From c19a5c9b557042e130c90c9c616f91e09d212eb3 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 7 Mar 2018 01:53:41 +0100 Subject: ma x.r: switch audio on port change --- makefu/1systems/x/config.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'makefu/1systems') diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix index ad2ad8779..e0417e00d 100644 --- a/makefu/1systems/x/config.nix +++ b/makefu/1systems/x/config.nix @@ -123,6 +123,7 @@ with import ; load-module module-filter-heuristics load-module module-filter-apply load-module module-switch-on-connect + load-module module-switch-on-port-available ''; }; -- cgit v1.2.3 From 574be59987debd726d6a6a8508a697762dca7ca1 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 7 Mar 2018 15:27:06 +0100 Subject: ma source: add mic92 as source --- makefu/1systems/x/source.nix | 2 ++ 1 file changed, 2 insertions(+) (limited to 'makefu/1systems') diff --git a/makefu/1systems/x/source.nix b/makefu/1systems/x/source.nix index 6278877c3..ab6429dc1 100644 --- a/makefu/1systems/x/source.nix +++ b/makefu/1systems/x/source.nix @@ -3,5 +3,7 @@ import { full = true; python = true; hw = true; + unstable = true; + mic92 = true; # torrent = true; } -- cgit v1.2.3 From b2c1e1804a28bc88c564a3e7580e4c30c98e6baf Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 7 Mar 2018 17:05:50 +0100 Subject: ma pkgs.mic92: init overlay --- makefu/1systems/x/config.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'makefu/1systems') diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix index e0417e00d..1623ff44f 100644 --- a/makefu/1systems/x/config.nix +++ b/makefu/1systems/x/config.nix @@ -11,6 +11,8 @@ with import ; + + @@ -27,6 +29,8 @@ with import ; # # # + # + # # Krebs @@ -78,7 +82,6 @@ with import ; # # # - # { networking.wireguard.interfaces.wg0 = { -- cgit v1.2.3 From 325be7a661a4bb34d1e2c2cc7332916741cf1a4b Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 13 Mar 2018 11:33:26 +0100 Subject: ma x.r: re-enable virtualbox --- makefu/1systems/x/config.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'makefu/1systems') diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix index 1623ff44f..f72f2a15b 100644 --- a/makefu/1systems/x/config.nix +++ b/makefu/1systems/x/config.nix @@ -44,7 +44,7 @@ with import ; # Virtualization - # + { networking.firewall.allowedTCPPorts = [ 8080 ]; networking.nat = { -- cgit v1.2.3 From 2e8dd5027bb71f1a329f63e2035f24647843c67e Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 18 Mar 2018 20:37:48 +0100 Subject: ma bluetooth-mpd: make abstract --- makefu/1systems/omo/config.nix | 8 +++++- makefu/1systems/wbob/config.nix | 61 +---------------------------------------- 2 files changed, 8 insertions(+), 61 deletions(-) (limited to 'makefu/1systems') diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix index 01438397e..c31d27c8f 100644 --- a/makefu/1systems/omo/config.nix +++ b/makefu/1systems/omo/config.nix @@ -9,7 +9,7 @@ let keyFile = byid "usb-Verbatim_STORE_N_GO_070B3CEE0B223954-0:0"; rootDisk = byid "ata-SanDisk_SD8SNAT128G1122_162099420904"; rootPartition = byid "ata-SanDisk_SD8SNAT128G1122_162099420904-part2"; - primaryInterface = "enp1s0"; + primaryInterface = "enp2s0"; # cryptsetup luksFormat $dev --cipher aes-xts-plain64 -s 512 -h sha512 # cryptsetup luksAddKey $dev tmpkey # cryptsetup luksOpen $dev crypt0 --key-file tmpkey --keyfile-size=4096 @@ -54,6 +54,7 @@ in { # # + # @@ -72,6 +73,11 @@ in { + + { + hardware.pulseaudio.systemWide = true; + makefu.mpd.musicDirectory = "/media/cryptX/music"; + } # security diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix index 637d8e2d8..cfbcf0e9c 100644 --- a/makefu/1systems/wbob/config.nix +++ b/makefu/1systems/wbob/config.nix @@ -32,66 +32,7 @@ in { - (let - musicDirectory = "/data/music"; - in { - services.mpd = { - enable = true; - inherit musicDirectory; - # dataDir = "/home/anders/.mpd"; - network.listenAddress = "any"; - extraConfig = '' - audio_output { - type "pulse" - name "Local MPD" - server "127.0.0.1" - } - ''; - }; - # open because of truestedInterfaces - # networking.firewall.allowedTCPPorts = [ 6600 4713 ]; - services.samba.shares.music = { - path = musicDirectory; - "read only" = "no"; - browseable = "yes"; - "guest ok" = "yes"; - }; - - sound.enable = true; - hardware.pulseaudio = { - enable = true; - package = pkgs.pulseaudioFull; - # systemWide = true; - support32Bit = true; - zeroconf.discovery.enable = true; - zeroconf.publish.enable = true; - tcp = { - enable = true; - anonymousClients.allowAll = true; - anonymousClients.allowedIpRanges = [ "127.0.0.1" "192.168.8.0/24" ]; - }; - configFile = pkgs.writeText "default.pa" '' - load-module module-udev-detect - load-module module-bluetooth-policy - load-module module-bluetooth-discover - load-module module-native-protocol-unix - load-module module-always-sink - load-module module-console-kit - load-module module-systemd-login - load-module module-intended-roles - load-module module-position-event-sounds - load-module module-filter-heuristics - load-module module-filter-apply - load-module module-native-protocol-tcp auth-ip-acl=127.0.0.1 - load-module module-switch-on-connect - # may be required for "system-wide" pulse to connect to bluetooth - #module-bluez5-device - #module-bluez5-discover - ''; - }; - # connect via https://nixos.wiki/wiki/Bluetooth#Using_Bluetooth_headsets_with_PulseAudio - hardware.bluetooth.enable = true; - }) + # Sensors -- cgit v1.2.3 From d82c2f228b7179319cdea4d16a59fa553f249505 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 28 Mar 2018 11:06:40 +0200 Subject: ma gum.r: disable vpnws --- makefu/1systems/gum/config.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'makefu/1systems') diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index b859efc94..40fa233d3 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -52,7 +52,7 @@ in { # network - + # -- cgit v1.2.3 From fc774f31fb0cdbc49f60d33d800e66ced3786b2c Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 28 Mar 2018 11:07:48 +0200 Subject: ma omo.r: enable arafetch --- makefu/1systems/omo/config.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'makefu/1systems') diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix index c31d27c8f..bed6ae9fd 100644 --- a/makefu/1systems/omo/config.nix +++ b/makefu/1systems/omo/config.nix @@ -66,6 +66,7 @@ in { + # services -- cgit v1.2.3 From e4d0f7d81f5ff80eef4da50d15d5fdc0d824acf1 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 29 Mar 2018 18:55:15 +0200 Subject: ma torrent-secrets: enable for drop and fileleech --- makefu/1systems/drop/source.nix | 1 + makefu/1systems/fileleech/source.nix | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) (limited to 'makefu/1systems') diff --git a/makefu/1systems/drop/source.nix b/makefu/1systems/drop/source.nix index 74de846c0..45bd6f97e 100644 --- a/makefu/1systems/drop/source.nix +++ b/makefu/1systems/drop/source.nix @@ -1,3 +1,4 @@ import { name="drop"; + torrent = true; } diff --git a/makefu/1systems/fileleech/source.nix b/makefu/1systems/fileleech/source.nix index 699267e21..caca1fbcb 100644 --- a/makefu/1systems/fileleech/source.nix +++ b/makefu/1systems/fileleech/source.nix @@ -1,3 +1,4 @@ import { - name="fileleech"; + name = "fileleech"; + torrent = true; } -- cgit v1.2.3 From c6b4c7920fd9c0eb11f3bd3c5602980934fafd20 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 4 Apr 2018 14:39:03 +0200 Subject: ma gum.r: handle new domain --- makefu/1systems/gum/config.nix | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'makefu/1systems') diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index 40fa233d3..578e4add8 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -64,8 +64,10 @@ in { + # + @@ -222,6 +224,8 @@ in { 25 # http 80 443 + # httptunnel + 8080 8443 # tinc 655 # tinc-shack -- cgit v1.2.3 From a2c1afe2a253589bc38380a75c7b156216b40667 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 4 Apr 2018 14:39:44 +0200 Subject: ma x.r: allow automatic mounting by pcmanfm --- makefu/1systems/x/config.nix | 38 ++++++++++++++++++++++++++++++++++++-- 1 file changed, 36 insertions(+), 2 deletions(-) (limited to 'makefu/1systems') diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix index f72f2a15b..483fc81e5 100644 --- a/makefu/1systems/x/config.nix +++ b/makefu/1systems/x/config.nix @@ -141,14 +141,47 @@ with import ; # connect via https://nixos.wiki/wiki/Bluetooth#Using_Bluetooth_headsets_with_PulseAudio hardware.bluetooth.enable = true; } - { # auto-mounting + { # auto-mounting via polkit services.udisks2.enable = true; - services.devmon.enable = true; + ## automount all disks: + # services.devmon.enable = true; # services.gnome3.gvfs.enable = true; + users.groups.storage = { + gid = genid "storage"; + members = [ "makefu" ]; + }; users.users.makefu.packages = with pkgs;[ gvfs pcmanfm lxmenu-data ]; environment.variables.GIO_EXTRA_MODULES = [ "${pkgs.gvfs}/lib/gio/modules" ]; + + ## allow users in group "storage" to mount disk + # https://github.com/coldfix/udiskie/wiki/Permissions + security.polkit.extraConfig = + '' + polkit.addRule(function(action, subject) { + var YES = polkit.Result.YES; + var permission = { + "org.freedesktop.udisks.filesystem-mount": YES, + "org.freedesktop.udisks.luks-unlock": YES, + "org.freedesktop.udisks.drive-eject": YES, + "org.freedesktop.udisks.drive-detach": YES, + "org.freedesktop.udisks2.filesystem-mount": YES, + "org.freedesktop.udisks2.encrypted-unlock": YES, + "org.freedesktop.udisks2.eject-media": YES, + "org.freedesktop.udisks2.power-off-drive": YES, + "org.freedesktop.udisks2.filesystem-mount-other-seat": YES, + "org.freedesktop.udisks2.filesystem-unmount-others": YES, + "org.freedesktop.udisks2.encrypted-unlock-other-seat": YES, + "org.freedesktop.udisks2.eject-media-other-seat": YES, + "org.freedesktop.udisks2.power-off-drive-other-seat": YES + }; + if (subject.isInGroup("storage")) { + return permission[action.id]; + } + }); + ''; + } ]; @@ -170,6 +203,7 @@ with import ; networking.extraHosts = '' 192.168.1.11 omo.local + 80.92.65.53 www.wifionice.de wifionice.de ''; # hard dependency because otherwise the device will not be unlocked boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }]; -- cgit v1.2.3 From 0d4bb21df59c08eccf5db522242d3cb80f2b9425 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 4 Apr 2018 14:44:06 +0200 Subject: ma automatic-diskmount: put into separate config --- makefu/1systems/x/config.nix | 42 ------------------------------------------ 1 file changed, 42 deletions(-) (limited to 'makefu/1systems') diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix index 483fc81e5..93bb27efe 100644 --- a/makefu/1systems/x/config.nix +++ b/makefu/1systems/x/config.nix @@ -141,48 +141,6 @@ with import ; # connect via https://nixos.wiki/wiki/Bluetooth#Using_Bluetooth_headsets_with_PulseAudio hardware.bluetooth.enable = true; } - { # auto-mounting via polkit - services.udisks2.enable = true; - ## automount all disks: - # services.devmon.enable = true; - # services.gnome3.gvfs.enable = true; - users.groups.storage = { - gid = genid "storage"; - members = [ "makefu" ]; - }; - users.users.makefu.packages = with pkgs;[ - gvfs pcmanfm lxmenu-data - ]; - environment.variables.GIO_EXTRA_MODULES = [ "${pkgs.gvfs}/lib/gio/modules" ]; - - ## allow users in group "storage" to mount disk - # https://github.com/coldfix/udiskie/wiki/Permissions - security.polkit.extraConfig = - '' - polkit.addRule(function(action, subject) { - var YES = polkit.Result.YES; - var permission = { - "org.freedesktop.udisks.filesystem-mount": YES, - "org.freedesktop.udisks.luks-unlock": YES, - "org.freedesktop.udisks.drive-eject": YES, - "org.freedesktop.udisks.drive-detach": YES, - "org.freedesktop.udisks2.filesystem-mount": YES, - "org.freedesktop.udisks2.encrypted-unlock": YES, - "org.freedesktop.udisks2.eject-media": YES, - "org.freedesktop.udisks2.power-off-drive": YES, - "org.freedesktop.udisks2.filesystem-mount-other-seat": YES, - "org.freedesktop.udisks2.filesystem-unmount-others": YES, - "org.freedesktop.udisks2.encrypted-unlock-other-seat": YES, - "org.freedesktop.udisks2.eject-media-other-seat": YES, - "org.freedesktop.udisks2.power-off-drive-other-seat": YES - }; - if (subject.isInGroup("storage")) { - return permission[action.id]; - } - }); - ''; - - } ]; -- cgit v1.2.3 From bb41144dc0e18ea704ebea00f5f2da0573a443cc Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 4 Apr 2018 14:44:28 +0200 Subject: ma wbob.r: put self into pulse group --- makefu/1systems/wbob/config.nix | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'makefu/1systems') diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix index cfbcf0e9c..42f3bddb1 100644 --- a/makefu/1systems/wbob/config.nix +++ b/makefu/1systems/wbob/config.nix @@ -33,6 +33,9 @@ in { + { + users.users.makefu.extraGroups = [ "pulse" ]; + } # Sensors @@ -121,6 +124,7 @@ in { networking.firewall.allowedTCPPorts = [ 655 8081 #smokeping + 8086 #influx 49152 ]; networking.firewall.trustedInterfaces = [ "enp0s25" ]; -- cgit v1.2.3