diff options
author | jeschli <jeschli@gmail.com> | 2018-04-10 18:17:58 +0200 |
---|---|---|
committer | jeschli <jeschli@gmail.com> | 2018-04-10 18:17:58 +0200 |
commit | ab7b04f55e9eb331e5f9ed254843ed8e0bcf9d78 (patch) | |
tree | 3c5811972b7fb1c58dbcdc3ac5f52a6bcf9f492b /makefu | |
parent | 3f9cbbc8d1f5420ef276633f087e63f700c386e7 (diff) | |
parent | 5b8c4d24e274bbf26e85420fc11b5bf7e24ac22d (diff) |
Merge branch 'master' of prism.r:stockholm
Diffstat (limited to 'makefu')
-rw-r--r-- | makefu/1systems/drop/source.nix | 1 | ||||
-rw-r--r-- | makefu/1systems/fileleech/source.nix | 3 | ||||
-rw-r--r-- | makefu/1systems/gum/config.nix | 2 | ||||
-rw-r--r-- | makefu/1systems/omo/config.nix | 9 | ||||
-rw-r--r-- | makefu/1systems/wbob/config.nix | 61 | ||||
-rw-r--r-- | makefu/2configs/bluetooth-mpd.nix | 68 | ||||
-rw-r--r-- | makefu/2configs/deployment/photostore.krebsco.de.nix | 1 | ||||
-rw-r--r-- | makefu/2configs/nginx/euer.wiki.nix | 4 | ||||
-rw-r--r-- | makefu/2configs/stats/arafetch.nix | 36 | ||||
-rw-r--r-- | makefu/6tests/data/secrets/torrent-secrets/auth.nix | 1 | ||||
-rw-r--r-- | makefu/source.nix | 4 |
11 files changed, 123 insertions, 67 deletions
diff --git a/makefu/1systems/drop/source.nix b/makefu/1systems/drop/source.nix index 74de846c0..45bd6f97e 100644 --- a/makefu/1systems/drop/source.nix +++ b/makefu/1systems/drop/source.nix @@ -1,3 +1,4 @@ import <stockholm/makefu/source.nix> { name="drop"; + torrent = true; } diff --git a/makefu/1systems/fileleech/source.nix b/makefu/1systems/fileleech/source.nix index 699267e21..caca1fbcb 100644 --- a/makefu/1systems/fileleech/source.nix +++ b/makefu/1systems/fileleech/source.nix @@ -1,3 +1,4 @@ import <stockholm/makefu/source.nix> { - name="fileleech"; + name = "fileleech"; + torrent = true; } diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index b859efc94..40fa233d3 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -52,7 +52,7 @@ in { # network <stockholm/makefu/2configs/vpn/openvpn-server.nix> - <stockholm/makefu/2configs/vpn/vpnws/server.nix> + # <stockholm/makefu/2configs/vpn/vpnws/server.nix> <stockholm/makefu/2configs/dnscrypt/server.nix> <stockholm/makefu/2configs/iodined.nix> diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix index 01438397e..bed6ae9fd 100644 --- a/makefu/1systems/omo/config.nix +++ b/makefu/1systems/omo/config.nix @@ -9,7 +9,7 @@ let keyFile = byid "usb-Verbatim_STORE_N_GO_070B3CEE0B223954-0:0"; rootDisk = byid "ata-SanDisk_SD8SNAT128G1122_162099420904"; rootPartition = byid "ata-SanDisk_SD8SNAT128G1122_162099420904-part2"; - primaryInterface = "enp1s0"; + primaryInterface = "enp2s0"; # cryptsetup luksFormat $dev --cipher aes-xts-plain64 -s 512 -h sha512 # cryptsetup luksAddKey $dev tmpkey # cryptsetup luksOpen $dev crypt0 --key-file tmpkey --keyfile-size=4096 @@ -54,6 +54,7 @@ in { #<stockholm/makefu/2configs/graphite-standalone.nix> #<stockholm/makefu/2configs/share-user-sftp.nix> <stockholm/makefu/2configs/share/omo.nix> + # <stockholm/makefu/2configs/share/omo-timemachine.nix> <stockholm/makefu/2configs/tinc/retiolum.nix> @@ -65,6 +66,7 @@ in { <stockholm/makefu/2configs/stats/external/aralast.nix> <stockholm/makefu/2configs/stats/telegraf> <stockholm/makefu/2configs/stats/telegraf/europastats.nix> + <stockholm/makefu/2configs/stats/arafetch.nix> # services <stockholm/makefu/2configs/syncthing.nix> @@ -72,6 +74,11 @@ in { <stockholm/makefu/2configs/remote-build/slave.nix> <stockholm/makefu/2configs/deployment/google-muell.nix> <stockholm/makefu/2configs/virtualisation/docker.nix> + <stockholm/makefu/2configs/bluetooth-mpd.nix> + { + hardware.pulseaudio.systemWide = true; + makefu.mpd.musicDirectory = "/media/cryptX/music"; + } # security diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix index 637d8e2d8..cfbcf0e9c 100644 --- a/makefu/1systems/wbob/config.nix +++ b/makefu/1systems/wbob/config.nix @@ -32,66 +32,7 @@ in { <stockholm/makefu/2configs/hydra/stockholm.nix> <stockholm/makefu/2configs/share/wbob.nix> - (let - musicDirectory = "/data/music"; - in { - services.mpd = { - enable = true; - inherit musicDirectory; - # dataDir = "/home/anders/.mpd"; - network.listenAddress = "any"; - extraConfig = '' - audio_output { - type "pulse" - name "Local MPD" - server "127.0.0.1" - } - ''; - }; - # open because of truestedInterfaces - # networking.firewall.allowedTCPPorts = [ 6600 4713 ]; - services.samba.shares.music = { - path = musicDirectory; - "read only" = "no"; - browseable = "yes"; - "guest ok" = "yes"; - }; - - sound.enable = true; - hardware.pulseaudio = { - enable = true; - package = pkgs.pulseaudioFull; - # systemWide = true; - support32Bit = true; - zeroconf.discovery.enable = true; - zeroconf.publish.enable = true; - tcp = { - enable = true; - anonymousClients.allowAll = true; - anonymousClients.allowedIpRanges = [ "127.0.0.1" "192.168.8.0/24" ]; - }; - configFile = pkgs.writeText "default.pa" '' - load-module module-udev-detect - load-module module-bluetooth-policy - load-module module-bluetooth-discover - load-module module-native-protocol-unix - load-module module-always-sink - load-module module-console-kit - load-module module-systemd-login - load-module module-intended-roles - load-module module-position-event-sounds - load-module module-filter-heuristics - load-module module-filter-apply - load-module module-native-protocol-tcp auth-ip-acl=127.0.0.1 - load-module module-switch-on-connect - # may be required for "system-wide" pulse to connect to bluetooth - #module-bluez5-device - #module-bluez5-discover - ''; - }; - # connect via https://nixos.wiki/wiki/Bluetooth#Using_Bluetooth_headsets_with_PulseAudio - hardware.bluetooth.enable = true; - }) + <stockholm/makefu/2configs/bluetooth-mpd.nix> # Sensors <stockholm/makefu/2configs/stats/telegraf> diff --git a/makefu/2configs/bluetooth-mpd.nix b/makefu/2configs/bluetooth-mpd.nix new file mode 100644 index 000000000..226f5cf1f --- /dev/null +++ b/makefu/2configs/bluetooth-mpd.nix @@ -0,0 +1,68 @@ +{ pkgs, config, lib, ... }: + +let + cfg = config.makefu.mpd; +in { + options.makefu.mpd.musicDirectory = lib.mkOption { + description = "music Directory"; + default = "/data/music"; + type = lib.types.str; + }; + config = { + services.mpd = { + enable = true; + inherit (cfg) musicDirectory; + network.listenAddress = "0.0.0.0"; + extraConfig = '' + audio_output { + type "pulse" + name "Local MPD" + server "127.0.0.1" + } + ''; + }; + # open because of truestedInterfaces + # networking.firewall.allowedTCPPorts = [ 6600 4713 ]; + services.samba.shares.music = { + path = cfg.musicDirectory; + "read only" = "no"; + browseable = "yes"; + "guest ok" = "yes"; + }; + + sound.enable = true; + hardware.pulseaudio = { + enable = true; + package = pkgs.pulseaudioFull; + # systemWide = true; + support32Bit = true; + zeroconf.discovery.enable = true; + zeroconf.publish.enable = true; + tcp = { + enable = true; + # PULSE_SERVER=192.168.1.11 pavucontrol + anonymousClients.allowAll = true; + }; + configFile = pkgs.writeText "default.pa" '' + load-module module-udev-detect + load-module module-bluetooth-policy + load-module module-bluetooth-discover + load-module module-native-protocol-unix + load-module module-always-sink + load-module module-console-kit + load-module module-systemd-login + load-module module-intended-roles + load-module module-position-event-sounds + load-module module-filter-heuristics + load-module module-filter-apply + load-module module-switch-on-connect + ''; + }; + # connect via https://nixos.wiki/wiki/Bluetooth#Using_Bluetooth_headsets_with_PulseAudio + hardware.bluetooth.enable = true; + #hardware.bluetooth.extraConfig = '' + # [general] + # Enable=Source,Sink,Media,Socket + #''; + }; +} diff --git a/makefu/2configs/deployment/photostore.krebsco.de.nix b/makefu/2configs/deployment/photostore.krebsco.de.nix index ecbca9ea3..19a8df235 100644 --- a/makefu/2configs/deployment/photostore.krebsco.de.nix +++ b/makefu/2configs/deployment/photostore.krebsco.de.nix @@ -30,6 +30,7 @@ in { forceSSL = true; locations = { "/".extraConfig = '' + expires -1; uwsgi_pass unix://${wsgi-sock}; uwsgi_param UWSGI_CHDIR ${workdir}; uwsgi_param UWSGI_MODULE cuserver.main; diff --git a/makefu/2configs/nginx/euer.wiki.nix b/makefu/2configs/nginx/euer.wiki.nix index 08bc5659f..99533b25c 100644 --- a/makefu/2configs/nginx/euer.wiki.nix +++ b/makefu/2configs/nginx/euer.wiki.nix @@ -17,6 +17,7 @@ let # contains: # user1 = pass1 # userN = passN + # afterwards put /var/www/<ext-dom>/user1.html as tiddlywiki tw-pass-file = "${sec}/tw-pass.ini"; in { @@ -45,7 +46,7 @@ in { systemd.services.prepare-tw = { wantedBy = [ "local-fs.target" ]; - before = [ "phpfpm.service" ]; + before = [ "phpfpm.service" "nginx.service" ]; serviceConfig = { ExecStart = pkgs.writeScript "prepare-tw-service" '' #!/bin/sh @@ -92,6 +93,7 @@ in { locations = { "/" = { root = wiki-dir; + index = "makefu.html"; extraConfig = '' expires -1; autoindex on; diff --git a/makefu/2configs/stats/arafetch.nix b/makefu/2configs/stats/arafetch.nix new file mode 100644 index 000000000..e04b12f9c --- /dev/null +++ b/makefu/2configs/stats/arafetch.nix @@ -0,0 +1,36 @@ +{ pkgs, lib, ...}: +with import <stockholm/lib>; +let + pkg = with pkgs.python3Packages;buildPythonPackage rec { + rev = "762d747"; + name = "europastats-${rev}"; + propagatedBuildInputs = [ + requests + docopt + influxdb + beautifulsoup4 + ]; + src = pkgs.fetchgit { + url = "http://cgit.euer.krebsco.de/arafetch"; + inherit rev; + sha256 = "164xiqbrr914lz0nh3i1dxz8iwg6vm2af3i3803cd3242nznw0ws"; + }; + }; + home = "/var/lib/arafetch"; +in { + users.users.arafetch = { + uid = genid "arafetch"; + inherit home; + createHome = true; + }; + + systemd.services.arafetch = { + startAt = "Mon 09:15:00"; + wantedBy = [ "multi-user.target" ]; + environment = { + OUTDIR = home; + }; + path = [ pkg pkgs.git pkgs.wget ]; + script = "${pkg}/bin/weekrun"; + }; +} diff --git a/makefu/6tests/data/secrets/torrent-secrets/auth.nix b/makefu/6tests/data/secrets/torrent-secrets/auth.nix deleted file mode 100644 index 0967ef424..000000000 --- a/makefu/6tests/data/secrets/torrent-secrets/auth.nix +++ /dev/null @@ -1 +0,0 @@ -{} diff --git a/makefu/source.nix b/makefu/source.nix index 6b32a1b40..d25fe5528 100644 --- a/makefu/source.nix +++ b/makefu/source.nix @@ -21,9 +21,9 @@ let ]; }; # TODO: automate updating of this ref + cherry-picks - ref = "6b6e72b"; # nixos-17.09 @ 2018-03-07 + ref = "6583793"; # nixos-17.09 @ 2018-03-07 # + do_sqlite3 ruby: 55a952be5b5 - # + signal: 0f19beef3 + # + signal: 0f19beef3, 50ad913, 9449782, b7046ab2 in evalSource (toString _file) [ |