summaryrefslogtreecommitdiffstats
path: root/makefu/2configs
diff options
context:
space:
mode:
Diffstat (limited to 'makefu/2configs')
-rw-r--r--makefu/2configs/bureautomation/zigbee2mqtt/default.nix2
-rw-r--r--makefu/2configs/dcpp/hub.nix50
-rw-r--r--makefu/2configs/default.nix8
-rw-r--r--makefu/2configs/deployment/gecloudpad/gecloudpad.nix4
-rw-r--r--makefu/2configs/editor/neovim/default.nix6
-rw-r--r--makefu/2configs/filepimp-share.nix2
-rw-r--r--makefu/2configs/fs/sda-crypto-root.nix4
-rw-r--r--makefu/2configs/gui/wbob-kiosk.nix2
-rw-r--r--makefu/2configs/home/ham/automation/light_buttons.nix60
-rw-r--r--makefu/2configs/home/ham/default.nix1
-rw-r--r--makefu/2configs/home/ham/device_tracker/tile.nix10
-rw-r--r--makefu/2configs/home/ham/light/arbeitszimmer.nix20
-rw-r--r--makefu/2configs/home/ham/mqtt.nix43
-rw-r--r--makefu/2configs/lanparty/samba.nix2
-rw-r--r--makefu/2configs/minimal.nix4
-rw-r--r--makefu/2configs/mqtt.nix20
-rw-r--r--makefu/2configs/nix-community/supervision.nix1
-rw-r--r--makefu/2configs/nsupdate-data.nix6
-rw-r--r--makefu/2configs/share/omo.nix2
-rw-r--r--makefu/2configs/share/temp-share-samba.nix2
-rw-r--r--makefu/2configs/share/wbob.nix2
-rw-r--r--makefu/2configs/stats/arafetch.nix2
-rw-r--r--makefu/2configs/tools/android-pentest.nix2
-rw-r--r--makefu/2configs/tools/dev.nix5
-rw-r--r--makefu/2configs/tools/extra-gui.nix3
-rw-r--r--makefu/2configs/urlwatch/default.nix6
26 files changed, 183 insertions, 86 deletions
diff --git a/makefu/2configs/bureautomation/zigbee2mqtt/default.nix b/makefu/2configs/bureautomation/zigbee2mqtt/default.nix
index ba10ae74b..b35019793 100644
--- a/makefu/2configs/bureautomation/zigbee2mqtt/default.nix
+++ b/makefu/2configs/bureautomation/zigbee2mqtt/default.nix
@@ -12,7 +12,7 @@ in
services.zigbee2mqtt = {
enable = true;
inherit dataDir;
- config = {
+ settings = {
permit_join = true;
serial.port = "/dev/cc2531";
homeassistant = true;
diff --git a/makefu/2configs/dcpp/hub.nix b/makefu/2configs/dcpp/hub.nix
index d9a2869cc..b8ca49b74 100644
--- a/makefu/2configs/dcpp/hub.nix
+++ b/makefu/2configs/dcpp/hub.nix
@@ -39,7 +39,9 @@ in {
home = stateDir;
isSystemUser = true;
createHome = true;
+ group = ddclientUser;
};
+ users.groups.${ddclientUser} = {};
systemd.services = {
ddclient-nsupdate-uhub = {
@@ -80,32 +82,36 @@ in {
users.users.uhub = {
home = uhubDir;
createHome = true;
+ isSystemUser = true;
+ group = "uhub";
};
- services.uhub = {
+ users.groups.uhub = {};
+ services.uhub.home = {
enable = true;
- port = 1511;
enableTLS = true;
- hubConfig = ''
- hub_name = "krebshub"
- tls_certificate = ${uhubDir}/uhub.crt
- tls_private_key = ${uhubDir}/uhub.key
- registered_users_only = true
- '';
- plugins = {
- welcome = {
- enable = true;
- motd = "shareit";
- rules = "1. Don't be an asshole";
- };
- history = {
- enable = true;
- };
- authSqlite = {
- enable = true;
- file = "${uhubDir}/uhub.sql";
- };
-
+ settings = {
+ server_port = 1511;
+ hub_name = "krebshub";
+ tls_certificate = "${uhubDir}/uhub.crt";
+ tls_private_key = "${uhubDir}/uhub.key";
+ registered_users_only = true;
};
+ plugins = [
+ {
+ plugin = "${pkgs.uhub}/plugins/mod_auth_sqlite.so";
+ settings.file = "${uhubDir}/uhub.sql";
+ }
+ {
+ plugin = "${pkgs.uhub}/plugins/mod_welcome.so";
+ settings.motd = "shareit";
+ settings.rules = "1. Don't be an asshole";
+ }
+ {
+ plugin = "${pkgs.uhub}/plugins/mod_history.so";
+ settings.motd = "shareit";
+ settings.rules = "1. Don't be an asshole";
+ }
+ ];
};
networking.firewall.allowedTCPPorts = [ 411 1511 ];
}
diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix
index 52206c380..bb5c057be 100644
--- a/makefu/2configs/default.nix
+++ b/makefu/2configs/default.nix
@@ -75,10 +75,10 @@ with import <stockholm/lib>;
auto-optimise-store = true
'';
- security.wrappers.sendmail = {
- source = "${pkgs.exim}/bin/sendmail";
- setuid = true;
- };
+ #security.wrappers.sendmail = {
+ # source = "${pkgs.exim}/bin/sendmail";
+ # setuid = true;
+ #};
services.journald.extraConfig = ''
SystemMaxUse=1G
RuntimeMaxUse=128M
diff --git a/makefu/2configs/deployment/gecloudpad/gecloudpad.nix b/makefu/2configs/deployment/gecloudpad/gecloudpad.nix
index 7d51dfa0d..6f20ff579 100644
--- a/makefu/2configs/deployment/gecloudpad/gecloudpad.nix
+++ b/makefu/2configs/deployment/gecloudpad/gecloudpad.nix
@@ -11,8 +11,8 @@ with pkgs.python3Packages;buildPythonPackage rec {
src = fetchFromGitHub {
owner = "binaergewitter";
repo = "gecloudpad";
- rev = "master";
- sha256 = "0p9lcphp3r7hyypxadzw4x9ix6d0anmspxnjnj0v2jjll8gxqlhf";
+ rev = "1399ede4e609f63fbf1c4560979a6b22b924e0c5";
+ sha256 = "1w74j5ks7naalzrib87r0adq20ik5x3x5l520apagb7baszn17lb";
};
meta = {
diff --git a/makefu/2configs/editor/neovim/default.nix b/makefu/2configs/editor/neovim/default.nix
index e7e59373a..a6fc1abc1 100644
--- a/makefu/2configs/editor/neovim/default.nix
+++ b/makefu/2configs/editor/neovim/default.nix
@@ -29,7 +29,11 @@
enable = true;
withPython3 = true;
# withNodeJs = true;
- extraPython3Packages = (ps: with ps; [ python-language-server pyls-mypy black libxml2]);
+ extraPython3Packages = (ps: with ps; [
+ # python-language-server
+ # pyls-mypy
+ black libxml2
+ ]);
extraConfig = builtins.readFile ./vimrc;
plugins = with pkgs.vimPlugins;[
undotree
diff --git a/makefu/2configs/filepimp-share.nix b/makefu/2configs/filepimp-share.nix
index abbdcbbb2..850d432f3 100644
--- a/makefu/2configs/filepimp-share.nix
+++ b/makefu/2configs/filepimp-share.nix
@@ -9,7 +9,9 @@ in {
uid = config.ids.uids.smbguest; # effectively systemUser
description = "smb guest user";
home = "/var/empty";
+ group = "share";
};
+ users.groups.share = {};
services.samba = {
enable = true;
shares = {
diff --git a/makefu/2configs/fs/sda-crypto-root.nix b/makefu/2configs/fs/sda-crypto-root.nix
index e49843cfe..54ee9f9e5 100644
--- a/makefu/2configs/fs/sda-crypto-root.nix
+++ b/makefu/2configs/fs/sda-crypto-root.nix
@@ -16,8 +16,8 @@
loader.grub.version = 2;
loader.grub.device = lib.mkDefault "/dev/sda";
- initrd.luks.cryptoModules = ["aes" "sha512" "sha1" "xts" ];
- initrd.availableKernelModules = ["xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
+ #initrd.luks.cryptoModules = ["aes" "sha512" "sha1" "xts" ];
+ initrd.availableKernelModules = ["cbc" "hmac" "sha256" "rng" "aes" "encrypted_keys" "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
};
fileSystems = {
"/" = {
diff --git a/makefu/2configs/gui/wbob-kiosk.nix b/makefu/2configs/gui/wbob-kiosk.nix
index 2f6a26d82..dc28cf4d2 100644
--- a/makefu/2configs/gui/wbob-kiosk.nix
+++ b/makefu/2configs/gui/wbob-kiosk.nix
@@ -17,7 +17,7 @@
user = "makefu";
};
displayManager.defaultSession = "gnome";
- desktopManager.gnome3.enable = true;
+ desktopManager.gnome.enable = true;
displayManager.sessionCommands = ''
${pkgs.xlibs.xset}/bin/xset -display :0 s off -dpms
${pkgs.xlibs.xrandr}/bin/xrandr --output HDMI2 --right-of HDMI1
diff --git a/makefu/2configs/home/ham/automation/light_buttons.nix b/makefu/2configs/home/ham/automation/light_buttons.nix
index 62fc87bb4..1892917c4 100644
--- a/makefu/2configs/home/ham/automation/light_buttons.nix
+++ b/makefu/2configs/home/ham/automation/light_buttons.nix
@@ -1,27 +1,53 @@
let
inherit (import ../lib) btn_cycle_light;
- turn_off_all = btn: #lights:
- {
- alias = "Turn of all lights via ${btn} double click";
- trigger = {
- platform = "state";
- entity_id = "sensor.${btn}_click";
- to = "double";
- };
- action = {
- service = "light.turn_off";
- #entity_id = lights;
- entity_id = "all";
- };
- };
in {
services.home-assistant.config.automation = [
# (btn_cycle_light "light.arbeitszimmerbeleuchtung" "arbeitszimmer_btn1")
(btn_cycle_light "light.schlafzimmer_komode_osram" "schlafzimmer_btn2" 128)
-
- (btn_cycle_light "light.keller_osram" "keller_btn1" 128)
+ {
+ alias = "toggle keller";
+ trigger = {
+ platform = "state";
+ entity_id = "sensor.keller_btn1_click";
+ to = "single";
+ };
+ action = {
+ service = "light.toggle";
+ #entity_id = lights;
+ data = {
+ entity_id = "light.keller_osram";
+ brightness = 255;
+ };
+ };
+ }
+ {
+ alias = "low brightness keller with doubleclick";
+ trigger = {
+ platform = "state";
+ entity_id = "sensor.keller_btn1_click";
+ to = "double";
+ };
+ action = {
+ service = "light.toggle";
+ data = {
+ entity_id = "light.keller_osram";
+ brightness = 50;
+ };
+ };
+ }
# (btn_cycle_light "light.wohnzimmerbeleuchtung" "wohnzimmer_btn3")
- (turn_off_all "schlafzimmer_btn2" )
+ {
+ alias = "Turn of all lights via schlafzimmer_btn2 double click";
+ trigger = {
+ platform = "state";
+ entity_id = "sensor.schlafzimmer_btn2_click";
+ to = "double";
+ };
+ action = {
+ service = "light.turn_off";
+ entity_id = "all";
+ };
+ }
];
}
diff --git a/makefu/2configs/home/ham/default.nix b/makefu/2configs/home/ham/default.nix
index 6ab3cd46c..e17cfc35d 100644
--- a/makefu/2configs/home/ham/default.nix
+++ b/makefu/2configs/home/ham/default.nix
@@ -23,6 +23,7 @@ in {
# ./multi/fliegen-couter.nix
./device_tracker/openwrt.nix
+ ./device_tracker/tile.nix
./sensor/outside.nix
diff --git a/makefu/2configs/home/ham/device_tracker/tile.nix b/makefu/2configs/home/ham/device_tracker/tile.nix
new file mode 100644
index 000000000..ad1e6c15d
--- /dev/null
+++ b/makefu/2configs/home/ham/device_tracker/tile.nix
@@ -0,0 +1,10 @@
+{
+
+ services.home-assistant.config.device_tracker =
+ [
+ { inherit (import <secrets/hass/tile.nix>) username password;
+ platform = "tile";
+ show_inactive = true;
+ }
+ ];
+}
diff --git a/makefu/2configs/home/ham/light/arbeitszimmer.nix b/makefu/2configs/home/ham/light/arbeitszimmer.nix
index bc60678b3..45fbfb57b 100644
--- a/makefu/2configs/home/ham/light/arbeitszimmer.nix
+++ b/makefu/2configs/home/ham/light/arbeitszimmer.nix
@@ -6,7 +6,8 @@ let
];
arbeitszimmerbeleuchtung = [
"light.arbeitszimmer_schrank_dimmer"
- "light.arbeitszimmer_kerze" # arbeitszimmer_kerze
+ "light.arbeitszimmer_kerze"
+ "light.arbeitszimmer_pflanzenlicht"
];
in {
services.home-assistant.config.light = [
@@ -20,5 +21,22 @@ in {
name = "Arbeitszimmer Deko";
entities = arbeitszimmer_deko;
}
+ { platform = "switch";
+ name = "Arbeitszimmer Pflanzenlicht";
+ entity_id = "switch.arbeitszimmer_stecker1";
+ }
+ ];
+ services.home-assistant.config.automation = [
+ {
+ alias = "Toggle Arbeitszimmerbeleuchtung via Remote";
+ trigger = {
+ platform = "state";
+ entity_id = "sensor.arbeitszimmer_remote1_action";
+ };
+ action = {
+ service = "light.toggle";
+ data.entity_id = "light.arbeitszimmerbeleuchtung";
+ };
+ }
];
}
diff --git a/makefu/2configs/home/ham/mqtt.nix b/makefu/2configs/home/ham/mqtt.nix
index cd1c328d7..c90afff4a 100644
--- a/makefu/2configs/home/ham/mqtt.nix
+++ b/makefu/2configs/home/ham/mqtt.nix
@@ -1,24 +1,31 @@
{ pkgs, config, ... }:
{
+ environment.systemPackages = [ pkgs.mosquitto ];
+ # port open via trusted interface
services.mosquitto = {
enable = true;
- host = "0.0.0.0";
- allowAnonymous = false;
- checkPasswords = true;
- # see <host>/mosquitto
- users.sensor = {
- hashedPassword = "$6$2DXU7W1bvqXPqxkF$vtdz5KTd/T09hmoc9LjgEGFjvpwQbQth6vlVcr5hJNLgcBHv4U03YCKC8TKXbmQAa8xiJ76xJIg25kcL+KI3tg==";
- acl = [ "topic readwrite #" ];
- };
- users.hass = {
- hashedPassword = "$6$SHuYGrE5kPSUc/hu$EomZ0KBy+vkxLt/6eJkrSBjYblCCeMjhDfUd2mwqXYJ4XsP8hGmZ59mMlmBCd3AvlFYQxb4DT/j3TYlrqo7cDA==";
- acl = [ "topic readwrite #" ];
- };
- users.stats = {
- hashedPassword = "$6$j4H7KXD/YZgvgNmL$8e9sUKRXowDqJLOVgzCdDrvDE3+4dGgU6AngfAeN/rleGOgaMhee2Mbg2KS5TC1TOW3tYbk9NhjLYtjBgfRkoA==";
- acl = [ "topic read #" ];
- };
+ persistence = false;
+ settings.max_keepalive = 60;
+ listeners = [
+ {
+ port = 1883;
+ omitPasswordAuth = false;
+ users.sensor = {
+ hashedPassword = "$6$2DXU7W1bvqXPqxkF$vtdz5KTd/T09hmoc9LjgEGFjvpwQbQth6vlVcr5hJNLgcBHv4U03YCKC8TKXbmQAa8xiJ76xJIg25kcL+KI3tg==";
+ acl = [ "topic readwrite #" ];
+ };
+ users.hass = {
+ hashedPassword = "$6$SHuYGrE5kPSUc/hu$EomZ0KBy+vkxLt/6eJkrSBjYblCCeMjhDfUd2mwqXYJ4XsP8hGmZ59mMlmBCd3AvlFYQxb4DT/j3TYlrqo7cDA==";
+ acl = [ "topic readwrite #" ];
+ };
+ users.stats = {
+ hashedPassword = "$6$j4H7KXD/YZgvgNmL$8e9sUKRXowDqJLOVgzCdDrvDE3+4dGgU6AngfAeN/rleGOgaMhee2Mbg2KS5TC1TOW3tYbk9NhjLYtjBgfRkoA==";
+ acl = [ "topic read #" ];
+ };
+ settings = {
+ allow_anonymous = false;
+ };
+ }
+ ];
};
- environment.systemPackages = [ pkgs.mosquitto ];
- # port open via trusted interface
}
diff --git a/makefu/2configs/lanparty/samba.nix b/makefu/2configs/lanparty/samba.nix
index 0bd29497d..e2fa58c4b 100644
--- a/makefu/2configs/lanparty/samba.nix
+++ b/makefu/2configs/lanparty/samba.nix
@@ -7,7 +7,9 @@
description = "smb guest user";
home = "/data/lanparty";
createHome = true;
+ group = "share";
};
+ users.groups.share = {};
services.samba = {
enable = true;
enableNmbd = true;
diff --git a/makefu/2configs/minimal.nix b/makefu/2configs/minimal.nix
index 445e6c577..1761f65e2 100644
--- a/makefu/2configs/minimal.nix
+++ b/makefu/2configs/minimal.nix
@@ -78,8 +78,8 @@
# Enable IPv6 Privacy Extensions
boot.kernel.sysctl = {
- "net.ipv6.conf.all.use_tempaddr" = 2;
- "net.ipv6.conf.default.use_tempaddr" = 2;
+ "net.ipv6.conf.all.use_tempaddr" = lib.mkDefault "2";
+ "net.ipv6.conf.default.use_tempaddr" = lib.mkDefault "2";
};
}
diff --git a/makefu/2configs/mqtt.nix b/makefu/2configs/mqtt.nix
index 9d1da8392..cba43e22d 100644
--- a/makefu/2configs/mqtt.nix
+++ b/makefu/2configs/mqtt.nix
@@ -2,12 +2,18 @@
{
services.mosquitto = {
enable = true;
- host = "0.0.0.0";
- users = {};
- # TODO: secure that shit
- aclExtraConf = ''
- pattern readwrite #
- '';
- allowAnonymous = true;
+ persistence = false;
+ settings.max_keepalive = 60;
+ listeners = [
+ {
+ port = 1883;
+ omitPasswordAuth = true;
+ users = {};
+ settings = {
+ allow_anonymous = true;
+ };
+ acl = [ "topic readwrite #" "pattern readwrite #" ];
+ }
+ ];
};
}
diff --git a/makefu/2configs/nix-community/supervision.nix b/makefu/2configs/nix-community/supervision.nix
index f648b9c17..cd4b6567b 100644
--- a/makefu/2configs/nix-community/supervision.nix
+++ b/makefu/2configs/nix-community/supervision.nix
@@ -6,6 +6,7 @@ in {
networking.firewall.extraCommands = ''
iptables -A INPUT -i retiolum -p tcp --dport ${port} -j ACCEPT
+ ip6tables -A INPUT -i retiolum -p tcp --dport ${port} -j ACCEPT
'';
services.telegraf = {
diff --git a/makefu/2configs/nsupdate-data.nix b/makefu/2configs/nsupdate-data.nix
index 2f8f4acc4..3b6518f60 100644
--- a/makefu/2configs/nsupdate-data.nix
+++ b/makefu/2configs/nsupdate-data.nix
@@ -28,14 +28,16 @@ let
'';
in {
- users.extraUsers = singleton {
+ users.users.${ddclientUser} = {
name = ddclientUser;
- uid = genid "ddclient";
+ uid = genid ddclientUser;
description = "ddclient daemon user";
home = stateDir;
createHome = true;
isSystemUser = true;
+ group = ddclientUser;
};
+ users.groups.${ddclientUser} = {};
systemd.services = {
ddclient-nsupdate-elchos = {
diff --git a/makefu/2configs/share/omo.nix b/makefu/2configs/share/omo.nix
index 308142f03..93536b63d 100644
--- a/makefu/2configs/share/omo.nix
+++ b/makefu/2configs/share/omo.nix
@@ -14,7 +14,9 @@ in {
uid = config.ids.uids.smbguest;
description = "smb guest user";
home = "/var/empty";
+ group = "share";
};
+ users.groups.share = {};
services.samba = {
enable = true;
shares = {
diff --git a/makefu/2configs/share/temp-share-samba.nix b/makefu/2configs/share/temp-share-samba.nix
index 56beb5b42..bcfddc112 100644
--- a/makefu/2configs/share/temp-share-samba.nix
+++ b/makefu/2configs/share/temp-share-samba.nix
@@ -13,7 +13,9 @@
description = "smb guest user";
home = "/home/share";
createHome = true;
+ group = "smbguest";
};
+ users.groups.smbguest = {};
services.samba = {
enable = true;
shares = {
diff --git a/makefu/2configs/share/wbob.nix b/makefu/2configs/share/wbob.nix
index f2c36b551..9e5f8ddf5 100644
--- a/makefu/2configs/share/wbob.nix
+++ b/makefu/2configs/share/wbob.nix
@@ -7,7 +7,9 @@
description = "smb guest user";
home = "/home/share";
createHome = true;
+ group = "smbguest";
};
+ users.groups.smbguest = {};
users.groups.mpd.members = [ "makefu" ];
services.samba = {
enable = true;
diff --git a/makefu/2configs/stats/arafetch.nix b/makefu/2configs/stats/arafetch.nix
index c8ccbfbb9..0ea05e779 100644
--- a/makefu/2configs/stats/arafetch.nix
+++ b/makefu/2configs/stats/arafetch.nix
@@ -24,7 +24,9 @@ in {
inherit home;
createHome = true;
isSystemUser = true;
+ group = "arafetch";
};
+ users.groups.arafetch = {};
systemd.services.ara2mqtt = {
startAt = "05:00:00";
diff --git a/makefu/2configs/tools/android-pentest.nix b/makefu/2configs/tools/android-pentest.nix
index 766aacb9e..1f622a8e0 100644
--- a/makefu/2configs/tools/android-pentest.nix
+++ b/makefu/2configs/tools/android-pentest.nix
@@ -6,7 +6,7 @@
# mitmproxy
nmap
msf
- drozer
+ #drozer
#dex2jar
apktool
jd-gui
diff --git a/makefu/2configs/tools/dev.nix b/makefu/2configs/tools/dev.nix
index 94e77e636..918d950f2 100644
--- a/makefu/2configs/tools/dev.nix
+++ b/makefu/2configs/tools/dev.nix
@@ -3,9 +3,10 @@
{
users.users.makefu.packages = with pkgs;[
(python3.withPackages(ps: [
- ps.python-language-server
+ #ps.python-language-server
# the following plugins are optional, they provide type checking, import sorting and code formatting
- ps.pyls-mypy ps.pyls-isort ps.pyls-black
+ # ps.pyls-mypy ps.pyls-isort ps.pyls-black
+
ps.virtualenv ps.pyserial ps.virtualenv
]))
# embedded
diff --git a/makefu/2configs/tools/extra-gui.nix b/makefu/2configs/tools/extra-gui.nix
index 763603dfd..4bd0c25f4 100644
--- a/makefu/2configs/tools/extra-gui.nix
+++ b/makefu/2configs/tools/extra-gui.nix
@@ -20,6 +20,9 @@
# rambox
vscode
+
+ # 3d Modelling
chitubox
+ freecad
];
}
diff --git a/makefu/2configs/urlwatch/default.nix b/makefu/2configs/urlwatch/default.nix
index 93424815d..3620bc568 100644
--- a/makefu/2configs/urlwatch/default.nix
+++ b/makefu/2configs/urlwatch/default.nix
@@ -34,9 +34,9 @@ in {
https://pypi.python.org/simple/pyserial/
https://pypi.python.org/simple/semantic_version/
# weird shit
- { url = "https://www.zigbee2mqtt.io/information/supported_adapters.html";
- filter = "html2text";
- }
+ #{ url = "https://www.zigbee2mqtt.io/guide/adapters/";
+ # filter = "html2text";
+ #}
http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/
https://erdgeist.org/gitweb/opentracker/info/refs?service=git-upload-pack