diff options
-rw-r--r-- | krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh | 2 | ||||
-rw-r--r-- | krebs/5pkgs/simple/fortclientsslvpn/default.nix | 4 | ||||
-rw-r--r-- | makefu/1systems/fileleech/config.nix | 75 | ||||
-rw-r--r-- | makefu/1systems/gum/config.nix | 27 | ||||
-rw-r--r-- | makefu/1systems/omo/config.nix | 1 | ||||
-rw-r--r-- | makefu/1systems/vbob/config.nix | 64 | ||||
-rw-r--r-- | makefu/1systems/vbob/source.nix | 2 | ||||
-rw-r--r-- | makefu/1systems/wbob/config.nix | 3 | ||||
-rw-r--r-- | makefu/2configs/hw/tp-x2x0.nix | 5 | ||||
-rw-r--r-- | makefu/2configs/mosh.nix | 3 | ||||
-rw-r--r-- | makefu/2configs/stats/telegraf/airsensor.nix | 36 | ||||
-rw-r--r-- | makefu/2configs/tools/dev.nix | 2 | ||||
-rw-r--r-- | makefu/2configs/tools/mobility.nix | 1 | ||||
-rw-r--r-- | makefu/2configs/torrent.nix | 13 | ||||
-rw-r--r-- | makefu/5pkgs/vpn-ws/default.nix | 2 |
15 files changed, 157 insertions, 83 deletions
diff --git a/krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh b/krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh index 3b4d04f80..d500b3cb3 100644 --- a/krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh +++ b/krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh @@ -2,5 +2,5 @@ set -eu printf "Sie meinten wohl \"" echo -n $@ | sed 's/Shack/shack/g' -echo "\"" +echo "\" check out https://wiki.shackspace.de/project/logo_and_ci#name_ci" echo "${_from}--" diff --git a/krebs/5pkgs/simple/fortclientsslvpn/default.nix b/krebs/5pkgs/simple/fortclientsslvpn/default.nix index cbcfab05f..1f86d6fe4 100644 --- a/krebs/5pkgs/simple/fortclientsslvpn/default.nix +++ b/krebs/5pkgs/simple/fortclientsslvpn/default.nix @@ -12,8 +12,8 @@ stdenv.mkDerivation rec { src = fetchurl { # archive.org mirror: - # https://archive.org/download/ForticlientsslvpnLinux4.4.23171.tar/forticlientsslvpn_linux_4.4.2317.tar.gz - url = http://www.zen.co.uk/userfiles/knowledgebase/FortigateSSLVPNClient/forticlientsslvpn_linux_4.4.2317.tar.gz; + url = https://archive.org/download/ForticlientsslvpnLinux4.4.23171.tar/forticlientsslvpn_linux_4.4.2317.tar.gz; + # url = http://www.zen.co.uk/userfiles/knowledgebase/FortigateSSLVPNClient/forticlientsslvpn_linux_4.4.2317.tar.gz; sha256 = "19clnf9rgrnwazlpah8zz5kvz6kc8lxawrgmksx25k5ywflmbcrr"; }; phases = [ "unpackPhase" "buildPhase" "installPhase" "fixupPhase" ]; diff --git a/makefu/1systems/fileleech/config.nix b/makefu/1systems/fileleech/config.nix index b5ec370a5..e36afecd5 100644 --- a/makefu/1systems/fileleech/config.nix +++ b/makefu/1systems/fileleech/config.nix @@ -6,18 +6,18 @@ let rootDisk = byid "ata-INTEL_SSDSA2M080G2GC_CVPO003402PB080BGN"; rootPartition = rootDisk + "-part3"; - dataDisks = let - idpart = dev: byid dev + "-part1"; - in [ - { name = "crypt0"; device = idpart "scsi-1ATA_HUA722020ALA330_B9GDLJEF";} - { name = "crypt1"; device = idpart "scsi-1ATA_HUA722020ALA330_B9GGWG8F";} - { name = "crypt2"; device = idpart "scsi-1ATA_HUA722020ALA330_B9GH5NAF";} - { name = "crypt3"; device = idpart "scsi-1ATA_HUA722020ALA330_B9GJWGDF";} - { name = "crypt4"; device = idpart "scsi-1ATA_HUA722020ALA330_B9GKKXHF";} - { name = "crypt5"; device = idpart "scsi-1ATA_HUA722020ALA330_B9GKKXVF";} - { name = "crypt6"; device = idpart "scsi-1ATA_HUA722020ALA330_YAJJ8WRV";} - { name = "crypt7"; device = idpart "scsi-1ATA_HUA722020ALA330_YBKTUS4F";} # parity - ]; + dataDisks = let + idpart = dev: byid dev + "-part1"; + in [ + { name = "crypt0"; device = idpart "scsi-1ATA_HUA722020ALA330_B9GDLJEF";} + { name = "crypt1"; device = idpart "scsi-1ATA_HUA722020ALA330_B9GGWG8F";} + { name = "crypt2"; device = idpart "scsi-1ATA_HUA722020ALA330_B9GH5NAF";} + { name = "crypt3"; device = idpart "scsi-1ATA_HUA722020ALA330_B9GJWGDF";} + { name = "crypt4"; device = idpart "scsi-1ATA_HUA722020ALA330_B9GKKXHF";} + { name = "crypt5"; device = idpart "scsi-1ATA_HUA722020ALA330_B9GKKXVF";} + { name = "crypt6"; device = idpart "scsi-1ATA_HUA722020ALA330_YAJJ8WRV";} + { name = "crypt7"; device = idpart "scsi-1ATA_HUA722020ALA330_YBKTUS4F";} # parity + ]; disks = [ { name = "luksroot"; device = rootPartition; } ] ++ dataDisks; in { @@ -25,13 +25,13 @@ in { <stockholm/makefu> <stockholm/makefu/2configs/tinc/retiolum.nix> <stockholm/makefu/2configs/disable_v6.nix> - # <stockholm/makefu/2configs/torrent.nix> + <stockholm/makefu/2configs/torrent.nix> <stockholm/makefu/2configs/fs/sda-crypto-root.nix> #<stockholm/makefu/2configs/elchos/irc-token.nix> - <stockholm/makefu/2configs/elchos/log.nix> - <stockholm/makefu/2configs/elchos/search.nix> - <stockholm/makefu/2configs/elchos/stats.nix> + # <stockholm/makefu/2configs/elchos/log.nix> + # <stockholm/makefu/2configs/elchos/search.nix> + # <stockholm/makefu/2configs/elchos/stats.nix> ]; systemd.services.grafana.serviceConfig.LimitNOFILE=10032; @@ -42,8 +42,8 @@ in { enable = true; build.host = config.krebs.hosts.fileleech; }; - # git clone https://github.com/makefu/docker-pyload - # docker build . + # git clone https://github.com/makefu/docker-pyload + # docker build . # docker run -d -v /var/lib/pyload:/opt/pyload/pyload-config -v /media/crypt0/pyload:/opt/pyload/Downloads --name pyload --restart=always -p 8112:8000 -P docker-pyload virtualisation.docker.enable = true; # for pyload @@ -60,7 +60,7 @@ in { ]; services.nginx.virtualHosts._download = { default = true; - root = "/media/cryptX"; + root = config.makefu.dl-dir; extraConfig = '' autoindex on; ''; @@ -80,10 +80,11 @@ in { services.sabnzbd.enable = true; systemd.services.sabnzbd.environment.SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; + # TODO use users.motd and pam.services.sshd.showMotd services.openssh.extraConfig = let banner = pkgs.writeText "openssh-banner" '' Services: - ssh://download@fileleech - ssh via filebitch.shack - ftp://download@fileleech - access to /media/cryptX + ssh://download@fileleech - ssh via filebitch + ftp://download@fileleech - access to ${config.makefu.dl-dir} http://fileleech:8112 - rutorrent http://fileleech:8113 - pyload https://fileleech:9090 - sabnzb @@ -104,13 +105,13 @@ in { cryptMount = name: { "/media/${name}" = { device = "/dev/mapper/${name}"; fsType = "xfs"; };}; in cryptMount "crypt0" - // cryptMount "crypt1" - // cryptMount "crypt2" - // cryptMount "crypt3" - // cryptMount "crypt4" - // cryptMount "crypt5" - // cryptMount "crypt6" - // cryptMount "crypt7" + // cryptMount "crypt1" + // cryptMount "crypt2" + // cryptMount "crypt3" + // cryptMount "crypt4" + // cryptMount "crypt5" + // cryptMount "crypt6" + // cryptMount "crypt7" # this entry sometimes creates issues // { "/media/cryptX" = { @@ -121,10 +122,10 @@ in { } ; + makefu.dl-dir = "/media/cryptX"; users.users.download = { useDefaultShell = true; # name = "download"; - home = "/media/cryptX/"; # createHome = true; openssh.authorizedKeys.keys = [ config.krebs.users.makefu.pubkey @@ -132,7 +133,7 @@ in { "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC7betFnMWVeBYRhJ+2f0B5WbDdbpteIVg/BlyimXbx79R7lZ7nUq5GyMLrp7B00frUuA0su8oFFN3ODPJDstgBslBIP7kWPR2zW8NOXorrbFo3J2fKvlO77k6/wD5/M11m5nS01/aVJgAgMGLg2W12G7EMf5Wq75YsQJC/S9p8kMca589djMPRuQETu7fWq0t/Gmwq+2ELLL0csRK87LvybA92JYkAIneRnGzIlCguOXq0Vcq6pGQ1J1PfVEP76Do33X29l2hZc/+vR9ExW6s2g7fs5/5LDX9Wnq7+AEsxiEf4IOeL0hCG4/CGGCN23J+6cDrNKOP94AHO1si0O2lxFsxgNU2vdVWPNgSLottiUFBPPNEZFD++sZyutzH6PIz6D90hB2Q52X6WN9ZUtlDfQ91rHd+S2BhR6f4dAqiRDXlI5MNNDdoTT4S5R0wU/UrNwjiV/xiu/hWZYGQK7YgY4grFRblr378r8FqjLvumPDFMDLVa9eJKq1ad1x/GV5tZpsttzWj4nbixaKlZOg+TN2GHboujLx3bANz1Jqfvfto8UOeKTtA8pkb8E1PJPpBMOZcA7oHaqJrp6Vuf/SkmglHnQvGbi60OK3s61nuRmIcBiTXd+4qeAJpq1QyEDj3X/+hV0Gwz8rCo6JGkF1ETW37ZYvqU9rxNXjS+/Pfktw== jules@kvasir-2015-02-13" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDINUD+p2yrc9KoTbCiuYhdfLlRu/eNX6BftToSMLs8O9qWQORjgXbDn8M9iUWXCHzdUZ9sm6Rz8TMdEV0jZq/nB01zYnW4NhMrt+NGtrmGqDa+eYrRZ4G7Rx8AYzM/ZSwERKX10txAVugV44xswRxWvFbCedujjXyWsxelf1ngb+Hiy9/CPuWNYEhTZs/YuvNkupCui2BuKuoSivJAkLhGk5YqwwcllCr39YXa/tFJWsgoQNcB9hwpzfhFm6Cc7m5DhmTWSVhQHEWyaas8Lukmd4v+mRY+KZpuhbomCHWzkxqzdBun8SXiiAKlgem9rtBIgeTEfz9OtOfF3/6VfqE7 toerb@mittagspause ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB0IP143FAHBHWjEEKGOnM8SSTIgNF1MJxGCMKaJvTHf momo@k2.local" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1ZJSpBb7Cxo+c2r2JJIcbYOTm/sJxOv2NFRoDfjxGS9CCwzRbzrwJcv2d23j35mu97x3+fUvo8DyMFLvLvume2PFCijqhMDzZZvjYXZdvXA+hnh53nqZf+Pjq8Xc3tSWBHQxUokaBmZbd4LlKHh8NgKVrP2zve6OPZMzo/Es93v37KEmT8d/PfVMrQEMPZzFrCVdq2RbpdQ1nhx09zRFW7OJOazgotafjx6IYXbVq2VDnjffXInsE9ZxDzYq1cNKIH0c2BLpTd3mv76iD9i+nD6W6s48+usFQnVLt2TY1uKkfMr7043E6jBxx5kNHBe5Xxr6Zs0SkR8kKOEhMO//4ucviUYKZJn8wk2SLkAyMYVBexx8jrTdlI4xgQ7RLpSIDTCm9dfbZY/YhZDJ21lsWduQqu7DFWMe05gg4NZDjf2kwYQOzATyqISGA7ttSEPT1iymr/ffAOgLBLSqWQAteUbI2U5cnflWZGwm33JF/Pyb4S3k3/f2mIBKiRx2lsGv6mx1w0SaYRtJxDWqGYMHuFiNYbq9r/bZfLqV3Fy9kRODFJTfJh8mcTnC4zabpiQ7fnqbh1qHu0WrrBSgFW0PR2WWCJ0e5Btj1yRgXp0+d5OuxxlVInRs+l2HogdxjonMhAHrTCzJtI8UJTKXKN0FBPRDRcepeExhvNqcOUz4Kvw== me@andreaskist.de" - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCo2z8zsI+YF3ho0hvYzzCZi05mNyjk4iFK08+nNFCdXSG07jmRROWzTcC2ysTKZ56XD2al2abLxy4FZfmDcu9b2zJoPnIiXv/Jw0TKeZ71OyN3bILtv+6Xj1FTJ+kAUMXBfEew7UCgZZ8u8RQsFmlhqB9XqCBXmzP7I2EM1wWSzwEAgG/k6C+Ir054JjAj+fLr/wBduD1GAe8bXXF3Ojiky8OMs2oJaoGV96mrVAtVN+ftfWSvHCK31Y/KgCoPDE4LdoTir1IRfx2pZUMPkyzRW/etXT0PKD96I+/3d1xNPzNNjFpd6GqADC3xnfY3WslNgjL7gqwsC9SlEyuT1Xkd lotho@mercurius" + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCo2z8zsI+YF3ho0hvYzzCZi05mNyjk4iFK08+nNFCdXSG07jmRROWzTcC2ysTKZ56XD2al2abLxy4FZfmDcu9b2zJoPnIiXv/Jw0TKeZ71OyN3bILtv+6Xj1FTJ+kAUMXBfEew7UCgZZ8u8RQsFmlhqB9XqCBXmzP7I2EM1wWSzwEAgG/k6C+Ir054JjAj+fLr/wBduD1GAe8bXXF3Ojiky8OMs2oJaoGV96mrVAtVN+ftfWSvHCK31Y/KgCoPDE4LdoTir1IRfx2pZUMPkyzRW/etXT0PKD96I+/3d1xNPzNNjFpd6GqADC3xnfY3WslNgjL7gqwsC9SlEyuT1Xkd lotho@mercurius" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClaVl9Fwp4wdGLeTZdfy5MpJf+hM6fpL1k6UmtYXWgVYU7tgmStdlpLlbyMQspoFRtT7/76n4kPwCmM0c82xNXaJJMuWa98pwMp+bAwSSdOGAP/vjfzL/TUAX+Xtrw6ehF7r1O+zqw/E/bWt6UezKj08wDLWjByzdDQwslJV6lrGek4mmYRdgmHHeZ1oG89ePEZJZOM6jcZqv0AfIj0NID3ir9Z0kz9uSSXb1279Qt4953mfjs5xwhtc1B7vrxJ3qtTZUsBoAkUkLeulUEIjkfn60wvDGu/66GP5ZClXyk2gck/ZNmtFYrQoqx9EtF1KK02cC17A0nfRySQy5BnfWn root@filebitch" ]; }; @@ -142,15 +143,19 @@ in { parity = toMapper 7; }; networking.nameservers = [ "8.8.8.8" ]; - #networking.interfaces.enp6s0f0.ip4 = [{ - # address = "151.217.173.20"; - # prefixLength = 22; - #}]; - #networking.defaultGateway = "151.217.172.1"; + # SPF + networking.defaultGateway = "151.217.176.1"; + networking.interfaces.enp6s0f0.ip4 = [{ + address = "151.217.178.63"; + prefixLength = 22; + }]; + + # Gigabit networking.interfaces.enp8s0f1.ip4 = [{ address = "192.168.126.1"; prefixLength = 24; }]; + #interfaces.enp6s0f1.ip4 = [{ # address = external-ip; # prefixLength = 22; diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index b66ef1ab8..1fe0b62f9 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -48,9 +48,15 @@ in { <stockholm/makefu/2configs/share/gum.nix> # <stockholm/makefu/2configs/sabnzbd.nix> <stockholm/makefu/2configs/torrent.nix> - <stockholm/makefu/2configs/iodined.nix> + <stockholm/makefu/2configs/mosh.nix> + + # network <stockholm/makefu/2configs/vpn/openvpn-server.nix> + <stockholm/makefu/2configs/vpn/vpnws/server.nix> <stockholm/makefu/2configs/dnscrypt/server.nix> + <stockholm/makefu/2configs/iodined.nix> + + # buildbot <stockholm/makefu/2configs/remote-build/slave.nix> ## Web @@ -103,15 +109,16 @@ in { #} { # wireguard server networking.firewall.allowedUDPPorts = [ 51820 ]; - #networking.wireguard.interfaces.wg0 = { - # ips = [ "10.244.0.1/24" ]; - # privateKeyFile = (toString <secrets>) + "/wireguard.key"; - # allowedIPsAsRoutes = true; - # peers = [{ - # allowedIPs = [ "0.0.0.0/0" "::/0" ]; - # publicKey = "fe5smvKVy5GAn7EV4w4tav6mqIAKhGWQotm7dRuRt1g="; - # }]; - #}; + networking.wireguard.interfaces.wg0 = { + ips = [ "10.244.0.1/24" ]; + privateKeyFile = (toString <secrets>) + "/wireguard.key"; + allowedIPsAsRoutes = true; + peers = [{ + # allowedIPs = [ "0.0.0.0/0" "::/0" ]; + allowedIPs = [ "10.244.0.2/32" ]; + publicKey = "fe5smvKVy5GAn7EV4w4tav6mqIAKhGWQotm7dRuRt1g="; + }]; + }; } ]; diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix index 4af87dc10..aaecebadc 100644 --- a/makefu/1systems/omo/config.nix +++ b/makefu/1systems/omo/config.nix @@ -47,6 +47,7 @@ in { <stockholm/makefu/2configs/exim-retiolum.nix> <stockholm/makefu/2configs/smart-monitor.nix> <stockholm/makefu/2configs/mail-client.nix> + <stockholm/makefu/2configs/mosh.nix> # <stockholm/makefu/2configs/disable_v6.nix> #<stockholm/makefu/2configs/graphite-standalone.nix> #<stockholm/makefu/2configs/share-user-sftp.nix> diff --git a/makefu/1systems/vbob/config.nix b/makefu/1systems/vbob/config.nix index f71634501..f318c0e61 100644 --- a/makefu/1systems/vbob/config.nix +++ b/makefu/1systems/vbob/config.nix @@ -3,37 +3,57 @@ krebs.build.host = config.krebs.hosts.vbob; makefu.awesome.modkey = "Mod1"; imports = - [ # Include the results of the hardware scan. + [ <stockholm/makefu> - (toString <nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix>) - (toString <nixpkgs/nixos/modules/virtualisation/virtualbox-guest.nix>) + { + imports = [<stockholm/makefu/2configs/fs/single-partition-ext4.nix> ]; + boot.loader.grub.device = "/dev/vda"; + } + # { + # imports = [ + # <nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix> + # ]; + # virtualbox.baseImageSize = 35 * 1024; + # fileSystems."/media/share" = { + # fsType = "vboxsf"; + # device = "share"; + # options = [ "rw" "uid=9001" "gid=9001" ]; + # }; + # } + + # { + # imports = [ + # <nixpkgs/nixos/modules/virtualisation/qemu-vm.nix> + # ]; + # fileSystems."/nix" = { + # device ="/dev/disk/by-label/nixstore"; + # fsType = "ext4"; + # }; + # } + + # base gui - <stockholm/makefu/2configs/main-laptop.nix> + # <stockholm/makefu/2configs/main-laptop.nix> + # <stockholm/makefu/2configs/tools/core-gui.nix> + + <stockholm/makefu/2configs/zsh-user.nix> # security <stockholm/makefu/2configs/sshd-totp.nix> # Tools <stockholm/makefu/2configs/tools/core.nix> - <stockholm/makefu/2configs/tools/core-gui.nix> <stockholm/makefu/2configs/tools/dev.nix> - <stockholm/makefu/2configs/tools/extra-gui.nix> - <stockholm/makefu/2configs/tools/sec.nix> + # <stockholm/makefu/2configs/tools/extra-gui.nix> + # <stockholm/makefu/2configs/tools/sec.nix> # environment <stockholm/makefu/2configs/tinc/retiolum.nix> - <stockholm/makefu/2configs/audio/jack-on-pulse.nix> - <stockholm/makefu/2configs/audio/realtime-audio.nix> - ]; networking.extraHosts = import (toString <secrets/extra-hosts.nix>); nixpkgs.config.allowUnfree = true; - fileSystems."/nix" = { - device ="/dev/disk/by-label/nixstore"; - fsType = "ext4"; - }; # allow vbob to deploy self users.extraUsers = { @@ -45,9 +65,13 @@ environment.shellAliases = { forti = "cat ~/vpn/pw.txt | xclip; sudo forticlientsslvpn"; }; - # TODO: for forticleintsslpn - # ln -s /r/current-system/sw/bin/pppd /usr/sbin/pppd - # ln -s /r/current-system/sw/bin/tail /usr/bin/tail + + system.activationScripts.prepare-fortclientvpnssl = '' + # TODO: for forticlientsslpn + mkdir -p /usr/{s,}bin + ln -fs ${pkgs.ppp}/bin/pppd /usr/sbin/pppd + ln -fs ${pkgs.coreutils}/bin/tail /usr/bin/tail + ''; environment.systemPackages = with pkgs;[ fortclientsslvpn ppp xclip get @@ -55,7 +79,6 @@ # docker #devpi-web #devpi-client - debmirror ansible ]; # virtualisation.docker.enable = true; @@ -67,10 +90,5 @@ 8010 ]; - fileSystems."/media/share" = { - fsType = "vboxsf"; - device = "share"; - options = [ "rw" "uid=9001" "gid=9001" ]; - }; } diff --git a/makefu/1systems/vbob/source.nix b/makefu/1systems/vbob/source.nix index 5b726e40b..5419215e2 100644 --- a/makefu/1systems/vbob/source.nix +++ b/makefu/1systems/vbob/source.nix @@ -1,4 +1,4 @@ import <stockholm/makefu/source.nix> { name="vbob"; - musnix = true; + # musnix = true; } diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix index c30ee4c58..f44211b93 100644 --- a/makefu/1systems/wbob/config.nix +++ b/makefu/1systems/wbob/config.nix @@ -32,10 +32,13 @@ in { <stockholm/makefu/2configs/remote-build/slave.nix> <stockholm/makefu/2configs/share/wbob.nix> + # Sensors <stockholm/makefu/2configs/stats/telegraf> <stockholm/makefu/2configs/deployment/led-fader.nix> <stockholm/makefu/2configs/stats/external/aralast.nix> <stockholm/makefu/2configs/stats/telegraf/airsensor.nix> + # <stockholm/makefu/2configs/stats/telegraf/bamstats.nix> + <stockholm/makefu/2configs/deployment/bureautomation> (let collectd-port = 25826; diff --git a/makefu/2configs/hw/tp-x2x0.nix b/makefu/2configs/hw/tp-x2x0.nix index 680545c99..f33c12a8f 100644 --- a/makefu/2configs/hw/tp-x2x0.nix +++ b/makefu/2configs/hw/tp-x2x0.nix @@ -5,6 +5,11 @@ with import <stockholm/lib>; imports = [ ./tpm.nix ]; + + boot.kernelModules = [ + "kvm-intel" + ]; + networking.wireless.enable = lib.mkDefault true; hardware.enableAllFirmware = true; diff --git a/makefu/2configs/mosh.nix b/makefu/2configs/mosh.nix new file mode 100644 index 000000000..1c2e34e0b --- /dev/null +++ b/makefu/2configs/mosh.nix @@ -0,0 +1,3 @@ +{ + programs.mosh.enable = true; +} diff --git a/makefu/2configs/stats/telegraf/airsensor.nix b/makefu/2configs/stats/telegraf/airsensor.nix index 09d23e7d4..9d481000f 100644 --- a/makefu/2configs/stats/telegraf/airsensor.nix +++ b/makefu/2configs/stats/telegraf/airsensor.nix @@ -1,11 +1,36 @@ { pkgs, ...}: - -{ +let + genTopic = name: topic: tags: { + servers = [ "tcp://localhost:1883" ]; + qos = 0; + connection_timeout = "30s"; + topics = [ topic ]; + tags = tags; + persistent_session = false; + name_override = name; + data_format = "value"; + data_type = "float"; + }; + bamStat = stat: # Temperature or Humidity + host: # easy{1-4} + sensor: # dht11, dht22, ds18 + (genTopic stat + "/bam/${host}/${sensor}/${stat}" + {"host" = host; + "scope" = "bam"; + "sensor" = sensor; + } ); + dht22 = host: [(bamStat "Temperature" host "dht22") + (bamStat "Humidity" host "dht22")]; + dht11 = host: [(bamStat "Temperature" host "dht11") + (bamStat "Humidity" host "dht11")]; + ds18 = host: [(bamStat "Temperature" host "ds18")]; +in { services.udev.extraRules = '' SUBSYSTEMS=="usb", ATTRS{product}=="iAQ Stick", GROUP="input" ''; users.users.telegraf.extraGroups = [ "input" ]; - services.telegraf.extraConfig.inputs.exec = [ + services.telegraf.extraConfig.inputs.exec = [ { commands = [ "${pkgs.airsensor-py}/bin/airsensor-py"]; timeout = "10s"; @@ -16,4 +41,9 @@ tags.unit="VOC"; } ]; + services.telegraf.extraConfig.inputs.mqtt_consumer = + (dht22 "easy1") + ++ (dht22 "easy2") + ++ (dht11 "easy3") + ++ (ds18 "easy3"); } diff --git a/makefu/2configs/tools/dev.nix b/makefu/2configs/tools/dev.nix index 0f8a76c29..04a65df26 100644 --- a/makefu/2configs/tools/dev.nix +++ b/makefu/2configs/tools/dev.nix @@ -21,5 +21,7 @@ gen-oath-safe cdrtools stockholm + # git-related + tig ]; } diff --git a/makefu/2configs/tools/mobility.nix b/makefu/2configs/tools/mobility.nix index 70d376608..1993a5212 100644 --- a/makefu/2configs/tools/mobility.nix +++ b/makefu/2configs/tools/mobility.nix @@ -2,6 +2,7 @@ { users.users.makefu.packages = with pkgs;[ go-mtpfs + mosh ]; boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ]; diff --git a/makefu/2configs/torrent.nix b/makefu/2configs/torrent.nix index d063ad3e3..a076479c2 100644 --- a/makefu/2configs/torrent.nix +++ b/makefu/2configs/torrent.nix @@ -8,13 +8,13 @@ let peer-port = 51412; web-port = 8112; daemon-port = 58846; - dl-dir = config.makefu.dl-dir; + torrent-dir = config.makefu.dl-dir; in { users.users = { download = { name = "download"; - home = dl-dir; + home = torrent-dir; uid = mkDefault (genid "download"); createHome = true; useDefaultShell = true; @@ -26,9 +26,9 @@ in { # todo: race condition, do this after download user has been created system.activationScripts."download-dir-chmod" = '' for i in finished watch torrents; do - mkdir -p "${dl-dir}/$i" - chown download:download "${dl-dir}/$i" - chmod 770 "${dl-dir}/$i" + mkdir -p "${torrent-dir}/$i" + chown download:download "${torrent-dir}/$i" + chmod 770 "${torrent-dir}/$i" done ''; @@ -54,9 +54,8 @@ in { rutorrent.enable = true; enableXMLRPC = true; listenPort = peer-port; - downloadDir = dl-dir + "/finished"; + workDir = torrent-dir; # dump old torrents into watch folder to have them re-added - watchDir = dl-dir +"/watch"; }; networking.firewall.extraCommands = '' diff --git a/makefu/5pkgs/vpn-ws/default.nix b/makefu/5pkgs/vpn-ws/default.nix index 71573384d..1f2e45fe4 100644 --- a/makefu/5pkgs/vpn-ws/default.nix +++ b/makefu/5pkgs/vpn-ws/default.nix @@ -8,7 +8,7 @@ stdenv.mkDerivation rec { owner = "unbit"; repo = "vpn-ws"; rev = version; - sha256 = "068vzrpzgksadb31khancnpkgzhdcr6kh6k9wgm77q68skwl3w0k"; + sha256 = "0k7338xxvg1k988zz3nb681nsqmfiik9bnkk7jmxjz7j0wfwq8nj"; }; patchPhase = '' |