Mic92/stockholm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Compare commits

base: Mic92:0156323836b3e5ca311ff7eb9a0213aacfe9be10
Branches Tags
Mic92:master
..
compare: Mic92:db560455732c8e1014a686a05d4a43896318acf4
Branches Tags
Mic92:master

1 Commits
0156323836 ... db56045573

Author SHA1 Message Date
lassulus
db56045573 syncthing: add workaround for infinite recursion on unstable 2023-05-24 17:39:54 +02:00
21 changed files with 133 additions and 363 deletions
Show Stats Expand all files Collapse all files

89
kartei/jan/default.nix
View File

@ -1,89 +0,0 @@
{ config, ... }: let
lib = import ../../lib;
in {
users.jan = {
mail = "jan.heidbrink@posteo.de";
};
hosts.toastbrot = {
owner = config.krebs.users.jan;
nets = {
retiolum = {
ip4.addr = "10.243.117.12";
aliases = [
"toastbrot.r"
];
tinc.pubkey = ''
-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA12VLPJMhGSh5fQgrB6bP
2H1eew0/7t1xr3oJ3uaTZd7UIvPQ/aA5pB9xL5s+BIBvRa5P3QFWUAVhqchsPiRc
yC4awLvo6zrUZB3pJBFiUuThx1xzmazTbRNyJ0E3Dwi2VSp3dAi5xEwHSVDSElGj
DyRrdwyLe9lKghGHgNhB01QAt1/AO3A/TBs2RS/E0kuPhVQzpo5Ae5I530Cr0pf3
r/de1TdArIcOfnTvW7WNrdBhwLq14cfdXkZwJ2bBE9Q22FAJp5k21PW5dQ41oDuT
PYHZIH555sxifMThrUpuNHIrDtIQk6D+Km90WNf/lBGwZqQr/B5G6zSNX7d/0JbY
Hi8Ltq++Sf0XgWNir9+evGNLCBqAXdvQFrj2l7BuNywE0L2nZThnxjTxP6QLFnqO
IXY97x3p7AYcfmVFutfYqYM1HdyyehF711hhm30fdcXHsJ+GpQgGrj67+++N7g7g
fjWBGNI9EL9CyTZ/N9U3TGeoxooc1BSaAiHmaPoYaAeI0Y/W6bNrixpL3aI5X8MH
Flen2y2XEk2n+pXozPDbLAT+MZ3sWwODDYRc8zGbV2RlMvL94LHh95/JC0itdXa3
uNRDtSnfbNe4eHw9/HMDkclhywuE+hbyq+JNNodqLwG/o1/r3GI+ggOyCdZHjF4B
4R8QXUJiqUdcbR3WQDR5i10CAwEAAQ==
-----END PUBLIC KEY-----
'';
};
};
};
hosts.petrosilia = {
owner = config.krebs.users.jan;
nets = {
retiolum = {
ip4.addr = "10.243.143.11";
aliases = [
"petrosilia.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAxDumQ/06Yd3AQPSlHH9/kNngbc/tq5yBuT0ymbQGMHLL9X3pCz/f
y9GZVpQtaKm7EZ0Kj8ieaPOyG7BItH0AvTdSJV7rn4WKuKfe5E5S4E8YqsZfSu4N
IdEKVIisyBNCklXaDn6A7nxeUauwHQHuj0wOAnYKfaU+2haL+JzcFtQ1RpxDBsy1
FbcEXO5NOhsXK4mHjtRrK1GamnCo5gvJU3w1NrfLRXteOOBsR49HhTIWvi8L4tSf
fd/mFwWayB7D0feLhWBpMPQTa5TeeQPxhgJrlIwXJiONG8GWFWNCHEjbQaCuJJWn
e37n9xCpdH867P921Ei+gyKZi9t6d+U4blrCpQzIe95t8Uv0i2c+YNt9NQL5Z119
jt/Xhm7ccT9FeOuYsbjcO6g0BJumILEjD309vfQfWNims++vMd53q3dzxp4Kau+f
vdMyrzWiIytM+/iQmneG8XLv0b7I6FUPEahpCncZ14NqBDaKclwoJ/HfB+WZi6JV
yBVJHm9vogfzD1sLmDctHps3uJAeZHzszws8LMKdd5JxxQzVBRcrD1LKHYmmUYTU
5gyDxnFn8ZoZ3GFVH+5v2PJgZY++/6zdDxQ9flrdt2zRaoAq2Zayn7R8sQ/ZjMXK
eR8aXgHzEL/n/9BMKs+jLu3j8xaiJX8ctnRvwSnOFjU9wQvJ7QNQHk0CAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "Rs5jdJk/YF4aXohp3isau4LHinD4VWlvSa9CcgznR+A";
};
};
};
hosts.grill = {
owner = config.krebs.users.jan;
nets.retiolum = {
aliases = [ "grill.r" ];
ip4.addr = "10.243.217.217";
ip6.addr = (lib.krebs.genipv6 "retiolum" "jan" { hostName = "grill"; }).address;
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAs4P6CfRcwFGCqkfv1tyTbbk2eHh08kEqxPNQ655sMKWxMhgRnRII
1ooJW+q3zOm0P4IySvQkqPCXiynPBKG+W8vz6as4/TjMgqz45zTSZaoGsUjPS7Yg
L9qN6bLNJUhjPtyBBIX5l+WSii2RkbtcFTewY9HITPgOvu5rSiYgdz1X86BDTy0w
E6g13jwjI0D29jFAXIIfSwfvqikHmicr++3R4URPTiY7Vcg3UtIYGaKEFTPid0Da
bd47ZNWI99CI5Znzd4aJSD+0lfD6+EZb4nQ2o/VZ5RRUid9qWKHu5pbXvPrwE5uC
TWtsP1nla+zx1nDD2UHt0bJzdfz4sEFrmLHBqsdvfgAlVvVr65ZMIOO5X0fevHi4
s3jqYPMLksimuQjHCXYcgxfBYkVPuVWqDivOV8Z60UhAop5xK9i+FV4kyTgL+qmH
79VAy8+2Wrzda/MBVFF+0XAryBtqFgk5JtmfRKJ5rcXFy9hnugmfulOC0+XFPFbN
cNLbPR/dwON6YIg90z0wwJfPoWwzj3jKwT7YZ/pYSEl0JDgkpTzCxiBbqpJ/r8CZ
2avRws5YMVnLcuY1IFlNLJdUZdz+41zmPizIP0dAdrwDH56AJkTukESf1Ir6G2NT
isn3pijKy4Y/EbWnJiQpEKDfNh8JW1Ryw1zvNYKYR3OAImp3DgsWmeECAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "cqfMY/8kqtuM5wIzYMNfFIc47Jx1nnfV0//SMpsO61G";
};
};
}

1
kartei/lass/prism.nix
View File

@ -71,7 +71,6 @@ rec {
"c.r" "c.r"
"p.r" "p.r"
"search.r" "search.r"
"wallpaper.r"
]; ];
tinc = { tinc = {
pubkey = '' pubkey = ''

57
kartei/others/default.nix
View File

@ -286,6 +286,60 @@ in {
}; };
}; };
}; };
toastbrot = {
owner = config.krebs.users.jan;
nets = {
retiolum = {
ip4.addr = "10.243.117.12";
aliases = [
"toastbrot.r"
];
tinc.pubkey = ''
-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA12VLPJMhGSh5fQgrB6bP
2H1eew0/7t1xr3oJ3uaTZd7UIvPQ/aA5pB9xL5s+BIBvRa5P3QFWUAVhqchsPiRc
yC4awLvo6zrUZB3pJBFiUuThx1xzmazTbRNyJ0E3Dwi2VSp3dAi5xEwHSVDSElGj
DyRrdwyLe9lKghGHgNhB01QAt1/AO3A/TBs2RS/E0kuPhVQzpo5Ae5I530Cr0pf3
r/de1TdArIcOfnTvW7WNrdBhwLq14cfdXkZwJ2bBE9Q22FAJp5k21PW5dQ41oDuT
PYHZIH555sxifMThrUpuNHIrDtIQk6D+Km90WNf/lBGwZqQr/B5G6zSNX7d/0JbY
Hi8Ltq++Sf0XgWNir9+evGNLCBqAXdvQFrj2l7BuNywE0L2nZThnxjTxP6QLFnqO
IXY97x3p7AYcfmVFutfYqYM1HdyyehF711hhm30fdcXHsJ+GpQgGrj67+++N7g7g
fjWBGNI9EL9CyTZ/N9U3TGeoxooc1BSaAiHmaPoYaAeI0Y/W6bNrixpL3aI5X8MH
Flen2y2XEk2n+pXozPDbLAT+MZ3sWwODDYRc8zGbV2RlMvL94LHh95/JC0itdXa3
uNRDtSnfbNe4eHw9/HMDkclhywuE+hbyq+JNNodqLwG/o1/r3GI+ggOyCdZHjF4B
4R8QXUJiqUdcbR3WQDR5i10CAwEAAQ==
-----END PUBLIC KEY-----
'';
};
};
};
petrosilia = {
owner = config.krebs.users.jan;
nets = {
retiolum = {
ip4.addr = "10.243.143.11";
aliases = [
"petrosilia.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAxDumQ/06Yd3AQPSlHH9/kNngbc/tq5yBuT0ymbQGMHLL9X3pCz/f
y9GZVpQtaKm7EZ0Kj8ieaPOyG7BItH0AvTdSJV7rn4WKuKfe5E5S4E8YqsZfSu4N
IdEKVIisyBNCklXaDn6A7nxeUauwHQHuj0wOAnYKfaU+2haL+JzcFtQ1RpxDBsy1
FbcEXO5NOhsXK4mHjtRrK1GamnCo5gvJU3w1NrfLRXteOOBsR49HhTIWvi8L4tSf
fd/mFwWayB7D0feLhWBpMPQTa5TeeQPxhgJrlIwXJiONG8GWFWNCHEjbQaCuJJWn
e37n9xCpdH867P921Ei+gyKZi9t6d+U4blrCpQzIe95t8Uv0i2c+YNt9NQL5Z119
jt/Xhm7ccT9FeOuYsbjcO6g0BJumILEjD309vfQfWNims++vMd53q3dzxp4Kau+f
vdMyrzWiIytM+/iQmneG8XLv0b7I6FUPEahpCncZ14NqBDaKclwoJ/HfB+WZi6JV
yBVJHm9vogfzD1sLmDctHps3uJAeZHzszws8LMKdd5JxxQzVBRcrD1LKHYmmUYTU
5gyDxnFn8ZoZ3GFVH+5v2PJgZY++/6zdDxQ9flrdt2zRaoAq2Zayn7R8sQ/ZjMXK
eR8aXgHzEL/n/9BMKs+jLu3j8xaiJX8ctnRvwSnOFjU9wQvJ7QNQHk0CAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "Rs5jdJk/YF4aXohp3isau4LHinD4VWlvSa9CcgznR+A";
};
};
};
tpsw = { tpsw = {
owner = config.krebs.users.ciko; # main laptop owner = config.krebs.users.ciko; # main laptop
nets = { nets = {
@ -575,6 +629,9 @@ in {
ilmu = { ilmu = {
mail = "ilmu@rishi.is"; mail = "ilmu@rishi.is";
}; };
jan = {
mail = "jan.heidbrink@posteo.de";
};
jonge = { jonge = {
mail = "jacek.galowicz@gmail.com"; mail = "jacek.galowicz@gmail.com";
}; };

127
krebs/2configs/cal.nix
View File

@ -1,116 +1,33 @@
{ config, lib, pkgs, ... }: let { config, lib, pkgs, ... }:
{
users.users.testing = {
uid = pkgs.stockholm.lib.genid_uint31 "testing";
isNormalUser = true;
openssh.authorizedKeys.keys = [
config.krebs.users.xkey.pubkey
config.krebs.users.lass.pubkey
];
packages = [
pkgs.calendar-cli
pkgs.tmux
];
};
setupGit = '' services.xandikos = {
export PATH=${lib.makeBinPath [
pkgs.coreutils
pkgs.git
]}
export GIT_SSH_COMMAND='${pkgs.openssh}/bin/ssh -i /var/lib/radicale/.ssh/id_ed25519'
repo='git@localhost:cal'
cd /var/lib/radicale/collections
if ! test -d .git; then
git init
git config user.name "radicale"
git config user.email "radicale@${config.networking.hostName}"
elif ! url=$(git config remote.origin.url); then
git remote add origin "$repo"
elif test "$url" != "$repo"; then
git remote set-url origin "$repo"
fi
cp ${pkgs.writeText "gitignore" ''
.Radicale.cache
''} .gitignore
git add .gitignore
'';
pushCal = pkgs.writeDash "push_cal" ''
${setupGit}
git fetch origin
git merge --ff-only origin/master || :
'';
pushCgit = pkgs.writeDash "push_cgit" ''
${setupGit}
git push origin master
'';
in {
services.radicale = {
enable = true; enable = true;
rights = { extraOptions = [
krebs = { "--autocreate"
user = ".*"; "--defaults"
collection = ".*"; "--current-user-principal /krebs"
permissions = "rRwW"; "--dump-dav-xml"
}; ];
};
settings = {
auth.type = "none";
server.hosts = [
"0.0.0.0:5232"
"[::]:5232"
];
storage.filesystem_folder = "/var/lib/radicale/collections";
storage.hook = "${pkgs.writers.writeDash "radicale-hook" ''
set -efu
${setupGit}
${pkgs.git}/bin/git add -A
(${pkgs.git}/bin/git diff --cached --quiet || ${pkgs.git}/bin/git commit -m "Changes by \"$1\"")
${pushCgit}
''} %(user)s";
};
}; };
services.nginx = { services.nginx = {
enable = true; enable = true;
virtualHosts = { virtualHosts = {
"calendar.r".locations."/".proxyPass = "http://localhost:5232/"; "calendar.r".locations."/".proxyPass = "http://localhost:${toString config.services.xandikos.port}/";
}; };
}; };
krebs.git = {
enable = true;
cgit.settings = {
root-title = "krebs repos";
};
rules = with pkgs.stockholm.lib.git; [
{
user = [
{
name = "cal";
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGe1jtHaNFZKmWemWQVEGVYj+s4QGJaL9WYH+wokOZie";
}
] ++ (lib.attrValues config.krebs.users);
repo = [ config.krebs.git.repos.cal ];
perm = push ''refs/heads/master'' [ create merge ];
}
];
repos.cal = {
public = true;
name = "cal";
hooks = {
post-receive = ''
${pkgs.git-hooks.irc-announce {
channel = "#xxx";
refs = [
"refs/heads/master"
];
nick = config.networking.hostName;
server = "irc.r";
verbose = true;
}}
/run/wrappers/bin/sudo -S -u radicale ${pushCal}
'';
};
};
};
krebs.secret.files.calendar = {
path = "/var/lib/radicale/.ssh/id_ed25519";
owner = { name = "radicale"; };
source-path = "${<secrets/radicale.id_ed25519>}";
};
security.sudo.extraConfig = ''
git ALL=(radicale) NOPASSWD: ${pushCal}
'';
} }

2
krebs/2configs/syncthing.nix
View File

@ -2,7 +2,7 @@
mk_peers = mapAttrs (n: v: { id = v.syncthing.id; }); mk_peers = mapAttrs (n: v: { id = v.syncthing.id; });
all_peers = filterAttrs (n: v: v.syncthing.id != null) config.krebs.hosts; all_peers = filterAttrs (n: v: v.syncthing.id != null) config.krebs.hosts;
used_peer_names = unique (filter isString (flatten (mapAttrsToList (n: v: v.devices) config.services.syncthing.folders))); used_peer_names = unique (flatten (mapAttrsToList (n: v: v.devices) (lib.filter isString config.services.syncthing.settings.folders)));
used_peers = filterAttrs (n: v: elem n used_peer_names) all_peers; used_peers = filterAttrs (n: v: elem n used_peer_names) all_peers;
in { in {
services.syncthing = { services.syncthing = {

37
krebs/3modules/tinc.nix
View File

@ -190,16 +190,35 @@ with import <stockholm/lib>;
default = 3; default = 3;
}; };
username = mkOption { user = mkOption {
type = types.username; type = types.user;
default = tinc.config.netname; default = {
defaultText = literalExample "netname"; name = tinc.config.netname;
home = "/var/lib/${tinc.config.user.name}";
};
defaultText = {
name = "netname";
home = "/var/lib/netname";
};
}; };
}; };
})); }));
}; };
config = { config = {
users.users = mapAttrs' (netname: cfg:
nameValuePair "${netname}" {
inherit (cfg.user) home name uid;
createHome = true;
isSystemUser = true;
group = netname;
}
) config.krebs.tinc;
users.groups = mapAttrs' (netname: cfg:
nameValuePair netname {}
) config.krebs.tinc;
krebs.systemd.services = mapAttrs (netname: cfg: { krebs.systemd.services = mapAttrs (netname: cfg: {
restartIfCredentialsChange = true; restartIfCredentialsChange = true;
}) config.krebs.tinc; }) config.krebs.tinc;
@ -219,11 +238,11 @@ with import <stockholm/lib>;
) )
"rsa_key.priv:${cfg.privkey}" "rsa_key.priv:${cfg.privkey}"
]; ];
ExecStartPre = "+" + pkgs.writers.writeDash "init-tinc-${netname}" '' ExecStartPre = pkgs.writers.writeDash "init-tinc-${netname}" ''
set -efu set -efu
${pkgs.coreutils}/bin/mkdir -p /etc/tinc ${pkgs.coreutils}/bin/mkdir -p /etc/tinc
${pkgs.rsync}/bin/rsync -Lacv --delete \ ${pkgs.rsync}/bin/rsync -Lacv --delete \
--chown ${cfg.username} \ --chown ${cfg.user.name} \
--chmod u=rwX,g=rX \ --chmod u=rwX,g=rX \
--exclude='/*.priv' \ --exclude='/*.priv' \
${cfg.confDir}/ /etc/tinc/${netname}/ ${cfg.confDir}/ /etc/tinc/${netname}/
@ -236,16 +255,14 @@ with import <stockholm/lib>;
"$CREDENTIALS_DIRECTORY"/rsa_key.priv \ "$CREDENTIALS_DIRECTORY"/rsa_key.priv \
/etc/tinc/${netname}/ /etc/tinc/${netname}/
''; '';
ExecStart = "+" + toString [ ExecStart = toString [
"${cfg.tincPackage}/sbin/tincd" "${cfg.tincPackage}/sbin/tincd"
"-D" "-D"
"-U ${cfg.username}" "-U ${cfg.user.name}"
"-d 0" "-d 0"
"-n ${netname}" "-n ${netname}"
]; ];
SyslogIdentifier = netname; SyslogIdentifier = netname;
DynamicUser = true;
User = cfg.username;
}; };
}) config.krebs.tinc; }) config.krebs.tinc;
}; };

22
krebs/5pkgs/simple/cunicu.nix
View File

@ -1,22 +0,0 @@
{ lib, pkgs }:
pkgs.buildGo120Module rec {
pname = "cunicu";
version = "g${lib.substring 0 7 src.rev}";
buildInputs = [
pkgs.libpcap
];
# XXX tries to access https://relay.cunicu.li
doCheck = false;
src = pkgs.fetchFromGitHub {
owner = "stv0g";
repo = "cunicu";
rev = "3ed8109bef97a10a438e5658c41823b7f812db8e";
hash = "sha256-FpOJ6/jmnbpufc+kgKwlLtFhOcc2CTe+FvqeV8WEGMc=";
};
vendorHash = "sha256-eAawhJK9K8/7FCQiYMI9XCPePYsCVF045Di7SpRZvL4=";
}

33
krebs/5pkgs/simple/vicuna-chat/default.nix
View File

@ -1,33 +0,0 @@
{ pkgs, ... }:
pkgs.writers.writeDashBin "vicuna-chat" ''
set -efu
export PATH=${with pkgs; lib.makeBinPath [
coreutils
curl
jq
]}
CONTEXT=''${CONTEXT:-$(date -Id)}
PROMPT=$*
if ! test -e "$CONTEXT"; then
echo -n 'null' > "$CONTEXT"
fi
add_to_context() {
jq -rc --argjson message "$1" '. + [$message]' "$CONTEXT" > "$CONTEXT.tmp"
mv "$CONTEXT.tmp" "$CONTEXT"
}
add_to_context "{\"role\": \"user\", \"content\": \"$PROMPT\"}"
response=$(
jq -nc --slurpfile context "$CONTEXT" '{
model: "vicuna-13b",
messages: $context[0],
}' |
curl -Ss http://vicuna.r/v1/chat/completions -H 'Content-Type: application/json' -d @-
)
add_to_context "$(jq -rcn --argjson response "$response" '$response.choices[0].message')"
jq -rcn --argjson response "$response" '$response.choices[0].message.content'
''

8
krebs/nixpkgs-unstable.json
View File

@ -1,9 +1,9 @@
{ {
"url": "https://github.com/NixOS/nixpkgs", "url": "https://github.com/NixOS/nixpkgs",
"rev": "7409480d5c8584a1a83c422530419efe4afb0d19", "rev": "7084250df3d7f9735087d3234407f3c1fc2400e3",
"date": "2023-06-04T22:13:39-04:00", "date": "2023-05-22T13:19:02+02:00",
"path": "/nix/store/ljhvmls6vxsg7x93zvaa087y77wh2nzc-nixpkgs", "path": "/nix/store/zgv3fzg2lywfqdrv4mghd62s9i6zxhrw-nixpkgs",
"sha256": "14rv5zjrq5rpqlzc1wzh30yhn8aivwkm2zrh0bh0facbkqwrwigh", "sha256": "0nkg8h5ix0sbjqb0gdj5124nbg2gd1nmyl1p14cvlg77fs7afld6",
"fetchLFS": false, "fetchLFS": false,
"fetchSubmodules": false, "fetchSubmodules": false,
"deepClone": false, "deepClone": false,

8
krebs/nixpkgs.json
View File

@ -1,9 +1,9 @@
{ {
"url": "https://github.com/NixOS/nixpkgs", "url": "https://github.com/NixOS/nixpkgs",
"rev": "d4a9ff82fc18723219b60c66fb2ccb0734c460eb", "rev": "a17f99dfcb9643200b3884ca195c69ae41d7f059",
"date": "2023-06-04T14:52:07+02:00", "date": "2023-05-23T18:09:00+02:00",
"path": "/nix/store/hnnbh80g4jx19h0ac76qrirai16ld2px-nixpkgs", "path": "/nix/store/2n82i65gv1y54xj3dplkvhfyc8rs1j90-nixpkgs",
"sha256": "0ly23mqjzlygsnr0avji6ylyrl90rcqsmkcavg71kd60v8ydmw6c", "sha256": "180ipicp351s99nvn9xvf5nzs5fzxhawfbykaijvaqj63siss13m",
"fetchLFS": false, "fetchLFS": false,
"fetchSubmodules": false, "fetchSubmodules": false,
"deepClone": false, "deepClone": false,

6
lass/1systems/radio/source.nix
View File

@ -1,6 +0,0 @@
{ lib, pkgs, test, ... }: let
npkgs = lib.importJSON ../../../krebs/nixpkgs-unstable.json;
in if test then {} else {
nixpkgs.git.ref = lib.mkForce npkgs.rev;
nixpkgs-unstable = lib.mkForce { file = "/var/empty"; };
}

2
lass/2configs/fetchWallpaper.nix
View File

@ -5,7 +5,7 @@ let
in { in {
krebs.fetchWallpaper = { krebs.fetchWallpaper = {
enable = true; enable = true;
url = "http://wallpaper.r/realwallpaper-krebs-stars-berlin.png"; url = "prism/realwallpaper-krebs-stars-berlin.png";
}; };
} }

19
lass/2configs/pipewire.nix
View File

@ -22,14 +22,15 @@
pulse.enable = true; pulse.enable = true;
jack.enable = true; jack.enable = true;
}; };
environment.etc = {
"wireplumber/bluetooth.lua.d/51-bluez-config.lua".text = '' systemd.services.wireplumber = {
bluez_monitor.properties = { environment = {
["bluez5.enable-sbc-xq"] = true, HOME = "/var/lib/wireplumber";
["bluez5.enable-msbc"] = true, DISPLAY = ":0";
["bluez5.enable-hw-volume"] = true, };
["bluez5.headset-roles"] = "[ hsp_hs hsp_ag hfp_hf hfp_ag ]" path = [
} pkgs.dbus
''; ];
serviceConfig.StateDirectory = "wireplumber";
}; };
} }

3
lass/2configs/realwallpaper.nix
View File

@ -19,7 +19,8 @@ in {
} }
''; '';
serverAliases = [ serverAliases = [
"wallpaper.r" hostname
"${hostname}.r"
]; ];
locations."/realwallpaper/".extraConfig = '' locations."/realwallpaper/".extraConfig = ''
index on; index on;

2
lass/2configs/services/radio/default.nix
View File

@ -82,7 +82,7 @@ in {
users.users = { users.users = {
"${name}" = rec { "${name}" = rec {
inherit name; inherit name;
createHome = true; createHome = lib.mkForce false;
group = name; group = name;
uid = pkgs.stockholm.lib.genid_uint31 name; uid = pkgs.stockholm.lib.genid_uint31 name;
description = "radio manager"; description = "radio manager";

29
lass/2configs/services/radio/news.nix
View File

@ -1,31 +1,6 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let let
tts = pkgs.writers.writeBashBin "tts" ''
set -efu
offset=0
OUTPUT=$(mktemp -d)
trap 'rm -rf "$OUTPUT"' EXIT
SPEAKER=$[ $RANDOM % 900 ]
while read line; do
echo "$line" |
${pkgs.larynx}/bin/larynx \
--model ${pkgs.fetchzip {
url = "https://github.com/rhasspy/piper/releases/download/v0.0.2/voice-en-us-libritts-high.tar.gz";
hash = "sha256-jCoK4p0O7BuF0nr6Sfj40tpivCvU5M3GHKQRg1tfIO8=";
stripRoot = false;
}}/en-us-libritts-high.onnx \
-s "$SPEAKER" \
-f "$OUTPUT"/"$offset".wav
((offset+=1))
done
${pkgs.sox}/bin/sox "$OUTPUT"/*.wav "$OUTPUT"/all.wav
cat "$OUTPUT"/all.wav
'';
send_to_radio = pkgs.writers.writeDashBin "send_to_radio" '' send_to_radio = pkgs.writers.writeDashBin "send_to_radio" ''
${pkgs.vorbis-tools}/bin/oggenc - | ${pkgs.vorbis-tools}/bin/oggenc - |
${pkgs.cyberlocker-tools}/bin/cput news.ogg ${pkgs.cyberlocker-tools}/bin/cput news.ogg
@ -66,16 +41,16 @@ in
systemd.services.newsshow = { systemd.services.newsshow = {
path = [ path = [
newsshow newsshow
tts
send_to_radio send_to_radio
gc_news gc_news
get_current_news get_current_news
pkgs.curl
pkgs.retry pkgs.retry
]; ];
script = '' script = ''
set -efu set -efu
retry -t 5 -d 10 -- newsshow | retry -t 5 -d 10 -- newsshow |
retry -t 5 -d 10 -- tts | retry -t 5 -d 10 -- curl -fSsG http://tts.r/api/tts --data-urlencode 'text@-' |
retry -t 5 -d 10 -- send_to_radio retry -t 5 -d 10 -- send_to_radio
''; '';
startAt = "*:00:00"; startAt = "*:00:00";

13
lass/2configs/themes.nix
View File

@ -15,7 +15,6 @@
${pkgs.coreutils}/bin/chown lass:users /var/theme/current_theme ${pkgs.coreutils}/bin/chown lass:users /var/theme/current_theme
${pkgs.xorg.xrdb}/bin/xrdb -merge /var/theme/config/xresources ${pkgs.xorg.xrdb}/bin/xrdb -merge /var/theme/config/xresources
${pkgs.procps}/bin/pkill -HUP xsettingsd ${pkgs.procps}/bin/pkill -HUP xsettingsd
${pkgs.glib}/bin/gsettings set org.gnome.desktop.interface gtk-theme "$(cat /var/theme/config/gtk-theme)"
else else
echo "theme $1 not found" echo "theme $1 not found"
fi fi
@ -38,25 +37,17 @@ in {
]; ];
environment.systemPackages = [ environment.systemPackages = [
switch-theme switch-theme
pkgs.dracula-theme
pkgs.gnome3.adwaita-icon-theme
]; ];
environment.etc = { environment.etc = {
"themes/light/gtk-theme".text = ''
Adwaita
'';
"themes/light/xsettings.conf".text = '' "themes/light/xsettings.conf".text = ''
Net/ThemeName "Adwaita" Net/ThemeName "Adwaita"
''; '';
"themes/light/xresources".text = '' "themes/light/xresources".text = ''
*background: #ffffff *background: #ffffff
*foreground: #000000 *foreground: #000000
''; '';
"themes/dark/gtk-theme".text = ''
Dracula
'';
"themes/dark/xsettings.conf".text = '' "themes/dark/xsettings.conf".text = ''
Net/ThemeName "Dracula" Net/ThemeName "Adwaita-dark"
''; '';
"themes/dark/xresources".text = '' "themes/dark/xresources".text = ''
*background: #000000 *background: #000000

20
lass/2configs/weron/client.nix
View File

@ -1,20 +0,0 @@
{ config, lib, pkgs, ... }:
{
systemd.services.weron = {
wantedBy = [ "multi-user.target" ];
environment = {
WERON_RADDR = "ws://lassul.us:23420/";
};
serviceConfig = {
ExecStart = pkgs.writers.writeDash "weron" ''
${pkgs.weron}/bin/weron vpn ip \
--community krebs \
--password aidsballs \
--key aidsballs \
--ips 10.249.1.0/24 \
--verbose 7 \
--dev weron
'';
};
};
}

13
lass/2configs/weron/signaler.nix
View File

@ -1,13 +0,0 @@
{ config, lib, pkgs, ... }:
{
systemd.services.weron-signaler = {
wantedBy = [ "multi-user.target" ];
environment = {
};
serviceConfig = {
ExecStart = ''${pkgs.weron}/bin/weron signaler --verbose=7 --laddr ":23420"'';
};
};
networking.firewall.allowedTCPPorts = [ 23420 ];
}

3
tv/2configs/gitrepos.nix
View File

@ -96,9 +96,6 @@ with import ./lib;
nix-writers = { nix-writers = {
cgit.desc = "collection of package builders"; cgit.desc = "collection of package builders";
}; };
nixpkgs = {
cgit.desc = "Nix Packages collection";
};
pager = { pager = {
}; };
populate = { populate = {

2
tv/2configs/sshd.nix
View File

@ -11,11 +11,9 @@ in {
]; ];
tv.iptables.extra4.nat.PREROUTING = [ tv.iptables.extra4.nat.PREROUTING = [
"-d ${cfg.host.nets.retiolum.ip4.addr} -p tcp --dport 22 -j ACCEPT" "-d ${cfg.host.nets.retiolum.ip4.addr} -p tcp --dport 22 -j ACCEPT"
"-d ${cfg.host.nets.wiregrill.ip4.addr} -p tcp --dport 22 -j ACCEPT"
]; ];
tv.iptables.extra6.nat.PREROUTING = [ tv.iptables.extra6.nat.PREROUTING = [
"-d ${cfg.host.nets.retiolum.ip6.addr} -p tcp --dport 22 -j ACCEPT" "-d ${cfg.host.nets.retiolum.ip6.addr} -p tcp --dport 22 -j ACCEPT"
"-d ${cfg.host.nets.wiregrill.ip6.addr} -p tcp --dport 22 -j ACCEPT"
]; ];
tv.iptables.extra.nat.PREROUTING = [ tv.iptables.extra.nat.PREROUTING = [
"-p tcp --dport 22 -j REDIRECT --to-ports 0" "-p tcp --dport 22 -j REDIRECT --to-ports 0"