Merge remote-tracking branch 'prism/master'

This commit is contained in:
tv 2020-06-02 23:35:17 +02:00
commit 09c9f8f7fb
125 changed files with 1490 additions and 1963 deletions

6
.gitmodules vendored
View file

@ -7,6 +7,6 @@
[submodule "lass/5pkgs/autowifi"]
path = lass/5pkgs/autowifi
url = https://github.com/Lassulus/autowifi
[submodule "submodules/brockman"]
path = submodules/brockman
url = https://github.com/kmein/brockman.git
[submodule "jeschli/2configs/elisp"]
path = jeschli/2configs/elisp
url = https://github.com/Jeschli/misc-elisp-scripts.git

View file

@ -7,6 +7,7 @@
<stockholm/jeschli/2configs/emacs.nix>
<stockholm/jeschli/2configs/firefox.nix>
<stockholm/jeschli/2configs/rust.nix>
<stockholm/jeschli/2configs/steam.nix>
<stockholm/jeschli/2configs/python.nix>
./desktop.nix
./i3-configuration.nix
@ -36,10 +37,19 @@
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
wget vim git
rofi
ag
alacritty
google-chrome
chromium
copyq
direnv
go
git
gitAndTools.hub
sbcl
rofi
vim
wget
];
users.users.ombi = {
@ -48,19 +58,28 @@
};
users.users.jeschli = {
isNormalUser = true;
isNormalUser = true;
extraGroups = [ "audio" ];
};
# services.xserver.synaptics.enable = true;
services.xserver.libinput.enable = true;
services.xserver.libinput.disableWhileTyping = true;
hardware.pulseaudio.enable = true;
#Enable ssh daemon
services.openssh.enable = true;
#Enable clight
services.clight.enable = true;
services.geoclue2.enable = true;
location.provider = "geoclue2";
users.users.root.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDM1xtX/SF2IzfAIzrXvH4HsW05eTBX8U8MYlEPadq0DS/nHC45hW2PSEUOVsH0UhBRAB+yClVLyN+JAYsuOoQacQqAVq9R7HAoFITdYTMJCxVs4urSRv0pWwTopRIh1rlI+Q0QfdMoeVtO2ZKG3KoRM+APDy2dsX8LTtWjXmh/ZCtpGl1O8TZtz2ZyXyv9OVDPnQiFwPU3Jqs2Z036c+kwxWlxYc55FRuqwRtQ48c/ilPMu+ZvQ22j1Ch8lNuliyAg1b8pZdOkMJF3R8b46IQ8FEqkr3L1YQygYw2M50B629FPgHgeGPMz3mVd+5lzP+okbhPJjMrUqZAUwbMGwGzZ ombi@nixos"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKFXgtbgeivxlMKkoEJ4ANhtR+LRMSPrsmL4U5grFUME jeschli@nixos"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG7C3bgoL9VeVl8pgu8sp3PCOs6TXk4R9y7JKJAHGsfm root@baeckerei"
];
# This value determines the NixOS release with which your system is to be

View file

@ -7,8 +7,8 @@
enable = true;
xkbOptions = "caps:super";
exportConfiguration = true;
displayManager.slim.enable = true;
displayManager.lightdm.enable = true;
};
# Configure fonts

View file

@ -5,88 +5,93 @@ with pkgs;
let
i3_config_file = pkgs.writeText "config" ''
set $mod Mod4
font pango:monospace 8
#font pango:DejaVu Sans Mono 8
# Before i3 v4.8, we used to recommend this one as the default:
# font -misc-fixed-medium-r-normal--13-120-75-75-C-70-iso10646-1
# The font above is very space-efficient, that is, it looks good, sharp and
# clear in small sizes. However, its unicode glyph coverage is limited, the old
# X core fonts rendering does not support right-to-left and this being a bitmap
# font, it doesnt scale on retina/hidpi displays.
# Use Mouse+$mod to drag floating windows to their wanted position
floating_modifier $mod
# start a terminal
bindsym $mod+Return exec i3-sensible-terminal
bindsym $mod+Return exec alacritty
# kill focused window
bindsym $mod+Shift+q kill
# start dmenu (a program launcher)
# bindsym $mod+d exec dmenu_run
# start dmenu (a program launcher)
bindsym $mod+d exec ${pkgs.rofi}/bin/rofi -modi drun#run -combi-modi drun#run -show combi -show-icons -display-combi run
bindsym $mod+x exec ${pkgs.rofi}/bin/rofi -modi window -show window -auto-select
bindsym $mod+F1 exec xinput --list | grep Touchpad | sed 's/.*id=\([0-9][0-9]\).*/\1/' | xargs xinput disable
bindsym $mod+F2 exec xinput --list | grep Touchpad | sed 's/.*id=\([0-9][0-9]\).*/\1/' | xargs xinput enable
# There also is the (new) i3-dmenu-desktop which only displays applications
# shipping a .desktop file. It is a wrapper around dmenu, so you need that
# installed.
# bindsym $mod+d exec --no-startup-id i3-dmenu-desktop
# change focus
bindsym $mod+j focus left
bindsym $mod+k focus down
bindsym $mod+l focus up
bindsym $mod+semicolon focus right
# alternatively, you can use the cursor keys:
bindsym $mod+Left focus left
bindsym $mod+Down focus down
bindsym $mod+Up focus up
bindsym $mod+Right focus right
# move focused window
bindsym $mod+Shift+j move left
bindsym $mod+Shift+k move down
bindsym $mod+Shift+l move up
bindsym $mod+Shift+colon move right
# alternatively, you can use the cursor keys:
bindsym $mod+Shift+Left move left
bindsym $mod+Shift+Down move down
bindsym $mod+Shift+Up move up
bindsym $mod+Shift+Right move right
# split in horizontal orientation
bindsym $mod+h split h
# split in vertical orientation
bindsym $mod+v split v
# enter fullscreen mode for the focused container
bindsym $mod+f fullscreen toggle
# change container layout (stacked, tabbed, toggle split)
bindsym $mod+s layout stacking
bindsym $mod+w layout tabbed
bindsym $mod+e layout toggle split
# toggle tiling / floating
bindsym $mod+Shift+space floating toggle
# change focus between tiling / floating windows
bindsym $mod+space focus mode_toggle
# focus the parent container
bindsym $mod+a focus parent
# focus the child container
#bindsym $mod+d focus child
# Define names for default workspaces for which we configure key bindings later on.
# We use variables to avoid repeating the names in multiple places.
set $ws1 "1"
@ -99,7 +104,7 @@ let
set $ws8 "8"
set $ws9 "9"
set $ws10 "10"
# switch to workspace
bindsym $mod+1 workspace $ws1
bindsym $mod+2 workspace $ws2
@ -111,7 +116,7 @@ let
bindsym $mod+8 workspace $ws8
bindsym $mod+9 workspace $ws9
bindsym $mod+0 workspace $ws10
# move focused container to workspace
bindsym $mod+Shift+1 move container to workspace $ws1
bindsym $mod+Shift+2 move container to workspace $ws2
@ -123,18 +128,18 @@ let
bindsym $mod+Shift+8 move container to workspace $ws8
bindsym $mod+Shift+9 move container to workspace $ws9
bindsym $mod+Shift+0 move container to workspace $ws10
# reload the configuration file
bindsym $mod+Shift+c reload
# restart i3 inplace (preserves your layout/session, can be used to upgrade i3)
bindsym $mod+Shift+r restart
# exit i3 (logs you out of your X session)
bindsym $mod+Shift+e exec "i3-nagbar -t warning -m 'You pressed the exit shortcut. Do you really want to exit i3? This will end your X session.' -B 'Yes, exit i3' 'i3-msg exit'"
# resize window (you can also use the mouse for that)
mode "resize" {
# These bindings trigger as soon as you enter the resize mode
# Pressing left will shrink the windows width.
# Pressing right will grow the windows width.
# Pressing up will shrink the windows height.
@ -143,27 +148,27 @@ let
bindsym k resize grow height 10 px or 10 ppt
bindsym l resize shrink height 10 px or 10 ppt
bindsym semicolon resize grow width 10 px or 10 ppt
# same bindings, but for the arrow keys
bindsym Left resize shrink width 10 px or 10 ppt
bindsym Down resize grow height 10 px or 10 ppt
bindsym Up resize shrink height 10 px or 10 ppt
bindsym Right resize grow width 10 px or 10 ppt
# back to normal: Enter or Escape or $mod+r
bindsym Return mode "default"
bindsym Escape mode "default"
bindsym $mod+r mode "default"
}
bindsym $mod+r mode "resize"
# Start i3bar to display a workspace bar (plus the system information i3status
# finds out, if available)
bar {
status_command i3status
}
'';
'';
in {

@ -0,0 +1 @@
Subproject commit 279d6a01f5abbab5d28d3a57549b7fec800a510e

View file

@ -114,29 +114,29 @@ let
("NEXT" ("WAITING") ("CANCELLED") ("HOLD"))
("DONE" ("WAITING") ("CANCELLED") ("HOLD")))))
(setq org-directory "~/projects/notes_private")
(setq org-default-notes-file "~/projects/notes_private/refile.org")
(setq org-directory "~/projects/notes_privat")
(setq org-default-notes-file "~/projects/notes_privat/refile.org")
;; I use C-c c to start capture mode
(global-set-key (kbd "C-c c") 'org-capture)
;; Capture templates for: TODO tasks, Notes, appointments, phone calls, meetings, and org-protocol
(setq org-capture-templates
(quote (("t" "todo" entry (file "~/git/org/refile.org")
(quote (("t" "todo" entry (file org-default-notes-file)
"* TODO %?\n%U\n%a\n" :clock-in t :clock-resume t)
("r" "respond" entry (file "~/git/org/refile.org")
("r" "respond" entry (file org-default-notes-file)
"* NEXT Respond to %:from on %:subject\nSCHEDULED: %t\n%U\n%a\n" :clock-in t :clock-resume t :immediate-finish t)
("n" "note" entry (file "~/git/org/refile.org")
("n" "note" entry (file org-default-notes-file)
"* %? :NOTE:\n%U\n%a\n" :clock-in t :clock-resume t)
("j" "Journal" entry (file+datetree "~/git/org/diary.org")
"* %?\n%U\n" :clock-in t :clock-resume t)
("w" "org-protocol" entry (file "~/git/org/refile.org")
("w" "org-protocol" entry (file org-default-notes-file)
"* TODO Review %c\n%U\n" :immediate-finish t)
("m" "Meeting" entry (file "~/git/org/refile.org")
("m" "Meeting" entry (file org-default-notes-file)
"* MEETING with %? :MEETING:\n%U" :clock-in t :clock-resume t)
("p" "Phone call" entry (file "~/git/org/refile.org")
("p" "Phone call" entry (file org-default-notes-file)
"* PHONE %? :PHONE:\n%U" :clock-in t :clock-resume t)
("h" "Habit" entry (file "~/git/org/refile.org")
("h" "Habit" entry (file org-default-notes-file)
"* NEXT %?\n%U\n%a\nSCHEDULED: %(format-time-string \"%<<%Y-%m-%d %a .+1d/3d>>\")\n:PROPERTIES:\n:STYLE: habit\n:REPEAT_TO_STATE: NEXT\n:END:\n"))))
;; Remove empty LOGBOOK drawers on clock out
@ -144,7 +144,7 @@ let
(interactive)
(save-excursion
(beginning-of-line 0)
(org-remove-empty-drawer-at "LOGBOOK" (point))))
(org-remove-empty-drawer-at (point))))
(add-hook 'org-clock-out-hook 'bh/remove-empty-drawer-on-clock-out 'append)

View file

@ -9,235 +9,76 @@ let
];
};
orgAgendaView = import ./emacs-org-agenda.nix;
# The emacs packages that I use
# I differ between
# - stable (Packages that I use for some time - happy with it)
# - unstable (Packages that I use for some time - but may drop)
# - testing (Packages that I try out - the new stuff)
emacsPkgs = epkgs:
(with epkgs.melpaPackages ;
packageRepos = ''
(require 'package) ;; You might already have this line
(let* ((no-ssl (and (memq system-type '(windows-nt ms-dos))
(not (gnutls-available-p))))
(url (concat (if no-ssl "http" "https") "://melpa.org/packages/")))
(add-to-list 'package-archives (cons "melpa" url) t)
(add-to-list 'package-archives
'("org" . "http://orgmode.org/elpa/") t)
)
(when (< emacs-major-version 24)
;; For important compatibility libraries like cl-lib
(add-to-list 'package-archives '("gnu" . "http://elpa.gnu.org/packages/")))
(package-initialize)
'';
## windows-purpose (testing)
[ window-purpose ] ++
evilMode = ''
;; Evil Mode
(require 'evil)
(evil-mode 1)
;; (require 'evil-org)
;; (add-hook 'org-mode-hook 'evil-org-mode)
;; (evil-org-set-key-theme '(navigation insert textobjects additional calendar))
;; (require 'evil-org-agenda)
;; (evil-org-agenda-set-keys)
'';
## helm (stable)
# emacs completion engine
[ helm helm-ag ] ++
goMode = ''
(setq godoc-and-godef-command "go doc") ;godoc has no cli support any more, thats go doc now
(add-to-list 'exec-path "~/go/bin")
(add-hook 'go-mode-hook
(lambda ()
(setq-default)
(setq tab-width 2)
(setq standard-indent 2)
(setq indent-tabs-mode nil)))
'';
## deft (testing)
# text search for a directory
[ deft ] ++
ido = ''
(require 'ido)
(ido-mode t)
'';
## lsp mode (unstable)
# Language Server Protocol mode
# Used for rust
[ company-lsp dap-mode helm-lsp lsp-mode lsp-treemacs lsp-ui ] ++
helm = ''
(helm-mode 1)
(global-set-key (kbd "M-x") #'helm-M-x)
(global-set-key (kbd "C-x r b") #'helm-filtered-bookmarks)
(global-set-key (kbd "C-x C-f") #'helm-find-files)
'';
## emacs convenience (stable)
# Mixed and general purpose
[ ag company direnv evil google-this spacemacs-theme ] ++
magit = ''
(global-set-key (kbd "C-x g") 'magit-status) ; "Most Magit commands are commonly invoked from the status buffer"
'';
## common lisp (testing)
[ slime ] ++
windowCosmetics = ''
(menu-bar-mode -1)
(tool-bar-mode -1) ; Disable the button bar atop screen
(scroll-bar-mode -1) ; Disable scroll bar
(toggle-scroll-bar -1)
(setq inhibit-startup-screen t) ; Disable startup screen with graphics
(setq-default indent-tabs-mode nil) ; Use spaces instead of tabs
(setq default-tab-width 2) ; Two spaces is a tab
(setq tab-width 2) ; Four spaces is a tab
(setq visible-bell nil) ; Disable annoying visual bell graphic
(setq ring-bell-function 'ignore) ; Disable super annoying audio bell
'';
## magit (stable)
[ magit ] ++
orgMode = ''
(add-to-list 'auto-mode-alist '("\\.\\(org\\|org_archive\\|txt\\)$" . org-mode))
(global-set-key "\C-cl" 'org-store-link)
(global-set-key "\C-ca" 'org-agenda)
(global-set-key "\C-cb" 'org-iswitchb)
(global-set-key "\C-c L" 'org-insert-link-global)
(global-set-key "\C-c o" 'org-open-at-point-global)
(setq org-link-frame-setup '((file . find-file))) ; open link in same frame.
(if (boundp 'org-user-agenda-files)
(setq org-agenda-files org-user-agenda-files)
(setq org-agenda-files (quote ("~/projects/notes_privat")))
)
'';
## bunch of programming languages (unstable)
[ go-mode haskell-mode nix-mode ] ++
theme = ''
(load-theme 'monokai-alt t)
(load-theme 'whiteboard t)
(disable-theme 'monokai-alt)
(disable-theme 'whiteboard)
## rust (unstable)
[ racer rust-mode ] ++
(defun mh/load-whiteboard-theme ()
"load whiteboard theme"
(interactive)
(message "whiteboard loaded")
(disable-theme 'monokai-alt)
(enable-theme 'whiteboard)
)
(defun mh/load-monokai-theme ()
"load monokai theme"
(interactive)
(message "monokai loaded")
(disable-theme 'whiteboard)
(enable-theme 'monokai-alt)
)
(global-set-key "\C-ctw" 'mh/load-whiteboard-theme)
(global-set-key "\C-ctm" 'mh/load-monokai-theme)
'';
# Configuration for rust development
# inspired by
# https://github.com/bbatsov/prelude/blob/master/modules/prelude-rust.el
#
# This requires rls and racer to be installed on the system
rustDevelopment = ''
(add-hook 'rust-mode-hook #'racer-mode)
(add-hook 'rust-mode-hook (lambda()
(local-set-key (kbd "C-c C-d") 'racer-describe)
(local-set-key (kbd "C-c .") 'racer-find-definition)
(local-set-key (kbd "C-c ,") 'pop-tag-mark))
)
(add-hook 'racer-mode-hook #'eldoc-mode)
(add-hook 'racer-mode-hook #'company-mode)
(require 'rust-mode)
(define-key rust-mode-map (kbd "TAB") #'company-indent-or-complete-common)
(setq company-tooltip-align-annotations t)
'';
recentFiles = ''
(recentf-mode 1)
(setq recentf-max-menu-items 25)
(global-set-key "\C-x\ \C-r" 'recentf-open-files)
'';
myFunctionKeys = ''
(fset 'kill-actual-buffer
[?\C-x ?k return])
(defun mh/open-term-and-rename (name)
"open a new bash and rename it"
(interactive "sName of new terminal: ")
(term "/run/current-system/sw/bin/bash")
(rename-buffer name)
)
(global-set-key (kbd "M-<f8>") 'kill-actual-buffer)
(global-set-key (kbd "<f5>") 'mh/open-term-and-rename)
(global-set-key (kbd "<f6>") 'other-window)
(global-set-key (kbd "<f7>") 'split-window-right)
(global-set-key (kbd "<f8>") 'delete-other-windows)
'';
lspMode = ''
(require 'lsp-mode)
(add-hook 'rust-mode-hook #'lsp)
'';
dotEmacs = pkgs.writeText "dot-emacs" ''
${packageRepos}
${evilMode}
${goMode}
${helm}
${magit}
${orgMode}
${rustDevelopment}
${theme}
${windowCosmetics}
${orgAgendaView}
${myFunctionKeys}
${lspMode}
'';
#emacsWithCustomPackages
emacsPkgs= epkgs: [
# testing lsp mode
epkgs.melpaPackages.lsp-ui
epkgs.melpaPackages.company-lsp
epkgs.melpaPackages.lsp-treemacs
epkgs.melpaPackages.helm-lsp
epkgs.melpaPackages.dap-mode
epkgs.melpaPackages.lsp-mode
## python (stable)
# Python IDE for emacs
[ elpy ]) ++
## org-mode
# Org-Mode has several extensions
# and can be seen as an application of its own.
(with epkgs.melpaPackages ;
# testing
epkgs.melpaPackages.web-mode
epkgs.melpaPackages.js2-mode
epkgs.melpaPackages.xref-js2
[ org-super-agenda org-bullets org-ql ] ++
# unstable
[ smex org-mime orgit ]
) ++
epkgs.melpaPackages.academic-phrases
# stable
(with epkgs.orgPackages ;
[ org-plus-contrib ]) ++
epkgs.melpaPackages.gitlab
epkgs.melpaPackages.helm
epkgs.melpaPackages.weechat
# stable
(with epkgs.elpaPackages ;
[ bbdb which-key ]);
# emacs convenience
epkgs.melpaPackages.ag
epkgs.melpaPackages.company
epkgs.melpaPackages.direnv
epkgs.melpaPackages.evil
epkgs.melpaPackages.google-this
epkgs.melpaPackages.monokai-alt-theme
epkgs.melpaPackages.zenburn-theme
# development
epkgs.melpaPackages.magit
epkgs.melpaPackages.nix-mode
epkgs.melpaPackages.go-mode
epkgs.melpaPackages.haskell-mode
# rust
epkgs.melpaPackages.rust-mode
# epkgs.melpaPackages.flycheck-rust
epkgs.melpaPackages.racer
# python
epkgs.melpaPackages.elpy
# org-mode
epkgs.elpaPackages.bbdb
epkgs.orgPackages.org-plus-contrib
epkgs.melpaPackages.smex
epkgs.melpaPackages.org-mime
epkgs.melpaPackages.orgit
epkgs.elpaPackages.which-key
];
# ## EXWM related (unstable)
# epkgs.exwm
# epkgs.melpaPackages.desktop-environment
# epkgs.melpaPackages.helm-exwm
# ];
emacsWithOverlay = pkgsWithOverlay.emacsWithPackagesFromUsePackage {
config = builtins.readFile dotEmacs; # builtins.readFile ./emacs.el;
config = builtins.readFile ./elisp/init.el;
# Package is optional, defaults to pkgs.emacs
package = pkgsWithOverlay.emacsGit;
# Optionally provide extra packages not in the configuration file
@ -245,18 +86,34 @@ let
};
myEmacs = pkgs.writeDashBin "my-emacs" ''
exec ${emacsWithOverlay}/bin/emacs -q -l ${dotEmacs} "$@"
exec ${emacsWithOverlay}/bin/emacs -q "$@"
'';
myEmacsWithDaemon = pkgs.writeDashBin "my-emacs-daemon" ''
exec ${emacsWithOverlay}/bin/emacs -q -l ${dotEmacs} --daemon
exec ${emacsWithOverlay}/bin/emacs -q --daemon -l ${./elisp/init.el}
'';
myEmacsClient = pkgs.writeDashBin "meclient" ''
exec ${emacsWithOverlay}/bin/emacsclient --create-frame
exec ${emacsWithOverlay}/bin/emacsclient --create-frame "$@"
'';
in {
environment.systemPackages = [
myEmacs myEmacsWithDaemon myEmacsClient
myEmacs myEmacsWithDaemon myEmacsClient emacsWithOverlay
];
## EXWM Config
# services.xserver = {
# enable = true;
# xkbOptions = "caps:super";
# exportConfiguration = true;
#
# displayManager.slim.enable = true;
# windowManager.default = "exwm";
#
# # Set up the login session
# windowManager.session = [{
# name = "exwm";
# start = "${emacsWithOverlay}/bin/emacs -q -l " + builtins.toString ./elisp/init.el;
# }];
# };
}

View file

@ -2,20 +2,11 @@
let
# Firefox addons
https-everywhere = pkgs.callPackage ./own-pkgs/https-everywhere {};
ublock-origin = pkgs.callPackage ./own-pkgs/ublock-origin {};
webgl-fingerprint-defender = pkgs.callPackage ./own-pkgs/webgl-fingerprint-defender {};
canvas-fingerprint-defender = pkgs.callPackage ./own-pkgs/canvas-fingerprint-defender {};
audio-fingerprint-defender = pkgs.callPackage ./own-pkgs/audio-fingerprint-defender {};
font-fingerprint-defender = pkgs.callPackage ./own-pkgs/font-fingerprint-defender {};
user-agent-switcher = pkgs.callPackage ./own-pkgs/user-agent-switcher {};
dark-reader = pkgs.callPackage ./own-pkgs/dark-reader {};
wrapper = pkgs.callPackage ./overlays/firefox-with-config.nix { };
wrapper = pkgs.callPackage ../5pkgs/firefox/firefox-with-config.nix { };
myFirefox = wrapper pkgs.firefox-unwrapped {
extraExtensions = [
# these plugins are defined in 5pkgs/firefox
extraExtensions = with pkgs ; [
dark-reader
https-everywhere
ublock-origin

View file

@ -0,0 +1,18 @@
{ config, pkgs, ... }:
let
all-hies = import (fetchTarball "https://github.com/infinisil/all-hies/tarball/master") {};
in
{
environment.systemPackages = with pkgs; [
cabal2nix
gcc
ghc
haskellPackages.cabal-install
haskellPackages.ghcid
haskellPackages.hindent
haskellPackages.hlint
haskellPackages.hoogle
haskellPackages.stack
(all-hies.selection { selector = p: {inherit (p) ghc864; }; })
];
}

View file

@ -232,11 +232,10 @@ services.xserver.enable = true;
services.xserver.displayManager.lightdm.enable = true;
# Allow users in video group to change brightness
hardware.brightnessctl.enable = true;
environment.systemPackages = with pkgs; [
rofi # Dmenu replacement
acpilight # Replacement for xbacklight
brightnessctl
arandr # Xrandr gui
feh
wirelesstools # To get wireless statistics

View file

@ -0,0 +1,18 @@
with import <stockholm/lib>;
self: super:
let
# This callPackage will try to detect obsolete overrides.
callPackage = path: args: let
override = self.callPackage path args;
upstream = optionalAttrs (override ? "name")
(super.${(parseDrvName override.name).name} or {});
in if upstream ? "name" &&
override ? "name" &&
compareVersions upstream.name override.name != -1
then trace "Upstream `${upstream.name}' gets overridden by `${override.name}'." override
else override;
in
mapNixDir (path: callPackage path {}) ./.

View file

@ -21,7 +21,7 @@ stdenv.mkDerivation rec {
meta = with stdenv.lib; {
description = "ublock origin firefox browser addon";
homepage = https://github.com/gorhill/uBlock;
license = licenses.gnu3;
license = licenses.gpl3;
maintainers = [];
platforms = stdenv.lib.platforms.all;
};

View file

@ -46,8 +46,8 @@ in
# connect to git.shackspace.de as group runner for rz
<stockholm/krebs/2configs/shack/gitlab-runner.nix>
# Statistics collection and visualization
<stockholm/krebs/2configs/shack/graphite.nix>
# Statistics collection and visualization
# <stockholm/krebs/2configs/shack/graphite.nix> # graphiteApi is broken and unused(hopefully)
## Collect data from mqtt.shack and store in graphite database
<stockholm/krebs/2configs/shack/mqtt_sub.nix>
## Collect radioactive data and put into graphite

View file

@ -71,14 +71,13 @@ in
config = mkIf cfg.enable (lib.mkMerge [
{
users.users = singleton {
name = cfg.user;
users.users.${cfg.user} = {
description = "Charybdis IRC daemon user";
uid = config.ids.uids.ircd;
group = cfg.group;
};
users.groups = singleton {
users.groups.${cfg.group} = {
name = cfg.group;
gid = config.ids.gids.ircd;
};
@ -102,7 +101,7 @@ in
};
}
(mkIf (cfg.motd != null) {
environment.etc."charybdis/ircd.motd".text = cfg.motd;
})

View file

@ -102,7 +102,6 @@ let
{ krebs = import ./krebs { inherit config; }; }
{ krebs = import ./lass { inherit config; }; }
{ krebs = import ./makefu { inherit config; }; }
{ krebs = import ./nin { inherit config; }; }
{ krebs = import ./external/palo.nix { inherit config; }; }
{ krebs = import ./external/mic92.nix { inherit config; }; }
{ krebs = import ./tv { inherit config; }; }

View file

@ -68,6 +68,31 @@ in {
};
};
};
helsinki = {
owner = config.krebs.users.ajs124;
nets = {
retiolum = {
ip4.addr = "10.243.10.1";
aliases = [ "helsinki.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEA5MnCmT9xVEtv3hoZsjmgF4pVnPgzaWWVrZVguMfXcbTiusgWqBIM
Ms/Ue676J3kQIJT1QSMA2RWDUU++dUcfhHF87vFpnyCnaKjfz6LyAwlSfKluttyY
aFNgcUWlZRl4wkqys/oYhLD1q26mO/ekCA2eohzbB1TCaPY97VM5nl0MkXStMN76
B+Ipw/gQcZXuWYct8Nj69sETPLnbf6ZBKs+T213as+NUSHVUdmBmV8QtmHDI3e7B
4wAK1JkFCQgVu9gm/6BvqWroOMcmtxzSceyrY+0MWnAnM+wrLcYYaT2xw1OJyWmM
riOHHMw9iLVxqyQ+3eDucJRQcJzO7I4j8zQaoYxPE1ZSl4wTsaypkMuNOyhYv2C9
RNPJgTBlr911NnY7TcKauz/lO1Qcl5kHBMrIfwsbsQK+zfN2XX+s21/SPeSJ7k1N
OqXeyX0mz2l7bhBDwTTDtINSz8sB3BL59mVbWY5z5b90oeKPrfygmp7V0CSKgHBr
b5ZIhMRfgcK+HjolcEqdL9INpJZVFYt3vWPNhDpbX5sEOjjR+ODceriL8zdlTBRx
PyB9OiK6tN+L63QFM7H1NFN9fPeOd2WbHvfoeX255kx8FHSALKL5rVSz9Ejwc97k
rG0FItgHXajPazulBfUV0N9ck7SwLTmStKxtQ8NKCoIJLpv2ip4C+t0CAwEAAQ==
-----END RSA PUBLIC KEY-----
Ed25519PublicKey = 47fX1g6qynVprA+PtniBLEonFp1B70nMrJ8SBCWNJnL
'';
};
};
};
homeros = {
owner = config.krebs.users.kmein;
nets = {
@ -399,6 +424,9 @@ in {
};
};
users = {
ajs124 = {
mail = "stockholm@ajs124.de";
};
ciko = {
mail = "wieczorek.stefan@googlemail.com";
};

View file

@ -30,6 +30,7 @@ in {
60 IN NS ns16.ovh.net.
60 IN NS dns16.ovh.net.
60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
IN MX 5 lassul.us.
60 IN TXT v=spf1 mx a:lassul.us -all
60 IN TXT ( "v=DKIM1; k=rsa; t=s; s=*; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUv3DMndFellqu208feABEzT/PskOfTSdJCOF/HELBR0PHnbBeRoeHEm9XAcOe/Mz2t/ysgZ6JFXeFxCtoM5fG20brUMRzsVRxb9Ur5cEvOYuuRrbChYcKa+fopu8pYrlrqXD3miHISoy6ErukIYCRpXWUJHi1TlNQhLWFYqAaywIDAQAB" )
default._domainkey 60 IN TXT "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUv3DMndFellqu208feABEzT/PskOfTSdJCOF/HELBR0PHnbBeRoeHEm9XAcOe/Mz2t/ysgZ6JFXeFxCtoM5fG20brUMRzsVRxb9Ur5cEvOYuuRrbChYcKa+fopu8pYrlrqXD3miHISoy6ErukIYCRpXWUJHi1TlNQhLWFYqAaywIDAQAB"

View file

@ -182,7 +182,9 @@ in {
gum IN A ${nets.internet.ip4.addr}
io IN NS gum.krebsco.de.
iso.euer IN A ${nets.internet.ip4.addr}
feed.euer IN A ${nets.internet.ip4.addr}
board.euer IN A ${nets.internet.ip4.addr}
etherpad.euer IN A ${nets.internet.ip4.addr}
rss.euer IN A ${nets.internet.ip4.addr}
mediengewitter IN CNAME over.dose.io.
mon.euer IN A ${nets.internet.ip4.addr}

View file

@ -1,111 +0,0 @@
{ config, ... }:
with import <stockholm/lib>;
{
hosts = mapAttrs (_: recursiveUpdate {
owner = config.krebs.users.nin;
ci = true;
}) {
hiawatha = {
cores = 2;
nets = {
retiolum = {
ip4.addr = "10.243.132.96";
ip6.addr = "42:0000:0000:0000:0000:0000:0000:2342";
aliases = [
"hiawatha.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAucIe5yLzKJ8F982XRpZT6CvyXuPrtnNTmw/E/T6Oyq88m/OVHh6o
Viho1XAlJZZwqNniItD0AQB98uFB3+3yA7FepnwwC+PEceIfBG4bTDNyYD3ZCsAB
iWpmRar9SQ7LFnoZ6X2lYaJkUD9afmvXqJJLR5MClnRQo5OSqXaFdp7ryWinHP7E
UkPSNByu4LbQ9CnBEW8mmCVZSBLb8ezxg3HpJSigmUcJgiDBJ6aj22BsZ5L+j1Sr
lvUuaCr8WOS41AYsD5dbTYk7EG42tU5utrOS6z5yHmhbA5r8Ro2OFi/R3Td68BIJ
yw/m8sfItBCvjJSMEpKHEDfGMBCfQKltCwIDAQAB
-----END RSA PUBLIC KEY-----
'';
};
};
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFizK5kauDlnjm/IzyzLi+W4hLKqjSWMkfuxzLwg6egx";
};
axon= {
cores = 2;
nets = {
retiolum = {
ip4.addr = "10.243.134.66";
ip6.addr = "42:0000:0000:0000:0000:0000:0000:1379";
aliases = [
"axon.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIECgKCBAEA89h5SLDQL/ENM//3SMzNkVnW4dBdg1GOXs/SdRCTcgygJC0TzsAo
glfQhfS+OhFSC/mXAjP8DnN7Ys6zXzMfJgH7TgVRJ8tCo5ETehICA19hMjMFINLj
KZhhthPuX7u2Jr4uDMQ0eLJnKVHF4PmHnkA+JGcOqO7VSkgcqPvqPMnJFcMkGWvH
L3KAz1KGPHZWrAB2NBDrD/bOZj4L39nS4nJIYVOraP7ze1GTTC7s/0CnZj3qwS5j
VdUYgAR+bdxlWm1B1PPOjkslP6UOklQQK4SjK3ceLYb2yM7BVICeznjWCbkbMACY
PUSvdxyiD7nZcLvuM3cJ1M45zUK+tAHHDB5FFUUAZ+YY/Xml4+JOINekpQdGQqkN
X4VsdRGKpjqi+OXNP4ktDcVkl8uALmNR6TFfAEwQJdjgcMxgJGW9PkqvPl3Mqgoh
m89lHPpO0Cpf40o6lZRG42gH1OR7Iy1M234uA08a3eFf+IQutHaOBt/Oi0YeiaQp
OtJHmWtpsQRz24/m+uroSUtKZ63sESli28G1jP73Qv7CiB8KvSX0Z4zKJOV/CyaT
LLguAyeWdNLtVg4bGRd7VExoWA+Rd9YKHCiE5duhETZk0Hb9WZmgPdM7A0RBb+1H
/F9BPKSZFl2e42VEsy8yNmBqO8lL7DVbAjLhtikTpPLcyjNeqN99a8jFX4c5nhIK
MVsSLKsmNGQq+dylXMbErsGu3P/OuCZ4mRkC32Kp4qwJ+JMrJc8+ZbhKl6Fhwu0w
7DwwoUaRoMqtr2AwR+X67eJsYiOVo5EkqBo6DrWIM6mO2GrWHg5LTBIShn08q/Nm
ofPK2TmLdfqBycUR0kRCCPVi82f9aElmg3pzzPJnLAn9JLL43q6l+sefvtr9sTs3
1co6m8k5mO8zTb8BCmX2nFMkCopuHeF1nQ33y6woq0D8WsXHfHtbPwN9eYRVrbBF
29YBp5E+Q1pQB+0rJ4A5N1I3VUKhDGKc72pbQc8cYoAbDXA+RKYbsFOra5z585dt
4HQXpwj3a/JGJYRT6FVbJp4p8PjwAtN9VkpXNl4//3lXQdDD6aQ6ssXaKxVAp2Xj
FjPjx6J6ok4mRvofKNAREt4eZUdDub34bff6G0zI7Vls9t4ul0uHsJ6+ic3CG+Yl
buLfOkDp4hVCAlMPQ2NJfWKSggoVao7OTBPTMB3NiM56YOPptfZgu2ttDRTyuQ7p
hrOwutxoy/abH3hA8bWj1+C23vDtQ2gj0r16SWxpPdb3sselquzKp9NIvtyRVfnG
yYZTWRHg9mahMC2P0/wWAQVjKb0LnTib4lSe21uqFkWzp+3/Uu+hiwP5xGez/NIi
ahyL7t0D9r9y+i1RPjYWypgyR568fiGheQIDAQAB
-----END RSA PUBLIC KEY-----
'';
};
};
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF4ubHA2pQzV4tQq9D1zRTD1xOSR6xZM3z6te+5A1ekc";
};
onondaga = {
cores = 1;
nets = {
retiolum = {
ip4.addr = "10.243.132.55";
ip6.addr = "42:0000:0000:0000:0000:0000:0000:1357";
aliases = [
"onondaga.r"
"cgit.onondaga.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAqj6NPhRVsr8abz9FFx9+ld3amfxN7SRNccbksUOqkufGS0vaupFR
OWsgj4Qmt3lQ82YVt5yjx0FZHkAsenCEKM3kYoIb4nipT0e1MWkQ7plVveMfGkiu
htaJ1aCbI2Adxfmk4YbyAr8k3G+Zl9t7gTikBRh7cf5PMiu2JhGUZHzx9urR0ieH
xyashZFjl4TtIy4q6QTiyST9kfzteh8k7CJ72zfYkdHl9dPlr5Nk22zH9xPkyzmO
kCNeknuDqKeTT9erNtRLk6pjEcyutt0y2/Uq6iZ38z5qq9k4JzcMuQ3YPpNy8bxn
hVuk2qBu6kBTUW3iLchoh0d4cfFLWLx1SQIDAQAB
-----END RSA PUBLIC KEY-----
'';
};
};
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGmQk7AXsYLzjUrOjsuhZ3+gT7FjhPtjwxv5XnuU8GJO";
};
};
users = {
nin = {
mail = "nin@axon.r";
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCl4jHl2dya9Tecot7AcHuk57FiPN0lo8eDa03WmTOCCU7gEJLgpi/zwLxY/K4eXsDgOt8LJwddicgruX2WgIYD3LnwtuN40/U9QqqdBIv/5sYZTcShAK2jyPj0vQJlVUpL7DLxxRH+t4lWeRw/1qaAAVt9jEVbzT5RH233E6+SbXxfnQDhDwOXwD1qfM10BOGh63iYz8/loXG1meb+pkv3HTf5/D7x+/y1XvWRPKuJ2Ml33p2pE3cTd+Tie1O8CREr45I9JOIOKUDQk1klFL5NNXnaQ9h1FRCsnQuoGztoBq8ed6XXL/b8mQ0lqJMxHIoCuDN/HBZYJ0z+1nh8X6XH nin@axon";
};
nin_h = {
mail = "nin@hiawatha.r";
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDicZLUPEVNX7SgqYWcjPo0UESRizEfIvVVbiwa1aApA8x25u/5R3sevcgbIpLHYKDMl5tebny9inr6G2zqB6oq/pocQjHxrPnuLzqjvqeSpbjQjlNWJ9GaHT5koTXZHdkEXGL0vfv1SRDNWUiK0rNymr3GXab4DyrnRnuNl/G1UtLf4Zka94YUD0SSPdS9y6knnRrUWKjGMFBZEbNSgHqMGATPQP9VDwKHIO2OWGfiBAJ4nj/MWj+BxHDleCMY9zbym8yY7p/0PLaUe9eIyLC8MftJ5suuMmASlj+UGWgnqUxWxsMHax9y7CTAc23r1NNCXN5LC6/facGt0rEQrdrTizBgOA1FSHAPCl5f0DBEgWBrRuygEcAueuGWvI8/uvtvQQZLhosDbXEfs/3vm2xoYBe7wH4NZHm+d2LqgIcPXehH9hVQsl6pczngTCJt0Q/6tIMffjhDHeYf6xbe/n3AqFT0PylUSvOw/H5iHws3R6rxtgnOio7yTJ4sq0NMzXCtBY6LYPGnkwf0oKsgB8KavZVnxzF8B1TD4nNi0a7ma7bd1LMzI/oGE6i8kDMROgisIECOcoe8YYJZXIne/wimhhRKZAsd+VrKUo4SzNIavCruCodGAVh2vfrqRJD+HD/aWH7Vr1fCEexquaxeKpRtKGIPW9LRCcEsTilqpZdAiw== nin@hiawatha";
};
};
}

View file

@ -45,6 +45,10 @@ with import <stockholm/lib>;
default = self.config.port == "6697";
type = types.bool;
};
API.listen = mkOption {
default = null;
type = types.nullOr types.str;
};
};
}));
};
@ -65,9 +69,11 @@ with import <stockholm/lib>;
ExecStart = let
configFile = pkgs.writeJSON configFileName configValue;
configFileName = "${cfg.systemd-service-name}.config.json";
configValue = recursiveUpdate {
logTime = false;
} (removeAttrs cfg ["_module"]);
configValue = stripAttr (
recursiveUpdate {
logTime = false;
} (removeAttrs cfg ["_module"])
);
in "${pkgs.reaktor2}/bin/reaktor ${configFile}";
Restart = "always";
RestartSec = "30";

View file

@ -301,6 +301,7 @@ let
default = mkDefault true;
inherit (webcfg) basicAuth;
root = optionalString rucfg.enable webdir;
listen = [ { inherit (webcfg) addr port; } ];
locations = {
"/RPC2".extraConfig = ''
@ -319,15 +320,7 @@ let
include ${pkgs.nginx}/conf/fastcgi.conf;
''; }
);
# workaround because upstream nginx api changed
# TODO remove when nobody uses 17.03 anymore
} // (if hasAttr "port" (head options.services.nginx.virtualHosts.type.getSubModules).submodule.options then {
port = webcfg.port;
} else {
listen = [
{ inherit (webcfg) addr port; }
];
});
};
};
rutorrent-imp = {

View file

@ -1,34 +1,43 @@
# This file has been generated by node2nix 1.5.3. Do not edit!
# This file has been generated by node2nix 1.7.0. Do not edit!
{nodeEnv, fetchurl, fetchgit, globalBuildInputs ? []}:
let
sources = {
"double-ended-queue-2.1.0-0" = {
name = "double-ended-queue";
packageName = "double-ended-queue";
version = "2.1.0-0";
"denque-1.4.1" = {
name = "denque";
packageName = "denque";
version = "1.4.1";
src = fetchurl {
url = "https://registry.npmjs.org/double-ended-queue/-/double-ended-queue-2.1.0-0.tgz";
sha1 = "103d3527fd31528f40188130c841efdd78264e5c";
url = "https://registry.npmjs.org/denque/-/denque-1.4.1.tgz";
sha512 = "OfzPuSZKGcgr96rf1oODnfjqBFmr1DVoc/TrItj3Ohe0Ah1C5WX5Baquw/9U9KovnQ88EqmJbD66rKYUQYN1tQ==";
};
};
"redis-commands-1.3.5" = {
"redis-commands-1.5.0" = {
name = "redis-commands";
packageName = "redis-commands";
version = "1.3.5";
version = "1.5.0";
src = fetchurl {
url = "https://registry.npmjs.org/redis-commands/-/redis-commands-1.3.5.tgz";
sha512 = "2q8pai3gf0dczb03jjig3mpaz4j2kvw8icpgf8hp4fryr3d6c0mjkvxxdmlyhainybx4zhgqsw9ghc9p986alzdzd2n2p4cxvr8b0by";
url = "https://registry.npmjs.org/redis-commands/-/redis-commands-1.5.0.tgz";
sha512 = "6KxamqpZ468MeQC3bkWmCB1fp56XL64D4Kf0zJSwDZbVLLm7KFkoIcHrgRvQ+sk8dnhySs7+yBg94yIkAK7aJg==";
};
};
"redis-parser-2.6.0" = {
"redis-errors-1.2.0" = {
name = "redis-errors";
packageName = "redis-errors";
version = "1.2.0";
src = fetchurl {
url = "https://registry.npmjs.org/redis-errors/-/redis-errors-1.2.0.tgz";
sha1 = "eb62d2adb15e4eaf4610c04afe1529384250abad";
};
};
"redis-parser-3.0.0" = {
name = "redis-parser";
packageName = "redis-parser";
version = "2.6.0";
version = "3.0.0";
src = fetchurl {
url = "https://registry.npmjs.org/redis-parser/-/redis-parser-2.6.0.tgz";
sha1 = "52ed09dacac108f1a631c07e9b69941e7a19504b";
url = "https://registry.npmjs.org/redis-parser/-/redis-parser-3.0.0.tgz";
sha1 = "b66d828cdcafe6b4b8a428a7def4c6bcac31c8b4";
};
};
};
@ -37,40 +46,43 @@ in
formidable = nodeEnv.buildNodePackage {
name = "formidable";
packageName = "formidable";
version = "1.2.1";
version = "1.2.2";
src = fetchurl {
url = "https://registry.npmjs.org/formidable/-/formidable-1.2.1.tgz";
sha512 = "1x0n2rfaiasdjbw1mm7s29z84f68c7iji7lb1gkxvpknvv6q7bwns7z55ijcf4vkh4kvis12rbgaaih49jf9lj53s30mllb1d35bkqn";
url = "https://registry.npmjs.org/formidable/-/formidable-1.2.2.tgz";
sha512 = "V8gLm+41I/8kguQ4/o1D3RIHRmhYFG4pnNyonvua+40rqcEmT4+V71yaZ3B457xbbgCsCfjSPi65u/W6vK1U5Q==";
};
buildInputs = globalBuildInputs;
meta = {
description = "A node.js module for parsing form data, especially file uploads.";
homepage = https://github.com/felixge/node-formidable;
homepage = https://github.com/node-formidable/formidable;
license = "MIT";
};
production = true;
bypassCache = true;
reconstructLock = true;
};
redis = nodeEnv.buildNodePackage {
name = "redis";
packageName = "redis";
version = "2.8.0";
version = "3.0.2";
src = fetchurl {
url = "https://registry.npmjs.org/redis/-/redis-2.8.0.tgz";
sha512 = "3a3044ax6qdvss83xgjfx10h5q91ls0mwgs3wpsnxcdsiipq3cnmqzsh6glyq0r7vsmpw49jp84c2jnfrhi2bgycrkd9hhhf6ia8lrk";
url = "https://registry.npmjs.org/redis/-/redis-3.0.2.tgz";
sha512 = "PNhLCrjU6vKVuMOyFu7oSP296mwBkcE6lrAjruBYG5LgdSqtRBoVQIylrMyVZD/lkF24RSNNatzvYag6HRBHjQ==";
};
dependencies = [
sources."double-ended-queue-2.1.0-0"
sources."redis-commands-1.3.5"
sources."redis-parser-2.6.0"
sources."denque-1.4.1"
sources."redis-commands-1.5.0"
sources."redis-errors-1.2.0"
sources."redis-parser-3.0.0"
];
buildInputs = globalBuildInputs;
meta = {
description = "Redis client library";
homepage = https://github.com/NodeRedis/node_redis;
description = "A high performance Redis client.";
homepage = https://github.com/NodeRedis/node-redis;
license = "MIT";
};
production = true;
bypassCache = true;
reconstructLock = true;
};
}

View file

@ -1,2 +1,4 @@
node2nix -8 -i pkgs.json -c combine.nix
#!/usr/bin/env nix-shell
#! nix-shell -i bash -p nodePackages_10_x.node2nix
node2nix -10 -i pkgs.json -c combine.nix
rm node-env.nix combine.nix

View file

@ -138,7 +138,7 @@ pkgs.writers.writeDashBin "generate-wallpaper" ''
# remove snow from ice map
if needs_rebuild ice.png ice-raw.jpg; then
convert ice-raw.jpg -fuzz 20% -fill black -opaque white -scale "$in_size" ice.png
convert ice-raw.jpg -fuzz 20% -fill black -opaque white -colorspace gray -blur 0x6 -scale "$in_size" ice.png
fi
if needs_rebuild snow.png snow-raw.jpg; then

View file

@ -1,7 +1,7 @@
{
"url": "https://github.com/NixOS/nixpkgs-channels",
"rev": "d96bd3394b734487d1c3bfbac0e8f17465e03afe",
"date": "2020-03-19T15:32:34+01:00",
"sha256": "05n27wz5ln9ni5cy5rhjcy612i44gmblkq5m0g827v8pd0nk00da",
"rev": "0f5ce2fac0c726036ca69a5524c59a49e2973dd4",
"date": "2020-05-19T01:31:20+02:00",
"sha256": "0nkk492aa7pr0d30vv1aw192wc16wpa1j02925pldc09s9m9i0r3",
"fetchSubmodules": false
}

View file

@ -1,7 +1,7 @@
{
"url": "https://github.com/NixOS/nixpkgs-channels",
"rev": "598a9cbed6348ebda43c6b1a9a3061e0206297e7",
"date": "2020-03-28T03:06:32+01:00",
"sha256": "12m910j2sfhm3a6skw4janxy010gzdxp15bn8v9w7w9hhjzvdw8c",
"rev": "48723f48ab92381f0afd50143f38e45cf3080405",
"date": "2020-05-22T11:40:20+02:00",
"sha256": "0h3b3l867j3ybdgimfn76lw7w6yjhszd5x02pq5827l659ihcf53",
"fetchSubmodules": false
}

View file

@ -3,7 +3,7 @@ dir=$(dirname $0)
oldrev=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/')
nix-shell -p nix-prefetch-git --run 'nix-prefetch-git \
--url https://github.com/NixOS/nixpkgs-channels \
--rev refs/heads/nixos-19.09' \
--rev refs/heads/nixos-20.03' \
> $dir/nixpkgs.json
newrev=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/')
git commit $dir/nixpkgs.json -m "nixpkgs: $oldrev -> $newrev"

View file

@ -21,20 +21,15 @@ with import <stockholm/lib>;
#<stockholm/lass/2configs/prism-share.nix>
<stockholm/lass/2configs/ssh-cryptsetup.nix>
<stockholm/lass/2configs/network-manager.nix>
<stockholm/lass/2configs/home-media.nix>
];
#media center
users.users.media = {
isNormalUser = true;
uid = genid_uint31 "media";
extraGroups = [ "video" "audio" ];
};
krebs.build.host = config.krebs.hosts.icarus;
services.xserver.displayManager.lightdm.autoLogin = {
enable = true;
user = "media";
};
krebs.build.host = config.krebs.hosts.icarus;
programs.adb.enable = true;
environment.systemPackages = [ pkgs.chromium ];
}

View file

@ -46,6 +46,15 @@
'';
services.thinkfan.enable = true;
services.thinkfan.levels = ''
(0, 0, 55)
(1, 48, 60)
(2, 50, 61)
(3, 52, 63)
(6, 60, 65)
(7, 80, 85)
(127, 90, 32767)
'';
services.logind.lidSwitch = "ignore";
services.logind.lidSwitchDocked = "ignore";

View file

@ -39,6 +39,7 @@ with import <stockholm/lib>;
<stockholm/lass/2configs/network-manager.nix>
<stockholm/lass/2configs/nfs-dl.nix>
#<stockholm/lass/2configs/hardening.nix>
<stockholm/lass/2configs/ppp.nix>
{
krebs.iptables.tables.filter.INPUT.rules = [
#risk of rain
@ -76,16 +77,6 @@ with import <stockholm/lib>;
};
};
}
{
lass.umts = {
enable = true;
modem = "/dev/serial/by-id/usb-Lenovo_F5521gw_2C7D8D7C35FC7040-if09";
initstrings = ''
Init1 = AT+CFUN=1
Init2 = AT+CGDCONT=1,"IP","pinternet.interkom.de","",0,0
'';
};
}
{
services.nginx = {
enable = true;

View file

@ -65,13 +65,6 @@ with import <stockholm/lib>;
config.krebs.users.makefu.pubkey
];
};
users.users.nin = {
uid = genid "nin";
isNormalUser = true;
openssh.authorizedKeys.keys = [
config.krebs.users.nin.pubkey
];
};
users.extraUsers.dritter = {
uid = genid_uint31 "dritter";
isNormalUser = true;
@ -123,26 +116,6 @@ with import <stockholm/lib>;
localAddress = "10.233.2.2";
};
}
{
#onondaga
systemd.services."container@onondaga".reloadIfChanged = mkForce false;
containers.onondaga = {
config = { ... }: {
imports = [ <stockholm/lass/2configs/rebuild-on-boot.nix> ];
environment.systemPackages = [ pkgs.git ];
services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = [
config.krebs.users.lass.pubkey
config.krebs.users.nin.pubkey
];
};
autoStart = true;
enableTun = true;
privateNetwork = true;
hostAddress = "10.233.2.5";
localAddress = "10.233.2.6";
};
}
<stockholm/lass/2configs/exim-smarthost.nix>
<stockholm/lass/2configs/ts3.nix>
<stockholm/lass/2configs/privoxy-retiolum.nix>
@ -263,8 +236,6 @@ with import <stockholm/lib>;
}
{
users.users.download.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDB0d0JA20Vqn7I4lCte6Ne2EOmLZyMJyS9yIKJYXNLjbLwkQ4AYoQKantPBkTxR75M09E7d3j5heuWnCjWH45TrfQfe1EOSSC3ppCI6C6aIVlaNs+KhAYZS0m2Y8WkKn+TT5JLEa8yybYVN/RlZPOilpj/1QgjU6CQK+eJ1k/kK+QFXcwN82GDVh5kbTVcKUNp2tiyxFA+z9LY0xFDg/JHif2ROpjJVLQBJ+YPuOXZN5LDnVcuyLWKThjxy5srQ8iDjoxBg7dwLHjby5Mv41K4W61Gq6xM53gDEgfXk4cQhJnmx7jA/pUnsn2ZQDeww3hcc7vRf8soogXXz2KC9maiq0M/svaATsa9Ul4hrKnqPZP9Q8ScSEAUX+VI+x54iWrnW0p/yqBiRAzwsczdPzaQroUFTBxrq8R/n5TFdSHRMX7fYNOeVMjhfNca/gtfw9dYBVquCvuqUuFiRc0I7yK44rrMjjVQRcAbw6F8O7+04qWCmaJ8MPlmApwu2c05VMv9hiJo5p6PnzterRSLCqF6rIdhSnuOwrUIt1s/V+EEZXHCwSaNLaQJnYL0H9YjaIuGz4c8kVzxw4c0B6nl+hqW5y5/B2cuHiumnlRIDKOIzlv8ufhh21iN7QpIsPizahPezGoT1XqvzeXfH4qryo8O4yTN/PWoA+f7o9POU7L6hQ== lhebendanz@nixos"
config.krebs.users.palo.pubkey
];
}
{
@ -382,6 +353,9 @@ with import <stockholm/lib>;
lass.pubkey
lass-android.pubkey
makefu.pubkey
palo.pubkey
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDB0d0JA20Vqn7I4lCte6Ne2EOmLZyMJyS9yIKJYXNLjbLwkQ4AYoQKantPBkTxR75M09E7d3j5heuWnCjWH45TrfQfe1EOSSC3ppCI6C6aIVlaNs+KhAYZS0m2Y8WkKn+TT5JLEa8yybYVN/RlZPOilpj/1QgjU6CQK+eJ1k/kK+QFXcwN82GDVh5kbTVcKUNp2tiyxFA+z9LY0xFDg/JHif2ROpjJVLQBJ+YPuOXZN5LDnVcuyLWKThjxy5srQ8iDjoxBg7dwLHjby5Mv41K4W61Gq6xM53gDEgfXk4cQhJnmx7jA/pUnsn2ZQDeww3hcc7vRf8soogXXz2KC9maiq0M/svaATsa9Ul4hrKnqPZP9Q8ScSEAUX+VI+x54iWrnW0p/yqBiRAzwsczdPzaQroUFTBxrq8R/n5TFdSHRMX7fYNOeVMjhfNca/gtfw9dYBVquCvuqUuFiRc0I7yK44rrMjjVQRcAbw6F8O7+04qWCmaJ8MPlmApwu2c05VMv9hiJo5p6PnzterRSLCqF6rIdhSnuOwrUIt1s/V+EEZXHCwSaNLaQJnYL0H9YjaIuGz4c8kVzxw4c0B6nl+hqW5y5/B2cuHiumnlRIDKOIzlv8ufhh21iN7QpIsPizahPezGoT1XqvzeXfH4qryo8O4yTN/PWoA+f7o9POU7L6hQ== lhebendanz@nixos"
"AAAAB3NzaC1yc2EAAAADAQABAAABgQC4ECL9NSCWqs4KVe+FF+2BPtl5Bv5aQPHqnXllCyiESZykwRKLx6/AbF5SbUAUMVZtp9oDSdp28m3BvVeWJ/q7hAbIxUtfd/jp+JBRZ8Kj6K5GzUO7Bhgl/o0A7xEjAeOKHiYuLjdPMcFUyl6Ah4ey/mcQYf6AdU0+hYUDeUlKe/YxxYD6202W0GJq2xGdIqs/TbopT9iaX+sv0wdXDVfFY72nFqOUwJW3u6O2viKKRugrz/eo50Eo3ts7pYz/FpDXExrUvV9Vu/bQ34pa8nKgF3/AKQHgmzljNQSVZKyAV8OY0UFonjBMXCBg2tXtwfnlzdx2SyuQVv55x+0AuRKsi85G2xLpXu1A3921pseBTW6Q6kbYK9eqxAay2c/kNbwNqFnO+nCvQ6Ier/hvGddOtItMu96IuU2E7mPN6WgvM8/3fjJRFWnZxFxqu/k7iH+yYT8qwRgdiSqZc76qvkYEuabdk2itstTRY0A3SpI3hFMZDw/7bxgMZtqpfyoRk5s= philip@shiki11:15 <Profpatsch> AAAAB3NzaC1yc2EAAAADAQABAAABgQC4ECL9NSCWqs4KVe+FF+2BPtl5Bv5aQPHqnXllCyiESZykwRKLx6/AbF5SbUAUMVZtp9oDSdp28m3BvVeWJ/q7hAbIxUtfd/jp+JBRZ8Kj6K5GzUO7Bhgl/o0A7xEjAeOKHiYuLjdPMcFUyl6Ah4ey/mcQYf6AdU0+hYUDeUlKe/YxxYD6202W0GJq2xGdIqs/TbopT9iaX+sv0wdXDVfFY72nFqOUwJW3u6O2viKKRugrz/eo50Eo3ts7pYz/FpDXExrUvV9Vu/bQ34pa8nKgF3/AKQHgmzljNQSVZKyAV8OY0UFonjBMXCBg2tXtwfnlzdx2SyuQVv55x+0AuRKsi85G2xLpXu1A3921pseBTW6Q6kbYK9eqxAay2c/kNbwNqFnO+nCvQ6Ier/hvGddOtItMu96IuU2E7mPN6WgvM8/3fjJRFWnZxFxqu/k7iH+yYT8qwRgdiSqZc76qvkYEuabdk2itstTRY0A3SpI3hFMZDw/7bxgMZtqpfyoRk5s= philip@shiki"
];
};
};

View file

@ -19,23 +19,14 @@ with import <stockholm/lib>;
<stockholm/lass/2configs/ssh-cryptsetup.nix>
<stockholm/lass/2configs/nfs-dl.nix>
<stockholm/lass/2configs/gg23.nix>
<stockholm/lass/2configs/hass>
<stockholm/lass/2configs/br.nix>
<stockholm/lass/2configs/fetchWallpaper.nix>
<stockholm/lass/2configs/home-media.nix>
];
krebs.build.host = config.krebs.hosts.shodan;
#media center
users.users.media = {
isNormalUser = true;
uid = genid_uint31 "media";
extraGroups = [ "video" "audio" ];
};
services.xserver.displayManager.lightdm.autoLogin = {
enable = true;
user = "media";
};
services.logind.lidSwitch = "ignore";
services.logind.lidSwitchDocked = "ignore";

View file

@ -12,6 +12,7 @@ with import <stockholm/lib>;
i18n.defaultLocale ="de_DE.UTF-8";
time.timeZone = "Europe/Berlin";
services.xserver.enable = true;
services.xserver.libinput.enable = false;
users.users.locke = {
uid = genid "locke";
home = "/home/locke";

View file

@ -71,12 +71,14 @@ in {
gitAndTools.qgit
git-preview
gnome3.dconf
iodine
lm_sensors
ncdu
nix-index
nix-review
nmap
pavucontrol
ponymix
powertop
rxvt_unicode-with-plugins
sxiv
@ -112,7 +114,7 @@ in {
xkbOptions = "caps:escape";
libinput.enable = true;
displayManager.lightdm.enable = true;
windowManager.default = "xmonad";
displayManager.defaultSession = "none+xmonad";
windowManager.session = [{
name = "xmonad";
start = ''

View file

@ -19,6 +19,7 @@ with (import <stockholm/lib>);
];
services.tor.enable = true;
services.tor.client.enable = true;
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-i retiolum -p udp --dport 60000:61000"; target = "ACCEPT";}

View file

@ -113,6 +113,8 @@
];
in {
environment.systemPackages = [ pkgs.review-mail-queue ];
krebs.exim-smarthost = {
enable = true;
dkim = [

View file

@ -20,12 +20,13 @@ with import <stockholm/lib>;
}
'';
machines = [
{ ethernetAddress = "c8:3d:d4:2c:40:ae"; hostName = "tv"; ipAddress = "10.42.0.3"; }
{ ethernetAddress = "a8:a6:48:65:ce:4c"; hostName = "tv"; ipAddress = "10.42.0.3"; }
{ ethernetAddress = "3c:2a:f4:22:28:37"; hostName = "drucker"; ipAddress = "10.42.0.4"; }
{ ethernetAddress = "80:7d:3a:67:b7:01"; hostName = "s20-bett"; ipAddress = "10.42.0.10"; }
{ ethernetAddress = "80:7d:3a:67:b7:01"; hostName = "s20-tv"; ipAddress = "10.42.0.10"; }
{ ethernetAddress = "80:7d:3a:68:04:f0"; hostName = "s20-drucker"; ipAddress = "10.42.0.11"; }
{ ethernetAddress = "80:7d:3a:68:11:a5"; hostName = "s20-kueche"; ipAddress = "10.42.0.12"; }
{ ethernetAddress = "80:7d:3a:68:11:a5"; hostName = "s20-wasch"; ipAddress = "10.42.0.12"; }
{ ethernetAddress = "80:7d:3a:67:bb:69"; hostName = "s20-stereo"; ipAddress = "10.42.0.13"; }
{ ethernetAddress = "ec:b5:fa:07:78:16"; hostName = "hue-bridge"; ipAddress = "10.42.0.21"; }
{ ethernetAddress = "80:8d:b7:c5:80:dc"; hostName = "arubaAP"; ipAddress = "10.42.0.99"; }
];
};
@ -45,9 +46,6 @@ with import <stockholm/lib>;
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-i int0 -p tcp --dport 8123"; target = "ACCEPT"; } # hass
{ predicate = "-i retiolum -p tcp --dport 8123"; target = "ACCEPT"; } # hass
{ predicate = "-i int0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto
{ predicate = "-i int0 -p udp --dport 53"; target = "ACCEPT"; } # dns
];
krebs.iptables.tables.filter.FORWARD.rules = [
@ -62,72 +60,5 @@ with import <stockholm/lib>;
krebs.iptables.tables.nat.POSTROUTING.rules = [
{ v6 = false; predicate = "-s 10.42.0.0/24 ! -d 10.42.0.0/24"; target = "MASQUERADE"; }
];
services.home-assistant = let
tasmota_s20 = name: topic: {
platform = "mqtt";
inherit name;
state_topic = "stat/${topic}/POWER";
command_topic = "cmnd/${topic}/POWER";
payload_on = "ON";
payload_off = "OFF";
};
in {
enable = true;
package = pkgs.home-assistant.override {
#extraComponents = [
# (pkgs.fetchgit {
# url = "https://github.com/marcschumacher/dwd_pollen";
# rev = "0.1";
# sha256 = "12vldwsds27c9l15ffc6svk9mj17jhypcz736pvpmpqbsymllz2p";
# })
#];
};
config = {
homeassistant = {
name = "Home"; time_zone = "Europe/Berlin";
latitude = "48.7687";
longitude = "9.2478";
elevation = 247;
};
sun.elevation = 66;
discovery = {};
frontend = { };
mqtt = {
broker = "localhost";
port = 1883;
client_id = "home-assistant";
username = "gg23";
password = "gg23-mqtt";
keepalive = 60;
protocol = 3.1;
};
sensor = [
];
switch = [
(tasmota_s20 "Drucker Strom" "drucker")
(tasmota_s20 "Bett Licht" "bett")
(tasmota_s20 "Kueche Licht" "kueche")
];
device_tracker = [
{
platform = "luci";
}
];
};
};
services.mosquitto = {
enable = true;
host = "0.0.0.0";
allowAnonymous = false;
checkPasswords = true;
users.gg23 = {
password = "gg23-mqtt";
acl = [ "topic readwrite #" ];
};
};
environment.systemPackages = [ pkgs.mosquitto ];
}

View file

@ -0,0 +1,106 @@
{ config, lib, pkgs, ... }:
with import ./lib.nix { inherit lib; };
{
imports = [
./zigbee.nix
./rooms/bett.nix
./rooms/essen.nix
./rooms/nass.nix
];
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-i int0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto
{ predicate = "-i docker0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto
{ predicate = "-i int0 -p tcp --dport 8123"; target = "ACCEPT"; } # hass
{ predicate = "-i retiolum -p tcp --dport 8123"; target = "ACCEPT"; } # hass
];
services.home-assistant = {
enable = true;
package = pkgs.home-assistant.override {
# extraComponents = [ "hue" ];
};
configWritable = true;
};
lass.hass.config = let
tasmota_s20 = name: topic: {
platform = "mqtt";
inherit name;
state_topic = "stat/${topic}/POWER";
command_topic = "cmnd/${topic}/POWER";
payload_on = "ON";
payload_off = "OFF";
};
in {
homeassistant = {
name = "Home";
time_zone = "Europe/Berlin";
latitude = "52.46187";
longitude = "13.41489";
elevation = 90;
unit_system = "metric";
customize = friendly_names;
};
config = {};
sun.elevation = 66;
discovery = {};
frontend = {};
mqtt = {
broker = "localhost";
port = 1883;
client_id = "home-assistant";
username = "gg23";
password = "gg23-mqtt";
keepalive = 60;
protocol = 3.1;
discovery = true;
birth_message = {
topic = "/hass/status";
payload = "online";
};
will_message = {
topic = "/hass/status";
payload = "offline";
};
};
sensor = [
{
platform = "dwd_weather_warnings";
region_name = "Berlin";
}
];
switch = [
(tasmota_s20 "TV" "tv")
(tasmota_s20 "Drucker Strom" "drucker")
(tasmota_s20 "Waschmaschine" "wasch")
(tasmota_s20 "Stereo Anlage" "stereo")
];
mobile_app = {};
hue = {};
weather = [
{
platform = "openweathermap";
api_key = "xxx"; # TODO put into secrets
}
];
system_health = {};
history = {};
shopping_list = {};
};
services.mosquitto = {
enable = true;
host = "0.0.0.0";
allowAnonymous = false;
checkPasswords = true;
users.gg23 = {
password = "gg23-mqtt";
acl = [ "topic readwrite #" ];
};
};
environment.systemPackages = [ pkgs.mosquitto ];
}

263
lass/2configs/hass/lib.nix Normal file
View file

@ -0,0 +1,263 @@
{ lib, ... }:
rec {
lights = {
bett = "0x0017880106ed3bd8";
essen = "0x0017880108327622";
arbeit = "0x0017880106ee2865";
nass = "0x00178801082e9f2f";
};
switches = {
dimmer = {
bett = "0x00178801086ac38c";
essen = "0x00178801086ad1fb";
nass = "0x00178801086ac373";
};
};
sensors = {
movement = {
essen = "0x0017880106f772f2";
nass = "0x0017880106f77f30";
};
};
friendly_names =
lib.mapAttrs' (n: v: lib.nameValuePair "light.${v}_light" { friendly_name = "l.${n}"; }) lights //
lib.mapAttrs' (n: v: lib.nameValuePair "binary_sensor.${v}_update_available" { friendly_name = "s.${n}_up"; }) switches.dimmer //
lib.mapAttrs' (n: v: lib.nameValuePair "binary_sensor.${v}_update_available" { friendly_name = "i.${n}_up"; }) sensors.movement //
lib.mapAttrs' (n: v: lib.nameValuePair "binary_sensor.${v}_update_available" { friendly_name = "l.${n}_up"; }) lights //
lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_linkquality" { friendly_name = "s.${n}_link"; }) switches.dimmer //
lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_linkquality" { friendly_name = "i.${n}_link"; }) sensors.movement //
lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_linkquality" { friendly_name = "l.${n}_link"; }) lights //
lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_battery" { friendly_name = "s.${n}_bat"; }) switches.dimmer //
lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_battery" { friendly_name = "i.${n}_bat"; }) sensors.movement //
lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_action" { friendly_name = "s.${n}_act"; }) switches.dimmer //
lib.mapAttrs' (n: v: lib.nameValuePair "binary_sensor.${v}_occupancy" { friendly_name = "i.${n}_move"; }) sensors.movement //
lib.mapAttrs' (n: v: lib.nameValuePair "binary_sensor.${v}_occupancy" { friendly_name = "i.${n}_move"; }) sensors.movement //
lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_temperature" { friendly_name = "i.${n}_heat"; }) sensors.movement //
lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_temperature" { friendly_name = "i.${n}_heat"; }) sensors.movement //
lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_illuminance" { friendly_name = "i.${n}_lux"; }) sensors.movement //
lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_illuminance" { friendly_name = "i.${n}_lux"; }) sensors.movement //
{};
detect_movement = sensor: light: delay:
let
id = "${sensor}_${light}";
sensor_ = "binary_sensor.${sensor}_occupancy";
light_ = "light.${light}_light";
in {
input_boolean."${id}" = {
};
timer."${id}" = {
duration = delay;
};
automation = [
# {
# alias = "debug detect_movement";
# trigger = {
# platform = "state";
# entity_id = sensor_;
# };
# action = [
# {
# service = "system_log.write";
# data_template = {
# message = "XXXXXXXXXXXXXXXXXXXXXX {{ states('input_boolean.${sensor}_${light}_triggered') == 'on' }}";
# #message = "XXXXXXXXXXXXXXXXXXXXXX {{ state_attr('trigger.to_state.state', 'illuminance') }}";
# };
# }
# ];
# }
{
alias = "movement reset timer ${id}";
hide_entity = true;
trigger = {
platform = "state";
entity_id = sensor_;
from = "off";
to = "on";
};
action = [
{
service = "timer.cancel";
data_template.entity_id = "timer.${id}";
}
];
}
{
alias = "movement on ${id}";
# hide_entity = true;
trigger = {
platform = "state";
entity_id = "binary_sensor.${sensor}_occupancy";
from = "off";
to = "on";
};
condition = {
condition = "and";
conditions = [
{
condition = "template";
value_template = "{{ trigger.to_state.attributes.illuminance < 13000 }}";
}
{
condition = "template";
value_template = "{{ states('${light_}') == 'off' }}";
}
];
};
action = [
{
service = "light.turn_on";
data_template = {
entity_id = light_;
brightness = "100";
};
}
{ delay = "0:00:02"; }
{
service = "input_boolean.turn_on";
data_template.entity_id = "input_boolean.${id}";
}
];
}
{
alias = "movement off ${id}";
hide_entity = true;
trigger = {
platform = "state";
entity_id = sensor_;
from = "on";
to = "off";
};
condition = {
condition = "template";
value_template = "{{ states('input_boolean.${id}') == 'on' }}";
};
action = [
{
service = "timer.start";
entity_id = "timer.${id}";
}
];
}
{
alias = "movement override ${id}";
hide_entity = true;
trigger = {
platform = "state";
entity_id = light_;
};
action = [
{
service = "input_boolean.turn_off";
data_template.entity_id = "input_boolean.${id}";
}
{
service = "system_log.write";
data_template = {
message = "XXXXXXXXXXXXXXXXXXXXXX {{ trigger }}";
};
}
];
}
{
alias = "movement expired ${id}";
hide_entity = true;
trigger = {
platform = "event";
event_type = "timer.finished";
event_data.entity_id = "timer.${id}";
};
action = [
{
service = "light.turn_off";
data_template = {
entity_id = light_;
};
}
{
service = "input_boolean.turn_off";
data_template.entity_id = "input_boolean.${id}";
}
];
}
];
};
lightswitch = switch: light: {
automation = [
{
alias = "lightswitch ${switch} turn on light ${light}";
hide_entity = "true";
trigger = {
platform = "mqtt";
topic = "zigbee/${switch}";
};
condition = {
condition = "or";
conditions = [
{
condition = "template";
value_template = "{{ trigger.payload_json.action == 'on-press' }}";
}
{
condition = "template";
value_template = "{{ trigger.payload_json.action == 'up-press' }}";
}
{
condition = "and";
conditions = [
{
condition = "template";
value_template = "{{ trigger.payload_json.action == 'down-press' }}";
}
{
condition = "template";
value_template = "{{ trigger.payload_json.brightness > 30 }}";
}
];
}
];
};
action = [
{
service = "light.turn_on";
data_template = {
entity_id = "light.${light}_light";
brightness = "{{ trigger.payload_json.brightness }}";
};
}
];
}
{
alias = "lightswitch ${switch} turn off light ${light}";
hide_entity = "true";
trigger = {
platform = "mqtt";
topic = "zigbee/${switch}";
};
condition = {
condition = "or";
conditions = [
{
condition = "template";
value_template = "{{ trigger.payload_json.action == 'off-press' }}";
}
{
condition = "template";
value_template = "{{ trigger.payload_json.brightness < 30 }}";
}
];
};
action = {
service = "light.turn_off";
data_template = {
entity_id = "light.${light}_light";
};
};
}
];
};
}

View file

@ -0,0 +1,8 @@
{ lib, ... }:
with import ../lib.nix { inherit lib; };
{
lass.hass.config = lib.mkMerge [
(lightswitch switches.dimmer.bett lights.bett)
];
}

View file

@ -0,0 +1,9 @@
{ lib, ... }:
with import ../lib.nix { inherit lib; };
{
lass.hass.config = lib.mkMerge [
(detect_movement sensors.movement.essen lights.essen 10)
(lightswitch switches.dimmer.essen lights.essen)
];
}

View file

@ -0,0 +1,10 @@
{ lib, ... }:
with import ../lib.nix { inherit lib; };
{
lass.hass.config = lib.mkMerge [
(detect_movement sensors.movement.nass lights.nass 100)
(lightswitch switches.dimmer.nass lights.nass)
];
}

View file

@ -0,0 +1,151 @@
{config, pkgs, lib, ...}: let
zigbee2mqtt_cfg = pkgs.writeText "zigbee2mqtt.json" (builtins.toJSON {
homeassistant = true;
permit_join = false;
mqtt = {
discovery = true;
base_topic = "zigbee";
server = "mqtt://10.42.0.1";
user = "gg23";
password = "gg23-mqtt";
};
serial.port = "/dev/cc2531";
});
in {
# symlink the zigbee controller
services.udev.extraRules = ''
SUBSYSTEM=="tty", ATTRS{idVendor}=="0451", ATTRS{idProduct}=="16a8", SYMLINK+="cc2531", MODE="0660", GROUP="dailout"
'';
system.activationScripts.installZigbee = ''
install -d /var/lib/zigbee2mqtt
install ${zigbee2mqtt_cfg} /var/lib/zigbee2mqtt/configuration.yaml
'';
# hack to restart docker container on config change
systemd.services.docker-zigbee2mqtt.environment.cfg = zigbee2mqtt_cfg;
docker-containers.zigbee2mqtt = {
image = "koenkk/zigbee2mqtt";
extraDockerOptions = [
"--device=/dev/cc2531:/dev/cc2531"
];
volumes = ["/var/lib/zigbee2mqtt:/app/data"];
};
lass.hass.config = {
sensor = [
# Sensor for monitoring the bridge state
{
platform = "mqtt";
name = "Zigbee2mqtt Bridge state";
state_topic = "/zigbee2mqtt/bridge/state";
icon = "mdi:router-wireless";
}
# Sensor for Showing the Zigbee2mqtt Version
{
platform = "mqtt";
name = "Zigbee2mqtt Version";
state_topic = "/zigbee2mqtt/bridge/config";
value_template = "{{ value_json.version }}";
icon = "mdi:zigbee";
}
# Sensor for Showing the Coordinator Version
{
platform = "mqtt";
name = "Coordinator Version";
state_topic = "/zigbee2mqtt/bridge/config";
value_template = "{{ value_json.coordinator }}";
icon = "mdi:chip";
}
];
switch = [
{
platform = "mqtt";
name = "zigbee2mqtt_join";
state_topic = "/zigbee2mqtt/bridge/config/permit_join";
command_topic = "/zigbee2mqtt/bridge/config/permit_join";
payload_on = "true";
payload_off = "false";
}
];
automation = [
#{
# alias = "Zigbee2mqtt Log Level";
# initial_state = "on";
# trigger = {
# platform = "state";
# entity_id = "input_select.zigbee2mqtt_log_level";
# };
# action = [
# {
# service = "mqtt.publish";
# data = {
# payload_template = "{{ states('input_select.zigbee2mqtt_log_level') }}";
# topic = "/zigbee2mqtt/bridge/config/log_level";
# };
# }
# ];
#}
# Automation to start timer when enable join is turned on
{
id = "zigbee_join_enabled";
alias = "";
hide_entity = "true";
trigger = {
platform = "state";
entity_id = "switch.zigbee2mqtt_join";
to = "on";
};
action = {
service = "timer.start";
entity_id = "timer.zigbee_permit_join";
};
}
# Automation to stop timer when switch turned off and turn off switch when timer finished
{
id = "zigbee_join_disabled";
hide_entity = "true";
trigger = [
{
platform = "event";
event_type = "timer.finished";
event_data.entity_id = "timer.zigbee_permit_join";
}
{
platform = "state";
entity_id = "switch.zigbee2mqtt_join";
to = "off";
}
];
action = [
{ service = "timer.cancel";
data.entity_id = "timer.zigbee_permit_join";
}
{ service = "switch.turn_off";
entity_id = "switch.zigbee2mqtt_join";
}
];
}
];
#input_select.zigbee2mqtt_log_level = {
# name = "Zigbee2mqtt Log Level";
# options = [
# "debug"
# "info"
# "warn"
# "error"
# ];
# initial = "info";
# icon = "mdi:format-list-bulleted";
#};
timer.zigbee_permit_join = {
name = "Zigbee Time remaining";
duration = 120;
};
};
}

View file

@ -0,0 +1,23 @@
with import <stockholm/lib>;
{ pkgs, ... }:
{
users.users.media = {
isNormalUser = true;
uid = genid_uint31 "media";
extraGroups = [ "video" "audio" ];
};
services.xserver.displayManager.lightdm.autoLogin = {
enable = true;
user = "media";
};
hardware.pulseaudio.configFile = pkgs.writeText "pulse.pa" ''
.include ${pkgs.pulseaudioFull}/etc/pulse/default.pa
load-module module-native-protocol-tcp auth-ip-acl=127.0.0.1;10.42.0.0/24 auth-anonymous=1
'';
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-p tcp --dport 4713"; target = "ACCEPT"; } # pulseaudio
];
}

View file

@ -2,18 +2,6 @@
{
networking.wireless.enable = lib.mkForce false;
systemd.services.modemmanager = {
description = "ModemManager";
after = [ "network-manager.service" ];
bindsTo = [ "network-manager.service" ];
wantedBy = [ "network-manager.service" ];
serviceConfig = {
ExecStart = "${pkgs.modemmanager}/bin/ModemManager";
PrivateTmp = true;
Restart = "always";
RestartSec = "5";
};
};
networking.networkmanager = {
ethernet.macAddress = "random";
wifi.macAddress = "random";
@ -26,7 +14,11 @@
users.users.mainUser = {
extraGroups = [ "networkmanager" ];
packages = with pkgs; [
gnome3.gnome_keyring gnome3.dconf
gnome3.gnome_keyring
gnome3.dconf
];
};
environment.systemPackages = [
pkgs.nm-dmenu
];
}

32
lass/2configs/ppp.nix Normal file
View file

@ -0,0 +1,32 @@
{ pkgs, ... }: {
# usage: pppd call default
environment.etc."ppp/peers/default".text = ''
/dev/ttyACM2
921600
crtscts
defaultroute
holdoff 10
lock
maxfail 0
noauth
nodetach
noipdefault
passive
persist
usepeerdns
connect "${pkgs.ppp}/bin/chat -f ${pkgs.writeText "default.chat" ''
ABORT "BUSY"
ABORT "NO CARRIER"
REPORT CONNECT
"" "ATDT*99#"
CONNECT
''}"
'';
environment.systemPackages = [
pkgs.ppp
];
}

View file

@ -12,7 +12,7 @@ let
music_dir = "/home/radio/music";
add_random = pkgs.writeDashBin "add_random" ''
${pkgs.mpc_cli}/bin/mpc add "$(${pkgs.findutils}/bin/find "${music_dir}/the_playlist" | grep '\.ogg$' | shuf -n1 | sed 's,${music_dir}/,,')"
${pkgs.mpc_cli}/bin/mpc add "$(${pkgs.findutils}/bin/find "${music_dir}/the_playlist" | grep -v '/other/' | grep '\.ogg$' | shuf -n1 | sed 's,${music_dir}/,,')"
'';
skip_track = pkgs.writeBashBin "skip_track" ''
@ -44,15 +44,41 @@ let
if [[ "$current_track" =~ ^the_playlist/music/.* ]]; then
${pkgs.attr}/bin/setfattr -n user.skip_count -v 0 "$music_dir"/"$current_track"
else
mv "$music_dir"/"$current_track" "$music_dir"/the_playlist/music/
mv "$music_dir"/"$current_track" "$music_dir"/the_playlist/music/ || :
fi
echo good: "$track_infos"
echo good: "$track_infos"
'';
track_youtube_link = pkgs.writeDash "track_youtube_link" ''
${pkgs.mpc_cli}/bin/mpc current -f %file% \
| ${pkgs.gnused}/bin/sed 's@.*\(.\{11\}\)\.ogg@https://www.youtube.com/watch?v=\1@'
'';
print_current = pkgs.writeDashBin "print_current" ''
echo "$(${pkgs.mpc_cli}/bin/mpc current -f %file%) \
$(${pkgs.mpc_cli}/bin/mpc current -f %file% \
| ${pkgs.gnused}/bin/sed 's@.*\(.\{11\}\)\.ogg@http://www.youtube.com/watch?v=\1@')"
$(${track_youtube_link})"
'';
print_current_json = pkgs.writeDashBin "print_current_json" ''
${pkgs.jq}/bin/jq -n -c \
--arg name "$(${pkgs.mpc_cli}/bin/mpc current)" \
--arg filename "$(${pkgs.mpc_cli}/bin/mpc current -f %file%)" \
--arg youtube "$(${track_youtube_link})" '{
name: $name,
filename: $filename,
youtube: $youtube
}'
'';
write_to_irc = pkgs.writeDash "write_to_irc" ''
${pkgs.curl}/bin/curl -fsSv --unix-socket /home/radio/reaktor.sock http://z/ \
-H content-type:application/json \
-d "$(${pkgs.jq}/bin/jq -n \
--arg text "$1" '{
command:"PRIVMSG",
params:["#the_playlist",$text]
}'
)"
'';
in {
@ -81,6 +107,7 @@ in {
good_track
skip_track
print_current
print_current_json
ncmpcpp
mpc_cli
];
@ -146,6 +173,7 @@ in {
tables = {
filter.INPUT.rules = [
{ predicate = "-p tcp --dport 8000"; target = "ACCEPT"; }
{ predicate = "-i retiolum -p tcp --dport 8001"; target = "ACCEPT"; }
];
};
};
@ -195,6 +223,7 @@ in {
done | while read track; do
echo "$(date -Is)" "$track" | tee -a "$HISTORY_FILE"
echo "$(tail -$LIMIT "$HISTORY_FILE")" > "$HISTORY_FILE"
${write_to_irc} "playing: $track"
done
'';
in {
@ -206,6 +235,7 @@ in {
serviceConfig = {
ExecStart = recentlyPlayed;
User = "radio";
};
};
@ -218,6 +248,7 @@ in {
useTLS = true;
nick = "the_playlist";
username = "radio";
API.listen = "unix:/home/radio/reaktor.sock";
plugins = [
{
plugin = "register";
@ -259,6 +290,42 @@ in {
];
};
krebs.htgen.radio = {
port = 8001;
user = {
name = "radio";
};
script = ''
case "$Method $Request_URI" in
"GET /current")
printf 'HTTP/1.1 200 OK\r\n'
printf 'Connection: close\r\n'
printf '\r\n'
${print_current_json}/bin/print_current_json
exit
;;
"POST /skip")
printf 'HTTP/1.1 200 OK\r\n'
printf 'Connection: close\r\n'
printf '\r\n'
msg=$(${skip_track}/bin/skip_track)
${write_to_irc} "$msg"
echo "$msg"
exit
;;
"POST /good")
printf 'HTTP/1.1 200 OK\r\n'
printf 'Connection: close\r\n'
printf '\r\n'
msg=$(${good_track}/bin/good_track)
${write_to_irc} "$msg"
echo "$msg"
exit
;;
esac
'';
};
services.nginx = {
enable = true;
virtualHosts."radio.lassul.us" = {

View file

@ -13,6 +13,8 @@ in {
];
security.acme = {
email = "acme@lassul.us";
acceptTerms = true;
certs."lassul.us" = {
allowKeysForGroup = true;
group = "lasscert";
@ -72,11 +74,6 @@ in {
security.acme.certs."cgit.lassul.us" = {
email = "lassulus@lassul.us";
webroot = "/var/lib/acme/acme-challenge";
plugins = [
"account_key.json"
"fullchain.pem"
"key.pem"
];
group = "nginx";
user = "nginx";
};

View file

@ -4,6 +4,7 @@ _:
./dnsmasq.nix
./ejabberd
./folderPerms.nix
./hass.nix
./hosts.nix
./mysql-backup.nix
./news.nix
@ -11,7 +12,6 @@ _:
./pyload.nix
./restic.nix
./screenlock.nix
./umts.nix
./usershadow.nix
./xjail.nix
./autowifi.nix

34
lass/3modules/hass.nix Normal file
View file

@ -0,0 +1,34 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
let
cfg = config.lass.hass;
in {
options.lass.hass = {
config = mkOption {
default = {};
type = with lib.types; let
valueType = nullOr (oneOf [
bool
int
float
str
(attrsOf valueType)
(listOf valueType)
]) // {
description = "Yaml value";
emptyValue.value = {};
};
in valueType;
};
};
config =
assert versionOlder version "20.09";
mkIf (cfg.config != {})
{
services.home-assistant.config = cfg.config;
};
}

View file

@ -1,112 +0,0 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
let
cfg = config.lass.umts;
out = {
options.lass.umts = api;
config = lib.mkIf cfg.enable imp;
};
api = {
enable = mkEnableOption "umts";
modem = mkOption {
type = types.str;
default = "/dev/ttyUSB0";
};
initstrings = mkOption {
type = types.str;
default = ''
Init1 = ATZ
Init2 = ATQ0 V1 E1 S0=0 &C1 &D2
'';
};
username = mkOption {
type = types.str;
default = "default";
};
password = mkOption {
type = types.str;
default = "default";
};
pppDefaults = mkOption {
type = types.str;
default = ''
noipdefault
usepeerdns
defaultroute
persist
noauth
'';
};
};
nixpkgs-1509 = import (pkgs.fetchFromGitHub {
owner = "NixOS"; repo = "nixpkgs-channels";
rev = "91371c2bb6e20fc0df7a812332d99c38b21a2bda";
sha256 = "1as1i0j9d2n3iap9b471y4x01561r2s3vmjc5281qinirlr4al73";
}) {};
wvdial = nixpkgs-1509.wvdial; # https://github.com/NixOS/nixpkgs/issues/16113
umts-bin = pkgs.writeScriptBin "umts" ''
#!/bin/sh
set -euf
systemctl start umts
trap "systemctl stop umts;trap - INT TERM EXIT;exit" INT TERM EXIT
echo nameserver 8.8.8.8 | tee -a /etc/resolv.conf
journalctl -xfu umts
'';
wvdial-defaults = ''
[Dialer Defaults]
Modem = ${cfg.modem}
${cfg.initstrings}
Modem Type = Analog Modem
Baud = 460800
phone= *99#
Username = ${cfg.username}
Password = ${cfg.password}
Stupid Mode = 1
Idle Seconds = 0
PPPD Path = ${pkgs.ppp}/bin/pppd
'';
imp = {
environment.shellAliases = {
umts = "sudo ${umts-bin}/bin/umts";
};
environment.systemPackages = [
pkgs.ppp
];
security.sudo.extraConfig = ''
lass ALL= (root) NOPASSWD: ${umts-bin}/bin/umts
'';
environment.etc = [
{
source = pkgs.writeText "wvdial.conf" wvdial-defaults;
target = "wvdial.conf";
}
{
source = pkgs.writeText "wvdial" cfg.pppDefaults;
target = "ppp/peers/wvdial";
}
];
systemd.services.umts = {
description = "UMTS wvdial Service";
serviceConfig = {
Type = "simple";
Restart = "always";
RestartSec = "10s";
ExecStart = "${wvdial}/bin/wvdial -n";
};
};
};
in out

View file

@ -6,11 +6,11 @@ with import <stockholm/lib>;
type = types.attrsOf (types.submodule ({ config, ...}: {
options = {
name = mkOption {
type = types.string;
type = types.str;
default = config._module.args.name;
};
user = mkOption {
type = types.string;
type = types.str;
default = config.name;
};
groups = mkOption {
@ -18,11 +18,11 @@ with import <stockholm/lib>;
default = [];
};
from = mkOption {
type = types.string;
type = types.str;
default = "lass";
};
display = mkOption {
type = types.string;
type = types.str;
default = toString (genid_uint31 config._module.args.name);
};
dpi = mkOption {
@ -47,7 +47,7 @@ with import <stockholm/lib>;
};
wm = mkOption {
#TODO find type
type = types.string;
type = types.str;
default = "${pkgs.writeHaskellPackage "xephyrify-xmonad" {
executables.xmonad = {
extra-depends = [

View file

@ -1,16 +1,10 @@
{ config, pkgs, ... }:
pkgs.writeHaskellPackage "xmonad-lass" {
executables.xmonad = {
extra-depends = [
"containers"
"extra"
"unix"
"X11"
"xmonad"
"xmonad-contrib"
"xmonad-stockholm"
];
text = /* haskell */ ''
pkgs.writers.writeHaskellBin "xmonad" {
libraries = with pkgs.haskellPackages; [
extra
xmonad-stockholm
];
} /* haskell */ ''
{-# LANGUAGE LambdaCase #-}
@ -62,7 +56,7 @@ instance UrgencyHook LibNotifyUrgencyHook where
safeSpawn "${pkgs.libnotify}/bin/notify-send" [show name, "workspace " ++ idx]
myTerm :: FilePath
myTerm = "${pkgs.rxvt_unicode_with-plugins}/bin/urxvtc"
myTerm = "${pkgs.rxvt_unicode-with-plugins}/bin/urxvtc"
myFont :: String
myFont = "-*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1"
@ -150,10 +144,7 @@ myKeyMap =
, ("M4-<F2>", windows copyToAll)
, ("M4-<F4>", spawn "${pkgs.writeDash "nm-dmenu" ''
export PATH=$PATH:${pkgs.dmenu}/bin:${pkgs.networkmanagerapplet}/bin
exec ${pkgs.networkmanager_dmenu}/bin/networkmanager_dmenu "$@"
''}")
, ("M4-<F4>", spawn "${pkgs.nm-dmenu}/bin/nm-dmenu")
, ("M4-<Insert>", spawn "${pkgs.writeDash "paste" ''
${pkgs.coreutils}/bin/sleep 0.1
${pkgs.xclip}/bin/xclip -o | ${pkgs.xdotool}/bin/xdotool type -f -
@ -223,6 +214,4 @@ gridConfig = def
allWorkspaceNames :: W.StackSet i l a sid sd -> X [i]
allWorkspaceNames ws =
return $ map W.tag (W.hidden ws ++ (map W.workspace $ W.visible ws)) ++ [W.tag $ W.workspace $ W.current ws]
'';
};
}
''

View file

@ -18,6 +18,9 @@
ζ | zeta
(°° | table flip
() | why woot
(___) | gloom I see you
| sad
(\/) (°,,,,°) (\/) | krebs
'';
in

View file

@ -0,0 +1,6 @@
{ pkgs, ... }:
pkgs.writeDashBin "nm-dmenu" ''
export PATH=$PATH:${pkgs.dmenu}/bin:${pkgs.networkmanagerapplet}/bin
exec ${pkgs.networkmanager_dmenu}/bin/networkmanager_dmenu "$@"
''

View file

@ -0,0 +1,39 @@
{ pkgs }: let
review = pkgs.writers.writeBash "review-mail" ''
mail="$1"
${pkgs.exim}/bin/exim -Mvc "$mail" | grep -E 'Subject:|To:'
${pkgs.exim}/bin/exim -Mvl "$mail"
while :; do
read -p 'delete?' key
case "$key" in
v*)
${pkgs.exim}/bin/exim -Mvc "$mail"
;;
d*)
${pkgs.exim}/bin/exim -Mrm "$mail"
break
;;
r*)
${pkgs.exim}/bin/exim -Mt "$mail"
break
;;
n*)
break
;;
esac
done
echo '-------------------'
echo '-------------------'
echo '-------------------'
echo '-------------------'
echo '-------------------'
'';
in pkgs.writers.writeBashBin "review-mail" ''
for mail in $(${pkgs.exim}/bin/exim -bp \
| ${pkgs.gnugrep}/bin/grep frozen \
| ${pkgs.gawk}/bin/awk '{print $3}'); do
${review} "$mail"
done
''

View file

@ -49,6 +49,8 @@ let
indent = replaceChars ["\n"] ["\n "];
stripAttr = converge (filterAttrsRecursive (n: v: v != {} && v != null));
mapNixDir = f: x: {
list = foldl' mergeAttrs {} (map (mapNixDir1 f) x);
path = mapNixDir1 f x;

View file

@ -7,7 +7,7 @@ let
mkOptionType optional optionalAttrs optionals range splitString
stringLength substring test testString typeOf;
inherit (lib.types)
attrsOf bool either enum int listOf nullOr path str string submodule;
attrsOf bool either enum int listOf nullOr path str submodule;
in
rec {
@ -65,7 +65,7 @@ rec {
extraZones = mkOption {
default = {};
# TODO: string is either MX, NS, A or AAAA
type = attrsOf string;
type = attrsOf str;
};
secure = mkOption {
@ -182,7 +182,7 @@ rec {
extraConfig = mkOption {
description = "Extra Configuration to be appended to the hosts file";
default = "";
type = string;
type = str;
};
port = mkOption {
type = int;

View file

@ -108,7 +108,6 @@ in {
## network
<stockholm/makefu/2configs/vpn/openvpn-server.nix>
# <stockholm/makefu/2configs/vpn/vpnws/server.nix>
<stockholm/makefu/2configs/dnscrypt/server.nix>
<stockholm/makefu/2configs/binary-cache/server.nix>
<stockholm/makefu/2configs/backup/server.nix>
<stockholm/makefu/2configs/iodined.nix>
@ -137,9 +136,11 @@ in {
<stockholm/makefu/2configs/deployment/owncloud.nix>
<stockholm/makefu/2configs/deployment/board.euer.krebsco.de.nix>
<stockholm/makefu/2configs/deployment/rss.euer.krebsco.de.nix>
<stockholm/makefu/2configs/deployment/feed.euer.krebsco.de>
<stockholm/makefu/2configs/deployment/boot-euer.nix>
<stockholm/makefu/2configs/deployment/gecloudpad>
<stockholm/makefu/2configs/deployment/docker/archiveteam-warrior.nix>
<stockholm/makefu/2configs/deployment/docker/etherpad.euer.krebsco.de.nix>
<stockholm/makefu/2configs/shiori.nix>
<stockholm/makefu/2configs/bgt/download.binaergewitter.de.nix>

View file

@ -26,6 +26,10 @@ in {
# <stockholm/makefu/2configs/disable_v6.nix>
#<stockholm/makefu/2configs/graphite-standalone.nix>
#<stockholm/makefu/2configs/share-user-sftp.nix>
<stockholm/makefu/2configs/urlwatch>
<stockholm/makefu/2configs/legacy_only.nix>
<stockholm/makefu/2configs/share/omo.nix>
<stockholm/makefu/2configs/dcpp/airdcpp.nix>
{ krebs.airdcpp.dcpp.shares = let
@ -125,16 +129,16 @@ in {
zramSwap.enable = true;
krebs.Reaktor.reaktor-shack = {
nickname = "Reaktor|shack";
workdir = "/var/lib/Reaktor/shack";
channels = [ "#shackspace" ];
plugins = with pkgs.ReaktorPlugins;
[ shack-correct
# stockholm-issue
sed-plugin
random-emoji ];
};
#krebs.Reaktor.reaktor-shack = {
# nickname = "Reaktor|shack";
# workdir = "/var/lib/Reaktor/shack";
# channels = [ "#shackspace" ];
# plugins = with pkgs.ReaktorPlugins;
# [ shack-correct
# # stockholm-issue
# sed-plugin
# random-emoji ];
#};
#krebs.Reaktor.reaktor-bgt = {
# nickname = "Reaktor|bgt";
# workdir = "/var/lib/Reaktor/bgt";

View file

@ -19,7 +19,9 @@
<stockholm/makefu/2configs/tools/all.nix>
{ programs.adb.enable = true; }
{ systemd.services.docker.wantedBy = lib.mkForce []; }
<stockholm/makefu/2configs/dict.nix>
<stockholm/makefu/2configs/legacy_only.nix>
#<stockholm/makefu/3modules/netboot_server.nix>
#{
# netboot_server = {
@ -162,7 +164,11 @@
krebs.tinc.retiolum.connectTo = [ "omo" "prism" "nextgum" "wbob" ];
# hard dependency because otherwise the device will not be unlocked
boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }];
boot.initrd.luks.devices.luksroot =
{
device = "/dev/sda2";
allowDiscards = true;
};
# avoid full boot dir
boot.loader.grub.configurationLimit = 3;

View file

@ -41,6 +41,7 @@ in {
};
autoExtraComponents = true;
config = {
config = {};
discovery = {};
homeassistant = {
name = "Bureautomation";

View file

@ -30,7 +30,7 @@ with import <stockholm/lib>;
};
nix.trustedUsers = [ config.krebs.build.user.name ];
boot.kernelPackages = lib.mkDefault pkgs.linuxPackages_latest;
boot.kernelPackages = lib.mkDefault pkgs.linuxPackages;
nixpkgs.config.allowUnfreePredicate = pkg: packageName pkg == "unrar";
@ -85,4 +85,8 @@ with import <stockholm/lib>;
RuntimeMaxUse=128M
'';
environment.pathsToLink = [ "/share" ];
security.acme = {
email = "letsencrypt@syntax-fehler.de";
acceptTerms = true;
};
}

View file

@ -0,0 +1,39 @@
{ lib, ... }:
let
port = 19201;
in {
#services.nginx.virtualHosts."euer.krebsco.de".serverAliases = [ "etherpad.euer.krebsco.de" ];
services.nginx.virtualHosts."etherpad.euer.krebsco.de" = {
# useACMEHost = "euer.krebsco.de";
enableACME = true;
forceSSL = true;
locations."/".proxyPass = "http://localhost:${toString port}";
};
docker-containers."etherpad-lite" = {
image = "makefoo/bgt-etherpad:2020-05-02.5";
ports = [ "127.0.0.1:${toString port}:9001" ];
volumes = [
"/var/src/secrets/etherpad/apikey:/opt/etherpad-lite/APIKEY.txt"
"etherpad_data:/opt/etherpad-lite/var" # persistent dirtydb
];
# for postgres
#DB_TYPE=postgres
#DB_HOST=db.local
#DB_PORT=4321
#DB_NAME=etherpad
#DB_USER=dbusername
#DB_PASS=mypassword
environment = {
# ADMIN_PASSWORD = "auf jeden fall nicht das echte admin passwort";
SUPPRESS_ERRORS_IN_PAD_TEXT = "true";
TITLE = "Binärgewitter Etherpad";
SKIN_NAME = "no-skin";
DEFAULT_PAD_TEXT = builtins.replaceStrings ["\n"] ["\\n"] (builtins.readFile ./template.md);
PAD_OPTIONS_USE_MONOSPACE_FONT = "true";
PAD_OPTIONS_USER_NAME = "true";
PAD_OPTIONS_USER_COLOR = "true";
PAD_OPTIONS_CHAT_AND_USERS = "true";
PAD_OPTIONS_LANG = "en-US";
};
};
}

View file

@ -0,0 +1,33 @@
# BGT<NUMBER>
1. studio-link aufnehmen drücken (wichtig)
- markus 6407eb63@studio-link.de
- Felix1 1f1021b2@studio-link.de
- L33tFelix 4d47a82a@studio-link.de
- Ingo 03b33b4a@studio-link.de
2. audiocity starten, 48000Hz einstellen, Audio-Device checken und aufnehmen drücken (wichtig)
3. obs starten und aufnehmen drücken (eher unwichtig)
4. darkice starten (wichtig)
4. klatschen
5. Hallo und herzlich Willkommen
## Vorschläge
### Backlog von Picks und Lesefoo aus der letzten Woche
---
## Blast from the Past
## Toter der Woche
## Untoter der Woche
## News
## Themen
## Mimimi der Woche
## Lesefoo
## Picks

View file

@ -0,0 +1,52 @@
{ config, lib, pkgs, ... }:
let
filter-file = ./filter.yml;
pkg = with pkgs.python3Packages;buildPythonPackage rec {
version = "d16ce227dc68c9f60f6dd06e6835bab7cdfdf61b";
pname = "ebk-notify";
propagatedBuildInputs = [
docopt
pyyaml
requests
beautifulsoup4
dateutil
feedgen
];
src = pkgs.fetchgit {
url = "http://cgit.euer.krebsco.de/ebk-notify";
rev = version;
sha256 = "15dlhp17alm01fw7mzdyh2z9zwz8psrs489lxs3hgg1p5wa0kzsp";
};
};
domain = "feed.euer.krebsco.de";
path = "/var/www/feed.euer.krebsco.de";
in
{
systemd.tmpfiles.rules = [
"d ${path} nginx nogroup - -"
];
krebs.secret.files.ebknotify = {
path = "/etc/ebk-notify.yml";
owner.name = "nginx";
source-path = "${<secrets/ebk-notify.yml>}";
};
systemd.services.ebk-notify = {
startAt = "*:0/10";
serviceConfig = {
User = "nginx"; # TODO better permission setting
# PrivateTmp = true;
ExecStart = "${pkg}/bin/ebk-notify --atom --outdir ${path} --config /etc/ebk-notify.yml --cache /tmp/ebk-cache.json --filter ${filter-file} --wait 30";
};
};
systemd.timers.ebk-notify.timerConfig.RandomizedDelaySec = "120";
services.nginx = {
virtualHosts."${domain}" = {
forceSSL = true;
enableACME = true;
locations."/" = {
root = path;
index = "root.atom";
};
};
};
}

View file

@ -0,0 +1,44 @@
- name: Free Stuff by Category
zipcode: 70378
distance: 2
categoryId: 192
- name: Kies
zipcode: 70378
q: grobkies
distance: 2
- name: pflanzkübel
zipcode: 70378
q: Pflanzkübel
distance: 3
- name: Ikea Samla
zipcode: 70378
q: samla
distance: 5
- name: Duplo
zipcode: 70378
q: Duplo
distance: 10
- name: Baby Gummistiefel
zipcode: 70378
q: Gummistiefel
distance: 5
- name: Werkbank
zipcode: 70378
q: Werkbank
distance: 5
- name: Stirnthermometer
zipcode: 70378
q: Stirnthermometer
distance: 5
- name: Ohrthermometer
zipcode: 70378
q: Ohrthermometer
distance: 5
- name: Fieberthermometer
zipcode: 70378
q: Fieberthermometer
distance: 5
- name: Einhell
zipcode: 70378
q: Einhell
distance: 5

View file

@ -4,12 +4,14 @@ let
wsgi-sock = "${workdir}/uwsgi-gecloudpad.sock";
workdir = config.services.uwsgi.runDir;
gecloudpad = pkgs.python3Packages.callPackage ./gecloudpad.nix {};
gecloudpad_settings = pkgs.writeText "gecloudpad_settings" ''
BASEURL = "https://etherpad.euer.krebsco.de"
'';
in {
services.uwsgi = {
enable = true;
user = "nginx";
# runDir = "/var/lib/photostore";
plugins = [ "python3" ];
instance = {
type = "emperor";
@ -18,6 +20,7 @@ in {
type = "normal";
pythonPackages = self: with self; [ gecloudpad ];
socket = wsgi-sock;
env = ["GECLOUDPAD_SETTINGS=${gecloudpad_settings}"];
};
};
};

View file

@ -15,6 +15,7 @@ with lib;
let
# TODO: copy-paste from lass/2/websites/util.nix
nextcloud = pkgs.nextcloud18;
serveCloud = domains:
let
domain = head domains;
@ -23,9 +24,9 @@ let
in {
system.activationScripts."prepare-nextcloud-${domain}" = ''
if test ! -e ${root} ;then
echo "copying latest ${pkgs.nextcloud.name} release to ${root}"
echo "copying latest ${nextcloud.name} release to ${root}"
mkdir -p $(dirname "${root}")
cp -r ${pkgs.nextcloud} "${root}"
cp -r ${nextcloud} "${root}"
chown -R nginx:nginx "${root}"
chmod 770 "${root}"
fi

View file

@ -22,7 +22,8 @@ in {
vimrcConfig.vam.knownPlugins = pkgs.vimPlugins // customPlugins;
vimrcConfig.vam.pluginDictionaries = [
{ names = [ "undotree"
"YouCompleteMe" "UltiSnips"
"YouCompleteMe"
#"UltiSnips"
"vim-better-whitespace" ]; }
# vim-nix handles indentation better but does not perform sanity
{ names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; }

View file

@ -18,6 +18,7 @@ let
yacos-backend = {
cgit.desc = "Yet Another Check-Out System";
};
ebk-notify.cgit.desc = "Ebay Kleinanzeigen Notify";
};
krebs-repos = mapAttrs make-krebs-repo {

View file

@ -29,24 +29,21 @@ in
awesome.enable = true;
awesome.noArgb = true;
awesome.luaModules = [ pkgs.luaPackages.vicious ];
default = "awesome";
};
displayManager.auto.enable = true;
displayManager.auto.user = mainUser;
displayManager.defaultSession = lib.mkDefault "none+awesome";
displayManager.lightdm = { enable = true; autoLogin.enable = true; autoLogin.user = mainUser; };
desktopManager.xterm.enable = false;
};
environment.systemPackages = [ pkgs.gnome3.defaultIconTheme ];
# lid switch is handled via button presses
services.logind.lidSwitch = lib.mkDefault "ignore";
makefu.awesome.enable = true;
i18n.consoleFont = "Lat2-Terminus16";
console.font = "Lat2-Terminus16";
fonts = {
enableCoreFonts = true;
enableFontDir = true;
enableGhostscriptFonts = true;
fonts = [ pkgs.terminus_font ];
fonts = [ pkgs.terminus_font pkgs.corefonts ];
};
users.users.${mainUser} = {

View file

@ -10,7 +10,7 @@ in {
serviceConfig = {
SyslogIdentifier = "urxvtd";
ExecReload = "${pkgs.coreutils}/bin/echo NOP";
ExecStart = "${pkgs.rxvt_unicode_with-plugins}/bin/urxvtd";
ExecStart = "${pkgs.rxvt_unicode-with-plugins}/bin/urxvtd";
Restart = "always";
RestartSec = "2s";
StartLimitBurst = 0;

View file

@ -12,16 +12,15 @@
windowManager = lib.mkForce {
awesome.enable = false;
default = "none";
};
desktopManager.xfce = {
extraSessionCommands = ''
enable = true;
};
displayManager.defaultSession = "xfce";
displayManager.sessionCommands = ''
${pkgs.xlibs.xset}/bin/xset -display :0 s off -dpms
${pkgs.xlibs.xrandr}/bin/xrandr --output HDMI2 --right-of HDMI1
'';
enable = true;
};
# xrandrHeads = [ "HDMI1" "HDMI2" ];
# prevent screen from turning off, disable dpms
};

View file

@ -9,11 +9,11 @@
buildPythonPackage rec {
pname = "adb_shell";
version = "0.0.8";
version = "0.1.1";
src = fetchPypi {
inherit pname version;
sha256 = "01f9jinhfyjldg9793gz2i7gcd9xyx0a62r7a5ijssklcnn2rwnm";
sha256 = "0a4mjrnw2lrhsakb1vjb5l6m3cr1ii7fibs7020nwv08cyx6pq6q";
};
propagatedBuildInputs = [

View file

@ -6,11 +6,11 @@
buildPythonPackage rec {
pname = "androidtv";
version = "0.0.34";
version = "0.0.39";
src = fetchPypi {
inherit pname version;
sha256 = "13078i2a9hglpv4ldycph5n5485np21vs6z2qn830hybmx8kfxsw";
sha256 = "06lrjj74g2f3pkhsn3c8h13mkykgqqf4g9q6x5yv23z6ghjnk2dz";
};
propagatedBuildInputs = [

View file

@ -5,11 +5,11 @@
buildPythonPackage rec {
pname = "pure-python-adb";
version = "0.2.3.dev0";
version = "0.2.2.dev0";
src = fetchPypi {
inherit pname version;
sha256 = "88e5a4578435197799aa368fb1a5d87fe43e02a888cb7e85c2ad66173b383c89";
sha256 = "1xigv6c8xyb4g852nr3smz0137rnp81jvlikza071y7rc6pdzwza";
};
meta = with lib; {
@ -18,4 +18,4 @@ buildPythonPackage rec {
license = licenses.mit;
# maintainers = [ maintainers. ];
};
}
}

View file

@ -14,6 +14,7 @@ let
#flurlicht = import ./multi/flurlicht.nix;
kurzzeitwecker = import ./multi/kurzzeitwecker.nix;
firetv_restart = import ./multi/firetv_restart.nix;
the_playlist = import ./multi/the_playlist.nix;
# switch
# automation
# binary_sensor
@ -34,6 +35,7 @@ in {
];
};
config = {
config = {};
input_select = zigbee.input_select; # dict
timer = zigbee.timer // kurzzeitwecker.timer; # dict
homeassistant = {
@ -49,6 +51,8 @@ in {
logger = {
default = "info";
};
rest_command = {}
// the_playlist.rest_command;
tts = [
{ platform = "google_translate";
language = "de";
@ -131,6 +135,7 @@ in {
# https://www.home-assistant.io/cookbook/automation_for_rainy_days/
]
++ ((import ./sensor/outside.nix) {inherit lib;})
++ the_playlist.sensor
++ zigbee.sensor ;
frontend = { };
# light = flurlicht.light;
@ -140,6 +145,7 @@ in {
++ (import ./automation/firetv_restart.nix)
++ kurzzeitwecker.automation
#++ flurlicht.automation
++ the_playlist.automation
++ zigbee.automation;
script =
{ }

View file

@ -0,0 +1,83 @@
# Inputs:
# binary_sensor.playlist_button_good
# binary_sensor.playlist_button_bad
# outputs
# rest_command
# automation
# sensor
{
rest_command = {
good_song = {
url = "http://prism.r:8001/good";
method = "POST";
};
bad_song = {
url = "http://prism.r:8001/skip";
method = "POST";
};
};
automation = [
{
alias = "playlist song publish";
trigger = {
#platform = "event";
#event_data.entity_id = "sensor.the_playlist_song";
platform = "state";
entity_id = "sensor.the_playlist_song";
};
action = {
service = "mqtt.publish";
data = {
topic = "/ham/the_playlist/song";
payload_template = "{{ states.sensor.the_playlist_song.state }}";
};
};
}
{
alias = "playlist upvote on button";
trigger = {
platform = "state";
entity_id = "binary_sensor.playlist_button_good";
from = "off";
to = "on";
};
action.service = "rest_command.good_song";
}
{
alias = "playlist downvote on button";
trigger = {
platform = "state";
entity_id = "binary_sensor.playlist_button_bad";
from = "off";
to = "on";
};
action.service = "rest_command.bad_song";
}
];
sensor = [
{ platform = "rest";
name = "pl";
resource = "http://prism.r:8001/current";
scan_interval = 30;
value_template = "1";
json_attributes = [ "name" "filename" "youtube" ];
}
{ platform = "template";
sensors = {
the_playlist_song = {
friendly_name = "Current Song";
value_template = ''{{ states.sensor.pl.attributes['name'] }}'';
};
the_playlist_url = {
friendly_name = "Song Youtube URL";
value_template = ''{{ states.sensor.pl.attributes['youtube'] }}'';
};
the_playlist_filename = {
friendly_name = "Song Filename";
value_template = ''{{ states.sensor.pl.attributes['filename'] }}'';
};
};
}
];
}

View file

@ -17,4 +17,5 @@
volumes = ["/var/lib/zigbee2mqtt:/app/data"];
};
state = [ "/var/lib/zigbee2mqtt/configuration.yaml" "/var/lib/zigbee2mqtt/state.json" ];
systemd.services.docker-zigbee2mqtt.after = [ "home-assistant.service" "docker.service" "network-online.target" ];
}

View file

@ -1,15 +1,6 @@
{pkgs, ... }: {
imports = [ ./zsh.nix ];
home-manager.users.makefu = {
services.gpg-agent = {
enable = true;
defaultCacheTtl = 900;
maxCacheTtl = 7200;
defaultCacheTtlSsh = 3600;
maxCacheTtlSsh = 86400;
enableSshSupport = true;
enableScDaemon = true;
};
programs.direnv = {
stdlib = ''
use_nix() {

View file

@ -7,7 +7,6 @@
programs.browserpass = { browsers = [ "firefox" ] ; enable = true; };
programs.firefox = {
enable = true;
enableIcedTea = true;
};
programs.obs-studio.enable = true;
xdg.enable = true;

View file

@ -1,5 +1,12 @@
{ pkgs, ... }:
{
programs = {
ssh.startAgent = false;
gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
};
imports = [
{ #direnv
home-manager.users.makefu.home.packages = [ pkgs.direnv pkgs.nur.repos.kalbasit.nixify ];
@ -8,7 +15,8 @@
{ # bat
home-manager.users.makefu.home.packages = [ pkgs.bat ];
home-manager.users.makefu.programs.zsh.shellAliases = {
cat = "bat";
cat = "bat --style=header,snip";
mirage = "sxiv"; # only available when tools/extra-gui is in use
catn = "${pkgs.coreutils}/bin/cat";
ncat = "${pkgs.coreutils}/bin/cat";
};
@ -53,8 +61,6 @@
setopt HIST_IGNORE_SPACE
setopt HIST_FIND_NO_DUPS
unset SSH_AGENT_PID
export SSH_AUTH_SOCK="/run/user/$UID/gnupg/S.gpg-agent.ssh"
compdef _pass brain
zstyle ':completion::complete:brain::' prefix "$HOME/brain"
compdef _pass secrets

View file

@ -33,11 +33,7 @@
hardware.bluetooth = {
enable = true;
powerOnBoot = false;
extraConfig = ''
[general]
Enable=Source,Sink,Media,Socket
'';
config.general.Enable = "Source,Sink,Media,Socket";
};
services.dbus.packages = [ pkgs.blueman ];
}

View file

@ -0,0 +1,8 @@
{ networking.enableIPv6 = false;
boot.kernel.sysctl = {
"net.ipv6.conf.all.disable_ipv6" = 1;
"net.ipv6.conf.default.disable_ipv6" = 1;
"net.ipv6.conf.lo.disable_ipv6" = 1;
};
boot.kernelParams = [ "ipv6.disable=1" ];
}

View file

@ -69,9 +69,9 @@
# the only locale you will ever need
i18n = {
consoleKeyMap = "us";
defaultLocale = "en_US.UTF-8";
};
console.keyMap = "us";
# suppress chrome autit event messages
security.audit.rules = [ "-a task,never" ];

View file

@ -1,8 +1,8 @@
{ pkgs, ... }:{
nixpkgs.config.packageOverrides = pkgs: {
nur = import (builtins.fetchTarball {
url = "https://github.com/nix-community/NUR/archive/7bfd0117b359d0f72d086ff7e1f0ba3aeaf8d91e.tar.gz";
sha256 = "0gb2np1r2m9kkz1s374gxdqrwhkzx48iircy00y6mjr7h14rhyxk";
url = "https://github.com/nix-community/NUR/archive/b7f7e072b3fa56aa0d86dfe3689cb13f0615bbbe.tar.gz";
sha256 = "0slxxg3r460aa1rc83j0rklmr0i1hyzfbjy0kn30fyh1l3lqb22m";
}
){
inherit pkgs;

Some files were not shown because too many files have changed in this diff Show more