diff options
author | makefu <github@syntax-fehler.de> | 2022-02-14 19:48:45 +0100 |
---|---|---|
committer | makefu <github@syntax-fehler.de> | 2022-02-14 19:48:45 +0100 |
commit | a677e709924001ff1b1b591b6011184fb90addd9 (patch) | |
tree | 7aa00fc6012deef486b5e4c154fb51cd6c8e368d | |
parent | bf3c158391b982ed660fd968d4bb2a19590bf5bd (diff) | |
parent | 29dbbbb453bd4fabd91a21f9c3a1f37521b2aec8 (diff) |
Merge remote-tracking branch 'lass/master'
-rw-r--r-- | krebs/3modules/external/default.nix | 25 | ||||
-rw-r--r-- | krebs/3modules/external/mic92.nix | 27 | ||||
-rw-r--r-- | krebs/3modules/tinc.nix | 13 | ||||
-rw-r--r-- | krebs/3modules/tv/default.nix | 13 | ||||
-rw-r--r-- | krebs/3modules/tv/wiregrill/umz.pub | 1 | ||||
-rw-r--r-- | krebs/nixpkgs-unstable.json | 8 | ||||
-rw-r--r-- | krebs/nixpkgs.json | 8 | ||||
-rw-r--r-- | lass/1systems/prism/config.nix | 1 | ||||
-rw-r--r-- | lass/2configs/hass/default.nix | 13 | ||||
-rw-r--r-- | lass/2configs/radio-news.nix | 52 | ||||
-rw-r--r-- | lass/2configs/radio.nix | 60 | ||||
m--------- | submodules/krops | 0 |
12 files changed, 166 insertions, 55 deletions
diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index 1b51f0223..cc67c1a0a 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -563,6 +563,31 @@ in { }; }; }; + alsace = { + owner = config.krebs.users.xkey; + nets = { + retiolum = { + ip4.addr = "10.243.73.31"; + aliases = [ "alsace.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAn9mZHXfUcR1/oby6KB1Z8s1AAuie4l5G624r0UqbWu+4xowFIeZs + kv2dqd+yiqammAA9P207ooLbGBp+P6i4f5VMCemkCnv0sC1TJ+DNwYqWYcFRZE7I + j00fw/QI9d6L1c4CqZHJPQXEHG3v46qPuUow8FDJ6fjoBmy6biHjSd0XC7oHGqRh + GE5RolnqUiQhW0b4TkHJV4yUfVki+olxQtYd4xIHs1hcSqoMK898jsPX5cLgoCzR + NPZVyHf2BM0urPn4mu/th4ZDKpQtrqeI7h6yhnzJ0onhtValwHiA3/DcHcWmYvHC + vw6umyiCqFDx2kmzOnpkBWv65ugKUwDSZR8ibp3q7W9iPBiCPv0FtKXsQW9EngSS + asQWC8U6cB23nKuMYQrtD33fVwYn58FBIY6+avroc7XN5cPM/9VBHqyXSDZNAWtt + TwC/sXFWqT6AbTwLV6zY1TW4jiwKOh3KAVnHqQhUhNlEMk6EFOjR1CABSwUVXleR + 5whr1RbKAsrhqMprGKHndvxLXjbKSh6A0bVdOLOzSs7BME2Oi1OdHd6tqqYmcyuV + XQnFcOYKxF0RM83/V8rEgvVisIxXTGVrGw8Kse7PGFA1dGldptTC6kofLUxzADNw + bRnXtRk8VR0BBzTuPNDgUXL2XQLht6FwDKCA/En2vId98yc2uuDk468CAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "lPvwNm2mfF+rX3noqt+80c7nlDCpC+98JPLWx2jJRLN"; + }; + }; + }; papawhakaaro = { owner = config.krebs.users.feliks; nets = { diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix index dd6f4f456..db57b5944 100644 --- a/krebs/3modules/external/mic92.nix +++ b/krebs/3modules/external/mic92.nix @@ -95,7 +95,6 @@ in { owner = config.krebs.users.mic92; nets = { retiolum = { - ip4.addr = "10.243.29.189"; aliases = [ "dimitriosxps.r" ]; @@ -173,7 +172,12 @@ in { }; retiolum = { via = internet; - aliases = [ "eve.r" "tts.r" ]; + aliases = [ + "eve.r" + "tts.r" + "flood.r" + "navidrome.r" + ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- MIICCgKCAgEAw5cxGjnWCG8dcuhTddvGHzH0/VjxHA5V8qJXH2R5k8ki8dsM5FRH @@ -865,5 +869,24 @@ in { }; }; }; + hal9000 = { + owner = config.krebs.users.mic92; + nets = rec { + retiolum = { + aliases = [ "hal9000.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA5aunzoz6WIjeQgfibml6T+UNsXXcoglhCqRkun7WaSHE93SQcCil + CDoUoq2aeiGTZ189LgdSyeRL7qmBzgVExIT4NlhfBCkNbHB/sz6epBb9qx49hLh5 + K/tJfUBYKRd06ymSXPK+cCiO0/gM8fjzI+3GMlYvcbZ+ow11zTRgX/QB2lE1G8cW + Obh/nS0af7G6wmovHsKEpry5AxoAPLLi5JaP4hlc/i0iCbebMqb+szF0KBAbmDg3 + JQ4MYIyQOw9kk7hfqTNFEvJhpbV66id2+ZIHX6QAw7OHBpaY6ZWFd/w2BkJHeayb + 2jRnsJd0YgautgBGrBrjRWiVmn/f+lJ4XQIDAQAB + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "krVYgJo5OFZkyUOgasH9dFve4OI3ewpt8IFhCPan7mB"; + }; + }; + }; }; } diff --git a/krebs/3modules/tinc.nix b/krebs/3modules/tinc.nix index 31371af59..bc85aa0a6 100644 --- a/krebs/3modules/tinc.nix +++ b/krebs/3modules/tinc.nix @@ -26,7 +26,7 @@ with import <stockholm/lib>; ${tinc.config.extraConfig} ''; "tinc-up" = pkgs.writeDash "${netname}-tinc-up" '' - ${tinc.config.iproutePackage}/sbin/ip link set ${netname} up + ip link set ${netname} up ${tinc.config.tincUp} ''; }); @@ -58,15 +58,14 @@ with import <stockholm/lib>; type = types.str; default = let net = tinc.config.host.nets.${netname}; - iproute = tinc.config.iproutePackage; in '' ${optionalString (net.ip4 != null) /* sh */ '' - ${iproute}/sbin/ip -4 addr add ${net.ip4.addr} dev ${netname} - ${iproute}/sbin/ip -4 route add ${net.ip4.prefix} dev ${netname} + ip -4 addr add ${net.ip4.addr} dev ${netname} + ip -4 route add ${net.ip4.prefix} dev ${netname} ''} ${optionalString (net.ip6 != null) /* sh */ '' - ${iproute}/sbin/ip -6 addr add ${net.ip6.addr} dev ${netname} - ${iproute}/sbin/ip -6 route add ${net.ip6.prefix} dev ${netname} + ip -6 addr add ${net.ip6.addr} dev ${netname} + ip -6 route add ${net.ip6.prefix} dev ${netname} ''} ${tinc.config.tincUpExtra} ''; @@ -176,7 +175,7 @@ with import <stockholm/lib>; connectTo = mkOption { type = types.listOf types.str; ${if netname == "retiolum" then "default" else null} = [ - "gum" + "eve" "ni" "prism" ]; diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix index 4e40561c2..e096118c6 100644 --- a/krebs/3modules/tv/default.nix +++ b/krebs/3modules/tv/default.nix @@ -200,9 +200,13 @@ in { ''; tinc.pubkey_ed25519 = "nDuK96NlNhcxzlX7G30w/706RxItb+FhkFkz/VhUgCE"; }; - wiregrill.wireguard.subnets = [ - (krebs.genipv6 "wiregrill" "tv" 0).subnetCIDR - ]; + wiregrill = { + via = config.krebs.hosts.ni.nets.internet; + ip4.addr = "10.244.3.1"; + wireguard.subnets = [ + (krebs.genipv6 "wiregrill" "tv" 0).subnetCIDR + ]; + }; }; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILGDdcKwFm6udU0/x6XGGb87k9py0VlrxF54HeYu9Izb"; }; @@ -345,6 +349,9 @@ in { ssh.privkey.path = <secrets/ssh.id_rsa>; ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDNjHxyUC7afNGSwfwBfQizmDnHTNLWDRHE8SY9W4oiw2lPhCFGTN8Jz84CKtnABbZhbNY1E8T58emF2h45WzDg/OGi8DPAk4VsXSkIhyvAto+nkTy2L4atjqfvXDvqxTDC9sui+t8p5OqOK+sghe4kiy+Vx1jhnjSnkQsx9Kocu24BYTkNqYxG7uwOz6t262XYNwMn13Y2K/yygDR3Uw3wTnEjpaYnObRxxJS3iTECDzgixiQ6ewXwYNggpzO/+EfW1BTz5vmuEVf4GbQ9iEc7IsVXHhR+N0boCscvSgae9KW9MBun0A2veRFXNkkfBEMfzelz+S63oeVfelkBq6N5aLsHYYGC4VQjimScelHYVwxR7O4fV+NttJaFF7H06FJeFzPt3NYZeoPKealD5y2Muh1UnewpmkMgza9hQ9EmI4/G1fMowqeMq0U6Hu0QMDUAagyalizN97AfsllY2cs0qLNg7+zHMPwc5RgLzs73oPUsF3umz0O42I5p5733vveUlWi5IZeI8CA1ZKdpwyMXXNhIOHs8u+yGsOLfSy3RgjVKp2GjN4lfnFd0LI+p7iEsEWDRkIAvGCOFepsebyVpBjGP+Kqs10bPGpk5dMcyn9iBJejoz9ka+H9+JAG04LnXwt6Rf1CRV3VRCRX1ayZEjRv9czV7U9ZpuFQcIlVRJQ== root@zu"; }; + umz = { + nets.wiregrill.ip4.addr = "10.244.3.101"; + }; }; sitemap = { "http://cgit.krebsco.de" = { diff --git a/krebs/3modules/tv/wiregrill/umz.pub b/krebs/3modules/tv/wiregrill/umz.pub new file mode 100644 index 000000000..c041b5eee --- /dev/null +++ b/krebs/3modules/tv/wiregrill/umz.pub @@ -0,0 +1 @@ +FpghL2Drdg+xwqcOsDgePgUx3X3XsX9f56BPLuF690g= diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json index e8b6076a4..12afe0e9c 100644 --- a/krebs/nixpkgs-unstable.json +++ b/krebs/nixpkgs-unstable.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "689b76bcf36055afdeb2e9852f5ecdd2bf483f87", - "date": "2022-01-23T03:10:13+01:00", - "path": "/nix/store/s6kxwpz8k02mg1wqsf06bsjygwi6xr6j-nixpkgs", - "sha256": "08d38db4707jdm3gws82y6bynh6k8qal4s1cms9zqd9cdwcmylyj", + "rev": "60c52a73f1d5858020ac4f161cd5bf1c9650f8b8", + "date": "2022-02-07T23:59:33+00:00", + "path": "/nix/store/5w1yn77d2b44wq0w7b8cqqqfap2897n2-nixpkgs", + "sha256": "1xyi4xag084ikcbis3iixpvfsmlfm2s105j58770x7k24mkrif7n", "fetchLFS": false, "fetchSubmodules": false, "deepClone": false, diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index 001371820..22d465b27 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "604c44137d97b5111be1ca5c0d97f6e24fbc5c2c", - "date": "2022-01-23T10:04:55-08:00", - "path": "/nix/store/r22j0r232a5y02yhd1avaw27zqdbhx1x-nixpkgs", - "sha256": "0gzhigyn8f7vps4a5vc1c8wbim59724s179a7d0h3gv6ss9avdj4", + "rev": "521e4d7d13b09bc0a21976b9d19abd197d4e3b1e", + "date": "2022-02-07T00:29:53+00:00", + "path": "/nix/store/pvmrsiy8k37nwg18g7230g5kasbsf132-nixpkgs", + "sha256": "156b4wnm6y6lg0gz09mp48rd0mhcdazr5s888c4lbhlpn3j8h042", "fetchLFS": false, "fetchSubmodules": false, "deepClone": false, diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index a082ea623..c62091428 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -114,6 +114,7 @@ with import <stockholm/lib>; <stockholm/lass/2configs/exim-smarthost.nix> <stockholm/lass/2configs/privoxy-retiolum.nix> <stockholm/lass/2configs/radio.nix> + <stockholm/lass/2configs/radio-news.nix> <stockholm/lass/2configs/binary-cache/server.nix> <stockholm/lass/2configs/iodined.nix> <stockholm/lass/2configs/paste.nix> diff --git a/lass/2configs/hass/default.nix b/lass/2configs/hass/default.nix index 4ed0bfa5f..8f93e0cec 100644 --- a/lass/2configs/hass/default.nix +++ b/lass/2configs/hass/default.nix @@ -1,12 +1,6 @@ { config, lib, pkgs, ... }: with import ./lib.nix { inherit lib; }; let - unstable = import (pkgs.fetchFromGitHub { - owner = "nixos"; - repo = "nixpkgs"; - rev = (lib.importJSON ../../../krebs/nixpkgs-unstable.json).rev; - sha256 = (lib.importJSON ../../../krebs/nixpkgs-unstable.json).sha256; - }) {}; dwdwfsapi = pkgs.python3Packages.buildPythonPackage rec { pname = "dwdwfsapi"; version = "1.0.3"; @@ -35,17 +29,14 @@ in { { predicate = "-i int0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto { predicate = "-i docker0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto { predicate = "-i int0 -p tcp --dport 8123"; target = "ACCEPT"; } # hass - { predicate = "-i int0 -p tcp --dport 1337"; target = "ACCEPT"; } # hass + { predicate = "-i int0 -p tcp --dport 1337"; target = "ACCEPT"; } # zigbee2mqtt frontend { predicate = "-i retiolum -p tcp --dport 8123"; target = "ACCEPT"; } # hass - { predicate = "-i retiolum -p tcp --dport 1337"; target = "ACCEPT"; } # hass frontend + { predicate = "-i retiolum -p tcp --dport 1337"; target = "ACCEPT"; } # zigbee2mqtt frontend { predicate = "-i wiregrill -p tcp --dport 8123"; target = "ACCEPT"; } # hass ]; services.home-assistant = { enable = true; - package = unstable.home-assistant.overrideAttrs (old: { - doInstallCheck = false; - }); configWritable = true; lovelaceConfigWritable = true; config = let diff --git a/lass/2configs/radio-news.nix b/lass/2configs/radio-news.nix new file mode 100644 index 000000000..a4e28c1b1 --- /dev/null +++ b/lass/2configs/radio-news.nix @@ -0,0 +1,52 @@ +{ config, pkgs, ... }: with pkgs.stockholm.lib; +let + weather_report = pkgs.writers.writeDashBin "weather_report" '' + set -efu + ${pkgs.curl}/bin/curl -sSL https://wttr.in/''${1-}?format=j1 \ + | ${pkgs.jq}/bin/jq -r ' + [.nearest_area[0] | "Weather report for \(.areaName[0].value), \(.country[0].value)."] + + [.current_condition[0] | "Currently it is \(.weatherDesc[0].value) outside with a temperature of \(.temp_C) degrees."] + | join("\n") + ' + ''; + send_to_radio = pkgs.writers.writeDashBin "send_to_radio" '' + ${pkgs.vorbisTools}/bin/oggenc - | + ${pkgs.libshout}/bin/shout --format ogg --host localhost --port 1338 --mount /live + ''; + + newsshow = pkgs.writers.writeDashBin "newsshow" /* sh */ '' + echo " + hello crabpeople! + $(${pkgs.ddate}/bin/ddate | sed 's/YOLD/Year of Discord/')! + It is $(date --utc +%H) o clock UTC. + $(weather_report berlin) + $(weather_report 70173) + $(weather_report munich) + " + ''; +in +{ + systemd.services.newsshow = { + path = [ + newsshow + send_to_radio + weather_report + pkgs.curl + pkgs.retry + ]; + script = '' + set -efu + retry -t 5 -d 10 -- newsshow | + retry -t 5 -d 10 -- curl -SsG http://tts.r/api/tts --data-urlencode 'text@-' | + retry -t 5 -d 10 -- send_to_radio + ''; + startAt = "*:00:00"; + }; + + ## debug + # environment.systemPackages = [ + # weather_report + # send_to_radio + # newsshow + # ]; +} diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix index 501251d13..15d07dada 100644 --- a/lass/2configs/radio.nix +++ b/lass/2configs/radio.nix @@ -1,6 +1,5 @@ { config, pkgs, ... }: - -with import <stockholm/lib>; +with pkgs.stockholm.lib; let name = "radio"; @@ -84,7 +83,7 @@ let ''; set_irc_topic = pkgs.writeDash "set_irc_topic" '' - ${pkgs.curl}/bin/curl -fsSv --unix-socket /home/radio/reaktor.sock http://z/ \ + ${pkgs.curl}/bin/curl -fsS --unix-socket /home/radio/reaktor.sock http://z/ \ -H content-type:application/json \ -d "$(${pkgs.jq}/bin/jq -n \ --arg text "$1" '{ @@ -109,12 +108,12 @@ in { users.users = { "${name}" = rec { inherit name; + createHome = mkForce false; group = name; uid = genid_uint31 name; description = "radio manager"; home = "/home/${name}"; useDefaultShell = true; - createHome = true; openssh.authorizedKeys.keys = with config.krebs.users; [ lass.pubkey lass-mors.pubkey @@ -148,27 +147,37 @@ in { audio_output { type "httpd" - name "lassulus radio mp3" - encoder "lame" # optional - port "8002" - quality "5.0" # do not define if bitrate is defined - # bitrate "128" # do not define if quality is defined + name "raw radio" + encoder "wave" + port "7900" format "44100:16:2" always_on "yes" # prevent MPD from disconnecting all listeners when playback is stopped. tags "yes" # httpd supports sending tags to listening streams. } + ''; + }; + services.liquidsoap.streams.radio-news = pkgs.writeText "radio-news.liq" '' + source = mksafe(input.http("http://localhost:7900/raw.wave")) - audio_output { - type "httpd" - name "lassulus radio" - encoder "vorbis" # optional - port "8000" - quality "5.0" # do not define if bitrate is defined - # bitrate "128" # do not define if quality is defined - format "44100:16:2" - always_on "yes" # prevent MPD from disconnecting all listeners when playback is stopped. - tags "yes" # httpd supports sending tags to listening streams. - } + output.icecast(mount = '/music.ogg', password = 'hackme', %vorbis(quality = 1), source) + output.icecast(mount = '/music.mp3', password = 'hackme', %mp3.vbr(), source) + output.icecast(mount = '/music.opus', password = 'hackme', %opus(), source) + + extra_input = audio_to_stereo(input.harbor("live", port=1338)) + + o = smooth_add(normal = source, special = extra_input) + output.icecast(mount = '/radio.ogg', password = 'hackme', %vorbis(quality = 1), o) + output.icecast(mount = '/radio.mp3', password = 'hackme', %mp3.vbr(), o) + output.icecast(mount = '/radio.opus', password = 'hackme', %opus(), o) + ''; + services.icecast = { + enable = true; + hostname = "radio.lassul.us"; + admin.password = "hackme"; + extraConf = '' + <authentication> + <source-password>hackme</source-password> + </authentication> ''; }; @@ -176,7 +185,6 @@ in { tables = { filter.INPUT.rules = [ { predicate = "-p tcp --dport 8000"; target = "ACCEPT"; } - { predicate = "-p tcp --dport 8002"; target = "ACCEPT"; } { predicate = "-i retiolum -p tcp --dport 8001"; target = "ACCEPT"; } ]; }; @@ -219,13 +227,16 @@ in { systemd.services.radio-recent = let recentlyPlayed = pkgs.writeDash "recentlyPlayed" '' + set -xeu LIMIT=1000 #how many tracks to keep in the history - HISTORY_FILE=/tmp/played + HISTORY_FILE=/var/lib/radio/recent while :; do ${pkgs.mpc_cli}/bin/mpc idle player > /dev/null ${pkgs.mpc_cli}/bin/mpc current -f %file% done | while read track; do - listeners=$(${pkgs.iproute}/bin/ss -Hno state established 'sport = :8000' | grep '^tcp' | wc -l) + + listeners=$(${pkgs.curl}/bin/curl lassul.us:8000/status-json.xsl | + ${pkgs.jq}/bin/jq '[.icestats.source[].listeners] | add') echo "$(date -Is)" "$track" | tee -a "$HISTORY_FILE" echo "$(tail -$LIMIT "$HISTORY_FILE")" > "$HISTORY_FILE" ${set_irc_topic} "playing: $track listeners: $listeners" @@ -345,7 +356,8 @@ in { proxy_pass http://localhost:8000; ''; locations."= /recent".extraConfig = '' - alias /tmp/played; + default_type "text/plain"; + alias /var/lib/radio/recent; ''; locations."= /current".extraConfig = '' proxy_pass http://localhost:8001; diff --git a/submodules/krops b/submodules/krops -Subproject 13ae434b140035e7e2664bd5a8ef4c475413b2e +Subproject 89e5e67659bbbf0da53cc2cc5dea644b9a2301f |