Merge remote-tracking branch 'lass/master'
This commit is contained in:
commit
984ee05ec2
@ -8,11 +8,9 @@ in {
|
|||||||
services.syncthing = {
|
services.syncthing = {
|
||||||
enable = true;
|
enable = true;
|
||||||
configDir = "/var/lib/syncthing";
|
configDir = "/var/lib/syncthing";
|
||||||
declarative = {
|
devices = mk_peers used_peers;
|
||||||
devices = mk_peers used_peers;
|
key = toString <secrets/syncthing.key>;
|
||||||
key = toString <secrets/syncthing.key>;
|
cert = toString <secrets/syncthing.cert>;
|
||||||
cert = toString <secrets/syncthing.cert>;
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
boot.kernel.sysctl."fs.inotify.max_user_watches" = 524288;
|
boot.kernel.sysctl."fs.inotify.max_user_watches" = 524288;
|
||||||
|
@ -1,5 +1,33 @@
|
|||||||
{ config, lib, pkgs, ... }:
|
{ config, lib, pkgs, ... }: let
|
||||||
{
|
|
||||||
|
format-github-message = pkgs.writeDashBin "format-github-message" ''
|
||||||
|
set -xefu
|
||||||
|
export PATH=${lib.makeBinPath [
|
||||||
|
pkgs.jq
|
||||||
|
]}
|
||||||
|
INPUT=$(jq -c .)
|
||||||
|
if $(echo "$INPUT" | jq 'has("issue") or has("pull_request")'); then
|
||||||
|
${write_to_irc} "$(echo "$INPUT" | jq -r '
|
||||||
|
"\(.action): " +
|
||||||
|
"[\(.issue.title // .pull_request.title)] " +
|
||||||
|
"\(.comment.html_url // .issue.html_url // .pull_request.html_url) " +
|
||||||
|
"by \(.comment.user.login // .issue.user.login // .pull_request.user.login)"
|
||||||
|
')"
|
||||||
|
fi
|
||||||
|
'';
|
||||||
|
|
||||||
|
write_to_irc = pkgs.writeDash "write_to_irc" ''
|
||||||
|
${pkgs.curl}/bin/curl -fsSv http://localhost:44001 \
|
||||||
|
-H content-type:application/json \
|
||||||
|
-d "$(${pkgs.jq}/bin/jq -n \
|
||||||
|
--arg text "$1" '{
|
||||||
|
command:"PRIVMSG",
|
||||||
|
params:["#fysi",$text]
|
||||||
|
}'
|
||||||
|
)"
|
||||||
|
'';
|
||||||
|
|
||||||
|
in {
|
||||||
krebs.iptables.tables.filter.INPUT.rules = [
|
krebs.iptables.tables.filter.INPUT.rules = [
|
||||||
{ predicate = "-p tcp --dport 44002"; target = "ACCEPT"; }
|
{ predicate = "-p tcp --dport 44002"; target = "ACCEPT"; }
|
||||||
];
|
];
|
||||||
@ -26,20 +54,14 @@
|
|||||||
name = "reaktor2-fysiweb-github";
|
name = "reaktor2-fysiweb-github";
|
||||||
};
|
};
|
||||||
script = ''. ${pkgs.writeDash "github-irc" ''
|
script = ''. ${pkgs.writeDash "github-irc" ''
|
||||||
|
set -efu
|
||||||
case "$Method $Request_URI" in
|
case "$Method $Request_URI" in
|
||||||
"POST /")
|
"POST /")
|
||||||
payload=$(head -c "$req_content_length" \
|
payload=$(head -c "$req_content_length" \
|
||||||
| sed 's/+/ /g;s/%\(..\)/\\x\1/g;' \
|
| sed 's/+/ /g;s/%\(..\)/\\x\1/g;' \
|
||||||
| xargs -0 echo -e \
|
| xargs -0 echo -e \
|
||||||
)
|
)
|
||||||
${pkgs.curl}/bin/curl -fsSv http://localhost:44001/ \
|
echo "$payload" | ${format-github-message}/bin/format-github-message
|
||||||
-H content-type:application/json \
|
|
||||||
-d "$(echo "$payload" | ${pkgs.jq}/bin/jq \
|
|
||||||
'{
|
|
||||||
command:"PRIVMSG",
|
|
||||||
params:["#fysi", "\(.action): \(.comment.html_url // .issue.html_url // .pull_request.html_url)"]
|
|
||||||
}'
|
|
||||||
)"
|
|
||||||
printf 'HTTP/1.1 200 OK\r\n'
|
printf 'HTTP/1.1 200 OK\r\n'
|
||||||
printf 'Connection: close\r\n'
|
printf 'Connection: close\r\n'
|
||||||
printf '\r\n'
|
printf '\r\n'
|
||||||
|
@ -15,7 +15,7 @@ in {
|
|||||||
services.zigbee2mqtt = {
|
services.zigbee2mqtt = {
|
||||||
enable = true;
|
enable = true;
|
||||||
package = unstable-pkgs.zigbee2mqtt;
|
package = unstable-pkgs.zigbee2mqtt;
|
||||||
config = {
|
settings = {
|
||||||
homeassistant = true;
|
homeassistant = true;
|
||||||
frontend.port = 1337;
|
frontend.port = 1337;
|
||||||
experimental.new_api = true;
|
experimental.new_api = true;
|
||||||
|
@ -2,10 +2,16 @@
|
|||||||
{
|
{
|
||||||
services.murmur = {
|
services.murmur = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
allowHtml = false;
|
||||||
bandwidth = 10000000;
|
bandwidth = 10000000;
|
||||||
registerName = "lassul.us";
|
registerName = "lassul.us";
|
||||||
autobanTime = 30;
|
autobanTime = 30;
|
||||||
|
sslCert = "/var/lib/acme/lassul.us/cert.pem";
|
||||||
|
sslKey = "/var/lib/acme/lassul.us/key.pem";
|
||||||
};
|
};
|
||||||
|
users.groups.lasscert.members = [
|
||||||
|
"murmur"
|
||||||
|
];
|
||||||
krebs.iptables.tables.filter.INPUT.rules = [
|
krebs.iptables.tables.filter.INPUT.rules = [
|
||||||
{ predicate = "-p tcp --dport 64738"; target = "ACCEPT";}
|
{ predicate = "-p tcp --dport 64738"; target = "ACCEPT";}
|
||||||
{ predicate = "-p udp --dport 64738"; target = "ACCEPT";}
|
{ predicate = "-p udp --dport 64738"; target = "ACCEPT";}
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
{
|
{
|
||||||
services.syncthing.declarative.folders.decsync = {
|
services.syncthing.folders.decsync = {
|
||||||
path = "/home/lass/decsync";
|
path = "/home/lass/decsync";
|
||||||
devices = [ "mors" "blue" "green" "phone" ];
|
devices = [ "mors" "blue" "green" "phone" ];
|
||||||
};
|
};
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
{
|
{
|
||||||
services.syncthing.declarative.folders."/home/lass/sync" = {
|
services.syncthing.folders."/home/lass/sync" = {
|
||||||
devices = [ "mors" "icarus" "xerxes" "shodan" "green" "blue" "coaxmetal" ];
|
devices = [ "mors" "icarus" "xerxes" "shodan" "green" "blue" "coaxmetal" ];
|
||||||
};
|
};
|
||||||
krebs.permown."/home/lass/sync" = {
|
krebs.permown."/home/lass/sync" = {
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
{
|
{
|
||||||
services.syncthing.declarative.folders."/home/lass/.weechat".devices = [ "green" "mors" ];
|
services.syncthing.folders."/home/lass/.weechat".devices = [ "green" "mors" ];
|
||||||
krebs.permown."/home/lass/.weechat" = {
|
krebs.permown."/home/lass/.weechat" = {
|
||||||
owner = "lass";
|
owner = "lass";
|
||||||
group = "syncthing";
|
group = "syncthing";
|
||||||
|
Loading…
Reference in New Issue
Block a user