2 days of work

2020-10-07 23:23:16 +02:00 · 2020-10-07 23:23:16 +02:00 · f8e261ad07
commit f8e261ad07
parent ad427500ad
18 changed files with 391 additions and 32 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,3 +1,2 @@
 /result
-/roles/wireless.nix
 hardware-configuration.nix
--- a/configuration.nix
+++ b/configuration.nix
@ -16,7 +16,9 @@
      ./roles/dev.nix
      ./roles/mail.nix
      ./roles/vpn.nix
-      ./roles/wireless.nix
+      ./roles/network.nix
+      ./roles/private.nix
+      ./roles/work.nix
    ];

  networking.useDHCP = false;
@ -27,6 +29,10 @@
  services.openssh.enable = true;
  networking.firewall.enable = true;

+  nixpkgs.config.permittedInsecurePackages = [
+    "openssl-1.0.2u"
+  ];
+
  system.stateVersion = "20.03"; # We can stay here
 }

--- a/dotfiles/alacritty.yml
+++ b/dotfiles/alacritty.yml
@ -35,3 +35,6 @@ window:

 env:
  TERM: xterm-256color
+
+key_bindings:
+  - { key: Escape, mods: Control, action: ToggleViMode }
--- a/dotfiles/certs/NetzmarktCA.crt
+++ b/dotfiles/certs/NetzmarktCA.crt
@ -0,0 +1,44 @@
+-----BEGIN CERTIFICATE-----
+MIIHrjCCBZagAwIBAgIJAJwE8QiSIPupMA0GCSqGSIb3DQEBCwUAMIHpMQswCQYD
+VQQGEwJERTEPMA0GA1UECBMGQmF5ZXJuMREwDwYDVQQHEwhFcmxhbmdlbjEwMC4G
+A1UEChQnTmV0em1hcmt0IEludGVybmV0c2VydmljZSBHbWJIICYgQ28uIEtHMRAw
+DgYDVQQLEwdUZWNobmlrMTMwMQYDVQQDFCpOZXR6bWFya3QgSW50ZXJuZXRzZXJ2
+aWNlIEdtYkggJiBDby4gS0cgQ0ExFTATBgNVBCkTDE5ldHptYXJrdCBDQTEmMCQG
+CSqGSIb3DQEJARYXaG9zdG1hc3RlckBuZXR6bWFya3QuZGUwHhcNMTUxMTIwMTIy
+NTAwWhcNMjUxMTE3MTIyNTAwWjCB6TELMAkGA1UEBhMCREUxDzANBgNVBAgTBkJh
+eWVybjERMA8GA1UEBxMIRXJsYW5nZW4xMDAuBgNVBAoUJ05ldHptYXJrdCBJbnRl
+cm5ldHNlcnZpY2UgR21iSCAmIENvLiBLRzEQMA4GA1UECxMHVGVjaG5pazEzMDEG
+A1UEAxQqTmV0em1hcmt0IEludGVybmV0c2VydmljZSBHbWJIICYgQ28uIEtHIENB
+MRUwEwYDVQQpEwxOZXR6bWFya3QgQ0ExJjAkBgkqhkiG9w0BCQEWF2hvc3RtYXN0
+ZXJAbmV0em1hcmt0LmRlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA
+yPeH1i0beXEdMvyNATA9zc4CLCajROCVgypJ3+7sZ6wuNWxUbdSFQMm8v94h7BEL
+bCPJ6TT1B96GA4nfC0yOz1RhiUdLDJ8jv9Y1NEIBujBU2tvL2/93+dkMT/xZ2APj
+IPcYfdTUuWuK3y/WC+/OZ7ZKgCkQdXjy+tJagHBiYnYSIugSlwe7ToAg8gy/PmkO
+f7af5jtIVkRWyTtYI6paYzXmcgjafFptWPcb8bJX9MnCycB5/Af4VwHZszKf4Gmw
+Om/KvlzUHClBpCYUa/rLTmd8AyjAYJMpQ3yd4JBlsf5ao1ZeWFvCJjQHPiJYvLVD
+vApcUaXkbkWbGODC8YS8d4r5pwoEWeUwxomNVDElIIoQOM3Agi6ms0Hfp9/S+lK/
+i9IgQXNOXTtjkLZRImUmjDk//QOoNjBh9z+g62YGaThDTgxlf4J7RD/HqTmLSKjE
+UwlWGduVTsUQR5uKs/tD5hsc5dpE3UI+n1J8PWlXcKfJnEjfgYPJ7jTDpBB6Oozj
+JtH7DkdOhHPZkZQzIuOLNtxqlgNSYHv7VNSmr3LvRTQto9x5NnGgMgliyKuI1aBt
+p+gSnOezGMSQobRBH0cvXVk7dWm+BeZtTmU03SsAFIfhVAnAisWfbHWD6GDUQ/9m
+F1SWMMJgCT/xSL43Md1riQV5/0mciHlhUxl0xKMBcTECAwEAAaOCAVUwggFRMB0G
+A1UdDgQWBBT1WEHH26TJcfvJRGFcGaWzrbKS6DCCASAGA1UdIwSCARcwggETgBT1
+WEHH26TJcfvJRGFcGaWzrbKS6KGB76SB7DCB6TELMAkGA1UEBhMCREUxDzANBgNV
+BAgTBkJheWVybjERMA8GA1UEBxMIRXJsYW5nZW4xMDAuBgNVBAoUJ05ldHptYXJr
+dCBJbnRlcm5ldHNlcnZpY2UgR21iSCAmIENvLiBLRzEQMA4GA1UECxMHVGVjaG5p
+azEzMDEGA1UEAxQqTmV0em1hcmt0IEludGVybmV0c2VydmljZSBHbWJIICYgQ28u
+IEtHIENBMRUwEwYDVQQpEwxOZXR6bWFya3QgQ0ExJjAkBgkqhkiG9w0BCQEWF2hv
+c3RtYXN0ZXJAbmV0em1hcmt0LmRlggkAnATxCJIg+6kwDAYDVR0TBAUwAwEB/zAN
+BgkqhkiG9w0BAQsFAAOCAgEAgALHwsIX7HgBysOPlkdmY+Bl9OvXpjJWrIiowl8U
+6YBwWDhA7CBsnkgpPfzdT3yWpzBFLKh+8DcnWOJ7G9AH4/Ypx2YgoQSxH/XQSqgd
+ojrP9YrzIo1If2+5uLIP8k4OyBOsR7ZG0zWCLMrvI+xkoirx/FKhiwR5ircmjvLG
+GYrkJVdreTx9duNHvSSIocOmf5BYa+FcElyit5EipPajupeDJLOb2MUpLES6YJX4
+q7jVcNLQpE/8L0BrT9SLwRce+mxYHu5PJ9uZDtYAgTOxVoh6xAcjC+llPo52PPse
+DGtCwDRrMqAJWzljZCDq7juU1BG/3C46rZV0T1sDaxscSFhUNdptQYt5prCKdvoY
+vg8G8ADldbJqnp5JlHkzsgcSP6Tj5h1ZAs99w3u7AtZfaX1no1/qTqObkyjZhMn9
+OVsYDTGLBCdEvS74YzPgZfSQt5jinR4THnybb0qm4Iluy8C3QHylHvTNbzksEpwp
+UdJL1pIAX6TD66B/KAXRg3fyn9mZnCilhCezbIx6NS5ZuZw6aQAUiOTV/eoQX/4V
+jH0v9cA6Yk/4pCoeQlHRJfIdBUsBvnTrzI6yszqKi56me113mD8SbS3f6AAiyiHf
+LNs/3aF+4/CmK7BsuelDgZASSx1Lol1UMqcKIbiTHr024V4LPUlQQQhwWVTCVxba
+k00=
+-----END CERTIFICATE-----
--- a/dotfiles/certs/vcenter.netzmarkt.lan.crt
+++ b/dotfiles/certs/vcenter.netzmarkt.lan.crt
@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIEDTCCAvWgAwIBAgIJAMjDX/Mpgd+WMA0GCSqGSIb3DQEBCwUAMIGRMQswCQYD
+VQQDDAJDQTESMBAGCgmSJomT8ixkARkWAm5tMRMwEQYKCZImiZPyLGQBGRYDbGFu
+MQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEaMBgGA1UECgwRdm0w
+MjAuaHYubW5ldC5sYW4xGzAZBgNVBAsMElZNd2FyZSBFbmdpbmVlcmluZzAeFw0x
+NzA0MTgwODAxMDRaFw0yNzA0MTYwODAxMDRaMIGRMQswCQYDVQQDDAJDQTESMBAG
+CgmSJomT8ixkARkWAm5tMRMwEQYKCZImiZPyLGQBGRYDbGFuMQswCQYDVQQGEwJV
+UzETMBEGA1UECAwKQ2FsaWZvcm5pYTEaMBgGA1UECgwRdm0wMjAuaHYubW5ldC5s
+YW4xGzAZBgNVBAsMElZNd2FyZSBFbmdpbmVlcmluZzCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBALoAMLvSM2IwLF5FVTtulCzuFPARSlOpVQjcMZ7gP5XA
+PdpsyNiL0C4K68tuN78ZxTU1p+/agW+PpU1oKlkUddUOoSaLbRAYW/xj3gBJ0uc7
+s0X6kuluw5f5B8RuTpnkhXTpQqVLBPsB1d02aS0OndRv4SNxZAVqwguGVw5UB2uv
+r9SSp1RhYK9qyP+EGABLzrD+qjsIhpSxSs9I7Up+D3MDi3WethqlDFPVXlEfD32Q
+NsNRLdAL6dd+GWFE3h82MaxfXhpUJHGcw5Wsz50/09I1Qfq6Hqkb7B6OLRAEz7gD
+slocjv2sXPxMvLXIdJOZlEveattI16L7XqDVu6AlDF0CAwEAAaNmMGQwHQYDVR0O
+BBYEFO8TgXPcRudSgtHFjCwHh0wPwqIrMB8GA1UdEQQYMBaBDmVtYWlsQGFjbWUu
+Y29thwR/AAABMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMA0G
+CSqGSIb3DQEBCwUAA4IBAQAIZkCrG1OB36JsLnyQG4WYbFIYkg9yu/fYpdwwThng
+GGy1z0qMEsTvCidUaIb8eMf/IIy/5VmDFLNtoiuhJcvfMoCOUnqykHZi9NN3Rloz
+laS7JIV06+bFHjBnlR/15xF/Jr0hx8qclUzsYgYE2RAB3ET6Z4GiWaCmuGX7Uwh8
+kt+bRz344bhEbdDrUioyk1qon3oaIhLc7jarr235JOfCnTZFLn/3kJzdcxHsTEIn
+Q9MAQz5BO2G6NnEMuH1gAizVK9Xdfv4ePHCWVKkn+OKbKgVPOY/iJ4Ayk1Ya4Npq
+B1hUaVxHPdq+PipXll4tShnmc6BM6tYyrJhOWBkiRSQS
+-----END CERTIFICATE-----
--- a/dotfiles/sway/status.toml
+++ b/dotfiles/sway/status.toml
@ -96,7 +96,7 @@ block = "backlight"

 [[block]]
 block = "battery"
-device = "BAT1"
+device = "BAT0"
 interval = 10
 format = "{percentage}% {time}"

--- a/hardware/xps15-sphere.nix
+++ b/hardware/xps15-sphere.nix
@ -0,0 +1,47 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, ... }:
+
+let
+  unstable = import <nixos-unstable> { config.allowUnfree = true; };
+in {
+  imports =
+    [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "tank/work/nixos";
+      fsType = "zfs";
+    };
+
+  fileSystems."/home" =
+    { device = "tank/work/home";
+      fsType = "zfs";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/DC7B-5E2D";
+      fsType = "vfat";
+    };
+
+  swapDevices = [ ];
+
+  nix.maxJobs = lib.mkDefault 12;
+  powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
+
+  # custom
+  boot.kernelPackages = unstable.linuxPackages_latest;
+  boot.loader.systemd-boot.enable = true;
+  networking.hostId = "eff291c4";
+  networking.hostName = "sphere";
+  networking.interfaces.enp0s20f0u1.useDHCP = true;
+  powerManagement.powertop.enable = true;
+  services.tlp.enable = true;
+
+}
--- a/packages/cloudstation.nix
+++ b/packages/cloudstation.nix
@ -0,0 +1,97 @@
+{ stdenv
+, autoPatchelfHook
+, dbus_libs
+, dpkg
+, fetchurl
+, fontconfig
+, freetype
+, glib
+, libICE
+, libSM
+, xorg
+, openssl_1_0_2
+, openssl
+, libX11
+, makeWrapper
+, sqlite
+, wrapQtAppsHook
+, xkeyboard_config
+, zlib
+, curl
+}:
+
+stdenv.mkDerivation rec {
+  name = "cloudstation";
+  version = "4.3.3";
+  release = "4469";
+
+  src = fetchurl {
+    url = "https://global.download.synology.com/download/Tools/CloudStationDrive/${version}-${release}/Ubuntu/Installer/x86_64/synology-cloud-station-drive-${release}.x86_64.deb";
+    sha256 = "0v84yb70knmmjzp7lyn6jgy5bnfsfd47wmqh29phybqg4zk3d47j";
+  };
+
+  nativeBuildInputs = [
+    dpkg
+    autoPatchelfHook
+    makeWrapper
+    wrapQtAppsHook
+  ];
+  buildInputs = [
+    dbus_libs
+    fontconfig
+    freetype
+    glib
+    libICE
+    libSM
+    libX11
+    sqlite
+    stdenv.cc.cc.lib
+    zlib
+    openssl_1_0_2
+    xorg.libxcb
+    curl
+  ];
+
+  ldpath = stdenv.lib.makeLibraryPath [
+    dbus_libs
+    fontconfig
+    freetype
+    glib
+    libICE
+    libSM
+    libX11
+    sqlite
+    stdenv.cc.cc.lib
+    zlib
+    openssl_1_0_2
+    openssl
+    xorg.libxcb
+    curl
+  ];
+
+  unpackPhase = ''
+    dpkg-deb -x $src .
+    find
+  '';
+
+  installPhase = ''
+    mkdir -p $out/bin
+    cp -R opt $out
+    chmod +x $out/opt/Synology/CloudStation/lib/*
+
+    #ln -s $out/opt/Synology/CloudStation/bin/launcher $out/bin/cloudstation
+    makeWrapper \
+      $out/opt/Synology/CloudStation/bin/launcher \
+      $out/bin/cloudstation \
+      --set QT_PLUGIN_PATH $out/opt/Synology/CloudStationBackup/lib/plugins/platforms \
+      --set QT_XKB_CONFIG_ROOT ${xkeyboard_config}/share/X11/xkb \
+      --set LD_LIBRARY_PATH $out/opt/Synology/CloudStation/lib:${ldpath}
+  '';
+
+  meta = with stdenv.lib; {
+    homepage = "https://www.synology.com/de-de/support/download/RS815#utilities";
+    description = "Synology Cloud Station Drive";
+    platforms = platforms.linux;
+    maintainers = with maintainers; [ foosinn ];
+  };
+}
--- a/packages/oc311.nix
+++ b/packages/oc311.nix
@ -0,0 +1,29 @@
+with import <nixpkgs> {};
+
+stdenv.mkDerivation {
+  name = "oc311";
+  version = "3.11";
+  src = fetchurl {
+    url = "https://artifacts-openshift-release-3-11.svc.ci.openshift.org/zips/openshift-origin-client-tools-v3.11.0-8aa4c38-492-linux-64bit.tar.gz";
+    sha256 = "e8fde584995657e359ddaa5b25e70af2bde4cd494322c712a8cd46bfef00f07f";
+  };
+
+  nativeBuildInputs = [
+    autoPatchelfHook
+  ];
+
+  unpackPhase = ''
+    tar xvpzf $src --strip-components=1
+  '';
+
+  installPhase = ''
+    install -m 755 -D oc $out/bin/oc3
+  '';
+
+  meta = with stdenv.lib; {
+    homepage = "https://www.odk.io";
+    description = "openshift311 client";
+    platforms = platforms.linux;
+    maintainers = with maintainers; [ foosinn ];
+  };
+}
--- a/packages/oc46.nix
+++ b/packages/oc46.nix
@ -0,0 +1,29 @@
+with import <nixpkgs> {};
+
+stdenv.mkDerivation rec {
+  name = "oc46";
+  version = "4.6";
+  src = fetchurl {
+    url = "https://mirror.openshift.com/pub/openshift-v4/clients/oc/${version}/linux/oc.tar.gz";
+    sha256 = "60de3dbb6cf085a201c5b9490a6d5066248bfd5d3c42486a8fd43abdbdb731e6";
+  };
+
+  nativeBuildInputs = [
+    autoPatchelfHook
+  ];
+
+  unpackPhase = ''
+    tar xvpzf $src
+  '';
+
+  installPhase = ''
+    install -m 755 -D oc $out/bin/oc
+  '';
+
+  meta = with stdenv.lib; {
+    homepage = "https://www.odk.io";
+    description = "openshift 4.6 client";
+    platforms = platforms.linux;
+    maintainers = with maintainers; [ foosinn ];
+  };
+}
--- a/packages/openshift-install-4.5.nix
+++ b/packages/openshift-install-4.5.nix
@ -0,0 +1,30 @@
+with import <nixpkgs> {};
+
+stdenv.mkDerivation rec {
+  name = "openshift-install-4.5";
+  version = "4.5.0-0";
+  release = "2020-10-03-012432";
+  src = fetchurl {
+    url = "https://github.com/openshift/okd/releases/download/${version}.okd-${release}/openshift-install-linux-${version}.okd-${release}.tar.gz";
+    sha256 = "f497193e8918840a4fd3267839affdc91ec166c5fd2ae3fdc64f498b5fc56f55";
+  };
+
+  nativeBuildInputs = [
+    autoPatchelfHook
+  ];
+
+  unpackPhase = ''
+    tar xvpzf $src
+  '';
+
+  installPhase = ''
+    install -m 755 -D openshift-install $out/bin/openshift-install
+  '';
+
+  meta = with stdenv.lib; {
+    homepage = "https://www.odk.io";
+    description = "openshift 4.5 installer";
+    platforms = platforms.linux;
+    maintainers = with maintainers; [ foosinn ];
+  };
+}
--- a/roles/admin.nix
+++ b/roles/admin.nix
@ -1,8 +1,12 @@
 { pkgs, options, ...}:

-{
+let
+  unstable = import <nixos-unstable> {};
+in {
  environment.systemPackages = with pkgs; [
    kubectl
+    cryptsetup
+    unstable.kubernetes-helm

    # podman
    conmon
--- a/roles/base.nix
+++ b/roles/base.nix
@ -5,6 +5,7 @@ let
 in {
  environment.systemPackages = with pkgs; [
    bash
+    bash-completion
    bat
    direnv
    fd
@ -18,7 +19,9 @@ in {
    ripgrep
    tcpdump
    tmux
+    wget
    z-lua
+    unzip
    unstable.starship
    (import ../packages/neovim.nix)
  ];
@ -46,28 +49,21 @@ in {
      }
      starship_precmd_user_func=set_win_title

-      pw() {
-          len=''${1:-$(( $RANDOM % 24 + 8 ))}
-          tr -dc a-zA-Z0-9 < /dev/urandom | head -c $len
-          echo
-      }
-      cdg() {
-          gitroot=$(until [ -d .git ]; do [ "$PWD" == "/" ] && exit 1; cd ..; done; echo $PWD)
-          if [ $? == 0 ]; then
-precmd_user_func = "title"
-              cd $gitroot
-          else
-              echo "gitroot not found."
-              return 1
-          fi
-      }
-
      . "$(fzf-share)/key-bindings.bash"
      . "$(fzf-share)/completion.bash"
      . <(z --init bash)
      . <(direnv hook bash)
+      . ${pkgs.bash-completion}/etc/profile.d/bash_completion.sh

-      if [[ -z $DISPLAY ]] && [[ $(tty) = /dev/tty1 ]]; then
+      for script in "$HOME"/dotfiles/bashrc/*.sh; do
+          . "$script"
+      done
+
+      if [[ -z $DISPLAY ]] \
+          && [[ $(tty) = /dev/tty1 ]] \
+          && [[ "$USER" = "stefan" ]] \
+          && [[ -x /run/current-system/sw/bin/startsway ]]
+      then
        exec startsway
      fi
    '';
--- a/roles/desktop.nix
+++ b/roles/desktop.nix
@ -69,7 +69,7 @@ in {
    hicolor-icon-theme
    numix-icon-theme

-    alacritty
+    unstable.alacritty
    imv
    inkscape
    libreoffice
--- a/roles/dev.nix
+++ b/roles/dev.nix
@ -1,31 +1,24 @@
-# Do not modify this file!  It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations.  Please make changes
-# to /etc/nixos/configuration.nix instead.
 { config, lib, pkgs, ... }:

 let
  unstable = import <nixos-unstable> {};
 in {
  environment.systemPackages = with pkgs; [
-    arduino
-    avrdude
-    pkgsCross.avr.avrlibc  
-    pkgsCross.avr.libcCross
-    pkgsCross.avr.buildPackages.gcc8
-    pkgsCross.avr.buildPackages.binutils
-
+    gnumake
    go
    python37
    python37Packages.pyls-black
    python37Packages.pyls-isort
    python37Packages.pyls-mypy
    rustup
+    unstable.golangci-lint
    unstable.gopls
    unstable.rust-analyzer

    emacs
    sops
    tig
+    ltrace

    openssl pkg-config nasm cmake zlib gcc binutils-unwrapped
  ];
--- a/roles/embedded.nix
+++ b/roles/embedded.nix
@ -0,0 +1,14 @@
+{ config, lib, pkgs, ... }:
+
+let
+  unstable = import <nixos-unstable> {};
+in {
+  environment.systemPackages = with pkgs; [
+    arduino
+    avrdude
+    pkgsCross.avr.avrlibc
+    pkgsCross.avr.libcCross
+    pkgsCross.avr.buildPackages.gcc8
+    pkgsCross.avr.buildPackages.binutils
+  ];
+}
--- a/roles/network.nix
+++ b/roles/network.nix
@ -0,0 +1,15 @@
+{ config, lib, pkgs, ... }:
+
+let
+  unstable = import <nixos-unstable> { config.allowUnfree = true; };
+  cloudstation = pkgs.libsForQt5.callPackage (import ../packages/cloudstation.nix) {};
+in {
+
+  networking.networkmanager.enable = true;
+  users.users.stefan.extraGroups = [ "networkmanager" ];
+
+  environment.systemPackages = with pkgs; [
+    networkmanagerapplet
+    networkmanager-vpnc
+  ];
+}
--- a/roles/work.nix
+++ b/roles/work.nix
@ -0,0 +1,29 @@
+{ config, lib, pkgs, ... }:
+
+let
+  unstable = import <nixos-unstable> { config.allowUnfree = true; };
+  cloudstation = pkgs.libsForQt5.callPackage (import ../packages/cloudstation.nix) {};
+in {
+
+  security.pki.certificateFiles = [
+    ../dotfiles/certs/NetzmarktCA.crt
+    ../dotfiles/certs/vcenter.netzmarkt.lan.crt
+  ];
+
+  networking.extraHosts = ''
+    35.234.109.94 fsi.thomann.de
+  '';
+
+  environment.systemPackages = with pkgs; [
+    (import ../packages/oc311.nix)
+    (import ../packages/oc46.nix)
+    (import ../packages/openshift-install-4.5.nix)
+    astroid
+    cloudstation
+    drone-cli
+    nagstamon
+    python37Packages.pyqt5_with_qtmultimedia # required for nagstamon
+    unstable.slack
+    unstable.velero
+  ];
+}