From 9d32c9731b90afe0f2227979185364efbe6e0ef4 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 2 Dec 2020 22:26:24 +0100 Subject: ma pkgs.awesomecfg: fix eval error for nur --- makefu/5pkgs/awesomecfg/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/makefu/5pkgs/awesomecfg/default.nix b/makefu/5pkgs/awesomecfg/default.nix index acbe61f3..7a4d3013 100644 --- a/makefu/5pkgs/awesomecfg/default.nix +++ b/makefu/5pkgs/awesomecfg/default.nix @@ -6,7 +6,7 @@ , blueman , clipit , flameshot -, chapter-marker +, chapter-marker ? false , modkey ? "Mod4" , locker? "${pkgs.xlock}/bin/xlock -mode blank" , ... }: -- cgit v1.2.3 From deb3343d1eff747f37d08730d187574677540bf7 Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 8 Dec 2020 21:41:33 +0100 Subject: shack/powerraw: pin usb device and use new powerraw release to set the appropriate device instead of guessing /dev/ttyUSB0 --- krebs/2configs/shack/powerraw.nix | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/krebs/2configs/shack/powerraw.nix b/krebs/2configs/shack/powerraw.nix index 3cf6beb2..cc3692e8 100644 --- a/krebs/2configs/shack/powerraw.nix +++ b/krebs/2configs/shack/powerraw.nix @@ -8,20 +8,25 @@ let pkg = pkgs.python3.pkgs.callPackage ( pkgs.fetchgit { url = "https://git.shackspace.de/rz/powermeter.git"; - rev = "96609f0d632e0732afa768ddd7b3f8841ca37c1b"; - sha256 = "sha256:0wfpm3ik5r081qv2crmpjwylgg2v8ximq347qh0fzq1rwv0dqbnn"; + rev = "438b08f"; + sha256 = "0c5czmrwlw985b7ia6077mfrvbf2fq51iajb481pgqbywgxqis5m"; }) {}; in { # receive response from light.shack / standby.shack networking.firewall.allowedUDPPorts = [ 11111 ]; users.users.powermeter.extraGroups = [ "dialout" ]; + # we make sure that usb-ttl has the correct permissions + # creates /dev/powerraw + services.udev.extraRules = '' + SUBSYSTEM=="tty", ATTRS{idVendor}=="0403", ATTRS{idProduct}=="6001", SYMLINK+="powerraw", MODE="0660", GROUP="dialout" + ''; systemd.services.powermeter-serial2mqtt = { description = "powerraw Serial -> mqtt"; wantedBy = [ "multi-user.target" ]; serviceConfig = { User = "powermeter"; - ExecStart = "${pkg}/bin/powermeter-serial2mqtt"; + ExecStart = "${pkg}/bin/powermeter-serial2mqtt /dev/powerraw"; PrivateTmp = true; Restart = "always"; RestartSec = "15"; -- cgit v1.2.3 From db80207267dd750d6e5fce0a4c15961aa324627b Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 16 Dec 2020 16:10:08 +0100 Subject: ma anon-sftp: init --- krebs/2configs/shack/prometheus/alert-rules.nix | 7 +++-- makefu/2configs/ham/light/groups.nix | 41 ------------------------- makefu/2configs/ham/light/schlafzimmer.nix | 41 +++++++++++++++++++++++++ makefu/2configs/share/anon-sftp.nix | 25 +++++++++++++++ 4 files changed, 70 insertions(+), 44 deletions(-) delete mode 100644 makefu/2configs/ham/light/groups.nix create mode 100644 makefu/2configs/ham/light/schlafzimmer.nix create mode 100644 makefu/2configs/share/anon-sftp.nix diff --git a/krebs/2configs/shack/prometheus/alert-rules.nix b/krebs/2configs/shack/prometheus/alert-rules.nix index 1c2d0b1a..12c69146 100644 --- a/krebs/2configs/shack/prometheus/alert-rules.nix +++ b/krebs/2configs/shack/prometheus/alert-rules.nix @@ -14,7 +14,7 @@ in { labels.severity = "warning"; annotations.summary = "{{ $labels.alias }} root disk full"; annotations.url = "http://grafana.shack/d/hb7fSE0Zz/shack-system-dashboard?orgId=1&var-job=node&var-hostname=All&var-node=wolf.shack:9100&var-device=All&var-maxmount=%2F&var-show_hostname=wolf"; - annotations.description = ''The root disk of {{ $labels.alias }} has {{ $value | printf "%.2f" }}% free disk space (Threshold at ${disk_free_threshold}%).A vast number of shackspace services will stop working. CI for deploying new configuration will also seize working. Log in to the system and run `nix-collect-garbage -d` and clean up the shack share folder in `/home/share` .If this does not help you can check `du -hs /var/ | sort -h`, run `docker system prune` or if you are really desperate run `du -hs / | sort -h` and go through the folders recursively until you've found something to delete''; + annotations.description = ''The root disk of {{ $labels.alias }} has {{ $value | printf "%.2f" }}% free disk space (Threshold at ${disk_free_threshold}%). CI for deploying new configuration will seize working. Log in to the system and run `nix-collect-garbage -d` and clean up the shack share folder in `/home/share` .If this does not help you can check `du -hs /var/ | sort -h`, run `docker system prune` or if you are really desperate run `du -hs / | sort -h` and go through the folders recursively until you've found something to delete''; } { alert = "RootPartitionFull"; @@ -25,14 +25,15 @@ in { annotations.url = "http://grafana.shack/d/hb7fSE0Zz/shack-system-dashboard?orgId=1&var-job=node&var-hostname=All&var-node=wolf.shack:9100&var-device=All&var-maxmount=%2F&var-show_hostname=puyak"; annotations.description = ''The root disk of {{ $labels.alias }} has {{ $value | printf "%.2f" }}% free disk space (Threshold at ${disk_free_threshold}%).Prometheus will not be able to create new alerts and CI for deploying new configuration will also seize working. Log in to the system and run `nix-collect-garbage -d` and if this does not help you can check `du -hs /var/ | sort -h`, run `docker system prune` or if you are really desperate run `du -hs / | sort -h` and go through the folders recursively until you've found something to delete''; } + # wolf.shack is not worth supervising anymore { alert = "HostDown"; - expr = ''up{alias="wolf.shack"} == 0''; + expr = ''up{alias="infra01.shack"} == 0''; for = "5m"; labels.severity = "page"; annotations.summary = "Instance {{ $labels.alias }} down for 5 minutes"; annotations.url = "http://grafana.shack/d/hb7fSE0Zz/shack-system-dashboard?orgId=1&var-job=node&var-hostname=All&var-node=wolf.shack:9100&var-device=All&var-maxmount=%2F&var-show_hostname=wolf"; - annotations.description = ''Host {{ $labels.alias }} went down and has not been reconnected after 5 minutes. This is probably bad news, try to restart the host via naproxen ( http://naproxen.shack:8006 ). Wolf being down means that CI,glados automation, light management and a couple of other services will not work anymore.''; + annotations.description = ''Host {{ $labels.alias }} went down and has not been reconnected after 5 minutes. This is probably bad news, as the machine runs one of the DNS servers and the power broadcast proxy which is used to be able to turn off the light via puyak as well as the shutdown listener.''; } ]; } diff --git a/makefu/2configs/ham/light/groups.nix b/makefu/2configs/ham/light/groups.nix deleted file mode 100644 index 274fd60a..00000000 --- a/makefu/2configs/ham/light/groups.nix +++ /dev/null @@ -1,41 +0,0 @@ -let - arbeitszimmer_licht = [ - "light.led_wand" - "light.arbeitszimmer_led1_led_strip" # LED-Kreis in cube - "light.arbeitszimmer_flur_osram_light" - "light.arbeitszimmer_schrank_dimmer_light" - "light.arbeitszimmer_schrank_osram_light" - ]; - wohnzimmer_licht = [ - "light.wohnzimmer_fernseher_led_strip" # led um fernseher - "light.wohnzimmer_komode_osram_light" - "light.wohnzimmer_schrank_osram_light" - "light.wohnzimmer_stehlampe_osram_light" - ]; - schlafzimmer_licht = [ - "light.schlafzimmer_komode_osram_light" - ]; -in { - services.home-assistant.config.light = [ - { - platform = "group"; - name = "Arbeitszimmer Lichter"; - entities = arbeitszimmer_licht; - } - { - platform = "group"; - name = "Wohnzimmer Lichter"; - entities = wohnzimmer_licht; - } - { - platform = "group"; - name = "Schlafzimmer Lichter"; - entities = schlafzimmer_licht; - } - { - platform = "group"; - name = "Alle Lichter"; - entities = arbeitszimmer_licht ++ wohnzimmer_licht ++ schlafzimmer_licht; - } - ]; -} diff --git a/makefu/2configs/ham/light/schlafzimmer.nix b/makefu/2configs/ham/light/schlafzimmer.nix new file mode 100644 index 00000000..274fd60a --- /dev/null +++ b/makefu/2configs/ham/light/schlafzimmer.nix @@ -0,0 +1,41 @@ +let + arbeitszimmer_licht = [ + "light.led_wand" + "light.arbeitszimmer_led1_led_strip" # LED-Kreis in cube + "light.arbeitszimmer_flur_osram_light" + "light.arbeitszimmer_schrank_dimmer_light" + "light.arbeitszimmer_schrank_osram_light" + ]; + wohnzimmer_licht = [ + "light.wohnzimmer_fernseher_led_strip" # led um fernseher + "light.wohnzimmer_komode_osram_light" + "light.wohnzimmer_schrank_osram_light" + "light.wohnzimmer_stehlampe_osram_light" + ]; + schlafzimmer_licht = [ + "light.schlafzimmer_komode_osram_light" + ]; +in { + services.home-assistant.config.light = [ + { + platform = "group"; + name = "Arbeitszimmer Lichter"; + entities = arbeitszimmer_licht; + } + { + platform = "group"; + name = "Wohnzimmer Lichter"; + entities = wohnzimmer_licht; + } + { + platform = "group"; + name = "Schlafzimmer Lichter"; + entities = schlafzimmer_licht; + } + { + platform = "group"; + name = "Alle Lichter"; + entities = arbeitszimmer_licht ++ wohnzimmer_licht ++ schlafzimmer_licht; + } + ]; +} diff --git a/makefu/2configs/share/anon-sftp.nix b/makefu/2configs/share/anon-sftp.nix new file mode 100644 index 00000000..7cde9317 --- /dev/null +++ b/makefu/2configs/share/anon-sftp.nix @@ -0,0 +1,25 @@ +{ config, lib, pkgs, ... }: + +with import ; +{ + services.openssh = { + allowSFTP = true; + sftpFlags = [ "-l VERBOSE" ]; + extraConfig = '' + Match User anonymous + ForceCommand internal-sftp + AllowTcpForwarding no + X11Forwarding no + PasswordAuthentication no + ''; + }; + + users.users.anonymous = { + uid = genid "anonymous"; + useDefaultShell = false; + password = "anonymous"; + home = "/media/anon"; + createHome = true; + }; + +} -- cgit v1.2.3