summaryrefslogtreecommitdiffstats
path: root/lass/2configs
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2023-01-06 12:17:36 +0100
committertv <tv@krebsco.de>2023-01-06 12:17:36 +0100
commit2cd5ed169963725cabda22635f5b4439be5e9ad0 (patch)
treebc11f3954b96f2fad2349661a1e8c4569ea84160 /lass/2configs
parent221d5dc01244ffce0c14426e90b76f392d4c5dfa (diff)
parent0b2952f4ed9572521f7c4a21904943ac33c602b0 (diff)
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'lass/2configs')
-rw-r--r--lass/2configs/radio/default.nix10
-rw-r--r--lass/2configs/radio/radio.liq6
-rw-r--r--lass/2configs/radio/weather.nix13
-rw-r--r--lass/2configs/radio/weather_for_ips.py49
-rw-r--r--lass/2configs/riot.nix59
-rw-r--r--lass/2configs/yellow-host.nix14
-rw-r--r--lass/2configs/yellow-mounts/samba.nix (renamed from lass/2configs/prism-mounts/samba.nix)4
7 files changed, 121 insertions, 34 deletions
diff --git a/lass/2configs/radio/default.nix b/lass/2configs/radio/default.nix
index dfb3d7e0b..46540969b 100644
--- a/lass/2configs/radio/default.nix
+++ b/lass/2configs/radio/default.nix
@@ -3,7 +3,7 @@
let
name = "radio";
- music_dir = "/home/radio/music";
+ music_dir = "/var/music";
skip_track = pkgs.writers.writeBashBin "skip_track" ''
set -eu
@@ -303,10 +303,10 @@ in {
'';
};
services.syncthing.declarative.folders."the_playlist" = {
- path = "/home/radio/music/the_playlist";
+ path = "/var/music/the_playlist";
devices = [ "mors" "phone" "prism" "omo" ];
};
- krebs.acl."/home/radio/music/the_playlist"."u:syncthing:X".parents = true;
- krebs.acl."/home/radio/music/the_playlist"."u:syncthing:rwX" = {};
- krebs.acl."/home/radio/music/the_playlist"."u:radio:rwX" = {};
+ krebs.acl."/var/music/the_playlist"."u:syncthing:X".parents = true;
+ krebs.acl."/var/music/the_playlist"."u:syncthing:rwX" = {};
+ krebs.acl."/var/music/the_playlist"."u:radio:rwX" = {};
}
diff --git a/lass/2configs/radio/radio.liq b/lass/2configs/radio/radio.liq
index 70d316043..1366287a7 100644
--- a/lass/2configs/radio/radio.liq
+++ b/lass/2configs/radio/radio.liq
@@ -10,7 +10,7 @@ def stringify_attrs(attrs) =
out
end
-def filter_graveyard(req) =
+def filter_music(req) =
filename = request.filename(req)
if string.match(pattern = '.*/\\.graveyard/.*', filename) then
false
@@ -27,7 +27,7 @@ end
env = environment()
port = string.to_int(env["RADIO_PORT"], default = 8000)
-all_music = playlist(env["MUSIC"], check_next = filter_graveyard)
+all_music = playlist(env["MUSIC"], check_next = filter_music)
wishlist = request.queue()
tracks = fallback(track_sensitive = true, [wishlist, all_music])
tracks = blank.eat(tracks)
@@ -36,7 +36,7 @@ last_metadata = ref([])
def on_metadata(m) =
last_metadata := m
print("changing tracks")
- out = process.read(env["HOOK_TRACK_CHANGE"], env = m)
+ out = process.read(env["HOOK_TRACK_CHANGE"], env = m, timeout = 5.0)
print(out)
end
tracks.on_metadata(on_metadata)
diff --git a/lass/2configs/radio/weather.nix b/lass/2configs/radio/weather.nix
index 704bf7218..ad96d8ec0 100644
--- a/lass/2configs/radio/weather.nix
+++ b/lass/2configs/radio/weather.nix
@@ -18,11 +18,14 @@ let
MAXMIND_GEOIP_DB="/tmp/GeoLite2-City.mmdb"; export MAXMIND_GEOIP_DB
OPENWEATHER_API_KEY=$(cat "$CREDENTIALS_DIRECTORY/openweather_api"); export OPENWEATHER_API_KEY
ss -no 'sport = :8000' |
- jc --ss | jq -r '.[] |
- select(
- .local_address != "[::ffff:127.0.0.1]"
- and .local_address != "[::1]"
- ) | .peer_address | gsub("[\\[\\]]"; "")
+ jc --ss | jq -r '
+ [
+ .[] |
+ select(
+ .local_address != "[::ffff:127.0.0.1]"
+ and .local_address != "[::1]"
+ ) | .peer_address | gsub("[\\[\\]]"; "")
+ ] | unique[]
' |
${weather_for_ips}/bin/weather_for_ips
'';
diff --git a/lass/2configs/radio/weather_for_ips.py b/lass/2configs/radio/weather_for_ips.py
index 1f8489bd1..447c6389b 100644
--- a/lass/2configs/radio/weather_for_ips.py
+++ b/lass/2configs/radio/weather_for_ips.py
@@ -3,32 +3,43 @@ import fileinput
import json
import requests
import os
+import random
geoip = geoip2.database.Reader(os.environ['MAXMIND_GEOIP_DB'])
seen = {}
output = []
for ip in fileinput.input():
- location = geoip.city(ip.strip())
- if location.city.geoname_id not in seen:
- seen[location.city.geoname_id] = True
- weather_api_key = os.environ['OPENWEATHER_API_KEY']
- url = (
- f'https://api.openweathermap.org/data/2.5/onecall'
- f'?lat={location.location.latitude}'
- f'&lon={location.location.longitude}'
- f'&appid={weather_api_key}'
- f'&units=metric'
- )
- resp = requests.get(url)
- weather = json.loads(resp.text)
+ if "80.147.140.51" in ip:
output.append(
- f'Weather report for {location.city.name}, {location.country.name}. '
- f'It is {weather["current"]["weather"][0]["description"]} outside '
- f'with a temperature of {weather["current"]["temp"]:.1f} degrees, '
- f'a wind speed of {weather["current"]["wind_speed"]:.1f} meters per second '
- f'and a humidity of {weather["current"]["humidity"]} percent. '
- f'The probability of precipitation is {weather["hourly"][0]["pop"] * 100:.0f} percent. '
+ 'Weather report for c-base, space.'
+ 'It is empty space outside '
+ 'with a temperature of -270 degrees, '
+ 'a lightspeed of 299792 kilometers per second '
+ 'and a humidity of Not a Number percent. '
+ f'The probability of reincarnation is {random.randrange(0, 100)} percent.'
)
+ else:
+ location = geoip.city(ip.strip())
+ if location.city.geoname_id not in seen:
+ seen[location.city.geoname_id] = True
+ weather_api_key = os.environ['OPENWEATHER_API_KEY']
+ url = (
+ f'https://api.openweathermap.org/data/2.5/onecall'
+ f'?lat={location.location.latitude}'
+ f'&lon={location.location.longitude}'
+ f'&appid={weather_api_key}'
+ f'&units=metric'
+ )
+ resp = requests.get(url)
+ weather = json.loads(resp.text)
+ output.append(
+ f'Weather report for {location.city.name}, {location.country.name}. '
+ f'It is {weather["current"]["weather"][0]["description"]} outside '
+ f'with a temperature of {weather["current"]["temp"]:.1f} degrees, '
+ f'a wind speed of {weather["current"]["wind_speed"]:.1f} meters per second '
+ f'and a humidity of {weather["current"]["humidity"]} percent. '
+ f'The probability of precipitation is {weather["hourly"][0]["pop"] * 100:.0f} percent. '
+ )
print('\n'.join(output))
diff --git a/lass/2configs/riot.nix b/lass/2configs/riot.nix
new file mode 100644
index 000000000..559e7b20d
--- /dev/null
+++ b/lass/2configs/riot.nix
@@ -0,0 +1,59 @@
+{ config, lib, pkgs, ... }:
+{
+ containers.riot = {
+ config = {
+ environment.systemPackages = [
+ pkgs.dhcpcd
+ pkgs.git
+ pkgs.jq
+ ];
+ services.openssh.enable = true;
+ users.users.root.openssh.authorizedKeys.keys = [
+ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6o6sdTu/CX1LW2Ff5bNDqGEAGwAsjf0iIe5DCdC7YikCct+7x4LTXxY+nDlPMeGcOF88X9/qFwdyh+9E4g0nUAZaeL14Uc14QDqDt/aiKjIXXTepxE/i4JD9YbTqStAnA/HYAExU15yqgUdj2dnHu7OZcGxk0ZR1OY18yclXq7Rq0Fd3pN3lPP1T4QHM9w66r83yJdFV9szvu5ral3/QuxQnCNohTkR6LoJ4Ny2RbMPTRtb+jPbTQYTWUWwV69mB8ot5nRTP4MRM9pu7vnoPF4I2S5DvSnx4C5zdKzsb7zmIvD4AmptZLrXj4UXUf00Xf7Js5W100Ne2yhYyhq+35 riot@lagrange"
+ ];
+ networking.defaultGateway = "10.233.1.1";
+ systemd.services.autoswitch = {
+ environment = {
+ NIX_REMOTE = "daemon";
+ };
+ wantedBy = [ "multi-user.target" ];
+ serviceConfig.ExecStart = pkgs.writers.writeDash "autoswitch" ''
+ set -efu
+ if test -e /var/src/nixos-config; then
+ /run/current-system/sw/bin/nixos-rebuild -I /var/src switch || :
+ fi
+ '';
+ unitConfig.X-StopOnRemoval = false;
+ };
+ };
+ autoStart = true;
+ enableTun = true;
+ privateNetwork = true;
+ hostAddress = "10.233.1.1";
+ localAddress = "10.233.1.2";
+ forwardPorts = [
+ { hostPort = 45622; containerPort = 22; }
+ ];
+ };
+
+ systemd.network.networks."50-ve-riot" = {
+ matchConfig.Name = "ve-riot";
+
+ networkConfig = {
+ IPForward = "yes";
+ # weirdly we have to use POSTROUTING MASQUERADE here
+ # IPMasquerade = "both";
+ LinkLocalAddressing = "no";
+ KeepConfiguration = "static";
+ };
+ };
+
+ # networking.nat can be used instead of this
+ krebs.iptables.tables.nat.POSTROUTING.rules = [
+ { v6 = false; predicate = "-s ${config.containers.riot.localAddress}"; target = "MASQUERADE"; }
+ ];
+ krebs.iptables.tables.filter.FORWARD.rules = [
+ { predicate = "-i ve-riot"; target = "ACCEPT"; }
+ { predicate = "-o ve-riot"; target = "ACCEPT"; }
+ ];
+}
diff --git a/lass/2configs/yellow-host.nix b/lass/2configs/yellow-host.nix
new file mode 100644
index 000000000..d07c222c6
--- /dev/null
+++ b/lass/2configs/yellow-host.nix
@@ -0,0 +1,14 @@
+{ config, pkgs, ... }:
+{
+ lass.sync-containers3.containers.yellow = {
+ sshKey = "${toString <secrets>}/yellow.sync.key";
+ };
+ containers.yellow.bindMounts."/var/lib" = {
+ hostPath = "/var/lib/sync-containers3/yellow/state";
+ isReadOnly = false;
+ };
+ containers.yellow.bindMounts."/var/download" = {
+ hostPath = "/var/download";
+ isReadOnly = false;
+ };
+}
diff --git a/lass/2configs/prism-mounts/samba.nix b/lass/2configs/yellow-mounts/samba.nix
index 4b1475ef3..e16f1cc47 100644
--- a/lass/2configs/prism-mounts/samba.nix
+++ b/lass/2configs/yellow-mounts/samba.nix
@@ -1,6 +1,6 @@
{
- fileSystems."/mnt/prism" = {
- device = "//prism.r/public";
+ fileSystems."/mnt/yellow" = {
+ device = "//yellow.r/public";
fsType = "cifs";
options = [
"guest"