summaryrefslogtreecommitdiffstats
path: root/makefu
diff options
context:
space:
mode:
authorlassulus <lassulus@lassul.us>2018-02-10 19:48:38 +0100
committerlassulus <lassulus@lassul.us>2018-02-10 19:48:38 +0100
commitf2aeaae4a471a9db50b303a2528a084f8eb68496 (patch)
tree4cd282af4ee0731077cbe11c9d090f894a76b2fc /makefu
parente000690cc2fa3b494cf3b44eb0213dda80b34e12 (diff)
parente7418fbdf1bdddeeabe123c04bbd858fc70fe031 (diff)
Merge remote-tracking branch 'gum/master'
Diffstat (limited to 'makefu')
-rw-r--r--makefu/1systems/omo/config.nix3
-rw-r--r--makefu/1systems/wbob/config.nix126
-rw-r--r--makefu/1systems/x/config.nix16
-rw-r--r--makefu/2configs/deployment/google-muell.nix34
-rw-r--r--makefu/2configs/deployment/led-fader.nix20
-rw-r--r--makefu/2configs/gui/base.nix15
-rw-r--r--makefu/2configs/gui/wbob-kiosk.nix6
-rw-r--r--makefu/2configs/hw/network-manager.nix37
-rw-r--r--makefu/2configs/hw/wwan.nix8
-rw-r--r--makefu/3modules/default.nix2
-rw-r--r--makefu/3modules/umts.nix84
-rw-r--r--makefu/3modules/wvdial.nix71
-rw-r--r--makefu/5pkgs/ampel/default.nix27
-rw-r--r--makefu/5pkgs/pfsshell/default.nix27
-rw-r--r--makefu/source.nix2
15 files changed, 213 insertions, 265 deletions
diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix
index ce3ffbcf3..1e087fef4 100644
--- a/makefu/1systems/omo/config.nix
+++ b/makefu/1systems/omo/config.nix
@@ -19,7 +19,7 @@ let
# __FRONT_
# |* d0 |
# | |
- # |* d3 |
+ # |* d1 |
# | |
# |* d3 |
# | |
@@ -68,6 +68,7 @@ in {
<stockholm/makefu/2configs/syncthing.nix>
<stockholm/makefu/2configs/mqtt.nix>
<stockholm/makefu/2configs/remote-build/slave.nix>
+ <stockholm/makefu/2configs/deployment/google-muell.nix>
# security
diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix
index f44211b93..6434ba273 100644
--- a/makefu/1systems/wbob/config.nix
+++ b/makefu/1systems/wbob/config.nix
@@ -18,7 +18,7 @@ in {
<stockholm/makefu/2configs/virtualisation/libvirt.nix>
<stockholm/makefu/2configs/tinc/retiolum.nix>
<stockholm/makefu/2configs/mqtt.nix>
- # <stockholm/makefu/2configs/gui/wbob-kiosk.nix>
+ <stockholm/makefu/2configs/gui/wbob-kiosk.nix>
<stockholm/makefu/2configs/stats/client.nix>
@@ -31,6 +31,63 @@ in {
# Services
<stockholm/makefu/2configs/remote-build/slave.nix>
<stockholm/makefu/2configs/share/wbob.nix>
+ (let
+ musicDirectory = "/data/music";
+ in {
+ services.mpd = {
+ enable = true;
+ inherit musicDirectory;
+ # dataDir = "/home/anders/.mpd";
+ network.listenAddress = "any";
+ extraConfig = ''
+ audio_output {
+ type "pulse"
+ name "Local MPD"
+ server "127.0.0.1"
+ }
+ '';
+ };
+ # open because of truestedInterfaces
+ # networking.firewall.allowedTCPPorts = [ 6600 4713 ];
+ services.samba.shares.music = {
+ path = musicDirectory;
+ "read only" = "no";
+ browseable = "yes";
+ "guest ok" = "yes";
+ };
+
+ sound.enable = true;
+ hardware.pulseaudio = {
+ enable = true;
+ package = pkgs.pulseaudioFull;
+ # systemWide = true;
+ support32Bit = true;
+ zeroconf.discovery.enable = true;
+ zeroconf.publish.enable = true;
+ tcp = {
+ enable = true;
+ anonymousClients.allowAll = true;
+ anonymousClients.allowedIpRanges = [ "127.0.0.1" "192.168.8.0/24" ];
+ };
+ configFile = pkgs.writeText "default.pa" ''
+ load-module module-udev-detect
+ load-module module-bluetooth-policy
+ load-module module-bluetooth-discover
+ load-module module-native-protocol-unix
+ load-module module-always-sink
+ load-module module-console-kit
+ load-module module-systemd-login
+ load-module module-intended-roles
+ load-module module-position-event-sounds
+ load-module module-filter-heuristics
+ load-module module-filter-apply
+ load-module module-native-protocol-tcp auth-ip-acl=127.0.0.1
+ load-module module-switch-on-connect
+ '';
+ };
+ # connect via https://nixos.wiki/wiki/Bluetooth#Using_Bluetooth_headsets_with_PulseAudio
+ hardware.bluetooth.enable = true;
+ })
# Sensors
<stockholm/makefu/2configs/stats/telegraf>
@@ -147,7 +204,10 @@ in {
boot.loader.grub.device = rootdisk;
hardware.cpu.intel.updateMicrocode = true;
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
- boot.kernelModules = [ "kvm-intel" ];
+
+ boot.kernelModules = [ "kvm-intel"
+ "snd-seq" "snd-rawmidi"
+ ];
fileSystems = {
"/" = {
device = rootdisk + "-part1";
@@ -174,66 +234,4 @@ in {
serverAddress = "x.r";
};
};
- security.wrappers.fping = {
- source = "${pkgs.fping}/bin/fping";
- setuid = true;
- };
- services.smokeping = {
- enable = true;
- targetConfig = ''
- probe = FPing
- menu = Top
- title = Network Latency Grapher
- remark = Welcome to this SmokePing website.
-
- + network
- menu = Net latency
- title = Network latency (ICMP pings)
-
- ++ google
- probe = FPing
- host = google.de
- ++ webde
- probe = FPing
- host = web.de
-
- + services
- menu = Service latency
- title = Service latency (DNS, HTTP)
-
- ++ HTTP
- menu = HTTP latency
- title = Service latency (HTTP)
-
- +++ webdeping
- probe = EchoPingHttp
- host = web.de
-
- +++ googwebping
- probe = EchoPingHttp
- host = google.de
-
- #+++ webwww
- #probe = Curl
- #host = web.de
-
- #+++ googwebwww
- #probe = Curl
- #host = google.de
- '';
- probeConfig = ''
- + FPing
- binary = /run/wrappers/bin/fping
- + EchoPingHttp
- pings = 5
- url = /
-
- #+ Curl
- ## probe-specific variables
- #binary = ${pkgs.curl}/bin/curl
- #step = 60
- ## a default for this target-specific variable
- #urlformat = http://%host%/
- '';
- };
}
diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix
index a32db91e1..d5a9bdcfb 100644
--- a/makefu/1systems/x/config.nix
+++ b/makefu/1systems/x/config.nix
@@ -59,8 +59,9 @@ with import <stockholm/lib>;
# Hardware
<stockholm/makefu/2configs/hw/tp-x230.nix>
+ # <stockholm/makefu/2configs/hw/tpm.nix>
<stockholm/makefu/2configs/hw/rtl8812au.nix>
- <stockholm/makefu/2configs/hw/wwan.nix>
+ <stockholm/makefu/2configs/hw/network-manager.nix>
<stockholm/makefu/2configs/hw/stk1160.nix>
# <stockholm/makefu/2configs/rad1o.nix>
@@ -82,13 +83,9 @@ with import <stockholm/lib>;
makefu.server.primary-itf = "wlp3s0";
makefu.full-populate = true;
- makefu.umts.apn = "web.vodafone.de";
nixpkgs.config.allowUnfree = true;
- environment.systemPackages = [ pkgs.passwdqc-utils ];
-
-
# configure pulseAudio to provide a HDMI sink as well
networking.firewall.enable = true;
networking.firewall.allowedTCPPorts = [ 80 24800 26061 8000 3000 ];
@@ -100,8 +97,15 @@ with import <stockholm/lib>;
krebs.tinc.retiolum.connectTo = [ "omo" "gum" "prism" ];
networking.extraHosts = ''
- 192.168.1.11 omo.local
+ 192.168.1.11 omo.local
'';
# hard dependency because otherwise the device will not be unlocked
boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }];
+
+ nix.package = pkgs.nixUnstable;
+ environment.systemPackages = [ pkgs.passwdqc-utils pkgs.nixUnstable ];
+ nixpkgs.overlays = [ (import <python/overlay.nix>) ];
+
+ # environment.variables = { GOROOT = [ "${pkgs.go.out}/share/go" ]; };
+
}
diff --git a/makefu/2configs/deployment/google-muell.nix b/makefu/2configs/deployment/google-muell.nix
new file mode 100644
index 000000000..f23789ee5
--- /dev/null
+++ b/makefu/2configs/deployment/google-muell.nix
@@ -0,0 +1,34 @@
+{ config, lib, pkgs, buildPythonPackage, ... }:
+with import <stockholm/lib>;
+let
+ pkg = pkgs.ampel;
+ home = "/var/lib/ampel";
+ sec = "${toString <secrets>}/google-muell.json";
+ ampelsec = "${home}/google-muell.json";
+ esp = "192.168.1.23";
+ sleepval = "1800";
+in {
+ users.users.ampel = {
+ uid = genid "ampel";
+ createHome = true;
+ isSystemUser = true;
+ inherit home;
+ };
+ systemd.services.google-muell-ampel = {
+ description = "Send led change to rgb cubes";
+ after = [ "network-online.target" ];
+ wantedBy = [ "multi-user.target" ];
+ serviceConfig = {
+ User = "ampel";
+ ExecStartPre = pkgs.writeDash "copy-ampel-secrets" ''
+ cp ${sec} ${ampelsec}
+ chown ampel ${ampelsec}
+ '';
+ ExecStart = "${pkg}/bin/google-muell --esp=${esp} --client-secrets=${ampelsec} --credential-path=${home}/google-muell-creds.json --sleepval=${sleepval}";
+ PermissionsStartOnly = true;
+ Restart = "always";
+ RestartSec = 10;
+ PrivateTmp = true;
+ };
+ };
+}
diff --git a/makefu/2configs/deployment/led-fader.nix b/makefu/2configs/deployment/led-fader.nix
index 292b6679d..d34b66125 100644
--- a/makefu/2configs/deployment/led-fader.nix
+++ b/makefu/2configs/deployment/led-fader.nix
@@ -2,25 +2,7 @@
let
mq = "192.168.8.11";
-
- pkg = pkgs.python3Packages.buildPythonPackage {
- name = "ampel-master";
-
- src = pkgs.fetchgit {
- url = "http://cgit.euer.krebsco.de/ampel";
- rev = "531741b";
- sha256 = "110yij53jz074zbswylbzcd8jy7z49r9fg6i3j1gk2y3vl91g81c";
- };
- propagatedBuildInputs = with pkgs.python3Packages; [
- docopt
- paho-mqtt
- requests
- pytz
- influxdb
- httplib2
- google_api_python_client
- ];
- };
+ pkg = pkgs.ampel;
in {
systemd.services.led-fader = {
description = "Send led change to message queue";
diff --git a/makefu/2configs/gui/base.nix b/makefu/2configs/gui/base.nix
index daa0282b8..861a9327e 100644
--- a/makefu/2configs/gui/base.nix
+++ b/makefu/2configs/gui/base.nix
@@ -48,13 +48,14 @@ in
fonts = [ pkgs.terminus_font ];
};
- environment.systemPackages = with pkgs;[
- pavucontrol
- xlockmore
- rxvt_unicode-with-plugins
- firefox
- ];
- users.extraUsers.${mainUser}.extraGroups = [ "audio" ];
+ users.users.${mainUser} = {
+ extraGroups = [ "audio" ];
+ packages = with pkgs;[
+ pavucontrol
+ xlockmore
+ rxvt_unicode-with-plugins
+ ];
+ };
hardware.pulseaudio = {
enable = true;
diff --git a/makefu/2configs/gui/wbob-kiosk.nix b/makefu/2configs/gui/wbob-kiosk.nix
index 4b7a0c333..7db749227 100644
--- a/makefu/2configs/gui/wbob-kiosk.nix
+++ b/makefu/2configs/gui/wbob-kiosk.nix
@@ -1,11 +1,13 @@
-{ lib, ... }:
+{ pkgs, lib, ... }:
{
imports = [
./base.nix
];
+ users.users.makefu.packages = [ pkgs.chromium ];
services.xserver = {
layout = lib.mkForce "de";
+ xkbVariant = lib.mkForce "";
windowManager = lib.mkForce {
awesome.enable = false;
@@ -16,7 +18,7 @@
# xrandrHeads = [ "HDMI1" "HDMI2" ];
# prevent screen from turning off, disable dpms
displayManager.sessionCommands = ''
- xset s off -dpms
+ xset -display :0 s off -dpms
xrandr --output HDMI2 --right-of HDMI1
'';
};
diff --git a/makefu/2configs/hw/network-manager.nix b/makefu/2configs/hw/network-manager.nix
new file mode 100644
index 000000000..7e29849b1
--- /dev/null
+++ b/makefu/2configs/hw/network-manager.nix
@@ -0,0 +1,37 @@
+{ pkgs, lib, ... }:
+{
+ users.users.makefu = {
+ extraGroups = [ "networkmanager" ];
+ packages = with pkgs;[
+ networkmanagerapplet
+ gnome3.gnome_keyring gnome3.dconf
+ ];
+ };
+ networking.wireless.enable = lib.mkForce false;
+
+ systemd.services.modemmanager = {
+ description = "ModemManager";
+ after = [ "network-manager.service" ];
+ bindsTo = [ "network-manager.service" ];
+ wantedBy = [ "network-manager.service" ];
+ serviceConfig = {
+ ExecStart = "${pkgs.modemmanager}/bin/ModemManager";
+ PrivateTmp = true;
+ Restart = "always";
+ RestartSec = "5";
+ };
+ };
+ networking.networkmanager.enable = true;
+
+ # TODO: put somewhere else
+ services.xserver.displayManager.sessionCommands = ''
+ ${pkgs.clipit}/bin/clipit &
+ ${pkgs.networkmanagerapplet}/bin/nm-applet &
+ '';
+
+# nixOSUnstable
+# networking.networkmanager.wifi = {
+# powersave = true;
+# scanRandMacAddress = true;
+# };
+}
diff --git a/makefu/2configs/hw/wwan.nix b/makefu/2configs/hw/wwan.nix
deleted file mode 100644
index 0eb0c97d7..000000000
--- a/makefu/2configs/hw/wwan.nix
+++ /dev/null
@@ -1,8 +0,0 @@
-_:
-
-{
- makefu.umts = {
- enable = true;
- modem-device = "/dev/serial/by-id/usb-Lenovo_H5321_gw_2D5A51BA0D3C3A90-if01";
- };
-}
diff --git a/makefu/3modules/default.nix b/makefu/3modules/default.nix
index af0e81df5..fa4eb827c 100644
--- a/makefu/3modules/default.nix
+++ b/makefu/3modules/default.nix
@@ -14,8 +14,6 @@ _:
./snapraid.nix
./torrent.nix
./udpt.nix
- ./umts.nix
- ./wvdial.nix
];
}
diff --git a/makefu/3modules/umts.nix b/makefu/3modules/umts.nix
deleted file mode 100644
index 86669945a..000000000
--- a/makefu/3modules/umts.nix
+++ /dev/null
@@ -1,84 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with import <stockholm/lib>;
-
-let
- nixpkgs-1509 = import (pkgs.fetchFromGitHub {
- owner = "NixOS"; repo = "nixpkgs-channels";
- rev = "91371c2bb6e20fc0df7a812332d99c38b21a2bda";
- sha256 = "1as1i0j9d2n3iap9b471y4x01561r2s3vmjc5281qinirlr4al73";
- }) {};
-
- wvdial = nixpkgs-1509.wvdial; # https://github.com/NixOS/nixpkgs/issues/16113
-
- # TODO: currently it is only netzclub
- umts-bin = pkgs.writeScriptBin "umts" ''
- #!/bin/sh
- set -euf
- systemctl start umts
- trap "systemctl stop umts;trap - INT TERM EXIT;exit" INT TERM EXIT
- echo nameserver 8.8.8.8 | tee -a /etc/resolv.conf
- journalctl -xfu umts
- '';
-
- wvdial-defaults = ''
- Phone = *99***1#
- Dial Command = ATDT
- Modem = ${cfg.modem-device}
- Baud = 460800
- Init1 = AT+CGDCONT=1,"IP","${config.makefu.umts.apn}","",0,0
- Init2 = ATZ
- Init3 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
- ISDN = 0
- Modem Type = Analog Modem
- Username = netzclub
- Password = netzclub
- Stupid Mode = 1
- Idle Seconds = 0'';
-
- cfg = config.makefu.umts;
-
- out = {
- options.makefu.umts = api;
- config = lib.mkIf cfg.enable imp;
- };
-
- api = {
- enable = mkEnableOption "umts";
-
- modem-device = mkOption {
- default = "/dev/ttyUSB0";
- type = types.str;
- description = ''
- path to modem device, use <filename>/dev/serial/by-id/...</filename>
- to avoid race conditions.
- '';
- };
- apn = mkOption {
- default = "pinternet.interkom.de";
- type = types.str;
- description = ''
- apn to use for dailing
- '';
- };
- };
-
- imp = {
- environment.shellAliases = {
- umts = "sudo ${umts-bin}/bin/umts";
- };
- environment.systemPackages = [ ];
-
- environment.wvdial.dialerDefaults = wvdial-defaults;
-
- systemd.services.umts = {
- description = "UMTS wvdial Service";
- serviceConfig = {
- Type = "simple";
- Restart = "always";
- RestartSec = "10s";
- ExecStart = "${wvdial}/bin/wvdial -n";
- };
- };
- };
-in out
diff --git a/makefu/3modules/wvdial.nix b/makefu/3modules/wvdial.nix
deleted file mode 100644
index 1ed929ed4..000000000
--- a/makefu/3modules/wvdial.nix
+++ /dev/null
@@ -1,71 +0,0 @@
-# Global configuration for wvdial.
-
-{ config, lib, pkgs, ... }:
-
-with lib;
-
-let
-
- configFile = ''
- [Dialer Defaults]
- PPPD PATH = ${pkgs.ppp}/sbin/pppd
- ${config.environment.wvdial.dialerDefaults}
- '';
-
- cfg = config.environment.wvdial;
-
-in
-{
- ###### interface
-
- options = {
-
- environment.wvdial = {
-
- dialerDefaults = mkOption {
- default = "";
- type = types.str;
- example = ''Init1 = AT+CGDCONT=1,"IP","internet.t-mobile"'';
- description = ''
- Contents of the "Dialer Defaults" section of
- <filename>/etc/wvdial.conf</filename>.
- '';
- };
-
- pppDefaults = mkOption {
- default = ''
- noipdefault
- usepeerdns
- defaultroute
- persist
- noauth
- '';
- type = types.str;
- description = "Default ppp settings for wvdial.";
- };
-
- };
-
- };
-
- ###### implementation
-
- config = mkIf (cfg.dialerDefaults != "") {
-
- environment = {
-
- etc =
- [
- { source = pkgs.writeText "wvdial.conf" configFile;
- target = "wvdial.conf";
- }
- { source = pkgs.writeText "wvdial" cfg.pppDefaults;
- target = "ppp/peers/wvdial";
- }
- ];
-
- };
-
- };
-
-}
diff --git a/makefu/5pkgs/ampel/default.nix b/makefu/5pkgs/ampel/default.nix
new file mode 100644
index 000000000..86518b9b8
--- /dev/null
+++ b/makefu/5pkgs/ampel/default.nix
@@ -0,0 +1,27 @@
+{ lib, pkgs, fetchFromGitHub, ... }:
+
+with pkgs.python3Packages;buildPythonPackage rec {
+ name = "ampel-${version}";
+ version = "0.2";
+
+ propagatedBuildInputs = [
+ docopt
+ paho-mqtt
+ requests
+ pytz
+ influxdb
+ httplib2
+ google_api_python_client
+ ];
+
+ src = pkgs.fetchgit {
+ url = "http://cgit.euer.krebsco.de/ampel";
+ rev = "d8a0250";
+ sha256 = "0n36lc17ca5db6pl6dswdqd5w9f881rfqck9yc4w33a5qpsxj85f";
+ };
+ meta = {
+ homepage = http://cgit.euer.krebsco.de/ampel;
+ description = "change colors of rgb cubes";
+ license = lib.licenses.asl20;
+ };
+}
diff --git a/makefu/5pkgs/pfsshell/default.nix b/makefu/5pkgs/pfsshell/default.nix
new file mode 100644
index 000000000..fc6b37069
--- /dev/null
+++ b/makefu/5pkgs/pfsshell/default.nix
@@ -0,0 +1,27 @@
+{ stdenv, lib, pkgs, fetchurl,fetchFromGitHub, upx, wine }:
+stdenv.mkDerivation rec {
+ pname = "pfsshell";
+ version = "64f8c2";
+ name = "${pname}-${version}";
+
+ src = fetchFromGitHub {
+ owner = "makefu";
+ repo = "pfsshell";
+ rev = version;
+ sha256 = "01lbqf8s91p8id58xa16fp555i03vfycqvhv7qzpnrjy6yvp9dm8";
+ };
+
+ buildInputs = [ ];
+
+ makeFlags = [ ];
+
+ installPhase = ''
+ mkdir -p $out/bin
+ cp pfsshell $out/bin
+ '';
+
+ meta = {
+ homepage = https://github.com/uyjulian/pfsshell ;
+ description = "browse and transfer files to/from PFS filesystems";
+ };
+}
diff --git a/makefu/source.nix b/makefu/source.nix
index c22c82f32..f06c9454f 100644
--- a/makefu/source.nix
+++ b/makefu/source.nix
@@ -13,7 +13,7 @@ let
then "buildbot"
else "makefu";
_file = <stockholm> + "/makefu/1systems/${name}/source.nix";
- ref = "0f19bee"; # nixos-17.09 @ 2018-01-05
+ ref = "cd36b3d"; # nixos-17.09 @ 2018-02-06
# + do_sqlite3 ruby: 55a952be5b5
# + signal: 0f19beef3