From 19af2530aaa0997c2c4cff68333b68df840ba8e7 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Mon, 2 Dec 2019 01:15:57 +0100
Subject: tv im: configs -> modules

---
 tv/1systems/nomic/config.nix |  1 -
 tv/2configs/im.nix           | 24 ---------------
 tv/3modules/default.nix      |  1 +
 tv/3modules/im.nix           | 72 ++++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 73 insertions(+), 25 deletions(-)
 delete mode 100644 tv/2configs/im.nix
 create mode 100644 tv/3modules/im.nix

diff --git a/tv/1systems/nomic/config.nix b/tv/1systems/nomic/config.nix
index a89f07e..86f9b7e 100644
--- a/tv/1systems/nomic/config.nix
+++ b/tv/1systems/nomic/config.nix
@@ -8,7 +8,6 @@ with import <stockholm/lib>;
     <stockholm/tv/2configs/hw/x220.nix>
     <stockholm/tv/2configs/exim-retiolum.nix>
     <stockholm/tv/2configs/gitrepos.nix>
-    <stockholm/tv/2configs/im.nix>
     <stockholm/tv/2configs/mail-client.nix>
     <stockholm/tv/2configs/nginx/public_html.nix>
     <stockholm/tv/2configs/pulse.nix>
diff --git a/tv/2configs/im.nix b/tv/2configs/im.nix
deleted file mode 100644
index 82f1be0..0000000
--- a/tv/2configs/im.nix
+++ /dev/null
@@ -1,24 +0,0 @@
-{ config, lib, pkgs, ... }:
-with import <stockholm/lib>;
-{
-  environment.systemPackages = with pkgs; [
-    (pkgs.writeDashBin "im" ''
-      export PATH=${makeSearchPath "bin" (with pkgs; [
-        tmux
-        gnugrep
-        weechat
-      ])}
-      if tmux list-sessions -F\#S | grep -q '^im''$'; then
-        exec tmux attach -t im
-      else
-        exec tmux new -s im weechat
-      fi
-    '')
-  ];
-  services.bitlbee = {
-    enable = true;
-    plugins = [
-      pkgs.bitlbee-facebook
-    ];
-  };
-}
diff --git a/tv/3modules/default.nix b/tv/3modules/default.nix
index db2cdcd..5be1bee 100644
--- a/tv/3modules/default.nix
+++ b/tv/3modules/default.nix
@@ -5,6 +5,7 @@
     ./ejabberd
     ./focus.nix
     ./hosts.nix
+    ./im.nix
     ./iptables.nix
     ./slock.nix
     ./x0vncserver.nix
diff --git a/tv/3modules/im.nix b/tv/3modules/im.nix
new file mode 100644
index 0000000..830c4ba
--- /dev/null
+++ b/tv/3modules/im.nix
@@ -0,0 +1,72 @@
+{ config, pkgs, ... }: let
+  im = config.tv.im;
+  lib = import <stockholm/lib>;
+in {
+  options = {
+    tv.im.client.enable = lib.mkEnableOption "tv.im.client" // {
+      default = config.krebs.build.host.name == im.client.host.name;
+    };
+    tv.im.client.term = lib.mkOption {
+      default = "rxvt-unicode-256color";
+      type = lib.types.filename;
+    };
+    tv.im.client.useIPv6 = lib.mkEnableOption "tv.im.client.useIPv6" // {
+      default = true;
+    };
+    tv.im.client.host = lib.mkOption {
+      default = config.krebs.hosts.xu;
+      type = lib.types.host;
+    };
+    tv.im.client.user = lib.mkOption {
+      default = config.krebs.users.tv;
+      type = lib.types.user;
+    };
+
+    tv.im.server.enable = lib.mkEnableOption "tv.im.server" // {
+      default = config.krebs.build.host.name == im.server.host.name;
+    };
+    tv.im.server.host = lib.mkOption {
+      default = config.krebs.hosts.nomic;
+      type = lib.types.host;
+    };
+    tv.im.server.user = lib.mkOption {
+      default = config.krebs.users.tv;
+      type = lib.types.user;
+    };
+  };
+  imports = [
+    (lib.mkIf im.client.enable {
+      users.users.${im.client.user.name}.packages = [
+        (pkgs.writeDashBin "im" ''
+          exec ${pkgs.openssh}/bin/ssh \
+              ${lib.optionalString im.client.useIPv6 "-6"} \
+              ${im.server.user.name}@${lib.head im.server.host.nets.retiolum.aliases} \
+              -t \
+              im
+        '')
+      ];
+    })
+    (lib.mkIf im.server.enable {
+      services.bitlbee = {
+        enable = true;
+        plugins = [
+          pkgs.bitlbee-facebook
+        ];
+      };
+      users.users.${im.server.user.name}.packages = [
+        (pkgs.writeDashBin "im" ''
+          export PATH=${lib.makeSearchPath "bin" [
+            pkgs.tmux
+            pkgs.gnugrep
+            pkgs.weechat
+          ]}
+          if tmux list-sessions -F\#S | grep -q '^im''$'; then
+            exec tmux attach -t im
+          else
+            exec tmux new -s im weechat
+          fi
+        '')
+      ];
+    })
+  ];
+}
-- 
cgit v1.2.3


From 95ec795edaefb5e1ba6b491554de5969b48ccf73 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Mon, 2 Dec 2019 01:27:22 +0100
Subject: tv im: add mosh support

---
 tv/3modules/im.nix | 35 ++++++++++++++++++++++++++++++-----
 1 file changed, 30 insertions(+), 5 deletions(-)

diff --git a/tv/3modules/im.nix b/tv/3modules/im.nix
index 830c4ba..905b780 100644
--- a/tv/3modules/im.nix
+++ b/tv/3modules/im.nix
@@ -29,6 +29,9 @@ in {
       default = config.krebs.hosts.nomic;
       type = lib.types.host;
     };
+    tv.im.server.mosh.enable = lib.mkEnableOption "tv.im.server.mosh" // {
+      default = true;
+    };
     tv.im.server.user = lib.mkOption {
       default = config.krebs.users.tv;
       type = lib.types.user;
@@ -38,11 +41,18 @@ in {
     (lib.mkIf im.client.enable {
       users.users.${im.client.user.name}.packages = [
         (pkgs.writeDashBin "im" ''
-          exec ${pkgs.openssh}/bin/ssh \
-              ${lib.optionalString im.client.useIPv6 "-6"} \
-              ${im.server.user.name}@${lib.head im.server.host.nets.retiolum.aliases} \
-              -t \
-              im
+          ${if im.server.mosh.enable then /* sh */ ''
+            exec ${pkgs.mosh}/bin/mosh \
+                ${lib.optionalString im.client.useIPv6 "-6"} \
+                ${im.server.user.name}@${lib.head im.server.host.nets.retiolum.aliases} \
+                env TERM=${im.client.term} im
+          '' else /* sh */ ''
+            exec ${pkgs.openssh}/bin/ssh \
+                ${lib.optionalString im.client.useIPv6 "-6"} \
+                ${im.server.user.name}@${lib.head im.server.host.nets.retiolum.aliases} \
+                -t \
+                im
+          ''}
         '')
       ];
     })
@@ -54,6 +64,7 @@ in {
         ];
       };
       users.users.${im.server.user.name}.packages = [
+        pkgs.mosh
         (pkgs.writeDashBin "im" ''
           export PATH=${lib.makeSearchPath "bin" [
             pkgs.tmux
@@ -68,5 +79,19 @@ in {
         '')
       ];
     })
+    (lib.mkIf im.server.mosh.enable {
+      krebs.setuid.utempter = {
+        filename = "${pkgs.libutempter}/lib/utempter/utempter";
+        owner = "nobody";
+        group = "utmp";
+        mode = "2111";
+      };
+      tv.iptables.extra4.filter.Retiolum = [
+        "-s ${im.client.host.nets.retiolum.ip4.addr} -p udp --dport 60000:61000 -j ACCEPT"
+      ];
+      tv.iptables.extra6.filter.Retiolum = [
+        "-s ${im.client.host.nets.retiolum.ip6.addr} -p udp --dport 60000:61000 -j ACCEPT"
+      ];
+    })
   ];
 }
-- 
cgit v1.2.3


From bd49cdc29379b17138a95987214b805fdd1f4f63 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Mon, 2 Dec 2019 01:29:07 +0100
Subject: tv im: add weechat relay support

---
 tv/3modules/im.nix | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/tv/3modules/im.nix b/tv/3modules/im.nix
index 905b780..8cb1375 100644
--- a/tv/3modules/im.nix
+++ b/tv/3modules/im.nix
@@ -32,6 +32,8 @@ in {
     tv.im.server.mosh.enable = lib.mkEnableOption "tv.im.server.mosh" // {
       default = true;
     };
+    tv.im.server.weechat.relay.enable =
+      lib.mkEnableOption "tv.im.server.weechat.relay";
     tv.im.server.user = lib.mkOption {
       default = config.krebs.users.tv;
       type = lib.types.user;
@@ -93,5 +95,16 @@ in {
         "-s ${im.client.host.nets.retiolum.ip6.addr} -p udp --dport 60000:61000 -j ACCEPT"
       ];
     })
+    (lib.mkIf im.server.weechat.relay.enable {
+      krebs.iana-etc.services = {
+        "9001".tcp.name = "weechat-ssl";
+      };
+      tv.iptables.extra4.filter.Retiolum = [
+        "-s ${im.client.host.nets.retiolum.ip4.addr} -p tcp -m tcp --dport 9001 -j ACCEPT"
+      ];
+      tv.iptables.extra6.filter.Retiolum = [
+        "-s ${im.client.host.nets.retiolum.ip6.addr} -p tcp -m tcp --dport 9001 -j ACCEPT"
+      ];
+    })
   ];
 }
-- 
cgit v1.2.3