Merge remote-tracking branch 'prism/master'

This commit is contained in:
tv 2020-06-02 23:35:17 +02:00
commit 09c9f8f7fb
125 changed files with 1490 additions and 1963 deletions

6
.gitmodules vendored
View File

@ -7,6 +7,6 @@
[submodule "lass/5pkgs/autowifi"]
path = lass/5pkgs/autowifi
url = https://github.com/Lassulus/autowifi
[submodule "submodules/brockman"]
path = submodules/brockman
url = https://github.com/kmein/brockman.git
[submodule "jeschli/2configs/elisp"]
path = jeschli/2configs/elisp
url = https://github.com/Jeschli/misc-elisp-scripts.git

View File

@ -7,6 +7,7 @@
<stockholm/jeschli/2configs/emacs.nix>
<stockholm/jeschli/2configs/firefox.nix>
<stockholm/jeschli/2configs/rust.nix>
<stockholm/jeschli/2configs/steam.nix>
<stockholm/jeschli/2configs/python.nix>
./desktop.nix
./i3-configuration.nix
@ -36,10 +37,19 @@
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
wget vim git
rofi
ag
alacritty
google-chrome
chromium
copyq
direnv
go
git
gitAndTools.hub
sbcl
rofi
vim
wget
];
users.users.ombi = {
@ -48,19 +58,28 @@
};
users.users.jeschli = {
isNormalUser = true;
isNormalUser = true;
extraGroups = [ "audio" ];
};
# services.xserver.synaptics.enable = true;
services.xserver.libinput.enable = true;
services.xserver.libinput.disableWhileTyping = true;
hardware.pulseaudio.enable = true;
#Enable ssh daemon
services.openssh.enable = true;
#Enable clight
services.clight.enable = true;
services.geoclue2.enable = true;
location.provider = "geoclue2";
users.users.root.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDM1xtX/SF2IzfAIzrXvH4HsW05eTBX8U8MYlEPadq0DS/nHC45hW2PSEUOVsH0UhBRAB+yClVLyN+JAYsuOoQacQqAVq9R7HAoFITdYTMJCxVs4urSRv0pWwTopRIh1rlI+Q0QfdMoeVtO2ZKG3KoRM+APDy2dsX8LTtWjXmh/ZCtpGl1O8TZtz2ZyXyv9OVDPnQiFwPU3Jqs2Z036c+kwxWlxYc55FRuqwRtQ48c/ilPMu+ZvQ22j1Ch8lNuliyAg1b8pZdOkMJF3R8b46IQ8FEqkr3L1YQygYw2M50B629FPgHgeGPMz3mVd+5lzP+okbhPJjMrUqZAUwbMGwGzZ ombi@nixos"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKFXgtbgeivxlMKkoEJ4ANhtR+LRMSPrsmL4U5grFUME jeschli@nixos"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG7C3bgoL9VeVl8pgu8sp3PCOs6TXk4R9y7JKJAHGsfm root@baeckerei"
];
# This value determines the NixOS release with which your system is to be

View File

@ -8,7 +8,7 @@
xkbOptions = "caps:super";
exportConfiguration = true;
displayManager.slim.enable = true;
displayManager.lightdm.enable = true;
};
# Configure fonts

View File

@ -21,7 +21,7 @@ let
floating_modifier $mod
# start a terminal
bindsym $mod+Return exec i3-sensible-terminal
bindsym $mod+Return exec alacritty
# kill focused window
bindsym $mod+Shift+q kill
@ -32,6 +32,11 @@ let
# start dmenu (a program launcher)
bindsym $mod+d exec ${pkgs.rofi}/bin/rofi -modi drun#run -combi-modi drun#run -show combi -show-icons -display-combi run
bindsym $mod+x exec ${pkgs.rofi}/bin/rofi -modi window -show window -auto-select
bindsym $mod+F1 exec xinput --list | grep Touchpad | sed 's/.*id=\([0-9][0-9]\).*/\1/' | xargs xinput disable
bindsym $mod+F2 exec xinput --list | grep Touchpad | sed 's/.*id=\([0-9][0-9]\).*/\1/' | xargs xinput enable
# There also is the (new) i3-dmenu-desktop which only displays applications
# shipping a .desktop file. It is a wrapper around dmenu, so you need that
# installed.

@ -0,0 +1 @@
Subproject commit 279d6a01f5abbab5d28d3a57549b7fec800a510e

View File

@ -114,29 +114,29 @@ let
("NEXT" ("WAITING") ("CANCELLED") ("HOLD"))
("DONE" ("WAITING") ("CANCELLED") ("HOLD")))))
(setq org-directory "~/projects/notes_private")
(setq org-default-notes-file "~/projects/notes_private/refile.org")
(setq org-directory "~/projects/notes_privat")
(setq org-default-notes-file "~/projects/notes_privat/refile.org")
;; I use C-c c to start capture mode
(global-set-key (kbd "C-c c") 'org-capture)
;; Capture templates for: TODO tasks, Notes, appointments, phone calls, meetings, and org-protocol
(setq org-capture-templates
(quote (("t" "todo" entry (file "~/git/org/refile.org")
(quote (("t" "todo" entry (file org-default-notes-file)
"* TODO %?\n%U\n%a\n" :clock-in t :clock-resume t)
("r" "respond" entry (file "~/git/org/refile.org")
("r" "respond" entry (file org-default-notes-file)
"* NEXT Respond to %:from on %:subject\nSCHEDULED: %t\n%U\n%a\n" :clock-in t :clock-resume t :immediate-finish t)
("n" "note" entry (file "~/git/org/refile.org")
("n" "note" entry (file org-default-notes-file)
"* %? :NOTE:\n%U\n%a\n" :clock-in t :clock-resume t)
("j" "Journal" entry (file+datetree "~/git/org/diary.org")
"* %?\n%U\n" :clock-in t :clock-resume t)
("w" "org-protocol" entry (file "~/git/org/refile.org")
("w" "org-protocol" entry (file org-default-notes-file)
"* TODO Review %c\n%U\n" :immediate-finish t)
("m" "Meeting" entry (file "~/git/org/refile.org")
("m" "Meeting" entry (file org-default-notes-file)
"* MEETING with %? :MEETING:\n%U" :clock-in t :clock-resume t)
("p" "Phone call" entry (file "~/git/org/refile.org")
("p" "Phone call" entry (file org-default-notes-file)
"* PHONE %? :PHONE:\n%U" :clock-in t :clock-resume t)
("h" "Habit" entry (file "~/git/org/refile.org")
("h" "Habit" entry (file org-default-notes-file)
"* NEXT %?\n%U\n%a\nSCHEDULED: %(format-time-string \"%<<%Y-%m-%d %a .+1d/3d>>\")\n:PROPERTIES:\n:STYLE: habit\n:REPEAT_TO_STATE: NEXT\n:END:\n"))))
;; Remove empty LOGBOOK drawers on clock out
@ -144,7 +144,7 @@ let
(interactive)
(save-excursion
(beginning-of-line 0)
(org-remove-empty-drawer-at "LOGBOOK" (point))))
(org-remove-empty-drawer-at (point))))
(add-hook 'org-clock-out-hook 'bh/remove-empty-drawer-on-clock-out 'append)

View File

@ -9,235 +9,76 @@ let
];
};
orgAgendaView = import ./emacs-org-agenda.nix;
# The emacs packages that I use
# I differ between
# - stable (Packages that I use for some time - happy with it)
# - unstable (Packages that I use for some time - but may drop)
# - testing (Packages that I try out - the new stuff)
emacsPkgs = epkgs:
(with epkgs.melpaPackages ;
packageRepos = ''
(require 'package) ;; You might already have this line
(let* ((no-ssl (and (memq system-type '(windows-nt ms-dos))
(not (gnutls-available-p))))
(url (concat (if no-ssl "http" "https") "://melpa.org/packages/")))
(add-to-list 'package-archives (cons "melpa" url) t)
(add-to-list 'package-archives
'("org" . "http://orgmode.org/elpa/") t)
)
(when (< emacs-major-version 24)
;; For important compatibility libraries like cl-lib
(add-to-list 'package-archives '("gnu" . "http://elpa.gnu.org/packages/")))
(package-initialize)
'';
## windows-purpose (testing)
[ window-purpose ] ++
evilMode = ''
;; Evil Mode
(require 'evil)
(evil-mode 1)
;; (require 'evil-org)
;; (add-hook 'org-mode-hook 'evil-org-mode)
;; (evil-org-set-key-theme '(navigation insert textobjects additional calendar))
;; (require 'evil-org-agenda)
;; (evil-org-agenda-set-keys)
'';
## helm (stable)
# emacs completion engine
[ helm helm-ag ] ++
goMode = ''
(setq godoc-and-godef-command "go doc") ;godoc has no cli support any more, thats go doc now
(add-to-list 'exec-path "~/go/bin")
(add-hook 'go-mode-hook
(lambda ()
(setq-default)
(setq tab-width 2)
(setq standard-indent 2)
(setq indent-tabs-mode nil)))
'';
## deft (testing)
# text search for a directory
[ deft ] ++
ido = ''
(require 'ido)
(ido-mode t)
'';
## lsp mode (unstable)
# Language Server Protocol mode
# Used for rust
[ company-lsp dap-mode helm-lsp lsp-mode lsp-treemacs lsp-ui ] ++
helm = ''
(helm-mode 1)
(global-set-key (kbd "M-x") #'helm-M-x)
(global-set-key (kbd "C-x r b") #'helm-filtered-bookmarks)
(global-set-key (kbd "C-x C-f") #'helm-find-files)
'';
## emacs convenience (stable)
# Mixed and general purpose
[ ag company direnv evil google-this spacemacs-theme ] ++
magit = ''
(global-set-key (kbd "C-x g") 'magit-status) ; "Most Magit commands are commonly invoked from the status buffer"
'';
## common lisp (testing)
[ slime ] ++
windowCosmetics = ''
(menu-bar-mode -1)
(tool-bar-mode -1) ; Disable the button bar atop screen
(scroll-bar-mode -1) ; Disable scroll bar
(toggle-scroll-bar -1)
(setq inhibit-startup-screen t) ; Disable startup screen with graphics
(setq-default indent-tabs-mode nil) ; Use spaces instead of tabs
(setq default-tab-width 2) ; Two spaces is a tab
(setq tab-width 2) ; Four spaces is a tab
(setq visible-bell nil) ; Disable annoying visual bell graphic
(setq ring-bell-function 'ignore) ; Disable super annoying audio bell
'';
## magit (stable)
[ magit ] ++
orgMode = ''
(add-to-list 'auto-mode-alist '("\\.\\(org\\|org_archive\\|txt\\)$" . org-mode))
(global-set-key "\C-cl" 'org-store-link)
(global-set-key "\C-ca" 'org-agenda)
(global-set-key "\C-cb" 'org-iswitchb)
(global-set-key "\C-c L" 'org-insert-link-global)
(global-set-key "\C-c o" 'org-open-at-point-global)
(setq org-link-frame-setup '((file . find-file))) ; open link in same frame.
(if (boundp 'org-user-agenda-files)
(setq org-agenda-files org-user-agenda-files)
(setq org-agenda-files (quote ("~/projects/notes_privat")))
)
'';
## bunch of programming languages (unstable)
[ go-mode haskell-mode nix-mode ] ++
theme = ''
(load-theme 'monokai-alt t)
(load-theme 'whiteboard t)
(disable-theme 'monokai-alt)
(disable-theme 'whiteboard)
## rust (unstable)
[ racer rust-mode ] ++
(defun mh/load-whiteboard-theme ()
"load whiteboard theme"
(interactive)
(message "whiteboard loaded")
(disable-theme 'monokai-alt)
(enable-theme 'whiteboard)
)
(defun mh/load-monokai-theme ()
"load monokai theme"
(interactive)
(message "monokai loaded")
(disable-theme 'whiteboard)
(enable-theme 'monokai-alt)
)
(global-set-key "\C-ctw" 'mh/load-whiteboard-theme)
(global-set-key "\C-ctm" 'mh/load-monokai-theme)
'';
# Configuration for rust development
# inspired by
# https://github.com/bbatsov/prelude/blob/master/modules/prelude-rust.el
#
# This requires rls and racer to be installed on the system
rustDevelopment = ''
(add-hook 'rust-mode-hook #'racer-mode)
(add-hook 'rust-mode-hook (lambda()
(local-set-key (kbd "C-c C-d") 'racer-describe)
(local-set-key (kbd "C-c .") 'racer-find-definition)
(local-set-key (kbd "C-c ,") 'pop-tag-mark))
)
(add-hook 'racer-mode-hook #'eldoc-mode)
(add-hook 'racer-mode-hook #'company-mode)
(require 'rust-mode)
(define-key rust-mode-map (kbd "TAB") #'company-indent-or-complete-common)
(setq company-tooltip-align-annotations t)
'';
recentFiles = ''
(recentf-mode 1)
(setq recentf-max-menu-items 25)
(global-set-key "\C-x\ \C-r" 'recentf-open-files)
'';
myFunctionKeys = ''
(fset 'kill-actual-buffer
[?\C-x ?k return])
(defun mh/open-term-and-rename (name)
"open a new bash and rename it"
(interactive "sName of new terminal: ")
(term "/run/current-system/sw/bin/bash")
(rename-buffer name)
)
(global-set-key (kbd "M-<f8>") 'kill-actual-buffer)
(global-set-key (kbd "<f5>") 'mh/open-term-and-rename)
(global-set-key (kbd "<f6>") 'other-window)
(global-set-key (kbd "<f7>") 'split-window-right)
(global-set-key (kbd "<f8>") 'delete-other-windows)
'';
lspMode = ''
(require 'lsp-mode)
(add-hook 'rust-mode-hook #'lsp)
'';
dotEmacs = pkgs.writeText "dot-emacs" ''
${packageRepos}
${evilMode}
${goMode}
${helm}
${magit}
${orgMode}
${rustDevelopment}
${theme}
${windowCosmetics}
${orgAgendaView}
${myFunctionKeys}
${lspMode}
'';
#emacsWithCustomPackages
emacsPkgs= epkgs: [
# testing lsp mode
epkgs.melpaPackages.lsp-ui
epkgs.melpaPackages.company-lsp
epkgs.melpaPackages.lsp-treemacs
epkgs.melpaPackages.helm-lsp
epkgs.melpaPackages.dap-mode
epkgs.melpaPackages.lsp-mode
## python (stable)
# Python IDE for emacs
[ elpy ]) ++
## org-mode
# Org-Mode has several extensions
# and can be seen as an application of its own.
(with epkgs.melpaPackages ;
# testing
epkgs.melpaPackages.web-mode
epkgs.melpaPackages.js2-mode
epkgs.melpaPackages.xref-js2
[ org-super-agenda org-bullets org-ql ] ++
# unstable
[ smex org-mime orgit ]
) ++
epkgs.melpaPackages.academic-phrases
# stable
(with epkgs.orgPackages ;
[ org-plus-contrib ]) ++
epkgs.melpaPackages.gitlab
epkgs.melpaPackages.helm
epkgs.melpaPackages.weechat
# stable
(with epkgs.elpaPackages ;
[ bbdb which-key ]);
# emacs convenience
epkgs.melpaPackages.ag
epkgs.melpaPackages.company
epkgs.melpaPackages.direnv
epkgs.melpaPackages.evil
epkgs.melpaPackages.google-this
epkgs.melpaPackages.monokai-alt-theme
epkgs.melpaPackages.zenburn-theme
# development
epkgs.melpaPackages.magit
epkgs.melpaPackages.nix-mode
epkgs.melpaPackages.go-mode
epkgs.melpaPackages.haskell-mode
# rust
epkgs.melpaPackages.rust-mode
# epkgs.melpaPackages.flycheck-rust
epkgs.melpaPackages.racer
# python
epkgs.melpaPackages.elpy
# org-mode
epkgs.elpaPackages.bbdb
epkgs.orgPackages.org-plus-contrib
epkgs.melpaPackages.smex
epkgs.melpaPackages.org-mime
epkgs.melpaPackages.orgit
epkgs.elpaPackages.which-key
];
# ## EXWM related (unstable)
# epkgs.exwm
# epkgs.melpaPackages.desktop-environment
# epkgs.melpaPackages.helm-exwm
# ];
emacsWithOverlay = pkgsWithOverlay.emacsWithPackagesFromUsePackage {
config = builtins.readFile dotEmacs; # builtins.readFile ./emacs.el;
config = builtins.readFile ./elisp/init.el;
# Package is optional, defaults to pkgs.emacs
package = pkgsWithOverlay.emacsGit;
# Optionally provide extra packages not in the configuration file
@ -245,18 +86,34 @@ let
};
myEmacs = pkgs.writeDashBin "my-emacs" ''
exec ${emacsWithOverlay}/bin/emacs -q -l ${dotEmacs} "$@"
exec ${emacsWithOverlay}/bin/emacs -q "$@"
'';
myEmacsWithDaemon = pkgs.writeDashBin "my-emacs-daemon" ''
exec ${emacsWithOverlay}/bin/emacs -q -l ${dotEmacs} --daemon
exec ${emacsWithOverlay}/bin/emacs -q --daemon -l ${./elisp/init.el}
'';
myEmacsClient = pkgs.writeDashBin "meclient" ''
exec ${emacsWithOverlay}/bin/emacsclient --create-frame
exec ${emacsWithOverlay}/bin/emacsclient --create-frame "$@"
'';
in {
environment.systemPackages = [
myEmacs myEmacsWithDaemon myEmacsClient
myEmacs myEmacsWithDaemon myEmacsClient emacsWithOverlay
];
## EXWM Config
# services.xserver = {
# enable = true;
# xkbOptions = "caps:super";
# exportConfiguration = true;
#
# displayManager.slim.enable = true;
# windowManager.default = "exwm";
#
# # Set up the login session
# windowManager.session = [{
# name = "exwm";
# start = "${emacsWithOverlay}/bin/emacs -q -l " + builtins.toString ./elisp/init.el;
# }];
# };
}

View File

@ -2,20 +2,11 @@
let
# Firefox addons
https-everywhere = pkgs.callPackage ./own-pkgs/https-everywhere {};
ublock-origin = pkgs.callPackage ./own-pkgs/ublock-origin {};
webgl-fingerprint-defender = pkgs.callPackage ./own-pkgs/webgl-fingerprint-defender {};
canvas-fingerprint-defender = pkgs.callPackage ./own-pkgs/canvas-fingerprint-defender {};
audio-fingerprint-defender = pkgs.callPackage ./own-pkgs/audio-fingerprint-defender {};
font-fingerprint-defender = pkgs.callPackage ./own-pkgs/font-fingerprint-defender {};
user-agent-switcher = pkgs.callPackage ./own-pkgs/user-agent-switcher {};
dark-reader = pkgs.callPackage ./own-pkgs/dark-reader {};
wrapper = pkgs.callPackage ./overlays/firefox-with-config.nix { };
wrapper = pkgs.callPackage ../5pkgs/firefox/firefox-with-config.nix { };
myFirefox = wrapper pkgs.firefox-unwrapped {
extraExtensions = [
# these plugins are defined in 5pkgs/firefox
extraExtensions = with pkgs ; [
dark-reader
https-everywhere
ublock-origin

View File

@ -0,0 +1,18 @@
{ config, pkgs, ... }:
let
all-hies = import (fetchTarball "https://github.com/infinisil/all-hies/tarball/master") {};
in
{
environment.systemPackages = with pkgs; [
cabal2nix
gcc
ghc
haskellPackages.cabal-install
haskellPackages.ghcid
haskellPackages.hindent
haskellPackages.hlint
haskellPackages.hoogle
haskellPackages.stack
(all-hies.selection { selector = p: {inherit (p) ghc864; }; })
];
}

View File

@ -232,11 +232,10 @@ services.xserver.enable = true;
services.xserver.displayManager.lightdm.enable = true;
# Allow users in video group to change brightness
hardware.brightnessctl.enable = true;
environment.systemPackages = with pkgs; [
rofi # Dmenu replacement
acpilight # Replacement for xbacklight
brightnessctl
arandr # Xrandr gui
feh
wirelesstools # To get wireless statistics

View File

@ -0,0 +1,18 @@
with import <stockholm/lib>;
self: super:
let
# This callPackage will try to detect obsolete overrides.
callPackage = path: args: let
override = self.callPackage path args;
upstream = optionalAttrs (override ? "name")
(super.${(parseDrvName override.name).name} or {});
in if upstream ? "name" &&
override ? "name" &&
compareVersions upstream.name override.name != -1
then trace "Upstream `${upstream.name}' gets overridden by `${override.name}'." override
else override;
in
mapNixDir (path: callPackage path {}) ./.

View File

@ -21,7 +21,7 @@ stdenv.mkDerivation rec {
meta = with stdenv.lib; {
description = "ublock origin firefox browser addon";
homepage = https://github.com/gorhill/uBlock;
license = licenses.gnu3;
license = licenses.gpl3;
maintainers = [];
platforms = stdenv.lib.platforms.all;
};

View File

@ -47,7 +47,7 @@ in
<stockholm/krebs/2configs/shack/gitlab-runner.nix>
# Statistics collection and visualization
<stockholm/krebs/2configs/shack/graphite.nix>
# <stockholm/krebs/2configs/shack/graphite.nix> # graphiteApi is broken and unused(hopefully)
## Collect data from mqtt.shack and store in graphite database
<stockholm/krebs/2configs/shack/mqtt_sub.nix>
## Collect radioactive data and put into graphite

View File

@ -71,14 +71,13 @@ in
config = mkIf cfg.enable (lib.mkMerge [
{
users.users = singleton {
name = cfg.user;
users.users.${cfg.user} = {
description = "Charybdis IRC daemon user";
uid = config.ids.uids.ircd;
group = cfg.group;
};
users.groups = singleton {
users.groups.${cfg.group} = {
name = cfg.group;
gid = config.ids.gids.ircd;
};

View File

@ -102,7 +102,6 @@ let
{ krebs = import ./krebs { inherit config; }; }
{ krebs = import ./lass { inherit config; }; }
{ krebs = import ./makefu { inherit config; }; }
{ krebs = import ./nin { inherit config; }; }
{ krebs = import ./external/palo.nix { inherit config; }; }
{ krebs = import ./external/mic92.nix { inherit config; }; }
{ krebs = import ./tv { inherit config; }; }

View File

@ -68,6 +68,31 @@ in {
};
};
};
helsinki = {
owner = config.krebs.users.ajs124;
nets = {
retiolum = {
ip4.addr = "10.243.10.1";
aliases = [ "helsinki.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEA5MnCmT9xVEtv3hoZsjmgF4pVnPgzaWWVrZVguMfXcbTiusgWqBIM
Ms/Ue676J3kQIJT1QSMA2RWDUU++dUcfhHF87vFpnyCnaKjfz6LyAwlSfKluttyY
aFNgcUWlZRl4wkqys/oYhLD1q26mO/ekCA2eohzbB1TCaPY97VM5nl0MkXStMN76
B+Ipw/gQcZXuWYct8Nj69sETPLnbf6ZBKs+T213as+NUSHVUdmBmV8QtmHDI3e7B
4wAK1JkFCQgVu9gm/6BvqWroOMcmtxzSceyrY+0MWnAnM+wrLcYYaT2xw1OJyWmM
riOHHMw9iLVxqyQ+3eDucJRQcJzO7I4j8zQaoYxPE1ZSl4wTsaypkMuNOyhYv2C9
RNPJgTBlr911NnY7TcKauz/lO1Qcl5kHBMrIfwsbsQK+zfN2XX+s21/SPeSJ7k1N
OqXeyX0mz2l7bhBDwTTDtINSz8sB3BL59mVbWY5z5b90oeKPrfygmp7V0CSKgHBr
b5ZIhMRfgcK+HjolcEqdL9INpJZVFYt3vWPNhDpbX5sEOjjR+ODceriL8zdlTBRx
PyB9OiK6tN+L63QFM7H1NFN9fPeOd2WbHvfoeX255kx8FHSALKL5rVSz9Ejwc97k
rG0FItgHXajPazulBfUV0N9ck7SwLTmStKxtQ8NKCoIJLpv2ip4C+t0CAwEAAQ==
-----END RSA PUBLIC KEY-----
Ed25519PublicKey = 47fX1g6qynVprA+PtniBLEonFp1B70nMrJ8SBCWNJnL
'';
};
};
};
homeros = {
owner = config.krebs.users.kmein;
nets = {
@ -399,6 +424,9 @@ in {
};
};
users = {
ajs124 = {
mail = "stockholm@ajs124.de";
};
ciko = {
mail = "wieczorek.stefan@googlemail.com";
};

View File

@ -30,6 +30,7 @@ in {
60 IN NS ns16.ovh.net.
60 IN NS dns16.ovh.net.
60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
IN MX 5 lassul.us.
60 IN TXT v=spf1 mx a:lassul.us -all
60 IN TXT ( "v=DKIM1; k=rsa; t=s; s=*; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUv3DMndFellqu208feABEzT/PskOfTSdJCOF/HELBR0PHnbBeRoeHEm9XAcOe/Mz2t/ysgZ6JFXeFxCtoM5fG20brUMRzsVRxb9Ur5cEvOYuuRrbChYcKa+fopu8pYrlrqXD3miHISoy6ErukIYCRpXWUJHi1TlNQhLWFYqAaywIDAQAB" )
default._domainkey 60 IN TXT "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUv3DMndFellqu208feABEzT/PskOfTSdJCOF/HELBR0PHnbBeRoeHEm9XAcOe/Mz2t/ysgZ6JFXeFxCtoM5fG20brUMRzsVRxb9Ur5cEvOYuuRrbChYcKa+fopu8pYrlrqXD3miHISoy6ErukIYCRpXWUJHi1TlNQhLWFYqAaywIDAQAB"

View File

@ -182,7 +182,9 @@ in {
gum IN A ${nets.internet.ip4.addr}
io IN NS gum.krebsco.de.
iso.euer IN A ${nets.internet.ip4.addr}
feed.euer IN A ${nets.internet.ip4.addr}
board.euer IN A ${nets.internet.ip4.addr}
etherpad.euer IN A ${nets.internet.ip4.addr}
rss.euer IN A ${nets.internet.ip4.addr}
mediengewitter IN CNAME over.dose.io.
mon.euer IN A ${nets.internet.ip4.addr}

View File

@ -1,111 +0,0 @@
{ config, ... }:
with import <stockholm/lib>;
{
hosts = mapAttrs (_: recursiveUpdate {
owner = config.krebs.users.nin;
ci = true;
}) {
hiawatha = {
cores = 2;
nets = {
retiolum = {
ip4.addr = "10.243.132.96";
ip6.addr = "42:0000:0000:0000:0000:0000:0000:2342";
aliases = [
"hiawatha.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAucIe5yLzKJ8F982XRpZT6CvyXuPrtnNTmw/E/T6Oyq88m/OVHh6o
Viho1XAlJZZwqNniItD0AQB98uFB3+3yA7FepnwwC+PEceIfBG4bTDNyYD3ZCsAB
iWpmRar9SQ7LFnoZ6X2lYaJkUD9afmvXqJJLR5MClnRQo5OSqXaFdp7ryWinHP7E
UkPSNByu4LbQ9CnBEW8mmCVZSBLb8ezxg3HpJSigmUcJgiDBJ6aj22BsZ5L+j1Sr
lvUuaCr8WOS41AYsD5dbTYk7EG42tU5utrOS6z5yHmhbA5r8Ro2OFi/R3Td68BIJ
yw/m8sfItBCvjJSMEpKHEDfGMBCfQKltCwIDAQAB
-----END RSA PUBLIC KEY-----
'';
};
};
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFizK5kauDlnjm/IzyzLi+W4hLKqjSWMkfuxzLwg6egx";
};
axon= {
cores = 2;
nets = {
retiolum = {
ip4.addr = "10.243.134.66";
ip6.addr = "42:0000:0000:0000:0000:0000:0000:1379";
aliases = [
"axon.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIECgKCBAEA89h5SLDQL/ENM//3SMzNkVnW4dBdg1GOXs/SdRCTcgygJC0TzsAo
glfQhfS+OhFSC/mXAjP8DnN7Ys6zXzMfJgH7TgVRJ8tCo5ETehICA19hMjMFINLj
KZhhthPuX7u2Jr4uDMQ0eLJnKVHF4PmHnkA+JGcOqO7VSkgcqPvqPMnJFcMkGWvH
L3KAz1KGPHZWrAB2NBDrD/bOZj4L39nS4nJIYVOraP7ze1GTTC7s/0CnZj3qwS5j
VdUYgAR+bdxlWm1B1PPOjkslP6UOklQQK4SjK3ceLYb2yM7BVICeznjWCbkbMACY
PUSvdxyiD7nZcLvuM3cJ1M45zUK+tAHHDB5FFUUAZ+YY/Xml4+JOINekpQdGQqkN
X4VsdRGKpjqi+OXNP4ktDcVkl8uALmNR6TFfAEwQJdjgcMxgJGW9PkqvPl3Mqgoh
m89lHPpO0Cpf40o6lZRG42gH1OR7Iy1M234uA08a3eFf+IQutHaOBt/Oi0YeiaQp
OtJHmWtpsQRz24/m+uroSUtKZ63sESli28G1jP73Qv7CiB8KvSX0Z4zKJOV/CyaT
LLguAyeWdNLtVg4bGRd7VExoWA+Rd9YKHCiE5duhETZk0Hb9WZmgPdM7A0RBb+1H
/F9BPKSZFl2e42VEsy8yNmBqO8lL7DVbAjLhtikTpPLcyjNeqN99a8jFX4c5nhIK
MVsSLKsmNGQq+dylXMbErsGu3P/OuCZ4mRkC32Kp4qwJ+JMrJc8+ZbhKl6Fhwu0w
7DwwoUaRoMqtr2AwR+X67eJsYiOVo5EkqBo6DrWIM6mO2GrWHg5LTBIShn08q/Nm
ofPK2TmLdfqBycUR0kRCCPVi82f9aElmg3pzzPJnLAn9JLL43q6l+sefvtr9sTs3
1co6m8k5mO8zTb8BCmX2nFMkCopuHeF1nQ33y6woq0D8WsXHfHtbPwN9eYRVrbBF
29YBp5E+Q1pQB+0rJ4A5N1I3VUKhDGKc72pbQc8cYoAbDXA+RKYbsFOra5z585dt
4HQXpwj3a/JGJYRT6FVbJp4p8PjwAtN9VkpXNl4//3lXQdDD6aQ6ssXaKxVAp2Xj
FjPjx6J6ok4mRvofKNAREt4eZUdDub34bff6G0zI7Vls9t4ul0uHsJ6+ic3CG+Yl
buLfOkDp4hVCAlMPQ2NJfWKSggoVao7OTBPTMB3NiM56YOPptfZgu2ttDRTyuQ7p
hrOwutxoy/abH3hA8bWj1+C23vDtQ2gj0r16SWxpPdb3sselquzKp9NIvtyRVfnG
yYZTWRHg9mahMC2P0/wWAQVjKb0LnTib4lSe21uqFkWzp+3/Uu+hiwP5xGez/NIi
ahyL7t0D9r9y+i1RPjYWypgyR568fiGheQIDAQAB
-----END RSA PUBLIC KEY-----
'';
};
};
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF4ubHA2pQzV4tQq9D1zRTD1xOSR6xZM3z6te+5A1ekc";
};
onondaga = {
cores = 1;
nets = {
retiolum = {
ip4.addr = "10.243.132.55";
ip6.addr = "42:0000:0000:0000:0000:0000:0000:1357";
aliases = [
"onondaga.r"
"cgit.onondaga.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAqj6NPhRVsr8abz9FFx9+ld3amfxN7SRNccbksUOqkufGS0vaupFR
OWsgj4Qmt3lQ82YVt5yjx0FZHkAsenCEKM3kYoIb4nipT0e1MWkQ7plVveMfGkiu
htaJ1aCbI2Adxfmk4YbyAr8k3G+Zl9t7gTikBRh7cf5PMiu2JhGUZHzx9urR0ieH
xyashZFjl4TtIy4q6QTiyST9kfzteh8k7CJ72zfYkdHl9dPlr5Nk22zH9xPkyzmO
kCNeknuDqKeTT9erNtRLk6pjEcyutt0y2/Uq6iZ38z5qq9k4JzcMuQ3YPpNy8bxn
hVuk2qBu6kBTUW3iLchoh0d4cfFLWLx1SQIDAQAB
-----END RSA PUBLIC KEY-----
'';
};
};
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGmQk7AXsYLzjUrOjsuhZ3+gT7FjhPtjwxv5XnuU8GJO";
};
};
users = {
nin = {
mail = "nin@axon.r";
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCl4jHl2dya9Tecot7AcHuk57FiPN0lo8eDa03WmTOCCU7gEJLgpi/zwLxY/K4eXsDgOt8LJwddicgruX2WgIYD3LnwtuN40/U9QqqdBIv/5sYZTcShAK2jyPj0vQJlVUpL7DLxxRH+t4lWeRw/1qaAAVt9jEVbzT5RH233E6+SbXxfnQDhDwOXwD1qfM10BOGh63iYz8/loXG1meb+pkv3HTf5/D7x+/y1XvWRPKuJ2Ml33p2pE3cTd+Tie1O8CREr45I9JOIOKUDQk1klFL5NNXnaQ9h1FRCsnQuoGztoBq8ed6XXL/b8mQ0lqJMxHIoCuDN/HBZYJ0z+1nh8X6XH nin@axon";
};
nin_h = {
mail = "nin@hiawatha.r";
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDicZLUPEVNX7SgqYWcjPo0UESRizEfIvVVbiwa1aApA8x25u/5R3sevcgbIpLHYKDMl5tebny9inr6G2zqB6oq/pocQjHxrPnuLzqjvqeSpbjQjlNWJ9GaHT5koTXZHdkEXGL0vfv1SRDNWUiK0rNymr3GXab4DyrnRnuNl/G1UtLf4Zka94YUD0SSPdS9y6knnRrUWKjGMFBZEbNSgHqMGATPQP9VDwKHIO2OWGfiBAJ4nj/MWj+BxHDleCMY9zbym8yY7p/0PLaUe9eIyLC8MftJ5suuMmASlj+UGWgnqUxWxsMHax9y7CTAc23r1NNCXN5LC6/facGt0rEQrdrTizBgOA1FSHAPCl5f0DBEgWBrRuygEcAueuGWvI8/uvtvQQZLhosDbXEfs/3vm2xoYBe7wH4NZHm+d2LqgIcPXehH9hVQsl6pczngTCJt0Q/6tIMffjhDHeYf6xbe/n3AqFT0PylUSvOw/H5iHws3R6rxtgnOio7yTJ4sq0NMzXCtBY6LYPGnkwf0oKsgB8KavZVnxzF8B1TD4nNi0a7ma7bd1LMzI/oGE6i8kDMROgisIECOcoe8YYJZXIne/wimhhRKZAsd+VrKUo4SzNIavCruCodGAVh2vfrqRJD+HD/aWH7Vr1fCEexquaxeKpRtKGIPW9LRCcEsTilqpZdAiw== nin@hiawatha";
};
};
}

View File

@ -45,6 +45,10 @@ with import <stockholm/lib>;
default = self.config.port == "6697";
type = types.bool;
};
API.listen = mkOption {
default = null;
type = types.nullOr types.str;
};
};
}));
};
@ -65,9 +69,11 @@ with import <stockholm/lib>;
ExecStart = let
configFile = pkgs.writeJSON configFileName configValue;
configFileName = "${cfg.systemd-service-name}.config.json";
configValue = recursiveUpdate {
logTime = false;
} (removeAttrs cfg ["_module"]);
configValue = stripAttr (
recursiveUpdate {
logTime = false;
} (removeAttrs cfg ["_module"])
);
in "${pkgs.reaktor2}/bin/reaktor ${configFile}";
Restart = "always";
RestartSec = "30";

View File

@ -301,6 +301,7 @@ let
default = mkDefault true;
inherit (webcfg) basicAuth;
root = optionalString rucfg.enable webdir;
listen = [ { inherit (webcfg) addr port; } ];
locations = {
"/RPC2".extraConfig = ''
@ -319,15 +320,7 @@ let
include ${pkgs.nginx}/conf/fastcgi.conf;
''; }
);
# workaround because upstream nginx api changed
# TODO remove when nobody uses 17.03 anymore
} // (if hasAttr "port" (head options.services.nginx.virtualHosts.type.getSubModules).submodule.options then {
port = webcfg.port;
} else {
listen = [
{ inherit (webcfg) addr port; }
];
});
};
};
rutorrent-imp = {

View File

@ -1,34 +1,43 @@
# This file has been generated by node2nix 1.5.3. Do not edit!
# This file has been generated by node2nix 1.7.0. Do not edit!
{nodeEnv, fetchurl, fetchgit, globalBuildInputs ? []}:
let
sources = {
"double-ended-queue-2.1.0-0" = {
name = "double-ended-queue";
packageName = "double-ended-queue";
version = "2.1.0-0";
"denque-1.4.1" = {
name = "denque";
packageName = "denque";
version = "1.4.1";
src = fetchurl {
url = "https://registry.npmjs.org/double-ended-queue/-/double-ended-queue-2.1.0-0.tgz";
sha1 = "103d3527fd31528f40188130c841efdd78264e5c";
url = "https://registry.npmjs.org/denque/-/denque-1.4.1.tgz";
sha512 = "OfzPuSZKGcgr96rf1oODnfjqBFmr1DVoc/TrItj3Ohe0Ah1C5WX5Baquw/9U9KovnQ88EqmJbD66rKYUQYN1tQ==";
};
};
"redis-commands-1.3.5" = {
"redis-commands-1.5.0" = {
name = "redis-commands";
packageName = "redis-commands";
version = "1.3.5";
version = "1.5.0";
src = fetchurl {
url = "https://registry.npmjs.org/redis-commands/-/redis-commands-1.3.5.tgz";
sha512 = "2q8pai3gf0dczb03jjig3mpaz4j2kvw8icpgf8hp4fryr3d6c0mjkvxxdmlyhainybx4zhgqsw9ghc9p986alzdzd2n2p4cxvr8b0by";
url = "https://registry.npmjs.org/redis-commands/-/redis-commands-1.5.0.tgz";
sha512 = "6KxamqpZ468MeQC3bkWmCB1fp56XL64D4Kf0zJSwDZbVLLm7KFkoIcHrgRvQ+sk8dnhySs7+yBg94yIkAK7aJg==";
};
};
"redis-parser-2.6.0" = {
"redis-errors-1.2.0" = {
name = "redis-errors";
packageName = "redis-errors";
version = "1.2.0";
src = fetchurl {
url = "https://registry.npmjs.org/redis-errors/-/redis-errors-1.2.0.tgz";
sha1 = "eb62d2adb15e4eaf4610c04afe1529384250abad";
};
};
"redis-parser-3.0.0" = {
name = "redis-parser";
packageName = "redis-parser";
version = "2.6.0";
version = "3.0.0";
src = fetchurl {
url = "https://registry.npmjs.org/redis-parser/-/redis-parser-2.6.0.tgz";
sha1 = "52ed09dacac108f1a631c07e9b69941e7a19504b";
url = "https://registry.npmjs.org/redis-parser/-/redis-parser-3.0.0.tgz";
sha1 = "b66d828cdcafe6b4b8a428a7def4c6bcac31c8b4";
};
};
};
@ -37,40 +46,43 @@ in
formidable = nodeEnv.buildNodePackage {
name = "formidable";
packageName = "formidable";
version = "1.2.1";
version = "1.2.2";
src = fetchurl {
url = "https://registry.npmjs.org/formidable/-/formidable-1.2.1.tgz";
sha512 = "1x0n2rfaiasdjbw1mm7s29z84f68c7iji7lb1gkxvpknvv6q7bwns7z55ijcf4vkh4kvis12rbgaaih49jf9lj53s30mllb1d35bkqn";
url = "https://registry.npmjs.org/formidable/-/formidable-1.2.2.tgz";
sha512 = "V8gLm+41I/8kguQ4/o1D3RIHRmhYFG4pnNyonvua+40rqcEmT4+V71yaZ3B457xbbgCsCfjSPi65u/W6vK1U5Q==";
};
buildInputs = globalBuildInputs;
meta = {
description = "A node.js module for parsing form data, especially file uploads.";
homepage = https://github.com/felixge/node-formidable;
homepage = https://github.com/node-formidable/formidable;
license = "MIT";
};
production = true;
bypassCache = true;
reconstructLock = true;
};
redis = nodeEnv.buildNodePackage {
name = "redis";
packageName = "redis";
version = "2.8.0";
version = "3.0.2";
src = fetchurl {
url = "https://registry.npmjs.org/redis/-/redis-2.8.0.tgz";
sha512 = "3a3044ax6qdvss83xgjfx10h5q91ls0mwgs3wpsnxcdsiipq3cnmqzsh6glyq0r7vsmpw49jp84c2jnfrhi2bgycrkd9hhhf6ia8lrk";
url = "https://registry.npmjs.org/redis/-/redis-3.0.2.tgz";
sha512 = "PNhLCrjU6vKVuMOyFu7oSP296mwBkcE6lrAjruBYG5LgdSqtRBoVQIylrMyVZD/lkF24RSNNatzvYag6HRBHjQ==";
};
dependencies = [
sources."double-ended-queue-2.1.0-0"
sources."redis-commands-1.3.5"
sources."redis-parser-2.6.0"
sources."denque-1.4.1"
sources."redis-commands-1.5.0"
sources."redis-errors-1.2.0"
sources."redis-parser-3.0.0"
];
buildInputs = globalBuildInputs;
meta = {
description = "Redis client library";
homepage = https://github.com/NodeRedis/node_redis;
description = "A high performance Redis client.";
homepage = https://github.com/NodeRedis/node-redis;
license = "MIT";
};
production = true;
bypassCache = true;
reconstructLock = true;
};
}

View File

@ -1,2 +1,4 @@
node2nix -8 -i pkgs.json -c combine.nix
#!/usr/bin/env nix-shell
#! nix-shell -i bash -p nodePackages_10_x.node2nix
node2nix -10 -i pkgs.json -c combine.nix
rm node-env.nix combine.nix

View File

@ -138,7 +138,7 @@ pkgs.writers.writeDashBin "generate-wallpaper" ''
# remove snow from ice map
if needs_rebuild ice.png ice-raw.jpg; then
convert ice-raw.jpg -fuzz 20% -fill black -opaque white -scale "$in_size" ice.png
convert ice-raw.jpg -fuzz 20% -fill black -opaque white -colorspace gray -blur 0x6 -scale "$in_size" ice.png
fi
if needs_rebuild snow.png snow-raw.jpg; then

View File

@ -1,7 +1,7 @@
{
"url": "https://github.com/NixOS/nixpkgs-channels",
"rev": "d96bd3394b734487d1c3bfbac0e8f17465e03afe",
"date": "2020-03-19T15:32:34+01:00",
"sha256": "05n27wz5ln9ni5cy5rhjcy612i44gmblkq5m0g827v8pd0nk00da",
"rev": "0f5ce2fac0c726036ca69a5524c59a49e2973dd4",
"date": "2020-05-19T01:31:20+02:00",
"sha256": "0nkk492aa7pr0d30vv1aw192wc16wpa1j02925pldc09s9m9i0r3",
"fetchSubmodules": false
}

View File

@ -1,7 +1,7 @@
{
"url": "https://github.com/NixOS/nixpkgs-channels",
"rev": "598a9cbed6348ebda43c6b1a9a3061e0206297e7",
"date": "2020-03-28T03:06:32+01:00",
"sha256": "12m910j2sfhm3a6skw4janxy010gzdxp15bn8v9w7w9hhjzvdw8c",
"rev": "48723f48ab92381f0afd50143f38e45cf3080405",
"date": "2020-05-22T11:40:20+02:00",
"sha256": "0h3b3l867j3ybdgimfn76lw7w6yjhszd5x02pq5827l659ihcf53",
"fetchSubmodules": false
}

View File

@ -3,7 +3,7 @@ dir=$(dirname $0)
oldrev=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/')
nix-shell -p nix-prefetch-git --run 'nix-prefetch-git \
--url https://github.com/NixOS/nixpkgs-channels \
--rev refs/heads/nixos-19.09' \
--rev refs/heads/nixos-20.03' \
> $dir/nixpkgs.json
newrev=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/')
git commit $dir/nixpkgs.json -m "nixpkgs: $oldrev -> $newrev"

View File

@ -21,20 +21,15 @@ with import <stockholm/lib>;
#<stockholm/lass/2configs/prism-share.nix>
<stockholm/lass/2configs/ssh-cryptsetup.nix>
<stockholm/lass/2configs/network-manager.nix>
<stockholm/lass/2configs/home-media.nix>
];
#media center
users.users.media = {
isNormalUser = true;
uid = genid_uint31 "media";
extraGroups = [ "video" "audio" ];
};
krebs.build.host = config.krebs.hosts.icarus;
services.xserver.displayManager.lightdm.autoLogin = {
enable = true;
user = "media";
};
krebs.build.host = config.krebs.hosts.icarus;
programs.adb.enable = true;
environment.systemPackages = [ pkgs.chromium ];
}

View File

@ -46,6 +46,15 @@
'';
services.thinkfan.enable = true;
services.thinkfan.levels = ''
(0, 0, 55)
(1, 48, 60)
(2, 50, 61)
(3, 52, 63)
(6, 60, 65)
(7, 80, 85)
(127, 90, 32767)
'';
services.logind.lidSwitch = "ignore";
services.logind.lidSwitchDocked = "ignore";

View File

@ -39,6 +39,7 @@ with import <stockholm/lib>;
<stockholm/lass/2configs/network-manager.nix>
<stockholm/lass/2configs/nfs-dl.nix>
#<stockholm/lass/2configs/hardening.nix>
<stockholm/lass/2configs/ppp.nix>
{
krebs.iptables.tables.filter.INPUT.rules = [
#risk of rain
@ -76,16 +77,6 @@ with import <stockholm/lib>;
};
};
}
{
lass.umts = {
enable = true;
modem = "/dev/serial/by-id/usb-Lenovo_F5521gw_2C7D8D7C35FC7040-if09";
initstrings = ''
Init1 = AT+CFUN=1
Init2 = AT+CGDCONT=1,"IP","pinternet.interkom.de","",0,0
'';
};
}
{
services.nginx = {
enable = true;

View File

@ -65,13 +65,6 @@ with import <stockholm/lib>;
config.krebs.users.makefu.pubkey
];
};
users.users.nin = {
uid = genid "nin";
isNormalUser = true;
openssh.authorizedKeys.keys = [
config.krebs.users.nin.pubkey
];
};
users.extraUsers.dritter = {
uid = genid_uint31 "dritter";
isNormalUser = true;
@ -123,26 +116,6 @@ with import <stockholm/lib>;
localAddress = "10.233.2.2";
};
}
{
#onondaga
systemd.services."container@onondaga".reloadIfChanged = mkForce false;
containers.onondaga = {
config = { ... }: {
imports = [ <stockholm/lass/2configs/rebuild-on-boot.nix> ];
environment.systemPackages = [ pkgs.git ];
services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = [
config.krebs.users.lass.pubkey
config.krebs.users.nin.pubkey
];
};
autoStart = true;
enableTun = true;
privateNetwork = true;
hostAddress = "10.233.2.5";
localAddress = "10.233.2.6";
};
}
<stockholm/lass/2configs/exim-smarthost.nix>
<stockholm/lass/2configs/ts3.nix>
<stockholm/lass/2configs/privoxy-retiolum.nix>
@ -263,8 +236,6 @@ with import <stockholm/lib>;
}
{
users.users.download.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDB0d0JA20Vqn7I4lCte6Ne2EOmLZyMJyS9yIKJYXNLjbLwkQ4AYoQKantPBkTxR75M09E7d3j5heuWnCjWH45TrfQfe1EOSSC3ppCI6C6aIVlaNs+KhAYZS0m2Y8WkKn+TT5JLEa8yybYVN/RlZPOilpj/1QgjU6CQK+eJ1k/kK+QFXcwN82GDVh5kbTVcKUNp2tiyxFA+z9LY0xFDg/JHif2ROpjJVLQBJ+YPuOXZN5LDnVcuyLWKThjxy5srQ8iDjoxBg7dwLHjby5Mv41K4W61Gq6xM53gDEgfXk4cQhJnmx7jA/pUnsn2ZQDeww3hcc7vRf8soogXXz2KC9maiq0M/svaATsa9Ul4hrKnqPZP9Q8ScSEAUX+VI+x54iWrnW0p/yqBiRAzwsczdPzaQroUFTBxrq8R/n5TFdSHRMX7fYNOeVMjhfNca/gtfw9dYBVquCvuqUuFiRc0I7yK44rrMjjVQRcAbw6F8O7+04qWCmaJ8MPlmApwu2c05VMv9hiJo5p6PnzterRSLCqF6rIdhSnuOwrUIt1s/V+EEZXHCwSaNLaQJnYL0H9YjaIuGz4c8kVzxw4c0B6nl+hqW5y5/B2cuHiumnlRIDKOIzlv8ufhh21iN7QpIsPizahPezGoT1XqvzeXfH4qryo8O4yTN/PWoA+f7o9POU7L6hQ== lhebendanz@nixos"
config.krebs.users.palo.pubkey
];
}
{
@ -382,6 +353,9 @@ with import <stockholm/lib>;
lass.pubkey
lass-android.pubkey
makefu.pubkey
palo.pubkey
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDB0d0JA20Vqn7I4lCte6Ne2EOmLZyMJyS9yIKJYXNLjbLwkQ4AYoQKantPBkTxR75M09E7d3j5heuWnCjWH45TrfQfe1EOSSC3ppCI6C6aIVlaNs+KhAYZS0m2Y8WkKn+TT5JLEa8yybYVN/RlZPOilpj/1QgjU6CQK+eJ1k/kK+QFXcwN82GDVh5kbTVcKUNp2tiyxFA+z9LY0xFDg/JHif2ROpjJVLQBJ+YPuOXZN5LDnVcuyLWKThjxy5srQ8iDjoxBg7dwLHjby5Mv41K4W61Gq6xM53gDEgfXk4cQhJnmx7jA/pUnsn2ZQDeww3hcc7vRf8soogXXz2KC9maiq0M/svaATsa9Ul4hrKnqPZP9Q8ScSEAUX+VI+x54iWrnW0p/yqBiRAzwsczdPzaQroUFTBxrq8R/n5TFdSHRMX7fYNOeVMjhfNca/gtfw9dYBVquCvuqUuFiRc0I7yK44rrMjjVQRcAbw6F8O7+04qWCmaJ8MPlmApwu2c05VMv9hiJo5p6PnzterRSLCqF6rIdhSnuOwrUIt1s/V+EEZXHCwSaNLaQJnYL0H9YjaIuGz4c8kVzxw4c0B6nl+hqW5y5/B2cuHiumnlRIDKOIzlv8ufhh21iN7QpIsPizahPezGoT1XqvzeXfH4qryo8O4yTN/PWoA+f7o9POU7L6hQ== lhebendanz@nixos"
"AAAAB3NzaC1yc2EAAAADAQABAAABgQC4ECL9NSCWqs4KVe+FF+2BPtl5Bv5aQPHqnXllCyiESZykwRKLx6/AbF5SbUAUMVZtp9oDSdp28m3BvVeWJ/q7hAbIxUtfd/jp+JBRZ8Kj6K5GzUO7Bhgl/o0A7xEjAeOKHiYuLjdPMcFUyl6Ah4ey/mcQYf6AdU0+hYUDeUlKe/YxxYD6202W0GJq2xGdIqs/TbopT9iaX+sv0wdXDVfFY72nFqOUwJW3u6O2viKKRugrz/eo50Eo3ts7pYz/FpDXExrUvV9Vu/bQ34pa8nKgF3/AKQHgmzljNQSVZKyAV8OY0UFonjBMXCBg2tXtwfnlzdx2SyuQVv55x+0AuRKsi85G2xLpXu1A3921pseBTW6Q6kbYK9eqxAay2c/kNbwNqFnO+nCvQ6Ier/hvGddOtItMu96IuU2E7mPN6WgvM8/3fjJRFWnZxFxqu/k7iH+yYT8qwRgdiSqZc76qvkYEuabdk2itstTRY0A3SpI3hFMZDw/7bxgMZtqpfyoRk5s= philip@shiki11:15 <Profpatsch> AAAAB3NzaC1yc2EAAAADAQABAAABgQC4ECL9NSCWqs4KVe+FF+2BPtl5Bv5aQPHqnXllCyiESZykwRKLx6/AbF5SbUAUMVZtp9oDSdp28m3BvVeWJ/q7hAbIxUtfd/jp+JBRZ8Kj6K5GzUO7Bhgl/o0A7xEjAeOKHiYuLjdPMcFUyl6Ah4ey/mcQYf6AdU0+hYUDeUlKe/YxxYD6202W0GJq2xGdIqs/TbopT9iaX+sv0wdXDVfFY72nFqOUwJW3u6O2viKKRugrz/eo50Eo3ts7pYz/FpDXExrUvV9Vu/bQ34pa8nKgF3/AKQHgmzljNQSVZKyAV8OY0UFonjBMXCBg2tXtwfnlzdx2SyuQVv55x+0AuRKsi85G2xLpXu1A3921pseBTW6Q6kbYK9eqxAay2c/kNbwNqFnO+nCvQ6Ier/hvGddOtItMu96IuU2E7mPN6WgvM8/3fjJRFWnZxFxqu/k7iH+yYT8qwRgdiSqZc76qvkYEuabdk2itstTRY0A3SpI3hFMZDw/7bxgMZtqpfyoRk5s= philip@shiki"
];
};
};

View File

@ -19,23 +19,14 @@ with import <stockholm/lib>;
<stockholm/lass/2configs/ssh-cryptsetup.nix>
<stockholm/lass/2configs/nfs-dl.nix>
<stockholm/lass/2configs/gg23.nix>
<stockholm/lass/2configs/hass>
<stockholm/lass/2configs/br.nix>
<stockholm/lass/2configs/fetchWallpaper.nix>
<stockholm/lass/2configs/home-media.nix>
];
krebs.build.host = config.krebs.hosts.shodan;
#media center
users.users.media = {
isNormalUser = true;
uid = genid_uint31 "media";
extraGroups = [ "video" "audio" ];
};
services.xserver.displayManager.lightdm.autoLogin = {
enable = true;
user = "media";
};
services.logind.lidSwitch = "ignore";
services.logind.lidSwitchDocked = "ignore";

View File

@ -12,6 +12,7 @@ with import <stockholm/lib>;
i18n.defaultLocale ="de_DE.UTF-8";
time.timeZone = "Europe/Berlin";
services.xserver.enable = true;
services.xserver.libinput.enable = false;
users.users.locke = {
uid = genid "locke";
home = "/home/locke";

View File

@ -71,12 +71,14 @@ in {
gitAndTools.qgit
git-preview
gnome3.dconf
iodine
lm_sensors
ncdu
nix-index
nix-review
nmap
pavucontrol
ponymix
powertop
rxvt_unicode-with-plugins
sxiv
@ -112,7 +114,7 @@ in {
xkbOptions = "caps:escape";
libinput.enable = true;
displayManager.lightdm.enable = true;
windowManager.default = "xmonad";
displayManager.defaultSession = "none+xmonad";
windowManager.session = [{
name = "xmonad";
start = ''

View File

@ -19,6 +19,7 @@ with (import <stockholm/lib>);
];
services.tor.enable = true;
services.tor.client.enable = true;
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-i retiolum -p udp --dport 60000:61000"; target = "ACCEPT";}

View File

@ -113,6 +113,8 @@
];
in {
environment.systemPackages = [ pkgs.review-mail-queue ];
krebs.exim-smarthost = {
enable = true;
dkim = [

View File

@ -20,12 +20,13 @@ with import <stockholm/lib>;
}
'';
machines = [
{ ethernetAddress = "c8:3d:d4:2c:40:ae"; hostName = "tv"; ipAddress = "10.42.0.3"; }
{ ethernetAddress = "a8:a6:48:65:ce:4c"; hostName = "tv"; ipAddress = "10.42.0.3"; }
{ ethernetAddress = "3c:2a:f4:22:28:37"; hostName = "drucker"; ipAddress = "10.42.0.4"; }
{ ethernetAddress = "80:7d:3a:67:b7:01"; hostName = "s20-bett"; ipAddress = "10.42.0.10"; }
{ ethernetAddress = "80:7d:3a:67:b7:01"; hostName = "s20-tv"; ipAddress = "10.42.0.10"; }
{ ethernetAddress = "80:7d:3a:68:04:f0"; hostName = "s20-drucker"; ipAddress = "10.42.0.11"; }
{ ethernetAddress = "80:7d:3a:68:11:a5"; hostName = "s20-kueche"; ipAddress = "10.42.0.12"; }
{ ethernetAddress = "80:7d:3a:68:11:a5"; hostName = "s20-wasch"; ipAddress = "10.42.0.12"; }
{ ethernetAddress = "80:7d:3a:67:bb:69"; hostName = "s20-stereo"; ipAddress = "10.42.0.13"; }
{ ethernetAddress = "ec:b5:fa:07:78:16"; hostName = "hue-bridge"; ipAddress = "10.42.0.21"; }
{ ethernetAddress = "80:8d:b7:c5:80:dc"; hostName = "arubaAP"; ipAddress = "10.42.0.99"; }
];
};
@ -45,9 +46,6 @@ with import <stockholm/lib>;
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-i int0 -p tcp --dport 8123"; target = "ACCEPT"; } # hass
{ predicate = "-i retiolum -p tcp --dport 8123"; target = "ACCEPT"; } # hass
{ predicate = "-i int0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto
{ predicate = "-i int0 -p udp --dport 53"; target = "ACCEPT"; } # dns
];
krebs.iptables.tables.filter.FORWARD.rules = [
@ -62,72 +60,5 @@ with import <stockholm/lib>;
krebs.iptables.tables.nat.POSTROUTING.rules = [
{ v6 = false; predicate = "-s 10.42.0.0/24 ! -d 10.42.0.0/24"; target = "MASQUERADE"; }
];
services.home-assistant = let
tasmota_s20 = name: topic: {
platform = "mqtt";
inherit name;
state_topic = "stat/${topic}/POWER";
command_topic = "cmnd/${topic}/POWER";
payload_on = "ON";
payload_off = "OFF";
};
in {
enable = true;
package = pkgs.home-assistant.override {
#extraComponents = [
# (pkgs.fetchgit {
# url = "https://github.com/marcschumacher/dwd_pollen";
# rev = "0.1";
# sha256 = "12vldwsds27c9l15ffc6svk9mj17jhypcz736pvpmpqbsymllz2p";
# })
#];
};
config = {
homeassistant = {
name = "Home"; time_zone = "Europe/Berlin";
latitude = "48.7687";
longitude = "9.2478";
elevation = 247;
};
sun.elevation = 66;
discovery = {};
frontend = { };
mqtt = {
broker = "localhost";
port = 1883;
client_id = "home-assistant";
username = "gg23";
password = "gg23-mqtt";
keepalive = 60;
protocol = 3.1;
};
sensor = [
];
switch = [
(tasmota_s20 "Drucker Strom" "drucker")
(tasmota_s20 "Bett Licht" "bett")
(tasmota_s20 "Kueche Licht" "kueche")
];
device_tracker = [
{
platform = "luci";
}
];
};
};
services.mosquitto = {
enable = true;
host = "0.0.0.0";
allowAnonymous = false;
checkPasswords = true;
users.gg23 = {
password = "gg23-mqtt";
acl = [ "topic readwrite #" ];
};
};
environment.systemPackages = [ pkgs.mosquitto ];
}

View File

@ -0,0 +1,106 @@
{ config, lib, pkgs, ... }:
with import ./lib.nix { inherit lib; };
{
imports = [
./zigbee.nix
./rooms/bett.nix
./rooms/essen.nix
./rooms/nass.nix
];
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-i int0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto
{ predicate = "-i docker0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto
{ predicate = "-i int0 -p tcp --dport 8123"; target = "ACCEPT"; } # hass
{ predicate = "-i retiolum -p tcp --dport 8123"; target = "ACCEPT"; } # hass
];
services.home-assistant = {
enable = true;
package = pkgs.home-assistant.override {
# extraComponents = [ "hue" ];
};
configWritable = true;
};
lass.hass.config = let
tasmota_s20 = name: topic: {
platform = "mqtt";
inherit name;
state_topic = "stat/${topic}/POWER";
command_topic = "cmnd/${topic}/POWER";
payload_on = "ON";
payload_off = "OFF";
};
in {
homeassistant = {
name = "Home";
time_zone = "Europe/Berlin";
latitude = "52.46187";
longitude = "13.41489";
elevation = 90;
unit_system = "metric";
customize = friendly_names;
};
config = {};
sun.elevation = 66;
discovery = {};
frontend = {};
mqtt = {
broker = "localhost";
port = 1883;
client_id = "home-assistant";
username = "gg23";
password = "gg23-mqtt";
keepalive = 60;
protocol = 3.1;
discovery = true;
birth_message = {
topic = "/hass/status";
payload = "online";
};
will_message = {
topic = "/hass/status";
payload = "offline";
};
};
sensor = [
{
platform = "dwd_weather_warnings";
region_name = "Berlin";
}
];
switch = [
(tasmota_s20 "TV" "tv")
(tasmota_s20 "Drucker Strom" "drucker")
(tasmota_s20 "Waschmaschine" "wasch")
(tasmota_s20 "Stereo Anlage" "stereo")
];
mobile_app = {};
hue = {};
weather = [
{
platform = "openweathermap";
api_key = "xxx"; # TODO put into secrets
}
];
system_health = {};
history = {};
shopping_list = {};
};
services.mosquitto = {
enable = true;
host = "0.0.0.0";
allowAnonymous = false;
checkPasswords = true;
users.gg23 = {
password = "gg23-mqtt";
acl = [ "topic readwrite #" ];
};
};
environment.systemPackages = [ pkgs.mosquitto ];
}

263
lass/2configs/hass/lib.nix Normal file
View File

@ -0,0 +1,263 @@
{ lib, ... }:
rec {
lights = {
bett = "0x0017880106ed3bd8";
essen = "0x0017880108327622";
arbeit = "0x0017880106ee2865";
nass = "0x00178801082e9f2f";
};
switches = {
dimmer = {
bett = "0x00178801086ac38c";
essen = "0x00178801086ad1fb";
nass = "0x00178801086ac373";
};
};
sensors = {
movement = {
essen = "0x0017880106f772f2";
nass = "0x0017880106f77f30";
};
};
friendly_names =
lib.mapAttrs' (n: v: lib.nameValuePair "light.${v}_light" { friendly_name = "l.${n}"; }) lights //
lib.mapAttrs' (n: v: lib.nameValuePair "binary_sensor.${v}_update_available" { friendly_name = "s.${n}_up"; }) switches.dimmer //
lib.mapAttrs' (n: v: lib.nameValuePair "binary_sensor.${v}_update_available" { friendly_name = "i.${n}_up"; }) sensors.movement //
lib.mapAttrs' (n: v: lib.nameValuePair "binary_sensor.${v}_update_available" { friendly_name = "l.${n}_up"; }) lights //
lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_linkquality" { friendly_name = "s.${n}_link"; }) switches.dimmer //
lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_linkquality" { friendly_name = "i.${n}_link"; }) sensors.movement //
lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_linkquality" { friendly_name = "l.${n}_link"; }) lights //
lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_battery" { friendly_name = "s.${n}_bat"; }) switches.dimmer //
lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_battery" { friendly_name = "i.${n}_bat"; }) sensors.movement //
lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_action" { friendly_name = "s.${n}_act"; }) switches.dimmer //
lib.mapAttrs' (n: v: lib.nameValuePair "binary_sensor.${v}_occupancy" { friendly_name = "i.${n}_move"; }) sensors.movement //
lib.mapAttrs' (n: v: lib.nameValuePair "binary_sensor.${v}_occupancy" { friendly_name = "i.${n}_move"; }) sensors.movement //
lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_temperature" { friendly_name = "i.${n}_heat"; }) sensors.movement //
lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_temperature" { friendly_name = "i.${n}_heat"; }) sensors.movement //
lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_illuminance" { friendly_name = "i.${n}_lux"; }) sensors.movement //
lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_illuminance" { friendly_name = "i.${n}_lux"; }) sensors.movement //
{};
detect_movement = sensor: light: delay:
let
id = "${sensor}_${light}";
sensor_ = "binary_sensor.${sensor}_occupancy";
light_ = "light.${light}_light";
in {
input_boolean."${id}" = {
};
timer."${id}" = {
duration = delay;
};
automation = [
# {
# alias = "debug detect_movement";
# trigger = {
# platform = "state";
# entity_id = sensor_;
# };
# action = [
# {
# service = "system_log.write";
# data_template = {
# message = "XXXXXXXXXXXXXXXXXXXXXX {{ states('input_boolean.${sensor}_${light}_triggered') == 'on' }}";
# #message = "XXXXXXXXXXXXXXXXXXXXXX {{ state_attr('trigger.to_state.state', 'illuminance') }}";
# };
# }
# ];
# }
{
alias = "movement reset timer ${id}";
hide_entity = true;
trigger = {
platform = "state";
entity_id = sensor_;
from = "off";
to = "on";
};
action = [
{
service = "timer.cancel";
data_template.entity_id = "timer.${id}";
}
];
}
{
alias = "movement on ${id}";
# hide_entity = true;
trigger = {
platform = "state";
entity_id = "binary_sensor.${sensor}_occupancy";
from = "off";
to = "on";
};
condition = {
condition = "and";
conditions = [
{
condition = "template";
value_template = "{{ trigger.to_state.attributes.illuminance < 13000 }}";
}
{
condition = "template";
value_template = "{{ states('${light_}') == 'off' }}";
}
];
};
action = [
{
service = "light.turn_on";
data_template = {
entity_id = light_;
brightness = "100";
};
}
{ delay = "0:00:02"; }
{
service = "input_boolean.turn_on";
data_template.entity_id = "input_boolean.${id}";
}
];
}
{
alias = "movement off ${id}";
hide_entity = true;
trigger = {
platform = "state";
entity_id = sensor_;
from = "on";
to = "off";
};
condition = {
condition = "template";
value_template = "{{ states('input_boolean.${id}') == 'on' }}";
};
action = [
{
service = "timer.start";
entity_id = "timer.${id}";
}
];
}
{
alias = "movement override ${id}";
hide_entity = true;
trigger = {
platform = "state";
entity_id = light_;
};
action = [
{
service = "input_boolean.turn_off";
data_template.entity_id = "input_boolean.${id}";
}
{
service = "system_log.write";
data_template = {
message = "XXXXXXXXXXXXXXXXXXXXXX {{ trigger }}";
};
}
];
}
{
alias = "movement expired ${id}";
hide_entity = true;
trigger = {
platform = "event";
event_type = "timer.finished";
event_data.entity_id = "timer.${id}";
};
action = [
{
service = "light.turn_off";
data_template = {
entity_id = light_;
};
}
{
service = "input_boolean.turn_off";
data_template.entity_id = "input_boolean.${id}";
}
];
}
];
};
lightswitch = switch: light: {
automation = [
{
alias = "lightswitch ${switch} turn on light ${light}";
hide_entity = "true";
trigger = {
platform = "mqtt";
topic = "zigbee/${switch}";
};
condition = {
condition = "or";
conditions = [
{
condition = "template";
value_template = "{{ trigger.payload_json.action == 'on-press' }}";
}
{
condition = "template";
value_template = "{{ trigger.payload_json.action == 'up-press' }}";
}
{
condition = "and";
conditions = [
{
condition = "template";
value_template = "{{ trigger.payload_json.action == 'down-press' }}";
}
{
condition = "template";
value_template = "{{ trigger.payload_json.brightness > 30 }}";
}
];
}
];
};
action = [
{
service = "light.turn_on";
data_template = {
entity_id = "light.${light}_light";
brightness = "{{ trigger.payload_json.brightness }}";
};
}
];
}
{
alias = "lightswitch ${switch} turn off light ${light}";
hide_entity = "true";
trigger = {
platform = "mqtt";
topic = "zigbee/${switch}";
};
condition = {
condition = "or";
conditions = [
{
condition = "template";
value_template = "{{ trigger.payload_json.action == 'off-press' }}";
}
{
condition = "template";
value_template = "{{ trigger.payload_json.brightness < 30 }}";
}
];
};
action = {
service = "light.turn_off";
data_template = {
entity_id = "light.${light}_light";
};
};
}
];
};
}

View File

@ -0,0 +1,8 @@
{ lib, ... }:
with import ../lib.nix { inherit lib; };
{
lass.hass.config = lib.mkMerge [
(lightswitch switches.dimmer.bett lights.bett)
];
}

View File

@ -0,0 +1,9 @@
{ lib, ... }:
with import ../lib.nix { inherit lib; };
{
lass.hass.config = lib.mkMerge [
(detect_movement sensors.movement.essen lights.essen 10)
(lightswitch switches.dimmer.essen lights.essen)
];
}

View File

@ -0,0 +1,10 @@
{ lib, ... }:
with import ../lib.nix { inherit lib; };
{
lass.hass.config = lib.mkMerge [
(detect_movement sensors.movement.nass lights.nass 100)
(lightswitch switches.dimmer.nass lights.nass)
];
}

View File

@ -0,0 +1,151 @@
{config, pkgs, lib, ...}: let
zigbee2mqtt_cfg = pkgs.writeText "zigbee2mqtt.json" (builtins.toJSON {
homeassistant = true;
permit_join = false;
mqtt = {
discovery = true;
base_topic = "zigbee";
server = "mqtt://10.42.0.1";
user = "gg23";
password = "gg23-mqtt";
};
serial.port = "/dev/cc2531";
});
in {
# symlink the zigbee controller
services.udev.extraRules = ''
SUBSYSTEM=="tty", ATTRS{idVendor}=="0451", ATTRS{idProduct}=="16a8", SYMLINK+="cc2531", MODE="0660", GROUP="dailout"
'';
system.activationScripts.installZigbee = ''
install -d /var/lib/zigbee2mqtt
install ${zigbee2mqtt_cfg} /var/lib/zigbee2mqtt/configuration.yaml
'';
# hack to restart docker container on config change
systemd.services.docker-zigbee2mqtt.environment.cfg = zigbee2mqtt_cfg;
docker-containers.zigbee2mqtt = {
image = "koenkk/zigbee2mqtt";
extraDockerOptions = [
"--device=/dev/cc2531:/dev/cc2531"
];
volumes = ["/var/lib/zigbee2mqtt:/app/data"];
};
lass.hass.config = {
sensor = [
# Sensor for monitoring the bridge state
{
platform = "mqtt";
name = "Zigbee2mqtt Bridge state";
state_topic = "/zigbee2mqtt/bridge/state";
icon = "mdi:router-wireless";
}
# Sensor for Showing the Zigbee2mqtt Version
{
platform = "mqtt";
name = "Zigbee2mqtt Version";
state_topic = "/zigbee2mqtt/bridge/config";
value_template = "{{ value_json.version }}";
icon = "mdi:zigbee";
}
# Sensor for Showing the Coordinator Version
{
platform = "mqtt";
name = "Coordinator Version";
state_topic = "/zigbee2mqtt/bridge/config";
value_template = "{{ value_json.coordinator }}";
icon = "mdi:chip";
}
];
switch = [
{
platform = "mqtt";
name = "zigbee2mqtt_join";
state_topic = "/zigbee2mqtt/bridge/config/permit_join";
command_topic = "/zigbee2mqtt/bridge/config/permit_join";
payload_on = "true";
payload_off = "false";
}
];
automation = [
#{
# alias = "Zigbee2mqtt Log Level";
# initial_state = "on";
# trigger = {
# platform = "state";
# entity_id = "input_select.zigbee2mqtt_log_level";
# };
# action = [
# {
# service = "mqtt.publish";
# data = {
# payload_template = "{{ states('input_select.zigbee2mqtt_log_level') }}";
# topic = "/zigbee2mqtt/bridge/config/log_level";
# };
# }
# ];
#}
# Automation to start timer when enable join is turned on
{
id = "zigbee_join_enabled";
alias = "";
hide_entity = "true";
trigger = {
platform = "state";
entity_id = "switch.zigbee2mqtt_join";
to = "on";
};
action = {
service = "timer.start";
entity_id = "timer.zigbee_permit_join";
};
}
# Automation to stop timer when switch turned off and turn off switch when timer finished
{
id = "zigbee_join_disabled";
hide_entity = "true";
trigger = [
{
platform = "event";
event_type = "timer.finished";
event_data.entity_id = "timer.zigbee_permit_join";
}
{
platform = "state";
entity_id = "switch.zigbee2mqtt_join";
to = "off";
}
];
action = [
{ service = "timer.cancel";
data.entity_id = "timer.zigbee_permit_join";
}
{ service = "switch.turn_off";
entity_id = "switch.zigbee2mqtt_join";
}
];
}
];
#input_select.zigbee2mqtt_log_level = {
# name = "Zigbee2mqtt Log Level";
# options = [
# "debug"
# "info"
# "warn"
# "error"
# ];
# initial = "info";
# icon = "mdi:format-list-bulleted";
#};
timer.zigbee_permit_join = {
name = "Zigbee Time remaining";
duration = 120;
};
};
}

View File

@ -0,0 +1,23 @@
with import <stockholm/lib>;
{ pkgs, ... }:
{
users.users.media = {
isNormalUser = true;
uid = genid_uint31 "media";
extraGroups = [ "video" "audio" ];
};
services.xserver.displayManager.lightdm.autoLogin = {
enable = true;
user = "media";
};
hardware.pulseaudio.configFile = pkgs.writeText "pulse.pa" ''
.include ${pkgs.pulseaudioFull}/etc/pulse/default.pa
load-module module-native-protocol-tcp auth-ip-acl=127.0.0.1;10.42.0.0/24 auth-anonymous=1
'';
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-p tcp --dport 4713"; target = "ACCEPT"; } # pulseaudio
];
}

View File

@ -2,18 +2,6 @@
{
networking.wireless.enable = lib.mkForce false;
systemd.services.modemmanager = {
description = "ModemManager";
after = [ "network-manager.service" ];
bindsTo = [ "network-manager.service" ];
wantedBy = [ "network-manager.service" ];
serviceConfig = {
ExecStart = "${pkgs.modemmanager}/bin/ModemManager";
PrivateTmp = true;
Restart = "always";
RestartSec = "5";
};
};
networking.networkmanager = {
ethernet.macAddress = "random";
wifi.macAddress = "random";
@ -26,7 +14,11 @@
users.users.mainUser = {
extraGroups = [ "networkmanager" ];
packages = with pkgs; [
gnome3.gnome_keyring gnome3.dconf
gnome3.gnome_keyring
gnome3.dconf
];
};
environment.systemPackages = [
pkgs.nm-dmenu
];
}

32
lass/2configs/ppp.nix Normal file
View File

@ -0,0 +1,32 @@
{ pkgs, ... }: {
# usage: pppd call default
environment.etc."ppp/peers/default".text = ''
/dev/ttyACM2
921600
crtscts
defaultroute
holdoff 10
lock
maxfail 0
noauth
nodetach
noipdefault
passive
persist
usepeerdns
connect "${pkgs.ppp}/bin/chat -f ${pkgs.writeText "default.chat" ''
ABORT "BUSY"
ABORT "NO CARRIER"
REPORT CONNECT
"" "ATDT*99#"
CONNECT
''}"
'';
environment.systemPackages = [
pkgs.ppp
];
}

View File

@ -12,7 +12,7 @@ let
music_dir = "/home/radio/music";
add_random = pkgs.writeDashBin "add_random" ''
${pkgs.mpc_cli}/bin/mpc add "$(${pkgs.findutils}/bin/find "${music_dir}/the_playlist" | grep '\.ogg$' | shuf -n1 | sed 's,${music_dir}/,,')"
${pkgs.mpc_cli}/bin/mpc add "$(${pkgs.findutils}/bin/find "${music_dir}/the_playlist" | grep -v '/other/' | grep '\.ogg$' | shuf -n1 | sed 's,${music_dir}/,,')"
'';
skip_track = pkgs.writeBashBin "skip_track" ''
@ -44,15 +44,41 @@ let
if [[ "$current_track" =~ ^the_playlist/music/.* ]]; then
${pkgs.attr}/bin/setfattr -n user.skip_count -v 0 "$music_dir"/"$current_track"
else
mv "$music_dir"/"$current_track" "$music_dir"/the_playlist/music/
mv "$music_dir"/"$current_track" "$music_dir"/the_playlist/music/ || :
fi
echo good: "$track_infos"
echo good: "$track_infos"
'';
track_youtube_link = pkgs.writeDash "track_youtube_link" ''
${pkgs.mpc_cli}/bin/mpc current -f %file% \
| ${pkgs.gnused}/bin/sed 's@.*\(.\{11\}\)\.ogg@https://www.youtube.com/watch?v=\1@'
'';
print_current = pkgs.writeDashBin "print_current" ''
echo "$(${pkgs.mpc_cli}/bin/mpc current -f %file%) \
$(${pkgs.mpc_cli}/bin/mpc current -f %file% \
| ${pkgs.gnused}/bin/sed 's@.*\(.\{11\}\)\.ogg@http://www.youtube.com/watch?v=\1@')"
$(${track_youtube_link})"
'';
print_current_json = pkgs.writeDashBin "print_current_json" ''
${pkgs.jq}/bin/jq -n -c \
--arg name "$(${pkgs.mpc_cli}/bin/mpc current)" \
--arg filename "$(${pkgs.mpc_cli}/bin/mpc current -f %file%)" \
--arg youtube "$(${track_youtube_link})" '{
name: $name,
filename: $filename,
youtube: $youtube
}'
'';
write_to_irc = pkgs.writeDash "write_to_irc" ''
${pkgs.curl}/bin/curl -fsSv --unix-socket /home/radio/reaktor.sock http://z/ \
-H content-type:application/json \
-d "$(${pkgs.jq}/bin/jq -n \
--arg text "$1" '{
command:"PRIVMSG",
params:["#the_playlist",$text]
}'
)"
'';
in {
@ -81,6 +107,7 @@ in {
good_track
skip_track
print_current
print_current_json
ncmpcpp
mpc_cli
];
@ -146,6 +173,7 @@ in {
tables = {
filter.INPUT.rules = [
{ predicate = "-p tcp --dport 8000"; target = "ACCEPT"; }
{ predicate = "-i retiolum -p tcp --dport 8001"; target = "ACCEPT"; }
];
};
};
@ -195,6 +223,7 @@ in {
done | while read track; do
echo "$(date -Is)" "$track" | tee -a "$HISTORY_FILE"
echo "$(tail -$LIMIT "$HISTORY_FILE")" > "$HISTORY_FILE"
${write_to_irc} "playing: $track"
done
'';
in {
@ -206,6 +235,7 @@ in {
serviceConfig = {
ExecStart = recentlyPlayed;
User = "radio";
};
};
@ -218,6 +248,7 @@ in {
useTLS = true;
nick = "the_playlist";
username = "radio";
API.listen = "unix:/home/radio/reaktor.sock";
plugins = [
{
plugin = "register";
@ -259,6 +290,42 @@ in {
];
};
krebs.htgen.radio = {
port = 8001;
user = {
name = "radio";
};
script = ''
case "$Method $Request_URI" in
"GET /current")
printf 'HTTP/1.1 200 OK\r\n'
printf 'Connection: close\r\n'
printf '\r\n'
${print_current_json}/bin/print_current_json
exit
;;
"POST /skip")
printf 'HTTP/1.1 200 OK\r\n'
printf 'Connection: close\r\n'
printf '\r\n'
msg=$(${skip_track}/bin/skip_track)
${write_to_irc} "$msg"
echo "$msg"
exit
;;
"POST /good")
printf 'HTTP/1.1 200 OK\r\n'
printf 'Connection: close\r\n'
printf '\r\n'
msg=$(${good_track}/bin/good_track)
${write_to_irc} "$msg"
echo "$msg"
exit
;;
esac
'';
};
services.nginx = {
enable = true;
virtualHosts."radio.lassul.us" = {

View File

@ -13,6 +13,8 @@ in {
];
security.acme = {
email = "acme@lassul.us";
acceptTerms = true;
certs."lassul.us" = {
allowKeysForGroup = true;
group = "lasscert";
@ -72,11 +74,6 @@ in {
security.acme.certs."cgit.lassul.us" = {
email = "lassulus@lassul.us";
webroot = "/var/lib/acme/acme-challenge";
plugins = [
"account_key.json"
"fullchain.pem"
"key.pem"
];
group = "nginx";
user = "nginx";
};

View File

@ -4,6 +4,7 @@ _:
./dnsmasq.nix
./ejabberd
./folderPerms.nix
./hass.nix
./hosts.nix
./mysql-backup.nix
./news.nix
@ -11,7 +12,6 @@ _:
./pyload.nix
./restic.nix
./screenlock.nix
./umts.nix
./usershadow.nix
./xjail.nix
./autowifi.nix

34
lass/3modules/hass.nix Normal file
View File

@ -0,0 +1,34 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
let
cfg = config.lass.hass;
in {
options.lass.hass = {
config = mkOption {
default = {};
type = with lib.types; let
valueType = nullOr (oneOf [
bool
int
float
str
(attrsOf valueType)
(listOf valueType)
]) // {
description = "Yaml value";
emptyValue.value = {};
};
in valueType;
};
};
config =
assert versionOlder version "20.09";
mkIf (cfg.config != {})
{
services.home-assistant.config = cfg.config;
};
}

View File

@ -1,112 +0,0 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
let
cfg = config.lass.umts;
out = {
options.lass.umts = api;
config = lib.mkIf cfg.enable imp;
};
api = {
enable = mkEnableOption "umts";
modem = mkOption {
type = types.str;
default = "/dev/ttyUSB0";
};
initstrings = mkOption {
type = types.str;
default = ''
Init1 = ATZ
Init2 = ATQ0 V1 E1 S0=0 &C1 &D2
'';
};
username = mkOption {
type = types.str;
default = "default";
};
password = mkOption {
type = types.str;
default = "default";
};
pppDefaults = mkOption {
type = types.str;
default = ''
noipdefault
usepeerdns
defaultroute
persist
noauth
'';
};
};
nixpkgs-1509 = import (pkgs.fetchFromGitHub {
owner = "NixOS"; repo = "nixpkgs-channels";
rev = "91371c2bb6e20fc0df7a812332d99c38b21a2bda";
sha256 = "1as1i0j9d2n3iap9b471y4x01561r2s3vmjc5281qinirlr4al73";
}) {};
wvdial = nixpkgs-1509.wvdial; # https://github.com/NixOS/nixpkgs/issues/16113
umts-bin = pkgs.writeScriptBin "umts" ''
#!/bin/sh
set -euf
systemctl start umts
trap "systemctl stop umts;trap - INT TERM EXIT;exit" INT TERM EXIT
echo nameserver 8.8.8.8 | tee -a /etc/resolv.conf
journalctl -xfu umts
'';
wvdial-defaults = ''
[Dialer Defaults]
Modem = ${cfg.modem}
${cfg.initstrings}
Modem Type = Analog Modem
Baud = 460800
phone= *99#
Username = ${cfg.username}
Password = ${cfg.password}
Stupid Mode = 1
Idle Seconds = 0
PPPD Path = ${pkgs.ppp}/bin/pppd
'';
imp = {
environment.shellAliases = {
umts = "sudo ${umts-bin}/bin/umts";
};
environment.systemPackages = [
pkgs.ppp
];
security.sudo.extraConfig = ''
lass ALL= (root) NOPASSWD: ${umts-bin}/bin/umts
'';
environment.etc = [
{
source = pkgs.writeText "wvdial.conf" wvdial-defaults;
target = "wvdial.conf";
}
{
source = pkgs.writeText "wvdial" cfg.pppDefaults;
target = "ppp/peers/wvdial";
}
];
systemd.services.umts = {
description = "UMTS wvdial Service";
serviceConfig = {
Type = "simple";
Restart = "always";
RestartSec = "10s";
ExecStart = "${wvdial}/bin/wvdial -n";
};
};
};
in out

View File

@ -6,11 +6,11 @@ with import <stockholm/lib>;
type = types.attrsOf (types.submodule ({ config, ...}: {
options = {
name = mkOption {
type = types.string;
type = types.str;
default = config._module.args.name;
};
user = mkOption {
type = types.string;
type = types.str;
default = config.name;
};
groups = mkOption {
@ -18,11 +18,11 @@ with import <stockholm/lib>;
default = [];
};
from = mkOption {
type = types.string;
type = types.str;
default = "lass";
};
display = mkOption {
type = types.string;
type = types.str;
default = toString (genid_uint31 config._module.args.name);
};
dpi = mkOption {
@ -47,7 +47,7 @@ with import <stockholm/lib>;
};
wm = mkOption {
#TODO find type
type = types.string;
type = types.str;
default = "${pkgs.writeHaskellPackage "xephyrify-xmonad" {
executables.xmonad = {
extra-depends = [

View File

@ -1,16 +1,10 @@
{ config, pkgs, ... }:
pkgs.writeHaskellPackage "xmonad-lass" {
executables.xmonad = {
extra-depends = [
"containers"
"extra"
"unix"
"X11"
"xmonad"
"xmonad-contrib"
"xmonad-stockholm"
];
text = /* haskell */ ''
pkgs.writers.writeHaskellBin "xmonad" {
libraries = with pkgs.haskellPackages; [
extra
xmonad-stockholm
];
} /* haskell */ ''
{-# LANGUAGE LambdaCase #-}
@ -62,7 +56,7 @@ instance UrgencyHook LibNotifyUrgencyHook where
safeSpawn "${pkgs.libnotify}/bin/notify-send" [show name, "workspace " ++ idx]
myTerm :: FilePath
myTerm = "${pkgs.rxvt_unicode_with-plugins}/bin/urxvtc"
myTerm = "${pkgs.rxvt_unicode-with-plugins}/bin/urxvtc"
myFont :: String
myFont = "-*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1"
@ -150,10 +144,7 @@ myKeyMap =
, ("M4-<F2>", windows copyToAll)
, ("M4-<F4>", spawn "${pkgs.writeDash "nm-dmenu" ''
export PATH=$PATH:${pkgs.dmenu}/bin:${pkgs.networkmanagerapplet}/bin
exec ${pkgs.networkmanager_dmenu}/bin/networkmanager_dmenu "$@"
''}")
, ("M4-<F4>", spawn "${pkgs.nm-dmenu}/bin/nm-dmenu")
, ("M4-<Insert>", spawn "${pkgs.writeDash "paste" ''
${pkgs.coreutils}/bin/sleep 0.1
${pkgs.xclip}/bin/xclip -o | ${pkgs.xdotool}/bin/xdotool type -f -
@ -223,6 +214,4 @@ gridConfig = def
allWorkspaceNames :: W.StackSet i l a sid sd -> X [i]
allWorkspaceNames ws =
return $ map W.tag (W.hidden ws ++ (map W.workspace $ W.visible ws)) ++ [W.tag $ W.workspace $ W.current ws]
'';
};
}
''

View File

@ -18,6 +18,9 @@
ζ | zeta
(°° | table flip
() | why woot
(___) | gloom I see you
| sad
(\/) (°,,,,°) (\/) | krebs
'';
in

View File

@ -0,0 +1,6 @@
{ pkgs, ... }:
pkgs.writeDashBin "nm-dmenu" ''
export PATH=$PATH:${pkgs.dmenu}/bin:${pkgs.networkmanagerapplet}/bin
exec ${pkgs.networkmanager_dmenu}/bin/networkmanager_dmenu "$@"
''

View File

@ -0,0 +1,39 @@
{ pkgs }: let
review = pkgs.writers.writeBash "review-mail" ''
mail="$1"
${pkgs.exim}/bin/exim -Mvc "$mail" | grep -E 'Subject:|To:'
${pkgs.exim}/bin/exim -Mvl "$mail"
while :; do
read -p 'delete?' key
case "$key" in
v*)
${pkgs.exim}/bin/exim -Mvc "$mail"
;;
d*)
${pkgs.exim}/bin/exim -Mrm "$mail"
break
;;
r*)
${pkgs.exim}/bin/exim -Mt "$mail"
break
;;
n*)
break
;;
esac
done
echo '-------------------'
echo '-------------------'
echo '-------------------'
echo '-------------------'
echo '-------------------'
'';
in pkgs.writers.writeBashBin "review-mail" ''
for mail in $(${pkgs.exim}/bin/exim -bp \
| ${pkgs.gnugrep}/bin/grep frozen \
| ${pkgs.gawk}/bin/awk '{print $3}'); do
${review} "$mail"
done
''

View File

@ -49,6 +49,8 @@ let
indent = replaceChars ["\n"] ["\n "];
stripAttr = converge (filterAttrsRecursive (n: v: v != {} && v != null));
mapNixDir = f: x: {
list = foldl' mergeAttrs {} (map (mapNixDir1 f) x);
path = mapNixDir1 f x;

View File

@ -7,7 +7,7 @@ let
mkOptionType optional optionalAttrs optionals range splitString
stringLength substring test testString typeOf;
inherit (lib.types)
attrsOf bool either enum int listOf nullOr path str string submodule;
attrsOf bool either enum int listOf nullOr path str submodule;
in
rec {
@ -65,7 +65,7 @@ rec {
extraZones = mkOption {
default = {};
# TODO: string is either MX, NS, A or AAAA
type = attrsOf string;
type = attrsOf str;
};
secure = mkOption {
@ -182,7 +182,7 @@ rec {
extraConfig = mkOption {
description = "Extra Configuration to be appended to the hosts file";
default = "";
type = string;
type = str;
};
port = mkOption {
type = int;

View File

@ -108,7 +108,6 @@ in {
## network
<stockholm/makefu/2configs/vpn/openvpn-server.nix>
# <stockholm/makefu/2configs/vpn/vpnws/server.nix>
<stockholm/makefu/2configs/dnscrypt/server.nix>
<stockholm/makefu/2configs/binary-cache/server.nix>
<stockholm/makefu/2configs/backup/server.nix>
<stockholm/makefu/2configs/iodined.nix>
@ -137,9 +136,11 @@ in {
<stockholm/makefu/2configs/deployment/owncloud.nix>
<stockholm/makefu/2configs/deployment/board.euer.krebsco.de.nix>
<stockholm/makefu/2configs/deployment/rss.euer.krebsco.de.nix>
<stockholm/makefu/2configs/deployment/feed.euer.krebsco.de>
<stockholm/makefu/2configs/deployment/boot-euer.nix>
<stockholm/makefu/2configs/deployment/gecloudpad>
<stockholm/makefu/2configs/deployment/docker/archiveteam-warrior.nix>
<stockholm/makefu/2configs/deployment/docker/etherpad.euer.krebsco.de.nix>
<stockholm/makefu/2configs/shiori.nix>
<stockholm/makefu/2configs/bgt/download.binaergewitter.de.nix>

View File

@ -26,6 +26,10 @@ in {
# <stockholm/makefu/2configs/disable_v6.nix>
#<stockholm/makefu/2configs/graphite-standalone.nix>
#<stockholm/makefu/2configs/share-user-sftp.nix>
<stockholm/makefu/2configs/urlwatch>
<stockholm/makefu/2configs/legacy_only.nix>
<stockholm/makefu/2configs/share/omo.nix>
<stockholm/makefu/2configs/dcpp/airdcpp.nix>
{ krebs.airdcpp.dcpp.shares = let
@ -125,16 +129,16 @@ in {
zramSwap.enable = true;
krebs.Reaktor.reaktor-shack = {
nickname = "Reaktor|shack";
workdir = "/var/lib/Reaktor/shack";
channels = [ "#shackspace" ];
plugins = with pkgs.ReaktorPlugins;
[ shack-correct
# stockholm-issue
sed-plugin
random-emoji ];
};
#krebs.Reaktor.reaktor-shack = {
# nickname = "Reaktor|shack";
# workdir = "/var/lib/Reaktor/shack";
# channels = [ "#shackspace" ];
# plugins = with pkgs.ReaktorPlugins;
# [ shack-correct
# # stockholm-issue
# sed-plugin
# random-emoji ];
#};
#krebs.Reaktor.reaktor-bgt = {
# nickname = "Reaktor|bgt";
# workdir = "/var/lib/Reaktor/bgt";

View File

@ -19,7 +19,9 @@
<stockholm/makefu/2configs/tools/all.nix>
{ programs.adb.enable = true; }
{ systemd.services.docker.wantedBy = lib.mkForce []; }
<stockholm/makefu/2configs/dict.nix>
<stockholm/makefu/2configs/legacy_only.nix>
#<stockholm/makefu/3modules/netboot_server.nix>
#{
# netboot_server = {
@ -162,7 +164,11 @@
krebs.tinc.retiolum.connectTo = [ "omo" "prism" "nextgum" "wbob" ];
# hard dependency because otherwise the device will not be unlocked
boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }];
boot.initrd.luks.devices.luksroot =
{
device = "/dev/sda2";
allowDiscards = true;
};
# avoid full boot dir
boot.loader.grub.configurationLimit = 3;

View File

@ -41,6 +41,7 @@ in {
};
autoExtraComponents = true;
config = {
config = {};
discovery = {};
homeassistant = {
name = "Bureautomation";

View File

@ -30,7 +30,7 @@ with import <stockholm/lib>;
};
nix.trustedUsers = [ config.krebs.build.user.name ];
boot.kernelPackages = lib.mkDefault pkgs.linuxPackages_latest;
boot.kernelPackages = lib.mkDefault pkgs.linuxPackages;
nixpkgs.config.allowUnfreePredicate = pkg: packageName pkg == "unrar";
@ -85,4 +85,8 @@ with import <stockholm/lib>;
RuntimeMaxUse=128M
'';
environment.pathsToLink = [ "/share" ];
security.acme = {
email = "letsencrypt@syntax-fehler.de";
acceptTerms = true;
};
}

View File

@ -0,0 +1,39 @@
{ lib, ... }:
let
port = 19201;
in {
#services.nginx.virtualHosts."euer.krebsco.de".serverAliases = [ "etherpad.euer.krebsco.de" ];
services.nginx.virtualHosts."etherpad.euer.krebsco.de" = {
# useACMEHost = "euer.krebsco.de";
enableACME = true;
forceSSL = true;
locations."/".proxyPass = "http://localhost:${toString port}";
};
docker-containers."etherpad-lite" = {
image = "makefoo/bgt-etherpad:2020-05-02.5";
ports = [ "127.0.0.1:${toString port}:9001" ];
volumes = [
"/var/src/secrets/etherpad/apikey:/opt/etherpad-lite/APIKEY.txt"
"etherpad_data:/opt/etherpad-lite/var" # persistent dirtydb
];
# for postgres
#DB_TYPE=postgres
#DB_HOST=db.local
#DB_PORT=4321
#DB_NAME=etherpad
#DB_USER=dbusername
#DB_PASS=mypassword
environment = {
# ADMIN_PASSWORD = "auf jeden fall nicht das echte admin passwort";
SUPPRESS_ERRORS_IN_PAD_TEXT = "true";
TITLE = "Binärgewitter Etherpad";
SKIN_NAME = "no-skin";
DEFAULT_PAD_TEXT = builtins.replaceStrings ["\n"] ["\\n"] (builtins.readFile ./template.md);
PAD_OPTIONS_USE_MONOSPACE_FONT = "true";
PAD_OPTIONS_USER_NAME = "true";
PAD_OPTIONS_USER_COLOR = "true";
PAD_OPTIONS_CHAT_AND_USERS = "true";
PAD_OPTIONS_LANG = "en-US";
};
};
}

View File

@ -0,0 +1,33 @@
# BGT<NUMBER>
1. studio-link aufnehmen drücken (wichtig)
- markus 6407eb63@studio-link.de
- Felix1 1f1021b2@studio-link.de
- L33tFelix 4d47a82a@studio-link.de
- Ingo 03b33b4a@studio-link.de
2. audiocity starten, 48000Hz einstellen, Audio-Device checken und aufnehmen drücken (wichtig)
3. obs starten und aufnehmen drücken (eher unwichtig)
4. darkice starten (wichtig)
4. klatschen
5. Hallo und herzlich Willkommen
## Vorschläge
### Backlog von Picks und Lesefoo aus der letzten Woche
---
## Blast from the Past
## Toter der Woche
## Untoter der Woche
## News
## Themen
## Mimimi der Woche
## Lesefoo
## Picks

View File

@ -0,0 +1,52 @@
{ config, lib, pkgs, ... }:
let
filter-file = ./filter.yml;
pkg = with pkgs.python3Packages;buildPythonPackage rec {
version = "d16ce227dc68c9f60f6dd06e6835bab7cdfdf61b";
pname = "ebk-notify";
propagatedBuildInputs = [
docopt
pyyaml
requests
beautifulsoup4
dateutil
feedgen
];
src = pkgs.fetchgit {
url = "http://cgit.euer.krebsco.de/ebk-notify";
rev = version;
sha256 = "15dlhp17alm01fw7mzdyh2z9zwz8psrs489lxs3hgg1p5wa0kzsp";
};
};
domain = "feed.euer.krebsco.de";
path = "/var/www/feed.euer.krebsco.de";
in
{
systemd.tmpfiles.rules = [
"d ${path} nginx nogroup - -"
];
krebs.secret.files.ebknotify = {
path = "/etc/ebk-notify.yml";
owner.name = "nginx";
source-path = "${<secrets/ebk-notify.yml>}";
};
systemd.services.ebk-notify = {
startAt = "*:0/10";
serviceConfig = {
User = "nginx"; # TODO better permission setting
# PrivateTmp = true;
ExecStart = "${pkg}/bin/ebk-notify --atom --outdir ${path} --config /etc/ebk-notify.yml --cache /tmp/ebk-cache.json --filter ${filter-file} --wait 30";
};
};
systemd.timers.ebk-notify.timerConfig.RandomizedDelaySec = "120";
services.nginx = {
virtualHosts."${domain}" = {
forceSSL = true;
enableACME = true;
locations."/" = {
root = path;
index = "root.atom";
};
};
};
}

View File

@ -0,0 +1,44 @@
- name: Free Stuff by Category
zipcode: 70378
distance: 2
categoryId: 192
- name: Kies
zipcode: 70378
q: grobkies
distance: 2
- name: pflanzkübel
zipcode: 70378
q: Pflanzkübel
distance: 3
- name: Ikea Samla
zipcode: 70378
q: samla
distance: 5
- name: Duplo
zipcode: 70378
q: Duplo
distance: 10
- name: Baby Gummistiefel
zipcode: 70378
q: Gummistiefel
distance: 5
- name: Werkbank
zipcode: 70378
q: Werkbank
distance: 5
- name: Stirnthermometer
zipcode: 70378
q: Stirnthermometer
distance: 5
- name: Ohrthermometer
zipcode: 70378
q: Ohrthermometer
distance: 5
- name: Fieberthermometer
zipcode: 70378
q: Fieberthermometer
distance: 5
- name: Einhell
zipcode: 70378
q: Einhell
distance: 5

View File

@ -4,12 +4,14 @@ let
wsgi-sock = "${workdir}/uwsgi-gecloudpad.sock";
workdir = config.services.uwsgi.runDir;
gecloudpad = pkgs.python3Packages.callPackage ./gecloudpad.nix {};
gecloudpad_settings = pkgs.writeText "gecloudpad_settings" ''
BASEURL = "https://etherpad.euer.krebsco.de"
'';
in {
services.uwsgi = {
enable = true;
user = "nginx";
# runDir = "/var/lib/photostore";
plugins = [ "python3" ];
instance = {
type = "emperor";
@ -18,6 +20,7 @@ in {
type = "normal";
pythonPackages = self: with self; [ gecloudpad ];
socket = wsgi-sock;
env = ["GECLOUDPAD_SETTINGS=${gecloudpad_settings}"];
};
};
};

View File

@ -15,6 +15,7 @@ with lib;
let
# TODO: copy-paste from lass/2/websites/util.nix
nextcloud = pkgs.nextcloud18;
serveCloud = domains:
let
domain = head domains;
@ -23,9 +24,9 @@ let
in {
system.activationScripts."prepare-nextcloud-${domain}" = ''
if test ! -e ${root} ;then
echo "copying latest ${pkgs.nextcloud.name} release to ${root}"
echo "copying latest ${nextcloud.name} release to ${root}"
mkdir -p $(dirname "${root}")
cp -r ${pkgs.nextcloud} "${root}"
cp -r ${nextcloud} "${root}"
chown -R nginx:nginx "${root}"
chmod 770 "${root}"
fi

View File

@ -22,7 +22,8 @@ in {
vimrcConfig.vam.knownPlugins = pkgs.vimPlugins // customPlugins;
vimrcConfig.vam.pluginDictionaries = [
{ names = [ "undotree"
"YouCompleteMe" "UltiSnips"
"YouCompleteMe"
#"UltiSnips"
"vim-better-whitespace" ]; }
# vim-nix handles indentation better but does not perform sanity
{ names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; }

View File

@ -18,6 +18,7 @@ let
yacos-backend = {
cgit.desc = "Yet Another Check-Out System";
};
ebk-notify.cgit.desc = "Ebay Kleinanzeigen Notify";
};
krebs-repos = mapAttrs make-krebs-repo {

View File

@ -29,24 +29,21 @@ in
awesome.enable = true;
awesome.noArgb = true;
awesome.luaModules = [ pkgs.luaPackages.vicious ];
default = "awesome";
};
displayManager.auto.enable = true;
displayManager.auto.user = mainUser;
displayManager.defaultSession = lib.mkDefault "none+awesome";
displayManager.lightdm = { enable = true; autoLogin.enable = true; autoLogin.user = mainUser; };
desktopManager.xterm.enable = false;
};
environment.systemPackages = [ pkgs.gnome3.defaultIconTheme ];
# lid switch is handled via button presses
services.logind.lidSwitch = lib.mkDefault "ignore";
makefu.awesome.enable = true;
i18n.consoleFont = "Lat2-Terminus16";
console.font = "Lat2-Terminus16";
fonts = {
enableCoreFonts = true;
enableFontDir = true;
enableGhostscriptFonts = true;
fonts = [ pkgs.terminus_font ];
fonts = [ pkgs.terminus_font pkgs.corefonts ];
};
users.users.${mainUser} = {

View File

@ -10,7 +10,7 @@ in {
serviceConfig = {
SyslogIdentifier = "urxvtd";
ExecReload = "${pkgs.coreutils}/bin/echo NOP";
ExecStart = "${pkgs.rxvt_unicode_with-plugins}/bin/urxvtd";
ExecStart = "${pkgs.rxvt_unicode-with-plugins}/bin/urxvtd";
Restart = "always";
RestartSec = "2s";
StartLimitBurst = 0;

View File

@ -12,16 +12,15 @@
windowManager = lib.mkForce {
awesome.enable = false;
default = "none";
};
desktopManager.xfce = {
extraSessionCommands = ''
enable = true;
};
displayManager.defaultSession = "xfce";
displayManager.sessionCommands = ''
${pkgs.xlibs.xset}/bin/xset -display :0 s off -dpms
${pkgs.xlibs.xrandr}/bin/xrandr --output HDMI2 --right-of HDMI1
'';
enable = true;
};
# xrandrHeads = [ "HDMI1" "HDMI2" ];
# prevent screen from turning off, disable dpms
};

View File

@ -9,11 +9,11 @@
buildPythonPackage rec {
pname = "adb_shell";
version = "0.0.8";
version = "0.1.1";
src = fetchPypi {
inherit pname version;
sha256 = "01f9jinhfyjldg9793gz2i7gcd9xyx0a62r7a5ijssklcnn2rwnm";
sha256 = "0a4mjrnw2lrhsakb1vjb5l6m3cr1ii7fibs7020nwv08cyx6pq6q";
};
propagatedBuildInputs = [

View File

@ -6,11 +6,11 @@
buildPythonPackage rec {
pname = "androidtv";
version = "0.0.34";
version = "0.0.39";
src = fetchPypi {
inherit pname version;
sha256 = "13078i2a9hglpv4ldycph5n5485np21vs6z2qn830hybmx8kfxsw";
sha256 = "06lrjj74g2f3pkhsn3c8h13mkykgqqf4g9q6x5yv23z6ghjnk2dz";
};
propagatedBuildInputs = [

View File

@ -5,11 +5,11 @@
buildPythonPackage rec {
pname = "pure-python-adb";
version = "0.2.3.dev0";
version = "0.2.2.dev0";
src = fetchPypi {
inherit pname version;
sha256 = "88e5a4578435197799aa368fb1a5d87fe43e02a888cb7e85c2ad66173b383c89";
sha256 = "1xigv6c8xyb4g852nr3smz0137rnp81jvlikza071y7rc6pdzwza";
};
meta = with lib; {

View File

@ -14,6 +14,7 @@ let
#flurlicht = import ./multi/flurlicht.nix;
kurzzeitwecker = import ./multi/kurzzeitwecker.nix;
firetv_restart = import ./multi/firetv_restart.nix;
the_playlist = import ./multi/the_playlist.nix;
# switch
# automation
# binary_sensor
@ -34,6 +35,7 @@ in {
];
};
config = {
config = {};
input_select = zigbee.input_select; # dict
timer = zigbee.timer // kurzzeitwecker.timer; # dict
homeassistant = {
@ -49,6 +51,8 @@ in {
logger = {
default = "info";
};
rest_command = {}
// the_playlist.rest_command;
tts = [
{ platform = "google_translate";
language = "de";
@ -131,6 +135,7 @@ in {
# https://www.home-assistant.io/cookbook/automation_for_rainy_days/
]
++ ((import ./sensor/outside.nix) {inherit lib;})
++ the_playlist.sensor
++ zigbee.sensor ;
frontend = { };
# light = flurlicht.light;
@ -140,6 +145,7 @@ in {
++ (import ./automation/firetv_restart.nix)
++ kurzzeitwecker.automation
#++ flurlicht.automation
++ the_playlist.automation
++ zigbee.automation;
script =
{ }

View File

@ -0,0 +1,83 @@
# Inputs:
# binary_sensor.playlist_button_good
# binary_sensor.playlist_button_bad
# outputs
# rest_command
# automation
# sensor
{
rest_command = {
good_song = {
url = "http://prism.r:8001/good";
method = "POST";
};
bad_song = {
url = "http://prism.r:8001/skip";
method = "POST";
};
};
automation = [
{
alias = "playlist song publish";
trigger = {
#platform = "event";
#event_data.entity_id = "sensor.the_playlist_song";
platform = "state";
entity_id = "sensor.the_playlist_song";
};
action = {
service = "mqtt.publish";
data = {
topic = "/ham/the_playlist/song";
payload_template = "{{ states.sensor.the_playlist_song.state }}";
};
};
}
{
alias = "playlist upvote on button";
trigger = {
platform = "state";
entity_id = "binary_sensor.playlist_button_good";
from = "off";
to = "on";
};
action.service = "rest_command.good_song";
}
{
alias = "playlist downvote on button";
trigger = {
platform = "state";
entity_id = "binary_sensor.playlist_button_bad";
from = "off";
to = "on";
};
action.service = "rest_command.bad_song";
}
];
sensor = [
{ platform = "rest";
name = "pl";
resource = "http://prism.r:8001/current";
scan_interval = 30;
value_template = "1";
json_attributes = [ "name" "filename" "youtube" ];
}
{ platform = "template";
sensors = {
the_playlist_song = {
friendly_name = "Current Song";
value_template = ''{{ states.sensor.pl.attributes['name'] }}'';
};
the_playlist_url = {
friendly_name = "Song Youtube URL";
value_template = ''{{ states.sensor.pl.attributes['youtube'] }}'';
};
the_playlist_filename = {
friendly_name = "Song Filename";
value_template = ''{{ states.sensor.pl.attributes['filename'] }}'';
};
};
}
];
}

View File

@ -17,4 +17,5 @@
volumes = ["/var/lib/zigbee2mqtt:/app/data"];
};
state = [ "/var/lib/zigbee2mqtt/configuration.yaml" "/var/lib/zigbee2mqtt/state.json" ];
systemd.services.docker-zigbee2mqtt.after = [ "home-assistant.service" "docker.service" "network-online.target" ];
}

View File

@ -1,15 +1,6 @@
{pkgs, ... }: {
imports = [ ./zsh.nix ];
home-manager.users.makefu = {
services.gpg-agent = {
enable = true;
defaultCacheTtl = 900;
maxCacheTtl = 7200;
defaultCacheTtlSsh = 3600;
maxCacheTtlSsh = 86400;
enableSshSupport = true;
enableScDaemon = true;
};
programs.direnv = {
stdlib = ''
use_nix() {

View File

@ -7,7 +7,6 @@
programs.browserpass = { browsers = [ "firefox" ] ; enable = true; };
programs.firefox = {
enable = true;
enableIcedTea = true;
};
programs.obs-studio.enable = true;
xdg.enable = true;

View File

@ -1,5 +1,12 @@
{ pkgs, ... }:
{
programs = {
ssh.startAgent = false;
gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
};
imports = [
{ #direnv
home-manager.users.makefu.home.packages = [ pkgs.direnv pkgs.nur.repos.kalbasit.nixify ];
@ -8,7 +15,8 @@
{ # bat
home-manager.users.makefu.home.packages = [ pkgs.bat ];
home-manager.users.makefu.programs.zsh.shellAliases = {
cat = "bat";
cat = "bat --style=header,snip";
mirage = "sxiv"; # only available when tools/extra-gui is in use
catn = "${pkgs.coreutils}/bin/cat";
ncat = "${pkgs.coreutils}/bin/cat";
};
@ -53,8 +61,6 @@
setopt HIST_IGNORE_SPACE
setopt HIST_FIND_NO_DUPS
unset SSH_AGENT_PID
export SSH_AUTH_SOCK="/run/user/$UID/gnupg/S.gpg-agent.ssh"
compdef _pass brain
zstyle ':completion::complete:brain::' prefix "$HOME/brain"
compdef _pass secrets

View File

@ -33,11 +33,7 @@
hardware.bluetooth = {
enable = true;
powerOnBoot = false;
extraConfig = ''
[general]
Enable=Source,Sink,Media,Socket
'';
config.general.Enable = "Source,Sink,Media,Socket";
};
services.dbus.packages = [ pkgs.blueman ];
}

View File

@ -0,0 +1,8 @@
{ networking.enableIPv6 = false;
boot.kernel.sysctl = {
"net.ipv6.conf.all.disable_ipv6" = 1;
"net.ipv6.conf.default.disable_ipv6" = 1;
"net.ipv6.conf.lo.disable_ipv6" = 1;
};
boot.kernelParams = [ "ipv6.disable=1" ];
}

View File

@ -69,9 +69,9 @@
# the only locale you will ever need
i18n = {
consoleKeyMap = "us";
defaultLocale = "en_US.UTF-8";
};
console.keyMap = "us";
# suppress chrome autit event messages
security.audit.rules = [ "-a task,never" ];

View File

@ -1,8 +1,8 @@
{ pkgs, ... }:{
nixpkgs.config.packageOverrides = pkgs: {
nur = import (builtins.fetchTarball {
url = "https://github.com/nix-community/NUR/archive/7bfd0117b359d0f72d086ff7e1f0ba3aeaf8d91e.tar.gz";
sha256 = "0gb2np1r2m9kkz1s374gxdqrwhkzx48iircy00y6mjr7h14rhyxk";
url = "https://github.com/nix-community/NUR/archive/b7f7e072b3fa56aa0d86dfe3689cb13f0615bbbe.tar.gz";
sha256 = "0slxxg3r460aa1rc83j0rklmr0i1hyzfbjy0kn30fyh1l3lqb22m";
}
){
inherit pkgs;

Some files were not shown because too many files have changed in this diff Show More