Merge remote-tracking branch 'lass/master'

krebs/3modules/external/default.nix

@@ -563,6 +563,31 @@ in {
         };
       };
     };
+    alsace = {
+      owner = config.krebs.users.xkey;
+      nets = {
+        retiolum = {
+          ip4.addr = "10.243.73.31";
+          aliases = [ "alsace.r" ];
+          tinc.pubkey = ''
+            -----BEGIN RSA PUBLIC KEY-----
+            MIICCgKCAgEAn9mZHXfUcR1/oby6KB1Z8s1AAuie4l5G624r0UqbWu+4xowFIeZs
+            kv2dqd+yiqammAA9P207ooLbGBp+P6i4f5VMCemkCnv0sC1TJ+DNwYqWYcFRZE7I
+            j00fw/QI9d6L1c4CqZHJPQXEHG3v46qPuUow8FDJ6fjoBmy6biHjSd0XC7oHGqRh
+            GE5RolnqUiQhW0b4TkHJV4yUfVki+olxQtYd4xIHs1hcSqoMK898jsPX5cLgoCzR
+            NPZVyHf2BM0urPn4mu/th4ZDKpQtrqeI7h6yhnzJ0onhtValwHiA3/DcHcWmYvHC
+            vw6umyiCqFDx2kmzOnpkBWv65ugKUwDSZR8ibp3q7W9iPBiCPv0FtKXsQW9EngSS
+            asQWC8U6cB23nKuMYQrtD33fVwYn58FBIY6+avroc7XN5cPM/9VBHqyXSDZNAWtt
+            TwC/sXFWqT6AbTwLV6zY1TW4jiwKOh3KAVnHqQhUhNlEMk6EFOjR1CABSwUVXleR
+            5whr1RbKAsrhqMprGKHndvxLXjbKSh6A0bVdOLOzSs7BME2Oi1OdHd6tqqYmcyuV
+            XQnFcOYKxF0RM83/V8rEgvVisIxXTGVrGw8Kse7PGFA1dGldptTC6kofLUxzADNw
+            bRnXtRk8VR0BBzTuPNDgUXL2XQLht6FwDKCA/En2vId98yc2uuDk468CAwEAAQ==
+            -----END RSA PUBLIC KEY-----
+          '';
+          tinc.pubkey_ed25519 = "lPvwNm2mfF+rX3noqt+80c7nlDCpC+98JPLWx2jJRLN";
+        };
+      };
+    };
     papawhakaaro = {
       owner = config.krebs.users.feliks;
       nets = {

krebs/3modules/external/mic92.nix

@@ -95,7 +95,6 @@ in {
       owner = config.krebs.users.mic92;
       nets = {
         retiolum = {
-          ip4.addr = "10.243.29.189";
           aliases = [
             "dimitriosxps.r"
           ];
@@ -173,7 +172,12 @@ in {
         };
         retiolum = {
           via = internet;
-          aliases = [ "eve.r" "tts.r" ];
+          aliases = [
+            "eve.r"
+            "tts.r"
+            "flood.r"
+            "navidrome.r"
+          ];
           tinc.pubkey = ''
             -----BEGIN RSA PUBLIC KEY-----
             MIICCgKCAgEAw5cxGjnWCG8dcuhTddvGHzH0/VjxHA5V8qJXH2R5k8ki8dsM5FRH
@@ -865,5 +869,24 @@ in {
         };
       };
     };
+    hal9000 = {
+      owner = config.krebs.users.mic92;
+      nets = rec {
+        retiolum = {
+          aliases = [ "hal9000.r" ];
+          tinc.pubkey = ''
+            -----BEGIN RSA PUBLIC KEY-----
+            MIIBCgKCAQEA5aunzoz6WIjeQgfibml6T+UNsXXcoglhCqRkun7WaSHE93SQcCil
+            CDoUoq2aeiGTZ189LgdSyeRL7qmBzgVExIT4NlhfBCkNbHB/sz6epBb9qx49hLh5
+            K/tJfUBYKRd06ymSXPK+cCiO0/gM8fjzI+3GMlYvcbZ+ow11zTRgX/QB2lE1G8cW
+            Obh/nS0af7G6wmovHsKEpry5AxoAPLLi5JaP4hlc/i0iCbebMqb+szF0KBAbmDg3
+            JQ4MYIyQOw9kk7hfqTNFEvJhpbV66id2+ZIHX6QAw7OHBpaY6ZWFd/w2BkJHeayb
+            2jRnsJd0YgautgBGrBrjRWiVmn/f+lJ4XQIDAQAB
+            -----END RSA PUBLIC KEY-----
+          '';
+          tinc.pubkey_ed25519 = "krVYgJo5OFZkyUOgasH9dFve4OI3ewpt8IFhCPan7mB";
+        };
+      };
+    };
   };
 }

krebs/3modules/tinc.nix

@@ -26,7 +26,7 @@ with import <stockholm/lib>;
                 ${tinc.config.extraConfig}
               '';
               "tinc-up" = pkgs.writeDash "${netname}-tinc-up" ''
-                ${tinc.config.iproutePackage}/sbin/ip link set ${netname} up
+                ip link set ${netname} up
                 ${tinc.config.tincUp}
               '';
             });
@@ -58,15 +58,14 @@ with import <stockholm/lib>;
           type = types.str;
           default = let
             net = tinc.config.host.nets.${netname};
-            iproute = tinc.config.iproutePackage;
           in ''
             ${optionalString (net.ip4 != null) /* sh */ ''
-              ${iproute}/sbin/ip -4 addr add ${net.ip4.addr} dev ${netname}
-              ${iproute}/sbin/ip -4 route add ${net.ip4.prefix} dev ${netname}
+              ip -4 addr add ${net.ip4.addr} dev ${netname}
+              ip -4 route add ${net.ip4.prefix} dev ${netname}
             ''}
             ${optionalString (net.ip6 != null) /* sh */ ''
-              ${iproute}/sbin/ip -6 addr add ${net.ip6.addr} dev ${netname}
-              ${iproute}/sbin/ip -6 route add ${net.ip6.prefix} dev ${netname}
+              ip -6 addr add ${net.ip6.addr} dev ${netname}
+              ip -6 route add ${net.ip6.prefix} dev ${netname}
             ''}
             ${tinc.config.tincUpExtra}
           '';
@@ -176,7 +175,7 @@ with import <stockholm/lib>;
         connectTo = mkOption {
           type = types.listOf types.str;
           ${if netname == "retiolum" then "default" else null} = [
-            "gum"
+            "eve"
             "ni"
             "prism"
           ];

krebs/3modules/tv/default.nix

@@ -200,9 +200,13 @@ in {
           '';
           tinc.pubkey_ed25519 = "nDuK96NlNhcxzlX7G30w/706RxItb+FhkFkz/VhUgCE";
         };
-        wiregrill.wireguard.subnets = [
-          (krebs.genipv6 "wiregrill" "tv" 0).subnetCIDR
-        ];
+        wiregrill = {
+          via = config.krebs.hosts.ni.nets.internet;
+          ip4.addr = "10.244.3.1";
+          wireguard.subnets = [
+            (krebs.genipv6 "wiregrill" "tv" 0).subnetCIDR
+          ];
+        };
       };
       ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILGDdcKwFm6udU0/x6XGGb87k9py0VlrxF54HeYu9Izb";
     };
@@ -345,6 +349,9 @@ in {
       ssh.privkey.path = <secrets/ssh.id_rsa>;
       ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDNjHxyUC7afNGSwfwBfQizmDnHTNLWDRHE8SY9W4oiw2lPhCFGTN8Jz84CKtnABbZhbNY1E8T58emF2h45WzDg/OGi8DPAk4VsXSkIhyvAto+nkTy2L4atjqfvXDvqxTDC9sui+t8p5OqOK+sghe4kiy+Vx1jhnjSnkQsx9Kocu24BYTkNqYxG7uwOz6t262XYNwMn13Y2K/yygDR3Uw3wTnEjpaYnObRxxJS3iTECDzgixiQ6ewXwYNggpzO/+EfW1BTz5vmuEVf4GbQ9iEc7IsVXHhR+N0boCscvSgae9KW9MBun0A2veRFXNkkfBEMfzelz+S63oeVfelkBq6N5aLsHYYGC4VQjimScelHYVwxR7O4fV+NttJaFF7H06FJeFzPt3NYZeoPKealD5y2Muh1UnewpmkMgza9hQ9EmI4/G1fMowqeMq0U6Hu0QMDUAagyalizN97AfsllY2cs0qLNg7+zHMPwc5RgLzs73oPUsF3umz0O42I5p5733vveUlWi5IZeI8CA1ZKdpwyMXXNhIOHs8u+yGsOLfSy3RgjVKp2GjN4lfnFd0LI+p7iEsEWDRkIAvGCOFepsebyVpBjGP+Kqs10bPGpk5dMcyn9iBJejoz9ka+H9+JAG04LnXwt6Rf1CRV3VRCRX1ayZEjRv9czV7U9ZpuFQcIlVRJQ== root@zu";
     };
+    umz = {
+      nets.wiregrill.ip4.addr = "10.244.3.101";
+    };
   };
   sitemap = {
     "http://cgit.krebsco.de" = {

krebs/3modules/tv/wiregrill/umz.pub

@@ -0,0 +1 @@
+FpghL2Drdg+xwqcOsDgePgUx3X3XsX9f56BPLuF690g=

krebs/nixpkgs-unstable.json

@@ -1,9 +1,9 @@
 {
   "url": "https://github.com/NixOS/nixpkgs",
-  "rev": "689b76bcf36055afdeb2e9852f5ecdd2bf483f87",
-  "date": "2022-01-23T03:10:13+01:00",
-  "path": "/nix/store/s6kxwpz8k02mg1wqsf06bsjygwi6xr6j-nixpkgs",
-  "sha256": "08d38db4707jdm3gws82y6bynh6k8qal4s1cms9zqd9cdwcmylyj",
+  "rev": "60c52a73f1d5858020ac4f161cd5bf1c9650f8b8",
+  "date": "2022-02-07T23:59:33+00:00",
+  "path": "/nix/store/5w1yn77d2b44wq0w7b8cqqqfap2897n2-nixpkgs",
+  "sha256": "1xyi4xag084ikcbis3iixpvfsmlfm2s105j58770x7k24mkrif7n",
   "fetchLFS": false,
   "fetchSubmodules": false,
   "deepClone": false,

krebs/nixpkgs.json

@@ -1,9 +1,9 @@
 {
   "url": "https://github.com/NixOS/nixpkgs",
-  "rev": "604c44137d97b5111be1ca5c0d97f6e24fbc5c2c",
-  "date": "2022-01-23T10:04:55-08:00",
-  "path": "/nix/store/r22j0r232a5y02yhd1avaw27zqdbhx1x-nixpkgs",
-  "sha256": "0gzhigyn8f7vps4a5vc1c8wbim59724s179a7d0h3gv6ss9avdj4",
+  "rev": "521e4d7d13b09bc0a21976b9d19abd197d4e3b1e",
+  "date": "2022-02-07T00:29:53+00:00",
+  "path": "/nix/store/pvmrsiy8k37nwg18g7230g5kasbsf132-nixpkgs",
+  "sha256": "156b4wnm6y6lg0gz09mp48rd0mhcdazr5s888c4lbhlpn3j8h042",
   "fetchLFS": false,
   "fetchSubmodules": false,
   "deepClone": false,

lass/1systems/prism/config.nix

@@ -114,6 +114,7 @@ with import <stockholm/lib>;
     <stockholm/lass/2configs/exim-smarthost.nix>
     <stockholm/lass/2configs/privoxy-retiolum.nix>
     <stockholm/lass/2configs/radio.nix>
+    <stockholm/lass/2configs/radio-news.nix>
     <stockholm/lass/2configs/binary-cache/server.nix>
     <stockholm/lass/2configs/iodined.nix>
     <stockholm/lass/2configs/paste.nix>

lass/2configs/hass/default.nix

@@ -1,12 +1,6 @@
 { config, lib, pkgs, ... }:
 with import ./lib.nix { inherit lib; };
 let
-  unstable = import (pkgs.fetchFromGitHub {
-    owner = "nixos";
-    repo = "nixpkgs";
-    rev = (lib.importJSON ../../../krebs/nixpkgs-unstable.json).rev;
-    sha256 = (lib.importJSON ../../../krebs/nixpkgs-unstable.json).sha256;
-  }) {};
   dwdwfsapi = pkgs.python3Packages.buildPythonPackage rec {
     pname = "dwdwfsapi";
     version = "1.0.3";
@@ -35,17 +29,14 @@ in {
     { predicate = "-i int0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto
     { predicate = "-i docker0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto
     { predicate = "-i int0 -p tcp --dport 8123"; target = "ACCEPT"; } # hass
-    { predicate = "-i int0 -p tcp --dport 1337"; target = "ACCEPT"; } # hass
+    { predicate = "-i int0 -p tcp --dport 1337"; target = "ACCEPT"; } # zigbee2mqtt frontend
     { predicate = "-i retiolum -p tcp --dport 8123"; target = "ACCEPT"; } # hass
-    { predicate = "-i retiolum -p tcp --dport 1337"; target = "ACCEPT"; } # hass frontend
+    { predicate = "-i retiolum -p tcp --dport 1337"; target = "ACCEPT"; } # zigbee2mqtt frontend
     { predicate = "-i wiregrill -p tcp --dport 8123"; target = "ACCEPT"; } # hass
   ];
 
   services.home-assistant = {
     enable = true;
-    package = unstable.home-assistant.overrideAttrs (old: {
-      doInstallCheck = false;
-    });
     configWritable = true;
     lovelaceConfigWritable = true;
     config = let

lass/2configs/radio-news.nix

@@ -0,0 +1,52 @@
+{ config, pkgs, ... }: with pkgs.stockholm.lib;
+let
+  weather_report = pkgs.writers.writeDashBin "weather_report" ''
+  set -efu
+  ${pkgs.curl}/bin/curl -sSL https://wttr.in/''${1-}?format=j1 \
+    | ${pkgs.jq}/bin/jq -r '
+    [.nearest_area[0] | "Weather report for \(.areaName[0].value), \(.country[0].value)."]
+    + [.current_condition[0] | "Currently it is \(.weatherDesc[0].value) outside with a temperature of \(.temp_C) degrees."]
+    | join("\n")
+    '
+  '';
+  send_to_radio = pkgs.writers.writeDashBin "send_to_radio" ''
+    ${pkgs.vorbisTools}/bin/oggenc - |
+      ${pkgs.libshout}/bin/shout --format ogg --host localhost --port 1338 --mount /live
+  '';
+
+  newsshow = pkgs.writers.writeDashBin "newsshow" /* sh */ ''
+    echo "
+    hello crabpeople!
+    $(${pkgs.ddate}/bin/ddate | sed 's/YOLD/Year of Discord/')!
+    It is $(date --utc +%H) o clock UTC.
+    $(weather_report berlin)
+    $(weather_report 70173)
+    $(weather_report munich)
+    "
+  '';
+in
+{
+  systemd.services.newsshow = {
+    path = [
+      newsshow
+      send_to_radio
+      weather_report
+      pkgs.curl
+      pkgs.retry
+    ];
+    script = ''
+      set -efu
+      retry -t 5 -d 10 -- newsshow |
+        retry -t 5 -d 10 -- curl -SsG http://tts.r/api/tts --data-urlencode 'text@-' |
+        retry -t 5 -d 10 -- send_to_radio
+    '';
+    startAt = "*:00:00";
+  };
+
+  ## debug
+  # environment.systemPackages = [
+  #   weather_report
+  #   send_to_radio
+  #   newsshow
+  # ];
+}

lass/2configs/radio.nix

@@ -1,6 +1,5 @@
 { config, pkgs, ... }:
-
-with import <stockholm/lib>;
+with pkgs.stockholm.lib;
 
 let
   name = "radio";
@@ -84,7 +83,7 @@ let
   '';
 
   set_irc_topic = pkgs.writeDash "set_irc_topic" ''
-    ${pkgs.curl}/bin/curl -fsSv --unix-socket /home/radio/reaktor.sock http://z/ \
+    ${pkgs.curl}/bin/curl -fsS --unix-socket /home/radio/reaktor.sock http://z/ \
       -H content-type:application/json \
       -d "$(${pkgs.jq}/bin/jq -n \
         --arg text "$1" '{
@@ -109,12 +108,12 @@ in {
   users.users = {
     "${name}" = rec {
       inherit name;
+      createHome = mkForce false;
       group = name;
       uid = genid_uint31 name;
       description = "radio manager";
       home = "/home/${name}";
       useDefaultShell = true;
-      createHome = true;
       openssh.authorizedKeys.keys = with config.krebs.users; [
         lass.pubkey
         lass-mors.pubkey
@@ -148,27 +147,37 @@ in {
 
       audio_output {
         type "httpd"
-        name "lassulus radio mp3"
-        encoder "lame" # optional
-        port "8002"
-        quality "5.0" # do not define if bitrate is defined
-        # bitrate "128" # do not define if quality is defined
+        name "raw radio"
+        encoder "wave"
+        port "7900"
         format "44100:16:2"
         always_on "yes" # prevent MPD from disconnecting all listeners when playback is stopped.
         tags "yes" # httpd supports sending tags to listening streams.
       }
+    '';
+  };
+  services.liquidsoap.streams.radio-news = pkgs.writeText "radio-news.liq" ''
+    source = mksafe(input.http("http://localhost:7900/raw.wave"))
 
-      audio_output {
-        type "httpd"
-        name "lassulus radio"
-        encoder "vorbis" # optional
-        port "8000"
-        quality "5.0" # do not define if bitrate is defined
-        # bitrate "128" # do not define if quality is defined
-        format "44100:16:2"
-        always_on "yes" # prevent MPD from disconnecting all listeners when playback is stopped.
-        tags "yes" # httpd supports sending tags to listening streams.
-      }
+    output.icecast(mount = '/music.ogg', password = 'hackme', %vorbis(quality = 1), source)
+    output.icecast(mount = '/music.mp3', password = 'hackme', %mp3.vbr(), source)
+    output.icecast(mount = '/music.opus', password = 'hackme', %opus(), source)
+
+    extra_input = audio_to_stereo(input.harbor("live", port=1338))
+
+    o = smooth_add(normal = source, special = extra_input)
+    output.icecast(mount = '/radio.ogg', password = 'hackme', %vorbis(quality = 1), o)
+    output.icecast(mount = '/radio.mp3', password = 'hackme', %mp3.vbr(), o)
+    output.icecast(mount = '/radio.opus', password = 'hackme', %opus(), o)
+  '';
+  services.icecast = {
+    enable = true;
+    hostname = "radio.lassul.us";
+    admin.password = "hackme";
+    extraConf = ''
+      <authentication>
+       <source-password>hackme</source-password>
+      </authentication>
     '';
   };
 
@@ -176,7 +185,6 @@ in {
     tables = {
       filter.INPUT.rules = [
         { predicate = "-p tcp --dport 8000"; target = "ACCEPT"; }
-        { predicate = "-p tcp --dport 8002"; target = "ACCEPT"; }
         { predicate = "-i retiolum -p tcp --dport 8001"; target = "ACCEPT"; }
       ];
     };
@@ -219,13 +227,16 @@ in {
 
   systemd.services.radio-recent = let
     recentlyPlayed = pkgs.writeDash "recentlyPlayed" ''
+      set -xeu
       LIMIT=1000 #how many tracks to keep in the history
-      HISTORY_FILE=/tmp/played
+      HISTORY_FILE=/var/lib/radio/recent
       while :; do
         ${pkgs.mpc_cli}/bin/mpc idle player > /dev/null
         ${pkgs.mpc_cli}/bin/mpc current -f %file%
       done | while read track; do
-        listeners=$(${pkgs.iproute}/bin/ss -Hno state established 'sport = :8000' | grep '^tcp' | wc -l)
+
+        listeners=$(${pkgs.curl}/bin/curl lassul.us:8000/status-json.xsl |
+          ${pkgs.jq}/bin/jq '[.icestats.source[].listeners] | add')
         echo "$(date -Is)" "$track" | tee -a "$HISTORY_FILE"
         echo "$(tail -$LIMIT "$HISTORY_FILE")" > "$HISTORY_FILE"
         ${set_irc_topic} "playing: $track listeners: $listeners"
@@ -345,7 +356,8 @@ in {
         proxy_pass http://localhost:8000;
       '';
       locations."= /recent".extraConfig = ''
-        alias /tmp/played;
+        default_type "text/plain";
+        alias /var/lib/radio/recent;
       '';
       locations."= /current".extraConfig = ''
         proxy_pass http://localhost:8001;

submodules/krops

@@ -1 +1 @@
-Subproject commit 13ae434b140035e7e2664bd5a8ef4c475413b2e0
+Subproject commit 89e5e67659bbbf0da53cc2cc5dea644b9a2301f6