diff options
| author | tv <tv@krebsco.de> | 2019-02-02 09:16:32 +0100 |
|---|---|---|
| committer | tv <tv@krebsco.de> | 2019-02-02 09:16:32 +0100 |
| commit | bca298e1a8582f5704e1e154ead6d1f866ac3206 (patch) | |
| tree | 7ca3a33bc72108b392b35d8c014df0ceda33e75e | |
| parent | a09bf933da2d31645872f1e2332507da98fb6a00 (diff) | |
| parent | e2ae92445cc439203427a58720fc394cf1ca4b44 (diff) | |
Merge remote-tracking branch 'prism/master'
22 files changed, 332 insertions, 103 deletions
diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix index ff6b539b..4d90ae3d 100644 --- a/krebs/2configs/reaktor2.nix +++ b/krebs/2configs/reaktor2.nix @@ -61,7 +61,7 @@ let ]; hooks.PRIVMSG = [ { - pattern = "^bier bal(ance)*$"; + pattern = "^bier bal(an(ce)?)?$"; activate = "match"; command = { env = { @@ -134,6 +134,7 @@ in { }; r = { nick = "reaktor2|krebs"; + sendDelaySec = null; plugins = [ { plugin = "register"; diff --git a/krebs/2configs/shack/mobile.mpd.nix b/krebs/2configs/shack/mobile.mpd.nix index 2dc466ed..751d233e 100644 --- a/krebs/2configs/shack/mobile.mpd.nix +++ b/krebs/2configs/shack/mobile.mpd.nix @@ -1,5 +1,8 @@ {lib,pkgs, ... }: let + pkg = lib.overrideDerivation pkgs.ympd (old: { + patches = [ ./ympd-top-next.patch ]; + }); mpdHost = "mpd.shack"; ympd = name: port: let webPort = 10000 + port; @@ -7,7 +10,7 @@ let systemd.services."ympd-${name}" = { description = "mpd for ${name}"; wantedBy = [ "multi-user.target" ]; - serviceConfig.ExecStart = "${pkgs.ympd}/bin/ympd --host ${mpdHost} --port ${toString port} --webport ${toString webPort} --user nobody"; + serviceConfig.ExecStart = "${pkg}/bin/ympd --host ${mpdHost} --port ${toString port} --webport ${toString webPort} --user nobody"; }; services.nginx.virtualHosts."mobile.${name}.mpd.shack" = { serverAliases = [ diff --git a/krebs/2configs/shack/ympd-top-next.patch b/krebs/2configs/shack/ympd-top-next.patch new file mode 100644 index 00000000..fd424f11 --- /dev/null +++ b/krebs/2configs/shack/ympd-top-next.patch @@ -0,0 +1,16 @@ +diff --git a/htdocs/index.html b/htdocs/index.html +index ed77279..eaf92b6 100644 +--- a/htdocs/index.html ++++ b/htdocs/index.html +@@ -76,6 +76,11 @@ + + <div class="col-md-10 col-xs-12"> + <div class="notifications top-right"></div> ++ ++ <ul class="pager"> ++ <li id="prev" class="page-btn hide"><a href="">Previous</a></li> ++ <li id="next" class="page-btn"><a href="">Next</a></li> ++ </ul> + + <div class="panel panel-primary"> + <!-- Default panel contents --> diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index 089113ac..16cc8465 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -16,6 +16,7 @@ with import <stockholm/lib>; tinc-for = name: builtins.readFile (./tinc + "/${name}.pub"); in { + hosts = mapAttrs hostDefaults { dpdkm = { owner = config.krebs.users.Mic92; @@ -176,32 +177,6 @@ in { }; }; }; - kruck = { - owner = config.krebs.users.palo; - nets = { - retiolum = { - ip4.addr = "10.243.29.201"; - aliases = [ - "kruck.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIICCgKCAgEAxcui2sirT5YY9HrSauj9nSF3AxUnfd2CCEGyzmzbi5+qw8T9jdNh - QcIG3s+eC3uEy6leL/eeR4NjVtQRt8CDmhGul95Vs3I1jx9gdvYR+HOatPgK0YQA - EFwk0jv8Z8tOc87X1qwA00Gb+25+kAzsf+8+4HQuh/szSGje3RBmBFkUyNHh8R0U - uzs8NSTRdN+edvYtzjnYcE1sq59HFBPkVcJNp5I3qYTp6m9SxGHMvsq6vRpNnjq/ - /RZVBhnPDBlgxia/aVfVQKeEOHZV3svLvsJzGDrUWsJCEvF0YwW4bvohY19myTNR - 9lXo/VFx86qAkY09il2OloE7iu5cA2RV+FWwLeajE9vIDA06AD7nECVgthNoZd1s - qsDfuu3WqlpyBmr6XhRkYOFFE4xVLrZ0vItGYlgR2UPp9TjHrzfsedoyJoJAbhMH - gDlFgiHlAy1fhG1sCX5883XmSjWn0eJwmZ2O9sZNBP5dxfGUXg/x8NWfQj7E1lqj - jQ59UC6yiz7bFtObKvpdn1D4tPbqBvndZzn19U/3wKo+cCBRjtLmUD7HQHC65dCs - fAiCFvUTVMM3SNDvYChm0U/KGjZZFwQ+cCLj1JNVPet2C+CJ0qI2muXOnCuv/0o5 - TBZrrHMpj6Th8AiOgeMVuxzjX1FsmAThWj9Qp/jQu6O0qvnkUNaU7I8CAwEAAQ== - -----END RSA PUBLIC KEY----- - ''; - }; - }; - }; qubasa = { owner = config.krebs.users.qubasa; nets = { @@ -419,8 +394,6 @@ in { mail = "joerg@thalheim.io"; pubkey = ssh-for "Mic92"; }; - palo = { - }; qubasa = { mail = "luis.nixos@gmail.com"; }; diff --git a/krebs/3modules/external/palo.nix b/krebs/3modules/external/palo.nix new file mode 100644 index 00000000..e151ad35 --- /dev/null +++ b/krebs/3modules/external/palo.nix @@ -0,0 +1,81 @@ +with import <stockholm/lib>; +{ config, ... }: let + + hostDefaults = hostName: host: flip recursiveUpdate host ({ + ci = false; + external = true; + monitoring = false; + } // optionalAttrs (host.nets?retiolum) { + nets.retiolum.ip6.addr = + (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; + } // optionalAttrs (host.nets?wiregrill) { + nets.wiregrill.ip6.addr = + (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address; + }); + ssh-for = name: builtins.readFile (./ssh + "/${name}.pub"); + tinc-for = name: builtins.readFile (./tinc + "/${name}.pub"); + +in { + hosts = mapAttrs hostDefaults { + pepe = { + owner = config.krebs.users.palo; + nets = { + retiolum = { + ip4.addr = "10.243.23.1"; + tinc.port = 720; + aliases = [ "pepe.r" ]; + tinc.pubkey = tinc-for "palo"; + }; + }; + }; + kruck = { + owner = config.krebs.users.palo; + nets = { + retiolum = { + ip4.addr = "10.243.23.3"; + tinc.port = 720; + aliases = [ "kruck.r" ]; + tinc.pubkey = tinc-for "palo"; + }; + }; + }; + schasch = { + owner = config.krebs.users.palo; + nets = { + retiolum = { + ip4.addr = "10.243.23.2"; + tinc.port = 720; + aliases = [ "schasch.r" ]; + tinc.pubkey = tinc-for "palo"; + }; + }; + }; + workhorse = { + owner = config.krebs.users.palo; + nets = { + retiolum = { + ip4.addr = "10.243.23.5"; + tinc.port = 720; + aliases = [ "workhorse.r" ]; + tinc.pubkey = tinc-for "palo"; + }; + }; + }; + workout = { + owner = config.krebs.users.palo; + nets = { + retiolum = { + ip4.addr = "10.243.23.4"; + tinc.port = 720; + aliases = [ "workout.r" ]; + tinc.pubkey = tinc-for "palo"; + }; + }; + }; + }; + users = { + palo = { + }; + }; +} + diff --git a/krebs/3modules/external/tinc/palo.pub b/krebs/3modules/external/tinc/palo.pub new file mode 100644 index 00000000..65284d51 --- /dev/null +++ b/krebs/3modules/external/tinc/palo.pub @@ -0,0 +1,13 @@ +-----BEGIN RSA PUBLIC KEY----- +MIICCgKCAgEA2ACttoosnRZ99o+OyMrxBdUWPqsT5btzSIQ5dU1XWqGjO4nRchCE +8tO0b/4jqVgJVTRZVIUJQESZRlSmclsCAjdM8tsGj74CJrm7tBvgbBn2IObSs5+4 +oJWe57VsQaeHPuI2JZuGqv8Z3Esw+B07bQS5VTaC1ISo7vnLG/q5XLCbKHB9JZc/ +ztYbk4bEQHwbulfoPjD9FY3heLnTzqPw9Xr3ixao5gbAXfWNJM+iCluMq+Q2g1BD +ozSnyYvaGLQ6h4yksDp+xuK8YCqiRj174EkXySI8Jee1CBMuI8ciX/5Q7yzvzscQ +ZQ/MLVdx3MRW+VeT0ctaRzoA9E09ILqPe+56DjpsKzt4Ne8qeMG5HdpzO9UdNzTu +MuibsCL7CJy5Ytl38PK+LAXHQr3Os1Z4OHjeTZ38vTAZcOUJZEkl6w9nO1XjcyBL +rIaG+20Nx0ZU79MlJZFiG7ovlUiDfIEKNygng8v/yoTMaqMYLxQZ/leQwLMNLujo +sku8+oV4Jvx4SyUjuAS6jgG9CnejLCnHP/yyDGdaMQSzmlzYXacLMfnPZE3r7bj1 +EjA6yQbkPixm7xLCyMm5u2leWtqtbg1oRA6Mw3UyYkNy3hiTU+jTvztEI3SCliDH +yjGlESH4/edryKjLNjmYP77VFbM9ZSQ+QGlbMGPvjcn6XCdJGdxm3PUCAwEAAQ== +-----END RSA PUBLIC KEY----- diff --git a/krebs/3modules/reaktor2.nix b/krebs/3modules/reaktor2.nix index e3e6ddf4..9ab207d8 100644 --- a/krebs/3modules/reaktor2.nix +++ b/krebs/3modules/reaktor2.nix @@ -33,6 +33,10 @@ with import <stockholm/lib>; default = "reaktor2${optionalString (name != "default") "-${name}"}"; type = types.filename; }; + sendDelaySec = mkOption { + default = 0.7; + type = types.nullOr types.float; + }; username = mkOption { default = self.config.systemd-service-name; type = types.username; diff --git a/krebs/krops.nix b/krebs/krops.nix index 76bca026..94418fdc 100644 --- a/krebs/krops.nix +++ b/krebs/krops.nix @@ -9,13 +9,19 @@ krebs-source = { test ? false }: rec { nixpkgs = if test then { - derivation = '' - with import <nixpkgs> {}; + derivation = let + rev = (lib.importJSON ./nixpkgs.json).rev; + sha256 = (lib.importJSON ./nixpkgs.json).sha256; + in '' + with import (builtins.fetchTarball { + url = "https://github.com/nixos/nixpkgs/archive/${rev}.tar.gz"; + sha256 = "${sha256}"; + }) {}; pkgs.fetchFromGitHub { owner = "nixos"; repo = "nixpkgs"; - rev = "${(lib.importJSON ./nixpkgs.json).rev}"; - sha256 = "${(lib.importJSON ./nixpkgs.json).sha256}"; + rev = "${rev}"; + sha256 = "${sha256}"; } ''; } else { diff --git a/lass/1systems/blue/source.nix b/lass/1systems/blue/source.nix index a32c3a82..a52771a4 100644 --- a/lass/1systems/blue/source.nix +++ b/lass/1systems/blue/source.nix @@ -1,13 +1,19 @@ { lib, pkgs, ... }: { nixpkgs = lib.mkForce { - derivation = '' - with import <nixpkgs> {}; + derivation = let + rev = (lib.importJSON ../../../krebs/nixpkgs.json).rev; + sha256 = (lib.importJSON ../../../krebs/nixpkgs.json).sha256; + in '' + with import (builtins.fetchTarball { + url = "https://github.com/nixos/nixpkgs/archive/${rev}.tar.gz"; + sha256 = "${sha256}"; + }) {}; pkgs.fetchFromGitHub { owner = "nixos"; repo = "nixpkgs"; - rev = "${(lib.importJSON ../../../krebs/nixpkgs.json).rev}"; - sha256 = "${(lib.importJSON ../../../krebs/nixpkgs.json).sha256}"; + rev = "${rev}"; + sha256 = "${sha256}"; } ''; }; diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix index b6565dc6..f35ebff5 100644 --- a/lass/1systems/mors/config.nix +++ b/lass/1systems/mors/config.nix @@ -36,6 +36,7 @@ with import <stockholm/lib>; <stockholm/lass/2configs/blue-host.nix> <stockholm/lass/2configs/network-manager.nix> <stockholm/lass/2configs/nfs-dl.nix> + <stockholm/lass/2configs/hardening.nix> { krebs.iptables.tables.filter.INPUT.rules = [ #risk of rain diff --git a/lass/2configs/hardening.nix b/lass/2configs/hardening.nix new file mode 100644 index 00000000..aee4bf06 --- /dev/null +++ b/lass/2configs/hardening.nix @@ -0,0 +1,11 @@ +{ pkgs, lib, ... }: +with lib; +{ + security.chromiumSuidSandbox.enable = true; + security.lockKernelModules = false; + boot.kernel.sysctl."user.max_user_namespaces" = 63414; + + imports = [ + <nixpkgs/nixos/modules/profiles/hardened.nix> + ]; +} diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix index 987632cd..f88b2627 100644 --- a/lass/2configs/radio.nix +++ b/lass/2configs/radio.nix @@ -170,32 +170,45 @@ in { }; }; - krebs.Reaktor.playlist = { - nickname = "the_playlist|r"; - channels = [ - "#the_playlist" - "#krebs" - ]; - extraEnviron = { - REAKTOR_HOST = "irc.freenode.org"; - }; - plugins = with pkgs.ReaktorPlugins; [ - (buildSimpleReaktorPlugin "skip" { - script = "${skip_track}/bin/skip_track"; - pattern = "^skip$"; - }) - (buildSimpleReaktorPlugin "current" { - script = "${print_current}/bin/print_current"; - pattern = "^current$"; - }) - (buildSimpleReaktorPlugin "suggest" { - script = "${pkgs.writeDash "suggest" '' - echo "$@" >> $HOME/playlist_suggest - ''}"; - pattern = "^suggest: (?P<args>.*)$"; - }) + krebs.reaktor2.the_playlist = { + hostname = "irc.freenode.org"; + port = "6697"; + useTLS = true; + nick = "the_playlist"; + plugins = [ + { + plugin = "register"; + config = { + channels = [ + "#the_playlist" + "#krebs" + ]; + }; + } + { + plugin = "system"; + config = { + workdir = config.krebs.reaktor2.the_playlist.stateDir; + hooks.PRIVMSG = [ + { + activate = "match"; + pattern = ''!([^ ]+)(?:\s*(.*))?''; + command = 1; + arguments = [2]; + commands = { + skip.filename = "${skip_track}/bin/skip_track"; + current.filename = "${print_current}/bin/print_current"; + suggest.filename = pkgs.writeDash "suggest" '' + echo "$@" >> playlist_suggest + ''; + }; + } + ]; + }; + } ]; }; + services.nginx = { enable = true; virtualHosts."radio.lassul.us" = { diff --git a/lass/2configs/reaktor-coders.nix b/lass/2configs/reaktor-coders.nix index 44d9d686..4baec197 100644 --- a/lass/2configs/reaktor-coders.nix +++ b/lass/2configs/reaktor-coders.nix @@ -32,6 +32,7 @@ in { pattern = ''@([^ ]+) (.*)$''; command = 1; arguments = [2]; + env.HOME = config.krebs.reaktor2.coders.stateDir; commands = let lambdabot = (import (pkgs.fetchFromGitHub { owner = "NixOS"; repo = "nixpkgs"; @@ -46,36 +47,21 @@ in { -e "$@" ''; in { - pl = { - env.HOME = config.krebs.reaktor2.coders.stateDir; - filename = pkgs.writeDash "lambdabot-pl" '' - ${lambdabotWrapper} "@pl $1" - ''; - }; - type = { - env.HOME = config.krebs.reaktor2.coders.stateDir; - filename = pkgs.writeDash "lambdabot-type" '' - ${lambdabotWrapper} "@type $1" - ''; - }; - "let" = { - env.HOME = config.krebs.reaktor2.coders.stateDir; - filename = pkgs.writeDash "lambdabot-let" '' - ${lambdabotWrapper} "@let $1" - ''; - }; - run = { - env.HOME = config.krebs.reaktor2.coders.stateDir; - filename = pkgs.writeDash "lambdabot-run" '' - ${lambdabotWrapper} "@run $1" - ''; - }; - kind = { - env.HOME = config.krebs.reaktor2.coders.stateDir; - filename = pkgs.writeDash "lambdabot-kind" '' - ${lambdabotWrapper} "@kind $1" - ''; - }; + pl.filename = pkgs.writeDash "lambdabot-pl" '' + ${lambdabotWrapper} "@pl $1" + ''; + type.filename = pkgs.writeDash "lambdabot-type" '' + ${lambdabotWrapper} "@type $1" + ''; + "let".filename = pkgs.writeDash "lambdabot-let" '' + ${lambdabotWrapper} "@let $1" + ''; + run.filename = pkgs.writeDash "lambdabot-run" '' + ${lambdabotWrapper} "@run $1" + ''; + kind.filename = pkgs.writeDash "lambdabot-kind" '' + ${lambdabotWrapper} "@kind $1" + ''; }; } { diff --git a/lass/5pkgs/custom/xmonad-lass/default.nix b/lass/5pkgs/custom/xmonad-lass/default.nix index 483e37bc..1f2e7110 100644 --- a/lass/5pkgs/custom/xmonad-lass/default.nix +++ b/lass/5pkgs/custom/xmonad-lass/default.nix @@ -41,6 +41,7 @@ import XMonad.Hooks.UrgencyHook (withUrgencyHook, UrgencyHook(..)) import XMonad.Layout.FixedColumn (FixedColumn(..)) import XMonad.Layout.Minimize (minimize) import XMonad.Layout.NoBorders (smartBorders) +import XMonad.Layout.MouseResizableTile (mouseResizableTile) import XMonad.Layout.SimplestFloat (simplestFloat) import XMonad.Prompt (autoComplete, font, searchPredicate, XPConfig) import XMonad.Prompt.Window (windowPromptGoto, windowPromptBringCopy) @@ -93,7 +94,7 @@ main' = do myLayoutHook = defLayout where - defLayout = minimize $ ((avoidStruts $ Mirror (Tall 1 (3/100) (1/2))) ||| Full ||| FixedColumn 2 80 80 1 ||| Tall 1 (3/100) (1/2) ||| simplestFloat) + defLayout = minimize $ ((avoidStruts $ Mirror (Tall 1 (3/100) (1/2))) ||| Full ||| FixedColumn 2 80 80 1 ||| Tall 1 (3/100) (1/2) ||| simplestFloat ||| mouseResizableTile) floatHooks :: Query (Endo WindowSet) floatHooks = composeOne diff --git a/makefu/0tests/data/secrets/nixos-community b/makefu/0tests/data/secrets/nixos-community new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/makefu/0tests/data/secrets/nixos-community diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix index 35779507..138735d9 100644 --- a/makefu/1systems/x/config.nix +++ b/makefu/1systems/x/config.nix @@ -14,10 +14,12 @@ <stockholm/makefu/2configs/main-laptop.nix> <stockholm/makefu/2configs/extra-fonts.nix> <stockholm/makefu/2configs/tools/all.nix> + <stockholm/makefu/2configs/dict.nix> <stockholm/makefu/2configs/backup/state.nix> # <stockholm/makefu/2configs/dnscrypt/client.nix> <stockholm/makefu/2configs/avahi.nix> + <stockholm/makefu/2configs/support-nixos.nix> # Debugging # <stockholm/makefu/2configs/disable_v6.nix> @@ -64,7 +66,7 @@ <stockholm/makefu/2configs/tor.nix> <stockholm/makefu/2configs/vpn/vpngate.nix> # <stockholm/makefu/2configs/buildbot-standalone.nix> - # <stockholm/makefu/2configs/remote-build/master.nix> + <stockholm/makefu/2configs/remote-build/aarch64-community.nix> # Hardware <stockholm/makefu/2configs/hw/tp-x230.nix> diff --git a/makefu/2configs/bureautomation/default.nix b/makefu/2configs/bureautomation/default.nix index 3897537e..917044d6 100644 --- a/makefu/2configs/bureautomation/default.nix +++ b/makefu/2configs/bureautomation/default.nix @@ -5,7 +5,7 @@ let port = 3001; runit = pkgs.writeDash "runit" '' set -xeuf - PATH=${pkgs.curl}/bin:${pkgs.coreutils}/bin + PATH=${pkgs.mosquitto}/bin:${pkgs.coreutils}/bin name=''${1?must provide name as first arg} state=''${2?must provide state as second arg} # val=''${3?must provide val as third arg} @@ -14,9 +14,10 @@ let test $state = alerting || exit 0 echo $name - $state - curl 'http://bauarbeiterlampe/ay?o=1' + topic=plug + mosquitto_pub -t /bam/$topic/cmnd/POWER -m ON sleep 5 - curl 'http://bauarbeiterlampe/ay?o=1' + mosquitto_pub -t /bam/$topic/cmnd/POWER -m OFF ''; in { services.logstash = { diff --git a/makefu/2configs/bureautomation/hass.nix b/makefu/2configs/bureautomation/hass.nix index 57184bdf..b70c9b03 100644 --- a/makefu/2configs/bureautomation/hass.nix +++ b/makefu/2configs/bureautomation/hass.nix @@ -1,5 +1,40 @@ { pkgs, lib, ... }: let + tasmota_rgb = name: topic: +# LED WS2812b +# effect_state_topic: "stat/led/Scheme" +# effect_command_topic: "cmnd/led/Scheme" +# effect_value_template: "{{ value_json.Scheme }}" + { platform = "mqtt"; + inherit name; + retain = false; + qos = 1; + optimistic = false; + # state + # TODO: currently broken, will not use the custom state topic + state_topic = "/bam/${topic}/stat/POWER"; + command_topic = "/bam/${topic}/cmnd/POWER"; + availability_topic = "/bam/${topic}/tele/LWT"; + payload_on= "ON"; + payload_off= "OFF"; + payload_available= "Online"; + payload_not_available= "Offline"; + # brightness + brightness_state_topic = "/bam/${topic}/stat/Dimmer"; + brightness_command_topic = "/bam/${topic}/cmnd/Dimmer"; + brightness_value_template = "{{ value_json.Dimmer }}"; + brightness_scale = 100; + # color + rgb_state_topic = "/bam/${topic}/stat/Color"; + rgb_command_topic = "/bam/${topic}/cmnd/Color2"; + rgb_command_mode = "hex"; + rgb_command_template = "{{ '%02x%02x%02x' | format(red, green, blue)}}"; + # effects + effect_state_topic = "/bam/${topic}/stat/Scheme"; + effect_command_topic = "/bam/${topic}/cmnd/Scheme"; + effect_value_template = "{{ value_json.Scheme }}"; + effect_list = [ 0 1 2 3 4 5 6 7 8 9 10 11 12 ]; +}; tasmota_plug = name: topic: { platform = "mqtt"; inherit name; @@ -74,6 +109,10 @@ in { (tasmota_plug "Blitzdings" "plug2") (tasmota_plug "Fernseher" "plug3") (tasmota_plug "Feuer" "plug4") + (tasmota_plug "Nachtlicht" "plug5") + ]; + light = [ + (tasmota_rgb "Status Felix" "status1") ]; binary_sensor = [ { platform = "mqtt"; @@ -169,12 +208,16 @@ in { }; automation = [ "automation.turn_off_fernseher_10_minutes_after_last_movement" + "automation.turn_off_nachtlicht_on_sunrise" + "automation.turn_on_nachtlicht_on_motion_and_dusk" ]; switches = [ "switch.bauarbeiterlampe" "switch.blitzdings" "switch.fernseher" "switch.feuer" + "switch.nachtlicht" + "light.status_felix" ]; camera = [ "camera.Baumarkt" @@ -207,11 +250,55 @@ in { }; action = { service = "homeassistant.turn_on"; - entity_id = [ "switch.fernseher" "switch.feuer" ]; + entity_id = [ + "switch.fernseher" + "switch.feuer" + "light.status_felix" + ]; + }; + } + { + alias = "Turn off Nachtlicht on sunrise"; + trigger = + { + platform = "sun"; + event = "sunrise"; + }; + action = + { + service = "homeassistant.turn_off"; + entity_id = [ "switch.nachtlicht" ]; + }; + } + { + alias = "Turn on Nachtlicht on motion and dusk"; + trigger = + { + platform = "state"; + entity_id = "binary_sensor.motion"; + to = "on"; + }; + condition = # 'when dark' + { + condition = "or"; + conditions = [ + { condition = "sun"; + after = "sunset"; + after_offset = "-00:45:00"; # on dusk + } + { condition = "sun"; + before = "sunrise"; + } + ]; + }; + action = + { + service = "homeassistant.turn_on"; + entity_id = [ "switch.nachtlicht" ]; }; } { alias = "Turn off Fernseher 10 minutes after last movement"; - trigger = [ + trigger = [ { # trigger when movement was detected at the time platform = "state"; entity_id = "binary_sensor.motion"; @@ -226,7 +313,11 @@ in { ]; action = { service = "homeassistant.turn_off"; - entity_id = [ "switch.fernseher" "switch.feuer" ]; + entity_id = [ + "switch.fernseher" + "switch.feuer" + "light.status_felix" + ]; }; condition = { condition = "and"; diff --git a/makefu/2configs/dict.nix b/makefu/2configs/dict.nix new file mode 100644 index 00000000..6db9102b --- /dev/null +++ b/makefu/2configs/dict.nix @@ -0,0 +1,5 @@ +{ pkgs, ... }: +{ + services.dictd.enable = true; + services.dictd.DBs = with pkgs.dictdDBs; [ wiktionary wordnet deu2eng eng2deu ]; +} diff --git a/makefu/2configs/remote-build/aarch64-community.nix b/makefu/2configs/remote-build/aarch64-community.nix new file mode 100644 index 00000000..d57eacd6 --- /dev/null +++ b/makefu/2configs/remote-build/aarch64-community.nix @@ -0,0 +1,15 @@ +{ + nix = { + distributedBuilds = true; + buildMachines = [ + { + hostName = "aarch64.nixos.community"; + maxJobs = 64; + sshKey = toString <secrets/nixos-community>; + sshUser = "makefu"; + system = "aarch64-linux"; + supportedFeatures = [ "big-parallel" ]; + } + ]; + }; +} diff --git a/makefu/2configs/tools/dev.nix b/makefu/2configs/tools/dev.nix index f8e3f9f4..0c877fc7 100644 --- a/makefu/2configs/tools/dev.nix +++ b/makefu/2configs/tools/dev.nix @@ -4,6 +4,7 @@ users.users.makefu.packages = with pkgs;[ python3 python3Packages.pyserial + picocom python3Packages.virtualenv # embedded gi diff --git a/makefu/2configs/virtualisation/virtualbox.nix b/makefu/2configs/virtualisation/virtualbox.nix index e90cc1e8..a8a50939 100644 --- a/makefu/2configs/virtualisation/virtualbox.nix +++ b/makefu/2configs/virtualisation/virtualbox.nix @@ -2,8 +2,7 @@ { virtualisation.virtualbox.host.enable = true; - nixpkgs.config.virtualbox.enableExtensionPack = true; - virtualisation.virtualbox.host.enableHardening = false; - + virtualisation.virtualbox.host.enableExtensionPack = true; + # virtualisation.virtualbox.host.enableHardening = false; users.extraGroups.vboxusers.members = [ config.krebs.build.user.name ]; } |