ma wbob.r: enable bureautomation
This commit is contained in:
parent
20eb8ac1e2
commit
e99a9ac9f1
|
@ -18,7 +18,6 @@ in {
|
||||||
<stockholm/makefu/2configs/virtualisation/libvirt.nix>
|
<stockholm/makefu/2configs/virtualisation/libvirt.nix>
|
||||||
<stockholm/makefu/2configs/tinc/retiolum.nix>
|
<stockholm/makefu/2configs/tinc/retiolum.nix>
|
||||||
<stockholm/makefu/2configs/mqtt.nix>
|
<stockholm/makefu/2configs/mqtt.nix>
|
||||||
<stockholm/makefu/2configs/deployment/led-fader.nix>
|
|
||||||
# <stockholm/makefu/2configs/gui/wbob-kiosk.nix>
|
# <stockholm/makefu/2configs/gui/wbob-kiosk.nix>
|
||||||
|
|
||||||
<stockholm/makefu/2configs/stats/client.nix>
|
<stockholm/makefu/2configs/stats/client.nix>
|
||||||
|
@ -34,7 +33,10 @@ in {
|
||||||
<stockholm/makefu/2configs/share/wbob.nix>
|
<stockholm/makefu/2configs/share/wbob.nix>
|
||||||
|
|
||||||
<stockholm/makefu/2configs/stats/telegraf>
|
<stockholm/makefu/2configs/stats/telegraf>
|
||||||
|
<stockholm/makefu/2configs/deployment/led-fader.nix>
|
||||||
|
<stockholm/makefu/2configs/stats/external/aralast.nix>
|
||||||
<stockholm/makefu/2configs/stats/telegraf/airsensor.nix>
|
<stockholm/makefu/2configs/stats/telegraf/airsensor.nix>
|
||||||
|
<stockholm/makefu/2configs/deployment/bureautomation>
|
||||||
(let
|
(let
|
||||||
collectd-port = 25826;
|
collectd-port = 25826;
|
||||||
influx-port = 8086;
|
influx-port = 8086;
|
||||||
|
@ -60,13 +62,7 @@ in {
|
||||||
};
|
};
|
||||||
|
|
||||||
networking.firewall.extraCommands = ''
|
networking.firewall.extraCommands = ''
|
||||||
iptables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT
|
|
||||||
iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT
|
|
||||||
iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT
|
iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT
|
||||||
|
|
||||||
ip6tables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT
|
|
||||||
ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT
|
|
||||||
ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT
|
|
||||||
'';
|
'';
|
||||||
})
|
})
|
||||||
|
|
||||||
|
@ -138,9 +134,6 @@ in {
|
||||||
# rt2870 with nonfree creates wlp2s0 from wlp0s20u2
|
# rt2870 with nonfree creates wlp2s0 from wlp0s20u2
|
||||||
# not explicitly setting the interface results in wpa_supplicant to crash
|
# not explicitly setting the interface results in wpa_supplicant to crash
|
||||||
networking.wireless.interfaces = [ "wlp2s0" ];
|
networking.wireless.interfaces = [ "wlp2s0" ];
|
||||||
networking.interfaces.enp0s25.ip4 = [
|
|
||||||
{ address = primaryIP; prefixLength = 24;}
|
|
||||||
];
|
|
||||||
networking.interfaces.virbr1.ip4 = [{
|
networking.interfaces.virbr1.ip4 = [{
|
||||||
address = "10.8.8.11";
|
address = "10.8.8.11";
|
||||||
prefixLength = 24;
|
prefixLength = 24;
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
import <stockholm/makefu/source.nix> {
|
import <stockholm/makefu/source.nix> {
|
||||||
name="wbob";
|
name="wbob";
|
||||||
musnix = true;
|
# musnix = true;
|
||||||
}
|
}
|
||||||
|
|
41
makefu/2configs/deployment/bureautomation/default.nix
Normal file
41
makefu/2configs/deployment/bureautomation/default.nix
Normal file
|
@ -0,0 +1,41 @@
|
||||||
|
{ pkgs, lib, ... }:
|
||||||
|
|
||||||
|
with lib;
|
||||||
|
let
|
||||||
|
port = 3001;
|
||||||
|
runit = pkgs.writeDash "runit" ''
|
||||||
|
set -xeuf
|
||||||
|
PATH=${pkgs.curl}/bin:${pkgs.coreutils}/bin
|
||||||
|
name=''${1?must provide name as first arg}
|
||||||
|
state=''${2?must provide state as second arg}
|
||||||
|
# val=''${3?must provide val as third arg}
|
||||||
|
|
||||||
|
# we ignore non-alerting events
|
||||||
|
test $state = alerting || exit 0
|
||||||
|
|
||||||
|
echo $name - $state
|
||||||
|
curl 'http://bauarbeiterlampe/ay?o=1'
|
||||||
|
sleep 5
|
||||||
|
curl 'http://bauarbeiterlampe/ay?o=1'
|
||||||
|
'';
|
||||||
|
in {
|
||||||
|
services.logstash = {
|
||||||
|
package = pkgs.logstash5;
|
||||||
|
enable = true;
|
||||||
|
inputConfig = ''
|
||||||
|
http {
|
||||||
|
port => ${toString port}
|
||||||
|
host => "127.0.0.1"
|
||||||
|
}
|
||||||
|
'';
|
||||||
|
filterConfig = ''
|
||||||
|
'';
|
||||||
|
outputConfig = ''
|
||||||
|
stdout { codec => json }
|
||||||
|
exec { command => "${runit} '%{ruleName}' '%{state}'" }
|
||||||
|
'';
|
||||||
|
extraSettings = ''
|
||||||
|
path.plugins: [ "${pkgs.logstash-output-exec}" ]
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,27 +1,25 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{ config, lib, pkgs, buildPythonPackage, ... }:
|
||||||
|
|
||||||
with import <stockholm/lib>;
|
|
||||||
let
|
let
|
||||||
mq = "192.168.8.11";
|
mq = "192.168.8.11";
|
||||||
|
|
||||||
pkg = pkgs.stdenv.mkDerivation {
|
pkg = pkgs.python3Packages.buildPythonPackage {
|
||||||
name = "ampel-master";
|
name = "ampel-master";
|
||||||
|
|
||||||
src = pkgs.fetchgit {
|
src = pkgs.fetchgit {
|
||||||
url = "http://cgit.euer.krebsco.de/ampel";
|
url = "http://cgit.euer.krebsco.de/ampel";
|
||||||
rev = "07a6791de368e16cc0864d2676fd255eba522cee";
|
rev = "531741b";
|
||||||
sha256 = "1jxjapvkfglvgapy7gjbr1nra3ay418nvz70bvypcmv7wc8d4h8q";
|
sha256 = "110yij53jz074zbswylbzcd8jy7z49r9fg6i3j1gk2y3vl91g81c";
|
||||||
};
|
};
|
||||||
buildInputs = [
|
propagatedBuildInputs = with pkgs.python3Packages; [
|
||||||
(pkgs.python35.withPackages (pythonPackages: with pythonPackages; [
|
|
||||||
docopt
|
docopt
|
||||||
paho-mqtt
|
paho-mqtt
|
||||||
]))
|
requests
|
||||||
|
pytz
|
||||||
|
influxdb
|
||||||
|
httplib2
|
||||||
|
google_api_python_client
|
||||||
];
|
];
|
||||||
installPhase = ''
|
|
||||||
install -m755 -D fade.py $out/bin/fade.py
|
|
||||||
install -m755 -D ampel.py $out/bin/ampel
|
|
||||||
install -m755 -D times.json $out/share/times.json
|
|
||||||
'';
|
|
||||||
};
|
};
|
||||||
in {
|
in {
|
||||||
systemd.services.led-fader = {
|
systemd.services.led-fader = {
|
||||||
|
@ -34,7 +32,9 @@ in {
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
# User = "nobody"; # need a user with permissions to run nix-shell
|
# User = "nobody"; # need a user with permissions to run nix-shell
|
||||||
ExecStartPre = pkgs.writeDash "sleep.sh" "sleep 2";
|
ExecStartPre = pkgs.writeDash "sleep.sh" "sleep 2";
|
||||||
ExecStart = "${pkg}/bin/ampel 4 ${pkg}/share/times.json";
|
ExecStart = "${pkg}/bin/ampel 4";
|
||||||
|
Restart = "always";
|
||||||
|
RestartSec = 10;
|
||||||
PrivateTmp = true;
|
PrivateTmp = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
38
makefu/2configs/share/wbob.nix
Normal file
38
makefu/2configs/share/wbob.nix
Normal file
|
@ -0,0 +1,38 @@
|
||||||
|
{config, ... }:{
|
||||||
|
networking.firewall.allowedUDPPorts = [ 137 138 ];
|
||||||
|
networking.firewall.allowedTCPPorts = [ 139 445 ];
|
||||||
|
users.users.smbguest = {
|
||||||
|
name = "smbguest";
|
||||||
|
uid = config.ids.uids.smbguest;
|
||||||
|
description = "smb guest user";
|
||||||
|
home = "/home/share";
|
||||||
|
createHome = true;
|
||||||
|
};
|
||||||
|
services.samba = {
|
||||||
|
enable = true;
|
||||||
|
enableNmbd = true;
|
||||||
|
shares = {
|
||||||
|
incoming = {
|
||||||
|
path = "/data/incoming";
|
||||||
|
"read only" = "no";
|
||||||
|
browseable = "yes";
|
||||||
|
"guest ok" = "yes";
|
||||||
|
};
|
||||||
|
data = {
|
||||||
|
path = "/data/";
|
||||||
|
"read only" = "yes";
|
||||||
|
browseable = "yes";
|
||||||
|
"guest ok" = "yes";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
extraConfig = ''
|
||||||
|
guest account = smbguest
|
||||||
|
map to guest = bad user
|
||||||
|
# disable printing
|
||||||
|
load printers = no
|
||||||
|
printing = bsd
|
||||||
|
printcap name = /dev/null
|
||||||
|
disable spoolss = yes
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,6 +1,10 @@
|
||||||
{ pkgs, ...}:
|
{ pkgs, ...}:
|
||||||
|
|
||||||
{
|
{
|
||||||
|
services.udev.extraRules = ''
|
||||||
|
SUBSYSTEMS=="usb", ATTRS{product}=="iAQ Stick", GROUP="input"
|
||||||
|
'';
|
||||||
|
users.users.telegraf.extraGroups = [ "input" ];
|
||||||
services.telegraf.extraConfig.inputs.exec = [
|
services.telegraf.extraConfig.inputs.exec = [
|
||||||
{
|
{
|
||||||
commands = [ "${pkgs.airsensor-py}/bin/airsensor-py"];
|
commands = [ "${pkgs.airsensor-py}/bin/airsensor-py"];
|
||||||
|
|
|
@ -2,16 +2,16 @@
|
||||||
with pkgs.python3Packages;
|
with pkgs.python3Packages;
|
||||||
buildPythonApplication rec {
|
buildPythonApplication rec {
|
||||||
name = "airsensor-py-${version}";
|
name = "airsensor-py-${version}";
|
||||||
version = "2017-04-24";
|
version = "2017-12-05";
|
||||||
propagatedBuildInputs = [
|
propagatedBuildInputs = [
|
||||||
pyusb
|
pyusb
|
||||||
click
|
click
|
||||||
];
|
];
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "dfederschmidt";
|
owner = "makefu";
|
||||||
repo = "airsensor-py";
|
repo = "airsensor-py";
|
||||||
rev = "c476918";
|
rev = "7ac5f185dc848fca1b556e4c0396dd73f6a93995";
|
||||||
sha256 = "0dc88vqxsgx20asbwfdjmz6yl6bvv65k0krvmmss3gcwxdgh9p2q";
|
sha256 = "0387b025y8kb0zml7916p70hmzc3y18kqh46b9xv5qayljxymq2w";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue