15 files changed, 233 insertions, 5 deletions

diff --git a/makefu/2configs/audio/jack-on-pulse.nix b/makefu/2configs/audio/jack-on-pulse.nix
new file mode 100644
index 000000000..09d03ea9f
--- /dev/null
+++ b/makefu/2configs/audio/jack-on-pulse.nix
@@ -0,0 +1,45 @@
+{ config, pkgs, ... }:
+let
+  pulse = pkgs.pulseaudioFull;
+  user = config.makefu.gui.user;
+in
+{
+  sound.enable = true;
+  hardware.pulseaudio = {
+    enable = true;
+    package = pulse;
+  };
+
+  environment.systemPackages = with pkgs; [ jack2Full ];
+  # from http://anderspapitto.com/posts/2015-11-26-overtone-on-nixos-with-jack-and-pulseaudio.html
+
+  systemd.services = {
+    jackdbus = {
+      description = "Runs jack, and points pulseaudio at it";
+      serviceConfig = {
+        User = user;
+        Type = "oneshot";
+        ExecStart = pkgs.writeScript "start_jack.sh" ''
+          #! ${pkgs.bash}/bin/bash
+          . ${config.system.build.setEnvironment}
+          sleep 5 # wait for the gui to load
+
+          ${pkgs.jack2Full}/bin/jack_control start
+          sleep 3 # give some time for sources/sinks to be created
+
+          ${pulse}/bin/pacmd set-default-sink jack_out
+          ${pulse}/bin/pacmd set-default-source jack_in
+        '';
+        ExecStop = pkgs.writeScript "stop_jack.sh" ''
+          #! ${pkgs.bash}/bin/bash
+          . ${config.system.build.setEnvironment}
+
+          ${pkgs.jack2Full}/bin/jack_control stop
+        '';
+        RemainAfterExit = true;
+      };
+      after = [ "display-manager.service" "sound.target" ];
+      wantedBy = [ "multi-user.target" ];
+    };
+  };
+}
diff --git a/makefu/2configs/audio/realtime-audio.nix b/makefu/2configs/audio/realtime-audio.nix
new file mode 100644
index 000000000..d9709e4b7
--- /dev/null
+++ b/makefu/2configs/audio/realtime-audio.nix
@@ -0,0 +1,12 @@
+{ config, pkgs, ... }:
+let
+  user = config.makefu.gui.user;
+in
+{
+  imports = [
+    ../sources/musnix.nix # populate musnix
+    <musnix>
+  ];
+  musnix.enable = true;
+  users.users."${user}".extraGroups = [ "audio" ];
+}
diff --git a/makefu/2configs/avahi.nix b/makefu/2configs/avahi.nix
new file mode 100644
index 000000000..59f59fd80
--- /dev/null
+++ b/makefu/2configs/avahi.nix
@@ -0,0 +1,8 @@
+{ pkgs, ...}:
+{
+  services.avahi = {
+    enable = true;
+    wideArea = false;
+  };
+  environment.systemPackages = [ pkgs.avahi ];
+}
diff --git a/makefu/2configs/backup.nix b/makefu/2configs/backup.nix
index 9ed890326..1cc78bfc1 100644
--- a/makefu/2configs/backup.nix
+++ b/makefu/2configs/backup.nix
@@ -1,4 +1,4 @@
-{ config, lib, ... }:
+{ config, lib, pkgs, ... }:
 with import <stockholm/lib>;
 let
   # preparation:
@@ -32,4 +32,7 @@ in {
     # wry-to-omo_root = defaultPull config.krebs.hosts.wry "/";
     gum-to-omo_root = defaultPull config.krebs.hosts.gum "/";
   };
+  environment.systemPackages = [
+    pkgs.borgbackup
+  ];
 }
diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix
index 6cc891047..7d0faae94 100644
--- a/makefu/2configs/default.nix
+++ b/makefu/2configs/default.nix
@@ -22,7 +22,7 @@ with import <stockholm/lib>;
       user = config.krebs.users.makefu;
       source = let
           inherit (config.krebs.build) host user;
-          ref = "4fac473"; # unstable @ 2017-03-31 + command-not-found
+          ref = "0afb6d7"; # unstable @ 2017-05-09
       in {
         nixpkgs = if config.makefu.full-populate || (getEnv "dummy_secrets" == "true") then
           {
diff --git a/makefu/2configs/deployment/led-fader.nix b/makefu/2configs/deployment/led-fader.nix
new file mode 100644
index 000000000..a18416497
--- /dev/null
+++ b/makefu/2configs/deployment/led-fader.nix
@@ -0,0 +1,39 @@
+{ config, lib, pkgs, ... }:
+
+with import <stockholm/lib>;
+let
+  mq = "192.168.8.11";
+
+  pkg = pkgs.stdenv.mkDerivation {
+    name = "ampel-master";
+    src = pkgs.fetchgit {
+      url = "http://cgit.euer.krebsco.de/ampel";
+      rev = "07a6791de368e16cc0864d2676fd255eba522cee";
+      sha256 = "1jxjapvkfglvgapy7gjbr1nra3ay418nvz70bvypcmv7wc8d4h8q";
+    };
+    buildInputs = [
+      (pkgs.python35.withPackages (pythonPackages: with pythonPackages; [
+        docopt
+        paho-mqtt
+      ]))
+    ];
+    installPhase = ''
+      install -m755 -D fade.py  $out/bin/fade.py
+      install -m755 -D ampel.py $out/bin/ampel
+      install -m755 -D times.json $out/share/times.json
+    '';
+  };
+in {
+  systemd.services.led-fader  = {
+    description = "Send led change to message queue";
+    environment = {
+      NIX_PATH = "/var/src";
+    };
+    wantedBy = [ "multi-user.target" ];
+    serviceConfig = {
+      # User = "nobody"; # need a user with permissions to run nix-shell
+      ExecStart = "${pkg}/bin/ampel 4 ${pkg}/share/times.json";
+      PrivateTmp = true;
+    };
+  };
+}
diff --git a/makefu/2configs/git/cgit-retiolum.nix b/makefu/2configs/git/cgit-retiolum.nix
index 81a5cde81..96b6c303d 100644
--- a/makefu/2configs/git/cgit-retiolum.nix
+++ b/makefu/2configs/git/cgit-retiolum.nix
@@ -19,6 +19,7 @@ let
       cgit.desc = "Build new Stockholm hosts";
     };
     cac-api = { };
+    ampel = { };
     init-stockholm = {
       cgit.desc = "Init stuff for stockholm";
     };
diff --git a/makefu/2configs/base-gui.nix b/makefu/2configs/gui/base.nix
index 1a19ab36b..bf6bef29d 100644
--- a/makefu/2configs/base-gui.nix
+++ b/makefu/2configs/gui/base.nix
@@ -65,7 +65,7 @@ in
       cat |derp <<EOF
       XTerm*background: black
       XTerm*foreground: white
-      XTerm*FaceName  : xft:xos4 Terminus:pixelsize=14
+      XTerm*FaceName  : xft:xos4 Terminus:pixelsize=11
 
       URxvt*termName:         rxvt
       URxvt*saveLines:            10000
@@ -77,7 +77,7 @@ in
       URxvt.background: black
       URxvt.urgentOnBell: true
       URxvt.visualBell: false
-      URxvt.font : xft:xos4 Terminus:size=12
+      URxvt.font : xft:xos4 Terminus:size=11
 
 
       ! blue
diff --git a/makefu/2configs/gui/studio.nix b/makefu/2configs/gui/studio.nix
new file mode 100644
index 000000000..08157fda4
--- /dev/null
+++ b/makefu/2configs/gui/studio.nix
@@ -0,0 +1,22 @@
+{ config, lib, ... }:
+let
+  user = config.makefu.gui.user;
+in
+{
+  services.xserver.enable = true;
+  services.xserver.displayManager.sddm = {
+    enable = true;
+    autoLogin.enable = true;
+    autoLogin.user = user;
+  };
+  # services.xserver.windowMananger.default = "plasma5";
+  services.xserver.desktopManager = {
+    default = "plasma5";
+    plasma5.enable = true;
+  };
+
+  services.xserver.layout = "us";
+  services.xserver.xkbVariant = "altgr-intl";
+  services.xserver.xkbOptions = "ctrl:nocaps";
+
+}
diff --git a/makefu/2configs/urxvtd.nix b/makefu/2configs/gui/urxvtd.nix
index 286b87ab3..286b87ab3 100644
--- a/makefu/2configs/urxvtd.nix
+++ b/makefu/2configs/gui/urxvtd.nix
diff --git a/makefu/2configs/gui/wbob-kiosk.nix b/makefu/2configs/gui/wbob-kiosk.nix
new file mode 100644
index 000000000..4b7a0c333
--- /dev/null
+++ b/makefu/2configs/gui/wbob-kiosk.nix
@@ -0,0 +1,23 @@
+{ lib, ... }:
+{
+
+  imports = [
+      ./base.nix
+  ];
+  services.xserver = {
+    layout = lib.mkForce "de";
+
+    windowManager = lib.mkForce {
+      awesome.enable = false;
+      default = "none";
+    };
+    desktopManager.xfce.enable = true;
+
+    # xrandrHeads = [ "HDMI1" "HDMI2" ];
+    # prevent screen from turning off, disable dpms
+    displayManager.sessionCommands = ''
+      xset s off -dpms
+      xrandr --output HDMI2 --right-of HDMI1
+    '';
+  };
+}
diff --git a/makefu/2configs/main-laptop.nix b/makefu/2configs/main-laptop.nix
index eaf6dec97..827da0c8d 100644
--- a/makefu/2configs/main-laptop.nix
+++ b/makefu/2configs/main-laptop.nix
@@ -11,7 +11,7 @@ let
   user = config.krebs.build.user.name;
 in {
   imports = [
-    ./base-gui.nix
+    ./gui/base.nix
     ./fetchWallpaper.nix
     ./zsh-user.nix
     ./tools/core.nix
diff --git a/makefu/2configs/sources/default.nix b/makefu/2configs/sources/default.nix
new file mode 100644
index 000000000..232117aec
--- /dev/null
+++ b/makefu/2configs/sources/default.nix
@@ -0,0 +1,7 @@
+# the builder pc (my laptop) will also require the sources i use to deploy
+# other boxes
+{
+  imports = [
+    ./musnix.nix
+  ];
+}
diff --git a/makefu/2configs/sources/musnix.nix b/makefu/2configs/sources/musnix.nix
new file mode 100644
index 000000000..d02dd4a48
--- /dev/null
+++ b/makefu/2configs/sources/musnix.nix
@@ -0,0 +1,6 @@
+{
+  krebs.build.source.musnix.git = {
+    url = https://github.com/musnix/musnix.git;
+    ref = "37a8378";
+  };
+}
diff --git a/makefu/2configs/vncserver.nix b/makefu/2configs/vncserver.nix
new file mode 100644
index 000000000..c56b3e294
--- /dev/null
+++ b/makefu/2configs/vncserver.nix
@@ -0,0 +1,62 @@
+{config,lib,pkgs, ...}:
+with lib;
+let
+  pwfile = (toString <secrets>)+ "/vnc-password"; # create with `vncpasswd`
+  pwtmp = "/tmp/vnc-password";
+  # nixos-unstable tigervnc is currently broken :\
+  package = (import (fetchTarball https://github.com/NixOS/nixpkgs-channels/archive/nixos-17.03.tar.gz) {}).pkgs.tigervnc;
+  user = config.makefu.gui.user;
+  vnc_port = 5900;
+  web_port = 6080;
+in {
+  networking.firewall.allowedTCPPorts = [ 80 vnc_port web_port ];
+  systemd.services = {
+    terminal-server = {
+      description = "VNC Terminal Server";
+      after = [ "display-manager.service"  "graphical.target" ];
+      wantedBy = [ "multi-user.target" ];
+      serviceConfig = {
+        User = user;
+        Restart = "always";
+        ExecStartPre = pkgs.writeDash "terminal-pre" ''
+          sleep 5
+          install -m0700 -o ${user} ${pwfile} ${pwtmp}
+        '';
+        ExecStart = "${package}/bin/x0vncserver -display :0 -rfbport ${toString vnc_port} -passwordfile ${pwtmp}";
+        PermissionsStartOnly = true;
+        PrivateTmp = true;
+      };
+    };
+    terminal-web = {
+      description = "noVNC Web Server";
+      after = [ "terminal-server.service"  "graphical.target" "network.target" ];
+      wantedBy = [ "multi-user.target" ];
+      serviceConfig = {
+        User = "nobody";
+        ExecStart = "${pkgs.novnc}/bin/launch-novnc.sh --listen ${toString web_port} --vnc localhost:${toString vnc_port}";
+				PrivateTmp = true;
+      };
+    };
+  };
+  services.nginx.enable = true;
+  services.nginx.virtualHosts._.locations = {
+    "/" = {
+      root = "${pkgs.novnc}";
+      index = "vnc_auto.html";
+    };
+    "/websockify" = {
+      proxyPass = "http://127.0.0.1:6080/";
+      extraConfig = ''
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+
+        # VNC connection timeout
+        proxy_read_timeout 61s;
+
+        # Disable cache
+        proxy_buffering off;
+      '';
+    };
+  };
+}