stockholm/makefu/1systems/wbob/config.nix

126 lines
4.5 KiB
Nix
Raw Normal View History

2016-08-23 17:13:50 +00:00
{ config, pkgs, lib, ... }:
2017-05-12 09:29:46 +00:00
let
user = config.makefu.gui.user;
2017-12-05 14:15:32 +00:00
primaryIP = "192.168.8.11";
2016-07-20 18:35:30 +00:00
in {
2016-01-19 19:26:38 +00:00
imports =
2021-03-12 19:11:43 +00:00
[
<stockholm/makefu>
2021-03-12 19:11:43 +00:00
# Include the results of the hardware scan.
./nuc
<stockholm/makefu/2configs/home-manager>
2019-03-06 15:42:27 +00:00
<stockholm/makefu/2configs/support-nixos.nix>
<stockholm/makefu/2configs/zsh-user.nix>
<stockholm/makefu/2configs/tools/core.nix>
2018-11-05 12:51:28 +00:00
# <stockholm/makefu/2configs/disable_v6.nix>
<stockholm/makefu/2configs/tools/core-gui.nix>
<stockholm/makefu/2configs/tools/extra-gui.nix>
<stockholm/makefu/2configs/tools/media.nix>
# <stockholm/makefu/2configs/virtualisation/libvirt.nix>
# <stockholm/makefu/2configs/virtualisation/virtualbox.nix>
<stockholm/makefu/2configs/tinc/retiolum.nix>
2018-01-29 13:47:00 +00:00
<stockholm/makefu/2configs/gui/wbob-kiosk.nix>
2017-12-05 14:15:32 +00:00
2017-07-31 12:23:25 +00:00
# <stockholm/makefu/2configs/gui/studio-virtual.nix>
# <stockholm/makefu/2configs/audio/jack-on-pulse.nix>
# <stockholm/makefu/2configs/audio/realtime-audio.nix>
# <stockholm/makefu/2configs/vncserver.nix>
2020-09-03 17:21:45 +00:00
## no need for dns logs anymore
# <stockholm/makefu/2configs/logging/server.nix>
2017-11-14 09:17:16 +00:00
2017-09-29 19:38:08 +00:00
# Services
2018-06-14 19:56:20 +00:00
# <stockholm/makefu/2configs/hydra/stockholm.nix>
2018-02-26 17:59:43 +00:00
2017-12-05 14:15:32 +00:00
<stockholm/makefu/2configs/share/wbob.nix>
2018-03-18 19:37:48 +00:00
<stockholm/makefu/2configs/bluetooth-mpd.nix>
2017-12-05 14:15:32 +00:00
2017-12-28 15:05:39 +00:00
# Sensors
# <stockholm/makefu/2configs/stats/client.nix>
2021-03-12 19:11:43 +00:00
# <stockholm/makefu/2configs/stats/collectd-client.nix>
2017-12-05 14:15:32 +00:00
<stockholm/makefu/2configs/stats/telegraf>
<stockholm/makefu/2configs/stats/telegraf/airsensor.nix>
2018-08-06 14:33:14 +00:00
<stockholm/makefu/2configs/stats/telegraf/europastats.nix>
<stockholm/makefu/2configs/stats/external/aralast.nix>
<stockholm/makefu/2configs/stats/arafetch.nix>
2021-03-12 19:11:43 +00:00
# <stockholm/makefu/2configs/hw/mceusb.nix>
2018-08-06 14:33:14 +00:00
# <stockholm/makefu/2configs/stats/telegraf/bamstats.nix>
2018-11-05 12:51:28 +00:00
{ environment.systemPackages = [ pkgs.vlc ]; }
2018-08-06 14:33:14 +00:00
<stockholm/makefu/2configs/bureautomation> # new hass entry point
2019-03-06 15:42:27 +00:00
<stockholm/makefu/2configs/bureautomation/led-fader.nix>
2021-03-17 19:03:53 +00:00
# <stockholm/makefu/2configs/bureautomation/kalauerbot.nix> now runs in thales
# <stockholm/makefu/2configs/bureautomation/visitor-photostore.nix>
# <stockholm/makefu/2configs/bureautomation/mpd.nix> #mpd is only used for TTS, this is the web interface
<stockholm/makefu/2configs/mqtt.nix>
2017-12-05 14:15:32 +00:00
(let
collectd-port = 25826;
influx-port = 8086;
2018-07-17 23:30:37 +00:00
admin-port = 8083;
2017-12-05 14:15:32 +00:00
grafana-port = 3000; # TODO nginx forward
db = "collectd_db";
logging-interface = "enp0s25";
in {
2018-07-17 23:30:37 +00:00
networking.firewall.allowedTCPPorts = [ 3000 influx-port admin-port ];
2018-05-03 16:48:31 +00:00
2017-12-05 14:15:32 +00:00
services.grafana.enable = true;
services.grafana.addr = "0.0.0.0";
services.influxdb.enable = true;
2021-10-01 16:30:48 +00:00
systemd.services.influxdb.serviceConfig.LimitNOFILE = 8192;
2017-12-05 14:15:32 +00:00
services.influxdb.extraConfig = {
meta.hostname = config.krebs.build.host.name;
# meta.logging-enabled = true;
http.bind-address = ":${toString influx-port}";
2018-07-17 23:30:37 +00:00
admin.bind-address = ":${toString admin-port}";
2017-12-05 14:15:32 +00:00
collectd = [{
enabled = true;
typesdb = "${pkgs.collectd}/share/collectd/types.db";
database = db;
bind-address = ":${toString collectd-port}";
}];
};
networking.firewall.extraCommands = ''
iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT
'';
})
2017-11-14 09:17:16 +00:00
<stockholm/makefu/2configs/backup/state.nix>
2017-11-14 09:17:16 +00:00
# temporary
# <stockholm/makefu/2configs/temp/rst-issue.nix>
2017-09-29 19:38:08 +00:00
];
2016-08-23 17:13:50 +00:00
2016-02-11 16:05:00 +00:00
krebs = {
enable = true;
build.host = config.krebs.hosts.wbob;
};
2016-08-23 17:13:50 +00:00
networking.firewall.allowedUDPPorts = [ 655 ];
2017-09-29 19:38:08 +00:00
networking.firewall.allowedTCPPorts = [
655
2021-10-21 07:10:55 +00:00
8081 # smokeping
2017-09-29 19:38:08 +00:00
49152
];
2017-05-11 14:06:41 +00:00
networking.firewall.trustedInterfaces = [ "enp0s25" ];
2016-08-23 17:13:50 +00:00
#services.tinc.networks.siem = {
# name = "display";
# extraConfig = ''
# ConnectTo = sjump
# Port = 1655
# '';
#};
2021-10-21 07:10:55 +00:00
#boot.kernelPackages = pkgs.linuxPackages_latest;
2016-02-11 16:05:00 +00:00
# rt2870.bin wifi card, part of linux-unfree
hardware.enableRedistributableFirmware = true;
2016-02-11 16:05:00 +00:00
nixpkgs.config.allowUnfree = true;
# rt2870 with nonfree creates wlp2s0 from wlp0s20u2
# not explicitly setting the interface results in wpa_supplicant to crash
2021-10-21 07:10:55 +00:00
#networking.interfaces.virbr1.ipv4.addresses = [{
# address = "10.8.8.11";
# prefixLength = 24;
#}];
2016-02-11 16:05:00 +00:00
# nuc hardware
2016-01-19 19:26:38 +00:00
}