diff options
Diffstat (limited to 'makefu/2configs')
| -rw-r--r-- | makefu/2configs/backup/server.nix | 20 | ||||
| -rw-r--r-- | makefu/2configs/bgt/etherpad.euer.krebsco.de.nix (renamed from makefu/2configs/deployment/docker/etherpad.euer.krebsco.de.nix) | 4 | ||||
| -rw-r--r-- | makefu/2configs/bgt/social-to-irc.nix | 32 | ||||
| -rw-r--r-- | makefu/2configs/bgt/template.md (renamed from makefu/2configs/deployment/docker/template.md) | 0 | ||||
| -rw-r--r-- | makefu/2configs/binary-cache/server.nix | 1 | ||||
| -rw-r--r-- | makefu/2configs/bureautomation/automation/philosophische-tuer.nix | 108 | ||||
| -rw-r--r-- | makefu/2configs/bureautomation/default.nix | 10 | ||||
| -rw-r--r-- | makefu/2configs/bureautomation/zigbee2mqtt/default.nix (renamed from makefu/2configs/ham/zigbee2mqtt/default.nix) | 9 | ||||
| -rw-r--r-- | makefu/2configs/bureautomation/zigbee2mqtt/hass.nix (renamed from makefu/2configs/ham/zigbee2mqtt/hass.nix) | 0 | ||||
| -rw-r--r-- | makefu/2configs/default.nix | 1 | ||||
| -rw-r--r-- | makefu/2configs/gui/wbob-kiosk.nix | 15 | ||||
| -rw-r--r-- | makefu/2configs/home/airsonic.nix | 29 | ||||
| -rw-r--r-- | makefu/2configs/home/ham/automation/fenster_auf.nix | 33 | ||||
| -rw-r--r-- | makefu/2configs/home/ham/automation/firetv_restart.nix (renamed from makefu/2configs/ham/automation/firetv_restart.nix) | 0 | ||||
| -rw-r--r-- | makefu/2configs/home/ham/automation/giesskanne.nix (renamed from makefu/2configs/ham/automation/giesskanne.nix) | 0 | ||||
| -rw-r--r-- | makefu/2configs/home/ham/automation/light_buttons.nix (renamed from makefu/2configs/ham/automation/light_buttons.nix) | 0 | ||||
| -rw-r--r-- | makefu/2configs/home/ham/automation/moodlight.nix (renamed from makefu/2configs/ham/automation/moodlight.nix) | 0 | ||||
| -rw-r--r-- | makefu/2configs/home/ham/automation/urlaub.nix (renamed from makefu/2configs/ham/automation/urlaub.nix) | 0 | ||||
| -rw-r--r-- | makefu/2configs/home/ham/automation/wohnzimmer_rf_fernbedienung.nix (renamed from makefu/2configs/ham/automation/wohnzimmer_rf_fernbedienung.nix) | 0 | ||||
| -rw-r--r-- | makefu/2configs/home/ham/calendar/nextcloud.nix (renamed from makefu/2configs/ham/calendar/nextcloud.nix) | 0 | ||||
| -rw-r--r-- | makefu/2configs/home/ham/default.nix (renamed from makefu/2configs/ham/default.nix) | 74 | ||||
| -rw-r--r-- | makefu/2configs/home/ham/deps/dwdwfsapi.nix (renamed from makefu/2configs/ham/deps/dwdwfsapi.nix) | 0 | ||||
| -rw-r--r-- | makefu/2configs/home/ham/deps/pykodi.nix (renamed from makefu/2configs/ham/deps/pykodi.nix) | 0 | ||||
| -rw-r--r-- | makefu/2configs/home/ham/device_tracker/openwrt.nix (renamed from makefu/2configs/ham/device_tracker/openwrt.nix) | 0 | ||||
| -rw-r--r-- | makefu/2configs/home/ham/lib/default.nix (renamed from makefu/2configs/ham/lib/default.nix) | 0 | ||||
| -rw-r--r-- | makefu/2configs/home/ham/light/arbeitszimmer.nix (renamed from makefu/2configs/ham/light/arbeitszimmer.nix) | 0 | ||||
| -rw-r--r-- | makefu/2configs/home/ham/light/schlafzimmer.nix (renamed from makefu/2configs/ham/light/schlafzimmer.nix) | 0 | ||||
| -rw-r--r-- | makefu/2configs/home/ham/light/wohnzimmer.nix (renamed from makefu/2configs/ham/light/wohnzimmer.nix) | 0 | ||||
| -rw-r--r-- | makefu/2configs/home/ham/mqtt.nix (renamed from makefu/2configs/ham/mqtt.nix) | 0 | ||||
| -rw-r--r-- | makefu/2configs/home/ham/multi/fliegen-couter.nix (renamed from makefu/2configs/ham/multi/fliegen-couter.nix) | 0 | ||||
| -rw-r--r-- | makefu/2configs/home/ham/multi/flurlicht.nix (renamed from makefu/2configs/ham/multi/flurlicht.nix) | 0 | ||||
| -rw-r--r-- | makefu/2configs/home/ham/multi/kurzzeitwecker.nix (renamed from makefu/2configs/ham/multi/kurzzeitwecker.nix) | 0 | ||||
| -rw-r--r-- | makefu/2configs/home/ham/multi/the_playlist.nix (renamed from makefu/2configs/ham/multi/the_playlist.nix) | 0 | ||||
| -rw-r--r-- | makefu/2configs/home/ham/nginx.nix | 15 | ||||
| -rw-r--r-- | makefu/2configs/home/ham/sensor/outside.nix (renamed from makefu/2configs/ham/sensor/outside.nix) | 0 | ||||
| -rw-r--r-- | makefu/2configs/home/ham/signal-rest/default.nix | 18 | ||||
| -rw-r--r-- | makefu/2configs/home/ham/zigbee2mqtt/default.nix | 91 | ||||
| -rw-r--r-- | makefu/2configs/home/ham/zigbee2mqtt/hass.nix | 130 | ||||
| -rw-r--r-- | makefu/2configs/home/ham/zigbee2mqtt/osram.nix (renamed from makefu/2configs/ham/zigbee2mqtt/osram.nix) | 0 | ||||
| -rw-r--r-- | makefu/2configs/home/metube.nix | 35 | ||||
| -rw-r--r-- | makefu/2configs/home/photoprism.nix | 147 | ||||
| -rw-r--r-- | makefu/2configs/hw/tp-x230.nix | 8 | ||||
| -rw-r--r-- | makefu/2configs/hw/xmm7360.nix | 11 | ||||
| -rw-r--r-- | makefu/2configs/printer.nix | 6 | ||||
| -rw-r--r-- | makefu/2configs/share/omo-client.nix | 28 | ||||
| -rw-r--r-- | makefu/2configs/stats/server.nix | 1 | ||||
| -rw-r--r-- | makefu/2configs/storj/client.nix | 27 | ||||
| -rw-r--r-- | makefu/2configs/storj/forward-port.nix | 22 | ||||
| -rw-r--r-- | makefu/2configs/systemdultras/ircbot.nix | 4 | ||||
| -rw-r--r-- | makefu/2configs/tools/core.nix | 1 | ||||
| -rw-r--r-- | makefu/2configs/wireguard/server.nix | 2 |
51 files changed, 843 insertions, 39 deletions
diff --git a/makefu/2configs/backup/server.nix b/makefu/2configs/backup/server.nix index f157e715f..26e53b8c3 100644 --- a/makefu/2configs/backup/server.nix +++ b/makefu/2configs/backup/server.nix @@ -1,11 +1,19 @@ -{lib, ... }: +{lib,config, ... }: let hosts = lib.mapAttrsToList (f: _: lib.removeSuffix ".pub" f) (builtins.readDir ./ssh ); in { # TODO: for all enabled machines - services.borgbackup.repos = lib.genAttrs hosts (host: { - authorizedKeys = [ (builtins.readFile (./ssh + "/${host}.pub") ) ]; - path = "/var/lib/borgbackup/${host}"; - user = "borg-${host}"; - }) ; + options = { + makefu.backup.server.repo = lib.mkOption { + type = lib.types.str; + default = "/var/lib/borgbackup"; + }; + }; + config = { + services.borgbackup.repos = lib.genAttrs hosts (host: { + authorizedKeys = [ (builtins.readFile (./ssh + "/${host}.pub") ) ]; + path = "${config.makefu.backup.server.repo}/${host}"; + user = "borg-${host}"; + }) ; + }; } diff --git a/makefu/2configs/deployment/docker/etherpad.euer.krebsco.de.nix b/makefu/2configs/bgt/etherpad.euer.krebsco.de.nix index 172e69c4d..48b947c58 100644 --- a/makefu/2configs/deployment/docker/etherpad.euer.krebsco.de.nix +++ b/makefu/2configs/bgt/etherpad.euer.krebsco.de.nix @@ -6,7 +6,7 @@ in { services.nginx.virtualHosts."etherpad.euer.krebsco.de" = { # useACMEHost = "euer.krebsco.de"; extraConfig = '' - ssl_session_timeout 5m; + ssl_session_timeout 30m; ''; enableACME = true; forceSSL = true; @@ -27,7 +27,7 @@ in { # WebSocket proxying - from https://nginx.org/en/docs/http/websocket.html proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; - proxy_read_timeout 61s; + proxy_read_timeout 1799s; ''; }; docker-containers."etherpad-lite" = { diff --git a/makefu/2configs/bgt/social-to-irc.nix b/makefu/2configs/bgt/social-to-irc.nix new file mode 100644 index 000000000..ce89451c1 --- /dev/null +++ b/makefu/2configs/bgt/social-to-irc.nix @@ -0,0 +1,32 @@ +{ + # systemd.services.brockman.environment."BROCKMAN_LOG_LEVEL" = "DEBUG"; + krebs.brockman = { + enable = true; + config = { + channel = "#binaergewitter"; + irc = { + host = "irc.freenode.net"; + port = 6667; + }; + #controller = { + # nick = "brockman-systemdultras"; + # channels = []; + #}; + bots = { + bgt-mastodon-rss = { + feed = "https://jit.social/users/binaergewitter.rss"; + channels = [ "#binaergewitter" ]; + delay = 180; + notifyErrors = false; + }; + bgt-blog-rss = { + feed = "https://blog.binaergewitter.de/rss.xml"; + channels = [ "#binaergewitter" ]; + delay = 180; + notifyErrors = false; + }; + }; + }; + + }; +} diff --git a/makefu/2configs/deployment/docker/template.md b/makefu/2configs/bgt/template.md index e53bad7e8..e53bad7e8 100644 --- a/makefu/2configs/deployment/docker/template.md +++ b/makefu/2configs/bgt/template.md diff --git a/makefu/2configs/binary-cache/server.nix b/makefu/2configs/binary-cache/server.nix index 1d729b9bb..2e05fd52e 100644 --- a/makefu/2configs/binary-cache/server.nix +++ b/makefu/2configs/binary-cache/server.nix @@ -5,6 +5,7 @@ # nix-store --generate-binary-cache-key gum nix-serve.key nix-serve.pub services.nix-serve = { enable = true; + port = 5001; secretKeyFile = config.krebs.secret.files.nix-serve-key.path; }; diff --git a/makefu/2configs/bureautomation/automation/philosophische-tuer.nix b/makefu/2configs/bureautomation/automation/philosophische-tuer.nix new file mode 100644 index 000000000..9ccb81348 --- /dev/null +++ b/makefu/2configs/bureautomation/automation/philosophische-tuer.nix @@ -0,0 +1,108 @@ +{ config, pkgs, lib, ... }: + +let + short_threshold = 30; #seconds + long_threshold = 30; #minutes + sensor = "binary_sensor.buerotuer_contact"; + + # get the list of all + name = "tueraudio"; + prefix = "http://localhost:8123/local/${name}"; + audiodir = "${config.services.home-assistant.configDir}/www/${name}"; + recordrepo = pkgs.fetchFromGitHub { + owner = "makefu"; + repo = "philosophische_tuer"; + rev = "17544c6"; + sha256 = "0bm0697fyf6s05c6yw6y25cyck04rlxj1dgazkq8mfqk6756v2bq"; + }; + samples = user: lib.mapAttrsToList + (file: _: ''"${prefix}/${name}/${user}/${file}"'') + (builtins.readDir (toString ( recordrepo+ "/recordings/${user}"))); + random_tuerspruch = ''{{'' + (lib.concatStringsSep "," ((samples "Felix") ++ (samples "Sofia") ++ (samples "Markus"))) + ''| random}}''; # TODO read from derivation +in +{ + systemd.tmpfiles.rules = [ + "d ${audiodir} - hass hass - -" + ]; + + systemd.services.copy-philosophische-tuersounds = { + description = "copy philosophische tuer"; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + Type = "oneshot"; + User = "hass"; + WorkingDirectory = audiodir; + ExecStart = pkgs.writeDash "update-samples" '' + cp -vr ${recordrepo} ${audiodir} + ''; + }; + }; + + services.home-assistant.config.media_extractor = { }; + services.home-assistant.config.script."philosophische_tuer" = { + alias = "Durchsage der philosophischen Tür"; + sequence = [ + { service = "media_player.play_media"; + data = { + entity_id = "media_player.mpd"; + media_content_type = "playlist"; + media_content_id = "ansage"; + }; + } + { delay.seconds = 5; } + { service = "media_extractor.play_media"; + entity_id = "media_player.mpd"; + data_template = { + media_content_id = random_tuerspruch; + media_content_type = "MUSIC"; + }; + } + ]; + }; + services.home-assistant.config.automation = + [ + { + alias = "Tür offen seit ${toString short_threshold} sekunden"; + trigger = + { platform = "state"; + entity_id = sensor; + to = "on"; + for.seconds = 60; + }; + condition = { }; + + action = [ + { service = "homeassistant.turn_on"; + entity_id = [ + "script.philosophische_tuer" + ]; + } + ]; + } + { + alias = "Tür offen seit ${toString long_threshold} minuten"; + trigger = + { platform = "state"; + entity_id = sensor; + to = "on"; + for.minutes = long_threshold; + }; + condition = { }; + + action = [ + { service = "homeassistant.turn_on"; + entity_id = [ + "script.philosophische_tuer" + ]; + } + { service = "tts.google_say"; + entity_id = "media_player.mpd"; + data_template = { + message = "BEEP BOOP - Die Tür ist schon seit ${toString long_threshold} Minuten offen! Student Nummer {{ range(1,500) | random }}, bitte schliesse die Tür"; + language = "de"; + }; + } + ]; + } + ]; +} diff --git a/makefu/2configs/bureautomation/default.nix b/makefu/2configs/bureautomation/default.nix index 7e8b6a4d3..7ac90f5c5 100644 --- a/makefu/2configs/bureautomation/default.nix +++ b/makefu/2configs/bureautomation/default.nix @@ -1,12 +1,15 @@ { config, pkgs, lib, ... }: let kodi-host = "192.168.8.11"; + unstable = import <nixpkgs-unstable> {}; in { imports = [ ./ota.nix ./comic-updater.nix ./puppy-proxy.nix + ./zigbee2mqtt + # hass config ## complex configs ./multi/daily-standup.nix @@ -39,15 +42,22 @@ in { ./automation/bureau-shutdown.nix ./automation/nachtlicht.nix ./automation/schlechteluft.nix + ./automation/philosophische-tuer.nix ./automation/hass-restart.nix ./device_tracker/openwrt.nix ./person/team.nix ]; + networking.firewall.allowedTCPPorts = [ 8123 ]; state = [ "/var/lib/hass/known_devices.yaml" ]; services.home-assistant = { enable = true; + package = (unstable.home-assistant.overrideAttrs (old: { + doInstallCheck = false; + })).override { + extraPackages = p: [ p.APScheduler ]; + }; autoExtraComponents = true; config = { config = {}; diff --git a/makefu/2configs/ham/zigbee2mqtt/default.nix b/makefu/2configs/bureautomation/zigbee2mqtt/default.nix index a75075273..ba10ae74b 100644 --- a/makefu/2configs/ham/zigbee2mqtt/default.nix +++ b/makefu/2configs/bureautomation/zigbee2mqtt/default.nix @@ -12,13 +12,18 @@ in services.zigbee2mqtt = { enable = true; inherit dataDir; + config = { + permit_join = true; + serial.port = "/dev/cc2531"; + homeassistant = true; + }; }; - state = [ "${dataDir}/configuration.yaml" "${dataDir}/state.json" ]; + state = [ "${dataDir}/devices.yaml" "${dataDir}/state.json" ]; systemd.services.zigbee2mqtt = { # override automatic configuration.yaml deployment - serviceConfig.ExecStartPre = lib.mkForce "${pkgs.coreutils}/bin/true"; + environment.ZIGBEE2MQTT_DATA = dataDir; after = [ "home-assistant.service" "mosquitto.service" diff --git a/makefu/2configs/ham/zigbee2mqtt/hass.nix b/makefu/2configs/bureautomation/zigbee2mqtt/hass.nix index faf864ba6..faf864ba6 100644 --- a/makefu/2configs/ham/zigbee2mqtt/hass.nix +++ b/makefu/2configs/bureautomation/zigbee2mqtt/hass.nix diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix index 695e8fee6..be64e402e 100644 --- a/makefu/2configs/default.nix +++ b/makefu/2configs/default.nix @@ -57,6 +57,7 @@ with import <stockholm/lib>; environment.shellAliases = { # TODO: see .aliases lsl = "ls -lAtr"; + ip = "ip -c -br"; dmesg = "dmesg -L --reltime"; psg = "ps -ef | grep"; nmap = "nmap -oN $HOME/loot/scan-`date +\%s`.nmap -oX $HOME/loot/scan-`date +%s`.xml"; diff --git a/makefu/2configs/gui/wbob-kiosk.nix b/makefu/2configs/gui/wbob-kiosk.nix index 1a5e6d04f..2f6a26d82 100644 --- a/makefu/2configs/gui/wbob-kiosk.nix +++ b/makefu/2configs/gui/wbob-kiosk.nix @@ -10,13 +10,14 @@ }; services.xserver = { - windowManager = lib.mkForce { - awesome.enable = false; - }; - desktopManager.xfce = { + windowManager = lib.mkForce { awesome.enable = false; }; + displayManager.gdm.enable = true; + displayManager.autoLogin = { enable = true; + user = "makefu"; }; - displayManager.defaultSession = "xfce"; + displayManager.defaultSession = "gnome"; + desktopManager.gnome3.enable = true; displayManager.sessionCommands = '' ${pkgs.xlibs.xset}/bin/xset -display :0 s off -dpms ${pkgs.xlibs.xrandr}/bin/xrandr --output HDMI2 --right-of HDMI1 @@ -25,6 +26,10 @@ # prevent screen from turning off, disable dpms }; + + environment.systemPackages = [ pkgs.gnomeExtensions.appindicator ]; + services.dbus.packages = with pkgs; [ gnome2.GConf gnome3.gnome-settings-daemon ]; + systemd.services.xset-off = { after = [ "display-manager.service" ]; wantedBy = [ "multi-user.target" ]; diff --git a/makefu/2configs/home/airsonic.nix b/makefu/2configs/home/airsonic.nix new file mode 100644 index 000000000..15e77438d --- /dev/null +++ b/makefu/2configs/home/airsonic.nix @@ -0,0 +1,29 @@ +{ config, ... }: +let + internal-ip = "192.168.1.11"; + port = 4040; +in +{ + # networking.firewall.allowedTCPPorts = [ 4040 ]; + services.airsonic = { + enable = true; + listenAddress = "0.0.0.0"; + inherit port; + }; + state = [ config.services.airsonic.home ]; + services.nginx.virtualHosts."airsonic" = { + serverAliases = [ + "airsonic.lan" + "music" "music.lan" + "musik" "musik.lan" + ]; + + locations."/".proxyPass = "http://localhost:${toString port}"; + locations."/".proxyWebsockets = true; + extraConfig = '' + if ( $server_addr != "${internal-ip}" ) { + return 403; + } + ''; + }; +} diff --git a/makefu/2configs/home/ham/automation/fenster_auf.nix b/makefu/2configs/home/ham/automation/fenster_auf.nix new file mode 100644 index 000000000..ccebd5b00 --- /dev/null +++ b/makefu/2configs/home/ham/automation/fenster_auf.nix @@ -0,0 +1,33 @@ +let + min = 20; + fenster_offen = name: entity: + { alias = "${name} seit ${toString min} Minuten offen"; + trigger = [ + { + platform = "state"; + entity_id = entity; + to = "on"; + for.minutes = min; + } + ]; + action = + [ + { + service = "notify.firetv_wohnzimmer"; + data = { + title = "${name} seit ${toString min} Minuten offen"; + message = "Bitte einmal checken ob das ok ist :)"; + data = { + interrupt = 1; + duration = 300; + }; + }; + } + ]; + }; +in { + services.home-assistant.config.automation = [ + (fenster_offen "Badezimmerfenster" "binary_sensor.badezimmer_fenster_contact") + (fenster_offen "Duschfenster" "binary_sensor.dusche_fenster_contact") + ]; +} diff --git a/makefu/2configs/ham/automation/firetv_restart.nix b/makefu/2configs/home/ham/automation/firetv_restart.nix index 12e0e845a..12e0e845a 100644 --- a/makefu/2configs/ham/automation/firetv_restart.nix +++ b/makefu/2configs/home/ham/automation/firetv_restart.nix diff --git a/makefu/2configs/ham/automation/giesskanne.nix b/makefu/2configs/home/ham/automation/giesskanne.nix index 4b0fb61dd..4b0fb61dd 100644 --- a/makefu/2configs/ham/automation/giesskanne.nix +++ b/makefu/2configs/home/ham/automation/giesskanne.nix diff --git a/makefu/2configs/ham/automation/light_buttons.nix b/makefu/2configs/home/ham/automation/light_buttons.nix index 32d134ecc..32d134ecc 100644 --- a/makefu/2configs/ham/automation/light_buttons.nix +++ b/makefu/2configs/home/ham/automation/light_buttons.nix diff --git a/makefu/2configs/ham/automation/moodlight.nix b/makefu/2configs/home/ham/automation/moodlight.nix index d0e336851..d0e336851 100644 --- a/makefu/2configs/ham/automation/moodlight.nix +++ b/makefu/2configs/home/ham/automation/moodlight.nix diff --git a/makefu/2configs/ham/automation/urlaub.nix b/makefu/2configs/home/ham/automation/urlaub.nix index a6b9be96f..a6b9be96f 100644 --- a/makefu/2configs/ham/automation/urlaub.nix +++ b/makefu/2configs/home/ham/automation/urlaub.nix diff --git a/makefu/2configs/ham/automation/wohnzimmer_rf_fernbedienung.nix b/makefu/2configs/home/ham/automation/wohnzimmer_rf_fernbedienung.nix index 4303cdfa5..4303cdfa5 100644 --- a/makefu/2configs/ham/automation/wohnzimmer_rf_fernbedienung.nix +++ b/makefu/2configs/home/ham/automation/wohnzimmer_rf_fernbedienung.nix diff --git a/makefu/2configs/ham/calendar/nextcloud.nix b/makefu/2configs/home/ham/calendar/nextcloud.nix index 80e51b348..80e51b348 100644 --- a/makefu/2configs/ham/calendar/nextcloud.nix +++ b/makefu/2configs/home/ham/calendar/nextcloud.nix diff --git a/makefu/2configs/ham/default.nix b/makefu/2configs/home/ham/default.nix index d610fa5c1..e164b177f 100644 --- a/makefu/2configs/ham/default.nix +++ b/makefu/2configs/home/ham/default.nix @@ -7,10 +7,15 @@ let prefix = (import ./lib).prefix; firetv_stick = "192.168.1.24"; hassdir = "/var/lib/hass"; + unstable = import <nixpkgs-unstable> {}; + + in { imports = [ + ./nginx.nix ./mqtt.nix - ./zigbee2mqtt/default.nix + ./zigbee2mqtt + ./signal-rest # hass config ./zigbee2mqtt/hass.nix @@ -25,11 +30,13 @@ in { ./calendar/nextcloud.nix + ./automation/fenster_auf.nix ./automation/firetv_restart.nix ./automation/light_buttons.nix ./automation/wohnzimmer_rf_fernbedienung.nix ./automation/giesskanne.nix - ./automation/urlaub.nix + #./automation/urlaub.nix + ./automation/moodlight.nix ./light/arbeitszimmer.nix ./light/schlafzimmer.nix @@ -37,6 +44,15 @@ in { ]; services.home-assistant = { + package = (unstable.home-assistant.overrideAttrs (old: { + doInstallCheck = false; + })).override { + extraPackages = p: [ + (p.callPackage ./deps/dwdwfsapi.nix {}) + (p.callPackage ./deps/pykodi.nix {}) + p.APScheduler ]; + }; + config = { influxdb = { database = "ham"; @@ -53,6 +69,13 @@ in { latitude = "48.7687"; longitude = "9.2478"; elevation = 247; + auth_providers = [ + { type = "trusted_networks"; + trusted_networks = [ "192.168.1.0/24" ]; + allow_bypass_login = true; + } + { type = "homeassistant"; } + ]; }; discovery = {}; conversation = {}; @@ -72,33 +95,39 @@ in { api = {}; esphome = {}; camera = []; - telegram_bot = [ - # secrets file: { - # "platform": "broadcast", - # "api_key": "", # talk to Botfather /newbot - # "allowed_chat_ids": [ ID ] # curl -X GET # https://api.telegram.org/bot<YOUR_API_TOKEN>/getUpdates - # } - (builtins.fromJSON - (builtins.readFile <secrets/hass/telegram-bot.json>)) - ]; + #telegram_bot = [ + # # secrets file: { + # # "platform": "broadcast", + # # "api_key": "", # talk to Botfather /newbot + # # "allowed_chat_ids": [ ID ] # curl -X GET # https://api.telegram.org/bot<YOUR_API_TOKEN>/getUpdates + # # } + # (builtins.fromJSON + # (builtins.readFile <secrets/hass/telegram-bot.json>)) + #]; notify = [ { platform = "kodi"; - name = "wohnzimmer"; + name = "Kodi Wohnzimmer"; host = firetv_stick; } { - platform = "telegram"; - name = "telegrambot"; - chat_id = builtins.elemAt - (builtins.fromJSON (builtins.readFile - <secrets/hass/telegram-bot.json>)).allowed_chat_ids 0; - } + platform = "nfandroidtv"; + name = "FireTV Wohnzimmer"; + host = firetv_stick; + } + #{ + # platform = "telegram"; + # name = "telegrambot"; + # chat_id = builtins.elemAt + # (builtins.fromJSON (builtins.readFile + # <secrets/hass/telegram-bot.json>)).allowed_chat_ids 0; + #} ]; sun.elevation = 247; recorder = {}; media_player = [ - { platform = "FireTV Stick kodi"; + { platform = "kodi"; + name = "FireTV Stick kodi"; host = firetv_stick; } { platform = "androidtv"; @@ -146,7 +175,12 @@ in { # https://www.home-assistant.io/cookbook/automation_for_rainy_days/ ]; frontend = { }; - http = { }; + http = { + use_x_forwarded_for = true; + server_host = "127.0.0.1"; + trusted_proxies = [ "127.0.0.1" ]; + #trusted_proxies = [ "192.168.1.0/24" ]; + }; switch = []; automation = []; script = { }; diff --git a/makefu/2configs/ham/deps/dwdwfsapi.nix b/makefu/2configs/home/ham/deps/dwdwfsapi.nix index d59dfa9e8..d59dfa9e8 100644 --- a/makefu/2configs/ham/deps/dwdwfsapi.nix +++ b/makefu/2configs/home/ham/deps/dwdwfsapi.nix diff --git a/makefu/2configs/ham/deps/pykodi.nix b/makefu/2configs/home/ham/deps/pykodi.nix index 85a541f8a..85a541f8a 100644 --- a/makefu/2configs/ham/deps/pykodi.nix +++ b/makefu/2configs/home/ham/deps/pykodi.nix diff --git a/makefu/2configs/ham/device_tracker/openwrt.nix b/makefu/2configs/home/ham/device_tracker/openwrt.nix index 0a34f702a..0a34f702a 100644 --- a/makefu/2configs/ham/device_tracker/openwrt.nix +++ b/makefu/2configs/home/ham/device_tracker/openwrt.nix diff --git a/makefu/2configs/ham/lib/default.nix b/makefu/2configs/home/ham/lib/default.nix index 45c86138b..45c86138b 100644 --- a/makefu/2configs/ham/lib/default.nix +++ b/makefu/2configs/home/ham/lib/default.nix diff --git a/makefu/2configs/ham/light/arbeitszimmer.nix b/makefu/2configs/home/ham/light/arbeitszimmer.nix index bc60678b3..bc60678b3 100644 --- a/makefu/2configs/ham/light/arbeitszimmer.nix +++ b/makefu/2configs/home/ham/light/arbeitszimmer.nix diff --git a/makefu/2configs/ham/light/schlafzimmer.nix b/makefu/2configs/home/ham/light/schlafzimmer.nix index e5370e3f8..e5370e3f8 100644 --- a/makefu/2configs/ham/light/schlafzimmer.nix +++ b/makefu/2configs/home/ham/light/schlafzimmer.nix diff --git a/makefu/2configs/ham/light/wohnzimmer.nix b/makefu/2configs/home/ham/light/wohnzimmer.nix index bc9c2778a..bc9c2778a 100644 --- a/makefu/2configs/ham/light/wohnzimmer.nix +++ b/makefu/2configs/home/ham/light/wohnzimmer.nix diff --git a/makefu/2configs/ham/mqtt.nix b/makefu/2configs/home/ham/mqtt.nix index cd1c328d7..cd1c328d7 100644 --- a/makefu/2configs/ham/mqtt.nix +++ b/makefu/2configs/home/ham/mqtt.nix diff --git a/makefu/2configs/ham/multi/fliegen-couter.nix b/makefu/2configs/home/ham/multi/fliegen-couter.nix index 5b8abb2ff..5b8abb2ff 100644 --- a/makefu/2configs/ham/multi/fliegen-couter.nix +++ b/makefu/2configs/home/ham/multi/fliegen-couter.nix diff --git a/makefu/2configs/ham/multi/flurlicht.nix b/makefu/2configs/home/ham/multi/flurlicht.nix index 25eb78b7f..25eb78b7f 100644 --- a/makefu/2configs/ham/multi/flurlicht.nix +++ b/makefu/2configs/home/ham/multi/flurlicht.nix diff --git a/makefu/2configs/ham/multi/kurzzeitwecker.nix b/makefu/2configs/home/ham/multi/kurzzeitwecker.nix index bd81465cb..bd81465cb 100644 --- a/makefu/2configs/ham/multi/kurzzeitwecker.nix +++ b/makefu/2configs/home/ham/multi/kurzzeitwecker.nix diff --git a/makefu/2configs/ham/multi/the_playlist.nix b/makefu/2configs/home/ham/multi/the_playlist.nix index 0d714ea44..0d714ea44 100644 --- a/makefu/2configs/ham/multi/the_playlist.nix +++ b/makefu/2configs/home/ham/multi/the_playlist.nix diff --git a/makefu/2configs/home/ham/nginx.nix b/makefu/2configs/home/ham/nginx.nix new file mode 100644 index 000000000..e166b2a4b --- /dev/null +++ b/makefu/2configs/home/ham/nginx.nix @@ -0,0 +1,15 @@ +let + internal-ip = "192.168.1.11"; +in { + services.nginx.recommendedProxySettings = true; + services.nginx.virtualHosts."hass" = { + serverAliases = [ "hass.lan" "ha" "ha.lan" ]; + locations."/".proxyPass = "http://localhost:8123"; + locations."/".proxyWebsockets = true; + extraConfig = '' + if ( $server_addr != "${internal-ip}" ) { + return 403; + } + ''; + }; +} diff --git a/makefu/2configs/ham/sensor/outside.nix b/makefu/2configs/home/ham/sensor/outside.nix index 332746be8..332746be8 100644 --- a/makefu/2configs/ham/sensor/outside.nix +++ b/makefu/2configs/home/ham/sensor/outside.nix diff --git a/makefu/2configs/home/ham/signal-rest/default.nix b/makefu/2configs/home/ham/signal-rest/default.nix new file mode 100644 index 000000000..250a3596d --- /dev/null +++ b/makefu/2configs/home/ham/signal-rest/default.nix @@ -0,0 +1,18 @@ + +let + port = 8631; + image = "bbernhard/signal-cli-rest-api:latest"; + config = "/var/lib/signal-cli-config"; +in { + systemd.tmpfiles.rules = [ + "d ${config} docker docker - -" + ]; + state = [ config ]; + virtualisation.oci-containers.containers.signal-rest = { + image = image; + ports = [ "127.0.0.1:${toString port}:8080" ]; + volumes = [ + "${config}:/home/.local/share/signal-cli" + ]; + }; +} diff --git a/makefu/2configs/home/ham/zigbee2mqtt/default.nix b/makefu/2configs/home/ham/zigbee2mqtt/default.nix new file mode 100644 index 000000000..6ccf8b241 --- /dev/null +++ b/makefu/2configs/home/ham/zigbee2mqtt/default.nix @@ -0,0 +1,91 @@ +{config, pkgs, lib, ...}: + +let + dataDir = "/var/lib/zigbee2mqtt"; + sec = import <secrets/zigbee2mqtt.nix>; + internal-ip = "192.168.1.11"; + webport = 8521; +in + { + # symlink the zigbee controller + #services.udev.extraRules = '' + # SUBSYSTEM=="tty", ATTRS{idVendor}=="0451", ATTRS{idProduct}=="16a8", SYMLINK+="cc2531", MODE="0660", GROUP="dialout" + #''; + + # /dev/serial/by-id/usb-Silicon_Labs_slae.sh_cc2652rb_stick_-_slaesh_s_iot_stuff_00_12_4B_00_21_CC_45_BD-if00-port0 + services.udev.extraRules = '' + SUBSYSTEM=="tty", ATTRS{idVendor}=="10c4", ATTRS{idProduct}=="ea60", SYMLINK+="cc2531", MODE="0660", GROUP="dialout" + ''; + + services.zigbee2mqtt = { + enable = true; + inherit dataDir; + config = { + permit_join = true; + serial.port = "/dev/cc2531"; + homeassistant = true; + mqtt = { + server = "mqtt://omo.lan:1883"; + base_topic = "/ham/zigbee"; + user = sec.mqtt.username; + password = sec.mqtt.password; + include_device_information = true; + client_id = "zigbee2mqtt"; + }; + frontend = { + port = webport; + }; + advanced = { + log_level = "debug"; + log_output = [ "console" ]; + last_seen = "ISO_8601"; + elapsed = true; + reporting = true; # TODO test if it is better with groups + pan_id = 6755; + inherit (sec.zigbee) network_key; + }; + map_options.graphviz.colors = { + fill = { + enddevice = "#fff8ce" ; + coordinator = "#e04e5d"; + router = "#4ea3e0"; + }; + font = { + coordinator= "#ffffff"; + router = "#ffffff"; + enddevice = "#000000"; + }; + line = { + active = "#009900"; + inactive = "#994444"; + }; + }; + }; + }; + + services.nginx.recommendedProxySettings = true; + services.nginx.virtualHosts."zigbee" = { + serverAliases = [ "zigbee.lan" ]; + locations."/".proxyPass = "http://localhost:${toString webport}"; + locations."/api".proxyPass = "http://localhost:${toString webport}"; + locations."/api".proxyWebsockets = true; + extraConfig = '' + if ( $server_addr != "${internal-ip}" ) { + return 403; + } + ''; + }; + + state = [ "${dataDir}/devices.yaml" "${dataDir}/state.json" ]; + + systemd.services.zigbee2mqtt = { + # override automatic configuration.yaml deployment + environment.ZIGBEE2MQTT_DATA = dataDir; + #serviceConfig.ExecStartPre = lib.mkForce "${pkgs.coreutils}/bin/true"; + after = [ + "home-assistant.service" + "mosquitto.service" + "network-online.target" + ]; + }; +} diff --git a/makefu/2configs/home/ham/zigbee2mqtt/hass.nix b/makefu/2configs/home/ham/zigbee2mqtt/hass.nix new file mode 100644 index 000000000..faf864ba6 --- /dev/null +++ b/makefu/2configs/home/ham/zigbee2mqtt/hass.nix @@ -0,0 +1,130 @@ +# provides: +# switch +# automation +# binary_sensor +# sensor +# input_select +# timer +let + inherit (import ../lib) zigbee; + prefix = zigbee.prefix; +in +{ + services.home-assistant.config = { + sensor = + + [ + # Sensor for monitoring the bridge state + { + platform = "mqtt"; + name = "Zigbee2mqtt Bridge state"; + state_topic = "${prefix}/bridge/state"; + icon = "mdi:router-wireless"; + } + # Sensor for Showing the Zigbee2mqtt Version + { + platform = "mqtt"; + name = "Zigbee2mqtt Version"; + state_topic = "${prefix}/bridge/config"; + value_template = "{{ value_json.version }}"; + icon = "mdi:zigbee"; + } + # Sensor for Showing the Coordinator Version + { + platform = "mqtt"; + name = "Coordinator Version"; + state_topic = "${prefix}/bridge/config"; + value_template = "{{ value_json.coordinator }}"; + icon = "mdi:chip"; + } + ]; + switch = [ + { + platform = "mqtt"; + name = "Zigbee2mqtt Main join"; + state_topic = "${prefix}/bridge/config/permit_join"; + command_topic = "${prefix}/bridge/config/permit_join"; + payload_on = "true"; + payload_off = "false"; + } + ]; + automation = [ + { + alias = "Zigbee2mqtt Log Level"; + initial_state = "on"; + trigger = { + platform = "state"; + entity_id = "input_select.zigbee2mqtt_log_level"; + }; + action = [ + { + service = "mqtt.publish"; + data = { + payload_template = "{{ states('input_select.zigbee2mqtt_log_level') }}"; + topic = "${prefix}/bridge/config/log_level"; + }; + } + ]; + } + # Automation to start timer when enable join is turned on + { + id = "zigbee_join_enabled"; + alias = "Zigbee Join Enabled"; + trigger = + { + platform = "state"; + entity_id = "switch.zigbee2mqtt_main_join"; + to = "on"; + }; + action = + { + service = "timer.start"; + entity_id = "timer.zigbee_permit_join"; + }; + } + # # Automation to stop timer when switch turned off and turn off switch when timer finished + { + id = "zigbee_join_disabled"; + alias = "Zigbee Join Disabled"; + trigger = [ + { + platform = "event"; + event_type = "timer.finished"; + event_data.entity_id = "timer.zigbee_permit_join"; + } + { + platform = "state"; + entity_id = "switch.zigbee2mqtt_main_join"; + to = "off"; + } + ]; + action = [ + { service = "timer.cancel"; + data.entity_id = "timer.zigbee_permit_join"; + } + { service = "switch.turn_off"; + entity_id = "switch.zigbee2mqtt_main_join"; + } + ]; + } + ]; + input_select.zigbee2mqtt_log_level = + { + name = "Zigbee2mqtt Log Level"; + options = [ + "debug" + "info" + "warn" + "error" + ]; + initial = "info"; + icon = "mdi:format-list-bulleted"; + }; + + timer.zigbee_permit_join = + { + name = "Zigbee Time remaining"; + duration = 120; + }; + }; +} diff --git a/makefu/2configs/ham/zigbee2mqtt/osram.nix b/makefu/2configs/home/ham/zigbee2mqtt/osram.nix index d1bf2b296..d1bf2b296 100644 --- a/makefu/2configs/ham/zigbee2mqtt/osram.nix +++ b/makefu/2configs/home/ham/zigbee2mqtt/osram.nix diff --git a/makefu/2configs/home/metube.nix b/makefu/2configs/home/metube.nix new file mode 100644 index 000000000..c872bea08 --- /dev/null +++ b/makefu/2configs/home/metube.nix @@ -0,0 +1,35 @@ +{ pkgs, lib, ...}: +# docker run -d -p 8081:8081 -v /path/to/downloads:/downloads --user 1001:1001 alexta69/metube +with import <stockholm/lib>; +let + port = "2348"; + dl-dir = "/media/cryptX/youtube/music"; + uid = 20421; + internal-ip = "192.168.1.11"; +in + { + systemd.tmpfiles.rules = [ + "d ${dl-dir} metube nogroup - -" + ]; + virtualisation.oci-containers.backend = "docker"; + + services.nginx.virtualHosts."tube" = { + serverAliases = [ "tube.lan" ]; + locations."/".proxyPass = "http://localhost:${port}"; + }; + + virtualisation.oci-containers.containers.metube = { + image = "alexta69/metube:latest"; + ports = [ "${port}:8081" ]; + volumes = [ + "${dl-dir}:/downloads" + ]; + user = "metube"; + }; + users.users.metube.uid = uid; + + systemd.services.docker-metube.serviceConfig = { + StandardOutput = lib.mkForce "journal"; + StandardError = lib.mkForce "journal"; + }; +} diff --git a/makefu/2configs/home/photoprism.nix b/makefu/2configs/home/photoprism.nix new file mode 100644 index 000000000..ef4200576 --- /dev/null +++ b/makefu/2configs/home/photoprism.nix @@ -0,0 +1,147 @@ +{ pkgs, lib, ...}: +# Start | docker-compose up -d +# Stop | docker-compose stop +# Update | docker-compose pull +# Logs | docker-compose logs --tail=25 -f +# Terminal | docker-compose exec photoprism bash +# Help | docker-compose exec photoprism photoprism help +# Config | docker-compose exec photoprism photoprism config +# Reset | docker-compose exec photoprism photoprism reset +# Backup | docker-compose exec photoprism photoprism backup -a -i +# Restore | docker-compose exec photoprism photoprism restore -a -i +# Index | docker-compose exec photoprism photoprism index +# Reindex | docker-compose exec photoprism photoprism index -a +# Import | docker-compose exec photoprism photoprism import +# ------------------------------------------------------------------- +let + port = "2347"; + photodir = "/media/cryptX/photos"; + statedir = "/media/cryptX/lib/photoprism/appsrv"; + db-dir = "/media/cryptX/lib/photoprism/mysql"; + internal-ip = "192.168.1.11"; + sec = import <secrets/photoprism.nix>; +in +{ + virtualisation.oci-containers.backend = "docker"; + + services.nginx.virtualHosts."photos" = { + serverAliases = [ + "photos.lan" + "foto" "foto.lan" + "fotos" "fotos.lan" + ]; + + locations."/".proxyPass = "http://localhost:${port}"; + locations."/".proxyWebsockets = true; + extraConfig = '' + if ( $server_addr != "${internal-ip}" ) { + return 403; + } + ''; + }; + + systemd.services.workadventure-network = { + enable = true; + wantedBy = [ "multi-user.target" ]; + script = '' + ${pkgs.docker}/bin/docker network create --driver bridge photoprism ||: + ''; + after = [ "docker" ]; + before = [ + "docker-photoprism.service" + "docker-mysql-photoprism.service" + ]; + }; + + + virtualisation.oci-containers.containers.photoprism = { + image = "photoprism/photoprism:preview"; + ports = ["${port}:${port}" ]; + volumes = [ + "${photodir}:/photoprism/originals" + "${statedir}:/photoprism/storage" + ]; + extraOptions = [ + "--security-opt" "seccomp=unconfined" + "--security-opt" "apparmor=unconfined" + "--network=photoprism" + ]; + environment = { + PHOTOPRISM_HTTP_PORT = port; # Built-in Web server port + PHOTOPRISM_HTTP_COMPRESSION = "gzip"; # Improves transfer speed and bandwidth utilization (none or gzip) + PHOTOPRISM_DEBUG = "false"; # Run in debug mode (shows additional log messages) + PHOTOPRISM_PUBLIC = "true"; # No authentication required (disables password protection) + PHOTOPRISM_READONLY = "false"; # Don't modify originals directory (reduced functionality) + PHOTOPRISM_EXPERIMENTAL = "true"; # Enables experimental features + PHOTOPRISM_DISABLE_WEBDAV = "false"; # Disables built-in WebDAV server + PHOTOPRISM_DISABLE_SETTINGS = "false"; # Disables Settings in Web UI + PHOTOPRISM_DISABLE_TENSORFLOW = "false"; # Disables using TensorFlow for image classification + PHOTOPRISM_DARKTABLE_PRESETS = "false"; # Enables Darktable presets and disables concurrent RAW conversion + PHOTOPRISM_DETECT_NSFW = "false"; # Flag photos as private that MAY be offensive (requires TensorFlow) + PHOTOPRISM_UPLOAD_NSFW = "true"; # Allow uploads that MAY be offensive + + #PHOTOPRISM_DATABASE_DRIVER = "postgres"; + #PHOTOPRISM_DATABASE_SERVER = "postgres-prism:5432"; + #PHOTOPRISM_DATABASE_NAME = "photoprism"; + #PHOTOPRISM_DATABASE_USER = "photoprism"; + #PHOTOPRISM_DATABASE_PASSWORD = "photoprism"; + + PHOTOPRISM_DATABASE_DRIVER= "mysql"; # Use MariaDB (or MySQL) instead of SQLite for improved performance + PHOTOPRISM_DATABASE_SERVER= "mysql-photoprism:3306" ; # MariaDB database server (hostname:port) + PHOTOPRISM_DATABASE_NAME= "photoprism"; # MariaDB database schema name + PHOTOPRISM_DATABASE_USER= sec.db.username; # MariaDB database user name + PHOTOPRISM_DATABASE_PASSWORD= sec.db.password; # MariaDB database user password + + PHOTOPRISM_SITE_URL = "http://localhost:2342/"; # Public PhotoPrism URL + PHOTOPRISM_SITE_TITLE = "PhotoPrism"; + PHOTOPRISM_SITE_CAPTION = "FeMi Fotos"; + PHOTOPRISM_SITE_DESCRIPTION = "Unsere Fotos"; + PHOTOPRISM_SITE_AUTHOR = "FeMi"; + PHOTOPRISM_SPONSOR = "true"; + + }; + }; + + virtualisation.oci-containers.containers.mysql-photoprism = { + image = "mariadb:10.5"; + extraOptions = [ + "--security-opt" "seccomp=unconfined" + "--security-opt" "apparmor=unconfined" + "--network=photoprism" + ]; + ports = [ "3306:3306" ]; # no need to expose the database + #cmd = [ "mysqld" + # "--transaction-isolation=READ-COMMITTED" + # "--character-set-server=utf8mb4" + # "--collation-server=utf8mb4_unicode_ci" + # "--max-connections=512" + # "--innodb-rollback-on-timeout=OFF" + # "--innodb-lock-wait-timeout=50" + #]; + volumes= [ "${db-dir}:/var/lib/mysql" ]; + environment = { + MYSQL_ROOT_PASSWORD = "dickidibutt"; + MYSQL_DATABASE= "photoprism"; + MYSQL_USER = sec.db.username; + MYSQL_PASSWORD = sec.db.password; + }; + }; + #virtualisation.oci-containers.containers.postgres-prism = { + # image = "postgres:12-alpine"; + # ports = [ "5432" ]; # no need to expose the database + # environment = { + # POSTGRES_DB = "photoprism"; + # POSTGRES_USER = "photoprism"; + # POSTGRES_PASSWORD = "photoprism"; + # }; + #}; + + systemd.services.docker-photoprism.serviceConfig = { + StandardOutput = lib.mkForce "journal"; + StandardError = lib.mkForce "journal"; + }; + systemd.services.docker-mysql-photoprism.serviceConfig = { + StandardOutput = lib.mkForce "journal"; + StandardError = lib.mkForce "journal"; + }; +} diff --git a/makefu/2configs/hw/tp-x230.nix b/makefu/2configs/hw/tp-x230.nix index 37d1affb7..69fe7adce 100644 --- a/makefu/2configs/hw/tp-x230.nix +++ b/makefu/2configs/hw/tp-x230.nix @@ -1,6 +1,5 @@ { config, lib, pkgs, ... }: -with import <stockholm/lib>; { imports = [ ./tp-x2x0.nix <nixos-hardware/lenovo/thinkpad/x230> ]; @@ -11,6 +10,13 @@ with import <stockholm/lib>; # possible i915 powersave options: # options i915 enable_rc6=1 enable_fbc=1 semaphores=1 + boot.extraModprobeConfig = '' + options thinkpad_acpi fan_control=1 + options i915 enable_rc6=1 enable_fbc=1 semaphores=1 + ''; + + boot.initrd.availableKernelModules = [ "thinkpad_acpi" ]; + services.xserver.displayManager.sessionCommands ='' xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation" 8 1 xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Button" 8 2 diff --git a/makefu/2configs/hw/xmm7360.nix b/makefu/2configs/hw/xmm7360.nix new file mode 100644 index 000000000..951dcaa0b --- /dev/null +++ b/makefu/2configs/hw/xmm7360.nix @@ -0,0 +1,11 @@ +{ pkgs, config, ... }: +let + pkg = (pkgs.callPackage ../../5pkgs/xmm7360 { kernel = config.boot.kernelPackages.kernel; }); +in +{ + boot.extraModulePackages = [ + pkg + ]; + boot.initrd.availableKernelModules = [ "xmm7360" ]; + users.users.makefu.packages = [ pkg ]; +} diff --git a/makefu/2configs/printer.nix b/makefu/2configs/printer.nix index 6fd1c1858..7e29b1c6f 100644 --- a/makefu/2configs/printer.nix +++ b/makefu/2configs/printer.nix @@ -14,17 +14,17 @@ in { ]; }; - # scanners are printers just in reverse anyway - services.saned.enable = true; users.users."${mainUser}".extraGroups = [ "scanner" "lp" ]; + # scanners are printers just in reverse anyway + services.saned.enable = true; hardware.sane = { enable = true; extraBackends = [ ]; netConf = # drucker.lan SCX-3205W '' - 192.168.1.6'' + 192.168.1.16'' # uhrenkind.shack magicolor 1690mf + '' 10.42.20.30''; diff --git a/makefu/2configs/share/omo-client.nix b/makefu/2configs/share/omo-client.nix new file mode 100644 index 000000000..4ad32bdd6 --- /dev/null +++ b/makefu/2configs/share/omo-client.nix @@ -0,0 +1,28 @@ +{ config, lib, pkgs, ... }: + +let + automount_opts = + [ "x-systemd.automount" + "noauto" "x-systemd.idle-timeout=600" + "x-systemd.device-timeout=5s" + "x-systemd.mount-timeout=5s" + ]; + host = "omo.lan"; #TODO + path = "/media/omo/photos"; +in { + systemd.tmpfiles.rules = [ + "d ${path} root root - -" + ]; + fileSystems."${path}" = { + device = "//${host}/photos"; + fsType = "cifs"; + options = automount_opts ++ + [ "credentials=/var/src/secrets/omo-client.smb" + "file_mode=0775" + "dir_mode=0775" + "uid=9001" + "vers=3" + ]; + }; + +} diff --git a/makefu/2configs/stats/server.nix b/makefu/2configs/stats/server.nix index a2d0693ab..52fb28a03 100644 --- a/makefu/2configs/stats/server.nix +++ b/makefu/2configs/stats/server.nix @@ -27,6 +27,7 @@ in { http.suppress-write-log = true; data.trace-logging-enabled = false; data.query-log-enabled = false; + reporting-disabled = true; http.bind-address = ":${toString influx-port}"; admin.bind-address = ":8083"; diff --git a/makefu/2configs/storj/client.nix b/makefu/2configs/storj/client.nix new file mode 100644 index 000000000..e37e2ce23 --- /dev/null +++ b/makefu/2configs/storj/client.nix @@ -0,0 +1,27 @@ +{ lib, ... }: +{ + networking.firewall.allowedTCPPorts = [ 28967 ]; + virtualisation.oci-containers.containers.storj-storagenode = { + image = "storjlabs/storagenode:latest"; + ports = [ + # TODO: omo ip + "0.0.0.0:28967:28967" + "127.0.0.1:14002:14002" + ]; + environment = { + # SETUP = "true"; # must be run only once ... + WALLET = "0xeD0d2a2B33F6812b45d2D9FF7a139A3fF65a24C0"; + EMAIL = "storj.io@syntax-fehler.de"; + ADDRESS = "euer.krebsco.de:28967"; + STORAGE = "3TB"; + }; + volumes = [ + "/media/cryptX/lib/storj/identity:/app/identity" + "/media/cryptX/lib/storj/storage:/app/config" + ]; + }; + systemd.services.docker-storj-storagenode.serviceConfig = { + StandardOutput = lib.mkForce "journal"; + StandardError = lib.mkForce "journal"; + }; +} diff --git a/makefu/2configs/storj/forward-port.nix b/makefu/2configs/storj/forward-port.nix new file mode 100644 index 000000000..213f77470 --- /dev/null +++ b/makefu/2configs/storj/forward-port.nix @@ -0,0 +1,22 @@ +{ + networking.firewall.allowedTCPPorts = [ 28967 ]; + #networking.nat.forwardPorts = [ + # { # storj + # destination = "10.243.0.89:28967"; + # proto = "tcp"; + # sourcePort = 28967; + # } + #]; + services.nginx.appendConfig = '' + stream { + upstream storj { + server omo.r:28967; + } + + server { + listen 28967; + proxy_pass storj; + } + } + ''; +} diff --git a/makefu/2configs/systemdultras/ircbot.nix b/makefu/2configs/systemdultras/ircbot.nix index c5f1bbed2..3229d14f2 100644 --- a/makefu/2configs/systemdultras/ircbot.nix +++ b/makefu/2configs/systemdultras/ircbot.nix @@ -1,7 +1,9 @@ { + systemd.services.brockman.environment."BROCKMAN_LOG_LEVEL" = "DEBUG"; krebs.brockman = { enable = true; config = { + channel = "#systemdultras"; irc = { host = "irc.freenode.net"; port = 6667; @@ -11,11 +13,13 @@ feed = "https://www.reddit.com/r/systemdultras/.rss"; delay = 136; channels = [ "#systemdultras" ]; + notifyErrors = false; }; r-systemd-rss = { feed = "https://www.reddit.com/r/systemd/.rss"; delay = 172; channels = [ "#systemdultras" ]; + notifyErrors = false; }; }; }; diff --git a/makefu/2configs/tools/core.nix b/makefu/2configs/tools/core.nix index 8339c9328..bce461e9e 100644 --- a/makefu/2configs/tools/core.nix +++ b/makefu/2configs/tools/core.nix @@ -17,6 +17,7 @@ ${gnused}/bin/sed -i "''${1}d" ~/.ssh/known_hosts which binutils screen + rename # rename 's/^/hello/' *.txt # fs cifs-utils diff --git a/makefu/2configs/wireguard/server.nix b/makefu/2configs/wireguard/server.nix index 76fea1d6d..c8fbfe6fb 100644 --- a/makefu/2configs/wireguard/server.nix +++ b/makefu/2configs/wireguard/server.nix @@ -39,11 +39,13 @@ in { # wireguard server } { # work-router + persistentKeepalive = 25; allowedIPs = [ "10.244.0.5/32" ]; publicKey = "QJMwwYu/92koCASbHnR/vqe/rN00EV6/o7BGwLockDw="; } { # workr + persistentKeepalive = 25; allowedIPs = [ "10.244.0.6/32" ]; publicKey = "OFhCF56BrV9tjqW1sxqXEKH/GdqamUT1SqZYSADl5GA="; } |