summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2022-02-14 19:48:45 +0100
committermakefu <github@syntax-fehler.de>2022-02-14 19:48:45 +0100
commita677e709924001ff1b1b591b6011184fb90addd9 (patch)
tree7aa00fc6012deef486b5e4c154fb51cd6c8e368d
parentbf3c158391b982ed660fd968d4bb2a19590bf5bd (diff)
parent29dbbbb453bd4fabd91a21f9c3a1f37521b2aec8 (diff)
Merge remote-tracking branch 'lass/master'
-rw-r--r--krebs/3modules/external/default.nix25
-rw-r--r--krebs/3modules/external/mic92.nix27
-rw-r--r--krebs/3modules/tinc.nix13
-rw-r--r--krebs/3modules/tv/default.nix13
-rw-r--r--krebs/3modules/tv/wiregrill/umz.pub1
-rw-r--r--krebs/nixpkgs-unstable.json8
-rw-r--r--krebs/nixpkgs.json8
-rw-r--r--lass/1systems/prism/config.nix1
-rw-r--r--lass/2configs/hass/default.nix13
-rw-r--r--lass/2configs/radio-news.nix52
-rw-r--r--lass/2configs/radio.nix60
m---------submodules/krops0
12 files changed, 166 insertions, 55 deletions
diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix
index 1b51f0223..cc67c1a0a 100644
--- a/krebs/3modules/external/default.nix
+++ b/krebs/3modules/external/default.nix
@@ -563,6 +563,31 @@ in {
};
};
};
+ alsace = {
+ owner = config.krebs.users.xkey;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.73.31";
+ aliases = [ "alsace.r" ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIICCgKCAgEAn9mZHXfUcR1/oby6KB1Z8s1AAuie4l5G624r0UqbWu+4xowFIeZs
+ kv2dqd+yiqammAA9P207ooLbGBp+P6i4f5VMCemkCnv0sC1TJ+DNwYqWYcFRZE7I
+ j00fw/QI9d6L1c4CqZHJPQXEHG3v46qPuUow8FDJ6fjoBmy6biHjSd0XC7oHGqRh
+ GE5RolnqUiQhW0b4TkHJV4yUfVki+olxQtYd4xIHs1hcSqoMK898jsPX5cLgoCzR
+ NPZVyHf2BM0urPn4mu/th4ZDKpQtrqeI7h6yhnzJ0onhtValwHiA3/DcHcWmYvHC
+ vw6umyiCqFDx2kmzOnpkBWv65ugKUwDSZR8ibp3q7W9iPBiCPv0FtKXsQW9EngSS
+ asQWC8U6cB23nKuMYQrtD33fVwYn58FBIY6+avroc7XN5cPM/9VBHqyXSDZNAWtt
+ TwC/sXFWqT6AbTwLV6zY1TW4jiwKOh3KAVnHqQhUhNlEMk6EFOjR1CABSwUVXleR
+ 5whr1RbKAsrhqMprGKHndvxLXjbKSh6A0bVdOLOzSs7BME2Oi1OdHd6tqqYmcyuV
+ XQnFcOYKxF0RM83/V8rEgvVisIxXTGVrGw8Kse7PGFA1dGldptTC6kofLUxzADNw
+ bRnXtRk8VR0BBzTuPNDgUXL2XQLht6FwDKCA/En2vId98yc2uuDk468CAwEAAQ==
+ -----END RSA PUBLIC KEY-----
+ '';
+ tinc.pubkey_ed25519 = "lPvwNm2mfF+rX3noqt+80c7nlDCpC+98JPLWx2jJRLN";
+ };
+ };
+ };
papawhakaaro = {
owner = config.krebs.users.feliks;
nets = {
diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix
index dd6f4f456..db57b5944 100644
--- a/krebs/3modules/external/mic92.nix
+++ b/krebs/3modules/external/mic92.nix
@@ -95,7 +95,6 @@ in {
owner = config.krebs.users.mic92;
nets = {
retiolum = {
- ip4.addr = "10.243.29.189";
aliases = [
"dimitriosxps.r"
];
@@ -173,7 +172,12 @@ in {
};
retiolum = {
via = internet;
- aliases = [ "eve.r" "tts.r" ];
+ aliases = [
+ "eve.r"
+ "tts.r"
+ "flood.r"
+ "navidrome.r"
+ ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAw5cxGjnWCG8dcuhTddvGHzH0/VjxHA5V8qJXH2R5k8ki8dsM5FRH
@@ -865,5 +869,24 @@ in {
};
};
};
+ hal9000 = {
+ owner = config.krebs.users.mic92;
+ nets = rec {
+ retiolum = {
+ aliases = [ "hal9000.r" ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIBCgKCAQEA5aunzoz6WIjeQgfibml6T+UNsXXcoglhCqRkun7WaSHE93SQcCil
+ CDoUoq2aeiGTZ189LgdSyeRL7qmBzgVExIT4NlhfBCkNbHB/sz6epBb9qx49hLh5
+ K/tJfUBYKRd06ymSXPK+cCiO0/gM8fjzI+3GMlYvcbZ+ow11zTRgX/QB2lE1G8cW
+ Obh/nS0af7G6wmovHsKEpry5AxoAPLLi5JaP4hlc/i0iCbebMqb+szF0KBAbmDg3
+ JQ4MYIyQOw9kk7hfqTNFEvJhpbV66id2+ZIHX6QAw7OHBpaY6ZWFd/w2BkJHeayb
+ 2jRnsJd0YgautgBGrBrjRWiVmn/f+lJ4XQIDAQAB
+ -----END RSA PUBLIC KEY-----
+ '';
+ tinc.pubkey_ed25519 = "krVYgJo5OFZkyUOgasH9dFve4OI3ewpt8IFhCPan7mB";
+ };
+ };
+ };
};
}
diff --git a/krebs/3modules/tinc.nix b/krebs/3modules/tinc.nix
index 31371af59..bc85aa0a6 100644
--- a/krebs/3modules/tinc.nix
+++ b/krebs/3modules/tinc.nix
@@ -26,7 +26,7 @@ with import <stockholm/lib>;
${tinc.config.extraConfig}
'';
"tinc-up" = pkgs.writeDash "${netname}-tinc-up" ''
- ${tinc.config.iproutePackage}/sbin/ip link set ${netname} up
+ ip link set ${netname} up
${tinc.config.tincUp}
'';
});
@@ -58,15 +58,14 @@ with import <stockholm/lib>;
type = types.str;
default = let
net = tinc.config.host.nets.${netname};
- iproute = tinc.config.iproutePackage;
in ''
${optionalString (net.ip4 != null) /* sh */ ''
- ${iproute}/sbin/ip -4 addr add ${net.ip4.addr} dev ${netname}
- ${iproute}/sbin/ip -4 route add ${net.ip4.prefix} dev ${netname}
+ ip -4 addr add ${net.ip4.addr} dev ${netname}
+ ip -4 route add ${net.ip4.prefix} dev ${netname}
''}
${optionalString (net.ip6 != null) /* sh */ ''
- ${iproute}/sbin/ip -6 addr add ${net.ip6.addr} dev ${netname}
- ${iproute}/sbin/ip -6 route add ${net.ip6.prefix} dev ${netname}
+ ip -6 addr add ${net.ip6.addr} dev ${netname}
+ ip -6 route add ${net.ip6.prefix} dev ${netname}
''}
${tinc.config.tincUpExtra}
'';
@@ -176,7 +175,7 @@ with import <stockholm/lib>;
connectTo = mkOption {
type = types.listOf types.str;
${if netname == "retiolum" then "default" else null} = [
- "gum"
+ "eve"
"ni"
"prism"
];
diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix
index 4e40561c2..e096118c6 100644
--- a/krebs/3modules/tv/default.nix
+++ b/krebs/3modules/tv/default.nix
@@ -200,9 +200,13 @@ in {
'';
tinc.pubkey_ed25519 = "nDuK96NlNhcxzlX7G30w/706RxItb+FhkFkz/VhUgCE";
};
- wiregrill.wireguard.subnets = [
- (krebs.genipv6 "wiregrill" "tv" 0).subnetCIDR
- ];
+ wiregrill = {
+ via = config.krebs.hosts.ni.nets.internet;
+ ip4.addr = "10.244.3.1";
+ wireguard.subnets = [
+ (krebs.genipv6 "wiregrill" "tv" 0).subnetCIDR
+ ];
+ };
};
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILGDdcKwFm6udU0/x6XGGb87k9py0VlrxF54HeYu9Izb";
};
@@ -345,6 +349,9 @@ in {
ssh.privkey.path = <secrets/ssh.id_rsa>;
ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDNjHxyUC7afNGSwfwBfQizmDnHTNLWDRHE8SY9W4oiw2lPhCFGTN8Jz84CKtnABbZhbNY1E8T58emF2h45WzDg/OGi8DPAk4VsXSkIhyvAto+nkTy2L4atjqfvXDvqxTDC9sui+t8p5OqOK+sghe4kiy+Vx1jhnjSnkQsx9Kocu24BYTkNqYxG7uwOz6t262XYNwMn13Y2K/yygDR3Uw3wTnEjpaYnObRxxJS3iTECDzgixiQ6ewXwYNggpzO/+EfW1BTz5vmuEVf4GbQ9iEc7IsVXHhR+N0boCscvSgae9KW9MBun0A2veRFXNkkfBEMfzelz+S63oeVfelkBq6N5aLsHYYGC4VQjimScelHYVwxR7O4fV+NttJaFF7H06FJeFzPt3NYZeoPKealD5y2Muh1UnewpmkMgza9hQ9EmI4/G1fMowqeMq0U6Hu0QMDUAagyalizN97AfsllY2cs0qLNg7+zHMPwc5RgLzs73oPUsF3umz0O42I5p5733vveUlWi5IZeI8CA1ZKdpwyMXXNhIOHs8u+yGsOLfSy3RgjVKp2GjN4lfnFd0LI+p7iEsEWDRkIAvGCOFepsebyVpBjGP+Kqs10bPGpk5dMcyn9iBJejoz9ka+H9+JAG04LnXwt6Rf1CRV3VRCRX1ayZEjRv9czV7U9ZpuFQcIlVRJQ== root@zu";
};
+ umz = {
+ nets.wiregrill.ip4.addr = "10.244.3.101";
+ };
};
sitemap = {
"http://cgit.krebsco.de" = {
diff --git a/krebs/3modules/tv/wiregrill/umz.pub b/krebs/3modules/tv/wiregrill/umz.pub
new file mode 100644
index 000000000..c041b5eee
--- /dev/null
+++ b/krebs/3modules/tv/wiregrill/umz.pub
@@ -0,0 +1 @@
+FpghL2Drdg+xwqcOsDgePgUx3X3XsX9f56BPLuF690g=
diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json
index e8b6076a4..12afe0e9c 100644
--- a/krebs/nixpkgs-unstable.json
+++ b/krebs/nixpkgs-unstable.json
@@ -1,9 +1,9 @@
{
"url": "https://github.com/NixOS/nixpkgs",
- "rev": "689b76bcf36055afdeb2e9852f5ecdd2bf483f87",
- "date": "2022-01-23T03:10:13+01:00",
- "path": "/nix/store/s6kxwpz8k02mg1wqsf06bsjygwi6xr6j-nixpkgs",
- "sha256": "08d38db4707jdm3gws82y6bynh6k8qal4s1cms9zqd9cdwcmylyj",
+ "rev": "60c52a73f1d5858020ac4f161cd5bf1c9650f8b8",
+ "date": "2022-02-07T23:59:33+00:00",
+ "path": "/nix/store/5w1yn77d2b44wq0w7b8cqqqfap2897n2-nixpkgs",
+ "sha256": "1xyi4xag084ikcbis3iixpvfsmlfm2s105j58770x7k24mkrif7n",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json
index 001371820..22d465b27 100644
--- a/krebs/nixpkgs.json
+++ b/krebs/nixpkgs.json
@@ -1,9 +1,9 @@
{
"url": "https://github.com/NixOS/nixpkgs",
- "rev": "604c44137d97b5111be1ca5c0d97f6e24fbc5c2c",
- "date": "2022-01-23T10:04:55-08:00",
- "path": "/nix/store/r22j0r232a5y02yhd1avaw27zqdbhx1x-nixpkgs",
- "sha256": "0gzhigyn8f7vps4a5vc1c8wbim59724s179a7d0h3gv6ss9avdj4",
+ "rev": "521e4d7d13b09bc0a21976b9d19abd197d4e3b1e",
+ "date": "2022-02-07T00:29:53+00:00",
+ "path": "/nix/store/pvmrsiy8k37nwg18g7230g5kasbsf132-nixpkgs",
+ "sha256": "156b4wnm6y6lg0gz09mp48rd0mhcdazr5s888c4lbhlpn3j8h042",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index a082ea623..c62091428 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -114,6 +114,7 @@ with import <stockholm/lib>;
<stockholm/lass/2configs/exim-smarthost.nix>
<stockholm/lass/2configs/privoxy-retiolum.nix>
<stockholm/lass/2configs/radio.nix>
+ <stockholm/lass/2configs/radio-news.nix>
<stockholm/lass/2configs/binary-cache/server.nix>
<stockholm/lass/2configs/iodined.nix>
<stockholm/lass/2configs/paste.nix>
diff --git a/lass/2configs/hass/default.nix b/lass/2configs/hass/default.nix
index 4ed0bfa5f..8f93e0cec 100644
--- a/lass/2configs/hass/default.nix
+++ b/lass/2configs/hass/default.nix
@@ -1,12 +1,6 @@
{ config, lib, pkgs, ... }:
with import ./lib.nix { inherit lib; };
let
- unstable = import (pkgs.fetchFromGitHub {
- owner = "nixos";
- repo = "nixpkgs";
- rev = (lib.importJSON ../../../krebs/nixpkgs-unstable.json).rev;
- sha256 = (lib.importJSON ../../../krebs/nixpkgs-unstable.json).sha256;
- }) {};
dwdwfsapi = pkgs.python3Packages.buildPythonPackage rec {
pname = "dwdwfsapi";
version = "1.0.3";
@@ -35,17 +29,14 @@ in {
{ predicate = "-i int0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto
{ predicate = "-i docker0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto
{ predicate = "-i int0 -p tcp --dport 8123"; target = "ACCEPT"; } # hass
- { predicate = "-i int0 -p tcp --dport 1337"; target = "ACCEPT"; } # hass
+ { predicate = "-i int0 -p tcp --dport 1337"; target = "ACCEPT"; } # zigbee2mqtt frontend
{ predicate = "-i retiolum -p tcp --dport 8123"; target = "ACCEPT"; } # hass
- { predicate = "-i retiolum -p tcp --dport 1337"; target = "ACCEPT"; } # hass frontend
+ { predicate = "-i retiolum -p tcp --dport 1337"; target = "ACCEPT"; } # zigbee2mqtt frontend
{ predicate = "-i wiregrill -p tcp --dport 8123"; target = "ACCEPT"; } # hass
];
services.home-assistant = {
enable = true;
- package = unstable.home-assistant.overrideAttrs (old: {
- doInstallCheck = false;
- });
configWritable = true;
lovelaceConfigWritable = true;
config = let
diff --git a/lass/2configs/radio-news.nix b/lass/2configs/radio-news.nix
new file mode 100644
index 000000000..a4e28c1b1
--- /dev/null
+++ b/lass/2configs/radio-news.nix
@@ -0,0 +1,52 @@
+{ config, pkgs, ... }: with pkgs.stockholm.lib;
+let
+ weather_report = pkgs.writers.writeDashBin "weather_report" ''
+ set -efu
+ ${pkgs.curl}/bin/curl -sSL https://wttr.in/''${1-}?format=j1 \
+ | ${pkgs.jq}/bin/jq -r '
+ [.nearest_area[0] | "Weather report for \(.areaName[0].value), \(.country[0].value)."]
+ + [.current_condition[0] | "Currently it is \(.weatherDesc[0].value) outside with a temperature of \(.temp_C) degrees."]
+ | join("\n")
+ '
+ '';
+ send_to_radio = pkgs.writers.writeDashBin "send_to_radio" ''
+ ${pkgs.vorbisTools}/bin/oggenc - |
+ ${pkgs.libshout}/bin/shout --format ogg --host localhost --port 1338 --mount /live
+ '';
+
+ newsshow = pkgs.writers.writeDashBin "newsshow" /* sh */ ''
+ echo "
+ hello crabpeople!
+ $(${pkgs.ddate}/bin/ddate | sed 's/YOLD/Year of Discord/')!
+ It is $(date --utc +%H) o clock UTC.
+ $(weather_report berlin)
+ $(weather_report 70173)
+ $(weather_report munich)
+ "
+ '';
+in
+{
+ systemd.services.newsshow = {
+ path = [
+ newsshow
+ send_to_radio
+ weather_report
+ pkgs.curl
+ pkgs.retry
+ ];
+ script = ''
+ set -efu
+ retry -t 5 -d 10 -- newsshow |
+ retry -t 5 -d 10 -- curl -SsG http://tts.r/api/tts --data-urlencode 'text@-' |
+ retry -t 5 -d 10 -- send_to_radio
+ '';
+ startAt = "*:00:00";
+ };
+
+ ## debug
+ # environment.systemPackages = [
+ # weather_report
+ # send_to_radio
+ # newsshow
+ # ];
+}
diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix
index 501251d13..15d07dada 100644
--- a/lass/2configs/radio.nix
+++ b/lass/2configs/radio.nix
@@ -1,6 +1,5 @@
{ config, pkgs, ... }:
-
-with import <stockholm/lib>;
+with pkgs.stockholm.lib;
let
name = "radio";
@@ -84,7 +83,7 @@ let
'';
set_irc_topic = pkgs.writeDash "set_irc_topic" ''
- ${pkgs.curl}/bin/curl -fsSv --unix-socket /home/radio/reaktor.sock http://z/ \
+ ${pkgs.curl}/bin/curl -fsS --unix-socket /home/radio/reaktor.sock http://z/ \
-H content-type:application/json \
-d "$(${pkgs.jq}/bin/jq -n \
--arg text "$1" '{
@@ -109,12 +108,12 @@ in {
users.users = {
"${name}" = rec {
inherit name;
+ createHome = mkForce false;
group = name;
uid = genid_uint31 name;
description = "radio manager";
home = "/home/${name}";
useDefaultShell = true;
- createHome = true;
openssh.authorizedKeys.keys = with config.krebs.users; [
lass.pubkey
lass-mors.pubkey
@@ -148,27 +147,37 @@ in {
audio_output {
type "httpd"
- name "lassulus radio mp3"
- encoder "lame" # optional
- port "8002"
- quality "5.0" # do not define if bitrate is defined
- # bitrate "128" # do not define if quality is defined
+ name "raw radio"
+ encoder "wave"
+ port "7900"
format "44100:16:2"
always_on "yes" # prevent MPD from disconnecting all listeners when playback is stopped.
tags "yes" # httpd supports sending tags to listening streams.
}
+ '';
+ };
+ services.liquidsoap.streams.radio-news = pkgs.writeText "radio-news.liq" ''
+ source = mksafe(input.http("http://localhost:7900/raw.wave"))
- audio_output {
- type "httpd"
- name "lassulus radio"
- encoder "vorbis" # optional
- port "8000"
- quality "5.0" # do not define if bitrate is defined
- # bitrate "128" # do not define if quality is defined
- format "44100:16:2"
- always_on "yes" # prevent MPD from disconnecting all listeners when playback is stopped.
- tags "yes" # httpd supports sending tags to listening streams.
- }
+ output.icecast(mount = '/music.ogg', password = 'hackme', %vorbis(quality = 1), source)
+ output.icecast(mount = '/music.mp3', password = 'hackme', %mp3.vbr(), source)
+ output.icecast(mount = '/music.opus', password = 'hackme', %opus(), source)
+
+ extra_input = audio_to_stereo(input.harbor("live", port=1338))
+
+ o = smooth_add(normal = source, special = extra_input)
+ output.icecast(mount = '/radio.ogg', password = 'hackme', %vorbis(quality = 1), o)
+ output.icecast(mount = '/radio.mp3', password = 'hackme', %mp3.vbr(), o)
+ output.icecast(mount = '/radio.opus', password = 'hackme', %opus(), o)
+ '';
+ services.icecast = {
+ enable = true;
+ hostname = "radio.lassul.us";
+ admin.password = "hackme";
+ extraConf = ''
+ <authentication>
+ <source-password>hackme</source-password>
+ </authentication>
'';
};
@@ -176,7 +185,6 @@ in {
tables = {
filter.INPUT.rules = [
{ predicate = "-p tcp --dport 8000"; target = "ACCEPT"; }
- { predicate = "-p tcp --dport 8002"; target = "ACCEPT"; }
{ predicate = "-i retiolum -p tcp --dport 8001"; target = "ACCEPT"; }
];
};
@@ -219,13 +227,16 @@ in {
systemd.services.radio-recent = let
recentlyPlayed = pkgs.writeDash "recentlyPlayed" ''
+ set -xeu
LIMIT=1000 #how many tracks to keep in the history
- HISTORY_FILE=/tmp/played
+ HISTORY_FILE=/var/lib/radio/recent
while :; do
${pkgs.mpc_cli}/bin/mpc idle player > /dev/null
${pkgs.mpc_cli}/bin/mpc current -f %file%
done | while read track; do
- listeners=$(${pkgs.iproute}/bin/ss -Hno state established 'sport = :8000' | grep '^tcp' | wc -l)
+
+ listeners=$(${pkgs.curl}/bin/curl lassul.us:8000/status-json.xsl |
+ ${pkgs.jq}/bin/jq '[.icestats.source[].listeners] | add')
echo "$(date -Is)" "$track" | tee -a "$HISTORY_FILE"
echo "$(tail -$LIMIT "$HISTORY_FILE")" > "$HISTORY_FILE"
${set_irc_topic} "playing: $track listeners: $listeners"
@@ -345,7 +356,8 @@ in {
proxy_pass http://localhost:8000;
'';
locations."= /recent".extraConfig = ''
- alias /tmp/played;
+ default_type "text/plain";
+ alias /var/lib/radio/recent;
'';
locations."= /current".extraConfig = ''
proxy_pass http://localhost:8001;
diff --git a/submodules/krops b/submodules/krops
-Subproject 13ae434b140035e7e2664bd5a8ef4c475413b2e
+Subproject 89e5e67659bbbf0da53cc2cc5dea644b9a2301f