Merge remote-tracking branch 'lass/master'
This commit is contained in:
commit
0b84135ffd
11
krebs/1systems/ponte/config.nix
Normal file
11
krebs/1systems/ponte/config.nix
Normal file
|
@ -0,0 +1,11 @@
|
|||
{ config, pkgs, ... }:
|
||||
{
|
||||
imports = [
|
||||
./hw.nix
|
||||
<stockholm/krebs>
|
||||
<stockholm/krebs/2configs>
|
||||
<stockholm/krebs/2configs/matterbridge.nix>
|
||||
];
|
||||
|
||||
krebs.build.host = config.krebs.hosts.ponte;
|
||||
}
|
14
krebs/1systems/ponte/hw.nix
Normal file
14
krebs/1systems/ponte/hw.nix
Normal file
|
@ -0,0 +1,14 @@
|
|||
{ modulesPath, ... }:
|
||||
{
|
||||
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
|
||||
boot.loader.efi.efiSysMountPoint = "/boot/EFI";
|
||||
boot.loader.grub = {
|
||||
efiSupport = true;
|
||||
efiInstallAsRemovable = true;
|
||||
device = "nodev";
|
||||
copyKernels = false;
|
||||
};
|
||||
boot.initrd.kernelModules = [ "nvme" ];
|
||||
fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; };
|
||||
fileSystems."/boot/EFI" = { device = "/dev/disk/by-uuid/628A-7F3B"; fsType = "vfat"; };
|
||||
}
|
49
krebs/2configs/matterbridge.nix
Normal file
49
krebs/2configs/matterbridge.nix
Normal file
|
@ -0,0 +1,49 @@
|
|||
{ pkgs, lib, ... }: {
|
||||
services.matterbridge = {
|
||||
enable = true;
|
||||
configPath = let
|
||||
bridgeBotToken = lib.strings.fileContents <secrets/telegram.token>;
|
||||
in
|
||||
toString ((pkgs.formats.toml {}).generate "config.toml" {
|
||||
general = {
|
||||
RemoteNickFormat = "[{NICK}] ";
|
||||
Charset = "utf-8";
|
||||
};
|
||||
telegram.krebs.Token = bridgeBotToken;
|
||||
irc = let
|
||||
Nick = "ponte";
|
||||
in {
|
||||
hackint = {
|
||||
Server = "irc.hackint.org:6697";
|
||||
UseTLS = true;
|
||||
inherit Nick;
|
||||
};
|
||||
};
|
||||
mumble.lassulus = {
|
||||
Server = "lassul.us:64738";
|
||||
Nick = "krebs_bridge";
|
||||
SkipTLSVerify = true;
|
||||
};
|
||||
gateway = [
|
||||
{
|
||||
name = "krebs-bridge";
|
||||
enable = true;
|
||||
inout = [
|
||||
{
|
||||
account = "irc.hackint";
|
||||
channel = "#krebs";
|
||||
}
|
||||
{
|
||||
account = "telegram.krebs";
|
||||
channel = "-330372458";
|
||||
}
|
||||
{
|
||||
account = "mumble.lassulus";
|
||||
channel = 6; # "nixos"
|
||||
}
|
||||
];
|
||||
}
|
||||
];
|
||||
});
|
||||
};
|
||||
}
|
2
krebs/3modules/external/default.nix
vendored
2
krebs/3modules/external/default.nix
vendored
|
@ -306,7 +306,7 @@ in {
|
|||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.42.63";
|
||||
ip6.addr = "42:4a6f::4263";
|
||||
ip6.addr = "42:0:4a6f::4263";
|
||||
aliases = [
|
||||
"crustacea.r"
|
||||
];
|
||||
|
|
30
krebs/3modules/external/gpg/kmein.gpg
vendored
Normal file
30
krebs/3modules/external/gpg/kmein.gpg
vendored
Normal file
|
@ -0,0 +1,30 @@
|
|||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
mQENBF0GDc0BCACZi+PQgX6Lefq/36X68W+XEyA2fWbMPJE1vAHETlzcMluOIL++
|
||||
6KRYqGr0ieFcaXNn4joNDN7cFMN0YHF2Rr7k6SWjOtcHS1RnZ8g/N+uxEvTBug60
|
||||
tRbhcO80rnHHb25jloV//wAAWD2ukTtwXWAMVBXwEXMc1JBOlFXcIDlNPdBMJG7A
|
||||
/5+AKMXg8HYUSbsad1SyagZbo9KuC/s4BVReBr4vK/zTo1gIwy95dQrBnC31O7Wa
|
||||
/s9CpNG//QJAbAxMN15P7Yo9xxG/AALjPSnKamp3yJsSiSyxhXImXEZtxU7ahq3t
|
||||
/DzuI2BbIv3Nj/39IZLgETrplzKUnWV18TzdABEBAAG0HUtpZXLDoW4gTWVpbmhh
|
||||
cmR0IDxrZm1Ad2lsZGU+iQFOBBMBCAA4FiEEnt6CzHKjQ6lSZtD0RIVwdKOsyLcF
|
||||
Al0GDc0CGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQRIVwdKOsyLfHDQf/
|
||||
YLaprugBmzaCvAGADzdgSrQJyFY2BnncVH1b/0HQ1p1smrcvKqbCXxlUmrWM896B
|
||||
7xHpcDPz/mMfNPTvSrcUHgqVkiiSsSzno1RCmeHKMiUaR/M6Ik59aa/EzxJf/QDT
|
||||
3QYy3mFIj44M0ZWjRZJ/3RhVT6QxaUh7fRNzduVE0LH6suybPcTcnIUGSURKwG9F
|
||||
cTXtMJA3+7UGj/emHk8yaFOWMJDY6h7rnXxiD5xcxapjrygFFNfAuaA2NcY3HEeG
|
||||
yOVYGwPQhwFWjbUhC1RIYu2fz7fkD11zQ22gt0aEn5fqiIVssBEvHJqNp577QxO4
|
||||
6q4ag1Js/gbus6PfQzlvqrkBDQRdBg3NAQgA1ewP1suBTB5UxyqEl7fpisD6hZ62
|
||||
9TDQUSn2yfxa8W1wtTH5i1Mw0p5e/+vPFqfu2TMSPoqASq9sDjeWSsiCdtaHbLu0
|
||||
y1W5hhQwGcxqauFJBSj/VpDnKd38inOvbW5PwDqZBqnbRZOpsdvsQ2dlaS0/5AJa
|
||||
RqJXNRc7Owg3ssqeBuhvZKeiPNADn3k9ZbAYNfDkYPJDbHTNPd8eu44vlBlMC7kX
|
||||
IkucV8zV31x9lCZx0cjI+OQbd/4GOSxBKqjBX5SBUQAlzHUT2CLoeKkivxbnHH40
|
||||
gV1PP/3QVVMJjkAot0v/n95KRj78iYOU2PrP5DiPogtLO4v14/lE3eaENwARAQAB
|
||||
iQE2BBgBCAAgFiEEnt6CzHKjQ6lSZtD0RIVwdKOsyLcFAl0GDc0CGwwACgkQRIVw
|
||||
dKOsyLfjegf/bX4MkzqsIOOAcmVla7M29Uk0HX5j4dK5t4Z7kx8OnhbYUMr8vr1w
|
||||
+2D5HiaV2kib5yhI17z9lL6vKyIWwTdf93zS+ivV+IUpxbx/KAdr83dd7B3RCdU7
|
||||
GFMzj7f3ieGQYOXw7pROZQR1zF90H6AtW/8qvOs73hSdcnQOtnmntvY/S5ifnzxi
|
||||
jpsOgjM7VD+BWsmhmYw7E4FiZOaLfoRsylyj5I+Sim2j9Xnu6lYvcgBXvwIqfunO
|
||||
O/gY21iomMwQm4mlXsFVRfSzRE4zlNASql1zcS1mbO6yeKJDKJgzqvWkcjd3OOuF
|
||||
e67yzkzlwiVDJIjhV6B0tRCDIqiOaiS3vw==
|
||||
=pwUK
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
22
krebs/3modules/external/kmein.nix
vendored
22
krebs/3modules/external/kmein.nix
vendored
|
@ -31,6 +31,28 @@ in
|
|||
};
|
||||
};
|
||||
hosts = mapAttrs hostDefaults {
|
||||
ful = {
|
||||
nets.retiolum = {
|
||||
aliases = [ "ful.r" ];
|
||||
ip4.addr = "10.243.2.107";
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIICCgKCAgEAwoaPWvnl+g9KYh8coXj/RAaxGHEtbuTG2NpWxbeJG0CemxBoYz2c
|
||||
EE/2JbGRrSaNj3nrFWBTqmTuEB7nHyurFe06G0t+Or5eCBPg2zS5LiQE/LTZV08t
|
||||
5jUm0jfOQHWbtCMrFGisH9R9Z3XId5cJGN1KsYg4R9RkKIKVVhKJ7maBWbsc+V5G
|
||||
LxKEdDL7T4AfesQzzlAYUQ/s+zHlwJ2fyl3NrBg6Nc27C2A2g9pefhJbn0h8lWdn
|
||||
I627DIrjDMvoSTiF1MKD/N4bXbF665gflUxbI5DTTHCtWf+0lP9i8mXP0kXQU4By
|
||||
2QLdcpQzlHgnprI+qio1ioKuojcPcryYaOnpQWFHL6AqHzkRJRpMLPBhgQPbpz1v
|
||||
BaShxGBasSHO+Htw5PbwrNwWvU8eH5joRQu3PBgzATS9M91RN58i03u2oQMt3Qif
|
||||
e5USnfk3iYir/qkJWJk8m2kveZy0giI8AaRISu0jXNsB8euQXP2dxTKIF3BPEi5m
|
||||
MZKTGTS4Tz3alpHWaeJtfJT0ihq4HME91rTKgP+CIHWYR4hmTPyYgrX0mm2MN+wi
|
||||
G4vJXtcmBaCdcQZ1buCBVWJCUJ0bWZ3Fs4Ohjw6bP3iyb+Q5UOcXNyOi5NpaUbAi
|
||||
47F5O6hvEWPxHRhvPD/9NASjRSxaUDbBVj5lieUXCHnhMSAHo1H3kHMCAwEAAQ==
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
tinc.pubkey_ed25519 = "id5vF2fBwUCMrT5HLvIpeXmvQMQoksUBYXOdc9RyOUF";
|
||||
};
|
||||
};
|
||||
kabsa = {
|
||||
nets.retiolum = {
|
||||
aliases = [ "kabsa.r" "kabsa.kmein.r" ];
|
||||
|
|
179
krebs/3modules/external/mic92.nix
vendored
179
krebs/3modules/external/mic92.nix
vendored
|
@ -163,6 +163,7 @@ in {
|
|||
rauter = {
|
||||
owner = config.krebs.users.mic92;
|
||||
nets = rec {
|
||||
internet.addrs = [ "rauter.thalheim.io" ];
|
||||
retiolum = {
|
||||
aliases = [ "rauter.r" ];
|
||||
tinc.pubkey = ''
|
||||
|
@ -472,6 +473,7 @@ in {
|
|||
rock = {
|
||||
owner = config.krebs.users.mic92;
|
||||
nets = {
|
||||
internet.addrs = [ "rock.thalheim.io" ];
|
||||
retiolum = {
|
||||
aliases = [
|
||||
"rock.r"
|
||||
|
@ -802,6 +804,26 @@ in {
|
|||
};
|
||||
};
|
||||
|
||||
mauricehome = {
|
||||
owner = config.krebs.users.mic92;
|
||||
nets = rec {
|
||||
retiolum = {
|
||||
aliases = [ "mauricehome.r" ];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIIBCgKCAQEAwFmnVmH2n3sa/iJE1u7kSWHMW2nx66wnq7ZA2XF5Wt1hiky4BKBj
|
||||
jxIIdXHlSmARhDSCMgBKl9Z6/8PsmCK3xEO8q60oTsT8PQIhN3eSF8n92iK3dyKx
|
||||
PyUsUUHjkqkNtmo/M70T4gAEuB1b/QRkATco/pTv+lMVkYdIydtdALjSxU0YrTiz
|
||||
J5Ntsngi9+yUJ5g3r/lCuWobKxd5Dlsx3nXg81jTsp9hlXW2HC0XTbOSyH2NC36C
|
||||
97Kgx2T25cG/FPhtQztQOems+FhbyJTFyZTGa8v/5rXeJlwcVFRh8sZ7E5yPzbJV
|
||||
ZlBaorcpRtx8NY4jd8FnZftHF0BeAQJoYwIDAQAB
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
tinc.pubkey_ed25519 = "ohFUBMdmgS/DMe24sZ1+jNWzx65jCxto9pVjPnYIqzL";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
mickey = {
|
||||
owner = config.krebs.users.mic92;
|
||||
nets = rec {
|
||||
|
@ -890,6 +912,163 @@ in {
|
|||
};
|
||||
};
|
||||
};
|
||||
|
||||
jackson = {
|
||||
owner = config.krebs.users.mic92;
|
||||
nets = rec {
|
||||
internet = {
|
||||
# jackson.dse.in.tum.de
|
||||
ip4.addr = "131.159.102.3";
|
||||
ip6.addr = "2a09:80c0:102::3";
|
||||
aliases = [ "jackson.i" ];
|
||||
};
|
||||
retiolum = {
|
||||
via = internet;
|
||||
aliases = [ "jackson.r" ];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIIBCgKCAQEA11g2uc9+tw1Bmvs4U6gsyimZ1hR1rnWTJw8CDRw6t7gx0HhRnRgB
|
||||
0Fv11KjFGbImrcZ1wxCOJA+RQise18YnlpWIwYf/nDPGR21a1wcg3ZxVRa3/UQzb
|
||||
pvbTFqK9NpPt7ENWs25ZLnatTFfc+D3kfoUSrwIVGKAaM87GlMkTH3FsARo4xj6H
|
||||
NJeQ2snOIbLQ3xXQm3oZ5YN4CN30mtrcae+jIMlKnagBuDjP9UZ73GLHu1gJAPb6
|
||||
iXdBK6/UTGY9uYKNHXnpf11I4rPSPK1r/6KxS1sX65hh4BT5Fs5goRhVqIeeICVJ
|
||||
Ufnwj7se3Ao24nLXyTRmVXaTEVN/AqPyyQIDAQAB
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
tinc.pubkey_ed25519 = "cjYmx4Bb0JjogXNov+wSiPPIHM06n1jQnPJbP/E1yRN";
|
||||
};
|
||||
};
|
||||
};
|
||||
adelaide = {
|
||||
owner = config.krebs.users.mic92;
|
||||
nets = rec {
|
||||
internet = {
|
||||
# adelaide.dse.in.tum.de
|
||||
ip4.addr = "131.159.102.13";
|
||||
ip6.addr = "2a09:80c0:102::13";
|
||||
aliases = [ "adelaide.i" ];
|
||||
};
|
||||
retiolum = {
|
||||
via = internet;
|
||||
aliases = [ "adelaide.r" ];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIIBCgKCAQEAzxKKd1dV+XDUV8pHqkAtbLcwEZVsf0kK+y5X/zbZcXEZhQQv6/dY
|
||||
YJRoNG3lo8+7FMwYO2b2uyIkO1PopsORMAA2vIFaKJ2Qnt7byuIQ6n9CafIADx1M
|
||||
dVf+cwUhY8IVIX2ndz9pIAY8NhmzEcjG5vGKxRqev1zNwa1LtsLDLObhkKYznM6y
|
||||
HV5F92GONMeNOovHCxIYsSJ8jLn8BB60toADzocgzKvCiEw4IwKnzL/au9RGY4Xi
|
||||
25YXBzF5ai84e+HyaGGGD/qa4SqL9/jCkDB7QAwRqb01wGhtTLty+ubjzh1HF3am
|
||||
zpizPVNwBTqHW1S3W1i/yi5a5w4D/zdrRQIDAQAB
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
tinc.pubkey_ed25519 = "YzB5BqgIQ4f209B2KhpdHu6gRYj5IS64zy1wneq/yiG";
|
||||
};
|
||||
};
|
||||
};
|
||||
christina = {
|
||||
owner = config.krebs.users.mic92;
|
||||
nets = rec {
|
||||
internet = {
|
||||
# christina.dse.in.tum.de
|
||||
ip4.addr = "131.159.102.14";
|
||||
ip6.addr = "2a09:80c0:102::14";
|
||||
aliases = [ "christina.i" ];
|
||||
};
|
||||
retiolum = {
|
||||
via = internet;
|
||||
aliases = [ "christina.r" ];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIIBCgKCAQEA2pP2uCuvFWKfUwYIOcmPkqG8q/rNNyfw9C39tIC0VsDD6WJ0I7xZ
|
||||
S57AiG4j6OZwbv7/89qAR94SM4Q9LgmVHhUHf06gPhO0MTVNt0N1PrOnfxeCOlgK
|
||||
aH6DWZVhiwwiYwAJ55CVNFSkuL7/FtJAkAXmP0Y+xmn0mi1GpMa6RfSazqNPkXik
|
||||
HdB7u96D7Ul75yPdTDi0dvMvCxQGo4PQBctheNPY61s7P1/7tRhBT+22iJn3v2Bc
|
||||
Q9qLa6WuGIuFYCxT7GDGrKVu+V9VhFJe42p8yyIscqFagc61C/whN6v7eOh22gSR
|
||||
8EbaexJIQ5xl8ZIJto+fr8MvYAQR4FpopwIDAQAB
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
tinc.pubkey_ed25519 = "/W10YGvcWZnVxCB6pxsC2D5A7QMk1Aw81YWi1p0Ex9O";
|
||||
};
|
||||
};
|
||||
};
|
||||
wilfred = {
|
||||
owner = config.krebs.users.mic92;
|
||||
nets = rec {
|
||||
internet = {
|
||||
# wilfred.dse.in.tum.de
|
||||
ip4.addr = "131.159.102.15";
|
||||
ip6.addr = "2a09:80c0:102::15";
|
||||
aliases = [ "wilfred.i" ];
|
||||
};
|
||||
retiolum = {
|
||||
via = internet;
|
||||
aliases = [ "wilfred.r" ];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIIBCgKCAQEAtQMC/LTfesg49VU06TFt3ikA9cdXuWzvg1FkCo6yXBlQt8fLFYg1
|
||||
YBthh7W6CZYJwf6lGXUBtCiOnxidoQ89Fq61AQGGYzW8G/vqHwFaPGHQ42Eru+XG
|
||||
RDi7ZjqOibdTemahX7gcDk6irB9WbkuXIS15n5FdQHhmjiun3zaEMoWpyiSM1HFQ
|
||||
UfJLI8pRtB65RTdT3yp8XMASldTAlSlFj2AYlDZkgcRYLZuVWb/Wz7EewG4SiB9T
|
||||
wZ1pUIhdnGNdb37S/VIjMPavaV4HK7u7awqwaaIRUYwWloCo8LGRDCXa3iEMql7J
|
||||
tI4iMEsmjHi8P5mQp4ZwwNLWucdM9+Wt6QIDAQAB
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
tinc.pubkey_ed25519 = "5dMnJmUDmCnN/3dc7fTPlXweMmbs6W+VgSgZi+p+u2B";
|
||||
};
|
||||
};
|
||||
};
|
||||
river = {
|
||||
owner = config.krebs.users.mic92;
|
||||
nets = rec {
|
||||
internet = {
|
||||
# river.dse.in.tum.de
|
||||
ip4.addr = "131.159.102.16";
|
||||
ip6.addr = "2a09:80c0:102::16";
|
||||
aliases = [ "river.i" ];
|
||||
};
|
||||
retiolum = {
|
||||
via = internet;
|
||||
aliases = [ "river.r" ];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIIBCgKCAQEAumAOQf8/nv2Ml082e7fgoicoQ7stspsx8v1bkoubW9yq/LbdcTki
|
||||
cP6uZkLBXgd9cPq4vhSso/kaGn6UzPWeUCLv17gPn6jFlB1AYN6mJNLOxJyotajc
|
||||
78SyqzDyZ4iA0W44w98ic5yWQ/uaF3q3npFlHtAN4fD0aw50uR+2TgH5zCB8iNul
|
||||
CNIRWU9sp1t6VFYSN49tcqZ4j6jb6q/MyH5o5WLPasnq0SzQd09rnhUax7QLbIBP
|
||||
iNBYLOFYMYmoN1WlPwZf1Dt6NeFGyNn5aWE3xtOG6FYwzzCEXYOxxdXzuL5Mmiv9
|
||||
6d71+XWEAzNT9OQB3oGCLAamT+9le7SqnwIDAQAB
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
tinc.pubkey_ed25519 = "gcgEqGyhO4S7Q44vID/cpbbVaLSNYov97oGwa3pSI4N";
|
||||
};
|
||||
};
|
||||
};
|
||||
jack = {
|
||||
owner = config.krebs.users.mic92;
|
||||
nets = rec {
|
||||
internet = {
|
||||
# river.dse.in.tum.de
|
||||
ip4.addr = "131.159.102.17";
|
||||
ip6.addr = "2a09:80c0:102::17";
|
||||
aliases = [ "jack.i" ];
|
||||
};
|
||||
retiolum = {
|
||||
via = internet;
|
||||
aliases = [ "jack.r" ];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIIBCgKCAQEAx5ROeRs0CxD2IPfkrFB4O03/Kf8Ajjmd/J1gpCvHROKL+gDvaCO1
|
||||
68RbTdC1f5K6Dwc51oX87XisrD435aNCqnlE8fw1X8ZYLKRlZmLDBJGSupm35jj3
|
||||
w80L9OTK07I3cK6AqCfRWyI9Ja6J9PGOT95h8OtiAPlYssEkSqGJrtwe61V5rq1A
|
||||
st7khZO0b+xYsr+ZgOVuZMDAco9DwG7NFfpWkzAgTF6q0a+kdjFrFb6SaeJJf12t
|
||||
WUGWEkaTP5iLQ/h3M+a7MH0Col+aPNEWE4ycqZR9U3E4pMqoD7tjkYdYtv9kR/j+
|
||||
ZtN2Vlw+hKC47DA3zRNRcg7DC+FFDNFaYwIDAQAB
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
tinc.pubkey_ed25519 = "vmtUoblzicabsNFu7u889cF9pgBKoJpHHIhY8Y/eQgC";
|
||||
};
|
||||
};
|
||||
};
|
||||
hal9000 = {
|
||||
owner = config.krebs.users.mic92;
|
||||
nets = rec {
|
||||
|
|
|
@ -160,6 +160,46 @@ in {
|
|||
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAcZg+iLaPZ0SpLM+nANxIjZC/RIsansjyutK0+gPhIe ";
|
||||
};
|
||||
ponte = {
|
||||
cores = 1;
|
||||
owner = config.krebs.users.krebs;
|
||||
nets = rec {
|
||||
internet = {
|
||||
ip4 = {
|
||||
addr = "141.147.36.79";
|
||||
prefix = "0.0.0.0/0";
|
||||
};
|
||||
};
|
||||
retiolum = {
|
||||
via = internet;
|
||||
ip4.addr = "10.243.4.43";
|
||||
ip6.addr = "42::443";
|
||||
aliases = [
|
||||
"ponte.r"
|
||||
];
|
||||
tinc = {
|
||||
pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIICCgKCAgEA52Glj/C85oMy3cnaRAtg2qkleaJFWiqwaQNUsk4JgX1PwZJ8aInD
|
||||
YAMXj0H0wz7h3mh5QVRDq4i11LXOIy1P6J6QAvb3lssYnFfJkR9j/dArCIFsEhHf
|
||||
V41E4KMcHV9t17xO6wQitXqzvcmxodxly8qAx1k7ddlGdQPTWXVvQTRgWBwm9oQ9
|
||||
w0d5p2fej/E5iOmbLyVjiJ72rFJIQdfPo782W78ZQftMSXsnyrr5OJu1b4qsga1Q
|
||||
fYiAKjNE29OPiw5hLy9W/jLJMm0eR94LpUy0MZ5hYkYmvII1TqIqxVgj48gYfJ5v
|
||||
QCjU9R2H5pUNfDiYutCqscRn5YDe44dcYBeG8Rkf0i4BTdqiE7h1AIciccXsJddt
|
||||
HFxbWqi3HDoWlo7cFK9vYVUi4jgQP5cUVP85I43aDu3S3M3mszk1nyP+gDobE5Z9
|
||||
jPGckgn7wTYXlDioIlExJJ6FCaSWSxvh0Zh0HDrTD+WKP6qJ2aYnAz2xptiQGNCu
|
||||
rYEvFoWd5T7VMzI02Z2hCiE2fFWlH63Am1tKspFKl+lHjwMrwcwFA5WoNHCeXx2X
|
||||
S1T3I7P4SkRZervYJ55wQxCBKLgvZP2I1J1JzMkyuTszg9tex14MdVdZZrKXVrnr
|
||||
exCMJruliLbZmtrbHHTXoCngppylnJOxKXpfpogLTZzLGncO6Ry5G18CAwEAAQ==
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
pubkey_ed25519 = "0l+q3Bg5gYcw8VDjSYV7+wVSO3t4Es5jizAYJ9UR8cA";
|
||||
};
|
||||
};
|
||||
};
|
||||
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJEw9fo8Qtb/DTLacdrJP7Ti7c4UXTm6wUUX+iRFweEo ";
|
||||
};
|
||||
puyak = {
|
||||
ci = true;
|
||||
cores = 4;
|
||||
|
|
|
@ -129,6 +129,7 @@ in {
|
|||
"c.r"
|
||||
"p.r"
|
||||
"search.r"
|
||||
"radio-news.r"
|
||||
];
|
||||
tinc.port = 655;
|
||||
tinc = {
|
||||
|
@ -875,12 +876,10 @@ in {
|
|||
lass-blue = {
|
||||
mail = "lass@blue.r";
|
||||
pubkey = builtins.readFile ./ssh/blue.rsa;
|
||||
pgp.pubkeys.default = builtins.readFile ./pgp/blue.pgp;
|
||||
};
|
||||
lass-green = {
|
||||
mail = "lass@green.r";
|
||||
pubkey = builtins.readFile ./ssh/green.ed25519;
|
||||
pgp.pubkeys.default = builtins.readFile ./pgp/green.pgp;
|
||||
};
|
||||
lass-mors = {
|
||||
mail = "lass@mors.r";
|
||||
|
|
|
@ -1,51 +0,0 @@
|
|||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
mQINBFr9fAEBEACz2E2E7uBulVBBtPmk9IR2yB+uAWSe8Hi7vNiGc1Dbs40jzWuy
|
||||
AqouqyC5xnVw66+cQaYOsgXiwencmu/cFEV2x2uRLDVh1E/fvc8yxAOizEIY0jm/
|
||||
WZ/4IWvTZLVPF3BOhM4p/HGNbdZhRc4RoljLTB34VuY1KSMhs3Vx7n3HgZzdbD7D
|
||||
itUFU4oY5CnkQp4yl1Htat08cZmbD51VTZB1hDw2Uea+VuMQ/ImRtTqW+Ss4xyPA
|
||||
DwUE/vRM3CKwBvcjbNL3uUqc5dtZuvruuFeK3ScmdNLytcgXqJzLlwuzHmSt/Tnc
|
||||
DQZWKGiHnMvrAOkMEvsmiKhboWSAq4sRUPhISqZ7MSvPfhaH5Gcmhi+hL8FZhGY0
|
||||
qF7MNLHoimw6MBV6FIIA0vCDn2p5Vwc7L+LqLjWqAvxdfVoeUJjUWbWWNNWg4Tw7
|
||||
9e7rAR86e4AvhCZRubRn1aOfKGF5vg/El98OeIwBFQHpr7uznKfjmAEpoGveV+vG
|
||||
amptMCBAr4Hw76U708XWOQkZ2GDY9cfdxUllhAmmPrNQ/OcT2b4x0xKvMi4nA5G8
|
||||
PBOFErkS61zNxsHgpFe2isG+VDqYLfeQhOdB101Qn6IHw3KxyW85CwImUpdRLMUi
|
||||
0wtcA7M5GB94HRZ8qW6LtFBjwqm2NGudB0alfIWIq7KuRMXus3sJKQ2gDQARAQAB
|
||||
tBlsYXNzQGJsdWUuciA8bGFzc0BibHVlLnI+iQJOBBMBCAA4FiEEuOpc8JA44Pd5
|
||||
NXyK8UJeZkL6H7wFAlr9fAECGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQ
|
||||
8UJeZkL6H7ygPQ/+JydbB0IX64ojm34YaeWKVdM5D7JFBdNuKgbAMf0Uhcja6YcU
|
||||
0YRvuOPpw4lNZqV/1yxDXGHJrVfGolq6uz28oWr+9VUD8QXH9ODm1EMLsU8Jb1Nh
|
||||
SE+rWSAhEmdw8l9Bi12wq4v/z/JC93/VJLnBGOL8LDEsJ9OatUw71KIt/a50ERoz
|
||||
uCZbMeLPym8WqSK1kjQehL5pj97BzxmBNpFYwqaniTAuqTN6bhs2ws+k89vjaWIP
|
||||
T+bEqsJV/vR9KZcNlmKlTQwbsjQ1BZ9EuV4EBL6IAMrqxDeY3mFnT+EpkabfIVSh
|
||||
38KmG+4PZDXaj6rCsrsH2pUKaZ/Z6Mr3lmFb/1aaK3xKiQyxcMrbcixIIVI8ihTM
|
||||
HUC3DFFlA7+02b67QomWFLRiZid4gCry7xhZyryQJkN2l20fzRjWf0myzcPO0qxc
|
||||
y39gUyEqy1oeaffCc1QgDJH2Hvf+P9StyMZIulNuCKJ9tfQR5nkkDAy/2p405Lmf
|
||||
mdKOMha6bZ+mA5HbmjMqwyFPHEtU6t/mUhlh7mYqNYAJikuqV00N6nTKVrBb2IfK
|
||||
atoHeUcmvMWBGL7+x3zxwf2pnum6a5iDES2ir87ltOGKGDeMt2Y/Ap30P+uZGnn1
|
||||
AiRu2bGkCiQ/WH1StJhAhJeleUfdbOa7/voc14nl3rewqyhqYd8dlI+TWAu5Ag0E
|
||||
Wv18AQEQAOFMwY2ky5TyRrDqJosq0y/9+8D6RiXlyOnyTQ+bqu4mDEaVu3xNcKLH
|
||||
CQsTM7gDR9pivapoDo84CK8w519DHCA2EpNGTDO4twcQ3jKqPth809LnibwdKJCe
|
||||
qsfxsIfN8LbpKDOygZ2av11gcT0ye9uOMkiiRSE2MMGDU/50sskecavUAExDgwFs
|
||||
v72ReU3fXRfTqYT6p/i/qMB7GbS8PlKFz61JKHDceS5GJUZJ5OWOoq7ZMCz6zrLW
|
||||
2mQIJ7kblGCJKUnx/lZ5y9nqSCk7jer2qENxWNPOCwD48A78u1Bz8xSN5D1gFO3f
|
||||
YSKh60kK5UljwkvRD7NvAcg2ifwL1e+/7v8WV9OsHDUBEiJO05tsjJ76QwHnEq6j
|
||||
4peArcTAHWZ4uGncAgYN/Uii+0vs3oVDsZ9d2uLJxuR3h6T4XVejeuZ3j3o/XX/E
|
||||
aZwcdH3VpKqEjdG4c4TMz96bN7ZN2DbgTf40rwPFKgWnvhCA9dWlmfy9pW2z2hyg
|
||||
rJaRGXd/4znj5YlMliDrL4/Yp9j1J1CsoZM68er6/zMU1SA9U/y+MVqMoPCPlczx
|
||||
mbwWQm1JH6fZv2SzHbZOrZYWKVWX+jPZQV6SjKwSiVrLlZJ0Z8u00HBRRRzXLwXa
|
||||
OLL/dGP1v+msMv1oCJT1AsMcBEE3bY1efnDP1XK8vBLzoMKGS1RtABEBAAGJAjYE
|
||||
GAEIACAWIQS46lzwkDjg93k1fIrxQl5mQvofvAUCWv18AQIbDAAKCRDxQl5mQvof
|
||||
vOC1D/wO+tGKz/y5dc/ifJGTndxoHnU8tarboDll0kcdpTGU7It+ReNustqJZj5v
|
||||
HK4V/ZXUw5+y6ZasNa/mFYY8oACOI40SlMdyt708XfPqYKXOpnM0oGRGfALi+oKg
|
||||
iIzYtXsqYk5ZYSFWpgxajHef9HMmHNJ8riSVRugUPubPMKPR65DOXl+BdVIlQw7o
|
||||
2g3s4Lii0IRKov3BvB51oJMhRK2Ne55VDBid32oIoqXLXS2E2gJQegioAiDUA5J4
|
||||
1f96RCeYfxOgaPj/o4eiXK0H3owA3W78/tIjq5218PCIYFsOKPhrSqJ7ZF/5yGwW
|
||||
ppVzsaz1sE9oULR0VOFUwjpYmyH32WwKkLF6mKumb8Q7Pd/FJq0I3/kxD/OrlNVZ
|
||||
8UCX0CzxMyfEeSUfScunKLMfopEGxXTR4l8jew7CwxX08H0nkqyegDZSN8MjYxQL
|
||||
V/zoL+aPjYh1WYf1L8wyBZjQbA6khHwYRZPaHrGfGaCGC8MHiSjPb/nt54+vZXtt
|
||||
17LcX4VvHwWIBf88JpZO9eyTFPdYIZANSyo6ltbRoomuAywuA5IibCwh/BXi/aVa
|
||||
Jro4UvbiwMqbVgSAt15VAwEK1Re/NNLBTcVVMHsWr5WNmo0s2C7+j+iIMPEOwhRs
|
||||
ZFj74cztyOF/dGeCv9ycW29g+ejXaPpFOYQz0A9bBdkEdTGWhQ==
|
||||
=D854
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
|
@ -1,40 +0,0 @@
|
|||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
mQGNBGAMS3EBDACzbsaP9nhJ8GrAk5JLlz+ruDbEGuvJXvh+spVq9i9TCCGAraPo
|
||||
z8Tmgsw6SJhJMW/170OZJ+GMMEDRpRbvh8tLZ0jsTIwINasRjC68tF9dgjjPZdNN
|
||||
cVOpFw4Wf4ueMmoEG/9Xyehm+YEJFTj5wul2uJtfj5NJB43daDn4e3ieGExd+zE0
|
||||
FTP4yAmxVMbN4BiyZPX7CxeTzJS0g4aVnMq9RqtYbxd1Uv++LmPh1ZkEyNNKItfC
|
||||
nRFeZzjhnmD7LvwsixE2ENnbiL9Ho7Mc4C7kRKSJ+LvXH6ChJJtDy9ApVA+u90i5
|
||||
Rd7y9rdzFY+NCHusWg0/U/t2FoLc/hRa0eLE1KFtzWzH35TMl8R/7NrPztTwT/fH
|
||||
xt3qSiwMUvH9X9TGvh5N0WwqgtEe6mpZvpq+4gyOiyA+EwE73rnxG2DzmM6CFHyo
|
||||
Qm/OOfjuFH+l0PkAqti+f41SqlEOiOAAFzgz7gaTdJ8gXs8piOGxk4U5EK/p1OTW
|
||||
4e6DrxqcxmHgoAUAEQEAAbQMbGFzc0BncmVlbi5yiQHUBBMBCAA+FiEE6Ed5jGI3
|
||||
gop09K1NMwheLc2Sjz0FAmAMS3ECGwMFCQPCZwAFCwkIBwIGFQoJCAsCBBYCAwEC
|
||||
HgECF4AACgkQMwheLc2Sjz0otwv+I8Sw0ENqy6SsrZSGDtmhAouCeTIUseRQ66tp
|
||||
UFnxDVPYhhdM2ubTtIqOfx20Xdy/7N/POyYMJ5VR+IaFcB9wUlrhdjwUlCtoUipx
|
||||
EycZloccMPGySxAxR3Kcy/SFzUKWwQ10/mfSQg/4+vYayZNuSvEpviMEZn0prpmw
|
||||
jwFJcHOu0NL+7eYULMdit1BDaZfBaAu/otKn18878+0hVimyjW27564uXtJYnbf1
|
||||
hUVGvPLaSo74XBFra+kujcA3zIjWiPn6dRA5dzLrRRkb30Unl1+0a9QwY3wd3vCV
|
||||
UHWSgDNaV+o7yPTuxoMsfrxHPAc3JlaKM6ka/EdK04tbgMH/N7FHXqDqCEIBWML4
|
||||
1/+HxkP2UW59zLefQwvBqWcF6bA7kgHGhIDkg1yg7ygP0t2mH6ktuEAYYr24BFx7
|
||||
b8nK/jhK+rp3LomLTLQ6e/6mikfoDr636sB1/Bc+pTdWsJnuQTzaWBDloVEr/2hz
|
||||
/K5+wH2kgSKaWYUtaR6wiMbVKq3HuQGNBGAMS3EBDAC1xQNCJD3hlnihHBv7jxfH
|
||||
CI5HdnUEh1eP8mUKjSE+Z0xGEMq8Z9sbTHQxtDdmC4ZOq1Kkt2LmtQQQAIH+Qnu6
|
||||
RYFOAPRmegouIxg4S3eTPZhZRo1ZqCphqbL2mQ9ifNrG3VVvQGXNvjo3Cuwj0uzx
|
||||
EDtOilKEtHZhG0cfehGV+nO1n/g50EQMC7JkFWnryxVL8i4l3KstOdj+LcIT6c27
|
||||
EE2fzOUekeltBHGRFSM1Yzmn2lxruuK4I8zoiqak2St1788ay//F9tiZPfhWRb6+
|
||||
DF+JgRLCXatqTJppPpkui1irw6jN5ZabjyS7GBtH+5wpnvuMEMr484OXEg17VnCd
|
||||
Tx/RTLyjfffDtTkC4M7oiAr5SUbkJjVkEuwjxp1N19epD8gzrBQC2W7XKM3z+mtG
|
||||
ZLJtiW5hM+QylMv7VWxbQ21ObJmUqBQUZLPlpl3dlGU/ILw3U4urBibD9oPT2QAX
|
||||
J6Db/STyl6w0bzRbMJmaEM4P0FcdEKTuw7tOpl5zBUkAEQEAAYkBtgQYAQgAIBYh
|
||||
BOhHeYxiN4KKdPStTTMIXi3Nko89BQJgDEtxAhsMAAoJEDMIXi3Nko89yc8MAJKg
|
||||
M5lbA/PJYlIju/qWKWt7yZbsIGuDfmuKfYftjXDOqskEqDyYgr31Txd43bWM6Ec7
|
||||
gb5JVmtzvLull0/KRwMcKAFNTXIYcb3jKpanwWRgHQlt/D6zlQula73WxwNUlZWl
|
||||
Q8FCWjGa2hC8oKlTbtzm5osdcK+YhlpTpK5y4Mrg0f9Rcd297ygFQSDInpGq7ILY
|
||||
sFat3HU7w9oPp9Q5RS8/EmrvAx1kFj9mZRs4L9inJJnHFpb1R6snojcKPwEyIWBi
|
||||
+PFZ6ns296FjW9C+Ci7C+aaAzVDM7NAwU0/EhWeDKKHITU3Zaz4gnShesKBiVxhI
|
||||
JQNFCjWlnc+o3RqbAhDQhlwFrCZWUxQi1qWy4U88IYqR9hxV0eNtGSRmwnGCT9RV
|
||||
Nxb6CjtmHpgUmzyvwBpBJya8bLYu5tCKnUodtFiq/poxEfI5WrP6pu5l648AwuPa
|
||||
ioovprweDWs38Q8wd/SuoaUtIoj378UDXq8acFvHHnOS/bBBfAE9tutY1ycJdg==
|
||||
=Fg3f
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
|
@ -8,8 +8,8 @@ mkDerivation {
|
|||
version = "1.0.0";
|
||||
src = fetchgit {
|
||||
url = "https://cgit.krebsco.de/pager";
|
||||
sha256 = "1kqd27faxinkwpxancyk0xl6n7ljlc8iqhnnq85l76bk4qi9b45i";
|
||||
rev = "f4cdf79bd4a75e9eafe68b9a908f4cc68682b7ef";
|
||||
sha256 = "1qlkhqidaa6w02ix9ambfdsm7lfyx30ap481b9ic1ppyfkhqzfp6";
|
||||
rev = "fc6105a5e7d1e3a07bf07ea85e7902dd8e9fc849";
|
||||
fetchSubmodules = true;
|
||||
};
|
||||
isLibrary = false;
|
||||
|
|
|
@ -1,20 +1,21 @@
|
|||
{ pkgs }:
|
||||
pkgs.writeDashBin "generate-secrets" ''
|
||||
pkgs.writers.writeDashBin "generate-secrets" ''
|
||||
set -eu
|
||||
HOSTNAME="$1"
|
||||
TMPDIR=$(${pkgs.coreutils}/bin/mktemp -d)
|
||||
cd $TMPDIR
|
||||
|
||||
PASSWORD=$(${pkgs.pwgen}/bin/pwgen 25 1)
|
||||
HASHED_PASSWORD=$(echo $PASSWORD | ${pkgs.hashPassword}/bin/hashPassword -s) > /dev/null
|
||||
|
||||
${pkgs.openssh}/bin/ssh-keygen -t ed25519 -f $TMPDIR/ssh.id_ed25519 -P "" -C "" >/dev/null
|
||||
${pkgs.openssl}/bin/openssl genrsa -out $TMPDIR/retiolum.rsa_key.priv 4096 2>/dev/null > /dev/null
|
||||
${pkgs.openssl}/bin/openssl rsa -in $TMPDIR/retiolum.rsa_key.priv -pubout -out $TMPDIR/retiolum.rsa_key.pub 2>/dev/null > /dev/null
|
||||
${pkgs.tinc_pre}/bin/tinc --config "$TMPDIR" generate-keys 4096 >/dev/null
|
||||
cat <<EOF > $TMPDIR/hashedPasswords.nix
|
||||
{
|
||||
root = "$HASHED_PASSWORD";
|
||||
}
|
||||
EOF
|
||||
|
||||
cd $TMPDIR
|
||||
for x in *; do
|
||||
${pkgs.coreutils}/bin/cat $x | ${pkgs.brain}/bin/brain insert -m krebs-secrets/$HOSTNAME/$x > /dev/null
|
||||
done
|
||||
|
@ -31,9 +32,12 @@ pkgs.writeDashBin "generate-secrets" ''
|
|||
aliases = [
|
||||
"$HOSTNAME.r"
|
||||
];
|
||||
tinc.pubkey = ${"''"}
|
||||
$(cat $TMPDIR/retiolum.rsa_key.pub)
|
||||
tinc = {
|
||||
pubkey = ${"''"}
|
||||
$(cat $TMPDIR/rsa_key.pub)
|
||||
${"''"};
|
||||
pubkey_ed25519 = "$(cut -d ' ' -f 3 $TMPDIR/ed25519_key.pub)";
|
||||
};
|
||||
};
|
||||
};
|
||||
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||
|
|
|
@ -5,6 +5,13 @@ emptyok_response() {(
|
|||
printf '\r\n'
|
||||
)}
|
||||
|
||||
not_modifed_response() {(
|
||||
printf "HTTP/1.1 304 Not Modified\r\n"
|
||||
printf 'Connection: close\r\n'
|
||||
printf 'Server: %s\r\n' "$Server"
|
||||
printf '\r\n'
|
||||
)}
|
||||
|
||||
delete_response() {
|
||||
jq -n -r \
|
||||
--arg server "$Server" \
|
||||
|
@ -74,8 +81,20 @@ case "$Method $path" in
|
|||
'GET /'*)
|
||||
item=$STATEDIR/items/$(echo "$path" | jq -rR @uri)
|
||||
if [ -e "$item" ]; then
|
||||
if [ -z ${req_if_modified_since+x} ]; then
|
||||
file_response "$item"
|
||||
exit
|
||||
else
|
||||
age_file=$(date +%s -r "$item")
|
||||
age_header=$(date +%s --date="$req_if_modified_since")
|
||||
if [ "$age_file" -lt "$age_header" ]; then
|
||||
not_modifed_response
|
||||
exit
|
||||
else
|
||||
file_response "$item"
|
||||
exit
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
;;
|
||||
'DELETE /'*)
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
{
|
||||
"url": "https://github.com/NixOS/nixpkgs",
|
||||
"rev": "e10da1c7f542515b609f8dfbcf788f3d85b14936",
|
||||
"date": "2022-04-27T07:19:43+10:00",
|
||||
"path": "/nix/store/hzywi4az4ldmh416hpm4r27075qvfmsf-nixpkgs",
|
||||
"sha256": "1if304v4i4lm217kp9f11f241kl3drbix3d0f08vgd6g43pv5mhq",
|
||||
"rev": "2a3aac479caeba0a65b2ad755fe5f284f1fde74d",
|
||||
"date": "2022-05-09T07:45:23+00:00",
|
||||
"path": "/nix/store/56hy8l0ky71qdx5zibjzzg0q8ivkk7vc-nixpkgs",
|
||||
"sha256": "0px2fk64s56qxd8ir8xg8bsj5yz1w399ps4xfkyx29n2ywp9ar7c",
|
||||
"fetchLFS": false,
|
||||
"fetchSubmodules": false,
|
||||
"deepClone": false,
|
||||
|
|
|
@ -113,8 +113,7 @@ with import <stockholm/lib>;
|
|||
}
|
||||
<stockholm/lass/2configs/exim-smarthost.nix>
|
||||
<stockholm/lass/2configs/privoxy-retiolum.nix>
|
||||
<stockholm/lass/2configs/radio.nix>
|
||||
<stockholm/lass/2configs/radio-news.nix>
|
||||
<stockholm/lass/2configs/radio>
|
||||
<stockholm/lass/2configs/binary-cache/server.nix>
|
||||
<stockholm/lass/2configs/iodined.nix>
|
||||
<stockholm/lass/2configs/paste.nix>
|
||||
|
|
83
lass/2configs/radio/controls.html
Normal file
83
lass/2configs/radio/controls.html
Normal file
|
@ -0,0 +1,83 @@
|
|||
<!doctype html>
|
||||
|
||||
<html lang="en">
|
||||
<head>
|
||||
<meta charset="utf-8">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||
|
||||
<title>The_Playlist Voting!</title>
|
||||
<style>
|
||||
#good {
|
||||
display: block;
|
||||
width: 100%;
|
||||
border: none;
|
||||
background-color: #04AA6D;
|
||||
padding: 14px;
|
||||
margin: 14px 0 0 0;
|
||||
height: 100px;
|
||||
font-size: 16px;
|
||||
cursor: pointer;
|
||||
text-align: center;
|
||||
}
|
||||
#bad {
|
||||
display: block;
|
||||
width: 100%;
|
||||
border: none;
|
||||
background-color: red;
|
||||
padding: 14px;
|
||||
height: 100px;
|
||||
|
||||
margin: 14px 0 0 0;
|
||||
font-size: 16px;
|
||||
cursor: pointer;
|
||||
text-align: center;
|
||||
}
|
||||
</style>
|
||||
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<div id=votenote></div>
|
||||
<button id=good type="button"> GUT </button>
|
||||
|
||||
<button id=bad type="button"> SCHLECHT </button>
|
||||
<center>
|
||||
Currently Running: <br/><div>
|
||||
<b id=current></b>
|
||||
</div>
|
||||
<div id=vote>
|
||||
</div>
|
||||
<audio controls autoplay="autoplay">
|
||||
<source src="https://radio.lassul.us/radio.ogg" type="audio/ogg">
|
||||
Your browser does not support the audio element.
|
||||
</audio>
|
||||
</center>
|
||||
|
||||
<script>
|
||||
document.getElementById("good").onclick=async ()=>{
|
||||
let result = await fetch("https://radio.lassul.us/good", {"method": "POST"})
|
||||
document.getElementById("vote").textContent = "Dieses Lied findest du gut"
|
||||
};
|
||||
document.getElementById("bad").onclick=async ()=>{
|
||||
let result = await fetch("https://radio.lassul.us/skip", {"method": "POST"})
|
||||
document.getElementById("vote").textContent = "Dieses Lied findest du schlecht"
|
||||
document.getElementById("bad").disabled = true
|
||||
window.setTimeout(function(){
|
||||
document.getElementById("bad").disabled = false
|
||||
}, 100000)
|
||||
|
||||
};
|
||||
|
||||
async function current() {
|
||||
let result = await fetch("https://radio.lassul.us/current", {"method": "GET"})
|
||||
let data = await result.json()
|
||||
document.getElementById("current").textContent = data.name
|
||||
}
|
||||
window.onload = function() {
|
||||
window.setInterval('current()', 10000)
|
||||
current()
|
||||
}
|
||||
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
|
@ -105,6 +105,10 @@ let
|
|||
'';
|
||||
|
||||
in {
|
||||
imports = [
|
||||
./news.nix
|
||||
];
|
||||
|
||||
users.users = {
|
||||
"${name}" = rec {
|
||||
inherit name;
|
||||
|
@ -161,14 +165,14 @@ in {
|
|||
|
||||
output.icecast(mount = '/music.ogg', password = 'hackme', %vorbis(quality = 1), source)
|
||||
output.icecast(mount = '/music.mp3', password = 'hackme', %mp3.vbr(), source)
|
||||
output.icecast(mount = '/music.opus', password = 'hackme', %opus(), source)
|
||||
output.icecast(mount = '/music.opus', password = 'hackme', %opus(bitrate = 64), source)
|
||||
|
||||
extra_input = audio_to_stereo(input.harbor("live", port=1338))
|
||||
|
||||
o = smooth_add(normal = source, special = extra_input)
|
||||
output.icecast(mount = '/radio.ogg', password = 'hackme', %vorbis(quality = 1), o)
|
||||
output.icecast(mount = '/radio.mp3', password = 'hackme', %mp3.vbr(), o)
|
||||
output.icecast(mount = '/radio.opus', password = 'hackme', %opus(), o)
|
||||
output.icecast(mount = '/radio.opus', password = 'hackme', %opus(bitrate = 64), o)
|
||||
'';
|
||||
services.icecast = {
|
||||
enable = true;
|
||||
|
@ -227,7 +231,7 @@ in {
|
|||
|
||||
systemd.services.radio-recent = let
|
||||
recentlyPlayed = pkgs.writeDash "recentlyPlayed" ''
|
||||
set -xeu
|
||||
set -xefu
|
||||
LIMIT=1000 #how many tracks to keep in the history
|
||||
HISTORY_FILE=/var/lib/radio/recent
|
||||
while :; do
|
||||
|
@ -368,88 +372,17 @@ in {
|
|||
locations."= /good".extraConfig = ''
|
||||
proxy_pass http://localhost:8001;
|
||||
'';
|
||||
locations."= /radio.sh".alias = pkgs.writeScript "radio.sh" ''
|
||||
#!/bin/sh
|
||||
while sleep 1; do
|
||||
mpv \
|
||||
--cache-secs=0 --demuxer-readahead-secs=0 --untimed --cache-pause=no \
|
||||
'http://lassul.us:8000/radio.opus'
|
||||
done
|
||||
'';
|
||||
locations."= /controls".extraConfig = ''
|
||||
default_type "text/html";
|
||||
alias ${pkgs.writeText "controls.html" ''
|
||||
<!doctype html>
|
||||
|
||||
<html lang="en">
|
||||
<head>
|
||||
<meta charset="utf-8">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||
|
||||
<title>The_Playlist Voting!</title>
|
||||
<style>
|
||||
#good {
|
||||
display: block;
|
||||
width: 100%;
|
||||
border: none;
|
||||
background-color: #04AA6D;
|
||||
padding: 14px;
|
||||
margin: 14px 0 0 0;
|
||||
height: 100px;
|
||||
font-size: 16px;
|
||||
cursor: pointer;
|
||||
text-align: center;
|
||||
}
|
||||
#bad {
|
||||
display: block;
|
||||
width: 100%;
|
||||
border: none;
|
||||
background-color: red;
|
||||
padding: 14px;
|
||||
height: 100px;
|
||||
|
||||
margin: 14px 0 0 0;
|
||||
font-size: 16px;
|
||||
cursor: pointer;
|
||||
text-align: center;
|
||||
}
|
||||
</style>
|
||||
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<div id=votenote></div>
|
||||
<button id=good type="button"> GUT </button>
|
||||
|
||||
<button id=bad type="button"> SCHLECHT </button>
|
||||
<center>
|
||||
Currently Running: <br/><div>
|
||||
<b id=current></b>
|
||||
</div>
|
||||
<div id=vote>
|
||||
</div>
|
||||
<audio controls autoplay="autoplay">
|
||||
<source src="https://radio.lassul.us/radio.ogg" type="audio/ogg">
|
||||
Your browser does not support the audio element.
|
||||
</audio>
|
||||
</center>
|
||||
|
||||
<script>
|
||||
document.getElementById("good").onclick=async ()=>{
|
||||
let result = await fetch("https://radio.lassul.us/good", {"method": "POST"})
|
||||
document.getElementById("vote").textContent = "Dieses Lied findest du gut"
|
||||
};
|
||||
document.getElementById("bad").onclick=async ()=>{
|
||||
let result = await fetch("https://radio.lassul.us/skip", {"method": "POST"})
|
||||
document.getElementById("vote").textContent = "Dieses Lied findest du schlecht"
|
||||
};
|
||||
|
||||
async function current() {
|
||||
let result = await fetch("https://radio.lassul.us/current", {"method": "GET"})
|
||||
let data = await result.json()
|
||||
document.getElementById("current").textContent = data.name
|
||||
}
|
||||
window.onload = function() {
|
||||
window.setInterval('current()', 10000)
|
||||
current()
|
||||
}
|
||||
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
||||
''};
|
||||
alias ${./controls.html};
|
||||
'';
|
||||
extraConfig = ''
|
||||
add_header 'Access-Control-Allow-Origin' '*';
|
||||
|
@ -482,11 +415,9 @@ in {
|
|||
};
|
||||
services.syncthing.declarative.folders."the_playlist" = {
|
||||
path = "/home/radio/music/the_playlist";
|
||||
devices = [ "mors" "phone" "prism" ];
|
||||
};
|
||||
krebs.permown."/home/radio/music/the_playlist" = {
|
||||
owner = "radio";
|
||||
group = "syncthing";
|
||||
umask = "0002";
|
||||
devices = [ "mors" "phone" "prism" "omo" ];
|
||||
};
|
||||
krebs.acl."/home/radio/music/the_playlist"."u:syncthing:X".parents = true;
|
||||
krebs.acl."/home/radio/music/the_playlist"."u:syncthing:rwX" = {};
|
||||
krebs.acl."/home/radio/music/the_playlist"."u:radio:rwX" = {};
|
||||
}
|
|
@ -1,14 +1,31 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
weather_for_ips = pkgs.writers.writePython3Bin "weather_for_ips" {
|
||||
libraries = [ pkgs.python3Packages.geoip2 ];
|
||||
} ./weather_for_ips.py;
|
||||
|
||||
weather_report = pkgs.writers.writeDashBin "weather_report" ''
|
||||
set -efu
|
||||
${pkgs.curl}/bin/curl -fsSL https://wttr.in/''${1-}?format=j1 \
|
||||
| ${pkgs.jq}/bin/jq -r '
|
||||
[.nearest_area[0] | "Weather report for \(.areaName[0].value), \(.country[0].value)."]
|
||||
+ [.current_condition[0] | "Currently it is \(.weatherDesc[0].value) outside with a temperature of \(.temp_C) degrees."]
|
||||
| join("\n")
|
||||
'
|
||||
export PATH="${lib.makeBinPath [
|
||||
pkgs.coreutils
|
||||
pkgs.curl
|
||||
pkgs.iproute2
|
||||
pkgs.jc
|
||||
pkgs.jq
|
||||
]}"
|
||||
curl -z /tmp/GeoLite2-City.mmdb -o /tmp/GeoLite2-City.mmdb http://c.r/GeoLite2-City.mmdb
|
||||
MAXMIND_GEOIP_DB="/tmp/GeoLite2-City.mmdb"; export MAXMIND_GEOIP_DB
|
||||
OPENWEATHER_API_KEY=$(cat "$CREDENTIALS_DIRECTORY/openweather_api"); export OPENWEATHER_API_KEY
|
||||
ss -no 'sport = :8000' |
|
||||
jc --ss | jq -r '.[] |
|
||||
select(
|
||||
.local_address != "[::ffff:127.0.0.1]"
|
||||
and .local_address != "[::1]"
|
||||
) | .peer_address | gsub("[\\[\\]]"; "")
|
||||
' |
|
||||
${weather_for_ips}/bin/weather_for_ips
|
||||
'';
|
||||
|
||||
send_to_radio = pkgs.writers.writeDashBin "send_to_radio" ''
|
||||
${pkgs.vorbisTools}/bin/oggenc - |
|
||||
${pkgs.libshout}/bin/shout --format ogg --host localhost --port 1338 --mount /live
|
||||
|
@ -26,17 +43,15 @@ let
|
|||
'';
|
||||
|
||||
newsshow = pkgs.writers.writeDashBin "newsshow" /* sh */ ''
|
||||
echo "
|
||||
cat << EOF
|
||||
hello crabpeople!
|
||||
$(${pkgs.ddate}/bin/ddate | sed 's/YOLD/Year of Discord/')!
|
||||
$(${pkgs.ddate}/bin/ddate +'Today is %{%A, the %e of %B%}, %Y. %N%nCelebrate %H')
|
||||
It is $(date --utc +%H) o clock UTC.
|
||||
todays news:
|
||||
$(get_current_news)
|
||||
$(gc_news)
|
||||
$(weather_report berlin)
|
||||
$(weather_report 70173)
|
||||
$(weather_report munich)
|
||||
"
|
||||
$(weather_report)
|
||||
EOF
|
||||
'';
|
||||
in
|
||||
{
|
||||
|
@ -59,13 +74,22 @@ in
|
|||
startAt = "*:00:00";
|
||||
serviceConfig = {
|
||||
User = "radio-news";
|
||||
};
|
||||
};
|
||||
|
||||
krebs.iptables.tables.filter.INPUT.rules = [
|
||||
{ predicate = "-p tcp --dport 7999"; target = "ACCEPT"; }
|
||||
LoadCredential = [
|
||||
"openweather_api:${toString <secrets>}/openweather_api_key"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts."radio-news.r" = {
|
||||
locations."/" = {
|
||||
proxyPass = "http://localhost:7999";
|
||||
proxyWebsockets = true;
|
||||
extraConfig = ''
|
||||
add_header 'Access-Control-Allow-Origin' '*';
|
||||
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
|
||||
'';
|
||||
};
|
||||
};
|
||||
krebs.htgen.news = {
|
||||
port = 7999;
|
||||
user = {
|
||||
|
@ -73,14 +97,18 @@ in
|
|||
};
|
||||
script = ''. ${pkgs.writers.writeDash "htgen-news" ''
|
||||
set -xefu
|
||||
case "$Method $Request_URI" in
|
||||
case "''${Method:-GET} $Request_URI" in
|
||||
"GET /")
|
||||
printf 'HTTP/1.1 200 OK\r\n'
|
||||
printf 'Connection: close\r\n'
|
||||
printf '\r\n'
|
||||
cat "$HOME"/news | jq -sc .
|
||||
exit
|
||||
;;
|
||||
"POST /")
|
||||
payload=$(head -c "$req_content_length" \
|
||||
| sed 's/+/ /g;s/%\(..\)/\\x\1/g;' \
|
||||
| xargs -0 echo -e \
|
||||
)
|
||||
payload=$(head -c "$req_content_length")
|
||||
echo "$payload" | jq 'has("from") and has("to") and has("text")' >&2
|
||||
echo "$payload" | jq -c '{ from: (.from | fromdate | todate), to: (.to | fromdate | todate), text: .text }' >> $HOME/news
|
||||
echo "$payload" | jq -c '{ from: (.from | fromdate | todate), to: (.to | fromdate | todate), text: .text }' >> "$HOME"/news
|
||||
printf 'HTTP/1.1 200 OK\r\n'
|
||||
printf 'Connection: close\r\n'
|
||||
printf '\r\n'
|
33
lass/2configs/radio/weather_for_ips.py
Normal file
33
lass/2configs/radio/weather_for_ips.py
Normal file
|
@ -0,0 +1,33 @@
|
|||
import geoip2.database
|
||||
import fileinput
|
||||
import json
|
||||
import requests
|
||||
import os
|
||||
|
||||
|
||||
geoip = geoip2.database.Reader(os.environ['MAXMIND_GEOIP_DB'])
|
||||
seen = {}
|
||||
output = []
|
||||
for ip in fileinput.input():
|
||||
location = geoip.city(ip.strip())
|
||||
if location.city.geoname_id not in seen:
|
||||
seen[location.city.geoname_id] = True
|
||||
weather_api_key = os.environ['OPENWEATHER_API_KEY']
|
||||
url = (
|
||||
f'https://api.openweathermap.org/data/2.5/onecall'
|
||||
f'?lat={location.location.latitude}'
|
||||
f'&lon={location.location.longitude}'
|
||||
f'&appid={weather_api_key}'
|
||||
f'&units=metric'
|
||||
)
|
||||
resp = requests.get(url)
|
||||
weather = json.loads(resp.text)['current']
|
||||
output.append(
|
||||
f'Weather report for {location.city.name}'
|
||||
f', {location.country.name}. '
|
||||
f'Currently it is {weather["weather"][0]["description"]} outside '
|
||||
f'with a temperature of {weather["temp"]} degrees '
|
||||
f'and a windspeed of {weather["wind_speed"]} meter per second. '
|
||||
)
|
||||
|
||||
print('\n'.join(output))
|
|
@ -12,6 +12,7 @@
|
|||
${pkgs.rsync}/bin/rsync --chown=lass:users -a --delete "/etc/themes/$1/" /var/theme/config/
|
||||
echo "$1" > /var/theme/current_theme
|
||||
${pkgs.coreutils}/bin/chown lass:users /var/theme/current_theme
|
||||
${pkgs.xorg.xrdb}/bin/xrdb -merge /var/theme/config/xresources
|
||||
${pkgs.procps}/bin/pkill -HUP xsettingsd
|
||||
else
|
||||
echo "theme $1 not found"
|
||||
|
@ -26,6 +27,8 @@ in {
|
|||
serviceConfig = {
|
||||
ExecStart = "${pkgs.xsettingsd}/bin/xsettingsd -c /var/theme/config/xsettings.conf";
|
||||
User = "lass";
|
||||
Restart = "always";
|
||||
RestartSec = "15s";
|
||||
};
|
||||
};
|
||||
systemd.tmpfiles.rules = [
|
||||
|
@ -38,11 +41,20 @@ in {
|
|||
"themes/light/xsettings.conf".text = ''
|
||||
Net/ThemeName "Adwaita"
|
||||
'';
|
||||
"themes/light/xresources".text = ''
|
||||
*background: #ffffff
|
||||
*foreground: #000000
|
||||
'';
|
||||
"themes/dark/xsettings.conf".text = ''
|
||||
Net/ThemeName "Adwaita-dark"
|
||||
'';
|
||||
"themes/dark/xresources".text = ''
|
||||
*background: #000000
|
||||
*foreground: #ffffff
|
||||
'';
|
||||
};
|
||||
system.activationScripts.theme.text = ''
|
||||
export DISPLAY=:0
|
||||
if test -e /var/theme/current_theme; then
|
||||
${switch-theme}/bin/switch-theme "$(cat /var/theme/current_theme)" ||
|
||||
${switch-theme}/bin/switch-theme dark
|
||||
|
|
Loading…
Reference in a new issue