Merge remote-tracking branch 'orange/master'

This commit is contained in:
tv 2023-06-14 18:36:13 +02:00
commit f9e82b4ffc
20 changed files with 268 additions and 126 deletions

View File

@ -71,6 +71,7 @@ rec {
"c.r"
"p.r"
"search.r"
"wallpaper.r"
];
tinc = {
pubkey = ''

View File

@ -1,33 +1,116 @@
{ config, lib, pkgs, ... }:
{
users.users.testing = {
uid = pkgs.stockholm.lib.genid_uint31 "testing";
isNormalUser = true;
openssh.authorizedKeys.keys = [
config.krebs.users.xkey.pubkey
config.krebs.users.lass.pubkey
];
packages = [
pkgs.calendar-cli
pkgs.tmux
];
};
{ config, lib, pkgs, ... }: let
services.xandikos = {
setupGit = ''
export PATH=${lib.makeBinPath [
pkgs.coreutils
pkgs.git
]}
export GIT_SSH_COMMAND='${pkgs.openssh}/bin/ssh -i /var/lib/radicale/.ssh/id_ed25519'
repo='git@localhost:cal'
cd /var/lib/radicale/collections
if ! test -d .git; then
git init
git config user.name "radicale"
git config user.email "radicale@${config.networking.hostName}"
elif ! url=$(git config remote.origin.url); then
git remote add origin "$repo"
elif test "$url" != "$repo"; then
git remote set-url origin "$repo"
fi
cp ${pkgs.writeText "gitignore" ''
.Radicale.cache
''} .gitignore
git add .gitignore
'';
pushCal = pkgs.writeDash "push_cal" ''
${setupGit}
git fetch origin
git merge --ff-only origin/master || :
'';
pushCgit = pkgs.writeDash "push_cgit" ''
${setupGit}
git push origin master
'';
in {
services.radicale = {
enable = true;
extraOptions = [
"--autocreate"
"--defaults"
"--current-user-principal /krebs"
"--dump-dav-xml"
rights = {
krebs = {
user = ".*";
collection = ".*";
permissions = "rRwW";
};
};
settings = {
auth.type = "none";
server.hosts = [
"0.0.0.0:5232"
"[::]:5232"
];
storage.filesystem_folder = "/var/lib/radicale/collections";
storage.hook = "${pkgs.writers.writeDash "radicale-hook" ''
set -efu
${setupGit}
${pkgs.git}/bin/git add -A
(${pkgs.git}/bin/git diff --cached --quiet || ${pkgs.git}/bin/git commit -m "Changes by \"$1\"")
${pushCgit}
''} %(user)s";
};
};
services.nginx = {
enable = true;
virtualHosts = {
"calendar.r".locations."/".proxyPass = "http://localhost:${toString config.services.xandikos.port}/";
"calendar.r".locations."/".proxyPass = "http://localhost:5232/";
};
};
krebs.git = {
enable = true;
cgit.settings = {
root-title = "krebs repos";
};
rules = with pkgs.stockholm.lib.git; [
{
user = [
{
name = "cal";
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGe1jtHaNFZKmWemWQVEGVYj+s4QGJaL9WYH+wokOZie";
}
] ++ (lib.attrValues config.krebs.users);
repo = [ config.krebs.git.repos.cal ];
perm = push ''refs/heads/master'' [ create merge ];
}
];
repos.cal = {
public = true;
name = "cal";
hooks = {
post-receive = ''
${pkgs.git-hooks.irc-announce {
channel = "#xxx";
refs = [
"refs/heads/master"
];
nick = config.networking.hostName;
server = "irc.r";
verbose = true;
}}
/run/wrappers/bin/sudo -S -u radicale ${pushCal}
'';
};
};
};
krebs.secret.files.calendar = {
path = "/var/lib/radicale/.ssh/id_ed25519";
owner = { name = "radicale"; };
source-path = "${<secrets/radicale.id_ed25519>}";
};
security.sudo.extraConfig = ''
git ALL=(radicale) NOPASSWD: ${pushCal}
'';
}

View File

@ -77,7 +77,7 @@ let
if [ "$?" -ne 0 ]; then
report_error "$response"
else
if ! text=$(printf '%s' "$response" | jq -er '.item.messages[1].text'); then
if ! text=$(printf '%s' "$response" | jq -er '.item.messages[-1].text'); then
echo "$_from: $(report_error "$response")"
exit 0
fi
@ -85,7 +85,7 @@ let
echo "$_from: $text" | fold -s -w 426
printf '%s' "$response" |
jq -r '[.item.messages[1].sourceAttributions[].seeMoreUrl] | to_entries[] | "[\(.key + 1)]: \(.value)"'
jq -r '[.item.messages[-1].sourceAttributions[].seeMoreUrl] | to_entries[] | "[\(.key + 1)]: \(.value)"'
fi
'';
};
@ -158,6 +158,7 @@ let
'';
};
};
interrogate = {
pattern = "^!interrogate (.*)$";
activate = "match";

View File

@ -1,17 +1,21 @@
{ config, pkgs, ... }: with import <stockholm/lib>; let
{ options, config, pkgs, ... }: with import <stockholm/lib>; let
mk_peers = mapAttrs (n: v: { id = v.syncthing.id; });
all_peers = filterAttrs (n: v: v.syncthing.id != null) config.krebs.hosts;
used_peer_names = unique (flatten (mapAttrsToList (n: v: v.devices) config.services.syncthing.declarative.folders));
used_peer_names = unique (filter isString (flatten (mapAttrsToList (n: v: v.devices) config.services.syncthing.folders)));
used_peers = filterAttrs (n: v: elem n used_peer_names) all_peers;
in {
services.syncthing = {
enable = true;
configDir = "/var/lib/syncthing";
devices = mk_peers used_peers;
key = toString <secrets/syncthing.key>;
cert = toString <secrets/syncthing.cert>;
};
# workaround for infinite recursion on unstable, remove in 23.11
} // (if builtins.hasAttr "settings" options.services.syncthing then
{ settings.devices = mk_peers used_peers; }
else
{ devices = mk_peers used_peers; }
);
boot.kernel.sysctl."fs.inotify.max_user_watches" = 524288;
}

View File

@ -0,0 +1,33 @@
{ pkgs, ... }:
pkgs.writers.writeDashBin "vicuna-chat" ''
set -efu
export PATH=${with pkgs; lib.makeBinPath [
coreutils
curl
jq
]}
CONTEXT=''${CONTEXT:-$(date -Id)}
PROMPT=$*
if ! test -e "$CONTEXT"; then
echo -n 'null' > "$CONTEXT"
fi
add_to_context() {
jq -rc --argjson message "$1" '. + [$message]' "$CONTEXT" > "$CONTEXT.tmp"
mv "$CONTEXT.tmp" "$CONTEXT"
}
add_to_context "{\"role\": \"user\", \"content\": \"$PROMPT\"}"
response=$(
jq -nc --slurpfile context "$CONTEXT" '{
model: "vicuna-13b",
messages: $context[0],
}' |
curl -Ss http://vicuna.r/v1/chat/completions -H 'Content-Type: application/json' -d @-
)
add_to_context "$(jq -rcn --argjson response "$response" '$response.choices[0].message')"
jq -rcn --argjson response "$response" '$response.choices[0].message.content'
''

View File

@ -1,9 +1,9 @@
{
"url": "https://github.com/NixOS/nixpkgs",
"rev": "897876e4c484f1e8f92009fd11b7d988a121a4e7",
"date": "2023-05-06T22:28:42+01:00",
"path": "/nix/store/55lpvam2wgdmrbzx0j5gf51dqrqn8wqv-nixpkgs",
"sha256": "0i9j45jwmqhiv7v8i4dmigaras3iw4hmrds2vvd5x8riln3hyizn",
"rev": "4729ffac6fd12e26e5a8de002781ffc49b0e94b7",
"date": "2023-06-05T20:59:20-06:00",
"path": "/nix/store/6r3d9mpbl3px7y8y6wcwsg60bvish21w-nixpkgs",
"sha256": "0gha78rczp5gbl6v39i2bm11kmi974akgqkj3hck5s2ri6abprsr",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,

View File

@ -1,9 +1,9 @@
{
"url": "https://github.com/NixOS/nixpkgs",
"rev": "a08e061a4ee8329747d54ddf1566d34c55c895eb",
"date": "2023-05-09T12:11:35+02:00",
"path": "/nix/store/lwy9r49c92ml9mbvp2kx1m31p7bcpzxd-nixpkgs",
"sha256": "1h0yd0xka6wj9sbbq34gw7a9qlp044b7dhg16bmn8bv96ix55vzj",
"rev": "d83945caa7624015f11b152bf5c6c4363ffe9f7c",
"date": "2023-06-06T09:06:53+02:00",
"path": "/nix/store/vzqz4lhcfjg5npn2fm7w3qpm7h0i5baz-nixpkgs",
"sha256": "0l4axff9lqc6qq1dkm1dgdp2zv7165a42d9l2zmf4njnhm91f5w5",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,

View File

@ -0,0 +1,6 @@
{ lib, pkgs, test, ... }: let
npkgs = lib.importJSON ../../../krebs/nixpkgs-unstable.json;
in if test then {} else {
nixpkgs.git.ref = lib.mkForce npkgs.rev;
nixpkgs-unstable = lib.mkForce { file = "/var/empty"; };
}

View File

@ -14,6 +14,7 @@ in {
./tmux.nix
./xmonad.nix
./themes.nix
./fonts.nix
{
users.users.mainUser.packages = [
pkgs.sshuttle
@ -26,15 +27,15 @@ in {
options.lass.fonts = {
regular = mkOption {
type = types.str;
default = "-*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1";
default = "xft:Iosevka Term SS15:style=regular";
};
bold = mkOption {
type = types.str;
default = "-*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1";
default = "xft:Iosevka Term SS15:style=bold";
};
italic = mkOption {
type = types.str;
default = "-*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1";
default = "xft:Iosevka Term SS15:style=italic";
};
};
config.krebs.xresources.resources.X = ''
@ -98,65 +99,9 @@ in {
${pkgs.flameshot}/bin/flameshot gui
${pkgs.klem}/bin/klem
'')
];
fonts = {
fontDir.enable = true;
enableGhostscriptFonts = true;
fonts = with pkgs; [
xorg.fontschumachermisc
inconsolata
noto-fonts
(iosevka.override {
# https://typeof.net/Iosevka/customizer
privateBuildPlan = {
family = "Iosevka";
spacing = "term";
serifs = "slab";
no-ligation = true;
variants.design = {
capital-j = "serifless";
a = "double-storey-tailed";
b = "toothless-corner";
d = "toothless-corner-serifless";
f = "flat-hook-tailed";
g = "earless-corner";
i = "hooky";
j = "serifless";
l = "tailed";
m = "earless-corner-double-arch";
n = "earless-corner-straight";
p = "earless-corner";
q = "earless-corner";
r = "earless-corner";
u = "toothless-rounded";
y = "cursive-flat-hook";
one = "no-base-long-top-serif";
two = "straight-neck";
three = "flat-top";
four = "open";
six = "open-contour";
seven = "straight-serifless";
eight = "two-circles";
nine = "open-contour";
tilde = "low";
asterisk = "hex-low";
number-sign = "upright";
at = "short";
dollar = "open";
percent = "dots";
question = "corner-flat-hooked";
};
};
set = "kookiefonts";
})
];
};
services.udev.extraRules = ''
SUBSYSTEM=="backlight", ACTION=="add", \
RUN+="${pkgs.coreutils}/bin/chgrp video /sys/class/backlight/%k/brightness", \

View File

@ -5,7 +5,7 @@ let
in {
krebs.fetchWallpaper = {
enable = true;
url = "prism/realwallpaper-krebs-stars-berlin.png";
url = "http://wallpaper.r/realwallpaper-krebs-stars-berlin.png";
};
}

14
lass/2configs/fonts.nix Normal file
View File

@ -0,0 +1,14 @@
{ config, lib, pkgs, ... }:
{
fonts = {
fontDir.enable = true;
enableGhostscriptFonts = true;
fonts = with pkgs; [
xorg.fontschumachermisc
inconsolata
noto-fonts
(iosevka-bin.override { variant = "ss15"; })
];
};
}

View File

@ -124,15 +124,6 @@ let
'';
muttrc = pkgs.writeText "muttrc" ''
# gpg
source ${pkgs.neomutt}/share/doc/neomutt/samples/gpg.rc
set pgp_use_gpg_agent = yes
set pgp_sign_as = 0xDC2A43EF4F11E854B44D599A89E82952976A7E4D
set crypt_autosign = no
set crypt_replyencrypt = yes
set crypt_verify_sig = yes
set pgp_verify_command = "gpg --no-verbose --batch --output - --verify %s %f"
# read html mails
auto_view text/html
@ -187,8 +178,7 @@ let
until ${pkgs.muchsync}/bin/muchsync -F lass@green.r; do
sleep 1
done
''}<enter> \
'run muchsync to green.r'
''}<enter>
#killed
bind index d noop

View File

@ -22,15 +22,14 @@
pulse.enable = true;
jack.enable = true;
};
systemd.services.wireplumber = {
environment = {
HOME = "/var/lib/wireplumber";
DISPLAY = ":0";
};
path = [
pkgs.dbus
];
serviceConfig.StateDirectory = "wireplumber";
environment.etc = {
"wireplumber/bluetooth.lua.d/51-bluez-config.lua".text = ''
bluez_monitor.properties = {
["bluez5.enable-sbc-xq"] = true,
["bluez5.enable-msbc"] = true,
["bluez5.enable-hw-volume"] = true,
["bluez5.headset-roles"] = "[ hsp_hs hsp_ag hfp_hf hfp_ag ]"
}
'';
};
}

View File

@ -19,8 +19,7 @@ in {
}
'';
serverAliases = [
hostname
"${hostname}.r"
"wallpaper.r"
];
locations."/realwallpaper/".extraConfig = ''
index on;

View File

@ -82,7 +82,7 @@ in {
users.users = {
"${name}" = rec {
inherit name;
createHome = lib.mkForce false;
createHome = true;
group = name;
uid = pkgs.stockholm.lib.genid_uint31 name;
description = "radio manager";

View File

@ -1,6 +1,31 @@
{ config, lib, pkgs, ... }:
let
tts = pkgs.writers.writeBashBin "tts" ''
set -efu
offset=0
OUTPUT=$(mktemp -d)
trap 'rm -rf "$OUTPUT"' EXIT
SPEAKER=$[ $RANDOM % 900 ]
while read line; do
echo "$line" |
${pkgs.larynx}/bin/larynx \
--model ${pkgs.fetchzip {
url = "https://github.com/rhasspy/piper/releases/download/v0.0.2/voice-en-us-libritts-high.tar.gz";
hash = "sha256-jCoK4p0O7BuF0nr6Sfj40tpivCvU5M3GHKQRg1tfIO8=";
stripRoot = false;
}}/en-us-libritts-high.onnx \
-s "$SPEAKER" \
-f "$OUTPUT"/"$offset".wav
((offset+=1))
done
${pkgs.sox}/bin/sox "$OUTPUT"/*.wav "$OUTPUT"/all.wav
cat "$OUTPUT"/all.wav
'';
send_to_radio = pkgs.writers.writeDashBin "send_to_radio" ''
${pkgs.vorbis-tools}/bin/oggenc - |
${pkgs.cyberlocker-tools}/bin/cput news.ogg
@ -41,16 +66,16 @@ in
systemd.services.newsshow = {
path = [
newsshow
tts
send_to_radio
gc_news
get_current_news
pkgs.curl
pkgs.retry
];
script = ''
set -efu
retry -t 5 -d 10 -- newsshow |
retry -t 5 -d 10 -- curl -fSsG http://tts.r/api/tts --data-urlencode 'text@-' |
retry -t 5 -d 10 -- tts |
retry -t 5 -d 10 -- send_to_radio
'';
startAt = "*:00:00";

View File

@ -15,6 +15,7 @@
${pkgs.coreutils}/bin/chown lass:users /var/theme/current_theme
${pkgs.xorg.xrdb}/bin/xrdb -merge /var/theme/config/xresources
${pkgs.procps}/bin/pkill -HUP xsettingsd
${pkgs.glib}/bin/gsettings set org.gnome.desktop.interface gtk-theme "$(cat /var/theme/config/gtk-theme)"
else
echo "theme $1 not found"
fi
@ -37,8 +38,13 @@ in {
];
environment.systemPackages = [
switch-theme
pkgs.dracula-theme
pkgs.gnome3.adwaita-icon-theme
];
environment.etc = {
"themes/light/gtk-theme".text = ''
Adwaita
'';
"themes/light/xsettings.conf".text = ''
Net/ThemeName "Adwaita"
'';
@ -46,8 +52,11 @@ in {
*background: #ffffff
*foreground: #000000
'';
"themes/dark/gtk-theme".text = ''
Dracula
'';
"themes/dark/xsettings.conf".text = ''
Net/ThemeName "Adwaita-dark"
Net/ThemeName "Dracula"
'';
"themes/dark/xresources".text = ''
*background: #000000

View File

@ -0,0 +1,20 @@
{ config, lib, pkgs, ... }:
{
systemd.services.weron = {
wantedBy = [ "multi-user.target" ];
environment = {
WERON_RADDR = "ws://lassul.us:23420/";
};
serviceConfig = {
ExecStart = pkgs.writers.writeDash "weron" ''
${pkgs.weron}/bin/weron vpn ip \
--community krebs \
--password aidsballs \
--key aidsballs \
--ips 10.249.1.0/24 \
--verbose 7 \
--dev weron
'';
};
};
}

View File

@ -0,0 +1,13 @@
{ config, lib, pkgs, ... }:
{
systemd.services.weron-signaler = {
wantedBy = [ "multi-user.target" ];
environment = {
};
serviceConfig = {
ExecStart = ''${pkgs.weron}/bin/weron signaler --verbose=7 --laddr ":23420"'';
};
};
networking.firewall.allowedTCPPorts = [ 23420 ];
}

View File

@ -68,7 +68,7 @@ myTerm :: FilePath
myTerm = "/run/current-system/sw/bin/alacritty"
myFont :: String
myFont = "-*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1"
myFont = "${config.lass.fonts.regular}"
main :: IO ()
main = do