l green.r: add weechat auto mode
This commit is contained in:
parent
93c0c1c017
commit
3736bbf091
@ -11,79 +11,48 @@ with import <stockholm/lib>;
|
|||||||
<stockholm/lass/2configs/syncthing.nix>
|
<stockholm/lass/2configs/syncthing.nix>
|
||||||
<stockholm/lass/2configs/sync/sync.nix>
|
<stockholm/lass/2configs/sync/sync.nix>
|
||||||
<stockholm/lass/2configs/sync/decsync.nix>
|
<stockholm/lass/2configs/sync/decsync.nix>
|
||||||
<stockholm/lass/2configs/sync/weechat.nix>
|
|
||||||
|
|
||||||
|
<stockholm/lass/2configs/weechat.nix>
|
||||||
<stockholm/lass/2configs/bitlbee.nix>
|
<stockholm/lass/2configs/bitlbee.nix>
|
||||||
<stockholm/lass/2configs/IM.nix>
|
|
||||||
<stockholm/lass/2configs/muchsync.nix>
|
<stockholm/lass/2configs/muchsync.nix>
|
||||||
<stockholm/lass/2configs/pass.nix>
|
<stockholm/lass/2configs/pass.nix>
|
||||||
|
|
||||||
<stockholm/lass/2configs/git-brain.nix>
|
<stockholm/lass/2configs/git-brain.nix>
|
||||||
|
<stockholm/lass/2configs/et-server.nix>
|
||||||
|
<stockholm/lass/2configs/consul.nix>
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.green;
|
krebs.build.host = config.krebs.hosts.green;
|
||||||
|
|
||||||
|
lass.sync-containers3.inContainer = {
|
||||||
|
enable = true;
|
||||||
|
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFlUMf943qEQG64ob81p6dgoHq4jUjq7tSvmSdEOEU2y";
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.tmpfiles.rules = [
|
||||||
|
"d /var/state/lass_mail 0700 lass users -"
|
||||||
|
"L+ /home/lass/Maildir - - - - ../../var/state/lass_mail"
|
||||||
|
"d /home/lass/notmuch 0700 lass users -"
|
||||||
|
"L+ /var/state/lass_mail/.notmuch - - - - /home/lass/notmuch"
|
||||||
|
|
||||||
|
"d /var/state/lass_ssh 0700 lass users -"
|
||||||
|
"L+ /home/lass/.ssh - - - - ../../var/state/lass_ssh"
|
||||||
|
"d /var/state/lass_gpg 0700 lass users -"
|
||||||
|
"L+ /home/lass/.gnupg - - - - ../../var/state/lass_gpg"
|
||||||
|
"d /var/state/lass_sync 0700 lass users -"
|
||||||
|
"L+ /home/lass/sync - - - - ../../var/state/lass_sync"
|
||||||
|
|
||||||
|
"d /var/state/git 0700 git nogroup -"
|
||||||
|
"L+ /var/lib/git - - - - ../../var/state/git"
|
||||||
|
];
|
||||||
|
|
||||||
users.users.mainUser.openssh.authorizedKeys.keys = [
|
users.users.mainUser.openssh.authorizedKeys.keys = [
|
||||||
config.krebs.users.lass-android.pubkey
|
config.krebs.users.lass-android.pubkey
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK0rn3003CkJMk3jZrh/3MC6nVorHRymlFSI4x1brCKY" # weechat ssh tunnel
|
config.krebs.users.lass-tablet.pubkey
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKgpZwye6yavIs3gUIYvSi70spDa0apL2yHR0ASW74z8" # weechat ssh tunnel
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.bindfs = {
|
|
||||||
"/home/lass/.weechat" = {
|
|
||||||
source = "/var/state/lass_weechat";
|
|
||||||
options = [
|
|
||||||
"-M ${concatMapStringsSep ":" (u: toString config.users.users.${u}.uid) [ "syncthing" "mainUser" ]}"
|
|
||||||
"--create-for-user=${toString config.users.users.syncthing.uid}"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
"/home/lass/Maildir" = {
|
|
||||||
source = "/var/state/lass_mail";
|
|
||||||
options = [
|
|
||||||
"-M ${toString config.users.users.mainUser.uid}"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
"/var/lib/bitlbee" = {
|
|
||||||
source = "/var/state/bitlbee";
|
|
||||||
options = [
|
|
||||||
"-M ${toString config.users.users.bitlbee.uid}"
|
|
||||||
];
|
|
||||||
clearTarget = true;
|
|
||||||
};
|
|
||||||
"/home/lass/.ssh" = {
|
|
||||||
source = "/var/state/lass_ssh";
|
|
||||||
options = [
|
|
||||||
"-M ${toString config.users.users.mainUser.uid}"
|
|
||||||
];
|
|
||||||
clearTarget = true;
|
|
||||||
};
|
|
||||||
"/home/lass/.gnupg" = {
|
|
||||||
source = "/var/state/lass_gnupg";
|
|
||||||
options = [
|
|
||||||
"-M ${toString config.users.users.mainUser.uid}"
|
|
||||||
];
|
|
||||||
clearTarget = true;
|
|
||||||
};
|
|
||||||
"/var/lib/git" = {
|
|
||||||
source = "/var/state/git";
|
|
||||||
options = [
|
|
||||||
"-M ${toString config.users.users.git.uid}"
|
|
||||||
];
|
|
||||||
clearTarget = true;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
systemd.services."bindfs-_home_lass_Maildir".serviceConfig.ExecStartPost = pkgs.writeDash "symlink-notmuch" ''
|
|
||||||
sleep 1
|
|
||||||
mkdir -p /home/lass/notmuch
|
|
||||||
chown lass: /home/lass/notmuch
|
|
||||||
ln -sfTr /home/lass/notmuch /home/lass/Maildir/.notmuch
|
|
||||||
|
|
||||||
mkdir -p /home/lass/notmuch/muchsync
|
|
||||||
chown lass: /home/lass/notmuch/muchsync
|
|
||||||
mkdir -p /home/lass/Maildir/.muchsync
|
|
||||||
ln -sfTr /home/lass/Maildir/.muchsync /home/lass/notmuch/muchsync/tmp
|
|
||||||
'';
|
|
||||||
|
|
||||||
krebs.iptables.tables.nat.PREROUTING.rules = [
|
krebs.iptables.tables.nat.PREROUTING.rules = [
|
||||||
{ predicate = "-i eth0 -p tcp -m tcp --dport 22"; target = "ACCEPT"; precedence = 101; }
|
{ predicate = "-i eth0 -p tcp -m tcp --dport 22"; target = "ACCEPT"; precedence = 101; }
|
||||||
];
|
];
|
||||||
@ -93,4 +62,11 @@ with import <stockholm/lib>;
|
|||||||
HostKeyAlgorithms +ssh-rsa
|
HostKeyAlgorithms +ssh-rsa
|
||||||
PubkeyAcceptedAlgorithms +ssh-rsa
|
PubkeyAcceptedAlgorithms +ssh-rsa
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
services.dovecot2 = {
|
||||||
|
enable = true;
|
||||||
|
mailLocation = "maildir:~/Maildir";
|
||||||
|
};
|
||||||
|
|
||||||
|
networking.firewall.allowedTCPPorts = [ 143 ];
|
||||||
}
|
}
|
||||||
|
7
lass/2configs/et-server.nix
Normal file
7
lass/2configs/et-server.nix
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
{
|
||||||
|
services.eternal-terminal = {
|
||||||
|
enable = true;
|
||||||
|
};
|
||||||
|
networking.firewall.allowedTCPPorts = [ config.services.eternal-terminal.port ];
|
||||||
|
}
|
221
lass/2configs/weechat.nix
Normal file
221
lass/2configs/weechat.nix
Normal file
@ -0,0 +1,221 @@
|
|||||||
|
{ config, lib, pkgs, ... }: let
|
||||||
|
|
||||||
|
weechat-configured = pkgs.weechat-declarative.override {
|
||||||
|
config = {
|
||||||
|
scripts = [
|
||||||
|
pkgs.weechat-matrix
|
||||||
|
pkgs.weechatScripts.wee-slack
|
||||||
|
];
|
||||||
|
settings = {
|
||||||
|
irc.server_default.nicks = [ "lassulus" "hackulus" ];
|
||||||
|
irc.server.bitlbee = {
|
||||||
|
addresses = "localhost/6666";
|
||||||
|
command = "msg &bitlbee identify \${sec.data.bitlbee}";
|
||||||
|
};
|
||||||
|
irc.server.hackint = {
|
||||||
|
addresses = "irc.hackint.org/6697";
|
||||||
|
autojoin = [
|
||||||
|
"#c3-gsm"
|
||||||
|
"#panthermoderns"
|
||||||
|
"#36c3"
|
||||||
|
"#cccac"
|
||||||
|
"#nixos"
|
||||||
|
"#krebs"
|
||||||
|
"#c-base"
|
||||||
|
"#afra"
|
||||||
|
"#tvl"
|
||||||
|
"#eloop"
|
||||||
|
"#systemdultras"
|
||||||
|
"#rc3"
|
||||||
|
"#krebs-announce"
|
||||||
|
"#the_playlist"
|
||||||
|
"#germany"
|
||||||
|
"#hackint"
|
||||||
|
"#dezentrale"
|
||||||
|
"#hackerfleet \${sec.data.c3-gsm}" # TODO support channel passwords in a cooler way
|
||||||
|
];
|
||||||
|
ssl = true;
|
||||||
|
sasl_fail = "reconnect";
|
||||||
|
sasl_username = "lassulus";
|
||||||
|
sasl_password = "\${sec.data.hackint_sasl}";
|
||||||
|
};
|
||||||
|
irc.server.r = {
|
||||||
|
addresses = "irc.r";
|
||||||
|
autojoin = [
|
||||||
|
"#xxx"
|
||||||
|
"#autowifi"
|
||||||
|
"#brockman"
|
||||||
|
"#flix"
|
||||||
|
"#kollkoll"
|
||||||
|
"#noise"
|
||||||
|
"#mukke"
|
||||||
|
];
|
||||||
|
sasl_fail = "reconnect";
|
||||||
|
sasl_username = "lassulus";
|
||||||
|
sasl_password = "\${sec.data.r_sasl}";
|
||||||
|
anti_flood_prio_high = 0;
|
||||||
|
anti_flood_prio_low = 0;
|
||||||
|
};
|
||||||
|
irc.server.libera = {
|
||||||
|
addresses = "irc.libera.chat/6697";
|
||||||
|
autojoin = [
|
||||||
|
"#shackspace"
|
||||||
|
"#nixos"
|
||||||
|
"#krebs"
|
||||||
|
"#dezentrale"
|
||||||
|
"#tinc"
|
||||||
|
"#nixos-de"
|
||||||
|
"#fysi"
|
||||||
|
"#hillhacks"
|
||||||
|
"#nixos-rc3"
|
||||||
|
"#binaergewitter"
|
||||||
|
"#hackerfleet"
|
||||||
|
"#weechat"
|
||||||
|
];
|
||||||
|
ssl = true;
|
||||||
|
sasl_username = "lassulus";
|
||||||
|
sasl_fail = "reconnect";
|
||||||
|
sasl_password = "\${sec.data.libera_sasl}";
|
||||||
|
};
|
||||||
|
irc.server.news = {
|
||||||
|
addresses = "news.r";
|
||||||
|
autojoin = [
|
||||||
|
"#all"
|
||||||
|
"#aluhut"
|
||||||
|
"#querdenkos"
|
||||||
|
"#news"
|
||||||
|
"#drachengame"
|
||||||
|
];
|
||||||
|
anti_flood_prio_high = 0;
|
||||||
|
anti_flood_prio_low = 0;
|
||||||
|
};
|
||||||
|
matrix.server.lassulus = {
|
||||||
|
address = "matrix.lassul.us";
|
||||||
|
username = "lassulus";
|
||||||
|
password = "\${sec.data.matrix_lassulus}";
|
||||||
|
device_name = config.networking.hostName;
|
||||||
|
};
|
||||||
|
matrix.server.nixos_dev = {
|
||||||
|
address = "matrix.nixos.dev";
|
||||||
|
username = "@lassulus:nixos.dev";
|
||||||
|
device_name = config.networking.hostName;
|
||||||
|
sso_helper_listening_port = 55123;
|
||||||
|
};
|
||||||
|
plugins.var.python.go.short_name = true;
|
||||||
|
plugins.var.python.go.short_name_server = true;
|
||||||
|
plugins.var.python.go.fuzzy_search = true;
|
||||||
|
relay.network.password = "xxx"; # secret?
|
||||||
|
relay.port.weechat = 9998;
|
||||||
|
relay.weechat.commands = "*,!exec,!quit";
|
||||||
|
weechat.look.buffer_time_format = "%m-%d_%H:%M:%S";
|
||||||
|
weechat.look.item_time_format = "%m-%d_%H:%M:%S";
|
||||||
|
irc.look.color_nicks_in_names = true;
|
||||||
|
irc.look.color_nicks_in_nicklist = true;
|
||||||
|
logger.file.mask = "$plugin.$name/%Y-%m-%d.weechatlog";
|
||||||
|
logger.file.path = "/var/state/weechat_logs";
|
||||||
|
logger.look.backlog = 1000;
|
||||||
|
weechat.notify.python.matrix.nixos_dev."!YLoVsCxScyQODoqIbb:hackint.org" = "none"; #c-base
|
||||||
|
weechat.notify.python.matrix.nixos_dev."!bohcSYPVoePqBDWlvE:hackint.org" = "none"; #krebs
|
||||||
|
weechat.notify.irc.news."#all" = "highlight";
|
||||||
|
|
||||||
|
# setting logger levels for channels is currently not possible declarativly
|
||||||
|
# because of already defined
|
||||||
|
logger.level.core.weechat = 0;
|
||||||
|
logger.level.irc = 3;
|
||||||
|
logger.level.python = 3;
|
||||||
|
weechat.bar.title.color_bg = 0;
|
||||||
|
weechat.bar.status.color_bg = 0;
|
||||||
|
alias.cmd.reload = "exec -oc cat /etc/weechat.set";
|
||||||
|
script.scripts.download_enabled = true;
|
||||||
|
weechat.look.prefix_align = "left";
|
||||||
|
weechat.look.prefix_align_max = 20;
|
||||||
|
irc.look.server_buffer = "independent";
|
||||||
|
matrix.look.server_buffer = "independent";
|
||||||
|
weechat.bar.buflist.size_max = 20;
|
||||||
|
weechat.color.chat_nick_colors = [
|
||||||
|
1 2 3 4 5 6 9
|
||||||
|
10 11 12 13 14
|
||||||
|
28 29
|
||||||
|
30 31 32 33 34 35 36 37 38 39
|
||||||
|
70
|
||||||
|
94
|
||||||
|
101 102 103 104 105 106 107
|
||||||
|
130 131 133 134 135 136 137
|
||||||
|
140 141 142 143
|
||||||
|
160 161 162 163 165 166 167 168 169
|
||||||
|
170 171 172 173 174 175
|
||||||
|
196 197 198 199
|
||||||
|
200 201 202 203 204 205 206 208 209 209
|
||||||
|
210 211 212
|
||||||
|
];
|
||||||
|
};
|
||||||
|
extraCommands = ''
|
||||||
|
/script upgrade
|
||||||
|
/script install go.py
|
||||||
|
/script install nickregain.pl
|
||||||
|
/script install autosort.py
|
||||||
|
/key bind meta-q /go
|
||||||
|
/key bind meta-t /bar toggle nicklist
|
||||||
|
/key bind meta-y /bar toggle buflist
|
||||||
|
/filter addreplace irc_smart * irc_smart_filter *
|
||||||
|
/filter addreplace playlist_topic irc.*.#the_playlist irc_topic *
|
||||||
|
/filter addreplace xxx_joinpart irc.r.#xxx irc_join,irc_part,irc_quit *
|
||||||
|
/set logger.level.irc.news 0
|
||||||
|
/set logger.level.python.server.nixos_dev = 0;
|
||||||
|
/set logger.level.irc.hackint.#the_playlist = 0;
|
||||||
|
/connect bitlbee
|
||||||
|
/connect r
|
||||||
|
/connect news
|
||||||
|
/connect libera
|
||||||
|
/connect hackint
|
||||||
|
/matrix connect nixos_dev
|
||||||
|
/matrix connect lassulus
|
||||||
|
'';
|
||||||
|
files."sec.conf" = toString (pkgs.writeText "sec.conf" ''
|
||||||
|
[crypt]
|
||||||
|
cipher = aes256
|
||||||
|
hash_algo = sha256
|
||||||
|
passphrase_command = "cat $CREDENTIALS_DIRECTORY/WEECHAT_PASSPHRASE"
|
||||||
|
salt = on
|
||||||
|
|
||||||
|
[data]
|
||||||
|
__passphrase__ = on
|
||||||
|
hackint_sasl = "5CA242E92E7A09B180711B50C4AE2E65C42934EB4E584EC82BC1281D8C72CD411D590C16CC435687C0DA13759873CC"
|
||||||
|
libera_sasl = "9500B5AC3B29F9CAA273F1B89DC99550E038AF95C4B47442B1FB4CB9F0D6B86B26015988AD39E642CA9C4A78DED7F42D1F409B268C93E778"
|
||||||
|
r_sasl = "CB6FB1421ED5A9094CD2C05462DB1FA87C4A675628ABD9AEC9928A1A6F3F96C07D9F26472331BAF80B7B73270680EB1BBEFD"
|
||||||
|
c3-gsm = "C49DD845900CFDFA93EEBCE4F1ABF4A963EF6082B7DA6410FA701CC77A04BB6C201FCB864988C4F2B97ED7D44D5A28F162"
|
||||||
|
matrix.server.nixos_dev.access_token = "C40FE41B9B7B73553D51D8FCBD53871E940FE7FCCAB543E7F4720A924B8E1D58E2B1E1F460F5476C954A223F78CCB956337F6529159C0ECD7CB0384C13CB7170FF1270A577B1C4FF744D20FCF5C708259896F8D9"
|
||||||
|
bitlbee = "814ECAC59D9CF6E8340B566563E5D7E92AB92209B49C1EDE4CAAC32DD0DF1EC511D97C75E840C45D69BB9E3D03E79C"
|
||||||
|
matrix_lassulus = "0CA5C0F70A9F893881370F4A665B4CC40FBB1A41E53BC94916CD92B029103528611EC0B390116BE60FA79AE10F486E96E17B0824BE2DE1C97D87B88F5407330DAD70C044147533C36B09B7030CAD97"
|
||||||
|
'');
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
in {
|
||||||
|
users.users.mainUser.packages = [
|
||||||
|
weechat-configured
|
||||||
|
];
|
||||||
|
environment.etc."weechat.set".source = "${weechat-configured}/weechat.set";
|
||||||
|
systemd.tmpfiles.rules = [
|
||||||
|
"d /var/state/weechat_logs 0700 lass users -"
|
||||||
|
"d /var/state/weechat 0700 lass users -"
|
||||||
|
"d /var/state/weechat_cfg 0700 lass users -"
|
||||||
|
"L+ /home/lass/.local/share/weechat - - - - ../../../../var/state/weechat"
|
||||||
|
"L+ /home/lass/.config/weechat - - - - ../../../../var/state/weechat_cfg"
|
||||||
|
];
|
||||||
|
|
||||||
|
systemd.services.weechat = {
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
restartIfChanged = false;
|
||||||
|
serviceConfig = {
|
||||||
|
User = "lass";
|
||||||
|
RemainAfterExit = true;
|
||||||
|
Type = "oneshot";
|
||||||
|
LoadCredential = [
|
||||||
|
"WEECHAT_PASSPHRASE:${toString <secrets>}/weechat_passphrase"
|
||||||
|
];
|
||||||
|
ExecStart = "${pkgs.tmux}/bin/tmux -2 new-session -d -s IM ${weechat-configured}/bin/weechat";
|
||||||
|
ExecStop = "${pkgs.tmux}/bin/tmux kill-session -t IM"; # TODO run save in weechat
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user