diff options
author | lassulus <lassulus@lassul.us> | 2018-02-10 19:48:38 +0100 |
---|---|---|
committer | lassulus <lassulus@lassul.us> | 2018-02-10 19:48:38 +0100 |
commit | f2aeaae4a471a9db50b303a2528a084f8eb68496 (patch) | |
tree | 4cd282af4ee0731077cbe11c9d090f894a76b2fc | |
parent | e000690cc2fa3b494cf3b44eb0213dda80b34e12 (diff) | |
parent | e7418fbdf1bdddeeabe123c04bbd858fc70fe031 (diff) |
Merge remote-tracking branch 'gum/master'
-rw-r--r-- | makefu/1systems/omo/config.nix | 3 | ||||
-rw-r--r-- | makefu/1systems/wbob/config.nix | 126 | ||||
-rw-r--r-- | makefu/1systems/x/config.nix | 16 | ||||
-rw-r--r-- | makefu/2configs/deployment/google-muell.nix | 34 | ||||
-rw-r--r-- | makefu/2configs/deployment/led-fader.nix | 20 | ||||
-rw-r--r-- | makefu/2configs/gui/base.nix | 15 | ||||
-rw-r--r-- | makefu/2configs/gui/wbob-kiosk.nix | 6 | ||||
-rw-r--r-- | makefu/2configs/hw/network-manager.nix | 37 | ||||
-rw-r--r-- | makefu/2configs/hw/wwan.nix | 8 | ||||
-rw-r--r-- | makefu/3modules/default.nix | 2 | ||||
-rw-r--r-- | makefu/3modules/umts.nix | 84 | ||||
-rw-r--r-- | makefu/3modules/wvdial.nix | 71 | ||||
-rw-r--r-- | makefu/5pkgs/ampel/default.nix | 27 | ||||
-rw-r--r-- | makefu/5pkgs/pfsshell/default.nix | 27 | ||||
-rw-r--r-- | makefu/source.nix | 2 |
15 files changed, 213 insertions, 265 deletions
diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix index ce3ffbcf3..1e087fef4 100644 --- a/makefu/1systems/omo/config.nix +++ b/makefu/1systems/omo/config.nix @@ -19,7 +19,7 @@ let # __FRONT_ # |* d0 | # | | - # |* d3 | + # |* d1 | # | | # |* d3 | # | | @@ -68,6 +68,7 @@ in { <stockholm/makefu/2configs/syncthing.nix> <stockholm/makefu/2configs/mqtt.nix> <stockholm/makefu/2configs/remote-build/slave.nix> + <stockholm/makefu/2configs/deployment/google-muell.nix> # security diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix index f44211b93..6434ba273 100644 --- a/makefu/1systems/wbob/config.nix +++ b/makefu/1systems/wbob/config.nix @@ -18,7 +18,7 @@ in { <stockholm/makefu/2configs/virtualisation/libvirt.nix> <stockholm/makefu/2configs/tinc/retiolum.nix> <stockholm/makefu/2configs/mqtt.nix> - # <stockholm/makefu/2configs/gui/wbob-kiosk.nix> + <stockholm/makefu/2configs/gui/wbob-kiosk.nix> <stockholm/makefu/2configs/stats/client.nix> @@ -31,6 +31,63 @@ in { # Services <stockholm/makefu/2configs/remote-build/slave.nix> <stockholm/makefu/2configs/share/wbob.nix> + (let + musicDirectory = "/data/music"; + in { + services.mpd = { + enable = true; + inherit musicDirectory; + # dataDir = "/home/anders/.mpd"; + network.listenAddress = "any"; + extraConfig = '' + audio_output { + type "pulse" + name "Local MPD" + server "127.0.0.1" + } + ''; + }; + # open because of truestedInterfaces + # networking.firewall.allowedTCPPorts = [ 6600 4713 ]; + services.samba.shares.music = { + path = musicDirectory; + "read only" = "no"; + browseable = "yes"; + "guest ok" = "yes"; + }; + + sound.enable = true; + hardware.pulseaudio = { + enable = true; + package = pkgs.pulseaudioFull; + # systemWide = true; + support32Bit = true; + zeroconf.discovery.enable = true; + zeroconf.publish.enable = true; + tcp = { + enable = true; + anonymousClients.allowAll = true; + anonymousClients.allowedIpRanges = [ "127.0.0.1" "192.168.8.0/24" ]; + }; + configFile = pkgs.writeText "default.pa" '' + load-module module-udev-detect + load-module module-bluetooth-policy + load-module module-bluetooth-discover + load-module module-native-protocol-unix + load-module module-always-sink + load-module module-console-kit + load-module module-systemd-login + load-module module-intended-roles + load-module module-position-event-sounds + load-module module-filter-heuristics + load-module module-filter-apply + load-module module-native-protocol-tcp auth-ip-acl=127.0.0.1 + load-module module-switch-on-connect + ''; + }; + # connect via https://nixos.wiki/wiki/Bluetooth#Using_Bluetooth_headsets_with_PulseAudio + hardware.bluetooth.enable = true; + }) # Sensors <stockholm/makefu/2configs/stats/telegraf> @@ -147,7 +204,10 @@ in { boot.loader.grub.device = rootdisk; hardware.cpu.intel.updateMicrocode = true; boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; - boot.kernelModules = [ "kvm-intel" ]; + + boot.kernelModules = [ "kvm-intel" + "snd-seq" "snd-rawmidi" + ]; fileSystems = { "/" = { device = rootdisk + "-part1"; @@ -174,66 +234,4 @@ in { serverAddress = "x.r"; }; }; - security.wrappers.fping = { - source = "${pkgs.fping}/bin/fping"; - setuid = true; - }; - services.smokeping = { - enable = true; - targetConfig = '' - probe = FPing - menu = Top - title = Network Latency Grapher - remark = Welcome to this SmokePing website. - - + network - menu = Net latency - title = Network latency (ICMP pings) - - ++ google - probe = FPing - host = google.de - ++ webde - probe = FPing - host = web.de - - + services - menu = Service latency - title = Service latency (DNS, HTTP) - - ++ HTTP - menu = HTTP latency - title = Service latency (HTTP) - - +++ webdeping - probe = EchoPingHttp - host = web.de - - +++ googwebping - probe = EchoPingHttp - host = google.de - - #+++ webwww - #probe = Curl - #host = web.de - - #+++ googwebwww - #probe = Curl - #host = google.de - ''; - probeConfig = '' - + FPing - binary = /run/wrappers/bin/fping - + EchoPingHttp - pings = 5 - url = / - - #+ Curl - ## probe-specific variables - #binary = ${pkgs.curl}/bin/curl - #step = 60 - ## a default for this target-specific variable - #urlformat = http://%host%/ - ''; - }; } diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix index a32db91e1..d5a9bdcfb 100644 --- a/makefu/1systems/x/config.nix +++ b/makefu/1systems/x/config.nix @@ -59,8 +59,9 @@ with import <stockholm/lib>; # Hardware <stockholm/makefu/2configs/hw/tp-x230.nix> + # <stockholm/makefu/2configs/hw/tpm.nix> <stockholm/makefu/2configs/hw/rtl8812au.nix> - <stockholm/makefu/2configs/hw/wwan.nix> + <stockholm/makefu/2configs/hw/network-manager.nix> <stockholm/makefu/2configs/hw/stk1160.nix> # <stockholm/makefu/2configs/rad1o.nix> @@ -82,13 +83,9 @@ with import <stockholm/lib>; makefu.server.primary-itf = "wlp3s0"; makefu.full-populate = true; - makefu.umts.apn = "web.vodafone.de"; nixpkgs.config.allowUnfree = true; - environment.systemPackages = [ pkgs.passwdqc-utils ]; - - # configure pulseAudio to provide a HDMI sink as well networking.firewall.enable = true; networking.firewall.allowedTCPPorts = [ 80 24800 26061 8000 3000 ]; @@ -100,8 +97,15 @@ with import <stockholm/lib>; krebs.tinc.retiolum.connectTo = [ "omo" "gum" "prism" ]; networking.extraHosts = '' - 192.168.1.11 omo.local + 192.168.1.11 omo.local ''; # hard dependency because otherwise the device will not be unlocked boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }]; + + nix.package = pkgs.nixUnstable; + environment.systemPackages = [ pkgs.passwdqc-utils pkgs.nixUnstable ]; + nixpkgs.overlays = [ (import <python/overlay.nix>) ]; + + # environment.variables = { GOROOT = [ "${pkgs.go.out}/share/go" ]; }; + } diff --git a/makefu/2configs/deployment/google-muell.nix b/makefu/2configs/deployment/google-muell.nix new file mode 100644 index 000000000..f23789ee5 --- /dev/null +++ b/makefu/2configs/deployment/google-muell.nix @@ -0,0 +1,34 @@ +{ config, lib, pkgs, buildPythonPackage, ... }: +with import <stockholm/lib>; +let + pkg = pkgs.ampel; + home = "/var/lib/ampel"; + sec = "${toString <secrets>}/google-muell.json"; + ampelsec = "${home}/google-muell.json"; + esp = "192.168.1.23"; + sleepval = "1800"; +in { + users.users.ampel = { + uid = genid "ampel"; + createHome = true; + isSystemUser = true; + inherit home; + }; + systemd.services.google-muell-ampel = { + description = "Send led change to rgb cubes"; + after = [ "network-online.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + User = "ampel"; + ExecStartPre = pkgs.writeDash "copy-ampel-secrets" '' + cp ${sec} ${ampelsec} + chown ampel ${ampelsec} + ''; + ExecStart = "${pkg}/bin/google-muell --esp=${esp} --client-secrets=${ampelsec} --credential-path=${home}/google-muell-creds.json --sleepval=${sleepval}"; + PermissionsStartOnly = true; + Restart = "always"; + RestartSec = 10; + PrivateTmp = true; + }; + }; +} diff --git a/makefu/2configs/deployment/led-fader.nix b/makefu/2configs/deployment/led-fader.nix index 292b6679d..d34b66125 100644 --- a/makefu/2configs/deployment/led-fader.nix +++ b/makefu/2configs/deployment/led-fader.nix @@ -2,25 +2,7 @@ let mq = "192.168.8.11"; - - pkg = pkgs.python3Packages.buildPythonPackage { - name = "ampel-master"; - - src = pkgs.fetchgit { - url = "http://cgit.euer.krebsco.de/ampel"; - rev = "531741b"; - sha256 = "110yij53jz074zbswylbzcd8jy7z49r9fg6i3j1gk2y3vl91g81c"; - }; - propagatedBuildInputs = with pkgs.python3Packages; [ - docopt - paho-mqtt - requests - pytz - influxdb - httplib2 - google_api_python_client - ]; - }; + pkg = pkgs.ampel; in { systemd.services.led-fader = { description = "Send led change to message queue"; diff --git a/makefu/2configs/gui/base.nix b/makefu/2configs/gui/base.nix index daa0282b8..861a9327e 100644 --- a/makefu/2configs/gui/base.nix +++ b/makefu/2configs/gui/base.nix @@ -48,13 +48,14 @@ in fonts = [ pkgs.terminus_font ]; }; - environment.systemPackages = with pkgs;[ - pavucontrol - xlockmore - rxvt_unicode-with-plugins - firefox - ]; - users.extraUsers.${mainUser}.extraGroups = [ "audio" ]; + users.users.${mainUser} = { + extraGroups = [ "audio" ]; + packages = with pkgs;[ + pavucontrol + xlockmore + rxvt_unicode-with-plugins + ]; + }; hardware.pulseaudio = { enable = true; diff --git a/makefu/2configs/gui/wbob-kiosk.nix b/makefu/2configs/gui/wbob-kiosk.nix index 4b7a0c333..7db749227 100644 --- a/makefu/2configs/gui/wbob-kiosk.nix +++ b/makefu/2configs/gui/wbob-kiosk.nix @@ -1,11 +1,13 @@ -{ lib, ... }: +{ pkgs, lib, ... }: { imports = [ ./base.nix ]; + users.users.makefu.packages = [ pkgs.chromium ]; services.xserver = { layout = lib.mkForce "de"; + xkbVariant = lib.mkForce ""; windowManager = lib.mkForce { awesome.enable = false; @@ -16,7 +18,7 @@ # xrandrHeads = [ "HDMI1" "HDMI2" ]; # prevent screen from turning off, disable dpms displayManager.sessionCommands = '' - xset s off -dpms + xset -display :0 s off -dpms xrandr --output HDMI2 --right-of HDMI1 ''; }; diff --git a/makefu/2configs/hw/network-manager.nix b/makefu/2configs/hw/network-manager.nix new file mode 100644 index 000000000..7e29849b1 --- /dev/null +++ b/makefu/2configs/hw/network-manager.nix @@ -0,0 +1,37 @@ +{ pkgs, lib, ... }: +{ + users.users.makefu = { + extraGroups = [ "networkmanager" ]; + packages = with pkgs;[ + networkmanagerapplet + gnome3.gnome_keyring gnome3.dconf + ]; + }; + networking.wireless.enable = lib.mkForce false; + + systemd.services.modemmanager = { + description = "ModemManager"; + after = [ "network-manager.service" ]; + bindsTo = [ "network-manager.service" ]; + wantedBy = [ "network-manager.service" ]; + serviceConfig = { + ExecStart = "${pkgs.modemmanager}/bin/ModemManager"; + PrivateTmp = true; + Restart = "always"; + RestartSec = "5"; + }; + }; + networking.networkmanager.enable = true; + + # TODO: put somewhere else + services.xserver.displayManager.sessionCommands = '' + ${pkgs.clipit}/bin/clipit & + ${pkgs.networkmanagerapplet}/bin/nm-applet & + ''; + +# nixOSUnstable +# networking.networkmanager.wifi = { +# powersave = true; +# scanRandMacAddress = true; +# }; +} diff --git a/makefu/2configs/hw/wwan.nix b/makefu/2configs/hw/wwan.nix deleted file mode 100644 index 0eb0c97d7..000000000 --- a/makefu/2configs/hw/wwan.nix +++ /dev/null @@ -1,8 +0,0 @@ -_: - -{ - makefu.umts = { - enable = true; - modem-device = "/dev/serial/by-id/usb-Lenovo_H5321_gw_2D5A51BA0D3C3A90-if01"; - }; -} diff --git a/makefu/3modules/default.nix b/makefu/3modules/default.nix index af0e81df5..fa4eb827c 100644 --- a/makefu/3modules/default.nix +++ b/makefu/3modules/default.nix @@ -14,8 +14,6 @@ _: ./snapraid.nix ./torrent.nix ./udpt.nix - ./umts.nix - ./wvdial.nix ]; } diff --git a/makefu/3modules/umts.nix b/makefu/3modules/umts.nix deleted file mode 100644 index 86669945a..000000000 --- a/makefu/3modules/umts.nix +++ /dev/null @@ -1,84 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import <stockholm/lib>; - -let - nixpkgs-1509 = import (pkgs.fetchFromGitHub { - owner = "NixOS"; repo = "nixpkgs-channels"; - rev = "91371c2bb6e20fc0df7a812332d99c38b21a2bda"; - sha256 = "1as1i0j9d2n3iap9b471y4x01561r2s3vmjc5281qinirlr4al73"; - }) {}; - - wvdial = nixpkgs-1509.wvdial; # https://github.com/NixOS/nixpkgs/issues/16113 - - # TODO: currently it is only netzclub - umts-bin = pkgs.writeScriptBin "umts" '' - #!/bin/sh - set -euf - systemctl start umts - trap "systemctl stop umts;trap - INT TERM EXIT;exit" INT TERM EXIT - echo nameserver 8.8.8.8 | tee -a /etc/resolv.conf - journalctl -xfu umts - ''; - - wvdial-defaults = '' - Phone = *99***1# - Dial Command = ATDT - Modem = ${cfg.modem-device} - Baud = 460800 - Init1 = AT+CGDCONT=1,"IP","${config.makefu.umts.apn}","",0,0 - Init2 = ATZ - Init3 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0 - ISDN = 0 - Modem Type = Analog Modem - Username = netzclub - Password = netzclub - Stupid Mode = 1 - Idle Seconds = 0''; - - cfg = config.makefu.umts; - - out = { - options.makefu.umts = api; - config = lib.mkIf cfg.enable imp; - }; - - api = { - enable = mkEnableOption "umts"; - - modem-device = mkOption { - default = "/dev/ttyUSB0"; - type = types.str; - description = '' - path to modem device, use <filename>/dev/serial/by-id/...</filename> - to avoid race conditions. - ''; - }; - apn = mkOption { - default = "pinternet.interkom.de"; - type = types.str; - description = '' - apn to use for dailing - ''; - }; - }; - - imp = { - environment.shellAliases = { - umts = "sudo ${umts-bin}/bin/umts"; - }; - environment.systemPackages = [ ]; - - environment.wvdial.dialerDefaults = wvdial-defaults; - - systemd.services.umts = { - description = "UMTS wvdial Service"; - serviceConfig = { - Type = "simple"; - Restart = "always"; - RestartSec = "10s"; - ExecStart = "${wvdial}/bin/wvdial -n"; - }; - }; - }; -in out diff --git a/makefu/3modules/wvdial.nix b/makefu/3modules/wvdial.nix deleted file mode 100644 index 1ed929ed4..000000000 --- a/makefu/3modules/wvdial.nix +++ /dev/null @@ -1,71 +0,0 @@ -# Global configuration for wvdial. - -{ config, lib, pkgs, ... }: - -with lib; - -let - - configFile = '' - [Dialer Defaults] - PPPD PATH = ${pkgs.ppp}/sbin/pppd - ${config.environment.wvdial.dialerDefaults} - ''; - - cfg = config.environment.wvdial; - -in -{ - ###### interface - - options = { - - environment.wvdial = { - - dialerDefaults = mkOption { - default = ""; - type = types.str; - example = ''Init1 = AT+CGDCONT=1,"IP","internet.t-mobile"''; - description = '' - Contents of the "Dialer Defaults" section of - <filename>/etc/wvdial.conf</filename>. - ''; - }; - - pppDefaults = mkOption { - default = '' - noipdefault - usepeerdns - defaultroute - persist - noauth - ''; - type = types.str; - description = "Default ppp settings for wvdial."; - }; - - }; - - }; - - ###### implementation - - config = mkIf (cfg.dialerDefaults != "") { - - environment = { - - etc = - [ - { source = pkgs.writeText "wvdial.conf" configFile; - target = "wvdial.conf"; - } - { source = pkgs.writeText "wvdial" cfg.pppDefaults; - target = "ppp/peers/wvdial"; - } - ]; - - }; - - }; - -} diff --git a/makefu/5pkgs/ampel/default.nix b/makefu/5pkgs/ampel/default.nix new file mode 100644 index 000000000..86518b9b8 --- /dev/null +++ b/makefu/5pkgs/ampel/default.nix @@ -0,0 +1,27 @@ +{ lib, pkgs, fetchFromGitHub, ... }: + +with pkgs.python3Packages;buildPythonPackage rec { + name = "ampel-${version}"; + version = "0.2"; + + propagatedBuildInputs = [ + docopt + paho-mqtt + requests + pytz + influxdb + httplib2 + google_api_python_client + ]; + + src = pkgs.fetchgit { + url = "http://cgit.euer.krebsco.de/ampel"; + rev = "d8a0250"; + sha256 = "0n36lc17ca5db6pl6dswdqd5w9f881rfqck9yc4w33a5qpsxj85f"; + }; + meta = { + homepage = http://cgit.euer.krebsco.de/ampel; + description = "change colors of rgb cubes"; + license = lib.licenses.asl20; + }; +} diff --git a/makefu/5pkgs/pfsshell/default.nix b/makefu/5pkgs/pfsshell/default.nix new file mode 100644 index 000000000..fc6b37069 --- /dev/null +++ b/makefu/5pkgs/pfsshell/default.nix @@ -0,0 +1,27 @@ +{ stdenv, lib, pkgs, fetchurl,fetchFromGitHub, upx, wine }: +stdenv.mkDerivation rec { + pname = "pfsshell"; + version = "64f8c2"; + name = "${pname}-${version}"; + + src = fetchFromGitHub { + owner = "makefu"; + repo = "pfsshell"; + rev = version; + sha256 = "01lbqf8s91p8id58xa16fp555i03vfycqvhv7qzpnrjy6yvp9dm8"; + }; + + buildInputs = [ ]; + + makeFlags = [ ]; + + installPhase = '' + mkdir -p $out/bin + cp pfsshell $out/bin + ''; + + meta = { + homepage = https://github.com/uyjulian/pfsshell ; + description = "browse and transfer files to/from PFS filesystems"; + }; +} diff --git a/makefu/source.nix b/makefu/source.nix index c22c82f32..f06c9454f 100644 --- a/makefu/source.nix +++ b/makefu/source.nix @@ -13,7 +13,7 @@ let then "buildbot" else "makefu"; _file = <stockholm> + "/makefu/1systems/${name}/source.nix"; - ref = "0f19bee"; # nixos-17.09 @ 2018-01-05 + ref = "cd36b3d"; # nixos-17.09 @ 2018-02-06 # + do_sqlite3 ruby: 55a952be5b5 # + signal: 0f19beef3 |