From 8748cbe3e182b99bbf81ee7d830111bc3930dc95 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 19 Nov 2020 01:39:10 +0100 Subject: ma ham: add light toggle switches --- makefu/2configs/ham/automation/light_buttons.nix | 33 ++++++++++++++++++++++++ makefu/2configs/ham/default.nix | 1 + makefu/2configs/ham/light/groups.nix | 2 +- 3 files changed, 35 insertions(+), 1 deletion(-) create mode 100644 makefu/2configs/ham/automation/light_buttons.nix (limited to 'makefu') diff --git a/makefu/2configs/ham/automation/light_buttons.nix b/makefu/2configs/ham/automation/light_buttons.nix new file mode 100644 index 000000000..7b43027f1 --- /dev/null +++ b/makefu/2configs/ham/automation/light_buttons.nix @@ -0,0 +1,33 @@ +let + toggle = light: btn: + { + alias = "Toggle Light ${light} via ${btn}"; + trigger = { + platform = "state"; + entity_id = "sensor.${btn}_click"; + to = "single"; + }; + action = { + service = "light.toggle"; + entity = light; + }; + }; + turn_off_all = btn: + { + alias = "Turn of all lights via ${btn} double click"; + trigger = { + platform = "state"; + entity_id = "sensor.${btn}_click"; + to = "double"; + }; + action = { + service = "light.turn_off"; + entity = "light.alle_lichter"; + }; + }; +in { + services.home-assistant.config.automation = [ + (toggle "light.wohnzimmer_lichter" "btn3") + (turn_off_all "btn3") + ]; +} diff --git a/makefu/2configs/ham/default.nix b/makefu/2configs/ham/default.nix index 9e3f7f669..1cd06f6a5 100644 --- a/makefu/2configs/ham/default.nix +++ b/makefu/2configs/ham/default.nix @@ -26,6 +26,7 @@ in { ./calendar/nextcloud.nix ./automation/firetv_restart.nix + ./automation/light_buttons.nix ./light/groups.nix ]; diff --git a/makefu/2configs/ham/light/groups.nix b/makefu/2configs/ham/light/groups.nix index e1812b68a..274fd60a3 100644 --- a/makefu/2configs/ham/light/groups.nix +++ b/makefu/2configs/ham/light/groups.nix @@ -13,7 +13,7 @@ let "light.wohnzimmer_stehlampe_osram_light" ]; schlafzimmer_licht = [ - "schlafzimmer_komode_osram_light" + "light.schlafzimmer_komode_osram_light" ]; in { services.home-assistant.config.light = [ -- cgit v1.3.1 From 3417a4f8908ec157c0d6a10af0a0b053f231376c Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 19 Nov 2020 01:39:34 +0100 Subject: ma zsh: use plugin directly from navi src --- makefu/2configs/home-manager/zsh.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/2configs/home-manager/zsh.nix b/makefu/2configs/home-manager/zsh.nix index 862ee5df3..8d6c1f2f0 100644 --- a/makefu/2configs/home-manager/zsh.nix +++ b/makefu/2configs/home-manager/zsh.nix @@ -52,6 +52,7 @@ xo = "mimeopen"; nmap = "nmap -oN $HOME/loot/scan-`date +\%s`.nmap -oX $HOME/loot/scan-`date +%s`.xml"; }; + # navi package does not come with the navi.plugin.zsh anymore so we use .src initExtra = '' bindkey -e # shift-tab @@ -69,7 +70,7 @@ zstyle ':completion::complete:secrets::' prefix "$HOME/.secrets-pass/" # navi - source ${pkgs.navi}/share/navi/shell/navi.plugin.zsh + . ${pkgs.navi.src}/shell/navi.plugin.zsh # ctrl-x ctrl-e autoload -U compinit && compinit autoload -U edit-command-line -- cgit v1.3.1 From 9d32c9731b90afe0f2227979185364efbe6e0ef4 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 2 Dec 2020 22:26:24 +0100 Subject: ma pkgs.awesomecfg: fix eval error for nur --- makefu/5pkgs/awesomecfg/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/5pkgs/awesomecfg/default.nix b/makefu/5pkgs/awesomecfg/default.nix index acbe61f3f..7a4d30137 100644 --- a/makefu/5pkgs/awesomecfg/default.nix +++ b/makefu/5pkgs/awesomecfg/default.nix @@ -6,7 +6,7 @@ , blueman , clipit , flameshot -, chapter-marker +, chapter-marker ? false , modkey ? "Mod4" , locker? "${pkgs.xlock}/bin/xlock -mode blank" , ... }: -- cgit v1.3.1 From db80207267dd750d6e5fce0a4c15961aa324627b Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 16 Dec 2020 16:10:08 +0100 Subject: ma anon-sftp: init --- krebs/2configs/shack/prometheus/alert-rules.nix | 7 +++-- makefu/2configs/ham/light/groups.nix | 41 ------------------------- makefu/2configs/ham/light/schlafzimmer.nix | 41 +++++++++++++++++++++++++ makefu/2configs/share/anon-sftp.nix | 25 +++++++++++++++ 4 files changed, 70 insertions(+), 44 deletions(-) delete mode 100644 makefu/2configs/ham/light/groups.nix create mode 100644 makefu/2configs/ham/light/schlafzimmer.nix create mode 100644 makefu/2configs/share/anon-sftp.nix (limited to 'makefu') diff --git a/krebs/2configs/shack/prometheus/alert-rules.nix b/krebs/2configs/shack/prometheus/alert-rules.nix index 1c2d0b1ad..12c691466 100644 --- a/krebs/2configs/shack/prometheus/alert-rules.nix +++ b/krebs/2configs/shack/prometheus/alert-rules.nix @@ -14,7 +14,7 @@ in { labels.severity = "warning"; annotations.summary = "{{ $labels.alias }} root disk full"; annotations.url = "http://grafana.shack/d/hb7fSE0Zz/shack-system-dashboard?orgId=1&var-job=node&var-hostname=All&var-node=wolf.shack:9100&var-device=All&var-maxmount=%2F&var-show_hostname=wolf"; - annotations.description = ''The root disk of {{ $labels.alias }} has {{ $value | printf "%.2f" }}% free disk space (Threshold at ${disk_free_threshold}%).A vast number of shackspace services will stop working. CI for deploying new configuration will also seize working. Log in to the system and run `nix-collect-garbage -d` and clean up the shack share folder in `/home/share` .If this does not help you can check `du -hs /var/ | sort -h`, run `docker system prune` or if you are really desperate run `du -hs / | sort -h` and go through the folders recursively until you've found something to delete''; + annotations.description = ''The root disk of {{ $labels.alias }} has {{ $value | printf "%.2f" }}% free disk space (Threshold at ${disk_free_threshold}%). CI for deploying new configuration will seize working. Log in to the system and run `nix-collect-garbage -d` and clean up the shack share folder in `/home/share` .If this does not help you can check `du -hs /var/ | sort -h`, run `docker system prune` or if you are really desperate run `du -hs / | sort -h` and go through the folders recursively until you've found something to delete''; } { alert = "RootPartitionFull"; @@ -25,14 +25,15 @@ in { annotations.url = "http://grafana.shack/d/hb7fSE0Zz/shack-system-dashboard?orgId=1&var-job=node&var-hostname=All&var-node=wolf.shack:9100&var-device=All&var-maxmount=%2F&var-show_hostname=puyak"; annotations.description = ''The root disk of {{ $labels.alias }} has {{ $value | printf "%.2f" }}% free disk space (Threshold at ${disk_free_threshold}%).Prometheus will not be able to create new alerts and CI for deploying new configuration will also seize working. Log in to the system and run `nix-collect-garbage -d` and if this does not help you can check `du -hs /var/ | sort -h`, run `docker system prune` or if you are really desperate run `du -hs / | sort -h` and go through the folders recursively until you've found something to delete''; } + # wolf.shack is not worth supervising anymore { alert = "HostDown"; - expr = ''up{alias="wolf.shack"} == 0''; + expr = ''up{alias="infra01.shack"} == 0''; for = "5m"; labels.severity = "page"; annotations.summary = "Instance {{ $labels.alias }} down for 5 minutes"; annotations.url = "http://grafana.shack/d/hb7fSE0Zz/shack-system-dashboard?orgId=1&var-job=node&var-hostname=All&var-node=wolf.shack:9100&var-device=All&var-maxmount=%2F&var-show_hostname=wolf"; - annotations.description = ''Host {{ $labels.alias }} went down and has not been reconnected after 5 minutes. This is probably bad news, try to restart the host via naproxen ( http://naproxen.shack:8006 ). Wolf being down means that CI,glados automation, light management and a couple of other services will not work anymore.''; + annotations.description = ''Host {{ $labels.alias }} went down and has not been reconnected after 5 minutes. This is probably bad news, as the machine runs one of the DNS servers and the power broadcast proxy which is used to be able to turn off the light via puyak as well as the shutdown listener.''; } ]; } diff --git a/makefu/2configs/ham/light/groups.nix b/makefu/2configs/ham/light/groups.nix deleted file mode 100644 index 274fd60a3..000000000 --- a/makefu/2configs/ham/light/groups.nix +++ /dev/null @@ -1,41 +0,0 @@ -let - arbeitszimmer_licht = [ - "light.led_wand" - "light.arbeitszimmer_led1_led_strip" # LED-Kreis in cube - "light.arbeitszimmer_flur_osram_light" - "light.arbeitszimmer_schrank_dimmer_light" - "light.arbeitszimmer_schrank_osram_light" - ]; - wohnzimmer_licht = [ - "light.wohnzimmer_fernseher_led_strip" # led um fernseher - "light.wohnzimmer_komode_osram_light" - "light.wohnzimmer_schrank_osram_light" - "light.wohnzimmer_stehlampe_osram_light" - ]; - schlafzimmer_licht = [ - "light.schlafzimmer_komode_osram_light" - ]; -in { - services.home-assistant.config.light = [ - { - platform = "group"; - name = "Arbeitszimmer Lichter"; - entities = arbeitszimmer_licht; - } - { - platform = "group"; - name = "Wohnzimmer Lichter"; - entities = wohnzimmer_licht; - } - { - platform = "group"; - name = "Schlafzimmer Lichter"; - entities = schlafzimmer_licht; - } - { - platform = "group"; - name = "Alle Lichter"; - entities = arbeitszimmer_licht ++ wohnzimmer_licht ++ schlafzimmer_licht; - } - ]; -} diff --git a/makefu/2configs/ham/light/schlafzimmer.nix b/makefu/2configs/ham/light/schlafzimmer.nix new file mode 100644 index 000000000..274fd60a3 --- /dev/null +++ b/makefu/2configs/ham/light/schlafzimmer.nix @@ -0,0 +1,41 @@ +let + arbeitszimmer_licht = [ + "light.led_wand" + "light.arbeitszimmer_led1_led_strip" # LED-Kreis in cube + "light.arbeitszimmer_flur_osram_light" + "light.arbeitszimmer_schrank_dimmer_light" + "light.arbeitszimmer_schrank_osram_light" + ]; + wohnzimmer_licht = [ + "light.wohnzimmer_fernseher_led_strip" # led um fernseher + "light.wohnzimmer_komode_osram_light" + "light.wohnzimmer_schrank_osram_light" + "light.wohnzimmer_stehlampe_osram_light" + ]; + schlafzimmer_licht = [ + "light.schlafzimmer_komode_osram_light" + ]; +in { + services.home-assistant.config.light = [ + { + platform = "group"; + name = "Arbeitszimmer Lichter"; + entities = arbeitszimmer_licht; + } + { + platform = "group"; + name = "Wohnzimmer Lichter"; + entities = wohnzimmer_licht; + } + { + platform = "group"; + name = "Schlafzimmer Lichter"; + entities = schlafzimmer_licht; + } + { + platform = "group"; + name = "Alle Lichter"; + entities = arbeitszimmer_licht ++ wohnzimmer_licht ++ schlafzimmer_licht; + } + ]; +} diff --git a/makefu/2configs/share/anon-sftp.nix b/makefu/2configs/share/anon-sftp.nix new file mode 100644 index 000000000..7cde9317a --- /dev/null +++ b/makefu/2configs/share/anon-sftp.nix @@ -0,0 +1,25 @@ +{ config, lib, pkgs, ... }: + +with import ; +{ + services.openssh = { + allowSFTP = true; + sftpFlags = [ "-l VERBOSE" ]; + extraConfig = '' + Match User anonymous + ForceCommand internal-sftp + AllowTcpForwarding no + X11Forwarding no + PasswordAuthentication no + ''; + }; + + users.users.anonymous = { + uid = genid "anonymous"; + useDefaultShell = false; + password = "anonymous"; + home = "/media/anon"; + createHome = true; + }; + +} -- cgit v1.3.1 From 60a492344bf224982978fd6765aaaadbaf4effc1 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 30 Dec 2020 11:02:21 +0100 Subject: ma ham: update config --- makefu/2configs/ham/automation/giesskanne.nix | 102 +++++++++++++++++++++ makefu/2configs/ham/automation/light_buttons.nix | 19 +++- makefu/2configs/ham/automation/urlaub.nix | 44 +++++++++ .../ham/automation/wohnzimmer_rf_fernbedienung.nix | 61 ++++++++++++ makefu/2configs/ham/default.nix | 9 +- makefu/2configs/ham/light/arbeitszimmer.nix | 24 +++++ makefu/2configs/ham/light/schlafzimmer.nix | 33 +------ makefu/2configs/ham/light/wohnzimmer.nix | 24 +++++ 8 files changed, 280 insertions(+), 36 deletions(-) create mode 100644 makefu/2configs/ham/automation/giesskanne.nix create mode 100644 makefu/2configs/ham/automation/urlaub.nix create mode 100644 makefu/2configs/ham/automation/wohnzimmer_rf_fernbedienung.nix create mode 100644 makefu/2configs/ham/light/arbeitszimmer.nix create mode 100644 makefu/2configs/ham/light/wohnzimmer.nix (limited to 'makefu') diff --git a/makefu/2configs/ham/automation/giesskanne.nix b/makefu/2configs/ham/automation/giesskanne.nix new file mode 100644 index 000000000..d89ea595b --- /dev/null +++ b/makefu/2configs/ham/automation/giesskanne.nix @@ -0,0 +1,102 @@ +# uses: +# switch.crafting_giesskanne_relay +let + cam = { + name = "chilicam"; + camera = "camera.espcam_02"; + light = "light.espcam_02_light"; + seconds = 60; # default shutoff to protect the LED from burning out + }; + seconds = 6; + pump = "switch.arbeitszimmer_giesskanne_relay"; + # sensor = "sensor.statistics_for_sensor_crafting_brotbox_soil_moisture"; +in +{ + services.home-assistant.config = + { + #sensor = map ( entity_id: { + # platform = "statistics"; + # name = "Statistics for ${entity_id}"; + # inherit entity_id; + # max_age.minutes = "60"; + # sampling_size = 1000; + # }) [ "sensor.crafting_brotbox_soil_moisture" ]; + + automation = + [ + + ##### brotbox + { alias = "Water the plant for ${toString seconds} seconds"; + trigger = [ + { # trigger at 23:15 no matter what + # TODO: retry or run only if switch.wasser is available + platform = "time"; + at = "23:15:00"; + } + ]; + action = + [ + { # take a snapshot before watering + service = "homeassistant.turn_on"; + entity_id = [ cam.light ]; + } + { # TODO: we could also create a recording with camera.record + service = "camera.snapshot"; + data = { + entity_id = cam.camera; + # TODO: create /var/lib/hass/cam/ - now being done manually + filename = "/var/lib/hass/cam/${cam.name}_{{ now().strftime('%Y%m%d-%H%M%S') }}.jpg"; + }; + } + + { # now turn on the pumping services + # i do not start hte pump and light before the snapshot because i do + # not know how long it takes (do not want to water the plants for too long) + service = "homeassistant.turn_on"; + entity_id = [ pump ]; + } + { delay.seconds = seconds; } + { + service = "homeassistant.turn_off"; + entity_id = [ pump cam.light ]; + } + ]; + } + { alias = "Always turn off the light after ${toString (cam.seconds)}s"; + trigger = [ + { + platform = "state"; + entity_id = cam.light; + to = "on"; + for.seconds = cam.seconds; + } + ]; + action = + [ + { + service = "homeassistant.turn_off"; + entity_id = [ pump cam.light ]; + } + ]; + } + + { alias = "Always turn off water after ${toString (seconds * 2)}s"; + trigger = [ + { + platform = "state"; + entity_id = pump; + to = "on"; + for.seconds = seconds*2; + } + ]; + action = + [ + { + service = "homeassistant.turn_off"; + entity_id = [ pump cam.light ]; + } + ]; + } + ]; + }; +} diff --git a/makefu/2configs/ham/automation/light_buttons.nix b/makefu/2configs/ham/automation/light_buttons.nix index 7b43027f1..32d134ecc 100644 --- a/makefu/2configs/ham/automation/light_buttons.nix +++ b/makefu/2configs/ham/automation/light_buttons.nix @@ -1,3 +1,9 @@ +# light.wohnzimmerbeleuchtung +# light.wohnzimmer_deko +# light.arbeitszimmerbeleuchtung +# light.arbeitszimmer_deko +# light.schlafzimmerbeleuchtung + let toggle = light: btn: { @@ -9,7 +15,8 @@ let }; action = { service = "light.toggle"; - entity = light; + data.entity_id = light; + data.transition = 0; }; }; turn_off_all = btn: @@ -22,12 +29,16 @@ let }; action = { service = "light.turn_off"; - entity = "light.alle_lichter"; + entity_id = "all"; }; }; in { services.home-assistant.config.automation = [ - (toggle "light.wohnzimmer_lichter" "btn3") - (turn_off_all "btn3") + (toggle "light.arbeitszimmerbeleuchtung" "arbeitszimmer_btn1") + (toggle "light.schlafzimmerbeleuchtung" "schlafzimmer_btn2") + (toggle "light.wohnzimmerbeleuchtung" "wohnzimmer_btn3") + (turn_off_all "arbeitszimmer_btn1") + (turn_off_all "schlafzimmer_btn2") + (turn_off_all "wohnzimmer_btn3") ]; } diff --git a/makefu/2configs/ham/automation/urlaub.nix b/makefu/2configs/ham/automation/urlaub.nix new file mode 100644 index 000000000..a6b9be96f --- /dev/null +++ b/makefu/2configs/ham/automation/urlaub.nix @@ -0,0 +1,44 @@ +# uses: +# light.wohnzimmer_schrank_osram +# light.wohnzimmer_fernseher_led_strip +# "all" lights + +let + schranklicht = "light.wohnzimmer_schrank_osram"; + fernsehlicht = "light.wohnzimmer_fernseher_led_strip"; + final_off = "01:00"; + + turn_on = entity_id: at: + { alias = "Turn on ${entity_id} at ${at}"; + trigger = [ + { platform = "time"; inherit at; } + ]; + action = + [ + { service = "light.turn_on"; inherit entity_id; } + ]; + }; +in +{ + services.home-assistant.config = + { + automation = + [ + (turn_on schranklicht "17:30") + (turn_on fernsehlicht "19:00") + + { alias = "Always turn off the urlaub lights at ${final_off}"; + trigger = [ + { platform = "time"; at = final_off; } + ]; + action = + [ + { + service = "light.turn_off"; + entity_id = [ schranklicht fernsehlicht ]; + } + ]; + } + ]; + }; +} diff --git a/makefu/2configs/ham/automation/wohnzimmer_rf_fernbedienung.nix b/makefu/2configs/ham/automation/wohnzimmer_rf_fernbedienung.nix new file mode 100644 index 000000000..f06094662 --- /dev/null +++ b/makefu/2configs/ham/automation/wohnzimmer_rf_fernbedienung.nix @@ -0,0 +1,61 @@ +# This module maps the RF433 Remote Control to zigbee and wifi lights +let + rf_turn_off = code: light: + { + alias = "Turn off ${light} via rf code ${code}"; + trigger = { + platform = "event"; + event_type = "esphome.rf_code_received"; + event_data.code = code; + }; + action = { + service = "light.turn_off"; + data.entity_id = light; + }; + }; + rf_turn_on = code: light: + { + alias = "Turn on ${light} via rf code ${code}"; + trigger = { + platform = "event"; + event_type = "esphome.rf_code_received"; + event_data.code = code; + }; + action = { + service = "light.turn_on"; + data.entity_id = light; + }; + }; + rf_toggle = code: light: + { + alias = "Toggle ${light} via rf code ${code}"; + trigger = { + platform = "event"; + event_type = "esphome.rf_code_received"; + event_data.code = code; + }; + action = { + service = "light.toggle"; + data.entity_id = light; + }; + }; + +in +{ + services.home-assistant.config.automation = [ + (rf_toggle "400551" "light.wohnzimmer_fernseher_led_strip") # A + (rf_toggle "401151" "light.wohnzimmer_stehlampe_osram") # B + (rf_toggle "401451" "light.wohnzimmer_komode_osram") # C + (rf_toggle "401511" "light.wohnzimmer_schrank_osram") # D + + # OFF Lane + (rf_turn_off "400554" "all") # A + (rf_toggle "401154" "light.wohnzimmer_fenster_lichterkette_licht") # B + (rf_toggle "401454" "light.wohnzimmer_fernsehwand_led") # C + # (rf_toggle "401514" "") # D + ]; + # "400554" # A OFF + # "401154" # B OFF + # "401454" # C OFF + # "401514" # D OFF +} diff --git a/makefu/2configs/ham/default.nix b/makefu/2configs/ham/default.nix index 1cd06f6a5..d610fa5c1 100644 --- a/makefu/2configs/ham/default.nix +++ b/makefu/2configs/ham/default.nix @@ -17,7 +17,7 @@ in { # ./multi/flurlicht.nix ./multi/kurzzeitwecker.nix ./multi/the_playlist.nix - ./multi/fliegen-couter.nix + # ./multi/fliegen-couter.nix ./device_tracker/openwrt.nix @@ -27,8 +27,13 @@ in { ./automation/firetv_restart.nix ./automation/light_buttons.nix + ./automation/wohnzimmer_rf_fernbedienung.nix + ./automation/giesskanne.nix + ./automation/urlaub.nix - ./light/groups.nix + ./light/arbeitszimmer.nix + ./light/schlafzimmer.nix + ./light/wohnzimmer.nix ]; services.home-assistant = { diff --git a/makefu/2configs/ham/light/arbeitszimmer.nix b/makefu/2configs/ham/light/arbeitszimmer.nix new file mode 100644 index 000000000..bc60678b3 --- /dev/null +++ b/makefu/2configs/ham/light/arbeitszimmer.nix @@ -0,0 +1,24 @@ +let + arbeitszimmer_deko = [ + "light.led_wand" + "light.box_led_status" + "light.arbeitszimmer_led1_led_strip" # LED-Kreis in cube + ]; + arbeitszimmerbeleuchtung = [ + "light.arbeitszimmer_schrank_dimmer" + "light.arbeitszimmer_kerze" # arbeitszimmer_kerze + ]; +in { + services.home-assistant.config.light = [ + { + platform = "group"; + name = "Arbeitszimmerbeleuchtung"; + entities = arbeitszimmerbeleuchtung; + } + { + platform = "group"; + name = "Arbeitszimmer Deko"; + entities = arbeitszimmer_deko; + } + ]; +} diff --git a/makefu/2configs/ham/light/schlafzimmer.nix b/makefu/2configs/ham/light/schlafzimmer.nix index 274fd60a3..e5370e3f8 100644 --- a/makefu/2configs/ham/light/schlafzimmer.nix +++ b/makefu/2configs/ham/light/schlafzimmer.nix @@ -1,41 +1,14 @@ let - arbeitszimmer_licht = [ - "light.led_wand" - "light.arbeitszimmer_led1_led_strip" # LED-Kreis in cube - "light.arbeitszimmer_flur_osram_light" - "light.arbeitszimmer_schrank_dimmer_light" - "light.arbeitszimmer_schrank_osram_light" - ]; - wohnzimmer_licht = [ - "light.wohnzimmer_fernseher_led_strip" # led um fernseher - "light.wohnzimmer_komode_osram_light" - "light.wohnzimmer_schrank_osram_light" - "light.wohnzimmer_stehlampe_osram_light" - ]; schlafzimmer_licht = [ - "light.schlafzimmer_komode_osram_light" + "light.schlafzimmer_komode_osram" + # "light.schlafzimmer_schrank_osram" ]; in { services.home-assistant.config.light = [ { platform = "group"; - name = "Arbeitszimmer Lichter"; - entities = arbeitszimmer_licht; - } - { - platform = "group"; - name = "Wohnzimmer Lichter"; - entities = wohnzimmer_licht; - } - { - platform = "group"; - name = "Schlafzimmer Lichter"; + name = "Schlafzimmerbeleuchtung"; entities = schlafzimmer_licht; } - { - platform = "group"; - name = "Alle Lichter"; - entities = arbeitszimmer_licht ++ wohnzimmer_licht ++ schlafzimmer_licht; - } ]; } diff --git a/makefu/2configs/ham/light/wohnzimmer.nix b/makefu/2configs/ham/light/wohnzimmer.nix new file mode 100644 index 000000000..bc9c2778a --- /dev/null +++ b/makefu/2configs/ham/light/wohnzimmer.nix @@ -0,0 +1,24 @@ +let + wohnzimmerbeleuchtung = [ + "light.wohnzimmer_komode_osram_light" + "light.wohnzimmer_schrank_osram_light" + ]; + wohnzimmer_deko = [ + "light.wohnzimmer_fernseher_led_strip" # led um fernseher + "light.wohnzimmer_lichterkette_led_strip" # led um fernsehwand + "light.kinderzimmer_lichterkette_licht" # led um fenster + ]; +in { + services.home-assistant.config.light = [ + { + platform = "group"; + name = "Wohnzimmerbeleuchtung"; + entities = wohnzimmerbeleuchtung; + } + { + platform = "group"; + name = "Wohnzimmer Deko"; + entities = wohnzimmer_deko; + } + ]; +} -- cgit v1.3.1 From 6a53d3e0fd78bbb9094b7c1f59be0bb6742cf67d Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 1 Jan 2021 00:45:06 +0100 Subject: ma dl.gum: provide access to internal host --- makefu/0tests/data/secrets/dl.gum-auth.nix | 2 ++ makefu/2configs/nginx/dl.euer.krebsco.de.nix | 9 +++++++-- 2 files changed, 9 insertions(+), 2 deletions(-) create mode 100644 makefu/0tests/data/secrets/dl.gum-auth.nix (limited to 'makefu') diff --git a/makefu/0tests/data/secrets/dl.gum-auth.nix b/makefu/0tests/data/secrets/dl.gum-auth.nix new file mode 100644 index 000000000..2c63c0851 --- /dev/null +++ b/makefu/0tests/data/secrets/dl.gum-auth.nix @@ -0,0 +1,2 @@ +{ +} diff --git a/makefu/2configs/nginx/dl.euer.krebsco.de.nix b/makefu/2configs/nginx/dl.euer.krebsco.de.nix index 828a66a74..5380d8437 100644 --- a/makefu/2configs/nginx/dl.euer.krebsco.de.nix +++ b/makefu/2configs/nginx/dl.euer.krebsco.de.nix @@ -1,9 +1,8 @@ { config, lib, pkgs, ... }: -with import ; { services.nginx = { - enable = mkDefault true; + enable = lib.mkDefault true; recommendedGzipSettings = true; recommendedOptimisation = true; virtualHosts."dl.euer.krebsco.de" = { @@ -13,5 +12,11 @@ with import ; enableACME = true; basicAuth = import ; }; + virtualHosts."dl.gum.r" = { + serverAliases = [ "dl.gum" "dl.makefu.r" "dl.makefu" ]; + root = config.makefu.dl-dir; + extraConfig = "autoindex on;"; + basicAuth = import ; + }; }; } -- cgit v1.3.1 From 4a119186038fb0b6b60ce1861abec573d8f4081e Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 3 Jan 2021 02:03:12 +0100 Subject: ma deployment/owncloud: use upstream module --- makefu/2configs/deployment/owncloud.nix | 266 +++++++------------------------- 1 file changed, 56 insertions(+), 210 deletions(-) (limited to 'makefu') diff --git a/makefu/2configs/deployment/owncloud.nix b/makefu/2configs/deployment/owncloud.nix index af6592b2b..7a5a5e2b0 100644 --- a/makefu/2configs/deployment/owncloud.nix +++ b/makefu/2configs/deployment/owncloud.nix @@ -1,216 +1,62 @@ { lib, pkgs, config, ... }: with lib; -# imperative in config.php: -# #local memcache: -# 'memcache.local' => '\\OC\\Memcache\\APCu', -# #local locking: -# 'memcache.locking' => '\\OC\\Memcache\\Redis', -# 'redis' => -# array ( -# 'host' => 'localhost', -# 'port' => 6379, -# ), - - let - phpPackage = let - base = pkgs.php74; - in - base.buildEnv { - extensions = { enabled, all }: with all; - enabled ++ [ - apcu redis memcached imagick - ]; - }; - - # TODO: copy-paste from lass/2/websites/util.nix - nextcloud = pkgs.nextcloud20; - serveCloud = domains: - let - domain = head domains; - root = "/var/www/${domain}/"; - socket = "/var/run/${domain}-phpfpm.sock"; - in { - system.activationScripts."prepare-nextcloud-${domain}" = '' - if test ! -e ${root} ;then - echo "copying latest ${nextcloud.name} release to ${root}" - mkdir -p $(dirname "${root}") - cp -r ${nextcloud} "${root}" - chown -R nginx:nginx "${root}" - chmod 770 "${root}" - fi - ''; - services.nginx.virtualHosts."${domain}" = { - forceSSL = true; - enableACME = true; - serverAliases = domains; - extraConfig = '' - - # Add headers to serve security related headers - add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; - add_header X-Content-Type-Options nosniff; - add_header X-Frame-Options "SAMEORIGIN"; - add_header X-XSS-Protection "1; mode=block"; - add_header X-Robots-Tag none; - add_header X-Download-Options noopen; - add_header X-Permitted-Cross-Domain-Policies none; - - # Path to the root of your installation - root ${root}; - # set max upload size - client_max_body_size 10G; - fastcgi_buffers 64 4K; - fastcgi_read_timeout 120; - - # Disable gzip to avoid the removal of the ETag header - gzip off; - - # Uncomment if your server is build with the ngx_pagespeed module - # This module is currently not supported. - #pagespeed off; - - index index.php; - error_page 403 /core/templates/403.php; - error_page 404 /core/templates/404.php; - - rewrite ^/.well-known/carddav /remote.php/carddav/ permanent; - rewrite ^/.well-known/caldav /remote.php/caldav/ permanent; - - # The following 2 rules are only needed for the user_webfinger app. - # Uncomment it if you're planning to use this app. - rewrite ^/.well-known/host-meta /public.php?service=host-meta last; - rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; - ''; - locations."/robots.txt".extraConfig = '' - allow all; - log_not_found off; - access_log off; - ''; - locations."~ ^/(build|tests|config|lib|3rdparty|templates|data)/".extraConfig = '' - deny all; - ''; - - locations."~ ^/(?:autotest|occ|issue|indie|db_|console)".extraConfig = '' - deny all; - ''; - - locations."/".extraConfig = '' - rewrite ^/remote/(.*) /remote.php last; - rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; - try_files $uri $uri/ =404; - ''; - - locations."~ \.php(?:$|/)".extraConfig = '' - fastcgi_split_path_info ^(.+\.php)(/.+)$; - include ${pkgs.nginx}/conf/fastcgi_params; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_param PATH_INFO $fastcgi_path_info; - fastcgi_param HTTPS on; - fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice - fastcgi_pass unix:${config.services.phpfpm.pools.${domain}.socket}; - fastcgi_intercept_errors on; - ''; - - # Adding the cache control header for js and css files - # Make sure it is BELOW the location ~ \.php(?:$|/) block - locations."~* \.(?:css|js)$".extraConfig = '' - add_header Cache-Control "public, max-age=7200"; - # Add headers to serve security related headers - add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; - add_header X-Content-Type-Options nosniff; - add_header X-XSS-Protection "1; mode=block"; - add_header X-Robots-Tag none; - add_header X-Frame-Options SAMEORIGIN; - add_header X-Download-Options noopen; - add_header X-Permitted-Cross-Domain-Policies none; - - # Optional: Don't log access to assets - access_log off; - ''; - # Optional: Don't log access to other assets - locations."~* \.(?:jpg|jpeg|gif|bmp|ico|png|swf)$".extraConfig = '' - access_log off; - ''; - }; - services.phpfpm.pools."${domain}" = { - user = "nginx"; - group = "nginx"; - phpPackage = phpPackage; - settings = { - "listen.owner" = "nginx"; - "pm" = "dynamic"; - "pm.max_children" = 32; - "pm.max_requests" = 500; - "pm.start_servers" = 2; - "pm.min_spare_servers" = 2; - "pm.max_spare_servers" = 5; - "php_admin_value[error_log]" = "stderr"; - "php_admin_flag[log_errors]" = "on"; - "catch_workers_output" = true; - }; - phpEnv."PATH" = lib.makeBinPath [ phpPackage ]; - }; - services.phpfpm.phpOptions = '' - opcache.enable=1 - opcache.enable_cli=1 - opcache.interned_strings_buffer=8 - opcache.max_accelerated_files=10000 - opcache.memory_consumption=128 - opcache.save_comments=1 - opcache.revalidate_freq=1 - opcache.file_cache = .opcache - zend_extension=${phpPackage}/lib/php/extensions/opcache.so - - display_errors = on - display_startup_errors = on - always_populate_raw_post_data = -1 - error_reporting = E_ALL | E_STRICT - html_errors = On - date.timezone = "Europe/Berlin" - extension=${phpPackage}/lib/php/extensions/memcached.so - extension=${phpPackage}/lib/php/extensions/redis.so - extension=${phpPackage}/lib/php/extensions/apcu.so - ''; - - systemd.services."nextcloud-cron-${domain}" = { - serviceConfig = { - User = "nginx"; - ExecStart = "${phpPackage}/bin/php -f ${root}/cron.php"; - }; - startAt = "*:0/15"; - }; + adminpw = "/run/secret/nextcloud-admin-pw"; + dbpw = "/run/secret/nextcloud-db-pw"; +in { + krebs.secret.files.nextcloud-db-pw = { + path = dbpw; + owner.name = "nextcloud"; + source-path = toString + "/nextcloud-db-pw"; + }; + + krebs.secret.files.nextcloud-admin-pw = { + path = adminpw; + owner.name = "nextcloud"; + source-path = toString + "/nextcloud-admin-pw"; + }; + + services.nginx.virtualHosts."o.euer.krebsco.de" = { + forceSSL = true; + enableACME = true; + }; + + services.nextcloud = { + enable = true; + package = pkgs.nextcloud20; + hostName = "o.euer.krebsco.de"; + # Use HTTPS for links + https = true; + # Auto-update Nextcloud Apps + autoUpdateApps.enable = true; + # Set what time makes sense for you + autoUpdateApps.startAt = "05:00:00"; + + config = { + # Further forces Nextcloud to use HTTPS + overwriteProtocol = "https"; + + # Nextcloud PostegreSQL database configuration, recommended over using SQLite + dbtype = "pgsql"; + dbuser = "nextcloud"; + dbhost = "/run/postgresql"; # nextcloud will add /.s.PGSQL.5432 by itself + dbname = "nextcloud"; + dbpassFile = dbpw; + adminpassFile = adminpw; + adminuser = "admin"; }; -in { - imports = [ - ( serveCloud [ "o.euer.krebsco.de" ] ) - ]; - - networking.firewall.allowedTCPPorts = [ 80 443 ]; - services.redis.enable = true; - - #services.mysql = { - # enable = false; - # package = pkgs.mariadb; - # rootPassword = config.krebs.secret.files.mysql_rootPassword.path; - # initialDatabases = [ - # # Or use writeText instead of literalExample? - # #{ name = "nextcloud"; schema = literalExample "./nextcloud.sql"; } - # { - # name = "nextcloud"; - # schema = pkgs.writeText "nextcloud.sql" - # '' - # create user if not exists 'nextcloud'@'localhost' identified by 'password'; - # grant all privileges on nextcloud.* to 'nextcloud'@'localhost' identified by 'password'; - # ''; - # } - # ]; - #}; - - # dataDir is only defined after mysql is enabled - #krebs.secret.files.mysql_rootPassword = { - # path = "${config.services.mysql.dataDir}/mysql_rootPassword"; - # owner.name = "root"; - # source-path = toString + "/mysql_rootPassword"; - #}; + }; + + services.postgresql = { + enable = true; + # Ensure the database, user, and permissions always exist + ensureDatabases = [ "nextcloud" ]; + ensureUsers = [ { name = "nextcloud"; ensurePermissions."DATABASE nextcloud" = "ALL PRIVILEGES"; } ]; + }; + + systemd.services."nextcloud-setup" = { + requires = ["postgresql.service"]; + after = ["postgresql.service"]; + }; } -- cgit v1.3.1 From dfb850d6d11eefe684af54ded7acdad69a1aa244 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 3 Jan 2021 10:59:50 +0100 Subject: ma owncloud: enable caching --- makefu/2configs/deployment/owncloud.nix | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) (limited to 'makefu') diff --git a/makefu/2configs/deployment/owncloud.nix b/makefu/2configs/deployment/owncloud.nix index 7a5a5e2b0..571e56277 100644 --- a/makefu/2configs/deployment/owncloud.nix +++ b/makefu/2configs/deployment/owncloud.nix @@ -1,10 +1,25 @@ { lib, pkgs, config, ... }: with lib; +# services.redis.enable = true; +# to enable caching with redis first start up everything, then run: +# nextcloud-occ config:system:set redis 'host' --value 'localhost' --type string +# nextcloud-occ config:system:set redis 'port' --value 6379 --type integer +# nextcloud-occ config:system:set memcache.local --value '\OC\Memcache\Redis' --type string +# nextcloud-occ config:system:set memcache.locking --value '\OC\Memcache\Redis' --type string + +# services.memcached.enable = true; +# to enable caching with memcached run: +# nextcloud-occ config:system:set memcached_servers 0 0 --value 127.0.0.1 --type string +# nextcloud-occ config:system:set memcached_servers 0 1 --value 11211 --type integer +# nextcloud-occ config:system:set memcache.local --value '\OC\Memcache\APCu' --type string +# nextcloud-occ config:system:set memcache.distributed --value '\OC\Memcache\Memcached' --type string + let adminpw = "/run/secret/nextcloud-admin-pw"; dbpw = "/run/secret/nextcloud-db-pw"; in { + krebs.secret.files.nextcloud-db-pw = { path = dbpw; owner.name = "nextcloud"; @@ -21,7 +36,7 @@ in { forceSSL = true; enableACME = true; }; - + state = [ "${config.services.nextcloud.home}/config" ]; services.nextcloud = { enable = true; package = pkgs.nextcloud20; @@ -33,6 +48,8 @@ in { # Set what time makes sense for you autoUpdateApps.startAt = "05:00:00"; + caching.redis = true; + # caching.memcached = true; config = { # Further forces Nextcloud to use HTTPS overwriteProtocol = "https"; @@ -47,7 +64,8 @@ in { adminuser = "admin"; }; }; - + services.redis.enable = true; + systemd.services.redis.serviceConfig.LimitNOFILE=65536; services.postgresql = { enable = true; # Ensure the database, user, and permissions always exist -- cgit v1.3.1 From eff5c83773fdad9f463997c4ccdb836edc8cc579 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 4 Jan 2021 11:45:25 +0100 Subject: ma systemdultras: init config for ircbot --- makefu/2configs/systemdultras/ircbot.nix | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 makefu/2configs/systemdultras/ircbot.nix (limited to 'makefu') diff --git a/makefu/2configs/systemdultras/ircbot.nix b/makefu/2configs/systemdultras/ircbot.nix new file mode 100644 index 000000000..c5f1bbed2 --- /dev/null +++ b/makefu/2configs/systemdultras/ircbot.nix @@ -0,0 +1,24 @@ +{ + krebs.brockman = { + enable = true; + config = { + irc = { + host = "irc.freenode.net"; + port = 6667; + }; + bots = { + r-systemdultras-rss = { + feed = "https://www.reddit.com/r/systemdultras/.rss"; + delay = 136; + channels = [ "#systemdultras" ]; + }; + r-systemd-rss = { + feed = "https://www.reddit.com/r/systemd/.rss"; + delay = 172; + channels = [ "#systemdultras" ]; + }; + }; + }; + + }; +} -- cgit v1.3.1 From d34dc528ee720af767c3b5a36d6e641c1b7b63d4 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 4 Jan 2021 12:04:17 +0100 Subject: ma dcpp: remove redis config --- makefu/2configs/dcpp/hub.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'makefu') diff --git a/makefu/2configs/dcpp/hub.nix b/makefu/2configs/dcpp/hub.nix index 4566a1f4f..fbbce1f09 100644 --- a/makefu/2configs/dcpp/hub.nix +++ b/makefu/2configs/dcpp/hub.nix @@ -41,7 +41,6 @@ in { }; systemd.services = { - redis.serviceConfig.LimitNOFILE=10032; ddclient-nsupdate-uhub = { wantedBy = [ "multi-user.target" ]; after = [ "ip-up.target" ]; -- cgit v1.3.1