Merge remote-tracking branch 'lass/master'

This commit is contained in:
makefu 2022-05-27 00:35:31 +02:00
commit 0b84135ffd
No known key found for this signature in database
GPG key ID: 36F7711F3FC0F225
21 changed files with 585 additions and 223 deletions

View file

@ -0,0 +1,11 @@
{ config, pkgs, ... }:
{
imports = [
./hw.nix
<stockholm/krebs>
<stockholm/krebs/2configs>
<stockholm/krebs/2configs/matterbridge.nix>
];
krebs.build.host = config.krebs.hosts.ponte;
}

View file

@ -0,0 +1,14 @@
{ modulesPath, ... }:
{
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
boot.loader.efi.efiSysMountPoint = "/boot/EFI";
boot.loader.grub = {
efiSupport = true;
efiInstallAsRemovable = true;
device = "nodev";
copyKernels = false;
};
boot.initrd.kernelModules = [ "nvme" ];
fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; };
fileSystems."/boot/EFI" = { device = "/dev/disk/by-uuid/628A-7F3B"; fsType = "vfat"; };
}

View file

@ -0,0 +1,49 @@
{ pkgs, lib, ... }: {
services.matterbridge = {
enable = true;
configPath = let
bridgeBotToken = lib.strings.fileContents <secrets/telegram.token>;
in
toString ((pkgs.formats.toml {}).generate "config.toml" {
general = {
RemoteNickFormat = "[{NICK}] ";
Charset = "utf-8";
};
telegram.krebs.Token = bridgeBotToken;
irc = let
Nick = "ponte";
in {
hackint = {
Server = "irc.hackint.org:6697";
UseTLS = true;
inherit Nick;
};
};
mumble.lassulus = {
Server = "lassul.us:64738";
Nick = "krebs_bridge";
SkipTLSVerify = true;
};
gateway = [
{
name = "krebs-bridge";
enable = true;
inout = [
{
account = "irc.hackint";
channel = "#krebs";
}
{
account = "telegram.krebs";
channel = "-330372458";
}
{
account = "mumble.lassulus";
channel = 6; # "nixos"
}
];
}
];
});
};
}

View file

@ -306,7 +306,7 @@ in {
nets = {
retiolum = {
ip4.addr = "10.243.42.63";
ip6.addr = "42:4a6f::4263";
ip6.addr = "42:0:4a6f::4263";
aliases = [
"crustacea.r"
];

30
krebs/3modules/external/gpg/kmein.gpg vendored Normal file
View file

@ -0,0 +1,30 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQENBF0GDc0BCACZi+PQgX6Lefq/36X68W+XEyA2fWbMPJE1vAHETlzcMluOIL++
6KRYqGr0ieFcaXNn4joNDN7cFMN0YHF2Rr7k6SWjOtcHS1RnZ8g/N+uxEvTBug60
tRbhcO80rnHHb25jloV//wAAWD2ukTtwXWAMVBXwEXMc1JBOlFXcIDlNPdBMJG7A
/5+AKMXg8HYUSbsad1SyagZbo9KuC/s4BVReBr4vK/zTo1gIwy95dQrBnC31O7Wa
/s9CpNG//QJAbAxMN15P7Yo9xxG/AALjPSnKamp3yJsSiSyxhXImXEZtxU7ahq3t
/DzuI2BbIv3Nj/39IZLgETrplzKUnWV18TzdABEBAAG0HUtpZXLDoW4gTWVpbmhh
cmR0IDxrZm1Ad2lsZGU+iQFOBBMBCAA4FiEEnt6CzHKjQ6lSZtD0RIVwdKOsyLcF
Al0GDc0CGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQRIVwdKOsyLfHDQf/
YLaprugBmzaCvAGADzdgSrQJyFY2BnncVH1b/0HQ1p1smrcvKqbCXxlUmrWM896B
7xHpcDPz/mMfNPTvSrcUHgqVkiiSsSzno1RCmeHKMiUaR/M6Ik59aa/EzxJf/QDT
3QYy3mFIj44M0ZWjRZJ/3RhVT6QxaUh7fRNzduVE0LH6suybPcTcnIUGSURKwG9F
cTXtMJA3+7UGj/emHk8yaFOWMJDY6h7rnXxiD5xcxapjrygFFNfAuaA2NcY3HEeG
yOVYGwPQhwFWjbUhC1RIYu2fz7fkD11zQ22gt0aEn5fqiIVssBEvHJqNp577QxO4
6q4ag1Js/gbus6PfQzlvqrkBDQRdBg3NAQgA1ewP1suBTB5UxyqEl7fpisD6hZ62
9TDQUSn2yfxa8W1wtTH5i1Mw0p5e/+vPFqfu2TMSPoqASq9sDjeWSsiCdtaHbLu0
y1W5hhQwGcxqauFJBSj/VpDnKd38inOvbW5PwDqZBqnbRZOpsdvsQ2dlaS0/5AJa
RqJXNRc7Owg3ssqeBuhvZKeiPNADn3k9ZbAYNfDkYPJDbHTNPd8eu44vlBlMC7kX
IkucV8zV31x9lCZx0cjI+OQbd/4GOSxBKqjBX5SBUQAlzHUT2CLoeKkivxbnHH40
gV1PP/3QVVMJjkAot0v/n95KRj78iYOU2PrP5DiPogtLO4v14/lE3eaENwARAQAB
iQE2BBgBCAAgFiEEnt6CzHKjQ6lSZtD0RIVwdKOsyLcFAl0GDc0CGwwACgkQRIVw
dKOsyLfjegf/bX4MkzqsIOOAcmVla7M29Uk0HX5j4dK5t4Z7kx8OnhbYUMr8vr1w
+2D5HiaV2kib5yhI17z9lL6vKyIWwTdf93zS+ivV+IUpxbx/KAdr83dd7B3RCdU7
GFMzj7f3ieGQYOXw7pROZQR1zF90H6AtW/8qvOs73hSdcnQOtnmntvY/S5ifnzxi
jpsOgjM7VD+BWsmhmYw7E4FiZOaLfoRsylyj5I+Sim2j9Xnu6lYvcgBXvwIqfunO
O/gY21iomMwQm4mlXsFVRfSzRE4zlNASql1zcS1mbO6yeKJDKJgzqvWkcjd3OOuF
e67yzkzlwiVDJIjhV6B0tRCDIqiOaiS3vw==
=pwUK
-----END PGP PUBLIC KEY BLOCK-----

View file

@ -31,6 +31,28 @@ in
};
};
hosts = mapAttrs hostDefaults {
ful = {
nets.retiolum = {
aliases = [ "ful.r" ];
ip4.addr = "10.243.2.107";
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAwoaPWvnl+g9KYh8coXj/RAaxGHEtbuTG2NpWxbeJG0CemxBoYz2c
EE/2JbGRrSaNj3nrFWBTqmTuEB7nHyurFe06G0t+Or5eCBPg2zS5LiQE/LTZV08t
5jUm0jfOQHWbtCMrFGisH9R9Z3XId5cJGN1KsYg4R9RkKIKVVhKJ7maBWbsc+V5G
LxKEdDL7T4AfesQzzlAYUQ/s+zHlwJ2fyl3NrBg6Nc27C2A2g9pefhJbn0h8lWdn
I627DIrjDMvoSTiF1MKD/N4bXbF665gflUxbI5DTTHCtWf+0lP9i8mXP0kXQU4By
2QLdcpQzlHgnprI+qio1ioKuojcPcryYaOnpQWFHL6AqHzkRJRpMLPBhgQPbpz1v
BaShxGBasSHO+Htw5PbwrNwWvU8eH5joRQu3PBgzATS9M91RN58i03u2oQMt3Qif
e5USnfk3iYir/qkJWJk8m2kveZy0giI8AaRISu0jXNsB8euQXP2dxTKIF3BPEi5m
MZKTGTS4Tz3alpHWaeJtfJT0ihq4HME91rTKgP+CIHWYR4hmTPyYgrX0mm2MN+wi
G4vJXtcmBaCdcQZ1buCBVWJCUJ0bWZ3Fs4Ohjw6bP3iyb+Q5UOcXNyOi5NpaUbAi
47F5O6hvEWPxHRhvPD/9NASjRSxaUDbBVj5lieUXCHnhMSAHo1H3kHMCAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "id5vF2fBwUCMrT5HLvIpeXmvQMQoksUBYXOdc9RyOUF";
};
};
kabsa = {
nets.retiolum = {
aliases = [ "kabsa.r" "kabsa.kmein.r" ];

View file

@ -163,6 +163,7 @@ in {
rauter = {
owner = config.krebs.users.mic92;
nets = rec {
internet.addrs = [ "rauter.thalheim.io" ];
retiolum = {
aliases = [ "rauter.r" ];
tinc.pubkey = ''
@ -472,6 +473,7 @@ in {
rock = {
owner = config.krebs.users.mic92;
nets = {
internet.addrs = [ "rock.thalheim.io" ];
retiolum = {
aliases = [
"rock.r"
@ -802,6 +804,26 @@ in {
};
};
mauricehome = {
owner = config.krebs.users.mic92;
nets = rec {
retiolum = {
aliases = [ "mauricehome.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAwFmnVmH2n3sa/iJE1u7kSWHMW2nx66wnq7ZA2XF5Wt1hiky4BKBj
jxIIdXHlSmARhDSCMgBKl9Z6/8PsmCK3xEO8q60oTsT8PQIhN3eSF8n92iK3dyKx
PyUsUUHjkqkNtmo/M70T4gAEuB1b/QRkATco/pTv+lMVkYdIydtdALjSxU0YrTiz
J5Ntsngi9+yUJ5g3r/lCuWobKxd5Dlsx3nXg81jTsp9hlXW2HC0XTbOSyH2NC36C
97Kgx2T25cG/FPhtQztQOems+FhbyJTFyZTGa8v/5rXeJlwcVFRh8sZ7E5yPzbJV
ZlBaorcpRtx8NY4jd8FnZftHF0BeAQJoYwIDAQAB
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "ohFUBMdmgS/DMe24sZ1+jNWzx65jCxto9pVjPnYIqzL";
};
};
};
mickey = {
owner = config.krebs.users.mic92;
nets = rec {
@ -890,6 +912,163 @@ in {
};
};
};
jackson = {
owner = config.krebs.users.mic92;
nets = rec {
internet = {
# jackson.dse.in.tum.de
ip4.addr = "131.159.102.3";
ip6.addr = "2a09:80c0:102::3";
aliases = [ "jackson.i" ];
};
retiolum = {
via = internet;
aliases = [ "jackson.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEA11g2uc9+tw1Bmvs4U6gsyimZ1hR1rnWTJw8CDRw6t7gx0HhRnRgB
0Fv11KjFGbImrcZ1wxCOJA+RQise18YnlpWIwYf/nDPGR21a1wcg3ZxVRa3/UQzb
pvbTFqK9NpPt7ENWs25ZLnatTFfc+D3kfoUSrwIVGKAaM87GlMkTH3FsARo4xj6H
NJeQ2snOIbLQ3xXQm3oZ5YN4CN30mtrcae+jIMlKnagBuDjP9UZ73GLHu1gJAPb6
iXdBK6/UTGY9uYKNHXnpf11I4rPSPK1r/6KxS1sX65hh4BT5Fs5goRhVqIeeICVJ
Ufnwj7se3Ao24nLXyTRmVXaTEVN/AqPyyQIDAQAB
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "cjYmx4Bb0JjogXNov+wSiPPIHM06n1jQnPJbP/E1yRN";
};
};
};
adelaide = {
owner = config.krebs.users.mic92;
nets = rec {
internet = {
# adelaide.dse.in.tum.de
ip4.addr = "131.159.102.13";
ip6.addr = "2a09:80c0:102::13";
aliases = [ "adelaide.i" ];
};
retiolum = {
via = internet;
aliases = [ "adelaide.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAzxKKd1dV+XDUV8pHqkAtbLcwEZVsf0kK+y5X/zbZcXEZhQQv6/dY
YJRoNG3lo8+7FMwYO2b2uyIkO1PopsORMAA2vIFaKJ2Qnt7byuIQ6n9CafIADx1M
dVf+cwUhY8IVIX2ndz9pIAY8NhmzEcjG5vGKxRqev1zNwa1LtsLDLObhkKYznM6y
HV5F92GONMeNOovHCxIYsSJ8jLn8BB60toADzocgzKvCiEw4IwKnzL/au9RGY4Xi
25YXBzF5ai84e+HyaGGGD/qa4SqL9/jCkDB7QAwRqb01wGhtTLty+ubjzh1HF3am
zpizPVNwBTqHW1S3W1i/yi5a5w4D/zdrRQIDAQAB
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "YzB5BqgIQ4f209B2KhpdHu6gRYj5IS64zy1wneq/yiG";
};
};
};
christina = {
owner = config.krebs.users.mic92;
nets = rec {
internet = {
# christina.dse.in.tum.de
ip4.addr = "131.159.102.14";
ip6.addr = "2a09:80c0:102::14";
aliases = [ "christina.i" ];
};
retiolum = {
via = internet;
aliases = [ "christina.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEA2pP2uCuvFWKfUwYIOcmPkqG8q/rNNyfw9C39tIC0VsDD6WJ0I7xZ
S57AiG4j6OZwbv7/89qAR94SM4Q9LgmVHhUHf06gPhO0MTVNt0N1PrOnfxeCOlgK
aH6DWZVhiwwiYwAJ55CVNFSkuL7/FtJAkAXmP0Y+xmn0mi1GpMa6RfSazqNPkXik
HdB7u96D7Ul75yPdTDi0dvMvCxQGo4PQBctheNPY61s7P1/7tRhBT+22iJn3v2Bc
Q9qLa6WuGIuFYCxT7GDGrKVu+V9VhFJe42p8yyIscqFagc61C/whN6v7eOh22gSR
8EbaexJIQ5xl8ZIJto+fr8MvYAQR4FpopwIDAQAB
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "/W10YGvcWZnVxCB6pxsC2D5A7QMk1Aw81YWi1p0Ex9O";
};
};
};
wilfred = {
owner = config.krebs.users.mic92;
nets = rec {
internet = {
# wilfred.dse.in.tum.de
ip4.addr = "131.159.102.15";
ip6.addr = "2a09:80c0:102::15";
aliases = [ "wilfred.i" ];
};
retiolum = {
via = internet;
aliases = [ "wilfred.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAtQMC/LTfesg49VU06TFt3ikA9cdXuWzvg1FkCo6yXBlQt8fLFYg1
YBthh7W6CZYJwf6lGXUBtCiOnxidoQ89Fq61AQGGYzW8G/vqHwFaPGHQ42Eru+XG
RDi7ZjqOibdTemahX7gcDk6irB9WbkuXIS15n5FdQHhmjiun3zaEMoWpyiSM1HFQ
UfJLI8pRtB65RTdT3yp8XMASldTAlSlFj2AYlDZkgcRYLZuVWb/Wz7EewG4SiB9T
wZ1pUIhdnGNdb37S/VIjMPavaV4HK7u7awqwaaIRUYwWloCo8LGRDCXa3iEMql7J
tI4iMEsmjHi8P5mQp4ZwwNLWucdM9+Wt6QIDAQAB
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "5dMnJmUDmCnN/3dc7fTPlXweMmbs6W+VgSgZi+p+u2B";
};
};
};
river = {
owner = config.krebs.users.mic92;
nets = rec {
internet = {
# river.dse.in.tum.de
ip4.addr = "131.159.102.16";
ip6.addr = "2a09:80c0:102::16";
aliases = [ "river.i" ];
};
retiolum = {
via = internet;
aliases = [ "river.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAumAOQf8/nv2Ml082e7fgoicoQ7stspsx8v1bkoubW9yq/LbdcTki
cP6uZkLBXgd9cPq4vhSso/kaGn6UzPWeUCLv17gPn6jFlB1AYN6mJNLOxJyotajc
78SyqzDyZ4iA0W44w98ic5yWQ/uaF3q3npFlHtAN4fD0aw50uR+2TgH5zCB8iNul
CNIRWU9sp1t6VFYSN49tcqZ4j6jb6q/MyH5o5WLPasnq0SzQd09rnhUax7QLbIBP
iNBYLOFYMYmoN1WlPwZf1Dt6NeFGyNn5aWE3xtOG6FYwzzCEXYOxxdXzuL5Mmiv9
6d71+XWEAzNT9OQB3oGCLAamT+9le7SqnwIDAQAB
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "gcgEqGyhO4S7Q44vID/cpbbVaLSNYov97oGwa3pSI4N";
};
};
};
jack = {
owner = config.krebs.users.mic92;
nets = rec {
internet = {
# river.dse.in.tum.de
ip4.addr = "131.159.102.17";
ip6.addr = "2a09:80c0:102::17";
aliases = [ "jack.i" ];
};
retiolum = {
via = internet;
aliases = [ "jack.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAx5ROeRs0CxD2IPfkrFB4O03/Kf8Ajjmd/J1gpCvHROKL+gDvaCO1
68RbTdC1f5K6Dwc51oX87XisrD435aNCqnlE8fw1X8ZYLKRlZmLDBJGSupm35jj3
w80L9OTK07I3cK6AqCfRWyI9Ja6J9PGOT95h8OtiAPlYssEkSqGJrtwe61V5rq1A
st7khZO0b+xYsr+ZgOVuZMDAco9DwG7NFfpWkzAgTF6q0a+kdjFrFb6SaeJJf12t
WUGWEkaTP5iLQ/h3M+a7MH0Col+aPNEWE4ycqZR9U3E4pMqoD7tjkYdYtv9kR/j+
ZtN2Vlw+hKC47DA3zRNRcg7DC+FFDNFaYwIDAQAB
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "vmtUoblzicabsNFu7u889cF9pgBKoJpHHIhY8Y/eQgC";
};
};
};
hal9000 = {
owner = config.krebs.users.mic92;
nets = rec {

View file

@ -160,6 +160,46 @@ in {
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAcZg+iLaPZ0SpLM+nANxIjZC/RIsansjyutK0+gPhIe ";
};
ponte = {
cores = 1;
owner = config.krebs.users.krebs;
nets = rec {
internet = {
ip4 = {
addr = "141.147.36.79";
prefix = "0.0.0.0/0";
};
};
retiolum = {
via = internet;
ip4.addr = "10.243.4.43";
ip6.addr = "42::443";
aliases = [
"ponte.r"
];
tinc = {
pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEA52Glj/C85oMy3cnaRAtg2qkleaJFWiqwaQNUsk4JgX1PwZJ8aInD
YAMXj0H0wz7h3mh5QVRDq4i11LXOIy1P6J6QAvb3lssYnFfJkR9j/dArCIFsEhHf
V41E4KMcHV9t17xO6wQitXqzvcmxodxly8qAx1k7ddlGdQPTWXVvQTRgWBwm9oQ9
w0d5p2fej/E5iOmbLyVjiJ72rFJIQdfPo782W78ZQftMSXsnyrr5OJu1b4qsga1Q
fYiAKjNE29OPiw5hLy9W/jLJMm0eR94LpUy0MZ5hYkYmvII1TqIqxVgj48gYfJ5v
QCjU9R2H5pUNfDiYutCqscRn5YDe44dcYBeG8Rkf0i4BTdqiE7h1AIciccXsJddt
HFxbWqi3HDoWlo7cFK9vYVUi4jgQP5cUVP85I43aDu3S3M3mszk1nyP+gDobE5Z9
jPGckgn7wTYXlDioIlExJJ6FCaSWSxvh0Zh0HDrTD+WKP6qJ2aYnAz2xptiQGNCu
rYEvFoWd5T7VMzI02Z2hCiE2fFWlH63Am1tKspFKl+lHjwMrwcwFA5WoNHCeXx2X
S1T3I7P4SkRZervYJ55wQxCBKLgvZP2I1J1JzMkyuTszg9tex14MdVdZZrKXVrnr
exCMJruliLbZmtrbHHTXoCngppylnJOxKXpfpogLTZzLGncO6Ry5G18CAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
pubkey_ed25519 = "0l+q3Bg5gYcw8VDjSYV7+wVSO3t4Es5jizAYJ9UR8cA";
};
};
};
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJEw9fo8Qtb/DTLacdrJP7Ti7c4UXTm6wUUX+iRFweEo ";
};
puyak = {
ci = true;
cores = 4;

View file

@ -129,6 +129,7 @@ in {
"c.r"
"p.r"
"search.r"
"radio-news.r"
];
tinc.port = 655;
tinc = {
@ -875,12 +876,10 @@ in {
lass-blue = {
mail = "lass@blue.r";
pubkey = builtins.readFile ./ssh/blue.rsa;
pgp.pubkeys.default = builtins.readFile ./pgp/blue.pgp;
};
lass-green = {
mail = "lass@green.r";
pubkey = builtins.readFile ./ssh/green.ed25519;
pgp.pubkeys.default = builtins.readFile ./pgp/green.pgp;
};
lass-mors = {
mail = "lass@mors.r";

View file

@ -1,51 +0,0 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBFr9fAEBEACz2E2E7uBulVBBtPmk9IR2yB+uAWSe8Hi7vNiGc1Dbs40jzWuy
AqouqyC5xnVw66+cQaYOsgXiwencmu/cFEV2x2uRLDVh1E/fvc8yxAOizEIY0jm/
WZ/4IWvTZLVPF3BOhM4p/HGNbdZhRc4RoljLTB34VuY1KSMhs3Vx7n3HgZzdbD7D
itUFU4oY5CnkQp4yl1Htat08cZmbD51VTZB1hDw2Uea+VuMQ/ImRtTqW+Ss4xyPA
DwUE/vRM3CKwBvcjbNL3uUqc5dtZuvruuFeK3ScmdNLytcgXqJzLlwuzHmSt/Tnc
DQZWKGiHnMvrAOkMEvsmiKhboWSAq4sRUPhISqZ7MSvPfhaH5Gcmhi+hL8FZhGY0
qF7MNLHoimw6MBV6FIIA0vCDn2p5Vwc7L+LqLjWqAvxdfVoeUJjUWbWWNNWg4Tw7
9e7rAR86e4AvhCZRubRn1aOfKGF5vg/El98OeIwBFQHpr7uznKfjmAEpoGveV+vG
amptMCBAr4Hw76U708XWOQkZ2GDY9cfdxUllhAmmPrNQ/OcT2b4x0xKvMi4nA5G8
PBOFErkS61zNxsHgpFe2isG+VDqYLfeQhOdB101Qn6IHw3KxyW85CwImUpdRLMUi
0wtcA7M5GB94HRZ8qW6LtFBjwqm2NGudB0alfIWIq7KuRMXus3sJKQ2gDQARAQAB
tBlsYXNzQGJsdWUuciA8bGFzc0BibHVlLnI+iQJOBBMBCAA4FiEEuOpc8JA44Pd5
NXyK8UJeZkL6H7wFAlr9fAECGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQ
8UJeZkL6H7ygPQ/+JydbB0IX64ojm34YaeWKVdM5D7JFBdNuKgbAMf0Uhcja6YcU
0YRvuOPpw4lNZqV/1yxDXGHJrVfGolq6uz28oWr+9VUD8QXH9ODm1EMLsU8Jb1Nh
SE+rWSAhEmdw8l9Bi12wq4v/z/JC93/VJLnBGOL8LDEsJ9OatUw71KIt/a50ERoz
uCZbMeLPym8WqSK1kjQehL5pj97BzxmBNpFYwqaniTAuqTN6bhs2ws+k89vjaWIP
T+bEqsJV/vR9KZcNlmKlTQwbsjQ1BZ9EuV4EBL6IAMrqxDeY3mFnT+EpkabfIVSh
38KmG+4PZDXaj6rCsrsH2pUKaZ/Z6Mr3lmFb/1aaK3xKiQyxcMrbcixIIVI8ihTM
HUC3DFFlA7+02b67QomWFLRiZid4gCry7xhZyryQJkN2l20fzRjWf0myzcPO0qxc
y39gUyEqy1oeaffCc1QgDJH2Hvf+P9StyMZIulNuCKJ9tfQR5nkkDAy/2p405Lmf
mdKOMha6bZ+mA5HbmjMqwyFPHEtU6t/mUhlh7mYqNYAJikuqV00N6nTKVrBb2IfK
atoHeUcmvMWBGL7+x3zxwf2pnum6a5iDES2ir87ltOGKGDeMt2Y/Ap30P+uZGnn1
AiRu2bGkCiQ/WH1StJhAhJeleUfdbOa7/voc14nl3rewqyhqYd8dlI+TWAu5Ag0E
Wv18AQEQAOFMwY2ky5TyRrDqJosq0y/9+8D6RiXlyOnyTQ+bqu4mDEaVu3xNcKLH
CQsTM7gDR9pivapoDo84CK8w519DHCA2EpNGTDO4twcQ3jKqPth809LnibwdKJCe
qsfxsIfN8LbpKDOygZ2av11gcT0ye9uOMkiiRSE2MMGDU/50sskecavUAExDgwFs
v72ReU3fXRfTqYT6p/i/qMB7GbS8PlKFz61JKHDceS5GJUZJ5OWOoq7ZMCz6zrLW
2mQIJ7kblGCJKUnx/lZ5y9nqSCk7jer2qENxWNPOCwD48A78u1Bz8xSN5D1gFO3f
YSKh60kK5UljwkvRD7NvAcg2ifwL1e+/7v8WV9OsHDUBEiJO05tsjJ76QwHnEq6j
4peArcTAHWZ4uGncAgYN/Uii+0vs3oVDsZ9d2uLJxuR3h6T4XVejeuZ3j3o/XX/E
aZwcdH3VpKqEjdG4c4TMz96bN7ZN2DbgTf40rwPFKgWnvhCA9dWlmfy9pW2z2hyg
rJaRGXd/4znj5YlMliDrL4/Yp9j1J1CsoZM68er6/zMU1SA9U/y+MVqMoPCPlczx
mbwWQm1JH6fZv2SzHbZOrZYWKVWX+jPZQV6SjKwSiVrLlZJ0Z8u00HBRRRzXLwXa
OLL/dGP1v+msMv1oCJT1AsMcBEE3bY1efnDP1XK8vBLzoMKGS1RtABEBAAGJAjYE
GAEIACAWIQS46lzwkDjg93k1fIrxQl5mQvofvAUCWv18AQIbDAAKCRDxQl5mQvof
vOC1D/wO+tGKz/y5dc/ifJGTndxoHnU8tarboDll0kcdpTGU7It+ReNustqJZj5v
HK4V/ZXUw5+y6ZasNa/mFYY8oACOI40SlMdyt708XfPqYKXOpnM0oGRGfALi+oKg
iIzYtXsqYk5ZYSFWpgxajHef9HMmHNJ8riSVRugUPubPMKPR65DOXl+BdVIlQw7o
2g3s4Lii0IRKov3BvB51oJMhRK2Ne55VDBid32oIoqXLXS2E2gJQegioAiDUA5J4
1f96RCeYfxOgaPj/o4eiXK0H3owA3W78/tIjq5218PCIYFsOKPhrSqJ7ZF/5yGwW
ppVzsaz1sE9oULR0VOFUwjpYmyH32WwKkLF6mKumb8Q7Pd/FJq0I3/kxD/OrlNVZ
8UCX0CzxMyfEeSUfScunKLMfopEGxXTR4l8jew7CwxX08H0nkqyegDZSN8MjYxQL
V/zoL+aPjYh1WYf1L8wyBZjQbA6khHwYRZPaHrGfGaCGC8MHiSjPb/nt54+vZXtt
17LcX4VvHwWIBf88JpZO9eyTFPdYIZANSyo6ltbRoomuAywuA5IibCwh/BXi/aVa
Jro4UvbiwMqbVgSAt15VAwEK1Re/NNLBTcVVMHsWr5WNmo0s2C7+j+iIMPEOwhRs
ZFj74cztyOF/dGeCv9ycW29g+ejXaPpFOYQz0A9bBdkEdTGWhQ==
=D854
-----END PGP PUBLIC KEY BLOCK-----

View file

@ -1,40 +0,0 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQGNBGAMS3EBDACzbsaP9nhJ8GrAk5JLlz+ruDbEGuvJXvh+spVq9i9TCCGAraPo
z8Tmgsw6SJhJMW/170OZJ+GMMEDRpRbvh8tLZ0jsTIwINasRjC68tF9dgjjPZdNN
cVOpFw4Wf4ueMmoEG/9Xyehm+YEJFTj5wul2uJtfj5NJB43daDn4e3ieGExd+zE0
FTP4yAmxVMbN4BiyZPX7CxeTzJS0g4aVnMq9RqtYbxd1Uv++LmPh1ZkEyNNKItfC
nRFeZzjhnmD7LvwsixE2ENnbiL9Ho7Mc4C7kRKSJ+LvXH6ChJJtDy9ApVA+u90i5
Rd7y9rdzFY+NCHusWg0/U/t2FoLc/hRa0eLE1KFtzWzH35TMl8R/7NrPztTwT/fH
xt3qSiwMUvH9X9TGvh5N0WwqgtEe6mpZvpq+4gyOiyA+EwE73rnxG2DzmM6CFHyo
Qm/OOfjuFH+l0PkAqti+f41SqlEOiOAAFzgz7gaTdJ8gXs8piOGxk4U5EK/p1OTW
4e6DrxqcxmHgoAUAEQEAAbQMbGFzc0BncmVlbi5yiQHUBBMBCAA+FiEE6Ed5jGI3
gop09K1NMwheLc2Sjz0FAmAMS3ECGwMFCQPCZwAFCwkIBwIGFQoJCAsCBBYCAwEC
HgECF4AACgkQMwheLc2Sjz0otwv+I8Sw0ENqy6SsrZSGDtmhAouCeTIUseRQ66tp
UFnxDVPYhhdM2ubTtIqOfx20Xdy/7N/POyYMJ5VR+IaFcB9wUlrhdjwUlCtoUipx
EycZloccMPGySxAxR3Kcy/SFzUKWwQ10/mfSQg/4+vYayZNuSvEpviMEZn0prpmw
jwFJcHOu0NL+7eYULMdit1BDaZfBaAu/otKn18878+0hVimyjW27564uXtJYnbf1
hUVGvPLaSo74XBFra+kujcA3zIjWiPn6dRA5dzLrRRkb30Unl1+0a9QwY3wd3vCV
UHWSgDNaV+o7yPTuxoMsfrxHPAc3JlaKM6ka/EdK04tbgMH/N7FHXqDqCEIBWML4
1/+HxkP2UW59zLefQwvBqWcF6bA7kgHGhIDkg1yg7ygP0t2mH6ktuEAYYr24BFx7
b8nK/jhK+rp3LomLTLQ6e/6mikfoDr636sB1/Bc+pTdWsJnuQTzaWBDloVEr/2hz
/K5+wH2kgSKaWYUtaR6wiMbVKq3HuQGNBGAMS3EBDAC1xQNCJD3hlnihHBv7jxfH
CI5HdnUEh1eP8mUKjSE+Z0xGEMq8Z9sbTHQxtDdmC4ZOq1Kkt2LmtQQQAIH+Qnu6
RYFOAPRmegouIxg4S3eTPZhZRo1ZqCphqbL2mQ9ifNrG3VVvQGXNvjo3Cuwj0uzx
EDtOilKEtHZhG0cfehGV+nO1n/g50EQMC7JkFWnryxVL8i4l3KstOdj+LcIT6c27
EE2fzOUekeltBHGRFSM1Yzmn2lxruuK4I8zoiqak2St1788ay//F9tiZPfhWRb6+
DF+JgRLCXatqTJppPpkui1irw6jN5ZabjyS7GBtH+5wpnvuMEMr484OXEg17VnCd
Tx/RTLyjfffDtTkC4M7oiAr5SUbkJjVkEuwjxp1N19epD8gzrBQC2W7XKM3z+mtG
ZLJtiW5hM+QylMv7VWxbQ21ObJmUqBQUZLPlpl3dlGU/ILw3U4urBibD9oPT2QAX
J6Db/STyl6w0bzRbMJmaEM4P0FcdEKTuw7tOpl5zBUkAEQEAAYkBtgQYAQgAIBYh
BOhHeYxiN4KKdPStTTMIXi3Nko89BQJgDEtxAhsMAAoJEDMIXi3Nko89yc8MAJKg
M5lbA/PJYlIju/qWKWt7yZbsIGuDfmuKfYftjXDOqskEqDyYgr31Txd43bWM6Ec7
gb5JVmtzvLull0/KRwMcKAFNTXIYcb3jKpanwWRgHQlt/D6zlQula73WxwNUlZWl
Q8FCWjGa2hC8oKlTbtzm5osdcK+YhlpTpK5y4Mrg0f9Rcd297ygFQSDInpGq7ILY
sFat3HU7w9oPp9Q5RS8/EmrvAx1kFj9mZRs4L9inJJnHFpb1R6snojcKPwEyIWBi
+PFZ6ns296FjW9C+Ci7C+aaAzVDM7NAwU0/EhWeDKKHITU3Zaz4gnShesKBiVxhI
JQNFCjWlnc+o3RqbAhDQhlwFrCZWUxQi1qWy4U88IYqR9hxV0eNtGSRmwnGCT9RV
Nxb6CjtmHpgUmzyvwBpBJya8bLYu5tCKnUodtFiq/poxEfI5WrP6pu5l648AwuPa
ioovprweDWs38Q8wd/SuoaUtIoj378UDXq8acFvHHnOS/bBBfAE9tutY1ycJdg==
=Fg3f
-----END PGP PUBLIC KEY BLOCK-----

View file

@ -8,8 +8,8 @@ mkDerivation {
version = "1.0.0";
src = fetchgit {
url = "https://cgit.krebsco.de/pager";
sha256 = "1kqd27faxinkwpxancyk0xl6n7ljlc8iqhnnq85l76bk4qi9b45i";
rev = "f4cdf79bd4a75e9eafe68b9a908f4cc68682b7ef";
sha256 = "1qlkhqidaa6w02ix9ambfdsm7lfyx30ap481b9ic1ppyfkhqzfp6";
rev = "fc6105a5e7d1e3a07bf07ea85e7902dd8e9fc849";
fetchSubmodules = true;
};
isLibrary = false;

View file

@ -1,20 +1,21 @@
{ pkgs }:
pkgs.writeDashBin "generate-secrets" ''
pkgs.writers.writeDashBin "generate-secrets" ''
set -eu
HOSTNAME="$1"
TMPDIR=$(${pkgs.coreutils}/bin/mktemp -d)
cd $TMPDIR
PASSWORD=$(${pkgs.pwgen}/bin/pwgen 25 1)
HASHED_PASSWORD=$(echo $PASSWORD | ${pkgs.hashPassword}/bin/hashPassword -s) > /dev/null
${pkgs.openssh}/bin/ssh-keygen -t ed25519 -f $TMPDIR/ssh.id_ed25519 -P "" -C "" >/dev/null
${pkgs.openssl}/bin/openssl genrsa -out $TMPDIR/retiolum.rsa_key.priv 4096 2>/dev/null > /dev/null
${pkgs.openssl}/bin/openssl rsa -in $TMPDIR/retiolum.rsa_key.priv -pubout -out $TMPDIR/retiolum.rsa_key.pub 2>/dev/null > /dev/null
${pkgs.tinc_pre}/bin/tinc --config "$TMPDIR" generate-keys 4096 >/dev/null
cat <<EOF > $TMPDIR/hashedPasswords.nix
{
root = "$HASHED_PASSWORD";
}
EOF
cd $TMPDIR
for x in *; do
${pkgs.coreutils}/bin/cat $x | ${pkgs.brain}/bin/brain insert -m krebs-secrets/$HOSTNAME/$x > /dev/null
done
@ -31,9 +32,12 @@ pkgs.writeDashBin "generate-secrets" ''
aliases = [
"$HOSTNAME.r"
];
tinc.pubkey = ${"''"}
$(cat $TMPDIR/retiolum.rsa_key.pub)
${"''"};
tinc = {
pubkey = ${"''"}
$(cat $TMPDIR/rsa_key.pub)
${"''"};
pubkey_ed25519 = "$(cut -d ' ' -f 3 $TMPDIR/ed25519_key.pub)";
};
};
};
ssh.privkey.path = <secrets/ssh.id_ed25519>;

View file

@ -5,6 +5,13 @@ emptyok_response() {(
printf '\r\n'
)}
not_modifed_response() {(
printf "HTTP/1.1 304 Not Modified\r\n"
printf 'Connection: close\r\n'
printf 'Server: %s\r\n' "$Server"
printf '\r\n'
)}
delete_response() {
jq -n -r \
--arg server "$Server" \
@ -74,8 +81,20 @@ case "$Method $path" in
'GET /'*)
item=$STATEDIR/items/$(echo "$path" | jq -rR @uri)
if [ -e "$item" ]; then
file_response "$item"
exit
if [ -z ${req_if_modified_since+x} ]; then
file_response "$item"
exit
else
age_file=$(date +%s -r "$item")
age_header=$(date +%s --date="$req_if_modified_since")
if [ "$age_file" -lt "$age_header" ]; then
not_modifed_response
exit
else
file_response "$item"
exit
fi
fi
fi
;;
'DELETE /'*)

View file

@ -1,9 +1,9 @@
{
"url": "https://github.com/NixOS/nixpkgs",
"rev": "e10da1c7f542515b609f8dfbcf788f3d85b14936",
"date": "2022-04-27T07:19:43+10:00",
"path": "/nix/store/hzywi4az4ldmh416hpm4r27075qvfmsf-nixpkgs",
"sha256": "1if304v4i4lm217kp9f11f241kl3drbix3d0f08vgd6g43pv5mhq",
"rev": "2a3aac479caeba0a65b2ad755fe5f284f1fde74d",
"date": "2022-05-09T07:45:23+00:00",
"path": "/nix/store/56hy8l0ky71qdx5zibjzzg0q8ivkk7vc-nixpkgs",
"sha256": "0px2fk64s56qxd8ir8xg8bsj5yz1w399ps4xfkyx29n2ywp9ar7c",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,

View file

@ -113,8 +113,7 @@ with import <stockholm/lib>;
}
<stockholm/lass/2configs/exim-smarthost.nix>
<stockholm/lass/2configs/privoxy-retiolum.nix>
<stockholm/lass/2configs/radio.nix>
<stockholm/lass/2configs/radio-news.nix>
<stockholm/lass/2configs/radio>
<stockholm/lass/2configs/binary-cache/server.nix>
<stockholm/lass/2configs/iodined.nix>
<stockholm/lass/2configs/paste.nix>

View file

@ -0,0 +1,83 @@
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>The_Playlist Voting!</title>
<style>
#good {
display: block;
width: 100%;
border: none;
background-color: #04AA6D;
padding: 14px;
margin: 14px 0 0 0;
height: 100px;
font-size: 16px;
cursor: pointer;
text-align: center;
}
#bad {
display: block;
width: 100%;
border: none;
background-color: red;
padding: 14px;
height: 100px;
margin: 14px 0 0 0;
font-size: 16px;
cursor: pointer;
text-align: center;
}
</style>
</head>
<body>
<div id=votenote></div>
<button id=good type="button"> GUT </button>
<button id=bad type="button"> SCHLECHT </button>
<center>
Currently Running: <br/><div>
<b id=current></b>
</div>
<div id=vote>
</div>
<audio controls autoplay="autoplay">
<source src="https://radio.lassul.us/radio.ogg" type="audio/ogg">
Your browser does not support the audio element.
</audio>
</center>
<script>
document.getElementById("good").onclick=async ()=>{
let result = await fetch("https://radio.lassul.us/good", {"method": "POST"})
document.getElementById("vote").textContent = "Dieses Lied findest du gut"
};
document.getElementById("bad").onclick=async ()=>{
let result = await fetch("https://radio.lassul.us/skip", {"method": "POST"})
document.getElementById("vote").textContent = "Dieses Lied findest du schlecht"
document.getElementById("bad").disabled = true
window.setTimeout(function(){
document.getElementById("bad").disabled = false
}, 100000)
};
async function current() {
let result = await fetch("https://radio.lassul.us/current", {"method": "GET"})
let data = await result.json()
document.getElementById("current").textContent = data.name
}
window.onload = function() {
window.setInterval('current()', 10000)
current()
}
</script>
</body>
</html>

View file

@ -105,6 +105,10 @@ let
'';
in {
imports = [
./news.nix
];
users.users = {
"${name}" = rec {
inherit name;
@ -161,14 +165,14 @@ in {
output.icecast(mount = '/music.ogg', password = 'hackme', %vorbis(quality = 1), source)
output.icecast(mount = '/music.mp3', password = 'hackme', %mp3.vbr(), source)
output.icecast(mount = '/music.opus', password = 'hackme', %opus(), source)
output.icecast(mount = '/music.opus', password = 'hackme', %opus(bitrate = 64), source)
extra_input = audio_to_stereo(input.harbor("live", port=1338))
o = smooth_add(normal = source, special = extra_input)
output.icecast(mount = '/radio.ogg', password = 'hackme', %vorbis(quality = 1), o)
output.icecast(mount = '/radio.mp3', password = 'hackme', %mp3.vbr(), o)
output.icecast(mount = '/radio.opus', password = 'hackme', %opus(), o)
output.icecast(mount = '/radio.opus', password = 'hackme', %opus(bitrate = 64), o)
'';
services.icecast = {
enable = true;
@ -227,7 +231,7 @@ in {
systemd.services.radio-recent = let
recentlyPlayed = pkgs.writeDash "recentlyPlayed" ''
set -xeu
set -xefu
LIMIT=1000 #how many tracks to keep in the history
HISTORY_FILE=/var/lib/radio/recent
while :; do
@ -368,88 +372,17 @@ in {
locations."= /good".extraConfig = ''
proxy_pass http://localhost:8001;
'';
locations."= /radio.sh".alias = pkgs.writeScript "radio.sh" ''
#!/bin/sh
while sleep 1; do
mpv \
--cache-secs=0 --demuxer-readahead-secs=0 --untimed --cache-pause=no \
'http://lassul.us:8000/radio.opus'
done
'';
locations."= /controls".extraConfig = ''
default_type "text/html";
alias ${pkgs.writeText "controls.html" ''
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>The_Playlist Voting!</title>
<style>
#good {
display: block;
width: 100%;
border: none;
background-color: #04AA6D;
padding: 14px;
margin: 14px 0 0 0;
height: 100px;
font-size: 16px;
cursor: pointer;
text-align: center;
}
#bad {
display: block;
width: 100%;
border: none;
background-color: red;
padding: 14px;
height: 100px;
margin: 14px 0 0 0;
font-size: 16px;
cursor: pointer;
text-align: center;
}
</style>
</head>
<body>
<div id=votenote></div>
<button id=good type="button"> GUT </button>
<button id=bad type="button"> SCHLECHT </button>
<center>
Currently Running: <br/><div>
<b id=current></b>
</div>
<div id=vote>
</div>
<audio controls autoplay="autoplay">
<source src="https://radio.lassul.us/radio.ogg" type="audio/ogg">
Your browser does not support the audio element.
</audio>
</center>
<script>
document.getElementById("good").onclick=async ()=>{
let result = await fetch("https://radio.lassul.us/good", {"method": "POST"})
document.getElementById("vote").textContent = "Dieses Lied findest du gut"
};
document.getElementById("bad").onclick=async ()=>{
let result = await fetch("https://radio.lassul.us/skip", {"method": "POST"})
document.getElementById("vote").textContent = "Dieses Lied findest du schlecht"
};
async function current() {
let result = await fetch("https://radio.lassul.us/current", {"method": "GET"})
let data = await result.json()
document.getElementById("current").textContent = data.name
}
window.onload = function() {
window.setInterval('current()', 10000)
current()
}
</script>
</body>
</html>
''};
alias ${./controls.html};
'';
extraConfig = ''
add_header 'Access-Control-Allow-Origin' '*';
@ -482,11 +415,9 @@ in {
};
services.syncthing.declarative.folders."the_playlist" = {
path = "/home/radio/music/the_playlist";
devices = [ "mors" "phone" "prism" ];
};
krebs.permown."/home/radio/music/the_playlist" = {
owner = "radio";
group = "syncthing";
umask = "0002";
devices = [ "mors" "phone" "prism" "omo" ];
};
krebs.acl."/home/radio/music/the_playlist"."u:syncthing:X".parents = true;
krebs.acl."/home/radio/music/the_playlist"."u:syncthing:rwX" = {};
krebs.acl."/home/radio/music/the_playlist"."u:radio:rwX" = {};
}

View file

@ -1,14 +1,31 @@
{ config, lib, pkgs, ... }:
let
weather_for_ips = pkgs.writers.writePython3Bin "weather_for_ips" {
libraries = [ pkgs.python3Packages.geoip2 ];
} ./weather_for_ips.py;
weather_report = pkgs.writers.writeDashBin "weather_report" ''
set -efu
${pkgs.curl}/bin/curl -fsSL https://wttr.in/''${1-}?format=j1 \
| ${pkgs.jq}/bin/jq -r '
[.nearest_area[0] | "Weather report for \(.areaName[0].value), \(.country[0].value)."]
+ [.current_condition[0] | "Currently it is \(.weatherDesc[0].value) outside with a temperature of \(.temp_C) degrees."]
| join("\n")
'
set -efu
export PATH="${lib.makeBinPath [
pkgs.coreutils
pkgs.curl
pkgs.iproute2
pkgs.jc
pkgs.jq
]}"
curl -z /tmp/GeoLite2-City.mmdb -o /tmp/GeoLite2-City.mmdb http://c.r/GeoLite2-City.mmdb
MAXMIND_GEOIP_DB="/tmp/GeoLite2-City.mmdb"; export MAXMIND_GEOIP_DB
OPENWEATHER_API_KEY=$(cat "$CREDENTIALS_DIRECTORY/openweather_api"); export OPENWEATHER_API_KEY
ss -no 'sport = :8000' |
jc --ss | jq -r '.[] |
select(
.local_address != "[::ffff:127.0.0.1]"
and .local_address != "[::1]"
) | .peer_address | gsub("[\\[\\]]"; "")
' |
${weather_for_ips}/bin/weather_for_ips
'';
send_to_radio = pkgs.writers.writeDashBin "send_to_radio" ''
${pkgs.vorbisTools}/bin/oggenc - |
${pkgs.libshout}/bin/shout --format ogg --host localhost --port 1338 --mount /live
@ -26,17 +43,15 @@ let
'';
newsshow = pkgs.writers.writeDashBin "newsshow" /* sh */ ''
echo "
cat << EOF
hello crabpeople!
$(${pkgs.ddate}/bin/ddate | sed 's/YOLD/Year of Discord/')!
$(${pkgs.ddate}/bin/ddate +'Today is %{%A, the %e of %B%}, %Y. %N%nCelebrate %H')
It is $(date --utc +%H) o clock UTC.
todays news:
$(get_current_news)
$(gc_news)
$(weather_report berlin)
$(weather_report 70173)
$(weather_report munich)
"
$(weather_report)
EOF
'';
in
{
@ -59,13 +74,22 @@ in
startAt = "*:00:00";
serviceConfig = {
User = "radio-news";
LoadCredential = [
"openweather_api:${toString <secrets>}/openweather_api_key"
];
};
};
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-p tcp --dport 7999"; target = "ACCEPT"; }
];
services.nginx.virtualHosts."radio-news.r" = {
locations."/" = {
proxyPass = "http://localhost:7999";
proxyWebsockets = true;
extraConfig = ''
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
'';
};
};
krebs.htgen.news = {
port = 7999;
user = {
@ -73,14 +97,18 @@ in
};
script = ''. ${pkgs.writers.writeDash "htgen-news" ''
set -xefu
case "$Method $Request_URI" in
case "''${Method:-GET} $Request_URI" in
"GET /")
printf 'HTTP/1.1 200 OK\r\n'
printf 'Connection: close\r\n'
printf '\r\n'
cat "$HOME"/news | jq -sc .
exit
;;
"POST /")
payload=$(head -c "$req_content_length" \
| sed 's/+/ /g;s/%\(..\)/\\x\1/g;' \
| xargs -0 echo -e \
)
payload=$(head -c "$req_content_length")
echo "$payload" | jq 'has("from") and has("to") and has("text")' >&2
echo "$payload" | jq -c '{ from: (.from | fromdate | todate), to: (.to | fromdate | todate), text: .text }' >> $HOME/news
echo "$payload" | jq -c '{ from: (.from | fromdate | todate), to: (.to | fromdate | todate), text: .text }' >> "$HOME"/news
printf 'HTTP/1.1 200 OK\r\n'
printf 'Connection: close\r\n'
printf '\r\n'

View file

@ -0,0 +1,33 @@
import geoip2.database
import fileinput
import json
import requests
import os
geoip = geoip2.database.Reader(os.environ['MAXMIND_GEOIP_DB'])
seen = {}
output = []
for ip in fileinput.input():
location = geoip.city(ip.strip())
if location.city.geoname_id not in seen:
seen[location.city.geoname_id] = True
weather_api_key = os.environ['OPENWEATHER_API_KEY']
url = (
f'https://api.openweathermap.org/data/2.5/onecall'
f'?lat={location.location.latitude}'
f'&lon={location.location.longitude}'
f'&appid={weather_api_key}'
f'&units=metric'
)
resp = requests.get(url)
weather = json.loads(resp.text)['current']
output.append(
f'Weather report for {location.city.name}'
f', {location.country.name}. '
f'Currently it is {weather["weather"][0]["description"]} outside '
f'with a temperature of {weather["temp"]} degrees '
f'and a windspeed of {weather["wind_speed"]} meter per second. '
)
print('\n'.join(output))

View file

@ -12,6 +12,7 @@
${pkgs.rsync}/bin/rsync --chown=lass:users -a --delete "/etc/themes/$1/" /var/theme/config/
echo "$1" > /var/theme/current_theme
${pkgs.coreutils}/bin/chown lass:users /var/theme/current_theme
${pkgs.xorg.xrdb}/bin/xrdb -merge /var/theme/config/xresources
${pkgs.procps}/bin/pkill -HUP xsettingsd
else
echo "theme $1 not found"
@ -26,6 +27,8 @@ in {
serviceConfig = {
ExecStart = "${pkgs.xsettingsd}/bin/xsettingsd -c /var/theme/config/xsettings.conf";
User = "lass";
Restart = "always";
RestartSec = "15s";
};
};
systemd.tmpfiles.rules = [
@ -38,11 +41,20 @@ in {
"themes/light/xsettings.conf".text = ''
Net/ThemeName "Adwaita"
'';
"themes/light/xresources".text = ''
*background: #ffffff
*foreground: #000000
'';
"themes/dark/xsettings.conf".text = ''
Net/ThemeName "Adwaita-dark"
'';
"themes/dark/xresources".text = ''
*background: #000000
*foreground: #ffffff
'';
};
system.activationScripts.theme.text = ''
export DISPLAY=:0
if test -e /var/theme/current_theme; then
${switch-theme}/bin/switch-theme "$(cat /var/theme/current_theme)" ||
${switch-theme}/bin/switch-theme dark