From b69647ac17b782fee1dfc3788bd2900a9a33b732 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 24 May 2017 10:51:58 +0200 Subject: s wolf: enable influx for rash --- shared/1systems/wolf.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'shared') diff --git a/shared/1systems/wolf.nix b/shared/1systems/wolf.nix index 75307be12..ebe393c90 100644 --- a/shared/1systems/wolf.nix +++ b/shared/1systems/wolf.nix @@ -19,6 +19,8 @@ in # use your own binary cache, fallback use cache.nixos.org (which is used by # apt-cacher-ng in first place) + services.influxdb.enable = true; + # local discovery in shackspace nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; }; krebs.tinc.retiolum.extraConfig = "TCPOnly = yes"; @@ -46,6 +48,7 @@ in networking = { firewall.enable = false; + firewall.allowedTCPPorts = [ 8088 8086 8083 ]; interfaces.enp0s3.ip4 = [{ address = shack-ip; prefixLength = 20; -- cgit v1.2.3 From e086914ce0cbe09a100475149ae9730b58d1222d Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 25 May 2017 23:21:20 +0200 Subject: s: enable save-diskspace --- shared/1systems/wolf.nix | 2 ++ shared/2configs/default.nix | 2 +- shared/2configs/save-diskspace.nix | 11 +++++++++++ 3 files changed, 14 insertions(+), 1 deletion(-) create mode 100644 shared/2configs/save-diskspace.nix (limited to 'shared') diff --git a/shared/1systems/wolf.nix b/shared/1systems/wolf.nix index ebe393c90..c6cc2f81c 100644 --- a/shared/1systems/wolf.nix +++ b/shared/1systems/wolf.nix @@ -15,6 +15,7 @@ in ../2configs/shared-buildbot.nix ../2configs/share-shack.nix ../2configs/central-stats-client.nix + ../2configs/save-diskspace.nix ]; # use your own binary cache, fallback use cache.nixos.org (which is used by # apt-cacher-ng in first place) @@ -86,4 +87,5 @@ in ]; time.timeZone = "Europe/Berlin"; + sound.enable = false; } diff --git a/shared/2configs/default.nix b/shared/2configs/default.nix index e7f600cd0..894f8a997 100644 --- a/shared/2configs/default.nix +++ b/shared/2configs/default.nix @@ -11,7 +11,7 @@ with import ; nixos-config.symlink = "stockholm/${user.name}/1systems/${host.name}.nix"; nixpkgs.git = { url = https://github.com/NixOS/nixpkgs; - ref = "22da5d02466ffe465735986d705675982f3646a0"; # nixos-17.03 @ 2017-05-13 + ref = "58e227052d40021d82d015f3f8da011ae54ea430"; # nixos-17.03 @ 2017-05-24 }; secrets.file = if getEnv "dummy_secrets" == "true" diff --git a/shared/2configs/save-diskspace.nix b/shared/2configs/save-diskspace.nix new file mode 100644 index 000000000..ab074c750 --- /dev/null +++ b/shared/2configs/save-diskspace.nix @@ -0,0 +1,11 @@ +{lib, ... }: +# TODO: do not check out nixpkgs master but fetch revision from github +{ + environment.noXlibs = true; + nix.gc.automatic = true; + nix.gc.dates = lib.mkDefault "03:10"; + programs.info.enable = false; + programs.man.enable = false; + services.journald.extraConfig = "SystemMaxUse=50M"; + services.nixosManual.enable = false; +} -- cgit v1.2.3 From 90822f64e0bf247c5cca2f035077553cac5ceb79 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 1 Jun 2017 09:21:20 +0200 Subject: shared: move shack config to shack/ --- shared/1systems/wolf.nix | 17 +++++++----- shared/2configs/shack-drivedroid.nix | 49 ---------------------------------- shared/2configs/shack-nix-cacher.nix | 28 ------------------- shared/2configs/shack/drivedroid.nix | 49 ++++++++++++++++++++++++++++++++++ shared/2configs/shack/mqtt_sub.nix | 34 +++++++++++++++++++++++ shared/2configs/shack/muell_caller.nix | 41 ++++++++++++++++++++++++++++ shared/2configs/shack/nix-cacher.nix | 28 +++++++++++++++++++ shared/2configs/shack/share.nix | 38 ++++++++++++++++++++++++++ shared/2configs/share-shack.nix | 38 -------------------------- 9 files changed, 201 insertions(+), 121 deletions(-) delete mode 100644 shared/2configs/shack-drivedroid.nix delete mode 100644 shared/2configs/shack-nix-cacher.nix create mode 100644 shared/2configs/shack/drivedroid.nix create mode 100644 shared/2configs/shack/mqtt_sub.nix create mode 100644 shared/2configs/shack/muell_caller.nix create mode 100644 shared/2configs/shack/nix-cacher.nix create mode 100644 shared/2configs/shack/share.nix delete mode 100644 shared/2configs/share-shack.nix (limited to 'shared') diff --git a/shared/1systems/wolf.nix b/shared/1systems/wolf.nix index c6cc2f81c..9acc5894b 100644 --- a/shared/1systems/wolf.nix +++ b/shared/1systems/wolf.nix @@ -6,16 +6,21 @@ in imports = [ ../. - ../2configs/cgit-mirror.nix ../2configs/collectd-base.nix + ../2configs/shack/share.nix + ../2configs/central-stats-client.nix + ../2configs/save-diskspace.nix + + ../2configs/cgit-mirror.nix ../2configs/graphite.nix ../2configs/repo-sync.nix - ../2configs/shack-drivedroid.nix - ../2configs/shack-nix-cacher.nix ../2configs/shared-buildbot.nix - ../2configs/share-shack.nix - ../2configs/central-stats-client.nix - ../2configs/save-diskspace.nix + ../2configs/shack/drivedroid.nix + ../2configs/shack/nix-cacher.nix + + ../2configs/shack/mqtt_sub.nix + ../2configs/shack/muell_caller.nix + ]; # use your own binary cache, fallback use cache.nixos.org (which is used by # apt-cacher-ng in first place) diff --git a/shared/2configs/shack-drivedroid.nix b/shared/2configs/shack-drivedroid.nix deleted file mode 100644 index 12e4a39c3..000000000 --- a/shared/2configs/shack-drivedroid.nix +++ /dev/null @@ -1,49 +0,0 @@ -{ config, pkgs, ... }: -with import ; -let - root = "/var/srv/drivedroid"; -in -{ - environment.systemPackages = [ pkgs.drivedroid-gen-repo ]; - - services.nginx = { - enable = mkDefault true; - virtualHosts.shack-drivedroid = { - serverAliases = [ - "drivedroid.shack" - ]; - # TODO: prepare this somehow - locations."/".extraConfig = '' - root ${root}; - index main.json; - ''; - }; - }; - - systemd.services.drivedroid-gen-repo = { - description = "generates drivedroid repo file"; - path = [ - pkgs.coreutils - pkgs.drivedroid-gen-repo - pkgs.inotify-tools - ]; - wantedBy = [ "multi-user.target" ]; - - serviceConfig = { - Type = "simple"; - Restart = "always"; - ExecStartPre = pkgs.writeDash "prepare-drivedroid-gen-repo" '' - mkdir -p ${root}/repos - ''; - ExecStart = pkgs.writeDash "start-drivedroid-gen-repo" '' - set -efu - cd ${root} - while sleep 60; do - if inotifywait -r .; then - drivedroid-gen-repo repos > main.json - fi - done - ''; - }; - }; -} diff --git a/shared/2configs/shack-nix-cacher.nix b/shared/2configs/shack-nix-cacher.nix deleted file mode 100644 index 4fcbf3a4e..000000000 --- a/shared/2configs/shack-nix-cacher.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ config, pkgs, ... }: -with import ; -let - cfg = config.krebs.apt-cacher-ng; -in -{ - krebs.apt-cacher-ng = { - enable = true; - port = 3142; - bindAddress = "localhost"; - cacheExpiration = 30; - }; - - services.nginx = { - enable = mkDefault true; - virtualHosts.shack-nix-cacher = { - serverAliases = [ - "acng.shack" - ]; - locations."/".extraConfig = '' - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_pass http://localhost:${toString cfg.port}/; - ''; - }; - }; -} diff --git a/shared/2configs/shack/drivedroid.nix b/shared/2configs/shack/drivedroid.nix new file mode 100644 index 000000000..12e4a39c3 --- /dev/null +++ b/shared/2configs/shack/drivedroid.nix @@ -0,0 +1,49 @@ +{ config, pkgs, ... }: +with import ; +let + root = "/var/srv/drivedroid"; +in +{ + environment.systemPackages = [ pkgs.drivedroid-gen-repo ]; + + services.nginx = { + enable = mkDefault true; + virtualHosts.shack-drivedroid = { + serverAliases = [ + "drivedroid.shack" + ]; + # TODO: prepare this somehow + locations."/".extraConfig = '' + root ${root}; + index main.json; + ''; + }; + }; + + systemd.services.drivedroid-gen-repo = { + description = "generates drivedroid repo file"; + path = [ + pkgs.coreutils + pkgs.drivedroid-gen-repo + pkgs.inotify-tools + ]; + wantedBy = [ "multi-user.target" ]; + + serviceConfig = { + Type = "simple"; + Restart = "always"; + ExecStartPre = pkgs.writeDash "prepare-drivedroid-gen-repo" '' + mkdir -p ${root}/repos + ''; + ExecStart = pkgs.writeDash "start-drivedroid-gen-repo" '' + set -efu + cd ${root} + while sleep 60; do + if inotifywait -r .; then + drivedroid-gen-repo repos > main.json + fi + done + ''; + }; + }; +} diff --git a/shared/2configs/shack/mqtt_sub.nix b/shared/2configs/shack/mqtt_sub.nix new file mode 100644 index 000000000..dafa06ba9 --- /dev/null +++ b/shared/2configs/shack/mqtt_sub.nix @@ -0,0 +1,34 @@ +{ config, lib, pkgs, ... }: + +with import ; +let + pkg = pkgs.stdenv.mkDerivation { + name = "mqtt2graphite-2017-05-29"; + src = pkgs.fetchgit { + url = "https://github.com/shackspace/mqtt2graphite/"; + rev = "8c060e6"; + sha256 = "06x7a1j6sfyvvdxg0366fcslhn478anqh4m5hljyf0z29knvz7pg"; + }; + buildInputs = [ + (pkgs.python35.withPackages (pythonPackages: with pythonPackages; [ + docopt + paho-mqtt + ])) + ]; + installPhase = '' + install -m755 -D sub.py $out/bin/sub + install -m755 -D sub2.py $out/bin/sub-new + ''; + }; +in { + systemd.services.mqtt_sub = { + description = "subscribe to mqtt, send to graphite"; + # after = [ (lib.optional config.services.mosqitto.enable "mosquitto.service") ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + User = "nobody"; + ExecStart = "${pkg}/bin/sub-new"; + PrivateTmp = true; + }; + }; +} diff --git a/shared/2configs/shack/muell_caller.nix b/shared/2configs/shack/muell_caller.nix new file mode 100644 index 000000000..613ed2e4f --- /dev/null +++ b/shared/2configs/shack/muell_caller.nix @@ -0,0 +1,41 @@ +{ config, lib, pkgs, ... }: + +with import ; +let + pkg = pkgs.stdenv.mkDerivation { + name = "muell_caller-2017-06-01"; + src = pkgs.fetchgit { + url = "https://github.com/shackspace/muell_caller/"; + rev = "bbd4009"; + sha256 = "06xaa1j6sfyvvdxg0366fcslhn478anqh4m5hljyf0z29knvz7pg"; + }; + buildInputs = [ + (pkgs.python3.withPackages (pythonPackages: with pythonPackages; [ + docopt + requests + paramiko + python + ])) + ]; + installPhase = '' + install -m755 -D call.py $out/bin/call-muell + ''; + }; + cfg = "${toString }/tell.json"; +in { + systemd.services.mqtt_sub = { + description = "call muell"; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + User = "nobody"; # TODO separate user + ExecStartPre = writeDash "call-muell-pre" '' + cp ${cfg} /tmp/tell.json + chown nobody /tmp/tell.json + ''; + ExecStart = "${pkg}/bin/call-muell --cfg /tmp/tell.json --mode mpd loop 60"; + Restart = "always"; + PrivateTmp = true; + PermissionsStartOnly = true; + }; + }; +} diff --git a/shared/2configs/shack/nix-cacher.nix b/shared/2configs/shack/nix-cacher.nix new file mode 100644 index 000000000..4fcbf3a4e --- /dev/null +++ b/shared/2configs/shack/nix-cacher.nix @@ -0,0 +1,28 @@ +{ config, pkgs, ... }: +with import ; +let + cfg = config.krebs.apt-cacher-ng; +in +{ + krebs.apt-cacher-ng = { + enable = true; + port = 3142; + bindAddress = "localhost"; + cacheExpiration = 30; + }; + + services.nginx = { + enable = mkDefault true; + virtualHosts.shack-nix-cacher = { + serverAliases = [ + "acng.shack" + ]; + locations."/".extraConfig = '' + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://localhost:${toString cfg.port}/; + ''; + }; + }; +} diff --git a/shared/2configs/shack/share.nix b/shared/2configs/shack/share.nix new file mode 100644 index 000000000..247b9ee7d --- /dev/null +++ b/shared/2configs/shack/share.nix @@ -0,0 +1,38 @@ +{config, ... }:{ + users.users.smbguest = { + name = "smbguest"; + uid = config.ids.uids.smbguest; + group = "share"; + description = "smb guest user"; + home = "/home/share"; + createHome = true; + }; + + networking.firewall.allowedTCPPorts = [ + 139 445 # samba + ]; + + networking.firewall.allowedUDPPorts = [ + 137 138 + ]; + services.samba = { + enable = true; + shares = { + share-home = { + path = "/home/share/"; + "read only" = "no"; + browseable = "yes"; + "guest ok" = "yes"; + }; + }; + extraConfig = '' + guest account = smbguest + map to guest = bad user + # disable printing + load printers = no + printing = bsd + printcap name = /dev/null + disable spoolss = yes + ''; + }; +} diff --git a/shared/2configs/share-shack.nix b/shared/2configs/share-shack.nix deleted file mode 100644 index 247b9ee7d..000000000 --- a/shared/2configs/share-shack.nix +++ /dev/null @@ -1,38 +0,0 @@ -{config, ... }:{ - users.users.smbguest = { - name = "smbguest"; - uid = config.ids.uids.smbguest; - group = "share"; - description = "smb guest user"; - home = "/home/share"; - createHome = true; - }; - - networking.firewall.allowedTCPPorts = [ - 139 445 # samba - ]; - - networking.firewall.allowedUDPPorts = [ - 137 138 - ]; - services.samba = { - enable = true; - shares = { - share-home = { - path = "/home/share/"; - "read only" = "no"; - browseable = "yes"; - "guest ok" = "yes"; - }; - }; - extraConfig = '' - guest account = smbguest - map to guest = bad user - # disable printing - load printers = no - printing = bsd - printcap name = /dev/null - disable spoolss = yes - ''; - }; -} -- cgit v1.2.3 From 1c1314f667730264c91f75d50f679ef87c8a6e3a Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 1 Jun 2017 10:13:14 +0200 Subject: s 2 muell_caller: fix derivation --- shared/2configs/shack/muell_caller.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'shared') diff --git a/shared/2configs/shack/muell_caller.nix b/shared/2configs/shack/muell_caller.nix index 613ed2e4f..2d8d78e33 100644 --- a/shared/2configs/shack/muell_caller.nix +++ b/shared/2configs/shack/muell_caller.nix @@ -7,12 +7,12 @@ let src = pkgs.fetchgit { url = "https://github.com/shackspace/muell_caller/"; rev = "bbd4009"; - sha256 = "06xaa1j6sfyvvdxg0366fcslhn478anqh4m5hljyf0z29knvz7pg"; + sha256 = "1bfnfl2vdh0p5wzyz5p48qh04vvsg2445avg86fzhzragx25fqv0"; }; buildInputs = [ (pkgs.python3.withPackages (pythonPackages: with pythonPackages; [ docopt - requests + requests2 paramiko python ])) @@ -23,12 +23,12 @@ let }; cfg = "${toString }/tell.json"; in { - systemd.services.mqtt_sub = { + systemd.services.call_muell = { description = "call muell"; wantedBy = [ "multi-user.target" ]; serviceConfig = { User = "nobody"; # TODO separate user - ExecStartPre = writeDash "call-muell-pre" '' + ExecStartPre = pkgs.writeDash "call-muell-pre" '' cp ${cfg} /tmp/tell.json chown nobody /tmp/tell.json ''; -- cgit v1.2.3 From 9858a7279aab6f7c04b2c12e282df4ce67c4b9b3 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 1 Jun 2017 10:13:31 +0200 Subject: s 2 graphite: add graphite --- shared/2configs/graphite.nix | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) (limited to 'shared') diff --git a/shared/2configs/graphite.nix b/shared/2configs/graphite.nix index 8a1238466..689aedd04 100644 --- a/shared/2configs/graphite.nix +++ b/shared/2configs/graphite.nix @@ -22,12 +22,50 @@ with import ; MAX_CACHE_SIZE = inf MAX_UPDATES_PER_SECOND = 1 MAX_CREATES_PER_MINUTE = 50 + MAX_UPDATES_PER_SECOND_ONSHUTDOWN = 9001 ''; storageSchemas = '' [carbon] pattern = ^carbon\. retentions = 60:90d + + [radiation_sensor] + pattern = ^sensors\.radiation\. + retentions = 1m:30d,5m:180d,10m:3y + + [motion_sensors] + pattern = ^sensors\.motion\. + retentions = 1s:1h,60s:30d,300s:1y + + [motion_sensors] + pattern = ^retiolum\. + retentions = 10s:1h,30s:30d,300s:1y + + [homeassistant] + pattern = ^homeassistant\. + retentions = 10s:24h,30s:30d,300s:1y,3600s:5y + + [ara] + pattern = ^ara\. + retentions = 60s:30d,300s:1y + + [openweathermap] + pattern = ^weather\.openweathermap + retentions = 30m:30d,1h:5y + + [stadtklima] + pattern = ^weather\.stadtklima-stuttgart + retentions = 15m:30d,30m:5y + + [sensebox] + pattern = ^weather\.sensebox + retentions = 1m:90d,30m:5y + + [elchos] + pattern = ^elchos\. + retentions = 10s:14d,1m:90d,10m:5y + [default] pattern = .* retentions = 60s:30d,300s:1y -- cgit v1.2.3