Merge remote-tracking branch 'prism/master'
This commit is contained in:
commit
67cda2940f
48
krebs/1systems/filebitch/config.nix
Normal file
48
krebs/1systems/filebitch/config.nix
Normal file
|
@ -0,0 +1,48 @@
|
||||||
|
{ config, pkgs, ... }:
|
||||||
|
let
|
||||||
|
shack-ip = config.krebs.build.host.nets.shack.ip4.addr;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
./hardware-configuration.nix
|
||||||
|
<stockholm/krebs>
|
||||||
|
<stockholm/krebs/2configs>
|
||||||
|
# <stockholm/krebs/2configs/secret-passwords.nix>
|
||||||
|
|
||||||
|
# <stockholm/krebs/2configs/binary-cache/nixos.nix>
|
||||||
|
# <stockholm/krebs/2configs/binary-cache/prism.nix>
|
||||||
|
<stockholm/krebs/2configs/shack/ssh-keys.nix>
|
||||||
|
<stockholm/krebs/2configs/shack/prometheus/node.nix>
|
||||||
|
# provides access to /home/share for smbuser via smb
|
||||||
|
<stockholm/krebs/2configs/shack/share.nix>
|
||||||
|
{
|
||||||
|
fileSystems."/home/share" =
|
||||||
|
{ device = "/serve";
|
||||||
|
options = [ "bind" "nofail" ];
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
|
## Collect local statistics via collectd and send to collectd
|
||||||
|
<stockholm/krebs/2configs/stats/shack-client.nix>
|
||||||
|
<stockholm/krebs/2configs/stats/shack-debugging.nix>
|
||||||
|
];
|
||||||
|
|
||||||
|
krebs.build.host = config.krebs.hosts.filebitch;
|
||||||
|
sound.enable = false;
|
||||||
|
|
||||||
|
services.udev.extraRules = ''
|
||||||
|
SUBSYSTEM=="net", ATTR{address}=="60:a4:4c:3d:52:cf", NAME="et0"
|
||||||
|
'';
|
||||||
|
networking = {
|
||||||
|
firewall.enable = true;
|
||||||
|
interfaces.et0.ipv4.addresses = [
|
||||||
|
{
|
||||||
|
address = shack-ip;
|
||||||
|
prefixLength = 20;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
|
defaultGateway = "10.42.0.1";
|
||||||
|
nameservers = [ "10.42.0.100" "10.42.0.200" ];
|
||||||
|
};
|
||||||
|
}
|
96
krebs/1systems/filebitch/hardware-configuration.nix
Normal file
96
krebs/1systems/filebitch/hardware-configuration.nix
Normal file
|
@ -0,0 +1,96 @@
|
||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
let
|
||||||
|
byid = dev: "/dev/disk/by-id/" + dev;
|
||||||
|
keyFile = byid "usb-SMI_USB_DISK_AA08061700009650-0:0";
|
||||||
|
in
|
||||||
|
{
|
||||||
|
imports =
|
||||||
|
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
|
||||||
|
];
|
||||||
|
boot.loader.grub.enable = true;
|
||||||
|
boot.loader.grub.version = 2;
|
||||||
|
boot.zfs.devNodes = "/dev"; # fixes some virtualmachine issues
|
||||||
|
boot.zfs.forceImportRoot = false;
|
||||||
|
boot.zfs.forceImportAll = false;
|
||||||
|
boot.kernelParams = [
|
||||||
|
"boot.shell_on_fail"
|
||||||
|
"panic=30" "boot.panic_on_fail" # reboot the machine upon fatal boot issues
|
||||||
|
];
|
||||||
|
boot.tmpOnTmpfs = true;
|
||||||
|
|
||||||
|
|
||||||
|
boot.initrd.availableKernelModules = [
|
||||||
|
"xhci_pci" "ahci" "ohci_pci" "ehci_pci" "usb_storage" "usbhid" "sd_mod"
|
||||||
|
"raid456"
|
||||||
|
"usbhid"
|
||||||
|
"usb_storage"
|
||||||
|
];
|
||||||
|
boot.initrd.kernelModules = [
|
||||||
|
"sata_sil"
|
||||||
|
"megaraid_sas"
|
||||||
|
];
|
||||||
|
boot.kernelModules = [ "kvm-amd" ];
|
||||||
|
boot.extraModulePackages = [ ];
|
||||||
|
|
||||||
|
fileSystems."/" =
|
||||||
|
{ device = "tank/root";
|
||||||
|
fsType = "zfs";
|
||||||
|
};
|
||||||
|
|
||||||
|
fileSystems."/home" =
|
||||||
|
{ device = "tank/home";
|
||||||
|
fsType = "zfs";
|
||||||
|
};
|
||||||
|
|
||||||
|
fileSystems."/nix" =
|
||||||
|
{ device = "tank/nix";
|
||||||
|
fsType = "zfs";
|
||||||
|
};
|
||||||
|
|
||||||
|
fileSystems."/boot" =
|
||||||
|
{ device = "/dev/disk/by-uuid/5266-931D";
|
||||||
|
fsType = "vfat";
|
||||||
|
};
|
||||||
|
fileSystems."/serve" =
|
||||||
|
{ device = "/dev/cryptvg/serve";
|
||||||
|
fsType = "ext4";
|
||||||
|
options = [ "nofail" ];
|
||||||
|
};
|
||||||
|
fileSystems."/serve/incoming" =
|
||||||
|
{ device = "/dev/cryptvg/incoming";
|
||||||
|
fsType = "ext4";
|
||||||
|
options = [ "nofail" ];
|
||||||
|
|
||||||
|
};
|
||||||
|
fileSystems."/serve/movies" =
|
||||||
|
{ device = "/dev/cryptvg/servemovies";
|
||||||
|
fsType = "ext4";
|
||||||
|
options = [ "nofail" ];
|
||||||
|
};
|
||||||
|
|
||||||
|
swapDevices =
|
||||||
|
[ { device = "/dev/disk/by-uuid/3353c76f-50e4-471d-84bc-ff922d22b271"; }
|
||||||
|
];
|
||||||
|
|
||||||
|
nix.maxJobs = lib.mkDefault 4;
|
||||||
|
boot.loader.grub.device = byid "ata-INTEL_SSDSA2M080G2GC_CVPO013300WD080BGN";
|
||||||
|
|
||||||
|
networking.hostId = "54d97450"; # required for zfs use
|
||||||
|
boot.initrd.luks.devices = let
|
||||||
|
usbkey = name: device: {
|
||||||
|
inherit name device keyFile;
|
||||||
|
keyFileSize = 2048;
|
||||||
|
preLVM = true;
|
||||||
|
};
|
||||||
|
in [
|
||||||
|
((usbkey "swap" (byid "ata-INTEL_SSDSA2M080G2GC_CVPO013300WD080BGN-part2"))
|
||||||
|
// { allowDiscards = true; } )
|
||||||
|
((usbkey "root" (byid "ata-INTEL_SSDSA2M080G2GC_CVPO013300WD080BGN-part3"))
|
||||||
|
// { allowDiscards = true; } )
|
||||||
|
(usbkey "125" "/dev/md125")
|
||||||
|
(usbkey "126" "/dev/md126")
|
||||||
|
(usbkey "127" "/dev/md127")
|
||||||
|
];
|
||||||
|
|
||||||
|
|
||||||
|
}
|
|
@ -69,6 +69,10 @@ in
|
||||||
# grafana.shack
|
# grafana.shack
|
||||||
<stockholm/krebs/2configs/shack/grafana.nix>
|
<stockholm/krebs/2configs/shack/grafana.nix>
|
||||||
|
|
||||||
|
# shackdns.shack
|
||||||
|
# replacement for leases.shack and shackles.shack
|
||||||
|
<stockholm/krebs/2configs/shack/shackDNS.nix>
|
||||||
|
|
||||||
];
|
];
|
||||||
# use your own binary cache, fallback use cache.nixos.org (which is used by
|
# use your own binary cache, fallback use cache.nixos.org (which is used by
|
||||||
# apt-cacher-ng in first place)
|
# apt-cacher-ng in first place)
|
||||||
|
|
|
@ -27,6 +27,7 @@
|
||||||
"http://cgit.ni.r/krops"
|
"http://cgit.ni.r/krops"
|
||||||
"http://cgit.prism.r/krops"
|
"http://cgit.prism.r/krops"
|
||||||
"https://git.ingolf-wagner.de/krebs/krops.git"
|
"https://git.ingolf-wagner.de/krebs/krops.git"
|
||||||
|
"https://github.com/krebs/krops.git"
|
||||||
];
|
];
|
||||||
nix_writers.urls = [
|
nix_writers.urls = [
|
||||||
"http://cgit.hotdog.r/nix-writers"
|
"http://cgit.hotdog.r/nix-writers"
|
||||||
|
|
20
krebs/2configs/shack/glados/automation/hass-restart.nix
Normal file
20
krebs/2configs/shack/glados/automation/hass-restart.nix
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
# needs:
|
||||||
|
# light.fablab_led
|
||||||
|
[
|
||||||
|
{ alias = "State on HA start-up";
|
||||||
|
trigger = {
|
||||||
|
platform = "homeassistant";
|
||||||
|
event = "start";
|
||||||
|
};
|
||||||
|
action = [
|
||||||
|
{ service = "light.turn_on";
|
||||||
|
data = {
|
||||||
|
entity_id = "light.fablab_led";
|
||||||
|
effect = "Rainbow";
|
||||||
|
color_name = "yellow";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
||||||
|
]
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
let
|
let
|
||||||
shackopen = import ./multi/shackopen.nix;
|
shackopen = import ./multi/shackopen.nix;
|
||||||
wasser = import ./multi/wasser.nix;
|
wasser = import ./multi/wasser.nix;
|
||||||
|
badair = import ./multi/schlechte_luft.nix;
|
||||||
in {
|
in {
|
||||||
services.nginx.virtualHosts."hass.shack" = {
|
services.nginx.virtualHosts."hass.shack" = {
|
||||||
serverAliases = [ "glados.shack" ];
|
serverAliases = [ "glados.shack" ];
|
||||||
|
@ -44,7 +45,7 @@ in {
|
||||||
autoExtraComponents = true;
|
autoExtraComponents = true;
|
||||||
config = {
|
config = {
|
||||||
homeassistant = {
|
homeassistant = {
|
||||||
name = "Bureautomation";
|
name = "Glados";
|
||||||
time_zone = "Europe/Berlin";
|
time_zone = "Europe/Berlin";
|
||||||
latitude = "48.8265";
|
latitude = "48.8265";
|
||||||
longitude = "9.0676";
|
longitude = "9.0676";
|
||||||
|
@ -89,7 +90,7 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
switch = wasser.switch;
|
switch = wasser.switch;
|
||||||
light = [];
|
light = badair.light;
|
||||||
media_player = [
|
media_player = [
|
||||||
{ platform = "mpd";
|
{ platform = "mpd";
|
||||||
host = "lounge.mpd.shack";
|
host = "lounge.mpd.shack";
|
||||||
|
@ -99,7 +100,8 @@ in {
|
||||||
sensor =
|
sensor =
|
||||||
(import ./sensors/hass.nix)
|
(import ./sensors/hass.nix)
|
||||||
++ (import ./sensors/power.nix)
|
++ (import ./sensors/power.nix)
|
||||||
++ shackopen.sensor;
|
++ shackopen.sensor
|
||||||
|
++ badair.sensor;
|
||||||
|
|
||||||
binary_sensor = shackopen.binary_sensor;
|
binary_sensor = shackopen.binary_sensor;
|
||||||
|
|
||||||
|
@ -113,8 +115,9 @@ in {
|
||||||
trusted_proxies = "127.0.0.1";
|
trusted_proxies = "127.0.0.1";
|
||||||
};
|
};
|
||||||
#conversation = {};
|
#conversation = {};
|
||||||
#history = {};
|
history = {};
|
||||||
#logbook = {};
|
logbook = {};
|
||||||
|
recorder = {};
|
||||||
tts = [
|
tts = [
|
||||||
{ platform = "google_translate";
|
{ platform = "google_translate";
|
||||||
language = "de";
|
language = "de";
|
||||||
|
@ -123,10 +126,12 @@ in {
|
||||||
# language = "de-DE";
|
# language = "de-DE";
|
||||||
#}
|
#}
|
||||||
];
|
];
|
||||||
#recorder = {};
|
|
||||||
sun = {};
|
sun = {};
|
||||||
|
|
||||||
automation = wasser.automation;
|
automation = wasser.automation
|
||||||
|
++ badair.automation
|
||||||
|
++ (import ./automation/hass-restart.nix);
|
||||||
|
|
||||||
device_tracker = [];
|
device_tracker = [];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
107
krebs/2configs/shack/glados/lib/default.nix
Normal file
107
krebs/2configs/shack/glados/lib/default.nix
Normal file
|
@ -0,0 +1,107 @@
|
||||||
|
let
|
||||||
|
prefix = "glados";
|
||||||
|
in
|
||||||
|
{
|
||||||
|
esphome =
|
||||||
|
{
|
||||||
|
temp = {host, topic ? "temperature" }:
|
||||||
|
{
|
||||||
|
platform = "mqtt";
|
||||||
|
name = "${host} Temperature";
|
||||||
|
device_class = "temperature";
|
||||||
|
unit_of_measurement = "°C";
|
||||||
|
icon = "mdi:thermometer";
|
||||||
|
state_topic = "${prefix}/${host}/sensor/${topic}/state";
|
||||||
|
availability_topic = "${prefix}/${host}/status";
|
||||||
|
payload_available = "online";
|
||||||
|
payload_not_available = "offline";
|
||||||
|
};
|
||||||
|
hum = {host, topic ? "humidity" }:
|
||||||
|
{
|
||||||
|
platform = "mqtt";
|
||||||
|
unit_of_measurement = "%";
|
||||||
|
icon = "mdi:water-percent";
|
||||||
|
device_class = "humidity";
|
||||||
|
name = "${host} Humidity";
|
||||||
|
state_topic = "${prefix}/${host}/sensor/${topic}/state";
|
||||||
|
availability_topic = "${prefix}/${host}/status";
|
||||||
|
payload_available = "online";
|
||||||
|
payload_not_available = "offline";
|
||||||
|
};
|
||||||
|
# copied from "homeassistant/light/fablab_led/led_ring/config"
|
||||||
|
led = {host, topic ? "led", name ? host}:
|
||||||
|
{ # name: fablab_led
|
||||||
|
# topic: led_ring
|
||||||
|
platform = "mqtt";
|
||||||
|
inherit name;
|
||||||
|
schema = "json";
|
||||||
|
brightness = true;
|
||||||
|
rgb = true;
|
||||||
|
effect = true;
|
||||||
|
effect_list = [ # TODO: may be different
|
||||||
|
"Random"
|
||||||
|
"Strobe"
|
||||||
|
"Rainbow"
|
||||||
|
"Color Wipe"
|
||||||
|
"Scan"
|
||||||
|
"Twinkle"
|
||||||
|
"Fireworks"
|
||||||
|
"Addressable Flicker"
|
||||||
|
"None"
|
||||||
|
];
|
||||||
|
state_topic = "${prefix}/${host}/light/${topic}/state";
|
||||||
|
command_topic = "${prefix}/${host}/light/${topic}/command";
|
||||||
|
availability_topic = "${prefix}/${host}/status";
|
||||||
|
payload_available = "online";
|
||||||
|
payload_not_available = "offline";
|
||||||
|
qos = 1;
|
||||||
|
};
|
||||||
|
# Feinstaub
|
||||||
|
dust_25m = { host, name ? "${host} < 2.5µm", topic ? "particulate_matter_25m_concentration" }:
|
||||||
|
{
|
||||||
|
platform = "mqtt";
|
||||||
|
unit_of_measurement = "µg/m³";
|
||||||
|
icon = "mdi:chemical-weapon";
|
||||||
|
inherit name;
|
||||||
|
state_topic = "${prefix}/${host}/sensor/${topic}/state";
|
||||||
|
availability_topic = "${prefix}/${host}/status";
|
||||||
|
};
|
||||||
|
dust_100m = {host, name ? "${host} < 10µm", topic ? "particulate_matter_100m_concentration" }:
|
||||||
|
{
|
||||||
|
platform = "mqtt";
|
||||||
|
unit_of_measurement = "µg/m³";
|
||||||
|
icon = "mdi:chemical-weapon";
|
||||||
|
inherit name;
|
||||||
|
state_topic = "${prefix}/${host}/sensor/${topic}/state";
|
||||||
|
availability_topic = "${prefix}/${host}/status";
|
||||||
|
};
|
||||||
|
switch = {host, name ? "${host} Button", topic ? "btn" }:
|
||||||
|
# host: ampel
|
||||||
|
# name: Button 1
|
||||||
|
# topic: btn1
|
||||||
|
{
|
||||||
|
inherit name;
|
||||||
|
platform = "mqtt";
|
||||||
|
state_topic = "${prefix}/${host}/sensor/${topic}/state";
|
||||||
|
command_topic = "${prefix}/${host}/switch/${topic}/state";
|
||||||
|
availability_topic = "${prefix}/${host}/status";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
tasmota =
|
||||||
|
{
|
||||||
|
plug = {host, name ? host, topic ? host}:
|
||||||
|
{
|
||||||
|
platform = "mqtt";
|
||||||
|
inherit name;
|
||||||
|
state_topic = "sonoff/stat/${topic}/POWER1";
|
||||||
|
command_topic = "sonoff/cmnd/${topic}/POWER1";
|
||||||
|
availability_topic = "sonoff/tele/${topic}/LWT";
|
||||||
|
payload_on= "ON";
|
||||||
|
payload_off= "OFF";
|
||||||
|
payload_available= "Online";
|
||||||
|
payload_not_available= "Offline";
|
||||||
|
retain = false;
|
||||||
|
qos = 1;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
123
krebs/2configs/shack/glados/multi/schlechte_luft.nix
Normal file
123
krebs/2configs/shack/glados/multi/schlechte_luft.nix
Normal file
|
@ -0,0 +1,123 @@
|
||||||
|
let
|
||||||
|
glados = import ../lib;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
# LED
|
||||||
|
light = [
|
||||||
|
(glados.esphome.led { name = "Fablab LED"; host = "fablab_led"; topic = "led_ring"; })
|
||||||
|
|
||||||
|
(glados.esphome.led { name = "Fablab LED Part A"; host = "fablab_led"; topic = "A";})
|
||||||
|
(glados.esphome.led { name = "Fablab LED Part B"; host = "fablab_led"; topic = "B";})
|
||||||
|
(glados.esphome.led { name = "Fablab LED Part C"; host = "fablab_led"; topic = "C";})
|
||||||
|
(glados.esphome.led { name = "Fablab LED Part D"; host = "fablab_led"; topic = "D";})
|
||||||
|
];
|
||||||
|
sensor = [
|
||||||
|
(glados.esphome.temp { host = "fablab_feinstaub";})
|
||||||
|
(glados.esphome.dust_25m { host = "fablab_feinstaub";})
|
||||||
|
(glados.esphome.dust_100m { host = "fablab_feinstaub";})
|
||||||
|
];
|
||||||
|
automation =
|
||||||
|
[
|
||||||
|
{ alias = "Gute Luft Fablab";
|
||||||
|
trigger = [
|
||||||
|
{
|
||||||
|
platform = "numeric_state";
|
||||||
|
below = 25;
|
||||||
|
entity_id = "sensor.fablab_feinstaub_2_5um";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
action =
|
||||||
|
[
|
||||||
|
{ service = "light.turn_on";
|
||||||
|
data = {
|
||||||
|
entity_id = "light.fablab_led";
|
||||||
|
effect = "Twinkle";
|
||||||
|
color_name = "green";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
||||||
|
{ alias = "mäßige Luft Fablab";
|
||||||
|
trigger = [
|
||||||
|
#{
|
||||||
|
# platform = "numeric_state";
|
||||||
|
# above = 25;
|
||||||
|
# entity_id = "sensor.fablab_feinstaub_25m";
|
||||||
|
#}
|
||||||
|
{
|
||||||
|
platform = "numeric_state";
|
||||||
|
above = 25;
|
||||||
|
below = 50;
|
||||||
|
entity_id = "sensor.fablab_feinstaub_2_5um";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
action =
|
||||||
|
[
|
||||||
|
{ service = "light.turn_on";
|
||||||
|
data = {
|
||||||
|
entity_id = "light.fablab_led";
|
||||||
|
effect = "Twinkle";
|
||||||
|
color_name = "yellow";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
||||||
|
{ alias = "schlechte Luft Fablab";
|
||||||
|
trigger = [
|
||||||
|
{
|
||||||
|
platform = "numeric_state";
|
||||||
|
above = 50;
|
||||||
|
entity_id = "sensor.fablab_feinstaub_2_5um";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
action =
|
||||||
|
[
|
||||||
|
{ service = "light.turn_on";
|
||||||
|
data = {
|
||||||
|
entity_id = "light.fablab_led";
|
||||||
|
effect = "Twinkle";
|
||||||
|
color_name = "red";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
||||||
|
{ alias = "Luft Sensor nicht verfügbar";
|
||||||
|
trigger = [
|
||||||
|
{
|
||||||
|
platform = "state";
|
||||||
|
to = "unavailable";
|
||||||
|
entity_id = "sensor.fablab_feinstaub_2_5um";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
action =
|
||||||
|
[
|
||||||
|
{ service = "light.turn_on";
|
||||||
|
data = {
|
||||||
|
entity_id = "light.fablab_led";
|
||||||
|
effect = "Rainbow";
|
||||||
|
color_name = "blue";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
||||||
|
{ alias = "Fablab Licht Reboot";
|
||||||
|
trigger = [
|
||||||
|
{
|
||||||
|
platform = "state";
|
||||||
|
from = "unavailable";
|
||||||
|
entity_id = "light.fablab_led";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
action =
|
||||||
|
[
|
||||||
|
{ service = "light.turn_on";
|
||||||
|
data = {
|
||||||
|
entity_id = "light.fablab_led";
|
||||||
|
effect = "Rainbow";
|
||||||
|
color_name = "orange";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
|
@ -1,23 +1,12 @@
|
||||||
let
|
let
|
||||||
tasmota_plug = name: topic:
|
glados = import ../lib;
|
||||||
{ platform = "mqtt";
|
|
||||||
inherit name;
|
|
||||||
state_topic = "sonoff/stat/${topic}/POWER1";
|
|
||||||
command_topic = "sonoff/cmnd/${topic}/POWER1";
|
|
||||||
availability_topic = "sonoff/tele/${topic}/LWT";
|
|
||||||
payload_on= "ON";
|
|
||||||
payload_off= "OFF";
|
|
||||||
payload_available= "Online";
|
|
||||||
payload_not_available= "Offline";
|
|
||||||
retain = false;
|
|
||||||
qos = 1;
|
|
||||||
};
|
|
||||||
seconds = 20;
|
seconds = 20;
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
switch = [
|
switch = [
|
||||||
(tasmota_plug "Wasser" "plug")
|
(glados.tasmota.plug { host = "Wasser"; topic = "plug";} )
|
||||||
];
|
];
|
||||||
|
|
||||||
automation =
|
automation =
|
||||||
[
|
[
|
||||||
{ alias = "Water the plant for ${toString seconds} seconds";
|
{ alias = "Water the plant for ${toString seconds} seconds";
|
||||||
|
|
|
@ -1,22 +1,5 @@
|
||||||
let
|
let
|
||||||
esphome_temp = name:
|
glados = import ../lib;
|
||||||
{ platform = "mqtt";
|
|
||||||
name = "${name} Temperature";
|
|
||||||
device_class = "temperature";
|
|
||||||
state_topic = "glados/${name}/sensor/temperature/state";
|
|
||||||
availability_topic = "glados/${name}/status";
|
|
||||||
payload_available = "online";
|
|
||||||
payload_not_available = "offline";
|
|
||||||
};
|
|
||||||
esphome_hum = name:
|
|
||||||
{ platform = "mqtt";
|
|
||||||
device_class = "humidity";
|
|
||||||
name = "${name} Humidity";
|
|
||||||
state_topic = "glados/${name}/sensor/humidity/state";
|
|
||||||
availability_topic = "glados/${name}/status";
|
|
||||||
payload_available = "online";
|
|
||||||
payload_not_available = "offline";
|
|
||||||
};
|
|
||||||
in
|
in
|
||||||
(map esphome_temp [ "lounge" "werkstatt" "herrenklo" "dusche" "fablab" "whc" ])
|
(map (host: glados.esphome.temp {inherit host;}) [ "lounge" "werkstatt" "herrenklo" "dusche" "fablab" "whc" ])
|
||||||
++ (map esphome_hum [ "lounge" "werkstatt" "herrenklo" "dusche" "fablab" "whc" ])
|
++ (map (host: glados.esphome.hum {inherit host;}) [ "lounge" "werkstatt" "herrenklo" "dusche" "fablab" "whc" ])
|
||||||
|
|
|
@ -4,8 +4,8 @@ let
|
||||||
pkg = pkgs.callPackage (
|
pkg = pkgs.callPackage (
|
||||||
pkgs.fetchgit {
|
pkgs.fetchgit {
|
||||||
url = "https://git.shackspace.de/rz/muellshack";
|
url = "https://git.shackspace.de/rz/muellshack";
|
||||||
rev = "4601f59787de090c83be6dbae6ca72d7fc84ab9f";
|
rev = "c3d1f70325e5b90f280c5be60110e14f4de653ae";
|
||||||
sha256 = "1cshbd6ipvynbm3gmnsm58ccc1m5xc87cpd3b6jx0s6pr2j19g9j";
|
sha256 = "1dd4kqwdr4v413rmkvmyjzzvw8id9747nifp96pg0c2cy6bhzj24";
|
||||||
}) { mkYarnPackage = pkgs.yarn2nix-moretea.mkYarnPackage; };
|
}) { mkYarnPackage = pkgs.yarn2nix-moretea.mkYarnPackage; };
|
||||||
home = "/var/lib/muellshack";
|
home = "/var/lib/muellshack";
|
||||||
port = "8081";
|
port = "8081";
|
||||||
|
|
63
krebs/2configs/shack/shackDNS.nix
Normal file
63
krebs/2configs/shack/shackDNS.nix
Normal file
|
@ -0,0 +1,63 @@
|
||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
pkg =
|
||||||
|
pkgs.fetchgit {
|
||||||
|
url = "https://git.shackspace.de/rz/shackdns";
|
||||||
|
rev = "e55cc906c734b398683f9607b93f1ad6435d8575";
|
||||||
|
sha256 = "1hkwhf3hqb4fz06b1ckh7sl0zcyi4da5fgdlksian8lxyd19n8sq";
|
||||||
|
};
|
||||||
|
home = "/var/lib/shackDNS";
|
||||||
|
port = "8083";
|
||||||
|
config_file = pkgs.writeText "config" ''
|
||||||
|
# Points to a bind configuration file
|
||||||
|
dns-db = ${home}/db.shack
|
||||||
|
|
||||||
|
# Points to a shackles configuration file
|
||||||
|
# See `shackles.json` in repo
|
||||||
|
shackles-db = ${home}/shackles.json
|
||||||
|
|
||||||
|
# Points to a REST service with the DHCP leases
|
||||||
|
leases-api = http://dhcp.shack/dhcpd.leases
|
||||||
|
|
||||||
|
# Wrap this binding with https proxy or similar
|
||||||
|
binding = http://localhost:${port}/
|
||||||
|
'';
|
||||||
|
in {
|
||||||
|
# receive response from light.shack / standby.shack
|
||||||
|
networking.firewall.allowedTCPPorts = [ ];
|
||||||
|
|
||||||
|
users.users.shackDNS = {
|
||||||
|
inherit home;
|
||||||
|
createHome = true;
|
||||||
|
};
|
||||||
|
services.nginx.virtualHosts."leases.shack" = {
|
||||||
|
locations."/" = {
|
||||||
|
proxyPass = "http://localhost:${port}/";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
services.nginx.virtualHosts."shackdns.shack" = {
|
||||||
|
locations."/" = {
|
||||||
|
proxyPass = "http://localhost:${port}/";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
services.nginx.virtualHosts."shackles.shack" = {
|
||||||
|
locations."/" = {
|
||||||
|
proxyPass = "http://localhost:${port}/";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.shackDNS = {
|
||||||
|
description = "shackDNS provides an overview over DHCP and DNS as well as a replacement for shackles";
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
environment.PORT = port;
|
||||||
|
serviceConfig = {
|
||||||
|
User = "shackDNS";
|
||||||
|
WorkingDirectory = home;
|
||||||
|
ExecStart = "${pkgs.mono6}/bin/mono ${pkg}/shackDNS.exe ${config_file}";
|
||||||
|
PrivateTmp = true;
|
||||||
|
Restart = "always";
|
||||||
|
RestartSec = "15";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -4,6 +4,7 @@
|
||||||
config.krebs.users."0x4A6F".pubkey
|
config.krebs.users."0x4A6F".pubkey
|
||||||
config.krebs.users.ulrich.pubkey
|
config.krebs.users.ulrich.pubkey
|
||||||
config.krebs.users.raute.pubkey
|
config.krebs.users.raute.pubkey
|
||||||
|
config.krebs.users.xq.pubkey
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDb9NPa2Hf51afcG1H13UPbE5E02J8aC9a1sGCRls592wAVlQbmojYR1jWDPA2m32Bsyv0ztqi81zDyndWWZPQVJVBk00VjYBcgk6D5ifqoAuWLzfuHJPWZGOvBf/U74/LNFNUkj1ywjneK7HYTRPXrRBBfBSQNmQzkvue7s599L2vdueZKyjNsMpx2m6nm2SchaMuDskSQut/168JgU1l4M8BeT68Bo4WdelhBYnhSI1a59FGkgdu2SCjyighLQRy2sOH3ksnkHWENPkA+wwQOlKl7R3DsEybrNd4NU9FSwFDyDmdhfv5gJp8UGSFdjAwx43+8zM5t5ruZ25J0LnVb0PuTuRA00UsW83MkLxFpDQLrQV08tlsY6iGrqxP67C3VJ6t4v6oTp7/vaRLhEFc1PhOLh+sZ18o8MLO+e2rGmHGHQnSKfBOLUvDMGa4jb01XBGjdnIXLOkVo79YR5jZn7jJb2gTZ95OD6bWSDADoURSuwuLa7kh4ti1ItAKuhkIvbuky3rRVvQEc92kJ6aNUswIUXJa0K2ibbIY6ycKAA3Ljksl3Mm9KzOn6yc/i/lSF+SOrTGhabPJigKkIoqKIwnV5IU3gkfsxPQJOBMPqHDGAOeYQe3WpWedEPYuhQEczw4exMb9TkNE96F71PzuQPJDl5sPAWyPLeMKpy5XbfRiF2by4nxN3ZIQvjtoyVkjNV+qM0q0yKBzLxuRAEQOZ2yCEaBudZQkQiwHD97H2vu4SRQ/2aOie1XiOnmdbQRDZSO3BsoDK569K1w+gDfSnqY7zVUMj6tw+uKx6Gstck5lbvYMtdWKsfPv/pDM8eyIVFLL93dKTX+ertcQj6xDwLfOiNubE5ayFXhYkjwImV6NgfBuq+3hLK0URP2rPlOZbbZTQ0WlKD6CCRZPMSZCU9oD2zYfqpvRArBUcdkAwGePezORkfJQLE6mYEJp6pdFkJ/IeFLbO6M0lZVlfnpzAC9kjjkMCRofZUETcFSppyTImCbgo3+ok59/PkNU5oavBXyW80ue2tWHr08HX/QALNte3UITmIIlU6SFMCPMWJqadK1eDPWfJ4H4iDXRNn3D5wqN++iMloKvpaj0wieqXLY4+YfvNTNr177OU48GEWW8DnoEkbpwsCbjPxznGDQhdDqdYyMY/fDgRQReKITvKYGHRzesGysw5cKsp9LEfXD0R6WE2TeiiENla5AWzTgXJB0AyZEcOiIfqOgT9Nr9S8q5gc/BdA7P+jhGGJgEHhV3dVlfIZ7pmZc27Yu7UTQ0lbAKWqcMSTOdne+QL6ILzbvLrQwdvax4tQdm5opfU16SrOox1AMwAbkdq84z6uJqYVx3cUXfMJgTyDNrVv3or root@plattenschwein" # for backup
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDb9NPa2Hf51afcG1H13UPbE5E02J8aC9a1sGCRls592wAVlQbmojYR1jWDPA2m32Bsyv0ztqi81zDyndWWZPQVJVBk00VjYBcgk6D5ifqoAuWLzfuHJPWZGOvBf/U74/LNFNUkj1ywjneK7HYTRPXrRBBfBSQNmQzkvue7s599L2vdueZKyjNsMpx2m6nm2SchaMuDskSQut/168JgU1l4M8BeT68Bo4WdelhBYnhSI1a59FGkgdu2SCjyighLQRy2sOH3ksnkHWENPkA+wwQOlKl7R3DsEybrNd4NU9FSwFDyDmdhfv5gJp8UGSFdjAwx43+8zM5t5ruZ25J0LnVb0PuTuRA00UsW83MkLxFpDQLrQV08tlsY6iGrqxP67C3VJ6t4v6oTp7/vaRLhEFc1PhOLh+sZ18o8MLO+e2rGmHGHQnSKfBOLUvDMGa4jb01XBGjdnIXLOkVo79YR5jZn7jJb2gTZ95OD6bWSDADoURSuwuLa7kh4ti1ItAKuhkIvbuky3rRVvQEc92kJ6aNUswIUXJa0K2ibbIY6ycKAA3Ljksl3Mm9KzOn6yc/i/lSF+SOrTGhabPJigKkIoqKIwnV5IU3gkfsxPQJOBMPqHDGAOeYQe3WpWedEPYuhQEczw4exMb9TkNE96F71PzuQPJDl5sPAWyPLeMKpy5XbfRiF2by4nxN3ZIQvjtoyVkjNV+qM0q0yKBzLxuRAEQOZ2yCEaBudZQkQiwHD97H2vu4SRQ/2aOie1XiOnmdbQRDZSO3BsoDK569K1w+gDfSnqY7zVUMj6tw+uKx6Gstck5lbvYMtdWKsfPv/pDM8eyIVFLL93dKTX+ertcQj6xDwLfOiNubE5ayFXhYkjwImV6NgfBuq+3hLK0URP2rPlOZbbZTQ0WlKD6CCRZPMSZCU9oD2zYfqpvRArBUcdkAwGePezORkfJQLE6mYEJp6pdFkJ/IeFLbO6M0lZVlfnpzAC9kjjkMCRofZUETcFSppyTImCbgo3+ok59/PkNU5oavBXyW80ue2tWHr08HX/QALNte3UITmIIlU6SFMCPMWJqadK1eDPWfJ4H4iDXRNn3D5wqN++iMloKvpaj0wieqXLY4+YfvNTNr177OU48GEWW8DnoEkbpwsCbjPxznGDQhdDqdYyMY/fDgRQReKITvKYGHRzesGysw5cKsp9LEfXD0R6WE2TeiiENla5AWzTgXJB0AyZEcOiIfqOgT9Nr9S8q5gc/BdA7P+jhGGJgEHhV3dVlfIZ7pmZc27Yu7UTQ0lbAKWqcMSTOdne+QL6ILzbvLrQwdvax4tQdm5opfU16SrOox1AMwAbkdq84z6uJqYVx3cUXfMJgTyDNrVv3or root@plattenschwein" # for backup
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1Lx5MKtVjB/Ef6LpEiIAgVwY5xKQFdHuLQR+odQO4cAgxj1QaIXGN0moixY52DebVQhAtiCNiFZ83uJyOj8kmu30yuXwtSOQeqziA859qMJKZ4ZcYdKvbXwnf2Chm5Ck/0FvtpjTWHIZAogwP1wQto/lcqHOjrTAnZeJfQuHTswYUSnmUU5zdsEZ9HidDPUc2Gv0wkBNd+KMQyOZl0HkaxHWvn0h4KK4hYZisOpeTfXJxD87bo+Eg4LL2vvnHW6dF6Ygrbd/0XRMsRRI8OAReVBUoJn7IE1wwAl/FpblNmhaF9hlL7g7hR1ADvaWMMw0e8SSzW6Y+oIa8qFQL6wR1 gitlab-builder" # for being deployed by gitlab ci
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1Lx5MKtVjB/Ef6LpEiIAgVwY5xKQFdHuLQR+odQO4cAgxj1QaIXGN0moixY52DebVQhAtiCNiFZ83uJyOj8kmu30yuXwtSOQeqziA859qMJKZ4ZcYdKvbXwnf2Chm5Ck/0FvtpjTWHIZAogwP1wQto/lcqHOjrTAnZeJfQuHTswYUSnmUU5zdsEZ9HidDPUc2Gv0wkBNd+KMQyOZl0HkaxHWvn0h4KK4hYZisOpeTfXJxD87bo+Eg4LL2vvnHW6dF6Ygrbd/0XRMsRRI8OAReVBUoJn7IE1wwAl/FpblNmhaF9hlL7g7hR1ADvaWMMw0e8SSzW6Y+oIa8qFQL6wR1 gitlab-builder" # for being deployed by gitlab ci
|
||||||
];
|
];
|
||||||
|
|
|
@ -105,6 +105,7 @@ let
|
||||||
{ krebs = import ./makefu { inherit config; }; }
|
{ krebs = import ./makefu { inherit config; }; }
|
||||||
{ krebs = import ./nin { inherit config; }; }
|
{ krebs = import ./nin { inherit config; }; }
|
||||||
{ krebs = import ./external/palo.nix { inherit config; }; }
|
{ krebs = import ./external/palo.nix { inherit config; }; }
|
||||||
|
{ krebs = import ./external/mic92.nix { inherit config; }; }
|
||||||
{ krebs = import ./tv { inherit config; }; }
|
{ krebs = import ./tv { inherit config; }; }
|
||||||
{
|
{
|
||||||
krebs.dns.providers = {
|
krebs.dns.providers = {
|
||||||
|
|
335
krebs/3modules/external/default.nix
vendored
335
krebs/3modules/external/default.nix
vendored
|
@ -68,103 +68,6 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
dpdkm = {
|
|
||||||
owner = config.krebs.users.Mic92;
|
|
||||||
nets = rec {
|
|
||||||
retiolum = {
|
|
||||||
ip4.addr = "10.243.29.173";
|
|
||||||
aliases = [ "dpdkm.r" ];
|
|
||||||
tinc.pubkey = ''
|
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
|
||||||
MIICCgKCAgEAuW31xGBdPMSS45KmsCX81yuTcDZv1z7wSpsGQiAw7RsApG0fbBDj
|
|
||||||
NvzWZaZpTTUueG7gtt7U9Gk8DhWYR1hNt8bLXxE5QlY+gxVjU8+caRvlv10Y9XYp
|
|
||||||
qZEr1n1O5R7jS1srvutPt74uiA8I3hBoeP5TXndu8tVcehjRWXPqJj4VCy9pT2gP
|
|
||||||
X880Z30cXm0jUIu9XKhzQU2UNaxbqRzhJTvFUG04M+0a9olsUoN7PnDV6MC5Dxzn
|
|
||||||
f0ZZZDgHkcx6vsSkN/C8Tik/UCXr3tS/VX6/3+PREz6Z3bPd2QfaWdowrlFQPeYa
|
|
||||||
bELPvuqYiq7zR/jw3vVsWX2e91goAfKH5LYKNmzJCj5yYq+knB7Wil3HgBn86zvL
|
|
||||||
Joj56VsuB8fQrrUxjrDetNgtdwci+yFeXkJouQRLM0r0W24liyCuBX4B6nqbj71T
|
|
||||||
B6rAMzhBbl1yixgf31EgiCYFSusk+jiT+hye5lAhes4gBW9GAWxGNU9zE4QeAc1w
|
|
||||||
tkPH/CxRIAeuPYNwmjvYI2eQH9UQkgSBa3/Kz7/KT9scbykbs8nhDHCXwT6oAp+n
|
|
||||||
dR5aHkuBrTQOCU3Xx5ZwU5A0T83oLExIeH8jR1h2mW1JoJDdO85dAOrIBHWnjLls
|
|
||||||
mqrJusBh2gbgvNqIrDaQ9J+o1vefw1QeSvcF71JjF1CEBUmTbUAp8KMCAwEAAQ==
|
|
||||||
-----END RSA PUBLIC KEY-----
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
eddie = {
|
|
||||||
owner = config.krebs.users.Mic92;
|
|
||||||
nets = rec {
|
|
||||||
internet = {
|
|
||||||
# eddie.thalheim.io
|
|
||||||
ip4.addr = "129.215.197.11";
|
|
||||||
aliases = [ "eddie.i" ];
|
|
||||||
};
|
|
||||||
retiolum = {
|
|
||||||
via = internet;
|
|
||||||
addrs = [
|
|
||||||
config.krebs.hosts.eddie.nets.retiolum.ip4.addr
|
|
||||||
config.krebs.hosts.eddie.nets.retiolum.ip6.addr
|
|
||||||
];
|
|
||||||
ip4.addr = "10.243.29.170";
|
|
||||||
aliases = [ "eddie.r" ];
|
|
||||||
tinc.pubkey = ''
|
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
|
||||||
MIICCgKCAgEAuRQphRlSIC/aqRTfvStPdJOJCx1ACeFIDEjRdgoxuu32qoBl7i6d
|
|
||||||
j7Voh+Msditf2a5+f0fVsNDaPnjPGfk0NkZBjmn+RZQDRXk0krpTNj2Vb6W5quTm
|
|
||||||
3yrjJMFJR9CU5khfppc47X+ir8bjn7RusWTFNEuDvUswHmRmnJHLS3Y+utOaRbCF
|
|
||||||
2hxpyxCn423gpsaBfORPEK8X90nPbuNpFDugWPnC+R45TpNmIf4qyKvfhd9OKrua
|
|
||||||
KNanGHG30xhBW/DclUwwWi8D44d94xFnIRVcG1O+Uto93WoUWZn90lI1qywSj5Aq
|
|
||||||
iWstBK4tc7VwvAj0UzPlaRYYPfFjOEkPQzj8xC6l/leJcgxkup252uo6m1njMx3t
|
|
||||||
6QWMgevjqosY22OZReZfIwb14aDWFKLTWs30J+zmWK4TjlRITdsOEKxlpODMbJAD
|
|
||||||
kfSoPwuwkWIzFhNOrFiD/NtKaRYmV8bTBCT3a9cvvObshJx13BP+IUFzBS1N1n/u
|
|
||||||
hJWYH5WFsQZn/8rHDwZGkS1zKPEaNoydjqCZNyJpJ5nhggyl6gpuD7wpXM/8tFay
|
|
||||||
pAjRP40+qRQLUWXmswV0hsZTOX1tvZs4f68y3WJ+GwCWw9HvvwmzYes5ayJrPsbJ
|
|
||||||
lyK301Jb42wGEsVWxu3Eo/PLtp8OdD+Wdh6o/ELcc0k/YCUGFMujUM8CAwEAAQ==
|
|
||||||
-----END RSA PUBLIC KEY-----
|
|
||||||
'';
|
|
||||||
tinc.subnets = [
|
|
||||||
# edinburgh university
|
|
||||||
"129.215.0.0/16"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
eve = {
|
|
||||||
owner = config.krebs.users.Mic92;
|
|
||||||
nets = rec {
|
|
||||||
internet = {
|
|
||||||
# eve.thalheim.io
|
|
||||||
ip4.addr = "95.216.112.61";
|
|
||||||
ip6.addr = "2a01:4f9:2b:1605::1";
|
|
||||||
aliases = [ "eve.i" ];
|
|
||||||
};
|
|
||||||
retiolum = {
|
|
||||||
via = internet;
|
|
||||||
addrs = [
|
|
||||||
config.krebs.hosts.eve.nets.retiolum.ip4.addr
|
|
||||||
config.krebs.hosts.eve.nets.retiolum.ip6.addr
|
|
||||||
];
|
|
||||||
ip4.addr = "10.243.29.174";
|
|
||||||
aliases = [ "eve.r" ];
|
|
||||||
tinc.pubkey = ''
|
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
|
||||||
MIICCgKCAgEAw5cxGjnWCG8dcuhTddvGHzH0/VjxHA5V8qJXH2R5k8ki8dsM5FRH
|
|
||||||
XRcH/aYg+IL03cyx4wU7oJKxiOTNGbysglnbTVthfYhqeQY+NRTzR1Thb2Fo+P82
|
|
||||||
08Eovwlgb0uwCjaiH8ZoH3BKjXyMn/Ezrni7hc5zyyRb88XJLosTykO2USlrsoIk
|
|
||||||
6OCA3A34HyJH0/G6GbNYCPrB/a/r1ji7OWDlg3Ft9c3ViVOkcNV1d9FV0RULX9EI
|
|
||||||
+xRDbAs1fkK5wMkC2BpkJRHTpImPbYlwQvDrL2sp+JNAEVni84xGxWn9Wjd9WVv3
|
|
||||||
dn+iPUD7HF9bFVDsj0rbVL78c63MEgr0pVyONDBK+XxogMTOqjgicmkLRxlhaSPW
|
|
||||||
pnfZHJzJ727crBbwosORY+lTq6MNIMjEjNcJnzAEVS5uTJikLYL9Y5EfIztGp7LP
|
|
||||||
c298AtKjEYOftiyMcohTGnHhio6zteuW/i2sv4rCBxHyH5sWulaHB7X1ej0eepJi
|
|
||||||
YX6/Ff+y9vDLCuDxb6mvPGT1xpnNmt1jxAUJhiRNuAvbtvjtPwYfWjQXOf7xa2xI
|
|
||||||
61Oahtwy/szBj9mWIAymMfnvFGpeiIcww3ZGzYNyKBCjp1TkkgFRV3Y6eoq1sJ13
|
|
||||||
Pxol8FwH5+Q72bLtvg5Zva8D0Vx2U1jYSHEkRDDzaS5Z6Fus+zeZVMsCAwEAAQ==
|
|
||||||
-----END RSA PUBLIC KEY-----
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
homeros = {
|
homeros = {
|
||||||
owner = config.krebs.users.kmein;
|
owner = config.krebs.users.kmein;
|
||||||
nets = {
|
nets = {
|
||||||
|
@ -255,190 +158,6 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
rose = {
|
|
||||||
owner = config.krebs.users.Mic92;
|
|
||||||
nets = rec {
|
|
||||||
internet = {
|
|
||||||
ip4.addr = "129.215.165.52";
|
|
||||||
aliases = [ "rose.i" ];
|
|
||||||
};
|
|
||||||
retiolum = {
|
|
||||||
via = internet;
|
|
||||||
addrs = [
|
|
||||||
config.krebs.hosts.rose.nets.retiolum.ip4.addr
|
|
||||||
config.krebs.hosts.rose.nets.retiolum.ip6.addr
|
|
||||||
];
|
|
||||||
ip4.addr = "10.243.29.178";
|
|
||||||
aliases = [ "rose.r" ];
|
|
||||||
tinc.pubkey = ''
|
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
|
||||||
MIICCgKCAgEA0h88uEcgVFhggGh3xqHySt8T+oDdoSN8ve4ZPmMzrGCD4dnlWcUO
|
|
||||||
6uMiwE7XG667wvjB0J2RbCJ8n8/r6eQgp6sRfPzSQL/Mc74J+py+sOVOjjjL5wJX
|
|
||||||
btrYmASO3GKUSMhGmM0IiwHMIPrmUViaREDrweF3bUwK45d/ocqpBkc+nF27kksd
|
|
||||||
DMYjHMWRIkKuQaj592zo/kY1pAJ/yAvDPess0x1CLL6uDNbjTr2S/L7JHdzZs9Xq
|
|
||||||
1+SGdVtqD0sWgSBKA0PC/Mi+Divd4PC1SoSL7wZRWD0Y2DNgj3+xUc7hAWRCw2Gs
|
|
||||||
5wofK+qiwnyYAmeNYcyQfDLosKZF9hOM8U3UbxptkPLsOK3cfZoGoLQCuOryVDBe
|
|
||||||
6GfJkJ49WfuSSNWs3WPWL6/6zmVPeGR0TvoMt02VQ3cKTmeIkWyTIzSVoC7wYv5D
|
|
||||||
Dl8Xt3aFr9UFI2GxenesViyuDLi8cy2fOsM3r+gowXQtgEKoXc9W2vyPwIIlcWUJ
|
|
||||||
QrKVsyNlkKKL0YjsnGazaEvqdiE30/Iq7f7VBnXnWXRLnZhr85HbTdDQnpT4GcEv
|
|
||||||
W3jpl1y5zShr5Hz90QoYcUTsxg9uk/+yqKpwUySZ6Gh4q0bo5k7nkM9i8mCMfNGZ
|
|
||||||
0UU94QmwS9RoV4Mt4pSLYRcCs0mVeEjLuIfTFHkXc6LCjBWMn8ICfeMCAwEAAQ==
|
|
||||||
-----END RSA PUBLIC KEY-----
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
martha = {
|
|
||||||
owner = config.krebs.users.Mic92;
|
|
||||||
nets = rec {
|
|
||||||
internet = {
|
|
||||||
ip4.addr = "129.215.165.53";
|
|
||||||
aliases = [ "martha.i" ];
|
|
||||||
};
|
|
||||||
retiolum = {
|
|
||||||
via = internet;
|
|
||||||
addrs = [
|
|
||||||
config.krebs.hosts.martha.nets.retiolum.ip4.addr
|
|
||||||
config.krebs.hosts.martha.nets.retiolum.ip6.addr
|
|
||||||
];
|
|
||||||
ip4.addr = "10.243.29.179";
|
|
||||||
aliases = [ "martha.r" ];
|
|
||||||
tinc.pubkey = ''
|
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
|
||||||
MIICCgKCAgEA3lR3Wup2yd9SYs9n9a7lq/jXxlKdwjgp9gPEirLn3/XCFM7NpLIp
|
|
||||||
LRm3Wdplv0NWim4zI3AsdGmUBrV3y0Ugj48Td4RpXlOiFjS8NHnvRbamCZF7m/pJ
|
|
||||||
3T/QpQx98+QEKXb3gZ5aDGgcHLRbUYUBuwFOxAKaikuDe2qJxqXqOmA7RXZDkEqe
|
|
||||||
FrQE/H1/+8HqJ1vhgZKi3Vu7zLRB1EV8nggWFjQKR8o0AeViLwM3OxFtGyKTaXuK
|
|
||||||
WAQrvSdKQDpQwqAPogyeftGesOfW7z0xrelkux10p42YM9epYvZDFRG97/nupw/S
|
|
||||||
iYGiTTFDBDTzpyT3zl1uwhmQ3re/nJXf5e4fgnZEcsweU8ysHtDhbimqrm9impVn
|
|
||||||
XdKnnuNa9F8VlyHCT2pVC9+WDKDNtA2M8f+8lG8/hoJ7hhp5HhBZ3ncROyQqOg4F
|
|
||||||
e6YtaFidi+fYXjQkdUXHv5FCkqFJnoxZdI2vwqU2DumltG/o+qsksI2WSsLsuMVs
|
|
||||||
sa4KUq0+5OsmCJnIAKWV2YwbLVf1tJMjPGA0jQECrHPL6SKobRefqav6MPuTbytC
|
|
||||||
4frtEIGbfdKqQ6nNTvTpCrAo+WAm3NE3khTYqGe4LqX/JMoGtWXp/Ex9IdG+sflM
|
|
||||||
mESMjuHp9vPY4aZGPtYPP93Cxv3q7gm+EfIGebajISpaG28J+XjiNNsCAwEAAQ==
|
|
||||||
-----END RSA PUBLIC KEY-----
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
donna = {
|
|
||||||
owner = config.krebs.users.Mic92;
|
|
||||||
nets = rec {
|
|
||||||
internet = {
|
|
||||||
ip4.addr = "129.215.165.54";
|
|
||||||
aliases = [ "donna.i" ];
|
|
||||||
};
|
|
||||||
retiolum = {
|
|
||||||
via = internet;
|
|
||||||
addrs = [
|
|
||||||
config.krebs.hosts.donna.nets.retiolum.ip4.addr
|
|
||||||
config.krebs.hosts.donna.nets.retiolum.ip6.addr
|
|
||||||
];
|
|
||||||
ip4.addr = "10.243.29.180";
|
|
||||||
aliases = [ "donna.r" ];
|
|
||||||
tinc.pubkey = ''
|
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
|
||||||
MIICCgKCAgEAnv5zVPwjHk5Q72D3tv2rlQkp7SOsZD7Wvz8l1yI/mWkxoriJ9MVa
|
|
||||||
x8RziSB3KF8sF1lRWIKmuynkgLI3w0X/YFs/fAvtayxk6Qf8DOl23Vd8Is0h/i3I
|
|
||||||
0fCmCEIHhHboKsREW6NxY7w5WAI2+SFNmGef1P7vzrAv7iLyPbo9nQ8wlrAmc+PJ
|
|
||||||
Ao3BOf4U7kP778fhsPA4dlGtF2v9CBhygeGVI/DQR8jcvzeiPd2Dr0k/JvrVMYtf
|
|
||||||
wJW4xUwZkIpws/yfI8b4VJOFl2X/Yw9712Z8Jvga0rR32OG4YbnggvuCMum1g94k
|
|
||||||
YwMjaSckv1XTalvPQuf1Od96XzwL2hjPFpEK3Tdl4AitMnArgj9HNzhcRL+eGonf
|
|
||||||
U24zk52OToHnoP3palNpodi7DziIBeXIaIMl7VMXku2ymbOUJsI6zeew+uZahJkv
|
|
||||||
QIWjxveQ8N40BoTc8Yg6pea1AId3l4f3brtwJbQOVbb3bVQ5VcrxM9Q/TBvyADYR
|
|
||||||
Knwszxw3uBw5Za1FMbwCPwd8/y/Ar19qGCx25xK0QnsyqZZT/cHsbBOTzh6BBWwI
|
|
||||||
IzbYu49VO/B1rktYzZ2l2ENQy6OILXWbvFjC8Pt8f1ZZQ4A21PyNA1AdyJ/rbVj7
|
|
||||||
awm3OnnvKSvMCXWnwHPFHjksb3qMx96Aep1cw3ZBx0sQQ41UWBoOsi8CAwEAAQ==
|
|
||||||
-----END RSA PUBLIC KEY-----
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
amy = {
|
|
||||||
owner = config.krebs.users.Mic92;
|
|
||||||
nets = rec {
|
|
||||||
retiolum = {
|
|
||||||
addrs = [
|
|
||||||
config.krebs.hosts.amy.nets.retiolum.ip4.addr
|
|
||||||
config.krebs.hosts.amy.nets.retiolum.ip6.addr
|
|
||||||
];
|
|
||||||
ip4.addr = "10.243.29.181";
|
|
||||||
aliases = [ "amy.r" ];
|
|
||||||
tinc.pubkey = ''
|
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
|
||||||
MIICCgKCAgEAr3jQRA1+hLKYVgHJA2ax5W8J3GVMTnaGpYw9Q2xXXrX/jxLZ6Ia8
|
|
||||||
hBjIcCBDVL5Q3FnyrKB9NJeeIvCOKg8WG+8O0+wKcePKd0Vhbsx4Whog/6PWs6qh
|
|
||||||
q2sURs2tp1hjHks4kZo2WtiYD7Ue9HHdV6FlUO6yuBV0bW2RzHdLPCDSGxnQVkBM
|
|
||||||
tSwAvMCZwvVBiv4m6RyMXqmpdbAPBzgJcmJS0FY+zGxpiwsR/AdoVvnzYyFMCVpG
|
|
||||||
iFl5+k9OGhUJq72MwAXzjW5ZdCPrG+2Dd+QBhhtIMJGA2sJiJteT8vdvpTNCiHJ/
|
|
||||||
HnW7movliN2mW86qwo7QqB5v0c9f9TjfpOld7sS/4vE3zlGi/Stf6SQWaoXez/u3
|
|
||||||
/P9GzupcYgj76m8Z3j7BMHXCBw8iwP2pZpL9hnLdIyCcyLrzXDIzq4hlt60DPhSU
|
|
||||||
klTDBUA/cUdSJGcSn2N+WHLOTfI6qeBNKqcTk70OQsa69jAJeAtA+I9OprNYOXqb
|
|
||||||
MmQakNNlrTaNtGQxfQqEL+wqHlo8CVDGm3O9pQSNF309P4TLNU1EYm+ItScNiVCE
|
|
||||||
DKhcgvE6xHCwZnVyJN8MMy1CVyDmnHVYoaTEZ2cCvNi/hXIXgO9KWjSpAv5tP764
|
|
||||||
UkOE4dlDpEW6G1pNf84BERfRYGDj29A/Jk9LJC/6D09QJXNu18HR0sUCAwEAAQ==
|
|
||||||
-----END RSA PUBLIC KEY-----
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
clara = {
|
|
||||||
owner = config.krebs.users.Mic92;
|
|
||||||
nets = rec {
|
|
||||||
retiolum = {
|
|
||||||
addrs = [
|
|
||||||
config.krebs.hosts.clara.nets.retiolum.ip4.addr
|
|
||||||
config.krebs.hosts.clara.nets.retiolum.ip6.addr
|
|
||||||
];
|
|
||||||
ip4.addr = "10.243.29.182";
|
|
||||||
aliases = [ "clara.r" ];
|
|
||||||
tinc.pubkey = ''
|
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
|
||||||
MIICCgKCAgEA07G1n2sA804nnjWQzq0Fi9i6kxJUo+jVJjtkm5unw3hjflAAd/3d
|
|
||||||
WN+01GdJCk/gr7DfU/Xr5KnR39Z3ADoT1tbUb+i5AJZ5/8VHUwWM8D8mQAam6LBf
|
|
||||||
UEeLxhVH8rG6lHaKwVi9oe4gPhgptUOzX/YIlJOMYDlYRxc7Wbj7YQOAKlPuTAjY
|
|
||||||
Z5bLswfkqTMO0cioJNwwMCNWSMJf3jbKi3eTQ36sf7TDMEneNGSBUpeSjGddoNT/
|
|
||||||
rrVIDDT8tGmtACKr+3Y0H+EA2K5IxdQKKfnPRR31RBWiTkEXBbaJzYO/ZV5/xlbN
|
|
||||||
wmblskwq9d9IwDY7qeMctci+ZUZ3epG8MUwYa4faOrgmmkQpa5B+6UOMzw/WDJEc
|
|
||||||
jTfvSzfPo4anoj8C+MOQYzRvYmp60YEZKomv2BQdBvpGIpUul8WAR2aV0K+wz66e
|
|
||||||
mUamljAXmLiPxgGKduX5VFVuXzYxeMiBBujQCLTjc+xTB2EdwihxNX1rkxz10BDc
|
|
||||||
WrgPV+/VVyThKhOvVCifWARHtT2VGcZazfQOW/y3ZmEPOYuc5ZvrSEiMeG3f64+v
|
|
||||||
UU8cQZ3yBLIhTtC+38pRlsdBQHt526q0j0rrnd30JXVAUdWBunP2UJ5QGtA8/mWn
|
|
||||||
cWSlvRf5sfbyrISz6+mLPM2qGHnCkKwORNxmv/1DY07O3Rn6hX0OY4ECAwEAAQ==
|
|
||||||
-----END RSA PUBLIC KEY-----
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
inspector = {
|
|
||||||
owner = config.krebs.users.Mic92;
|
|
||||||
nets = rec {
|
|
||||||
internet = {
|
|
||||||
ip4.addr = "141.76.44.154";
|
|
||||||
aliases = [ "inspector.i" ];
|
|
||||||
};
|
|
||||||
retiolum = {
|
|
||||||
via = internet;
|
|
||||||
ip4.addr = "10.243.29.172";
|
|
||||||
aliases = [ "inspector.r" ];
|
|
||||||
tinc.pubkey = ''
|
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
|
||||||
MIICCgKCAgEAr3l/u7qcxmFa2hUICU3oPDhB2ij2R3lKHyjSsVFVLNfl6TpOdppG
|
|
||||||
EDXOapeXL0s+PfBRHdRI3v/dibj4PG9eyKmFxsUJ2gRz4ghb1UE23aQ3pkr3x8sZ
|
|
||||||
7GR+nJYATYf+jolFF9O1x+f0Uo5xaYWkGOMH8wVVzm6+kcsZOYuTEbJAsbTRZywF
|
|
||||||
m1MdRfk54hLiDsj2rjGRZIR+ZfUKVs2MTWOLCpBAHLJK+r3HfUiR2nAgeNkJCFLw
|
|
||||||
WIir1ftDIViT3Ly6b7enaOkVZ695FNYdPWFZCE4AJI0s9wsbMClzUqCl+0mUkumd
|
|
||||||
eRXgWXkmvBsxR4GECnxUhxs6U8Wh3kbQavvemt4vcIKNhkw32+toYc1AFK/n4G03
|
|
||||||
OUJBbRqgJYx9wIvo8PEu4DTTdsPlQZnMwiaKsn+Gi4Ap6JAnG/iLN8sChoQf7Dau
|
|
||||||
ARZA3sf9CkKx5sZ+9dVrLbzGynKE18Z/ysvf1BLd/rVVOps1B/YRBxDwPj8MZJ0x
|
|
||||||
B7b0j+hRVV5palp3RRdcExuWaBrMQQGsXwLUZOFHJJaZUHF9XRdy+5XVJdNOArkG
|
|
||||||
q1+yGhosL1DLTQE/VwCxmBHyYTr3L7yZ2lSaeWdIeYvcRvouDROUjREVFrQjdqwj
|
|
||||||
7vIP1cvDxSSqA07h/xEC4YZKACBYc/PI2mqYK5dvAUG3mGrEsjHktPUCAwEAAQ==
|
|
||||||
-----END RSA PUBLIC KEY-----
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
justraute = {
|
justraute = {
|
||||||
owner = config.krebs.users.raute; # laptop
|
owner = config.krebs.users.raute; # laptop
|
||||||
nets = {
|
nets = {
|
||||||
|
@ -451,30 +170,6 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
matchbox = {
|
|
||||||
owner = config.krebs.users.Mic92;
|
|
||||||
nets = {
|
|
||||||
retiolum = {
|
|
||||||
ip4.addr = "10.243.29.176";
|
|
||||||
aliases = [ "matchbox.r" ];
|
|
||||||
tinc.pubkey = ''
|
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
|
||||||
MIICCgKCAgEAqwB9pzV889vpMp/am+T0sfm5qO/wAWS/tv0auYK3Zyx3ChxrQX2m
|
|
||||||
VrxO5a/bjR/g1fi/t2kJIV/6tsVSRHfzKuKHprE2KxeNOmwUuSjjiM4CboASMR+w
|
|
||||||
nra6U0Ldf5vBxtEj5bj384QxwxxVLhSw8NbE43FCM07swSvAT8Y/ZmGUd738674u
|
|
||||||
TNC6zM6zwLvN0dxCDLuD5bwUq7y73JNQTm2YXv1Hfw3T8XqJK/Xson2Atv2Y5ZbE
|
|
||||||
TA0RaH3PoEkhkVeJG/EuUIJhvmunS5bBjFSiOiUZ8oEOSjo9nHUMD0u+x1BZIg/1
|
|
||||||
yy5B5iB4YSGPAtjMJhwD/LRIoI8msWpdVCCnA+FlKCKAsgC7JbJgcOUtK9eDFdbO
|
|
||||||
4FyzdUJbK+4PDguraPGzIX7p+K3SY8bbyo3SSp5rEb+CEWtFf26oJm7eBhDBT6K4
|
|
||||||
Ofmzp0GjFbS8qkqEGCQcfi4cAsXMVCn4AJ6CKs89y19pLZ42fUtWg7WgUZA7GWV/
|
|
||||||
bPE2RSBMUkGb0ovgoe7Z7NXsL3AST8EQEy+3lAEyUrPFLiwoeGJZmfTDTy1VBFI4
|
|
||||||
nCShp7V+MSmz4DnLK1HLksLVLmGyZmouGsLjYUnEa414EI6NJF3bfEO2ZRGaswyR
|
|
||||||
/vW066YCTe7wi+YrvrMDgkdbyfn/ecMTn2iXsTb4k9/fuO0+hsqL+isCAwEAAQ==
|
|
||||||
-----END RSA PUBLIC KEY-----
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
qubasa = {
|
qubasa = {
|
||||||
owner = config.krebs.users.qubasa;
|
owner = config.krebs.users.qubasa;
|
||||||
nets = {
|
nets = {
|
||||||
|
@ -618,32 +313,6 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
turingmachine = {
|
|
||||||
owner = config.krebs.users.Mic92;
|
|
||||||
nets = {
|
|
||||||
retiolum = {
|
|
||||||
ip4.addr = "10.243.29.168";
|
|
||||||
aliases = [
|
|
||||||
"turingmachine.r"
|
|
||||||
];
|
|
||||||
tinc.pubkey = ''
|
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
|
||||||
MIICCgKCAgEAxh+5HD1oAFTvMWEra2pYrA3HF8T4EnkP917lIUiuN7xUj7sawu0C
|
|
||||||
t1/1IfIlH9dbxgFe5CD/gXvokxHdovPTGVH11L+thZgq6hg/xbYvZAl76yLxj7t9
|
|
||||||
6+Ocac08TQZYMqWKShz5jqTVE/DLz4Cdy0Qk9sMJ1++OmH8jsWgK5BkogF99Gwf8
|
|
||||||
ZiI0t3n3lCZsm3v592lveDcVIh6hjuCIvFVxc+7cOj0MKm1LxLWbCHZlUIE3he4g
|
|
||||||
nZu4XiYaE4Y2LicMs8zKehnQkkXrP1amT56SqUfbSnWR+HZc2+KjwRDI5BPeTS06
|
|
||||||
5WHwkQs0ScOn7vFZci3rElIc7vilu2eKGF1VLce9kXw9SU2RFciqavaEUXbwPnwT
|
|
||||||
1WF35Ct+qIOP0rXoObm6mrsj7hJnlBPlVpb58/kTxLHMSHPzqQRbFZ35f6tZodJ1
|
|
||||||
gRMKKEnMX8/VWm6TqLUIpFCCTZ5PH1fxaAnulHCxksK03UyfUOvExCTU4x8KS9fl
|
|
||||||
DIoLlV9PFBlAW8mTuIgRKYtHacsc31/5Tehcx0If09NuMFT9Qfl2/Q3p6QJomRFL
|
|
||||||
W5SCP9wx2ONhvZUkRbeihBiTN5/h3DepjOeNWd1DvE6K0Ag8SXMyBGtyKfer4ykW
|
|
||||||
OR0iCiRQQ5QBmNuJrBLRUyfoPqFUXBATT1SrRj8vzXO1TjTmANEMFD0CAwEAAQ==
|
|
||||||
-----END RSA PUBLIC KEY-----
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
uppreisn = {
|
uppreisn = {
|
||||||
owner = config.krebs.users.ilmu;
|
owner = config.krebs.users.ilmu;
|
||||||
nets = {
|
nets = {
|
||||||
|
@ -795,6 +464,10 @@ in {
|
||||||
mail = "0x4a6f@shackspace.de";
|
mail = "0x4a6f@shackspace.de";
|
||||||
pubkey = ssh-for "0x4A6F";
|
pubkey = ssh-for "0x4A6F";
|
||||||
};
|
};
|
||||||
|
xq = {
|
||||||
|
mail = "xq@shackspace.de";
|
||||||
|
pubkey = ssh-for "xq";
|
||||||
|
};
|
||||||
miaoski = {
|
miaoski = {
|
||||||
};
|
};
|
||||||
filly = {
|
filly = {
|
||||||
|
|
347
krebs/3modules/external/mic92.nix
vendored
Normal file
347
krebs/3modules/external/mic92.nix
vendored
Normal file
|
@ -0,0 +1,347 @@
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
{ config, ... }: let
|
||||||
|
hostDefaults = hostName: host: flip recursiveUpdate host ({
|
||||||
|
ci = false;
|
||||||
|
external = true;
|
||||||
|
monitoring = false;
|
||||||
|
} // optionalAttrs (host.nets?retiolum) {
|
||||||
|
nets.retiolum.ip6.addr =
|
||||||
|
(krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
|
||||||
|
});
|
||||||
|
in {
|
||||||
|
hosts = mapAttrs hostDefaults {
|
||||||
|
amy = {
|
||||||
|
owner = config.krebs.users.Mic92;
|
||||||
|
nets = rec {
|
||||||
|
retiolum = {
|
||||||
|
addrs = [
|
||||||
|
config.krebs.hosts.amy.nets.retiolum.ip4.addr
|
||||||
|
config.krebs.hosts.amy.nets.retiolum.ip6.addr
|
||||||
|
];
|
||||||
|
ip4.addr = "10.243.29.181";
|
||||||
|
aliases = [ "amy.r" ];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
MIICCgKCAgEAr3jQRA1+hLKYVgHJA2ax5W8J3GVMTnaGpYw9Q2xXXrX/jxLZ6Ia8
|
||||||
|
hBjIcCBDVL5Q3FnyrKB9NJeeIvCOKg8WG+8O0+wKcePKd0Vhbsx4Whog/6PWs6qh
|
||||||
|
q2sURs2tp1hjHks4kZo2WtiYD7Ue9HHdV6FlUO6yuBV0bW2RzHdLPCDSGxnQVkBM
|
||||||
|
tSwAvMCZwvVBiv4m6RyMXqmpdbAPBzgJcmJS0FY+zGxpiwsR/AdoVvnzYyFMCVpG
|
||||||
|
iFl5+k9OGhUJq72MwAXzjW5ZdCPrG+2Dd+QBhhtIMJGA2sJiJteT8vdvpTNCiHJ/
|
||||||
|
HnW7movliN2mW86qwo7QqB5v0c9f9TjfpOld7sS/4vE3zlGi/Stf6SQWaoXez/u3
|
||||||
|
/P9GzupcYgj76m8Z3j7BMHXCBw8iwP2pZpL9hnLdIyCcyLrzXDIzq4hlt60DPhSU
|
||||||
|
klTDBUA/cUdSJGcSn2N+WHLOTfI6qeBNKqcTk70OQsa69jAJeAtA+I9OprNYOXqb
|
||||||
|
MmQakNNlrTaNtGQxfQqEL+wqHlo8CVDGm3O9pQSNF309P4TLNU1EYm+ItScNiVCE
|
||||||
|
DKhcgvE6xHCwZnVyJN8MMy1CVyDmnHVYoaTEZ2cCvNi/hXIXgO9KWjSpAv5tP764
|
||||||
|
UkOE4dlDpEW6G1pNf84BERfRYGDj29A/Jk9LJC/6D09QJXNu18HR0sUCAwEAAQ==
|
||||||
|
-----END RSA PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
clara = {
|
||||||
|
owner = config.krebs.users.Mic92;
|
||||||
|
nets = rec {
|
||||||
|
retiolum = {
|
||||||
|
addrs = [
|
||||||
|
config.krebs.hosts.clara.nets.retiolum.ip4.addr
|
||||||
|
config.krebs.hosts.clara.nets.retiolum.ip6.addr
|
||||||
|
];
|
||||||
|
ip4.addr = "10.243.29.182";
|
||||||
|
aliases = [ "clara.r" ];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
MIICCgKCAgEA07G1n2sA804nnjWQzq0Fi9i6kxJUo+jVJjtkm5unw3hjflAAd/3d
|
||||||
|
WN+01GdJCk/gr7DfU/Xr5KnR39Z3ADoT1tbUb+i5AJZ5/8VHUwWM8D8mQAam6LBf
|
||||||
|
UEeLxhVH8rG6lHaKwVi9oe4gPhgptUOzX/YIlJOMYDlYRxc7Wbj7YQOAKlPuTAjY
|
||||||
|
Z5bLswfkqTMO0cioJNwwMCNWSMJf3jbKi3eTQ36sf7TDMEneNGSBUpeSjGddoNT/
|
||||||
|
rrVIDDT8tGmtACKr+3Y0H+EA2K5IxdQKKfnPRR31RBWiTkEXBbaJzYO/ZV5/xlbN
|
||||||
|
wmblskwq9d9IwDY7qeMctci+ZUZ3epG8MUwYa4faOrgmmkQpa5B+6UOMzw/WDJEc
|
||||||
|
jTfvSzfPo4anoj8C+MOQYzRvYmp60YEZKomv2BQdBvpGIpUul8WAR2aV0K+wz66e
|
||||||
|
mUamljAXmLiPxgGKduX5VFVuXzYxeMiBBujQCLTjc+xTB2EdwihxNX1rkxz10BDc
|
||||||
|
WrgPV+/VVyThKhOvVCifWARHtT2VGcZazfQOW/y3ZmEPOYuc5ZvrSEiMeG3f64+v
|
||||||
|
UU8cQZ3yBLIhTtC+38pRlsdBQHt526q0j0rrnd30JXVAUdWBunP2UJ5QGtA8/mWn
|
||||||
|
cWSlvRf5sfbyrISz6+mLPM2qGHnCkKwORNxmv/1DY07O3Rn6hX0OY4ECAwEAAQ==
|
||||||
|
-----END RSA PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
donna = {
|
||||||
|
owner = config.krebs.users.Mic92;
|
||||||
|
nets = rec {
|
||||||
|
internet = {
|
||||||
|
ip4.addr = "129.215.165.54";
|
||||||
|
aliases = [ "donna.i" ];
|
||||||
|
};
|
||||||
|
retiolum = {
|
||||||
|
via = internet;
|
||||||
|
addrs = [
|
||||||
|
config.krebs.hosts.donna.nets.retiolum.ip4.addr
|
||||||
|
config.krebs.hosts.donna.nets.retiolum.ip6.addr
|
||||||
|
];
|
||||||
|
ip4.addr = "10.243.29.180";
|
||||||
|
aliases = [ "donna.r" ];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
MIICCgKCAgEAnv5zVPwjHk5Q72D3tv2rlQkp7SOsZD7Wvz8l1yI/mWkxoriJ9MVa
|
||||||
|
x8RziSB3KF8sF1lRWIKmuynkgLI3w0X/YFs/fAvtayxk6Qf8DOl23Vd8Is0h/i3I
|
||||||
|
0fCmCEIHhHboKsREW6NxY7w5WAI2+SFNmGef1P7vzrAv7iLyPbo9nQ8wlrAmc+PJ
|
||||||
|
Ao3BOf4U7kP778fhsPA4dlGtF2v9CBhygeGVI/DQR8jcvzeiPd2Dr0k/JvrVMYtf
|
||||||
|
wJW4xUwZkIpws/yfI8b4VJOFl2X/Yw9712Z8Jvga0rR32OG4YbnggvuCMum1g94k
|
||||||
|
YwMjaSckv1XTalvPQuf1Od96XzwL2hjPFpEK3Tdl4AitMnArgj9HNzhcRL+eGonf
|
||||||
|
U24zk52OToHnoP3palNpodi7DziIBeXIaIMl7VMXku2ymbOUJsI6zeew+uZahJkv
|
||||||
|
QIWjxveQ8N40BoTc8Yg6pea1AId3l4f3brtwJbQOVbb3bVQ5VcrxM9Q/TBvyADYR
|
||||||
|
Knwszxw3uBw5Za1FMbwCPwd8/y/Ar19qGCx25xK0QnsyqZZT/cHsbBOTzh6BBWwI
|
||||||
|
IzbYu49VO/B1rktYzZ2l2ENQy6OILXWbvFjC8Pt8f1ZZQ4A21PyNA1AdyJ/rbVj7
|
||||||
|
awm3OnnvKSvMCXWnwHPFHjksb3qMx96Aep1cw3ZBx0sQQ41UWBoOsi8CAwEAAQ==
|
||||||
|
-----END RSA PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
dpdkm = {
|
||||||
|
owner = config.krebs.users.Mic92;
|
||||||
|
nets = rec {
|
||||||
|
retiolum = {
|
||||||
|
ip4.addr = "10.243.29.173";
|
||||||
|
aliases = [ "dpdkm.r" ];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
MIICCgKCAgEAuW31xGBdPMSS45KmsCX81yuTcDZv1z7wSpsGQiAw7RsApG0fbBDj
|
||||||
|
NvzWZaZpTTUueG7gtt7U9Gk8DhWYR1hNt8bLXxE5QlY+gxVjU8+caRvlv10Y9XYp
|
||||||
|
qZEr1n1O5R7jS1srvutPt74uiA8I3hBoeP5TXndu8tVcehjRWXPqJj4VCy9pT2gP
|
||||||
|
X880Z30cXm0jUIu9XKhzQU2UNaxbqRzhJTvFUG04M+0a9olsUoN7PnDV6MC5Dxzn
|
||||||
|
f0ZZZDgHkcx6vsSkN/C8Tik/UCXr3tS/VX6/3+PREz6Z3bPd2QfaWdowrlFQPeYa
|
||||||
|
bELPvuqYiq7zR/jw3vVsWX2e91goAfKH5LYKNmzJCj5yYq+knB7Wil3HgBn86zvL
|
||||||
|
Joj56VsuB8fQrrUxjrDetNgtdwci+yFeXkJouQRLM0r0W24liyCuBX4B6nqbj71T
|
||||||
|
B6rAMzhBbl1yixgf31EgiCYFSusk+jiT+hye5lAhes4gBW9GAWxGNU9zE4QeAc1w
|
||||||
|
tkPH/CxRIAeuPYNwmjvYI2eQH9UQkgSBa3/Kz7/KT9scbykbs8nhDHCXwT6oAp+n
|
||||||
|
dR5aHkuBrTQOCU3Xx5ZwU5A0T83oLExIeH8jR1h2mW1JoJDdO85dAOrIBHWnjLls
|
||||||
|
mqrJusBh2gbgvNqIrDaQ9J+o1vefw1QeSvcF71JjF1CEBUmTbUAp8KMCAwEAAQ==
|
||||||
|
-----END RSA PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
inspector = {
|
||||||
|
owner = config.krebs.users.Mic92;
|
||||||
|
nets = rec {
|
||||||
|
internet = {
|
||||||
|
ip4.addr = "141.76.44.154";
|
||||||
|
aliases = [ "inspector.i" ];
|
||||||
|
};
|
||||||
|
retiolum = {
|
||||||
|
via = internet;
|
||||||
|
ip4.addr = "10.243.29.172";
|
||||||
|
aliases = [ "inspector.r" ];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
MIICCgKCAgEAr3l/u7qcxmFa2hUICU3oPDhB2ij2R3lKHyjSsVFVLNfl6TpOdppG
|
||||||
|
EDXOapeXL0s+PfBRHdRI3v/dibj4PG9eyKmFxsUJ2gRz4ghb1UE23aQ3pkr3x8sZ
|
||||||
|
7GR+nJYATYf+jolFF9O1x+f0Uo5xaYWkGOMH8wVVzm6+kcsZOYuTEbJAsbTRZywF
|
||||||
|
m1MdRfk54hLiDsj2rjGRZIR+ZfUKVs2MTWOLCpBAHLJK+r3HfUiR2nAgeNkJCFLw
|
||||||
|
WIir1ftDIViT3Ly6b7enaOkVZ695FNYdPWFZCE4AJI0s9wsbMClzUqCl+0mUkumd
|
||||||
|
eRXgWXkmvBsxR4GECnxUhxs6U8Wh3kbQavvemt4vcIKNhkw32+toYc1AFK/n4G03
|
||||||
|
OUJBbRqgJYx9wIvo8PEu4DTTdsPlQZnMwiaKsn+Gi4Ap6JAnG/iLN8sChoQf7Dau
|
||||||
|
ARZA3sf9CkKx5sZ+9dVrLbzGynKE18Z/ysvf1BLd/rVVOps1B/YRBxDwPj8MZJ0x
|
||||||
|
B7b0j+hRVV5palp3RRdcExuWaBrMQQGsXwLUZOFHJJaZUHF9XRdy+5XVJdNOArkG
|
||||||
|
q1+yGhosL1DLTQE/VwCxmBHyYTr3L7yZ2lSaeWdIeYvcRvouDROUjREVFrQjdqwj
|
||||||
|
7vIP1cvDxSSqA07h/xEC4YZKACBYc/PI2mqYK5dvAUG3mGrEsjHktPUCAwEAAQ==
|
||||||
|
-----END RSA PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
eddie = {
|
||||||
|
owner = config.krebs.users.Mic92;
|
||||||
|
nets = rec {
|
||||||
|
internet = {
|
||||||
|
# eddie.thalheim.io
|
||||||
|
ip4.addr = "129.215.197.11";
|
||||||
|
aliases = [ "eddie.i" ];
|
||||||
|
};
|
||||||
|
retiolum = {
|
||||||
|
via = internet;
|
||||||
|
addrs = [
|
||||||
|
config.krebs.hosts.eddie.nets.retiolum.ip4.addr
|
||||||
|
config.krebs.hosts.eddie.nets.retiolum.ip6.addr
|
||||||
|
];
|
||||||
|
ip4.addr = "10.243.29.170";
|
||||||
|
aliases = [ "eddie.r" ];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
MIICCgKCAgEAuRQphRlSIC/aqRTfvStPdJOJCx1ACeFIDEjRdgoxuu32qoBl7i6d
|
||||||
|
j7Voh+Msditf2a5+f0fVsNDaPnjPGfk0NkZBjmn+RZQDRXk0krpTNj2Vb6W5quTm
|
||||||
|
3yrjJMFJR9CU5khfppc47X+ir8bjn7RusWTFNEuDvUswHmRmnJHLS3Y+utOaRbCF
|
||||||
|
2hxpyxCn423gpsaBfORPEK8X90nPbuNpFDugWPnC+R45TpNmIf4qyKvfhd9OKrua
|
||||||
|
KNanGHG30xhBW/DclUwwWi8D44d94xFnIRVcG1O+Uto93WoUWZn90lI1qywSj5Aq
|
||||||
|
iWstBK4tc7VwvAj0UzPlaRYYPfFjOEkPQzj8xC6l/leJcgxkup252uo6m1njMx3t
|
||||||
|
6QWMgevjqosY22OZReZfIwb14aDWFKLTWs30J+zmWK4TjlRITdsOEKxlpODMbJAD
|
||||||
|
kfSoPwuwkWIzFhNOrFiD/NtKaRYmV8bTBCT3a9cvvObshJx13BP+IUFzBS1N1n/u
|
||||||
|
hJWYH5WFsQZn/8rHDwZGkS1zKPEaNoydjqCZNyJpJ5nhggyl6gpuD7wpXM/8tFay
|
||||||
|
pAjRP40+qRQLUWXmswV0hsZTOX1tvZs4f68y3WJ+GwCWw9HvvwmzYes5ayJrPsbJ
|
||||||
|
lyK301Jb42wGEsVWxu3Eo/PLtp8OdD+Wdh6o/ELcc0k/YCUGFMujUM8CAwEAAQ==
|
||||||
|
-----END RSA PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
eve = {
|
||||||
|
owner = config.krebs.users.Mic92;
|
||||||
|
nets = rec {
|
||||||
|
internet = {
|
||||||
|
# eve.thalheim.io
|
||||||
|
ip4.addr = "95.216.112.61";
|
||||||
|
ip6.addr = "2a01:4f9:2b:1605::1";
|
||||||
|
aliases = [ "eve.i" ];
|
||||||
|
};
|
||||||
|
retiolum = {
|
||||||
|
via = internet;
|
||||||
|
addrs = [
|
||||||
|
config.krebs.hosts.eve.nets.retiolum.ip4.addr
|
||||||
|
config.krebs.hosts.eve.nets.retiolum.ip6.addr
|
||||||
|
];
|
||||||
|
ip4.addr = "10.243.29.174";
|
||||||
|
aliases = [ "eve.r" ];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
MIICCgKCAgEAw5cxGjnWCG8dcuhTddvGHzH0/VjxHA5V8qJXH2R5k8ki8dsM5FRH
|
||||||
|
XRcH/aYg+IL03cyx4wU7oJKxiOTNGbysglnbTVthfYhqeQY+NRTzR1Thb2Fo+P82
|
||||||
|
08Eovwlgb0uwCjaiH8ZoH3BKjXyMn/Ezrni7hc5zyyRb88XJLosTykO2USlrsoIk
|
||||||
|
6OCA3A34HyJH0/G6GbNYCPrB/a/r1ji7OWDlg3Ft9c3ViVOkcNV1d9FV0RULX9EI
|
||||||
|
+xRDbAs1fkK5wMkC2BpkJRHTpImPbYlwQvDrL2sp+JNAEVni84xGxWn9Wjd9WVv3
|
||||||
|
dn+iPUD7HF9bFVDsj0rbVL78c63MEgr0pVyONDBK+XxogMTOqjgicmkLRxlhaSPW
|
||||||
|
pnfZHJzJ727crBbwosORY+lTq6MNIMjEjNcJnzAEVS5uTJikLYL9Y5EfIztGp7LP
|
||||||
|
c298AtKjEYOftiyMcohTGnHhio6zteuW/i2sv4rCBxHyH5sWulaHB7X1ej0eepJi
|
||||||
|
YX6/Ff+y9vDLCuDxb6mvPGT1xpnNmt1jxAUJhiRNuAvbtvjtPwYfWjQXOf7xa2xI
|
||||||
|
61Oahtwy/szBj9mWIAymMfnvFGpeiIcww3ZGzYNyKBCjp1TkkgFRV3Y6eoq1sJ13
|
||||||
|
Pxol8FwH5+Q72bLtvg5Zva8D0Vx2U1jYSHEkRDDzaS5Z6Fus+zeZVMsCAwEAAQ==
|
||||||
|
-----END RSA PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
# ohorn lan
|
||||||
|
tinc.subnets = [ "fd42:4492:6a6d:500:8526:2adf:7451:8bbb" ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
martha = {
|
||||||
|
owner = config.krebs.users.Mic92;
|
||||||
|
nets = rec {
|
||||||
|
internet = {
|
||||||
|
ip4.addr = "129.215.165.53";
|
||||||
|
aliases = [ "martha.i" ];
|
||||||
|
};
|
||||||
|
retiolum = {
|
||||||
|
via = internet;
|
||||||
|
addrs = [
|
||||||
|
config.krebs.hosts.martha.nets.retiolum.ip4.addr
|
||||||
|
config.krebs.hosts.martha.nets.retiolum.ip6.addr
|
||||||
|
];
|
||||||
|
ip4.addr = "10.243.29.179";
|
||||||
|
aliases = [ "martha.r" ];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
MIICCgKCAgEA3lR3Wup2yd9SYs9n9a7lq/jXxlKdwjgp9gPEirLn3/XCFM7NpLIp
|
||||||
|
LRm3Wdplv0NWim4zI3AsdGmUBrV3y0Ugj48Td4RpXlOiFjS8NHnvRbamCZF7m/pJ
|
||||||
|
3T/QpQx98+QEKXb3gZ5aDGgcHLRbUYUBuwFOxAKaikuDe2qJxqXqOmA7RXZDkEqe
|
||||||
|
FrQE/H1/+8HqJ1vhgZKi3Vu7zLRB1EV8nggWFjQKR8o0AeViLwM3OxFtGyKTaXuK
|
||||||
|
WAQrvSdKQDpQwqAPogyeftGesOfW7z0xrelkux10p42YM9epYvZDFRG97/nupw/S
|
||||||
|
iYGiTTFDBDTzpyT3zl1uwhmQ3re/nJXf5e4fgnZEcsweU8ysHtDhbimqrm9impVn
|
||||||
|
XdKnnuNa9F8VlyHCT2pVC9+WDKDNtA2M8f+8lG8/hoJ7hhp5HhBZ3ncROyQqOg4F
|
||||||
|
e6YtaFidi+fYXjQkdUXHv5FCkqFJnoxZdI2vwqU2DumltG/o+qsksI2WSsLsuMVs
|
||||||
|
sa4KUq0+5OsmCJnIAKWV2YwbLVf1tJMjPGA0jQECrHPL6SKobRefqav6MPuTbytC
|
||||||
|
4frtEIGbfdKqQ6nNTvTpCrAo+WAm3NE3khTYqGe4LqX/JMoGtWXp/Ex9IdG+sflM
|
||||||
|
mESMjuHp9vPY4aZGPtYPP93Cxv3q7gm+EfIGebajISpaG28J+XjiNNsCAwEAAQ==
|
||||||
|
-----END RSA PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
matchbox = {
|
||||||
|
owner = config.krebs.users.Mic92;
|
||||||
|
nets = {
|
||||||
|
retiolum = {
|
||||||
|
ip4.addr = "10.243.29.176";
|
||||||
|
aliases = [ "matchbox.r" ];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
MIICCgKCAgEAqwB9pzV889vpMp/am+T0sfm5qO/wAWS/tv0auYK3Zyx3ChxrQX2m
|
||||||
|
VrxO5a/bjR/g1fi/t2kJIV/6tsVSRHfzKuKHprE2KxeNOmwUuSjjiM4CboASMR+w
|
||||||
|
nra6U0Ldf5vBxtEj5bj384QxwxxVLhSw8NbE43FCM07swSvAT8Y/ZmGUd738674u
|
||||||
|
TNC6zM6zwLvN0dxCDLuD5bwUq7y73JNQTm2YXv1Hfw3T8XqJK/Xson2Atv2Y5ZbE
|
||||||
|
TA0RaH3PoEkhkVeJG/EuUIJhvmunS5bBjFSiOiUZ8oEOSjo9nHUMD0u+x1BZIg/1
|
||||||
|
yy5B5iB4YSGPAtjMJhwD/LRIoI8msWpdVCCnA+FlKCKAsgC7JbJgcOUtK9eDFdbO
|
||||||
|
4FyzdUJbK+4PDguraPGzIX7p+K3SY8bbyo3SSp5rEb+CEWtFf26oJm7eBhDBT6K4
|
||||||
|
Ofmzp0GjFbS8qkqEGCQcfi4cAsXMVCn4AJ6CKs89y19pLZ42fUtWg7WgUZA7GWV/
|
||||||
|
bPE2RSBMUkGb0ovgoe7Z7NXsL3AST8EQEy+3lAEyUrPFLiwoeGJZmfTDTy1VBFI4
|
||||||
|
nCShp7V+MSmz4DnLK1HLksLVLmGyZmouGsLjYUnEa414EI6NJF3bfEO2ZRGaswyR
|
||||||
|
/vW066YCTe7wi+YrvrMDgkdbyfn/ecMTn2iXsTb4k9/fuO0+hsqL+isCAwEAAQ==
|
||||||
|
-----END RSA PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
# ohorn lan
|
||||||
|
tinc.subnets = [ "fd42:4492:6a6d:500::/64" ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
rose = {
|
||||||
|
owner = config.krebs.users.Mic92;
|
||||||
|
nets = rec {
|
||||||
|
internet = {
|
||||||
|
ip4.addr = "129.215.165.52";
|
||||||
|
aliases = [ "rose.i" ];
|
||||||
|
};
|
||||||
|
retiolum = {
|
||||||
|
via = internet;
|
||||||
|
addrs = [
|
||||||
|
config.krebs.hosts.rose.nets.retiolum.ip4.addr
|
||||||
|
config.krebs.hosts.rose.nets.retiolum.ip6.addr
|
||||||
|
];
|
||||||
|
ip4.addr = "10.243.29.178";
|
||||||
|
aliases = [ "rose.r" ];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
MIICCgKCAgEA0h88uEcgVFhggGh3xqHySt8T+oDdoSN8ve4ZPmMzrGCD4dnlWcUO
|
||||||
|
6uMiwE7XG667wvjB0J2RbCJ8n8/r6eQgp6sRfPzSQL/Mc74J+py+sOVOjjjL5wJX
|
||||||
|
btrYmASO3GKUSMhGmM0IiwHMIPrmUViaREDrweF3bUwK45d/ocqpBkc+nF27kksd
|
||||||
|
DMYjHMWRIkKuQaj592zo/kY1pAJ/yAvDPess0x1CLL6uDNbjTr2S/L7JHdzZs9Xq
|
||||||
|
1+SGdVtqD0sWgSBKA0PC/Mi+Divd4PC1SoSL7wZRWD0Y2DNgj3+xUc7hAWRCw2Gs
|
||||||
|
5wofK+qiwnyYAmeNYcyQfDLosKZF9hOM8U3UbxptkPLsOK3cfZoGoLQCuOryVDBe
|
||||||
|
6GfJkJ49WfuSSNWs3WPWL6/6zmVPeGR0TvoMt02VQ3cKTmeIkWyTIzSVoC7wYv5D
|
||||||
|
Dl8Xt3aFr9UFI2GxenesViyuDLi8cy2fOsM3r+gowXQtgEKoXc9W2vyPwIIlcWUJ
|
||||||
|
QrKVsyNlkKKL0YjsnGazaEvqdiE30/Iq7f7VBnXnWXRLnZhr85HbTdDQnpT4GcEv
|
||||||
|
W3jpl1y5zShr5Hz90QoYcUTsxg9uk/+yqKpwUySZ6Gh4q0bo5k7nkM9i8mCMfNGZ
|
||||||
|
0UU94QmwS9RoV4Mt4pSLYRcCs0mVeEjLuIfTFHkXc6LCjBWMn8ICfeMCAwEAAQ==
|
||||||
|
-----END RSA PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
turingmachine = {
|
||||||
|
owner = config.krebs.users.Mic92;
|
||||||
|
nets = {
|
||||||
|
retiolum = {
|
||||||
|
ip4.addr = "10.243.29.168";
|
||||||
|
aliases = [
|
||||||
|
"turingmachine.r"
|
||||||
|
];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
MIICCgKCAgEAxh+5HD1oAFTvMWEra2pYrA3HF8T4EnkP917lIUiuN7xUj7sawu0C
|
||||||
|
t1/1IfIlH9dbxgFe5CD/gXvokxHdovPTGVH11L+thZgq6hg/xbYvZAl76yLxj7t9
|
||||||
|
6+Ocac08TQZYMqWKShz5jqTVE/DLz4Cdy0Qk9sMJ1++OmH8jsWgK5BkogF99Gwf8
|
||||||
|
ZiI0t3n3lCZsm3v592lveDcVIh6hjuCIvFVxc+7cOj0MKm1LxLWbCHZlUIE3he4g
|
||||||
|
nZu4XiYaE4Y2LicMs8zKehnQkkXrP1amT56SqUfbSnWR+HZc2+KjwRDI5BPeTS06
|
||||||
|
5WHwkQs0ScOn7vFZci3rElIc7vilu2eKGF1VLce9kXw9SU2RFciqavaEUXbwPnwT
|
||||||
|
1WF35Ct+qIOP0rXoObm6mrsj7hJnlBPlVpb58/kTxLHMSHPzqQRbFZ35f6tZodJ1
|
||||||
|
gRMKKEnMX8/VWm6TqLUIpFCCTZ5PH1fxaAnulHCxksK03UyfUOvExCTU4x8KS9fl
|
||||||
|
DIoLlV9PFBlAW8mTuIgRKYtHacsc31/5Tehcx0If09NuMFT9Qfl2/Q3p6QJomRFL
|
||||||
|
W5SCP9wx2ONhvZUkRbeihBiTN5/h3DepjOeNWd1DvE6K0Ag8SXMyBGtyKfer4ykW
|
||||||
|
OR0iCiRQQ5QBmNuJrBLRUyfoPqFUXBATT1SrRj8vzXO1TjTmANEMFD0CAwEAAQ==
|
||||||
|
-----END RSA PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
# ohorn lan
|
||||||
|
tinc.subnets = [ "fd42:4492:6a6d:500:f610:15d1:27a3:674b" ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
1
krebs/3modules/external/ssh/xq.pub
vendored
Normal file
1
krebs/3modules/external/ssh/xq.pub
vendored
Normal file
|
@ -0,0 +1 @@
|
||||||
|
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDZR8LsswO/5f9/jc+tKNHHWtty5HTs13Vytbyz8DzJZrGJgOKeVA6OFPgWtaAKvxL/DUTVVVvqpOng2vACTC+CoPaCxE8yJchitkVQNg3zwsf8a8RdWsJAvZklfPz9qmmz+tM37yLpowiMNmCR5vrteRDso6GK4pUjikS5YvjT+vsvRWcVQpmjnAVYsBPgS9NIBjMDR3etoJgpSaF/oU4rDE2JElm/qOQ04W45JiJKVB2BkFomQ1EFl8oORYiMQzvaYA2BCsciBb6X+Jf0RZkVChErfawPzABhAcYpyNRhamaqiSWirw5o4l+ZaDkgezUf3ue6QuHjzuS02+3qIwXP felix@denkplatte
|
|
@ -11,6 +11,14 @@ let
|
||||||
|
|
||||||
api = {
|
api = {
|
||||||
enable = mkEnableOption "hidden SSH announce";
|
enable = mkEnableOption "hidden SSH announce";
|
||||||
|
channel = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
default = "#krebs-announce";
|
||||||
|
};
|
||||||
|
server = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
default = "irc.freenode.org";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
imp = let
|
imp = let
|
||||||
|
@ -38,10 +46,10 @@ let
|
||||||
echo "still waiting for ${hiddenServiceDir}/hostname"
|
echo "still waiting for ${hiddenServiceDir}/hostname"
|
||||||
sleep 1
|
sleep 1
|
||||||
done
|
done
|
||||||
${pkgs.untilport}/bin/untilport irc.freenode.org 6667 && \
|
${pkgs.untilport}/bin/untilport ${cfg.server} 6667 && \
|
||||||
${pkgs.irc-announce}/bin/irc-announce \
|
${pkgs.irc-announce}/bin/irc-announce \
|
||||||
irc.freenode.org 6667 ${config.krebs.build.host.name}-ssh \
|
${cfg.server} 6667 ${config.krebs.build.host.name}-ssh \
|
||||||
\#krebs-announce \
|
\${cfg.channel} \
|
||||||
"SSH Hidden Service at $(cat ${hiddenServiceDir}/hostname)"
|
"SSH Hidden Service at $(cat ${hiddenServiceDir}/hostname)"
|
||||||
'';
|
'';
|
||||||
PrivateTmp = "true";
|
PrivateTmp = "true";
|
||||||
|
|
|
@ -34,6 +34,35 @@ with import <stockholm/lib>;
|
||||||
});
|
});
|
||||||
in {
|
in {
|
||||||
hosts = mapAttrs hostDefaults ({
|
hosts = mapAttrs hostDefaults ({
|
||||||
|
filebitch = {
|
||||||
|
ci = true;
|
||||||
|
cores = 4;
|
||||||
|
nets = {
|
||||||
|
shack = {
|
||||||
|
ip4.addr = "10.42.0.50" ;
|
||||||
|
aliases = [
|
||||||
|
"filebitch.shack"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
retiolum = {
|
||||||
|
ip4.addr = "10.243.189.130";
|
||||||
|
aliases = [ "filebitch.r" ];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
MIIBCgKCAQEA8ZSLsOlPy9Vd8XdEcIoP8H3rztsbB0McTYPGhUaZ6/aqcD/MBSQa
|
||||||
|
FT9NZS0+N0Pev7y90As6Rj5Wrom92xlThcFPaX0Dzmzz+7363M4qtlrtmmWkx2FX
|
||||||
|
VDrPOYbe4hGGOCsPNOTNJkcW4zs2Ym5YKbZeXHfnuqCW+yuhKBCgO9slc740jkHZ
|
||||||
|
5xuv5zbU3ZMRk1H8xi4+cQcHqh+1PY75lJxVSNvrbe5pvGxm9yVdp235b49ohDRU
|
||||||
|
UfUjXmymPlnfJgTOMxmHwl+UmwYR4Yw2CZKXTjbJe5HjbykleTwUb1qyijM8suJf
|
||||||
|
eXRyma8VGILcY6K/HmE4nz7ESAlI1c+QlwIDAQAB
|
||||||
|
-----END RSA PUBLIC KEY-----
|
||||||
|
Ed25519PublicKey = NPjEmo1dkxNS2Xm7qUyWhLKdFYF4MnhIM79NPQELWHC
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||||
|
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKRpjW68lSlTL8jBQcXKOTdGa+olQw5ghaU5df2yAE64";
|
||||||
|
};
|
||||||
hotdog = {
|
hotdog = {
|
||||||
ci = true;
|
ci = true;
|
||||||
nets = {
|
nets = {
|
||||||
|
|
|
@ -283,14 +283,6 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
filebitch = rec {
|
|
||||||
cores = 4;
|
|
||||||
nets = {
|
|
||||||
retiolum = {
|
|
||||||
ip4.addr = "10.243.189.130";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
shackdev = rec { # router@shack
|
shackdev = rec { # router@shack
|
||||||
cores = 1;
|
cores = 1;
|
||||||
|
|
|
@ -1,8 +0,0 @@
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
|
||||||
MIIBCgKCAQEA2VjW30A3uQoo5QwbFTnl5fuGg81DZVu8HXmDwgEkhZYr5Xf3V5/d
|
|
||||||
fmPlX1igzatWYX0OylFAY69r0V4dqeTubIf83sz1eqtpXjK4czG8A3wMHEXj5Pzs
|
|
||||||
e1Qh8K4rHMEATc7Y/cwpQBi2THn2bhufqgaz94m8HrStCZcKCin3fDMbE01WHWX1
|
|
||||||
KFqeBtUd7b9pWbXKlLBNpHTZoGxVQk0Hto9pxYzHecRsbQXykYk3Rw2tSuf0aH99
|
|
||||||
oY0i3LjOb+f2oq2S4qVHqHZsMJfDVr+x2/LP1SIcc1lVTztWSSAzZEokE0/ejvXf
|
|
||||||
wkquBVHXdl6LuzH+/V1I7OsaMhHShYu1LwIDAQAB
|
|
||||||
-----END RSA PUBLIC KEY-----
|
|
|
@ -77,190 +77,7 @@ let
|
||||||
|
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
Type = "simple";
|
Type = "simple";
|
||||||
ExecStart = pkgs.writeDash "generate-wallpaper" ''
|
ExecStart = "${pkgs.realwallpaper}/bin/generate-wallpaper";
|
||||||
set -euf
|
|
||||||
|
|
||||||
# usage: getimg FILENAME URL
|
|
||||||
fetch() {
|
|
||||||
echo "fetch $1"
|
|
||||||
curl -LsS -z "$1" -o "$1" "$2"
|
|
||||||
}
|
|
||||||
|
|
||||||
# usage: check_type FILENAME TYPE
|
|
||||||
check_type() {
|
|
||||||
if ! file -ib "$1" | grep -q "^$2/"; then
|
|
||||||
echo "$1 is not of type $2" >&2
|
|
||||||
rm "$1"
|
|
||||||
return 1
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
# usage: image_size FILENAME
|
|
||||||
image_size() {
|
|
||||||
identify "$1" | awk '{print$3}'
|
|
||||||
}
|
|
||||||
|
|
||||||
# usage: make_mask DST SRC MASK
|
|
||||||
make_layer() {
|
|
||||||
if needs_rebuild "$@"; then
|
|
||||||
echo "make $1 (apply mask)" >&2
|
|
||||||
convert "$2" "$3" -alpha off -compose copy_opacity -composite "$1"
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
# usage: flatten DST HILAYER LOLAYER
|
|
||||||
flatten() {
|
|
||||||
if needs_rebuild "$@"; then
|
|
||||||
echo "make $1 (flatten)" >&2
|
|
||||||
composite "$2" "$3" "$1"
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
# usage: needs_rebuild DST SRC...
|
|
||||||
needs_rebuild() {
|
|
||||||
a="$1"
|
|
||||||
shift
|
|
||||||
if ! test -e "$a"; then
|
|
||||||
#echo " $a does not exist" >&2
|
|
||||||
result=0
|
|
||||||
else
|
|
||||||
result=1
|
|
||||||
for b; do
|
|
||||||
if test "$b" -nt "$a"; then
|
|
||||||
#echo " $b is newer than $a" >&2
|
|
||||||
result=0
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
fi
|
|
||||||
#case $result in
|
|
||||||
# 0) echo "$a needs rebuild" >&2;;
|
|
||||||
#esac
|
|
||||||
return $result
|
|
||||||
}
|
|
||||||
|
|
||||||
main() {
|
|
||||||
cd ${cfg.workingDir}
|
|
||||||
|
|
||||||
# fetch source images in parallel
|
|
||||||
fetch nightmap-raw.jpg \
|
|
||||||
${cfg.nightmap} &
|
|
||||||
fetch daymap-raw.png \
|
|
||||||
${cfg.daymap} &
|
|
||||||
fetch clouds-raw.jpg \
|
|
||||||
${cfg.cloudmap} &
|
|
||||||
fetch marker.json \
|
|
||||||
${cfg.marker} &
|
|
||||||
wait
|
|
||||||
|
|
||||||
check_type nightmap-raw.jpg image
|
|
||||||
check_type daymap-raw.png image
|
|
||||||
check_type clouds-raw.jpg image
|
|
||||||
|
|
||||||
in_size=2048x1024
|
|
||||||
xplanet_out_size=1466x1200
|
|
||||||
out_geometry=1366x768+100+160
|
|
||||||
|
|
||||||
nightsnow_color='#0c1a49' # nightmap
|
|
||||||
|
|
||||||
for raw in \
|
|
||||||
nightmap-raw.jpg \
|
|
||||||
daymap-raw.png \
|
|
||||||
clouds-raw.jpg \
|
|
||||||
;
|
|
||||||
do
|
|
||||||
normal=''${raw%-raw.*}.png
|
|
||||||
if needs_rebuild $normal $raw; then
|
|
||||||
echo "make $normal; normalize $raw" >&2
|
|
||||||
convert $raw -scale $in_size $normal
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
|
|
||||||
# create nightmap-fullsnow
|
|
||||||
if needs_rebuild nightmap-fullsnow.png; then
|
|
||||||
convert -size $in_size xc:$nightsnow_color nightmap-fullsnow.png
|
|
||||||
fi
|
|
||||||
|
|
||||||
# extract daymap-snowmask from daymap-final
|
|
||||||
if needs_rebuild daymap-snowmask.png daymap.png; then
|
|
||||||
convert daymap.png -threshold 95% daymap-snowmask.png
|
|
||||||
fi
|
|
||||||
|
|
||||||
# extract nightmap-lightmask from nightmap
|
|
||||||
if needs_rebuild nightmap-lightmask.png nightmap.png; then
|
|
||||||
convert nightmap.png -threshold 25% nightmap-lightmask.png
|
|
||||||
fi
|
|
||||||
|
|
||||||
# create layers
|
|
||||||
make_layer nightmap-snowlayer.png nightmap-fullsnow.png daymap-snowmask.png
|
|
||||||
make_layer nightmap-lightlayer.png nightmap.png nightmap-lightmask.png
|
|
||||||
|
|
||||||
# apply layers
|
|
||||||
flatten nightmap-lightsnowlayer.png \
|
|
||||||
nightmap-lightlayer.png \
|
|
||||||
nightmap-snowlayer.png
|
|
||||||
|
|
||||||
flatten nightmap-final.png \
|
|
||||||
nightmap-lightsnowlayer.png \
|
|
||||||
nightmap.png
|
|
||||||
|
|
||||||
# create marker file from json
|
|
||||||
if [ -s marker.json ]; then
|
|
||||||
jq -r 'to_entries[] | @json "\(.value.latitude) \(.value.longitude)"' marker.json > marker_file
|
|
||||||
fi
|
|
||||||
|
|
||||||
# make all unmodified files as final
|
|
||||||
for normal in \
|
|
||||||
daymap.png \
|
|
||||||
clouds.png \
|
|
||||||
;
|
|
||||||
do
|
|
||||||
final=''${normal%.png}-final.png
|
|
||||||
needs_rebuild $final &&
|
|
||||||
ln $normal $final
|
|
||||||
done
|
|
||||||
|
|
||||||
# rebuild every time to update shadow
|
|
||||||
xplanet --num_times 1 --geometry $xplanet_out_size \
|
|
||||||
--output xplanet-output.png --projection merc \
|
|
||||||
-config ${pkgs.writeText "xplanet.config" ''
|
|
||||||
[earth]
|
|
||||||
"Earth"
|
|
||||||
map=daymap-final.png
|
|
||||||
night_map=nightmap-final.png
|
|
||||||
cloud_map=clouds-final.png
|
|
||||||
cloud_threshold=10
|
|
||||||
shade=15
|
|
||||||
''}
|
|
||||||
|
|
||||||
xplanet --num_times 1 --geometry $xplanet_out_size \
|
|
||||||
--output xplanet-krebs-output.png --projection merc \
|
|
||||||
-config ${pkgs.writeText "xplanet-krebs.config" ''
|
|
||||||
[earth]
|
|
||||||
"Earth"
|
|
||||||
map=daymap-final.png
|
|
||||||
night_map=nightmap-final.png
|
|
||||||
cloud_map=clouds-final.png
|
|
||||||
cloud_threshold=10
|
|
||||||
marker_file=marker_file
|
|
||||||
shade=15
|
|
||||||
''}
|
|
||||||
|
|
||||||
# trim xplanet output
|
|
||||||
if needs_rebuild realwallpaper.png xplanet-output.png; then
|
|
||||||
convert xplanet-output.png -crop $out_geometry \
|
|
||||||
realwallpaper-tmp.png
|
|
||||||
mv realwallpaper-tmp.png realwallpaper.png
|
|
||||||
fi
|
|
||||||
|
|
||||||
if needs_rebuild realwallpaper-krebs.png xplanet-krebs-output.png; then
|
|
||||||
convert xplanet-krebs-output.png -crop $out_geometry \
|
|
||||||
realwallpaper-krebs-tmp.png
|
|
||||||
mv realwallpaper-krebs-tmp.png realwallpaper-krebs.png
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
main "$@"
|
|
||||||
'';
|
|
||||||
User = "realwallpaper";
|
User = "realwallpaper";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -37,6 +37,7 @@ let
|
||||||
|
|
||||||
anonymous = mkOption {
|
anonymous = mkOption {
|
||||||
type = types.attrsOf types.unspecified;
|
type = types.attrsOf types.unspecified;
|
||||||
|
default = {};
|
||||||
description = ''
|
description = ''
|
||||||
nginx virtualHost options to be merged into the anonymous graphs
|
nginx virtualHost options to be merged into the anonymous graphs
|
||||||
vhost entry.
|
vhost entry.
|
||||||
|
|
|
@ -24,7 +24,7 @@ pkgs.writeDashBin "irc-announce" ''
|
||||||
# echo2 and cat2 are used output to both, stdout and stderr
|
# echo2 and cat2 are used output to both, stdout and stderr
|
||||||
# This is used to see what we send to the irc server. (debug output)
|
# This is used to see what we send to the irc server. (debug output)
|
||||||
echo2() { echo "$*"; echo "$*" >&2; }
|
echo2() { echo "$*"; echo "$*" >&2; }
|
||||||
cat2() { tee /dev/stderr; }
|
cat2() { (read x ; echo "$x" ; echo "$x" >&2) }
|
||||||
|
|
||||||
# privmsg_cat transforms stdin to a privmsg
|
# privmsg_cat transforms stdin to a privmsg
|
||||||
privmsg_cat() { awk '{ print "PRIVMSG "ENVIRON["IRC_CHANNEL"]" :"$0 }'; }
|
privmsg_cat() { awk '{ print "PRIVMSG "ENVIRON["IRC_CHANNEL"]" :"$0 }'; }
|
||||||
|
|
185
krebs/5pkgs/simple/realwallpaper/default.nix
Normal file
185
krebs/5pkgs/simple/realwallpaper/default.nix
Normal file
|
@ -0,0 +1,185 @@
|
||||||
|
{ pkgs, ... }:
|
||||||
|
pkgs.writeDashBin "generate-wallpaper" ''
|
||||||
|
set -euf
|
||||||
|
|
||||||
|
# usage: getimg FILENAME URL
|
||||||
|
fetch() {
|
||||||
|
echo "fetch $1"
|
||||||
|
curl -LsS -z "$1" -o "$1" "$2"
|
||||||
|
}
|
||||||
|
|
||||||
|
# usage: check_type FILENAME TYPE
|
||||||
|
check_type() {
|
||||||
|
if ! file -ib "$1" | grep -q "^$2/"; then
|
||||||
|
echo "$1 is not of type $2" >&2
|
||||||
|
rm "$1"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
# usage: image_size FILENAME
|
||||||
|
image_size() {
|
||||||
|
identify "$1" | awk '{print$3}'
|
||||||
|
}
|
||||||
|
|
||||||
|
# usage: make_mask DST SRC MASK
|
||||||
|
make_layer() {
|
||||||
|
if needs_rebuild "$@"; then
|
||||||
|
echo "make $1 (apply mask)" >&2
|
||||||
|
convert "$2" "$3" -alpha off -compose copy_opacity -composite "$1"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
# usage: flatten DST HILAYER LOLAYER
|
||||||
|
flatten() {
|
||||||
|
if needs_rebuild "$@"; then
|
||||||
|
echo "make $1 (flatten)" >&2
|
||||||
|
composite "$2" "$3" "$1"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
# usage: needs_rebuild DST SRC...
|
||||||
|
needs_rebuild() {
|
||||||
|
a="$1"
|
||||||
|
shift
|
||||||
|
if ! test -e "$a"; then
|
||||||
|
#echo " $a does not exist" >&2
|
||||||
|
result=0
|
||||||
|
else
|
||||||
|
result=1
|
||||||
|
for b; do
|
||||||
|
if test "$b" -nt "$a"; then
|
||||||
|
#echo " $b is newer than $a" >&2
|
||||||
|
result=0
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
#case $result in
|
||||||
|
# 0) echo "$a needs rebuild" >&2;;
|
||||||
|
#esac
|
||||||
|
return $result
|
||||||
|
}
|
||||||
|
|
||||||
|
main() {
|
||||||
|
cd "$working_dir"
|
||||||
|
|
||||||
|
# fetch source images in parallel
|
||||||
|
fetch nightmap-raw.jpg \
|
||||||
|
"$nightmap_url" &
|
||||||
|
fetch daymap-raw.png \
|
||||||
|
"$daymap_url" &
|
||||||
|
fetch clouds-raw.jpg \
|
||||||
|
"$cloudmap_url" &
|
||||||
|
fetch marker.json \
|
||||||
|
"$marker_url" &
|
||||||
|
wait
|
||||||
|
|
||||||
|
check_type nightmap-raw.jpg image
|
||||||
|
check_type daymap-raw.png image
|
||||||
|
check_type clouds-raw.jpg image
|
||||||
|
|
||||||
|
in_size=2048x1024
|
||||||
|
xplanet_out_size=1466x1200
|
||||||
|
out_geometry=1366x768+100+160
|
||||||
|
|
||||||
|
nightsnow_color='#0c1a49' # nightmap
|
||||||
|
|
||||||
|
for raw in \
|
||||||
|
nightmap-raw.jpg \
|
||||||
|
daymap-raw.png \
|
||||||
|
clouds-raw.jpg \
|
||||||
|
;
|
||||||
|
do
|
||||||
|
normal=''${raw%-raw.*}.png
|
||||||
|
if needs_rebuild $normal $raw; then
|
||||||
|
echo "make $normal; normalize $raw" >&2
|
||||||
|
convert $raw -scale $in_size $normal
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
# create nightmap-fullsnow
|
||||||
|
if needs_rebuild nightmap-fullsnow.png; then
|
||||||
|
convert -size $in_size xc:$nightsnow_color nightmap-fullsnow.png
|
||||||
|
fi
|
||||||
|
|
||||||
|
# extract daymap-snowmask from daymap-final
|
||||||
|
if needs_rebuild daymap-snowmask.png daymap.png; then
|
||||||
|
convert daymap.png -threshold 95% daymap-snowmask.png
|
||||||
|
fi
|
||||||
|
|
||||||
|
# extract nightmap-lightmask from nightmap
|
||||||
|
if needs_rebuild nightmap-lightmask.png nightmap.png; then
|
||||||
|
convert nightmap.png -threshold 25% nightmap-lightmask.png
|
||||||
|
fi
|
||||||
|
|
||||||
|
# create layers
|
||||||
|
make_layer nightmap-snowlayer.png nightmap-fullsnow.png daymap-snowmask.png
|
||||||
|
make_layer nightmap-lightlayer.png nightmap.png nightmap-lightmask.png
|
||||||
|
|
||||||
|
# apply layers
|
||||||
|
flatten nightmap-lightsnowlayer.png \
|
||||||
|
nightmap-lightlayer.png \
|
||||||
|
nightmap-snowlayer.png
|
||||||
|
|
||||||
|
flatten nightmap-final.png \
|
||||||
|
nightmap-lightsnowlayer.png \
|
||||||
|
nightmap.png
|
||||||
|
|
||||||
|
# create marker file from json
|
||||||
|
if [ -s marker.json ]; then
|
||||||
|
jq -r 'to_entries[] | @json "\(.value.latitude) \(.value.longitude)"' marker.json > marker_file
|
||||||
|
fi
|
||||||
|
|
||||||
|
# make all unmodified files as final
|
||||||
|
for normal in \
|
||||||
|
daymap.png \
|
||||||
|
clouds.png \
|
||||||
|
;
|
||||||
|
do
|
||||||
|
final=''${normal%.png}-final.png
|
||||||
|
needs_rebuild $final &&
|
||||||
|
ln $normal $final
|
||||||
|
done
|
||||||
|
|
||||||
|
# rebuild every time to update shadow
|
||||||
|
xplanet --num_times 1 --geometry $xplanet_out_size \
|
||||||
|
--output xplanet-output.png --projection merc \
|
||||||
|
-config ${pkgs.writeText "xplanet.config" ''
|
||||||
|
[earth]
|
||||||
|
"Earth"
|
||||||
|
map=daymap-final.png
|
||||||
|
night_map=nightmap-final.png
|
||||||
|
cloud_map=clouds-final.png
|
||||||
|
cloud_threshold=10
|
||||||
|
shade=15
|
||||||
|
''}
|
||||||
|
|
||||||
|
xplanet --num_times 1 --geometry $xplanet_out_size \
|
||||||
|
--output xplanet-krebs-output.png --projection merc \
|
||||||
|
-config ${pkgs.writeText "xplanet-krebs.config" ''
|
||||||
|
[earth]
|
||||||
|
"Earth"
|
||||||
|
map=daymap-final.png
|
||||||
|
night_map=nightmap-final.png
|
||||||
|
cloud_map=clouds-final.png
|
||||||
|
cloud_threshold=10
|
||||||
|
marker_file=marker_file
|
||||||
|
shade=15
|
||||||
|
''}
|
||||||
|
|
||||||
|
# trim xplanet output
|
||||||
|
if needs_rebuild realwallpaper.png xplanet-output.png; then
|
||||||
|
convert xplanet-output.png -crop $out_geometry \
|
||||||
|
realwallpaper-tmp.png
|
||||||
|
mv realwallpaper-tmp.png realwallpaper.png
|
||||||
|
fi
|
||||||
|
|
||||||
|
if needs_rebuild realwallpaper-krebs.png xplanet-krebs-output.png; then
|
||||||
|
convert xplanet-krebs-output.png -crop $out_geometry \
|
||||||
|
realwallpaper-krebs-tmp.png
|
||||||
|
mv realwallpaper-krebs-tmp.png realwallpaper-krebs.png
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
main "$@"
|
||||||
|
''
|
|
@ -1,7 +1,7 @@
|
||||||
{
|
{
|
||||||
"url": "https://github.com/NixOS/nixpkgs-channels",
|
"url": "https://github.com/NixOS/nixpkgs-channels",
|
||||||
"rev": "3140fa89c51233397f496f49014f6b23216667c2",
|
"rev": "e1eedf29e5d22e6824e614d75449b75a2e3455d6",
|
||||||
"date": "2019-12-05T01:28:43+01:00",
|
"date": "2020-01-07T12:32:18+01:00",
|
||||||
"sha256": "18p0d5lnfvzsyfah02mf6bi249990pfwnylwhqdh8qi70ncrk3f8",
|
"sha256": "1v237cgfkd8sb5f1r08sms1rxygjav8a1i1jjjxyqgiszzpiwdx7",
|
||||||
"fetchSubmodules": false
|
"fetchSubmodules": false
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
{
|
{
|
||||||
"url": "https://github.com/NixOS/nixpkgs-channels",
|
"url": "https://github.com/NixOS/nixpkgs-channels",
|
||||||
"rev": "45ea60922036b7be302b95d107595f6eb5cd0675",
|
"rev": "caad1a78c47cc9f2c8bd4d0785a07c62e98c03c9",
|
||||||
"date": "2019-12-10T12:38:05+01:00",
|
"date": "2020-01-09T17:49:36+01:00",
|
||||||
"sha256": "11wm7af6ab2979z8yrpcprb6d99kbrjq44a48ayi4a7c58a2xb6q",
|
"sha256": "1nk7a1vz0kzdwh36qdj73fkv9nnjylk8q8rrsgls4rbr3pxz7801",
|
||||||
"fetchSubmodules": false
|
"fetchSubmodules": false
|
||||||
}
|
}
|
||||||
|
|
|
@ -21,13 +21,9 @@
|
||||||
source /grub/autoiso.cfg
|
source /grub/autoiso.cfg
|
||||||
}
|
}
|
||||||
'';
|
'';
|
||||||
extraFiles."/grub/autoiso.cfg" = (pkgs.stdenv.mkDerivation {
|
extraFiles."/grub/autoiso.cfg" = "${pkgs.grub2.src}/docs/autoiso.cfg";
|
||||||
name = "autoiso.cfg";
|
|
||||||
src = pkgs.grub2.src;
|
|
||||||
phases = [ "unpackPhase" "installPhase" ];
|
|
||||||
installPhase = ''
|
|
||||||
cp docs/autoiso.cfg $out
|
|
||||||
'';
|
|
||||||
});
|
|
||||||
};
|
};
|
||||||
|
|
||||||
|
services.logind.lidSwitch = "ignore";
|
||||||
|
services.logind.lidSwitchDocked = "ignore";
|
||||||
}
|
}
|
||||||
|
|
|
@ -20,6 +20,7 @@ with import <stockholm/lib>;
|
||||||
<stockholm/lass/2configs/nfs-dl.nix>
|
<stockholm/lass/2configs/nfs-dl.nix>
|
||||||
#<stockholm/lass/2configs/prism-share.nix>
|
#<stockholm/lass/2configs/prism-share.nix>
|
||||||
<stockholm/lass/2configs/ssh-cryptsetup.nix>
|
<stockholm/lass/2configs/ssh-cryptsetup.nix>
|
||||||
|
<stockholm/lass/2configs/network-manager.nix>
|
||||||
];
|
];
|
||||||
|
|
||||||
#media center
|
#media center
|
||||||
|
|
|
@ -1,22 +1,53 @@
|
||||||
|
{ config, lib, pkgs, ... }:
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
./config.nix
|
./config.nix
|
||||||
<stockholm/lass/2configs/hw/x220.nix>
|
#<stockholm/lass/2configs/hw/x220.nix>
|
||||||
<stockholm/lass/2configs/boot/coreboot.nix>
|
#<stockholm/lass/2configs/boot/universal.nix>
|
||||||
|
<nixpkgs/nixos/modules/installer/scan/not-detected.nix>
|
||||||
|
<stockholm/krebs/2configs/hw/x220.nix>
|
||||||
];
|
];
|
||||||
|
|
||||||
fileSystems = {
|
boot.loader.grub.enable = true;
|
||||||
"/bku" = {
|
boot.loader.grub.version = 2;
|
||||||
device = "/dev/mapper/pool-bku";
|
boot.loader.grub.efiSupport = true;
|
||||||
fsType = "btrfs";
|
boot.loader.grub.efiInstallAsRemovable = true;
|
||||||
options = ["defaults" "noatime" "ssd" "compress=lzo"];
|
boot.loader.grub.device = "/dev/disk/by-id/wwn-0x5002538d702f5ac6";
|
||||||
|
boot.initrd.luks.devices.ssd.device = "/dev/disk/by-id/wwn-0x5002538d702f5ac6-part3";
|
||||||
|
|
||||||
|
boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" "xhci_pci" "sd_mod" "sdhci_pci" ];
|
||||||
|
boot.initrd.kernelModules = [ "dm-snapshot" ];
|
||||||
|
boot.kernelModules = [ "kvm-intel" ];
|
||||||
|
boot.extraModulePackages = [ ];
|
||||||
|
|
||||||
|
fileSystems."/" = {
|
||||||
|
device = "/dev/disk/by-uuid/298eb635-8db2-4c15-a73d-2e0d6afa10e8";
|
||||||
|
fsType = "xfs";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
fileSystems."/home" = {
|
||||||
|
device = "/dev/disk/by-uuid/eec94bef-e745-4d95-ad17-4df728f5fd31";
|
||||||
|
fsType = "xfs";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
fileSystems."/boot" = {
|
||||||
|
device = "/dev/disk/by-uuid/D975-2CAB";
|
||||||
|
fsType = "vfat";
|
||||||
|
};
|
||||||
|
|
||||||
|
swapDevices = [ ];
|
||||||
|
|
||||||
|
nix.maxJobs = lib.mkDefault 4;
|
||||||
|
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
||||||
|
|
||||||
services.udev.extraRules = ''
|
services.udev.extraRules = ''
|
||||||
SUBSYSTEM=="net", ATTR{address}=="00:24:d7:f0:a0:0c", NAME="wl0"
|
SUBSYSTEM=="net", ATTR{address}=="00:24:d7:f0:a0:0c", NAME="wl0"
|
||||||
SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:71:cb:35", NAME="et0"
|
SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:71:cb:35", NAME="et0"
|
||||||
'';
|
'';
|
||||||
|
|
||||||
services.thinkfan.enable = true;
|
services.thinkfan.enable = true;
|
||||||
|
|
||||||
|
services.logind.lidSwitch = "ignore";
|
||||||
|
services.logind.lidSwitchDocked = "ignore";
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,193 +0,0 @@
|
||||||
{ config, pkgs, ... }:
|
|
||||||
|
|
||||||
with import <stockholm/lib>;
|
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
<nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix>
|
|
||||||
<stockholm/krebs>
|
|
||||||
<stockholm/lass/3modules>
|
|
||||||
<stockholm/lass/2configs/mc.nix>
|
|
||||||
<stockholm/lass/2configs/vim.nix>
|
|
||||||
{
|
|
||||||
# /dev/stderr doesn't work. I don't know why
|
|
||||||
# /proc/self doesn't seem to work correctly
|
|
||||||
# /dev/pts is empty except for 1 file
|
|
||||||
# my life sucks
|
|
||||||
nixpkgs.config.packageOverrides = super: {
|
|
||||||
irc-announce = super.callPackage <stockholm/krebs/5pkgs/simple/irc-announce> {
|
|
||||||
pkgs = pkgs // {
|
|
||||||
coreutils = pkgs.symlinkJoin {
|
|
||||||
name = "coreutils-hack";
|
|
||||||
paths = [
|
|
||||||
(pkgs.writeDashBin "tee" ''
|
|
||||||
if test "$1" = /dev/stderr; then
|
|
||||||
while read -r line; do
|
|
||||||
echo "$line"
|
|
||||||
echo "$line" >&2
|
|
||||||
done
|
|
||||||
else
|
|
||||||
${super.coreutils}/bin/tee "$@"
|
|
||||||
fi
|
|
||||||
'')
|
|
||||||
pkgs.coreutils
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
boot.kernelParams = [ "copytoram" ];
|
|
||||||
networking.hostName = "lass-iso";
|
|
||||||
}
|
|
||||||
{
|
|
||||||
nixpkgs.config.packageOverrides = import <stockholm/lass/5pkgs> pkgs;
|
|
||||||
krebs.enable = true;
|
|
||||||
krebs.build.user = config.krebs.users.lass;
|
|
||||||
krebs.build.host = {};
|
|
||||||
}
|
|
||||||
{
|
|
||||||
nixpkgs.config.allowUnfree = true;
|
|
||||||
}
|
|
||||||
{
|
|
||||||
users.extraUsers = {
|
|
||||||
root = {
|
|
||||||
openssh.authorizedKeys.keys = [
|
|
||||||
config.krebs.users.lass.pubkey
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
||||||
{
|
|
||||||
environment.extraInit = ''
|
|
||||||
EDITOR=vim
|
|
||||||
'';
|
|
||||||
}
|
|
||||||
{
|
|
||||||
environment.systemPackages = with pkgs; [
|
|
||||||
#stockholm
|
|
||||||
git
|
|
||||||
gnumake
|
|
||||||
jq
|
|
||||||
parallel
|
|
||||||
proot
|
|
||||||
populate
|
|
||||||
|
|
||||||
#style
|
|
||||||
most
|
|
||||||
rxvt_unicode.terminfo
|
|
||||||
|
|
||||||
#monitoring tools
|
|
||||||
htop
|
|
||||||
iotop
|
|
||||||
|
|
||||||
#network
|
|
||||||
iptables
|
|
||||||
iftop
|
|
||||||
|
|
||||||
#stuff for dl
|
|
||||||
aria2
|
|
||||||
|
|
||||||
#neat utils
|
|
||||||
hashPassword
|
|
||||||
krebspaste
|
|
||||||
pciutils
|
|
||||||
pop
|
|
||||||
psmisc
|
|
||||||
q
|
|
||||||
rs
|
|
||||||
tmux
|
|
||||||
untilport
|
|
||||||
usbutils
|
|
||||||
|
|
||||||
#unpack stuff
|
|
||||||
p7zip
|
|
||||||
unzip
|
|
||||||
unrar
|
|
||||||
|
|
||||||
#data recovery
|
|
||||||
ddrescue
|
|
||||||
ntfs3g
|
|
||||||
dosfstools
|
|
||||||
];
|
|
||||||
}
|
|
||||||
{
|
|
||||||
programs.bash = {
|
|
||||||
enableCompletion = true;
|
|
||||||
interactiveShellInit = ''
|
|
||||||
HISTCONTROL='erasedups:ignorespace'
|
|
||||||
HISTSIZE=65536
|
|
||||||
HISTFILESIZE=$HISTSIZE
|
|
||||||
|
|
||||||
shopt -s checkhash
|
|
||||||
shopt -s histappend histreedit histverify
|
|
||||||
shopt -s no_empty_cmd_completion
|
|
||||||
complete -d cd
|
|
||||||
'';
|
|
||||||
promptInit = ''
|
|
||||||
if test $UID = 0; then
|
|
||||||
PS1='\[\033[1;31m\]\w\[\033[0m\] '
|
|
||||||
PROMPT_COMMAND='echo -ne "\033]0;$$ $USER@$PWD\007"'
|
|
||||||
elif test $UID = 1337; then
|
|
||||||
PS1='\[\033[1;32m\]\w\[\033[0m\] '
|
|
||||||
PROMPT_COMMAND='echo -ne "\033]0;$$ $PWD\007"'
|
|
||||||
else
|
|
||||||
PS1='\[\033[1;33m\]\u@\w\[\033[0m\] '
|
|
||||||
PROMPT_COMMAND='echo -ne "\033]0;$$ $USER@$PWD\007"'
|
|
||||||
fi
|
|
||||||
if test -n "$SSH_CLIENT"; then
|
|
||||||
PS1='\[\033[35m\]\h'" $PS1"
|
|
||||||
PROMPT_COMMAND='echo -ne "\033]0;$$ $HOSTNAME $USER@$PWD\007"'
|
|
||||||
fi
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
}
|
|
||||||
{
|
|
||||||
services.openssh = {
|
|
||||||
enable = true;
|
|
||||||
hostKeys = [
|
|
||||||
# XXX bits here make no science
|
|
||||||
{ bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
|
|
||||||
];
|
|
||||||
};
|
|
||||||
systemd.services.sshd.wantedBy = mkForce [ "multi-user.target" ];
|
|
||||||
}
|
|
||||||
{
|
|
||||||
networking.firewall = {
|
|
||||||
enable = true;
|
|
||||||
allowedTCPPorts = [ 22 ];
|
|
||||||
};
|
|
||||||
}
|
|
||||||
{
|
|
||||||
krebs.hidden-ssh.enable = true;
|
|
||||||
}
|
|
||||||
{
|
|
||||||
services.xserver = {
|
|
||||||
enable = true;
|
|
||||||
#videoDrivers = mkForce [ "ati_unfree" ];
|
|
||||||
|
|
||||||
desktopManager.xterm.enable = false;
|
|
||||||
desktopManager.default = "none";
|
|
||||||
displayManager.lightdm.enable = true;
|
|
||||||
displayManager.lightdm.autoLogin = {
|
|
||||||
enable = true;
|
|
||||||
user = "lass";
|
|
||||||
};
|
|
||||||
windowManager.default = "xmonad";
|
|
||||||
windowManager.session = let
|
|
||||||
xmonad-lass = pkgs.callPackage <stockholm/lass/5pkgs/custom/xmonad-lass> { inherit config; };
|
|
||||||
in [{
|
|
||||||
name = "xmonad";
|
|
||||||
start = ''
|
|
||||||
${pkgs.xorg.xhost}/bin/xhost +LOCAL:
|
|
||||||
${xmonad-lass}/bin/xmonad &
|
|
||||||
waitPID=$!
|
|
||||||
'';
|
|
||||||
}];
|
|
||||||
|
|
||||||
layout = "us";
|
|
||||||
xkbModel = "evdev";
|
|
||||||
xkbVariant = "altgr-intl";
|
|
||||||
xkbOptions = "caps:backspace";
|
|
||||||
};
|
|
||||||
}
|
|
||||||
];
|
|
||||||
}
|
|
211
lass/1systems/iso/default.nix
Normal file
211
lass/1systems/iso/default.nix
Normal file
|
@ -0,0 +1,211 @@
|
||||||
|
{ config, pkgs, ... }:
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
|
||||||
|
let
|
||||||
|
|
||||||
|
wizard = pkgs.writers.writeBash "wizard" ''
|
||||||
|
shopt -s extglob
|
||||||
|
|
||||||
|
echo -n '
|
||||||
|
welcome to the computer wizard
|
||||||
|
first we will check for internet connectivity
|
||||||
|
(press enter to continue)
|
||||||
|
'
|
||||||
|
read -n 1 -s
|
||||||
|
if ! ping -c1 lassul.us; then
|
||||||
|
echo 'no internet detectio, you will have to provide credentials'
|
||||||
|
read -n 1 -s
|
||||||
|
nmtui
|
||||||
|
fi
|
||||||
|
|
||||||
|
# ping -c1 lassuls.us || ${pkgs.writeDash "nm-dmenu" ''
|
||||||
|
# set -x
|
||||||
|
# export PATH=$PATH:${pkgs.dmenu}/bin:${pkgs.networkmanagerapplet}/bin
|
||||||
|
# exec ${pkgs.networkmanager_dmenu}/bin/networkmanager_dmenu "$@"
|
||||||
|
# ''}
|
||||||
|
|
||||||
|
mode=$(echo -n '
|
||||||
|
1. help of the wizard
|
||||||
|
2. let the wizard watch and help if needed
|
||||||
|
3. I will do it alone
|
||||||
|
' | ${pkgs.fzf}/bin/fzf --reverse)
|
||||||
|
case "$mode" in
|
||||||
|
1*)
|
||||||
|
echo 'mode_1' > /tmp/mode
|
||||||
|
systemctl start hidden-ssh-announce.service
|
||||||
|
tmux new -s help
|
||||||
|
;;
|
||||||
|
2*)
|
||||||
|
echo 'mode_2' > /tmp/mode
|
||||||
|
;;
|
||||||
|
3*)
|
||||||
|
echo 'mode_3' > /tmp/mode
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo 'no mode selected'
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
'';
|
||||||
|
|
||||||
|
in {
|
||||||
|
imports = [
|
||||||
|
<stockholm/krebs>
|
||||||
|
<stockholm/lass/3modules>
|
||||||
|
<stockholm/lass/2configs/vim.nix>
|
||||||
|
{
|
||||||
|
nixpkgs.config.packageOverrides = import <stockholm/lass/5pkgs> pkgs;
|
||||||
|
krebs.enable = true;
|
||||||
|
krebs.build.user = config.krebs.users.lass;
|
||||||
|
krebs.build.host = {};
|
||||||
|
}
|
||||||
|
# {
|
||||||
|
# systemd.services.wizard = {
|
||||||
|
# description = "Computer Wizard";
|
||||||
|
# wantedBy = [ "multi-user.target" ];
|
||||||
|
# serviceConfig = {
|
||||||
|
# ExecStart = pkgs.writers.writeDash "wizard" ''
|
||||||
|
# set -efu
|
||||||
|
# cat <<EOF
|
||||||
|
# welcome to the computer wizard
|
||||||
|
# you can choose between the following modes
|
||||||
|
# echo -n '1\n2\n3' | ${pkgs.fzf}/bin/fzf
|
||||||
|
# EOF
|
||||||
|
# '';
|
||||||
|
# StandardInput = "tty";
|
||||||
|
# StandardOutput = "tty";
|
||||||
|
# # TTYPath = "/dev/tty1";
|
||||||
|
# TTYPath = "/dev/ttyS0";
|
||||||
|
# TTYReset = true;
|
||||||
|
# TTYVTDisallocate = true;
|
||||||
|
# Restart = "always";
|
||||||
|
# };
|
||||||
|
# };
|
||||||
|
# }
|
||||||
|
];
|
||||||
|
|
||||||
|
networking.hostName = "wizard";
|
||||||
|
nixpkgs.config.allowUnfree = true;
|
||||||
|
|
||||||
|
users.extraUsers = {
|
||||||
|
root = {
|
||||||
|
openssh.authorizedKeys.keys = [
|
||||||
|
config.krebs.users.lass.pubkey
|
||||||
|
config.krebs.users.lass-mors.pubkey
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
#stockholm
|
||||||
|
git
|
||||||
|
gnumake
|
||||||
|
jq
|
||||||
|
parallel
|
||||||
|
proot
|
||||||
|
populate
|
||||||
|
|
||||||
|
#style
|
||||||
|
most
|
||||||
|
rxvt_unicode.terminfo
|
||||||
|
|
||||||
|
#monitoring tools
|
||||||
|
htop
|
||||||
|
iotop
|
||||||
|
|
||||||
|
#network
|
||||||
|
iptables
|
||||||
|
iftop
|
||||||
|
|
||||||
|
#stuff for dl
|
||||||
|
aria2
|
||||||
|
|
||||||
|
#neat utils
|
||||||
|
dmenu
|
||||||
|
hashPassword
|
||||||
|
krebspaste
|
||||||
|
pciutils
|
||||||
|
pop
|
||||||
|
psmisc
|
||||||
|
q
|
||||||
|
rs
|
||||||
|
tmux
|
||||||
|
untilport
|
||||||
|
usbutils
|
||||||
|
|
||||||
|
#unpack stuff
|
||||||
|
p7zip
|
||||||
|
unzip
|
||||||
|
unrar
|
||||||
|
|
||||||
|
#data recovery
|
||||||
|
ddrescue
|
||||||
|
ntfs3g
|
||||||
|
dosfstools
|
||||||
|
];
|
||||||
|
|
||||||
|
environment.extraInit = ''
|
||||||
|
EDITOR=vim
|
||||||
|
'';
|
||||||
|
|
||||||
|
programs.bash = {
|
||||||
|
enableCompletion = true;
|
||||||
|
interactiveShellInit = ''
|
||||||
|
HISTCONTROL='erasedups:ignorespace'
|
||||||
|
HISTSIZE=65536
|
||||||
|
HISTFILESIZE=$HISTSIZE
|
||||||
|
|
||||||
|
shopt -s checkhash
|
||||||
|
shopt -s histappend histreedit histverify
|
||||||
|
shopt -s no_empty_cmd_completion
|
||||||
|
complete -d cd
|
||||||
|
'';
|
||||||
|
promptInit = ''
|
||||||
|
if test $UID = 0; then
|
||||||
|
PS1='\[\033[1;31m\]\w\[\033[0m\] '
|
||||||
|
PROMPT_COMMAND='echo -ne "\033]0;$$ $USER@$PWD\007"'
|
||||||
|
elif test $UID = 1337; then
|
||||||
|
PS1='\[\033[1;32m\]\w\[\033[0m\] '
|
||||||
|
PROMPT_COMMAND='echo -ne "\033]0;$$ $PWD\007"'
|
||||||
|
else
|
||||||
|
PS1='\[\033[1;33m\]\u@\w\[\033[0m\] '
|
||||||
|
PROMPT_COMMAND='echo -ne "\033]0;$$ $USER@$PWD\007"'
|
||||||
|
fi
|
||||||
|
if test -n "$SSH_CLIENT"; then
|
||||||
|
PS1='\[\033[35m\]\h'" $PS1"
|
||||||
|
PROMPT_COMMAND='echo -ne "\033]0;$$ $HOSTNAME $USER@$PWD\007"'
|
||||||
|
fi
|
||||||
|
if ! test -e /tmp/mode; then
|
||||||
|
${wizard}
|
||||||
|
fi
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
services.openssh.enable = true;
|
||||||
|
systemd.services.sshd.wantedBy = mkForce [ "multi-user.target" ];
|
||||||
|
|
||||||
|
networking.firewall = {
|
||||||
|
enable = true;
|
||||||
|
allowedTCPPorts = [ 22 ];
|
||||||
|
};
|
||||||
|
networking.networkmanager.enable = true;
|
||||||
|
networking.wireless.enable = mkForce false;
|
||||||
|
|
||||||
|
krebs.hidden-ssh = {
|
||||||
|
enable = true;
|
||||||
|
channel = "##lassulus-wizard";
|
||||||
|
|
||||||
|
};
|
||||||
|
systemd.services.hidden-ssh-announce.wantedBy = mkForce [];
|
||||||
|
services.mingetty.autologinUser = "root";
|
||||||
|
|
||||||
|
nixpkgs.config.packageOverrides = super: {
|
||||||
|
dmenu = pkgs.writeDashBin "dmenu" ''
|
||||||
|
${pkgs.fzf}/bin/fzf \
|
||||||
|
--history=/dev/null \
|
||||||
|
--print-query \
|
||||||
|
--prompt=\"$PROMPT\"
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
boot.tmpOnTmpfs = true;
|
||||||
|
}
|
7
lass/1systems/iso/generate-iso.sh
Executable file
7
lass/1systems/iso/generate-iso.sh
Executable file
|
@ -0,0 +1,7 @@
|
||||||
|
#!/usr/bin/env nix-shell
|
||||||
|
#! nix-shell -i bash -p nixos-generators
|
||||||
|
|
||||||
|
set -xefu
|
||||||
|
|
||||||
|
WD=$(dirname "$0")
|
||||||
|
nixos-generate -I stockholm="$WD"/../../.. -c "$WD"/default.nix -f install-iso
|
|
@ -19,6 +19,7 @@ with import <stockholm/lib>;
|
||||||
<stockholm/lass/2configs/ssh-cryptsetup.nix>
|
<stockholm/lass/2configs/ssh-cryptsetup.nix>
|
||||||
<stockholm/lass/2configs/nfs-dl.nix>
|
<stockholm/lass/2configs/nfs-dl.nix>
|
||||||
<stockholm/lass/2configs/gg23.nix>
|
<stockholm/lass/2configs/gg23.nix>
|
||||||
|
<stockholm/lass/2configs/br.nix>
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.shodan;
|
krebs.build.host = config.krebs.hosts.shodan;
|
||||||
|
|
|
@ -5,40 +5,32 @@
|
||||||
<nixpkgs/nixos/modules/installer/scan/not-detected.nix>
|
<nixpkgs/nixos/modules/installer/scan/not-detected.nix>
|
||||||
];
|
];
|
||||||
|
|
||||||
boot.zfs.enableUnstable = true;
|
|
||||||
boot.loader.grub = {
|
boot.loader.grub = {
|
||||||
enable = true;
|
enable = true;
|
||||||
device = "/dev/sda";
|
device = "/dev/sda";
|
||||||
efiSupport = true;
|
efiSupport = true;
|
||||||
|
efiInstallAsRemovable = true;
|
||||||
};
|
};
|
||||||
boot.loader.efi.canTouchEfiVariables = true;
|
|
||||||
|
|
||||||
boot.blacklistedKernelModules = [
|
boot.blacklistedKernelModules = [
|
||||||
"sdhci_pci"
|
"sdhci_pci"
|
||||||
];
|
];
|
||||||
|
|
||||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "sd_mod" ];
|
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "sd_mod" ];
|
||||||
boot.initrd.kernelModules = [ ];
|
|
||||||
boot.initrd.luks.devices.crypted.device = "/dev/sda3";
|
boot.initrd.luks.devices.crypted.device = "/dev/sda3";
|
||||||
boot.kernelModules = [ "kvm-intel" ];
|
boot.kernelModules = [ "kvm-intel" ];
|
||||||
boot.extraModulePackages = [ ];
|
|
||||||
boot.kernelParams = [
|
boot.kernelParams = [
|
||||||
"fbcon=rotate:1"
|
"fbcon=rotate:1"
|
||||||
"boot.shell_on_fail"
|
"boot.shell_on_fail"
|
||||||
];
|
];
|
||||||
|
|
||||||
fileSystems."/" = {
|
fileSystems."/" = {
|
||||||
device = "rpool/root";
|
device = "/dev/disk/by-uuid/8efd0c22-f712-46bf-baad-1fbf19d9ec25";
|
||||||
fsType = "zfs";
|
fsType = "xfs";
|
||||||
};
|
|
||||||
|
|
||||||
fileSystems."/home" = {
|
|
||||||
device = "rpool/home";
|
|
||||||
fsType = "zfs";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems."/boot" = {
|
fileSystems."/boot" = {
|
||||||
device = "/dev/disk/by-uuid/E749-784C";
|
device = "/dev/disk/by-uuid/7F23-DDB4";
|
||||||
fsType = "vfat";
|
fsType = "vfat";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -74,7 +66,6 @@
|
||||||
services.xserver = {
|
services.xserver = {
|
||||||
videoDrivers = [ "intel" ];
|
videoDrivers = [ "intel" ];
|
||||||
displayManager.sessionCommands = ''
|
displayManager.sessionCommands = ''
|
||||||
echo nonono > /tmp/xxyy
|
|
||||||
(sleep 2 && ${pkgs.xorg.xrandr}/bin/xrandr --output eDP1 --rotate right)
|
(sleep 2 && ${pkgs.xorg.xrandr}/bin/xrandr --output eDP1 --rotate right)
|
||||||
(sleep 2 && ${pkgs.xorg.xinput}/bin/xinput set-prop "pointer:Goodix Capacitive TouchScreen" --type=float "Coordinate Transformation Matrix" 0 1 0 -1 0 1 0 0 1)
|
(sleep 2 && ${pkgs.xorg.xinput}/bin/xinput set-prop "pointer:Goodix Capacitive TouchScreen" --type=float "Coordinate Transformation Matrix" 0 1 0 -1 0 1 0 0 1)
|
||||||
'';
|
'';
|
||||||
|
|
|
@ -47,17 +47,6 @@ with import <stockholm/lib>;
|
||||||
};
|
};
|
||||||
virtualHosts.default = {
|
virtualHosts.default = {
|
||||||
default = true;
|
default = true;
|
||||||
locations."=/Nginx-Fancyindex-Theme-dark" = {
|
|
||||||
extraConfig = ''
|
|
||||||
alias ${pkgs.fetchFromGitHub {
|
|
||||||
owner = "Naereen";
|
|
||||||
repo = "Nginx-Fancyindex-Theme";
|
|
||||||
rev = "e84f7d6a32085c2b6238f85f5fdebe9ceb710fc4";
|
|
||||||
sha256 = "0wzl4ws2w8f0749vxfd1c8c21p3jw463wishgfcmaljbh4dwplg6";
|
|
||||||
}}/Nginx-Fancyindex-Theme-dark;
|
|
||||||
autoindex on;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
locations."/dl".extraConfig = ''
|
locations."/dl".extraConfig = ''
|
||||||
return 301 /;
|
return 301 /;
|
||||||
'';
|
'';
|
||||||
|
@ -65,8 +54,6 @@ with import <stockholm/lib>;
|
||||||
root = "/var/download/finished";
|
root = "/var/download/finished";
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
fancyindex on;
|
fancyindex on;
|
||||||
fancyindex_header "/Nginx-Fancyindex-Theme-dark/header.html";
|
|
||||||
fancyindex_footer "/Nginx-Fancyindex-Theme-dark/footer.html";
|
|
||||||
dav_methods PUT DELETE MKCOL COPY MOVE;
|
dav_methods PUT DELETE MKCOL COPY MOVE;
|
||||||
|
|
||||||
create_full_put_path on;
|
create_full_put_path on;
|
||||||
|
|
|
@ -11,14 +11,6 @@ with import <stockholm/lib>;
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTUWm/fISw/gbuHvf3kwxGEuk1aY5HrNNvr8QXCQv0khDdaYmZSELbtFQtE04WGTWmackNcLpld5mETVyCM0BjOgqMJYQNhtywxfYcodEY5xxHCuGgA3S1t94MZub+DRodXCfB0yUV85Wbb0sltkMTJufMwYmLEGxSLRukxAOcNsXdjlyro96csmYrIiV6R7+REnz8OcR7sKlI4tvKA1mbvWmjbDBd1MZ8Jc0Lwf+b0H/rH69wEQIcB5HRHHJIChoAk0t2azSjXagk1+4AebONZTCKvTHxs/D2wUBIzoxyjmh5S0aso/cKw8qpKcl/A2mZiIvW3KMlJAM5U+RQKMrr"
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTUWm/fISw/gbuHvf3kwxGEuk1aY5HrNNvr8QXCQv0khDdaYmZSELbtFQtE04WGTWmackNcLpld5mETVyCM0BjOgqMJYQNhtywxfYcodEY5xxHCuGgA3S1t94MZub+DRodXCfB0yUV85Wbb0sltkMTJufMwYmLEGxSLRukxAOcNsXdjlyro96csmYrIiV6R7+REnz8OcR7sKlI4tvKA1mbvWmjbDBd1MZ8Jc0Lwf+b0H/rH69wEQIcB5HRHHJIChoAk0t2azSjXagk1+4AebONZTCKvTHxs/D2wUBIzoxyjmh5S0aso/cKw8qpKcl/A2mZiIvW3KMlJAM5U+RQKMrr"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
krebs.exim-smarthost = {
|
|
||||||
internet-aliases = [
|
|
||||||
{ from = "*@slash16.net"; to = "ciko"; }
|
|
||||||
];
|
|
||||||
sender_domains = [
|
|
||||||
"slash16.net"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
system.activationScripts.user-shadow = ''
|
system.activationScripts.user-shadow = ''
|
||||||
${pkgs.coreutils}/bin/chmod +x /home/ciko
|
${pkgs.coreutils}/bin/chmod +x /home/ciko
|
||||||
|
|
|
@ -96,9 +96,6 @@ with import <stockholm/lib>;
|
||||||
git
|
git
|
||||||
gnumake
|
gnumake
|
||||||
jq
|
jq
|
||||||
parallel
|
|
||||||
proot
|
|
||||||
populate
|
|
||||||
|
|
||||||
#style
|
#style
|
||||||
most
|
most
|
||||||
|
@ -118,6 +115,7 @@ with import <stockholm/lib>;
|
||||||
|
|
||||||
#neat utils
|
#neat utils
|
||||||
file
|
file
|
||||||
|
hashPassword
|
||||||
kpaste
|
kpaste
|
||||||
krebspaste
|
krebspaste
|
||||||
mosh
|
mosh
|
||||||
|
|
|
@ -1,8 +1,110 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{ config, lib, pkgs, ... }: with import <stockholm/lib>; let
|
||||||
|
|
||||||
with import <stockholm/lib>;
|
to = concatStringsSep "," [
|
||||||
|
"lass@blue.r"
|
||||||
|
"lass@xerxes.r"
|
||||||
|
"lass@mors.r"
|
||||||
|
];
|
||||||
|
|
||||||
{
|
mails = [
|
||||||
|
"postmaster@lassul.us"
|
||||||
|
"lass@lassul.us"
|
||||||
|
"lassulus@lassul.us"
|
||||||
|
"test@lassul.us"
|
||||||
|
"outlook@lassul.us"
|
||||||
|
"steuer@aidsballs.de"
|
||||||
|
"lass@aidsballs.de"
|
||||||
|
"wordpress@ubikmedia.de"
|
||||||
|
"finanzamt@lassul.us"
|
||||||
|
"netzclub@lassul.us"
|
||||||
|
"nebenan@lassul.us"
|
||||||
|
"feed@lassul.us"
|
||||||
|
"art@lassul.us"
|
||||||
|
"irgendwas@lassul.us"
|
||||||
|
"polo@lassul.us"
|
||||||
|
"shack@lassul.us"
|
||||||
|
"nix@lassul.us"
|
||||||
|
"c-base@lassul.us"
|
||||||
|
"paypal@lassul.us"
|
||||||
|
"patreon@lassul.us"
|
||||||
|
"steam@lassul.us"
|
||||||
|
"securityfocus@lassul.us"
|
||||||
|
"radio@lassul.us"
|
||||||
|
"btce@lassul.us"
|
||||||
|
"raf@lassul.us"
|
||||||
|
"apple@lassul.us"
|
||||||
|
"coinbase@lassul.us"
|
||||||
|
"tomtop@lassul.us"
|
||||||
|
"aliexpress@lassul.us"
|
||||||
|
"business@lassul.us"
|
||||||
|
"payeer@lassul.us"
|
||||||
|
"github@lassul.us"
|
||||||
|
"bitwala@lassul.us"
|
||||||
|
"bitstamp@lassul.us"
|
||||||
|
"bitcoin.de@lassul.us"
|
||||||
|
"ableton@lassul.us"
|
||||||
|
"dhl@lassul.us"
|
||||||
|
"sipgate@lassul.us"
|
||||||
|
"coinexchange@lassul.us"
|
||||||
|
"verwaltung@lassul.us"
|
||||||
|
"gearbest@lassul.us"
|
||||||
|
"binance@lassul.us"
|
||||||
|
"bitfinex@lassul.us"
|
||||||
|
"alternate@lassul.us"
|
||||||
|
"redacted@lassul.us"
|
||||||
|
"mytaxi@lassul.us"
|
||||||
|
"pizza@lassul.us"
|
||||||
|
"robinhood@lassul.us"
|
||||||
|
"drivenow@lassul.us"
|
||||||
|
"aws@lassul.us"
|
||||||
|
"reddit@lassul.us"
|
||||||
|
"banggood@lassul.us"
|
||||||
|
"immoscout@lassul.us"
|
||||||
|
"gmail@lassul.us"
|
||||||
|
"amazon@lassul.us"
|
||||||
|
"humblebundle@lassul.us"
|
||||||
|
"meetup@lassul.us"
|
||||||
|
"gebfrei@lassul.us"
|
||||||
|
"github@lassul.us"
|
||||||
|
"ovh@lassul.us"
|
||||||
|
"hetzner@lassul.us"
|
||||||
|
"allygator@lassul.us"
|
||||||
|
"immoscout@lassul.us"
|
||||||
|
"elitedangerous@lassul.us"
|
||||||
|
"boardgamegeek@lassul.us"
|
||||||
|
"qwertee@lassul.us"
|
||||||
|
"zazzle@lassul.us"
|
||||||
|
"hackbeach@lassul.us"
|
||||||
|
"transferwise@lassul.us"
|
||||||
|
"cis@lassul.us"
|
||||||
|
"afra@lassul.us"
|
||||||
|
"ksp@lassul.us"
|
||||||
|
"ccc@lassul.us"
|
||||||
|
"neocron@lassul.us"
|
||||||
|
"osmocom@lassul.us"
|
||||||
|
"lesswrong@lassul.us"
|
||||||
|
"nordvpn@lassul.us"
|
||||||
|
"csv-direct@lassul.us"
|
||||||
|
"nintendo@lassul.us"
|
||||||
|
"overleaf@lassul.us"
|
||||||
|
"box@lassul.us"
|
||||||
|
"paloalto@lassul.us"
|
||||||
|
"subtitles@lassul.us"
|
||||||
|
"lobsters@lassul.us"
|
||||||
|
"fysitech@lassul.us"
|
||||||
|
"threema@lassul.us"
|
||||||
|
"ubisoft@lassul.us"
|
||||||
|
"kottezeller@lassul.us"
|
||||||
|
"pie@lassul.us"
|
||||||
|
"vebit@lassul.us"
|
||||||
|
"vcvrack@lassul.us"
|
||||||
|
"epic@lassul.us"
|
||||||
|
"microsoft@lassul.us"
|
||||||
|
"stickers@lassul.us"
|
||||||
|
"nextbike@lassul.us"
|
||||||
|
];
|
||||||
|
|
||||||
|
in {
|
||||||
krebs.exim-smarthost = {
|
krebs.exim-smarthost = {
|
||||||
enable = true;
|
enable = true;
|
||||||
dkim = [
|
dkim = [
|
||||||
|
@ -17,101 +119,7 @@ with import <stockholm/lib>;
|
||||||
config.krebs.hosts.blue
|
config.krebs.hosts.blue
|
||||||
config.krebs.hosts.xerxes
|
config.krebs.hosts.xerxes
|
||||||
];
|
];
|
||||||
internet-aliases = with config.krebs.users; [
|
internet-aliases = map (from: { inherit from to; }) mails;
|
||||||
{ from = "postmaster@lassul.us"; to = lass.mail; } # RFC 822
|
|
||||||
{ from = "lass@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "lassulus@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "test@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "outlook@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "steuer@aidsballs.de"; to = lass.mail; }
|
|
||||||
{ from = "lass@aidsballs.de"; to = lass.mail; }
|
|
||||||
{ from = "wordpress@ubikmedia.de"; to = lass.mail; }
|
|
||||||
{ from = "finanzamt@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "netzclub@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "nebenan@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "feed@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "art@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "irgendwas@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "polo@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "shack@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "nix@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "c-base@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "paypal@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "patreon@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "steam@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "securityfocus@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "radio@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "btce@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "raf@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "apple@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "coinbase@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "tomtop@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "aliexpress@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "business@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "payeer@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "github@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "bitwala@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "bitstamp@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "bitcoin.de@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "ableton@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "dhl@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "sipgate@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "coinexchange@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "verwaltung@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "gearbest@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "binance@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "bitfinex@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "alternate@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "redacted@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "mytaxi@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "pizza@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "robinhood@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "drivenow@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "aws@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "reddit@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "banggood@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "immoscout@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "gmail@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "amazon@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "humblebundle@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "meetup@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "gebfrei@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "github@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "ovh@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "hetzner@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "allygator@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "immoscout@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "elitedangerous@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "boardgamegeek@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "qwertee@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "zazzle@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "hackbeach@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "transferwise@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "cis@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "afra@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "ksp@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "ccc@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "neocron@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "osmocom@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "lesswrong@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "nordvpn@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "csv-direct@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "nintendo@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "overleaf@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "box@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "paloalto@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "subtitles@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "lobsters@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "fysitech@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "threema@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "ubisoft@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "kottezeller@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "pie@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "vebit@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "vcvrack@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "epic@lassul.us"; to = lass.mail; }
|
|
||||||
{ from = "microsoft@lassul.us"; to = lass.mail; }
|
|
||||||
];
|
|
||||||
system-aliases = [
|
system-aliases = [
|
||||||
{ from = "mailer-daemon"; to = "postmaster"; }
|
{ from = "mailer-daemon"; to = "postmaster"; }
|
||||||
{ from = "postmaster"; to = "root"; }
|
{ from = "postmaster"; to = "root"; }
|
||||||
|
|
|
@ -75,7 +75,6 @@ with import <stockholm/lib>;
|
||||||
in {
|
in {
|
||||||
enable = true;
|
enable = true;
|
||||||
package = pkgs.home-assistant.override {
|
package = pkgs.home-assistant.override {
|
||||||
python3 = pkgs.python36;
|
|
||||||
#extraComponents = [
|
#extraComponents = [
|
||||||
# (pkgs.fetchgit {
|
# (pkgs.fetchgit {
|
||||||
# url = "https://github.com/marcschumacher/dwd_pollen";
|
# url = "https://github.com/marcschumacher/dwd_pollen";
|
||||||
|
|
|
@ -14,7 +14,7 @@ let
|
||||||
port 465
|
port 465
|
||||||
tls on
|
tls on
|
||||||
tls_starttls off
|
tls_starttls off
|
||||||
tls_fingerprint 8C:10:A6:AB:1F:82:C4:8F:B1:B4:22:D5:8B:8B:49:9B:59:0B:22:A4
|
tls_fingerprint 9C:82:3B:0F:31:CE:1B:8E:96:00:CC:C9:FF:E7:BE:66:95:92:4F:22:DD:D6:2E:0E:1D:90:76:BE:8E:9E:8E:16
|
||||||
auth on
|
auth on
|
||||||
user lassulus
|
user lassulus
|
||||||
passwordeval pass show c-base/pass
|
passwordeval pass show c-base/pass
|
||||||
|
@ -217,7 +217,7 @@ let
|
||||||
name = "mutt";
|
name = "mutt";
|
||||||
paths = [
|
paths = [
|
||||||
(pkgs.writeDashBin "mutt" ''
|
(pkgs.writeDashBin "mutt" ''
|
||||||
exec ${pkgs.neomutt}/bin/neomutt -F ${muttrc} $@
|
exec ${pkgs.neomutt}/bin/neomutt -F ${muttrc} "$@"
|
||||||
'')
|
'')
|
||||||
pkgs.neomutt
|
pkgs.neomutt
|
||||||
];
|
];
|
||||||
|
|
|
@ -228,6 +228,9 @@ let
|
||||||
shell/i/.divx
|
shell/i/.divx
|
||||||
Include=video
|
Include=video
|
||||||
|
|
||||||
|
shell/i/.rmvb
|
||||||
|
Include=video
|
||||||
|
|
||||||
shell/i/.mkv
|
shell/i/.mkv
|
||||||
Include=video
|
Include=video
|
||||||
|
|
||||||
|
|
|
@ -10,7 +10,9 @@ with import <stockholm/lib>;
|
||||||
proxy_pass http://localhost:9081;
|
proxy_pass http://localhost:9081;
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
services.nginx.virtualHosts.paste-readonly = {
|
services.nginx.virtualHosts."p.krebsco.de" = {
|
||||||
|
enableACME = true;
|
||||||
|
addSSL = true;
|
||||||
serverAliases = [ "p.krebsco.de" ];
|
serverAliases = [ "p.krebsco.de" ];
|
||||||
locations."/".extraConfig = ''
|
locations."/".extraConfig = ''
|
||||||
if ($request_method != GET) {
|
if ($request_method != GET) {
|
||||||
|
|
|
@ -11,6 +11,7 @@
|
||||||
#
|
#
|
||||||
##TODO: make steam module
|
##TODO: make steam module
|
||||||
nixpkgs.config.steam.java = true;
|
nixpkgs.config.steam.java = true;
|
||||||
|
hardware.opengl.extraPackages32 = with pkgs.pkgsi686Linux; [ libva ];
|
||||||
|
|
||||||
users.users.games.packages = [ pkgs.steam ];
|
users.users.games.packages = [ pkgs.steam ];
|
||||||
|
|
||||||
|
|
|
@ -5,19 +5,18 @@ with import <stockholm/lib>;
|
||||||
services.urxvtd.enable = true;
|
services.urxvtd.enable = true;
|
||||||
|
|
||||||
krebs.xresources.resources.urxvt = ''
|
krebs.xresources.resources.urxvt = ''
|
||||||
URxvt.saveLines: 100000
|
URxvt.saveLines: 10000
|
||||||
URxvt*scrollBar: false
|
URxvt.scrollBar: false
|
||||||
URxvt*urgentOnBell: true
|
URxvt.urgentOnBell: true
|
||||||
URxvt.perl-ext-common: default,clipboard,url-select,keyboard-select
|
URxvt.perl-ext: default,matcher
|
||||||
|
|
||||||
${optionalString (hasAttr "browser" config.lass)
|
URxvt.url-launcher: /run/current-system/sw/bin/browser-select
|
||||||
"URxvt.url-select.launcher: ${config.lass.browser.select}/bin/browser-select"
|
URxvt.matcher.pattern.1: \\bwww\\.[\\w-]+\\.[\\w./?&@#-]*[\\w/-]
|
||||||
}
|
|
||||||
|
|
||||||
URxvt.url-select.underline: true
|
|
||||||
URxvt.keysym.M-u: perl:url-select:select_next
|
|
||||||
URxvt.keysym.M-Escape: perl:keyboard-select:activate
|
URxvt.keysym.M-Escape: perl:keyboard-select:activate
|
||||||
URxvt.keysym.M-s: perl:keyboard-select:search
|
URxvt.keysym.M-s: perl:keyboard-select:search
|
||||||
|
URxvt.keysym.M-u: matcher:select
|
||||||
|
URxvt.keysym.M-i: matcher:list
|
||||||
|
|
||||||
URxvt.keysym.M-F1: command:\033]710;${config.lass.fonts.regular}\007\033]711;${config.lass.fonts.bold}\007
|
URxvt.keysym.M-F1: command:\033]710;${config.lass.fonts.regular}\007\033]711;${config.lass.fonts.bold}\007
|
||||||
URxvt.keysym.M-F2: command:\033]710;xft:Monospace:size=12\007\033]711;xft:Monospace:size=15:bold\007
|
URxvt.keysym.M-F2: command:\033]710;xft:Monospace:size=12\007\033]711;xft:Monospace:size=15:bold\007
|
||||||
|
|
|
@ -25,6 +25,7 @@ in {
|
||||||
imports = [
|
imports = [
|
||||||
./default.nix
|
./default.nix
|
||||||
./sqlBackup.nix
|
./sqlBackup.nix
|
||||||
|
(servePage [ "aldonasiech.com" "www.aldonasiech.com" ])
|
||||||
(servePage [ "reich-gebaeudereinigung.de" "www.reich-gebaeudereinigung.de" ])
|
(servePage [ "reich-gebaeudereinigung.de" "www.reich-gebaeudereinigung.de" ])
|
||||||
(servePage [
|
(servePage [
|
||||||
"freemonkey.art"
|
"freemonkey.art"
|
||||||
|
@ -35,7 +36,6 @@ in {
|
||||||
"ubikmedia.de"
|
"ubikmedia.de"
|
||||||
"apanowicz.de"
|
"apanowicz.de"
|
||||||
"nirwanabluete.de"
|
"nirwanabluete.de"
|
||||||
"aldonasiech.com"
|
|
||||||
"ubikmedia.eu"
|
"ubikmedia.eu"
|
||||||
"youthtube.xyz"
|
"youthtube.xyz"
|
||||||
"joemisch.com"
|
"joemisch.com"
|
||||||
|
@ -44,7 +44,6 @@ in {
|
||||||
|
|
||||||
"www.apanowicz.de"
|
"www.apanowicz.de"
|
||||||
"www.nirwanabluete.de"
|
"www.nirwanabluete.de"
|
||||||
"www.aldonasiech.com"
|
|
||||||
"www.ubikmedia.eu"
|
"www.ubikmedia.eu"
|
||||||
"www.youthtube.xyz"
|
"www.youthtube.xyz"
|
||||||
"www.ubikmedia.de"
|
"www.ubikmedia.de"
|
||||||
|
|
|
@ -47,7 +47,8 @@ in {
|
||||||
alias ${pkgs.writeText "prism.wg" config.krebs.hosts.prism.nets.wiregrill.wireguard.pubkey};
|
alias ${pkgs.writeText "prism.wg" config.krebs.hosts.prism.nets.wiregrill.wireguard.pubkey};
|
||||||
'';
|
'';
|
||||||
locations."/tinc/".extraConfig = ''
|
locations."/tinc/".extraConfig = ''
|
||||||
alias ${config.krebs.tinc_graphs.workingDir}/external;
|
index index.html;
|
||||||
|
alias ${config.krebs.tinc_graphs.workingDir}/external/;
|
||||||
'';
|
'';
|
||||||
locations."= /krebspage".extraConfig = ''
|
locations."= /krebspage".extraConfig = ''
|
||||||
default_type "text/html";
|
default_type "text/html";
|
||||||
|
@ -60,10 +61,10 @@ in {
|
||||||
in ''
|
in ''
|
||||||
alias ${initscript};
|
alias ${initscript};
|
||||||
'';
|
'';
|
||||||
locations."= /pub".extraConfig = ''
|
locations."= /blue.pub".extraConfig = ''
|
||||||
alias ${pkgs.writeText "pub" config.krebs.users.lass.pubkey};
|
alias ${pkgs.writeText "pub" config.krebs.users.lass.pubkey};
|
||||||
'';
|
'';
|
||||||
locations."= /pub1".extraConfig = ''
|
locations."= /mors.pub".extraConfig = ''
|
||||||
alias ${pkgs.writeText "pub" config.krebs.users.lass-mors.pubkey};
|
alias ${pkgs.writeText "pub" config.krebs.users.lass-mors.pubkey};
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
@ -93,6 +94,7 @@ in {
|
||||||
|
|
||||||
users.users.blog = {
|
users.users.blog = {
|
||||||
uid = genid_uint31 "blog";
|
uid = genid_uint31 "blog";
|
||||||
|
group = "nginx";
|
||||||
description = "lassul.us blog deployment";
|
description = "lassul.us blog deployment";
|
||||||
home = "/srv/http/lassul.us";
|
home = "/srv/http/lassul.us";
|
||||||
useDefaultShell = true;
|
useDefaultShell = true;
|
||||||
|
|
|
@ -62,5 +62,6 @@ in {
|
||||||
|
|
||||||
security.sudo.extraConfig = ''
|
security.sudo.extraConfig = ''
|
||||||
cr ALL=(lass) NOPASSWD: ${xdg-open} *
|
cr ALL=(lass) NOPASSWD: ${xdg-open} *
|
||||||
|
ff ALL=(lass) NOPASSWD: ${xdg-open} *
|
||||||
'';
|
'';
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,16 +2,29 @@
|
||||||
{
|
{
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
yubikey-personalization
|
yubikey-personalization
|
||||||
|
yubikey-manager
|
||||||
];
|
];
|
||||||
|
|
||||||
services.udev.packages = with pkgs; [ yubikey-personalization ];
|
services.udev.packages = with pkgs; [ yubikey-personalization ];
|
||||||
services.pcscd.enable = true;
|
services.pcscd.enable = true;
|
||||||
|
systemd.user.sockets.gpg-agent-ssh.wantedBy = [ "sockets.target" ];
|
||||||
|
|
||||||
|
##restart pcscd if yubikey is plugged in
|
||||||
|
#services.udev.extraRules = ''
|
||||||
|
# ACTION=="add", ATTRS{idVendor}=="04d9", ATTRS{idProduct}=="2013", RUN+="${pkgs.writeDash "restart_pcscd" ''
|
||||||
|
# ${pkgs.systemd}/bin/systemctl restart pcscd.service
|
||||||
|
# ''}"
|
||||||
|
#'';
|
||||||
|
|
||||||
environment.shellInit = ''
|
environment.shellInit = ''
|
||||||
if [ "$UID" -eq 1337 ]; then
|
if [ "$UID" -eq 1337 ] && [ -z "$SSH_CONNECTION" ]; then
|
||||||
export GPG_TTY="$(tty)"
|
export GPG_TTY="$(tty)"
|
||||||
gpg-connect-agent /bye
|
gpg-connect-agent --quiet updatestartuptty /bye > /dev/null
|
||||||
export SSH_AUTH_SOCK="/run/user/$UID/gnupg/S.gpg-agent.ssh"
|
export SSH_AUTH_SOCK="/run/user/$UID/gnupg/S.gpg-agent.ssh"
|
||||||
|
if [ -z "$SSH_AUTH_SOCK" ]; then
|
||||||
|
export SSH_AUTH_SOCK=$(${pkgs.gnupg}/bin/gpgconf --list-dirs agent-ssh-socket)
|
||||||
|
fi
|
||||||
|
|
||||||
fi
|
fi
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
@ -19,7 +32,7 @@
|
||||||
ssh.startAgent = false;
|
ssh.startAgent = false;
|
||||||
gnupg.agent = {
|
gnupg.agent = {
|
||||||
enable = true;
|
enable = true;
|
||||||
enableSSHSupport = true;
|
# enableSSHSupport = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -37,9 +37,9 @@ pkgs.writeDashBin "fzfmenu" ''
|
||||||
-e ${pkgs.dash}/bin/dash -c \
|
-e ${pkgs.dash}/bin/dash -c \
|
||||||
"echo \"$INPUT\" | ${pkgs.fzf}/bin/fzf \
|
"echo \"$INPUT\" | ${pkgs.fzf}/bin/fzf \
|
||||||
--history=/dev/null \
|
--history=/dev/null \
|
||||||
--no-sort \
|
--print-query \
|
||||||
--prompt=\"$PROMPT\" \
|
--prompt=\"$PROMPT\" \
|
||||||
> \"$OUTPUT\"" 2>/dev/null
|
> \"$OUTPUT\"" 2>/dev/null
|
||||||
${pkgs.coreutils}/bin/cat "$OUTPUT"
|
${pkgs.coreutils}/bin/tail -1 "$OUTPUT"
|
||||||
${pkgs.coreutils}/bin/rm "$OUTPUT"
|
${pkgs.coreutils}/bin/rm "$OUTPUT"
|
||||||
''
|
''
|
||||||
|
|
|
@ -1,25 +1,20 @@
|
||||||
{ pkgs, lib, pubkey ? "", disk ? "/dev/sda", vgname ? "pool", luksmap ? "luksmap", keyfile ? "/root/keyfile", ... }:
|
{ pkgs, lib, vgname ? "vgname", luksmap ? "luksmap", ... }:
|
||||||
|
|
||||||
with lib;
|
with lib;
|
||||||
|
|
||||||
pkgs.writeText "init" ''
|
pkgs.writeScript "init" ''
|
||||||
#! /bin/sh
|
#!/usr/bin/env nix-shell
|
||||||
# usage: curl xu/~tv/init | sh
|
#! nix-shell -i bash -p jq parted libxfs
|
||||||
set -efu
|
set -efu
|
||||||
# TODO nix-env -f '<nixpkgs>' -iA jq # if not exists (also version)
|
|
||||||
# install at tmp location
|
|
||||||
|
|
||||||
|
disk=$1
|
||||||
|
|
||||||
case $(cat /proc/cmdline) in
|
if mount | grep -q "$disk"; then
|
||||||
*' root=LABEL=NIXOS_ISO '*) :;;
|
echo "target device is already mounted, bailout"
|
||||||
*) echo Error: unknown operating system >&2; exit 1;;
|
exit 2
|
||||||
esac
|
fi
|
||||||
|
|
||||||
keyfile=${keyfile}
|
luksdev="$disk"3
|
||||||
|
|
||||||
disk=${disk}
|
|
||||||
|
|
||||||
luksdev=${disk}3
|
|
||||||
luksmap=/dev/mapper/${luksmap}
|
luksmap=/dev/mapper/${luksmap}
|
||||||
|
|
||||||
vgname=${vgname}
|
vgname=${vgname}
|
||||||
|
@ -29,13 +24,7 @@ pkgs.writeText "init" ''
|
||||||
rootdev=/dev/mapper/${vgname}-root
|
rootdev=/dev/mapper/${vgname}-root
|
||||||
homedev=/dev/mapper/${vgname}-home
|
homedev=/dev/mapper/${vgname}-home
|
||||||
|
|
||||||
#
|
read -p "LUKS Password: " lukspw
|
||||||
#generate keyfile
|
|
||||||
#
|
|
||||||
|
|
||||||
if ! test -e "$keyfile"; then
|
|
||||||
dd if=/dev/urandom bs=512 count=2048 of=$keyfile
|
|
||||||
fi
|
|
||||||
|
|
||||||
#
|
#
|
||||||
# partitioning
|
# partitioning
|
||||||
|
@ -61,14 +50,13 @@ pkgs.writeText "init" ''
|
||||||
|
|
||||||
if ! cryptsetup isLuks "$luksdev"; then
|
if ! cryptsetup isLuks "$luksdev"; then
|
||||||
# aes xts-plain64
|
# aes xts-plain64
|
||||||
cryptsetup luksFormat "$luksdev" "$keyfile" \
|
echo -n "$lukspw" | cryptsetup luksFormat "$luksdev" - \
|
||||||
-h sha512 \
|
-h sha512 \
|
||||||
--iter-time 5000
|
--iter-time 5000
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if ! test -e "$luksmap"; then
|
if ! test -e "$luksmap"; then
|
||||||
cryptsetup luksOpen "$luksdev" "$(basename "$luksmap")" \
|
echo "$lukspw" | cryptsetup luksOpen "$luksdev" "$(basename "$luksmap")" -
|
||||||
--key-file "$keyfile"
|
|
||||||
fi
|
fi
|
||||||
# cryptsetup close
|
# cryptsetup close
|
||||||
|
|
||||||
|
@ -95,11 +83,11 @@ pkgs.writeText "init" ''
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if ! test "$(blkid -o value -s TYPE "$rootdev")" = btrfs; then
|
if ! test "$(blkid -o value -s TYPE "$rootdev")" = btrfs; then
|
||||||
mkfs.btrfs "$rootdev"
|
mkfs.xfs "$rootdev"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if ! test "$(blkid -o value -s TYPE "$homedev")" = btrfs; then
|
if ! test "$(blkid -o value -s TYPE "$homedev")" = btrfs; then
|
||||||
mkfs.btrfs "$homedev"
|
mkfs.xfs "$homedev"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
@ -134,12 +122,5 @@ pkgs.writeText "init" ''
|
||||||
parted "$disk" print
|
parted "$disk" print
|
||||||
lsblk "$disk"
|
lsblk "$disk"
|
||||||
|
|
||||||
key='${pubkey}'
|
|
||||||
if [ "$(cat /root/.ssh/authorized_keys 2>/dev/null)" != "$key" ]; then
|
|
||||||
mkdir -p /root/.ssh
|
|
||||||
echo "$key" > /root/.ssh/authorized_keys
|
|
||||||
fi
|
|
||||||
systemctl start sshd
|
|
||||||
ip route
|
|
||||||
echo READY.
|
echo READY.
|
||||||
''
|
''
|
||||||
|
|
|
@ -10,11 +10,15 @@
|
||||||
(krebs-source { test = test; })
|
(krebs-source { test = test; })
|
||||||
{
|
{
|
||||||
nixos-config.symlink = "stockholm/lass/1systems/${name}/physical.nix";
|
nixos-config.symlink = "stockholm/lass/1systems/${name}/physical.nix";
|
||||||
|
nixpkgs-unstable.git = {
|
||||||
|
url = "https://github.com/nixos/nixpkgs-channels";
|
||||||
|
ref = (lib.importJSON ../krebs/nixpkgs-unstable.json).rev;
|
||||||
|
};
|
||||||
secrets = if test then {
|
secrets = if test then {
|
||||||
file = toString ./2configs/tests/dummy-secrets;
|
file = toString ./2configs/tests/dummy-secrets;
|
||||||
} else {
|
} else {
|
||||||
pass = {
|
pass = {
|
||||||
dir = "${lib.getEnv "HOME"}/.password-store";
|
dir = "${lib.getEnv "HOME"}/sync/pwstore";
|
||||||
name = "hosts/${name}";
|
name = "hosts/${name}";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -108,7 +108,6 @@ in {
|
||||||
];
|
];
|
||||||
|
|
||||||
services.home-assistant = {
|
services.home-assistant = {
|
||||||
package = pkgs.home-assistant.override { python3 = pkgs.python36; };
|
|
||||||
config = {
|
config = {
|
||||||
homeassistant = {
|
homeassistant = {
|
||||||
name = "Home"; time_zone = "Europe/Berlin";
|
name = "Home"; time_zone = "Europe/Berlin";
|
||||||
|
|
|
@ -5,6 +5,7 @@
|
||||||
hardware.pulseaudio = {
|
hardware.pulseaudio = {
|
||||||
enable = true;
|
enable = true;
|
||||||
package = pkgs.pulseaudioFull;
|
package = pkgs.pulseaudioFull;
|
||||||
|
extraModules = [ pkgs.pulseaudio-modules-bt ];
|
||||||
# systemWide = true;
|
# systemWide = true;
|
||||||
support32Bit = true;
|
support32Bit = true;
|
||||||
configFile = pkgs.writeText "default.pa" ''
|
configFile = pkgs.writeText "default.pa" ''
|
||||||
|
@ -23,7 +24,7 @@
|
||||||
load-module module-switch-on-port-available
|
load-module module-switch-on-port-available
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
services.blueman.enable = true;
|
||||||
# presumably a2dp Sink
|
# presumably a2dp Sink
|
||||||
# Enable profile:
|
# Enable profile:
|
||||||
## pacmd set-card-profile "$(pactl list cards short | egrep -o bluez_card[[:alnum:]._]+)" a2dp_sink
|
## pacmd set-card-profile "$(pactl list cards short | egrep -o bluez_card[[:alnum:]._]+)" a2dp_sink
|
||||||
|
@ -32,10 +33,17 @@
|
||||||
hardware.bluetooth = {
|
hardware.bluetooth = {
|
||||||
enable = true;
|
enable = true;
|
||||||
powerOnBoot = false;
|
powerOnBoot = false;
|
||||||
|
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
[general]
|
[general]
|
||||||
Enable=Source,Sink,Media,Socket
|
Enable=Source,Sink,Media,Socket
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
services.dbus.packages = [ pkgs.blueman ];
|
services.dbus.packages = [ pkgs.blueman ];
|
||||||
|
nixpkgs.overlays = [
|
||||||
|
(self: super: {
|
||||||
|
blueman = super.blueman.overrideAttrs (oldAttrs: {
|
||||||
|
buildInputs = oldAttrs.buildInputs ++ [ self.gnome3.adwaita-icon-theme ];
|
||||||
|
});
|
||||||
|
})];
|
||||||
}
|
}
|
||||||
|
|
|
@ -20,13 +20,17 @@
|
||||||
RestartSec = "5";
|
RestartSec = "5";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
networking.networkmanager.enable = true;
|
|
||||||
|
|
||||||
# nixOSUnstable
|
# nixOSUnstable
|
||||||
|
networking.networkmanager.enable = true;
|
||||||
networking.networkmanager.wifi = {
|
networking.networkmanager.wifi = {
|
||||||
powersave = true;
|
powersave = true;
|
||||||
scanRandMacAddress = true;
|
scanRandMacAddress = true;
|
||||||
|
backend = "iwd";
|
||||||
};
|
};
|
||||||
|
services.gnome3.gnome-keyring.enable = true;
|
||||||
|
networking.wireless.iwd.enable = true;
|
||||||
|
|
||||||
state = [
|
state = [
|
||||||
"/etc/NetworkManager/system-connections" #NM stateful config files
|
"/etc/NetworkManager/system-connections" #NM stateful config files
|
||||||
];
|
];
|
||||||
|
|
|
@ -1,44 +1,13 @@
|
||||||
{ stdenv, fetchurl, buildFHSUserEnv, writeTextFile, alsaLib, atk, cairo, cups
|
{ stdenv
|
||||||
, dbus, expat, fontconfig, freetype, gcc, gdk_pixbuf, glib, gnome2, gtk2, nspr
|
, fetchurl
|
||||||
, nss, pango, systemd, xorg, utillinuxMinimal, unzip, openssl, zlib, libjack2 }:
|
, alsaLib
|
||||||
|
, unzip
|
||||||
|
, openssl_1_0_2
|
||||||
|
, zlib
|
||||||
|
, libjack2
|
||||||
|
, autoPatchelfHook
|
||||||
|
}:
|
||||||
|
|
||||||
let
|
|
||||||
libPath = stdenv.lib.makeLibraryPath [
|
|
||||||
alsaLib
|
|
||||||
atk
|
|
||||||
cairo
|
|
||||||
cups
|
|
||||||
dbus
|
|
||||||
expat
|
|
||||||
fontconfig
|
|
||||||
freetype
|
|
||||||
gcc.cc
|
|
||||||
gdk_pixbuf
|
|
||||||
glib
|
|
||||||
gnome2.GConf
|
|
||||||
gtk2
|
|
||||||
nspr
|
|
||||||
nss
|
|
||||||
pango
|
|
||||||
|
|
||||||
openssl
|
|
||||||
zlib
|
|
||||||
libjack2
|
|
||||||
|
|
||||||
systemd
|
|
||||||
xorg.libX11
|
|
||||||
xorg.libXScrnSaver
|
|
||||||
xorg.libXcomposite
|
|
||||||
xorg.libXcursor
|
|
||||||
xorg.libXdamage
|
|
||||||
xorg.libXext
|
|
||||||
xorg.libXfixes
|
|
||||||
xorg.libXi
|
|
||||||
xorg.libXrandr
|
|
||||||
xorg.libXrender
|
|
||||||
xorg.libXtst
|
|
||||||
];
|
|
||||||
in
|
|
||||||
stdenv.mkDerivation rec {
|
stdenv.mkDerivation rec {
|
||||||
name = "studio-link-${version}";
|
name = "studio-link-${version}";
|
||||||
version = "17.03.1-beta";
|
version = "17.03.1-beta";
|
||||||
|
@ -46,19 +15,24 @@ stdenv.mkDerivation rec {
|
||||||
url = "https://github.com/Studio-Link-v2/backend/releases/download/v${version}/studio-link-standalone-linux.zip";
|
url = "https://github.com/Studio-Link-v2/backend/releases/download/v${version}/studio-link-standalone-linux.zip";
|
||||||
sha256 = "1y21nymin7iy64hcffc8g37fv305b1nvmh944hkf7ipb06kcx6r9";
|
sha256 = "1y21nymin7iy64hcffc8g37fv305b1nvmh944hkf7ipb06kcx6r9";
|
||||||
};
|
};
|
||||||
buildInputs = [ unzip ];
|
nativeBuildInputs = [ unzip autoPatchelfHook ];
|
||||||
phases = ["unpackPhase" "installPhase" "fixupPhase"];
|
buildInputs = [
|
||||||
|
alsaLib
|
||||||
|
|
||||||
|
openssl_1_0_2
|
||||||
|
zlib
|
||||||
|
libjack2
|
||||||
|
];
|
||||||
|
|
||||||
unpackPhase = ''
|
unpackPhase = ''
|
||||||
unzip $src
|
unzip $src
|
||||||
'';
|
'';
|
||||||
|
|
||||||
installPhase = ''
|
installPhase = ''
|
||||||
mkdir -p $out/bin
|
mkdir -p $out/bin
|
||||||
cp studio-link-standalone $out/bin/studio-link
|
cp studio-link-standalone $out/bin/studio-link
|
||||||
chmod +x $out/bin/studio-link
|
chmod +x $out/bin/studio-link
|
||||||
'';
|
'';
|
||||||
postFixup = ''
|
|
||||||
patchelf --set-interpreter $(cat $NIX_CC/nix-support/dynamic-linker) --set-rpath "${libPath}:\$ORIGIN" "$out/bin/studio-link"
|
|
||||||
'';
|
|
||||||
|
|
||||||
meta = with stdenv.lib; {
|
meta = with stdenv.lib; {
|
||||||
homepage = https://studio-link.com;
|
homepage = https://studio-link.com;
|
||||||
|
|
Loading…
Reference in a new issue