diff options
Diffstat (limited to 'makefu')
44 files changed, 569 insertions, 159 deletions
diff --git a/makefu/0tests/data/secrets/ham/nextcloud-calendar b/makefu/0tests/data/secrets/ham/nextcloud-calendar new file mode 100644 index 000000000..18b159112 --- /dev/null +++ b/makefu/0tests/data/secrets/ham/nextcloud-calendar @@ -0,0 +1,5 @@ +{ + username = "bob"; + password = "rob"; +} + diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index a38a671f4..d0ba1a3c6 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -116,7 +116,7 @@ in { <stockholm/makefu/2configs/wireguard/wiregrill.nix> # Removed until move: no extra mails - <stockholm/makefu/2configs/urlwatch> + # <stockholm/makefu/2configs/urlwatch> # Removed until move: avoid letsencrypt ban ### Web <stockholm/makefu/2configs/nginx/dl.euer.krebsco.de.nix> @@ -136,7 +136,7 @@ in { <stockholm/makefu/2configs/deployment/owncloud.nix> <stockholm/makefu/2configs/deployment/board.euer.krebsco.de.nix> <stockholm/makefu/2configs/deployment/rss.euer.krebsco.de.nix> - <stockholm/makefu/2configs/deployment/feed.euer.krebsco.de> + #<stockholm/makefu/2configs/deployment/feed.euer.krebsco.de> <stockholm/makefu/2configs/deployment/boot-euer.nix> <stockholm/makefu/2configs/deployment/gecloudpad> <stockholm/makefu/2configs/deployment/docker/archiveteam-warrior.nix> diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix index 34bd42592..423ebb4c6 100644 --- a/makefu/1systems/omo/config.nix +++ b/makefu/1systems/omo/config.nix @@ -14,6 +14,15 @@ in { <stockholm/makefu/2configs/headless.nix> <stockholm/makefu/2configs/support-nixos.nix> <stockholm/makefu/2configs/nur.nix> + # x11 forwarding + { + services.openssh.forwardX11 = true; + users.users.makefu.packages = [ + pkgs.tinymediamanager + ]; + } + { environment.systemPackages = [ pkgs.youtube-dl2kodi pkgs.youtube-dl]; } + <stockholm/makefu/2configs/zsh-user.nix> <stockholm/makefu/2configs/home-manager> @@ -35,7 +44,7 @@ in { #<stockholm/makefu/2configs/share-user-sftp.nix> <stockholm/makefu/2configs/urlwatch> - <stockholm/makefu/2configs/legacy_only.nix> + # <stockholm/makefu/2configs/legacy_only.nix> <stockholm/makefu/2configs/share/omo.nix> <stockholm/makefu/2configs/dcpp/airdcpp.nix> diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix index 4e6706b25..4781af357 100644 --- a/makefu/1systems/x/config.nix +++ b/makefu/1systems/x/config.nix @@ -14,6 +14,7 @@ <stockholm/makefu/2configs/home-manager/taskwarrior.nix> <stockholm/makefu/2configs/main-laptop.nix> + <stockholm/makefu/2configs/kdeconnect.nix> <stockholm/makefu/2configs/extra-fonts.nix> <stockholm/makefu/2configs/editor/neovim> <stockholm/makefu/2configs/tools/all.nix> @@ -21,7 +22,7 @@ { systemd.services.docker.wantedBy = lib.mkForce []; } <stockholm/makefu/2configs/dict.nix> - <stockholm/makefu/2configs/legacy_only.nix> + # <stockholm/makefu/2configs/legacy_only.nix> #<stockholm/makefu/3modules/netboot_server.nix> #{ # netboot_server = { @@ -48,6 +49,7 @@ # Testing # <stockholm/makefu/2configs/deployment/gitlab.nix> + # <stockholm/makefu/2configs/deployment/docker/etherpad.nix> # <stockholm/makefu/2configs/deployment/wiki-irc-bot> # <stockholm/makefu/2configs/torrent.nix> @@ -169,8 +171,6 @@ device = "/dev/sda2"; allowDiscards = true; }; - # avoid full boot dir - boot.loader.grub.configurationLimit = 3; environment.systemPackages = [ pkgs.passwdqc-utils ]; diff --git a/makefu/2configs/dcpp/hub.nix b/makefu/2configs/dcpp/hub.nix index 92977b4c8..4566a1f4f 100644 --- a/makefu/2configs/dcpp/hub.nix +++ b/makefu/2configs/dcpp/hub.nix @@ -33,8 +33,7 @@ let uhubDir = "/var/lib/uhub"; in { - users.extraUsers = singleton { - name = ddclientUser; + users.extraUsers."${ddclientUser}" = { uid = genid "ddclient"; description = "ddclient daemon user"; home = stateDir; diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix index 0219e9bb7..beba0ac8c 100644 --- a/makefu/2configs/default.nix +++ b/makefu/2configs/default.nix @@ -89,4 +89,5 @@ with import <stockholm/lib>; email = "letsencrypt@syntax-fehler.de"; acceptTerms = true; }; + system.stateVersion = lib.mkDefault "20.03"; } diff --git a/makefu/2configs/deployment/docker/etherpad.euer.krebsco.de.nix b/makefu/2configs/deployment/docker/etherpad.euer.krebsco.de.nix index a01f924e7..32f1a2f8e 100644 --- a/makefu/2configs/deployment/docker/etherpad.euer.krebsco.de.nix +++ b/makefu/2configs/deployment/docker/etherpad.euer.krebsco.de.nix @@ -10,7 +10,7 @@ in { locations."/".proxyPass = "http://localhost:${toString port}"; }; docker-containers."etherpad-lite" = { - image = "makefoo/bgt-etherpad:2020-05-02.5"; + image = "makefoo/bgt-etherpad:2020-05-02.6"; ports = [ "127.0.0.1:${toString port}:9001" ]; volumes = [ "/var/src/secrets/etherpad/apikey:/opt/etherpad-lite/APIKEY.txt" diff --git a/makefu/2configs/deployment/rss.euer.krebsco.de.nix b/makefu/2configs/deployment/rss.euer.krebsco.de.nix index c827c5a53..86efb5662 100644 --- a/makefu/2configs/deployment/rss.euer.krebsco.de.nix +++ b/makefu/2configs/deployment/rss.euer.krebsco.de.nix @@ -1,3 +1,4 @@ +{ pkgs, config, ... }: let fqdn = "rss.euer.krebsco.de"; in { @@ -6,6 +7,8 @@ in { virtualHost = fqdn; selfUrlPath = "https://${fqdn}"; }; + services.postgresql.package = pkgs.postgresql_9_6; + state = [ config.services.postgresql.dataDir ]; services.nginx.virtualHosts."${fqdn}" = { enableACME = true; forceSSL = true; diff --git a/makefu/2configs/exim-retiolum.nix b/makefu/2configs/exim-retiolum.nix index f15a0cf74..1f433ab44 100644 --- a/makefu/2configs/exim-retiolum.nix +++ b/makefu/2configs/exim-retiolum.nix @@ -5,6 +5,7 @@ with import <stockholm/lib>; networking.firewall.allowedTCPPorts = [ 25 ]; krebs.exim-retiolum.enable = true; + krebs.exim-retiolum.rspamd.enable = true; environment.systemPackages = with pkgs; [ msmtp ]; diff --git a/makefu/2configs/ham/androidtv/adbshell.nix b/makefu/2configs/ham/androidtv/adbshell.nix index 0fadeeb05..c2844eb4e 100644 --- a/makefu/2configs/ham/androidtv/adbshell.nix +++ b/makefu/2configs/ham/androidtv/adbshell.nix @@ -9,11 +9,11 @@ buildPythonPackage rec { pname = "adb_shell"; - version = "0.1.1"; + version = "0.1.3"; src = fetchPypi { inherit pname version; - sha256 = "0a4mjrnw2lrhsakb1vjb5l6m3cr1ii7fibs7020nwv08cyx6pq6q"; + sha256 = "16wb8n4fsh465fjlbsxi83xpi7xklaf28s9568bsb3nkyvfvl58h"; }; propagatedBuildInputs = [ diff --git a/makefu/2configs/ham/androidtv/default.nix b/makefu/2configs/ham/androidtv/default.nix index 9899b2dd3..2a0bec484 100644 --- a/makefu/2configs/ham/androidtv/default.nix +++ b/makefu/2configs/ham/androidtv/default.nix @@ -6,11 +6,11 @@ buildPythonPackage rec { pname = "androidtv"; - version = "0.0.39"; + version = "0.0.41"; src = fetchPypi { inherit pname version; - sha256 = "06lrjj74g2f3pkhsn3c8h13mkykgqqf4g9q6x5yv23z6ghjnk2dz"; + sha256 = "1nch08g47qjgdacl03w7kczx2gajx6nkazgxdzbgn1vghrg6x2zw"; }; propagatedBuildInputs = [ diff --git a/makefu/2configs/ham/calendar/nextcloud.nix b/makefu/2configs/ham/calendar/nextcloud.nix new file mode 100644 index 000000000..0be23ad7b --- /dev/null +++ b/makefu/2configs/ham/calendar/nextcloud.nix @@ -0,0 +1,8 @@ +let + cred = import <secrets/ham/nextcloud-calendar>; +in +{ + platform = "caldav"; + inherit (cred) username password; + url = "https://o.euer.krebsco.de/remote.php/dav"; +} diff --git a/makefu/2configs/ham/default.nix b/makefu/2configs/ham/default.nix index 2db4ad4de..c7e8733b7 100644 --- a/makefu/2configs/ham/default.nix +++ b/makefu/2configs/ham/default.nix @@ -15,6 +15,7 @@ let kurzzeitwecker = import ./multi/kurzzeitwecker.nix; firetv_restart = import ./multi/firetv_restart.nix; the_playlist = import ./multi/the_playlist.nix; + fliegen-counter = import ./multi/fliegen-couter.nix; # switch # automation # binary_sensor @@ -28,10 +29,13 @@ in { services.home-assistant = { package = (upkgs.home-assistant.overrideAttrs (old: { + doCheck = false; + checkPhase = ":"; + installCheckPhase = ":"; })).override { extraPackages = ps: with ps; [ python-forecastio jsonrpc-async jsonrpc-websocket mpd2 pkgs.picotts - (ps.callPackage ./androidtv {}) + (callPackage ./androidtv {}) ]; }; config = { @@ -48,6 +52,7 @@ in { conversation = {}; history = {}; logbook = {}; + counter = fliegen-counter.counter; logger = { default = "info"; }; @@ -138,6 +143,7 @@ in { ++ the_playlist.sensor ++ zigbee.sensor ; frontend = { }; + calendar = [ (import ./calendar/nextcloud.nix) ]; # light = flurlicht.light; http = { }; switch = []; @@ -146,6 +152,7 @@ in { ++ kurzzeitwecker.automation #++ flurlicht.automation ++ the_playlist.automation + ++ fliegen-counter.automation ++ zigbee.automation; script = { } diff --git a/makefu/2configs/ham/google-muell.nix b/makefu/2configs/ham/google-muell.nix deleted file mode 100644 index c81eae201..000000000 --- a/makefu/2configs/ham/google-muell.nix +++ /dev/null @@ -1,45 +0,0 @@ -{ config, lib, pkgs, buildPythonPackage, ... }: -with import <stockholm/lib>; -let - pkg = pkgs.ampel; - home = "/var/lib/ampel"; - sec = "${toString <secrets>}/ampel/google-muell.json"; - ampelsec = "${home}/google-muell.json"; - cred = "${toString <secrets>}/ampel/google-muell-creds.json"; - # TODO: generate this credential file locally - ampelcred = "${home}/google-muell-creds.json"; - sleepval = "1800"; - # default-color = "18,63,40"; - default-color = "255,127,0"; - config_json = toFile "config.json" (toJSON { - mq_hostname = "localhost"; - mq_port = 1883; - mq_username = "sensor"; - mq_topic = "/ham/flurlicht/cmnd/MEM1"; - mq_password = replaceChars ["\n"] [""] (readFile "${toString <secrets>}/mqtt/sensor"); - }); -in { - users.users.ampel = { - uid = genid "ampel"; - createHome = true; - isSystemUser = true; - inherit home; - }; - systemd.services.google-muell-ampel = { - description = "Send led change to rgb cubes"; - after = [ "network-online.target" ]; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - User = "ampel"; - ExecStartPre = pkgs.writeDash "copy-ampel-secrets" '' - install -m600 -o ampel ${sec} ${ampelsec} - install -m600 -o ampel ${cred} ${ampelcred} - ''; - ExecStart = "${pkg}/bin/google-muell --config ${config_json} --default-color=${default-color} --client-secrets=${ampelsec} --credential-path=${ampelcred} --sleepval=${sleepval}"; - PermissionsStartOnly = true; - Restart = "always"; - RestartSec = 10; - PrivateTmp = true; - }; - }; -} diff --git a/makefu/2configs/ham/multi/fliegen-couter.nix b/makefu/2configs/ham/multi/fliegen-couter.nix new file mode 100644 index 000000000..d5c180e03 --- /dev/null +++ b/makefu/2configs/ham/multi/fliegen-couter.nix @@ -0,0 +1,67 @@ +# uses: +# sensor.btn1_click +# sensor.btn2_click +let + hlib = import ../lib; + fly_swat = for: btn: method: incr: { + alias = "Increment ${method} for ${for}"; + trigger = { + platform = "state"; + entity_id = "sensor.${btn}_click"; + to = method; + }; + action = builtins.genList (cnt: { + service = "counter.increment"; + data.entity_id = "counter.${for}_fliegen"; + }) incr; + }; +in { + counter = { + felix_fliegen = {}; + misa_fliegen = {}; + }; + automation = [ + (fly_swat "misa" "btn1" "single" 1) + (fly_swat "misa" "btn1" "double" 2) + (fly_swat "misa" "btn1" "triple" 3) + (fly_swat "felix" "btn2" "single" 1) + (fly_swat "felix" "btn2" "double" 2) + (fly_swat "felix" "btn2" "triple" 3) + { + alias = "Send Fly Counter Update"; + trigger = [ + { + platform = "state"; + entity_id = "counter.felix_fliegen"; + } + { + platform = "state"; + entity_id = "counter.misa_fliegen"; + #above = -1; + } + ]; + action = { + service = "mqtt.publish"; + data_template = { # gauge-style + payload = "{{ trigger.to_state.state }}"; + topic = "${hlib.prefix}/flycounter/{{ trigger.to_state.object_id }}"; + }; + }; + } + { + alias = "Reset Fly counters on midnight"; + trigger = { + platform = "time"; + at = "01:00:00"; + }; + action = [ + { service = "counter.reset"; + data.entity_id = "counter.misa_fliegen"; + } + { service = "counter.reset"; + data.entity_id = "counter.felix_fliegen"; + } + ]; + } + ]; +} diff --git a/makefu/2configs/home-manager/default.nix b/makefu/2configs/home-manager/default.nix index f68b1092f..be8861100 100644 --- a/makefu/2configs/home-manager/default.nix +++ b/makefu/2configs/home-manager/default.nix @@ -3,6 +3,7 @@ <home-manager/nixos> ]; home-manager.useUserPackages = true; + home-manager.useGlobalPkgs = true; home-manager.users.makefu = { home.stateVersion = "19.03"; }; diff --git a/makefu/2configs/home-manager/desktop.nix b/makefu/2configs/home-manager/desktop.nix index cf20af1b1..bd1e34804 100644 --- a/makefu/2configs/home-manager/desktop.nix +++ b/makefu/2configs/home-manager/desktop.nix @@ -1,8 +1,14 @@ -{ pkgs, lib, ... }: +{ pkgs, lib, config, ... }: { + users.users.makefu.packages = with pkgs;[ bat direnv clipit ]; home-manager.users.makefu = { + systemd.user.services.flameshot.Service.Environment = lib.mkForce [ + "IMGUR_CREATE_URL=https://p.krebsco.de/image" + "IMGUR_DELETE_URL=https://p.krebsco.de/image/delete/%%1" + "PATH=${config.home-manager.users.makefu.home.profileDirectory}/bin" + ]; systemd.user.services.network-manager-applet.Service.Environment = ''XDG_DATA_DIRS=/run/current-system/sw/share:${pkgs.networkmanagerapplet}/share GDK_PIXBUF_MODULE_FILE=${pkgs.librsvg.out}/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache''; programs.browserpass = { browsers = [ "firefox" ] ; enable = true; }; programs.firefox = { diff --git a/makefu/2configs/home-manager/mail.nix b/makefu/2configs/home-manager/mail.nix index ba29e86a4..3aa1814ca 100644 --- a/makefu/2configs/home-manager/mail.nix +++ b/makefu/2configs/home-manager/mail.nix @@ -1,5 +1,13 @@ +{ pkgs, ... }: { home-manager.users.makefu = { + home.packages= with pkgs;[ (pkgs.writers.writeDashBin "mailsync"'' + ${imapfilter}/bin/imapfilter -t /etc/ssl/certs/ca-bundle.crt \ + && ${isync}/bin/mbsync -a \ + && ${libnotify}/bin/notify-send -t 1000000 -u critical 'Mail sync finished' + + '' + )]; programs.mbsync.enable = true; accounts.email.maildirBasePath = "/home/makefu/Mail"; accounts.email.certificatesFile = "/etc/ssl/certs/ca-certificates.crt"; diff --git a/makefu/2configs/home-manager/zsh.nix b/makefu/2configs/home-manager/zsh.nix index f972e98b4..862ee5df3 100644 --- a/makefu/2configs/home-manager/zsh.nix +++ b/makefu/2configs/home-manager/zsh.nix @@ -9,11 +9,13 @@ }; imports = [ { #direnv - home-manager.users.makefu.home.packages = [ pkgs.direnv pkgs.nur.repos.kalbasit.nixify ]; - # home-manager.users.makefu.home.file.".direnvrc".text = ''''; + home-manager.users.makefu.home.packages = [ + (pkgs.writers.writeDashBin "privatefox" "exec firefox -P Privatefox") + pkgs.direnv pkgs.nur.repos.kalbasit.nixify ]; + # home-manager.users.makefu.home.file.".direnvrc".text = ''''; } { # bat - home-manager.users.makefu.home.packages = [ pkgs.bat ]; + home-manager.users.makefu.home.packages = [ pkgs.bat ]; home-manager.users.makefu.programs.zsh.shellAliases = { cat = "bat --style=header,snip"; mirage = "sxiv"; # only available when tools/extra-gui is in use @@ -65,8 +67,11 @@ zstyle ':completion::complete:brain::' prefix "$HOME/brain" compdef _pass secrets zstyle ':completion::complete:secrets::' prefix "$HOME/.secrets-pass/" - + + # navi + source ${pkgs.navi}/share/navi/shell/navi.plugin.zsh # ctrl-x ctrl-e + autoload -U compinit && compinit autoload -U edit-command-line zle -N edit-command-line bindkey '^xe' edit-command-line diff --git a/makefu/2configs/hw/network-manager.nix b/makefu/2configs/hw/network-manager.nix index 1004ea06e..f44d4afd4 100644 --- a/makefu/2configs/hw/network-manager.nix +++ b/makefu/2configs/hw/network-manager.nix @@ -11,8 +11,8 @@ systemd.services.modemmanager = { description = "ModemManager"; - bindsTo = [ "network-manager.service" ]; - wantedBy = [ "network-manager.service" "multi-user.target" ]; + bindsTo = [ "NetworkManager.service" ]; + wantedBy = [ "NetworkManager.service" "multi-user.target" ]; serviceConfig = { ExecStart = "${pkgs.modemmanager}/bin/ModemManager"; PrivateTmp = true; diff --git a/makefu/2configs/kdeconnect.nix b/makefu/2configs/kdeconnect.nix new file mode 100644 index 000000000..ca025ee43 --- /dev/null +++ b/makefu/2configs/kdeconnect.nix @@ -0,0 +1,6 @@ +{pkgs, ... }: +{ + environment.systemPackages = with pkgs; [ kdeconnect ]; + networking.firewall.allowedUDPPortRanges = [ { from = 1714; to = 1764; } ]; + networking.firewall.allowedTCPPortRanges = [ { from = 1714; to = 1764; } ]; +} diff --git a/makefu/2configs/nur.nix b/makefu/2configs/nur.nix index 65cf836c4..6132168ad 100644 --- a/makefu/2configs/nur.nix +++ b/makefu/2configs/nur.nix @@ -1,8 +1,8 @@ { pkgs, ... }:{ nixpkgs.config.packageOverrides = pkgs: { nur = import (builtins.fetchTarball { - url = "https://github.com/nix-community/NUR/archive/b7f7e072b3fa56aa0d86dfe3689cb13f0615bbbe.tar.gz"; - sha256 = "0slxxg3r460aa1rc83j0rklmr0i1hyzfbjy0kn30fyh1l3lqb22m"; + url = "https://github.com/nix-community/NUR/archive/28e5326ecbaef8b961bec7d18dbfe35f522fb2b1.tar.gz"; + sha256 = "1yni27g71r8n9bgsck7lz5dzx2fciljnba249yqhr9k3mzlkr7yb"; } ){ inherit pkgs; diff --git a/makefu/2configs/share/omo.nix b/makefu/2configs/share/omo.nix index 929e5c601..732dc2036 100644 --- a/makefu/2configs/share/omo.nix +++ b/makefu/2configs/share/omo.nix @@ -54,6 +54,12 @@ in { browseable = "yes"; "guest ok" = "yes"; }; + youtube = { + path = "/media/cryptX/youtube"; + "read only" = "yes"; + browseable = "yes"; + "guest ok" = "yes"; + }; crypX-games = { path = "/media/cryptX/games"; |