diff options
41 files changed, 1190 insertions, 745 deletions
diff --git a/krebs/1systems/puyak/config.nix b/krebs/1systems/puyak/config.nix index 9ee61c6f8..19cf22280 100644 --- a/krebs/1systems/puyak/config.nix +++ b/krebs/1systems/puyak/config.nix @@ -1,12 +1,16 @@ { config, pkgs, ... }: - { imports = [ + ./net.nix <stockholm/krebs> <stockholm/krebs/2configs> <stockholm/krebs/2configs/secret-passwords.nix> <stockholm/krebs/2configs/hw/x220.nix> + # see documentation in included getty-for-esp.nix: + # brain hosts/puyak/root + <stockholm/krebs/2configs/hw/getty-for-esp.nix> + ## initrd unlocking # (brain hosts/puyak/luks-ssd;echo) | ssh root@$(brain krebs-secrets/puyak/initrd/hostname) 'cat > /crypt-ramfs/passphrase' @@ -20,8 +24,7 @@ #### NEWS #### <stockholm/krebs/2configs/ircd.nix> - #<stockholm/krebs/2configs/news.nix> - #<stockholm/krebs/2configs/news-spam.nix> + <stockholm/krebs/2configs/news.nix> ### shackspace ### @@ -118,7 +121,6 @@ krebs.build.host = config.krebs.hosts.puyak; sound.enable = false; - boot = { loader.systemd-boot.enable = true; loader.efi.canTouchEfiVariables = true; @@ -163,10 +165,6 @@ services.logind.lidSwitchExternalPower = "ignore"; - services.udev.extraRules = '' - SUBSYSTEM=="net", ATTR{address}=="8c:70:5a:b2:84:58", NAME="wl0" - SUBSYSTEM=="net", ATTR{address}=="3c:97:0e:07:b9:14", NAME="et0" - ''; environment.systemPackages = [ pkgs.zsh ]; @@ -179,5 +177,4 @@ isNormalUser = true; shell = "/run/current-system/sw/bin/zsh"; }; - networking.firewall.allowedTCPPorts = [ 5901 ]; } diff --git a/krebs/1systems/puyak/net.nix b/krebs/1systems/puyak/net.nix new file mode 100644 index 000000000..4cb8d247c --- /dev/null +++ b/krebs/1systems/puyak/net.nix @@ -0,0 +1,23 @@ +let + ext-if = "enp0s25"; + shack-ip = "10.42.22.184"; + shack-gw = "10.42.20.1"; +in { + services.udev.extraRules = '' + SUBSYSTEM=="net", ATTR{address}=="8c:70:5a:b2:84:58", NAME="wl0" + SUBSYSTEM=="net", ATTR{address}=="3c:97:0e:07:b9:14", NAME="et0" + ''; + networking = { + firewall.enable = false; + firewall.allowedTCPPorts = [ 8088 8086 8083 5901 ]; + interfaces."${ext-if}".ipv4.addresses = [ + { + address = shack-ip; + prefixLength = 20; + } + ]; + + defaultGateway = shack-gw; + nameservers = [ "10.42.0.100" "10.42.0.200" ]; + }; +} diff --git a/krebs/2configs/hw/getty-for-esp.nix b/krebs/2configs/hw/getty-for-esp.nix new file mode 100644 index 000000000..18c912353 --- /dev/null +++ b/krebs/2configs/hw/getty-for-esp.nix @@ -0,0 +1,17 @@ +{ + # 1. Program an esp8266 devboard (esp8266+usb-ttl) with # https://github.com/jeelabs/esp-link + # tested vesion: esp-link v3.2.47-g9c6530d + # Pin Preset: esp-bridge + # tx-enable: false + # uart-pins: normal + # 2. connect directly with usb-cable to device, check that vendorID and ProductID match + # 3. nc <esp-link-ip> 23 + # Info: for puyak the root pw is `brain hosts/puyak/root` + services.udev.extraRules = '' + SUBSYSTEM=="tty", ATTRS{idVendor}=="1a86", ATTRS{idProduct}=="7523", SYMLINK+="ilo", MODE="0660" + ''; + systemd.services."serial-getty@ilo".enable = true; + systemd.services."serial-getty@ilo".wantedBy = [ "multi-user.target" ]; + systemd.services."serial-getty@ilo".serviceConfig.Restart = "always"; +} + diff --git a/krebs/2configs/news-spam.nix b/krebs/2configs/news-spam.nix deleted file mode 100644 index a8c658858..000000000 --- a/krebs/2configs/news-spam.nix +++ /dev/null @@ -1,164 +0,0 @@ -{ pkgs, ... }: - -{ - krebs.newsbot-js.news-spam = { - urlShortenerHost = "go.lassul.us"; - feeds = pkgs.writeText "feeds" '' - _aje|http://www.aljazeera.com/Services/Rss/?PostingId=2007731105943979989|#snews - _allafrica|http://allafrica.com/tools/headlines/rdf/latest/headlines.rdf|#snews - _antirez|http://antirez.com/rss|#snews - _archlinux|http://www.archlinux.org/feeds/news/|#snews - _ars|http://feeds.arstechnica.com/arstechnica/index?format=xml|#snews - _augustl|http://augustl.com/atom.xml|#snews - _bbc|http://feeds.bbci.co.uk/news/rss.xml|#snews - _bdt_aktuelle_themen|http://www.bundestag.de/blueprint/servlet/service/de/14154/asFeed/index.rss|#snews - _bdt_drucksachen|http://www.bundestag.de/dip21rss/bundestag_drucksachen.rss|#snews - _bdt_plenarproto|http://www.bundestag.de/rss_feeds/plenarprotokolle.rss|#snews - _bdt_pressemitteilungen|http://www.bundestag.de/blueprint/servlet/service/de/273112/asFeed/index.rss|#snews - _bitcoinpakistan|https://bitcoinspakistan.com/feed/|#snews - _cancer|http://feeds.feedburner.com/ncinewsreleases?format=xml|#snews - _carta|http://feeds2.feedburner.com/carta-standard-rss|#snews - _catholic_news|http://feeds.feedburner.com/catholicnewsagency/dailynews|#snews - _cbc_busi|http://rss.cbc.ca/lineup/business.xml|#snews - _cbc_offbeat|http://www.cbc.ca/cmlink/rss-offbeat|#snews - _cbc_pol|http://rss.cbc.ca/lineup/politics.xml|#snews - _cbc_tech|http://rss.cbc.ca/lineup/technology.xml|#snews - _cbc_top|http://rss.cbc.ca/lineup/topstories.xml|#snews - _ccc|http://www.ccc.de/rss/updates.rdf|#snews - _chan_biz|http://boards.4chan.org/biz/index.rss|#snews - _chan_g|http://boards.4chan.org/g/index.rss|#snews - _chan_int|http://boards.4chan.org/int/index.rss|#snews - _chan_sci|http://boards.4chan.org/sci/index.rss|#snews - _chan_x|http://boards.4chan.org/x/index.rss|#snews - _c|http://www.tempolimit-lichtgeschwindigkeit.de/news.xml|#snews - _cryptogon|http://www.cryptogon.com/?feed=rss2|#snews - _csm|http://rss.csmonitor.com/feeds/csm|#snews - _csm_world|http://rss.csmonitor.com/feeds/world|#snews - _danisch|http://www.danisch.de/blog/feed/|#snews - _dod|http://www.defense.gov/news/afps2.xml|#snews - _dwn|http://deutsche-wirtschafts-nachrichten.de/feed/customfeed/|#snews - _ecat|http://ecat.com/feed|#snews - _eia_press|http://www.eia.gov/rss/press_rss.xml|#snews - _eia_today|http://www.eia.gov/rss/todayinenergy.xml|#snews - _embargowatch|https://embargowatch.wordpress.com/feed/|#snews - _ethereum-comments|http://blog.ethereum.org/comments/feed|#snews - _ethereum|http://blog.ethereum.org/feed|#snews - _europa_ric|http://ec.europa.eu/research/infocentre/rss/infocentre-rss.xml|#snews - _eu_survei|http://www.eurosurveillance.org/public/RSSFeed/RSS.aspx|#snews - _exploitdb|http://www.exploit-db.com/rss.xml|#snews - _fars|http://www.farsnews.com/rss.php|#snews #test - _faz_feui|http://www.faz.net/rss/aktuell/feuilleton/|#snews - _faz_politik|http://www.faz.net/rss/aktuell/politik/|#snews - _faz_wirtschaft|http://www.faz.net/rss/aktuell/wirtschaft/|#snews - _fbi|https://www.fbi.gov/news/rss.xml|#snews - _fedreserve|http://www.federalreserve.gov/feeds/press_all.xml|#snews - _fefe|http://blog.fefe.de/rss.xml|#snews - _forbes|http://www.forbes.com/forbes/feed2/|#snews - _forbes_realtime|http://www.forbes.com/real-time/feed2/|#snews - _fox|http://feeds.foxnews.com/foxnews/latest|#snews - _geheimorganisation|http://geheimorganisation.org/feed/|#snews - _GerForPol|http://www.german-foreign-policy.com/de/news/rss-2.0|#snews - _gmanet|http://www.gmanetwork.com/news/rss/news|#snews - _golem|http://rss.golem.de/rss.php|#snews - _google|http://news.google.com/?output=rss|#snews - _greenpeace|http://feeds.feedburner.com/GreenpeaceNews|#snews - _guardian_uk|http://feeds.theguardian.com/theguardian/uk-news/rss|#snews - _gulli|http://ticker.gulli.com/rss/|#snews - _hackernews|https://news.ycombinator.com/rss|#snews - _handelsblatt|http://www.handelsblatt.com/contentexport/feed/schlagzeilen|#snews - _heise|https://www.heise.de/newsticker/heise-atom.xml|#snews - _hindu_business|http://www.thehindubusinessline.com/?service=rss|#snews - _hindu|http://www.thehindu.com/?service=rss|#snews - _ign|http://feeds.ign.com/ign/all|#snews - _independent|http://www.independent.com/rss/headlines/|#snews - _indymedia|https://de.indymedia.org/rss.xml|#snews - _info_libera|http://www.informationliberation.com/rss.xml|#snews - _klagen-gegen-rundfuckbeitrag|http://klagen-gegen-rundfunkbeitrag.blogspot.com/feeds/posts/default|#snews - _korea_herald|http://www.koreaherald.com/rss_xml.php|#snews - _linuxinsider|http://www.linuxinsider.com/perl/syndication/rssfull.pl|#snews - _lisp|http://planet.lisp.org/rss20.xml|#snews - _liveleak|http://www.liveleak.com/rss|#snews - _lolmythesis|http://lolmythesis.com/rss|#snews - _LtU|http://lambda-the-ultimate.org/rss.xml|#snews - _lukepalmer|http://lukepalmer.wordpress.com/feed/|#snews - _mit|http://web.mit.edu/newsoffice/rss-feeds.feed?type=rss|#snews - _mongrel2_master|https://github.com/zedshaw/mongrel2/commits/master.atom|#snews - _nds|http://www.nachdenkseiten.de/?feed=atom|#snews - _netzpolitik|https://netzpolitik.org/feed/|#snews - _newsbtc|http://newsbtc.com/feed/|#snews - _nnewsg|http://www.net-news-global.net/rss/rssfeed.xml|#snews - _npr_busi|http://www.npr.org/rss/rss.php?id=1006|#snews - _npr_headlines|http://www.npr.org/rss/rss.php?id=1001|#snews - _npr_pol|http://www.npr.org/rss/rss.php?id=1012|#snews - _npr_world|http://www.npr.org/rss/rss.php?id=1004|#snews - _nsa|https://www.nsa.gov/rss.xml|#snews #bullerei - _nytimes|http://rss.nytimes.com/services/xml/rss/nyt/World.xml|#snews - _painload|https://github.com/krebs/painload/commits/master.atom|#snews - _phys|http://phys.org/rss-feed/|#snews - _piraten|https://www.piratenpartei.de/feed/|#snews - _polizei_berlin|http://www.berlin.de/polizei/presse-fahndung/_rss_presse.xml|#snews - _presse_polizei|http://www.presseportal.de/rss/polizei.rss2|#snews - _presseportal|http://www.presseportal.de/rss/presseportal.rss2|#snews - _prisonplanet|http://prisonplanet.com/feed.rss|#snews - _rawstory|http://www.rawstory.com/rs/feed/|#snews - _reddit_4chan|http://www.reddit.com/r/4chan/new/.rss|#snews - _reddit_anticonsum|http://www.reddit.com/r/Anticonsumption/new/.rss|#snews - _reddit_btc|http://www.reddit.com/r/Bitcoin/new/.rss|#snews - _reddit_consp|http://reddit.com/r/conspiracy/.rss|#snews - _reddit_haskell|http://www.reddit.com/r/haskell/.rss|#snews - _reddit_nix|http://www.reddit.com/r/nixos/.rss|#snews - _reddit_prog|http://www.reddit.com/r/programming/new/.rss|#snews - _reddit_sci|http://www.reddit.com/r/science/.rss|#snews - _reddit_tech|http://www.reddit.com/r/technology/.rss|#snews - _reddit_tpp|http://www.reddit.com/r/twitchplayspokemon/.rss|#snews - _reddit_world|http://www.reddit.com/r/worldnews/.rss|#snews - _r-ethereum|http://www.reddit.com/r/ethereum/.rss|#snews - _reuters|http://feeds.reuters.com/Reuters/worldNews|#snews - _reuters-odd|http://feeds.reuters.com/reuters/oddlyEnoughNews?format=xml|#snews - _rt|http://rt.com/rss/news/|#snews - _schallurauch|http://feeds.feedburner.com/SchallUndRauch|#snews - _sciencemag|http://news.sciencemag.org/rss/current.xml|#snews - _scmp|http://www.scmp.com/rss/91/feed|#snews - _sec-db|http://feeds.security-database.com/SecurityDatabaseToolsWatch|#snews - _shackspace|http://shackspace.de/atom.xml|#snews - _shz_news|http://www.shz.de/nachrichten/newsticker/rss|#snews - _sky_busi|http://feeds.skynews.com/feeds/rss/business.xml|#snews - _sky_pol|http://feeds.skynews.com/feeds/rss/politics.xml|#snews - _sky_strange|http://feeds.skynews.com/feeds/rss/strange.xml|#snews - _sky_tech|http://feeds.skynews.com/feeds/rss/technology.xml|#snews - _sky_world|http://feeds.skynews.com/feeds/rss/world.xml|#snews - _slashdot|http://rss.slashdot.org/Slashdot/slashdot|#snews - _slate|http://feeds.slate.com/slate|#snews - _spiegel_eil|http://www.spiegel.de/schlagzeilen/eilmeldungen/index.rss|#snews - _spiegel_top|http://www.spiegel.de/schlagzeilen/tops/index.rss|#snews - _standardmedia_ke|http://www.standardmedia.co.ke/rss/headlines.php|#snews - _stern|http://www.stern.de/feed/standard/all/|#snews - _stz|http://www.stuttgarter-zeitung.de/rss/topthemen.rss.feed|#snews - _sz_politik|http://rss.sueddeutsche.de/rss/Politik|#snews - _sz_wirtschaft|http://rss.sueddeutsche.de/rss/Wirtschaft|#snews - _sz_wissen|http://rss.sueddeutsche.de/rss/Wissen|#snews - _tagesschau|http://www.tagesschau.de/newsticker.rdf|#snews - _taz|http://taz.de/Themen-des-Tages/!p15;rss/|#snews - _telegraph|http://www.telegraph.co.uk/rss.xml|#snews - _telepolis|http://www.heise.de/tp/rss/news-atom.xml|#snews - _the_insider|http://www.theinsider.org/rss/news/headlines-xml.asp|#snews - _tigsource|http://www.tigsource.com/feed/|#snews - _tinc|http://tinc-vpn.org/news/index.rss|#snews - _torr_bits|http://feeds.feedburner.com/TorrentfreakBits|#snews - _torrentfreak|http://feeds.feedburner.com/Torrentfreak|#snews - _torr_news|http://feed.torrentfreak.com/Torrentfreak/|#snews - _travel_warnings|http://feeds.travel.state.gov/ca/travelwarnings-alerts|#snews - _un_afr|http://www.un.org/apps/news/rss/rss_africa.asp|#snews - _un_am|http://www.un.org/apps/news/rss/rss_americas.asp|#snews - _un_eu|http://www.un.org/apps/news/rss/rss_europe.asp|#snews - _un_me|http://www.un.org/apps/news/rss/rss_mideast.asp|#snews - _un_pac|http://www.un.org/apps/news/rss/rss_asiapac.asp|#snews - _un_top|http://www.un.org/apps/news/rss/rss_top.asp|#snews - _us_math_society|http://www.ams.org/cgi-bin/content/news_items.cgi?rss=1|#snews - _vimperator|https://sites.google.com/a/vimperator.org/www/blog/posts.xml|#snews - _weechat|http://dev.weechat.org/feed/atom|#snews - _xkcd|https://xkcd.com/rss.xml|#snews - _zdnet|http://www.zdnet.com/news/rss.xml|#snews - ''; - }; -} diff --git a/krebs/2configs/news.nix b/krebs/2configs/news.nix index 6c59f4d84..11c136f85 100644 --- a/krebs/2configs/news.nix +++ b/krebs/2configs/news.nix @@ -1,22 +1,168 @@ { pkgs, ... }: { - krebs.newsbot-js.news = { - feeds = pkgs.writeText "feeds" '' - antirez|http://antirez.com/rss|#news - archlinux|http://www.archlinux.org/feeds/news/|#news - ethereum|http://blog.ethereum.org/feed|#news - LtU|http://lambda-the-ultimate.org/rss.xml|#news - mongrel2_master|https://github.com/zedshaw/mongrel2/commits/master.atom|#news - painload|https://github.com/krebs/painload/commits/master.atom|#news - reddit_haskell|http://www.reddit.com/r/haskell/.rss|#news - reddit_nix|http://www.reddit.com/r/nixos/.rss|#news - shackspace|http://shackspace.de/atom.xml|#news - tinc|http://tinc-vpn.org/news/index.rss|#news - vimperator|https://sites.google.com/a/vimperator.org/www/blog/posts.xml|#news - weechat|http://dev.weechat.org/feed/atom|#news - xkcd|https://xkcd.com/rss.xml|#news - painload|https://github.com/krebs/painload/commits/master.atom|#news - ''; + krebs.brockman = { + enable = true; + config = { + irc.host = "localhost"; + shortener = "http://go.r"; + bots = { + aje = { feed ="http://www.aljazeera.com/Services/Rss/?PostingId=2007731105943979989"; channels = [ "#snews" ]; }; + allafrica = { feed ="http://allafrica.com/tools/headlines/rdf/latest/headlines.rdf"; channels = [ "#snews" ]; }; + antirez = { feed ="http://antirez.com/rss"; channels = [ "#snews" "#news" ]; }; + archlinux = { feed ="http://www.archlinux.org/feeds/news/"; channels = [ "#snews" "#news" ]; }; + ars = { feed ="http://feeds.arstechnica.com/arstechnica/index?format=xml"; channels = [ "#snews" ]; }; + augustl = { feed ="http://augustl.com/atom.xml"; channels = [ "#snews" ]; }; + bbc = { feed ="http://feeds.bbci.co.uk/news/rss.xml"; channels = [ "#snews" ]; }; + bdt_aktuelle_themen = { feed ="http://www.bundestag.de/blueprint/servlet/service/de/14154/asFeed/index.rss"; channels = [ "#snews" ]; }; + bdt_drucksachen = { feed ="http://www.bundestag.de/dip21rss/bundestag_drucksachen.rss"; channels = [ "#snews" ]; }; + bdt_plenarproto = { feed ="http://www.bundestag.de/rss_feeds/plenarprotokolle.rss"; channels = [ "#snews" ]; }; + bdt_pressemitteilungen = { feed ="http://www.bundestag.de/blueprint/servlet/service/de/273112/asFeed/index.rss"; channels = [ "#snews" ]; }; + bitcoinpakistan = { feed ="https://bitcoinspakistan.com/feed/"; channels = [ "#snews" ]; }; + cancer = { feed ="http://feeds.feedburner.com/ncinewsreleases?format=xml"; channels = [ "#snews" ]; }; + carta = { feed ="http://feeds2.feedburner.com/carta-standard-rss"; channels = [ "#snews" ]; }; + catholic_news = { feed ="http://feeds.feedburner.com/catholicnewsagency/dailynews"; channels = [ "#snews" ]; }; + cbc_busi = { feed ="http://rss.cbc.ca/lineup/business.xml"; channels = [ "#snews" ]; }; + cbc_offbeat = { feed ="http://www.cbc.ca/cmlink/rss-offbeat"; channels = [ "#snews" ]; }; + cbc_pol = { feed ="http://rss.cbc.ca/lineup/politics.xml"; channels = [ "#snews" ]; }; + cbc_tech = { feed ="http://rss.cbc.ca/lineup/technology.xml"; channels = [ "#snews" ]; }; + cbc_top = { feed ="http://rss.cbc.ca/lineup/topstories.xml"; channels = [ "#snews" ]; }; + ccc = { feed ="http://www.ccc.de/rss/updates.rdf"; channels = [ "#snews" ]; }; + chan_biz = { feed ="http://boards.4chan.org/biz/index.rss"; channels = [ "#snews" ]; }; + chan_g = { feed ="http://boards.4chan.org/g/index.rss"; channels = [ "#snews" ]; }; + chan_int = { feed ="http://boards.4chan.org/int/index.rss"; channels = [ "#snews" ]; }; + chan_sci = { feed ="http://boards.4chan.org/sci/index.rss"; channels = [ "#snews" ]; }; + chan_x = { feed ="http://boards.4chan.org/x/index.rss"; channels = [ "#snews" ]; }; + c = { feed ="http://www.tempolimit-lichtgeschwindigkeit.de/news.xml"; channels = [ "#snews" ]; }; + cryptogon = { feed ="http://www.cryptogon.com/?feed=rss2"; channels = [ "#snews" ]; }; + csm = { feed ="http://rss.csmonitor.com/feeds/csm"; channels = [ "#snews" ]; }; + csm_world = { feed ="http://rss.csmonitor.com/feeds/world"; channels = [ "#snews" ]; }; + danisch = { feed ="http://www.danisch.de/blog/feed/"; channels = [ "#snews" ]; }; + dod = { feed ="http://www.defense.gov/news/afps2.xml"; channels = [ "#snews" ]; }; + dwn = { feed ="http://deutsche-wirtschafts-nachrichten.de/feed/customfeed/"; channels = [ "#snews" ]; }; + ecat = { feed ="http://ecat.com/feed"; channels = [ "#snews" ]; }; + eia_press = { feed ="http://www.eia.gov/rss/press_rss.xml"; channels = [ "#snews" ]; }; + eia_today = { feed ="http://www.eia.gov/rss/todayinenergy.xml"; channels = [ "#snews" ]; }; + embargowatch = { feed ="https://embargowatch.wordpress.com/feed/"; channels = [ "#snews" ]; }; + ethereum-comments = { feed ="http://blog.ethereum.org/comments/feed"; channels = [ "#snews" ]; }; + ethereum = { feed ="http://blog.ethereum.org/feed"; channels = [ "#snews" "#news" ]; }; + europa_ric = { feed ="http://ec.europa.eu/research/infocentre/rss/infocentre-rss.xml"; channels = [ "#snews" ]; }; + eu_survei = { feed ="http://www.eurosurveillance.org/public/RSSFeed/RSS.aspx"; channels = [ "#snews" ]; }; + exploitdb = { feed ="http://www.exploit-db.com/rss.xml"; channels = [ "#snews" ]; }; + fars = { feed ="http://www.farsnews.com/rss.php"; channels = [ "#snews #test" ]; }; + faz_feui = { feed ="http://www.faz.net/rss/aktuell/feuilleton/"; channels = [ "#snews" ]; }; + faz_politik = { feed ="http://www.faz.net/rss/aktuell/politik/"; channels = [ "#snews" ]; }; + faz_wirtschaft = { feed ="http://www.faz.net/rss/aktuell/wirtschaft/"; channels = [ "#snews" ]; }; + fbi = { feed ="https://www.fbi.gov/news/rss.xml"; channels = [ "#snews" ]; }; + fedreserve = { feed ="http://www.federalreserve.gov/feeds/press_all.xml"; channels = [ "#snews" ]; }; + fefe = { feed ="http://blog.fefe.de/rss.xml"; channels = [ "#snews" ]; }; + forbes = { feed ="http://www.forbes.com/forbes/feed2/"; channels = [ "#snews" ]; }; + forbes_realtime = { feed ="http://www.forbes.com/real-time/feed2/"; channels = [ "#snews" ]; }; + fox = { feed ="http://feeds.foxnews.com/foxnews/latest"; channels = [ "#snews" ]; }; + geheimorganisation = { feed ="http://geheimorganisation.org/feed/"; channels = [ "#snews" ]; }; + GerForPol = { feed ="http://www.german-foreign-policy.com/de/news/rss-2.0"; channels = [ "#snews" ]; }; + gmanet = { feed ="http://www.gmanetwork.com/news/rss/news"; channels = [ "#snews" ]; }; + golem = { feed ="http://rss.golem.de/rss.php"; channels = [ "#snews" ]; }; + google = { feed ="http://news.google.com/?output=rss"; channels = [ "#snews" ]; }; + greenpeace = { feed ="http://feeds.feedburner.com/GreenpeaceNews"; channels = [ "#snews" ]; }; + guardian_uk = { feed ="http://feeds.theguardian.com/theguardian/uk-news/rss"; channels = [ "#snews" ]; }; + gulli = { feed ="http://ticker.gulli.com/rss/"; channels = [ "#snews" ]; }; + hackernews = { feed ="https://news.ycombinator.com/rss"; channels = [ "#snews" ]; }; + handelsblatt = { feed ="http://www.handelsblatt.com/contentexport/feed/schlagzeilen"; channels = [ "#snews" ]; }; + heise = { feed ="https://www.heise.de/newsticker/heise-atom.xml"; channels = [ "#snews" ]; }; + hindu_business = { feed ="http://www.thehindubusinessline.com/?service=rss"; channels = [ "#snews" ]; }; + hindu = { feed ="http://www.thehindu.com/?service=rss"; channels = [ "#snews" ]; }; + ign = { feed ="http://feeds.ign.com/ign/all"; channels = [ "#snews" ]; }; + independent = { feed ="http://www.independent.com/rss/headlines/"; channels = [ "#snews" ]; }; + indymedia = { feed ="https://de.indymedia.org/rss.xml"; channels = [ "#snews" ]; }; + info_libera = { feed ="http://www.informationliberation.com/rss.xml"; channels = [ "#snews" ]; }; + klagen-gegen-rundfuckbeitrag = { feed ="http://klagen-gegen-rundfunkbeitrag.blogspot.com/feeds/posts/default"; channels = [ "#snews" ]; }; + korea_herald = { feed ="http://www.koreaherald.com/rss_xml.php"; channels = [ "#snews" ]; }; + linuxinsider = { feed ="http://www.linuxinsider.com/perl/syndication/rssfull.pl"; channels = [ "#snews" ]; }; + lisp = { feed ="http://planet.lisp.org/rss20.xml"; channels = [ "#snews" ]; }; + liveleak = { feed ="http://www.liveleak.com/rss"; channels = [ "#snews" ]; }; + lolmythesis = { feed ="http://lolmythesis.com/rss"; channels = [ "#snews" ]; }; + LtU = { feed ="http://lambda-the-ultimate.org/rss.xml"; channels = [ "#snews" "#news" ]; }; + lukepalmer = { feed ="http://lukepalmer.wordpress.com/feed/"; channels = [ "#snews" ]; }; + mit = { feed ="http://web.mit.edu/newsoffice/rss-feeds.feed?type=rss"; channels = [ "#snews" ]; }; + mongrel2_master = { feed ="https://github.com/zedshaw/mongrel2/commits/master.atom"; channels = [ "#snews" "#news" ]; }; + nds = { feed ="http://www.nachdenkseiten.de/?feed=atom"; channels = [ "#snews" ]; }; + netzpolitik = { feed ="https://netzpolitik.org/feed/"; channels = [ "#snews" ]; }; + newsbtc = { feed ="http://newsbtc.com/feed/"; channels = [ "#snews" ]; }; + nnewsg = { feed ="http://www.net-news-global.net/rss/rssfeed.xml"; channels = [ "#snews" ]; }; + npr_busi = { feed ="http://www.npr.org/rss/rss.php?id=1006"; channels = [ "#snews" ]; }; + npr_headlines = { feed ="http://www.npr.org/rss/rss.php?id=1001"; channels = [ "#snews" ]; }; + npr_pol = { feed ="http://www.npr.org/rss/rss.php?id=1012"; channels = [ "#snews" ]; }; + npr_world = { feed ="http://www.npr.org/rss/rss.php?id=1004"; channels = [ "#snews" ]; }; + nsa = { feed ="https://www.nsa.gov/rss.xml"; channels = [ "#snews #bullerei" ]; }; + nytimes = { feed ="http://rss.nytimes.com/services/xml/rss/nyt/World.xml"; channels = [ "#snews" ]; }; + painload = { feed ="https://github.com/krebs/painload/commits/master.atom"; channels = [ "#snews" "#news" ]; }; + phys = { feed ="http://phys.org/rss-feed/"; channels = [ "#snews" ]; }; + piraten = { feed ="https://www.piratenpartei.de/feed/"; channels = [ "#snews" ]; }; + polizei_berlin = { feed ="http://www.berlin.de/polizei/presse-fahndung/_rss_presse.xml"; channels = [ "#snews" ]; }; + presse_polizei = { feed ="http://www.presseportal.de/rss/polizei.rss2"; channels = [ "#snews" ]; }; + presseportal = { feed ="http://www.presseportal.de/rss/presseportal.rss2"; channels = [ "#snews" ]; }; + prisonplanet = { feed ="http://prisonplanet.com/feed.rss"; channels = [ "#snews" ]; }; + rawstory = { feed ="http://www.rawstory.com/rs/feed/"; channels = [ "#snews" ]; }; + reddit_4chan = { feed ="http://www.reddit.com/r/4chan/new/.rss"; channels = [ "#snews" ]; }; + reddit_anticonsum = { feed ="http://www.reddit.com/r/Anticonsumption/new/.rss"; channels = [ "#snews" ]; }; + reddit_btc = { feed ="http://www.reddit.com/r/Bitcoin/new/.rss"; channels = [ "#snews" ]; }; + reddit_consp = { feed ="http://reddit.com/r/conspiracy/.rss"; channels = [ "#snews" ]; }; + reddit_haskell = { feed ="http://www.reddit.com/r/haskell/.rss"; channels = [ "#snews" "#news" ]; }; + reddit_nix = { feed ="http://www.reddit.com/r/nixos/.rss"; channels = [ "#snews" "#news" ]; }; + reddit_prog = { feed ="http://www.reddit.com/r/programming/new/.rss"; channels = [ "#snews" ]; }; + reddit_sci = { feed ="http://www.reddit.com/r/science/.rss"; channels = [ "#snews" ]; }; + reddit_tech = { feed ="http://www.reddit.com/r/technology/.rss"; channels = [ "#snews" ]; }; + reddit_tpp = { feed ="http://www.reddit.com/r/twitchplayspokemon/.rss"; channels = [ "#snews" ]; }; + reddit_world = { feed ="http://www.reddit.com/r/worldnews/.rss"; channels = [ "#snews" ]; }; + r-ethereum = { feed ="http://www.reddit.com/r/ethereum/.rss"; channels = [ "#snews" ]; }; + reuters = { feed ="http://feeds.reuters.com/Reuters/worldNews"; channels = [ "#snews" ]; }; + reuters-odd = { feed ="http://feeds.reuters.com/reuters/oddlyEnoughNews?format=xml"; channels = [ "#snews" ]; }; + rt = { feed ="http://rt.com/rss/news/"; channels = [ "#snews" ]; }; + schallurauch = { feed ="http://feeds.feedburner.com/SchallUndRauch"; channels = [ "#snews" ]; }; + sciencemag = { feed ="http://news.sciencemag.org/rss/current.xml"; channels = [ "#snews" ]; }; + scmp = { feed ="http://www.scmp.com/rss/91/feed"; channels = [ "#snews" ]; }; + sec-db = { feed ="http://feeds.security-database.com/SecurityDatabaseToolsWatch"; channels = [ "#snews" ]; }; + shackspace = { feed ="http://shackspace.de/atom.xml"; channels = [ "#snews" "#news" ]; }; + shz_news = { feed ="http://www.shz.de/nachrichten/newsticker/rss"; channels = [ "#snews" ]; }; + sky_busi = { feed ="http://feeds.skynews.com/feeds/rss/business.xml"; channels = [ "#snews" ]; }; + sky_pol = { feed ="http://feeds.skynews.com/feeds/rss/politics.xml"; channels = [ "#snews" ]; }; + sky_strange = { feed ="http://feeds.skynews.com/feeds/rss/strange.xml"; channels = [ "#snews" ]; }; + sky_tech = { feed ="http://feeds.skynews.com/feeds/rss/technology.xml"; channels = [ "#snews" ]; }; + sky_world = { feed ="http://feeds.skynews.com/feeds/rss/world.xml"; channels = [ "#snews" ]; }; + slashdot = { feed ="http://rss.slashdot.org/Slashdot/slashdot"; channels = [ "#snews" ]; }; + slate = { feed ="http://feeds.slate.com/slate"; channels = [ "#snews" ]; }; + spiegel_eil = { feed ="http://www.spiegel.de/schlagzeilen/eilmeldungen/index.rss"; channels = [ "#snews" ]; }; + spiegel_top = { feed ="http://www.spiegel.de/schlagzeilen/tops/index.rss"; channels = [ "#snews" ]; }; + standardmedia_ke = { feed ="http://www.standardmedia.co.ke/rss/headlines.php"; channels = [ "#snews" ]; }; + stern = { feed ="http://www.stern.de/feed/standard/all/"; channels = [ "#snews" ]; }; + stz = { feed ="http://www.stuttgarter-zeitung.de/rss/topthemen.rss.feed"; channels = [ "#snews" ]; }; + sz_politik = { feed ="http://rss.sueddeutsche.de/rss/Politik"; channels = [ "#snews" ]; }; + sz_wirtschaft = { feed ="http://rss.sueddeutsche.de/rss/Wirtschaft"; channels = [ "#snews" ]; }; + sz_wissen = { feed ="http://rss.sueddeutsche.de/rss/Wissen"; channels = [ "#snews" ]; }; + tagesschau = { feed ="http://www.tagesschau.de/newsticker.rdf"; channels = [ "#snews" ]; }; + taz = { feed ="http://taz.de/Themen-des-Tages/!p15;rss/"; channels = [ "#snews" ]; }; + telegraph = { feed ="http://www.telegraph.co.uk/rss.xml"; channels = [ "#snews" ]; }; + telepolis = { feed ="http://www.heise.de/tp/rss/news-atom.xml"; channels = [ "#snews" ]; }; + the_insider = { feed ="http://www.theinsider.org/rss/news/headlines-xml.asp"; channels = [ "#snews" ]; }; + tigsource = { feed ="http://www.tigsource.com/feed/"; channels = [ "#snews" ]; }; + tinc = { feed ="http://tinc-vpn.org/news/index.rss"; channels = [ "#snews" "#news" ]; }; + torr_bits = { feed ="http://feeds.feedburner.com/TorrentfreakBits"; channels = [ "#snews" ]; }; + torrentfreak = { feed ="http://feeds.feedburner.com/Torrentfreak"; channels = [ "#snews" ]; }; + torr_news = { feed ="http://feed.torrentfreak.com/Torrentfreak/"; channels = [ "#snews" ]; }; + travel_warnings = { feed ="http://feeds.travel.state.gov/ca/travelwarnings-alerts"; channels = [ "#snews" ]; }; + un_afr = { feed ="http://www.un.org/apps/news/rss/rss_africa.asp"; channels = [ "#snews" ]; }; + un_am = { feed ="http://www.un.org/apps/news/rss/rss_americas.asp"; channels = [ "#snews" ]; }; + un_eu = { feed ="http://www.un.org/apps/news/rss/rss_europe.asp"; channels = [ "#snews" ]; }; + un_me = { feed ="http://www.un.org/apps/news/rss/rss_mideast.asp"; channels = [ "#snews" ]; }; + un_pac = { feed ="http://www.un.org/apps/news/rss/rss_asiapac.asp"; channels = [ "#snews" ]; }; + un_top = { feed ="http://www.un.org/apps/news/rss/rss_top.asp"; channels = [ "#snews" ]; }; + us_math_society = { feed ="http://www.ams.org/cgi-bin/content/news_items.cgi?rss=1"; channels = [ "#snews" ]; }; + vimperator = { feed ="https://sites.google.com/a/vimperator.org/www/blog/posts.xml"; channels = [ "#snews" "#news" ]; }; + weechat = { feed ="http://dev.weechat.org/feed/atom"; channels = [ "#snews" "#news" ]; }; + xkcd = { feed ="https://xkcd.com/rss.xml"; channels = [ "#snews" "#news" ]; }; + zdnet = { feed ="http://www.zdnet.com/news/rss.xml"; channels = [ "#snews" ]; }; + }; + }; }; } diff --git a/krebs/2configs/shack/gitlab-runner.nix b/krebs/2configs/shack/gitlab-runner.nix index ecb064579..d525e7987 100644 --- a/krebs/2configs/shack/gitlab-runner.nix +++ b/krebs/2configs/shack/gitlab-runner.nix @@ -1,5 +1,6 @@ { pkgs,lib, ... }: { + boot.kernel.sysctl."net.ipv4.ip_forward" = true; services.gitlab-runner = { enable = true; services= { @@ -17,6 +18,7 @@ "/nix/var/nix/daemon-socket:/nix/var/nix/daemon-socket:ro" ]; dockerDisableCache = true; + # TODO: use the channel from <stockholm/krebs/nixpkgs.json> preBuildScript = pkgs.writeScript "setup-container" '' mkdir -p -m 0755 /nix/var/log/nix/drvs mkdir -p -m 0755 /nix/var/nix/gcroots @@ -28,9 +30,9 @@ mkdir -p -m 0755 /nix/var/nix/profiles/per-user/root mkdir -p -m 0700 "$HOME/.nix-defexpr" . ${pkgs.nix}/etc/profile.d/nix.sh - ${pkgs.nix}/bin/nix-env -i ${concatStringsSep " " (with pkgs; [ nix cacert git openssh ])} - ${pkgs.nix}/bin/nix-channel --add https://nixos.org/channels/nixpkgs-unstable + ${pkgs.nix}/bin/nix-channel --add https://nixos.org/channels/nixos-20.09 nixpkgs ${pkgs.nix}/bin/nix-channel --update nixpkgs + ${pkgs.nix}/bin/nix-env -i ${concatStringsSep " " (with pkgs; [ nix cacert git openssh ])} ''; environmentVariables = { ENV = "/etc/profile"; diff --git a/krebs/2configs/shack/glados/automation/hass-restart.nix b/krebs/2configs/shack/glados/automation/hass-restart.nix index 1b380204d..5f61e19f1 100644 --- a/krebs/2configs/shack/glados/automation/hass-restart.nix +++ b/krebs/2configs/shack/glados/automation/hass-restart.nix @@ -1,21 +1,24 @@ # needs: # light.fablab_led -[ - { alias = "State on HA start-up"; - trigger = { - platform = "homeassistant"; - event = "start"; - }; - # trigger good/bad air - action = [ - { service = "light.turn_on"; - data = { - entity_id = "light.fablab_led"; - effect = "Rainbow"; - color_name = "purple"; - }; - } - ]; - } -] +{ + services.home-assistant.config.automation = + [ + { alias = "State on HA start-up"; + trigger = { + platform = "homeassistant"; + event = "start"; + }; + # trigger good/bad air + action = [ + { service = "light.turn_on"; + data = { + entity_id = "light.fablab_led"; + effect = "Rainbow"; + color_name = "purple"; + }; + } + ]; + } + ]; +} diff --git a/krebs/2configs/shack/glados/automation/party-time.nix b/krebs/2configs/shack/glados/automation/party-time.nix index dfa42d05c..9e7fe24cd 100644 --- a/krebs/2configs/shack/glados/automation/party-time.nix +++ b/krebs/2configs/shack/glados/automation/party-time.nix @@ -6,24 +6,27 @@ let disko_schalter = "switch.lounge_diskoschalter_relay"; player = "media_player.lounge"; in -[ - { alias = "Party um 21 Uhr"; - trigger = { - platform = "sun"; - event = "sunset"; - }; - action = - ( glados.say.kiosk "Die Sonne geht unter. Und jetzt geht die Party im shack erst richtig los. Partybeleuchtung, aktiviert!" ) - ++ - [ - { - service = "homeassistant.turn_on"; - entity_id = disko_schalter; - } - { - service = "media_player.turn_on"; - data.entity_id = player; - } # TODO: also start playlist if nothing is running? - ]; - } -] +{ + services.home-assistant.config.automation = + [ + { alias = "Party um 21 Uhr"; + trigger = { + platform = "sun"; + event = "sunset"; + }; + action = + ( glados.say.kiosk "Die Sonne geht unter. Und jetzt geht die Party im shack erst richtig los. Partybeleuchtung, aktiviert!" ) + ++ + [ + { + service = "homeassistant.turn_on"; + entity_id = disko_schalter; + } + { + service = "media_player.turn_on"; + data.entity_id = player; + } # TODO: also start playlist if nothing is running? + ]; + } + ]; +} diff --git a/krebs/2configs/shack/glados/automation/shack-startup.nix b/krebs/2configs/shack/glados/automation/shack-startup.nix index ac7dd4f1e..471d817a2 100644 --- a/krebs/2configs/shack/glados/automation/shack-startup.nix +++ b/krebs/2configs/shack/glados/automation/shack-startup.nix @@ -13,85 +13,88 @@ let glados = import ../lib; in -[ - { - alias = "Bedanken bei Übernahme von Key"; - initial_state = true; - trigger = { - platform = "state"; - entity_id = "sensor.keyholder"; - }; - condition = { - condition = "template"; - value_template = "{{ (trigger.from_state.state != 'No Keyholder') and (trigger.from_state.state != 'No Keyholder') }}"; - }; - action = glados.say.kiosk "Danke {{ trigger.to_state.state }} für das Übernehmen des Keys von {{ trigger.from_state.state }}"; - } - { - alias = "Keyholder Begrüßen wenn MPD hoch fährt"; - initial_state = true; - trigger = { - platform = "state"; - from = "unavailable"; - entity_id = "media_player.kiosk"; - }; - action = glados.say.kiosk (builtins.readFile ./announcement.j2); - } - { - alias = "Start Music on portal lock on"; - trigger = { - platform = "state"; - entity_id = "binary_sensor.portal_lock"; - to = "on"; - for.seconds = 30; - }; - condition = { - condition = "and"; - conditions = - [ - { # only start if a keyholder opened the door and if the lounge mpd is currently not playing anything - condition = "template"; - value_template = "{{ state('sensor.keyholder') != 'No Keyholder' }}"; - } - { - condition = "state"; - entity_id = "media_player.lounge"; - state = "idle"; - } - ]; - }; - action = [ - { - service = "media_player.volume_set"; - data = { +{ + services.home-assistant.config.automation = + [ + { + alias = "Bedanken bei Übernahme von Key"; + initial_state = true; + trigger = { + platform = "state"; + entity_id = "sensor.keyholder"; + }; + condition = { + condition = "template"; + value_template = "{{ (trigger.from_state.state != 'No Keyholder') and (trigger.from_state.state != 'No Keyholder') }}"; + }; + action = glados.say.kiosk "Danke {{ trigger.to_state.state }} für das Übernehmen des Keys von {{ trigger.from_state.state }}"; + } + { + alias = "Keyholder Begrüßen wenn MPD hoch fährt"; + initial_state = true; + trigger = { + platform = "state"; + from = "unavailable"; + entity_id = "media_player.kiosk"; + }; + action = glados.say.kiosk (builtins.readFile ./announcement.j2); + } + { + alias = "Start Music on portal lock on"; + trigger = { + platform = "state"; + entity_id = "binary_sensor.portal_lock"; + to = "on"; + for.seconds = 30; + }; + condition = { + condition = "and"; + conditions = + [ + { # only start if a keyholder opened the door and if the lounge mpd is currently not playing anything + condition = "template"; + value_template = "{{ state('sensor.keyholder') != 'No Keyholder' }}"; + } + { + condition = "state"; entity_id = "media_player.lounge"; - volume_level = 1.0; - }; - } - { - service = "media_player.play_media"; - data = { - entity_id = "media_player.lounge"; - media_content_type = "playlist"; - media_content_id = "ansage"; - }; - } - { delay.seconds = 8.5; } - { - service = "media_player.volume_set"; - data = { - entity_id = "media_player.lounge"; - volume_level = 0.6; - }; - } - { - service = "media_player.play_media"; - data = { - entity_id = "media_player.lounge"; - media_content_type = "playlist"; - media_content_id = "lassulus"; - }; - } - ]; - } -] + state = "idle"; + } + ]; + }; + action = [ + { + service = "media_player.volume_set"; + data = { + entity_id = "media_player.lounge"; + volume_level = 1.0; + }; + } + { + service = "media_player.play_media"; + data = { + entity_id = "media_player.lounge"; + media_content_type = "playlist"; + media_content_id = "ansage"; + }; + } + { delay.seconds = 8.5; } + { + service = "media_player.volume_set"; + data = { + entity_id = "media_player.lounge"; + volume_level = 0.6; + }; + } + { + service = "media_player.play_media"; + data = { + entity_id = "media_player.lounge"; + media_content_type = "playlist"; + media_content_id = "lassulus"; + }; + } + ]; + } + ]; +} diff --git a/krebs/2configs/shack/glados/default.nix b/krebs/2configs/shack/glados/default.nix index 04843cb24..d546564c5 100644 --- a/krebs/2configs/shack/glados/default.nix +++ b/krebs/2configs/shack/glados/default.nix @@ -1,9 +1,5 @@ { config, pkgs, lib, ... }: let - shackopen = import ./multi/shackopen.nix; - wasser = import ./multi/wasser.nix; - badair = import ./multi/schlechte_luft.nix; - rollos = import ./multi/rollos.nix; in { services.nginx.virtualHosts."hass.shack" = { serverAliases = [ "glados.shack" ]; @@ -21,14 +17,28 @@ in { ''; }; }; + imports = [ + ./multi/shackopen.nix + ./multi/wasser.nix + ./multi/schlechte_luft.nix + ./multi/rollos.nix + + ./switch/power.nix + + ./sensors/power.nix + ./sensors/mate.nix + ./sensors/darksky.nix + ./sensors/spaceapi.nix + ./sensors/sensemap.nix + + ./automation/shack-startup.nix + ./automation/party-time.nix + ./automation/hass-restart.nix + + ]; services.home-assistant = { enable = true; - package = pkgs.home-assistant.override { - extraPackages = ps: with ps; [ - python-forecastio jsonrpc-async jsonrpc-websocket mpd2 pkgs.picotts - ]; - }; autoExtraComponents = true; config = { homeassistant = { @@ -85,9 +95,6 @@ in { retain = true; }; }; - switch = - (import ./switch/power.nix) - ; light = []; media_player = [ { platform = "mpd"; @@ -100,34 +107,23 @@ in { } ]; - sensor = - (import ./sensors/power.nix) - ++ (import ./sensors/mate.nix) - ++ (import ./sensors/darksky.nix { inherit lib;}) - ++ shackopen.sensor - ++ wasser.sensor - ; - air_quality = (import ./sensors/sensemap.nix ); - - binary_sensor = - shackopen.binary_sensor - ++ (import ./sensors/spaceapi.nix) - ; - camera = []; - frontend = { }; config = { }; + sun = {}; http = { base_url = "http://hass.shack"; use_x_forwarded_for = true; trusted_proxies = "127.0.0.1"; }; #conversation = {}; - # history = {}; - #logbook = {}; - logger.default = "info"; + + history = {}; + logbook = {}; #recorder = {}; + + logger.default = "info"; + tts = [ { platform = "google_translate"; service_name = "say"; @@ -136,15 +132,6 @@ in { time_memory = 57600; } ]; - sun = {}; - - automation = wasser.automation - ++ badair.automation - ++ rollos.automation - ++ (import ./automation/shack-startup.nix) - ++ (import ./automation/party-time.nix) - ++ (import ./automation/hass-restart.nix); - device_tracker = []; }; }; diff --git a/krebs/2configs/shack/glados/multi/rollos.nix b/krebs/2configs/shack/glados/multi/rollos.nix index 4e6494936..29525ad82 100644 --- a/krebs/2configs/shack/glados/multi/rollos.nix +++ b/krebs/2configs/shack/glados/multi/rollos.nix @@ -11,46 +11,49 @@ let ]; in { - automation = - [ - { alias = "Rollos fahren Runter"; - trigger = [ - { - platform = "numeric_state"; - entity_id = tempsensor; - above = 25; - for = "00:30:00"; - } - ]; - condition = - [ + services.home-assistant.config = + { + automation = + [ + { alias = "Rollos fahren Runter"; + trigger = [ { - condition = "state"; - entity_id = "sun.sun"; - state = "above_horizon"; - } - ]; - action = - [ - { service = "cover.close_cover"; - entity_id = all_covers; + platform = "numeric_state"; + entity_id = tempsensor; + above = 25; + for = "00:30:00"; } ]; - } - { alias = "Rollos fahren Hoch"; - trigger = [ - { - platform = "sun"; - event = "sunset"; - } - ]; - condition = [ ]; - action = - [ - { service = "cover.open_cover"; - entity_id = all_covers; + condition = + [ + { + condition = "state"; + entity_id = "sun.sun"; + state = "above_horizon"; + } + ]; + action = + [ + { service = "cover.close_cover"; + entity_id = all_covers; + } + ]; + } + { alias = "Rollos fahren Hoch"; + trigger = [ + { + platform = "sun"; + event = "sunset"; } ]; - } - ]; + condition = [ ]; + action = + [ + { service = "cover.open_cover"; + entity_id = all_covers; + } + ]; + } + ]; + }; } diff --git a/krebs/2configs/shack/glados/multi/schlechte_luft.nix b/krebs/2configs/shack/glados/multi/schlechte_luft.nix index 31373d7b9..c1890361b 100644 --- a/krebs/2configs/shack/glados/multi/schlechte_luft.nix +++ b/krebs/2configs/shack/glados/multi/schlechte_luft.nix @@ -4,103 +4,106 @@ let ledring = "light.fablab_led_ring"; in { - automation = - [ - { alias = "Gute Luft Fablab"; - trigger = [ - { - platform = "numeric_state"; - entity_id = feinstaub_sensor; - below = 3; - } - ]; - action = - [ - { service = "light.turn_on"; - data = { - entity_id = ledring; - effect = "Twinkle"; - color_name = "green"; - }; + services.home-assistant.config = + { + automation = + [ + { alias = "Gute Luft Fablab"; + trigger = [ + { + platform = "numeric_state"; + entity_id = feinstaub_sensor; + below = 3; } ]; - } - { alias = "mäßige Luft Fablab"; - trigger = [ - { - platform = "numeric_state"; - above = 3; - below = 10; - entity_id = feinstaub_sensor; - } - ]; - action = - [ - { service = "light.turn_on"; - data = { - entity_id = ledring; - effect = "Twinkle"; - color_name = "yellow"; - }; + action = + [ + { service = "light.turn_on"; + data = { + entity_id = ledring; + effect = "Twinkle"; + color_name = "green"; + }; + } + ]; + } + { alias = "mäßige Luft Fablab"; + trigger = [ + { + platform = "numeric_state"; + above = 3; + below = 10; + entity_id = feinstaub_sensor; } ]; - } - { alias = "schlechte Luft Fablab"; - trigger = [ - { - platform = "numeric_state"; - above = 10; - entity_id = feinstaub_sensor; - } - ]; - action = - [ - { service = "light.turn_on"; - data = { - entity_id = ledring; - effect = "Fireworks"; - color_name = "red"; - }; + action = + [ + { service = "light.turn_on"; + data = { + entity_id = ledring; + effect = "Twinkle"; + color_name = "yellow"; + }; + } + ]; + } + { alias = "schlechte Luft Fablab"; + trigger = [ + { + platform = "numeric_state"; + above = 10; + entity_id = feinstaub_sensor; } ]; - } - { alias = "Luft Sensor nicht verfügbar"; - trigger = [ - { - platform = "state"; - to = "unavailable"; - entity_id = feinstaub_sensor; - } - ]; - action = - [ - { service = "light.turn_on"; - data = { - entity_id = ledring; - effect = "Rainbow"; - color_name = "blue"; - }; + action = + [ + { service = "light.turn_on"; + data = { + entity_id = ledring; + effect = "Fireworks"; + color_name = "red"; + }; + } + ]; + } + { alias = "Luft Sensor nicht verfügbar"; + trigger = [ + { + platform = "state"; + to = "unavailable"; + entity_id = feinstaub_sensor; } ]; - } - { alias = "Fablab Licht Reboot"; - trigger = [ - { - platform = "state"; - from = "unavailable"; - entity_id = ledring; - } - ]; - action = - [ - { service = "light.turn_on"; - data = { - entity_id = ledring; - effect = "Rainbow"; - color_name = "orange"; - }; + action = + [ + { service = "light.turn_on"; + data = { + entity_id = ledring; + effect = "Rainbow"; + color_name = "blue"; + }; + } + ]; + } + { alias = "Fablab Licht Reboot"; + trigger = [ + { + platform = "state"; + from = "unavailable"; + entity_id = ledring; } ]; - } - ]; + action = + [ + { service = "light.turn_on"; + data = { + entity_id = ledring; + effect = "Rainbow"; + color_name = "orange"; + }; + } + ]; + } + ]; + }; } diff --git a/krebs/2configs/shack/glados/multi/shackopen.nix b/krebs/2configs/shack/glados/multi/shackopen.nix index 354405d06..d9be9adfa 100644 --- a/krebs/2configs/shack/glados/multi/shackopen.nix +++ b/krebs/2configs/shack/glados/multi/shackopen.nix @@ -1,23 +1,26 @@ { - binary_sensor = [ - { platform = "mqtt"; - name = "Portal Lock"; - device_class = "door"; - state_topic = "portal/gateway/status"; - availability_topic = "portal/gateway/lwt"; - payload_on = "open"; - payload_off = "closed"; - payload_available = "online"; - payload_not_available = "offline"; - } - ]; - sensor = [ - { platform = "mqtt"; - name = "Keyholder"; - state_topic = "portal/gateway/keyholder"; - availability_topic = "portal/gateway/lwt"; - payload_available = "online"; - payload_not_available = "offline"; - } - ]; + services.home-assistant.config = + { + binary_sensor = [ + { platform = "mqtt"; + name = "Portal Lock"; + device_class = "door"; + state_topic = "portal/gateway/status"; + availability_topic = "portal/gateway/lwt"; + payload_on = "open"; + payload_off = "closed"; + payload_available = "online"; + payload_not_available = "offline"; + } + ]; + sensor = [ + { platform = "mqtt"; + name = "Keyholder"; + state_topic = "portal/gateway/keyholder"; + availability_topic = "portal/gateway/lwt"; + payload_available = "online"; + payload_not_available = "offline"; + } + ]; + }; } diff --git a/krebs/2configs/shack/glados/multi/wasser.nix b/krebs/2configs/shack/glados/multi/wasser.nix index bd8252e1c..9ca5e4500 100644 --- a/krebs/2configs/shack/glados/multi/wasser.nix +++ b/krebs/2configs/shack/glados/multi/wasser.nix @@ -11,100 +11,103 @@ let }; in { - sensor = map ( entity_id: { - platform = "statistics"; - name = "Statistics for ${entity_id}"; - inherit entity_id; - max_age.minutes = "60"; - sampling_size = 1000; - }) ["sensor.crafting_brotbox_soil_moisture"]; + services.home-assistant.config = + { + sensor = map ( entity_id: { + platform = "statistics"; + name = "Statistics for ${entity_id}"; + inherit entity_id; + max_age.minutes = "60"; + sampling_size = 1000; + }) ["sensor.crafting_brotbox_soil_moisture"]; - automation = - [ - ### Brotbox ##### - #{ alias = "Brotbox: water for ${toString brotbox.minutes} minutes every hour"; - # trigger = - # { # Trigger once every hour at :42 - # platform = "time_pattern"; - # minutes = 42; - # }; - # condition = { - # condition = "numeric_state"; - # entity_id = brotbox.sensor; - # value_template = "{{ state_attr('${brotbox.sensor}', 'median') }}"; - # below = 75; - # }; - # action = - # [ - # { - # service = "homeassistant.turn_on"; - # entity_id = brotbox.pump; - # } - # { delay.minutes = brotbox.minutes; } - # { - # service = "homeassistant.turn_off"; - # entity_id = brotbox.pump ; - # } - # ]; - #} - { alias = "Brotbox: Always turn off water after ${toString (brotbox.minutes * 2)} minutes"; - trigger = - { - platform = "state"; - entity_id = brotbox.pump; - to = "on"; - for.minutes = brotbox.minutes*2; - }; - action = - { - service = "homeassistant.turn_off"; - entity_id = brotbox.pump; - }; - } - - ##### Kaffeemaschine - { alias = "Water the plant for ${toString seconds} seconds"; - trigger = [ - { # trigger at 20:00 no matter what - # TODO: retry or run only if switch.wasser is available - platform = "time"; - at = "20:00:00"; - } - ]; - action = - [ - { - service = "homeassistant.turn_on"; - entity_id = [ - wasser - ]; - } - { delay.seconds = seconds; } - { - service = "homeassistant.turn_off"; - entity_id = [ - wasser - ]; - } - ]; - } - { alias = "Always turn off water after ${toString (seconds * 2)}seconds"; - trigger = [ + automation = + [ + ### Brotbox ##### + #{ alias = "Brotbox: water for ${toString brotbox.minutes} minutes every hour"; + # trigger = + # { # Trigger once every hour at :42 + # platform = "time_pattern"; + # minutes = 42; + # }; + # condition = { + # condition = "numeric_state"; + # entity_id = brotbox.sensor; + # value_template = "{{ state_attr('${brotbox.sensor}', 'median') }}"; + # below = 75; + # }; + # action = + # [ + # { + # service = "homeassistant.turn_on"; + # entity_id = brotbox.pump; + # } + # { delay.minutes = brotbox.minutes; } + # { + # service = "homeassistant.turn_off"; + # entity_id = brotbox.pump ; + # } + # ]; + #} + { alias = "Brotbox: Always turn off water after ${toString (brotbox.minutes * 2)} minutes"; + trigger = { platform = "state"; - entity_id = wasser; + entity_id = brotbox.pump; to = "on"; - for.seconds = seconds*2; - } - ]; - action = - [ + for.minutes = brotbox.minutes*2; + }; + action = { service = "homeassistant.turn_off"; - entity_id = [ wasser ]; - } - ]; - } - ]; + entity_id = brotbox.pump; + }; + } + + ##### Kaffeemaschine + { alias = "Water the plant for ${toString seconds} seconds"; + trigger = [ + { # trigger at 20:00 no matter what + # TODO: retry or run only if switch.wasser is available + platform = "time"; + at = "20:00:00"; + } + ]; + action = + [ + { + service = "homeassistant.turn_on"; + entity_id = [ + wasser + ]; + } + { delay.seconds = seconds; } + { + service = "homeassistant.turn_off"; + entity_id = [ + wasser + ]; + } + ]; + } + { alias = "Always turn off water after ${toString (seconds * 2)}seconds"; + trigger = [ + { + platform = "state"; + entity_id = wasser; + to = "on"; + for.seconds = seconds*2; + } + ]; + action = + [ + { + service = "homeassistant.turn_off"; + entity_id = [ wasser ]; + } + ]; + } + ]; + }; } diff --git a/krebs/2configs/shack/glados/sensors/darksky.nix b/krebs/2configs/shack/glados/sensors/darksky.nix index c8725b868..12b33804c 100644 --- a/krebs/2configs/shack/glados/sensors/darksky.nix +++ b/krebs/2configs/shack/glados/sensors/darksky.nix @@ -1,21 +1,24 @@ {lib,...}: -[ - { platform = "darksky"; - api_key = lib.removeSuffix "\n" - (builtins.readFile <secrets/hass/darksky.apikey>); - language = "de"; - monitored_conditions = [ - "summary" "icon" - "nearest_storm_distance" "precip_probability" - "precip_intensity" - "temperature" # "temperature_high" "temperature_low" - "apparent_temperature" - "hourly_summary" # next 24 hours text - "humidity" - "pressure" - "uv_index" - ]; - units = "si" ; - scan_interval = "00:15:00"; - } -] +{ + services.home-assistant.config.sensor = + [ + { platform = "darksky"; + api_key = lib.removeSuffix "\n" + (builtins.readFile <secrets/hass/darksky.apikey>); + language = "de"; + monitored_conditions = [ + "summary" "icon" + "nearest_storm_distance" "precip_probability" + "precip_intensity" + "temperature" # "temperature_high" "temperature_low" + "apparent_temperature" + "hourly_summary" # next 24 hours text + "humidity" + "pressure" + "uv_index" + ]; + units = "si" ; + scan_interval = "00:15:00"; + } + ]; +} diff --git a/krebs/2configs/shack/glados/sensors/mate.nix b/krebs/2configs/shack/glados/sensors/mate.nix index 1bb0e71eb..751856668 100644 --- a/krebs/2configs/shack/glados/sensors/mate.nix +++ b/krebs/2configs/shack/glados/sensors/mate.nix @@ -6,11 +6,15 @@ let name = "Füllstand ${name}"; value_template = "{{ value_json.fuellstand }}"; }; -in [ - (fuellstand "Wasser" 1) - (fuellstand "Mate Cola" 2) - (fuellstand "Apfelschorle" 3) - (fuellstand "Zitronensprudel" 4) - (fuellstand "Mate 1" 26) - (fuellstand "Mate 2" 27) -] +in +{ + services.home-assistant.config.sensor = + [ + (fuellstand "Wasser" 1) + (fuellstand "Mate Cola" 2) + (fuellstand "Apfelschorle" 3) + (fuellstand "Zitronensprudel" 4) + (fuellstand "Mate 1" 26) + (fuellstand "Mate 2" 27) + ]; +} diff --git a/krebs/2configs/shack/glados/sensors/power.nix b/krebs/2configs/shack/glados/sensors/power.nix index b168f2beb..d9b5c7c65 100644 --- a/krebs/2configs/shack/glados/sensors/power.nix +++ b/krebs/2configs/shack/glados/sensors/power.nix @@ -20,7 +20,10 @@ let power_watt = (power_x "Power") ; power_curr = power_x "Current"; in +{ + services.home-assistant.config.sensor = (map power_volt [ "L1" "L2" "L3" ]) ++ (map (x: ((power_watt x) // { device_class = "power"; })) [ "L1" "L2" "L3" ]) ++ (map power_curr [ "L1" "L2" "L3" ]) -++ [ power_consumed ] +++ [ power_consumed ]; +} diff --git a/krebs/2configs/shack/glados/sensors/sensemap.nix b/krebs/2configs/shack/glados/sensors/sensemap.nix index dff29c3c4..c261a28e1 100644 --- a/krebs/2configs/shack/glados/sensors/sensemap.nix +++ b/krebs/2configs/shack/glados/sensors/sensemap.nix @@ -1,6 +1,9 @@ -[ - { - platform = "opensensemap"; - station_id = "56a0de932cb6e1e41040a68b"; - } -] +{ + services.home-assistant.config.air_quality = + [ + { + platform = "opensensemap"; + station_id = "56a0de932cb6e1e41040a68b"; + } + ]; +} diff --git a/krebs/2configs/shack/glados/sensors/spaceapi.nix b/krebs/2configs/shack/glados/sensors/spaceapi.nix index 11cab11c9..ea20ad29d 100644 --- a/krebs/2configs/shack/glados/sensors/spaceapi.nix +++ b/krebs/2configs/shack/glados/sensors/spaceapi.nix @@ -1,52 +1,55 @@ -[ - { - platform = "rest"; - resource = "https://spaceapi.afra-berlin.de/v1/status.json"; - method = "GET"; - name = "Door AFRA Berlin"; - device_class = "door"; - value_template = "{{ value_json.open }}"; - } - { - platform = "rest"; - resource = "http://club.entropia.de/spaceapi"; - method = "GET"; - name = "Door Entropia"; - device_class = "door"; - value_template = "{{ value_json.open }}"; - } - { - platform = "rest"; - resource = "http://www.c-base.org/status.json"; - method = "GET"; - name = "Door C-Base Berlin"; - device_class = "door"; - value_template = "{{ value_json.open }}"; - } - { - platform = "rest"; - resource = "https://status.raumzeitlabor.de/api/full.json"; - method = "GET"; - name = "Door RZL"; - device_class = "door"; - value_template = "{{ value_json.status }}"; - } - { - platform = "rest"; - resource = "https://datenobservatorium.de/"; - method = "GET"; - name = "Door Datenobservatorium"; - device_class = "door"; - value_template = "false"; - scan_interval = 2592000; - } - { - platform = "rest"; - resource = "https://infuanfu.de/"; - method = "GET"; - name = "Door Infuanfu"; - device_class = "door"; - value_template = "false"; - scan_interval = 2592000; - } -] +{ + services.home-assistant.config.binary_sensor = + [ + { + platform = "rest"; + resource = "https://spaceapi.afra-berlin.de/v1/status.json"; + method = "GET"; + name = "Door AFRA Berlin"; + device_class = "door"; + value_template = "{{ value_json.open }}"; + } + { + platform = "rest"; + resource = "http://club.entropia.de/spaceapi"; + method = "GET"; + name = "Door Entropia"; + device_class = "door"; + value_template = "{{ value_json.open }}"; + } + { + platform = "rest"; + resource = "http://www.c-base.org/status.json"; + method = "GET"; + name = "Door C-Base Berlin"; + device_class = "door"; + value_template = "{{ value_json.open }}"; + } + { + platform = "rest"; + resource = "https://status.raumzeitlabor.de/api/full.json"; + method = "GET"; + name = "Door RZL"; + device_class = "door"; + value_template = "{{ value_json.status }}"; + } + { + platform = "rest"; + resource = "https://datenobservatorium.de/"; + method = "GET"; + name = "Door Datenobservatorium"; + device_class = "door"; + value_template = "false"; + scan_interval = 2592000; + } + { + platform = "rest"; + resource = "https://infuanfu.de/"; + method = "GET"; + name = "Door Infuanfu"; + device_class = "door"; + value_template = "false"; + scan_interval = 2592000; + } + ]; +} diff --git a/krebs/2configs/shack/glados/switch/power.nix b/krebs/2configs/shack/glados/switch/power.nix index 4e9a45c28..9ec115faa 100644 --- a/krebs/2configs/shack/glados/switch/power.nix +++ b/krebs/2configs/shack/glados/switch/power.nix @@ -15,18 +15,30 @@ let power = nodelight "power"; light = ident: name: { icon = "mdi:lightbulb";} // nodelight "light" ident name; in -[ - (power 1 "Hauptschalter") - (power 2 "Dusche") - (power 3 "Warmwasser") - (power 4 "Optionsräume") - (power 5 "Küche") - (light 1 "Decke Lounge 1") - (light 2 "Decke Lounge 2") - (light 3 "Decke Lounge 3") - (light 4 "Decke Lounge 4") - (light 5 "Decke Lounge 5") - (light 6 "Decke Lounge 6") - (light 7 "Decke Lounge 7") - (light 8 "Decke Lounge 8") -] +{ + services.home-assistant.config.switch = + [ + # These commands we see with a shutdown: + # power/143/state on + # power/142/state on + # power/141/state on + # power/142/state off + # power/141/state off + # power/10/state off + # power/main/state off + + (power "10" "Hauptschalter") + (power 1 "Dusche") # ??? + (power 2 "Warmwasser") # ??? + (power 3 "Optionsräume") # ??? + (power 4 "Küche") # ??? + (light 1 "Decke Lounge 1") + (light 2 "Decke Lounge 2") + (light 3 "Decke Lounge 3") + (light 4 "Decke Lounge 4") + (light 5 "Decke Lounge 5") + (light 6 "Decke Lounge 6") + (light 7 "Decke Lounge 7") + (light 8 "Decke Lounge 8") + ]; +} diff --git a/krebs/2configs/shack/powerraw.nix b/krebs/2configs/shack/powerraw.nix index 4118e7a72..cc3692e85 100644 --- a/krebs/2configs/shack/powerraw.nix +++ b/krebs/2configs/shack/powerraw.nix @@ -8,20 +8,25 @@ let pkg = pkgs.python3.pkgs.callPackage ( pkgs.fetchgit { url = "https://git.shackspace.de/rz/powermeter.git"; - rev = "96609f0d632e0732afa768ddd7b3f8841ca37c1b"; - sha256 = "sha256:0wfpm3ik5r081qv2crmpjwylgg2v8ximq347qh0fzq1rwv0dqbnn"; + rev = "438b08f"; + sha256 = "0c5czmrwlw985b7ia6077mfrvbf2fq51iajb481pgqbywgxqis5m"; }) {}; in { # receive response from light.shack / standby.shack networking.firewall.allowedUDPPorts = [ 11111 ]; users.users.powermeter.extraGroups = [ "dialout" ]; + # we make sure that usb-ttl has the correct permissions + # creates /dev/powerraw + services.udev.extraRules = '' + SUBSYSTEM=="tty", ATTRS{idVendor}=="0403", ATTRS{idProduct}=="6001", SYMLINK+="powerraw", MODE="0660", GROUP="dialout" + ''; systemd.services.powermeter-serial2mqtt = { description = "powerraw Serial -> mqtt"; wantedBy = [ "multi-user.target" ]; serviceConfig = { User = "powermeter"; - ExecStart = "${pkg}/bin/powermeter-serial2mqtt"; + ExecStart = "${pkg}/bin/powermeter-serial2mqtt /dev/powerraw"; PrivateTmp = true; Restart = "always"; RestartSec = "15"; @@ -67,7 +72,7 @@ in { }; sensor = "total"; types = [ "Voltage" "Current" "Power" ]; - phases = [ 1 2 3 ]; + phases = [ "1" "2" "3" ]; in [ (genTopic "Power consumed" "/power/${sensor}/consumed" { inherit sensor; }) ] ++ (lib.flatten (map (type: (map (phase: (genTopic "Power" "/power/${sensor}/L${toString phase}/${type}" { inherit sensor phase type; }) ) phases)) types)); diff --git a/krebs/2configs/shack/prometheus/alert-rules.nix b/krebs/2configs/shack/prometheus/alert-rules.nix index 1c2d0b1ad..12c691466 100644 --- a/krebs/2configs/shack/prometheus/alert-rules.nix +++ b/krebs/2configs/shack/prometheus/alert-rules.nix @@ -14,7 +14,7 @@ in { labels.severity = "warning"; annotations.summary = "{{ $labels.alias }} root disk full"; annotations.url = "http://grafana.shack/d/hb7fSE0Zz/shack-system-dashboard?orgId=1&var-job=node&var-hostname=All&var-node=wolf.shack:9100&var-device=All&var-maxmount=%2F&var-show_hostname=wolf"; - annotations.description = ''The root disk of {{ $labels.alias }} has {{ $value | printf "%.2f" }}% free disk space (Threshold at ${disk_free_threshold}%).A vast number of shackspace services will stop working. CI for deploying new configuration will also seize working. Log in to the system and run `nix-collect-garbage -d` and clean up the shack share folder in `/home/share` .If this does not help you can check `du -hs /var/ | sort -h`, run `docker system prune` or if you are really desperate run `du -hs / | sort -h` and go through the folders recursively until you've found something to delete''; + annotations.description = ''The root disk of {{ $labels.alias }} has {{ $value | printf "%.2f" }}% free disk space (Threshold at ${disk_free_threshold}%). CI for deploying new configuration will seize working. Log in to the system and run `nix-collect-garbage -d` and clean up the shack share folder in `/home/share` .If this does not help you can check `du -hs /var/ | sort -h`, run `docker system prune` or if you are really desperate run `du -hs / | sort -h` and go through the folders recursively until you've found something to delete''; } { alert = "RootPartitionFull"; @@ -25,14 +25,15 @@ in { annotations.url = "http://grafana.shack/d/hb7fSE0Zz/shack-system-dashboard?orgId=1&var-job=node&var-hostname=All&var-node=wolf.shack:9100&var-device=All&var-maxmount=%2F&var-show_hostname=puyak"; annotations.description = ''The root disk of {{ $labels.alias }} has {{ $value | printf "%.2f" }}% free disk space (Threshold at ${disk_free_threshold}%).Prometheus will not be able to create new alerts and CI for deploying new configuration will also seize working. Log in to the system and run `nix-collect-garbage -d` and if this does not help you can check `du -hs /var/ | sort -h`, run `docker system prune` or if you are really desperate run `du -hs / | sort -h` and go through the folders recursively until you've found something to delete''; } + # wolf.shack is not worth supervising anymore { alert = "HostDown"; - expr = ''up{alias="wolf.shack"} == 0''; + expr = ''up{alias="infra01.shack"} == 0''; for = "5m"; labels.severity = "page"; annotations.summary = "Instance {{ $labels.alias }} down for 5 minutes"; annotations.url = "http://grafana.shack/d/hb7fSE0Zz/shack-system-dashboard?orgId=1&var-job=node&var-hostname=All&var-node=wolf.shack:9100&var-device=All&var-maxmount=%2F&var-show_hostname=wolf"; - annotations.description = ''Host {{ $labels.alias }} went down and has not been reconnected after 5 minutes. This is probably bad news, try to restart the host via naproxen ( http://naproxen.shack:8006 ). Wolf being down means that CI,glados automation, light management and a couple of other services will not work anymore.''; + annotations.description = ''Host {{ $labels.alias }} went down and has not been reconnected after 5 minutes. This is probably bad news, as the machine runs one of the DNS servers and the power broadcast proxy which is used to be able to turn off the light via puyak as well as the shutdown listener.''; } ]; } diff --git a/krebs/2configs/shack/worlddomination.nix b/krebs/2configs/shack/worlddomination.nix index b38b9cab4..61b72d9a8 100644 --- a/krebs/2configs/shack/worlddomination.nix +++ b/krebs/2configs/shack/worlddomination.nix @@ -3,11 +3,11 @@ with import <stockholm/lib>; let pkg = pkgs.stdenv.mkDerivation { - name = "worlddomination-2018-04-21"; + name = "worlddomination-2020-12-01"; src = pkgs.fetchgit { - url = "https://github.com/shackspace/worlddomination/"; - rev = "1b32403b9"; - sha256 = "10x7aiil13k3x9wqy95mi1ys999d6fxg5sys3jwv7a1p930gkl1i"; + url = "https://git.shackspace.de/rz/worlddomination.git"; + rev = "c7aedcde7cd1fcb870b5356a6125e1a384b0776c"; + sha256 = "0y6haz5apwa33lz64l7b2x78wrrckbw39j4wzyd1hfk46478xi2y"; }; buildInputs = [ (pkgs.python3.withPackages (pythonPackages: with pythonPackages; [ @@ -17,6 +17,7 @@ let grequests paramiko python + setuptools ])) ]; installPhase = '' diff --git a/krebs/3modules/brockman.nix b/krebs/3modules/brockman.nix new file mode 100644 index 000000000..21cc14202 --- /dev/null +++ b/krebs/3modules/brockman.nix @@ -0,0 +1,30 @@ +{ pkgs, lib, config, ... }: +with lib; +let + cfg = config.krebs.brockman; +in { + options.krebs.brockman = { + enable = mkEnableOption "brockman"; + config = mkOption { type = types.attrs; }; # TODO make real config here + }; + + config = mkIf cfg.enable { + users.extraUsers.brockman.isNormalUser = false; + + systemd.services.brockman = { + description = "RSS to IRC broadcaster"; + wantedBy = [ "multi-user.target" ]; + after = [ "network-online.target" ]; + serviceConfig = { + Restart = "always"; + ExecStart = '' + ${pkgs.brockman}/bin/brockman ${pkgs.writeText "brockman.json" (builtins.toJSON cfg.config)} + ''; + User = config.users.extraUsers.brockman.name; + PrivateTmp = true; + RuntimeDirectory = "brockman"; + WorkingDirectory = "%t/brockman"; + }; + }; + }; +} diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index bd6bab376..2a74adac3 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -11,6 +11,7 @@ let ./apt-cacher-ng.nix ./backup.nix ./bepasty-server.nix + ./brockman.nix ./buildbot/master.nix ./buildbot/slave.nix ./build.nix diff --git a/krebs/5pkgs/default.nix b/krebs/5pkgs/default.nix index ab25934c8..d18c3e4c8 100644 --- a/krebs/5pkgs/default.nix +++ b/krebs/5pkgs/default.nix @@ -13,6 +13,7 @@ foldl' mergeAttrs {} // { + brockman = self.haskellPackages.brockman; reaktor2 = self.haskellPackages.reaktor2; ReaktorPlugins = self.callPackage ./simple/Reaktor/plugins.nix {}; diff --git a/krebs/5pkgs/haskell/brockman.nix b/krebs/5pkgs/haskell/brockman.nix new file mode 100644 index 000000000..cc08ca5d8 --- /dev/null +++ b/krebs/5pkgs/haskell/brockman.nix @@ -0,0 +1,23 @@ +{ mkDerivation, aeson, async, base, bloomfilter, bytestring +, conduit, containers, feed, hslogger, irc-conduit, microlens +, network, optparse-applicative, stdenv, stm, text, wreq +, fetchFromGitHub +}: +mkDerivation rec { + pname = "brockman"; + version = "1.4.3"; + src = fetchFromGitHub { + owner = "kmein"; + repo = "brockman"; + rev = version; + sha256 = "1721lvdvj47fsif15jvf9x9lsjx0c68fd6i2yjhmhv65cgpivx9q"; + }; + isLibrary = false; + isExecutable = true; + executableHaskellDepends = [ + aeson async base bloomfilter bytestring conduit containers feed + hslogger irc-conduit microlens network optparse-applicative stm + text wreq + ]; + license = stdenv.lib.licenses.mit; +} diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 1b63246c6..f63c6a05a 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -121,6 +121,7 @@ with import <stockholm/lib>; <stockholm/lass/2configs/reaktor-coders.nix> <stockholm/lass/2configs/ciko.nix> <stockholm/lass/2configs/container-networking.nix> + <stockholm/lass/2configs/jitsi.nix> { # quasi bepasty.nix imports = [ <stockholm/lass/2configs/bepasty.nix> diff --git a/lass/2configs/jitsi.nix b/lass/2configs/jitsi.nix new file mode 100644 index 000000000..1435ccb5c --- /dev/null +++ b/lass/2configs/jitsi.nix @@ -0,0 +1,21 @@ +{ config, lib, pkgs, ... }: +{ + + services.jitsi-meet = { + enable = true; + hostName = "jitsi.lassul.us"; + config = { + enableWelcomePage = true; + requireDisplayName = true; + }; + interfaceConfig = { + SHOW_JITSI_WATERMARK = false; + SHOW_WATERMARK_FOR_GUESTS = false; + }; + }; + + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p tcp --dport 4443"; target = "ACCEPT"; } + { predicate = "-p udp --dport 10000"; target = "ACCEPT"; } + ]; +} diff --git a/makefu/2configs/ham/automation/giesskanne.nix b/makefu/2configs/ham/automation/giesskanne.nix new file mode 100644 index 000000000..d89ea595b --- /dev/null +++ b/makefu/2configs/ham/automation/giesskanne.nix @@ -0,0 +1,102 @@ +# uses: +# switch.crafting_giesskanne_relay +let + cam = { + name = "chilicam"; + camera = "camera.espcam_02"; + light = "light.espcam_02_light"; + seconds = 60; # default shutoff to protect the LED from burning out + }; + seconds = 6; + pump = "switch.arbeitszimmer_giesskanne_relay"; + # sensor = "sensor.statistics_for_sensor_crafting_brotbox_soil_moisture"; +in +{ + services.home-assistant.config = + { + #sensor = map ( entity_id: { + # platform = "statistics"; + # name = "Statistics for ${entity_id}"; + # inherit entity_id; + # max_age.minutes = "60"; + # sampling_size = 1000; + # }) [ "sensor.crafting_brotbox_soil_moisture" ]; + + automation = + [ + + ##### brotbox + { alias = "Water the plant for ${toString seconds} seconds"; + trigger = [ + { # trigger at 23:15 no matter what + # TODO: retry or run only if switch.wasser is available + platform = "time"; + at = "23:15:00"; + } + ]; + action = + [ + { # take a snapshot before watering + service = "homeassistant.turn_on"; + entity_id = [ cam.light ]; + } + { # TODO: we could also create a recording with camera.record + service = "camera.snapshot"; + data = { + entity_id = cam.camera; + # TODO: create /var/lib/hass/cam/ - now being done manually + filename = "/var/lib/hass/cam/${cam.name}_{{ now().strftime('%Y%m%d-%H%M%S') }}.jpg"; + }; + } + + { # now turn on the pumping services + # i do not start hte pump and light before the snapshot because i do + # not know how long it takes (do not want to water the plants for too long) + service = "homeassistant.turn_on"; + entity_id = [ pump ]; + } + { delay.seconds = seconds; } + { + service = "homeassistant.turn_off"; + entity_id = [ pump cam.light ]; + } + ]; + } + { alias = "Always turn off the light after ${toString (cam.seconds)}s"; + trigger = [ + { + platform = "state"; + entity_id = cam.light; + to = "on"; + for.seconds = cam.seconds; + } + ]; + action = + [ + { + service = "homeassistant.turn_off"; + entity_id = [ pump cam.light ]; + } + ]; + } + + { alias = "Always turn off water after ${toString (seconds * 2)}s"; + trigger = [ + { + platform = "state"; + entity_id = pump; + to = "on"; + for.seconds = seconds*2; + } + ]; + action = + [ + { + service = "homeassistant.turn_off"; + entity_id = [ pump cam.light ]; + } + ]; + } + ]; + }; +} diff --git a/makefu/2configs/ham/automation/light_buttons.nix b/makefu/2configs/ham/automation/light_buttons.nix new file mode 100644 index 000000000..32d134ecc --- /dev/null +++ b/makefu/2configs/ham/automation/light_buttons.nix @@ -0,0 +1,44 @@ +# light.wohnzimmerbeleuchtung +# light.wohnzimmer_deko +# light.arbeitszimmerbeleuchtung +# light.arbeitszimmer_deko +# light.schlafzimmerbeleuchtung + +let + toggle = light: btn: + { + alias = "Toggle Light ${light} via ${btn}"; + trigger = { + platform = "state"; + entity_id = "sensor.${btn}_click"; + to = "single"; + }; + action = { + service = "light.toggle"; + data.entity_id = light; + data.transition = 0; + }; + }; + turn_off_all = btn: + { + alias = "Turn of all lights via ${btn} double click"; + trigger = { + platform = "state"; + entity_id = "sensor.${btn}_click"; + to = "double"; + }; + action = { + service = "light.turn_off"; + entity_id = "all"; + }; + }; +in { + services.home-assistant.config.automation = [ + (toggle "light.arbeitszimmerbeleuchtung" "arbeitszimmer_btn1") + (toggle "light.schlafzimmerbeleuchtung" "schlafzimmer_btn2") + (toggle "light.wohnzimmerbeleuchtung" "wohnzimmer_btn3") + (turn_off_all "arbeitszimmer_btn1") + (turn_off_all "schlafzimmer_btn2") + (turn_off_all "wohnzimmer_btn3") + ]; +} diff --git a/makefu/2configs/ham/automation/urlaub.nix b/makefu/2configs/ham/automation/urlaub.nix new file mode 100644 index 000000000..a6b9be96f --- /dev/null +++ b/makefu/2configs/ham/automation/urlaub.nix @@ -0,0 +1,44 @@ +# uses: +# light.wohnzimmer_schrank_osram +# light.wohnzimmer_fernseher_led_strip +# "all" lights + +let + schranklicht = "light.wohnzimmer_schrank_osram"; + fernsehlicht = "light.wohnzimmer_fernseher_led_strip"; + final_off = "01:00"; + + turn_on = entity_id: at: + { alias = "Turn on ${entity_id} at ${at}"; + trigger = [ + { platform = "time"; inherit at; } + ]; + action = + [ + { service = "light.turn_on"; inherit entity_id; } + ]; + }; +in +{ + services.home-assistant.config = + { + automation = + [ + (turn_on schranklicht "17:30") + (turn_on fernsehlicht "19:00") + + { alias = "Always turn off the urlaub lights at ${final_off}"; + trigger = [ + { platform = "time"; at = final_off; } + ]; + action = + [ + { + service = "light.turn_off"; + entity_id = [ schranklicht fernsehlicht ]; + } + ]; + } + ]; + }; +} diff --git a/makefu/2configs/ham/automation/wohnzimmer_rf_fernbedienung.nix b/makefu/2configs/ham/automation/wohnzimmer_rf_fernbedienung.nix new file mode 100644 index 000000000..f06094662 --- /dev/null +++ b/makefu/2configs/ham/automation/wohnzimmer_rf_fernbedienung.nix @@ -0,0 +1,61 @@ +# This module maps the RF433 Remote Control to zigbee and wifi lights +let + rf_turn_off = code: light: + { + alias = "Turn off ${light} via rf code ${code}"; + trigger = { + platform = "event"; + event_type = "esphome.rf_code_received"; + event_data.code = code; + }; + action = { + service = "light.turn_off"; + data.entity_id = light; + }; + }; + rf_turn_on = code: light: + { + alias = "Turn on ${light} via rf code ${code}"; + trigger = { + platform = "event"; + event_type = "esphome.rf_code_received"; + event_data.code = code; + }; + action = { + service = "light.turn_on"; + data.entity_id = light; + }; + }; + rf_toggle = code: light: + { + alias = "Toggle ${light} via rf code ${code}"; + trigger = { + platform = "event"; + event_type = "esphome.rf_code_received"; + event_data.code = code; + }; + action = { + service = "light.toggle"; + data.entity_id = light; + }; + }; + +in +{ + services.home-assistant.config.automation = [ + (rf_toggle "400551" "light.wohnzimmer_fernseher_led_strip") # A + (rf_toggle "401151" "light.wohnzimmer_stehlampe_osram") # B + (rf_toggle "401451" "light.wohnzimmer_komode_osram") # C + (rf_toggle "401511" "light.wohnzimmer_schrank_osram") # D + + # OFF Lane + (rf_turn_off "400554" "all") # A + (rf_toggle "401154" "light.wohnzimmer_fenster_lichterkette_licht") # B + (rf_toggle "401454" "light.wohnzimmer_fernsehwand_led") # C + # (rf_toggle "401514" "") # D + ]; + # "400554" # A OFF + # "401154" # B OFF + # "401454" # C OFF + # "401514" # D OFF +} diff --git a/makefu/2configs/ham/default.nix b/makefu/2configs/ham/default.nix index 9e3f7f669..d610fa5c1 100644 --- a/makefu/2configs/ham/default.nix +++ b/makefu/2configs/ham/default.nix @@ -17,7 +17,7 @@ in { # ./multi/flurlicht.nix ./multi/kurzzeitwecker.nix ./multi/the_playlist.nix - ./multi/fliegen-couter.nix + # ./multi/fliegen-couter.nix ./device_tracker/openwrt.nix @@ -26,8 +26,14 @@ in { ./calendar/nextcloud.nix ./automation/firetv_restart.nix + ./automation/light_buttons.nix + ./automation/wohnzimmer_rf_fernbedienung.nix + ./automation/giesskanne.nix + ./automation/urlaub.nix - ./light/groups.nix + ./light/arbeitszimmer.nix + ./light/schlafzimmer.nix + ./light/wohnzimmer.nix ]; services.home-assistant = { diff --git a/makefu/2configs/ham/light/arbeitszimmer.nix b/makefu/2configs/ham/light/arbeitszimmer.nix new file mode 100644 index 000000000..bc60678b3 --- /dev/null +++ b/makefu/2configs/ham/light/arbeitszimmer.nix @@ -0,0 +1,24 @@ +let + arbeitszimmer_deko = [ + "light.led_wand" + "light.box_led_status" + "light.arbeitszimmer_led1_led_strip" # LED-Kreis in cube + ]; + arbeitszimmerbeleuchtung = [ + "light.arbeitszimmer_schrank_dimmer" + "light.arbeitszimmer_kerze" # arbeitszimmer_kerze + ]; +in { + services.home-assistant.config.light = [ + { + platform = "group"; + name = "Arbeitszimmerbeleuchtung"; + entities = arbeitszimmerbeleuchtung; + } + { + platform = "group"; + name = "Arbeitszimmer Deko"; + entities = arbeitszimmer_deko; + } + ]; +} diff --git a/makefu/2configs/ham/light/groups.nix b/makefu/2configs/ham/light/groups.nix deleted file mode 100644 index e1812b68a..000000000 --- a/makefu/2configs/ham/light/groups.nix +++ /dev/null @@ -1,41 +0,0 @@ -let - arbeitszimmer_licht = [ - "light.led_wand" - "light.arbeitszimmer_led1_led_strip" # LED-Kreis in cube - "light.arbeitszimmer_flur_osram_light" - "light.arbeitszimmer_schrank_dimmer_light" - "light.arbeitszimmer_schrank_osram_light" - ]; - wohnzimmer_licht = [ - "light.wohnzimmer_fernseher_led_strip" # led um fernseher - "light.wohnzimmer_komode_osram_light" - "light.wohnzimmer_schrank_osram_light" - "light.wohnzimmer_stehlampe_osram_light" - ]; - schlafzimmer_licht = [ - "schlafzimmer_komode_osram_light" - ]; -in { - services.home-assistant.config.light = [ - { - platform = "group"; - name = "Arbeitszimmer Lichter"; - entities = arbeitszimmer_licht; - } - { - platform = "group"; - name = "Wohnzimmer Lichter"; - entities = wohnzimmer_licht; - } - { - platform = "group"; - name = "Schlafzimmer Lichter"; - entities = schlafzimmer_licht; - } - { - platform = "group"; - name = "Alle Lichter"; - entities = arbeitszimmer_licht ++ wohnzimmer_licht ++ schlafzimmer_licht; - } - ]; -} diff --git a/makefu/2configs/ham/light/schlafzimmer.nix b/makefu/2configs/ham/light/schlafzimmer.nix new file mode 100644 index 000000000..e5370e3f8 --- /dev/null +++ b/makefu/2configs/ham/light/schlafzimmer.nix @@ -0,0 +1,14 @@ +let + schlafzimmer_licht = [ + "light.schlafzimmer_komode_osram" + # "light.schlafzimmer_schrank_osram" + ]; +in { + services.home-assistant.config.light = [ + { + platform = "group"; + name = "Schlafzimmerbeleuchtung"; + entities = schlafzimmer_licht; + } + ]; +} diff --git a/makefu/2configs/ham/light/wohnzimmer.nix b/makefu/2configs/ham/light/wohnzimmer.nix new file mode 100644 index 000000000..bc9c2778a --- /dev/null +++ b/makefu/2configs/ham/light/wohnzimmer.nix @@ -0,0 +1,24 @@ +let + wohnzimmerbeleuchtung = [ + "light.wohnzimmer_komode_osram_light" + "light.wohnzimmer_schrank_osram_light" + ]; + wohnzimmer_deko = [ + "light.wohnzimmer_fernseher_led_strip" # led um fernseher + "light.wohnzimmer_lichterkette_led_strip" # led um fernsehwand + "light.kinderzimmer_lichterkette_licht" # led um fenster + ]; +in { + services.home-assistant.config.light = [ + { + platform = "group"; + name = "Wohnzimmerbeleuchtung"; + entities = wohnzimmerbeleuchtung; + } + { + platform = "group"; + name = "Wohnzimmer Deko"; + entities = wohnzimmer_deko; + } + ]; +} diff --git a/makefu/2configs/home-manager/zsh.nix b/makefu/2configs/home-manager/zsh.nix index 862ee5df3..8d6c1f2f0 100644 --- a/makefu/2configs/home-manager/zsh.nix +++ b/makefu/2configs/home-manager/zsh.nix @@ -52,6 +52,7 @@ xo = "mimeopen"; nmap = "nmap -oN $HOME/loot/scan-`date +\%s`.nmap -oX $HOME/loot/scan-`date +%s`.xml"; }; + # navi package does not come with the navi.plugin.zsh anymore so we use .src initExtra = '' bindkey -e # shift-tab @@ -69,7 +70,7 @@ zstyle ':completion::complete:secrets::' prefix "$HOME/.secrets-pass/" # navi - source ${pkgs.navi}/share/navi/shell/navi.plugin.zsh + . ${pkgs.navi.src}/shell/navi.plugin.zsh # ctrl-x ctrl-e autoload -U compinit && compinit autoload -U edit-command-line diff --git a/makefu/2configs/share/anon-sftp.nix b/makefu/2configs/share/anon-sftp.nix new file mode 100644 index 000000000..7cde9317a --- /dev/null +++ b/makefu/2configs/share/anon-sftp.nix @@ -0,0 +1,25 @@ +{ config, lib, pkgs, ... }: + +with import <stockholm/lib>; +{ + services.openssh = { + allowSFTP = true; + sftpFlags = [ "-l VERBOSE" ]; + extraConfig = '' + Match User anonymous + ForceCommand internal-sftp + AllowTcpForwarding no + X11Forwarding no + PasswordAuthentication no + ''; + }; + + users.users.anonymous = { + uid = genid "anonymous"; + useDefaultShell = false; + password = "anonymous"; + home = "/media/anon"; + createHome = true; + }; + +} diff --git a/makefu/5pkgs/awesomecfg/default.nix b/makefu/5pkgs/awesomecfg/default.nix index acbe61f3f..7a4d30137 100644 --- a/makefu/5pkgs/awesomecfg/default.nix +++ b/makefu/5pkgs/awesomecfg/default.nix @@ -6,7 +6,7 @@ , blueman , clipit , flameshot -, chapter-marker +, chapter-marker ? false , modkey ? "Mod4" , locker? "${pkgs.xlock}/bin/xlock -mode blank" , ... }: |