summaryrefslogtreecommitdiffstats
path: root/lass/1systems/mors/config.nix
diff options
context:
space:
mode:
authornin <nin@c-base.org>2018-05-02 15:13:40 +0200
committernin <nin@c-base.org>2018-05-02 15:13:40 +0200
commit689fb1a77ad53722086da922de2de533460205b3 (patch)
tree408667e6aa15e1e0fa031e99c003c3968ba1578d /lass/1systems/mors/config.nix
parent702136442c5f8c4f7f1bb911bd21d238a164218a (diff)
parent37fa7bff9339799984554b8ccbacf1f07281d6ce (diff)
Merge branch 'master' of prism:stockholm
Diffstat (limited to 'lass/1systems/mors/config.nix')
-rw-r--r--lass/1systems/mors/config.nix75
1 files changed, 48 insertions, 27 deletions
diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix
index cbb71ab24..f8a16ad2e 100644
--- a/lass/1systems/mors/config.nix
+++ b/lass/1systems/mors/config.nix
@@ -33,6 +33,7 @@ with import <stockholm/lib>;
<stockholm/lass/2configs/ableton.nix>
<stockholm/lass/2configs/dunst.nix>
<stockholm/lass/2configs/rtl-sdr.nix>
+ <stockholm/lass/2configs/backup.nix>
{
#risk of rain port
krebs.iptables.tables.filter.INPUT.rules = [
@@ -140,6 +141,18 @@ with import <stockholm/lib>;
dpass
dnsutils
+ woeusb
+ l-gen-secrets
+ generate-secrets
+ (pkgs.writeDashBin "btc-coinbase" ''
+ ${pkgs.curl}/bin/curl -Ss 'https://api.coinbase.com/v2/prices/spot?currency=EUR' | ${pkgs.jq}/bin/jq '.data.amount'
+ '')
+ (pkgs.writeDashBin "btc-wex" ''
+ ${pkgs.curl}/bin/curl -Ss 'https://wex.nz/api/3/ticker/btc_eur' | ${pkgs.jq}/bin/jq '.btc_eur.avg'
+ '')
+ (pkgs.writeDashBin "btc-kraken" ''
+ ${pkgs.curl}/bin/curl -Ss 'https://api.kraken.com/0/public/Ticker?pair=BTCEUR' | ${pkgs.jq}/bin/jq '.result.XXBTZEUR.a[0]'
+ '')
];
#TODO: fix this shit
@@ -167,34 +180,8 @@ with import <stockholm/lib>;
environment.shellAliases = {
deploy = pkgs.writeDash "deploy" ''
set -eu
- export PATH=${makeBinPath [
- pkgs.bash
- pkgs.coreutils
- pkgs.nix
- (pkgs.writeDashBin "is-git-crypt-locked" ''
- magic=$(dd status=none if="$1" skip=1 bs=1 count=8)
- test "$magic" = GITCRYPT
- '')
- ]}
- cd ~/stockholm
export SYSTEM="$1"
- if is-git-crypt-locked ~/secrets/ready; then
- echo 'secrets are crypted' >&2
- exit 23
- else
- exec nix-shell -I stockholm="$PWD" --run 'deploy --system="$SYSTEM"'
- fi
- '';
- predeploy = pkgs.writeDash "predeploy" ''
- set -eu
- export PATH=${makeBinPath [
- pkgs.bash
- pkgs.coreutils
- pkgs.nix
- ]}
- cd ~/stockholm
- export SYSTEM="$1"
- exec nix-shell -I stockholm="$PWD" --run 'test --system="$SYSTEM" --target="$SYSTEM/var/test/" --force-populate'
+ $(nix-build $HOME/stockholm/lass/kops.nix --no-out-link --argstr name "$SYSTEM" -A deploy)
'';
};
@@ -202,4 +189,38 @@ with import <stockholm/lib>;
programs.adb.enable = true;
users.users.mainUser.extraGroups = [ "adbusers" "docker" ];
virtualisation.docker.enable = true;
+ services.redshift = {
+ enable = true;
+ provider = "geoclue2";
+ };
+
+ lass.restic = genAttrs [
+ "daedalus"
+ "icarus"
+ "littleT"
+ "prism"
+ "shodan"
+ "skynet"
+ ] (dest: {
+ dirs = [
+ "/home/lass/src"
+ "/home/lass/work"
+ "/home/lass/.gnupg"
+ "/home/lass/Maildir"
+ "/home/lass/stockholm"
+ "/home/lass/.password-store"
+ "/home/bitcoin"
+ "/home/bch"
+ ];
+ passwordFile = (toString <secrets>) + "/restic/${dest}";
+ repo = "sftp:backup@${dest}.r:/backups/mors";
+ #sshPrivateKey = config.krebs.build.host.ssh.privkey.path;
+ extraArguments = [
+ "sftp.command='ssh backup@${dest}.r -i ${config.krebs.build.host.ssh.privkey.path} -s sftp'"
+ ];
+ timerConfig = {
+ OnCalendar = "00:05";
+ RandomizedDelaySec = "5h";
+ };
+ });
}