From 2e8dd5027bb71f1a329f63e2035f24647843c67e Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 18 Mar 2018 20:37:48 +0100 Subject: [PATCH 1/9] ma bluetooth-mpd: make abstract --- makefu/1systems/omo/config.nix | 8 +++- makefu/1systems/wbob/config.nix | 61 +------------------------ makefu/2configs/bluetooth-mpd.nix | 74 +++++++++++++++++++++++++++++++ 3 files changed, 82 insertions(+), 61 deletions(-) create mode 100644 makefu/2configs/bluetooth-mpd.nix diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix index 01438397e..c31d27c8f 100644 --- a/makefu/1systems/omo/config.nix +++ b/makefu/1systems/omo/config.nix @@ -9,7 +9,7 @@ let keyFile = byid "usb-Verbatim_STORE_N_GO_070B3CEE0B223954-0:0"; rootDisk = byid "ata-SanDisk_SD8SNAT128G1122_162099420904"; rootPartition = byid "ata-SanDisk_SD8SNAT128G1122_162099420904-part2"; - primaryInterface = "enp1s0"; + primaryInterface = "enp2s0"; # cryptsetup luksFormat $dev --cipher aes-xts-plain64 -s 512 -h sha512 # cryptsetup luksAddKey $dev tmpkey # cryptsetup luksOpen $dev crypt0 --key-file tmpkey --keyfile-size=4096 @@ -54,6 +54,7 @@ in { # # + # @@ -72,6 +73,11 @@ in { + + { + hardware.pulseaudio.systemWide = true; + makefu.mpd.musicDirectory = "/media/cryptX/music"; + } # security diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix index 637d8e2d8..cfbcf0e9c 100644 --- a/makefu/1systems/wbob/config.nix +++ b/makefu/1systems/wbob/config.nix @@ -32,66 +32,7 @@ in { - (let - musicDirectory = "/data/music"; - in { - services.mpd = { - enable = true; - inherit musicDirectory; - # dataDir = "/home/anders/.mpd"; - network.listenAddress = "any"; - extraConfig = '' - audio_output { - type "pulse" - name "Local MPD" - server "127.0.0.1" - } - ''; - }; - # open because of truestedInterfaces - # networking.firewall.allowedTCPPorts = [ 6600 4713 ]; - services.samba.shares.music = { - path = musicDirectory; - "read only" = "no"; - browseable = "yes"; - "guest ok" = "yes"; - }; - - sound.enable = true; - hardware.pulseaudio = { - enable = true; - package = pkgs.pulseaudioFull; - # systemWide = true; - support32Bit = true; - zeroconf.discovery.enable = true; - zeroconf.publish.enable = true; - tcp = { - enable = true; - anonymousClients.allowAll = true; - anonymousClients.allowedIpRanges = [ "127.0.0.1" "192.168.8.0/24" ]; - }; - configFile = pkgs.writeText "default.pa" '' - load-module module-udev-detect - load-module module-bluetooth-policy - load-module module-bluetooth-discover - load-module module-native-protocol-unix - load-module module-always-sink - load-module module-console-kit - load-module module-systemd-login - load-module module-intended-roles - load-module module-position-event-sounds - load-module module-filter-heuristics - load-module module-filter-apply - load-module module-native-protocol-tcp auth-ip-acl=127.0.0.1 - load-module module-switch-on-connect - # may be required for "system-wide" pulse to connect to bluetooth - #module-bluez5-device - #module-bluez5-discover - ''; - }; - # connect via https://nixos.wiki/wiki/Bluetooth#Using_Bluetooth_headsets_with_PulseAudio - hardware.bluetooth.enable = true; - }) + # Sensors diff --git a/makefu/2configs/bluetooth-mpd.nix b/makefu/2configs/bluetooth-mpd.nix new file mode 100644 index 000000000..f7fa999ca --- /dev/null +++ b/makefu/2configs/bluetooth-mpd.nix @@ -0,0 +1,74 @@ +{ pkgs, config, lib, ... }: + +let + cfg = config.makefu.mpd; +in { + options.makefu.mpd.musicDirectory = lib.mkOption { + description = "music Directory"; + default = "/data/music"; + type = lib.types.str; + }; + config = { + services.mpd = { + enable = true; + inherit (cfg) musicDirectory; + network.listenAddress = "0.0.0.0"; + extraConfig = '' + audio_output { + type "pulse" + name "Local MPD" + server "127.0.0.1" + } + ''; + }; + # open because of truestedInterfaces + # networking.firewall.allowedTCPPorts = [ 6600 4713 ]; + services.samba.shares.music = { + path = cfg.musicDirectory; + "read only" = "no"; + browseable = "yes"; + "guest ok" = "yes"; + }; + + sound.enable = true; + hardware.pulseaudio = { + enable = true; + package = pkgs.pulseaudioFull; + # systemWide = true; + support32Bit = true; + zeroconf.discovery.enable = true; + zeroconf.publish.enable = true; + tcp = { + enable = true; + # PULSE_SERVER=192.168.1.11 pavucontrol + anonymousClients.allowAll = true; + # anonymousClients.allowedIpRanges = [ "127.0.0.1" ]; + }; + configFile = pkgs.writeText "default.pa" '' + load-module module-udev-detect + load-module module-bluetooth-policy + load-module module-bluetooth-discover + load-module module-native-protocol-unix + load-module module-always-sink + load-module module-console-kit + load-module module-systemd-login + load-module module-intended-roles + load-module module-position-event-sounds + load-module module-filter-heuristics + load-module module-filter-apply + # will be enabled by pulseaudio.tcp.enable + # load-module module-native-protocol-tcp auth-ip-acl=127.0.0.1 + load-module module-switch-on-connect + # may be required for "system-wide" pulse to connect to bluetooth + #module-bluez5-device + #module-bluez5-discover + ''; + }; + # connect via https://nixos.wiki/wiki/Bluetooth#Using_Bluetooth_headsets_with_PulseAudio + hardware.bluetooth.enable = true; + #hardware.bluetooth.extraConfig = '' + # [general] + # Enable=Source,Sink,Media,Socket + #''; + }; +} From 78486827c3ed1e7d5777a41d2b6798a9b61ae8d4 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 18 Mar 2018 20:38:48 +0100 Subject: [PATCH 2/9] ma bluetooth-mpd: remove obsolete comments --- makefu/2configs/bluetooth-mpd.nix | 6 ------ 1 file changed, 6 deletions(-) diff --git a/makefu/2configs/bluetooth-mpd.nix b/makefu/2configs/bluetooth-mpd.nix index f7fa999ca..226f5cf1f 100644 --- a/makefu/2configs/bluetooth-mpd.nix +++ b/makefu/2configs/bluetooth-mpd.nix @@ -42,7 +42,6 @@ in { enable = true; # PULSE_SERVER=192.168.1.11 pavucontrol anonymousClients.allowAll = true; - # anonymousClients.allowedIpRanges = [ "127.0.0.1" ]; }; configFile = pkgs.writeText "default.pa" '' load-module module-udev-detect @@ -56,12 +55,7 @@ in { load-module module-position-event-sounds load-module module-filter-heuristics load-module module-filter-apply - # will be enabled by pulseaudio.tcp.enable - # load-module module-native-protocol-tcp auth-ip-acl=127.0.0.1 load-module module-switch-on-connect - # may be required for "system-wide" pulse to connect to bluetooth - #module-bluez5-device - #module-bluez5-discover ''; }; # connect via https://nixos.wiki/wiki/Bluetooth#Using_Bluetooth_headsets_with_PulseAudio From 9b3d1c8b31006d92590e4f8e78fd5662d8ed390b Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 23 Mar 2018 10:28:33 +0100 Subject: [PATCH 3/9] ma nginx/wiki: index to makefu.html --- makefu/2configs/nginx/euer.wiki.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/makefu/2configs/nginx/euer.wiki.nix b/makefu/2configs/nginx/euer.wiki.nix index 08bc5659f..99533b25c 100644 --- a/makefu/2configs/nginx/euer.wiki.nix +++ b/makefu/2configs/nginx/euer.wiki.nix @@ -17,6 +17,7 @@ let # contains: # user1 = pass1 # userN = passN + # afterwards put /var/www//user1.html as tiddlywiki tw-pass-file = "${sec}/tw-pass.ini"; in { @@ -45,7 +46,7 @@ in { systemd.services.prepare-tw = { wantedBy = [ "local-fs.target" ]; - before = [ "phpfpm.service" ]; + before = [ "phpfpm.service" "nginx.service" ]; serviceConfig = { ExecStart = pkgs.writeScript "prepare-tw-service" '' #!/bin/sh @@ -92,6 +93,7 @@ in { locations = { "/" = { root = wiki-dir; + index = "makefu.html"; extraConfig = '' expires -1; autoindex on; From 99cc82a53b9f51752b684c081d0aa6b49504516a Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 26 Mar 2018 11:12:38 +0200 Subject: [PATCH 4/9] ma source: new signal-desktop --- makefu/source.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/makefu/source.nix b/makefu/source.nix index 6b32a1b40..d25fe5528 100644 --- a/makefu/source.nix +++ b/makefu/source.nix @@ -21,9 +21,9 @@ let ]; }; # TODO: automate updating of this ref + cherry-picks - ref = "6b6e72b"; # nixos-17.09 @ 2018-03-07 + ref = "6583793"; # nixos-17.09 @ 2018-03-07 # + do_sqlite3 ruby: 55a952be5b5 - # + signal: 0f19beef3 + # + signal: 0f19beef3, 50ad913, 9449782, b7046ab2 in evalSource (toString _file) [ From d82c2f228b7179319cdea4d16a59fa553f249505 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 28 Mar 2018 11:06:40 +0200 Subject: [PATCH 5/9] ma gum.r: disable vpnws --- makefu/1systems/gum/config.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index b859efc94..40fa233d3 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -52,7 +52,7 @@ in { # network - + # From 650090bb3541e2b3ffd15af241481afb120e3522 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 28 Mar 2018 11:07:22 +0200 Subject: [PATCH 6/9] ma photostore: expire -1 --- makefu/2configs/deployment/photostore.krebsco.de.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/makefu/2configs/deployment/photostore.krebsco.de.nix b/makefu/2configs/deployment/photostore.krebsco.de.nix index ecbca9ea3..19a8df235 100644 --- a/makefu/2configs/deployment/photostore.krebsco.de.nix +++ b/makefu/2configs/deployment/photostore.krebsco.de.nix @@ -30,6 +30,7 @@ in { forceSSL = true; locations = { "/".extraConfig = '' + expires -1; uwsgi_pass unix://${wsgi-sock}; uwsgi_param UWSGI_CHDIR ${workdir}; uwsgi_param UWSGI_MODULE cuserver.main; From ba31c34013519b26883faf8321df11298b37085f Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 28 Mar 2018 11:07:35 +0200 Subject: [PATCH 7/9] ma arafetch: init --- makefu/2configs/stats/arafetch.nix | 36 ++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 makefu/2configs/stats/arafetch.nix diff --git a/makefu/2configs/stats/arafetch.nix b/makefu/2configs/stats/arafetch.nix new file mode 100644 index 000000000..e04b12f9c --- /dev/null +++ b/makefu/2configs/stats/arafetch.nix @@ -0,0 +1,36 @@ +{ pkgs, lib, ...}: +with import ; +let + pkg = with pkgs.python3Packages;buildPythonPackage rec { + rev = "762d747"; + name = "europastats-${rev}"; + propagatedBuildInputs = [ + requests + docopt + influxdb + beautifulsoup4 + ]; + src = pkgs.fetchgit { + url = "http://cgit.euer.krebsco.de/arafetch"; + inherit rev; + sha256 = "164xiqbrr914lz0nh3i1dxz8iwg6vm2af3i3803cd3242nznw0ws"; + }; + }; + home = "/var/lib/arafetch"; +in { + users.users.arafetch = { + uid = genid "arafetch"; + inherit home; + createHome = true; + }; + + systemd.services.arafetch = { + startAt = "Mon 09:15:00"; + wantedBy = [ "multi-user.target" ]; + environment = { + OUTDIR = home; + }; + path = [ pkg pkgs.git pkgs.wget ]; + script = "${pkg}/bin/weekrun"; + }; +} From fc774f31fb0cdbc49f60d33d800e66ced3786b2c Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 28 Mar 2018 11:07:48 +0200 Subject: [PATCH 8/9] ma omo.r: enable arafetch --- makefu/1systems/omo/config.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix index c31d27c8f..bed6ae9fd 100644 --- a/makefu/1systems/omo/config.nix +++ b/makefu/1systems/omo/config.nix @@ -66,6 +66,7 @@ in { + # services From 10bcf2db927692818a948c755fdfbf961a2ac3d7 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 29 Mar 2018 11:15:13 +0200 Subject: [PATCH 9/9] buildbot: bump to 0.8.15 --- krebs/5pkgs/simple/buildbot-classic/default.nix | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/krebs/5pkgs/simple/buildbot-classic/default.nix b/krebs/5pkgs/simple/buildbot-classic/default.nix index 9eeccee64..77ba0342d 100644 --- a/krebs/5pkgs/simple/buildbot-classic/default.nix +++ b/krebs/5pkgs/simple/buildbot-classic/default.nix @@ -2,16 +2,15 @@ python2Packages.buildPythonApplication rec { name = "buildbot-classic-${version}"; - version = "0.8.14"; + version = "0.8.15"; namePrefix = ""; patches = []; src = fetchFromGitHub { owner = "krebscode"; repo = "buildbot-classic"; - # rev = "v${version}"; - rev = "843463911"; - sha256 = "1ybl52ybjw5p09yik6bck9i1pvnvg94i0d32zqrwy67s77yx1mfd"; + rev = version; + sha256 = "0hmmpqxs1i3nvwj9681yi0q3qz0xdcbbm0774lkn1ic5fg3c68fm"; }; postUnpack = "sourceRoot=\${sourceRoot}/master";