diff options
Diffstat (limited to 'makefu/2configs')
40 files changed, 849 insertions, 199 deletions
diff --git a/makefu/2configs/bgt/download.binaergewitter.de.nix b/makefu/2configs/bgt/download.binaergewitter.de.nix index 1cf21f213..d49ad158b 100644 --- a/makefu/2configs/bgt/download.binaergewitter.de.nix +++ b/makefu/2configs/bgt/download.binaergewitter.de.nix @@ -59,6 +59,11 @@ in { systemd.services.nginx.serviceConfig.ReadWritePaths = [ "/var/spool/nginx/logs/" ]; + security.acme.certs."download.binaergewitter.de" = { + dnsProvider = "cloudflare"; + credentialsFile = toString <secrets/lego-binaergewitter>; + webroot = lib.mkForce null; + }; services.nginx = { appendHttpConfig = '' @@ -70,6 +75,8 @@ in { recommendedGzipSettings = true; recommendedOptimisation = true; virtualHosts."download.binaergewitter.de" = { + addSSL = true; + enableACME = true; serverAliases = [ "dl2.binaergewitter.de" ]; root = "/var/www/binaergewitter"; extraConfig = '' diff --git a/makefu/2configs/bitlbee.nix b/makefu/2configs/bitlbee.nix index 52b5d68a5..21626d406 100644 --- a/makefu/2configs/bitlbee.nix +++ b/makefu/2configs/bitlbee.nix @@ -2,7 +2,7 @@ { services.bitlbee = { enable = true; - libpurple_plugins = [ pkgs.telegram-purple pkgs.pidgin-skypeweb]; + # libpurple_plugins = [ pkgs.telegram-purple pkgs.pidgin-skypeweb]; }; users.users.makefu.packages = with pkgs; [ weechat tmux ]; state = [ "/var/lib/bitlbee" ]; diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix index 7905cf4eb..66c77e1eb 100644 --- a/makefu/2configs/default.nix +++ b/makefu/2configs/default.nix @@ -52,6 +52,7 @@ with import <stockholm/lib>; gnumake rxvt_unicode.terminfo htop + nix-output-monitor ]; programs.bash.enableCompletion = true; @@ -86,8 +87,9 @@ with import <stockholm/lib>; ''; environment.pathsToLink = [ "/share" ]; security.acme = { - email = "letsencrypt@syntax-fehler.de"; + defaults.email = "letsencrypt@syntax-fehler.de"; acceptTerms = true; }; system.stateVersion = lib.mkDefault "20.03"; + services.postgresql.package = pkgs.postgresql_14; } diff --git a/makefu/2configs/deployment/owncloud.nix b/makefu/2configs/deployment/owncloud.nix index e5c7e48de..b660720e5 100644 --- a/makefu/2configs/deployment/owncloud.nix +++ b/makefu/2configs/deployment/owncloud.nix @@ -57,7 +57,7 @@ systemd.services.postgresqlBackup-nextcloud.serviceConfig.SupplementaryGroups = users.users.nextcloud.extraGroups = [ "download" ]; services.nextcloud = { enable = true; - package = pkgs.nextcloud23; + package = pkgs.nextcloud24; hostName = "o.euer.krebsco.de"; # Use HTTPS for links https = true; diff --git a/makefu/2configs/home/3dprint.nix b/makefu/2configs/home/3dprint.nix new file mode 100644 index 000000000..859a18840 --- /dev/null +++ b/makefu/2configs/home/3dprint.nix @@ -0,0 +1,45 @@ +{ pkgs, ... }: +{ + services.mjpg-streamer = { + enable = true; + inputPlugin = "input_uvc.so -d /dev/web_cam -r 1280x960"; + }; + users.users.octoprint.extraGroups = [ "video" ]; + # allow octoprint to access /dev/vchiq + # also ensure that the webcam always comes up under the same name + services.udev.extraRules = '' + SUBSYSTEM=="vchiq",GROUP="video",MODE="0660" + SUBSYSTEM=="video4linux", ATTR{name}=="UVC Camera (046d:0825)",SYMLINK+="web_cam", MODE="0666", GROUP="video" + ''; + systemd.services.octoprint = { + path = [ pkgs.libraspberrypi ]; + }; + services.octoprint = { + enable = true; + plugins = plugins: with plugins;[ + costestimation + displayprogress + mqtt + stlviewer + themeify + # octolapse + (buildPlugin rec { + pname = "OctoPrint-HomeAssistant"; + version = "3.6.2"; + src = pkgs.fetchFromGitHub { + owner = "cmroche"; + repo = pname; + rev = version; + hash = "sha256-oo9OBmHoJFNGK7u9cVouMuBuUcUxRUrY0ppRq0OS1ro="; + }; + }) + ]; + extraConfig.plugins.mqtt.broker = { + url = "omo.lan"; + # TODO TODO TODO + username = "hass"; + password = "lksue43jrf"; + # TODO TODO TODO + }; + }; +} diff --git a/makefu/2configs/home/ham/automation/buttonboard.nix b/makefu/2configs/home/ham/automation/buttonboard.nix new file mode 100644 index 000000000..533311fc5 --- /dev/null +++ b/makefu/2configs/home/ham/automation/buttonboard.nix @@ -0,0 +1,4 @@ +# good, bad radio +# stop +# start radio +# lauter, leister diff --git a/makefu/2configs/home/ham/automation/bye.txt.j2 b/makefu/2configs/home/ham/automation/bye.txt.j2 new file mode 100644 index 000000000..8a5ba7257 --- /dev/null +++ b/makefu/2configs/home/ham/automation/bye.txt.j2 @@ -0,0 +1,2 @@ +Endlich ist Pappa fertig mit arbeit! +Heute hast du {{ states("sensor.felix_at_work_today") |round(1) }} Stunden gearbeitet. diff --git a/makefu/2configs/home/ham/automation/check-in.nix b/makefu/2configs/home/ham/automation/check-in.nix index d589a6971..db051757e 100644 --- a/makefu/2configs/home/ham/automation/check-in.nix +++ b/makefu/2configs/home/ham/automation/check-in.nix @@ -7,6 +7,21 @@ let in { services.home-assistant.config.input_boolean.felix_at_work.name = "Felix auf Arbeit"; + services.home-assistant.config.timer.felix_at_work = { + name = "Felix auf Arbeit Timer"; + duration = "10:00:00"; + }; + services.home-assistant.config.sensor = [ + { + platform = "history_stats"; + name = "Felix at work today"; + entity_id = "input_boolean.felix_at_work"; + state = "on"; + type = "time"; + start = "{{ now().replace(hour=0, minute=0, second=0) }}"; + end = "{{ now() }}"; + } + ]; services.home-assistant.config.script.start_office_radio.sequence = [ { service = "media_player.play_media"; @@ -19,13 +34,41 @@ in ]; services.home-assistant.config.automation = [ - { service = "media_player.play_media"; - data = { - media_content_id = "http://radio.lassul.us:8000/radio.mp3"; - media_content_type = "music"; - }; - target.entity_id = "media_player.office"; - } + { alias = "Zu lange Felix!"; + trigger = + { platform = "event"; + event_type = "timer.finished"; + event_data.entity_id = "timer.felix_at_work"; + }; + + condition = + { + condition = "state"; + entity_id = at_work; + state = "off"; + }; + + action = (say "Felix, die zehn Stunden sind um, aufhören jetzt"); + } + { alias = "Turn off at work sensor"; + trigger = [ + { platform = "time"; at = "00:00:00"; } + ]; + condition = + { + condition = "state"; + entity_id = at_work; + state = "off"; + }; + action = + [ + # felix forgot to stamp out ... + { + service = "homeassistant.turn_off"; + entity_id = [ at_work ]; + } + ]; + } { alias = "Push Check-in Button Felix with button"; trigger = [ { @@ -54,15 +97,12 @@ in { service = "homeassistant.turn_on"; entity_id = at_work; } - ] ++ (say "Willkommen auf Arbeit") ++ - [ - { service = "media_player.play_media"; - data = { - media_content_id = "http://radio.lassul.us:8000/radio.mp3"; - media_content_type = "music"; - }; - target.entity_id = "media_player.office"; + { service = "timer.start"; + entity_id = [ "timer.felix_at_work" ] ; } + ] ++ (say (builtins.readFile ./welcome.txt.j2)) ++ + [ + { service = "script.start_office_radio"; } ]; } { @@ -78,7 +118,12 @@ in { service = "homeassistant.turn_off"; entity_id = at_work; } - ] ++ (say "Endlich ist Pappa fertig mit arbeit!"); + ] ++ (say (builtins.readFile ./bye.txt.j2)) ++ + [ + { service = "timer.stop"; + entity_id = [ "timer.felix_at_work" ] ; + } + ]; } ]; } diff --git a/makefu/2configs/home/ham/automation/daily_speedtext.nix b/makefu/2configs/home/ham/automation/daily_speedtext.nix new file mode 100644 index 000000000..70d59f6e1 --- /dev/null +++ b/makefu/2configs/home/ham/automation/daily_speedtext.nix @@ -0,0 +1,17 @@ +{ + services.home-assistant.config.automation = + [ + { + trigger = [ + { platform = "time"; at = "03:21"; } + ]; + action = + [ + { + service = "speedtestdotnet.speedtest"; + } + ]; + } + ]; + +} diff --git a/makefu/2configs/home/ham/automation/fenster_auf.nix b/makefu/2configs/home/ham/automation/fenster_auf.nix index fa2052be8..b3682fe0c 100644 --- a/makefu/2configs/home/ham/automation/fenster_auf.nix +++ b/makefu/2configs/home/ham/automation/fenster_auf.nix @@ -4,6 +4,11 @@ # binary_sensor.badezimmer_fenster_contact # binary_sensor.dusche_fenster_contact let + hlib = import ../lib; + say = hlib.say.office; + draussen = "sensor.wohnzimmer_temp_temperature"; + draussen_diff = "sensor.unterschied_draussen_drinnen"; + draussen_heiss = 23; min = 20; fenster_offen = name: entity: { alias = "${name} seit ${toString min} Minuten offen"; @@ -16,10 +21,6 @@ let } ]; condition = [ - { condition = "state"; - entity_id = "input_boolean.ist_sommer"; - state = "off"; - } ]; action = [ @@ -67,6 +68,17 @@ let }; in { services.home-assistant.config = { + template = [ + { sensor = { + name = "Unterschied Draussen Drinnen"; + unit_of_measurement = "°C"; + state = '' + {% set inside = states("${draussen}") | float | round(2) -%} + {% set outside = states("sensor.dark_sky_temperature") | float | round(2) -%} + {{ ((outside - inside) | round(1) )}}''; + }; + } + ]; sensor = [ { platform = "season"; type = "meteorological";} ]; @@ -86,6 +98,41 @@ in { (fenster_offen "Badezimmerfenster" "binary_sensor.badezimmer_fenster_contact") (fenster_offen "Duschfenster" "binary_sensor.dusche_fenster_contact") + + { alias = "Draussen ist wieder kaelter"; + trigger = [ + { + platform = "numeric_state"; + entity_id = draussen_diff; + below = 0; + for.minutes = 20; + } + ]; + condition = [ + { condition = "numeric_state"; + entity_id = draussen; + above = draussen_heiss; + } + ]; + action = (say "Draussen ist es endlich kühler, jetzt kann man die Fenster auf machen"); + } + { alias = "Draussen ist zu warm"; + trigger = [ + { + platform = "numeric_state"; + entity_id = draussen_diff; + above = 0; + for.minutes = 20; + } + ]; + condition = [ + { condition = "numeric_state"; + entity_id = draussen; + above = draussen_heiss; + } + ]; + action = (say "Draussen wird es jetzt zu warm, besser das fenster schliessen"); + } ]; }; } diff --git a/makefu/2configs/home/ham/automation/firetv_restart.nix b/makefu/2configs/home/ham/automation/firetv_restart.nix index 12e0e845a..01d1ba6e9 100644 --- a/makefu/2configs/home/ham/automation/firetv_restart.nix +++ b/makefu/2configs/home/ham/automation/firetv_restart.nix @@ -20,17 +20,17 @@ in action = [ (cmd "reboot") (sec 90) # go to my music because apparently select_source does not seem to always work - (cmd "HOME") - (sec 2) - (cmd "DOWN") - (sec 2) - (cmd "DOWN") - (sec 2) - (cmd "ENTER") - (sec 4) - (cmd "RIGHT") - (sec 2) - (cmd "RIGHT") + #(cmd "HOME") + #(sec 2) + #(cmd "DOWN") + #(sec 2) + #(cmd "DOWN") + #(sec 2) + #(cmd "ENTER") + #(sec 4) + #(cmd "RIGHT") + #(sec 2) + #(cmd "RIGHT") ]; } ]; diff --git a/makefu/2configs/home/ham/automation/flurlicht.nix b/makefu/2configs/home/ham/automation/flurlicht.nix index aa62ab9e4..bb4877100 100644 --- a/makefu/2configs/home/ham/automation/flurlicht.nix +++ b/makefu/2configs/home/ham/automation/flurlicht.nix @@ -32,12 +32,16 @@ in [ { choose = [ (lightcond "Badezimmer Fenster Auf" - { condition = "state"; entity_id = "binary_sensor.badezimmer_fenster_contact"; state = "on"; } - [ 64 207 255 ] 255 # helblau + [ { condition = "state"; entity_id = "binary_sensor.badezimmer_fenster_contact"; state = "on"; } + { condition = "state"; entity_id = "input_boolean.ist_sommer"; state = "off"; } + + ] + [ 64 207 255 ] 128 # hellblau ) (lightcond "Duschenster auf" - { condition = "state"; entity_id = "binary_sensor.dusche_fenster_contact"; state = "on"; } - [ 64 207 255 ] 255 # helblau + [ { condition = "state"; entity_id = "binary_sensor.dusche_fenster_contact"; state = "on"; } + { condition = "state"; entity_id = "input_boolean.ist_sommer"; state = "off"; } ] + [ 64 207 255 ] 128 # hellblau ) (lightcond "Nachtlicht" { condition = "state"; entity_id = "sun.sun"; state = "below_horizon"; } diff --git a/makefu/2configs/home/ham/automation/shutdown_button.nix b/makefu/2configs/home/ham/automation/shutdown_button.nix index 4c12be277..ec1a25567 100644 --- a/makefu/2configs/home/ham/automation/shutdown_button.nix +++ b/makefu/2configs/home/ham/automation/shutdown_button.nix @@ -1,5 +1,8 @@ let btn = "sensor.arbeitszimmer_btn1_action"; + lib = import ../lib; + say = lib.say.living_room; + all_lights = [ # Wohnzimmer "light.wled" @@ -21,6 +24,8 @@ let all_media_player = [ "media_player.living_room" "media_player.office" + "media_player.bedroom" + ]; in { services.home-assistant.config.automation = @@ -30,13 +35,13 @@ in { { platform = "state"; entity_id = btn; - to = "on"; + to = "single"; } ]; condition = [ ]; - action = [ + action = (say "Alles Aus" )++ [ { - service = "home_assistant.turn_off"; + service = "light.turn_off"; target.entity_id = all_lights; } { service = "media_player.media_stop"; diff --git a/makefu/2configs/home/ham/automation/urlaub.nix b/makefu/2configs/home/ham/automation/urlaub.nix index c11c589cf..7f47c9da5 100644 --- a/makefu/2configs/home/ham/automation/urlaub.nix +++ b/makefu/2configs/home/ham/automation/urlaub.nix @@ -4,7 +4,10 @@ # "all" lights let - schranklicht = "light.wohnzimmer_schrank_osram"; + schranklicht = [ + "light.wohnzimmer_schrank_osram" + "light.wohnzimmer_komode_osram" + ]; weihnachtslicht = "light.wohnzimmer_fenster_lichterkette_licht"; fernsehlicht = "light.wled"; @@ -24,7 +27,7 @@ let turn_on = entity_id: offset: # negative offset => before sunset - { alias = "Turn on ${entity_id} at sunset ${offset}"; + { alias = "Turn on ${toString entity_id} at sunset ${offset}"; trigger = [ { platform = "sun"; event = "sunset"; inherit offset; } ]; diff --git a/makefu/2configs/home/ham/automation/welcome.txt.j2 b/makefu/2configs/home/ham/automation/welcome.txt.j2 new file mode 100644 index 000000000..76091b868 --- /dev/null +++ b/makefu/2configs/home/ham/automation/welcome.txt.j2 @@ -0,0 +1,45 @@ +{% set arbeit_heute = is_state("binary_sensor.arbeitstag","on") -%} +{% set weekday = ['Montag','Dienstag','Mittwoch','Donnerstag','Freitag','Samstag','Sonntag'][now().weekday()] -%} +{% set is_friday = now().weekday() == 4 %} + +{% if not arbeit_heute %} +Heute ist {{ weekday }}, du solltest gar nicht arbeiten! +{% else %} +Willkommen auf Arbeit Felix. +{% endif -%} +Das aktuell gewählte Projekt ist {{ states("sensor.felix_project") }}. + +{% set inside = states("sensor.wohnzimmer_temp_temperature") | float | round(2) -%} +{% set outside = states("sensor.dark_sky_temperature") | float | round(2) -%} +{% set arbeit_morgen = is_state("binary_sensor.arbeitstag_morgen","on") -%} + +Die Wetteraussichten: {{ states("sensor.dark_sky_hourly_summary") | replace(".","")}} bei {{ states("sensor.dark_sky_temperature") }} Grad mit {{ states("sensor.dark_sky_humidity") | round(0) }}% Luftfeuchtigkeit. +{% if states("calendar.abfall_papiermuell") == "on" %} +Heute ist Papiermuell, bring noch schnell dein Papier raus +{% endif %} +{% if states("calendar.abfall_restmuell") == "on" %} +Ausserdem ist heute Restmuell. +{% endif -%} + +{% if ( outside < inside ) and ( outside > 18 ) %} +Draussen ist es gerade {{ ((inside - outside) | round(1) )}} gerade kühler +{% endif -%} + +{% set current_count = state_attr("sensor.dwd_weather_warnings_current_warning_level", "warning_count") %} +{% for i in range(current_count) %} +{% set idx = i + 1 %} + {% set headline = state_attr("sensor.dwd_weather_warnings_current_warning_level", "warning_" ~ idx ~ "_headline") %} + {% set description = state_attr("sensor.dwd_weather_warnings_current_warning_level", "warning_" ~ idx ~ "_description") %} + {% set level = state_attr("sensor.dwd_weather_warnings_current_warning_level", "warning_" ~ idx ~ "_level") %} + {% set time_start = state_attr("sensor.dwd_weather_warnings_current_warning_level", "warning_" ~ idx ~ "_start") %} + {% set time_end = state_attr("sensor.dwd_weather_warnings_current_warning_level", "warning_" ~ idx ~ "_end") %} +Wetterwarnung {{idx}}: {{ headline }} Stufe {{level}} von {{ time_start.strftime("%H:%M") ~ " bis " ~ time_end.strftime("%H:%M") }} Uhr + +{{ description }} +{% endfor %} + +{% if is_friday %} +Endlich ist Freitag! +{% elif not arbeit_morgen %} +Morgen ist Feiertag, also nicht versehentlich arbeiten +{% endif -%} diff --git a/makefu/2configs/home/ham/default.nix b/makefu/2configs/home/ham/default.nix index f54fd32f7..b08152935 100644 --- a/makefu/2configs/home/ham/default.nix +++ b/makefu/2configs/home/ham/default.nix @@ -24,13 +24,17 @@ in { ./device_tracker/tile.nix ./sensor/outside.nix + ./sensor/pollen.nix + ./sensor/dwd.nix ./calendar/nextcloud.nix ./media/firetv.nix ./media/sonos.nix + ./media/schlafzimmer_music_remote.nix ./media/remote_sound_wohnzimmer.nix ./media/remote_sound_arbeitszimmer.nix + ./media/arbeitszimmer_matrix.nix ./automation/check-in.nix ./automation/fenster_auf.nix @@ -41,9 +45,12 @@ in { ./automation/flurlicht.nix ./automation/giesskanne.nix ./automation/pflanzen_giessen_erinnerung.nix - ./automation/urlaub.nix + # ./automation/urlaub.nix ./automation/moodlight.nix ./automation/shutdown_button.nix + ./automation/project_tracker.nix + ./automation/daily_speedtext.nix + ./light/arbeitszimmer.nix ./light/schlafzimmer.nix @@ -53,18 +60,14 @@ in { ]; services.home-assistant = { - package = (pkgs.home-assistant.overrideAttrs (old: { - doInstallCheck = false; - })).override { - extraPackages = p: [ - (p.callPackage ./deps/dwdwfsapi.nix {}) - # (p.callPackage ./signal-rest/pkg.nix {}) - (p.callPackage ./deps/pykodi.nix {}) - ]; - }; + extraComponents = [ "mobile_app" ]; + extraPackages = python3Packages: with python3Packages; [ pytz ]; config = { + default_config = {}; # for sonos aiodiscover + influxdb = { + api_version = 1; database = "ham"; host = "localhost"; tags = { @@ -87,6 +90,25 @@ in { { type = "homeassistant"; } ]; }; + binary_sensor = [ + { platform = "workday"; + name = "Arbeitstag"; + country = "DE"; + province = "BW"; + } + { platform = "workday"; + name = "Arbeitstag Morgen"; + country = "DE"; + province = "BW"; + days_offset = 1; + } + { platform = "workday"; + name = "Arbeitstag Gestern"; + country = "DE"; + province = "BW"; + days_offset = 1; + } + ]; discovery = {}; conversation = {}; history = {}; @@ -141,22 +163,19 @@ in { retain = true; }; }; - #luftdaten = { - # show_on_map = true; - # sensor_id = 10529; - # sensors.monitored_conditions = [ "P1" "P2" ]; - #}; + luftdaten = { + # show_on_map = true; + sensor_id = 72935; + # sensors.monitored_conditions = [ "P1" "P2" ]; + }; #binary_sensor = # flurlicht.binary_sensor; sensor = [ - { platform = "speedtestdotnet"; - scan_interval.hours = 6; - monitored_conditions = [ "ping" "download" "upload" ]; - } # https://www.home-assistant.io/cookbook/automation_for_rainy_days/ ]; frontend = { }; + speedtestdotnet = { }; http = { use_x_forwarded_for = true; #server_host = "127.0.0.1"; @@ -167,6 +186,7 @@ in { switch = []; automation = []; script = { }; + media_source = {}; }; enable = true; configDir = hassdir; diff --git a/makefu/2configs/home/ham/lib/default.nix b/makefu/2configs/home/ham/lib/default.nix index 67e8e902d..cf1c32abd 100644 --- a/makefu/2configs/home/ham/lib/default.nix +++ b/makefu/2configs/home/ham/lib/default.nix @@ -14,7 +14,7 @@ in { service = "tts.google_say"; data = { - entity_id = entity; + entity_id = entity; inherit message; language = "de"; }; @@ -27,10 +27,7 @@ in #} { delay.seconds = 1; } { delay = '' - {% set duration = states.${entity}.attributes.media_duration %} - {% if duration > 0 %} - {% set duration = duration - 1 %} - {% endif %} + {% set duration = state_attr("${entity}","media_duration") %} {% set seconds = duration % 60 %} {% set minutes = (duration / 60)|int % 60 %} {% set hours = (duration / 3600)|int %} @@ -53,6 +50,10 @@ in inherit message; entity = "media_player.office"; }; + bedroom = message: tts { + inherit message; + entity = "media_player.bedroom"; + }; }; zigbee.prefix = "/ham/zigbee"; diff --git a/makefu/2configs/home/ham/light/tint_wohnzimmer.nix b/makefu/2configs/home/ham/light/tint_wohnzimmer.nix index 474bf5c99..243243816 100644 --- a/makefu/2configs/home/ham/light/tint_wohnzimmer.nix +++ b/makefu/2configs/home/ham/light/tint_wohnzimmer.nix @@ -21,24 +21,26 @@ let group_id_2 = 16389; group_id_3 = 16390; remote = "sensor.schlafzimmer_remote1_action"; - main_light_1 = "light.wled"; + main_light_1 = "light.wled"; # fernseher + main_light_2 = "light.wled_2"; #fernsehwand + default_scene_1 = "Solid"; default_color_1 = "Default"; main_color_select_1 = "select.wled_color_palette"; light_group_1.entity_id = [ main_light_1 + main_light_2 ]; # contains only the actually changeable lights - light_group_2 = { entity_id = [ + light_group_2.entity_id = [ "light.wohnzimmer_komode_osram" "light.wohnzimmer_schrank_osram" "light.wohnzimmer_fenster_lichterkette_licht" ]; - }; - light_group_3 = { entity_id = [ + light_group_3.entity_id = [ "light.wohnzimmer_stehlampe_osram" - ]; }; + ]; statecond = cond: { # cond must be a list condition = "template"; diff --git a/makefu/2configs/home/ham/media/arbeitszimmer_matrix.nix b/makefu/2configs/home/ham/media/arbeitszimmer_matrix.nix new file mode 100644 index 000000000..26fec370f --- /dev/null +++ b/makefu/2configs/home/ham/media/arbeitszimmer_matrix.nix @@ -0,0 +1,104 @@ +{ lib, ... }: +let + remote = "sensor.schlafzimmer_music_remote_action"; + hlib = import ../lib; + step = 0.02; + #room = "bedroom"; + room = "office"; + + player = "media_player.${room}"; + say = hlib.say."${room}"; + + remote_action = key: actions: { + conditions = ''{{ trigger.entity_id == 'binary_sensor.matrix_button_${toString key}' }}''; + sequence = actions; + }; + all_buttons = map (key: "binary_sensor.matrix_button_${toString key}") [ + 0 1 2 3 4 5 6 7 8 9 + "b9" "b10" "b11" "b12" "b13" "b14" + ]; +in + { + services.home-assistant.config.rest_command = { + good_song = { + url = "http://prism.r:8001/good"; + method = "POST"; + }; + bad_song = { + url = "http://prism.r:8001/skip"; + method = "POST"; + }; + }; + services.home-assistant.config.automation = + [ + { alias = "Arbeitszimmer Matrix music action"; + mode = "queued"; + trigger = [ + { + platform = "state"; + entity_id = all_buttons; + to = "on"; # ignore 'unavailable' + } + ]; + action = + [ + { choose = [ + (remote_action "9" { + service = "media_player.media_play"; + target.entity_id = player; + }) + (remote_action "7" + { + service = "media_player.media_mute"; + target.entity_id = player; + data.is_volume_muted = ''{{ not state_attr('${player}' , 'is_volume_muted') }}''; + } + ) + (remote_action "2" + { + service = "media_player.media_stop"; + target.entity_id = player; + } + ) + + (remote_action "b9" [ { service = "rest_command.good_song"; } ]) + (remote_action "b10" [ { service = "rest_command.bad_song"; } ]) + + (remote_action "3" + ((say "Starte Lass") ++ [ + { service = "media_player.play_media"; + data = { + media_content_id = "http://radio.lassul.us:8000/radio.mp3"; + media_content_type = "music"; + }; + target.entity_id = player; + } + ])) + (remote_action "1" + ((say "Starte Groovesalad") ++ [ + { service = "media_player.play_media"; + data = { + media_content_id = "http://ice2.somafm.com/groovesalad-128.mp3"; + media_content_type = "music"; + }; + target.entity_id = player; + } + ])) + (remote_action "8" { + service = "media_player.volume_set"; + target.entity_id = player; + data.volume_level = ''{{ state_attr("${player}","volume_level") + (${toString step}|float) }}''; + }) + (remote_action "5"{ + service = "media_player.volume_set"; + target.entity_id = player; + data.volume_level = ''{{ state_attr("${player}","volume_level") - (${toString step}|float) }}''; + }) + ]; + #default = { }; + } + ]; + } + ]; + +} diff --git a/makefu/2configs/home/ham/media/firetv.nix b/makefu/2configs/home/ham/media/firetv.nix index 429688c6a..fc33346cd 100644 --- a/makefu/2configs/home/ham/media/firetv.nix +++ b/makefu/2configs/home/ham/media/firetv.nix @@ -3,14 +3,9 @@ let in { services.home-assistant.config = { notify = [ - #{ - # platform = "kodi"; - # name = "Kodi Wohnzimmer"; - # host = firetv_stick; - #} { platform = "nfandroidtv"; - name = "FireTV Wohnzimmer"; + name = "FireTV Wohnzimmer Notification"; host = firetv_stick; } ]; @@ -20,10 +15,10 @@ in { # name = "FireTV Stick kodi"; # host = firetv_stick; #} + # Configuration needs to be done by hand via web interface "integration" { platform = "androidtv"; - name = "FireTV Stick"; - device_class = "firetv"; - # adb_server_ip = firetv_stick; + name = "FireTV Stick Android"; + device_class = "firetv"; host = firetv_stick; port = 5555; } diff --git a/makefu/2configs/home/ham/media/remote_sound_arbeitszimmer.nix b/makefu/2configs/home/ham/media/remote_sound_arbeitszimmer.nix index f59f022f4..cfa1da44e 100644 --- a/makefu/2configs/home/ham/media/remote_sound_arbeitszimmer.nix +++ b/makefu/2configs/home/ham/media/remote_sound_arbeitszimmer.nix @@ -1,5 +1,10 @@ { lib, ...}: let + # https://www.radiotheque.de/stream/4744806739035994/ABC-Lounge-Music-Radio/pls/ + # http://listen.radionomy.com/ABC-Lounge + # https://str1.openstream.co/589 + # https://listen.openstream.co/3139/audio + # https://str1.openstream.co/589?aw_0_1st.collectionid%3D3139%26stationId%3D3139%26publisherId%3D613%26k%3D1659381767%26aw_0_azn.pcountry%3D%5B%22FR%22%2C%22IT%22%2C%22DE%22%2C%22ES%22%2C%22GB%22%2C%22CH%22%2C%22CA%22%2C%22AT%22%2C%22US%22%5D%26aw_0_azn.planguage%3D%5B%22en%22%2C%22fr%22%2C%22de%22%5D%26aw_0_azn.pgenre%3D%5B%22Jazz%22%2C%22Easy+Listening%22%2C%22Music%22%5D statecond = cond: { # cond must be a list condition = "template"; value_template = "{{ trigger.to_state.state in ( " + diff --git a/makefu/2configs/home/ham/media/schlafzimmer_music_remote.nix b/makefu/2configs/home/ham/media/schlafzimmer_music_remote.nix new file mode 100644 index 000000000..438ce6bda --- /dev/null +++ b/makefu/2configs/home/ham/media/schlafzimmer_music_remote.nix @@ -0,0 +1,158 @@ +{ lib, ... }: +let + remote = "sensor.schlafzimmer_music_remote_action"; + hlib = import ../lib; + step = 0.03; + #room = "bedroom"; + room = "living_room"; + #room = "office"; + + player = "media_player.${room}"; + say = hlib.say."${room}"; + + remote_action = state: actions: { + conditions = ''{{ trigger.to_state.attributes.action == '${state}' }}''; + sequence = actions; + }; + album_list = [ +# Wieso Weshalb Warum Junior +"Doris%20R%c3%bcbel,%20JUMBO%20Neue%20Medien%20%26%20Verlag%20GmbH/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Helfen,%20teilen,%20sich%20vertragen" +"Wieso%3f%20Weshalb%3f%20Warum%3f%20junior/Mein%20Kindergarten" +"Wieso%3f%20Weshalb%3f%20Warum%3f%20junior/Unser%20Werkzeug" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Am%20Meer" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Ampel,%20Stra%c3%9fe%20und%20Verkehr" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Autos%20und%20Laster" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Der%20Bagger" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Der%20Bauernhof" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Der%20Flughafen" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Der%20Pinguin" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Der%20Traktor" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Die%20Baustelle" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Die%20Eisenbahn" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Die%20Feuerwehr" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Die%20Jahreszeiten" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Die%20M%c3%bcllabfuhr" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Die%20Polizei" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Die%20Rettungsfahrzeuge" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Die%20Ritterburg" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Heute,%20morgen,%20jetzt%20und%20gleich" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Im%20Streichelzoo" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20In%20den%20Bergen" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Mama,%20Papa,%20Oma,%20Opa" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Mein%20Hund" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Tanken,%20waschen,%20reparieren" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Tiere%20in%20Afrika" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Unsere%20Tierkinder" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Unterwegs%20mit%20Bus%20und%20Bahn" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Was%20ich%20alles%20kann" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Was%20kriecht%20und%20krabbelt%20da%3f" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Was%20machen%20wir%20an%20Weihnachten%3f" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Was%20machen%20wir%20im%20Fr%c3%bchling%3f" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Was%20machen%20wir%20im%20Herbst%3f" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Was%20machen%20wir%20im%20Sommer%3f" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Was%20machen%20wir%20im%20Winter%3f" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Was%20macht%20der%20Fu%c3%9fballer%3f" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Was%20macht%20der%20Polizist" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Was%20macht%20die%20Prinzessin%3f" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Was%20w%c3%a4chst%20da%3f" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Wenn%20es%20dunkel%20wird" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Wer%20arbeitet%20auf%20der%20Baustelle%3f" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Wir%20feiern%20Geburtstag" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Wir%20gehen%20in%20den%20Zoo" +"Wieso%3f%20Weshalb%3f%20Warum%3f/Wieso%3f%20Weshalb%3f%20Warum%3f%20junior.%20Z%c3%a4hne%20putzen,%20Pipi%20machen" + + ]; + albums = lib.concatMapStringsSep ", " (x: ''"A:ALBUMARTIST/${x}"'') + album_list; +in +{ + services.home-assistant.config.automation = + [ + { alias = "Schlafzimmer music action"; + mode = "queued"; + trigger = [ + { + platform = "state"; + entity_id = remote; + attribute = "action"; + not_to = ""; + } + ]; + action = + [ + { choose = [ + (remote_action "on" + ((say "Starte Essensmusik") ++ [ + { service = "media_player.play_media"; + data = { + media_content_id = "https://listen.openstream.co/4457/audio.mp3"; + media_content_type = "music"; + }; + target.entity_id = player; + } + ])) + (remote_action "off" + [ + { + service = "media_player.media_stop"; + target.entity_id = player; + } + ] + ) + + (remote_action "arrow_right_hold" + ((say "Starte Lass") ++ [ + { service = "media_player.play_media"; + data = { + media_content_id = "http://radio.lassul.us:8000/radio.mp3"; + media_content_type = "music"; + }; + target.entity_id = player; + } + ])) + (remote_action "arrow_left_hold" + ((say "Starte Deep House Music") ++ [ + { service = "media_player.play_media"; + data = { + media_content_id = "http://live.dancemusic.ro:7000/stream.mp3"; + media_content_type = "music"; + }; + target.entity_id = player; + } + ])) + + # TODO: choose random kindermusik? + (remote_action "brightness_move_up" + ((say "Starte Liam Album") ++ [ + { + service = "media_player.play_media"; + target.entity_id = player; + data = { + media_content_id = "{{ [${albums}]|random }}"; + media_content_type = "album"; + }; + } + ]) + ) + #(remote_action "brightness_move_down" + #) + (remote_action "arrow_right_click" { + + service = "media_player.volume_set"; + target.entity_id = player; + data.volume_level = ''{{ state_attr("${player}","volume_level") + (${toString step}|float) }}''; + }) + #(remote_action "brightness_move_down" { + (remote_action "arrow_left_click"{ + service = "media_player.volume_set"; + target.entity_id = player; + data.volume_level = ''{{ state_attr("${player}","volume_level") - (${toString step}|float) }}''; + }) + ]; + #default = { }; + } + ]; + } + ]; + +} diff --git a/makefu/2configs/home/ham/media/sonos.nix b/makefu/2configs/home/ham/media/sonos.nix index 40dcfc3ca..c9cf1a510 100644 --- a/makefu/2configs/home/ham/media/sonos.nix +++ b/makefu/2configs/home/ham/media/sonos.nix @@ -4,5 +4,4 @@ "192.168.111.31" "192.168.111.32" ]; - - } +} diff --git a/makefu/2configs/home/ham/sensor/dwd.nix b/makefu/2configs/home/ham/sensor/dwd.nix new file mode 100644 index 000000000..c1d55d03c --- /dev/null +++ b/makefu/2configs/home/ham/sensor/dwd.nix @@ -0,0 +1,8 @@ +{ + services.home-assistant.config.sensor = + [ + { platform = "dwd_weather_warnings"; + region_name = "Stadt Stuttgart"; + } + ]; +} diff --git a/makefu/2configs/home/ham/sensor/pollen.nix b/makefu/2configs/home/ham/sensor/pollen.nix new file mode 100644 index 000000000..d95c199bf --- /dev/null +++ b/makefu/2configs/home/ham/sensor/pollen.nix @@ -0,0 +1,65 @@ +{ pkgs, lib, ... }: +with lib; +let + region = "112"; + types = [ + "Erle" + "Beifuss" + "Ambrosia" + "Birke" + "Esche" + "Hasel" + "Graeser" + "Roggen" + ]; + gen_tomorrow_sensor = type: { + name = "dwd_pollenbelastung_${toLower type}_tomorrow"; + value = { + icon_template = "mdi:grass"; + friendly_name = "${type} Morgen"; + value_template = "{{ state_attr('sensor.dwd_pollenbelastung_${toLower type}', 'tomorrow') }}"; + }; + }; + gen_sensor = type: { + name = "dwd_pollenbelastung_${toLower type}"; + value = { + icon_template = "mdi:tree-outline"; + friendly_name = type; + value_template = '' + {% set dwd_state = state_attr('sensor.dwd_pollenbelastung_stuttgart', '${type}')['today'] %} + {% if dwd_state == "3" %}6{% elif dwd_state == "2-3"%}5{% elif dwd_state == "2"%}4{% elif dwd_state == "1-2"%}3{% elif dwd_state == "1"%}2{% elif dwd_state == "0-1"%}1{% else %}0{% endif %} + ''; + attribute_templates.today = '' + {% set dwd_state = state_attr('sensor.dwd_pollenbelastung_stuttgart', '${type}')['today'] %} + {% if dwd_state == "3" %}6{% elif dwd_state == "2-3"%}5{% elif dwd_state == "2"%}4{% elif dwd_state == "1-2"%}3{% elif dwd_state == "1"%}2{% elif dwd_state == "0-1"%}1{% else %}0{% endif %} + ''; + attribute_templates.tomorrow = '' + {% set dwd_state = state_attr('sensor.dwd_pollenbelastung_stuttgart', '${type}')['tomorrow'] %} + {% if dwd_state == "3" %}6{% elif dwd_state == "2-3"%}5{% elif dwd_state == "2"%}4{% elif dwd_state == "1-2"%}3{% elif dwd_state == "1"%}2{% elif dwd_state == "0-1"%}1{% else %}0{% endif %} + ''; + # -1 == unknown + #attribute_templates.dayafter = '' + # {% set dwd_state = state_attr('sensor.dwd_pollenbelastung', '${type}')['dayafter_to'] %} + # {% if dwd_state == "3" %}6{% elif dwd_state == "2-3"%}5{% elif dwd_state == "2"%}4{% elif dwd_state == "1-2"%}3{% elif dwd_state == "1"%}2{% elif dwd_state == "0-1"%}1{% elif dwd_state == "-1"%}-1{% else %}0{% endif %} + #''; + }; + }; +in + { + services.home-assistant.config.sensor = [ + { + platform = "rest"; + scan_interval = 3600; + name = "DWD Pollenbelastung Stuttgart"; + resource = "https://opendata.dwd.de/climate_environment/health/alerts/s31fg.json"; + json_attributes_path = "$..content[?(@.partregion_id==${region})].Pollen"; + json_attributes = types; + value_template = "{{ value_json.last_update }}"; + } + { + platform = "template"; + sensors = (listToAttrs (map gen_sensor types)) // + (listToAttrs (map gen_tomorrow_sensor types)) ; + } + ]; +} diff --git a/makefu/2configs/home/ham/signal-rest/service.nix b/makefu/2configs/home/ham/signal-rest/service.nix index 250a3596d..1f718efa5 100644 --- a/makefu/2configs/home/ham/signal-rest/service.nix +++ b/makefu/2configs/home/ham/signal-rest/service.nix @@ -14,5 +14,7 @@ in { volumes = [ "${config}:/home/.local/share/signal-cli" ]; + environment.MODE ="json-rpc"; + #environment.MODE ="native"; # only required for reigstration }; } diff --git a/makefu/2configs/home/ham/zigbee2mqtt.nix b/makefu/2configs/home/ham/zigbee2mqtt.nix index 7809dbb51..efcbb0d00 100644 --- a/makefu/2configs/home/ham/zigbee2mqtt.nix +++ b/makefu/2configs/home/ham/zigbee2mqtt.nix @@ -38,93 +38,6 @@ in icon = "mdi:chip"; } ]; - switch = [ - { - platform = "mqtt"; - name = "Zigbee2mqtt Main join"; - state_topic = "${prefix}/bridge/config/permit_join"; - command_topic = "${prefix}/bridge/config/permit_join"; - payload_on = "true"; - payload_off = "false"; - } - ]; - automation = [ - { - alias = "Zigbee2mqtt Log Level"; - initial_state = "on"; - trigger = { - platform = "state"; - entity_id = "input_select.zigbee2mqtt_log_level"; - }; - action = [ - { - service = "mqtt.publish"; - data = { - payload_template = "{{ states('input_select.zigbee2mqtt_log_level') }}"; - topic = "${prefix}/bridge/config/log_level"; - }; - } - ]; - } - # Automation to start timer when enable join is turned on - { - id = "zigbee_join_enabled"; - alias = "Zigbee Join Enabled"; - trigger = - { - platform = "state"; - entity_id = "switch.zigbee2mqtt_main_join"; - to = "on"; - }; - action = - { - service = "timer.start"; - entity_id = "timer.zigbee_permit_join"; - }; - } - # # Automation to stop timer when switch turned off and turn off switch when timer finished - { - id = "zigbee_join_disabled"; - alias = "Zigbee Join Disabled"; - trigger = [ - { - platform = "event"; - event_type = "timer.finished"; - event_data.entity_id = "timer.zigbee_permit_join"; - } - { - platform = "state"; - entity_id = "switch.zigbee2mqtt_main_join"; - to = "off"; - } - ]; - action = [ - { service = "timer.cancel"; - data.entity_id = "timer.zigbee_permit_join"; - } - { service = "switch.turn_off"; - entity_id = "switch.zigbee2mqtt_main_join"; - } - ]; - } - ]; - input_select.zigbee2mqtt_log_level = - { - name = "Zigbee2mqtt Log Level"; - options = [ - "debug" - "info" - "warn" - "error" - ]; - initial = "info"; - icon = "mdi:format-list-bulleted"; - }; - timer.zigbee_permit_join = - { - name = "Zigbee Time remaining"; - duration = 120; - }; }; } diff --git a/makefu/2configs/home/jellyfin.nix b/makefu/2configs/home/jellyfin.nix index 672a483e5..acfdb2599 100644 --- a/makefu/2configs/home/jellyfin.nix +++ b/makefu/2configs/home/jellyfin.nix @@ -2,9 +2,65 @@ { services.jellyfin.enable = true; services.jellyfin.openFirewall = true; - #users.users.${config.services.jellyfin.user}.extraGroups = [ "download" "video" "render" ]; state = [ "/var/lib/jellyfin" ]; - systemd.services.jellyfin.serviceConfig.PrivateDevices = lib.mkForce false; - systemd.services.jellyfin.serviceConfig.DeviceAllow = lib.mkForce ["char-drm rwm" "char-nvidia-frontend" "char-nvidia-uvm"]; - systemd.services.jellyfin.serviceConfig.SupplementaryGroups = [ "video" "render" "download" ]; + users.users.${config.services.jellyfin.user}.extraGroups = [ "download" "video" "render" ]; + + systemd.services.jellyfin = { + + after = [ "media-cloud.mount" ]; + serviceConfig = rec { + SupplementaryGroups = lib.mkForce [ "video" "render" "download" ]; + UMask = lib.mkForce "0077"; + + + Type = lib.mkForce "simple"; + StateDirectory = lib.mkForce "jellyfin"; + StateDirectoryMode = lib.mkForce "0700"; + CacheDirectory = lib.mkForce "jellyfin"; + CacheDirectoryMode = lib.mkForce "0700"; + WorkingDirectory = lib.mkForce "/var/lib/jellyfin"; + Restart = lib.mkForce "on-failure"; + TimeoutSec = lib.mkForce 15; + SuccessExitStatus = lib.mkForce ["0" "143"]; + + # Security options: + NoNewPrivileges = lib.mkForce true; + SystemCallArchitectures = lib.mkForce "native"; + # AF_NETLINK needed because Jellyfin monitors the network connection + RestrictAddressFamilies = lib.mkForce [ "AF_UNIX" "AF_INET" "AF_INET6" "AF_NETLINK" ]; + RestrictNamespaces = lib.mkForce false; + RestrictRealtime = lib.mkForce true; + RestrictSUIDSGID = lib.mkForce true; + ProtectControlGroups = lib.mkForce false; + ProtectHostname = lib.mkForce true; + ProtectKernelLogs = lib.mkForce false; + ProtectKernelModules = lib.mkForce false; + ProtectKernelTunables = lib.mkForce false; + LockPersonality = lib.mkForce true; + PrivateTmp = lib.mkForce false; + # needed for hardware accelaration + PrivateDevices = lib.mkForce false; + PrivateUsers = lib.mkForce true; + RemoveIPC = lib.mkForce true; + + SystemCallFilter = lib.mkForce [ + "~@clock" + "~@aio" + "~@chown" + "~@cpu-emulation" + "~@debug" + "~@keyring" + "~@memlock" + "~@module" + "~@mount" + "~@obsolete" + "~@privileged" + "~@raw-io" + "~@reboot" + "~@setuid" + "~@swap" + ]; + SystemCallErrorNumber = lib.mkForce "EPERM"; + }; + }; } diff --git a/makefu/2configs/home/music.nix b/makefu/2configs/home/music.nix index 7f5a425d2..7dd8ca6e1 100644 --- a/makefu/2configs/home/music.nix +++ b/makefu/2configs/home/music.nix @@ -22,10 +22,6 @@ in locations."/".proxyPass = "http://localhost:${toString port}"; locations."/".proxyWebsockets = true; - extraConfig = '' - if ( $server_addr != "${internal-ip}" ) { - return 403; - } - ''; }; + networking.firewall.allowedTCPPorts = [ port ]; } diff --git a/makefu/2configs/nginx/music.euer.nix b/makefu/2configs/nginx/music.euer.nix new file mode 100644 index 000000000..e866f1b0d --- /dev/null +++ b/makefu/2configs/nginx/music.euer.nix @@ -0,0 +1,26 @@ +{ config, lib, pkgs, ... }: + +let + hostname = config.krebs.build.host.name; + user = config.services.nginx.user; + group = config.services.nginx.group; + external-ip = config.krebs.build.host.nets.internet.ip4.addr; + internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; +in { + services.nginx = { + enable = lib.mkDefault true; + virtualHosts."music.euer.krebsco.de" = { + forceSSL = true; + enableACME = true; + locations."/" = { + proxyPass = "http://omo:4533/"; + proxyWebsockets = true; + extraConfig = '' + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + ''; + }; + }; + }; +} diff --git a/makefu/2configs/remote-build/arm-emulation.nix b/makefu/2configs/remote-build/arm-emulation.nix new file mode 100644 index 000000000..dbef25222 --- /dev/null +++ b/makefu/2configs/remote-build/arm-emulation.nix @@ -0,0 +1,25 @@ +{ pkgs, ... }: +let qemu-arm-static = pkgs.stdenv.mkDerivation { + name = "qemu-arm-static"; + src = builtins.fetchurl { + url = "https://github.com/multiarch/qemu-user-static/releases/download/v6.1.0-8/qemu-arm-static"; + sha256 = "06344d77d4f08b3e1b26ff440cb115179c63ca8047afb978602d7922a51231e3"; + }; + dontUnpack = true; + installPhase = "install -D -m 0755 $src $out/bin/qemu-arm-static"; +}; +in { + # Enable binfmt emulation of extra binary formats (armv7l-linux, for exmaple). + boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; + boot.binfmt.registrations.arm = { + interpreter = "${qemu-arm-static}/bin/qemu-arm-static"; + magicOrExtension = ''\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00''; + mask = ''\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\x00\xff\xfe\xff\xff\xff''; + }; + + # Define additional settings for nix. + nix.extraOptions = '' + extra-platforms = armv7l-linux + ''; + nix.sandboxPaths = [ "/run/binfmt/arm=${qemu-arm-static}/bin/qemu-arm-static" ]; +} diff --git a/makefu/2configs/share/gum-client.nix b/makefu/2configs/share/gum-client.nix index db2adfb1c..5192ef515 100644 --- a/makefu/2configs/share/gum-client.nix +++ b/makefu/2configs/share/gum-client.nix @@ -2,21 +2,28 @@ let automount_opts = - [ "x-systemd.automount" - "noauto" "x-systemd.idle-timeout=600" - "x-systemd.device-timeout=5s" - "x-systemd.mount-timeout=5s" + [ "x-systemd.automount" "noauto" + "x-systemd.idle-timeout=300" + "x-systemd.mount-timeout=60s" ]; - host = "nextgum"; #TODO + host = "gum"; #TODO in { - fileSystems."/media/download" = { - device = "//${host}/download"; + boot.extraModprobeConfig = '' + options cifs CIFSMaxBufSize=130048 + ''; + fileSystems."/media/cloud" = { + device = "//${host}/cloud-proxy"; fsType = "cifs"; options = automount_opts ++ [ "credentials=/var/src/secrets/download.smb" "file_mode=0775" "dir_mode=0775" - "uid=9001" + "bsize=8388608" + "fsc" + "rsize=130048" + "cache=loose" + "uid=${toString config.users.users.download.uid}" + "gid=${toString config.users.groups.download.gid}" "vers=3" ]; }; diff --git a/makefu/2configs/share/gum.nix b/makefu/2configs/share/gum.nix index fd81f28ca..9647e0a6c 100644 --- a/makefu/2configs/share/gum.nix +++ b/makefu/2configs/share/gum.nix @@ -1,6 +1,5 @@ { config, lib, pkgs, ... }: -with import <stockholm/lib>; let hostname = config.krebs.build.host.name; in { @@ -11,15 +10,11 @@ in { # home = "/var/empty"; # }; environment.systemPackages = [ pkgs.samba ]; - users.users.download = { - uid = genid "download"; - isNormalUser = true; - }; services.samba = { enable = true; shares = { - download = { - path = "/var/download"; + cloud-proxy = { + path = "/media/cloud"; "read only" = "no"; browseable = "yes"; "guest ok" = "no"; diff --git a/makefu/2configs/share/hetzner-client.nix b/makefu/2configs/share/hetzner-client.nix index 90bc32deb..dc8637361 100644 --- a/makefu/2configs/share/hetzner-client.nix +++ b/makefu/2configs/share/hetzner-client.nix @@ -21,11 +21,12 @@ in { "dir_mode=0770" "uid=${toString config.users.users.download.uid}" "gid=${toString config.users.groups.download.gid}" - #"vers=3" - "vers=2.1" + "vers=3" + #"vers=2.1" "rsize=65536" "wsize=130048" "iocharset=utf8" + "cache=loose" ]; }; } diff --git a/makefu/2configs/share/omo.nix b/makefu/2configs/share/omo.nix index e53158b8f..4756ccf81 100644 --- a/makefu/2configs/share/omo.nix +++ b/makefu/2configs/share/omo.nix @@ -87,6 +87,12 @@ in { "guest ok" = "no"; "valid users" = "makefu"; }; + #cloud = { + # path = "/media/cloud/download/finished"; + # "read only" = "no"; + # browseable = "yes"; + # "guest ok" = "yes"; + #}; }; extraConfig = '' guest account = smbguest diff --git a/makefu/2configs/tools/all.nix b/makefu/2configs/tools/all.nix index 6844fdfe4..37673768a 100644 --- a/makefu/2configs/tools/all.nix +++ b/makefu/2configs/tools/all.nix @@ -2,18 +2,19 @@ imports = [ ./android-pentest.nix ./consoles.nix - ./core.nix ./core-gui.nix - ./dev.nix + ./core.nix ./desktop.nix + ./dev.nix ./extra-gui.nix ./games.nix + ./maker.nix ./media.nix ./mobility.nix ./pcmanfm-extra.nix ./scanner-tools.nix - ./sec.nix ./sec-gui.nix + ./sec.nix ./studio.nix ]; } diff --git a/makefu/2configs/tools/dev.nix b/makefu/2configs/tools/dev.nix index 66bc9a0e6..2b9baa9c5 100644 --- a/makefu/2configs/tools/dev.nix +++ b/makefu/2configs/tools/dev.nix @@ -22,6 +22,7 @@ brain whatsupnix nixpkgs-pytools + nixpkgs-fmt hydra-check # git-related git-preview diff --git a/makefu/2configs/tools/games.nix b/makefu/2configs/tools/games.nix index 0f1e61791..507887cff 100644 --- a/makefu/2configs/tools/games.nix +++ b/makefu/2configs/tools/games.nix @@ -8,5 +8,6 @@ games-user-env wine pkg2zip + steam ]; } diff --git a/makefu/2configs/tools/maker.nix b/makefu/2configs/tools/maker.nix new file mode 100644 index 000000000..8388db583 --- /dev/null +++ b/makefu/2configs/tools/maker.nix @@ -0,0 +1,16 @@ +{ pkgs, ... }: +{ + users.users.makefu.packages = with pkgs; [ + # media + picard + asunder + #darkice + lame + # creation + blender + openscad + # slicing + cura + chitubox + ]; +} diff --git a/makefu/2configs/wireguard/thierry.nix b/makefu/2configs/wireguard/thierry.nix new file mode 100644 index 000000000..f1dfef192 --- /dev/null +++ b/makefu/2configs/wireguard/thierry.nix @@ -0,0 +1,21 @@ +{ lib, ... }: +{ + networking.wireguard.interfaces.thierry-wg = { + ips = [ "172.27.66.10/24" ]; # TODO: not dnyamic + privateKeyFile = (toString <secrets>) + "/wg-thierry.key"; + allowedIPsAsRoutes = true; + # explicit route via eth0 to gum + peers = [ + { + endpoint = "thierryhome.duckdns.org:51820"; + allowedIPs = [ "172.27.66.0/24" ]; + publicKey = "filYuG/xbb2YW8WT0xT26rzeZ/ZiM6NLnbxbsCR9rS0="; + persistentKeepalive = 25; + } + #{ + # allowedIPs = [ "172.27.66.3/32" ]; + # publicKey = "cDIf14LH4qleXNo889lS2ATIqDx9r//JNCkhHlHgc1Q="; + #} + ]; + }; +} |