diff --git a/modules/cross-platform/home-manager/neovim.nix b/modules/cross-platform/home-manager/neovim.nix index 2ea03f9..432dd15 100644 --- a/modules/cross-platform/home-manager/neovim.nix +++ b/modules/cross-platform/home-manager/neovim.nix @@ -4,24 +4,13 @@ pkgs, lib, ... -}: let - markdown-table-mode = pkgs.vimUtils.buildVimPlugin { - name = "markdown-table-mode"; - src = pkgs.fetchFromGitHub { - owner = "Kicamon"; - repo = "markdown-table-mode.nvim"; - rev = "fe207ea7cef615ccaf2c0f1257c58ffa0a50a9f5"; - hash = "sha256-JGc5L+7/eSBww1HaMl0AVcIwEJF/RFqoVRpR3DnP6+E="; - }; - }; -in { +}: { options = { crony.neovim.enable = lib.mkEnableOption "Enable neovim and apply a good config."; }; config = lib.mkIf config.crony.neovim.enable { # Disable stylix for nvf, I wan't to use a properly implemented theme sorry. - stylix.targets.nvf.enable = false; stylix.targets.neovim.enable = false; # Setup neovim with default home manager options @@ -48,282 +37,9 @@ in { pkgs.marksman # for yaml pkgs.yaml-language-server + # for shell scripts + pkgs.bash-language-server ]; }; - - # Setup neovim with nvf - programs.nvf = { - enable = false; - settings = { - vim = { - # Use the nighly package - package = inputs.neovim-nightly-overlay.packages.${pkgs.system}.default; - # Enable the aliases, I love them - viAlias = true; - vimAlias = true; - - # Changing some basic settings - options = { - tabstop = 2; - shiftwidth = 2; - expandtab = true; - softtabstop = 2; - updatetime = 50; - scrolloff = 5; - signcolumn = "no"; - ignorecase = true; - smartcase = true; - colorcolumn = "80"; - laststatus = 3; - }; - - # Enable the undo file - undoFile = { - enable = true; - }; - - binds = { - # Setup whichkey - whichKey.enable = true; - }; - - # Enable lsp - lsp = { - enable = true; - formatOnSave = false; - inlayHints.enable = true; - lightbulb.enable = true; - lspSignature.enable = true; - lspsaga.enable = true; - otter-nvim.enable = true; - trouble.enable = true; - }; - - # Enable diagnostics - diagnostics = { - enable = true; - nvim-lint = { - enable = true; - }; - }; - - # Enable formatting with conform-nvim - formatter = { - conform-nvim = { - enable = true; - }; - }; - - # Some git related stuff - git.git-conflict = { - enable = true; - }; - - # Autocompletion - autocomplete.nvim-cmp = { - enable = true; - mappings = { - close = ""; - complete = null; - confirm = ""; - next = ""; - previous = ""; - }; - }; - - # Setup lsp's and languages - languages = { - enableFormat = true; - enableTreesitter = true; - enableExtraDiagnostics = true; - - lua = { - enable = true; - lsp.lazydev.enable = true; - }; - python = { - enable = true; - format.type = "black-and-isort"; - }; - css.enable = true; - ts = { - enable = true; - extensions = { - ts-error-translator.enable = true; - }; - }; - nix = { - enable = true; - lsp = { - server = "nixd"; - options = { - nixos = { - expr = ''(builtins.getFlake "/home/crony/repos/nixos").nixosConfigurations.CONFIGNAME.options''; - }; - home_manager = { - expr = ''(builtins.getFlake "/home/crony/repos/nixos").homeConfigurations.CONFIGNAME.options''; - }; - }; - }; - }; - bash.enable = true; - go = { - enable = true; - - format = { - enable = true; - type = "gofumpt"; - }; - }; - markdown = { - enable = false; - extensions.render-markdown-nvim.enable = true; - }; - html.enable = true; - csharp.enable = true; - }; - - # utility related plugins - utility = { - direnv = { - enable = true; - }; - snacks-nvim = { - enable = true; - setupOpts = { - bigfile = {enabled = true;}; - quickfile = {enabled = true;}; - }; - }; - }; - - # Enable mini modules ( mini is amazing ) - mini = { - # Text editing - ai.enable = true; - comment.enable = true; - operators.enable = true; - pairs.enable = true; - surround.enable = true; - basics = { - enable = true; - setupOpts = { - mappings = { - windows = true; - move_with_alt = true; - }; - }; - }; - bracketed.enable = true; - bufremove.enable = true; - diff.enable = true; - files.enable = true; - git.enable = true; - sessions.enable = true; - visits.enable = true; - hipatterns = { - enable = true; - setupOpts = { - highlighters = { - fixme = lib.generators.mkLuaInline "{ pattern = '%f[%w]()FIXME()%f[%W]', group = 'MiniHipatternsFixme' }"; - hack = lib.generators.mkLuaInline "{ pattern = '%f[%w]()HACK()%f[%W]', group = 'MiniHipatternsHack' }"; - todo = lib.generators.mkLuaInline "{ pattern = '%f[%w]()TODO()%f[%W]', group = 'MiniHipatternsTodo' }"; - note = lib.generators.mkLuaInline "{ pattern = '%f[%w]()NOTE()%f[%W]', group = 'MiniHipatternsNote' }"; - hex_color = lib.generators.mkLuaInline "require('mini.hipatterns').gen_highlighter.hex_color()"; - }; - }; - }; - icons.enable = true; - indentscope.enable = true; - notify.enable = true; - starter.enable = true; - statusline.enable = true; - move.enable = true; - splitjoin.enable = true; - }; - - # Use telescope - telescope = { - enable = true; - extensions = [ - { - name = "fzf"; - packages = [pkgs.vimPlugins.telescope-fzf-native-nvim]; - setup = {fzf = {fuzzy = true;};}; - } - { - name = "ui-select"; - packages = [pkgs.vimPlugins.telescope-ui-select-nvim]; - } - ]; - }; - - # Theme - theme = { - enable = true; - name = "gruvbox"; - style = "dark"; - }; - - # Keymaps - keymaps = [ - { - key = "e"; - mode = ["n"]; - action = ":lua MiniFiles.open()"; - silent = true; - desc = "Open Mini.Files and manage the filesystem."; - } - { - key = ""; - mode = ["n"]; - action = "zz"; - silent = true; - } - { - key = ""; - mode = ["n"]; - action = "zz"; - silent = true; - } - { - key = ""; - mode = ["n"]; - action = "zz"; - silent = true; - } - { - key = ""; - mode = ["n"]; - action = "zz"; - silent = true; - } - ]; - - navigation.harpoon.enable = true; - - extraLuaFiles = [./nvim/autocommands.lua ./nvim/qmlls.lua]; - - extraPlugins = with pkgs.vimPlugins; { - friendly-snippets = { - package = friendly-snippets; - }; - markdown-table-mode-nvim = { - package = markdown-table-mode; - setup = '' - require('markdown-table-mode').setup() - ''; - }; - helpview-nvim.package = helpview-nvim; - }; - - treesitter.grammars = with pkgs.vimPlugins.nvim-treesitter.builtGrammars; [ - qmljs - kdl - regex - ]; - }; - }; - }; }; } diff --git a/modules/servers/odin/upfast-cleaner.sh b/modules/servers/odin/upfast-cleaner.sh new file mode 100755 index 0000000..c735f54 --- /dev/null +++ b/modules/servers/odin/upfast-cleaner.sh @@ -0,0 +1,23 @@ +#!/usr/bin/env sh + +instance="$*" + +files=$(curl -s "$instance"/files/) + +# Check for keygens on server +if echo "$files" | grep -i "keygen" >> /dev/null; then + for file in $(echo "$files" | grep -i "keygen"); do + echo "Deleting file $file" + curl -X DELETE "$instance/files/$file" + done +fi + +# Delete common php payloads +if echo "$files" | grep -i ".php" >> /dev/null; then + for file in $(echo "$files" | grep -i ".php"); do + if curl -s "$instance/files/$file" | grep -i "base64_decode" >> /dev/null; then + echo "Found payload, deleting file $file" + curl -X DELETE "$instance/files/$file" + fi + done +fi diff --git a/modules/servers/odin/upfast.nix b/modules/servers/odin/upfast.nix index 6e3d98a..b4deaf7 100644 --- a/modules/servers/odin/upfast.nix +++ b/modules/servers/odin/upfast.nix @@ -38,6 +38,31 @@ wantedBy = ["multi-user.target"]; }; + systemd.services.upfast-cleaner = { + description = "Script to automatically delete common types of payloads/keygens."; + + requires = ["upfast.service"]; + after = ["upfast.service"]; + + serviceConfig = { + Type = "oneshot"; + User = "upfast"; + Group = "upfast"; + WorkingDirectory = "/var/lib/upfast"; + }; + + script = "${./upfast-cleaner.sh} 'http://localhost:8383'"; + }; + + systemd.timers.upfast-cleaner = { + enable = true; + timerConfig = { + OnBootSec = "1m"; + OnUnitActiveSec = "1m"; + }; + wantedBy = ["timers.target"]; + }; + services.traefik.dynamicConfigOptions.http = { services.upfast.loadBalancer.servers = [ {