diff options
| -rw-r--r-- | krebs/1systems/arcadeomat/config.nix | 87 | ||||
| -rw-r--r-- | krebs/1systems/arcadeomat/hw.nix | 25 | ||||
| -rw-r--r-- | krebs/2configs/shack/glados/automation/ampel.nix | 23 | ||||
| -rw-r--r-- | krebs/2configs/shack/glados/default.nix | 1 | ||||
| -rw-r--r-- | krebs/3modules/external/mic92.nix | 2 | ||||
| -rw-r--r-- | krebs/3modules/krebs/default.nix | 24 | ||||
| -rw-r--r-- | makefu/0tests/data/secrets/hass/tile.nix | 4 | ||||
| -rw-r--r-- | makefu/1systems/wbob/config.nix | 12 | ||||
| -rw-r--r-- | makefu/1systems/x/config.nix | 1 | ||||
| -rw-r--r-- | makefu/2configs/fs/sda-crypto-root.nix | 4 | ||||
| -rw-r--r-- | makefu/2configs/home/ham/automation/light_buttons.nix | 60 | ||||
| -rw-r--r-- | makefu/2configs/home/ham/default.nix | 1 | ||||
| -rw-r--r-- | makefu/2configs/home/ham/device_tracker/tile.nix | 10 | ||||
| -rw-r--r-- | makefu/2configs/home/ham/light/arbeitszimmer.nix | 20 | ||||
| -rw-r--r-- | makefu/2configs/nix-community/supervision.nix | 1 | ||||
| -rw-r--r-- | makefu/2configs/tools/extra-gui.nix | 3 | ||||
| -rw-r--r-- | makefu/2configs/urlwatch/default.nix | 6 |
17 files changed, 253 insertions, 31 deletions
diff --git a/krebs/1systems/arcadeomat/config.nix b/krebs/1systems/arcadeomat/config.nix new file mode 100644 index 000000000..8a2b0202e --- /dev/null +++ b/krebs/1systems/arcadeomat/config.nix @@ -0,0 +1,87 @@ +{ config,lib, pkgs, ... }: +let + shack-ip = config.krebs.build.host.nets.shack.ip4.addr; + ext-if = "et0"; + external-mac = "52:54:b0:0b:af:fe"; + mainUser = "krebs"; + +in +{ + imports = [ + ./hw.nix + <stockholm/krebs> + <stockholm/krebs/2configs> + + #<stockholm/krebs/2configs/binary-cache/nixos.nix> + #<stockholm/krebs/2configs/binary-cache/prism.nix> + + <stockholm/krebs/2configs/shack/ssh-keys.nix> + <stockholm/krebs/2configs/save-diskspace.nix> + <stockholm/krebs/2configs/shack/prometheus/node.nix> + + ]; + # use your own binary cache, fallback use cache.nixos.org (which is used by + # apt-cacher-ng in first place) + + # local discovery in shackspace + nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; }; + krebs.tinc.retiolum.extraConfig = "TCPOnly = yes"; + + + #networking = { + # firewall.enable = false; + # firewall.allowedTCPPorts = [ 8088 8086 8083 ]; + # interfaces."${ext-if}".ipv4.addresses = [ + # { + # address = shack-ip; + # prefixLength = 20; + # } + # ]; + + # defaultGateway = "10.42.0.1"; + # nameservers = [ "10.42.0.100" "10.42.0.200" ]; + #}; + + ##################### + # uninteresting stuff + ##################### + krebs.build.host = config.krebs.hosts.arcadeomat; + users.users."${mainUser}" = { + uid = 9001; + extraGroups = [ "audio" "video" ]; + isNormalUser = true; + }; + boot.kernel.sysctl = { + # Enable IPv6 Privacy Extensions + "net.ipv6.conf.all.use_tempaddr" = 2; + "net.ipv6.conf.default.use_tempaddr" = 2; + }; + + + time.timeZone = "Europe/Berlin"; + + # avahi + services.avahi = { + enable = true; + wideArea = false; + }; + environment.systemPackages = with pkgs;[ glxinfo sdlmame ]; + nixpkgs.config.allowUnfree = true; + hardware.nvidia.package = config.boot.kernelPackages.nvidiaPackages.legacy_340; + boot.kernelPackages = pkgs.linuxPackages_5_4; + + services.xserver = { + videoDrivers = [ "nvidia" ]; + enable = true; + windowManager = { + awesome.enable = true; + awesome.noArgb = true; + awesome.luaModules = [ pkgs.luaPackages.vicious ]; + }; + displayManager.defaultSession = lib.mkDefault "none+awesome"; + displayManager.autoLogin = { + enable = true; + user = mainUser; + }; + }; +} diff --git a/krebs/1systems/arcadeomat/hw.nix b/krebs/1systems/arcadeomat/hw.nix new file mode 100644 index 000000000..b24deeecb --- /dev/null +++ b/krebs/1systems/arcadeomat/hw.nix @@ -0,0 +1,25 @@ + +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "ahci" "ohci_pci" "ehci_pci" "pata_atiixp" "usbhid" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/0aae456e-0548-4917-a282-11d5d4e403cf"; + fsType = "ext4"; + }; + + swapDevices = [ ]; + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + boot.loader.grub.device = "/dev/sda"; + boot.loader.grub.copyKernels = true; + +} diff --git a/krebs/2configs/shack/glados/automation/ampel.nix b/krebs/2configs/shack/glados/automation/ampel.nix new file mode 100644 index 000000000..4be92a328 --- /dev/null +++ b/krebs/2configs/shack/glados/automation/ampel.nix @@ -0,0 +1,23 @@ +# needs: +# binary_sensor.lounge_ampel_status +# light.lounge_ampel_licht_rot + +let + glados = import ../lib; +in +{ + services.home-assistant.config.automation = + [ + { + alias = "Ampel Rotes Licht"; + initial_state = true; + trigger = { + platform = "state"; + entity_id = "binary_sensor.lounge_ampel_status"; + }; + action = { service = "light.turn_on"; + data.entity_id = "light.lounge_ampel_licht_rot"; + }; + } + ]; +} diff --git a/krebs/2configs/shack/glados/default.nix b/krebs/2configs/shack/glados/default.nix index 51c2ad94f..e7860338c 100644 --- a/krebs/2configs/shack/glados/default.nix +++ b/krebs/2configs/shack/glados/default.nix @@ -40,6 +40,7 @@ in { ./automation/shack-startup.nix ./automation/party-time.nix ./automation/hass-restart.nix + ./automation/ampel.nix ]; services.home-assistant = diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix index e83608385..0e6812a35 100644 --- a/krebs/3modules/external/mic92.nix +++ b/krebs/3modules/external/mic92.nix @@ -224,10 +224,8 @@ in { retiolum = { via = internet; addrs = [ - config.krebs.hosts.eve.nets.retiolum.ip4.addr config.krebs.hosts.eve.nets.retiolum.ip6.addr ]; - ip4.addr = "10.243.29.174"; aliases = [ "eve.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- diff --git a/krebs/3modules/krebs/default.nix b/krebs/3modules/krebs/default.nix index 776b893f5..f796f0323 100644 --- a/krebs/3modules/krebs/default.nix +++ b/krebs/3modules/krebs/default.nix @@ -187,6 +187,30 @@ in { ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPpVwKv9mQGfcn5oFwuitq+b6Dz4jBG9sGhVoCYFw5RY"; syncthing.id = "DK5CEE2-PNUXYCE-Q42H2HP-623GART-B7KS4VK-HU2RBGQ-EK6QPUP-HUL3PAR"; }; + arcadeomat = { + ci = true; + nets = { + retiolum = { + ip4.addr = "10.243.77.67"; + aliases = [ + "arcadeomat.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAzpXyEATt8+ElxPq650/fkboEC9RvTWqN6UIAl/R4Zu+uDhAZ2ekb + HBjoSbRxu/0w2I37nwWUhEOemxGm4PXCgWrtO0jeRF4nVNYu3ZBppA3vuVALUWq7 + apxRUEL9FdsWQlXGo4PVd20dGaDTi8M/Ggo755MStVTY0rRLluxyPq6VAa015sNg + 4NOFuWm0NDn4e+qrahTCTiSjbCU8rWixm0GktV40kdg0QAiFbEcRhuXF1s9/yojk + 7JT/nFg6LELjWUSSNZnioj5oSfVbThDRelIld9VaAKBAZZ5/zy6T2XSeDfoepytH + 8aw6itEuTCy1M1DTiTG+12SPPw+ubG+NqQIDAQAB + -----END RSA PUBLIC KEY----- + Ed25519PublicKey = n/HMlgTTyLa0fcXqSBO/G6sVOUYh2yZ5PfU4vLI9CJO + ''; + }; + }; + ssh.privkey.path = <secrets/ssh.id_ed25519>; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOu6EVN3928qWiWszqBUzOjeQJRvFozTBl4xAhBP/Ymc"; + }; wolf = { ci = true; nets = { diff --git a/makefu/0tests/data/secrets/hass/tile.nix b/makefu/0tests/data/secrets/hass/tile.nix new file mode 100644 index 000000000..cbcf433f7 --- /dev/null +++ b/makefu/0tests/data/secrets/hass/tile.nix @@ -0,0 +1,4 @@ +{ + username = "lol"; + password = "wut"; +} diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix index 550afbeae..60f4f7b72 100644 --- a/makefu/1systems/wbob/config.nix +++ b/makefu/1systems/wbob/config.nix @@ -100,7 +100,7 @@ in { networking.firewall.allowedUDPPorts = [ 655 ]; networking.firewall.allowedTCPPorts = [ 655 - 8081 #smokeping + 8081 # smokeping 49152 ]; networking.firewall.trustedInterfaces = [ "enp0s25" ]; @@ -111,15 +111,15 @@ in { # Port = 1655 # ''; #}; - boot.kernelPackages = pkgs.linuxPackages_latest; + #boot.kernelPackages = pkgs.linuxPackages_latest; # rt2870.bin wifi card, part of linux-unfree hardware.enableRedistributableFirmware = true; nixpkgs.config.allowUnfree = true; # rt2870 with nonfree creates wlp2s0 from wlp0s20u2 # not explicitly setting the interface results in wpa_supplicant to crash - networking.interfaces.virbr1.ipv4.addresses = [{ - address = "10.8.8.11"; - prefixLength = 24; - }]; + #networking.interfaces.virbr1.ipv4.addresses = [{ + # address = "10.8.8.11"; + # prefixLength = 24; + #}]; # nuc hardware } diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix index dee6bd70e..224277861 100644 --- a/makefu/1systems/x/config.nix +++ b/makefu/1systems/x/config.nix @@ -178,6 +178,7 @@ # temporary # { services.redis.enable = true; } # { services.mongodb.enable = true; } + # { services.elasticsearch.enable = true; } # <stockholm/makefu/2configs/deployment/nixos.wiki> # <stockholm/makefu/2configs/home/photoprism.nix> # <stockholm/makefu/2configs/dcpp/airdcpp.nix> diff --git a/makefu/2configs/fs/sda-crypto-root.nix b/makefu/2configs/fs/sda-crypto-root.nix index e49843cfe..54ee9f9e5 100644 --- a/makefu/2configs/fs/sda-crypto-root.nix +++ b/makefu/2configs/fs/sda-crypto-root.nix @@ -16,8 +16,8 @@ loader.grub.version = 2; loader.grub.device = lib.mkDefault "/dev/sda"; - initrd.luks.cryptoModules = ["aes" "sha512" "sha1" "xts" ]; - initrd.availableKernelModules = ["xhci_hcd" "ehci_pci" "ahci" "usb_storage" ]; + #initrd.luks.cryptoModules = ["aes" "sha512" "sha1" "xts" ]; + initrd.availableKernelModules = ["cbc" "hmac" "sha256" "rng" "aes" "encrypted_keys" "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ]; }; fileSystems = { "/" = { diff --git a/makefu/2configs/home/ham/automation/light_buttons.nix b/makefu/2configs/home/ham/automation/light_buttons.nix index 62fc87bb4..1892917c4 100644 --- a/makefu/2configs/home/ham/automation/light_buttons.nix +++ b/makefu/2configs/home/ham/automation/light_buttons.nix @@ -1,27 +1,53 @@ let inherit (import ../lib) btn_cycle_light; - turn_off_all = btn: #lights: - { - alias = "Turn of all lights via ${btn} double click"; - trigger = { - platform = "state"; - entity_id = "sensor.${btn}_click"; - to = "double"; - }; - action = { - service = "light.turn_off"; - #entity_id = lights; - entity_id = "all"; - }; - }; in { services.home-assistant.config.automation = [ # (btn_cycle_light "light.arbeitszimmerbeleuchtung" "arbeitszimmer_btn1") (btn_cycle_light "light.schlafzimmer_komode_osram" "schlafzimmer_btn2" 128) - - (btn_cycle_light "light.keller_osram" "keller_btn1" 128) + { + alias = "toggle keller"; + trigger = { + platform = "state"; + entity_id = "sensor.keller_btn1_click"; + to = "single"; + }; + action = { + service = "light.toggle"; + #entity_id = lights; + data = { + entity_id = "light.keller_osram"; + brightness = 255; + }; + }; + } + { + alias = "low brightness keller with doubleclick"; + trigger = { + platform = "state"; + entity_id = "sensor.keller_btn1_click"; + to = "double"; + }; + action = { + service = "light.toggle"; + data = { + entity_id = "light.keller_osram"; + brightness = 50; + }; + }; + } # (btn_cycle_light "light.wohnzimmerbeleuchtung" "wohnzimmer_btn3") - (turn_off_all "schlafzimmer_btn2" ) + { + alias = "Turn of all lights via schlafzimmer_btn2 double click"; + trigger = { + platform = "state"; + entity_id = "sensor.schlafzimmer_btn2_click"; + to = "double"; + }; + action = { + service = "light.turn_off"; + entity_id = "all"; + }; + } ]; } diff --git a/makefu/2configs/home/ham/default.nix b/makefu/2configs/home/ham/default.nix index 6ab3cd46c..e17cfc35d 100644 --- a/makefu/2configs/home/ham/default.nix +++ b/makefu/2configs/home/ham/default.nix @@ -23,6 +23,7 @@ in { # ./multi/fliegen-couter.nix ./device_tracker/openwrt.nix + ./device_tracker/tile.nix ./sensor/outside.nix diff --git a/makefu/2configs/home/ham/device_tracker/tile.nix b/makefu/2configs/home/ham/device_tracker/tile.nix new file mode 100644 index 000000000..ad1e6c15d --- /dev/null +++ b/makefu/2configs/home/ham/device_tracker/tile.nix @@ -0,0 +1,10 @@ +{ + + services.home-assistant.config.device_tracker = + [ + { inherit (import <secrets/hass/tile.nix>) username password; + platform = "tile"; + show_inactive = true; + } + ]; +} diff --git a/makefu/2configs/home/ham/light/arbeitszimmer.nix b/makefu/2configs/home/ham/light/arbeitszimmer.nix index bc60678b3..45fbfb57b 100644 --- a/makefu/2configs/home/ham/light/arbeitszimmer.nix +++ b/makefu/2configs/home/ham/light/arbeitszimmer.nix @@ -6,7 +6,8 @@ let ]; arbeitszimmerbeleuchtung = [ "light.arbeitszimmer_schrank_dimmer" - "light.arbeitszimmer_kerze" # arbeitszimmer_kerze + "light.arbeitszimmer_kerze" + "light.arbeitszimmer_pflanzenlicht" ]; in { services.home-assistant.config.light = [ @@ -20,5 +21,22 @@ in { name = "Arbeitszimmer Deko"; entities = arbeitszimmer_deko; } + { platform = "switch"; + name = "Arbeitszimmer Pflanzenlicht"; + entity_id = "switch.arbeitszimmer_stecker1"; + } + ]; + services.home-assistant.config.automation = [ + { + alias = "Toggle Arbeitszimmerbeleuchtung via Remote"; + trigger = { + platform = "state"; + entity_id = "sensor.arbeitszimmer_remote1_action"; + }; + action = { + service = "light.toggle"; + data.entity_id = "light.arbeitszimmerbeleuchtung"; + }; + } ]; } diff --git a/makefu/2configs/nix-community/supervision.nix b/makefu/2configs/nix-community/supervision.nix index f648b9c17..cd4b6567b 100644 --- a/makefu/2configs/nix-community/supervision.nix +++ b/makefu/2configs/nix-community/supervision.nix @@ -6,6 +6,7 @@ in { networking.firewall.extraCommands = '' iptables -A INPUT -i retiolum -p tcp --dport ${port} -j ACCEPT + ip6tables -A INPUT -i retiolum -p tcp --dport ${port} -j ACCEPT ''; services.telegraf = { diff --git a/makefu/2configs/tools/extra-gui.nix b/makefu/2configs/tools/extra-gui.nix index 763603dfd..4bd0c25f4 100644 --- a/makefu/2configs/tools/extra-gui.nix +++ b/makefu/2configs/tools/extra-gui.nix @@ -20,6 +20,9 @@ # rambox vscode + + # 3d Modelling chitubox + freecad ]; } diff --git a/makefu/2configs/urlwatch/default.nix b/makefu/2configs/urlwatch/default.nix index 93424815d..3620bc568 100644 --- a/makefu/2configs/urlwatch/default.nix +++ b/makefu/2configs/urlwatch/default.nix @@ -34,9 +34,9 @@ in { https://pypi.python.org/simple/pyserial/ https://pypi.python.org/simple/semantic_version/ # weird shit - { url = "https://www.zigbee2mqtt.io/information/supported_adapters.html"; - filter = "html2text"; - } + #{ url = "https://www.zigbee2mqtt.io/guide/adapters/"; + # filter = "html2text"; + #} http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/ https://erdgeist.org/gitweb/opentracker/info/refs?service=git-upload-pack |