diff options
| author | lassulus <lassulus@lassul.us> | 2021-03-17 15:42:13 +0100 |
|---|---|---|
| committer | lassulus <lassulus@lassul.us> | 2021-03-17 15:42:13 +0100 |
| commit | 3d1472a7cac3ab2c5f9efd06a501368308681999 (patch) | |
| tree | 950fbe49dfd060923756dd517c41f27f646857de | |
| parent | f659c1879f6e0a0e9228205edd794aaab467aa0b (diff) | |
| parent | 2044ad632b68ce173463287a9f437aae699bda83 (diff) | |
Merge remote-tracking branch 'gum/master'
71 files changed, 1111 insertions, 230 deletions
diff --git a/krebs/1systems/puyak/net.nix b/krebs/1systems/puyak/net.nix index 4cb8d247c..8dab11e16 100644 --- a/krebs/1systems/puyak/net.nix +++ b/krebs/1systems/puyak/net.nix @@ -1,11 +1,11 @@ let - ext-if = "enp0s25"; + ext-if = "et0"; shack-ip = "10.42.22.184"; shack-gw = "10.42.20.1"; in { services.udev.extraRules = '' SUBSYSTEM=="net", ATTR{address}=="8c:70:5a:b2:84:58", NAME="wl0" - SUBSYSTEM=="net", ATTR{address}=="3c:97:0e:07:b9:14", NAME="et0" + SUBSYSTEM=="net", ATTR{address}=="3c:97:0e:07:b9:14", NAME="${ext-if}" ''; networking = { firewall.enable = false; @@ -13,7 +13,7 @@ in { interfaces."${ext-if}".ipv4.addresses = [ { address = shack-ip; - prefixLength = 20; + prefixLength = 22; } ]; diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index c8e1e0386..f9fa037d3 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -108,12 +108,6 @@ in { ci = false; cores = 1; nets = { - lan = { - ip4.addr = "192.168.1.12"; - aliases = [ - "filepimp.lan" - ]; - }; retiolum.ip4.addr = "10.243.153.102"; }; }; @@ -123,12 +117,6 @@ in { cores = 2; nets = { - lan = { - ip4.addr = "192.168.1.11"; - aliases = [ - "omo.lan" - ]; - }; retiolum = { ip4.addr = "10.243.0.89"; aliases = [ @@ -143,13 +131,6 @@ in { ci = true; cores = 4; nets = { - lan = { - ip4.addr = "192.168.8.11"; - aliases = [ - "wbob.lan" - "log.wbob.lan" - ]; - }; retiolum = { ip4.addr = "10.243.214.15"; aliases = [ diff --git a/makefu/0tests/data/secrets/photoprism.nix b/makefu/0tests/data/secrets/photoprism.nix new file mode 100644 index 000000000..17811ec5f --- /dev/null +++ b/makefu/0tests/data/secrets/photoprism.nix @@ -0,0 +1,4 @@ +{ + db.username = "photoprism"; + db.password = "photoprism"; +} diff --git a/makefu/0tests/data/secrets/zigbee2mqtt.nix b/makefu/0tests/data/secrets/zigbee2mqtt.nix new file mode 100644 index 000000000..c67ff3865 --- /dev/null +++ b/makefu/0tests/data/secrets/zigbee2mqtt.nix @@ -0,0 +1,6 @@ +{ + mqtt.password = "hass"; + mqtt.username = "hass"; + zigbee.network_key = [ 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 ]; +} + diff --git a/makefu/1systems/filepimp/config.nix b/makefu/1systems/filepimp/config.nix index e023c2885..346de10ba 100644 --- a/makefu/1systems/filepimp/config.nix +++ b/makefu/1systems/filepimp/config.nix @@ -1,26 +1,13 @@ { config, pkgs, lib, ... }: +# nix-shell -p wol --run 'wol C8:CB:B8:CF:E4:DC --passwd=CA-FE-BA-BE-13-37' let - byid = dev: "/dev/disk/by-id/" + dev; - part1 = disk: disk + "-part1"; - rootDisk = byid "ata-SanDisk_SDSSDP064G_140237402890"; - primary-interface = "enp3s0"; # c8:cb:b8:cf:e4:dc - # N54L Chassis: - # ____________________ - # |______FRONT_______| - # | [ ]| - # | [ d1 ** d3 d4 ]| - # |___[_____________]| - jDisk1 = byid "ata-ST4000DM000-1F2168_Z3040NEA"; - - # transfer to omo - # jDisk0 = byid "ata-ST4000DM000-1F2168_Z303HVSG"; - jDisk2 = byid "ata-WDC_WD40EFRX-68WT0N0_WD-WCC4E0621363"; - jDisk3 = byid "ata-TOSHIBA_MD04ACA400_156GK89OFSBA"; - allDisks = [ rootDisk jDisk1 jDisk2 jDisk3 ]; + itf = config.makefu.server.primary-itf; in { imports = [ # Include the results of the hardware scan. + ./hw.nix <stockholm/makefu> + <stockholm/makefu/2configs/home-manager> <stockholm/makefu/2configs/fs/single-partition-ext4.nix> <stockholm/makefu/2configs/smart-monitor.nix> <stockholm/makefu/2configs/tinc/retiolum.nix> @@ -28,64 +15,12 @@ in { ]; krebs.build.host = config.krebs.hosts.filepimp; - # AMD N54L - boot = { - loader.grub.device = rootDisk; - - initrd.availableKernelModules = [ - "ahci" - "ohci_pci" - "ehci_pci" - "pata_atiixp" - "usb_storage" - "usbhid" - ]; - - kernelModules = [ "kvm-amd" ]; - extraModulePackages = [ ]; - }; - hardware.enableRedistributableFirmware = true; - hardware.cpu.amd.updateMicrocode = true; - - zramSwap.enable = true; - - makefu.snapraid = let - toMedia = name: "/media/" + name; - in { - enable = true; - # todo combine creation when enabling the mount point - disks = map toMedia [ - # "j0" - "j1" - "j2" - ]; - parity = toMedia "par0"; - }; - # TODO: refactor, copy-paste from omo - services.smartd.devices = builtins.map (x: { device = x; }) allDisks; - powerManagement.powerUpCommands = lib.concatStrings (map (disk: '' - ${pkgs.hdparm}/sbin/hdparm -S 100 ${disk} - ${pkgs.hdparm}/sbin/hdparm -B 127 ${disk} - ${pkgs.hdparm}/sbin/hdparm -y ${disk} - '') allDisks); - fileSystems = let - xfsmount = name: dev: - { "/media/${name}" = { - device = dev; fsType = "xfs"; - options = [ "nofail" ]; - }; }; - in - # (xfsmount "j0" (part1 jDisk0)) // - (xfsmount "j1" (part1 jDisk1)) // - (xfsmount "j2" (part1 jDisk2)) // - (xfsmount "par0" (part1 jDisk3)) - ; - networking.firewall.trustedInterfaces = [ primary-interface ]; + networking.firewall.trustedInterfaces = [ itf ]; services.wakeonlan.interfaces = [ { - interface = primary-interface; + interface = itf ; method = "password"; password = "CA:FE:BA:BE:13:37"; } diff --git a/makefu/1systems/filepimp/hw.nix b/makefu/1systems/filepimp/hw.nix new file mode 100644 index 000000000..6f02d9b1b --- /dev/null +++ b/makefu/1systems/filepimp/hw.nix @@ -0,0 +1,83 @@ +{ config, pkgs, lib, ... }: + +let + byid = dev: "/dev/disk/by-id/" + dev; + part1 = disk: disk + "-part1"; + rootDisk = byid "ata-SanDisk_SDSSDP064G_140237402890"; + primary-interface = "enp3s0"; # c8:cb:b8:cf:e4:dc + # N54L Chassis: + # ____________________ + # |______FRONT_______| + # | [ ]| + # | [ d1 d0 d3 d4 ]| + # |___[_____________]| + jDisk1 = byid "ata-ST4000DM000-1F2168_Z3040NEA"; + + # transfer to omo + jDisk0 = byid "ata-ST4000DM000-1F2168_Z303HVSG"; + jDisk2 = byid "ata-WDC_WD40EFRX-68WT0N0_WD-WCC4E0621363"; + jDisk3 = byid "ata-TOSHIBA_MD04ACA400_156GK89OFSBA"; + allDisks = [ rootDisk jDisk0 jDisk1 jDisk2 jDisk3 ]; +in { + boot = { + loader.grub.device = rootDisk; + + initrd.availableKernelModules = [ + "ahci" + "ohci_pci" + "ehci_pci" + "pata_atiixp" + "usb_storage" + "usbhid" + ]; + + kernelModules = [ "kvm-amd" ]; + extraModulePackages = [ ]; + }; + makefu.server.primary-itf = primary-interface; + + hardware.enableRedistributableFirmware = true; + hardware.cpu.amd.updateMicrocode = true; + + zramSwap.enable = true; + + makefu.snapraid = let + toMedia = name: "/media/" + name; + in { + enable = true; + # todo combine creation when enabling the mount point + disks = map toMedia [ + "j0" + "j1" + "j2" + ]; + parity = toMedia "par0"; + }; + # TODO: refactor, copy-paste from omo + services.smartd.devices = builtins.map (x: { device = x; }) allDisks; + powerManagement.powerUpCommands = lib.concatStrings (map (disk: '' + ${pkgs.hdparm}/sbin/hdparm -S 100 ${disk} + ${pkgs.hdparm}/sbin/hdparm -B 127 ${disk} + ${pkgs.hdparm}/sbin/hdparm -y ${disk} + '') allDisks); + fileSystems = let + xfsmount = name: dev: + { "/media/${name}" = { + device = dev; fsType = "xfs"; + options = [ "nofail" ]; + }; }; + tomedia = id: "/media/${id}"; + in + (xfsmount "j0" (part1 jDisk0)) // + (xfsmount "j1" (part1 jDisk1)) // + (xfsmount "j2" (part1 jDisk2)) // + (xfsmount "par0" (part1 jDisk3)) // + { "/media/jX" = { + device = (lib.concatMapStringsSep ":" (d: (tomedia d)) ["j0" "j1" "j2" ]); + fsType = "mergerfs"; + noCheck = true; + options = [ "defaults" "allow_other" "nofail" "nonempty" ]; + }; + }; + environment.systemPackages = [ pkgs.mergerfs ]; +} diff --git a/makefu/1systems/filepimp/source.nix b/makefu/1systems/filepimp/source.nix index b81a2bf4a..9930f0e42 100644 --- a/makefu/1systems/filepimp/source.nix +++ b/makefu/1systems/filepimp/source.nix @@ -1,3 +1,4 @@ { name="filepimp"; + home-manager = true; } diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index 2fd99122a..83fbd8f83 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -43,6 +43,7 @@ in { <stockholm/makefu/2configs/zsh-user.nix> <stockholm/makefu/2configs/mosh.nix> + <stockholm/makefu/2configs/storj/forward-port.nix> # <stockholm/makefu/2configs/gui/xpra.nix> # networking @@ -147,7 +148,7 @@ in { <stockholm/makefu/2configs/deployment/boot-euer.nix> <stockholm/makefu/2configs/deployment/gecloudpad> <stockholm/makefu/2configs/deployment/docker/archiveteam-warrior.nix> - <stockholm/makefu/2configs/deployment/docker/etherpad.euer.krebsco.de.nix> + <stockholm/makefu/2configs/bgt/etherpad.euer.krebsco.de.nix> # <stockholm/makefu/2configs/deployment/systemdultras-rss.nix> <stockholm/makefu/2configs/shiori.nix> @@ -156,6 +157,7 @@ in { <stockholm/makefu/2configs/bgt/download.binaergewitter.de.nix> <stockholm/makefu/2configs/bgt/hidden_service.nix> <stockholm/makefu/2configs/bgt/backup.nix> + <stockholm/makefu/2configs/bgt/social-to-irc.nix> # <stockholm/makefu/2configs/logging/client.nix> @@ -203,7 +205,10 @@ in { # Network networking = { firewall = { - allowedTCPPorts = [ 80 443 ]; + allowedTCPPorts = [ + 80 443 + 28967 # storj + ]; allowPing = true; logRefusedConnections = false; }; diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix index a9e307ddf..a04593715 100644 --- a/makefu/1systems/omo/config.nix +++ b/makefu/1systems/omo/config.nix @@ -28,9 +28,11 @@ in { <stockholm/makefu/2configs/home-manager> <stockholm/makefu/2configs/home-manager/cli.nix> <stockholm/makefu/2configs/editor/neovim> + <stockholm/makefu/2configs/storj/client.nix> <stockholm/makefu/2configs/backup/state.nix> + <stockholm/makefu/2configs/backup/server.nix> <stockholm/makefu/2configs/exim-retiolum.nix> # <stockholm/makefu/2configs/smart-monitor.nix> <stockholm/makefu/2configs/mail-client.nix> @@ -68,7 +70,7 @@ in { <stockholm/makefu/2configs/tinc/retiolum.nix> # statistics - <stockholm/makefu/2configs/stats/client.nix> + # <stockholm/makefu/2configs/stats/client.nix> # Logging #influx + grafana <stockholm/makefu/2configs/stats/server.nix> @@ -91,13 +93,18 @@ in { <stockholm/makefu/2configs/virtualisation/docker.nix> <stockholm/makefu/2configs/bluetooth-mpd.nix> - <stockholm/makefu/2configs/ham> + <stockholm/makefu/2configs/home/ham> + <stockholm/makefu/2configs/home/airsonic.nix> + <stockholm/makefu/2configs/home/photoprism.nix> + <stockholm/makefu/2configs/home/metube.nix> { makefu.ps3netsrv = { enable = true; servedir = "/media/cryptX/emu/ps3"; }; } + + { hardware.pulseaudio.systemWide = true; makefu.mpd.musicDirectory = "/media/cryptX/music"; @@ -107,7 +114,15 @@ in { <stockholm/makefu/2configs/sshd-totp.nix> # <stockholm/makefu/2configs/logging/central-logging-client.nix> - <stockholm/makefu/2configs/torrent.nix> + # <stockholm/makefu/2configs/torrent.nix> + { + #krebs.rtorrent = { + # downloadDir = lib.mkForce "/media/cryptX/torrent"; + # extraConfig = '' + # upload_rate = 500 + # ''; + #}; + } # <stockholm/makefu/2configs/elchos/search.nix> # <stockholm/makefu/2configs/elchos/log.nix> @@ -118,16 +133,11 @@ in { # Temporary: # <stockholm/makefu/2configs/temp/rst-issue.nix> + <stockholm/makefu/2configs/bgt/social-to-irc.nix> ]; makefu.full-populate = true; nixpkgs.config.allowUnfree = true; - krebs.rtorrent = { - downloadDir = lib.mkForce "/media/cryptX/torrent"; - extraConfig = '' - upload_rate = 500 - ''; - }; users.groups.share = { gid = (import <stockholm/lib>).genid "share"; members = [ "makefu" "misa" ]; diff --git a/makefu/1systems/omo/hw/omo.nix b/makefu/1systems/omo/hw/omo.nix index 586ad98c4..ae5b778bf 100644 --- a/makefu/1systems/omo/hw/omo.nix +++ b/makefu/1systems/omo/hw/omo.nix @@ -51,6 +51,10 @@ in { enable = true; disks = map toMapper [ 0 1 3 ]; parity = toMapper 2; # find -name PARITY_PARTITION + extraConfig = '' + exclude /lib/storj/ + exclude /.bitcoin/blocks/ + ''; }; fileSystems = let cryptMount = name: diff --git a/makefu/1systems/tsp/config.nix b/makefu/1systems/tsp/config.nix index 7c65737f7..9586578d3 100644 --- a/makefu/1systems/tsp/config.nix +++ b/makefu/1systems/tsp/config.nix @@ -6,21 +6,26 @@ { imports = [ # Include the results of the hardware scan. + ./hardware.nix <stockholm/makefu> + <stockholm/makefu/2configs/nur.nix> <stockholm/makefu/2configs/home-manager> <stockholm/makefu/2configs/main-laptop.nix> + <stockholm/makefu/2configs/editor/neovim> + <stockholm/makefu/2configs/tools/core.nix> # <stockholm/makefu/2configs/tools/all.nix> <stockholm/makefu/2configs/fs/single-partition-ext4.nix> # hardware specifics are in here - # imports tp-x2x0.nix - <stockholm/makefu/2configs/hw/tp-x230.nix> <stockholm/makefu/2configs/hw/bluetooth.nix> <stockholm/makefu/2configs/hw/network-manager.nix> + # <stockholm/makefu/2configs/rad1o.nix> <stockholm/makefu/2configs/zsh-user.nix> - <stockholm/makefu/2configs/exim-retiolum.nix> + <stockholm/makefu/2configs/home-manager> + <stockholm/makefu/2configs/home-manager/desktop.nix> + <stockholm/makefu/2configs/home-manager/cli.nix> <stockholm/makefu/2configs/tinc/retiolum.nix> <stockholm/makefu/2configs/sshd-totp.nix> diff --git a/makefu/1systems/tsp/hardware.nix b/makefu/1systems/tsp/hardware.nix new file mode 100644 index 000000000..2788eae04 --- /dev/null +++ b/makefu/1systems/tsp/hardware.nix @@ -0,0 +1,9 @@ +{ lib, ... }: +{ + imports = [ + # laptop is an acer aspire, but close enough i'd say + <stockholm/makefu/2configs/hw/tp-x2x0.nix> + ]; + # the laptop only has the touchpad + services.xserver.synaptics.additionalOptions = lib.mkForce ''Option "TouchpadOff" "0"''; +} diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix index 32dedbde2..b70b48449 100644 --- a/makefu/1systems/wbob/config.nix +++ b/makefu/1systems/wbob/config.nix @@ -1,14 +1,15 @@ { config, pkgs, lib, ... }: let - rootdisk = "/dev/disk/by-id/ata-TS256GMTS800_C613840115"; - datadisk = "/dev/disk/by-id/ata-HGST_HTS721010A9E630_JR10006PH3A02F"; user = config.makefu.gui.user; primaryIP = "192.168.8.11"; in { imports = - [ # Include the results of the hardware scan. + [ <stockholm/makefu> + # Include the results of the hardware scan. + ./nuc + <stockholm/makefu/2configs/home-manager> <stockholm/makefu/2configs/support-nixos.nix> <stockholm/makefu/2configs/zsh-user.nix> @@ -37,13 +38,13 @@ in { # Sensors # <stockholm/makefu/2configs/stats/client.nix> - <stockholm/makefu/2configs/stats/collectd-client.nix> + # <stockholm/makefu/2configs/stats/collectd-client.nix> <stockholm/makefu/2configs/stats/telegraf> <stockholm/makefu/2configs/stats/telegraf/airsensor.nix> <stockholm/makefu/2configs/stats/telegraf/europastats.nix> <stockholm/makefu/2configs/stats/external/aralast.nix> <stockholm/makefu/2configs/stats/arafetch.nix> - <stockholm/makefu/2configs/hw/mceusb.nix> + # <stockholm/makefu/2configs/hw/mceusb.nix> # <stockholm/makefu/2configs/stats/telegraf/bamstats.nix> { environment.systemPackages = [ pkgs.vlc ]; } @@ -94,44 +95,6 @@ in { build.host = config.krebs.hosts.wbob; }; - swapDevices = [ { device = "/var/swap"; } ]; - services.collectd.extraConfig = lib.mkAfter '' - - #LoadPlugin ping - # does not work because it requires privileges - #<Plugin "ping"> - # Host "google.de" - # Host "heise.de" - #</Plugin> - - LoadPlugin curl - <Plugin curl> - Interval 300 - TotalTime true - NamelookupTime true - ConnectTime true - - <Page "google"> - MeasureResponseTime true - MeasureResponseCode true - URL "https://google.de" - </Page> - - <Page "webde"> - MeasureResponseTime true - MeasureResponseCode true - URL "http://web.de" - </Page> - - </Plugin> - #LoadPlugin netlink - #<Plugin "netlink"> - # Interface "enp0s25" - # Interface "wlp2s0" - # IgnoreSelected false - #</Plugin> - ''; - networking.firewall.allowedUDPPorts = [ 655 ]; networking.firewall.allowedTCPPorts = [ 655 @@ -146,7 +109,7 @@ in { # Port = 1655 # ''; #}; - + boot.kernelPackages = pkgs.linuxPackages_latest; # rt2870.bin wifi card, part of linux-unfree hardware.enableRedistributableFirmware = true; nixpkgs.config.allowUnfree = true; @@ -156,24 +119,5 @@ in { address = "10.8.8.11"; prefixLength = 24; }]; - - # nuc hardware - boot.loader.grub.device = rootdisk; - hardware.cpu.intel.updateMicrocode = true; - boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; - - boot.kernelModules = [ - "kvm-intel" "snd-seq" "snd-rawmidi" - ]; - fileSystems = { - "/" = { - device = rootdisk + "-part1"; - fsType = "ext4"; - }; - "/data" = { - device = datadisk + "-part1"; - fsType = "ext4"; - }; - }; } diff --git a/makefu/1systems/wbob/nuc/default.nix b/makefu/1systems/wbob/nuc/default.nix new file mode 100644 index 000000000..d4993dfd0 --- /dev/null +++ b/makefu/1systems/wbob/nuc/default.nix @@ -0,0 +1,23 @@ +let + rootdisk = "/dev/disk/by-id/ata-TS256GMTS800_C613840115"; + datadisk = "/dev/disk/by-id/ata-HGST_HTS721010A9E630_JR10006PH3A02F"; +in { + boot.loader.grub.device = rootdisk; + hardware.cpu.intel.updateMicrocode = true; + boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; + + boot.kernelModules = [ + "kvm-intel" "snd-seq" "snd-rawmidi" + ]; + fileSystems = { + "/" = { + device = rootdisk + "-part1"; + fsType = "ext4"; + }; + "/data" = { + device = datadisk + "-part1"; + fsType = "ext4"; + }; + }; + swapDevices = [ { device = "/var/swap"; } ]; +} diff --git a/makefu/1systems/wbob/source.nix b/makefu/1systems/wbob/source.nix index 6568b8a45..36c7b67bb 100644 --- a/makefu/1systems/wbob/source.nix +++ b/makefu/1systems/wbob/source.nix @@ -2,4 +2,5 @@ name="wbob"; # musnix = true; home-manager = true; + unstable = true; } diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix index 6c0388e59..80655f998 100644 --- a/makefu/1systems/x/config.nix +++ b/makefu/1systems/x/config.nix @@ -158,7 +158,8 @@ # temporary # { services.redis.enable = true; } - # <stockholm/makefu/2configs/pyload.nix> + { services.mongodb.enable = true; } + # <stockholm/makefu/2configs/home/photoprism.nix> # <stockholm/makefu/2configs/dcpp/airdcpp.nix> # <stockholm/makefu/2configs/nginx/rompr.nix> # <stockholm/makefu/2configs/lanparty/lancache.nix> diff --git a/makefu/1systems/x/x13/default.nix b/makefu/1systems/x/x13/default.nix index b0400232e..ac601845a 100644 --- a/makefu/1systems/x/x13/default.nix +++ b/makefu/1systems/x/x13/default.nix @@ -8,6 +8,7 @@ <nixos-hardware/lenovo/thinkpad/l14/amd> # close enough # <stockholm/makefu/2configs/hw/tpm.nix> <stockholm/makefu/2configs/hw/ssd.nix> + <stockholm/makefu/2configs/hw/xmm7360.nix> ]; boot.zfs.requestEncryptionCredentials = true; networking.hostId = "f8b8e0a2"; @@ -19,32 +20,15 @@ services.xserver.videoDrivers = [ "amdgpu" ]; - hardware.opengl.extraPackages = [ pkgs.amdvlk ]; + hardware.opengl.extraPackages = [ pkgs.amdvlk pkgs.rocm-opencl-icd ]; # is required for amd graphics support ( xorg wont boot otherwise ) boot.kernelPackages = pkgs.linuxPackages_latest; + environment.variables.VK_ICD_FILENAMES = "/run/opengl-driver/share/vulkan/icd.d/amd_icd64.json"; programs.light.enable = true; - services.actkbd = { - enable = true; - bindings = [ - { keys = [ 225 ]; events = [ "key" ]; command = "${pkgs.light}/bin/light -A 10"; } - { keys = [ 224 ]; events = [ "key" ]; command = "${pkgs.light}/bin/light -U 10"; } - { keys = [ 227 ]; events = [ "key" ]; command = builtins.toString ( - pkgs.writers.writeDash "toggle_lcdshadow" '' - proc=/proc/acpi/ibm/lcdshadow - status=$(${pkgs.gawk}/bin/awk '/status:/{print $2}' "$proc") - if [ "$status" -eq 0 ];then - echo 1 > "$proc" - else - echo 0 > "$proc" - fi - ''); - } - ]; - }; users.groups.video = {}; users.users.makefu.extraGroups = [ "video" ]; diff --git a/makefu/1systems/x/x13/input.nix b/makefu/1systems/x/x13/input.nix index 68b855d8e..775e19303 100644 --- a/makefu/1systems/x/x13/input.nix +++ b/makefu/1systems/x/x13/input.nix @@ -1,3 +1,4 @@ +{ pkgs, lib, ... }: { # current issues: # 1. for pressing insert hold shift+fn+Fin @@ -9,5 +10,37 @@ xinput set-prop "ETPS/2 Elantech TrackPoint" "Evdev Wheel Emulation Axes" 6 7 4 5 # configure timeout of pressing and holding middle button # xinput set-int-prop "ETPS/2 Elantech TrackPoint" "Evdev Wheel Emulation Timeout" 8 200 + xinput disable 'ETPS/2 Elantech Touchpad' ''; + boot.kernelParams = [ + #"psmouse.proto=imps" + #"psmouse.proto=bare" + #"psmouse.resetafter=0" + "psmouse.synaptics_intertouch=1" # echo 1 > /sys/devices/platform/i8042/serio1/reg_07 + ]; + + programs.light.enable = true; + services.actkbd = { + enable = true; + bindings = [ + { keys = [ 225 ]; events = [ "key" ]; command = "${pkgs.light}/bin/light -A 10"; } # fn - F5 + { keys = [ 224 ]; events = [ "key" ]; command = "${pkgs.light}/bin/light -U 10"; } # fn - F6 + # fn - 4 => suspend + # fn - d => lcdshadow + { keys = [ 227 ]; events = [ "key" ]; command = builtins.toString ( # fn - F7 + pkgs.writers.writeDash "toggle_touchpad" '' + PATH=${lib.makeBinPath [ pkgs.xorg.xinput pkgs.gnugrep ]} + DISPLAY=:0 + export DISPLAY PATH + + device=$(xinput list --name-only | grep Touchpad) + if [ "$(xinput list-props "$device" | grep -P ".*Device Enabled.*\K.(?=$)" -o)" -eq 1 ];then + xinput disable "$device" + else + xinput enable "$device" + fi + ''); + } + ]; + }; } diff --git a/makefu/2configs/backup/server.nix b/makefu/2configs/backup/server.nix index f157e715f..26e53b8c3 100644 --- a/makefu/2configs/backup/server.nix +++ b/makefu/2configs/backup/server.nix @@ -1,11 +1,19 @@ -{lib, ... }: +{lib,config, ... }: let hosts = lib.mapAttrsToList (f: _: lib.removeSuffix ".pub" f) (builtins.readDir ./ssh ); in { # TODO: for all enabled machines - services.borgbackup.repos = lib.genAttrs hosts (host: { - authorizedKeys = [ (builtins.readFile (./ssh + "/${host}.pub") ) ]; - path = "/var/lib/borgbackup/${host}"; - user = "borg-${host}"; - }) ; + options = { + makefu.backup.server.repo = lib.mkOption { + type = lib.types.str; + default = "/var/lib/borgbackup"; + }; + }; + config = { + services.borgbackup.repos = lib.genAttrs hosts (host: { + authorizedKeys = [ (builtins.readFile (./ssh + "/${host}.pub") ) ]; + path = "${config.makefu.backup.server.repo}/${host}"; + user = "borg-${host}"; + }) ; + }; } diff --git a/makefu/2configs/deployment/docker/etherpad.euer.krebsco.de.nix b/makefu/2configs/bgt/etherpad.euer.krebsco.de.nix index 172e69c4d..48b947c58 100644 --- a/makefu/2configs/deployment/docker/etherpad.euer.krebsco.de.nix +++ b/makefu/2configs/bgt/etherpad.euer.krebsco.de.nix @@ -6,7 +6,7 @@ in { services.nginx.virtualHosts."etherpad.euer.krebsco.de" = { # useACMEHost = "euer.krebsco.de"; extraConfig = '' - ssl_session_timeout 5m; + ssl_session_timeout 30m; ''; enableACME = true; forceSSL = true; @@ -27,7 +27,7 @@ in { # WebSocket proxying - from https://nginx.org/en/docs/http/websocket.html proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; - proxy_read_timeout 61s; + proxy_read_timeout 1799s; ''; }; docker-containers."etherpad-lite" = { diff --git a/makefu/2configs/bgt/social-to-irc.nix b/makefu/2configs/bgt/social-to-irc.nix new file mode 100644 index 000000000..ce89451c1 --- /dev/null +++ b/makefu/2configs/bgt/social-to-irc.nix @@ -0,0 +1,32 @@ +{ + # systemd.services.brockman.environment."BROCKMAN_LOG_LEVEL" = "DEBUG"; + krebs.brockman = { + enable = true; + config = { + channel = "#binaergewitter"; + irc = { + host = "irc.freenode.net"; + port = 6667; + }; + #controller = { + # nick = "brockman-systemdultras"; + # channels = []; + #}; + bots = { + bgt-mastodon-rss = { + feed = "https://jit.social/users/binaergewitter.rss"; + channels = [ "#binaergewitter" ]; + delay = 180; + notifyErrors = false; + }; + bgt-blog-rss = { + feed = "https://blog.binaergewitter.de/rss.xml"; + channels = [ "#binaergewitter" ]; + delay = 180; + notifyErrors = false; + }; + }; + }; + + }; +} diff --git a/makefu/2configs/deployment/docker/template.md b/makefu/2configs/bgt/template.md index e53bad7e8..e53bad7e8 100644 --- a/makefu/2configs/deployment/docker/template.md +++ b/makefu/2configs/bgt/template.md diff --git a/makefu/2configs/binary-cache/server.nix b/makefu/2configs/binary-cache/server.nix index 1d729b9bb..2e05fd52e 100644 --- a/makefu/2configs/binary-cache/server.nix +++ b/makefu/2configs/binary-cache/server.nix @@ -5,6 +5,7 @@ # nix-store --generate-binary-cache-key gum nix-serve.key nix-serve.pub services.nix-serve = { enable = true; + port = 5001; secretKeyFile = config.krebs.secret.files.nix-serve-key.path; }; diff --git a/makefu/2configs/bureautomation/automation/philosophische-tuer.nix b/makefu/2configs/bureautomation/automation/philosophische-tuer.nix new file mode 100644 index 000000000..9ccb81348 --- /dev/null +++ b/makefu/2configs/bureautomation/automation/philosophische-tuer.nix @@ -0,0 +1,108 @@ +{ config, pkgs, lib, ... }: + +let + short_threshold = 30; #seconds + long_threshold = 30; #minutes + sensor = "binary_sensor.buerotuer_contact"; + + # get the list of all + name = "tueraudio"; + prefix = "http://localhost:8123/local/${name}"; + audiodir = "${config.services.home-assistant.configDir}/www/${name}"; + recordrepo = pkgs.fetchFromGitHub { + owner = "makefu"; + repo = "philosophische_tuer"; + rev = "17544c6"; + sha256 = "0bm0697fyf6s05c6yw6y25cyck04rlxj1dgazkq8mfqk6756v2bq"; + }; + samples = user: lib.mapAttrsToList + (file: _: ''"${prefix}/${name}/${user}/${file}"'') + (builtins.readDir (toString ( recordrepo+ "/recordings/${user}"))); + random_tuerspruch = ''{{'' + (lib.concatStringsSep "," ((samples "Felix") ++ (samples "Sofia") ++ (samples "Markus"))) + ''| random}}''; # TODO read from derivation +in +{ + systemd.tmpfiles.rules = [ + "d ${audiodir} - hass hass - -" + ]; + + systemd.services.copy-philosophische-tuersounds = { + description = "copy philosophische tuer"; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + Type = "oneshot"; + User = "hass"; + WorkingDirectory = audiodir; + ExecStart = pkgs.writeDash "update-samples" '' + cp -vr ${recordrepo} ${audiodir} + ''; + }; + }; + + services.home-assistant.config.media_extractor = { }; + services.home-assistant.config.script."philosophische_tuer" = { + alias = "Durchsage der philosophischen Tür"; + sequence = [ + { service = "media_player.play_media"; + data = { + entity_id = "media_player.mpd"; + media_content_type = "playlist"; + media_content_id = "ansage"; + }; + } + { delay.seconds = 5; } + { service = "media_extractor.play_media"; + entity_id = "media_player.mpd"; + data_template = { + media_content_id = random_tuerspruch; + media_content_type = "MUSIC"; + }; + } + ]; + }; + services.home-assistant.config.automation = + [ + { + alias = "Tür offen seit ${toString short_threshold} sekunden"; + trigger = + { platform = "state"; + entity_id = sensor; + to = "on"; + for.seconds = 60; + }; + condition = { }; + + action = [ + { service = "homeassistant.turn_on"; + entity_id = [ + "script.philosophische_tuer" + ]; + } + ]; + } + { + alias = "Tür offen seit ${toString long_threshold} minuten"; + trigger = + { platform = "state"; + entity_id = sensor; + to = "on"; + for.minutes = long_threshold; + }; + condition = { }; + + action = [ + { service = "homeassistant.turn_on"; + entity_id = [ + "script.philosophische_tuer" + ]; + } + { service = "tts.google_say"; + entity_id = "media_player.mpd"; + data_template = { + message = "BEEP BOOP - Die Tür ist schon seit ${toString long_threshold} Minuten offen! Student Nummer {{ range(1,500) | random }}, bitte schliesse die Tür"; + language = "de"; + }; + } + ]; + } + ]; +} diff --git a/makefu/2configs/bureautomation/default.nix b/makefu/2configs/bureautomation/default.nix index 7e8b6a4d3..7ac90f5c5 100644 --- a/makefu/2configs/bureautomation/default.nix +++ b/makefu/2configs/bureautomation/default.nix @@ -1,12 +1,15 @@ { config, pkgs, lib, ... }: let kodi-host = "192.168.8.11"; + unstable = import <nixpkgs-unstable> {}; in { imports = [ ./ota.nix ./comic-updater.nix ./puppy-proxy.nix + ./zigbee2mqtt + # hass config ## complex configs ./multi/daily-standup.nix @@ -39,15 +42,22 @@ in { ./automation/bureau-shutdown.nix ./automation/nachtlicht.nix ./automation/schlechteluft.nix + ./automation/philosophische-tuer.nix ./automation/hass-restart.nix ./device_tracker/openwrt.nix ./person/team.nix ]; + networking.firewall.allowedTCPPorts = [ 8123 ]; state = [ "/var/lib/hass/known_devices.yaml" ]; services.home-assistant = { enable = true; + package = (unstable.home-assistant.overrideAttrs (old: { + doInstallCheck = false; + })).override { + extraPackages = p: [ p.APScheduler ]; + }; autoExtraComponents = true; config = { config = {}; diff --git a/makefu/2configs/ham/zigbee2mqtt/default.nix b/makefu/2configs/bureautomation/zigbee2mqtt/default.nix index a75075273..ba10ae74b 100644 --- a/makefu/2configs/ham/zigbee2mqtt/default.nix +++ b/makefu/2configs/bureautomation/zigbee2mqtt/default.nix @@ -12,13 +12,18 @@ in services.zigbee2mqtt = { enable = true; inherit dataDir; + config = { + permit_join = true; + serial.port = "/dev/cc2531"; + homeassistant = true; + }; }; - state = [ "${dataDir}/configuration.yaml" "${dataDir}/state.json" ]; + state = [ "${dataDir}/devices.yaml" "${dataDir}/state.json" ]; systemd.services.zigbee2mqtt = { # override automatic configuration.yaml deployment - serviceConfig.ExecStartPre = lib.mkForce "${pkgs.coreutils}/bin/true"; + environment.ZIGBEE2MQTT_DATA = dataDir; after = [ "home-assistant.service" "mosquitto.service" diff --git a/makefu/2configs/ham/zigbee2mqtt/hass.nix b/makefu/2configs/bureautomation/zigbee2mqtt/hass.nix index faf864ba6..faf864ba6 100644 --- a/makefu/2configs/ham/zigbee2mqtt/hass.nix +++ b/makefu/2configs/bureautomation/zigbee2mqtt/hass.nix diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix index 695e8fee6..be64e402e 100644 --- a/makefu/2configs/default.nix +++ b/makefu/2configs/default.nix @@ -57,6 +57,7 @@ with import <stockholm/lib>; environment.shellAliases = { # TODO: see .aliases lsl = "ls -lAtr"; + ip = "ip -c -br"; dmesg = "dmesg -L --reltime"; psg = "ps -ef | grep"; nmap = "nmap -oN $HOME/loot/scan-`date +\%s`.nmap -oX $HOME/loot/scan-`date +%s`.xml"; diff --git a/makefu/2configs/gui/wbob-kiosk.nix b/makefu/2configs/gui/wbob-kiosk.nix index 1a5e6d04f..2f6a26d82 100644 --- a/makefu/2configs/gui/wbob-kiosk.nix +++ b/makefu/2configs/gui/wbob-kiosk.nix @@ -10,13 +10,14 @@ }; services.xserver = { - windowManager = lib.mkForce { - awesome.enable = false; - }; - desktopManager.xfce = { + windowManager = lib.mkForce { awesome.enable = false; }; + displayManager.gdm.enable = true; + displayManager.autoLogin = { enable = true; + user = "makefu"; }; - displayManager.defaultSession = "xfce"; + displayManager.defaultSession = "gnome"; + desktopManager.gnome3.enable = true; displayManager.sessionCommands = '' ${pkgs.xlibs.xset}/bin/xset -display :0 s off -dpms ${pkgs.xlibs.xrandr}/bin/xrandr --output HDMI2 --right-of HDMI1 @@ -25,6 +26,10 @@ # prevent screen from turning off, disable dpms }; + + environment.systemPackages = [ pkgs.gnomeExtensions.appindicator ]; + services.dbus.packages = with pkgs; [ gnome2.GConf gnome3.gnome-settings-daemon ]; + systemd.services.xset-off = { after = [ "display-manager.service" ]; wantedBy = [ "multi-user.target" ]; diff --git a/makefu/2configs/home/airsonic.nix b/makefu/2configs/home/airsonic.nix new file mode 100644 index 000000000..15e77438d --- /dev/null +++ b/makefu/2configs/home/airsonic.nix @@ -0,0 +1,29 @@ +{ config, ... }: +let + internal-ip = "192.168.1.11"; + port = 4040; +in +{ + # networking.firewall.allowedTCPPorts = [ 4040 ]; + services.airsonic = { + enable = true; + listenAddress = "0.0.0.0"; + inherit port; + }; + state = [ config.services.airsonic.home ]; + services.nginx.virtualHosts."airsonic" = { + serverAliases = [ + "airsonic.lan" + "music" "music.lan" + "musik" "musik.lan" + ]; + + locations."/".proxyPass = "http://localhost:${toString port}"; + locations."/".proxyWebsockets = true; + extraConfig = '' + if ( $server_addr != "${internal-ip}" ) { + return 403; + } + ''; + }; +} diff --git a/makefu/2configs/home/ham/automation/fenster_auf.nix b/makefu/2configs/home/ham/automation/fenster_auf.nix new file mode 100644 index 000000000..ccebd5b00 --- /dev/null +++ b/makefu/2configs/home/ham/automation/fenster_auf.nix @@ -0,0 +1,33 @@ +let + min = 20; + fenster_offen = name: entity: + { alias = "${name} seit ${toString min} Minuten offen"; + trigger = [ + { + platform = "state"; + entity_id = entity; + to = "on"; + for.minutes = min; + } + ]; + action = + [ + { + service = "notify.firetv_wohnzimmer"; + data = { + title = "${name} seit ${toString min} Minuten offen"; + message = "Bitte einmal checken ob das ok ist :)"; + data = { + interrupt = 1; + duration = 300; + }; + }; + } + ]; + }; +in { + services.home-assistant.config.automation = [ + (fenster_offen "Badezimmerfenster" "binary_sensor.badezimmer_fenster_contact") + (fenster_offen "Duschfenster" "binary_sensor.dusche_fenster_contact") + ]; +} diff --git a/makefu/2configs/ham/automation/firetv_restart.nix b/makefu/2configs/home/ham/automation/firetv_restart.nix index 12e0e845a..12e0e845a 100644 --- a/makefu/2configs/ham/automation/firetv_restart.nix +++ b/makefu/2configs/home/ham/automation/firetv_restart.nix diff --git a/makefu/2configs/ham/automation/giesskanne.nix b/makefu/2configs/home/ham/automation/giesskanne.nix index 4b0fb61dd..4b0fb61dd 100644 --- a/makefu/2configs/ham/automation/giesskanne.nix +++ b/makefu/2configs/home/ham/automation/giesskanne.nix diff --git a/makefu/2configs/ham/automation/light_buttons.nix b/makefu/2configs/home/ham/automation/light_buttons.nix index 32d134ecc..32d134ecc 100644 --- a/makefu/2configs/ham/automation/light_buttons.nix +++ b/makefu/2configs/home/ham/automation/light_buttons.nix diff --git a/makefu/2configs/ham/automation/moodlight.nix b/makefu/2configs/home/ham/automation/moodlight.nix index d0e336851..d0e336851 100644 --- a/makefu/2configs/ham/automation/moodlight.nix +++ b/makefu/2configs/home/ham/automation/moodlight.nix diff --git a/makefu/2configs/ham/automation/urlaub.nix b/makefu/2configs/home/ham/automation/urlaub.nix index a6b9be96f..a6b9be96f 100644 --- a/makefu/2configs/ham/automation/urlaub.nix +++ b/makefu/2configs/home/ham/automation/urlaub.nix diff --git a/makefu/2configs/ham/automation/wohnzimmer_rf_fernbedienung.nix b/makefu/2configs/home/ham/automation/wohnzimmer_rf_fernbedienung.nix index 4303cdfa5..4303cdfa5 100644 --- a/makefu/2configs/ham/automation/wohnzimmer_rf_fernbedienung.nix +++ b/makefu/2configs/home/ham/automation/wohnzimmer_rf_fernbedienung.nix diff --git a/makefu/2configs/ham/calendar/nextcloud.nix b/makefu/2configs/home/ham/calendar/nextcloud.nix index 80e51b348..80e51b348 100644 --- a/makefu/2configs/ham/calendar/nextcloud.nix +++ b/makefu/2configs/home/ham/calendar/nextcloud.nix diff --git a/makefu/2configs/ham/default.nix b/makefu/2configs/home/ham/default.nix index d610fa5c1..e164b177f 100644 --- a/makefu/2configs/ham/default.nix +++ b/makefu/2configs/home/ham/default.nix @@ -7,10 +7,15 @@ let prefix = (import ./lib).prefix; firetv_stick = "192.168.1.24"; hassdir = "/var/lib/hass"; + unstable = import <nixpkgs-unstable> {}; + + in { imports = [ + ./nginx.nix ./mqtt.nix - ./zigbee2mqtt/default.nix + ./zigbee2mqtt + ./signal-rest # hass config ./zigbee2mqtt/hass.nix @@ -25,11 +30,13 @@ in { ./calendar/nextcloud.nix + ./automation/fenster_auf.nix ./automation/firetv_restart.nix ./automation/light_buttons.nix ./automation/wohnzimmer_rf_fernbedienung.nix ./automation/giesskanne.nix - ./automation/urlaub.nix + #./automation/urlaub.nix + ./automation/moodlight.nix ./light/arbeitszimmer.nix ./light/schlafzimmer.nix @@ -37,6 +44,15 @@ in { ]; services.home-assistant = { + package = (unstable.home-assistant.overrideAttrs (old: { + doInstallCheck = false; + })).override { + extraPackages = p: [ + (p.callPackage ./deps/dwdwfsapi.nix {}) + (p.callPackage ./deps/pykodi.nix {}) + p.APScheduler ]; + }; + config = { influxdb = { database = "ham"; @@ -53,6 +69,13 @@ in { latitude = "48.7687"; longitude = "9.2478"; elevation = 247; + auth_providers = [ + { type = "trusted_networks"; + trusted_networks = [ "192.168.1.0/24" ]; + allow_bypass_login = true; + } + { type = "homeassistant"; } + ]; }; discovery = {}; conversation = {}; @@ -72,33 +95,39 @@ in { api = {}; esphome = {}; camera = []; - telegram_bot = [ - # secrets file: { - # "platform": "broadcast", - # "api_key": "", # talk to Botfather /newbot - # "allowed_chat_ids": [ ID ] # curl -X GET # https://api.telegram.org/bot<YOUR_API_TOKEN>/getUpdates - # } - (builtins.fromJSON - (builtins.readFile <secrets/hass/telegram-bot.json>)) - ]; + #telegram_bot = [ + # # secrets file: { + # # "platform": "broadcast", + # # "api_key": "", # talk to Botfather /newbot + # # "allowed_chat_ids": [ ID ] # curl -X GET # https://api.telegram.org/bot<YOUR_API_TOKEN>/getUpdates + # # } + # (builtins.fromJSON + # (builtins.readFile <secrets/hass/telegram-bot.json>)) + #]; notify = [ { platform = "kodi"; - name = "wohnzimmer"; + name = "Kodi Wohnzimmer"; host = firetv_stick; } { - platform = "telegram"; - name = "telegrambot"; - chat_id = builtins.elemAt - (builtins.fromJSON (builtins.readFile - <secrets/hass/telegram-bot.json>)).allowed_chat_ids 0; - } + platform = "nfandroidtv"; + name = "FireTV Wohnzimmer"; + host = firetv_stick; + } + #{ + # platform = "telegram"; + # name = "telegrambot"; + # chat_id = builtins.elemAt + # (builtins.fromJSON (builtins.readFile + # <secrets/hass/telegram-bot.json>)).allowed_chat_ids 0; + #} ]; sun.elevation = 247; recorder = {}; media_player = [ - { platform = "FireTV Stick kodi"; + { platform = "kodi"; + name = "FireTV Stick kodi"; host = firetv_stick; } { platform = "androidtv"; @@ -146,7 +175,12 @@ in { # https://www.home-assistant.io/cookbook/automation_for_rainy_days/ ]; frontend = { }; - http = { }; + http = { + use_x_forwarded_for = true; + server_host = "127.0.0.1"; + trusted_proxies = [ "127.0.0.1" ]; + #trusted_proxies = [ "192.168.1.0/24" ]; + }; switch = []; automation = []; script = { }; diff --git a/makefu/2configs/ham/deps/dwdwfsapi.nix b/makefu/2configs/home/ham/deps/dwdwfsapi.nix index d59dfa9e8..d59dfa9e8 100644 --- a/makefu/2configs/ham/deps/dwdwfsapi.nix +++ b/makefu/2configs/home/ham/deps/dwdwfsapi.nix diff --git a/makefu/2configs/ham/deps/pykodi.nix b/makefu/2configs/home/ham/deps/pykodi.nix index 85a541f8a..85a541f8a 100644 --- a/makefu/2configs/ham/deps/pykodi.nix +++ b/makefu/2configs/home/ham/deps/pykodi.nix diff --git a/makefu/2configs/ham/device_tracker/openwrt.nix b/makefu/2configs/home/ham/device_tracker/openwrt.nix index 0a34f702a..0a34f702a 100644 --- a/makefu/2configs/ham/device_tracker/openwrt.nix +++ b/makefu/2configs/home/ham/device_tracker/openwrt.nix diff --git a/makefu/2configs/ham/lib/default.nix b/makefu/2configs/home/ham/lib/default.nix index 45c86138b..45c86138b 100644 --- a/makefu/2configs/ham/lib/default.nix +++ b/makefu/2configs/home/ham/lib/default.nix diff --git a/makefu/2configs/ham/light/arbeitszimmer.nix b/makefu/2configs/home/ham/light/arbeitszimmer.nix index bc60678b3..bc60678b3 100644 --- a/makefu/2configs/ham/light/arbeitszimmer.nix +++ b/makefu/2configs/home/ham/light/arbeitszimmer.nix diff --git a/makefu/2configs/ham/light/schlafzimmer.nix b/makefu/2configs/home/ham/light/schlafzimmer.nix index e5370e3f8..e5370e3f8 100644 --- a/makefu/2configs/ham/light/schlafzimmer.nix +++ b/makefu/2configs/home/ham/light/schlafzimmer.nix diff --git a/makefu/2configs/ham/light/wohnzimmer.nix b/makefu/2configs/home/ham/light/wohnzimmer.nix index bc9c2778a..bc9c2778a 100644 --- a/makefu/2configs/ham/light/wohnzimmer.nix +++ b/makefu/2configs/home/ham/light/wohnzimmer.nix diff --git a/makefu/2configs/ham/mqtt.nix b/makefu/2configs/home/ham/mqtt.nix index cd1c328d7..cd1c328d7 100644 --- a/makefu/2configs/ham/mqtt.nix +++ b/makefu/2configs/home/ham/mqtt.nix diff --git a/makefu/2configs/ham/multi/fliegen-couter.nix b/makefu/2configs/home/ham/multi/fliegen-couter.nix index 5b8abb2ff..5b8abb2ff 100644 --- a/makefu/2configs/ham/multi/fliegen-couter.nix +++ b/makefu/2configs/home/ham/multi/fliegen-couter.nix diff --git a/makefu/2configs/ham/multi/flurlicht.nix b/makefu/2configs/home/ham/multi/flurlicht.nix index 25eb78b7f..25eb78b7f 100644 --- a/makefu/2configs/ham/multi/flurlicht.nix +++ b/makefu/2configs/home/ham/multi/flurlicht.nix diff --git a/makefu/2configs/ham/multi/kurzzeitwecker.nix b/makefu/2configs/home/ham/multi/kurzzeitwecker.nix index bd81465cb..bd81465cb 100644 --- a/makefu/2configs/ham/multi/kurzzeitwecker.nix +++ b/makefu/2configs/home/ham/multi/kurzzeitwecker.nix diff --git a/makefu/2configs/ham/multi/the_playlist.nix b/makefu/2configs/home/ham/multi/the_playlist.nix index 0d714ea44..0d714ea44 100644 --- a/makefu/2configs/ham/multi/the_playlist.nix +++ b/makefu/2configs/home/ham/multi/the_playlist.nix diff --git a/makefu/2configs/home/ham/nginx.nix b/makefu/2configs/home/ham/nginx.nix new file mode 100644 index 000000000..e166b2a4b --- /dev/null +++ b/makefu/2configs/home/ham/nginx.nix @@ -0,0 +1,15 @@ +let + internal-ip = "192.168.1.11"; +in { + services.nginx.recommendedProxySettings = true; + services.nginx.virtualHosts."hass" = { + serverAliases = [ "hass.lan" "ha" "ha.lan" ]; + locations."/".proxyPass = "http://localhost:8123"; + locations."/".proxyWebsockets = true; + extraConfig = '' + if ( $server_addr != "${internal-ip}" ) { + return 403; + } + ''; + }; +} diff --git a/makefu/2configs/ham/sensor/outside.nix b/makefu/2configs/home/ham/sensor/outside.nix index 332746be8..332746be8 100644 --- a/makefu/2configs/ham/sensor/outside.nix +++ b/makefu/2configs/home/ham/sensor/outside.nix diff --git a/makefu/2configs/home/ham/signal-rest/default.nix b/makefu/2configs/home/ham/signal-rest/default.nix new file mode 100644 index 000000000..250a3596d --- /dev/null +++ b/makefu/2configs/home/ham/signal-rest/default.nix @@ -0,0 +1,18 @@ + +let + port = 8631; + image = "bbernhard/signal-cli-rest-api:latest"; + config = "/var/lib/signal-cli-config"; +in { + systemd.tmpfiles.rules = [ + "d ${config} docker docker - -" + ]; + state = [ config ]; + virtualisation.oci-containers.containers.signal-rest = { + image = image; + ports = [ "127.0.0.1:${toString port}:8080" ]; + volumes = [ + "${config}:/home/.local/share/signal-cli" + ]; + }; +} diff --git a/makefu/2configs/home/ham/zigbee2mqtt/default.nix b/makefu/2configs/home/ham/zigbee2mqtt/default.nix new file mode 100644 index 000000000..6ccf8b241 --- /dev/null +++ b/makefu/2configs/home/ham/zigbee2mqtt/default.nix @@ -0,0 +1,91 @@ +{config, pkgs, lib, ...}: + +let + dataDir = "/var/lib/zigbee2mqtt"; + sec = import <secrets/zigbee2mqtt.nix>; + internal-ip = "192.168.1.11"; + webport = 8521; +in + { + # symlink the zigbee controller + #services.udev.extraRules = '' + # SUBSYSTEM=="tty", ATTRS{idVendor}=="0451", ATTRS{idProduct}=="16a8", SYMLINK+="cc2531", MODE="0660", GROUP="dialout" + #''; + + # /dev/serial/by-id/usb-Silicon_Labs_slae.sh_cc2652rb_stick_-_slaesh_s_iot_stuff_00_12_4B_00_21_CC_45_BD-if00-port0 + services.udev.extraRules = '' + SUBSYSTEM=="tty", ATTRS{idVendor}=="10c4", ATTRS{idProduct}=="ea60", SYMLINK+="cc2531", MODE="0660", GROUP="dialout" + ''; + + services.zigbee2mqtt = { + enable = true; + inherit dataDir; + config = { + permit_join = true; + serial.port = "/dev/cc2531"; + homeassistant = true; + mqtt = { + server = "mqtt://omo.lan:1883"; + base_topic = "/ham/zigbee"; + user = sec.mqtt.username; + password = sec.mqtt.password; + include_device_information = true; + client_id = "zigbee2mqtt"; + }; + frontend = { + port = webport; + }; + advanced = { + log_level = "debug"; + log_output = [ "console" ]; + last_seen = "ISO_8601"; + elapsed = true; + reporting = true; # TODO test if it is better with groups + pan_id = 6755; + inherit (sec.zigbee) network_key; + }; + map_options.graphviz.colors = { + fill = { + enddevice = "#fff8ce" ; + coordinator = "#e04e5d"; + router = "#4ea3e0"; + }; + font = { + coordinator= "#ffffff"; + router = "#ffffff"; + enddevice = "#000000"; + }; + line = { + active = "#009900"; + inactive = "#994444"; + }; + }; + }; + }; + + services.nginx.recommendedProxySettings = true; + services.nginx.virtualHosts."zigbee" = { + serverAliases = [ "zigbee.lan" ]; + locations."/".proxyPass = "http://localhost:${toString webport}"; + locations."/api".proxyPass = "http://localhost:${toString webport}"; + locations."/api".proxyWebsockets = true; + extraConfig = '' + if ( $server_addr != "${internal-ip}" ) { + return 403; + } + ''; + }; + + state = [ "${dataDir}/devices.yaml" "${dataDir}/state.json" ]; + + systemd.services.zigbee2mqtt = { + # override automatic configuration.yaml deployment + environment.ZIGBEE2MQTT_DATA = dataDir; + #serviceConfig.ExecStartPre = lib.mkForce "${pkgs.coreutils}/bin/true"; + after = [ + "home-assistant.service" + "mosquitto.service" + "network-online.target" + ]; + }; +} diff --git a/makefu/2configs/home/ham/zigbee2mqtt/hass.nix b/makefu/2configs/home/ham/zigbee2mqtt/hass.nix new file mode 100644 index 000000000..faf864ba6 --- /dev/null +++ b/makefu/2configs/home/ham/zigbee2mqtt/hass.nix @@ -0,0 +1,130 @@ +# provides: +# switch +# automation +# binary_sensor +# sensor +# input_select +# timer +let + inherit (import ../lib) zigbee; + prefix = zigbee.prefix; +in +{ + services.home-assistant.config = { + sensor = + + [ + # Sensor for monitoring the bridge state + { + platform = "mqtt"; + name = "Zigbee2mqtt Bridge state"; + state_topic = "${prefix}/bridge/state"; + icon = "mdi:router-wireless"; + } + # Sensor for Showing the Zigbee2mqtt Version + { + platform = "mqtt"; + name = "Zigbee2mqtt Version"; + state_topic = "${prefix}/bridge/config"; + value_template = "{{ value_json.version }}"; + icon = "mdi:zigbee"; + } + # Sensor for Showing the Coordinator Version + { + platform = "mqtt"; + name = "Coordinator Version"; + state_topic = "${prefix}/bridge/config"; + value_template = "{{ value_json.coordinator }}"; + icon = "mdi:chip"; + } + ]; + switch = [ + { + platform = "mqtt"; + name = "Zigbee2mqtt Main join"; + state_topic = "${prefix}/bridge/config/permit_join"; + command_topic = "${prefix}/bridge/config/permit_join"; + payload_on = "true"; + payload_off = "false"; + } + ]; + automation = [ + { + alias = "Zigbee2mqtt Log Level"; + initial_state = "on"; + trigger = { + platform = "state"; + entity_id = "input_select.zigbee2mqtt_log_level"; + }; + action = [ + { + service = "mqtt.publish"; + data = { + payload_template = "{{ states('input_select.zigbee2mqtt_log_level') }}"; + topic = "${prefix}/bridge/config/log_level"; + }; + } + ]; + } + # Automation to start timer when enable join is turned on + { + id = "zigbee_join_enabled"; + alias = "Zigbee Join Enabled"; + trigger = + { + platform = "state"; + entity_id = "switch.zigbee2mqtt_main_join"; + to = "on"; + }; + action = + { + service = "timer.start"; + entity_id = "timer.zigbee_permit_join"; + }; + } + # # Automation to stop timer when switch turned off and turn off switch when timer finished + { + id = "zigbee_join_disabled"; + alias = "Zigbee Join Disabled"; + trigger = [ + { + platform = "event"; + event_type = "timer.finished"; + event_data.entity_id = "timer.zigbee_permit_join"; + } + { + platform = "state"; + entity_id = "switch.zigbee2mqtt_main_join"; + to = "off"; + } + ]; + action = [ + { service = "timer.cancel"; + data.entity_id = "timer.zigbee_permit_join"; + } + { service = "switch.turn_off"; + entity_id = "switch.zigbee2mqtt_main_join"; + } + ]; + } + ]; + input_select.zigbee2mqtt_log_level = + { + name = "Zigbee2mqtt Log Level"; + options = [ + "debug" + "info" + "warn" + "error" + ]; + initial = "info"; + icon = "mdi:format-list-bulleted"; + }; + + timer.zigbee_permit_join = + { + name = "Zigbee Time remaining"; + duration = 120; + }; + }; +} diff --git a/makefu/2configs/ham/zigbee2mqtt/osram.nix b/makefu/2configs/home/ham/zigbee2mqtt/osram.nix index d1bf2b296..d1bf2b296 100644 --- a/makefu/2configs/ham/zigbee2mqtt/osram.nix +++ b/makefu/2configs/home/ham/zigbee2mqtt/osram.nix diff --git a/makefu/2configs/home/metube.nix b/makefu/2configs/home/metube.nix new file mode 100644 index 000000000..c872bea08 --- /dev/null +++ b/makefu/2configs/home/metube.nix @@ -0,0 +1,35 @@ +{ pkgs, lib, ...}: +# docker run -d -p 8081:8081 -v /path/to/downloads:/downloads --user 1001:1001 alexta69/metube +with import <stockholm/lib>; +let + port = "2348"; + dl-dir = "/media/cryptX/youtube/music"; + uid = 20421; + internal-ip = "192.168.1.11"; +in + { + systemd.tmpfiles.rules = [ + "d ${dl-dir} metube nogroup - -" + ]; + virtualisation.oci-containers.backend = "docker"; + + services.nginx.virtualHosts."tube" = { + serverAliases = [ "tube.lan" ]; + locations."/".proxyPass = "http://localhost:${port}"; + }; + + virtualisation.oci-containers.containers.metube = { + image = "alexta69/metube:latest"; + ports = [ "${port}:8081" ]; + volumes = [ + "${dl-dir}:/downloads" + ]; + user = "metube"; + }; + users.users.metube.uid = uid; + + systemd.services.docker-metube.serviceConfig = { + StandardOutput = lib.mkForce "journal"; + StandardError = lib.mkForce "journal"; + }; +} diff --git a/makefu/2configs/home/photoprism.nix b/makefu/2configs/home/photoprism.nix new file mode 100644 index 000000000..ef4200576 --- /dev/null +++ b/makefu/2configs/home/photoprism.nix @@ -0,0 +1,147 @@ +{ pkgs, lib, ...}: +# Start | docker-compose up -d +# Stop | docker-compose stop +# Update | docker-compose pull +# Logs | docker-compose logs --tail=25 -f +# Terminal | docker-compose exec photoprism bash +# Help | docker-compose exec photoprism photoprism help +# Config | docker-compose exec photoprism photoprism config +# Reset | docker-compose exec photoprism photoprism reset +# Backup | docker-compose exec photoprism photoprism backup -a -i +# Restore | docker-compose exec photoprism photoprism restore -a -i +# Index | docker-compose exec photoprism photoprism index +# Reindex | docker-compose exec photoprism photoprism index -a +# Import | docker-compose exec photoprism photoprism import +# ------------------------------------------------------------------- +let + port = "2347"; + photodir = "/media/cryptX/photos"; + statedir = "/media/cryptX/lib/photoprism/appsrv"; + db-dir = "/media/cryptX/lib/photoprism/mysql"; + internal-ip = "192.168.1.11"; + sec = import <secrets/photoprism.nix>; +in +{ + virtualisation.oci-containers.backend = "docker"; + + services.nginx.virtualHosts."photos" = { + serverAliases = [ + "photos.lan" + "foto" "foto.lan" + "fotos" "fotos.lan" + ]; + + locations."/".proxyPass = "http://localhost:${port}"; + locations."/".proxyWebsockets = true; + extraConfig = '' + if ( $server_addr != "${internal-ip}" ) { + return 403; + } + ''; + }; + + systemd.services.workadventure-network = { + enable = true; + wantedBy = [ "multi-user.target" ]; + script = '' + ${pkgs.docker}/bin/docker network create --driver bridge photoprism ||: + ''; + after = [ "docker" ]; + before = [ + "docker-photoprism.service" + "docker-mysql-photoprism.service" + ]; + }; + + + virtualisation.oci-containers.containers.photoprism = { + image = "photoprism/photoprism:preview"; + ports = ["${port}:${port}" ]; + volumes = [ + "${photodir}:/photoprism/originals" + "${statedir}:/photoprism/storage" + ]; + extraOptions = [ + "--security-opt" "seccomp=unconfined" + "--security-opt" "apparmor=unconfined" + "--network=photoprism" + ]; + environment = { + PHOTOPRISM_HTTP_PORT = port; # Built-in Web server port + PHOTOPRISM_HTTP_COMPRESSION = "gzip"; # Improves transfer speed and bandwidth utilization (none or gzip) + PHOTOPRISM_DEBUG = "false"; # Run in debug mode (shows additional log messages) + PHOTOPRISM_PUBLIC = "true"; # No authentication required (disables password protection) + PHOTOPRISM_READONLY = "false"; # Don't modify originals directory (reduced functionality) + PHOTOPRISM_EXPERIMENTAL = "true"; # Enables experimental features + PHOTOPRISM_DISABLE_WEBDAV = "false"; # Disables built-in WebDAV server + PHOTOPRISM_DISABLE_SETTINGS = "false"; # Disables Settings in Web UI + PHOTOPRISM_DISABLE_TENSORFLOW = "false"; # Disables using TensorFlow for image classification + PHOTOPRISM_DARKTABLE_PRESETS = "false"; # Enables Darktable presets and disables concurrent RAW conversion + PHOTOPRISM_DETECT_NSFW = "false"; # Flag photos as private that MAY be offensive (requires TensorFlow) + PHOTOPRISM_UPLOAD_NSFW = "true"; # Allow uploads that MAY be offensive + + #PHOTOPRISM_DATABASE_DRIVER = "postgres"; + #PHOTOPRISM_DATABASE_SERVER = "postgres-prism:5432"; + #PHOTOPRISM_DATABASE_NAME = "photoprism"; + #PHOTOPRISM_DATABASE_USER = "photoprism"; + #PHOTOPRISM_DATABASE_PASSWORD = "photoprism"; + + PHOTOPRISM_DATABASE_DRIVER= "mysql"; # Use MariaDB (or MySQL) instead of SQLite for improved performance + PHOTOPRISM_DATABASE_SERVER= "mysql-photoprism:3306" ; # MariaDB database server (hostname:port) + PHOTOPRISM_DATABASE_NAME= "photoprism"; # MariaDB database schema name + PHOTOPRISM_DATABASE_USER= sec.db.username; # MariaDB database user name + PHOTOPRISM_DATABASE_PASSWORD= sec.db.password; # MariaDB database user password + + PHOTOPRISM_SITE_URL = "http://localhost:2342/"; # Public PhotoPrism URL + PHOTOPRISM_SITE_TITLE = "PhotoPrism"; + PHOTOPRISM_SITE_CAPTION = "FeMi Fotos"; + PHOTOPRISM_SITE_DESCRIPTION = "Unsere Fotos"; + PHOTOPRISM_SITE_AUTHOR = "FeMi"; + PHOTOPRISM_SPONSOR = "true"; + + }; + }; + + virtualisation.oci-containers.containers.mysql-photoprism = { + image = "mariadb:10.5"; + extraOptions = [ + "--security-opt" "seccomp=unconfined" + "--security-opt" "apparmor=unconfined" + "--network=photoprism" + ]; + ports = [ "3306:3306" ]; # no need to expose the database + #cmd = [ "mysqld" + # "--transaction-isolation=READ-COMMITTED" + # "--character-set-server=utf8mb4" + # "--collation-server=utf8mb4_unicode_ci" + # "--max-connections=512" + # "--innodb-rollback-on-timeout=OFF" + # "--innodb-lock-wait-timeout=50" + #]; + volumes= [ "${db-dir}:/var/lib/mysql" ]; + environment = { + MYSQL_ROOT_PASSWORD = "dickidibutt"; + MYSQL_DATABASE= "photoprism"; + MYSQL_USER = sec.db.username; + MYSQL_PASSWORD = sec.db.password; + }; + }; + #virtualisation.oci-containers.containers.postgres-prism = { + # image = "postgres:12-alpine"; + # ports = [ "5432" ]; # no need to expose the database + # environment = { + # POSTGRES_DB = "photoprism"; + # POSTGRES_USER = "photoprism"; + # POSTGRES_PASSWORD = "photoprism"; + # }; + #}; + + systemd.services.docker-photoprism.serviceConfig = { + StandardOutput = lib.mkForce "journal"; + StandardError = lib.mkForce "journal"; + }; + systemd.services.docker-mysql-photoprism.serviceConfig = { + StandardOutput = lib.mkForce "journal"; + StandardError = lib.mkForce "journal"; + }; +} diff --git a/makefu/2configs/hw/tp-x230.nix b/makefu/2configs/hw/tp-x230.nix index 37d1affb7..69fe7adce 100644 --- a/makefu/2configs/hw/tp-x230.nix +++ b/makefu/2configs/hw/tp-x230.nix @@ -1,6 +1,5 @@ { config, lib, pkgs, ... }: -with import <stockholm/lib>; { imports = [ ./tp-x2x0.nix <nixos-hardware/lenovo/thinkpad/x230> ]; @@ -11,6 +10,13 @@ with import <stockholm/lib>; # possible i915 powersave options: # options i915 enable_rc6=1 enable_fbc=1 semaphores=1 + boot.extraModprobeConfig = '' + options thinkpad_acpi fan_control=1 + options i915 enable_rc6=1 enable_fbc=1 semaphores=1 + ''; + + boot.initrd.availableKernelModules = [ "thinkpad_acpi" ]; + services.xserver.displayManager.sessionCommands ='' xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation" 8 1 xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Button" 8 2 diff --git a/makefu/2configs/hw/xmm7360.nix b/makefu/2configs/hw/xmm7360.nix new file mode 100644 index 000000000..951dcaa0b --- /dev/null +++ b/makefu/2configs/hw/xmm7360.nix @@ -0,0 +1,11 @@ +{ pkgs, config, ... }: +let + pkg = (pkgs.callPackage ../../5pkgs/xmm7360 { kernel = config.boot.kernelPackages.kernel; }); +in +{ + boot.extraModulePackages = [ + pkg + ]; + boot.initrd.availableKernelModules = [ "xmm7360" ]; + users.users.makefu.packages = [ pkg ]; +} diff --git a/makefu/2configs/printer.nix b/makefu/2configs/printer.nix index 6fd1c1858..7e29b1c6f 100644 --- a/makefu/2configs/printer.nix +++ b/makefu/2configs/printer.nix @@ -14,17 +14,17 @@ in { ]; }; - # scanners are printers just in reverse anyway - services.saned.enable = true; users.users."${mainUser}".extraGroups = [ "scanner" "lp" ]; + # scanners are printers just in reverse anyway + services.saned.enable = true; hardware.sane = { enable = true; extraBackends = [ ]; netConf = # drucker.lan SCX-3205W '' - 192.168.1.6'' + 192.168.1.16'' # uhrenkind.shack magicolor 1690mf + '' 10.42.20.30''; diff --git a/makefu/2configs/share/omo-client.nix b/makefu/2configs/share/omo-client.nix new file mode 100644 index 000000000..4ad32bdd6 --- /dev/null +++ b/makefu/2configs/share/omo-client.nix @@ -0,0 +1,28 @@ +{ config, lib, pkgs, ... }: + +let + automount_opts = + [ "x-systemd.automount" + "noauto" "x-systemd.idle-timeout=600" + "x-systemd.device-timeout=5s" + "x-systemd.mount-timeout=5s" + ]; + host = "omo.lan"; #TODO + path = "/media/omo/photos"; +in { + systemd.tmpfiles.rules = [ + "d ${path} root root - -" + ]; + fileSystems."${path}" = { + device = "//${host}/photos"; + fsType = "cifs"; + options = automount_opts ++ + [ "credentials=/var/src/secrets/omo-client.smb" + "file_mode=0775" + "dir_mode=0775" + "uid=9001" + "vers=3" + ]; + }; + +} diff --git a/makefu/2configs/stats/server.nix b/makefu/2configs/stats/server.nix index a2d0693ab..52fb28a03 100644 --- a/makefu/2configs/stats/server.nix +++ b/makefu/2configs/stats/server.nix @@ -27,6 +27,7 @@ in { http.suppress-write-log = true; data.trace-logging-enabled = false; data.query-log-enabled = false; + reporting-disabled = true; http.bind-address = ":${toString influx-port}"; admin.bind-address = ":8083"; diff --git a/makefu/2configs/storj/client.nix b/makefu/2configs/storj/client.nix new file mode 100644 index 000000000..e37e2ce23 --- /dev/null +++ b/makefu/2configs/storj/client.nix @@ -0,0 +1,27 @@ +{ lib, ... }: +{ + networking.firewall.allowedTCPPorts = [ 28967 ]; + virtualisation.oci-containers.containers.storj-storagenode = { + image = "storjlabs/storagenode:latest"; + ports = [ + # TODO: omo ip + "0.0.0.0:28967:28967" + "127.0.0.1:14002:14002" + ]; + environment = { + # SETUP = "true"; # must be run only once ... + WALLET = "0xeD0d2a2B33F6812b45d2D9FF7a139A3fF65a24C0"; + EMAIL = "storj.io@syntax-fehler.de"; + ADDRESS = "euer.krebsco.de:28967"; + STORAGE = "3TB"; + }; + volumes = [ + "/media/cryptX/lib/storj/identity:/app/identity" + "/media/cryptX/lib/storj/storage:/app/config" + ]; + }; + systemd.services.docker-storj-storagenode.serviceConfig = { + StandardOutput = lib.mkForce "journal"; + StandardError = lib.mkForce "journal"; + }; +} diff --git a/makefu/2configs/storj/forward-port.nix b/makefu/2configs/storj/forward-port.nix new file mode 100644 index 000000000..213f77470 --- /dev/null +++ b/makefu/2configs/storj/forward-port.nix @@ -0,0 +1,22 @@ +{ + networking.firewall.allowedTCPPorts = [ 28967 ]; + #networking.nat.forwardPorts = [ + # { # storj + # destination = "10.243.0.89:28967"; + # proto = "tcp"; + # sourcePort = 28967; + # } + #]; + services.nginx.appendConfig = '' + stream { + upstream storj { + server omo.r:28967; + } + + server { + listen 28967; + proxy_pass storj; + } + } + ''; +} diff --git a/makefu/2configs/systemdultras/ircbot.nix b/makefu/2configs/systemdultras/ircbot.nix index c5f1bbed2..3229d14f2 100644 --- a/makefu/2configs/systemdultras/ircbot.nix +++ b/makefu/2configs/systemdultras/ircbot.nix @@ -1,7 +1,9 @@ { + systemd.services.brockman.environment."BROCKMAN_LOG_LEVEL" = "DEBUG"; krebs.brockman = { enable = true; config = { + channel = "#systemdultras"; irc = { host = "irc.freenode.net"; port = 6667; @@ -11,11 +13,13 @@ feed = "https://www.reddit.com/r/systemdultras/.rss"; delay = 136; channels = [ "#systemdultras" ]; + notifyErrors = false; }; r-systemd-rss = { feed = "https://www.reddit.com/r/systemd/.rss"; delay = 172; channels = [ "#systemdultras" ]; + notifyErrors = false; }; }; }; diff --git a/makefu/2configs/tools/core.nix b/makefu/2configs/tools/core.nix index 8339c9328..bce461e9e 100644 --- a/makefu/2configs/tools/core.nix +++ b/makefu/2configs/tools/core.nix @@ -17,6 +17,7 @@ ${gnused}/bin/sed -i "''${1}d" ~/.ssh/known_hosts which binutils screen + rename # rename 's/^/hello/' *.txt # fs cifs-utils diff --git a/makefu/2configs/wireguard/server.nix b/makefu/2configs/wireguard/server.nix index 76fea1d6d..c8fbfe6fb 100644 --- a/makefu/2configs/wireguard/server.nix +++ b/makefu/2configs/wireguard/server.nix @@ -39,11 +39,13 @@ in { # wireguard server } { # work-router + persistentKeepalive = 25; allowedIPs = [ "10.244.0.5/32" ]; publicKey = "QJMwwYu/92koCASbHnR/vqe/rN00EV6/o7BGwLockDw="; } { # workr + persistentKeepalive = 25; allowedIPs = [ "10.244.0.6/32" ]; publicKey = "OFhCF56BrV9tjqW1sxqXEKH/GdqamUT1SqZYSADl5GA="; } diff --git a/makefu/5pkgs/xmm7360/default.nix b/makefu/5pkgs/xmm7360/default.nix new file mode 100644 index 000000000..5e423b5af --- /dev/null +++ b/makefu/5pkgs/xmm7360/default.nix @@ -0,0 +1,47 @@ +{ stdenv, fetchFromGitHub, python3, kernel, kmod }: +let + py = python3.withPackages (p: [ p.ConfigArgParse p.pyroute2 ]); +in +stdenv.mkDerivation rec { + name = "xmm7360-pci-${version}-${kernel.version}"; + version = "1.0"; + + src = fetchFromGitHub { + owner = "xmm7360"; + repo = "xmm7360-pci"; + rev = "0060149"; + sha256 = "0nr7adlwglpw6hp44x0pq8xhv7kik7nsb8yzbxllvy2v1pinyflv"; + }; + + #sourceRoot = "source/linux/v4l2loopback"; + + buildTargets = "default"; + hardeningDisable = [ "pic" ]; + + nativeBuildInputs = kernel.moduleBuildDependencies; + buildInputs = [ kmod ]; + + + makeFlags = [ + "KVERSION=${kernel.modDirVersion}" + "KDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" + "INSTALL_MOD_PATH=$(out)" + ]; + postInstall = '' + install -d $out/lib/xmm7360/ + cp -r rpc/ $out/lib/xmm7360/ + cat > open_xdatachannel <<EOF + cd $out/lib/xmm7360 + exec ${py}/bin/python3 rpc/open_xdatachannel.py $@ + EOF + install -D open_xdatachannel $out/bin/open_xdatachannel + ''; + + meta = with stdenv.lib; { + description = "A kernel module to create V4L2 loopback devices"; + homepage = "https://github.com/aramg/droidcam"; + license = licenses.gpl2; + maintainers = [ maintainers.makefu ]; + platforms = platforms.linux; + }; +} diff --git a/makefu/krops.nix b/makefu/krops.nix index a03fea029..12c003b24 100644 --- a/makefu/krops.nix +++ b/makefu/krops.nix @@ -1,4 +1,4 @@ -{ config ? config, name, target ? name }: let +{ config ? config, name, target ? name , buildTarget ? target }: let krops = ../submodules/krops; nixpkgs-src = lib.importJSON ../krebs/nixpkgs.json; @@ -87,6 +87,7 @@ in { deploy = pkgs.krops.writeDeploy "${name}-deploy" { source = source { test = false; }; target = "root@${target}/var/src"; + buildTarget = if target == buildTarget then "root@${target}/var/src" else "root@${buildTarget}/tmp/"; }; # usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test) |