syn keyword vimColor${s} ${s} + \ containedin=ALLBUT,vimComment,vimLineComment + hi vimColor${s} ctermfg=${s} + '') (map (i: lpad 3 "0" (toString i)) (range 0 255))} + ''; + }))) + ((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let + name = "showsyntax"; + in { + name = "vim-plugin-${name}-1.0.0"; + destination = "/plugin/${name}.vim"; + text = /* vim */ '' + if exists('g:loaded_showsyntax') + finish + endif + let g:loaded_showsyntax = 0 + + fu! ShowSyntax() + let id = synID(line("."), col("."), 1) + let name = synIDattr(id, "name") + let transName = synIDattr(synIDtrans(id),"name") + if name != transName + let name .= " (" . transName . ")" + endif + echo "Syntax: " . name + endfu + + command! -n=0 -bar ShowSyntax :call ShowSyntax() + ''; + }))) + ]; + + dirs = { + backupdir = "$HOME/.cache/vim/backup"; + swapdir = "$HOME/.cache/vim/swap"; + undodir = "$HOME/.cache/vim/undo"; + }; + files = { + viminfo = "$HOME/.cache/vim/info"; + }; + + mkdirs = let + dirOf = s: let out = concatStringsSep "/" (init (splitString "/" s)); + in assert out != ""; out; + alldirs = attrValues dirs ++ map dirOf (attrValues files); + in unique (sort lessThan alldirs); + + vim = pkgs.writeDashBin "vim" '' + set -efu + (umask 0077; exec ${pkgs.coreutils}/bin/mkdir -p ${toString mkdirs}) + exec ${pkgs.vim}/bin/vim "$@" + ''; + + + hs.vim = pkgs.writeText "hs.vim" '' + syn region String start=+\[[[:alnum:]]*|+ end=+|]+ + + hi link ConId Identifier + hi link VarId Identifier + hi link hsDelimiter Delimiter + ''; + + nix.vim = pkgs.writeText "nix.vim" '' + setf nix + + " Ref + syn match NixID /[a-zA-Z\_][a-zA-Z0-9\_\'\-]*/ + syn match NixINT /\<[0-9]\+\>/ + syn match NixPATH /[a-zA-Z0-9\.\_\-\+]*\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/ + syn match NixHPATH /\~\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/ + syn match NixSPATH /<[a-zA-Z0-9\.\_\-\+]\+\(\/[a-zA-Z0-9\.\_\-\+]\+\)*>/ + syn match NixURI /[a-zA-Z][a-zA-Z0-9\+\-\.]*:[a-zA-Z0-9\%\/\?\:\@\&\=\+\$\,\-\_\.\!\~\*\']\+/ + syn region NixSTRING + \ matchgroup=NixSTRING + \ start='"' + \ skip='\\"' + \ end='"' + syn region NixIND_STRING + \ matchgroup=NixIND_STRING + \ start="'''" + \ skip="'''\('\|[$]\|\\[nrt]\)" + \ end="'''" + + syn match NixOther /[():/;=.,?\[\]]/ + + syn match NixCommentMatch /\(^\|\s\)#.*/ + syn region NixCommentRegion start="/\*" end="\*/" + + hi link NixCode Statement + hi link NixData Constant + hi link NixComment Comment + + hi link NixCommentMatch NixComment + hi link NixCommentRegion NixComment + hi link NixID NixCode + hi link NixINT NixData + hi link NixPATH NixData + hi link NixHPATH NixData + hi link NixSPATH NixData + hi link NixURI NixData + hi link NixSTRING NixData + hi link NixIND_STRING NixData + + hi link NixEnter NixCode + hi link NixOther NixCode + hi link NixQuote NixData + + syn cluster nix_has_dollar_curly contains=@nix_ind_strings,@nix_strings + syn cluster nix_ind_strings contains=NixIND_STRING + syn cluster nix_strings contains=NixSTRING + + ${concatStringsSep "\n" (mapAttrsToList (lang: { extraStart ? null }: let + startAlts = filter isString [ + ''/\* ${lang} \*/'' + extraStart + ]; + sigil = ''\(${concatStringsSep ''\|'' startAlts}\)[ \t\r\n]*''; + in /* vim */ '' + syn include @nix_${lang}_syntax syntax/${lang}.vim + unlet b:current_syntax + + syn match nix_${lang}_sigil + \ X${replaceStrings ["X"] ["\\X"] sigil}\ze\('''\|"\)X + \ nextgroup=nix_${lang}_region_IND_STRING,nix_${lang}_region_STRING + \ transparent + + syn region nix_${lang}_region_STRING + \ matchgroup=NixSTRING + \ start='"' + \ skip='\\"' + \ end='"' + \ contained + \ contains=@nix_${lang}_syntax + \ transparent + + syn region nix_${lang}_region_IND_STRING + \ matchgroup=NixIND_STRING + \ start="'''" + \ skip="'''\('\|[$]\|\\[nrt]\)" + \ end="'''" + \ contained + \ contains=@nix_${lang}_syntax + \ transparent + + syn cluster nix_ind_strings + \ add=nix_${lang}_region_IND_STRING + + syn cluster nix_strings + \ add=nix_${lang}_region_STRING + + syn cluster nix_has_dollar_curly + \ add=@nix_${lang}_syntax + '') { + c = {}; + cabal = {}; + haskell = {}; + sh.extraStart = ''write\(Ba\|Da\)sh[^ \t\r\n]*[ \t\r\n]*"[^"]*"''; + vim.extraStart = + ''write[^ \t\r\n]*[ \t\r\n]*"\(\([^"]*\.\)\?vimrc\|[^"]*\.vim\)"''; + })} + + " Clear syntax that interferes with nixINSIDE_DOLLAR_CURLY. + syn clear shVarAssign + + syn region nixINSIDE_DOLLAR_CURLY + \ matchgroup=NixEnter + \ start="[$]{" + \ end="}" + \ contains=TOP + \ containedin=@nix_has_dollar_curly + \ transparent + + syn region nix_inside_curly + \ matchgroup=NixEnter + \ start="{" + \ end="}" + \ contains=TOP + \ containedin=nixINSIDE_DOLLAR_CURLY,nix_inside_curly + \ transparent + + syn match NixQuote /'''\([''$']\|\\.\)/he=s+2 + \ containedin=@nix_ind_strings + \ contained + + syn match NixQuote /\\./he=s+1 + \ containedin=@nix_strings + \ contained + + syn sync fromstart + + let b:current_syntax = "nix" + + set isk=@,48-57,_,192-255,-,' + ''; +in +out -- cgit v1.2.3 From c25ea177769cec429b8e4d0b021cd2fc39bab21a Mon Sep 17 00:00:00 2001 From: nin Date: Sun, 15 Jan 2017 19:56:17 +0100 Subject: n 2: set PS1 to full path --- nin/2configs/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'nin') diff --git a/nin/2configs/default.nix b/nin/2configs/default.nix index bb7bba424..8ea9e49d8 100644 --- a/nin/2configs/default.nix +++ b/nin/2configs/default.nix @@ -113,11 +113,11 @@ with import ; ''; promptInit = '' if test $UID = 0; then - PS1='\[\033[1;31m\]\w\[\033[0m\] ' + PS1='\[\033[1;31m\]$PWD\[\033[0m\] ' elif test $UID = 1337; then - PS1='\[\033[1;32m\]\w\[\033[0m\] ' + PS1='\[\033[1;32m\]$PWD\[\033[0m\] ' else - PS1='\[\033[1;33m\]\u@\w\[\033[0m\] ' + PS1='\[\033[1;33m\]\u@$PWD\[\033[0m\] ' fi if test -n "$SSH_CLIENT"; then PS1='\[\033[35m\]\h'" $PS1" -- cgit v1.2.3 From af0a1c92c80e4b5d9c63bff4e075cfae0e3587b9 Mon Sep 17 00:00:00 2001 From: nin Date: Thu, 19 Jan 2017 23:16:40 +0100 Subject: n 1: add onondaga --- nin/1systems/onondaga.nix | 83 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 83 insertions(+) create mode 100644 nin/1systems/onondaga.nix (limited to 'nin') diff --git a/nin/1systems/onondaga.nix b/nin/1systems/onondaga.nix new file mode 100644 index 000000000..f7518aa6b --- /dev/null +++ b/nin/1systems/onondaga.nix @@ -0,0 +1,83 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, lib, pkgs, ... }: + +{ + imports = [ + ../. + + ../2configs/retiolum.nix + ]; + + krebs.build.host = config.krebs.hosts.hiawatha; + + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + # boot.loader.grub.efiSupport = true; + # boot.loader.grub.efiInstallAsRemovable = true; + # boot.loader.efi.efiSysMountPoint = "/boot/efi"; + # Define on which hard drive you want to install Grub. + boot.loader.grub.device = "/dev/sda"; + + networking.hostName = "onondaga"; + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + + # Select internationalisation properties. + # i18n = { + # consoleFont = "Lat2-Terminus16"; + # consoleKeyMap = "us"; + # defaultLocale = "en_US.UTF-8"; + # }; + + # Set your time zone. + time.timeZone = "Europe/Amsterdam"; + + # List packages installed in system profile. To search by name, run: + # $ nix-env -qaP | grep wget + # environment.systemPackages = with pkgs; [ + # wget + # ]; + + # List services that you want to enable: + + # Enable the OpenSSH daemon. + services.openssh.enable = true; + + # Enable CUPS to print documents. + # services.printing.enable = true; + + # Enable the X11 windowing system. + # services.xserver.enable = true; + # services.xserver.layout = "us"; + # services.xserver.xkbOptions = "eurosign:e"; + + # Enable the KDE Desktop Environment. + # services.xserver.displayManager.kdm.enable = true; + # services.xserver.desktopManager.kde4.enable = true; + + # Define a user account. Don't forget to set a password with ‘passwd’. + # users.extraUsers.guest = { + # isNormalUser = true; + # uid = 1000; + # }; + + # The NixOS release to be compatible with for stateful data such as databases. + system.stateVersion = "16.09"; + + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "ehci_pci" "sd_mod" "sr_mod" ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/7238cc6e-4bea-4e52-9408-32d8aa05abff"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/5e923175-854b-4bcf-97c8-f3a91806fa22"; + fsType = "ext2"; + }; + + nix.maxJobs = lib.mkDefault 1; + +} -- cgit v1.2.3 From dada3d5b2403c59d1886901974d54c65e0e9e5ae Mon Sep 17 00:00:00 2001 From: nin Date: Thu, 19 Jan 2017 23:18:09 +0100 Subject: n 1 hiawatha: add some pkgs --- nin/1systems/hiawatha.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'nin') diff --git a/nin/1systems/hiawatha.nix b/nin/1systems/hiawatha.nix index ca7071408..6fa8a3388 100644 --- a/nin/1systems/hiawatha.nix +++ b/nin/1systems/hiawatha.nix @@ -82,6 +82,9 @@ with lib; git hexchat networkmanagerapplet + python + virtmanager + libvirt ]; nixpkgs.config = { -- cgit v1.2.3 From 0d286d0a493df60208fd5bbb6325c8f8880f6b98 Mon Sep 17 00:00:00 2001 From: nin Date: Thu, 19 Jan 2017 23:19:32 +0100 Subject: n 2: add hashPassword to pkgs --- nin/2configs/default.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'nin') diff --git a/nin/2configs/default.nix b/nin/2configs/default.nix index 8ea9e49d8..e181a6041 100644 --- a/nin/2configs/default.nix +++ b/nin/2configs/default.nix @@ -97,6 +97,7 @@ with import ; p7zip unzip unrar + hashPassword ]; programs.bash = { -- cgit v1.2.3 From b4109e8d22284a98fcff8f409b7b1968428a1520 Mon Sep 17 00:00:00 2001 From: nin Date: Thu, 19 Jan 2017 23:20:24 +0100 Subject: n 2 nixpkgs: fd1dbe5 -> 6b28bd0 --- nin/2configs/nixpkgs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'nin') diff --git a/nin/2configs/nixpkgs.nix b/nin/2configs/nixpkgs.nix index eceab7e7b..9d73afbe0 100644 --- a/nin/2configs/nixpkgs.nix +++ b/nin/2configs/nixpkgs.nix @@ -3,6 +3,6 @@ { krebs.build.source.nixpkgs.git = { url = https://github.com/nixos/nixpkgs; - ref = "fd1dbe551cf6338c5f4e4f80c2f5dde9f9e6a271"; + ref = "6b28bd0daf00b8e5e370a04347844cb8614138ff"; }; } -- cgit v1.2.3 From 2a34bf50e7e41554af6a74e1b29081924d22cac8 Mon Sep 17 00:00:00 2001 From: nin Date: Thu, 19 Jan 2017 23:36:49 +0100 Subject: n 1 onondaga: fix build host --- nin/1systems/onondaga.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'nin') diff --git a/nin/1systems/onondaga.nix b/nin/1systems/onondaga.nix index f7518aa6b..b0810366a 100644 --- a/nin/1systems/onondaga.nix +++ b/nin/1systems/onondaga.nix @@ -11,7 +11,7 @@ ../2configs/retiolum.nix ]; - krebs.build.host = config.krebs.hosts.hiawatha; + krebs.build.host = config.krebs.hosts.onondaga; boot.loader.grub.enable = true; boot.loader.grub.version = 2; -- cgit v1.2.3 From f017017d58da0da3a745aabee23d05f2278e204d Mon Sep 17 00:00:00 2001 From: nin Date: Thu, 19 Jan 2017 23:37:26 +0100 Subject: n 1 onondaga: delete redundant hostname --- nin/1systems/onondaga.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'nin') diff --git a/nin/1systems/onondaga.nix b/nin/1systems/onondaga.nix index b0810366a..92f316f66 100644 --- a/nin/1systems/onondaga.nix +++ b/nin/1systems/onondaga.nix @@ -21,7 +21,6 @@ # Define on which hard drive you want to install Grub. boot.loader.grub.device = "/dev/sda"; - networking.hostName = "onondaga"; # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. # Select internationalisation properties. -- cgit v1.2.3 From 3991331352d85d44d174a90392c0fe3d5e5dee05 Mon Sep 17 00:00:00 2001 From: nin Date: Fri, 20 Jan 2017 00:05:30 +0100 Subject: n 2: add weechat --- nin/2configs/weechat.nix | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 nin/2configs/weechat.nix (limited to 'nin') diff --git a/nin/2configs/weechat.nix b/nin/2configs/weechat.nix new file mode 100644 index 000000000..6c0fb313e --- /dev/null +++ b/nin/2configs/weechat.nix @@ -0,0 +1,21 @@ +{ config, lib, pkgs, ... }: + +let + inherit (import ) genid; +in { + krebs.per-user.chat.packages = with pkgs; [ + mosh + weechat + tmux + ]; + + users.extraUsers.chat = { + home = "/home/chat"; + uid = genid "chat"; + useDefaultShell = true; + createHome = true; + openssh.authorizedKeys.keys = [ + config.krebs.users.nin.pubkey + ]; + }; +} -- cgit v1.2.3 From 531807ece890f1d857304a86837ae4bc1f27076e Mon Sep 17 00:00:00 2001 From: nin Date: Fri, 20 Jan 2017 00:04:09 +0100 Subject: n 1 onondaga: import weechat.nix --- nin/1systems/onondaga.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'nin') diff --git a/nin/1systems/onondaga.nix b/nin/1systems/onondaga.nix index 92f316f66..59f26c46b 100644 --- a/nin/1systems/onondaga.nix +++ b/nin/1systems/onondaga.nix @@ -9,6 +9,7 @@ ../. ../2configs/retiolum.nix + ../2configs/weechat.nix ]; krebs.build.host = config.krebs.hosts.onondaga; -- cgit v1.2.3