Merge remote-tracking branch 'gum/master'
This commit is contained in:
commit
3d1472a7ca
@ -1,11 +1,11 @@
|
|||||||
let
|
let
|
||||||
ext-if = "enp0s25";
|
ext-if = "et0";
|
||||||
shack-ip = "10.42.22.184";
|
shack-ip = "10.42.22.184";
|
||||||
shack-gw = "10.42.20.1";
|
shack-gw = "10.42.20.1";
|
||||||
in {
|
in {
|
||||||
services.udev.extraRules = ''
|
services.udev.extraRules = ''
|
||||||
SUBSYSTEM=="net", ATTR{address}=="8c:70:5a:b2:84:58", NAME="wl0"
|
SUBSYSTEM=="net", ATTR{address}=="8c:70:5a:b2:84:58", NAME="wl0"
|
||||||
SUBSYSTEM=="net", ATTR{address}=="3c:97:0e:07:b9:14", NAME="et0"
|
SUBSYSTEM=="net", ATTR{address}=="3c:97:0e:07:b9:14", NAME="${ext-if}"
|
||||||
'';
|
'';
|
||||||
networking = {
|
networking = {
|
||||||
firewall.enable = false;
|
firewall.enable = false;
|
||||||
@ -13,7 +13,7 @@ in {
|
|||||||
interfaces."${ext-if}".ipv4.addresses = [
|
interfaces."${ext-if}".ipv4.addresses = [
|
||||||
{
|
{
|
||||||
address = shack-ip;
|
address = shack-ip;
|
||||||
prefixLength = 20;
|
prefixLength = 22;
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
|
@ -108,12 +108,6 @@ in {
|
|||||||
ci = false;
|
ci = false;
|
||||||
cores = 1;
|
cores = 1;
|
||||||
nets = {
|
nets = {
|
||||||
lan = {
|
|
||||||
ip4.addr = "192.168.1.12";
|
|
||||||
aliases = [
|
|
||||||
"filepimp.lan"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
retiolum.ip4.addr = "10.243.153.102";
|
retiolum.ip4.addr = "10.243.153.102";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
@ -123,12 +117,6 @@ in {
|
|||||||
cores = 2;
|
cores = 2;
|
||||||
|
|
||||||
nets = {
|
nets = {
|
||||||
lan = {
|
|
||||||
ip4.addr = "192.168.1.11";
|
|
||||||
aliases = [
|
|
||||||
"omo.lan"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
retiolum = {
|
retiolum = {
|
||||||
ip4.addr = "10.243.0.89";
|
ip4.addr = "10.243.0.89";
|
||||||
aliases = [
|
aliases = [
|
||||||
@ -143,13 +131,6 @@ in {
|
|||||||
ci = true;
|
ci = true;
|
||||||
cores = 4;
|
cores = 4;
|
||||||
nets = {
|
nets = {
|
||||||
lan = {
|
|
||||||
ip4.addr = "192.168.8.11";
|
|
||||||
aliases = [
|
|
||||||
"wbob.lan"
|
|
||||||
"log.wbob.lan"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
retiolum = {
|
retiolum = {
|
||||||
ip4.addr = "10.243.214.15";
|
ip4.addr = "10.243.214.15";
|
||||||
aliases = [
|
aliases = [
|
||||||
|
4
makefu/0tests/data/secrets/photoprism.nix
Normal file
4
makefu/0tests/data/secrets/photoprism.nix
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
{
|
||||||
|
db.username = "photoprism";
|
||||||
|
db.password = "photoprism";
|
||||||
|
}
|
6
makefu/0tests/data/secrets/zigbee2mqtt.nix
Normal file
6
makefu/0tests/data/secrets/zigbee2mqtt.nix
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
{
|
||||||
|
mqtt.password = "hass";
|
||||||
|
mqtt.username = "hass";
|
||||||
|
zigbee.network_key = [ 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 ];
|
||||||
|
}
|
||||||
|
|
@ -1,26 +1,13 @@
|
|||||||
{ config, pkgs, lib, ... }:
|
{ config, pkgs, lib, ... }:
|
||||||
|
# nix-shell -p wol --run 'wol C8:CB:B8:CF:E4:DC --passwd=CA-FE-BA-BE-13-37'
|
||||||
let
|
let
|
||||||
byid = dev: "/dev/disk/by-id/" + dev;
|
itf = config.makefu.server.primary-itf;
|
||||||
part1 = disk: disk + "-part1";
|
|
||||||
rootDisk = byid "ata-SanDisk_SDSSDP064G_140237402890";
|
|
||||||
primary-interface = "enp3s0"; # c8:cb:b8:cf:e4:dc
|
|
||||||
# N54L Chassis:
|
|
||||||
# ____________________
|
|
||||||
# |______FRONT_______|
|
|
||||||
# | [ ]|
|
|
||||||
# | [ d1 ** d3 d4 ]|
|
|
||||||
# |___[_____________]|
|
|
||||||
jDisk1 = byid "ata-ST4000DM000-1F2168_Z3040NEA";
|
|
||||||
|
|
||||||
# transfer to omo
|
|
||||||
# jDisk0 = byid "ata-ST4000DM000-1F2168_Z303HVSG";
|
|
||||||
jDisk2 = byid "ata-WDC_WD40EFRX-68WT0N0_WD-WCC4E0621363";
|
|
||||||
jDisk3 = byid "ata-TOSHIBA_MD04ACA400_156GK89OFSBA";
|
|
||||||
allDisks = [ rootDisk jDisk1 jDisk2 jDisk3 ];
|
|
||||||
in {
|
in {
|
||||||
imports =
|
imports =
|
||||||
[ # Include the results of the hardware scan.
|
[ # Include the results of the hardware scan.
|
||||||
|
./hw.nix
|
||||||
<stockholm/makefu>
|
<stockholm/makefu>
|
||||||
|
<stockholm/makefu/2configs/home-manager>
|
||||||
<stockholm/makefu/2configs/fs/single-partition-ext4.nix>
|
<stockholm/makefu/2configs/fs/single-partition-ext4.nix>
|
||||||
<stockholm/makefu/2configs/smart-monitor.nix>
|
<stockholm/makefu/2configs/smart-monitor.nix>
|
||||||
<stockholm/makefu/2configs/tinc/retiolum.nix>
|
<stockholm/makefu/2configs/tinc/retiolum.nix>
|
||||||
@ -28,64 +15,12 @@ in {
|
|||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.filepimp;
|
krebs.build.host = config.krebs.hosts.filepimp;
|
||||||
# AMD N54L
|
|
||||||
boot = {
|
|
||||||
loader.grub.device = rootDisk;
|
|
||||||
|
|
||||||
initrd.availableKernelModules = [
|
networking.firewall.trustedInterfaces = [ itf ];
|
||||||
"ahci"
|
|
||||||
"ohci_pci"
|
|
||||||
"ehci_pci"
|
|
||||||
"pata_atiixp"
|
|
||||||
"usb_storage"
|
|
||||||
"usbhid"
|
|
||||||
];
|
|
||||||
|
|
||||||
kernelModules = [ "kvm-amd" ];
|
|
||||||
extraModulePackages = [ ];
|
|
||||||
};
|
|
||||||
hardware.enableRedistributableFirmware = true;
|
|
||||||
hardware.cpu.amd.updateMicrocode = true;
|
|
||||||
|
|
||||||
zramSwap.enable = true;
|
|
||||||
|
|
||||||
makefu.snapraid = let
|
|
||||||
toMedia = name: "/media/" + name;
|
|
||||||
in {
|
|
||||||
enable = true;
|
|
||||||
# todo combine creation when enabling the mount point
|
|
||||||
disks = map toMedia [
|
|
||||||
# "j0"
|
|
||||||
"j1"
|
|
||||||
"j2"
|
|
||||||
];
|
|
||||||
parity = toMedia "par0";
|
|
||||||
};
|
|
||||||
# TODO: refactor, copy-paste from omo
|
|
||||||
services.smartd.devices = builtins.map (x: { device = x; }) allDisks;
|
|
||||||
powerManagement.powerUpCommands = lib.concatStrings (map (disk: ''
|
|
||||||
${pkgs.hdparm}/sbin/hdparm -S 100 ${disk}
|
|
||||||
${pkgs.hdparm}/sbin/hdparm -B 127 ${disk}
|
|
||||||
${pkgs.hdparm}/sbin/hdparm -y ${disk}
|
|
||||||
'') allDisks);
|
|
||||||
fileSystems = let
|
|
||||||
xfsmount = name: dev:
|
|
||||||
{ "/media/${name}" = {
|
|
||||||
device = dev; fsType = "xfs";
|
|
||||||
options = [ "nofail" ];
|
|
||||||
}; };
|
|
||||||
in
|
|
||||||
# (xfsmount "j0" (part1 jDisk0)) //
|
|
||||||
(xfsmount "j1" (part1 jDisk1)) //
|
|
||||||
(xfsmount "j2" (part1 jDisk2)) //
|
|
||||||
(xfsmount "par0" (part1 jDisk3))
|
|
||||||
;
|
|
||||||
|
|
||||||
networking.firewall.trustedInterfaces = [ primary-interface ];
|
|
||||||
|
|
||||||
services.wakeonlan.interfaces = [
|
services.wakeonlan.interfaces = [
|
||||||
{
|
{
|
||||||
interface = primary-interface;
|
interface = itf ;
|
||||||
method = "password";
|
method = "password";
|
||||||
password = "CA:FE:BA:BE:13:37";
|
password = "CA:FE:BA:BE:13:37";
|
||||||
}
|
}
|
||||||
|
83
makefu/1systems/filepimp/hw.nix
Normal file
83
makefu/1systems/filepimp/hw.nix
Normal file
@ -0,0 +1,83 @@
|
|||||||
|
{ config, pkgs, lib, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
byid = dev: "/dev/disk/by-id/" + dev;
|
||||||
|
part1 = disk: disk + "-part1";
|
||||||
|
rootDisk = byid "ata-SanDisk_SDSSDP064G_140237402890";
|
||||||
|
primary-interface = "enp3s0"; # c8:cb:b8:cf:e4:dc
|
||||||
|
# N54L Chassis:
|
||||||
|
# ____________________
|
||||||
|
# |______FRONT_______|
|
||||||
|
# | [ ]|
|
||||||
|
# | [ d1 d0 d3 d4 ]|
|
||||||
|
# |___[_____________]|
|
||||||
|
jDisk1 = byid "ata-ST4000DM000-1F2168_Z3040NEA";
|
||||||
|
|
||||||
|
# transfer to omo
|
||||||
|
jDisk0 = byid "ata-ST4000DM000-1F2168_Z303HVSG";
|
||||||
|
jDisk2 = byid "ata-WDC_WD40EFRX-68WT0N0_WD-WCC4E0621363";
|
||||||
|
jDisk3 = byid "ata-TOSHIBA_MD04ACA400_156GK89OFSBA";
|
||||||
|
allDisks = [ rootDisk jDisk0 jDisk1 jDisk2 jDisk3 ];
|
||||||
|
in {
|
||||||
|
boot = {
|
||||||
|
loader.grub.device = rootDisk;
|
||||||
|
|
||||||
|
initrd.availableKernelModules = [
|
||||||
|
"ahci"
|
||||||
|
"ohci_pci"
|
||||||
|
"ehci_pci"
|
||||||
|
"pata_atiixp"
|
||||||
|
"usb_storage"
|
||||||
|
"usbhid"
|
||||||
|
];
|
||||||
|
|
||||||
|
kernelModules = [ "kvm-amd" ];
|
||||||
|
extraModulePackages = [ ];
|
||||||
|
};
|
||||||
|
makefu.server.primary-itf = primary-interface;
|
||||||
|
|
||||||
|
hardware.enableRedistributableFirmware = true;
|
||||||
|
hardware.cpu.amd.updateMicrocode = true;
|
||||||
|
|
||||||
|
zramSwap.enable = true;
|
||||||
|
|
||||||
|
makefu.snapraid = let
|
||||||
|
toMedia = name: "/media/" + name;
|
||||||
|
in {
|
||||||
|
enable = true;
|
||||||
|
# todo combine creation when enabling the mount point
|
||||||
|
disks = map toMedia [
|
||||||
|
"j0"
|
||||||
|
"j1"
|
||||||
|
"j2"
|
||||||
|
];
|
||||||
|
parity = toMedia "par0";
|
||||||
|
};
|
||||||
|
# TODO: refactor, copy-paste from omo
|
||||||
|
services.smartd.devices = builtins.map (x: { device = x; }) allDisks;
|
||||||
|
powerManagement.powerUpCommands = lib.concatStrings (map (disk: ''
|
||||||
|
${pkgs.hdparm}/sbin/hdparm -S 100 ${disk}
|
||||||
|
${pkgs.hdparm}/sbin/hdparm -B 127 ${disk}
|
||||||
|
${pkgs.hdparm}/sbin/hdparm -y ${disk}
|
||||||
|
'') allDisks);
|
||||||
|
fileSystems = let
|
||||||
|
xfsmount = name: dev:
|
||||||
|
{ "/media/${name}" = {
|
||||||
|
device = dev; fsType = "xfs";
|
||||||
|
options = [ "nofail" ];
|
||||||
|
}; };
|
||||||
|
tomedia = id: "/media/${id}";
|
||||||
|
in
|
||||||
|
(xfsmount "j0" (part1 jDisk0)) //
|
||||||
|
(xfsmount "j1" (part1 jDisk1)) //
|
||||||
|
(xfsmount "j2" (part1 jDisk2)) //
|
||||||
|
(xfsmount "par0" (part1 jDisk3)) //
|
||||||
|
{ "/media/jX" = {
|
||||||
|
device = (lib.concatMapStringsSep ":" (d: (tomedia d)) ["j0" "j1" "j2" ]);
|
||||||
|
fsType = "mergerfs";
|
||||||
|
noCheck = true;
|
||||||
|
options = [ "defaults" "allow_other" "nofail" "nonempty" ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
environment.systemPackages = [ pkgs.mergerfs ];
|
||||||
|
}
|
@ -1,3 +1,4 @@
|
|||||||
{
|
{
|
||||||
name="filepimp";
|
name="filepimp";
|
||||||
|
home-manager = true;
|
||||||
}
|
}
|
||||||
|
@ -43,6 +43,7 @@ in {
|
|||||||
|
|
||||||
<stockholm/makefu/2configs/zsh-user.nix>
|
<stockholm/makefu/2configs/zsh-user.nix>
|
||||||
<stockholm/makefu/2configs/mosh.nix>
|
<stockholm/makefu/2configs/mosh.nix>
|
||||||
|
<stockholm/makefu/2configs/storj/forward-port.nix>
|
||||||
# <stockholm/makefu/2configs/gui/xpra.nix>
|
# <stockholm/makefu/2configs/gui/xpra.nix>
|
||||||
|
|
||||||
# networking
|
# networking
|
||||||
@ -147,7 +148,7 @@ in {
|
|||||||
<stockholm/makefu/2configs/deployment/boot-euer.nix>
|
<stockholm/makefu/2configs/deployment/boot-euer.nix>
|
||||||
<stockholm/makefu/2configs/deployment/gecloudpad>
|
<stockholm/makefu/2configs/deployment/gecloudpad>
|
||||||
<stockholm/makefu/2configs/deployment/docker/archiveteam-warrior.nix>
|
<stockholm/makefu/2configs/deployment/docker/archiveteam-warrior.nix>
|
||||||
<stockholm/makefu/2configs/deployment/docker/etherpad.euer.krebsco.de.nix>
|
<stockholm/makefu/2configs/bgt/etherpad.euer.krebsco.de.nix>
|
||||||
# <stockholm/makefu/2configs/deployment/systemdultras-rss.nix>
|
# <stockholm/makefu/2configs/deployment/systemdultras-rss.nix>
|
||||||
|
|
||||||
<stockholm/makefu/2configs/shiori.nix>
|
<stockholm/makefu/2configs/shiori.nix>
|
||||||
@ -156,6 +157,7 @@ in {
|
|||||||
<stockholm/makefu/2configs/bgt/download.binaergewitter.de.nix>
|
<stockholm/makefu/2configs/bgt/download.binaergewitter.de.nix>
|
||||||
<stockholm/makefu/2configs/bgt/hidden_service.nix>
|
<stockholm/makefu/2configs/bgt/hidden_service.nix>
|
||||||
<stockholm/makefu/2configs/bgt/backup.nix>
|
<stockholm/makefu/2configs/bgt/backup.nix>
|
||||||
|
<stockholm/makefu/2configs/bgt/social-to-irc.nix>
|
||||||
|
|
||||||
# <stockholm/makefu/2configs/logging/client.nix>
|
# <stockholm/makefu/2configs/logging/client.nix>
|
||||||
|
|
||||||
@ -203,7 +205,10 @@ in {
|
|||||||
# Network
|
# Network
|
||||||
networking = {
|
networking = {
|
||||||
firewall = {
|
firewall = {
|
||||||
allowedTCPPorts = [ 80 443 ];
|
allowedTCPPorts = [
|
||||||
|
80 443
|
||||||
|
28967 # storj
|
||||||
|
];
|
||||||
allowPing = true;
|
allowPing = true;
|
||||||
logRefusedConnections = false;
|
logRefusedConnections = false;
|
||||||
};
|
};
|
||||||
|
@ -28,9 +28,11 @@ in {
|
|||||||
<stockholm/makefu/2configs/home-manager>
|
<stockholm/makefu/2configs/home-manager>
|
||||||
<stockholm/makefu/2configs/home-manager/cli.nix>
|
<stockholm/makefu/2configs/home-manager/cli.nix>
|
||||||
<stockholm/makefu/2configs/editor/neovim>
|
<stockholm/makefu/2configs/editor/neovim>
|
||||||
|
<stockholm/makefu/2configs/storj/client.nix>
|
||||||
|
|
||||||
|
|
||||||
<stockholm/makefu/2configs/backup/state.nix>
|
<stockholm/makefu/2configs/backup/state.nix>
|
||||||
|
<stockholm/makefu/2configs/backup/server.nix>
|
||||||
<stockholm/makefu/2configs/exim-retiolum.nix>
|
<stockholm/makefu/2configs/exim-retiolum.nix>
|
||||||
# <stockholm/makefu/2configs/smart-monitor.nix>
|
# <stockholm/makefu/2configs/smart-monitor.nix>
|
||||||
<stockholm/makefu/2configs/mail-client.nix>
|
<stockholm/makefu/2configs/mail-client.nix>
|
||||||
@ -68,7 +70,7 @@ in {
|
|||||||
<stockholm/makefu/2configs/tinc/retiolum.nix>
|
<stockholm/makefu/2configs/tinc/retiolum.nix>
|
||||||
|
|
||||||
# statistics
|
# statistics
|
||||||
<stockholm/makefu/2configs/stats/client.nix>
|
# <stockholm/makefu/2configs/stats/client.nix>
|
||||||
# Logging
|
# Logging
|
||||||
#influx + grafana
|
#influx + grafana
|
||||||
<stockholm/makefu/2configs/stats/server.nix>
|
<stockholm/makefu/2configs/stats/server.nix>
|
||||||
@ -91,13 +93,18 @@ in {
|
|||||||
<stockholm/makefu/2configs/virtualisation/docker.nix>
|
<stockholm/makefu/2configs/virtualisation/docker.nix>
|
||||||
<stockholm/makefu/2configs/bluetooth-mpd.nix>
|
<stockholm/makefu/2configs/bluetooth-mpd.nix>
|
||||||
|
|
||||||
<stockholm/makefu/2configs/ham>
|
<stockholm/makefu/2configs/home/ham>
|
||||||
|
<stockholm/makefu/2configs/home/airsonic.nix>
|
||||||
|
<stockholm/makefu/2configs/home/photoprism.nix>
|
||||||
|
<stockholm/makefu/2configs/home/metube.nix>
|
||||||
{
|
{
|
||||||
makefu.ps3netsrv = {
|
makefu.ps3netsrv = {
|
||||||
enable = true;
|
enable = true;
|
||||||
servedir = "/media/cryptX/emu/ps3";
|
servedir = "/media/cryptX/emu/ps3";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
{
|
{
|
||||||
hardware.pulseaudio.systemWide = true;
|
hardware.pulseaudio.systemWide = true;
|
||||||
makefu.mpd.musicDirectory = "/media/cryptX/music";
|
makefu.mpd.musicDirectory = "/media/cryptX/music";
|
||||||
@ -107,7 +114,15 @@ in {
|
|||||||
<stockholm/makefu/2configs/sshd-totp.nix>
|
<stockholm/makefu/2configs/sshd-totp.nix>
|
||||||
# <stockholm/makefu/2configs/logging/central-logging-client.nix>
|
# <stockholm/makefu/2configs/logging/central-logging-client.nix>
|
||||||
|
|
||||||
<stockholm/makefu/2configs/torrent.nix>
|
# <stockholm/makefu/2configs/torrent.nix>
|
||||||
|
{
|
||||||
|
#krebs.rtorrent = {
|
||||||
|
# downloadDir = lib.mkForce "/media/cryptX/torrent";
|
||||||
|
# extraConfig = ''
|
||||||
|
# upload_rate = 500
|
||||||
|
# '';
|
||||||
|
#};
|
||||||
|
}
|
||||||
|
|
||||||
# <stockholm/makefu/2configs/elchos/search.nix>
|
# <stockholm/makefu/2configs/elchos/search.nix>
|
||||||
# <stockholm/makefu/2configs/elchos/log.nix>
|
# <stockholm/makefu/2configs/elchos/log.nix>
|
||||||
@ -118,16 +133,11 @@ in {
|
|||||||
|
|
||||||
# Temporary:
|
# Temporary:
|
||||||
# <stockholm/makefu/2configs/temp/rst-issue.nix>
|
# <stockholm/makefu/2configs/temp/rst-issue.nix>
|
||||||
|
<stockholm/makefu/2configs/bgt/social-to-irc.nix>
|
||||||
|
|
||||||
];
|
];
|
||||||
makefu.full-populate = true;
|
makefu.full-populate = true;
|
||||||
nixpkgs.config.allowUnfree = true;
|
nixpkgs.config.allowUnfree = true;
|
||||||
krebs.rtorrent = {
|
|
||||||
downloadDir = lib.mkForce "/media/cryptX/torrent";
|
|
||||||
extraConfig = ''
|
|
||||||
upload_rate = 500
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
users.groups.share = {
|
users.groups.share = {
|
||||||
gid = (import <stockholm/lib>).genid "share";
|
gid = (import <stockholm/lib>).genid "share";
|
||||||
members = [ "makefu" "misa" ];
|
members = [ "makefu" "misa" ];
|
||||||
|
@ -51,6 +51,10 @@ in {
|
|||||||
enable = true;
|
enable = true;
|
||||||
disks = map toMapper [ 0 1 3 ];
|
disks = map toMapper [ 0 1 3 ];
|
||||||
parity = toMapper 2; # find -name PARITY_PARTITION
|
parity = toMapper 2; # find -name PARITY_PARTITION
|
||||||
|
extraConfig = ''
|
||||||
|
exclude /lib/storj/
|
||||||
|
exclude /.bitcoin/blocks/
|
||||||
|
'';
|
||||||
};
|
};
|
||||||
fileSystems = let
|
fileSystems = let
|
||||||
cryptMount = name:
|
cryptMount = name:
|
||||||
|
@ -6,21 +6,26 @@
|
|||||||
{
|
{
|
||||||
imports =
|
imports =
|
||||||
[ # Include the results of the hardware scan.
|
[ # Include the results of the hardware scan.
|
||||||
|
./hardware.nix
|
||||||
<stockholm/makefu>
|
<stockholm/makefu>
|
||||||
|
<stockholm/makefu/2configs/nur.nix>
|
||||||
<stockholm/makefu/2configs/home-manager>
|
<stockholm/makefu/2configs/home-manager>
|
||||||
<stockholm/makefu/2configs/main-laptop.nix>
|
<stockholm/makefu/2configs/main-laptop.nix>
|
||||||
|
<stockholm/makefu/2configs/editor/neovim>
|
||||||
|
<stockholm/makefu/2configs/tools/core.nix>
|
||||||
# <stockholm/makefu/2configs/tools/all.nix>
|
# <stockholm/makefu/2configs/tools/all.nix>
|
||||||
<stockholm/makefu/2configs/fs/single-partition-ext4.nix>
|
<stockholm/makefu/2configs/fs/single-partition-ext4.nix>
|
||||||
# hardware specifics are in here
|
# hardware specifics are in here
|
||||||
# imports tp-x2x0.nix
|
|
||||||
<stockholm/makefu/2configs/hw/tp-x230.nix>
|
|
||||||
<stockholm/makefu/2configs/hw/bluetooth.nix>
|
<stockholm/makefu/2configs/hw/bluetooth.nix>
|
||||||
<stockholm/makefu/2configs/hw/network-manager.nix>
|
<stockholm/makefu/2configs/hw/network-manager.nix>
|
||||||
|
|
||||||
|
|
||||||
# <stockholm/makefu/2configs/rad1o.nix>
|
# <stockholm/makefu/2configs/rad1o.nix>
|
||||||
|
|
||||||
<stockholm/makefu/2configs/zsh-user.nix>
|
<stockholm/makefu/2configs/zsh-user.nix>
|
||||||
<stockholm/makefu/2configs/exim-retiolum.nix>
|
<stockholm/makefu/2configs/home-manager>
|
||||||
|
<stockholm/makefu/2configs/home-manager/desktop.nix>
|
||||||
|
<stockholm/makefu/2configs/home-manager/cli.nix>
|
||||||
<stockholm/makefu/2configs/tinc/retiolum.nix>
|
<stockholm/makefu/2configs/tinc/retiolum.nix>
|
||||||
|
|
||||||
<stockholm/makefu/2configs/sshd-totp.nix>
|
<stockholm/makefu/2configs/sshd-totp.nix>
|
||||||
|
9
makefu/1systems/tsp/hardware.nix
Normal file
9
makefu/1systems/tsp/hardware.nix
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
{ lib, ... }:
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
# laptop is an acer aspire, but close enough i'd say
|
||||||
|
<stockholm/makefu/2configs/hw/tp-x2x0.nix>
|
||||||
|
];
|
||||||
|
# the laptop only has the touchpad
|
||||||
|
services.xserver.synaptics.additionalOptions = lib.mkForce ''Option "TouchpadOff" "0"'';
|
||||||
|
}
|
@ -1,14 +1,15 @@
|
|||||||
{ config, pkgs, lib, ... }:
|
{ config, pkgs, lib, ... }:
|
||||||
let
|
let
|
||||||
rootdisk = "/dev/disk/by-id/ata-TS256GMTS800_C613840115";
|
|
||||||
datadisk = "/dev/disk/by-id/ata-HGST_HTS721010A9E630_JR10006PH3A02F";
|
|
||||||
user = config.makefu.gui.user;
|
user = config.makefu.gui.user;
|
||||||
primaryIP = "192.168.8.11";
|
primaryIP = "192.168.8.11";
|
||||||
in {
|
in {
|
||||||
|
|
||||||
imports =
|
imports =
|
||||||
[ # Include the results of the hardware scan.
|
[
|
||||||
<stockholm/makefu>
|
<stockholm/makefu>
|
||||||
|
# Include the results of the hardware scan.
|
||||||
|
./nuc
|
||||||
|
|
||||||
<stockholm/makefu/2configs/home-manager>
|
<stockholm/makefu/2configs/home-manager>
|
||||||
<stockholm/makefu/2configs/support-nixos.nix>
|
<stockholm/makefu/2configs/support-nixos.nix>
|
||||||
<stockholm/makefu/2configs/zsh-user.nix>
|
<stockholm/makefu/2configs/zsh-user.nix>
|
||||||
@ -37,13 +38,13 @@ in {
|
|||||||
|
|
||||||
# Sensors
|
# Sensors
|
||||||
# <stockholm/makefu/2configs/stats/client.nix>
|
# <stockholm/makefu/2configs/stats/client.nix>
|
||||||
<stockholm/makefu/2configs/stats/collectd-client.nix>
|
# <stockholm/makefu/2configs/stats/collectd-client.nix>
|
||||||
<stockholm/makefu/2configs/stats/telegraf>
|
<stockholm/makefu/2configs/stats/telegraf>
|
||||||
<stockholm/makefu/2configs/stats/telegraf/airsensor.nix>
|
<stockholm/makefu/2configs/stats/telegraf/airsensor.nix>
|
||||||
<stockholm/makefu/2configs/stats/telegraf/europastats.nix>
|
<stockholm/makefu/2configs/stats/telegraf/europastats.nix>
|
||||||
<stockholm/makefu/2configs/stats/external/aralast.nix>
|
<stockholm/makefu/2configs/stats/external/aralast.nix>
|
||||||
<stockholm/makefu/2configs/stats/arafetch.nix>
|
<stockholm/makefu/2configs/stats/arafetch.nix>
|
||||||
<stockholm/makefu/2configs/hw/mceusb.nix>
|
# <stockholm/makefu/2configs/hw/mceusb.nix>
|
||||||
# <stockholm/makefu/2configs/stats/telegraf/bamstats.nix>
|
# <stockholm/makefu/2configs/stats/telegraf/bamstats.nix>
|
||||||
{ environment.systemPackages = [ pkgs.vlc ]; }
|
{ environment.systemPackages = [ pkgs.vlc ]; }
|
||||||
|
|
||||||
@ -94,44 +95,6 @@ in {
|
|||||||
build.host = config.krebs.hosts.wbob;
|
build.host = config.krebs.hosts.wbob;
|
||||||
};
|
};
|
||||||
|
|
||||||
swapDevices = [ { device = "/var/swap"; } ];
|
|
||||||
services.collectd.extraConfig = lib.mkAfter ''
|
|
||||||
|
|
||||||
#LoadPlugin ping
|
|
||||||
# does not work because it requires privileges
|
|
||||||
#<Plugin "ping">
|
|
||||||
# Host "google.de"
|
|
||||||
# Host "heise.de"
|
|
||||||
#</Plugin>
|
|
||||||
|
|
||||||
LoadPlugin curl
|
|
||||||
<Plugin curl>
|
|
||||||
Interval 300
|
|
||||||
TotalTime true
|
|
||||||
NamelookupTime true
|
|
||||||
ConnectTime true
|
|
||||||
|
|
||||||
<Page "google">
|
|
||||||
MeasureResponseTime true
|
|
||||||
MeasureResponseCode true
|
|
||||||
URL "https://google.de"
|
|
||||||
</Page>
|
|
||||||
|
|
||||||
<Page "webde">
|
|
||||||
MeasureResponseTime true
|
|
||||||
MeasureResponseCode true
|
|
||||||
URL "http://web.de"
|
|
||||||
</Page>
|
|
||||||
|
|
||||||
</Plugin>
|
|
||||||
#LoadPlugin netlink
|
|
||||||
#<Plugin "netlink">
|
|
||||||
# Interface "enp0s25"
|
|
||||||
# Interface "wlp2s0"
|
|
||||||
# IgnoreSelected false
|
|
||||||
#</Plugin>
|
|
||||||
'';
|
|
||||||
|
|
||||||
networking.firewall.allowedUDPPorts = [ 655 ];
|
networking.firewall.allowedUDPPorts = [ 655 ];
|
||||||
networking.firewall.allowedTCPPorts = [
|
networking.firewall.allowedTCPPorts = [
|
||||||
655
|
655
|
||||||
@ -146,7 +109,7 @@ in {
|
|||||||
# Port = 1655
|
# Port = 1655
|
||||||
# '';
|
# '';
|
||||||
#};
|
#};
|
||||||
|
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||||
# rt2870.bin wifi card, part of linux-unfree
|
# rt2870.bin wifi card, part of linux-unfree
|
||||||
hardware.enableRedistributableFirmware = true;
|
hardware.enableRedistributableFirmware = true;
|
||||||
nixpkgs.config.allowUnfree = true;
|
nixpkgs.config.allowUnfree = true;
|
||||||
@ -156,24 +119,5 @@ in {
|
|||||||
address = "10.8.8.11";
|
address = "10.8.8.11";
|
||||||
prefixLength = 24;
|
prefixLength = 24;
|
||||||
}];
|
}];
|
||||||
|
|
||||||
|
|
||||||
# nuc hardware
|
# nuc hardware
|
||||||
boot.loader.grub.device = rootdisk;
|
|
||||||
hardware.cpu.intel.updateMicrocode = true;
|
|
||||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
|
|
||||||
|
|
||||||
boot.kernelModules = [
|
|
||||||
"kvm-intel" "snd-seq" "snd-rawmidi"
|
|
||||||
];
|
|
||||||
fileSystems = {
|
|
||||||
"/" = {
|
|
||||||
device = rootdisk + "-part1";
|
|
||||||
fsType = "ext4";
|
|
||||||
};
|
|
||||||
"/data" = {
|
|
||||||
device = datadisk + "-part1";
|
|
||||||
fsType = "ext4";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
23
makefu/1systems/wbob/nuc/default.nix
Normal file
23
makefu/1systems/wbob/nuc/default.nix
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
let
|
||||||
|
rootdisk = "/dev/disk/by-id/ata-TS256GMTS800_C613840115";
|
||||||
|
datadisk = "/dev/disk/by-id/ata-HGST_HTS721010A9E630_JR10006PH3A02F";
|
||||||
|
in {
|
||||||
|
boot.loader.grub.device = rootdisk;
|
||||||
|
hardware.cpu.intel.updateMicrocode = true;
|
||||||
|
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
|
||||||
|
|
||||||
|
boot.kernelModules = [
|
||||||
|
"kvm-intel" "snd-seq" "snd-rawmidi"
|
||||||
|
];
|
||||||
|
fileSystems = {
|
||||||
|
"/" = {
|
||||||
|
device = rootdisk + "-part1";
|
||||||
|
fsType = "ext4";
|
||||||
|
};
|
||||||
|
"/data" = {
|
||||||
|
device = datadisk + "-part1";
|
||||||
|
fsType = "ext4";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
swapDevices = [ { device = "/var/swap"; } ];
|
||||||
|
}
|
@ -2,4 +2,5 @@
|
|||||||
name="wbob";
|
name="wbob";
|
||||||
# musnix = true;
|
# musnix = true;
|
||||||
home-manager = true;
|
home-manager = true;
|
||||||
|
unstable = true;
|
||||||
}
|
}
|
||||||
|
@ -158,7 +158,8 @@
|
|||||||
|
|
||||||
# temporary
|
# temporary
|
||||||
# { services.redis.enable = true; }
|
# { services.redis.enable = true; }
|
||||||
# <stockholm/makefu/2configs/pyload.nix>
|
{ services.mongodb.enable = true; }
|
||||||
|
# <stockholm/makefu/2configs/home/photoprism.nix>
|
||||||
# <stockholm/makefu/2configs/dcpp/airdcpp.nix>
|
# <stockholm/makefu/2configs/dcpp/airdcpp.nix>
|
||||||
# <stockholm/makefu/2configs/nginx/rompr.nix>
|
# <stockholm/makefu/2configs/nginx/rompr.nix>
|
||||||
# <stockholm/makefu/2configs/lanparty/lancache.nix>
|
# <stockholm/makefu/2configs/lanparty/lancache.nix>
|
||||||
|
@ -8,6 +8,7 @@
|
|||||||
<nixos-hardware/lenovo/thinkpad/l14/amd> # close enough
|
<nixos-hardware/lenovo/thinkpad/l14/amd> # close enough
|
||||||
# <stockholm/makefu/2configs/hw/tpm.nix>
|
# <stockholm/makefu/2configs/hw/tpm.nix>
|
||||||
<stockholm/makefu/2configs/hw/ssd.nix>
|
<stockholm/makefu/2configs/hw/ssd.nix>
|
||||||
|
<stockholm/makefu/2configs/hw/xmm7360.nix>
|
||||||
];
|
];
|
||||||
boot.zfs.requestEncryptionCredentials = true;
|
boot.zfs.requestEncryptionCredentials = true;
|
||||||
networking.hostId = "f8b8e0a2";
|
networking.hostId = "f8b8e0a2";
|
||||||
@ -19,32 +20,15 @@
|
|||||||
services.xserver.videoDrivers = [
|
services.xserver.videoDrivers = [
|
||||||
"amdgpu"
|
"amdgpu"
|
||||||
];
|
];
|
||||||
hardware.opengl.extraPackages = [ pkgs.amdvlk ];
|
hardware.opengl.extraPackages = [ pkgs.amdvlk pkgs.rocm-opencl-icd ];
|
||||||
# is required for amd graphics support ( xorg wont boot otherwise )
|
# is required for amd graphics support ( xorg wont boot otherwise )
|
||||||
boot.kernelPackages = pkgs.linuxPackages_latest;
|
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||||
|
|
||||||
environment.variables.VK_ICD_FILENAMES =
|
environment.variables.VK_ICD_FILENAMES =
|
||||||
"/run/opengl-driver/share/vulkan/icd.d/amd_icd64.json";
|
"/run/opengl-driver/share/vulkan/icd.d/amd_icd64.json";
|
||||||
|
|
||||||
|
|
||||||
programs.light.enable = true;
|
programs.light.enable = true;
|
||||||
services.actkbd = {
|
|
||||||
enable = true;
|
|
||||||
bindings = [
|
|
||||||
{ keys = [ 225 ]; events = [ "key" ]; command = "${pkgs.light}/bin/light -A 10"; }
|
|
||||||
{ keys = [ 224 ]; events = [ "key" ]; command = "${pkgs.light}/bin/light -U 10"; }
|
|
||||||
{ keys = [ 227 ]; events = [ "key" ]; command = builtins.toString (
|
|
||||||
pkgs.writers.writeDash "toggle_lcdshadow" ''
|
|
||||||
proc=/proc/acpi/ibm/lcdshadow
|
|
||||||
status=$(${pkgs.gawk}/bin/awk '/status:/{print $2}' "$proc")
|
|
||||||
if [ "$status" -eq 0 ];then
|
|
||||||
echo 1 > "$proc"
|
|
||||||
else
|
|
||||||
echo 0 > "$proc"
|
|
||||||
fi
|
|
||||||
'');
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
users.groups.video = {};
|
users.groups.video = {};
|
||||||
users.users.makefu.extraGroups = [ "video" ];
|
users.users.makefu.extraGroups = [ "video" ];
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
|
{ pkgs, lib, ... }:
|
||||||
{
|
{
|
||||||
# current issues:
|
# current issues:
|
||||||
# 1. for pressing insert hold shift+fn+Fin
|
# 1. for pressing insert hold shift+fn+Fin
|
||||||
@ -9,5 +10,37 @@
|
|||||||
xinput set-prop "ETPS/2 Elantech TrackPoint" "Evdev Wheel Emulation Axes" 6 7 4 5
|
xinput set-prop "ETPS/2 Elantech TrackPoint" "Evdev Wheel Emulation Axes" 6 7 4 5
|
||||||
# configure timeout of pressing and holding middle button
|
# configure timeout of pressing and holding middle button
|
||||||
# xinput set-int-prop "ETPS/2 Elantech TrackPoint" "Evdev Wheel Emulation Timeout" 8 200
|
# xinput set-int-prop "ETPS/2 Elantech TrackPoint" "Evdev Wheel Emulation Timeout" 8 200
|
||||||
|
xinput disable 'ETPS/2 Elantech Touchpad'
|
||||||
'';
|
'';
|
||||||
|
boot.kernelParams = [
|
||||||
|
#"psmouse.proto=imps"
|
||||||
|
#"psmouse.proto=bare"
|
||||||
|
#"psmouse.resetafter=0"
|
||||||
|
"psmouse.synaptics_intertouch=1" # echo 1 > /sys/devices/platform/i8042/serio1/reg_07
|
||||||
|
];
|
||||||
|
|
||||||
|
programs.light.enable = true;
|
||||||
|
services.actkbd = {
|
||||||
|
enable = true;
|
||||||
|
bindings = [
|
||||||
|
{ keys = [ 225 ]; events = [ "key" ]; command = "${pkgs.light}/bin/light -A 10"; } # fn - F5
|
||||||
|
{ keys = [ 224 ]; events = [ "key" ]; command = "${pkgs.light}/bin/light -U 10"; } # fn - F6
|
||||||
|
# fn - 4 => suspend
|
||||||
|
# fn - d => lcdshadow
|
||||||
|
{ keys = [ 227 ]; events = [ "key" ]; command = builtins.toString ( # fn - F7
|
||||||
|
pkgs.writers.writeDash "toggle_touchpad" ''
|
||||||
|
PATH=${lib.makeBinPath [ pkgs.xorg.xinput pkgs.gnugrep ]}
|
||||||
|
DISPLAY=:0
|
||||||
|
export DISPLAY PATH
|
||||||
|
|
||||||
|
device=$(xinput list --name-only | grep Touchpad)
|
||||||
|
if [ "$(xinput list-props "$device" | grep -P ".*Device Enabled.*\K.(?=$)" -o)" -eq 1 ];then
|
||||||
|
xinput disable "$device"
|
||||||
|
else
|
||||||
|
xinput enable "$device"
|
||||||
|
fi
|
||||||
|
'');
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
@ -1,11 +1,19 @@
|
|||||||
{lib, ... }:
|
{lib,config, ... }:
|
||||||
let
|
let
|
||||||
hosts = lib.mapAttrsToList (f: _: lib.removeSuffix ".pub" f) (builtins.readDir ./ssh );
|
hosts = lib.mapAttrsToList (f: _: lib.removeSuffix ".pub" f) (builtins.readDir ./ssh );
|
||||||
in {
|
in {
|
||||||
# TODO: for all enabled machines
|
# TODO: for all enabled machines
|
||||||
|
options = {
|
||||||
|
makefu.backup.server.repo = lib.mkOption {
|
||||||
|
type = lib.types.str;
|
||||||
|
default = "/var/lib/borgbackup";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
config = {
|
||||||
services.borgbackup.repos = lib.genAttrs hosts (host: {
|
services.borgbackup.repos = lib.genAttrs hosts (host: {
|
||||||
authorizedKeys = [ (builtins.readFile (./ssh + "/${host}.pub") ) ];
|
authorizedKeys = [ (builtins.readFile (./ssh + "/${host}.pub") ) ];
|
||||||
path = "/var/lib/borgbackup/${host}";
|
path = "${config.makefu.backup.server.repo}/${host}";
|
||||||
user = "borg-${host}";
|
user = "borg-${host}";
|
||||||
}) ;
|
}) ;
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
@ -6,7 +6,7 @@ in {
|
|||||||
services.nginx.virtualHosts."etherpad.euer.krebsco.de" = {
|
services.nginx.virtualHosts."etherpad.euer.krebsco.de" = {
|
||||||
# useACMEHost = "euer.krebsco.de";
|
# useACMEHost = "euer.krebsco.de";
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
ssl_session_timeout 5m;
|
ssl_session_timeout 30m;
|
||||||
'';
|
'';
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
@ -27,7 +27,7 @@ in {
|
|||||||
# WebSocket proxying - from https://nginx.org/en/docs/http/websocket.html
|
# WebSocket proxying - from https://nginx.org/en/docs/http/websocket.html
|
||||||
proxy_set_header Upgrade $http_upgrade;
|
proxy_set_header Upgrade $http_upgrade;
|
||||||
proxy_set_header Connection "upgrade";
|
proxy_set_header Connection "upgrade";
|
||||||
proxy_read_timeout 61s;
|
proxy_read_timeout 1799s;
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
docker-containers."etherpad-lite" = {
|
docker-containers."etherpad-lite" = {
|
32
makefu/2configs/bgt/social-to-irc.nix
Normal file
32
makefu/2configs/bgt/social-to-irc.nix
Normal file
@ -0,0 +1,32 @@
|
|||||||
|
{
|
||||||
|
# systemd.services.brockman.environment."BROCKMAN_LOG_LEVEL" = "DEBUG";
|
||||||
|
krebs.brockman = {
|
||||||
|
enable = true;
|
||||||
|
config = {
|
||||||
|
channel = "#binaergewitter";
|
||||||
|
irc = {
|
||||||
|
host = "irc.freenode.net";
|
||||||
|
port = 6667;
|
||||||
|
};
|
||||||
|
#controller = {
|
||||||
|
# nick = "brockman-systemdultras";
|
||||||
|
# channels = [];
|
||||||
|
#};
|
||||||
|
bots = {
|
||||||
|
bgt-mastodon-rss = {
|
||||||
|
feed = "https://jit.social/users/binaergewitter.rss";
|
||||||
|
channels = [ "#binaergewitter" ];
|
||||||
|
delay = 180;
|
||||||
|
notifyErrors = false;
|
||||||
|
};
|
||||||
|
bgt-blog-rss = {
|
||||||
|
feed = "https://blog.binaergewitter.de/rss.xml";
|
||||||
|
channels = [ "#binaergewitter" ];
|
||||||
|
delay = 180;
|
||||||
|
notifyErrors = false;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
};
|
||||||
|
}
|
@ -5,6 +5,7 @@
|
|||||||
# nix-store --generate-binary-cache-key gum nix-serve.key nix-serve.pub
|
# nix-store --generate-binary-cache-key gum nix-serve.key nix-serve.pub
|
||||||
services.nix-serve = {
|
services.nix-serve = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
port = 5001;
|
||||||
secretKeyFile = config.krebs.secret.files.nix-serve-key.path;
|
secretKeyFile = config.krebs.secret.files.nix-serve-key.path;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -0,0 +1,108 @@
|
|||||||
|
{ config, pkgs, lib, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
short_threshold = 30; #seconds
|
||||||
|
long_threshold = 30; #minutes
|
||||||
|
sensor = "binary_sensor.buerotuer_contact";
|
||||||
|
|
||||||
|
# get the list of all
|
||||||
|
name = "tueraudio";
|
||||||
|
prefix = "http://localhost:8123/local/${name}";
|
||||||
|
audiodir = "${config.services.home-assistant.configDir}/www/${name}";
|
||||||
|
recordrepo = pkgs.fetchFromGitHub {
|
||||||
|
owner = "makefu";
|
||||||
|
repo = "philosophische_tuer";
|
||||||
|
rev = "17544c6";
|
||||||
|
sha256 = "0bm0697fyf6s05c6yw6y25cyck04rlxj1dgazkq8mfqk6756v2bq";
|
||||||
|
};
|
||||||
|
samples = user: lib.mapAttrsToList
|
||||||
|
(file: _: ''"${prefix}/${name}/${user}/${file}"'')
|
||||||
|
(builtins.readDir (toString ( recordrepo+ "/recordings/${user}")));
|
||||||
|
random_tuerspruch = ''{{'' + (lib.concatStringsSep "," ((samples "Felix") ++ (samples "Sofia") ++ (samples "Markus"))) + ''| random}}''; # TODO read from derivation
|
||||||
|
in
|
||||||
|
{
|
||||||
|
systemd.tmpfiles.rules = [
|
||||||
|
"d ${audiodir} - hass hass - -"
|
||||||
|
];
|
||||||
|
|
||||||
|
systemd.services.copy-philosophische-tuersounds = {
|
||||||
|
description = "copy philosophische tuer";
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
serviceConfig = {
|
||||||
|
Type = "oneshot";
|
||||||
|
User = "hass";
|
||||||
|
WorkingDirectory = audiodir;
|
||||||
|
ExecStart = pkgs.writeDash "update-samples" ''
|
||||||
|
cp -vr ${recordrepo} ${audiodir}
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services.home-assistant.config.media_extractor = { };
|
||||||
|
services.home-assistant.config.script."philosophische_tuer" = {
|
||||||
|
alias = "Durchsage der philosophischen Tür";
|
||||||
|
sequence = [
|
||||||
|
{ service = "media_player.play_media";
|
||||||
|
data = {
|
||||||
|
entity_id = "media_player.mpd";
|
||||||
|
media_content_type = "playlist";
|
||||||
|
media_content_id = "ansage";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
{ delay.seconds = 5; }
|
||||||
|
{ service = "media_extractor.play_media";
|
||||||
|
entity_id = "media_player.mpd";
|
||||||
|
data_template = {
|
||||||
|
media_content_id = random_tuerspruch;
|
||||||
|
media_content_type = "MUSIC";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
services.home-assistant.config.automation =
|
||||||
|
[
|
||||||
|
{
|
||||||
|
alias = "Tür offen seit ${toString short_threshold} sekunden";
|
||||||
|
trigger =
|
||||||
|
{ platform = "state";
|
||||||
|
entity_id = sensor;
|
||||||
|
to = "on";
|
||||||
|
for.seconds = 60;
|
||||||
|
};
|
||||||
|
condition = { };
|
||||||
|
|
||||||
|
action = [
|
||||||
|
{ service = "homeassistant.turn_on";
|
||||||
|
entity_id = [
|
||||||
|
"script.philosophische_tuer"
|
||||||
|
];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
||||||
|
{
|
||||||
|
alias = "Tür offen seit ${toString long_threshold} minuten";
|
||||||
|
trigger =
|
||||||
|
{ platform = "state";
|
||||||
|
entity_id = sensor;
|
||||||
|
to = "on";
|
||||||
|
for.minutes = long_threshold;
|
||||||
|
};
|
||||||
|
condition = { };
|
||||||
|
|
||||||
|
action = [
|
||||||
|
{ service = "homeassistant.turn_on";
|
||||||
|
entity_id = [
|
||||||
|
"script.philosophische_tuer"
|
||||||
|
];
|
||||||
|
}
|
||||||
|
{ service = "tts.google_say";
|
||||||
|
entity_id = "media_player.mpd";
|
||||||
|
data_template = {
|
||||||
|
message = "BEEP BOOP - Die Tür ist schon seit ${toString long_threshold} Minuten offen! Student Nummer {{ range(1,500) | random }}, bitte schliesse die Tür";
|
||||||
|
language = "de";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
@ -1,12 +1,15 @@
|
|||||||
{ config, pkgs, lib, ... }:
|
{ config, pkgs, lib, ... }:
|
||||||
let
|
let
|
||||||
kodi-host = "192.168.8.11";
|
kodi-host = "192.168.8.11";
|
||||||
|
unstable = import <nixpkgs-unstable> {};
|
||||||
in {
|
in {
|
||||||
imports = [
|
imports = [
|
||||||
./ota.nix
|
./ota.nix
|
||||||
./comic-updater.nix
|
./comic-updater.nix
|
||||||
./puppy-proxy.nix
|
./puppy-proxy.nix
|
||||||
|
|
||||||
|
./zigbee2mqtt
|
||||||
|
|
||||||
# hass config
|
# hass config
|
||||||
## complex configs
|
## complex configs
|
||||||
./multi/daily-standup.nix
|
./multi/daily-standup.nix
|
||||||
@ -39,15 +42,22 @@ in {
|
|||||||
./automation/bureau-shutdown.nix
|
./automation/bureau-shutdown.nix
|
||||||
./automation/nachtlicht.nix
|
./automation/nachtlicht.nix
|
||||||
./automation/schlechteluft.nix
|
./automation/schlechteluft.nix
|
||||||
|
./automation/philosophische-tuer.nix
|
||||||
./automation/hass-restart.nix
|
./automation/hass-restart.nix
|
||||||
./device_tracker/openwrt.nix
|
./device_tracker/openwrt.nix
|
||||||
./person/team.nix
|
./person/team.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
networking.firewall.allowedTCPPorts = [ 8123 ];
|
networking.firewall.allowedTCPPorts = [ 8123 ];
|
||||||
state = [ "/var/lib/hass/known_devices.yaml" ];
|
state = [ "/var/lib/hass/known_devices.yaml" ];
|
||||||
|
|
||||||
services.home-assistant = {
|
services.home-assistant = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
package = (unstable.home-assistant.overrideAttrs (old: {
|
||||||
|
doInstallCheck = false;
|
||||||
|
})).override {
|
||||||
|
extraPackages = p: [ p.APScheduler ];
|
||||||
|
};
|
||||||
autoExtraComponents = true;
|
autoExtraComponents = true;
|
||||||
config = {
|
config = {
|
||||||
config = {};
|
config = {};
|
||||||
|
@ -12,13 +12,18 @@ in
|
|||||||
services.zigbee2mqtt = {
|
services.zigbee2mqtt = {
|
||||||
enable = true;
|
enable = true;
|
||||||
inherit dataDir;
|
inherit dataDir;
|
||||||
|
config = {
|
||||||
|
permit_join = true;
|
||||||
|
serial.port = "/dev/cc2531";
|
||||||
|
homeassistant = true;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
state = [ "${dataDir}/configuration.yaml" "${dataDir}/state.json" ];
|
state = [ "${dataDir}/devices.yaml" "${dataDir}/state.json" ];
|
||||||
|
|
||||||
systemd.services.zigbee2mqtt = {
|
systemd.services.zigbee2mqtt = {
|
||||||
# override automatic configuration.yaml deployment
|
# override automatic configuration.yaml deployment
|
||||||
serviceConfig.ExecStartPre = lib.mkForce "${pkgs.coreutils}/bin/true";
|
environment.ZIGBEE2MQTT_DATA = dataDir;
|
||||||
after = [
|
after = [
|
||||||
"home-assistant.service"
|
"home-assistant.service"
|
||||||
"mosquitto.service"
|
"mosquitto.service"
|
@ -57,6 +57,7 @@ with import <stockholm/lib>;
|
|||||||
environment.shellAliases = {
|
environment.shellAliases = {
|
||||||
# TODO: see .aliases
|
# TODO: see .aliases
|
||||||
lsl = "ls -lAtr";
|
lsl = "ls -lAtr";
|
||||||
|
ip = "ip -c -br";
|
||||||
dmesg = "dmesg -L --reltime";
|
dmesg = "dmesg -L --reltime";
|
||||||
psg = "ps -ef | grep";
|
psg = "ps -ef | grep";
|
||||||
nmap = "nmap -oN $HOME/loot/scan-`date +\%s`.nmap -oX $HOME/loot/scan-`date +%s`.xml";
|
nmap = "nmap -oN $HOME/loot/scan-`date +\%s`.nmap -oX $HOME/loot/scan-`date +%s`.xml";
|
||||||
|
@ -10,13 +10,14 @@
|
|||||||
};
|
};
|
||||||
services.xserver = {
|
services.xserver = {
|
||||||
|
|
||||||
windowManager = lib.mkForce {
|
windowManager = lib.mkForce { awesome.enable = false; };
|
||||||
awesome.enable = false;
|
displayManager.gdm.enable = true;
|
||||||
};
|
displayManager.autoLogin = {
|
||||||
desktopManager.xfce = {
|
|
||||||
enable = true;
|
enable = true;
|
||||||
|
user = "makefu";
|
||||||
};
|
};
|
||||||
displayManager.defaultSession = "xfce";
|
displayManager.defaultSession = "gnome";
|
||||||
|
desktopManager.gnome3.enable = true;
|
||||||
displayManager.sessionCommands = ''
|
displayManager.sessionCommands = ''
|
||||||
${pkgs.xlibs.xset}/bin/xset -display :0 s off -dpms
|
${pkgs.xlibs.xset}/bin/xset -display :0 s off -dpms
|
||||||
${pkgs.xlibs.xrandr}/bin/xrandr --output HDMI2 --right-of HDMI1
|
${pkgs.xlibs.xrandr}/bin/xrandr --output HDMI2 --right-of HDMI1
|
||||||
@ -25,6 +26,10 @@
|
|||||||
# prevent screen from turning off, disable dpms
|
# prevent screen from turning off, disable dpms
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
environment.systemPackages = [ pkgs.gnomeExtensions.appindicator ];
|
||||||
|
services.dbus.packages = with pkgs; [ gnome2.GConf gnome3.gnome-settings-daemon ];
|
||||||
|
|
||||||
systemd.services.xset-off = {
|
systemd.services.xset-off = {
|
||||||
after = [ "display-manager.service" ];
|
after = [ "display-manager.service" ];
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
29
makefu/2configs/home/airsonic.nix
Normal file
29
makefu/2configs/home/airsonic.nix
Normal file
@ -0,0 +1,29 @@
|
|||||||
|
{ config, ... }:
|
||||||
|
let
|
||||||
|
internal-ip = "192.168.1.11";
|
||||||
|
port = 4040;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
# networking.firewall.allowedTCPPorts = [ 4040 ];
|
||||||
|
services.airsonic = {
|
||||||
|
enable = true;
|
||||||
|
listenAddress = "0.0.0.0";
|
||||||
|
inherit port;
|
||||||
|
};
|
||||||
|
state = [ config.services.airsonic.home ];
|
||||||
|
services.nginx.virtualHosts."airsonic" = {
|
||||||
|
serverAliases = [
|
||||||
|
"airsonic.lan"
|
||||||
|
"music" "music.lan"
|
||||||
|
"musik" "musik.lan"
|
||||||
|
];
|
||||||
|
|
||||||
|
locations."/".proxyPass = "http://localhost:${toString port}";
|
||||||
|
locations."/".proxyWebsockets = true;
|
||||||
|
extraConfig = ''
|
||||||
|
if ( $server_addr != "${internal-ip}" ) {
|
||||||
|
return 403;
|
||||||
|
}
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
}
|
33
makefu/2configs/home/ham/automation/fenster_auf.nix
Normal file
33
makefu/2configs/home/ham/automation/fenster_auf.nix
Normal file
@ -0,0 +1,33 @@
|
|||||||
|
let
|
||||||
|
min = 20;
|
||||||
|
fenster_offen = name: entity:
|
||||||
|
{ alias = "${name} seit ${toString min} Minuten offen";
|
||||||
|
trigger = [
|
||||||
|
{
|
||||||
|
platform = "state";
|
||||||
|
entity_id = entity;
|
||||||
|
to = "on";
|
||||||
|
for.minutes = min;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
action =
|
||||||
|
[
|
||||||
|
{
|
||||||
|
service = "notify.firetv_wohnzimmer";
|
||||||
|
data = {
|
||||||
|
title = "${name} seit ${toString min} Minuten offen";
|
||||||
|
message = "Bitte einmal checken ob das ok ist :)";
|
||||||
|
data = {
|
||||||
|
interrupt = 1;
|
||||||
|
duration = 300;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
in {
|
||||||
|
services.home-assistant.config.automation = [
|
||||||
|
(fenster_offen "Badezimmerfenster" "binary_sensor.badezimmer_fenster_contact")
|
||||||
|
(fenster_offen "Duschfenster" "binary_sensor.dusche_fenster_contact")
|
||||||
|
];
|
||||||
|
}
|
@ -7,10 +7,15 @@ let
|
|||||||
prefix = (import ./lib).prefix;
|
prefix = (import ./lib).prefix;
|
||||||
firetv_stick = "192.168.1.24";
|
firetv_stick = "192.168.1.24";
|
||||||
hassdir = "/var/lib/hass";
|
hassdir = "/var/lib/hass";
|
||||||
|
unstable = import <nixpkgs-unstable> {};
|
||||||
|
|
||||||
|
|
||||||
in {
|
in {
|
||||||
imports = [
|
imports = [
|
||||||
|
./nginx.nix
|
||||||
./mqtt.nix
|
./mqtt.nix
|
||||||
./zigbee2mqtt/default.nix
|
./zigbee2mqtt
|
||||||
|
./signal-rest
|
||||||
|
|
||||||
# hass config
|
# hass config
|
||||||
./zigbee2mqtt/hass.nix
|
./zigbee2mqtt/hass.nix
|
||||||
@ -25,11 +30,13 @@ in {
|
|||||||
|
|
||||||
./calendar/nextcloud.nix
|
./calendar/nextcloud.nix
|
||||||
|
|
||||||
|
./automation/fenster_auf.nix
|
||||||
./automation/firetv_restart.nix
|
./automation/firetv_restart.nix
|
||||||
./automation/light_buttons.nix
|
./automation/light_buttons.nix
|
||||||
./automation/wohnzimmer_rf_fernbedienung.nix
|
./automation/wohnzimmer_rf_fernbedienung.nix
|
||||||
./automation/giesskanne.nix
|
./automation/giesskanne.nix
|
||||||
./automation/urlaub.nix
|
#./automation/urlaub.nix
|
||||||
|
./automation/moodlight.nix
|
||||||
|
|
||||||
./light/arbeitszimmer.nix
|
./light/arbeitszimmer.nix
|
||||||
./light/schlafzimmer.nix
|
./light/schlafzimmer.nix
|
||||||
@ -37,6 +44,15 @@ in {
|
|||||||
];
|
];
|
||||||
|
|
||||||
services.home-assistant = {
|
services.home-assistant = {
|
||||||
|
package = (unstable.home-assistant.overrideAttrs (old: {
|
||||||
|
doInstallCheck = false;
|
||||||
|
})).override {
|
||||||
|
extraPackages = p: [
|
||||||
|
(p.callPackage ./deps/dwdwfsapi.nix {})
|
||||||
|
(p.callPackage ./deps/pykodi.nix {})
|
||||||
|
p.APScheduler ];
|
||||||
|
};
|
||||||
|
|
||||||
config = {
|
config = {
|
||||||
influxdb = {
|
influxdb = {
|
||||||
database = "ham";
|
database = "ham";
|
||||||
@ -53,6 +69,13 @@ in {
|
|||||||
latitude = "48.7687";
|
latitude = "48.7687";
|
||||||
longitude = "9.2478";
|
longitude = "9.2478";
|
||||||
elevation = 247;
|
elevation = 247;
|
||||||
|
auth_providers = [
|
||||||
|
{ type = "trusted_networks";
|
||||||
|
trusted_networks = [ "192.168.1.0/24" ];
|
||||||
|
allow_bypass_login = true;
|
||||||
|
}
|
||||||
|
{ type = "homeassistant"; }
|
||||||
|
];
|
||||||
};
|
};
|
||||||
discovery = {};
|
discovery = {};
|
||||||
conversation = {};
|
conversation = {};
|
||||||
@ -72,33 +95,39 @@ in {
|
|||||||
api = {};
|
api = {};
|
||||||
esphome = {};
|
esphome = {};
|
||||||
camera = [];
|
camera = [];
|
||||||
telegram_bot = [
|
#telegram_bot = [
|
||||||
# secrets file: {
|
# # secrets file: {
|
||||||
# "platform": "broadcast",
|
# # "platform": "broadcast",
|
||||||
# "api_key": "", # talk to Botfather /newbot
|
# # "api_key": "", # talk to Botfather /newbot
|
||||||
# "allowed_chat_ids": [ ID ] # curl -X GET # https://api.telegram.org/bot<YOUR_API_TOKEN>/getUpdates
|
# # "allowed_chat_ids": [ ID ] # curl -X GET # https://api.telegram.org/bot<YOUR_API_TOKEN>/getUpdates
|
||||||
# }
|
# # }
|
||||||
(builtins.fromJSON
|
# (builtins.fromJSON
|
||||||
(builtins.readFile <secrets/hass/telegram-bot.json>))
|
# (builtins.readFile <secrets/hass/telegram-bot.json>))
|
||||||
];
|
#];
|
||||||
notify = [
|
notify = [
|
||||||
{
|
{
|
||||||
platform = "kodi";
|
platform = "kodi";
|
||||||
name = "wohnzimmer";
|
name = "Kodi Wohnzimmer";
|
||||||
host = firetv_stick;
|
host = firetv_stick;
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
platform = "telegram";
|
platform = "nfandroidtv";
|
||||||
name = "telegrambot";
|
name = "FireTV Wohnzimmer";
|
||||||
chat_id = builtins.elemAt
|
host = firetv_stick;
|
||||||
(builtins.fromJSON (builtins.readFile
|
|
||||||
<secrets/hass/telegram-bot.json>)).allowed_chat_ids 0;
|
|
||||||
}
|
}
|
||||||
|
#{
|
||||||
|
# platform = "telegram";
|
||||||
|
# name = "telegrambot";
|
||||||
|
# chat_id = builtins.elemAt
|
||||||
|
# (builtins.fromJSON (builtins.readFile
|
||||||
|
# <secrets/hass/telegram-bot.json>)).allowed_chat_ids 0;
|
||||||
|
#}
|
||||||
];
|
];
|
||||||
sun.elevation = 247;
|
sun.elevation = 247;
|
||||||
recorder = {};
|
recorder = {};
|
||||||
media_player = [
|
media_player = [
|
||||||
{ platform = "FireTV Stick kodi";
|
{ platform = "kodi";
|
||||||
|
name = "FireTV Stick kodi";
|
||||||
host = firetv_stick;
|
host = firetv_stick;
|
||||||
}
|
}
|
||||||
{ platform = "androidtv";
|
{ platform = "androidtv";
|
||||||
@ -146,7 +175,12 @@ in {
|
|||||||
# https://www.home-assistant.io/cookbook/automation_for_rainy_days/
|
# https://www.home-assistant.io/cookbook/automation_for_rainy_days/
|
||||||
];
|
];
|
||||||
frontend = { };
|
frontend = { };
|
||||||
http = { };
|
http = {
|
||||||
|
use_x_forwarded_for = true;
|
||||||
|
server_host = "127.0.0.1";
|
||||||
|
trusted_proxies = [ "127.0.0.1" ];
|
||||||
|
#trusted_proxies = [ "192.168.1.0/24" ];
|
||||||
|
};
|
||||||
switch = [];
|
switch = [];
|
||||||
automation = [];
|
automation = [];
|
||||||
script = { };
|
script = { };
|
15
makefu/2configs/home/ham/nginx.nix
Normal file
15
makefu/2configs/home/ham/nginx.nix
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
let
|
||||||
|
internal-ip = "192.168.1.11";
|
||||||
|
in {
|
||||||
|
services.nginx.recommendedProxySettings = true;
|
||||||
|
services.nginx.virtualHosts."hass" = {
|
||||||
|
serverAliases = [ "hass.lan" "ha" "ha.lan" ];
|
||||||
|
locations."/".proxyPass = "http://localhost:8123";
|
||||||
|
locations."/".proxyWebsockets = true;
|
||||||
|
extraConfig = ''
|
||||||
|
if ( $server_addr != "${internal-ip}" ) {
|
||||||
|
return 403;
|
||||||
|
}
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
}
|
18
makefu/2configs/home/ham/signal-rest/default.nix
Normal file
18
makefu/2configs/home/ham/signal-rest/default.nix
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
|
||||||
|
let
|
||||||
|
port = 8631;
|
||||||
|
image = "bbernhard/signal-cli-rest-api:latest";
|
||||||
|
config = "/var/lib/signal-cli-config";
|
||||||
|
in {
|
||||||
|
systemd.tmpfiles.rules = [
|
||||||
|
"d ${config} docker docker - -"
|
||||||
|
];
|
||||||
|
state = [ config ];
|
||||||
|
virtualisation.oci-containers.containers.signal-rest = {
|
||||||
|
image = image;
|
||||||
|
ports = [ "127.0.0.1:${toString port}:8080" ];
|
||||||
|
volumes = [
|
||||||
|
"${config}:/home/.local/share/signal-cli"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
91
makefu/2configs/home/ham/zigbee2mqtt/default.nix
Normal file
91
makefu/2configs/home/ham/zigbee2mqtt/default.nix
Normal file
@ -0,0 +1,91 @@
|
|||||||
|
{config, pkgs, lib, ...}:
|
||||||
|
|
||||||
|
let
|
||||||
|
dataDir = "/var/lib/zigbee2mqtt";
|
||||||
|
sec = import <secrets/zigbee2mqtt.nix>;
|
||||||
|
internal-ip = "192.168.1.11";
|
||||||
|
webport = 8521;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
# symlink the zigbee controller
|
||||||
|
#services.udev.extraRules = ''
|
||||||
|
# SUBSYSTEM=="tty", ATTRS{idVendor}=="0451", ATTRS{idProduct}=="16a8", SYMLINK+="cc2531", MODE="0660", GROUP="dialout"
|
||||||
|
#'';
|
||||||
|
|
||||||
|
# /dev/serial/by-id/usb-Silicon_Labs_slae.sh_cc2652rb_stick_-_slaesh_s_iot_stuff_00_12_4B_00_21_CC_45_BD-if00-port0
|
||||||
|
services.udev.extraRules = ''
|
||||||
|
SUBSYSTEM=="tty", ATTRS{idVendor}=="10c4", ATTRS{idProduct}=="ea60", SYMLINK+="cc2531", MODE="0660", GROUP="dialout"
|
||||||
|
'';
|
||||||
|
|
||||||
|
services.zigbee2mqtt = {
|
||||||
|
enable = true;
|
||||||
|
inherit dataDir;
|
||||||
|
config = {
|
||||||
|
permit_join = true;
|
||||||
|
serial.port = "/dev/cc2531";
|
||||||
|
homeassistant = true;
|
||||||
|
mqtt = {
|
||||||
|
server = "mqtt://omo.lan:1883";
|
||||||
|
base_topic = "/ham/zigbee";
|
||||||
|
user = sec.mqtt.username;
|
||||||
|
password = sec.mqtt.password;
|
||||||
|
include_device_information = true;
|
||||||
|
client_id = "zigbee2mqtt";
|
||||||
|
};
|
||||||
|
frontend = {
|
||||||
|
port = webport;
|
||||||
|
};
|
||||||
|
advanced = {
|
||||||
|
log_level = "debug";
|
||||||
|
log_output = [ "console" ];
|
||||||
|
last_seen = "ISO_8601";
|
||||||
|
elapsed = true;
|
||||||
|
reporting = true; # TODO test if it is better with groups
|
||||||
|
pan_id = 6755;
|
||||||
|
inherit (sec.zigbee) network_key;
|
||||||
|
};
|
||||||
|
map_options.graphviz.colors = {
|
||||||
|
fill = {
|
||||||
|
enddevice = "#fff8ce" ;
|
||||||
|
coordinator = "#e04e5d";
|
||||||
|
router = "#4ea3e0";
|
||||||
|
};
|
||||||
|
font = {
|
||||||
|
coordinator= "#ffffff";
|
||||||
|
router = "#ffffff";
|
||||||
|
enddevice = "#000000";
|
||||||
|
};
|
||||||
|
line = {
|
||||||
|
active = "#009900";
|
||||||
|
inactive = "#994444";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services.nginx.recommendedProxySettings = true;
|
||||||
|
services.nginx.virtualHosts."zigbee" = {
|
||||||
|
serverAliases = [ "zigbee.lan" ];
|
||||||
|
locations."/".proxyPass = "http://localhost:${toString webport}";
|
||||||
|
locations."/api".proxyPass = "http://localhost:${toString webport}";
|
||||||
|
locations."/api".proxyWebsockets = true;
|
||||||
|
extraConfig = ''
|
||||||
|
if ( $server_addr != "${internal-ip}" ) {
|
||||||
|
return 403;
|
||||||
|
}
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
state = [ "${dataDir}/devices.yaml" "${dataDir}/state.json" ];
|
||||||
|
|
||||||
|
systemd.services.zigbee2mqtt = {
|
||||||
|
# override automatic configuration.yaml deployment
|
||||||
|
environment.ZIGBEE2MQTT_DATA = dataDir;
|
||||||
|
#serviceConfig.ExecStartPre = lib.mkForce "${pkgs.coreutils}/bin/true";
|
||||||
|
after = [
|
||||||
|
"home-assistant.service"
|
||||||
|
"mosquitto.service"
|
||||||
|
"network-online.target"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
130
makefu/2configs/home/ham/zigbee2mqtt/hass.nix
Normal file
130
makefu/2configs/home/ham/zigbee2mqtt/hass.nix
Normal file
@ -0,0 +1,130 @@
|
|||||||
|
# provides:
|
||||||
|
# switch
|
||||||
|
# automation
|
||||||
|
# binary_sensor
|
||||||
|
# sensor
|
||||||
|
# input_select
|
||||||
|
# timer
|
||||||
|
let
|
||||||
|
inherit (import ../lib) zigbee;
|
||||||
|
prefix = zigbee.prefix;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
services.home-assistant.config = {
|
||||||
|
sensor =
|
||||||
|
|
||||||
|
[
|
||||||
|
# Sensor for monitoring the bridge state
|
||||||
|
{
|
||||||
|
platform = "mqtt";
|
||||||
|
name = "Zigbee2mqtt Bridge state";
|
||||||
|
state_topic = "${prefix}/bridge/state";
|
||||||
|
icon = "mdi:router-wireless";
|
||||||
|
}
|
||||||
|
# Sensor for Showing the Zigbee2mqtt Version
|
||||||
|
{
|
||||||
|
platform = "mqtt";
|
||||||
|
name = "Zigbee2mqtt Version";
|
||||||
|
state_topic = "${prefix}/bridge/config";
|
||||||
|
value_template = "{{ value_json.version }}";
|
||||||
|
icon = "mdi:zigbee";
|
||||||
|
}
|
||||||
|
# Sensor for Showing the Coordinator Version
|
||||||
|
{
|
||||||
|
platform = "mqtt";
|
||||||
|
name = "Coordinator Version";
|
||||||
|
state_topic = "${prefix}/bridge/config";
|
||||||
|
value_template = "{{ value_json.coordinator }}";
|
||||||
|
icon = "mdi:chip";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
switch = [
|
||||||
|
{
|
||||||
|
platform = "mqtt";
|
||||||
|
name = "Zigbee2mqtt Main join";
|
||||||
|
state_topic = "${prefix}/bridge/config/permit_join";
|
||||||
|
command_topic = "${prefix}/bridge/config/permit_join";
|
||||||
|
payload_on = "true";
|
||||||
|
payload_off = "false";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
automation = [
|
||||||
|
{
|
||||||
|
alias = "Zigbee2mqtt Log Level";
|
||||||
|
initial_state = "on";
|
||||||
|
trigger = {
|
||||||
|
platform = "state";
|
||||||
|
entity_id = "input_select.zigbee2mqtt_log_level";
|
||||||
|
};
|
||||||
|
action = [
|
||||||
|
{
|
||||||
|
service = "mqtt.publish";
|
||||||
|
data = {
|
||||||
|
payload_template = "{{ states('input_select.zigbee2mqtt_log_level') }}";
|
||||||
|
topic = "${prefix}/bridge/config/log_level";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
||||||
|
# Automation to start timer when enable join is turned on
|
||||||
|
{
|
||||||
|
id = "zigbee_join_enabled";
|
||||||
|
alias = "Zigbee Join Enabled";
|
||||||
|
trigger =
|
||||||
|
{
|
||||||
|
platform = "state";
|
||||||
|
entity_id = "switch.zigbee2mqtt_main_join";
|
||||||
|
to = "on";
|
||||||
|
};
|
||||||
|
action =
|
||||||
|
{
|
||||||
|
service = "timer.start";
|
||||||
|
entity_id = "timer.zigbee_permit_join";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
# # Automation to stop timer when switch turned off and turn off switch when timer finished
|
||||||
|
{
|
||||||
|
id = "zigbee_join_disabled";
|
||||||
|
alias = "Zigbee Join Disabled";
|
||||||
|
trigger = [
|
||||||
|
{
|
||||||
|
platform = "event";
|
||||||
|
event_type = "timer.finished";
|
||||||
|
event_data.entity_id = "timer.zigbee_permit_join";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
platform = "state";
|
||||||
|
entity_id = "switch.zigbee2mqtt_main_join";
|
||||||
|
to = "off";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
action = [
|
||||||
|
{ service = "timer.cancel";
|
||||||
|
data.entity_id = "timer.zigbee_permit_join";
|
||||||
|
}
|
||||||
|
{ service = "switch.turn_off";
|
||||||
|
entity_id = "switch.zigbee2mqtt_main_join";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
input_select.zigbee2mqtt_log_level =
|
||||||
|
{
|
||||||
|
name = "Zigbee2mqtt Log Level";
|
||||||
|
options = [
|
||||||
|
"debug"
|
||||||
|
"info"
|
||||||
|
"warn"
|
||||||
|
"error"
|
||||||
|
];
|
||||||
|
initial = "info";
|
||||||
|
icon = "mdi:format-list-bulleted";
|
||||||
|
};
|
||||||
|
|
||||||
|
timer.zigbee_permit_join =
|
||||||
|
{
|
||||||
|
name = "Zigbee Time remaining";
|
||||||
|
duration = 120;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
35
makefu/2configs/home/metube.nix
Normal file
35
makefu/2configs/home/metube.nix
Normal file
@ -0,0 +1,35 @@
|
|||||||
|
{ pkgs, lib, ...}:
|
||||||
|
# docker run -d -p 8081:8081 -v /path/to/downloads:/downloads --user 1001:1001 alexta69/metube
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
let
|
||||||
|
port = "2348";
|
||||||
|
dl-dir = "/media/cryptX/youtube/music";
|
||||||
|
uid = 20421;
|
||||||
|
internal-ip = "192.168.1.11";
|
||||||
|
in
|
||||||
|
{
|
||||||
|
systemd.tmpfiles.rules = [
|
||||||
|
"d ${dl-dir} metube nogroup - -"
|
||||||
|
];
|
||||||
|
virtualisation.oci-containers.backend = "docker";
|
||||||
|
|
||||||
|
services.nginx.virtualHosts."tube" = {
|
||||||
|
serverAliases = [ "tube.lan" ];
|
||||||
|
locations."/".proxyPass = "http://localhost:${port}";
|
||||||
|
};
|
||||||
|
|
||||||
|
virtualisation.oci-containers.containers.metube = {
|
||||||
|
image = "alexta69/metube:latest";
|
||||||
|
ports = [ "${port}:8081" ];
|
||||||
|
volumes = [
|
||||||
|
"${dl-dir}:/downloads"
|
||||||
|
];
|
||||||
|
user = "metube";
|
||||||
|
};
|
||||||
|
users.users.metube.uid = uid;
|
||||||
|
|
||||||
|
systemd.services.docker-metube.serviceConfig = {
|
||||||
|
StandardOutput = lib.mkForce "journal";
|
||||||
|
StandardError = lib.mkForce "journal";
|
||||||
|
};
|
||||||
|
}
|
147
makefu/2configs/home/photoprism.nix
Normal file
147
makefu/2configs/home/photoprism.nix
Normal file
@ -0,0 +1,147 @@
|
|||||||
|
{ pkgs, lib, ...}:
|
||||||
|
# Start | docker-compose up -d
|
||||||
|
# Stop | docker-compose stop
|
||||||
|
# Update | docker-compose pull
|
||||||
|
# Logs | docker-compose logs --tail=25 -f
|
||||||
|
# Terminal | docker-compose exec photoprism bash
|
||||||
|
# Help | docker-compose exec photoprism photoprism help
|
||||||
|
# Config | docker-compose exec photoprism photoprism config
|
||||||
|
# Reset | docker-compose exec photoprism photoprism reset
|
||||||
|
# Backup | docker-compose exec photoprism photoprism backup -a -i
|
||||||
|
# Restore | docker-compose exec photoprism photoprism restore -a -i
|
||||||
|
# Index | docker-compose exec photoprism photoprism index
|
||||||
|
# Reindex | docker-compose exec photoprism photoprism index -a
|
||||||
|
# Import | docker-compose exec photoprism photoprism import
|
||||||
|
# -------------------------------------------------------------------
|
||||||
|
let
|
||||||
|
port = "2347";
|
||||||
|
photodir = "/media/cryptX/photos";
|
||||||
|
statedir = "/media/cryptX/lib/photoprism/appsrv";
|
||||||
|
db-dir = "/media/cryptX/lib/photoprism/mysql";
|
||||||
|
internal-ip = "192.168.1.11";
|
||||||
|
sec = import <secrets/photoprism.nix>;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
virtualisation.oci-containers.backend = "docker";
|
||||||
|
|
||||||
|
services.nginx.virtualHosts."photos" = {
|
||||||
|
serverAliases = [
|
||||||
|
"photos.lan"
|
||||||
|
"foto" "foto.lan"
|
||||||
|
"fotos" "fotos.lan"
|
||||||
|
];
|
||||||
|
|
||||||
|
locations."/".proxyPass = "http://localhost:${port}";
|
||||||
|
locations."/".proxyWebsockets = true;
|
||||||
|
extraConfig = ''
|
||||||
|
if ( $server_addr != "${internal-ip}" ) {
|
||||||
|
return 403;
|
||||||
|
}
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.workadventure-network = {
|
||||||
|
enable = true;
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
script = ''
|
||||||
|
${pkgs.docker}/bin/docker network create --driver bridge photoprism ||:
|
||||||
|
'';
|
||||||
|
after = [ "docker" ];
|
||||||
|
before = [
|
||||||
|
"docker-photoprism.service"
|
||||||
|
"docker-mysql-photoprism.service"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
virtualisation.oci-containers.containers.photoprism = {
|
||||||
|
image = "photoprism/photoprism:preview";
|
||||||
|
ports = ["${port}:${port}" ];
|
||||||
|
volumes = [
|
||||||
|
"${photodir}:/photoprism/originals"
|
||||||
|
"${statedir}:/photoprism/storage"
|
||||||
|
];
|
||||||
|
extraOptions = [
|
||||||
|
"--security-opt" "seccomp=unconfined"
|
||||||
|
"--security-opt" "apparmor=unconfined"
|
||||||
|
"--network=photoprism"
|
||||||
|
];
|
||||||
|
environment = {
|
||||||
|
PHOTOPRISM_HTTP_PORT = port; # Built-in Web server port
|
||||||
|
PHOTOPRISM_HTTP_COMPRESSION = "gzip"; # Improves transfer speed and bandwidth utilization (none or gzip)
|
||||||
|
PHOTOPRISM_DEBUG = "false"; # Run in debug mode (shows additional log messages)
|
||||||
|
PHOTOPRISM_PUBLIC = "true"; # No authentication required (disables password protection)
|
||||||
|
PHOTOPRISM_READONLY = "false"; # Don't modify originals directory (reduced functionality)
|
||||||
|
PHOTOPRISM_EXPERIMENTAL = "true"; # Enables experimental features
|
||||||
|
PHOTOPRISM_DISABLE_WEBDAV = "false"; # Disables built-in WebDAV server
|
||||||
|
PHOTOPRISM_DISABLE_SETTINGS = "false"; # Disables Settings in Web UI
|
||||||
|
PHOTOPRISM_DISABLE_TENSORFLOW = "false"; # Disables using TensorFlow for image classification
|
||||||
|
PHOTOPRISM_DARKTABLE_PRESETS = "false"; # Enables Darktable presets and disables concurrent RAW conversion
|
||||||
|
PHOTOPRISM_DETECT_NSFW = "false"; # Flag photos as private that MAY be offensive (requires TensorFlow)
|
||||||
|
PHOTOPRISM_UPLOAD_NSFW = "true"; # Allow uploads that MAY be offensive
|
||||||
|
|
||||||
|
#PHOTOPRISM_DATABASE_DRIVER = "postgres";
|
||||||
|
#PHOTOPRISM_DATABASE_SERVER = "postgres-prism:5432";
|
||||||
|
#PHOTOPRISM_DATABASE_NAME = "photoprism";
|
||||||
|
#PHOTOPRISM_DATABASE_USER = "photoprism";
|
||||||
|
#PHOTOPRISM_DATABASE_PASSWORD = "photoprism";
|
||||||
|
|
||||||
|
PHOTOPRISM_DATABASE_DRIVER= "mysql"; # Use MariaDB (or MySQL) instead of SQLite for improved performance
|
||||||
|
PHOTOPRISM_DATABASE_SERVER= "mysql-photoprism:3306" ; # MariaDB database server (hostname:port)
|
||||||
|
PHOTOPRISM_DATABASE_NAME= "photoprism"; # MariaDB database schema name
|
||||||
|
PHOTOPRISM_DATABASE_USER= sec.db.username; # MariaDB database user name
|
||||||
|
PHOTOPRISM_DATABASE_PASSWORD= sec.db.password; # MariaDB database user password
|
||||||
|
|
||||||
|
PHOTOPRISM_SITE_URL = "http://localhost:2342/"; # Public PhotoPrism URL
|
||||||
|
PHOTOPRISM_SITE_TITLE = "PhotoPrism";
|
||||||
|
PHOTOPRISM_SITE_CAPTION = "FeMi Fotos";
|
||||||
|
PHOTOPRISM_SITE_DESCRIPTION = "Unsere Fotos";
|
||||||
|
PHOTOPRISM_SITE_AUTHOR = "FeMi";
|
||||||
|
PHOTOPRISM_SPONSOR = "true";
|
||||||
|
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
virtualisation.oci-containers.containers.mysql-photoprism = {
|
||||||
|
image = "mariadb:10.5";
|
||||||
|
extraOptions = [
|
||||||
|
"--security-opt" "seccomp=unconfined"
|
||||||
|
"--security-opt" "apparmor=unconfined"
|
||||||
|
"--network=photoprism"
|
||||||
|
];
|
||||||
|
ports = [ "3306:3306" ]; # no need to expose the database
|
||||||
|
#cmd = [ "mysqld"
|
||||||
|
# "--transaction-isolation=READ-COMMITTED"
|
||||||
|
# "--character-set-server=utf8mb4"
|
||||||
|
# "--collation-server=utf8mb4_unicode_ci"
|
||||||
|
# "--max-connections=512"
|
||||||
|
# "--innodb-rollback-on-timeout=OFF"
|
||||||
|
# "--innodb-lock-wait-timeout=50"
|
||||||
|
#];
|
||||||
|
volumes= [ "${db-dir}:/var/lib/mysql" ];
|
||||||
|
environment = {
|
||||||
|
MYSQL_ROOT_PASSWORD = "dickidibutt";
|
||||||
|
MYSQL_DATABASE= "photoprism";
|
||||||
|
MYSQL_USER = sec.db.username;
|
||||||
|
MYSQL_PASSWORD = sec.db.password;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
#virtualisation.oci-containers.containers.postgres-prism = {
|
||||||
|
# image = "postgres:12-alpine";
|
||||||
|
# ports = [ "5432" ]; # no need to expose the database
|
||||||
|
# environment = {
|
||||||
|
# POSTGRES_DB = "photoprism";
|
||||||
|
# POSTGRES_USER = "photoprism";
|
||||||
|
# POSTGRES_PASSWORD = "photoprism";
|
||||||
|
# };
|
||||||
|
#};
|
||||||
|
|
||||||
|
systemd.services.docker-photoprism.serviceConfig = {
|
||||||
|
StandardOutput = lib.mkForce "journal";
|
||||||
|
StandardError = lib.mkForce "journal";
|
||||||
|
};
|
||||||
|
systemd.services.docker-mysql-photoprism.serviceConfig = {
|
||||||
|
StandardOutput = lib.mkForce "journal";
|
||||||
|
StandardError = lib.mkForce "journal";
|
||||||
|
};
|
||||||
|
}
|
@ -1,6 +1,5 @@
|
|||||||
{ config, lib, pkgs, ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
with import <stockholm/lib>;
|
|
||||||
{
|
{
|
||||||
|
|
||||||
imports = [ ./tp-x2x0.nix <nixos-hardware/lenovo/thinkpad/x230> ];
|
imports = [ ./tp-x2x0.nix <nixos-hardware/lenovo/thinkpad/x230> ];
|
||||||
@ -11,6 +10,13 @@ with import <stockholm/lib>;
|
|||||||
# possible i915 powersave options:
|
# possible i915 powersave options:
|
||||||
# options i915 enable_rc6=1 enable_fbc=1 semaphores=1
|
# options i915 enable_rc6=1 enable_fbc=1 semaphores=1
|
||||||
|
|
||||||
|
boot.extraModprobeConfig = ''
|
||||||
|
options thinkpad_acpi fan_control=1
|
||||||
|
options i915 enable_rc6=1 enable_fbc=1 semaphores=1
|
||||||
|
'';
|
||||||
|
|
||||||
|
boot.initrd.availableKernelModules = [ "thinkpad_acpi" ];
|
||||||
|
|
||||||
services.xserver.displayManager.sessionCommands =''
|
services.xserver.displayManager.sessionCommands =''
|
||||||
xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation" 8 1
|
xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation" 8 1
|
||||||
xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Button" 8 2
|
xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Button" 8 2
|
||||||
|
11
makefu/2configs/hw/xmm7360.nix
Normal file
11
makefu/2configs/hw/xmm7360.nix
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
{ pkgs, config, ... }:
|
||||||
|
let
|
||||||
|
pkg = (pkgs.callPackage ../../5pkgs/xmm7360 { kernel = config.boot.kernelPackages.kernel; });
|
||||||
|
in
|
||||||
|
{
|
||||||
|
boot.extraModulePackages = [
|
||||||
|
pkg
|
||||||
|
];
|
||||||
|
boot.initrd.availableKernelModules = [ "xmm7360" ];
|
||||||
|
users.users.makefu.packages = [ pkg ];
|
||||||
|
}
|
@ -14,17 +14,17 @@ in {
|
|||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
# scanners are printers just in reverse anyway
|
|
||||||
services.saned.enable = true;
|
|
||||||
users.users."${mainUser}".extraGroups = [ "scanner" "lp" ];
|
users.users."${mainUser}".extraGroups = [ "scanner" "lp" ];
|
||||||
|
|
||||||
|
# scanners are printers just in reverse anyway
|
||||||
|
services.saned.enable = true;
|
||||||
hardware.sane = {
|
hardware.sane = {
|
||||||
enable = true;
|
enable = true;
|
||||||
extraBackends = [ ];
|
extraBackends = [ ];
|
||||||
netConf =
|
netConf =
|
||||||
# drucker.lan SCX-3205W
|
# drucker.lan SCX-3205W
|
||||||
''
|
''
|
||||||
192.168.1.6''
|
192.168.1.16''
|
||||||
# uhrenkind.shack magicolor 1690mf
|
# uhrenkind.shack magicolor 1690mf
|
||||||
+ ''
|
+ ''
|
||||||
10.42.20.30'';
|
10.42.20.30'';
|
||||||
|
28
makefu/2configs/share/omo-client.nix
Normal file
28
makefu/2configs/share/omo-client.nix
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
automount_opts =
|
||||||
|
[ "x-systemd.automount"
|
||||||
|
"noauto" "x-systemd.idle-timeout=600"
|
||||||
|
"x-systemd.device-timeout=5s"
|
||||||
|
"x-systemd.mount-timeout=5s"
|
||||||
|
];
|
||||||
|
host = "omo.lan"; #TODO
|
||||||
|
path = "/media/omo/photos";
|
||||||
|
in {
|
||||||
|
systemd.tmpfiles.rules = [
|
||||||
|
"d ${path} root root - -"
|
||||||
|
];
|
||||||
|
fileSystems."${path}" = {
|
||||||
|
device = "//${host}/photos";
|
||||||
|
fsType = "cifs";
|
||||||
|
options = automount_opts ++
|
||||||
|
[ "credentials=/var/src/secrets/omo-client.smb"
|
||||||
|
"file_mode=0775"
|
||||||
|
"dir_mode=0775"
|
||||||
|
"uid=9001"
|
||||||
|
"vers=3"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
}
|
@ -27,6 +27,7 @@ in {
|
|||||||
http.suppress-write-log = true;
|
http.suppress-write-log = true;
|
||||||
data.trace-logging-enabled = false;
|
data.trace-logging-enabled = false;
|
||||||
data.query-log-enabled = false;
|
data.query-log-enabled = false;
|
||||||
|
reporting-disabled = true;
|
||||||
|
|
||||||
http.bind-address = ":${toString influx-port}";
|
http.bind-address = ":${toString influx-port}";
|
||||||
admin.bind-address = ":8083";
|
admin.bind-address = ":8083";
|
||||||
|
27
makefu/2configs/storj/client.nix
Normal file
27
makefu/2configs/storj/client.nix
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
{ lib, ... }:
|
||||||
|
{
|
||||||
|
networking.firewall.allowedTCPPorts = [ 28967 ];
|
||||||
|
virtualisation.oci-containers.containers.storj-storagenode = {
|
||||||
|
image = "storjlabs/storagenode:latest";
|
||||||
|
ports = [
|
||||||
|
# TODO: omo ip
|
||||||
|
"0.0.0.0:28967:28967"
|
||||||
|
"127.0.0.1:14002:14002"
|
||||||
|
];
|
||||||
|
environment = {
|
||||||
|
# SETUP = "true"; # must be run only once ...
|
||||||
|
WALLET = "0xeD0d2a2B33F6812b45d2D9FF7a139A3fF65a24C0";
|
||||||
|
EMAIL = "storj.io@syntax-fehler.de";
|
||||||
|
ADDRESS = "euer.krebsco.de:28967";
|
||||||
|
STORAGE = "3TB";
|
||||||
|
};
|
||||||
|
volumes = [
|
||||||
|
"/media/cryptX/lib/storj/identity:/app/identity"
|
||||||
|
"/media/cryptX/lib/storj/storage:/app/config"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
systemd.services.docker-storj-storagenode.serviceConfig = {
|
||||||
|
StandardOutput = lib.mkForce "journal";
|
||||||
|
StandardError = lib.mkForce "journal";
|
||||||
|
};
|
||||||
|
}
|
22
makefu/2configs/storj/forward-port.nix
Normal file
22
makefu/2configs/storj/forward-port.nix
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
{
|
||||||
|
networking.firewall.allowedTCPPorts = [ 28967 ];
|
||||||
|
#networking.nat.forwardPorts = [
|
||||||
|
# { # storj
|
||||||
|
# destination = "10.243.0.89:28967";
|
||||||
|
# proto = "tcp";
|
||||||
|
# sourcePort = 28967;
|
||||||
|
# }
|
||||||
|
#];
|
||||||
|
services.nginx.appendConfig = ''
|
||||||
|
stream {
|
||||||
|
upstream storj {
|
||||||
|
server omo.r:28967;
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
listen 28967;
|
||||||
|
proxy_pass storj;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
'';
|
||||||
|
}
|
@ -1,7 +1,9 @@
|
|||||||
{
|
{
|
||||||
|
systemd.services.brockman.environment."BROCKMAN_LOG_LEVEL" = "DEBUG";
|
||||||
krebs.brockman = {
|
krebs.brockman = {
|
||||||
enable = true;
|
enable = true;
|
||||||
config = {
|
config = {
|
||||||
|
channel = "#systemdultras";
|
||||||
irc = {
|
irc = {
|
||||||
host = "irc.freenode.net";
|
host = "irc.freenode.net";
|
||||||
port = 6667;
|
port = 6667;
|
||||||
@ -11,11 +13,13 @@
|
|||||||
feed = "https://www.reddit.com/r/systemdultras/.rss";
|
feed = "https://www.reddit.com/r/systemdultras/.rss";
|
||||||
delay = 136;
|
delay = 136;
|
||||||
channels = [ "#systemdultras" ];
|
channels = [ "#systemdultras" ];
|
||||||
|
notifyErrors = false;
|
||||||
};
|
};
|
||||||
r-systemd-rss = {
|
r-systemd-rss = {
|
||||||
feed = "https://www.reddit.com/r/systemd/.rss";
|
feed = "https://www.reddit.com/r/systemd/.rss";
|
||||||
delay = 172;
|
delay = 172;
|
||||||
channels = [ "#systemdultras" ];
|
channels = [ "#systemdultras" ];
|
||||||
|
notifyErrors = false;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -17,6 +17,7 @@ ${gnused}/bin/sed -i "''${1}d" ~/.ssh/known_hosts
|
|||||||
which
|
which
|
||||||
binutils
|
binutils
|
||||||
screen
|
screen
|
||||||
|
rename # rename 's/^/hello/' *.txt
|
||||||
|
|
||||||
# fs
|
# fs
|
||||||
cifs-utils
|
cifs-utils
|
||||||
|
@ -39,11 +39,13 @@ in { # wireguard server
|
|||||||
}
|
}
|
||||||
{
|
{
|
||||||
# work-router
|
# work-router
|
||||||
|
persistentKeepalive = 25;
|
||||||
allowedIPs = [ "10.244.0.5/32" ];
|
allowedIPs = [ "10.244.0.5/32" ];
|
||||||
publicKey = "QJMwwYu/92koCASbHnR/vqe/rN00EV6/o7BGwLockDw=";
|
publicKey = "QJMwwYu/92koCASbHnR/vqe/rN00EV6/o7BGwLockDw=";
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
# workr
|
# workr
|
||||||
|
persistentKeepalive = 25;
|
||||||
allowedIPs = [ "10.244.0.6/32" ];
|
allowedIPs = [ "10.244.0.6/32" ];
|
||||||
publicKey = "OFhCF56BrV9tjqW1sxqXEKH/GdqamUT1SqZYSADl5GA=";
|
publicKey = "OFhCF56BrV9tjqW1sxqXEKH/GdqamUT1SqZYSADl5GA=";
|
||||||
}
|
}
|
||||||
|
47
makefu/5pkgs/xmm7360/default.nix
Normal file
47
makefu/5pkgs/xmm7360/default.nix
Normal file
@ -0,0 +1,47 @@
|
|||||||
|
{ stdenv, fetchFromGitHub, python3, kernel, kmod }:
|
||||||
|
let
|
||||||
|
py = python3.withPackages (p: [ p.ConfigArgParse p.pyroute2 ]);
|
||||||
|
in
|
||||||
|
stdenv.mkDerivation rec {
|
||||||
|
name = "xmm7360-pci-${version}-${kernel.version}";
|
||||||
|
version = "1.0";
|
||||||
|
|
||||||
|
src = fetchFromGitHub {
|
||||||
|
owner = "xmm7360";
|
||||||
|
repo = "xmm7360-pci";
|
||||||
|
rev = "0060149";
|
||||||
|
sha256 = "0nr7adlwglpw6hp44x0pq8xhv7kik7nsb8yzbxllvy2v1pinyflv";
|
||||||
|
};
|
||||||
|
|
||||||
|
#sourceRoot = "source/linux/v4l2loopback";
|
||||||
|
|
||||||
|
buildTargets = "default";
|
||||||
|
hardeningDisable = [ "pic" ];
|
||||||
|
|
||||||
|
nativeBuildInputs = kernel.moduleBuildDependencies;
|
||||||
|
buildInputs = [ kmod ];
|
||||||
|
|
||||||
|
|
||||||
|
makeFlags = [
|
||||||
|
"KVERSION=${kernel.modDirVersion}"
|
||||||
|
"KDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"
|
||||||
|
"INSTALL_MOD_PATH=$(out)"
|
||||||
|
];
|
||||||
|
postInstall = ''
|
||||||
|
install -d $out/lib/xmm7360/
|
||||||
|
cp -r rpc/ $out/lib/xmm7360/
|
||||||
|
cat > open_xdatachannel <<EOF
|
||||||
|
cd $out/lib/xmm7360
|
||||||
|
exec ${py}/bin/python3 rpc/open_xdatachannel.py $@
|
||||||
|
EOF
|
||||||
|
install -D open_xdatachannel $out/bin/open_xdatachannel
|
||||||
|
'';
|
||||||
|
|
||||||
|
meta = with stdenv.lib; {
|
||||||
|
description = "A kernel module to create V4L2 loopback devices";
|
||||||
|
homepage = "https://github.com/aramg/droidcam";
|
||||||
|
license = licenses.gpl2;
|
||||||
|
maintainers = [ maintainers.makefu ];
|
||||||
|
platforms = platforms.linux;
|
||||||
|
};
|
||||||
|
}
|
@ -1,4 +1,4 @@
|
|||||||
{ config ? config, name, target ? name }: let
|
{ config ? config, name, target ? name , buildTarget ? target }: let
|
||||||
krops = ../submodules/krops;
|
krops = ../submodules/krops;
|
||||||
nixpkgs-src = lib.importJSON ../krebs/nixpkgs.json;
|
nixpkgs-src = lib.importJSON ../krebs/nixpkgs.json;
|
||||||
|
|
||||||
@ -87,6 +87,7 @@ in {
|
|||||||
deploy = pkgs.krops.writeDeploy "${name}-deploy" {
|
deploy = pkgs.krops.writeDeploy "${name}-deploy" {
|
||||||
source = source { test = false; };
|
source = source { test = false; };
|
||||||
target = "root@${target}/var/src";
|
target = "root@${target}/var/src";
|
||||||
|
buildTarget = if target == buildTarget then "root@${target}/var/src" else "root@${buildTarget}/tmp/";
|
||||||
};
|
};
|
||||||
|
|
||||||
# usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test)
|
# usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test)
|
||||||
|
Loading…
Reference in New Issue
Block a user