Merge remote-tracking branch 'gum/master'

2017-12-30 11:36:15 +01:00 · 2017-12-30 11:36:15 +01:00 · c1ff2ddf71
commit c1ff2ddf71
parent dd817f9e26 9d44366441
13 changed files with 154 additions and 36 deletions
--- a/makefu/1systems/x/source.nix
+++ b/makefu/1systems/x/source.nix
@ -1,5 +1,7 @@
 import <stockholm/makefu/source.nix> {
  name="x";
  full = true;
+  python = true;
+  hw = true;
  # torrent = true;
 }
--- a/makefu/2configs/hw/exfat-nofuse.nix
+++ b/makefu/2configs/hw/exfat-nofuse.nix
@ -1,4 +0,0 @@
-{ config, ... }:
-{
-  boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ];
-}
--- a/makefu/2configs/hw/tp-x230.nix
+++ b/makefu/2configs/hw/tp-x230.nix
@ -3,38 +3,14 @@
 with import <stockholm/lib>;
 {

-  imports = [ ./tp-x2x0.nix ];
-  boot = {
-    # tp-smapi is not supported bt x230 anymore
-    kernelModules = [
-      "kvm-intel"
-      "thinkpad_ec"
-      "acpi_call"
-   #   "thinkpad_acpi"
-   #   "tpm-rng"
-    ];
-    extraModulePackages = [
-      config.boot.kernelPackages.acpi_call
-    ];
-    # support backlight adjustment
-    kernelParams = [ "acpi_osi=Linux" "acpi_backlight=vendor" ];
-  };
+  imports = [ ./tp-x2x0.nix  <nixos-hardware/lenovo/thinkpad/x230> ];

  # configured media keys inside awesomerc
  # sound.mediaKeys.enable = true;
  hardware.bluetooth.enable = true;

-  services.acpid.enable = true;
-  hardware.opengl.extraPackages =  [ pkgs.vaapiIntel pkgs.vaapiVdpau ];
-  services.xserver = {
-    videoDriver = "intel";
-    deviceSection = ''
-      Option "AccelMethod" "sna"
-      Option "Backlight"     "intel_backlight"
-    '';
-  };
-
-  security.rngd.enable = true;
+  # possible i915 powersave options:
+  #  options i915 enable_rc6=1 enable_fbc=1 semaphores=1

  services.xserver.displayManager.sessionCommands =''
    xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation" 8 1
--- a/makefu/2configs/hw/tp-x2x0.nix
+++ b/makefu/2configs/hw/tp-x2x0.nix
@ -17,6 +17,8 @@ with import <stockholm/lib>;

  # enable synaptics so we can easily disable the touchpad
  #   enable the touchpad with `synclient TouchpadOff=0`
+
+  services.xserver.libinput.enable = false;
  services.xserver.synaptics = {
    enable = true;
    additionalOptions = ''Option "TouchpadOff" "1"'';
--- a/makefu/2configs/remote-build/master.nix
+++ b/makefu/2configs/remote-build/master.nix
@ -8,7 +8,7 @@ in {
  {   inherit hostName sshKey;
      sshUser = "nixBuild";
      system = "x86_64-linux";
-      maxJobs = 1;
-  }) [ "omo.r"  "gum.r" "latte.r" ];
-  # puyak.r "wbob.r"
+      maxJobs = 8;
+  }) [ "hotdog.r" ];
+  # puyak.r "wbob.r" "omo.r"  "gum.r" "latte.r"
 }
--- a/makefu/2configs/stats/telegraf/bamstats.nix
+++ b/makefu/2configs/stats/telegraf/bamstats.nix
@ -0,0 +1,35 @@
+{ pkgs, ...}:
+
+let
+  genTopic = name: topic: tags: {
+      servers = [ "tcp://localhost:1883" ];
+      qos = 0;
+      connection_timeout = "30s";
+      topics = [ topic ];
+      tags = tags;
+      persistent_session = false;
+      name_override = name;
+      data_format = "value";
+      data_type = "float";
+    };
+  bamStat = stat:   # Temperature or Humidity
+            host:   # easy{1-4}
+            sensor: # dht11, dht22, ds18
+            (genTopic stat
+                      "/bam/${host}/${sensor}/${stat}"
+                      {"host" = host;
+                       "scope" = "bam";
+                       "sensor" = sensor;
+                      } );
+  dht22 = host: [(bamStat "Temperature" host "dht22")
+                 (bamStat "Humidity" host "dht22")];
+  dht11 = host: [(bamStat "Temperature" host "dht11")
+                 (bamStat "Humidity" host "dht11")];
+  ds18 = host:  [(bamStat "Temperature" host "ds18")];
+in {
+  services.telegraf.extraConfig.inputs.mqtt_consumer =
+       (dht22 "easy1")
+    ++ (dht22 "easy2")
+    ++ (dht11 "easy3")
+    ++ (ds18  "easy3");
+}
--- a/makefu/2configs/tools/all.nix
+++ b/makefu/2configs/tools/all.nix
@ -7,6 +7,7 @@
    ./extra-gui.nix
    ./games.nix
    ./media.nix
+    ./mobility.nix
    ./scanner-tools.nix
    ./sec.nix
    ./sec-gui.nix
--- a/makefu/2configs/tools/dev.nix
+++ b/makefu/2configs/tools/dev.nix
@ -2,8 +2,9 @@

 {
  users.users.makefu.packages = with pkgs;[
-    python3Packages.virtualenv
+    python3
    python3Packages.pyserial
+    python3Packages.virtualenv
    # embedded
    gi
    flashrom
--- a/makefu/2configs/tools/mobility.nix
+++ b/makefu/2configs/tools/mobility.nix
@ -0,0 +1,8 @@
+{ config, pkgs, ... }:
+{
+  users.users.makefu.packages = with pkgs;[
+    go-mtpfs
+  ];
+
+  boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ];
+}
--- a/makefu/2configs/vpn/vpnws/client.nix
+++ b/makefu/2configs/vpn/vpnws/client.nix
@ -0,0 +1,9 @@
+{ pkgs, ... }:
+{
+  users.users.makefu.packages = with pkgs; [ iproute vpn-ws ];
+  # vpn-ws-client  vpnws wss://localhost/vpn --no-verify --exec "ip link set vpnws up;ip addr add 10.244.1.2/24 dev vpnws"
+  networking.interfaces.vpnws = {
+    virtual = true;
+    virtualType = "tap";
+  };
+}
--- a/makefu/2configs/vpn/vpnws/server.nix
+++ b/makefu/2configs/vpn/vpnws/server.nix
@ -0,0 +1,42 @@
+{pkgs, options, ... }:
+let
+  pkg = pkgs.vpn-ws;
+  uid = "nginx";
+  gid = "nginx";
+  ip = "${pkgs.iproute}/bin/ip";
+  socket = "/run/vpn.sock";
+  htpasswd = (toString <secrets>) + "/vpn-ws-auth";
+  nginx-prepared-secrets = "/var/spool/nginx/vpn-ws-auth";
+in {
+  systemd.services.vpn-ws-auth-prepare = {
+    wantedBy = [ "multi-user.target" ];
+    before = [ "nginx.service" ];
+    script = "install -m700 -o${uid} -g${gid} ${htpasswd} ${nginx-prepared-secrets}";
+  };
+  services.nginx.virtualHosts."euer.krebsco.de".locations."/vpn" = {
+    extraConfig = ''
+      auth_basic "please stand by...";
+      auth_basic_user_file ${nginx-prepared-secrets};
+      uwsgi_pass   unix:${socket};
+      include      ${pkgs.nginx}/conf/uwsgi_params;
+    '';
+  };
+
+  networking.interfaces.vpnws = {
+    virtual = true;
+    virtualType = "tap";
+  };
+  systemd.services.vpnws = {
+    wantedBy = [ "multi-user.target" ];
+    after = [ "network.target" ];
+    serviceConfig = {
+      Restart = "always";
+      PrivateTmp = true;
+      ExecStartPre = pkgs.writeDash "vpnws-pre" ''
+        ${ip} link set vpnws up
+        ${ip} addr add 10.244.1.1/24 dev vpnws || :
+      '';
+      ExecStart = "${pkg}/bin/vpn-ws --uid ${uid} --gid ${gid} --tuntap vpnws ${socket}";
+    };
+  };
+}
--- a/makefu/5pkgs/vpn-ws/default.nix
+++ b/makefu/5pkgs/vpn-ws/default.nix
@ -0,0 +1,30 @@
+{ stdenv, lib, pkgs, fetchurl,fetchFromGitHub, openssl }:
+stdenv.mkDerivation rec {
+  pname = "vpn-ws";
+  version = "9d0e866";
+  name = "${pname}-${version}";
+
+  src = fetchFromGitHub {
+    owner = "unbit";
+    repo = "vpn-ws";
+    rev = version;
+    sha256 = "068vzrpzgksadb31khancnpkgzhdcr6kh6k9wgm77q68skwl3w0k";
+  };
+
+  patchPhase = ''
+    sed -i 's/-Werror//' Makefile
+  '';
+
+  installPhase = ''
+    mkdir -p $out/bin
+    cp vpn-ws vpn-ws-client $out/bin
+  '';
+
+  buildInputs = [ openssl.dev ];
+
+  meta = {
+    homepage = https://github.com/unbit/vpn-ws;
+    description = "A VPN system over websockets";
+    license = lib.licenses.mit;
+  };
+}
--- a/makefu/source.nix
+++ b/makefu/source.nix
@ -4,7 +4,9 @@ host@{ name,
  secure ? false,
  full ? false,
  torrent ? false,
-  musnix ? false
+  hw ? false,
+  musnix ? false,
+  python ? false
 }:
 let
  builder = if getEnv "dummy_secrets" == "true"
@ -45,6 +47,20 @@ in
        ref = "d8b989f";
      };
    })
+
+    (mkIf ( hw ) {
+      nixos-hardware.git = {
+        url = https://github.com/nixos/nixos-hardware.git;
+        ref = "8a05dc9";
+      };
+    })
+
+    (mkIf ( python ) {
+      python.git = {
+        url = https://github.com/garbas/nixpkgs-python;
+        ref = "cac319b";
+      };
+    })
    (mkIf ( torrent ) {
      torrent-secrets.file = getAttr builder {
        buildbot = toString <stockholm/makefu/6tests/data/secrets>;