From 767c6fbd14fc8e5eb73cea2f738af88083fcea32 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 2 Jan 2023 01:23:42 +0100 Subject: l yellow.r: move to neoprism, refactor --- lass/2configs/yellow-host.nix | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 lass/2configs/yellow-host.nix (limited to 'lass/2configs') diff --git a/lass/2configs/yellow-host.nix b/lass/2configs/yellow-host.nix new file mode 100644 index 000000000..d07c222c6 --- /dev/null +++ b/lass/2configs/yellow-host.nix @@ -0,0 +1,14 @@ +{ config, pkgs, ... }: +{ + lass.sync-containers3.containers.yellow = { + sshKey = "${toString }/yellow.sync.key"; + }; + containers.yellow.bindMounts."/var/lib" = { + hostPath = "/var/lib/sync-containers3/yellow/state"; + isReadOnly = false; + }; + containers.yellow.bindMounts."/var/download" = { + hostPath = "/var/download"; + isReadOnly = false; + }; +} -- cgit v1.2.3 From 4555a8858d652ce713afcf415b56bd0d82ca2d49 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 3 Jan 2023 14:04:21 +0100 Subject: l radio: add c-base weather --- lass/2configs/radio/weather_for_ips.py | 49 +++++++++++++++++++++------------- 1 file changed, 30 insertions(+), 19 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/radio/weather_for_ips.py b/lass/2configs/radio/weather_for_ips.py index 1f8489bd1..447c6389b 100644 --- a/lass/2configs/radio/weather_for_ips.py +++ b/lass/2configs/radio/weather_for_ips.py @@ -3,32 +3,43 @@ import fileinput import json import requests import os +import random geoip = geoip2.database.Reader(os.environ['MAXMIND_GEOIP_DB']) seen = {} output = [] for ip in fileinput.input(): - location = geoip.city(ip.strip()) - if location.city.geoname_id not in seen: - seen[location.city.geoname_id] = True - weather_api_key = os.environ['OPENWEATHER_API_KEY'] - url = ( - f'https://api.openweathermap.org/data/2.5/onecall' - f'?lat={location.location.latitude}' - f'&lon={location.location.longitude}' - f'&appid={weather_api_key}' - f'&units=metric' - ) - resp = requests.get(url) - weather = json.loads(resp.text) + if "80.147.140.51" in ip: output.append( - f'Weather report for {location.city.name}, {location.country.name}. ' - f'It is {weather["current"]["weather"][0]["description"]} outside ' - f'with a temperature of {weather["current"]["temp"]:.1f} degrees, ' - f'a wind speed of {weather["current"]["wind_speed"]:.1f} meters per second ' - f'and a humidity of {weather["current"]["humidity"]} percent. ' - f'The probability of precipitation is {weather["hourly"][0]["pop"] * 100:.0f} percent. ' + 'Weather report for c-base, space.' + 'It is empty space outside ' + 'with a temperature of -270 degrees, ' + 'a lightspeed of 299792 kilometers per second ' + 'and a humidity of Not a Number percent. ' + f'The probability of reincarnation is {random.randrange(0, 100)} percent.' ) + else: + location = geoip.city(ip.strip()) + if location.city.geoname_id not in seen: + seen[location.city.geoname_id] = True + weather_api_key = os.environ['OPENWEATHER_API_KEY'] + url = ( + f'https://api.openweathermap.org/data/2.5/onecall' + f'?lat={location.location.latitude}' + f'&lon={location.location.longitude}' + f'&appid={weather_api_key}' + f'&units=metric' + ) + resp = requests.get(url) + weather = json.loads(resp.text) + output.append( + f'Weather report for {location.city.name}, {location.country.name}. ' + f'It is {weather["current"]["weather"][0]["description"]} outside ' + f'with a temperature of {weather["current"]["temp"]:.1f} degrees, ' + f'a wind speed of {weather["current"]["wind_speed"]:.1f} meters per second ' + f'and a humidity of {weather["current"]["humidity"]} percent. ' + f'The probability of precipitation is {weather["hourly"][0]["pop"] * 100:.0f} percent. ' + ) print('\n'.join(output)) -- cgit v1.2.3 From 7cb49c556efce96b15b28807464b8d5cdf1ea999 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 4 Jan 2023 18:33:44 +0100 Subject: l neoprism.r: add riot container --- lass/2configs/riot.nix | 56 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 56 insertions(+) create mode 100644 lass/2configs/riot.nix (limited to 'lass/2configs') diff --git a/lass/2configs/riot.nix b/lass/2configs/riot.nix new file mode 100644 index 000000000..37a6298ca --- /dev/null +++ b/lass/2configs/riot.nix @@ -0,0 +1,56 @@ +{ config, lib, pkgs, ... }: +{ + containers.riot = { + config = { + environment.systemPackages = [ + pkgs.dhcpcd + pkgs.git + pkgs.jq + ]; + networking.useDHCP = lib.mkForce true; + networking.firewall.enable = false; + systemd.services.autoswitch = { + environment = { + NIX_REMOTE = "daemon"; + }; + wantedBy = [ "multi-user.target" ]; + serviceConfig.ExecStart = pkgs.writers.writeDash "autoswitch" '' + set -efu + if test -e /var/src/nixos-config; then + /run/current-system/sw/bin/nixos-rebuild -I /var/src switch || : + fi + ''; + unitConfig.X-StopOnRemoval = false; + }; + }; + autoStart = true; + enableTun = true; + privateNetwork = true; + hostAddress = "10.233.1.1"; + localAddress = "10.233.1.2"; + forwardPorts = [ + { hostPort = 45622; containerPort = 22; } + ]; + }; + + systemd.network.networks."50-ve-riot" = { + matchConfig.Name = "ve-riot"; + + networkConfig = { + IPForward = "yes"; + # weirdly we have to use POSTROUTING MASQUERADE here + # IPMasquerade = "both"; + LinkLocalAddressing = "no"; + KeepConfiguration = "static"; + }; + }; + + # networking.nat can be used instead of this + krebs.iptables.tables.nat.POSTROUTING.rules = [ + { v6 = false; predicate = "-s ${config.containers.riot.localAddress}"; target = "MASQUERADE"; } + ]; + krebs.iptables.tables.filter.FORWARD.rules = [ + { predicate = "-i ve-riot"; target = "ACCEPT"; } + { predicate = "-o ve-riot"; target = "ACCEPT"; } + ]; +} -- cgit v1.2.3 From 7d244baf9e05e73a11eec9e429b71734f354f486 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 4 Jan 2023 19:02:33 +0100 Subject: l riot: add ssh key, add default route --- lass/2configs/riot.nix | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/riot.nix b/lass/2configs/riot.nix index 37a6298ca..559e7b20d 100644 --- a/lass/2configs/riot.nix +++ b/lass/2configs/riot.nix @@ -7,8 +7,11 @@ pkgs.git pkgs.jq ]; - networking.useDHCP = lib.mkForce true; - networking.firewall.enable = false; + services.openssh.enable = true; + users.users.root.openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6o6sdTu/CX1LW2Ff5bNDqGEAGwAsjf0iIe5DCdC7YikCct+7x4LTXxY+nDlPMeGcOF88X9/qFwdyh+9E4g0nUAZaeL14Uc14QDqDt/aiKjIXXTepxE/i4JD9YbTqStAnA/HYAExU15yqgUdj2dnHu7OZcGxk0ZR1OY18yclXq7Rq0Fd3pN3lPP1T4QHM9w66r83yJdFV9szvu5ral3/QuxQnCNohTkR6LoJ4Ny2RbMPTRtb+jPbTQYTWUWwV69mB8ot5nRTP4MRM9pu7vnoPF4I2S5DvSnx4C5zdKzsb7zmIvD4AmptZLrXj4UXUf00Xf7Js5W100Ne2yhYyhq+35 riot@lagrange" + ]; + networking.defaultGateway = "10.233.1.1"; systemd.services.autoswitch = { environment = { NIX_REMOTE = "daemon"; -- cgit v1.2.3 From 6f0cd02c8c78545899fa4afeeeacd68a365349de Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 4 Jan 2023 21:00:29 +0100 Subject: l: prism-mount -> yellow-mount --- lass/2configs/prism-mounts/samba.nix | 15 --------------- lass/2configs/yellow-mounts/samba.nix | 15 +++++++++++++++ 2 files changed, 15 insertions(+), 15 deletions(-) delete mode 100644 lass/2configs/prism-mounts/samba.nix create mode 100644 lass/2configs/yellow-mounts/samba.nix (limited to 'lass/2configs') diff --git a/lass/2configs/prism-mounts/samba.nix b/lass/2configs/prism-mounts/samba.nix deleted file mode 100644 index 4b1475ef3..000000000 --- a/lass/2configs/prism-mounts/samba.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ - fileSystems."/mnt/prism" = { - device = "//prism.r/public"; - fsType = "cifs"; - options = [ - "guest" - "nofail" - "noauto" - "ro" - "x-systemd.automount" - "x-systemd.device-timeout=1" - "x-systemd.idle-timeout=1min" - ]; - }; - } diff --git a/lass/2configs/yellow-mounts/samba.nix b/lass/2configs/yellow-mounts/samba.nix new file mode 100644 index 000000000..e16f1cc47 --- /dev/null +++ b/lass/2configs/yellow-mounts/samba.nix @@ -0,0 +1,15 @@ +{ + fileSystems."/mnt/yellow" = { + device = "//yellow.r/public"; + fsType = "cifs"; + options = [ + "guest" + "nofail" + "noauto" + "ro" + "x-systemd.automount" + "x-systemd.device-timeout=1" + "x-systemd.idle-timeout=1min" + ]; + }; + } -- cgit v1.2.3 From 00226d6e2ae44dbbca0555f10ecb52acb56e6704 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 5 Jan 2023 01:18:06 +0100 Subject: l radio: move music to /var/music --- lass/2configs/radio/default.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/radio/default.nix b/lass/2configs/radio/default.nix index dfb3d7e0b..46540969b 100644 --- a/lass/2configs/radio/default.nix +++ b/lass/2configs/radio/default.nix @@ -3,7 +3,7 @@ let name = "radio"; - music_dir = "/home/radio/music"; + music_dir = "/var/music"; skip_track = pkgs.writers.writeBashBin "skip_track" '' set -eu @@ -303,10 +303,10 @@ in { ''; }; services.syncthing.declarative.folders."the_playlist" = { - path = "/home/radio/music/the_playlist"; + path = "/var/music/the_playlist"; devices = [ "mors" "phone" "prism" "omo" ]; }; - krebs.acl."/home/radio/music/the_playlist"."u:syncthing:X".parents = true; - krebs.acl."/home/radio/music/the_playlist"."u:syncthing:rwX" = {}; - krebs.acl."/home/radio/music/the_playlist"."u:radio:rwX" = {}; + krebs.acl."/var/music/the_playlist"."u:syncthing:X".parents = true; + krebs.acl."/var/music/the_playlist"."u:syncthing:rwX" = {}; + krebs.acl."/var/music/the_playlist"."u:radio:rwX" = {}; } -- cgit v1.2.3 From 0bbbfe153a0752bbe337bef1bac8c52aa285d4da Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 5 Jan 2023 01:19:01 +0100 Subject: l radio: set timeout for hooks, rename filter --- lass/2configs/radio/radio.liq | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/radio/radio.liq b/lass/2configs/radio/radio.liq index 70d316043..1366287a7 100644 --- a/lass/2configs/radio/radio.liq +++ b/lass/2configs/radio/radio.liq @@ -10,7 +10,7 @@ def stringify_attrs(attrs) = out end -def filter_graveyard(req) = +def filter_music(req) = filename = request.filename(req) if string.match(pattern = '.*/\\.graveyard/.*', filename) then false @@ -27,7 +27,7 @@ end env = environment() port = string.to_int(env["RADIO_PORT"], default = 8000) -all_music = playlist(env["MUSIC"], check_next = filter_graveyard) +all_music = playlist(env["MUSIC"], check_next = filter_music) wishlist = request.queue() tracks = fallback(track_sensitive = true, [wishlist, all_music]) tracks = blank.eat(tracks) @@ -36,7 +36,7 @@ last_metadata = ref([]) def on_metadata(m) = last_metadata := m print("changing tracks") - out = process.read(env["HOOK_TRACK_CHANGE"], env = m) + out = process.read(env["HOOK_TRACK_CHANGE"], env = m, timeout = 5.0) print(out) end tracks.on_metadata(on_metadata) -- cgit v1.2.3 From 727ef7fa8e4581ebf3c792b6f9ff7fba6c8504dd Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 5 Jan 2023 01:19:27 +0100 Subject: l radio weather: unique ips --- lass/2configs/radio/weather.nix | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/radio/weather.nix b/lass/2configs/radio/weather.nix index 704bf7218..ad96d8ec0 100644 --- a/lass/2configs/radio/weather.nix +++ b/lass/2configs/radio/weather.nix @@ -18,11 +18,14 @@ let MAXMIND_GEOIP_DB="/tmp/GeoLite2-City.mmdb"; export MAXMIND_GEOIP_DB OPENWEATHER_API_KEY=$(cat "$CREDENTIALS_DIRECTORY/openweather_api"); export OPENWEATHER_API_KEY ss -no 'sport = :8000' | - jc --ss | jq -r '.[] | - select( - .local_address != "[::ffff:127.0.0.1]" - and .local_address != "[::1]" - ) | .peer_address | gsub("[\\[\\]]"; "") + jc --ss | jq -r ' + [ + .[] | + select( + .local_address != "[::ffff:127.0.0.1]" + and .local_address != "[::1]" + ) | .peer_address | gsub("[\\[\\]]"; "") + ] | unique[] ' | ${weather_for_ips}/bin/weather_for_ips ''; -- cgit v1.2.3