From 8079877eee34d0a658e8419adfa8987e648388a8 Mon Sep 17 00:00:00 2001 From: jeschli Date: Mon, 10 Jun 2019 18:56:19 +0200 Subject: j brauerei: -python35 +python37 --- jeschli/1systems/brauerei/config.nix | 16 +++------------- 1 file changed, 3 insertions(+), 13 deletions(-) diff --git a/jeschli/1systems/brauerei/config.nix b/jeschli/1systems/brauerei/config.nix index 059ec6d71..f536801ba 100644 --- a/jeschli/1systems/brauerei/config.nix +++ b/jeschli/1systems/brauerei/config.nix @@ -78,19 +78,9 @@ in gcc ghc go - python35 - python35Packages.pip - (vagrant.override { - bundlerEnv = bundlerEnv.override { - bundler = bundler.overrideAttrs (old: { - name = "bundler-1.16.1"; - src = fetchurl { - url = "https://rubygems.org/gems/bundler-1.16.1.gem"; - sha256 = "1s2nq4qnffxg3kwrk7cnwxcvfihlhxm9absl2l6d3qckf3sy1f22"; - }; - }); - }; - }) + python37 + python37Packages.pip + pipenv # dev tools gnumake jetbrains.clion -- cgit v1.2.3 From c33078ddf6e56c4085c7baa7395ad2358e90b497 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 17 Jun 2019 07:51:41 +0200 Subject: ma wiregrill: rockit -> shackdev --- krebs/3modules/makefu/default.nix | 9 ++++++++- krebs/3modules/makefu/wiregrill/rockit.pub | 2 +- krebs/3modules/makefu/wiregrill/shackdev.pub | 1 + 3 files changed, 10 insertions(+), 2 deletions(-) create mode 100644 krebs/3modules/makefu/wiregrill/shackdev.pub diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 601762b93..9581712fb 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -236,6 +236,7 @@ in { "tracker.makefu.r" "wiki.gum.r" "wiki.makefu.r" + "sick.makefu.r" ]; }; }; @@ -288,10 +289,16 @@ in { ip4.addr = "10.243.189.130"; }; }; + }; + + shackdev = rec { # router@shack + cores = 1; + nets.wiregrill.ip4.addr = "10.244.245.2"; }; + rockit = rec { # router@home cores = 1; - nets.wiregrill.ip4.addr = "10.244.245.2"; + nets.wiregrill.ip4.addr = "10.244.245.3"; }; senderechner = rec { diff --git a/krebs/3modules/makefu/wiregrill/rockit.pub b/krebs/3modules/makefu/wiregrill/rockit.pub index 6cb0d960d..ace109450 100644 --- a/krebs/3modules/makefu/wiregrill/rockit.pub +++ b/krebs/3modules/makefu/wiregrill/rockit.pub @@ -1 +1 @@ -YmvTL4c13WS6f88ZAz2m/2deL2pnPXI0Ay3edCPE1Qc= +LPMs1h9+8ABqeZsS6xmHC7votPqpUT609XuktAhaik8= diff --git a/krebs/3modules/makefu/wiregrill/shackdev.pub b/krebs/3modules/makefu/wiregrill/shackdev.pub new file mode 100644 index 000000000..6cb0d960d --- /dev/null +++ b/krebs/3modules/makefu/wiregrill/shackdev.pub @@ -0,0 +1 @@ +YmvTL4c13WS6f88ZAz2m/2deL2pnPXI0Ay3edCPE1Qc= -- cgit v1.2.3 From 9564a24c32db0c220477963c221fdf003f597223 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 17 Jun 2019 07:52:55 +0200 Subject: config collectd-base: send logs to wolf --- krebs/2configs/collectd-base.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/krebs/2configs/collectd-base.nix b/krebs/2configs/collectd-base.nix index 440f83fce..71a00be3a 100644 --- a/krebs/2configs/collectd-base.nix +++ b/krebs/2configs/collectd-base.nix @@ -9,7 +9,7 @@ let ModulePath "${collectd-connect-time}/lib/${python.libPrefix}/site-packages/" Import "collectd_connect_time" - target "localhost:22" "google.com" "google.de" "gum.r:22" "gum.krebsco.de" "heidi.shack:22" "10.42.0.1:22" "heise.de" "t-online.de" + target "localhost:22" "google.com" "google.de" "gum.r:22" "gum.krebsco.de" "10.42.0.1:22" "heise.de" "t-online.de" interval 10 @@ -18,7 +18,7 @@ let LoadPlugin write_graphite - Host "heidi.shack" + Host "wolf.r" Port "2003" Prefix "retiolum." EscapeCharacter "_" -- cgit v1.2.3 From 64eee34bbeac88ef8c4c27c8b4245ac0aaa7bfe7 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 17 Jun 2019 07:53:44 +0200 Subject: ma wiregrill: init --- makefu/2configs/wireguard/wiregrill.nix | 46 +++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) create mode 100644 makefu/2configs/wireguard/wiregrill.nix diff --git a/makefu/2configs/wireguard/wiregrill.nix b/makefu/2configs/wireguard/wiregrill.nix new file mode 100644 index 000000000..082090755 --- /dev/null +++ b/makefu/2configs/wireguard/wiregrill.nix @@ -0,0 +1,46 @@ +with import ; +{ config, pkgs, ... }: let + + self = config.krebs.build.host.nets.wiregrill; + isRouter = !isNull self.via; # via "internet" is not set + ext-if = config.makefu.server.primary-itf; + +in mkIf (hasAttr "wiregrill" config.krebs.build.host.nets) { + #hack for modprobe inside containers + systemd.services."wireguard-wiregrill".path = mkIf config.boot.isContainer (mkBefore [ + (pkgs.writeDashBin "modprobe" ":") + ]); + + boot.kernel.sysctl = mkIf isRouter { + "net.ipv6.conf.all.forwarding" = 1; + }; + + networking.firewall = { + allowedUDPPorts = [ self.wireguard.port ]; + extraCommands = '' + iptables -A FORWARD -i wiregrill -o wiregrill -j ACCEPT + ''; + }; + + networking.wireguard.interfaces.wiregrill = { + ips = + (optional (!isNull self.ip4) self.ip4.addr) ++ + (optional (!isNull self.ip6) self.ip6.addr); + listenPort = self.wireguard.port; + privateKeyFile = (toString ) + "/wiregrill.key"; + allowedIPsAsRoutes = true; + peers = mapAttrsToList + (_: host: { + allowedIPs = if isRouter then + (optional (!isNull host.nets.wiregrill.ip4) host.nets.wiregrill.ip4.addr) ++ + (optional (!isNull host.nets.wiregrill.ip6) host.nets.wiregrill.ip6.addr) + else + host.nets.wiregrill.wireguard.subnets + ; + endpoint = mkIf (!isNull host.nets.wiregrill.via) (host.nets.wiregrill.via.ip4.addr + ":${toString host.nets.wiregrill.wireguard.port}"); + persistentKeepalive = mkIf (!isNull host.nets.wiregrill.via) 61; + publicKey = (replaceStrings ["\n"] [""] host.nets.wiregrill.wireguard.pubkey); + }) + (filterAttrs (_: h: hasAttr "wiregrill" h.nets) config.krebs.hosts); + }; +} -- cgit v1.2.3 From ea8d45793ef7375dcb9c324d1a235f47898fdef3 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 17 Jun 2019 07:54:31 +0200 Subject: ma bureautomation: prepare dwd_pollen, update presence --- makefu/2configs/bureautomation/default.nix | 14 +++---- .../bureautomation/device_tracker/openwrt.nix | 3 ++ makefu/2configs/bureautomation/dwd_pollen.nix | 32 ++++++++++++++++ makefu/2configs/bureautomation/gtts-token.nix | 27 ++++++++++++++ makefu/2configs/bureautomation/hass.nix | 43 +++++++++++++++++++--- makefu/2configs/bureautomation/sensor/pollen.nix | 7 ++++ 6 files changed, 113 insertions(+), 13 deletions(-) create mode 100644 makefu/2configs/bureautomation/dwd_pollen.nix create mode 100644 makefu/2configs/bureautomation/gtts-token.nix create mode 100644 makefu/2configs/bureautomation/sensor/pollen.nix diff --git a/makefu/2configs/bureautomation/default.nix b/makefu/2configs/bureautomation/default.nix index 1782becd8..56c845744 100644 --- a/makefu/2configs/bureautomation/default.nix +++ b/makefu/2configs/bureautomation/default.nix @@ -24,22 +24,20 @@ in { ./ota.nix ]; services.logstash = { - package = pkgs.logstash5; + package = pkgs.logstash7; + plugins = [ pkgs.logstash-output-exec ]; enable = true; inputConfig = '' http { port => ${toString port} host => "127.0.0.1" + type => "schlechteluft" } ''; - filterConfig = '' - ''; outputConfig = '' - stdout { codec => json } - exec { command => "${runit} '%{ruleName}' '%{state}'" } - ''; - extraSettings = '' - path.plugins: [ "${pkgs.logstash-output-exec}" ] + if [type] == "schlechteluft" { + exec { command => "${runit} '%{ruleName}' '%{state}'" } + } ''; }; } diff --git a/makefu/2configs/bureautomation/device_tracker/openwrt.nix b/makefu/2configs/bureautomation/device_tracker/openwrt.nix index 0db9821a1..d32eab60f 100644 --- a/makefu/2configs/bureautomation/device_tracker/openwrt.nix +++ b/makefu/2configs/bureautomation/device_tracker/openwrt.nix @@ -1,3 +1,6 @@ +# requires `opkg install luci-mod-rpc` on router +# see https://www.home-assistant.io/components/luci/ + [ { platform = "luci"; name = "router"; diff --git a/makefu/2configs/bureautomation/dwd_pollen.nix b/makefu/2configs/bureautomation/dwd_pollen.nix new file mode 100644 index 000000000..39d9c3069 --- /dev/null +++ b/makefu/2configs/bureautomation/dwd_pollen.nix @@ -0,0 +1,32 @@ +{ lib +, buildPythonPackage +, fetchFromGitHub +, python +, voluptuous +}: + +buildPythonPackage rec { + format = "other"; + pname = "dwd_pollen"; + version = "0.1"; + + src = fetchFromGitHub { + owner = "marcschumacher"; + repo = "dwd_pollen"; + rev = version; + sha256 = "1af2mx99gv2hk1ad53g21fwkdfdbymqcdl3jvzd1yg7dgxlkhbj1"; + }; + propagatedBuildInputs = [ + voluptuous + ]; + installPhase = '' + install -D -t $out/${python.sitePackages}/homeassistant/components/sensor/dwd_pollen * + ''; + + meta = with lib; { + description = "Home Assistant component to retrieve Pollen data from DWD (Germany)"; + homepage = https://github.com/marcschumacher/dwd_pollen; + license = licenses.mit; + maintainers = [ maintainers.makefu ]; + }; +} diff --git a/makefu/2configs/bureautomation/gtts-token.nix b/makefu/2configs/bureautomation/gtts-token.nix new file mode 100644 index 000000000..69640f03d --- /dev/null +++ b/makefu/2configs/bureautomation/gtts-token.nix @@ -0,0 +1,27 @@ +{ lib +, buildPythonPackage +, fetchPypi +, requests +}: + +buildPythonPackage rec { + pname = "gtts-token"; + version = "1.1.3"; + + src = fetchPypi { + pname = "gTTS-token"; + inherit version; + sha256 = "9d6819a85b813f235397ef931ad4b680f03d843c9b2a9e74dd95175a4bc012c5"; + }; + + propagatedBuildInputs = [ + requests + ]; + + meta = with lib; { + description = "Calculates a token to run the Google Translate text to speech"; + homepage = https://github.com/boudewijn26/gTTS-token; + license = licenses.mit; + # maintainers = [ maintainers. ]; + }; +} diff --git a/makefu/2configs/bureautomation/hass.nix b/makefu/2configs/bureautomation/hass.nix index ace1d10ce..ed9cb0905 100644 --- a/makefu/2configs/bureautomation/hass.nix +++ b/makefu/2configs/bureautomation/hass.nix @@ -1,12 +1,32 @@ -{ pkgs, lib, ... }: +{ config, pkgs, lib, ... }: let kodi-host = "192.168.8.11"; + in { networking.firewall.allowedTCPPorts = [ 8123 ]; state = [ "/var/lib/hass/known_devices.yaml" ]; - services.home-assistant = { + services.home-assistant = let + dwd_pollen = pkgs.fetchFromGitHub { + owner = "marcschumacher"; + repo = "dwd_pollen"; + rev = "0.1"; + sha256 = "1af2mx99gv2hk1ad53g21fwkdfdbymqcdl3jvzd1yg7dgxlkhbj1"; + }; + in { enable = true; - package = pkgs.home-assistant.override { python3 = pkgs.python36; }; + package = (pkgs.home-assistant.overrideAttrs (old: { + # TODO: find correct python package + postInstall = '' + cp -r ${dwd_pollen} $out/lib/python3.7/site-packages/homeassistant/components/dwd_pollen + ''; + })).override { + extraPackages = ps: with ps; [ + pkgs.pico2wave + python-forecastio jsonrpc-async jsonrpc-websocket + (callPackage ./gtts-token.nix { }) + ]; + }; + autoExtraComponents = true; config = { homeassistant = { name = "Bureautomation"; @@ -84,6 +104,7 @@ in { (import ./binary_sensor/motion.nix); sensor = + (import ./sensor/pollen.nix) ++ (import ./sensor/espeasy.nix) ++ ((import ./sensor/outside.nix) {inherit lib;}) ++ (import ./sensor/influxdb.nix) ++ @@ -99,6 +120,7 @@ in { frontend = { }; http = { # TODO: https://github.com/home-assistant/home-assistant/issues/16149 + base_url = "http://192.168.8.11:8123"; api_password = "sistemas"; trusted_networks = [ "127.0.0.1/32" @@ -110,7 +132,18 @@ in { conversation = {}; history = {}; logbook = {}; - tts = [ { platform = "google";} ]; + tts = [ + { platform = "google"; + language = "de"; + } + { platform = "voicerss"; + api_key = builtins.readFile ; + language = "de-de"; + } + { platform = "picotts"; + language = "de-DE"; + } + ]; recorder = {}; sun = {}; telegram_bot = [ @@ -147,6 +180,7 @@ in { "device_tracker.daniel_phone" "device_tracker.carsten_phone" "device_tracker.thierry_phone" + "device_tracker.frank_phone" # "person.thorsten" # "person.felix" # "person.ecki" @@ -181,7 +215,6 @@ in { "sensor.dark_sky_uv_index" # "sensor.dark_sky_pressure" "sensor.dark_sky_hourly_summary" - "device_tracker.router" ]; }; # only for automation diff --git a/makefu/2configs/bureautomation/sensor/pollen.nix b/makefu/2configs/bureautomation/sensor/pollen.nix new file mode 100644 index 000000000..506dbf123 --- /dev/null +++ b/makefu/2configs/bureautomation/sensor/pollen.nix @@ -0,0 +1,7 @@ +[ { + platform = "dwd_pollen"; + partsregion_ids = [ + 112 + ]; +} +] -- cgit v1.2.3 From dbd3278f49c36acdbd73afedaa6ef9d6e7485fd2 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 17 Jun 2019 07:55:30 +0200 Subject: ma gum.r: add sickbeard,wiregrill --- makefu/1systems/gum/config.nix | 29 +++++++++++++++++++++++++++-- 1 file changed, 27 insertions(+), 2 deletions(-) diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index 7bc06f833..9585d8599 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -97,6 +97,24 @@ in { # sharing + { services.sickbeard = { + enable = true; + package = pkgs.sickgear; + user = "sickbeard"; + group = "download"; + port = 8280; + }; + services.nginx.virtualHosts."sick.makefu.r" = { + locations."/".proxyPass = http://localhost:8280; + extraConfig = '' + if ( $server_addr = "${external-ip}" ) { + return 403; + } + ''; + }; + users.users.sickbeard.extraGroups = [ "nginx" ]; + } + { nixpkgs.config.allowUnfree = true; } # ## # @@ -111,6 +129,7 @@ in { + # Removed until move: no extra mails @@ -153,11 +172,17 @@ in { makefu.dl-dir = "/var/download"; - services.openssh.hostKeys = [ + services.openssh.hostKeys = lib.mkForce [ { bits = 4096; path = (toString ); type = "rsa"; } { path = (toString ); type = "ed25519"; } ]; ###### stable - services.nginx.virtualHosts.cgit.serverAliases = [ "cgit.euer.krebsco.de" ]; + + services.nginx.virtualHosts."cgit.euer.krebsco.de" = { + forceSSL = true; + enableACME = true; + locations."/".proxyPass = "http://cgit.gum.r"; + }; + krebs.build.host = config.krebs.hosts.gum; # Network -- cgit v1.2.3 From 2a5743d3fafa825822755b994ea3a373e38ad569 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 17 Jun 2019 07:56:22 +0200 Subject: ma filepimp.r: remove obsolete zramSwap numDevices --- makefu/1systems/filepimp/config.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/makefu/1systems/filepimp/config.nix b/makefu/1systems/filepimp/config.nix index 30ba61a9b..e023c2885 100644 --- a/makefu/1systems/filepimp/config.nix +++ b/makefu/1systems/filepimp/config.nix @@ -48,7 +48,6 @@ in { hardware.cpu.amd.updateMicrocode = true; zramSwap.enable = true; - zramSwap.numDevices = 2; makefu.snapraid = let toMedia = name: "/media/" + name; -- cgit v1.2.3 From c9f906a54aa0cb866d1605524ae3921f3ddf4fd9 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 17 Jun 2019 07:57:26 +0200 Subject: ma gum.r/hardware-config: do not automount binaergewtter only nofail --- makefu/1systems/gum/hardware-config.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/makefu/1systems/gum/hardware-config.nix b/makefu/1systems/gum/hardware-config.nix index 857fad7aa..e49b621e7 100644 --- a/makefu/1systems/gum/hardware-config.nix +++ b/makefu/1systems/gum/hardware-config.nix @@ -41,7 +41,7 @@ in { boot.loader.grub.enable = true; boot.loader.grub.version = 2; boot.loader.grub.devices = [ main-disk ]; - boot.initrd.kernelModules = [ "dm-raid" "dm_cache" ]; + boot.initrd.kernelModules = [ "dm-raid" "dm_cache" "dm-thin-pool" ]; boot.initrd.availableKernelModules = [ "ata_piix" "vmw_pvscsi" "virtio_pci" "sd_mod" "ahci" "xhci_pci" "ehci_pci" "ahci" "sd_mod" @@ -67,7 +67,7 @@ in { fileSystems."/var/www/binaergewitter" = { device = "/dev/nixos/binaergewitter"; fsType = "ext4"; - options = [ "nofail" "x-systemd.automount" "x-systemd.device-timeout=5s" "x-systemd.mount-timeout=5s" ]; + options = [ "nofail" ]; }; fileSystems."/var/lib/borgbackup" = { device = "/dev/nixos/backup"; -- cgit v1.2.3 From 45229593215e54362b80277322beae9beb662346 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 17 Jun 2019 07:58:09 +0200 Subject: ma wbob.r: backup state, disable virtualization --- makefu/1systems/wbob/config.nix | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix index ab77f16dd..8b01de4d0 100644 --- a/makefu/1systems/wbob/config.nix +++ b/makefu/1systems/wbob/config.nix @@ -16,15 +16,16 @@ in { - + # + # - # # # # + # Services # @@ -33,7 +34,7 @@ in { # Sensors - + # @@ -53,6 +54,7 @@ in { + (let collectd-port = 25826; @@ -85,6 +87,7 @@ in { ''; }) + # temporary # ]; @@ -106,6 +109,7 @@ in { LoadPlugin curl + Interval 300 TotalTime true NamelookupTime true ConnectTime true -- cgit v1.2.3 From 6245b549c66df46a92d76f5d146e545401619258 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 17 Jun 2019 08:00:46 +0200 Subject: ma cake.r: remove dangling config --- makefu/1systems/cake/config.nix | 7 +++---- makefu/2configs/Reaktor/bgt.nix | 15 +++++++++++++++ 2 files changed, 18 insertions(+), 4 deletions(-) create mode 100644 makefu/2configs/Reaktor/bgt.nix diff --git a/makefu/1systems/cake/config.nix b/makefu/1systems/cake/config.nix index 8617578f0..eaaac8f41 100644 --- a/makefu/1systems/cake/config.nix +++ b/makefu/1systems/cake/config.nix @@ -5,14 +5,14 @@ in { imports = [ ./hardware-config.nix + { environment.systemPackages = with pkgs;[ rsync screen curl git tmux picocom mosh ];} # - { environment.systemPackages = with pkgs;[ rsync screen curl git ];} # -# configure your hw: -# + # configure your hw: + # ]; krebs = { enable = true; @@ -24,5 +24,4 @@ in { documentation.man.enable = false; services.nixosManual.enable = false; sound.enable = false; - } diff --git a/makefu/2configs/Reaktor/bgt.nix b/makefu/2configs/Reaktor/bgt.nix new file mode 100644 index 000000000..42325bcd6 --- /dev/null +++ b/makefu/2configs/Reaktor/bgt.nix @@ -0,0 +1,15 @@ +{ pkgs, ... }: +{ + krebs.Reaktor.reaktor-bgt = { + nickname = "Reaktor|bgt"; + workdir = "/var/lib/Reaktor/bgt"; + channels = [ "#binaergewitter" ]; + plugins = with pkgs.ReaktorPlugins; + [ titlebot + # stockholm-issue + nixos-version + # shack-correct + # sed-plugin + random-emoji ]; + }; +} -- cgit v1.2.3 From 0e4035475a359d5015babd46e6d5b1e5ebc84183 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 17 Jun 2019 08:01:42 +0200 Subject: ma firecracker: add config for rk3399 --- makefu/1systems/firecracker/config.nix | 25 ++++++++++++++++ makefu/1systems/firecracker/hardware-config.nix | 30 +++++++++++++++++++ makefu/1systems/firecracker/source.nix | 4 +++ makefu/1systems/sdcard/config.nix | 40 +++++++++++++++++++++++++ makefu/1systems/sdcard/kernel.nix | 15 ++++++++++ makefu/1systems/sdcard/source.nix | 3 ++ 6 files changed, 117 insertions(+) create mode 100644 makefu/1systems/firecracker/config.nix create mode 100644 makefu/1systems/firecracker/hardware-config.nix create mode 100644 makefu/1systems/firecracker/source.nix create mode 100644 makefu/1systems/sdcard/config.nix create mode 100644 makefu/1systems/sdcard/kernel.nix create mode 100644 makefu/1systems/sdcard/source.nix diff --git a/makefu/1systems/firecracker/config.nix b/makefu/1systems/firecracker/config.nix new file mode 100644 index 000000000..87f500287 --- /dev/null +++ b/makefu/1systems/firecracker/config.nix @@ -0,0 +1,25 @@ +{ config, lib, pkgs, ... }: +let + primaryInterface = "eth0"; +in { + imports = [ + + ./hardware-config.nix + # + { environment.systemPackages = with pkgs;[ rsync screen curl git ];} + + # +# configure your hw: +# + ]; + krebs = { + enable = true; + tinc.retiolum.enable = true; + build.host = config.krebs.hosts.firecracker; + }; + networking.firewall.trustedInterfaces = [ primaryInterface ]; + documentation.info.enable = false; + documentation.man.enable = false; + services.nixosManual.enable = false; + sound.enable = false; +} diff --git a/makefu/1systems/firecracker/hardware-config.nix b/makefu/1systems/firecracker/hardware-config.nix new file mode 100644 index 000000000..b821a3375 --- /dev/null +++ b/makefu/1systems/firecracker/hardware-config.nix @@ -0,0 +1,30 @@ +{ pkgs, lib, ... }: +{ + boot.kernelParams = lib.mkForce ["console=ttyS2,1500000n8" "earlycon=uart8250,mmio32,0xff1a0000" "earlyprintk"]; + boot.loader.grub.enable = false; + boot.loader.generic-extlinux-compatible.enable = true; + boot.loader.generic-extlinux-compatible.configurationLimit = 1; + boot.loader.generationsDir.enable = lib.mkDefault false; + boot.supportedFilesystems = lib.mkForce [ "vfat" ]; + + boot.tmpOnTmpfs = lib.mkForce false; + boot.cleanTmpDir = true; + hardware.enableRedistributableFirmware = true; + + ## wifi not working, will be fixed with https://github.com/NixOS/nixpkgs/pull/53747 + boot.kernelPackages = pkgs.linuxPackages_latest; + networking.wireless.enable = true; + # File systems configuration for using the installer's partition layout + swapDevices = [ { device = "/var/swap"; size = 4096; } ]; + fileSystems = { + "/boot" = { + device = "/dev/disk/by-label/NIXOS_BOOT"; + fsType = "vfat"; + }; + "/" = { + device = "/dev/disk/by-label/NIXOS_SD"; + fsType = "ext4"; + }; + }; + +} diff --git a/makefu/1systems/firecracker/source.nix b/makefu/1systems/firecracker/source.nix new file mode 100644 index 000000000..22c40039e --- /dev/null +++ b/makefu/1systems/firecracker/source.nix @@ -0,0 +1,4 @@ +{ + name="cake"; + full = true; +} diff --git a/makefu/1systems/sdcard/config.nix b/makefu/1systems/sdcard/config.nix new file mode 100644 index 000000000..4e3c22a30 --- /dev/null +++ b/makefu/1systems/sdcard/config.nix @@ -0,0 +1,40 @@ +{ config, pkgs, lib, ... }: +let + kernel = pkgs.callPackage ./kernel.nix { + kernelPatches = with pkgs.kernelPatches; [ + # kernelPatches.bridge_stp_helper + # kernelPatches.modinst_arg_list_too_long + ]; + }; +in +{ + imports = [ + + # + ]; + # TODO: NIX_PATH and nix.nixPath are being set by default.nix right now + # cd ~/stockholm ; nix build config.system.build.sdImage -I nixos-config=makefu/1systems/sdcard/config.nix -f /home/makefu/nixpkgs/nixos + + boot.kernelParams = ["console=ttyS2,1500000" "earlycon=uart8250,mmio32,0xff1a0000"]; + # boot.kernelPackages = pkgs.linuxPackages_latest; + boot.kernelPackages = pkgs.linuxPackagesFor kernel; + boot.supportedFilesystems = lib.mkForce [ "vfat" "f2fs" "xfs" "ntfs" "cifs" ]; + + # krebs.hidden-ssh.enable = true; + environment.systemPackages = with pkgs; [ + aria2 + ddrescue + ]; + environment.extraInit = '' + EDITOR=vim + ''; + # iso-specific + services.openssh = { + enable = true; + hostKeys = [ + { bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; } + ]; + }; + # enable ssh in the iso boot process + systemd.services.sshd.wantedBy = lib.mkForce [ "multi-user.target" ]; +} diff --git a/makefu/1systems/sdcard/kernel.nix b/makefu/1systems/sdcard/kernel.nix new file mode 100644 index 000000000..df5e7ada9 --- /dev/null +++ b/makefu/1systems/sdcard/kernel.nix @@ -0,0 +1,15 @@ +{ fetchFromGitLab, buildLinux, ... } @ args: +buildLinux (args // rec { + version = "4.4.55"; + modDirVersion = "4.4.55"; + extraMeta.branch = "4.4"; + defconfig = "firefly_linux_defconfig"; + + src = fetchFromGitLab { + owner = "TeeFirefly"; + repo = "linux-kernel"; + rev = "firefly_0821_release"; + sha256 = "1fwj9cm5ysz286znrr3fyrhfn903m84i7py4rv3y3h9avxb3zl1r"; + }; + extraMeta.platforms = [ "aarch64-linux" ]; +} // (args.argsOverride or {})) diff --git a/makefu/1systems/sdcard/source.nix b/makefu/1systems/sdcard/source.nix new file mode 100644 index 000000000..6bef8ada9 --- /dev/null +++ b/makefu/1systems/sdcard/source.nix @@ -0,0 +1,3 @@ +{ + name="iso"; +} -- cgit v1.2.3 From 405d9555e4cf2fc171900f03621acfd523641dee Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 18 Jun 2019 07:47:49 +0200 Subject: ma mail: pin tarball --- makefu/2configs/mail/mail.euer.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/makefu/2configs/mail/mail.euer.nix b/makefu/2configs/mail/mail.euer.nix index d27b888a7..f51e54b80 100644 --- a/makefu/2configs/mail/mail.euer.nix +++ b/makefu/2configs/mail/mail.euer.nix @@ -1,7 +1,11 @@ { config, pkgs, ... }: { imports = [ - (builtins.fetchTarball "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/v2.2.1/nixos-mailserver-v2.2.1.tar.gz") + (builtins.fetchTarball { + url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/v2.2.1/nixos-mailserver-v2.2.1.tar.gz"; + sha256 = "03d49v8qnid9g9rha0wg2z6vic06mhp0b049s3whccn1axvs2zzx"; + } + ) ]; mailserver = { -- cgit v1.2.3 From 335d15d4ecd6111105e3f3db87846bd52577cb80 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 15 Jun 2019 00:53:35 +0200 Subject: external: add rilke.w --- krebs/3modules/external/default.nix | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index 70c49cfcf..bdbfd1cb8 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -241,6 +241,13 @@ in { }; }; }; + rilke = { + owner = config.krebs.users.kmein; + nets.wiregrill = { + aliases = [ "rilke.w" ]; + wireguard.pubkey = "09yVPHL/ucvqc6V5n7vFQ2Oi1LBMdwQZDL+7jBwy+iQ="; + }; + }; rock = { owner = config.krebs.users.Mic92; nets = { @@ -497,4 +504,3 @@ in { }; }; } - -- cgit v1.2.3 From f7134008f1f401fee7b21ed844232aa37daa5b38 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 15 Jun 2019 12:20:18 +0200 Subject: nixpkgs: e2883c3 -> 1601f55 --- krebs/nixpkgs.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index 340b926ce..d294ca6d1 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "e2883c31628ea0f3e00f899062327468a20d1aa1", - "date": "2019-05-27T17:09:30-04:00", - "sha256": "1xrpd8ykr8g3h4b33z69vngh6hfayi51jajbnfm6phhpwgd6mmld", + "rev": "1601f559e89ba71091faa26888711d4dd24c2d4d", + "date": "2019-06-14T16:14:30-04:00", + "sha256": "0iayyz9617mz6424spwbi9qvmcl8hiql42czxg8mi4ycq4p1k0dx", "fetchSubmodules": false } -- cgit v1.2.3 From 5eaa8844e38a83cefb171042d7528bb8496dcb1e Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 15 Jun 2019 18:24:06 +0200 Subject: external: add wilde.r (kmein) --- krebs/3modules/external/default.nix | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index bdbfd1cb8..ac656f463 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -43,6 +43,31 @@ in { }; }; }; + wilde = { + owner = config.krebs.users.kmein; + nets = { + retiolum = { + ip4.addr = "10.243.2.4"; + aliases = [ "wilde.r" ]; + tinc.pubkey = '' + -----BEGIN PUBLIC KEY----- + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtz/MY5OSxJqrEMv6Iwjk + g/V58MATljj+2bmOuOuPui/AUYHEZX759lHW4MgLjYdNbZEoVq8UgkxNk0KPGlSg + 2lsJ7FneCU7jBSE2iLT1aHuNFFa56KzSThFUl6Nj6Vyg5ghSmDF2tikurtG2q+Ay + uxf5/yEhFUPc1ZxmvJDqVHMeW5RZkuKXH00C7yN+gdcPuuFEFq+OtHNkBVmaxu7L + a8Q6b/QbrwQJAR9FAcm5WSQIj2brv50qnD8pZrU4loVu8dseQIicWkRowC0bzjAo + IHZTbF/S+CK0u0/q395sWRQJISkD+WAZKz5qOGHc4djJHBR3PWgHWBnRdkYqlQYM + C9zA/n4I+Y2BEfTWtgkD2g0dDssNGP5dlgFScGmRclR9pJ/7dsIbIeo9C72c6q3q + sg0EIWggQ8xyWrUTXIMoDXt37htlTSnTgjGsuwRzjotAEMJmgynWRf3br3yYChrq + 10Exq8Lej+iOuKbdAXlwjKEk0qwN7JWft3OzVc2DMtKf7rcZQkBoLfWKzaCTQ4xo + 1Y7d4OlcjbgrkLwHltTaShyosm8kbttdeinyBG1xqQcK11pMO43GFj8om+uKrz57 + lQUVipu6H3WIVGnvLmr0e9MQfThpC1em/7Aq2exn1JNUHhCdEho/mK2x/doiiI+0 + QAD64zPmuo9wsHnSMR2oKs0CAwEAAQ== + -----END PUBLIC KEY----- + ''; + }; + }; + }; dpdkm = { owner = config.krebs.users.Mic92; nets = rec { -- cgit v1.2.3 From 743ee8dade0c8057235346dd0852645cd83ac8c6 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 19 Jun 2019 10:33:30 +0200 Subject: ma 0tests/secrets: add voicerss.apikey --- makefu/0tests/data/secrets/hass/voicerss.apikey | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 makefu/0tests/data/secrets/hass/voicerss.apikey diff --git a/makefu/0tests/data/secrets/hass/voicerss.apikey b/makefu/0tests/data/secrets/hass/voicerss.apikey new file mode 100644 index 000000000..e69de29bb -- cgit v1.2.3 From f880fb21ca540506ba27e49c6ba92aa83923cd43 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 19 Jun 2019 19:19:39 +0200 Subject: ma extra-gui: no more rambox --- krebs/1systems/puyak/config.nix | 7 ++----- makefu/2configs/tools/extra-gui.nix | 2 +- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/krebs/1systems/puyak/config.nix b/krebs/1systems/puyak/config.nix index af11c6944..f9b83ef21 100644 --- a/krebs/1systems/puyak/config.nix +++ b/krebs/1systems/puyak/config.nix @@ -7,13 +7,13 @@ - + ]; krebs.build.host = config.krebs.hosts.puyak; @@ -59,10 +59,7 @@ }; }; - services.logind.extraConfig = '' - HandleLidSwitch=ignore - ''; - + services.logind.lidSwitch = "ignore"; services.udev.extraRules = '' SUBSYSTEM=="net", ATTR{address}=="8c:70:5a:b2:84:58", NAME="wl0" SUBSYSTEM=="net", ATTR{address}=="3c:97:0e:07:b9:14", NAME="et0" diff --git a/makefu/2configs/tools/extra-gui.nix b/makefu/2configs/tools/extra-gui.nix index dfb4183df..5f8614719 100644 --- a/makefu/2configs/tools/extra-gui.nix +++ b/makefu/2configs/tools/extra-gui.nix @@ -14,6 +14,6 @@ saleae-logic gitAndTools.gitFull signal-desktop - rambox + # rambox ]; } -- cgit v1.2.3 From 0897d8619a2846377bb5843ad432552d99b12cfc Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 19 Jun 2019 11:36:55 +0200 Subject: nixpkgs: 1601f55 -> f01ed7b --- krebs/nixpkgs.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index d294ca6d1..53340de9e 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "1601f559e89ba71091faa26888711d4dd24c2d4d", - "date": "2019-06-14T16:14:30-04:00", - "sha256": "0iayyz9617mz6424spwbi9qvmcl8hiql42czxg8mi4ycq4p1k0dx", + "rev": "f01ed7b38aaa1d5e52951ecf92d06b600eb9e3c8", + "date": "2019-06-18T11:50:10+02:00", + "sha256": "0pnnzss0pig7xh9x9jyyphrnir7smln71ig3h6asv2y3jl6xs9p6", "fetchSubmodules": false } -- cgit v1.2.3 From 61d5ce157fa82782ef3e8651b3ceb2f798dbe6e4 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 19 Jun 2019 15:22:37 +0200 Subject: nixpkgs: f01ed7b -> d77e3bd --- krebs/nixpkgs.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index 53340de9e..4118a1dd6 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "f01ed7b38aaa1d5e52951ecf92d06b600eb9e3c8", - "date": "2019-06-18T11:50:10+02:00", - "sha256": "0pnnzss0pig7xh9x9jyyphrnir7smln71ig3h6asv2y3jl6xs9p6", + "rev": "d77e3bd661354ea775a8cacc97bb59ddde513c09", + "date": "2019-06-18T23:08:17+02:00", + "sha256": "1m82zs00n6nc0pkdpmd9amm013qxwksjfhzcm6gck3p469q7n866", "fetchSubmodules": false } -- cgit v1.2.3 From 75f8b34296a237f350c47147e3a4cb313862e7f5 Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 28 Apr 2019 14:35:10 +0200 Subject: krops: 1.11.1 -> 1.14.0 --- submodules/krops | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/submodules/krops b/submodules/krops index 5b8fb8dc0..ee41207df 160000 --- a/submodules/krops +++ b/submodules/krops @@ -1 +1 @@ -Subproject commit 5b8fb8dc0ee14672d7fd533bd98635b8725dbb29 +Subproject commit ee41207df1ce718e0b154ed8047384118a0133a4 -- cgit v1.2.3 From 8225afec5b2e853d2e4eeae27adc5a39efcdae17 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 20 Jun 2019 22:21:56 +0200 Subject: wolf.r: init shack/prometheus config --- krebs/1systems/wolf/config.nix | 9 +- krebs/2configs/shack/prometheus/node.nix | 27 ++++ krebs/2configs/shack/prometheus/server.nix | 195 +++++++++++++++++++++++++++++ krebs/2configs/shack/prometheus/unifi.nix | 10 ++ 4 files changed, 239 insertions(+), 2 deletions(-) create mode 100644 krebs/2configs/shack/prometheus/node.nix create mode 100644 krebs/2configs/shack/prometheus/server.nix create mode 100644 krebs/2configs/shack/prometheus/unifi.nix diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix index 7ca0f0ec1..d684dcd1c 100644 --- a/krebs/1systems/wolf/config.nix +++ b/krebs/1systems/wolf/config.nix @@ -40,11 +40,16 @@ in ## Collect local statistics via collectd and send to collectd - ## write collectd statistics to wolf.shack - + { services.influxdb.enable = true; } + + + + # home-assistant + { services.influxdb.enable = true; } + ]; # use your own binary cache, fallback use cache.nixos.org (which is used by # apt-cacher-ng in first place) diff --git a/krebs/2configs/shack/prometheus/node.nix b/krebs/2configs/shack/prometheus/node.nix new file mode 100644 index 000000000..5462464d5 --- /dev/null +++ b/krebs/2configs/shack/prometheus/node.nix @@ -0,0 +1,27 @@ +{ config, lib, pkgs, ... }: +{ + networking.firewall.allowedTCPPorts = [ 9100 ]; + + services.prometheus.exporters.node = { + enable = true; + enabledCollectors = [ + "conntrack" + "diskstats" + "entropy" + "filefd" + "filesystem" + "loadavg" + "mdadm" + "meminfo" + "netdev" + "netstat" + "stat" + "time" + "vmstat" + "systemd" + "logind" + "interrupts" + "ksmd" + ]; + }; +} diff --git a/krebs/2configs/shack/prometheus/server.nix b/krebs/2configs/shack/prometheus/server.nix new file mode 100644 index 000000000..c936f2531 --- /dev/null +++ b/krebs/2configs/shack/prometheus/server.nix @@ -0,0 +1,195 @@ +{ pkgs, lib, config, ... }: +# from https://gist.github.com/globin/02496fd10a96a36f092a8e7ea0e6c7dd +{ + networking = { + firewall.allowedTCPPorts = [ + 3000 # grafana + 9090 # prometheus + 9093 # alertmanager + ]; + useDHCP = true; + }; + + services = { + prometheus = { + enable = true; + extraFlags = [ + "-storage.local.retention 8760h" + "-storage.local.series-file-shrink-ratio 0.3" + "-storage.local.memory-chunks 2097152" + "-storage.local.max-chunks-to-persist 1048576" + "-storage.local.index-cache-size.fingerprint-to-metric 2097152" + "-storage.local.index-cache-size.fingerprint-to-timerange 1048576" + "-storage.local.index-cache-size.label-name-to-label-values 2097152" + "-storage.local.index-cache-size.label-pair-to-fingerprints 41943040" + ]; + alertmanagerURL = [ "http://localhost:9093" ]; + rules = [ + '' + ALERT node_down + IF up == 0 + FOR 5m + LABELS { + severity="page" + } + ANNOTATIONS { + summary = "{{$labels.alias}}: Node is down.", + description = "{{$labels.alias}} has been down for more than 5 minutes." + } + ALERT node_systemd_service_failed + IF node_systemd_unit_state{state="failed"} == 1 + FOR 4m + LABELS { + severity="page" + } + ANNOTATIONS { + summary = "{{$labels.alias}}: Service {{$labels.name}} failed to start.", + description = "{{$labels.alias}} failed to (re)start service {{$labels.name}}." + } + ALERT node_filesystem_full_90percent + IF sort(node_filesystem_free{device!="ramfs"} < node_filesystem_size{device!="ramfs"} * 0.1) / 1024^3 + FOR 5m + LABELS { + severity="page" + } + ANNOTATIONS { + summary = "{{$labels.alias}}: Filesystem is running out of space soon.", + description = "{{$labels.alias}} device {{$labels.device}} on {{$labels.mountpoint}} got less than 10% space left on its filesystem." + } + ALERT node_filesystem_full_in_4h + IF predict_linear(node_filesystem_free{device!="ramfs"}[1h], 4*3600) <= 0 + FOR 5m + LABELS { + severity="page" + } + ANNOTATIONS { + summary = "{{$labels.alias}}: Filesystem is running out of space in 4 hours.", + description = "{{$labels.alias}} device {{$labels.device}} on {{$labels.mountpoint}} is running out of space of in approx. 4 hours" + } + ALERT node_filedescriptors_full_in_3h + IF predict_linear(node_filefd_allocated[1h], 3*3600) >= node_filefd_maximum + FOR 20m + LABELS { + severity="page" + } + ANNOTATIONS { + summary = "{{$labels.alias}} is running out of available file descriptors in 3 hours.", + description = "{{$labels.alias}} is running out of available file descriptors in approx. 3 hours" + } + ALERT node_load1_90percent + IF node_load1 / on(alias) count(node_cpu{mode="system"}) by (alias) >= 0.9 + FOR 1h + LABELS { + severity="page" + } + ANNOTATIONS { + summary = "{{$labels.alias}}: Running on high load.", + description = "{{$labels.alias}} is running with > 90% total load for at least 1h." + } + ALERT node_cpu_util_90percent + IF 100 - (avg by (alias) (irate(node_cpu{mode="idle"}[5m])) * 100) >= 90 + FOR 1h + LABELS { + severity="page" + } + ANNOTATIONS { + summary = "{{$labels.alias}}: High CPU utilization.", + description = "{{$labels.alias}} has total CPU utilization over 90% for at least 1h." + } + ALERT node_ram_using_90percent + IF node_memory_MemFree + node_memory_Buffers + node_memory_Cached < node_memory_MemTotal * 0.1 + FOR 30m + LABELS { + severity="page" + } + ANNOTATIONS { + summary="{{$labels.alias}}: Using lots of RAM.", + description="{{$labels.alias}} is using at least 90% of its RAM for at least 30 minutes now.", + } + '' + ]; + scrapeConfigs = [ + { + job_name = "node"; + scrape_interval = "10s"; + static_configs = [ + { + targets = [ + "localhost:9100" + ]; + labels = { + alias = "wolf.shack"; + }; + } + { + targets = [ + "localhost:9130" + ]; + labels = { + alias = "unifi.shack"; + }; + } + { + targets = [ + "10.42.22.184:9100" # puyak.shack + ]; + labels = { + alias = "puyak.shack"; + }; + } + { + targets = [ + "phenylbutazon.shack:9100" + ]; + labels = { + alias = "phenylbutazon.shack"; + }; + } + { + targets = [ + "ibuprofen.shack:9100" + ]; + labels = { + alias = "ibuprofen.shack"; + }; + } + ]; + } + ]; + alertmanager = { + enable = true; + listenAddress = "0.0.0.0"; + configuration = { + "global" = { + "smtp_smarthost" = "smtp.example.com:587"; + "smtp_from" = "alertmanager@example.com"; + }; + "route" = { + "group_by" = [ "alertname" "alias" ]; + "group_wait" = "30s"; + "group_interval" = "2m"; + "repeat_interval" = "4h"; + "receiver" = "team-admins"; + }; + "receivers" = [ + { + "name" = "team-admins"; + "email_configs" = [ + { + "to" = "devnull@example.com"; + "send_resolved" = true; + } + ]; + "webhook_configs" = [ + { + "url" = "https://example.com/prometheus-alerts"; + "send_resolved" = true; + } + ]; + } + ]; + }; + }; + }; + }; +} diff --git a/krebs/2configs/shack/prometheus/unifi.nix b/krebs/2configs/shack/prometheus/unifi.nix new file mode 100644 index 000000000..401ecb024 --- /dev/null +++ b/krebs/2configs/shack/prometheus/unifi.nix @@ -0,0 +1,10 @@ +{lib, ... }: +{ + services.prometheus.exporters.unifi = { + enable = true; + unifiAddress = "https://unifi.shack:8443/"; + unifiInsecure = true; + unifiUsername = "prometheus"; # needed manual login after setup to confirm the password + unifiPassword = lib.replaceChars ["\n"] [""] (builtins.readFile ); + }; +} -- cgit v1.2.3 From 32a808f9ebfb02877e71f75b38541533c8ea1bdd Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 20 Jun 2019 22:46:58 +0200 Subject: 0tests: add shack/unifi-prometheus-pw --- krebs/0tests/data/secrets/shack/unifi-prometheus-pw | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 krebs/0tests/data/secrets/shack/unifi-prometheus-pw diff --git a/krebs/0tests/data/secrets/shack/unifi-prometheus-pw b/krebs/0tests/data/secrets/shack/unifi-prometheus-pw new file mode 100644 index 000000000..e69de29bb -- cgit v1.2.3 From 4ecfee1606645c14dc258c34e087342306f698b5 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 28 Jun 2019 22:01:27 +0200 Subject: ma bureautomation: add 10h timers for all participants move into combination folders, fix mittagessen, add working tts with random output --- .../bureautomation/automation/10h_timer.nix | 154 --------- .../bureautomation/automation/bureau-shutdown.nix | 4 +- .../bureautomation/combination/10h_timers.nix | 383 +++++++++++++++++++++ .../2configs/bureautomation/combination/README.md | 3 + .../bureautomation/combination/mittagessen.nix | 89 +++++ makefu/2configs/bureautomation/hass.nix | 56 +-- .../2configs/bureautomation/script/multi_blink.nix | 8 + 7 files changed, 516 insertions(+), 181 deletions(-) delete mode 100644 makefu/2configs/bureautomation/automation/10h_timer.nix create mode 100644 makefu/2configs/bureautomation/combination/10h_timers.nix create mode 100644 makefu/2configs/bureautomation/combination/README.md create mode 100644 makefu/2configs/bureautomation/combination/mittagessen.nix diff --git a/makefu/2configs/bureautomation/automation/10h_timer.nix b/makefu/2configs/bureautomation/automation/10h_timer.nix deleted file mode 100644 index dd747114e..000000000 --- a/makefu/2configs/bureautomation/automation/10h_timer.nix +++ /dev/null @@ -1,154 +0,0 @@ -[ - { alias = "start Felix 10h"; - trigger = { - platform = "state"; - entity_id = [ "device_tracker.felix_phone" "device_tracker.felix_laptop" ]; - from = "not_home"; - to = "home"; - }; - condition = { - condition = "and"; - conditions = [ - { - condition = "state"; - entity_id = "timer.felix_10h"; - state = "idle"; - } - { - condition = "time"; - after = "06:00:00"; - before = "12:00:00"; - } - ]; - }; - action = [ - { service = "timer.start"; - entity_id = [ "timer.felix_10h" "timer.felix_8_30h" "timer.felix_7h" ] ; - } - { service = "homeassistant.turn_on"; - entity_id = [ - "script.buzz_red_led_fast" - "script.blitz_10s" - ]; - } - { service = "light.turn_on"; - data = { - effect = "2"; - entity_id = [ "light.status_felix" ]; - }; - } - ]; - } - - { alias = "Disable Felix timer at button press"; - trigger = { - platform = "state"; - entity_id = "binary_sensor.redbutton"; - to = "on"; - }; - condition = { - condition = "and"; - conditions = [ - { - condition = "state"; - entity_id = "timer.felix_10h"; - state = "active"; - } - { - condition = "time"; - after = "12:00:00"; - before = "22:00:00"; - } - ]; - }; - action = - [ - { - service = "timer.cancel"; - entity_id = [ "timer.felix_10h" "timer.felix_8_30h" "timer.felix_7h" ]; - } - { - service = "homeassistant.turn_on"; - entity_id = [ "script.buzz_red_led_fast" ]; - } - { - service = "homeassistant.turn_off"; - entity_id = [ "light.status_felix" ]; - } - ]; - } - - { - alias = "Genug gearbeitet Felix"; - trigger = - { - platform = "event"; - event_type = "timer.finished"; - event_data.entity_id = "timer.felix_7h"; - }; - action = - [ - { service = "light.turn_on"; - data = { - rgb_color= [0 255 0]; - # effect = "0"; - entity_id = [ "light.status_felix" ]; - }; - } - ]; - } - - { - alias = "nun aber nach hause"; - trigger = - { - platform = "event"; - event_type = "timer.finished"; - event_data.entity_id = "timer.felix_8_30h"; - }; - action = - [ - { service = "light.turn_on"; - data = { - rgb_color= [255 255 0]; - # effect = "0"; - entity_id = [ "light.status_felix" ]; - }; - } - ]; - } - - { - alias = "Zu lange Felix!"; - trigger = - { - platform = "event"; - event_type = "timer.finished"; - event_data.entity_id = "timer.felix_10h"; - }; - action = - [ - { - service = "notify.telegrambot"; - data = { - title = "Zu lange Felix!"; - message = "Du bist schon 10 Stunden auf Arbeit, geh jetzt gefälligst nach Hause!"; - }; - } - { - service = "homeassistant.turn_on"; - entity_id = [ - "script.buzz_red_led" - "script.blitz_10s" - ]; - } - { service = "light.turn_on"; - data = { - rgb_color= [255 0 0]; - effect = "0"; - entity_id = [ "light.status_felix" ]; - }; - } - ]; - } -] diff --git a/makefu/2configs/bureautomation/automation/bureau-shutdown.nix b/makefu/2configs/bureautomation/automation/bureau-shutdown.nix index d54d9762a..3fa23a837 100644 --- a/makefu/2configs/bureautomation/automation/bureau-shutdown.nix +++ b/makefu/2configs/bureautomation/automation/bureau-shutdown.nix @@ -25,7 +25,7 @@ } { service = "tts.google_say"; - entity_id = "media_player.kodi"; + entity_id = "media_player.mpd"; data = { message = "Willkommen in deinem Lieblingsbüro"; language = "de"; @@ -35,7 +35,7 @@ service = "notify.telegrambot"; data = { title = "Bureau Startup"; - message = "Willkommen {{ trigger.platform }}"; + message = "Das Büro wurde eröffnet"; }; } ]; diff --git a/makefu/2configs/bureautomation/combination/10h_timers.nix b/makefu/2configs/bureautomation/combination/10h_timers.nix new file mode 100644 index 000000000..d398e8a34 --- /dev/null +++ b/makefu/2configs/bureautomation/combination/10h_timers.nix @@ -0,0 +1,383 @@ +{lib, ... }: +let + persons = [ "frank" "daniel" "thorsten" "carsten" "thierry" "ecki" + # "felix" # custom actions + ]; + random_zu_lange = name: ''{{ [ + "Du musst jetzt endlich nach Hause gehen ${name}!", + "10 Stunden sind rum, bald schenkst du den Franzosen deine Lebenszeit", + "Nur eine Minute über 10 Stunden kann zu einer Stunde Arbeit für Thorsten werden, ${name}.", + "In 10 Minuten kommt dich der Security Mann holen, ${name}", + "Zu lange, ${name}!" ] | random }}'' ; + + + random_announce = name: ''{{ [ + "Guten Tag ${name}!", + "${name} is in da House", + "Ahoi ${name}", + "Moinsen ${name}", + "Moin Moin ${name}", + "Palim, Palim ${name}", + "Vorwärts Genosse ${name}", + "Gemeinsame Grüße, Genosse ${name}", + "Sozialistische Grüße, Genosse ${name}", + "Konzentrierte Grüße, Genosse ${name}", + "Ach, der ${name} ist auch wieder da...", + "Nicht ${name} schon wieder", + "Tri tra tralala, der ${name} ist wieder da.", + "Na sieh mal einer an, ${name} hat es auch her geschafft", + "Wer ist im Büro eingetroffen? ${name} ist es!", + "Willkommen in deinem Lieblingsbüro, ${name}.", + "Klopf, Klopf, wer ist da? ${name} ist da!", + "Messer, Gabel, Schere, Licht sind für kleinen ${name} nicht.", + "Ich kenne ein Geheimnis, ${name} ist abgekommen", + "Wir sind ${name}. Sie werden assimiliert werden", + "Achtung, es erfolgt eine Durchsage. ${name} ist eingetroffen", + "Die Scanner haben eine dem System bekannte Lebensform mit dem Namen ${name} detektiert", + "Das Büro sieht dich, ${name}", + "Im Kalender von ${name} sind heute acht Meetings eingeplant, von denen zwei bereits verpasst wurden", + "Das Postfach von ${name} beinhaltet einhundertachtundzwanzig ungelesene E-Mails.", + "Nachricht von Serge: ${name}, bitte melden Sie sich Umgehend bei mir im Büro!", + "Luftqualität hat sich durch das Eintreffen von ${name} um zweihunder Punkte verschlechtert, bitte alle Fenster öffnen.", + "${name} arbeitet gern für seinen Konzern", + "${name} ist nur froh im Großraumbüro", + "Für ${name} ist die schönste Zeit ... die Arbeit", + "Ein Fleißbienchen für ${name} zum rechtzeitigen Erscheinen im Büro", + "${name} ist heute wohl doch nicht im Office Home", + "${name} ist bereit für einen Tag voller Meetings", + "Trotz schwerer Männergrippe ist ${name} heute im Büro erschienen.", + "${name} kenne keine Parteien mehr, ${name} kenne nur noch Arbeitsplätze", + "${name}, Frage nicht, was dein Arbeitsplatz für dich tun kann. Frage, was du für deinen Arbeitsplatz tun kannst", + "${name} läuft bis in den Jemen - für sein Unternehmen. ${name} schwimmt bis nach Birma - für meine Firma", + "Der Cyberian ${name} ist gekommen um die Bahnwelt vor Cyber-Angriffen zu schützen", + "Alles paletto im Ghetto, ${name}?", + "Hach, ${name}, wenn du hier rein kommst fühlt es sich gleich wieder an wie Montag.", + "Oh nein, nicht schon wieder ${name}", + "Wer wohnt in der Ananas ganz tief im Meer? ${name} Schwammkopf!", + "Arbeit ist Freizeit! Wachstum ist Fortschritt! Sicherheit ist Freiheit!", + "Willkommen ${name}"] | random }}'' ; + patterns = [ + [1000 500 250] # TODO: maybe even play a short audio announcement? + [150 150 150] + [255 255] + [500 500 100] + [100 1000 100] + # [125 250 500] + ]; + tmr_10h = name: { + "${name}_10h" = { + name = "${name} 10h Timer"; + duration = "10:00:00"; + }; + }; + multi_flash = { entity, delays ? [ 500 ], alias ? "${entity}_multi_flash_${toString (lib.length delays)}" }: + { + inherit alias; + sequence = lib.flatten (builtins.map (delay: [ + { service = "homeassistant.turn_on"; + data.entity_id = entity; + } + { delay.milliseconds = delay; } + { service = "homeassistant.turn_off"; + data.entity_id = entity; + } + { delay.milliseconds = delay; } + ] + ) delays); + }; + + buzz_user = name: delays: { "buzz_${name}" = (multi_flash { + entity = "light.redbutton_buzzer"; + inherit delays; + alias = "Red Button Buzz ${name}"; + }); + }; + + zu_lange_user = name: + { "announce_${name}" = { + alias = "Random Zu Lange ${name}"; + sequence = [ + { service = "media_player.play_media"; + data = { + entity_id = "media_player.mpd"; + media_content_type = "playlist"; + media_content_id = "ansage"; + }; + } + { delay.seconds = 5; } + { service = "tts.google_say"; + entity_id = "media_player.mpd"; + data_template = { + message = random_zu_lange name; + language = "de"; + }; + } + ]; + }; + }; + announce_user = name: + { "announce_${name}" = { + alias = "Random Announce ${name}"; + sequence = [ + { delay.seconds = 10; } + { service = "media_player.play_media"; + data = { + entity_id = "media_player.mpd"; + media_content_type = "playlist"; + media_content_id = "ansage"; + }; + } + { delay.seconds = 5; } + { service = "tts.google_say"; + entity_id = "media_player.mpd"; + data_template = { + message = random_announce name; + language = "de"; + }; + } + ]; + }; + }; + automation_10h = name: [ + { alias = "start ${name} 10h"; + trigger = { + platform = "state"; + # TODO: ecki + entity_id = [ "device_tracker.${name}_phone"]; + from = "not_home"; + to = "home"; + }; + condition = { + condition = "and"; + conditions = [ + { + condition = "state"; + entity_id = "timer.${name}_10h"; + state = "idle"; + } + { + condition = "time"; + after = "06:00:00"; + before = "12:00:00"; + } + ]; + }; + action = [ + { service = "timer.start"; + entity_id = [ "timer.${name}_10h" ] ; + } + { service = "homeassistant.turn_on"; + entity_id = [ + # "script.buzz_${name}" + "script.blitz_10s" + "script.announce_${name}" + ]; + } + ]; + } + + { + alias = "Zu lange ${name}!"; + trigger = + { + platform = "event"; + event_type = "timer.finished"; + event_data.entity_id = "timer.${name}_10h"; + }; + action = + [ + { service = "homeassistant.turn_on"; + entity_id = [ + "script.blitz_10s" + "script.zu_lange_${name}" + ]; + } + ]; + } + ]; +in +{ + timer =lib.fold lib.recursiveUpdate {} + ([ + (tmr_10h "felix") + { felix_8_30h = { + name = "Felix 8_30h Timer"; + duration = "08:30:00"; + }; + felix_7h = { + name = "Felix 7h Timer"; + duration = "07:00:00"; + }; + } + ] ++ (map tmr_10h persons)); + automation = lib.flatten (map automation_10h persons) ++ + [ + { alias = "start Felix 10h"; + trigger = { + platform = "state"; + entity_id = [ "device_tracker.felix_phone" "device_tracker.felix_laptop" ]; + from = "not_home"; + to = "home"; + }; + condition = { + condition = "and"; + conditions = [ + { + condition = "state"; + entity_id = "timer.felix_10h"; + state = "idle"; + } + { + condition = "time"; + after = "06:00:00"; + before = "12:00:00"; + } + ]; + }; + action = [ + { service = "timer.start"; + entity_id = [ "timer.felix_10h" "timer.felix_8_30h" "timer.felix_7h" ] ; + } + { service = "homeassistant.turn_on"; + entity_id = [ + # "script.buzz_felix" + "script.blitz_10s" + ]; + } + { + service = "tts.google_say"; + entity_id = "media_player.mpd"; + data_template = { + message = "Willkommen, Felix!"; + language = "de"; + }; + } + { service = "light.turn_on"; + data = { + effect = "2"; + entity_id = [ "light.status_felix" ]; + }; + } + ]; + } + + { alias = "Disable Felix timer at button press"; + trigger = { + platform = "state"; + entity_id = "binary_sensor.redbutton"; + to = "on"; + }; + condition = { + condition = "and"; + conditions = [ + { + condition = "state"; + entity_id = "timer.felix_10h"; + state = "active"; + } + { + condition = "time"; + after = "12:00:00"; + before = "22:00:00"; + } + ]; + }; + action = + [ + { + service = "timer.cancel"; + entity_id = [ "timer.felix_10h" "timer.felix_8_30h" "timer.felix_7h" ]; + } + { + service = "homeassistant.turn_on"; + entity_id = [ "script.buzz_red_led_fast" ]; + } + { + service = "homeassistant.turn_off"; + entity_id = [ "light.status_felix" ]; + } + ]; + } + + { + alias = "Genug gearbeitet Felix"; + trigger = + { + platform = "event"; + event_type = "timer.finished"; + event_data.entity_id = "timer.felix_7h"; + }; + action = + [ + { service = "light.turn_on"; + data = { + rgb_color= [0 255 0]; + # effect = "0"; + entity_id = [ "light.status_felix" ]; + }; + } + ]; + } + + { + alias = "nun aber nach hause"; + trigger = + { + platform = "event"; + event_type = "timer.finished"; + event_data.entity_id = "timer.felix_8_30h"; + }; + action = + [ + { service = "light.turn_on"; + data = { + rgb_color= [255 255 0]; + # effect = "0"; + entity_id = [ "light.status_felix" ]; + }; + } + ]; + } + + { + alias = "Zu lange Felix!"; + trigger = + { + platform = "event"; + event_type = "timer.finished"; + event_data.entity_id = "timer.felix_10h"; + }; + action = + [ + { + service = "notify.telegrambot"; + data = { + title = "Zu lange Felix!"; + message = "Du bist schon 10 Stunden auf Arbeit, geh jetzt gefälligst nach Hause!"; + }; + } + { + service = "homeassistant.turn_on"; + entity_id = [ + # "script.buzz_felix" + "script.blitz_10s" + ]; + } + { service = "light.turn_on"; + data = { + rgb_color= [255 0 0]; + effect = "0"; + entity_id = [ "light.status_felix" ]; + }; + } + ]; + } + ] + ; + s