summaryrefslogtreecommitdiffstats
path: root/makefu/2configs
diff options
context:
space:
mode:
Diffstat (limited to 'makefu/2configs')
-rw-r--r--makefu/2configs/bureautomation/multi/10h_timers.nix4
-rw-r--r--makefu/2configs/bureautomation/multi/frosch.nix95
-rw-r--r--makefu/2configs/deployment/owncloud.nix86
-rw-r--r--makefu/2configs/hw/tp-x230.nix1
-rw-r--r--makefu/2configs/hw/tp-x2x0.nix1
-rw-r--r--makefu/2configs/hw/upower.nix6
-rw-r--r--makefu/2configs/nginx/euer.mon.nix2
-rw-r--r--makefu/2configs/nginx/euer.wiki.nix35
-rw-r--r--makefu/2configs/tools/pcmanfm-extra.nix2
9 files changed, 169 insertions, 63 deletions
diff --git a/makefu/2configs/bureautomation/multi/10h_timers.nix b/makefu/2configs/bureautomation/multi/10h_timers.nix
index 53bfd3725..8cdaa8cfd 100644
--- a/makefu/2configs/bureautomation/multi/10h_timers.nix
+++ b/makefu/2configs/bureautomation/multi/10h_timers.nix
@@ -57,7 +57,7 @@ let
"Trotz schwerer Männergrippe ist ${name} heute im Büro erschienen.",
"${name} kenne keine Parteien mehr, ${name} kenne nur noch Arbeitsplätze",
"${name}, Frage nicht, was dein Arbeitsplatz für dich tun kann. Frage, was du für deinen Arbeitsplatz tun kannst",
- "${name} läuft bis in den Jemen - für sein Unternehmen. ${name} schwimmt bis nach Birma - für meine Firma",
+ "${name} läuft bis in den Jemen - für sein Unternehmen. ${name} schwimmt bis nach Birma - für seine Firma",
"Der Cyberian ${name} ist gekommen um die Bahnwelt vor Cyber-Angriffen zu schützen",
"Alles paletto im Ghetto, ${name}?",
"Hach, ${name}, wenn du hier rein kommst fühlt es sich gleich wieder an wie Montag.",
@@ -147,7 +147,7 @@ let
}
{ service = "homeassistant.turn_on";
entity_id = [
- "switch.fernseher"
+ # "switch.fernseher"
"script.blitz_10s"
"script.announce_${name}"
];
diff --git a/makefu/2configs/bureautomation/multi/frosch.nix b/makefu/2configs/bureautomation/multi/frosch.nix
new file mode 100644
index 000000000..de93ce2b7
--- /dev/null
+++ b/makefu/2configs/bureautomation/multi/frosch.nix
@@ -0,0 +1,95 @@
+{ lib }:
+let
+
+ random_pommes = '' {{ [
+ "Nur ein Pommes Tag ist ein guter Tag",
+ "Schaut wie schön sie fliegen, die Pommes Seifenblasen",
+ "zwo ... eins ... Pommes Zeit",
+ "I cannot believe it is not Pommes",
+ "Naja, wenn es sonst schon nichts anderes gibt, kann man jetzt auch pommes nehmen",
+ "Wenn Aramark was kann, dann ist es frittieren",
+ "Einmal das Hauptgericht mit Pommes, ohne Hauptgericht",
+ "Rieche ich da etwa Pommes? JA!",
+ "Pommes ist auch nur Gemüse,also keine Reue und schlag zu!",
+ "Mit nur fünf Portionen Pommes kann man schon satt werden.",
+ "Heute für Sie, 15 Pommes von hand abgezählt",
+ "Der Weltmarktpreis von Pommes ist durch verschiedene Weltkrisen leider so hoch, dass Aramark den Verkaufspreis verdoppeln musste.",
+ "Vorfreude, schönste Freude, Freude bei Aramark. Pommes in die Schale rein, alle Kunden werden glücklich sein.",
+ "In 15 Minuten ist es wieder so weit, es ist Pommes Zeit!"] | random }}'';
+in {
+ sensor = [
+ { platform = "mqtt";
+ name = "frosch brightness";
+ device_class = "illuminance";
+ state_topic = "/bam/frosch/sensor/brightness/state";
+ availability_topic = "/bam/frosch/status";
+ payload_available = "online";
+ payload_not_available = "offline";
+ }
+ ];
+ binary_sensor = [
+ { platform = "mqtt";
+ name = "frosch auge";
+ state_topic = "/bam/frosch/binary_sensor/froschauge/state";
+ availability_topic = "/bam/frosch/status";
+ payload_available = "online";
+ payload_not_available = "offline";
+ }
+ ];
+ switch = [
+ { platform = "mqtt";
+ name = "frosch blasen";
+ state_topic = "/bam/frosch/switch/blasen/state";
+ command_topic = "/bam/frosch/switch/blasen/command";
+ availability_topic = "/bam/frosch/status";
+ payload_available = "online";
+ payload_not_available = "offline";
+ }
+ ];
+ light = [];
+ automation = [
+ { alias = "Pommeszeit";
+ trigger = {
+ platform = "time";
+ at = "12:15:00";
+ };
+ condition = {
+ condition = "state";
+ entity_id = "binary_sensor.pommes"; # from multi/aramark.nix
+ state = "on";
+ };
+ action = [
+ { service = "homeassistant.turn_on";
+ entity_id = [
+ "script.pommes_announce"
+ "script.seifenblasen_30s" # from script/multi_blink.nix
+ ];
+ }
+ ];
+ }
+ ];
+ script = {
+ pommes_announce = {
+ alias = "Random Pommes announce";
+ sequence = [
+ {
+ service = "media_player.play_media";
+ data = {
+ entity_id = "media_player.mpd";
+ media_content_type = "playlist";
+ media_content_id = "ansage";
+ };
+ }
+ { delay.seconds = 5; }
+ {
+ service = "tts.google_say";
+ entity_id = "media_player.mpd";
+ data_template = {
+ message = random_pommes;
+ language = "de";
+ };
+ }
+ ];
+ };
+ };
+}
diff --git a/makefu/2configs/deployment/owncloud.nix b/makefu/2configs/deployment/owncloud.nix
index 6f073fd4c..59dfa3203 100644
--- a/makefu/2configs/deployment/owncloud.nix
+++ b/makefu/2configs/deployment/owncloud.nix
@@ -110,6 +110,10 @@ let
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
+ add_header X-Frame-Options SAMEORIGIN;
+ add_header X-Download-Options noopen;
+ add_header X-Permitted-Cross-Domain-Policies none;
+
# Optional: Don't log access to assets
access_log off;
'';
@@ -118,23 +122,25 @@ let
access_log off;
'';
};
- services.phpfpm.poolConfigs."${domain}" = ''
- listen = ${socket}
- user = nginx
- group = nginx
- pm = dynamic
- pm.max_children = 32
- pm.max_requests = 500
- pm.start_servers = 2
- pm.min_spare_servers = 2
- pm.max_spare_servers = 5
- listen.owner = nginx
- listen.group = nginx
- php_admin_value[error_log] = 'stderr'
- php_admin_flag[log_errors] = on
- env[PATH] = ${lib.makeBinPath [ pkgs.php ]}
- catch_workers_output = yes
- '';
+ services.phpfpm.pools."${domain}" = {
+ user = "nginx";
+ group = "nginx";
+ listen = socket;
+ settings = {
+ "pm" = "dynamic";
+ "pm.max_children" = 32;
+ "pm.max_requests" = 500;
+ "pm.start_servers" = 2;
+ "pm.min_spare_servers" = 2;
+ "pm.max_spare_servers" = 5;
+ };
+ extraConfig = ''
+ php_admin_value[error_log] = 'stderr'
+ php_admin_flag[log_errors] = on
+ env[PATH] = ${lib.makeBinPath [ pkgs.php ]}
+ catch_workers_output = yes
+ '';
+ };
services.phpfpm.phpOptions = ''
opcache.enable=1
opcache.enable_cli=1
@@ -171,27 +177,29 @@ in {
networking.firewall.allowedTCPPorts = [ 80 443 ];
services.redis.enable = true;
- services.mysql = {
- enable = false;
- package = pkgs.mariadb;
- rootPassword = config.krebs.secret.files.mysql_rootPassword.path;
- initialDatabases = [
- # Or use writeText instead of literalExample?
- #{ name = "nextcloud"; schema = literalExample "./nextcloud.sql"; }
- {
- name = "nextcloud";
- schema = pkgs.writeText "nextcloud.sql"
- ''
- create user if not exists 'nextcloud'@'localhost' identified by 'password';
- grant all privileges on nextcloud.* to 'nextcloud'@'localhost' identified by 'password';
- '';
- }
- ];
- };
+
+ #services.mysql = {
+ # enable = false;
+ # package = pkgs.mariadb;
+ # rootPassword = config.krebs.secret.files.mysql_rootPassword.path;
+ # initialDatabases = [
+ # # Or use writeText instead of literalExample?
+ # #{ name = "nextcloud"; schema = literalExample "./nextcloud.sql"; }
+ # {
+ # name = "nextcloud";
+ # schema = pkgs.writeText "nextcloud.sql"
+ # ''
+ # create user if not exists 'nextcloud'@'localhost' identified by 'password';
+ # grant all privileges on nextcloud.* to 'nextcloud'@'localhost' identified by 'password';
+ # '';
+ # }
+ # ];
+ #};
+
# dataDir is only defined after mysql is enabled
- # krebs.secret.files.mysql_rootPassword = {
- # path = "${config.services.mysql.dataDir}/mysql_rootPassword";
- # owner.name = "root";
- # source-path = toString <secrets> + "/mysql_rootPassword";
- # };
+ #krebs.secret.files.mysql_rootPassword = {
+ # path = "${config.services.mysql.dataDir}/mysql_rootPassword";
+ # owner.name = "root";
+ # source-path = toString <secrets> + "/mysql_rootPassword";
+ #};
}
diff --git a/makefu/2configs/hw/tp-x230.nix b/makefu/2configs/hw/tp-x230.nix
index a6ded0a3e..37d1affb7 100644
--- a/makefu/2configs/hw/tp-x230.nix
+++ b/makefu/2configs/hw/tp-x230.nix
@@ -7,7 +7,6 @@ with import <stockholm/lib>;
# configured media keys inside awesomerc
# sound.mediaKeys.enable = true;
- hardware.bluetooth.enable = true;
# possible i915 powersave options:
# options i915 enable_rc6=1 enable_fbc=1 semaphores=1
diff --git a/makefu/2configs/hw/tp-x2x0.nix b/makefu/2configs/hw/tp-x2x0.nix
index 5570bec55..564925db5 100644
--- a/makefu/2configs/hw/tp-x2x0.nix
+++ b/makefu/2configs/hw/tp-x2x0.nix
@@ -4,6 +4,7 @@
imports = [
./tpm.nix
./ssd.nix
+ ./bluetooth.nix
];
boot.kernelModules = [
diff --git a/makefu/2configs/hw/upower.nix b/makefu/2configs/hw/upower.nix
new file mode 100644
index 000000000..a3932fed3
--- /dev/null
+++ b/makefu/2configs/hw/upower.nix
@@ -0,0 +1,6 @@
+{ pkgs, ... }:
+{
+ services.upower.enable = true;
+ users.users.makefu.packages = [ pkgs.gnome3.gnome-power-manager ];
+}
+
diff --git a/makefu/2configs/nginx/euer.mon.nix b/makefu/2configs/nginx/euer.mon.nix
index 765fef535..c9db15b73 100644
--- a/makefu/2configs/nginx/euer.mon.nix
+++ b/makefu/2configs/nginx/euer.mon.nix
@@ -32,7 +32,7 @@ in {
auth_basic "Needs Autherization to visit";
auth_basic_user_file ${authFile};
proxy_http_version 1.1;
- proxy_set_header Host $http_host;
+ proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_redirect off;
'';
diff --git a/makefu/2configs/nginx/euer.wiki.nix b/makefu/2configs/nginx/euer.wiki.nix
index 732c27784..a6766eeec 100644
--- a/makefu/2configs/nginx/euer.wiki.nix
+++ b/makefu/2configs/nginx/euer.wiki.nix
@@ -23,25 +23,22 @@ let
in {
state = [ base-dir ];
services.phpfpm = {
- # phpfpm does not have an enable option
- poolConfigs = {
- euer-wiki = ''
- user = ${user}
- group = ${group}
- listen = ${fpm-socket}
- listen.owner = ${user}
- listen.group = ${group}
- env[twconf] = ${base-cfg};
- pm = dynamic
- pm.max_children = 5
- pm.start_servers = 2
- pm.min_spare_servers = 1
- pm.max_spare_servers = 3
- chdir = /
- php_admin_value[error_log] = 'stderr'
- php_admin_flag[log_errors] = on
- catch_workers_output = yes
- '';
+ pools.euer-wiki = {
+ inherit user group;
+ listen = fpm-socket;
+ settings = {
+ "pm" = "dynamic";
+ "pm.max_children" = 5;
+ "pm.start_servers" = 2;
+ "pm.min_spare_servers" = 1;
+ "pm.max_spare_servers" = 3;
+ "chdir" = "/";
+ "php_admin_value[error_log]" = "stderr";
+ "php_admin_flag[log_errors]" = "on";
+ "catch_workers_output" = "yes";
+
+ };
+ phpEnv.twconf = base-cfg;
};
};
diff --git a/makefu/2configs/tools/pcmanfm-extra.nix b/makefu/2configs/tools/pcmanfm-extra.nix
index 2d5d20f80..f28f9a91a 100644
--- a/makefu/2configs/tools/pcmanfm-extra.nix
+++ b/makefu/2configs/tools/pcmanfm-extra.nix
@@ -7,5 +7,5 @@
lxmenu-data
];
environment.variables.GIO_EXTRA_MODULES = [ "${pkgs.gvfs}/lib/gio/modules" ];
- services.gnome3.gvfs.enable = true;
+ services.gvfs.enable = true;
}