diff --git a/kartei/makefu/default.nix b/kartei/makefu/default.nix index bad2311e6..e6c296c75 100644 --- a/kartei/makefu/default.nix +++ b/kartei/makefu/default.nix @@ -9,6 +9,7 @@ hostDefaults = hostName: host: foldl' recursiveUpdate {} [ { + ci = false; owner = config.krebs.users.makefu; } # Retiolum defaults @@ -60,13 +61,11 @@ in { hosts = mapAttrs hostDefaults { cake = rec { - ci = false; nets = { retiolum.ip4.addr = "10.243.136.236"; }; }; crapi = rec { # raspi1 - ci = false; nets = { retiolum.ip4.addr = "10.243.136.237"; }; @@ -83,25 +82,21 @@ in { }; studio = rec { - ci = false; nets = { retiolum.ip4.addr = "10.243.227.163"; }; }; fileleech = rec { - ci = false; nets = { retiolum.ip4.addr = "10.243.113.98"; }; }; tsp = { - ci = true; nets = { retiolum.ip4.addr = "10.243.0.212"; }; }; x = { - ci = true; syncthing.id = "OA36OF6-JEFCUJQ-OEYVTMH-DPCACQI-3AJRE5G-BFVMOUG-RPYJQE3-4ZCUWA5"; nets = { retiolum.ip4.addr = "10.243.0.91"; @@ -113,14 +108,12 @@ in { }; filepimp = rec { - ci = false; nets = { retiolum.ip4.addr = "10.243.153.102"; }; }; omo = rec { - ci = true; syncthing.id = "Y5OTK3S-JOJLAUU-KTBXKUW-M7S5UEQ-MMQPUK2-7CXO5V6-NOUDLKP-PRGAFAK"; nets = { wiregrill = { @@ -143,7 +136,6 @@ in { }; }; wbob = rec { - ci = true; nets = { retiolum = { ip4.addr = "10.243.214.15"; @@ -163,7 +155,6 @@ in { }; latte = rec { - ci = true; extraZones = { "krebsco.de" = '' latte.euer IN A ${nets.internet.ip4.addr} @@ -201,7 +192,6 @@ in { }; }; gum = rec { - ci = true; extraZones = { "krebsco.de" = '' rss.euer IN A ${nets.internet.ip4.addr} @@ -305,7 +295,6 @@ in { }; sdev = rec { - ci = true; nets = { retiolum.ip4.addr = "10.243.83.237"; }; diff --git a/makefu/0tests/data/secrets/airdcpp-makefu.pw b/makefu/0tests/data/secrets/airdcpp-makefu.pw deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/auth.nix b/makefu/0tests/data/secrets/auth.nix deleted file mode 100644 index 92d5c34a8..000000000 --- a/makefu/0tests/data/secrets/auth.nix +++ /dev/null @@ -1,3 +0,0 @@ -{ - user = "password"; -} diff --git a/makefu/0tests/data/secrets/bepasty-secret.nix b/makefu/0tests/data/secrets/bepasty-secret.nix deleted file mode 100644 index f5e704702..000000000 --- a/makefu/0tests/data/secrets/bepasty-secret.nix +++ /dev/null @@ -1 +0,0 @@ -"derp" diff --git a/makefu/0tests/data/secrets/bgt_cyberwar_hidden_service/hostname b/makefu/0tests/data/secrets/bgt_cyberwar_hidden_service/hostname deleted file mode 100644 index 2ae3807f1..000000000 --- a/makefu/0tests/data/secrets/bgt_cyberwar_hidden_service/hostname +++ /dev/null @@ -1 +0,0 @@ -dickbutt2342.onion diff --git a/makefu/0tests/data/secrets/bureautomation/citadel.nix b/makefu/0tests/data/secrets/bureautomation/citadel.nix deleted file mode 100644 index b4433109c..000000000 --- a/makefu/0tests/data/secrets/bureautomation/citadel.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ - MATRIX_TOKEN="a"; - MATRIX_ID="b"; -} diff --git a/makefu/0tests/data/secrets/daemon-pw b/makefu/0tests/data/secrets/daemon-pw deleted file mode 100644 index e16c76dff..000000000 --- a/makefu/0tests/data/secrets/daemon-pw +++ /dev/null @@ -1 +0,0 @@ -"" diff --git a/makefu/0tests/data/secrets/dl.euer.krebsco.de-auth.nix b/makefu/0tests/data/secrets/dl.euer.krebsco.de-auth.nix deleted file mode 100644 index 0967ef424..000000000 --- a/makefu/0tests/data/secrets/dl.euer.krebsco.de-auth.nix +++ /dev/null @@ -1 +0,0 @@ -{} diff --git a/makefu/0tests/data/secrets/dl.gum-auth.nix b/makefu/0tests/data/secrets/dl.gum-auth.nix deleted file mode 100644 index 2c63c0851..000000000 --- a/makefu/0tests/data/secrets/dl.gum-auth.nix +++ /dev/null @@ -1,2 +0,0 @@ -{ -} diff --git a/makefu/0tests/data/secrets/ebk-notify.yml b/makefu/0tests/data/secrets/ebk-notify.yml deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/extra-hosts.nix b/makefu/0tests/data/secrets/extra-hosts.nix deleted file mode 100644 index e16c76dff..000000000 --- a/makefu/0tests/data/secrets/extra-hosts.nix +++ /dev/null @@ -1 +0,0 @@ -"" diff --git a/makefu/0tests/data/secrets/grafana_security.nix b/makefu/0tests/data/secrets/grafana_security.nix deleted file mode 100644 index f9096b7cf..000000000 --- a/makefu/0tests/data/secrets/grafana_security.nix +++ /dev/null @@ -1,5 +0,0 @@ -{ - adminUser = "dick"; - adminPassword = "butt"; -} - diff --git a/makefu/0tests/data/secrets/ham/nextcloud-calendar b/makefu/0tests/data/secrets/ham/nextcloud-calendar deleted file mode 100644 index 18b159112..000000000 --- a/makefu/0tests/data/secrets/ham/nextcloud-calendar +++ /dev/null @@ -1,5 +0,0 @@ -{ - username = "bob"; - password = "rob"; -} - diff --git a/makefu/0tests/data/secrets/hashedPasswords.nix b/makefu/0tests/data/secrets/hashedPasswords.nix deleted file mode 100644 index 0967ef424..000000000 --- a/makefu/0tests/data/secrets/hashedPasswords.nix +++ /dev/null @@ -1 +0,0 @@ -{} diff --git a/makefu/0tests/data/secrets/hass/adbkey b/makefu/0tests/data/secrets/hass/adbkey deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/hass/citadel-bot.json b/makefu/0tests/data/secrets/hass/citadel-bot.json deleted file mode 100644 index 0967ef424..000000000 --- a/makefu/0tests/data/secrets/hass/citadel-bot.json +++ /dev/null @@ -1 +0,0 @@ -{} diff --git a/makefu/0tests/data/secrets/hass/darksky.apikey b/makefu/0tests/data/secrets/hass/darksky.apikey deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/hass/router.nix b/makefu/0tests/data/secrets/hass/router.nix deleted file mode 100644 index e16c76dff..000000000 --- a/makefu/0tests/data/secrets/hass/router.nix +++ /dev/null @@ -1 +0,0 @@ -"" diff --git a/makefu/0tests/data/secrets/hass/telegram-bot.json b/makefu/0tests/data/secrets/hass/telegram-bot.json deleted file mode 100644 index 1e1857df9..000000000 --- a/makefu/0tests/data/secrets/hass/telegram-bot.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "platform": "polling", - "api_key": "1:A", - "allowed_chat_ids": [ 0, 1 ] -} diff --git a/makefu/0tests/data/secrets/hass/tile.nix b/makefu/0tests/data/secrets/hass/tile.nix deleted file mode 100644 index cbcf433f7..000000000 --- a/makefu/0tests/data/secrets/hass/tile.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ - username = "lol"; - password = "wut"; -} diff --git a/makefu/0tests/data/secrets/hass/voicerss.apikey b/makefu/0tests/data/secrets/hass/voicerss.apikey deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/hetzner.smb b/makefu/0tests/data/secrets/hetzner.smb deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/id_nixBuild b/makefu/0tests/data/secrets/id_nixBuild deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/iodinepw.nix b/makefu/0tests/data/secrets/iodinepw.nix deleted file mode 100644 index f5e704702..000000000 --- a/makefu/0tests/data/secrets/iodinepw.nix +++ /dev/null @@ -1 +0,0 @@ -"derp" diff --git a/makefu/0tests/data/secrets/kibana-auth.nix b/makefu/0tests/data/secrets/kibana-auth.nix deleted file mode 100644 index 80e8f44c1..000000000 --- a/makefu/0tests/data/secrets/kibana-auth.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ - "dick" = "butt"; -} - diff --git a/makefu/0tests/data/secrets/krebshub.pw b/makefu/0tests/data/secrets/krebshub.pw deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/lego-binaergewitter b/makefu/0tests/data/secrets/lego-binaergewitter deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/mediawikibot-config.json b/makefu/0tests/data/secrets/mediawikibot-config.json deleted file mode 100644 index 0967ef424..000000000 --- a/makefu/0tests/data/secrets/mediawikibot-config.json +++ /dev/null @@ -1 +0,0 @@ -{} diff --git a/makefu/0tests/data/secrets/mqtt/hass b/makefu/0tests/data/secrets/mqtt/hass deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/mqtt/sensor b/makefu/0tests/data/secrets/mqtt/sensor deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/mqtt/stats b/makefu/0tests/data/secrets/mqtt/stats deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/mysql_rootPassword b/makefu/0tests/data/secrets/mysql_rootPassword deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/netdata-stream.conf b/makefu/0tests/data/secrets/netdata-stream.conf deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/nixos-community b/makefu/0tests/data/secrets/nixos-community deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/nsupdate-cache.nix b/makefu/0tests/data/secrets/nsupdate-cache.nix deleted file mode 100644 index f5e704702..000000000 --- a/makefu/0tests/data/secrets/nsupdate-cache.nix +++ /dev/null @@ -1 +0,0 @@ -"derp" diff --git a/makefu/0tests/data/secrets/nsupdate-data.nix b/makefu/0tests/data/secrets/nsupdate-data.nix deleted file mode 100644 index e76c0e87e..000000000 --- a/makefu/0tests/data/secrets/nsupdate-data.nix +++ /dev/null @@ -1 +0,0 @@ -{ "lol" = "wut"; } diff --git a/makefu/0tests/data/secrets/nsupdate-hub.nix b/makefu/0tests/data/secrets/nsupdate-hub.nix deleted file mode 100644 index e76c0e87e..000000000 --- a/makefu/0tests/data/secrets/nsupdate-hub.nix +++ /dev/null @@ -1 +0,0 @@ -{ "lol" = "wut"; } diff --git a/makefu/0tests/data/secrets/nsupdate-search.nix b/makefu/0tests/data/secrets/nsupdate-search.nix deleted file mode 100644 index a9646aeb7..000000000 --- a/makefu/0tests/data/secrets/nsupdate-search.nix +++ /dev/null @@ -1,3 +0,0 @@ -{ - "dick.nsupdate.info" = "butt"; -} diff --git a/makefu/0tests/data/secrets/photoprism.nix b/makefu/0tests/data/secrets/photoprism.nix deleted file mode 100644 index 17811ec5f..000000000 --- a/makefu/0tests/data/secrets/photoprism.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ - db.username = "photoprism"; - db.password = "photoprism"; -} diff --git a/makefu/0tests/data/secrets/retiolum-ci.rsa_key.priv b/makefu/0tests/data/secrets/retiolum-ci.rsa_key.priv deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/retiolum.rsa_key.priv b/makefu/0tests/data/secrets/retiolum.rsa_key.priv deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/retiolum.rsa_key.pub b/makefu/0tests/data/secrets/retiolum.rsa_key.pub deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/sambacred b/makefu/0tests/data/secrets/sambacred deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/shackspace-gitlab-ci-token.nix b/makefu/0tests/data/secrets/shackspace-gitlab-ci-token.nix deleted file mode 100644 index 963e6db8b..000000000 --- a/makefu/0tests/data/secrets/shackspace-gitlab-ci-token.nix +++ /dev/null @@ -1 +0,0 @@ -"lol" diff --git a/makefu/0tests/data/secrets/signal/messenger.nix b/makefu/0tests/data/secrets/signal/messenger.nix deleted file mode 100644 index b43bb3897..000000000 --- a/makefu/0tests/data/secrets/signal/messenger.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ - number = "+1dotdotdot"; - home = "group.ABCDE"; - felix = "group.ABCDE"; - -} diff --git a/makefu/0tests/data/secrets/ssh.id_ed25519 b/makefu/0tests/data/secrets/ssh.id_ed25519 deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/ssh.makefu.id_rsa b/makefu/0tests/data/secrets/ssh.makefu.id_rsa deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/ssh.makefu.id_rsa.pub b/makefu/0tests/data/secrets/ssh.makefu.id_rsa.pub deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/ssh_host_ed25519_key b/makefu/0tests/data/secrets/ssh_host_ed25519_key deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/ssh_host_rsa_key b/makefu/0tests/data/secrets/ssh_host_rsa_key deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/syncthing.cert b/makefu/0tests/data/secrets/syncthing.cert deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/syncthing.key b/makefu/0tests/data/secrets/syncthing.key deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/tinc.krebsco.de.crt b/makefu/0tests/data/secrets/tinc.krebsco.de.crt deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/tinc.krebsco.de.key b/makefu/0tests/data/secrets/tinc.krebsco.de.key deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/tonie.env b/makefu/0tests/data/secrets/tonie.env deleted file mode 100644 index 94d6c469a..000000000 --- a/makefu/0tests/data/secrets/tonie.env +++ /dev/null @@ -1,2 +0,0 @@ -TONIE_AUDIO_MATCH_USER= -TONIE_AUDIO_MATCH_PASS= diff --git a/makefu/0tests/data/secrets/tw-pass.ini b/makefu/0tests/data/secrets/tw-pass.ini deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/uhub.sql b/makefu/0tests/data/secrets/uhub.sql deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/wbobPassword.nix b/makefu/0tests/data/secrets/wbobPassword.nix deleted file mode 100644 index 0479c0770..000000000 --- a/makefu/0tests/data/secrets/wbobPassword.nix +++ /dev/null @@ -1 +0,0 @@ -"$6$lol" diff --git a/makefu/0tests/data/secrets/wildcard.krebsco.de.crt b/makefu/0tests/data/secrets/wildcard.krebsco.de.crt deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/wildcard.krebsco.de.key b/makefu/0tests/data/secrets/wildcard.krebsco.de.key deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/0tests/data/secrets/zigbee2mqtt.nix b/makefu/0tests/data/secrets/zigbee2mqtt.nix deleted file mode 100644 index c67ff3865..000000000 --- a/makefu/0tests/data/secrets/zigbee2mqtt.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ - mqtt.password = "hass"; - mqtt.username = "hass"; - zigbee.network_key = [ 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 ]; -} - diff --git a/makefu/0tests/data/wg-thierry.key b/makefu/0tests/data/wg-thierry.key deleted file mode 100644 index e69de29bb..000000000 diff --git a/makefu/1systems/cake/config.nix b/makefu/1systems/cake/config.nix deleted file mode 100644 index b9550cb2e..000000000 --- a/makefu/1systems/cake/config.nix +++ /dev/null @@ -1,38 +0,0 @@ -{ config, lib, pkgs, ... }: -let - primaryInterface = "eth0"; -in { - imports = [ - - ./hardware-config.nix - - - #./hardware-config.nix - { environment.systemPackages = with pkgs;[ rsync screen curl git tmux picocom mosh ];} - # - - # - # - # - # - # configure your hw: - # - - # directly use the alsa device instead of attaching to pulse - - - - - ]; - krebs = { - enable = true; - tinc.retiolum.enable = true; - build.host = config.krebs.hosts.cake; - }; - # ensure disk usage is limited - services.journald.extraConfig = "Storage=volatile"; - networking.firewall.trustedInterfaces = [ primaryInterface ]; - documentation.info.enable = false; - documentation.man.enable = false; - documentation.nixos.enable = false; -} diff --git a/makefu/1systems/cake/hardware-config.nix b/makefu/1systems/cake/hardware-config.nix deleted file mode 100644 index 932aa1929..000000000 --- a/makefu/1systems/cake/hardware-config.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ pkgs, lib, ... }: -{ - environment.systemPackages = [ pkgs.libraspberrypi ]; - imports = [ ]; - boot.kernelPackages = pkgs.linuxPackages_rpi4; - fileSystems = { - "/" = { - device = "/dev/disk/by-label/NIXOS_SD"; - fsType = "ext4"; - options = [ "noatime" ]; - }; - }; - hardware.raspberry-pi."4".fkms-3d.enable = true; - hardware.raspberry-pi."4".audio.enable = true; -} diff --git a/makefu/1systems/cake/source.nix b/makefu/1systems/cake/source.nix deleted file mode 100644 index 8fc2fff2d..000000000 --- a/makefu/1systems/cake/source.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ - name="cake"; - full = true; - home-manager = true; - hw = true; -} diff --git a/makefu/1systems/crapi/README b/makefu/1systems/crapi/README deleted file mode 100644 index 9278c764a..000000000 --- a/makefu/1systems/crapi/README +++ /dev/null @@ -1,4 +0,0 @@ -1. flash arm6 image from https://www.cs.helsinki.fi/u/tmtynkky/nixos-arm/installer/ to sdcard -2. passwd; systemctl start sshd; mkdir /var/src ; touch /var/src/.populate -3. "environment.systemPackages = [ pkgs.rsync pkgs.git ];" in /etc/nixos/configuration.nix -5. nixos-rebuild switch --fast --option binary-caches http://nixos-arm.dezgeg.me/channel --option binary-cache-public-keys nixos-arm.dezgeg.me-1:xBaUKS3n17BZPKeyxL4JfbTqECsT+ysbDJz29kLFRW0=% diff --git a/makefu/1systems/crapi/config.nix b/makefu/1systems/crapi/config.nix deleted file mode 100644 index e7c6c3666..000000000 --- a/makefu/1systems/crapi/config.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ config, pkgs, lib, ... }: -{ - imports = [ - - ./hardware-config.nix - - - - - ]; - krebs.build.host = config.krebs.hosts.crapi; - - services.openssh.enable = true; - -} diff --git a/makefu/1systems/crapi/hardware-config.nix b/makefu/1systems/crapi/hardware-config.nix deleted file mode 100644 index bba31dabd..000000000 --- a/makefu/1systems/crapi/hardware-config.nix +++ /dev/null @@ -1,39 +0,0 @@ -{ pkgs, lib, ... }: -{ - #raspi1 - boot.kernelParams = ["cma=32M" "console=ttyS0,115200n8" "console=tty0" "console=ttyS1,115200n8" ]; - - boot.loader.grub.enable = false; - boot.loader.raspberryPi.enable = true; - boot.loader.raspberryPi.version = 1; - boot.loader.raspberryPi.uboot.enable = true; - boot.loader.raspberryPi.uboot.configurationLimit = 1; - boot.loader.generationsDir.enable = lib.mkDefault false; - hardware.enableRedistributableFirmware = true; - boot.cleanTmpDir = true; - environment.systemPackages = [ pkgs.raspberrypi-tools ]; - boot.kernelPackages = pkgs.linuxPackages_rpi; - - nix.binaryCaches = [ "http://nixos-arm.dezgeg.me/channel" ]; - nix.binaryCachePublicKeys = [ "nixos-arm.dezgeg.me-1:xBaUKS3n17BZPKeyxL4JfbTqECsT+ysbDJz29kLFRW0=%" ]; - - fileSystems = { - "/boot" = { - device = "/dev/disk/by-label/NIXOS_BOOT"; - fsType = "vfat"; - }; - "/" = { - device = "/dev/disk/by-label/NIXOS_SD"; - fsType = "ext4"; - }; - }; - - system.activationScripts.create-swap = '' - if [ ! -e /swapfile ]; then - fallocate -l 2G /swapfile - mkswap /swapfile - chmod 600 /swapfile - fi - ''; - swapDevices = [ { device = "/swapfile"; size = 4096; } ]; -} diff --git a/makefu/1systems/crapi/source.nix b/makefu/1systems/crapi/source.nix deleted file mode 100644 index 4a4359ee6..000000000 --- a/makefu/1systems/crapi/source.nix +++ /dev/null @@ -1,3 +0,0 @@ -{ - arm6 = true; -} diff --git a/makefu/1systems/darth/config.nix b/makefu/1systems/darth/config.nix deleted file mode 100644 index 4e71d1426..000000000 --- a/makefu/1systems/darth/config.nix +++ /dev/null @@ -1,76 +0,0 @@ -{ config, pkgs, lib, ... }: - -with import ; -let - # all the good stuff resides in /data - - byid = dev: "/dev/disk/by-id/" + dev; - rootDisk = byid "ata-INTEL_SSDSC2BW480H6_CVTR53120385480EGN"; - bootPart = rootDisk + "-part1"; - rootPart = rootDisk + "-part2"; - - allDisks = [ rootDisk ]; # auxDisk -in { - imports = [ - - - - - - - # - - - - - # - - - - # lan party - - - - - - ]; - - - - #networking.firewall.enable = false; - makefu.server.primary-itf = "enp0s25"; - # krebs.hidden-ssh.enable = true; - boot.kernelModules = [ "coretemp" "f71882fg" ]; - hardware.enableRedistributableFirmware = true; - nixpkgs.config.allowUnfree = true; - networking = { - wireless.enable = true; - firewall = { - allowPing = true; - logRefusedConnections = false; - # trustedInterfaces = [ "eno1" ]; - allowedUDPPorts = [ 80 655 1655 67 ]; - allowedTCPPorts = [ 80 655 1655 ]; - }; - # fallback connection to the internal virtual network - # interfaces.virbr3.ip4 = [{ - # address = "10.8.8.2"; - # prefixLength = 24; - # }]; - }; - - # TODO smartd omo darth gum all-in-one - services.smartd.devices = builtins.map (x: { device = x; }) allDisks; - - boot.loader.grub.device = rootDisk; - boot.initrd.luks.devices = [ - { name = "luksroot"; - device = rootPart; - allowDiscards = true; - keyFileSize = 4096; - keyFile = "/dev/sdb"; - } - ]; - - krebs.build.host = config.krebs.hosts.darth; -} diff --git a/makefu/1systems/darth/source.nix b/makefu/1systems/darth/source.nix deleted file mode 100644 index a8d7368ab..000000000 --- a/makefu/1systems/darth/source.nix +++ /dev/null @@ -1,3 +0,0 @@ -{ - name="darth"; -} diff --git a/makefu/1systems/drop/config.nix b/makefu/1systems/drop/config.nix deleted file mode 100644 index 2757db8cc..000000000 --- a/makefu/1systems/drop/config.nix +++ /dev/null @@ -1,40 +0,0 @@ -{ config, pkgs, ... }: -let - external-ip = "45.55.145.62"; - default-gw = "45.55.128.1"; - prefixLength = 18; -in { - imports = [ - - - - - ]; - krebs = { - enable = true; - tinc.retiolum.enable = true; - build.host = config.krebs.hosts.drop; - }; - - boot.loader.grub.device = "/dev/vda"; - boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "ehci_pci" "virtio_pci" "virtio_blk" "virtio_net" "virtio_scsi" ]; - fileSystems."/" = { - device = "/dev/vda1"; - fsType = "ext4"; - }; - - networking = { - firewall = { - allowPing = true; - logRefusedConnections = false; - allowedTCPPorts = [ ]; - allowedUDPPorts = [ 655 ]; - }; - interfaces.enp0s3.ipv4.addresses = [{ - address = external-ip; - inherit prefixLength; - }]; - defaultGateway = default-gw; - nameservers = [ "8.8.8.8" ]; - }; -} diff --git a/makefu/1systems/drop/source.nix b/makefu/1systems/drop/source.nix deleted file mode 100644 index a6bc834b0..000000000 --- a/makefu/1systems/drop/source.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ - name="drop"; - torrent = true; -} diff --git a/makefu/1systems/fileleech/config.nix b/makefu/1systems/fileleech/config.nix deleted file mode 100644 index 7e9dea9ec..000000000 --- a/makefu/1systems/fileleech/config.nix +++ /dev/null @@ -1,174 +0,0 @@ -{ config, pkgs, lib, ... }: -let - toMapper = id: "/media/crypt${builtins.toString id}"; - byid = dev: "/dev/disk/by-id/" + dev; - keyFile = byid "usb-Intuix_DiskOnKey_09A07360336198F8-0:0"; - rootDisk = byid "ata-INTEL_SSDSA2M080G2GC_CVPO003402PB080BGN"; - rootPartition = rootDisk + "-part3"; - - dataDisks = let - idpart = dev: byid dev + "-part1"; - in [ - { name = "crypt0"; device = idpart "scsi-1ATA_HUA722020ALA330_B9GDLJEF";} - { name = "crypt1"; device = idpart "scsi-1ATA_HUA722020ALA330_B9GGWG8F";} - { name = "crypt2"; device = idpart "scsi-1ATA_HUA722020ALA330_B9GH5NAF";} - { name = "crypt3"; device = idpart "scsi-1ATA_HUA722020ALA330_B9GJWGDF";} - { name = "crypt4"; device = idpart "scsi-1ATA_HUA722020ALA330_B9GKKXHF";} - { name = "crypt5"; device = idpart "scsi-1ATA_HUA722020ALA330_B9GKKXVF";} - { name = "crypt6"; device = idpart "scsi-1ATA_HUA722020ALA330_YAJJ8WRV";} - { name = "crypt7"; device = idpart "scsi-1ATA_HUA722020ALA330_YBKTUS4F";} # parity - ]; - - disks = [ { name = "luksroot"; device = rootPartition; } ] ++ dataDisks; -in { - imports = [ - - - - - - - # - # - # - # - - ]; - systemd.services.grafana.serviceConfig.LimitNOFILE=10032; - systemd.services.graphiteApi.serviceConfig.LimitNOFILE=10032; - systemd.services.carbonCache.serviceConfig.LimitNOFILE=10032; - makefu.server.primary-itf = "enp8s0f0"; - krebs = { - enable = true; - build.host = config.krebs.hosts.fileleech; - }; - # git clone https://github.com/makefu/docker-pyload - # docker build . - # docker run -d -v /var/lib/pyload:/opt/pyload/pyload-config -v /media/crypt0/pyload:/opt/pyload/Downloads --name pyload --restart=always -p 8112:8000 -P docker-pyload - - virtualisation.docker.enable = true; # for pyload - networking.firewall.allowPing = true; - networking.firewall.logRefusedConnections = false; - networking.firewall.allowedTCPPorts = [ - 51412 # torrent - 8112 # rutorrent-web - 8113 # pyload - 8080 # sabnzbd - 9090 # sabnzbd-ssl - 655 # tinc - 21 # ftp - ]; - services.nginx.virtualHosts._download = { - default = true; - root = config.makefu.dl-dir; - extraConfig = '' - autoindex on; - ''; - basicAuth = import ; - }; - networking.firewall.allowedUDPPorts = [ - 655 # tinc - 51412 # torrent - ]; - - services.vsftpd.enable = true; - services.vsftpd.localUsers = true; - services.vsftpd.userlist = [ "download" ]; - services.vsftpd.userlistEnable = true; - # services.vsftpd.chrootlocalUser = true; - - services.sabnzbd.enable = true; - systemd.services.sabnzbd.environment.SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; - - # TODO use users.motd and pam.services.sshd.showMotd - services.openssh.extraConfig = let banner = pkgs.writeText "openssh-banner" '' - Services: - ssh://download@fileleech - ssh via filebitch - ftp://download@fileleech - access to ${config.makefu.dl-dir} - http://fileleech:8112 - rutorrent - http://fileleech:8113 - pyload - https://fileleech:9090 - sabnzb - ''; in "Banner ${banner}"; - - boot.initrd.luks = { - devices = let - usbkey = name: device: { - inherit name device keyFile; - keyFileSize = 4096; - allowDiscards = true; - }; - in builtins.map (x: usbkey x.name x.device) disks; - }; - environment.systemPackages = with pkgs;[ mergerfs ]; - - fileSystems = let - cryptMount = name: - { "/media/${name}" = { device = "/dev/mapper/${name}"; fsType = "xfs"; };}; - in cryptMount "crypt0" - // cryptMount "crypt1" - // cryptMount "crypt2" - // cryptMount "crypt3" - // cryptMount "crypt4" - // cryptMount "crypt5" - // cryptMount "crypt6" - // cryptMount "crypt7" - - # this entry sometimes creates issues - // { "/media/cryptX" = { - device = (lib.concatMapStringsSep ":" (d: (toMapper d)) [ 0 1 2 3 4 5 6 ]); - fsType = "mergerfs"; - noCheck = true; - options = [ "defaults" "nofail" "allow_other" "nonempty" ]; }; - } - - ; - makefu.dl-dir = "/media/cryptX"; - users.users.download = { - useDefaultShell = true; - # name = "download"; - # createHome = true; - openssh.authorizedKeys.keys = [ - config.krebs.users.makefu.pubkey - config.krebs.users.lass.pubkey - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC7betFnMWVeBYRhJ+2f0B5WbDdbpteIVg/BlyimXbx79R7lZ7nUq5GyMLrp7B00frUuA0su8oFFN3ODPJDstgBslBIP7kWPR2zW8NOXorrbFo3J2fKvlO77k6/wD5/M11m5nS01/aVJgAgMGLg2W12G7EMf5Wq75YsQJC/S9p8kMca589djMPRuQETu7fWq0t/Gmwq+2ELLL0csRK87LvybA92JYkAIneRnGzIlCguOXq0Vcq6pGQ1J1PfVEP76Do33X29l2hZc/+vR9ExW6s2g7fs5/5LDX9Wnq7+AEsxiEf4IOeL0hCG4/CGGCN23J+6cDrNKOP94AHO1si0O2lxFsxgNU2vdVWPNgSLottiUFBPPNEZFD++sZyutzH6PIz6D90hB2Q52X6WN9ZUtlDfQ91rHd+S2BhR6f4dAqiRDXlI5MNNDdoTT4S5R0wU/UrNwjiV/xiu/hWZYGQK7YgY4grFRblr378r8FqjLvumPDFMDLVa9eJKq1ad1x/GV5tZpsttzWj4nbixaKlZOg+TN2GHboujLx3bANz1Jqfvfto8UOeKTtA8pkb8E1PJPpBMOZcA7oHaqJrp6Vuf/SkmglHnQvGbi60OK3s61nuRmIcBiTXd+4qeAJpq1QyEDj3X/+hV0Gwz8rCo6JGkF1ETW37ZYvqU9rxNXjS+/Pfktw== jules@kvasir-2015-02-13" - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDINUD+p2yrc9KoTbCiuYhdfLlRu/eNX6BftToSMLs8O9qWQORjgXbDn8M9iUWXCHzdUZ9sm6Rz8TMdEV0jZq/nB01zYnW4NhMrt+NGtrmGqDa+eYrRZ4G7Rx8AYzM/ZSwERKX10txAVugV44xswRxWvFbCedujjXyWsxelf1ngb+Hiy9/CPuWNYEhTZs/YuvNkupCui2BuKuoSivJAkLhGk5YqwwcllCr39YXa/tFJWsgoQNcB9hwpzfhFm6Cc7m5DhmTWSVhQHEWyaas8Lukmd4v+mRY+KZpuhbomCHWzkxqzdBun8SXiiAKlgem9rtBIgeTEfz9OtOfF3/6VfqE7 toerb@mittagspause ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB0IP143FAHBHWjEEKGOnM8SSTIgNF1MJxGCMKaJvTHf momo@k2.local" - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1ZJSpBb7Cxo+c2r2JJIcbYOTm/sJxOv2NFRoDfjxGS9CCwzRbzrwJcv2d23j35mu97x3+fUvo8DyMFLvLvume2PFCijqhMDzZZvjYXZdvXA+hnh53nqZf+Pjq8Xc3tSWBHQxUokaBmZbd4LlKHh8NgKVrP2zve6OPZMzo/Es93v37KEmT8d/PfVMrQEMPZzFrCVdq2RbpdQ1nhx09zRFW7OJOazgotafjx6IYXbVq2VDnjffXInsE9ZxDzYq1cNKIH0c2BLpTd3mv76iD9i+nD6W6s48+usFQnVLt2TY1uKkfMr7043E6jBxx5kNHBe5Xxr6Zs0SkR8kKOEhMO//4ucviUYKZJn8wk2SLkAyMYVBexx8jrTdlI4xgQ7RLpSIDTCm9dfbZY/YhZDJ21lsWduQqu7DFWMe05gg4NZDjf2kwYQOzATyqISGA7ttSEPT1iymr/ffAOgLBLSqWQAteUbI2U5cnflWZGwm33JF/Pyb4S3k3/f2mIBKiRx2lsGv6mx1w0SaYRtJxDWqGYMHuFiNYbq9r/bZfLqV3Fy9kRODFJTfJh8mcTnC4zabpiQ7fnqbh1qHu0WrrBSgFW0PR2WWCJ0e5Btj1yRgXp0+d5OuxxlVInRs+l2HogdxjonMhAHrTCzJtI8UJTKXKN0FBPRDRcepeExhvNqcOUz4Kvw== me@andreaskist.de" - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCo2z8zsI+YF3ho0hvYzzCZi05mNyjk4iFK08+nNFCdXSG07jmRROWzTcC2ysTKZ56XD2al2abLxy4FZfmDcu9b2zJoPnIiXv/Jw0TKeZ71OyN3bILtv+6Xj1FTJ+kAUMXBfEew7UCgZZ8u8RQsFmlhqB9XqCBXmzP7I2EM1wWSzwEAgG/k6C+Ir054JjAj+fLr/wBduD1GAe8bXXF3Ojiky8OMs2oJaoGV96mrVAtVN+ftfWSvHCK31Y/KgCoPDE4LdoTir1IRfx2pZUMPkyzRW/etXT0PKD96I+/3d1xNPzNNjFpd6GqADC3xnfY3WslNgjL7gqwsC9SlEyuT1Xkd lotho@mercurius" - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClaVl9Fwp4wdGLeTZdfy5MpJf+hM6fpL1k6UmtYXWgVYU7tgmStdlpLlbyMQspoFRtT7/76n4kPwCmM0c82xNXaJJMuWa98pwMp+bAwSSdOGAP/vjfzL/TUAX+Xtrw6ehF7r1O+zqw/E/bWt6UezKj08wDLWjByzdDQwslJV6lrGek4mmYRdgmHHeZ1oG89ePEZJZOM6jcZqv0AfIj0NID3ir9Z0kz9uSSXb1279Qt4953mfjs5xwhtc1B7vrxJ3qtTZUsBoAkUkLeulUEIjkfn60wvDGu/66GP5ZClXyk2gck/ZNmtFYrQoqx9EtF1KK02cC17A0nfRySQy5BnfWn root@filebitch" - ]; - }; - makefu.snapraid = { - enable = true; - disks = map toMapper [ 0 1 2 3 4 5 6 ]; - parity = toMapper 7; - }; - networking.nameservers = [ "8.8.8.8" ]; - # SPF - networking.defaultGateway = "151.217.176.1"; - networking.interfaces.enp6s0f0.ipv4.addresses = [{ - address = "151.217.178.63"; - prefixLength = 22; - }]; - - # Gigabit - networking.interfaces.enp8s0f1.ipv4.addresses = [{ - address = "192.168.126.1"; - prefixLength = 24; - }]; - - #interfaces.enp6s0f1.ip4 = [{ - # address = external-ip; - # prefixLength = 22; - #}]; - - boot.loader.grub.device = rootDisk; - - boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "aacraid" "usb_storage" "usbhid" ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - # http://blog.hackathon.de/using-unsupported-sfp-modules-with-linux.html - boot.extraModprobeConfig = '' - options ixgbe allow_unsupported_sfp=1 - ''; -} diff --git a/makefu/1systems/fileleech/source.nix b/makefu/1systems/fileleech/source.nix deleted file mode 100644 index b6951a273..000000000 --- a/makefu/1systems/fileleech/source.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ - name = "fileleech"; - torrent = true; -} diff --git a/makefu/1systems/filepimp/config.nix b/makefu/1systems/filepimp/config.nix deleted file mode 100644 index 3edfffb78..000000000 --- a/makefu/1systems/filepimp/config.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ config, pkgs, lib, ... }: -# nix-shell -p wol --run 'wol C8:CB:B8:CF:E4:DC --passwd=CA-FE-BA-BE-13-37' -let - itf = config.makefu.server.primary-itf; -in { - imports = - [ # Include the results of the hardware scan. - ./hw.nix - - - - - - - ]; - - krebs.build.host = config.krebs.hosts.filepimp; - - networking.firewall.trustedInterfaces = [ itf ]; - networking.interfaces.${itf}.wakeOnLan.enable = true; - -} diff --git a/makefu/1systems/filepimp/hw.nix b/makefu/1systems/filepimp/hw.nix deleted file mode 100644 index 6f02d9b1b..000000000 --- a/makefu/1systems/filepimp/hw.nix +++ /dev/null @@ -1,83 +0,0 @@ -{ config, pkgs, lib, ... }: - -let - byid = dev: "/dev/disk/by-id/" + dev; - part1 = disk: disk + "-part1"; - rootDisk = byid "ata-SanDisk_SDSSDP064G_140237402890"; - primary-interface = "enp3s0"; # c8:cb:b8:cf:e4:dc - # N54L Chassis: - # ____________________ - # |______FRONT_______| - # | [ ]| - # | [ d1 d0 d3 d4 ]| - # |___[_____________]| - jDisk1 = byid "ata-ST4000DM000-1F2168_Z3040NEA"; - - # transfer to omo - jDisk0 = byid "ata-ST4000DM000-1F2168_Z303HVSG"; - jDisk2 = byid "ata-WDC_WD40EFRX-68WT0N0_WD-WCC4E0621363"; - jDisk3 = byid "ata-TOSHIBA_MD04ACA400_156GK89OFSBA"; - allDisks = [ rootDisk jDisk0 jDisk1 jDisk2 jDisk3 ]; -in { - boot = { - loader.grub.device = rootDisk; - - initrd.availableKernelModules = [ - "ahci" - "ohci_pci" - "ehci_pci" - "pata_atiixp" - "usb_storage" - "usbhid" - ]; - - kernelModules = [ "kvm-amd" ]; - extraModulePackages = [ ]; - }; - makefu.server.primary-itf = primary-interface; - - hardware.enableRedistributableFirmware = true; - hardware.cpu.amd.updateMicrocode = true; - - zramSwap.enable = true; - - makefu.snapraid = let - toMedia = name: "/media/" + name; - in { - enable = true; - # todo combine creation when enabling the mount point - disks = map toMedia [ - "j0" - "j1" - "j2" - ]; - parity = toMedia "par0"; - }; - # TODO: refactor, copy-paste from omo - services.smartd.devices = builtins.map (x: { device = x; }) allDisks; - powerManagement.powerUpCommands = lib.concatStrings (map (disk: '' - ${pkgs.hdparm}/sbin/hdparm -S 100 ${disk} - ${pkgs.hdparm}/sbin/hdparm -B 127 ${disk} - ${pkgs.hdparm}/sbin/hdparm -y ${disk} - '') allDisks); - fileSystems = let - xfsmount = name: dev: - { "/media/${name}" = { - device = dev; fsType = "xfs"; - options = [ "nofail" ]; - }; }; - tomedia = id: "/media/${id}"; - in - (xfsmount "j0" (part1 jDisk0)) // - (xfsmount "j1" (part1 jDisk1)) // - (xfsmount "j2" (part1 jDisk2)) // - (xfsmount "par0" (part1 jDisk3)) // - { "/media/jX" = { - device = (lib.concatMapStringsSep ":" (d: (tomedia d)) ["j0" "j1" "j2" ]); - fsType = "mergerfs"; - noCheck = true; - options = [ "defaults" "allow_other" "nofail" "nonempty" ]; - }; - }; - environment.systemPackages = [ pkgs.mergerfs ]; -} diff --git a/makefu/1systems/filepimp/source.nix b/makefu/1systems/filepimp/source.nix deleted file mode 100644 index 9930f0e42..000000000 --- a/makefu/1systems/filepimp/source.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ - name="filepimp"; - home-manager = true; -} diff --git a/makefu/1systems/firecracker/config.nix b/makefu/1systems/firecracker/config.nix deleted file mode 100644 index 87f500287..000000000 --- a/makefu/1systems/firecracker/config.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ config, lib, pkgs, ... }: -let - primaryInterface = "eth0"; -in { - imports = [ - - ./hardware-config.nix - # - { environment.systemPackages = with pkgs;[ rsync screen curl git ];} - - # -# configure your hw: -# - ]; - krebs = { - enable = true; - tinc.retiolum.enable = true; - build.host = config.krebs.hosts.firecracker; - }; - networking.firewall.trustedInterfaces = [ primaryInterface ]; - documentation.info.enable = false; - documentation.man.enable = false; - services.nixosManual.enable = false; - sound.enable = false; -} diff --git a/makefu/1systems/firecracker/hardware-config.nix b/makefu/1systems/firecracker/hardware-config.nix deleted file mode 100644 index b821a3375..000000000 --- a/makefu/1systems/firecracker/hardware-config.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ pkgs, lib, ... }: -{ - boot.kernelParams = lib.mkForce ["console=ttyS2,1500000n8" "earlycon=uart8250,mmio32,0xff1a0000" "earlyprintk"]; - boot.loader.grub.enable = false; - boot.loader.generic-extlinux-compatible.enable = true; - boot.loader.generic-extlinux-compatible.configurationLimit = 1; - boot.loader.generationsDir.enable = lib.mkDefault false; - boot.supportedFilesystems = lib.mkForce [ "vfat" ]; - - boot.tmpOnTmpfs = lib.mkForce false; - boot.cleanTmpDir = true; - hardware.enableRedistributableFirmware = true; - - ## wifi not working, will be fixed with https://github.com/NixOS/nixpkgs/pull/53747 - boot.kernelPackages = pkgs.linuxPackages_latest; - networking.wireless.enable = true; - # File systems configuration for using the installer's partition layout - swapDevices = [ { device = "/var/swap"; size = 4096; } ]; - fileSystems = { - "/boot" = { - device = "/dev/disk/by-label/NIXOS_BOOT"; - fsType = "vfat"; - }; - "/" = { - device = "/dev/disk/by-label/NIXOS_SD"; - fsType = "ext4"; - }; - }; - -} diff --git a/makefu/1systems/firecracker/source.nix b/makefu/1systems/firecracker/source.nix deleted file mode 100644 index 22c40039e..000000000 --- a/makefu/1systems/firecracker/source.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ - name="cake"; - full = true; -} diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix deleted file mode 100644 index f40f113bb..000000000 --- a/makefu/1systems/gum/config.nix +++ /dev/null @@ -1,261 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -let - external-ip = config.krebs.build.host.nets.internet.ip4.addr; - ext-if = config.makefu.server.primary-itf; - allDisks = [ "/dev/sda" "/dev/sdb" ]; -in { - imports = [ - - ./hetznercloud - { - # wait for mount - systemd.services.rtorrent.wantedBy = lib.mkForce []; - systemd.services.phpfpm-nextcloud.wantedBy = lib.mkForce []; - systemd.services.samba-smbd.wantedBy = lib.mkForce []; - } - { - users.users.lass = { - uid = 19002; - isNormalUser = true; - createHome = true; - useDefaultShell = true; - openssh.authorizedKeys.keys = with config.krebs.users; [ - lass.pubkey - makefu.pubkey - ]; - }; - } - - - - - - # - - - # - - - - # Security - - - # Tools - - - - # - - - - - # - - # networking - # - # - # - # - - { # bonus retiolum config for connecting more hosts - krebs.tinc.retiolum = { - #extraConfig = lib.mkForce '' - # ListenAddress = ${external-ip} 53 - # ListenAddress = ${external-ip} 655 - # ListenAddress = ${external-ip} 21031 - # StrictSubnets = yes - # LocalDiscovery = no - #''; - connectTo = [ - "prism" "ni" "enklave" "eve" "dishfire" - ]; - }; - networking.firewall = { - allowedTCPPorts = - [ - 53 - 655 - 21031 - ]; - allowedUDPPorts = - [ - 53 - 655 - 21031 - ]; - }; - } - - # ci - # - - - ### systemdUltras ### - - - ###### Shack ##### - # - # - - - - - - - # services - # postgres backend - # - # - { krebs.exim.enable = mkDefault true; } - - - # sharing - # samba sahre - - # - - { nixpkgs.config.allowUnfree = true; } - # - ## - # - # - # - - - ## network - # - # - - { makefu.backup.server.repo = "/var/backup/borg"; } - - - - - - { # recent changes mediawiki bot - networking.firewall.allowedUDPPorts = [ 5005 5006 ]; - } - # Removed until move: no extra mails - # - # Removed until move: avoid letsencrypt ban - ### Web - - # postgres backend - # postgres backend - - - - #postgres backend - ### Moving owncloud data dir to /media/cloud/nextcloud-data - { - users.users.nextcloud.extraGroups = [ "download" ]; - # nextcloud-setup fails as it cannot set permissions for nextcloud - systemd.services.nextcloud-setup.serviceConfig.SuccessExitStatus = "0 1"; - systemd.tmpfiles.rules = [ - "L /var/lib/nextcloud/data - - - - /media/cloud/nextcloud-data" - "L /var/backup - - - - /media/cloud/gum-backup" - ]; - #fileSystems."/var/lib/nextcloud/data" = { - # device = "/media/cloud/nextcloud-data"; - # options = [ "bind" ]; - #}; - #fileSystems."/var/backup" = { - # device = "/media/cloud/gum-backup"; - # options = [ "bind" ]; - #}; - } - - - # - - - - - ## - # - # - - # - # - - # - # - # - # - # - - - # - - - # - - - # - - - - - # - - # - - # sharing - - { krebs.airdcpp.dcpp.shares = { - download.path = config.makefu.dl-dir + "/finished"; - sorted.path = config.makefu.dl-dir + "/sorted"; - }; - } - - - ## Temporary: - # - # - # - - # krebs infrastructure services - # - ]; - - # makefu.dl-dir = "/var/download"; - makefu.dl-dir = "/media/cloud/download/finished"; - - services.openssh.hostKeys = lib.mkForce [ - { bits = 4096; path = (toString ); type = "rsa"; } - { path = (toString ); type = "ed25519"; } ]; - ###### stable - security.acme.certs."cgit.euer.krebsco.de" = { - email = "letsencrypt@syntax-fehler.de"; - webroot = "/var/lib/acme/acme-challenge"; - group = "nginx"; - }; - services.nginx.virtualHosts."cgit" = { - serverAliases = [ "cgit.euer.krebsco.de" ]; - addSSL = true; - sslCertificate = "/var/lib/acme/cgit.euer.krebsco.de/fullchain.pem"; - sslCertificateKey = "/var/lib/acme/cgit.euer.krebsco.de/key.pem"; - locations."/.well-known/acme-challenge".extraConfig = '' - root /var/lib/acme/acme-challenge; - ''; - }; - - krebs.build.host = config.krebs.hosts.gum; - - # Network - networking = { - firewall = { - allowedTCPPorts = [ - 80 443 - 28967 # storj - ]; - allowPing = true; - logRefusedConnections = false; - }; - nameservers = [ "8.8.8.8" ]; - }; - users.users.makefu.extraGroups = [ "download" "nginx" ]; - state = [ "/home/makefu/.weechat" ]; -} diff --git a/makefu/1systems/gum/hetzner/default.nix b/makefu/1systems/gum/hetzner/default.nix deleted file mode 100644 index 7d445879a..000000000 --- a/makefu/1systems/gum/hetzner/default.nix +++ /dev/null @@ -1,116 +0,0 @@ -{ config, ... }: -let - external-mac = "50:46:5d:9f:63:6b"; - main-disk = "/dev/disk/by-id/ata-TOSHIBA_DT01ACA300_13H8863AS"; - sec-disk = "/dev/disk/by-id/ata-TOSHIBA_DT01ACA300_23OJ2GJAS"; - external-gw = "144.76.26.225"; - # single partition, label "nixos" - # cd /var/src; curl https://github.com/nixos/nixpkgs/tarball/809cf38 -L | tar zx ; mv * nixpkgs && touch .populate - - - # static - external-ip = "144.76.26.247"; - external-ip6 = "2a01:4f8:191:12f6::2"; - external-gw6 = "fe80::1"; - external-netmask = 27; - external-netmask6 = 64; - internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; - ext-if = "et0"; # gets renamed on the fly -in { - imports = [ - - { services.smartd.devices = builtins.map (x: { device = x; }) allDisks; } - - ]; - makefu.server.primary-itf = ext-if; - services.udev.extraRules = '' - SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="${ext-if}" - ''; - networking = { - interfaces."${ext-if}" = { - ipv4.addresses = [{ - address = external-ip; - prefixLength = external-netmask; - }]; - ipv6.addresses = [{ - address = external-ip6; - prefixLength = external-netmask6; - }]; - }; - defaultGateway6 = { address = external-gw6; interface = ext-if; }; - defaultGateway = external-gw; - }; - boot.kernelParams = [ ]; - boot.loader.grub.enable = true; - boot.loader.grub.version = 2; - boot.loader.grub.devices = [ main-disk ]; - boot.initrd.kernelModules = [ "dm-raid" "dm_cache" "dm-thin-pool" ]; - boot.initrd.availableKernelModules = [ - "ata_piix" "vmw_pvscsi" "virtio_pci" "sd_mod" "ahci" - "xhci_pci" "ehci_pci" "ahci" "sd_mod" - ]; - boot.kernelModules = [ "dm-raid" "dm_cache" "dm-thin-pool" "kvm-intel" ]; - hardware.enableRedistributableFirmware = true; - fileSystems."/" = { - device = "/dev/nixos/root"; - fsType = "ext4"; - }; - fileSystems."/var/lib" = { - device = "/dev/nixos/lib"; - fsType = "ext4"; - }; - fileSystems."/var/log" = { - device = "/dev/nixos/log"; - fsType = "ext4"; - }; - fileSystems."/var/download" = { - device = "/dev/nixos/download"; - fsType = "ext4"; - }; - fileSystems."/var/www/binaergewitter" = { - device = "/dev/nixos/binaergewitter"; - fsType = "ext4"; - options = [ "nofail" ]; - }; - fileSystems."/var/lib/nextcloud/data" = { - device = "/dev/nixos/nextcloud"; - fsType = "ext4"; - options = [ "nofail" ]; - }; - fileSystems."/var/lib/borgbackup" = { - device = "/dev/nixos/backup"; - fsType = "ext4"; - }; - fileSystems."/boot" = { - device = "/dev/sda2"; - fsType = "vfat"; - }; - # parted -s -a optimal "$disk" \ - # mklabel gpt \ - # mkpart no-fs 0 1024KiB \ - # set 1 bios_grub on \ - # mkpart ESP fat32 1025KiB 1024MiB set 2 boot on \ - # mkpart primary 1025MiB 100% - # parted -s -a optimal "/dev/sdb" \ - # mklabel gpt \ - # mkpart primary 1M 100% - - #mkfs.vfat /dev/sda2 - #pvcreate /dev/sda3 - #pvcreate /dev/sdb1 - #vgcreate nixos /dev/sda3 /dev/sdb1 - #lvcreate -L 120G -m 1 -n root nixos - #lvcreate -L 50G -m 1 -n lib nixos - #lvcreate -L 100G -n download nixos - #lvcreate -L 100G -n backup nixos - #mkfs.ext4 /dev/mapper/nixos-root - #mkfs.ext4 /dev/mapper/nixos-lib - #mkfs.ext4 /dev/mapper/nixos-download - #mkfs.ext4 /dev/mapper/nixos-borgbackup - #mount /dev/mapper/nixos-root /mnt - #mkdir /mnt/boot - #mount /dev/sda2 /mnt/boot - #mkdir -p /mnt/var/src - #touch /mnt/var/src/.populate - -} diff --git a/makefu/1systems/gum/hetznercloud/default.nix b/makefu/1systems/gum/hetznercloud/default.nix deleted file mode 100644 index cfcd894af..000000000 --- a/makefu/1systems/gum/hetznercloud/default.nix +++ /dev/null @@ -1,50 +0,0 @@ -{ config, lib, pkgs, modulesPath, ... }: -{ - - imports = - [ ./network.nix - (modulesPath + "/profiles/qemu-guest.nix") - ]; - - # Disk - boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sd_mod" "sr_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { device = "rpool/root"; - fsType = "zfs"; - }; - - fileSystems."/home" = - { device = "rpool/home"; - fsType = "zfs"; - }; - - fileSystems."/nix" = - { device = "rpool/nix"; - fsType = "zfs"; - }; - - fileSystems."/boot" = - { device = "/dev/sda1"; - fsType = "vfat"; - }; - - swapDevices = [ ]; - boot.loader.grub.device = "/dev/sda"; - - networking.hostId = "3150697b"; # required for zfs use - boot.tmpOnTmpfs = true; - boot.supportedFilesystems = [ "zfs" ]; - - boot.loader.grub.enable = true; - boot.loader.grub.version = 2; - boot.loader.grub.copyKernels = true; - boot.zfs.devNodes = "/dev"; # fixes some virtualmachine issues - boot.kernelParams = [ - "boot.shell_on_fail" - "panic=30" "boot.panic_on_fail" # reboot the machine upon fatal boot issues - ]; -} diff --git a/makefu/1systems/gum/hetznercloud/doit b/makefu/1systems/gum/hetznercloud/doit deleted file mode 100644 index 45798587a..000000000 --- a/makefu/1systems/gum/hetznercloud/doit +++ /dev/null @@ -1,13 +0,0 @@ -ROOT_DEVICE=/dev/sda2 -NIXOS_BOOT=/dev/sda1 - -zpool create -o ashift=12 -o altroot=/mnt rpool $ROOT_DEVICE -zfs create -o mountpoint=legacy rpool/root -zfs create -o mountpoint=legacy rpool/home -zfs create -o mountpoint=legacy rpool/nix -mount -t zfs rpool/root /mnt -mkdir /mnt/{home,nix,boot} -mount -t zfs rpool/home /mnt/home -mount -t zfs rpool/nix /mnt/nix -mount $NIXOS_BOOT /mnt/boot/ - diff --git a/makefu/1systems/gum/hetznercloud/network.nix b/makefu/1systems/gum/hetznercloud/network.nix deleted file mode 100644 index 5159cf570..000000000 --- a/makefu/1systems/gum/hetznercloud/network.nix +++ /dev/null @@ -1,36 +0,0 @@ -{ config, lib, pkgs, modulesPath, ... }: -let - external-mac = "96:00:01:24:33:f4"; - external-gw = "172.31.1.1"; - external-ip = "142.132.189.140"; - external-ip6 = "2a01:4f8:1c17:5cdf::2"; - external-gw6 = "fe80::1"; - external-netmask = 32; - external-netmask6 = 64; - internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; - ext-if = "et0"; # gets renamed on the fly -in -{ - makefu.server.primary-itf = ext-if; - services.udev.extraRules = '' - SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="${ext-if}" - ''; - networking = { - enableIPv6 = true; - nat.enableIPv6 = true; - interfaces."${ext-if}" = { - useDHCP = true; - ipv6.addresses = [{ - address = external-ip6; - prefixLength = external-netmask6; - }]; - }; - #ipv4.addresses = [{ - # address = external-ip; - # prefixLength = external-netmask; - #}]; - defaultGateway6 = { address = external-gw6; interface = ext-if; }; - #defaultGateway = external-gw; - nameservers = [ "1.1.1.1" ]; - }; -} diff --git a/makefu/1systems/gum/hetznercloud/sfdisk.part b/makefu/1systems/gum/hetznercloud/sfdisk.part deleted file mode 100644 index fb375b15a..000000000 --- a/makefu/1systems/gum/hetznercloud/sfdisk.part +++ /dev/null @@ -1,6 +0,0 @@ -label: gpt -device: /dev/sda -unit: sectors -1 : size=524288 type=0FC63DAF-8483-4772-8E79-3D69D8477DE4 -4 : size=4096 type=21686148-6449-6E6F-744E-656564454649 -2 : type=0FC63DAF-8483-4772-8E79-3D69D8477DE4 diff --git a/makefu/1systems/gum/rescue.txt b/makefu/1systems/gum/rescue.txt deleted file mode 100644 index 0a3ed96ee..000000000 --- a/makefu/1systems/gum/rescue.txt +++ /dev/null @@ -1,15 +0,0 @@ -ssh gum.i -o StrictHostKeyChecking=no - -mount /dev/mapper/nixos-root /mnt -mount /dev/sda2 /mnt/boot - -chroot-prepare /mnt -chroot /mnt /bin/sh - - -journalctl -D /mnt/var/log/journal --since today # find the active system (or check grub) -# ... activating ... - -export PATH=/nix/store/9incs5sfn7n1vh1lavgp95v761nh11w3-nixos-system-nextgum-18.03pre-git/sw/bin -/nix/store/9incs5sfn7n1vh1lavgp95v761nh11w3-nixos-system-nextgum-18.03pre-git/activate -/nix/store/9incs5sfn7n1vh1lavgp95v761nh11w3-nixos-system-nextgum-18.03pre-git/sw/bin/nixos-rebuild diff --git a/makefu/1systems/gum/source.nix b/makefu/1systems/gum/source.nix deleted file mode 100644 index 43586ede4..000000000 --- a/makefu/1systems/gum/source.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ - name="gum"; - torrent = true; - clever_kexec = true; - home-manager = true; -} diff --git a/makefu/1systems/hardware/tsp-disk.json b/makefu/1systems/hardware/tsp-disk.json deleted file mode 100644 index 5a4bd26ab..000000000 --- a/makefu/1systems/hardware/tsp-disk.json +++ /dev/null @@ -1,23 +0,0 @@ -{ - "type": "devices", - "content": { - "sda": { - "type": "table", - "format": "msdos", - "partitions": [ - { "type": "partition", - "part-type": "primary", - "start": "1M", - "end": "100%", - "bootable": true, - "content": { - "type": "filesystem", - "format": "ext4", - "mountpoint": "/" - } - } - ] - } - } -} - diff --git a/makefu/1systems/iso/config.nix b/makefu/1systems/iso/config.nix deleted file mode 100644 index 207121236..000000000 --- a/makefu/1systems/iso/config.nix +++ /dev/null @@ -1,72 +0,0 @@ -{ config, pkgs, lib, ... }: - -with import ; -{ - imports = [ - # - - - # - ./justdoit.nix - { - environment.systemPackages = [ (pkgs.writeScriptBin "network-setup" '' - #!/bin/sh - ip addr add 178.254.30.202/255.255.252.0 dev ens3 - ip route add default via 178.254.28.1 - echo nameserver 1.1.1.1 > /etc/resolv.conf - '')]; - kexec.justdoit = { - bootSize = 512; - rootDevice = "/dev/vda"; - bootType = "vfat"; - luksEncrypt = false; - uefi = false; - }; - } - ]; - # boot.kernelPackages = lib.mkDefault pkgs.linuxPackages_latest; - # TODO: NIX_PATH and nix.nixPath are being set by default.nix right now - # cd ~/stockholm ; nix-build -A config.system.build.isoImage -I nixos-config=makefu/1systems/iso/config.nix -I secrets=/home/makefu/secrets/iso /var/src/nixpkgs/nixos - #krebs.build.host = { cores = 0; }; - isoImage.isoBaseName = lib.mkForce "stockholm"; - #krebs.hidden-ssh.enable = true; - # environment.systemPackages = with pkgs; [ - # aria2 - # ddrescue - # ]; - environment.extraInit = '' - EDITOR=vim - ''; - # iso-specific - services.openssh = { - enable = true; - hostKeys = [ - { bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; } - ]; - }; - # enable ssh in the iso boot process - systemd.services.sshd.wantedBy = lib.mkForce [ "multi-user.target" ]; - # hack `tee` behavior - nixpkgs.config.packageOverrides = super: { - irc-announce = super.callPackage { - pkgs = pkgs // { - coreutils = pkgs.symlinkJoin { - name = "coreutils-hack"; - paths = [ - pkgs.coreutils - (pkgs.writeDashBin "tee" '' - if test "$1" = /dev/stderr; then - while read -r line; do - echo "$line" - echo "$line" >&2 - done - else - ${super.coreutils}/bin/tee "$@" - fi - '') - ]; - }; - }; - }; - }; -} diff --git a/makefu/1systems/iso/justdoit.nix b/makefu/1systems/iso/justdoit.nix deleted file mode 100644 index 0ce90494b..000000000 --- a/makefu/1systems/iso/justdoit.nix +++ /dev/null @@ -1,120 +0,0 @@ -{ config, pkgs, lib, ... }: - -with lib; -let - cfg = config.kexec.justdoit; - x = if cfg.nvme then "p" else ""; -in { - options = { - kexec.justdoit = { - rootDevice = mkOption { - type = types.str; - default = "/dev/sda"; - description = "the root block device that justdoit will nuke from orbit and force nixos onto"; - }; - bootSize = mkOption { - type = types.int; - default = 256; - description = "size of /boot in mb"; - }; - bootType = mkOption { - type = types.enum [ "ext4" "vfat" "zfs" ]; - default = "ext4"; - }; - swapSize = mkOption { - type = types.int; - default = 1024; - description = "size of swap in mb"; - }; - poolName = mkOption { - type = types.str; - default = "tank"; - description = "zfs pool name"; - }; - luksEncrypt = mkOption { - type = types.bool; - default = false; - description = "encrypt all of zfs and swap"; - }; - uefi = mkOption { - type = types.bool; - default = false; - description = "create a uefi install"; - }; - nvme = mkOption { - type = types.bool; - default = false; - description = "rootDevice is nvme"; - }; - }; - }; - config = let - mkBootTable = { - ext4 = "mkfs.ext4 $NIXOS_BOOT -L NIXOS_BOOT"; - vfat = "mkfs.vfat $NIXOS_BOOT -n NIXOS_BOOT"; - zfs = ""; - }; - in lib.mkIf true { - system.build.justdoit = pkgs.writeScriptBin "justdoit" '' - #!${pkgs.stdenv.shell} - set -e - vgchange -a n - wipefs -a ${cfg.rootDevice} - dd if=/dev/zero of=${cfg.rootDevice} bs=512 count=10000 - sfdisk ${cfg.rootDevice} < /mnt/etc/nixos/generated.nix < /etc/resolv.conf - '')]; - - # minimal - boot.supportedFilesystems = [ "zfs" ]; - programs.command-not-found.enable = false; - time.timeZone = "Europe/Berlin"; - programs.ssh.startAgent = false; - nix.useSandbox = true; - users.mutableUsers = false; - networking.firewall.rejectPackets = true; - networking.firewall.allowPing = true; - services.openssh.enable = true; - i18n = { - consoleKeyMap = "us"; - defaultLocale = "en_US.UTF-8"; - }; - boot.kernel.sysctl = { - "net.ipv6.conf.all.use_tempaddr" = lib.mkDefault "2"; - "net.ipv6.conf.default.use_tempaddr" = lib.mkDefault "2"; - }; -} diff --git a/makefu/1systems/kexec/config.nix b/makefu/1systems/kexec/config.nix deleted file mode 100644 index 5bf19f978..000000000 --- a/makefu/1systems/kexec/config.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ config, pkgs, lib, ... }: - -with import ; -{ - imports = [ - - # - - - ]; - # cd ~/stockholm ; nix-build '' -A config.system.build.kexec_tarball -j 4 -I nixos-config=makefu/1systems/iso.nix -I secrets=/home/makefu/secrets/iso - - krebs.build.host = config.krebs.hosts.iso; - krebs.hidden-ssh.enable = true; - environment.extraInit = '' - EDITOR=vim - ''; - services.openssh = { - enable = true; - hostKeys = [ - { bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; } - ]; - }; - systemd.services.sshd.wantedBy = lib.mkForce [ "multi-user.target" ]; -} diff --git a/makefu/1systems/kexec/source.nix b/makefu/1systems/kexec/source.nix deleted file mode 100644 index 6bef8ada9..000000000 --- a/makefu/1systems/kexec/source.nix +++ /dev/null @@ -1,3 +0,0 @@ -{ - name="iso"; -} diff --git a/makefu/1systems/latte/1blu/default.nix b/makefu/1systems/latte/1blu/default.nix deleted file mode 100644 index 50cd9204d..000000000 --- a/makefu/1systems/latte/1blu/default.nix +++ /dev/null @@ -1,50 +0,0 @@ -{ config, lib, pkgs, modulesPath, ... }: -{ - - imports = - [ ./network.nix - (modulesPath + "/profiles/qemu-guest.nix") - ]; - - # Disk - boot.initrd.availableKernelModules = [ "ata_piix" "virtio_pci" "virtio_scsi" "xhci_pci" "sr_mod" "virtio_blk" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { device = "tank/root"; - fsType = "zfs"; - }; - - fileSystems."/home" = - { device = "tank/home"; - fsType = "zfs"; - }; - - fileSystems."/nix" = - { device = "tank/nix"; - fsType = "zfs"; - }; - - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/AEF3-A486"; - fsType = "vfat"; - }; - - swapDevices = [ ]; - boot.loader.grub.device = "/dev/vda"; - - networking.hostId = "3150697c"; # required for zfs use - boot.tmpOnTmpfs = true; - boot.supportedFilesystems = [ "zfs" ]; - - boot.loader.grub.enable = true; - boot.loader.grub.version = 2; - boot.loader.grub.copyKernels = true; - boot.zfs.devNodes = "/dev"; # fixes some virtualmachine issues - boot.kernelParams = [ - "boot.shell_on_fail" - "panic=30" "boot.panic_on_fail" # reboot the machine upon fatal boot issues - ]; -} diff --git a/makefu/1systems/latte/1blu/network.nix b/makefu/1systems/latte/1blu/network.nix deleted file mode 100644 index 0a0eac972..000000000 --- a/makefu/1systems/latte/1blu/network.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ config, lib, pkgs, modulesPath, ... }: -let - external-mac = "c4:37:72:55:4e:1c"; - external-gw = "178.254.28.1"; - external-ip = "178.254.30.202"; - external-ip6 = "2a00:6800:3:18c::2"; - external-gw6 = "2a00:6800:3::1"; - external-netmask = 22; - external-netmask6 = 64; - internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; - ext-if = "et0"; # gets renamed on the fly -in -{ - services.udev.extraRules = '' - SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="${ext-if}" - ''; - networking = { - interfaces."${ext-if}" = { - ipv4.addresses = [{ - address = external-ip; - prefixLength = external-netmask; - }]; - ipv6.addresses = [{ - address = external-ip6; - prefixLength = external-netmask6; - }]; - }; - defaultGateway6 = { address = external-gw6; interface = ext-if; }; - defaultGateway = external-gw; - nameservers = [ "1.1.1.1" ]; - }; -} diff --git a/makefu/1systems/latte/config.nix b/makefu/1systems/latte/config.nix deleted file mode 100644 index 9a242a41b..000000000 --- a/makefu/1systems/latte/config.nix +++ /dev/null @@ -1,67 +0,0 @@ -{ config, lib, pkgs, ... }: -let - - # external-ip = config.krebs.build.host.nets.internet.ip4.addr; - # internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; - # default-gw = "185.215.224.1"; - # prefixLength = 24; - # external-mac = "46:5b:fc:f4:44:c9"; - # ext-if = "et0"; -in { - - imports = [ - ./1blu - - - # common - - - - - # Security - - - # Tools - - - - # NixOS Build - - - # Storage - - # - - - # torrent is managed by gum - # - - ## Web - - # local usage: - - - - # Supervision - - - # Krebs - - - # backup - - - # migrated: - # - - - ]; - krebs = { - enable = true; - build.host = config.krebs.hosts.latte; - }; - - makefu.dl-dir = "/media/cloud/download"; - networking.firewall.allowedTCPPorts = [ 80 443 ]; - -} diff --git a/makefu/1systems/latte/source.nix b/makefu/1systems/latte/source.nix deleted file mode 100644 index 41abecf36..000000000 --- a/makefu/1systems/latte/source.nix +++ /dev/null @@ -1,5 +0,0 @@ -{ - name = "latte"; - torrent = true; - home-manager = true; -} diff --git a/makefu/1systems/minicake/config.nix b/makefu/1systems/minicake/config.nix deleted file mode 100644 index fe66679ad..000000000 --- a/makefu/1systems/minicake/config.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ config,nixpkgsPath, pkgs, lib, ... }: -{ - krebs = { - enable = true; - - dns.providers.lan = "hosts"; - build.user = config.krebs.users.makefu; - }; - imports = [ - (nixpkgsPath + "/nixos/modules/profiles/minimal.nix") - (nixpkgsPath + "/nixos/modules/profiles/installation-device.nix") - ]; - - # cifs-utils fails to cross-compile - # Let's simplify this by removing all unneeded filesystems from the image. - boot.supportedFilesystems = lib.mkForce [ "vfat" ]; - - boot.kernelPackages = lib.mkDefault pkgs.linuxPackages_latest; - - - users.users = { - root = { - openssh.authorizedKeys.keys = [ config.krebs.users.makefu.pubkey ]; - }; - }; - services.openssh.enable = true; -} diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix deleted file mode 100644 index 224e170dd..000000000 --- a/makefu/1systems/omo/config.nix +++ /dev/null @@ -1,194 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, pkgs, lib, ... }: -let - primaryInterface = config.makefu.server.primary-itf; -in { - imports = - [ - ./hw/omo.nix - #./hw/tsp.nix - - - - - # x11 forwarding - { - services.openssh.forwardX11 = true; - users.users.makefu.packages = [ - pkgs.tinymediamanager - ]; - } - { environment.systemPackages = [ pkgs.youtube-dl2kodi pkgs.youtube-dl]; } - - - - - - - # - - - - - { makefu.backup.server.repo = "/media/cryptX/backup/borg"; } - - - # - - - - - - - - # - # - - - # - - - - - - - - # - #{ krebs.airdcpp.dcpp.shares = let - # d = path: "/media/cryptX/${path}"; - # in { - # emu.path = d "emu"; - # audiobooks.path = lib.mkForce (d "audiobooks"); - # incoming.path = lib.mkForce (d "torrent"); - # anime.path = d "anime"; - # }; - # krebs.airdcpp.dcpp.DownloadDirectory = "/media/cryptX/torrent/dcpp"; - #} - { - # copy config from to /var/lib/sabnzbd/ - #services.sabnzbd.enable = true; - #systemd.services.sabnzbd.environment.SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; - } - # - - - # statistics - # - # Logging - #influx + grafana - - # - # logs to influx - - - # - - - - # services - { - services.nginx.enable = true; - networking.firewall.allowedTCPPorts = [ 80 8123 ]; - } - # - - # TODO: - - - - - - - # - - # - # - - - { - makefu.ps3netsrv = { - enable = true; - servedir = "/media/cryptX/emu/ps3"; - }; - users.users.makefu.packages = [ pkgs.pkgrename ]; - } - - - { - hardware.pulseaudio.systemWide = true; - makefu.mpd.musicDirectory = "/media/cryptX/music"; - } - - # security - - # - - # - { - #krebs.rtorrent = { - # downloadDir = lib.mkForce "/media/cryptX/torrent"; - # extraConfig = '' - # upload_rate = 500 - # ''; - #}; - } - - # - # - # - - ## as long as pyload is not in nixpkgs: - # docker run -d -v /var/lib/pyload:/opt/pyload/pyload-config -v /media/crypt0/pyload:/opt/pyload/Downloads --name pyload --restart=always -p 8112:8000 -P writl/pyload - - # Temporary: - # - - - ]; - makefu.full-populate = true; - nixpkgs.config.allowUnfree = true; - users.users.share.isNormalUser = true; - users.groups.share = { - gid = (import ).genid "share"; - members = [ "makefu" "misa" ]; - }; - networking.firewall.trustedInterfaces = [ primaryInterface "docker0" ]; - - - - users.users.misa = { - uid = 9002; - name = "misa"; - isNormalUser = true; - }; - - zramSwap.enable = true; - - #krebs.Reaktor.reaktor-shack = { - # nickname = "Reaktor|shack"; - # workdir = "/var/lib/Reaktor/shack"; - # channels = [ "#shackspace" ]; - # plugins = with pkgs.ReaktorPlugins; - # [ shack-correct - # # stockholm-issue - # sed-plugin - # random-emoji ]; - #}; - #krebs.Reaktor.reaktor-bgt = { - # nickname = "Reaktor|bgt"; - # workdir = "/var/lib/Reaktor/bgt"; - # channels = [ "#binaergewitter" ]; - # plugins = with pkgs.ReaktorPlugins; - # [ titlebot - # # stockholm-issue - # nixos-version - # shack-correct - # sed-plugin - # random-emoji ]; - #}; - - krebs.build.host = config.krebs.hosts.omo; -} diff --git a/makefu/1systems/omo/hw/omo.nix b/makefu/1systems/omo/hw/omo.nix deleted file mode 100644 index eaedbb779..000000000 --- a/makefu/1systems/omo/hw/omo.nix +++ /dev/null @@ -1,126 +0,0 @@ -{ config, pkgs, lib, ... }: -let - toMapper = id: "/media/crypt${builtins.toString id}"; - byid = dev: "/dev/disk/by-id/" + dev; - keyFile = byid "usb-Verbatim_STORE_N_GO_070B3CEE0B223954-0:0"; - rootDisk = byid "ata-SanDisk_SD8SNAT128G1122_162099420904"; - rootPartition = byid "ata-SanDisk_SD8SNAT128G1122_162099420904-part2"; - primaryInterface = "enp2s0"; - # cryptsetup luksFormat $dev --cipher aes-xts-plain64 -s 512 -h sha512 - # cryptsetup luksAddKey $dev tmpkey - # cryptsetup luksOpen $dev crypt0 --key-file tmpkey --keyfile-size=4096 - # mkfs.xfs /dev/mapper/crypt0 -L crypt0 - - # omo Chassis: - # __FRONT_ - # |* d0 | - # | | - # |* d1 | - # | | - # |* d3 | - # | | - # |* | - # |* d2 | - # | * | - # | * | - # |_______| - # cryptDisk0 = byid "ata-ST2000DM001-1CH164_Z240XTT6"; - cryptDisk0 = byid "ata-ST8000DM004-2CX188_ZCT01PLV"; - cryptDisk1 = byid "ata-WDC_WD80EZAZ-11TDBA0_7SJPVLYW"; - cryptDisk3 = byid "ata-ST8000DM004-2CX188_ZCT01SG4"; - cryptDisk2 = byid "ata-WDC_WD80EZAZ-11TDBA0_7SJPWT5W"; - - # cryptDisk3 = byid "ata-WDC_WD20EARS-00MVWB0_WD-WMAZA1786907"; - # all physical disks - - # TODO callPackage ../3modules/MonitorDisks { disks = allDisks } - dataDisks = [ cryptDisk0 cryptDisk1 cryptDisk2 cryptDisk3 ]; - allDisks = [ rootDisk ] ++ dataDisks; -in { - imports = - [ # TODO: unlock home partition via ssh - ./vaapi.nix - ]; - - makefu.server.primary-itf = primaryInterface; - system.activationScripts.createCryptFolders = '' - ${lib.concatMapStringsSep "\n" - (d: "install -m 755 -d " + (toMapper d) ) - [ 0 1 2 "X" ]} - ''; - - makefu.snapraid = { - enable = true; - disks = map toMapper [ 0 1 3 ]; - parity = toMapper 2; # find -name PARITY_PARTITION - extraConfig = '' - exclude /lib/storj/ - exclude /.bitcoin/blocks/ - ''; - }; - fileSystems = let - cryptMount = name: - { "/media/${name}" = { - device = "/dev/mapper/${name}"; fsType = "xfs"; - options = [ "nofail" ]; - };}; - in cryptMount "crypt0" - // cryptMount "crypt1" - // cryptMount "crypt2" - // cryptMount "crypt3" - // { "/media/cryptX" = { - device = (lib.concatMapStringsSep ":" (d: (toMapper d)) [ 0 1 2 3 ]); - fsType = "mergerfs"; - noCheck = true; - options = [ "defaults" "allow_other" "nofail" "nonempty" ]; - }; - }; - - powerManagement.powerUpCommands = lib.concatStrings (map (disk: '' - ${pkgs.hdparm}/sbin/hdparm -S 100 ${disk} - ${pkgs.hdparm}/sbin/hdparm -B 127 ${disk} - ${pkgs.hdparm}/sbin/hdparm -y ${disk} - '') allDisks); - - # crypto unlocking - boot = { - initrd.luks = { - devices = let - usbkey = device: { - inherit device keyFile; - keyFileSize = 4096; - allowDiscards = true; - }; - in - { - luksroot = usbkey rootPartition; - crypt0 = usbkey cryptDisk0; - crypt1 = usbkey cryptDisk1; - crypt2 = usbkey cryptDisk2; - crypt3 = usbkey cryptDisk3; - }; - }; - loader.grub.device = lib.mkForce rootDisk; - - initrd.availableKernelModules = [ - "ahci" - "ohci_pci" - "ehci_pci" - "pata_atiixp" - "firewire_ohci" - "usb_storage" - "usbhid" - "raid456" - "megaraid_sas" - ]; - - kernelModules = [ "kvm-intel" ]; - extraModulePackages = [ ]; - }; - environment.systemPackages = with pkgs;[ - mergerfs # hard requirement for mount - ]; - hardware.enableRedistributableFirmware = true; - hardware.cpu.intel.updateMicrocode = true; -} - diff --git a/makefu/1systems/omo/hw/tsp-tools.nix b/makefu/1systems/omo/hw/tsp-tools.nix deleted file mode 100644 index 6579edd9d..000000000 --- a/makefu/1systems/omo/hw/tsp-tools.nix +++ /dev/null @@ -1,11 +0,0 @@ -let - disko = import (builtins.fetchGit { - url = https://cgit.lassul.us/disko/; - rev = "9c9b62e15e4ac11d4379e66b974f1389daf939fe"; - }); - - cfg = builtins.fromJSON (builtins.readFile ../../hardware/tsp-disk.json); -in '' -${disko.create cfg} -${disko.mount cfg} -'' diff --git a/makefu/1systems/omo/hw/tsp.nix b/makefu/1systems/omo/hw/tsp.nix deleted file mode 100644 index a289fadce..000000000 --- a/makefu/1systems/omo/hw/tsp.nix +++ /dev/null @@ -1,41 +0,0 @@ -{ pkgs, ... }: -with builtins; -let - disko = import (builtins.fetchGit { - url = https://cgit.lassul.us/disko/; - rev = "9c9b62e15e4ac11d4379e66b974f1389daf939fe"; - }); - cfg = fromJSON (readFile ../../hardware/tsp-disk.json); - # primaryInterface = "enp1s0"; - primaryInterface = "wlp2s0"; - rootDisk = "/dev/sda"; # TODO same as disko uses -in { - imports = [ - (disko.config cfg) - ]; - makefu.server.primary-itf = primaryInterface; - boot = { - loader.grub.device = rootDisk; - - initrd.availableKernelModules = [ - "ahci" - "ohci_pci" - "ehci_pci" - "pata_atiixp" - "firewire_ohci" - "usb_storage" - "usbhid" - ]; - - kernelModules = [ "kvm-intel" ]; - }; - networking.wireless.enable = true; - hardware.enableRedistributableFirmware = true; - hardware.cpu.intel.updateMicrocode = true; - services.logind.lidSwitch = "ignore"; - services.logind.lidSwitchDocked = "ignore"; - services.logind.extraConfig = '' - HandleSuspendKey = ignore - ''; - powerManagement.enable = false; -} diff --git a/makefu/1systems/omo/hw/vaapi.nix b/makefu/1systems/omo/hw/vaapi.nix deleted file mode 100644 index 8250d4110..000000000 --- a/makefu/1systems/omo/hw/vaapi.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ pkgs, ... }: -{ - nixpkgs.config.packageOverrides = pkgs: { - vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; }; - }; - hardware.opengl = { - enable = true; - extraPackages = with pkgs; [ - intel-media-driver # LIBVA_DRIVER_NAME=iHD - vaapiIntel # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium) - vaapiVdpau - libvdpau-va-gl - ]; - }; - hardware.opengl.extraPackages32 = with pkgs.pkgsi686Linux; [ vaapiIntel ]; - environment.systemPackages = [ pkgs.libva-utils ]; -} diff --git a/makefu/1systems/omo/source.nix b/makefu/1systems/omo/source.nix deleted file mode 100644 index b56e855fc..000000000 --- a/makefu/1systems/omo/source.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ - name="omo"; - torrent = true; - unstable = true; - home-manager = true; -} diff --git a/makefu/1systems/pnp/config.nix b/makefu/1systems/pnp/config.nix deleted file mode 100644 index 6c9fc0606..000000000 --- a/makefu/1systems/pnp/config.nix +++ /dev/null @@ -1,50 +0,0 @@ -# Usage: -# NIX_PATH=secrets=/home/makefu/secrets/wry:nixpkgs=/var/src/nixpkgs nix-build -A users.makefu.pnp.config.system.build.vm -# result/bin/run-pnp-vm -virtfs local,path=/home/makefu/secrets/pnp,security_model=none,mount_tag=secrets -{ config, pkgs, ... }: - -{ - imports = - [ - - - - # these will be overwritten by qemu-vm.nix but will be used if the system - # is directly deployed - - - - - - # config.system.build.vm - (toString ) - ]; - - virtualisation.graphics = false; - # also export secrets, see Usage above - fileSystems = pkgs.lib.mkVMOverride { - "${builtins.toString }" = - { device = "secrets"; - fsType = "9p"; - options = [ "trans=virtio" "version=9p2000.L" "cache=loose" ]; - neededForBoot = true; - }; - }; - - krebs.Reaktor.debug = { - debug = true; - extraEnviron = { - # TODO: remove hard-coded server - REAKTOR_HOST = "irc.r"; - }; - plugins = with pkgs.ReaktorPlugins; [ stockholm-issue nixos-version sed-plugin ]; - channels = [ "#xxx" ]; - }; - - krebs.build.host = config.krebs.hosts.pnp; - - networking.firewall.allowedTCPPorts = [ - 25 - ]; - -} diff --git a/makefu/1systems/pnp/source.nix b/makefu/1systems/pnp/source.nix deleted file mode 100644 index 02f7d0ab6..000000000 --- a/makefu/1systems/pnp/source.nix +++ /dev/null @@ -1,3 +0,0 @@ -{ - name="pnp"; -} diff --git a/makefu/1systems/repunit/config.nix b/makefu/1systems/repunit/config.nix deleted file mode 100644 index 5589cc0a2..000000000 --- a/makefu/1systems/repunit/config.nix +++ /dev/null @@ -1,40 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, pkgs, ... }: - -{ - imports = - [ # Include the results of the hardware scan. - - - - - ]; - krebs.build.host = config.krebs.hosts.repunit; - - boot.loader.grub.enable = true; - boot.loader.grub.version = 2; - boot.loader.grub.device = "/dev/vda"; - - boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "ehci_pci" "virtio_pci" "virtio_blk" ]; - boot.kernelModules = [ ]; - boot.extraModulePackages = [ ]; - hardware.enableRedistributableFirmware = true; - hardware.cpu.amd.updateMicrocode = true; - -# networking.firewall is enabled by default - networking.firewall.allowedTCPPorts = [ 80 ]; - networking.firewall.allowPing = true; - - fileSystems."/" = - { device = "/dev/disk/by-label/nixos"; - fsType = "ext4"; - }; - -# $ nix-env -qaP | grep wget - environment.systemPackages = with pkgs; [ - jq - ]; -} diff --git a/makefu/1systems/repunit/source.nix b/makefu/1systems/repunit/source.nix deleted file mode 100644 index 20d3cd1cb..000000000 --- a/makefu/1systems/repunit/source.nix +++ /dev/null @@ -1,3 +0,0 @@ -{ - name="repunit"; -} diff --git a/makefu/1systems/sdcard/config.nix b/makefu/1systems/sdcard/config.nix deleted file mode 100644 index 4e3c22a30..000000000 --- a/makefu/1systems/sdcard/config.nix +++ /dev/null @@ -1,40 +0,0 @@ -{ config, pkgs, lib, ... }: -let - kernel = pkgs.callPackage ./kernel.nix { - kernelPatches = with pkgs.kernelPatches; [ - # kernelPatches.bridge_stp_helper - # kernelPatches.modinst_arg_list_too_long - ]; - }; -in -{ - imports = [ - - # - ]; - # TODO: NIX_PATH and nix.nixPath are being set by default.nix right now - # cd ~/stockholm ; nix build config.system.build.sdImage -I nixos-config=makefu/1systems/sdcard/config.nix -f /home/makefu/nixpkgs/nixos - - boot.kernelParams = ["console=ttyS2,1500000" "earlycon=uart8250,mmio32,0xff1a0000"]; - # boot.kernelPackages = pkgs.linuxPackages_latest; - boot.kernelPackages = pkgs.linuxPackagesFor kernel; - boot.supportedFilesystems = lib.mkForce [ "vfat" "f2fs" "xfs" "ntfs" "cifs" ]; - - # krebs.hidden-ssh.enable = true; - environment.systemPackages = with pkgs; [ - aria2 - ddrescue - ]; - environment.extraInit = '' - EDITOR=vim - ''; - # iso-specific - services.openssh = { - enable = true; - hostKeys = [ - { bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; } - ]; - }; - # enable ssh in the iso boot process - systemd.services.sshd.wantedBy = lib.mkForce [ "multi-user.target" ]; -} diff --git a/makefu/1systems/sdcard/kernel.nix b/makefu/1systems/sdcard/kernel.nix deleted file mode 100644 index df5e7ada9..000000000 --- a/makefu/1systems/sdcard/kernel.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ fetchFromGitLab, buildLinux, ... } @ args: -buildLinux (args // rec { - version = "4.4.55"; - modDirVersion = "4.4.55"; - extraMeta.branch = "4.4"; - defconfig = "firefly_linux_defconfig"; - - src = fetchFromGitLab { - owner = "TeeFirefly"; - repo = "linux-kernel"; - rev = "firefly_0821_release"; - sha256 = "1fwj9cm5ysz286znrr3fyrhfn903m84i7py4rv3y3h9avxb3zl1r"; - }; - extraMeta.platforms = [ "aarch64-linux" ]; -} // (args.argsOverride or {})) diff --git a/makefu/1systems/sdcard/source.nix b/makefu/1systems/sdcard/source.nix deleted file mode 100644 index 6bef8ada9..000000000 --- a/makefu/1systems/sdcard/source.nix +++ /dev/null @@ -1,3 +0,0 @@ -{ - name="iso"; -} diff --git a/makefu/1systems/sdev/config.nix b/makefu/1systems/sdev/config.nix deleted file mode 100644 index d02c30342..000000000 --- a/makefu/1systems/sdev/config.nix +++ /dev/null @@ -1,54 +0,0 @@ -{ lib, config, pkgs, ... }: -{ - krebs.build.host = config.krebs.hosts.sdev; - makefu.awesome.modkey = "Mod1"; - imports = - [ # Include the results of the hardware scan. - - - - # # broken since 2019-04-18 - { # until virtualbox-image is fixed - imports = [ - - ]; - boot.loader.grub.device = lib.mkForce "/dev/sda"; - } - - # - - # environment - - - - ]; - # allow sdev to deploy self - users.extraUsers = { - root = { - openssh.authorizedKeys.keys = [ config.krebs.users.makefu-vbob.pubkey ]; - }; - }; - # corefonts - nixpkgs.config.allowUnfree = true; - - environment.systemPackages = with pkgs;[ - ppp xclip - get - passwdqc-utils - gnupg - populate - # 20.09: torbrowser is broken - #(pkgs.writeScriptBin "tor-browser" '' - # #! /bin/sh - # TOR_SKIP_LAUNCH=1 ${torbrowser}/bin/tor-browser - #'') - ]; - - networking.firewall.allowedTCPPorts = [ - 25 - 80 - 8010 - ]; - - -} diff --git a/makefu/1systems/sdev/source.nix b/makefu/1systems/sdev/source.nix deleted file mode 100644 index d6c3d2031..000000000 --- a/makefu/1systems/sdev/source.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ - name="sdev"; - home-manager = true; - hw = true; - mic92 = true; - unstable = true; -} diff --git a/makefu/1systems/shack-autoinstall/config.nix b/makefu/1systems/shack-autoinstall/config.nix deleted file mode 100644 index d53c411c0..000000000 --- a/makefu/1systems/shack-autoinstall/config.nix +++ /dev/null @@ -1,49 +0,0 @@ -{ config, pkgs, lib, ... }: - -with import ; -let - disk = "/dev/sda"; -in { - imports = [ - - - - - ]; - # TODO: NIX_PATH and nix.nixPath are being set by default.nix right now - # cd ~/stockholm ; nix-build -A config.system.build.isoImage -I nixos-config=makefu/1systems/iso.nix -I secrets=/home/makefu/secrets/iso /var/src/nixpkgs/nixos - krebs.build.host = config.krebs.hosts.iso; - krebs.hidden-ssh.enable = true; - - environment.extraInit = '' - EDITOR=vim - ''; - # iso-specific - boot.kernelParams = [ "copytoram" ]; - - - environment.systemPackages = [ - pkgs.parted - ( pkgs.writeScriptBin "shack-install" '' - #! /bin/sh - echo "go ahead and try NIX_PATH=/root/.nix-defexpr/channels/ nixos-install" - '') - ]; - - systemd.services.wpa_supplicant.wantedBy = lib.mkForce [ "multi-user.target" ]; - - networking.wireless = { - enable = true; - networks.shack.psk = "welcome2shack"; - }; - - - services.openssh = { - enable = true; - hostKeys = [ - { bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; } - ]; - }; - # enable ssh in the iso boot process - systemd.services.sshd.wantedBy = lib.mkForce [ "multi-user.target" ]; -} diff --git a/makefu/1systems/shack-autoinstall/grub-partition.sh b/makefu/1systems/shack-autoinstall/grub-partition.sh deleted file mode 100644 index c23c89799..000000000 --- a/makefu/1systems/shack-autoinstall/grub-partition.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/sh -set -euf -parted -s ${disk} mklabel msdos -parted -s ${disk} -- mkpart primary linux-swap 1M 4096M -parted -s ${disk} -- mkpart primary ext2 4096M 100% diff --git a/makefu/1systems/shack-autoinstall/shack-config.nix b/makefu/1systems/shack-autoinstall/shack-config.nix deleted file mode 100644 index 9fa54ae32..000000000 --- a/makefu/1systems/shack-autoinstall/shack-config.nix +++ /dev/null @@ -1,231 +0,0 @@ -{ config, pkgs, lib, ... }: - -{ - imports = [ - ./hardware-configuration.nix - # TODO: - ]; - - # shacks-specific - networking.wireless = { - enable = true; - networks.shack.psk = "181471eb97eb23f12c6871227bc4a7b13c8f6af56dcc0d0e8b71f4d7a510cb4e"; - }; - networking.hostName = "shackbook"; - - boot.tmpOnTmpfs = true; - - users.users.shack = { - createHome = true; - useDefaultShell = true; - home = "/home/shack"; - uid = 9001; - packages = with pkgs;[ - chromium - firefox - ]; - extraGroups = [ "audio" "wheel" ]; - hashedPassword = "$6$KIxlQTLEnKl7cwC$LrmbwZ64Mlm7zqUUZ0EObPJMES3C0mQ6Sw7ynTuXzUo7d9EWg/k5XCGkDHMFvL/Pz19Awcv0knHB1j3dHT6fh/" ; - }; - - environment.variables = let - ca-bundle = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; - in { - EDITOR = lib.mkForce "vim"; - CURL_CA_BUNDLE = ca-bundle; - GIT_SSL_CAINFO = ca-bundle; - SSL_CERT_FILE = ca-bundle; - }; - - services.printing = { - enable = true; - # TODO: shack-printer - }; - - - environment.systemPackages = with pkgs;[ - parted - ddrescue - tmux - jq git gnumake htop rxvt_unicode.terminfo - (pkgs.vim_configurable.customize { - name = "vim"; - vimrcConfig.customRC = '' - set nocompatible - syntax on - set list - set listchars=tab:▸\ - "set list listchars=tab:>-,trail:.,extends:> - - filetype off - filetype plugin indent on - - colorscheme darkblue - set background=dark - - set number - set relativenumber - set mouse=a - set ignorecase - set incsearch - set wildignore=*.o,*.obj,*.bak,*.exe,*.os - set textwidth=79 - set shiftwidth=2 - set expandtab - set softtabstop=2 - set shiftround - set smarttab - set tabstop=2 - set et - set autoindent - set backspace=indent,eol,start - - - inoremap - nnoremap - vnoremap - - nnoremap :UndotreeToggle - set undodir =~/.vim/undo - set undofile - "maximum number of changes that can be undone - set undolevels=1000000 - "maximum number lines to save for undo on a buffer reload - set undoreload=10000000 - - nnoremap :set invpaste paste? - set pastetoggle= - set showmode - - set showmatch - set matchtime=3 - set hlsearch - - autocmd ColorScheme * highlight ExtraWhitespace ctermbg=red guibg=red - - - " save on focus lost - au FocusLost * :wa - - autocmd BufRead *.json set filetype=json - au BufNewFile,BufRead *.mustache set syntax=mustache - - cnoremap SudoWrite w !sudo tee > /dev/null % - - " create Backup/tmp/undo dirs - set backupdir=~/.vim/backup - set directory=~/.vim/tmp - - function! InitBackupDir() - let l:parent = $HOME . '/.vim/' - let l:backup = l:parent . 'backup/' - let l:tmpdir = l:parent . 'tmp/' - let l:undodir= l:parent . 'undo/' - - - if !isdirectory(l:parent) - call mkdir(l:parent) - endif - if !isdirectory(l:backup) - call mkdir(l:backup) - endif - if !isdirectory(l:tmpdir) - call mkdir(l:tmpdir) - endif - if !isdirectory(l:undodir) - call mkdir(l:undodir) - endif - endfunction - call InitBackupDir() - - augroup Binary - " edit binaries in xxd-output, xxd is part of vim - au! - au BufReadPre *.bin let &bin=1 - au BufReadPost *.bin if &bin | %!xxd - au BufReadPost *.bin set ft=xxd | endif - au BufWritePre *.bin if &bin | %!xxd -r - au BufWritePre *.bin endif - au BufWritePost *.bin if &bin | %!xxd - au BufWritePost *.bin set nomod | endif - augroup END - ''; - vimrcConfig.vam.knownPlugins = pkgs.vimPlugins; - vimrcConfig.vam.pluginDictionaries = [ - { names = [ "undotree" ]; } - # vim-nix handles indentation better but does not perform sanity - { names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; } - ]; - }) - - ]; - programs.bash = { - enableCompletion = true; - interactiveShellInit = '' - HISTCONTROL='erasedups:ignorespace' - HISTSIZE=900001 - HISTFILESIZE=$HISTSIZE - shopt -s checkhash - shopt -s histappend histreedit histverify - shopt -s no_empty_cmd_completion - PS1='\[\e[1;32m\]\w\[\e[0m\] ' - ''; - }; - - services.journald.extraConfig = '' - SystemMaxUse=1G - RuntimeMaxUse=128M - ''; - nix = { - package = pkgs.nixUnstable; - optimise.automatic = true; - useSandbox = true; - gc.automatic = true; - }; - - system.autoUpgrade.enable = true; - - boot.loader.grub.enable = true; - boot.loader.grub.version = 2; - boot.loader.grub.device = "/dev/sda"; - fileSystems."/".options = [ "noatime" "nodiratime" "discard" ]; - - - # gui and stuff - i18n = { - consoleFont = "Lat2-Terminus16"; - consoleKeyMap = "us"; - defaultLocale = "en_US.UTF-8"; - }; - - fonts = { - enableFontDir = true; - enableGhostscriptFonts = true; - fonts = [ pkgs.terminus_font ]; - }; - - time.timeZone = "Europe/Berlin"; - services.timesyncd.enable = true; - - - # GUI - hardware.pulseaudio.enable = true; - services.xserver = { - enable = true; - displayManager.auto.enable = true; - displayManager.auto.user = "shack"; - - desktopManager.xfce.enable = true; - - layout = "us"; - xkbVariant = "altgr-intl"; - xkbOptions = "ctrl:nocaps, eurosign:e"; - }; - - services.openssh = { - enable = true; - hostKeys = [ - { bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; } - ]; - }; -} diff --git a/makefu/1systems/shack-autoinstall/source.nix b/makefu/1systems/shack-autoinstall/source.nix deleted file mode 100644 index 6bef8ada9..000000000 --- a/makefu/1systems/shack-autoinstall/source.nix +++ /dev/null @@ -1,3 +0,0 @@ -{ - name="iso"; -} diff --git a/makefu/1systems/shack-autoinstall/uefi-partition.sh b/makefu/1systems/shack-autoinstall/uefi-partition.sh deleted file mode 100644 index 4566b7dce..000000000 --- a/makefu/1systems/shack-autoinstall/uefi-partition.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -set -euf -p(){ - parted -s ${disk} -- $@ -} -p mklabel gpt -p mkpart primary fat32 1M 551M -p set 1 boot on -p mkpart primary linux-swap 51M 4647M -p mkpart primary ext2 4647M 100% -udevadm settle -mkfs.fat -nboot -F32 /dev/sda1 - -udevadm settle -mkswap ${disk}2 -L swap -swapon -L swap -mkfs.ext4 -L nixos ${disk}3 -mount LABEL=nixos /mnt -mkdir /mnt/boot -mount LABEL=boot /mnt/boot - -mkdir -p /mnt/etc/nixos -cp ${./shack-config.nix} /mnt/etc/nixos/configuration.nix -nixos-generate-config --root /mnt diff --git a/makefu/1systems/shoney/config.nix b/makefu/1systems/shoney/config.nix deleted file mode 100644 index 27d389b85..000000000 --- a/makefu/1systems/shoney/config.nix +++ /dev/null @@ -1,62 +0,0 @@ -{ config, pkgs, ... }: -let - tinc-siem-ip = "10.8.10.1"; - - ip = "64.137.234.215"; - alt-ip = "64.137.234.210"; # honeydrive honeyd - extra-ip1 = "64.137.234.114"; # floating tinc.siem - extra-ip2 = "64.137.234.232"; # honeydrive - gw = "64.137.234.1"; -in { - imports = [ - - - - - - ]; - - - krebs = { - enable = true; - build.host = config.krebs.hosts.shoney; - tinc_graphs = { - enable = true; - network = "siem"; - hostsPath = "/etc/tinc/siem/hosts"; - nginx = { - enable = true; - # TODO: remove hard-coded hostname - anonymous-domain = "localhost.localdomain"; - anonymous.extraConfig = "return 403;"; - complete = { - serverAliases = [ "graph.siem" ]; - extraConfig = '' - if ( $server_addr = "${ip}" ) { - return 403; - } - ''; - }; - }; - }; - }; - makefu.forward-journal = { - enable = true; - src = "10.8.10.1"; - dst = "10.8.10.6"; - }; - networking = { - interfaces.enp2s1.ipv4.addresses = [ - { address = ip; prefixLength = 24; } - # { address = alt-ip; prefixLength = 24; } - ]; - - defaultGateway = gw; - nameservers = [ "8.8.8.8" ]; - firewall = { - trustedInterfaces = [ "tinc.siem" ]; - allowedUDPPorts = [ 655 1655 ]; - allowedTCPPorts = [ 655 1655 ]; - }; - }; -} diff --git a/makefu/1systems/shoney/source.nix b/makefu/1systems/shoney/source.nix deleted file mode 100644 index 3616716f9..000000000 --- a/makefu/1systems/shoney/source.nix +++ /dev/null @@ -1,3 +0,0 @@ -{ - name="shoney"; -} diff --git a/makefu/1systems/snake/config.nix b/makefu/1systems/snake/config.nix deleted file mode 100644 index 69e347d71..000000000 --- a/makefu/1systems/snake/config.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ config, lib, pkgs, ... }: -let - primaryInterface = "eth0"; -in { - imports = [ - - ./hardware-config.nix - - - - - - # - ]; - krebs = { - enable = true; - tinc.retiolum.enable = true; - build.host = config.krebs.hosts.snake; - }; - # ensure disk usage is limited - services.journald.extraConfig = "Storage=volatile"; - networking.firewall.trustedInterfaces = [ primaryInterface ]; - documentation.info.enable = false; - documentation.man.enable = false; - documentation.nixos.enable = false; -} diff --git a/makefu/1systems/snake/disk.nix b/makefu/1systems/snake/disk.nix deleted file mode 100644 index f9e14844f..000000000 --- a/makefu/1systems/snake/disk.nix +++ /dev/null @@ -1,64 +0,0 @@ -{ disks ? [ "/dev/sda" ], ... }: { - disk = { - x = { - type = "disk"; - device = "/dev/sda"; - content = { - type = "table"; - format = "gpt"; - partitions = [ - { - name = "boot"; - type = "partition"; - start = "0"; - end = "1M"; - part-type = "primary"; - flags = ["bios_grub"]; - } - { - type = "partition"; - name = "ESP"; - start = "1M"; - end = "512MiB"; - fs-type = "fat32"; - bootable = true; - content = { - type = "filesystem"; - format = "vfat"; - mountpoint = "/boot"; - }; - } - { - type = "partition"; - name = "zfs"; - start = "512MiB"; - end = "100%"; - content = { - type = "zfs"; - pool = "zroot"; - }; - } - ]; - }; - }; - }; - zpool = { - zroot = { - type = "zpool"; - rootFsOptions.compression = "lz4"; - mountpoint = "/"; - - datasets = { - home = { - zfs_type = "filesystem"; - mountpoint = "/home"; - options.mountpoint = "legacy"; - }; - reserved = { - zfs_type = "filesystem"; - options.refreservation = "1G"; - }; - }; - }; - }; -} diff --git a/makefu/1systems/snake/hardware-config.nix b/makefu/1systems/snake/hardware-config.nix deleted file mode 100644 index 88124f659..000000000 --- a/makefu/1systems/snake/hardware-config.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ pkgs, lib, ... }: -{ - imports = [ - - ./wifi.nix - ./sound.nix - ]; - boot.loader.grub.enable = true; - boot.loader.grub.version = 2; - boot.loader.grub.efiSupport = true; - boot.loader.grub.device = "/dev/sda"; - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "sd_mod" ]; - boot.kernelModules = [ "kvm-amd" ]; - disko.devices = import ./disk.nix; - - hardware.enableRedistributableFirmware = true; - hardware.cpu.amd.updateMicrocode = true; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand"; - - boot.kernelParams = [ "net.ifnames=0" ]; - networking.hostId = "0123AABB"; - -} diff --git a/makefu/1systems/snake/sound.nix b/makefu/1systems/snake/sound.nix deleted file mode 100644 index 452f4b4b1..000000000 --- a/makefu/1systems/snake/sound.nix +++ /dev/null @@ -1,51 +0,0 @@ -{ lib, ... }: { - imports = [ - - ]; - nixpkgs.config.allowUnfree = true; - networking.networkmanager.enable = lib.mkForce false; - # sound.enable = true; - #hardware.pulseaudio = { - # enable = true; - # systemWide = true; - # tcp = { - # enable = true; - # anonymousClients.allowAll = true; - # }; - #}; - - #users.users.makefu = { - # extraGroups = [ "pipewire" "audio" ]; - #}; - - - #services.xserver = { - # enable = true; - # # desktopManager.xterm.enable = true; - # desktopManager.xfce = { - # enable = true; - # noDesktop = true; - # }; - - # displayManager.autoLogin = { - # enable = true; - # user = "makefu"; - # }; - #}; - hardware.pulseaudio.enable = lib.mkForce false; - security.rtkit.enable = true; - #services.pipewire = { - # enable = true; - # systemWide = true; - # socketActivation = false; - # alsa.enable = true; - # alsa.support32Bit = true; - # pulse.enable = true; - # config.pipewire-pulse = { - # "pulse.properties"."server.address" = [ "unix:native" "tcp:4713" ]; - # }; - - #}; - - -} diff --git a/makefu/1systems/snake/source.nix b/makefu/1systems/snake/source.nix deleted file mode 100644 index 8fc2fff2d..000000000 --- a/makefu/1systems/snake/source.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ - name="cake"; - full = true; - home-manager = true; - hw = true; -} diff --git a/makefu/1systems/snake/wifi.nix b/makefu/1systems/snake/wifi.nix deleted file mode 100644 index 7e1569010..000000000 --- a/makefu/1systems/snake/wifi.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ - networking.wireless = { - enable = true; - networks = import ; - }; -} diff --git a/makefu/1systems/studio/config.nix b/makefu/1systems/studio/config.nix deleted file mode 100644 index b3d9383c4..000000000 --- a/makefu/1systems/studio/config.nix +++ /dev/null @@ -1,76 +0,0 @@ -{ config, pkgs, ... }: -{ - imports = [ - - - - - - - - - ]; - makefu.gui.user = "user"; # we use an extra user - krebs = { - enable = true; - tinc.retiolum.enable = true; - build.host = config.krebs.hosts.studio; - }; - networking.firewall.allowedTCPPorts = [ 655 ]; - networking.firewall.allowedUDPPorts = [ 655 ]; - - - environment.systemPackages = with pkgs;[ - # audio foo - ## pulseaudio - pavucontrol - paprefs - pamixer - - # extra alsa tools - alsa-hdspconf - alsa-hdspmixer - alsa-hdsploader - - # recording - darkice - (mumble.override { jackSupport = true; }) - - # browsing - firefox - chromium - ]; - - - nixpkgs.config.allowUnfree = true; - fonts = { - enableCoreFonts = true; - enableFontDir = true; - enableGhostscriptFonts = true; - fonts = [ ]; - }; - # ingos favorite display manager - - - # hardware - boot.loader.grub.enable = true; - boot.loader.grub.version = 2; - boot.loader.grub.device = "/dev/sda"; - - boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ata_piix" "usb_storage" "sd_mod" ]; - boot.kernelModules = [ ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/0aeda516-230e-4c54-9e27-13515c2f3f21"; - fsType = "ext4"; - }; - - swapDevices = [ { device = "/dev/disk/by-uuid/1914af67-5a8f-41d3-a1c2-211c39605da9"; } ]; - users.users.user = { - isNormalUser = true; - extraGroups = [ "wheel" "audio" ]; - uid = 1000; - openssh.authorizedKeys.keys = [ config.krebs.users.makefu.pubkey ]; - }; -} diff --git a/makefu/1systems/studio/source.nix b/makefu/1systems/studio/source.nix deleted file mode 100644 index ff88d3557..000000000 --- a/makefu/1systems/studio/source.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ - name="studio"; - musnix = true; -} diff --git a/makefu/1systems/tsp/config.nix b/makefu/1systems/tsp/config.nix deleted file mode 100644 index 9586578d3..000000000 --- a/makefu/1systems/tsp/config.nix +++ /dev/null @@ -1,45 +0,0 @@ -# -# -# -{ config, pkgs, lib, ... }: - -{ - imports = - [ # Include the results of the hardware scan. - ./hardware.nix - - - - - - - # - - # hardware specifics are in here - - - - - # - - - - - - - - - { - programs.adb.enable = true; - } - ]; - krebs.build.host = config.krebs.hosts.tsp; - boot.loader.grub.device = "/dev/sda"; - - networking.firewall.allowedTCPPorts = [ - 25 - ]; - - hardware.enableRedistributableFirmware = true; - nixpkgs.config.allowUnfree = true; -} diff --git a/makefu/1systems/tsp/hardware.nix b/makefu/1systems/tsp/hardware.nix deleted file mode 100644 index 2788eae04..000000000 --- a/makefu/1systems/tsp/hardware.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ lib, ... }: -{ - imports = [ - # laptop is an acer aspire, but close enough i'd say - - ]; - # the laptop only has the touchpad - services.xserver.synaptics.additionalOptions = lib.mkForce ''Option "TouchpadOff" "0"''; -} diff --git a/makefu/1systems/tsp/source.nix b/makefu/1systems/tsp/source.nix deleted file mode 100644 index afb05e296..000000000 --- a/makefu/1systems/tsp/source.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ - name="tsp"; - full = true; - hw = true; - home-manager = true; -} diff --git a/makefu/1systems/vbob/config.nix b/makefu/1systems/vbob/config.nix deleted file mode 100644 index 208dd1ff7..000000000 --- a/makefu/1systems/vbob/config.nix +++ /dev/null @@ -1,91 +0,0 @@ -{ lib, config, pkgs, ... }: -{ - krebs.build.host = config.krebs.hosts.vbob; - makefu.awesome.modkey = "Mod1"; - imports = - [ - - { - imports = [ ]; - boot.loader.grub.device = "/dev/sda"; - } - # - # - - # base gui - # - # - - - - # security - - - # Tools - - - # - # - - # environment - - (let - gum-ip = config.krebs.hosts.gum.nets.internet.ip4.addr; - gateway = "10.0.2.2"; - in { - # make sure the route to gum gets added after the network is online - systemd.services.wireguard-wg0.after = [ "network-online.target" ]; - networking.wireguard.interfaces.wg0 = { - ips = [ "10.244.0.3/24" ]; - privateKeyFile = (toString ) + "/wireguard.key"; - # explicit route via eth0 to gum - preSetup = ["${pkgs.iproute}/bin/ip route add ${gum-ip} via ${gateway}"]; - peers = [ - { # gum - endpoint = "${gum-ip}:51820"; - allowedIPs = [ "0.0.0.0/0" "10.244.0.0/24" ]; - publicKey = "yAKvxTvcEVdn+MeKsmptZkR3XSEue+wSyLxwcjBYxxo="; - persistentKeepalive = 25; - } - ]; - }; - }) - - ]; - networking.extraHosts = import (toString ); - - # allow vbob to deploy self - users.extraUsers.root.openssh.authorizedKeys.keys = [ config.krebs.users.makefu-vbob.pubkey ]; - - environment.shellAliases = { - forti = "cat ~/vpn/pw.txt | xclip; sudo forticlientsslvpn"; - }; - - system.activationScripts.prepare-fortclientvpnssl = '' - # TODO: for forticlientsslpn - mkdir -p /usr/{s,}bin - ln -fs ${pkgs.ppp}/bin/pppd /usr/sbin/pppd - ln -fs ${pkgs.coreutils}/bin/tail /usr/bin/tail - ''; - - # for forticlient - nixpkgs.config.allowUnfree = true; - - environment.systemPackages = with pkgs;[ - fortclientsslvpn ppp xclip - get - logstash - #devpi-web - #devpi-client - ansible - ]; - - - networking.firewall.allowedTCPPorts = [ - 25 - 80 - 8010 - ]; - # required for qemu - systemd.services."serial-getty@ttyS0".enable = true; -} diff --git a/makefu/1systems/vbob/source.nix b/makefu/1systems/vbob/source.nix deleted file mode 100644 index 59744faf5..000000000 --- a/makefu/1systems/vbob/source.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ - name="vbob"; - # musnix = true; -} diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix deleted file mode 100644 index 77f0f0337..000000000 --- a/makefu/1systems/wbob/config.nix +++ /dev/null @@ -1,139 +0,0 @@ -{ config, pkgs, lib, ... }: -let - user = config.makefu.gui.user; - primaryIP = "192.168.8.11"; -in { - - imports = - [ - - # Include the results of the hardware scan. - ./nuc - - - - - - # - - - - # - # - - - { environment.systemPackages = [ pkgs.brother_ql_web pkgs.nano ]; } - - # - # - # - # - ## no need for dns logs anymore - # - - # Services - # - - - - - - # Sensors - # - # - - - - - - # - - # - { environment.systemPackages = [ pkgs.vlc ]; } - - # new hass entry point - - - # now runs in thales - # - # #mpd is only used for TTS, this is the web interface - - { - services.mjpg-streamer = { - enable = true; - inputPlugin = "input_uvc.so -d /dev/video0 -r 640x480 -y -f 30 -q 50 -n"; - outputPlugin = "output_http.so -w @www@ -n -p 18088"; - }; - } - (let - collectd-port = 25826; - influx-port = 8086; - admin-port = 8083; - grafana-port = 3000; # TODO nginx forward - db = "collectd_db"; - logging-interface = "enp0s25"; - in { - networking.firewall.allowedTCPPorts = [ 3000 influx-port admin-port ]; - - services.grafana.enable = true; - services.grafana.addr = "0.0.0.0"; - services.influxdb.enable = true; - systemd.services.influxdb.serviceConfig.LimitNOFILE = 8192; - - services.influxdb.extraConfig = { - meta.hostname = config.krebs.build.host.name; - # meta.logging-enabled = true; - http.bind-address = ":${toString influx-port}"; - admin.bind-address = ":${toString admin-port}"; - collectd = [{ - enabled = true; - typesdb = "${pkgs.collectd}/share/collectd/types.db"; - database = db; - bind-address = ":${toString collectd-port}"; - }]; - }; - - networking.firewall.extraCommands = '' - iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT - ''; - }) - - - # temporary - # - { - services.jellyfin.enable = true; - } - ]; - - krebs = { - enable = true; - build.host = config.krebs.hosts.wbob; - }; - - networking.firewall.allowedUDPPorts = [ 655 ]; - networking.firewall.allowedTCPPorts = [ - 655 - 8081 # smokeping - 49152 - ]; - networking.firewall.trustedInterfaces = [ "enp0s25" ]; - #services.tinc.networks.siem = { - # name = "display"; - # extraConfig = '' - # ConnectTo = sjump - # Port = 1655 - # ''; - #}; - #boot.kernelPackages = pkgs.linuxPackages_latest; - # rt2870.bin wifi card, part of linux-unfree - hardware.enableRedistributableFirmware = true; - nixpkgs.config.allowUnfree = true; - # rt2870 with nonfree creates wlp2s0 from wlp0s20u2 - # not explicitly setting the interface results in wpa_supplicant to crash - #networking.interfaces.virbr1.ipv4.addresses = [{ - # address = "10.8.8.11"; - # prefixLength = 24; - #}]; - # nuc hardware -} diff --git a/makefu/1systems/wbob/nuc/default.nix b/makefu/1systems/wbob/nuc/default.nix deleted file mode 100644 index d4993dfd0..000000000 --- a/makefu/1systems/wbob/nuc/default.nix +++ /dev/null @@ -1,23 +0,0 @@ -let - rootdisk = "/dev/disk/by-id/ata-TS256GMTS800_C613840115"; - datadisk = "/dev/disk/by-id/ata-HGST_HTS721010A9E630_JR10006PH3A02F"; -in { - boot.loader.grub.device = rootdisk; - hardware.cpu.intel.updateMicrocode = true; - boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; - - boot.kernelModules = [ - "kvm-intel" "snd-seq" "snd-rawmidi" - ]; - fileSystems = { - "/" = { - device = rootdisk + "-part1"; - fsType = "ext4"; - }; - "/data" = { - device = datadisk + "-part1"; - fsType = "ext4"; - }; - }; - swapDevices = [ { device = "/var/swap"; } ]; -} diff --git a/makefu/1systems/wbob/source.nix b/makefu/1systems/wbob/source.nix deleted file mode 100644 index 36c7b67bb..000000000 --- a/makefu/1systems/wbob/source.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ - name="wbob"; - # musnix = true; - home-manager = true; - unstable = true; -} diff --git a/makefu/1systems/wry/config.nix b/makefu/1systems/wry/config.nix deleted file mode 100644 index b728703ec..000000000 --- a/makefu/1systems/wry/config.nix +++ /dev/null @@ -1,54 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -let - - external-ip = config.krebs.build.host.nets.internet.ip4.addr; - internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; -in { - imports = [ - - # TODO: copy this config or move to krebs - - - - - # - - - - - # other nginx - # - - # collectd - - - - - # - ]; - - krebs.build.host = config.krebs.hosts.wry; - - # prepare graphs - services.nginx.enable = true; - krebs.retiolum-bootstrap.enable = true; - - networking = { - firewall = { - allowPing = true; - logRefusedConnections = false; - allowedTCPPorts = [ 53 80 443 ]; - allowedUDPPorts = [ 655 53 ]; - }; - interfaces.enp2s1.ipv4.addresses = [{ - address = external-ip; - prefixLength = 24; - }]; - defaultGateway = "104.233.87.1"; - nameservers = [ "8.8.8.8" ]; - }; - - environment.systemPackages = [ pkgs.screen ]; -} diff --git a/makefu/1systems/wry/source.nix b/makefu/1systems/wry/source.nix deleted file mode 100644 index 730300590..000000000 --- a/makefu/1systems/wry/source.nix +++ /dev/null @@ -1,3 +0,0 @@ -{ - name="wry"; -} diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix deleted file mode 100644 index 784f9148f..000000000 --- a/makefu/1systems/x/config.nix +++ /dev/null @@ -1,265 +0,0 @@ -# -# -# -{ config, pkgs, lib, ... }: -{ - imports = - [ - # hardware-dependent - # device - - - ./x13 - # ./x230 - - # Common Hardware Components - - # - # - - # - # - # - - # - - - - - # - - # base - - - - - - - - - - - - - - { programs.adb.enable = true; } - { - services.openssh.hostKeys = [ - { bits = 4096; path = (toString ); type = "rsa";} - ]; - } - #{ - # imports = [ - # - # ]; - # services.pipewire.config.pipewire-pulse = { - # "pulse.properties"."server.address" = [ "unix:native" "tcp:4713" ]; - # }; - # networking.firewall.allowedTCPPorts = [ 4713 ]; - - #} - - #{ - # users.users.makefu.packages = with pkgs;[ mpc_cli ncmpcpp ]; - # services.ympd.enable = true; - # services.mpd = { - # enable = true; - # extraConfig = '' - # log_level "default" - # auto_update "yes" - - # audio_output { - # type "httpd" - # name "lassulus radio" - # encoder "vorbis" # optional - # port "8000" - # quality "5.0" # do not define if bitrate is defined - # # bitrate "128" # do not define if quality is defined - # format "44100:16:2" - # always_on "yes" # prevent MPD from disconnecting all listeners when playback is stopped. - # tags "yes" # httpd supports sending tags to listening streams. - # } - # ''; - # }; - #} - - # { systemd.services.docker.wantedBy = lib.mkForce []; } - # - # - # - #{ - # netboot_server = { - # network.wan = "wlp3s0"; - # network.lan = "enp0s25"; - # }; - #} - - # Restore: - # systemctl cat borgbackup-job-state - # export BORG_PASSCOMMAND BORG_REPO BORG_RSH - # borg list "$BORG_REPO" - # mount newroot somewhere && cd somewhere - # borg extract "$BORG_REPO::x-state-2019-04-17T01:41:51" --progress # < extract to cwd - - - # - - - - # Debugging - # - # - - # Testing - #{ - # services.nginx = { - # enable = true; - # recommendedProxySettings = true; - # virtualHosts.local = { - # default = true; - # locations."/".proxyPass= "http://localhost:4567"; - # }; - # }; - # services.gollum = { - # enable = true; - # extraConfig = '' - # Gollum::Hook.register(:post_commit, :hook_id) do |committer, sha1| - # File.open('/tmp/lol', 'w') { |file| file.write(self.to_s) } - # end - # ''; - # }; - #} - # - # - # - - # - # - # - # - # - # - # - # - - # Krebs - - # - # - - - # - - - # applications - - - - # - # - - # Virtualization - # - - - #{ - # networking.firewall.allowedTCPPorts = [ 8080 ]; - # networking.nat = { - # enable = true; - # externalInterface = "wlp3s0"; - # internalInterfaces = [ "vboxnet0" ]; - # }; - #} - # Services - - - # - # - - # - # { nixpkgs.overlays = [ (self: super: super.prefer-remote-fetch self super) ]; } - - # - - - - - # Security - # - - # temporary - # { services.redis.enable = true; } - # citadel exporter - # { services.mongodb.enable = true; } - # { services.elasticsearch.enable = true; } - # - # - # - # - # - # - # - # - - -# { -# networking.wireguard.interfaces.wg0 = { -# ips = [ "10.244.0.2/24" ]; -# privateKeyFile = (toString ) + "/wireguard.key"; -# allowedIPsAsRoutes = true; -# peers = [ -# { -# # gum -# endpoint = "${config.krebs.hosts.gum.nets.internet.ip4.addr}:51820"; -# allowedIPs = [ "10.244.0.0/24" ]; -# publicKey = "yAKvxTvcEVdn+MeKsmptZkR3XSEue+wSyLxwcjBYxxo="; -# } -# #{ -# # # vbob -# # allowedIPs = [ "10.244.0.3/32" ]; -# # publicKey = "Lju7EsCu1OWXhkhdNR7c/uiN60nr0TUPHQ+s8ULPQTw="; -# #} -# ]; -# }; -# } - ]; - - - nixpkgs.config.allowUnfree = true; - nixpkgs.config.oraclejdk.accept_license = true; - - - - # configure pulseAudio to provide a HDMI sink as well - networking.firewall.enable = true; - networking.firewall.allowedUDPPorts = [ 665 26061 1514 ]; - networking.firewall.trustedInterfaces = [ "vboxnet0" "enp0s25" ]; - - krebs.build.host = config.krebs.hosts.x; - - #krebs.tinc.retiolum.connectTo = lib.mkForce [ "gum" ]; - #krebs.tinc.retiolum.extraConfig = "AutoConnect = no"; - - - environment.systemPackages = [ pkgs.passwdqc-utils ]; - - # environment.variables = { GOROOT = [ "${pkgs.go.out}/share/go" ]; }; - state = [ - "/home/makefu/stockholm" - "/home/makefu/.ssh/" - "/home/makefu/.zsh_history" - "/home/makefu/.bash_history" - "/home/makefu/bin" - "/home/makefu/.gnupg" - "/home/makefu/.imapfilter" - "/home/makefu/.mutt" - "/home/makefu/docs" - "/home/makefu/notes" - "/home/makefu/.password-store" - "/home/makefu/.secrets-pass" - "/home/makefu/.config/syncthing" - ]; - - # services.syncthing.user = lib.mkForce "makefu"; - # services.syncthing.dataDir = lib.mkForce "/home/makefu/.config/syncthing/"; -} diff --git a/makefu/1systems/x/source.nix b/makefu/1systems/x/source.nix deleted file mode 100644 index ecb1d9962..000000000 --- a/makefu/1systems/x/source.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ - name="x"; - full = true; - python = true; - hw = true; - # unstable = true; - mic92 = true; - clever_kexec = true; - home-manager = true; - nix-ld = true; - # torrent = true; -} diff --git a/makefu/1systems/x/x13/battery.nix b/makefu/1systems/x/x13/battery.nix deleted file mode 100644 index 3e28292e3..000000000 --- a/makefu/1systems/x/x13/battery.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ pkgs, ... }: -{ - powerManagement.powertop.enable = true; - services.power-profiles-daemon.enable = true; - users.users.makefu.packages = [ pkgs.gnome.gnome-power-manager ]; -} diff --git a/makefu/1systems/x/x13/default.nix b/makefu/1systems/x/x13/default.nix deleted file mode 100644 index 27ea0c99c..000000000 --- a/makefu/1systems/x/x13/default.nix +++ /dev/null @@ -1,46 +0,0 @@ -{ pkgs, lib, ... }: -# new zfs deployment -{ - imports = [ - ./zfs.nix - ./input.nix - ./battery.nix - - # close enough - # - - # - ]; - boot.zfs.requestEncryptionCredentials = true; - networking.hostId = "f8b8e0a2"; - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - - # services.xserver.enable = lib.mkForce false; - - services.xserver.videoDrivers = [ "amdgpu" ]; - boot.initrd.kernelModules = [ "amdgpu" ]; - hardware.opengl.driSupport = true; - hardware.opengl.extraPackages = [ pkgs.amdvlk pkgs.rocm-opencl-icd pkgs.rocm-opencl-runtime ]; - # For 32 bit applications - hardware.opengl.driSupport32Bit = true; - hardware.opengl.extraPackages32 = with pkgs; [ - driversi686Linux.amdvlk - ]; - # is required for amd graphics support ( xorg wont boot otherwise ) - #boot.kernelPackages = pkgs.linuxPackages_latest; - boot.kernelPackages = lib.mkForce pkgs.linuxPackages; - - services.fwupd.enable = true; - - programs.light.enable = true; - - users.groups.video = {}; - users.groups.render = {}; - users.users.makefu.extraGroups = [ "video" "render" ]; - - boot.extraModprobeConfig = '' - options thinkpad_acpi fan_control=1 - ''; -} - diff --git a/makefu/1systems/x/x13/disk.nix b/makefu/1systems/x/x13/disk.nix deleted file mode 100644 index 7ce77bdf5..000000000 --- a/makefu/1systems/x/x13/disk.nix +++ /dev/null @@ -1,67 +0,0 @@ -{ disk ? "/dev/sda", ... }: { - disko.devices = { - disk = { - nvme = { - type = "disk"; - device = disk; - content = { - type = "table"; - format = "gpt"; - partitions = [ - { - name = "ESP"; - start = "0"; - end = "512MiB"; - fs-type = "fat32"; - bootable = true; - content = { - type = "filesystem"; - format = "vfat"; - mountpoint = "/boot"; - }; - } - { - name = "zfs"; - start = "512MiB"; - end = "100%"; - content = { - type = "zfs"; - pool = "tank"; - }; - } - ]; - }; - }; - }; - zpool = { - tank = { - type = "zpool"; - rootFsOptions = { - compression = "lz4"; - #reservation = "5G"; - "com.sun:auto-snapshot" = "false"; - }; - mountpoint = null; - postCreateHook = "zfs snapshot tank@blank"; - - datasets = { - - root = { - type = "zfs_fs"; - mountpoint = "/"; - options = { - encryption = "aes-256-gcm"; - keyformat = "passphrase"; - "com.sun:auto-snapshot" = "true"; - }; - #keylocation = "file:///tmp/secret.key"; - }; - "root/home" = { - type = "zfs_fs"; - mountpoint = "/home"; - }; - }; - }; - }; - }; -} diff --git a/makefu/1systems/x/x13/input.nix b/makefu/1systems/x/x13/input.nix deleted file mode 100644 index 93816ce84..000000000 --- a/makefu/1systems/x/x13/input.nix +++ /dev/null @@ -1,48 +0,0 @@ -{ pkgs, lib, ... }: -{ - # current issues: - # 1. for pressing insert hold shift+fn+Fin - - # scroll by holding middle mouse - #services.xserver.displayManager.sessionCommands ='' - # xinput set-int-prop "ETPS/2 Elantech TrackPoint" "Evdev Wheel Emulation" 8 1 - # xinput set-int-prop "ETPS/2 Elantech TrackPoint" "Evdev Wheel Emulation Button" 8 2 - # xinput set-prop "ETPS/2 Elantech TrackPoint" "Evdev Wheel Emulation Axes" 6 7 4 5 - # # configure timeout of pressing and holding middle button - # # xinput set-int-prop "ETPS/2 Elantech TrackPoint" "Evdev Wheel Emulation Timeout" 8 200 - # xinput disable 'ETPS/2 Elantech Touchpad' - #''; - - services.xserver.libinput.enable = true; - boot.kernelParams = [ - #"psmouse.proto=imps" - #"psmouse.proto=bare" - #"psmouse.resetafter=0" - "psmouse.synaptics_intertouch=1" # echo 1 > /sys/devices/platform/i8042/serio1/reg_07 - ]; - - programs.light.enable = true; - services.actkbd = { - enable = true; - bindings = [ - { keys = [ 225 ]; events = [ "key" ]; command = "${pkgs.light}/bin/light -A 10"; } # fn - F5 - { keys = [ 224 ]; events = [ "key" ]; command = "${pkgs.light}/bin/light -U 10"; } # fn - F6 - # fn - 4 => suspend - # fn - d => lcdshadow - #{ keys = [ 227 ]; events = [ "key" ]; command = builtins.toString ( # fn - F7 - # pkgs.writers.writeDash "toggle_touchpad" '' - # PATH=${lib.makeBinPath [ pkgs.xorg.xinput pkgs.gnugrep ]} - # DISPLAY=:0 - # export DISPLAY PATH - - # device=$(xinput list --name-only | grep Touchpad) - # if [ "$(xinput list-props "$device" | grep -P ".*Device Enabled.*\K.(?=$)" -o)" -eq 1 ];then - # xinput disable "$device" - # else - # xinput enable "$device" - # fi - # ''); - #} - ]; - }; -} diff --git a/makefu/1systems/x/x13/toggle_brightness b/makefu/1systems/x/x13/toggle_brightness deleted file mode 100644 index dc1436cb6..000000000 --- a/makefu/1systems/x/x13/toggle_brightness +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/sh -proc=/proc/acpi/ibm/lcdshadow -status=$(awk '/status:/{print $2}' "$proc") -if [ "$status" -eq 0 ];then - echo 1 > "$proc" -else - echo 0 > "$proc" -fi diff --git a/makefu/1systems/x/x13/zfs.nix b/makefu/1systems/x/x13/zfs.nix deleted file mode 100644 index ba341ef50..000000000 --- a/makefu/1systems/x/x13/zfs.nix +++ /dev/null @@ -1,34 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = [ "nvme" "ehci_pci" "xhci_pci" "rtsx_pci_sdmmc" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-amd" ]; - boot.extraModulePackages = [ ]; - - boot.zfs.enableUnstable = true; # required for 21.05 - fileSystems."/" = - { device = "zroot/root/nixos"; - fsType = "zfs"; - }; - - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/20BF-2755"; - fsType = "vfat"; - }; - - fileSystems."/home" = - { device = "zroot/root/home"; - fsType = "zfs"; - }; - - swapDevices = [ ]; - services.zfs.autoScrub.enable = true; -} diff --git a/makefu/1systems/x/x230/default.nix b/makefu/1systems/x/x230/default.nix deleted file mode 100644 index c2a635ca7..000000000 --- a/makefu/1systems/x/x230/default.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ - imports = [ - # + bluetooth - - - - - - # hard dependency because otherwise the device will not be unlocked - { - boot.initrd.luks.devices.luksroot = - { - device = "/dev/sda2"; - allowDiscards = true; - }; - } - { makefu.server.primary-itf = "wlp3s0"; } - ]; -} diff --git a/makefu/2configs/Reaktor/bgt.nix b/makefu/2configs/Reaktor/bgt.nix deleted file mode 100644 index 42325bcd6..000000000 --- a/makefu/2configs/Reaktor/bgt.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ pkgs, ... }: -{ - krebs.Reaktor.reaktor-bgt = { - nickname = "Reaktor|bgt"; - workdir = "/var/lib/Reaktor/bgt"; - channels = [ "#binaergewitter" ]; - plugins = with pkgs.ReaktorPlugins; - [ titlebot - # stockholm-issue - nixos-version - # shack-correct - # sed-plugin - random-emoji ]; - }; -} diff --git a/makefu/2configs/audio/realtime-audio.nix b/makefu/2configs/audio/realtime-audio.nix deleted file mode 100644 index 8c392dbb6..000000000 --- a/makefu/2configs/audio/realtime-audio.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ config, pkgs, ... }: -let - user = config.makefu.gui.user; -in -{ - imports = [ - - ]; - musnix.enable = true; - musnix.kernel.optimize = true; - musnix.kernel.realtime = true; - musnix.kernel.packages = pkgs.linuxPackages_latest_rt; - - users.users."${user}".extraGroups = [ "audio" ]; -} diff --git a/makefu/2configs/audio/respeaker.nix b/makefu/2configs/audio/respeaker.nix deleted file mode 100644 index 0aaef5dac..000000000 --- a/makefu/2configs/audio/respeaker.nix +++ /dev/null @@ -1,122 +0,0 @@ -{ config, lib, pkgs, ... }: -let - seeed-voicecard = (pkgs.callPackage ../../5pkgs/seeed-voicecard { kernel = config.boot.kernelPackages.kernel; }); -in -{ - hardware.raspberry-pi."4".i2c1.enable = true; - hardware.raspberry-pi."4".audio.enable = true; - hardware.raspberry-pi."4".apply-overlays-dtmerge.enable = true; - hardware.deviceTree.filter = lib.mkForce "bcm2711-rpi-4-b.dtb"; - - security.rtkit.enable = true; - - environment.systemPackages = with pkgs; [ - alsaUtils - i2c-tools - ponymix - ]; - - sound.enable = true; - hardware.pulseaudio.enable = lib.mkForce false; - services.pipewire = { - enable = true; - systemWide = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - }; - - services.pipewire.config.pipewire-pulse = { - "pulse.properties"."server.address" = [ "unix:native" "tcp:4713" ]; - }; - - sound.extraConfig = '' - pcm.!default { - type asym - playback.pcm "playback" - capture.pcm "ac108" - } - - pcm.ac108 { - type plug - slave.pcm "hw:seeed4micvoicec" - } - '' ; - - - boot.extraModulePackages = [ - seeed-voicecard - ]; - boot.initrd.kernelModules = [ - "snd-soc-seeed-voicecard" - "snd-soc-ac108" - "i2c-dev" - #"i2c-bcm2708" - #"snd-soc-wm8960" - ]; - - boot.loader.raspberryPi.firmwareConfig = [ - "dtparam=i2c_arm=on" - "dtparam=i2s=on" - "dtparam=spi=on" - "dtparam=i2c1=on" - # dtoverlay=seeeed-8mic-voicecard not required because we use hardware.deviceTree - ]; - hardware.deviceTree = { - enable = true; - overlays = [ - { name = "respeaker-4mic"; dtsFile = "${seeed-voicecard}/lib/dts/seeed-4mic-voicecard-overlay.dts";} - { name = "spi"; dtsText = '' - /dts-v1/; - /plugin/; - - / { - compatible = "raspberrypi"; - fragment@0 { - target = <&spi>; - __overlay__ { - cs-gpios = <&gpio 8 1>, <&gpio 7 1>; - status = "okay"; - pinctrl-names = "default"; - pinctrl-0 = <&spi0_pins &spi0_cs_pins>; - #address-cells = <1>; - #size-cells = <0>; - spidev@0 { - reg = <0>; // CE0 - spi-max-frequency = <500000>; - compatible = "spidev"; - }; - - spidev@1 { - reg = <1>; // CE1 - spi-max-frequency = <500000>; - compatible = "spidev"; - }; - }; - }; - fragment@1 { - target = <&alt0>; - __overlay__ { - // Drop GPIO 7, SPI 8-11 - brcm,pins = <4 5>; - }; - }; - - fragment@2 { - target = <&gpio>; - __overlay__ { - spi0_pins: spi0_pins { - brcm,pins = <9 10 11>; - brcm,function = <4>; // alt0 - }; - spi0_cs_pins: spi0_cs_pins { - brcm,pins = <8 7>; - brcm,function = <1>; // out - }; - }; - }; - }; - '';} - ]; - }; -} diff --git a/makefu/2configs/avahi.nix b/makefu/2configs/avahi.nix deleted file mode 100644 index 59f59fd80..000000000 --- a/makefu/2configs/avahi.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ pkgs, ...}: -{ - services.avahi = { - enable = true; - wideArea = false; - }; - environment.systemPackages = [ pkgs.avahi ]; -} diff --git a/makefu/2configs/backup/server.nix b/makefu/2configs/backup/server.nix deleted file mode 100644 index 26e53b8c3..000000000 --- a/makefu/2configs/backup/server.nix +++ /dev/null @@ -1,19 +0,0 @@ -{lib,config, ... }: -let - hosts = lib.mapAttrsToList (f: _: lib.removeSuffix ".pub" f) (builtins.readDir ./ssh ); -in { - # TODO: for all enabled machines - options = { - makefu.backup.server.repo = lib.mkOption { - type = lib.types.str; - default = "/var/lib/borgbackup"; - }; - }; - config = { - services.borgbackup.repos = lib.genAttrs hosts (host: { - authorizedKeys = [ (builtins.readFile (./ssh + "/${host}.pub") ) ]; - path = "${config.makefu.backup.server.repo}/${host}"; - user = "borg-${host}"; - }) ; - }; -} diff --git a/makefu/2configs/backup/ssh/gum.pub b/makefu/2configs/backup/ssh/gum.pub deleted file mode 100644 index 52d56d956..000000000 --- a/makefu/2configs/backup/ssh/gum.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOUZcfi2SXxCo1if0oU3x9qPK8/O5FmiXy2HFZyTp/P1 makefu@x diff --git a/makefu/2configs/backup/ssh/latte.pub b/makefu/2configs/backup/ssh/latte.pub deleted file mode 100644 index 52d56d956..000000000 --- a/makefu/2configs/backup/ssh/latte.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOUZcfi2SXxCo1if0oU3x9qPK8/O5FmiXy2HFZyTp/P1 makefu@x diff --git a/makefu/2configs/backup/ssh/nextgum.pub b/makefu/2configs/backup/ssh/nextgum.pub deleted file mode 100644 index 52d56d956..000000000 --- a/makefu/2configs/backup/ssh/nextgum.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOUZcfi2SXxCo1if0oU3x9qPK8/O5FmiXy2HFZyTp/P1 makefu@x diff --git a/makefu/2configs/backup/ssh/omo.pub b/makefu/2configs/backup/ssh/omo.pub deleted file mode 100644 index 053b4da87..000000000 --- a/makefu/2configs/backup/ssh/omo.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAtA3XzpjByYQ9uSHQr0dkNUyi6nROjwv1S2IQtUu4pi makefu@x diff --git a/makefu/2configs/backup/ssh/wbob.pub b/makefu/2configs/backup/ssh/wbob.pub deleted file mode 100644 index 52d56d956..000000000 --- a/makefu/2configs/backup/ssh/wbob.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOUZcfi2SXxCo1if0oU3x9qPK8/O5FmiXy2HFZyTp/P1 makefu@x diff --git a/makefu/2configs/backup/ssh/x.pub b/makefu/2configs/backup/ssh/x.pub deleted file mode 100644 index fe894df33..000000000 --- a/makefu/2configs/backup/ssh/x.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBRfhUv9twYbO7tUe2r2LOXEMNxW14GO3Q0RTkUWeMxw makefu@x diff --git a/makefu/2configs/backup/state.nix b/makefu/2configs/backup/state.nix deleted file mode 100644 index 1143708bf..000000000 --- a/makefu/2configs/backup/state.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ config, ... }: -# back up all state -let - sec = toString ; - sshkey = sec + "/borg.priv"; - phrase = sec + "/borg.pw"; -in -{ - services.borgbackup.jobs.state = { - repo = "borg-${config.krebs.build.host.name}@backup.makefu.r:."; - paths = config.state; - encryption = { - mode = "repokey"; - passCommand = "cat ${phrase}"; - }; - environment.BORG_RSH = "ssh -i ${sshkey}"; - prune.keep = - { daily = 7; - weekly = 4; - monthly = -1; # Keep at least one archive for each month - }; - compression = "auto,lzma"; - startAt = "daily"; - }; -} diff --git a/makefu/2configs/bepasty-dual.nix b/makefu/2configs/bepasty-dual.nix deleted file mode 100644 index f63dbefd8..000000000 --- a/makefu/2configs/bepasty-dual.nix +++ /dev/null @@ -1,55 +0,0 @@ -{ config, lib, pkgs, ... }: - -# 1systems should configure itself: -# krebs.bepasty.servers.internal.nginx.listen = [ "80" ] -# krebs.bepasty.servers.external.nginx.listen = [ "80" "443 ssl" ] -# 80 is redirected to 443 ssl - -# secrets used: -# wildcard.krebsco.de.crt -# wildcard.krebsco.de.key -# bepasty-secret.nix <- contains single string - -with import ; -let - sec = toString ; - # secKey is nothing worth protecting on a local machine - secKey = "${secrets}/bepasty-secret"; - acmepath = "/var/lib/acme/"; - acmechall = acmepath + "/challenges/"; - ext-dom = "paste.krebsco.de" ; -in { - - services.nginx.enable = mkDefault true; - krebs.bepasty = { - enable = true; - serveNginx= true; - - servers = { - "paste.r" = { - nginx = { - serverAliases = [ - "paste.${config.krebs.build.host.name}" - "paste.r" - ]; - extraConfig = '' - if ( $server_addr = "${external-ip}" ) { - return 403; - } - ''; - }; - defaultPermissions = "admin,list,create,read,delete"; - secretKeyFile = secKey; - }; - - "${ext-dom}" = { - nginx = { - forceSSL = true; - enableACME = true; - }; - defaultPermissions = "read"; - secretKeyFile = secKey; - }; - }; - }; -} diff --git a/makefu/2configs/bgt/auphonic.pub b/makefu/2configs/bgt/auphonic.pub deleted file mode 100644 index 37b8e0599..000000000 --- a/makefu/2configs/bgt/auphonic.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDvP50lgtHhlC3LKzC1/4yzJNxkZFDSIBvEfavNfchNKJUEBPo82oVtfFgJR5XfjI7c2U9dHl+0q4qMl+9ZiZWr2YgDpAr78kpur4gjWKrnBa2eT9GIfXB3Tm1+OpI2HoeOHUKEK1gKqqe9tJfS+CLb7DLCjulW8zdLiiH6KmvyaH78hGjZv+bpx7H4rItAinl8vGe+ceRIk4tZbmkyhphXbQZa3Ov+imiJXIr7fmX3tkOhUp4YwrVlUK8J0MEa1Kf7ZYWRqvGnKYFQ73LwLPz7UIOZ93zPF4d0R7xqvdEEhIx+u1/gToQZSMUczbVqg3dixr3yeBhFA/6h0lTA61mx diff --git a/makefu/2configs/bgt/backup.nix b/makefu/2configs/bgt/backup.nix deleted file mode 100644 index dc3260266..000000000 --- a/makefu/2configs/bgt/backup.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ - # Manual steps: - # 1. ssh-copy-id root ssh-key to the remotes you want to back up - # 2. run `rsnapshot hourly` manually as root to check if everything works - - services.rsnapshot = { - enable = true; - cronIntervals = { - daily = "50 21 * * *"; - hourly = "0 */4 * * *"; - }; - extraConfig = '' -retain hourly 5 -retain daily 365 -snapshot_root /var/backup/bgt -backup root@binaergewitter.jit.computer:/opt/isso jit -backup root@binaergewitter.jit.computer:/etc/systemd/system/isso.service jit -backup root@binaergewitter.jit.computer:/etc/nginx/conf.d/isso.conf jit - ''; - }; -} diff --git a/makefu/2configs/bgt/download.binaergewitter.de.nix b/makefu/2configs/bgt/download.binaergewitter.de.nix deleted file mode 100644 index 31da31a71..000000000 --- a/makefu/2configs/bgt/download.binaergewitter.de.nix +++ /dev/null @@ -1,86 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -let - ident = (builtins.readFile ./auphonic.pub); - bgtaccess = "/var/spool/nginx/logs/binaergewitter.access.log"; - bgterror = "/var/spool/nginx/logs/binaergewitter.error.log"; - - # TODO: only when the data is stored somewhere else - wwwdir = "/var/www/binaergewitter"; - storedir = "/media/cloud/www/binaergewitter"; -in { - fileSystems."${wwwdir}" = { - device = storedir; - options = [ "bind" ]; - }; - - services.openssh = { - allowSFTP = true; - sftpFlags = [ "-l VERBOSE" ]; - extraConfig = '' - HostkeyAlgorithms +ssh-rsa - - Match User auphonic - ForceCommand internal-sftp - AllowTcpForwarding no - X11Forwarding no - PasswordAuthentication no - PubkeyAcceptedAlgorithms +ssh-rsa - - ''; - }; - - users.users.auphonic = { - uid = genid "auphonic"; - group = "nginx"; - # for storedir - extraGroups = [ "download" ]; - useDefaultShell = true; - isSystemUser = true; - openssh.authorizedKeys.keys = [ ident config.krebs.users.makefu.pubkey ]; - }; - - services.logrotate = { - enable = true; - settings.bgt = { - files = [ bgtaccess bgterror ]; - rotate = 5; - frequency = "weekly"; - create = "600 nginx nginx"; - postrotate = "${pkgs.systemd}/bin/systemctl reload nginx"; - }; - }; - - # 20.09 unharden nginx to write logs - systemd.services.nginx.serviceConfig.ReadWritePaths = [ - "/var/spool/nginx/logs/" - ]; - security.acme.certs."download.binaergewitter.de" = { - dnsProvider = "cloudflare"; - credentialsFile = toString ; - webroot = lib.mkForce null; - }; - - services.nginx = { - appendHttpConfig = '' - types { - audio/ogg oga ogg opus; - } - ''; - enable = lib.mkDefault true; - recommendedGzipSettings = true; - recommendedOptimisation = true; - virtualHosts."download.binaergewitter.de" = { - addSSL = true; - enableACME = true; - serverAliases = [ "dl2.binaergewitter.de" ]; - root = "/var/www/binaergewitter"; - extraConfig = '' - access_log ${bgtaccess} combined; - error_log ${bgterror} error; - autoindex on; - ''; - }; - }; -} diff --git a/makefu/2configs/bgt/etherpad.euer.krebsco.de.nix b/makefu/2configs/bgt/etherpad.euer.krebsco.de.nix deleted file mode 100644 index ff180e307..000000000 --- a/makefu/2configs/bgt/etherpad.euer.krebsco.de.nix +++ /dev/null @@ -1,66 +0,0 @@ -{ lib, ... }: -let - port = 19201; -in { - #services.nginx.virtualHosts."euer.krebsco.de".serverAliases = [ "etherpad.euer.krebsco.de" ]; - services.nginx.virtualHosts."etherpad.euer.krebsco.de" = { - # useACMEHost = "euer.krebsco.de"; - extraConfig = '' - ssl_session_timeout 30m; - ''; - enableACME = true; - forceSSL = true; - locations."/".proxyPass = "http://127.0.0.1:${toString port}"; - # from https://github.com/ether/etherpad-lite/wiki/How-to-put-Etherpad-Lite-behind-a-reverse-Proxy - locations."/".extraConfig = '' - - proxy_buffering off; # be careful, this line doesn't override any proxy_buffering on set in a conf.d/file.conf - proxy_set_header Host $host; - proxy_pass_header Server; - - # Note you might want to pass these headers etc too. - proxy_set_header X-Real-IP $remote_addr; # https://nginx.org/en/docs/http/ngx_http_proxy_module.html - proxy_set_header X-Forwarded-For $remote_addr; # EP logs to show the actual remote IP - proxy_set_header X-Forwarded-Proto $scheme; # for EP to set secure cookie flag when https is used - proxy_http_version 1.1; # recommended with keepalive connections - - # WebSocket proxying - from https://nginx.org/en/docs/http/websocket.html - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_read_timeout 1799s; - ''; - }; - state = [ "/var/lib/docker/volumes/etherpad_data/_data/" ]; - virtualisation.oci-containers.containers."etherpad-lite" = { - #image = "makefoo/bgt-etherpad:2021-04-16.3"; # --build-arg ETHERPAD_PLUGINS="ep_markdown" - image = "etherpad/etherpad:1.8.14"; - - ports = [ "127.0.0.1:${toString port}:9001" ]; - volumes = [ - "/var/src/secrets/etherpad/apikey:/opt/etherpad-lite/APIKEY.txt" - "etherpad_data:/opt/etherpad-lite/var" # persistent dirtydb - ]; - # for postgres - #DB_TYPE=postgres - #DB_HOST=db.local - #DB_PORT=4321 - #DB_NAME=etherpad - #DB_USER=dbusername - #DB_PASS=mypassword - environment = { - # ADMIN_PASSWORD = "auf jeden fall nicht das echte admin passwort"; - # LOGLEVEL = "DEBUG"; - - SUPPRESS_ERRORS_IN_PAD_TEXT = "true"; - TRUST_PROXY = "true"; - TITLE = "Binärgewitter Etherpad"; - SKIN_NAME = "no-skin"; - DEFAULT_PAD_TEXT = builtins.readFile ./template.md; - PAD_OPTIONS_USE_MONOSPACE_FONT = "true"; - PAD_OPTIONS_USER_NAME = "true"; - PAD_OPTIONS_USER_COLOR = "true"; - PAD_OPTIONS_CHAT_AND_USERS = "true"; - PAD_OPTIONS_LANG = "en-US"; - }; - }; -} diff --git a/makefu/2configs/bgt/hidden_service.nix b/makefu/2configs/bgt/hidden_service.nix deleted file mode 100644 index 56d319e39..000000000 --- a/makefu/2configs/bgt/hidden_service.nix +++ /dev/null @@ -1,48 +0,0 @@ -{ pkgs, lib, ... }: - -with lib; -let - name = "bgt_cyberwar_hidden_service"; - sec = (toString ) + "/"; - secdir = sec + name; - srvdir = "/var/lib/tor/onion/"; - basedir = srvdir + name; - hn = builtins.readFile (secdir + "/hostname"); -in -{ - systemd.services.prepare-hidden-service = { - wantedBy = [ "local-fs.target" ]; - before = [ "tor.service" ]; - serviceConfig = { - ExecStart = pkgs.writeScript "prepare-euer-blog-service" '' - #!/bin/sh - set -euf - if ! test -d "${basedir}" ;then - mkdir -p "${srvdir}" - cp -r "${secdir}" "${srvdir}" - chown -R tor:tor "${srvdir}" - chmod -R 700 "${basedir}" - else - echo "not overwriting ${basedir}" - fi - ''; - Type = "oneshot"; - RemainAfterExit = "yes"; - TimeoutSec = "0"; - }; - }; - services.nginx.virtualHosts."${hn}".locations."/" = { - proxyPass = "https://blog.binaergewitter.de"; - extraConfig = '' - proxy_set_header Host blog.binaergewitter.de; - proxy_ssl_server_name on; - ''; - }; - services.tor = { - enable = true; - hiddenServices."${name}".map = [ - { port = 80; } - # { port = 443; toHost = "blog.binaergewitter.de"; } - ]; - }; -} diff --git a/makefu/2configs/bgt/social-to-irc.nix b/makefu/2configs/bgt/social-to-irc.nix deleted file mode 100644 index 9d9640a9f..000000000 --- a/makefu/2configs/bgt/social-to-irc.nix +++ /dev/null @@ -1,37 +0,0 @@ -{ pkgs, ... }: -{ - systemd.services.brockman.environment."BROCKMAN_LOG_LEVEL" = "DEBUG"; - krebs.brockman = { - enable = true; - config = { - channel = "#binaergewitter"; - notifyErrors = false; - irc = { - host = "irc.libera.chat"; - port = 6667; - }; - #controller = { - # nick = "brockman-systemdultras"; - # channels = []; - #}; - bots = { - bgt-mastodon-rss = { - feed = "https://jit.social/users/binaergewitter.rss"; - #extraChannels = [ "#binaergewitter" ]; - delay = 180; - }; - bgt-blog-rss = { - feed = "https://blog.binaergewitter.de/rss.xml"; - #extraChannels = [ "#binaergewitter" ]; - delay = 180; - }; - bgt-twitter = { - feed = "http://rss.makefu.r/?action=display&bridge=Twitter&context=By+username&u=binaergewitter&format=Atom"; - #extraChannels = [ "#binaergewitter" ]; - delay = 280; - }; - }; - }; - - }; -} diff --git a/makefu/2configs/bgt/template.md b/makefu/2configs/bgt/template.md deleted file mode 100644 index be21d7c0c..000000000 --- a/makefu/2configs/bgt/template.md +++ /dev/null @@ -1,43 +0,0 @@ -# - -0. Sendung twittern und mastodieren (eine Woche + eine Stunde vorher) von Ingo/l33tname (wichtig) -1. `eine` Person anrufen (den Host): - - markus madmas@studio.link - - Felix1 makefu@studio.link - - L33tFelix l33tname@studio.link - - Ingo ingo@studio.link -2. Jitis an machen https://meet.ffmuc.net/bgt-aktuell (mittel) -3. studio-link aufnehmen drücken (wichtig) -4. audiocity starten, 48000Hz einstellen, Audio-Device checken und aufnehmen drücken (wichtig) -4. alternative parecord: - `$ pacmd list-sources | grep -e device.string -e 'name:' # keins der "monitor" devices` - `$ parecord --channels=1 -d alsa_input.usb-Burr-Brown_from_TI_USB_Audio_CODEC-00.analog-stereo bgt.wav` -5. darkice starten (wichtig) -6. Ingo daran erinnern, dass er die Überschriften richtig aussprechen muss -7. klatschen -8. Hallihallo und Herzlich Willkommen - -## Vorschläge -### Backlog von Picks und Lesefoo aus der letzten Woche - ---- - -## Blast from the Past - -## Toter der Woche - -## Untoter der Woche - -## AI der Woche - -## News - -## Themen - -## Mimimi der Woche - -## Lesefoo - -## Picks - -## Ende diff --git a/makefu/2configs/binary-cache/gum.nix b/makefu/2configs/binary-cache/gum.nix deleted file mode 100644 index fc6e26fe0..000000000 --- a/makefu/2configs/binary-cache/gum.nix +++ /dev/null @@ -1,13 +0,0 @@ - -{ config, ... }: - -{ - nix.settings = { - substituters = [ - "https://cache.euer.krebsco.de/" - ]; - trusted-public-keys = [ - "gum:iIXIFlCAotib+MgI3V/i3HMlFXiVYOT/jfP0y54Zuvg=" - ]; - }; -} diff --git a/makefu/2configs/binary-cache/lass.nix b/makefu/2configs/binary-cache/lass.nix deleted file mode 100644 index 7d7549d8d..000000000 --- a/makefu/2configs/binary-cache/lass.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ config, ... }: - -{ - nix.settings = { - substituters = [ - "https://cache.krebsco.de" - ]; - trusted-public-keys = [ - "cache.prism-1:+S+6Lo/n27XEtvdlQKuJIcb1yO5NUqUCE2lolmTgNJU=" - "cache.prism-2:YwmCm3/s/D+SxrPKN/ETjlpw/219pNUbpnluatp6FKI=" - ]; - }; -} diff --git a/makefu/2configs/binary-cache/nixos.nix b/makefu/2configs/binary-cache/nixos.nix deleted file mode 100644 index 299130059..000000000 --- a/makefu/2configs/binary-cache/nixos.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ config, ... }: - -{ - nix.settings = { - substituters = [ - "https://cache.nixos.org/" - ]; - trusted-public-keys = [ - "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" - ]; - }; -} diff --git a/makefu/2configs/binary-cache/server.nix b/makefu/2configs/binary-cache/server.nix deleted file mode 100644 index c1ae16e29..000000000 --- a/makefu/2configs/binary-cache/server.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ config, lib, pkgs, ...}: - -{ - # generate private key with: - # nix-store --generate-binary-cache-key gum nix-serve.key nix-serve.pub - services.nix-serve = { - enable = true; - port = 5001; - secretKeyFile = toString + "/nix-serve.key"; - }; - - services.nginx = { - enable = true; - virtualHosts."cache.euer.krebsco.de" = { - forceSSL = true; - enableACME = true; - serverAliases = [ # "cache.gum.r" - "cache.gum.krebsco.de" - ]; - locations."/".proxyPass= "http://localhost:${toString config.services.nix-serve.port}"; - }; - }; -} - diff --git a/makefu/2configs/bitlbee.nix b/makefu/2configs/bitlbee.nix deleted file mode 100644 index ede6225ea..000000000 --- a/makefu/2configs/bitlbee.nix +++ /dev/null @@ -1,10 +0,0 @@ -{pkgs, ... }: -{ - services.bitlbee = { - enable = true; - # libpurple_plugins = [ pkgs.telegram-purple pkgs.pidgin-skypeweb]; - plugins = [ pkgs.bitlbee-mastodon ]; - }; - users.users.makefu.packages = with pkgs; [ weechat tmux ]; - state = [ "/var/lib/bitlbee" ]; -} diff --git a/makefu/2configs/bitwarden.nix b/makefu/2configs/bitwarden.nix deleted file mode 100644 index d57badd1c..000000000 --- a/makefu/2configs/bitwarden.nix +++ /dev/null @@ -1,50 +0,0 @@ -{ pkgs, ... }: -let - port = 8812; -in { - services.vaultwarden = { - enable = true; - dbBackend = "postgresql"; - config.signups_allowed = false; - config.rocketPort = port; - config.domain = "https://bw.euer.krebsco.de"; - #config.databaseUrl = "postgresql://bitwardenuser:${dbPassword}@localhost/bitwarden"; - config.databaseUrl = "postgresql:///bitwarden"; - config.websocket_enabled = true; - }; - - systemd.services.vaultwarden.after = [ "postgresql.service" ]; - - services.postgresql = { - enable = true; - ensureDatabases = [ "bitwarden" ]; - ensureUsers = [ - { name = "bitwarden_rs"; ensurePermissions."DATABASE bitwarden" = "ALL PRIVILEGES"; } - { name = "vaultwarden"; ensurePermissions."DATABASE bitwarden" = "ALL PRIVILEGES"; } - ]; - }; - services.postgresqlBackup = { - enable = true; - databases = [ "bitwarden" ]; - }; - systemd.services.postgresqlBackup-bitwarden.serviceConfig.SupplementaryGroups = [ "download" ]; - - - services.nginx.virtualHosts."bw.euer.krebsco.de" ={ - forceSSL = true; - enableACME = true; - - locations."/" = { - proxyPass = "http://localhost:8812"; - proxyWebsockets = true; - }; - locations."/notifications/hub" = { - proxyPass = "http://localhost:3012"; - proxyWebsockets = true; - }; - locations."/notifications/hub/negotiate" = { - proxyPass = "http://localhost:8812"; - proxyWebsockets = true; - }; - }; -} diff --git a/makefu/2configs/bluetooth-mpd.nix b/makefu/2configs/bluetooth-mpd.nix deleted file mode 100644 index e007b6072..000000000 --- a/makefu/2configs/bluetooth-mpd.nix +++ /dev/null @@ -1,73 +0,0 @@ -{ pkgs, config, lib, ... }: - -let - cfg = config.makefu.mpd; -in { - options.makefu.mpd.musicDirectory = lib.mkOption { - description = "music Directory"; - default = "/data/music"; - type = lib.types.str; - }; - config = { - services.mpd = { - enable = true; - inherit (cfg) musicDirectory; - network.listenAddress = "0.0.0.0"; - extraConfig = '' - audio_output { - type "pulse" - name "Local MPD" - server "127.0.0.1" - } - ''; - }; - # open because of truestedInterfaces - # networking.firewall.allowedTCPPorts = [ 6600 4713 ]; - services.samba.shares.music = { - path = cfg.musicDirectory; - "read only" = "no"; - browseable = "yes"; - "guest ok" = "yes"; - }; - - sound.enable = true; - hardware.pulseaudio = { - enable = true; - package = pkgs.pulseaudioFull; - # systemWide = true; - support32Bit = true; - zeroconf.discovery.enable = true; - zeroconf.publish.enable = true; - tcp = { - enable = true; - # PULSE_SERVER=192.168.1.11 pavucontrol - anonymousClients.allowAll = true; - anonymousClients.allowedIpRanges = [ "127.0.0.1" "192.168.0.0/16" ]; - }; - configFile = pkgs.writeText "default.pa" '' - load-module module-udev-detect - load-module module-bluetooth-policy - load-module module-bluetooth-discover - load-module module-native-protocol-unix auth-anonymous=1 - load-module module-always-sink - load-module module-console-kit - load-module module-systemd-login - load-module module-intended-roles - load-module module-position-event-sounds - load-module module-filter-heuristics - load-module module-filter-apply - load-module module-switch-on-connect - load-module module-equalizer-sink - load-module module-dbus-protocol - #load-module module-bluez5-device - #load-module module-bluez5-discover - ''; - }; - # connect via https://nixos.wiki/wiki/Bluetooth#Using_Bluetooth_headsets_with_PulseAudio - hardware.bluetooth.enable = true; - # environment.etc."bluetooth/audio.conf".text = '' - # [General] - # Enable = Source,Sink,Media,Socket - # ''; - }; -} diff --git a/makefu/2configs/bureautomation/automation/bureau-shutdown.nix b/makefu/2configs/bureautomation/automation/bureau-shutdown.nix deleted file mode 100644 index f4c10adc8..000000000 --- a/makefu/2configs/bureautomation/automation/bureau-shutdown.nix +++ /dev/null @@ -1,87 +0,0 @@ -{ - services.home-assistant.config.automation = - [ - { alias = "Turn on Fernseher on group home"; - trigger = { - platform = "state"; - entity_id = "group.team"; - from = "not_home"; - to = "home"; - for.seconds = 30; - }; - action = [ - { - service = "homeassistant.turn_on"; - entity_id = [ - "switch.fernseher" - "switch.feuer" - ]; - } - { - service = "media_player.kodi_call_method"; - data = { - entity_id = "media_player.kodi"; - method = "Player.Open"; - item.partymode = "music"; - }; - } - { - service = "notify.telegrambot"; - data = { - title = "Bureau Startup"; - message = "Das Büro wurde eröffnet"; - }; - } - ]; - } - { alias = "Turn off Fernseher after last in group left"; - trigger = [ - { # trigger when movement was detected at the time - platform = "state"; - entity_id = "group.team"; - from = "home"; - to = "not_home"; - } - { # trigger at 18:00 no matter what - # to avoid 'everybody left before 18:00:00' - platform = "time"; - at = "18:00:00"; - } - ]; - action = [ - { - service = "homeassistant.turn_off"; - entity_id = [ - "switch.fernseher" - "switch.feuer" - "light.status_felix" - "light.status_daniel" - ]; - } - { - service = "notify.telegrambot"; - data_template = { - title = "Bureau Shutdown"; - message = "All devices are turned off due to {{ trigger.platform }}"; - }; - } - ]; - condition = - { condition = "and"; - conditions = [ - { - condition = "time"; - before = "06:30:00"; #only turn off between 6:30 and 18:00 - after = "18:00:00"; - # weekday = [ "mon" "tue" "wed" "thu" "fri" ]; - } - { # if anybody is still there - condition = "state"; - entity_id = "group.team"; - state = "not_home"; - } - ]; - }; - } - ]; -} diff --git a/makefu/2configs/bureautomation/automation/daily-news.nix b/makefu/2configs/bureautomation/automation/daily-news.nix deleted file mode 100644 index 2bafe4795..000000000 --- a/makefu/2configs/bureautomation/automation/daily-news.nix +++ /dev/null @@ -1,20 +0,0 @@ -[ - { - alias = "Daily news for Felix"; - trigger = { - platform = "time"; - at = "07:35:00"; - }; - action = - [ - { - service = "notify.telegrambot"; - data_template = { - title = "Daily News"; - # TODO - message = ""; - }; - } - ]; - } -] diff --git a/makefu/2configs/bureautomation/automation/hass-restart.nix b/makefu/2configs/bureautomation/automation/hass-restart.nix deleted file mode 100644 index 3b3ce0599..000000000 --- a/makefu/2configs/bureautomation/automation/hass-restart.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ - services.home-assistant.config.automation = - [ - { alias = "State on HA start-up"; - trigger = { - platform = "homeassistant"; - event = "start"; - }; - action = [ - # Startup State - { service = "mqtt.publish"; - data = { - topic = "/bam/sonoffs/cmnd/state"; - payload = ""; - }; - } - # Firmware Version - { service = "mqtt.publish"; - data = { - topic = "/bam/sonoffs/cmnd/status"; - payload = "2"; - }; - } - # Will trigger restart of all devices! - #{ service = "mqtt.publish"; - # data = { - # topic = "sonoffs/cmnd/SetOption59"; # configure sending state on power change - # payload = "1"; - # }; - #} - ]; - } - ]; -} diff --git a/makefu/2configs/bureautomation/automation/nachtlicht.nix b/makefu/2configs/bureautomation/automation/nachtlicht.nix deleted file mode 100644 index ade89418d..000000000 --- a/makefu/2configs/bureautomation/automation/nachtlicht.nix +++ /dev/null @@ -1,38 +0,0 @@ -{ - services.home-assistant.config.automation = - [ - # TODO: trigger if it is before dusk and somebody arives but nachtlichter are - # off from last day - # TODO: do not have nachtlicht turned on at night - { - alias = "Turn on Nachtlicht at dusk"; # when it gets dim - trigger = - { platform = "numeric_state"; - entity_id = "sun.sun"; - value_template = "{{ state.attributes.elevation }}"; - below = 10; - - }; - action = - { service = "homeassistant.turn_on"; - entity_id = [ "group.nachtlicht" ]; - }; - } - { - alias = "Turn off Nachtlicht at dawn"; - trigger = - { platform = "sun"; - event = "sunrise"; - offset = "01:30:00"; # on dawn - }; - # TODO: when somebody is still in the buero - # condition = - #{ - #}; - action = - { service = "homeassistant.turn_off"; - entity_id = [ "group.nachtlicht" ]; - }; - } - ]; -} diff --git a/makefu/2configs/bureautomation/automation/philosophische-tuer.nix b/makefu/2configs/bureautomation/automation/philosophische-tuer.nix deleted file mode 100644 index 9586d9a46..000000000 --- a/makefu/2configs/bureautomation/automation/philosophische-tuer.nix +++ /dev/null @@ -1,100 +0,0 @@ -{ config, pkgs, lib, ... }: - -let - short_threshold = 30; #seconds - long_threshold = 30; #minutes - sensor = "binary_sensor.buerotuer_contact"; - - # get the list of all - name = "tueraudio"; - prefix = "http://localhost:8123/local/${name}"; - audiodir = "${config.services.home-assistant.configDir}/www/${name}"; - recordrepo = pkgs.fetchFromGitHub { - owner = "makefu"; - repo = "philosophische_tuer"; - rev = "607eff7"; - sha256 = "1qlyqmc65yfb42q4fzd92vinx4i191w431skmcp7xjncb45lfp8j"; - }; - samples = user: lib.mapAttrsToList - (file: _: ''"${prefix}/${user}/${file}"'') - (builtins.readDir (toString ( recordrepo+ "/recordings/${user}"))); - random_tuerspruch = ''{{['' + (lib.concatStringsSep "," ( - (samples "Felix") ++ (samples "Sofia") ++ (samples "Markus") - )) + ''] | random}}''; # TODO read from derivation -in -{ - systemd.services.copy-philosophische-tuersounds = { - description = "copy philosophische tuer"; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - Type = "oneshot"; - ExecStart = pkgs.writeDash "update-samples" '' - rm -rf "${audiodir}" - cp -vr "${recordrepo}/recordings" "${audiodir}" - ''; - }; - }; - services.home-assistant.config = { - media_extractor = { }; - script."philosophische_tuer" = { - alias = "Durchsage der philosophischen Tür"; - sequence = [ - { service = "media_player.play_media"; - data = { - entity_id = "media_player.mpd"; - media_content_type = "playlist"; - media_content_id = "ansage"; - }; - } - { delay.seconds = 5; } - { service = "media_extractor.play_media"; - entity_id = "media_player.mpd"; - data_template = { - media_content_id = random_tuerspruch; - media_content_type = "MUSIC"; - }; - } - ]; - }; - automation = - [ - { - alias = "Tür offen seit ${toString short_threshold} sekunden"; - trigger = - { platform = "state"; - entity_id = sensor; - to = "on"; - for.seconds = 60; - }; - action = [ - { service = "homeassistant.turn_on"; - entity_id = "script.philosophische_tuer"; - } - ]; - } - { - alias = "Tür offen seit ${toString long_threshold} minuten"; - trigger = - { platform = "state"; - entity_id = sensor; - to = "on"; - for.minutes = long_threshold; - }; - - action = [ - { service = "homeassistant.turn_on"; - entity_id = "script.philosophische_tuer" ; - } - { service = "tts.google_say"; - entity_id = "media_player.mpd"; - data_template = { - message = "BEEP BOOP - Die Tür ist schon seit ${toString long_threshold} Minuten offen! Student Nummer {{ range(1,500) | random }}, bitte schliesse die Tür"; - language = "de"; - }; - } - ]; - } - ]; - }; - -} diff --git a/makefu/2configs/bureautomation/automation/quotes.nix b/makefu/2configs/bureautomation/automation/quotes.nix deleted file mode 100644 index c4625ae30..000000000 --- a/makefu/2configs/bureautomation/automation/quotes.nix +++ /dev/null @@ -1,4 +0,0 @@ -# heiss -Lieber Freund, was für ein Sommer! Ich denke Sie mir im Zimmer sitzend, mehr Omelette als Mensch. -Sommer ist die Zeit, in der es zu heiß ist, um das zu tun, wozu es im Winter zu kalt war. - diff --git a/makefu/2configs/bureautomation/automation/schlechteluft.nix b/makefu/2configs/bureautomation/automation/schlechteluft.nix deleted file mode 100644 index ea1d44515..000000000 --- a/makefu/2configs/bureautomation/automation/schlechteluft.nix +++ /dev/null @@ -1,75 +0,0 @@ -let - long_threshold = 30; -in -{ - services.home-assistant.config.automation = - [ - { - alias = "Bad Air Alarm 60 seconds"; - trigger = - { platform = "numeric_state"; - entity_id = "sensor.air_quality"; - above = 1523; - for.seconds = 60; - }; - condition = { - condition = "and"; - conditions = [ - { condition = "state"; - entity_id = "group.team"; - state = "home"; - } - { condition = "time"; - after = "06:00:00"; - before = "20:00:00"; - } - ]; - }; - - action = [ - { service = "homeassistant.turn_on"; - entity_id = [ - "script.schlechteluft" - ]; - } - ]; - } - { - alias = "Bad Air Alarm ${toString long_threshold} Minutes"; - trigger = - { platform = "numeric_state"; - entity_id = "sensor.air_quality"; - above = 1523; - for.minutes = long_threshold; - }; - condition = { - condition = "and"; - conditions = [ - { condition = "state"; - entity_id = "group.team"; - state = "home"; - } - { condition = "time"; - after = "06:00:00"; - before = "20:00:00"; - } - ]; - }; - - action = [ - { service = "homeassistant.turn_on"; - entity_id = [ - "script.schlechteluft" - ]; - } - { service = "tts.google_say"; - entity_id = "media_player.mpd"; - data_template = { - message = "BEEP BEEP - Die luft ist schon ${toString long_threshold} Minuten schlecht! Student Nummer {{ range(1,500) | random }}, öffne ein Fenster."; - language = "de"; - }; - } - ]; - } - ]; -} diff --git a/makefu/2configs/bureautomation/binary_sensor/buttons.nix b/makefu/2configs/bureautomation/binary_sensor/buttons.nix deleted file mode 100644 index 20590a6b3..000000000 --- a/makefu/2configs/bureautomation/binary_sensor/buttons.nix +++ /dev/null @@ -1,20 +0,0 @@ -let - tasmota_button = name: topic: - # detects a pushbutton press from tasmota - { platform = "mqtt"; - inherit name; - state_topic = "/bam/${topic}/cmnd/POWER"; - availability_topic = "/bam/${topic}/tele/LWT"; - payload_on = "ON"; - payload_off = "OFF"; - payload_available= "Online"; - payload_not_available= "Offline"; - # expire_after = "5"; #expire after 5 seconds - qos = 1; - }; -in { - services.home-assistant.config.binary_sensor = - [ - (tasmota_button "RedButton" "redbutton") - ]; -} diff --git a/makefu/2configs/bureautomation/binary_sensor/motion.nix b/makefu/2configs/bureautomation/binary_sensor/motion.nix deleted file mode 100644 index 0c5a808e0..000000000 --- a/makefu/2configs/bureautomation/binary_sensor/motion.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ - services.home-assistant.config.binary_sensor = - [ - { platform = "mqtt"; - device_class = "motion"; - name = "Motion"; - state_topic = "/bam/easy2/movement/Switch"; - payload_on = "1"; - payload_off = "0"; - availability_topic = "/bam/easy2/tele/LWT"; - payload_available = "Online"; - payload_not_available = "Offline"; - } - ]; -} diff --git a/makefu/2configs/bureautomation/brother-ql-web.nix b/makefu/2configs/bureautomation/brother-ql-web.nix deleted file mode 100644 index 26887db03..000000000 --- a/makefu/2configs/bureautomation/brother-ql-web.nix +++ /dev/null @@ -1,23 +0,0 @@ - {pkgs, ... }: - let - pkg = pkgs.brother_ql_web; - in { - systemd.services.brother-ql-web = { - after = [ "network.target" ]; - description = "Brother QL Web Interface"; - wantedBy = [ "multi-user.target" ]; - environment = { - FLASK_PRINTER = "usb://0x04f9:0x209b/000F1Z401759"; - FLASK_MODEL = "QL-800"; - #FLASK_SERVER_PORT = "8013"; - #FLASK_LABEL_DEFAULT_SIZE = "d24"; - #FLASK_LABEL_DEFAULT_QR_SIZE = "7"; - }; - serviceConfig = { - ExecStart = "${pkg}/bin/brother_ql_web"; - DynamicUser = true; - SupplementaryGroups = "lp"; - Restart = "always"; - }; - }; -} diff --git a/makefu/2configs/bureautomation/camera/comic.nix b/makefu/2configs/bureautomation/camera/comic.nix deleted file mode 100644 index ae24760e3..000000000 --- a/makefu/2configs/bureautomation/camera/comic.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ - services.home-assistant.config.camera = - [ - { name = "Poorly Drawn Lines"; - platform = "generic"; - still_image_url = http://127.0.0.1:8123/local/lines.png ; - } - { name = "XKCD"; - platform = "generic"; - still_image_url = http://127.0.0.1:8123/local/xkcd.png ; - } - ]; -} diff --git a/makefu/2configs/bureautomation/camera/stuttgart.nix b/makefu/2configs/bureautomation/camera/stuttgart.nix deleted file mode 100644 index 0badcb285..000000000 --- a/makefu/2configs/bureautomation/camera/stuttgart.nix +++ /dev/null @@ -1,30 +0,0 @@ - -let - cam = name: still_image_url: - { - inherit name still_image_url; - platform = "generic"; - }; -in -{ - services.home-assistant.config.camera = - [ - ( cam "Max-Eyth-See" https://www.wav-stuttgart.de/webcam/_/webcam1.jpg ) - ( cam "Wilhelma" http://webcam.wilhelma.de/webcam02/webcam02.jpg ) - ( cam "Marktplatz" https://webcam.stuttgart.de/wcam007/current.jpg ) - ( cam "Schoch Areal" https://webcam.stuttgart.de/wcam004/current.jpg ) - ( cam "Leuze" https://webcam.stuttgart.de/wcam005/current.jpg ) - ( cam "Straße Wilhelma" https://webcam.stuttgart.de/wcam006/current.jpg ) - ( cam "Fernsehturm 1" http://webcam.fernsehturmstuttgart.com/current.jpg ) - ( cam "Fernsehturm 2" http://webcam.fernsehturmstuttgart.com/current2.jpg ) - ( cam "Feuerbach Lemberg" http://www.regio7.de/handy/current.jpg ) - ( cam "Flughafen Stuttgart 1" http://webcam.flughafen-stuttgart.de/Flughafen_Stuttgart_Webcam2.jpg ) - ( cam "Flughafen Stuttgart 2" http://webcam.flughafen-stuttgart.de/Flughafen_Stuttgart_Webcam5.jpg ) - ( cam "Flughafen Stuttgart 3" http://webcam.flughafen-stuttgart.de/Flughafen_Stuttgart_Webcam7.jpg ) - ( cam "S21 1" http://webcam-bahnprojekt-stuttgart-ulm.de/S21-Turm-03/s21-turm03.jpg ) - ( cam "S21 2" http://webcam-bahnprojekt-stuttgart-ulm.de/S21-Turm-02/s21-turm-02.jpg ) - ( cam "S21 3" http://webcam-bahnprojekt-stuttgart-ulm.de/S21-Turm-01/s21-turm-01.jpg ) - ( cam "S21 4" http://webcam-bahnprojekt-stuttgart-ulm.de/S21-Jaegerstrasse-Nordkopf/s21-jaegerstrassse-nordkopf.jpg ) - ( cam "S21 5" http://webcam-bahnprojekt-stuttgart-ulm.de/S21-Bahndirektion-Nord/S21-Bundesbahndirektion-Nord.jpg ) - ]; -} diff --git a/makefu/2configs/bureautomation/camera/verkehrskamera.nix b/makefu/2configs/bureautomation/camera/verkehrskamera.nix deleted file mode 100644 index f09dc9423..000000000 --- a/makefu/2configs/bureautomation/camera/verkehrskamera.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ - services.home-assistant.config.camera = - [ - { name = "Baumarkt"; - platform = "generic"; - still_image_url = http://t4915209254324-p80-c0-h6jv2afnujcoftrcstsafb45kdrqv4buy.webdirect.mdex.de/oneshotimage ;# baumarkt - } - { name = "Autobahn Heilbronn"; - platform = "generic"; - still_image_url = https://api.svz-bw.de/v2/verkehrskameras/kameras/K10 ; - } - { name = "Autobahn Singen"; - platform = "generic"; - still_image_url = https://api.svz-bw.de/v2/verkehrskameras/kameras/K11 ; - } - ]; -} diff --git a/makefu/2configs/bureautomation/comic-updater.nix b/makefu/2configs/bureautomation/comic-updater.nix deleted file mode 100644 index 5804d66d2..000000000 --- a/makefu/2configs/bureautomation/comic-updater.nix +++ /dev/null @@ -1,37 +0,0 @@ -{ config, lib, pkgs, buildPythonPackage, ... }: - -let - mq = "192.168.8.11"; - pkg = pkgs.ampel; -in { - systemd.services.comic-updater = { - startAt = "daily"; - description = "update our comics"; - after = [ "network-online.target" ] ++ (lib.optional config.services.mosquitto.enable "mosquitto.service"); - path = with pkgs; [ wget xmlstarlet ]; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - # User = "hass"; - #WorkingDirectory = config.services.home-assistant.configDir; - WorkingDirectory = "/var/lib/homeassistant-docker"; - ExecStart = pkgs.writeDash "update-comics" '' - set -euf - mkdir -p www/ - cd www/ - # poorly drawn lines - pic=$(wget -O- http://www.poorlydrawnlines.com/feed/ \ - | xml sel -t -v '/rss/channel/item/content:encoded' \ - | head -n 2 | sed -n 's/.*src="\([^"]\+\)".*/\1/p' ) - wget "$pic" -nc && cp -v "$(basename "$pic")" lines.png - - #pic=$(curl -L xkcd.com 2>/dev/null | grep imgs.xkcd.com | grep title | sed -n 's/.*src="\([^"]\+\)" .*/https:\1/p') - # xkcd - pic=$(wget -O- https://xkcd.com/rss.xml \ - | xml sel -t -v '/rss/channel/item/description' \ - | head -n 1 | sed -n 's/.*src="\([^"]\+\)".*/\1/p' ) - wget "$pic" -nc && cp -v "$(basename "$pic")" xkcd.png - ''; - PrivateTmp = true; - }; - }; -} diff --git a/makefu/2configs/bureautomation/default.nix b/makefu/2configs/bureautomation/default.nix deleted file mode 100644 index cd162ba3b..000000000 --- a/makefu/2configs/bureautomation/default.nix +++ /dev/null @@ -1,203 +0,0 @@ -{ config, pkgs, lib, ... }: -let - kodi-host = "192.168.8.11"; - unstable = import {}; - confdir = "/var/lib/homeassistant-docker"; -in { - imports = [ - ./ota.nix - ./comic-updater.nix - # ./puppy-proxy.nix - - ./zigbee2mqtt - ./rhasspy.nix - - # hass config - ## complex configs - # ./multi/daily-standup.nix - #./multi/aramark.nix - #./multi/matrix.nix - #./multi/frosch.nix - #./multi/mittagessen.nix - #./multi/10h_timers.nix - - #./switch/tasmota_switch.nix - #./switch/rfbridge.nix - - #./light/statuslight.nix - #./light/buzzer.nix - - #./script/multi_blink.nix - - #./binary_sensor/buttons.nix - #./binary_sensor/motion.nix - - ## ./sensor/pollen.nix requires dwd_pollen - #./sensor/espeasy.nix - #./sensor/airquality.nix - #./sensor/outside.nix - #./sensor/tasmota_firmware.nix - - #./camera/verkehrskamera.nix - #./camera/comic.nix - #./camera/stuttgart.nix - #./automation/bureau-shutdown.nix - #./automation/nachtlicht.nix - #./automation/schlechteluft.nix - #./automation/philosophische-tuer.nix - #./automation/hass-restart.nix - #./device_tracker/openwrt.nix - #./person/team.nix - ]; - - networking.firewall.allowedTCPPorts = [ 8123 ]; - state = [ "/var/lib/hass/known_devices.yaml" ]; - virtualisation.oci-containers.containers.hass = { - image = "homeassistant/home-assistant:latest"; - #user = "${toString config.users.users.kiosk.uid}:${toString config.users.groups.kiosk.gid}"; - #user = "${toString config.users.users.kiosk.uid}:root"; - environment = { - TZ = "Europe/Berlin"; - PUID = toString config.users.users.kiosk.uid; - PGID = toString config.users.groups.kiosk.gid; - UMASK = "007"; - }; - extraOptions = ["--net=host" ]; - volumes = [ - "${confdir}:/config" - "/data/music:/config/media" - #"${confdir}/docker-run:/etc/services.d/home-assistant/run:" - ]; - }; - systemd.tmpfiles.rules = [ - #"f ${confdir}/docker-run 0770 kiosk kiosk - -" - "d ${confdir} 0770 kiosk kiosk - -" - ]; - #services.home-assistant = { - # enable = true; - # package = (unstable.home-assistant.overrideAttrs (old: { - # doInstallCheck = false; - # })).override { - # extraPackages = p: [ - # # TODO: put somewhere else - # (p.callPackage {}) - # # (p.callPackage {}) - # p.APScheduler ]; - # }; - # autoExtraComponents = true; - # config = { - # config = {}; - # discovery = {}; - # homeassistant = { - # name = "Bureautomation"; - # time_zone = "Europe/Berlin"; - # latitude = "48.8265"; - # longitude = "9.0676"; - # elevation = 303; - # auth_providers = [ - # { type = "homeassistant";} - # { type = "legacy_api_password"; - # api_password = "sistemas"; - # } - # { type = "trusted_networks"; - # trusted_networks = [ - # "127.0.0.1/32" - # "192.168.8.0/24" - # "::1/128" - # "fd00::/8" - # ]; - # # allow_bypass_login = true; - # } - # ]; - # }; - # # https://www.home-assistant.io/components/influxdb/ - # influxdb = { - # database = "hass"; - # tags = { - # instance = "wbob"; - # source = "hass"; - # }; - # }; - # mqtt = { - # discovery = true; - # discovery_prefix = "homeassistant"; - # broker = "localhost"; - # port = 1883; - # client_id = "home-assistant"; - # keepalive = 60; - # protocol = 3.1; - # birth_message = { - # topic = "/bam/hass/tele/LWT"; - # payload = "Online"; - # qos = 1; - # retain = true; - # }; - # will_message = { - # topic = "/bam/hass/tele/LWT"; - # payload = "Offline"; - # qos = 1; - # retain = true; - # }; - # }; - # notify = [ - # { - # platform = "kodi"; - # name = "wbob-kodi"; - # host = kodi-host; - # } - # #{ - # # platform = "telegram"; - # # name = "telegrambot"; - # # chat_id = builtins.elemAt - # # (builtins.fromJSON (builtins.readFile - # # )).allowed_chat_ids 0; - # #} - # ]; - # media_player = [ - # { platform = "kodi"; - # host = kodi-host; - # } - # { platform = "mpd"; - # host = "127.0.0.1"; - # } - # ]; - - # # sensor = [{ platform = "version"; }]; # pyhaversion - - - - # frontend = { }; - # http = { - # # TODO: https://github.com/home-assistant/home-assistant/issues/16149 - # # base_url = "http://192.168.8.11:8123"; - # }; - # conversation = {}; - # history = {}; - # logbook = {}; - # tts = [ - # { platform = "google_translate"; - # language = "de"; - # time_memory = 57600; - # service_name = "google_say"; - # } - # { platform = "voicerss"; - # api_key = builtins.readFile ; - # language = "de-de"; - # } - # #{ platform = "picotts"; - # # language = "de-DE"; - # #} - # ]; - # recorder = {}; - # sun = {}; - # #telegram_bot = [ - # # (builtins.fromJSON - # # (builtins.readFile )) - # #]; - # # only for automation - # # feedreader.urls = [ "http://www.heise.de/security/rss/news-atom.xml" ]; - # # we don't use imports because the expressions do not merge in - # # home-assistant - # }; - #}; -} diff --git a/makefu/2configs/bureautomation/deps/aresponses.nix b/makefu/2configs/bureautomation/deps/aresponses.nix deleted file mode 100644 index 9e64d2f65..000000000 --- a/makefu/2configs/bureautomation/deps/aresponses.nix +++ /dev/null @@ -1,38 +0,0 @@ -{ lib -, buildPythonPackage -, fetchPypi -# propagatedBuildInputs -, aiohttp -# buildInputs -, pytest -, pytest-asyncio -}: - -buildPythonPackage rec { - pname = "aresponses"; - version = "1.1.1"; - - src = fetchPypi { - inherit pname version; - sha256 = "d1d6ef52b9a97142d106688cf9b112602ef3dc66f6368de8f91f47241d8cfc9c"; - }; - - propagatedBuildInputs = [ - aiohttp - ]; - - buildInputs = [ - pytest - pytest-asyncio - ]; - - # tests only distributed via git repository, not pypi - doCheck = false; - - meta = with lib; { - description = "Asyncio testing server"; - homepage = "https://github.com/circleup/aresponses"; - license = licenses.mit; - maintainers = [ maintainers.makefu ]; - }; -} diff --git a/makefu/2configs/bureautomation/deps/openwrt-luci-rpc.nix b/makefu/2configs/bureautomation/deps/openwrt-luci-rpc.nix deleted file mode 100644 index 4eceeb146..000000000 --- a/makefu/2configs/bureautomation/deps/openwrt-luci-rpc.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ lib -, buildPythonPackage -, fetchPypi -, click -, requests -, packaging -}: - -buildPythonPackage rec { - pname = "openwrt-luci-rpc"; - version = "1.1.2"; - - src = fetchPypi { - inherit pname version; - sha256 = "174a1f6c0bb2a2ed76e5299d14e2be05c612e8bcd4c15b9a9aedee1ef8e18b90"; - }; - - patchPhase = '' - sed -i -e "s/requests==2.21.0/requests/" -e "s/packaging==19.1/packaging/" setup.py - ''; - - propagatedBuildInputs = [ - click - requests - packaging - ]; - - meta = with lib; { - description = "Module for interacting with OpenWrt Luci RPC interface"; - homepage = https://github.com/fbradyirl/openwrt-luci-rpc; - license = licenses.asl20; - maintainers = [ maintainers.makefu ]; - }; -} diff --git a/makefu/2configs/bureautomation/device_tracker/openwrt.nix b/makefu/2configs/bureautomation/device_tracker/openwrt.nix deleted file mode 100644 index b597548ef..000000000 --- a/makefu/2configs/bureautomation/device_tracker/openwrt.nix +++ /dev/null @@ -1,18 +0,0 @@ -# requires `opkg install luci-mod-rpc` on router -# see https://www.home-assistant.io/components/luci/ - -{ - services.home-assistant.config.device_tracker = - [ - { platform = "luci"; - host = "192.168.8.1"; - username = "root"; - password = import ; - interval_seconds = 30; # instead of 12seconds - consider_home = 300; # 5 minutes timeout - new_device_defaults = { - track_new_devices = true; - }; - } - ]; -} diff --git a/makefu/2configs/bureautomation/devices/users.nix b/makefu/2configs/bureautomation/devices/users.nix deleted file mode 100644 index 305c0ca86..000000000 --- a/makefu/2configs/bureautomation/devices/users.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ - thorsten-phone = { - name = "Thorsten"; - mac = "8c:f5:a3:bc:83:a0"; - track = true; - hide_if_away = true; - }; - felix-laptop = { - name = "Felix"; - mac = "6c:88:14:b4:43:9c"; - track = true; - hide_if_away = true; - }; - # b0:e5:ed:52:ee:43 - honor8 - # 38:94:96:b0:13:c7 - android-4ef03e4f4a14b6b9 - # ac:5f:3e:cc:b8:5e - Galaxy S7 -} diff --git a/makefu/2configs/bureautomation/kalauerbot.nix b/makefu/2configs/bureautomation/kalauerbot.nix deleted file mode 100644 index aa66e30b4..000000000 --- a/makefu/2configs/bureautomation/kalauerbot.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ config, lib, pkgs, ... }: -let - oofdir = fetchTarball { - url = "https://o.euer.krebsco.de/s/AZn9QPLGFZeDfNq/download"; - sha256 = "1wa59rkgffql6hbiw9vv0zh35wx9x1cp4bnwicprbd0kdxj75miz"; - }; - -in -{ - systemd.services.kalauerbot = { - description = "Kalauerbot"; - after = [ "network-online.target" ]; - wantedBy = [ "multi-user.target" ]; - environment = import // { - "KALAUER_OOFDIR" = oofdir; - }; - serviceConfig = { - DynamicUser = true; - StateDirectory = "kalauerbot"; - WorkingDirectory = "/var/lib/kalauerbot"; - ExecStart = "${pkgs.kalauerbot}/bin/kalauerbot"; - PrivateTmp = true; - - Restart = "always"; - RuntimeMaxSec = "12h"; - }; - }; -} diff --git a/makefu/2configs/bureautomation/led-fader.nix b/makefu/2configs/bureautomation/led-fader.nix deleted file mode 100644 index d7f728534..000000000 --- a/makefu/2configs/bureautomation/led-fader.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ config, lib, pkgs, buildPythonPackage, ... }: - -let - mq = "192.168.8.11"; - pkg = pkgs.ampel; -in { - systemd.services.led-fader = { - description = "Send led change to message queue"; - environment = { - NIX_PATH = "/var/src"; - }; - after = [ "network-online.target" ] ++ (lib.optional config.services.mosquitto.enable "mosquitto.service"); - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - # User = "nobody"; # need a user with permissions to run nix-shell - ExecStartPre = pkgs.writeDash "sleep.sh" "sleep 2"; - ExecStart = "${pkg}/bin/ampel"; - Restart = "always"; - RestartSec = 10; - PrivateTmp = true; - }; - }; -} diff --git a/makefu/2configs/bureautomation/lib/scripts.nix b/makefu/2configs/bureautomation/lib/scripts.nix deleted file mode 100644 index d8665f94f..000000000 --- a/makefu/2configs/bureautomation/lib/scripts.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ lib, ... }: -{ - multi_flash = { entity, delays ? [ 500 ], alias ? "${entity}_multi_flash_${toString (lib.length delays)}" }: - { - inherit alias; - sequence = lib.flatten (builtins.map (delay: [ - { service = "homeassistant.turn_on"; - data.entity_id = entity; - } - { delay.milliseconds = delay; } - { service = "homeassistant.turn_off"; - data.entity_id = entity; - } - { delay.milliseconds = delay; } - ] - ) delays); - }; -} diff --git a/makefu/2configs/bureautomation/light/buzzer.nix b/makefu/2configs/bureautomation/light/buzzer.nix deleted file mode 100644 index 4851dbd9b..000000000 --- a/makefu/2configs/bureautomation/light/buzzer.nix +++ /dev/null @@ -1,30 +0,0 @@ -let - tasmota_pwm = name: topic: pwmid: max: - let - id = "PWM${toString pwmid}"; - in { platform = "mqtt"; - inherit name; - state_topic = "/bam/${topic}/stat/RESULT"; - state_value_template = ''{%- if value_json["PWM"]["${id}"]| int > 0 -%} ${toString max} {%- else -%} 0 {%- endif -%}''; - - command_topic = "/bam/${topic}/cmnd/${id}"; - on_command_type = "brightness"; - brightness_command_topic = "/bam/${topic}/cmnd/${id}"; - brightness_value_template = ''{{value_json["PWM"]["${id}"]}}''; - brightness_scale = max; - payload_on = "${toString max}"; - payload_off = "0"; - availability_topic = "/bam/${topic}/tele/LWT"; - payload_available= "Online"; - payload_not_available= "Offline"; - retain = true; - optimistic = false; - qos = 0; - }; -in { - services.home-assistant.config.light = - [ - # (tasmota_pwm "RedButton LED" "redbutton" 1 1023) #LED PWM1 - # (tasmota_pwm "RedButton Buzzer" "redbutton" 2 512) #buzzer PWM2 - ]; -} diff --git a/makefu/2configs/bureautomation/light/statuslight.nix b/makefu/2configs/bureautomation/light/statuslight.nix deleted file mode 100644 index de65a2379..000000000 --- a/makefu/2configs/bureautomation/light/statuslight.nix +++ /dev/null @@ -1,58 +0,0 @@ -let - tasmota_rgb = name: topic: -# LED WS2812b -# effect_state_topic: "stat/led/Scheme" -# effect_command_topic: "cmnd/led/Scheme" -# effect_value_template: "{{ value_json.Scheme }}" - { platform = "mqtt"; - inherit name; - retain = false; - qos = 1; - #optimistic = true; - # state - command_topic = "/bam/${topic}/cmnd/POWER"; - state_topic = "/bam/${topic}/tele/STATE"; - value_template = "{{ value_json.POWER }}"; - availability_topic = "/bam/${topic}/tele/LWT"; - payload_on = "ON"; - payload_off = "OFF"; - payload_available= "Online"; - payload_not_available= "Offline"; - # brightness - brightness_state_topic = "/bam/${topic}/tele/STATE"; - brightness_value_template = "{{value_json.Dimmer|default(100)}}"; - brightness_command_topic = "/bam/${topic}/cmnd/Dimmer"; - brightness_scale = 100; - # color - rgb_state_topic = "/bam/${topic}/stat/RESULT"; - rgb_command_topic = "/bam/${topic}/cmnd/Color2"; - rgb_value_template = "{{(value_json.Channel[0]*2.55)|int}},{{(value_json.Channel[1]*2.55)|int}},{{(value_json.Channel[2]*2.55)|int}}"; - - # effects - effect_state_topic = "/bam/${topic}/tele/STATE"; - effect_value_template = "{{value_json.Scheme|default(0)}}"; - effect_command_topic = "/bam/${topic}/cmnd/Scheme"; - effect_list = [ - 0 # single color for LED light - 1 # start wake up sequence (same as Wakeup) - 2 # cycle up through colors using Speed option - 3 # cycle down through colors using Speed option - 4 # random cycle through colors using Speed and Fade - 5 # clock mode (example) - 6 # candlelight pattern - 7 # RGB pattern - 8 # Christmas pattern - 9 # Hannukah pattern - 10 # Kwanzaa pattern - 11 # rainbow pattern - 12 # fire pattern - ]; - }; -in { - services.home-assistant.config.light = - [ - (tasmota_rgb "Status Felix" "status1") - (tasmota_rgb "Status Daniel" "status2") - (tasmota_rgb "Buslicht" "buslicht") - ]; -} diff --git a/makefu/2configs/bureautomation/mpd.nix b/makefu/2configs/bureautomation/mpd.nix deleted file mode 100644 index 1f5acb357..000000000 --- a/makefu/2configs/bureautomation/mpd.nix +++ /dev/null @@ -1,9 +0,0 @@ -{lib,pkgs, ... }: - -{ - systemd.services."ympd-wbob" = { - description = "mpd "; - wantedBy = [ "multi-user.target" ]; - serviceConfig.ExecStart = "${pkgs.ympd}/bin/ympd --host localhost --port 6600 --webport 8866 --user nobody"; - }; -} diff --git a/makefu/2configs/bureautomation/multi/10h_timers.nix b/makefu/2configs/bureautomation/multi/10h_timers.nix deleted file mode 100644 index 6edcde4b0..000000000 --- a/makefu/2configs/bureautomation/multi/10h_timers.nix +++ /dev/null @@ -1,210 +0,0 @@ -{lib, ... }: -let - persons = [ "frank" "daniel" "thorsten" "carsten" "ecki" "felix" - "thierry" # tjeri - "emeka" - "tancrede" - ]; - random_zu_lange = name: ''{{ [ - "Du musst jetzt endlich nach Hause gehen ${name}!", - "${name} - 10 Stunden sind rum, bald schenkst du den Franzosen deine Lebenszeit", - "Nur eine Minute über 10 Stunden kann zu einer Stunde Arbeit für Thorsten werden, ${name}.", - "In 10 Minuten kommt dich der Security Mann holen, ${name}", - "Das Sandmännchen ist schon vorbei, gleich fallen dir die Augen zu ${name}.", - "Wenn ${name} sofort los geht, dann ist er noch rechtzeitig für den Tatort zu Hause.", - "${name} muss jetzt gehen, sonst verpasst er die Tagesschau!", - "Es ist spät ${name}. Ausstempeln hilft zwar kurzfristig, kann aber zu langfristigen Problemen führen.", - "${name}, wenn du nach zehn Stunden nach Hause gehst, muss dir dein Vorgesetzter ein Taxi bestellen", - "${name}, wenn du nach zehn Stunden nach Hause gehst, bist du auf dem Rückweg nicht mehr versichert!", - "Zu lange, ${name}!" ] | random }}'' ; - - - random_announce = name: ''{{ [ - "${name} is in da House", - "Ahoi ${name}", - "Hallöchen Popöchen ${name}", - "Moinsen ${name}", - "Moin Moin ${name}", - "Palim, Palim ${name}", - "Vorwärts Genosse ${name}", - "Gemeinsame Grüße, Genosse ${name}", - "Sozialistische Grüße, Genosse ${name}", - "Konzentrierte Grüße, Genosse ${name}", - "Ach, der ${name} ist auch wieder da...", - "Nicht ${name} schon wieder", - "Tri tra tralala, der ${name} ist wieder da.", - "Na sieh mal einer an, ${name} hat es auch her geschafft", - "Wer ist im Büro eingetroffen? ${name} ist es!", - "Willkommen in deinem Lieblingsbüro, ${name}.", - "Klopf, Klopf, wer ist da? ${name} ist da!", - "Messer, Gabel, Schere, Licht sind für kleinen ${name} nicht.", - "Ich kenne ein Geheimnis, ${name} ist angekommen", - "Wir sind ${name}. Sie werden assimiliert werden", - "Achtung, es erfolgt eine Durchsage. ${name} ist eingetroffen", - "Die Scanner haben eine dem System bekannte Lebensform mit dem Namen ${name} detektiert", - "Das Büro sieht dich, ${name}", - "Das Büro riecht dich, ${name}", - "Im Kalender von ${name} sind heute acht Meetings eingeplant, von denen zwei bereits verpasst wurden", - "Das Postfach von ${name} beinhaltet einhundertachtundzwanzig ungelesene E-Mails.", - "Nachricht von Serge: ${name}, bitte melden Sie sich Umgehend bei mir im Büro!", - "Luftqualität hat sich durch das Eintreffen von ${name} um zweihundert Punkte verschlechtert, bitte alle Fenster öffnen.", - "Die Tür geht auf, wer mag das sein? Schon schreitet hier der ${name} ein. Das Volk, es jubelt, Dirnen schmachten. Fürs Festmahl beginnt man schon zu schlachten. Er wird nur nach dem besten streben! Der ${name}, er soll lange leben!", - "${name} arbeitet gern für seinen Konzern", - "${name} ist nur froh im Großraumbüro", - "Für ${name} ist die schönste Zeit ... die Arbeit", - "Ein Fleißbienchen für ${name} zum rechtzeitigen Erscheinen im Büro", - "${name} ist heute wohl doch nicht im Office Home", - "${name} ist bereit für einen Tag voller Meetings", - "Und es startet für ${name} wieder ein Tag im Paradies", - "Lieber ${name}, Markus Keck hat dich bereits drei mal Versucht anzurufen!", - "Trotz schwerer Männergrippe ist ${name} heute im Büro erschienen.", - "${name} kennt keine Parteien mehr, ${name} kennt nur noch Arbeitsplätze", - "${name}, Frage nicht, was dein Arbeitsplatz für dich tun kann. Frage, was du für deinen Arbeitsplatz tun kannst", - "${name} läuft bis in den Jemen - für sein Unternehmen. ${name} schwimmt bis nach Birma - für seine Firma", - "Der Cyberian ${name} ist gekommen um die Bahnwelt vor Cyber-Angriffen zu schützen", - "Alles paletto im Ghetto, ${name}?", - "Hach, ${name}, wenn du hier rein kommst fühlt es sich gleich wieder an wie Montag.", - "Oh nein, nicht schon wieder ${name}", - "Wer wohnt in der Ananas ganz tief im Meer? ${name} Schwammkopf!", - "Arbeit ist Freizeit! Wachstum ist Fortschritt! Sicherheit ist Freiheit! Eine kleine Erinnerung für ${name}"] | random }}'' ; - tmr_10h = name: { - "${name}_10h" = { - name = "${name} 10h Timer"; - duration = "10:00:00"; - }; - }; - - zu_lange_user = name: - { "zu_lange_${name}" = { - alias = "Random Zu Lange ${name}"; - - sequence = [ - { service = "media_player.play_media"; - data = { - entity_id = "media_player.mpd"; - media_content_type = "playlist"; - media_content_id = "ansage"; - }; - } - { delay.seconds = 5; } - { service = "tts.google_say"; - entity_id = "media_player.mpd"; - data_template = { - message = random_zu_lange name; - language = "de"; - }; - } - ]; - }; - }; - announce_user = name: - { "announce_${name}" = { - alias = "Random Announce ${name}"; - sequence = [ - { delay.seconds = 7; } - { service = "media_player.play_media"; - data = { - entity_id = "media_player.mpd"; - media_content_type = "playlist"; - media_content_id = "ansage"; - }; - } - { delay.seconds = 4; } - { service = "tts.google_say"; - entity_id = "media_player.mpd"; - data_template = { - message = random_announce name; - language = "de"; - }; - } - ]; - }; - }; - automation_10h = name: [ - { alias = "start ${name} 10h"; - trigger = { - platform = "state"; - entity_id = [ "person.${name}"]; - from = "not_home"; - to = "home"; - }; - condition = { - condition = "and"; - conditions = [ - { condition = "state"; - entity_id = "timer.${name}_10h"; - state = "idle"; - } - { condition = "time"; - after = "06:00:00"; - before = "12:00:00"; - } - ]; - }; - action = [ - { service = "timer.start"; - entity_id = [ "timer.${name}_10h" ] ; - } - { service = "homeassistant.turn_on"; - entity_id = - [ "switch.fernseher" - "script.blitz_10s" - "script.announce_${name}" - ]; - } - ]; - } - - { alias = "pommes announce ${name}"; - trigger = - { platform = "event"; - event_type = "timer.started"; - event_data.entity_id = "timer.${name}_10h"; - }; - - condition = - { condition = "state"; - entity_id = "binary_sensor.pommes"; - state = "on"; - }; - - action = - { service = "homeassistant.turn_on"; - entity_id = "script.blasen_10s" ; - }; - } - - { alias = "Zu lange ${name}!"; - trigger = - { platform = "event"; - event_type = "timer.finished"; - event_data.entity_id = "timer.${name}_10h"; - }; - - condition = - { condition = "state"; - entity_id = "person.${name}"; - state = "home"; - }; - - action = - { service = "homeassistant.turn_on"; - entity_id = [ - "script.blitz_10s" - "script.zu_lange_${name}" - ]; - }; - } - ]; -in -{ - services.home-assistant.config = { - timer =lib.fold lib.recursiveUpdate {} - (map tmr_10h persons); - automation = (lib.flatten (map automation_10h persons)); - script = lib.fold lib.recursiveUpdate {} ( - (map announce_user persons) ++ - (map zu_lange_user persons) - ); - }; -} diff --git a/makefu/2configs/bureautomation/multi/aramark.nix b/makefu/2configs/bureautomation/multi/aramark.nix deleted file mode 100644 index 45fadb082..000000000 --- a/makefu/2configs/bureautomation/multi/aramark.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ lib, ... }: -let - aramark = topic: name: - { platform = "mqtt"; - inherit name; - state_topic = "/aramark/thales-deutschland/${topic}"; - }; - aramark_menue = menue: - [ - (aramark "${menue}/title" menue) - (aramark "${menue}/description" "${menue} Text") - ((aramark "${menue}/price" "${menue} Preis") // { unit_of_measurement = "€"; }) - ]; -in - { - services.home-assistant.config = - { - sensor = (aramark_menue "Menü 1") - ++ (aramark_menue "Menü 2") - ++ (aramark_menue "Mercato") - ++ (aramark_menue "Aktion"); - binary_sensor = - [ - ((aramark "pommes" "Pommes" ) // { payload_on = "True"; payload_off = "False"; }) - ]; - }; -} diff --git a/makefu/2configs/bureautomation/multi/daily-standup.nix b/makefu/2configs/bureautomation/multi/daily-standup.nix deleted file mode 100644 index 063def1ef..000000000 --- a/makefu/2configs/bureautomation/multi/daily-standup.nix +++ /dev/null @@ -1,57 +0,0 @@ -{lib, ... }: -let - random_daily_text = ''{{ [ - "Es ist so weit, es ist Standup Zeit!", - "Zehn Uhr Fünfunddreissig ist genau die richtige Zeit für ein Standup!", - "Hat jeder seine zum Standup seine Hausaufgaben gemacht. Bitte einmal aufstehen und den Zettel nach rechts geben", - "Aufstehen zum Appell, es wird die Anwesenheit kontrolliert!", - "Hallo Kinder, wisst ihr welche Zeit es ist ... Genau ... Standup Zeit!", - "Morgens, halb elf in Deutschland - das Standupchen" ] | random }}''; - -in { - services.home-assistant.config = - { - script = - { "random_daily" = { - alias = "Random Daily Introduction"; - - sequence = [ - { service = "media_player.play_media"; - data = { - entity_id = "media_player.mpd"; - media_content_type = "playlist"; - media_content_id = "ansage"; - }; - } - { delay.seconds = 5; } - { service = "tts.google_say"; - entity_id = "media_player.mpd"; - data_template = { - message = random_daily_text; - language = "de"; - }; - } - ]; - }; - }; - automation = [ - { - alias = "Daily Standup"; - trigger = { - platform = "time"; - at = "10:35:00"; - }; - action = - [ - { service = "homeassistant.turn_on"; - entity_id = [ - "script.blitz_10s" - "script.random_daily" - ]; - } - ]; - - } - ]; - }; -} diff --git a/makefu/2configs/bureautomation/multi/frosch.nix b/makefu/2configs/bureautomation/multi/frosch.nix deleted file mode 100644 index 61606d4eb..000000000 --- a/makefu/2configs/bureautomation/multi/frosch.nix +++ /dev/null @@ -1,103 +0,0 @@ -{lib, ... }: -# needs: binary_sensor.pommes -# notify.matrix_notify -let - random_pommes = '' {{ [ - "Nur ein Pommes Tag ist ein guter Tag", - "Schaut wie schön sie fliegen, die Pommes Seifenblasen", - "zwo ... eins ... Pommes Zeit", - "I cannot believe it is not Pommes", - "Naja, wenn es sonst schon nichts anderes gibt, kann man jetzt auch pommes nehmen", - "Wenn Aramark was kann, dann ist es frittieren", - "Einmal das Hauptgericht mit Pommes, ohne Hauptgericht", - "Rieche ich da etwa Pommes? JA!", - "Pommes ist auch nur Gemüse,also keine Reue und schlag zu!", - "Mit nur fünf Portionen Pommes kann man schon satt werden.", - "Heute für Sie, 15 Pommes von hand abgezählt", - "Der Weltmarktpreis von Pommes ist durch verschiedene Weltkrisen leider so hoch, dass Aramark den Verkaufspreis verdoppeln musste.", - "Vorfreude, schönste Freude, Freude bei Aramark. Pommes in die Schale rein, alle Kunden werden glücklich sein.", - "In 15 Minuten ist es wieder so weit, es ist Pommes Zeit!"] | random }}''; -in -{ - services.home-assistant.config = - { - sensor = [ - { platform = "mqtt"; - name = "frosch brightness"; - device_class = "illuminance"; - state_topic = "/bam/frosch/sensor/brightness/state"; - availability_topic = "/bam/frosch/status"; - payload_available = "online"; - payload_not_available = "offline"; - } - ]; - binary_sensor = [ - { platform = "mqtt"; - name = "frosch auge"; - state_topic = "/bam/frosch/binary_sensor/froschauge/state"; - availability_topic = "/bam/frosch/status"; - payload_available = "online"; - payload_not_available = "offline"; - } - ]; - switch = [ - { platform = "mqtt"; - name = "frosch blasen"; - state_topic = "/bam/frosch/switch/blasen/state"; - command_topic = "/bam/frosch/switch/blasen/command"; - availability_topic = "/bam/frosch/status"; - payload_available = "online"; - payload_not_available = "offline"; - } - ]; - light = []; - automation = [ - { alias = "Pommeszeit"; - trigger = { - platform = "time"; - at = "11:00:00"; - }; - condition = { - condition = "state"; - entity_id = "binary_sensor.pommes"; # from multi/aramark.nix - state = "on"; - }; - action = [ - { service = "homeassistant.turn_on"; - entity_id = [ - "script.pommes_announce" - "script.seifenblasen_30s" # from script/multi_blink.nix - ]; - } - ]; - } - ]; - script = { - pommes_announce = { - alias = "Random Pommes announce"; - sequence = [ - { - service = "media_player.play_media"; - data = { - entity_id = "media_player.mpd"; - media_content_type = "playlist"; - media_content_id = "ansage"; - }; - } - { delay.seconds = 5; } - { - service = "tts.google_say"; - entity_id = "media_player.mpd"; - data_template = { - message = random_pommes; - language = "de"; - }; - } - { service = "notify.matrix_notify"; - data_template.message = random_pommes; - } - ]; - }; - }; - }; -} diff --git a/makefu/2configs/bureautomation/multi/matrix.nix b/makefu/2configs/bureautomation/multi/matrix.nix deleted file mode 100644 index b9b8fc4e8..000000000 --- a/makefu/2configs/bureautomation/multi/matrix.nix +++ /dev/null @@ -1,69 +0,0 @@ -{ lib, ... }: -#matrix: -# password: supersecurepassword -# rooms: -# - "#hasstest:matrix.org" -# commands: -# - word: my_command -# name: my_command -let - mom_room = "!kTQjvTQvfVsvfEtmth:thales.citadel.team"; -in -{ - services.home-assistant.config = - { - matrix = - { - # secrets: - # homeserver, username, password - homeserver = "https://ext01.citadel.team"; - rooms = [ - mom_room - ]; - commands = [ - { - # alternative: expression for regexp - word = "version"; - name = "version"; - } - { - word = "luftqualität"; - name = "luftqualitaet"; - } - ]; - } // (builtins.fromJSON (builtins.readFile - )); - automation = [ - { - alias = "React to !version"; - trigger = { - platform = "event"; - event_type = "matrix_command"; - event_data.command = "version"; - }; - action = { - service = "notify.matrix_notify"; - data_template.message = "Running home-assistant {{states.sensor.current_version.state}}"; - }; - } - { - alias = "React to !luftqualität"; - trigger = { - platform = "event"; - event_type = "matrix_command"; - event_data.command = "luftqualitaet"; - }; - action = { - service = "notify.matrix_notify"; - data_template.message = ''Temp: {{states.sensor.notizen_temperature.state_with_unit | replace (" ","")}}, Hum:{{states.sensor.notizen_humidity.state_with_unit | replace (" ","")}}, airquality:{{states.sensor.air_quality.state_with_unit}}''; - }; - } - - ]; - notify = [{ - name = "matrix_notify"; - platform = "matrix"; - default_room = mom_room; - }]; - }; -} diff --git a/makefu/2configs/bureautomation/multi/mittagessen.nix b/makefu/2configs/bureautomation/multi/mittagessen.nix deleted file mode 100644 index 52ec99a92..000000000 --- a/makefu/2configs/bureautomation/multi/mittagessen.nix +++ /dev/null @@ -1,92 +0,0 @@ -{ lib, ... }: -let - # TODO: remove redundant code (from multi_blink) via lib - flash_entity = { entity, delay ? 500, count ? 4, alias ? "${entity}_blink_${toString count}_${toString delay}" }: - { - inherit alias; - sequence = lib.flatten (builtins.genList (i: [ - { service = "homeassistant.turn_on"; - data.entity_id = entity; - } - { delay.milliseconds = delay; } - { service = "homeassistant.turn_off"; - data.entity_id = entity; - } - { delay.milliseconds = delay; } - ] - ) count); - }; - # TODO: use influxdb and check if pommes - random_mittagessen = '' {{ [ - "Es ist 12 uhr 30. Der Aramark Gourmettempel hat, wie jeden Tag, wieder die feinsten Köstlichkeiten für euch Vorbereitet", - "Heute bei Aramark: Rezepte aus Ländern, von denen Ihr noch nie gehört habt, Deutsch zubereitet", - "Heute bei Aramark im Angebot: Scheiss mit Reis oder Reste von Freitag", - "MHHHH es ist wieder mal so weit, lecker Bayerisch Kraut mit asiatischen Nudeln", - "Es ist 12 Uhr 30 und Heute gibt es nur Pommes, wenn der Pommesfrosch Blasen gespuckt hat.", - "Heute gibt es Pommes leider nicht einzeln zu verkaufen, da die Schälchen alle sind", - "Heute gibt es Pommes, verarscht! Natürlich gibt es nur salzlosen Reis, oder salzlose Nudeln.", - "Heute auf dem Speiseplan: Sushi vom Vortag", - "Aramark Kantinenessen: Der Hunger treibt es rein, der Geiz hält es drin.", - "Das Essen in der Snackeria sieht heute wie die bessere Alternative aus", - "Heute ist wohl wieder ein Beilagen-Tag", - "Lunch time! Good luck, you will need it!", - "Heute vielleicht lieber doch nur einen Salat?", - "Im Büro ist es eh gerade viel zu warm, also ab zur Kantine", - "Im Büro ist es eh gerade viel zu kalt, also ab zur Kantine", - "Heute scheint die Auswahl wieder sehr schwierig zu sein. Vielleicht doch lieber ein Brötchen mit Fleischkäse vom Bäcker beim Baumarkt?", - "Wer hat hier schon wieder ein Meeting auf 12 Uhr gelegt? Skandal!", - "Jetzt nur noch kurz die Mail fertig schreiben und schon kann es los gehen.", - "Es ist 13 Uhr und die Mittagspause ist bald vorbei .... Kleiner Scherz, es ist erst 12:30, aber Ihr hättet auch nicht wirklich etwas verpasst.", - "Hallo, es ist nun 12 Uhr 30! Dies entspricht der Essenszeit aller Büroinsassen. Bitte begebt euch zur Aramark Essensausgabe um euren menschlichen Bedürfnissen nachzukommen."] | random }}''; -in -{ - services.home-assistant.config = { - automation = [ - { alias = "Mittagessen"; - trigger = { - platform = "time"; - at = "12:30:00"; - }; - action = [ - { service = "homeassistant.turn_on"; - entity_id = [ - "script.mittagessen_announce" - "script.blitz_10s" - "script.mittagessenlicht" - ]; - } - ]; - } - ]; - script = { - mittagessenlicht = (flash_entity { - entity = "switch.bauarbeiterlampe"; - alias = "Bauarbeiterlampe Mittagessenlicht"; - delay = 1000; - count = 5; - }); - mittagessen_announce = { - alias = "Random Mittagessen announce"; - sequence = [ - { - service = "media_player.play_media"; - data = { - entity_id = "media_player.mpd"; - media_content_type = "playlist"; - media_content_id = "ansage"; - }; - } - { delay.seconds = 5; } - { - service = "tts.google_say"; - entity_id = "media_player.mpd"; - data_template = { - message = random_mittagessen; - language = "de"; - }; - } - ]; - }; - }; - }; -} diff --git a/makefu/2configs/bureautomation/office-radio/default.nix b/makefu/2configs/bureautomation/office-radio/default.nix deleted file mode 100644 index d1c0f4730..000000000 --- a/makefu/2configs/bureautomation/office-radio/default.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ - imports = [ - ./mpd.nix - ./webserver.nix - ]; -} diff --git a/makefu/2configs/bureautomation/office-radio/mpd.nix b/makefu/2configs/bureautomation/office-radio/mpd.nix deleted file mode 100644 index 4fc31fff9..000000000 --- a/makefu/2configs/bureautomation/office-radio/mpd.nix +++ /dev/null @@ -1,58 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - mpds = import ./mpdconfig.nix; - systemd_mpd = name: value: let - path = "/var/lib/mpd-${name}"; - num = lib.strings.fixedWidthNumber 2 value; - mpdconf = pkgs.writeText "mpd-config-${name}" '' - music_directory "${path}/music" - playlist_directory "${path}/playlists" - db_file "${path}/tag_cache" - state_file "${path}/state" - sticker_file "${path}/sticker.sql" - - bind_to_address "127.0.0.1" - port "66${num}" - log_level "default" - auto_update "yes" - audio_output { - type "httpd" - name "Office Radio ${num} - ${name}" - encoder "vorbis" # optional - port "280${num}" - quality "5.0" # do not define if bitrate is defined - # bitrate "128" # do not define if quality is defined - format "44100:16:2" - always_on "yes" # prevent MPD from disconnecting all listeners when playback is stopped. - tags "yes" # httpd supports sending tags to listening streams. - } - ''; -in { - after = [ "network.target" ]; - description = "Office Radio MPD ${toString value} - ${name}"; - wantedBy = ["multi-user.target"]; - serviceConfig = { - #User = "mpd"; - DynamicUser = true; - ExecStart = "${pkgs.mpd}/bin/mpd --no-daemon ${mpdconf}"; - LimitRTPRIO = 50; - LimitRTTIME = "infinity"; - ProtectSystem = true; - NoNewPrivileges = true; - ProtectKernelTunables = true; - ProtectControlGroups = true; - ProtectKernelModules = true; - RestrictAddressFamilies = "AF_INET AF_INET6 AF_UNIX AF_NETLINK"; - RestrictNamespaces = true; - Restart = "always"; - StateDirectory = [ "mpd-${name}" ]; - }; - }; -in - { - systemd.services = lib.attrsets.mapAttrs' (name: value: - lib.attrsets.nameValuePair - ("office-radio-" +name) (systemd_mpd name value)) - mpds; - } diff --git a/makefu/2configs/bureautomation/office-radio/mpdconfig.nix b/makefu/2configs/bureautomation/office-radio/mpdconfig.nix deleted file mode 100644 index b48ceb629..000000000 --- a/makefu/2configs/bureautomation/office-radio/mpdconfig.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ - "cybertisch1" = 0; - "cybertisch2" = 1; - "cyberklo" = 2; - "baellebad" = 3; -} diff --git a/makefu/2configs/bureautomation/office-radio/webserver.nix b/makefu/2configs/bureautomation/office-radio/webserver.nix deleted file mode 100644 index e2fc6d9e8..000000000 --- a/makefu/2configs/bureautomation/office-radio/webserver.nix +++ /dev/null @@ -1,40 +0,0 @@ -{ pkgs, ... }: -let - mpds = import ./mpdconfig.nix; - pkg = pkgs.office-radio; -in { - systemd.services.office-radio-appsrv = { - after = [ "network.target" ]; - description = "Office Radio Appserver"; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - ExecStart = "${pkg}/bin/office-radio"; - DynamicUser = true; - ProtectSystem = true; - NoNewPrivileges = true; - ProtectKernelTunables = true; - ProtectControlGroups = true; - ProtectKernelModules = true; - RestrictAddressFamilies = "AF_INET AF_INET6 AF_UNIX AF_NETLINK"; - RestrictNamespaces = true; - Restart = "always"; - }; - }; - systemd.services.office-radio-stopper = { - after = [ "network.target" ]; - description = "Office Radio Script to stop idle streams"; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - ExecStart = "${pkg}/bin/stop-idle-streams"; - DynamicUser = true; - ProtectSystem = true; - NoNewPrivileges = true; - ProtectKernelTunables = true; - ProtectControlGroups = true; - ProtectKernelModules = true; - RestrictAddressFamilies = "AF_INET AF_INET6 AF_UNIX AF_NETLINK"; - RestrictNamespaces = true; - Restart = "always"; - }; - }; -} diff --git a/makefu/2configs/bureautomation/ota.nix b/makefu/2configs/bureautomation/ota.nix deleted file mode 100644 index f2f931d21..000000000 --- a/makefu/2configs/bureautomation/ota.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ - # mosquitto_pub -t /bam/sonoffs/cmnd/OtaUrl -m "http://192.168.8.11/sonoff.bin" - # mosquitto_pub -t /bam/sonoffs/cmnd/upgrade -m "6.5.0" - # wget https://github.com/arendst/Sonoff-Tasmota/releases/download/v6.5.0/sonoff.bin - # wget https://github.com/arendst/Sonoff-Tasmota/releases/download/v6.5.0/sonoff-minimal.bin - services.nginx = { - enable = true; - virtualHosts."192.168.8.11" = { - root = "/var/www/tasmota"; - extraConfig = '' - autoindex on; - ''; - }; - }; -} diff --git a/makefu/2configs/bureautomation/person/team.nix b/makefu/2configs/bureautomation/person/team.nix deleted file mode 100644 index d0d13dd98..000000000 --- a/makefu/2configs/bureautomation/person/team.nix +++ /dev/null @@ -1,87 +0,0 @@ -{config, ... }: -{ - # all configured persons become part of group "team" - services.home-assistant.config.group.team = { - name = "team"; - entities = map (x: "person.${x.name}" ) config.services.home-assistant.config.person; - }; - services.home-assistant.config.person = - [ - { name = "Thorsten"; - id = 1; - device_trackers = [ - "device_tracker.thorsten_phone" - #"device_tracker.thorsten_arbeitphone" - ]; - } - { name = "Felix"; - id = 2; - device_trackers = [ - "device_tracker.felix_phone" - "device_tracker.felix_laptop" - ]; - } - { name = "Ecki"; - id = 3; - device_trackers = [ - "device_tracker.ecki_phone" - "device_tracker.ecki_tablet" - ]; - } - { name = "Daniel"; - id = 4; - device_trackers = [ - "device_tracker.daniel_phone" - ]; - } - { name = "Thierry"; - id = 5; - device_trackers = [ - "device_tracker.thierry_phone" - ]; - } - { name = "Frank"; - id = 6; - device_trackers = [ - "device_tracker.frank_phone" - ]; - } - #{ name = "Carsten"; - # id = 7; - # device_trackers = [ - # "device_tracker.carsten_phone" - # ]; - #} - { name = "Emeka"; - id = 8; - device_trackers = [ - "device_tracker.emeka_phone" - ]; - } - { name = "Sabine"; - id = 9; - device_trackers = [ - "device_tracker.sabine_phone" - ]; - } - #{ name = "Tobias"; - # id = 10; - # device_trackers = [ - # "device_tracker.tobias_phone" - # ]; - #} - #{ name = "Tancrede"; - # id = 11; - # device_trackers = [ - # "device_tracker.tancrede_phone" - # "device_tracker.tancrede_laptop" - # ]; - #} - { name = "Chris"; - id = 12; - device_trackers = [ - "device_tracker.chris_phone" - ]; - } - ]; -} diff --git a/makefu/2configs/bureautomation/printer.nix b/makefu/2configs/bureautomation/printer.nix deleted file mode 100644 index 86d5a4069..000000000 --- a/makefu/2configs/bureautomation/printer.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ pkgs, config, ... }: -let - mainUser = config.krebs.build.user.name; -in { - imports = [ - ./brother-ql-web.nix - ]; - services.printing = { - enable = true; - drivers = with pkgs;[ - brlaser - cups-ptouch - ]; - }; - users.users.kiosk.extraGroups = [ "scanner" "lp" ]; - state = [ "/var/lib/cups"]; - users.users.kiosk.packages = with pkgs;[ - python3Packages.brother-ql - libreoffice - qrencode - imagemagick - ]; - - services.udev.extraRules = '' - SUBSYSTEMS=="usb", ATTRS{idVendor}=="04f9", ATTRS{idProduct}=="209b", ATTRS{serial}=="000F1Z401759", MODE="0664", GROUP="lp", SYMLINK+="usb/lp0" - ''; - -} diff --git a/makefu/2configs/bureautomation/puppy-proxy.nix b/makefu/2configs/bureautomation/puppy-proxy.nix deleted file mode 100644 index 9e3542509..000000000 --- a/makefu/2configs/bureautomation/puppy-proxy.nix +++ /dev/null @@ -1,5 +0,0 @@ -{ pkgs, ... }: -# streamlink 'https://www.ustream.tv/channel/maximilian-schnauzers-cam4' worst --player-external-http --player-external-http-port 15321 --player-passthrough rtsp --retry-streams 60 -{ - environment.systemPackages = [ pkgs.liveproxy ]; -} diff --git a/makefu/2configs/bureautomation/rhasspy.nix b/makefu/2configs/bureautomation/rhasspy.nix deleted file mode 100644 index 8fbfd9312..000000000 --- a/makefu/2configs/bureautomation/rhasspy.nix +++ /dev/null @@ -1,41 +0,0 @@ -{ config, ... }: -let - profiles = "/var/lib/rhasspy"; - kiosk_id = toString config.users.users.kiosk.uid; -in -{ - virtualisation.oci-containers.containers.rhasspy = { - image = "rhasspy/rhasspy:latest"; - - environment = { - TZ = "Europe/Berlin"; - #PULSE_SERVER = "unix:/run/user/0/pulse/native"; - PULSE_SERVER = "tcp:${ config.krebs.build.host.name }:4713"; - - }; - - ports = [ - "12101:12101" - # "12183:12183" - ]; - #user = kiosk_id; - - volumes = [ - "/etc/localtime:/etc/localtime:ro" - "${profiles}:/profiles" - # TODO pulseaudio - #"/run/user/${kiosk_id}/pulse/native:/run/user/0/pulse/native" - #"${config.users.users.kiosk.home}/.config/pulse/cookie:/root/.config/pulse/cookie:ro" - ]; - - cmd = [ "--user-profiles" "/profiles" "--profile" "de" ]; - extraOptions = [ - "--device=/dev/snd:/dev/snd" "--group-add=audio" - "--net=host" - ]; - }; - systemd.tmpfiles.rules = [ - "d ${profiles} 0770 root root - -" - ]; - systemd.services.docker-rhasspy.after = [ "desktop-manager.service" ]; -} diff --git a/makefu/2configs/bureautomation/script/multi_blink.nix b/makefu/2configs/bureautomation/script/multi_blink.nix deleted file mode 100644 index 753918f31..000000000 --- a/makefu/2configs/bureautomation/script/multi_blink.nix +++ /dev/null @@ -1,60 +0,0 @@ -{lib, ... }: -let - # TODO: flash with different delay - - # let an entity blink for X times with a delay of Y milliseconds - flash_entity = { entity, delay ? 500, count ? 4, alias ? "${entity}_blink_${toString count}_${toString delay}" }: - { - inherit alias; - sequence = lib.flatten (builtins.genList (i: [ - { service = "homeassistant.turn_on"; - data.entity_id = entity; - } - { delay.milliseconds = delay; } - { service = "homeassistant.turn_off"; - data.entity_id = entity; - } - { delay.milliseconds = delay; } - ] - ) count); - }; -in { - services.home-assistant.config.script = - { - buzz_red_led = (flash_entity { - entity = "light.redbutton_buzzer"; - alias = "Red Button Buzz"; - count = 4; - }); - buzz_red_led_fast = (flash_entity { - entity = "light.redbutton_buzzer"; - delay = 250; - count = 2; - alias = "Red Button Buzz fast"; - }); - blitz_10s = (flash_entity { - entity = "switch.blitzdings"; - delay = 10000; - count = 1; - alias = "blitz for 10 seconds"; - }); - blasen_10s = (flash_entity { - entity = "switch.frosch_blasen"; - delay = 10000; - count = 1; - alias = "blasen for 10 seconds"; - }); - blasen_30s = (flash_entity { - entity = "switch.frosch_blasen"; - delay = 30000; - count = 1; - alias = "blasen for 30 seconds"; - }); - schlechteluft = (flash_entity { - entity = "switch.bauarbeiterlampe"; - alias = "Schlechte Luft Lampe 5 secs"; - delay = 5000; - count = 1; - }); - }; -} diff --git a/makefu/2configs/bureautomation/sensor/airquality.nix b/makefu/2configs/bureautomation/sensor/airquality.nix deleted file mode 100644 index 7d95c3c15..000000000 --- a/makefu/2configs/bureautomation/sensor/airquality.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ - services.home-assistant.config.sensor = - [ - # coming from 2configs/stats/telegraf/ - { platform = "mqtt"; - name = "Air Quality"; - state_topic = "/telegraf/wbob/airquality"; - value_template = "{{ value_json.fields.value }}"; - unit_of_measurement = "VOC"; - } - ]; -} diff --git a/makefu/2configs/bureautomation/sensor/espeasy.nix b/makefu/2configs/bureautomation/sensor/espeasy.nix deleted file mode 100644 index c68f39f1a..000000000 --- a/makefu/2configs/bureautomation/sensor/espeasy.nix +++ /dev/null @@ -1,33 +0,0 @@ -let - espeasy_dht22 = name: [ - { platform = "mqtt"; - name = "${name} DHT22 Temperature"; - device_class = "temperature"; - state_topic = "/bam/${name}/dht22/Temperature"; - availability_topic = "/bam/${name}/tele/LWT"; - payload_available = "Online"; - payload_not_available = "Offline"; - } - { platform = "mqtt"; - device_class = "humidity"; - name = "${name} DHT22 Humidity"; - state_topic = "/bam/${name}/dht22/Humidity"; - availability_topic = "/bam/${name}/tele/LWT"; - payload_available = "Online"; - payload_not_available = "Offline"; - }]; - espeasy_ds18 = name: - { platform = "mqtt"; - name = "${name} DS18 Temperature"; - state_topic = "/bam/${name}/ds18/Temperature"; - availability_topic = "/bam/${name}/tele/LWT"; - payload_available = "Online"; - payload_not_available = "Offline"; - }; -in { - services.home-assistant.config.sensor = - (espeasy_dht22 "easy1") ++ - (espeasy_dht22 "easy2") ++ [ - (espeasy_ds18 "easy3" ) - ]; -} diff --git a/makefu/2configs/bureautomation/sensor/outside.nix b/makefu/2configs/bureautomation/sensor/outside.nix deleted file mode 100644 index e7b4d9a7c..000000000 --- a/makefu/2configs/bureautomation/sensor/outside.nix +++ /dev/null @@ -1,32 +0,0 @@ -{lib,...}: -{ - services.home-assistant.config.sensor = - [ - { platform = "darksky"; - api_key = lib.removeSuffix "\n" - (builtins.readFile ); - language = "de"; - monitored_conditions = [ - "summary" "icon" - "nearest_storm_distance" "precip_probability" - "precip_intensity" - "temperature" # "temperature_high" "temperature_low" - "apparent_temperature" - "hourly_summary" # next 24 hours text - "humidity" - "pressure" - "uv_index" - ]; - units = "si" ; - scan_interval = "00:30:00"; - } - ]; - services.home-assistant.config.luftdaten = { - sensor_id = "26237"; - show_on_map = true; - sensors.monitored_conditions = [ - "P1" - "P2" - ]; - }; -} diff --git a/makefu/2configs/bureautomation/sensor/pollen.nix b/makefu/2configs/bureautomation/sensor/pollen.nix deleted file mode 100644 index 8ddb49e58..000000000 --- a/makefu/2configs/bureautomation/sensor/pollen.nix +++ /dev/null @@ -1,7 +0,0 @@ -[ { - platform = "dwd_pollen"; - partregion_ids = [ - 112 - ]; -} -] diff --git a/makefu/2configs/bureautomation/sensor/tasmota_firmware.nix b/makefu/2configs/bureautomation/sensor/tasmota_firmware.nix deleted file mode 100644 index f5f063dbf..000000000 --- a/makefu/2configs/bureautomation/sensor/tasmota_firmware.nix +++ /dev/null @@ -1,19 +0,0 @@ -let - tasmota_firmware = topic: - { platform = "mqtt"; - name = "${topic} Firmware"; - state_topic = "/bam/${topic}/stat/STATUS2"; - availability_topic = "/bam/${topic}/tele/LWT"; - value_template = "v{{value_json.StatusFWR.Version}}"; - payload_available= "Online"; - payload_not_available= "Offline"; - }; -in -{ - services.home-assistant.config.sensor = - map tasmota_firmware [ - "plug" "plug2" "plug3" "plug4" "plug5" - "status1" "status2" "buslicht" - "rfbridge" - ]; -} diff --git a/makefu/2configs/bureautomation/stream/puppies.nix b/makefu/2configs/bureautomation/stream/puppies.nix deleted file mode 100644 index d22be9ea6..000000000 --- a/makefu/2configs/bureautomation/stream/puppies.nix +++ /dev/null @@ -1,4 +0,0 @@ -[ - { stream_source = "http://127.0.0.1:53422/base64/c3RyZWFtbGluayBodHRwczovL3d3dy51c3RyZWFtLnR2L2NoYW5uZWwvbWF4aW1pbGlhbi1zY2huYXV6ZXJzLWNhbTIgd29yc3Q=/"; - } -] diff --git a/makefu/2configs/bureautomation/switch/rfbridge.nix b/makefu/2configs/bureautomation/switch/rfbridge.nix deleted file mode 100644 index 9b9de7793..000000000 --- a/makefu/2configs/bureautomation/switch/rfbridge.nix +++ /dev/null @@ -1,19 +0,0 @@ -let - topic = "rfbridge"; - bridge = name: payload_on: payload_off: - { platform = "mqtt"; - inherit name payload_on payload_off; - command_topic = "/bam/${topic}/cmnd/rfcode"; - availability_topic = "/bam/${topic}/tele/LWT"; - payload_available= "Online"; - payload_not_available= "Offline"; - }; -in { - services.home-assistant.config.switch = - [ - (bridge "Nachtlicht A" "#414551" "#414554") - (bridge "Nachtlicht B" "#415151" "#415154") - (bridge "Nachtlicht C" "#415451" "#415454") - (bridge "Nachtlicht D" "#41551F" "#415514") - ]; -} diff --git a/makefu/2configs/bureautomation/switch/tasmota_switch.nix b/makefu/2configs/bureautomation/switch/tasmota_switch.nix deleted file mode 100644 index 6c5f6b8a6..000000000 --- a/makefu/2configs/bureautomation/switch/tasmota_switch.nix +++ /dev/null @@ -1,25 +0,0 @@ -let - tasmota_plug = name: topic: - { platform = "mqtt"; - inherit name; - state_topic = "/bam/${topic}/tele/STATE"; - value_template = "{{ value_json.POWER }}"; - command_topic = "/bam/${topic}/cmnd/POWER"; - availability_topic = "/bam/${topic}/tele/LWT"; - payload_on= "ON"; - payload_off= "OFF"; - payload_available= "Online"; - payload_not_available= "Offline"; - retain = false; - qos = 1; - }; -in { - services.home-assistant.config.switch = - [ - (tasmota_plug "Bauarbeiterlampe" "plug") - (tasmota_plug "Blitzdings" "plug2") - (tasmota_plug "Fernseher" "plug3") - (tasmota_plug "Feuer" "plug4") - (tasmota_plug "Blaulicht" "plug5") - ]; -} diff --git a/makefu/2configs/bureautomation/visitor-photostore.nix b/makefu/2configs/bureautomation/visitor-photostore.nix deleted file mode 100644 index 762226549..000000000 --- a/makefu/2configs/bureautomation/visitor-photostore.nix +++ /dev/null @@ -1,57 +0,0 @@ -{ config, lib, pkgs, ... }: -# more than just nginx config but not enough to become a module -let - wsgi-sock = "${workdir}/uwsgi-photostore.sock"; - workdir = config.services.uwsgi.runDir; - wifi-itf = "wlp2s0"; - wifi-ip = "172.16.9.96"; -in { - - services.uwsgi = { - enable = true; - user = "nginx"; - runDir = "/var/lib/photostore"; - plugins = [ "python3" ]; - instance = { - type = "emperor"; - vassals = { - cameraupload-server = { - type = "normal"; - pythonPackages = self: with self; [ pkgs.cameraupload-server ]; - socket = wsgi-sock; - }; - }; - }; - }; - - services.nginx = { - enable = lib.mkDefault true; - virtualHosts.${wifi-ip} = { - locations = { - "/".extraConfig = '' - expires -1; - uwsgi_pass unix://${wsgi-sock}; - uwsgi_param UWSGI_CHDIR ${workdir}; - uwsgi_param UWSGI_MODULE cuserver.main; - uwsgi_param UWSGI_CALLABLE app; - include ${pkgs.nginx}/conf/uwsgi_params; - ''; - }; - }; - }; - - networking.firewall.allowedTCPPorts = [ 80 ]; -# networking.interfaces.${wifi-itf}.ipv4.addresses = [{ -# address = wifi-ip; -# prefixLength = 24; -# }]; - - networking.wireless = { - enable = true; - interfaces = [ wifi-itf ]; - networks.Mobility = { - priority = -999; - psk = null; - }; - }; -} diff --git a/makefu/2configs/bureautomation/zigbee2mqtt/default.nix b/makefu/2configs/bureautomation/zigbee2mqtt/default.nix deleted file mode 100644 index 9bf587d56..000000000 --- a/makefu/2configs/bureautomation/zigbee2mqtt/default.nix +++ /dev/null @@ -1,31 +0,0 @@ -{config, pkgs, lib, ...}: - -let - dataDir = "/var/lib/zigbee2mqtt"; -in - { - # symlink the zigbee controller - - services.zigbee2mqtt = { - enable = true; - inherit dataDir; - settings = { - permit_join = true; - serial.port = "/dev/zigbee"; - homeassistant = true; - frontend.port = 8521; - }; - }; - - state = [ "${dataDir}/devices.yaml" "${dataDir}/state.json" ]; - - systemd.services.zigbee2mqtt = { - # override automatic configuration.yaml deployment - environment.ZIGBEE2MQTT_DATA = dataDir; - after = [ - "home-assistant.service" - "mosquitto.service" - "network-online.target" - ]; - }; -} diff --git a/makefu/2configs/bureautomation/zigbee2mqtt/hass.nix b/makefu/2configs/bureautomation/zigbee2mqtt/hass.nix deleted file mode 100644 index faf864ba6..000000000 --- a/makefu/2configs/bureautomation/zigbee2mqtt/hass.nix +++ /dev/null @@ -1,130 +0,0 @@ -# provides: -# switch -# automation -# binary_sensor -# sensor -# input_select -# timer -let - inherit (import ../lib) zigbee; - prefix = zigbee.prefix; -in -{ - services.home-assistant.config = { - sensor = - - [ - # Sensor for monitoring the bridge state - { - platform = "mqtt"; - name = "Zigbee2mqtt Bridge state"; - state_topic = "${prefix}/bridge/state"; - icon = "mdi:router-wireless"; - } - # Sensor for Showing the Zigbee2mqtt Version - { - platform = "mqtt"; - name = "Zigbee2mqtt Version"; - state_topic = "${prefix}/bridge/config"; - value_template = "{{ value_json.version }}"; - icon = "mdi:zigbee"; - } - # Sensor for Showing the Coordinator Version - { - platform = "mqtt"; - name = "Coordinator Version"; - state_topic = "${prefix}/bridge/config"; - value_template = "{{ value_json.coordinator }}"; - icon = "mdi:chip"; - } - ]; - switch = [ - { - platform = "mqtt"; - name = "Zigbee2mqtt Main join"; - state_topic = "${prefix}/bridge/config/permit_join"; - command_topic = "${prefix}/bridge/config/permit_join"; - payload_on = "true"; - payload_off = "false"; - } - ]; - automation = [ - { - alias = "Zigbee2mqtt Log Level"; - initial_state = "on"; - trigger = { - platform = "state"; - entity_id = "input_select.zigbee2mqtt_log_level"; - }; - action = [ - { - service = "mqtt.publish"; - data = { - payload_template = "{{ states('input_select.zigbee2mqtt_log_level') }}"; - topic = "${prefix}/bridge/config/log_level"; - }; - } - ]; - } - # Automation to start timer when enable join is turned on - { - id = "zigbee_join_enabled"; - alias = "Zigbee Join Enabled"; - trigger = - { - platform = "state"; - entity_id = "switch.zigbee2mqtt_main_join"; - to = "on"; - }; - action = - { - service = "timer.start"; - entity_id = "timer.zigbee_permit_join"; - }; - } - # # Automation to stop timer when switch turned off and turn off switch when timer finished - { - id = "zigbee_join_disabled"; - alias = "Zigbee Join Disabled"; - trigger = [ - { - platform = "event"; - event_type = "timer.finished"; - event_data.entity_id = "timer.zigbee_permit_join"; - } - { - platform = "state"; - entity_id = "switch.zigbee2mqtt_main_join"; - to = "off"; - } - ]; - action = [ - { service = "timer.cancel"; - data.entity_id = "timer.zigbee_permit_join"; - } - { service = "switch.turn_off"; - entity_id = "switch.zigbee2mqtt_main_join"; - } - ]; - } - ]; - input_select.zigbee2mqtt_log_level = - { - name = "Zigbee2mqtt Log Level"; - options = [ - "debug" - "info" - "warn" - "error" - ]; - initial = "info"; - icon = "mdi:format-list-bulleted"; - }; - - timer.zigbee_permit_join = - { - name = "Zigbee Time remaining"; - duration = 120; - }; - }; -} diff --git a/makefu/2configs/collectd/collectd-base.nix b/makefu/2configs/collectd/collectd-base.nix deleted file mode 100644 index 9168d1fa9..000000000 --- a/makefu/2configs/collectd/collectd-base.nix +++ /dev/null @@ -1,42 +0,0 @@ -{ config, lib, pkgs, ... }: - -# graphite-web on port 8080 -# carbon cache on port 2003 (tcp/udp) -with import ; -let - connect-time-cfg = with pkgs; writeText "collectd-connect-time.cfg" '' - LoadPlugin python - - ModulePath "${collectd-connect-time}/lib/${python.libPrefix}/site-packages/" - Import "collectd_connect_time" - - target "wry.r" "localhost" "google.com" - interval 30 - - - ''; - graphite-cfg = pkgs.writeText "collectd-graphite-cfg" '' - LoadPlugin write_graphite - - - Host "heidi.r" - Port "2003" - Prefix "retiolum." - EscapeCharacter "_" - StoreRates false - AlwaysAppendDS false - - - ''; -in { - imports = [ ]; - - nixpkgs.config.packageOverrides = pkgs: with pkgs; { - collectd = pkgs.collectd.override { python= pkgs.python; }; - }; - services.collectd = { - enable = true; - include = [ (toString connect-time-cfg) (toString graphite-cfg) ]; - }; - -} diff --git a/makefu/2configs/dcpp/airdcpp.nix b/makefu/2configs/dcpp/airdcpp.nix deleted file mode 100644 index 60ed6826d..000000000 --- a/makefu/2configs/dcpp/airdcpp.nix +++ /dev/null @@ -1,49 +0,0 @@ -{ config, ... }: -{ - krebs.airdcpp = { - enable = true; - extraGroups = [ "download" ]; - web.port = 5600; - web.users.makefu.password = builtins.readFile ; # watch out for newline! - hubs."krebshub" = - { Nick = "makefu-${config.krebs.build.host.name}"; - Password = builtins.readFile ; - Server = "adcs://hub.nsupdate.info:1511"; - AutoConnect = true; - }; - dcpp = { - shares = { - # Incoming must be writeable! - incoming = { path = config.makefu.dl-dir + "/finished/dcpp"; incoming = true; }; - audiobooks.path = config.makefu.dl-dir + "/finished/audiobooks"; - }; - Nick = "makefu"; - DownloadSpeed = "1000"; - UploadSpeed = "1000"; - }; - }; - networking.firewall.allowedTCPPorts = - [ config.krebs.airdcpp.dcpp.InPort - config.krebs.airdcpp.dcpp.TLSPort - ]; - networking.firewall.allowedUDPPorts = [ config.krebs.airdcpp.dcpp.UDPPort ]; - - services.nginx.virtualHosts."dcpp.${config.krebs.build.host.name}.r".locations."/" = - { proxyPass = "http://localhost:${toString config.krebs.airdcpp.web.port}/"; - - extraConfig = '' - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - gzip_types text/plain application/javascript; - - # Proxy websockets - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - - ''; - }; - state = map (f: "${config.krebs.airdcpp.stateDir}/${f}") - [ "Favorites.xml" "DCPlusPlus.xml" "WebServer.xml" "Recents.xml" "IgnoredUsers.xml" ]; -} diff --git a/makefu/2configs/dcpp/client.nix b/makefu/2configs/dcpp/client.nix deleted file mode 100644 index 3b27778e5..000000000 --- a/makefu/2configs/dcpp/client.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ pkgs, ... }: -{ # ncdc - environment.systemPackages = [ pkgs.ncdc ]; - networking.firewall = { - allowedUDPPorts = [ 51411 ]; - allowedTCPPorts = [ 51411 ]; - }; -} - diff --git a/makefu/2configs/dcpp/hub.nix b/makefu/2configs/dcpp/hub.nix deleted file mode 100644 index f0aac3f32..000000000 --- a/makefu/2configs/dcpp/hub.nix +++ /dev/null @@ -1,121 +0,0 @@ -{ config, lib, pkgs, ... }: - -# search also generates ddclient entries for all other logs - -with import ; -let - ddclientUser = "ddclient"; - sec = toString ; - nsupdate = import "${sec}/nsupdate-hub.nix"; - stateDir = "/var/spool/ddclient"; - cfg = "${stateDir}/cfg"; - ext-if = config.makefu.server.primary-itf; - ddclientPIDFile = "${stateDir}/ddclient.pid"; - - # TODO: correct cert generation requires a `real` internet ip address - - gen-cfg = dict: '' - ssl=yes - cache=${stateDir}/ddclient.cache - pid=${ddclientPIDFile} - ${concatStringsSep "\n" (mapAttrsToList (user: pass: '' - - protocol=dyndns2 - use=web, web=http://ipv4.nsupdate.info/myip - ssl=yes - server=ipv4.nsupdate.info - login=${user} - password='${pass}' - ${user} - - '') dict)} - ''; - uhubDir = "/var/lib/uhub"; - -in { - users.users."${ddclientUser}" = { - uid = genid "ddclient"; - description = "ddclient daemon user"; - home = stateDir; - isSystemUser = true; - createHome = true; - group = ddclientUser; - }; - users.groups.${ddclientUser} = {}; - - systemd.services = { - ddclient-nsupdate-uhub = { - wantedBy = [ "multi-user.target" ]; - after = [ "ip-up.target" ]; - serviceConfig = { - Type = "forking"; - User = ddclientUser; - PIDFile = ddclientPIDFile; - ExecStartPre = pkgs.writeDash "init-nsupdate" '' - cp -vf ${pkgs.writeText "ddclient-config" (gen-cfg nsupdate)} ${cfg} - chmod 700 ${cfg} - ''; - ExecStart = "${pkgs.ddclient}/bin/ddclient -verbose -daemon 1 -noquiet -file ${cfg}"; - }; - }; - }; - - networking.firewall.extraCommands = '' - iptables -A PREROUTING -t nat -i ${ext-if} -p tcp --dport 411 -j REDIRECT --to-port 1511 - ''; - systemd.services.uhub-home.serviceConfig = { - PrivateTmp = true; - DynamicUser = lib.mkForce false; - User = "uhub"; - WorkingDirectory = uhubDir; - PermissionsStartOnly = true; - ExecStartPre = pkgs.writeDash "uhub-pre" '' - cp -f ${toString } ${uhubDir}/uhub.crt - cp -f ${toString } ${uhubDir}/uhub.key - if test -d ${uhubDir};then - echo "Directory ${uhubDir} already exists, skipping db init" - else - echo "Copying sql user db" - cp ${toString } ${uhubDir}/uhub.sql - fi - chown -R uhub ${uhubDir} - ''; - - }; - users.users.uhub = { - home = uhubDir; - createHome = true; - isSystemUser = true; - group = "uhub"; - }; - users.groups.uhub = {}; - - services.uhub.home = { - enable = true; - enableTLS = true; - settings = { - server_port = 1511; - server_bind_addr = "any"; - hub_name = "krebshub"; - tls_certificate = "${uhubDir}/uhub.crt"; - tls_private_key = "${uhubDir}/uhub.key"; - registered_users_only = true; - }; - plugins = [ - { - plugin = "${pkgs.uhub}/plugins/mod_auth_sqlite.so"; - settings.file = "${uhubDir}/uhub.sql"; - } - { - plugin = "${pkgs.uhub}/plugins/mod_welcome.so"; - settings.motd = toString (pkgs.writeText "motd" "shareit"); - settings.rules = toString (pkgs.writeText "rules" "1. Don't be an asshole"); - } - { - plugin = "${pkgs.uhub}/plugins/mod_chat_history.so"; - settings = {}; - } - ]; - }; - networking.firewall.allowedTCPPorts = [ 411 1511 ]; -} diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix deleted file mode 100644 index b54e32a82..000000000 --- a/makefu/2configs/default.nix +++ /dev/null @@ -1,96 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -{ - imports = [ - { - users.users = - mapAttrs (_: h: { hashedPassword = h; }) - (import ); - } - ./editor/vim.nix - ./binary-cache/nixos.nix - ./minimal.nix - # ./security/hotfix.nix - ]; - - # users are super important - users.users = { - root = { - openssh.authorizedKeys.keys = [ config.krebs.users.makefu.pubkey ]; - }; - makefu = { - uid = 9001; - group = "users"; - home = "/home/makefu"; - createHome = true; - isNormalUser = true; - useDefaultShell = true; - extraGroups = [ "wheel" ]; - openssh.authorizedKeys.keys = [ config.krebs.users.makefu.pubkey ]; - }; - }; - nix.settings.trusted-users = [ config.krebs.build.user.name ]; - nix.settings.experimental-features = [ "flakes" "nix-command" ]; - - boot.kernelPackages = lib.mkDefault pkgs.linuxPackages; - - nixpkgs.config.allowUnfreePredicate = pkg: packageName pkg == "unrar"; - - krebs = { - enable = true; - - dns.providers.lan = "hosts"; - build.user = config.krebs.users.makefu; - }; - - - boot.tmpOnTmpfs = true; - - environment.systemPackages = with pkgs; [ - jq - git - gnumake - rxvt_unicode.terminfo - htop - nix-output-monitor - ]; - - programs.bash.enableCompletion = true; - - environment.shellAliases = { - # TODO: see .aliases - lsl = "ls -lAtr"; - ip = "ip -c -br"; - dmesg = "dmesg -L --reltime"; - psg = "ps -ef | grep"; - nmap = "nmap -oN $HOME/loot/scan-`date +\%s`.nmap -oX $HOME/loot/scan-`date +%s`.xml"; - grep = "grep --color=auto"; - }; - - nixpkgs.config.packageOverrides = pkgs: { - #nano = pkgs.runCommand "empty" {} "mkdir -p $out"; - tinc = pkgs.tinc_pre; - }; - - - nix.extraOptions = '' - auto-optimise-store = true - ''; - - #security.wrappers.sendmail = { - # source = "${pkgs.exim}/bin/sendmail"; - # setuid = true; - #}; - services.journald.extraConfig = '' - SystemMaxUse=1G - RuntimeMaxUse=128M - ''; - environment.pathsToLink = [ "/share" ]; - security.acme = { - defaults.email = "letsencrypt@syntax-fehler.de"; - acceptTerms = true; - }; - system.stateVersion = lib.mkDefault "20.03"; - services.postgresql.package = pkgs.postgresql_14; -} diff --git a/makefu/2configs/deployment/board.euer.krebsco.de.nix b/makefu/2configs/deployment/board.euer.krebsco.de.nix deleted file mode 100644 index ca617976d..000000000 --- a/makefu/2configs/deployment/board.euer.krebsco.de.nix +++ /dev/null @@ -1,15 +0,0 @@ -let - fqdn = "board.euer.krebsco.de"; - port = 13113; -in { - services.restya-board = { - enable = true; - virtualHost.listenPort = port; - }; - services.nginx.virtualHosts."${fqdn}" = { - enableACME = true; - forceSSL = true; - locations."/".proxyPass = "http://localhost:${toString port}"; - }; -} - diff --git a/makefu/2configs/deployment/boot-euer.nix b/makefu/2configs/deployment/boot-euer.nix deleted file mode 100644 index f890ea7ad..000000000 --- a/makefu/2configs/deployment/boot-euer.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ config, lib, pkgs, ... }: -# more than just nginx config but not enough to become a module -with import ; -let - hostname = config.krebs.build.host.name; - bootscript = pkgs.writeTextDir "runit" '' - set -euf - cd /root - mkdir -p .ssh - echo "${config.krebs.users.makefu.pubkey}" > .ssh/authorized_keys - chmod 700 -R .ssh - systemctl restart sshd - ''; -in { - - services.nginx = { - enable = mkDefault true; - virtualHosts."boot.euer.krebsco.de" = { - forceSSL = true; - enableACME = true; - locations."/" = { - root = bootscript; - index = "runit"; - }; - }; - }; -} diff --git a/makefu/2configs/deployment/dirctator.nix b/makefu/2configs/deployment/dirctator.nix deleted file mode 100644 index 7303bb414..000000000 --- a/makefu/2configs/deployment/dirctator.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ pkgs, lib, ... }: - -with lib; -let - port = 18872; - runit = pkgs.writeDash "runit" '' - set -xeuf - export PULSE_COOKIE=/var/run/pulse/.config/pulse/cookie - echo "$@" | sed 's/^dirctator://' | ${pkgs.espeak}/bin/espeak -v mb-de7 2>&1 | tee -a /tmp/speak - ''; -in { - services.logstash = { - package = pkgs.logstash5; - enable = true; - inputConfig = '' - irc { - channels => [ "#krebs", "#afra" ] - host => "irc.hackint.org" - nick => "dirctator" - } - ''; - filterConfig = '' - ''; - outputConfig = '' - stdout { codec => rubydebug } - exec { command => "${runit} '%{message}" } - ''; - extraSettings = '' - path.plugins: [ "${pkgs.logstash-output-exec}" ] - ''; - ## NameError: `@path.plugins' is not allowable as an instance variable name - # plugins = [ pkgs.logstash-output-exec ]; - }; -} diff --git a/makefu/2configs/deployment/docker/archiveteam-warrior.nix b/makefu/2configs/deployment/docker/archiveteam-warrior.nix deleted file mode 100644 index 0069e4530..000000000 --- a/makefu/2configs/deployment/docker/archiveteam-warrior.nix +++ /dev/null @@ -1,39 +0,0 @@ -{ lib, ... }: -with lib; -let - port = ident: toString (28000 + ident); - instances = [ 1 2 3 4 5 6 7 8 9 ]; -in { - services.nginx.recommendedProxySettings = true; - services.nginx.virtualHosts."warrior.gum.r".locations = let - # TODO location "/" shows all warrior instances - proxy = ident: - { - "/warrior${toString ident}/" = { - proxyPass = "http://localhost:${port ident}/"; - # rewrite ^/info /warrior${toString ident}/info; - extraConfig = '' - sub_filter "http://warrior.gum.r/info" "http://warrior.gum.r/warrior${toString ident}/info"; - sub_filter_once off; - ''; - }; - - }; - in - foldl' mergeAttrs {} (map proxy instances); - virtualisation.oci-containers.containers = let - container = ident: - { "archiveteam-warrior${toString ident}" = { - image = "archiveteam/warrior-dockerfile"; - ports = [ "127.0.0.1:${port ident}:8001" ]; - environment = { - DOWNLOADER = "makefu"; - SELECTED_PROJECT = "auto"; - CONCURRENT_ITEMS = "6"; - WARRIOR_ID = toString ident; - }; - }; - }; - in - foldl' mergeAttrs {} (map container instances); -} diff --git a/makefu/2configs/deployment/feed.euer.krebsco.de/default.nix b/makefu/2configs/deployment/feed.euer.krebsco.de/default.nix deleted file mode 100644 index de072092b..000000000 --- a/makefu/2configs/deployment/feed.euer.krebsco.de/default.nix +++ /dev/null @@ -1,52 +0,0 @@ -{ config, lib, pkgs, ... }: -let - filter-file = ./filter.yml; - pkg = with pkgs.python3Packages;buildPythonPackage rec { - version = "d16ce227dc68c9f60f6dd06e6835bab7cdfdf61b"; - pname = "ebk-notify"; - propagatedBuildInputs = [ - docopt - pyyaml - requests - beautifulsoup4 - dateutil - feedgen - ]; - src = pkgs.fetchgit { - url = "http://cgit.euer.krebsco.de/ebk-notify"; - rev = version; - sha256 = "15dlhp17alm01fw7mzdyh2z9zwz8psrs489lxs3hgg1p5wa0kzsp"; - }; - }; - domain = "feed.euer.krebsco.de"; - path = "/var/www/feed.euer.krebsco.de"; -in -{ - systemd.tmpfiles.rules = [ - "d ${path} nginx nogroup - -" - ]; - krebs.secret.files.ebknotify = { - path = "/etc/ebk-notify.yml"; - owner.name = "nginx"; - source-path = "${}"; - }; - systemd.services.ebk-notify = { - startAt = "*:0/10"; - serviceConfig = { - User = "nginx"; # TODO better permission setting - # PrivateTmp = true; - ExecStart = "${pkg}/bin/ebk-notify --atom --outdir ${path} --config /etc/ebk-notify.yml --cache /tmp/ebk-cache.json --filter ${filter-file} --wait 30"; - }; - }; - systemd.timers.ebk-notify.timerConfig.RandomizedDelaySec = "120"; - services.nginx = { - virtualHosts."${domain}" = { - forceSSL = true; - enableACME = true; - locations."/" = { - root = path; - index = "root.atom"; - }; - }; - }; -} diff --git a/makefu/2configs/deployment/feed.euer.krebsco.de/filter.yml b/makefu/2configs/deployment/feed.euer.krebsco.de/filter.yml deleted file mode 100644 index 29e5e714a..000000000 --- a/makefu/2configs/deployment/feed.euer.krebsco.de/filter.yml +++ /dev/null @@ -1,32 +0,0 @@ -- name: Free Stuff by Category - zipcode: 70378 - distance: 2 - categoryId: 192 -- name: Kies - zipcode: 70378 - q: grobkies - distance: 2 -- name: pflanzkübel - zipcode: 70378 - q: Pflanzkübel - distance: 3 -- name: Ikea Samla - zipcode: 70378 - q: samla - distance: 5 -- name: Duplo - zipcode: 70378 - q: Duplo - distance: 10 -- name: Baby Gummistiefel - zipcode: 70378 - q: Gummistiefel - distance: 5 -- name: Werkbank - zipcode: 70378 - q: Werkbank - distance: 5 -- name: Einhell - zipcode: 70378 - q: Einhell - distance: 5 diff --git a/makefu/2configs/deployment/gecloudpad/default.nix b/makefu/2configs/deployment/gecloudpad/default.nix deleted file mode 100644 index 8b88626a3..000000000 --- a/makefu/2configs/deployment/gecloudpad/default.nix +++ /dev/null @@ -1,46 +0,0 @@ -{ config, lib, pkgs, ... }: -# more than just nginx config but not enough to become a module -let - wsgi-sock = "${workdir}/uwsgi-gecloudpad.sock"; - workdir = config.services.uwsgi.runDir; - gecloudpad = pkgs.python3Packages.callPackage ./gecloudpad.nix {}; - gecloudpad_settings = pkgs.writeText "gecloudpad_settings" '' - BASEURL = "https://etherpad.euer.krebsco.de" - ''; -in { - - services.uwsgi = { - enable = true; - user = "nginx"; - plugins = [ "python3" ]; - instance = { - type = "emperor"; - vassals = { - gecloudpad = { - type = "normal"; - pythonPackages = self: with self; [ gecloudpad ]; - socket = wsgi-sock; - env = ["GECLOUDPAD_SETTINGS=${gecloudpad_settings}"]; - }; - }; - }; - }; - - services.nginx = { - enable = lib.mkDefault true; - virtualHosts."pad.binaergewitter.de" = { - enableACME = true; - forceSSL = true; - locations = { - "/".extraConfig = '' - expires -1; - uwsgi_pass unix://${wsgi-sock}; - uwsgi_param UWSGI_CHDIR ${gecloudpad}/${pkgs.python.sitePackages}; - uwsgi_param UWSGI_MODULE gecloudpad.main; - uwsgi_param UWSGI_CALLABLE app; - include ${pkgs.nginx}/conf/uwsgi_params; - ''; - }; - }; - }; -} diff --git a/makefu/2configs/deployment/gecloudpad/gecloudpad.nix b/makefu/2configs/deployment/gecloudpad/gecloudpad.nix deleted file mode 100644 index 6f20ff579..000000000 --- a/makefu/2configs/deployment/gecloudpad/gecloudpad.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ lib, pkgs, fetchFromGitHub, ... }: - -with pkgs.python3Packages;buildPythonPackage rec { - name = "gecloudpad-${version}"; - version = "0.2.3"; - - propagatedBuildInputs = [ - flask requests - ]; - - src = fetchFromGitHub { - owner = "binaergewitter"; - repo = "gecloudpad"; - rev = "1399ede4e609f63fbf1c4560979a6b22b924e0c5"; - sha256 = "1w74j5ks7naalzrib87r0adq20ik5x3x5l520apagb7baszn17lb"; - }; - - meta = { - homepage = https://github.com/binaergeiwtter/gecloudpad; - description = "server side for gecloudpad"; - license = lib.licenses.wtfpl; - }; -} - diff --git a/makefu/2configs/deployment/gitlab.nix b/makefu/2configs/deployment/gitlab.nix deleted file mode 100644 index d61f50c1d..000000000 --- a/makefu/2configs/deployment/gitlab.nix +++ /dev/null @@ -1,39 +0,0 @@ -{ lib, config, ... }: -let - web-port = 19453; - hostn = "gitlab.makefu.r"; - internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; -in { - - services.gitlab = { - enable = true; - https = false; - port = web-port; - secrets = import ; - databasePassword = import ; - initialRootEmail = "makefu@x.r"; - initialRootPassword = import ; - host = hostn; - smtp = { - enable = true; - domain = "r"; - enableStartTLSAuto = false; - port = 25; - }; - }; - - services.nginx = { - enable = lib.mkDefault true; - virtualHosts."${hostn}".locations."/" = { - proxyPass = "http://localhost:${toString web-port}/"; - extraConfig = '' - if ( $server_addr != "${internal-ip}" ) { - return 403; - } - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - ''; - }; - }; -} diff --git a/makefu/2configs/deployment/graphs.nix b/makefu/2configs/deployment/graphs.nix deleted file mode 100644 index 1f6deb1bf..000000000 --- a/makefu/2configs/deployment/graphs.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -let - external-ip = config.krebs.build.host.nets.internet.ip4.addr; - internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; - hn = config.krebs.build.host.name; -in { - krebs.tinc_graphs = { - enable = true; - nginx = { - enable = true; - # TODO: remove hard-coded hostname - complete = { - extraConfig = '' - if ( $server_addr = "${external-ip}" ) { - return 403; - } - ''; - serverAliases = [ - "graph.makefu.r" - "graph.${hn}" "graph.${hn}.r" - ]; - }; - anonymous = { - forceSSL = true; - enableACME = true; - }; - }; - }; -} diff --git a/makefu/2configs/deployment/hound/default.nix b/makefu/2configs/deployment/hound/default.nix deleted file mode 100644 index 0cfb5cdeb..000000000 --- a/makefu/2configs/deployment/hound/default.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ config, pkgs, ... }: -{ - services.nginx.virtualHosts."wikisearch.krebsco.de" = { - forceSSL = true; - enableACME = true; - locations."/".proxyPass = "http://localhost:6080"; - }; - services.hound = { - enable = true; - listen = "127.0.0.1:6080"; - # package = pkgs.hound.overrideDerivation(oldAttrs: { - # patches = [ ./keep-repo.patch ]; - # }); - config = ''{ - "max-concurrent-indexers" : 2, - "dbpath" : "${config.services.hound.home}/data", - "repos" : { - "nixos-users-wiki": { - "url" : "https://github.com/nixos-users/wiki.wiki.git", - "url-pattern" : { - "base-url" : "{url}/{path}" - } - } - } - }''; - }; - -} diff --git a/makefu/2configs/deployment/mediengewitter.de.nix b/makefu/2configs/deployment/mediengewitter.de.nix deleted file mode 100644 index 7c2073e8e..000000000 --- a/makefu/2configs/deployment/mediengewitter.de.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ config, lib, pkgs, ... }: -# more than just nginx config but not enough to become a module -let - domain = "over.voltage.nz"; -in { - - services.nginx = { - enable = lib.mkDefault true; - virtualHosts."mediengewitter.de" = { - enableACME = true; - forceSSL = true; - locations."/".return = "301 http://${domain}\$request_uri"; - #locations."/" = { - # proxyPass = "http://over.voltage.nz"; - #}; - #locations."/socket.io" = { - # proxyPass = "ws://over.voltage.nz"; - # proxyWebsockets = true; - #}; - }; - }; -} diff --git a/makefu/2configs/deployment/mycube.connector.one.nix b/makefu/2configs/deployment/mycube.connector.one.nix deleted file mode 100644 index aa9ff514c..000000000 --- a/makefu/2configs/deployment/mycube.connector.one.nix +++ /dev/null @@ -1,42 +0,0 @@ -{ config, lib, pkgs, ... }: -# more than just nginx config but not enough to become a module -let - hostname = config.krebs.build.host.name; - external-ip = config.krebs.build.host.nets.internet.ip4.addr; - wsgi-sock = "${config.services.uwsgi.runDir}/uwsgi.sock"; -in { - services.redis = { enable = true; }; - systemd.services.redis.serviceConfig.LimitNOFILE=65536; - - services.uwsgi = { - enable = true; - user = "nginx"; - plugins = [ "python2" ]; - instance = { - type = "emperor"; - vassals = { - mycube-flask = { - type = "normal"; - pythonPackages = self: with self; [ pkgs.mycube-flask ]; - socket = wsgi-sock; - }; - }; - }; - }; - - services.nginx = { - enable = lib.mkDefault true; - virtualHosts."mybox.connector.one" = { - locations = { - "/".extraConfig = '' - uwsgi_pass unix://${wsgi-sock}; - uwsgi_param UWSGI_CHDIR ${pkgs.mycube-flask}/${pkgs.python.sitePackages}; - uwsgi_param UWSGI_MODULE mycube.websrv; - uwsgi_param UWSGI_CALLABLE app; - - include ${pkgs.nginx}/conf/uwsgi_params; - ''; - }; - }; - }; -} diff --git a/makefu/2configs/deployment/nixos.wiki/default.nix b/makefu/2configs/deployment/nixos.wiki/default.nix deleted file mode 100644 index cd738ea8b..000000000 --- a/makefu/2configs/deployment/nixos.wiki/default.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ config, pkgs, ... }: - -{ - imports = - [ ./mediawiki.nix - ./network.nix - ]; - -} diff --git a/makefu/2configs/deployment/nixos.wiki/mediawiki.module.nix b/makefu/2configs/deployment/nixos.wiki/mediawiki.module.nix deleted file mode 100644 index 24715f81e..000000000 --- a/makefu/2configs/deployment/nixos.wiki/mediawiki.module.nix +++ /dev/null @@ -1,481 +0,0 @@ -{ config, pkgs, lib, ... }: - -let - - inherit (lib) mkDefault mkEnableOption mkForce mkIf mkMerge mkOption; - inherit (lib) concatStringsSep literalExample mapAttrsToList optional optionals optionalString types; - - cfg = config.services.mediawiki; - fpm = config.services.phpfpm.pools.mediawiki; - user = "mediawiki"; - group = config.services.httpd.group; - cacheDir = "/var/cache/mediawiki"; - stateDir = "/var/lib/mediawiki"; - - pkg = pkgs.stdenv.mkDerivation rec { - pname = "mediawiki-full"; - version = src.version; - src = cfg.package; - - installPhase = '' - mkdir -p $out - cp -r * $out/ - - rm -rf $out/share/mediawiki/skins/* - rm -rf $out/share/mediawiki/extensions/* - - ${concatStringsSep "\n" (mapAttrsToList (k: v: '' - ln -s ${v} $out/share/mediawiki/skins/${k} - '') cfg.skins)} - - ${concatStringsSep "\n" (mapAttrsToList (k: v: '' - ln -s ${if v != null then v else "$src/share/mediawiki/extensions/${k}"} $out/share/mediawiki/extensions/${k} - '') cfg.extensions)} - ''; - }; - - mediawikiScripts = pkgs.runCommand "mediawiki-scripts" { - buildInputs = [ pkgs.makeWrapper ]; - preferLocalBuild = true; - } '' - mkdir -p $out/bin - for i in changePassword.php createAndPromote.php userOptions.php edit.php nukePage.php update.php; do - makeWrapper ${pkgs.php}/bin/php $out/bin/mediawiki-$(basename $i .php) \ - --set MEDIAWIKI_CONFIG ${mediawikiConfig} \ - --add-flags ${pkg}/share/mediawiki/maintenance/$i - done - ''; - - mediawikiConfig = pkgs.writeText "LocalSettings.php" '' - skins - subdirectory of the MediaWiki installation in addition to the default skins. - ''; - }; - - extensions = mkOption { - default = {}; - type = types.attrsOf (types.nullOr types.path); - description = '' - Attribute set of paths whose content is copied to the extensions - subdirectory of the MediaWiki installation and enabled in configuration. - - Use null instead of path to enable extensions that are part of MediaWiki. - ''; - example = literalExample '' - { - Matomo = pkgs.fetchzip { - url = "https://github.com/DaSchTour/matomo-mediawiki-extension/archive/v4.0.1.tar.gz"; - sha256 = "0g5rd3zp0avwlmqagc59cg9bbkn3r7wx7p6yr80s644mj6dlvs1b"; - }; - ParserFunctions = null; - } - ''; - }; - - database = { - type = mkOption { - type = types.enum [ "mysql" "postgres" "sqlite" "mssql" "oracle" ]; - default = "mysql"; - description = "Database engine to use. MySQL/MariaDB is the database of choice by MediaWiki developers."; - }; - - host = mkOption { - type = types.str; - default = "localhost"; - description = "Database host address."; - }; - - port = mkOption { - type = types.port; - default = 3306; - description = "Database host port."; - }; - - name = mkOption { - type = types.str; - default = "mediawiki"; - description = "Database name."; - }; - - user = mkOption { - type = types.str; - default = "mediawiki"; - description = "Database user."; - }; - - passwordFile = mkOption { - type = types.nullOr types.path; - default = null; - example = "/run/keys/mediawiki-dbpassword"; - description = '' - A file containing the password corresponding to - . - ''; - }; - - tablePrefix = mkOption { - type = types.nullOr types.str; - default = null; - description = '' - If you only have access to a single database and wish to install more than - one version of MediaWiki, or have other applications that also use the - database, you can give the table names a unique prefix to stop any naming - conflicts or confusion. - See . - ''; - }; - - socket = mkOption { - type = types.nullOr types.path; - default = if cfg.database.createLocally then "/run/mysqld/mysqld.sock" else null; - defaultText = "/run/mysqld/mysqld.sock"; - description = "Path to the unix socket file to use for authentication."; - }; - - createLocally = mkOption { - type = types.bool; - default = cfg.database.type == "mysql"; - defaultText = "true"; - description = '' - Create the database and database user locally. - This currently only applies if database type "mysql" is selected. - ''; - }; - }; - - virtualHost = mkOption { - type = types.submodule (import ); - example = literalExample '' - { - hostName = "mediawiki.example.org"; - adminAddr = "webmaster@example.org"; - forceSSL = true; - enableACME = true; - } - ''; - description = '' - Apache configuration can be done by adapting . - See for further information. - ''; - }; - - poolConfig = mkOption { - type = with types; attrsOf (oneOf [ str int bool ]); - default = { - "pm" = "dynamic"; - "pm.max_children" = 32; - "pm.start_servers" = 2; - "pm.min_spare_servers" = 2; - "pm.max_spare_servers" = 4; - "pm.max_requests" = 500; - }; - description = '' - Options for the MediaWiki PHP pool. See the documentation on php-fpm.conf - for details on configuration directives. - ''; - }; - - extraConfig = mkOption { - type = types.lines; - description = '' - Any additional text to be appended to MediaWiki's - LocalSettings.php configuration file. For configuration - settings, see . - ''; - default = ""; - example = '' - $wgEnableEmail = false; - ''; - }; - - }; - }; - - # implementation - config = mkIf cfg.enable { - - assertions = [ - { assertion = cfg.database.createLocally -> cfg.database.type == "mysql"; - message = "services.mediawiki.createLocally is currently only supported for database type 'mysql'"; - } - { assertion = cfg.database.createLocally -> cfg.database.user == user; - message = "services.mediawiki.database.user must be set to ${user} if services.mediawiki.database.createLocally is set true"; - } - { assertion = cfg.database.createLocally -> cfg.database.socket != null; - message = "services.mediawiki.database.socket must be set if services.mediawiki.database.createLocally is set to true"; - } - { assertion = cfg.database.createLocally -> cfg.database.passwordFile == null; - message = "a password cannot be specified if services.mediawiki.database.createLocally is set to true"; - } - ]; - - services.mediawiki.skins = { - MonoBook = "${cfg.package}/share/mediawiki/skins/MonoBook"; - Timeless = "${cfg.package}/share/mediawiki/skins/Timeless"; - Vector = "${cfg.package}/share/mediawiki/skins/Vector"; - }; - - services.mysql = mkIf cfg.database.createLocally { - enable = true; - package = mkDefault pkgs.mariadb; - ensureDatabases = [ cfg.database.name ]; - ensureUsers = [ - { name = cfg.database.user; - ensurePermissions = { "${cfg.database.name}.*" = "ALL PRIVILEGES"; }; - } - ]; - }; - - services.phpfpm.pools.mediawiki = { - inherit user group; - phpEnv.MEDIAWIKI_CONFIG = "${mediawikiConfig}"; - settings = { - "listen.owner" = config.services.httpd.user; - "listen.group" = config.services.httpd.group; - } // cfg.poolConfig; - }; - - services.httpd = { - enable = true; - extraModules = [ "proxy_fcgi" ]; - virtualHosts.${cfg.virtualHost.hostName} = mkMerge [ cfg.virtualHost { - documentRoot = mkForce "${pkg}/share/mediawiki"; - extraConfig = '' - - - - SetHandler "proxy:unix:${fpm.socket}|fcgi://localhost/" - - - - Require all granted - DirectoryIndex index.php - AllowOverride All - - '' + optionalString (cfg.uploadsDir != null) '' - Alias "/images" "${cfg.uploadsDir}" - - Require all granted - - ''; - } ]; - }; - - systemd.tmpfiles.rules = [ - "d '${stateDir}' 0750 ${user} ${group} - -" - "d '${cacheDir}' 0750 ${user} ${group} - -" - ] ++ optionals (cfg.uploadsDir != null) [ - "d '${cfg.uploadsDir}' 0750 ${user} ${group} - -" - "Z '${cfg.uploadsDir}' 0750 ${user} ${group} - -" - ]; - - systemd.services.mediawiki-init = { - wantedBy = [ "multi-user.target" ]; - before = [ "phpfpm-mediawiki.service" ]; - after = optional cfg.database.createLocally "mysql.service"; - script = '' - if ! test -e "${stateDir}/secret.key"; then - tr -dc A-Za-z0-9 /dev/null | head -c 64 > ${stateDir}/secret.key - fi - - echo "exit( wfGetDB( DB_MASTER )->tableExists( 'user' ) ? 1 : 0 );" | \ - ${pkgs.php}/bin/php ${pkg}/share/mediawiki/maintenance/eval.php --conf ${mediawikiConfig} && \ - ${pkgs.php}/bin/php ${pkg}/share/mediawiki/maintenance/install.php \ - --confpath /tmp \ - --scriptpath ${cfg.basePath} \ - --dbserver ${cfg.database.host}${optionalString (cfg.database.socket != null) ":${cfg.database.socket}"} \ - --dbport ${toString cfg.database.port} \ - --dbname ${cfg.database.name} \ - ${optionalString (cfg.database.tablePrefix != null) "--dbprefix ${cfg.database.tablePrefix}"} \ - --dbuser ${cfg.database.user} \ - ${optionalString (cfg.database.passwordFile != null) "--dbpassfile ${cfg.database.passwordFile}"} \ - --passfile ${cfg.passwordFile} \ - "${cfg.name}" \ - admin - - ${pkgs.php}/bin/php ${pkg}/share/mediawiki/maintenance/update.php --conf ${mediawikiConfig} --quick - ''; - - serviceConfig = { - Type = "oneshot"; - User = user; - Group = group; - PrivateTmp = true; - }; - }; - - systemd.services.httpd.after = optional (cfg.database.createLocally && cfg.database.type == "mysql") "mysql.service"; - - users.users.${user} = { - group = group; - isSystemUser = true; - }; - - environment.systemPackages = [ mediawikiScripts ]; - }; -} diff --git a/makefu/2configs/deployment/nixos.wiki/mediawiki.nix b/makefu/2configs/deployment/nixos.wiki/mediawiki.nix deleted file mode 100644 index a346b82cb..000000000 --- a/makefu/2configs/deployment/nixos.wiki/mediawiki.nix +++ /dev/null @@ -1,67 +0,0 @@ -{ config, pkgs, ... }: - -let - hostAddress = "192.168.48.1"; - localAddress = "192.168.48.3"; -in - -{ - containers.mediawiki = - { autoStart = true; - privateNetwork = true; - inherit hostAddress localAddress; - config = { config, pkgs, ... }: - { - # NOTE: This disabling and importing is so that the basePath can be altered - disabledModules = [ "services/web-apps/mediawiki.nix" ]; - imports = [ - ./mediawiki.module.nix - ]; - time.timeZone = "America/New_York"; - system.stateVersion = "20.09"; - networking.defaultGateway = hostAddress; - # NOTE: you might want to change this namserver address - networking.nameservers = [ "8.8.8.8" ]; - networking.firewall.allowedTCPPorts = [ 80 ]; - services.mediawiki = { - enable = true; - name = "Example Containerized Wiki"; - # NOTE: here is where the basePath is specified, which requires the imported mediawiki NixOS module - basePath = "/wiki"; - passwordFile = ./mediawiki.password.txt; - extraConfig = '' - $wgRCFeeds['euerkrebsco'] = array( - 'formatter' => 'JSONRCFeedFormatter', - 'uri' => 'udp://euer.krebsco.de:5005', - 'add_interwiki_prefix' => false, - 'omit_bots' => true, - ); - $wgRCFeeds['euerkrebscoIRC'] = array( - 'formatter' => 'IRCColourfulRCFeedFormatter', - 'uri' => 'udp://euer.krebsco.de:5006', - 'add_interwiki_prefix' => false, - 'omit_bots' => true, - ); - ''; - virtualHost = { - hostName = "localhost"; - adminAddr = "root@localhost"; - forceSSL = false; - addSSL = false; - onlySSL = false; - enableACME = false; - }; - }; - }; - }; - - # Put the MediaWiki web page behind an NGINX proxy - services.nginx = { - enable = true; - virtualHosts.localhost.locations."/wiki" = { - # NOTE: the slash at the end of the URI is important. It causes the location base path to be removed when passed onto the proxy - proxyPass = "http://${localAddress}:80/"; - }; - }; - -} diff --git a/makefu/2configs/deployment/nixos.wiki/mediawiki.password.txt b/makefu/2configs/deployment/nixos.wiki/mediawiki.password.txt deleted file mode 100644 index b11b15f08..000000000 --- a/makefu/2configs/deployment/nixos.wiki/mediawiki.password.txt +++ /dev/null @@ -1 +0,0 @@ -thisisthepassword diff --git a/makefu/2configs/deployment/nixos.wiki/network.nix b/makefu/2configs/deployment/nixos.wiki/network.nix deleted file mode 100644 index a7ffb28f1..000000000 --- a/makefu/2configs/deployment/nixos.wiki/network.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ - networking.networkmanager.unmanaged = [ "interface-name:ve-*" ]; - networking.nat.enable = true; - networking.nat.internalInterfaces = ["ve-+"]; - networking.nat.externalInterface = "wlan0"; -} diff --git a/makefu/2configs/deployment/ntfysh.nix b/makefu/2configs/deployment/ntfysh.nix deleted file mode 100644 index 1a3311d9e..000000000 --- a/makefu/2configs/deployment/ntfysh.nix +++ /dev/null @@ -1,41 +0,0 @@ -{ lib, config, ... }: -let - web-port = 19455; - hostn = "ntfy.euer.krebsco.de"; - internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; -in -{ - services.ntfy-sh = { - enable = true; - settings = { - listen-http = "127.0.0.1:${toString web-port}"; - auth-file = "/var/lib/ntfy-sh/user.db"; - auth-default-access = "deny-all"; - behind-proxy = true; - attachment-cache-dir = "/media/cloud/ntfy-sh/attachments"; - attachment-file-size-limit = "500m"; - attachment-total-size-limit = "100g"; - base-url = "https://ntfy.euer.krebsco.de"; - attachment-expiry-duration = "48h"; - }; - }; - - systemd.services.ntfy-sh.serviceConfig = { - StateDirectory = "ntfy-sh"; - SupplementaryGroups = [ "download" ]; - }; - - services.nginx = { - enable = lib.mkDefault true; - virtualHosts."${hostn}" = { - forceSSL = true; - enableACME = true; - - locations."/" = { - proxyPass = "http://localhost:${toString web-port}/"; - proxyWebsockets = true; - recommendedProxySettings = true; - }; - }; - }; -} diff --git a/makefu/2configs/deployment/owncloud.nix b/makefu/2configs/deployment/owncloud.nix deleted file mode 100644 index 8e5e71f11..000000000 --- a/makefu/2configs/deployment/owncloud.nix +++ /dev/null @@ -1,107 +0,0 @@ -{ lib, pkgs, config, ... }: -with lib; - -# services.redis.enable = true; -# to enable caching with redis first start up everything, then run: -# nextcloud-occ config:system:set redis 'host' --value 'localhost' --type string -# nextcloud-occ config:system:set redis 'port' --value 6379 --type integer -# nextcloud-occ config:system:set memcache.local --value '\OC\Memcache\Redis' --type string -# nextcloud-occ config:system:set memcache.locking --value '\OC\Memcache\Redis' --type string - -# services.memcached.enable = true; -# to enable caching with memcached run: -# nextcloud-occ config:system:set memcached_servers 0 0 --value 127.0.0.1 --type string -# nextcloud-occ config:system:set memcached_servers 0 1 --value 11211 --type integer -# nextcloud-occ config:system:set memcache.local --value '\OC\Memcache\APCu' --type string -# nextcloud-occ config:system:set memcache.distributed --value '\OC\Memcache\Memcached' --type string - -let - adminpw = "/run/secret/nextcloud-admin-pw"; - dbpw = "/run/secret/nextcloud-db-pw"; -in { - - fileSystems."/var/lib/nextcloud/data" = { - device = "/media/cloud/nextcloud-data"; - options = [ "bind" ]; - depends = [ "/media/cloud" ]; - }; - - - - krebs.secret.files.nextcloud-db-pw = { - path = dbpw; - owner.name = "nextcloud"; - source-path = toString + "/nextcloud-db-pw"; - }; - - krebs.secret.files.nextcloud-admin-pw = { - path = adminpw; - owner.name = "nextcloud"; - source-path = toString + "/nextcloud-admin-pw"; - }; - - services.nginx.virtualHosts."o.euer.krebsco.de" = { - forceSSL = true; - enableACME = true; - }; - services.postgresqlBackup = { - enable = true; - databases = [ config.services.nextcloud.config.dbname ]; - }; -systemd.services.postgresqlBackup-nextcloud.serviceConfig.SupplementaryGroups = [ "download" ]; - - state = [ - # services.postgresql.dataDir - # "${config.services.nextcloud.home}/config" - config.services.postgresqlBackup.location - ]; - - users.users.nextcloud.extraGroups = [ "download" ]; - services.nextcloud = { - enable = true; - package = pkgs.nextcloud25; - hostName = "o.euer.krebsco.de"; - # Use HTTPS for links - https = true; - # Auto-update Nextcloud Apps - autoUpdateApps.enable = true; - # Set what time makes sense for you - autoUpdateApps.startAt = "05:00:00"; - - caching.redis = true; - caching.apcu = true; - config = { - # Further forces Nextcloud to use HTTPS - overwriteProtocol = "https"; - defaultPhoneRegion = "DE"; - - # Nextcloud PostegreSQL database configuration, recommended over using SQLite - dbtype = "pgsql"; - dbuser = "nextcloud"; - dbhost = "/run/postgresql"; # nextcloud will add /.s.PGSQL.5432 by itself - dbname = "nextcloud"; - dbpassFile = dbpw; - adminpassFile = adminpw; - adminuser = "root"; - }; - }; - services.redis.enable = true; - systemd.services.redis.serviceConfig.LimitNOFILE=mkForce "65536"; - services.postgresql = { - enable = true; - # Ensure the database, user, and permissions always exist - ensureDatabases = [ "nextcloud" ]; - ensureUsers = [ { name = "nextcloud"; ensurePermissions."DATABASE nextcloud" = "ALL PRIVILEGES"; } ]; - }; - - systemd.services."nextcloud-setup" = { - requires = ["postgresql.service"]; - after = ["postgresql.service"]; - serviceConfig.RequiresMountFor = [ "/media/cloud" ]; - }; - systemd.services."phpfpm-nextcloud".serviceConfig.RequiresMountFor = [ - "/media/cloud" - "/var/lib/nextcloud/data" - ]; - systemd.services."phpfpm".serviceConfig.RequiresMountFor = [ "/media/cloud" ]; -} diff --git a/makefu/2configs/deployment/photostore.krebsco.de.nix b/makefu/2configs/deployment/photostore.krebsco.de.nix deleted file mode 100644 index 19a8df235..000000000 --- a/makefu/2configs/deployment/photostore.krebsco.de.nix +++ /dev/null @@ -1,43 +0,0 @@ -{ config, lib, pkgs, ... }: -# more than just nginx config but not enough to become a module -with import ; -let - wsgi-sock = "${workdir}/uwsgi-photostore.sock"; - workdir = config.services.uwsgi.runDir; -in { - - services.uwsgi = { - enable = true; - user = "nginx"; - runDir = "/var/lib/photostore"; - plugins = [ "python3" ]; - instance = { - type = "emperor"; - vassals = { - cameraupload-server = { - type = "normal"; - pythonPackages = self: with self; [ pkgs.cameraupload-server ]; - socket = wsgi-sock; - }; - }; - }; - }; - - services.nginx = { - enable = mkDefault true; - virtualHosts."photostore.krebsco.de" = { - enableACME = true; - forceSSL = true; - locations = { - "/".extraConfig = '' - expires -1; - uwsgi_pass unix://${wsgi-sock}; - uwsgi_param UWSGI_CHDIR ${workdir}; - uwsgi_param UWSGI_MODULE cuserver.main; - uwsgi_param UWSGI_CALLABLE app; - include ${pkgs.nginx}/conf/uwsgi_params; - ''; - }; - }; - }; -} diff --git a/makefu/2configs/deployment/rss/ebk.yml b/makefu/2configs/deployment/rss/ebk.yml deleted file mode 100644 index 3248f5c4e..000000000 --- a/makefu/2configs/deployment/rss/ebk.yml +++ /dev/null @@ -1,59 +0,0 @@ -regex: https://www.ebay\-kleinanzeigen.de/s\-.* -selectors: - httpsettings: - cookie: {} - header: {} - useragent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) - Chrome/90.0.4430.72 Safari/537.36 - insecure: false - feed: - title: title - authorname: "" - authoremail: "" - item: - container: ul[id='srchrslt-adtable'] li[class='ad-listitem lazyload-item '] - title: | - title = sel:find("h2.text-module-begin"):first():text():gsub("^%s*(.-)%s*$", "%1") - print(title) - link: | - link = sel:find("a"):first():attr("href") - print("https://www.ebay-kleinanzeigen.de" .. link) - created: |- - created = "" - sel:find("div.aditem-main--top--right"):each(function(i, s) - created = s:text():gsub("^%s*(.-)%s*$", "%1") - end) - if created:match("Heute") then - time = created:gsub("^.*,", "") - print(os.date("%d.%m.%Y") .. time .. " CET") - return - end - if created:match("Gestern") then - time = created:gsub("^.*,", "") - print(os.date("%d.%m.%Y", os.time()-24*60*60) .. time .. " CET") - return - end - if created:match("\.") then - print(created .. " 00:00 CET") - return - end - createdformat: 02.01.2006 15:04 MST - description: |- - description = sel:find(".aditem-main--middle"):html() - place = sel:find(".aditem-main--top--left"):html() - print(description .. place) - content: "" - image: | - img = sel:find("div.imagebox"):first():attr("data-imgsrc") - if img ~= "" then - -- prepend host if needed - if not(img:match("https*:\/\/.*")) then - img = "https://www.ebay-kleinanzeigen.de" .. img - end - print(img) - end - nextpage: | - nextpage = sel:find("link[rel=next]"):attr("href") - print("https://www.ebay-kleinanzeigen.de" .. nextpage) - nextpagecount: 5 - sort: "" diff --git a/makefu/2configs/deployment/rss/ratt-hourly.sh b/makefu/2configs/deployment/rss/ratt-hourly.sh deleted file mode 100755 index 67f2529bd..000000000 --- a/makefu/2configs/deployment/rss/ratt-hourly.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/sh -set -eu -URLS=${1?must provide URLS file} -OUTFILE=${2:-all.xml} - -echo "init, writing to $OUTFILE" - -cat > "$OUTFILE" < - - - makefu Ebay Kleinanzeigen - https://www.ebay-kleinanzeigen.de/ - Feed for all kleinanzeigen - $(date '+%a, %d %b %Y %H:%M:%S %z') -EOF -echo "looping through $URLS" -cat "$URLS" | while read line;do - echo "fetching $line" - ratt auto "$line" | \ - xmlstarlet sel -t -c "//item" >> "$OUTFILE" || : -done - -echo "close" -cat >> "$OUTFILE" < - -EOF diff --git a/makefu/2configs/deployment/rss/ratt.nix b/makefu/2configs/deployment/rss/ratt.nix deleted file mode 100644 index 2e7ecb45d..000000000 --- a/makefu/2configs/deployment/rss/ratt.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ pkgs, lib, config, ... }: -let - fqdn = "rss.euer.krebsco.de"; - ratt-path = "/var/lib/ratt/"; - out-path = "${ratt-path}/all.xml"; -in { - systemd.tmpfiles.rules = ["d ${ratt-path} 0750 nginx nginx - -" ]; - systemd.services.run-ratt = { - enable = true; - path = with pkgs; [ ratt xmlstarlet ]; - script = builtins.readFile ./ratt-hourly.sh; - scriptArgs = "${./urls} ${out-path}"; - - preStart = "install -v -m750 ${./ebk.yml} ${ratt-path}/ebk.yml"; # ratt requires the config file in the cwd - serviceConfig.User = "nginx"; - serviceConfig.WorkingDirectory= ratt-path; - startAt = "00/3:07"; # every 3 hours, fetch latest - }; - - services.nginx.virtualHosts."${fqdn}" = { - locations."=/ratt/all.xml" = { - alias = out-path; - }; - }; -} - diff --git a/makefu/2configs/deployment/rss/rss.euer.krebsco.de.nix b/makefu/2configs/deployment/rss/rss.euer.krebsco.de.nix deleted file mode 100644 index e204050b4..000000000 --- a/makefu/2configs/deployment/rss/rss.euer.krebsco.de.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ pkgs, lib, config, ... }: -let - fqdn = "rss.euer.krebsco.de"; - ratt-path = "/var/lib/ratt/"; -in { - systemd.tmpfiles.rules = ["d ${ratt-path} 0750 nginx nginx - -" ]; - services.tt-rss = { - enable = true; - virtualHost = fqdn; - selfUrlPath = "https://${fqdn}"; - }; - - state = [ config.services.postgresqlBackup.location ]; - - services.postgresqlBackup = { - enable = true; - databases = [ config.services.tt-rss.database.name ]; - }; - systemd.services.tt-rss.serviceConfig = { - Restart = lib.mkForce "always"; - }; - - systemd.services.postgresqlBackup-tt_rss.serviceConfig.SupplementaryGroups = [ "download" ]; - - services.nginx.virtualHosts."${fqdn}" = { - enableACME = true; - forceSSL = true; - locations."/ratt/" = { - alias = ratt-path; - extraConfig = "autoindex on;"; - }; - }; -} - diff --git a/makefu/2configs/deployment/rss/urls b/makefu/2configs/deployment/rss/urls deleted file mode 100644 index cbc68ccc7..000000000 --- a/makefu/2configs/deployment/rss/urls +++ /dev/null @@ -1,9 +0,0 @@ -https://www.ebay-kleinanzeigen.de/s-heimwerken/nein/muehlhausen/bohrmaschine/k0c84l9313r5+heimwerken.versand_s:nein -https://www.ebay-kleinanzeigen.de/s-stuttgart/zigbee/k0l9280 -https://www.ebay-kleinanzeigen.de/s-70378/d%C3%B6rrautomat/k0l9334r5 -https://www.ebay-kleinanzeigen.de/s-zu-verschenken/muehlhausen/c192l9313 -https://www.ebay-kleinanzeigen.de/s-spielzeug/muehlhausen/brettspiel/k0c23l9313 -https://www.ebay-kleinanzeigen.de/s-muehlhausen/dymo/k0l9313r5 -https://www.ebay-kleinanzeigen.de/s-zu-verschenken/muehlhausen/lautsprecher/k0c192l9313r5 -https://www.ebay-kleinanzeigen.de/s-muehlhausen/preis::40/winkelschleifer/k0l9313r5 -https://www.ebay-kleinanzeigen.de/s-muehlhausen/preis::40/kontaktgrill/k0l9313r5 diff --git a/makefu/2configs/deployment/scrape/default.nix b/makefu/2configs/deployment/scrape/default.nix deleted file mode 100644 index c7a5b5c14..000000000 --- a/makefu/2configs/deployment/scrape/default.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ - imports = [ - ./elkstack.nix - ./selenium.nix - ]; -} diff --git a/makefu/2configs/deployment/scrape/elkstack.nix b/makefu/2configs/deployment/scrape/elkstack.nix deleted file mode 100644 index c6bf1c6d8..000000000 --- a/makefu/2configs/deployment/scrape/elkstack.nix +++ /dev/null @@ -1,5 +0,0 @@ -_: -{ - services.elasticsearch.enable = true; - services.kibana.enable = true; -} diff --git a/makefu/2configs/deployment/scrape/selenium.nix b/makefu/2configs/deployment/scrape/selenium.nix deleted file mode 100644 index d700259ba..000000000 --- a/makefu/2configs/deployment/scrape/selenium.nix +++ /dev/null @@ -1,65 +0,0 @@ -{config, pkgs, lib, ...}: -with ; -let - selenium-pw = ; -in { - services.jenkinsSlave.enable = true; - users.users.selenium = { - uid = genid "selenium"; - extraGroups = [ "plugdev" ]; - }; - - fonts.enableFontDir = true; - - # networking.firewall.allowedTCPPorts = [ 5910 ]; - - systemd.services.selenium-X11 = - { - description = "X11 vnc for selenium"; - wantedBy = [ "multi-user.target" ]; - path = [ pkgs.xorg.xorgserver pkgs.tightvnc pkgs.dwm ]; - environment = - { - DISPLAY = ":10"; - }; - script = '' - set -ex - [ -e /tmp/.X10-lock ] && ( set +e ; chmod u+w /tmp/.X10-lock ; rm /tmp/.X10-lock ) - [ -e /tmp/.X11-unix/X10 ] && ( set +e ; chmod u+w /tmp/.X11-unix/X10 ; rm /tmp/.X11-unix/X10 ) - mkdir -p ~/.vnc - cp -f ${selenium-pw} ~/.vnc/passwd - chmod go-rwx ~/.vnc/passwd - echo > ~/.vnc/xstartup - chmod u+x ~/.vnc/xstartup - vncserver $DISPLAY -geometry 1280x1024 -depth 24 -name jenkins -ac - dwm - ''; - preStop = '' - vncserver -kill $DISPLAY - ''; - serviceConfig = { - User = "selenium"; - }; - }; - - systemd.services.selenium-server = - { - description = "selenium-server"; - wantedBy = [ "multi-user.target" ]; - requires = [ "selenium-X11.service" ]; - path = [ pkgs.chromium - pkgs.firefoxWrapper ]; - environment = - { - DISPLAY = ":10"; - }; - script = '' - ${pkgs.selenium-server-standalone}/bin/selenium-server -Dwebdriver.enable.native.events=1 - ''; - serviceConfig = { - User = "selenium"; - }; - }; - - -} diff --git a/makefu/2configs/dict.nix b/makefu/2configs/dict.nix deleted file mode 100644 index 08f1f8502..000000000 --- a/makefu/2configs/dict.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ pkgs, ... }: -{ - environment.shellAliases.dict = "dict -h 127.0.0.1"; - services.dictd.enable = true; - services.dictd.DBs = with pkgs.dictdDBs; [ wiktionary wordnet deu2eng eng2deu ]; -} diff --git a/makefu/2configs/disable_v6.nix b/makefu/2configs/disable_v6.nix deleted file mode 100644 index 0a8c8d53d..000000000 --- a/makefu/2configs/disable_v6.nix +++ /dev/null @@ -1,3 +0,0 @@ -{ - networking.enableIPv6 = false; -} diff --git a/makefu/2configs/dnscrypt/client.nix b/makefu/2configs/dnscrypt/client.nix deleted file mode 100644 index 988fb4a7d..000000000 --- a/makefu/2configs/dnscrypt/client.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ config, ... }: -let - customResolver = { - # TODO: put this somewhere else - address = config.krebs.hosts.gum.nets.internet.ip4.addr; - port = 15251; - name = "2.dnscrypt-cert.euer.krebsco.de"; - # dnscrypt-wrapper --show-provider-publickey --provider-publickey-file public.key - key = "1AFC:E58D:F242:0FBB:9EE9:4E51:47F4:5373:D9AE:C2AB:DD96:8448:333D:5D79:272C:A44C"; - }; -in { - services.dnscrypt-proxy = { - enable = true; - inherit customResolver; - }; - networking.extraResolvconfConf = '' - name_servers='127.0.0.1' - ''; -} diff --git a/makefu/2configs/dnscrypt/server.nix b/makefu/2configs/dnscrypt/server.nix deleted file mode 100644 index 79305e727..000000000 --- a/makefu/2configs/dnscrypt/server.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ config, ... }: -let - # TODO: dataDir is currently not provided by upstream - # data = config.services.dnscrypt-wrapper.dataDir; - data = "/var/lib/dnscrypt-wrapper"; - sec = toString ; - port = 15251; - user = "dnscrypt-wrapper"; -in { - services.dnscrypt-wrapper = { - enable = true; - address = "0.0.0.0"; - upstream.address = "8.8.8.8"; - providerName = "2.dnscrypt-cert.euer.krebsco.de"; - inherit port; - }; - networking.firewall.allowedUDPPorts = [ port ]; - systemd.services.prepare-dnscrypt-wrapper-keys = { - wantedBy = [ "dnscrypt-wrapper.service" ]; - before = [ "dnscrypt-wrapper.service" ]; - script = '' - install -m700 -o ${user} -v ${sec}/dnscrypt-public.key ${data}/public.key - install -m700 -o ${user} -v ${sec}/dnscrypt-secret.key ${data}/secret.key - ''; - }; -} diff --git a/makefu/2configs/editor/neovim/default.nix b/makefu/2configs/editor/neovim/default.nix deleted file mode 100644 index a6fc1abc1..000000000 --- a/makefu/2configs/editor/neovim/default.nix +++ /dev/null @@ -1,61 +0,0 @@ -{pkgs, config, ...}: -{ - fonts.fonts = [ pkgs.font-awesome_5 ]; - # Neovim dependencies - home-manager.users.makefu = { - home.packages = with pkgs; [ - ctags # dependencie - jq # For fixing json files - xxd # .bin files will be displayed with xxd - shellcheck # Shell linting - # ansible-lint # Ansible linting - unzip # To vim into unzipped files - # nodePackages.jsonlint # json linting - #ccls # C/C++ language server - #clang-tools # C++ fixer - cargo - - # Go support - #go - #gotools - #gocode - ]; - - home.file.".config/pycodestyle".text= '' - [pycodestyle] - max-line-length = 125 - ''; - programs.neovim = { - enable = true; - withPython3 = true; - # withNodeJs = true; - extraPython3Packages = (ps: with ps; [ - # python-language-server - # pyls-mypy - black libxml2 - ]); - extraConfig = builtins.readFile ./vimrc; - plugins = with pkgs.vimPlugins;[ - undotree - vim-addon-nix - - nerdtree # file manager - commentary # comment stuff out based on language - fugitive # full git integration - vim-airline-themes # lean & mean status/tabline - vim-airline # status bar - gitgutter # git diff in the gutter (sign column) - vim-trailing-whitespace # trailing whitspaces in red - tagbar # F3 function overview - ReplaceWithRegister # For better copying/replacing - polyglot # Language pack - vim-indent-guides # for displaying indent levels - deoplete-nvim # general autocompletion - deoplete-go - ale - molokai # color scheme - ]; - }; - }; -} - diff --git a/makefu/2configs/editor/neovim/vimrc b/makefu/2configs/editor/neovim/vimrc deleted file mode 100644 index 2a0a59f01..000000000 --- a/makefu/2configs/editor/neovim/vimrc +++ /dev/null @@ -1,469 +0,0 @@ -"***************************************************************************** -"" Functions -"***************************************************************************** - -function! GetBufferList() - redir =>buflist - silent! ls! - redir END - return buflist -endfunction - -function! ToggleList(bufname, pfx) - let buflist = GetBufferList() - for bufnum in map(filter(split(buflist, '\n'), 'v:val =~ "'.a:bufname.'"'), 'str2nr(matchstr(v:val, "\\d\\+"))') - if bufwinnr(bufnum) != -1 - exec(a:pfx.'close') - return - endif - endfor - if a:pfx == 'l' && len(getloclist(0)) == 0 - echohl ErrorMsg - echo "Location List is Empty." - return - endif - let winnr = winnr() - exec(a:pfx.'open') - if winnr() != winnr - wincmd p - endif -endfunction - - -"***************************************************************************** -"" Basic Setup -"*****************************************************************************" -" General -let no_buffers_menu=1 -syntax on -set ruler -set number -set mousemodel=popup -set t_Co=256 -set guioptions=egmrti -set gfn=Monospace\ 10 - -" TODO: Testing if this works against automatically setting paste mode -" Issue: https://github.com/neovim/neovim/issues/7994 -au InsertLeave * set nopaste - - -set undofile -"maximum number of changes that can be undone -set undolevels=1000000 -"maximum number lines to save for undo on a buffer reload -set undoreload=10000000 - -set backupdir=~/.vim/backup -set directory=~/.vim/tmp -set undodir =~/.vim/undo - -" create Backup/tmp/undo dirs -set backupdir=~/.vim/backup -set directory=~/.vim/tmp - -function! InitBackupDir() - let l:parent = $HOME . '/.vim/' - let l:backup = l:parent . 'backup/' - let l:tmpdir = l:parent . 'tmp/' - let l:undodir= l:parent . 'undo/' - - - if !isdirectory(l:parent) - call mkdir(l:parent) - endif - if !isdirectory(l:backup) - call mkdir(l:backup) - endif - if !isdirectory(l:tmpdir) - call mkdir(l:tmpdir) - endif - if !isdirectory(l:undodir) - call mkdir(l:undodir) - endif -endfunction -call InitBackupDir() - -augroup Binary - " edit binaries in xxd-output, xxd is part of vim - au! - au BufReadPre *.bin let &bin=1 - au BufReadPost *.bin if &bin | %!xxd - au BufReadPost *.bin set ft=xxd | endif - au BufWritePre *.bin if &bin | %!xxd -r - au BufWritePre *.bin endif - au BufWritePost *.bin if &bin | %!xxd - au BufWritePost *.bin set nomod | endif -augroup END - -" Encoding -set encoding=utf-8 -set fileencoding=utf-8 -set fileencodings=utf-8 -set bomb -set binary - -" Fix backspace indent -set backspace=indent,eol,start - -" Tabs. May be overriten by autocmd rules -set tabstop=4 -set softtabstop=0 -set shiftwidth=4 -set expandtab - -" Map leader to , -let mapleader=',' - -" Required for operations modifying multiple buffers like rename. -set hidden - -" Searching -set hlsearch -set incsearch -set ignorecase -set smartcase - -" Directories for swp files -set nobackup -set noswapfile - -set fileformats=unix,dos,mac - -" File overview -set wildmode=list:longest,list:full -set wildignore+=*.o,*.obj,.git,*.rbc,*.pyc,__pycache__ - -" Shell to emulate -if exists('$SHELL') - set shell=$SHELL -else - set shell=/bin/bash -endif - -" Set color scheme -colorscheme molokai - -"Show always Status bar -set laststatus=2 - -" Use modeline overrides -set modeline -set modelines=10 - -" Set terminal title -set title -set titleold="Terminal" -set titlestring=%F - -" search will center on the line it's found in. -nnoremap n nzzzv -nnoremap N Nzzzv - - - -"***************************************************************************** -"" Abbreviations -"***************************************************************************** -" no one is really happy until you have this shortcuts -cnoreabbrev W! w! -cnoreabbrev Q! q! -cnoreabbrev Qall! qall! -cnoreabbrev Wq wq -cnoreabbrev Wa wa -cnoreabbrev wQ wq -cnoreabbrev WQ wq -cnoreabbrev W w -cnoreabbrev Q q -cnoreabbrev Qall qall - -" NERDTree configuration -let g:NERDTreeChDirMode=2 -let g:NERDTreeIgnore=['\.rbc$', '\~$', '\.pyc$', '\.db$', '\.sqlite$', '__pycache__'] -let g:NERDTreeSortOrder=['^__\.py$', '\/$', '*', '\.swp$', '\.bak$', '\~$'] -let g:NERDTreeShowBookmarks=1 -let g:nerdtree_tabs_focus_on_files=1 -let g:NERDTreeMapOpenInTabSilent = '' -let g:NERDTreeWinSize = 50 -set wildignore+=*/tmp/*,*.so,*.swp,*.zip,*.pyc,*.db,*.sqlite -nnoremap :NERDTreeFind -nnoremap :NERDTreeToggle - - -" open terminal emulation -nnoremap sh :terminal:startinsert - -"***************************************************************************** -"" Autocmd Rules -"***************************************************************************** -"" The PC is fast enough, do syntax highlight syncing from start unless 200 lines -augroup vimrc-sync-fromstart - autocmd! - autocmd BufEnter * :syntax sync maxlines=200 -augroup END - -" Nasm filetype -augroup nasm - autocmd! - autocmd BufRead,BufNewFile *.nasm set ft=nasm -augroup END - -" Binary filetype -augroup Binary - au! - au BufReadPre *.bin,*.exe,*.elf let &bin=1 - au BufReadPost *.bin,*.exe,*.elf if &bin | %!xxd - au BufReadPost *.bin,*.exe,*.elf set ft=xxd | endif - au BufWritePre *.bin,*.exe,*.elf if &bin | %!xxd -r - au BufWritePre *.bin,*.exe,*.elf endif - au BufWritePost *.bin,*.exe,*.elf if &bin | %!xxd - au BufWritePost *.bin,*.exe,*.elf set nomod | endif -augroup END - -" Binary filetype -augroup fasm - au! - au BufReadPost *.fasm set ft=fasm -augroup END - -augroup deoplete-update - autocmd! - autocmd VimEnter * UpdateRemotePlugin -augroup END - - - -"" Remember cursor position -augroup vimrc-remember-cursor-position - autocmd! - autocmd BufReadPost * if line("'\"") > 1 && line("'\"") <= line("$") | exe "normal! g`\"" | endif -augroup END - -"" txt -" augroup vimrc-wrapping -" autocmd! -" autocmd BufRead,BufNewFile *.txt call s:setupWrapping() -" augroup END - -"" make/cmake -augroup vimrc-make-cmake - autocmd! - autocmd FileType make setlocal noexpandtab - autocmd BufNewFile,BufRead CMakeLists.txt setlocal filetype=cmake -augroup END - -set autoread - -"***************************************************************************** -"" Mappings -"***************************************************************************** - -" Split -noremap h :split -noremap v :vsplit - -" Git -noremap ga :Gwrite -noremap gc :Gcommit -noremap gsh :Gpush -noremap gll :Gpull -noremap gs :Gstatus -noremap gb :Gblame -noremap gd :Gvdiff -noremap gr :Gremove - -" Tabs -nnoremap gt -nnoremap gT -nnoremap :tabnew - -" Set working directory -nnoremap . :lcd %:p:h - -" Opens an edit command with the path of the currently edited file filled in -noremap e :e =expand("%:p:h") . "/" - -" Opens a tab edit command with the path of the currently edited file filled -noremap te :tabe =expand("%:p:h") . "/" - -" Tagbar -nmap :TagbarToggle -let g:tagbar_autofocus = 1 - -" Copy/Paste/Cut -set clipboard^=unnamed,unnamedplus - -noremap YY "+y -noremap p "+gP -noremap XX "+x - -" Enable mouse for vim -set mouse=a - -" Buffer nav -noremap z :bp -noremap q :bp -noremap x :bn -noremap w :bn - -" Close buffer -noremap c :bd - -" Clean search (highlight) -nnoremap :noh - -" Switching windows -noremap j -noremap k -noremap l -noremap h - -" Vmap for maintain Visual Mode after shifting > and < -vmap < >gv - -" Move visual block -vnoremap J :m '>+1gv=gv -vnoremap K :m '<-2gv=gv - -" Open current line on GitHub -nnoremap o :.Gbrowse - - -" Save on strg+s if not in paste mode -nmap :w -vmap gv -imap - -" Quit on strg+q in normal mode -nnoremap :q - -" Strg+d to replace word under cursor -nnoremap :%s/\<\>//g - -" Strg+f ro find word under cursor -nnoremap :/ - -" Remove unneccessary spaces -nnoremap :let _s=@/ :%s/\s\+$//e :let @/=_s :nohl :unlet _s - -" undotree -nnoremap :UndotreeToggle - -" Reindent whole file with F6 -map mzgg=G`z - -nnoremap :set invpaste paste? -set pastetoggle= -set showmode - -" save on focus lost -au FocusLost * :wa - -" Toggle location list -nmap :call ToggleList("Quickfix List", 'c') - -" Replacing text in visual mode doesn't copy it anymore -xmap p ReplaceWithRegisterVisual -xmap ReplaceWithRegisterVisual - -"" Opens an edit command with the path of the currently edited file filled in -noremap e :e =expand("%:p:h") . "/" - -" Use tab for navigatin in autocompletion window -inoremap pumvisible() ? "\" : "\" -inoremap pumvisible() ? "\" : "\" - -" ALE mappings -nmap i (ale_hover) -nmap d (ale_go_to_definition_in_tab) -nmap rf (ale_find_references) -nmap (ale_fix) - -"***************************************************************************** -"" Plugin settings -"***************************************************************************** - -" vim-airline -set statusline+=%{fugitive#statusline()} -let g:airline_theme = 'powerlineish' -let g:airline#extensions#syntastic#enabled = 1 -let g:airline#extensions#branch#enabled = 1 -let g:airline#extensions#tabline#enabled = 1 -let g:airline#extensions#tagbar#enabled = 1 -let g:airline_skip_empty_sections = 1 -let g:airline#extensions#ale#enabled = 1 - -" show indent lines -let g:indent_guides_enable_on_vim_startup = 1 -let g:indent_guides_auto_colors = 0 -hi IndentGuidesOdd ctermbg=235 -hi IndentGuidesEven ctermbg=235 -let g:indent_guides_guide_size = 1 -let g:indent_guides_start_level = 2 - -" Enable autocompletion -let g:deoplete#enable_at_startup = 1 -set completeopt=noinsert,menuone,noselect -let g:deoplete#sources = {} -let g:deoplete#sources._ = ['ale', 'file', 'omni', 'buffer'] - -" Ale no preview on hover -let g:ale_close_preview_on_insert = 0 -let g:ale_cursor_detail = 0 - -" Ale skip if file size over 2G -let g:ale_maximum_file_size = "2147483648" -let g:ale_set_quickfix = 1 - -" Ale language server -let g:ale_linters = { - \ 'python': ['pyls'], - \ 'cpp': ['ccls'], - \ 'c': ['gcc'], - \ 'xml': ['xmllint'], - \ 'rust': ['cargo'], - \ 'go': ['gofmt'], - \ } - -" ALE fixers -let g:ale_fixers = { '*': ['remove_trailing_lines', 'trim_whitespace'] } -let g:ale_fixers.python = ['black'] -let g:ale_fixers.go = ['gofmt'] -let g:ale_fixers.c = ['clang-format'] -let g:ale_fixers.cpp = ['clang-format'] -let g:ale_fixers.json = ['jq'] -let g:ale_fixers.xml = ['xmllint'] - -let g:ale_completion_enabled = 1 -let g:ale_sign_error = '⤫' -let g:ale_sign_warning = '⚠' -let g:ale_lint_on_insert_leave = 1 - -"***************************************************************************** -"" Shortcuts overview -"***************************************************************************** -" Shortcuts overview -" F1 --> Filetree find -" F2 --> Filetree toggle -" F3 --> Function overview -" F4 --> Toggle error bar - -" F5 --> undotree -" F6 --> Reindent whole file -" F7 --> Format and lint file -" F8 --> Remove trailing whitespaces -" F9 --> toggle paste -" ,i --> Information about function -" ,d --> Jump to definition -" ,r --> Rename in all occurences -" ,rf --> Find references of function/variable -" ,e --> Change current file -" ,te --> Open file in new tab -" u --> Undo -" strg+f --> Find current selected word -" strg+d --> Replace current selected word -" strg+s --> Save file -" strg+q --> Close current file -" space+, --> Stop highlighting words after search - diff --git a/makefu/2configs/editor/vim.nix b/makefu/2configs/editor/vim.nix deleted file mode 100644 index 305f26a04..000000000 --- a/makefu/2configs/editor/vim.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ config, pkgs, ... }: - -{ - - environment.systemPackages = [ - ((pkgs.vim_configurable).customize { - name = "vim"; - vimrcConfig.customRC = builtins.readFile ./vimrc; - vimrcConfig.packages.myVimPackage = with pkgs.vimPlugins; { start = [ - "undotree" - "YouCompleteMe" - #"UltiSnips" - # vim-nix handles indentation better but does not perform sanity - "vim-nix" - "vim-addon-nix" - "vim-better-whitespace" - ]; - }; - }) - ]; -} diff --git a/makefu/2configs/editor/vimrc b/makefu/2configs/editor/vimrc deleted file mode 100644 index d270effa2..000000000 --- a/makefu/2configs/editor/vimrc +++ /dev/null @@ -1,117 +0,0 @@ -set nocompatible -syntax on -set list -set listchars=tab:▸\ -"set list listchars=tab:>-,trail:.,extends:> - -filetype off -filetype plugin indent on - -colorscheme desert -set background=dark - -set number -set relativenumber -set mouse=a -set ignorecase -set incsearch -set wildignore=*.o,*.obj,*.bak,*.exe,*.os -set textwidth=79 -set shiftwidth=2 -set expandtab -set softtabstop=2 -set shiftround -set smarttab -set tabstop=2 -set et -set autoindent -set backspace=indent,eol,start - - -inoremap -nnoremap -vnoremap - -nnoremap :UndotreeToggle -set undodir =~/.vim/undo -set undofile -"maximum number of changes that can be undone -set undolevels=1000000 -"maximum number lines to save for undo on a buffer reload -set undoreload=10000000 - -nnoremap :set invpaste paste? -set pastetoggle= -set showmode - -set showmatch -set matchtime=3 -set hlsearch - -autocmd ColorScheme * highlight ExtraWhitespace ctermbg=red guibg=red - -let g:better_whitespace_enabled=1 -let g:strip_whitespace_on_save=1 - - -" save on focus lost -au FocusLost * :wa - -autocmd BufRead *.json set filetype=json -au BufNewFile,BufRead *.mustache set syntax=mustache - -cnoremap SudoWrite w !sudo tee > /dev/null % - -" create Backup/tmp/undo dirs -set backupdir=~/.vim/backup -set directory=~/.vim/tmp - -function! InitBackupDir() - let l:parent = $HOME . '/.vim/' - let l:backup = l:parent . 'backup/' - let l:tmpdir = l:parent . 'tmp/' - let l:undodir= l:parent . 'undo/' - - - if !isdirectory(l:parent) - call mkdir(l:parent) - endif - if !isdirectory(l:backup) - call mkdir(l:backup) - endif - if !isdirectory(l:tmpdir) - call mkdir(l:tmpdir) - endif - if !isdirectory(l:undodir) - call mkdir(l:undodir) - endif -endfunction -call InitBackupDir() - -augroup Binary - " edit binaries in xxd-output, xxd is part of vim - au! - au BufReadPre *.bin let &bin=1 - au BufReadPost *.bin if &bin | %!xxd - au BufReadPost *.bin set ft=xxd | endif - au BufWritePre *.bin if &bin | %!xxd -r - au BufWritePre *.bin endif - au BufWritePost *.bin if &bin | %!xxd - au BufWritePost *.bin set nomod | endif -augroup END - - -" youcompleteme -let g:ycm_collect_identifiers_from_tags_files = 1 " Let YCM read tags from Ctags file -let g:ycm_use_ultisnips_completer = 1 " Default 1, just ensure -let g:ycm_seed_identifiers_with_syntax = 1 " Completion for programming language's keyword -let g:ycm_complete_in_comments = 1 " Completion in comments -let g:ycm_complete_in_strings = 1 " Completion in string - -" utilsnips -let g:UltiSnipsExpandTrigger = "" -let g:UltiSnipsJumpForwardTrigger = "" -let g:UltiSnipsJumpBackwardTrigger = "" -let g:UltiSnipsListSnippets = "" "List possible snippets based on current file - -hi MatchParen cterm=none ctermbg=green ctermfg=blue diff --git a/makefu/2configs/elchos/irc-token.nix b/makefu/2configs/elchos/irc-token.nix deleted file mode 100644 index 4844bf29f..000000000 --- a/makefu/2configs/elchos/irc-token.nix +++ /dev/null @@ -1,77 +0,0 @@ -{pkgs, ...}: -with import ; -let - secret = (import ); -in { - systemd.services.elchos-irctoken2 = { - startAt = "*:0/5"; - serviceConfig = { - RuntimeMaxSec = "20"; - }; - script = '' - set -euf - now=$(date -u +%Y-%m-%dT%H:%M) - sleep 5 - sec=$(cat /tmp/irc-secret) - message="The current secret is $sec" - echo "$message" - LOGNAME=sec-announcer - HOSTNAME=$(${pkgs.systemd}/bin/hostnamectl --transient) - IRC_SERVER=irc.hackint.org - IRC_PORT=6667 - IRC_NICK=$HOSTNAME-$$ - IRC_CHANNEL='#eloop' - - export IRC_CHANNEL # for privmsg_cat - - echo2() { echo "$*"; echo "$*" >&2; } - - privmsg_cat() { ${pkgs.gawk}/bin/awk '{ print "PRIVMSG "ENVIRON["IRC_CHANNEL"]" :"$0 }'; } - - tmpdir="$(mktemp -d irc-announce_XXXXXXXX)" - cd "$tmpdir" - mkfifo ircin - trap " - rm ircin - cd '$OLDPWD' - rmdir '$tmpdir' - trap - EXIT INT QUIT - " EXIT INT QUIT - - { - echo2 "USER $LOGNAME 0 * :$LOGNAME@$HOSTNAME" - echo2 "NICK $IRC_NICK" - - # wait for MODE message - ${pkgs.gnused}/bin/sed -un '/^:[^ ]* MODE /q' - - echo2 "JOIN $IRC_CHANNEL" - - printf '%s' "$message" \ - | privmsg_cat - - echo2 "PART $IRC_CHANNEL" - - # wait for PART confirmation - sed -un '/:'"$IRC_NICK"'![^ ]* PART /q' - - echo2 'QUIT :Gone to have lunch' - } < ircin \ - | ${pkgs.netcat}/bin/netcat "$IRC_SERVER" "$IRC_PORT" |tee -a ircin - ''; - }; - systemd.services.elchos-create-token = { - startAt = "*:0/30"; - serviceConfig = { - RuntimeMaxSec = "20"; - }; - script = '' - set -euf - now=$(date -u +%Y-%m-%dT%H:%M) - sec=$(echo -n "${secret}$now" | md5sum | cut -d\ -f1) - message="The secret valid for 30 minutes is $sec" - echo -n "$sec" > /tmp/irc-secret - echo "token for $now (UTC) is $sec" - ''; - }; -} diff --git a/makefu/2configs/elchos/log.nix b/makefu/2configs/elchos/log.nix deleted file mode 100644 index 50b40816b..000000000 --- a/makefu/2configs/elchos/log.nix +++ /dev/null @@ -1,55 +0,0 @@ -{ config, lib, pkgs, ... }: - -let -in { - networking.firewall.allowedTCPPorts = [ 80 443 514 ]; - networking.firewall.allowedUDPPorts = [ 80 443 514 ]; - services.logstash = { - enable = true; - enableWeb = true; - inputConfig = '' - syslog { - timezone => "Etc/UTC" - } - ''; - filterConfig = '' - if ( [program] == "proftpd") { - kv { - field_split => " " - } - } - ''; - outputConfig = '' - #stdout { - # codec => rubydebug - #} - elasticsearch { } - ''; - }; - services.elasticsearch = { - enable = true; - }; - services.kibana = { - enable = true; - port = 9332; - }; - services.nginx = { - virtualHosts = { - "log.nsupdate.info" = { - enableACME = true; - forceSSL = true; - basicAuth = import ; - locations = { - "/" = { - proxyPass = "http://localhost:9332"; - extraConfig = '' - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - ''; - }; - }; - }; - }; - }; -} diff --git a/makefu/2configs/elchos/search.nix b/makefu/2configs/elchos/search.nix deleted file mode 100644 index e7b91e6a8..000000000 --- a/makefu/2configs/elchos/search.nix +++ /dev/null @@ -1,121 +0,0 @@ -{ config, lib, pkgs, ... }: - -# search also generates ddclient entries for all other logs - -with import ; -let - #primary-itf = "eth0"; - #primary-itf = "wlp2s0"; - primary-itf = config.makefu.server.primary-itf; - elch-sock = "${config.services.uwsgi.runDir}/uwsgi-elch.sock"; - ddclientUser = "ddclient"; - sec = toString ; - nsupdate = import "${sec}/nsupdate-search.nix"; - stateDir = "/var/spool/ddclient"; - cfg = "${stateDir}/cfg"; - ddclientPIDFile = "${stateDir}/ddclient.pid"; - - # TODO: correct cert generation requires a `real` internet ip address - - gen-cfg = dict: '' - ssl=yes - cache=${stateDir}/ddclient.cache - pid=${ddclientPIDFile} - ${concatStringsSep "\n" (mapAttrsToList (user: pass: '' - - protocol=dyndns2 - use=if, if=${primary-itf} - ssl=yes - server=ipv4.nsupdate.info - login=${user} - password='${pass}' - ${user} - - protocol=dyndns2 - usev6=if, if=${primary-itf} - ssl=yes - server=ipv6.nsupdate.info - login=${user} - password='${pass}' - ${user} - '') dict)} - ''; - -in { - users.extraUsers = singleton { - name = ddclientUser; - uid = genid "ddclient"; - description = "ddclient daemon user"; - home = stateDir; - createHome = true; - }; - services.redis.enable = mkForce true; - services.redis.bind = "127.0.0.1"; - - services.uwsgi = { - enable = true; - user = "nginx"; - plugins = [ "python3" ]; - instance = { - type = "emperor"; - vassals = { - elchhub = { - type = "normal"; - pythonPackages = self: with self; [ pkgs.elchhub ]; - socket = elch-sock; - }; - }; - }; - }; - - services.nginx = { - enable = mkDefault true; - virtualHosts = { - "search.nsupdate.info" = { - enableACME = true; - forceSSL = true; - locations = { - "/".extraConfig = '' - uwsgi_pass unix://${elch-sock}; - uwsgi_param UWSGI_CHDIR ${pkgs.elchhub}/${pkgs.python3.sitePackages}; - uwsgi_param UWSGI_MODULE elchhub.wsgi; - uwsgi_param UWSGI_CALLABLE app; - - include ${pkgs.nginx}/conf/uwsgi_params; - ''; - }; - }; - }; - }; - - systemd.services = { - redis.serviceConfig.LimitNOFILE=10032; - elchos-ftp-scanner = { - wantedBy = [ "multi-user.target" ]; - after = [ "ip-up.target" ]; - serviceConfig = { - User = "nginx"; - ExecStart = "${pkgs.elchhub}/bin/elch-manager"; - }; - }; - ddclient-nsupdate-elchos = { - wantedBy = [ "multi-user.target" ]; - after = [ "ip-up.target" ]; - serviceConfig = { - Type = "forking"; - User = ddclientUser; - PIDFile = ddclientPIDFile; - ExecStartPre = pkgs.writeDash "init-nsupdate" '' - cp -vf ${pkgs.writeText "ddclient-config" (gen-cfg nsupdate)} ${cfg} - chmod 700 ${cfg} - ''; - ExecStart = "${pkgs.ddclient}/bin/ddclient -verbose -daemon 1 -noquiet -file ${cfg}"; - }; - }; - }; - - networking.firewall = { - allowedTCPPorts = [ 80 443 ]; - allowedUDPPorts = [ ]; - }; -} diff --git a/makefu/2configs/elchos/stats.nix b/makefu/2configs/elchos/stats.nix deleted file mode 100644 index 2036b391f..000000000 --- a/makefu/2configs/elchos/stats.nix +++ /dev/null @@ -1,86 +0,0 @@ -{ config, lib, pkgs, ... }: - -# requires nsupdate to get correct hostname (from ./search.nix) -# graphite-web on port 8080 -# carbon cache on port 2003 (tcp/udp) - -with import ; -{ - - networking.firewall = { - allowedTCPPorts = [ 2003 80 443 18080 ]; - allowedUDPPorts = [ 2003 ]; - }; - - services.nginx = { - enable = mkDefault true; - virtualHosts = { - "stats.nsupdate.info" = { - enableACME = true; - forceSSL = true; - - locations = { - "/" = { - proxyPass = "http://localhost:3000/"; - extraConfig = '' - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - ''; - }; - }; - }; - }; - }; - - services.grafana = { - enable = true; - addr = "127.0.0.1"; - users.allowSignUp = false; - users.allowOrgCreate = false; - users.autoAssignOrg = false; - auth.anonymous.enable = true; - security = import ; # { AdminUser = ""; adminPassword = ""} - }; - - services.graphite = { - api = { - enable = true; - # package = pkgs.graphiteApi; - #listenAddress = "127.0.0.1"; - listenAddress = "0.0.0.0"; - port = 18080; - }; - carbon = { - enableCache = true; - # save disk usage by restricting to 1 bulk update per second - config = '' - [cache] - MAX_CACHE_SIZE = inf - MAX_UPDATES_PER_SECOND = 3 - MAX_CREATES_PER_MINUTE = 5000 - LOG_UPDATES = False - LOG_CACHE_HITS = False - LOG_CACHE_QUEUE_SORTS = False - ''; - storageSchemas = '' - [carbon] - pattern = ^carbon\. - retentions = 60:90d - - [elchos] - patterhn = ^elchos\. - retentions = 10s:30d,60s:3y - - - [default] - pattern = ^krebs\. - retentions = 1s:30d,30s:3m,300s:1y - [default] - pattern = .* - retentions = 30s:30d,300s:1y - ''; - }; - }; - -} diff --git a/makefu/2configs/elchos/test/ftpservers.nix b/makefu/2configs/elchos/test/ftpservers.nix deleted file mode 100644 index bc7517209..000000000 --- a/makefu/2configs/elchos/test/ftpservers.nix +++ /dev/null @@ -1,7 +0,0 @@ -{...}: -{ - services.vsftpd.anonymousUser = true; - services.vsftpd.enable = true; - services.vsftpd.chrootlocalUser = true; - networking.firewall.allowedTCPPorts = [ 21 ]; -} diff --git a/makefu/2configs/exim-retiolum.nix b/makefu/2configs/exim-retiolum.nix deleted file mode 100644 index 1f433ab44..000000000 --- a/makefu/2configs/exim-retiolum.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -{ - networking.firewall.allowedTCPPorts = [ 25 ]; - - krebs.exim-retiolum.enable = true; - krebs.exim-retiolum.rspamd.enable = true; - environment.systemPackages = with pkgs; [ - msmtp - ]; -} diff --git a/makefu/2configs/extra-fonts.nix b/makefu/2configs/extra-fonts.nix deleted file mode 100644 index 25ca7a33a..000000000 --- a/makefu/2configs/extra-fonts.nix +++ /dev/null @@ -1,14 +0,0 @@ - { pkgs, ... }: - { - fonts = { - fontDir.enable = true; - enableGhostscriptFonts = true; - fonts = with pkgs; [ - inconsolata # monospaced - ubuntu_font_family # Ubuntu fonts - unifont # some international languages - dejavu_fonts - terminus_font - ]; - }; - } diff --git a/makefu/2configs/fetchWallpaper.nix b/makefu/2configs/fetchWallpaper.nix deleted file mode 100644 index f63417e8f..000000000 --- a/makefu/2configs/fetchWallpaper.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ config, pkgs, ... }: - -{ - krebs.fetchWallpaper = { - enable = true; - display = ":0.0"; - unitConfig.ConditionPathExists = "!/var/run/ppp0.pid"; - timerConfig = { - OnCalendar = "*:0/30"; - }; - url = "http://prism.r/realwallpaper-krebs.png"; - }; - -} - diff --git a/makefu/2configs/filepimp-share.nix b/makefu/2configs/filepimp-share.nix deleted file mode 100644 index 850d432f3..000000000 --- a/makefu/2configs/filepimp-share.nix +++ /dev/null @@ -1,35 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -let - hostname = config.krebs.build.host.name; -in { - users.users.smbguest = { - name = "smbguest"; - uid = config.ids.uids.smbguest; # effectively systemUser - description = "smb guest user"; - home = "/var/empty"; - group = "share"; - }; - users.groups.share = {}; - services.samba = { - enable = true; - shares = { - media = { - path = "/media/"; - "read only" = "no"; - browseable = "yes"; - "guest ok" = "yes"; - }; - }; - extraConfig = '' - guest account = smbguest - map to guest = bad user - # disable printing - load printers = no - printing = bsd - printcap name = /dev/null - disable spoolss = yes - ''; - }; -} diff --git a/makefu/2configs/fs/CAC-CentOS-7-64bit.nix b/makefu/2configs/fs/CAC-CentOS-7-64bit.nix deleted file mode 100644 index c9eb97f44..000000000 --- a/makefu/2configs/fs/CAC-CentOS-7-64bit.nix +++ /dev/null @@ -1,20 +0,0 @@ -_: - -{ - boot.loader.grub = { - device = "/dev/sda"; - }; - fileSystems = { - "/" = { - device = "/dev/centos/root"; - fsType = "xfs"; - }; - "/boot" = { - device = "/dev/sda1"; - fsType = "xfs"; - }; - }; - swapDevices = [ - { device = "/dev/centos/swap"; } - ]; -} diff --git a/makefu/2configs/fs/cac-boot-partition.nix b/makefu/2configs/fs/cac-boot-partition.nix deleted file mode 100644 index 14480bc4a..000000000 --- a/makefu/2configs/fs/cac-boot-partition.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ config, lib, pkgs, ... }: - -# vda1 ext4 (label nixos) -> only root partition -{ - boot.loader.grub.enable = true; - boot.loader.grub.version = 2; - boot.loader.grub.device = "/dev/sda"; - - fileSystems."/" = { - device = "/dev/disk/by-label/nixos"; - fsType = "ext4"; - }; - fileSystems."/boot" = { - device = "/dev/disk/by-label/boot"; - fsType = "ext4"; - }; - - hardware.enableRedistributableFirmware = true; - nixpkgs.config.allowUnfree = true; -} diff --git a/makefu/2configs/fs/sda-crypto-root-home.nix b/makefu/2configs/fs/sda-crypto-root-home.nix deleted file mode 100644 index 4f0cf8c6b..000000000 --- a/makefu/2configs/fs/sda-crypto-root-home.nix +++ /dev/null @@ -1,49 +0,0 @@ -{ config, lib, pkgs, ... }: - -# ssd # -# sda: bootloader grub2 -# sda1: boot ext4 (label nixboot) -# sda2: cryptoluks -> -# lvm: -# / (main-root) -# /home (main-home) - -# clean the boot sector: -# dd if=/dev/zero of=/dev/sda count=2048 -# Installation Instruction on ISO: -# fdisk /dev/sda - # boot 500M - # rest rest -# cryptsetup luksFormat /dev/sda2 -# mkfs.ext4 -L nixboot /dev/sda1 -# cryptsetup luksOpen /dev/sda2 cryptoluks -# pvcreate /dev/mapper/cryptoluks -# vgcreate main /dev/mapper/cryptoluks -# lvcreate -L 200Gib main -n root -# lvcreate -L 800Gib main -n home -# mkfs.ext4 /dev/main/root -# mkfs.ext4 /dev/main/home -# mount /dev/mapper/main-root /mnt -# mkdir -p /mnt/{boot,home,var/src} /var/src -# mount /dev/sda1 /mnt/boot -# mount /dev/mapper/main-home /mnt/home -# touch /mnt/var/src/.populate -# mount -o bind /mnt/var/src /var/src -# nix-channel --add https://nixos.org/channels/nixos-19.03 nixpkgs && # nix-channel --update -# nix-env -iA nixpkgs.gitMinimal -# (on deploy-host) $(nix-build ~/stockholm/makefu/krops.nix --no-out-link --argstr name x --argstr target 10.42.22.91 -A deploy --show-trace) -# NIXOS_CONFIG=/var/src/nixos-config nixos-install -I /var/src --no-root-passwd --no-channel-copy -{ - - imports = [ - ./sda-crypto-root.nix # configures crypto + boot - ]; - fileSystems = { - "/".device = lib.mkForce "/dev/mapper/main-root"; - "/home" = { - device = "/dev/mapper/main-home"; - fsType = "ext4"; - options = [ "defaults" "discard" ]; - }; - }; -} diff --git a/makefu/2configs/fs/sda-crypto-root.nix b/makefu/2configs/fs/sda-crypto-root.nix deleted file mode 100644 index 54ee9f9e5..000000000 --- a/makefu/2configs/fs/sda-crypto-root.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ config, lib, pkgs, ... }: - -# sda: bootloader grub2 -# sda1: boot ext4 (label nixboot) - must be unlocked on boot if required: - # boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }]; -# sda2: cryptoluks -> ext4 - -# fdisk /dev/sda - # boot 500M - # rest rest -# cryptsetup luksFormat /dev/sda2 -# mkfs.ext4 -L nixboot /dev/sda1 -{ - boot = { - loader.grub.enable = true; - loader.grub.version = 2; - loader.grub.device = lib.mkDefault "/dev/sda"; - - #initrd.luks.cryptoModules = ["aes" "sha512" "sha1" "xts" ]; - initrd.availableKernelModules = ["cbc" "hmac" "sha256" "rng" "aes" "encrypted_keys" "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ]; - }; - fileSystems = { - "/" = { - device = "/dev/mapper/luksroot"; - fsType = "ext4"; - options = [ "defaults" "discard" ]; - }; - "/boot" = { - device = "/dev/disk/by-label/nixboot"; - fsType = "ext4"; - options = [ "defaults" "discard" ]; - }; - }; -} diff --git a/makefu/2configs/fs/simple-swap.nix b/makefu/2configs/fs/simple-swap.nix deleted file mode 100644 index 8c161b287..000000000 --- a/makefu/2configs/fs/simple-swap.nix +++ /dev/null @@ -1,11 +0,0 @@ -_: -{ - # do not swap that often - boot.kernel.sysctl = { - "vm.swappiness" = 25; - }; - - swapDevices = [ - { device = "/dev/disk/by-label/swap"; } - ]; -} diff --git a/makefu/2configs/fs/single-partition-ext4.nix b/makefu/2configs/fs/single-partition-ext4.nix deleted file mode 100644 index 1655556a5..000000000 --- a/makefu/2configs/fs/single-partition-ext4.nix +++ /dev/null @@ -1,12 +0,0 @@ -{config, ...}: -{ - # fdisk /dev/sda - # mkfs.ext4 -L nixos /dev/sda1 - boot.loader.grub.enable = assert config.boot.loader.grub.device != ""; true; - boot.loader.grub.version = 2; - - fileSystems."/" = { - device = "/dev/disk/by-label/nixos"; - fsType = "ext4"; - }; -} diff --git a/makefu/2configs/fs/vm-single-partition.nix b/makefu/2configs/fs/vm-single-partition.nix deleted file mode 100644 index 26908c357..000000000 --- a/makefu/2configs/fs/vm-single-partition.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ config, lib, pkgs, ... }: - -# vda1 ext4 (label nixos) -> only root partition -with import ; -{ - imports = [ - ./single-partition-ext4.nix - ]; - boot.loader.grub.device = "/dev/vda"; - -} diff --git a/makefu/2configs/git/brain-retiolum.nix b/makefu/2configs/git/brain-retiolum.nix deleted file mode 100644 index 3be3fccef..000000000 --- a/makefu/2configs/git/brain-retiolum.nix +++ /dev/null @@ -1,58 +0,0 @@ -{ config, lib, pkgs, ... }: -# TODO: remove tv lib :) -with import ; -let - - repos = krebs-repos; - rules = concatMap krebs-rules (attrValues krebs-repos); - - krebs-repos = mapAttrs make-krebs-repo { - brain = { }; - krebs-secrets = { }; - }; - - - make-krebs-repo = with git; name: { cgit ? {}, ... }: { - inherit cgit name; - public = false; - hooks = { - post-receive = pkgs.git-hooks.irc-announce { - nick = config.networking.hostName; - verbose = true; - channel = "#xxx"; - # TODO remove the hardcoded hostname - server = "irc.r"; - }; - }; - }; - - - - # TODO: get the list of all krebsministers - krebsminister = with config.krebs.users; [ lass tv ]; - krebs-rules = repo: - set-owners repo [ config.krebs.users.makefu ] ++ set-ro-access repo krebsminister; - - set-ro-access = with git; repo: user: - singleton { - inherit user; - repo = [ repo ]; - perm = fetch; - }; - - set-owners = with git;repo: user: - singleton { - inherit user; - repo = [ repo ]; - perm = push "refs/*" [ non-fast-forward create delete merge ]; - }; - -in { - krebs.git = { - enable = true; - cgit = { - enable = false; - }; - inherit repos rules; - }; -} diff --git a/makefu/2configs/git/cgit-retiolum.nix b/makefu/2configs/git/cgit-retiolum.nix deleted file mode 100644 index 114febe8b..000000000 --- a/makefu/2configs/git/cgit-retiolum.nix +++ /dev/null @@ -1,133 +0,0 @@ -{ config, lib, pkgs, ... }: -# TODO: remove tv lib :) -with import ; -let - - repos = pub-repos // priv-repos // krebs-repos // connector-repos // krebsroot-repos; - rules = concatMap krebs-rules (attrValues krebs-repos) - ++ concatMap priv-rules (attrValues pub-repos) - ++ concatMap priv-rules (attrValues priv-repos) - ++ concatMap connector-rules (attrValues connector-repos) - ++ concatMap krebsroot-rules (attrValues krebsroot-repos); - - krebsroot-repos = mapAttrs make-krebs-repo { - hydra-stockholm = { }; - }; - - pub-repos = mapAttrs make-pub-repo { - yacos-backend = { - cgit.desc = "Yet Another Check-Out System"; - }; - ebk-notify.cgit.desc = "Ebay Kleinanzeigen Notify"; - kalauerbot.cgit.desc = "Kalauer König"; - }; - - krebs-repos = mapAttrs make-krebs-repo { - stockholm = { - cgit.desc = "Make all the systems into 1systems!"; - }; - stockholm-issues = { - cgit.desc = "Issue tracker"; - }; - tinc_graphs = { - cgit.desc = "Tinc Advanced Graph Generation"; - }; - stockholm-init = { - cgit.desc = "Build new Stockholm hosts"; - }; - cac-api = { }; - oof = { }; - euer_blog = { }; - ampel = { }; - europastats = { }; - arafetch = { }; - disko = { }; - init-stockholm = { - cgit.desc = "Init stuff for stockholm"; - }; - }; - - priv-repos = mapAttrs make-priv-repo { - autosync = { }; - fenkins = { }; - pass = { }; - secrets = { }; - }; - - connector-repos = mapAttrs make-priv-repo { - connector = { }; - minikrebs = { }; - mattermost = { - cgit.desc = "Mattermost Docker files"; - }; - }; - - - # TODO move users to separate module - make-priv-repo = name: { ... }: { - inherit name; - public = false; - }; - - make-pub-repo = name: { ... }: { - inherit name; - public = true; - }; - - make-krebs-repo = with git; name: { cgit ? {}, ... }: { - inherit cgit name; - public = true; - hooks = { - post-receive = pkgs.git-hooks.irc-announce { - nick = config.networking.hostName; - verbose = config.krebs.build.host.name == "gum"; - channel = "#xxx"; - # TODO remove the hardcoded hostname - server = "irc.r"; - }; - }; - }; - - - - # TODO: get the list of all krebsministers - krebsminister = with config.krebs.users; [ lass tv ]; - all-makefu = with config.krebs.users; [ makefu makefu-omo makefu-tsp makefu-vbob makefu-tempx makefu-android ]; - all-exco = with config.krebs.users; [ exco ]; - - priv-rules = repo: set-owners repo all-makefu; - - connector-rules = repo: set-owners repo all-makefu ++ set-owners repo all-exco; - - krebs-rules = repo: - set-owners repo all-makefu ++ set-ro-access repo krebsminister; - - krebsroot-rules = repo: - set-owners repo (all-makefu ++ krebsminister); - - set-ro-access = with git; repo: user: - optional repo.public { - inherit user; - repo = [ repo ]; - perm = fetch; - }; - - set-owners = with git;repo: user: - singleton { - inherit user; - repo = [ repo ]; - perm = push "refs/*" [ non-fast-forward create delete merge ]; - }; - -in { - krebs.git = { - enable = true; - cgit = { - settings = { - root-title = "public repositories"; - root-desc = "keep on krebsing"; - }; - }; - inherit repos rules; - }; -} diff --git a/makefu/2configs/git/gitlab-runner-shackspace.nix b/makefu/2configs/git/gitlab-runner-shackspace.nix deleted file mode 100644 index a5a1247ba..000000000 --- a/makefu/2configs/git/gitlab-runner-shackspace.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ config, ... }: -let - url = "https://git.shackspace.de/"; - # generate token from CI-token via: - ## gitlab-runner register - token = import ; -in { - virtualisation.docker.enable = true; - services.gitlab-runner = { - enable = true; - gracefulTimeout = "120min"; - # configFile = "/var/src/secrets/runner.toml"; - configOptions = { - concurrent = 2; - runners = [{ - name = "nix-krebs-1.11"; - inherit token url; - executor = "docker"; - builds_dir = ""; - docker = { - host = ""; - image = "nixos/nix:1.11"; - privileged = false; - disable_cache = false; - volumes = ["/cache"]; - shm_size = 0; - }; - cache = {}; - }]; - }; - }; -} diff --git a/makefu/2configs/graphite-standalone.nix b/makefu/2configs/graphite-standalone.nix deleted file mode 100644 index 51c4c9561..000000000 --- a/makefu/2configs/graphite-standalone.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ config, lib, pkgs, ... }: - -# graphite-web on port 8080 -# carbon cache on port 2003 (tcp/udp) -with import ; -{ - imports = [ ]; - - services.graphite = { - web = { - enable = true; - listenAddress = "0.0.0.0"; - }; - carbon = { - enableCache = true; - # save disk usage by restricting to 1 bulk update per second - config = '' - [cache] - MAX_CACHE_SIZE = inf - MAX_UPDATES_PER_SECOND = 1 - MAX_CREATES_PER_MINUTE = 50 - ''; - storageSchemas = '' - [carbon] - pattern = ^carbon\. - retentions = 60:90d - - [default] - pattern = .* - retentions = 60s:30d,300s:1y - ''; - }; - }; -} diff --git a/makefu/2configs/gui/automatic-diskmount.nix b/makefu/2configs/gui/automatic-diskmount.nix deleted file mode 100644 index ad3774be8..000000000 --- a/makefu/2configs/gui/automatic-diskmount.nix +++ /dev/null @@ -1,43 +0,0 @@ -{ pkgs, ... }: -with import ; #genid -{ # auto-mounting via polkit - services.udisks2.enable = true; -## automount all disks: -# services.devmon.enable = true; -# services.gnome3.gvfs.enable = true; - users.groups.storage = { - gid = genid "storage"; - members = [ "makefu" ]; - }; - users.users.makefu.packages = with pkgs;[ - gvfs pcmanfm lxmenu-data - ]; - -## allow users in group "storage" to mount disk -# https://github.com/coldfix/udiskie/wiki/Permissions - security.polkit.extraConfig = - '' - polkit.addRule(function(action, subject) { - var YES = polkit.Result.YES; - var permission = { - "org.freedesktop.udisks.filesystem-mount": YES, - "org.freedesktop.udisks.luks-unlock": YES, - "org.freedesktop.udisks.drive-eject": YES, - "org.freedesktop.udisks.drive-detach": YES, - "org.freedesktop.udisks2.filesystem-mount": YES, - "org.freedesktop.udisks2.encrypted-unlock": YES, - "org.freedesktop.udisks2.eject-media": YES, - "org.freedesktop.udisks2.power-off-drive": YES, - "org.freedesktop.udisks2.filesystem-mount-other-seat": YES, - "org.freedesktop.udisks2.filesystem-unmount-others": YES, - "org.freedesktop.udisks2.encrypted-unlock-other-seat": YES, - "org.freedesktop.udisks2.eject-media-other-seat": YES, - "org.freedesktop.udisks2.power-off-drive-other-seat": YES - }; - if (subject.isInGroup("storage")) { - return permission[action.id]; - } - }); - ''; - -} diff --git a/makefu/2configs/gui/base.nix b/makefu/2configs/gui/base.nix deleted file mode 100644 index b1b7c9913..000000000 --- a/makefu/2configs/gui/base.nix +++ /dev/null @@ -1,95 +0,0 @@ -{ config, lib, pkgs, ... }: -## -# of course this name is a lie -# - it prepares a GUI environment close to my -# current configuration,specifically: -# -# * autologin with mainUser into awesome -# * audio -# * terminus font -# -# if this is not enough, check out main-laptop.nix - - -let - mainUser = config.krebs.build.user.name; -in -{ - imports = [ - ./urxvtd.nix - ./pipewire.nix - ./gnome.nix - ]; - - - # services.redshift.enable = true; - services.xserver = { - enable = true; - layout = "us"; - xkbVariant = "altgr-intl"; - xkbOptions = "ctrl:nocaps, eurosign:e"; - -# windowManager = { -# awesome.enable = true; -# awesome.noArgb = true; -# awesome.luaModules = [ pkgs.luaPackages.vicious ]; -# }; -# displayManager.defaultSession = lib.mkDefault "none+awesome"; - }; - environment.systemPackages = [ pkgs.gnome.adwaita-icon-theme ]; - # lid switch is handled via button presses - # services.logind.lidSwitch = lib.mkDefault "ignore"; - #makefu.awesome.enable = true; - console.font = "Lat2-Terminus16"; - - fonts = { - fontDir.enable = true; - enableGhostscriptFonts = true; - fonts = [ pkgs.terminus_font pkgs.corefonts ]; - }; - - users.users.${mainUser} = { - extraGroups = [ "pipewire" "audio" ]; - packages = with pkgs;[ - pavucontrol - xlockmore - rxvt_unicode-with-plugins - ]; - }; - - services.xserver.displayManager.sessionCommands = let - xdefaultsfile = pkgs.writeText "Xdefaults" '' - cat |derp <c"]; - minimize=["n"]; - move-to-workspace-1=["1"]; - move-to-workspace-2=["2"]; - move-to-workspace-3=["3"]; - move-to-workspace-4=["4"]; - panel-run-dialog=["r"]; - switch-to-workspace-1=["1"]; - switch-to-workspace-2=["2"]; - switch-to-workspace-3=["3"]; - switch-to-workspace-4=["4"]; - toggle-fullscreen=["f"]; - }; - "org/gnome/desktop/wm/preferences".num-workspaces = 4; - "org/gnome/settings-daemon/plugins/color".night-light-enabled = true; - "org/gnome/settings-daemon/plugins/media-keys" = { - custom-keybindings = [ "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/"]; - }; - "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0" = { - binding = "Return"; - command = "gnome-terminal"; - name = "terminal"; - }; - }; - }; -} diff --git a/makefu/2configs/gui/look-up.nix b/makefu/2configs/gui/look-up.nix deleted file mode 100644 index e04098cc2..000000000 --- a/makefu/2configs/gui/look-up.nix +++ /dev/null @@ -1,18 +0,0 @@ -{pkgs, config, ... }: -let - user = config.krebs.build.user.name; - window-manager = "awesome"; -in - { - systemd.services.look-up = { - startAt = "*:30"; - serviceConfig = { - ExecStart= pkgs.writeDash "look-up" '' - set -x - eval "export '$(egrep -z DBUS_SESSION_BUS_ADDRESS /proc/$(${pkgs.procps}/bin/pgrep -u ${user} ${window-manager})/environ)'" - ${pkgs.libnotify}/bin/notify-send -u critical -t 9999999 'look up once in a while' - ''; - User = user; - }; - }; -} diff --git a/makefu/2configs/gui/pipewire.nix b/makefu/2configs/gui/pipewire.nix deleted file mode 100644 index d52681551..000000000 --- a/makefu/2configs/gui/pipewire.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ config, lib, pkgs, ... }: -# TODO test `alsactl init` after suspend to reinit mic -{ - security.rtkit.enable = true; - hardware.pulseaudio.enable = lib.mkForce false; - - environment.systemPackages = with pkgs; [ - alsaUtils - pulseaudio - ponymix - ]; - - services.pipewire = { - enable = true; - # systemWide = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - }; -} diff --git a/makefu/2configs/gui/snake-kiosk.nix b/makefu/2configs/gui/snake-kiosk.nix deleted file mode 100644 index 838ac3a5c..000000000 --- a/makefu/2configs/gui/snake-kiosk.nix +++ /dev/null @@ -1,44 +0,0 @@ -{ pkgs, lib, ... }: -{ - - imports = [ - ./base.nix - ]; - users.users.kiosk = { - # packages = [ pkgs.chromium pkgs.vscode ]; - group = "kiosk"; - isNormalUser = true; - uid = 1003; - extraGroups = [ "wheel" "audio" "pulse" "pipewire" ]; - }; - users.groups.kiosk.gid = 989 ; - services.xserver = { - enable = true; - - windowManager = lib.mkForce { awesome.enable = false; }; - displayManager.gdm.enable = true; - displayManager.gdm.autoSuspend = false; - displayManager.autoLogin = { - enable = true; - user = lib.mkForce "kiosk"; - }; - displayManager.defaultSession = "gnome"; - desktopManager.gnome.enable = true; - }; - - systemd.targets.sleep.enable = false; - systemd.targets.suspend.enable = false; - systemd.targets.hibernate.enable = false; - systemd.targets.hybrid-sleep.enable = false; - - - - environment.systemPackages = [ pkgs.gnomeExtensions.appindicator ]; - services.dbus.packages = with pkgs; [ gnome2.GConf gnome3.gnome-settings-daemon ]; - - services.pipewire.systemWide = lib.mkForce false; - services.pipewire.config.pipewire-pulse = { - "pulse.properties"."server.address" = [ "unix:native" "tcp:4713" ]; - }; - -} diff --git a/makefu/2configs/gui/studio-virtual.nix b/makefu/2configs/gui/studio-virtual.nix deleted file mode 100644 index 272060c2c..000000000 --- a/makefu/2configs/gui/studio-virtual.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ config, lib, ... }: -let - user = config.makefu.gui.user; -in -{ - imports = [ - - ]; - services.xserver.displayManager.sddm.enable = lib.mkForce false; - services.xserver.desktopManager = { - default = "plasma5"; - plasma5.enable = true; - }; - - services.xserver.layout = "us"; - services.xserver.xkbVariant = "altgr-intl"; - services.xserver.xkbOptions = "ctrl:nocaps"; - -} diff --git a/makefu/2configs/gui/studio.nix b/makefu/2configs/gui/studio.nix deleted file mode 100644 index 08157fda4..000000000 --- a/makefu/2configs/gui/studio.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ config, lib, ... }: -let - user = config.makefu.gui.user; -in -{ - services.xserver.enable = true; - services.xserver.displayManager.sddm = { - enable = true; - autoLogin.enable = true; - autoLogin.user = user; - }; - # services.xserver.windowMananger.default = "plasma5"; - services.xserver.desktopManager = { - default = "plasma5"; - plasma5.enable = true; - }; - - services.xserver.layout = "us"; - services.xserver.xkbVariant = "altgr-intl"; - services.xserver.xkbOptions = "ctrl:nocaps"; - -} diff --git a/makefu/2configs/gui/urxvtd.nix b/makefu/2configs/gui/urxvtd.nix deleted file mode 100644 index cb6c25840..000000000 --- a/makefu/2configs/gui/urxvtd.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ config, pkgs, ... }: - -let - mainUser = config.krebs.build.user.name; -in { - systemd.services.urxvtd = { - wantedBy = [ "multi-user.target" ]; - before = [ "graphical.target" ]; - reloadIfChanged = true; - serviceConfig = { - SyslogIdentifier = "urxvtd"; - ExecReload = "${pkgs.coreutils}/bin/echo NOP"; - ExecStart = "${pkgs.rxvt_unicode-with-plugins}/bin/urxvtd"; - Restart = "always"; - RestartSec = "2s"; - StartLimitBurst = 0; - User = mainUser; - }; - }; - # TODO: sessionCommands from base-gui related to urxvt in this file -} diff --git a/makefu/2configs/gui/wbob-kiosk.nix b/makefu/2configs/gui/wbob-kiosk.nix deleted file mode 100644 index 3a21bf213..000000000 --- a/makefu/2configs/gui/wbob-kiosk.nix +++ /dev/null @@ -1,56 +0,0 @@ -{ pkgs, lib, ... }: -{ - - imports = [ - ./base.nix - ]; - users.users.kiosk = { - packages = with pkgs;[ chromium vscode spotify tartube-yt-dlp ]; - group = "kiosk"; - isNormalUser = true; - uid = 1003; - extraGroups = [ "wheel" "audio" "pulse" "pipewire" ]; - }; - users.groups.kiosk.gid = 989 ; - services.xserver = { - - windowManager = lib.mkForce { awesome.enable = false; }; - displayManager.gdm.enable = true; - displayManager.autoLogin = { - enable = true; - user = lib.mkForce "kiosk"; - }; - displayManager.defaultSession = "gnome"; - desktopManager.gnome.enable = true; - displayManager.sessionCommands = '' - ${pkgs.xorg.xset}/bin/xset -display :0 s off -dpms - ${pkgs.xorg.xrandr}/bin/xrandr --output HDMI2 --right-of HDMI1 - ''; - # xrandrHeads = [ "HDMI1" "HDMI2" ]; - # prevent screen from turning off, disable dpms - }; - - - environment.systemPackages = [ - pkgs.gnomeExtensions.appindicator pkgs.pavucontrol pkgs.jellyfin-media-player pkgs.chromium pkgs.firefox pkgs.kodi - pkgs.pavucontrol -]; - services.dbus.packages = with pkgs; [ gnome2.GConf gnome3.gnome-settings-daemon ]; - - systemd.services.xset-off = { - after = [ "display-manager.service" ]; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - ExecStart = "${pkgs.xorg.xset}/bin/xset -display :0 s off -dpms"; - RemainAfterExit = "yes"; - TimeoutSec = "5s"; - RestartSec="5s"; - Restart = "on-failure"; - }; - }; - services.pipewire.systemWide = lib.mkForce false; - services.pipewire.config.pipewire-pulse = { - "pulse.properties"."server.address" = [ "unix:native" "tcp:4713" ]; - }; - -} diff --git a/makefu/2configs/gui/xpra.nix b/makefu/2configs/gui/xpra.nix deleted file mode 100644 index 2384acbaa..000000000 --- a/makefu/2configs/gui/xpra.nix +++ /dev/null @@ -1,3 +0,0 @@ -{ - services.xserver.displayManager.xpra.enable = true; -} diff --git a/makefu/2configs/headless.nix b/makefu/2configs/headless.nix deleted file mode 100644 index 772ca3771..000000000 --- a/makefu/2configs/headless.nix +++ /dev/null @@ -1,4 +0,0 @@ -{lib,... }: -{ - sound.enable = lib.mkForce false; -} diff --git a/makefu/2configs/home-manager/cli.nix b/makefu/2configs/home-manager/cli.nix deleted file mode 100644 index 38d02424c..000000000 --- a/makefu/2configs/home-manager/cli.nix +++ /dev/null @@ -1,12 +0,0 @@ -{pkgs, ... }: { - imports = [ ./zsh.nix ]; - home-manager.users.makefu = { - programs.direnv = { - enableZshIntegration = true; - }; - }; - services.udev.packages = [ - pkgs.libu2f-host - pkgs.yubikey-personalization - ]; -} diff --git a/makefu/2configs/home-manager/default.nix b/makefu/2configs/home-manager/default.nix deleted file mode 100644 index be8861100..000000000 --- a/makefu/2configs/home-manager/default.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ - imports = [ - - ]; - home-manager.useUserPackages = true; - home-manager.useGlobalPkgs = true; - home-manager.users.makefu = { - home.stateVersion = "19.03"; - }; - environment.variables = { - GTK_DATA_PREFIX = "/run/current-system/sw"; - }; -} diff --git a/makefu/2configs/home-manager/desktop.nix b/makefu/2configs/home-manager/desktop.nix deleted file mode 100644 index cca15468c..000000000 --- a/makefu/2configs/home-manager/desktop.nix +++ /dev/null @@ -1,63 +0,0 @@ -{ pkgs, lib, config, ... }: - -{ - - users.users.makefu.packages = with pkgs;[ bat direnv clipit ]; - home-manager.users.makefu = { - systemd.user.services.flameshot.Service.Environment = lib.mkForce [ - "IMGUR_CREATE_URL=https://p.krebsco.de/image" - "IMGUR_DELETE_URL=https://p.krebsco.de/image/delete/%%1" - "PATH=${config.home-manager.users.makefu.home.profileDirectory}/bin" - ]; - systemd.user.services.network-manager-applet.Service.Environment = ''XDG_DATA_DIRS=/run/current-system/sw/share:${pkgs.networkmanagerapplet}/share GDK_PIXBUF_MODULE_FILE=${pkgs.librsvg.out}/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache''; - programs.browserpass = { browsers = [ "firefox" ] ; enable = true; }; - programs.firefox = { - enable = true; - }; - programs.obs-studio.enable = true; - xdg.enable = true; - services.network-manager-applet.enable = true; - services.blueman-applet.enable = true; - services.pasystray.enable = true; - services.flameshot.enable = true; - home.file.".config/Dharkael/flameshot.ini".text = '' - [General] - disabledTrayIcon=false - drawColor=@Variant(\0\0\0\x43\x1\xff\xff\0\0\0\0\xff\xff\0\0) - drawThickness=0 - filenamePattern=%F_%T_shot - ''; - - programs.chromium = { - enable = true; - extensions = [ - "cjpalhdlnbpafiamejdnhcphjbkeiagm" # ublock origin - "dbepggeogbaibhgnhhndojpepiihcmeb" # vimium - # "liloimnbhkghhdhlamdjipkmadhpcjmn" # krebsgold - "fpnmgdkabkmnadcjpehmlllkndpkmiak" # wayback machine - "gcknhkkoolaabfmlnjonogaaifnjlfnp" # foxyproxy - "abkfbakhjpmblaafnpgjppbmioombali" # memex - "kjacjjdnoddnpbbcjilcajfhhbdhkpgk" # forest - ]; - }; - - systemd.user.services.clipit = { - Unit = { - Description = "clipboard manager"; - After = [ "graphical-session-pre.target" ]; - PartOf = [ "graphical-session.target" ]; - }; - - Install = { - WantedBy = [ "graphical-session.target" ]; - }; - - Service = { - Environment = ''XDG_DATA_DIRS=/run/current-system/sw/share:${pkgs.clipit}/share GDK_PIXBUF_MODULE_FILE=${pkgs.librsvg.out}/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache''; - ExecStart = "${pkgs.clipit}/bin/clipit"; - Restart = "on-abort"; - }; - }; - programs.beets.enable = true; - }; -} diff --git a/makefu/2configs/home-manager/mail.nix b/makefu/2configs/home-manager/mail.nix deleted file mode 100644 index 3aa1814ca..000000000 --- a/makefu/2configs/home-manager/mail.nix +++ /dev/null @@ -1,73 +0,0 @@ -{ pkgs, ... }: -{ - home-manager.users.makefu = { - home.packages= with pkgs;[ (pkgs.writers.writeDashBin "mailsync"'' - ${imapfilter}/bin/imapfilter -t /etc/ssl/certs/ca-bundle.crt \ - && ${isync}/bin/mbsync -a \ - && ${libnotify}/bin/notify-send -t 1000000 -u critical 'Mail sync finished' - - '' - )]; - programs.mbsync.enable = true; - accounts.email.maildirBasePath = "/home/makefu/Mail"; - accounts.email.certificatesFile = "/etc/ssl/certs/ca-certificates.crt"; - accounts.email.accounts.syntaxfehler = { - address = "felix.richter@syntax-fehler.de"; - userName = "Felix.Richter@syntax-fehler.de"; - imap = { - host = "syntax-fehler.de"; - tls = { - enable = true; - }; - }; - mbsync = { - enable = true; - create = "both"; - remove = "both"; - expunge = "both"; - patterns = [ "*" "!INBOX.Sent*"]; - }; - smtp = { - host = "syntax-fehler.de"; - tls = { - enable = true; - }; - }; - folders = { - sent = "Sent"; - trash = "Trash"; - inbox = "INBOX"; - drafts = "Drafts"; - }; - msmtp.enable = true; - notmuch.enable = true; - offlineimap = { - enable = true; - postSyncHookCommand = "notmuch new"; - extraConfig.remote = { - auth_mechanisms = "LOGIN"; - tls_level = "tls_secure"; - ssl_version = "tls1_2"; - holdconnectionopen = true; - idlefolders = "['INBOX']"; - }; - }; - primary = true; - realName = "Felix Richter"; - passwordCommand = "gpg --use-agent --quiet --batch -d /home/makefu/.gnupg/mail/syntax-fehler.gpg"; - }; - programs.offlineimap.enable = true; - programs.offlineimap.extraConfig = { - mbnames = { - filename = "~/.mutt/muttrc.mailboxes"; - header = "'mailboxes '"; - peritem = "'+%(accountname)s/%(foldername)s'"; - sep = "' '"; - footer = "'\\n'"; - }; - general = { - ui = "TTY.TTYUI"; - }; - }; - }; -} diff --git a/makefu/2configs/home-manager/recording.nix b/makefu/2configs/home-manager/recording.nix deleted file mode 100644 index 31ca77b2b..000000000 --- a/makefu/2configs/home-manager/recording.nix +++ /dev/null @@ -1,4 +0,0 @@ -{pkgs, ... }: -{ - home-manager.users.makefu.programs.obs-studio.enable = true; -} diff --git a/makefu/2configs/home-manager/taskwarrior.nix b/makefu/2configs/home-manager/taskwarrior.nix deleted file mode 100644 index 57ba1a08d..000000000 --- a/makefu/2configs/home-manager/taskwarrior.nix +++ /dev/null @@ -1,31 +0,0 @@ -{pkgs, ... }: -let - loc = "/home/makefu/.task"; -in { - state = [ "${loc}/keys" ]; - environment.shellAliases = { - tshack = "task tags:shack"; - tkrebs = "task tags:krebs"; - thome = "task tags:home"; - t = "task project: "; - }; - home-manager.users.makefu.programs.taskwarrior = { - enable = true; - dataLocation = loc; - config = { - default.command = "list"; - taskd = { - server = "gum:53589"; - certificate = "${loc}/keys/public.crt"; - key = "${loc}/keys/private.key"; - ca = "${loc}/keys/ca.crt"; - credentials = "home/makefu/0e6c8146-1ddb-4906-9369-8f77e34cdf84"; - }; - context = { - work = "tags:work"; - shack = "tags:shack"; - home = "tags:home"; - }; - }; - }; -} diff --git a/makefu/2configs/home-manager/zsh.nix b/makefu/2configs/home-manager/zsh.nix deleted file mode 100644 index c875d52c8..000000000 --- a/makefu/2configs/home-manager/zsh.nix +++ /dev/null @@ -1,111 +0,0 @@ -{ pkgs, ... }: -{ - programs = { - ssh.startAgent = false; - gnupg.agent = { - enable = true; - enableSSHSupport = true; - }; - }; - imports = [ - { - home-manager.users.makefu.home.packages = [ - (pkgs.writers.writeDashBin "privatefox" "exec firefox -P Privatefox") - ]; - } - { # bat - home-manager.users.makefu.home.packages = [ pkgs.bat ]; - home-manager.users.makefu.programs.zsh.shellAliases = { - cat = "bat --style=header,snip"; - mirage = "sxiv"; # only available when tools/extra-gui is in use - catn = "${pkgs.coreutils}/bin/cat"; - ncat = "${pkgs.coreutils}/bin/cat"; - }; - } - ]; - environment.pathsToLink = [ - "/share/zsh" - ]; - - nix.extraOptions = '' - keep-outputs = true - keep-derivations = true - ''; - - home-manager.users.makefu = { - - programs.direnv.enable = true; - programs.direnv.nix-direnv.enable = true; - programs.direnv.enableZshIntegration = true; - home.packages = [ (pkgs.writeDashBin "nixify" '' -test ! -e shell.nix && cat > shell.nix < {}}: - -pkgs.mkShell { - nativeBuildInputs = [ pkgs.hello ]; -} -EOF -echo "use nix" >> .envrc -direnv allow -'') - ]; - #home.packages = [ pkgs.direnv pkgs.nix-direnv ]; - - programs.fzf.enable = false; # alt-c - programs.zsh = { - enable = true; - enableAutosuggestions = false; - enableCompletion = true; - oh-my-zsh.enable = false; - history = { - size = 900001; - save = 900001; - ignoreDups = true; - ignoreSpace = true; - - extended = true; - share = true; - }; - sessionVariables = { - # TERM = "rxvt-unicode-256color"; - TERM = "xterm"; - LANG = "en_US.UTF8"; - LS_COLORS = ":di=1;31:"; - EDITOR = "vim"; - }; - shellAliases = { - lsl = "ls -lAtr"; - t = "task"; - xo = "mimeopen"; - nmap = "nmap -oN $HOME/loot/scan-`date +\%s`.nmap -oX $HOME/loot/scan-`date +%s`.xml"; - }; - #zplug = { - # enable = true; - # plugins = [ - # { name = "denisidoro/navi" ; } - # { name = "zsh-users/zsh-autosuggestions" ; } - # ]; - #}; - initExtra = '' - bindkey -e - zle -N edit-command-line - # ctrl-x ctrl-e - bindkey '^xe' edit-command-line - bindkey '^x^e' edit-command-line - # shift-tab - bindkey '^[[Z' reverse-menu-complete - bindkey "\e[3~" delete-char - zstyle ':completion:*' menu select - - setopt HIST_IGNORE_ALL_DUPS - setopt HIST_FIND_NO_DUPS - - compdef _pass brain - zstyle ':completion::complete:brain::' prefix "$HOME/brain" - - compdef _pass secrets - zstyle ':completion::complete:secrets::' prefix "$HOME/.secrets-pass/" - ''; - }; - }; -} diff --git a/makefu/2configs/home/3dprint.nix b/makefu/2configs/home/3dprint.nix deleted file mode 100644 index aac962787..000000000 --- a/makefu/2configs/home/3dprint.nix +++ /dev/null @@ -1,49 +0,0 @@ -{ pkgs, ... }: -let - #dev = "/dev/web_cam"; - dev = "/dev/video0"; -in -{ - services.mjpg-streamer = { - enable = true; - inputPlugin = "input_uvc.so -d ${dev} -r 1280x960"; - }; - users.users.octoprint.extraGroups = [ "video" ]; - # allow octoprint to access /dev/vchiq - # also ensure that the webcam always comes up under the same name - services.udev.extraRules = '' - SUBSYSTEM=="vchiq",GROUP="video",MODE="0660" - KERNEL=="video*",ATTRS{vendor}=="0x046d", ATTRS{device}=="0x0825", GROUP="video", SYMLINK+="web_cam" - ''; - systemd.services.octoprint = { - path = [ pkgs.libraspberrypi ]; - }; - services.octoprint = { - enable = true; - plugins = plugins: with plugins;[ - costestimation - displayprogress - mqtt - stlviewer - themeify - # octolapse - (buildPlugin rec { - pname = "OctoPrint-HomeAssistant"; - version = "3.6.2"; - src = pkgs.fetchFromGitHub { - owner = "cmroche"; - repo = pname; - rev = version; - hash = "sha256-oo9OBmHoJFNGK7u9cVouMuBuUcUxRUrY0ppRq0OS1ro="; - }; - }) - ]; - extraConfig.plugins.mqtt.broker = { - url = "omo.lan"; - # TODO TODO TODO - username = "hass"; - password = "lksue43jrf"; - # TODO TODO TODO - }; - }; -} diff --git a/makefu/2configs/home/ham/automation/buttonboard.nix b/makefu/2configs/home/ham/automation/buttonboard.nix deleted file mode 100644 index 533311fc5..000000000 --- a/makefu/2configs/home/ham/automation/buttonboard.nix +++ /dev/null @@ -1,4 +0,0 @@ -# good, bad radio -# stop -# start radio -# lauter, leister diff --git a/makefu/2configs/home/ham/automation/bye.txt.j2 b/makefu/2configs/home/ham/automation/bye.txt.j2 deleted file mode 100644 index 8a5ba7257..000000000 --- a/makefu/2configs/home/ham/automation/bye.txt.j2 +++ /dev/null @@ -1,2 +0,0 @@ -Endlich ist Pappa fertig mit arbeit! -Heute hast du {{ states("sensor.felix_at_work_today") |round(1) }} Stunden gearbeitet. diff --git a/makefu/2configs/home/ham/automation/check-in.nix b/makefu/2configs/home/ham/automation/check-in.nix deleted file mode 100644 index db051757e..000000000 --- a/makefu/2configs/home/ham/automation/check-in.nix +++ /dev/null @@ -1,133 +0,0 @@ -let - button = "binary_sensor.arbeitszimmer_onebutton_button"; - light = "light.arbeitszimmer_onebutton_led"; - at_work = "input_boolean.felix_at_work"; - lib = import ../lib; - say = lib.say.office; -in -{ - services.home-assistant.config.input_boolean.felix_at_work.name = "Felix auf Arbeit"; - services.home-assistant.config.timer.felix_at_work = { - name = "Felix auf Arbeit Timer"; - duration = "10:00:00"; - }; - services.home-assistant.config.sensor = [ - { - platform = "history_stats"; - name = "Felix at work today"; - entity_id = "input_boolean.felix_at_work"; - state = "on"; - type = "time"; - start = "{{ now().replace(hour=0, minute=0, second=0) }}"; - end = "{{ now() }}"; - } - ]; - services.home-assistant.config.script.start_office_radio.sequence = - [ - { service = "media_player.play_media"; - data = { - media_content_id = "http://radio.lassul.us:8000/radio.mp3"; - media_content_type = "music"; - }; - target.entity_id = "media_player.office"; - } - ]; - services.home-assistant.config.automation = - [ - { alias = "Zu lange Felix!"; - trigger = - { platform = "event"; - event_type = "timer.finished"; - event_data.entity_id = "timer.felix_at_work"; - }; - - condition = - { - condition = "state"; - entity_id = at_work; - state = "off"; - }; - - action = (say "Felix, die zehn Stunden sind um, aufhören jetzt"); - } - { alias = "Turn off at work sensor"; - trigger = [ - { platform = "time"; at = "00:00:00"; } - ]; - condition = - { - condition = "state"; - entity_id = at_work; - state = "off"; - }; - action = - [ - # felix forgot to stamp out ... - { - service = "homeassistant.turn_off"; - entity_id = [ at_work ]; - } - ]; - } - { alias = "Push Check-in Button Felix with button"; - trigger = [ - { - platform = "state"; - entity_id = button; - to = "on"; - for.seconds = 1; - } - ]; - condition = [ - ]; - action = - [ - { choose = [ - { - conditions = { - condition = "state"; - entity_id = at_work; - state = "off"; - }; - sequence = [ - { service = "light.turn_on"; - target.entity_id = light; - data.brightness = 200; - } - { service = "homeassistant.turn_on"; - entity_id = at_work; - } - { service = "timer.start"; - entity_id = [ "timer.felix_at_work" ] ; - } - ] ++ (say (builtins.readFile ./welcome.txt.j2)) ++ - [ - { service = "script.start_office_radio"; } - ]; - } - { - conditions = { - condition = "state"; - entity_id = at_work; - state = "on"; - }; - sequence = [ - { service = "light.turn_off"; - target.entity_id = light; - } - { service = "homeassistant.turn_off"; - entity_id = at_work; - } - ] ++ (say (builtins.readFile ./bye.txt.j2)) ++ - [ - { service = "timer.stop"; - entity_id = [ "timer.felix_at_work" ] ; - } - ]; - } - ]; - } - ]; - } - ]; -} diff --git a/makefu/2configs/home/ham/automation/daily_speedtext.nix b/makefu/2configs/home/ham/automation/daily_speedtext.nix deleted file mode 100644 index 70d59f6e1..000000000 --- a/makefu/2configs/home/ham/automation/daily_speedtext.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ - services.home-assistant.config.automation = - [ - { - trigger = [ - { platform = "time"; at = "03:21"; } - ]; - action = - [ - { - service = "speedtestdotnet.speedtest"; - } - ]; - } - ]; - -} diff --git a/makefu/2configs/home/ham/automation/fenster_auf.nix b/makefu/2configs/home/ham/automation/fenster_auf.nix deleted file mode 100644 index 698327ff4..000000000 --- a/makefu/2configs/home/ham/automation/fenster_auf.nix +++ /dev/null @@ -1,138 +0,0 @@ -{ lib, ... }: -#uses: -# notify.signal -# binary_sensor.badezimmer_fenster_contact -# binary_sensor.dusche_fenster_contact -let - hlib = import ../lib; - say = hlib.say.office; - draussen = "sensor.wohnzimmer_temp_temperature"; - draussen_diff = "sensor.unterschied_draussen_drinnen"; - draussen_heiss = 23; - min = 20; - fenster_offen = name: entity: - { alias = "${name} seit ${toString min} Minuten offen"; - trigger = [ - { - platform = "state"; - entity_id = entity; - to = "on"; - for.minutes = min; - } - ]; - condition = [ - ]; - action = - [ - { - service = "notify.signal_home"; - data_template = { - message = "${name} seit ${toString min} Minuten offen und draussen ist es gerade {{states.sensor.dark_sky_temperature.state}}°C bei {{states.sensor.dark_sky_humidity.state}}% Luftfeuchte"; - }; - } - { - service = "input_boolean.turn_on"; - target.entity_id = "input_boolean.${lib.toLower name}_lang_offen"; - } - ]; - }; - fenster_geschlossen_lang = name: entity: - { alias = "${name} wieder geschlossen"; - trigger = [ - { - platform = "state"; - entity_id = entity; - to = "off"; - for.seconds = 10; - } - ]; - condition = [ - { condition = "state"; - entity_id = "input_boolean.${lib.toLower name}_lang_offen"; - state = "on"; - } - ]; - action = - [ - { - service = "notify.signal_home"; - data = { - message= "${name} ist wieder geschlossen, Danke!"; - }; - } - { - service = "input_boolean.turn_off"; - target.entity_id = "input_boolean.${lib.toLower name}_lang_offen"; - } - ]; - }; -in { - services.home-assistant.config = { - template = [ - { sensor = { - name = "Unterschied Draussen Drinnen"; - unit_of_measurement = "°C"; - state = '' - {% set inside = states("${draussen}") | float | round(2) -%} - {% set outside = states("sensor.dark_sky_temperature") | float | round(2) -%} - {{ ((outside - inside) | round(1) )}}''; - }; - } - ]; - sensor = [ - { platform = "season"; type = "meteorological";} - ]; - - input_boolean = { - badezimmerfenster_lang_offen.name = "Badezimmer lange offen"; - duschfenster_lang_offen.name = "Duschfenster lange offen"; - ist_sommer = { - name = "Es ist Sommer"; - initial = false; # TODO - }; - }; - - automation = [ - (fenster_geschlossen_lang "Badezimmerfenster" "binary_sensor.badezimmer_fenster_contact") - (fenster_geschlossen_lang "Duschfenster" "binary_sensor.dusche_fenster_contact") - - (fenster_offen "Badezimmerfenster" "binary_sensor.badezimmer_fenster_contact") - (fenster_offen "Duschfenster" "binary_sensor.dusche_fenster_contact") - - { alias = "Draussen ist wieder kaelter"; - trigger = [ - { - platform = "numeric_state"; - entity_id = draussen_diff; - below = 0; - for.minutes = 20; - } - ]; - condition = [ - { condition = "numeric_state"; - entity_id = draussen; - above = draussen_heiss; - } - ]; - action = (say "Draussen ist es endlich kühler, jetzt kann man die Fenster auf machen"); - } - { alias = "Draussen ist zu warm"; - trigger = [ - { - platform = "numeric_state"; - entity_id = draussen_diff; - above = 0; - for.minutes = 20; - } - ]; - condition = [ - { condition = "numeric_state"; - entity_id = draussen; - above = draussen_heiss; - } - ]; - action = (say "Draussen wird es jetzt zu warm, besser das fenster schliessen"); - } - ]; - }; -} diff --git a/makefu/2configs/home/ham/automation/find_phone.nix b/makefu/2configs/home/ham/automation/find_phone.nix deleted file mode 100644 index d94942c9f..000000000 --- a/makefu/2configs/home/ham/automation/find_phone.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ - services.home-assistant.config.script = { - find_felix_phone.sequence = [ - { - service = "notify.mobile_app_pixel_3a"; - data = { - title= "Finde Mich!"; - message= "Such Such Such"; - data = { - ttl = 0; - priority = "high"; - channel = "alarm_stream"; - }; - }; - } - ]; - find_tablet.sequence = [ - { - service = "notify.mobile_app_nova3"; - data = { - title = "Finde Mich!"; - message = "Such Such Such"; - data = { - ttl = 0; - priority = "high"; - channel = "alarm_stream"; - }; - }; - } - ]; - }; -} diff --git a/makefu/2configs/home/ham/automation/firetv_restart.nix b/makefu/2configs/home/ham/automation/firetv_restart.nix deleted file mode 100644 index 01d1ba6e9..000000000 --- a/makefu/2configs/home/ham/automation/firetv_restart.nix +++ /dev/null @@ -1,37 +0,0 @@ -let - cmd = command: { - service = "androidtv.adb_command"; - data = { - entity_id = "media_player.firetv_stick"; - inherit command; - }; - }; - sec = seconds: { delay.seconds = seconds; }; -in -{ - services.home-assistant.config.automation = - [ - { - alias = "Nightly reboot of firetv"; - trigger = { - platform = "time"; - at = "03:00:00"; - }; - action = [ - (cmd "reboot") - (sec 90) # go to my music because apparently select_source does not seem to always work - #(cmd "HOME") - #(sec 2) - #(cmd "DOWN") - #(sec 2) - #(cmd "DOWN") - #(sec 2) - #(cmd "ENTER") - #(sec 4) - #(cmd "RIGHT") - #(sec 2) - #(cmd "RIGHT") - ]; - } - ]; -} diff --git a/makefu/2configs/home/ham/automation/flurlicht.nix b/makefu/2configs/home/ham/automation/flurlicht.nix deleted file mode 100644 index bb4877100..000000000 --- a/makefu/2configs/home/ham/automation/flurlicht.nix +++ /dev/null @@ -1,63 +0,0 @@ -let - nachtlicht = [ "light.flur_statuslight" "light.wohnzimmer_status_led" ]; - - # flurlicht an - lightcond = name: conditions: rgb_color: brightness: - { - inherit conditions; - sequence = { - service = "light.turn_on"; - target.entity_id = nachtlicht; - data = { - inherit rgb_color brightness; - }; - }; - }; -in -{ - services.home-assistant.config.automation = - [ - { alias = "Nachtlicht trigger"; - trigger = [ - { platform = "sun"; event = "sunset"; } - { platform = "sun"; event = "sunrise"; } - { platform = "state"; entity_id = [ - "calendar.kehrwoche_kehrwoche" - "binary_sensor.badezimmer_fenster_contact" - "binary_sensor.dusche_fenster_contact" - ]; - } - ]; - action = - [ - { choose = [ - (lightcond "Badezimmer Fenster Auf" - [ { condition = "state"; entity_id = "binary_sensor.badezimmer_fenster_contact"; state = "on"; } - { condition = "state"; entity_id = "input_boolean.ist_sommer"; state = "off"; } - - ] - [ 64 207 255 ] 128 # hellblau - ) - (lightcond "Duschenster auf" - [ { condition = "state"; entity_id = "binary_sensor.dusche_fenster_contact"; state = "on"; } - { condition = "state"; entity_id = "input_boolean.ist_sommer"; state = "off"; } ] - [ 64 207 255 ] 128 # hellblau - ) - (lightcond "Nachtlicht" - { condition = "state"; entity_id = "sun.sun"; state = "below_horizon"; } - [ 255 190 0 ] 90 # red - ) - (lightcond "Kehrwoche" - { condition = "state"; entity_id = "calendar.kehrwoche_kehrwoche"; state = "on"; } - [ 204 0 255 ] 128 # pink - ) - ]; - default = { - service = "light.turn_off"; - entity_id = nachtlicht; - }; - } - ]; - } - ]; -} diff --git a/makefu/2configs/home/ham/automation/giesskanne.nix b/makefu/2configs/home/ham/automation/giesskanne.nix deleted file mode 100644 index 400e553e8..000000000 --- a/makefu/2configs/home/ham/automation/giesskanne.nix +++ /dev/null @@ -1,99 +0,0 @@ -# uses: -# switch.crafting_giesskanne_relay -let - cam = { - name = "chilicam"; - camera = "camera.espcam_02"; - light = "light.espcam_02_light"; - seconds = 90; # default shutoff to protect the LED from burning out - }; - seconds = 60*5; # time for giesskanne - 5 minutes - pump = "switch.arbeitszimmer_giesskanne_relay"; - light = "switch.terrasse_plug_relay"; - - # sensor = "sensor.statistics_for_sensor_crafting_brotbox_soil_moisture"; -in -{ - services.home-assistant.config = - { - #sensor = map ( entity_id: { - # platform = "statistics"; - # name = "Statistics for ${entity_id}"; - # inherit entity_id; - # max_age.minutes = "60"; - # sampling_size = 1000; - # }) [ "sensor.crafting_brotbox_soil_moisture" ]; - - automation = - [ - - ##### brotbox - { alias = "Water the plant for ${toString seconds} seconds and turn on the light"; - trigger = [ - { # trigger at 23:15 no matter what - # TODO: retry or run only if switch.wasser is available - platform = "sun"; - event = "sunrise"; - } - ]; - action = - [ - - { # now turn on the pumping services - # i do not start hte pump and light before the snapshot because i do - # not know how long it takes (do not want to water the plants for too long) - service = "homeassistant.turn_on"; - entity_id = [ pump light ]; - } - { delay.seconds = seconds; } - { - service = "homeassistant.turn_off"; - entity_id = [ pump cam.light ]; - } - { # TODO: we could also create a recording with camera.record - service = "camera.snapshot"; - data = { - entity_id = cam.camera; - # TODO: create /var/lib/hass/cam/ - now being done manually - filename = "/var/lib/hass/cam/${cam.name}_{{ now().strftime('%Y%m%d-%H%M%S') }}.jpg"; - }; - } - ]; - } - { alias = "Turn off the light at sunset"; - trigger = [ - { - platform = "sun"; - event = "sunset"; - # offset = "+02:00:00"; - } - ]; - action = - [ - { - service = "homeassistant.turn_off"; - entity_id = [ light ]; - } - ]; - } - - { alias = "Always turn off water after ${toString (seconds * 2)}s"; - trigger = [ - { - platform = "state"; - entity_id = pump; - to = "on"; - for.seconds = seconds*2; - } - ]; - action = - [ - { - service = "homeassistant.turn_off"; - entity_id = [ pump ]; - } - ]; - } - ]; - }; -} diff --git a/makefu/2configs/home/ham/automation/ladestecker_timer.nix b/makefu/2configs/home/ham/automation/ladestecker_timer.nix deleted file mode 100644 index 8e877129c..000000000 --- a/makefu/2configs/home/ham/automation/ladestecker_timer.nix +++ /dev/null @@ -1,24 +0,0 @@ -let - relay = "switch.terrasse_plug_relay"; - timeout = "300"; -in { - services.home-assistant.config.automation = [ - { alias = "Always turn off Charging station after ${toString (timeout)}m"; - trigger = [ - { - platform = "state"; - entity_id = relay; - to = "on"; - for.minutes = timeout; - } - ]; - action = - [ - { - service = "homeassistant.turn_off"; - entity_id = [ relay ]; - } - ]; - } - ]; -} diff --git a/makefu/2configs/home/ham/automation/lichter_dimmen.nix b/makefu/2configs/home/ham/automation/lichter_dimmen.nix deleted file mode 100644 index 4303cdfa5..000000000 --- a/makefu/2configs/home/ham/automation/lichter_dimmen.nix +++ /dev/null @@ -1,135 +0,0 @@ -# This module maps the RF433 Remote Control to zigbee and wifi lights -let - rf_turn_off = code: light: - { - alias = "Turn off ${light} via rf code ${code}"; - trigger = { - platform = "event"; - event_type = "esphome.rf_code_received"; - event_data.code = code; - }; - action = { - service = "light.turn_off"; - data.entity_id = light; - }; - }; - rf_turn_on = code: light: - { - alias = "Turn on ${light} via rf code ${code}"; - trigger = { - platform = "event"; - event_type = "esphome.rf_code_received"; - event_data.code = code; - }; - action = { - service = "light.turn_on"; - data.entity_id = light; - }; - }; - rf_state = code: light: halfbright: - let - maxbright = 255; - transition = 0.2; # seconds - in - # this function implements a simple state machine based on the state and brightness of the light (light must support brightness - { - alias = "Cycle through states of ${light} via rf code ${code}"; - trigger = { - platform = "event"; - event_type = "esphome.rf_code_received"; - event_data.code = code; - }; - action = { - choose = [ - { - # state 0: off to half - conditions = { - condition = "template"; - value_template = ''{{ states("${light}") == "off" }}''; - }; - sequence = [ - { - service = "light.turn_on"; - data = { - entity_id = light; - brightness = halfbright; - }; - } - ]; - } - { - # state 1: half to full - conditions = { - condition = "template"; - value_template = ''{{ states('${light}') == 'on' and ( ${toString (halfbright - 1)} <= state_attr("${light}","brightness") <= ${toString (halfbright + 1)})}}''; - }; - sequence = [ - { - service = "light.turn_on"; - data = { - entity_id = light; - brightness = maxbright; - }; - } - ]; - } - { - # state 2: full to off - conditions = { - condition = "template"; - # TODO: it seems like the devices respond with brightness-1 , maybe off-by-one somewhere? - value_template = ''{{ states("${light}") == "on" and state_attr("${light}","brightness") >= ${toString (maxbright - 1)}}}''; - }; - sequence = [ - { - service = "light.turn_off"; - data = { - entity_id = light; - }; - } - ]; - } - ]; - # default: on to off - # this works because state 0 checks for "state == off" - default = [{ - service = "light.turn_off"; - data = { - entity_id = light; - }; - }]; - }; - } -; - rf_toggle = code: light: - { - alias = "Toggle ${light} via rf code ${code}"; - trigger = { - platform = "event"; - event_type = "esphome.rf_code_received"; - event_data.code = code; - }; - action = { - service = "light.toggle"; - data.entity_id = light; - }; - }; -in -{ - services.home-assistant.config.automation = [ - (rf_toggle "400551" "light.wohnzimmer_fernseher_led_strip") # A - (rf_state "401151" "light.wohnzimmer_stehlampe_osram" 128) # B - (rf_state "401451" "light.wohnzimmer_komode_osram" 128) # C - (rf_state "401511" "light.wohnzimmer_schrank_osram" 128) # D - - # OFF Lane - (rf_turn_off "400554" "all") # A - (rf_toggle "401154" "light.wohnzimmer_fenster_lichterkette_licht") # B - (rf_toggle "401454" "light.wohnzimmer_fernsehwand_led") # C - # (rf_toggle "401514" "") # D - ]; - # "400554" # A OFF - # "401154" # B OFF - # "401454" # C OFF - # "401514" # D OFF -} diff --git a/makefu/2configs/home/ham/automation/light_buttons.nix b/makefu/2configs/home/ham/automation/light_buttons.nix deleted file mode 100644 index 460d48bc4..000000000 --- a/makefu/2configs/home/ham/automation/light_buttons.nix +++ /dev/null @@ -1,69 +0,0 @@ - -let - inherit (import ../lib) btn_cycle_light; - schlafzimmer_komode = "light.schlafzimmer_komode_osram"; - schlafzimmer_button = "sensor.schlafzimmer_btn2_click"; -in { - services.home-assistant.config.automation = [ - # (btn_cycle_light "light.arbeitszimmerbeleuchtung" "arbeitszimmer_btn1") - - { - alias = "toggle keller"; - trigger = { - platform = "state"; - entity_id = "sensor.keller_btn1_click"; - to = "single"; - }; - action = { - service = "light.toggle"; - #entity_id = lights; - data = { - entity_id = "light.keller_osram"; - brightness = 255; - }; - }; - } - { - alias = "low brightness keller with doubleclick"; - trigger = { - platform = "state"; - entity_id = "sensor.keller_btn1_click"; - to = "double"; - }; - action = { - service = "light.toggle"; - data = { - entity_id = "light.keller_osram"; - brightness = 25; - }; - }; - } - # (btn_cycle_light "light.wohnzimmerbeleuchtung" "wohnzimmer_btn3") - { - alias = "Dim Toggle schlafzimmer komode"; - trigger = { - platform = "state"; - entity_id = schlafzimmer_button; - to = "single"; - }; - action = { - service = "light.toggle"; - entity_id = schlafzimmer_komode; - brightness = 1; - }; - } - { - alias = "Bright Toggle schlafzimmer komode"; - trigger = { - platform = "state"; - entity_id = schlafzimmer_button; - to = "double"; - }; - action = { - service = "light.toggle"; - entity_id = schlafzimmer_komode; - brightness = 255; - }; - } - ]; -} diff --git a/makefu/2configs/home/ham/automation/moodlight.nix b/makefu/2configs/home/ham/automation/moodlight.nix deleted file mode 100644 index d0e336851..000000000 --- a/makefu/2configs/home/ham/automation/moodlight.nix +++ /dev/null @@ -1,46 +0,0 @@ -# uses: - -let - wohnzimmer = "light.wohnzimmer_fenster_lichterkette_licht"; - arbeitszimmer = "light.box_led_status"; - final_off = "01:00"; - - turn_on = entity_id: at: extra: - { alias = "Turn on ${entity_id} at ${at}"; - trigger = [ - { platform = "time"; inherit at; } - ]; - action = - [ - ({ service = "light.turn_on"; - data = { - inherit entity_id; - - } // extra; - }) - ]; - }; -in -{ - services.home-assistant.config = - { - automation = - [ - # (turn_on wohnzimmer "17:30") - (turn_on arbeitszimmer "9:00" { effect = "Slow Random Twinkle";}) - - { alias = "Always turn off the lights at ${final_off}"; - trigger = [ - { platform = "time"; at = final_off; } - ]; - action = - [ - { - service = "light.turn_off"; - entity_id = [ wohnzimmer arbeitszimmer]; - } - ]; - } - ]; - }; -} diff --git a/makefu/2configs/home/ham/automation/pflanzen_giessen_erinnerung.nix b/makefu/2configs/home/ham/automation/pflanzen_giessen_erinnerung.nix deleted file mode 100644 index 32a373edc..000000000 --- a/makefu/2configs/home/ham/automation/pflanzen_giessen_erinnerung.nix +++ /dev/null @@ -1,43 +0,0 @@ -let - notify_felix = message: { - service = "notify.signal_felix"; - data.message = message; - }; - notify_home = message: { - service = "notify.signal_home"; - data_template.message = message; - }; -in -{ - services.home-assistant.config.automation = - [ - #{ - # alias = "Pflanzen Giessen Erinnerung Daily"; - # trigger = { - # platform = "time"; - # at = "12:15:00"; - # }; - # action = [ - # (notify_felix "Es ist Mittagszeit und du kannst ruhig einmal alle Blumen im Zimmer giessen") - # ]; - #} - { - alias = "Pflanzen Giessen Erinnerung Weekly"; - trigger = { - platform = "time"; - at = "12:15:00"; - }; - condition = { - condition = "time"; - weekday = [ "sat" ]; - }; - action = [ - (notify_home - ''Es ist Wochenende und die Pflanzen würden sich über ein bisschen Wasser freuen. - Die Wettervorhersage: {{states.sensor.dark_sky_summary.state}} mit einer Regenwahrscheinlichkeit von {{states.sensor.dark_sky_precip_probability.state}}%. - Aktuell sind es {{states.sensor.dark_sky_temperature.state}}°C bei {{states.sensor.dark_sky_humidity.state}}% Luftfeuchte. - Der UV Index liegt bei {{states.sensor.dark_sky_uv_index.state}}'') - ]; - } - ]; -} diff --git a/makefu/2configs/home/ham/automation/project_tracker.nix b/makefu/2configs/home/ham/automation/project_tracker.nix deleted file mode 100644 index cb279b2fe..000000000 --- a/makefu/2configs/home/ham/automation/project_tracker.nix +++ /dev/null @@ -1,68 +0,0 @@ -{ lib, ... }: -# uses: -# -let - at_work = "input_boolean.felix_at_work"; - dice_action = "sensor.arbeitszimmer_cube_action"; - project_sensor = "sensor.felix_project"; - hlib = import ../lib; - say = hlib.say.office; - sides = [ "BDK" "LBS6" "random" "BNO" "CyberShield" "ILBS" ]; - hist_stat = state: { - platform = "history_stats"; - name = "Felix Project ${state}"; - entity_id = project_sensor; - inherit state; - type = "time"; - start = "{{ now().replace(hour=0, minute=0, second=0) }}"; - end = "{{ now() }}"; - }; - -in - { - services.home-assistant.config.sensor = map hist_stat (sides ++ ["not at work" "unknown"]); - services.home-assistant.config.automation = [ - { alias = "Felix Project Change"; - trigger = - { - platform = "state"; - entity_id = project_sensor; - # ignore login and log out - not_from = [ "not at work" ]; - not_to = [ "not at work" ]; - }; - - action = (say "Wechsel auf Projekt {{ trigger.to_state.state }}"); - } - ]; - services.home-assistant.config.template = [ - { - trigger = [ - { - platform = "state"; - entity_id = at_work; - } - { - platform = "state"; - attribute = "side"; - entity_id = dice_action; - not_from = ""; - } - ]; - sensor = [ - { name = "Felix Project"; - state = '' - {% set at_work = states('${at_work}') == 'on' %} - {% set side = state_attr('${dice_action}','side') %} - {% if not at_work %}not at work - '' + (lib.concatImapStringsSep "\n" (i: project: - "{% elif side == ${toString (i - 1)} %}${project}") sides) + - '' - {% else %}unknown - {% endif %} - ''; - } - ]; - } - ]; - } diff --git a/makefu/2configs/home/ham/automation/shutdown_button.nix b/makefu/2configs/home/ham/automation/shutdown_button.nix deleted file mode 100644 index ec84bbe94..000000000 --- a/makefu/2configs/home/ham/automation/shutdown_button.nix +++ /dev/null @@ -1,56 +0,0 @@ -let - btn = "sensor.arbeitszimmer_btn1_action"; - lib = import ../lib; - say = lib.say.living_room; - - all_lights = [ - # Wohnzimmer - "light.wled" - "light.wled_2" - "light.wohnzimmer_komode_osram" - "light.wohnzimmer_schrank_osram" - "light.wohnzimmer_fenster_lichterkette_licht" - - # Arbeitszimmer - "light.wled_3" - "light.wled_4" - "light.arbeitszimmer_schrank_dimmer" - "light.arbeitszimmer_pflanzenlicht" - "light.wohnzimmer_stehlampe_osram" - - # Keller - "light.keller_osram" - ]; - all_media_player = [ - "media_player.living_room" - "media_player.office" - "media_player.bedroom" - - ]; -in { - services.home-assistant.config.automation = - [ - { alias = "Wohnung shutdown single click"; - trigger = [ - { - platform = "state"; - entity_id = btn; - to = "single"; - } - ]; - condition = [ ]; - action = (say "Alles Aus" )++ [ - { - service = "light.turn_off"; - target.entity_id = all_lights; - } - { service = "media_player.media_stop"; - target.entity_id = all_media_player; - } - { service = "script.turn_on"; - target.entity_id = "script.alle_heizungen_aus"; - } - ]; - } - ]; -} diff --git a/makefu/2configs/home/ham/automation/urlaub.nix b/makefu/2configs/home/ham/automation/urlaub.nix deleted file mode 100644 index abfe5031d..000000000 --- a/makefu/2configs/home/ham/automation/urlaub.nix +++ /dev/null @@ -1,51 +0,0 @@ -# uses: -# light.wohnzimmer_schrank_osram -# light.wohnzimmer_fernseher_led_strip -# "all" lights - -let - schranklicht = [ - "light.wohnzimmer_schrank_osram" - # "light.wohnzimmer_komode_osram" - ]; - weihnachtslicht = "light.wohnzimmer_fenster_lichterkette_licht"; - fernsehlicht = "light.wled"; - - final_off = "00:37"; - - turn_on = entity_id: offset: - # negative offset => before sunset - { alias = "Turn on ${toString entity_id} at sunset ${offset}"; - trigger = [ - { platform = "sun"; event = "sunset"; inherit offset; } - ]; - action = - [ - { service = "light.turn_on"; inherit entity_id; } - ]; - }; -in -{ - services.home-assistant.config = - { - automation = - [ - (turn_on schranklicht "-00:30:00") - (turn_on weihnachtslicht "-00:00:00") - #(turn_on fernsehlicht "-00:00:00") - - { alias = "Always turn off the urlaub lights at ${final_off}"; - trigger = [ - { platform = "time"; at = final_off; } - ]; - action = - [ - { - service = "light.turn_off"; - entity_id = [ schranklicht weihnachtslicht fernsehlicht ]; - } - ]; - } - ]; - }; -} diff --git a/makefu/2configs/home/ham/automation/welcome.txt.j2 b/makefu/2configs/home/ham/automation/welcome.txt.j2 deleted file mode 100644 index d2a2b573b..000000000 --- a/makefu/2configs/home/ham/automation/welcome.txt.j2 +++ /dev/null @@ -1,45 +0,0 @@ -{% set arbeit_heute = is_state("binary_sensor.arbeitstag","on") -%} -{% set weekday = ['Montag','Dienstag','Mittwoch','Donnerstag','Freitag','Samstag','Sonntag'][now().weekday()] -%} -{% set is_friday = now().weekday() == 4 %} - -{% if not arbeit_heute %} -Heute ist {{ weekday }}, du solltest gar nicht arbeiten! -{% else %} -Willkommen auf Arbeit Felix. -{% endif -%} -Dein Projekt ist {{ states("sensor.felix_project") }}. - -{% set inside = states("sensor.wohnzimmer_temp_temperature") | float | round(2) -%} -{% set outside = states("sensor.dark_sky_temperature") | float | round(2) -%} -{% set arbeit_morgen = is_state("binary_sensor.arbeitstag_morgen","on") -%} - -Die Wetteraussichten: {{ states("sensor.dark_sky_hourly_summary") | replace(".","")}} bei {{ states("sensor.dark_sky_temperature") }} Grad mit {{ states("sensor.dark_sky_humidity") | round(0) }}% Luftfeuchtigkeit. -{% if states("calendar.abfall_papiermuell") == "on" %} -Heute ist Papiermuell, bring noch schnell dein Papier raus -{% endif %} -{% if states("calendar.abfall_restmuell") == "on" %} -Ausserdem ist heute Restmuell. -{% endif -%} - -{% if ( outside < inside ) and ( outside > 18 ) %} -Draussen ist es gerade {{ ((inside - outside) | round(1) )}} gerade kühler -{% endif -%} - -{% set current_count = state_attr("sensor.dwd_weather_warnings_current_warning_level", "warning_count") %} -{% for i in range(current_count) %} -{% set idx = i + 1 %} - {% set headline = state_attr("sensor.dwd_weather_warnings_current_warning_level", "warning_" ~ idx ~ "_headline") %} - {% set description = state_attr("sensor.dwd_weather_warnings_current_warning_level", "warning_" ~ idx ~ "_description") %} - {% set level = state_attr("sensor.dwd_weather_warnings_current_warning_level", "warning_" ~ idx ~ "_level") %} - {% set time_start = state_attr("sensor.dwd_weather_warnings_current_warning_level", "warning_" ~ idx ~ "_start") %} - {% set time_end = state_attr("sensor.dwd_weather_warnings_current_warning_level", "warning_" ~ idx ~ "_end") %} -Wetterwarnung {{idx}}: {{ headline }} Stufe {{level}} von {{ time_start.strftime("%H:%M") ~ " bis " ~ time_end.strftime("%H:%M") }} Uhr - -{{ description }} -{% endfor %} - -{% if is_friday %} -Endlich ist Freitag! -{% elif not arbeit_morgen %} -Morgen ist Feiertag, also nicht versehentlich arbeiten -{% endif -%} diff --git a/makefu/2configs/home/ham/automation/wohnzimmer_rf_fernbedienung.nix b/makefu/2configs/home/ham/automation/wohnzimmer_rf_fernbedienung.nix deleted file mode 100644 index b67dacb14..000000000 --- a/makefu/2configs/home/ham/automation/wohnzimmer_rf_fernbedienung.nix +++ /dev/null @@ -1,151 +0,0 @@ -# This module maps the RF433 Remote Control to zigbee and wifi lights -let - rf_turn_off = code: light: - { - alias = "Turn off ${light} via rf code ${code}"; - trigger = { - platform = "event"; - event_type = "esphome.rf_code_received"; - event_data.code = code; - }; - action = { - service = "light.turn_off"; - data.entity_id = light; - }; - }; - rf_turn_on = code: light: - { - alias = "Turn on ${light} via rf code ${code}"; - trigger = { - platform = "event"; - event_type = "esphome.rf_code_received"; - event_data.code = code; - }; - action = { - service = "light.turn_on"; - data.entity_id = light; - }; - }; - rf_state = code: light: halfbright: - let - maxbright = 255; - transition = 0.2; # seconds - in - # this function implements a simple state machine based on the state and brightness of the light (light must support brightness - { - alias = "Cycle through states of ${light} via rf code ${code}"; - trigger = { - platform = "event"; - event_type = "esphome.rf_code_received"; - event_data.code = code; - }; - action = { - choose = [ - { - # state 0: off to half - conditions = { - condition = "template"; - value_template = ''{{ states("${light}") == "off" }}''; - }; - sequence = [ - { - service = "light.turn_on"; - data = { - entity_id = light; - brightness = halfbright; - }; - } - ]; - } - { - # state 1: half to full - conditions = { - condition = "template"; - value_template = ''{{ states('${light}') == 'on' and ( ${toString (halfbright - 1)} <= state_attr("${light}","brightness") <= ${toString (halfbright + 1)})}}''; - }; - sequence = [ - { - service = "light.turn_on"; - data = { - entity_id = light; - brightness = maxbright; - }; - } - ]; - } - { - # state 2: full to off - conditions = { - condition = "template"; - # TODO: it seems like the devices respond with brightness-1 , maybe off-by-one somewhere? - value_template = ''{{ states("${light}") == "on" and state_attr("${light}","brightness") >= ${toString (maxbright - 1)}}}''; - }; - sequence = [ - { - service = "light.turn_off"; - data = { - entity_id = light; - }; - } - ]; - } - ]; - # default: on to off - # this works because state 0 checks for "state == off" - default = [{ - service = "light.turn_off"; - data = { - entity_id = light; - }; - }]; - }; - } -; - rf_toggle = code: light: - { - alias = "Toggle ${light} via rf code ${code}"; - trigger = { - platform = "event"; - event_type = "esphome.rf_code_received"; - event_data.code = code; - }; - action = { - service = "light.toggle"; - data.entity_id = light; - }; - }; -in -{ - services.home-assistant.config.automation = [ - (rf_toggle "400551" "light.wohnzimmer_fernseher_led_strip") # A - (rf_state "401151" "light.wohnzimmer_stehlampe_osram" 128) # B - (rf_state "401451" "light.wohnzimmer_komode_osram" 128) # C - (rf_state "401511" "light.wohnzimmer_schrank_osram" 128) # D - - # OFF Lane - (let code = "400554"; in { - alias = "Turn off living room light via rf code ${code}"; # A - trigger = { - platform = "event"; - event_type = "esphome.rf_code_received"; - event_data.code = code; - }; - action = { - service = "light.turn_off"; - data.entity_id = [ - "light.wohnzimmer_fernseher_led_strip" "light.wohnzimmer_stehlampe_osram" - "light.wohnzimmer_komode_osram" "light.wohnzimmer_schrank_osram" - "light.wohnzimmer_fenster_lichterkette_licht" "light.wled" - ]; - }; - }) - - (rf_toggle "401154" "light.wohnzimmer_fenster_lichterkette_licht") # B - (rf_toggle "401454" "light.wohnzimmer_fernsehwand_led") # C - # (rf_toggle "401514" "") # D - ]; - # "400554" # A OFF - # "401154" # B OFF - # "401454" # C OFF - # "401514" # D OFF -} diff --git a/makefu/2configs/home/ham/calendar/nextcloud.nix b/makefu/2configs/home/ham/calendar/nextcloud.nix deleted file mode 100644 index 3eb68de7d..000000000 --- a/makefu/2configs/home/ham/calendar/nextcloud.nix +++ /dev/null @@ -1,41 +0,0 @@ -let - cred = import ; -in -{ - services.home-assistant.config.calendar = - [ - { - platform = "caldav"; - inherit (cred) username password; - url = "https://o.euer.krebsco.de/remote.php/dav"; - custom_calendars = [ - { - name = "Gelbersack"; - calendar = "Abfall"; - search = "Gelber Sack.*"; - } - { - name = "Biomuell"; - calendar = "Abfall"; - search = "Bio.*"; - } - { - name = "Restmuell"; - calendar = "Abfall"; - search = "Rest.*"; - } - { - name = "Papiermuell"; - calendar = "Abfall"; - search = "Altpapier.*"; - } - { - name = "Kehrwoche"; - calendar = "Kehrwoche"; - search = ".*"; - } - ]; - } - - ]; -} diff --git a/makefu/2configs/home/ham/default.nix b/makefu/2configs/home/ham/default.nix deleted file mode 100644 index 98269959d..000000000 --- a/makefu/2configs/home/ham/default.nix +++ /dev/null @@ -1,205 +0,0 @@ -{ pkgs, lib, config, ... }: -# Ideas: -## wake-on-lan server -## -let - prefix = (import ./lib).prefix; - hassdir = "/var/lib/hass"; - - -in { - imports = [ - ./nginx.nix - ./mqtt.nix - ./signal-rest - - # hass config - ./zigbee2mqtt.nix - # ./multi/flurlicht.nix - ./multi/kurzzeitwecker.nix - ./intents - ./multi/the_playlist.nix - ./multi/heizung.nix - # ./multi/fliegen-couter.nix - - ./device_tracker/openwrt.nix - ./device_tracker/tile.nix - - ./sensor/outside.nix - ./sensor/pollen.nix - ./sensor/dwd.nix - - ./calendar/nextcloud.nix - - ./media/firetv.nix - ./media/sonos.nix - ./media/schlafzimmer_music_remote.nix - ./media/remote_sound_wohnzimmer.nix - ./media/remote_sound_arbeitszimmer.nix - ./media/arbeitszimmer_matrix.nix - - ./automation/check-in.nix - ./automation/fenster_auf.nix - ./automation/firetv_restart.nix - ./automation/light_buttons.nix - ./automation/wohnzimmer_rf_fernbedienung.nix - # ./automation/ladestecker_timer.nix - ./automation/flurlicht.nix - # ./automation/giesskanne.nix - # ./automation/pflanzen_giessen_erinnerung.nix - ./automation/find_phone.nix - ./automation/urlaub.nix - ./automation/moodlight.nix - ./automation/shutdown_button.nix - ./automation/project_tracker.nix - ./automation/daily_speedtext.nix - - - ./light/arbeitszimmer.nix - ./light/schlafzimmer.nix - ./light/wohnzimmer.nix - - ./tts/google.nix - ]; - - services.home-assistant = { - extraComponents = [ "mobile_app" ]; - extraPackages = python3Packages: with python3Packages; [ pytz ]; - - config = { - default_config = {}; # for sonos aiodiscover - - influxdb = { - api_version = 1; - database = "ham"; - host = "localhost"; - tags = { - instance = "omo"; - source = "hass"; - }; - }; - - config = {}; - homeassistant = { - name = "Home"; time_zone = "Europe/Berlin"; - latitude = "48.7687"; - longitude = "9.2478"; - elevation = 247; - auth_providers = [ - { type = "trusted_networks"; - trusted_networks = [ "192.168.1.0/24" ]; - allow_bypass_login = true; - } - { type = "homeassistant"; } - ]; - }; - tasmota = {}; - binary_sensor = [ - { platform = "workday"; - name = "Arbeitstag"; - country = "DE"; - province = "BW"; - } - { platform = "workday"; - name = "Arbeitstag Morgen"; - country = "DE"; - province = "BW"; - days_offset = 1; - } - { platform = "workday"; - name = "Arbeitstag Gestern"; - country = "DE"; - province = "BW"; - days_offset = 1; - } - ]; - discovery = {}; - conversation = {}; - history = {}; - logbook = {}; - logger = { - default = "info"; - }; - rest_command = {}; - api = {}; - esphome = {}; # fails - camera = []; - #telegram_bot = [ - # # secrets file: { - # # "platform": "broadcast", - # # "api_key": "", # talk to Botfather /newbot - # # "allowed_chat_ids": [ ID ] # curl -X GET # https://api.telegram.org/bot/getUpdates - # # } - # (builtins.fromJSON - # (builtins.readFile )) - #]; - notify = [ - #{ - # platform = "telegram"; - # name = "telegrambot"; - # chat_id = builtins.elemAt - # (builtins.fromJSON (builtins.readFile - # )).allowed_chat_ids 0; - #} - ]; - sun.elevation = 247; - recorder = {}; - mqtt = { - broker = "localhost"; - discovery = true; #enable esphome discovery - discovery_prefix = "homeassistant"; - port = 1883; - client_id = "home-assistant"; - username = "hass"; - password = lib.removeSuffix "\n" (builtins.readFile ); - keepalive = 60; - protocol = 3.1; - birth_message = { - topic = "${prefix}/hass/tele/LWT"; - payload = "Online"; - qos = 1; - retain = true; - }; - will_message = { - topic = "${prefix}/hass/tele/LWT"; - payload = "Offline"; - qos = 1; - retain = true; - }; - }; - luftdaten = { - # show_on_map = true; - sensor_id = 72935; - # sensors.monitored_conditions = [ "P1" "P2" ]; - }; - #binary_sensor = - # flurlicht.binary_sensor; - - sensor = [ - # https://www.home-assistant.io/cookbook/automation_for_rainy_days/ - ]; - frontend = { }; - speedtestdotnet = { }; - http = { - use_x_forwarded_for = true; - #server_host = "127.0.0.1"; - server_host = "0.0.0.0"; - trusted_proxies = [ "127.0.0.1" ]; - #trusted_proxies = [ "192.168.1.0/24" ]; - }; - switch = []; - automation = []; - script = { }; - media_source = {}; - }; - enable = true; - configDir = hassdir; - }; - - krebs.secret.files."hass-secrets" = { - source-path = toString + "/hass/secrets.yaml"; - path = "/var/lib/hass/secrets.yaml"; - owner.name = "hass"; - }; - state = [ "/var/lib/hass/known_devices.yaml" ]; -} diff --git a/makefu/2configs/home/ham/deps/dwdwfsapi.nix b/makefu/2configs/home/ham/deps/dwdwfsapi.nix deleted file mode 100644 index d59dfa9e8..000000000 --- a/makefu/2configs/home/ham/deps/dwdwfsapi.nix +++ /dev/null @@ -1,38 +0,0 @@ -{ lib -, buildPythonPackage -, fetchPypi -, requests -, ciso8601 -, urllib3 -}: - -buildPythonPackage rec { - pname = "dwdwfsapi"; - version = "1.0.3"; - - disabled = false; # requires python version >=3.6 - - src = fetchPypi { - inherit pname version; - sha256 = "3d7d5bd66b1a647f07295068dc653b4ceafc2e8ec834b8e32419031c7b3a9b39"; - }; - - # # Package conditions to handle - # # might have to sed setup.py and egg.info in patchPhase - # # sed -i "s/...//" - # requests>=2.23.0,<3 - # ciso8601>=2.1.3,<3 - # urllib3>=1.25.8,<2 - propagatedBuildInputs = [ - requests - ciso8601 - urllib3 - ]; - - meta = with lib; { - description = "Python client to retrieve data provided by DWD via their geoserver WFS API"; - homepage = https://github.com/stephan192/dwdwfsapi; - license = licenses.mit; - # maintainers = [ maintainers. ]; - }; -} diff --git a/makefu/2configs/home/ham/deps/pykodi.nix b/makefu/2configs/home/ham/deps/pykodi.nix deleted file mode 100644 index 85a541f8a..000000000 --- a/makefu/2configs/home/ham/deps/pykodi.nix +++ /dev/null @@ -1,37 +0,0 @@ -{ lib -, buildPythonPackage -, fetchPypi -, jsonrpc-async -, jsonrpc-websocket -, aiohttp -}: - -buildPythonPackage rec { - pname = "pykodi"; - version = "0.2.2"; - - disabled = false; # requires python version >=3.7.0 - - src = fetchPypi { - inherit pname version; - sha256 = "43e7036a00a76f65c34dc5e7f1065a3ef071eea7619c2e6228e521b638e640bc"; - }; - - # # Package conditions to handle - # # might have to sed setup.py and egg.info in patchPhase - # # sed -i "s/...//" - # jsonrpc-async>=1.1.0 - # jsonrpc-websocket>=1.2.1 - propagatedBuildInputs = [ - jsonrpc-async - jsonrpc-websocket - aiohttp - ]; - - meta = with lib; { - description = "An async python interface for Kodi over JSON-RPC"; - homepage = https://github.com/OnFreund/PyKodi; - license = licenses.mit; - # maintainers = [ maintainers. ]; - }; -} diff --git a/makefu/2configs/home/ham/device_tracker/openwrt.nix b/makefu/2configs/home/ham/device_tracker/openwrt.nix deleted file mode 100644 index c2b0353c6..000000000 --- a/makefu/2configs/home/ham/device_tracker/openwrt.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ - services.home-assistant.config.device_tracker = - [ - { platform = "luci"; - host = "192.168.111.5"; - username = "root"; - password = import ; - interval_seconds = 30; # instead of 12seconds - consider_home = 300; # 5 minutes timeout - new_device_defaults.track_new_devices = true; - } - ]; -} diff --git a/makefu/2configs/home/ham/device_tracker/tile.nix b/makefu/2configs/home/ham/device_tracker/tile.nix deleted file mode 100644 index ad1e6c15d..000000000 --- a/makefu/2configs/home/ham/device_tracker/tile.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ - - services.home-assistant.config.device_tracker = - [ - { inherit (import ) username password; - platform = "tile"; - show_inactive = true; - } - ]; -} diff --git a/makefu/2configs/home/ham/docker.nix b/makefu/2configs/home/ham/docker.nix deleted file mode 100644 index e8a47dbbb..000000000 --- a/makefu/2configs/home/ham/docker.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ config, pkgs, lib, ... }: -let - confdir = "/var/lib/homeassistant-docker"; -in { - imports = [ - ./nginx.nix - ./mqtt.nix - ./signal-rest - ./signal-rest/service.nix - ]; - - networking.firewall.allowedTCPPorts = [ 8123 ]; - state = [ "/var/lib/hass/known_devices.yaml" ]; - virtualisation.oci-containers.containers.hass = { - image = "homeassistant/home-assistant:latest"; - environment = { - TZ = "Europe/Berlin"; - UMASK = "007"; - }; - extraOptions = ["--net=host" ]; - volumes = [ - "${confdir}:/config" - #"/data/music:/config/media" - ]; - }; - systemd.tmpfiles.rules = [ - #"f ${confdir}/docker-run 0770 kiosk kiosk - -" - "d ${confdir} 0770 kiosk kiosk - -" - ]; -} diff --git a/makefu/2configs/home/ham/intents/default.nix b/makefu/2configs/home/ham/intents/default.nix deleted file mode 100644 index 24594b4a2..000000000 --- a/makefu/2configs/home/ham/intents/default.nix +++ /dev/null @@ -1,35 +0,0 @@ -{ - services.home-assistant.config = { - intent_script = { - GetTime.speech.text = '' - Es ist {{ now().hour }} Uhr {{ now().minute }} - ''; - GutenMorgen.speech.text = '' - Einen wunderschönen Guten Morgen wünsche ich dir - ''; - WieGehtEsDir.speech.text = '' - Mir geht es sehr gut, und dir? - ''; - Statusreport.speech.text = builtins.readFile ./statusbericht.txt.j2; - StartMusic = { - speech.text = "Spiele {{ music }} musik"; - action_async = [ - { - service = "media_player.play_media"; - data_template = { - entity_id = "media_player.{{ _intent.siteId }}"; - media_content_id = builtins.readFile ./music_chooser.txt.j2; - media_content_type = "music"; - }; - } - ]; - }; - GetWeather = { - #speech.text = '' - # {{ states('sensor.openweathermap_weather') }} bei {{ states('sensor.openweathermap_temperature') }} Grad - #''; - speech.text = "{{ states('sensor.swr_prognose') }}"; - }; - }; - }; -} diff --git a/makefu/2configs/home/ham/intents/music_chooser.txt.j2 b/makefu/2configs/home/ham/intents/music_chooser.txt.j2 deleted file mode 100644 index b66ed2721..000000000 --- a/makefu/2configs/home/ham/intents/music_chooser.txt.j2 +++ /dev/null @@ -1,13 +0,0 @@ -{% if music == "lounge" -%} -https://cast1.asurahosting.com/proxy/julien/stream.mp3 -{% elif music == "lassulus" -%} -http://radio.lassul.us:8000/radio.mp3 -{% elif music == "groove" -%} -http://ice2.somafm.com/groovesalad-128.mp3 -{% elif music == "swr3" -%} -https://liveradio.swr.de/sw282p3/swr3/play.mp3 -{% elif music == "swr1" -%} -https://liveradio.swr.de/sw282p3/swr1bw/play.mp3 -{% elif music == "radio" -%} -https://liveradio.swr.de/sw282p3/swr1bw/play.mp3 -{% endif %} diff --git a/makefu/2configs/home/ham/intents/statusbericht.txt.j2 b/makefu/2configs/home/ham/intents/statusbericht.txt.j2 deleted file mode 100644 index c17ad455c..000000000 --- a/makefu/2configs/home/ham/intents/statusbericht.txt.j2 +++ /dev/null @@ -1,37 +0,0 @@ -{% set arbeit_heute = is_state("binary_sensor.arbeitstag","on") -%} -{% set weekday = ['Montag','Dienstag','Mittwoch','Donnerstag','Freitag','Samstag','Sonntag'][now().weekday()] -%} -{% set is_friday = now().weekday() == 4 %} - -Dies ist deine Persönliche Zusammenfassung -{% set inside = states("sensor.wohnzimmer_temp_temperature") | float | round(2) -%} -{% set outside = states("sensor.dark_sky_temperature") | float | round(2) -%} -{% set arbeit_morgen = is_state("binary_sensor.arbeitstag_morgen","on") -%} - -Die Wetteraussichten: {{ states("sensor.dark_sky_hourly_summary") | replace(".","")}} bei {{ states("sensor.dark_sky_temperature") }} Grad mit {{ states("sensor.dark_sky_humidity") | round(0) }}% Luftfeuchtigkeit. -{% if states("calendar.abfall_papiermuell") == "on" %} -Heute ist Papiermuell, bring noch schnell dein Papier raus -{% endif %} -{% if states("calendar.abfall_restmuell") == "on" %} -Ausserdem ist heute Restmuell. -{% endif -%} - -{% if ( outside < inside ) and ( outside > 18 ) %} -Draussen ist es gerade {{ ((inside - outside) | round(1) )}} gerade kühler -{% endif -%} - -{% set current_count = state_attr("sensor.dwd_weather_warnings_current_warning_level", "warning_count") %} -{% for i in range(current_count) %} -{% set idx = i + 1 %} - {% set headline = state_attr("sensor.dwd_weather_warnings_current_warning_level", "warning_" ~ idx ~ "_headline") %} - {% set description = state_attr("sensor.dwd_weather_warnings_current_warning_level", "warning_" ~ idx ~ "_description") %} - {% set level = state_attr("sensor.dwd_weather_warnings_current_warning_level", "warning_" ~ idx ~ "_level") %} - {% set time_start = state_attr("sensor.dwd_weather_warnings_current_warning_level", "warning_" ~ idx ~ "_start") %} - {% set time_end = state_attr("sensor.dwd_weather_warnings_current_warning_level", "warning_" ~ idx ~ "_end") %} -Wetterwarnung {{idx}}: {{ headline }} Stufe {{level}} von {{ time_start.strftime("%H:%M") ~ " bis " ~ time_end.strftime("%H:%M") }} Uhr - -{{ description }} -{% endfor %} - -{% if is_friday %} -Endlich ist Freitag! -{% endif -%} diff --git a/makefu/2configs/home/ham/lib/cheat-sheet.nix b/makefu/2configs/home/ham/lib/cheat-sheet.nix deleted file mode 100644 index f593ef4ec..000000000 --- a/makefu/2configs/home/ham/lib/cheat-sheet.nix +++ /dev/null @@ -1,42 +0,0 @@ -# Begin -let -in { - services.home-assistant.config.automation = - [ - ]; -} - -# example automation - { alias = ""; - trigger = [ - { - platform = "state"; - entity_id = ""; - to = "on"; - for.seconds = 0; - } - ]; - condition = [ - { condition = "state"; - entity_id = ""; - state = "off"; - } - ]; - action = - [ - { choose = [ - { - conditions = { - condition = "state"; - entity_id = ""; - state = "on"; - }; - sequence = [{ - service = "home_assistant.turn_on"; - target.entity_id = ""; - }]; - }]; - default = { }; - } - ]; - } diff --git a/makefu/2configs/home/ham/lib/default.nix b/makefu/2configs/home/ham/lib/default.nix deleted file mode 100644 index 0d89d1e9e..000000000 --- a/makefu/2configs/home/ham/lib/default.nix +++ /dev/null @@ -1,134 +0,0 @@ -let - prefix = "/ham"; -in -{ - inherit prefix; - say = let - # returns a list of actions to be performed on an mpd to say something - tts = { message, entity }: - [ - { - service = "sonos.snapshot"; - target.entity_id = entity; - } - { - service = "tts.google_say"; - data = { - entity_id = entity; - inherit message; - language = "de"; - }; - } - #{ wait_template = "{{ is_state('${entity}' , 'playing') }}"; - # timeout = "00:00:02"; - #} - #{ wait_template = "{{ not is_state('${entity}' , 'playing') }}"; - # timeout = "00:01:00"; - #} - { delay.seconds = 1; } - { delay = '' - {% set duration = state_attr("${entity}","media_duration") or 0 %} - {% set seconds = (duration % 60 ) %} - {% set minutes = (duration / 60)|int % 60 %} - {% set hours = (duration / 3600)|int %} - {{ "%02i:%02i:%02i"|format(hours, minutes, seconds)}} - ''; - } - { - service = "sonos.restore"; - target.entity_id = entity; - } - ]; - in - { - living_room = message: tts { - inherit message; - entity = "media_player.living_room"; - }; - office = message: tts { - inherit message; - entity = "media_player.office"; - }; - bedroom = message: tts { - inherit message; - entity = "media_player.bedroom"; - }; - }; - - zigbee.prefix = "/ham/zigbee"; - - btn_cycle_light = light: btn: halfbright: - let - maxbright = 255; - transition = 0.2; # seconds - in - # this function implements a simple state machine based on the state and brightness of the light (light must support brightness - { - alias = "Cycle through states of ${light} via button ${btn}"; - trigger = { - platform = "state"; - entity_id = "sensor.${btn}_click"; - to = "single"; - }; - action = { - choose = [ - { - # state 0: off to half - conditions = { - condition = "template"; - value_template = ''{{ states("${light}") == "off" }}''; - }; - sequence = [ - { - service = "light.turn_on"; - data = { - entity_id = light; - brightness = halfbright; - }; - } - ]; - } - { - # state 1: half to full - conditions = { - condition = "template"; - value_template = ''{{ states('${light}') == 'on' and ( ${toString (halfbright - 1)} <= state_attr("${light}","brightness") <= ${toString (halfbright + 1)})}}''; - }; - sequence = [ - { - service = "light.turn_on"; - data = { - entity_id = light; - brightness = maxbright; - }; - } - ]; - } - { - # state 2: full to off - conditions = { - condition = "template"; - # TODO: it seems like the devices respond with brightness-1 , maybe off-by-one somewhere? - value_template = ''{{ states("${light}") == "on" and state_attr("${light}","brightness") >= ${toString (maxbright - 1)}}}''; - }; - sequence = [ - { - service = "light.turn_off"; - data = { - entity_id = light; - }; - } - ]; - } - ]; - # default: on to off - # this works because state 0 checks for "state == off" - default = [{ - service = "light.turn_off"; - data = { - entity_id = light; - }; - }]; - }; - }; -} diff --git a/makefu/2configs/home/ham/light/arbeitszimmer.nix b/makefu/2configs/home/ham/light/arbeitszimmer.nix deleted file mode 100644 index 6e572c763..000000000 --- a/makefu/2configs/home/ham/light/arbeitszimmer.nix +++ /dev/null @@ -1,33 +0,0 @@ -let - arbeitszimmer_deko = [ - "light.led_wand" - "light.box_led_status" - "light.arbeitszimmer_led1_led_strip" # LED-Kreis in cube - ]; - arbeitszimmerbeleuchtung = [ - "light.arbeitszimmer_schrank_dimmer" - "light.arbeitszimmer_kerze" - "light.arbeitszimmer_pflanzenlicht" - ]; -in { - imports = [ ./tint_arbeitszimmer.nix ]; - - services.home-assistant.config.light = [ - { - platform = "group"; - name = "Arbeitszimmerbeleuchtung"; - entities = arbeitszimmerbeleuchtung; - } - { - platform = "group"; - name = "Arbeitszimmer Deko"; - entities = arbeitszimmer_deko; - } - { platform = "switch"; - name = "Arbeitszimmer Pflanzenlicht"; - entity_id = "switch.arbeitszimmer_stecker1"; - } - ]; - services.home-assistant.config.automation = [ - ]; -} diff --git a/makefu/2configs/home/ham/light/schlafzimmer.nix b/makefu/2configs/home/ham/light/schlafzimmer.nix deleted file mode 100644 index e5370e3f8..000000000 --- a/makefu/2configs/home/ham/light/schlafzimmer.nix +++ /dev/null @@ -1,14 +0,0 @@ -let - schlafzimmer_licht = [ - "light.schlafzimmer_komode_osram" - # "light.schlafzimmer_schrank_osram" - ]; -in { - services.home-assistant.config.light = [ - { - platform = "group"; - name = "Schlafzimmerbeleuchtung"; - entities = schlafzimmer_licht; - } - ]; -} diff --git a/makefu/2configs/home/ham/light/tint_arbeitszimmer.nix b/makefu/2configs/home/ham/light/tint_arbeitszimmer.nix deleted file mode 100644 index 4ae91ac54..000000000 --- a/makefu/2configs/home/ham/light/tint_arbeitszimmer.nix +++ /dev/null @@ -1,281 +0,0 @@ -{ lib, ...}: - -let - # effect - color - # Solid Pattern - Hult - group_id_1 = 16388; - group_id_2 = 16389; - group_id_3 = 16390; - remote = "sensor.arbeitszimmer_remote1_action"; - main_light_1 = "light.wled_4"; - default_scene_1 = "Solid"; - default_color_1 = "Default"; - main_color_select_1 = "select.wled_color_palette_4"; - light_group_1.entity_id = [ - main_light_1 - ]; - - # contains only the actually changeable lights - light_group_2.entity_id = [ - "light.arbeitszimmer_schrank_dimmer" - ]; - light_group_3.entity_id = [ - "light.arbeitszimmer_pflanzenlicht" - ]; - - statecond = cond: { # cond must be a list - condition = "template"; - value_template = "{{ trigger.to_state.attributes.action in ( " + - (lib.concatMapStringsSep "," (x: "'${x}'") cond) + ") }}"; - }; -in { - services.home-assistant.config.automation = [ - { - alias = "Perform Actions with ${remote}"; - mode = "queued"; - max = 5; - max_exceeded = "silent"; - trigger = { - platform = "state"; - entity_id = remote; - }; - condition = { - condition = "and"; - conditions = [ - { - condition = "template"; - value_template = "{{ trigger.from_state.state != trigger.to_state.state }}"; - } - ( statecond [ "off" "on" "color_wheel" - "brightness_up_click" "brightness_down_click" - "color_temp" "color_temperature_move" - "brightness_step_down" "brightness_step_up" "brightness_down_hold" "brightness_down_release" "brightness_up_hold" "brightness_up_release" - "scene_3" "scene_1" "scene_2" # working sunset party - "scene_6" "scene_4" "scene_5" # night campfire romantic - ]) - ]; - }; - action = [ - { service = "system_log.write"; - data = { - level = "info"; - message = "Tint Button pressed: {{ trigger.to_state.state }} Group: {{ trigger.to_state.attributes.action_group }} Length {{ input_working_scene_1 | length }}"; - }; - } - { - choose = [ - { # light group 1 - conditions = { - condition = "template"; - value_template = "{{ trigger.to_state.attributes.action_group == ${toString group_id_1} }}"; - }; - sequence = [ - { - choose = [ - { - conditions = statecond [ "on" "off" ]; - sequence = { - service = "light.turn_{{ trigger.to_state.state }}"; - target = light_group_1; - }; - } - { - conditions = statecond [ "color_wheel" ]; - sequence = { - data.xy_color = [ - "{{ trigger.to_state.attributes.action_color.x | float }}" - "{{ trigger.to_state.attributes.action_color.y | float }}" - ]; - service = "light.turn_on"; - target = light_group_1; - }; - } - { - conditions = statecond [ "color_temp" ]; - sequence = { - data.color_temp = "{{ trigger.to_state.attributes.action_color_temperature | float }}"; - service = "light.turn_on"; - target = light_group_1; - }; - } - { - conditions = statecond [ "brightness_up_click" "brightness_down_click" ]; - sequence = [ - { - variables.factor = ''{% if trigger.to_state.state in ( "brightness_down_click") %} -12 {% else %} 12 {% endif %}''; - } - { - data.brightness_step_pct = "{{ factor | int }}"; - service = "light.turn_on"; - target = light_group_1; - } - ]; - } - { - conditions = statecond [ - "scene_3" # working => previous scene - "scene_1" # sunset => default scene (solid) - "scene_2" # party => next scene - - ]; - sequence = [ - { - data.effect = '' - {% set options = state_attr("${main_light_1}","effect_list") -%} - {% set selection = options.index(state_attr("${main_light_1}","effect")) -%} - {% if trigger.to_state.attributes.action == "scene_2" -%} - {% if (selection + 1) >= options | length -%} - {{ options[0] }} - {% else -%} - {{ options[selection + 1] }} - {% endif %} - {% elif trigger.to_state.attributes.action == "scene_1" -%} - ${default_scene_1} - {% elif trigger.to_state.attributes.action == "scene_3" -%} - {{ options[selection - 1] }} - {% endif -%} - ''; - service = "light.turn_on"; - target.entity_id = main_light_1; - } - ]; - } - { - conditions = statecond [ - "scene_6" # night => previous color - "scene_4" # campfire => default Color (Default) - "scene_5" # romance => next color - - ]; - sequence = [ - { - data.option = '' - {% set options = state_attr("${main_color_select_1}","options") -%} - {% set selection = options.index(states("${main_color_select_1}")) -%} - {% if trigger.to_state.attributes.action == "scene_5" -%} - {% if (selection + 1) >= options | length -%} - {{ options[0] }} - {% else -%} - {{ options[selection + 1] }} - {% endif %} - {% elif trigger.to_state.attributes.action == "scene_4" -%} - ${default_color_1} - {% elif trigger.to_state.attributes.action == "scene_6" -%} - {{ options[selection - 1] }} - {% endif -%} - ''; - service = "select.select_option"; - target.entity_id = main_color_select_1; - } - ]; - } - ]; - } - ]; - } - { # light group 2 - conditions = { - condition = "template"; - value_template = "{{ trigger.to_state.attributes.action_group == ${toString group_id_2} }}"; - }; - sequence = [ - { - choose = [ - { conditions = statecond [ "on" "off" ]; - sequence = { - service = "light.turn_{{ trigger.to_state.state }}"; - target = light_group_2; - }; - } - { - conditions = statecond [ "color_wheel" ]; - sequence = { - data.xy_color = [ - "{{ trigger.to_state.attributes.action_color.x | float }}" - "{{ trigger.to_state.attributes.action_color.y | float }}" - ]; - service = "light.turn_on"; - target = light_group_2; - }; - } - { - conditions = statecond [ "color_temp" ]; - sequence = { - data.color_temp = "{{ trigger.to_state.attributes.action_color_temperature | float }}"; - service = "light.turn_on"; - target = light_group_2; - }; - } - { - conditions = statecond [ "brightness_up_click" "brightness_down_click" ]; - sequence = [ - { - variables.factor = ''{% if trigger.to_state.state in ( "brightness_down_click") %} -12 {% else %} 12 {% endif %}''; - } - { - data.brightness_step_pct = "{{ factor | int }}"; - service = "light.turn_on"; - target = light_group_2; - } - ]; - } - ]; - } - ]; - } - { # light group 3 - conditions = { - condition = "template"; - value_template = "{{ trigger.to_state.attributes.action_group == ${toString group_id_3} }}"; - }; - sequence = [ - { - choose = [ - { conditions = statecond [ "on" "off" ]; - sequence = { - service = "light.turn_{{ trigger.to_state.state }}"; - target = light_group_3; - }; - } - { - conditions = statecond [ "color_wheel" ]; - sequence = { - data.xy_color = [ - "{{ trigger.to_state.attributes.action_color.x | float }}" - "{{ trigger.to_state.attributes.action_color.y | float }}" - ]; - service = "light.turn_on"; - target = light_group_3; - }; - } - { - conditions = statecond [ "color_temperature_move" ]; - sequence = { - data.color_temp = "{{ trigger.to_state.attributes.action_color_temperature | float }}"; - service = "light.turn_on"; - target = light_group_3; - }; - } - { - conditions = statecond [ "brightness_up_click" "brightness_down_click" ]; - sequence = [ - { - variables.factor = ''{% if trigger.to_state.state in ( "brightness_down_click") %} -12 {% else %} 12 {% endif %}''; - } - { - data.brightness_step_pct = "{{ factor | int }}"; - service = "light.turn_on"; - target = light_group_3; - } - ]; - } - ]; - } - ]; - } - ]; - } - ]; - } - ]; -} diff --git a/makefu/2configs/home/ham/light/tint_wohnzimmer.nix b/makefu/2configs/home/ham/light/tint_wohnzimmer.nix deleted file mode 100644 index 243243816..000000000 --- a/makefu/2configs/home/ham/light/tint_wohnzimmer.nix +++ /dev/null @@ -1,300 +0,0 @@ -{ lib, ...}: -# cycle through scenes - -# cycle through color palettes -# {% set options = state_attr('select.wled_color_palette','options') -%} -# {% set selection = options.index(states('select.wled_color_palette')) -%} -# {% if false -%} -# {% if (selection + 1) >= options | length -%} -# {{ options[0] }} -# {% else -%} -# {{ options[selection + 1] }} -# {% endif %} -# {% elif true -%} -# {{ options[selection -1] }} -# {% endif -%} - -let - # Solid Pattern - # Hult - group_id_1 = 16388; - group_id_2 = 16389; - group_id_3 = 16390; - remote = "sensor.schlafzimmer_remote1_action"; - main_light_1 = "light.wled"; # fernseher - main_light_2 = "light.wled_2"; #fernsehwand - - default_scene_1 = "Solid"; - default_color_1 = "Default"; - main_color_select_1 = "select.wled_color_palette"; - light_group_1.entity_id = [ - main_light_1 - main_light_2 - ]; - - # contains only the actually changeable lights - light_group_2.entity_id = [ - "light.wohnzimmer_komode_osram" - "light.wohnzimmer_schrank_osram" - "light.wohnzimmer_fenster_lichterkette_licht" - ]; - light_group_3.entity_id = [ - "light.wohnzimmer_stehlampe_osram" - ]; - - statecond = cond: { # cond must be a list - condition = "template"; - value_template = "{{ trigger.to_state.attributes.action in ( " + - (lib.concatMapStringsSep "," (x: "'${x}'") cond) + ") }}"; - }; -in { - services.home-assistant.config.automation = [ - { - alias = "Perform Actions with ${remote}"; - mode = "queued"; - max = 5; - max_exceeded = "silent"; - trigger = { - platform = "state"; - entity_id = remote; - }; - condition = { - condition = "and"; - conditions = [ - { - condition = "template"; - value_template = "{{ trigger.from_state.state != trigger.to_state.state }}"; - } - ( statecond [ "off" "on" "color_wheel" - "brightness_up_click" "brightness_down_click" - "color_temp" "color_temperature_move" - "brightness_step_down" "brightness_step_up" "brightness_down_hold" "brightness_down_release" "brightness_up_hold" "brightness_up_release" - "scene_3" "scene_1" "scene_2" # working sunset party - "scene_6" "scene_4" "scene_5" # night campfire romantic - ]) - ]; - }; - action = [ - { service = "system_log.write"; - data = { - level = "info"; - message = "Tint Button pressed: {{ trigger.to_state.state }} Group: {{ trigger.to_state.attributes.action_group }} Length {{ input_working_scene_1 | length }}"; - }; - } - { - choose = [ - { # light group 1 - conditions = { - condition = "template"; - value_template = "{{ trigger.to_state.attributes.action_group == ${toString group_id_1} }}"; - }; - sequence = [ - { - choose = [ - { - conditions = statecond [ "on" "off" ]; - sequence = { - service = "light.turn_{{ trigger.to_state.state }}"; - target = light_group_1; - }; - } - { - conditions = statecond [ "color_wheel" ]; - sequence = { - data.xy_color = [ - "{{ trigger.to_state.attributes.action_color.x | float }}" - "{{ trigger.to_state.attributes.action_color.y | float }}" - ]; - service = "light.turn_on"; - target = light_group_1; - }; - } - { - conditions = statecond [ "color_temp" ]; - sequence = { - data.color_temp = "{{ trigger.to_state.attributes.action_color_temperature | float }}"; - service = "light.turn_on"; - target = light_group_1; - }; - } - { - conditions = statecond [ "brightness_up_click" "brightness_down_click" ]; - sequence = [ - { - variables.factor = ''{% if trigger.to_state.state in ( "brightness_down_click") %} -12 {% else %} 12 {% endif %}''; - } - { - data.brightness_step_pct = "{{ factor | int }}"; - service = "light.turn_on"; - target = light_group_1; - } - ]; - } - { - conditions = statecond [ - "scene_3" # working => previous scene - "scene_1" # sunset => default scene (solid) - "scene_2" # party => next scene - - ]; - sequence = [ - { - data.effect = '' - {% set options = state_attr("${main_light_1}","effect_list") -%} - {% set selection = options.index(state_attr("${main_light_1}","effect")) -%} - {% if trigger.to_state.attributes.action == "scene_2" -%} - {% if (selection + 1) >= options | length -%} - {{ options[0] }} - {% else -%} - {{ options[selection + 1] }} - {% endif %} - {% elif trigger.to_state.attributes.action == "scene_1" -%} - ${default_scene_1} - {% elif trigger.to_state.attributes.action == "scene_3" -%} - {{ options[selection - 1] }} - {% endif -%} - ''; - service = "light.turn_on"; - target.entity_id = main_light_1; - } - ]; - } - { - conditions = statecond [ - "scene_6" # night => previous color - "scene_4" # campfire => default Color (Default) - "scene_5" # romance => next color - - ]; - sequence = [ - { - data.option = '' - {% set options = state_attr("${main_color_select_1}","options") -%} - {% set selection = options.index(states("${main_color_select_1}")) -%} - {% if trigger.to_state.attributes.action == "scene_5" -%} - {% if (selection + 1) >= options | length -%} - {{ options[0] }} - {% else -%} - {{ options[selection + 1] }} - {% endif %} - {% elif trigger.to_state.attributes.action == "scene_4" -%} - ${default_color_1} - {% elif trigger.to_state.attributes.action == "scene_6" -%} - {{ options[selection - 1] }} - {% endif -%} - ''; - service = "select.select_option"; - target.entity_id = main_color_select_1; - } - ]; - } - ]; - } - ]; - } - { # light group 2 - conditions = { - condition = "template"; - value_template = "{{ trigger.to_state.attributes.action_group == ${toString group_id_2} }}"; - }; - sequence = [ - { - choose = [ - { conditions = statecond [ "on" "off" ]; - sequence = { - service = "light.turn_{{ trigger.to_state.state }}"; - target = light_group_2; - }; - } - { - conditions = statecond [ "color_wheel" ]; - sequence = { - data.xy_color = [ - "{{ trigger.to_state.attributes.action_color.x | float }}" - "{{ trigger.to_state.attributes.action_color.y | float }}" - ]; - service = "light.turn_on"; - target = light_group_2; - }; - } - { - conditions = statecond [ "color_temp" ]; - sequence = { - data.color_temp = "{{ trigger.to_state.attributes.action_color_temperature | float }}"; - service = "light.turn_on"; - target = light_group_2; - }; - } - { - conditions = statecond [ "brightness_up_click" "brightness_down_click" ]; - sequence = [ - { - variables.factor = ''{% if trigger.to_state.state in ( "brightness_down_click") %} -12 {% else %} 12 {% endif %}''; - } - { - data.brightness_step_pct = "{{ factor | int }}"; - service = "light.turn_on"; - target = light_group_2; - } - ]; - } - ]; - } - ]; - } - { # light group 3 - conditions = { - condition = "template"; - value_template = "{{ trigger.to_state.attributes.action_group == ${toString group_id_3} }}"; - }; - sequence = [ - { - choose = [ - { conditions = statecond [ "on" "off" ]; - sequence = { - service = "light.turn_{{ trigger.to_state.state }}"; - target = light_group_3; - }; - } - { - conditions = statecond [ "color_wheel" ]; - sequence = { - data.xy_color = [ - "{{ trigger.to_state.attributes.action_color.x | float }}" - "{{ trigger.to_state.attributes.action_color.y | float }}" - ]; - service = "light.turn_on"; - target = light_group_3; - }; - } - { - conditions = statecond [ "color_temperature_move" ]; - sequence = { - data.color_temp = "{{ trigger.to_state.attributes.action_color_temperature | float }}"; - service = "light.turn_on"; - target = light_group_3; - }; - } - { - conditions = statecond [ "brightness_up_click" "brightness_down_click" ]; - sequence = [ - { - variables.factor = ''{% if trigger.to_state.state in ( "brightness_down_click") %} -12 {% else %} 12 {% endif %}''; - } - { - data.brightness_step_pct = "{{ factor | int }}"; - service = "light.turn_on"; - target = light_group_3; - } - ]; - } - ]; - } - ]; - } - ]; - } - ]; - } - ]; -} diff --git a/makefu/2configs/home/ham/light/wohnzimmer.nix b/makefu/2configs/home/ham/light/wohnzimmer.nix deleted file mode 100644 index 7fc7af038..000000000 --- a/makefu/2configs/home/ham/light/wohnzimmer.nix +++ /dev/null @@ -1,56 +0,0 @@ -let - wohnzimmerbeleuchtung = [ - "light.wohnzimmer_komode_osram_light" - "light.wohnzimmer_schrank_osram_light" - ]; - wohnzimmer_deko = [ - "light.wohnzimmer_fernseher_led_strip" # led um fernseher - "light.wohnzimmer_lichterkette_led_strip" # led um fernsehwand - "light.wohnzimmer_fenster_lichterkette_licht" # led um fenster - ]; -in { - imports = [ ./tint_wohnzimmer.nix ]; - services.home-assistant.config.scene = [ - { name = "Wohnzimmer Abendlicht"; - id = "living_room_evening"; - entities = { - "light.wohnzimmer_komode_osram_light" = { - state = "on"; - brightness = 128; - }; - "light.wohnzimmer_schrank_osram_light" = { - state = "on"; - brightness = 128; - }; - "light.wohnzimmer_fenster_lichterkette_licht" = "on"; - "light.wohnzimmer_fernseher_led_strip" = { - state = "on"; - }; - }; - - } - ]; - services.home-assistant.config.wled = {}; - services.home-assistant.config.light = [ - { - platform = "group"; - name = "Wohnzimmerbeleuchtung"; - entities = wohnzimmerbeleuchtung; - } - { - platform = "group"; - name = "Wohnzimmer Deko"; - entities = wohnzimmer_deko; - } - { - platform = "group"; - name = "living_room_lights"; - entities = wohnzimmerbeleuchtung ++ wohnzimmer_deko; - } - ]; -} - -# trigger.to_state.attributes.action_group: -# 1: 18388 -# 2: 18389 -# 3: 18390 diff --git a/makefu/2configs/home/ham/media/arbeitszimmer_matrix.nix b/makefu/2configs/home/ham/media/arbeitszimmer_matrix.nix deleted file mode 100644 index 11d13886e..000000000 --- a/makefu/2configs/home/ham/media/arbeitszimmer_matrix.nix +++ /dev/null @@ -1,110 +0,0 @@ -{ lib, ... }: -let - remote = "sensor.schlafzimmer_music_remote_action"; - hlib = import ../lib; - step = 0.02; - #room = "bedroom"; - room = "office"; - - player = "media_player.${room}"; - say = hlib.say."${room}"; - - remote_action = key: actions: { - conditions = ''{{ trigger.entity_id == 'binary_sensor.matrix_button_${toString key}' }}''; - sequence = actions; - }; - all_buttons = map (key: "binary_sensor.matrix_button_${toString key}") [ - 0 1 2 3 4 5 6 7 8 9 - "b9" "b10" "b11" "b12" "b13" "b14" - ]; -in - { - services.home-assistant.config.rest_command = { - good_song = { - url = "http://prism.r:8001/good"; - method = "POST"; - }; - bad_song = { - url = "http://prism.r:8001/skip"; - method = "POST"; - }; - }; - services.home-assistant.config.automation = - [ - { alias = "Arbeitszimmer Matrix music action"; - mode = "queued"; - trigger = [ - { - platform = "state"; - entity_id = all_buttons; - to = "on"; # ignore 'unavailable' - } - ]; - action = - [ - { choose = [ - (remote_action "9" { - service = "media_player.media_play"; - target.entity_id = player; - }) - (remote_action "7" - { - service = "media_player.media_mute"; - target.entity_id = player; - data.is_volume_muted = ''{{ not state_attr('${player}' , 'is_volume_muted') }}''; - } - ) - (remote_action "2" - { - service = "media_player.media_stop"; - target.entity_id = player; - } - ) - - (remote_action "b9" [ { service = "rest_command.good_song"; } ]) - (remote_action "b10" [ { service = "rest_command.bad_song"; } ]) - (remote_action "b11" [ - { - service = "script.turn_on"; - target.entity_id = "script.find_felix_phone"; - } - ]) - - (remote_action "3" - ((say "Starte Lass") ++ [ - { service = "media_player.play_media"; - data = { - media_content_id = "http://radio.lassul.us:8000/radio.mp3"; - media_content_type = "music"; - }; - target.entity_id = player; - } - ])) - (remote_action "1" - ((say "Starte Groovesalad") ++ [ - { service = "media_player.play_media"; - data = { - media_content_id = "http://ice2.somafm.com/groovesalad-128.mp3"; - media_content_type = "music"; - }; - target.entity_id = player; - } - ])) - (remote_action "8" { - service = "media_player.volume_set"; - target.entity_id = player; - data.volume_level = ''{{ state_attr("${player}","volume_level") + (${toString step}|float) }}''; - }) - (remote_action "5"{ - service = "media_player.volume_set"; - target.entity_id = player; - data.volume_level = ''{{ state_attr("${player}","volume_level") - (${toString step}|float) }}''; - }) - ]; - #default = { }; - } - ]; - } - ]; - -} diff --git a/makefu/2configs/home/ham/media/firetv.nix b/makefu/2configs/home/ham/media/firetv.nix deleted file mode 100644 index e2ac1ef76..000000000 --- a/makefu/2configs/home/ham/media/firetv.nix +++ /dev/null @@ -1,27 +0,0 @@ -let - firetv_stick = "192.168.111.24"; -in { - services.home-assistant.config = { - notify = [ - #{ - #platform = "nfandroidtv"; - #name = "FireTV Wohnzimmer Notification"; - #host = firetv_stick; - #} - ]; - media_player = [ - #{ - # platform = "kodi"; - # name = "FireTV Stick kodi"; - # host = firetv_stick; - #} - # Configuration needs to be done by hand via web interface "integration" - #{ platform = "androidtv"; - # name = "FireTV Stick Android"; - # device_class = "firetv"; - # host = firetv_stick; - # port = 5555; - #} - ]; - }; - } diff --git a/makefu/2configs/home/ham/media/remote_sound_arbeitszimmer.nix b/makefu/2configs/home/ham/media/remote_sound_arbeitszimmer.nix deleted file mode 100644 index cfa1da44e..000000000 --- a/makefu/2configs/home/ham/media/remote_sound_arbeitszimmer.nix +++ /dev/null @@ -1,112 +0,0 @@ -{ lib, ...}: -let - # https://www.radiotheque.de/stream/4744806739035994/ABC-Lounge-Music-Radio/pls/ - # http://listen.radionomy.com/ABC-Lounge - # https://str1.openstream.co/589 - # https://listen.openstream.co/3139/audio - # https://str1.openstream.co/589?aw_0_1st.collectionid%3D3139%26stationId%3D3139%26publisherId%3D613%26k%3D1659381767%26aw_0_azn.pcountry%3D%5B%22FR%22%2C%22IT%22%2C%22DE%22%2C%22ES%22%2C%22GB%22%2C%22CH%22%2C%22CA%22%2C%22AT%22%2C%22US%22%5D%26aw_0_azn.planguage%3D%5B%22en%22%2C%22fr%22%2C%22de%22%5D%26aw_0_azn.pgenre%3D%5B%22Jazz%22%2C%22Easy+Listening%22%2C%22Music%22%5D - statecond = cond: { # cond must be a list - condition = "template"; - value_template = "{{ trigger.to_state.state in ( " + - (lib.concatMapStringsSep "," (x: "'${x}'") cond) + ") }}"; - }; - vol_change = 0.030; - - max_repeat = "30"; # max loops to repeat before bailing out - remote = "sensor.arbeitszimmer_sound1_action"; - player = "media_player.office"; - last_state_sensor_name = "last_rotation_action_arbeitszimmer"; - last_state_sensor = "input_text.${last_state_sensor_name}"; - # - service: media_player.volume_set - # target: - # entity_id: media_player.kitchen - # data: - # volume_level: {{ state_attr('media_player.kitchen', 'volume_level') + 0.02 }} - rotate_stop = "brightness_stop"; - rotate_right = "brightness_move_up"; - rotate_left = "brightness_move_down" ; - - single_click = "toggle"; - double_click = "brightness_step_up"; - triple_click = "brightness_step_down"; -in { - services.home-assistant.config.input_text."${last_state_sensor_name}".name = "Last action of the arbeitszimmer"; - services.home-assistant.config.automation = [ - { - trigger = { - platform = "state"; - entity_id = remote; - to = [ rotate_stop ]; - }; - action = [ - { service = "input_text.set_value"; - target.entity_id = last_state_sensor; - data.value = "stop"; - } - ]; - } - { - alias = "Perform Actions with ${remote}"; - trigger = { - platform = "state"; - entity_id = remote; - to = [ single_click double_click triple_click rotate_left rotate_right ]; - }; - #mode = "queued"; - #max = 5; - mode = "single"; - #max_exceeded = "silent"; - action = [ - { - choose = [ - { - conditions = statecond [ single_click ]; - sequence = [ - { service = "media_player.media_play_pause"; - target.entity_id = player; - } - ]; - } - { - conditions = statecond [ rotate_left rotate_right ]; - sequence = let - vol_up = toString vol_change; - vol_down = toString (-1 * vol_change); - in [ - { - variables.nextvol = ''{% if trigger.to_state.state in ( "${rotate_left}" ) -%} ${vol_down} {% else -%} ${vol_up} {% endif -%}''; - variables.state = ''{% if trigger.to_state.state in ( "${rotate_left}" ) -%} left {% else -%} right {% endif -%}''; - } - { service = "input_text.set_value"; - target.entity_id = last_state_sensor; - data.value = ''{{ state }}''; - } - { - repeat = { - sequence = [ - { service = "media_player.volume_set"; - target.entity_id = player; - data.volume_level = ''{{ state_attr("${player}","volume_level") + (nextvol|float) }}''; - } - { delay.milliseconds = "150"; } - ]; - while = [ - { - condition = "template"; - value_template = ''{{ states("${last_state_sensor}") == state }}''; - } - { - condition = "template"; - value_template = "{{ repeat.index <= ${max_repeat}}}"; - } - ]; - }; - } - ]; - } - ]; - } - ]; - } - ]; -} diff --git a/makefu/2configs/home/ham/media/remote_sound_wohnzimmer.nix b/makefu/2configs/home/ham/media/remote_sound_wohnzimmer.nix deleted file mode 100644 index 2091ca946..000000000 --- a/makefu/2configs/home/ham/media/remote_sound_wohnzimmer.nix +++ /dev/null @@ -1,107 +0,0 @@ -{ lib, ...}: -let - statecond = cond: { # cond must be a list - condition = "template"; - value_template = "{{ trigger.to_state.state in ( " + - (lib.concatMapStringsSep "," (x: "'${x}'") cond) + ") }}"; - }; - vol_change = 0.030; - - max_repeat = "30"; # max loops to repeat before bailing out - remote = "sensor.wohnzimmer_sound1_action"; - player = "media_player.living_room"; - last_state_sensor_name = "last_rotation_action"; - last_state_sensor = "input_text.last_rotation_action"; - # - service: media_player.volume_set - # target: - # entity_id: media_player.kitchen - # data: - # volume_level: {{ state_attr('media_player.kitchen', 'volume_level') + 0.02 }} - rotate_stop = "brightness_stop"; - rotate_right = "brightness_move_up"; - rotate_left = "brightness_move_down" ; - - single_click = "toggle"; - double_click = "brightness_step_up"; - triple_click = "brightness_step_down"; -in { - services.home-assistant.config.input_text."${last_state_sensor_name}".name = "Last action of the wohnzimmer"; - services.home-assistant.config.automation = [ - { - trigger = { - platform = "state"; - entity_id = remote; - to = [ rotate_stop ]; - }; - action = [ - { service = "input_text.set_value"; - target.entity_id = last_state_sensor; - data.value = "stop"; - } - ]; - } - { - alias = "Perform Actions with ${remote}"; - trigger = { - platform = "state"; - entity_id = remote; - to = [ single_click double_click triple_click rotate_left rotate_right ]; - }; - #mode = "queued"; - #max = 5; - mode = "single"; - #max_exceeded = "silent"; - action = [ - { - choose = [ - { - conditions = statecond [ single_click ]; - sequence = [ - { service = "media_player.media_play_pause"; - target.entity_id = player; - } - ]; - } - { - conditions = statecond [ rotate_left rotate_right ]; - sequence = let - vol_up = toString vol_change; - vol_down = toString (-1 * vol_change); - in [ - { - variables.nextvol = ''{% if trigger.to_state.state in ( "${rotate_left}" ) -%} ${vol_down} {% else -%} ${vol_up} {% endif -%}''; - variables.state = ''{% if trigger.to_state.state in ( "${rotate_left}" ) -%} left {% else -%} right {% endif -%}''; - } - { service = "input_text.set_value"; - target.entity_id = last_state_sensor; - data.value = ''{{ state }}''; - } - { - repeat = { - sequence = [ - { service = "media_player.volume_set"; - target.entity_id = player; - data.volume_level = ''{{ state_attr("${player}","volume_level") + (nextvol|float) }}''; - } - { delay.milliseconds = "150"; } - ]; - while = [ - { - condition = "template"; - value_template = ''{{ states("${last_state_sensor}") == state }}''; - } - { - condition = "template"; - value_template = "{{ repeat.index <= ${max_repeat}}}"; - } - ]; - }; - } - ]; - } - ]; - } - ]; - } - ]; -} diff --git a/makefu/2configs/home/ham/media/schlafzimmer_music_remote.nix b/makefu/2configs/home/ham/media/schlafzimmer_music_remote.nix deleted file mode 100644 index 438ce6bda..000000000 --- a/makefu/2configs/home/ham/media/schlafzimmer_music_remote.nix +++ /dev/null @@ -1,158 +0,0 @@ -{ lib, ... }: -let - remote = "sensor.schlafzimmer_music_remote_action"; - hlib = import ../lib; - step = 0.03; - #room = "bedroom"; - room = "living_room"; - #room = "office"; - - player = "media_player.${room}"; - say = hlib.say."${room}"; - - remote_action = state: actions: { - conditions = ''{{ trigger.to_state.attributes.action == '${state}' }}''; - sequence = actions; - }; - album_list = [ -# Wieso Weshalb Warum Junior -"Doris%20R%c3%bcbel,%20JUMBO%20Neue%20Medien%20%26%20Verlag%20GmbH/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Helfen,%20teilen,%20sich%20vertragen" -"Wieso%3f%20Weshalb%3f%20Warum%3f%20junior/Mein%20Kindergarten" -"Wieso%3f%20Weshalb%3f%20Warum%3f%20junior/Unser%20Werkzeug" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Am%20Meer" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Ampel,%20Stra%c3%9fe%20und%20Verkehr" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Autos%20und%20Laster" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Der%20Bagger" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Der%20Bauernhof" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Der%20Flughafen" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Der%20Pinguin" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Der%20Traktor" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Die%20Baustelle" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Die%20Eisenbahn" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Die%20Feuerwehr" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Die%20Jahreszeiten" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Die%20M%c3%bcllabfuhr" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Die%20Polizei" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Die%20Rettungsfahrzeuge" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Die%20Ritterburg" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Heute,%20morgen,%20jetzt%20und%20gleich" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Im%20Streichelzoo" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20In%20den%20Bergen" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Mama,%20Papa,%20Oma,%20Opa" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Mein%20Hund" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Tanken,%20waschen,%20reparieren" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Tiere%20in%20Afrika" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Unsere%20Tierkinder" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Unterwegs%20mit%20Bus%20und%20Bahn" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Was%20ich%20alles%20kann" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Was%20kriecht%20und%20krabbelt%20da%3f" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Was%20machen%20wir%20an%20Weihnachten%3f" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Was%20machen%20wir%20im%20Fr%c3%bchling%3f" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Was%20machen%20wir%20im%20Herbst%3f" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Was%20machen%20wir%20im%20Sommer%3f" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Was%20machen%20wir%20im%20Winter%3f" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Was%20macht%20der%20Fu%c3%9fballer%3f" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Was%20macht%20der%20Polizist" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Was%20macht%20die%20Prinzessin%3f" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Was%20w%c3%a4chst%20da%3f" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Wenn%20es%20dunkel%20wird" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Wer%20arbeitet%20auf%20der%20Baustelle%3f" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Wir%20feiern%20Geburtstag" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Wir%20gehen%20in%20den%20Zoo" -"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Z%c3%a4hne%20putzen,%20Pipi%20machen" - - ]; - albums = lib.concatMapStringsSep ", " (x: ''"A:ALBUMARTIST/${x}"'') - album_list; -in -{ - services.home-assistant.config.automation = - [ - { alias = "Schlafzimmer music action"; - mode = "queued"; - trigger = [ - { - platform = "state"; - entity_id = remote; - attribute = "action"; - not_to = ""; - } - ]; - action = - [ - { choose = [ - (remote_action "on" - ((say "Starte Essensmusik") ++ [ - { service = "media_player.play_media"; - data = { - media_content_id = "https://listen.openstream.co/4457/audio.mp3"; - media_content_type = "music"; - }; - target.entity_id = player; - } - ])) - (remote_action "off" - [ - { - service = "media_player.media_stop"; - target.entity_id = player; - } - ] - ) - - (remote_action "arrow_right_hold" - ((say "Starte Lass") ++ [ - { service = "media_player.play_media"; - data = { - media_content_id = "http://radio.lassul.us:8000/radio.mp3"; - media_content_type = "music"; - }; - target.entity_id = player; - } - ])) - (remote_action "arrow_left_hold" - ((say "Starte Deep House Music") ++ [ - { service = "media_player.play_media"; - data = { - media_content_id = "http://live.dancemusic.ro:7000/stream.mp3"; - media_content_type = "music"; - }; - target.entity_id = player; - } - ])) - - # TODO: choose random kindermusik? - (remote_action "brightness_move_up" - ((say "Starte Liam Album") ++ [ - { - service = "media_player.play_media"; - target.entity_id = player; - data = { - media_content_id = "{{ [${albums}]|random }}"; - media_content_type = "album"; - }; - } - ]) - ) - #(remote_action "brightness_move_down" - #) - (remote_action "arrow_right_click" { - - service = "media_player.volume_set"; - target.entity_id = player; - data.volume_level = ''{{ state_attr("${player}","volume_level") + (${toString step}|float) }}''; - }) - #(remote_action "brightness_move_down" { - (remote_action "arrow_left_click"{ - service = "media_player.volume_set"; - target.entity_id = player; - data.volume_level = ''{{ state_attr("${player}","volume_level") - (${toString step}|float) }}''; - }) - ]; - #default = { }; - } - ]; - } - ]; - -} diff --git a/makefu/2configs/home/ham/media/sonos.nix b/makefu/2configs/home/ham/media/sonos.nix deleted file mode 100644 index c9cf1a510..000000000 --- a/makefu/2configs/home/ham/media/sonos.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ - services.home-assistant.config.sonos.media_player.hosts = [ - "192.168.111.30" - "192.168.111.31" - "192.168.111.32" - ]; -} diff --git a/makefu/2configs/home/ham/mqtt.nix b/makefu/2configs/home/ham/mqtt.nix deleted file mode 100644 index 9c4b4147e..000000000 --- a/makefu/2configs/home/ham/mqtt.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ pkgs, config, ... }: -{ - environment.systemPackages = [ pkgs.mosquitto ]; - # port open via trusted interface - services.mosquitto = { - enable = true; - persistence = false; - settings.max_keepalive = 1060; - listeners = [ - { - port = 1883; - omitPasswordAuth = false; - users.sensor = { - hashedPassword = "$6$2DXU7W1bvqXPqxkF$vtdz5KTd/T09hmoc9LjgEGFjvpwQbQth6vlVcr5hJNLgcBHv4U03YCKC8TKXbmQAa8xiJ76xJIg25kcL+KI3tg=="; - acl = [ "readwrite #" ]; - }; - users.hass = { - hashedPassword = "$6$SHuYGrE5kPSUc/hu$EomZ0KBy+vkxLt/6eJkrSBjYblCCeMjhDfUd2mwqXYJ4XsP8hGmZ59mMlmBCd3AvlFYQxb4DT/j3TYlrqo7cDA=="; - acl = [ "readwrite #" ]; - }; - users.stats = { - hashedPassword = "$6$j4H7KXD/YZgvgNmL$8e9sUKRXowDqJLOVgzCdDrvDE3+4dGgU6AngfAeN/rleGOgaMhee2Mbg2KS5TC1TOW3tYbk9NhjLYtjBgfRkoA=="; - acl = [ "read #" ]; - }; - settings = { - allow_anonymous = false; - }; - } - ]; - }; -} diff --git a/makefu/2configs/home/ham/multi/fliegen-couter.nix b/makefu/2configs/home/ham/multi/fliegen-couter.nix deleted file mode 100644 index 5b8abb2ff..000000000 --- a/makefu/2configs/home/ham/multi/fliegen-couter.nix +++ /dev/null @@ -1,71 +0,0 @@ -# uses: -# sensor.btn1_click -# sensor.btn2_click -let - hlib = import ../lib; - fly_swat = for: btn: method: incr: { - alias = "Increment ${method} for ${for}"; - trigger = { - platform = "state"; - entity_id = "sensor.${btn}_click"; - to = method; - }; - action = builtins.genList (cnt: { - service = "counter.increment"; - data.entity_id = "counter.${for}_fliegen"; - }) incr; - }; -in -{ - services.home-assistant.config = - { - counter = { - felix_fliegen = {}; - misa_fliegen = {}; - }; - automation = [ - (fly_swat "misa" "btn1" "single" 1) - (fly_swat "misa" "btn1" "double" 2) - (fly_swat "misa" "btn1" "triple" 3) - (fly_swat "felix" "btn2" "single" 1) - (fly_swat "felix" "btn2" "double" 2) - (fly_swat "felix" "btn2" "triple" 3) - { - alias = "Send Fly Counter Update"; - trigger = [ - { - platform = "state"; - entity_id = "counter.felix_fliegen"; - } - { - platform = "state"; - entity_id = "counter.misa_fliegen"; - #above = -1; - } - ]; - action = { - service = "mqtt.publish"; - data_template = { # gauge-style - payload = "{{ trigger.to_state.state }}"; - topic = "${hlib.prefix}/flycounter/{{ trigger.to_state.object_id }}"; - }; - }; - } - { - alias = "Reset Fly counters on midnight"; - trigger = { - platform = "time"; - at = "01:00:00"; - }; - action = [ - { service = "counter.reset"; - data.entity_id = "counter.misa_fliegen"; - } - { service = "counter.reset"; - data.entity_id = "counter.felix_fliegen"; - } - ]; - } - ]; - }; -} diff --git a/makefu/2configs/home/ham/multi/flurlicht.nix b/makefu/2configs/home/ham/multi/flurlicht.nix deleted file mode 100644 index 25eb78b7f..000000000 --- a/makefu/2configs/home/ham/multi/flurlicht.nix +++ /dev/null @@ -1,57 +0,0 @@ -# provides: -# light -# automation -# binary_sensor -let - hlib = (import ../lib); - tasmota = hlib.tasmota; -in -{ - binary_sensor = [ - (tasmota.motion { name = "Flur Bewegung"; host = "flurlicht";}) - ]; - light = [ (tasmota.rgb { name = "Flurlicht"; host = "flurlicht";} ) ]; - automation = [ - { alias = "Dunkel bei Sonnenuntergang"; - trigger = { - platform = "sun"; - event = "sunset"; - # offset: "-00:45:00" - }; - action = [ - { - service= "light.turn_on"; - data = { - entity_id= "light.flurlicht"; - # rgb_color = [ 0,0,0 ]; <-- TODO default color - brightness_pct = 15; - }; - } - { - service= "light.turn_off"; - entity_id= "light.flurlicht"; - } - ]; - } - { alias = "Hell bei Sonnenaufgang"; - trigger = { - platform = "sun"; - event = "sunrise"; - # offset: "-00:00:00" - }; - action = [ - { - service= "light.turn_on"; - data = { - entity_id= "light.flurlicht"; - brightness_pct = 85; - }; - } - { - service= "light.turn_off"; - entity_id= "light.flurlicht"; - } - ]; - } - ]; -} diff --git a/makefu/2configs/home/ham/multi/heizung.nix b/makefu/2configs/home/ham/multi/heizung.nix deleted file mode 100644 index 73f90dfe0..000000000 --- a/makefu/2configs/home/ham/multi/heizung.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ - services.home-assistant.config = - { - # 18 Grad - script.alle_heizungen_aus.sequence = [{ - service = "climate.set_temperature"; - target.entity_id = [ "climate.wohnzimmer_heizung" ]; - data.temperature = "18.0"; - }]; - }; -} diff --git a/makefu/2configs/home/ham/multi/kurzzeitwecker.nix b/makefu/2configs/home/ham/multi/kurzzeitwecker.nix deleted file mode 100644 index 1e6fae90c..000000000 --- a/makefu/2configs/home/ham/multi/kurzzeitwecker.nix +++ /dev/null @@ -1,88 +0,0 @@ -# Provides: -# timer -# automation -# script - -# Needs: -# sensor.zigbee_btn1_click -# notify.signal_home -let - button = "sensor.zigbee_btn2_click"; - notify = "notify.signal_home"; - # für {{ _intent.siteId }} - name of the rhasspy instance: arbeitszimmer -in -{ - services.home-assistant.config = { - automation = []; - timer.kurzzeitwecker = { - name = "Wecker Wohnung"; - }; - timer.wecker_arbeitszimmer = { - name = "Wecker Arbeitszimmer"; - }; - timer.wecker_wohnzimmer = { - name = "Wecker Wohnzimmer"; - }; - intent = {}; - intent_script = { - TimerjobStart = { - speech.text = '' - {% set h = hours|default('0')|string %} - {% set m = minutes|default('0')|string %} - {% if h == "0" %} - Wecker gestellt {{ m }} Minuten - {% elif m == "0" %} - Wecker gestellt {{ h }} Stunden - {% else %} - Wecker gestellt {{ h }} Stunden und {{ m }} Minuten - {% endif %} - ''; - action = [ - { - service = "timer.start"; - - data.entity_id = "timer.kurzzeitwecker"; - data.duration = '' - {% set h = hours|default("0")|int %} - {% set m = minutes|default("0")|int %} - {{ "%02d" | format(h) }}:{{ "%02d" | format(m) }}:00 - ''; - - } - ]; - }; - TimerjobRemaining = { - speech.text = '' - {% set timer = states('timer.kurzzeitwecker') %} - {% if timer == 'idle' %} - Wecker läuft nicht - {% elif timer == 'active' %} - {% set remaining = as_timestamp( state_attr('timer.kurzzeitwecker','finishes_at') )-( as_timestamp(now())) %} - {% set s = ((remaining % 60)) | int %} - {% set m = ((remaining % 3600) / 60) | int %} - {% set h = ((remaining % 86400) / 3600) | int %} - {% if h == 0 %} - Es verbleiben {{ m }} Minuten und {{ s }} Sekunden - {% elif m == 0 %} - Es verbleiben {{ h }} Stunden - {% elif m == 0 and h == 0 %} - Es verbleiben {{ s }} Sekunden - {% else %} - Es verbleiben {{ h }} Stunden {{ m }} Minuten - {% endif %} - {% endif %} - ''; - }; - TimerjobStop = { - speech.text = '' - Wecker gestoppt - ''; - action = [ - { service = "timer.cancel"; - data.entity_id = "timer.kurzzeitwecker"; - } - ]; - }; - }; - }; -} diff --git a/makefu/2configs/home/ham/multi/the_playlist.nix b/makefu/2configs/home/ham/multi/the_playlist.nix deleted file mode 100644 index 0d714ea44..000000000 --- a/makefu/2configs/home/ham/multi/the_playlist.nix +++ /dev/null @@ -1,86 +0,0 @@ -# Inputs: -# binary_sensor.playlist_button_good -# binary_sensor.playlist_button_bad - -# outputs -# rest_command -# automation -# sensor -{ - services.home-assistant.config = - { - rest_command = { - good_song = { - url = "http://prism.r:8001/good"; - method = "POST"; - }; - bad_song = { - url = "http://prism.r:8001/skip"; - method = "POST"; - }; - }; - automation = [ - { - alias = "playlist song publish"; - trigger = { - #platform = "event"; - #event_data.entity_id = "sensor.the_playlist_song"; - platform = "state"; - entity_id = "sensor.the_playlist_song"; - }; - action = { - service = "mqtt.publish"; - data = { - topic = "/ham/the_playlist/song"; - payload_template = "{{ states.sensor.the_playlist_song.state }}"; - }; - }; - } - { - alias = "playlist upvote on button"; - trigger = { - platform = "state"; - entity_id = "binary_sensor.playlist_button_good"; - from = "off"; - to = "on"; - }; - action.service = "rest_command.good_song"; - } - { - alias = "playlist downvote on button"; - trigger = { - platform = "state"; - entity_id = "binary_sensor.playlist_button_bad"; - from = "off"; - to = "on"; - }; - action.service = "rest_command.bad_song"; - } - ]; - sensor = [ - { platform = "rest"; - name = "pl"; - resource = "http://prism.r:8001/current"; - scan_interval = 30; - value_template = "1"; - json_attributes = [ "name" "filename" "youtube" ]; - } - { platform = "template"; - sensors = { - the_playlist_song = { - friendly_name = "Current Song"; - value_template = ''{{ states.sensor.pl.attributes['name'] }}''; - }; - the_playlist_url = { - friendly_name = "Song Youtube URL"; - value_template = ''{{ states.sensor.pl.attributes['youtube'] }}''; - }; - the_playlist_filename = { - friendly_name = "Song Filename"; - value_template = ''{{ states.sensor.pl.attributes['filename'] }}''; - }; - }; - } - ]; - }; -} diff --git a/makefu/2configs/home/ham/nginx.nix b/makefu/2configs/home/ham/nginx.nix deleted file mode 100644 index cd99c0739..000000000 --- a/makefu/2configs/home/ham/nginx.nix +++ /dev/null @@ -1,15 +0,0 @@ -let - internal-ip = "192.168.111.11"; -in { - services.nginx.recommendedProxySettings = true; - services.nginx.virtualHosts."hass" = { - serverAliases = [ "hass.lan" "ha" "ha.lan" ]; - locations."/".proxyPass = "http://localhost:8123"; - locations."/".proxyWebsockets = true; - extraConfig = '' - if ( $server_addr != "${internal-ip}" ) { - return 403; - } - ''; - }; -} diff --git a/makefu/2configs/home/ham/person/default.nix b/makefu/2configs/home/ham/person/default.nix deleted file mode 100644 index a72f610e8..000000000 --- a/makefu/2configs/home/ham/person/default.nix +++ /dev/null @@ -1,20 +0,0 @@ -{config, ... }: -{ - services.home-assistant.config.person = [ - { - name = "Felix"; - id = 1; - device_trackers = [ - "device_tracker.felix_phone" - "device_tracker.x" - ]; - } - { - name = "Misa"; - id = 2; - device_trackers = [ - "device_tracker.misa_phone" - ]; - } - ]; -} diff --git a/makefu/2configs/home/ham/sensor/dwd.nix b/makefu/2configs/home/ham/sensor/dwd.nix deleted file mode 100644 index 623f099a3..000000000 --- a/makefu/2configs/home/ham/sensor/dwd.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ - services.home-assistant.config.sensor = - [ - { platform = "dwd_weather_warnings"; - region_name = "Stadt Stuttgart"; - } - { platform = "nina"; - } - ]; -} diff --git a/makefu/2configs/home/ham/sensor/outside.nix b/makefu/2configs/home/ham/sensor/outside.nix deleted file mode 100644 index 061c4e981..000000000 --- a/makefu/2configs/home/ham/sensor/outside.nix +++ /dev/null @@ -1,55 +0,0 @@ -{lib,...}: - -{ - services.home-assistant.config.sensor = - [ - { platform = "darksky"; - api_key = "!secret darksky"; - language = "de"; - monitored_conditions = [ - "summary" "icon" - "nearest_storm_distance" "precip_probability" - "precip_intensity" - "temperature" # "temperature_high" "temperature_low" - "apparent_temperature" - "hourly_summary" # next 24 hours text - "humidity" - "pressure" - "uv_index" - ]; - units = "si" ; - scan_interval = "00:30:00"; - } - { - platform = "open_meteo"; - } - { - platform = "met"; - } - { - platform = "openweathermap"; - api_key = "!secret openweathermap"; - language = "de"; - mode = "hourly"; - } - { - platform = "tomorrowio"; - api_key = "!secret tomorrowio"; - } - { platform = "octoprint"; } - { platform = "accuweather"; - api_key = "!secret accuweather"; - } - { platform = "scrape"; - resource = "https://www.swr.de/wetter/wetter-liste-swr-100.html"; - name = "SWR Prognose"; - select = "p[data-refresh=\"weather-headline\"]"; - } - { platform = "scrape"; - resource = "https://www.swr.de/wetter/wetter-liste-swr-100.html"; - name = "SWR Prognose Langtext"; - select = "p[data-refresh=\"weather-text\"]"; - } - - ]; -} diff --git a/makefu/2configs/home/ham/sensor/pollen.nix b/makefu/2configs/home/ham/sensor/pollen.nix deleted file mode 100644 index d95c199bf..000000000 --- a/makefu/2configs/home/ham/sensor/pollen.nix +++ /dev/null @@ -1,65 +0,0 @@ -{ pkgs, lib, ... }: -with lib; -let - region = "112"; - types = [ - "Erle" - "Beifuss" - "Ambrosia" - "Birke" - "Esche" - "Hasel" - "Graeser" - "Roggen" - ]; - gen_tomorrow_sensor = type: { - name = "dwd_pollenbelastung_${toLower type}_tomorrow"; - value = { - icon_template = "mdi:grass"; - friendly_name = "${type} Morgen"; - value_template = "{{ state_attr('sensor.dwd_pollenbelastung_${toLower type}', 'tomorrow') }}"; - }; - }; - gen_sensor = type: { - name = "dwd_pollenbelastung_${toLower type}"; - value = { - icon_template = "mdi:tree-outline"; - friendly_name = type; - value_template = '' - {% set dwd_state = state_attr('sensor.dwd_pollenbelastung_stuttgart', '${type}')['today'] %} - {% if dwd_state == "3" %}6{% elif dwd_state == "2-3"%}5{% elif dwd_state == "2"%}4{% elif dwd_state == "1-2"%}3{% elif dwd_state == "1"%}2{% elif dwd_state == "0-1"%}1{% else %}0{% endif %} - ''; - attribute_templates.today = '' - {% set dwd_state = state_attr('sensor.dwd_pollenbelastung_stuttgart', '${type}')['today'] %} - {% if dwd_state == "3" %}6{% elif dwd_state == "2-3"%}5{% elif dwd_state == "2"%}4{% elif dwd_state == "1-2"%}3{% elif dwd_state == "1"%}2{% elif dwd_state == "0-1"%}1{% else %}0{% endif %} - ''; - attribute_templates.tomorrow = '' - {% set dwd_state = state_attr('sensor.dwd_pollenbelastung_stuttgart', '${type}')['tomorrow'] %} - {% if dwd_state == "3" %}6{% elif dwd_state == "2-3"%}5{% elif dwd_state == "2"%}4{% elif dwd_state == "1-2"%}3{% elif dwd_state == "1"%}2{% elif dwd_state == "0-1"%}1{% else %}0{% endif %} - ''; - # -1 == unknown - #attribute_templates.dayafter = '' - # {% set dwd_state = state_attr('sensor.dwd_pollenbelastung', '${type}')['dayafter_to'] %} - # {% if dwd_state == "3" %}6{% elif dwd_state == "2-3"%}5{% elif dwd_state == "2"%}4{% elif dwd_state == "1-2"%}3{% elif dwd_state == "1"%}2{% elif dwd_state == "0-1"%}1{% elif dwd_state == "-1"%}-1{% else %}0{% endif %} - #''; - }; - }; -in - { - services.home-assistant.config.sensor = [ - { - platform = "rest"; - scan_interval = 3600; - name = "DWD Pollenbelastung Stuttgart"; - resource = "https://opendata.dwd.de/climate_environment/health/alerts/s31fg.json"; - json_attributes_path = "$..content[?(@.partregion_id==${region})].Pollen"; - json_attributes = types; - value_template = "{{ value_json.last_update }}"; - } - { - platform = "template"; - sensors = (listToAttrs (map gen_sensor types)) // - (listToAttrs (map gen_tomorrow_sensor types)) ; - } - ]; -} diff --git a/makefu/2configs/home/ham/signal-rest/default.nix b/makefu/2configs/home/ham/signal-rest/default.nix deleted file mode 100644 index 4eac41ba8..000000000 --- a/makefu/2configs/home/ham/signal-rest/default.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ - imports = [ - ./service.nix - ./hass.nix - ]; -} diff --git a/makefu/2configs/home/ham/signal-rest/hass.nix b/makefu/2configs/home/ham/signal-rest/hass.nix deleted file mode 100644 index 284be3320..000000000 --- a/makefu/2configs/home/ham/signal-rest/hass.nix +++ /dev/null @@ -1,20 +0,0 @@ -let - inherit (import ) number home felix; -in { - services.home-assistant.config.notify = [ - { - name = "signal_home"; - platform = "signal_messenger"; - url = "http://127.0.0.1:8631"; - inherit number ; - recipients = [ home ]; - } - { - name = "signal_felix"; - platform = "signal_messenger"; - url = "http://127.0.0.1:8631"; - inherit number; - recipients = [ felix ]; - } - ]; -} diff --git a/makefu/2configs/home/ham/signal-rest/pkg.nix b/makefu/2configs/home/ham/signal-rest/pkg.nix deleted file mode 100644 index 165d642af..000000000 --- a/makefu/2configs/home/ham/signal-rest/pkg.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ lib -, buildPythonPackage -, fetchPypi -}: - -buildPythonPackage rec { - pname = "pysignalclirestapi"; - version = "0.3.14"; - - # disabled = ; # requires python version >=2.7 - - src = fetchPypi { - inherit pname version; - sha256 = "6f3626b594a53c4161dfc67ea7a3b23d62c8fe8cb404a909496118aeefa79cd0"; - }; - - doCheck = false; - - meta = with lib; { - description = "Small python library for the Signal Cli REST API"; - homepage = https://github.com/bbernhard/pysignalclirestapi; - #license = licenses.; - # maintainers = [ maintainers. ]; - }; -} diff --git a/makefu/2configs/home/ham/signal-rest/service.nix b/makefu/2configs/home/ham/signal-rest/service.nix deleted file mode 100644 index 1f718efa5..000000000 --- a/makefu/2configs/home/ham/signal-rest/service.nix +++ /dev/null @@ -1,20 +0,0 @@ - -let - port = 8631; - image = "bbernhard/signal-cli-rest-api:latest"; - config = "/var/lib/signal-cli-config"; -in { - systemd.tmpfiles.rules = [ - "d ${config} docker docker - -" - ]; - state = [ config ]; - virtualisation.oci-containers.containers.signal-rest = { - image = image; - ports = [ "127.0.0.1:${toString port}:8080" ]; - volumes = [ - "${config}:/home/.local/share/signal-cli" - ]; - environment.MODE ="json-rpc"; - #environment.MODE ="native"; # only required for reigstration - }; -} diff --git a/makefu/2configs/home/ham/tts/google.nix b/makefu/2configs/home/ham/tts/google.nix deleted file mode 100644 index d2f7a55cc..000000000 --- a/makefu/2configs/home/ham/tts/google.nix +++ /dev/null @@ -1,18 +0,0 @@ - -let -in { - services.home-assistant.config.tts = [ - { platform = "google_translate"; - language = "de"; - time_memory = 57600; - service_name = "google_say"; - } - #{ platform = "google_cloud"; - # key_file = toString ; - # service_name = "cloud_say"; - # language = "de-DE"; - # voice = "de-DE-Wavenet-B"; - # profiles = [ "medium-bluetooth-speaker-class-device" ]; - #} - ]; -} diff --git a/makefu/2configs/home/ham/zigbee2mqtt.nix b/makefu/2configs/home/ham/zigbee2mqtt.nix deleted file mode 100644 index efcbb0d00..000000000 --- a/makefu/2configs/home/ham/zigbee2mqtt.nix +++ /dev/null @@ -1,43 +0,0 @@ -# provides: -# switch -# automation -# binary_sensor -# sensor -# input_select -# timer -let - inherit (import ./lib) zigbee; - prefix = zigbee.prefix; -in -{ - services.home-assistant.config = { - sensor = - - [ - # Sensor for monitoring the bridge state - { - platform = "mqtt"; - name = "Zigbee2mqtt Bridge state"; - state_topic = "${prefix}/bridge/state"; - icon = "mdi:router-wireless"; - } - # Sensor for Showing the Zigbee2mqtt Version - { - platform = "mqtt"; - name = "Zigbee2mqtt Version"; - state_topic = "${prefix}/bridge/config"; - value_template = "{{ value_json.version }}"; - icon = "mdi:zigbee"; - } - # Sensor for Showing the Coordinator Version - { - platform = "mqtt"; - name = "Coordinator Version"; - state_topic = "${prefix}/bridge/config"; - value_template = "{{ value_json.coordinator }}"; - icon = "mdi:chip"; - } - ]; - - }; -} diff --git a/makefu/2configs/home/jellyfin.nix b/makefu/2configs/home/jellyfin.nix deleted file mode 100644 index e613a05fc..000000000 --- a/makefu/2configs/home/jellyfin.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ lib, config, ... }: -let - port = 8096; -in -{ - services.jellyfin.enable = true; - # services.jellyfin.openFirewall = true; - networking.firewall.interfaces.wiregrill = { - allowedTCPPorts = [ 80 port 8920 ]; - allowedUDPPorts = [ 1900 7359 ]; - }; - state = [ "/var/lib/jellyfin" ]; - users.users.${config.services.jellyfin.user}.extraGroups = [ "download" "video" "render" ]; - - systemd.services.jellyfin = { - after = [ "media-cloud.mount" ]; - serviceConfig = rec { - RequiresMountFor = [ "/media/cloud" ]; - SupplementaryGroups = lib.mkForce [ "video" "render" "download" ]; - UMask = lib.mkForce "0077"; - }; - }; - services.nginx.virtualHosts."jelly" = { - serverAliases = [ - "jelly.lan" "movies.lan" - "jelly.makefu.w" "makefu.omo.w" - ]; - - locations."/" = { - proxyPass = "http://localhost:${toString port}"; - proxyWebsockets = true; - }; - }; -} diff --git a/makefu/2configs/home/metube.nix b/makefu/2configs/home/metube.nix deleted file mode 100644 index e6008d475..000000000 --- a/makefu/2configs/home/metube.nix +++ /dev/null @@ -1,38 +0,0 @@ -{ pkgs, lib, ...}: -# docker run -d -p 8081:8081 -v /path/to/downloads:/downloads --user 1001:1001 alexta69/metube -with import ; -let - port = "2348"; - dl-dir = "/media/cryptX/youtube/music"; - uid = 20421; - internal-ip = "192.168.111.11"; -in - { - systemd.tmpfiles.rules = [ - "d ${dl-dir} metube nogroup - -" - ]; - virtualisation.oci-containers.backend = "docker"; - - services.nginx.virtualHosts."tube" = { - serverAliases = [ "tube.lan" ]; - locations."/".proxyPass = "http://localhost:${port}"; - }; - - virtualisation.oci-containers.containers.metube = { - image = "alexta69/metube:latest"; - ports = [ "${port}:8081" ]; - volumes = [ - "${dl-dir}:/downloads" - ]; - user = "metube"; - }; - users.users.metube = { - uid = uid; - isSystemUser = true; - }; - - systemd.services.docker-metube.serviceConfig = { - StandardOutput = lib.mkForce "journal"; - StandardError = lib.mkForce "journal"; - }; -} diff --git a/makefu/2configs/home/music.nix b/makefu/2configs/home/music.nix deleted file mode 100644 index b32af6207..000000000 --- a/makefu/2configs/home/music.nix +++ /dev/null @@ -1,37 +0,0 @@ -{ config, ... }: -let - internal-ip = "192.168.111.11"; - port = 4533; -in -{ - services.navidrome.enable = true; - services.navidrome.settings = { - MusicFolder = "/media/cryptX/music/kinder"; - Address = "0.0.0.0"; - }; - systemd.services.navidrome.serviceConfig.RequiresMountFor = [ "/media/cryptX" ]; - - state = [ "/var/lib/navidrome" ]; - # networking.firewall.allowedTCPPorts = [ 4040 ]; - # state = [ config.services.airsonic.home ]; - services.nginx.virtualHosts."navidrome" = { - serverAliases = [ - "navidrome.lan" - "music" "music.lan" - "musik" "musik.lan" - "music.omo.r" - "music.makefu.r" "music.makefu" - ]; - - locations."/".proxyPass = "http://localhost:${toString port}"; - locations."/".proxyWebsockets = true; - }; - networking.firewall.allowedTCPPorts = [ port ]; - # also configure dlna - services.minidlna.enable = true; - services.minidlna.settings = { - inotify = "yes"; - friendly_name = "omo"; - media_dir = [ "A,/media/cryptX/music" ]; - }; -} diff --git a/makefu/2configs/home/photoprism.nix b/makefu/2configs/home/photoprism.nix deleted file mode 100644 index 2f8a86430..000000000 --- a/makefu/2configs/home/photoprism.nix +++ /dev/null @@ -1,150 +0,0 @@ -{ pkgs, lib, ...}: -# Start | docker-compose up -d -# Stop | docker-compose stop -# Update | docker-compose pull -# Logs | docker-compose logs --tail=25 -f -# Terminal | docker-compose exec photoprism bash -# Help | docker-compose exec photoprism photoprism help -# Config | docker-compose exec photoprism photoprism config -# Reset | docker-compose exec photoprism photoprism reset -# Backup | docker-compose exec photoprism photoprism backup -a -i -# Restore | docker-compose exec photoprism photoprism restore -a -i -# Index | docker-compose exec photoprism photoprism index -# Reindex | docker-compose exec photoprism photoprism index -a -# Import | docker-compose exec photoprism photoprism import -# ------------------------------------------------------------------- -let - port = "2347"; - photodir = "/media/cryptX/photos"; - statedir = "/media/cryptX/lib/photoprism/appsrv"; - db-dir = "/media/cryptX/lib/photoprism/mysql"; - internal-ip = "192.168.111.11"; - sec = import ; -in -{ - virtualisation.oci-containers.backend = "docker"; - - services.nginx.virtualHosts."photos" = { - serverAliases = [ - "photos.lan" - "foto" "foto.lan" - "fotos" "fotos.lan" - ]; - - locations."/".proxyPass = "http://localhost:${port}"; - locations."/".proxyWebsockets = true; - extraConfig = '' - if ( $server_addr != "${internal-ip}" ) { - return 403; - } - ''; - }; - - systemd.services.workadventure-network = { - enable = true; - wantedBy = [ "multi-user.target" ]; - script = '' - ${pkgs.docker}/bin/docker network create --driver bridge photoprism ||: - ''; - after = [ "docker.service" ]; - before = [ - "docker-photoprism.service" - "docker-mysql-photoprism.service" - ]; - }; - - - virtualisation.oci-containers.containers.photoprism = { - image = "photoprism/photoprism:preview"; - ports = ["${port}:${port}" ]; - volumes = [ - "${photodir}:/photoprism/originals" - "${statedir}:/photoprism/storage" - ]; - extraOptions = [ - "--security-opt" "seccomp=unconfined" - "--security-opt" "apparmor=unconfined" - "--network=photoprism" - ]; - environment = { - PHOTOPRISM_HTTP_PORT = port; # Built-in Web server port - PHOTOPRISM_HTTP_COMPRESSION = "gzip"; # Improves transfer speed and bandwidth utilization (none or gzip) - PHOTOPRISM_DEBUG = "false"; # Run in debug mode (shows additional log messages) - # PHOTOPRISM_PUBLIC = "true"; # No authentication required (disables password protection) - PHOTOPRISM_READONLY = "false"; # Don't modify originals directory (reduced functionality) - PHOTOPRISM_EXPERIMENTAL = "true"; # Enables experimental features - # PHOTOPRISM_DISABLE_WEBDAV = "false"; # Disables built-in WebDAV server - PHOTOPRISM_DISABLE_SETTINGS = "false"; # Disables Settings in Web UI - PHOTOPRISM_DISABLE_TENSORFLOW = "false"; # Disables using TensorFlow for image classification - PHOTOPRISM_DARKTABLE_PRESETS = "false"; # Enables Darktable presets and disables concurrent RAW conversion - PHOTOPRISM_DETECT_NSFW = "false"; # Flag photos as private that MAY be offensive (requires TensorFlow) - PHOTOPRISM_UPLOAD_NSFW = "true"; # Allow uploads that MAY be offensive - PHOTOPRISM_AUTH_MODE = "password"; - PHOTOPRISM_ADMIN_USER = "admin"; - PHOTOPRISM_ADMIN_PASSWORD = "admin"; - - #PHOTOPRISM_DATABASE_DRIVER = "postgres"; - #PHOTOPRISM_DATABASE_SERVER = "postgres-prism:5432"; - #PHOTOPRISM_DATABASE_NAME = "photoprism"; - #PHOTOPRISM_DATABASE_USER = "photoprism"; - #PHOTOPRISM_DATABASE_PASSWORD = "photoprism"; - - PHOTOPRISM_DATABASE_DRIVER= "mysql"; # Use MariaDB (or MySQL) instead of SQLite for improved performance - PHOTOPRISM_DATABASE_SERVER= "mysql-photoprism:3306" ; # MariaDB database server (hostname:port) - PHOTOPRISM_DATABASE_NAME= "photoprism"; # MariaDB database schema name - PHOTOPRISM_DATABASE_USER= sec.db.username; # MariaDB database user name - PHOTOPRISM_DATABASE_PASSWORD= sec.db.password; # MariaDB database user password - - PHOTOPRISM_SITE_URL = "http://localhost:2342/"; # Public PhotoPrism URL - PHOTOPRISM_SITE_TITLE = "PhotoPrism"; - PHOTOPRISM_SITE_CAPTION = "FeMi Fotos"; - PHOTOPRISM_SITE_DESCRIPTION = "Unsere Fotos"; - PHOTOPRISM_SITE_AUTHOR = "FeMi"; - PHOTOPRISM_SPONSOR = "true"; - - }; - }; - - virtualisation.oci-containers.containers.mysql-photoprism = { - image = "mariadb:10.5"; - extraOptions = [ - "--security-opt" "seccomp=unconfined" - "--security-opt" "apparmor=unconfined" - "--network=photoprism" - ]; - ports = [ "3306:3306" ]; # no need to expose the database - #cmd = [ "mysqld" - # "--transaction-isolation=READ-COMMITTED" - # "--character-set-server=utf8mb4" - # "--collation-server=utf8mb4_unicode_ci" - # "--max-connections=512" - # "--innodb-rollback-on-timeout=OFF" - # "--innodb-lock-wait-timeout=50" - #]; - volumes= [ "${db-dir}:/var/lib/mysql" ]; - environment = { - MYSQL_ROOT_PASSWORD = "dickidibutt"; - MYSQL_DATABASE= "photoprism"; - MYSQL_USER = sec.db.username; - MYSQL_PASSWORD = sec.db.password; - }; - }; - #virtualisation.oci-containers.containers.postgres-prism = { - # image = "postgres:12-alpine"; - # ports = [ "5432" ]; # no need to expose the database - # environment = { - # POSTGRES_DB = "photoprism"; - # POSTGRES_USER = "photoprism"; - # POSTGRES_PASSWORD = "photoprism"; - # }; - #}; - - systemd.services.docker-photoprism.serviceConfig = { - StandardOutput = lib.mkForce "journal"; - StandardError = lib.mkForce "journal"; - }; - systemd.services.docker-mysql-photoprism.serviceConfig = { - StandardOutput = lib.mkForce "journal"; - StandardError = lib.mkForce "journal"; - }; -} diff --git a/makefu/2configs/home/ps4srv.nix b/makefu/2configs/home/ps4srv.nix deleted file mode 100644 index cb1864fae..000000000 --- a/makefu/2configs/home/ps4srv.nix +++ /dev/null @@ -1,17 +0,0 @@ -let - internal-ip = "192.168.111.11"; -in -{ - services.nginx.virtualHosts."ps4srv" = { - serverAliases = [ - "ps4srv.lan" - ]; - - locations."/".root = "/media/cryptX/emu/ps4"; - extraConfig = '' - if ( $server_addr != "${internal-ip}" ) { - return 403; - } - ''; - }; -} diff --git a/makefu/2configs/home/rhasspy/default.nix b/makefu/2configs/home/rhasspy/default.nix deleted file mode 100644 index e3a0bcd28..000000000 --- a/makefu/2configs/home/rhasspy/default.nix +++ /dev/null @@ -1,40 +0,0 @@ -{ lib,config, ... }: -# uses alsa instead of pulseaduio server -let - profiles = "/var/lib/rhasspy"; -in -{ - systemd.services.docker-rhasspy.after = [ "network-online.target" ]; - - virtualisation.oci-containers.containers.rhasspy = { - image = "rhasspy/rhasspy:latest"; - - environment = { - TZ = "Europe/Berlin"; - PULSE_SERVER = "tcp:${ config.krebs.build.host.name }:4713"; - }; - - ports = [ - "12101:12101" - ]; - - volumes = [ - "/etc/localtime:/etc/localtime:ro" - "${profiles}:/profiles" - ]; - - cmd = [ "--user-profiles" "/profiles" "--profile" "de" ]; - extraOptions = [ - "--device=/dev/snd:/dev/snd" - "--group-add=audio" - ]; - }; - systemd.tmpfiles.rules = [ - "d ${profiles} 0770 root root - -" - ]; - - # required to allow rhasspy to connect to pulse server - # hardware.pulseaudio.enable = lib.mkForce false; - networking.firewall.allowedTCPPorts = [ 4713 ]; - -} diff --git a/makefu/2configs/home/rhasspy/led-control.nix b/makefu/2configs/home/rhasspy/led-control.nix deleted file mode 100644 index b4efe028a..000000000 --- a/makefu/2configs/home/rhasspy/led-control.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ pkgs, ... }: -let - cfg = pkgs.writeText "hcl-config.json" (builtins.toJSON { - engine = "rhasspy"; - pathToConfig = "/var/lib/rhasspy/de/profile.json"; - hardware = "respeaker4MicArray"; - pattern = "fake-name"; - enableDoA = false; - }); -in { - systemd.services.HermesLedControl = { - description = "Led Server for ReSpeaker 4-array"; - after = [ "network-online.target" "docker-rhasspy.service" ] ; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - # User = "nobody"; # need a user with permissions to run nix-shell - ExecStart = "${pkgs.HermesLedControl}/bin/HermesLedControl --hermesLedControlConfig=${toString cfg}"; - Restart = "always"; - RestartSec = 10; - PrivateTmp = true; - }; - }; -} diff --git a/makefu/2configs/home/tonie.nix b/makefu/2configs/home/tonie.nix deleted file mode 100644 index bc3633a88..000000000 --- a/makefu/2configs/home/tonie.nix +++ /dev/null @@ -1,68 +0,0 @@ -{ config, pkgs, lib, ... }: -let - backend_port = 30005; - #host = config.networking.hostName; - ident = 998; - user = "${toString ident}:${toString ident}"; - backend_host = "tonie.lan"; - #backend_host = "tonie.omo.r"; - frontend_port = 30006; - homedir = "/var/lib/tonies"; - albumdir = "${homedir}/albumart/"; - vueconfig = pkgs.writeText "vueconfig" '' - module.exports = { - devServer: { - disableHostCheck: true - }, - } - ''; - audiobookdir = "/media/cryptX/music/kinder_hoerspiele"; - # TONIE_AUDIO_MATCH_USER = username; - # TONIE_AUDIO_MATCH_PASS = password; - tonie-env = toString ; -in - { - systemd.tmpfiles.rules = [ - "d ${albumdir} 1750 toniebox toniebox -" - ]; - networking.firewall.allowedTCPPorts = [ frontend_port backend_port ]; - virtualisation.oci-containers.containers.toniebox-front = { - image = "makefoo/toniebox-audio-match_front:1.0.1"; - inherit user; - environment = { - VUE_APP_BACKEND_IS_LOCAL = "true"; - }; - ports = [ "${toString frontend_port}:8080" ]; - volumes = [ - "${albumdir}:/frontend/public/assets/covers" - "${vueconfig}:/frontend/vue.config.js" - ]; - }; - - users.users.toniebox = { - isSystemUser = true; - uid = ident; - home = homedir; - createHome = true; - group = "toniebox"; - }; - users.groups.toniebox.gid = ident; - - virtualisation.oci-containers.containers.toniebox-back = { - image = "makefoo/toniebox-audio-match_back:1.0.0"; - inherit user; - environmentFiles = [ tonie-env ]; - ports = [ "${toString backend_port}:5000" ]; - volumes = [ - "${albumdir}:/backend/assets/covers" - "${audiobookdir}:/backend/assets/audiobooks" - ]; - }; - services.nginx.virtualHosts."tonie" = { - serverAliases = [ "tonie.lan" "tonie.omo.r" backend_host ]; - locations."/".proxyPass = "http://localhost:${toString frontend_port}"; - locations."/upload".proxyPass = "http://localhost:${toString backend_port}"; - locations."/creativetonies".proxyPass = "http://localhost:${toString backend_port}"; - locations."/audiobooks".proxyPass = "http://localhost:${toString backend_port}"; - }; -} diff --git a/makefu/2configs/home/zigbee2mqtt/default.nix b/makefu/2configs/home/zigbee2mqtt/default.nix deleted file mode 100644 index 8bb8a929b..000000000 --- a/makefu/2configs/home/zigbee2mqtt/default.nix +++ /dev/null @@ -1,94 +0,0 @@ -{config, pkgs, lib, ...}: - -let - dataDir = "/var/lib/zigbee2mqtt"; - sec = import ; - internal-ip = "192.168.111.11"; - webport = 8521; -in - { - # symlink the zigbee controller - #services.udev.extraRules = '' - # SUBSYSTEM=="tty", ATTRS{idVendor}=="0451", ATTRS{idProduct}=="16a8", SYMLINK+="cc2531", MODE="0660", GROUP="dialout" - #''; - - # /dev/serial/by-id/usb-Silicon_Labs_slae.sh_cc2652rb_stick_-_slaesh_s_iot_stuff_00_12_4B_00_21_CC_45_BD-if00-port0 - services.udev.extraRules = '' - SUBSYSTEM=="tty", ATTRS{idVendor}=="10c4", ATTRS{idProduct}=="ea60", SYMLINK+="cc2531", MODE="0660", GROUP="dialout" - ''; - - services.zigbee2mqtt = { - enable = true; - inherit dataDir; - settings = { - permit_join = true; - serial.port = "/dev/cc2531"; - homeassistant = true; - mqtt = { - server = "mqtt://omo.lan:1883"; - base_topic = "/ham/zigbee"; - user = sec.mqtt.username; - password = sec.mqtt.password; - include_device_information = true; - client_id = "zigbee2mqtt"; - }; - availability = { - active.timeout = 10; - passive.timeout = 1500; - }; - frontend = { - port = webport; - }; - advanced = { - log_level = "debug"; - log_output = [ "console" ]; - last_seen = "ISO_8601"; - elapsed = true; - pan_id = 6755; - inherit (sec.zigbee) network_key; - }; - map_options.graphviz.colors = { - fill = { - enddevice = "#fff8ce" ; - coordinator = "#e04e5d"; - router = "#4ea3e0"; - }; - font = { - coordinator= "#ffffff"; - router = "#ffffff"; - enddevice = "#000000"; - }; - line = { - active = "#009900"; - inactive = "#994444"; - }; - }; - }; - }; - - services.nginx.recommendedProxySettings = true; - services.nginx.virtualHosts."zigbee" = { - serverAliases = [ "zigbee.lan" ]; - locations."/".proxyPass = "http://localhost:${toString webport}"; - locations."/api".proxyPass = "http://localhost:${toString webport}"; - locations."/api".proxyWebsockets = true; - extraConfig = '' - if ( $server_addr != "${internal-ip}" ) { - return 403; - } - ''; - }; - - state = [ "${dataDir}/devices.yaml" "${dataDir}/state.json" ]; - - systemd.services.zigbee2mqtt = { - # override automatic configuration.yaml deployment - environment.ZIGBEE2MQTT_DATA = dataDir; - #serviceConfig.ExecStartPre = lib.mkForce "${pkgs.coreutils}/bin/true"; - after = [ - "home-assistant.service" - "mosquitto.service" - "network-online.target" - ]; - }; -} diff --git a/makefu/2configs/home/zigbee2mqtt/osram.nix b/makefu/2configs/home/zigbee2mqtt/osram.nix deleted file mode 100644 index d1bf2b296..000000000 --- a/makefu/2configs/home/zigbee2mqtt/osram.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ - - -availability_topic: /ham/zigbee/bridge/state -command_topic: /ham/zigbee/flur_arbeitszimmer_osram2/set - - - platform: "mqtt" - state_topic: "zigbee2mqtt/" - availability_topic: "zigbee2mqtt/bridge/state" - payload_on: true - payload_off: false - value_template: "{{ value_json.battery_low}}" - device_class: "battery" -} diff --git a/makefu/2configs/hw/CAC.nix b/makefu/2configs/hw/CAC.nix deleted file mode 100644 index 9ed18344a..000000000 --- a/makefu/2configs/hw/CAC.nix +++ /dev/null @@ -1,13 +0,0 @@ -_: -{ - boot.initrd.availableKernelModules = [ - "ata_piix" - "vmw_pvscsi" - ]; - boot.loader.grub.splashImage = null; - nix = { - daemonIONiceLevel = 1; - daemonNiceLevel = 1; - }; - sound.enable = false; -} diff --git a/makefu/2configs/hw/bcm4352.nix b/makefu/2configs/hw/bcm4352.nix deleted file mode 100644 index 5dc8a1449..000000000 --- a/makefu/2configs/hw/bcm4352.nix +++ /dev/null @@ -1,7 +0,0 @@ -{config, ...}: -{ - networking.enableB43Firmware = true; - boot.kernelModules = [ "wl" ]; - boot.extraModulePackages = [ config.boot.kernelPackages.broadcom_sta ]; -} - diff --git a/makefu/2configs/hw/bluetooth.nix b/makefu/2configs/hw/bluetooth.nix deleted file mode 100644 index 9eda6069b..000000000 --- a/makefu/2configs/hw/bluetooth.nix +++ /dev/null @@ -1,38 +0,0 @@ -{ pkgs, ... }: -{ # bluetooth+pulse config -# for blueman-applet - users.users.makefu.packages = [ pkgs.blueman ]; - #hardware.pulseaudio = { - # enable = true; - # package = pkgs.pulseaudioFull; -# #systemWide = true; - # support32Bit = true; - # configFile = pkgs.writeText "default.pa" '' - # load-module module-udev-detect - # load-module module-bluetooth-policy - # load-module module-bluetooth-discover - # load-module module-native-protocol-unix - # load-module module-always-sink - # load-module module-console-kit - # load-module module-systemd-login - # load-module module-intended-roles - # load-module module-position-event-sounds - # load-module module-filter-heuristics - # load-module module-filter-apply - # load-module module-switch-on-connect - # load-module module-switch-on-port-available - # ''; - #}; - services.blueman.enable = true; -# presumably a2dp Sink -# Enable profile: -## pacmd set-card-profile "$(pactl list cards short | egrep -o bluez_card[[:alnum:]._]+)" a2dp_sink - -# connect via https://nixos.wiki/wiki/Bluetooth#Using_Bluetooth_headsets_with_PulseAudio - hardware.bluetooth = { - enable = true; - powerOnBoot = false; - settings.general.Enable = "Source,Sink,Media,Socket"; - }; - services.dbus.packages = [ pkgs.blueman ]; -} diff --git a/makefu/2configs/hw/cc2531.nix b/makefu/2configs/hw/cc2531.nix deleted file mode 100644 index 3bc2c6834..000000000 --- a/makefu/2configs/hw/cc2531.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - - users.users.${config.krebs.build.user.name}.extraGroups = [ "dialout" ]; - - services.udev.extraRules = '' - SUBSYSTEM=="tty", ATTRS{idVendor}=="0451", ATTRS{idProduct}=="16a8", SYMLINK+="cc2531", MODE="0660", GROUP="dailout" - ''; -} diff --git a/makefu/2configs/hw/cdrip.nix b/makefu/2configs/hw/cdrip.nix deleted file mode 100644 index 1c0bf9c17..000000000 --- a/makefu/2configs/hw/cdrip.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ pkgs, ... }: -{ - users.users.makefu = { - extraGroups = [ "cdrom" ]; - packages = [ pkgs.glyr pkgs.abcde ]; - }; -} diff --git a/makefu/2configs/hw/droidcam.nix b/makefu/2configs/hw/droidcam.nix deleted file mode 100644 index adc0aa379..000000000 --- a/makefu/2configs/hw/droidcam.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ pkgs, config, ... }: -{ - boot.extraModprobeConfig = "options v4l2loopback_dc width=640 height=480"; - boot.extraModulePackages = [ - (pkgs.callPackage ../../5pkgs/v4l2loopback-dc { kernel = config.boot.kernelPackages.kernel; }) - ]; - boot.initrd.availableKernelModules = [ "v4l2loopback-dc" ]; - users.users.makefu.packages = [ pkgs.droidcam ]; -} diff --git a/makefu/2configs/hw/fingerprint-reader.nix b/makefu/2configs/hw/fingerprint-reader.nix deleted file mode 100644 index 1f2f00b03..000000000 --- a/makefu/2configs/hw/fingerprint-reader.nix +++ /dev/null @@ -1,6 +0,0 @@ -_: { - # add fingerprint with fprintd-enroll - services.fprintd.enable = true; - security.pam.services.login.fprintAuth = true; - security.pam.services.xscreensaver.fprintAuth = true; -} diff --git a/makefu/2configs/hw/irtoy.nix b/makefu/2configs/hw/irtoy.nix deleted file mode 100644 index 688f1b2b9..000000000 --- a/makefu/2configs/hw/irtoy.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - - users.users.makefu.packages = with pkgs; [ - lirc - ]; - - users.extraUsers.${config.krebs.build.user.name}.extraGroups = [ "dialout" ]; - - services.udev.extraRules = '' - SUBSYSTEMS=="usb", ATTRS{idProduct}=="fd08", ATTRS{idVendor}=="04d8", SYMLINK+="irtoy", MODE="0666", GROUP="dialout" - ''; -} - diff --git a/makefu/2configs/hw/lte.sh b/makefu/2configs/hw/lte.sh deleted file mode 100755 index a8ae31586..000000000 --- a/makefu/2configs/hw/lte.sh +++ /dev/null @@ -1,26 +0,0 @@ -#/bin/sh - -if [[ "$EUID" -ne 0 ]]; then - echo "This script must be run as root, elevating!" - exec sudo $0 $1 - exit 0 -fi - -if [[ "$1" = "down" ]]; then - echo "taking wwan0 down!" - ip link set wwan0 down - rmmod xmm7360 - exit -fi - -if [[ "$1" = "up" ]]; then - echo "running modprobe" - modprobe xmm7360 - echo "bringing wwan0 up!" - until open_xdatachannel -a web.vodafone.de;do - modprobe -r xmm7360 - modprobe xmm7360 - done - ip link set wwan0 up - echo "nameserver 1.1.1.1" | tee -a /etc/resolv.conf -fi diff --git a/makefu/2configs/hw/malduino_elite.nix b/makefu/2configs/hw/malduino_elite.nix deleted file mode 100644 index 1af85493f..000000000 --- a/makefu/2configs/hw/malduino_elite.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - - services.udev.extraRules = '' - ACTION!="add|change", GOTO="mm_usb_device_blacklist_local_end" - SUBSYSTEM!="usb", GOTO="mm_usb_device_blacklist_local_end" - ENV{DEVTYPE}!="usb_device", GOTO="mm_usb_device_blacklist_local_end" - - ATTRS{idVendor}=="1b4f" ATTRS{idProduct}=="9204", ENV{ID_MM_DEVICE_IGNORE}="1" - ATTRS{idVendor}=="1b4f" ATTRS{idProduct}=="9203", ENV{ID_MM_DEVICE_IGNORE}="1" - - LABEL="mm_usb_device_blacklist_local_end" - ''; -} diff --git a/makefu/2configs/hw/mceusb.nix b/makefu/2configs/hw/mceusb.nix deleted file mode 100644 index 069e6e7eb..000000000 --- a/makefu/2configs/hw/mceusb.nix +++ /dev/null @@ -1,17 +0,0 @@ -{pkgs, lib, ...}:{ - # Disable the MCE remote from acting like a keyboard. (We use lirc instead.) - services.xserver.inputClassSections = ['' - Identifier "MCE USB Keyboard mimic blacklist" - Driver "mceusb" - MatchProduct "Media Center Ed. eHome Infrared Remote Transceiver (1934:5168)" - Option "Ignore" "on" - '']; - boot.kernelPatches = lib.singleton { - name = "enable-lirc"; - patch = null; - extraConfig = '' - LIRC y - ''; - }; - -} diff --git a/makefu/2configs/hw/network-manager.nix b/makefu/2configs/hw/network-manager.nix deleted file mode 100644 index 5a1018df0..000000000 --- a/makefu/2configs/hw/network-manager.nix +++ /dev/null @@ -1,47 +0,0 @@ -{ pkgs, lib, ... }: -{ - users.users.makefu = { - extraGroups = [ "networkmanager" ]; - packages = with pkgs;[ - networkmanagerapplet - gnome3.gnome-keyring dconf - ]; - }; - networking.wireless.enable = lib.mkForce false; - - systemd.services.modemmanager = { - description = "ModemManager"; - bindsTo = [ "NetworkManager.service" ]; - wantedBy = [ "NetworkManager.service" "multi-user.target" ]; - serviceConfig = { - ExecStart = "${pkgs.modemmanager}/bin/ModemManager"; - PrivateTmp = true; - Restart = "always"; - RestartSec = "5"; - }; - }; - -# nixOSUnstable - networking.networkmanager.enable = true; - networking.networkmanager.wifi = { - powersave = true; - scanRandMacAddress = true; - backend = "iwd"; - }; - services.gnome.gnome-keyring.enable = true; - networking.wireless.iwd.enable = true; - - state = [ - "/etc/NetworkManager/system-connections" #NM stateful config files - ]; - networking.networkmanager.dispatcherScripts = [ - { source = "${pkgs.prison-break}/bin/prison-break"; } - ]; - - # TODO: not sure if this actually works - systemd.services.NetworkManager-dispatcher.environment = { - DISPLAY= ":0"; - DBUS_SESSION_BUS_ADDRESS = "unix:path=/run/user/9001/bus"; - }; - -} diff --git a/makefu/2configs/hw/nswitch.nix b/makefu/2configs/hw/nswitch.nix deleted file mode 100644 index 56e122cbf..000000000 --- a/makefu/2configs/hw/nswitch.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - - users.extraUsers.${config.krebs.build.user.name}.extraGroups = [ "dialout" ]; - - # 1: USB - # 2: RCM - services.udev.extraRules = '' - SUBSYSTEM=="usb", ATTRS{idVendor}=="057e", ATTRS{idProduct}=="3000", MODE="0660" ,GROUP="dialout" - SUBSYSTEM=="usb", ATTRS{idVendor}=="0955", ATTRS{idProduct}=="7321", MODE="0660", GROUP="dialout" - ''; -} - diff --git a/makefu/2configs/hw/pseyecam.nix b/makefu/2configs/hw/pseyecam.nix deleted file mode 100644 index 029ee7c9c..000000000 --- a/makefu/2configs/hw/pseyecam.nix +++ /dev/null @@ -1,6 +0,0 @@ -# https://bugzilla.kernel.org/show_bug.cgi?id=198129 -{ - boot.extraModprobeConfig = '' - options snd_usb_audio ignore_ctl_error=1 - ''; -} diff --git a/makefu/2configs/hw/rad1o.nix b/makefu/2configs/hw/rad1o.nix deleted file mode 100644 index 6eca69e0c..000000000 --- a/makefu/2configs/hw/rad1o.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - - environment.systemPackages = with pkgs; [ - gnuradio-with-packages - gnuradio-osmosdr - gqrx - ]; - - users.extraUsers.${config.krebs.build.user.name}.extraGroups = [ "dialout" ]; - - services.udev.extraRules = '' - ATTR{idVendor}=="1d50", ATTR{idProduct}=="604b", SYMLINK+="hackrf-jawbreaker-%k", MODE="0666", GROUP="dialout" - ATTR{idVendor}=="1d50", ATTR{idProduct}=="6089", SYMLINK+="hackrf-one-%k", MODE="0666", GROUP="dialout" - ATTR{idVendor}=="1d50", ATTR{idProduct}=="cc15", SYMLINK+="rad1o-%k", MODE="0666", GROUP="dialout" - ATTR{idVendor}=="1fc9", ATTR{idProduct}=="000c", SYMLINK+="nxp-dfu-%k", MODE="0666", GROUP="dialout" - ''; -} diff --git a/makefu/2configs/hw/rtl8812au.nix b/makefu/2configs/hw/rtl8812au.nix deleted file mode 100644 index 0c10f2555..000000000 --- a/makefu/2configs/hw/rtl8812au.nix +++ /dev/null @@ -1,5 +0,0 @@ -{pkgs, config, ... }: -{ - boot.extraModulePackages = [ config.boot.kernelPackages.rtl8812au ]; - boot.kernelModules = [ "rtl8812au" ]; -} diff --git a/makefu/2configs/hw/slaesh.nix b/makefu/2configs/hw/slaesh.nix deleted file mode 100644 index 1a7d053b9..000000000 --- a/makefu/2configs/hw/slaesh.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - - users.users.${config.krebs.build.user.name}.extraGroups = [ "dialout" ]; - services.udev.extraRules = '' - SUBSYSTEM=="tty", ATTRS{idVendor}=="10c4", ATTRS{idProduct}=="ea60", SYMLINK+="zigbee", MODE="0660", GROUP="dailout" - ''; -} diff --git a/makefu/2configs/hw/smartcard.nix b/makefu/2configs/hw/smartcard.nix deleted file mode 100644 index b66b70098..000000000 --- a/makefu/2configs/hw/smartcard.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ pkgs, ... }: -{ - services.pcscd = { - enable = true; - plugins = with pkgs; - [ #ifdnfc - ccid - ]; - - }; - environment.systemPackages = with pkgs; [ - # need to run ifdnfc-activate before usage - # ifdnfc - # pcsc_scan - pcsctools - ]; - boot.blacklistedKernelModules = [ - "pn533" "pn533_usb" - "nfc" - ]; -} diff --git a/makefu/2configs/hw/ssd.nix b/makefu/2configs/hw/ssd.nix deleted file mode 100644 index 9615b34d8..000000000 --- a/makefu/2configs/hw/ssd.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ - # ssd trimming - services.fstrim.enable = true; -} diff --git a/makefu/2configs/hw/stk1160.nix b/makefu/2configs/hw/stk1160.nix deleted file mode 100644 index 735cb4c17..000000000 --- a/makefu/2configs/hw/stk1160.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ pkgs, lib, ... }: -{ - boot.kernelPatches = lib.singleton { - name = "enable-stk1160"; - patch = null; - extraConfig = '' - MEDIA_ANALOG_TV_SUPPORT y - VIDEO_STK1160_COMMON m - VIDEO_STK1160 m - ''; - }; -} diff --git a/makefu/2configs/hw/switch.nix b/makefu/2configs/hw/switch.nix deleted file mode 100644 index 79de7ffb1..000000000 --- a/makefu/2configs/hw/switch.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - - users.users.makefu.extraGroups = [ "plugdev" ]; - users.groups.plugdev = {}; - services.udev.extraRules = '' - SUBSYSTEM=="usb", ATTR{idVendor}=="0955", MODE="0664", GROUP="plugdev" - SUBSYSTEM=="usb", ATTR{idVendor}=="16c0", ATTR{idProduct}=="27e2", SYMLINK+="switch-%k", MODE="0664", GROUP="plugdev" - SUBSYSTEM=="usb", ATTR{idVendor}=="057e", ATTR{idProduct}=="3000", SYMLINK+="switch-%k", MODE="0664", GROUP="plugdev" - ''; -} diff --git a/makefu/2configs/hw/tp-x200.nix b/makefu/2configs/hw/tp-x200.nix deleted file mode 100644 index f06425aec..000000000 --- a/makefu/2configs/hw/tp-x200.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -{ - - imports = [ ./tp-x2x0.nix ]; - - boot = { - kernelModules = [ "tp_smapi" "msr" ]; - extraModulePackages = [ config.boot.kernelPackages.tp_smapi ]; - - }; - services.thinkfan.enable = true; - - # only works on tp-x200 , not x220 - services.xserver.displayManager.sessionCommands = '' - xinput set-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation" 1 - xinput set-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Button" 2 - xinput set-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Timeout" 200 - ''; -} diff --git a/makefu/2configs/hw/tp-x230.nix b/makefu/2configs/hw/tp-x230.nix deleted file mode 100644 index 69fe7adce..000000000 --- a/makefu/2configs/hw/tp-x230.nix +++ /dev/null @@ -1,38 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - - imports = [ ./tp-x2x0.nix ]; - - # configured media keys inside awesomerc - # sound.mediaKeys.enable = true; - - # possible i915 powersave options: - # options i915 enable_rc6=1 enable_fbc=1 semaphores=1 - - boot.extraModprobeConfig = '' - options thinkpad_acpi fan_control=1 - options i915 enable_rc6=1 enable_fbc=1 semaphores=1 - ''; - - boot.initrd.availableKernelModules = [ "thinkpad_acpi" ]; - - services.xserver.displayManager.sessionCommands ='' - xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation" 8 1 - xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Button" 8 2 - xinput set-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Axes" 6 7 4 5 - # xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Timeout" 8 200 - ''; - - # enable HDMI output switching with pulseaudio - hardware.pulseaudio.extraConfig = '' - load-module module-alsa-sink device=hw:0,3 sink_properties=device.description="HDMIOutput" sink_name="HDMI" - ''; - # load graphical equalizer module - # load-module module-equalizer-sink - - # combine multiple sinks to one: - # list all sinks: pactl list short sinks - # pacmd load-module module-combine-sink sink_name=combined sink_properties=device.description=CombinedSink slaves=sink1,sink2 channels=2 - -} diff --git a/makefu/2configs/hw/tp-x2x0.nix b/makefu/2configs/hw/tp-x2x0.nix deleted file mode 100644 index bbed3f430..000000000 --- a/makefu/2configs/hw/tp-x2x0.nix +++ /dev/null @@ -1,56 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - imports = [ - ./tpm.nix - ./ssd.nix - ./bluetooth.nix - ]; - - boot.kernelModules = [ - "kvm-intel" - ]; - - # hardware.opengl.extraPackages = [ pkgs.intel-media-driver ]; - - networking.wireless.enable = lib.mkDefault true; - - hardware.enableRedistributableFirmware = true; - nixpkgs.config.allowUnfree = true; - - hardware.cpu.intel.updateMicrocode = true; - - zramSwap.enable = true; - - # enable synaptics so we can easily disable the touchpad - # enable the touchpad with `synclient TouchpadOff=0` - - services.xserver.libinput.enable = false; - services.xserver.synaptics = { - enable = true; - additionalOptions = ''Option "TouchpadOff" "1"''; - }; - hardware.trackpoint = { - enable = true; - sensitivity = 220; - speed = 220; - emulateWheel = true; - }; - - services.tlp.enable = ! config.services.power-profiles-daemon.enable; - services.tlp.settings = { - # BUG: http://linrunner.de/en/tlp/docs/tlp-faq.html#erratic-battery - START_CHARGE_THRESH_BAT0 = 95; - STOP_CHARGE_THRESH_BAT0 = 100; - CPU_SCALING_GOVERNOR_ON_AC = "performance"; - CPU_SCALING_GOVERNOR_ON_BAT = "ondemand"; - CPU_MIN_PERF_ON_AC = 0; - CPU_MAX_PERF_ON_AC = 100; - CPU_MIN_PERF_ON_BAT = 0; - CPU_MAX_PERF_ON_BAT = 30; - }; - - powerManagement.resumeCommands = '' - ${pkgs.utillinux}/bin/rfkill unblock all - ''; -} diff --git a/makefu/2configs/hw/tpm.nix b/makefu/2configs/hw/tpm.nix deleted file mode 100644 index 29e19e916..000000000 --- a/makefu/2configs/hw/tpm.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ pkgs, ... }: -{ - services.tcsd.enable = true; - # see https://wiki.archlinux.org/index.php/Trusted_Platform_Module - environment.systemPackages = with pkgs; [ opencryptoki tpm-tools ]; -} diff --git a/makefu/2configs/hw/upower.nix b/makefu/2configs/hw/upower.nix deleted file mode 100644 index a3932fed3..000000000 --- a/makefu/2configs/hw/upower.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ pkgs, ... }: -{ - services.upower.enable = true; - users.users.makefu.packages = [ pkgs.gnome3.gnome-power-manager ]; -} - diff --git a/makefu/2configs/hw/vbox-guest.nix b/makefu/2configs/hw/vbox-guest.nix deleted file mode 100644 index 65f915a2f..000000000 --- a/makefu/2configs/hw/vbox-guest.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ lib, ...}: -{ - ## Guest Extensions are currently broken - imports = [ - (toString ) - ]; - virtualisation.virtualbox.guest.enable = true; - services.xserver.videoDrivers = lib.mkOverride 45 [ "virtualbox" "modesetting" ]; - - fileSystems."/media/share" = { - fsType = "vboxsf"; - device = "share"; - options = [ "rw" "uid=9001" "gid=9001" "nofail" ]; - }; - # virtualbox.baseImageSize = 35 * 1024; -} diff --git a/makefu/2configs/hw/xmm7360.nix b/makefu/2configs/hw/xmm7360.nix deleted file mode 100644 index 8facab8b5..000000000 --- a/makefu/2configs/hw/xmm7360.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ pkgs, config, ... }: -let - helper = pkgs.writeScriptBin "lte" (builtins.readFile ./lte.sh); - - pkg = (pkgs.callPackage ../../5pkgs/xmm7360 { kernel = config.boot.kernelPackages.kernel; }); -in -{ - boot.extraModulePackages = [ - pkg - ]; - boot.initrd.availableKernelModules = [ "xmm7360" ]; - users.users.makefu.packages = [ pkg helper ]; -} diff --git a/makefu/2configs/hydra/stockholm.nix b/makefu/2configs/hydra/stockholm.nix deleted file mode 100644 index 35999ae57..000000000 --- a/makefu/2configs/hydra/stockholm.nix +++ /dev/null @@ -1,33 +0,0 @@ -# iterative: -# $ hydra-create-user krebs --password derp --role admin -# curl 'http://hydra.wbob.r/project/.new' -X PUT -H 'Host: hydra.wbob.r' -H 'Content-Type: application/x-www-form-urlencoded; charset=UTF-8' -H 'X-Requested-With: XMLHttpRequest' -H 'Cookie: redirect_to=%252F; hydra_session=abcdefghijklmnopqrstuvwxyz' -H 'Connection: keep-alive' --data 'enabled=on&visible=on&name=stockholm&displayname=Stockholm&description=make+all+systems+into+1systems&homepage=https%3A%2F%2Fkrebsco.de&owner=krebs&declfile=spec.json&decltype=git&declvalue=http%3A%2F%2Fcgit.euer.krebsco.de%2Fhydra-stockholm' - -{ - - # TODO postgres backup - - services.hydra = { - enable = true; - hydraURL = "http://hydra.wbob.r"; # externally visible URL - notificationSender = "hydra@wbob.r"; - # you will probably also want, otherwise *everything* will be built from scratch - useSubstitutes = true; - port = 3030; - buildMachinesFiles = []; - }; - - networking.firewall.allowedTCPPorts = [ 80 ]; - services.nginx = { - enable = true; - virtualHosts."hydra.wbob.r" = { - locations."/" = { - proxyPass = "http://localhost:3030/"; - extraConfig = '' - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - ''; - }; - }; - }; -} diff --git a/makefu/2configs/iodined.nix b/makefu/2configs/iodined.nix deleted file mode 100644 index a2d43e567..000000000 --- a/makefu/2configs/iodined.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ pkgs, config, ... }: - -let - # TODO: make this a parameter - domain = "io.krebsco.de"; - pw = import ; -in { - networking.firewall.allowedUDPPorts = [ 53 ]; - - services.iodine = { - server = { - enable = true; - domain = domain; - ip = "172.16.10.1/24"; - extraConfig = "-c -P ${pw} -l ${config.krebs.build.host.nets.internet.ip4.addr}"; - }; - }; - -} diff --git a/makefu/2configs/ipfs.nix b/makefu/2configs/ipfs.nix deleted file mode 100644 index cc07e063d..000000000 --- a/makefu/2configs/ipfs.nix +++ /dev/null @@ -1,5 +0,0 @@ -{...}: -{ - services.ipfs.enable = true; - networking.firewall.allowedTCPPorts = [ 4001 ]; -} diff --git a/makefu/2configs/kdeconnect.nix b/makefu/2configs/kdeconnect.nix deleted file mode 100644 index b9110dee8..000000000 --- a/makefu/2configs/kdeconnect.nix +++ /dev/null @@ -1,6 +0,0 @@ -{pkgs, ... }: -{ - environment.systemPackages = with pkgs; [ kdeconnect ]; - networking.firewall.allowedUDPPortRanges = [ { from = 1714; to = 1764; } ]; - networking.firewall.allowedTCPPortRanges = [ { from = 1714; to = 1764; } ]; -} diff --git a/makefu/2configs/lanparty/lancache-dns.nix b/makefu/2configs/lanparty/lancache-dns.nix deleted file mode 100644 index c9da7c4c4..000000000 --- a/makefu/2configs/lanparty/lancache-dns.nix +++ /dev/null @@ -1,70 +0,0 @@ -{ pkgs, lib, config, ... }: -with import ; -let - upstream-server = "8.8.8.8"; - # make sure the router pins the ip address to the deployed host - # and set it as dns server ( dhcp option 6,192.168.10.10 ) - local_ip = "192.168.10.10"; - - extra-config = pkgs.writeText "local.conf" '' - server: - local-data: "piratebox. A ${local_ip}" - local-data: "store. A ${local_ip}" - local-data: "share. A ${local_ip}" - ''; - - - # see https://github.com/zeropingheroes/lancache for full docs - lancache-dns = pkgs.stdenv.mkDerivation rec { - name = "lancache-dns-2017-06-28"; - src = pkgs.fetchFromGitHub { - # forked: https://github.com/zeropingheroes/lancache-dns - repo = "lancache-dns"; - owner = "zeropingheroes"; - rev = "420aa62"; - sha256 = "0ik7by7ripdv2avyy5kk9jp1i7rz9ksc8xmg7n9iik365q9pv94m"; - }; - - phases = [ "unpackPhase" "installPhase" ]; - # here we have the chance to edit `includes/proxy-cache-paths.conf` - installPhase = '' - mkdir -p $out - cp -r * $out/ - ''; - }; - stateDir = "/var/lib/unbound"; - user = "unbound"; -in { - services.unbound = { - enable = true; - allowedAccess = [ "10.0.0.0/8" "172.16.0.0/12" "192.168.0.0/16" ]; - interfaces = ["0.0.0.0" "::" ]; - forwardAddresses = [ upstream-server ]; - extraConfig = '' - include: "${stateDir}/lancache/*.conf" - include: "${extra-config}" - ''; - }; - services.dnscrypt-proxy.enable = lib.mkForce false; - virtualisation.libvirtd.enable = lib.mkForce false; - systemd.services.dns-lancache-prepare = { - wantedBy = [ "unbound.service" ]; - before = [ "unbound.service" ]; - after = [ "network-online.target" ]; - partOf= [ "unbound.service" ]; - - path = [ pkgs.gawk pkgs.iproute pkgs.gnused ]; - script = '' - set -xeu - # current_ip=$(ip route get 8.8.8.8 | awk '/8.8.8.8/ {print $NF}') - current_ip=${local_ip} - old_ip=10.1.1.250 - mkdir -p ${stateDir} - rm -rvf ${stateDir}/lancache - cp -r ${lancache-dns}/upstreams-available ${stateDir}/lancache - sed -i "s/$old_ip/$current_ip/g" ${stateDir}/lancache/*.conf - chown -R unbound ${stateDir} - ''; - }; - networking.firewall.allowedUDPPorts = [ 53 ]; -} diff --git a/makefu/2configs/lanparty/lancache.nix b/makefu/2configs/lanparty/lancache.nix deleted file mode 100644 index bcacf2e15..000000000 --- a/makefu/2configs/lanparty/lancache.nix +++ /dev/null @@ -1,81 +0,0 @@ -{ pkgs, lib, config, ... }: -with import ; -let - # see https://github.com/zeropingheroes/lancache for full docs - lancache= pkgs.stdenv.mkDerivation rec { - name = "lancache-2017-06-26"; - src = pkgs.fetchFromGitHub { - # origin: https://github.com/multiplay/lancache - # forked: https://github.com/zeropingheroes/lancache - repo = "lancache"; - owner = "zeropingheroes"; - rev = "143f7bb"; - sha256 = "1ra4l7qz3k231j5wabr89s5hh80n1kk8vgd3dsh0xx5mdpjhvdl6"; - }; - phases = [ "unpackPhase" "installPhase" ]; - # here we can chance to edit `includes/proxy-cache-paths.conf` - installPhase = '' - mkdir -p $out - cp -r * $out/ - rm $out/caches-enabled/* - sed -i -e 's/^\(user\).*/\1 ${cfg.user} ${cfg.group};/' \ - -e '1 idaemon off;' \ - -e 's#/var/lancache#${cfg.statedir}#g' \ - $out/nginx.conf - sed -i -e 's#/var/lancache#${cfg.statedir}#g' \ - $out/*/*.conf - ln -s $out/caches-available/* $out/caches-enabled/ - ''; - }; - cfg = { - statedir = "/data/cache"; - - group = "nginx-lancache"; - user = "nginx-lancache"; - package = pkgs.stdenv.lib.overrideDerivation pkgs.nginx (old:{ - configureFlags = old.configureFlags ++ [ - "--with-http_slice_module" - "--with-stream" - "--with-pcre" - ]; - }); - }; -in { - systemd.services.nginx-lancache = { - description = "Nginx lancache Server"; - after = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; - restartIfChanged = true; - - preStart = '' - mkdir -p ${cfg.statedir} && cd ${cfg.statedir} - chmod 700 ${cfg.statedir} - PATH_CACHE=$PATH_BASE/cache - PATH_LOGS=$PATH_BASE/logs - - mkdir -p cache/{installers,tmp} logs - rm -f conf; ln -s ${lancache} conf - chown -R ${cfg.user}:${cfg.group} . - ''; - serviceConfig = { - ExecStart = "${cfg.package}/bin/nginx -p ${cfg.statedir}"; - ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; - Restart = "always"; - RestartSec = "10s"; - StartLimitInterval = "1min"; - }; - }; - - environment.etc.nginx.source = lancache; - users.extraUsers = (singleton - { name = cfg.user; - group = cfg.group; - uid = genid cfg.group; - }); - - users.extraGroups = (singleton - { name = "${cfg.group}"; - gid = genid cfg.group; - }); - networking.firewall.allowedTCPPorts = [ 80 443 ]; -} diff --git a/makefu/2configs/lanparty/mumble-server.nix b/makefu/2configs/lanparty/mumble-server.nix deleted file mode 100644 index 5b9631cd1..000000000 --- a/makefu/2configs/lanparty/mumble-server.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ config, ... }: -{ - networking.firewall.allowedTCPPorts = [ 64738 ]; - networking.firewall.allowedUDPPorts = [ 64738 ]; - services.murmur = { - enable = true; - welcometext = "Welcome to the LANest Party mumble server"; - bonjour = true; - hostName = "0.0.0.0"; - sendVersion = true; - }; -} diff --git a/makefu/2configs/lanparty/samba.nix b/makefu/2configs/lanparty/samba.nix deleted file mode 100644 index e2fa58c4b..000000000 --- a/makefu/2configs/lanparty/samba.nix +++ /dev/null @@ -1,40 +0,0 @@ -{config, ... }:{ - networking.firewall.allowedUDPPorts = [ 137 138 ]; - networking.firewall.allowedTCPPorts = [ 139 445 ]; - users.users.smbguest = { - name = "smbguest"; - uid = config.ids.uids.smbguest; #effectively systemUser - description = "smb guest user"; - home = "/data/lanparty"; - createHome = true; - group = "share"; - }; - users.groups.share = {}; - services.samba = { - enable = true; - enableNmbd = true; - shares = { - lanparty = { - path = "/data/lanparty/"; - "read only" = "yes"; - browseable = "yes"; - "guest ok" = "yes"; - }; - share = { - path = "/data/incoming"; - "read only" = "no"; - browseable = "yes"; - "guest ok" = "yes"; - }; - }; - extraConfig = '' - guest account = smbguest - map to guest = bad user - # disable printing - load printers = no - printing = bsd - printcap name = /dev/null - disable spoolss = yes - ''; - }; -} diff --git a/makefu/2configs/legacy_only.nix b/makefu/2configs/legacy_only.nix deleted file mode 100644 index 3d40471ba..000000000 --- a/makefu/2configs/legacy_only.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ networking.enableIPv6 = false; - boot.kernel.sysctl = { - "net.ipv6.conf.all.disable_ipv6" = 1; - "net.ipv6.conf.default.disable_ipv6" = 1; - "net.ipv6.conf.lo.disable_ipv6" = 1; - }; - boot.kernelParams = [ "ipv6.disable=1" ]; -} diff --git a/makefu/2configs/logging/client.nix b/makefu/2configs/logging/client.nix deleted file mode 100644 index 04d2de0d0..000000000 --- a/makefu/2configs/logging/client.nix +++ /dev/null @@ -1,32 +0,0 @@ -{pkgs, buil, config, ...}: -let - log-server = config.makefu.log-server; - log-port = 9200; -in { - services.journalbeat = { - enable = true; - # TODO: filter for certain journal fields, not all - extraConfig = '' - journalbeat: - name: logs-${config.krebs.build.host.name} - seek_position: cursor - cursor_seek_fallback: tail - write_cursor_state: true - cursor_flush_period: 5s - clean_field_names: true - convert_to_numbers: false - move_metadata_to_field: journal - default_type: journal - output.elasticsearch: - enabled: true - hosts: ["${log-server}:${builtins.toString log-port}"] - template.enabled: false - #output.console: - # enabled: true - logging.level: info - logging.to_syslog: true - logging.selectors: ["*"] - - ''; - }; -} diff --git a/makefu/2configs/logging/filter/dnsmasq.conf b/makefu/2configs/logging/filter/dnsmasq.conf deleted file mode 100644 index 1570b1c60..000000000 --- a/makefu/2configs/logging/filter/dnsmasq.conf +++ /dev/null @@ -1,19 +0,0 @@ - -if ( [program] == "dnsmasq") { - grok { - patterns_dir => ["${./patterns}"] - match => { - "message" => [ - "^%{logdate:LOGDATE} dnsmasq\[[\d]+\]\: query\[[\w]+\] %{domain:DOMAIN} from %{clientip:CLIENTIP}" - , "^%{logdate:LOGDATE} dnsmasq\[[\d]+\]\: reply %{domain:DOMAIN} is %{ip:IP}" - , "^%{logdate:LOGDATE} dnsmasq\[[\d]+\]\: %{blocklist:BLOCKLIST} %{domain:DOMAIN} is %{ip:IP}" - ] - } - } - date { - match => [ "LOGDATE", "MMM dd HH:mm:ss", "MMM d HH:mm:ss", "ISO8601" ] - } - geoip { - source => "IP" - } -} diff --git a/makefu/2configs/logging/patterns/dnsmasq b/makefu/2configs/logging/patterns/dnsmasq deleted file mode 100644 index c1e700d5e..000000000 --- a/makefu/2configs/logging/patterns/dnsmasq +++ /dev/null @@ -1,15 +0,0 @@ -BLOCKLIST [\/\w\.]+ -DOMAIN [\w\.\-]+ -DNSID \d+ -PORT \d+ -DNSRESPONSE cached|reply|forwarded|query -# TODO: there are some strange responses for certain queries like or ... -IPORWORD %{IP}|[<>\.\/\w>]+ - -# TODO use public suffix list by mozilla -TLD [a-z]{2,63} -# matches CCSLD and TLD together (e.g. co.uk ) -CCSLD_TLD [a-z]+\.uk -# actually after a CCTLD this would be the third level domain ... -PUBLIC_SUFFIX (xn--)?%{FUNCTIONAL_SLD}\.(%{CCSLD_TLD}|%{TLD}) -FUNCTIONAL_SLD [a-z0-9-]{1,63} diff --git a/makefu/2configs/logging/server.nix b/makefu/2configs/logging/server.nix deleted file mode 100644 index f2fccec25..000000000 --- a/makefu/2configs/logging/server.nix +++ /dev/null @@ -1,140 +0,0 @@ -{pkgs, config, ...}: - -let - es-port = 9200; - kibana-port = 5601; - primaryName = "log.${config.krebs.build.host.name}"; - serverAliases = [ "${primaryName}.r" "${primaryName}.lan" ]; -in { - - services.nginx.virtualHosts.${primaryName} = { - inherit serverAliases; - locations."/" = { - proxyPass = "http://localhost:5601/"; - extraConfig = '' - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - ''; - }; - }; - services.elasticsearch = { - enable = true; - port = es-port; - }; - services.kibana = { - enable = true; - port = kibana-port; - }; - - networking.firewall.extraCommands = '' - iptables -A INPUT -i retiolum -p tcp --dport ${toString es-port} -j ACCEPT - iptables -A INPUT -i retiolum -p tcp --dport ${toString kibana-port} -j ACCEPT - ''; - - # send logs directly to elasticsearch - services.journalbeat = { - enable = true; - package = pkgs.journalbeat7; - extraConfig = '' - logging: - to_syslog: true - level: info - metrics.enabled: false - template.enabled: false - output.logstash: - hosts: [ "127.0.0.1:5044" ] - template.enabled: false - index: journalbeat - journalbeat.inputs: - - paths: [] - seek: cursor - ''; - }; - - services.logstash = { - enable = true; - # package = pkgs.logstash5; - # plugins = [ pkgs.logstash-contrib ]; - inputConfig = - '' - syslog { - timezone => "Etc/UTC" - } - beats { - port => 5044 - } - ''; - filterConfig = - '' - # Assume Beats - if [syslog] { - mutate { - add_field => { "program" => "%{[syslog][identifier]}" } - } - } - '' + - '' - if ![program] { - mutate { - add_field => { "program" => "unknown" } - } - } - '' + - '' - if ([program] == "logstash") { - drop {} - } - '' + - '' - if ( [program] == "dnsmasq") { - grok { - patterns_dir => ["${./patterns}"] - match => { - "message" => [ - "^%{DNSID:dnsid} %{IP:client}/%{PORT} %{DNSRESPONSE:dnstype}\[[\w]+\] %{DOMAIN:domain} from %{IP}" - , "^%{DNSID:dnsid} %{IP:client}/%{PORT} %{DNSRESPONSE:dnstype} %{DOMAIN:domain} is %{IPORWORD:resolved_ip}" - , "^%{DNSID:dnsid} %{IP:client}/%{PORT} %{DNSRESPONSE:dnstype} %{DOMAIN:domain} to %{IP:upstream_dns}" - ] - } - } - if [resolved_ip] { - geoip { - source => "resolved_ip" - } - } - mutate { - rename => { "host" => "syslog_host" } - } - # Target is to parse the the first and second significant part of the domain - grok { - patterns_dir => ["${./patterns}"] - match => { "domain" => [ "%{PUBLIC_SUFFIX:dns_suffix}$" ] } - } - if [client] { - mutate { copy => { "client" => "clientip" } } - dns { - reverse => [ "client"] - action => "replace" - hostsfile => [ "/etc/hosts" ] - hit_cache_ttl => 1600 - failed_cache_ttl => 60 - } - } - } - '' + '' - if ( [program] == "proftpd") { - kv { - field_split => " " - } - } - ''; - outputConfig = - '' - #stdout { - # codec => rubydebug - #} - elasticsearch { } - ''; - }; -} diff --git a/makefu/2configs/mail-client.nix b/makefu/2configs/mail-client.nix deleted file mode 100644 index e08aadc5e..000000000 --- a/makefu/2configs/mail-client.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -{ - environment.systemPackages = with pkgs; [ - abook - gnupg - imapfilter - msmtp - notmuch - neomutt - offlineimap - openssl - w3m - ]; - -} diff --git a/makefu/2configs/mail/mail.euer.nix b/makefu/2configs/mail/mail.euer.nix deleted file mode 100644 index f51e54b80..000000000 --- a/makefu/2configs/mail/mail.euer.nix +++ /dev/null @@ -1,55 +0,0 @@ -{ config, pkgs, ... }: -{ - imports = [ - (builtins.fetchTarball { - url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/v2.2.1/nixos-mailserver-v2.2.1.tar.gz"; - sha256 = "03d49v8qnid9g9rha0wg2z6vic06mhp0b049s3whccn1axvs2zzx"; - } - ) - ]; - - mailserver = { - enable = true; - fqdn = "euer.eloop.org"; - domains = [ "euer.eloop.org" ]; - loginAccounts = { - "makefu@euer.eloop.org" = { - hashedPassword = "$6$5gFFAPnI/c/EHIx$3aHj64p5SX./C.MPb.eBmyLDRdWS1yaoV0s9r3Yexw4UO9URdUkBDgqT7F0Mjgt6.gyYaJ5E50h0Yg7iHtLWI/"; - aliases = [ "root@euer.eloop.org" ]; - catchAll = [ "euer.eloop.org" ]; - - }; - }; - certificateScheme = 3; - - # Enable IMAP and POP3 - enableImap = true; - enablePop3 = false; - enableImapSsl = true; - enablePop3Ssl = false; - - # Enable the ManageSieve protocol - enableManageSieve = true; - - virusScanning = false; - - }; - - services.dovecot2.extraConfig = '' - ssl_dh = ; -let - window-manager = "awesome"; - user = config.krebs.build.user.name; -in { - imports = [ - ./gui/base.nix - # ./gui/look-up.nix - ./fetchWallpaper.nix - ./zsh-user.nix - ./tools/core.nix - ./tools/core-gui.nix - ./gui/automatic-diskmount.nix - ]; - - users.users.${config.krebs.build.user.name}.extraGroups = [ "dialout" ]; - - security.sudo.extraConfig = "${config.krebs.power-action.user} ALL= (root) NOPASSWD: ${pkgs.systemd}/bin/systemctl suspend"; - - location.latitude = 48.7; - location.longitude = 9.1; - -} diff --git a/makefu/2configs/mattermost-docker.nix b/makefu/2configs/mattermost-docker.nix deleted file mode 100644 index a887a6a8f..000000000 --- a/makefu/2configs/mattermost-docker.nix +++ /dev/null @@ -1,47 +0,0 @@ -{config, lib, ...}: - -with import ; -let - sec = toString ; - ssl_cert = "${sec}/wildcard.krebsco.de.crt"; - ssl_key = "${sec}/wildcard.krebsco.de.key"; -in { - # mattermost docker config and deployment guide: git.euer.krebsco.de - virtualisation.docker.enable = true; - users.extraUsers.${config.krebs.build.user.name}.extraGroups = [ "docker" ]; - krebs.nginx = { - enable = true; - servers.mattermost = { - listen = [ "80" "443 ssl" ]; - server-names = [ "mattermost.euer.krebsco.de" ]; - extraConfig = '' - gzip on; - gzip_buffers 4 32k; - gzip_types text/plain application/x-javascript text/css; - ssl_certificate ${ssl_cert}; - ssl_certificate_key ${ssl_key}; - default_type text/plain; - - if ($scheme = http){ - return 301 https://$server_name$request_uri; - } - - client_max_body_size 4G; - keepalive_timeout 10; - - ''; - locations = [ - (nameValuePair "/" '' - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_redirect off; - proxy_pass http://localhost:8065/; - '') - ]; - }; - }; -} diff --git a/makefu/2configs/minimal.nix b/makefu/2configs/minimal.nix deleted file mode 100644 index 0334422c8..000000000 --- a/makefu/2configs/minimal.nix +++ /dev/null @@ -1,85 +0,0 @@ -{ lib, pkgs, config, ... }: -# minimal subset of sane configuration for stockholm -{ - # nobody needs this - programs.command-not-found.enable = false; - - # the only true timezone (even after the the removal of DST) - time.timeZone = "Europe/Berlin"; - - networking.hostName = lib.mkIf (lib.hasAttr "host" config.krebs.build) config.krebs.build.host.name; - - # we use gpg if necessary (or nothing at all) - programs.ssh.startAgent = false; - - # all boxes look the same - nix.settings.sandbox = true; - nix.settings.cores = 0; # until https://github.com/NixOS/nixpkgs/pull/50440 is in stable - # we configure users via nix - users.mutableUsers = false; - - # sane firewalling - networking.firewall.rejectPackets = true; - networking.firewall.allowPing = true; - - # openssh all the way down - services.openssh.enable = true; - - # we use stockholm via populate - nix.nixPath = [ "/var/src" ]; - - environment.variables = let - ca-bundle = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; - in { - NIX_PATH = lib.mkForce "/var/src"; - EDITOR = lib.mkForce "vim"; - CURL_CA_BUNDLE = ca-bundle; - GIT_SSL_CAINFO = ca-bundle; - SSL_CERT_FILE = ca-bundle; - }; - - programs.bash = { - interactiveShellInit = '' - HISTCONTROL='erasedups:ignorespace' - HISTSIZE=900001 - HISTFILESIZE=$HISTSIZE - - shopt -s checkhash - shopt -s histappend histreedit histverify - shopt -s no_empty_cmd_completion - ''; - - promptInit = '' - case $UID in - 0) PS1='\[\e[1;31m\]\w\[\e[0m\] ' ;; - 9001) PS1='\[\e[1;32m\]\w\[\e[0m\] ' ;; - *) PS1='\[\e[1;35m\]\u \[\e[1;32m\]\w\[\e[0m\] ' ;; - esac - if test -n "$SSH_CLIENT"; then - PS1='\[\033[35m\]\h'" $PS1" - fi - ''; - }; - - # trust the cool guys - networking.timeServers = [ - "pool.ntp.org" - "time.nist.gov" - ]; - - # the only locale you will ever need - i18n = { - defaultLocale = "en_US.UTF-8"; - }; - console.keyMap = "us"; - - # suppress chrome autit event messages - security.audit.rules = [ "-a task,never" ]; - - # Enable IPv6 Privacy Extensions - boot.kernel.sysctl = { - "net.ipv6.conf.all.use_tempaddr" = lib.mkDefault "2"; - "net.ipv6.conf.default.use_tempaddr" = lib.mkDefault "2"; - }; - -} diff --git a/makefu/2configs/mosh.nix b/makefu/2configs/mosh.nix deleted file mode 100644 index 1c2e34e0b..000000000 --- a/makefu/2configs/mosh.nix +++ /dev/null @@ -1,3 +0,0 @@ -{ - programs.mosh.enable = true; -} diff --git a/makefu/2configs/mqtt.nix b/makefu/2configs/mqtt.nix deleted file mode 100644 index cba43e22d..000000000 --- a/makefu/2configs/mqtt.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ ... }: -{ - services.mosquitto = { - enable = true; - persistence = false; - settings.max_keepalive = 60; - listeners = [ - { - port = 1883; - omitPasswordAuth = true; - users = {}; - settings = { - allow_anonymous = true; - }; - acl = [ "topic readwrite #" "pattern readwrite #" ]; - } - ]; - }; -} diff --git a/makefu/2configs/nginx/dl.euer.krebsco.de.nix b/makefu/2configs/nginx/dl.euer.krebsco.de.nix deleted file mode 100644 index e31d355a7..000000000 --- a/makefu/2configs/nginx/dl.euer.krebsco.de.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - users.groups.download.members = [ "nginx" ]; - services.nginx = { - enable = lib.mkDefault true; - recommendedGzipSettings = true; - recommendedOptimisation = true; - virtualHosts."dl.euer.krebsco.de" = { - root = config.makefu.dl-dir; - extraConfig = "autoindex on;"; - forceSSL = true; - enableACME = true; - basicAuth = import ; - }; - virtualHosts."dl.gum.r" = { - serverAliases = [ "dl.gum" "dl.makefu.r" "dl.makefu" ]; - root = config.makefu.dl-dir; - extraConfig = "autoindex on;"; - basicAuth = import ; - }; - }; -} diff --git a/makefu/2configs/nginx/euer.blog.nix b/makefu/2configs/nginx/euer.blog.nix deleted file mode 100644 index 24696adf2..000000000 --- a/makefu/2configs/nginx/euer.blog.nix +++ /dev/null @@ -1,44 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -let - sec = toString ; - hostname = config.krebs.build.host.name; - user = config.services.nginx.user; - group = config.services.nginx.group; - base-dir = "/var/www/blog.euer"; -in { - # Prepare Blog directory - systemd.services.prepare-euer-blog = { - wantedBy = [ "local-fs.target" ]; - before = [ "nginx.service" ]; - serviceConfig = { - # do nothing if the base dir already exists - ExecStart = pkgs.writeScript "prepare-euer-blog-service" '' - #!/bin/sh - if ! test -d "${base-dir}" ;then - mkdir -p "${base-dir}" - chown ${user}:${group} "${base-dir}" - chmod 700 "${base-dir}" - fi - ''; - Type = "oneshot"; - RemainAfterExit = "yes"; - TimeoutSec = "0"; - }; - }; - - services.nginx = { - enable = mkDefault true; - virtualHosts = { - "euer.krebsco.de" = { - #serverAliases = [ "blog.euer.krebsco.de" "blog.${hostname}" ]; - enableACME = true; - forceSSL = true; - default = true; - root = base-dir; - }; - }; - }; - state = [ base-dir ]; -} diff --git a/makefu/2configs/nginx/euer.mon.nix b/makefu/2configs/nginx/euer.mon.nix deleted file mode 100644 index c9db15b73..000000000 --- a/makefu/2configs/nginx/euer.mon.nix +++ /dev/null @@ -1,42 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -let - hostname = config.krebs.build.host.name; - user = config.services.nginx.user; - group = config.services.nginx.group; - external-ip = config.krebs.build.host.nets.internet.ip4.addr; - internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; -in { - services.nginx = { - enable = mkDefault true; - virtualHosts."mon.euer.krebsco.de" = let - # flesh_wrap - authFile = pkgs.writeText "influx.conf" '' - user:$apr1$ZG9oQCum$FhtIe/cl3jf8Sa4zq/BWd1 - ''; - in { - forceSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "http://wbob.r:3000/"; - extraConfig = '' - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - ''; - }; - locations."/influxdb/" = { - proxyPass = "http://wbob.r:8086/"; - extraConfig = '' - auth_basic "Needs Autherization to visit"; - auth_basic_user_file ${authFile}; - proxy_http_version 1.1; - proxy_set_header Host $host; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_redirect off; - ''; - }; - }; - }; -} diff --git a/makefu/2configs/nginx/euer.test.nix b/makefu/2configs/nginx/euer.test.nix deleted file mode 100644 index 40c376130..000000000 --- a/makefu/2configs/nginx/euer.test.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -let - hostname = config.krebs.build.host.name; - user = config.services.nginx.user; - group = config.services.nginx.group; - external-ip = config.krebs.build.host.nets.internet.ip4.addr; - internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; -in { - services.nginx = { - enable = mkDefault true; - virtualHosts."share.euer.krebsco.de" = { - locations."/" = { - proxyPass = "http://localhost:8000/"; - extraConfig = '' - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - ''; - }; - }; - }; -} diff --git a/makefu/2configs/nginx/euer.wiki.nix b/makefu/2configs/nginx/euer.wiki.nix deleted file mode 100644 index a925b9f78..000000000 --- a/makefu/2configs/nginx/euer.wiki.nix +++ /dev/null @@ -1,110 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -let - sec = toString ; - ext-dom = "wiki.euer.krebsco.de"; - - user = config.services.nginx.user; - group = config.services.nginx.group; - fpm-socket = "/var/run/php5-fpm.sock"; - hostname = config.krebs.build.host.name; - tw-upload = pkgs.tw-upload-plugin; - base-dir = "/var/www/wiki.euer"; - base-cfg = "${base-dir}/twconf.ini"; - wiki-dir = "${base-dir}/store/"; - backup-dir = "${base-dir}/backup/"; - # contains: - # user1 = pass1 - # userN = passN - # afterwards put /var/www//user1.html as tiddlywiki - tw-pass-file = "${sec}/tw-pass.ini"; - -in { - state = [ base-dir ]; - # hotfix for broken wiki after reboot - systemd.services."phpfpm-euer-wiki".serviceConfig.RequiresMountFor = [ "/media/cloud" ]; - services.phpfpm = { - pools.euer-wiki = { - inherit user group; - listen = fpm-socket; - settings = { - "listen.owner" = user; - "pm" = "dynamic"; - "pm.max_children" = 5; - "pm.start_servers" = 2; - "pm.min_spare_servers" = 1; - "pm.max_spare_servers" = 3; - "chdir" = "/"; - "php_admin_value[error_log]" = "stderr"; - "php_admin_flag[log_errors]" = "on"; - "catch_workers_output" = "yes"; - - }; - phpEnv.twconf = base-cfg; - }; - }; - - systemd.services.prepare-tw = { - wantedBy = [ "local-fs.target" ]; - before = [ "phpfpm.service" "nginx.service" ]; - serviceConfig = { - ExecStart = pkgs.writeScript "prepare-tw-service" '' - #!/bin/sh - if ! test -d "${base-dir}" ;then - mkdir -p "${wiki-dir}" "${backup-dir}" - - # write the base configuration - cat > "${base-cfg}" <; -let - gold = pkgs.fetchFromGitHub { - owner = "krebs"; - repo = "krebsgold"; - rev = "15f7a74"; - sha256= "1ya9xgg640k3hbl63022sfm44c1si2mxch8jkxindmwg4pa1y4ly"; - }; -in { - - services.nginx = { - enable = mkDefault true; - virtualHosts = { - "gold.krebsco.de" = { - enableACME = true; - forceSSL = true; - root = toString gold + "/html"; - }; - }; - }; -} - diff --git a/makefu/2configs/nginx/gum.krebsco.de.nix b/makefu/2configs/nginx/gum.krebsco.de.nix deleted file mode 100644 index 3e96e6826..000000000 --- a/makefu/2configs/nginx/gum.krebsco.de.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -let -in { - services.nginx = { - enable = mkDefault true; - virtualHosts."gum.krebsco.de" = { - forceSSL = true; - enableACME = true; - locations."/" = { - # proxyPass = "http://localhost:8000/"; - # extraConfig = '' - # proxy_set_header Host $host; - # proxy_set_header X-Real-IP $remote_addr; - # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - # ''; - }; - }; - }; -} diff --git a/makefu/2configs/nginx/icecult.nix b/makefu/2configs/nginx/icecult.nix deleted file mode 100644 index e817e55d8..000000000 --- a/makefu/2configs/nginx/icecult.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ config, pkgs, lib, ... }: - -with import ; - -let - icecult = pkgs.fetchFromGitHub { - owner = "kraiz"; - repo = "icecult"; - rev = "1942d43381a97f30111a48725f7532c343a6f4d7"; - sha256 = "0l8q7kw3w1kpvmy8hza9vr5liiycivbljkmwpacaifbay5y98z58"; - }; -in{ - services.nginx = { - enable = true; - virtualHosts.default = { - root = "${icecult}/app"; - locations = { - "/rpc".proxyPass = "http://10.42.22.163:3121"; - "/rpc".extraConfig = '' - rewrite /rpc/(.*) /$1 break; - proxy_http_version 1.1; - ''; - }; - }; - }; -} diff --git a/makefu/2configs/nginx/iso.euer.nix b/makefu/2configs/nginx/iso.euer.nix deleted file mode 100644 index 701609d4b..000000000 --- a/makefu/2configs/nginx/iso.euer.nix +++ /dev/null @@ -1,43 +0,0 @@ -{ config, pkgs, ... }: -let - system = builtins.currentSystem; #we can also build for other platforms - iso = (import - { inherit system; - modules = [ ../../1systems/iso/config.nix ]; } - - ); - image = iso.config.system.build.isoImage; - name = iso.config.isoImage.isoName; - - drivedroid-cfg = builtins.toJSON [{ - id = "stockholm"; - imageUrl = http://krebsco.de/krebs-v2.png; - name = "stockholm"; - tags = [ "hybrid" ]; - url = http://krebsco.de; - releases = [ - { version = iso.config.system.nixos.label; - url = "/stockholm.iso"; - arch = system; } - ]; - # size = TODO; - }]; - web = pkgs.linkFarm "web" [{ - name = "drivedroid.json"; - path = pkgs.writeText "drivedroid.json" drivedroid-cfg; } - { name = "stockholm.iso"; - path = "${image}/iso/${name}"; } - ]; -in -{ - services.nginx = { - virtualHosts = { - "iso.euer.krebsco.de" = { - enableACME = true; - forceSSL = true; - root = web; - locations."/".index = "drivedroid.json"; - }; - }; - }; -} diff --git a/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix b/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix deleted file mode 100644 index c8a5ae704..000000000 --- a/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ config, lib, pkgs, ... }: -{ - services.nginx = { - enable = lib.mkDefault true; - virtualHosts."misa-felix.ml" = { - #forceSSL = true; - #enableACME = true; - locations = { - "/" = { - index = "index.html"; - root = "/var/www/misa-felix-hochzeit.ml"; - }; - }; - }; - }; -} diff --git a/makefu/2configs/nginx/music.euer.nix b/makefu/2configs/nginx/music.euer.nix deleted file mode 100644 index e866f1b0d..000000000 --- a/makefu/2configs/nginx/music.euer.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - hostname = config.krebs.build.host.name; - user = config.services.nginx.user; - group = config.services.nginx.group; - external-ip = config.krebs.build.host.nets.internet.ip4.addr; - internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; -in { - services.nginx = { - enable = lib.mkDefault true; - virtualHosts."music.euer.krebsco.de" = { - forceSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "http://omo:4533/"; - proxyWebsockets = true; - extraConfig = '' - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - ''; - }; - }; - }; -} diff --git a/makefu/2configs/nginx/public_html.nix b/makefu/2configs/nginx/public_html.nix deleted file mode 100644 index 676d1f110..000000000 --- a/makefu/2configs/nginx/public_html.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ config, lib, ... }: - -with import ; - -{ - services.nginx = { - enable = true; - virtualHosts.default = { - default = true; - locations = { - "~ ^/~(.+?)(/.*)?\$".extraConfig = '' - alias /home/$1/public_html$2; - autoindex on; - ''; - }; - }; - }; -} diff --git a/makefu/2configs/nginx/rompr.nix b/makefu/2configs/nginx/rompr.nix deleted file mode 100644 index c7dc3ff17..000000000 --- a/makefu/2configs/nginx/rompr.nix +++ /dev/null @@ -1,75 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -let - user = config.services.nginx.user; - group = config.services.nginx.group; - src = pkgs.fetchFromGitHub { - owner = "fatg3erman"; - repo = "RompR"; - rev = "1.21"; - sha256 = "00gk2c610qgpsb6y296h9pz2aaa6gfq4cqhn15l7fdrk3lkvh01q"; - }; - fpm-socket = "/var/run/php5-rompr-fpm.sock"; - mpd-src = "/var/lib/rompr"; - -in { - services.phpfpm = { - poolConfigs = { - mpd = '' - user = ${user} - group = ${group} - listen = ${fpm-socket} - listen.owner = ${user} - listen.group = ${group} - pm = dynamic - pm.max_children = 5 - pm.start_servers = 2 - pm.min_spare_servers = 1 - pm.max_spare_servers = 3 - chdir = / - php_admin_value[error_log] = 'stderr' - php_admin_flag[log_errors] = on - catch_workers_output = yes - ''; - }; - }; - # TODO: Pre-job - # TODO: prefs.var could be templated (serialized php ...) then we would not - # need to have a state dir at all - system.activationScripts.rompr = '' - mkdir -p ${mpd-src} - cp -r ${src}/. ${mpd-src} - chown -R ${user}:${group} ${mpd-src} - chmod 770 ${mpd-src} - ''; - services.nginx = { - enable = mkDefault true; - virtualHosts = { - "localhost" = { - root = mpd-src; - locations."/".index = "index.php"; - locations."~ \.php$" = { - root = mpd-src; - extraConfig = '' - client_max_body_size 200M; - fastcgi_pass unix:${fpm-socket}; - include ${pkgs.nginx}/conf/fastcgi_params; - include ${pkgs.nginx}/conf/fastcgi.conf; - fastcgi_index index.php; - try_files $uri =404; - ''; - }; - }; - }; - }; - services.mysql = { - enable = true; - package = pkgs.mariadb; - ensureDatabases = [ "romprdb" ]; - ensureUsers = [ - { ensurePermissions = { "romprdb.*" = "ALL PRIVILEGES"; }; - name = user; } - ]; - }; -} diff --git a/makefu/2configs/nginx/update.connector.one.nix b/makefu/2configs/nginx/update.connector.one.nix deleted file mode 100644 index 44345dcd8..000000000 --- a/makefu/2configs/nginx/update.connector.one.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -{ - services.nginx = { - enable = mkDefault true; - virtualHosts."update.connector.one" = { - locations = { - "/" = { - root = "/var/www/update.connector.one"; - extraConfig = '' - autoindex on; - sendfile on; - gzip on; - ''; - }; - }; - }; - }; -} diff --git a/makefu/2configs/nix-community/mediawiki-matrix-bot.nix b/makefu/2configs/nix-community/mediawiki-matrix-bot.nix deleted file mode 100644 index 6dff64121..000000000 --- a/makefu/2configs/nix-community/mediawiki-matrix-bot.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ pkgs, ... }: -let - seccfg = toString ; - statecfg = "/var/lib/mediawiki-matrix-bot/config.json"; -in { - systemd.services.mediawiki-matrix-bot = { - description = "Mediawiki Matrix Bot"; - after = [ "network-online.target" ]; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - Restart = "always"; - RestartSec = "60s"; - DynamicUser = true; - StateDirectory = "mediawiki-matrix-bot"; - PermissionsStartOnly = true; - ExecStartPre = pkgs.writeDash "mediawikibot-copy-config" '' - install -D -m644 ${seccfg} ${statecfg} - ''; - ExecStart = "${pkgs.mediawiki-matrix-bot}/bin/mediawiki-matrix-bot ${statecfg}"; - PrivateTmp = true; - }; - }; -} diff --git a/makefu/2configs/nix-community/supervision.nix b/makefu/2configs/nix-community/supervision.nix deleted file mode 100644 index cd4b6567b..000000000 --- a/makefu/2configs/nix-community/supervision.nix +++ /dev/null @@ -1,83 +0,0 @@ -{ config, lib, pkgs, ... }: -let - isVM = lib.any (mod: mod == "xen-blkfront" || mod == "virtio_console") config.boot.initrd.kernelModules; - port = "9273"; -in { - - networking.firewall.extraCommands = '' - iptables -A INPUT -i retiolum -p tcp --dport ${port} -j ACCEPT - ip6tables -A INPUT -i retiolum -p tcp --dport ${port} -j ACCEPT - ''; - - services.telegraf = { - enable = true; - extraConfig = { - agent.interval = "60s"; - inputs = { - prometheus.metric_version = 2; - kernel_vmstat = { }; - smart = lib.mkIf (!isVM) { - path = pkgs.writeShellScript "smartctl" '' - exec /run/wrappers/bin/sudo ${pkgs.smartmontools}/bin/smartctl "$@" - ''; - }; - system = { }; - mem = { }; - file = [{ - data_format = "influx"; - file_tag = "name"; - files = [ "/var/log/telegraf/*" ]; - }] ++ lib.optional (lib.any (fs: fs == "ext4") config.boot.supportedFilesystems) { - name_override = "ext4_errors"; - files = [ "/sys/fs/ext4/*/errors_count" ]; - data_format = "value"; - }; - exec = lib.optionalAttrs (lib.any (fs: fs == "zfs") config.boot.supportedFilesystems) { - ## Commands array - commands = [ - (pkgs.writeScript "zpool-health" '' - #!${pkgs.gawk}/bin/awk -f - BEGIN { - while ("${pkgs.zfs}/bin/zpool status" | getline) { - if ($1 ~ /pool:/) { printf "zpool_status,name=%s ", $2 } - if ($1 ~ /state:/) { printf " state=\"%s\",", $2 } - if ($1 ~ /errors:/) { - if (index($2, "No")) printf "errors=0i\n"; else printf "errors=%di\n", $2 - } - } - } - '') - ]; - data_format = "influx"; - }; - systemd_units = { }; - swap = { }; - disk.tagdrop = { - fstype = [ "tmpfs" "ramfs" "devtmpfs" "devfs" "iso9660" "overlay" "aufs" "squashfs" ]; - device = [ "rpc_pipefs" "lxcfs" "nsfs" "borgfs" ]; - }; - diskio = { }; - }; - outputs.prometheus_client = { - listen = ":${port}"; - metric_version = 2; - }; - }; - }; - - security.sudo.extraRules = lib.mkIf (!isVM) [{ - users = [ "telegraf" ]; - commands = [{ - command = "${pkgs.smartmontools}/bin/smartctl"; - options = [ "NOPASSWD" ]; - }]; - }]; - # avoid logging sudo use - security.sudo.configFile = '' - Defaults:telegraf !syslog,!pam_session - ''; - # create dummy file to avoid telegraf errors - systemd.tmpfiles.rules = [ - "f /var/log/telegraf/dummy 0444 root root - -" - ]; -} diff --git a/makefu/2configs/nsupdate-data.nix b/makefu/2configs/nsupdate-data.nix deleted file mode 100644 index 3b6518f60..000000000 --- a/makefu/2configs/nsupdate-data.nix +++ /dev/null @@ -1,58 +0,0 @@ -{ config, lib, pkgs, ... }: - -# search also generates ddclient entries for all other logs - -with import ; -let - #primary-itf = "eth0"; - #primary-itf = "wlp2s0"; - primary-itf = config.makefu.server.primary-itf; - ddclientUser = "ddclient"; - sec = toString ; - nsupdate = import "${sec}/nsupdate-data.nix"; - stateDir = "/var/spool/ddclient"; - cfg = "${stateDir}/cfg"; - ddclientPIDFile = "${stateDir}/ddclient.pid"; - - # TODO: correct cert generation requires a `real` internet ip address - - gen-cfg = dict: '' - ssl=yes - cache=${stateDir}/ddclient.cache - pid=${ddclientPIDFile} - ${concatStringsSep "\n" (mapAttrsToList (user: pass: '' - - use=if, if=${primary-itf} protocol=dyndns2, server=ipv4.nsupdate.info, login=${user}, password='${pass}' ${user} - usev6=if, if=${primary-itf} protocol=dyndns2, server=ipv6.nsupdate.info, login=${user}, password='${pass}' ${user} - '') dict)} - ''; - -in { - users.users.${ddclientUser} = { - name = ddclientUser; - uid = genid ddclientUser; - description = "ddclient daemon user"; - home = stateDir; - createHome = true; - isSystemUser = true; - group = ddclientUser; - }; - users.groups.${ddclientUser} = {}; - - systemd.services = { - ddclient-nsupdate-elchos = { - wantedBy = [ "multi-user.target" ]; - after = [ "ip-up.target" ]; - serviceConfig = { - Type = "forking"; - User = ddclientUser; - PIDFile = ddclientPIDFile; - ExecStartPre = pkgs.writeDash "init-nsupdate" '' - cp -vf ${pkgs.writeText "ddclient-config" (gen-cfg nsupdate)} ${cfg} - chmod 700 ${cfg} - ''; - ExecStart = "${pkgs.ddclient}/bin/ddclient -verbose -daemon 1 -noquiet -file ${cfg}"; - }; - }; - }; -} diff --git a/makefu/2configs/nur.nix b/makefu/2configs/nur.nix deleted file mode 100644 index 6132168ad..000000000 --- a/makefu/2configs/nur.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ pkgs, ... }:{ - nixpkgs.config.packageOverrides = pkgs: { - nur = import (builtins.fetchTarball { - url = "https://github.com/nix-community/NUR/archive/28e5326ecbaef8b961bec7d18dbfe35f522fb2b1.tar.gz"; - sha256 = "1yni27g71r8n9bgsck7lz5dzx2fciljnba249yqhr9k3mzlkr7yb"; - } - ){ - inherit pkgs; - }; - }; -} diff --git a/makefu/2configs/opentracker.nix b/makefu/2configs/opentracker.nix deleted file mode 100644 index f98105625..000000000 --- a/makefu/2configs/opentracker.nix +++ /dev/null @@ -1,16 +0,0 @@ -{pkgs, ...}: - -let - daemon-port = 16969; - cfgfile = pkgs.writeText "opentracker-cfg" '' - ''; -in { - # Opentracker does not support local IPs (10.0.0.0/8 ) - makefu.opentracker = { - enable = true; - args = "-p ${toString daemon-port} -P ${toString daemon-port}"; - }; - networking.firewall.allowedTCPPorts = [ daemon-port ]; - networking.firewall.allowedUDPPorts = [ daemon-port ]; - -} diff --git a/makefu/2configs/overlays/prefer-remote-fetch.nix b/makefu/2configs/overlays/prefer-remote-fetch.nix deleted file mode 100644 index d332e6723..000000000 --- a/makefu/2configs/overlays/prefer-remote-fetch.nix +++ /dev/null @@ -1,4 +0,0 @@ -self: super: - if super ? prefer-remote-fetch then - (super.prefer-remote-fetch self super) -else super diff --git a/makefu/2configs/printer.nix b/makefu/2configs/printer.nix deleted file mode 100644 index 210a9df33..000000000 --- a/makefu/2configs/printer.nix +++ /dev/null @@ -1,47 +0,0 @@ -{ config, pkgs, ... }: - -let - mainUser = config.krebs.build.user.name; -in { - services.printing = { - enable = true; - drivers = with pkgs; [ - # samsungUnifiedLinuxDriver - splix # scx 3200 - cups-dymo # dymo labelwriter - foo2zjs # magicolor 1690mf - cups-zj-58 - cups-ptouch - ]; - }; - - users.users."${mainUser}".extraGroups = [ "scanner" "lp" ]; - - # scanners are printers just in reverse anyway - services.saned.enable = true; - hardware.sane = { - enable = true; - extraBackends = [ ]; - extraConfig.xerox_mfp = '' - usb 0x04e8 0x3441 - ''; - #netConf = - # # drucker.lan SCX-3205W - # '' - # 192.168.111.16'' - # # uhrenkind.shack magicolor 1690mf - #+ '' - # 10.42.20.30''; - - ## $ scanimage -p --format=jpg --mode=Gray --source="Automatic Document Feeder" -v --batch="lol%d.jpg" --resolution=150 - - ## requires 'sane-extra', scan via: - #extraConfig."magicolor" = '' - # net 10.42.20.30 0x2098 - #''; # 10.42.20.30: uhrenkind.shack magicolor 1690mf - }; - state = [ "/var/lib/cups" ]; - services.udev.extraRules = '' - ATTRS{idVendor}=="04e8", ATTRS{idProduct}=="3441", ENV{libsane_matched}="yes" - ''; -} diff --git a/makefu/2configs/pyload.nix b/makefu/2configs/pyload.nix deleted file mode 100644 index 3aa5048a4..000000000 --- a/makefu/2configs/pyload.nix +++ /dev/null @@ -1,10 +0,0 @@ -{pkgs, ... }: -{ - nixpkgs.config.unfreeRedistributable = true; - users.users.makefu.packages = with pkgs;[ - pyload - spidermonkey - tesseract - ]; - -} diff --git a/makefu/2configs/qemu-guest.nix b/makefu/2configs/qemu-guest.nix deleted file mode 100644 index 43ec84ed5..000000000 --- a/makefu/2configs/qemu-guest.nix +++ /dev/null @@ -1,4 +0,0 @@ -{...}: -{ - boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "ehci_pci" "virtio_pci" "virtio_blk" "virtio_net" "virtio_scsi" ]; -} diff --git a/makefu/2configs/remote-build/aarch64-community.nix b/makefu/2configs/remote-build/aarch64-community.nix deleted file mode 100644 index d57eacd68..000000000 --- a/makefu/2configs/remote-build/aarch64-community.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ - nix = { - distributedBuilds = true; - buildMachines = [ - { - hostName = "aarch64.nixos.community"; - maxJobs = 64; - sshKey = toString ; - sshUser = "makefu"; - system = "aarch64-linux"; - supportedFeatures = [ "big-parallel" ]; - } - ]; - }; -} diff --git a/makefu/2configs/remote-build/arm-emulation.nix b/makefu/2configs/remote-build/arm-emulation.nix deleted file mode 100644 index dbef25222..000000000 --- a/makefu/2configs/remote-build/arm-emulation.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ pkgs, ... }: -let qemu-arm-static = pkgs.stdenv.mkDerivation { - name = "qemu-arm-static"; - src = builtins.fetchurl { - url = "https://github.com/multiarch/qemu-user-static/releases/download/v6.1.0-8/qemu-arm-static"; - sha256 = "06344d77d4f08b3e1b26ff440cb115179c63ca8047afb978602d7922a51231e3"; - }; - dontUnpack = true; - installPhase = "install -D -m 0755 $src $out/bin/qemu-arm-static"; -}; -in { - # Enable binfmt emulation of extra binary formats (armv7l-linux, for exmaple). - boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; - boot.binfmt.registrations.arm = { - interpreter = "${qemu-arm-static}/bin/qemu-arm-static"; - magicOrExtension = ''\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00''; - mask = ''\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\x00\xff\xfe\xff\xff\xff''; - }; - - # Define additional settings for nix. - nix.extraOptions = '' - extra-platforms = armv7l-linux - ''; - nix.sandboxPaths = [ "/run/binfmt/arm=${qemu-arm-static}/bin/qemu-arm-static" ]; -} diff --git a/makefu/2configs/remote-build/gum.nix b/makefu/2configs/remote-build/gum.nix deleted file mode 100644 index 39e90f1b8..000000000 --- a/makefu/2configs/remote-build/gum.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ - nix = { - distributedBuilds = true; - buildMachines = [ - { - hostName = "gum.krebsco.de"; - maxJobs = 8; - sshKey = toString ; - sshUser = "nixBuild"; - system = "x86_64-linux"; - supportedFeatures = [ ]; - } - { - hostName = "gum.krebsco.de"; - maxJobs = 8; - sshKey = toString ; - sshUser = "nixBuild"; - system = "armv6l-linux"; - supportedFeatures = [ ]; - } - ]; - }; -} diff --git a/makefu/2configs/remote-build/slave.nix b/makefu/2configs/remote-build/slave.nix deleted file mode 100644 index 039698f1d..000000000 --- a/makefu/2configs/remote-build/slave.nix +++ /dev/null @@ -1,12 +0,0 @@ -{config,...}:{ - nix.trustedUsers = [ "nixBuild" ]; - users.users.nixBuild = { - name = "nixBuild"; - isNormalUser = true; - useDefaultShell = true; - openssh.authorizedKeys.keys = [ - config.krebs.users.buildbotSlave.pubkey - config.krebs.users.makefu-remote-builder.pubkey - ]; - }; -} diff --git a/makefu/2configs/retroshare.nix b/makefu/2configs/retroshare.nix deleted file mode 100644 index 4d2fc6af9..000000000 --- a/makefu/2configs/retroshare.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ pkgs, ... }: -let - port = 9024; -in { - users.users.makefu.packages = [ - pkgs.retroshare - ]; - networking.firewall.allowedTCPPorts = [ port ]; - networking.firewall.allowedUDPPorts = [ port ]; -} diff --git a/makefu/2configs/sabnzbd.nix b/makefu/2configs/sabnzbd.nix deleted file mode 100644 index 90a9f284f..000000000 --- a/makefu/2configs/sabnzbd.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ pkgs, config, ... }: - -with import ; -let - web-port = 8080; -in { - services.sabnzbd.enable = true; - services.sabnzbd.group = "download"; - systemd.services.sabnzbd.environment.SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; - - users.users.sabnzbd.group = mkForce "download"; - - networking.firewall.extraCommands = '' - iptables -A INPUT -i retiolum -p tcp --dport ${toString web-port} -j ACCEPT - ''; -} diff --git a/makefu/2configs/save-diskspace.nix b/makefu/2configs/save-diskspace.nix deleted file mode 100644 index b6725e730..000000000 --- a/makefu/2configs/save-diskspace.nix +++ /dev/null @@ -1,11 +0,0 @@ -_: -# TODO: do not check out nixpkgs master but fetch revision from github -{ - environment.noXlibs = true; - nix.gc.automatic = true; - nix.gc.dates = "03:10"; - documentation.info.enable = false; - documentation.man.enable = false; - services.journald.extraConfig = "SystemMaxUse=50M"; - services.nixosManual.enable = false; -} diff --git a/makefu/2configs/shack/events-publisher/default.nix b/makefu/2configs/shack/events-publisher/default.nix deleted file mode 100644 index 964e5ccbb..000000000 --- a/makefu/2configs/shack/events-publisher/default.nix +++ /dev/null @@ -1,49 +0,0 @@ -{ pkgs, ... }: -with import ; -let - shack-announce = pkgs.callPackage (builtins.fetchTarball { - url = "https://github.com/makefu/events-publisher/archive/419afdfe16ebf7f2360d2ba64b67ca88948832bd.tar.gz"; - sha256 = "0rn1ykgjbd79zg03maa49kzi6hpzn4xzf4j93qgx5wax7h12qjx0"; - }) {} ; - home = "/var/lib/shackannounce"; - user = "shackannounce"; - creds = (toString ) + "/shack-announce.json"; - LOL = "DEBUG"; -in -{ - users.users.${user}= { - uid = genid user; - inherit home; - createHome = true; - }; - systemd.services.shack-announce = { - description = "Announce shack events"; - startAt = "*:0/30"; - path = [ shack-announce ]; - serviceConfig = { - WorkingDirectory = home; - User = user; - PermissionsStartOnly = true; - ExecStartPre = pkgs.writeDash "shack-announce-pre" '' - set -eu - cp ${creds} creds.json - chown ${user} creds.json - ''; - ExecStart = pkgs.writeDash "shack-announce" '' - if test ! -e announce.state; then - echo "initializing state" - announce-daemon \ - --lol ${LOL} \ - --creds creds.json \ - --state announce.state \ - --clean --init - fi - echo "Running announce" - announce-daemon \ - --lol ${LOL} \ - --creds creds.json \ - --state announce.state - ''; - }; - }; -} diff --git a/makefu/2configs/shack/gitlab-runner/default.nix b/makefu/2configs/shack/gitlab-runner/default.nix deleted file mode 100644 index 55dc50fa8..000000000 --- a/makefu/2configs/shack/gitlab-runner/default.nix +++ /dev/null @@ -1,31 +0,0 @@ - -{ - systemd.services.gitlab-runner.path = [ - "/run/wrappers" # /run/wrappers/bin/su - "/" # /bin/sh - ]; - services.gitlab-runner = { - enable = true; - configOptions = - { concurrent = 1; - runners = [ - { builds_dir = ""; - #docker = - #{ cache_dir = ""; - # disable_cache = true; - # host = ""; image = "nixos/nix:2.1.3"; - # privileged = true; - #}; - #executor = "docker"; - # name = "docker-nix"; - name = "gum-shell"; - executor = "shell"; - environment = [ "PATH=/bin:/run/wrappers/bin:/etc/per-user/gitlab-runner/bin:/etc/per-user-pkgs/gitlab-runner/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin" ]; - # generate via `gitlab-runner register` - token = import ; - url = "https://git.shackspace.de/"; - } - ]; - }; - }; -} diff --git a/makefu/2configs/share-user-sftp.nix b/makefu/2configs/share-user-sftp.nix deleted file mode 100644 index 26f1d3ba3..000000000 --- a/makefu/2configs/share-user-sftp.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ config, ... }: - -{ - users.users = { - share = { - uid = 9002; - home = "/var/empty"; - isNormalUser = true; - openssh.authorizedKeys.keys = [ config.krebs.users.makefu.pubkey ]; - }; - }; - # we will use internal-sftp to make uncomplicated Chroot work - services.openssh.extraConfig = '' - Match User share - ChrootDirectory /media - ForceCommand internal-sftp - AllowTcpForwarding no - PermitTunnel no - X11Forwarding no - Match All - ''; -} diff --git a/makefu/2configs/share/anon-ftp.nix b/makefu/2configs/share/anon-ftp.nix deleted file mode 100644 index d2a535f97..000000000 --- a/makefu/2configs/share/anon-ftp.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ config, lib, ... }: -let - ftpdir = "/data"; -in { - networking.firewall = { - allowedTCPPorts = [ 20 21 ]; - autoLoadConntrackHelpers = true; - connectionTrackingModules = [ "ftp" ]; - extraCommands = '' - iptables -A PREROUTING -t raw -p tcp --dport 21 -j CT --helper ftp - ''; - }; - systemd.services.vsftpd.preStart = lib.mkForce '' - mkdir -p -m755 ${ftpdir}/incoming - chown root:root ${ftpdir} - chown ftp ${ftpdir}/incoming - ''; - services.vsftpd = { - enable = true; - extraConfig = '' - ftpd_banner=Welcome to the krebs share, use the incoming dir for new and old leaks. Join freenode#krebs - ''; - anonymousUser = true; - anonymousUserNoPassword = true; - anonymousUploadEnable = true; - anonymousMkdirEnable = true; - writeEnable = true; - chrootlocalUser = true; - anonymousUserHome = ftpdir; - }; -} diff --git a/makefu/2configs/share/anon-sftp.nix b/makefu/2configs/share/anon-sftp.nix deleted file mode 100644 index 7cde9317a..000000000 --- a/makefu/2configs/share/anon-sftp.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -{ - services.openssh = { - allowSFTP = true; - sftpFlags = [ "-l VERBOSE" ]; - extraConfig = '' - Match User anonymous - ForceCommand internal-sftp - AllowTcpForwarding no - X11Forwarding no - PasswordAuthentication no - ''; - }; - - users.users.anonymous = { - uid = genid "anonymous"; - useDefaultShell = false; - password = "anonymous"; - home = "/media/anon"; - createHome = true; - }; - -} diff --git a/makefu/2configs/share/default.nix b/makefu/2configs/share/default.nix deleted file mode 100644 index a1ad349b9..000000000 --- a/makefu/2configs/share/default.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ config, lib, ... }: -with import ; -let - base-dir = config.services.rtorrent.downloadDir; -in { - users.users = { - download = { - name = "download"; - home = base-dir; - isNormalUser = true; - uid = mkDefault (genid "download"); - createHome = false; - useDefaultShell = true; - group = "download"; - openssh.authorizedKeys.keys = [ ]; - }; - }; - - users.groups = { - download = { - gid = lib.mkDefault (genid "download"); - members = [ - config.krebs.build.user.name - "download" - ]; - }; - }; - -} diff --git a/makefu/2configs/share/gum-client.nix b/makefu/2configs/share/gum-client.nix deleted file mode 100644 index 09a3dd733..000000000 --- a/makefu/2configs/share/gum-client.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - automount_opts = - [ "x-systemd.automount" "noauto" - "x-systemd.idle-timeout=300" - "x-systemd.mount-timeout=60s" - ]; - host = "gum.w"; #TODO -in { - boot.extraModprobeConfig = '' - options cifs CIFSMaxBufSize=130048 - ''; - fileSystems."/media/cloud" = { - device = "//${host}/cloud-proxy"; - fsType = "cifs"; - options = automount_opts ++ - [ "credentials=/var/src/secrets/download.smb" - "file_mode=0775" - "dir_mode=0775" - "bsize=8388608" - "fsc" - "rsize=130048" - "cache=loose" - "uid=${toString config.users.users.download.uid}" - "gid=${toString config.users.groups.download.gid}" - "vers=3" - ]; - }; - -} diff --git a/makefu/2configs/share/gum.nix b/makefu/2configs/share/gum.nix deleted file mode 100644 index 9647e0a6c..000000000 --- a/makefu/2configs/share/gum.nix +++ /dev/null @@ -1,36 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - hostname = config.krebs.build.host.name; -in { - # users.users.smbguest = { - # name = "smbguest"; - # uid = config.ids.uids.smbguest; - # description = "smb guest user"; - # home = "/var/empty"; - # }; - environment.systemPackages = [ pkgs.samba ]; - services.samba = { - enable = true; - shares = { - cloud-proxy = { - path = "/media/cloud"; - "read only" = "no"; - browseable = "yes"; - "guest ok" = "no"; - "valid users" = "download"; - }; - }; - extraConfig = '' - # guest account = smbguest - # map to guest = bad user - # disable printing - load printers = no - printing = bsd - printcap name = /dev/null - disable spoolss = yes - ''; - }; - networking.firewall.interfaces.retiolum.allowedTCPPorts = [ 445 ]; - networking.firewall.interfaces.wiregrill.allowedTCPPorts = [ 445 ]; -} diff --git a/makefu/2configs/share/hetzner-client.nix b/makefu/2configs/share/hetzner-client.nix deleted file mode 100644 index 9713b776a..000000000 --- a/makefu/2configs/share/hetzner-client.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ config, lib, pkgs, ... }: - -with ; -let - automount_opts = - ["nofail" - ]; - host = "u288834.your-storagebox.de"; -in { - boot.kernel.sysctl."net.ipv6.route.max_size" = 2147483647; - - fileSystems."/media/cloud" = { - device = "//${host}/backup"; - fsType = "cifs"; - options = automount_opts ++ - [ "credentials=${toString }" - "file_mode=0770" - "dir_mode=0770" - "uid=${toString config.users.users.download.uid}" - "gid=${toString config.users.groups.download.gid}" - "vers=3" - #"vers=2.1" - "rsize=65536" - "wsize=130048" - "iocharset=utf8" - "cache=loose" - ]; - }; -} diff --git a/makefu/2configs/share/omo-client.nix b/makefu/2configs/share/omo-client.nix deleted file mode 100644 index 4ad32bdd6..000000000 --- a/makefu/2configs/share/omo-client.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - automount_opts = - [ "x-systemd.automount" - "noauto" "x-systemd.idle-timeout=600" - "x-systemd.device-timeout=5s" - "x-systemd.mount-timeout=5s" - ]; - host = "omo.lan"; #TODO - path = "/media/omo/photos"; -in { - systemd.tmpfiles.rules = [ - "d ${path} root root - -" - ]; - fileSystems."${path}" = { - device = "//${host}/photos"; - fsType = "cifs"; - options = automount_opts ++ - [ "credentials=/var/src/secrets/omo-client.smb" - "file_mode=0775" - "dir_mode=0775" - "uid=9001" - "vers=3" - ]; - }; - -} diff --git a/makefu/2configs/share/omo-timemachine.nix b/makefu/2configs/share/omo-timemachine.nix deleted file mode 100644 index 18cf0328e..000000000 --- a/makefu/2configs/share/omo-timemachine.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ pkgs, ... }: -{ - services.samba = { - # support for timemachine in git - package = pkgs.sambaFull; - shares = { - time_machine = { - path = "/media/crypt3/backup/time_machine"; - "valid users" = "misa"; - public = "no"; - writeable = "yes"; - "force user" = "misa"; - "fruit:aapl" = "yes"; - "fruit:time machine" = "yes"; - "vfs objects" = "catia fruit streams_xattr"; - }; - }; - }; -} diff --git a/makefu/2configs/share/omo.nix b/makefu/2configs/share/omo.nix deleted file mode 100644 index 16959bc90..000000000 --- a/makefu/2configs/share/omo.nix +++ /dev/null @@ -1,111 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -let - hostname = config.krebs.build.host.name; - # TODO local-ip from the nets config - internal-ip = "192.168.111.11"; - # local-ip = config.krebs.build.host.nets.retiolum.ip4.addr; -in { - - # samba share /media/crypt1/share - systemd.services.samba-smbd.serviceConfig.RequiresMountFor = [ "/media/cryptX" ]; - users.users.smbguest = { - name = "smbguest"; - uid = config.ids.uids.smbguest; - description = "smb guest user"; - home = "/var/empty"; - group = "share"; - }; - users.groups.share = {}; - services.samba = { - enable = true; - shares = { - winshare = { - path = "/media/crypt1/share"; - "read only" = "no"; - browseable = "yes"; - "guest ok" = "yes"; - }; - emu = { - path = "/media/crypt1/emu"; - "read only" = "yes"; - browseable = "yes"; - "guest ok" = "yes"; - }; - movies = { - path = "/media/cryptX/movies"; - "read only" = "yes"; - browseable = "yes"; - "guest ok" = "yes"; - }; - audiobook = { - path = "/media/crypt1/audiobooks"; - "read only" = "yes"; - browseable = "yes"; - "guest ok" = "yes"; - }; - crypt0 = { - path = "/media/crypt0"; - "read only" = "yes"; - browseable = "yes"; - "guest ok" = "yes"; - }; - anime = { - path = "/media/cryptX/anime"; - "read only" = "yes"; - browseable = "yes"; - "guest ok" = "yes"; - }; - serien = { - path = "/media/cryptX/series"; - "read only" = "yes"; - browseable = "yes"; - "guest ok" = "yes"; - }; - youtube = { - path = "/media/cryptX/youtube"; - "read only" = "yes"; - browseable = "yes"; - "guest ok" = "yes"; - }; - photos = { - path = "/media/cryptX/photos"; - "read only" = "yes"; - browseable = "yes"; - "guest ok" = "yes"; - }; - crypX-games = { - path = "/media/cryptX/games"; - "read only" = "yes"; - browseable = "yes"; - "guest ok" = "yes"; - }; - media-rw = { - path = "/media/"; - "read only" = "no"; - browseable = "yes"; - "guest ok" = "no"; - "valid users" = "makefu"; - }; - #cloud = { - # path = "/media/cloud/download/finished"; - # "read only" = "no"; - # browseable = "yes"; - # "guest ok" = "yes"; - #}; - }; - extraConfig = '' - guest account = smbguest - map to guest = bad user - # disable printing - load printers = no - printing = bsd - printcap name = /dev/null - disable spoolss = yes - workgroup = WORKGROUP - server string = ${config.networking.hostName} - netbios name = ${config.networking.hostName} - ''; - }; -} diff --git a/makefu/2configs/share/temp-share-samba.nix b/makefu/2configs/share/temp-share-samba.nix deleted file mode 100644 index bcfddc112..000000000 --- a/makefu/2configs/share/temp-share-samba.nix +++ /dev/null @@ -1,45 +0,0 @@ -{config, ... }:{ - services.avahi = { - enable = true; - interfaces = [ config.makefu.server.primary-itf ]; - publish.enable = true; - publish.userServices = true; - }; - networking.firewall.allowedUDPPorts = [ 137 138 ]; - networking.firewall.allowedTCPPorts = [ 139 445 ]; - users.users.smbguest = { - name = "smbguest"; - uid = config.ids.uids.smbguest; # effectively systemUser - description = "smb guest user"; - home = "/home/share"; - createHome = true; - group = "smbguest"; - }; - users.groups.smbguest = {}; - services.samba = { - enable = true; - shares = { - share-home = { - path = "/home/share/"; - "read only" = "no"; - browseable = "yes"; - "guest ok" = "yes"; - }; - movies = { - path = "/home/makefu/movies"; - "read only" = "yes"; - browseable = "yes"; - "guest ok" = "yes"; - }; - }; - extraConfig = '' - guest account = smbguest - map to guest = bad user - # disable printing - load printers = no - printing = bsd - printcap name = /dev/null - disable spoolss = yes - ''; - }; -} diff --git a/makefu/2configs/share/wbob.nix b/makefu/2configs/share/wbob.nix deleted file mode 100644 index 9e5f8ddf5..000000000 --- a/makefu/2configs/share/wbob.nix +++ /dev/null @@ -1,47 +0,0 @@ -{config, ... }:{ - networking.firewall.allowedUDPPorts = [ 137 138 ]; - networking.firewall.allowedTCPPorts = [ 139 445 ]; - users.users.smbguest = { - name = "smbguest"; - uid = config.ids.uids.smbguest; # effectively systemUser - description = "smb guest user"; - home = "/home/share"; - createHome = true; - group = "smbguest"; - }; - users.groups.smbguest = {}; - users.groups.mpd.members = [ "makefu" ]; - services.samba = { - enable = true; - enableNmbd = true; - shares = { - incoming = { - path = "/data/incoming"; - "read only" = "no"; - browseable = "yes"; - "guest ok" = "yes"; - }; - data = { - path = "/data/"; - "read only" = "yes"; - browseable = "yes"; - "guest ok" = "yes"; - }; - music-rw = { - path = "/data/music"; - "read only" = "no"; - browseable = "yes"; - "guest ok" = "no"; - }; - }; - extraConfig = '' - guest account = smbguest - map to guest = bad user - # disable printing - load printers = no - printing = bsd - printcap name = /dev/null - disable spoolss = yes - ''; - }; -} diff --git a/makefu/2configs/shiori.nix b/makefu/2configs/shiori.nix deleted file mode 100644 index 94a5e9dc8..000000000 --- a/makefu/2configs/shiori.nix +++ /dev/null @@ -1,20 +0,0 @@ -{config, lib, pkgs, ...}: -let - web_port = 9011; - statedir = "/var/lib/shiori"; -in { - state = [ "/var/lib/private/shiori" ]; # when using dynamicUser - services.shiori = { - enable = true; - port = web_port; - address = "127.0.0.1"; - }; - services.nginx.virtualHosts."bookmark.euer.krebsco.de" = { - forceSSL = true; - enableACME = true; - - locations."/" = { - proxyPass = "http://127.0.0.1:${toString web_port}/"; - }; - }; -} diff --git a/makefu/2configs/sickbeard/cheetah3.nix b/makefu/2configs/sickbeard/cheetah3.nix deleted file mode 100644 index df928edd6..000000000 --- a/makefu/2configs/sickbeard/cheetah3.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ lib -, buildPythonPackage -, fetchPypi -}: - -buildPythonPackage rec { - pname = "cheetah3"; - version = "3.2.4"; - - - src = fetchPypi { - pname = "Cheetah3"; - inherit version; - sha256 = "caabb9c22961a3413ac85cd1e5525ec9ca80daeba6555f4f60802b6c256e252b"; - }; - - doCheck = false; - - meta = with lib; { - description = "Cheetah is a template engine and code generation tool"; - homepage = https://cheetahtemplate.org/; - license = licenses.mit; - # maintainers = [ maintainers. ]; - }; -} diff --git a/makefu/2configs/sickbeard/debug.patch b/makefu/2configs/sickbeard/debug.patch deleted file mode 100644 index aa22142c8..000000000 --- a/makefu/2configs/sickbeard/debug.patch +++ /dev/null @@ -1,91 +0,0 @@ -diff --git a/SickBeard.py b/SickBeard.py -index 31cfd1e1..10a4ef5e 100755 ---- a/SickBeard.py -+++ b/SickBeard.py -@@ -1,4 +1,4 @@ --#!/usr/bin/env python2 -+#!/usr/bin/env python3 - # - # This file is part of SickGear. - # -diff --git a/sickbeard/providers/generic.py b/sickbeard/providers/generic.py -index 5c1f7bfe..8999b468 100644 ---- a/sickbeard/providers/generic.py -+++ b/sickbeard/providers/generic.py -@@ -1203,6 +1203,7 @@ class GenericProvider(object): - ep_num = None - if 1 == len(ep_obj_results): - ep_num = ep_obj_results[0].episode -+ logger.log(f'{ep_obj_results[0]}',logger.DEBUG) - logger.log(u'Single episode result.', logger.DEBUG) - elif 1 < len(ep_obj_results): - ep_num = MULTI_EP_RESULT -diff --git a/sickbeard/providers/horriblesubs.py b/sickbeard/providers/horriblesubs.py -index 870e8461..dbdeacc8 100644 ---- a/sickbeard/providers/horriblesubs.py -+++ b/sickbeard/providers/horriblesubs.py -@@ -98,6 +98,7 @@ class HorribleSubsProvider(generic.TorrentProvider): - - results = self._sort_seeding(mode, results + items[mode]) - -+ logger.log(f"{results}",logger.DEBUG) - return results - - def _season_strings(self, *args, **kwargs): -@@ -131,6 +132,7 @@ class HorribleSubsProvider(generic.TorrentProvider): - .find_all('a', href=re.compile('(?i)(torrent$|^magnet:)'))))[0] - except (BaseException, Exception): - pass -+ logger.log(f"{result}",logger.DEBUG) - return result - - -diff --git a/sickbeard/search.py b/sickbeard/search.py -index f4957c3a..dd3a352d 100644 ---- a/sickbeard/search.py -+++ b/sickbeard/search.py -@@ -986,22 +986,26 @@ def search_providers( - - best_result = pick_best_result(found_results[provider_id][cur_search_result], show_obj, quality_list, - filter_rls=orig_thread_name) -- -+ logger.log(f"Best result: {best_result}",logger.DEBUG) - # if all results were rejected move on to the next episode - if not best_result: - continue -- -+ - # filter out possible bad torrents from providers - if 'torrent' == best_result.resultType: -+ logger.log(f"Best result is torrent {best_result.url}",logger.DEBUG) - if not best_result.url.startswith('magnet') and None is not best_result.get_data_func: - best_result.url = best_result.get_data_func(best_result.url) - best_result.get_data_func = None # consume only once - if not best_result.url: - continue - if best_result.url.startswith('magnet'): -+ logger.log("url is magnet link",logger.DEBUG) - if 'blackhole' != sickbeard.TORRENT_METHOD: -+ logger.log(f"Setting content to None because TORRENT_METHODD is not blackhole ({sickbeard.TORRENT_METHOD} instead)",logger.DEBUG) - best_result.content = None - else: -+ logger.log("url is torrent link",logger.DEBUG) - cache_file = ek.ek(os.path.join, sickbeard.CACHE_DIR or helpers.get_system_temp_dir(), - '%s.torrent' % (helpers.sanitize_filename(best_result.name))) - if not helpers.download_file(best_result.url, cache_file, session=best_result.provider.session): -@@ -1044,6 +1048,7 @@ def search_providers( - best_result.after_get_data_func(best_result) - best_result.after_get_data_func = None # consume only once - -+ logger.log(f"After torrent detection",logger.DEBUG) - # add result if its not a duplicate - found = False - for i, result in enumerate(final_results): -@@ -1054,6 +1059,7 @@ def search_providers( - else: - found = True - if not found: -+ logger.log(f"Not already found, adding to best_result to final_results",logger.DEBUG) - final_results += [best_result] - - # check that we got all the episodes we wanted first before doing a match and snatch diff --git a/makefu/2configs/sickbeard/default.nix b/makefu/2configs/sickbeard/default.nix deleted file mode 100644 index 49e65f091..000000000 --- a/makefu/2configs/sickbeard/default.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ pkgs, config, ... }: -let - pkg = pkgs.callPackage ./sickgear.nix {}; - external-ip = config.krebs.build.host.nets.internet.ip4.addr; -in { - services.sickbeard = - { - enable = true; - package = pkg; - user = "sickbeard"; - group = "download"; - port = 8280; - }; - services.nginx.virtualHosts."sick.makefu.r" = { - locations."/".proxyPass = http://localhost:8280; - extraConfig = '' - if ( $server_addr = "${external-ip}" ) { - return 403; - } - ''; - }; - users.users.sickbeard.extraGroups = [ "nginx" ]; - } diff --git a/makefu/2configs/sickbeard/sickgear.nix b/makefu/2configs/sickbeard/sickgear.nix deleted file mode 100644 index da984358c..000000000 --- a/makefu/2configs/sickbeard/sickgear.nix +++ /dev/null @@ -1,39 +0,0 @@ -{ stdenv, fetchFromGitHub, python37, makeWrapper }: - -let - pythonEnv = python37.withPackages(ps: with ps; [ - (ps.callPackage ./cheetah3.nix {}) - ]); -in stdenv.mkDerivation rec { - pname = "sickgear"; - #version = "0.21.6"; - version = "0.21.21"; - - src = fetchFromGitHub { - owner = "SickGear"; - repo = "SickGear"; - rev = "release_${version}"; - sha256 = "15nlxg2867l846qqxklmfyqmn5nc01ksd4lpwbrbjdzpk4y3xi78"; - }; - - dontBuild = true; - doCheck = false; - - nativeBuildInputs = [ makeWrapper ]; - buildInputs = [ pythonEnv ]; - patches = [ ./debug.patch ]; - - installPhase = '' - mkdir -p $out/bin - cp -R {autoProcessTV,gui,lib,sickbeard,sickgear.py,SickBeard.py} $out/ - - makeWrapper $out/sickgear.py $out/bin/sickgear - ''; - - meta = with stdenv.lib; { - description = "The most reliable stable TV fork of the great Sick-Beard to fully automate TV enjoyment with innovation"; - license = licenses.gpl3; - homepage = "https://github.com/SickGear/SickGear"; - maintainers = with stdenv.lib.maintainers; [ rembo10 ]; - }; -} diff --git a/makefu/2configs/smart-monitor.nix b/makefu/2configs/smart-monitor.nix deleted file mode 100644 index daf3aad01..000000000 --- a/makefu/2configs/smart-monitor.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ config, lib, ... }: -{ - krebs.exim-retiolum.enable = lib.mkDefault true; - services.smartd = { - enable = true; - autodetect = false; - notifications = { - mail = { - enable = true; - recipient = config.krebs.users.makefu.mail; - }; - }; - # short daily, long weekly, check on boot - defaults.monitored = "-a -o on -s (S/../.././02|L/../../7/04)"; - - devices = lib.mkDefault [ ]; - }; -} diff --git a/makefu/2configs/solr.nix b/makefu/2configs/solr.nix deleted file mode 100644 index 6fc02df1f..000000000 --- a/makefu/2configs/solr.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ config, lib, pkgs, ... }: - -# graphite-web on port 8080 -# carbon cache on port 2003 (tcp/udp) -with import ; -let - solrHome = "/var/db/solr"; -in { - imports = [ ]; - users.users.solr = { - home = solrHome; - uid = genid "solr"; - createHome = true; - group = "solr"; - }; - users.groups.solr.gid = genid "solr"; - - services.solr = { - enable = true; - inherit solrHome; - user = "solr"; - group = "solr"; - }; -} diff --git a/makefu/2configs/sshd-totp.nix b/makefu/2configs/sshd-totp.nix deleted file mode 100644 index f9984e245..000000000 --- a/makefu/2configs/sshd-totp.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ pkgs, ... }: -# Enables second factor for ssh password login - -## Usage: -# gen-oath-safe totp -## scan the qrcode with google authenticator (or FreeOTP) -## copy last line into secrets//users.oath (chmod 700) -{ - security.pam.oath = { - # enabling it will make it a requisite of `all` services - # enable = true; - digits = 6; - # TODO assert existing - usersFile = (toString ) + "/users.oath"; - }; - # I want TFA only active for sshd with password-auth - security.pam.services.sshd.oathAuth = true; -} diff --git a/makefu/2configs/stats/arafetch.nix b/makefu/2configs/stats/arafetch.nix deleted file mode 100644 index 0ea05e779..000000000 --- a/makefu/2configs/stats/arafetch.nix +++ /dev/null @@ -1,66 +0,0 @@ -{ pkgs, lib, ...}: -with import ; -let - pkg = with pkgs.python3Packages;buildPythonPackage rec { - rev = "56d41de8219adc"; - name = "arafetch-${rev}"; - propagatedBuildInputs = [ - requests - docopt - influxdb - beautifulsoup4 - paho-mqtt - ]; - src = pkgs.fetchgit { - url = "http://cgit.euer.krebsco.de/arafetch"; - inherit rev; - sha256 = "0hnwbmj0plynhv3h2idhrzf2zcqx3qnw6lq8zzyn9am74pmvza39"; - }; - }; - home = "/var/lib/arafetch"; -in { - users.users.arafetch = { - uid = genid "arafetch"; - inherit home; - createHome = true; - isSystemUser = true; - group = "arafetch"; - }; - users.groups.arafetch = {}; - - systemd.services.ara2mqtt = { - startAt = "05:00:00"; - after = [ "network-online.target" ]; - path = [ pkg ]; - serviceConfig = { - User = "arafetch"; - # Restart = "always"; - WorkingDirectory = home; - PrivateTmp = true; - ExecStart = pkgs.writeDash "daily-mqtt" '' - ara2mqtt db/thales-deutschland.json --cantine thales-deutschland --host localhost - ''; - }; - }; - systemd.services.arafetch = { - startAt = "Mon,Wed,Fri 09:15:00"; - wantedBy = [ "multi-user.target" ]; - after = [ "network-online.target" ]; - environment.OUTDIR = home; - path = [ pkg pkgs.git pkgs.wget ]; - serviceConfig = { - User = "arafetch"; - # Restart = "always"; - WorkingDirectory = home; - PrivateTmp = true; - ExecStart = pkgs.writeDash "start-weekrun" '' - weekrun || echo "weekrun failed!" - find $OUTDIR/db -name \*.json | while read path;do - file=''${path##*/} - cantine=''${file%%.json} - ara2influx $path --cantine $cantine --host wbob.r - done - ''; - }; - }; -} diff --git a/makefu/2configs/stats/client.nix b/makefu/2configs/stats/client.nix deleted file mode 100644 index b88515a35..000000000 --- a/makefu/2configs/stats/client.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ - makefu.netdata = { - enable = true; - stream.role = "slave"; - # stream.destination = "netdata.makefu.r"; - }; -} diff --git a/makefu/2configs/stats/collectd-client.nix b/makefu/2configs/stats/collectd-client.nix deleted file mode 100644 index cfb5e3fd2..000000000 --- a/makefu/2configs/stats/collectd-client.nix +++ /dev/null @@ -1,61 +0,0 @@ -{pkgs, config, ...}: -{ - services.collectd = { - enable = true; - autoLoadPlugin = true; - extraConfig = '' - Hostname ${config.krebs.build.host.name} - LoadPlugin load - LoadPlugin disk - LoadPlugin memory - LoadPlugin df - Interval 30.0 - - LoadPlugin interface - - Interface "*Link" - Interface "lo" - Interface "vboxnet*" - Interface "virbr*" - IgnoreSelected true - - - LoadPlugin df - - MountPoint "/nix/store" - # MountPoint "/run*" - # MountPoint "/sys*" - # MountPoint "/dev" - # MountPoint "/dev/shm" - # MountPoint "/tmp" - FSType "tmpfs" - FSType "binfmt_misc" - FSType "debugfs" - FSType "tracefs" - FSType "mqueue" - FSType "hugetlbfs" - FSType "systemd-1" - FSType "cgroup" - FSType "securityfs" - FSType "ramfs" - FSType "proc" - FSType "devpts" - FSType "devtmpfs" - MountPoint "/var/lib/docker/devicemapper" - IgnoreSelected true - - - LoadPlugin cpu - - ReportByCpu true - ReportByState true - ValuesPercentage true - - - LoadPlugin network - - Server "${config.makefu.stats-server}" "25826" - - ''; - }; -} diff --git a/makefu/2configs/stats/external/aralast.nix b/makefu/2configs/stats/external/aralast.nix deleted file mode 100644 index 19c7327af..000000000 --- a/makefu/2configs/stats/external/aralast.nix +++ /dev/null @@ -1,37 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - pkg = pkgs.stdenv.mkDerivation { - name = "aralast-master"; - src = pkgs.fetchFromGitHub { - owner = "makefu"; - repo = "aralast"; - rev = "a0d3aeaa109e219fb6fc57170e59020c23413718"; - sha256 = "0bi0nc51z5wk72lnjhg1gfzr5yvvsshyzq924yjbbqpqw08v7i4p"; - }; - installPhase = '' - install -m755 -D aralast.sh $out/bin/aralast - ''; - }; -in { - systemd.services.aralast = { - description = "periodically fetch aramark"; - path = [ - pkgs.curl - pkgs.gnugrep - pkgs.gnused - ]; - wantedBy = [ "multi-user.target" ]; - environment = { - INFLUX_HOST = "localhost"; - INFLUX_PORT = "8086"; - }; - # every 10 seconds when the cantina is open - startAt = "Mon,Tue,Wed,Thu,Fri *-*-* 6,7,8,9,10,11,12,13,14,15:*:0,15,30,45"; - serviceConfig = { - User = "nobody"; - ExecStart = "${pkg}/bin/aralast"; - PrivateTmp = true; - }; - }; -} diff --git a/makefu/2configs/stats/external/weather2stats.nix b/makefu/2configs/stats/external/weather2stats.nix deleted file mode 100644 index 870db99a8..000000000 --- a/makefu/2configs/stats/external/weather2stats.nix +++ /dev/null @@ -1,38 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -let - pkg = pkgs.stdenv.mkDerivation { - name = "aralast-master"; - src = pkgs.fetchFromGitHub { - owner = "makefu"; - repo = "aralast"; - rev = "7121598"; - sha256 = "0vw027c698h9b69ksid5p3pji9960hd7n9xi4arrax0vfkwryb4m"; - }; - installPhase = '' - install -m755 -D aralast.sh $out/bin/aralast - ''; - }; -in { - systemd.services.aralast = { - description = "periodically fetch aramark"; - path = [ - pkgs.curl - pkgs.gnugrep - pkgs.gnused - ]; - wantedBy = [ "multi-user.target" ]; - environment = { - INFLUX_HOST = "localhost"; - INFLUX_PORT = "8086"; - }; - # every 10 seconds when the cantina is open - startAt = "Mon,Tue,Wed,Thu,Fri *-*-* 6,7,8,9,10,11,12,13,14,15:*:0,15,30,45"; - serviceConfig = { - User = "nobody"; - ExecStart = "${pkg}/bin/aralast"; - PrivateTmp = true; - }; - }; -} diff --git a/makefu/2configs/stats/netdata-server.nix b/makefu/2configs/stats/netdata-server.nix deleted file mode 100644 index 5fec3583c..000000000 --- a/makefu/2configs/stats/netdata-server.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ - makefu.netdata = { - enable = true; - stream.role = "master"; - }; - - services.nginx = { - virtualHosts."netdata.euer.krebsco.de" = { - addSSL = true; - enableACME = true; - locations."/".proxyPass = "http://localhost:19999"; - }; - virtualHosts."netdata.makefu.r" = { - locations."/".proxyPass = "http://localhost:19999"; - }; - }; -} diff --git a/makefu/2configs/stats/nodisk-client.nix b/makefu/2configs/stats/nodisk-client.nix deleted file mode 100644 index fc8a268ce..000000000 --- a/makefu/2configs/stats/nodisk-client.nix +++ /dev/null @@ -1,60 +0,0 @@ -{pkgs, config, ...}: -{ - # disk module wakes up parked disks - services.collectd = { - enable = true; - autoLoadPlugin = true; - extraConfig = '' - Hostname ${config.krebs.build.host.name} - LoadPlugin load - LoadPlugin disk - LoadPlugin memory - Interval 30.0 - - LoadPlugin interface - - Interface "*Link" - Interface "lo" - Interface "vboxnet*" - Interface "virbr*" - IgnoreSelected true - - - # LoadPlugin df - # - # MountPoint "/nix/store" - # # MountPoint "/run*" - # # MountPoint "/sys*" - # # MountPoint "/dev" - # # MountPoint "/dev/shm" - # # MountPoint "/tmp" - # FSType "tmpfs" - # FSType "binfmt_misc" - # FSType "debugfs" - # FSType "mqueue" - # FSType "hugetlbfs" - # FSType "systemd-1" - # FSType "cgroup" - # FSType "securityfs" - # FSType "ramfs" - # FSType "proc" - # FSType "devpts" - # FSType "devtmpfs" - # MountPoint "/var/lib/docker/devicemapper" - # IgnoreSelected true - # - - LoadPlugin cpu - - ReportByCpu true - ReportByState true - ValuesPercentage true - - - LoadPlugin network - - Server "${config.makefu.stats-server}" "25826" - - ''; - }; -} diff --git a/makefu/2configs/stats/server.nix b/makefu/2configs/stats/server.nix deleted file mode 100644 index 82ce31a62..000000000 --- a/makefu/2configs/stats/server.nix +++ /dev/null @@ -1,65 +0,0 @@ -{pkgs, config, ...}: - -with import ; -let - irc-server = "irc.r"; - irc-nick = "m-alarm"; - collectd-port = 25826; - influx-port = 8086; - grafana-port = 3000; - db = "collectd_db"; - logging-interface = config.makefu.server.primary-itf; -in { - services.grafana.enable = true; - services.grafana.addr = "0.0.0.0"; - - services.influxdb.enable = true; - systemd.services.influxdb.serviceConfig.LimitNOFILE = 8192; - - # redirect grafana to stats.makefu.r - services.nginx.enable = true; - services.nginx.virtualHosts."stats.makefu.r".locations."/".proxyPass = "http://localhost:3000"; - # forward these via nginx - services.influxdb.extraConfig = { - meta.hostname = config.krebs.build.host.name; - # meta.logging-enabled = true; - logging.level = "info"; - http.log-enabled = true; - http.flux-enabled = true; - http.write-tracing = false; - http.suppress-write-log = true; - data.trace-logging-enabled = false; - data.query-log-enabled = false; - reporting-disabled = true; - - http.bind-address = ":${toString influx-port}"; - admin.bind-address = ":8083"; - monitoring = { - enabled = false; - # write-interval = "24h"; - }; - collectd = [{ - enabled = true; - typesdb = "${pkgs.collectd}/share/collectd/types.db"; - database = db; - bind-address = ":${toString collectd-port}"; - }]; - }; - - networking.firewall.extraCommands = '' - iptables -A INPUT -i retiolum -p udp --dport ${toString collectd-port} -j ACCEPT - iptables -A INPUT -i retiolum -p tcp --dport ${toString influx-port} -j ACCEPT - iptables -A INPUT -i retiolum -p tcp --dport ${toString grafana-port} -j ACCEPT - #iptables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT - #iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT - #iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT - - ip6tables -A INPUT -i retiolum -p udp --dport ${toString collectd-port} -j ACCEPT - ip6tables -A INPUT -i retiolum -p tcp --dport ${toString influx-port} -j ACCEPT - ip6tables -A INPUT -i retiolum -p tcp --dport ${toString grafana-port} -j ACCEPT - #ip6tables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT - #ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT - #ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT - ''; - state = [ "/var/lib/grafana/data/grafana.db" ]; -} diff --git a/makefu/2configs/stats/telegraf/airsensor.nix b/makefu/2configs/stats/telegraf/airsensor.nix deleted file mode 100644 index 9d481000f..000000000 --- a/makefu/2configs/stats/telegraf/airsensor.nix +++ /dev/null @@ -1,49 +0,0 @@ -{ pkgs, ...}: -let - genTopic = name: topic: tags: { - servers = [ "tcp://localhost:1883" ]; - qos = 0; - connection_timeout = "30s"; - topics = [ topic ]; - tags = tags; - persistent_session = false; - name_override = name; - data_format = "value"; - data_type = "float"; - }; - bamStat = stat: # Temperature or Humidity - host: # easy{1-4} - sensor: # dht11, dht22, ds18 - (genTopic stat - "/bam/${host}/${sensor}/${stat}" - {"host" = host; - "scope" = "bam"; - "sensor" = sensor; - } ); - dht22 = host: [(bamStat "Temperature" host "dht22") - (bamStat "Humidity" host "dht22")]; - dht11 = host: [(bamStat "Temperature" host "dht11") - (bamStat "Humidity" host "dht11")]; - ds18 = host: [(bamStat "Temperature" host "ds18")]; -in { - services.udev.extraRules = '' - SUBSYSTEMS=="usb", ATTRS{product}=="iAQ Stick", GROUP="input" - ''; - users.users.telegraf.extraGroups = [ "input" ]; - services.telegraf.extraConfig.inputs.exec = [ - { - commands = [ "${pkgs.airsensor-py}/bin/airsensor-py"]; - timeout = "10s"; - data_format = "value"; - data_type = "integer"; - name_override = "airquality"; - interval = "10s"; - tags.unit="VOC"; - } - ]; - services.telegraf.extraConfig.inputs.mqtt_consumer = - (dht22 "easy1") - ++ (dht22 "easy2") - ++ (dht11 "easy3") - ++ (ds18 "easy3"); -} diff --git a/makefu/2configs/stats/telegraf/bamstats.nix b/makefu/2configs/stats/telegraf/bamstats.nix deleted file mode 100644 index ae5301204..000000000 --- a/makefu/2configs/stats/telegraf/bamstats.nix +++ /dev/null @@ -1,35 +0,0 @@ -{ pkgs, ...}: - -let - genTopic = name: topic: tags: { - servers = [ "tcp://localhost:1883" ]; - qos = 0; - connection_timeout = "30s"; - topics = [ topic ]; - tags = tags; - persistent_session = false; - name_override = name; - data_format = "value"; - data_type = "float"; - }; - bamStat = stat: # Temperature or Humidity - host: # easy{1-4} - sensor: # dht11, dht22, ds18 - (genTopic stat - "/bam/${host}/${sensor}/${stat}" - {"host" = host; - "scope" = "bam"; - "sensor" = sensor; - } ); - dht22 = host: [(bamStat "Temperature" host "dht22") - (bamStat "Humidity" host "dht22")]; - dht11 = host: [(bamStat "Temperature" host "dht11") - (bamStat "Humidity" host "dht11")]; - ds18 = host: [(bamStat "Temperature" host "ds18")]; -in { - services.telegraf.extraConfig.inputs.mqtt_consumer = - (dht22 "easy1") - ++ (dht22 "easy2") - ++ (dht11 "easy3") - ++ (ds18 "easy3"); -} diff --git a/makefu/2configs/stats/telegraf/default.nix b/makefu/2configs/stats/telegraf/default.nix deleted file mode 100644 index 941685695..000000000 --- a/makefu/2configs/stats/telegraf/default.nix +++ /dev/null @@ -1,30 +0,0 @@ -{...}: -let - url = "http://localhost:8086"; - mqtt_server = "localhost:1883"; -in { - services.telegraf = { - enable = true; - extraConfig = { - agent.debug = false; - outputs = { - influxdb = [{ - urls = [ url ]; - database = "telegraf"; - }]; - #file = [{ # debugging - # files = [ "stdout" ]; - # data_format = "influx"; - #}]; - - mqtt = [{ - servers = [ mqtt_server ]; - topic_prefix = "/telegraf"; - data_format = "json"; - qos = 0; - batch = false; - }]; - }; - }; - }; -} diff --git a/makefu/2configs/stats/telegraf/europastats.nix b/makefu/2configs/stats/telegraf/europastats.nix deleted file mode 100644 index 2ab62766a..000000000 --- a/makefu/2configs/stats/telegraf/europastats.nix +++ /dev/null @@ -1,43 +0,0 @@ -{ pkgs, ...}: -let - pkg = with pkgs.python3Packages;buildPythonPackage rec { - rev = "be31da7"; - name = "europastats-${rev}"; - propagatedBuildInputs = [ - requests - docopt - ]; - src = pkgs.fetchgit { - url = "http://cgit.euer.krebsco.de/europastats"; - inherit rev; - sha256 = "0qj18vgj9nm6aisyqhk3iz3rf8xp7mn5jc6sfylcaw588a9sjfvc"; - }; - }; -in { - services.telegraf.extraConfig.inputs.exec = [ - { - commands = [ "${pkg}/bin/europa-attractions"]; - timeout = "1m"; - data_format = "json"; - name_override = "europawaiting"; - interval = "1m"; - tag_keys = [ - "status" - "type" - "name" - ]; - } - { - commands = [ "${pkg}/bin/europa-weather"]; - timeout = "20s"; - data_format = "json"; - name_override = "europaweather"; - interval = "10m"; - tag_keys = [ - "type" - "name" - "offset" - ]; - } - ]; -} diff --git a/makefu/2configs/stats/telegraf/hamstats.nix b/makefu/2configs/stats/telegraf/hamstats.nix deleted file mode 100644 index 99cb0cd04..000000000 --- a/makefu/2configs/stats/telegraf/hamstats.nix +++ /dev/null @@ -1,69 +0,0 @@ -{ pkgs, lib, ...}: - -let - genTopic_zigbee = name: tags: { - servers = [ "tcp://localhost:1883" ]; - username = "stats"; - password = lib.removeSuffix "\n" (builtins.readFile ); - qos = 0; - connection_timeout = "30s"; - topics = [ "/ham/zigbee/${name}" ]; - inherit tags; - persistent_session = false; - name_override = "zigbee ${tags.room} ${name}"; - data_format = "json"; - json_string_fields = [ "linkquality" "temperature" "humidity" "pressure" "battery" "contact" ]; - # json_name_key = - - }; - genTopic_plain = name: topic: tags: { - servers = [ "tcp://localhost:1883" ]; - username = "stats"; - password = lib.removeSuffix "\n" (builtins.readFile ); - qos = 0; - connection_timeout = "30s"; - topics = [ topic ]; - inherit tags; - persistent_session = false; - name_override = tags.sensor; - data_type = "float"; - data_format = "value"; - # json_query = tags.sensor; #TODO? - }; - flycounter = name: - (genTopic_plain name ''/ham/flycounter/${name}'' - { inherit name; - "sensor" = name; - "type" = "gauge"; - "scope" = "ham"; - } ); - esensor = room: name: sensor: - (genTopic_plain sensor ''/ham/${room}/${name}/sensor/${sensor}/state'' - { inherit room sensor name; - "scope" = "ham"; - } ); - zsensor = room: name: - (genTopic_zigbee name - { inherit room name; - "scope" = "ham"; - } ); - zigbee_temphum = room: name: [ - (zsensor room name) - ]; - esphome_temphum = room: name: [ - (esensor room name ''${room}_${name}_temperature'') - (esensor room name ''${room}_${name}_humidity'') - (esensor room name ''${room}_${name}_pressure'') - ]; -in { - services.telegraf.extraConfig.inputs.mqtt_consumer = - (zigbee_temphum "Wohnzimmer" "temp1") - ++ (zigbee_temphum "Badezimmer" "temp2") - ++ (zigbee_temphum "Kinderzimmer" "temp3") - ++ (esphome_temphum "arbeitszimmer" "box") - ++ (esphome_temphum "schlafzimmer" "plug") - ++ (esphome_temphum "wohnzimmer" "plug") - ++ (esphome_temphum "terrasse" "plug") - ++ [ (flycounter "misa_fliegen") (flycounter "felix_fliegen") ] - ; -} diff --git a/makefu/2configs/storj/client.nix b/makefu/2configs/storj/client.nix deleted file mode 100644 index d48319838..000000000 --- a/makefu/2configs/storj/client.nix +++ /dev/null @@ -1,45 +0,0 @@ -{ lib, ... }: -let - port = "14002"; - internal-ip = "192.168.111.11"; -in -{ - networking.firewall.allowedTCPPorts = [ 28967 ]; - virtualisation.oci-containers.containers.storj-storagenode = { - image = "storjlabs/storagenode:latest"; - ports = [ - # TODO: omo ip - "0.0.0.0:28967:28967" - "127.0.0.1:${port}:${port}" - ]; - environment = { - # SETUP = "true"; # must be run only once ... - WALLET = "0xeD0d2a2B33F6812b45d2D9FF7a139A3fF65a24C0"; - EMAIL = "storj.io@syntax-fehler.de"; - ADDRESS = "euer.krebsco.de:28967"; - STORAGE = "3TB"; - }; - volumes = [ - "/media/cryptX/lib/storj/identity:/app/identity" - "/media/cryptX/lib/storj/storage:/app/config" - ]; - }; - systemd.services.docker-storj-storagenode.serviceConfig = { - StandardOutput = lib.mkForce "journal"; - StandardError = lib.mkForce "journal"; - }; - - services.nginx.virtualHosts."storj" = { - serverAliases = [ - "storj.lan" - ]; - - locations."/".proxyPass = "http://localhost:${port}"; - locations."/".proxyWebsockets = true; - extraConfig = '' - if ( $server_addr != "${internal-ip}" ) { - return 403; - } - ''; - }; -} diff --git a/makefu/2configs/storj/forward-port.nix b/makefu/2configs/storj/forward-port.nix deleted file mode 100644 index 213f77470..000000000 --- a/makefu/2configs/storj/forward-port.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ - networking.firewall.allowedTCPPorts = [ 28967 ]; - #networking.nat.forwardPorts = [ - # { # storj - # destination = "10.243.0.89:28967"; - # proto = "tcp"; - # sourcePort = 28967; - # } - #]; - services.nginx.appendConfig = '' - stream { - upstream storj { - server omo.r:28967; - } - - server { - listen 28967; - proxy_pass storj; - } - } - ''; -} diff --git a/makefu/2configs/support-nixos.nix b/makefu/2configs/support-nixos.nix deleted file mode 100644 index d4e5556ff..000000000 --- a/makefu/2configs/support-nixos.nix +++ /dev/null @@ -1 +0,0 @@ -{ makefu.distrobump.enable = true; } diff --git a/makefu/2configs/sync/default.nix b/makefu/2configs/sync/default.nix deleted file mode 100644 index 6928daf87..000000000 --- a/makefu/2configs/sync/default.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ config, pkgs, ... }: with import ; let - mk_peers = mapAttrs (n: v: { id = v.syncthing.id; }); - - all_peers = filterAttrs (n: v: v.syncthing.id != null) config.krebs.hosts; - used_peer_names = unique (flatten (mapAttrsToList (n: v: v.devices) config.services.syncthing.folders)); - used_peers = filterAttrs (n: v: elem n used_peer_names) all_peers; -in { - services.syncthing = { - enable = true; - configDir = "/var/lib/syncthing"; - devices = mk_peers used_peers; - key = toString ; - cert = toString ; - }; - services.syncthing.folders.the_playlist = { - path = "/home/lass/tmp/the_playlist"; - devices = [ "mors" "prism" ]; - }; - - - boot.kernel.sysctl."fs.inotify.max_user_watches" = 524288; -} diff --git a/makefu/2configs/syncthing.nix b/makefu/2configs/syncthing.nix deleted file mode 100644 index bc7413a0a..000000000 --- a/makefu/2configs/syncthing.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ config, ... }: - -with import ; { - services.syncthing = { - enable = true; - openDefaultPorts = true; - group = "download"; - }; - users.extraGroups.download.gid = genid "download"; - state = map (x: config.services.syncthing.dataDir + "/" + x) [ - "key.pem" - "cert.pem" - "config.xml" - "https-cert.pem" - "https-key.pem" - ]; -} diff --git a/makefu/2configs/systemdultras/ircbot.nix b/makefu/2configs/systemdultras/ircbot.nix deleted file mode 100644 index 9ec7a27a4..000000000 --- a/makefu/2configs/systemdultras/ircbot.nix +++ /dev/null @@ -1,37 +0,0 @@ -{ pkgs, ... }: { - systemd.services.brockman.environment."BROCKMAN_LOG_LEVEL" = "DEBUG"; - - services.rss-bridge = { - enable = true; - whitelist = [ "*" ]; - virtualHost = "rss.makefu.r"; - }; - - krebs.brockman = { - enable = true; - config = { - channel = "#systemdultras"; - irc = { - host = "irc.hackint.org"; - port = 6697; - tls = true; - }; - notifyErrors = false; - bots = { - r-systemdultras-rss = { - feed = "https://www.reddit.com/r/systemdultras/.rss"; - delay = 236; - }; - r-systemd-rss = { - feed = "https://www.reddit.com/r/systemd/.rss"; - delay = 272; - }; - r-pid_eins-mastodon = { - feed = "https://mastodon.social/users/pid_eins.rss"; - delay = 621; - }; - }; - }; - - }; -} diff --git a/makefu/2configs/task-client.nix b/makefu/2configs/task-client.nix deleted file mode 100644 index 1fdddb9b1..000000000 --- a/makefu/2configs/task-client.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ pkgs, ... }: -{ - users.users.makefu.packages = [ - pkgs.taskwarrior - ]; - -} diff --git a/makefu/2configs/taskd.nix b/makefu/2configs/taskd.nix deleted file mode 100644 index 122ad66a7..000000000 --- a/makefu/2configs/taskd.nix +++ /dev/null @@ -1,12 +0,0 @@ -{config, ... }: -{ - state = [ config.services.taskserver.dataDir ]; - services.taskserver.enable = true; - services.taskserver.fqdn = config.krebs.build.host.name; - services.taskserver.listenHost = "::"; - services.taskserver.organisations.home.users = [ "makefu" ]; - networking.firewall.extraCommands = '' - iptables -A INPUT -i retiolum -p tcp --dport 53589 -j ACCEPT - ip6tables -A INPUT -i retiolum -p tcp --dport 53589 -j ACCEPT - ''; -} diff --git a/makefu/2configs/temp/8812au.nix b/makefu/2configs/temp/8812au.nix deleted file mode 100644 index 9587171b3..000000000 --- a/makefu/2configs/temp/8812au.nix +++ /dev/null @@ -1,6 +0,0 @@ -{config, pkgs, ...}: -{ - #boot.extraModulePackages = [ pkgs.rtl8812au ]; - boot.extraModulePackages = [config.boot.kernelPackages.rtl8812au ]; - boot.kernelModules = [ "rtl8812au" ]; -} diff --git a/makefu/2configs/temp/rst-issue.nix b/makefu/2configs/temp/rst-issue.nix deleted file mode 100644 index 648831a98..000000000 --- a/makefu/2configs/temp/rst-issue.nix +++ /dev/null @@ -1,21 +0,0 @@ -{pkgs, ...}: -let - itf = "enp0s25"; -in { - systemd.services.rst-issue = { - wantedBy = [ "multi-user.target" ]; - script = '' - d=/var/cache/rst-issue - mkdir -p $d - cd $d - ITF=${itf} - now=$(date --rfc-3339=s | sed 's/ /T/') - ${pkgs.tcpdump}/bin/tcpdump -i $ITF -w run-$now.pcap & - echo "timestamp,$now" >> mtr.log - ${pkgs.mtr}/bin/mtr -4 --tcp bsi.bund.de www.thalesgroup.com nokia.com -C --show-ips -z >> mtr.log - kill %1 - ''; - startAt = "*:0/15"; # every 15 minutes - - }; -} diff --git a/makefu/2configs/temp/sabnzbd.nix b/makefu/2configs/temp/sabnzbd.nix deleted file mode 100644 index d8eab2732..000000000 --- a/makefu/2configs/temp/sabnzbd.nix +++ /dev/null @@ -1,5 +0,0 @@ -{pkgs, ...}: -{ - services.sabnzbd.enable = true; - systemd.services.sabnzbd.environment.SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; -} diff --git a/makefu/2configs/temp/share-samba.nix b/makefu/2configs/temp/share-samba.nix deleted file mode 100644 index 106f8fac6..000000000 --- a/makefu/2configs/temp/share-samba.nix +++ /dev/null @@ -1,38 +0,0 @@ -{config, ... }:{ - users.users.smbguest = { - name = "smbguest"; - uid = config.ids.uids.smbguest; # effectively systemUser - group = "share"; - description = "smb guest user"; - home = "/var/empty"; - }; - users.groups.share.members = [ "makefu" ]; - - networking.firewall.allowedTCPPorts = [ - 139 445 # samba - ]; - - networking.firewall.allowedUDPPorts = [ - 137 138 - ]; - services.samba = { - enable = true; - shares = { - share-home = { - path = "/home/share/"; - "read only" = "no"; - browseable = "yes"; - "guest ok" = "yes"; - }; - }; - extraConfig = '' - guest account = smbguest - map to guest = bad user - # disable printing - load printers = no - printing = bsd - printcap name = /dev/null - disable spoolss = yes - ''; - }; -} diff --git a/makefu/2configs/time-machine.nix b/makefu/2configs/time-machine.nix deleted file mode 100644 index 90d44e540..000000000 --- a/makefu/2configs/time-machine.nix +++ /dev/null @@ -1,31 +0,0 @@ -let - time-machine-path = "/media/crypt2/backup/time-machine/misa"; -in { - networking.firewall.allowedTCPPorts = [ - 548 # netatalk - ]; - - services = { - netatalk = { - enable = true; - - volumes = { - "misa-time-machine" = { - "time machine" = "yes"; - path = time-machine-path; - "valid users" = "misa"; - }; - }; - }; - - avahi = { - enable = true; - nssmdns = true; - - publish = { - enable = true; - userServices = true; - }; - }; - }; -} diff --git a/makefu/2configs/tinc/retiolum.nix b/makefu/2configs/tinc/retiolum.nix deleted file mode 100644 index d1cfc2f88..000000000 --- a/makefu/2configs/tinc/retiolum.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ pkgs, lib, config, ... }: -{ - imports = [ - ../binary-cache/lass.nix - ]; - krebs.tinc.retiolum.enable = true; - krebs.tinc.retiolum.extraConfig = '' - StrictSubnets = yes - ${lib.optionalString (config.krebs.build.host.nets.retiolum.via != null) '' - LocalDiscovery = no - ''} - ''; - environment.systemPackages = [ pkgs.tinc ]; - networking.firewall.allowedTCPPorts = [ config.krebs.build.host.nets.retiolum.tinc.port ]; - networking.firewall.allowedUDPPorts = [ config.krebs.build.host.nets.retiolum.tinc.port ]; - -} diff --git a/makefu/2configs/tinc/siem.nix b/makefu/2configs/tinc/siem.nix deleted file mode 100644 index 8f17f1a0a..000000000 --- a/makefu/2configs/tinc/siem.nix +++ /dev/null @@ -1,12 +0,0 @@ -{lib, config, ... }: -{ - # TODO do not know why we need to force it, port is only set via default to 655 - krebs.build.host.nets.siem.tinc.port = lib.mkForce 1655; - krebs.dns.providers.siem = "hosts"; - networking.firewall.allowedUDPPorts = [ 1665 ]; - networking.firewall.allowedTCPPorts = [ 1655 ]; - krebs.tinc.siem = { - enable = true; - connectTo = [ "shoney" ]; - }; -} diff --git a/makefu/2configs/tools/all.nix b/makefu/2configs/tools/all.nix deleted file mode 100644 index 3086a0bb2..000000000 --- a/makefu/2configs/tools/all.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ - imports = [ - # ./android-pentest.nix - ./consoles.nix - ./core-gui.nix - ./core.nix - ./desktop.nix - ./dev.nix - ./extra-gui.nix - ./games.nix - ./maker.nix - ./media.nix - ./mobility.nix - ./pcmanfm-extra.nix - ./scanner-tools.nix - ./sec-gui.nix - ./sec.nix - ./studio.nix - ]; -} diff --git a/makefu/2configs/tools/android-pentest.nix b/makefu/2configs/tools/android-pentest.nix deleted file mode 100644 index cb4ca24a8..000000000 --- a/makefu/2configs/tools/android-pentest.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ pkgs, ... }: - -{ - nixpkgs.config.android_sdk.accept_license = true; - users.users.makefu.packages = with pkgs; [ - # mitmproxy - nmap - metasploit - #drozer - #dex2jar - apktool - jd-gui - # android-studio - jdk - jre - openssl - ]; -} diff --git a/makefu/2configs/tools/consoles.nix b/makefu/2configs/tools/consoles.nix deleted file mode 100644 index 427ea38a9..000000000 --- a/makefu/2configs/tools/consoles.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ pkgs, ... }: -{ - users.users.makefu.packages = with pkgs; [ - # PS2 - opl-utils - #opl-pc-tools - hdl-dump - bin2iso - cue2pops - - # PS4 - pkgrename - - # switch - nx_game_info - hactool - nsrenamer - ns-usbloader - sfo - exfatprogs exfat - ]; -} diff --git a/makefu/2configs/tools/core-gui.nix b/makefu/2configs/tools/core-gui.nix deleted file mode 100644 index bcd3022e8..000000000 --- a/makefu/2configs/tools/core-gui.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ pkgs, ... }: - -{ - users.users.makefu.packages = with pkgs; [ - at-spi2-core - chromium - feh - clipit - # firefox - keepassx - pcmanfm - evince - # replacement for mirage: - sxiv - dconf - xdotool - xorg.xbacklight - scrot - libnotify - thunderbird - ]; -} diff --git a/makefu/2configs/tools/core.nix b/makefu/2configs/tools/core.nix deleted file mode 100644 index aea2e560e..000000000 --- a/makefu/2configs/tools/core.nix +++ /dev/null @@ -1,58 +0,0 @@ -{ pkgs, ... }: - -# tools i use when actually working with the host. -# package version will now be maintained by nix-rebuild -# -{ - environment.systemPackages = with pkgs; [ - ( pkgs.writeScriptBin "unknow" ''#!/bin/sh -${gnused}/bin/sed -i "''${1}d" ~/.ssh/known_hosts - '') - acpi - bc - rsync - exif - file - lsof - which - binutils - screen - rename # rename 's/^/hello/' *.txt - - # fs - cifs-utils - dosfstools - ntfs3g - smartmontools - lm_sensors - iotop - - # io - pv - usbutils - p7zip - hdparm - - # net - wget - curl - inetutils - ncftp - tcpdump - sysstat - wol - iftop - - # stockholm - git - gnumake - jq - parallel - proot - populate - - rxvt_unicode.terminfo - kpaste - - ]; -} diff --git a/makefu/2configs/tools/desktop.nix b/makefu/2configs/tools/desktop.nix deleted file mode 100644 index 924668803..000000000 --- a/makefu/2configs/tools/desktop.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ pkgs, ... }: - -{ - users.users.makefu.packages = with pkgs; [ - taskwarrior - (pass.withExtensions (ext: [ ext.pass-otp ])) - gopass - mutt - weechat - tmux - ]; - -} diff --git a/makefu/2configs/tools/dev.nix b/makefu/2configs/tools/dev.nix deleted file mode 100644 index 0747934b8..000000000 --- a/makefu/2configs/tools/dev.nix +++ /dev/null @@ -1,55 +0,0 @@ -{ pkgs, ... }: - -{ - users.users.makefu.packages = with pkgs;[ - (python3.withPackages(ps: [ - #ps.python-language-server - # the following plugins are optional, they provide type checking, import sorting and code formatting - # ps.pyls-mypy ps.pyls-isort ps.pyls-black - - ps.virtualenv ps.pyserial ps.virtualenv - ])) - # embedded - picocom - gi - flashrom - mosquitto - pwqgen-ger - # esphome # broken - - # nix related - nix-index - nix-review - brain - whatsupnix - nixpkgs-pytools - nixpkgs-fmt - hydra-check - # git-related - git-preview - tig - (pkgs.callPackage ./init-host {}) - # used more than once - imagemagick - qrencode - exiftool - cac-api - cac-panel - krebszones - cyberlocker-tools - ovh-zone - gen-oath-safe - cdrtools - unrar - ffmpeg - dnsutils - - # network related - sshuttle - pciutils - navi - platformio - ]; - services.udev.packages = [ pkgs.platformio ]; - -} diff --git a/makefu/2configs/tools/extra-gui.nix b/makefu/2configs/tools/extra-gui.nix deleted file mode 100644 index 4bd0c25f4..000000000 --- a/makefu/2configs/tools/extra-gui.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ pkgs, ... }: - -{ - users.users.makefu.packages = with pkgs;[ - # media - gimp - # mirage - last time available in 19.09 - inkscape - libreoffice - # skype - teams - synergy - tdesktop - virtmanager - # Dev - saleae-logic - gitAndTools.gitFull - signal-desktop - element-desktop - # rambox - - vscode - - # 3d Modelling - chitubox - freecad - ]; -} diff --git a/makefu/2configs/tools/games.nix b/makefu/2configs/tools/games.nix deleted file mode 100644 index 57a1dba1e..000000000 --- a/makefu/2configs/tools/games.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ pkgs, ... }: - -{ - imports = [ - # ./steam.nix - ]; - users.users.makefu.packages = with pkgs; [ - games-user-env - wine - pkg2zip - steam - steam-run - ]; -} diff --git a/makefu/2configs/tools/init-host/default.nix b/makefu/2configs/tools/init-host/default.nix deleted file mode 100644 index 84f8e7730..000000000 --- a/makefu/2configs/tools/init-host/default.nix +++ /dev/null @@ -1,46 +0,0 @@ -{ pkgs }: -pkgs.writeDashBin "generate-secrets" '' - set -euf - HOSTNAME="''${1?must provide hostname}" - TMPDIR=$(${pkgs.coreutils}/bin/mktemp -d) - PASSWORD=$(${pkgs.pwgen}/bin/pwgen 25 1) - HASHED_PASSWORD=$(echo $PASSWORD | ${pkgs.hashPassword}/bin/hashPassword -s) > /dev/null - - ${pkgs.openssh}/bin/ssh-keygen -t ed25519 -f $TMPDIR/ssh.id_ed25519 -P "" -C "" >/dev/null - ${pkgs.openssl}/bin/openssl genrsa -out $TMPDIR/retiolum.rsa_key.priv 4096 2>/dev/null > /dev/null - ${pkgs.openssl}/bin/openssl rsa -in $TMPDIR/retiolum.rsa_key.priv -pubout -out $TMPDIR/retiolum.rsa_key.pub 2>/dev/null > /dev/null - cat < $TMPDIR/hashedPasswords.nix - { - root = "$HASHED_PASSWORD"; - } - EOF - - cd $TMPDIR - for x in *; do - ${pkgs.coreutils}/bin/cat $x | secrets insert -m $HOSTNAME/$x > /dev/null - done - echo $PASSWORD | secrets insert -m $HOSTNAME/root > /dev/null - - cat <; - ssh.pubkey = "$(cat $TMPDIR/ssh.id_ed25519.pub)"; - }; - EOF - - rm -rf $TMPDIR -'' - diff --git a/makefu/2configs/tools/maker.nix b/makefu/2configs/tools/maker.nix deleted file mode 100644 index 8388db583..000000000 --- a/makefu/2configs/tools/maker.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ pkgs, ... }: -{ - users.users.makefu.packages = with pkgs; [ - # media - picard - asunder - #darkice - lame - # creation - blender - openscad - # slicing - cura - chitubox - ]; -} diff --git a/makefu/2configs/tools/media.nix b/makefu/2configs/tools/media.nix deleted file mode 100644 index 255d1c51a..000000000 --- a/makefu/2configs/tools/media.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ pkgs, ... }: - -{ - users.users.makefu.packages = with pkgs; [ - kodi - calibre - vlc - mumble - mplayer - mpv - # quodlibet # exfalso - tinymediamanager - - plowshare - streamripper - yt-dlp - - pulseeffects-legacy # for pulse - ]; -} diff --git a/makefu/2configs/tools/mobility.nix b/makefu/2configs/tools/mobility.nix deleted file mode 100644 index fd7ce6ab8..000000000 --- a/makefu/2configs/tools/mobility.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ config, pkgs, ... }: -{ - users.users.makefu.packages = with pkgs;[ - go-mtpfs - mosh - sshfs - rclone - (pkgs.callPackage ./secrets.nix {}) - - opensc pcsctools libu2f-host - ]; - boot.supportedFilesystems = [ "exfat" ]; -} diff --git a/makefu/2configs/tools/pcmanfm-extra.nix b/makefu/2configs/tools/pcmanfm-extra.nix deleted file mode 100644 index 4e8246a42..000000000 --- a/makefu/2configs/tools/pcmanfm-extra.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ pkgs, ... }: -{ - users.users.makefu.packages = with pkgs; [ - pcmanfm - lxqt.lxqt-policykit - shared-mime-info - lxmenu-data - ]; - services.gvfs.enable = true; -} diff --git a/makefu/2configs/tools/scanner-tools.nix b/makefu/2configs/tools/scanner-tools.nix deleted file mode 100644 index ef2e913e4..000000000 --- a/makefu/2configs/tools/scanner-tools.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ - # ln -s /run/current-system/sw/bin/xsane ~/.gimp-2.8/plug-ins/xsane - nixpkgs.config.packageOverrides = pkgs: { - xsaneGimp = pkgs.xsane.override { gimpSupport = true; }; - }; -} - diff --git a/makefu/2configs/tools/sec-gui.nix b/makefu/2configs/tools/sec-gui.nix deleted file mode 100644 index 95f130ae8..000000000 --- a/makefu/2configs/tools/sec-gui.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ pkgs, ... }: - -{ - users.users.makefu = { - extraGroups = [ "wireshark" ]; - packages = with pkgs; [ - tpmmanager - ]; - }; - - programs.wireshark = { - enable = true; - package = pkgs.wireshark; - }; -} diff --git a/makefu/2configs/tools/sec.nix b/makefu/2configs/tools/sec.nix deleted file mode 100644 index 6b7aa4fec..000000000 --- a/makefu/2configs/tools/sec.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ pkgs, ... }: - -{ - users.users.makefu.packages = with pkgs; [ - aria2 - # mitmproxy - python3Packages.binwalk-full - dnsmasq - iodine - mtr - nmap - metasploit - thc-hydra - borgbackup - ledger - u3-tool - ]; -} diff --git a/makefu/2configs/tools/secrets.nix b/makefu/2configs/tools/secrets.nix deleted file mode 100644 index 7d10983c7..000000000 --- a/makefu/2configs/tools/secrets.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ pass, write, writeDash, ... }: - -write "secrets" { - "/bin/secrets".link = writeDash "secrets" '' - PASSWORD_STORE_DIR=$HOME/.secrets-pass/ \ - exec ${pass}/bin/pass $@ - ''; - "/bin/secretsmenu".link = writeDash "secretsmenu" '' - PASSWORD_STORE_DIR=$HOME/.secrets-pass/ \ - exec ${pass}/bin/passmenu $@ - ''; -} diff --git a/makefu/2configs/tools/steam.nix b/makefu/2configs/tools/steam.nix deleted file mode 100644 index 1817e5b7c..000000000 --- a/makefu/2configs/tools/steam.nix +++ /dev/null @@ -1,7 +0,0 @@ -{pkgs, ...}: -{ - users.users.makefu.packages = [ - pkgs.steam - ]; - hardware.opengl.driSupport32Bit = true; -} diff --git a/makefu/2configs/tools/studio.nix b/makefu/2configs/tools/studio.nix deleted file mode 100644 index 2786be408..000000000 --- a/makefu/2configs/tools/studio.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ pkgs, ... }: - -{ - nixpkgs.config.permittedInsecurePackages = [ - "openssl-1.0.2u" # required for studio-link - ]; - users.users.makefu.packages = with pkgs; [ - obs-studio - studio-link - audacity - #darkice - # owncloudclient - (pkgs.writeScriptBin "prepare-pulseaudio" '' - pactl load-module module-null-sink sink_name=stream sink_properties=device.description="Streaming" - pactl load-module module-loopback source=alsa_output.usb-Burr-Brown_from_TI_USB_Audio_CODEC-00.analog-stereo.monitor sink=stream - pactl load-module module-loopback source=alsa_input.usb-Burr-Brown_from_TI_USB_Audio_CODEC-00.analog-stereo sink=stream - darkice -c ./lol.conf - '') - ]; -} diff --git a/makefu/2configs/tor.nix b/makefu/2configs/tor.nix deleted file mode 100644 index e466a1839..000000000 --- a/makefu/2configs/tor.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - services.tor.enable = true; - services.tor.client.enable = true; - # also enables services.tor.client.privoxy -} diff --git a/makefu/2configs/torrent/deluge.nix b/makefu/2configs/torrent/deluge.nix deleted file mode 100644 index af965fbe9..000000000 --- a/makefu/2configs/torrent/deluge.nix +++ /dev/null @@ -1,42 +0,0 @@ -{ config, pkgs, ... }: -let - base = config.makefu.dl-dir; - daemon-port = 58846; - peer-port = 51412; - web-port = 8112; - secfile = toString + "/deluge-auth"; - authfile = config.services.deluge.dataDir + "/myauth"; -in { - services.deluge = { - enable = true; - package = pkgs.deluge-2_x; - openFilesLimit = 65355; - declarative = true; - config = { - download_location = base + "/finished"; - allow_remote = true; - inherit daemon-port; - listen_ports = [ peer-port ]; - copy_torrent_file = true; - torrentfiles_location = base + "/torrents"; - max_active_seeding = 50; - max_connections_global = 1000; - max_half_open_connections = 200; - enabled_plugins = [ "AutoAdd" ]; - }; - openFirewall = true; - group = "download"; - authFile = authfile; - web = { - enable = true; - port = web-port; - }; - }; - - #systemd.services.deluged.serviceConfig.ExecStartPre = pkgs.writeDash "install-auth" '' - # install -odeluge "$secfile" "$authfile" - #''; - services.nginx.enable = true; - services.nginx.virtualHosts."torrent.${config.krebs.build.host.name}.r".locations."/" = { proxyPass = "http://localhost:${toString web-port}/"; }; - state = [ "/var/lib/deluge/.config/deluge" ]; -} diff --git a/makefu/2configs/torrent/rtorrent.nix b/makefu/2configs/torrent/rtorrent.nix deleted file mode 100644 index 87ecc1e19..000000000 --- a/makefu/2configs/torrent/rtorrent.nix +++ /dev/null @@ -1,50 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - basicAuth = import ; - peer-port = 51412; - web-port = 8112; - daemon-port = 58846; - dldir = config.makefu.dl-dir; -in { - services.rtorrent = { - enable = true; - user = "rtorrent"; - port = peer-port; - openFirewall = true; - group = "download"; - downloadDir = dldir; - configText = '' - schedule2 = watch_start, 10, 10, ((load.start, (cat, (cfg.watch), "/media/cloud/watch/*.torrent"))) - ''; - }; - - systemd.services.flood = { - wantedBy = [ "multi-user.target" ]; - wants = [ "rtorrent.service" ]; - after = [ "rtorrent.service" ]; - serviceConfig = { - User = "rtorrent"; - ExecStart = "${pkgs.nodePackages.flood}/bin/flood --auth none --port ${toString web-port} --rtsocket ${config.services.rtorrent.rpcSocket}"; - }; - }; - - #security.acme.certs."torrent.${config.krebs.build.host.name}.r".server = config.krebs.ssl.acmeURL; - - services.nginx = { - enable = true; - virtualHosts."torrent.${config.krebs.build.host.name}.r" = { - # TODO - inherit basicAuth; - #enableACME = true; - #addSSL = true; - root = "${pkgs.nodePackages.flood}/lib/node_modules/flood/dist/assets"; - locations."/api".extraConfig = '' - proxy_pass http://localhost:${toString web-port}; - ''; - locations."/".extraConfig = '' - try_files $uri /index.html; - ''; - }; - }; -} diff --git a/makefu/2configs/udpt.nix b/makefu/2configs/udpt.nix deleted file mode 100644 index 922743bf1..000000000 --- a/makefu/2configs/udpt.nix +++ /dev/null @@ -1,37 +0,0 @@ -{pkgs, ...}: - -let - daemon-port = 6969; - cfgfile = pkgs.writeText "udpt-config" '' - [db] - driver=sqlite3 - param=:memory: - - [tracker] - is_dynamic=yes - port=6969 - threads=5 - allow_remotes=yes - - # allow retiolum: - allow_iana_ips=yes - announce_interval=1800 - cleanup_interval=120 - - [apiserver] - enable=yes - - [logging] - filename=/tmp/udpt.log - level=warning - ''; -in { - makefu.udpt = { - enable = true; - inherit cfgfile; - }; - networking.firewall.extraCommands = '' - iptables -A INPUT -i retiolum -p udp --dport ${toString daemon-port} -j ACCEPT - ''; - -} diff --git a/makefu/2configs/urlwatch/default.nix b/makefu/2configs/urlwatch/default.nix deleted file mode 100644 index e6952fdbc..000000000 --- a/makefu/2configs/urlwatch/default.nix +++ /dev/null @@ -1,67 +0,0 @@ -{ config, lib, ... }: - -let - grss = name: { #github rss feed - url = "https://github.com/${name}/releases.atom"; - filter = "grepi:()+ "/vnc-password"; # create with `vncpasswd` - pwtmp = "/tmp/vnc-password"; - user = config.makefu.gui.user; - vnc_port = 5900; - web_port = 6080; -in { - networking.firewall.allowedTCPPorts = [ 80 vnc_port web_port ]; - systemd.services = { - # TODO: terminal-server without a real gui and virtual display manager - terminal-server = { - description = "VNC Terminal Server"; - after = [ "display-manager.service" "graphical.target" ]; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - User = user; - Restart = "always"; - ExecStartPre = pkgs.writeDash "terminal-pre" '' - sleep 5 - install -m0700 -o ${user} ${pwfile} ${pwtmp} - ''; - ExecStart = "${pkgs.tigervnc}/bin/x0vncserver -display :0 -rfbport ${toString vnc_port} -passwordfile ${pwtmp}"; - PermissionsStartOnly = true; - PrivateTmp = true; - }; - }; - terminal-web = { - description = "noVNC Web Server"; - after = [ "terminal-server.service" "graphical.target" "network.target" ]; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - User = "nobody"; - ExecStart = "${pkgs.novnc}/bin/launch-novnc.sh --listen ${toString web_port} --vnc localhost:${toString vnc_port}"; - PrivateTmp = true; - }; - }; - }; - services.nginx.enable = true; - services.nginx.virtualHosts._.locations = { - "/" = { - root = "${pkgs.novnc}"; - index = "vnc_auto.html"; - }; - "/websockify" = { - proxyPass = "http://127.0.0.1:6080/"; - extraConfig = '' - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - - # VNC connection timeout - proxy_read_timeout 61s; - - # Disable cache - proxy_buffering off; - ''; - }; - }; -} diff --git a/makefu/2configs/vpn/openvpn-server.nix b/makefu/2configs/vpn/openvpn-server.nix deleted file mode 100644 index 79754264f..000000000 --- a/makefu/2configs/vpn/openvpn-server.nix +++ /dev/null @@ -1,111 +0,0 @@ -{ config, pkgs, ... }: -let - out-itf = config.makefu.server.primary-itf; - # generate via openvpn --genkey --secret static.key - client-key = (toString ) + "/openvpn-laptop.key"; - # domain = "vpn.euer.krebsco.de"; - domain = "gum.krebsco.de"; - dev = "tun0"; - port = 1194; - tcp-port = 3306; -in { - boot.kernel.sysctl."net.ipv4.ip_forward" = 1; - networking.nat = { - enable = true; - externalInterface = out-itf; - internalInterfaces = [ dev ]; - }; - networking.firewall.trustedInterfaces = [ dev ]; - networking.firewall.allowedUDPPorts = [ port ]; - environment.systemPackages = [ pkgs.openvpn ]; - services.openvpn.servers.smartphone.config = '' - #user nobody - #group nobody - - dev ${dev} - proto udp - ifconfig 10.8.0.1 10.8.0.2 - secret ${client-key} - port ${toString port} - cipher AES-256-CBC - comp-lzo - - keepalive 10 60 - ping-timer-rem - persist-tun - persist-key - ''; - - environment.etc."openvpn/smartphone-client.ovpn" = { - text = '' - client - dev tun - remote "${domain}" - ifconfig 10.8.0.1 10.8.0.2 - port ${toString port} - - cipher AES-256-CBC - comp-lzo - keepalive 10 60 - resolv-retry infinite - nobind - persist-key - persist-tun - - secret [inline] - - ''; - mode = "700"; - }; - system.activationScripts.openvpn-addkey = '' - f="/etc/openvpn/smartphone-client.ovpn" - if ! grep -q '' $f; then - echo "appending secret key" - echo "" >> $f - cat ${client-key} >> $f - echo "" >> $f - fi - ''; - #smartphone-tcp.config = '' - # user nobody - # group nobody - - # dev ${dev} - # proto tcp - # ifconfig 10.8.0.1 10.8.0.3 - # secret ${client-key} - # port tcp-port - # comp-lzo - - # keepalive 10 60 - # ping-timer-rem - # persist-tun - # persist-key - #''; - # TODO: forward via 443 - # stream { - # - # map $ssl_preread_server_name $name { - # vpn1.app.com vpn1_backend; - # vpn2.app.com vpn2_backend; - # https.app.com https_backend; - # } - # - # upstream vpn1_backend { - # server 10.0.0.3:443; - # } - # - # upstream vpn2_backend { - # server 10.0.0.4:443; - # } - # - # upstream https_backend { - # server 10.0.0.5:443; - # - # server { - # listen 10.0.0.1:443; - # proxy_pass $name; - # ssl_preread on; - # } - # } -} diff --git a/makefu/2configs/vpn/vpngate.nix b/makefu/2configs/vpn/vpngate.nix deleted file mode 100644 index acf9e9cfe..000000000 --- a/makefu/2configs/vpn/vpngate.nix +++ /dev/null @@ -1,388 +0,0 @@ -{ pkgs, ... }: -{ - services.openvpn.servers.vpngate-france = { - config = '' - dev tun - proto udp - remote coreeu1.opengw.net 1194 - cipher AES-128-CBC - auth SHA1 - resolv-retry infinite - nobind - persist-key - persist-tun - client - verb 3 - - - -----BEGIN CERTIFICATE----- - MIIF2DCCA8CgAwIBAgIQTKr5yttjb+Af907YWwOGnTANBgkqhkiG9w0BAQwFADCB - hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G - A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV - BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAwMTE5 - MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgT - EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR - Q09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNh - dGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCR - 6FSS0gpWsawNJN3Fz0RndJkrN6N9I3AAcbxT38T6KhKPS38QVr2fcHK3YX/JSw8X - pz3jsARh7v8Rl8f0hj4K+j5c+ZPmNHrZFGvnnLOFoIJ6dq9xkNfs/Q36nGz637CC - 9BR++b7Epi9Pf5l/tfxnQ3K9DADWietrLNPtj5gcFKt+5eNu/Nio5JIk2kNrYrhV - /erBvGy2i/MOjZrkm2xpmfh4SDBF1a3hDTxFYPwyllEnvGfDyi62a+pGx8cgoLEf - Zd5ICLqkTqnyg0Y3hOvozIFIQ2dOciqbXL1MGyiKXCJ7tKuY2e7gUYPDCUZObT6Z - +pUX2nwzV0E8jVHtC7ZcryxjGt9XyD+86V3Em69FmeKjWiS0uqlWPc9vqv9JWL7w - qP/0uK3pN/u6uPQLOvnoQ0IeidiEyxPx2bvhiWC4jChWrBQdnArncevPDt09qZah - SL0896+1DSJMwBGB7FY79tOi4lu3sgQiUpWAk2nojkxl8ZEDLXB0AuqLZxUpaVIC - u9ffUGpVRr+goyhhf3DQw6KqLCGqR84onAZFdr+CGCe01a60y1Dma/RMhnEw6abf - Fobg2P9A3fvQQoh/ozM6LlweQRGBY84YcWsr7KaKtzFcOmpH4MN5WdYgGq/yapiq - crxXStJLnbsQ/LBMQeXtHT1eKJ2czL+zUdqnR+WEUwIDAQABo0IwQDAdBgNVHQ4E - FgQUu69+Aj36pvE8hI6t7jiY7NkyMtQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB - /wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAArx1UaEt65Ru2yyTUEUAJNMnMvl - wFTPoCWOAvn9sKIN9SCYPBMtrFaisNZ+EZLpLrqeLppysb0ZRGxhNaKatBYSaVqM - 4dc+pBroLwP0rmEdEBsqpIt6xf4FpuHA1sj+nq6PK7o9mfjYcwlYRm6mnPTXJ9OV - 2jeDchzTc+CiR5kDOF3VSXkAKRzH7JsgHAckaVd4sjn8OoSgtZx8jb8uk2Intzna - FxiuvTwJaP+EmzzV1gsD41eeFPfR60/IvYcjt7ZJQ3mFXLrrkguhxuhoqEwWsRqZ - CuhTLJK7oQkYdQxlqHvLI7cawiiFwxv/0Cti76R7CZGYZ4wUAc1oBmpjIXUDgIiK - boHGhfKppC3n9KUkEEeDys30jXlYsQab5xoq2Z0B15R97QNKyvDb6KkBPvVWmcke - jkk9u+UJueBPSZI9FoJAzMxZxuY67RIuaTxslbH9qh17f4a+Hg4yRvv7E491f0yL - S0Zj/gA0QHDBw7mh3aZw4gSzQbzpgJHqZJx64SIDqZxubw5lT2yHh17zbqD5daWb - QOhTsiedSrnAdyGN/4fy3ryM7xfft0kL0fJuMAsaDk527RH89elWsn2/x20Kk4yl - 0MC2Hb46TpSi125sC8KKfPog88Tk5c0NqMuRkrF8hey1FGlmDoLnzc7ILaZRfyHB - NVOFBkpdn627G190 - -----END CERTIFICATE----- - - - - - - -----BEGIN CERTIFICATE----- - MIICxjCCAa4CAQAwDQYJKoZIhvcNAQEFBQAwKTEaMBgGA1UEAxMRVlBOR2F0ZUNs - aWVudENlcnQxCzAJBgNVBAYTAkpQMB4XDTEzMDIxMTAzNDk0OVoXDTM3MDExOTAz - MTQwN1owKTEaMBgGA1UEAxMRVlBOR2F0ZUNsaWVudENlcnQxCzAJBgNVBAYTAkpQ - MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5h2lgQQYUjwoKYJbzVZA - 5VcIGd5otPc/qZRMt0KItCFA0s9RwReNVa9fDRFLRBhcITOlv3FBcW3E8h1Us7RD - 4W8GmJe8zapJnLsD39OSMRCzZJnczW4OCH1PZRZWKqDtjlNca9AF8a65jTmlDxCQ - CjntLIWk5OLLVkFt9/tScc1GDtci55ofhaNAYMPiH7V8+1g66pGHXAoWK6AQVH67 - XCKJnGB5nlQ+HsMYPV/O49Ld91ZN/2tHkcaLLyNtywxVPRSsRh480jju0fcCsv6h - p/0yXnTB//mWutBGpdUlIbwiITbAmrsbYnjigRvnPqX1RNJUbi9Fp6C2c/HIFJGD - ywIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQChO5hgcw/4oWfoEFLu9kBa1B//kxH8 - hQkChVNn8BRC7Y0URQitPl3DKEed9URBDdg2KOAz77bb6ENPiliD+a38UJHIRMqe - UBHhllOHIzvDhHFbaovALBQceeBzdkQxsKQESKmQmR832950UCovoyRB61UyAV7h - +mZhYPGRKXKSJI6s0Egg/Cri+Cwk4bjJfrb5hVse11yh4D9MHhwSfCOH+0z4hPUT - Fku7dGavURO5SVxMn/sL6En5D+oSeXkadHpDs+Airym2YHh15h0+jPSOoR6yiVp/ - 6zZeZkrN43kuS73KpKDFjfFPh8t4r1gOIjttkNcQqBccusnplQ7HJpsk - -----END CERTIFICATE----- - - - - - -----BEGIN RSA PRIVATE KEY----- - MIIEpAIBAAKCAQEA5h2lgQQYUjwoKYJbzVZA5VcIGd5otPc/qZRMt0KItCFA0s9R - wReNVa9fDRFLRBhcITOlv3FBcW3E8h1Us7RD4W8GmJe8zapJnLsD39OSMRCzZJnc - zW4OCH1PZRZWKqDtjlNca9AF8a65jTmlDxCQCjntLIWk5OLLVkFt9/tScc1GDtci - 55ofhaNAYMPiH7V8+1g66pGHXAoWK6AQVH67XCKJnGB5nlQ+HsMYPV/O49Ld91ZN - /2tHkcaLLyNtywxVPRSsRh480jju0fcCsv6hp/0yXnTB//mWutBGpdUlIbwiITbA - mrsbYnjigRvnPqX1RNJUbi9Fp6C2c/HIFJGDywIDAQABAoIBAERV7X5AvxA8uRiK - k8SIpsD0dX1pJOMIwakUVyvc4EfN0DhKRNb4rYoSiEGTLyzLpyBc/A28Dlkm5eOY - fjzXfYkGtYi/Ftxkg3O9vcrMQ4+6i+uGHaIL2rL+s4MrfO8v1xv6+Wky33EEGCou - QiwVGRFQXnRoQ62NBCFbUNLhmXwdj1akZzLU4p5R4zA3QhdxwEIatVLt0+7owLQ3 - lP8sfXhppPOXjTqMD4QkYwzPAa8/zF7acn4kryrUP7Q6PAfd0zEVqNy9ZCZ9ffho - zXedFj486IFoc5gnTp2N6jsnVj4LCGIhlVHlYGozKKFqJcQVGsHCqq1oz2zjW6LS - oRYIHgECgYEA8zZrkCwNYSXJuODJ3m/hOLVxcxgJuwXoiErWd0E42vPanjjVMhnt - KY5l8qGMJ6FhK9LYx2qCrf/E0XtUAZ2wVq3ORTyGnsMWre9tLYs55X+ZN10Tc75z - 4hacbU0hqKN1HiDmsMRY3/2NaZHoy7MKnwJJBaG48l9CCTlVwMHocIECgYEA8jby - dGjxTH+6XHWNizb5SRbZxAnyEeJeRwTMh0gGzwGPpH/sZYGzyu0SySXWCnZh3Rgq - 5uLlNxtrXrljZlyi2nQdQgsq2YrWUs0+zgU+22uQsZpSAftmhVrtvet6MjVjbByY - DADciEVUdJYIXk+qnFUJyeroLIkTj7WYKZ6RjksCgYBoCFIwRDeg42oK89RFmnOr - LymNAq4+2oMhsWlVb4ejWIWeAk9nc+GXUfrXszRhS01mUnU5r5ygUvRcarV/T3U7 - TnMZ+I7Y4DgWRIDd51znhxIBtYV5j/C/t85HjqOkH+8b6RTkbchaX3mau7fpUfds - Fq0nhIq42fhEO8srfYYwgQKBgQCyhi1N/8taRwpk+3/IDEzQwjbfdzUkWWSDk9Xs - H/pkuRHWfTMP3flWqEYgW/LW40peW2HDq5imdV8+AgZxe/XMbaji9Lgwf1RY005n - KxaZQz7yqHupWlLGF68DPHxkZVVSagDnV/sztWX6SFsCqFVnxIXifXGC4cW5Nm9g - va8q4QKBgQCEhLVeUfdwKvkZ94g/GFz731Z2hrdVhgMZaU/u6t0V95+YezPNCQZB - wmE9Mmlbq1emDeROivjCfoGhR3kZXW1pTKlLh6ZMUQUOpptdXva8XxfoqQwa3enA - M7muBbF0XN7VO80iJPv+PmIZdEIAkpwKfi201YB+BafCIuGxIF50Vg== - -----END RSA PRIVATE KEY----- - - - ''; - autoStart = false; - updateResolvConf = false; - }; - services.openvpn.servers.vpngate-japan = { - config = '' - dev tun - proto udp - remote vpn311786078.opengw.net 1573 - cipher AES-128-CBC - auth SHA1 - resolv-retry infinite - nobind - persist-key - persist-tun - client - verb 3 - #auth-user-pass - - - -----BEGIN CERTIFICATE----- - MIIDHDCCAgSgAwIBAgIFAIRyJXcwDQYJKoZIhvcNAQELBQAwRTEYMBYGA1UEAwwP - a3JqejV3YXE1YXliLmpwMRwwGgYDVQQKDBNlcnp6eTBxZnhwaiAxNHQzZGJnMQsw - CQYDVQQGEwJVUzAeFw0xNzAxMDMwMjE3MDNaFw0yNDA1MDEwMjE3MDNaMEUxGDAW - BgNVBAMMD2tyano1d2FxNWF5Yi5qcDEcMBoGA1UECgwTZXJ6enkwcWZ4cGogMTR0 - M2RiZzELMAkGA1UEBhMCVVMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB - AQDBRSiY0DMxjUZWRtpq892vPdk+TQ4Pgxnscfzsw3MMJBGaNhIzLvNSzUdFWJq1 - p6SpCD8pJsxQifDzM5t7KGqWUmY2vgucAaGCZtbrqijm74rJOEfyF3D8stYBkTmb - AOBkRXtxoi62M+d3xgNox1VaDXndgOqQhnj4INChWf4b8lc33I/2NmwVa2d9jh+e - Qx1OsnbYGi9EM/RfTKfGcPxtusN8IEzwo2q0s7PLxgiIbCZs3aAMZIvOdi9CkFkQ - +T9wQlC1BJwbWFXqUPR2r4ugE0iYepjhEd19KuaGqW0PYivHGM9lRU2JjfJujBeF - vaOjMExvi+Mwl78Qmm7wbH1BAgMBAAGjEzARMA8GA1UdEwEB/wQFMAMBAf8wDQYJ - KoZIhvcNAQELBQADggEBABoJhTO8WHB6MEWbsTXUVYG/Ino1TQTkha/0BtJ02Mdi - AV0QLOjZM0Q5F2Tg2puRK92nDp7VLA8VUqlrvLqBh6ljMEEhEwaVkV/ZigqUmGlV - nOE8NABj1mmsJSeh8DQjNclPkkOrKC6sudk9NsU4I51kDPr3M6jCd+/vBoZ6/lVR - oOLVnHOhWVsOdw/I792j4DEpVB8U8g2LhYdAJZNoKvfc6F32TEZphFxU3yDA4Kb5 - BqC8IU3O5eL7vrkVpvHdzaO+Q6wJ148/PbWXpsxm8mI39I6sQ820mGw/PGrmBAgh - WgJ52Kr48Vq0TVmdew0mz+xzU7SnpndmhVyFk9nN3c8= - -----END CERTIFICATE----- - - - - -----BEGIN CERTIFICATE----- - MIICxjCCAa4CAQAwDQYJKoZIhvcNAQEFBQAwKTEaMBgGA1UEAxMRVlBOR2F0ZUNs - aWVudENlcnQxCzAJBgNVBAYTAkpQMB4XDTEzMDIxMTAzNDk0OVoXDTM3MDExOTAz - MTQwN1owKTEaMBgGA1UEAxMRVlBOR2F0ZUNsaWVudENlcnQxCzAJBgNVBAYTAkpQ - MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5h2lgQQYUjwoKYJbzVZA - 5VcIGd5otPc/qZRMt0KItCFA0s9RwReNVa9fDRFLRBhcITOlv3FBcW3E8h1Us7RD - 4W8GmJe8zapJnLsD39OSMRCzZJnczW4OCH1PZRZWKqDtjlNca9AF8a65jTmlDxCQ - CjntLIWk5OLLVkFt9/tScc1GDtci55ofhaNAYMPiH7V8+1g66pGHXAoWK6AQVH67 - XCKJnGB5nlQ+HsMYPV/O49Ld91ZN/2tHkcaLLyNtywxVPRSsRh480jju0fcCsv6h - p/0yXnTB//mWutBGpdUlIbwiITbAmrsbYnjigRvnPqX1RNJUbi9Fp6C2c/HIFJGD - ywIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQChO5hgcw/4oWfoEFLu9kBa1B//kxH8 - hQkChVNn8BRC7Y0URQitPl3DKEed9URBDdg2KOAz77bb6ENPiliD+a38UJHIRMqe - UBHhllOHIzvDhHFbaovALBQceeBzdkQxsKQESKmQmR832950UCovoyRB61UyAV7h - +mZhYPGRKXKSJI6s0Egg/Cri+Cwk4bjJfrb5hVse11yh4D9MHhwSfCOH+0z4hPUT - Fku7dGavURO5SVxMn/sL6En5D+oSeXkadHpDs+Airym2YHh15h0+jPSOoR6yiVp/ - 6zZeZkrN43kuS73KpKDFjfFPh8t4r1gOIjttkNcQqBccusnplQ7HJpsk - -----END CERTIFICATE----- - - - - -----BEGIN RSA PRIVATE KEY----- - MIIEpAIBAAKCAQEA5h2lgQQYUjwoKYJbzVZA5VcIGd5otPc/qZRMt0KItCFA0s9R - wReNVa9fDRFLRBhcITOlv3FBcW3E8h1Us7RD4W8GmJe8zapJnLsD39OSMRCzZJnc - zW4OCH1PZRZWKqDtjlNca9AF8a65jTmlDxCQCjntLIWk5OLLVkFt9/tScc1GDtci - 55ofhaNAYMPiH7V8+1g66pGHXAoWK6AQVH67XCKJnGB5nlQ+HsMYPV/O49Ld91ZN - /2tHkcaLLyNtywxVPRSsRh480jju0fcCsv6hp/0yXnTB//mWutBGpdUlIbwiITbA - mrsbYnjigRvnPqX1RNJUbi9Fp6C2c/HIFJGDywIDAQABAoIBAERV7X5AvxA8uRiK - k8SIpsD0dX1pJOMIwakUVyvc4EfN0DhKRNb4rYoSiEGTLyzLpyBc/A28Dlkm5eOY - fjzXfYkGtYi/Ftxkg3O9vcrMQ4+6i+uGHaIL2rL+s4MrfO8v1xv6+Wky33EEGCou - QiwVGRFQXnRoQ62NBCFbUNLhmXwdj1akZzLU4p5R4zA3QhdxwEIatVLt0+7owLQ3 - lP8sfXhppPOXjTqMD4QkYwzPAa8/zF7acn4kryrUP7Q6PAfd0zEVqNy9ZCZ9ffho - zXedFj486IFoc5gnTp2N6jsnVj4LCGIhlVHlYGozKKFqJcQVGsHCqq1oz2zjW6LS - oRYIHgECgYEA8zZrkCwNYSXJuODJ3m/hOLVxcxgJuwXoiErWd0E42vPanjjVMhnt - KY5l8qGMJ6FhK9LYx2qCrf/E0XtUAZ2wVq3ORTyGnsMWre9tLYs55X+ZN10Tc75z - 4hacbU0hqKN1HiDmsMRY3/2NaZHoy7MKnwJJBaG48l9CCTlVwMHocIECgYEA8jby - dGjxTH+6XHWNizb5SRbZxAnyEeJeRwTMh0gGzwGPpH/sZYGzyu0SySXWCnZh3Rgq - 5uLlNxtrXrljZlyi2nQdQgsq2YrWUs0+zgU+22uQsZpSAftmhVrtvet6MjVjbByY - DADciEVUdJYIXk+qnFUJyeroLIkTj7WYKZ6RjksCgYBoCFIwRDeg42oK89RFmnOr - LymNAq4+2oMhsWlVb4ejWIWeAk9nc+GXUfrXszRhS01mUnU5r5ygUvRcarV/T3U7 - TnMZ+I7Y4DgWRIDd51znhxIBtYV5j/C/t85HjqOkH+8b6RTkbchaX3mau7fpUfds - Fq0nhIq42fhEO8srfYYwgQKBgQCyhi1N/8taRwpk+3/IDEzQwjbfdzUkWWSDk9Xs - H/pkuRHWfTMP3flWqEYgW/LW40peW2HDq5imdV8+AgZxe/XMbaji9Lgwf1RY005n - KxaZQz7yqHupWlLGF68DPHxkZVVSagDnV/sztWX6SFsCqFVnxIXifXGC4cW5Nm9g - va8q4QKBgQCEhLVeUfdwKvkZ94g/GFz731Z2hrdVhgMZaU/u6t0V95+YezPNCQZB - wmE9Mmlbq1emDeROivjCfoGhR3kZXW1pTKlLh6ZMUQUOpptdXva8XxfoqQwa3enA - M7muBbF0XN7VO80iJPv+PmIZdEIAkpwKfi201YB+BafCIuGxIF50Vg== - -----END RSA PRIVATE KEY----- - - - ''; - autoStart = false; - updateResolvConf = false; - }; - services.openvpn.servers.vpngate-usa1 = { - config = '' - dev tun - proto udp - remote vpn854005480.opengw.net 1434 - cipher AES-128-CBC - auth SHA1 - resolv-retry infinite - nobind - persist-key - persist-tun - client - verb 3 - - - -----BEGIN CERTIFICATE----- - MIIDEDCCAfigAwIBAgIFFzQRkTQwDQYJKoZIhvcNAQELBQAwPzEUMBIGA1UEAwwL - MWh6NWFzMWYuanAxGjAYBgNVBAoMEXYyMjZvdmdjIHJ0YTc3NXR6MQswCQYDVQQG - EwJVUzAeFw0xNjEwMjIxODE4MjRaFw0yNDAxMTkxODE4MjRaMD8xFDASBgNVBAMM - CzFoejVhczFmLmpwMRowGAYDVQQKDBF2MjI2b3ZnYyBydGE3NzV0ejELMAkGA1UE - BhMCVVMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDX6yJXCpA95oPU - /vO1wD6UiJnZfDB1fjJOa8gwgK6qbLHo5Cx2gEmUzYOGTlT2Fbser2kHA3xTRxDu - L+1dufGp8zEi116I5SkLDKRQqO/8h1bWQO7MB4k6K0YlYrWJGTLCanZB3zIS3F7P - 2qCALdZ40Y1QUQlMEqzg1exeaMDdgOPXDKe1f2L06RpZKQ3ozzHlFgMKamWlLk+/ - N+Flo0s5Z2cfgUBqoBmuXVGBX4ZFxozSojcpREp+sLstdJ56vsW3KztTYTjj6y9Q - MXNadwsTI6sB/kmex3R0phFlw/ucloXQTecbqWDvJrumQHjiI1HqP95c3Z/y4PoD - lZvUb15HAgMBAAGjEzARMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQAD - ggEBAJKHl41QHHuCBC8c3/0PNed3Y0+qRCnB7JB6SraYT5VRSA1dcpvmCESZE3WC - Sn7OaIBpIm6dBKFkCJgS7lEoMYzmazlfv/RpeRj8fmzcaOcoZdWHk/e1Mkzt5UAz - 2rsBxDgWmVJfmUR2gnEltvSWQKLdM/F+GB7LNckg58n4yBViCF3pp1HTq1Q59laV - QQNG8dSqy9EY8WI7oj/I60G6Gcd2dOt9+RXCCA3RZ/9zSGEi4AmDV7oRNfGEdmcy - YN2K13NlMO+Sdh4S90KVxGOXo2Q0G9HDWJ60f/I+3bxQFb+n85WAM38ZqX/9D72S - YD3YtJG14xlsO1BDPUgm1t6H8gc= - -----END CERTIFICATE----- - - - - -----BEGIN CERTIFICATE----- - MIICxjCCAa4CAQAwDQYJKoZIhvcNAQEFBQAwKTEaMBgGA1UEAxMRVlBOR2F0ZUNs - aWVudENlcnQxCzAJBgNVBAYTAkpQMB4XDTEzMDIxMTAzNDk0OVoXDTM3MDExOTAz - MTQwN1owKTEaMBgGA1UEAxMRVlBOR2F0ZUNsaWVudENlcnQxCzAJBgNVBAYTAkpQ - MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5h2lgQQYUjwoKYJbzVZA - 5VcIGd5otPc/qZRMt0KItCFA0s9RwReNVa9fDRFLRBhcITOlv3FBcW3E8h1Us7RD - 4W8GmJe8zapJnLsD39OSMRCzZJnczW4OCH1PZRZWKqDtjlNca9AF8a65jTmlDxCQ - CjntLIWk5OLLVkFt9/tScc1GDtci55ofhaNAYMPiH7V8+1g66pGHXAoWK6AQVH67 - XCKJnGB5nlQ+HsMYPV/O49Ld91ZN/2tHkcaLLyNtywxVPRSsRh480jju0fcCsv6h - p/0yXnTB//mWutBGpdUlIbwiITbAmrsbYnjigRvnPqX1RNJUbi9Fp6C2c/HIFJGD - ywIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQChO5hgcw/4oWfoEFLu9kBa1B//kxH8 - hQkChVNn8BRC7Y0URQitPl3DKEed9URBDdg2KOAz77bb6ENPiliD+a38UJHIRMqe - UBHhllOHIzvDhHFbaovALBQceeBzdkQxsKQESKmQmR832950UCovoyRB61UyAV7h - +mZhYPGRKXKSJI6s0Egg/Cri+Cwk4bjJfrb5hVse11yh4D9MHhwSfCOH+0z4hPUT - Fku7dGavURO5SVxMn/sL6En5D+oSeXkadHpDs+Airym2YHh15h0+jPSOoR6yiVp/ - 6zZeZkrN43kuS73KpKDFjfFPh8t4r1gOIjttkNcQqBccusnplQ7HJpsk - -----END CERTIFICATE----- - - - - -----BEGIN RSA PRIVATE KEY----- - MIIEpAIBAAKCAQEA5h2lgQQYUjwoKYJbzVZA5VcIGd5otPc/qZRMt0KItCFA0s9R - wReNVa9fDRFLRBhcITOlv3FBcW3E8h1Us7RD4W8GmJe8zapJnLsD39OSMRCzZJnc - zW4OCH1PZRZWKqDtjlNca9AF8a65jTmlDxCQCjntLIWk5OLLVkFt9/tScc1GDtci - 55ofhaNAYMPiH7V8+1g66pGHXAoWK6AQVH67XCKJnGB5nlQ+HsMYPV/O49Ld91ZN - /2tHkcaLLyNtywxVPRSsRh480jju0fcCsv6hp/0yXnTB//mWutBGpdUlIbwiITbA - mrsbYnjigRvnPqX1RNJUbi9Fp6C2c/HIFJGDywIDAQABAoIBAERV7X5AvxA8uRiK - k8SIpsD0dX1pJOMIwakUVyvc4EfN0DhKRNb4rYoSiEGTLyzLpyBc/A28Dlkm5eOY - fjzXfYkGtYi/Ftxkg3O9vcrMQ4+6i+uGHaIL2rL+s4MrfO8v1xv6+Wky33EEGCou - QiwVGRFQXnRoQ62NBCFbUNLhmXwdj1akZzLU4p5R4zA3QhdxwEIatVLt0+7owLQ3 - lP8sfXhppPOXjTqMD4QkYwzPAa8/zF7acn4kryrUP7Q6PAfd0zEVqNy9ZCZ9ffho - zXedFj486IFoc5gnTp2N6jsnVj4LCGIhlVHlYGozKKFqJcQVGsHCqq1oz2zjW6LS - oRYIHgECgYEA8zZrkCwNYSXJuODJ3m/hOLVxcxgJuwXoiErWd0E42vPanjjVMhnt - KY5l8qGMJ6FhK9LYx2qCrf/E0XtUAZ2wVq3ORTyGnsMWre9tLYs55X+ZN10Tc75z - 4hacbU0hqKN1HiDmsMRY3/2NaZHoy7MKnwJJBaG48l9CCTlVwMHocIECgYEA8jby - dGjxTH+6XHWNizb5SRbZxAnyEeJeRwTMh0gGzwGPpH/sZYGzyu0SySXWCnZh3Rgq - 5uLlNxtrXrljZlyi2nQdQgsq2YrWUs0+zgU+22uQsZpSAftmhVrtvet6MjVjbByY - DADciEVUdJYIXk+qnFUJyeroLIkTj7WYKZ6RjksCgYBoCFIwRDeg42oK89RFmnOr - LymNAq4+2oMhsWlVb4ejWIWeAk9nc+GXUfrXszRhS01mUnU5r5ygUvRcarV/T3U7 - TnMZ+I7Y4DgWRIDd51znhxIBtYV5j/C/t85HjqOkH+8b6RTkbchaX3mau7fpUfds - Fq0nhIq42fhEO8srfYYwgQKBgQCyhi1N/8taRwpk+3/IDEzQwjbfdzUkWWSDk9Xs - H/pkuRHWfTMP3flWqEYgW/LW40peW2HDq5imdV8+AgZxe/XMbaji9Lgwf1RY005n - KxaZQz7yqHupWlLGF68DPHxkZVVSagDnV/sztWX6SFsCqFVnxIXifXGC4cW5Nm9g - va8q4QKBgQCEhLVeUfdwKvkZ94g/GFz731Z2hrdVhgMZaU/u6t0V95+YezPNCQZB - wmE9Mmlbq1emDeROivjCfoGhR3kZXW1pTKlLh6ZMUQUOpptdXva8XxfoqQwa3enA - M7muBbF0XN7VO80iJPv+PmIZdEIAkpwKfi201YB+BafCIuGxIF50Vg== - -----END RSA PRIVATE KEY----- - - ''; - autoStart = false; - updateResolvConf = false; - }; - services.openvpn.servers.vpngate-usa2 = { - config = '' - dev tun - - proto udp - - remote vpn444417710.opengw.net 1195 - - cipher AES-128-CBC - auth SHA1 - - resolv-retry infinite - nobind - persist-key - persist-tun - client - verb 3 - #auth-user-pass - - - -----BEGIN CERTIFICATE----- - MIIDIzCCAgugAwIBAgIEMERikDANBgkqhkiG9w0BAQsFADBJMR8wHQYDVQQDDBZz - cmlnbGh6dWwxamtraDdtY2UubmV0MRkwFwYDVQQKDBBkY2c3MTQ4bnQgb3Rmdjd0 - MQswCQYDVQQGEwJVUzAeFw0xNjEyMDUyMzMzNTdaFw0yMTA4MjkyMzMzNTdaMEkx - HzAdBgNVBAMMFnNyaWdsaHp1bDFqa2toN21jZS5uZXQxGTAXBgNVBAoMEGRjZzcx - NDhudCBvdGZ2N3QxCzAJBgNVBAYTAlVTMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A - MIIBCgKCAQEA8ASCMZyeVeTkRELTVJKzWFufi9LFq6N1euhOK9KNLeCn5OJXxeJ6 - FoRD2QtDHwHscEPrJ2uIVqqxvm/uuZ7aWKXVuRzCbYeQih6tUK4M/Q55iKeynPMt - vCBH28IasH33fGbw95S82nXEwWK6tR3+WdIcHFJ7RZz1QkmsWOzI/vn2pNeyZCIG - QjuFJEfiSTNorqhR29vJhWR3pRLWgorAQav7ukgAdQqKIldX0LQr4BoN5HLDe7AC - 9jO3Xs6dQieyxnF183XVigZZ+cfaD9kK1m/+4JKWNphIGi9bsGRumjJwQgrv35CA - 6+FCMXRUM7PQljjlgDhdW4VeYtX0tg46uwIDAQABoxMwETAPBgNVHRMBAf8EBTAD - AQH/MA0GCSqGSIb3DQEBCwUAA4IBAQDUjycraBUWrVvtQ4touYR1T9+msLhFc3RO - clHnyw+2PEyNdTy8ra13dUXkWqIgWnyxj8CSFJmfLCdxuQrNEQ8jF7rJNGqujVI1 - +xjao5fIt33EAwg2CFDs5DETEcwb7/lJIs1uwwiDPIZrmXyoL9My9ZZ8DKkRy4LS - 1+GZx4Y9v/G1AFKfQ4n//v8s+SYQS3JZxspEONj8M9VkKjuYonFR6eegKWo37QaY - hy9+4qTRGbviET1si+fZ0LVweyfG3t0Fg8BJn+1YP9kpLJdjOtzKCFbdIrjY3XSS - 3ehfN8C5mGWk0pQMWJs+xYIfB0OvDRgehICw0PIvps8Sv8gu4Bve - -----END CERTIFICATE----- - - - - - -----BEGIN CERTIFICATE----- - MIICxjCCAa4CAQAwDQYJKoZIhvcNAQEFBQAwKTEaMBgGA1UEAxMRVlBOR2F0ZUNs - aWVudENlcnQxCzAJBgNVBAYTAkpQMB4XDTEzMDIxMTAzNDk0OVoXDTM3MDExOTAz - MTQwN1owKTEaMBgGA1UEAxMRVlBOR2F0ZUNsaWVudENlcnQxCzAJBgNVBAYTAkpQ - MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5h2lgQQYUjwoKYJbzVZA - 5VcIGd5otPc/qZRMt0KItCFA0s9RwReNVa9fDRFLRBhcITOlv3FBcW3E8h1Us7RD - 4W8GmJe8zapJnLsD39OSMRCzZJnczW4OCH1PZRZWKqDtjlNca9AF8a65jTmlDxCQ - CjntLIWk5OLLVkFt9/tScc1GDtci55ofhaNAYMPiH7V8+1g66pGHXAoWK6AQVH67 - XCKJnGB5nlQ+HsMYPV/O49Ld91ZN/2tHkcaLLyNtywxVPRSsRh480jju0fcCsv6h - p/0yXnTB//mWutBGpdUlIbwiITbAmrsbYnjigRvnPqX1RNJUbi9Fp6C2c/HIFJGD - ywIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQChO5hgcw/4oWfoEFLu9kBa1B//kxH8 - hQkChVNn8BRC7Y0URQitPl3DKEed9URBDdg2KOAz77bb6ENPiliD+a38UJHIRMqe - UBHhllOHIzvDhHFbaovALBQceeBzdkQxsKQESKmQmR832950UCovoyRB61UyAV7h - +mZhYPGRKXKSJI6s0Egg/Cri+Cwk4bjJfrb5hVse11yh4D9MHhwSfCOH+0z4hPUT - Fku7dGavURO5SVxMn/sL6En5D+oSeXkadHpDs+Airym2YHh15h0+jPSOoR6yiVp/ - 6zZeZkrN43kuS73KpKDFjfFPh8t4r1gOIjttkNcQqBccusnplQ7HJpsk - -----END CERTIFICATE----- - - - - - -----BEGIN RSA PRIVATE KEY----- - MIIEpAIBAAKCAQEA5h2lgQQYUjwoKYJbzVZA5VcIGd5otPc/qZRMt0KItCFA0s9R - wReNVa9fDRFLRBhcITOlv3FBcW3E8h1Us7RD4W8GmJe8zapJnLsD39OSMRCzZJnc - zW4OCH1PZRZWKqDtjlNca9AF8a65jTmlDxCQCjntLIWk5OLLVkFt9/tScc1GDtci - 55ofhaNAYMPiH7V8+1g66pGHXAoWK6AQVH67XCKJnGB5nlQ+HsMYPV/O49Ld91ZN - /2tHkcaLLyNtywxVPRSsRh480jju0fcCsv6hp/0yXnTB//mWutBGpdUlIbwiITbA - mrsbYnjigRvnPqX1RNJUbi9Fp6C2c/HIFJGDywIDAQABAoIBAERV7X5AvxA8uRiK - k8SIpsD0dX1pJOMIwakUVyvc4EfN0DhKRNb4rYoSiEGTLyzLpyBc/A28Dlkm5eOY - fjzXfYkGtYi/Ftxkg3O9vcrMQ4+6i+uGHaIL2rL+s4MrfO8v1xv6+Wky33EEGCou - QiwVGRFQXnRoQ62NBCFbUNLhmXwdj1akZzLU4p5R4zA3QhdxwEIatVLt0+7owLQ3 - lP8sfXhppPOXjTqMD4QkYwzPAa8/zF7acn4kryrUP7Q6PAfd0zEVqNy9ZCZ9ffho - zXedFj486IFoc5gnTp2N6jsnVj4LCGIhlVHlYGozKKFqJcQVGsHCqq1oz2zjW6LS - oRYIHgECgYEA8zZrkCwNYSXJuODJ3m/hOLVxcxgJuwXoiErWd0E42vPanjjVMhnt - KY5l8qGMJ6FhK9LYx2qCrf/E0XtUAZ2wVq3ORTyGnsMWre9tLYs55X+ZN10Tc75z - 4hacbU0hqKN1HiDmsMRY3/2NaZHoy7MKnwJJBaG48l9CCTlVwMHocIECgYEA8jby - dGjxTH+6XHWNizb5SRbZxAnyEeJeRwTMh0gGzwGPpH/sZYGzyu0SySXWCnZh3Rgq - 5uLlNxtrXrljZlyi2nQdQgsq2YrWUs0+zgU+22uQsZpSAftmhVrtvet6MjVjbByY - DADciEVUdJYIXk+qnFUJyeroLIkTj7WYKZ6RjksCgYBoCFIwRDeg42oK89RFmnOr - LymNAq4+2oMhsWlVb4ejWIWeAk9nc+GXUfrXszRhS01mUnU5r5ygUvRcarV/T3U7 - TnMZ+I7Y4DgWRIDd51znhxIBtYV5j/C/t85HjqOkH+8b6RTkbchaX3mau7fpUfds - Fq0nhIq42fhEO8srfYYwgQKBgQCyhi1N/8taRwpk+3/IDEzQwjbfdzUkWWSDk9Xs - H/pkuRHWfTMP3flWqEYgW/LW40peW2HDq5imdV8+AgZxe/XMbaji9Lgwf1RY005n - KxaZQz7yqHupWlLGF68DPHxkZVVSagDnV/sztWX6SFsCqFVnxIXifXGC4cW5Nm9g - va8q4QKBgQCEhLVeUfdwKvkZ94g/GFz731Z2hrdVhgMZaU/u6t0V95+YezPNCQZB - wmE9Mmlbq1emDeROivjCfoGhR3kZXW1pTKlLh6ZMUQUOpptdXva8XxfoqQwa3enA - M7muBbF0XN7VO80iJPv+PmIZdEIAkpwKfi201YB+BafCIuGxIF50Vg== - -----END RSA PRIVATE KEY----- - - - ''; - autoStart = false; - updateResolvConf = false; - }; -} diff --git a/makefu/2configs/vpn/vpnws/client.nix b/makefu/2configs/vpn/vpnws/client.nix deleted file mode 100644 index d06bc27db..000000000 --- a/makefu/2configs/vpn/vpnws/client.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ pkgs, ... }: -{ - users.users.makefu.packages = with pkgs; [ iproute vpn-ws ]; - # vpn-ws-client vpnws wss://localhost/vpn --no-verify --exec "ip link set vpnws up;ip addr add 10.244.1.2/24 dev vpnws" - networking.interfaces.vpnws = { - virtual = true; - virtualType = "tap"; - }; -} diff --git a/makefu/2configs/vpn/vpnws/server.nix b/makefu/2configs/vpn/vpnws/server.nix deleted file mode 100644 index 6baa5ff11..000000000 --- a/makefu/2configs/vpn/vpnws/server.nix +++ /dev/null @@ -1,42 +0,0 @@ -{pkgs, options, ... }: -let - pkg = pkgs.vpn-ws; - uid = "nginx"; - gid = "nginx"; - ip = "${pkgs.iproute}/bin/ip"; - socket = "/run/vpn.sock"; - htpasswd = (toString ) + "/vpn-ws-auth"; - nginx-prepared-secrets = "/var/spool/nginx/vpn-ws-auth"; -in { - systemd.services.vpn-ws-auth-prepare = { - wantedBy = [ "multi-user.target" ]; - before = [ "nginx.service" ]; - script = "install -m700 -o${uid} -g${gid} ${htpasswd} ${nginx-prepared-secrets}"; - }; - services.nginx.virtualHosts."euer.krebsco.de".locations."/vpn" = { - extraConfig = '' - auth_basic "please stand by..."; - auth_basic_user_file ${nginx-prepared-secrets}; - uwsgi_pass unix:${socket}; - include ${pkgs.nginx}/conf/uwsgi_params; - ''; - }; - - networking.interfaces.vpnws = { - virtual = true; - virtualType = "tap"; - }; - systemd.services.vpnws = { - wantedBy = [ "multi-user.target" ]; - after = [ "network.target" ]; - serviceConfig = { - Restart = "always"; - PrivateTmp = true; - ExecStartPre = pkgs.writeDash "vpnws-pre" '' - ${ip} link set vpnws up - ${ip} addr add 10.244.1.1/24 dev vpnws || : - ''; - ExecStart = "${pkg}/bin/vpn-ws --uid ${uid} --gid ${gid} --tuntap vpnws ${socket}"; - }; - }; -} diff --git a/makefu/2configs/wireguard/server.nix b/makefu/2configs/wireguard/server.nix deleted file mode 100644 index bb3198178..000000000 --- a/makefu/2configs/wireguard/server.nix +++ /dev/null @@ -1,70 +0,0 @@ -{ config,pkgs, ... }: -let - ext-if = config.makefu.server.primary-itf; -in { # wireguard server - - # opkg install wireguard luci-proto-wireguard - - # boot.kernel.sysctl."net.ipv4.ip_forward" = 1; - # conf.all.proxy_arp =1 - networking.firewall = { - allowedUDPPorts = [ 51820 ]; - }; - networking.nat = { - enable = true; - #externalIP = "144.76.26.247"; - #internalIPs = [ "10.244.0.0/24" ]; - externalInterface = ext-if; - internalInterfaces = [ "wg0" ]; - }; - networking.wireguard.interfaces.wg0 = { - ips = [ "10.244.0.1/24" ]; - listenPort = 51820; - privateKeyFile = (toString ) + "/wireguard.key"; - # allowedIPsAsRoutes = true; - postSetup = '' - ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.244.0.0/24 -o ${ext-if} -j MASQUERADE - ''; - - # This undoes the above command - postShutdown = '' - ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.244.0.0/24 -o ${ext-if} -j MASQUERADE - ''; - peers = [ - { - # x - allowedIPs = [ "10.244.0.2/32" ]; - publicKey = "fe5smvKVy5GAn7EV4w4tav6mqIAKhGWQotm7dRuRt1g="; - } - { - # vbob - allowedIPs = [ "10.244.0.3/32" ]; - publicKey = "Lju7EsCu1OWXhkhdNR7c/uiN60nr0TUPHQ+s8ULPQTw="; - } - { - # x-test - allowedIPs = [ "10.244.0.4/32" ]; - publicKey = "vZ/AJpfDLJyU3DzvYeW70l4FNziVgSTumA89wGHG7XY="; - } - { - # work-router - persistentKeepalive = 25; - allowedIPs = [ "10.244.0.5/32" ]; - publicKey = "QJMwwYu/92koCASbHnR/vqe/rN00EV6/o7BGwLockDw="; - } - { - # workr - persistentKeepalive = 25; - allowedIPs = [ "10.244.0.6/32" ]; - publicKey = "OFhCF56BrV9tjqW1sxqXEKH/GdqamUT1SqZYSADl5GA="; - } - { - # mobile - allowedIPs = [ "10.244.0.7/32" ]; - publicKey = "Y6fOW2QDt0SsHT7hSVzzJYQVB3JI/txO4/FDB54Z52A="; - } - ]; - }; - # TODO: this issue is related to the router which connects to the host but is - # unable to re-connect once restarted -} diff --git a/makefu/2configs/wireguard/thierry.nix b/makefu/2configs/wireguard/thierry.nix deleted file mode 100644 index f1dfef192..000000000 --- a/makefu/2configs/wireguard/thierry.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ lib, ... }: -{ - networking.wireguard.interfaces.thierry-wg = { - ips = [ "172.27.66.10/24" ]; # TODO: not dnyamic - privateKeyFile = (toString ) + "/wg-thierry.key"; - allowedIPsAsRoutes = true; - # explicit route via eth0 to gum - peers = [ - { - endpoint = "thierryhome.duckdns.org:51820"; - allowedIPs = [ "172.27.66.0/24" ]; - publicKey = "filYuG/xbb2YW8WT0xT26rzeZ/ZiM6NLnbxbsCR9rS0="; - persistentKeepalive = 25; - } - #{ - # allowedIPs = [ "172.27.66.3/32" ]; - # publicKey = "cDIf14LH4qleXNo889lS2ATIqDx9r//JNCkhHlHgc1Q="; - #} - ]; - }; -} diff --git a/makefu/2configs/wireguard/wiregrill.nix b/makefu/2configs/wireguard/wiregrill.nix deleted file mode 100644 index 922dc8c0f..000000000 --- a/makefu/2configs/wireguard/wiregrill.nix +++ /dev/null @@ -1,105 +0,0 @@ -with import ; -{ config, pkgs, ... }: let - - self = config.krebs.build.host.nets.wiregrill; - isRouter = !isNull self.via; # via "internet" is not set - ext-if = config.makefu.server.primary-itf; - -in mkIf (hasAttr "wiregrill" config.krebs.build.host.nets) { - #hack for modprobe inside containers - systemd.services."wireguard-wiregrill".path = mkIf config.boot.isContainer (mkBefore [ - (pkgs.writeDashBin "modprobe" ":") - ]); - - boot.kernel.sysctl = mkIf isRouter { - "net.ipv6.conf.all.forwarding" = 1; - "net.ipv4.conf.all.forwarding" = 1; - }; - #networking.nat = mkIf isRouter { - # enable = true; - # enableIPv6 = true; - # externalInterface = ext-if; - # internalInterfaces = [ "wiregrill" ]; - #}; - - networking.firewall = { - allowedUDPPorts = [ self.wireguard.port ]; - interfaces.wiregrill = mkIf isRouter { - allowedUDPPorts = [ 53 ]; - allowedTCPPorts = [ 53 ]; - }; - }; - - services.dnsmasq = mkIf isRouter { - enable = true; - resolveLocalQueries = false; - extraConfig = /* dnsmasq */ '' - bind-interfaces - interface=retiolum,wiregrill - ''; - servers = [ "1.1.1.1" ]; - }; - - networking.wireguard.interfaces.wiregrill = let - ipt = "${pkgs.iptables}/bin/iptables"; - ip6 = "${pkgs.iptables}/bin/ip6tables"; - in { - postSetup = '' - ${ipt} -A FORWARD -i wiregrill -o retiolum -j ACCEPT - ${ipt} -A FORWARD -i wiregrill -o wiregrill -j ACCEPT - ${ipt} -A FORWARD -o wiregrill -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT - ${ip6} -A FORWARD -i wiregrill -o retiolum -j ACCEPT - ${ip6} -A FORWARD -i retiolum -o wiregrill -j ACCEPT - ${ip6} -A FORWARD -i wiregrill -o wiregrill -j ACCEPT - ${ip6} -A FORWARD -o wiregrill -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT - - '' + (optionalString isRouter '' - #${ipt} -t nat -A PREROUTING -s 10.244.245.0/24 -j ACCEPT - #${ipt} -t nat -A POSTROUTING -s 10.244.245.0/24 ! -d 10.244.245.0/24 -j MASQUERADE - - #${ip6} -t nat -A PREROUTING -s 42:1::/32 -j ACCEPT - #${ip6} -t nat -A POSTROUTING -s 42:1::/32 ! -d 42:1::/48 -j MASQUERADE - ''); - - # This undoes the above command - postShutdown = '' - ${ipt} -D FORWARD -i wiregrill -o retiolum -j ACCEPT - ${ipt} -D FORWARD -i retiolum -o wiregrill -j ACCEPT - ${ipt} -D FORWARD -i wiregrill -o wiregrill -j ACCEPT - ${ipt} -D FORWARD -i wiregrill -o wiregrill -j ACCEPT - ${ipt} -D FORWARD -o wiregrill -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT - - ${ip6} -D FORWARD -i wiregrill -o retiolum -j ACCEPT - ${ip6} -D FORWARD -i retiolum -o wiregrill -j ACCEPT - ${ip6} -D FORWARD -i wiregrill -o wiregrill -j ACCEPT - ${ip6} -D FORWARD -o wiregrill -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT - - '' + (optionalString isRouter '' - - ${ipt} -t nat -D PREROUTING -s 10.244.245.0/24 -j ACCEPT - ${ipt} -t nat -D POSTROUTING -s 10.244.245.0/24 -j MASQUERADE - - #${ip6} -t nat -D PREROUTING -s 42:1::/32 -j ACCEPT - #${ip6} -t nat -D POSTROUTING -s 42:1::/32 ! -d 42:1::/48 -j MASQUERADE - '' ); - ips = - (optional (!isNull self.ip4) self.ip4.addr) ++ - (optional (!isNull self.ip6) self.ip6.addr); - listenPort = self.wireguard.port; - privateKeyFile = (toString ) + "/wiregrill.key"; - allowedIPsAsRoutes = true; - peers = mapAttrsToList - (_: host: { - allowedIPs = if isRouter then - (optional (!isNull host.nets.wiregrill.ip4) host.nets.wiregrill.ip4.addr) ++ - (optional (!isNull host.nets.wiregrill.ip6) host.nets.wiregrill.ip6.addr) - else - host.nets.wiregrill.wireguard.subnets - ; - endpoint = mkIf (!isNull host.nets.wiregrill.via) (host.nets.wiregrill.via.ip4.addr + ":${toString host.nets.wiregrill.wireguard.port}"); - persistentKeepalive = mkIf (!isNull host.nets.wiregrill.via) 61; - publicKey = (replaceStrings ["\n"] [""] host.nets.wiregrill.wireguard.pubkey); - }) - (filterAttrs (_: h: hasAttr "wiregrill" h.nets) config.krebs.hosts); - }; -} diff --git a/makefu/2configs/workadventure/default.nix b/makefu/2configs/workadventure/default.nix deleted file mode 100644 index 3c68fca8d..000000000 --- a/makefu/2configs/workadventure/default.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ - imports = [ - ./jitsi.nix - ./workadventure.nix - ]; -} diff --git a/makefu/2configs/workadventure/jitsi.nix b/makefu/2configs/workadventure/jitsi.nix deleted file mode 100644 index d5c590746..000000000 --- a/makefu/2configs/workadventure/jitsi.nix +++ /dev/null @@ -1,59 +0,0 @@ -{ - # + + - # | | - # | | - # v v - # 80, 443 TCP 443 TCP, 10000 UDP - # +--------------+ +---------------------+ - # | nginx | 5222, 5347 TCP | | - # | jitsi-meet |<-------------------+| jitsi-videobridge | - # | prosody | | | | - # | jicofo | | +---------------------+ - # +--------------+ | - # | +---------------------+ - # | | | - # +----------+| jitsi-videobridge | - # | | | - # | +---------------------+ - # | - # | +---------------------+ - # | | | - # +----------+| jitsi-videobridge | - # | | - # +---------------------+ - - # This is a one server setup - services.jitsi-meet = { - enable = true; - hostName = "meet.euer.krebsco.de"; - - # JItsi COnference FOcus is a server side focus component used in Jitsi Meet conferences. - # https://github.com/jitsi/jicofo - jicofo.enable = true; - - # Whether to enable nginx virtual host that will serve the javascript application and act as a proxy for the XMPP server. - # Further nginx configuration can be done by adapting services.nginx.virtualHosts.. When this is enabled, ACME - # will be used to retrieve a TLS certificate by default. To disable this, set the - # services.nginx.virtualHosts..enableACME to false and if appropriate do the same for - # services.nginx.virtualHosts..forceSSL. - nginx.enable = true; - - # https://github.com/jitsi/jitsi-meet/blob/master/config.js - config = { - enableWelcomePage = true; - defaultLang = "en"; - }; - - # https://github.com/jitsi/jitsi-meet/blob/master/interface_config.js - interfaceConfig = { - SHOW_JITSI_WATERMARK = false; - SHOW_WATERMARK_FOR_GUESTS = false; - }; - }; - - networking.firewall = { - allowedTCPPorts = [ 80 443 ]; - allowedUDPPorts = [ 10000 ]; - }; - -} diff --git a/makefu/2configs/workadventure/workadventure.nix b/makefu/2configs/workadventure/workadventure.nix deleted file mode 100644 index 02680aa77..000000000 --- a/makefu/2configs/workadventure/workadventure.nix +++ /dev/null @@ -1,161 +0,0 @@ -{ config, pkgs, lib, ... }: -let - # If your Jitsi environment has authentication set up, - # you MUST set JITSI_PRIVATE_MODE to "true" and - # you MUST pass a SECRET_JITSI_KEY to generate the JWT secret - jitsiPrivateMode = "false"; - - secretJitsiKey = ""; - - jitsiISS = ""; - - workadventureSecretKey = ""; - - jitsiURL = "meet.euer.krebsco.de"; - - domain = "work.euer.krebsco.de"; - # domain will redirect to this map. (not play.${domain}) - defaultMap = "npeguin.github.io/office-map/map.json"; - - apiURL = "api.${domain}"; - apiPort = 9002; - - frontURL = "play.${domain}"; - frontPort = 9004; - - pusherURL = "push.${domain}"; - pusherPort = 9005; - - uploaderURL = "ul.${domain}"; - uploaderPort = 9006; - - frontImage = "thecodingmachine/workadventure-front:develop"; - pusherImage = "thecodingmachine/workadventure-pusher:develop"; - apiImage = "thecodingmachine/workadventure-back:develop"; - uploaderImage = "thecodingmachine/workadventure-uploader:develop"; - -in { - - networking.firewall = { - allowedTCPPorts = [ 80 443 ]; - allowedUDPPorts = [ 80 443 ]; - }; - - services.nginx.enable = true; - services.nginx.recommendedProxySettings = true; - - systemd.services.workadventure-network = { - enable = true; - wantedBy = [ "multi-user.target" ]; - script = '' - ${pkgs.docker}/bin/docker network create --driver bridge workadventure ||: - ''; - after = [ "docker" ]; - before = [ - "docker-workadventure-back.service" - "docker-workadventure-pusher.service" - "docker-workadventure-uploader.service" - "docker-workadventure-website.service" - ]; - }; - - virtualisation.oci-containers.backend = "docker"; - security.acme.certs."${domain}".extraDomainNames = [ apiURL frontURL pusherURL uploaderURL ]; - services.nginx.virtualHosts."${domain}" = { - enableACME = true; - forceSSL = true; - locations."/" = { - return = "301 $scheme://play.${domain}/_/global/${defaultMap}"; - }; - }; - - virtualisation.oci-containers.containers.workadventure-front = { - image = frontImage; - environment = { - API_URL = pusherURL; - JITSI_PRIVATE_MODE = jitsiPrivateMode; - JITSI_URL = jitsiURL; - SECRET_JITSI_KEY = secretJitsiKey; - UPLOADER_URL = uploaderURL; - }; - ports = [ "127.0.0.1:${toString frontPort}:80" ]; - extraOptions = [ "--network=workadventure" ]; - }; - services.nginx.virtualHosts."${frontURL}" = { - useACMEHost = domain; - forceSSL = true; - locations."/" = { proxyPass = "http://127.0.0.1:${toString frontPort}"; }; - }; - - virtualisation.oci-containers.containers.workadventure-pusher = { - image = pusherImage; - environment = { - API_URL = "workadventure-back:50051"; - JITSI_ISS = jitsiISS; - JITSI_URL = jitsiURL; - SECRET_KEY = workadventureSecretKey; - }; - ports = [ "127.0.0.1:${toString pusherPort}:8080" ]; - extraOptions = [ "--network=workadventure" ]; - }; - services.nginx.virtualHosts."${pusherURL}" = { - useACMEHost = domain; - forceSSL = true; - locations."/" = { - proxyPass = "http://127.0.0.1:${toString pusherPort}"; - proxyWebsockets = true; - }; - locations."/room" = { - proxyPass = "http://127.0.0.1:${toString pusherPort}"; - proxyWebsockets = true; - }; - }; - - virtualisation.oci-containers.containers.workadventure-back = { - image = apiImage; - environment = { - #DEBUG = "*"; - JITSI_ISS = jitsiISS; - JITSI_URL = jitsiURL; - SECRET_KEY = workadventureSecretKey; - }; - ports = [ "127.0.0.1:${toString apiPort}:8080" "50051" ]; - extraOptions = [ "--network=workadventure" ]; - }; - services.nginx.virtualHosts."${apiURL}" = { - useACMEHost = domain; - forceSSL = true; - locations."/" = { proxyPass = "http://127.0.0.1:${toString apiPort}"; }; - }; - - virtualisation.oci-containers.containers.workadventure-uploader = { - image = uploaderImage; - ports = [ "127.0.0.1:${toString uploaderPort}:8080" ]; - extraOptions = [ "--network=workadventure" ]; - }; - services.nginx.virtualHosts."${uploaderURL}" = { - useACMEHost = domain; - forceSSL = true; - locations."/" = { - proxyPass = "http://127.0.0.1:${toString uploaderPort}"; - proxyWebsockets = true; - }; - }; - - systemd.services.docker-workadventure-front.serviceConfig = { - StandardOutput = lib.mkForce "journal"; - StandardError = lib.mkForce "journal"; - }; - systemd.services.docker-workadventure-uploader.serviceConfig = { - StandardOutput = lib.mkForce "journal"; - StandardError = lib.mkForce "journal"; - }; - systemd.services.docker-workadventure-pusher.serviceConfig = { - StandardOutput = lib.mkForce "journal"; - StandardError = lib.mkForce "journal"; - }; - systemd.services.docker-workadventure-back.serviceConfig = { - StandardOutput = lib.mkForce "journal"; - StandardError = lib.mkForce "journal"; - }; -} diff --git a/makefu/2configs/zsh-user.nix b/makefu/2configs/zsh-user.nix deleted file mode 100644 index e0ea046cf..000000000 --- a/makefu/2configs/zsh-user.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ config, lib, pkgs, ... }: -let - mainUser = config.krebs.build.user.name; -in -{ - programs.zsh= { - enable = true; - enableCompletion = false; #manually at the end - - promptInit = '' - RPROMPT="" - autoload colors && colors - case $UID in - 0) PROMPT="%{$fg[red]%}%~%{$reset_color%} " ;; - 9001) PROMPT="%{$fg[green]%}%~%{$reset_color%} " ;; - *) PROMPT="%{$fg[yellow]%}%n %{$fg[green]%}%~%{$reset_color%} " ;; - esac - if test -n "$SSH_CLIENT"; then - PROMPT="%{$fg[magenta]%}%m $PROMPT" - fi - ''; - }; - - users.users.${mainUser} = { - shell = "/run/current-system/sw/bin/zsh"; - packages = [ pkgs.nix-zsh-completions ]; - }; -} diff --git a/makefu/3modules/awesome-extra.nix b/makefu/3modules/awesome-extra.nix deleted file mode 100644 index 9e9dfdfde..000000000 --- a/makefu/3modules/awesome-extra.nix +++ /dev/null @@ -1,36 +0,0 @@ -{config, lib, pkgs, ... }: - -with lib; -let - cfg = config.makefu.awesome; - out = { - options.makefu.awesome = api; - config = lib.mkIf cfg.enable imp; - }; - api = { - enable = mkEnableOption "awesome custom config"; - modkey = mkOption { - type = types.str; - description = "Modkey to be used"; - default = "Mod4"; - }; - baseConfig = mkOption { - type = types.path; - description = '' - rc.lua file to be used as default - This module will use substituteAll to replace strings before writing to - /etc/xdg/awesome/rc.lua - ''; - default = pkgs.awesomecfg.full.override { - locker = "${pkgs.i3lock}/bin/i3lock -i /var/lib/wallpaper/wallpaper"; - }; - }; - }; - imp = { - home-manager.users.makefu.home.file.".config/awesome/rc.lua".source = - cfg.baseConfig.override { - inherit (cfg) modkey; - }; - - }; -in out diff --git a/makefu/3modules/bump-distrowatch.nix b/makefu/3modules/bump-distrowatch.nix deleted file mode 100644 index f8ba18ce4..000000000 --- a/makefu/3modules/bump-distrowatch.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - cfg = config.makefu.distrobump; - - imp = { - systemd.services.distrobump = { - after = [ "network-online.target" ]; - wantedBy = [ "multi-user.target" ]; - path = [ pkgs.curl ]; - restartIfChanged = false; - startAt = "daily"; - serviceConfig = { - PrivateTmp = true; - Type = "oneshot"; - ExecStart = pkgs.writeDash "bump-distrowatch" '' - set -euf - UA='Mozilla/5.0 (X11; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0' - curl -Lvc /tmp/cookie.jar -A "$UA" 'https://distrowatch.com/' >/dev/null - sleep $(shuf -i 3-15 -n1).$(shuf -i 0-9 -n1) - curl -Lvc /tmp/cookie.jar -A "$UA" -e 'https://distrowatch.com/' 'https://distrowatch.com/nixos?frphr' >/dev/null - ''; - RandomizedDelaySec = 28800; - }; - }; - }; -in -{ - options.makefu.distrobump.enable = lib.mkEnableOption "distrobump"; - config = lib.mkIf cfg.enable imp; -} diff --git a/makefu/3modules/default.nix b/makefu/3modules/default.nix deleted file mode 100644 index e7d3ecd58..000000000 --- a/makefu/3modules/default.nix +++ /dev/null @@ -1,23 +0,0 @@ -_: - -{ - imports = [ - ./awesome-extra.nix - ./bump-distrowatch.nix - ./deluge.nix - ./etherpad.nix - ./forward-journal.nix - ./netdata.nix - ./opentracker.nix - ./ps3netsrv.nix - ./logging-config.nix - ./populate.nix - ./sane-extra.nix - ./server-config.nix - ./snapraid.nix - ./state.nix - ./torrent.nix - ./udpt.nix - ]; -} - diff --git a/makefu/3modules/deluge.nix b/makefu/3modules/deluge.nix deleted file mode 100644 index bbdd18454..000000000 --- a/makefu/3modules/deluge.nix +++ /dev/null @@ -1,185 +0,0 @@ -{ config, lib, pkgs, ... }: -# based on /nixos/modules/services/torrent/deluge.nix -with import ; - -let - cfg_daemon = config.makefu.deluge; - homedir = cfg_daemon.homedir; - delugedir = "${homedir}/.config/deluge"; - cfg_web = config.makefu.deluge.web; - core_conf = pkgs.writeText "deluge-core-cfg" '' - { - "file": 1, - "format": 1 - }${builtins.toJSON (default_core_cfg // cfg_daemon.cfg)} - ''; - - default_core_cfg = { - # ports and networking - daemon_port = 58846; allow_remote = false; - listen_ports = [ 0 0 ]; # from -> to, 0 -> random - outgoing_ports = [ 0 0 ]; - random_port = true; - random_outgoing_ports = true; - listen_interface = ""; - # folders - move_completed_path = homedir +"/complete"; move_completed = false; - autoadd_location = homedir + "/watch"; autoadd_enable = true; - download_location = homedir + "/data"; - torrentfiles_location = homedir + "/torrents"; copy_torrent_file = false; del_copy_torrent_file = false; - plugins_location = homedir + "/.config/deluge/plugins"; enabled_plugins = []; - geoip_db_location = pkgs.geolite-legacy + "/share/GeoIP/GeoIP.dat"; - queue_new_to_top = false; - info_sent = 0; - send_info = false; - compact_allocation = false; - # peer discovery, extras - lsd = true; - natpmp = true; - utpex = false; - dht = false; - upnp = true; - peer_tos = "0x08"; - # active torrents - dont_count_slow_torrents = false; - max_active_limit = -1; - max_active_downloading = -1; - max_active_seeding = -1; - max_upload_slots_global = -1; - # seeding - share_ratio_limit = -1; - seed_time_ratio_limit = -1; - seed_time_limit = 180; - stop_seed_at_ratio = false; - remove_seed_at_ratio = false; - stop_seed_ratio = 2; - # speed and connections - rate_limit_ip_overhead = true; - ignore_limits_on_local_network = true; - max_download_speed = -1; - max_upload_speed = -1; - max_upload_speed_per_torrent = -1; - max_download_speed_per_torrent = -1; - max_half_open_connections = -1; - max_connections_global = -1; - max_connections_per_second = -1; - max_connections_per_torrent = -1; - max_upload_slots_per_torrent = -1; - enc_in_policy = 1; - enc_prefer_rc4 = true; - enc_level = 2; - enc_out_policy = 1; - cache_size = 8192; - cache_expiry = 60; - prioritize_first_last_pieces = false; - auto_managed = true; - proxies = { - peer = { - username = ""; - password = ""; - hostname = ""; - type = 0; - port = 8080; - }; - web_seed = { - username = ""; - password = ""; - hostname = ""; - type = 0; - port = 8080; - }; - tracker = { - username = ""; - password = ""; - hostname = ""; - type = 0; - port = 8080; - }; - dht = { - username = ""; - password = ""; - hostname = ""; - type = 0; - port = 8080; - }; - }; - add_paused = false; - new_release_check = false; - }; - - api = { - enable = mkEnableOption "deluge daemon"; - - cfg = mkOption { - default = default_core_cfg; - type = types.attrsOf types.unspecified; - description = '' - for full configuration see defaults - ''; - example = { - "daemon_port"= 58846; - "download_location"= "/var/download"; - }; - }; - - auth = mkOption { - default = []; - example = ["alice:MyC0mpL3xPass:10"]; - type = types.lines; - }; - - homedir = mkOption { - default = "/var/lib/deluge"; - description = "Home directory of deluge user"; - type = types.str; - }; - - web = { - enable = mkEnableOption "deluge web"; - }; - }; - imp = { - - systemd.services.deluged = { - after = [ "network.target" ]; - description = "Deluge BitTorrent Daemon"; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - ExecStart = "${pkgs.pythonPackages.deluge}/bin/deluged -d"; - ExecStartPre = let - in pkgs.writeDash "deluged-init" '' - mkdir -p ${delugedir} - echo ${shell.escape cfg_daemon.auth} > ${delugedir}/auth - cp -f ${core_conf} ${delugedir}/core.conf - ''; - Restart = "on-success"; - User = "deluge"; - Group = "deluge"; - }; - }; - - systemd.services.delugeweb = mkIf cfg_web.enable { - after = [ "network.target" ]; - description = "Deluge BitTorrent WebUI"; - wantedBy = [ "multi-user.target" ]; - serviceConfig.ExecStart = "${pkgs.pythonPackages.deluge}/bin/deluge --ui web"; - serviceConfig.User = "deluge"; - serviceConfig.Group = "deluge"; - }; - - environment.systemPackages = [ pkgs.pythonPackages.deluge ]; - - users.extraUsers.deluge = { - group = "deluge"; - uid = config.ids.uids.deluge; - home = cfg_daemon.homedir; - createHome = true; - description = "Deluge Daemon user"; - }; - - users.extraGroups.deluge.gid = config.ids.gids.deluge; - }; -in { - options.makefu.deluge = api; - config = lib.mkIf cfg_daemon.enable imp; -} diff --git a/makefu/3modules/etherpad.nix b/makefu/3modules/etherpad.nix deleted file mode 100644 index 1e8f426a3..000000000 --- a/makefu/3modules/etherpad.nix +++ /dev/null @@ -1,155 +0,0 @@ -{ lib, pkgs, config, ... }: -let - name = "etherpad-lite"; - cfg = config.services.etherpad-lite; -in -{ - options.services.etherpad-lite = { - enable = lib.mkEnableOption "Enable Etherpad lite’s service"; - user = lib.mkOption { - type = lib.types.str; - default = name; - description = "User account under which Etherpad lite runs"; - }; - group = lib.mkOption { - type = lib.types.str; - default = name; - description = "Group under which Etherpad lite runs"; - }; - dataDir = lib.mkOption { - type = lib.types.path; - default = "/var/lib/${name}"; - description = '' - The directory where Etherpad lite stores its data. - ''; - }; - socketsDir = lib.mkOption { - type = lib.types.path; - default = "/run/${name}"; - description = '' - The directory where Etherpad lite stores its sockets. - ''; - }; - configFile = lib.mkOption { - type = lib.types.path; - description = '' - The config file path for Etherpad lite. - ''; - }; - sessionKeyFile = lib.mkOption { - type = lib.types.path; - description = '' - The Session key file path for Etherpad lite. - ''; - }; - apiKeyFile = lib.mkOption { - type = lib.types.path; - description = '' - The API key file path for Etherpad lite. - ''; - }; - package = lib.mkOption { - type = lib.types.package; - default = pkgs.webapps.etherpad-lite; - description = '' - Etherpad lite package to use. - ''; - }; - modules = lib.mkOption { - type = lib.types.listOf lib.types.package; - default = []; - description = '' - Etherpad lite modules to use. - ''; - }; - # Output variables - workdir = lib.mkOption { - type = lib.types.package; - default = cfg.package.withModules cfg.modules; - description = '' - Adjusted Etherpad lite package with plugins - ''; - readOnly = true; - }; - systemdStateDirectory = lib.mkOption { - type = lib.types.str; - # Use ReadWritePaths= instead if varDir is outside of /var/lib - default = assert lib.strings.hasPrefix "/var/lib/" cfg.dataDir; - lib.strings.removePrefix "/var/lib/" cfg.dataDir; - description = '' - Adjusted Etherpad lite data directory for systemd - ''; - readOnly = true; - }; - systemdRuntimeDirectory = lib.mkOption { - type = lib.types.str; - # Use ReadWritePaths= instead if socketsDir is outside of /run - default = assert lib.strings.hasPrefix "/run/" cfg.socketsDir; - lib.strings.removePrefix "/run/" cfg.socketsDir; - description = '' - Adjusted Etherpad lite sockets directory for systemd - ''; - readOnly = true; - }; - sockets = lib.mkOption { - type = lib.types.attrsOf lib.types.path; - default = { - node = "${cfg.socketsDir}/etherpad-lite.sock"; - }; - readOnly = true; - description = '' - Etherpad lite sockets - ''; - }; - }; - - config = lib.mkIf cfg.enable { - systemd.services.etherpad-lite = { - description = "Etherpad-lite"; - wantedBy = [ "multi-user.target" ]; - after = [ "network.target" "postgresql.service" ]; - wants = [ "postgresql.service" ]; - - environment.NODE_ENV = "production"; - environment.HOME = cfg.workdir; - - path = [ pkgs.nodejs ]; - - script = '' - exec ${pkgs.nodejs}/bin/node ${cfg.workdir}/src/node/server.js \ - --sessionkey ${cfg.sessionKeyFile} \ - --apikey ${cfg.apiKeyFile} \ - --settings ${cfg.configFile} - ''; - - postStart = '' - while [ ! -S ${cfg.sockets.node} ]; do - sleep 0.5 - done - chmod a+w ${cfg.sockets.node} - ''; - serviceConfig = { - DynamicUser = true; - User = cfg.user; - Group = cfg.group; - WorkingDirectory = cfg.workdir; - PrivateTmp = true; - NoNewPrivileges = true; - PrivateDevices = true; - ProtectHome = true; - ProtectControlGroups = true; - ProtectKernelModules = true; - Restart = "always"; - Type = "simple"; - TimeoutSec = 60; - RuntimeDirectory = cfg.systemdRuntimeDirectory; - StateDirectory= cfg.systemdStateDirectory; - ExecStartPre = [ - "+${pkgs.coreutils}/bin/install -d -m 0755 -o ${cfg.user} -g ${cfg.group} ${cfg.dataDir}/ep_initialized" - "+${pkgs.coreutils}/bin/chown -R ${cfg.user}:${cfg.group} ${cfg.dataDir} ${cfg.configFile} ${cfg.sessionKeyFile} ${cfg.apiKeyFile}" - ]; - }; - }; - - }; -} diff --git a/makefu/3modules/forward-journal.nix b/makefu/3modules/forward-journal.nix deleted file mode 100644 index f501048be..000000000 --- a/makefu/3modules/forward-journal.nix +++ /dev/null @@ -1,50 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -let - cfg = config.makefu.forward-journal; - - out = { - options.makefu.forward-journal = api; - config = lib.mkIf cfg.enable imp; - }; - - api = { - enable = mkEnableOption "forward journal via syslog"; - src = mkOption { - type = types.str; - description = "syslog host identifier"; - default = config.networking.hostName; - }; - dst = mkOption { - type = types.str; - description = "syslog host identifier"; - default = ""; - }; - proto = mkOption { - type = types.str; - default = "udp"; - }; - port = mkOption { - type = types.int; - description = "destination port"; - default = 514; - }; - - }; - - imp = { - services.syslog-ng = { - enable = true; - extraConfig = '' - template t_remote { template("<$PRI>$DATE ${cfg.src} $PROGRAM[$PID]: $MSG\n"); }; - source s_all { system(); internal(); }; - destination d_loghost { udp("${cfg.dst}" port(${toString cfg.port}) template(t_remote)); }; - log { source(s_all); destination(d_loghost); }; - ''; - }; - }; - -in -out - diff --git a/makefu/3modules/logging-config.nix b/makefu/3modules/logging-config.nix deleted file mode 100644 index a77e32e48..000000000 --- a/makefu/3modules/logging-config.nix +++ /dev/null @@ -1,16 +0,0 @@ -{config, lib, pkgs, ... }: - -with import ; -{ - options.makefu.stats-server = lib.mkOption { - type = types.str; - default = "stats.makefu.r"; - description = "Central stats server (collectd)"; - }; - options.makefu.log-server = lib.mkOption { - type = types.str; - default = "logs.makefu.r"; - description = "Central logging server (logstash,elasticsearch)"; - }; -} - diff --git a/makefu/3modules/netdata.nix b/makefu/3modules/netdata.nix deleted file mode 100644 index bfa6f404c..000000000 --- a/makefu/3modules/netdata.nix +++ /dev/null @@ -1,154 +0,0 @@ -{ config, lib, pkgs, ... }: - -# fork of https://github.com/Mic92/dotfiles/blob/master/nixos/vms/modules/netdata.nix -with lib; -let - cfg = config.makefu.netdata; -in -{ - options.makefu.netdata = { - enable = mkEnableOption "netdata"; - - # TODO only apikey from file, set remote host manually - stream.file = mkOption { - type = types.str; - default = toString ; - description = "path to stream data file"; - }; - stream.role = mkOption { - type = types.enum [ "master" "slave" ]; - default = "slave"; - description = "Wether to stream data"; - }; - - httpcheck.checks = mkOption { - type = types.attrsOf (types.submodule ({ - options = { - url = mkOption { - type = types.str; - example = "https://thalheim.io"; - description = "Url to check"; - }; - regex = mkOption { - type = types.nullOr types.str; - default = null; - example = "My homepage"; - description = "Regex that is matched against the returned content"; - }; - statusAccepted = mkOption { - type = types.listOf types.int; - default = [ 200 ]; - example = [ 401 ]; - description = "Expected http status code"; - }; - }; - })); - default = {}; - description = '' - httpcheck plugin: https://github.com/netdata/netdata/blob/master/collectors/python.d.plugin/httpcheck/httpcheck.conf - ''; - }; - - portcheck.checks = mkOption { - type = types.attrsOf (types.submodule ({ - options = { - host = mkOption { - type = types.str; - default = "127.0.0.1"; - description = "Dns name/IP to check"; - }; - port = mkOption { - type = types.int; - description = "Tcp port number"; - }; - }; - })); - default = {}; - description = '' - portcheck plugin: https://github.com/netdata/netdata/tree/master/collectors/python.d.plugin/portcheck - ''; - }; - }; - config = mkIf cfg.enable { - systemd.services.netdata = { - after = [ - config.krebs.secret.files.netdata-stream.service - ]; - partOf = [ - config.krebs.secret.files.netdata-stream.service - ]; - }; - krebs.secret.files.netdata-stream = { - path = "/run/secret/netdata-stream.conf"; - owner.name = "netdata"; - source-path = cfg.stream.file; - }; - environment.etc."netdata/stream.conf".source = "/run/secret/netdata-stream.conf"; - - services.netdata = { - enable = true; - config = { - global = { - "bind to" = "0.0.0.0:19999 [::]:19999"; - "error log" = "stderr"; - "update every" = "5"; - }; - health.enable = if cfg.stream.role == "master" then "yes" else "no"; - }; - }; - services.netdata.python.extraPackages = ps: [ - ps.psycopg2 ps.docker ps.dnspython - ]; - - makefu.netdata.portcheck.checks.openssh.port = (lib.head config.services.openssh.ports); - - networking.firewall.allowedTCPPorts = [ 19999 ]; - - environment.etc."netdata/python.d/httpcheck.conf".text = '' - update_every: 30 - ${lib.concatStringsSep "\n" (mapAttrsToList (site: options: - '' - ${site}: - url: '${options.url}' - ${optionalString (options.regex != null) "regex: '${options.regex}'"} - status_accepted: [ ${lib.concatStringsSep " " (map toString options.statusAccepted) } ] - '') cfg.httpcheck.checks) - } - ''; - - environment.etc."netdata/python.d/portcheck.conf".text = '' - ${lib.concatStringsSep "\n" (mapAttrsToList (service: options: - '' - ${service}: - host: '${options.host}' - port: ${toString options.port} - '') cfg.portcheck.checks) - } - ''; - systemd.services.netdata.restartTriggers = [ - config.environment.etc."netdata/python.d/httpcheck.conf".source - config.environment.etc."netdata/python.d/portcheck.conf".source - config.environment.etc."netdata/stream.conf".source - ]; - - environment.etc."netdata/health.d/httpcheck.conf".text = '' - # taken from the original but warn only if a request is at least 300ms slow - template: web_service_slow - families: * - on: httpcheck.responsetime - lookup: average -3m unaligned of time - units: ms - every: 10s - warn: ($this > ($1h_web_service_response_time * 4) && $this > 1000) - crit: ($this > ($1h_web_service_response_time * 6) && $this > 1000) - info: average response time over the last 3 minutes, compared to the average over the last hour - delay: down 5m multiplier 1.5 max 1h - options: no-clear-notification - to: webmaster - ''; - - }; - # TODO: notification - # environment.etc."netdata/health_alarm_notify.conf".source = "/run/keys/netdata-pushover.conf"; - -} diff --git a/makefu/3modules/opentracker.nix b/makefu/3modules/opentracker.nix deleted file mode 100644 index 6c65b82b6..000000000 --- a/makefu/3modules/opentracker.nix +++ /dev/null @@ -1,55 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -let - cfg = config.makefu.opentracker; - - out = { - options.makefu.opentracker = api; - config = lib.mkIf cfg.enable imp; - }; - - api = { - enable = mkEnableOption "opentracker"; - - package = mkOption { - type = types.package; - default = pkgs.opentracker; - }; - - args = mkOption { - type = types.separatedString; - description = '' - see https://erdgeist.org/arts/software/opentracker/ for all params - ''; - default = ""; - }; - - user = mkOption { - description = '' - user which will run opentracker. by default opentracker drops all - privileges and runs in chroot after starting up as root. - ''; - type = types.str; - default = "root"; - }; - }; - - imp = { - systemd.services.opentracker = { - description = "opentracker server"; - after = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; - restartIfChanged = true; - serviceConfig = { - Type = "simple"; - ExecStart = "${cfg.package}/bin/opentracker ${cfg.args}"; - PrivateTmp = true; - WorkingDirectory = "/tmp"; - User = "${cfg.user}"; - }; - }; - }; -in -out - diff --git a/makefu/3modules/populate.nix b/makefu/3modules/populate.nix deleted file mode 100644 index 19d3b3690..000000000 --- a/makefu/3modules/populate.nix +++ /dev/null @@ -1,5 +0,0 @@ -{config, lib, pkgs, ... }: - -{ - options.makefu.full-populate = lib.mkEnableOption "always do a full clone of nixpkgs"; -} diff --git a/makefu/3modules/ps3netsrv.nix b/makefu/3modules/ps3netsrv.nix deleted file mode 100644 index a0a6eb1f4..000000000 --- a/makefu/3modules/ps3netsrv.nix +++ /dev/null @@ -1,60 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -let - cfg = config.makefu.ps3netsrv; - - out = { - options.makefu.ps3netsrv = api; - config = lib.mkIf cfg.enable imp; - }; - - api = { - enable = mkEnableOption "ps3netsrv"; - - servedir = mkOption { - description = "path to serve, must be set"; - type = types.str; - }; - - package = mkOption { - type = types.package; - default = pkgs.ps3netsrv; - }; - - user = mkOption { - description = ''user which will run ps3netsrv''; - type = types.str; - default = "ps3netsrv"; - }; - }; - - imp = { - systemd.services.ps3netsrv = { - description = "ps3netsrv server"; - after = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; - restartIfChanged = true; - unitConfig = { - Documentation = "https://www.arm-blog.com/playing-ps3-games-from-your-nas/" ; - ConditionPathExists = cfg.servedir; - }; - serviceConfig = { - Type = "simple"; - ExecStart = "${cfg.package}/bin/ps3netsrv ${shell.escape cfg.servedir}"; - PrivateTmp = true; - User = "${cfg.user}"; - }; - }; - - # TODO only create if user is ps3netsrv - users.users.ps3netsrv = { - uid = genid "ps3netsrv"; - isSystemUser = true; - group = "ps3netsrv"; - }; - users.groups.ps3netsrv.gid = genid "ps3netsrv"; - }; -in -out - diff --git a/makefu/3modules/sane-extra.nix b/makefu/3modules/sane-extra.nix deleted file mode 100644 index 8cbed572c..000000000 --- a/makefu/3modules/sane-extra.nix +++ /dev/null @@ -1,45 +0,0 @@ -{ config, lib, pkgs, ... }: -# https://github.com/michalrus/dotfiles/blob/d943be3089aa436e07cea5f22d829402936a9229/.nixos-config.symlink/modules/sane-extra-config.nix -# via https://github.com/NixOS/nixpkgs/issues/17411 -# via https://unix.stackexchange.com/questions/321954/install-epson-v39-on-nixos -with lib; - -let - - cfg = config.hardware.sane; - - pkg = if cfg.snapshot - then pkgs.sane-backends-git - else pkgs.sane-backends; - - backends = [ pkg ] ++ cfg.extraBackends; - - saneConfig = pkgs.mkSaneConfig { paths = backends; }; - - saneExtraConfig = pkgs.runCommand "sane-extra-config" {} '' - cp -Lr '${pkgs.mkSaneConfig { paths = [ pkgs.sane-backends ]; }}'/etc/sane.d $out - chmod +w $out - ${concatMapStrings (c: '' - f="$out/${c.name}.conf" - [ ! -e "$f" ] || chmod +w "$f" - cat ${builtins.toFile "outfile" (c.value + "\n")} >>"$f" - chmod -w "$f" - '') (mapAttrsToList nameValuePair cfg.extraConfig)} - chmod -w $out - ''; - -in - -{ - options = { - hardware.sane.extraConfig = mkOption { - type = types.attrsOf types.lines; - default = {}; - example = { "some-backend" = "# some lines to add to its .conf"; }; - }; - }; - - config = mkIf (cfg.enable && cfg.extraConfig != {}) { - hardware.sane.configDir = saneExtraConfig.outPath; - }; -} diff --git a/makefu/3modules/server-config.nix b/makefu/3modules/server-config.nix deleted file mode 100644 index 9cac59205..000000000 --- a/makefu/3modules/server-config.nix +++ /dev/null @@ -1,14 +0,0 @@ -{config, lib, pkgs, ... }: - -with lib;{ - options.makefu.server.primary-itf = lib.mkOption { - type = types.str; - description = "Primary interface of the server"; - }; - options.makefu.gui.user = lib.mkOption { - type = types.str; - description = "GUI user"; - default = config.krebs.build.user.name; - }; -} - diff --git a/makefu/3modules/snapraid.nix b/makefu/3modules/snapraid.nix deleted file mode 100644 index 25254c142..000000000 --- a/makefu/3modules/snapraid.nix +++ /dev/null @@ -1,126 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; - -let - # returns dirname without / , used as disk name - dname = dir: replaceStrings ["/"] [""] (head (reverseList (splitString "/" dir))); - snapraid-conf = '' - # Disks - ${concatMapStringsSep "\n" (d: "disk ${dname d} ${d}") cfg.disks} - # Parity - ${optionalString (cfg.parity != "") "parity ${cfg.parity}/snapraid.parity"} - - # content on Disks - ${optionalString cfg.contentOnDisks - concatMapStringsSep "\n" (d: "content ${d}/snapraid.content") cfg.disks} - - # content on Parity - ${optionalString (cfg.contentOnParity && cfg.parity != "") - "content ${cfg.parity}/snapraid.content"} - # Default content file - content ${cfg.defaultContentFile} - - # Extra Configuration - ${cfg.extraConfig} - ''; - cfg = config.makefu.snapraid; - - out = { - options.makefu.snapraid = api; - config = lib.mkIf cfg.enable imp; - }; - - api = { - enable = mkEnableOption "snapraid"; - - timerConfig = mkOption { - type = with types;attrsOf str; - description = '' - Start snapraid service - ''; - default = { - OnCalendar = "daily"; - }; - }; - disks = mkOption { - type = with types;listOf str; - description = '' - Disks to protect. Each disk is a path to the mounted directory of the - disk. - ''; - }; - parity = mkOption { - type = types.str; - description = '' - Folder to store parity file. - Set to empty string if you want to configure the parity yourself in - extraConfig. - - All extra parity files (2,3,z, etc...) should be configured via - extraConfig. - ''; - }; - contentOnDisks = mkOption { - type = types.bool; - default = true; - description = '' - Store Content file on each Disk to protect. - Set this to false if you do not want this behavior to apply. - ''; - }; - contentOnParity = mkOption { - type = types.bool; - default = true; - description = '' - Store Content file on parity Disk. - Set this to false if you do not want this behavior to apply. - ''; - }; - defaultContentFile = mkOption { - type = types.str; - default = "/var/cache/snapraid.content"; - description = '' - Path to default content file - Set to empty string if this content file should be written. - ''; - }; - extraConfig = mkOption { - type = types.lines; - default = ""; - description = '' - Extra configuration to be appended to the snapraid conf file. - You can configure extra Parity files as well as extra content files. - See `man snapraid` for additional configuration - ''; - }; - }; - - imp = { - environment.systemPackages = [ - # for scrubbing,fixing - pkgs.snapraid - ]; - krebs.on-failure.plans.snapraid-sync.name = "snapraid-sync"; - environment.etc."snapraid.conf".text = snapraid-conf; - systemd.timers.snapraid-sync = { - description = "snapraid sync timer"; - wantedBy = [ "timers.target" ]; - timerConfig = cfg.timerConfig; - }; - systemd.services.snapraid-sync = { - description = "Snapraid sync service"; - after = [ "network.target" "local-fs.target" ]; - - serviceConfig = { - Type = "simple"; - ExecStartPre = pkgs.writeScript "Snapraid-sync-init" '' - #! /bin/sh - ${optionalString (cfg.defaultContentFile != "") - "mkdir -p $(dirname ${cfg.defaultContentFile})"} - ''; - ExecStart = "${pkgs.snapraid}/bin/snapraid sync"; - }; - }; - }; -in out diff --git a/makefu/3modules/state.nix b/makefu/3modules/state.nix deleted file mode 100644 index a87f438fe..000000000 --- a/makefu/3modules/state.nix +++ /dev/null @@ -1,16 +0,0 @@ -{config, lib, pkgs, ... }: - -{ - options.state = lib.mkOption { - type = lib.types.listOf lib.types.str; - description = "state which is currently scattered on the machine"; - default = []; - }; - - config.system.activationScripts.state = lib.optionalString (config.state != []) '' - cat << EOF - This machine is burdened with state: - ${lib.concatMapStringsSep "\n" (d: "* ${d}") config.state} - EOF - ''; -} diff --git a/makefu/3modules/torrent.nix b/makefu/3modules/torrent.nix deleted file mode 100644 index 9f1cf3398..000000000 --- a/makefu/3modules/torrent.nix +++ /dev/null @@ -1,13 +0,0 @@ -{config, lib, pkgs, ... }: - -{ - options.makefu.dl-dir = lib.mkOption { - type = lib.types.str; - description = "Default download directory"; - default = "/media/cryptX/torrent"; - }; - options.makefu.torrent-secrets = lib.mkOption { - type = lib.types.str; - default = "/home/makefu/secrets/torrent"; - }; -} diff --git a/makefu/3modules/udpt.nix b/makefu/3modules/udpt.nix deleted file mode 100644 index 18f56ab6b..000000000 --- a/makefu/3modules/udpt.nix +++ /dev/null @@ -1,58 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -let - cfg = config.makefu.udpt; - - out = { - options.makefu.udpt = api; - config = lib.mkIf cfg.enable imp; - }; - - api = { - enable = mkEnableOption "udpt"; - - package = mkOption { - type = types.package; - default = pkgs.udpt; - }; - - cfgfile = mkOption { - type = types.path; - default = "${cfg.package}/etc/udpt.conf"; - }; - - user = mkOption { - description = '' - user which will run udpt. if kept default a new user will be created - ''; - type = types.str; - default = "udpt"; - }; - - }; - - imp = { - systemd.services.udpt = { - description = "udpt server"; - after = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; - restartIfChanged = true; - serviceConfig = { - Type = "simple"; - ExecStart = "${cfg.package}/bin/udpt -i -c ${shell.escape cfg.cfgfile}"; - PrivateTmp = true; - WorkingDirectory = "/tmp"; - User = "${cfg.user}"; - }; - }; - users = lib.mkIf (cfg.user == "udpt") { - users.udpt = { - uid = genid "udpt"; - }; - groups.udpt.gid = genid "udpt"; - }; - }; -in -out - diff --git a/makefu/4lib/default.nix b/makefu/4lib/default.nix deleted file mode 100644 index 5e9ab2087..000000000 --- a/makefu/4lib/default.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ config, lib, ... }: - -with lib; -let - addDefaultTime = bku-entry: recursiveUpdate { - snapshots = { - daily = { format = "%Y-%m-%d"; retain = 7; }; - weekly = { format = "%YW%W"; retain = 4; }; - monthly = { format = "%Y-%m"; retain = 12; }; - yearly = { format = "%Y"; }; - }; - startAt = "5:23"; - } bku-entry; - - backup-host = config.krebs.hosts.omo; - backup-path = "/media/backup"; -in { - bku = { - inherit addDefaultTime; - simplePath = addDefaultTime (path: { - method = "pull"; - src = { host = config.krebs.build.host; inherit path; }; - dst = { - host = backup-host; - path = backup-path ++ config.krebs.build.host.name - ++ builtins.replaceStrings ["/"] ["-"] path; - }; - }); - }; -} diff --git a/makefu/5pkgs/Fluffy/default.nix b/makefu/5pkgs/Fluffy/default.nix deleted file mode 100644 index b32c6cab4..000000000 --- a/makefu/5pkgs/Fluffy/default.nix +++ /dev/null @@ -1,42 +0,0 @@ -{ lib, pkgs, python3Packages, ... }: - -with python3Packages; buildPythonApplication rec { - name = "Fluffy-${version}"; - format = "other"; - version = "2.9"; - - src = pkgs.fetchFromGitHub { - owner = "fourminute"; - repo = "Fluffy"; - rev = "v${version}"; - sha256 = "1w1j7cdp0zpgwn7zi28z8dcbgnhxvllgh3rp1gkdjnpr4a6ngj8z"; - }; - - prePatch = '' - sed -e "s|/tmp|$HOME/.config/fluffy|" -i linux/fluffy.desktop - ''; - - installPhase = '' - env - install -Dm 644 linux/80-fluffy-switch.rules "$out/etc/udev/rules.d/80-fluffy-switch.rules" - install -Dm 644 linux/fluffy.desktop "$out/usr/share/applications/fluffy.desktop" - install -Dm 644 icons/16x16/fluffy.png "$out/share/icons/hicolor/16x16/apps/fluffy.png" - install -Dm 644 icons/24x24/fluffy.png "$out/share/icons/hicolor/24x24/apps/fluffy.png" - install -Dm 644 icons/32x32/fluffy.png "$out/share/icons/hicolor/32x32/apps/fluffy.png" - install -Dm 644 icons/48x48/fluffy.png "$out/share/icons/hicolor/48x48/apps/fluffy.png" - install -Dm 644 icons/64x64/fluffy.png "$out/share/icons/hicolor/64x64/apps/fluffy.png" - install -Dm 644 icons/128x128/fluffy.png "$out/share/icons/hicolor/128x128/apps/fluffy.png" - install -Dm 755 fluffy.pyw "$out/bin/fluffy" - wrapProgram "$out/bin/fluffy" --set PYTHONPATH "$PYTHONPATH" - ''; - - propagatedBuildInputs = [ - pyqt5 pyusb libusb1 configparser tkinter - ]; - - meta = { - homepage = https://github.com/fourminute/Fluffy; - description = "A feature-rich tool for installing NSPs"; - license = lib.licenses.gpl3; - }; -} diff --git a/makefu/5pkgs/HermesLedControl/default.nix b/makefu/5pkgs/HermesLedControl/default.nix deleted file mode 100644 index 77164f568..000000000 --- a/makefu/5pkgs/HermesLedControl/default.nix +++ /dev/null @@ -1,58 +0,0 @@ -{ lib, pkgs, python3Packages, makeWrapper, ... }: - -# How to use: -# create configuration configuration.yml: -# engine: "rhasspy" -# pathToConfig: "/var/lib/rhasspy/de/profile.json" -# hardware: "respeaker4MicArray" -# pattern: "fake-name" -# enableDoA: false -# and run HermesLedControl --hermesLedControlConfig path-to-config.yml - -# all available config options can be see in: -# result/result/lib/HermesLedControl/models/Configuration.py - - -with python3Packages; buildPythonApplication rec { - name = "HermesLedControl-${version}"; - format = "other"; - version = "3.0.4"; - - src = pkgs.fetchFromGitHub { - owner = "project-alice-assistant"; - repo = "HermesLedControl"; - rev = "v${version}"; - hash = "sha256-fVbTQPSo3fNjLb8PDDDqhMC9Hez01rTH46cKz/mfwoU="; - }; - - patches = [ - ./remove-logger.patch - ]; - - execWrapper = '' - #!/bin/sh - cd $out/lib/HermesLedControl && \ - PYTHONPATH="${makePythonPath propagatedBuildInputs}" exec \ - ${python}/bin/python "$out/lib/HermesLedControl/main.py" "$@" - ''; - - installPhase = '' - install -d "$out/lib/" - install -d "$out/bin" - cp -r . $out/lib/HermesLedControl - - echo "${execWrapper}" > HermesLedControl - install -Dm755 HermesLedControl $out/bin/HermesLedControl - - ''; - - propagatedBuildInputs = [ - spidev gpiozero rpi-gpio pyyaml paho-mqtt types-pyyaml makeWrapper - ]; - - meta = { - homepage = "https://github.com/project-alice-assistant/HermesLedControl"; - description = "Provides an easy way to control your leds in an Hermes environment"; - license = lib.licenses.gpl3; - }; -} diff --git a/makefu/5pkgs/HermesLedControl/remove-logger.patch b/makefu/5pkgs/HermesLedControl/remove-logger.patch deleted file mode 100644 index a6b757d35..000000000 --- a/makefu/5pkgs/HermesLedControl/remove-logger.patch +++ /dev/null @@ -1,31 +0,0 @@ -diff --git a/main.py b/main.py -old mode 100644 -new mode 100755 -index 9b5a269..350d443 ---- a/main.py -+++ b/main.py -@@ -1,3 +1,4 @@ -+#!/usr/bin/env python3 - from logging import handlers - - import logging -@@ -17,18 +18,6 @@ _logger.setLevel(logging.DEBUG) - - date = int(datetime.now().strftime('%Y%m%d')) - --handler = logging.FileHandler(filename='logs.log', mode='w') --rotatingHandler = handlers.RotatingFileHandler(filename=f'./logs/{date}-logs.log', mode='a', maxBytes=100000, backupCount=5) --streamHandler = logging.StreamHandler() -- --handler.setFormatter(formatter) --rotatingHandler.setFormatter(formatter) --streamHandler.setFormatter(formatter) -- --_logger.addHandler(handler) --_logger.addHandler(rotatingHandler) --_logger.addHandler(streamHandler) -- - - def stopHandler(_signum, frame): - onStop() - diff --git a/makefu/5pkgs/PkgDecrypt/default.nix b/makefu/5pkgs/PkgDecrypt/default.nix deleted file mode 100644 index 80bcbcac1..000000000 --- a/makefu/5pkgs/PkgDecrypt/default.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ stdenv, lib, pkgs, fetchFromGitHub, ... }: -stdenv.mkDerivation rec { - name = "PkgDecrypt-2017-12-01"; - rev = "e2f9518"; - - src = fetchFromGitHub { - owner = "St4rk"; - repo = "PkgDecrypt"; - inherit rev; - sha256 = "0dk13qamxyny0vc990s06vqddxwwc6xmikb1pkc3rnys98yda29p"; - }; - - installPhase = '' - install -m755 -D pkg_dec $out/bin/pkg_dec - install -m755 -D make_key $out/bin/make_key - ''; - - buildInputs = with pkgs;[ - zlib - ]; - - meta = { - homepage = https://github.com/St4rk/PkgDecrypt; - description = "St4rk's Vita pkg decrypter"; - license = lib.licenses.gpl2; - }; -} diff --git a/makefu/5pkgs/_4nxci/default.nix b/makefu/5pkgs/_4nxci/default.nix deleted file mode 100644 index 47c02aca4..000000000 --- a/makefu/5pkgs/_4nxci/default.nix +++ /dev/null @@ -1,50 +0,0 @@ -{ stdenv, lib, fetchFromGitHub, mbedtls, python2, perl }: -let - version = "4.03"; - src = fetchFromGitHub { - owner = "The-4n"; - repo = "4NXCI"; - rev = "v${version}"; - sha256 = "0n49sqv6s8cj2dw1dbcyskfc2zr92p27f1bdd6jqfbawv0fqr1wf"; - }; - - mymbedtls = stdenv.mkDerivation { - name = "mbedtls-${version}"; - version = "2.6.1"; - doCheck = false; - inherit src; - buildInputs = [ perl ]; - phases = [ "unpackPhase" "buildPhase" "installPhase" ]; - makeFlags = [ "DESTDIR=$(out)" ]; - buildPhase = '' - cp config.mk.template config.mk - cd mbedtls - make - ''; - }; -in stdenv.mkDerivation rec { - name = "4nxci-${version}"; - - inherit src version; - buildPhase = '' - cp config.mk.template config.mk - sed -i 's#\(INCLUDE =\).*#\1${mymbedtls}/include#' Makefile - sed -i 's#\(LIBDIR =\).*#\1${mymbedtls}/lib#' Makefile - make 4nxci - ''; - - installPhase = '' - install -m755 -D 4nxci $out/bin/4nxci - ''; - - #preInstall = '' - # mkdir -p $out/bin - #''; - - buildInputs = [ mymbedtls ]; - - meta = { - description = "convert xci to nsp"; - license = lib.licenses.isc; - }; -} diff --git a/makefu/5pkgs/acdcli/default.nix b/makefu/5pkgs/acdcli/default.nix deleted file mode 100644 index 13b19e482..000000000 --- a/makefu/5pkgs/acdcli/default.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ lib, pkgs, python3Packages, fetchurl, ... }: - -with python3Packages; buildPythonPackage rec { - name = "acdcli-${version}"; - version = "0.3.2"; - propagatedBuildInputs = [ - dateutil colorama fusepy appdirs requests requests_toolbelt six - ]; - src = fetchurl { - url = "mirror://pypi/a/acdcli/${name}.tar.gz"; - sha256 = "1ak9xxpyb7n6iyalf2082jpimklakm0fgm7vsv7qcm8wy6vlq2cw"; - }; - doCheck = false; # ImportError: Failed to import test module: tests - - # acd_cli gets dumped in bin and gets overwritten by fixupPhase - postFixup = '' - mv $out/bin/.acd_cli.py-wrapped $out/bin/acd_cli.py - ''; - meta = { - description = "communicate with amazon drive"; - }; -} diff --git a/makefu/5pkgs/airsensor-py/default.nix b/makefu/5pkgs/airsensor-py/default.nix deleted file mode 100644 index 86ea22d8d..000000000 --- a/makefu/5pkgs/airsensor-py/default.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ pkgs, fetchFromGitHub, ... }: -with pkgs.python3Packages; -buildPythonApplication rec { - name = "airsensor-py-${version}"; - version = "1.0.0"; - propagatedBuildInputs = [ - pyusb - click - ]; - - src = fetchFromGitHub { - owner = "makefu"; - repo = "airsensor-py"; - rev = "1.0.0"; - sha256 = "1jpvvl965bg3ymvr58c433jyy0smczn65fnqsskxn7basznii5g8"; - }; -} diff --git a/makefu/5pkgs/ampel/default.nix b/makefu/5pkgs/ampel/default.nix deleted file mode 100644 index fb722a52f..000000000 --- a/makefu/5pkgs/ampel/default.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ lib, pkgs, fetchFromGitHub, ... }: - -with pkgs.python3Packages;buildPythonPackage rec { - name = "ampel-${version}"; - version = "0.2.5"; - - propagatedBuildInputs = [ - docopt - paho-mqtt - requests - pytz - influxdb - httplib2 - google_api_python_client - ]; - - src = pkgs.fetchgit { - url = "http://cgit.euer.krebsco.de/ampel"; - rev = "ce239876820699f02054e71b4fd0950509833379"; - sha256 = "1ja32lr04lwq4shi49kppa1zzjw0zlqaqy71pr5sbajgp4zj7kh8"; - }; - meta = { - homepage = http://cgit.euer.krebsco.de/ampel; - description = "change colors of rgb cubes"; - license = lib.licenses.asl20; - }; -} diff --git a/makefu/5pkgs/awesomecfg/default.nix b/makefu/5pkgs/awesomecfg/default.nix deleted file mode 100644 index 8552634ff..000000000 --- a/makefu/5pkgs/awesomecfg/default.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ pkgs -, lib -, alsaUtils -, xbacklight -, networkmanagerapplet -, blueman -, clipit -, flameshot -, chapter-marker ? false -, modkey ? "Mod4" -, locker? "${pkgs.xlock}/bin/xlock -mode blank" -, ... }: - -{ - # replace: @alsaUtils@ @xlockmore@ @xbacklight@ @modkey@ @chapter-marker@ - full = lib.makeOverridable pkgs.substituteAll { - name = "awesome_full_config"; - inherit alsaUtils locker xbacklight modkey networkmanagerapplet blueman clipit flameshot ; - isExecutable = false; - src = ./full.cfg; - }; - - kiosk = lib.makeOverridable pkgs.substituteAll { - name = "awesome_kiosk_config"; - inherit alsaUtils locker xbacklight modkey; - isExecutable = false; - src = ./kiosk.lua; - }; -} diff --git a/makefu/5pkgs/awesomecfg/full.cfg b/makefu/5pkgs/awesomecfg/full.cfg deleted file mode 100644 index 430c9d511..000000000 --- a/makefu/5pkgs/awesomecfg/full.cfg +++ /dev/null @@ -1,577 +0,0 @@ --- Standard awesome library -local gears = require("gears") -local awful = require("awful") -local vicious = require("vicious") -awful.rules = require("awful.rules") -require("awful.autofocus") --- Widget and layout library -local wibox = require("wibox") --- Theme handling library -local beautiful = require("beautiful") --- Notification library -local naughty = require("naughty") -local menubar = require("menubar") - - - --- {{{ Error handling --- Check if awesome encountered an error during startup and fell back to --- another config (This code will only ever execute for the fallback config) -if awesome.startup_errors then - naughty.notify({ preset = naughty.config.presets.critical, - title = "Oops, there were errors during startup!", - text = awesome.startup_errors }) -end - --- Handle runtime errors after startup -do - local in_error = false - awesome.connect_signal("debug::error", function (err) - -- Make sure we don't go into an endless error loop - if in_error then return end - in_error = true - - naughty.notify({ preset = naughty.config.presets.critical, - title = "Oops, an error happened!", - text = err }) - in_error = false - end) -end --- }}} - --- {{{ Mails widget type -local function worker(format,warg) - local ncount = 0 - for line in io.popen("ls "..warg..'/new'):lines() do - ncount = ncount +1 - end - local count = 2 - --for line in io.popen("ls "..warg..'/new'):lines() do - -- count = count +1 - --end - return {ncount,count} -end - -vicious_mails = setmetatable({}, { __call = function(_, ...) return worker(...) end }) -mailwidget = wibox.widget.textbox() - -local function only_new (widget,args) - if args[1] > 0 then - return string.format("%s new",args[1]) - else - return "" - end -end - -vicious.register(mailwidget, vicious_mails,only_new ,60,"~/Mail/localhost") - ---mdirwidget = wibox.widget.textbox() ---vicious.register(mdirwidget, vicious.widgets.mdir, ) - -cpuwidget = wibox.widget.graph() --- Graph properties -cpuwidget:set_width(50) -cpuwidget:set_background_color("#494B4F") -cpuwidget:set_color({ type = "linear", from = { 0, 0 }, to = { 10,0 }, stops = { {0, "#FF5656"}, {0.5, "#88A175"}, - {1, "#AECF96" }}}) -vicious.register(cpuwidget, vicious.widgets.cpu, "$1") - --- Register widget -batwidget = wibox.widget.textbox() -vicious.register(batwidget, vicious.widgets.bat, "$2%", 61, "BAT0") - --- {{{ Variable definitions --- Themes define colours, icons, and wallpapers - --- Find the default theme - -beautiful.init(awful.util.get_themes_dir() .. "default/theme.lua") -client.connect_signal("focus", function(c) c.border_color = beautiful.border_focus end) -client.connect_signal("unfocus", function(c) c.border_color = beautiful.border_normal end) - --- This is used later as the default terminal and editor to run. -terminal = "urxvtc" -editor = os.getenv("EDITOR") or "vim" -editor_cmd = terminal .. " -e " .. editor -browser = "firefox" - --- Default modkey. --- Usually, Mod4 is the key with a logo between Control and Alt. --- If you do not like this or do not have such a key, --- I suggest you to remap Mod4 to another key using xmodmap or other tools. --- However, you can use another modifier like Mod1, but it may interact with others. -modkey = "@modkey@" --- modkey = "Mod4" - --- Table of layouts to cover with awful.layout.inc, order matters. -awful.layout.layouts = -{ - awful.layout.suit.tile, --- awful.layout.suit.tile.left, - awful.layout.suit.tile.bottom, - awful.layout.suit.floating, --- awful.layout.suit.tile.top, - awful.layout.suit.fair, --- awful.layout.suit.fair.horizontal, --- awful.layout.suit.spiral, --- awful.layout.suit.spiral.dwindle, - awful.layout.suit.max, - awful.layout.suit.max.fullscreen, - awful.layout.suit.magnifier, - awful.layout.suit.corner.nw -} --- }}} --- {{{ Helper Functions -local function client_menu_toggle_fn() - local instance = nil - - return function () - if instance and instance.wibox.visible then - instance:hide() - instance = nil - else - instance = awful.menu.clients({ theme = { width = 250 } }) - end - end -end --- }}} - --- {{{ Wallpaper -if beautiful.wallpaper then - for s = 1, screen.count() do - gears.wallpaper.maximized(beautiful.wallpaper, s, true) - end -end --- }}} - --- {{{ Tags --- Define a tag table which hold all screen tags. -tags = {} -for s = 1, screen.count() do - -- Each screen has its own tag table. -end --- }}} - --- {{{ Menu --- Create a laucher widget and a main menu -myawesomemenu = { - { "manual", terminal .. " -e man awesome" }, - { "edit config", editor_cmd .. " " .. awesome.conffile }, - { "restart", awesome.restart }, - { "quit", awesome.quit } -} - -mymainmenu = awful.menu({ items = { { "awesome", myawesomemenu, beautiful.awesome_icon }, - { "open terminal", terminal }, - { "pcmanfm", "pcmanfm"} - } - }) - -mylauncher = awful.widget.launcher({ image = beautiful.awesome_icon, - menu = mymainmenu }) - --- Menubar configuration -menubar.utils.terminal = terminal -- Set the terminal for applications that require it --- }}} - --- {{{ Wibox --- Create a textclock widget -mytextclock = wibox.widget.textclock() - --- Create a wibox for each screen and add it -mywibox = {} -mylayoutbox = {} - --- Create a wibox for each screen and add it -local taglist_buttons = awful.util.table.join( - awful.button({ }, 1, function(t) t:view_only() end), - awful.button({ modkey }, 1, function(t) - if client.focus then - client.focus:move_to_tag(t) - end - end), - awful.button({ }, 3, awful.tag.viewtoggle), - awful.button({ modkey }, 3, function(t) - if client.focus then - client.focus:toggle_tag(t) - end - end), - awful.button({ }, 4, function(t) awful.tag.viewnext(t.screen) end), - awful.button({ }, 5, function(t) awful.tag.viewprev(t.screen) end) - ) - -local tasklist_buttons = awful.util.table.join( - awful.button({ }, 1, function (c) - if c == client.focus then - c.minimized = true - else - -- Without this, the following - -- :isvisible() makes no sense - c.minimized = false - if not c:isvisible() and c.first_tag then - c.first_tag:view_only() - end - -- This will also un-minimize - -- the client, if needed - client.focus = c - c:raise() - end - end), - awful.button({ }, 3, client_menu_toggle_fn()), - awful.button({ }, 4, function () - awful.client.focus.byidx(1) - end), - awful.button({ }, 5, function () - awful.client.focus.byidx(-1) - end)) - - -local function set_wallpaper(s) - -- Wallpaper - if beautiful.wallpaper then - local wallpaper = beautiful.wallpaper - -- If wallpaper is a function, call it with the screen - if type(wallpaper) == "function" then - wallpaper = wallpaper(s) - end - gears.wallpaper.maximized(wallpaper, s, true) - end -end - -awful.screen.connect_for_each_screen(function(s) - -- Wallpaper - set_wallpaper(s) - - -- Each screen has its own tag table. - awful.tag({ "tmp", "ssh", "www", "im", "mail","work","net","misc","remote" }, s, awful.layout.layouts[1]) - - -- Create a promptbox for each screen - s.mypromptbox = awful.widget.prompt() - -- Create an imagebox widget which will contains an icon indicating which layout we're using. - -- We need one layoutbox per screen. - s.mylayoutbox = awful.widget.layoutbox(s) - s.mylayoutbox:buttons(awful.util.table.join( - awful.button({ }, 1, function () awful.layout.inc( 1) end), - awful.button({ }, 3, function () awful.layout.inc(-1) end), - awful.button({ }, 4, function () awful.layout.inc( 1) end), - awful.button({ }, 5, function () awful.layout.inc(-1) end))) - -- Create a taglist widget - s.mytaglist = awful.widget.taglist(s, awful.widget.taglist.filter.all, taglist_buttons) - - -- Create a tasklist widget - s.mytasklist = awful.widget.tasklist(s, awful.widget.tasklist.filter.currenttags, tasklist_buttons) - - -- Create the wibox - s.mywibox = awful.wibar({ position = "top", screen = s }) - - -- Add widgets to the wibox - s.mywibox:setup { - layout = wibox.layout.align.horizontal, - { -- Left widgets - layout = wibox.layout.fixed.horizontal, - mylauncher, - s.mytaglist, - s.mypromptbox, - }, - s.mytasklist, -- Middle widget - { -- Right widgets - layout = wibox.layout.fixed.horizontal, - mykeyboardlayout, - mailwidget, - wibox.widget.systray(), - cpuwidget, - batwidget, - mytextclock, - s.mylayoutbox, - }, - } -end) - --- }}} - --- {{{ Mouse bindings -root.buttons(awful.util.table.join( - awful.button({ }, 3, function () mymainmenu:toggle() end), - awful.button({ }, 4, awful.tag.viewnext), - awful.button({ }, 5, awful.tag.viewprev) -)) --- }}} - --- {{{ Key bindings -globalkeys = awful.util.table.join( - awful.key({ modkey, }, "Left", awful.tag.viewprev ), - awful.key({ modkey, }, "Right", awful.tag.viewnext ), - awful.key({ modkey, }, "Escape", awful.tag.history.restore), - - awful.key({ modkey, }, "w", function () mymainmenu:show() end), - - -- Layout manipulation - awful.key({ modkey, "Shift" }, "j", function () awful.client.swap.byidx( 1) end), - awful.key({ modkey, "Shift" }, "k", function () awful.client.swap.byidx( -1) end), - awful.key({ modkey, "Control" }, "j", function () awful.screen.focus_relative( 1) end), - awful.key({ modkey, "Control" }, "k", function () awful.screen.focus_relative(-1) end), - awful.key({ modkey, }, "u", awful.client.urgent.jumpto), - awful.key({ modkey, }, "Tab", - function () - awful.client.focus.history.previous() - if client.focus then - client.focus:raise() - end - end), - - -- Standard program - awful.key({ modkey, }, "Return", function () awful.spawn(terminal) end, - {description = "open a terminal", group = "launcher"}), - awful.key({ modkey, "Control" }, "r", awesome.restart, - {description = "reload awesome", group = "awesome"}), - awful.key({ modkey, "Shift" }, "q", awesome.quit, - {description = "quit awesome", group = "awesome"}), - - awful.key({ modkey, }, "l", function () awful.tag.incmwfact( 0.05) end, - {description = "increase master width factor", group = "layout"}), - awful.key({ modkey, }, "h", function () awful.tag.incmwfact(-0.05) end, - {description = "decrease master width factor", group = "layout"}), - awful.key({ modkey, "Shift" }, "h", function () awful.tag.incnmaster( 1, nil, true) end, - {description = "increase the number of master clients", group = "layout"}), - awful.key({ modkey, "Shift" }, "l", function () awful.tag.incnmaster(-1, nil, true) end, - {description = "decrease the number of master clients", group = "layout"}), - awful.key({ modkey, "Control" }, "h", function () awful.tag.incncol( 1, nil, true) end, - {description = "increase the number of columns", group = "layout"}), - awful.key({ modkey, "Control" }, "l", function () awful.tag.incncol(-1, nil, true) end, - {description = "decrease the number of columns", group = "layout"}), - awful.key({ modkey, }, "space", function () awful.layout.inc( 1) end, - {description = "select next", group = "layout"}), - awful.key({ modkey, "Shift" }, "space", function () awful.layout.inc(-1) end, - {description = "select previous", group = "layout"}), - awful.key({ modkey, "Control" }, "n", - function () - local c = awful.client.restore() - -- Focus restored client - if c then - client.focus = c - c:raise() - end - end, - {description = "restore minimized", group = "client"}), - - awful.key({ }, "XF86MonBrightnessUp", function () - awful.util.spawn("@xbacklight@/bin/xbacklight -inc 5", false) end), - awful.key({ }, "XF86MonBrightnessDown", function () - awful.util.spawn("@xbacklight@/bin/xbacklight -dec 5", false) end), - - awful.key({ }, "XF86AudioRaiseVolume", function () - awful.util.spawn("@alsaUtils@/bin/amixer set Master 5%+", false) end), - awful.key({ }, "XF86AudioLowerVolume", function () - awful.util.spawn("@alsaUtils@/bin/amixer set Master 5%-", false) end), - awful.key({ }, "XF86AudioMute", function () - awful.util.spawn("@alsaUtils@/bin/amixer -q -D default sset Master toggle", false) end), - - -- Prompt - awful.key({ modkey }, "r", function () awful.screen.focused().mypromptbox:run() end, - {description = "run prompt", group = "launcher"}), - awful.key({ modkey,"Control" }, "BackSpace", function () awful.util.spawn("@locker@") end), - awful.key({ }, "XF86ScreenSaver", function () awful.util.spawn("@locker@") end), - - awful.key({ modkey }, "x", - function () - awful.prompt.run { - prompt = "Run Lua code: ", - textbox = awful.screen.focused().mypromptbox.widget, - exe_callback = awful.util.eval, - history_path = awful.util.get_cache_dir() .. "/history_eval" - } - end, - {description = "lua execute prompt", group = "awesome"}), - - -- Menubar - awful.key({ modkey }, "p", function() menubar.show() end) -) - -clientkeys = awful.util.table.join( - awful.key({ modkey, }, "f", function (c) c.fullscreen = not c.fullscreen end), - awful.key({ modkey, "Shift" }, "c", function (c) c:kill() end), - awful.key({ modkey, "Control" }, "space", awful.client.floating.toggle ), - awful.key({ modkey, "Control" }, "Return", function (c) c:swap(awful.client.getmaster()) end), - awful.key({ modkey, }, "o", awful.client.movetoscreen ), - awful.key({ modkey, }, "t", function (c) c.ontop = not c.ontop end), - awful.key({ modkey, }, "n", - function (c) - -- The client currently has the input focus, so it cannot be - -- minimized, since minimized clients can't have the focus. - c.minimized = true - end), - awful.key({ }, "Print", function () awful.util.spawn("@flameshot@/bin/flameshot gui") end), - awful.key({ modkey, }, "m", - function (c) - c.maximized = not c.maximized - end) -) - --- Compute the maximum number of digit we need, limited to 9 -keynumber = 0 - -for i = 1, 9 do - globalkeys = awful.util.table.join(globalkeys, - -- View tag only. - awful.key({ modkey }, "#" .. i + 9, - function () - local screen = awful.screen.focused() - local tag = screen.tags[i] - if tag then - tag:view_only() - end - end, - {description = "view tag #"..i, group = "tag"}), - -- Toggle tag display. - awful.key({ modkey, "Control" }, "#" .. i + 9, - function () - local screen = awful.screen.focused() - local tag = screen.tags[i] - if tag then - awful.tag.viewtoggle(tag) - end - end, - {description = "toggle tag #" .. i, group = "tag"}), - -- Move client to tag. - awful.key({ modkey, "Shift" }, "#" .. i + 9, - function () - if client.focus then - local tag = client.focus.screen.tags[i] - if tag then - client.focus:move_to_tag(tag) - end - end - end, - {description = "move focused client to tag #"..i, group = "tag"}), - -- Toggle tag on focused client. - awful.key({ modkey, "Control", "Shift" }, "#" .. i + 9, - function () - if client.focus then - local tag = client.focus.screen.tags[i] - if tag then - client.focus:toggle_tag(tag) - end - end - end, - {description = "toggle focused client on tag #" .. i, group = "tag"}) - ) -end - - -clientbuttons = awful.util.table.join( - awful.button({ }, 1, function (c) client.focus = c; c:raise() end), - awful.button({ modkey }, 1, awful.mouse.client.move), - awful.button({ modkey }, 3, awful.mouse.client.resize)) - --- Set keys -root.keys(globalkeys) --- }}} - --- {{{ Rules -awful.rules.rules = { --- -- All clients will match this rule. - { rule = { }, - properties = { border_width = beautiful.border_width, - border_color = beautiful.border_normal, - focus = awful.client.focus.filter, - keys = clientkeys, - screen = awful.screen.focused, - buttons = clientbuttons } }, - -- get class via `xprop WM_CLASS` -- will be second string - --{ rule = { class = "MPlayer" }, - -- properties = { floating = true } }, - { rule = { class = "pinentry" }, - properties = { floating = true } }, - --{ rule = { class = "gimp" }, - -- properties = { floating = true } }, - { rule = { class = "Firefox" }, - properties = { tag = tags[3] } }, - { rule = { class = "Signal" }, - properties = { tag = tags[4] } }, - -- { rule = { class = "TelegramDesktop" }, - -- properties = { tag = tags[4] } }, - { rule = { class = "Element" }, - properties = { tag = tags[4] } } -} --- }}} --- {{{ Signals --- Signal function to execute when a new client appears. -client.connect_signal("manage", function (c, startup) - -- Enable sloppy focus - c:connect_signal("mouse::enter", function(c) - if awful.layout.get(c.screen) ~= awful.layout.suit.magnifier - and awful.client.focus.filter(c) then - client.focus = c - end - end) - - if not startup then - -- Set the windows at the slave, - -- i.e. put it at the end of others instead of setting it master. - -- awful.client.setslave(c) - - -- Put windows in a smart way, only if they does not set an initial position. - if not c.size_hints.user_position and not c.size_hints.program_position then - awful.placement.no_overlap(c) - awful.placement.no_offscreen(c) - end - end - - local titlebars_enabled = false - if titlebars_enabled and (c.type == "normal" or c.type == "dialog") then - -- Widgets that are aligned to the left - local left_layout = wibox.layout.fixed.horizontal() - left_layout:add(awful.titlebar.widget.iconwidget(c)) - - -- Widgets that are aligned to the right - local right_layout = wibox.layout.fixed.horizontal() - right_layout:add(awful.titlebar.widget.floatingbutton(c)) - right_layout:add(awful.titlebar.widget.maximizedbutton(c)) - right_layout:add(awful.titlebar.widget.stickybutton(c)) - right_layout:add(awful.titlebar.widget.ontopbutton(c)) - right_layout:add(awful.titlebar.widget.closebutton(c)) - - -- The title goes in the middle - local title = awful.titlebar.widget.titlewidget(c) - title:buttons(awful.util.table.join( - awful.button({ }, 1, function() - client.focus = c - c:raise() - awful.mouse.client.move(c) - end), - awful.button({ }, 3, function() - client.focus = c - c:raise() - awful.mouse.client.resize(c) - end) - )) - - -- Now bring it all together - local layout = wibox.layout.align.horizontal() - layout:set_left(left_layout) - layout:set_right(right_layout) - layout:set_middle(title) - - awful.titlebar(c):set_widget(layout) - end -end) -local setmetatable = setmetatable -local os = { - date = os.date, - time = os.time -} - --- }}} - --- {{{ autostart -do - -- awful.spawn("urxvt", { tag = tags[1] }) -- dev shell - awful.spawn("urxvt -e mosh makefu@gum.i", { tag = tags[2] }) - awful.spawn("firefox", { tag = tags[3] }) - awful.spawn("telegram-desktop", { tag = tags[4] }) - awful.spawn("element-desktop", { tag = tags[4] }) - awful.spawn("signal-desktop", { tag = tags[4] }) - awful.spawn("urxvt -e mutt", { tag = tags[5] }) -end - --- }}} diff --git a/makefu/5pkgs/awesomecfg/kiosk.lua b/makefu/5pkgs/awesomecfg/kiosk.lua deleted file mode 100644 index d0261f798..000000000 --- a/makefu/5pkgs/awesomecfg/kiosk.lua +++ /dev/null @@ -1,535 +0,0 @@ --- Standard awesome library -local gears = require("gears") -local awful = require("awful") -local vicious = require("vicious") -awful.rules = require("awful.rules") -require("awful.autofocus") --- Widget and layout library -local wibox = require("wibox") --- Theme handling library -local beautiful = require("beautiful") --- Notification library -local naughty = require("naughty") -local menubar = require("menubar") - - - --- {{{ Error handling --- Check if awesome encountered an error during startup and fell back to --- another config (This code will only ever execute for the fallback config) -if awesome.startup_errors then - naughty.notify({ preset = naughty.config.presets.critical, - title = "Oops, there were errors during startup!", - text = awesome.startup_errors }) -end - --- Handle runtime errors after startup -do - local in_error = false - awesome.connect_signal("debug::error", function (err) - -- Make sure we don't go into an endless error loop - if in_error then return end - in_error = true - - naughty.notify({ preset = naughty.config.presets.critical, - title = "Oops, an error happened!", - text = err }) - in_error = false - end) -end --- }}} - --- {{{ Mails widget type -local function worker(format,warg) - local ncount = 0 - for line in io.popen("ls "..warg..'/new'):lines() do - ncount = ncount +1 - end - local count = 2 - --for line in io.popen("ls "..warg..'/new'):lines() do - -- count = count +1 - --end - return {ncount,count} -end - -vicious_mails = setmetatable({}, { __call = function(_, ...) return worker(...) end }) -mailwidget = wibox.widget.textbox() - -local function only_new (widget,args) - if args[1] > 0 then - return string.format("%s new",args[1]) - else - return "" - end -end - -vicious.register(mailwidget, vicious_mails,only_new ,60,"~/Mail/localhost") - ---mdirwidget = wibox.widget.textbox() ---vicious.register(mdirwidget, vicious.widgets.mdir, ) - -cpuwidget = awful.widget.graph() --- Graph properties -cpuwidget:set_width(50) -cpuwidget:set_background_color("#494B4F") -cpuwidget:set_color({ type = "linear", from = { 0, 0 }, to = { 10,0 }, stops = { {0, "#FF5656"}, {0.5, "#88A175"}, - {1, "#AECF96" }}}) -vicious.register(cpuwidget, vicious.widgets.cpu, "$1") - --- Register widget -batwidget = wibox.widget.textbox() -vicious.register(batwidget, vicious.widgets.bat, "$2%", 61, "BAT0") - --- {{{ Variable definitions --- Themes define colours, icons, and wallpapers --- beautiful.init("/usr/share/awesome/themes/default/theme.lua") --- ./qbx8r72yzaxpz41zq00902zwajl31b5h-awesome-3.5.6/share/awesome/lib/beautiful.lua --- --- Find the default theme - --- --- beautiful.init("/nix/store/qbx8r72yzaxpz41zq00902zwajl31b5h-awesome-3.5.6/share/awesome/themes/default/theme.lua") - -function find_default_theme() - -- find the default lua theme in the package path - for path in package.path:gmatch('([^;]+);') do - if path:match('awesome.*share') then - theme_path = path:match('^([^?]*)') .. '../themes/default/theme.lua' - if awful.util.file_readable(theme_path) then return theme_path end - end - end -end - -beautiful.init(find_default_theme()) -client.connect_signal("focus", function(c) c.border_color = beautiful.border_focus end) -client.connect_signal("unfocus", function(c) c.border_color = beautiful.border_normal end) - --- This is used later as the default terminal and editor to run. -terminal = "urxvt" -editor = os.getenv("EDITOR") or "vim" -editor_cmd = terminal .. " -e " .. editor -browser = "firefox" - -modkey = "@modkey@" - --- Table of layouts to cover with awful.layout.inc, order matters. -local layouts = -{ - awful.layout.suit.tile, --- awful.layout.suit.tile.left, - awful.layout.suit.tile.bottom, - awful.layout.suit.floating, --- awful.layout.suit.tile.top, - awful.layout.suit.fair, --- awful.layout.suit.fair.horizontal, --- awful.layout.suit.spiral, --- awful.layout.suit.spiral.dwindle, - awful.layout.suit.max, - awful.layout.suit.max.fullscreen --- awful.layout.suit.magnifier -} --- }}} - --- {{{ Wallpaper -if beautiful.wallpaper then - for s = 1, screen.count() do - gears.wallpaper.maximized(beautiful.wallpaper, s, true) - end -end --- }}} - --- {{{ Tags --- Define a tag table which hold all screen tags. -tags = {} -for s = 1, screen.count() do - -- Each screen has its own tag table. - tags[s] = awful.tag({ "tmp", "news", "www", "im", "work1","work2","net","misc","remote" }, s, layouts[1]) -end --- }}} - --- {{{ Menu --- Create a laucher widget and a main menu -myawesomemenu = { - { "manual", terminal .. " -e man awesome" }, - { "edit config", editor_cmd .. " " .. awesome.conffile }, - { "restart", awesome.restart }, - { "quit", awesome.quit } -} - -mymainmenu = awful.menu({ items = { { "awesome", myawesomemenu, beautiful.awesome_icon }, - { "open terminal", terminal }, - { "pcmanfm", "pcmanfm"} - } - }) - -mylauncher = awful.widget.launcher({ image = beautiful.awesome_icon, - menu = mymainmenu }) - --- Menubar configuration -menubar.utils.terminal = terminal -- Set the terminal for applications that require it --- }}} - --- {{{ Wibox --- Create a textclock widget -mytextclock = awful.widget.textclock() - --- Create a wibox for each screen and add it -mywibox = {} -mypromptbox = {} -mylayoutbox = {} -mytaglist = {} -mytaglist.buttons = awful.util.table.join( - awful.button({ }, 1, awful.tag.viewonly), - awful.button({ modkey }, 1, awful.client.movetotag), - awful.button({ }, 3, awful.tag.viewtoggle), - awful.button({ modkey }, 3, awful.client.toggletag), - awful.button({ }, 4, function(t) awful.tag.viewnext(awful.tag.getscreen(t)) end), - awful.button({ }, 5, function(t) awful.tag.viewprev(awful.tag.getscreen(t)) end) - ) -mytasklist = {} -mytasklist.buttons = awful.util.table.join( - awful.button({ }, 1, function (c) - if c == client.focus then - c.minimized = true - else - -- Without this, the following - -- :isvisible() makes no sense - c.minimized = false - if not c:isvisible() then - awful.tag.viewonly(c:tags()[1]) - end - -- This will also un-minimize - -- the client, if needed - client.focus = c - c:raise() - end - end), - awful.button({ }, 3, function () - if instance then - instance:hide() - instance = nil - else - instance = awful.menu.clients({ width=250 }) - end - end), - awful.button({ }, 4, function () - awful.client.focus.byidx(1) - if client.focus then client.focus:raise() end - end), - awful.button({ }, 5, function () - awful.client.focus.byidx(-1) - if client.focus then client.focus:raise() end - end)) - -for s = 1, screen.count() do - -- Create a promptbox for each screen - mypromptbox[s] = awful.widget.prompt() - -- Create an imagebox widget which will contains an icon indicating which layout we're using. - -- We need one layoutbox per screen. - mylayoutbox[s] = awful.widget.layoutbox(s) - mylayoutbox[s]:buttons(awful.util.table.join( - awful.button({ }, 1, function () awful.layout.inc(layouts, 1) end), - awful.button({ }, 3, function () awful.layout.inc(layouts, -1) end), - awful.button({ }, 4, function () awful.layout.inc(layouts, 1) end), - awful.button({ }, 5, function () awful.layout.inc(layouts, -1) end))) - -- Create a taglist widget - mytaglist[s] = awful.widget.taglist(s, awful.widget.taglist.filter.all, mytaglist.buttons) - - -- Create a tasklist widget - mytasklist[s] = awful.widget.tasklist(s, awful.widget.tasklist.filter.currenttags, mytasklist.buttons) - - -- Create the wibox - mywibox[s] = awful.wibox({ position = "top", screen = s }) - - -- Widgets that are aligned to the left - local left_layout = wibox.layout.fixed.horizontal() - left_layout:add(mylauncher) - left_layout:add(mytaglist[s]) - left_layout:add(mypromptbox[s]) - - -- Widgets that are aligned to the right - local right_layout = wibox.layout.fixed.horizontal() - right_layout:add(mailwidget) - if s == 1 then right_layout:add(wibox.widget.systray()) end - right_layout:add(cpuwidget) - right_layout:add(batwidget) - right_layout:add(mytextclock) - right_layout:add(mylayoutbox[s]) - - -- Now bring it all together (with the tasklist in the middle) - local layout = wibox.layout.align.horizontal() - layout:set_left(left_layout) - layout:set_middle(mytasklist[s]) - layout:set_right(right_layout) - - mywibox[s]:set_widget(layout) -end --- }}} - --- {{{ Mouse bindings -root.buttons(awful.util.table.join( - awful.button({ }, 3, function () mymainmenu:toggle() end), - awful.button({ }, 4, awful.tag.viewnext), - awful.button({ }, 5, awful.tag.viewprev) -)) --- }}} - --- {{{ Key bindings -globalkeys = awful.util.table.join( - awful.key({ modkey, }, "Left", awful.tag.viewprev ), - awful.key({ modkey, }, "Right", awful.tag.viewnext ), - awful.key({ modkey, }, "Escape", awful.tag.history.restore), - - awful.key({ modkey, }, "j", - function () - awful.client.focus.byidx( 1) - if client.focus then client.focus:raise() end - end), - awful.key({ modkey, }, "k", - function () - awful.client.focus.byidx(-1) - if client.focus then client.focus:raise() end - end), - awful.key({ modkey, }, "w", function () mymainmenu:show() end), - - -- Layout manipulation - awful.key({ modkey, "Shift" }, "j", function () awful.client.swap.byidx( 1) end), - awful.key({ modkey, "Shift" }, "k", function () awful.client.swap.byidx( -1) end), - awful.key({ modkey, "Control" }, "j", function () awful.screen.focus_relative( 1) end), - awful.key({ modkey, "Control" }, "k", function () awful.screen.focus_relative(-1) end), - awful.key({ modkey, }, "u", awful.client.urgent.jumpto), - awful.key({ modkey, }, "Tab", - function () - awful.client.focus.history.previous() - if client.focus then - client.focus:raise() - end - end), - - -- Standard program - awful.key({ modkey, }, "Return", function () awful.util.spawn(terminal) end), - awful.key({ modkey, "Control" }, "r", awesome.restart), - awful.key({ modkey, "Shift" }, "q", awesome.quit), - - awful.key({ modkey, }, "l", function () awful.tag.incmwfact( 0.05) end), - awful.key({ modkey, }, "h", function () awful.tag.incmwfact(-0.05) end), - awful.key({ modkey, "Shift" }, "h", function () awful.tag.incnmaster( 1) end), - awful.key({ modkey, "Shift" }, "l", function () awful.tag.incnmaster(-1) end), - awful.key({ modkey, "Control" }, "h", function () awful.tag.incncol( 1) end), - awful.key({ modkey, "Control" }, "l", function () awful.tag.incncol(-1) end), - awful.key({ modkey, }, "space", function () awful.layout.inc(layouts, 1) end), - awful.key({ modkey, "Shift" }, "space", function () awful.layout.inc(layouts, -1) end), - - awful.key({ modkey, "Control" }, "n", awful.client.restore), - awful.key({ }, "XF86AudioRaiseVolume", function () - awful.util.spawn("amixer set Master 5%+", false) end), - awful.key({ }, "XF86AudioLowerVolume", function () - awful.util.spawn("amixer set Master 5%-", false) end), - awful.key({ }, "XF86AudioMute", function () - awful.util.spawn("amixer -q -D default sset Master toggle", false) end), - - -- Prompt - awful.key({ modkey }, "r", function () mypromptbox[mouse.screen]:run() end), - -- awful.key({ modkey }, "r", function () awful.util.spawn( "dmenu_run" ) end ), - awful.key({ modkey,"Control" }, "BackSpace", function () awful.util.spawn("@locker@") end), - awful.key({ }, "XF86ScreenSaver", function () awful.util.spawn("@locker@") end), - - awful.key({ modkey }, "x", - function () - awful.prompt.run({ prompt = "Run Lua code: " }, - mypromptbox[mouse.screen].widget, - awful.util.eval, nil, - awful.util.getdir("cache") .. "/history_eval") - end), - -- Menubar - awful.key({ modkey }, "p", function() menubar.show() end) -) - -clientkeys = awful.util.table.join( - awful.key({ modkey, }, "f", function (c) c.fullscreen = not c.fullscreen end), - awful.key({ modkey, "Shift" }, "c", function (c) c:kill() end), - awful.key({ modkey, "Control" }, "space", awful.client.floating.toggle ), - awful.key({ modkey, "Control" }, "Return", function (c) c:swap(awful.client.getmaster()) end), - awful.key({ modkey, }, "o", awful.client.movetoscreen ), - awful.key({ modkey, }, "t", function (c) c.ontop = not c.ontop end), - awful.key({ modkey, }, "n", - function (c) - -- The client currently has the input focus, so it cannot be - -- minimized, since minimized clients can't have the focus. - c.minimized = true - end), - awful.key({ modkey, }, "m", - function (c) - c.maximized_horizontal = not c.maximized_horizontal - c.maximized_vertical = not c.maximized_vertical - end) -) - --- Compute the maximum number of digit we need, limited to 9 -keynumber = 0 -for s = 1, screen.count() do - keynumber = math.min(9, math.max(#tags[s], keynumber)) -end - --- Bind all key numbers to tags. --- Be careful: we use keycodes to make it works on any keyboard layout. --- This should map on the top row of your keyboard, usually 1 to 9. -for i = 1, keynumber do - globalkeys = awful.util.table.join(globalkeys, - awful.key({ modkey }, "#" .. i + 9, - function () - local screen = mouse.screen - if tags[screen][i] then - awful.tag.viewonly(tags[screen][i]) - end - end), - awful.key({ modkey, "Control" }, "#" .. i + 9, - function () - local screen = mouse.screen - if tags[screen][i] then - awful.tag.viewtoggle(tags[screen][i]) - end - end), - awful.key({ modkey, "Shift" }, "#" .. i + 9, - function () - if client.focus and tags[client.focus.screen][i] then - awful.client.movetotag(tags[client.focus.screen][i]) - end - end), - awful.key({ modkey, "Control", "Shift" }, "#" .. i + 9, - function () - if client.focus and tags[client.focus.screen][i] then - awful.client.toggletag(tags[client.focus.screen][i]) - end - end)) -end - -clientbuttons = awful.util.table.join( - awful.button({ }, 1, function (c) client.focus = c; c:raise() end), - awful.button({ modkey }, 1, awful.mouse.client.move), - awful.button({ modkey }, 3, awful.mouse.client.resize)) - --- Set keys -root.keys(globalkeys) --- }}} - --- {{{ Rules -awful.rules.rules = { - -- All clients will match this rule. - { rule = { }, - properties = { border_width = beautiful.border_width, - border_color = beautiful.border_normal, - focus = awful.client.focus.filter, - keys = clientkeys, - buttons = clientbuttons } }, - { rule = { class = "MPlayer" }, - properties = { floating = true } }, - { rule = { class = "pinentry" }, - properties = { floating = true } }, - { rule = { class = "gimp" }, - properties = { floating = true } }, - { rule = { class = "Anamnesis" }, - properties = { floating = true } }, - -- Set Firefox to always map on tags number 2 of screen 1. - -- { rule = { class = "Firefox" }, - -- properties = { tag = tags[1][2] } }, -} --- }}} - --- {{{ Signals --- Signal function to execute when a new client appears. -client.connect_signal("manage", function (c, startup) - -- Enable sloppy focus - c:connect_signal("mouse::enter", function(c) - if awful.layout.get(c.screen) ~= awful.layout.suit.magnifier - and awful.client.focus.filter(c) then - client.focus = c - end - end) - - if not startup then - -- Set the windows at the slave, - -- i.e. put it at the end of others instead of setting it master. - -- awful.client.setslave(c) - - -- Put windows in a smart way, only if they does not set an initial position. - if not c.size_hints.user_position and not c.size_hints.program_position then - awful.placement.no_overlap(c) - awful.placement.no_offscreen(c) - end - end - - local titlebars_enabled = false - if titlebars_enabled and (c.type == "normal" or c.type == "dialog") then - -- Widgets that are aligned to the left - local left_layout = wibox.layout.fixed.horizontal() - left_layout:add(awful.titlebar.widget.iconwidget(c)) - - -- Widgets that are aligned to the right - local right_layout = wibox.layout.fixed.horizontal() - right_layout:add(awful.titlebar.widget.floatingbutton(c)) - right_layout:add(awful.titlebar.widget.maximizedbutton(c)) - right_layout:add(awful.titlebar.widget.stickybutton(c)) - right_layout:add(awful.titlebar.widget.ontopbutton(c)) - right_layout:add(awful.titlebar.widget.closebutton(c)) - - -- The title goes in the middle - local title = awful.titlebar.widget.titlewidget(c) - title:buttons(awful.util.table.join( - awful.button({ }, 1, function() - client.focus = c - c:raise() - awful.mouse.client.move(c) - end), - awful.button({ }, 3, function() - client.focus = c - c:raise() - awful.mouse.client.resize(c) - end) - )) - - -- Now bring it all together - local layout = wibox.layout.align.horizontal() - layout:set_left(left_layout) - layout:set_right(right_layout) - layout:set_middle(title) - - awful.titlebar(c):set_widget(layout) - end -end) -local setmetatable = setmetatable -local os = { - date = os.date, - time = os.time -} - --- }}} - -local current_screen = 1 -awful.rules.rules = { - { rule = { class = "chromium-browser" }, - callback = function() - -- TODO different tags, switch tag - awful.client.movetotag(tags[current_screen][1],c) - if (current_screen == 1) then - current_screen = current_screen+1 - else - current_screen = current_screen-1 - end - end - }, -} - --- awful.util.spawn_with_shell("chromium --new-window --kiosk https://www.checkpoint.com/ThreatPortal/livemap.html") ---awful.util.spawn_with_shell("chromium --new-window --kiosk http://wolf:3000/dashboard/db/soc-critical-values") --- awful.util.spawn_with_shell("sleep 0.5;chromium --new-window --kiosk http://wolf:3000/dashboard/db/aralast") ---awful.util.spawn_with_shell("chromium --new-window --kiosk http://gast.aramark.de/thales-deutschland/menu/pdf/woche_de.php") - ---awful.util.spawn_with_shell("sleep 0.5;chromium --new-window --kiosk http://map.norsecorp.com") ---awful.util.spawn_with_shell("sleep 0.5;chromium --new-window --kiosk http://threatmap.fortiguard.com") - -awful.util.spawn_with_shell("chromium --new-window --kiosk 'https://ossim.siem/ossim/#dashboard/overview/overview'") -awful.util.spawn_with_shell("chromium --new-window --kiosk 'https://ossim.siem/ossim/#analysis/alarms/alarms'") - --- }}} - diff --git a/makefu/5pkgs/baidudl/default.nix b/makefu/5pkgs/baidudl/default.nix deleted file mode 100644 index 3c701fd6a..000000000 --- a/makefu/5pkgs/baidudl/default.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ stdenv, lib, pkgs, curl, jansson ,fetchFromGitHub, autoreconfHook }: -stdenv.mkDerivation rec { - pname = "baidudl"; - version = "2018-01-16"; - name = "${pname}-${version}"; - - src = fetchFromGitHub { - owner = "yzfedora"; - repo = "baidudl"; - rev = "712f2554a5ef7b2eba5c248d6406a6c535ef47b2"; - sha256 = "1nfzalyd9k87q6njdxpg7pa62q6hyfr2vwxwvahaflyp31nlpa0y"; - }; - - - nativeBuildInputs = [ autoreconfHook ]; - buildInputs = [ curl.dev jansson ]; - - meta = { - homepage = https://github.com/yzfedora/baidudl; - description = "This is a multi-thread download tool for pan.baidu.com"; - license = lib.licenses.gpl3; - }; -} diff --git a/makefu/5pkgs/bin2iso/default.nix b/makefu/5pkgs/bin2iso/default.nix deleted file mode 100644 index 676fa5b83..000000000 --- a/makefu/5pkgs/bin2iso/default.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ stdenv, lib, pkgs, fetchFromGitHub }: -stdenv.mkDerivation rec { - pname = "bin2iso"; - version = "1.9b"; - - src = fetchFromGitHub { - owner = "einsteinx2"; - repo = "bin2iso"; - rev = "a08f6f93b833878dc009fe59da072643f06a7830"; - sha256 = "1bnhj8z7wbq2v070zkx0xal6hx37y20a068gpy95zh13vihvbgh3"; - }; - - buildPhase ='' - gcc -Wall -o $pname $src/src/linux_macos/${pname}_v${version}_linux.c - ''; - - installPhase = '' - install -Dm755 $pname $out/bin/$pname - ''; - - meta = { - homepage = https://github.com/einsteinx2/bin2iso; - description = "converts bin+cue to iso"; - license = lib.licenses.gpl3; - }; -} diff --git a/makefu/5pkgs/bintray-upload/default.nix b/makefu/5pkgs/bintray-upload/default.nix deleted file mode 100644 index 725ced12d..000000000 --- a/makefu/5pkgs/bintray-upload/default.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ pkgs, lib, ... }: - -pkgs.python3Packages.buildPythonPackage rec { - name = "bintray-upload-${version}"; - version = "0.1.2"; - src = pkgs.fetchFromGitHub { - owner = "makefu"; - repo = "bintray-upload"; - rev = "4e76724"; - sha256 = "1401saisk98n5wgw73nwh8hb484vayw5c6dlypxc1fp4ybym4zi9"; - }; - - propagatedBuildInputs = with pkgs.python3Packages; [ requests ]; - - meta = { - description = "Simple BinTray utility for uploading packages"; - license = lib.licenses.asl20; - }; -} diff --git a/makefu/5pkgs/cameraupload-server/default.nix b/makefu/5pkgs/cameraupload-server/default.nix deleted file mode 100644 index e2e410958..000000000 --- a/makefu/5pkgs/cameraupload-server/default.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ lib, pkgs, fetchFromGitHub, ... }: - -with pkgs.python3Packages;buildPythonPackage rec { - name = "cameraupload-server-${version}"; - version = "0.2.4"; - - propagatedBuildInputs = [ - flask - ]; - - src = fetchFromGitHub { - owner = "makefu"; - repo = "cameraupload-server"; - rev = "c98c8ec"; - sha256 = "0ssgvjm0z399l62wkgjk8c75mvhgn5z7g1dkb78r8vrih9428bb8"; - }; - - meta = { - homepage = https://github.com/makefu/cameraupload-server; - description = "server side for cameraupload_full"; - license = lib.licenses.asl20; - }; -} diff --git a/makefu/5pkgs/cc-tool/default.nix b/makefu/5pkgs/cc-tool/default.nix deleted file mode 100644 index 71d5f8a7d..000000000 --- a/makefu/5pkgs/cc-tool/default.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ stdenv, lib, pkgs, autoreconfHook ,libtool, fetchFromGitHub, boost, libusb1, -pkgconfig,file }: -stdenv.mkDerivation rec { - pname = "cc-tool"; - version = "407fd7e"; - name = "${pname}-${version}"; - - src = fetchFromGitHub { - owner = "dashesy"; - repo = "cc-tool"; - rev = version; - sha256 = "1q7zqib4rn5l8clk2hj7078rfyrjdwxzpyg4r10is31lq22zhxqj"; - }; - - buildInputs = [ boost libtool libusb1 pkgconfig autoreconfHook ]; - - preConfigure = '' - substituteInPlace configure \ - --replace /usr/bin/file ${file}/bin/file - - ''; - - postInstall = '' - install -m755 -D ./udev/90-cc-debugger.rules $out/etc/udev/rules.d/90-cc-debugger.rules - ''; - - meta = { - homepage = https://github.com/AKuHAK/hdl-dump ; - description = "copy isos to psx hdd"; - license = lib.licenses.gpl2; - }; -} diff --git a/makefu/5pkgs/chapter-marker/default.nix b/makefu/5pkgs/chapter-marker/default.nix deleted file mode 100644 index 5ffb63ae9..000000000 --- a/makefu/5pkgs/chapter-marker/default.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ coreutils, fetchFromGitHub, makeWrapper, xclip, libnotify, stdenv, ... }: - -stdenv.mkDerivation rec { - name = "chapter-marker-${version}"; - version = "master"; - src = fetchFromGitHub { - owner = "makefu"; - repo = "chapter-marker"; - rev = "71b9bb8bc4d6fa87de6bea8f42d5486d05cf5443"; - sha256 = "13cvk24pwwyv9i21h57690s5niwkcrcvn8l24zfxwbgq0wwzw38x"; - }; - - buildInputs = [ makeWrapper ]; - - installPhase = - let - path = stdenv.lib.makeBinPath [ - coreutils - libnotify - xclip - ]; - in - '' - mkdir -p $out/bin - cp chapter-mark chapter-start $out/bin/ - wrapProgram $out/bin/chapter-mark \ - --prefix PATH : ${path} - wrapProgram $out/bin/chapter-start \ - --prefix PATH : ${path} - ''; -} diff --git a/makefu/5pkgs/chitubox/default.nix b/makefu/5pkgs/chitubox/default.nix deleted file mode 100644 index afec1144e..000000000 --- a/makefu/5pkgs/chitubox/default.nix +++ /dev/null @@ -1,67 +0,0 @@ -{ stdenv, autoPatchelfHook, libglvnd -, libgcrypt,zlib,glib,fontconfig,freetype,libdrm -, libxkbcommon -, libpulseaudio -, xorg -, gst_all_1 -, krb5 -, alsaLib -}: -# via https://raw.githubusercontent.com/simon-the-sourcerer-ab/chitubox/main/default.nix -stdenv.mkDerivation rec { - pname = "chitubox"; - - version = "1.9.0"; - - src = builtins.fetchTarball { - #url = "https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v${version}&fileName=CHITUBOX_V${version}.tar.gz"; - url = "https://archive.org/download/chitubox-v-1.8.1.tar/CHITUBOX_V${version}.tar.gz"; - sha256 = "1ywcizxdkwlhi8z3jshl3b6ha8iwibssxh8fk7s32h3z8vl8zcl7"; - }; - nativeBuildInputs = [ autoPatchelfHook ]; - - buildInputs = with xorg; [ stdenv.cc.cc.lib libglvnd libgcrypt zlib glib fontconfig freetype libdrm - libxkbcommon libpulseaudio alsaLib - xcbutilwm xcbutilimage xcbutilrenderutil xcbutilkeysyms - gst_all_1.gst-plugins-base gst_all_1.gstreamer krb5 -]; - - buildPhase = '' - mkdir -p bin - mv CHITUBOX bin/chitubox - - # Remove unused stuff - rm AppRun - - # Place resources where ChiTuBox can expect to find them - mkdir ChiTuBox - mv resource ChiTuBox/ - - # Configure Qt paths - cat << EOF > bin/qt.conf - [Paths] - Prefix = $out - Plugins = plugins - Imports = qml - Qml2Imports = qml - EOF - ''; - - installPhase = '' - mkdir -p $out - mv * $out/ - ''; - - autoPatchelfIgnoreMissingDeps=true; - - meta = { - description = "A Revolutionary Tool to Change 3D Printing Processes within One Click"; - homepage = "https://www.chitubox.com"; - license = { - fullName = "ChiTuBox EULA"; - shortName = "ChiTuBox"; - url = "https://www.chitubox.com"; - }; - }; -} - diff --git a/makefu/5pkgs/cmpforopenssl/default.nix b/makefu/5pkgs/cmpforopenssl/default.nix deleted file mode 100644 index b8934357a..000000000 --- a/makefu/5pkgs/cmpforopenssl/default.nix +++ /dev/null @@ -1,82 +0,0 @@ -{ stdenv, lib, fetchurl, buildPackages, perl, fetchgit -, hostPlatform -}: - -with lib; - -let - - common = args@{ rev, sha256, patches ? [] }: stdenv.mkDerivation rec { - name = "cmpforopenssl-${rev}"; - - src = fetchgit { - url = "https://git.code.sf.net/p/cmpforopenssl/git"; - inherit sha256 rev; - fetchSubmodules = false; - deepClone = false; - }; - - patches = - (args.patches or []) - ++ [ ./nix-ssl-cert-file.patch ]; - - outputs = [ "bin" "dev" "out" "man" ]; - setOutputFlags = false; - separateDebugInfo = stdenv.isLinux; - - nativeBuildInputs = [ perl ]; - - configureScript = "./config"; - - configureFlags = [ - "shared" - "--libdir=lib" - "--openssldir=etc/ssl" - ] ; - - makeFlags = [ "MANDIR=$(man)/share/man" ]; - - # Parallel building is broken in OpenSSL. - enableParallelBuilding = false; - - postInstall = '' - # If we're building dynamic libraries, then don't install static - # libraries. - if [ -n "$(echo $out/lib/*.so $out/lib/*.dylib $out/lib/*.dll)" ]; then - rm "$out/lib/"*.a - fi - - mkdir -p $bin - mv $out/bin $bin/ - - mkdir $dev - mv $out/include $dev/ - - # remove dependency on Perl at runtime - rm -r $out/etc/ssl/misc - - rmdir $out/etc/ssl/{certs,private} - ''; - - postFixup = '' - # Check to make sure the main output doesn't depend on perl - if grep -r '${buildPackages.perl}' $out; then - echo "Found an erroneous dependency on perl ^^^" >&2 - exit 1 - fi - ''; - - - meta = { - homepage = https://sourceforge.net/p/cmpforopenssl ; - description = "A cryptographic library that implements the SSL and TLS protocols"; - platforms = lib.platforms.all; - maintainers = [ lib.maintainers.makefu ]; - priority = 0; # resolves collision with ‘man-pages’ - }; - }; - -in common { - rev = "462b3"; - sha256 = "1h2k1c4lg27gmsyd72zrlr303jw765x8sscxblq2jwb44jag85na"; - } diff --git a/makefu/5pkgs/cmpforopenssl/nix-ssl-cert-file.patch b/makefu/5pkgs/cmpforopenssl/nix-ssl-cert-file.patch deleted file mode 100644 index b615f1482..000000000 --- a/makefu/5pkgs/cmpforopenssl/nix-ssl-cert-file.patch +++ /dev/null @@ -1,14 +0,0 @@ -diff -ru -x '*~' openssl-1.0.2j-orig/crypto/x509/by_file.c openssl-1.0.2j/crypto/x509/by_file.c ---- openssl-1.0.2j-orig/crypto/x509/by_file.c 2016-09-26 11:49:07.000000000 +0200 -+++ openssl-1.0.2j/crypto/x509/by_file.c 2016-10-13 16:54:31.400288302 +0200 -@@ -97,7 +97,9 @@ - switch (cmd) { - case X509_L_FILE_LOAD: - if (argl == X509_FILETYPE_DEFAULT) { -- file = (char *)getenv(X509_get_default_cert_file_env()); -+ file = (char *)getenv("NIX_SSL_CERT_FILE"); -+ if (!file) -+ file = (char *)getenv(X509_get_default_cert_file_env()); - if (file) - ok = (X509_load_cert_crl_file(ctx, file, - X509_FILETYPE_PEM) != 0); diff --git a/makefu/5pkgs/cue2pops/default.nix b/makefu/5pkgs/cue2pops/default.nix deleted file mode 100644 index 218ae8307..000000000 --- a/makefu/5pkgs/cue2pops/default.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ stdenv, lib, pkgs, fetchFromGitHub }: - -stdenv.mkDerivation rec { - pname = "cue2pops"; - version = "2"; - name = "${pname}-${version}"; - - src = fetchFromGitHub { - owner = "makefu"; - repo = "cue2pops-linux"; - rev = "541863a"; - sha256 = "05w84726g3k33rz0wwb9v77g7xh4cnhy9sxlpilf775nli9bynrk"; - }; - - installPhase = '' - install -Dm755 $pname $out/bin/$pname - ''; - - meta = { - homepage = http://users.eastlink.ca/~doiron/bin2iso/ ; - description = "converts bin+cue to iso"; - license = lib.licenses.gpl3; - }; -} diff --git a/makefu/5pkgs/cups-ptouch/default.nix b/makefu/5pkgs/cups-ptouch/default.nix deleted file mode 100644 index be0dd1663..000000000 --- a/makefu/5pkgs/cups-ptouch/default.nix +++ /dev/null @@ -1,55 +0,0 @@ -{ lib, stdenv -, fetchFromGitHub -, autoreconfHook -, gd -, libusb1 -, cups -, libpng -, perl -, perlPackages -, libxml2 -, callPackage -, foomatic-db-engine ? ( callPackage ../foomatic-db-engine {} ) -}: - -stdenv.mkDerivation rec { - pname = "printer-driver-ptouch"; - version = "1.6"; - - src = fetchFromGitHub { - owner = "philpem"; - repo = "printer-driver-ptouch"; - rev = "v${version}"; - sha256 = "1c4hkncnr4qwkbz5dfvksngvq057j6xnbi1jjvchnlr7zgj7cndk"; - }; - - postPatch = '' - patchShebangs foomaticalize - ''; - nativeBuildInputs = [ - autoreconfHook - perl - libxml2 - perlPackages.XMLLibXML - foomatic-db-engine - ]; - - buildInputs = [ - cups - libpng - ]; - postInstall = '' - mkdir -p $out/share/cups/model/ - echo "dummy dummy" > "$out/share/foomatic/db/oldprinterids" - FOOMATICDB="$out/share/foomatic" foomatic-compiledb -t ppd -d "$out/share/cups/model/Brother/" - rm -r $out/share/foomatic - ''; - - meta = with lib; { - description = "Command line tool to print labels on Brother P-Touch printers on Linux"; - license = licenses.gpl3Plus; - homepage = "https://mockmoon-cybernetics.ch/computer/p-touch2430pc/"; - maintainers = with maintainers; [ shamilton ]; - platforms = platforms.linux; - }; -} diff --git a/makefu/5pkgs/custom/alsa-tools/default.nix b/makefu/5pkgs/custom/alsa-tools/default.nix deleted file mode 100644 index 386b08704..000000000 --- a/makefu/5pkgs/custom/alsa-tools/default.nix +++ /dev/null @@ -1,26 +0,0 @@ -{stdenv, lib, alsaToolTarget,fetchurl, alsaLib, ncurses, fltk13, gtk3}: - -stdenv.mkDerivation rec { - name = "alsa-${alsaToolTarget}-${version}"; - alsaToolsName = "alsa-tools-${version}"; - version = "1.0.29"; - - src = fetchurl { - urls = [ - "ftp://ftp.alsa-project.org/pub/tools/${alsaToolsName}.tar.bz2" - "http://alsa.cybermirror.org/tools/${alsaToolsName}.tar.bz2" - - ]; - sha256 = "1lgvyb81md25s9ciswpdsbibmx9s030kvyylf0673w3kbamz1awl"; - }; - sourceRoot = "${alsaToolsName}/${alsaToolTarget}/"; - buildInputs = [ alsaLib fltk13 gtk3 ncurses ]; - - meta = { - homepage = http://www.alsa-project.org/; - description = "ALSA tools - ${name}"; - - platforms = lib.platforms.linux; - maintainers = [ lib.maintainers.makefu ]; - }; -} diff --git a/makefu/5pkgs/custom/hydra-check/default.nix b/makefu/5pkgs/custom/hydra-check/default.nix deleted file mode 100644 index cfaaaab73..000000000 --- a/makefu/5pkgs/custom/hydra-check/default.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ docopt, requests, beautifulsoup4, fetchFromGitHub, buildPythonPackage }: - -buildPythonPackage rec { - name = "hydra-check"; - version = "1.1.0"; - - src = fetchFromGitHub { - owner = "nix-community"; - repo = "hydra-check"; - rev = version; - sha256 = "1q4n5l238lnzcms3z1ax4860inaliawqlxv7nf1wb4knl4wr26fk"; - }; - propagatedBuildInputs = [ - docopt - requests - beautifulsoup4 - ]; - doCheck = false; # no tests -} diff --git a/makefu/5pkgs/custom/liveproxy/default.nix b/makefu/5pkgs/custom/liveproxy/default.nix deleted file mode 100644 index ba5ddee66..000000000 --- a/makefu/5pkgs/custom/liveproxy/default.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ lib -, buildPythonPackage -, fetchPypi -, streamlink -}: - -buildPythonPackage rec { - pname = "liveproxy"; - version = "0.3.0"; - - src = fetchPypi { - inherit pname version; - sha256 = "70ba2f7b57cdf19c6d971a434ed47cccb5fdfe4621baa76a3f6221e75b7f2729"; - }; - - # # Package conditions to handle - # # might have to sed setup.py and egg.info in patchPhase - # # sed -i "s/...//" - # streamlink (>=1.1.1) - propagatedBuildInputs = [ - streamlink - ]; - - meta = with lib; { - description = "LiveProxy is a local Proxyserver between Streamlink and an URL"; - homepage = https://github.com/back-to/liveproxy; - license = lib.licenses.bsd2; - # maintainers = [ maintainers. ]; - }; -} diff --git a/makefu/5pkgs/custom/mediawiki-matrix-bot/default.nix b/makefu/5pkgs/custom/mediawiki-matrix-bot/default.nix deleted file mode 100644 index 421cb76f2..000000000 --- a/makefu/5pkgs/custom/mediawiki-matrix-bot/default.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ buildPythonApplication, fetchFromGitHub, feedparser, matrix-nio, docopt, aiohttp, aiofiles, -mypy }: - -buildPythonApplication rec { - pname = "mediawiki-matrix-bot"; - version = "1.0.0"; - src = fetchFromGitHub { - owner = "nix-community"; - repo = "mediawiki-matrix-bot"; - rev = "v${version}"; - sha256 = "1923097j1xh34jmm0zhmvma614jcxaagj89c1fc1j2qyv14ybsvs"; - }; - propagatedBuildInputs = [ - feedparser matrix-nio docopt aiohttp aiofiles - ]; - nativeBuildInputs = [ - mypy - ]; - - doCheck = false; - #checkInputs = [ - # types-aiofiles - #]; - #checkPhase = '' - # mypy --strict mediawiki_matrix_bot - #''; -} diff --git a/makefu/5pkgs/custom/qcma/default.nix b/makefu/5pkgs/custom/qcma/default.nix deleted file mode 100644 index 670822f33..000000000 --- a/makefu/5pkgs/custom/qcma/default.nix +++ /dev/null @@ -1,57 +0,0 @@ -{ lib, stdenv, fetchFromGitHub, fetchgit, libusb, libtool, autoconf, pkgconfig, git, -gettext, automake, libxml2 -, autoreconfHook -, qmake4Hook -, qmake -, qtbase, qttools, qtmultimedia, libnotify, ffmpeg, gdk_pixbuf }: -let - libvitamtp = stdenv.mkDerivation rec { - name = "libvitamtp-${version}"; - version = "2.5.9"; - - src = fetchFromGitHub { - owner = "codestation"; - repo = "vitamtp"; - rev = "v"+version; - sha256 = "09c9f7gqpyicfpnhrfb4r67s2hci6hh31bzmqlpds4fywv5mzaf8"; - }; - - buildInputs = [ libusb libxml2 libtool autoconf automake gettext pkgconfig - autoreconfHook ]; - - meta = { - description = "Content Manager Assistant for the PS Vita"; - homepage = https://github.com/codestation/qcma; - license = lib.licenses.gpl2; - platforms = lib.platforms.linux; - maintainers = with lib.maintainers; [ makefu ]; - }; - }; -in stdenv.mkDerivation rec { - name = "qcma-${version}"; - version = "8e6cafedc0f47733f33323f829624e3fc847a176"; - - src = fetchFromGitHub { - owner = "codestation"; - repo = "qcma"; - rev = version; - sha256 = "1l95kx3x4pf5iwmwigbch5c6n2h27lls5qiy4xh15v59p5442yw5"; - }; - - preConfigure = '' - lrelease common/resources/translations/*.ts - ''; - - enableParallelBuilding = true; - - buildInputs = [ gdk_pixbuf ffmpeg libnotify libvitamtp git qtmultimedia qtbase ]; - nativeBuildInputs = [ qttools pkgconfig qmake ]; - - meta = { - description = "Content Manager Assistant for the PS Vita"; - homepage = https://github.com/codestation/qcma; - license = lib.licenses.gpl2; - platforms = lib.platforms.linux; - maintainers = with lib.maintainers; [ makefu ]; - }; -} diff --git a/makefu/5pkgs/custom/quodlibet/remove-override-warning.patch b/makefu/5pkgs/custom/quodlibet/remove-override-warning.patch deleted file mode 100644 index 0f9d41024..000000000 --- a/makefu/5pkgs/custom/quodlibet/remove-override-warning.patch +++ /dev/null @@ -1,54 +0,0 @@ -diff --git a/quodlibet/qltk/edittags.py b/quodlibet/quodlibet/qltk/edittags.py -index 148866ef7..e741b9c3d 100644 ---- a/quodlibet/qltk/edittags.py -+++ b/quodlibet/qltk/edittags.py -@@ -740,13 +740,6 @@ class EditTags(Gtk.VBox): - win.show() - all_done = False - for song in songs: -- if not song.valid(): -- win.hide() -- dialog = OverwriteWarning(self, song) -- resp = dialog.run() -- win.show() -- if resp != OverwriteWarning.RESPONSE_SAVE: -- break - - changed = False - for key, values in iteritems(updated): -diff --git a/quodlibet/qltk/tagsfrompath.py b/quodlibet/quodlibet/qltk/tagsfrompath.py -index fd3f0709c..cb5b44f20 100644 ---- a/quodlibet/qltk/tagsfrompath.py -+++ b/quodlibet/qltk/tagsfrompath.py -@@ -284,13 +284,6 @@ class TagsFromPath(Gtk.VBox): - for entry in ((model and itervalues(model)) or []): - song = entry.song - changed = False -- if not song.valid(): -- win.hide() -- dialog = OverwriteWarning(self, song) -- resp = dialog.run() -- win.show() -- if resp != OverwriteWarning.RESPONSE_SAVE: -- break - - for i, h in enumerate(pattern.headers): - text = entry.get_match(h) -diff --git a/quodlibet/qltk/tracknumbers.py b/quodlibet/quodlibet/qltk/tracknumbers.py -index 1ab4d0b9a..52f087db4 100644 ---- a/quodlibet/qltk/tracknumbers.py -+++ b/quodlibet/qltk/tracknumbers.py -@@ -160,13 +160,6 @@ class TrackNumbers(Gtk.VBox): - if song.get("tracknumber") == track: - win.step() - continue -- if not song.valid(): -- win.hide() -- dialog = OverwriteWarning(self, song) -- resp = dialog.run() -- win.show() -- if resp != OverwriteWarning.RESPONSE_SAVE: -- break - song["tracknumber"] = track - try: - song.write() diff --git a/makefu/5pkgs/custom/quodlibet/single-digit-discnumber.patch b/makefu/5pkgs/custom/quodlibet/single-digit-discnumber.patch deleted file mode 100644 index 05778fde7..000000000 --- a/makefu/5pkgs/custom/quodlibet/single-digit-discnumber.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff --git a/quodlibet/pattern/_pattern.py b/quodlibet/pattern/_pattern.py -index fc056d07a..8fb559c6e 100644 ---- a/quodlibet/pattern/_pattern.py -+++ b/quodlibet/pattern/_pattern.py -@@ -387,7 +387,7 @@ def _number(key, value): - elif key == "discnumber": - parts = value.split("/") - try: -- return "%02d" % int(parts[0]) -+ return "%d" % int(parts[0]) - except (TypeError, ValueError): - return value - else: diff --git a/makefu/5pkgs/debmirror/default.nix b/makefu/5pkgs/debmirror/default.nix deleted file mode 100644 index 69c29481d..000000000 --- a/makefu/5pkgs/debmirror/default.nix +++ /dev/null @@ -1,41 +0,0 @@ -{ stdenv, lib, pkgs, fetchgit }: - -pkgs.perlPackages.buildPerlPackage rec { - pname = "debmirror"; - version = "2.25"; - - enableParallelBuilding = true; - - src = fetchgit { - url = "https://anonscm.debian.org/git/collab-maint/debmirror.git"; - rev = "c77e5caa15a4ab6497db5d819614387e647ccf4e"; - sha256 = "1zp8ff9ajw22b4wradnw1hnfcpbyx5ibqzqgk6kp79nsj1dzmm0d"; - }; - preConfigure = '' - touch Makefile.PL - ''; - - outputs = [ "out" ]; - - buildPhase = '' - make - ''; - - doCheck = false; - - installPhase = '' - mkdir -p $out/bin $out/share/man/man1/ - cp debmirror mirror-size $out/bin - cp debmirror.1 $out/share/man/man1/ - ''; - propagatedBuildInputs = (with pkgs.perlPackages; [ LockFileSimple LWP]) ++ - (with pkgs; [ rsync patch ed gzip diffutils findutils gnupg1 xz ]); - - meta = { - description = "mirror apt repos"; - homepage = https://tracker.debian.org/pkg/debmirror; - license = lib.licenses.gpl2; - platforms = lib.platforms.linux; - maintainers = with lib.maintainers; [ makefu ]; - }; -} diff --git a/makefu/5pkgs/default.nix b/makefu/5pkgs/default.nix deleted file mode 100644 index c057d1470..000000000 --- a/makefu/5pkgs/default.nix +++ /dev/null @@ -1,70 +0,0 @@ -let - unstable = (import {}).pkgs; -in -self: super: -with super.lib; with builtins; let - # This callPackage will try to detect obsolete overrides. - callPackage = path: args: let - override = super.callPackage path args; - upstream = optionalAttrs (override ? "name") - (super.${(parseDrvName override.name).name} or {}); - in if upstream ? "name" && - override ? "name" && - compareVersions upstream.name override.name != -1 - then - trace - "Upstream `${upstream.name}' gets overridden by `${override.name}'." - override - else override; - - eq = x: y: x == y; - subdirsOf = path: - mapAttrs (name: _: path + "/${name}") - (filterAttrs (_: eq "directory") (readDir path)); - -in { - quodlibet = super.pkgs.lib.overrideDerivation super.quodlibet (old: { - doCheck = false; # 1 error because of warnings (possibly upstream) - patches = [ ./custom/quodlibet/single-digit-discnumber.patch - ./custom/quodlibet/remove-override-warning.patch ]; - }); - #rclone = super.pkgs.lib.overrideDerivation super.rclone (old: { - # postInstall = old.postInstall + '' - - # $out/bin/rclone genautocomplete zsh _rclone - # install -D -m644 _rclone $out/share/zsh/vendor-completions/_rclone - # $out/bin/rclone genautocomplete bash _rclone - # install -D -m644 _rclone $out/etc/bash_completion.d/rclone - # ''; - #}); - - # Hotfix for https://github.com/NixOS/nixpkgs/issues/157543 - collectd = super.collectd.override { xen = null; }; - - alsa-hdspconf = callPackage ./custom/alsa-tools { alsaToolTarget="hdspconf";}; - alsa-hdspmixer = callPackage ./custom/alsa-tools { alsaToolTarget="hdspmixer";}; - alsa-hdsploader = callPackage ./custom/alsa-tools { alsaToolTarget="hdsploader";}; - brother_ql_web = (builtins.getFlake "github:makefu/brother_ql_web?rev=a3f8625f48111da8cd6f8e562c966cdca445b82d").packages.x86_64-linux.default; - qcma = super.pkgs.libsForQt5.callPackage ./custom/qcma { }; - inherit (callPackage ./devpi {}) devpi-web ; - jellyfin = unstable.jellyfin; - jellyfin-web = unstable.jellyfin-web; - nodemcu-uploader = super.pkgs.callPackage ./nodemcu-uploader {}; - liveproxy = super.pkgs.python3Packages.callPackage ./custom/liveproxy {}; - mediawiki-matrix-bot = super.pkgs.python3Packages.callPackage ./custom/mediawiki-matrix-bot {}; - hydra-check = super.pkgs.python3Packages.callPackage ./custom/hydra-check {}; - pwqgen-ger = super.pkgs.passwdqc-utils.override { - wordset-file = super.pkgs.fetchurl { - urls = [ - https://gist.githubusercontent.com/makefu/b56f5554c9ef03fe6e09878962e6fd8d/raw/1f147efec51325bc9f80c823bad8381d5b7252f6/wordset_4k.c - https://archive.org/download/nixos-stockholm-tarballs/pviar5j1gxiqcf3l34b4n2pil06xc8zf-wordset_4k.c - ]; - sha256 = "18ddzyh11bywrhzdkzvrl7nvgp5gdb4k1s0zxbz2bkhd14vi72bb"; - }; - }; - -} - -// (mapAttrs (_: flip callPackage {}) - (filterAttrs (_: dir: pathExists (dir + "/default.nix")) - (subdirsOf ./.))) diff --git a/makefu/5pkgs/devpi/default.nix b/makefu/5pkgs/devpi/default.nix deleted file mode 100644 index ac79482f4..000000000 --- a/makefu/5pkgs/devpi/default.nix +++ /dev/null @@ -1,43 +0,0 @@ -{ pkgs ? import {} }: -with pkgs.lib; -let - - readme-renderer = pkgs.python3Packages.buildPythonPackage rec { - name = "readme_renderer"; - version = "0.7.0"; - - src = pkgs.fetchurl { - url = "mirror://pypi/r/readme_renderer/readme_renderer-${version}.tar.gz"; - sha256 = "1kh9ggff8m9sdgr631vf2n4k97h4z1871vay6qgk3ydy3rd856ak"; - }; - buildInputs = with pkgs.python3Packages; [ pytest ]; - propagatedBuildInputs = with pkgs.python3Packages; [ docutils bleach pygments ]; - - }; - devpi-web = pkgs.python3Packages.buildPythonPackage rec { - name = "devpi-web"; - version = "3.2.2"; - - - src = pkgs.fetchurl { - url = "mirror://pypi/d/devpi-web/devpi-web-${version}.tar.gz"; - sha256 = "1mwg2fcw88rn47ypnhg5f4s1r066129z922113shyinwrwfddhay"; - }; - - propagatedBuildInputs = with pkgs.python3Packages; builtins.trace pkgs.devpi-server.version - [ pkgs.devpi-server pyramid_chameleon pygments docutils devpi-common - whoosh beautifulsoup4 defusedxml readme-renderer ]; - - meta = { - homepage = https://bitbucket.org/hpk42/devpi; - description = "a web view for devpi-server"; - license = licenses.mit; - maintainers = with maintainers; [ makefu ]; - }; - }; - -in { - devpi-web = pkgs.python3.buildEnv.override { - extraLibs = [ devpi-web pkgs.devpi-server ]; - }; -} diff --git a/makefu/5pkgs/devpi/py3-fix-encoding.patch b/makefu/5pkgs/devpi/py3-fix-encoding.patch deleted file mode 100644 index e5f940699..000000000 --- a/makefu/5pkgs/devpi/py3-fix-encoding.patch +++ /dev/null @@ -1,11 +0,0 @@ -+++ a/setup.py ---- b/setup.py -@@ -26,7 +26,7 @@ - - - def get_changelog(): -- text = open(os.path.join(here, 'CHANGELOG')).read() -+ text = open(os.path.join(here, 'CHANGELOG'),encoding='utf-8').read() - header_matches = list(re.finditer('^-+$', text, re.MULTILINE)) - # until fifth header - text = text[:header_matches[5].start()] diff --git a/makefu/5pkgs/drozer/default.nix b/makefu/5pkgs/drozer/default.nix deleted file mode 100644 index 22d720f33..000000000 --- a/makefu/5pkgs/drozer/default.nix +++ /dev/null @@ -1,35 +0,0 @@ -{ pkgs, lib, fetchFromGitHub, pythonPackages, jre, jdk }: - -pythonPackages.buildPythonApplication rec { - name = "drozer-${version}"; - version = "2.4.3"; - buildInputs = [ jdk ]; - propagatedBuildInputs = with pythonPackages; [ - protobuf - pyopenssl - pyyaml - service-identity - ] ++ [ - jre - twisted - ]; - src = fetchFromGitHub { - owner = "mwrlabs"; - repo = "drozer"; - rev = version; - sha256 = "1z437y7rr53dhpi95yc2c3x8g4aix90y7zf52avcdsvhlp4iip3q"; - }; - prePatch = '' - sed -i 's#^exec java #exec ${jre}/bin/java #' ./src/drozer/lib/dx - patchShebangs ./src/drozer/lib/dx - patchelf $(cat $NIX_CC/nix-support/dynamic-linker) ./src/drozer/lib/aapt - echo starting build - ''; - - meta = { - homepage = https://github.com/mwrlabs/drozer/; - description = "The Leading Security Assessment Framework for Android"; - license = lib.licenses.bsd2; - broken = true; - }; -} diff --git a/makefu/5pkgs/elchhub/default.nix b/makefu/5pkgs/elchhub/default.nix deleted file mode 100644 index df5777135..000000000 --- a/makefu/5pkgs/elchhub/default.nix +++ /dev/null @@ -1,35 +0,0 @@ -{ lib, pkgs, fetchFromGitHub, ... }: - -with pkgs.python3Packages; -let - ftputil = buildPythonPackage rec { - version = "3.3.1"; - name = "ftputil-${version}"; - doCheck = false; - src = pkgs.fetchurl { - url = "mirror://pypi/f/ftputil/${name}.tar.gz"; - sha256 = "bc88f35cc7f5f292ec4b56e99c8b05d361de1cc8b330050e32b0c4ecaa2d2b01"; - }; -}; -in buildPythonPackage rec { - name = "elchhub-${version}"; - version = "1.0.5"; - propagatedBuildInputs = [ - flask - requests - ftputil - redis - ]; - doCheck = false; - src = fetchFromGitHub { - owner = "krebs"; - repo = "elchhub"; - rev = "58707c6"; - sha256 = "04spbcr660dxyc4jvrai094na25zizd2cfi36jz19lahb0k66lqm"; - }; - meta = { - homepage = https://github.com/krebs/elchhub; - description = "elchhub"; - license = lib.licenses.wtfpl; - }; -} diff --git a/makefu/5pkgs/gen-oath-safe/default.nix b/makefu/5pkgs/gen-oath-safe/default.nix deleted file mode 100644 index bdd48f407..000000000 --- a/makefu/5pkgs/gen-oath-safe/default.nix +++ /dev/null @@ -1,37 +0,0 @@ -{ coreutils, makeWrapper, openssl, libcaca, qrencode, fetchFromGitHub, yubikey-manager, python, stdenv, lib, ... }: - -stdenv.mkDerivation { - name = "gen-oath-safe-2017-06-30"; - src = fetchFromGitHub { - owner = "mcepl"; - repo = "gen-oath-safe"; - rev = "fb53841"; - sha256 = "0018kqmhg0861r5xkbis2a1rx49gyn0dxcyj05wap5ms7zz69m0m"; - }; - - phases = [ - "unpackPhase" - "installPhase" - "fixupPhase" - ]; - - buildInputs = [ makeWrapper ]; - - installPhase = - let - path = lib.makeBinPath [ - coreutils - openssl - qrencode - yubikey-manager - libcaca - python - ]; - in - '' - mkdir -p $out/bin - cp gen-oath-safe $out/bin/ - wrapProgram $out/bin/gen-oath-safe \ - --prefix PATH : ${path} - ''; -} diff --git a/makefu/5pkgs/git-xlsx-textconv/default.nix b/makefu/5pkgs/git-xlsx-textconv/default.nix deleted file mode 100644 index ffb9b003c..000000000 --- a/makefu/5pkgs/git-xlsx-textconv/default.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ stdenv, lib, buildGoPackage, fetchFromGitHub }: -let - go-xlsx = buildGoPackage rec { - name = "go-xlsx-${version}"; - version = "46e6e472d"; - - goPackagePath = "github.com/tealeg/xlsx"; - src = fetchFromGitHub { - rev = version; - owner = "tealeg"; - repo = "xlsx"; - sha256 = "1vls05asms7azhyszbqpgdby9l45jpgisbzzmbrzi30n6cvs89zg"; - }; -}; -in -(buildGoPackage rec { - name = "git-xlsx-textconv-${version}"; - version = "70685e7f8"; - - - goPackagePath = "github.com/tokuhirom/git-xlsx-textconv"; - - src = fetchFromGitHub { - rev = version; - owner = "tokuhirom"; - repo = "git-xlsx-textconv"; - sha256 = "055f3caj1y8v7sc2pz9q0dfyi2ij77d499pby4sjfvm5kjy9msdi"; - }; - propagatedBuildInputs = [ go-xlsx ]; - #meta.broken = true; -}) diff --git a/makefu/5pkgs/kalauerbot/badsync.patch b/makefu/5pkgs/kalauerbot/badsync.patch deleted file mode 100644 index 842129b94..000000000 --- a/makefu/5pkgs/kalauerbot/badsync.patch +++ /dev/null @@ -1,14 +0,0 @@ -diff --git a/matrix_client/client.py b/matrix_client/client.py -index af0e08f..f848c4f 100644 ---- a/matrix_client/client.py -+++ b/matrix_client/client.py -@@ -471,7 +471,7 @@ class MatrixClient(object): - self._sync(timeout_ms) - - def listen_forever(self, timeout_ms=30000, exception_handler=None, -- bad_sync_timeout=5): -+ bad_sync_timeout=61): - """ Keep listening for events forever. - - Args: - diff --git a/makefu/5pkgs/kalauerbot/default.nix b/makefu/5pkgs/kalauerbot/default.nix deleted file mode 100644 index 42de86d50..000000000 --- a/makefu/5pkgs/kalauerbot/default.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ stdenv, lib, python3, fetchgit }: -python3.pkgs.buildPythonPackage rec { -name = "kalauerbot"; -rev = "f244b35"; - src = fetchgit { - url = "http://cgit.euer.krebsco.de/kalauerbot"; - inherit rev; - sha256 = "08y4rlsil9p0726wlpkw2lpmkcnckaj3zqsifbj5w6rgivp6ly0v"; - }; - propagatedBuildInputs = with python3.pkgs;[ - (callPackage ./python-matrixbot.nix { - matrix-client = (lib.overrideDerivation matrix-client (self: { - patches = [ ./badsync.patch ]; - })); - }) - - (lib.overrideDerivation googletrans (self: { - patches = [ ./translate.patch ]; - })) - ]; - checkInputs = [ python3.pkgs.black ]; -} - diff --git a/makefu/5pkgs/kalauerbot/matrixbot.patch b/makefu/5pkgs/kalauerbot/matrixbot.patch deleted file mode 100644 index 2b9bbbea1..000000000 --- a/makefu/5pkgs/kalauerbot/matrixbot.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff --git a/matrixbot/matrixbot.py b/matrixbot/matrixbot.py -index 8e5598c..d8c23d2 100644 ---- a/matrixbot/matrixbot.py -+++ b/matrixbot/matrixbot.py -@@ -51,7 +51,6 @@ class MatrixBot: - self.user = None - if self.token is not None and self.user_id is not None: - self.user = self.client.get_user(self.user_id) -- self.user.set_display_name(self.display_name) - self.init_rooms(self.client.rooms) - self.invite_listener = self.client.add_invite_listener(self.handle_invite) - self.cache = Cache(dbfile=cache_db) diff --git a/makefu/5pkgs/kalauerbot/python-matrixbot.nix b/makefu/5pkgs/kalauerbot/python-matrixbot.nix deleted file mode 100644 index 7bc5aa7f3..000000000 --- a/makefu/5pkgs/kalauerbot/python-matrixbot.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ lib -, buildPythonPackage -, fetchPypi -, markdown -, matrix-client -}: - -buildPythonPackage rec { - pname = "python-matrixbot"; - version = "0.0.7"; - CI_COMMIT_TAG = version; - - #src = ./python-matrixbot; - src = fetchPypi { - inherit pname version; - sha256 = "9412981b14ff3ab7ffbb1bfc1691758113ab8d71f731b3093d8808c286b69c71"; - }; - patches = [ ./matrixbot.patch ]; - - propagatedBuildInputs = [ - markdown - matrix-client - ]; - - meta = with lib; { - description = "A basic bot for Matrix"; - homepage = https://gitlab.com/gibberfish/python-matrixbot; - license = licenses.mit; - # maintainers = [ maintainers. ]; - }; -} diff --git a/makefu/5pkgs/kalauerbot/translate.patch b/makefu/5pkgs/kalauerbot/translate.patch deleted file mode 100644 index 6ff820726..000000000 --- a/makefu/5pkgs/kalauerbot/translate.patch +++ /dev/null @@ -1,17 +0,0 @@ -diff --git a/googletrans/client.py b/googletrans/client.py -index 89c2237..c203b44 100644 ---- a/googletrans/client.py -+++ b/googletrans/client.py -@@ -190,6 +190,13 @@ class Translator(object): - pass - if not PY3 and isinstance(pron, unicode) and isinstance(origin, str): # pragma: nocover - origin = origin.decode('utf-8') -+ -+ if pron is None: -+ try: -+ pron = data[0][2][2] -+ except: # pragma: nocover -+ pass -+ - if dest in EXCLUDES and pron == origin: - pron = translated diff --git a/makefu/5pkgs/logstash-filter-tld/default.nix b/makefu/5pkgs/logstash-filter-tld/default.nix deleted file mode 100644 index 53ff8e04c..000000000 --- a/makefu/5pkgs/logstash-filter-tld/default.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ pkgs, stdenv, lib, fetchFromGitHub }: - - -stdenv.mkDerivation rec { - name = "logstash-filter-tld-${version}"; - version = "3.0.3"; - - src = fetchFromGitHub { - owner = "logstash-plugins"; - repo = "logstash-filter-tld"; - rev = "v${version}"; - sha256 = "0ix5w9l6hrbjaymka7fzymjvpkiias3hs0l77zdpcwdaa6cz53nf"; - }; - - dontBuild = true; - dontPatchELF = true; - dontStrip = true; - dontPatchShebangs = true; - installPhase = '' - mkdir -p $out/logstash - cp -r lib/* $out - ''; - - meta = with lib; { - description = "logstash filter plugin"; - homepage = https://github.com/logstash-plugins/logstash-filter-tld; - license = licenses.asl20; - platforms = platforms.unix; - maintainers = with maintainers; [ makefu ]; - }; -} diff --git a/makefu/5pkgs/logstash-input-rss/default.nix b/makefu/5pkgs/logstash-input-rss/default.nix deleted file mode 100644 index ca9be15ce..000000000 --- a/makefu/5pkgs/logstash-input-rss/default.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ pkgs, stdenv, lib, fetchFromGitHub }: - - -stdenv.mkDerivation rec { - name = "logstash-input-rss-${version}"; - version = "3.0.3"; - - src = fetchFromGitHub { - owner = "logstash-plugins"; - repo = "logstash-input-rss"; - rev = "v${version}"; - sha256 = "026902g256385dx3qkbknz10vsp9dm2ymjdx6s6rkh3krs67w09l"; - }; - - dontBuild = true; - dontPatchELF = true; - dontStrip = true; - dontPatchShebangs = true; - installPhase = '' - mkdir -p $out/logstash - cp -r lib/* $out/ - ''; - - meta = with lib; { - description = "logstash output plugin"; - homepage = https://github.com/logstash-plugins/logstash-input-rss; - license = lib.licenses.asl20; - platforms = lib.platforms.unix; - maintainers = with maintainers; [ makefu ]; - }; -} diff --git a/makefu/5pkgs/logstash-output-exec/default.nix b/makefu/5pkgs/logstash-output-exec/default.nix deleted file mode 100644 index de85545a7..000000000 --- a/makefu/5pkgs/logstash-output-exec/default.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ pkgs, stdenv, lib, fetchFromGitHub }: - - -# TODO: requires ftw ruby package -stdenv.mkDerivation rec { - name = "logstash-input-github-${version}"; - version = "3.1.0"; - - src = fetchFromGitHub { - owner = "logstash-plugins"; - repo = "logstash-output-exec"; - rev = "v${version}"; - sha256 = "0ix5w9l6hrbjaymkh7fzymjvpkiias3hs0l77zdpcwdaa6cz53nf"; - }; - - dontBuild = true; - dontPatchELF = true; - dontStrip = true; - dontPatchShebangs = true; - installPhase = '' - mkdir -p $out/logstash - cp -r lib/* $out - ''; - - meta = with lib; { - description = "logstash output plugin"; - homepage = https://github.com/logstash-plugins/logstash-output-exec; - license = lib.licenses.asl20; - platforms = lib.platforms.unix; - maintainers = with maintainers; [ makefu ]; - }; -} diff --git a/makefu/5pkgs/minibar/default.nix b/makefu/5pkgs/minibar/default.nix deleted file mode 100644 index 384a73261..000000000 --- a/makefu/5pkgs/minibar/default.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ lib, pkgs, fetchFromGitHub, ... }: - -with pkgs.python3Packages;buildPythonPackage rec { - name = "minibar-${version}"; - version = "0.5.0"; - src = fetchFromGitHub { - owner = "canassa"; - repo = "minibar"; - rev = "c8ecd61"; - sha256 = "1k718zrjd11rw93nmz2wxvhvsai6lwqfblnwjpmkpnslcdan7641"; - }; -} diff --git a/makefu/5pkgs/mycube-flask/default.nix b/makefu/5pkgs/mycube-flask/default.nix deleted file mode 100644 index 1b1672f08..000000000 --- a/makefu/5pkgs/mycube-flask/default.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ lib, pkgs, fetchFromGitHub, ... }: - -with pkgs.pythonPackages;buildPythonPackage rec { - name = "mycube-flask-${version}"; - version = "0.2.3.4"; - propagatedBuildInputs = [ - flask - redis - ]; - src = fetchFromGitHub { - owner = "makefu"; - repo = "mycube-flask"; - rev = "48dc6857"; - sha256 = "1ax1vz6m5982l1mmp9vmywn9nw9p9h4m3ss74zazyspxq1wjim0v"; - }; - meta = { - homepage = https://github.com/makefu/mycube-flask; - description = "flask app for mycube"; - license = lib.licenses.asl20; - }; -} diff --git a/makefu/5pkgs/nixpkgs-pytools/default.nix b/makefu/5pkgs/nixpkgs-pytools/default.nix deleted file mode 100644 index cb8175546..000000000 --- a/makefu/5pkgs/nixpkgs-pytools/default.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ lib -, python3 -}: -with python3.pkgs; -buildPythonPackage rec { - pname = "nixpkgs-pytools"; - version = "1.3.0"; - - src = fetchPypi { - inherit pname version; - sha256 = "11skcbi1lf9qcv9j5ikifb4pakhbbygqpcmv3390j7gxsa85cn19"; - }; - - propagatedBuildInputs = [ - jinja2 - setuptools - rope - ]; - checkInputs = [ - pytest - ]; - - meta = with lib; { - description = "Tools for removing the tedious nature of creating nixpkgs derivations"; - homepage = https://github.com/nix-community/nixpkgs-pytools/; - license = licenses.mit; - # maintainers = [ maintainers. ]; - }; -} diff --git a/makefu/5pkgs/nltk/default.nix b/makefu/5pkgs/nltk/default.nix deleted file mode 100644 index b2d88b3fe..000000000 --- a/makefu/5pkgs/nltk/default.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ lib, pkgs, fetchFromGitHub, ... }: - -with pkgs.pythonPackages;buildPythonPackage rec { - name = "nltk-${version}"; - version = "3.2.1"; - src = pkgs.fetchurl{ - #url = "mirror://pypi/n/${name}.tar.gz"; - url = "https://pypi.python.org/packages/58/85/8fa6f8c488507aab7d6234ce754bbbe61bfeb8382489785e2d764bf8f52a/${name}.tar.gz"; - sha256 = "0skxbhnymwlspjkzga0f7x1hg3y50fwpfghs8g8k7fh6f4nknlym"; - - }; - meta = { - homepage = http://nltk.org; - description = "Natural languages Toolkit"; - license = lib.licenses.asl20; - }; -} diff --git a/makefu/5pkgs/nodemcu-uploader/default.nix b/makefu/5pkgs/nodemcu-uploader/default.nix deleted file mode 100644 index f3e47be55..000000000 --- a/makefu/5pkgs/nodemcu-uploader/default.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ lib, pkgs, pythonPackages, ... }: - -with pythonPackages; buildPythonPackage rec { - name = "nodemcu-uploader-${version}"; - version = "0.4.1"; - propagatedBuildInputs = [ - pyserial - wrapt - ]; - - src = pkgs.fetchFromGitHub { - owner = "kmpm"; - repo = "nodemcu-uploader"; - rev = "v${version}"; - sha256 = "055pvlg544vb97kaqnnq51fs9f9g75vwgbazc293f3g1sk263gmn"; - }; - - doCheck = false; - - meta = { - homepage = https://github.com/kmpm/nodemcu-uploader; - description = "tool for uploading files to NodeMCU filesystem"; - license = lib.licenses.mit; - }; -} diff --git a/makefu/5pkgs/novnc/default.nix b/makefu/5pkgs/novnc/default.nix deleted file mode 100644 index b3b5ed0d4..000000000 --- a/makefu/5pkgs/novnc/default.nix +++ /dev/null @@ -1,40 +0,0 @@ -{ stdenv, lib, fetchurl, pkgs }: -# source: https://github.com/hyphon81/Nixtack/blob/master/noVNC/noVNC.nix -let -in - -stdenv.mkDerivation rec { - name = "novnc-${version}"; - version = "0.6.2"; - - src = fetchurl { - url = "https://github.com/novnc/noVNC/archive/v${version}.tar.gz"; - sha256 = "16ygbdzdmnfg9a26d9il4a6fr16qmq0ix9imfbpzl0drfbj7z8kh"; - }; - p = lib.makeBinPath [ pkgs.nettools pkgs.python27Packages.websockify - pkgs.coreutils pkgs.which pkgs.procps ]; - patchPhase = '' - sed -i '1aset -efu\nexport PATH=${p}\n' utils/launch.sh - ''; - installPhase = '' - mkdir -p $out/bin - cp utils/launch.sh $out/bin/launch-novnc.sh - chmod +x $out/bin/launch-novnc.sh - mkdir -p $out/images - cp -r images/* $out/images/ - mkdir -p $out/include - cp -r include/* $out/include/ - cp favicon.ico $out - cp vnc.html $out - cp vnc_auto.html $out - ''; - - meta = with lib; { - homepage = http://novnc.com/info.html; - repositories.git = git://github.com/novnc/noVNC.git; - description = '' - A HTML5 VNC Client - ''; - license = licenses.mpl20; - }; -} diff --git a/makefu/5pkgs/ns-atmosphere-programmer/default.nix b/makefu/5pkgs/ns-atmosphere-programmer/default.nix deleted file mode 100644 index 7d9110e48..000000000 --- a/makefu/5pkgs/ns-atmosphere-programmer/default.nix +++ /dev/null @@ -1,38 +0,0 @@ -{ stdenv, fetchzip, lib -, makeWrapper -, autoPatchelfHook -, xorg -, libpng12 -, gtk3 -, gnome -}: -stdenv.mkDerivation rec { - name = "ns-atmosphere-programmer-${version}"; - version = "0.1"; - - src = fetchzip { - url = "https://archive.org/download/ns-atmosphere-programmer/ns-atmosphere-programmer-ubuntu-64bit-v01.zip"; - # original source: http://www.ns-atmosphere.com/media/content/ns-atmosphere-programmer-ubuntu-64bit-v01.zip - sha256 = "1cnyydsmrcpfwpdiry7qybh179499wpbvlzq5rk442hq9ak416ri"; - }; - - buildInputs = with xorg; [ libX11 libXxf86vm libSM gtk3 libpng12 ]; - nativeBuildInputs = [ autoPatchelfHook makeWrapper ]; - - installPhase = '' - install -D -m755 NS-Atmosphere $out/bin/NS-Atmosphere - wrapProgram $out/bin/NS-Atmosphere --prefix XDG_DATA_DIRS : "$GSETTINGS_SCHEMAS_PATH" \ ---suffix XDG_DATA_DIRS : '${gnome.adwaita-icon-theme}/share' - ''; - - dontStrip = true; - - meta = with lib; { - description = "Payload programmer for ns-atmosphere injector for nintendo switch"; - homepage = http://www.ns-atmosphere.com; - maintainers = [ maintainers.makefu ]; - platforms = platforms.linux; - license = with licenses; [ unfree ]; - }; - -} diff --git a/makefu/5pkgs/ns-usbloader/default.nix b/makefu/5pkgs/ns-usbloader/default.nix deleted file mode 100644 index b3890d11b..000000000 --- a/makefu/5pkgs/ns-usbloader/default.nix +++ /dev/null @@ -1,35 +0,0 @@ -{ lib, stdenv, fetchurl, makeWrapper, wrapGAppsHook, glib , jre }: - -stdenv.mkDerivation rec { - name = "ns-usbloader-${version}"; - version = "5.2"; - - src = fetchurl { - url = "https://github.com/developersu/ns-usbloader/releases/download/v${version}/ns-usbloader-${version}.jar"; - sha256 = "06kzshlvqfwcjjddzqqgq13pqa5qjlajpyn6ksqxy5p5hgarj6i6"; - }; - - - buildInputs = [ jre ]; - - dontUnpack = true; - - installPhase = '' - runHook preInstall - install -D $src $out/ns-usbloader/ns-usbloader.jar - makeWrapper ${jre}/bin/java $out/bin/ns-usbloader \ - --add-flags "-jar $out/ns-usbloader/ns-usbloader.jar" - runHook postInstall - ''; - nativeBuildInputs = [ glib wrapGAppsHook makeWrapper ]; - - - meta = with lib; { - description = "Awoo Installer and GoldLeaf uploader of the NSPs (and other files), RCM payload injector, application for split/merge files"; - homepage = https://github.com/developersu/ns-usbloader; - maintainers = [ maintainers.makefu ]; - platforms = platforms.linux; - license = with licenses; [ gpl3 ]; - }; - -} diff --git a/makefu/5pkgs/nsrenamer/default.nix b/makefu/5pkgs/nsrenamer/default.nix deleted file mode 100644 index 16b9a4f20..000000000 --- a/makefu/5pkgs/nsrenamer/default.nix +++ /dev/null @@ -1,3 +0,0 @@ -{ pkgs,... }: -# TODO: dependencies: coreutils, nx_game_info, -pkgs.writeScriptBin "nsrenamer" (builtins.readFile ./nsrenamer.sh) diff --git a/makefu/5pkgs/nsrenamer/nsrenamer.sh b/makefu/5pkgs/nsrenamer/nsrenamer.sh deleted file mode 100755 index 16aec3113..000000000 --- a/makefu/5pkgs/nsrenamer/nsrenamer.sh +++ /dev/null @@ -1,58 +0,0 @@ -#!/usr/bin/env bash -set -euf -indir=$(dirname "$1") -inname=$(basename "$1") -out=$(nxgameinfo_cli "$1") -ext=${1##*.} -id=$(awk -F: '/├ Title ID:/{print $2}' <<<"$out" |xargs) -baseid=$(awk -F: '/Base Title ID:/{print $2}' <<<"$out" |xargs) -version=$(awk -F: '/├ Version:/{print $2}' <<<"$out" |xargs) -name=$(awk -F: '/Title Name/{print $2}' <<<"$out" | sed "s/[:']//g" | xargs ) -type=$(awk -F: '/Type:/{print $2}' <<<"$out" | xargs) - -! test -n "$id" && echo "Title ID cannot be empty!" && exit 1 -! test -n "$type" && echo "type cannot be empty!" && exit 1 - -if test "$type" == Base;then - ! test -n "$name" && echo "Title Name cannot be empty!" && exit 1 - NAME="$name [$id][v$version].$ext" -elif test "$type" == Update;then - ! test -n "$name" && echo "Title Name cannot be empty!" && exit 1 - ! test -n "$version" && echo "Version cannot be empty!" && exit 1 - NAME="$name [UPD][$id][v$version].$ext" -elif test "$type" == DLC;then - dlcname=$(jq -r --arg id "$id" '.[$id].name' < ~/.switch/titles.US.en.json | sed "s/[:']//g") - if test -n "$dlcname" ;then - NAME="$dlcname [DLC][$id][v$version].$ext" - else - ! test -n "$name" && echo "dlcname cannot be found in titles.US.en.json and $name is empty!" && exit 1 - NAME="$dlcname [DLC][$id][v$version].$ext" - fi -else - echo "unknown type '$type'" - exit 1 -fi -newname=$indir/$NAME - -if test "$NAME" == "${inname}";then - echo "name didn't change,doing nothing" - exit 0 -fi -if test -e "$newname" ;then - echo "'$NAME' already exists, will not override" - exit 1 -fi - -if test -n "${FORCE:-}" ;then - CONFIRM=y -else - read -p "rename '$inname' to '$NAME' - [y/N]" CONFIRM -fi - -if test -n "${FORCE:-}" -o "$CONFIRM" == "y" -o "$CONFIRM" == "Y";then - mv -nv "$1" "$newname" -else - echo "bailing out" - exit 1 -fi - diff --git a/makefu/5pkgs/nur.nix b/makefu/5pkgs/nur.nix deleted file mode 100644 index b0607671b..000000000 --- a/makefu/5pkgs/nur.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ pkgs ? import {} }: - -{ - overlays.full = import ./default.nix; - pkgs = import ./default.nix pkgs pkgs; -} // (import ./default.nix pkgs pkgs) - diff --git a/makefu/5pkgs/nx_game_info/default.nix b/makefu/5pkgs/nx_game_info/default.nix deleted file mode 100644 index bf64dc90e..000000000 --- a/makefu/5pkgs/nx_game_info/default.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ lib, stdenv, fetchurl , mono , unzip, -}: -stdenv.mkDerivation rec { - pname = "NX_Game_Info"; - name = "${pname}-${version}"; - version = "0.7.1"; - - src = fetchurl { - url = "https://github.com/garoxas/NX_Game_Info/releases/download/v${version}/NX.Game.Info_${version}_cli.zip"; - sha256 = "179hkgraydm5hg5fcs1xwh07cx7rbcfwklfak83f0sl1pbya542h"; - }; - - sourceRoot = "."; - buildInputs = [ unzip ]; - buildPhase = ":"; - installPhase = '' - mkdir -p $out/{bin,lib} - cp * $out/lib/ - cat > $out/bin/nxgameinfo_cli < hashedPasswords.nix - { - root = "$HASHED_PASSWORD"; - } - EOF - - tinc --config "$PWD" generate-keys 4096 - mv ed25519_key.priv retiolum.ed25519_key.priv - mv rsa_key.priv retiolum.rsa_key.priv - mv ed25519_key.pub retiolum.ed25519_key.pub - mv rsa_key.pub retiolum.rsa_key.pub - - ssh-keygen -t ed25519 -f ssh_host_ed25519_key -P "" - ssh-keygen -t rsa -f ssh_host_rsa_key -P "" - - wg genkey > wireguard.key - wg pubkey < wireguard.key > wireguard.pub - - for i in *;do - cat "$i" | pass insert -m "$HOSTNAME/$i" - done - - cp retiolum.ed25519_key.pub "$KARTEI/retiolum/$HOSTNAME_ed25519.pub" - cp retiolum.rsa_key.pub "$KARTEI/retiolum/$HOSTNAME.pub" - cp ssh_host_ed25519_key.pub "$KARTEI/sshd/$HOSTNAME.pub" - echo "$PASSWORD" | pass insert -m "$HOSTNAME/root" - - - cat < {} -}: - -let - - inherit (pkgs) makeWrapper; - inherit (pkgs.lib) fix' extends inNixShell; - - pythonPackages = - import "${toString pkgs.path}/pkgs/top-level/python-packages.nix" { - inherit pkgs; - inherit (pkgs) stdenv; - python = pkgs.python36; - }; - - commonBuildInputs = []; - commonDoCheck = false; - - withPackages = pkgs': - let - pkgs = builtins.removeAttrs pkgs' ["__unfix__"]; - interpreter = pythonPackages.buildPythonPackage { - name = "python36-interpreter"; - buildInputs = [ makeWrapper ] ++ (builtins.attrValues pkgs); - buildCommand = '' - mkdir -p $out/bin - ln -s ${pythonPackages.python.interpreter} $out/bin/${pythonPackages.python.executable} - for dep in ${builtins.concatStringsSep " " (builtins.attrValues pkgs)}; do - if [ -d "$dep/bin" ]; then - for prog in "$dep/bin/"*; do - if [ -f $prog ]; then - ln -s $prog $out/bin/`basename $prog` - fi - done - fi - done - for prog in "$out/bin/"*; do - wrapProgram "$prog" --prefix PYTHONPATH : "$PYTHONPATH" - done - pushd $out/bin - ln -s ${pythonPackages.python.executable} python - popd - ''; - passthru.interpreter = pythonPackages.python; - }; - in { - __old = pythonPackages; - inherit interpreter; - mkDerivation = pythonPackages.buildPythonPackage; - packages = pkgs; - overrideDerivation = drv: f: - pythonPackages.buildPythonPackage (drv.drvAttrs // f drv.drvAttrs); - withPackages = pkgs'': - withPackages (pkgs // pkgs''); - }; - - python = withPackages {}; - - generated = self: { - inherit (pythonPackages) requests irc beautifulsoup4 six pyqt5; - "PyExecJS" = python.mkDerivation { - name = "PyExecJS-1.5.0"; - src = pkgs.fetchurl { url = "https://pypi.python.org/packages/1c/a0/359e179605bbf3f6c6ed96c44e056eebed39732b67427f30d56e259934f2/PyExecJS-1.5.0.tar.gz"; sha256 = "99315766f8155eea195a3f4179b35cd8dc64b2360c081ae29d92c603c26aeaaa"; }; - doCheck = commonDoCheck; - buildInputs = commonBuildInputs; - propagatedBuildInputs = [ - self."six" - ]; - meta = with pkgs.lib; { - homepage = ""; - license = licenses.mit; - description = "Run JavaScript code from Python"; - }; - }; - - - - - "bs4" = python.mkDerivation { - name = "bs4-0.0.1"; - src = pkgs.fetchurl { url = "https://pypi.python.org/packages/10/ed/7e8b97591f6f456174139ec089c769f89a94a1a4025fe967691de971f314/bs4-0.0.1.tar.gz"; sha256 = "36ecea1fd7cc5c0c6e4a1ff075df26d50da647b75376626cc186e2212886dd3a"; }; - doCheck = commonDoCheck; - buildInputs = commonBuildInputs; - propagatedBuildInputs = [ - self."beautifulsoup4" - ]; - meta = with pkgs.lib; { - homepage = ""; - license = licenses.mit; - description = "Screen-scraping library"; - }; - }; - - - - "certifi" = python.mkDerivation { - name = "certifi-2017.11.5"; - src = pkgs.fetchurl { url = "https://pypi.python.org/packages/23/3f/8be01c50ed24a4bd6b8da799839066ce0288f66f5e11f0367323467f0cbc/certifi-2017.11.5.tar.gz"; sha256 = "5ec74291ca1136b40f0379e1128ff80e866597e4e2c1e755739a913bbc3613c0"; }; - doCheck = commonDoCheck; - buildInputs = commonBuildInputs; - propagatedBuildInputs = [ ]; - meta = with pkgs.lib; { - homepage = ""; - license = "MPL-2.0"; - description = "Python package for providing Mozilla's CA Bundle."; - }; - }; - - - - "cfscrape" = python.mkDerivation { - name = "cfscrape-1.9.1"; - src = pkgs.fetchurl { url = "https://pypi.python.org/packages/cf/9a/50d3844d67fe5507217fd47c9e382e769ab5f7d967b41c25ba3712c441c3/cfscrape-1.9.1.tar.gz"; sha256 = "9cee3708c643904eaa010a64dd1715890457bb77010d87405fc1bfeb892508d7"; }; - doCheck = commonDoCheck; - buildInputs = commonBuildInputs; - propagatedBuildInputs = [ - self."PyExecJS" - self."requests" - ]; - meta = with pkgs.lib; { - homepage = ""; - license = ""; - description = "A simple Python module to bypass Cloudflare's anti-bot page. See https://github.com/Anorov/cloudflare-scrape for more information."; - }; - }; - - - - "typing" = python.mkDerivation { - name = "typing-3.6.2"; - src = pkgs.fetchurl { url = "https://pypi.python.org/packages/ca/38/16ba8d542e609997fdcd0214628421c971f8c395084085354b11ff4ac9c3/typing-3.6.2.tar.gz"; sha256 = "d514bd84b284dd3e844f0305ac07511f097e325171f6cc4a20878d11ad771849"; }; - doCheck = commonDoCheck; - buildInputs = commonBuildInputs; - propagatedBuildInputs = [ ]; - meta = with pkgs.lib; { - homepage = ""; - license = licenses.psfl; - description = "Type Hints for Python"; - }; - }; - - - - - "urwid" = python.mkDerivation { - name = "urwid-1.3.1"; - src = pkgs.fetchurl { url = "https://pypi.python.org/packages/85/5d/9317d75b7488c335b86bd9559ca03a2a023ed3413d0e8bfe18bea76f24be/urwid-1.3.1.tar.gz"; sha256 = "cfcec03e36de25a1073e2e35c2c7b0cc6969b85745715c3a025a31d9786896a1"; }; - doCheck = commonDoCheck; - buildInputs = commonBuildInputs; - propagatedBuildInputs = [ ]; - meta = with pkgs.lib; { - homepage = ""; - license = licenses.lgpl2; - description = "A full-featured console (xterm et al.) user interface library"; - }; - }; - - - - "xdcc-dl" = python.mkDerivation { - name = "xdcc-dl-2.1.0"; - src = pkgs.fetchurl { url = "https://pypi.python.org/packages/52/5a/1f1c8e77c212074d508701f208440bdfac4c6366de3f74fc9772a09369ef/xdcc_dl-2.1.0.tar.gz"; sha256 = "7071fca28de83ab0944b086a6dac0af053225b5663d9cf28a8dac868d81b2fc6"; }; - doCheck = commonDoCheck; - buildInputs = commonBuildInputs; - propagatedBuildInputs = [ - self."bs4" - self."cfscrape" - self."irc" - self."requests" - self."typing" - self."urwid" - ]; - meta = with pkgs.lib; { - homepage = ""; - license = licenses.gpl3; - description = "An XDCC File Downloader based on the irclib framework"; - }; - }; - - }; - -in python.withPackages - (fix' (pkgs.lib.fold - extends - generated - [] - ) - ) diff --git a/makefu/5pkgs/xmm7360/default.nix b/makefu/5pkgs/xmm7360/default.nix deleted file mode 100644 index 3c4eab345..000000000 --- a/makefu/5pkgs/xmm7360/default.nix +++ /dev/null @@ -1,48 +0,0 @@ -{ stdenv, lib, fetchFromGitHub, python3, kernel, kmod }: -let - py = python3.withPackages (p: [ p.ConfigArgParse p.pyroute2 p.dbus-python ]); -in -stdenv.mkDerivation rec { - name = "xmm7360-pci-${version}-${kernel.version}"; - version = "1.0"; - - src = fetchFromGitHub { - owner = "xmm7360"; - repo = "xmm7360-pci"; - rev = "b28714b6fb73887ecd5c0c25ffc0613d6eab6533"; - sha256 = "1f1r3cnnjaxdxig56a9v4wfjq1r2z1wg8lq59klxxnybydk91m60"; - }; - - #sourceRoot = "source/linux/v4l2loopback"; - - buildTargets = "default"; - hardeningDisable = [ "pic" ]; - - nativeBuildInputs = kernel.moduleBuildDependencies; - buildInputs = [ kmod ]; - - - makeFlags = [ - "KVERSION=${kernel.modDirVersion}" - "KDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" - "INSTALL_MOD_PATH=$(out)" - ]; - installFlags = [ "DEPMOD=true" ]; - postInstall = '' - install -d $out/lib/xmm7360/ - cp -r rpc/ $out/lib/xmm7360/ - cat > open_xdatachannel < $dir/nixpkgs.json -newref=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/') -echo "git commit $dir/nixpkgs.json -m 'ma nixpkgs: $oldref -> $newref'" diff --git a/makefu/vacation-note.md b/makefu/vacation-note.md new file mode 100644 index 000000000..3cdc190b2 --- /dev/null +++ b/makefu/vacation-note.md @@ -0,0 +1,19 @@ +From 2015-07-28 until 2023-07-28 here lived the configuration of makefu. + +# New Location +All configutation can now be found at [Github: makefu/nixos-config]( +https://github.com/makefu/nixos-config ) or [cgit: nixos-config]( +https://cgit.euer.krebsco.de/nixos-config ) respectively. + +# Background +With nix flakes it became possible to finally split the configuration up +into smaller chunks. + +With the long hours **lassulus** worked at the GPN'23 to make stockholm into a +flake **makefu** used the opportunity to also flakify this configuration and +use stockholm only as a flake input. + +With this the configuration became more pure (no nix-path includes), inputs are +described as flake inputs and locked as such and secrets are managed by +[sops-nix]( https://github.com/Mic92/sops-nix ). Deployment is now done with +`nixos-rebuild` only.