From d0fc18d22885cc1e2a92714f363993c063909db2 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Mon, 8 Mar 2021 21:52:41 +0100
Subject: [PATCH 01/38] k 3 ma: remove dot lan
---
krebs/3modules/makefu/default.nix | 19 -------------------
1 file changed, 19 deletions(-)
diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index c8e1e0386..f9fa037d3 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -108,12 +108,6 @@ in {
ci = false;
cores = 1;
nets = {
- lan = {
- ip4.addr = "192.168.1.12";
- aliases = [
- "filepimp.lan"
- ];
- };
retiolum.ip4.addr = "10.243.153.102";
};
};
@@ -123,12 +117,6 @@ in {
cores = 2;
nets = {
- lan = {
- ip4.addr = "192.168.1.11";
- aliases = [
- "omo.lan"
- ];
- };
retiolum = {
ip4.addr = "10.243.0.89";
aliases = [
@@ -143,13 +131,6 @@ in {
ci = true;
cores = 4;
nets = {
- lan = {
- ip4.addr = "192.168.8.11";
- aliases = [
- "wbob.lan"
- "log.wbob.lan"
- ];
- };
retiolum = {
ip4.addr = "10.243.214.15";
aliases = [
From 914163cec3b89e2abcbc58e535e648ac9788b305 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Mon, 8 Mar 2021 23:41:47 +0100
Subject: [PATCH 02/38] ma ham: proxy pass via nginx
---
makefu/2configs/ham/default.nix | 79 ++++++++++++++++++++++++---------
makefu/2configs/ham/nginx.nix | 10 +++++
2 files changed, 69 insertions(+), 20 deletions(-)
create mode 100644 makefu/2configs/ham/nginx.nix
diff --git a/makefu/2configs/ham/default.nix b/makefu/2configs/ham/default.nix
index d610fa5c1..8ed5f8f3c 100644
--- a/makefu/2configs/ham/default.nix
+++ b/makefu/2configs/ham/default.nix
@@ -7,10 +7,20 @@ let
prefix = (import ./lib).prefix;
firetv_stick = "192.168.1.24";
hassdir = "/var/lib/hass";
+ unstable = import (pkgs.fetchFromGitHub {
+ owner = "nixos";
+ repo = "nixpkgs";
+ rev = (lib.importJSON ../../../krebs/nixpkgs-unstable.json).rev;
+ sha256 = (lib.importJSON ../../../krebs/nixpkgs-unstable.json).sha256;
+ }) {};
+
+
in {
imports = [
+ ./nginx.nix
./mqtt.nix
- ./zigbee2mqtt/default.nix
+ ./zigbee2mqtt
+ ./signal-rest
# hass config
./zigbee2mqtt/hass.nix
@@ -25,11 +35,13 @@ in {
./calendar/nextcloud.nix
+ ./automation/fenster_auf.nix
./automation/firetv_restart.nix
./automation/light_buttons.nix
./automation/wohnzimmer_rf_fernbedienung.nix
./automation/giesskanne.nix
- ./automation/urlaub.nix
+ #./automation/urlaub.nix
+ ./automation/moodlight.nix
./light/arbeitszimmer.nix
./light/schlafzimmer.nix
@@ -37,6 +49,15 @@ in {
];
services.home-assistant = {
+ package = (unstable.home-assistant.overrideAttrs (old: {
+ doInstallCheck = false;
+ })).override {
+ extraPackages = p: [
+ (p.callPackage ./deps/dwdwfsapi.nix {})
+ (p.callPackage ./deps/pykodi.nix {})
+ p.APScheduler ];
+ };
+
config = {
influxdb = {
database = "ham";
@@ -53,6 +74,13 @@ in {
latitude = "48.7687";
longitude = "9.2478";
elevation = 247;
+ auth_providers = [
+ { type = "trusted_networks";
+ trusted_networks = [ "192.168.1.0/24" ];
+ allow_bypass_login = true;
+ }
+ { type = "homeassistant"; }
+ ];
};
discovery = {};
conversation = {};
@@ -72,33 +100,39 @@ in {
api = {};
esphome = {};
camera = [];
- telegram_bot = [
- # secrets file: {
- # "platform": "broadcast",
- # "api_key": "", # talk to Botfather /newbot
- # "allowed_chat_ids": [ ID ] # curl -X GET # https://api.telegram.org/bot<YOUR_API_TOKEN>/getUpdates
- # }
- (builtins.fromJSON
- (builtins.readFile <secrets/hass/telegram-bot.json>))
- ];
+ #telegram_bot = [
+ # # secrets file: {
+ # # "platform": "broadcast",
+ # # "api_key": "", # talk to Botfather /newbot
+ # # "allowed_chat_ids": [ ID ] # curl -X GET # https://api.telegram.org/bot<YOUR_API_TOKEN>/getUpdates
+ # # }
+ # (builtins.fromJSON
+ # (builtins.readFile <secrets/hass/telegram-bot.json>))
+ #];
notify = [
{
platform = "kodi";
- name = "wohnzimmer";
+ name = "Kodi Wohnzimmer";
host = firetv_stick;
}
{
- platform = "telegram";
- name = "telegrambot";
- chat_id = builtins.elemAt
- (builtins.fromJSON (builtins.readFile
- <secrets/hass/telegram-bot.json>)).allowed_chat_ids 0;
- }
+ platform = "nfandroidtv";
+ name = "FireTV Wohnzimmer";
+ host = firetv_stick;
+ }
+ #{
+ # platform = "telegram";
+ # name = "telegrambot";
+ # chat_id = builtins.elemAt
+ # (builtins.fromJSON (builtins.readFile
+ # <secrets/hass/telegram-bot.json>)).allowed_chat_ids 0;
+ #}
];
sun.elevation = 247;
recorder = {};
media_player = [
- { platform = "FireTV Stick kodi";
+ { platform = "kodi";
+ name = "FireTV Stick kodi";
host = firetv_stick;
}
{ platform = "androidtv";
@@ -146,7 +180,12 @@ in {
# https://www.home-assistant.io/cookbook/automation_for_rainy_days/
];
frontend = { };
- http = { };
+ http = {
+ use_x_forwarded_for = true;
+ server_host = "127.0.0.1";
+ trusted_proxies = [ "127.0.0.1" ];
+ #trusted_proxies = [ "192.168.1.0/24" ];
+ };
switch = [];
automation = [];
script = { };
diff --git a/makefu/2configs/ham/nginx.nix b/makefu/2configs/ham/nginx.nix
new file mode 100644
index 000000000..2048ff215
--- /dev/null
+++ b/makefu/2configs/ham/nginx.nix
@@ -0,0 +1,10 @@
+let
+ internal-ip = "192.168.1.11";
+in {
+ services.nginx.recommendedProxySettings = true;
+ services.nginx.virtualHosts."hass" = {
+ serverAliases = [ "hass.lan" "ha" "ha.lan" ];
+ locations."/".proxyPass = "http://localhost:8123";
+ locations."/".proxyWebsockets = true;
+ };
+}
From ce2aadff1c8d1d44a51c3be27570c64e14fd13c1 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 9 Mar 2021 22:14:51 +0100
Subject: [PATCH 03/38] ma ham -> ma home/ham
---
makefu/2configs/{ => home}/ham/automation/firetv_restart.nix | 0
makefu/2configs/{ => home}/ham/automation/giesskanne.nix | 0
makefu/2configs/{ => home}/ham/automation/light_buttons.nix | 0
makefu/2configs/{ => home}/ham/automation/moodlight.nix | 0
makefu/2configs/{ => home}/ham/automation/urlaub.nix | 0
.../{ => home}/ham/automation/wohnzimmer_rf_fernbedienung.nix | 0
makefu/2configs/{ => home}/ham/calendar/nextcloud.nix | 0
makefu/2configs/{ => home}/ham/default.nix | 0
makefu/2configs/{ => home}/ham/deps/dwdwfsapi.nix | 0
makefu/2configs/{ => home}/ham/deps/pykodi.nix | 0
makefu/2configs/{ => home}/ham/device_tracker/openwrt.nix | 0
makefu/2configs/{ => home}/ham/lib/default.nix | 0
makefu/2configs/{ => home}/ham/light/arbeitszimmer.nix | 0
makefu/2configs/{ => home}/ham/light/schlafzimmer.nix | 0
makefu/2configs/{ => home}/ham/light/wohnzimmer.nix | 0
makefu/2configs/{ => home}/ham/mqtt.nix | 0
makefu/2configs/{ => home}/ham/multi/fliegen-couter.nix | 0
makefu/2configs/{ => home}/ham/multi/flurlicht.nix | 0
makefu/2configs/{ => home}/ham/multi/kurzzeitwecker.nix | 0
makefu/2configs/{ => home}/ham/multi/the_playlist.nix | 0
makefu/2configs/{ => home}/ham/nginx.nix | 0
makefu/2configs/{ => home}/ham/sensor/outside.nix | 0
makefu/2configs/{ => home}/ham/zigbee2mqtt/default.nix | 0
makefu/2configs/{ => home}/ham/zigbee2mqtt/hass.nix | 0
makefu/2configs/{ => home}/ham/zigbee2mqtt/osram.nix | 0
25 files changed, 0 insertions(+), 0 deletions(-)
rename makefu/2configs/{ => home}/ham/automation/firetv_restart.nix (100%)
rename makefu/2configs/{ => home}/ham/automation/giesskanne.nix (100%)
rename makefu/2configs/{ => home}/ham/automation/light_buttons.nix (100%)
rename makefu/2configs/{ => home}/ham/automation/moodlight.nix (100%)
rename makefu/2configs/{ => home}/ham/automation/urlaub.nix (100%)
rename makefu/2configs/{ => home}/ham/automation/wohnzimmer_rf_fernbedienung.nix (100%)
rename makefu/2configs/{ => home}/ham/calendar/nextcloud.nix (100%)
rename makefu/2configs/{ => home}/ham/default.nix (100%)
rename makefu/2configs/{ => home}/ham/deps/dwdwfsapi.nix (100%)
rename makefu/2configs/{ => home}/ham/deps/pykodi.nix (100%)
rename makefu/2configs/{ => home}/ham/device_tracker/openwrt.nix (100%)
rename makefu/2configs/{ => home}/ham/lib/default.nix (100%)
rename makefu/2configs/{ => home}/ham/light/arbeitszimmer.nix (100%)
rename makefu/2configs/{ => home}/ham/light/schlafzimmer.nix (100%)
rename makefu/2configs/{ => home}/ham/light/wohnzimmer.nix (100%)
rename makefu/2configs/{ => home}/ham/mqtt.nix (100%)
rename makefu/2configs/{ => home}/ham/multi/fliegen-couter.nix (100%)
rename makefu/2configs/{ => home}/ham/multi/flurlicht.nix (100%)
rename makefu/2configs/{ => home}/ham/multi/kurzzeitwecker.nix (100%)
rename makefu/2configs/{ => home}/ham/multi/the_playlist.nix (100%)
rename makefu/2configs/{ => home}/ham/nginx.nix (100%)
rename makefu/2configs/{ => home}/ham/sensor/outside.nix (100%)
rename makefu/2configs/{ => home}/ham/zigbee2mqtt/default.nix (100%)
rename makefu/2configs/{ => home}/ham/zigbee2mqtt/hass.nix (100%)
rename makefu/2configs/{ => home}/ham/zigbee2mqtt/osram.nix (100%)
diff --git a/makefu/2configs/ham/automation/firetv_restart.nix b/makefu/2configs/home/ham/automation/firetv_restart.nix
similarity index 100%
rename from makefu/2configs/ham/automation/firetv_restart.nix
rename to makefu/2configs/home/ham/automation/firetv_restart.nix
diff --git a/makefu/2configs/ham/automation/giesskanne.nix b/makefu/2configs/home/ham/automation/giesskanne.nix
similarity index 100%
rename from makefu/2configs/ham/automation/giesskanne.nix
rename to makefu/2configs/home/ham/automation/giesskanne.nix
diff --git a/makefu/2configs/ham/automation/light_buttons.nix b/makefu/2configs/home/ham/automation/light_buttons.nix
similarity index 100%
rename from makefu/2configs/ham/automation/light_buttons.nix
rename to makefu/2configs/home/ham/automation/light_buttons.nix
diff --git a/makefu/2configs/ham/automation/moodlight.nix b/makefu/2configs/home/ham/automation/moodlight.nix
similarity index 100%
rename from makefu/2configs/ham/automation/moodlight.nix
rename to makefu/2configs/home/ham/automation/moodlight.nix
diff --git a/makefu/2configs/ham/automation/urlaub.nix b/makefu/2configs/home/ham/automation/urlaub.nix
similarity index 100%
rename from makefu/2configs/ham/automation/urlaub.nix
rename to makefu/2configs/home/ham/automation/urlaub.nix
diff --git a/makefu/2configs/ham/automation/wohnzimmer_rf_fernbedienung.nix b/makefu/2configs/home/ham/automation/wohnzimmer_rf_fernbedienung.nix
similarity index 100%
rename from makefu/2configs/ham/automation/wohnzimmer_rf_fernbedienung.nix
rename to makefu/2configs/home/ham/automation/wohnzimmer_rf_fernbedienung.nix
diff --git a/makefu/2configs/ham/calendar/nextcloud.nix b/makefu/2configs/home/ham/calendar/nextcloud.nix
similarity index 100%
rename from makefu/2configs/ham/calendar/nextcloud.nix
rename to makefu/2configs/home/ham/calendar/nextcloud.nix
diff --git a/makefu/2configs/ham/default.nix b/makefu/2configs/home/ham/default.nix
similarity index 100%
rename from makefu/2configs/ham/default.nix
rename to makefu/2configs/home/ham/default.nix
diff --git a/makefu/2configs/ham/deps/dwdwfsapi.nix b/makefu/2configs/home/ham/deps/dwdwfsapi.nix
similarity index 100%
rename from makefu/2configs/ham/deps/dwdwfsapi.nix
rename to makefu/2configs/home/ham/deps/dwdwfsapi.nix
diff --git a/makefu/2configs/ham/deps/pykodi.nix b/makefu/2configs/home/ham/deps/pykodi.nix
similarity index 100%
rename from makefu/2configs/ham/deps/pykodi.nix
rename to makefu/2configs/home/ham/deps/pykodi.nix
diff --git a/makefu/2configs/ham/device_tracker/openwrt.nix b/makefu/2configs/home/ham/device_tracker/openwrt.nix
similarity index 100%
rename from makefu/2configs/ham/device_tracker/openwrt.nix
rename to makefu/2configs/home/ham/device_tracker/openwrt.nix
diff --git a/makefu/2configs/ham/lib/default.nix b/makefu/2configs/home/ham/lib/default.nix
similarity index 100%
rename from makefu/2configs/ham/lib/default.nix
rename to makefu/2configs/home/ham/lib/default.nix
diff --git a/makefu/2configs/ham/light/arbeitszimmer.nix b/makefu/2configs/home/ham/light/arbeitszimmer.nix
similarity index 100%
rename from makefu/2configs/ham/light/arbeitszimmer.nix
rename to makefu/2configs/home/ham/light/arbeitszimmer.nix
diff --git a/makefu/2configs/ham/light/schlafzimmer.nix b/makefu/2configs/home/ham/light/schlafzimmer.nix
similarity index 100%
rename from makefu/2configs/ham/light/schlafzimmer.nix
rename to makefu/2configs/home/ham/light/schlafzimmer.nix
diff --git a/makefu/2configs/ham/light/wohnzimmer.nix b/makefu/2configs/home/ham/light/wohnzimmer.nix
similarity index 100%
rename from makefu/2configs/ham/light/wohnzimmer.nix
rename to makefu/2configs/home/ham/light/wohnzimmer.nix
diff --git a/makefu/2configs/ham/mqtt.nix b/makefu/2configs/home/ham/mqtt.nix
similarity index 100%
rename from makefu/2configs/ham/mqtt.nix
rename to makefu/2configs/home/ham/mqtt.nix
diff --git a/makefu/2configs/ham/multi/fliegen-couter.nix b/makefu/2configs/home/ham/multi/fliegen-couter.nix
similarity index 100%
rename from makefu/2configs/ham/multi/fliegen-couter.nix
rename to makefu/2configs/home/ham/multi/fliegen-couter.nix
diff --git a/makefu/2configs/ham/multi/flurlicht.nix b/makefu/2configs/home/ham/multi/flurlicht.nix
similarity index 100%
rename from makefu/2configs/ham/multi/flurlicht.nix
rename to makefu/2configs/home/ham/multi/flurlicht.nix
diff --git a/makefu/2configs/ham/multi/kurzzeitwecker.nix b/makefu/2configs/home/ham/multi/kurzzeitwecker.nix
similarity index 100%
rename from makefu/2configs/ham/multi/kurzzeitwecker.nix
rename to makefu/2configs/home/ham/multi/kurzzeitwecker.nix
diff --git a/makefu/2configs/ham/multi/the_playlist.nix b/makefu/2configs/home/ham/multi/the_playlist.nix
similarity index 100%
rename from makefu/2configs/ham/multi/the_playlist.nix
rename to makefu/2configs/home/ham/multi/the_playlist.nix
diff --git a/makefu/2configs/ham/nginx.nix b/makefu/2configs/home/ham/nginx.nix
similarity index 100%
rename from makefu/2configs/ham/nginx.nix
rename to makefu/2configs/home/ham/nginx.nix
diff --git a/makefu/2configs/ham/sensor/outside.nix b/makefu/2configs/home/ham/sensor/outside.nix
similarity index 100%
rename from makefu/2configs/ham/sensor/outside.nix
rename to makefu/2configs/home/ham/sensor/outside.nix
diff --git a/makefu/2configs/ham/zigbee2mqtt/default.nix b/makefu/2configs/home/ham/zigbee2mqtt/default.nix
similarity index 100%
rename from makefu/2configs/ham/zigbee2mqtt/default.nix
rename to makefu/2configs/home/ham/zigbee2mqtt/default.nix
diff --git a/makefu/2configs/ham/zigbee2mqtt/hass.nix b/makefu/2configs/home/ham/zigbee2mqtt/hass.nix
similarity index 100%
rename from makefu/2configs/ham/zigbee2mqtt/hass.nix
rename to makefu/2configs/home/ham/zigbee2mqtt/hass.nix
diff --git a/makefu/2configs/ham/zigbee2mqtt/osram.nix b/makefu/2configs/home/ham/zigbee2mqtt/osram.nix
similarity index 100%
rename from makefu/2configs/ham/zigbee2mqtt/osram.nix
rename to makefu/2configs/home/ham/zigbee2mqtt/osram.nix
From 833e7455b3d7f0e90553d229e0cac0b391474745 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 9 Mar 2021 22:15:34 +0100
Subject: [PATCH 04/38] ma home: init photoprism
---
makefu/0tests/data/secrets/photoprism.nix | 4 +
makefu/2configs/home/photoprism.nix | 146 ++++++++++++++++++++++
2 files changed, 150 insertions(+)
create mode 100644 makefu/0tests/data/secrets/photoprism.nix
create mode 100644 makefu/2configs/home/photoprism.nix
diff --git a/makefu/0tests/data/secrets/photoprism.nix b/makefu/0tests/data/secrets/photoprism.nix
new file mode 100644
index 000000000..17811ec5f
--- /dev/null
+++ b/makefu/0tests/data/secrets/photoprism.nix
@@ -0,0 +1,4 @@
+{
+ db.username = "photoprism";
+ db.password = "photoprism";
+}
diff --git a/makefu/2configs/home/photoprism.nix b/makefu/2configs/home/photoprism.nix
new file mode 100644
index 000000000..aaccd7350
--- /dev/null
+++ b/makefu/2configs/home/photoprism.nix
@@ -0,0 +1,146 @@
+{ pkgs, lib, ...}:
+# Start | docker-compose up -d
+# Stop | docker-compose stop
+# Update | docker-compose pull
+# Logs | docker-compose logs --tail=25 -f
+# Terminal | docker-compose exec photoprism bash
+# Help | docker-compose exec photoprism photoprism help
+# Config | docker-compose exec photoprism photoprism config
+# Reset | docker-compose exec photoprism photoprism reset
+# Backup | docker-compose exec photoprism photoprism backup -a -i
+# Restore | docker-compose exec photoprism photoprism restore -a -i
+# Index | docker-compose exec photoprism photoprism index
+# Reindex | docker-compose exec photoprism photoprism index -a
+# Import | docker-compose exec photoprism photoprism import
+# -------------------------------------------------------------------
+let
+ port = "2347";
+ photodir = "/media/cryptX/photos";
+ statedir = "/var/lib/photoprism/appsrv";
+ db-dir = "/var/lib/photoprism/mysql";
+ internal-ip = "192.168.1.11";
+ sec = import <secrets/photoprism.nix>;
+in
+{
+ virtualisation.oci-containers.backend = "docker";
+
+ services.nginx.virtualHosts."photos" = {
+ serverAliases = [
+ "photos.lan"
+ "foto" "foto.lan"
+ "fotos" "fotos.lan"
+ ];
+
+ locations."/".proxyPass = "http://localhost:${port}";
+ locations."/".proxyWebsockets = true;
+ extraConfig = ''
+ if ( $server_addr != "${internal-ip}" ) {
+ return 403;
+ }
+ '';
+ };
+
+ systemd.services.workadventure-network = {
+ enable = true;
+ wantedBy = [ "multi-user.target" ];
+ script = ''
+ ${pkgs.docker}/bin/docker network create --driver bridge photoprism ||:
+ '';
+ after = [ "docker" ];
+ before = [
+ "docker-photoprism.service"
+ "docker-mysql-photoprism.service"
+ ];
+ };
+
+
+ virtualisation.oci-containers.containers.photoprism = {
+ image = "photoprism/photoprism:preview";
+ ports = ["${port}:${port}" ];
+ volumes = [
+ "${photodir}:/photoprism/originals"
+ "${statedir}:/photoprism/storage"
+ ];
+ extraOptions = [
+ "--security-opt" "seccomp=unconfined"
+ "--security-opt" "apparmor=unconfined"
+ "--network=photoprism"
+ ];
+ environment = {
+ PHOTOPRISM_HTTP_PORT = port; # Built-in Web server port
+ PHOTOPRISM_HTTP_COMPRESSION = "gzip"; # Improves transfer speed and bandwidth utilization (none or gzip)
+ PHOTOPRISM_DEBUG = "false"; # Run in debug mode (shows additional log messages)
+ PHOTOPRISM_PUBLIC = "true"; # No authentication required (disables password protection)
+ PHOTOPRISM_READONLY = "false"; # Don't modify originals directory (reduced functionality)
+ PHOTOPRISM_EXPERIMENTAL = "true"; # Enables experimental features
+ PHOTOPRISM_DISABLE_WEBDAV = "false"; # Disables built-in WebDAV server
+ PHOTOPRISM_DISABLE_SETTINGS = "false"; # Disables Settings in Web UI
+ PHOTOPRISM_DISABLE_TENSORFLOW = "false"; # Disables using TensorFlow for image classification
+ PHOTOPRISM_DARKTABLE_PRESETS = "false"; # Enables Darktable presets and disables concurrent RAW conversion
+ PHOTOPRISM_DETECT_NSFW = "false"; # Flag photos as private that MAY be offensive (requires TensorFlow)
+ PHOTOPRISM_UPLOAD_NSFW = "true"; # Allow uploads that MAY be offensive
+
+ #PHOTOPRISM_DATABASE_DRIVER = "postgres";
+ #PHOTOPRISM_DATABASE_SERVER = "postgres-prism:5432";
+ #PHOTOPRISM_DATABASE_NAME = "photoprism";
+ #PHOTOPRISM_DATABASE_USER = "photoprism";
+ #PHOTOPRISM_DATABASE_PASSWORD = "photoprism";
+
+ PHOTOPRISM_DATABASE_DRIVER= "mysql"; # Use MariaDB (or MySQL) instead of SQLite for improved performance
+ PHOTOPRISM_DATABASE_SERVER= "mysql-photoprism:3306" ; # MariaDB database server (hostname:port)
+ PHOTOPRISM_DATABASE_NAME= "photoprism"; # MariaDB database schema name
+ PHOTOPRISM_DATABASE_USER= sec.db.username; # MariaDB database user name
+ PHOTOPRISM_DATABASE_PASSWORD= sec.db.password; # MariaDB database user password
+
+ PHOTOPRISM_SITE_URL = "http://localhost:2342/"; # Public PhotoPrism URL
+ PHOTOPRISM_SITE_TITLE = "PhotoPrism";
+ PHOTOPRISM_SITE_CAPTION = "FeMi Fotos";
+ PHOTOPRISM_SITE_DESCRIPTION = "Unsere Fotos";
+ PHOTOPRISM_SITE_AUTHOR = "FeMi";
+
+ };
+ };
+
+ virtualisation.oci-containers.containers.mysql-photoprism = {
+ image = "mariadb:10.5";
+ extraOptions = [
+ "--security-opt" "seccomp=unconfined"
+ "--security-opt" "apparmor=unconfined"
+ "--network=photoprism"
+ ];
+ ports = [ "3306:3306" ]; # no need to expose the database
+ #cmd = [ "mysqld"
+ # "--transaction-isolation=READ-COMMITTED"
+ # "--character-set-server=utf8mb4"
+ # "--collation-server=utf8mb4_unicode_ci"
+ # "--max-connections=512"
+ # "--innodb-rollback-on-timeout=OFF"
+ # "--innodb-lock-wait-timeout=50"
+ #];
+ volumes= [ "${db-dir}:/var/lib/mysql" ];
+ environment = {
+ MYSQL_ROOT_PASSWORD = "dickidibutt";
+ MYSQL_DATABASE= "photoprism";
+ MYSQL_USER = sec.db.username;
+ MYSQL_PASSWORD = sec.db.password;
+ };
+ };
+ #virtualisation.oci-containers.containers.postgres-prism = {
+ # image = "postgres:12-alpine";
+ # ports = [ "5432" ]; # no need to expose the database
+ # environment = {
+ # POSTGRES_DB = "photoprism";
+ # POSTGRES_USER = "photoprism";
+ # POSTGRES_PASSWORD = "photoprism";
+ # };
+ #};
+
+ systemd.services.photoprism.serviceConfig = {
+ StandardOutput = lib.mkForce "journal";
+ StandardError = lib.mkForce "journal";
+ };
+ systemd.services.mysql-photoprism.serviceConfig = {
+ StandardOutput = lib.mkForce "journal";
+ StandardError = lib.mkForce "journal";
+ };
+}
From 52035a5ce4b7d0ff71826e6e63c0a5a410e69e12 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 9 Mar 2021 22:16:13 +0100
Subject: [PATCH 05/38] ma ham/zigbee2mqtt: add secrets
---
makefu/0tests/data/secrets/zigbee2mqtt.nix | 6 +++
.../2configs/home/ham/zigbee2mqtt/default.nix | 49 +++++++++++++++++--
2 files changed, 52 insertions(+), 3 deletions(-)
create mode 100644 makefu/0tests/data/secrets/zigbee2mqtt.nix
diff --git a/makefu/0tests/data/secrets/zigbee2mqtt.nix b/makefu/0tests/data/secrets/zigbee2mqtt.nix
new file mode 100644
index 000000000..c67ff3865
--- /dev/null
+++ b/makefu/0tests/data/secrets/zigbee2mqtt.nix
@@ -0,0 +1,6 @@
+{
+ mqtt.password = "hass";
+ mqtt.username = "hass";
+ zigbee.network_key = [ 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 ];
+}
+
diff --git a/makefu/2configs/home/ham/zigbee2mqtt/default.nix b/makefu/2configs/home/ham/zigbee2mqtt/default.nix
index a75075273..83c3c187c 100644
--- a/makefu/2configs/home/ham/zigbee2mqtt/default.nix
+++ b/makefu/2configs/home/ham/zigbee2mqtt/default.nix
@@ -2,23 +2,66 @@
let
dataDir = "/var/lib/zigbee2mqtt";
+ sec = import <secrets/zigbee2mqtt.nix>;
in
{
# symlink the zigbee controller
+ #services.udev.extraRules = ''
+ # SUBSYSTEM=="tty", ATTRS{idVendor}=="0451", ATTRS{idProduct}=="16a8", SYMLINK+="cc2531", MODE="0660", GROUP="dialout"
+ #'';
services.udev.extraRules = ''
- SUBSYSTEM=="tty", ATTRS{idVendor}=="0451", ATTRS{idProduct}=="16a8", SYMLINK+="cc2531", MODE="0660", GROUP="dialout"
+ SUBSYSTEM=="tty", ATTRS{idVendor}=="10c4", ATTRS{idProduct}=="ea60", SYMLINK+="cc2531", MODE="0660", GROUP="dialout"
'';
services.zigbee2mqtt = {
enable = true;
inherit dataDir;
+ config = {
+ permit_join = true;
+ serial.port = "/dev/cc2531";
+ homeassistant = true;
+ mqtt = {
+ server = "mqtt://omo.lan:1883";
+ base_topic = "/ham/zigbee";
+ user = sec.mqtt.username;
+ password = sec.mqtt.password;
+ include_device_information = true;
+ client_id = "zigbee2mqtt";
+ };
+ advanced = {
+ log_level = "debug";
+ log_output = [ "console" ];
+ last_seen = "ISO_8601";
+ elapsed = true;
+ reporting = true; # TODO test if it is better with groups
+ pan_id = 6755;
+ inherit (sec.zigbee) network_key;
+ };
+ map_options.graphviz.colors = {
+ fill = {
+ enddevice = "#fff8ce" ;
+ coordinator = "#e04e5d";
+ router = "#4ea3e0";
+ };
+ font = {
+ coordinator= "#ffffff";
+ router = "#ffffff";
+ enddevice = "#000000";
+ };
+ line = {
+ active = "#009900";
+ inactive = "#994444";
+ };
+ };
+ };
};
- state = [ "${dataDir}/configuration.yaml" "${dataDir}/state.json" ];
+ state = [ "${dataDir}/devices.yaml" "${dataDir}/state.json" ];
systemd.services.zigbee2mqtt = {
# override automatic configuration.yaml deployment
- serviceConfig.ExecStartPre = lib.mkForce "${pkgs.coreutils}/bin/true";
+ environment.ZIGBEE2MQTT_DATA = dataDir;
+ #serviceConfig.ExecStartPre = lib.mkForce "${pkgs.coreutils}/bin/true";
after = [
"home-assistant.service"
"mosquitto.service"
From 07147023ddf7796562017a62369348a6a1b02fdc Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 9 Mar 2021 22:16:33 +0100
Subject: [PATCH 06/38] ma ham: use <nixpkgs-unstable>
---
makefu/2configs/home/ham/default.nix | 7 +------
1 file changed, 1 insertion(+), 6 deletions(-)
diff --git a/makefu/2configs/home/ham/default.nix b/makefu/2configs/home/ham/default.nix
index 8ed5f8f3c..e164b177f 100644
--- a/makefu/2configs/home/ham/default.nix
+++ b/makefu/2configs/home/ham/default.nix
@@ -7,12 +7,7 @@ let
prefix = (import ./lib).prefix;
firetv_stick = "192.168.1.24";
hassdir = "/var/lib/hass";
- unstable = import (pkgs.fetchFromGitHub {
- owner = "nixos";
- repo = "nixpkgs";
- rev = (lib.importJSON ../../../krebs/nixpkgs-unstable.json).rev;
- sha256 = (lib.importJSON ../../../krebs/nixpkgs-unstable.json).sha256;
- }) {};
+ unstable = import <nixpkgs-unstable> {};
in {
From 64bc6f1f6578de055ebdec5748f9af7c6a7d875c Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 9 Mar 2021 22:17:00 +0100
Subject: [PATCH 07/38] ma ham: add fenster_auf automation
---
.../home/ham/automation/fenster_auf.nix | 33 +++++++++++++++++++
1 file changed, 33 insertions(+)
create mode 100644 makefu/2configs/home/ham/automation/fenster_auf.nix
diff --git a/makefu/2configs/home/ham/automation/fenster_auf.nix b/makefu/2configs/home/ham/automation/fenster_auf.nix
new file mode 100644
index 000000000..ccebd5b00
--- /dev/null
+++ b/makefu/2configs/home/ham/automation/fenster_auf.nix
@@ -0,0 +1,33 @@
+let
+ min = 20;
+ fenster_offen = name: entity:
+ { alias = "${name} seit ${toString min} Minuten offen";
+ trigger = [
+ {
+ platform = "state";
+ entity_id = entity;
+ to = "on";
+ for.minutes = min;
+ }
+ ];
+ action =
+ [
+ {
+ service = "notify.firetv_wohnzimmer";
+ data = {
+ title = "${name} seit ${toString min} Minuten offen";
+ message = "Bitte einmal checken ob das ok ist :)";
+ data = {
+ interrupt = 1;
+ duration = 300;
+ };
+ };
+ }
+ ];
+ };
+in {
+ services.home-assistant.config.automation = [
+ (fenster_offen "Badezimmerfenster" "binary_sensor.badezimmer_fenster_contact")
+ (fenster_offen "Duschfenster" "binary_sensor.dusche_fenster_contact")
+ ];
+}
From cf0cdbc33d6751bd5c8d48ec0433b7db299a292d Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 12 Mar 2021 20:08:43 +0100
Subject: [PATCH 08/38] ma filepimp.r: clean up hardware, add disk
---
makefu/1systems/filepimp/config.nix | 77 +++-----------------------
makefu/1systems/filepimp/hw.nix | 83 +++++++++++++++++++++++++++++
makefu/1systems/filepimp/source.nix | 1 +
3 files changed, 90 insertions(+), 71 deletions(-)
create mode 100644 makefu/1systems/filepimp/hw.nix
diff --git a/makefu/1systems/filepimp/config.nix b/makefu/1systems/filepimp/config.nix
index e023c2885..346de10ba 100644
--- a/makefu/1systems/filepimp/config.nix
+++ b/makefu/1systems/filepimp/config.nix
@@ -1,26 +1,13 @@
{ config, pkgs, lib, ... }:
+# nix-shell -p wol --run 'wol C8:CB:B8:CF:E4:DC --passwd=CA-FE-BA-BE-13-37'
let
- byid = dev: "/dev/disk/by-id/" + dev;
- part1 = disk: disk + "-part1";
- rootDisk = byid "ata-SanDisk_SDSSDP064G_140237402890";
- primary-interface = "enp3s0"; # c8:cb:b8:cf:e4:dc
- # N54L Chassis:
- # ____________________
- # |______FRONT_______|
- # | [ ]|
- # | [ d1 ** d3 d4 ]|
- # |___[_____________]|
- jDisk1 = byid "ata-ST4000DM000-1F2168_Z3040NEA";
-
- # transfer to omo
- # jDisk0 = byid "ata-ST4000DM000-1F2168_Z303HVSG";
- jDisk2 = byid "ata-WDC_WD40EFRX-68WT0N0_WD-WCC4E0621363";
- jDisk3 = byid "ata-TOSHIBA_MD04ACA400_156GK89OFSBA";
- allDisks = [ rootDisk jDisk1 jDisk2 jDisk3 ];
+ itf = config.makefu.server.primary-itf;
in {
imports =
[ # Include the results of the hardware scan.
+ ./hw.nix
<stockholm/makefu>
+ <stockholm/makefu/2configs/home-manager>
<stockholm/makefu/2configs/fs/single-partition-ext4.nix>
<stockholm/makefu/2configs/smart-monitor.nix>
<stockholm/makefu/2configs/tinc/retiolum.nix>
@@ -28,64 +15,12 @@ in {
];
krebs.build.host = config.krebs.hosts.filepimp;
- # AMD N54L
- boot = {
- loader.grub.device = rootDisk;
- initrd.availableKernelModules = [
- "ahci"
- "ohci_pci"
- "ehci_pci"
- "pata_atiixp"
- "usb_storage"
- "usbhid"
- ];
-
- kernelModules = [ "kvm-amd" ];
- extraModulePackages = [ ];
- };
- hardware.enableRedistributableFirmware = true;
- hardware.cpu.amd.updateMicrocode = true;
-
- zramSwap.enable = true;
-
- makefu.snapraid = let
- toMedia = name: "/media/" + name;
- in {
- enable = true;
- # todo combine creation when enabling the mount point
- disks = map toMedia [
- # "j0"
- "j1"
- "j2"
- ];
- parity = toMedia "par0";
- };
- # TODO: refactor, copy-paste from omo
- services.smartd.devices = builtins.map (x: { device = x; }) allDisks;
- powerManagement.powerUpCommands = lib.concatStrings (map (disk: ''
- ${pkgs.hdparm}/sbin/hdparm -S 100 ${disk}
- ${pkgs.hdparm}/sbin/hdparm -B 127 ${disk}
- ${pkgs.hdparm}/sbin/hdparm -y ${disk}
- '') allDisks);
- fileSystems = let
- xfsmount = name: dev:
- { "/media/${name}" = {
- device = dev; fsType = "xfs";
- options = [ "nofail" ];
- }; };
- in
- # (xfsmount "j0" (part1 jDisk0)) //
- (xfsmount "j1" (part1 jDisk1)) //
- (xfsmount "j2" (part1 jDisk2)) //
- (xfsmount "par0" (part1 jDisk3))
- ;
-
- networking.firewall.trustedInterfaces = [ primary-interface ];
+ networking.firewall.trustedInterfaces = [ itf ];
services.wakeonlan.interfaces = [
{
- interface = primary-interface;
+ interface = itf ;
method = "password";
password = "CA:FE:BA:BE:13:37";
}
diff --git a/makefu/1systems/filepimp/hw.nix b/makefu/1systems/filepimp/hw.nix
new file mode 100644
index 000000000..6f02d9b1b
--- /dev/null
+++ b/makefu/1systems/filepimp/hw.nix
@@ -0,0 +1,83 @@
+{ config, pkgs, lib, ... }:
+
+let
+ byid = dev: "/dev/disk/by-id/" + dev;
+ part1 = disk: disk + "-part1";
+ rootDisk = byid "ata-SanDisk_SDSSDP064G_140237402890";
+ primary-interface = "enp3s0"; # c8:cb:b8:cf:e4:dc
+ # N54L Chassis:
+ # ____________________
+ # |______FRONT_______|
+ # | [ ]|
+ # | [ d1 d0 d3 d4 ]|
+ # |___[_____________]|
+ jDisk1 = byid "ata-ST4000DM000-1F2168_Z3040NEA";
+
+ # transfer to omo
+ jDisk0 = byid "ata-ST4000DM000-1F2168_Z303HVSG";
+ jDisk2 = byid "ata-WDC_WD40EFRX-68WT0N0_WD-WCC4E0621363";
+ jDisk3 = byid "ata-TOSHIBA_MD04ACA400_156GK89OFSBA";
+ allDisks = [ rootDisk jDisk0 jDisk1 jDisk2 jDisk3 ];
+in {
+ boot = {
+ loader.grub.device = rootDisk;
+
+ initrd.availableKernelModules = [
+ "ahci"
+ "ohci_pci"
+ "ehci_pci"
+ "pata_atiixp"
+ "usb_storage"
+ "usbhid"
+ ];
+
+ kernelModules = [ "kvm-amd" ];
+ extraModulePackages = [ ];
+ };
+ makefu.server.primary-itf = primary-interface;
+
+ hardware.enableRedistributableFirmware = true;
+ hardware.cpu.amd.updateMicrocode = true;
+
+ zramSwap.enable = true;
+
+ makefu.snapraid = let
+ toMedia = name: "/media/" + name;
+ in {
+ enable = true;
+ # todo combine creation when enabling the mount point
+ disks = map toMedia [
+ "j0"
+ "j1"
+ "j2"
+ ];
+ parity = toMedia "par0";
+ };
+ # TODO: refactor, copy-paste from omo
+ services.smartd.devices = builtins.map (x: { device = x; }) allDisks;
+ powerManagement.powerUpCommands = lib.concatStrings (map (disk: ''
+ ${pkgs.hdparm}/sbin/hdparm -S 100 ${disk}
+ ${pkgs.hdparm}/sbin/hdparm -B 127 ${disk}
+ ${pkgs.hdparm}/sbin/hdparm -y ${disk}
+ '') allDisks);
+ fileSystems = let
+ xfsmount = name: dev:
+ { "/media/${name}" = {
+ device = dev; fsType = "xfs";
+ options = [ "nofail" ];
+ }; };
+ tomedia = id: "/media/${id}";
+ in
+ (xfsmount "j0" (part1 jDisk0)) //
+ (xfsmount "j1" (part1 jDisk1)) //
+ (xfsmount "j2" (part1 jDisk2)) //
+ (xfsmount "par0" (part1 jDisk3)) //
+ { "/media/jX" = {
+ device = (lib.concatMapStringsSep ":" (d: (tomedia d)) ["j0" "j1" "j2" ]);
+ fsType = "mergerfs";
+ noCheck = true;
+ options = [ "defaults" "allow_other" "nofail" "nonempty" ];
+ };
+ };
+ environment.systemPackages = [ pkgs.mergerfs ];
+}
diff --git a/makefu/1systems/filepimp/source.nix b/makefu/1systems/filepimp/source.nix
index b81a2bf4a..9930f0e42 100644
--- a/makefu/1systems/filepimp/source.nix
+++ b/makefu/1systems/filepimp/source.nix
@@ -1,3 +1,4 @@
{
name="filepimp";
+ home-manager = true;
}
From 27e182f7f878721c665b92b287e0d5f8da5bd06a Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 12 Mar 2021 20:09:10 +0100
Subject: [PATCH 09/38] ma: deploy storj on omo, forward via gum
---
makefu/1systems/gum/config.nix | 7 ++++++-
makefu/2configs/storj/client.nix | 27 ++++++++++++++++++++++++++
makefu/2configs/storj/forward-port.nix | 22 +++++++++++++++++++++
3 files changed, 55 insertions(+), 1 deletion(-)
create mode 100644 makefu/2configs/storj/client.nix
create mode 100644 makefu/2configs/storj/forward-port.nix
diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index 2fd99122a..d81aefb67 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -43,6 +43,7 @@ in {
<stockholm/makefu/2configs/zsh-user.nix>
<stockholm/makefu/2configs/mosh.nix>
+ <stockholm/makefu/2configs/storj/forward-port.nix>
# <stockholm/makefu/2configs/gui/xpra.nix>
# networking
@@ -156,6 +157,7 @@ in {
<stockholm/makefu/2configs/bgt/download.binaergewitter.de.nix>
<stockholm/makefu/2configs/bgt/hidden_service.nix>
<stockholm/makefu/2configs/bgt/backup.nix>
+ <stockholm/makefu/2configs/bgt/social-to-irc.nix>
# <stockholm/makefu/2configs/logging/client.nix>
@@ -203,7 +205,10 @@ in {
# Network
networking = {
firewall = {
- allowedTCPPorts = [ 80 443 ];
+ allowedTCPPorts = [
+ 80 443
+ 28967 # storj
+ ];
allowPing = true;
logRefusedConnections = false;
};
diff --git a/makefu/2configs/storj/client.nix b/makefu/2configs/storj/client.nix
new file mode 100644
index 000000000..e37e2ce23
--- /dev/null
+++ b/makefu/2configs/storj/client.nix
@@ -0,0 +1,27 @@
+{ lib, ... }:
+{
+ networking.firewall.allowedTCPPorts = [ 28967 ];
+ virtualisation.oci-containers.containers.storj-storagenode = {
+ image = "storjlabs/storagenode:latest";
+ ports = [
+ # TODO: omo ip
+ "0.0.0.0:28967:28967"
+ "127.0.0.1:14002:14002"
+ ];
+ environment = {
+ # SETUP = "true"; # must be run only once ...
+ WALLET = "0xeD0d2a2B33F6812b45d2D9FF7a139A3fF65a24C0";
+ EMAIL = "storj.io@syntax-fehler.de";
+ ADDRESS = "euer.krebsco.de:28967";
+ STORAGE = "3TB";
+ };
+ volumes = [
+ "/media/cryptX/lib/storj/identity:/app/identity"
+ "/media/cryptX/lib/storj/storage:/app/config"
+ ];
+ };
+ systemd.services.docker-storj-storagenode.serviceConfig = {
+ StandardOutput = lib.mkForce "journal";
+ StandardError = lib.mkForce "journal";
+ };
+}
diff --git a/makefu/2configs/storj/forward-port.nix b/makefu/2configs/storj/forward-port.nix
new file mode 100644
index 000000000..213f77470
--- /dev/null
+++ b/makefu/2configs/storj/forward-port.nix
@@ -0,0 +1,22 @@
+{
+ networking.firewall.allowedTCPPorts = [ 28967 ];
+ #networking.nat.forwardPorts = [
+ # { # storj
+ # destination = "10.243.0.89:28967";
+ # proto = "tcp";
+ # sourcePort = 28967;
+ # }
+ #];
+ services.nginx.appendConfig = ''
+ stream {
+ upstream storj {
+ server omo.r:28967;
+ }
+
+ server {
+ listen 28967;
+ proxy_pass storj;
+ }
+ }
+ '';
+}
From ba614307cdc027dddd9aee2fecdaac86336957eb Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 12 Mar 2021 20:10:27 +0100
Subject: [PATCH 10/38] ma omo.r: deploy airsonic,photoprism,metube
---
makefu/1systems/omo/config.nix | 28 +++++++++++++++--------
makefu/1systems/omo/hw/omo.nix | 4 ++++
makefu/2configs/home/airsonic.nix | 29 ++++++++++++++++++++++++
makefu/2configs/home/metube.nix | 35 +++++++++++++++++++++++++++++
makefu/2configs/home/photoprism.nix | 9 ++++----
5 files changed, 92 insertions(+), 13 deletions(-)
create mode 100644 makefu/2configs/home/airsonic.nix
create mode 100644 makefu/2configs/home/metube.nix
diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix
index a9e307ddf..a04593715 100644
--- a/makefu/1systems/omo/config.nix
+++ b/makefu/1systems/omo/config.nix
@@ -28,9 +28,11 @@ in {
<stockholm/makefu/2configs/home-manager>
<stockholm/makefu/2configs/home-manager/cli.nix>
<stockholm/makefu/2configs/editor/neovim>
+ <stockholm/makefu/2configs/storj/client.nix>
<stockholm/makefu/2configs/backup/state.nix>
+ <stockholm/makefu/2configs/backup/server.nix>
<stockholm/makefu/2configs/exim-retiolum.nix>
# <stockholm/makefu/2configs/smart-monitor.nix>
<stockholm/makefu/2configs/mail-client.nix>
@@ -68,7 +70,7 @@ in {
<stockholm/makefu/2configs/tinc/retiolum.nix>
# statistics
- <stockholm/makefu/2configs/stats/client.nix>
+ # <stockholm/makefu/2configs/stats/client.nix>
# Logging
#influx + grafana
<stockholm/makefu/2configs/stats/server.nix>
@@ -91,13 +93,18 @@ in {
<stockholm/makefu/2configs/virtualisation/docker.nix>
<stockholm/makefu/2configs/bluetooth-mpd.nix>
- <stockholm/makefu/2configs/ham>
+ <stockholm/makefu/2configs/home/ham>
+ <stockholm/makefu/2configs/home/airsonic.nix>
+ <stockholm/makefu/2configs/home/photoprism.nix>
+ <stockholm/makefu/2configs/home/metube.nix>
{
makefu.ps3netsrv = {
enable = true;
servedir = "/media/cryptX/emu/ps3";
};
}
+
+
{
hardware.pulseaudio.systemWide = true;
makefu.mpd.musicDirectory = "/media/cryptX/music";
@@ -107,7 +114,15 @@ in {
<stockholm/makefu/2configs/sshd-totp.nix>
# <stockholm/makefu/2configs/logging/central-logging-client.nix>
- <stockholm/makefu/2configs/torrent.nix>
+ # <stockholm/makefu/2configs/torrent.nix>
+ {
+ #krebs.rtorrent = {
+ # downloadDir = lib.mkForce "/media/cryptX/torrent";
+ # extraConfig = ''
+ # upload_rate = 500
+ # '';
+ #};
+ }
# <stockholm/makefu/2configs/elchos/search.nix>
# <stockholm/makefu/2configs/elchos/log.nix>
@@ -118,16 +133,11 @@ in {
# Temporary:
# <stockholm/makefu/2configs/temp/rst-issue.nix>
+ <stockholm/makefu/2configs/bgt/social-to-irc.nix>
];
makefu.full-populate = true;
nixpkgs.config.allowUnfree = true;
- krebs.rtorrent = {
- downloadDir = lib.mkForce "/media/cryptX/torrent";
- extraConfig = ''
- upload_rate = 500
- '';
- };
users.groups.share = {
gid = (import <stockholm/lib>).genid "share";
members = [ "makefu" "misa" ];
diff --git a/makefu/1systems/omo/hw/omo.nix b/makefu/1systems/omo/hw/omo.nix
index 586ad98c4..ae5b778bf 100644
--- a/makefu/1systems/omo/hw/omo.nix
+++ b/makefu/1systems/omo/hw/omo.nix
@@ -51,6 +51,10 @@ in {
enable = true;
disks = map toMapper [ 0 1 3 ];
parity = toMapper 2; # find -name PARITY_PARTITION
+ extraConfig = ''
+ exclude /lib/storj/
+ exclude /.bitcoin/blocks/
+ '';
};
fileSystems = let
cryptMount = name:
diff --git a/makefu/2configs/home/airsonic.nix b/makefu/2configs/home/airsonic.nix
new file mode 100644
index 000000000..15e77438d
--- /dev/null
+++ b/makefu/2configs/home/airsonic.nix
@@ -0,0 +1,29 @@
+{ config, ... }:
+let
+ internal-ip = "192.168.1.11";
+ port = 4040;
+in
+{
+ # networking.firewall.allowedTCPPorts = [ 4040 ];
+ services.airsonic = {
+ enable = true;
+ listenAddress = "0.0.0.0";
+ inherit port;
+ };
+ state = [ config.services.airsonic.home ];
+ services.nginx.virtualHosts."airsonic" = {
+ serverAliases = [
+ "airsonic.lan"
+ "music" "music.lan"
+ "musik" "musik.lan"
+ ];
+
+ locations."/".proxyPass = "http://localhost:${toString port}";
+ locations."/".proxyWebsockets = true;
+ extraConfig = ''
+ if ( $server_addr != "${internal-ip}" ) {
+ return 403;
+ }
+ '';
+ };
+}
diff --git a/makefu/2configs/home/metube.nix b/makefu/2configs/home/metube.nix
new file mode 100644
index 000000000..c872bea08
--- /dev/null
+++ b/makefu/2configs/home/metube.nix
@@ -0,0 +1,35 @@
+{ pkgs, lib, ...}:
+# docker run -d -p 8081:8081 -v /path/to/downloads:/downloads --user 1001:1001 alexta69/metube
+with import <stockholm/lib>;
+let
+ port = "2348";
+ dl-dir = "/media/cryptX/youtube/music";
+ uid = 20421;
+ internal-ip = "192.168.1.11";
+in
+ {
+ systemd.tmpfiles.rules = [
+ "d ${dl-dir} metube nogroup - -"
+ ];
+ virtualisation.oci-containers.backend = "docker";
+
+ services.nginx.virtualHosts."tube" = {
+ serverAliases = [ "tube.lan" ];
+ locations."/".proxyPass = "http://localhost:${port}";
+ };
+
+ virtualisation.oci-containers.containers.metube = {
+ image = "alexta69/metube:latest";
+ ports = [ "${port}:8081" ];
+ volumes = [
+ "${dl-dir}:/downloads"
+ ];
+ user = "metube";
+ };
+ users.users.metube.uid = uid;
+
+ systemd.services.docker-metube.serviceConfig = {
+ StandardOutput = lib.mkForce "journal";
+ StandardError = lib.mkForce "journal";
+ };
+}
diff --git a/makefu/2configs/home/photoprism.nix b/makefu/2configs/home/photoprism.nix
index aaccd7350..ef4200576 100644
--- a/makefu/2configs/home/photoprism.nix
+++ b/makefu/2configs/home/photoprism.nix
@@ -16,8 +16,8 @@
let
port = "2347";
photodir = "/media/cryptX/photos";
- statedir = "/var/lib/photoprism/appsrv";
- db-dir = "/var/lib/photoprism/mysql";
+ statedir = "/media/cryptX/lib/photoprism/appsrv";
+ db-dir = "/media/cryptX/lib/photoprism/mysql";
internal-ip = "192.168.1.11";
sec = import <secrets/photoprism.nix>;
in
@@ -97,6 +97,7 @@ in
PHOTOPRISM_SITE_CAPTION = "FeMi Fotos";
PHOTOPRISM_SITE_DESCRIPTION = "Unsere Fotos";
PHOTOPRISM_SITE_AUTHOR = "FeMi";
+ PHOTOPRISM_SPONSOR = "true";
};
};
@@ -135,11 +136,11 @@ in
# };
#};
- systemd.services.photoprism.serviceConfig = {
+ systemd.services.docker-photoprism.serviceConfig = {
StandardOutput = lib.mkForce "journal";
StandardError = lib.mkForce "journal";
};
- systemd.services.mysql-photoprism.serviceConfig = {
+ systemd.services.docker-mysql-photoprism.serviceConfig = {
StandardOutput = lib.mkForce "journal";
StandardError = lib.mkForce "journal";
};
From 1ceb7c79fe6038059a85e094446e129f4408d7b6 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 12 Mar 2021 20:11:00 +0100
Subject: [PATCH 11/38] ma bgt/social-to-irc: init
---
makefu/2configs/bgt/social-to-irc.nix | 32 +++++++++++++++++++++++++++
1 file changed, 32 insertions(+)
create mode 100644 makefu/2configs/bgt/social-to-irc.nix
diff --git a/makefu/2configs/bgt/social-to-irc.nix b/makefu/2configs/bgt/social-to-irc.nix
new file mode 100644
index 000000000..ce89451c1
--- /dev/null
+++ b/makefu/2configs/bgt/social-to-irc.nix
@@ -0,0 +1,32 @@
+{
+ # systemd.services.brockman.environment."BROCKMAN_LOG_LEVEL" = "DEBUG";
+ krebs.brockman = {
+ enable = true;
+ config = {
+ channel = "#binaergewitter";
+ irc = {
+ host = "irc.freenode.net";
+ port = 6667;
+ };
+ #controller = {
+ # nick = "brockman-systemdultras";
+ # channels = [];
+ #};
+ bots = {
+ bgt-mastodon-rss = {
+ feed = "https://jit.social/users/binaergewitter.rss";
+ channels = [ "#binaergewitter" ];
+ delay = 180;
+ notifyErrors = false;
+ };
+ bgt-blog-rss = {
+ feed = "https://blog.binaergewitter.de/rss.xml";
+ channels = [ "#binaergewitter" ];
+ delay = 180;
+ notifyErrors = false;
+ };
+ };
+ };
+
+ };
+}
From b30e99dfb2d040ec47e2e772ca0d25b97cf54e21 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 12 Mar 2021 20:11:43 +0100
Subject: [PATCH 12/38] ma wbob.r: split config and hardware
---
makefu/1systems/wbob/config.nix | 70 +++-------------------------
makefu/1systems/wbob/nuc/default.nix | 23 +++++++++
2 files changed, 30 insertions(+), 63 deletions(-)
create mode 100644 makefu/1systems/wbob/nuc/default.nix
diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix
index 32dedbde2..b70b48449 100644
--- a/makefu/1systems/wbob/config.nix
+++ b/makefu/1systems/wbob/config.nix
@@ -1,14 +1,15 @@
{ config, pkgs, lib, ... }:
let
- rootdisk = "/dev/disk/by-id/ata-TS256GMTS800_C613840115";
- datadisk = "/dev/disk/by-id/ata-HGST_HTS721010A9E630_JR10006PH3A02F";
user = config.makefu.gui.user;
primaryIP = "192.168.8.11";
in {
imports =
- [ # Include the results of the hardware scan.
+ [
<stockholm/makefu>
+ # Include the results of the hardware scan.
+ ./nuc
+
<stockholm/makefu/2configs/home-manager>
<stockholm/makefu/2configs/support-nixos.nix>
<stockholm/makefu/2configs/zsh-user.nix>
@@ -37,13 +38,13 @@ in {
# Sensors
# <stockholm/makefu/2configs/stats/client.nix>
- <stockholm/makefu/2configs/stats/collectd-client.nix>
+ # <stockholm/makefu/2configs/stats/collectd-client.nix>
<stockholm/makefu/2configs/stats/telegraf>
<stockholm/makefu/2configs/stats/telegraf/airsensor.nix>
<stockholm/makefu/2configs/stats/telegraf/europastats.nix>
<stockholm/makefu/2configs/stats/external/aralast.nix>
<stockholm/makefu/2configs/stats/arafetch.nix>
- <stockholm/makefu/2configs/hw/mceusb.nix>
+ # <stockholm/makefu/2configs/hw/mceusb.nix>
# <stockholm/makefu/2configs/stats/telegraf/bamstats.nix>
{ environment.systemPackages = [ pkgs.vlc ]; }
@@ -94,44 +95,6 @@ in {
build.host = config.krebs.hosts.wbob;
};
- swapDevices = [ { device = "/var/swap"; } ];
- services.collectd.extraConfig = lib.mkAfter ''
-
- #LoadPlugin ping
- # does not work because it requires privileges
- #<Plugin "ping">
- # Host "google.de"
- # Host "heise.de"
- #</Plugin>
-
- LoadPlugin curl
- <Plugin curl>
- Interval 300
- TotalTime true
- NamelookupTime true
- ConnectTime true
-
- <Page "google">
- MeasureResponseTime true
- MeasureResponseCode true
- URL "https://google.de"
- </Page>
-
- <Page "webde">
- MeasureResponseTime true
- MeasureResponseCode true
- URL "http://web.de"
- </Page>
-
- </Plugin>
- #LoadPlugin netlink
- #<Plugin "netlink">
- # Interface "enp0s25"
- # Interface "wlp2s0"
- # IgnoreSelected false
- #</Plugin>
- '';
-
networking.firewall.allowedUDPPorts = [ 655 ];
networking.firewall.allowedTCPPorts = [
655
@@ -146,7 +109,7 @@ in {
# Port = 1655
# '';
#};
-
+ boot.kernelPackages = pkgs.linuxPackages_latest;
# rt2870.bin wifi card, part of linux-unfree
hardware.enableRedistributableFirmware = true;
nixpkgs.config.allowUnfree = true;
@@ -156,24 +119,5 @@ in {
address = "10.8.8.11";
prefixLength = 24;
}];
-
-
# nuc hardware
- boot.loader.grub.device = rootdisk;
- hardware.cpu.intel.updateMicrocode = true;
- boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
-
- boot.kernelModules = [
- "kvm-intel" "snd-seq" "snd-rawmidi"
- ];
- fileSystems = {
- "/" = {
- device = rootdisk + "-part1";
- fsType = "ext4";
- };
- "/data" = {
- device = datadisk + "-part1";
- fsType = "ext4";
- };
- };
}
diff --git a/makefu/1systems/wbob/nuc/default.nix b/makefu/1systems/wbob/nuc/default.nix
new file mode 100644
index 000000000..d4993dfd0
--- /dev/null
+++ b/makefu/1systems/wbob/nuc/default.nix
@@ -0,0 +1,23 @@
+let
+ rootdisk = "/dev/disk/by-id/ata-TS256GMTS800_C613840115";
+ datadisk = "/dev/disk/by-id/ata-HGST_HTS721010A9E630_JR10006PH3A02F";
+in {
+ boot.loader.grub.device = rootdisk;
+ hardware.cpu.intel.updateMicrocode = true;
+ boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
+
+ boot.kernelModules = [
+ "kvm-intel" "snd-seq" "snd-rawmidi"
+ ];
+ fileSystems = {
+ "/" = {
+ device = rootdisk + "-part1";
+ fsType = "ext4";
+ };
+ "/data" = {
+ device = datadisk + "-part1";
+ fsType = "ext4";
+ };
+ };
+ swapDevices = [ { device = "/var/swap"; } ];
+}
From f20695084ed681adecb9fbfa459ffb46591812f2 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 12 Mar 2021 20:12:04 +0100
Subject: [PATCH 13/38] ma tsp.r: refactor
---
makefu/1systems/tsp/config.nix | 11 ++++++++---
makefu/1systems/tsp/hardware.nix | 9 +++++++++
2 files changed, 17 insertions(+), 3 deletions(-)
create mode 100644 makefu/1systems/tsp/hardware.nix
diff --git a/makefu/1systems/tsp/config.nix b/makefu/1systems/tsp/config.nix
index 7c65737f7..9586578d3 100644
--- a/makefu/1systems/tsp/config.nix
+++ b/makefu/1systems/tsp/config.nix
@@ -6,21 +6,26 @@
{
imports =
[ # Include the results of the hardware scan.
+ ./hardware.nix
<stockholm/makefu>
+ <stockholm/makefu/2configs/nur.nix>
<stockholm/makefu/2configs/home-manager>
<stockholm/makefu/2configs/main-laptop.nix>
+ <stockholm/makefu/2configs/editor/neovim>
+ <stockholm/makefu/2configs/tools/core.nix>
# <stockholm/makefu/2configs/tools/all.nix>
<stockholm/makefu/2configs/fs/single-partition-ext4.nix>
# hardware specifics are in here
- # imports tp-x2x0.nix
- <stockholm/makefu/2configs/hw/tp-x230.nix>
<stockholm/makefu/2configs/hw/bluetooth.nix>
<stockholm/makefu/2configs/hw/network-manager.nix>
+
# <stockholm/makefu/2configs/rad1o.nix>
<stockholm/makefu/2configs/zsh-user.nix>
- <stockholm/makefu/2configs/exim-retiolum.nix>
+ <stockholm/makefu/2configs/home-manager>
+ <stockholm/makefu/2configs/home-manager/desktop.nix>
+ <stockholm/makefu/2configs/home-manager/cli.nix>
<stockholm/makefu/2configs/tinc/retiolum.nix>
<stockholm/makefu/2configs/sshd-totp.nix>
diff --git a/makefu/1systems/tsp/hardware.nix b/makefu/1systems/tsp/hardware.nix
new file mode 100644
index 000000000..2788eae04
--- /dev/null
+++ b/makefu/1systems/tsp/hardware.nix
@@ -0,0 +1,9 @@
+{ lib, ... }:
+{
+ imports = [
+ # laptop is an acer aspire, but close enough i'd say
+ <stockholm/makefu/2configs/hw/tp-x2x0.nix>
+ ];
+ # the laptop only has the touchpad
+ services.xserver.synaptics.additionalOptions = lib.mkForce ''Option "TouchpadOff" "0"'';
+}
From e377be755fa38b0ea4936b4c55dedfab4200bf21 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 12 Mar 2021 20:12:56 +0100
Subject: [PATCH 14/38] ma x.r: cleanup input
---
makefu/1systems/x/config.nix | 3 ++-
makefu/1systems/x/x13/default.nix | 22 +++------------------
makefu/1systems/x/x13/input.nix | 33 +++++++++++++++++++++++++++++++
3 files changed, 38 insertions(+), 20 deletions(-)
diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix
index 6c0388e59..80655f998 100644
--- a/makefu/1systems/x/config.nix
+++ b/makefu/1systems/x/config.nix
@@ -158,7 +158,8 @@
# temporary
# { services.redis.enable = true; }
- # <stockholm/makefu/2configs/pyload.nix>
+ { services.mongodb.enable = true; }
+ # <stockholm/makefu/2configs/home/photoprism.nix>
# <stockholm/makefu/2configs/dcpp/airdcpp.nix>
# <stockholm/makefu/2configs/nginx/rompr.nix>
# <stockholm/makefu/2configs/lanparty/lancache.nix>
diff --git a/makefu/1systems/x/x13/default.nix b/makefu/1systems/x/x13/default.nix
index b0400232e..ac601845a 100644
--- a/makefu/1systems/x/x13/default.nix
+++ b/makefu/1systems/x/x13/default.nix
@@ -8,6 +8,7 @@
<nixos-hardware/lenovo/thinkpad/l14/amd> # close enough
# <stockholm/makefu/2configs/hw/tpm.nix>
<stockholm/makefu/2configs/hw/ssd.nix>
+ <stockholm/makefu/2configs/hw/xmm7360.nix>
];
boot.zfs.requestEncryptionCredentials = true;
networking.hostId = "f8b8e0a2";
@@ -19,32 +20,15 @@
services.xserver.videoDrivers = [
"amdgpu"
];
- hardware.opengl.extraPackages = [ pkgs.amdvlk ];
+ hardware.opengl.extraPackages = [ pkgs.amdvlk pkgs.rocm-opencl-icd ];
# is required for amd graphics support ( xorg wont boot otherwise )
boot.kernelPackages = pkgs.linuxPackages_latest;
+
environment.variables.VK_ICD_FILENAMES =
"/run/opengl-driver/share/vulkan/icd.d/amd_icd64.json";
programs.light.enable = true;
- services.actkbd = {
- enable = true;
- bindings = [
- { keys = [ 225 ]; events = [ "key" ]; command = "${pkgs.light}/bin/light -A 10"; }
- { keys = [ 224 ]; events = [ "key" ]; command = "${pkgs.light}/bin/light -U 10"; }
- { keys = [ 227 ]; events = [ "key" ]; command = builtins.toString (
- pkgs.writers.writeDash "toggle_lcdshadow" ''
- proc=/proc/acpi/ibm/lcdshadow
- status=$(${pkgs.gawk}/bin/awk '/status:/{print $2}' "$proc")
- if [ "$status" -eq 0 ];then
- echo 1 > "$proc"
- else
- echo 0 > "$proc"
- fi
- '');
- }
- ];
- };
users.groups.video = {};
users.users.makefu.extraGroups = [ "video" ];
diff --git a/makefu/1systems/x/x13/input.nix b/makefu/1systems/x/x13/input.nix
index 68b855d8e..775e19303 100644
--- a/makefu/1systems/x/x13/input.nix
+++ b/makefu/1systems/x/x13/input.nix
@@ -1,3 +1,4 @@
+{ pkgs, lib, ... }:
{
# current issues:
# 1. for pressing insert hold shift+fn+Fin
@@ -9,5 +10,37 @@
xinput set-prop "ETPS/2 Elantech TrackPoint" "Evdev Wheel Emulation Axes" 6 7 4 5
# configure timeout of pressing and holding middle button
# xinput set-int-prop "ETPS/2 Elantech TrackPoint" "Evdev Wheel Emulation Timeout" 8 200
+ xinput disable 'ETPS/2 Elantech Touchpad'
'';
+ boot.kernelParams = [
+ #"psmouse.proto=imps"
+ #"psmouse.proto=bare"
+ #"psmouse.resetafter=0"
+ "psmouse.synaptics_intertouch=1" # echo 1 > /sys/devices/platform/i8042/serio1/reg_07
+ ];
+
+ programs.light.enable = true;
+ services.actkbd = {
+ enable = true;
+ bindings = [
+ { keys = [ 225 ]; events = [ "key" ]; command = "${pkgs.light}/bin/light -A 10"; } # fn - F5
+ { keys = [ 224 ]; events = [ "key" ]; command = "${pkgs.light}/bin/light -U 10"; } # fn - F6
+ # fn - 4 => suspend
+ # fn - d => lcdshadow
+ { keys = [ 227 ]; events = [ "key" ]; command = builtins.toString ( # fn - F7
+ pkgs.writers.writeDash "toggle_touchpad" ''
+ PATH=${lib.makeBinPath [ pkgs.xorg.xinput pkgs.gnugrep ]}
+ DISPLAY=:0
+ export DISPLAY PATH
+
+ device=$(xinput list --name-only | grep Touchpad)
+ if [ "$(xinput list-props "$device" | grep -P ".*Device Enabled.*\K.(?=$)" -o)" -eq 1 ];then
+ xinput disable "$device"
+ else
+ xinput enable "$device"
+ fi
+ '');
+ }
+ ];
+ };
}
From ca37236a537b980066205a6d2f5309fa3eb8e0e0 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 12 Mar 2021 20:13:23 +0100
Subject: [PATCH 15/38] ma backup/server: init backup server repo option
---
makefu/2configs/backup/server.nix | 20 ++++++++++++++------
1 file changed, 14 insertions(+), 6 deletions(-)
diff --git a/makefu/2configs/backup/server.nix b/makefu/2configs/backup/server.nix
index f157e715f..26e53b8c3 100644
--- a/makefu/2configs/backup/server.nix
+++ b/makefu/2configs/backup/server.nix
@@ -1,11 +1,19 @@
-{lib, ... }:
+{lib,config, ... }:
let
hosts = lib.mapAttrsToList (f: _: lib.removeSuffix ".pub" f) (builtins.readDir ./ssh );
in {
# TODO: for all enabled machines
- services.borgbackup.repos = lib.genAttrs hosts (host: {
- authorizedKeys = [ (builtins.readFile (./ssh + "/${host}.pub") ) ];
- path = "/var/lib/borgbackup/${host}";
- user = "borg-${host}";
- }) ;
+ options = {
+ makefu.backup.server.repo = lib.mkOption {
+ type = lib.types.str;
+ default = "/var/lib/borgbackup";
+ };
+ };
+ config = {
+ services.borgbackup.repos = lib.genAttrs hosts (host: {
+ authorizedKeys = [ (builtins.readFile (./ssh + "/${host}.pub") ) ];
+ path = "${config.makefu.backup.server.repo}/${host}";
+ user = "borg-${host}";
+ }) ;
+ };
}
From e5472e178a115935e7405c1df99e13e8102c3f0b Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 12 Mar 2021 20:13:49 +0100
Subject: [PATCH 16/38] ma binary-cache/server: add port to nix-serve
---
makefu/2configs/binary-cache/server.nix | 1 +
1 file changed, 1 insertion(+)
diff --git a/makefu/2configs/binary-cache/server.nix b/makefu/2configs/binary-cache/server.nix
index 1d729b9bb..2e05fd52e 100644
--- a/makefu/2configs/binary-cache/server.nix
+++ b/makefu/2configs/binary-cache/server.nix
@@ -5,6 +5,7 @@
# nix-store --generate-binary-cache-key gum nix-serve.key nix-serve.pub
services.nix-serve = {
enable = true;
+ port = 5001;
secretKeyFile = config.krebs.secret.files.nix-serve-key.path;
};
From 821239422fe86973e37acb05e50e76b748c77d0c Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 12 Mar 2021 20:24:09 +0100
Subject: [PATCH 17/38] ma wbob.r: deploy bureautomation with unstable branch
---
makefu/1systems/wbob/source.nix | 1 +
makefu/2configs/bureautomation/default.nix | 10 ++++++++++
2 files changed, 11 insertions(+)
diff --git a/makefu/1systems/wbob/source.nix b/makefu/1systems/wbob/source.nix
index 6568b8a45..36c7b67bb 100644
--- a/makefu/1systems/wbob/source.nix
+++ b/makefu/1systems/wbob/source.nix
@@ -2,4 +2,5 @@
name="wbob";
# musnix = true;
home-manager = true;
+ unstable = true;
}
diff --git a/makefu/2configs/bureautomation/default.nix b/makefu/2configs/bureautomation/default.nix
index 7e8b6a4d3..7ac90f5c5 100644
--- a/makefu/2configs/bureautomation/default.nix
+++ b/makefu/2configs/bureautomation/default.nix
@@ -1,12 +1,15 @@
{ config, pkgs, lib, ... }:
let
kodi-host = "192.168.8.11";
+ unstable = import <nixpkgs-unstable> {};
in {
imports = [
./ota.nix
./comic-updater.nix
./puppy-proxy.nix
+ ./zigbee2mqtt
+
# hass config
## complex configs
./multi/daily-standup.nix
@@ -39,15 +42,22 @@ in {
./automation/bureau-shutdown.nix
./automation/nachtlicht.nix
./automation/schlechteluft.nix
+ ./automation/philosophische-tuer.nix
./automation/hass-restart.nix
./device_tracker/openwrt.nix
./person/team.nix
];
+
networking.firewall.allowedTCPPorts = [ 8123 ];
state = [ "/var/lib/hass/known_devices.yaml" ];
services.home-assistant = {
enable = true;
+ package = (unstable.home-assistant.overrideAttrs (old: {
+ doInstallCheck = false;
+ })).override {
+ extraPackages = p: [ p.APScheduler ];
+ };
autoExtraComponents = true;
config = {
config = {};
From fe38a7cd7ebdaca847bf209a30139182be1d1e83 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 12 Mar 2021 20:24:40 +0100
Subject: [PATCH 18/38] ma defaulat: alias ip -> ip -c -br
---
makefu/2configs/default.nix | 1 +
1 file changed, 1 insertion(+)
diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix
index 695e8fee6..be64e402e 100644
--- a/makefu/2configs/default.nix
+++ b/makefu/2configs/default.nix
@@ -57,6 +57,7 @@ with import <stockholm/lib>;
environment.shellAliases = {
# TODO: see .aliases
lsl = "ls -lAtr";
+ ip = "ip -c -br";
dmesg = "dmesg -L --reltime";
psg = "ps -ef | grep";
nmap = "nmap -oN $HOME/loot/scan-`date +\%s`.nmap -oX $HOME/loot/scan-`date +%s`.xml";
From 80ca19617389d628087e9e4a271bae43e5dfbf74 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 12 Mar 2021 20:25:37 +0100
Subject: [PATCH 19/38] ma etherpad: increase timeouts to 30 minutes
---
.../2configs/deployment/docker/etherpad.euer.krebsco.de.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/makefu/2configs/deployment/docker/etherpad.euer.krebsco.de.nix b/makefu/2configs/deployment/docker/etherpad.euer.krebsco.de.nix
index 172e69c4d..48b947c58 100644
--- a/makefu/2configs/deployment/docker/etherpad.euer.krebsco.de.nix
+++ b/makefu/2configs/deployment/docker/etherpad.euer.krebsco.de.nix
@@ -6,7 +6,7 @@ in {
services.nginx.virtualHosts."etherpad.euer.krebsco.de" = {
# useACMEHost = "euer.krebsco.de";
extraConfig = ''
- ssl_session_timeout 5m;
+ ssl_session_timeout 30m;
'';
enableACME = true;
forceSSL = true;
@@ -27,7 +27,7 @@ in {
# WebSocket proxying - from https://nginx.org/en/docs/http/websocket.html
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
- proxy_read_timeout 61s;
+ proxy_read_timeout 1799s;
'';
};
docker-containers."etherpad-lite" = {
From ca13f21f885b608138779282013caf20ee92ddad Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 12 Mar 2021 20:26:27 +0100
Subject: [PATCH 20/38] ma etherpad: mv to bgt
---
makefu/1systems/gum/config.nix | 2 +-
.../{deployment/docker => bgt}/etherpad.euer.krebsco.de.nix | 0
2 files changed, 1 insertion(+), 1 deletion(-)
rename makefu/2configs/{deployment/docker => bgt}/etherpad.euer.krebsco.de.nix (100%)
diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index d81aefb67..83fbd8f83 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -148,7 +148,7 @@ in {
<stockholm/makefu/2configs/deployment/boot-euer.nix>
<stockholm/makefu/2configs/deployment/gecloudpad>
<stockholm/makefu/2configs/deployment/docker/archiveteam-warrior.nix>
- <stockholm/makefu/2configs/deployment/docker/etherpad.euer.krebsco.de.nix>
+ <stockholm/makefu/2configs/bgt/etherpad.euer.krebsco.de.nix>
# <stockholm/makefu/2configs/deployment/systemdultras-rss.nix>
<stockholm/makefu/2configs/shiori.nix>
diff --git a/makefu/2configs/deployment/docker/etherpad.euer.krebsco.de.nix b/makefu/2configs/bgt/etherpad.euer.krebsco.de.nix
similarity index 100%
rename from makefu/2configs/deployment/docker/etherpad.euer.krebsco.de.nix
rename to makefu/2configs/bgt/etherpad.euer.krebsco.de.nix
From 806da70f35564c1fbc1f4f2a16c1c18cb729a5ff Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 12 Mar 2021 20:27:16 +0100
Subject: [PATCH 21/38] ma wbob-kiosk: use gnome instead of xfce
---
makefu/2configs/gui/wbob-kiosk.nix | 15 ++++++++++-----
1 file changed, 10 insertions(+), 5 deletions(-)
diff --git a/makefu/2configs/gui/wbob-kiosk.nix b/makefu/2configs/gui/wbob-kiosk.nix
index 1a5e6d04f..2f6a26d82 100644
--- a/makefu/2configs/gui/wbob-kiosk.nix
+++ b/makefu/2configs/gui/wbob-kiosk.nix
@@ -10,13 +10,14 @@
};
services.xserver = {
- windowManager = lib.mkForce {
- awesome.enable = false;
- };
- desktopManager.xfce = {
+ windowManager = lib.mkForce { awesome.enable = false; };
+ displayManager.gdm.enable = true;
+ displayManager.autoLogin = {
enable = true;
+ user = "makefu";
};
- displayManager.defaultSession = "xfce";
+ displayManager.defaultSession = "gnome";
+ desktopManager.gnome3.enable = true;
displayManager.sessionCommands = ''
${pkgs.xlibs.xset}/bin/xset -display :0 s off -dpms
${pkgs.xlibs.xrandr}/bin/xrandr --output HDMI2 --right-of HDMI1
@@ -25,6 +26,10 @@
# prevent screen from turning off, disable dpms
};
+
+ environment.systemPackages = [ pkgs.gnomeExtensions.appindicator ];
+ services.dbus.packages = with pkgs; [ gnome2.GConf gnome3.gnome-settings-daemon ];
+
systemd.services.xset-off = {
after = [ "display-manager.service" ];
wantedBy = [ "multi-user.target" ];
From cd6a3637d4ca727b0f3277e1478130a8aa1fd8c0 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 12 Mar 2021 20:27:57 +0100
Subject: [PATCH 22/38] ma ham: protect application server from external
requests
---
makefu/2configs/home/ham/nginx.nix | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/makefu/2configs/home/ham/nginx.nix b/makefu/2configs/home/ham/nginx.nix
index 2048ff215..e166b2a4b 100644
--- a/makefu/2configs/home/ham/nginx.nix
+++ b/makefu/2configs/home/ham/nginx.nix
@@ -6,5 +6,10 @@ in {
serverAliases = [ "hass.lan" "ha" "ha.lan" ];
locations."/".proxyPass = "http://localhost:8123";
locations."/".proxyWebsockets = true;
+ extraConfig = ''
+ if ( $server_addr != "${internal-ip}" ) {
+ return 403;
+ }
+ '';
};
}
From 31cb697190ea6d5c50925048a897880278eaf511 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 12 Mar 2021 20:28:20 +0100
Subject: [PATCH 23/38] ma ham/zigbee2mqtt: enable frontend
---
.../2configs/home/ham/zigbee2mqtt/default.nix | 20 +++++++++++++++++++
1 file changed, 20 insertions(+)
diff --git a/makefu/2configs/home/ham/zigbee2mqtt/default.nix b/makefu/2configs/home/ham/zigbee2mqtt/default.nix
index 83c3c187c..6ccf8b241 100644
--- a/makefu/2configs/home/ham/zigbee2mqtt/default.nix
+++ b/makefu/2configs/home/ham/zigbee2mqtt/default.nix
@@ -3,12 +3,16 @@
let
dataDir = "/var/lib/zigbee2mqtt";
sec = import <secrets/zigbee2mqtt.nix>;
+ internal-ip = "192.168.1.11";
+ webport = 8521;
in
{
# symlink the zigbee controller
#services.udev.extraRules = ''
# SUBSYSTEM=="tty", ATTRS{idVendor}=="0451", ATTRS{idProduct}=="16a8", SYMLINK+="cc2531", MODE="0660", GROUP="dialout"
#'';
+
+ # /dev/serial/by-id/usb-Silicon_Labs_slae.sh_cc2652rb_stick_-_slaesh_s_iot_stuff_00_12_4B_00_21_CC_45_BD-if00-port0
services.udev.extraRules = ''
SUBSYSTEM=="tty", ATTRS{idVendor}=="10c4", ATTRS{idProduct}=="ea60", SYMLINK+="cc2531", MODE="0660", GROUP="dialout"
'';
@@ -28,6 +32,9 @@ in
include_device_information = true;
client_id = "zigbee2mqtt";
};
+ frontend = {
+ port = webport;
+ };
advanced = {
log_level = "debug";
log_output = [ "console" ];
@@ -56,6 +63,19 @@ in
};
};
+ services.nginx.recommendedProxySettings = true;
+ services.nginx.virtualHosts."zigbee" = {
+ serverAliases = [ "zigbee.lan" ];
+ locations."/".proxyPass = "http://localhost:${toString webport}";
+ locations."/api".proxyPass = "http://localhost:${toString webport}";
+ locations."/api".proxyWebsockets = true;
+ extraConfig = ''
+ if ( $server_addr != "${internal-ip}" ) {
+ return 403;
+ }
+ '';
+ };
+
state = [ "${dataDir}/devices.yaml" "${dataDir}/state.json" ];
systemd.services.zigbee2mqtt = {
From 355b3fe650f449bd808df7fdc8e7a99e1fc68544 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 12 Mar 2021 20:28:56 +0100
Subject: [PATCH 24/38] ma hw/x230: enable manual fan_control
---
makefu/2configs/hw/tp-x230.nix | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/makefu/2configs/hw/tp-x230.nix b/makefu/2configs/hw/tp-x230.nix
index 37d1affb7..69fe7adce 100644
--- a/makefu/2configs/hw/tp-x230.nix
+++ b/makefu/2configs/hw/tp-x230.nix
@@ -1,6 +1,5 @@
{ config, lib, pkgs, ... }:
-with import <stockholm/lib>;
{
imports = [ ./tp-x2x0.nix <nixos-hardware/lenovo/thinkpad/x230> ];
@@ -11,6 +10,13 @@ with import <stockholm/lib>;
# possible i915 powersave options:
# options i915 enable_rc6=1 enable_fbc=1 semaphores=1
+ boot.extraModprobeConfig = ''
+ options thinkpad_acpi fan_control=1
+ options i915 enable_rc6=1 enable_fbc=1 semaphores=1
+ '';
+
+ boot.initrd.availableKernelModules = [ "thinkpad_acpi" ];
+
services.xserver.displayManager.sessionCommands =''
xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation" 8 1
xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Button" 8 2
From c66ebb2e4d706e3b8948231d10d0f33016804af2 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 12 Mar 2021 20:29:23 +0100
Subject: [PATCH 25/38] ma printer: use new ip
---
makefu/2configs/printer.nix | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/makefu/2configs/printer.nix b/makefu/2configs/printer.nix
index 6fd1c1858..7e29b1c6f 100644
--- a/makefu/2configs/printer.nix
+++ b/makefu/2configs/printer.nix
@@ -14,17 +14,17 @@ in {
];
};
- # scanners are printers just in reverse anyway
- services.saned.enable = true;
users.users."${mainUser}".extraGroups = [ "scanner" "lp" ];
+ # scanners are printers just in reverse anyway
+ services.saned.enable = true;
hardware.sane = {
enable = true;
extraBackends = [ ];
netConf =
# drucker.lan SCX-3205W
''
- 192.168.1.6''
+ 192.168.1.16''
# uhrenkind.shack magicolor 1690mf
+ ''
10.42.20.30'';
From a66821f6a730cb5ae3dc3b22f41c5085d80e0c41 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 12 Mar 2021 20:29:35 +0100
Subject: [PATCH 26/38] ma stats/server: disable reporting
---
makefu/2configs/stats/server.nix | 1 +
1 file changed, 1 insertion(+)
diff --git a/makefu/2configs/stats/server.nix b/makefu/2configs/stats/server.nix
index a2d0693ab..52fb28a03 100644
--- a/makefu/2configs/stats/server.nix
+++ b/makefu/2configs/stats/server.nix
@@ -27,6 +27,7 @@ in {
http.suppress-write-log = true;
data.trace-logging-enabled = false;
data.query-log-enabled = false;
+ reporting-disabled = true;
http.bind-address = ":${toString influx-port}";
admin.bind-address = ":8083";
From 72019707d4c09e0066dd0b07e589a1bb42c64e2e Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 12 Mar 2021 20:30:35 +0100
Subject: [PATCH 27/38] ma systemdultras/ircbot: disable notifications
---
makefu/2configs/systemdultras/ircbot.nix | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/makefu/2configs/systemdultras/ircbot.nix b/makefu/2configs/systemdultras/ircbot.nix
index c5f1bbed2..3229d14f2 100644
--- a/makefu/2configs/systemdultras/ircbot.nix
+++ b/makefu/2configs/systemdultras/ircbot.nix
@@ -1,7 +1,9 @@
{
+ systemd.services.brockman.environment."BROCKMAN_LOG_LEVEL" = "DEBUG";
krebs.brockman = {
enable = true;
config = {
+ channel = "#systemdultras";
irc = {
host = "irc.freenode.net";
port = 6667;
@@ -11,11 +13,13 @@
feed = "https://www.reddit.com/r/systemdultras/.rss";
delay = 136;
channels = [ "#systemdultras" ];
+ notifyErrors = false;
};
r-systemd-rss = {
feed = "https://www.reddit.com/r/systemd/.rss";
delay = 172;
channels = [ "#systemdultras" ];
+ notifyErrors = false;
};
};
};
From 851ea9fef4d4e5351f73d7655721fcfcea85a69a Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 12 Mar 2021 20:30:51 +0100
Subject: [PATCH 28/38] ma tools/core: add rename
---
makefu/2configs/tools/core.nix | 1 +
1 file changed, 1 insertion(+)
diff --git a/makefu/2configs/tools/core.nix b/makefu/2configs/tools/core.nix
index 8339c9328..bce461e9e 100644
--- a/makefu/2configs/tools/core.nix
+++ b/makefu/2configs/tools/core.nix
@@ -17,6 +17,7 @@ ${gnused}/bin/sed -i "''${1}d" ~/.ssh/known_hosts
which
binutils
screen
+ rename # rename 's/^/hello/' *.txt
# fs
cifs-utils
From c5e6e6ba31d67c148068ae14ab06d54e65ae495b Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 12 Mar 2021 20:31:06 +0100
Subject: [PATCH 29/38] ma wireguard/server: enable persistentKeepalive
---
makefu/2configs/wireguard/server.nix | 2 ++
1 file changed, 2 insertions(+)
diff --git a/makefu/2configs/wireguard/server.nix b/makefu/2configs/wireguard/server.nix
index 76fea1d6d..c8fbfe6fb 100644
--- a/makefu/2configs/wireguard/server.nix
+++ b/makefu/2configs/wireguard/server.nix
@@ -39,11 +39,13 @@ in { # wireguard server
}
{
# work-router
+ persistentKeepalive = 25;
allowedIPs = [ "10.244.0.5/32" ];
publicKey = "QJMwwYu/92koCASbHnR/vqe/rN00EV6/o7BGwLockDw=";
}
{
# workr
+ persistentKeepalive = 25;
allowedIPs = [ "10.244.0.6/32" ];
publicKey = "OFhCF56BrV9tjqW1sxqXEKH/GdqamUT1SqZYSADl5GA=";
}
From 1da12adf038e962af76228b3e53d2eb8c0d367b2 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 12 Mar 2021 20:32:34 +0100
Subject: [PATCH 30/38] ma bureautomation/zigbee2mqtt: init
---
.../bureautomation/zigbee2mqtt/default.nix | 33 +++++
.../bureautomation/zigbee2mqtt/hass.nix | 130 ++++++++++++++++++
2 files changed, 163 insertions(+)
create mode 100644 makefu/2configs/bureautomation/zigbee2mqtt/default.nix
create mode 100644 makefu/2configs/bureautomation/zigbee2mqtt/hass.nix
diff --git a/makefu/2configs/bureautomation/zigbee2mqtt/default.nix b/makefu/2configs/bureautomation/zigbee2mqtt/default.nix
new file mode 100644
index 000000000..ba10ae74b
--- /dev/null
+++ b/makefu/2configs/bureautomation/zigbee2mqtt/default.nix
@@ -0,0 +1,33 @@
+{config, pkgs, lib, ...}:
+
+let
+ dataDir = "/var/lib/zigbee2mqtt";
+in
+ {
+ # symlink the zigbee controller
+ services.udev.extraRules = ''
+ SUBSYSTEM=="tty", ATTRS{idVendor}=="0451", ATTRS{idProduct}=="16a8", SYMLINK+="cc2531", MODE="0660", GROUP="dialout"
+ '';
+
+ services.zigbee2mqtt = {
+ enable = true;
+ inherit dataDir;
+ config = {
+ permit_join = true;
+ serial.port = "/dev/cc2531";
+ homeassistant = true;
+ };
+ };
+
+ state = [ "${dataDir}/devices.yaml" "${dataDir}/state.json" ];
+
+ systemd.services.zigbee2mqtt = {
+ # override automatic configuration.yaml deployment
+ environment.ZIGBEE2MQTT_DATA = dataDir;
+ after = [
+ "home-assistant.service"
+ "mosquitto.service"
+ "network-online.target"
+ ];
+ };
+}
diff --git a/makefu/2configs/bureautomation/zigbee2mqtt/hass.nix b/makefu/2configs/bureautomation/zigbee2mqtt/hass.nix
new file mode 100644
index 000000000..faf864ba6
--- /dev/null
+++ b/makefu/2configs/bureautomation/zigbee2mqtt/hass.nix
@@ -0,0 +1,130 @@
+# provides:
+# switch
+# automation
+# binary_sensor
+# sensor
+# input_select
+# timer
+let
+ inherit (import ../lib) zigbee;
+ prefix = zigbee.prefix;
+in
+{
+ services.home-assistant.config = {
+ sensor =
+
+ [
+ # Sensor for monitoring the bridge state
+ {
+ platform = "mqtt";
+ name = "Zigbee2mqtt Bridge state";
+ state_topic = "${prefix}/bridge/state";
+ icon = "mdi:router-wireless";
+ }
+ # Sensor for Showing the Zigbee2mqtt Version
+ {
+ platform = "mqtt";
+ name = "Zigbee2mqtt Version";
+ state_topic = "${prefix}/bridge/config";
+ value_template = "{{ value_json.version }}";
+ icon = "mdi:zigbee";
+ }
+ # Sensor for Showing the Coordinator Version
+ {
+ platform = "mqtt";
+ name = "Coordinator Version";
+ state_topic = "${prefix}/bridge/config";
+ value_template = "{{ value_json.coordinator }}";
+ icon = "mdi:chip";
+ }
+ ];
+ switch = [
+ {
+ platform = "mqtt";
+ name = "Zigbee2mqtt Main join";
+ state_topic = "${prefix}/bridge/config/permit_join";
+ command_topic = "${prefix}/bridge/config/permit_join";
+ payload_on = "true";
+ payload_off = "false";
+ }
+ ];
+ automation = [
+ {
+ alias = "Zigbee2mqtt Log Level";
+ initial_state = "on";
+ trigger = {
+ platform = "state";
+ entity_id = "input_select.zigbee2mqtt_log_level";
+ };
+ action = [
+ {
+ service = "mqtt.publish";
+ data = {
+ payload_template = "{{ states('input_select.zigbee2mqtt_log_level') }}";
+ topic = "${prefix}/bridge/config/log_level";
+ };
+ }
+ ];
+ }
+ # Automation to start timer when enable join is turned on
+ {
+ id = "zigbee_join_enabled";
+ alias = "Zigbee Join Enabled";
+ trigger =
+ {
+ platform = "state";
+ entity_id = "switch.zigbee2mqtt_main_join";
+ to = "on";
+ };
+ action =
+ {
+ service = "timer.start";
+ entity_id = "timer.zigbee_permit_join";
+ };
+ }
+ # # Automation to stop timer when switch turned off and turn off switch when timer finished
+ {
+ id = "zigbee_join_disabled";
+ alias = "Zigbee Join Disabled";
+ trigger = [
+ {
+ platform = "event";
+ event_type = "timer.finished";
+ event_data.entity_id = "timer.zigbee_permit_join";
+ }
+ {
+ platform = "state";
+ entity_id = "switch.zigbee2mqtt_main_join";
+ to = "off";
+ }
+ ];
+ action = [
+ { service = "timer.cancel";
+ data.entity_id = "timer.zigbee_permit_join";
+ }
+ { service = "switch.turn_off";
+ entity_id = "switch.zigbee2mqtt_main_join";
+ }
+ ];
+ }
+ ];
+ input_select.zigbee2mqtt_log_level =
+ {
+ name = "Zigbee2mqtt Log Level";
+ options = [
+ "debug"
+ "info"
+ "warn"
+ "error"
+ ];
+ initial = "info";
+ icon = "mdi:format-list-bulleted";
+ };
+
+ timer.zigbee_permit_join =
+ {
+ name = "Zigbee Time remaining";
+ duration = 120;
+ };
+ };
+}
From 46c9132c5a0b94427bee5ad8bf7d41f421d0208d Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 12 Mar 2021 20:32:54 +0100
Subject: [PATCH 31/38] ma ham/signal-rest: init
---
.../2configs/home/ham/signal-rest/default.nix | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
create mode 100644 makefu/2configs/home/ham/signal-rest/default.nix
diff --git a/makefu/2configs/home/ham/signal-rest/default.nix b/makefu/2configs/home/ham/signal-rest/default.nix
new file mode 100644
index 000000000..250a3596d
--- /dev/null
+++ b/makefu/2configs/home/ham/signal-rest/default.nix
@@ -0,0 +1,18 @@
+
+let
+ port = 8631;
+ image = "bbernhard/signal-cli-rest-api:latest";
+ config = "/var/lib/signal-cli-config";
+in {
+ systemd.tmpfiles.rules = [
+ "d ${config} docker docker - -"
+ ];
+ state = [ config ];
+ virtualisation.oci-containers.containers.signal-rest = {
+ image = image;
+ ports = [ "127.0.0.1:${toString port}:8080" ];
+ volumes = [
+ "${config}:/home/.local/share/signal-cli"
+ ];
+ };
+}
From 281fd57f5b29318f2d8dab86c3312b2e5ed16151 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 12 Mar 2021 20:33:08 +0100
Subject: [PATCH 32/38] ma hw/xmm7360: init
---
makefu/2configs/hw/xmm7360.nix | 11 +++++++++++
1 file changed, 11 insertions(+)
create mode 100644 makefu/2configs/hw/xmm7360.nix
diff --git a/makefu/2configs/hw/xmm7360.nix b/makefu/2configs/hw/xmm7360.nix
new file mode 100644
index 000000000..951dcaa0b
--- /dev/null
+++ b/makefu/2configs/hw/xmm7360.nix
@@ -0,0 +1,11 @@
+{ pkgs, config, ... }:
+let
+ pkg = (pkgs.callPackage ../../5pkgs/xmm7360 { kernel = config.boot.kernelPackages.kernel; });
+in
+{
+ boot.extraModulePackages = [
+ pkg
+ ];
+ boot.initrd.availableKernelModules = [ "xmm7360" ];
+ users.users.makefu.packages = [ pkg ];
+}
From 60706778704c425b69415ec40436cd61a35e87d1 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 12 Mar 2021 20:33:21 +0100
Subject: [PATCH 33/38] ma share/omo-client: init
---
makefu/2configs/share/omo-client.nix | 28 ++++++++++++++++++++++++++++
1 file changed, 28 insertions(+)
create mode 100644 makefu/2configs/share/omo-client.nix
diff --git a/makefu/2configs/share/omo-client.nix b/makefu/2configs/share/omo-client.nix
new file mode 100644
index 000000000..4ad32bdd6
--- /dev/null
+++ b/makefu/2configs/share/omo-client.nix
@@ -0,0 +1,28 @@
+{ config, lib, pkgs, ... }:
+
+let
+ automount_opts =
+ [ "x-systemd.automount"
+ "noauto" "x-systemd.idle-timeout=600"
+ "x-systemd.device-timeout=5s"
+ "x-systemd.mount-timeout=5s"
+ ];
+ host = "omo.lan"; #TODO
+ path = "/media/omo/photos";
+in {
+ systemd.tmpfiles.rules = [
+ "d ${path} root root - -"
+ ];
+ fileSystems."${path}" = {
+ device = "//${host}/photos";
+ fsType = "cifs";
+ options = automount_opts ++
+ [ "credentials=/var/src/secrets/omo-client.smb"
+ "file_mode=0775"
+ "dir_mode=0775"
+ "uid=9001"
+ "vers=3"
+ ];
+ };
+
+}
From fe393ec4e753f2b84439eb719613a9fa79ec0c15 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 12 Mar 2021 20:34:01 +0100
Subject: [PATCH 34/38] puyak.r: rename interface, use correct subnet
---
krebs/1systems/puyak/net.nix | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/krebs/1systems/puyak/net.nix b/krebs/1systems/puyak/net.nix
index 4cb8d247c..8dab11e16 100644
--- a/krebs/1systems/puyak/net.nix
+++ b/krebs/1systems/puyak/net.nix
@@ -1,11 +1,11 @@
let
- ext-if = "enp0s25";
+ ext-if = "et0";
shack-ip = "10.42.22.184";
shack-gw = "10.42.20.1";
in {
services.udev.extraRules = ''
SUBSYSTEM=="net", ATTR{address}=="8c:70:5a:b2:84:58", NAME="wl0"
- SUBSYSTEM=="net", ATTR{address}=="3c:97:0e:07:b9:14", NAME="et0"
+ SUBSYSTEM=="net", ATTR{address}=="3c:97:0e:07:b9:14", NAME="${ext-if}"
'';
networking = {
firewall.enable = false;
@@ -13,7 +13,7 @@ in {
interfaces."${ext-if}".ipv4.addresses = [
{
address = shack-ip;
- prefixLength = 20;
+ prefixLength = 22;
}
];
From aa1b8ed563f9df4d6d9f4793c27e149f1e23a942 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 12 Mar 2021 20:35:48 +0100
Subject: [PATCH 35/38] ma krops: add buildTarget
---
makefu/krops.nix | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/makefu/krops.nix b/makefu/krops.nix
index a03fea029..12c003b24 100644
--- a/makefu/krops.nix
+++ b/makefu/krops.nix
@@ -1,4 +1,4 @@
-{ config ? config, name, target ? name }: let
+{ config ? config, name, target ? name , buildTarget ? target }: let
krops = ../submodules/krops;
nixpkgs-src = lib.importJSON ../krebs/nixpkgs.json;
@@ -87,6 +87,7 @@ in {
deploy = pkgs.krops.writeDeploy "${name}-deploy" {
source = source { test = false; };
target = "root@${target}/var/src";
+ buildTarget = if target == buildTarget then "root@${target}/var/src" else "root@${buildTarget}/tmp/";
};
# usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test)
From 7c3e55fafcecf1fc2c88c99b51d0d723ef9a0bf0 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 12 Mar 2021 20:52:14 +0100
Subject: [PATCH 36/38] =?UTF-8?q?ma=20bureautiomation:=20init=20philosophi?=
=?UTF-8?q?sche=20t=C3=BCr?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
.../automation/philosophische-tuer.nix | 108 ++++++++++++++++++
1 file changed, 108 insertions(+)
create mode 100644 makefu/2configs/bureautomation/automation/philosophische-tuer.nix
diff --git a/makefu/2configs/bureautomation/automation/philosophische-tuer.nix b/makefu/2configs/bureautomation/automation/philosophische-tuer.nix
new file mode 100644
index 000000000..9ccb81348
--- /dev/null
+++ b/makefu/2configs/bureautomation/automation/philosophische-tuer.nix
@@ -0,0 +1,108 @@
+{ config, pkgs, lib, ... }:
+
+let
+ short_threshold = 30; #seconds
+ long_threshold = 30; #minutes
+ sensor = "binary_sensor.buerotuer_contact";
+
+ # get the list of all
+ name = "tueraudio";
+ prefix = "http://localhost:8123/local/${name}";
+ audiodir = "${config.services.home-assistant.configDir}/www/${name}";
+ recordrepo = pkgs.fetchFromGitHub {
+ owner = "makefu";
+ repo = "philosophische_tuer";
+ rev = "17544c6";
+ sha256 = "0bm0697fyf6s05c6yw6y25cyck04rlxj1dgazkq8mfqk6756v2bq";
+ };
+ samples = user: lib.mapAttrsToList
+ (file: _: ''"${prefix}/${name}/${user}/${file}"'')
+ (builtins.readDir (toString ( recordrepo+ "/recordings/${user}")));
+ random_tuerspruch = ''{{'' + (lib.concatStringsSep "," ((samples "Felix") ++ (samples "Sofia") ++ (samples "Markus"))) + ''| random}}''; # TODO read from derivation
+in
+{
+ systemd.tmpfiles.rules = [
+ "d ${audiodir} - hass hass - -"
+ ];
+
+ systemd.services.copy-philosophische-tuersounds = {
+ description = "copy philosophische tuer";
+ wantedBy = [ "multi-user.target" ];
+ serviceConfig = {
+ Type = "oneshot";
+ User = "hass";
+ WorkingDirectory = audiodir;
+ ExecStart = pkgs.writeDash "update-samples" ''
+ cp -vr ${recordrepo} ${audiodir}
+ '';
+ };
+ };
+
+ services.home-assistant.config.media_extractor = { };
+ services.home-assistant.config.script."philosophische_tuer" = {
+ alias = "Durchsage der philosophischen Tür";
+ sequence = [
+ { service = "media_player.play_media";
+ data = {
+ entity_id = "media_player.mpd";
+ media_content_type = "playlist";
+ media_content_id = "ansage";
+ };
+ }
+ { delay.seconds = 5; }
+ { service = "media_extractor.play_media";
+ entity_id = "media_player.mpd";
+ data_template = {
+ media_content_id = random_tuerspruch;
+ media_content_type = "MUSIC";
+ };
+ }
+ ];
+ };
+ services.home-assistant.config.automation =
+ [
+ {
+ alias = "Tür offen seit ${toString short_threshold} sekunden";
+ trigger =
+ { platform = "state";
+ entity_id = sensor;
+ to = "on";
+ for.seconds = 60;
+ };
+ condition = { };
+
+ action = [
+ { service = "homeassistant.turn_on";
+ entity_id = [
+ "script.philosophische_tuer"
+ ];
+ }
+ ];
+ }
+ {
+ alias = "Tür offen seit ${toString long_threshold} minuten";
+ trigger =
+ { platform = "state";
+ entity_id = sensor;
+ to = "on";
+ for.minutes = long_threshold;
+ };
+ condition = { };
+
+ action = [
+ { service = "homeassistant.turn_on";
+ entity_id = [
+ "script.philosophische_tuer"
+ ];
+ }
+ { service = "tts.google_say";
+ entity_id = "media_player.mpd";
+ data_template = {
+ message = "BEEP BOOP - Die Tür ist schon seit ${toString long_threshold} Minuten offen! Student Nummer {{ range(1,500) | random }}, bitte schliesse die Tür";
+ language = "de";
+ };
+ }
+ ];
+ }
+ ];
+}
From 921e46c16a8dc60f5f5679dffb269aad8f472cc5 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 12 Mar 2021 20:54:06 +0100
Subject: [PATCH 37/38] ma etherpad: also move template.md
---
makefu/2configs/{deployment/docker => bgt}/template.md | 0
1 file changed, 0 insertions(+), 0 deletions(-)
rename makefu/2configs/{deployment/docker => bgt}/template.md (100%)
diff --git a/makefu/2configs/deployment/docker/template.md b/makefu/2configs/bgt/template.md
similarity index 100%
rename from makefu/2configs/deployment/docker/template.md
rename to makefu/2configs/bgt/template.md
From 2044ad632b68ce173463287a9f437aae699bda83 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 12 Mar 2021 20:54:40 +0100
Subject: [PATCH 38/38] ma pkgs.xmm7360: init
---
makefu/5pkgs/xmm7360/default.nix | 47 ++++++++++++++++++++++++++++++++
1 file changed, 47 insertions(+)
create mode 100644 makefu/5pkgs/xmm7360/default.nix
diff --git a/makefu/5pkgs/xmm7360/default.nix b/makefu/5pkgs/xmm7360/default.nix
new file mode 100644
index 000000000..5e423b5af
--- /dev/null
+++ b/makefu/5pkgs/xmm7360/default.nix
@@ -0,0 +1,47 @@
+{ stdenv, fetchFromGitHub, python3, kernel, kmod }:
+let
+ py = python3.withPackages (p: [ p.ConfigArgParse p.pyroute2 ]);
+in
+stdenv.mkDerivation rec {
+ name = "xmm7360-pci-${version}-${kernel.version}";
+ version = "1.0";
+
+ src = fetchFromGitHub {
+ owner = "xmm7360";
+ repo = "xmm7360-pci";
+ rev = "0060149";
+ sha256 = "0nr7adlwglpw6hp44x0pq8xhv7kik7nsb8yzbxllvy2v1pinyflv";
+ };
+
+ #sourceRoot = "source/linux/v4l2loopback";
+
+ buildTargets = "default";
+ hardeningDisable = [ "pic" ];
+
+ nativeBuildInputs = kernel.moduleBuildDependencies;
+ buildInputs = [ kmod ];
+
+
+ makeFlags = [
+ "KVERSION=${kernel.modDirVersion}"
+ "KDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"
+ "INSTALL_MOD_PATH=$(out)"
+ ];
+ postInstall = ''
+ install -d $out/lib/xmm7360/
+ cp -r rpc/ $out/lib/xmm7360/
+ cat > open_xdatachannel <<EOF
+ cd $out/lib/xmm7360
+ exec ${py}/bin/python3 rpc/open_xdatachannel.py $@
+ EOF
+ install -D open_xdatachannel $out/bin/open_xdatachannel
+ '';
+
+ meta = with stdenv.lib; {
+ description = "A kernel module to create V4L2 loopback devices";
+ homepage = "https://github.com/aramg/droidcam";
+ license = licenses.gpl2;
+ maintainers = [ maintainers.makefu ];
+ platforms = platforms.linux;
+ };
+}