diff --git a/configuration-cross.nix b/configuration-cross.nix index 4302ad4..4662332 100644 --- a/configuration-cross.nix +++ b/configuration-cross.nix @@ -32,11 +32,17 @@ vim-sleuth nvim-lspconfig rust-tools-nvim + tabby-nvim nvim-lint nvim-cmp + nvim-web-devicons cmp-nvim-lsp lsp-status-nvim + #flatten-nvim telescope-nvim + telescope-frecency-nvim + telescope-file-browser-nvim + telescope-fzy-native-nvim nvim-treesitter.withAllGrammars sweetie-nvim vim-nix @@ -47,6 +53,26 @@ }; }; + systemd.services.nvim-server = { + wantedBy = [ "multi-user.target" ]; + description = "Neovim Server"; + script = '' + export PATH="/run/current-system/sw/bin:/run/wrappers/bin:$PATH" + nvim --listen /tmp/nvim.sock --headless + ''; + serviceConfig = { + User = "audrey"; + Type = "simple"; + Restart = "always"; + }; + environment = { + LOG_CHANNEL_ID = "532689319350108160"; + CHANNEL_COUNT = "4"; + DELAY_SECONDS = "5"; + DEBUG = "0"; + }; + }; + }) (lib.mkIf (pkgs.stdenv.buildPlatform != pkgs.stdenv.hostPlatform) { programs.vim = { enable = true; diff --git a/configuration-desktop.nix b/configuration-desktop.nix index 649c1fb..4ae744f 100644 --- a/configuration-desktop.nix +++ b/configuration-desktop.nix @@ -2,6 +2,8 @@ { networking.networkmanager.enable = true; + fonts.packages = builtins.filter lib.attrsets.isDerivation (builtins.attrValues pkgs.nerd-fonts); + services = { xserver.enable = true; @@ -35,6 +37,7 @@ kdeconnect.enable = true; wireshark.enable = true; wireshark.package = pkgs.wireshark; + foot.enable = true; }; environment.systemPackages = with pkgs; [ @@ -44,7 +47,8 @@ signal-desktop slack obs-studio - foot + + dwarfdump kdePackages.plasma-thunderbolt ]; diff --git a/configuration-nixos.nix b/configuration-nixos.nix index f8cd37e..141e499 100644 --- a/configuration-nixos.nix +++ b/configuration-nixos.nix @@ -97,4 +97,6 @@ in { services.fwupd.enable = true; services.hardware.bolt.enable = true; + + services.resolved.enable = true; } diff --git a/configuration.nix b/configuration.nix index 321bcc2..a55c13e 100644 --- a/configuration.nix +++ b/configuration.nix @@ -12,11 +12,12 @@ in { config = { nixpkgs.config.allowUnfree = true; - nix.settings.extra-experimental-features = "nix-command flakes repl-flake pipe-operator"; + nix.settings.extra-experimental-features = "nix-command flakes pipe-operator"; nix.settings.trusted-users = [ "audrey" ]; nix.settings.max-jobs = 1; nix.settings.cores = 0; nix.settings.secret-key-files = [ "/var/lib/nix/binary-cache-key" ]; + nix.settings.trusted-public-keys = builtins.filter (f: f != "") <| lib.strings.splitString "\n" <| builtins.readFile ./keys/nix; # Select internationalisation properties. i18n.defaultLocale = "en_US.UTF-8"; @@ -32,7 +33,7 @@ in { description = "Audrey Dutcher"; isNormalUser = true; extraGroups = [ "wheel" "docker" ]; - openssh.authorizedKeys.keyFiles = [ ./dotfiles/authorized_keys ]; + openssh.authorizedKeys.keyFiles = [ ./keys/ssh ]; }; environment.systemPackages = with pkgs; [ @@ -42,6 +43,8 @@ in { curl btop file + nettools + psmisc patchelf gdb p7zip @@ -50,6 +53,9 @@ in { binwalk jq nix-index + openssl + wireguard-tools + cached-nix-shell (python3.withPackages (p: lib.concatMap (pl: pl p) rhelmot.globalPythonPackages)) ]; @@ -62,6 +68,8 @@ in { nclib pyyaml snakeviz + requests + pysocks ]) ]; programs = { @@ -76,6 +84,9 @@ in { '' + builtins.readFile ./dotfiles/zsh-prompt.sh; shellInit = builtins.readFile ./dotfiles/zsh-init.sh; shellAliases = { + ls = null; + ll = null; + l = null; grep = "grep --color=auto"; egrep = "egrep --color=auto"; objdump = "objdump -M intel"; @@ -107,6 +118,8 @@ in { }; }; + environment.etc.zinputrc.text = lib.mkForce (builtins.readFile ./dotfiles/zsh-input.sh); + environment.etc."gdb/gdbinit".source = ./dotfiles/gdb-init.gdb; environment.etc."venv-default.txt".source = ./dotfiles/venv-default.txt; @@ -146,7 +159,7 @@ in { daily = 7; hourly = 24; }; - datasets."system/var/docker" = { + datasets."system/var/lib_docker" = { autosnap = false; recursive = true; }; @@ -165,7 +178,7 @@ in { sshKey = "/var/lib/syncoid/.ssh/id_ed25519"; commands."system" = { source = "system"; - target = "backup@home.rhelmot.io:main/backup/${config.networking.hostName}/system"; + target = "buser@home.rhelmot.io:main/backup/${config.networking.hostName}/system"; # xeni note - option w is weeeeeeeird but the only consequnce is a lack of encryption #sendOptions = "w"; recursive = true; diff --git a/dotfiles/nvim-init.lua b/dotfiles/nvim-init.lua index 75fa463..82102f6 100644 --- a/dotfiles/nvim-init.lua +++ b/dotfiles/nvim-init.lua @@ -1,3 +1,4 @@ +--local vim = require("vim") -- https://github.com/neovim/neovim/issues/23725#issuecomment-1561364086 local ok, wf = pcall(require, "vim.lsp._watchfiles") if ok then @@ -16,7 +17,74 @@ require('telescope').setup({ defaults = { sorting_strategy = "ascending", }, + extensions = { + file_browser = { + hijack_netrw = true, + }, + }, }) +require("telescope").load_extension("file_browser") +require("telescope").load_extension("frecency") +require('telescope').load_extension('fzy_native') + +require("telescope.pickers.layout_strategies").buffer_window = function(self) + local layout = require("telescope.pickers.window").get_initial_window_options(self) + local prompt = layout.prompt + local results = layout.results + local preview = layout.preview + local config = self.layout_config + local padding = self.window.border and 2 or 0 + local width = vim.api.nvim_win_get_width(self.original_win_id) + local height = vim.api.nvim_win_get_height(self.original_win_id) + local pos = vim.api.nvim_win_get_position(self.original_win_id) + local wline = pos[1] + 1 + local wcol = pos[2] + 1 + + -- Height + prompt.height = 1 + preview.height = self.previewer and math.floor(height * 0.4) or 0 + results.height = height + - padding + - (prompt.height + padding) + - (self.previewer and (preview.height + padding) or 0) + + -- Line + local rows = {} + local mirror = config.mirror == true + local top_prompt = config.prompt_position == "top" + if mirror and top_prompt then + rows = { prompt, results, preview } + elseif mirror and not top_prompt then + rows = { results, prompt, preview } + elseif not mirror and top_prompt then + rows = { preview, prompt, results } + elseif not mirror and not top_prompt then + rows = { preview, results, prompt } + end + local next_line = wline + padding / 2 + for k, v in pairs(rows) do + if v.height ~= 0 then + v.line = next_line + next_line = v.line + padding + v.height + end + end + + -- Width + prompt.width = width - padding + results.width = prompt.width + preview.width = prompt.width + + -- Col + prompt.col = wcol + padding / 2 + results.col = prompt.col + preview.col = prompt.col + + if not self.previewer then + layout.preview = nil + end + + return layout +end require("nvim-treesitter.configs").setup { auto_install = false, @@ -130,6 +198,7 @@ vim.keymap.set('n', '[e', function() vim.diagnostic.goto_prev{float=false, sever vim.keymap.set('n', ']e', function() vim.diagnostic.goto_next{float=false, severity={min=vim.diagnostic.severity.WARN}} end, nil) vim.keymap.set('n', 'gf', tb.live_grep, nil) vim.keymap.set('n', 'gn', tb.find_files, nil) +vim.keymap.set('n', 'gb', tb.buffers, nil) vim.keymap.set('n', 'gr', tb.resume, nil) local pickers = require("telescope.pickers") @@ -378,7 +447,7 @@ lspconfig.lua_ls.setup{ -- rust = {}, --} --- LSP Diagnostics Options Setup +-- LSP Diagnostics Options Setup local sign = function(opts) vim.fn.sign_define(opts.name, { texthl = opts.name, @@ -443,7 +512,8 @@ end vim.g.sweetie = { palette = { dark = { - bg_alt = "#151523" + bg_alt = "#151523", + bg_hl = "#505040", } }, overrides = { @@ -458,3 +528,265 @@ if vim.env.TERM == "tmux" or vim.env.TERM == "xterm" then else vim.cmd.colorscheme("sweetie") end + +local tabtheme = { + fill = 'TabLineFill', + -- Also you can do this: fill = { fg='#f2e9de', bg='#907aa9', style='italic' } + head = 'TabLine', + current_tab = 'TabLineSel', + tab = 'TabLine', + win = 'TabLine', + tail = 'TabLine', +} +require('tabby').setup({ + line = function(line) + return { + { + { '  ', hl = tabtheme.head }, + line.sep('', tabtheme.head, tabtheme.fill), + }, + line.tabs().foreach(function(tab) + local hl = tab.is_current() and tabtheme.current_tab or tabtheme.tab + local name = tab.name() + if vim.t[tab.id].zoomed ~= nil then + name = "[zoom] " .. name + end + return { + line.sep('', hl, tabtheme.fill), + tab.is_current() and '' or '󰆣', + tab.number(), + name, + --tab.close_btn(''), + line.sep('', hl, tabtheme.fill), + hl = hl, + margin = ' ', + } + end), + --line.spacer(), + --line.wins_in_tab(line.api.get_current_tab()).foreach(function(win) + -- return { + -- line.sep('', tabtheme.win, tabtheme.fill), + -- win.is_current() and '' or '', + -- win.buf_name(), + -- line.sep('', tabtheme.win, tabtheme.fill), + -- hl = tabtheme.win, + -- margin = ' ', + -- } + --end), + --{ + -- line.sep('', tabtheme.tail, tabtheme.fill), + -- { '  ', hl = tabtheme.tail }, + --}, + hl = tabtheme.fill, + } + end, + -- option = {}, -- setup modules' option, +}) + +local splashPicker = pickers.new({layout_strategy="buffer_window", initial_mode="normal"}, { + prompt_title = "New Tab", + finder = finders.new_table { + results = { + { + title = "Terminal", + ordinal = "0", + callback = function() + vim.cmd(":term") + vim.cmd('startinsert') + end, + }, + { + title = "Recent Files", + ordinal = "1", + callback = function() + vim.cmd(":Telescope frecency") + end, + }, + { + title = "File Browser (flat)", + ordinal = "2", + callback = function() + vim.cmd(":Telescope find_files") + end, + }, + { + title = "File Browser (grep)", + ordinal = "3", + callback = function() + vim.cmd(":Telescope live_grep") + end, + }, + { + title = "File Browser (hierarchy)", + ordinal = "4", + callback = function() + vim.cmd(":e .") + end, + }, + { + title = "Change Workspace", + ordinal = "5", + callback = function() + tb.find_files({find_command = {"fd", "--type", "d", "--no-ignore-vcs", ".", "/home/audrey"}, attach_mappings = function(prompt_bufnr, map) + actions.select_default:replace(function() + actions.close(prompt_bufnr) + local selection = action_state.get_selected_entry() + vim.defer_fn(function() + -- uhhhhhh doesn't work. isn't there an api function which will put you in some other buffer's context? + vim.cmd.lcd(selection[0]) + splash() + end, 1) + end) + return true + end}) + end, + }, + { + title = "Scratch File", + ordinal = "6", + callback = function() + vim.cmd(":enew") + end, + }, + }, + entry_maker = function(entry) + return make_entry.set_default_entry_mt({ + value = entry, + text = entry.title, + display = entry.title, + ordinal = entry.ordinal, + }, {}) + end, + }, + sorter = conf.generic_sorter({}), + attach_mappings = function(prompt_bufnr, map) + actions.select_default:replace(function() + actions.close(prompt_bufnr) + local entry = action_state.get_selected_entry() + entry.value.callback() + end) + return true + end, +}) + +splash = function() + splashPicker:find() +end + +newsplash = function(pwd) + local wins = vim.api.nvim_tabpage_list_wins(0) + if #wins ~= 1 or vim.api.nvim_buf_get_name(vim.api.nvim_win_get_buf(wins[1])) ~= "" then + vim.cmd(":tabnew") + end + vim.defer_fn(function() + if pwd ~= nil then + vim.cmd.lcd(pwd) + end + splash() + end, 1) +end + +newfiles = function(pwd, files) + local wins = vim.api.nvim_tabpage_list_wins(0) + if #wins ~= 1 or vim.api.nvim_buf_get_name(vim.api.nvim_win_get_buf(wins[1])) ~= "" then + vim.cmd(":tabnew") + end + vim.defer_fn(function() + if pwd ~= nil then + vim.cmd.lcd(pwd) + end + vim.cmd.arglocal(files) + end, 1) +end + +vim.opt.splitbelow = true; +vim.opt.splitright = true; + +if vim.env.TERM ~= "tmux" and vim.env.TERM ~= "tmux-256color" then + --require("flatten").setup({ + --}) + + vim.opt.guicursor = "n-v-sm:block,i-ci-ve-c-t:ver25,r-cr-o:hor20" + -- NONSENSE + local opts = { noremap = true, } + vim.keymap.set({'i', 'n', 't'}, '', "", opts) + vim.keymap.set({'i', 'n', 't'}, 'n', function() + if vim.t.zoomed == nil then + vim.cmd(":tabnext") + else + vim.cmd(":tabclose") + end + end, opts) + vim.keymap.set({'i', 'n', 't'}, 'p', function() + if vim.t.zoomed == nil then + vim.cmd(":tabNext") + else + vim.cmd(":tabclose") + end + end, opts) + vim.keymap.set({'i', 'n', 't'}, 'c', function() + if vim.t.zoomed == nil then + vim.cmd(":tabnew") + vim.defer_fn(splash, 1) + else + vim.cmd(":tabclose") + end + end, opts) + vim.keymap.set({'i', 'n', 't'}, '"', function() + if vim.t.zoomed == nil then + vim.cmd(":split") + vim.defer_fn(splash, 1) + else + vim.cmd(":tabclose") + end + end, opts) + vim.keymap.set({'i', 'n', 't'}, '%', function() + if vim.t.zoomed == nil then + vim.cmd(":vsplit") + vim.defer_fn(splash, 1) + else + vim.cmd(":tabclose") + end + end, opts) + vim.keymap.set({'i', 'n', 't'}, 'z', function() + if vim.t.zoomed == nil then + local buf = vim.api.nvim_get_current_buf() + local win = vim.api.nvim_get_current_win() + vim.cmd(":tabnew") + vim.api.nvim_win_set_buf(0, buf) + vim.t.zoomed = win + else + local win = vim.t.zoomed + vim.cmd(":tabclose") + vim.api.nvim_set_current_win(win) + end + end, opts) + vim.keymap.set({'i', 'n', 't'}, '[', '', opts) + vim.keymap.set({'i', 'n', 't'}, '', '', opts) + --vim.keymap.set({'i', 'n', 't'}, ']', function() vim.api.nvim_paste() end , opts) + + -- https://neovim.io/doc/user/terminal.html#terminal-osc7 + vim.api.nvim_create_autocmd({ 'TermRequest' }, { + desc = 'Handles OSC 7 dir change requests', + callback = function(ev) + if string.sub(ev.data.sequence, 1, 4) == '\x1b]7;' then + local dir = string.gsub(ev.data.sequence, '\x1b]7;file://[^/]*', '') + if vim.fn.isdirectory(dir) == 0 then + --vim.notify('invalid dir: '..dir) + return + end + --vim.api.nvim_buf_set_var(ev.buf, 'osc7_dir', dir) + --if vim.o.autochdir and vim.api.nvim_get_current_buf() == ev.buf then + vim.cmd.lcd(dir) + --end + end + end + }) + + if vim.env.IN_VIM == nil then + vim.env.IN_VIM = "1" + --if vim.fn.argv()[1] == nil then + -- vim.defer_fn(splash, 1) + --end + end +end diff --git a/dotfiles/nvim-init.vim b/dotfiles/nvim-init.vim index 731e7e4..a8da5d9 100644 --- a/dotfiles/nvim-init.vim +++ b/dotfiles/nvim-init.vim @@ -1,24 +1,30 @@ -set nocompatible -set nu -set ttimeout -set ttimeoutlen=0 -set mouse= -set clipboard=unnamedplus -set ruler -set signcolumn=yes -set termguicolors -autocmd! -if $TERM != "xterm" && $TERM != "tmux" - inoremap :TmuxNavigateLeft - inoremap :TmuxNavigateDown - inoremap :TmuxNavigateUp - inoremap :TmuxNavigateRight -endif -" Disable tmux navigator when zooming the Vim pane -let g:tmux_navigator_disable_when_zoomed = 1 - -filetype plugin on -syntax on - -nnoremap :noh +set nocompatible +set nu +set ttimeout +set ttimeoutlen=0 +set mouse= +set clipboard=unnamedplus +set ruler +set signcolumn=yes +set termguicolors +autocmd! +if $TERM != "xterm" && $TERM != "tmux" + inoremap :TmuxNavigateLeft + inoremap :TmuxNavigateDown + inoremap :TmuxNavigateUp + inoremap :TmuxNavigateRight + tnoremap :TmuxNavigateLeft + tnoremap :TmuxNavigateDown + tnoremap :TmuxNavigateUp + tnoremap :TmuxNavigateRight +endif +" Disable tmux navigator when zooming the Vim pane +let g:tmux_navigator_disable_when_zoomed = 1 + +filetype plugin on +syntax on + +nnoremap :noh nnoremap * :let @/='\<=expand("")\>':set hls +nnoremap q: +nnoremap a diff --git a/dotfiles/zsh-init.sh b/dotfiles/zsh-init.sh index c87ebe2..d894260 100644 --- a/dotfiles/zsh-init.sh +++ b/dotfiles/zsh-init.sh @@ -3,65 +3,6 @@ setopt appendhistory notify unsetopt beep nomatch -# -# key binding configuration -# - -# create a zkbd compatible hash -# to add other keys to this hash, see: man 5 terminfo -typeset -A key - -key[Home]=${terminfo[khome]} -key[End]=${terminfo[kend]} -key[Insert]=${terminfo[kich1]} -key[Delete]=${terminfo[kdch1]} -key[Up]=${terminfo[kcuu1]} -key[Down]=${terminfo[kcud1]} -key[Left]=${terminfo[kcub1]} -key[Right]=${terminfo[kcuf1]} -key[PageUp]=${terminfo[kpp]} -key[PageDown]=${terminfo[knp]} -key[Backspace]=${terminfo[kbs]} - -# setup keybindings! -bindkey -v -export KEYTIMEOUT=1 - -[[ -n "${key[Home]}" ]] && bindkey "${key[Home]}" beginning-of-line -[[ -n "${key[End]}" ]] && bindkey "${key[End]}" end-of-line -[[ -n "${key[Insert]}" ]] && bindkey "${key[Insert]}" overwrite-mode -[[ -n "${key[Delete]}" ]] && bindkey "${key[Delete]}" backward-delete-char -[[ -n "${key[Up]}" ]] && bindkey "${key[Up]}" up-line-or-history -[[ -n "${key[Down]}" ]] && bindkey "${key[Down]}" down-line-or-history -[[ -n "${key[Left]}" ]] && bindkey "${key[Left]}" backward-char -[[ -n "${key[Right]}" ]] && bindkey "${key[Right]}" forward-char -[[ -n "${key[Backspace]}" ]] && bindkey "${key[Backspace]}" backward-delete-char -[[ -n "${key[PageUp]}" ]] && bindkey "${key[PageUp]}" up-history -[[ -n "${key[PageDown]}" ]] && bindkey "${key[PageDown]}" down-history - -bindkey '^P' up-history -bindkey '^N' down-history -bindkey '^h' backward-delete-char -bindkey '^w' backward-kill-word -bindkey '^r' history-incremental-search-backward -bindkey -a '/' history-incremental-search-backward -bindkey "^[[1;5C" forward-word -bindkey "^[[1;5D" backward-word - -# Finally, make sure the terminal is in application mode, when zle is -# active. Only then are the values from $terminfo valid. -if (( ${+terminfo[smkx]} )) && (( ${+terminfo[rmkx]} )); then - function enter-editing-mode () { - printf '%s' "${terminfo[smkx]}" - } - function exit-editing-mode () { - printf '%s' "${terminfo[rmkx]}" - } - zle -N zle-line-init enter-editing-mode - zle -N zle-line-finish exit-editing-mode -fi - - # # Aliases # @@ -129,6 +70,35 @@ function watchdiff() { done } +# terminal integration +# https://codeberg.org/dnkl/foot/wiki#zsh + +function osc7-pwd() { + emulate -L zsh # also sets localoptions for us + setopt extendedglob + local LC_ALL=C + printf '\e]7;file://%s%s\e\' $HOST ${PWD//(#m)([^@-Za-z&-;_~])/%${(l:2::0:)$(([##16]#MATCH))}} +} + +function chpwd-osc7-pwd() { + (( ZSH_SUBSHELL )) || osc7-pwd +} +function precmd-osc133-marker() { + if ! builtin zle; then + print -n "\e]133;D\e\\" + fi + print -Pn "\e]133;A\e\\" +} +function preexec-osc133-marker() { + print -Pn "\e]133;B\e\\" + print -n "\e]133;C\e\\" +} + +autoload -Uz add-zsh-hook +add-zsh-hook -Uz chpwd chpwd-osc7-pwd +add-zsh-hook -Uz precmd precmd-osc133-marker +add-zsh-hook -Uz preexec preexec-osc133-marker + # virtualenv integration export WORKON_HOME=$HOME/.virtualenvs @@ -155,3 +125,37 @@ export npm_config_prefix=~/.local if [ -e ~/.site_aliases.sh ]; then source ~/.site_aliases.sh fi + +# Extremely funny +if [[ -z "$TMUX" ]] && false; then + if [[ -n "$IN_VIM" ]]; then + vim() { + if [[ -z "$1" ]]; then + # plain vim. get splashed. + command vim --server /tmp/nvim.sock --remote-send ":splitk:resize 1j:lcd $PWD:lua splash()" + elif [[ "$1" = -* ]]; then + # some sort of flag. do not touch + command vim "$@" + else + # vim with files. shove all of these into the buffer list, do a split, minimize the original window, and advance the new window in the buflist + command vim --server /tmp/nvim.sock --remote-send ":splitk:resize 1j:lcd $PWD:arglocal $*" + fi + } + else + # not in vim. connect that bad boy + vim() { + if [[ -z "$1" ]]; then + # plain vim. connect + command vim --server /tmp/nvim.sock --remote-send ":lua newsplash(\"$PWD\")" + command vim --server /tmp/nvim.sock --remote-ui + elif [[ "$1" = -* ]]; then + # some sort of flag. do not touch + command vim "$@" + else + # vim with files. open them all in a new tab + command vim --server /tmp/nvim.sock --remote-send ":lua newfiles(\"$PWD\", \"$*\")" + command vim --server /tmp/nvim.sock --remote-ui + fi + } + fi +fi diff --git a/dotfiles/zsh-input.sh b/dotfiles/zsh-input.sh new file mode 100644 index 0000000..cc5d027 --- /dev/null +++ b/dotfiles/zsh-input.sh @@ -0,0 +1,64 @@ +# vim: ft=zsh + +# +# key binding configuration +# + +# create a zkbd compatible hash +# to add other keys to this hash, see: man 5 terminfo +typeset -A key + +key[Home]=${terminfo[khome]} +key[End]=${terminfo[kend]} +key[Insert]=${terminfo[kich1]} +key[Delete]=${terminfo[kdch1]} +key[Up]=${terminfo[kcuu1]} +key[Down]=${terminfo[kcud1]} +key[Left]=${terminfo[kcub1]} +key[Right]=${terminfo[kcuf1]} +key[PageUp]=${terminfo[kpp]} +key[PageDown]=${terminfo[knp]} +key[Backspace]=${terminfo[kbs]} +key[CtrlLeft]=${terminfo[kLFT5]} +key[CtrlRight]=${terminfo[kRIT5]} + +# setup keybindings! +bindkey -v +export KEYTIMEOUT=1 + +[[ -n "${key[Home]}" ]] && bindkey "${key[Home]}" beginning-of-line +[[ -n "${key[End]}" ]] && bindkey "${key[End]}" end-of-line +[[ -n "${key[Insert]}" ]] && bindkey "${key[Insert]}" overwrite-mode +[[ -n "${key[Delete]}" ]] && bindkey "${key[Delete]}" backward-delete-char +[[ -n "${key[Up]}" ]] && bindkey "${key[Up]}" up-line-or-history +[[ -n "${key[Down]}" ]] && bindkey "${key[Down]}" down-line-or-history +[[ -n "${key[Left]}" ]] && bindkey "${key[Left]}" backward-char +[[ -n "${key[Right]}" ]] && bindkey "${key[Right]}" forward-char +[[ -n "${key[Backspace]}" ]] && bindkey "${key[Backspace]}" backward-delete-char +[[ -n "${key[PageUp]}" ]] && bindkey "${key[PageUp]}" up-history +[[ -n "${key[PageDown]}" ]] && bindkey "${key[PageDown]}" down-history +[[ -n "${key[CtrlLeft]}" ]] && bindkey "${key[CtrlLeft]}" backward-word +[[ -n "${key[CtrlRight]}" ]] && bindkey "${key[CtrlRight]}" forward-word + +bindkey '^P' up-history +bindkey '^N' down-history +bindkey '^h' backward-delete-char +bindkey '^w' backward-kill-word +bindkey '^r' history-incremental-search-backward +bindkey -a '/' history-incremental-search-backward +# https://github.com/romkatv/zsh4humans/issues/7 +bindkey "^[[H" beginning-of-line +bindkey "^[[F" end-of-line + +# Finally, make sure the terminal is in application mode, when zle is +# active. Only then are the values from $terminfo valid. +if (( ${+terminfo[smkx]} )) && (( ${+terminfo[rmkx]} )); then + function enter-editing-mode () { + printf '%s' "${terminfo[smkx]}" + } + function exit-editing-mode () { + printf '%s' "${terminfo[rmkx]}" + } + zle -N zle-line-init enter-editing-mode + zle -N zle-line-finish exit-editing-mode +fi diff --git a/flake.lock b/flake.lock index d28ba32..7237a02 100644 --- a/flake.lock +++ b/flake.lock @@ -124,15 +124,15 @@ "lix": { "flake": false, "locked": { - "lastModified": 1737234286, - "narHash": "sha256-pgDJZjj4jpzkFxsqBTI/9Yb0n3gW+DvDtuv9SwQZZcs=", - "rev": "079528098f5998ba13c88821a2eca1005c1695de", + "lastModified": 1751825501, + "narHash": "sha256-6Jve3xCvRJGkz0A9D8dXH/DMWYE8MkFt+KJWQs9cLkw=", + "rev": "378b360bf8e0d04e8dd3733acd20d7a9b70360f1", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/079528098f5998ba13c88821a2eca1005c1695de.tar.gz?rev=079528098f5998ba13c88821a2eca1005c1695de" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/378b360bf8e0d04e8dd3733acd20d7a9b70360f1.tar.gz?rev=378b360bf8e0d04e8dd3733acd20d7a9b70360f1" }, "original": { "type": "tarball", - "url": "https://git.lix.systems/lix-project/lix/archive/release-2.92.tar.gz" + "url": "https://git.lix.systems/lix-project/lix/archive/main.tar.gz" } }, "lix-module": { @@ -145,15 +145,17 @@ ] }, "locked": { - "lastModified": 1742943028, - "narHash": "sha256-fprwZKE1uMzO9tiWWOrmLWBW3GPkMayQfb0xOvVFIno=", - "rev": "868d97695bab9d21f6070b03957bcace249fbe3c", - "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/868d97695bab9d21f6070b03957bcace249fbe3c.tar.gz?rev=868d97695bab9d21f6070b03957bcace249fbe3c" + "lastModified": 1751909859, + "narHash": "sha256-gbpuESxl/An4GTh7QEbQRYJozVIxWkwVGbWK0/0GoRc=", + "ref": "refs/heads/main", + "rev": "4d4c2b8f0a801c91ce5b717c77fe3a17efa1402f", + "revCount": 150, + "type": "git", + "url": "https://git.lix.systems/lix-project/nixos-module" }, "original": { - "type": "tarball", - "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.92.0-3.tar.gz" + "type": "git", + "url": "https://git.lix.systems/lix-project/nixos-module" } }, "lix_2": { @@ -262,16 +264,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1751637120, - "narHash": "sha256-xVNy/XopSfIG9c46nRmPaKfH1Gn/56vQ8++xWA8itO4=", + "lastModified": 1753489912, + "narHash": "sha256-uDCFHeXdRIgJpYmtcUxGEsZ+hYlLPBhR83fdU+vbC1s=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5c724ed1388e53cc231ed98330a60eb2f7be4be3", + "rev": "13e8d35b7d6028b7198f8186bc0347c6abaa2701", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-unstable", + "ref": "nixos-25.05", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index 42b56bf..e0737a7 100644 --- a/flake.nix +++ b/flake.nix @@ -1,17 +1,20 @@ { inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05"; nixbsd.url = "github:nixos-bsd/nixbsd/main"; lix-module = { - url = "https://git.lix.systems/lix-project/nixos-module/archive/2.92.0-3.tar.gz"; + url = "git+https://git.lix.systems/lix-project/nixos-module"; inputs.nixpkgs.follows = "nixpkgs"; }; bingosync.url = "github:rhelmot/bingosync"; blog-rhelmot-io.url = "git+https://git.lain.faith/rhelmot/blog.rhelmot.io"; blog-rhelmot-io.inputs.nixpkgs.follows = "nixpkgs"; + + #nixos-defcon.url = "path:/home/audrey/nixos-defcon"; + #nixos-defcon.inputs.nixpkgs.follows = "nixpkgs"; }; - outputs = { self, nixpkgs, nixbsd, lix-module, bingosync, ... }@flakeInputs: let + outputs = { self, nixpkgs, nixbsd, lix-module, bingosync, /*nixos-defcon, */... }@flakeInputs: let sitesFiles = builtins.readDir ./sites; sitesNames = builtins.filter (name: builtins.pathExists ./sites/${name}/configuration.nix) (builtins.attrNames sitesFiles); systemTypes = { @@ -29,6 +32,9 @@ { nixpkgs.buildPlatform = platform; } lix-module.nixosModules.default bingosync.nixosModules.default + #nixos-defcon.nixosModules.pkgsOverlay + #nixos-defcon.nixosModules.tulip + #nixos-defcon.nixosModules.noscope ]; }; in { inherit (evaluated) config options; diff --git a/keys/nix b/keys/nix new file mode 100644 index 0000000..f61dc50 --- /dev/null +++ b/keys/nix @@ -0,0 +1,2 @@ +clove:UVUGJicEY/PmVWqi4dlqmsNIglGFAsJzgLLsgVrMKsM= +daisy:HU3mg1KY/sGYVZk243dgJRDLKHASRmu8/IXeGI/sdE8= diff --git a/dotfiles/authorized_keys b/keys/ssh similarity index 100% rename from dotfiles/authorized_keys rename to keys/ssh diff --git a/pkgs/binsync.nix b/pkgs/binsync.nix new file mode 100644 index 0000000..2d5912f --- /dev/null +++ b/pkgs/binsync.nix @@ -0,0 +1,131 @@ +{ + lib, + fetchPypi, + fetchFromGitHub, + buildPythonPackage, + buildPythonApplication, + hatchling, + flask, + + httpx, + pydantic, + python-dotenv, + poetry-core, + + filelock, + gitpython, + prompt-toolkit, + pycparser, + sortedcontainers, + toml, + tqdm, + setuptools, + pyside6, + pytestCheckHook, + pytest-qt, + ply, + wordfreq, + ghidra-bridge, + jfx-bridge, + networkx, + platformdirs, + psutil, + pyhidra, + writableTmpDirAsHomeHook, +}: let + libbs_latest = buildPythonPackage rec { + pname = "libbs"; + version = "2.15.5+dev"; + pyproject = true; + + src = fetchFromGitHub { + owner = "binsync"; + repo = "libbs"; + rev = "c7f3b7e16a44affd446b392a89ed343d356885af"; + hash = "sha256-AzsOok38JG2pjNzeWQVHhi9Iw266TAOxavQEDu+JcyQ="; + }; + + build-system = [ setuptools ]; + + dependencies = [ + filelock + ghidra-bridge + jfx-bridge + networkx + platformdirs + prompt-toolkit + psutil + pycparser + pyhidra + toml + tqdm + ply + ]; + + nativeCheckInputs = [ + pytestCheckHook + writableTmpDirAsHomeHook + ]; + + pythonImportsCheck = [ "libbs" ]; + + disabledTests = [ + "test_change_watcher_plugin_cli" + "test_ghidra_artifact_watchers" + "TestHeadlessInterfaces" + ]; + + + disabledTestPaths = [ + "tests/test_decompilers.py" + "tests/test_remote_ghidra.py" + ]; + + }; + + binsync_latest = buildPythonPackage rec { + pname = "binsync"; + version = "5.5.1+dev"; + pyproject = true; + + src = fetchFromGitHub { + owner = "binsync"; + repo = "binsync"; + rev = "f46c576338a0cd74b8aeb46b09467ca3862d4e52"; + hash = "sha256-C3i969oA+jHjFz9fWYuzJZ0pz1O4Wvi9QU8PjHnL1Kk="; + }; + + build-system = [ setuptools ]; + + dependencies = [ + libbs_latest + + filelock + gitpython + prompt-toolkit + pycparser + sortedcontainers + toml + tqdm + ply + wordfreq + ]; + + optional-dependencies = { + ghidra = [ pyside6 ]; + }; + + nativeCheckInputs = [ + pytestCheckHook + pytest-qt + pyside6 + ]; + + disabledTestPaths = [ + # Test tries to import angrmanagement + "tests/test_angr_gui.py" + ]; + + pythonImportsCheck = [ "binsync" ]; + }; +in binsync_latest diff --git a/pkgs/idapro9.nix b/pkgs/idapro9.nix index 1614a8d..6620e36 100644 --- a/pkgs/idapro9.nix +++ b/pkgs/idapro9.nix @@ -5,7 +5,7 @@ fetchurl, autoPatchelfHook, copyDesktopItems, - python312, + python311, libsForQt5, cairo, dbus, @@ -25,23 +25,28 @@ xorg, zlib, curl, + gnutar, makeDesktopItem, makeWrapper, + runCommand, }: let - pythonForIDA = python312.withPackages (ps: with ps; [ rpyc ]); + pythonForIDA = python311.withPackages (ps: with ps; [ + rpyc + (ps.callPackage ./binsync.nix {}) + ]); in # https://github.com/msanft/ida-pro-overlay/blob/main/packages/ida-pro.nix stdenv.mkDerivation (self: { pname = "idapro"; - version = "9.0.241217"; + version = "9.0.240807"; src = requireFile { - name = "idapro-9.0.241217.tar.xz"; - hash = "sha256-V6RYQlwY8qYlASkyUZx2NgIkuQhf2fTd1tA7MFpOqLc="; + name = "IDA_Pro_Linux_9.tar.gz"; + hash = "sha256-PKbEHc8dPHOMwv76xjoMUoeSn1jF7VXF9QUmQ4YSmP0="; message = '' - Please run nix store add-file idapro-9.0.241217.tar.xz - Its sha256sum should be 57a458425c18f2a625012932519c76360224b9085fd9f4ddd6d03b305a4ea8b7 + Please run nix store add-file IDA_Pro_Linux_9.tar.gz + Its sha256sum should be 3ca6c41dcf1d3c738cc2fefac63a0c5287929f58c5ed55c5f5052643861298fd ''; }; @@ -100,8 +105,10 @@ stdenv.mkDerivation (self: { ln -s $lib $out/lib/$(basename $lib) done - ln -s $out/opt/ida $out/bin/ida - ln -s ida $out/bin/ida64 + ln -s $out/opt/ida64 $out/bin/ida64 + ln -s $out/opt/ida64 $out/bin/ida + + ln -s ${pythonForIDA}/bin/binsync $out/bin/binsync runHook postInstall ''; @@ -112,10 +119,12 @@ stdenv.mkDerivation (self: { addAutoPatchelfSearchPath $out/opt # Manually patch libraries that dlopen stuff. - patchelf --add-needed libpython3.12.so $out/lib/libida.so + patchelf --add-needed libpython${pythonForIDA.pythonVersion}.so $out/lib/libida.so + patchelf --add-needed libpython${pythonForIDA.pythonVersion}.so $out/opt/plugins/idapython3_64.so patchelf --add-needed libcrypto.so $out/lib/libida.so + patchelf --add-needed libcrypto.so $out/opt/plugins/idapython3_64.so - wrapProgram "$out/opt/ida" \ + wrapProgram "$out/opt/ida64" \ --prefix PYTHONPATH : $out/opt/idalib/python \ --prefix PATH : ${pythonForIDA}/bin ''; @@ -124,11 +133,9 @@ stdenv.mkDerivation (self: { desktopItem = makeDesktopItem { name = "ida-pro"; exec = "ida"; - icon = fetchurl { - url = "https://www.xzji.com/upload/y20/07x15/1518115f0eadb3d25ab.png"; - name = "appico.png"; - hash = "sha256-mso/8F4AT5Ry1RHG3plo03rssRRUw9xBwu3fjh8PqYc"; - }; + icon = runCommand "appico.png" {nativeBuildInputs = [gnutar]; strictDeps = true;} '' + tar --to-command cat -xf ${self.src} './idapro-9.0/appico.png' > "$out" + ''; comment = self.meta.description; desktopName = "IDA Pro"; genericName = "Interactive Disassembler"; @@ -137,7 +144,10 @@ stdenv.mkDerivation (self: { }; desktopItems = [ self.desktopItem ]; - + passthru = { + inherit pythonForIDA; + }; + meta = with lib; { description = "The world's smartest and most feature-full disassembler"; homepage = "https://hex-rays.com/ida-pro/"; diff --git a/sites/daisy/cert.pem b/sites/daisy/cert.pem new file mode 100644 index 0000000..e4c1db6 --- /dev/null +++ b/sites/daisy/cert.pem @@ -0,0 +1,34 @@ +-----BEGIN CERTIFICATE----- +MIIF1zCCA7+gAwIBAgIUKYdQD74Iefk1CyzHvROGC83Hw6IwDQYJKoZIhvcNAQEL +BQAwezELMAkGA1UEBhMCVVMxDzANBgNVBAgMBk5ldmFkYTESMBAGA1UEBwwJTGFz +IFZlZ2FzMRMwEQYDVQQKDApTaGVsbHBoaXNoMRUwEwYDVQQLDAxhd29vLnN5c3Rl +bXMxGzAZBgNVBAMMEmRvY2tlci5zaGVsbC5waGlzaDAeFw0yNTA4MDQxNjI5NDda +Fw0zNTA4MDIxNjI5NDdaMHsxCzAJBgNVBAYTAlVTMQ8wDQYDVQQIDAZOZXZhZGEx +EjAQBgNVBAcMCUxhcyBWZWdhczETMBEGA1UECgwKU2hlbGxwaGlzaDEVMBMGA1UE +CwwMYXdvby5zeXN0ZW1zMRswGQYDVQQDDBJkb2NrZXIuc2hlbGwucGhpc2gwggIi +MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDyVMA3TRVo52CNfmo4KCEF1UXR +km3z2fezjsbjEOCeMTsirkFp71g4Cvj4RPCrIASq1DVXkOI6ZaU2OEfm15TcY0Q1 +DG8/zvjVFTOGGNqfCyz+DUSr3qweeAijyLMygjTvK1LrCUJ1daYTdr9es1Qd29dV +Z2QxWy9+BOpz9oCs8ph+SUCVSfqn11mJ7btgSN9EU8K8f7vhm4PHpruaIJzXh6l0 +tl3wLvXbG8QW1Ms95oBCxiGFKxhAOhGQYlWkODJuh9nF+K/erXv/gmC9Xth/mbL9 +fRJpW+gPK79bhdSTPf9qLmanesRh7ZYxqDW/b7a1moR1u/MNqn4evm0muiz+cb/4 +e6PaRQfwD21dS4FNiJRWtUgSSa0qV7UdvFXvRIev/1f6jbeP0NB6txRxfRwf7cHQ +ceWIMZgfLeGXjS1VUFnyvEL2iRgFE86YVgaYd6TIafN2tcKBb5CBJCZkkP2BBk17 +NJ/S4h1H0w9u9yyfSz8kvrFf8KMGreRsZGdq776ajI1RNye+kdOQdu8UVN/W2ewu +E7vBw6NdDRuYGZ/pCULaXgdabiEYnzuwD5k9AKAeArWVDltSk8pS0gv8cI1MXt8J +TBcSEal5SPwjQNVjahghc3ASydkGN31U0roXuV8+5CjTxfzE6vVsQ2PdF9cSEVHT +kO6uIlMF7UKlytz2TwIDAQABo1MwUTAdBgNVHQ4EFgQUfMaBc83sxwCnJEeS893N +hpFQF5gwHwYDVR0jBBgwFoAUfMaBc83sxwCnJEeS893NhpFQF5gwDwYDVR0TAQH/ +BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEATt+MoCjOJ7MlgfX/vvgrnjp9RCwY +ltjg1n2sFzObJN0FpukFYLUdLXNj7YI34qL30FRjVDbEw3Q7ciXDPafqkzu/fMDd +/QkOnkIPa7oQ1qHGTODN/a3/sDkGcf7Mf1KV2B3QovybhRjB+N35C2zDA6V4TWik +AKXfqdJJEcSaG9yv1Kp4wmHvEOI0jruK2dks+46Ulw1eGk5xOHtRElfVfvO0LwGz +8vvv+6WNoBNMw9inzwmEQALvVooWdh4cJnkUIWlSPI2n091dtU57rzvsAnPtV/sW +Xvn9ZpRxw9vyKUBkWLLQAUbdn+XDM8XXi7zRGaY8b9LKWoNA2PGltpteCYck9za0 +a/F5Jt3f78d/vug/6Q0U2SiWNbqL9pzMX8gLIOuTqw6Rx6W32VY6WT418WqWjfsG +iySaMbJ+P+EpIFn57UvKV5CgdDFroBLnS1YpYNpZAJJubpJLVyMxQMhb47K5vU6s +YpsRm96kC0cZvP4J7+xpVilbzIqIHoV1foz0eRhCcS9bY+p22oLQY0EQ2joMnMnq +VvffPBaIWMkx6hoSaoQl7nhksu1UQrzomGJfOEK+jGkRbo1QI/qz38EuvlUfSayu +ONbCx7j+x++DyxvIQ9JEuu+cC76CNWjiDU0xFUhURrlS3t5AGe0+2ZBjcxWeX7jF +iwbYVRB2xqWwxek= +-----END CERTIFICATE----- diff --git a/sites/daisy/configuration.nix b/sites/daisy/configuration.nix index a20eb73..8dcc876 100644 --- a/sites/daisy/configuration.nix +++ b/sites/daisy/configuration.nix @@ -20,12 +20,33 @@ hardware.bluetooth.powerOnBoot = true; # Open ports in the firewall. - networking.firewall.allowedTCPPorts = [ 22 80 443 1337 8081 ]; + networking.firewall.allowedTCPPorts = [ 22 80 443 1337 1338 8081 2222 ]; networking.firewall.allowedUDPPorts = [ 1337 ]; system.stateVersion = "24.11"; #services.immich.enable = true; + hardware.ipu6 = { + enable = true; + platform = "ipu6ep"; + }; + + # not sure when this commit will reach upstream + boot.kernelPackages = pkgs.linuxPackages_latest.extend ( self: super: { + ipu6-drivers = super.ipu6-drivers.overrideAttrs ( + final: previous: rec { + src = builtins.fetchGit { + url = "https://github.com/intel/ipu6-drivers.git"; + ref = "master"; + rev = "b4ba63df5922150ec14ef7f202b3589896e0301a"; + }; + patches = [ + "${src}/patches/0001-v6.10-IPU6-headers-used-by-PSYS.patch" + ] ; + } + ); + } ); + environment.systemPackages = [ pkgs.idapro9 pkgs.qemu_kvm @@ -36,41 +57,91 @@ pkgs.OVMF.fd ]; - services.postgresql = { + services.tailscale = { enable = true; - ensureDatabases = [ "bingosync" ]; - ensureUsers = [ - { - name = "bingosync"; - ensureDBOwnership = true; - } - ]; + openFirewall = true; }; - #services.postgresql.authentication = '' - # local all all peer map=pgadmin-superuser - #''; - #services.postgresql.identMap = '' - # pgadmin-superuser pgadmin postgres - # pgadmin-superuser postgres postgres - #''; - #services.pgadmin.enable = true; - #services.pgadmin.initialEmail = "audrey@rhelmot.io"; - #services.pgadmin.initialPasswordFile = "/var/lib/pgadmin/initial_password_file"; - #services.bingosync = { + #services.influxdb2 = { # enable = true; - # debug = true; - # domain = "celestebingo"; - # socketsDomain = "sockets-celestebingo"; - # #databaseUrl = "sqlite:////tmp/bingosync.db"; - # databaseUrl = "postgres://%2Frun%2Fpostgresql/bingosync"; - # extraPythonPackages = p: [ p.psycopg2 ]; + # provision = { + # enable = true; + # initialSetup = { + # organization = "default"; + # bucket = "default"; + # passwordFile = "/var/lib/influxdb2-secrets/admin.password"; + # tokenFile = "/var/lib/influxdb2-secrets/admin.token"; + # }; + # organizations.shellphish = { + # buckets.logs = { }; + # buckets.metrics = { }; + # auths.sometoken = { + # tokenFile = "/var/lib/influxdb2-secrets/shellphish.token"; + # readBuckets = [ "logs" "metrics" ]; + # writeBuckets = [ "logs" "metrics" ]; + # }; + # }; + # #users.someuser.passwordFile = pkgs.writeText "tmp-pw" "abcgoiuhaoga"; + # }; + # settings.http-bind-address = "127.0.0.1:8086"; #}; - networking.extraHosts = '' - 127.0.0.1 celestebingo - 127.0.0.1 sockets-celestebingo - ''; + #services.grafana = { + # enable = true; + #}; + + #services.vector = { + # enable = true; + # journaldAccess = true; + # settings = { + # sources.system_logs.type = "journald"; + # sources.system_metrics = { + # type = "host_metrics"; + # filesystem.mountpoints.excludes = [ + # "/run*" + # "/dev*" + # "/sys*" + # "/proc*" + # ]; + # }; + # transforms.transformed_logs = { + # type = "remap"; + # inputs = [ "system_logs" ]; + # source = '' + # tmp = . + # del(.) + # .message = tmp.message + # .timestamp = tmp.timestamp + # .unit = tmp._SYSTEMD_UNIT + # del(tmp.message) + # .payload = tmp + # ''; + # }; + # sinks.db_logs = { + # type = "influxdb_logs"; + # inputs = [ "transformed_logs" ]; + # org = "shellphish"; + # token = "48da0c6c524bf0c9291272a3c2a029d1"; + # bucket = "logs"; + # endpoint = "http://localhost:8086/"; + # tags = [ "unit" ]; + # measurement = "journald"; + # }; + # sinks.db_metrics = { + # type = "influxdb_metrics"; + # inputs = [ "system_metrics" ]; + # org = "shellphish"; + # token = "48da0c6c524bf0c9291272a3c2a029d1"; + # bucket = "metrics"; + # endpoint = "http://localhost:8086/"; + # }; + # }; + #}; + + #networking.extraHosts = '' + # 127.0.0.1 celestebingo + # 127.0.0.1 sockets-celestebingo + #''; #programs.celestegame = { # enable = true; @@ -79,8 +150,28 @@ # writableDir = "/var/lib/celeste"; #}; - services.tailscale = { - enable = true; - openFirewall = true; - }; + #services.postgresql.package = pkgs.postgresql_17_jit; + + #services.tulip = { + # enable = true; + # nginxHost = "tulip"; + # servicesFile = "/var/lib/tulip/services.txt"; + # sslKeyLogFile = "/var/lib/tulip/sslkeylog"; + # convertersDir = "/var/lib/tulip/converters"; + # convertersPython = "/var/lib/tulip/converters/.venv/bin/python"; + # convertersProcesses = 8; + # ctf = { + # flagRegex = "flag\\{[[:digit:]]{6}_[[:digit:]]{6}\\}"; + # tickStart = "2025-08-05T19:00:00Z"; + # tickLength = 120 * 1000; + # vulnboxIp = "fd00:1337:1312:100::7"; + # }; + #}; + #systemd.services.tulip-assembler.path = with pkgs; [bash]; + + ##shellphish.ubuntuEnclave.enable = true; + #services.noscope = { + # enable = true; + # nginxHost = "noscope"; + #}; } diff --git a/sites/daisy/hardware-configuration.nix b/sites/daisy/hardware-configuration.nix index 0bcedb3..826c473 100644 --- a/sites/daisy/hardware-configuration.nix +++ b/sites/daisy/hardware-configuration.nix @@ -45,7 +45,7 @@ # still possible to use this option, but it's recommended to use it in conjunction # with explicit per-interface declarations with `networking.interfaces..useDHCP`. networking.useDHCP = lib.mkDefault true; - # networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true; + #networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; diff --git a/sites/daisy/key.pem b/sites/daisy/key.pem new file mode 100644 index 0000000..8ab7adc --- /dev/null +++ b/sites/daisy/key.pem @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDyVMA3TRVo52CN +fmo4KCEF1UXRkm3z2fezjsbjEOCeMTsirkFp71g4Cvj4RPCrIASq1DVXkOI6ZaU2 +OEfm15TcY0Q1DG8/zvjVFTOGGNqfCyz+DUSr3qweeAijyLMygjTvK1LrCUJ1daYT +dr9es1Qd29dVZ2QxWy9+BOpz9oCs8ph+SUCVSfqn11mJ7btgSN9EU8K8f7vhm4PH +pruaIJzXh6l0tl3wLvXbG8QW1Ms95oBCxiGFKxhAOhGQYlWkODJuh9nF+K/erXv/ +gmC9Xth/mbL9fRJpW+gPK79bhdSTPf9qLmanesRh7ZYxqDW/b7a1moR1u/MNqn4e +vm0muiz+cb/4e6PaRQfwD21dS4FNiJRWtUgSSa0qV7UdvFXvRIev/1f6jbeP0NB6 +txRxfRwf7cHQceWIMZgfLeGXjS1VUFnyvEL2iRgFE86YVgaYd6TIafN2tcKBb5CB +JCZkkP2BBk17NJ/S4h1H0w9u9yyfSz8kvrFf8KMGreRsZGdq776ajI1RNye+kdOQ +du8UVN/W2ewuE7vBw6NdDRuYGZ/pCULaXgdabiEYnzuwD5k9AKAeArWVDltSk8pS +0gv8cI1MXt8JTBcSEal5SPwjQNVjahghc3ASydkGN31U0roXuV8+5CjTxfzE6vVs +Q2PdF9cSEVHTkO6uIlMF7UKlytz2TwIDAQABAoICACrgMug188lNUuiGCu4nr3wU +OZe0dE7WbHyxEOCBDnT+2esvcLR5HB9CVb27mOd2MU02Yb++C0Dw1hPrTlF6KET8 +LUfDjPV5vc4Zw7WAtUG5nPrQRyuvqL11WHX+HzKbFhmRDUk3qLIWoE1GT+LGEOZ9 +jLJ4KiKPcy41WXQuE6NGAxQpCsu/PKGwuQ9t6B7HlfVFaqmmYgwvU1giWIQTLBz4 +TFOxpppF/MsJNR8jBFjN7TijTK/+qXpHq+7jbyqwpL+ouq/L6fYYtN1G6K3o155w +B9rQ486Pa9YvU9qyKaPprsTPM+uDDbcT7eSYUfYuomGsVq5sFDuBRHJVGAPnoekE ++ybrHST0MBwMqt3IUzNTfoNkO+/JKlEdAIMvmTkZERgw1yLokNUHlvoWSdiKkbpp +ZsFpsS6nLucaUg2YxKRBkUFNXIwmO9RcCrax0putRkLeW+iYDd/1HyD8xyCpBLyG +v/e0uUepx2i/T096YBNLrIj95Lqh1rdGOXmN2b98vEJhgZN0FCmmlIiMbYXYlrpQ +8+6yNjpc36fFa0Af2xtv0RwULj1pEVI2QjTJCecKk9rjYBVOM8gp6xVpjy538+Zy +yvkhKchILT4fZq8wXD8LBnFuFRjpgFQnHbN46J++y4+o0t8Kfjq+v8ttuCXLLkks +LVCUu7GAWjejxWdQ0t/xAoIBAQD8MNQ2U6BzlVmTKjLhl9HrJd1zFEDVFDRseJjs +YIfknIAtZMP12F810QQD0MMFisge8iDy+pm5K1GrauL5yKQUPExszFHLx9SyL4Ui +TtsfWwHXFRged4+HS0RAqTCYpdfsKbnAYfpJCw99H1x0E6mcz2DBKS7vlO6gqhCL +SkKwBtoXzh8IX8JpFI6blHGIZNdKF00a7iavG8ct7awHxZ5fhENnxz0QF/RCSXrG +DIWJFC/Sa+iOq5YKQ9BjrVEsm2BwSfdD7DO1mrBYFutRz99aaACXnDnRscYPQw1G +Et71wWE3qtkObMzIJhoEoS8gghRTpwW2/g8mueMpiFe61W6/AoIBAQD1/cvmSlGQ +9S6mDpbSOo8r3kbcdj/Apv7rY18Ais8kynOADqlCbS3svWSL8h6tkD1SsA1ypsrq +4n3ko5c/7IjqqRgeFE9ZNAFFTiqrbSw7W2EdH3/OtUJQUehu335Yl3mDqMu86874 +iGaHMQSfCRI2Cl7xbbseoZo7r0OiBhb8ERjTl8cJfVud9nO+oS267VyremmvDgmT +c/SPiMJaFdQKy9l8c+VC89eTXnmzPeBERhmWhLdX9L4k+pjNtaSP2bc9W05pMzy4 +ST1XcyRT7ab1uaI7gs0RQApPrvUQuts2XnAr+mZ4K/xlvKxBQ7vEtNrkb4UunLt2 +ORZyD+AiMexxAoIBAByMfomD4AcVoiVJwqbNJANlrvMHGOvGNMUOxekEaH3VxaDd +5l0fWG/kMHsqF9m5wzvVlytKeTqAD+fC2t0B/KkZxmEOpDfYcFiXjo+6s42SJNwv +VCKm0EW1nI1hWdH9/DqM4q1Hqii4qtE0SqgNTcclpsNXISwYBQeFGQhbqL76l5fY +SqUNChoRLK+qF0wkdka56o2g5houn9awMChVE7+mXmcSI/R9cbZLUS24XymMcnl0 +o8f63qpc0OtnxGezUzCC/w3eYGAvmcTvG0aQrK00VtTS56y4Xj5+DbOgEUNq19GQ +cq/yWyBRR+K8SHR6pUhvAPOdQSPWKUQbXisVXEsCggEBAPP6woZphdb5Z0gqRirD +DAedkbjNy9Ofjk0XJT3bbzJ1XfNQF06cDSW2fwhSn1zUKA5gMSZbCf3HoMfp/XTY +fMAJ8LK8wCqgavY7XhTi1jEVJBAHkvMJUnlpk9iL8LubmVkdTN3XIFPerZo+4u99 +xsM0rBBXHnV2IQw7fCAyXA+sQWx0KGRgIkNdElWrdTjmfbhSVIncqWDHbHQEV4eU +CNigcNh/9o7eXR18YcaGg24T/QMOJO6m/wScTHwTQeGvNZA0hGPQ/tNlSOL4f7qC +hstHUAIobI5EbzWzOLtcKVoWdrkXxRRBxDd/13Vv4cdq/YP+nCCsMT5DxuBgoJQp +4fECggEAc0joAOCppQsqi0+MYtnz+sLnN0LkedI4Pc+BrFgZe+pa0gOuz816Xf6R +nJEuRo1DcbyOZ0/DldQdoMFd9c6kmFO2WIHJ4JsZXDRCZWFGIeakVQyepbB2J0n9 +dqSL7+o3nTtYtIbVbhIwQi0FGSLNIzyKycms0rxG4Rz3B9dzk+NEdrBYdCV/eiVo +DHAnokgLTRKyINMiUreB/QUxg+4TOarXBJJPhqEQjHgVXXRhQzk4EH3EsU6wjFSo +/q0J2vQ1CJJDM0YKV4izWSCjvpd6MuMPyHBCOVqWpMy3cOwzRGTO0asaG43GK1H3 +VkJw2xvYBO477ta66id4RDUBBXXzQQ== +-----END PRIVATE KEY----- diff --git a/sites/sunflower/configuration.nix b/sites/sunflower/configuration.nix index 9397c49..301ec40 100644 --- a/sites/sunflower/configuration.nix +++ b/sites/sunflower/configuration.nix @@ -164,4 +164,31 @@ }; }; }; + + systemd.services.spamkick = let + src = pkgs.fetchFromGitHub { + owner = "maddie480"; + repo = "SpamKick"; + rev = "9dd5b5e3cc78e2520b13a0875ae7ef264a5a52c5"; + hash = "sha256-ZjxnqIiXBaxrZwrCfDPVTpGmRxtrL5kc5ZcDUaQtbZo="; + }; + env = pkgs.python3.withPackages (ps: with ps; [ discordpy ]); + in { + path = [ env ]; + script = '' + export TOKEN="$(cat /var/lib/spamkick/token.txt)" + exec python ${src}/main.py + ''; + serviceConfig = { + Type = "simple"; + Restart = "always"; + }; + wantedBy = [ "multi-user.target" ]; + environment = { + LOG_CHANNEL_ID = "532689319350108160"; + CHANNEL_COUNT = "4"; + DELAY_SECONDS = "5"; + DEBUG = "0"; + }; + }; }