diff options
102 files changed, 2596 insertions, 236 deletions
diff --git a/krebs/1systems/puyak/config.nix b/krebs/1systems/puyak/config.nix index ea73e4bd2..6321b6cc4 100644 --- a/krebs/1systems/puyak/config.nix +++ b/krebs/1systems/puyak/config.nix @@ -15,6 +15,10 @@ <stockholm/krebs/2configs/news-spam.nix> <stockholm/krebs/2configs/shack/prometheus/node.nix> <stockholm/krebs/2configs/shack/gitlab-runner.nix> + + ## Collect local statistics via collectd and send to collectd + <stockholm/krebs/2configs/stats/shack-client.nix> + <stockholm/krebs/2configs/stats/shack-debugging.nix> ]; krebs.build.host = config.krebs.hosts.puyak; diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix index 9ae65466c..6e53637e6 100644 --- a/krebs/1systems/wolf/config.nix +++ b/krebs/1systems/wolf/config.nix @@ -1,7 +1,6 @@ { config, pkgs, ... }: let shack-ip = config.krebs.build.host.nets.shack.ip4.addr; - influx-host = "127.0.0.1"; ext-if = "et0"; external-mac = "52:54:b0:0b:af:fe"; @@ -39,56 +38,44 @@ in # mobile.lounge.mpd.shack <stockholm/krebs/2configs/shack/mobile.mpd.nix> + + # hass.shack + <stockholm/krebs/2configs/shack/glados> + # connect to git.shackspace.de as group runner for rz <stockholm/krebs/2configs/shack/gitlab-runner.nix> - # Statistics collection and visualization - <stockholm/krebs/2configs/graphite.nix> + # Statistics collection and visualization + <stockholm/krebs/2configs/shack/graphite.nix> ## Collect data from mqtt.shack and store in graphite database <stockholm/krebs/2configs/shack/mqtt_sub.nix> ## Collect radioactive data and put into graphite <stockholm/krebs/2configs/shack/radioactive.nix> ## mqtt.shack <stockholm/krebs/2configs/shack/mqtt.nix> - ## Collect local statistics via collectd and send to collectd - <stockholm/krebs/2configs/stats/wolf-client.nix> + ## influx.shack + <stockholm/krebs/2configs/shack/influx.nix> - { services.influxdb.enable = true; } + ## Collect local statistics via collectd and send to collectd + <stockholm/krebs/2configs/stats/shack-client.nix> + <stockholm/krebs/2configs/stats/shack-debugging.nix> <stockholm/krebs/2configs/shack/netbox.nix> + # prometheus.shack <stockholm/krebs/2configs/shack/prometheus/server.nix> <stockholm/krebs/2configs/shack/prometheus/node.nix> <stockholm/krebs/2configs/shack/prometheus/unifi.nix> - <stockholm/krebs/2configs/collectd-base.nix> # home-assistant - { services.influxdb.enable = true; } + # grafana.shack + <stockholm/krebs/2configs/shack/grafana.nix> ]; # use your own binary cache, fallback use cache.nixos.org (which is used by # apt-cacher-ng in first place) - # local discovery in shackspace nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; }; krebs.tinc.retiolum.extraConfig = "TCPOnly = yes"; - services.grafana = { - enable = true; - addr = "0.0.0.0"; - users.allowSignUp = true; - users.allowOrgCreate = true; - users.autoAssignOrg = true; - auth.anonymous.enable = true; - security = import <secrets/grafana_security.nix>; - }; - nix = { - # use the up to date prism cache - binaryCaches = [ - "https://cache.nixos.org/" - ]; - binaryCachePublicKeys = [ - "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=" - ]; - }; networking = { firewall.enable = false; @@ -133,23 +120,27 @@ in swapDevices = [ { device = "/dev/disk/by-label/swap"; } ]; - # fallout of ipv6calypse - networking.extraHosts = '' - hass.shack 10.42.2.191 - ''; users.extraUsers.root.openssh.authorizedKeys.keys = [ config.krebs.users."0x4A6F".pubkey config.krebs.users.ulrich.pubkey config.krebs.users.raute.pubkey - config.krebs.users.makefu-omo.pubkey "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDb9NPa2Hf51afcG1H13UPbE5E02J8aC9a1sGCRls592wAVlQbmojYR1jWDPA2m32Bsyv0ztqi81zDyndWWZPQVJVBk00VjYBcgk6D5ifqoAuWLzfuHJPWZGOvBf/U74/LNFNUkj1ywjneK7HYTRPXrRBBfBSQNmQzkvue7s599L2vdueZKyjNsMpx2m6nm2SchaMuDskSQut/168JgU1l4M8BeT68Bo4WdelhBYnhSI1a59FGkgdu2SCjyighLQRy2sOH3ksnkHWENPkA+wwQOlKl7R3DsEybrNd4NU9FSwFDyDmdhfv5gJp8UGSFdjAwx43+8zM5t5ruZ25J0LnVb0PuTuRA00UsW83MkLxFpDQLrQV08tlsY6iGrqxP67C3VJ6t4v6oTp7/vaRLhEFc1PhOLh+sZ18o8MLO+e2rGmHGHQnSKfBOLUvDMGa4jb01XBGjdnIXLOkVo79YR5jZn7jJb2gTZ95OD6bWSDADoURSuwuLa7kh4ti1ItAKuhkIvbuky3rRVvQEc92kJ6aNUswIUXJa0K2ibbIY6ycKAA3Ljksl3Mm9KzOn6yc/i/lSF+SOrTGhabPJigKkIoqKIwnV5IU3gkfsxPQJOBMPqHDGAOeYQe3WpWedEPYuhQEczw4exMb9TkNE96F71PzuQPJDl5sPAWyPLeMKpy5XbfRiF2by4nxN3ZIQvjtoyVkjNV+qM0q0yKBzLxuRAEQOZ2yCEaBudZQkQiwHD97H2vu4SRQ/2aOie1XiOnmdbQRDZSO3BsoDK569K1w+gDfSnqY7zVUMj6tw+uKx6Gstck5lbvYMtdWKsfPv/pDM8eyIVFLL93dKTX+ertcQj6xDwLfOiNubE5ayFXhYkjwImV6NgfBuq+3hLK0URP2rPlOZbbZTQ0WlKD6CCRZPMSZCU9oD2zYfqpvRArBUcdkAwGePezORkfJQLE6mYEJp6pdFkJ/IeFLbO6M0lZVlfnpzAC9kjjkMCRofZUETcFSppyTImCbgo3+ok59/PkNU5oavBXyW80ue2tWHr08HX/QALNte3UITmIIlU6SFMCPMWJqadK1eDPWfJ4H4iDXRNn3D5wqN++iMloKvpaj0wieqXLY4+YfvNTNr177OU48GEWW8DnoEkbpwsCbjPxznGDQhdDqdYyMY/fDgRQReKITvKYGHRzesGysw5cKsp9LEfXD0R6WE2TeiiENla5AWzTgXJB0AyZEcOiIfqOgT9Nr9S8q5gc/BdA7P+jhGGJgEHhV3dVlfIZ7pmZc27Yu7UTQ0lbAKWqcMSTOdne+QL6ILzbvLrQwdvax4tQdm5opfU16SrOox1AMwAbkdq84z6uJqYVx3cUXfMJgTyDNrVv3or root@plattenschwein" # for backup "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1Lx5MKtVjB/Ef6LpEiIAgVwY5xKQFdHuLQR+odQO4cAgxj1QaIXGN0moixY52DebVQhAtiCNiFZ83uJyOj8kmu30yuXwtSOQeqziA859qMJKZ4ZcYdKvbXwnf2Chm5Ck/0FvtpjTWHIZAogwP1wQto/lcqHOjrTAnZeJfQuHTswYUSnmUU5zdsEZ9HidDPUc2Gv0wkBNd+KMQyOZl0HkaxHWvn0h4KK4hYZisOpeTfXJxD87bo+Eg4LL2vvnHW6dF6Ygrbd/0XRMsRRI8OAReVBUoJn7IE1wwAl/FpblNmhaF9hlL7g7hR1ADvaWMMw0e8SSzW6Y+oIa8qFQL6wR1 gitlab-builder" # for being deployed by gitlab ci ]; + services.udev.extraRules = '' SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="${ext-if}" ''; time.timeZone = "Europe/Berlin"; sound.enable = false; + + # avahi + services.avahi = { + enable = true; + wideArea = false; + }; + environment.systemPackages = [ pkgs.avahi ]; + } diff --git a/krebs/2configs/default.nix b/krebs/2configs/default.nix index 8771c0e1d..d7d6fbf37 100644 --- a/krebs/2configs/default.nix +++ b/krebs/2configs/default.nix @@ -14,18 +14,13 @@ with import <stockholm/lib>; ]; krebs.announce-activation.enable = true; krebs.enable = true; - krebs.tinc.retiolum.enable = true; + krebs.tinc.retiolum.enable = mkDefault true; krebs.build.user = mkDefault config.krebs.users.krebs; networking.hostName = config.krebs.build.host.name; nix.maxJobs = 1; - nix.trustedBinaryCaches = [ - "https://cache.nixos.org" - "http://cache.nixos.org" - "http://hydra.nixos.org" - ]; nix.useSandbox = true; environment.systemPackages = with pkgs; [ @@ -39,8 +34,6 @@ with import <stockholm/lib>; defaultLocale = lib.mkForce "C"; }; - - programs.ssh.startAgent = false; services.openssh = { @@ -55,18 +48,13 @@ with import <stockholm/lib>; users.mutableUsers = false; users.extraUsers.root.openssh.authorizedKeys.keys = [ - # TODO config.krebs.users.jeschli-brauerei.pubkey config.krebs.users.lass.pubkey config.krebs.users.lass-mors.pubkey config.krebs.users.makefu.pubkey - # TODO HARDER: - config.krebs.users.makefu-omo.pubkey config.krebs.users.tv.pubkey ]; - # The NixOS release to be compatible with for stateful data such as databases. system.stateVersion = "17.03"; - } diff --git a/krebs/2configs/shack/glados/default.nix b/krebs/2configs/shack/glados/default.nix new file mode 100644 index 000000000..dc345cc4e --- /dev/null +++ b/krebs/2configs/shack/glados/default.nix @@ -0,0 +1,139 @@ +{ config, pkgs, lib, ... }: +let + shackopen = import ./multi/shackopen.nix; + wasser = import ./multi/wasser.nix; +in { + services.nginx.virtualHosts."hass.shack" = { + serverAliases = [ "glados.shack" ]; + locations."/" = { + proxyPass = "http://localhost:8123"; + extraConfig = '' + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + + proxy_buffering off; + ''; + }; + }; + services.home-assistant = let + dwd_pollen = pkgs.fetchFromGitHub { + owner = "marcschumacher"; + repo = "dwd_pollen"; + rev = "0.1"; + sha256 = "1af2mx99gv2hk1ad53g21fwkdfdbymqcdl3jvzd1yg7dgxlkhbj1"; + }; + in { + enable = true; + package = (pkgs.home-assistant.overrideAttrs (old: { + # TODO: find correct python package + installCheckPhase = '' + echo LOLLLLLLLLLLLLLL + ''; + postInstall = '' + cp -r ${dwd_pollen} $out/lib/python3.7/site-packages/homeassistant/components/dwd_pollen + ''; + })).override { + extraPackages = ps: with ps; [ + python-forecastio jsonrpc-async jsonrpc-websocket mpd2 + (callPackage ./deps/gtts-token.nix { }) + (callPackage ./deps/pyhaversion.nix { }) + ]; + }; + autoExtraComponents = true; + config = { + homeassistant = { + name = "Bureautomation"; + time_zone = "Europe/Berlin"; + latitude = "48.8265"; + longitude = "9.0676"; + elevation = 303; + auth_providers = [ + { type = "homeassistant";} + { type = "legacy_api_password";} + { type = "trusted_networks"; + # allow_bypass_login = true; + } + ]; + }; + # https://www.home-assistant.io/components/influxdb/ + influxdb = { + database = "hass"; + tags = { + instance = "wolf"; + source = "hass"; + }; + }; + mqtt = { + broker = "localhost"; + port = 1883; + client_id = "home-assistant"; + keepalive = 60; + protocol = 3.1; + birth_message = { + topic = "glados/hass/status/LWT"; + payload = "Online"; + qos = 1; + retain = true; + }; + will_message = { + topic = "glados/hass/status/LWT"; + payload = "Offline"; + qos = 1; + retain = true; + }; + }; + switch = wasser.switch; + light = []; + media_player = [ + { platform = "mpd"; + host = "lounge.mpd.shack"; + } + ]; + + sensor = + [{ platform = "version"; }] + ++ (import ./sensors/hass.nix) + ++ (import ./sensors/power.nix) + ++ shackopen.sensor; + + binary_sensor = shackopen.binary_sensor; + + camera = []; + + frontend = { }; + http = { + # TODO: https://github.com/home-assistant/home-assistant/issues/16149 + base_url = "http://hass.shack"; + use_x_forwarded_for = true; + trusted_proxies = "127.0.0.1"; + api_password = "shackit"; + trusted_networks = [ + "127.0.0.1/32" + "10.42.0.0/16" + "::1/128" + "fd00::/8" + ]; + }; + conversation = {}; + history = {}; + logbook = {}; + tts = [ + { platform = "google"; + language = "de"; + } + { platform = "picotts"; + language = "de-DE"; + } + ]; + recorder = {}; + sun = {}; + + automation = wasser.automation; + device_tracker = []; + }; + }; +} diff --git a/krebs/2configs/shack/glados/deps/dwd_pollen.nix b/krebs/2configs/shack/glados/deps/dwd_pollen.nix new file mode 100644 index 000000000..39d9c3069 --- /dev/null +++ b/krebs/2configs/shack/glados/deps/dwd_pollen.nix @@ -0,0 +1,32 @@ +{ lib +, buildPythonPackage +, fetchFromGitHub +, python +, voluptuous +}: + +buildPythonPackage rec { + format = "other"; + pname = "dwd_pollen"; + version = "0.1"; + + src = fetchFromGitHub { + owner = "marcschumacher"; + repo = "dwd_pollen"; + rev = version; + sha256 = "1af2mx99gv2hk1ad53g21fwkdfdbymqcdl3jvzd1yg7dgxlkhbj1"; + }; + propagatedBuildInputs = [ + voluptuous + ]; + installPhase = '' + install -D -t $out/${python.sitePackages}/homeassistant/components/sensor/dwd_pollen * + ''; + + meta = with lib; { + description = "Home Assistant component to retrieve Pollen data from DWD (Germany)"; + homepage = https://github.com/marcschumacher/dwd_pollen; + license = licenses.mit; + maintainers = [ maintainers.makefu ]; + }; +} diff --git a/krebs/2configs/shack/glados/deps/gtts-token.nix b/krebs/2configs/shack/glados/deps/gtts-token.nix new file mode 100644 index 000000000..69640f03d --- /dev/null +++ b/krebs/2configs/shack/glados/deps/gtts-token.nix @@ -0,0 +1,27 @@ +{ lib +, buildPythonPackage +, fetchPypi +, requests +}: + +buildPythonPackage rec { + pname = "gtts-token"; + version = "1.1.3"; + + src = fetchPypi { + pname = "gTTS-token"; + inherit version; + sha256 = "9d6819a85b813f235397ef931ad4b680f03d843c9b2a9e74dd95175a4bc012c5"; + }; + + propagatedBuildInputs = [ + requests + ]; + + meta = with lib; { + description = "Calculates a token to run the Google Translate text to speech"; + homepage = https://github.com/boudewijn26/gTTS-token; + license = licenses.mit; + # maintainers = [ maintainers. ]; + }; +} diff --git a/krebs/2configs/shack/glados/deps/pyhaversion.nix b/krebs/2configs/shack/glados/deps/pyhaversion.nix new file mode 100644 index 000000000..a75c6a976 --- /dev/null +++ b/krebs/2configs/shack/glados/deps/pyhaversion.nix @@ -0,0 +1,33 @@ +{ lib +, buildPythonPackage +, fetchpatch +, fetchPypi +, aiohttp +, async-timeout +}: + +buildPythonPackage rec { + pname = "pyhaversion"; + version = "2.2.1"; + + src = fetchPypi { + inherit pname version; + sha256 = "72b65aa25d7b2dbb839a4d0218df2005c2335e93526035904d365bb668030b9f"; + }; + patches = [ + (fetchpatch { url = "https://github.com/makefu/pyhaversion/commit/f3bdc38970272cd345c2cfbde3037ea492ca27c4.patch"; + sha256 = + "1rhq4z7mdgnwhwpf5fmarnbc1ba3qysk1wqjdr0hvbzi8vmvbfcc";}) + ]; + doCheck = false; + propagatedBuildInputs = [ + aiohttp + async-timeout + ]; + + meta = with lib; { + description = ""; + homepage = https://github.com/ludeeus/pyhaversion; + # maintainers = [ maintainers. ]; + }; +} diff --git a/krebs/2configs/shack/glados/multi/shackopen.nix b/krebs/2configs/shack/glados/multi/shackopen.nix new file mode 100644 index 000000000..354405d06 --- /dev/null +++ b/krebs/2configs/shack/glados/multi/shackopen.nix @@ -0,0 +1,23 @@ +{ + binary_sensor = [ + { platform = "mqtt"; + name = "Portal Lock"; + device_class = "door"; + state_topic = "portal/gateway/status"; + availability_topic = "portal/gateway/lwt"; + payload_on = "open"; + payload_off = "closed"; + payload_available = "online"; + payload_not_available = "offline"; + } + ]; + sensor = [ + { platform = "mqtt"; + name = "Keyholder"; + state_topic = "portal/gateway/keyholder"; + availability_topic = "portal/gateway/lwt"; + payload_available = "online"; + payload_not_available = "offline"; + } + ]; +} diff --git a/krebs/2configs/shack/glados/multi/wasser.nix b/krebs/2configs/shack/glados/multi/wasser.nix new file mode 100644 index 000000000..da5cac36d --- /dev/null +++ b/krebs/2configs/shack/glados/multi/wasser.nix @@ -0,0 +1,66 @@ +let + tasmota_plug = name: topic: + { platform = "mqtt"; + inherit name; + state_topic = "sonoff/stat/${topic}/POWER1"; + command_topic = "sonoff/cmnd/${topic}/POWER1"; + availability_topic = "sonoff/tele/${topic}/LWT"; + payload_on= "ON"; + payload_off= "OFF"; + payload_available= "Online"; + payload_not_available= "Offline"; + retain = false; + qos = 1; + }; + seconds = 30; +in +{ + switch = [ + (tasmota_plug "Wasser" "plug") + ]; + automation = + [ + { alias = "Water the plant for ${toString seconds} seconds"; + trigger = [ + { # trigger at 20:00 no matter what + # TODO: retry or run only if switch.wasser is available + platform = "time"; + at = "20:00:00"; + } + ]; + action = + [ + { + service = "homeassistant.turn_on"; + entity_id = [ + "switch.wasser" + ]; + } + { delay.seconds = seconds; } + { + service = "homeassistant.turn_off"; + entity_id = [ + "switch.wasser" + ]; + } + ]; + } + { alias = "Always turn off water after ${toString (seconds * 2)}seconds"; + trigger = [ + { + platform = "state"; + entity_id = "switch.wasser"; + to = "on"; + for.seconds = seconds*2; + } + ]; + action = + [ + { + service = "homeassistant.turn_off"; + entity_id = [ "switch.wasser" ]; + } + ]; + } + ]; +} diff --git a/krebs/2configs/shack/glados/sensors/hass.nix b/krebs/2configs/shack/glados/sensors/hass.nix new file mode 100644 index 000000000..634758701 --- /dev/null +++ b/krebs/2configs/shack/glados/sensors/hass.nix @@ -0,0 +1,22 @@ +let + esphome_temp = name: + { platform = "mqtt"; + name = "${name} Temperature"; + device_class = "temperature"; + state_topic = "glados/${name}/sensor/temperature/state"; + availability_topic = "glados/${name}/status"; + payload_available = "online"; + payload_not_available = "offline"; + }; + esphome_hum = name: + { platform = "mqtt"; + device_class = "humidity"; + name = "${name} Humidity"; + state_topic = "glados/${name}/sensor/humidity/state"; + availability_topic = "glados/${name}/status"; + payload_available = "online"; + payload_not_available = "offline"; + }; +in + (map esphome_temp [ "lounge" "werkstatt" "herrenklo" "dusche" "fablab" "whc" ]) + ++ (map esphome_hum [ "lounge" "werkstatt" "herrenklo" "dusche" "fablab" "whc" ]) diff --git a/krebs/2configs/shack/glados/sensors/power.nix b/krebs/2configs/shack/glados/sensors/power.nix new file mode 100644 index 000000000..1aa250a19 --- /dev/null +++ b/krebs/2configs/shack/glados/sensors/power.nix @@ -0,0 +1,27 @@ +let + power_x = name: phase: + { platform = "mqtt"; + name = "${phase} ${name}"; + # device_class = "power"; + state_topic = "/power/total/${phase}/${name}"; + availability_topic = "/power/lwt"; + payload_available = "Online"; + payload_not_available = "Offline"; + }; + power_consumed = + { platform = "mqtt"; + name = "Power Consumed"; + #device_class = "power"; + state_topic = "/power/total/consumed"; + availability_topic = "/power/lwt"; + payload_available = "Online"; + payload_not_available = "Offline"; + }; + power_volt = power_x "Voltage"; + power_watt = power_x "Power"; + power_curr = power_x "Current"; +in + (map power_volt [ "L1" "L2" "L3" ]) +++ (map power_watt [ "L1" "L2" "L3" ]) +++ (map power_curr [ "L1" "L2" "L3" ]) +++ [ power_consumed ] diff --git a/krebs/2configs/shack/grafana.nix b/krebs/2configs/shack/grafana.nix new file mode 100644 index 000000000..adf0a4bc3 --- /dev/null +++ b/krebs/2configs/shack/grafana.nix @@ -0,0 +1,19 @@ +let + port = 3000; +in { + + networking.firewall.allowedTCPPorts = [ port ]; # legacy + services.nginx.virtualHosts."grafana.shack" = { + locations."/".proxyPass = "http://localhost:${toString port}"; + }; + services.grafana = { + enable = true; + port = port; + addr = "0.0.0.0"; + users.allowSignUp = true; + users.allowOrgCreate = true; + users.autoAssignOrg = true; + auth.anonymous.enable = true; + security = import <secrets/grafana_security.nix>; + }; +} diff --git a/krebs/2configs/graphite.nix b/krebs/2configs/shack/graphite.nix index 64222e43a..1c8ec6a8b 100644 --- a/krebs/2configs/graphite.nix +++ b/krebs/2configs/shack/graphite.nix @@ -1,16 +1,22 @@ { config, lib, pkgs, ... }: +# hostname: graphite.shack + # graphite-web on port 8080 # carbon cache on port 2003 (tcp/udp) - -# TODO: krebs.graphite.minimal.enable -# TODO: configure firewall -with import <stockholm/lib>; -{ - imports = [ ]; - +let + port = 8080; +in { + networking.firewall.allowedTCPPorts = [ 2003 port ]; + networking.firewall.allowedUDPPorts = [ 2003 ]; + services.nginx.virtualHosts."graphite.shack" = { + locations."/" = { + proxyPass = "http://localhost:${toString port}/"; + }; + }; services.graphite = { api = { + inherit port; enable = true; listenAddress = "0.0.0.0"; }; diff --git a/krebs/2configs/shack/influx.nix b/krebs/2configs/shack/influx.nix new file mode 100644 index 000000000..92cb24bf3 --- /dev/null +++ b/krebs/2configs/shack/influx.nix @@ -0,0 +1,33 @@ +{pkgs, ... }: # hostname: influx.shack +let + port = 8086; + collectd-port = 25826; + db = "collectd_db"; +in +{ + networking.firewall.allowedTCPPorts = [ port ]; # for legacy applications + networking.firewall.allowedUDPPorts = [ collectd-port ]; + services.nginx.virtualHosts."influx.shack" = { + locations."/" = { + proxyPass = "http://localhost:${toString port}/"; + }; + }; + services.influxdb = { + enable = true; + extraConfig = { + http.bind-address = "0.0.0.0:${toString port}"; + http.log-enabled = false; + http.write-tracing = false; + http.suppress-write-log = true; + data.trace-logging-enabled = false; + data.query-log-enabled = false; + monitoring.enabled = false; + collectd = [{ + enabled = true; + typesdb = "${pkgs.collectd}/share/collectd/types.db"; + database = db; + bind-address = ":${toString collectd-port}"; + }]; + }; + }; +} diff --git a/krebs/2configs/shack/mqtt.nix b/krebs/2configs/shack/mqtt.nix index 8e5438db2..e78f0f974 100644 --- a/krebs/2configs/shack/mqtt.nix +++ b/krebs/2configs/shack/mqtt.nix @@ -1,3 +1,4 @@ +# hostname: mqtt.shack { networking.firewall.allowedTCPPorts = [ 1883 ]; networking.firewall.allowedUDPPorts = [ 1883 ]; diff --git a/krebs/2configs/shack/prometheus/server.nix b/krebs/2configs/shack/prometheus/server.nix index c936f2531..12f757e89 100644 --- a/krebs/2configs/shack/prometheus/server.nix +++ b/krebs/2configs/shack/prometheus/server.nix @@ -3,18 +3,23 @@ { networking = { firewall.allowedTCPPorts = [ - 3000 # grafana 9090 # prometheus 9093 # alertmanager ]; - useDHCP = true; }; - services = { + nginx.virtualHosts = { + "prometheus.shack" = { + locations."/".proxyPass = "http://localhost:9090"; + }; + "alert.prometheus.shack" = { + locations."/".proxyPass = "http://localhost:9093"; + }; + }; prometheus = { enable = true; extraFlags = [ - "-storage.local.retention 8760h" + "-storage.local.retention 720h" "-storage.local.series-file-shrink-ratio 0.3" "-storage.local.memory-chunks 2097152" "-storage.local.max-chunks-to-persist 1048576" diff --git a/krebs/2configs/stats/wolf-client.nix b/krebs/2configs/stats/shack-client.nix index 0412eba9a..5131b0f78 100644 --- a/krebs/2configs/stats/wolf-client.nix +++ b/krebs/2configs/stats/shack-client.nix @@ -17,6 +17,8 @@ Interface "lo" Interface "vboxnet*" Interface "virbr*" + Interface "veth*" + Interface "br-*" IgnoreSelected true </Plugin> @@ -53,15 +55,7 @@ LoadPlugin network <Plugin "network"> - Server "stats.makefu.r" "25826" - </Plugin> - - LoadPlugin curl - <Plugin curl> - <Page "smarthome"> - URL "http://smarthome.shack/"; - MeasureResponseTime true - </Page> + Server "influx.shack" "25826" </Plugin> ''; }; diff --git a/krebs/2configs/collectd-base.nix b/krebs/2configs/stats/shack-debugging.nix index 71a00be3a..b5a0cf05e 100644 --- a/krebs/2configs/collectd-base.nix +++ b/krebs/2configs/stats/shack-debugging.nix @@ -9,7 +9,7 @@ let ModulePath "${collectd-connect-time}/lib/${python.libPrefix}/site-packages/" Import "collectd_connect_time" <Module collectd_connect_time> - target "localhost:22" "google.com" "google.de" "gum.r:22" "gum.krebsco.de" "10.42.0.1:22" "heise.de" "t-online.de" + target "localhost:22" "google.com" "google.de" "gum.krebsco.de" "10.42.0.1:22" "heise.de" "t-online.de""10.0.1.3" "10.0.0.3:22" "10.0.0.4:22" interval 10 </Module> </Plugin> @@ -18,7 +18,7 @@ let LoadPlugin write_graphite <Plugin "write_graphite"> <Carbon> - Host "wolf.r" + Host "graphite.shack" Port "2003" Prefix "retiolum." EscapeCharacter "_" diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index aac67f2e3..f12dda097 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -229,6 +229,32 @@ in { }; }; }; + jongepad = { + owner = config.krebs.users.jonge; + nets = { + retiolum = { + ip4.addr = "10.243.5.6"; + aliases = [ + "jongepad.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAtJsF5jL/M72PCptLFC5iIEt0qAL544H/VLijvZEG9gnoqbs94aNJ + MM5Sr3yMB01WkcT1Lph3r4dxV0/QECu3Ca4xxuUntu42tFXhkikQGcZLuo2h4zr4 + +wReudCCc7VqMcJDxriyyoW3i7smZnQGzo36gpKHbZfil8dJo0QE8mnujqkQCA0G + hjR7xdG+/usDgRUarfpNgoHKyZfLcomQLUuR8I3aHsdaCLgMJ8v5DjGymp2bIswT + puPx3IEZSXH8y6MZoISvLn+hwcWat34Bj1PF7vfgldivqHaDFpifpXvjbCmxcel9 + WVZRSEvLSVT4FnpaJ7JkAaUpG+GOHVlPWARq9t9AZXKR1Zex9MIkHzWi/TIIkawj + wJNvUwvBYJ1UCuCby4/3nKlY7zWjj23YM6dTJDGMhJKR5m2SHp9SC0m0QdfSjN5z + 8sJauCigGZ6rlmxkO4/2BBGshY8jWDl/z2oFiQfo7R2oZkJdWNHLGKtTZtqQQ3e6 + SAE/HQvipiv35rMzHw3E9AJBhhQqT3vTLLZvMTBS6BRFvpqDNhXik1aFenNV4tjZ + XeYU1eXI4XzQqoW/avPTuLt8O0Ya/nziLXCaIy+hlx5Hd49hkGb+1saQ5yPUgoEt + wE9sy5+9b5ebn8B+N0yw7wnUYN8V8dmPmRwLt71IuBwHn/aAoXyWwFsCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; rose = { owner = config.krebs.users.Mic92; nets = rec { @@ -685,6 +711,9 @@ in { jan = { mail = "jan.heidbrink@posteo.de"; }; + jonge = { + mail = "jacek.galowicz@gmail.com"; + }; kmein = { mail = "kieran.meinhardt@gmail.com"; pubkey = ssh-for "kmein"; @@ -695,6 +724,7 @@ in { }; qubasa = { mail = "luis.nixos@gmail.com"; + pubkey = ssh-for "qubasa"; }; raute = { mail = "macxylo@gmail.com"; diff --git a/krebs/3modules/external/ssh/qubasa.pub b/krebs/3modules/external/ssh/qubasa.pub new file mode 100644 index 000000000..e9e1e6a29 --- /dev/null +++ b/krebs/3modules/external/ssh/qubasa.pub @@ -0,0 +1,2 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDB0d0JA20Vqn7I4lCte6Ne2EOmLZyMJyS9yIKJYXNLjbLwkQ4AYoQKantPBkTxR75M09E7d3j5heuWnCjWH45TrfQfe1EOSSC3ppCI6C6aIVlaNs+KhAYZS0m2Y8WkKn+TT5JLEa8yybYVN/RlZPOilpj/1QgjU6CQK+eJ1k/kK+QFXcwN82GDVh5kbTVcKUNp2tiyxFA+z9LY0xFDg/JHif2ROpjJVLQBJ+YPuOXZN5LDnVcuyLWKThjxy5srQ8iDjoxBg7dwLHjby5Mv41K4W61Gq6xM53gDEgfXk4cQhJnmx7jA/pUnsn2ZQDeww3hcc7vRf8soogXXz2KC9maiq0M/svaATsa9Ul4hrKnqPZP9Q8ScSEAUX+VI+x54iWrnW0p/yqBiRAzwsczdPzaQroUFTBxrq8R/n5TFdSHRMX7fYNOeVMjhfNca/gtfw9dYBVquCvuqUuFiRc0I7yK44rrMjjVQRcAbw6F8O7+04qWCmaJ8MPlmApwu2c05VMv9hiJo5p6PnzterRSLCqF6rIdhSnuOwrUIt1s/V+EEZXHCwSaNLaQJnYL0H9YjaIuGz4c8kVzxw4c0B6nl+hqW5y5/B2cuHiumnlRIDKOIzlv8ufhh21iN7QpIsPizahPezGoT1XqvzeXfH4qryo8O4yTN/PWoA+f7o9POU7L6hQ== lhebendanz@nixos + diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index a8314e11c..78f3542fa 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -638,6 +638,46 @@ in { ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHXS60mmNWMdMRvaPxGn91Cm/hm7zY8xn5rkI4n2KG/f "; }; + hilum = { + cores = 1; + nets = { + retiolum = { + ip4.addr = "10.243.20.123"; + ip6.addr = r6 "005b"; + aliases = [ + "hilum.r" + ]; + tinc.pubkey = '' + -----BEGIN PUBLIC KEY----- + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAul1zLdJ76kIqVWjxT2bb + pLx6gu6VycxaDcWAoTWSjPsOT2IJf3NYC6i8D6WASnRqR6djp06OG7Onu0r5hZhi + V5nelDUvR75qVAx9ZeuQDSdNpWuVMds/C3cQM6QQHD1kFwnr2n6VH/qy0W9duW8c + SGX3C80nRpmY0cCEEnxFdFdLSd0c15M+lFVAaqh2225ujXyyvkwH874yvpWLPSdh + 4xjZdrOFarl5yb9q83HcZsdunn+469BeKCWB8bs+nRsp9Wwj1en1yAZTB3WazYNE + saFQ0xGa7VGfHN0PjqgZEF2I2IiQJ+H3N5XRQ7dcJzsDRB8lMrCx2ynJkJRSjLXz + vgZjW+Rf47V9CLRjJGCp1xh6GbXqjsIYh5yqZkgH4Sm1VpMBYdr/kLjiygwzV8jY + 8uoBUgEHLc5B73/D3GlMe3bOJmxxMfyPITVTFHgznycalBNBSsgKpIwWae6LbYhZ + wrpi66IQOyC6YYThqn8pz3KUz17HxyacA/mS6/jcRP+IiHb9CYcS4BsjTpH3NnM3 + RkSWE3FGE+ULH1W/VeA8pZRKAR1rypvMRdewbFTQpe/dNgif5O5Fe/7l/6KDzzCh + Zqqr6sEFhutPUd6PcaVtQlfzYkJ9MGYWYr4S17D7Q9V0H37a0AcRaYH59FCmlFjl + 87b8jfJNXlKFW+EBxBxN2uECAwEAAQ== + -----END PUBLIC KEY----- + ''; + }; + wiregrill = { + ip6.addr = w6 "005b"; + aliases = [ + "hilum.w" + ]; + wireguard.pubkey = '' + 0DRcCDR0O+UqV07DsGfS4On+6YaZ3LPfvni9u1NZNhw= + ''; + }; + }; + ssh.privkey.path = <secrets/ssh.id_ed25519>; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPARXXe0HaP1r0pLqtInhnbYSZsP0g4VC6aaWP7qi5+w"; + syncthing.id = "J6PHKTS-2JG5NOL-H5ZWOF6-6L6ENA7-L4RO6DV-BQHU7YL-CHOLDCC-S5YX3AC"; + }; }; users = rec { lass = lass-blue; diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 9581712fb..ab24d9096 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -189,6 +189,7 @@ in { wg.euer IN A ${nets.internet.ip4.addr} wiki.euer IN A ${nets.internet.ip4.addr} wikisearch IN A ${nets.internet.ip4.addr} + bookmark.euer IN A ${nets.internet.ip4.addr} io IN NS gum.krebsco.de. mediengewitter IN CNAME over.dose.io. ''; diff --git a/krebs/3modules/tinc.nix b/krebs/3modules/tinc.nix index 24eac7158..ed00d187c 100644 --- a/krebs/3modules/tinc.nix +++ b/krebs/3modules/tinc.nix @@ -110,8 +110,12 @@ let hostsArchive = mkOption { type = types.package; default = pkgs.runCommand "retiolum-hosts.tar.bz2" {} '' - ${pkgs.coreutils}/bin/ln -s ${tinc.config.hostsPackage} hosts - ${pkgs.gnutar}/bin/tar -hcjf $out hosts + cp \ + --no-preserve=mode \ + --recursive \ + ${tinc.config.hostsPackage} \ + hosts + ${pkgs.gnutar}/bin/tar -cjf $out hosts ''; readOnly = true; }; diff --git a/krebs/3modules/urlwatch.nix b/krebs/3modules/urlwatch.nix index 61ee72e74..43535b08f 100644 --- a/krebs/3modules/urlwatch.nix +++ b/krebs/3modules/urlwatch.nix @@ -75,10 +75,7 @@ let ]; apply = map (x: getAttr (typeOf x) { set = x; - string = { - url = x; - filter = null; - }; + string.url = x; }); }; verbose = mkOption { @@ -96,7 +93,7 @@ let hooksFile = cfg.hooksFile; - configFile = pkgs.writeText "urlwatch.yaml" (toJSON { + configFile = pkgs.writeJSON "urlwatch.yaml" { display = { error = true; new = true; @@ -132,7 +129,7 @@ let line_length = 75; }; }; - }); + }; imp = { systemd.timers.urlwatch = { @@ -210,8 +207,13 @@ let type = types.str; }; filter = mkOption { + default = null; type = with types; nullOr str; # TODO nullOr subtypes.filter }; + ignore_cached = mkOption { + default = null; + type = with types; nullOr bool; + }; }; }; in out diff --git a/krebs/5pkgs/haskell/blessings.nix b/krebs/5pkgs/haskell/blessings.nix index 55f2d17d0..b0e81fdc1 100644 --- a/krebs/5pkgs/haskell/blessings.nix +++ b/krebs/5pkgs/haskell/blessings.nix @@ -6,19 +6,10 @@ with import <stockholm/lib>; version = "1.1.0"; sha256 = "1k908zap3694fcxdk4bb29s54b0lhdh557y10ybjskfwnym7szn1"; }; - "18.09" = { - version = "2.2.0"; - sha256 = "1pb56dgf3jj2kq3cbbppwzyg3ccgqy9xara62hkjwyxzdx20clk1"; - }; - "19.03" = { - version = "2.2.0"; - sha256 = "1pb56dgf3jj2kq3cbbppwzyg3ccgqy9xara62hkjwyxzdx20clk1"; - }; - "19.09" = { - version = "2.2.0"; - sha256 = "1pb56dgf3jj2kq3cbbppwzyg3ccgqy9xara62hkjwyxzdx20clk1"; - }; - }.${versions.majorMinor version}; + }.${versions.majorMinor version} or { + version = "2.2.0"; + sha256 = "1pb56dgf3jj2kq3cbbppwzyg3ccgqy9xara62hkjwyxzdx20clk1"; + }; in mkDerivation { pname = "blessings"; diff --git a/krebs/5pkgs/override/default.nix b/krebs/5pkgs/override/default.nix new file mode 100644 index 000000000..704831823 --- /dev/null +++ b/krebs/5pkgs/override/default.nix @@ -0,0 +1,12 @@ +with import <stockholm/lib>; +self: super: { + + exim = super.exim.overrideAttrs (old: rec { + name = warnOldVersion old.name "exim-4.92.2"; + src = self.fetchurl { + url = "https://ftp.exim.org/pub/exim/exim4/${name}.tar.xz"; + sha256 = "0m56jsh2fzvwj4rdpcc3pkd5vsi40cjrpzalis7l1zq33m4axmq1"; + }; + }); + +} diff --git a/krebs/5pkgs/simple/nix-prefetch-github.nix b/krebs/5pkgs/simple/nix-prefetch-github.nix new file mode 100644 index 000000000..14096c33f --- /dev/null +++ b/krebs/5pkgs/simple/nix-prefetch-github.nix @@ -0,0 +1,25 @@ +{ curl, jq, nix, writeDashBin }: + +writeDashBin "nix-prefetch-github" '' + # usage: nix-prefetch-github OWNER REPO [REF] + set -efu + + owner=$1 + repo=$2 + ref=''${3-master} + + info_url=https://api.github.com/repos/$owner/$repo/commits/$ref + info=$(${curl}/bin/curl -fsS "$info_url") + rev=$(printf %s "$info" | ${jq}/bin/jq -r .sha) + + name=$owner-$repo-$ref + url=https://github.com/$owner/$repo/tarball/$rev + sha256=$(${nix}/bin/nix-prefetch-url --name "$name" --unpack "$url") + + export owner repo rev sha256 + ${jq}/bin/jq -n ' + env | { + owner, repo, rev, sha256 + } + ' +'' diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json new file mode 100644 index 000000000..5f8f0c771 --- /dev/null +++ b/krebs/nixpkgs-unstable.json @@ -0,0 +1,7 @@ +{ + "url": "https://github.com/NixOS/nixpkgs-channels", + "rev": "d484f2b7fc0834a068e8ace851faa449a03963f5", + "date": "2019-09-20T22:58:43+02:00", + "sha256": "0jk93ikryi2hqc30l2n5i4vlgmklrlzb8cf7b3sg1q3k70q344jn", + "fetchSubmodules": false +} diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index fd73bd142..f1dd0bf6d 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "e02148563af765625be323465fb7a1d22072d88c", - "date": "2019-08-26T07:58:15-04:00", - "sha256": "1fa84bf9gpd5n1lc0ifxda44hbdkg8ka720yxsg6h8plsqjjxzs8", + "rev": "021d733ea3f87b8c9232020b4e606d08eaca160b", + "date": "2019-09-20T08:20:21+02:00", + "sha256": "13600nzrakvg2hsfg5yr7x0jp9m762nvjyddf07q60d3m7vx9jxy", "fetchSubmodules": false } diff --git a/krebs/update-nixpkgs-unstable.sh b/krebs/update-nixpkgs-unstable.sh new file mode 100755 index 000000000..068da5f6f --- /dev/null +++ b/krebs/update-nixpkgs-unstable.sh @@ -0,0 +1,9 @@ +#!/bin/sh +dir=$(dirname $0) +oldrev=$(cat $dir/nixpkgs-unstable.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/') +nix-shell -p nix-prefetch-git --run 'nix-prefetch-git \ + --url https://github.com/NixOS/nixpkgs-channels \ + --rev refs/heads/nixos-unstable' \ +> $dir/nixpkgs-unstable.json +newrev=$(cat $dir/nixpkgs-unstable.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/') +git commit $dir/nixpkgs.json -m "nixpkgs-unstable: $oldrev -> $newrev" diff --git a/krebs/update-channel.sh b/krebs/update-nixpkgs.sh index 08354357a..08354357a 100755 --- a/krebs/update-channel.sh +++ b/krebs/update-nixpkgs.sh diff --git a/lass/1systems/hilum/config.nix b/lass/1systems/hilum/config.nix new file mode 100644 index 000000000..998fa1478 --- /dev/null +++ b/lass/1systems/hilum/config.nix @@ -0,0 +1,28 @@ +{ config, ... }: +{ + imports = [ + <stockholm/lass> + + <stockholm/lass/2configs/retiolum.nix> + <stockholm/lass/2configs/baseX.nix> + <stockholm/lass/2configs/browsers.nix> + <stockholm/lass/2configs/programs.nix> + <stockholm/lass/2configs/network-manager.nix> + <stockholm/lass/2configs/mail.nix> + <stockholm/lass/2configs/syncthing.nix> + ]; + + krebs.build.host = config.krebs.hosts.hilum; + + boot.loader.grub.extraEntries = '' + menuentry "grml" { + iso_path=/isos/grml.iso + export iso_path + search --set=root --file $iso_path + loopback loop $iso_path + root=(loop) + configfile /boot/grub/loopback.cfg + loopback --delete loop + } + ''; +} diff --git a/lass/1systems/hilum/physical.nix b/lass/1systems/hilum/physical.nix new file mode 100644 index 000000000..f8bab57d6 --- /dev/null +++ b/lass/1systems/hilum/physical.nix @@ -0,0 +1,35 @@ +{ lib, pkgs, ... }: + +{ + imports = [ + ./config.nix + <nixpkgs/nixos/modules/installer/scan/not-detected.nix> + ]; + + boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" "xhci_pci" "usb_storage" "sd_mod" "sdhci_pci" ]; + boot.initrd.kernelModules = [ "dm-snapshot" ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + boot.loader.grub.enable = true; + boot.loader.grub.efiSupport = true; + boot.loader.grub.device = "/dev/disk/by-id/usb-General_USB_Flash_Disk_0374116060006128-0:0"; + boot.loader.grub.efiInstallAsRemovable = true; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/6db29cdd-ff64-496d-b541-5f1616665dc2"; + fsType = "ext4"; + }; + + boot.initrd.luks.devices."usb_nix".device = "/dev/disk/by-uuid/3c8ab3af-57fb-4564-9e27-b2766404f5d4"; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/2B9E-5131"; + fsType = "vfat"; + }; + + swapDevices = [ ]; + + nix.maxJobs = lib.mkDefault 4; + powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; +} diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix index 5076beeef..1477d6d8b 100644 --- a/lass/1systems/mors/config.nix +++ b/lass/1systems/mors/config.nix @@ -54,7 +54,7 @@ with import <stockholm/lib>; folders = { the_playlist = { path = "/home/lass/tmp/the_playlist"; - peers = [ "mors" "phone" "prism" ]; + peers = [ "mors" "phone" "prism" "xerxes" ]; }; free_music = { id = "mu9mn-zgvsw"; diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index eec8e34b8..845cf943c 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -31,7 +31,15 @@ with import <stockholm/lib>; openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6o6sdTu/CX1LW2Ff5bNDqGEAGwAsjf0iIe5DCdC7YikCct+7x4LTXxY+nDlPMeGcOF88X9/qFwdyh+9E4g0nUAZaeL14Uc14QDqDt/aiKjIXXTepxE/i4JD9YbTqStAnA/HYAExU15yqgUdj2dnHu7OZcGxk0ZR1OY18yclXq7Rq0Fd3pN3lPP1T4QHM9w66r83yJdFV9szvu5ral3/QuxQnCNohTkR6LoJ4Ny2RbMPTRtb+jPbTQYTWUWwV69mB8ot5nRTP4MRM9pu7vnoPF4I2S5DvSnx4C5zdKzsb7zmIvD4AmptZLrXj4UXUf00Xf7Js5W100Ne2yhYyhq+35 riot@lagrange" ]; + packages = [ + (pkgs.writeDashBin "kick-routing" '' + /run/wrappers/bin/sudo ${pkgs.systemd}/bin/systemctl restart krebs-iptables.service + '') + ]; }; + security.sudo.extraConfig = '' + riot ALL=(root) NOPASSWD: ${pkgs.systemd}/bin/systemctl restart krebs-iptables.service + ''; # TODO write function for proxy_pass (ssl/nonssl) diff --git a/lass/1systems/prism/physical.nix b/lass/1systems/prism/physical.nix index 9a84e9d63..7458f5ffd 100644 --- a/lass/1systems/prism/physical.nix +++ b/lass/1systems/prism/physical.nix @@ -20,6 +20,11 @@ fsType = "ext4"; }; + fileSystems."/backups" = { + device = "tank/backups"; + fsType = "zfs"; + }; + fileSystems."/srv/http" = { device = "tank/srv-http"; fsType = "zfs"; diff --git a/lass/1systems/shodan/config.nix b/lass/1systems/shodan/config.nix index 5de87d790..ad510283f 100644 --- a/lass/1systems/shodan/config.nix +++ b/lass/1systems/shodan/config.nix @@ -17,6 +17,7 @@ with import <stockholm/lib>; <stockholm/lass/2configs/blue-host.nix> <stockholm/lass/2configs/green-host.nix> <stockholm/lass/2configs/ssh-cryptsetup.nix> + <stockholm/lass/2configs/nfs-dl.nix> ]; krebs.build.host = config.krebs.hosts.shodan; @@ -24,4 +25,90 @@ with import <stockholm/lib>; services.logind.extraConfig = '' HandleLidSwitch=ignore ''; + + #media center + users.users.media = { + isNormalUser = true; + uid = genid_uint31 "media"; + extraGroups = [ "video" "audio" ]; + }; + + services.xserver.displayManager.lightdm.autoLogin = { + enable = true; + user = "media"; + }; + + #hass + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p tcp --dport 8123"; target = "ACCEPT"; } + { predicate = "-p tcp --dport 1883"; target = "ACCEPT"; } + # zerotierone + { predicate = "-p udp --dport 9993"; target = "ACCEPT"; } + ]; + + services.home-assistant = let + tasmota_s20 = name: topic: { + platform = "mqtt"; + inherit name; + state_topic = "stat/${topic}/POWER"; + command_topic = "cmnd/${topic}/POWER"; + payload_on = "ON"; + payload_off = "OFF"; + }; + in { + enable = true; + package = pkgs.home-assistant.override { + python3 = pkgs.python36; + #extraComponents = [ + # (pkgs.fetchgit { + # url = "https://github.com/marcschumacher/dwd_pollen"; + # rev = "0.1"; + # sha256 = "12vldwsds27c9l15ffc6svk9mj17jhypcz736pvpmpqbsymllz2p"; + # }) + #]; + }; + config = { + homeassistant = { + name = "Home"; time_zone = "Europe/Berlin"; + latitude = "48.7687"; + longitude = "9.2478"; + elevation = 247; + }; + sun.elevation = 66; + discovery = {}; + frontend = { }; + mqtt = { + broker = "localhost"; + port = 1883; + client_id = "home-assistant"; + username = "gg23"; + password = "gg23-mqtt"; + keepalive = 60; + protocol = 3.1; + }; + sensor = [ + ]; + switch = [ + (tasmota_s20 "Drucker Strom" "drucker") + (tasmota_s20 "Bett Licht" "bett") + ]; + device_tracker = [ + { + platform = "luci"; + } + ]; + }; + }; + + services.mosquitto = { + enable = true; + host = "0.0.0.0"; + allowAnonymous = false; + checkPasswords = true; + users.gg23 = { + password = "gg23-mqtt"; + acl = [ "topic readwrite #" ]; + }; + }; + environment.systemPackages = [ pkgs.mosquitto ]; } diff --git a/lass/1systems/shodan/physical.nix b/lass/1systems/shodan/physical.nix index 41508127c..7cfeba932 100644 --- a/lass/1systems/shodan/physical.nix +++ b/lass/1systems/shodan/physical.nix @@ -13,7 +13,6 @@ initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; } ]; initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ]; - #kernelModules = [ "kvm-intel" "msr" ]; }; fileSystems = { "/" = { diff --git a/lass/2configs/backup.nix b/lass/2configs/backup.nix index 94272fdb0..f5c241785 100644 --- a/lass/2configs/backup.nix +++ b/lass/2configs/backup.nix @@ -6,6 +6,7 @@ with import <stockholm/lib>; useDefaultShell = true; home = "/backups"; createHome = true; + group = "syncthing"; openssh.authorizedKeys.keys = with config.krebs.hosts; [ blue.ssh.pubkey ]; diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 5003d2279..ecbb7541f 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -59,6 +59,7 @@ in { environment.systemPackages = with pkgs; [ acpi + acpilight ag cabal2nix cholerab @@ -72,6 +73,7 @@ in { lm_sensors ncdu nix-index + nix-review nmap pavucontrol powertop @@ -79,9 +81,10 @@ in { sxiv taskwarrior termite + transgui + wirelesstools xclip xephyrify - xorg.xbacklight xorg.xhost xsel zathura @@ -94,6 +97,12 @@ in { xlibs.fontschumachermisc ]; + services.udev.extraRules = '' + SUBSYSTEM=="backlight", ACTION=="add", \ + RUN+="${pkgs.coreutils}/bin/chgrp video /sys/class/backlight/%k/brightness", \ + RUN+="${pkgs.coreutils}/bin/chmod g+w /sys/class/backlight/%k/brightness" + ''; + services.xserver = { enable = true; layout = "us"; diff --git a/lass/2configs/br.nix b/lass/2configs/br.nix index ad307c797..e4ccffe23 100644 --- a/lass/2configs/br.nix +++ b/lass/2configs/br.nix @@ -5,10 +5,11 @@ with import <stockholm/lib>; <nixpkgs/nixos/modules/services/hardware/sane_extra_backends/brscan4.nix> ]; - krebs.nixpkgs.allowUnfreePredicate = pkg: any (flip hasPrefix pkg.name) [ - "brother-udev-rule-type1-" - "brscan4-" - "mfcl2700dnlpr-" + krebs.nixpkgs.allowUnfreePredicate = pkg: any (eq (packageName pkg)) [ + "brother-udev-rule-type1" + "brscan4" + "brscan4-etc-files" + "mfcl2700dnlpr" ]; hardware.sane = { diff --git a/lass/2configs/nfs-dl.nix b/lass/2configs/nfs-dl.nix index abbcc1d42..ba53321b9 100644 --- a/lass/2configs/nfs-dl.nix +++ b/lass/2configs/nfs-dl.nix @@ -1,7 +1,20 @@ { fileSystems."/mnt/prism" = { - device = "prism.w:/export"; + device = "prism.w:/export/download"; fsType = "nfs"; + options = [ + "timeo=14" + "noauto" + "noatime" + "nodiratime" + "noac" + "nocto" + "x-systemd.automount" + "x-systemd.device-timeout=1" + "x-systemd.idle-timeout=1min" + "x-systemd.requires=retiolum.service" + "x-systemd.requires=wpa_supplicant.service" + ]; }; } diff --git a/lib/default.nix b/lib/default.nix index 8ba55b571..14e6e27a3 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -30,6 +30,9 @@ let listToAttrs (map (name: nameValuePair name set.${name}) (filter (flip hasAttr set) names)); + packageName = pkg: + pkg.pname or (parseDrvName pkg.name).name; + test = re: x: isString x && testString re x; testString = re: x: match re x != null; diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index 9585d8599..3b084d35a 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -81,7 +81,7 @@ in { # ci # <stockholm/makefu/2configs/exim-retiolum.nix> <stockholm/makefu/2configs/git/cgit-retiolum.nix> - <stockholm/makefu/2configs/shack/events-publisher> + # <stockholm/makefu/2configs/shack/events-publisher> <stockholm/makefu/2configs/shack/gitlab-runner> <stockholm/makefu/2configs/remote-build/slave.nix> <stockholm/makefu/2configs/remote-build/aarch64-community.nix> @@ -90,36 +90,20 @@ in { # services # <stockholm/makefu/2configs/sabnzbd.nix> <stockholm/makefu/2configs/mail/mail.euer.nix> - { - krebs.exim.enable = mkForce false; - } + { krebs.exim.enable = mkForce false; } # sharing <stockholm/makefu/2configs/share/gum.nix> <stockholm/makefu/2configs/torrent.nix> - { services.sickbeard = { - enable = true; - package = pkgs.sickgear; - user = "sickbeard"; - group = "download"; - port = 8280; - }; - services.nginx.virtualHosts."sick.makefu.r" = { - locations."/".proxyPass = http://localhost:8280; - extraConfig = '' - if ( $server_addr = "${external-ip}" ) { - return 403; - } - ''; - }; - users.users.sickbeard.extraGroups = [ "nginx" ]; - } + <stockholm/makefu/2configs/sickbeard> + { nixpkgs.config.allowUnfree = true; } #<stockholm/makefu/2configs/retroshare.nix> ## <stockholm/makefu/2configs/ipfs.nix> #<stockholm/makefu/2configs/syncthing.nix> # <stockholm/makefu/2configs/opentracker.nix> + ## network <stockholm/makefu/2configs/vpn/openvpn-server.nix> # <stockholm/makefu/2configs/vpn/vpnws/server.nix> @@ -151,6 +135,8 @@ in { <stockholm/makefu/2configs/deployment/graphs.nix> <stockholm/makefu/2configs/deployment/owncloud.nix> <stockholm/makefu/2configs/deployment/boot-euer.nix> + <stockholm/makefu/2configs/shiori.nix> + <stockholm/makefu/2configs/bgt/download.binaergewitter.de.nix> <stockholm/makefu/2configs/bgt/hidden_service.nix> <stockholm/makefu/2configs/bgt/backup.nix> @@ -159,6 +145,11 @@ in { # sharing <stockholm/makefu/2configs/dcpp/airdcpp.nix> + { krebs.airdcpp.dcpp.shares = { + download.path = config.makefu.dl-dir + "/finished"; + sorted.path = config.makefu.dl-dir + "/sorted"; + }; + } <stockholm/makefu/2configs/dcpp/hub.nix> ## Temporary: diff --git a/makefu/1systems/gum/hardware-config.nix b/makefu/1systems/gum/hardware-config.nix index e49b621e7..2d7efe9cf 100644 --- a/makefu/1systems/gum/hardware-config.nix +++ b/makefu/1systems/gum/hardware-config.nix @@ -69,6 +69,11 @@ in { fsType = "ext4"; options = [ "nofail" ]; }; + fileSystems."/var/www/o.euer.krebsco.de" = { + device = "/dev/nixos/nextcloud"; + fsType = "ext4"; + options = [ "nofail" ]; + }; fileSystems."/var/lib/borgbackup" = { device = "/dev/nixos/backup"; fsType = "ext4"; diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix index ac2677b7f..9b9b91a6f 100644 --- a/makefu/1systems/omo/config.nix +++ b/makefu/1systems/omo/config.nix @@ -11,6 +11,7 @@ in { ./hw/omo.nix #./hw/tsp.nix <stockholm/makefu> + { environment.systemPackages = with pkgs;[ tmux picocom ];} <stockholm/makefu/2configs/support-nixos.nix> <stockholm/makefu/2configs/zsh-user.nix> <stockholm/makefu/2configs/backup/state.nix> diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix index ad7fc825c..3306279b9 100644 --- a/makefu/1systems/wbob/config.nix +++ b/makefu/1systems/wbob/config.nix @@ -47,7 +47,8 @@ in { <stockholm/makefu/2configs/bureautomation> # new hass entry point <stockholm/makefu/2configs/bureautomation/led-fader.nix> - # <stockholm/makefu/2configs/bureautomation/mpd.nix> #mpd is only used for TTS + # <stockholm/makefu/2configs/bureautomation/visitor-photostore.nix> + # <stockholm/makefu/2configs/bureautomation/mpd.nix> #mpd is only used for TTS, this is the web interface <stockholm/makefu/2configs/mqtt.nix> (let collectd-port = 25826; @@ -146,10 +147,8 @@ in { # rt2870.bin wifi card, part of linux-unfree hardware.enableAllFirmware = true; nixpkgs.config.allowUnfree = true; - networking.wireless.enable = true; # rt2870 with nonfree creates wlp2s0 from wlp0s20u2 # not explicitly setting the interface results in wpa_supplicant to crash - networking.wireless.interfaces = [ "wlp2s0" ]; networking.interfaces.virbr1.ipv4.addresses = [{ address = "10.8.8.11"; prefixLength = 24; @@ -161,8 +160,8 @@ in { hardware.cpu.intel.updateMicrocode = true; boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; - boot.kernelModules = [ "kvm-intel" - "snd-seq" "snd-rawmidi" + boot.kernelModules = [ + "kvm-intel" "snd-seq" "snd-rawmidi" ]; fileSystems = { "/" = { diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix index 32a548954..ad9a3324b 100644 --- a/makefu/1systems/x/config.nix +++ b/makefu/1systems/x/config.nix @@ -15,6 +15,7 @@ <stockholm/makefu/2configs/main-laptop.nix> <stockholm/makefu/2configs/extra-fonts.nix> + <stockholm/makefu/2configs/editor/neovim> <stockholm/makefu/2configs/tools/all.nix> { programs.adb.enable = true; } @@ -58,6 +59,7 @@ # Krebs <stockholm/makefu/2configs/tinc/retiolum.nix> # <stockholm/makefu/2configs/share/gum-client.nix> + # <stockholm/makefu/2configs/share/temp-share-samba.nix> # applications @@ -68,7 +70,7 @@ # Virtualization # <stockholm/makefu/2configs/virtualisation/libvirt.nix> - # <stockholm/makefu/2configs/virtualisation/docker.nix> + <stockholm/makefu/2configs/virtualisation/docker.nix> <stockholm/makefu/2configs/virtualisation/virtualbox.nix> #{ # networking.firewall.allowedTCPPorts = [ 8080 ]; @@ -189,6 +191,7 @@ "/home/makefu/.imapfilter" "/home/makefu/.mutt" "/home/makefu/docs" + "/home/makefu/notes" "/home/makefu/.password-store" "/home/makefu/.secrets-pass" "/home/makefu/.config/syncthing" @@ -198,4 +201,11 @@ services.syncthing.dataDir = lib.mkForce "/home/makefu/.config/syncthing/"; # latest kernel (5.0) has issues with wifi card boot.kernelPackages = pkgs.linuxPackages; + # Bugfix for wifi card + powerManagement.resumeCommands = '' + sleep 2 + echo 1 > /sys/bus/pci/devices/0000:03:00.0/remove + sleep 3 + echo 1 > /sys/bus/pci/rescan + ''; } diff --git a/makefu/2configs/bgt/download.binaergewitter.de.nix b/makefu/2configs/bgt/download.binaergewitter.de.nix index f223081e9..77c9ddc81 100644 --- a/makefu/2configs/bgt/download.binaergewitter.de.nix +++ b/makefu/2configs/bgt/download.binaergewitter.de.nix @@ -37,6 +37,11 @@ in { ''; }; services.nginx = { + appendHttpConfig = '' + types { + audio/ogg oga ogg opus; + } + ''; enable = lib.mkDefault true; recommendedGzipSettings = true; recommendedOptimisation = true; diff --git a/makefu/2configs/bureautomation/automation/bureau-shutdown.nix b/makefu/2configs/bureautomation/automation/bureau-shutdown.nix index 007f6064a..b9aa710c3 100644 --- a/makefu/2configs/bureautomation/automation/bureau-shutdown.nix +++ b/makefu/2configs/bureautomation/automation/bureau-shutdown.nix @@ -34,18 +34,18 @@ } { alias = "Turn off Fernseher after last in group left"; trigger = [ - { # trigger when movement was detected at the time - platform = "state"; - entity_id = "group.team"; - from = "home"; - to = "not_home"; - } - { # trigger at 18:00 no matter what - # to avoid 'everybody left before 18:00:00' - platform = "time"; - at = "18:00:00"; - } - ]; + { # trigger when movement was detected at the time + platform = "state"; + entity_id = "group.team"; + from = "home"; + to = "not_home"; + } + { # trigger at 18:00 no matter what + # to avoid 'everybody left before 18:00:00' + platform = "time"; + at = "18:00:00"; + } + ]; action = [ { service = "homeassistant.turn_off"; @@ -58,7 +58,7 @@ } { service = "notify.telegrambot"; - data = { + data_template = { title = "Bureau Shutdown"; message = "All devices are turned off due to {{ trigger.platform }}"; }; diff --git a/makefu/2configs/bureautomation/camera/comic.nix b/makefu/2configs/bureautomation/camera/comic.nix new file mode 100644 index 000000000..a847b0add --- /dev/null +++ b/makefu/2configs/bureautomation/camera/comic.nix @@ -0,0 +1,6 @@ +[ + { name = "Poorly Drawn Lines"; + platform = "generic"; + still_image_url = http://127.0.0.1:8123/local/lines.png ; + } +] diff --git a/makefu/2configs/bureautomation/comic-updater.nix b/makefu/2configs/bureautomation/comic-updater.nix new file mode 100644 index 000000000..5f26bc2c7 --- /dev/null +++ b/makefu/2configs/bureautomation/comic-updater.nix @@ -0,0 +1,28 @@ +{ config, lib, pkgs, buildPythonPackage, ... }: + +let + mq = "192.168.8.11"; + pkg = pkgs.ampel; +in { + systemd.services.comic-updater = { + startAt = "daily"; + description = "Send led change to message queue"; + after = [ "network-online.target" ] ++ (lib.optional config.services.mosquitto.enable "mosquitto.service"); + path = with pkgs; [ wget xmlstarlet ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + User = "hass"; + WorkingDirectory = config.services.home-assistant.configDir; + ExecStart = pkgs.writeDash "update-poorly-drawn-lines" '' + set -euf + mkdir -p www/ + cd www/ + pic=$(wget -O- http://www.poorlydrawnlines.com/feed/ \ + | xml sel -t -v '/rss/channel/item/content:encoded' \ + | head -n 2 | sed -n 's/.*src="\([^"]\+\)".*/\1/p' ) + wget "$pic" -nc && cp -v "$(basename "$pic")" lines.png + ''; + PrivateTmp = true; + }; + }; +} diff --git a/makefu/2configs/bureautomation/default.nix b/makefu/2configs/bureautomation/default.nix index 8ec9dacc2..d745d894a 100644 --- a/makefu/2configs/bureautomation/default.nix +++ b/makefu/2configs/bureautomation/default.nix @@ -1,12 +1,14 @@ { config, pkgs, lib, ... }: let kodi-host = "192.168.8.11"; - ten_hours = import ./combination/10h_timers.nix { inherit lib; }; # provides: timer automation script - mittagessen = import ./combination/mittagessen.nix { inherit lib; }; # provides: automation script - matrix = import ./combination/matrix.nix { inherit lib; }; # provides: matrix automation + ten_hours = import ./multi/10h_timers.nix { inherit lib; }; # provides: timer automation script + mittagessen = import ./multi/mittagessen.nix { inherit lib; }; # provides: automation script + matrix = import ./multi/matrix.nix { inherit lib; }; # provides: matrix automation + aramark = import ./multi/aramark.nix { inherit lib; }; # provides: pommes sensor in { imports = [ ./ota.nix + ./comic-updater.nix ]; networking.firewall.allowedTCPPorts = [ 8123 ]; state = [ "/var/lib/hass/known_devices.yaml" ]; @@ -113,7 +115,8 @@ in { ]; binary_sensor = (import ./binary_sensor/buttons.nix) ++ - (import ./binary_sensor/motion.nix); + (import ./binary_sensor/motion.nix) ++ + aramark.binary_sensor; sensor = [{ platform = "version"; }] ++ @@ -122,10 +125,12 @@ in { (import ./sensor/airquality.nix) ++ ((import ./sensor/outside.nix) {inherit lib;}) ++ (import ./sensor/influxdb.nix) ++ - (import ./sensor/tasmota_firmware.nix); + (import ./sensor/tasmota_firmware.nix) ++ + aramark.sensor; camera = - (import ./camera/verkehrskamera.nix); + (import ./camera/verkehrskamera.nix) + ++ (import ./camera/comic.nix); # not yet released #person = @@ -174,6 +179,7 @@ in { "group.team" "group.nachtlicht" "group.switches" + "group.aramark" ]; }; automation = []; @@ -195,7 +201,6 @@ in { "device_tracker.carsten_phone" "device_tracker.thierry_phone" "device_tracker.frank_phone" - "device_tracker.anthony_phone" # "person.thorsten" # "person.felix" # "person.ecki" @@ -205,6 +210,7 @@ in { "camera.Baumarkt" "camera.Autobahn_Heilbronn" "camera.Autobahn_Singen" + "camera.poorly_drawn_lines" ]; nachtlicht = [ "switch.nachtlicht_a" @@ -212,6 +218,21 @@ in { "switch.nachtlicht_c" "switch.nachtlicht_d" ]; + Aramark = [ + "binary_sensor.pommes" + "sensor.menu_1" + "sensor.menu_1_text" + "sensor.menu_1_preis" + "sensor.menu_2" + "sensor.menu_2_text" + "sensor.menu_2_preis" + "sensor.aktion" + "sensor.aktion_text" + "sensor.aktion_preis" + "sensor.mercato" + "sensor.mercato_text" + "sensor.mercato_preis" + ]; sensors = [ "media_player.kodi" "script.blitz_10s" @@ -221,6 +242,7 @@ in { "sensor.easy2_dht22_humidity" "sensor.easy2_dht22_temperature" "sensor.air_quality" + # "binary_sensor.aramark_pommes" # "binary_sensor.redbutton" ]; outside = [ diff --git a/makefu/2configs/bureautomation/lib/scripts.nix b/makefu/2configs/bureautomation/lib/scripts.nix new file mode 100644 index 000000000..d8665f94f --- /dev/null +++ b/makefu/2configs/bureautomation/lib/scripts.nix @@ -0,0 +1,18 @@ +{ lib, ... }: +{ + multi_flash = { entity, delays ? [ 500 ], alias ? "${entity}_multi_flash_${toString (lib.length delays)}" }: + { + inherit alias; + sequence = lib.flatten (builtins.map (delay: [ + { service = "homeassistant.turn_on"; + data.entity_id = entity; + } + { delay.milliseconds = delay; } + { service = "homeassistant.turn_off"; + data.entity_id = entity; + } + { delay.milliseconds = delay; } + ] + ) delays); + }; +} diff --git a/makefu/2configs/bureautomation/combination/10h_timers.nix b/makefu/2configs/bureautomation/multi/10h_timers.nix index dec5347a6..53bfd3725 100644 --- a/makefu/2configs/bureautomation/combination/10h_timers.nix +++ b/makefu/2configs/bureautomation/multi/10h_timers.nix @@ -1,7 +1,6 @@ {lib, ... }: let - persons = [ "frank" "daniel" "thorsten" "carsten" "thierry" "ecki" "felix" - "anthony" # antony + persons = [ "frank" "daniel" "thorsten" "carsten" "ecki" "felix" "thierry" # tjeri ]; random_zu_lange = name: ''{{ [ @@ -45,7 +44,7 @@ let "Im Kalender von ${name} sind heute acht Meetings eingeplant, von denen zwei bereits verpasst wurden", "Das Postfach von ${name} beinhaltet einhundertachtundzwanzig ungelesene E-Mails.", "Nachricht von Serge: ${name}, bitte melden Sie sich Umgehend bei mir im Büro!", - "Luftqualität hat sich durch das Eintreffen von ${name} um zweihunder Punkte verschlechtert, bitte alle Fenster öffnen.", + "Luftqualität hat sich durch das Eintreffen von ${name} um zweihundert Punkte verschlechtert, bitte alle Fenster öffnen.", "Die Tür geht auf, wer mag das sein? Schon schreitet hier der ${name} ein. Das Volk, es jubelt, Dirnen schmachten. Fürs Festmahl beginnt man schon zu schlachten. Er wird nur nach dem besten streben! Der ${name}, er soll lange leben!", "${name} arbeitet gern für seinen Konzern", "${name} ist nur froh im Großraumbüro", @@ -147,8 +146,8 @@ let entity_id = [ "timer.${name}_10h" ] ; } { service = "homeassistant.turn_on"; - entity_id = [ - # "script.buzz_${name}" + entity_id = [ + "switch.fernseher" "script.blitz_10s" "script.announce_${name}" ]; diff --git a/makefu/2configs/bureautomation/combination/README.md b/makefu/2configs/bureautomation/multi/README.md index baad87fda..baad87fda 100644 --- a/makefu/2configs/bureautomation/combination/README.md +++ b/makefu/2configs/bureautomation/multi/README.md diff --git a/makefu/2configs/bureautomation/multi/aramark.nix b/makefu/2configs/bureautomation/multi/aramark.nix new file mode 100644 index 000000000..ebe2cde81 --- /dev/null +++ b/makefu/2configs/bureautomation/multi/aramark.nix @@ -0,0 +1,24 @@ +{ lib, ... }: +let + aramark = topic: name: + { platform = "mqtt"; + inherit name; + state_topic = "/aramark/thales-deutschland/${topic}"; + }; + aramark_menue = menue: + [ + (aramark "${menue}/title" menue) + (aramark "${menue}/description" "${menue} Text") + ((aramark "${menue}/price" "${menue} Preis") // { unit_of_measurement = "€"; }) + ]; +in +{ + sensor = (aramark_menue "Menü 1") + ++ (aramark_menue "Menü 2") + ++ (aramark_menue "Mercato") + ++ (aramark_menue "Aktion"); + binary_sensor = + [ + ((aramark "pommes" "Pommes" ) // { payload_on = "True"; payload_off = "False"; }) + ]; +} diff --git a/makefu/2configs/bureautomation/combination/matrix.nix b/makefu/2configs/bureautomation/multi/matrix.nix index 85ba31986..85ba31986 100644 --- a/makefu/2configs/bureautomation/combination/matrix.nix +++ b/makefu/2configs/bureautomation/multi/matrix.nix diff --git a/makefu/2configs/bureautomation/combination/mittagessen.nix b/makefu/2configs/bureautomation/multi/mittagessen.nix index 3ec70998d..3ec70998d 100644 --- a/makefu/2configs/bureautomation/combination/mittagessen.nix +++ b/makefu/2configs/bureautomation/multi/mittagessen.nix diff --git a/makefu/2configs/bureautomation/visitor-photostore.nix b/makefu/2configs/bureautomation/visitor-photostore.nix new file mode 100644 index 000000000..762226549 --- /dev/null +++ b/makefu/2configs/bureautomation/visitor-photostore.nix @@ -0,0 +1,57 @@ +{ config, lib, pkgs, ... }: +# more than just nginx config but not enough to become a module +let + wsgi-sock = "${workdir}/uwsgi-photostore.sock"; + workdir = config.services.uwsgi.runDir; + wifi-itf = "wlp2s0"; + wifi-ip = "172.16.9.96"; +in { + + services.uwsgi = { + enable = true; + user = "nginx"; + runDir = "/var/lib/photostore"; + plugins = [ "python3" ]; + instance = { + type = "emperor"; + vassals = { + cameraupload-server = { + type = "normal"; + pythonPackages = self: with self; [ pkgs.cameraupload-server ]; + socket = wsgi-sock; + }; + }; + }; + }; + + services.nginx = { + enable = lib.mkDefault true; + virtualHosts.${wifi-ip} = { + locations = { + "/".extraConfig = '' + expires -1; + uwsgi_pass unix://${wsgi-sock}; + uwsgi_param UWSGI_CHDIR ${workdir}; + uwsgi_param UWSGI_MODULE cuserver.main; + uwsgi_param UWSGI_CALLABLE app; + include ${pkgs.nginx}/conf/uwsgi_params; + ''; + }; + }; + }; + + networking.firewall.allowedTCPPorts = [ 80 ]; +# networking.interfaces.${wifi-itf}.ipv4.addresses = [{ +# address = wifi-ip; +# prefixLength = 24; +# }]; + + networking.wireless = { + enable = true; + interfaces = [ wifi-itf ]; + networks.Mobility = { + priority = -999; + psk = null; + }; + }; +} diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix index 177114a49..5faf3ce93 100644 --- a/makefu/2configs/default.nix +++ b/makefu/2configs/default.nix @@ -31,7 +31,8 @@ with import <stockholm/lib>; boot.kernelPackages = lib.mkDefault pkgs.linuxPackages_latest; - nixpkgs.config.allowUnfreePredicate = (pkg: pkgs.lib.hasPrefix "unrar-" pkg.name); + nixpkgs.config.allowUnfreePredicate = pkg: packageName pkg == "unrar"; + krebs = { enable = true; diff --git a/makefu/2configs/editor/neovim/default.nix b/makefu/2configs/editor/neovim/default.nix new file mode 100644 index 000000000..c288212e9 --- /dev/null +++ b/makefu/2configs/editor/neovim/default.nix @@ -0,0 +1,67 @@ +{pkgs, config, ...}: +{ + fonts.fonts = [ pkgs.font-awesome_5 ]; + # Neovim dependencies + home-manager.users.makefu = { + home.packages = with pkgs; [ + ctags # dependencie + jq # For fixing json files + xxd # .bin files will be displayed with xxd + shellcheck # Shell linting + # ansible-lint # Ansible linting + unzip # To vim into unzipped files + # nodePackages.jsonlint # json linting + #ccls # C/C++ language server + #clang-tools # C++ fixer + cargo + + # Go support + #go + #gotools + #gocode + ]; + + home.file.".config/pycodestyle".text= '' + [pycodestyle] + max-line-length = 125 + ''; + programs.neovim = { + enable = true; + withPython3 = true; + # withNodeJs = true; + extraPython3Packages = (ps: with ps; [ python-language-server pyls-mypy black libxml2]); + configure = { + customRC = builtins.readFile ./vimrc; + packages.myVimPackage = with pkgs.vimPlugins; + { + # loaded on launch + start = [ + undotree + vim-addon-nix + + nerdtree # file manager + commentary # comment stuff out based on language + fugitive # full git integration + vim-airline-themes # lean & mean status/tabline + vim-airline # status bar + gitgutter # git diff in the gutter (sign column) + vim-trailing-whitespace # trailing whitspaces in red + tagbar # F3 function overview + ReplaceWithRegister # For better copying/replacing + polyglot # Language pack + vim-indent-guides # for displaying indent levels + deoplete-nvim # general autocompletion + deoplete-go + ale + molokai # color scheme + ]; + # manually loadable by calling `:packadd $plugin-name` + opt = []; + # To automatically load a plugin when opening a filetype, add vimrc lines like: + # autocmd FileType php :packadd phpCompletion + }; + }; + }; + }; +} + diff --git a/makefu/2configs/editor/neovim/vimrc b/makefu/2configs/editor/neovim/vimrc new file mode 100644 index 000000000..2a0a59f01 --- /dev/null +++ b/makefu/2configs/editor/neovim/vimrc @@ -0,0 +1,469 @@ +"***************************************************************************** +"" Functions +"***************************************************************************** + +function! GetBufferList() + redir =>buflist + silent! ls! + redir END + return buflist +endfunction + +function! ToggleList(bufname, pfx) + let buflist = GetBufferList() + for bufnum in map(filter(split(buflist, '\n'), 'v:val =~ "'.a:bufname.'"'), 'str2nr(matchstr(v:val, "\\d\\+"))') + if bufwinnr(bufnum) != -1 + exec(a:pfx.'close') + return + endif + endfor + if a:pfx == 'l' && len(getloclist(0)) == 0 + echohl ErrorMsg + echo "Location List is Empty." + return + endif + let winnr = winnr() + exec(a:pfx.'open') + if winnr() != winnr + wincmd p + endif +endfunction + + +"***************************************************************************** +"" Basic Setup +"*****************************************************************************" +" General +let no_buffers_menu=1 +syntax on +set ruler +set number +set mousemodel=popup +set t_Co=256 +set guioptions=egmrti +set gfn=Monospace\ 10 + +" TODO: Testing if this works against automatically setting paste mode +" Issue: https://github.com/neovim/neovim/issues/7994 +au InsertLeave * set nopaste + + +set undofile +"maximum number of changes that can be undone +set undolevels=1000000 +"maximum number lines to save for undo on a buffer reload +set undoreload=10000000 + +set backupdir=~/.vim/backup +set directory=~/.vim/tmp +set undodir =~/.vim/undo + +" create Backup/tmp/undo dirs +set backupdir=~/.vim/backup +set directory=~/.vim/tmp + +function! InitBackupDir() + let l:parent = $HOME . '/.vim/' + let l:backup = l:parent . 'backup/' + let l:tmpdir = l:parent . 'tmp/' + let l:undodir= l:parent . 'undo/' + + + if !isdirectory(l:parent) + call mkdir(l:parent) + endif + if !isdirectory(l:backup) + call mkdir(l:backup) + endif + if !isdirectory(l:tmpdir) + call mkdir(l:tmpdir) + endif + if !isdirectory(l:undodir) + call mkdir(l:undodir) + endif +endfunction +call InitBackupDir() + +augroup Binary + " edit binaries in xxd-output, xxd is part of vim + au! + au BufReadPre *.bin let &bin=1 + au BufReadPost *.bin if &bin | %!xxd + au BufReadPost *.bin set ft=xxd | endif + au BufWritePre *.bin if &bin | %!xxd -r + au BufWritePre *.bin endif + au BufWritePost *.bin if &bin | %!xxd + au BufWritePost *.bin set nomod | endif +augroup END + +" Encoding +set encoding=utf-8 +set fileencoding=utf-8 +set fileencodings=utf-8 +set bomb +set binary + +" Fix backspace indent +set backspace=indent,eol,start + +" Tabs. May be overriten by autocmd rules +set tabstop=4 +set softtabstop=0 +set shiftwidth=4 +set expandtab + +" Map leader to , +let mapleader=',' + +" Required for operations modifying multiple buffers like rename. +set hidden + +" Searching +set hlsearch +set incsearch +set ignorecase +set smartcase + +" Directories for swp files +set nobackup +set noswapfile + +set fileformats=unix,dos,mac + +" File overview +set wildmode=list:longest,list:full +set wildignore+=*.o,*.obj,.git,*.rbc,*.pyc,__pycache__ + +" Shell to emulate +if exists('$SHELL') + set shell=$SHELL +else + set shell=/bin/bash +endif + +" Set color scheme +colorscheme molokai + +"Show always Status bar +set laststatus=2 + +" Use modeline overrides +set modeline +set modelines=10 + +" Set terminal title +set title +set titleold="Terminal" +set titlestring=%F + +" search will center on the line it's found in. +nnoremap n nzzzv +nnoremap N Nzzzv + + + +"***************************************************************************** +"" Abbreviations +"***************************************************************************** +" no one is really happy until you have this shortcuts +cnoreabbrev W! w! +cnoreabbrev Q! q! +cnoreabbrev Qall! qall! +cnoreabbrev Wq wq +cnoreabbrev Wa wa +cnoreabbrev wQ wq +cnoreabbrev WQ wq +cnoreabbrev W w +cnoreabbrev Q q +cnoreabbrev Qall qall + +" NERDTree configuration +let g:NERDTreeChDirMode=2 +let g:NERDTreeIgnore=['\.rbc$', '\~$', '\.pyc$', '\.db$', '\.sqlite$', '__pycache__'] +let g:NERDTreeSortOrder=['^__\.py$', '\/$', '*', '\.swp$', '\.bak$', '\~$'] +let g:NERDTreeShowBookmarks=1 +let g:nerdtree_tabs_focus_on_files=1 +let g:NERDTreeMapOpenInTabSilent = '<RightMouse>' +let g:NERDTreeWinSize = 50 +set wildignore+=*/tmp/*,*.so,*.swp,*.zip,*.pyc,*.db,*.sqlite +nnoremap <silent> <F1> :NERDTreeFind<CR> +nnoremap <silent> <F2> :NERDTreeToggle<CR> + + +" open terminal emulation +nnoremap <silent> <leader>sh :terminal<CR>:startinsert<CR> + +"***************************************************************************** +"" Autocmd Rules +"***************************************************************************** +"" The PC is fast enough, do syntax highlight syncing from start unless 200 lines +augroup vimrc-sync-fromstart + autocmd! + autocmd BufEnter * :syntax sync maxlines=200 +augroup END + +" Nasm filetype +augroup nasm + autocmd! + autocmd BufRead,BufNewFile *.nasm set ft=nasm +augroup END + +" Binary filetype +augroup Binary + au! + au BufReadPre *.bin,*.exe,*.elf let &bin=1 + au BufReadPost *.bin,*.exe,*.elf if &bin | %!xxd + au BufReadPost *.bin,*.exe,*.elf set ft=xxd | endif + au BufWritePre *.bin,*.exe,*.elf if &bin | %!xxd -r + au BufWritePre *.bin,*.exe,*.elf endif + au BufWritePost *.bin,*.exe,*.elf if &bin | %!xxd + au BufWritePost *.bin,*.exe,*.elf set nomod | endif +augroup END + +" Binary filetype +augroup fasm + au! + au BufReadPost *.fasm set ft=fasm +augroup END + +augroup deoplete-update + autocmd! + autocmd VimEnter * UpdateRemotePlugin +augroup END + + + +"" Remember cursor position +augroup vimrc-remember-cursor-position + autocmd! + autocmd BufReadPost * if line("'\"") > 1 && line("'\"") <= line("$") | exe "normal! g`\"" | endif +augroup END + +"" txt +" augroup vimrc-wrapping +" autocmd! +" autocmd BufRead,BufNewFile *.txt call s:setupWrapping() +" augroup END + +"" make/cmake +augroup vimrc-make-cmake + autocmd! + autocmd FileType make setlocal noexpandtab + autocmd BufNewFile,BufRead CMakeLists.txt setlocal filetype=cmake +augroup END + +set autoread + +"***************************************************************************** +"" Mappings +"***************************************************************************** + +" Split +noremap <Leader>h :<C-u>split<CR> +noremap <Leader>v :<C-u>vsplit<CR> + +" Git +noremap <Leader>ga :Gwrite<CR> +noremap <Leader>gc :Gcommit<CR> +noremap <Leader>gsh :Gpush<CR> +noremap <Leader>gll :Gpull<CR> +noremap <Leader>gs :Gstatus<CR> +noremap <Leader>gb :Gblame<CR> +noremap <Leader>gd :Gvdiff<CR> +noremap <Leader>gr :Gremove<CR> + +" Tabs +nnoremap <Tab> gt +nnoremap <S-Tab> gT +nnoremap <silent> <S-t> :tabnew<CR> + +" Set working directory +nnoremap <leader>. :lcd %:p:h<CR> + +" Opens an edit command with the path of the currently edited file filled in +noremap <Leader>e :e <C-R>=expand("%:p:h") . "/" <CR> + +" Opens a tab edit command with the path of the currently edited file filled +noremap <Leader>te :tabe <C-R>=expand("%:p:h") . "/" <CR> + +" Tagbar +nmap <silent> <F3> :TagbarToggle<CR> +let g:tagbar_autofocus = 1 + +" Copy/Paste/Cut +set clipboard^=unnamed,unnamedplus + +noremap YY "+y<CR> +noremap <leader>p "+gP<CR> +noremap XX "+x<CR> + +" Enable mouse for vim +set mouse=a + +" Buffer nav +noremap <leader>z :bp<CR> +noremap <leader>q :bp<CR> +noremap <leader>x :bn<CR> +noremap <leader>w :bn<CR> + +" Close buffer +noremap <leader>c :bd<CR> + +" Clean search (highlight) +nnoremap <silent> <leader><space> :noh<cr> + +" Switching windows +noremap <C-j> <C-w>j +noremap <C-k> <C-w>k +noremap <C-l> <C-w>l +noremap <C-h> <C-w>h + +" Vmap for maintain Visual Mode after shifting > and < +vmap < <gv +vmap > >gv + +" Move visual block +vnoremap J :m '>+1<CR>gv=gv +vnoremap K :m '<-2<CR>gv=gv + +" Open current line on GitHub +nnoremap <Leader>o :.Gbrowse<CR> + + +" Save on strg+s if not in paste mode +nmap <c-s> :w<CR> +vmap <c-s> <Esc><c-s>gv +imap <c-s> <Esc><c-s> + +" Quit on strg+q in normal mode +nnoremap <c-q> :q<cr> + +" Strg+d to replace word under cursor +nnoremap <c-d> :%s/\<<C-r><C-w>\>//g<Left><Left> + +" Strg+f ro find word under cursor +nnoremap <c-f> :/<C-r><C-w><Left><Left> + +" Remove unneccessary spaces +nnoremap <silent> <F8> :let _s=@/ <Bar> :%s/\s\+$//e <Bar> :let @/=_s <Bar> :nohl <Bar> :unlet _s <CR> + +" undotree +nnoremap <F5> :UndotreeToggle<CR> + +" Reindent whole file with F6 +map <F6> mzgg=G`z + +nnoremap <F9> :set invpaste paste?<CR> +set pastetoggle=<F2> +set showmode + +" save on focus lost +au FocusLost * :wa + +" Toggle location list +nmap <silent> <F4> :call ToggleList("Quickfix List", 'c')<CR> + +" Replacing text in visual mode doesn't copy it anymore +xmap p <Plug>ReplaceWithRegisterVisual +xmap <MiddleMouse> <Plug>ReplaceWithRegisterVisual + +"" Opens an edit command with the path of the currently edited file filled in +noremap <Leader>e :e <C-R>=expand("%:p:h") . "/" <CR> + +" Use tab for navigatin in autocompletion window +inoremap <expr> <Tab> pumvisible() ? "\<C-n>" : "\<Tab>" +inoremap <expr> <S-Tab> pumvisible() ? "\<C-p>" : "\<S-Tab>" + +" ALE mappings +nmap <Leader>i <Plug>(ale_hover) +nmap <Leader>d <Plug>(ale_go_to_definition_in_tab) +nmap <Leader>rf <Plug>(ale_find_references) +nmap <silent><F7> <Plug>(ale_fix) + +"***************************************************************************** +"" Plugin settings +"***************************************************************************** + +" vim-airline +set statusline+=%{fugitive#statusline()} +let g:airline_theme = 'powerlineish' +let g:airline#extensions#syntastic#enabled = 1 +let g:airline#extensions#branch#enabled = 1 +let g:airline#extensions#tabline#enabled = 1 +let g:airline#extensions#tagbar#enabled = 1 +let g:airline_skip_empty_sections = 1 +let g:airline#extensions#ale#enabled = 1 + +" show indent lines +let g:indent_guides_enable_on_vim_startup = 1 +let g:indent_guides_auto_colors = 0 +hi IndentGuidesOdd ctermbg=235 +hi IndentGuidesEven ctermbg=235 +let g:indent_guides_guide_size = 1 +let g:indent_guides_start_level = 2 + +" Enable autocompletion +let g:deoplete#enable_at_startup = 1 +set completeopt=noinsert,menuone,noselect +let g:deoplete#sources = {} +let g:deoplete#sources._ = ['ale', 'file', 'omni', 'buffer'] + +" Ale no preview on hover +let g:ale_close_preview_on_insert = 0 +let g:ale_cursor_detail = 0 + +" Ale skip if file size over 2G +let g:ale_maximum_file_size = "2147483648" +let g:ale_set_quickfix = 1 + +" Ale language server +let g:ale_linters = { + \ 'python': ['pyls'], + \ 'cpp': ['ccls'], + \ 'c': ['gcc'], + \ 'xml': ['xmllint'], + \ 'rust': ['cargo'], + \ 'go': ['gofmt'], + \ } + +" ALE fixers +let g:ale_fixers = { '*': ['remove_trailing_lines', 'trim_whitespace'] } +let g:ale_fixers.python = ['black'] +let g:ale_fixers.go = ['gofmt'] +let g:ale_fixers.c = ['clang-format'] +let g:ale_fixers.cpp = ['clang-format'] +let g:ale_fixers.json = ['jq'] +let g:ale_fixers.xml = ['xmllint'] + +let g:ale_completion_enabled = 1 +let g:ale_sign_error = '⤫' +let g:ale_sign_warning = '⚠' +let g:ale_lint_on_insert_leave = 1 + +"***************************************************************************** +"" Shortcuts overview +"***************************************************************************** +" Shortcuts overview +" F1 --> Filetree find +" F2 --> Filetree toggle +" F3 --> Function overview +" F4 --> Toggle error bar + +" F5 --> undotree +" F6 --> Reindent whole file +" F7 --> Format and lint file +" F8 --> Remove trailing whitespaces +" F9 --> toggle paste +" ,i --> Information about function +" ,d --> Jump to definition +" ,r --> Rename in all occurences +" ,rf --> Find references of function/variable +" ,e --> Change current file +" ,te --> Open file in new tab +" u --> Undo +" strg+f --> Find current selected word +" strg+d --> Replace current selected word +" strg+s --> Save file +" strg+q --> Close current file +" space+, --> Stop highlighting words after search + diff --git a/makefu/2configs/editor/vim.nix b/makefu/2configs/editor/vim.nix index d14a611b4..52ccd0ddd 100644 --- a/makefu/2configs/editor/vim.nix +++ b/makefu/2configs/editor/vim.nix @@ -22,7 +22,7 @@ in { vimrcConfig.vam.knownPlugins = pkgs.vimPlugins // customPlugins; vimrcConfig.vam.pluginDictionaries = [ { names = [ "undotree" - # "YouCompleteMe" + "YouCompleteMe" "UltiSnips" "vim-better-whitespace" ]; } # vim-nix handles indentation better but does not perform sanity { names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; } diff --git a/makefu/2configs/editor/vimrc b/makefu/2configs/editor/vimrc index 8cdab55db..309e81a05 100644 --- a/makefu/2configs/editor/vimrc +++ b/makefu/2configs/editor/vimrc @@ -96,3 +96,17 @@ augroup Binary au BufWritePost *.bin if &bin | %!xxd au BufWritePost *.bin set nomod | endif augroup END + + +" youcompleteme +let g:ycm_collect_identifiers_from_tags_files = 1 " Let YCM read tags from Ctags file +let g:ycm_use_ultisnips_completer = 1 " Default 1, just ensure +let g:ycm_seed_identifiers_with_syntax = 1 " Completion for programming language's keyword +let g:ycm_complete_in_comments = 1 " Completion in comments +let g:ycm_complete_in_strings = 1 " Completion in string + +" utilsnips +let g:UltiSnipsExpandTrigger = "<c-j>" +let g:UltiSnipsJumpForwardTrigger = "<c-j>" +let g:UltiSnipsJumpBackwardTrigger = "<c-p>" +let g:UltiSnipsListSnippets = "<c-k>" "List possible snippets based on current file diff --git a/makefu/2configs/elchos/log.nix b/makefu/2configs/elchos/log.nix index 34bd2494d..50b40816b 100644 --- a/makefu/2configs/elchos/log.nix +++ b/makefu/2configs/elchos/log.nix @@ -1,6 +1,5 @@ { config, lib, pkgs, ... }: -with import <stockholm/lib>; let in { networking.firewall.allowedTCPPorts = [ 80 443 514 ]; diff --git a/makefu/2configs/git/cgit-retiolum.nix b/makefu/2configs/git/cgit-retiolum.nix index 0ff855980..2a6e41ad8 100644 --- a/makefu/2configs/git/cgit-retiolum.nix +++ b/makefu/2configs/git/cgit-retiolum.nix @@ -3,8 +3,9 @@ with import <stockholm/lib>; let - repos = priv-repos // krebs-repos // connector-repos // krebsroot-repos; + repos = pub-repos // priv-repos // krebs-repos // connector-repos // krebsroot-repos; rules = concatMap krebs-rules (attrValues krebs-repos) + ++ concatMap priv-rules (attrValues pub-repos) ++ concatMap priv-rules (attrValues priv-repos) ++ concatMap connector-rules (attrValues connector-repos) ++ concatMap krebsroot-rules (attrValues krebsroot-repos); @@ -13,6 +14,12 @@ let hydra-stockholm = { }; }; + pub-repos = mapAttrs make-pub-repo { + yacos-backend = { + cgit.desc = "Yet Another Check-Out System"; + }; + }; + krebs-repos = mapAttrs make-krebs-repo { stockholm = { cgit.desc = "Make all the systems into 1systems!"; @@ -59,6 +66,11 @@ let public = false; }; + make-pub-repo = name: { ... }: { + inherit name; + public = true; + }; + make-krebs-repo = with git; name: { cgit ? {}, ... }: { inherit cgit name; public = true; diff --git a/makefu/2configs/gui/base.nix b/makefu/2configs/gui/base.nix index 63ce6201a..5b46c7e2d 100644 --- a/makefu/2configs/gui/base.nix +++ b/makefu/2configs/gui/base.nix @@ -11,7 +11,6 @@ # if this is not enough, check out main-laptop.nix -with import <stockholm/lib>; let mainUser = config.krebs.build.user.name; in @@ -37,8 +36,9 @@ in displayManager.auto.user = mainUser; desktopManager.xterm.enable = false; }; + environment.systemPackages = [ pkgs.gnome3.defaultIconTheme ]; # lid switch is handled via button presses - services.logind.extraConfig = mkDefault "HandleLidSwitch=ignore"; + services.logind.lidSwitch = lib.mkDefault "ignore"; makefu.awesome.enable = true; i18n.consoleFont = "Lat2-Terminus16"; diff --git a/makefu/2configs/hw/tp-x230.nix b/makefu/2configs/hw/tp-x230.nix index ec4e05d1b..a6ded0a3e 100644 --- a/makefu/2configs/hw/tp-x230.nix +++ b/makefu/2configs/hw/tp-x230.nix @@ -23,5 +23,11 @@ with import <stockholm/lib>; hardware.pulseaudio.extraConfig = '' load-module module-alsa-sink device=hw:0,3 sink_properties=device.description="HDMIOutput" sink_name="HDMI" ''; + # load graphical equalizer module + # load-module module-equalizer-sink + + # combine multiple sinks to one: + # list all sinks: pactl list short sinks + # pacmd load-module module-combine-sink sink_name=combined sink_properties=device.description=CombinedSink slaves=sink1,sink2 channels=2 } diff --git a/makefu/2configs/hw/tp-x2x0.nix b/makefu/2configs/hw/tp-x2x0.nix index b4b2562fe..5570bec55 100644 --- a/makefu/2configs/hw/tp-x2x0.nix +++ b/makefu/2configs/hw/tp-x2x0.nix @@ -10,6 +10,8 @@ "kvm-intel" ]; + # hardware.opengl.extraPackages = [ pkgs.intel-media-driver ]; + networking.wireless.enable = lib.mkDefault true; hardware.enableAllFirmware = true; diff --git a/makefu/2configs/logging/filter/dnsmasq.conf b/makefu/2configs/logging/filter/dnsmasq.conf new file mode 100644 index 000000000..1570b1c60 --- /dev/null +++ b/makefu/2configs/logging/filter/dnsmasq.conf @@ -0,0 +1,19 @@ + +if ( [program] == "dnsmasq") { + grok { + patterns_dir => ["${./patterns}"] + match => { + "message" => [ + "^%{logdate:LOGDATE} dnsmasq\[[\d]+\]\: query\[[\w]+\] %{domain:DOMAIN} from %{clientip:CLIENTIP}" + , "^%{logdate:LOGDATE} dnsmasq\[[\d]+\]\: reply %{domain:DOMAIN} is %{ip:IP}" + , "^%{logdate:LOGDATE} dnsmasq\[[\d]+\]\: %{blocklist:BLOCKLIST} %{domain:DOMAIN} is %{ip:IP}" + ] + } + } + date { + match => [ "LOGDATE", "MMM dd HH:mm:ss", "MMM d HH:mm:ss", "ISO8601" ] + } + geoip { + source => "IP" + } +} diff --git a/makefu/2configs/logging/patterns/dnsmasq b/makefu/2configs/logging/patterns/dnsmasq new file mode 100644 index 000000000..c1e700d5e --- /dev/null +++ b/makefu/2configs/logging/patterns/dnsmasq @@ -0,0 +1,15 @@ +BLOCKLIST [\/\w\.]+ +DOMAIN [\w\.\-]+ +DNSID \d+ +PORT \d+ +DNSRESPONSE cached|reply|forwarded|query +# TODO: there are some strange responses for certain queries like <CNAME> or ... +IPORWORD %{IP}|[<>\.\/\w>]+ + +# TODO use public suffix list by mozilla +TLD [a-z]{2,63} +# matches CCSLD and TLD together (e.g. co.uk ) +CCSLD_TLD [a-z]+\.uk +# actually after a CCTLD this would be the third level domain ... +PUBLIC_SUFFIX (xn--)?%{FUNCTIONAL_SLD}\.(%{CCSLD_TLD}|%{TLD}) +FUNCTIONAL_SLD [a-z0-9-]{1,63} diff --git a/makefu/2configs/logging/server.nix b/makefu/2configs/logging/server.nix index 90f8e6680..f2fccec25 100644 --- a/makefu/2configs/logging/server.nix +++ b/makefu/2configs/logging/server.nix @@ -1,18 +1,29 @@ {pkgs, config, ...}: -with import <stockholm/lib>; let es-port = 9200; kibana-port = 5601; + primaryName = "log.${config.krebs.build.host.name}"; + serverAliases = [ "${primaryName}.r" "${primaryName}.lan" ]; in { + + services.nginx.virtualHosts.${primaryName} = { + inherit serverAliases; + locations."/" = { + proxyPass = "http://localhost:5601/"; + extraConfig = '' + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + ''; + }; + }; services.elasticsearch = { enable = true; - listenAddress = "0.0.0.0"; port = es-port; }; services.kibana = { enable = true; - listenAddress = "0.0.0.0"; port = kibana-port; }; @@ -20,4 +31,110 @@ in { iptables -A INPUT -i retiolum -p tcp --dport ${toString es-port} -j ACCEPT iptables -A INPUT -i retiolum -p tcp --dport ${toString kibana-port} -j ACCEPT ''; + + # send logs directly to elasticsearch + services.journalbeat = { + enable = true; + package = pkgs.journalbeat7; + extraConfig = '' + logging: + to_syslog: true + level: info + metrics.enabled: false + template.enabled: false + output.logstash: + hosts: [ "127.0.0.1:5044" ] + template.enabled: false + index: journalbeat + journalbeat.inputs: + - paths: [] + seek: cursor + ''; + }; + + services.logstash = { + enable = true; + # package = pkgs.logstash5; + # plugins = [ pkgs.logstash-contrib ]; + inputConfig = + '' + syslog { + timezone => "Etc/UTC" + } + beats { + port => 5044 + } + ''; + filterConfig = + '' + # Assume Beats + if [syslog] { + mutate { + add_field => { "program" => "%{[syslog][identifier]}" } + } + } + '' + + '' + if ![program] { + mutate { + add_field => { "program" => "unknown" } + } + } + '' + + '' + if ([program] == "logstash") { + drop {} + } + '' + + '' + if ( [program] == "dnsmasq") { + grok { + patterns_dir => ["${./patterns}"] + match => { + "message" => [ + "^%{DNSID:dnsid} %{IP:client}/%{PORT} %{DNSRESPONSE:dnstype}\[[\w]+\] %{DOMAIN:domain} from %{IP}" + , "^%{DNSID:dnsid} %{IP:client}/%{PORT} %{DNSRESPONSE:dnstype} %{DOMAIN:domain} is %{IPORWORD:resolved_ip}" + , "^%{DNSID:dnsid} %{IP:client}/%{PORT} %{DNSRESPONSE:dnstype} %{DOMAIN:domain} to %{IP:upstream_dns}" + ] + } + } + if [resolved_ip] { + geoip { + source => "resolved_ip" + } + } + mutate { + rename => { "host" => "syslog_host" } + } + # Target is to parse the the first and second significant part of the domain + grok { + patterns_dir => ["${./patterns}"] + match => { "domain" => [ "%{PUBLIC_SUFFIX:dns_suffix}$" ] } + } + if [client] { + mutate { copy => { "client" => "clientip" } } + dns { + reverse => [ "client"] + action => "replace" + hostsfile => [ "/etc/hosts" ] + hit_cache_ttl => 1600 + failed_cache_ttl => 60 + } + } + } + '' + '' + if ( [program] == "proftpd") { + kv { + field_split => " " + } + } + ''; + outputConfig = + '' + #stdout { + # codec => rubydebug + #} + elasticsearch { } + ''; + }; } diff --git a/makefu/2configs/nginx/euer.wiki.nix b/makefu/2configs/nginx/euer.wiki.nix index 280622259..732c27784 100644 --- a/makefu/2configs/nginx/euer.wiki.nix +++ b/makefu/2configs/nginx/euer.wiki.nix @@ -75,6 +75,7 @@ in { services.nginx = { enable = mkDefault true; + recommendedGzipSettings = true; virtualHosts = { "${ext-dom}" = { #serverAliases = [ @@ -83,14 +84,6 @@ in { #]; forceSSL = true; enableACME = true; - # recommendedGzipSettings = true; - extraConfig = '' - gzip on; - gzip_buffers 4 32k; - gzip_types text/plain application/x-javascript text/css; - default_type text/plain; - - ''; locations = { "/" = { root = wiki-dir; diff --git a/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix b/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix index 752612342..d54deeea2 100644 --- a/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix +++ b/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix @@ -2,8 +2,7 @@ { services.nginx = { enable = lib.mkDefault true; - virtualHosts."misa-felix-hochzeit.ml" = { - serverAliases = [ "misa-felix.ml" "www.misa-felix.ml" ]; + virtualHosts."misa-felix.ml" = { forceSSL = true; enableACME = true; locations = { diff --git a/makefu/2configs/share/gum.nix b/makefu/2configs/share/gum.nix index cc59ce3cc..55080b2a7 100644 --- a/makefu/2configs/share/gum.nix +++ b/makefu/2configs/share/gum.nix @@ -35,5 +35,6 @@ in { }; networking.firewall.extraCommands = '' iptables -A INPUT -i retiolum -p tcp --dport 445 -j ACCEPT + iptables -A INPUT -i wiregrill -p tcp --dport 445 -j ACCEPT ''; } diff --git a/makefu/2configs/share/temp-share-samba.nix b/makefu/2configs/share/temp-share-samba.nix index 0907c2dbf..ac0eaa978 100644 --- a/makefu/2configs/share/temp-share-samba.nix +++ b/makefu/2configs/share/temp-share-samba.nix @@ -1,4 +1,10 @@ {config, ... }:{ + services.avahi = { + enable = true; + interfaces = [ config.makefu.server.primary-itf ]; + publish.enable = true; + publish.userServices = true; + }; networking.firewall.allowedUDPPorts = [ 137 138 ]; networking.firewall.allowedTCPPorts = [ 139 445 ]; users.users.smbguest = { @@ -17,6 +23,12 @@ browseable = "yes"; "guest ok" = "yes"; }; + movies = { + path = "/home/makefu/movies"; + "read only" = "yes"; + browseable = "yes"; + "guest ok" = "yes"; + }; }; extraConfig = '' guest account = smbguest diff --git a/makefu/2configs/shiori.nix b/makefu/2configs/shiori.nix new file mode 100644 index 000000000..fd6bc9aad --- /dev/null +++ b/makefu/2configs/shiori.nix @@ -0,0 +1,29 @@ +{config, lib, pkgs, ...}: +let + web_port = 9011; + statedir = "/var/lib/shiori"; +in { + state = [ statedir ]; + systemd.services.shiori = { + description = "Shiori Server"; + after = [ "network-online.target" ]; + environment = { + SHIORI_DIR = statedir; + }; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + DynamicUser = true; + StateDirectory = "shiori"; + ExecStart = "${pkgs.shiori}/bin/shiori serve -a 127.0.0.1 -p ${toString web_port}"; + PrivateTmp = true; + }; + }; + services.nginx.virtualHosts."bookmark.euer.krebsco.de" = { + forceSSL = true; + enableACME = true; + + locations."/" = { + proxyPass = "http://127.0.0.1:${toString web_port}/"; + }; + }; +} diff --git a/makefu/2configs/sickbeard/default.nix b/makefu/2configs/sickbeard/default.nix new file mode 100644 index 000000000..49e65f091 --- /dev/null +++ b/makefu/2configs/sickbeard/default.nix @@ -0,0 +1,23 @@ +{ pkgs, config, ... }: +let + pkg = pkgs.callPackage ./sickgear.nix {}; + external-ip = config.krebs.build.host.nets.internet.ip4.addr; +in { + services.sickbeard = + { + enable = true; + package = pkg; + user = "sickbeard"; + group = "download"; + port = 8280; + }; + services.nginx.virtualHosts."sick.makefu.r" = { + locations."/".proxyPass = http://localhost:8280; + extraConfig = '' + if ( $server_addr = "${external-ip}" ) { + return 403; + } + ''; + }; + users.users.sickbeard.extraGroups = [ "nginx" ]; + } diff --git a/makefu/2configs/sickbeard/sickgear.nix b/makefu/2configs/sickbeard/sickgear.nix new file mode 100644 index 000000000..1b7a57e8b --- /dev/null +++ b/makefu/2configs/sickbeard/sickgear.nix @@ -0,0 +1,35 @@ +{ stdenv, fetchFromGitHub, python2, makeWrapper }: + +let + pythonEnv = python2.withPackages(ps: with ps; [ cheetah ]); +in stdenv.mkDerivation rec { + pname = "sickgear"; + version = "0.20.0"; + + src = fetchFromGitHub { + owner = "SickGear"; + repo = "SickGear"; + rev = "release_${version}"; + sha256 = "1zg95szvfbmwinx1z5nlbmyck7ximvyna0x71yflmadkgf88nv0k"; + }; + + dontBuild = true; + doCheck = false; + + nativeBuildInputs = [ makeWrapper ]; + buildInputs = [ pythonEnv ]; + + installPhase = '' + mkdir -p $out/bin + cp -R {autoProcessTV,gui,lib,sickbeard,sickgear.py,SickBeard.py} $out/ + + makeWrapper $out/SickBeard.py $out/bin/sickgear + ''; + + meta = with stdenv.lib; { + description = "The most reliable stable TV fork of the great Sick-Beard to fully automate TV enjoyment with innovation"; + license = licenses.gpl3; + homepage = "https://github.com/SickGear/SickGear"; + maintainers = with stdenv.lib.maintainers; [ rembo10 ]; + }; +} diff --git a/makefu/2configs/stats/arafetch.nix b/makefu/2configs/stats/arafetch.nix index 6ab9d3774..a078e3646 100644 --- a/makefu/2configs/stats/arafetch.nix +++ b/makefu/2configs/stats/arafetch.nix @@ -2,18 +2,19 @@ with import <stockholm/lib>; let pkg = with pkgs.python3Packages;buildPythonPackage rec { - rev = "775d0c2"; + rev = "cce2394"; name = "arafetch-${rev}"; propagatedBuildInputs = [ requests docopt influxdb beautifulsoup4 + paho-mqtt ]; src = pkgs.fetchgit { url = "http://cgit.euer.krebsco.de/arafetch"; inherit rev; - sha256 = "0z35avn7vmbd1661ca1zkc9i4lwcm03kpwgiqxddpkp1yxhl548p"; + sha256 = "sha256:0zdz8sqn9n8i69rqngcg7nakmvahf1i5dwajzjpylsh1x5csv2gs"; }; }; home = "/var/lib/arafetch"; @@ -24,13 +25,25 @@ in { createHome = true; }; + systemd.services.ara2mqtt = { + startAt = "05:00:00"; + after = [ "network-online.target" ]; + path = [ pkg ]; + serviceConfig = { + User = "arafetch"; + # Restart = "always"; + WorkingDirectory = home; + PrivateTmp = true; + ExecStart = pkgs.writeDash "daily-mqtt" '' + ara2mqtt db/thales-deutschland.json --cantine thales-deutschland --host localhost + ''; + }; + }; systemd.services.arafetch = { startAt = "Mon,Wed,Fri 09:15:00"; wantedBy = [ "multi-user.target" ]; after = [ "network-online.target" ]; - environment = { - OUTDIR = home; - }; + environment.OUTDIR = home; path = [ pkg pkgs.git pkgs.wget ]; serviceConfig = { User = "arafetch"; @@ -38,7 +51,6 @@ in { WorkingDirectory = home; PrivateTmp = true; ExecStart = pkgs.writeDash "start-weekrun" '' - set -x weekrun || echo "weekrun failed!" find $OUTDIR/db -name \*.json | while read path;do file=''${path##*/} diff --git a/makefu/2configs/stats/telegraf/default.nix b/makefu/2configs/stats/telegraf/default.nix index 049a9c037..c60539c71 100644 --- a/makefu/2configs/stats/telegraf/default.nix +++ b/makefu/2configs/stats/telegraf/default.nix @@ -1,16 +1,24 @@ {...}: let url = "http://localhost:8086"; + mqtt_server = "localhost:1883"; in { services.telegraf = { enable = true; extraConfig = { - agent.debug = true; + agent.debug = false; outputs = { influxdb = [{ urls = [ url ]; database = "telegraf"; }]; + mqtt = [{ + servers = [ mqtt_server ]; + topic_prefix = "/telegraf"; + data_format = "json"; + qos = 0; + batch = false; + }]; }; }; }; diff --git a/makefu/2configs/tools/dev.nix b/makefu/2configs/tools/dev.nix index 23da9d577..43892ed2c 100644 --- a/makefu/2configs/tools/dev.nix +++ b/makefu/2configs/tools/dev.nix @@ -6,31 +6,37 @@ ps.python-language-server # the following plugins are optional, they provide type checking, import sorting and code formatting ps.pyls-mypy ps.pyls-isort ps.pyls-black - ps.virtualenv + ps.virtualenv ps.pyserial ps.virtualenv ])) - picocom - python3.pkgs.pyserial - python3.pkgs.virtualenv # embedded + picocom gi flashrom mosquitto - libcoap nodemcu-uploader esptool - cac-api - cac-panel - krebszones - ovh-zone - whatsupnix - brain - gen-oath-safe - cdrtools # nix related nix-index nix-review + brain + whatsupnix + nixpkgs-pytools # git-related + git-preview tig (pkgs.callPackage ./init-host {}) + # used more than once + imagemagick + qrencode + exiftool + cac-api + cac-panel + krebszones + ovh-zone + gen-oath-safe + cdrtools + # network related + sshuttle + pciutils ]; } diff --git a/makefu/2configs/torrent.nix b/makefu/2configs/torrent.nix index ca368dbf0..74f1e5fe8 100644 --- a/makefu/2configs/torrent.nix +++ b/makefu/2configs/torrent.nix @@ -35,7 +35,9 @@ in { rtorrent.members = [ "download" ]; }; - krebs.rtorrent = { + krebs.rtorrent = let + d = config.makefu.dl-dir; + in { enable = true; web = { enable = true; @@ -45,7 +47,17 @@ in { rutorrent.enable = true; enableXMLRPC = true; listenPort = peer-port; - downloadDir = config.makefu.dl-dir; + downloadDir = d + "/finished/incoming"; + watchDir = d + "/watch"; + # TODO: maybe test out multiple watch dirs with tags: https://github.com/rakshasa/rtorrent/wiki/TORRENT-Watch-directories + extraConfig = '' + # log.add_output = "debug", "rtorrent-systemd" + # log.add_output = "dht_debug", "rtorrent-systemd" + # log.add_output = "tracker_debug", "rtorrent-systemd" + log.add_output = "rpc_events", "rtorrent-systemd" + # log.add_output = "rpc_dump", "rtorrent-systemd" + system.daemon.set = true + ''; # dump old torrents into watch folder to have them re-added }; diff --git a/makefu/2configs/virtualisation/docker.nix b/makefu/2configs/virtualisation/docker.nix index 951bdbf26..b830bc39e 100644 --- a/makefu/2configs/virtualisation/docker.nix +++ b/makefu/2configs/virtualisation/docker.nix @@ -5,5 +5,5 @@ docker docker_compose ]; - users.extraUsers.${config.krebs.build.user.name}.extraGroups = [ "docker" ]; + users.users.${config.krebs.build.user.name}.extraGroups = [ "docker" ]; } diff --git a/makefu/2configs/wireguard/server.nix b/makefu/2configs/wireguard/server.nix index e38fa05cb..ae10f34a2 100644 --- a/makefu/2configs/wireguard/server.nix +++ b/makefu/2configs/wireguard/server.nix @@ -47,6 +47,11 @@ in { # wireguard server allowedIPs = [ "10.244.0.6/32" ]; publicKey = "OFhCF56BrV9tjqW1sxqXEKH/GdqamUT1SqZYSADl5GA="; } + { + # mobile + allowedIPs = [ "10.244.0.7/32" ]; + publicKey = "Y6fOW2QDt0SsHT7hSVzzJYQVB3JI/txO4/FDB54Z52A="; + } ]; }; } diff --git a/makefu/3modules/bump-distrowatch.nix b/makefu/3modules/bump-distrowatch.nix index 18426cdcc..f8ba18ce4 100644 --- a/makefu/3modules/bump-distrowatch.nix +++ b/makefu/3modules/bump-distrowatch.nix @@ -5,7 +5,7 @@ let imp = { systemd.services.distrobump = { - after = [ "network.target" ]; + after = [ "network-online.target" ]; wantedBy = [ "multi-user.target" ]; path = [ pkgs.curl ]; restartIfChanged = false; diff --git a/makefu/5pkgs/Fluffy/default.nix b/makefu/5pkgs/Fluffy/default.nix index 59a04a52d..b32c6cab4 100644 --- a/makefu/5pkgs/Fluffy/default.nix +++ b/makefu/5pkgs/Fluffy/default.nix @@ -3,13 +3,13 @@ with python3Packages; buildPythonApplication rec { name = "Fluffy-${version}"; format = "other"; - version = "2.7"; + version = "2.9"; src = pkgs.fetchFromGitHub { owner = "fourminute"; repo = "Fluffy"; rev = "v${version}"; - sha256 = "1l346bklidcl40q91cfdszrfskdwlmfjbmsc3mgs0i8wi1yhvq99"; + sha256 = "1w1j7cdp0zpgwn7zi28z8dcbgnhxvllgh3rp1gkdjnpr4a6ngj8z"; }; prePatch = '' diff --git a/makefu/5pkgs/default.nix b/makefu/5pkgs/default.nix index a3c489ccc..1ae10459f 100644 --- a/makefu/5pkgs/default.nix +++ b/makefu/5pkgs/default.nix @@ -40,7 +40,6 @@ in { qcma = super.pkgs.libsForQt5.callPackage ./custom/qcma { }; inherit (callPackage ./devpi {}) devpi-web ; nodemcu-uploader = super.pkgs.callPackage ./nodemcu-uploader {}; - prison-break = abort "`prison-break` moved from this namespace to `nur.repos.krebs.prison-break`"; } // (mapAttrs (_: flip callPackage {}) diff --git a/makefu/5pkgs/logstash-filter-tld/default.nix b/makefu/5pkgs/logstash-filter-tld/default.nix new file mode 100644 index 000000000..53ff8e04c --- /dev/null +++ b/makefu/5pkgs/logstash-filter-tld/default.nix @@ -0,0 +1,31 @@ +{ pkgs, stdenv, lib, fetchFromGitHub }: + + +stdenv.mkDerivation rec { + name = "logstash-filter-tld-${version}"; + version = "3.0.3"; + + src = fetchFromGitHub { + owner = "logstash-plugins"; + repo = "logstash-filter-tld"; + rev = "v${version}"; + sha256 = "0ix5w9l6hrbjaymka7fzymjvpkiias3hs0l77zdpcwdaa6cz53nf"; + }; + + dontBuild = true; + dontPatchELF = true; + dontStrip = true; + dontPatchShebangs = true; + installPhase = '' + mkdir -p $out/logstash + cp -r lib/* $out + ''; + + meta = with lib; { + description = "logstash filter plugin"; + homepage = https://github.com/logstash-plugins/logstash-filter-tld; + license = licenses.asl20; + platforms = platforms.unix; + maintainers = with maintainers; [ makefu ]; + }; +} diff --git a/makefu/5pkgs/nixpkgs-pytools/default.nix b/makefu/5pkgs/nixpkgs-pytools/default.nix index 35146d155..cb8175546 100644 --- a/makefu/5pkgs/nixpkgs-pytools/default.nix +++ b/makefu/5pkgs/nixpkgs-pytools/default.nix @@ -1,17 +1,29 @@ -{pkgs, fetchFromGitHub}: -with pkgs.python3.pkgs; - +{ lib +, python3 +}: +with python3.pkgs; buildPythonPackage rec { pname = "nixpkgs-pytools"; - version = "1.0.0-dev"; - src = fetchFromGitHub { - owner = "nix-community"; - repo = pname; - rev = "593443b5689333cad3b6fa5b42e96587df68b0f8"; - sha256 = "1cjpngr1rn5q59a1krgmpq2qm96wbiirc8yf1xmm21p3mskb2db4"; + version = "1.3.0"; + + src = fetchPypi { + inherit pname version; + sha256 = "11skcbi1lf9qcv9j5ikifb4pakhbbygqpcmv3390j7gxsa85cn19"; }; + propagatedBuildInputs = [ - jinja2 setuptools + jinja2 + setuptools + rope ]; - checkInputs = [ black ]; + checkInputs = [ + pytest + ]; + + meta = with lib; { + description = "Tools for removing the tedious nature of creating nixpkgs derivations"; + homepage = https://github.com/nix-community/nixpkgs-pytools/; + license = licenses.mit; + # maintainers = [ maintainers. ]; + }; } diff --git a/makefu/5pkgs/prison-break/default.nix b/makefu/5pkgs/prison-break/default.nix index 672e0b3a0..affeb8c4d 100644 --- a/makefu/5pkgs/prison-break/default.nix +++ b/makefu/5pkgs/prison-break/default.nix @@ -3,12 +3,12 @@ with pkgs.python3.pkgs; buildPythonPackage rec { pname = "prison-break"; - version = "1.2.0"; + version = "1.3.0"; src = fetchFromGitHub { owner = "makefu"; repo = pname; rev = version; - sha256 = "07wy6f06vj9s131c16gw1xl1jf9gq5xiqia8awfb26s99gxlv7l9"; + sha256 = "sha256:1kjfwsz6wg5l9pa7484vq64f054qil0ksf6dh9arwspxwnzshgdh"; }; propagatedBuildInputs = [ docopt diff --git a/makefu/5pkgs/shiori/default.nix b/makefu/5pkgs/shiori/default.nix new file mode 100644 index 000000000..91e6b3997 --- /dev/null +++ b/makefu/5pkgs/shiori/default.nix @@ -0,0 +1,16 @@ +{ go_1_12, buildGoPackage, fetchFromGitHub }: +let + builder = buildGoPackage.override { go = go_1_12; }; +in +builder rec { + name = "shiori-${version}"; + version = "1.6.0-master"; + goPackagePath = "github.com/go-shiori/shiori"; + src = fetchFromGitHub { + owner = "go-shiori"; + repo = "shiori"; + rev = "c77b17caf8fcdf336adea33d0e4ac7ab13c10bc5"; + sha256 = "11c5yxkmawwpswk256d151ixmj1vlnhrhsbfp9xan1v5cbqpkxdm"; + }; + goDeps = ./deps.nix; +} diff --git a/makefu/5pkgs/shiori/deps.nix b/makefu/5pkgs/shiori/deps.nix new file mode 100644 index 000000000..d1ee2b17f --- /dev/null +++ b/makefu/5pkgs/shiori/deps.nix @@ -0,0 +1,552 @@ +# file generated from go.mod using vgo2nix (https://github.com/adisbladis/vgo2nix) +[ + { + goPackagePath = "github.com/BurntSushi/toml"; + fetch = { + type = "git"; + url = "https://github.com/BurntSushi/toml"; + rev = "v0.3.1"; + sha256 = "1fjdwwfzyzllgiwydknf1pwjvy49qxfsczqx5gz3y0izs7as99j6"; + }; + } + { + goPackagePath = "github.com/PuerkitoBio/goquery"; + fetch = { + type = "git"; + url = "https://github.com/PuerkitoBio/goquery"; + rev = "v1.5.0"; + sha256 = "1fqf4rs66wy02nxz6w4mvs2qawf2j8srz17i294v64y8gvxisp56"; + }; + } + { + goPackagePath = "github.com/andybalholm/cascadia"; + fetch = { + type = "git"; + url = "https://github.com/andybalholm/cascadia"; + rev = "v1.0.0"; + sha256 = "09j8cavbhqqdxjqrkwbc40g8p0i49zf3184rpjm5p2rjbprcghcc"; + }; + } + { + goPackagePath = "github.com/armon/consul-api"; + fetch = { + type = "git"; + url = "https://github.com/armon/consul-api"; + rev = "eb2c6b5be1b6"; + sha256 = "1j6fdr1sg36qy4n4xjl7brq739fpm5npq98cmvklzjc9qrx98nk9"; + }; + } + { + goPackagePath = "github.com/coreos/etcd"; + fetch = { + type = "git"; + url = "https://github.com/coreos/etcd"; + rev = "v3.3.10"; + sha256 = "1x2ii1hj8jraba8rbxz6dmc03y3sjxdnzipdvg6fywnlq1f3l3wl"; + }; + } + { + goPackagePath = "github.com/coreos/go-etcd"; + fetch = { + type = "git"; + url = "https://github.com/coreos/go-etcd"; + rev = "v2.0.0"; + sha256 = "1xb34hzaa1lkbq5vkzy9vcz6gqwj7hp6cdbvyack2bf28dwn33jj"; + }; + } + { + goPackagePath = "github.com/coreos/go-semver"; + fetch = { + type = "git"; + url = "https://github.com/coreos/go-semver"; + rev = "v0.2.0"; + sha256 = "1gghi5bnqj50hfxhqc1cxmynqmh2yk9ii7ab9gsm75y5cp94ymk0"; + }; + } + { + goPackagePath = "github.com/cpuguy83/go-md2man"; + fetch = { + type = "git"; + url = "https://github.com/cpuguy83/go-md2man"; + rev = "v1.0.10"; + sha256 = "1bqkf2bvy1dns9zd24k81mh2p1zxsx2nhq5cj8dz2vgkv1xkh60i"; + }; + } + { + goPackagePath = "github.com/davecgh/go-spew"; + fetch = { + type = "git"; + url = "https://github.com/davecgh/go-spew"; + rev = "v1.1.1"; + sha256 = "0hka6hmyvp701adzag2g26cxdj47g21x6jz4sc6jjz1mn59d474y"; + }; + } + { + goPackagePath = "github.com/disintegration/imaging"; + fetch = { + type = "git"; + url = "https://github.com/disintegration/imaging"; + rev = "v1.6.0"; + sha256 = "1as2r4z6303s528fhcfm6ybm1an8xhly9vr0fqk40y05x3x4h92x"; + }; + } + { + goPackagePath = "github.com/fatih/color"; + fetch = { + type = "git"; + url = "https://github.com/fatih/color"; + rev = "v1.7.0"; + sha256 = "0v8msvg38r8d1iiq2i5r4xyfx0invhc941kjrsg5gzwvagv55inv"; + }; + } + { + goPackagePath = "github.com/fsnotify/fsnotify"; + fetch = { + type = "git"; + url = "https://github.com/fsnotify/fsnotify"; + rev = "v1.4.7"; + sha256 = "07va9crci0ijlivbb7q57d2rz9h27zgn2fsm60spjsqpdbvyrx4g"; + }; + } + { + goPackagePath = "github.com/go-shiori/go-readability"; + fetch = { + type = "git"; + url = "https://github.com/go-shiori/go-readability"; + rev = "5413e9c4ec86"; + sha256 = "1bhr5chria90v0iwr4rwgvid7cr6aj5r458cmv9f6idpylx5dxl3"; + }; + } + { + goPackagePath = "github.com/go-sql-driver/mysql"; + fetch = { + type = "git"; + url = "https://github.com/go-sql-driver/mysql"; + rev = "v1.4.1"; + sha256 = "1fvsvwc1v2i0gqn01mynvi1shp5xm0xaym6xng09fcbqb56lbjx1"; + }; + } + { + goPackagePath = "github.com/gofrs/uuid"; + fetch = { + type = "git"; + url = "https://github.com/gofrs/uuid"; + rev = "v3.2.0"; + sha256 = "1q63mp7bznhfgyw133c0wc0hpcj1cq9bcf7w1f8r6inkcrils1fz"; + }; + } + { + goPackagePath = "github.com/golang/protobuf"; + fetch = { + type = "git"; + url = "https://github.com/golang/protobuf"; + rev = "v1.3.1"; + sha256 = "15am4s4646qy6iv0g3kkqq52rzykqjhm4bf08dk0fy2r58knpsyl"; + }; + } + { + goPackagePath = "github.com/hashicorp/hcl"; + fetch = { + type = "git"; + url = "https://github.com/hashicorp/hcl"; + rev = "v1.0.0"; + sha256 = "0q6ml0qqs0yil76mpn4mdx4lp94id8vbv575qm60jzl1ijcl5i66"; + }; + } + { + goPackagePath = "github.com/inconshreveable/mousetrap"; + fetch = { + type = "git"; + url = "https://github.com/inconshreveable/mousetrap"; + rev = "v1.0.0"; + sha256 = "1mn0kg48xkd74brf48qf5hzp0bc6g8cf5a77w895rl3qnlpfw152"; + }; + } + { + goPackagePath = "github.com/jmoiron/sqlx"; + fetch = { + type = "git"; + url = "https://github.com/jmoiron/sqlx"; + rev = "v1.2.0"; + sha256 = "0pmi2asx157f5738g19fzyxb9g8yyfbpjyh2a2ykr9mafvp60rfd"; + }; + } + { + goPackagePath = "github.com/julienschmidt/httprouter"; + fetch = { + type = "git"; + url = "https://github.com/julienschmidt/httprouter"; + rev = "v1.2.0"; + sha256 = "1k8bylc9s4vpvf5xhqh9h246dl1snxrzzz0614zz88cdh8yzs666"; + }; + } + { + goPackagePath = "github.com/konsorten/go-windows-terminal-sequences"; + fetch = { + type = "git"; + url = "https://github.com/konsorten/go-windows-terminal-sequences"; + rev = "v1.0.2"; + sha256 = "09mn209ika7ciy87xf2x31dq5fnqw39jidgaljvmqxwk7ff1hnx7"; + }; + } + { + goPackagePath = "github.com/lib/pq"; + fetch = { + type = "git"; + url = "https://github.com/lib/pq"; + rev = "v1.1.1"; + sha256 = "0g64wlg1l1ybq4x44idksl4pgm055s58jxc6r6x4qhqm5q76h0km"; + }; + } + { + goPackagePath = "github.com/magiconair/properties"; + fetch = { + type = "git"; + url = "https://github.com/magiconair/properties"; + rev = "v1.8.0"; + sha256 = "1a10362wv8a8qwb818wygn2z48lgzch940hvpv81hv8gc747ajxn"; + }; + } + { + goPackagePath = "github.com/mattn/go-colorable"; + fetch = { + type = "git"; + url = "https://github.com/mattn/go-colorable"; + rev = "v0.1.1"; + sha256 = "0l640974j804c1yyjfgyxqlsivz0yrzmbql4mhcw2azryigkp08p"; + }; + } + { + goPackagePath = "github.com/mattn/go-isatty"; + fetch = { + type = "git"; + url = "https://github.com/mattn/go-isatty"; + rev = "v0.0.7"; + sha256 = "1i77aq4gf9as03m8fpfh8fq49n4z9j7548blrcsidm1xhslzk5xd"; + }; + } + { + goPackagePath = "github.com/mattn/go-sqlite3"; + fetch = { + type = "git"; + url = "https://github.com/mattn/go-sqlite3"; + rev = "v1.10.0"; + sha256 = "1zmz6asplixfihxhj11spgfs0v3xzb3nv0hlq6n6zsg781ni31xx"; + }; + } + { + goPackagePath = "github.com/mitchellh/go-homedir"; + fetch = { + type = "git"; + url = "https://github.com/mitchellh/go-homedir"; + rev = "v1.1.0"; + sha256 = "0ydzkipf28hwj2bfxqmwlww47khyk6d152xax4bnyh60f4lq3nx1"; + }; + } + { + goPackagePath = "github.com/mitchellh/mapstructure"; + fetch = { + type = "git"; + url = "https://github.com/mitchellh/mapstructure"; + rev = "v1.1.2"; + sha256 = "03bpv28jz9zhn4947saqwi328ydj7f6g6pf1m2d4m5zdh5jlfkrr"; + }; + } + { + goPackagePath = "github.com/muesli/go-app-paths"; + fetch = { + type = "git"; + url = "https://github.com/muesli/go-app-paths"; + rev = "913f7f7ac60f"; + sha256 = "0fwg2l5ypw7bm9fmgc4asb7hj5bhqq0lgw68nadm6xljh2vw594m"; + }; + } + { + goPackagePath = "github.com/patrickmn/go-cache"; + fetch = { + type = "git"; + url = "https://github.com/patrickmn/go-cache"; + rev = "v2.1.0"; + sha256 = "10020inkzrm931r4bixf8wqr9n39wcrb78vfyxmbvjavvw4zybgs"; + }; + } + { + goPackagePath = "github.com/pelletier/go-toml"; + fetch = { + type = "git"; + url = "https://github.com/pelletier/go-toml"; + rev = "v1.2.0"; + sha256 = "1fjzpcjng60mc3a4b2ql5a00d5gah84wj740dabv9kq67mpg8fxy"; + }; + } + { + goPackagePath = "github.com/pmezard/go-difflib"; + fetch = { + type = "git"; + url = "https://github.com/pmezard/go-difflib"; + rev = "v1.0.0"; + sha256 = "0c1cn55m4rypmscgf0rrb88pn58j3ysvc2d0432dp3c6fqg6cnzw"; + }; + } + { + goPackagePath = "github.com/russross/blackfriday"; + fetch = { + type = "git"; + url = "https://github.com/russross/blackfriday"; + rev = "v1.5.2"; + sha256 = "0jzbfzcywqcrnym4gxlz6nphmm1grg6wsl4f0r9x384rn83wkj7c"; + }; + } + { + goPackagePath = "github.com/sergi/go-diff"; + fetch = { + type = "git"; + url = "https://github.com/sergi/go-diff"; + rev = "v1.0.0"; + sha256 = "0swiazj8wphs2zmk1qgq75xza6m19snif94h2m6fi8dqkwqdl7c7"; + }; + } + { + goPackagePath = "github.com/shurcooL/httpfs"; + fetch = { + type = "git"; + url = "https://github.com/shurcooL/httpfs"; + rev = "74dc9339e414"; + sha256 = "19iyk75yfl83mlnvrr92s59n9j6968mpdrdg5cj78a81nfd08rv5"; + }; + } + { + goPackagePath = "github.com/shurcooL/vfsgen"; + fetch = { + type = "git"; + url = "https://github.com/shurcooL/vfsgen"; + rev = "6a9ea43bcacd"; + sha256 = "13i8wz234qr0fggsx71yhc76q0ka5lbslvira1xb71fpx2g97a50"; + }; + } + { + goPackagePath = "github.com/sirupsen/logrus"; + fetch = { + type = "git"; + url = "https://github.com/sirupsen/logrus"; + rev = "v1.4.2"; + sha256 = "087k2lxrr9p9dh68yw71d05h5g9p5v26zbwd6j7lghinjfaw334x"; + }; + } + { + goPackagePath = "github.com/spf13/afero"; + fetch = { + type = "git"; + url = "https://github.com/spf13/afero"; + rev = "v1.1.2"; + sha256 = "0miv4faf5ihjfifb1zv6aia6f6ik7h1s4954kcb8n6ixzhx9ck6k"; + }; + } + { + goPackagePath = "github.com/spf13/cast"; + fetch = { + type = "git"; + url = "https://github.com/spf13/cast"; + rev = "v1.3.0"; + sha256 = "0xq1ffqj8y8h7dcnm0m9lfrh0ga7pssnn2c1dnr09chqbpn4bdc5"; + }; + } + { + goPackagePath = "github.com/spf13/cobra"; + fetch = { + type = "git"; + url = "https://github.com/spf13/cobra"; + rev = "v0.0.5"; + sha256 = "0z4x8js65mhwg1gf6sa865pdxfgn45c3av9xlcc1l3xjvcnx32v2"; + }; + } + { + goPackagePath = "github.com/spf13/jwalterweatherman"; + fetch = { + type = "git"; + url = "https://github.com/spf13/jwalterweatherman"; + rev = "v1.0.0"; + sha256 = "093fmmvavv84pv4q84hav7ph3fmrq87bvspjj899q0qsx37yvdr8"; + }; + } + { + goPackagePath = "github.com/spf13/pflag"; + fetch = { + type = "git"; + url = "https://github.com/spf13/pflag"; + rev = "v1.0.3"; + sha256 = "1cj3cjm7d3zk0mf1xdybh0jywkbbw7a6yr3y22x9sis31scprswd"; + }; + } + { + goPackagePath = "github.com/spf13/viper"; + fetch = { + type = "git"; + url = "https://github.com/spf13/viper"; + rev = "v1.3.2"; + sha256 = "1829hvf805kda65l59r17wvid7y0vr390s23zfhf4w7vdb4wp3zh"; + }; + } + { + goPackagePath = "github.com/stretchr/objx"; + fetch = { + type = "git"; + url = "https://github.com/stretchr/objx"; + rev = "v0.1.1"; + sha256 = "0iph0qmpyqg4kwv8jsx6a56a7hhqq8swrazv40ycxk9rzr0s8yls"; + }; + } + { + goPackagePath = "github.com/stretchr/testify"; + fetch = { + type = "git"; + url = "https://github.com/stretchr/testify"; + rev = "v1.3.0"; + sha256 = "0wjchp2c8xbgcbbq32w3kvblk6q6yn533g78nxl6iskq6y95lxsy"; + }; + } + { + goPackagePath = "github.com/tdewolff/parse"; + fetch = { + type = "git"; + url = "https://github.com/tdewolff/parse"; + rev = "v2.3.7"; + sha256 = "014y2r3pf7x091x4hsclczmn734hpnn8f5lkaspq72jl3p21icj4"; + }; + } + { + goPackagePath = "github.com/tdewolff/test"; + fetch = { + type = "git"; + url = "https://github.com/tdewolff/test"; + rev = "v1.0.0"; + sha256 = "10vyp4bhanzg3yl9k8zqfdrxpsmx8yc53xv4lqxfymd7jjyqgssj"; + }; + } + { + goPackagePath = "github.com/ugorji/go"; + fetch = { + type = "git"; + url = "https://github.com/ugorji/go"; + rev = "d75b2dcb6bc8"; + sha256 = "0di1k35gpq9bp958ywranpbskx2vdwlb38s22vl9rybm3wa5g3ps"; + }; + } + { + goPackagePath = "github.com/xordataexchange/crypt"; + fetch = { + type = "git"; + url = "https://github.com/xordataexchange/crypt"; + rev = "b2862e3d0a77"; + sha256 = "04q3856anpzl4gdfgmg7pbp9cx231nkz3ymq2xp27rnmmwhfxr8y"; + }; + } + { + goPackagePath = "go.etcd.io/bbolt"; + fetch = { + type = "git"; + url = "https://github.com/etcd-io/bbolt"; + rev = "v1.3.3"; + sha256 = "0dn0zngks9xiz0rrrb3911f73ghl64z84jsmzai2yfmzqr7cdkqc"; + }; + } + { + goPackagePath = "golang.org/x/crypto"; + fetch = { + type = "git"; + url = "https://go.googlesource.com/crypto"; + rev = "4def268fd1a4"; + sha256 = "1bfsnari529gw34cz0zqk3d9mrkcj1ay35kangri8kbgll0ss5a6"; + }; + } + { + goPackagePath = "golang.org/x/image"; + fetch = { + type = "git"; + url = "https://go.googlesource.com/image"; + rev = "cff245a6509b"; + sha256 = "0hiznlkiaay30acwvvyq8g6bm32r7bc6gv47pygrcxqpapasbz84"; + }; + } + { + goPackagePath = "golang.org/x/net"; + fetch = { + type = "git"; + url = "https://go.googlesource.com/net"; + rev = "ca1201d0de80"; + sha256 = "16j9xyby1vfl4ch6wqzafxxxnxvcp8vhzknpchwabci1f2zcsn6i"; + }; + } + { + goPackagePath = "golang.org/x/sync"; + fetch = { + type = "git"; + url = "https://go.googlesource.com/sync"; + rev = "112230192c58"; + sha256 = "05i2k43j2d0llq768hg5pf3hb2yhfzp9la1w5wp0rsnnzblr0lfn"; + }; + } + { + goPackagePath = "golang.org/x/sys"; + fetch = { + type = "git"; + url = "https://go.googlesource.com/sys"; + rev = "51ab0e2deafa"; + sha256 = "0xdhpckbql3bsqkpc2k5b1cpnq3q1qjqjjq2j3p707rfwb8nm91a"; + }; + } + { + goPackagePath = "golang.org/x/text"; + fetch = { + type = "git"; + url = "https://go.googlesource.com/text"; + rev = "v0.3.2"; + sha256 = "0flv9idw0jm5nm8lx25xqanbkqgfiym6619w575p7nrdh0riqwqh"; + }; + } + { + goPackagePath = "golang.org/x/tools"; + fetch = { + type = "git"; + url = "https://go.googlesource.com/tools"; + rev = "6d4652c779c4"; + sha256 = "0dh2q4pkq2l3682d2win7wp9aahcm669s7aa77hqk9my8hdqskqs"; + }; + } + { + goPackagePath = "golang.org/x/xerrors"; + fetch = { + type = "git"; + url = "https://go.googlesource.com/xerrors"; + rev = "a985d3407aa7"; + sha256 = "00wzr5w8aadipgc3rkk8f11i41znskfj9ix5nhhaxyg7isrslgcj"; + }; + } + { + goPackagePath = "google.golang.org/appengine"; + fetch = { + type = "git"; + url = "https://github.com/golang/appengine"; + rev = "v1.6.1"; + sha256 = "0zxlvwzxwkwz4bs4h9zc9979dx76y4xf9ks4d22bclg47dv59yry"; + }; + } + { + goPackagePath = "gopkg.in/check.v1"; + fetch = { + type = "git"; + url = "https://gopkg.in/check.v1"; + rev = "20d25e280405"; + sha256 = "0k1m83ji9l1a7ng8a7v40psbymxasmssbrrhpdv2wl4rhs0nc3np"; + }; + } + { + goPackagePath = "gopkg.in/yaml.v2"; + fetch = { + type = "git"; + url = "https://gopkg.in/yaml.v2"; + rev = "v2.2.2"; + sha256 = "01wj12jzsdqlnidpyjssmj0r4yavlqy7dwrg7adqd8dicjc4ncsa"; + }; + } +] diff --git a/submodules/krops b/submodules/krops -Subproject ee41207df1ce718e0b154ed8047384118a0133a +Subproject 8f44460003ae10f543ccb6a29f15b57e42ca3aa diff --git a/tv/2configs/br.nix b/tv/2configs/br.nix index d660ebc35..e6a46e903 100644 --- a/tv/2configs/br.nix +++ b/tv/2configs/br.nix @@ -5,10 +5,11 @@ with import <stockholm/lib>; <nixpkgs/nixos/modules/services/hardware/sane_extra_backends/brscan4.nix> ]; - krebs.nixpkgs.allowUnfreePredicate = pkg: any (flip hasPrefix pkg.name) [ - "brother-udev-rule-type1-" - "brscan4-" - "mfcl2700dnlpr-" + krebs.nixpkgs.allowUnfreePredicate = pkg: any (eq (packageName pkg)) [ + "brother-udev-rule-type1" + "brscan4" + "brscan4-etc-files" + "mfcl2700dnlpr" ]; hardware.sane = { diff --git a/tv/2configs/hw/AO753.nix b/tv/2configs/hw/AO753.nix index 4df5e097a..d5b755cef 100644 --- a/tv/2configs/hw/AO753.nix +++ b/tv/2configs/hw/AO753.nix @@ -39,5 +39,5 @@ with import <stockholm/lib>; HandleSuspendKey=ignore ''; - krebs.nixpkgs.allowUnfreePredicate = pkg: hasPrefix "broadcom-sta-" pkg.name; + krebs.nixpkgs.allowUnfreePredicate = pkg: packageName pkg == "broadcom-sta"; } diff --git a/tv/2configs/hw/w110er.nix b/tv/2configs/hw/w110er.nix index 55e9482d4..7d837eabc 100644 --- a/tv/2configs/hw/w110er.nix +++ b/tv/2configs/hw/w110er.nix @@ -10,10 +10,11 @@ with import <stockholm/lib>; #hardware.bumblebee.enable = true; #hardware.bumblebee.group = "video"; #hardware.enableRedistributableFirmware= true; - #krebs.nixpkgs.allowUnfreePredicate = pkg: - # hasPrefix "nvidia-x11-" pkg.name || - # hasPrefix "nvidia-persistenced-" pkg.name || - # hasPrefix "nvidia-settings-" pkg.name; + #krebs.nixpkgs.allowUnfreePredicate = pkg: any (eq (packageName pkg)) [ + # "nvidia-x11" + # "nvidia-persistenced" + # "nvidia-settings" + #]; } ]; diff --git a/tv/2configs/xp-332.nix b/tv/2configs/xp-332.nix index 4a0b0ae16..a66b884c8 100644 --- a/tv/2configs/xp-332.nix +++ b/tv/2configs/xp-332.nix @@ -16,7 +16,7 @@ with import <stockholm/lib>; }; krebs.nixpkgs.allowUnfreePredicate = pkg: - elem (parseDrvName pkg.name).name [ "imagescan-plugin-networkscan" ]; + packageName pkg == "imagescan-plugin-networkscan"; nixpkgs.overlays = singleton (self: super: { utsushi-customized = self.utsushi.override { diff --git a/tv/3modules/default.nix b/tv/3modules/default.nix index edaf50f03..db2cdcd1f 100644 --- a/tv/3modules/default.nix +++ b/tv/3modules/default.nix @@ -3,6 +3,7 @@ ./charybdis ./dnsmasq.nix ./ejabberd + ./focus.nix ./hosts.nix ./iptables.nix ./slock.nix diff --git a/tv/3modules/focus.nix b/tv/3modules/focus.nix new file mode 100644 index 000000000..b1a7b2e52 --- /dev/null +++ b/tv/3modules/focus.nix @@ -0,0 +1,4 @@ +with import <stockholm/lib>; +{ + options.tv.focus.enable = mkEnableOption "tv.focus"; +} diff --git a/tv/5pkgs/simple/utsushi.nix b/tv/5pkgs/simple/utsushi.nix index 0ae4ed880..0414eae09 100644 --- a/tv/5pkgs/simple/utsushi.nix +++ b/tv/5pkgs/simple/utsushi.nix @@ -46,33 +46,34 @@ let ''; imagescan-plugin-networkscan = stdenv.mkDerivation rec { - name = "imagescan-plugin-networkscan-${meta.version}"; + pname = "imagescan-plugin-networkscan"; + version = "1.1.3"; src = if stdenv.system == "i686-linux" then fetchurl { urls = [ - "https://download2.ebz.epson.net/imagescanv3/debian/latest1/deb/x86/imagescan-bundle-debian-9-3.55.0.x86.deb.tar.gz" - "http://ni.r/~tv/mirrors/epson/imagescan-bundle-debian-9-3.55.0.x86.deb.tar.gz" + "https://download2.ebz.epson.net/imagescanv3/debian/latest1/deb/x86/imagescan-bundle-debian-9-3.59.2.x86.deb.tar.gz" + "http://ni.r/~tv/mirrors/epson/imagescan-bundle-debian-9-3.59.2.x86.deb.tar.gz" ]; - sha256 = "12syk4y8z22hm9r1lgxqp81vd24jbqgmq83b7yiyqfd4wfxb6k3s"; + sha256 = "1whw96kcfj65h2jnk72xgyr9jj05fa07d0xjxpaqb0zwdag3465g"; } else if stdenv.system == "x86_64-linux" then fetchurl { urls = [ - "https://download2.ebz.epson.net/imagescanv3/debian/latest1/deb/x64/imagescan-bundle-debian-9-3.55.0.x64.deb.tar.gz" - "http://ni.r/~tv/mirrors/epson/imagescan-bundle-debian-9-3.55.0.x64.deb.tar.gz" + "https://download2.ebz.epson.net/imagescanv3/debian/latest1/deb/x64/imagescan-bundle-debian-9-3.59.2.x64.deb.tar.gz" + "http://ni.r/~tv/mirrors/epson/imagescan-bundle-debian-9-3.59.2.x64.deb.tar.gz" ]; - sha256 = "1wp372hqhzdar6ldxy7s9js2s872x8c5nwq3608dwg9gca11ppc5"; + sha256 = "0kd6mrs48wwss54gw4v9fm7ss5ma2xpn6gd1pz26cgjvp6n8hknn"; } - else throw "${name} is not supported on ${stdenv.system} (only i686-linux and x86_64 linux are supported)"; + else throw "${pname} is not supported on ${stdenv.system} (only i686-linux and x86_64 linux are supported)"; dontBuild = true; installPhase = '' # Wildcard * stand for either i386 or amd64 ${dpkg}/bin/dpkg -x \ - plugins/imagescan-plugin-networkscan_${meta.version}-1epson4debian9_*.deb \ + plugins/imagescan-plugin-networkscan_${version}-1epson4debian9_*.deb \ tmp mv tmp/usr $out @@ -94,25 +95,25 @@ let This package provides the unfree networkscan plugin from the Epson Image Scan v3 scanner driver bundle, which can be used by Utsushi. ''; - homepage = "http://support.epson.net/linux/en/imagescanv3.php?version=${meta.version}"; + homepage = "http://support.epson.net/linux/en/imagescanv3.php?version=${version}"; license = stdenv.lib.licenses.eapl; maintainers = [ stdenv.lib.maintainers.tv ]; platforms = stdenv.lib.platforms.linux; - version = "1.1.2"; }; }; in stdenv.mkDerivation rec { - name = "utsushi-${meta.version}"; + pname = "utsushi"; + version = "3.59.2"; src = fetchurl { urls = [ - "http://support.epson.net/linux/src/scanner/imagescanv3/debian/imagescan_${meta.version}.orig.tar.gz" - "http://ni.r/~tv/mirrors/epson/imagescan_${meta.version}.orig.tar.gz" + "http://support.epson.net/linux/src/scanner/imagescanv3/debian/imagescan_${version}.orig.tar.gz" + "http://ni.r/~tv/mirrors/epson/imagescan_${version}.orig.tar.gz" ]; - sha256 = "0xwl4xp07cigslbi1qc52jsjvxcyvjlx54g812mn7211p01v2h4l"; + sha256 = "1mns10mpyjprkrh2bjcg2nda9iyrnd0pf1did9py84glpapkzrdq"; }; preConfigure = '' @@ -212,6 +213,5 @@ stdenv.mkDerivation rec { license = stdenv.lib.licenses.gpl3; maintainers = [ stdenv.lib.maintainers.tv ]; platforms = stdenv.lib.platforms.linux; - version = "3.55.0"; }; } |