Merge remote-tracking branch 'gum/20.09' into 20.09

krebs/1systems/puyak/config.nix

@@ -7,19 +7,104 @@
     <stockholm/krebs/2configs/secret-passwords.nix>
     <stockholm/krebs/2configs/hw/x220.nix>
 
+
+    ## initrd unlocking
+    # (brain hosts/puyak/luks-ssd;echo)  | ssh root@$(brain krebs-secrets/puyak/initrd/hostname) 'cat > /crypt-ramfs/passphrase'
+    <stockholm/krebs/2configs/tor/initrd.nix>
+
     <stockholm/krebs/2configs/binary-cache/nixos.nix>
     <stockholm/krebs/2configs/binary-cache/prism.nix>
     <stockholm/krebs/2configs/go.nix>
     <stockholm/krebs/2configs/ircd.nix>
     <stockholm/krebs/2configs/news.nix>
     <stockholm/krebs/2configs/news-spam.nix>
+
+    ###   shackspace
+    # handle the worlddomination map via coap
+    <stockholm/krebs/2configs/shack/worlddomination.nix>
     <stockholm/krebs/2configs/shack/ssh-keys.nix>
+
+    # drivedroid.shack for shackphone
+    <stockholm/krebs/2configs/shack/drivedroid.nix>
+    # <stockholm/krebs/2configs/shack/nix-cacher.nix>
+
+    # Say if muell will be collected
+    <stockholm/krebs/2configs/shack/muell_caller.nix>
+    # provide muellshack api: muell.shack
+    <stockholm/krebs/2configs/shack/muellshack.nix>
+    # send mail if muell was not handled
+    <stockholm/krebs/2configs/shack/muell_mail.nix>
+
+    # provide light control api
+    <stockholm/krebs/2configs/shack/node-light.nix> # light.shack lounge.light.shack power.light.shack openhab.shack lightapi.shack
+    # light.shack web-ui
+    <stockholm/krebs/2configs/shack/light.shack.nix> #light.shack
+
+    # powerraw usb serial to mqtt and raw socket
+    <stockholm/krebs/2configs/shack/powerraw.nix> # powerraw.shack standby.shack
+    # send power stats to s3
+    <stockholm/krebs/2configs/shack/s3-power.nix> # powerraw.shack must be available
+
+
+    { # do not log to /var/spool/log
+      services.nginx.appendHttpConfig = ''
+          map $request_method $loggable {
+            default 1;
+            GET 0;
+          }
+          log_format vhost '$host $remote_addr - $remote_user '
+                     '[$time_local] "$request" $status '
+                     '$body_bytes_sent "$http_referer" '
+                     '"$http_user_agent"';
+          error_log stderr;
+          access_log syslog:server=unix:/dev/log vhost;
+      '';
+      services.journald.rateLimitBurst = 10000;
+    }
+
+    # create samba share for anonymous usage with the laser and 3d printer pc
+    <stockholm/krebs/2configs/shack/share.nix>
+
+    # mobile.lounge.mpd.shack
+    <stockholm/krebs/2configs/shack/mobile.mpd.nix>
+
+    # hass.shack
+    <stockholm/krebs/2configs/shack/glados>
+
+    # connect to git.shackspace.de as group runner for rz
+    <stockholm/krebs/2configs/shack/gitlab-runner.nix>
+
+    # Statistics collection and visualization
+    # <stockholm/krebs/2configs/shack/graphite.nix> # graphiteApi is broken and unused(hopefully)
+    ## Collect data from mqtt.shack and store in graphite database
+    <stockholm/krebs/2configs/shack/mqtt_sub.nix>
+    ## Collect radioactive data and put into graphite
+    <stockholm/krebs/2configs/shack/radioactive.nix>
+    ## mqtt.shack
+    <stockholm/krebs/2configs/shack/mqtt.nix>
+    ## influx.shack
+    <stockholm/krebs/2configs/shack/influx.nix>
+
+    ## Collect local statistics via collectd and send to collectd
+    <stockholm/krebs/2configs/stats/shack-client.nix>
+    <stockholm/krebs/2configs/stats/shack-debugging.nix>
+
+    ## netbox.shack: Netbox is disabled as nobody seems to be using it anyway
+    # <stockholm/krebs/2configs/shack/netbox.nix>
+
+    # grafana.shack
+    <stockholm/krebs/2configs/shack/grafana.nix>
+
+    # shackdns.shack
+    # replacement for leases.shack and shackles.shack
+    <stockholm/krebs/2configs/shack/shackDNS.nix>
+
+    # monitoring: prometheus.shack
     <stockholm/krebs/2configs/shack/prometheus/node.nix>
     <stockholm/krebs/2configs/shack/prometheus/server.nix>
     <stockholm/krebs/2configs/shack/prometheus/blackbox.nix>
     <stockholm/krebs/2configs/shack/prometheus/unifi.nix>
     <stockholm/krebs/2configs/shack/prometheus/alertmanager-telegram.nix>
-    <stockholm/krebs/2configs/shack/gitlab-runner.nix>
 
     ## Collect local statistics via collectd and send to collectd
     <stockholm/krebs/2configs/stats/shack-client.nix>

krebs/1systems/wolf/config.nix

@@ -14,85 +14,15 @@ in
     <stockholm/krebs/2configs/binary-cache/nixos.nix>
     <stockholm/krebs/2configs/binary-cache/prism.nix>
 
-    # handle the worlddomination map via coap
-    <stockholm/krebs/2configs/shack/worlddomination.nix>
-    <stockholm/krebs/2configs/shack/ssh-keys.nix>
+    #### shackspace services
+    <stockholm/krebs/2configs/shack/share.nix> # wolf.shack
 
-    # drivedroid.shack for shackphone
-    <stockholm/krebs/2configs/shack/drivedroid.nix>
-    # <stockholm/krebs/2configs/shack/nix-cacher.nix>
-    # Say if muell will be collected
-    <stockholm/krebs/2configs/shack/muell_caller.nix>
-    # provide muellshack api
-    <stockholm/krebs/2configs/shack/muellshack.nix>
-    # provide light control api
-    <stockholm/krebs/2configs/shack/node-light.nix>
-    # light.shack web-ui
-    <stockholm/krebs/2configs/shack/light.shack.nix>
-    # send mail if muell was not handled
-    <stockholm/krebs/2configs/shack/muell_mail.nix>
-    # send mail if muell was not handled
-    <stockholm/krebs/2configs/shack/s3-power.nix>
-    # powerraw usb serial to mqtt and raw socket
-    <stockholm/krebs/2configs/shack/powerraw.nix>
-
-    { # do not log to /var/spool/log
-      services.nginx.appendHttpConfig = ''
-          map $request_method $loggable {
-            default 1;
-            GET 0;
-          }
-          log_format vhost '$host $remote_addr - $remote_user '
-                     '[$time_local] "$request" $status '
-                     '$body_bytes_sent "$http_referer" '
-                     '"$http_user_agent"';
-          error_log stderr;
-          access_log syslog:server=unix:/dev/log vhost;
-      '';
-      services.journald.rateLimitBurst = 10000;
-    }
-
-    # create samba share for anonymous usage with the laser and 3d printer pc
-    <stockholm/krebs/2configs/shack/share.nix>
-
-    # mobile.lounge.mpd.shack
-    <stockholm/krebs/2configs/shack/mobile.mpd.nix>
-
-    # hass.shack
-    <stockholm/krebs/2configs/shack/glados>
-
-    # connect to git.shackspace.de as group runner for rz
+    # gitlab runner
     <stockholm/krebs/2configs/shack/gitlab-runner.nix>
-
-    # Statistics collection and visualization
-    # <stockholm/krebs/2configs/shack/graphite.nix> # graphiteApi is broken and unused(hopefully)
-    ## Collect data from mqtt.shack and store in graphite database
-    <stockholm/krebs/2configs/shack/mqtt_sub.nix>
-    ## Collect radioactive data and put into graphite
-    <stockholm/krebs/2configs/shack/radioactive.nix>
-    ## mqtt.shack
-    <stockholm/krebs/2configs/shack/mqtt.nix>
-    ## influx.shack
-    <stockholm/krebs/2configs/shack/influx.nix>
-
-    ## Collect local statistics via collectd and send to collectd
-    <stockholm/krebs/2configs/stats/shack-client.nix>
-    <stockholm/krebs/2configs/stats/shack-debugging.nix>
-
-    <stockholm/krebs/2configs/shack/netbox.nix>
-    # prometheus.shack
-    #<stockholm/krebs/2configs/shack/prometheus/server.nix>
-    <stockholm/krebs/2configs/shack/prometheus/node.nix>
-    #<stockholm/krebs/2configs/shack/prometheus/unifi.nix>
-    # grafana.shack
-    <stockholm/krebs/2configs/shack/grafana.nix>
-
-    # shackdns.shack
-    # replacement for leases.shack and shackles.shack
-    <stockholm/krebs/2configs/shack/shackDNS.nix>
-
     # misc
+    <stockholm/krebs/2configs/shack/ssh-keys.nix>
     <stockholm/krebs/2configs/save-diskspace.nix>
+    <stockholm/krebs/2configs/shack/prometheus/node.nix>
 
   ];
   # use your own binary cache, fallback use cache.nixos.org (which is used by

krebs/2configs/gitlab-runner-shackspace.nix

@@ -1,33 +0,0 @@
-{ config, pkgs, ... }:
-let
-  url = "https://git.shackspace.de/";
-  # generate token from CI-token via:
-  ## gitlab-runner register
-  ## cat /etc/gitlab-runner/config.toml
-  token = import <secrets/shackspace-gitlab-ci-token.nix> ;
-in {
-  systemd.services.gitlab-runner.path = [
-    "/run/wrappers" # /run/wrappers/bin/su
-    "/" # /bin/sh
-  ];
-  systemd.services.gitlab-runner.serviceConfig.PrivateTmp = true;
-  virtualisation.docker.enable = true;
-  services.gitlab-runner = {
-    enable = true;
-    # configFile, configOptions and gracefulTimeout not yet in stable
-    # gracefulTimeout = "120min";
-    configFile = pkgs.writeText "gitlab-runner.cfg" ''
-      concurrent = 1
-      check_interval = 0
-
-      [[runners]]
-        name = "krebs-shell"
-        url = "${url}"
-        token = "${token}"
-        executor = "shell"
-        shell = "sh"
-        environment = ["PATH=/bin:/run/wrappers/bin:/etc/per-user/gitlab-runner/bin:/etc/per-user-pkgs/gitlab-runner/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin"]
-        [runners.cache]
-    '';
-  };
-}

krebs/2configs/shack/gitlab-runner.nix

@@ -1,24 +1,48 @@
-{ pkgs, ... }:
-let
-  runner-src = builtins.fetchTarball {
-    url = "https://gitlab.com/arianvp/nixos-gitlab-runner/-/archive/master/nixos-gitlab-runner-master.tar.gz";
-    sha256 = "1s0fy5ny2ygcfvx35xws8xz5ih4z4kdfqlq3r6byxpylw7r52fyi";
-  };
-in
+{ pkgs,lib, ... }:
 {
-  imports = [
-    "${runner-src}/gitlab-runner.nix"
-  ];
-  services.gitlab-runner2 = {
+  services.gitlab-runner = {
     enable = true;
-    ## registrationConfigurationFile contains:
-    # CI_SERVER_URL=<CI server URL>
-    # REGISTRATION_TOKEN=<registration secret>
-    # RUNNER_TAG_LIST=nix,shacklan
-    # RUNNER_NAME=stockholm-runner-$name
-    registrationConfigFile = <secrets/shackspace-gitlab-ci>;
-    #gracefulTermination = true;
+    services= {
+      # runner for building in docker via host's nix-daemon
+      # nix store will be readable in runner, might be insecure
+      nix = with lib;{
+        # File should contain at least these two variables:
+        # `CI_SERVER_URL`
+        # `REGISTRATION_TOKEN`
+        registrationConfigFile = toString <secrets/shackspace-gitlab-ci>;
+        dockerImage = "alpine";
+        dockerVolumes = [
+          "/nix/store:/nix/store:ro"
+          "/nix/var/nix/db:/nix/var/nix/db:ro"
+          "/nix/var/nix/daemon-socket:/nix/var/nix/daemon-socket:ro"
+        ];
+        dockerDisableCache = true;
+        preBuildScript = pkgs.writeScript "setup-container" ''
+          mkdir -p -m 0755 /nix/var/log/nix/drvs
+          mkdir -p -m 0755 /nix/var/nix/gcroots
+          mkdir -p -m 0755 /nix/var/nix/profiles
+          mkdir -p -m 0755 /nix/var/nix/temproots
+          mkdir -p -m 0755 /nix/var/nix/userpool
+          mkdir -p -m 1777 /nix/var/nix/gcroots/per-user
+          mkdir -p -m 1777 /nix/var/nix/profiles/per-user
+          mkdir -p -m 0755 /nix/var/nix/profiles/per-user/root
+          mkdir -p -m 0700 "$HOME/.nix-defexpr"
+          . ${pkgs.nix}/etc/profile.d/nix.sh
+          ${pkgs.nix}/bin/nix-env -i ${concatStringsSep " " (with pkgs; [ nix cacert git openssh ])}
+          ${pkgs.nix}/bin/nix-channel --add https://nixos.org/channels/nixpkgs-unstable
+          ${pkgs.nix}/bin/nix-channel --update nixpkgs
+        '';
+        environmentVariables = {
+          ENV = "/etc/profile";
+          USER = "root";
+          NIX_REMOTE = "daemon";
+          PATH = "/nix/var/nix/profiles/default/bin:/nix/var/nix/profiles/default/sbin:/bin:/sbin:/usr/bin:/usr/sbin";
+          NIX_SSL_CERT_FILE = "/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt";
+        };
+        tagList = [ "nix" "shacklan" ];
+      };
+    };
   };
-  systemd.services.gitlab-runner2.restartIfChanged = false;
+  systemd.services.gitlab-runner.restartIfChanged = false;
   systemd.services.docker.restartIfChanged = false;
 }

krebs/2configs/shack/share.nix

@@ -37,6 +37,9 @@
       # for legacy systems
       client min protocol = NT1
       server min protocol = NT1
+      workgroup = WORKGROUP
+      server string = ${config.networking.hostName}
+      netbios name = ${config.networking.hostName}
     '';
   };
 }

krebs/2configs/tor/initrd.nix

@@ -0,0 +1,50 @@
+{config, pkgs, ... }:
+## unlock command:
+# (brain hosts/puyak/luks-ssd;echo)  | ssh root@$(brain krebs-secrets/puyak/initrd/hostname) 'cat > /crypt-ramfs/passphrase'
+{
+  boot.initrd.network.enable = true;
+  boot.initrd.network.ssh = {
+    enable = true;
+    port = 22;
+    authorizedKeys = [
+      config.krebs.users.jeschli-brauerei.pubkey
+      config.krebs.users.lass.pubkey
+      config.krebs.users.lass-mors.pubkey
+      config.krebs.users.makefu.pubkey
+      config.krebs.users.tv.pubkey
+    ];
+    hostKeys = [ <secrets/initrd/openssh_host_ecdsa_key> ];
+  };
+  boot.initrd.availableKernelModules = [ "e1000e" ];
+
+  boot.initrd.secrets = {
+    "/etc/tor/onion/bootup" = <secrets/initrd>;
+  };
+
+  boot.initrd.extraUtilsCommands = ''
+    copy_bin_and_libs ${pkgs.tor}/bin/tor
+  '';
+
+  # start tor during boot process
+  boot.initrd.network.postCommands = let
+    torRc = (pkgs.writeText "tor.rc" ''
+      DataDirectory /etc/tor
+      SOCKSPort 127.0.0.1:9050 IsolateDestAddr
+      SOCKSPort 127.0.0.1:9063
+      HiddenServiceDir /etc/tor/onion/bootup
+      HiddenServicePort 22 127.0.0.1:22
+    '');
+  in ''
+    echo "tor: preparing onion folder"
+    # have to do this otherwise tor does not want to start
+    chmod -R 700 /etc/tor
+
+    echo "make sure localhost is up"
+    ip a a 127.0.0.1/8 dev lo
+    ip link set lo up
+
+    echo "tor: starting tor"
+    tor -f ${torRc} --verify-config
+    tor -f ${torRc} &
+  '';
+}

makefu/1systems/omo/config.nix

@@ -47,6 +47,7 @@ in {
       # <stockholm/makefu/2configs/legacy_only.nix>
 
       <stockholm/makefu/2configs/share/omo.nix>
+      <stockholm/makefu/2configs/share/gum-client.nix>
       <stockholm/makefu/2configs/dcpp/airdcpp.nix>
       { krebs.airdcpp.dcpp.shares = let
           d = path: "/media/cryptX/${path}";

makefu/1systems/sdev/config.nix

@@ -37,10 +37,11 @@
     passwdqc-utils
     gnupg
     populate
-    (pkgs.writeScriptBin "tor-browser" ''
-      #! /bin/sh
-      TOR_SKIP_LAUNCH=1 ${torbrowser}/bin/tor-browser
-    '')
+    # 20.09: torbrowser is broken
+    #(pkgs.writeScriptBin "tor-browser" ''
+    #  #! /bin/sh
+    #  TOR_SKIP_LAUNCH=1 ${torbrowser}/bin/tor-browser
+    #'')
   ];
 
   networking.firewall.allowedTCPPorts = [

makefu/2configs/bureautomation/default.nix

@@ -15,30 +15,8 @@ in {
   ];
   networking.firewall.allowedTCPPorts = [ 8123 ];
   state = [ "/var/lib/hass/known_devices.yaml" ];
-  services.home-assistant = let
-      dwd_pollen = pkgs.fetchFromGitHub {
-        owner = "marcschumacher";
-        repo = "dwd_pollen";
-        rev = "0.1";
-        sha256 = "1af2mx99gv2hk1ad53g21fwkdfdbymqcdl3jvzd1yg7dgxlkhbj1";
-      };
-    in {
+  services.home-assistant = {
     enable = true;
-    package = (pkgs.home-assistant.overrideAttrs (old: {
-      # TODO: find correct python package
-      installCheckPhase = ''
-        echo LOLLLLLLLLLLLLLL
-      '';
-      postInstall = ''
-        cp -r ${dwd_pollen} $out/lib/python3.7/site-packages/homeassistant/components/dwd_pollen
-      '';
-    })).override {
-      extraPackages = ps: with ps; [
-        pkgs.picotts
-        python-forecastio jsonrpc-async jsonrpc-websocket mpd2
-        (callPackage ./deps/openwrt-luci-rpc.nix { })
-      ];
-    };
     autoExtraComponents = true;
     config = {
       config = {};
@@ -139,7 +117,7 @@ in {
 
       sensor = []
         ++ [{ platform = "version"; }] # pyhaversion
-        ++ (import ./sensor/pollen.nix)
+        # ++ (import ./sensor/pollen.nix)
         ++ (import ./sensor/espeasy.nix)
         ++ (import ./sensor/airquality.nix)
         ++ ((import ./sensor/outside.nix) {inherit lib;})

makefu/2configs/bureautomation/deps/dwd_pollen.nix

@@ -1,32 +0,0 @@
-{ lib
-, buildPythonPackage
-, fetchFromGitHub
-, python
-, voluptuous
-}:
-
-buildPythonPackage rec {
-  format = "other";
-  pname = "dwd_pollen";
-  version = "0.1";
-
-  src = fetchFromGitHub {
-    owner = "marcschumacher";
-    repo = "dwd_pollen";
-    rev = version;
-    sha256 = "1af2mx99gv2hk1ad53g21fwkdfdbymqcdl3jvzd1yg7dgxlkhbj1";
-  };
-  propagatedBuildInputs = [
-    voluptuous
-  ];
-  installPhase = ''
-     install -D -t $out/${python.sitePackages}/homeassistant/components/sensor/dwd_pollen *
-  '';
-
-  meta = with lib; {
-    description = "Home Assistant component to retrieve Pollen data from DWD (Germany)";
-    homepage = https://github.com/marcschumacher/dwd_pollen;
-    license = licenses.mit;
-    maintainers = [ maintainers.makefu ];
-  };
-}

makefu/2configs/bureautomation/kalauerbot.nix

@@ -12,6 +12,9 @@
       WorkingDirectory = "/var/lib/kalauerbot";
       ExecStart = "${pkgs.kalauerbot}/bin/kalauerbot";
       PrivateTmp = true;
+
+      Restart = "always";
+      RuntimeMaxSec = "12h";
     };
   };
 }

makefu/2configs/hw/droidcam.nix

@@ -0,0 +1,7 @@
+{ pkgs, config, ... }: 
+{
+  boot.extraModprobeConfig = "options v4l2loopback_dc width=640 height=480";
+  boot.extraModulePackages = [
+    (pkgs.callPackage  ../../5pkgs/v4l2loopback-dc { kernel = config.boot.kernelPackages.kernel; })
+  ];
+}

makefu/2configs/minimal.nix

@@ -81,4 +81,5 @@
     "net.ipv6.conf.all.use_tempaddr" = 2;
     "net.ipv6.conf.default.use_tempaddr" = 2;
   };
+
 }

makefu/2configs/printer.nix

@@ -21,16 +21,20 @@ in {
   hardware.sane = {
     enable = true;
     extraBackends = [ ];
+    netConf =
+      # drucker.lan SCX-3205W
+      ''
+        192.168.1.6''
+      # uhrenkind.shack magicolor 1690mf
+    + ''
+        10.42.20.30'';
 
     # $ scanimage -p --format=jpg --mode=Gray --source="Automatic Document Feeder" -v --batch="lol%d.jpg" --resolution=150
 
     # requires 'sane-extra', scan via:
-    #extraConfig."magicolor" = ''
-    #  net 10.42.20.30 0x2098
-    #''; # 10.42.20.30: uhrenkind.shack magicolor 1690mf
-    extraConfig."xerox_mfp" = ''
-      tcp 192.168.1.5
-    ''; #home printer SCX-3205W
+    extraConfig."magicolor" = ''
+      net 10.42.20.30 0x2098
+    ''; # 10.42.20.30: uhrenkind.shack magicolor 1690mf
   };
   state = [ "/var/lib/cups" ];
 }

makefu/2configs/remote-build/gum.nix

@@ -10,6 +10,14 @@
         system = "x86_64-linux";
         supportedFeatures = [ ];
       }
+      {
+        hostName = "gum.krebsco.de";
+        maxJobs = 8;
+        sshKey = toString <secrets/id_nixBuild>;
+        sshUser = "nixBuild";
+        system = "armv6l-linux";
+        supportedFeatures = [ ];
+      }
     ];
   };
 }

makefu/2configs/share/omo.nix

@@ -82,6 +82,9 @@ in {
       printing = bsd
       printcap name = /dev/null
       disable spoolss = yes
+      workgroup = WORKGROUP
+      server string = ${config.networking.hostName}
+      netbios name = ${config.networking.hostName}
     '';
   };
 }

makefu/2configs/urlwatch/default.nix

@@ -34,6 +34,9 @@ in {
       https://pypi.python.org/simple/pyserial/
       https://pypi.python.org/simple/semantic_version/
       # weird shit
+      { url = "https://www.zigbee2mqtt.io/information/supported_adapters.html";
+        filter = "html2text";
+      }
       http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/
       https://erdgeist.org/gitweb/opentracker/info/refs?service=git-upload-pack
 

makefu/2configs/wireguard/server.nix

@@ -54,4 +54,10 @@ in { # wireguard server
     }
     ];
   };
+  # TODO: this issue is related to the router which connects to the host but is
+  # unable to re-connect once restarted
+  systemd.services.wireguard-wg0.serviceConfig = {
+    Restart = "always";
+    RuntimeMaxSec = "12h";
+  };
 }

makefu/5pkgs/droidcam/default.nix

@@ -0,0 +1,55 @@
+{ stdenv, fetchFromGitHub
+, pkg-config
+, alsaLib
+, libjpeg_turbo
+, ffmpeg
+, libusbmuxd
+, speex
+, gtk3
+, libappindicator-gtk3
+}:
+
+stdenv.mkDerivation rec {
+  pname = "droidcam";
+  version = "1.6";
+
+  src = fetchFromGitHub {
+    owner = "aramg";
+    repo = "droidcam";
+    rev = "v${version}";
+    sha256 = "1d9qpnmqa3pfwsrpjnxdz76ipk4w37bbxyrazchh4vslnfc886fx";
+  };
+
+  sourceRoot = "source/linux";
+
+  nativeBuildInputs = [ pkg-config ];
+  buildInputs = [
+    alsaLib
+    libjpeg_turbo
+    ffmpeg
+    libusbmuxd
+    speex
+    gtk3
+    libappindicator-gtk3
+  ];
+
+  buildPhase = ''
+    runHook preBuild
+    make JPEG_DIR="" JPEG_INCLUDE="" JPEG_LIB="" JPEG="$(pkg-config --libs --cflags libturbojpeg)"
+  '';
+  installPhase = ''
+    runHook preInstall
+    install -Dm755 "droidcam" "$out/bin/droidcam"
+    install -Dm755 "droidcam-cli" "$out/bin/droidcam-cli"
+    install -Dm644 icon2.png "$out/share/pixmaps/droidcam.png"
+    install -Dm644 README.md "$out/share/licenses/droidcam/LICENSE"
+  '';
+
+  meta = with stdenv.lib; {
+    description = "A kernel module to create V4L2 loopback devices";
+    homepage = "https://github.com/aramg/droidcam";
+    license = licenses.gpl2;
+    maintainers = [ maintainers.makefu ];
+    platforms = platforms.linux;
+  };
+}

makefu/5pkgs/kalauerbot/badsync.patch

@@ -0,0 +1,14 @@
+diff --git a/matrix_client/client.py b/matrix_client/client.py
+index af0e08f..f848c4f 100644
+--- a/matrix_client/client.py
++++ b/matrix_client/client.py
+@@ -471,7 +471,7 @@ class MatrixClient(object):
+         self._sync(timeout_ms)
+ 
+     def listen_forever(self, timeout_ms=30000, exception_handler=None,
+-                       bad_sync_timeout=5):
++                       bad_sync_timeout=61):
+         """ Keep listening for events forever.
+ 
+         Args:
+

makefu/5pkgs/kalauerbot/default.nix

@@ -8,7 +8,12 @@ rev = "08d98aa";
     sha256 = "017hh61smgq4zsxd10brgwmykwgwabgllxjs31xayvs1hnqmkv2v";
   };
   propagatedBuildInputs = with python3.pkgs;[
-    (callPackage ./python-matrixbot.nix {})
+     (callPackage ./python-matrixbot.nix {
+      matrix-client = (stdenv.lib.overrideDerivation matrix-client (self: {
+      patches = [ ./badsync.patch ];
+    }));
+    })
+
     (stdenv.lib.overrideDerivation googletrans (self: {
       patches = [ ./translate.patch ];
     }))

makefu/5pkgs/navi/default.nix

@@ -1,37 +0,0 @@
-# via https://git.ingolf-wagner.de/palo/nixos-config/src/master/pkgs/navi/default.nix
-
-{ rustPlatform, fetchFromGitHub, stdenv, fzf, makeWrapper, openssl, pkgconfig }:
-
-rustPlatform.buildRustPackage rec {
-  pname = "navi";
-  version = "2.1.1";
-
-  src = fetchFromGitHub {
-    owner = "denisidoro";
-    repo = "navi";
-    rev = "v${version}";
-    #rev = "${version}";
-    sha256 = "1195f7c3ij2mkv0k1h9fwn6jkyjb01w0p6mj2xc39w5f6i0c0hwp";
-  };
-
-  cargoSha256 = "0ks25w0dncaiw3ma05r8jrng3cczancrynnpgdksbvgz49lg3wjw";
-
-  postInstall = ''
-    mkdir -p $out/share/navi/
-    mv shell $out/share/navi/
-
-    wrapProgram "$out/bin/navi" \
-      --suffix "PATH" : "${fzf}/bin"
-  '';
-  buildInputs = [ openssl ];
-  nativeBuildInputs = [ makeWrapper pkgconfig ];
-
-  meta = with stdenv.lib; {
-    description = "An interactive cheatsheet tool for the command-line";
-    homepage = "https://github.com/denisidoro/navi";
-    license = licenses.asl20;
-    platforms = platforms.unix;
-    maintainers = with maintainers; [ mrVanDalo ];
-  };
-}
-

makefu/5pkgs/v4l2loopback-dc/default.nix

@@ -0,0 +1,36 @@
+{ stdenv, fetchFromGitHub, kernel, kmod }:
+
+stdenv.mkDerivation rec {
+  name = "v4l2loopback-dc-${version}-${kernel.version}";
+  version = "1.6";
+
+  src = fetchFromGitHub {
+    owner = "aramg";
+    repo = "droidcam";
+    rev = "v${version}";
+    sha256 = "1d9qpnmqa3pfwsrpjnxdz76ipk4w37bbxyrazchh4vslnfc886fx";
+  };
+
+  sourceRoot = "source/linux/v4l2loopback";
+
+  buildTargets = "v4l2loopback-dc";
+  hardeningDisable = [ "pic" ];
+
+  nativeBuildInputs = kernel.moduleBuildDependencies;
+  buildInputs = [ kmod ];
+
+
+  makeFlags = [
+    "KERNELRELEASE=${kernel.modDirVersion}"
+    "KERNEL_DIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"
+    "INSTALL_MOD_PATH=$(out)"
+  ];
+
+  meta = with stdenv.lib; {
+    description = "A kernel module to create V4L2 loopback devices";
+    homepage = "https://github.com/aramg/droidcam";
+    license = licenses.gpl2;
+    maintainers = [ maintainers.makefu ];
+    platforms = platforms.linux;
+  };
+}

makefu/krops.nix

@@ -77,7 +77,7 @@
     (lib.mkIf ( host-src.home-manager ) {
       home-manager.git = {
         url = https://github.com/rycee/home-manager;
-        ref = "cb17f1e";
+        ref = "63f299b";
       };
     })
   ];