Merge remote-tracking branch 'gum/master'
This commit is contained in:
commit
245994cc7a
|
@ -129,6 +129,8 @@ in {
|
||||||
"graphite.shack"
|
"graphite.shack"
|
||||||
"acng.shack"
|
"acng.shack"
|
||||||
"drivedroid.shack"
|
"drivedroid.shack"
|
||||||
|
"mobile.lounge.mpd.shack"
|
||||||
|
"lounge.mpd.wolf.shack"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
retiolum = {
|
retiolum = {
|
||||||
|
@ -138,6 +140,7 @@ in {
|
||||||
"wolf.r"
|
"wolf.r"
|
||||||
"build.wolf.r"
|
"build.wolf.r"
|
||||||
"cgit.wolf.r"
|
"cgit.wolf.r"
|
||||||
|
"lounge.mpd.wolf.r"
|
||||||
];
|
];
|
||||||
tinc.pubkey = ''
|
tinc.pubkey = ''
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
|
|
@ -1,7 +1,9 @@
|
||||||
{ config, ... }:
|
{ config, ... }:
|
||||||
|
|
||||||
with import <stockholm/lib>;
|
with import <stockholm/lib>;
|
||||||
|
## generate keys with:
|
||||||
|
# tinc generate-keys
|
||||||
|
# ssh-keygen -f ssh.id_ed25519 -t ed25519 -C host
|
||||||
{
|
{
|
||||||
hosts = mapAttrs (_: setAttr "owner" config.krebs.users.makefu) {
|
hosts = mapAttrs (_: setAttr "owner" config.krebs.users.makefu) {
|
||||||
cake = rec {
|
cake = rec {
|
||||||
|
@ -29,6 +31,32 @@ with import <stockholm/lib>;
|
||||||
ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
|
ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
|
||||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGyJlI0YpIh/LiiPMseD2IBHg+uVGrkSy0MPNeD+Jv8Y cake";
|
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGyJlI0YpIh/LiiPMseD2IBHg+uVGrkSy0MPNeD+Jv8Y cake";
|
||||||
};
|
};
|
||||||
|
crapi = rec { # raspi1
|
||||||
|
cores = 1;
|
||||||
|
ci = false;
|
||||||
|
nets = {
|
||||||
|
retiolum = {
|
||||||
|
ip4.addr = "10.243.136.237";
|
||||||
|
ip6.addr = "42:b3b2:9552:eef0:ee67:f3b3:8d33:eee2";
|
||||||
|
aliases = [
|
||||||
|
"crapi.r"
|
||||||
|
];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
Ed25519PublicKey = Zkh6vtSNBvKYUjCPsMyAFJmxzueglCDoawVPCezKy4F
|
||||||
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
MIIBCgKCAQEAloXLBfZQEVW9mJ7uwOoa+DfV4ek/SG+JQuexJMugei/iNy0NjY66
|
||||||
|
OVIkzFmED32c3D7S1+Q+5Mc3eR02k1o7XERpZeZhCtJOBlS4xMzCKH62E4USvH5L
|
||||||
|
R4O8XX1o/tpeOuZvpnpY1oPmFFc/B5G2jWWQR4Slpbw7kODwYYm5o+B7n+MkVNrk
|
||||||
|
OEOHLaaO6I5QB3GJvDH2JbwzDKLVClQM20L/EvIwnB+Xg0q3veKFj0WTXEK+tuME
|
||||||
|
di++RV4thhZ9IOgRTJOeT94j7ulloh15gqYaIqRqgtzfWE2TnUxvl+upB+yQHNtl
|
||||||
|
bJFLHkE34cQGxEv9dMjRe8i14+Onhb3B6wIDAQAB
|
||||||
|
-----END RSA PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||||
|
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGaV5Ga5R8RTrA+nclxw6uy5Z+hPBLitQTfuXdsmbVW6 crapi";
|
||||||
|
};
|
||||||
drop = rec {
|
drop = rec {
|
||||||
ci = true;
|
ci = true;
|
||||||
cores = 1;
|
cores = 1;
|
||||||
|
@ -298,6 +326,13 @@ with import <stockholm/lib>;
|
||||||
-----END RSA PUBLIC KEY-----
|
-----END RSA PUBLIC KEY-----
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
#wiregrill = {
|
||||||
|
# ip6.addr = "42:4200:0000:0000:0000:0000:0000:a4db";
|
||||||
|
# aliases = [
|
||||||
|
# "x.w"
|
||||||
|
# ];
|
||||||
|
# wireguard.pubkey = "fe5smvKVy5GAn7EV4w4tav6mqIAKhGWQotm7dRuRt1g=";
|
||||||
|
#};
|
||||||
};
|
};
|
||||||
ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
|
ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
|
||||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHDM0E608d/6rGzXqGbNSuMb2RlCojCJSiiz6QcPOC2G root@x";
|
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHDM0E608d/6rGzXqGbNSuMb2RlCojCJSiiz6QcPOC2G root@x";
|
||||||
|
@ -457,8 +492,6 @@ with import <stockholm/lib>;
|
||||||
ip6.addr = "42:f9f0::10";
|
ip6.addr = "42:f9f0::10";
|
||||||
aliases = [
|
aliases = [
|
||||||
"omo.r"
|
"omo.r"
|
||||||
"logs.makefu.r"
|
|
||||||
"stats.makefu.r"
|
|
||||||
];
|
];
|
||||||
tinc.pubkey = ''
|
tinc.pubkey = ''
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
@ -525,7 +558,9 @@ with import <stockholm/lib>;
|
||||||
"krebsco.de" = ''
|
"krebsco.de" = ''
|
||||||
cache.euer IN A ${nets.internet.ip4.addr}
|
cache.euer IN A ${nets.internet.ip4.addr}
|
||||||
cache.gum IN A ${nets.internet.ip4.addr}
|
cache.gum IN A ${nets.internet.ip4.addr}
|
||||||
|
graph IN A ${nets.internet.ip4.addr}
|
||||||
gold IN A ${nets.internet.ip4.addr}
|
gold IN A ${nets.internet.ip4.addr}
|
||||||
|
iso.euer IN A ${nets.internet.ip4.addr}
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
cores = 8;
|
cores = 8;
|
||||||
|
@ -537,13 +572,24 @@ with import <stockholm/lib>;
|
||||||
"nextgum.i"
|
"nextgum.i"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
#wiregrill = {
|
||||||
|
# via = internet;
|
||||||
|
# ip6.addr = "42:4200:0000:0000:0000:0000:0000:70d3";
|
||||||
|
# aliases = [
|
||||||
|
# "gum.w"
|
||||||
|
# ];
|
||||||
|
# wireguard.pubkey = "yAKvxTvcEVdn+MeKsmptZkR3XSEue+wSyLxwcjBYxxo=";
|
||||||
|
#};
|
||||||
retiolum = {
|
retiolum = {
|
||||||
via = internet;
|
via = internet;
|
||||||
ip4.addr = "10.243.0.213";
|
ip4.addr = "10.243.0.213";
|
||||||
ip6.addr = "42:f9f0:0000:0000:0000:0000:0000:70d3";
|
ip6.addr = "42:f9f0:0000:0000:0000:0000:0000:70d3";
|
||||||
aliases = [
|
aliases = [
|
||||||
"nextgum.r"
|
"nextgum.r"
|
||||||
|
"graph.r"
|
||||||
"cache.gum.r"
|
"cache.gum.r"
|
||||||
|
"logs.makefu.r"
|
||||||
|
"stats.makefu.r"
|
||||||
];
|
];
|
||||||
tinc.pubkey = ''
|
tinc.pubkey = ''
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
@ -579,7 +625,6 @@ with import <stockholm/lib>;
|
||||||
boot.euer IN A ${nets.internet.ip4.addr}
|
boot.euer IN A ${nets.internet.ip4.addr}
|
||||||
wiki.euer IN A ${nets.internet.ip4.addr}
|
wiki.euer IN A ${nets.internet.ip4.addr}
|
||||||
mon.euer IN A ${nets.internet.ip4.addr}
|
mon.euer IN A ${nets.internet.ip4.addr}
|
||||||
graph IN A ${nets.internet.ip4.addr}
|
|
||||||
ghook IN A ${nets.internet.ip4.addr}
|
ghook IN A ${nets.internet.ip4.addr}
|
||||||
dockerhub IN A ${nets.internet.ip4.addr}
|
dockerhub IN A ${nets.internet.ip4.addr}
|
||||||
photostore IN A ${nets.internet.ip4.addr}
|
photostore IN A ${nets.internet.ip4.addr}
|
||||||
|
@ -604,7 +649,6 @@ with import <stockholm/lib>;
|
||||||
"o.gum.r"
|
"o.gum.r"
|
||||||
"tracker.makefu.r"
|
"tracker.makefu.r"
|
||||||
|
|
||||||
"graph.r"
|
|
||||||
"search.makefu.r"
|
"search.makefu.r"
|
||||||
"wiki.makefu.r"
|
"wiki.makefu.r"
|
||||||
"wiki.gum.r"
|
"wiki.gum.r"
|
||||||
|
|
0
makefu/0tests/data/secrets/mqtt/hass
Normal file
0
makefu/0tests/data/secrets/mqtt/hass
Normal file
0
makefu/0tests/data/secrets/mqtt/sensor
Normal file
0
makefu/0tests/data/secrets/mqtt/sensor
Normal file
0
makefu/0tests/data/secrets/mqtt/stats
Normal file
0
makefu/0tests/data/secrets/mqtt/stats
Normal file
4
makefu/1systems/crapi/README
Normal file
4
makefu/1systems/crapi/README
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
1. flash arm6 image from https://www.cs.helsinki.fi/u/tmtynkky/nixos-arm/installer/ to sdcard
|
||||||
|
2. passwd; systemctl start sshd; mkdir /var/src ; touch /var/src/.populate
|
||||||
|
3. "environment.systemPackages = [ pkgs.rsync pkgs.git ];" in /etc/nixos/configuration.nix
|
||||||
|
5. nixos-rebuild switch --fast --option binary-caches http://nixos-arm.dezgeg.me/channel --option binary-cache-public-keys nixos-arm.dezgeg.me-1:xBaUKS3n17BZPKeyxL4JfbTqECsT+ysbDJz29kLFRW0=%
|
46
makefu/1systems/crapi/config.nix
Normal file
46
makefu/1systems/crapi/config.nix
Normal file
|
@ -0,0 +1,46 @@
|
||||||
|
{ config, pkgs, lib, ... }:
|
||||||
|
{
|
||||||
|
# :l <nixpkgs>
|
||||||
|
# builtins.readDir (pkgs.fetchFromGitHub { owner = "nixos"; repo = "nixpkgs-channels"; rev = "6c064e6b"; sha256 = "1rqzh475xn43phagrr30lb0fd292c1s8as53irihsnd5wcksnbyd"; })
|
||||||
|
imports = [
|
||||||
|
<stockholm/makefu>
|
||||||
|
<stockholm/makefu/2configs>
|
||||||
|
<stockholm/makefu/2configs/tinc/retiolum.nix>
|
||||||
|
<stockholm/makefu/2configs/save-diskspace.nix>
|
||||||
|
|
||||||
|
];
|
||||||
|
krebs.build.host = config.krebs.hosts.crapi;
|
||||||
|
# NixOS wants to enable GRUB by default
|
||||||
|
boot.loader.grub.enable = false;
|
||||||
|
|
||||||
|
# Enables the generation of /boot/extlinux/extlinux.conf
|
||||||
|
boot.loader.generic-extlinux-compatible.enable = true;
|
||||||
|
|
||||||
|
boot.kernelPackages = pkgs.linuxPackages_rpi;
|
||||||
|
|
||||||
|
nix.binaryCaches = [ "http://nixos-arm.dezgeg.me/channel" ];
|
||||||
|
nix.binaryCachePublicKeys = [ "nixos-arm.dezgeg.me-1:xBaUKS3n17BZPKeyxL4JfbTqECsT+ysbDJz29kLFRW0=%" ];
|
||||||
|
|
||||||
|
fileSystems = {
|
||||||
|
"/boot" = {
|
||||||
|
device = "/dev/disk/by-label/NIXOS_BOOT";
|
||||||
|
fsType = "vfat";
|
||||||
|
};
|
||||||
|
"/" = {
|
||||||
|
device = "/dev/disk/by-label/NIXOS_SD";
|
||||||
|
fsType = "ext4";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
system.activationScripts.create-swap = ''
|
||||||
|
if [ ! -e /swapfile ]; then
|
||||||
|
fallocate -l 2G /swapfile
|
||||||
|
mkswap /swapfile
|
||||||
|
fi
|
||||||
|
'';
|
||||||
|
swapDevices = [ { device = "/swapfile"; size = 2048; } ];
|
||||||
|
|
||||||
|
nix.package = lib.mkForce pkgs.nixStable;
|
||||||
|
services.openssh.enable = true;
|
||||||
|
|
||||||
|
}
|
3
makefu/1systems/crapi/source.nix
Normal file
3
makefu/1systems/crapi/source.nix
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
{
|
||||||
|
arm6 = true;
|
||||||
|
}
|
|
@ -17,7 +17,10 @@ in {
|
||||||
# <stockholm/makefu/2configs/smart-monitor.nix>
|
# <stockholm/makefu/2configs/smart-monitor.nix>
|
||||||
<stockholm/makefu/2configs/mail-client.nix>
|
<stockholm/makefu/2configs/mail-client.nix>
|
||||||
<stockholm/makefu/2configs/mosh.nix>
|
<stockholm/makefu/2configs/mosh.nix>
|
||||||
|
<stockholm/makefu/2configs/tools/core.nix>
|
||||||
|
<stockholm/makefu/2configs/tools/desktop.nix>
|
||||||
<stockholm/makefu/2configs/tools/mobility.nix>
|
<stockholm/makefu/2configs/tools/mobility.nix>
|
||||||
|
{ environment.systemPackages = [ pkgs.esniper ]; }
|
||||||
# <stockholm/makefu/2configs/disable_v6.nix>
|
# <stockholm/makefu/2configs/disable_v6.nix>
|
||||||
#<stockholm/makefu/2configs/graphite-standalone.nix>
|
#<stockholm/makefu/2configs/graphite-standalone.nix>
|
||||||
#<stockholm/makefu/2configs/share-user-sftp.nix>
|
#<stockholm/makefu/2configs/share-user-sftp.nix>
|
||||||
|
@ -33,12 +36,12 @@ in {
|
||||||
# logs to influx
|
# logs to influx
|
||||||
<stockholm/makefu/2configs/stats/external/aralast.nix>
|
<stockholm/makefu/2configs/stats/external/aralast.nix>
|
||||||
<stockholm/makefu/2configs/stats/telegraf>
|
<stockholm/makefu/2configs/stats/telegraf>
|
||||||
<stockholm/makefu/2configs/stats/telegraf/europastats.nix>
|
# <stockholm/makefu/2configs/stats/telegraf/europastats.nix>
|
||||||
|
<stockholm/makefu/2configs/stats/telegraf/hamstats.nix>
|
||||||
<stockholm/makefu/2configs/stats/arafetch.nix>
|
<stockholm/makefu/2configs/stats/arafetch.nix>
|
||||||
|
|
||||||
# services
|
# services
|
||||||
<stockholm/makefu/2configs/syncthing.nix>
|
<stockholm/makefu/2configs/syncthing.nix>
|
||||||
<stockholm/makefu/2configs/mqtt.nix>
|
|
||||||
<stockholm/makefu/2configs/remote-build/slave.nix>
|
<stockholm/makefu/2configs/remote-build/slave.nix>
|
||||||
<stockholm/makefu/2configs/deployment/google-muell.nix>
|
<stockholm/makefu/2configs/deployment/google-muell.nix>
|
||||||
<stockholm/makefu/2configs/virtualisation/docker.nix>
|
<stockholm/makefu/2configs/virtualisation/docker.nix>
|
||||||
|
@ -68,7 +71,7 @@ in {
|
||||||
|
|
||||||
];
|
];
|
||||||
makefu.full-populate = true;
|
makefu.full-populate = true;
|
||||||
krebs.rtorrent = {
|
krebs.rtorrent = (builtins.trace (builtins.toJSON config.services.telegraf.extraConfig)) {
|
||||||
downloadDir = lib.mkForce "/media/cryptX/torrent";
|
downloadDir = lib.mkForce "/media/cryptX/torrent";
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
upload_rate = 200
|
upload_rate = 200
|
||||||
|
|
|
@ -6,7 +6,8 @@ let
|
||||||
rev = "9c9b62e15e4ac11d4379e66b974f1389daf939fe";
|
rev = "9c9b62e15e4ac11d4379e66b974f1389daf939fe";
|
||||||
});
|
});
|
||||||
cfg = fromJSON (readFile ../../hardware/tsp-disk.json);
|
cfg = fromJSON (readFile ../../hardware/tsp-disk.json);
|
||||||
primaryInterface = "enp1s0";
|
# primaryInterface = "enp1s0";
|
||||||
|
primaryInterface = "wlp2s0";
|
||||||
rootDisk = "/dev/sda"; # TODO same as disko uses
|
rootDisk = "/dev/sda"; # TODO same as disko uses
|
||||||
in {
|
in {
|
||||||
imports = [
|
imports = [
|
||||||
|
@ -28,5 +29,13 @@ in {
|
||||||
|
|
||||||
kernelModules = [ "kvm-intel" ];
|
kernelModules = [ "kvm-intel" ];
|
||||||
};
|
};
|
||||||
|
networking.wireless.enable = true;
|
||||||
|
hardware.enableRedistributableFirmware = true;
|
||||||
|
hardware.cpu.intel.updateMicrocode = true;
|
||||||
|
services.logind.lidSwitch = "ignore";
|
||||||
|
services.logind.lidSwitchDocked = "ignore";
|
||||||
|
services.logind.extraConfig = ''
|
||||||
|
HandleSuspendKey = ignore
|
||||||
|
'';
|
||||||
|
powerManagement.enable = false;
|
||||||
}
|
}
|
||||||
|
|
|
@ -6,13 +6,13 @@
|
||||||
[ # Include the results of the hardware scan.
|
[ # Include the results of the hardware scan.
|
||||||
<stockholm/makefu>
|
<stockholm/makefu>
|
||||||
|
|
||||||
# <stockholm/makefu/2configs/hw/vbox-guest.nix>
|
<stockholm/makefu/2configs/hw/vbox-guest.nix>
|
||||||
{ # until virtualbox-image is fixed
|
#{ # until virtualbox-image is fixed
|
||||||
imports = [
|
# imports = [
|
||||||
<stockholm/makefu/2configs/fs/single-partition-ext4.nix>
|
# <stockholm/makefu/2configs/fs/single-partition-ext4.nix>
|
||||||
];
|
# ];
|
||||||
boot.loader.grub.device = "/dev/sda";
|
# boot.loader.grub.device = lib.mkForce "/dev/sda";
|
||||||
}
|
#}
|
||||||
<stockholm/makefu/2configs/main-laptop.nix>
|
<stockholm/makefu/2configs/main-laptop.nix>
|
||||||
# <secrets/extra-hosts.nix>
|
# <secrets/extra-hosts.nix>
|
||||||
|
|
||||||
|
|
49
makefu/1systems/shack-autoinstall/config.nix
Normal file
49
makefu/1systems/shack-autoinstall/config.nix
Normal file
|
@ -0,0 +1,49 @@
|
||||||
|
{ config, pkgs, lib, ... }:
|
||||||
|
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
let
|
||||||
|
disk = "/dev/sda";
|
||||||
|
in {
|
||||||
|
imports = [
|
||||||
|
<stockholm/makefu>
|
||||||
|
<nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix>
|
||||||
|
<nixpkgs/nixos/modules/installer/cd-dvd/channel.nix>
|
||||||
|
<stockholm/makefu/2configs/tools/core.nix>
|
||||||
|
];
|
||||||
|
# TODO: NIX_PATH and nix.nixPath are being set by default.nix right now
|
||||||
|
# cd ~/stockholm ; nix-build -A config.system.build.isoImage -I nixos-config=makefu/1systems/iso.nix -I secrets=/home/makefu/secrets/iso /var/src/nixpkgs/nixos
|
||||||
|
krebs.build.host = config.krebs.hosts.iso;
|
||||||
|
krebs.hidden-ssh.enable = true;
|
||||||
|
|
||||||
|
environment.extraInit = ''
|
||||||
|
EDITOR=vim
|
||||||
|
'';
|
||||||
|
# iso-specific
|
||||||
|
boot.kernelParams = [ "copytoram" ];
|
||||||
|
|
||||||
|
|
||||||
|
environment.systemPackages = [
|
||||||
|
pkgs.parted
|
||||||
|
( pkgs.writeScriptBin "shack-install" ''
|
||||||
|
#! /bin/sh
|
||||||
|
echo "go ahead and try NIX_PATH=/root/.nix-defexpr/channels/ nixos-install"
|
||||||
|
'')
|
||||||
|
];
|
||||||
|
|
||||||
|
systemd.services.wpa_supplicant.wantedBy = lib.mkForce [ "multi-user.target" ];
|
||||||
|
|
||||||
|
networking.wireless = {
|
||||||
|
enable = true;
|
||||||
|
networks.shack.psk = "welcome2shack";
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
services.openssh = {
|
||||||
|
enable = true;
|
||||||
|
hostKeys = [
|
||||||
|
{ bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
|
||||||
|
];
|
||||||
|
};
|
||||||
|
# enable ssh in the iso boot process
|
||||||
|
systemd.services.sshd.wantedBy = lib.mkForce [ "multi-user.target" ];
|
||||||
|
}
|
5
makefu/1systems/shack-autoinstall/grub-partition.sh
Normal file
5
makefu/1systems/shack-autoinstall/grub-partition.sh
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
#!/bin/sh
|
||||||
|
set -euf
|
||||||
|
parted -s ${disk} mklabel msdos
|
||||||
|
parted -s ${disk} -- mkpart primary linux-swap 1M 4096M
|
||||||
|
parted -s ${disk} -- mkpart primary ext2 4096M 100%
|
231
makefu/1systems/shack-autoinstall/shack-config.nix
Normal file
231
makefu/1systems/shack-autoinstall/shack-config.nix
Normal file
|
@ -0,0 +1,231 @@
|
||||||
|
{ config, pkgs, lib, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
./hardware-configuration.nix
|
||||||
|
# TODO:
|
||||||
|
];
|
||||||
|
|
||||||
|
# shacks-specific
|
||||||
|
networking.wireless = {
|
||||||
|
enable = true;
|
||||||
|
networks.shack.psk = "181471eb97eb23f12c6871227bc4a7b13c8f6af56dcc0d0e8b71f4d7a510cb4e";
|
||||||
|
};
|
||||||
|
networking.hostName = "shackbook";
|
||||||
|
|
||||||
|
boot.tmpOnTmpfs = true;
|
||||||
|
|
||||||
|
users.users.shack = {
|
||||||
|
createHome = true;
|
||||||
|
useDefaultShell = true;
|
||||||
|
home = "/home/shack";
|
||||||
|
uid = 9001;
|
||||||
|
packages = with pkgs;[
|
||||||
|
chromium
|
||||||
|
firefox
|
||||||
|
];
|
||||||
|
extraGroups = [ "audio" "wheel" ];
|
||||||
|
hashedPassword = "$6$KIxlQTLEnKl7cwC$LrmbwZ64Mlm7zqUUZ0EObPJMES3C0mQ6Sw7ynTuXzUo7d9EWg/k5XCGkDHMFvL/Pz19Awcv0knHB1j3dHT6fh/" ;
|
||||||
|
};
|
||||||
|
|
||||||
|
environment.variables = let
|
||||||
|
ca-bundle = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
|
||||||
|
in {
|
||||||
|
EDITOR = lib.mkForce "vim";
|
||||||
|
CURL_CA_BUNDLE = ca-bundle;
|
||||||
|
GIT_SSL_CAINFO = ca-bundle;
|
||||||
|
SSL_CERT_FILE = ca-bundle;
|
||||||
|
};
|
||||||
|
|
||||||
|
services.printing = {
|
||||||
|
enable = true;
|
||||||
|
# TODO: shack-printer
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
environment.systemPackages = with pkgs;[
|
||||||
|
parted
|
||||||
|
ddrescue
|
||||||
|
tmux
|
||||||
|
jq git gnumake htop rxvt_unicode.terminfo
|
||||||
|
(pkgs.vim_configurable.customize {
|
||||||
|
name = "vim";
|
||||||
|
vimrcConfig.customRC = ''
|
||||||
|
set nocompatible
|
||||||
|
syntax on
|
||||||
|
set list
|
||||||
|
set listchars=tab:▸\
|
||||||
|
"set list listchars=tab:>-,trail:.,extends:>
|
||||||
|
|
||||||
|
filetype off
|
||||||
|
filetype plugin indent on
|
||||||
|
|
||||||
|
colorscheme darkblue
|
||||||
|
set background=dark
|
||||||
|
|
||||||
|
set number
|
||||||
|
set relativenumber
|
||||||
|
set mouse=a
|
||||||
|
set ignorecase
|
||||||
|
set incsearch
|
||||||
|
set wildignore=*.o,*.obj,*.bak,*.exe,*.os
|
||||||
|
set textwidth=79
|
||||||
|
set shiftwidth=2
|
||||||
|
set expandtab
|
||||||
|
set softtabstop=2
|
||||||
|
set shiftround
|
||||||
|
set smarttab
|
||||||
|
set tabstop=2
|
||||||
|
set et
|
||||||
|
set autoindent
|
||||||
|
set backspace=indent,eol,start
|
||||||
|
|
||||||
|
|
||||||
|
inoremap <F1> <ESC>
|
||||||
|
nnoremap <F1> <ESC>
|
||||||
|
vnoremap <F1> <ESC>
|
||||||
|
|
||||||
|
nnoremap <F5> :UndotreeToggle<CR>
|
||||||
|
set undodir =~/.vim/undo
|
||||||
|
set undofile
|
||||||
|
"maximum number of changes that can be undone
|
||||||
|
set undolevels=1000000
|
||||||
|
"maximum number lines to save for undo on a buffer reload
|
||||||
|
set undoreload=10000000
|
||||||
|
|
||||||
|
nnoremap <F2> :set invpaste paste?<CR>
|
||||||
|
set pastetoggle=<F2>
|
||||||
|
set showmode
|
||||||
|
|
||||||
|
set showmatch
|
||||||
|
set matchtime=3
|
||||||
|
set hlsearch
|
||||||
|
|
||||||
|
autocmd ColorScheme * highlight ExtraWhitespace ctermbg=red guibg=red
|
||||||
|
|
||||||
|
|
||||||
|
" save on focus lost
|
||||||
|
au FocusLost * :wa
|
||||||
|
|
||||||
|
autocmd BufRead *.json set filetype=json
|
||||||
|
au BufNewFile,BufRead *.mustache set syntax=mustache
|
||||||
|
|
||||||
|
cnoremap SudoWrite w !sudo tee > /dev/null %
|
||||||
|
|
||||||
|
" create Backup/tmp/undo dirs
|
||||||
|
set backupdir=~/.vim/backup
|
||||||
|
set directory=~/.vim/tmp
|
||||||
|
|
||||||
|
function! InitBackupDir()
|
||||||
|
let l:parent = $HOME . '/.vim/'
|
||||||
|
let l:backup = l:parent . 'backup/'
|
||||||
|
let l:tmpdir = l:parent . 'tmp/'
|
||||||
|
let l:undodir= l:parent . 'undo/'
|
||||||
|
|
||||||
|
|
||||||
|
if !isdirectory(l:parent)
|
||||||
|
call mkdir(l:parent)
|
||||||
|
endif
|
||||||
|
if !isdirectory(l:backup)
|
||||||
|
call mkdir(l:backup)
|
||||||
|
endif
|
||||||
|
if !isdirectory(l:tmpdir)
|
||||||
|
call mkdir(l:tmpdir)
|
||||||
|
endif
|
||||||
|
if !isdirectory(l:undodir)
|
||||||
|
call mkdir(l:undodir)
|
||||||
|
endif
|
||||||
|
endfunction
|
||||||
|
call InitBackupDir()
|
||||||
|
|
||||||
|
augroup Binary
|
||||||
|
" edit binaries in xxd-output, xxd is part of vim
|
||||||
|
au!
|
||||||
|
au BufReadPre *.bin let &bin=1
|
||||||
|
au BufReadPost *.bin if &bin | %!xxd
|
||||||
|
au BufReadPost *.bin set ft=xxd | endif
|
||||||
|
au BufWritePre *.bin if &bin | %!xxd -r
|
||||||
|
au BufWritePre *.bin endif
|
||||||
|
au BufWritePost *.bin if &bin | %!xxd
|
||||||
|
au BufWritePost *.bin set nomod | endif
|
||||||
|
augroup END
|
||||||
|
'';
|
||||||
|
vimrcConfig.vam.knownPlugins = pkgs.vimPlugins;
|
||||||
|
vimrcConfig.vam.pluginDictionaries = [
|
||||||
|
{ names = [ "undotree" ]; }
|
||||||
|
# vim-nix handles indentation better but does not perform sanity
|
||||||
|
{ names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; }
|
||||||
|
];
|
||||||
|
})
|
||||||
|
|
||||||
|
];
|
||||||
|
programs.bash = {
|
||||||
|
enableCompletion = true;
|
||||||
|
interactiveShellInit = ''
|
||||||
|
HISTCONTROL='erasedups:ignorespace'
|
||||||
|
HISTSIZE=900001
|
||||||
|
HISTFILESIZE=$HISTSIZE
|
||||||
|
shopt -s checkhash
|
||||||
|
shopt -s histappend histreedit histverify
|
||||||
|
shopt -s no_empty_cmd_completion
|
||||||
|
PS1='\[\e[1;32m\]\w\[\e[0m\] '
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
services.journald.extraConfig = ''
|
||||||
|
SystemMaxUse=1G
|
||||||
|
RuntimeMaxUse=128M
|
||||||
|
'';
|
||||||
|
nix = {
|
||||||
|
package = pkgs.nixUnstable;
|
||||||
|
optimise.automatic = true;
|
||||||
|
useSandbox = true;
|
||||||
|
gc.automatic = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
system.autoUpgrade.enable = true;
|
||||||
|
|
||||||
|
boot.loader.grub.enable = true;
|
||||||
|
boot.loader.grub.version = 2;
|
||||||
|
boot.loader.grub.device = "/dev/sda";
|
||||||
|
fileSystems."/".options = [ "noatime" "nodiratime" "discard" ];
|
||||||
|
|
||||||
|
|
||||||
|
# gui and stuff
|
||||||
|
i18n = {
|
||||||
|
consoleFont = "Lat2-Terminus16";
|
||||||
|
consoleKeyMap = "us";
|
||||||
|
defaultLocale = "en_US.UTF-8";
|
||||||
|
};
|
||||||
|
|
||||||
|
fonts = {
|
||||||
|
enableFontDir = true;
|
||||||
|
enableGhostscriptFonts = true;
|
||||||
|
fonts = [ pkgs.terminus_font ];
|
||||||
|
};
|
||||||
|
|
||||||
|
time.timeZone = "Europe/Berlin";
|
||||||
|
services.timesyncd.enable = true;
|
||||||
|
|
||||||
|
|
||||||
|
# GUI
|
||||||
|
hardware.pulseaudio.enable = true;
|
||||||
|
services.xserver = {
|
||||||
|
enable = true;
|
||||||
|
displayManager.auto.enable = true;
|
||||||
|
displayManager.auto.user = "shack";
|
||||||
|
|
||||||
|
desktopManager.xfce.enable = true;
|
||||||
|
|
||||||
|
layout = "us";
|
||||||
|
xkbVariant = "altgr-intl";
|
||||||
|
xkbOptions = "ctrl:nocaps, eurosign:e";
|
||||||
|
};
|
||||||
|
|
||||||
|
services.openssh = {
|
||||||
|
enable = true;
|
||||||
|
hostKeys = [
|
||||||
|
{ bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
24
makefu/1systems/shack-autoinstall/uefi-partition.sh
Normal file
24
makefu/1systems/shack-autoinstall/uefi-partition.sh
Normal file
|
@ -0,0 +1,24 @@
|
||||||
|
#!/bin/sh
|
||||||
|
set -euf
|
||||||
|
p(){
|
||||||
|
parted -s ${disk} -- $@
|
||||||
|
}
|
||||||
|
p mklabel gpt
|
||||||
|
p mkpart primary fat32 1M 551M
|
||||||
|
p set 1 boot on
|
||||||
|
p mkpart primary linux-swap 51M 4647M
|
||||||
|
p mkpart primary ext2 4647M 100%
|
||||||
|
udevadm settle
|
||||||
|
mkfs.fat -nboot -F32 /dev/sda1
|
||||||
|
|
||||||
|
udevadm settle
|
||||||
|
mkswap ${disk}2 -L swap
|
||||||
|
swapon -L swap
|
||||||
|
mkfs.ext4 -L nixos ${disk}3
|
||||||
|
mount LABEL=nixos /mnt
|
||||||
|
mkdir /mnt/boot
|
||||||
|
mount LABEL=boot /mnt/boot
|
||||||
|
|
||||||
|
mkdir -p /mnt/etc/nixos
|
||||||
|
cp ${./shack-config.nix} /mnt/etc/nixos/configuration.nix
|
||||||
|
nixos-generate-config --root /mnt
|
|
@ -8,57 +8,32 @@
|
||||||
[ # Include the results of the hardware scan.
|
[ # Include the results of the hardware scan.
|
||||||
<stockholm/makefu>
|
<stockholm/makefu>
|
||||||
<stockholm/makefu/2configs/main-laptop.nix>
|
<stockholm/makefu/2configs/main-laptop.nix>
|
||||||
<stockholm/makefu/2configs/tools/all.nix>
|
# <stockholm/makefu/2configs/tools/all.nix>
|
||||||
<stockholm/makefu/2configs/fs/sda-crypto-root.nix>
|
<stockholm/makefu/2configs/fs/single-partition-ext4.nix>
|
||||||
# hardware specifics are in here
|
# hardware specifics are in here
|
||||||
# imports tp-x2x0.nix
|
# imports tp-x2x0.nix
|
||||||
# <stockholm/makefu/2configs/hw/tp-x200.nix>
|
<stockholm/makefu/2configs/hw/tp-x230.nix>
|
||||||
|
<stockholm/makefu/2configs/hw/bluetooth.nix>
|
||||||
|
<stockholm/makefu/2configs/hw/network-manager.nix>
|
||||||
|
|
||||||
# <stockholm/makefu/2configs/rad1o.nix>
|
# <stockholm/makefu/2configs/rad1o.nix>
|
||||||
|
|
||||||
<stockholm/makefu/2configs/zsh-user.nix>
|
<stockholm/makefu/2configs/zsh-user.nix>
|
||||||
<stockholm/makefu/2configs/exim-retiolum.nix>
|
<stockholm/makefu/2configs/exim-retiolum.nix>
|
||||||
<stockholm/makefu/2configs/tinc/retiolum.nix>
|
<stockholm/makefu/2configs/tinc/retiolum.nix>
|
||||||
|
|
||||||
|
<stockholm/makefu/2configs/sshd-totp.nix>
|
||||||
|
{
|
||||||
|
programs.adb.enable = true;
|
||||||
|
}
|
||||||
];
|
];
|
||||||
# not working in vm
|
|
||||||
krebs.build.host = config.krebs.hosts.tsp;
|
krebs.build.host = config.krebs.hosts.tsp;
|
||||||
boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }];
|
boot.loader.grub.device = "/dev/sda";
|
||||||
boot.loader.grub.copyKernels = true;
|
|
||||||
|
|
||||||
networking.firewall.allowedTCPPorts = [
|
networking.firewall.allowedTCPPorts = [
|
||||||
25
|
25
|
||||||
];
|
];
|
||||||
|
|
||||||
# acer aspire
|
|
||||||
networking.wireless.enable = lib.mkDefault true;
|
|
||||||
|
|
||||||
services.xserver.synaptics.enable = true;
|
|
||||||
|
|
||||||
hardware.enableAllFirmware = true;
|
hardware.enableAllFirmware = true;
|
||||||
nixpkgs.config.allowUnfree = true;
|
nixpkgs.config.allowUnfree = true;
|
||||||
|
|
||||||
hardware.cpu.intel.updateMicrocode = true;
|
|
||||||
|
|
||||||
zramSwap.enable = true;
|
|
||||||
zramSwap.numDevices = 2;
|
|
||||||
|
|
||||||
services.tlp.enable = true;
|
|
||||||
services.tlp.extraConfig = ''
|
|
||||||
# BUG: http://linrunner.de/en/tlp/docs/tlp-faq.html#erratic-battery
|
|
||||||
START_CHARGE_THRESH_BAT0=67
|
|
||||||
STOP_CHARGE_THRESH_BAT0=100
|
|
||||||
|
|
||||||
|
|
||||||
CPU_SCALING_GOVERNOR_ON_AC=performance
|
|
||||||
CPU_SCALING_GOVERNOR_ON_BAT=ondemand
|
|
||||||
CPU_MIN_PERF_ON_AC=0
|
|
||||||
CPU_MAX_PERF_ON_AC=100
|
|
||||||
CPU_MIN_PERF_ON_BAT=0
|
|
||||||
CPU_MAX_PERF_ON_BAT=30
|
|
||||||
'';
|
|
||||||
|
|
||||||
powerManagement.resumeCommands = ''
|
|
||||||
${pkgs.rfkill}/bin/rfkill unblock all
|
|
||||||
'';
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,9 +1,7 @@
|
||||||
#
|
#
|
||||||
#
|
#
|
||||||
#
|
#
|
||||||
{ config, pkgs, ... }:
|
{ config, pkgs, lib, ... }:
|
||||||
with import <stockholm/lib>;
|
|
||||||
|
|
||||||
{
|
{
|
||||||
imports =
|
imports =
|
||||||
[ # base
|
[ # base
|
||||||
|
@ -43,6 +41,7 @@ with import <stockholm/lib>;
|
||||||
<stockholm/makefu/2configs/mail-client.nix>
|
<stockholm/makefu/2configs/mail-client.nix>
|
||||||
<stockholm/makefu/2configs/printer.nix>
|
<stockholm/makefu/2configs/printer.nix>
|
||||||
<stockholm/makefu/2configs/task-client.nix>
|
<stockholm/makefu/2configs/task-client.nix>
|
||||||
|
# <stockholm/makefu/2configs/syncthing.nix>
|
||||||
|
|
||||||
# Virtualization
|
# Virtualization
|
||||||
<stockholm/makefu/2configs/virtualisation/libvirt.nix>
|
<stockholm/makefu/2configs/virtualisation/libvirt.nix>
|
||||||
|
@ -149,4 +148,6 @@ with import <stockholm/lib>;
|
||||||
"/home/makefu/backup/borgun"
|
"/home/makefu/backup/borgun"
|
||||||
"/home/makefu/.mail/"
|
"/home/makefu/.mail/"
|
||||||
];
|
];
|
||||||
|
services.syncthing.user = lib.mkForce "makefu";
|
||||||
|
services.syncthing.dataDir = lib.mkForce "/home/makefu/.config/syncthing/";
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,48 +1,43 @@
|
||||||
{ pkgs, lib, ... }:
|
{ pkgs, lib, ... }:
|
||||||
let
|
let
|
||||||
tasmota_plug = name: topic: {
|
tasmota_plug = name: topic:
|
||||||
platform = "mqtt";
|
{ platform = "mqtt";
|
||||||
inherit name;
|
inherit name;
|
||||||
state_topic = "/bam/${topic}/stat/POWER";
|
state_topic = "/bam/${topic}/stat/POWER1";
|
||||||
command_topic = "/bam/${topic}/cmnd/POWER";
|
command_topic = "/bam/${topic}/cmnd/POWER1";
|
||||||
availability_topic = "/bam/${topic}/tele/LWT";
|
availability_topic = "/bam/${topic}/tele/LWT";
|
||||||
qos = 1;
|
|
||||||
payload_on= "ON";
|
payload_on= "ON";
|
||||||
payload_off= "OFF";
|
payload_off= "OFF";
|
||||||
payload_available= "Online";
|
payload_available= "Online";
|
||||||
payload_not_available= "Offline";
|
payload_not_available= "Offline";
|
||||||
retain= false;
|
|
||||||
};
|
};
|
||||||
espeasy_dht22 = name: [
|
espeasy_dht22 = name: [
|
||||||
{
|
{ platform = "mqtt";
|
||||||
platform = "mqtt";
|
name = "${name} DHT22 Temperature";
|
||||||
device_class = "temperature";
|
device_class = "temperature";
|
||||||
state_topic = "/bam/${name}/dht22/Temperature";
|
state_topic = "/bam/${name}/dht22/Temperature";
|
||||||
availability_topic = "/bam/${name}/status/LWT";
|
availability_topic = "/bam/${name}/tele/LWT";
|
||||||
payload_available = "Connected";
|
payload_available = "Online";
|
||||||
payload_not_available = "Connection Lost";
|
payload_not_available = "Offline";
|
||||||
}
|
}
|
||||||
{
|
{ platform = "mqtt";
|
||||||
platform = "mqtt";
|
|
||||||
device_class = "humidity";
|
device_class = "humidity";
|
||||||
state_topic = "/bam/${name}/dht22/Temperature";
|
name = "${name} DHT22 Humidity";
|
||||||
unit_of_measurement = "C";
|
state_topic = "/bam/${name}/dht22/Humidity";
|
||||||
availability_topic = "/bam/${name}/status/LWT";
|
availability_topic = "/bam/${name}/tele/LWT";
|
||||||
payload_available = "Connected";
|
payload_available = "Online";
|
||||||
payload_not_available = "Connection Lost";
|
payload_not_available = "Offline";
|
||||||
}];
|
}];
|
||||||
espeasy_ds18 = name: [
|
espeasy_ds18 = name:
|
||||||
{
|
{ platform = "mqtt";
|
||||||
platform = "mqtt";
|
name = "${name} DS18 Temperature";
|
||||||
device_class = "temperature";
|
|
||||||
state_topic = "/bam/${name}/ds18/Temperature";
|
state_topic = "/bam/${name}/ds18/Temperature";
|
||||||
availability_topic = "/bam/${name}/status/LWT";
|
availability_topic = "/bam/${name}/tele/LWT";
|
||||||
payload_available = "Connected";
|
payload_available = "Online";
|
||||||
payload_not_available = "Connection Lost";
|
payload_not_available = "Offline";
|
||||||
}
|
};
|
||||||
];
|
|
||||||
in {
|
in {
|
||||||
|
networking.firewall.allowedTCPPorts = [ 8123 ];
|
||||||
nixpkgs.config.permittedInsecurePackages = [
|
nixpkgs.config.permittedInsecurePackages = [
|
||||||
"homeassistant-0.65.5"
|
"homeassistant-0.65.5"
|
||||||
];
|
];
|
||||||
|
@ -81,18 +76,19 @@ in {
|
||||||
(tasmota_plug "Pluggy" "plug4")
|
(tasmota_plug "Pluggy" "plug4")
|
||||||
];
|
];
|
||||||
binary_sensor = [
|
binary_sensor = [
|
||||||
{ # esp_easy
|
{ platform = "mqtt";
|
||||||
platform = "mqtt";
|
|
||||||
device_class = "motion";
|
device_class = "motion";
|
||||||
|
name = "Motion";
|
||||||
state_topic = "/bam/easy2/movement/Switch";
|
state_topic = "/bam/easy2/movement/Switch";
|
||||||
payload_on = "1";
|
payload_on = "1";
|
||||||
payload_off = "0";
|
payload_off = "0";
|
||||||
availability_topic = "/bam/easy2/status/LWT";
|
availability_topic = "/bam/easy2/tele/LWT";
|
||||||
payload_available = "Connected";
|
payload_available = "Online";
|
||||||
payload_not_available = "Connection Lost";
|
payload_not_available = "Offline";
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
sensor =
|
sensor =
|
||||||
|
(espeasy_dht22 "easy1") ++
|
||||||
(espeasy_dht22 "easy2") ++
|
(espeasy_dht22 "easy2") ++
|
||||||
[ (espeasy_ds18 "easy3" )
|
[ (espeasy_ds18 "easy3" )
|
||||||
{ platform = "luftdaten";
|
{ platform = "luftdaten";
|
||||||
|
|
|
@ -5,7 +5,10 @@ let
|
||||||
home = "/var/lib/ampel";
|
home = "/var/lib/ampel";
|
||||||
sec = "${toString <secrets>}/google-muell.json";
|
sec = "${toString <secrets>}/google-muell.json";
|
||||||
ampelsec = "${home}/google-muell.json";
|
ampelsec = "${home}/google-muell.json";
|
||||||
esp = "192.168.1.23";
|
cred = "${toString <secrets>}/google-muell-creds.json";
|
||||||
|
# TODO: generate this credential file locally
|
||||||
|
ampelcred = "${home}/google-muell-creds.json";
|
||||||
|
esp = "192.168.8.204";
|
||||||
sleepval = "1800";
|
sleepval = "1800";
|
||||||
in {
|
in {
|
||||||
users.users.ampel = {
|
users.users.ampel = {
|
||||||
|
@ -21,10 +24,10 @@ in {
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
User = "ampel";
|
User = "ampel";
|
||||||
ExecStartPre = pkgs.writeDash "copy-ampel-secrets" ''
|
ExecStartPre = pkgs.writeDash "copy-ampel-secrets" ''
|
||||||
cp ${sec} ${ampelsec}
|
install -m600 -o ampel ${sec} ${ampelsec}
|
||||||
chown ampel ${ampelsec}
|
install -m600 -o ampel ${cred} ${ampelcred}
|
||||||
'';
|
'';
|
||||||
ExecStart = "${pkg}/bin/google-muell --esp=${esp} --client-secrets=${ampelsec} --credential-path=${home}/google-muell-creds.json --sleepval=${sleepval}";
|
ExecStart = "${pkg}/bin/google-muell --esp=${esp} --client-secrets=${ampelsec} --credential-path=${ampelcred} --sleepval=${sleepval}";
|
||||||
PermissionsStartOnly = true;
|
PermissionsStartOnly = true;
|
||||||
Restart = "always";
|
Restart = "always";
|
||||||
RestartSec = 10;
|
RestartSec = 10;
|
||||||
|
|
|
@ -1,7 +1,45 @@
|
||||||
{ pkgs, config, ... }:
|
{ pkgs, config, ... }:
|
||||||
|
|
||||||
|
# Ideas:
|
||||||
|
## wake-on-lan server
|
||||||
|
##
|
||||||
let
|
let
|
||||||
firetv = "192.168.1.238";
|
firetv = "192.168.1.238";
|
||||||
|
tasmota_plug = name: topic:
|
||||||
|
{ platform = "mqtt";
|
||||||
|
inherit name;
|
||||||
|
state_topic = "/ham/${topic}/stat/POWER1";
|
||||||
|
command_topic = "/ham/${topic}/cmnd/POWER1";
|
||||||
|
availability_topic = "/ham/${topic}/tele/LWT";
|
||||||
|
payload_on= "ON";
|
||||||
|
payload_off= "OFF";
|
||||||
|
payload_available= "Online";
|
||||||
|
payload_not_available= "Offline";
|
||||||
|
};
|
||||||
|
tasmota_bme = name: topic:
|
||||||
|
[ { platform = "mqtt";
|
||||||
|
name = "${name} Temperatur";
|
||||||
|
state_topic = "/ham/${topic}/tele/SENSOR";
|
||||||
|
value_template = "{{ value_json.BME280.Temperature }}";
|
||||||
|
unit_of_measurement = "°C";
|
||||||
|
}
|
||||||
|
{ platform = "mqtt";
|
||||||
|
name = "${name} Luftfeuchtigkeit";
|
||||||
|
state_topic = "/ham/${topic}/tele/SENSOR";
|
||||||
|
value_template = "{{ value_json.BME280.Humidity }}";
|
||||||
|
unit_of_measurement = "%";
|
||||||
|
}
|
||||||
|
{ platform = "mqtt";
|
||||||
|
name = "${name} Luftdruck";
|
||||||
|
state_topic = "/ham/${topic}/tele/SENSOR";
|
||||||
|
value_template = "{{ value_json.BME280.Pressure }}";
|
||||||
|
unit_of_measurement = "hPa";
|
||||||
|
}
|
||||||
|
];
|
||||||
in {
|
in {
|
||||||
|
imports = [
|
||||||
|
./mqtt.nix
|
||||||
|
];
|
||||||
systemd.services.firetv = {
|
systemd.services.firetv = {
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = [ "multi-user.target" ];
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
|
@ -18,7 +56,17 @@ in {
|
||||||
name = "Home"; time_zone = "Europe/Berlin";
|
name = "Home"; time_zone = "Europe/Berlin";
|
||||||
latitude = "48.7687";
|
latitude = "48.7687";
|
||||||
longitude = "9.2478";
|
longitude = "9.2478";
|
||||||
|
elevation = 247;
|
||||||
};
|
};
|
||||||
|
discovery = {};
|
||||||
|
conversation = {};
|
||||||
|
history = {};
|
||||||
|
logbook = {};
|
||||||
|
tts = [
|
||||||
|
{ platform = "google";}
|
||||||
|
];
|
||||||
|
sun.elevation = 247;
|
||||||
|
recorder = {};
|
||||||
media_player = [
|
media_player = [
|
||||||
{ platform = "kodi";
|
{ platform = "kodi";
|
||||||
host = firetv;
|
host = firetv;
|
||||||
|
@ -27,7 +75,31 @@ in {
|
||||||
# assumes python-firetv running
|
# assumes python-firetv running
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
mqtt = {
|
||||||
|
broker = "localhost";
|
||||||
|
port = 1883;
|
||||||
|
client_id = "home-assistant";
|
||||||
|
username = "hass";
|
||||||
|
password = builtins.readFile <secrets/mqtt/hass>;
|
||||||
|
keepalive = 60;
|
||||||
|
protocol = 3.1;
|
||||||
|
birth_message = {
|
||||||
|
topic = "/ham/hass/tele/LWT";
|
||||||
|
payload = "Online";
|
||||||
|
qos = 1;
|
||||||
|
retain = true;
|
||||||
|
};
|
||||||
|
will_message = {
|
||||||
|
topic = "/ham/hass/tele/LWT";
|
||||||
|
payload = "Offline";
|
||||||
|
qos = 1;
|
||||||
|
retain = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
sensor = [
|
sensor = [
|
||||||
|
{ platform = "speedtest";
|
||||||
|
monitored_conditions = [ "ping" "download" "upload" ];
|
||||||
|
}
|
||||||
{ platform = "luftdaten";
|
{ platform = "luftdaten";
|
||||||
name = "Ditzingen";
|
name = "Ditzingen";
|
||||||
sensorid = "663";
|
sensorid = "663";
|
||||||
|
@ -51,9 +123,17 @@ in {
|
||||||
seconds = 0;
|
seconds = 0;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
];
|
] ++ (tasmota_bme "Schlafzimmer" "schlafzimmer");
|
||||||
frontend = { };
|
frontend = { };
|
||||||
|
#group = [
|
||||||
|
# { default_view = { view = "yes"; entities = [
|
||||||
|
# "sensor.luftdaten"
|
||||||
|
# ]}
|
||||||
|
#];
|
||||||
http = { };
|
http = { };
|
||||||
|
switch = [
|
||||||
|
(tasmota_plug "Lichterkette Schlafzimmer" "schlafzimmer")
|
||||||
|
];
|
||||||
};
|
};
|
||||||
enable = true;
|
enable = true;
|
||||||
#configDir = "/var/lib/hass";
|
#configDir = "/var/lib/hass";
|
||||||
|
|
24
makefu/2configs/deployment/homeautomation/mqtt.nix
Normal file
24
makefu/2configs/deployment/homeautomation/mqtt.nix
Normal file
|
@ -0,0 +1,24 @@
|
||||||
|
{ pkgs, config, ... }:
|
||||||
|
{
|
||||||
|
services.mosquitto = {
|
||||||
|
enable = true;
|
||||||
|
host = "0.0.0.0";
|
||||||
|
allowAnonymous = false;
|
||||||
|
checkPasswords = true;
|
||||||
|
# see <host>/mosquitto
|
||||||
|
users.sensor = {
|
||||||
|
hashedPassword = "$6$2DXU7W1bvqXPqxkF$vtdz5KTd/T09hmoc9LjgEGFjvpwQbQth6vlVcr5hJNLgcBHv4U03YCKC8TKXbmQAa8xiJ76xJIg25kcL+KI3tg==";
|
||||||
|
acl = [ "topic readwrite #" ];
|
||||||
|
};
|
||||||
|
users.hass = {
|
||||||
|
hashedPassword = "$6$SHuYGrE5kPSUc/hu$EomZ0KBy+vkxLt/6eJkrSBjYblCCeMjhDfUd2mwqXYJ4XsP8hGmZ59mMlmBCd3AvlFYQxb4DT/j3TYlrqo7cDA==";
|
||||||
|
acl = [ "topic readwrite #" ];
|
||||||
|
};
|
||||||
|
users.stats = {
|
||||||
|
hashedPassword = "$6$j4H7KXD/YZgvgNmL$8e9sUKRXowDqJLOVgzCdDrvDE3+4dGgU6AngfAeN/rleGOgaMhee2Mbg2KS5TC1TOW3tYbk9NhjLYtjBgfRkoA==";
|
||||||
|
acl = [ "topic read #" ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
environment.systemPackages = [ pkgs.mosquitto ];
|
||||||
|
# port open via trusted interface
|
||||||
|
}
|
|
@ -1,5 +1,7 @@
|
||||||
{config, ...}:
|
{config, ...}:
|
||||||
{
|
{
|
||||||
|
# fdisk /dev/sda
|
||||||
|
# mkfs.ext4 -L nixos /dev/sda1
|
||||||
boot.loader.grub.enable = assert config.boot.loader.grub.device != ""; true;
|
boot.loader.grub.enable = assert config.boot.loader.grub.device != ""; true;
|
||||||
boot.loader.grub.version = 2;
|
boot.loader.grub.version = 2;
|
||||||
|
|
||||||
|
|
|
@ -31,6 +31,7 @@ let
|
||||||
ampel = { };
|
ampel = { };
|
||||||
europastats = { };
|
europastats = { };
|
||||||
arafetch = { };
|
arafetch = { };
|
||||||
|
disko = { };
|
||||||
init-stockholm = {
|
init-stockholm = {
|
||||||
cgit.desc = "Init stuff for stockholm";
|
cgit.desc = "Init stuff for stockholm";
|
||||||
};
|
};
|
||||||
|
|
|
@ -29,11 +29,14 @@
|
||||||
# presumably a2dp Sink
|
# presumably a2dp Sink
|
||||||
# Enable profile:
|
# Enable profile:
|
||||||
## pacmd set-card-profile "$(pactl list cards short | egrep -o bluez_card[[:alnum:]._]+)" a2dp_sink
|
## pacmd set-card-profile "$(pactl list cards short | egrep -o bluez_card[[:alnum:]._]+)" a2dp_sink
|
||||||
hardware.bluetooth.extraConfig = '';
|
|
||||||
|
# connect via https://nixos.wiki/wiki/Bluetooth#Using_Bluetooth_headsets_with_PulseAudio
|
||||||
|
hardware.bluetooth = {
|
||||||
|
enable = true;
|
||||||
|
powerOnBoot = false;
|
||||||
|
extraConfig = ''
|
||||||
[general]
|
[general]
|
||||||
Enable=Source,Sink,Media,Socket
|
Enable=Source,Sink,Media,Socket
|
||||||
'';
|
'';
|
||||||
|
};
|
||||||
# connect via https://nixos.wiki/wiki/Bluetooth#Using_Bluetooth_headsets_with_PulseAudio
|
|
||||||
hardware.bluetooth.enable = true;
|
|
||||||
}
|
}
|
||||||
|
|
47
makefu/2configs/mail/mail.euer.nix
Normal file
47
makefu/2configs/mail/mail.euer.nix
Normal file
|
@ -0,0 +1,47 @@
|
||||||
|
{ config, pkgs, ... }:
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
(builtins.fetchTarball "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/v2.1.4/nixos-mailserver-v2.1.4.tar.gz")
|
||||||
|
];
|
||||||
|
|
||||||
|
mailserver = {
|
||||||
|
enable = true;
|
||||||
|
fqdn = "euer.eloop.org";
|
||||||
|
domains = [ "euer.eloop.org" ];
|
||||||
|
loginAccounts = {
|
||||||
|
"makefu@euer.eloop.org" = {
|
||||||
|
hashedPassword = "$6$5gFFAPnI/c/EHIx$3aHj64p5SX./C.MPb.eBmyLDRdWS1yaoV0s9r3Yexw4UO9URdUkBDgqT7F0Mjgt6.gyYaJ5E50h0Yg7iHtLWI/";
|
||||||
|
aliases = [ "root@euer.eloop.org" ];
|
||||||
|
catchAll = [ "euer.eloop.org" ];
|
||||||
|
|
||||||
|
};
|
||||||
|
};
|
||||||
|
certificateScheme = 3;
|
||||||
|
|
||||||
|
# Enable IMAP and POP3
|
||||||
|
enableImap = true;
|
||||||
|
enablePop3 = false;
|
||||||
|
enableImapSsl = true;
|
||||||
|
enablePop3Ssl = false;
|
||||||
|
|
||||||
|
# Enable the ManageSieve protocol
|
||||||
|
enableManageSieve = true;
|
||||||
|
|
||||||
|
virusScanning = false;
|
||||||
|
|
||||||
|
};
|
||||||
|
|
||||||
|
services.dovecot2.extraConfig = ''
|
||||||
|
ssl_dh = </var/lib/dhparams/dovecot.pem
|
||||||
|
'';
|
||||||
|
# workaround for DH creation
|
||||||
|
# security.dhparams = {
|
||||||
|
# enable = true;
|
||||||
|
# params = {
|
||||||
|
# dovecot = 2048;
|
||||||
|
# };
|
||||||
|
# };
|
||||||
|
# systemd.services.dovecot2.requires = [ "dhparams-gen-dovecot.service" ];
|
||||||
|
# systemd.services.dovecot2.after = [ "dhparams-gen-dovecot.service" ];
|
||||||
|
}
|
||||||
|
|
|
@ -4,6 +4,7 @@
|
||||||
enable = true;
|
enable = true;
|
||||||
host = "0.0.0.0";
|
host = "0.0.0.0";
|
||||||
users = {};
|
users = {};
|
||||||
|
# TODO: secure that shit
|
||||||
allowAnonymous = true;
|
allowAnonymous = true;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -10,7 +10,12 @@ let
|
||||||
in {
|
in {
|
||||||
services.nginx = {
|
services.nginx = {
|
||||||
enable = mkDefault true;
|
enable = mkDefault true;
|
||||||
virtualHosts."mon.euer.krebsco.de" = {
|
virtualHosts."mon.euer.krebsco.de" = let
|
||||||
|
# flesh_wrap
|
||||||
|
authFile = pkgs.writeText "influx.conf" ''
|
||||||
|
user:$apr1$ZG9oQCum$FhtIe/cl3jf8Sa4zq/BWd1
|
||||||
|
'';
|
||||||
|
in {
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
locations."/" = {
|
locations."/" = {
|
||||||
|
@ -21,6 +26,17 @@ in {
|
||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
locations."/influxdb/" = {
|
||||||
|
proxyPass = "http://wbob.r:8086/";
|
||||||
|
extraConfig = ''
|
||||||
|
auth_basic "Needs Autherization to visit";
|
||||||
|
auth_basic_user_file ${authFile};
|
||||||
|
proxy_http_version 1.1;
|
||||||
|
proxy_set_header Host $http_host;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_redirect off;
|
||||||
|
'';
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
services.nginx = {
|
services.nginx = {
|
||||||
enable = lib.mkDefault true;
|
enable = lib.mkDefault true;
|
||||||
virtualHosts."misa-felix-hochzeit.ml" = {
|
virtualHosts."misa-felix-hochzeit.ml" = {
|
||||||
serverAliases = [ "www.misa-felix-hochzeit.ml" "misa-felix.ml" "www.misa-felix.ml" ];
|
serverAliases = [ "misa-felix.ml" "www.misa-felix.ml" ];
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
locations = {
|
locations = {
|
||||||
|
|
|
@ -1,11 +1,10 @@
|
||||||
{
|
{config,...}:{
|
||||||
nix.trustedUsers = [ "nixBuild" ];
|
nix.trustedUsers = [ "nixBuild" ];
|
||||||
users.users.nixBuild = {
|
users.users.nixBuild = {
|
||||||
name = "nixBuild";
|
name = "nixBuild";
|
||||||
useDefaultShell = true;
|
useDefaultShell = true;
|
||||||
# TODO: put this somewhere else
|
|
||||||
openssh.authorizedKeys.keys = [
|
openssh.authorizedKeys.keys = [
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPlhb0TIBW9RN9T8Is4YRIc1RjOg+cxbZCaDjbM4zxrX nixBuild"
|
config.krebs.users.buildbotSlave.pubkey
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
10
makefu/2configs/retroshare.nix
Normal file
10
makefu/2configs/retroshare.nix
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
{ pkgs, ... }:
|
||||||
|
let
|
||||||
|
port = 9024;
|
||||||
|
in {
|
||||||
|
users.users.makefu.packages = [
|
||||||
|
pkgs.retroshare
|
||||||
|
];
|
||||||
|
networking.firewall.allowedTCPPorts = [ port ];
|
||||||
|
networking.firewall.allowedUDPPorts = [ port ];
|
||||||
|
}
|
|
@ -17,6 +17,7 @@ in {
|
||||||
"file_mode=0775"
|
"file_mode=0775"
|
||||||
"dir_mode=0775"
|
"dir_mode=0775"
|
||||||
"uid=9001"
|
"uid=9001"
|
||||||
|
"vers=3"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
19
makefu/2configs/share/omo-timemachine.nix
Normal file
19
makefu/2configs/share/omo-timemachine.nix
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
|
services.samba = {
|
||||||
|
# support for timemachine in git
|
||||||
|
package = pkgs.sambaFull;
|
||||||
|
shares = {
|
||||||
|
time_machine = {
|
||||||
|
path = "/media/crypt3/backup/time_machine";
|
||||||
|
"valid users" = "misa";
|
||||||
|
public = "no";
|
||||||
|
writeable = "yes";
|
||||||
|
"force user" = "misa";
|
||||||
|
"fruit:aapl" = "yes";
|
||||||
|
"fruit:time machine" = "yes";
|
||||||
|
"vfs objects" = "catia fruit streams_xattr";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
38
makefu/2configs/stats/external/weather2stats.nix
vendored
Normal file
38
makefu/2configs/stats/external/weather2stats.nix
vendored
Normal file
|
@ -0,0 +1,38 @@
|
||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
let
|
||||||
|
pkg = pkgs.stdenv.mkDerivation {
|
||||||
|
name = "aralast-master";
|
||||||
|
src = pkgs.fetchFromGitHub {
|
||||||
|
owner = "makefu";
|
||||||
|
repo = "aralast";
|
||||||
|
rev = "7121598";
|
||||||
|
sha256 = "0vw027c698h9b69ksid5p3pji9960hd7n9xi4arrax0vfkwryb4m";
|
||||||
|
};
|
||||||
|
installPhase = ''
|
||||||
|
install -m755 -D aralast.sh $out/bin/aralast
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
in {
|
||||||
|
systemd.services.aralast = {
|
||||||
|
description = "periodically fetch aramark";
|
||||||
|
path = [
|
||||||
|
pkgs.curl
|
||||||
|
pkgs.gnugrep
|
||||||
|
pkgs.gnused
|
||||||
|
];
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
environment = {
|
||||||
|
INFLUX_HOST = "localhost";
|
||||||
|
INFLUX_PORT = "8086";
|
||||||
|
};
|
||||||
|
# every 10 seconds when the cantina is open
|
||||||
|
startAt = "Mon,Tue,Wed,Thu,Fri *-*-* 6,7,8,9,10,11,12,13,14,15:*:0,15,30,45";
|
||||||
|
serviceConfig = {
|
||||||
|
User = "nobody";
|
||||||
|
ExecStart = "${pkg}/bin/aralast";
|
||||||
|
PrivateTmp = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -2,11 +2,11 @@
|
||||||
|
|
||||||
with import <stockholm/lib>;
|
with import <stockholm/lib>;
|
||||||
let
|
let
|
||||||
irc-server = "rc.r";
|
irc-server = "irc.r";
|
||||||
irc-nick = "m-alarm";
|
irc-nick = "m-alarm";
|
||||||
collectd-port = 25826;
|
collectd-port = 25826;
|
||||||
influx-port = 8086;
|
influx-port = 8086;
|
||||||
grafana-port = 3000; # TODO nginx forward
|
grafana-port = 3000;
|
||||||
db = "collectd_db";
|
db = "collectd_db";
|
||||||
logging-interface = config.makefu.server.primary-itf;
|
logging-interface = config.makefu.server.primary-itf;
|
||||||
in {
|
in {
|
||||||
|
@ -72,15 +72,16 @@ in {
|
||||||
iptables -A INPUT -i retiolum -p udp --dport ${toString collectd-port} -j ACCEPT
|
iptables -A INPUT -i retiolum -p udp --dport ${toString collectd-port} -j ACCEPT
|
||||||
iptables -A INPUT -i retiolum -p tcp --dport ${toString influx-port} -j ACCEPT
|
iptables -A INPUT -i retiolum -p tcp --dport ${toString influx-port} -j ACCEPT
|
||||||
iptables -A INPUT -i retiolum -p tcp --dport ${toString grafana-port} -j ACCEPT
|
iptables -A INPUT -i retiolum -p tcp --dport ${toString grafana-port} -j ACCEPT
|
||||||
iptables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT
|
#iptables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT
|
||||||
iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT
|
#iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT
|
||||||
iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT
|
#iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT
|
||||||
|
|
||||||
ip6tables -A INPUT -i retiolum -p udp --dport ${toString collectd-port} -j ACCEPT
|
ip6tables -A INPUT -i retiolum -p udp --dport ${toString collectd-port} -j ACCEPT
|
||||||
ip6tables -A INPUT -i retiolum -p tcp --dport ${toString influx-port} -j ACCEPT
|
ip6tables -A INPUT -i retiolum -p tcp --dport ${toString influx-port} -j ACCEPT
|
||||||
ip6tables -A INPUT -i retiolum -p tcp --dport ${toString grafana-port} -j ACCEPT
|
ip6tables -A INPUT -i retiolum -p tcp --dport ${toString grafana-port} -j ACCEPT
|
||||||
ip6tables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT
|
#ip6tables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT
|
||||||
ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT
|
#ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT
|
||||||
ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT
|
#ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT
|
||||||
'';
|
'';
|
||||||
|
state = [ "/var/lib/grafana/data/grafana.db" ];
|
||||||
}
|
}
|
||||||
|
|
28
makefu/2configs/stats/telegraf/hamstats.nix
Normal file
28
makefu/2configs/stats/telegraf/hamstats.nix
Normal file
|
@ -0,0 +1,28 @@
|
||||||
|
{ pkgs, ...}:
|
||||||
|
|
||||||
|
let
|
||||||
|
genTopic = name: topic: tags: {
|
||||||
|
servers = [ "tcp://localhost:1883" ];
|
||||||
|
username = "stats";
|
||||||
|
password = builtins.readFile <secrets/mqtt/stats>;
|
||||||
|
qos = 0;
|
||||||
|
connection_timeout = "30s";
|
||||||
|
topics = [ topic ];
|
||||||
|
tags = tags;
|
||||||
|
persistent_session = false;
|
||||||
|
name_override = name;
|
||||||
|
data_format = "json";
|
||||||
|
# json_query = tags.sensor; #TODO?
|
||||||
|
};
|
||||||
|
hamStat = host:
|
||||||
|
sensor:
|
||||||
|
(genTopic sensor
|
||||||
|
"/ham/${host}/${sensor}/tele/SENSOR"
|
||||||
|
{"host" = host;
|
||||||
|
"scope" = "ham";
|
||||||
|
"sensor" = sensor;
|
||||||
|
} );
|
||||||
|
bme = host: [(hamStat host "BME280")];
|
||||||
|
in {
|
||||||
|
services.telegraf.extraConfig.inputs.mqtt_consumer = (bme "schlafzimmer");
|
||||||
|
}
|
|
@ -1,11 +1,17 @@
|
||||||
{...}:
|
{ config, ... }:
|
||||||
|
|
||||||
with import <stockholm/lib>; {
|
with import <stockholm/lib>; {
|
||||||
services.syncthing = {
|
services.syncthing = {
|
||||||
enable = true;
|
enable = true;
|
||||||
openDefaultPorts = true;
|
openDefaultPorts = true;
|
||||||
useInotify = true;
|
|
||||||
group = "download";
|
group = "download";
|
||||||
};
|
};
|
||||||
users.extraGroups.download.gid = genid "download";
|
users.extraGroups.download.gid = genid "download";
|
||||||
|
state = map (x: config.services.syncthing.dataDir + "/" + x) [
|
||||||
|
"key.pem"
|
||||||
|
"cert.pem"
|
||||||
|
"config.xml"
|
||||||
|
"https-cert.pem"
|
||||||
|
"https-key.pem"
|
||||||
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,7 +1,8 @@
|
||||||
_:
|
{ pkgs, ... }:
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../binary-cache/lass.nix
|
../binary-cache/lass.nix
|
||||||
];
|
];
|
||||||
krebs.tinc.retiolum.enable = true;
|
krebs.tinc.retiolum.enable = true;
|
||||||
|
environment.systemPackages = [ pkgs.tinc ];
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,9 +3,11 @@
|
||||||
# tools i use when actually working with the host.
|
# tools i use when actually working with the host.
|
||||||
# package version will now be maintained by nix-rebuild
|
# package version will now be maintained by nix-rebuild
|
||||||
#
|
#
|
||||||
# essentially `nix-env -q` of the main user
|
|
||||||
{
|
{
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
|
( pkgs.writeScriptBin "unknow" ''#!/bin/sh
|
||||||
|
${gnused}/bin/sed -i "''${1}d" ~/.ssh/known_hosts
|
||||||
|
'')
|
||||||
at_spi2_core
|
at_spi2_core
|
||||||
acpi
|
acpi
|
||||||
bc
|
bc
|
||||||
|
|
|
@ -21,7 +21,6 @@
|
||||||
gen-oath-safe
|
gen-oath-safe
|
||||||
cdrtools
|
cdrtools
|
||||||
# nix related
|
# nix related
|
||||||
nix-repl
|
|
||||||
nix-index
|
nix-index
|
||||||
# git-related
|
# git-related
|
||||||
tig
|
tig
|
||||||
|
|
|
@ -6,6 +6,7 @@
|
||||||
gimp
|
gimp
|
||||||
inkscape
|
inkscape
|
||||||
libreoffice
|
libreoffice
|
||||||
|
quodlibet
|
||||||
# skype
|
# skype
|
||||||
synergy
|
synergy
|
||||||
tdesktop
|
tdesktop
|
||||||
|
|
|
@ -3,11 +3,14 @@
|
||||||
{
|
{
|
||||||
users.users.makefu.packages = with pkgs; [
|
users.users.makefu.packages = with pkgs; [
|
||||||
kodi
|
kodi
|
||||||
streamripper
|
|
||||||
youtube-dl
|
|
||||||
calibre
|
calibre
|
||||||
vlc
|
vlc
|
||||||
mumble
|
mumble
|
||||||
mplayer
|
mplayer
|
||||||
|
quodlibet
|
||||||
|
|
||||||
|
plowshare
|
||||||
|
streamripper
|
||||||
|
youtube-dl
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,7 +3,11 @@
|
||||||
users.users.makefu.packages = with pkgs;[
|
users.users.makefu.packages = with pkgs;[
|
||||||
go-mtpfs
|
go-mtpfs
|
||||||
mosh
|
mosh
|
||||||
|
sshfs
|
||||||
|
rclone
|
||||||
|
exfat
|
||||||
|
(pkgs.callPackage ./secrets.nix {})
|
||||||
];
|
];
|
||||||
|
|
||||||
boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ];
|
# boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ];
|
||||||
}
|
}
|
||||||
|
|
12
makefu/2configs/tools/secrets.nix
Normal file
12
makefu/2configs/tools/secrets.nix
Normal file
|
@ -0,0 +1,12 @@
|
||||||
|
{ pass, write, writeDash, ... }:
|
||||||
|
|
||||||
|
write "secrets" {
|
||||||
|
"/bin/secrets".link = writeDash "brain" ''
|
||||||
|
PASSWORD_STORE_DIR=$HOME/.secrets-pass/ \
|
||||||
|
exec ${pass}/bin/pass $@
|
||||||
|
'';
|
||||||
|
"/bin/secretsmenu".link = writeDash "secretsmenu" ''
|
||||||
|
PASSWORD_STORE_DIR=$HOME/.secrets-pass/ \
|
||||||
|
exec ${pass}/bin/passmenu $@
|
||||||
|
'';
|
||||||
|
}
|
|
@ -68,6 +68,8 @@ in
|
||||||
|
|
||||||
compdef _pass brain
|
compdef _pass brain
|
||||||
zstyle ':completion::complete:brain::' prefix "$HOME/brain"
|
zstyle ':completion::complete:brain::' prefix "$HOME/brain"
|
||||||
|
compdef _pass secrets
|
||||||
|
zstyle ':completion::complete:secrets::' prefix "$HOME/.secrets-pass/"
|
||||||
|
|
||||||
# ctrl-x ctrl-e
|
# ctrl-x ctrl-e
|
||||||
autoload -U edit-command-line
|
autoload -U edit-command-line
|
||||||
|
|
|
@ -1,5 +1,4 @@
|
||||||
{ stdenv, fetchFromGitHub
|
{ stdenv, fetchFromGitHub
|
||||||
, pkgconfig
|
|
||||||
, cmake
|
, cmake
|
||||||
}:
|
}:
|
||||||
stdenv.mkDerivation rec {
|
stdenv.mkDerivation rec {
|
||||||
|
@ -13,7 +12,7 @@ stdenv.mkDerivation rec {
|
||||||
sha256 = "1cq6vhrq3n3lc1n454slbc66qdyqam2srxgdhfpyfxbq5c4y06nf";
|
sha256 = "1cq6vhrq3n3lc1n454slbc66qdyqam2srxgdhfpyfxbq5c4y06nf";
|
||||||
};
|
};
|
||||||
|
|
||||||
nativeBuildInputs = [ cmake pkgconfig ];
|
nativeBuildInputs = [ cmake ];
|
||||||
installPhase = ''
|
installPhase = ''
|
||||||
mkdir -p $out/{lib,bin}
|
mkdir -p $out/{lib,bin}
|
||||||
find -iname '*.so' -exec mv --target-directory="$out/lib" {} \;
|
find -iname '*.so' -exec mv --target-directory="$out/lib" {} \;
|
||||||
|
|
|
@ -85,13 +85,9 @@ stdenv.mkDerivation rec {
|
||||||
ninja test
|
ninja test
|
||||||
'';
|
'';
|
||||||
|
|
||||||
#preInstall = ''
|
|
||||||
# export MESON_INSTALL_PREFIX=$out
|
|
||||||
#'';
|
|
||||||
|
|
||||||
meta = with stdenv.lib; {
|
meta = with stdenv.lib; {
|
||||||
description = ''
|
description = ''
|
||||||
Eval nix code from python.
|
A modern audio book player for Linux using GTK+ 3
|
||||||
'';
|
'';
|
||||||
maintainers = [ maintainers.makefu ];
|
maintainers = [ maintainers.makefu ];
|
||||||
license = licenses.mit;
|
license = licenses.mit;
|
||||||
|
|
54
makefu/5pkgs/custom/quodlibet/remove-override-warning.patch
Normal file
54
makefu/5pkgs/custom/quodlibet/remove-override-warning.patch
Normal file
|
@ -0,0 +1,54 @@
|
||||||
|
diff --git a/quodlibet/qltk/edittags.py b/quodlibet/quodlibet/qltk/edittags.py
|
||||||
|
index 148866ef7..e741b9c3d 100644
|
||||||
|
--- a/quodlibet/qltk/edittags.py
|
||||||
|
+++ b/quodlibet/qltk/edittags.py
|
||||||
|
@@ -740,13 +740,6 @@ class EditTags(Gtk.VBox):
|
||||||
|
win.show()
|
||||||
|
all_done = False
|
||||||
|
for song in songs:
|
||||||
|
- if not song.valid():
|
||||||
|
- win.hide()
|
||||||
|
- dialog = OverwriteWarning(self, song)
|
||||||
|
- resp = dialog.run()
|
||||||
|
- win.show()
|
||||||
|
- if resp != OverwriteWarning.RESPONSE_SAVE:
|
||||||
|
- break
|
||||||
|
|
||||||
|
changed = False
|
||||||
|
for key, values in iteritems(updated):
|
||||||
|
diff --git a/quodlibet/qltk/tagsfrompath.py b/quodlibet/quodlibet/qltk/tagsfrompath.py
|
||||||
|
index fd3f0709c..cb5b44f20 100644
|
||||||
|
--- a/quodlibet/qltk/tagsfrompath.py
|
||||||
|
+++ b/quodlibet/qltk/tagsfrompath.py
|
||||||
|
@@ -284,13 +284,6 @@ class TagsFromPath(Gtk.VBox):
|
||||||
|
for entry in ((model and itervalues(model)) or []):
|
||||||
|
song = entry.song
|
||||||
|
changed = False
|
||||||
|
- if not song.valid():
|
||||||
|
- win.hide()
|
||||||
|
- dialog = OverwriteWarning(self, song)
|
||||||
|
- resp = dialog.run()
|
||||||
|
- win.show()
|
||||||
|
- if resp != OverwriteWarning.RESPONSE_SAVE:
|
||||||
|
- break
|
||||||
|
|
||||||
|
for i, h in enumerate(pattern.headers):
|
||||||
|
text = entry.get_match(h)
|
||||||
|
diff --git a/quodlibet/qltk/tracknumbers.py b/quodlibet/quodlibet/qltk/tracknumbers.py
|
||||||
|
index 1ab4d0b9a..52f087db4 100644
|
||||||
|
--- a/quodlibet/qltk/tracknumbers.py
|
||||||
|
+++ b/quodlibet/qltk/tracknumbers.py
|
||||||
|
@@ -160,13 +160,6 @@ class TrackNumbers(Gtk.VBox):
|
||||||
|
if song.get("tracknumber") == track:
|
||||||
|
win.step()
|
||||||
|
continue
|
||||||
|
- if not song.valid():
|
||||||
|
- win.hide()
|
||||||
|
- dialog = OverwriteWarning(self, song)
|
||||||
|
- resp = dialog.run()
|
||||||
|
- win.show()
|
||||||
|
- if resp != OverwriteWarning.RESPONSE_SAVE:
|
||||||
|
- break
|
||||||
|
song["tracknumber"] = track
|
||||||
|
try:
|
||||||
|
song.write()
|
13
makefu/5pkgs/custom/quodlibet/single-digit-discnumber.patch
Normal file
13
makefu/5pkgs/custom/quodlibet/single-digit-discnumber.patch
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
diff --git a/quodlibet/pattern/_pattern.py b/quodlibet/pattern/_pattern.py
|
||||||
|
index fc056d07a..8fb559c6e 100644
|
||||||
|
--- a/quodlibet/pattern/_pattern.py
|
||||||
|
+++ b/quodlibet/pattern/_pattern.py
|
||||||
|
@@ -387,7 +387,7 @@ def _number(key, value):
|
||||||
|
elif key == "discnumber":
|
||||||
|
parts = value.split("/")
|
||||||
|
try:
|
||||||
|
- return "%02d" % int(parts[0])
|
||||||
|
+ return "%d" % int(parts[0])
|
||||||
|
except (TypeError, ValueError):
|
||||||
|
return value
|
||||||
|
else:
|
|
@ -20,6 +20,10 @@ with super.lib; with builtins; let
|
||||||
(filterAttrs (_: eq "directory") (readDir path));
|
(filterAttrs (_: eq "directory") (readDir path));
|
||||||
|
|
||||||
in {
|
in {
|
||||||
|
quodlibet = super.pkgs.stdenv.lib.overrideDerivation super.quodlibet (old: {
|
||||||
|
patches = [ ./custom/quodlibet/single-digit-discnumber.patch
|
||||||
|
./custom/quodlibet/remove-override-warning.patch ];
|
||||||
|
});
|
||||||
alsa-hdspconf = callPackage ./custom/alsa-tools { alsaToolTarget="hdspconf";};
|
alsa-hdspconf = callPackage ./custom/alsa-tools { alsaToolTarget="hdspconf";};
|
||||||
alsa-hdspmixer = callPackage ./custom/alsa-tools { alsaToolTarget="hdspmixer";};
|
alsa-hdspmixer = callPackage ./custom/alsa-tools { alsaToolTarget="hdspmixer";};
|
||||||
alsa-hdsploader = callPackage ./custom/alsa-tools { alsaToolTarget="hdsploader";};
|
alsa-hdsploader = callPackage ./custom/alsa-tools { alsaToolTarget="hdsploader";};
|
||||||
|
@ -29,15 +33,6 @@ in {
|
||||||
inkscape = super.pkgs.stdenv.lib.overrideDerivation super.inkscape (old: {
|
inkscape = super.pkgs.stdenv.lib.overrideDerivation super.inkscape (old: {
|
||||||
patches = [ ./custom/inkscape/dxf_fix.patch ];
|
patches = [ ./custom/inkscape/dxf_fix.patch ];
|
||||||
});
|
});
|
||||||
pwqgen-ger = callPackage <stockholm/krebs/5pkgs/simple/passwdqc-utils> {
|
|
||||||
wordset-file = super.pkgs.fetchurl {
|
|
||||||
urls = [
|
|
||||||
https://gist.githubusercontent.com/makefu/b56f5554c9ef03fe6e09878962e6fd8d/raw/1f147efec51325bc9f80c823bad8381d5b7252f6/wordset_4k.c
|
|
||||||
https://archive.org/download/nixos-stockholm-tarballs/pviar5j1gxiqcf3l34b4n2pil06xc8zf-wordset_4k.c
|
|
||||||
];
|
|
||||||
sha256 = "18ddzyh11bywrhzdkzvrl7nvgp5gdb4k1s0zxbz2bkhd14vi72bb";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// (mapAttrs (_: flip callPackage {})
|
// (mapAttrs (_: flip callPackage {})
|
||||||
|
|
32
makefu/5pkgs/esniper/default.nix
Normal file
32
makefu/5pkgs/esniper/default.nix
Normal file
|
@ -0,0 +1,32 @@
|
||||||
|
{ stdenv, fetchurl , openssl, curl, coreutils, gawk, bash, which }:
|
||||||
|
|
||||||
|
stdenv.mkDerivation rec {
|
||||||
|
name = "${pname}-2-35-0";
|
||||||
|
pname = "esniper";
|
||||||
|
version = "2.35.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "mirror://sourceforge/${pname}/${name}.tgz";
|
||||||
|
sha256 = "04iwjb42lw90c03125bjdpnm0fp78dmwf2j35r7mah0nwcrlagd9";
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
buildInputs = [ openssl curl ];
|
||||||
|
|
||||||
|
# Add support for CURL_CA_BUNDLE variable.
|
||||||
|
# Fix <http://sourceforge.net/p/esniper/bugs/648/>.
|
||||||
|
patches = [ ./find-ca-bundle.patch ];
|
||||||
|
|
||||||
|
postInstall = ''
|
||||||
|
sed <"frontends/snipe" >"$out/bin/snipe" \
|
||||||
|
-e "2i export PATH=\"$out/bin:${stdenv.lib.makeBinPath [ coreutils gawk bash which ]}:\$PATH\""
|
||||||
|
chmod 555 "$out/bin/snipe"
|
||||||
|
'';
|
||||||
|
|
||||||
|
meta = with stdenv.lib; {
|
||||||
|
description = "Simple, lightweight tool for sniping eBay auctions";
|
||||||
|
homepage = http://esniper.sourceforge.net;
|
||||||
|
license = licenses.gpl2;
|
||||||
|
maintainers = with maintainers; [ lovek323 peti ];
|
||||||
|
platforms = platforms.all;
|
||||||
|
};
|
||||||
|
}
|
26
makefu/5pkgs/esniper/find-ca-bundle.patch
Normal file
26
makefu/5pkgs/esniper/find-ca-bundle.patch
Normal file
|
@ -0,0 +1,26 @@
|
||||||
|
diff -ubr '--exclude=*.o' esniper-2-27-0-orig/http.c esniper-2-27-0-patched/http.c
|
||||||
|
--- esniper-2-27-0-orig/http.c 2012-02-06 22:04:06.000000000 +0100
|
||||||
|
+++ esniper-2-27-0-patched/http.c 2012-07-27 10:54:20.893054646 +0200
|
||||||
|
@@ -200,6 +200,9 @@
|
||||||
|
int
|
||||||
|
initCurlStuff(void)
|
||||||
|
{
|
||||||
|
+ /* Path to OpenSSL bundle file. */
|
||||||
|
+ const char *ssl_capath=NULL;
|
||||||
|
+
|
||||||
|
/* list for custom headers */
|
||||||
|
struct curl_slist *slist=NULL;
|
||||||
|
|
||||||
|
@@ -241,6 +244,12 @@
|
||||||
|
if ((curlrc = curl_easy_setopt(easyhandle, CURLOPT_COOKIEFILE, "")))
|
||||||
|
return initCurlStuffFailed();
|
||||||
|
|
||||||
|
+ /* If the environment variable CURL_CA_BUNDLE is set, pass through its
|
||||||
|
+ * contents to curl. */
|
||||||
|
+ if ((ssl_capath = getenv("CURL_CA_BUNDLE")))
|
||||||
|
+ if ((curlrc = curl_easy_setopt(easyhandle, CURLOPT_CAINFO, ssl_capath)))
|
||||||
|
+ return initCurlStuffFailed();
|
||||||
|
+
|
||||||
|
slist = curl_slist_append(slist, "Accept: text/*");
|
||||||
|
slist = curl_slist_append(slist, "Accept-Language: en");
|
||||||
|
slist = curl_slist_append(slist, "Accept-Charset: iso-8859-1,*,utf-8");
|
|
@ -18,6 +18,7 @@
|
||||||
unstable = false; #unstable channel checked out
|
unstable = false; #unstable channel checked out
|
||||||
mic92 = false;
|
mic92 = false;
|
||||||
nms = false;
|
nms = false;
|
||||||
|
arm6 = false;
|
||||||
clever_kexec = false;
|
clever_kexec = false;
|
||||||
} // import (./. + "/1systems/${name}/source.nix");
|
} // import (./. + "/1systems/${name}/source.nix");
|
||||||
source = { test }: lib.evalSource [
|
source = { test }: lib.evalSource [
|
||||||
|
@ -29,6 +30,9 @@
|
||||||
nixpkgs = if test || host-src.full then {
|
nixpkgs = if test || host-src.full then {
|
||||||
git.ref = nixpkgs-src.rev;
|
git.ref = nixpkgs-src.rev;
|
||||||
git.url = nixpkgs-src.url;
|
git.url = nixpkgs-src.url;
|
||||||
|
} else if host-src.arm6 then {
|
||||||
|
# TODO: we want to track the unstable channel
|
||||||
|
symlink = "/nix/var/nix/profiles/per-user/root/channels/nixos/";
|
||||||
} else {
|
} else {
|
||||||
file = "/home/makefu/store/${nixpkgs-src.rev}";
|
file = "/home/makefu/store/${nixpkgs-src.rev}";
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,122 +0,0 @@
|
||||||
with import <stockholm/lib>;
|
|
||||||
host@{ name,
|
|
||||||
override ? {}
|
|
||||||
, secure ? false
|
|
||||||
, full ? false
|
|
||||||
, torrent ? false
|
|
||||||
, hw ? false
|
|
||||||
, musnix ? false
|
|
||||||
, python ? false
|
|
||||||
, unstable ? false #unstable channel checked out
|
|
||||||
, mic92 ? false
|
|
||||||
, nms ? false
|
|
||||||
, clever_kexec ?false
|
|
||||||
}:
|
|
||||||
let
|
|
||||||
builder = if getEnv "dummy_secrets" == "true"
|
|
||||||
then "buildbot"
|
|
||||||
else "makefu";
|
|
||||||
_file = <stockholm> + "/makefu/1systems/${name}/source.nix";
|
|
||||||
pkgs = import <nixpkgs> {
|
|
||||||
overlays = map import [
|
|
||||||
<stockholm/krebs/5pkgs>
|
|
||||||
<stockholm/submodules/nix-writers/pkgs>
|
|
||||||
];
|
|
||||||
};
|
|
||||||
# TODO: automate updating of this ref + cherry-picks
|
|
||||||
ref = "8f991294288"; # nixos-18.03 @ 2018-08-06
|
|
||||||
# + do_sqlite3 ruby: 55a952be5b5
|
|
||||||
# + exfat-nofuse bump: ee6a5296a35
|
|
||||||
# + uhub/sqlite: 5dd7610401747
|
|
||||||
|
|
||||||
in
|
|
||||||
evalSource (toString _file) [
|
|
||||||
{
|
|
||||||
nixos-config.symlink = "stockholm/makefu/1systems/${name}/config.nix";
|
|
||||||
# always perform a full populate when buildbot
|
|
||||||
nixpkgs = if full || (builder == "buildbot" ) then {
|
|
||||||
git = {
|
|
||||||
url = https://github.com/makefu/nixpkgs;
|
|
||||||
inherit ref;
|
|
||||||
};
|
|
||||||
} else {
|
|
||||||
# right now it is simply extracted revision folder
|
|
||||||
|
|
||||||
## prepare so we do not have to wait for rsync:
|
|
||||||
## cd /var/src; curl https://github.com/nixos/nixpkgs/tarball/125ffff -L | tar zx && mv NixOS-nixpkgs-125ffff nixpkgs
|
|
||||||
file = "/home/makefu/store/${ref}";
|
|
||||||
};
|
|
||||||
|
|
||||||
secrets = getAttr builder {
|
|
||||||
buildbot.file = toString <stockholm/makefu/0tests/data/secrets>;
|
|
||||||
makefu.pass = {
|
|
||||||
inherit name;
|
|
||||||
dir = "${getEnv "HOME"}/.secrets-pass";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
|
|
||||||
stockholm.file = toString <stockholm>;
|
|
||||||
stockholm-version.pipe = "${pkgs.coreutils}/bin/echo derp";
|
|
||||||
}
|
|
||||||
(mkIf ( musnix ) {
|
|
||||||
musnix.git = {
|
|
||||||
url = https://github.com/musnix/musnix.git;
|
|
||||||
ref = "master"; # follow the musnix channel, lets see how this works out
|
|
||||||
};
|
|
||||||
})
|
|
||||||
|
|
||||||
(mkIf ( hw ) {
|
|
||||||
nixos-hardware.git = {
|
|
||||||
url = https://github.com/nixos/nixos-hardware.git;
|
|
||||||
ref = "30fdd53";
|
|
||||||
};
|
|
||||||
})
|
|
||||||
|
|
||||||
(mkIf ( python ) {
|
|
||||||
python.git = {
|
|
||||||
url = https://github.com/garbas/nixpkgs-python;
|
|
||||||
ref = "cac319b7";
|
|
||||||
};
|
|
||||||
})
|
|
||||||
|
|
||||||
(mkIf ( torrent ) {
|
|
||||||
torrent-secrets = getAttr builder {
|
|
||||||
buildbot.file = toString <stockholm/makefu/0tests/data/secrets>;
|
|
||||||
makefu.pass = {
|
|
||||||
name = "torrent";
|
|
||||||
dir = "${getEnv "HOME"}/.secrets-pass";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
})
|
|
||||||
|
|
||||||
(mkIf ( unstable ) {
|
|
||||||
nixpkgs-unstable.git = {
|
|
||||||
url = https://github.com/nixos/nixpkgs-channels;
|
|
||||||
ref = "nixos-unstable";
|
|
||||||
};
|
|
||||||
})
|
|
||||||
|
|
||||||
(mkIf ( mic92 ) {
|
|
||||||
mic92.git = {
|
|
||||||
url = https://github.com/Mic92/dotfiles/;
|
|
||||||
ref = "48a1f49";
|
|
||||||
};
|
|
||||||
})
|
|
||||||
|
|
||||||
(mkIf ( nms ) {
|
|
||||||
nms.git = {
|
|
||||||
url = https://github.com/r-raymond/nixos-mailserver;
|
|
||||||
ref = "v2.1.2";
|
|
||||||
};
|
|
||||||
})
|
|
||||||
|
|
||||||
(mkIf ( clever_kexec ) {
|
|
||||||
clever_kexec.git = {
|
|
||||||
url = https://github.com/cleverca22/nix-tests;
|
|
||||||
ref = "5a670de7f2decfaafc95c34ffeb0f1896662f3d7";
|
|
||||||
};
|
|
||||||
})
|
|
||||||
|
|
||||||
override
|
|
||||||
]
|
|
Loading…
Reference in a new issue