From e95b720d97c0723f9ae7d72ae76788e2d8130d30 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Jan 2021 17:34:29 +0100 Subject: l: grant green access everywhere --- lass/2configs/default.nix | 2 ++ 1 file changed, 2 insertions(+) (limited to 'lass/2configs') diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index 1cf421fed..f3534d94d 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -22,6 +22,7 @@ with import ; openssh.authorizedKeys.keys = [ config.krebs.users.lass-mors.pubkey config.krebs.users.lass-blue.pubkey + config.krebs.users.lass-green.pubkey config.krebs.users.lass-yubikey.pubkey ]; }; @@ -40,6 +41,7 @@ with import ; openssh.authorizedKeys.keys = [ config.krebs.users.lass-mors.pubkey config.krebs.users.lass-blue.pubkey + config.krebs.users.lass-green.pubkey config.krebs.users.lass-yubikey.pubkey ]; }; -- cgit v1.2.3 From 9e4d47c5b46a92436d8e71c17a61ab729d4c4133 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Jan 2021 18:20:52 +0100 Subject: l: don't always sync basedir --- lass/2configs/sync/sync.nix | 13 +++++++++++++ lass/2configs/syncthing.nix | 13 +------------ 2 files changed, 14 insertions(+), 12 deletions(-) create mode 100644 lass/2configs/sync/sync.nix (limited to 'lass/2configs') diff --git a/lass/2configs/sync/sync.nix b/lass/2configs/sync/sync.nix new file mode 100644 index 000000000..bee1d03ac --- /dev/null +++ b/lass/2configs/sync/sync.nix @@ -0,0 +1,13 @@ +{ + services.syncthing.declarative.folders."/home/lass/sync" = { + devices = [ "mors" "icarus" "xerxes" "shodan" "green" "blue" ]; + }; + krebs.permown."/home/lass/sync" = { + file-mode = "u+rw,g+rw"; + owner = "lass"; + group = "syncthing"; + umask = "0002"; + keepGoing = true; + }; +} + diff --git a/lass/2configs/syncthing.nix b/lass/2configs/syncthing.nix index 7758b860d..d31ce7800 100644 --- a/lass/2configs/syncthing.nix +++ b/lass/2configs/syncthing.nix @@ -1,6 +1,5 @@ { config, pkgs, ... }: with import ; let all_peers = filterAttrs (n: v: v.syncthing.id != null) config.krebs.hosts; - own_peers = filterAttrs (n: v: v.owner.name == "lass") all_peers; mk_peers = mapAttrs (n: v: { id = v.syncthing.id; }); in { services.syncthing = { @@ -11,10 +10,6 @@ in { key = toString ; cert = toString ; devices = mk_peers all_peers; - folders."/home/lass/sync" = { - devices = attrNames (filterAttrs (n: v: n != "phone") own_peers); - # ignorePerms = false; - }; }; }; krebs.iptables.tables.filter.INPUT.rules = [ @@ -26,11 +21,5 @@ in { ${pkgs.coreutils}/bin/chmod a+x /home/lass ''; - krebs.permown."/home/lass/sync" = { - file-mode = "u+rw,g+rw"; - owner = "lass"; - group = "syncthing"; - umask = "0002"; - keepGoing = true; - }; + boot.kernel.sysctl."fs.inotify.max_user_watches" = 524288; } -- cgit v1.2.3 From df53de085f35b9da52e31ca2db6c1f6d97062127 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Jan 2021 18:32:56 +0100 Subject: l: add missing IM.nix --- lass/2configs/IM.nix | 45 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 lass/2configs/IM.nix (limited to 'lass/2configs') diff --git a/lass/2configs/IM.nix b/lass/2configs/IM.nix new file mode 100644 index 000000000..b79af3b49 --- /dev/null +++ b/lass/2configs/IM.nix @@ -0,0 +1,45 @@ +with (import ); +{ config, lib, pkgs, ... }: + +{ + imports = [ + ./bitlbee.nix + ]; + + systemd.services.chat = let + tmux = pkgs.writeDash "tmux" '' + exec ${pkgs.tmux}/bin/tmux -f ${pkgs.writeText "tmux.conf" '' + set-option -g prefix ` + unbind-key C-b + bind ` send-prefix + + set-option -g status off + set-option -g default-terminal screen-256color + + #use session instead of windows + bind-key c new-session + bind-key p switch-client -p + bind-key n switch-client -n + bind-key C-s switch-client -l + ''} "$@" + ''; + in { + description = "chat environment setup"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + + restartIfChanged = false; + + path = [ + pkgs.rxvt_unicode.terminfo + ]; + + serviceConfig = { + User = "lass"; + RemainAfterExit = true; + Type = "oneshot"; + ExecStart = "${tmux} -2 new-session -d -s IM ${pkgs.weechat}/bin/weechat"; + ExecStop = "${tmux} kill-session -t IM"; + }; + }; +} -- cgit v1.2.3 From fbec363f091221f476c4a133630b16bf88ceb26c Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Jan 2021 18:33:31 +0100 Subject: l domsen: remove inotify limits --- lass/2configs/websites/domsen.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index f3beb9eb9..c43c8c902 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -285,7 +285,6 @@ in { ]; }; - boot.kernel.sysctl."fs.inotify.max_user_watches" = "1048576"; services.syncthing.declarative.folders = { domsen-backups = { path = "/backups/domsen"; -- cgit v1.2.3 From d618f52cda36f62b3744aa84422b4c9f28bdc61d Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Jan 2021 18:43:55 +0100 Subject: l: add missing muchsync.nix --- lass/2configs/muchsync.nix | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 lass/2configs/muchsync.nix (limited to 'lass/2configs') diff --git a/lass/2configs/muchsync.nix b/lass/2configs/muchsync.nix new file mode 100644 index 000000000..b09bf579b --- /dev/null +++ b/lass/2configs/muchsync.nix @@ -0,0 +1,40 @@ +with (import ); +{ config, pkgs, ... }: + +{ + systemd.services.muchsync = let + hosts = [ + "mors.r" + "green.r" + "blue.r" + ]; + in { + description = "sync mails"; + environment = { + NOTMUCH_CONFIG = config.environment.variables.NOTMUCH_CONFIG; + }; + after = [ "network.target" ]; + + restartIfChanged = false; + + path = [ + pkgs.notmuch + pkgs.openssh + ]; + + startAt = "*:*"; # run every minute + serviceConfig = { + User = "lass"; + Type = "oneshot"; + ExecStart = pkgs.writeDash "sync-mails" '' + set -euf + + /run/current-system/sw/bin/nm-tag-init 2>/dev/null + ${concatMapStringsSep "\n" (host: '' + echo syncing ${host}: + ${pkgs.muchsync}/bin/muchsync -s 'ssh -CTaxq -o ConnectTimeout=4' --nonew lass@${host} || : + '') hosts} + ''; + }; + }; +} -- cgit v1.2.3 From 5b178eb4dfea1db9c578d9d389331fe5ffaaa082 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Jan 2021 18:54:08 +0100 Subject: l mail: export NOTMUCH_CONFIG --- lass/2configs/mail.nix | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) (limited to 'lass/2configs') diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix index 98affdd83..4c4f888c9 100644 --- a/lass/2configs/mail.nix +++ b/lass/2configs/mail.nix @@ -21,6 +21,26 @@ let account default: prism ''; + notmuch-config = pkgs.writeText "notmuch-config" '' + [database] + path=/home/lass/Maildir + + [user] + name=lassulus + primary_email=lassulus@lassul.us + other_email=lass@mors.r;${concatStringsSep ";" (flatten (attrValues mailboxes))} + + [new] + tags=unread;inbox; + ignore= + + [search] + exclude_tags=deleted;spam; + + [maildir] + synchronize_flags=true + ''; + msmtp = pkgs.writeBashBin "msmtp" '' ${pkgs.coreutils}/bin/tee >(${pkgs.notmuch}/bin/notmuch insert +sent) | \ ${pkgs.msmtp}/bin/msmtp -C ${msmtprc} "$@" @@ -232,6 +252,7 @@ let }; in { + environment.variables.NOTMUCH_CONFIG = toString notmuch-config; environment.systemPackages = [ msmtp mutt -- cgit v1.2.3 From 3c539a34f83862b577ea4c8291788c7ba253ee1f Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Jan 2021 18:54:36 +0100 Subject: l mail: fix sidebar format --- lass/2configs/mail.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix index 4c4f888c9..4682865c6 100644 --- a/lass/2configs/mail.nix +++ b/lass/2configs/mail.nix @@ -227,7 +227,7 @@ let set sidebar_short_path set sidebar_folder_indent set sidebar_visible = yes - set sidebar_format = '%B%?F? [%F]?%* %?N?%N/? %?S?%S?' + set sidebar_format = '%D%?F? [%F]?%* %?N?%N/? %?S?%S?' set sidebar_width = 20 color sidebar_new yellow red -- cgit v1.2.3 From ea59935e5f57dfc03db3367f187ffaffafcc67a2 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Jan 2021 19:06:07 +0100 Subject: l radio: simplify listeners counting --- lass/2configs/radio.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix index 8c95b535d..6a020692a 100644 --- a/lass/2configs/radio.nix +++ b/lass/2configs/radio.nix @@ -200,7 +200,7 @@ in { ${pkgs.mpc_cli}/bin/mpc idle player > /dev/null ${pkgs.mpc_cli}/bin/mpc current -f %file% done | while read track; do - listeners=$(${pkgs.iproute}/bin/ss -Hno state established '( sport = :8000 )' | wc -l) + listeners=$(${pkgs.iproute}/bin/ss -Hno state established 'sport = :8000' | wc -l) echo "$(date -Is)" "$track" | tee -a "$HISTORY_FILE" echo "$(tail -$LIMIT "$HISTORY_FILE")" > "$HISTORY_FILE" ${write_to_irc} "playing: $track listeners: $listeners" -- cgit v1.2.3 From 348d5e476f0689f40c14b566c078c26ef6222676 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Jan 2021 19:06:20 +0100 Subject: l radio: import htgen script --- lass/2configs/radio.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix index 6a020692a..707cc8459 100644 --- a/lass/2configs/radio.nix +++ b/lass/2configs/radio.nix @@ -275,7 +275,7 @@ in { user = { name = "radio"; }; - script = '' + script = ''. ${pkgs.writeDash "radio" '' case "$Method $Request_URI" in "GET /current") printf 'HTTP/1.1 200 OK\r\n' @@ -303,7 +303,7 @@ in { exit ;; esac - ''; + ''}''; }; services.nginx = { -- cgit v1.2.3 From 0718e51e35c0ffb639f3f208e94d08521ec8df82 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Jan 2021 19:06:59 +0100 Subject: l tv: remove legacy interface --- lass/2configs/tv.nix | 88 +--------------------------------------------------- 1 file changed, 1 insertion(+), 87 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/tv.nix b/lass/2configs/tv.nix index 0ca1b340f..d49ed6125 100644 --- a/lass/2configs/tv.nix +++ b/lass/2configs/tv.nix @@ -8,6 +8,7 @@ nginxCfg = pkgs.writeText "nginx.conf" '' worker_connections 128; } error_log stderr info; + http { client_body_temp_path /var/lib/rtmp/nginx_cache_client_body; proxy_temp_path /var/lib/rtmp/nginx_cache_proxy; @@ -25,92 +26,6 @@ nginxCfg = pkgs.writeText "nginx.conf" '' location /stat { rtmp_stat all; } - - location /hls { - # Serve HLS fragments - types { - application/vnd.apple.mpegurl m3u8; - video/mp2t ts; - } - root /var/lib/rtmp/tmp; - add_header Cache-Control no-cache; - - # CORS setup - add_header 'Access-Control-Allow-Origin' '*' always; - add_header 'Access-Control-Expose-Headers' 'Content-Length'; - - # Allow CORS preflight requests - if ($request_method = 'OPTIONS') { - add_header 'Access-Control-Allow-Origin' '*'; - add_header 'Access-Control-Max-Age' 1728000; - add_header 'Content-Type' 'text/plain charset=UTF-8'; - add_header 'Content-Length' 0; - return 204; - } - } - - location /dash { - # Serve DASH fragments - types { - application/dash+xml mpd; - video/mp4 mp4; - } - root /tmp; - add_header Cache-Control no-cache; - - # CORS setup - add_header 'Access-Control-Allow-Origin' '*' always; - add_header 'Access-Control-Expose-Headers' 'Content-Length'; - - # Allow CORS preflight requests - if ($request_method = 'OPTIONS') { - add_header 'Access-Control-Allow-Origin' '*'; - add_header 'Access-Control-Max-Age' 1728000; - add_header 'Content-Type' 'text/plain charset=UTF-8'; - add_header 'Content-Length' 0; - return 204; - } - } - - location "/dash.all.min.js" { - default_type "text/javascript"; - alias ${pkgs.fetchurl { - url = "http://cdn.dashjs.org/v3.2.0/dash.all.min.js"; - sha256 = "16f0b40gdqsnwqi01s5sz9f1q86dwzscgc3m701jd1sczygi481c"; - }}; - } - - location /player { - default_type "text/html"; - alias ${pkgs.writeText "player.html" '' - - - - - lassulus livestream - - -
- - -
- - - - - ''}; - } - - location /records { - autoindex on; - root /var/lib/rtmp; - } } } @@ -275,6 +190,5 @@ in { krebs.iptables.tables.filter.INPUT.rules = [ { predicate = "-p tcp --dport 1935"; target = "ACCEPT"; } - { predicate = "-p tcp --dport 8080"; target = "ACCEPT"; } ]; } -- cgit v1.2.3 From 33dbc0c0aeb82707b0d7cebe9183a640842db435 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Jan 2021 19:07:39 +0100 Subject: l git: add reaktor2 & workadventure-nix --- lass/2configs/git.nix | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index edec2dcb4..e6aeca5d1 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -97,6 +97,10 @@ let populate = { cgit.section = "software"; }; + reaktor2 = { + cgit.desc = "irc bot"; + cgit.section = "software"; + }; stockholm = { cgit.desc = "take all the computers hostage, they'll love you!"; cgit.section = "configuration"; @@ -109,6 +113,10 @@ let cgit.desc = "Good Music collection + tools"; cgit.section = "art"; }; + workadventure-nix = { + cgit.desc = "Nix packaging for workadventure"; + cgit.section = "deployment"; + }; xmonad-stockholm = { cgit.desc = "krebs xmonad modules"; cgit.section = "configuration"; @@ -142,9 +150,6 @@ let nick = config.krebs.build.host.name; channel = "#xxx"; # TODO define refs in some kind of option per repo - refs = [ - "refs/heads/master" - ]; server = "irc.r"; verbose = config.krebs.build.host.name == "prism"; }} -- cgit v1.2.3 From c5a63e4985cb81169ecf32483d9ceaa921b6f116 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Jan 2021 19:36:46 +0100 Subject: l codimd: codimd is now called hedgedoc --- lass/2configs/codimd.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/codimd.nix b/lass/2configs/codimd.nix index e55090de9..d29a65210 100644 --- a/lass/2configs/codimd.nix +++ b/lass/2configs/codimd.nix @@ -12,8 +12,9 @@ with import ; ''; }; - services.codimd = { + services.hedgedoc = { enable = true; + configuration.allowOrigin = [ "*" ]; configuration = { db = { dialect = "sqlite"; -- cgit v1.2.3 From e0229e76309fef6825ff4126a7f9c9e334fb9aba Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Jan 2021 20:22:17 +0100 Subject: l realwallpaper: add video --- lass/2configs/realwallpaper.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'lass/2configs') diff --git a/lass/2configs/realwallpaper.nix b/lass/2configs/realwallpaper.nix index e0cb37f67..c3054d3af 100644 --- a/lass/2configs/realwallpaper.nix +++ b/lass/2configs/realwallpaper.nix @@ -28,6 +28,9 @@ in { locations."/realwallpaper-krebs.png".extraConfig = '' root /var/realwallpaper/; ''; + locations."/realwallpaper-video.mp4".extraConfig = '' + root /var/realwallpaper/archive; + ''; }; krebs.iptables = { -- cgit v1.2.3 From 34470a6e92439ffeb4cf9112343e9745d97b709c Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Jan 2021 20:34:21 +0100 Subject: l: remove deprecated backup user --- lass/2configs/backup.nix | 14 -------------- lass/2configs/default.nix | 1 - 2 files changed, 15 deletions(-) delete mode 100644 lass/2configs/backup.nix (limited to 'lass/2configs') diff --git a/lass/2configs/backup.nix b/lass/2configs/backup.nix deleted file mode 100644 index f5c241785..000000000 --- a/lass/2configs/backup.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ config, lib, ... }: -with import ; - -{ - users.users.backup = { - useDefaultShell = true; - home = "/backups"; - createHome = true; - group = "syncthing"; - openssh.authorizedKeys.keys = with config.krebs.hosts; [ - blue.ssh.pubkey - ]; - }; -} diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index f3534d94d..7b6f01148 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -3,7 +3,6 @@ with import ; { imports = [ ./binary-cache/client.nix - ./backup.nix ./gc.nix ./mc.nix ./vim.nix -- cgit v1.2.3 From 1562ee7ca9e271d4e2ddf3a5c2521b6243344fce Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Jan 2021 20:42:51 +0100 Subject: l: split ppp.nix by modem --- lass/2configs/ppp.nix | 32 -------------------------------- lass/2configs/ppp/umts-stick.nix | 33 +++++++++++++++++++++++++++++++++ lass/2configs/ppp/x220-modem.nix | 32 ++++++++++++++++++++++++++++++++ 3 files changed, 65 insertions(+), 32 deletions(-) delete mode 100644 lass/2configs/ppp.nix create mode 100644 lass/2configs/ppp/umts-stick.nix create mode 100644 lass/2configs/ppp/x220-modem.nix (limited to 'lass/2configs') diff --git a/lass/2configs/ppp.nix b/lass/2configs/ppp.nix deleted file mode 100644 index 9cc7568a5..000000000 --- a/lass/2configs/ppp.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ pkgs, ... }: { - - # usage: pppd call default - - environment.etc."ppp/peers/default".text = '' - /dev/ttyACM2 - 921600 - crtscts - defaultroute - holdoff 10 - lock - maxfail 0 - noauth - nodetach - noipdefault - passive - persist - usepeerdns - connect "${pkgs.ppp}/bin/chat -f ${pkgs.writeText "default.chat" '' - ABORT "BUSY" - ABORT "NO CARRIER" - REPORT CONNECT - "" "ATDT*99#" - CONNECT - ''}" - ''; - - environment.systemPackages = [ - pkgs.ppp - ]; - -} diff --git a/lass/2configs/ppp/umts-stick.nix b/lass/2configs/ppp/umts-stick.nix new file mode 100644 index 000000000..64551a2b3 --- /dev/null +++ b/lass/2configs/ppp/umts-stick.nix @@ -0,0 +1,33 @@ +{ pkgs, ... }: { + + # usage: pppd call stick + + environment.etc."ppp/peers/stick".text = '' + /dev/ttyUSB0 + 460800 + crtscts + defaultroute + holdoff 10 + lock + maxfail 0 + noauth + nodetach + noipdefault + passive + persist + usepeerdns + connect "${pkgs.ppp}/bin/chat -f ${pkgs.writeText "default.chat" '' + ABORT "BUSY" + ABORT "NO CARRIER" + REPORT CONNECT + "" "ATDT*99#" + CONNECT + ''}" + ''; + + environment.systemPackages = [ + pkgs.ppp + ]; + +} + diff --git a/lass/2configs/ppp/x220-modem.nix b/lass/2configs/ppp/x220-modem.nix new file mode 100644 index 000000000..d6facb724 --- /dev/null +++ b/lass/2configs/ppp/x220-modem.nix @@ -0,0 +1,32 @@ +{ pkgs, ... }: { + + # usage: pppd call x220 + + environment.etc."ppp/peers/x220".text = '' + /dev/ttyACM2 + 921600 + crtscts + defaultroute + holdoff 10 + lock + maxfail 0 + noauth + nodetach + noipdefault + passive + persist + usepeerdns + connect "${pkgs.ppp}/bin/chat -f ${pkgs.writeText "default.chat" '' + ABORT "BUSY" + ABORT "NO CARRIER" + REPORT CONNECT + "" "ATDT*99#" + CONNECT + ''}" + ''; + + environment.systemPackages = [ + pkgs.ppp + ]; + +} -- cgit v1.2.3 From b2fdc7e18512582c1d520df7d8e86108ed88ba92 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Jan 2021 20:52:47 +0100 Subject: l browsers: remove cvim --- lass/2configs/browsers.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix index eafab400c..00a5d2db0 100644 --- a/lass/2configs/browsers.nix +++ b/lass/2configs/browsers.nix @@ -7,7 +7,6 @@ enable = true; extensions = [ "cjpalhdlnbpafiamejdnhcphjbkeiagm" # ublock origin - "ihlenndgcmojhcghmfjfneahoeklbjjh" #cVim ]; }; } -- cgit v1.2.3 From 9b884ed48306b2f881521e61e5bfea26c545d168 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Jan 2021 21:24:51 +0100 Subject: l green-host: share with morpheus & styx --- lass/2configs/green-host.nix | 2 ++ 1 file changed, 2 insertions(+) (limited to 'lass/2configs') diff --git a/lass/2configs/green-host.nix b/lass/2configs/green-host.nix index 1f17c78c8..5f44f5065 100644 --- a/lass/2configs/green-host.nix +++ b/lass/2configs/green-host.nix @@ -10,7 +10,9 @@ "shodan" "skynet" "mors" + "morpheus" "littleT" + "styx" ]; hostIp = "10.233.2.15"; localIp = "10.233.2.16"; -- cgit v1.2.3 From fc01155ea520bf3f6ceaafef3a32393331a9319a Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Jan 2021 21:25:12 +0100 Subject: l green-host: backup with borg --- lass/2configs/green-host.nix | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'lass/2configs') diff --git a/lass/2configs/green-host.nix b/lass/2configs/green-host.nix index 5f44f5065..a5328943c 100644 --- a/lass/2configs/green-host.nix +++ b/lass/2configs/green-host.nix @@ -18,4 +18,12 @@ localIp = "10.233.2.16"; format = "ecryptfs"; }; + + services.borgbackup.jobs.sync-green = { + encryption.mode = "none"; + paths = "/var/lib/sync-containers/green/ecryptfs"; + repo = "/var/lib/sync-containers/green/backup"; + compression = "auto,lzma"; + startAt = "daily"; + }; } -- cgit v1.2.3 From cfe7d62e062a438b080e6a39744dd11dcd2cde01 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Jan 2021 22:25:38 +0100 Subject: l binary-cache server: use different port --- lass/2configs/binary-cache/server.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass/2configs') diff --git a/lass/2configs/binary-cache/server.nix b/lass/2configs/binary-cache/server.nix index 9b91035a8..101dd045f 100644 --- a/lass/2configs/binary-cache/server.nix +++ b/lass/2configs/binary-cache/server.nix @@ -6,6 +6,7 @@ services.nix-serve = { enable = true; secretKeyFile = config.krebs.secret.files.nix-serve-key.path; + port = 5005; }; systemd.services.nix-serve = { -- cgit v1.2.3 From bd1e7a86143e259f25c1ede213725d90727a0c4e Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Jan 2021 22:29:43 +0100 Subject: l bitlbee: use tdlib as telegram provider --- lass/2configs/bitlbee.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/bitlbee.nix b/lass/2configs/bitlbee.nix index 1220fa0cd..d8f1ae888 100644 --- a/lass/2configs/bitlbee.nix +++ b/lass/2configs/bitlbee.nix @@ -10,6 +10,10 @@ with (import ); pkgs.bitlbee-steam pkgs.bitlbee-discord ]; - libpurple_plugins = [ pkgs.telegram-purple ]; + libpurple_plugins = [ + # pkgs.telegram-purple + pkgs.tdlib-purple + # pkgs.purple-gowhatsapp + ]; }; } -- cgit v1.2.3 From c334eb47eb5f5be64a3d1d969365bc7dcebbcf39 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Jan 2021 09:43:53 +0100 Subject: l hass: open zigbee2mqtt frontend --- lass/2configs/hass/default.nix | 2 ++ 1 file changed, 2 insertions(+) (limited to 'lass/2configs') diff --git a/lass/2configs/hass/default.nix b/lass/2configs/hass/default.nix index 78379ba1c..44f6e25f9 100644 --- a/lass/2configs/hass/default.nix +++ b/lass/2configs/hass/default.nix @@ -13,7 +13,9 @@ with import ./lib.nix { inherit lib; }; { predicate = "-i int0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto { predicate = "-i docker0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto { predicate = "-i int0 -p tcp --dport 8123"; target = "ACCEPT"; } # hass + { predicate = "-i int0 -p tcp --dport 1337"; target = "ACCEPT"; } # hass { predicate = "-i retiolum -p tcp --dport 8123"; target = "ACCEPT"; } # hass + { predicate = "-i retiolum -p tcp --dport 1337"; target = "ACCEPT"; } # hass frontend { predicate = "-i wiregrill -p tcp --dport 8123"; target = "ACCEPT"; } # hass ]; -- cgit v1.2.3 From a6ace6ef5e4613d2d59c20cb7e2811ea3c5e9c10 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Jan 2021 09:46:43 +0100 Subject: l hass: enable shopping list, disable hue --- lass/2configs/hass/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/hass/default.nix b/lass/2configs/hass/default.nix index 44f6e25f9..3cd6e0ebf 100644 --- a/lass/2configs/hass/default.nix +++ b/lass/2configs/hass/default.nix @@ -49,6 +49,7 @@ with import ./lib.nix { inherit lib; }; }; config = {}; sun.elevation = 66; + shopping_list = {}; discovery = {}; frontend = {}; mqtt = { @@ -83,7 +84,6 @@ with import ./lib.nix { inherit lib; }; (tasmota_s20 "Stereo Anlage" "stereo") ]; mobile_app = {}; - hue = {}; weather = [ { platform = "openweathermap"; -- cgit v1.2.3 From fed3663923bf8064215dd0f2f8eac4ee82d63179 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Jan 2021 09:47:24 +0100 Subject: l hass: use better naming --- lass/2configs/hass/lib.nix | 25 +++++++++---------------- lass/2configs/hass/rooms/bett.nix | 2 +- lass/2configs/hass/rooms/essen.nix | 4 ++-- lass/2configs/hass/rooms/nass.nix | 4 ++-- 4 files changed, 14 insertions(+), 21 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/hass/lib.nix b/lass/2configs/hass/lib.nix index 9281a19ec..1f9f9945d 100644 --- a/lass/2configs/hass/lib.nix +++ b/lass/2configs/hass/lib.nix @@ -23,7 +23,7 @@ rec { }; friendly_names = - lib.mapAttrs' (n: v: lib.nameValuePair "light.${v}_light" { friendly_name = "l.${n}"; }) lights // + lib.mapAttrs' (n: v: lib.nameValuePair "light.${v}" { friendly_name = "l.${n}"; }) lights // lib.mapAttrs' (n: v: lib.nameValuePair "binary_sensor.${v}_update_available" { friendly_name = "s.${n}_up"; }) switches.dimmer // lib.mapAttrs' (n: v: lib.nameValuePair "binary_sensor.${v}_update_available" { friendly_name = "i.${n}_up"; }) sensors.movement // lib.mapAttrs' (n: v: lib.nameValuePair "binary_sensor.${v}_update_available" { friendly_name = "l.${n}_up"; }) lights // @@ -41,11 +41,11 @@ rec { lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_illuminance" { friendly_name = "i.${n}_lux"; }) sensors.movement // {}; - detect_movement = sensor: light: delay: + detect_movement = name: sensor: light: delay: let - id = "${sensor}_${light}"; + id = name; sensor_ = "binary_sensor.${sensor}_occupancy"; - light_ = "light.${light}_light"; + light_ = "light.${light}"; in { input_boolean."${id}" = { }; @@ -71,7 +71,6 @@ rec { # } { alias = "movement reset timer ${id}"; - hide_entity = true; trigger = { platform = "state"; entity_id = sensor_; @@ -87,7 +86,6 @@ rec { } { alias = "movement on ${id}"; - # hide_entity = true; trigger = { platform = "state"; entity_id = "binary_sensor.${sensor}_occupancy"; @@ -124,7 +122,6 @@ rec { } { alias = "movement off ${id}"; - hide_entity = true; trigger = { platform = "state"; entity_id = sensor_; @@ -144,7 +141,6 @@ rec { } { alias = "movement override ${id}"; - hide_entity = true; trigger = { platform = "state"; entity_id = light_; @@ -164,7 +160,6 @@ rec { } { alias = "movement expired ${id}"; - hide_entity = true; trigger = { platform = "event"; event_type = "timer.finished"; @@ -186,11 +181,10 @@ rec { ]; }; - lightswitch = switch: light: { + lightswitch = name: switch: light: { automation = [ { - alias = "lightswitch ${switch} turn on light ${light}"; - hide_entity = "true"; + alias = "lightswitch ${name} turn on"; trigger = { platform = "mqtt"; topic = "zigbee/${switch}"; @@ -225,15 +219,14 @@ rec { { service = "light.turn_on"; data_template = { - entity_id = "light.${light}_light"; + entity_id = "light.${light}"; brightness = "{{ trigger.payload_json.brightness }}"; }; } ]; } { - alias = "lightswitch ${switch} turn off light ${light}"; - hide_entity = "true"; + alias = "lightswitch ${name} turn off"; trigger = { platform = "mqtt"; topic = "zigbee/${switch}"; @@ -254,7 +247,7 @@ rec { action = { service = "light.turn_off"; data_template = { - entity_id = "light.${light}_light"; + entity_id = "light.${light}"; }; }; } diff --git a/lass/2configs/hass/rooms/bett.nix b/lass/2configs/hass/rooms/bett.nix index 48a1f72d7..026c5722c 100644 --- a/lass/2configs/hass/rooms/bett.nix +++ b/lass/2configs/hass/rooms/bett.nix @@ -3,7 +3,7 @@ with import ../lib.nix { inherit lib; }; { services.home-assistant.config = lib.mkMerge [ - (lightswitch switches.dimmer.bett lights.bett) + (lightswitch "bett" switches.dimmer.bett lights.bett) ]; # lass.hass.love = { diff --git a/lass/2configs/hass/rooms/essen.nix b/lass/2configs/hass/rooms/essen.nix index eeb3d30d2..293935f65 100644 --- a/lass/2configs/hass/rooms/essen.nix +++ b/lass/2configs/hass/rooms/essen.nix @@ -3,7 +3,7 @@ with import ../lib.nix { inherit lib; }; { services.home-assistant.config = lib.mkMerge [ - (detect_movement sensors.movement.essen lights.essen 10) - (lightswitch switches.dimmer.essen lights.essen) + (detect_movement "essen" sensors.movement.essen lights.essen 70) + (lightswitch "essen" switches.dimmer.essen lights.essen) ]; } diff --git a/lass/2configs/hass/rooms/nass.nix b/lass/2configs/hass/rooms/nass.nix index 7e6298738..b23ba86cd 100644 --- a/lass/2configs/hass/rooms/nass.nix +++ b/lass/2configs/hass/rooms/nass.nix @@ -3,8 +3,8 @@ with import ../lib.nix { inherit lib; }; { services.home-assistant.config = lib.mkMerge [ - (detect_movement sensors.movement.nass lights.nass 100) - (lightswitch switches.dimmer.nass lights.nass) + (detect_movement "nass" sensors.movement.nass lights.nass 100) + (lightswitch "nass" switches.dimmer.nass lights.nass) ]; } -- cgit v1.2.3 From ffb9654b1b8b4981999cdce6180f1413aae4bd28 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Jan 2021 09:47:52 +0100 Subject: l exim-retiolum: add root alias --- lass/2configs/exim-retiolum.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/exim-retiolum.nix b/lass/2configs/exim-retiolum.nix index 1ee8d843e..589e17551 100644 --- a/lass/2configs/exim-retiolum.nix +++ b/lass/2configs/exim-retiolum.nix @@ -3,7 +3,12 @@ with import ; { - krebs.exim-retiolum.enable = true; + krebs.exim-retiolum = { + enable = true; + system-aliases = [ + { from = "root"; to = "lass"; } + ]; + }; krebs.iptables.tables.filter.INPUT.rules = [ { predicate = "-i retiolum -p tcp --dport smtp"; target = "ACCEPT"; } ]; -- cgit v1.2.3 From 811fe371a5b78c463a16aeef63deafda8ac1ef76 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Jan 2021 09:48:21 +0100 Subject: l nfs-dl: tune mount settings --- lass/2configs/nfs-dl.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/nfs-dl.nix b/lass/2configs/nfs-dl.nix index 91b026455..eeab732ba 100644 --- a/lass/2configs/nfs-dl.nix +++ b/lass/2configs/nfs-dl.nix @@ -13,9 +13,9 @@ "x-systemd.device-timeout=1" "x-systemd.idle-timeout=1min" "x-systemd.requires=retiolum.service" - "x-systemd.requires=wpa_supplicant.service" "user" "_netdev" + "soft" ]; }; } -- cgit v1.2.3 From ea0b43654e20ee3cbe85c154a35d5363baaaca97 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Jan 2021 10:41:47 +0100 Subject: sync-containers: lass -> krebs --- lass/2configs/green-host.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/green-host.nix b/lass/2configs/green-host.nix index a5328943c..355daba9c 100644 --- a/lass/2configs/green-host.nix +++ b/lass/2configs/green-host.nix @@ -4,7 +4,7 @@ ]; - lass.sync-containers.containers.green = { + krebs.sync-containers.containers.green = { peers = [ "icarus" "shodan" -- cgit v1.2.3 From 8e5eb283f4f06a87ab228ad2a0d3a9a6e3ffd737 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Jan 2021 14:47:50 +0100 Subject: l syncthing: just configure used peers --- lass/2configs/syncthing.nix | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/syncthing.nix b/lass/2configs/syncthing.nix index d31ce7800..50f282640 100644 --- a/lass/2configs/syncthing.nix +++ b/lass/2configs/syncthing.nix @@ -1,6 +1,9 @@ { config, pkgs, ... }: with import ; let - all_peers = filterAttrs (n: v: v.syncthing.id != null) config.krebs.hosts; mk_peers = mapAttrs (n: v: { id = v.syncthing.id; }); + + all_peers = filterAttrs (n: v: v.syncthing.id != null) config.krebs.hosts; + used_peer_names = unique (flatten (mapAttrsToList (n: v: v.devices) config.services.syncthing.declarative.folders)); + used_peers = filterAttrs (n: v: elem n used_peer_names) all_peers; in { services.syncthing = { enable = true; @@ -9,7 +12,7 @@ in { declarative = { key = toString ; cert = toString ; - devices = mk_peers all_peers; + devices = mk_peers used_peers; }; }; krebs.iptables.tables.filter.INPUT.rules = [ -- cgit v1.2.3 From 550b502628a6e9567fb210c5dba38e9468481efb Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Jan 2021 15:06:54 +0100 Subject: syncthing: split into l and krebs --- lass/2configs/syncthing.nix | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/syncthing.nix b/lass/2configs/syncthing.nix index 50f282640..e288df68a 100644 --- a/lass/2configs/syncthing.nix +++ b/lass/2configs/syncthing.nix @@ -1,18 +1,11 @@ -{ config, pkgs, ... }: with import ; let - mk_peers = mapAttrs (n: v: { id = v.syncthing.id; }); - - all_peers = filterAttrs (n: v: v.syncthing.id != null) config.krebs.hosts; - used_peer_names = unique (flatten (mapAttrsToList (n: v: v.devices) config.services.syncthing.declarative.folders)); - used_peers = filterAttrs (n: v: elem n used_peer_names) all_peers; -in { +{ config, pkgs, ... }: with import ; +{ + imports = [ ]; services.syncthing = { - enable = true; group = "syncthing"; - configDir = "/var/lib/syncthing"; declarative = { key = toString ; cert = toString ; - devices = mk_peers used_peers; }; }; krebs.iptables.tables.filter.INPUT.rules = [ -- cgit v1.2.3 From 6dfbe96823f7e649e7277d64efea2fdd40e3e76f Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Jan 2021 17:03:34 +0100 Subject: l sync weechat: don't share with blue --- lass/2configs/sync/weechat.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/sync/weechat.nix b/lass/2configs/sync/weechat.nix index ccbfc75a1..7970f3081 100644 --- a/lass/2configs/sync/weechat.nix +++ b/lass/2configs/sync/weechat.nix @@ -1,5 +1,5 @@ { - services.syncthing.declarative.folders."/home/lass/.weechat".devices = [ "blue" "green" "mors" ]; + services.syncthing.declarative.folders."/home/lass/.weechat".devices = [ "green" "mors" ]; krebs.permown."/home/lass/.weechat" = { owner = "lass"; group = "syncthing"; -- cgit v1.2.3