summaryrefslogtreecommitdiffstats
path: root/makefu/2configs
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2018-04-03 23:20:32 +0200
committertv <tv@krebsco.de>2018-04-03 23:20:32 +0200
commiteb684c7618697b370cf69c175ef43e0ced361407 (patch)
tree2d81470fdf4063379270cfa32a2a3b6c4aa01008 /makefu/2configs
parent3108c4323806eee9798a6ba42977ea8f16343731 (diff)
parent1604ecfc706d2921248d0c9ac7cef02274842272 (diff)
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'makefu/2configs')
-rw-r--r--makefu/2configs/bluetooth-mpd.nix68
-rw-r--r--makefu/2configs/deployment/bureautomation/hass.nix75
-rw-r--r--makefu/2configs/deployment/owncloud.nix50
-rw-r--r--makefu/2configs/deployment/photostore.krebsco.de.nix1
-rw-r--r--makefu/2configs/git/cgit-retiolum.nix13
-rw-r--r--makefu/2configs/hw/tp-x2x0.nix2
-rw-r--r--makefu/2configs/nginx/euer.wiki.nix4
-rw-r--r--makefu/2configs/printer.nix1
-rw-r--r--makefu/2configs/stats/arafetch.nix36
-rw-r--r--makefu/2configs/tools/mic92.nix9
10 files changed, 249 insertions, 10 deletions
diff --git a/makefu/2configs/bluetooth-mpd.nix b/makefu/2configs/bluetooth-mpd.nix
new file mode 100644
index 000000000..226f5cf1f
--- /dev/null
+++ b/makefu/2configs/bluetooth-mpd.nix
@@ -0,0 +1,68 @@
+{ pkgs, config, lib, ... }:
+
+let
+ cfg = config.makefu.mpd;
+in {
+ options.makefu.mpd.musicDirectory = lib.mkOption {
+ description = "music Directory";
+ default = "/data/music";
+ type = lib.types.str;
+ };
+ config = {
+ services.mpd = {
+ enable = true;
+ inherit (cfg) musicDirectory;
+ network.listenAddress = "0.0.0.0";
+ extraConfig = ''
+ audio_output {
+ type "pulse"
+ name "Local MPD"
+ server "127.0.0.1"
+ }
+ '';
+ };
+ # open because of truestedInterfaces
+ # networking.firewall.allowedTCPPorts = [ 6600 4713 ];
+ services.samba.shares.music = {
+ path = cfg.musicDirectory;
+ "read only" = "no";
+ browseable = "yes";
+ "guest ok" = "yes";
+ };
+
+ sound.enable = true;
+ hardware.pulseaudio = {
+ enable = true;
+ package = pkgs.pulseaudioFull;
+ # systemWide = true;
+ support32Bit = true;
+ zeroconf.discovery.enable = true;
+ zeroconf.publish.enable = true;
+ tcp = {
+ enable = true;
+ # PULSE_SERVER=192.168.1.11 pavucontrol
+ anonymousClients.allowAll = true;
+ };
+ configFile = pkgs.writeText "default.pa" ''
+ load-module module-udev-detect
+ load-module module-bluetooth-policy
+ load-module module-bluetooth-discover
+ load-module module-native-protocol-unix
+ load-module module-always-sink
+ load-module module-console-kit
+ load-module module-systemd-login
+ load-module module-intended-roles
+ load-module module-position-event-sounds
+ load-module module-filter-heuristics
+ load-module module-filter-apply
+ load-module module-switch-on-connect
+ '';
+ };
+ # connect via https://nixos.wiki/wiki/Bluetooth#Using_Bluetooth_headsets_with_PulseAudio
+ hardware.bluetooth.enable = true;
+ #hardware.bluetooth.extraConfig = ''
+ # [general]
+ # Enable=Source,Sink,Media,Socket
+ #'';
+ };
+}
diff --git a/makefu/2configs/deployment/bureautomation/hass.nix b/makefu/2configs/deployment/bureautomation/hass.nix
new file mode 100644
index 000000000..b62f37bdb
--- /dev/null
+++ b/makefu/2configs/deployment/bureautomation/hass.nix
@@ -0,0 +1,75 @@
+{ pkgs, lib, ... }:
+let
+ firetv = "192.168.1.238";
+in {
+ imports = [
+ <nixpkgs-unstable/nixos/modules/services/misc/home-assistant.nix>
+ ];
+ systemd.services.firetv = {
+ wantedBy = [ "multi-user.target" ];
+ serviceConfig = {
+ User = "nobody";
+ ExecStart = "${pkgs.python-firetv}/bin/firetv-server -d ${firetv}:5555";
+ };
+ };
+ nixpkgs.config.packageOverrides = oldpkgs: {
+ home-assistant = (import <nixpkgs-unstable> {}).home-assistant;
+ };
+ ids.uids.hass = 286;
+ ids.gids.hass = 286;
+ services.home-assistant = {
+ #panel_iframe:
+ #configurator:
+ # title: Configurator
+ # icon: mdi:wrench
+ # url: http://hassio.local:3218
+ # sensor:
+ # - platform: random
+ enable = true;
+ config = {
+ homeassistant = {
+ name = "Bureautomation";
+ time_zone = "Europe/Berlin";
+ };
+ panel_iframe = {
+ euer_blog = {
+ title = "Euer Blog";
+ icon = "mdi:wrench";
+ url = "https://euer.krebsco.de";
+ };
+ };
+ media_player = [
+ { platform = "kodi";
+ host = firetv;
+ }
+ { platform = "firetv";
+ # assumes python-firetv running
+ }
+ ];
+ sensor = [
+ {
+ platform = "luftdaten";
+ name = "Shack 1";
+ sensorid = "50";
+ monitored_conditions = [ "P1" "P2" ];
+ }
+ {
+ platform = "luftdaten";
+ name = "Shack 2";
+ sensorid = "658";
+ monitored_conditions = [ "P1" "P2" ];
+ }
+ {
+ platform = "luftdaten";
+ name = "Ditzingen";
+ sensorid = "5341";
+ monitored_conditions = [ "P1" "P2" ];
+ }
+ { platform = "random"; }
+ ];
+ frontend = { };
+ http = { };
+ feedreader.urls = [ "https://nixos.org/blogs.xml" ];
+ };
+ };
+}
diff --git a/makefu/2configs/deployment/owncloud.nix b/makefu/2configs/deployment/owncloud.nix
index 3a9d57dbb..e9d4b18e0 100644
--- a/makefu/2configs/deployment/owncloud.nix
+++ b/makefu/2configs/deployment/owncloud.nix
@@ -1,6 +1,18 @@
{ lib, pkgs, config, ... }:
with lib;
+# imperative in config.php:
+# #local memcache:
+# 'memcache.local' => '\\OC\\Memcache\\APCu',
+# #local locking:
+# 'memcache.locking' => '\\OC\\Memcache\\Redis',
+# 'redis' =>
+# array (
+# 'host' => 'localhost',
+# 'port' => 6379,
+# ),
+
+
let
# TODO: copy-paste from lass/2/websites/util.nix
serveCloud = domains:
@@ -124,20 +136,48 @@ let
env[PATH] = ${lib.makeBinPath [ pkgs.php ]}
catch_workers_output = yes
'';
+ services.phpfpm.phpOptions = ''
+ opcache.enable=1
+ opcache.enable_cli=1
+ opcache.interned_strings_buffer=8
+ opcache.max_accelerated_files=10000
+ opcache.memory_consumption=128
+ opcache.save_comments=1
+ opcache.revalidate_freq=1
+
+ display_errors = on
+ display_startup_errors = on
+ always_populate_raw_post_data = -1
+ error_reporting = E_ALL | E_STRICT
+ html_errors = On
+ date.timezone = "Europe/Berlin"
+ # extension=${pkgs.phpPackages.memcached}/lib/php/extensions/memcached.so
+ extension=${pkgs.phpPackages.redis}/lib/php/extensions/redis.so
+ extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so
+ '';
};
in {
imports = [
( serveCloud [ "o.euer.krebsco.de" ] )
];
- services.mysql = { # TODO: currently nextcloud uses sqlite
+ services.redis.enable = true;
+ services.mysql = {
enable = false;
package = pkgs.mariadb;
rootPassword = config.krebs.secret.files.mysql_rootPassword.path;
- };
- services.mysqlBackup = {
- enable = false;
- databases = [ "nextcloud" ];
+ initialDatabases = [
+ # Or use writeText instead of literalExample?
+ #{ name = "nextcloud"; schema = literalExample "./nextcloud.sql"; }
+ {
+ name = "nextcloud";
+ schema = pkgs.writeText "nextcloud.sql"
+ ''
+ create user if not exists 'nextcloud'@'localhost' identified by 'password';
+ grant all privileges on nextcloud.* to 'nextcloud'@'localhost' identified by 'password';
+ '';
+ }
+ ];
};
# dataDir is only defined after mysql is enabled
# krebs.secret.files.mysql_rootPassword = {
diff --git a/makefu/2configs/deployment/photostore.krebsco.de.nix b/makefu/2configs/deployment/photostore.krebsco.de.nix
index ecbca9ea3..19a8df235 100644
--- a/makefu/2configs/deployment/photostore.krebsco.de.nix
+++ b/makefu/2configs/deployment/photostore.krebsco.de.nix
@@ -30,6 +30,7 @@ in {
forceSSL = true;
locations = {
"/".extraConfig = ''
+ expires -1;
uwsgi_pass unix://${wsgi-sock};
uwsgi_param UWSGI_CHDIR ${workdir};
uwsgi_param UWSGI_MODULE cuserver.main;
diff --git a/makefu/2configs/git/cgit-retiolum.nix b/makefu/2configs/git/cgit-retiolum.nix
index 1109e2519..30d90f9e3 100644
--- a/makefu/2configs/git/cgit-retiolum.nix
+++ b/makefu/2configs/git/cgit-retiolum.nix
@@ -3,10 +3,15 @@
with import <stockholm/lib>;
let
- repos = priv-repos // krebs-repos // connector-repos ;
+ repos = priv-repos // krebs-repos // connector-repos // krebsroot-repos;
rules = concatMap krebs-rules (attrValues krebs-repos)
++ concatMap priv-rules (attrValues priv-repos)
- ++ concatMap connector-rules (attrValues connector-repos);
+ ++ concatMap connector-rules (attrValues connector-repos)
+ ++ concatMap krebsroot-rules (attrValues krebsroot-repos);
+
+ krebsroot-repos = mapAttrs make-krebs-repo {
+ hydra-stockholm = { };
+ };
krebs-repos = mapAttrs make-krebs-repo {
stockholm = {
@@ -28,7 +33,6 @@ let
init-stockholm = {
cgit.desc = "Init stuff for stockholm";
};
- hydra-stockholm = { };
};
priv-repos = mapAttrs make-priv-repo {
@@ -70,6 +74,9 @@ let
krebs-rules = repo:
set-owners repo all-makefu ++ set-ro-access repo krebsminister;
+ krebsroot-rules = repo:
+ set-owners repo (all-makefu ++ krebsminister);
+
set-ro-access = with git; repo: user:
optional repo.public {
inherit user;
diff --git a/makefu/2configs/hw/tp-x2x0.nix b/makefu/2configs/hw/tp-x2x0.nix
index f33c12a8f..98fe30daf 100644
--- a/makefu/2configs/hw/tp-x2x0.nix
+++ b/makefu/2configs/hw/tp-x2x0.nix
@@ -38,7 +38,7 @@ with import <stockholm/lib>;
services.tlp.enable = true;
services.tlp.extraConfig = ''
# BUG: http://linrunner.de/en/tlp/docs/tlp-faq.html#erratic-battery
- START_CHARGE_THRESH_BAT0=67
+ START_CHARGE_THRESH_BAT0=95
STOP_CHARGE_THRESH_BAT0=100
diff --git a/makefu/2configs/nginx/euer.wiki.nix b/makefu/2configs/nginx/euer.wiki.nix
index 08bc5659f..99533b25c 100644
--- a/makefu/2configs/nginx/euer.wiki.nix
+++ b/makefu/2configs/nginx/euer.wiki.nix
@@ -17,6 +17,7 @@ let
# contains:
# user1 = pass1
# userN = passN
+ # afterwards put /var/www/<ext-dom>/user1.html as tiddlywiki
tw-pass-file = "${sec}/tw-pass.ini";
in {
@@ -45,7 +46,7 @@ in {
systemd.services.prepare-tw = {
wantedBy = [ "local-fs.target" ];
- before = [ "phpfpm.service" ];
+ before = [ "phpfpm.service" "nginx.service" ];
serviceConfig = {
ExecStart = pkgs.writeScript "prepare-tw-service" ''
#!/bin/sh
@@ -92,6 +93,7 @@ in {
locations = {
"/" = {
root = wiki-dir;
+ index = "makefu.html";
extraConfig = ''
expires -1;
autoindex on;
diff --git a/makefu/2configs/printer.nix b/makefu/2configs/printer.nix
index 51e69d8b7..d5fa65ef9 100644
--- a/makefu/2configs/printer.nix
+++ b/makefu/2configs/printer.nix
@@ -9,6 +9,7 @@ in {
pkgs.samsungUnifiedLinuxDriver
pkgs.cups-dymo # dymo labelwriter
pkgs.foo2zjs # magicolor 1690mf
+ pkgs.zj-58
];
};
diff --git a/makefu/2configs/stats/arafetch.nix b/makefu/2configs/stats/arafetch.nix
new file mode 100644
index 000000000..e04b12f9c
--- /dev/null
+++ b/makefu/2configs/stats/arafetch.nix
@@ -0,0 +1,36 @@
+{ pkgs, lib, ...}:
+with import <stockholm/lib>;
+let
+ pkg = with pkgs.python3Packages;buildPythonPackage rec {
+ rev = "762d747";
+ name = "europastats-${rev}";
+ propagatedBuildInputs = [
+ requests
+ docopt
+ influxdb
+ beautifulsoup4
+ ];
+ src = pkgs.fetchgit {
+ url = "http://cgit.euer.krebsco.de/arafetch";
+ inherit rev;
+ sha256 = "164xiqbrr914lz0nh3i1dxz8iwg6vm2af3i3803cd3242nznw0ws";
+ };
+ };
+ home = "/var/lib/arafetch";
+in {
+ users.users.arafetch = {
+ uid = genid "arafetch";
+ inherit home;
+ createHome = true;
+ };
+
+ systemd.services.arafetch = {
+ startAt = "Mon 09:15:00";
+ wantedBy = [ "multi-user.target" ];
+ environment = {
+ OUTDIR = home;
+ };
+ path = [ pkg pkgs.git pkgs.wget ];
+ script = "${pkg}/bin/weekrun";
+ };
+}
diff --git a/makefu/2configs/tools/mic92.nix b/makefu/2configs/tools/mic92.nix
new file mode 100644
index 000000000..176e461c7
--- /dev/null
+++ b/makefu/2configs/tools/mic92.nix
@@ -0,0 +1,9 @@
+{ pkgs, ... }:
+{
+ nixpkgs.overlays = [
+ (import <mic92/nixos/overlays/mypackages>)
+ ];
+ users.users.makefu.packages = [
+ pkgs.nix-review
+ ];
+}