summaryrefslogtreecommitdiffstats
path: root/lass/2configs
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2020-10-23 21:02:02 +0200
committermakefu <github@syntax-fehler.de>2020-10-23 21:02:02 +0200
commite8b6cc0587929a7ebd0d00f83d298640b20b055f (patch)
treee0f813b8264119a84d6b8c32fa68041c8541ab59 /lass/2configs
parentfd41a76d4cab2765f9ef95ce5322b7bffe52b8a7 (diff)
parent242530680d5dcb37a5a023d0b8f6155ab441cead (diff)
Merge remote-tracking branch 'lass/master'
Diffstat (limited to 'lass/2configs')
-rw-r--r--lass/2configs/baseX.nix5
-rw-r--r--lass/2configs/blue-host.nix90
-rw-r--r--lass/2configs/blue.nix7
-rw-r--r--lass/2configs/default.nix11
-rw-r--r--lass/2configs/exim-smarthost.nix8
-rw-r--r--lass/2configs/gc.nix1
-rw-r--r--lass/2configs/git.nix4
-rw-r--r--lass/2configs/green-host.nix109
-rw-r--r--lass/2configs/hass/default.nix1
-rw-r--r--lass/2configs/hass/rooms/bett.nix31
-rw-r--r--lass/2configs/hw/x220.nix11
-rw-r--r--lass/2configs/mail.nix19
-rw-r--r--lass/2configs/mpv.nix2
-rw-r--r--lass/2configs/paste.nix31
-rw-r--r--lass/2configs/radio.nix29
-rw-r--r--lass/2configs/steam.nix6
-rw-r--r--lass/2configs/syncthing.nix1
-rw-r--r--lass/2configs/websites/domsen.nix18
-rw-r--r--lass/2configs/websites/lassulus.nix5
-rw-r--r--lass/2configs/wine.nix3
-rw-r--r--lass/2configs/zsh.nix13
21 files changed, 275 insertions, 130 deletions
diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix
index baf93ffe5..e92ddbcca 100644
--- a/lass/2configs/baseX.nix
+++ b/lass/2configs/baseX.nix
@@ -72,10 +72,11 @@ in {
git-preview
gnome3.dconf
iodine
+ libarchive
lm_sensors
ncdu
nix-index
- nix-review
+ nixpkgs-review
nmap
pavucontrol
ponymix
@@ -92,6 +93,8 @@ in {
xsel
zathura
(pkgs.writeDashBin "screenshot" ''
+ set -efu
+
${pkgs.flameshot-once}/bin/flameshot-once
${pkgs.klem}/bin/klem
'')
diff --git a/lass/2configs/blue-host.nix b/lass/2configs/blue-host.nix
index 718a92e9c..7aabf0931 100644
--- a/lass/2configs/blue-host.nix
+++ b/lass/2configs/blue-host.nix
@@ -49,54 +49,54 @@ in {
};
- systemd.services = builtins.listToAttrs (map (host:
- let
- in nameValuePair "sync-blue-${host}" {
- bindsTo = [ "container@blue.service" ];
- wantedBy = [ "container@blue.service" ];
- # ssh needed for rsync
- path = [ pkgs.openssh ];
- serviceConfig = {
- Restart = "always";
- RestartSec = 10;
- ExecStart = pkgs.writeDash "sync-blue-${host}" ''
- set -efu
- #make sure blue is running
- /run/wrappers/bin/ping -c1 blue.r > /dev/null
+ #systemd.services = builtins.listToAttrs (map (host:
+ # let
+ # in nameValuePair "sync-blue-${host}" {
+ # bindsTo = [ "container@blue.service" ];
+ # wantedBy = [ "container@blue.service" ];
+ # # ssh needed for rsync
+ # path = [ pkgs.openssh ];
+ # serviceConfig = {
+ # Restart = "always";
+ # RestartSec = 10;
+ # ExecStart = pkgs.writeDash "sync-blue-${host}" ''
+ # set -efu
+ # #make sure blue is running
+ # /run/wrappers/bin/ping -c1 blue.r > /dev/null
- #make sure the container is unlocked
- ${pkgs.mount}/bin/mount | ${pkgs.gnugrep}/bin/grep -q '^encfs on /var/lib/containers/blue'
+ # #make sure the container is unlocked
+ # ${pkgs.mount}/bin/mount | ${pkgs.gnugrep}/bin/grep -q '^encfs on /var/lib/containers/blue'
- #make sure our target is reachable
- ${pkgs.untilport}/bin/untilport ${host}.r 22 2>/dev/null
+ # #make sure our target is reachable
+ # ${pkgs.untilport}/bin/untilport ${host}.r 22 2>/dev/null
- #start sync
- ${pkgs.lsyncd}/bin/lsyncd -log scarce ${pkgs.writeText "lsyncd-config.lua" ''
- settings {
- nodaemon = true,
- inotifyMode = "CloseWrite or Modify",
- }
- sync {
- default.rsyncssh,
- source = "/var/lib/containers/.blue",
- host = "${host}.r",
- targetdir = "/var/lib/containers/.blue",
- rsync = {
- archive = true,
- owner = true,
- group = true,
- };
- ssh = {
- binary = "${pkgs.openssh}/bin/ssh";
- identityFile = "/var/lib/containers/blue/home/lass/.ssh/id_rsa",
- },
- }
- ''}
- '';
- };
- unitConfig.ConditionPathExists = "!/var/run/ppp0.pid";
- }
- ) remote_hosts);
+ # #start sync
+ # ${pkgs.lsyncd}/bin/lsyncd -log scarce ${pkgs.writeText "lsyncd-config.lua" ''
+ # settings {
+ # nodaemon = true,
+ # inotifyMode = "CloseWrite or Modify",
+ # }
+ # sync {
+ # default.rsyncssh,
+ # source = "/var/lib/containers/.blue",
+ # host = "${host}.r",
+ # targetdir = "/var/lib/containers/.blue",
+ # rsync = {
+ # archive = true,
+ # owner = true,
+ # group = true,
+ # };
+ # ssh = {
+ # binary = "${pkgs.openssh}/bin/ssh";
+ # identityFile = "/var/lib/containers/blue/home/lass/.ssh/id_rsa",
+ # },
+ # }
+ # ''}
+ # '';
+ # };
+ # unitConfig.ConditionPathExists = "!/var/run/ppp0.pid";
+ # }
+ #) remote_hosts);
environment.systemPackages = [
(pkgs.writeDashBin "start-blue" ''
diff --git a/lass/2configs/blue.nix b/lass/2configs/blue.nix
index a4000cada..15408a200 100644
--- a/lass/2configs/blue.nix
+++ b/lass/2configs/blue.nix
@@ -26,6 +26,8 @@ with (import <stockholm/lib>);
{ predicate = "-i wiregrill -p udp --dport 60000:61000"; target = "ACCEPT";}
{ predicate = "-i retiolum -p tcp --dport 9998:9999"; target = "ACCEPT";}
{ predicate = "-i wiregrill -p tcp --dport 9998:9999"; target = "ACCEPT";}
+ { predicate = "-i retiolum -p tcp --dport imap"; target = "ACCEPT";}
+ { predicate = "-i wiregrill -p tcp --dport imap"; target = "ACCEPT";}
];
systemd.services.chat = let
@@ -64,4 +66,9 @@ with (import <stockholm/lib>);
ExecStop = "${tmux} kill-session -t IM";
};
};
+
+ services.dovecot2 = {
+ enable = true;
+ mailLocation = "maildir:~/Maildir";
+ };
}
diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix
index ae2754c96..f59988b75 100644
--- a/lass/2configs/default.nix
+++ b/lass/2configs/default.nix
@@ -44,7 +44,15 @@ with import <stockholm/lib>;
config.krebs.users.lass-yubikey.pubkey
];
};
+ nix = {
+ isNormalUser = true;
+ uid = genid_uint31 "nix";
+ openssh.authorizedKeys.keys = [
+ config.krebs.hosts.mors.ssh.pubkey
+ ];
+ };
};
+ nix.trustedUsers = ["nix"];
}
{
environment.variables = {
@@ -212,4 +220,7 @@ with import <stockholm/lib>;
networking.dhcpcd.extraConfig = ''
noipv4ll
'';
+
+ # use 24:00 time format, the default got sneakily changed around 20.03
+ i18n.defaultLocale = mkDefault "C.UTF-8";
}
diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix
index 82839beba..797864b15 100644
--- a/lass/2configs/exim-smarthost.nix
+++ b/lass/2configs/exim-smarthost.nix
@@ -2,8 +2,6 @@
to = concatStringsSep "," [
"lass@blue.r"
- "lass@xerxes.r"
- "lass@mors.r"
];
mails = [
@@ -110,6 +108,12 @@
"auschein@lassul.us"
"tleech@lassul.us"
"durstexpress@lassul.us"
+ "acme@lassul.us"
+ "antstore@lassul.us"
+ "openweather@lassul.us"
+ "lobsters@lassul.us"
+ "rewe@lassul.us"
+ "spotify@lassul.us"
];
in {
diff --git a/lass/2configs/gc.nix b/lass/2configs/gc.nix
index 0ddb63a03..f9c61c461 100644
--- a/lass/2configs/gc.nix
+++ b/lass/2configs/gc.nix
@@ -4,5 +4,6 @@ with import <stockholm/lib>;
{
nix.gc = {
automatic = ! (elem config.krebs.build.host.name [ "mors" "xerxes" ] || config.boot.isContainer);
+ options = "--delete-older-than 15d";
};
}
diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix
index eba68c0bc..edec2dcb4 100644
--- a/lass/2configs/git.nix
+++ b/lass/2configs/git.nix
@@ -58,6 +58,10 @@ let
cgit.desc = "url shortener";
cgit.section = "software";
};
+ grib2json-bin = {
+ cgit.desc = "build jar of grib2json";
+ cgit.section = "deployment";
+ };
krebspage = {
cgit.desc = "homepage of krebs";
cgit.section = "configuration";
diff --git a/lass/2configs/green-host.nix b/lass/2configs/green-host.nix
index 0cccbc30e..6cccab4b3 100644
--- a/lass/2configs/green-host.nix
+++ b/lass/2configs/green-host.nix
@@ -1,38 +1,44 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
-{
+let
+
+ cname = "green";
+ cryfs = pkgs.cryfs.overrideAttrs (old: {
+ patches = [
+ (pkgs.writeText "file_mode.patch" ''
+ --- a/src/cryfs/filesystem/CryNode.cpp
+ +++ b/src/cryfs/filesystem/CryNode.cpp
+ @@ -171,7 +171,7 @@ CryNode::stat_info CryNode::stat() const {
+ result.uid = fspp::uid_t(getuid());
+ result.gid = fspp::gid_t(getgid());
+ #endif
+ - result.mode = fspp::mode_t().addDirFlag().addUserReadFlag().addUserWriteFlag().addUserExecFlag();
+ + result.mode = fspp::mode_t().addDirFlag().addUserReadFlag().addUserWriteFlag().addUserExecFlag().addGroupReadFlag().addGroupExecFlag().addOtherReadFlag().addOtherExecFlag();;
+ result.size = fsblobstore::DirBlob::DIR_LSTAT_SIZE;
+ //TODO If possible without performance loss, then for a directory, st_nlink should return number of dir entries (including "." and "..")
+ result.nlink = 1;
+ '')
+ ] ++ old.patches;
+ });
+
+in {
imports = [
<stockholm/lass/2configs/container-networking.nix>
<stockholm/lass/2configs/syncthing.nix>
- { #hack for already defined
- systemd.services."container@green".reloadIfChanged = mkForce false;
- systemd.services."container@green".preStart = ''
- ${pkgs.mount}/bin/mount | ${pkgs.gnugrep}/bin/grep -q ' on /var/lib/containers/green '
- '';
- systemd.services."container@green".postStop = ''
- set -x
- ${pkgs.umount}/bin/umount /var/lib/containers/green
- ls -la /dev/mapper/control
- ${pkgs.devicemapper}/bin/dmsetup ls
- ${pkgs.cryptsetup}/bin/cryptsetup -v luksClose /var/lib/sync-containers/green.img
- '';
- }
];
- services.syncthing.declarative.folders."/var/lib/sync-containers".devices = [ "icarus" "skynet" "littleT" "shodan" ];
- krebs.permown."/var/lib/sync-containers" = {
- owner = "root";
- group = "syncthing";
- umask = "0007";
- };
+ programs.fuse.userAllowOther = true;
- system.activationScripts.containerPermissions = ''
- mkdir -p /var/lib/containers
- chmod 711 /var/lib/containers
- '';
+ services.syncthing.declarative.folders."/var/lib/sync-containers/${cname}".devices = [ "icarus" "skynet" "littleT" "shodan" ];
+ # krebs.permown."/var/lib/sync-containers/${cname}" = {
+ # owner = "root";
+ # group = "syncthing";
+ # umask = "0007";
+ # };
- containers.green = {
+ systemd.services."container@green".reloadIfChanged = mkForce false;
+ containers.${cname} = {
config = { ... }: {
environment.systemPackages = [
pkgs.git
@@ -42,41 +48,52 @@ with import <stockholm/lib>;
users.users.root.openssh.authorizedKeys.keys = [
config.krebs.users.lass.pubkey
];
+ system.activationScripts.fuse = {
+ text = ''
+ ${pkgs.coreutils}/bin/mknod /dev/fuse c 10 229
+ '';
+ deps = [];
+ };
};
+ allowedDevices = [
+ { modifier = "rwm"; node = "/dev/fuse"; }
+ ];
autoStart = false;
enableTun = true;
privateNetwork = true;
- hostAddress = "10.233.2.15";
- localAddress = "10.233.2.16";
+ hostAddress = "10.233.2.15"; # TODO find way to automatically calculate IPs
+ localAddress = "10.233.2.16"; # TODO find way to automatically calculate IPs
};
environment.systemPackages = [
- (pkgs.writeDashBin "start-green" ''
- set -fu
- CONTAINER='green'
- IMAGE='/var/lib/sync-containers/green.img'
-
- ${pkgs.cryptsetup}/bin/cryptsetup status "$CONTAINER" >/dev/null
- if [ "$?" -ne 0 ]; then
- ${pkgs.cryptsetup}/bin/cryptsetup luksOpen "$IMAGE" "$CONTAINER"
- fi
-
- mkdir -p /var/lib/containers/"$CONTAINER"
+ (pkgs.writeDashBin "start-${cname}" ''
+ set -euf
- ${pkgs.mount}/bin/mount | grep -q " on /var/lib/containers/"$CONTAINER" "
- if [ "$?" -ne 0 ]; then
- ${pkgs.mount}/bin/mount -o sync /dev/mapper/"$CONTAINER" /var/lib/containers/"$CONTAINER"
+ mkdir -p /var/lib/containers/${cname}/var/state
+ chown ${config.services.syncthing.user}: /var/lib/containers/${cname}/var/state
+ if ! ${pkgs.mount}/bin/mount | grep -q '^cryfs@/var/lib/sync-containers/${cname} on /var/lib/containers/${cname}/var/state '; then
+ /run/wrappers/bin/sudo -u "${config.services.syncthing.user}" \
+ ${cryfs}/bin/cryfs /var/lib/sync-containers/${cname} /var/lib/containers/${cname}/var/state -o allow_other -o default_permissions
fi
- STATE=$(${pkgs.nixos-container}/bin/nixos-container status "$CONTAINER")
+ STATE=$(${pkgs.nixos-container}/bin/nixos-container status ${cname})
if [ "$STATE" = 'down' ]; then
- ${pkgs.nixos-container}/bin/nixos-container start "$CONTAINER"
+ ${pkgs.nixos-container}/bin/nixos-container start ${cname}
fi
- ping -c1 green.r
- if [ "$?" -ne 0 ]; then
- ${pkgs.nixos-container}/bin/nixos-container run green -- nixos-rebuild -I /var/src switch
+
+ if ! ping -c1 -q -w5 ${cname}.r && [ -d /var/lib/containers/${cname}/var/src ]; then
+ ${pkgs.nixos-container}/bin/nixos-container run ${cname} -- ${pkgs.writeDash "deploy-${cname}" ''
+ mkdir -p /var/state/var_src
+ ln -sf state/var_Src /var/src
+ nixos-rebuild -I /var/src switch
+ ''}
fi
+ '')
+ (pkgs.writeDashBin "stop-${cname}" ''
+ set -euf
+ ${pkgs.nixos-container}/bin/nixos-container stop ${cname}
+ ${cryfs}/bin/cryfs-unmount /var/lib/containers/${cname}/var/state
'')
];
}
diff --git a/lass/2configs/hass/default.nix b/lass/2configs/hass/default.nix
index a48c61a69..66d430cd1 100644
--- a/lass/2configs/hass/default.nix
+++ b/lass/2configs/hass/default.nix
@@ -23,6 +23,7 @@ with import ./lib.nix { inherit lib; };
# extraComponents = [ "hue" ];
};
configWritable = true;
+ lovelaceConfigWritable = true;
};
lass.hass.config = let
diff --git a/lass/2configs/hass/rooms/bett.nix b/lass/2configs/hass/rooms/bett.nix
index b5da9221c..16227fcb6 100644
--- a/lass/2configs/hass/rooms/bett.nix
+++ b/lass/2configs/hass/rooms/bett.nix
@@ -5,4 +5,35 @@ with import ../lib.nix { inherit lib; };
lass.hass.config = lib.mkMerge [
(lightswitch switches.dimmer.bett lights.bett)
];
+
+ lass.hass.love = {
+ resources = [{
+ url = "https://raw.githubusercontent.com/ljmerza/light-entity-card/master/dist/light-entity-card.js.map";
+ type = "js";
+ }];
+ views = [{
+ title = "bett";
+ cards = [
+ {
+ type = "markdown";
+ title = "hello world";
+ content = "This is just a test";
+ }
+ {
+ type = "light";
+ entity = "light.${lights.bett}";
+ }
+ {
+ type = "custom:light-entity-card";
+ entity = "light.${lights.bett}";
+ }
+ {
+ type = "history-graph";
+ entities = [
+ "light.${lights.bett}"
+ ];
+ }
+ ];
+ }];
+ };
}
diff --git a/lass/2configs/hw/x220.nix b/lass/2configs/hw/x220.nix
index 89b119347..31f9787e0 100644
--- a/lass/2configs/hw/x220.nix
+++ b/lass/2configs/hw/x220.nix
@@ -5,7 +5,7 @@
];
boot = {
- initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda3"; } ];
+ initrd.luks.devices.luksroot.device = "/dev/sda3";
initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
extraModulePackages = [
@@ -47,9 +47,10 @@
services.logind.lidSwitchDocked = "ignore";
services.tlp.enable = true;
- services.tlp.extraConfig = ''
- START_CHARGE_THRESH_BAT0=80
- STOP_CHARGE_THRESH_BAT0=95
- '';
+ #services.tlp.extraConfig = ''
+ # START_CHARGE_THRESH_BAT0=80
+ # STOP_CHARGE_THRESH_BAT0=95
+ #'';
+ services.xserver.dpi = 80;
}
diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix
index 174c1ab5e..98affdd83 100644
--- a/lass/2configs/mail.nix
+++ b/lass/2configs/mail.nix
@@ -107,10 +107,12 @@ let
set mailcap_path = ${mailcap}
# notmuch
- set nm_default_uri="notmuch://$HOME/Maildir" # path to the maildir
+ set folder="$HOME/Maildir"
+ set nm_default_uri = "notmuch://$HOME/Maildir"
set nm_record = yes
set nm_record_tags = "-inbox me archive"
- set virtual_spoolfile=yes # enable virtual folders
+ set spoolfile = +Inbox
+ set virtual_spoolfile = yes
set sendmail="${msmtp}/bin/msmtp" # enables parsing of outgoing mail
@@ -132,8 +134,8 @@ let
# V
''} %r |"
- virtual-mailboxes "INBOX" "notmuch://?query=tag:inbox"
virtual-mailboxes "Unread" "notmuch://?query=tag:unread"
+ virtual-mailboxes "INBOX" "notmuch://?query=tag:inbox"
${concatMapStringsSep "\n" (i: ''${" "}virtual-mailboxes "${i.name}" "notmuch://?query=tag:${i.name}"'') (mapAttrsToList nameValuePair mailboxes)}
virtual-mailboxes "TODO" "notmuch://?query=tag:TODO"
virtual-mailboxes "Starred" "notmuch://?query=tag:*"
@@ -200,9 +202,15 @@ let
macro pager ] ,@1 'Toggle indexbar
# sidebar
+ set sidebar_divider_char = '│'
+ set sidebar_delim_chars = "/"
+ set sidebar_short_path
+ set sidebar_folder_indent
+ set sidebar_visible = yes
+ set sidebar_format = '%B%?F? [%F]?%* %?N?%N/? %?S?%S?'
set sidebar_width = 20
- set sidebar_visible = yes # set to "no" to disable sidebar view at startup
- color sidebar_new yellow default
+ color sidebar_new yellow red
+
# sidebar bindings
bind index <left> sidebar-prev # got to previous folder in sidebar
bind index <right> sidebar-next # got to next folder in sidebar
@@ -229,7 +237,6 @@ in {
mutt
pkgs.notmuch
pkgs.muchsync
- pkgs.haskellPackages.much
tag-new-mails
tag-old-mails
];
diff --git a/lass/2configs/mpv.nix b/lass/2configs/mpv.nix
index 5d7bfed60..210551a62 100644
--- a/lass/2configs/mpv.nix
+++ b/lass/2configs/mpv.nix
@@ -80,7 +80,7 @@ let
name = "mpv";
paths = [
(pkgs.writeDashBin "mpv" ''
- exec ${pkgs.mpv}/bin/mpv --no-config --script=${autosub} "$@"
+ exec ${pkgs.mpv}/bin/mpv -vo=gpu --no-config --script=${autosub} "$@"
'')
pkgs.mpv
];
diff --git a/lass/2configs/paste.nix b/lass/2configs/paste.nix
index 23cab8e6e..0cf62ec0b 100644
--- a/lass/2configs/paste.nix
+++ b/lass/2configs/paste.nix
@@ -7,7 +7,17 @@ with import <stockholm/lib>;
locations."/".extraConfig = ''
client_max_body_size 4G;
proxy_set_header Host $host;
- proxy_pass http://localhost:9081;
+ proxy_pass http://127.0.0.1:${toString config.krebs.htgen.paste.port};
+ '';
+ locations."/image".extraConfig = /* nginx */ ''
+ client_max_body_size 40M;
+
+ proxy_set_header Host $host;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto $scheme;
+
+ proxy_pass http://127.0.0.1:${toString config.krebs.htgen.imgur.port};
+ proxy_pass_header Server;
'';
};
services.nginx.virtualHosts."p.krebsco.de" = {
@@ -19,21 +29,36 @@ with import <stockholm/lib>;
return 403;
}
proxy_set_header Host $host;
- proxy_pass http://localhost:9081;
+ proxy_pass http://127.0.0.1:${toString config.krebs.htgen.paste.port};
+ '';
+ locations."/image".extraConfig = ''
+ proxy_set_header Host $host;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto $scheme;
+
+ proxy_pass http://127.0.0.1:${toString config.krebs.htgen.imgur.port};
+ proxy_pass_header Server;
'';
};
+
krebs.htgen.paste = {
port = 9081;
script = toString [
"PATH=${makeBinPath [
pkgs.nix
+ pkgs.file
]}:$PATH"
"STATEDIR=$HOME"
". ${pkgs.htgen}/examples/paste"
];
};
+ krebs.htgen.imgur = {
+ port = 7771;
+ script = /* sh */ ''
+ (. ${pkgs.htgen-imgur}/bin/htgen-imgur)
+ '';
+ };
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT";}
- { predicate = "-i retiolum -p tcp --dport 9081"; target = "ACCEPT";}
];
}
diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix
index 6245691fe..3e8d12381 100644
--- a/lass/2configs/radio.nix
+++ b/lass/2configs/radio.nix
@@ -12,7 +12,16 @@ let
music_dir = "/home/radio/music";
add_random = pkgs.writeDashBin "add_random" ''
- ${pkgs.mpc_cli}/bin/mpc add "$(${pkgs.findutils}/bin/find "${music_dir}/the_playlist" | grep -v '/other/' | grep '\.ogg$' | shuf -n1 | sed 's,${music_dir}/,,')"
+ ${pkgs.mpc_cli}/bin/mpc add "$(${pkgs.findutils}/bin/find "${music_dir}/the_playlist" \
+ | grep -Ev '/other/|/.graveyard/' \
+ | grep '\.ogg$' \
+ | shuf -n1 \
+ | sed 's,${music_dir}/,,' \
+ )"
+ '';
+
+ get_current_track_position = pkgs.writeDash "get_current_track_position" ''
+ ${pkgs.mpc_cli}/bin/mpc status | ${pkgs.gawk}/bin/awk '/^\[playing\]/ { sub(/\/.+/,"",$3); split($3,a,/:/); print a[1]*60+a[2] }'
'';
skip_track = pkgs.writeBashBin "skip_track" ''
@@ -28,8 +37,8 @@ let
${pkgs.attr}/bin/setfattr -n user.skip_count -v "$skip_count" "$music_dir"/"$current_track"
echo skipping: "$track_infos" skip_count: "$skip_count"
else
- mkdir -p "$music_dir"/.graveyard/
- mv "$music_dir"/"$current_track" "$music_dir"/.graveyard/
+ mkdir -p "$music_dir"/the_playlist/.graveyard/
+ mv "$music_dir"/"$current_track" "$music_dir"/the_playlist/.graveyard/
echo killing: "$track_infos"
fi
${pkgs.mpc_cli}/bin/mpc -q next
@@ -62,10 +71,18 @@ let
print_current_json = pkgs.writeDashBin "print_current_json" ''
${pkgs.jq}/bin/jq -n -c \
--arg name "$(${pkgs.mpc_cli}/bin/mpc current)" \
+ --arg artist "$(${pkgs.mpc_cli}/bin/mpc current -f %artist%)" \
+ --arg title "$(${pkgs.mpc_cli}/bin/mpc current -f %title%)" \
--arg filename "$(${pkgs.mpc_cli}/bin/mpc current -f %file%)" \
+ --arg position "$(${get_current_track_position})" \
+ --arg length "$(${pkgs.mpc_cli}/bin/mpc current -f %time%)" \
--arg youtube "$(${track_youtube_link})" '{
name: $name,
+ artist: $artist,
+ title: $title,
filename: $filename,
+ position: $position,
+ length: $length,
youtube: $youtube
}'
'';
@@ -193,7 +210,7 @@ in {
timeLeft () {
playlistDuration=$(${pkgs.mpc_cli}/bin/mpc --format '%time%' playlist | ${pkgs.gawk}/bin/awk -F ':' 'BEGIN{t=0} {t+=$1*60+$2} END{print t}')
- currentTime=$(${pkgs.mpc_cli}/bin/mpc status | ${pkgs.gawk}/bin/awk '/^\[playing\]/ { sub(/\/.+/,"",$3); split($3,a,/:/); print a[1]*60+a[2] }')
+ currentTime=$(${get_current_track_position})
expr ''${playlistDuration:-0} - ''${currentTime:-0}
}
@@ -221,9 +238,11 @@ in {
${pkgs.mpc_cli}/bin/mpc idle player > /dev/null
${pkgs.mpc_cli}/bin/mpc current -f %file%
done | while read track; do
+ listeners=$(${pkgs.curl}/bin/curl 'http://localhost:8000/status-json.xsl' \
+ | ${pkgs.jq}/bin/jq '[.icestats.source[].listeners] | add')
echo "$(date -Is)" "$track" | tee -a "$HISTORY_FILE"
echo "$(tail -$LIMIT "$HISTORY_FILE")" > "$HISTORY_FILE"
- ${write_to_irc} "playing: $track"
+ ${write_to_irc} "playing: $track listeners: $listeners"
done
'';
in {
diff --git a/lass/2configs/steam.nix b/lass/2configs/steam.nix
index eae31aec4..2b9811959 100644
--- a/lass/2configs/steam.nix
+++ b/lass/2configs/steam.nix
@@ -13,7 +13,11 @@
nixpkgs.config.steam.java = true;
hardware.opengl.extraPackages32 = with pkgs.pkgsi686Linux; [ libva ];
- users.users.games.packages = [ pkgs.steam ];
+ users.users.games.packages = [ (pkgs.steam.override {
+ extraPkgs = p: with p; [
+ gnutls # needed for Halo MCC
+ ];
+ }) ];
#ports for inhome streaming
krebs.iptables = {
diff --git a/lass/2configs/syncthing.nix b/lass/2configs/syncthing.nix
index 5397c2ca6..7758b860d 100644
--- a/lass/2configs/syncthing.nix
+++ b/lass/2configs/syncthing.nix
@@ -31,5 +31,6 @@ in {
owner = "lass";
group = "syncthing";
umask = "0002";
+ keepGoing = true;
};
}
diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix
index bd113567f..a177a0228 100644
--- a/lass/2configs/websites/domsen.nix
+++ b/lass/2configs/websites/domsen.nix
@@ -26,6 +26,7 @@ in {
./default.nix
./sqlBackup.nix
(servePage [ "aldonasiech.com" "www.aldonasiech.com" ])
+ (servePage [ "apanowicz.de" "www.apanowicz.de" ])
(servePage [ "reich-gebaeudereinigung.de" "www.reich-gebaeudereinigung.de" ])
(servePage [
"freemonkey.art"
@@ -34,7 +35,6 @@ in {
(serveOwncloud [ "o.ubikmedia.de" ])
(serveWordpress [
"ubikmedia.de"
- "apanowicz.de"
"nirwanabluete.de"
"ubikmedia.eu"
"youthtube.xyz"
@@ -42,7 +42,6 @@ in {
"weirdwednesday.de"
"jarugadesign.de"
- "www.apanowicz.de"
"www.nirwanabluete.de"
"www.ubikmedia.eu"
"www.youthtube.xyz"
@@ -52,7 +51,6 @@ in {
"www.jarugadesign.de"
"aldona2.ubikmedia.de"
- "apanowicz.ubikmedia.de"
"cinevita.ubikmedia.de"
"factscloud.ubikmedia.de"
"illucloud.ubikmedia.de"
@@ -93,6 +91,7 @@ in {
services.nextcloud = {
enable = true;
hostName = "o.xanf.org";
+ package = pkgs.nextcloud18;
config = {
adminpassFile = toString <secrets> + "/nextcloud_pw";
overwriteProtocol = "https";
@@ -107,6 +106,10 @@ in {
# MAIL STUFF
# TODO: make into its own module
+
+ # workaround for android 7
+ security.acme.certs."lassul.us".keyType = "rsa4096";
+
services.dovecot2 = {
enable = true;
mailLocation = "maildir:~/Mail";
@@ -131,18 +134,16 @@ in {
server_condition = ''${run{${config.lass.usershadow.path}/bin/verify_arg ${config.lass.usershadow.pattern} $auth1 $auth2}{yes}{no}}
'';
internet-aliases = [
- { from = "dominik@apanowicz.de"; to = "dominik_a@gmx.de"; }
{ from = "dma@ubikmedia.de"; to = "domsen"; }
{ from = "dma@ubikmedia.eu"; to = "domsen"; }
{ from = "mail@habsys.de"; to = "domsen"; }
{ from = "mail@habsys.eu"; to = "domsen"; }
+ { from = "hallo@apanowicz.de"; to = "domsen"; }
{ from = "bruno@apanowicz.de"; to = "bruno"; }
{ from = "mail@jla-trading.com"; to = "jla-trading"; }
{ from = "jms@ubikmedia.eu"; to = "jms"; }
{ from = "ms@ubikmedia.eu"; to = "ms"; }
{ from = "ubik@ubikmedia.eu"; to = "domsen, jms, ms"; }
- { from = "akayguen@freemonkey.art"; to ="akayguen"; }
- { from = "bui@freemonkey.art"; to ="bui"; }
{ from = "kontakt@alewis.de"; to ="klabusterbeere"; }
{ from = "hallo@jarugadesign.de"; to ="kasia"; }
@@ -153,9 +154,14 @@ in {
"jla-trading.com"
"ubikmedia.eu"
"ubikmedia.de"
+ "apanowicz.de"
"alewis.de"
"jarugadesign.de"
];
+ dkim = [
+ { domain = "ubikmedia.eu"; }
+ { domain = "apanowicz.de"; }
+ ];
ssl_cert = "/var/lib/acme/lassul.us/fullchain.pem";
ssl_key = "/var/lib/acme/lassul.us/key.pem";
};
diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix
index baeac213b..74585a6f8 100644
--- a/lass/2configs/websites/lassulus.nix
+++ b/lass/2configs/websites/lassulus.nix
@@ -61,7 +61,7 @@ in {
pubkey = config.krebs.users.lass.pubkey;
};
in ''
- alias ${initscript};
+ alias ${initscript}/bin/init;
'';
locations."= /blue.pub".extraConfig = ''
alias ${pkgs.writeText "pub" config.krebs.users.lass.pubkey};
@@ -69,6 +69,9 @@ in {
locations."= /mors.pub".extraConfig = ''
alias ${pkgs.writeText "pub" config.krebs.users.lass-mors.pubkey};
'';
+ locations."= /yubi.pub".extraConfig = ''
+ alias ${pkgs.writeText "pub" config.krebs.users.lass-yubikey.pubkey};
+ '';
};
security.acme.certs."cgit.l