summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlassulus <lassulus@lassul.us>2020-01-10 19:37:56 +0100
committerlassulus <lassulus@lassul.us>2020-01-10 19:37:56 +0100
commit4104b5d6d8e0acb80308e44e436a9cbe8863961a (patch)
treeb753694bb258edace7269bce688ced3bbd4b0133
parentf491fac2025b2e99788be8e26181da1b26995e84 (diff)
parent5d3fbb2af9c1c7d166ca45cd9d119bd77a3acd80 (diff)
Merge remote-tracking branch 'gum/master'
-rw-r--r--krebs/1systems/filebitch/config.nix48
-rw-r--r--krebs/1systems/filebitch/hardware-configuration.nix96
-rw-r--r--krebs/1systems/wolf/config.nix4
-rw-r--r--krebs/2configs/shack/glados/automation/hass-restart.nix20
-rw-r--r--krebs/2configs/shack/glados/default.nix19
-rw-r--r--krebs/2configs/shack/glados/lib/default.nix107
-rw-r--r--krebs/2configs/shack/glados/multi/schlechte_luft.nix123
-rw-r--r--krebs/2configs/shack/glados/multi/wasser.nix17
-rw-r--r--krebs/2configs/shack/glados/sensors/hass.nix23
-rw-r--r--krebs/2configs/shack/muellshack.nix4
-rw-r--r--krebs/2configs/shack/shackDNS.nix63
-rw-r--r--krebs/2configs/shack/ssh-keys.nix1
-rw-r--r--krebs/3modules/external/default.nix4
-rw-r--r--krebs/3modules/external/ssh/xq.pub1
-rw-r--r--krebs/3modules/krebs/default.nix29
-rw-r--r--krebs/3modules/makefu/default.nix8
-rw-r--r--krebs/3modules/makefu/retiolum/filebitch.pub8
-rw-r--r--makefu/2configs/homeautomation/default.nix1
-rw-r--r--makefu/2configs/hw/bluetooth.nix10
-rw-r--r--makefu/2configs/hw/network-manager.nix6
-rw-r--r--makefu/5pkgs/studio-link/default.nix64
21 files changed, 549 insertions, 107 deletions
diff --git a/krebs/1systems/filebitch/config.nix b/krebs/1systems/filebitch/config.nix
new file mode 100644
index 000000000..9c6a9da08
--- /dev/null
+++ b/krebs/1systems/filebitch/config.nix
@@ -0,0 +1,48 @@
+{ config, pkgs, ... }:
+let
+ shack-ip = config.krebs.build.host.nets.shack.ip4.addr;
+in
+{
+ imports = [
+ ./hardware-configuration.nix
+ <stockholm/krebs>
+ <stockholm/krebs/2configs>
+ # <stockholm/krebs/2configs/secret-passwords.nix>
+
+ # <stockholm/krebs/2configs/binary-cache/nixos.nix>
+ # <stockholm/krebs/2configs/binary-cache/prism.nix>
+ <stockholm/krebs/2configs/shack/ssh-keys.nix>
+ <stockholm/krebs/2configs/shack/prometheus/node.nix>
+ # provides access to /home/share for smbuser via smb
+ <stockholm/krebs/2configs/shack/share.nix>
+ {
+ fileSystems."/home/share" =
+ { device = "/serve";
+ options = [ "bind" "nofail" ];
+ };
+ }
+
+ ## Collect local statistics via collectd and send to collectd
+ <stockholm/krebs/2configs/stats/shack-client.nix>
+ <stockholm/krebs/2configs/stats/shack-debugging.nix>
+ ];
+
+ krebs.build.host = config.krebs.hosts.filebitch;
+ sound.enable = false;
+
+ services.udev.extraRules = ''
+ SUBSYSTEM=="net", ATTR{address}=="60:a4:4c:3d:52:cf", NAME="et0"
+ '';
+ networking = {
+ firewall.enable = true;
+ interfaces.et0.ipv4.addresses = [
+ {
+ address = shack-ip;
+ prefixLength = 20;
+ }
+ ];
+
+ defaultGateway = "10.42.0.1";
+ nameservers = [ "10.42.0.100" "10.42.0.200" ];
+ };
+}
diff --git a/krebs/1systems/filebitch/hardware-configuration.nix b/krebs/1systems/filebitch/hardware-configuration.nix
new file mode 100644
index 000000000..574618e39
--- /dev/null
+++ b/krebs/1systems/filebitch/hardware-configuration.nix
@@ -0,0 +1,96 @@
+{ config, lib, pkgs, ... }:
+let
+ byid = dev: "/dev/disk/by-id/" + dev;
+ keyFile = byid "usb-SMI_USB_DISK_AA08061700009650-0:0";
+in
+{
+ imports =
+ [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
+ ];
+ boot.loader.grub.enable = true;
+ boot.loader.grub.version = 2;
+ boot.zfs.devNodes = "/dev"; # fixes some virtualmachine issues
+ boot.zfs.forceImportRoot = false;
+ boot.zfs.forceImportAll = false;
+ boot.kernelParams = [
+ "boot.shell_on_fail"
+ "panic=30" "boot.panic_on_fail" # reboot the machine upon fatal boot issues
+ ];
+ boot.tmpOnTmpfs = true;
+
+
+ boot.initrd.availableKernelModules = [
+ "xhci_pci" "ahci" "ohci_pci" "ehci_pci" "usb_storage" "usbhid" "sd_mod"
+ "raid456"
+ "usbhid"
+ "usb_storage"
+ ];
+ boot.initrd.kernelModules = [
+ "sata_sil"
+ "megaraid_sas"
+ ];
+ boot.kernelModules = [ "kvm-amd" ];
+ boot.extraModulePackages = [ ];
+
+ fileSystems."/" =
+ { device = "tank/root";
+ fsType = "zfs";
+ };
+
+ fileSystems."/home" =
+ { device = "tank/home";
+ fsType = "zfs";
+ };
+
+ fileSystems."/nix" =
+ { device = "tank/nix";
+ fsType = "zfs";
+ };
+
+ fileSystems."/boot" =
+ { device = "/dev/disk/by-uuid/5266-931D";
+ fsType = "vfat";
+ };
+ fileSystems."/serve" =
+ { device = "/dev/cryptvg/serve";
+ fsType = "ext4";
+ options = [ "nofail" ];
+ };
+ fileSystems."/serve/incoming" =
+ { device = "/dev/cryptvg/incoming";
+ fsType = "ext4";
+ options = [ "nofail" ];
+
+ };
+ fileSystems."/serve/movies" =
+ { device = "/dev/cryptvg/servemovies";
+ fsType = "ext4";
+ options = [ "nofail" ];
+ };
+
+ swapDevices =
+ [ { device = "/dev/disk/by-uuid/3353c76f-50e4-471d-84bc-ff922d22b271"; }
+ ];
+
+ nix.maxJobs = lib.mkDefault 4;
+ boot.loader.grub.device = byid "ata-INTEL_SSDSA2M080G2GC_CVPO013300WD080BGN";
+
+ networking.hostId = "54d97450"; # required for zfs use
+ boot.initrd.luks.devices = let
+ usbkey = name: device: {
+ inherit name device keyFile;
+ keyFileSize = 2048;
+ preLVM = true;
+ };
+ in [
+ ((usbkey "swap" (byid "ata-INTEL_SSDSA2M080G2GC_CVPO013300WD080BGN-part2"))
+ // { allowDiscards = true; } )
+ ((usbkey "root" (byid "ata-INTEL_SSDSA2M080G2GC_CVPO013300WD080BGN-part3"))
+ // { allowDiscards = true; } )
+ (usbkey "125" "/dev/md125")
+ (usbkey "126" "/dev/md126")
+ (usbkey "127" "/dev/md127")
+ ];
+
+
+}
diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix
index 059e09ac1..7a096cecf 100644
--- a/krebs/1systems/wolf/config.nix
+++ b/krebs/1systems/wolf/config.nix
@@ -69,6 +69,10 @@ in
# grafana.shack
<stockholm/krebs/2configs/shack/grafana.nix>
+ # shackdns.shack
+ # replacement for leases.shack and shackles.shack
+ <stockholm/krebs/2configs/shack/shackDNS.nix>
+
];
# use your own binary cache, fallback use cache.nixos.org (which is used by
# apt-cacher-ng in first place)
diff --git a/krebs/2configs/shack/glados/automation/hass-restart.nix b/krebs/2configs/shack/glados/automation/hass-restart.nix
new file mode 100644
index 000000000..e87354978
--- /dev/null
+++ b/krebs/2configs/shack/glados/automation/hass-restart.nix
@@ -0,0 +1,20 @@
+# needs:
+# light.fablab_led
+[
+ { alias = "State on HA start-up";
+ trigger = {
+ platform = "homeassistant";
+ event = "start";
+ };
+ action = [
+ { service = "light.turn_on";
+ data = {
+ entity_id = "light.fablab_led";
+ effect = "Rainbow";
+ color_name = "yellow";
+ };
+ }
+ ];
+ }
+]
+
diff --git a/krebs/2configs/shack/glados/default.nix b/krebs/2configs/shack/glados/default.nix
index d000af397..e48a54551 100644
--- a/krebs/2configs/shack/glados/default.nix
+++ b/krebs/2configs/shack/glados/default.nix
@@ -2,6 +2,7 @@
let
shackopen = import ./multi/shackopen.nix;
wasser = import ./multi/wasser.nix;
+ badair = import ./multi/schlechte_luft.nix;
in {
services.nginx.virtualHosts."hass.shack" = {
serverAliases = [ "glados.shack" ];
@@ -44,7 +45,7 @@ in {
autoExtraComponents = true;
config = {
homeassistant = {
- name = "Bureautomation";
+ name = "Glados";
time_zone = "Europe/Berlin";
latitude = "48.8265";
longitude = "9.0676";
@@ -89,7 +90,7 @@ in {
};
};
switch = wasser.switch;
- light = [];
+ light = badair.light;
media_player = [
{ platform = "mpd";
host = "lounge.mpd.shack";
@@ -99,7 +100,8 @@ in {
sensor =
(import ./sensors/hass.nix)
++ (import ./sensors/power.nix)
- ++ shackopen.sensor;
+ ++ shackopen.sensor
+ ++ badair.sensor;
binary_sensor = shackopen.binary_sensor;
@@ -113,8 +115,9 @@ in {
trusted_proxies = "127.0.0.1";
};
#conversation = {};
- #history = {};
- #logbook = {};
+ history = {};
+ logbook = {};
+ recorder = {};
tts = [
{ platform = "google_translate";
language = "de";
@@ -123,10 +126,12 @@ in {
# language = "de-DE";
#}
];
- #recorder = {};
sun = {};
- automation = wasser.automation;
+ automation = wasser.automation
+ ++ badair.automation
+ ++ (import ./automation/hass-restart.nix);
+
device_tracker = [];
};
};
diff --git a/krebs/2configs/shack/glados/lib/default.nix b/krebs/2configs/shack/glados/lib/default.nix
new file mode 100644
index 000000000..6737af842
--- /dev/null
+++ b/krebs/2configs/shack/glados/lib/default.nix
@@ -0,0 +1,107 @@
+let
+ prefix = "glados";
+in
+{
+ esphome =
+ {
+ temp = {host, topic ? "temperature" }:
+ {
+ platform = "mqtt";
+ name = "${host} Temperature";
+ device_class = "temperature";
+ unit_of_measurement = "°C";
+ icon = "mdi:thermometer";
+ state_topic = "${prefix}/${host}/sensor/${topic}/state";
+ availability_topic = "${prefix}/${host}/status";
+ payload_available = "online";
+ payload_not_available = "offline";
+ };
+ hum = {host, topic ? "humidity" }:
+ {
+ platform = "mqtt";
+ unit_of_measurement = "%";
+ icon = "mdi:water-percent";
+ device_class = "humidity";
+ name = "${host} Humidity";
+ state_topic = "${prefix}/${host}/sensor/${topic}/state";
+ availability_topic = "${prefix}/${host}/status";
+ payload_available = "online";
+ payload_not_available = "offline";
+ };
+ # copied from "homeassistant/light/fablab_led/led_ring/config"
+ led = {host, topic ? "led", name ? host}:
+ { # name: fablab_led
+ # topic: led_ring
+ platform = "mqtt";
+ inherit name;
+ schema = "json";
+ brightness = true;
+ rgb = true;
+ effect = true;
+ effect_list = [ # TODO: may be different
+ "Random"
+ "Strobe"
+ "Rainbow"
+ "Color Wipe"
+ "Scan"
+ "Twinkle"
+ "Fireworks"
+ "Addressable Flicker"
+ "None"
+ ];
+ state_topic = "${prefix}/${host}/light/${topic}/state";
+ command_topic = "${prefix}/${host}/light/${topic}/command";
+ availability_topic = "${prefix}/${host}/status";
+ payload_available = "online";
+ payload_not_available = "offline";
+ qos = 1;
+ };
+ # Feinstaub
+ dust_25m = { host, name ? "${host} < 2.5µm", topic ? "particulate_matter_25m_concentration" }:
+ {
+ platform = "mqtt";
+ unit_of_measurement = "µg/m³";
+ icon = "mdi:chemical-weapon";
+ inherit name;
+ state_topic = "${prefix}/${host}/sensor/${topic}/state";
+ availability_topic = "${prefix}/${host}/status";
+ };
+ dust_100m = {host, name ? "${host} < 10µm", topic ? "particulate_matter_100m_concentration" }:
+ {
+ platform = "mqtt";
+ unit_of_measurement = "µg/m³";
+ icon = "mdi:chemical-weapon";
+ inherit name;
+ state_topic = "${prefix}/${host}/sensor/${topic}/state";
+ availability_topic = "${prefix}/${host}/status";
+ };
+ switch = {host, name ? "${host} Button", topic ? "btn" }:
+ # host: ampel
+ # name: Button 1
+ # topic: btn1
+ {
+ inherit name;
+ platform = "mqtt";
+ state_topic = "${prefix}/${host}/sensor/${topic}/state";
+ command_topic = "${prefix}/${host}/switch/${topic}/state";
+ availability_topic = "${prefix}/${host}/status";
+ };
+ };
+ tasmota =
+ {
+ plug = {host, name ? host, topic ? host}:
+ {
+ platform = "mqtt";
+ inherit name;
+ state_topic = "sonoff/stat/${topic}/POWER1";
+ command_topic = "sonoff/cmnd/${topic}/POWER1";
+ availability_topic = "sonoff/tele/${topic}/LWT";
+ payload_on= "ON";
+ payload_off= "OFF";
+ payload_available= "Online";
+ payload_not_available= "Offline";
+ retain = false;
+ qos = 1;
+ };
+ };
+}
diff --git a/krebs/2configs/shack/glados/multi/schlechte_luft.nix b/krebs/2configs/shack/glados/multi/schlechte_luft.nix
new file mode 100644
index 000000000..9cd2c56f4
--- /dev/null
+++ b/krebs/2configs/shack/glados/multi/schlechte_luft.nix
@@ -0,0 +1,123 @@
+let
+ glados = import ../lib;
+in
+{
+ # LED
+ light = [
+ (glados.esphome.led { name = "Fablab LED"; host = "fablab_led"; topic = "led_ring"; })
+
+ (glados.esphome.led { name = "Fablab LED Part A"; host = "fablab_led"; topic = "A";})
+ (glados.esphome.led { name = "Fablab LED Part B"; host = "fablab_led"; topic = "B";})
+ (glados.esphome.led { name = "Fablab LED Part C"; host = "fablab_led"; topic = "C";})
+ (glados.esphome.led { name = "Fablab LED Part D"; host = "fablab_led"; topic = "D";})
+ ];
+ sensor = [
+ (glados.esphome.temp { host = "fablab_feinstaub";})
+ (glados.esphome.dust_25m { host = "fablab_feinstaub";})
+ (glados.esphome.dust_100m { host = "fablab_feinstaub";})
+ ];
+ automation =
+ [
+ { alias = "Gute Luft Fablab";
+ trigger = [
+ {
+ platform = "numeric_state";
+ below = 25;
+ entity_id = "sensor.fablab_feinstaub_2_5um";
+ }
+ ];
+ action =
+ [
+ { service = "light.turn_on";
+ data = {
+ entity_id = "light.fablab_led";
+ effect = "Twinkle";
+ color_name = "green";
+ };
+ }
+ ];
+ }
+ { alias = "mäßige Luft Fablab";
+ trigger = [
+ #{
+ # platform = "numeric_state";
+ # above = 25;
+ # entity_id = "sensor.fablab_feinstaub_25m";
+ #}
+ {
+ platform = "numeric_state";
+ above = 25;
+ below = 50;
+ entity_id = "sensor.fablab_feinstaub_2_5um";
+ }
+ ];
+ action =
+ [
+ { service = "light.turn_on";
+ data = {
+ entity_id = "light.fablab_led";
+ effect = "Twinkle";
+ color_name = "yellow";
+ };
+ }
+ ];
+ }
+ { alias = "schlechte Luft Fablab";
+ trigger = [
+ {
+ platform = "numeric_state";
+ above = 50;
+ entity_id = "sensor.fablab_feinstaub_2_5um";
+ }
+ ];
+ action =
+ [
+ { service = "light.turn_on";
+ data = {
+ entity_id = "light.fablab_led";
+ effect = "Twinkle";
+ color_name = "red";
+ };
+ }
+ ];
+ }
+ { alias = "Luft Sensor nicht verfügbar";
+ trigger = [
+ {
+ platform = "state";
+ to = "unavailable";
+ entity_id = "sensor.fablab_feinstaub_2_5um";
+ }
+ ];
+ action =
+ [
+ { service = "light.turn_on";
+ data = {
+ entity_id = "light.fablab_led";
+ effect = "Rainbow";
+ color_name = "blue";
+ };
+ }
+ ];
+ }
+ { alias = "Fablab Licht Reboot";
+ trigger = [
+ {
+ platform = "state";
+ from = "unavailable";
+ entity_id = "light.fablab_led";
+ }
+ ];
+ action =
+ [
+ { service = "light.turn_on";
+ data = {
+ entity_id = "light.fablab_led";
+ effect = "Rainbow";
+ color_name = "orange";
+ };
+ }
+ ];
+ }
+ ];
+}
diff --git a/krebs/2configs/shack/glados/multi/wasser.nix b/krebs/2configs/shack/glados/multi/wasser.nix
index 578bb0750..cdfe01405 100644
--- a/krebs/2configs/shack/glados/multi/wasser.nix
+++ b/krebs/2configs/shack/glados/multi/wasser.nix
@@ -1,23 +1,12 @@
let
- tasmota_plug = name: topic:
- { platform = "mqtt";
- inherit name;
- state_topic = "sonoff/stat/${topic}/POWER1";
- command_topic = "sonoff/cmnd/${topic}/POWER1";
- availability_topic = "sonoff/tele/${topic}/LWT";
- payload_on= "ON";
- payload_off= "OFF";
- payload_available= "Online";
- payload_not_available= "Offline";
- retain = false;
- qos = 1;
- };
+ glados = import ../lib;
seconds = 20;
in
{
switch = [
- (tasmota_plug "Wasser" "plug")
+ (glados.tasmota.plug { host = "Wasser"; topic = "plug";} )
];
+
automation =
[
{ alias = "Water the plant for ${toString seconds} seconds";
diff --git a/krebs/2configs/shack/glados/sensors/hass.nix b/krebs/2configs/shack/glados/sensors/hass.nix
index 634758701..8de0ef391 100644
--- a/krebs/2configs/shack/glados/sensors/hass.nix
+++ b/krebs/2configs/shack/glados/sensors/hass.nix
@@ -1,22 +1,5 @@
let
- esphome_temp = name:
- { platform = "mqtt";
- name = "${name} Temperature";
- device_class = "temperature";
- state_topic = "glados/${name}/sensor/temperature/state";
- availability_topic = "glados/${name}/status";
- payload_available = "online";
- payload_not_available = "offline";
- };
- esphome_hum = name:
- { platform = "mqtt";
- device_class = "humidity";
- name = "${name} Humidity";
- state_topic = "glados/${name}/sensor/humidity/state";
- availability_topic = "glados/${name}/status";
- payload_available = "online";
- payload_not_available = "offline";
- };
+ glados = import ../lib;
in
- (map esphome_temp [ "lounge" "werkstatt" "herrenklo" "dusche" "fablab" "whc" ])
- ++ (map esphome_hum [ "lounge" "werkstatt" "herrenklo" "dusche" "fablab" "whc" ])
+ (map (host: glados.esphome.temp {inherit host;}) [ "lounge" "werkstatt" "herrenklo" "dusche" "fablab" "whc" ])
+ ++ (map (host: glados.esphome.hum {inherit host;}) [ "lounge" "werkstatt" "herrenklo" "dusche" "fablab" "whc" ])
diff --git a/krebs/2configs/shack/muellshack.nix b/krebs/2configs/shack/muellshack.nix
index c1c957da3..c67d8f523 100644
--- a/krebs/2configs/shack/muellshack.nix
+++ b/krebs/2configs/shack/muellshack.nix
@@ -4,8 +4,8 @@ let
pkg = pkgs.callPackage (
pkgs.fetchgit {
url = "https://git.shackspace.de/rz/muellshack";
- rev = "4601f59787de090c83be6dbae6ca72d7fc84ab9f";
- sha256 = "1cshbd6ipvynbm3gmnsm58ccc1m5xc87cpd3b6jx0s6pr2j19g9j";
+ rev = "c3d1f70325e5b90f280c5be60110e14f4de653ae";
+ sha256 = "1dd4kqwdr4v413rmkvmyjzzvw8id9747nifp96pg0c2cy6bhzj24";
}) { mkYarnPackage = pkgs.yarn2nix-moretea.mkYarnPackage; };
home = "/var/lib/muellshack";
port = "8081";
diff --git a/krebs/2configs/shack/shackDNS.nix b/krebs/2configs/shack/shackDNS.nix
new file mode 100644
index 000000000..807bb7e65
--- /dev/null
+++ b/krebs/2configs/shack/shackDNS.nix
@@ -0,0 +1,63 @@
+{ config, lib, pkgs, ... }:
+
+let
+ pkg =
+ pkgs.fetchgit {
+ url = "https://git.shackspace.de/rz/shackdns";
+ rev = "e55cc906c734b398683f9607b93f1ad6435d8575";
+ sha256 = "1hkwhf3hqb4fz06b1ckh7sl0zcyi4da5fgdlksian8lxyd19n8sq";
+ };
+ home = "/var/lib/shackDNS";
+ port = "8083";
+ config_file = pkgs.writeText "config" ''
+ # Points to a bind configuration file
+ dns-db = ${home}/db.shack
+
+ # Points to a shackles configuration file
+ # See `shackles.json` in repo
+ shackles-db = ${home}/shackles.json
+
+ # Points to a REST service with the DHCP leases
+ leases-api = http://dhcp.shack/dhcpd.leases
+
+ # Wrap this binding with https proxy or similar
+ binding = http://localhost:${port}/
+ '';
+in {
+ # receive response from light.shack / standby.shack
+ networking.firewall.allowedTCPPorts = [ ];
+
+ users.users.shackDNS = {
+ inherit home;
+ createHome = true;
+ };
+ services.nginx.virtualHosts."leases.shack" = {
+ locations."/" = {
+ proxyPass = "http://localhost:${port}/";
+ };
+ };
+ services.nginx.virtualHosts."shackdns.shack" = {
+ locations."/" = {
+ proxyPass = "http://localhost:${port}/";
+ };
+ };
+ services.nginx.virtualHosts."shackles.shack" = {
+ locations."/" = {
+ proxyPass = "http://localhost:${port}/";
+ };
+ };
+
+ systemd.services.shackDNS = {
+ description = "shackDNS provides an overview over DHCP and DNS as well as a replacement for shackles";
+ wantedBy = [ "multi-user.target" ];
+ environment.PORT = port;
+ serviceConfig = {
+ User = "shackDNS";
+ WorkingDirectory = home;
+ ExecStart = "${pkgs.mono6}/bin/mono ${pkg}/shackDNS.exe ${config_file}";
+ PrivateTmp = true;
+ Restart = "always";
+ RestartSec = "15";
+ };
+ };
+}
diff --git a/krebs/2configs/shack/ssh-keys.nix b/krebs/2configs/shack/ssh-keys.nix
index 9c7f507f1..95c869bc9 100644
--- a/krebs/2configs/shack/ssh-keys.nix
+++ b/krebs/2configs/shack/ssh-keys.nix
@@ -4,6 +4,7 @@
config.krebs.users."0x4A6F".pubkey
config.krebs.users.ulrich.pubkey
config.krebs.users.raute.pubkey
+ config.krebs.users.xq.pubkey
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDb9NPa2Hf51afcG1H13UPbE5E02J8aC9a1sGCRls592wAVlQbmojYR1jWDPA2m32Bsyv0ztqi81zDyndWWZPQVJVBk00VjYBcgk6D5ifqoAuWLzfuHJPWZGOvBf/U74/LNFNUkj1ywjneK7HYTRPXrRBBfBSQNmQzkvue7s599L2vdueZKyjNsMpx2m6nm2SchaMuDskSQut/168JgU1l4M8BeT68Bo4WdelhBYnhSI1a59FGkgdu2SCjyighLQRy2sOH3ksnkHWENPkA+wwQOlKl7R3DsEybrNd4NU9FSwFDyDmdhfv5gJp8UGSFdjAwx43+8zM5t5ruZ25J0LnVb0PuTuRA00UsW83MkLxFpDQLrQV08tlsY6iGrqxP67C3VJ6t4v6oTp7/vaRLhEFc1PhOLh+sZ18o8MLO+e2rGmHGHQnSKfBOLUvDMGa4jb01XBGjdnIXLOkVo79YR5jZn7jJb2gTZ95OD6bWSDADoURSuwuLa7kh4ti1ItAKuhkIvbuky3rRVvQEc92kJ6aNUswIUXJa0K2ibbIY6ycKAA3Ljksl3Mm9KzOn6yc/i/lSF+SOrTGhabPJigKkIoqKIwnV5IU3gkfsxPQJOBMPqHDGAOeYQe3WpWedEPYuhQEczw4exMb9TkNE96F71PzuQPJDl5sPAWyPLeMKpy5XbfRiF2by4nxN3ZIQvjtoyVkjNV+qM0q0yKBzLxuRAEQOZ2yCEaBudZQkQiwHD97H2vu4SRQ/2aOie1XiOnmdbQRDZSO3BsoDK569K1w+gDfSnqY7zVUMj6tw+uKx6Gstck5lbvYMtdWKsfPv/pDM8eyIVFLL93dKTX+ertcQj6xDwLfOiNubE5ayFXhYkjwImV6NgfBuq+3hLK0URP2rPlOZbbZTQ0WlKD6CCRZPMSZCU9oD2zYfqpvRArBUcdkAwGePezORkfJQLE6mYEJp6pdFkJ/IeFLbO6M0lZVlfnpzAC9kjjkMCRofZUETcFSppyTImCbgo3+ok59/PkNU5oavBXyW80ue2tWHr08HX/QALNte3UITmIIlU6SFMCPMWJqadK1eDPWfJ4H4iDXRNn3D5wqN++iMloKvpaj0wieqXLY4+YfvNTNr177OU48GEWW8DnoEkbpwsCbjPxznGDQhdDqdYyMY/fDgRQReKITvKYGHRzesGysw5cKsp9LEfXD0R6WE2TeiiENla5AWzTgXJB0AyZEcOiIfqOgT9Nr9S8q5gc/BdA7P+jhGGJgEHhV3dVlfIZ7pmZc27Yu7UTQ0lbAKWqcMSTOdne+QL6ILzbvLrQwdvax4tQdm5opfU16SrOox1AMwAbkdq84z6uJqYVx3cUXfMJgTyDNrVv3or root@plattenschwein" # for backup
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1Lx5MKtVjB/Ef6LpEiIAgVwY5xKQFdHuLQR+odQO4cAgxj1QaIXGN0moixY52DebVQhAtiCNiFZ83uJyOj8kmu30yuXwtSOQeqziA859qMJKZ4ZcYdKvbXwnf2Chm5Ck/0FvtpjTWHIZAogwP1wQto/lcqHOjrTAnZeJfQuHTswYUSnmUU5zdsEZ9HidDPUc2Gv0wkBNd+KMQyOZl0HkaxHWvn0h4KK4hYZisOpeTfXJxD87bo+Eg4LL2vvnHW6dF6Ygrbd/0XRMsRRI8OAReVBUoJn7IE1wwAl/FpblNmhaF9hlL7g7hR1ADvaWMMw0e8SSzW6Y+oIa8qFQL6wR1 gitlab-builder" # for being deployed by gitlab ci
];
diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix
index 6e3ac9f5c..059e22866 100644
--- a/krebs/3modules/external/default.nix
+++ b/krebs/3modules/external/default.nix
@@ -464,6 +464,10 @@ in {
mail = "0x4a6f@shackspace.de";
pubkey = ssh-for "0x4A6F";
};
+ xq = {
+ mail = "xq@shackspace.de";
+ pubkey = ssh-for "xq";
+ };
miaoski = {
};
filly = {
diff --git a/krebs/3modules/external/ssh/xq.pub b/krebs/3modules/external/ssh/xq.pub
new file mode 100644
index 000000000..2c23970e3
--- /dev/null
+++ b/krebs/3modules/external/ssh/xq.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDZR8LsswO/5f9/jc+tKNHHWtty5HTs13Vytbyz8DzJZrGJgOKeVA6OFPgWtaAKvxL/DUTVVVvqpOng2vACTC+CoPaCxE8yJchitkVQNg3zwsf8a8RdWsJAvZklfPz9qmmz+tM37yLpowiMNmCR5vrteRDso6GK4pUjikS5YvjT+vsvRWcVQpmjnAVYsBPgS9NIBjMDR3etoJgpSaF/oU4rDE2JElm/qOQ04W45JiJKVB2BkFomQ1EFl8oORYiMQzvaYA2BCsciBb6X+Jf0RZkVChErfawPzABhAcYpyNRhamaqiSWirw5o4l+ZaDkgezUf3ue6QuHjzuS02+3qIwXP felix@denkplatte
diff --git a/krebs/3modules/krebs/default.nix b/krebs/3modules/krebs/default.nix
index 72c16711c..de09b4251 100644
--- a/krebs/3modules/krebs/default.nix
+++ b/krebs/3modules/krebs/default.nix
@@ -34,6 +34,35 @@ with import <stockholm/lib>;
});
in {
hosts = mapAttrs hostDefaults ({
+ filebitch = {
+ ci = true;
+ cores = 4;
+ nets = {
+ shack = {
+ ip4.addr = "10.42.0.50" ;
+ aliases = [
+ "filebitch.shack"
+ ];
+ };
+ retiolum = {
+ ip4.addr = "10.243.189.130";
+ aliases = [ "filebitch.r" ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIBCgKCAQEA8ZSLsOlPy9Vd8XdEcIoP8H3rztsbB0McTYPGhUaZ6/aqcD/MBSQa
+ FT9NZS0+N0Pev7y90As6Rj5Wrom92xlThcFPaX0Dzmzz+7363M4qtlrtmmWkx2FX
+ VDrPOYbe4hGGOCsPNOTNJkcW4zs2Ym5YKbZeXHfnuqCW+yuhKBCgO9slc740jkHZ
+ 5xuv5zbU3ZMRk1H8xi4+cQcHqh+1PY75lJxVSNvrbe5pvGxm9yVdp235b49ohDRU
+ UfUjXmymPlnfJgTOMxmHwl+UmwYR4Yw2CZKXTjbJe5HjbykleTwUb1qyijM8suJf
+ eXRyma8VGILcY6K/HmE4nz7ESAlI1c+QlwIDAQAB
+ -----END RSA PUBLIC KEY-----
+ Ed25519PublicKey = NPjEmo1dkxNS2Xm7qUyWhLKdFYF4MnhIM79NPQELWHC
+ '';
+ };
+ };
+ ssh.privkey.path = <secrets/ssh.id_ed25519>;
+ ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKRpjW68lSlTL8jBQcXKOTdGa+olQw5ghaU5df2yAE64";
+ };
hotdog = {
ci = true;
nets = {
diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index f9e8d485c..dcfee59b3 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -283,14 +283,6 @@ in {
};
};
- filebitch = rec {
- cores = 4;
- nets = {
- retiolum = {
- ip4.addr = "10.243.189.130";
- };
- };
- };
shackdev = rec { # router@shack
cores = 1;
diff --git a/krebs/3modules/makefu/retiolum/filebitch.pub b/krebs/3modules/makefu/retiolum/filebitch.pub
deleted file mode 100644
index fe31accda..000000000
--- a/krebs/3modules/makefu/retiolum/filebitch.pub
+++ /dev/null
@@ -1,8 +0,0 @@
------BEGIN RSA PUBLIC KEY-----
-MIIBCgKCAQEA2VjW30A3uQoo5QwbFTnl5fuGg81DZVu8HXmDwgEkhZYr5Xf3V5/d
-fmPlX1igzatWYX0OylFAY69r0V4dqeTubIf83sz1eqtpXjK4czG8A3wMHEXj5Pzs
-e1Qh8K4rHMEATc7Y/cwpQBi2THn2bhufqgaz94m8HrStCZcKCin3fDMbE01WHWX1
-KFqeBtUd7b9pWbXKlLBNpHTZoGxVQk0Hto9pxYzHecRsbQXykYk3Rw2tSuf0aH99
-oY0i3LjOb+f2oq2S4qVHqHZsMJfDVr+x2/LP1SIcc1lVTztWSSAzZEokE0/ejvXf
-wkquBVHXdl6LuzH+/V1I7OsaMhHShYu1LwIDAQAB
------END RSA PUBLIC KEY-----
diff --git a/makefu/2configs/homeautomation/default.nix b/makefu/2configs/homeautomation/default.nix
index c4fef1bfc..4e9ac0ee3 100644
--- a/makefu/2configs/homeautomation/default.nix
+++ b/makefu/2configs/homeautomation/default.nix
@@ -108,7 +108,6 @@ in {
];
services.home-assistant = {
- package = pkgs.home-assistant.override { python3 = pkgs.python36; };
config = {
homeassistant = {
name = "Home"; time_zone = "Europe/Berlin";
diff --git a/makefu/2configs/hw/bluetooth.nix b/makefu/2configs/hw/bluetooth.nix
index e556b43c0..972753080 100644
--- a/makefu/2configs/hw/bluetooth.nix
+++ b/makefu/2configs/hw/bluetooth.nix
@@ -5,6 +5,7 @@
hardware.pulseaudio = {
enable = true;
package = pkgs.pulseaudioFull;
+ extraModules = [ pkgs.pulseaudio-modules-bt ];
# systemWide = true;
support32Bit = true;
configFile = pkgs.writeText "default.pa" ''
@@ -23,7 +24,7 @@
load-module module-switch-on-port-available
'';
};
-
+ services.blueman.enable = true;
# presumably a2dp Sink
# Enable profile:
## pacmd set-card-profile "$(pactl list cards short | egrep -o bluez_card[[:alnum:]._]+)" a2dp_sink
@@ -32,10 +33,17 @@
hardware.bluetooth = {
enable = true;
powerOnBoot = false;
+
extraConfig = ''
[general]
Enable=Source,Sink,Media,Socket
'';
};
services.dbus.packages = [ pkgs.blueman ];
+ nixpkgs.overlays = [
+ (self: super: {
+ blueman = super.blueman.overrideAttrs (oldAttrs: {
+ buildInputs = oldAttrs.buildInputs ++ [ self.gnome3.adwaita-icon-theme ];
+ });
+ })];
}
diff --git a/makefu/2configs/hw/network-manager.nix b/makefu/2configs/hw/network-manager.nix
index d7b262b91..1004ea06e 100644
--- a/makefu/2configs/hw/network-manager.nix
+++ b/makefu/2configs/hw/network-manager.nix
@@ -20,13 +20,17 @@
RestartSec = "5";
};
};
- networking.networkmanager.enable = true;
# nixOSUnstable
+ networking.networkmanager.enable = true;
networking.networkmanager.wifi = {
powersave = true;
scanRandMacAddress = true;
+ backend = "iwd";
};
+ services.gnome3.gnome-keyring.enable = true;
+ networking.wireless.iwd.enable = true;
+
state = [
"/etc/NetworkManager/system-connections" #NM stateful config files
];
diff --git a/makefu/5pkgs/studio-link/default.nix b/makefu/5pkgs/studio-link/default.nix
index 6fa40139b..8c796b43b 100644
--- a/makefu/5pkgs/studio-link/default.nix
+++ b/makefu/5pkgs/studio-link/default.nix
@@ -1,44 +1,13 @@