From c6b4c7920fd9c0eb11f3bd3c5602980934fafd20 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 4 Apr 2018 14:39:03 +0200 Subject: ma gum.r: handle new domain --- makefu/2configs/nginx/misa-felix-hochzeit.ml.nix | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 makefu/2configs/nginx/misa-felix-hochzeit.ml.nix (limited to 'makefu/2configs') diff --git a/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix b/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix new file mode 100644 index 000000000..d0881a934 --- /dev/null +++ b/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix @@ -0,0 +1,17 @@ +{ config, lib, pkgs, ... }: +{ + services.nginx = { + enable = lib.mkDefault true; + virtualHosts."misa-felix-hochzeit.ml" = { + serverAliases = [ "www.misa-felix-hochzeit.ml" "misa-felix.ml" "www.misa-felix.ml" ]; + forceSSL = true; + enableACME = true; + locations = { + "/" = { + index = "index.html"; + root = "/var/www/misa-felix-hochzeit.ml"; + }; + }; + }; + }; +} -- cgit v1.2.3 From 0d4bb21df59c08eccf5db522242d3cb80f2b9425 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 4 Apr 2018 14:44:06 +0200 Subject: ma automatic-diskmount: put into separate config --- makefu/2configs/gui/automatic-diskmount.nix | 44 +++++++++++++++++++++++++++++ makefu/2configs/main-laptop.nix | 1 + 2 files changed, 45 insertions(+) create mode 100644 makefu/2configs/gui/automatic-diskmount.nix (limited to 'makefu/2configs') diff --git a/makefu/2configs/gui/automatic-diskmount.nix b/makefu/2configs/gui/automatic-diskmount.nix new file mode 100644 index 000000000..19933111a --- /dev/null +++ b/makefu/2configs/gui/automatic-diskmount.nix @@ -0,0 +1,44 @@ +{ pkgs, ... }: +with import ; #genid +{ # auto-mounting via polkit + services.udisks2.enable = true; +## automount all disks: +# services.devmon.enable = true; +# services.gnome3.gvfs.enable = true; + users.groups.storage = { + gid = genid "storage"; + members = [ "makefu" ]; + }; + users.users.makefu.packages = with pkgs;[ + gvfs pcmanfm lxmenu-data + ]; + environment.variables.GIO_EXTRA_MODULES = [ "${pkgs.gvfs}/lib/gio/modules" ]; + +## allow users in group "storage" to mount disk +# https://github.com/coldfix/udiskie/wiki/Permissions + security.polkit.extraConfig = + '' + polkit.addRule(function(action, subject) { + var YES = polkit.Result.YES; + var permission = { + "org.freedesktop.udisks.filesystem-mount": YES, + "org.freedesktop.udisks.luks-unlock": YES, + "org.freedesktop.udisks.drive-eject": YES, + "org.freedesktop.udisks.drive-detach": YES, + "org.freedesktop.udisks2.filesystem-mount": YES, + "org.freedesktop.udisks2.encrypted-unlock": YES, + "org.freedesktop.udisks2.eject-media": YES, + "org.freedesktop.udisks2.power-off-drive": YES, + "org.freedesktop.udisks2.filesystem-mount-other-seat": YES, + "org.freedesktop.udisks2.filesystem-unmount-others": YES, + "org.freedesktop.udisks2.encrypted-unlock-other-seat": YES, + "org.freedesktop.udisks2.eject-media-other-seat": YES, + "org.freedesktop.udisks2.power-off-drive-other-seat": YES + }; + if (subject.isInGroup("storage")) { + return permission[action.id]; + } + }); + ''; + +} diff --git a/makefu/2configs/main-laptop.nix b/makefu/2configs/main-laptop.nix index 827da0c8d..315fc4706 100644 --- a/makefu/2configs/main-laptop.nix +++ b/makefu/2configs/main-laptop.nix @@ -16,6 +16,7 @@ in { ./zsh-user.nix ./tools/core.nix ./tools/core-gui.nix + ./gui/automatic-diskmount.nix ]; users.users.${config.krebs.build.user.name}.extraGroups = [ "dialout" ]; -- cgit v1.2.3 From cab4eb5e430f0fce8698a0eb4a7f9825f133b519 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 4 Apr 2018 14:45:30 +0200 Subject: ma bluetooth-mpd: provide anonymous unix socket for all programs --- makefu/2configs/bluetooth-mpd.nix | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) (limited to 'makefu/2configs') diff --git a/makefu/2configs/bluetooth-mpd.nix b/makefu/2configs/bluetooth-mpd.nix index 226f5cf1f..b59d3ce10 100644 --- a/makefu/2configs/bluetooth-mpd.nix +++ b/makefu/2configs/bluetooth-mpd.nix @@ -34,7 +34,7 @@ in { hardware.pulseaudio = { enable = true; package = pkgs.pulseaudioFull; - # systemWide = true; + # systemWide = true; support32Bit = true; zeroconf.discovery.enable = true; zeroconf.publish.enable = true; @@ -42,12 +42,13 @@ in { enable = true; # PULSE_SERVER=192.168.1.11 pavucontrol anonymousClients.allowAll = true; + anonymousClients.allowedIpRanges = [ "127.0.0.1" "192.168.0.0/16" ]; }; configFile = pkgs.writeText "default.pa" '' load-module module-udev-detect load-module module-bluetooth-policy load-module module-bluetooth-discover - load-module module-native-protocol-unix + load-module module-native-protocol-unix auth-anonymous=1 load-module module-always-sink load-module module-console-kit load-module module-systemd-login @@ -56,13 +57,15 @@ in { load-module module-filter-heuristics load-module module-filter-apply load-module module-switch-on-connect + #load-module module-bluez5-device + #load-module module-bluez5-discover ''; }; - # connect via https://nixos.wiki/wiki/Bluetooth#Using_Bluetooth_headsets_with_PulseAudio + # connect via https://nixos.wiki/wiki/Bluetooth#Using_Bluetooth_headsets_with_PulseAudio hardware.bluetooth.enable = true; - #hardware.bluetooth.extraConfig = '' - # [general] - # Enable=Source,Sink,Media,Socket - #''; + # environment.etc."bluetooth/audio.conf".text = '' + # [General] + # Enable = Source,Sink,Media,Socket + # ''; }; } -- cgit v1.2.3 From fc3a10ebec641d49a83389d28ab45da519cb4727 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 4 Apr 2018 14:45:45 +0200 Subject: ma cgit-retiolum: init arafetch --- makefu/2configs/git/cgit-retiolum.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'makefu/2configs') diff --git a/makefu/2configs/git/cgit-retiolum.nix b/makefu/2configs/git/cgit-retiolum.nix index 30d90f9e3..c209b83f6 100644 --- a/makefu/2configs/git/cgit-retiolum.nix +++ b/makefu/2configs/git/cgit-retiolum.nix @@ -30,6 +30,7 @@ let euer_blog = { }; ampel = { }; europastats = { }; + arafetch = { }; init-stockholm = { cgit.desc = "Init stuff for stockholm"; }; -- cgit v1.2.3 From d1542ef7739a61e9ee11ff86300ed6a3486569ac Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 4 Apr 2018 14:46:15 +0200 Subject: ma arafetch: add extra logic for remote stats generation --- makefu/2configs/stats/arafetch.nix | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) (limited to 'makefu/2configs') diff --git a/makefu/2configs/stats/arafetch.nix b/makefu/2configs/stats/arafetch.nix index e04b12f9c..422676b24 100644 --- a/makefu/2configs/stats/arafetch.nix +++ b/makefu/2configs/stats/arafetch.nix @@ -3,7 +3,7 @@ with import ; let pkg = with pkgs.python3Packages;buildPythonPackage rec { rev = "762d747"; - name = "europastats-${rev}"; + name = "arafetch-${rev}"; propagatedBuildInputs = [ requests docopt @@ -25,12 +25,25 @@ in { }; systemd.services.arafetch = { - startAt = "Mon 09:15:00"; + startAt = "Mon,Wed,Fri 09:15:00"; wantedBy = [ "multi-user.target" ]; environment = { OUTDIR = home; }; path = [ pkg pkgs.git pkgs.wget ]; - script = "${pkg}/bin/weekrun"; + serviceConfig = { + User = "arafetch"; + WorkingDirectory = home; + PrivateTmp = true; + ExecStart = pkgs.writeDash "start-weekrun" '' + set -x + weekrun || echo "weekrun failed!" + find $OUTDIR/db -name \*.json | while read path;do + file=''${path##*/} + cantine=''${file%%.json} + ara2influx $path --cantine $cantine --host wbob.r + done + ''; + }; }; } -- cgit v1.2.3 From 402a0c9847df5b1195cb8b49e2f0cf632668ca71 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 4 Apr 2018 14:46:44 +0200 Subject: ma hydra/stockholm: remove enable for postgres --- makefu/2configs/hydra/stockholm.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'makefu/2configs') diff --git a/makefu/2configs/hydra/stockholm.nix b/makefu/2configs/hydra/stockholm.nix index 4bdb09213..35999ae57 100644 --- a/makefu/2configs/hydra/stockholm.nix +++ b/makefu/2configs/hydra/stockholm.nix @@ -5,7 +5,6 @@ { # TODO postgres backup - services.postgresql.enable = true; services.hydra = { enable = true; -- cgit v1.2.3 From af5698307560b8cd1ab2ff2713684debab74fd5d Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 4 Apr 2018 14:47:14 +0200 Subject: ma remote-build: rip --- makefu/2configs/remote-build/master.nix | 14 -------------- 1 file changed, 14 deletions(-) delete mode 100644 makefu/2configs/remote-build/master.nix (limited to 'makefu/2configs') diff --git a/makefu/2configs/remote-build/master.nix b/makefu/2configs/remote-build/master.nix deleted file mode 100644 index 2a2c68119..000000000 --- a/makefu/2configs/remote-build/master.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ pkgs, ...}: -let - sshKey = (toString ) + "/id_nixBuild"; -in { - nix.distributedBuilds = true; - # TODO: iterate over krebs.hosts - nix.buildMachines = map ( hostName: - { inherit hostName sshKey; - sshUser = "nixBuild"; - system = "x86_64-linux"; - maxJobs = 8; - }) [ "hotdog.r" ]; - # puyak.r "wbob.r" "omo.r" "gum.r" "latte.r" -} -- cgit v1.2.3 From 8f1907ef4eaa6b8be9838b69cf0243c441d52c3e Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 4 Apr 2018 14:48:01 +0200 Subject: ma urlwatch: do not track oslo.config anymore --- makefu/2configs/urlwatch/default.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'makefu/2configs') diff --git a/makefu/2configs/urlwatch/default.nix b/makefu/2configs/urlwatch/default.nix index d0fb4fe41..f93d47caa 100644 --- a/makefu/2configs/urlwatch/default.nix +++ b/makefu/2configs/urlwatch/default.nix @@ -25,7 +25,6 @@ in { # pypi https://pypi.python.org/simple/bepasty/ https://pypi.python.org/simple/devpi-client/ - https://pypi.python.org/simple/oslo.config/ https://pypi.python.org/simple/sqlalchemy_migrate/ https://pypi.python.org/simple/xstatic/ https://pypi.python.org/simple/pyserial/ -- cgit v1.2.3 From 309124175425cb7abd6dad166f485ae832435562 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 25 Apr 2018 14:50:06 +0200 Subject: ma gum.r: expose euer.mon --- makefu/2configs/nginx/euer.mon.nix | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 makefu/2configs/nginx/euer.mon.nix (limited to 'makefu/2configs') diff --git a/makefu/2configs/nginx/euer.mon.nix b/makefu/2configs/nginx/euer.mon.nix new file mode 100644 index 000000000..c5a7e68af --- /dev/null +++ b/makefu/2configs/nginx/euer.mon.nix @@ -0,0 +1,26 @@ +{ config, lib, pkgs, ... }: + +with import ; +let + hostname = config.krebs.build.host.name; + user = config.services.nginx.user; + group = config.services.nginx.group; + external-ip = config.krebs.build.host.nets.internet.ip4.addr; + internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; +in { + services.nginx = { + enable = mkDefault true; + virtualHosts."mon.euer.krebsco.de" = { + forceSSL = true; + enableACME = true; + locations."/" = { + proxyPass = "http://wbob.r:3000/"; + extraConfig = '' + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + ''; + }; + }; + }; +} -- cgit v1.2.3 From 0ea7fd530f5b0b74ebff8b352283a7b399e9a109 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 3 May 2018 18:41:03 +0200 Subject: ma core-gui: rip flash on firefox --- makefu/2configs/tools/core-gui.nix | 4 ---- 1 file changed, 4 deletions(-) (limited to 'makefu/2configs') diff --git a/makefu/2configs/tools/core-gui.nix b/makefu/2configs/tools/core-gui.nix index 2f80b08c9..898bae10d 100644 --- a/makefu/2configs/tools/core-gui.nix +++ b/makefu/2configs/tools/core-gui.nix @@ -1,10 +1,6 @@ { pkgs, ... }: { - nixpkgs.config.firefox = { - enableAdobeFlash = true; - }; - krebs.per-user.makefu.packages = with pkgs; [ chromium clipit -- cgit v1.2.3 From 49193180cb66b35dc95ab34003c739af575adc77 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 3 May 2018 18:41:54 +0200 Subject: ma network-manager: wanted by multi-user --- makefu/2configs/hw/network-manager.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'makefu/2configs') diff --git a/makefu/2configs/hw/network-manager.nix b/makefu/2configs/hw/network-manager.nix index 7e29849b1..d322c683d 100644 --- a/makefu/2configs/hw/network-manager.nix +++ b/makefu/2configs/hw/network-manager.nix @@ -11,9 +11,8 @@ systemd.services.modemmanager = { description = "ModemManager"; - after = [ "network-manager.service" ]; bindsTo = [ "network-manager.service" ]; - wantedBy = [ "network-manager.service" ]; + wantedBy = [ "network-manager.service" "multi-user.target" ]; serviceConfig = { ExecStart = "${pkgs.modemmanager}/bin/ModemManager"; PrivateTmp = true; -- cgit v1.2.3