diff options
| -rw-r--r-- | krebs/3modules/external/mic92.nix | 163 | ||||
| -rw-r--r-- | krebs/nixpkgs-unstable.json | 8 | ||||
| -rw-r--r-- | krebs/nixpkgs.json | 8 | ||||
| -rw-r--r-- | lass/1systems/icarus/config.nix | 2 | ||||
| -rw-r--r-- | lass/1systems/shodan/config.nix | 2 | ||||
| -rw-r--r-- | lass/1systems/styx/config.nix | 3 | ||||
| -rw-r--r-- | lass/2configs/binary-cache/server.nix | 13 | ||||
| -rw-r--r-- | lass/2configs/home-media.nix | 11 | ||||
| -rw-r--r-- | lass/2configs/snapclient.nix | 12 | ||||
| -rw-r--r-- | lass/2configs/snapserver.nix | 13 |
10 files changed, 84 insertions, 151 deletions
diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix index 3bd2c1b7b..e89b8c7fb 100644 --- a/krebs/3modules/external/mic92.nix +++ b/krebs/3modules/external/mic92.nix @@ -10,66 +10,6 @@ with import <stockholm/lib>; }); in { hosts = mapAttrs hostDefaults { - amy = { - owner = config.krebs.users.mic92; - nets = rec { - internet = { - ip4.addr = "129.215.165.57"; - ip6.addr = "2001:630:3c1:164:b62e:99ff:fe3e:d369"; - aliases = [ "amy.i" ]; - }; - retiolum = { - ip4.addr = "10.243.29.181"; - aliases = [ "amy.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIICCgKCAgEAr3jQRA1+hLKYVgHJA2ax5W8J3GVMTnaGpYw9Q2xXXrX/jxLZ6Ia8 - hBjIcCBDVL5Q3FnyrKB9NJeeIvCOKg8WG+8O0+wKcePKd0Vhbsx4Whog/6PWs6qh - q2sURs2tp1hjHks4kZo2WtiYD7Ue9HHdV6FlUO6yuBV0bW2RzHdLPCDSGxnQVkBM - tSwAvMCZwvVBiv4m6RyMXqmpdbAPBzgJcmJS0FY+zGxpiwsR/AdoVvnzYyFMCVpG - iFl5+k9OGhUJq72MwAXzjW5ZdCPrG+2Dd+QBhhtIMJGA2sJiJteT8vdvpTNCiHJ/ - HnW7movliN2mW86qwo7QqB5v0c9f9TjfpOld7sS/4vE3zlGi/Stf6SQWaoXez/u3 - /P9GzupcYgj76m8Z3j7BMHXCBw8iwP2pZpL9hnLdIyCcyLrzXDIzq4hlt60DPhSU - klTDBUA/cUdSJGcSn2N+WHLOTfI6qeBNKqcTk70OQsa69jAJeAtA+I9OprNYOXqb - MmQakNNlrTaNtGQxfQqEL+wqHlo8CVDGm3O9pQSNF309P4TLNU1EYm+ItScNiVCE - DKhcgvE6xHCwZnVyJN8MMy1CVyDmnHVYoaTEZ2cCvNi/hXIXgO9KWjSpAv5tP764 - UkOE4dlDpEW6G1pNf84BERfRYGDj29A/Jk9LJC/6D09QJXNu18HR0sUCAwEAAQ== - -----END RSA PUBLIC KEY----- - ''; - tinc.pubkey_ed25519 = "6VktF9Fg9E0hCW5g+rwGnrPACPSx/8vkl+hPNaFYeND"; - }; - }; - }; - clara = { - owner = config.krebs.users.mic92; - nets = rec { - internet = { - ip4.addr = "129.215.165.58"; - ip6.addr = "2001:630:3c1:164:b62e:99ff:fe3d:70f2"; - aliases = [ "clara.i" ]; - }; - retiolum = { - ip4.addr = "10.243.29.182"; - aliases = [ "clara.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIICCgKCAgEA07G1n2sA804nnjWQzq0Fi9i6kxJUo+jVJjtkm5unw3hjflAAd/3d - WN+01GdJCk/gr7DfU/Xr5KnR39Z3ADoT1tbUb+i5AJZ5/8VHUwWM8D8mQAam6LBf - UEeLxhVH8rG6lHaKwVi9oe4gPhgptUOzX/YIlJOMYDlYRxc7Wbj7YQOAKlPuTAjY - Z5bLswfkqTMO0cioJNwwMCNWSMJf3jbKi3eTQ36sf7TDMEneNGSBUpeSjGddoNT/ - rrVIDDT8tGmtACKr+3Y0H+EA2K5IxdQKKfnPRR31RBWiTkEXBbaJzYO/ZV5/xlbN - wmblskwq9d9IwDY7qeMctci+ZUZ3epG8MUwYa4faOrgmmkQpa5B+6UOMzw/WDJEc - jTfvSzfPo4anoj8C+MOQYzRvYmp60YEZKomv2BQdBvpGIpUul8WAR2aV0K+wz66e - mUamljAXmLiPxgGKduX5VFVuXzYxeMiBBujQCLTjc+xTB2EdwihxNX1rkxz10BDc - WrgPV+/VVyThKhOvVCifWARHtT2VGcZazfQOW/y3ZmEPOYuc5ZvrSEiMeG3f64+v - UU8cQZ3yBLIhTtC+38pRlsdBQHt526q0j0rrnd30JXVAUdWBunP2UJ5QGtA8/mWn - cWSlvRf5sfbyrISz6+mLPM2qGHnCkKwORNxmv/1DY07O3Rn6hX0OY4ECAwEAAQ== - -----END RSA PUBLIC KEY----- - ''; - tinc.pubkey_ed25519 = "qnJmS6W7QSKG3mjW1kPnHGeVmKzhGkyP9xBLGwH5XvD"; - }; - }; - }; dimitrios = { owner = config.krebs.users.mic92; nets = { @@ -111,37 +51,6 @@ in { }; }; }; - donna = { - owner = config.krebs.users.mic92; - nets = rec { - internet = { - ip4.addr = "129.215.165.54"; - ip6.addr = "2001:630:3c1:164:30a2:6e7b:c58b:cafd"; - aliases = [ "donna.i" ]; - }; - retiolum = { - via = internet; - ip4.addr = "10.243.29.180"; - aliases = [ "donna.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIICCgKCAgEAnv5zVPwjHk5Q72D3tv2rlQkp7SOsZD7Wvz8l1yI/mWkxoriJ9MVa - x8RziSB3KF8sF1lRWIKmuynkgLI3w0X/YFs/fAvtayxk6Qf8DOl23Vd8Is0h/i3I - 0fCmCEIHhHboKsREW6NxY7w5WAI2+SFNmGef1P7vzrAv7iLyPbo9nQ8wlrAmc+PJ - Ao3BOf4U7kP778fhsPA4dlGtF2v9CBhygeGVI/DQR8jcvzeiPd2Dr0k/JvrVMYtf - wJW4xUwZkIpws/yfI8b4VJOFl2X/Yw9712Z8Jvga0rR32OG4YbnggvuCMum1g94k - YwMjaSckv1XTalvPQuf1Od96XzwL2hjPFpEK3Tdl4AitMnArgj9HNzhcRL+eGonf - U24zk52OToHnoP3palNpodi7DziIBeXIaIMl7VMXku2ymbOUJsI6zeew+uZahJkv - QIWjxveQ8N40BoTc8Yg6pea1AId3l4f3brtwJbQOVbb3bVQ5VcrxM9Q/TBvyADYR - Knwszxw3uBw5Za1FMbwCPwd8/y/Ar19qGCx25xK0QnsyqZZT/cHsbBOTzh6BBWwI - IzbYu49VO/B1rktYzZ2l2ENQy6OILXWbvFjC8Pt8f1ZZQ4A21PyNA1AdyJ/rbVj7 - awm3OnnvKSvMCXWnwHPFHjksb3qMx96Aep1cw3ZBx0sQQ41UWBoOsi8CAwEAAQ== - -----END RSA PUBLIC KEY----- - ''; - tinc.pubkey_ed25519 = "ikUmx5IC1dvfaHFhpZM9xotwF2LH6EkvpcPTRm6TjeD"; - }; - }; - }; herbert = { owner = config.krebs.users.mic92; nets = rec { @@ -497,37 +406,6 @@ in { }; }; }; - rose = { - owner = config.krebs.users.mic92; - nets = rec { - internet = { - ip4.addr = "129.215.165.52"; - ip6.addr = "2001:630:3c1:164:6d4:c4ff:fe04:4e4b"; - aliases = [ "rose.i" ]; - }; - retiolum = { - via = internet; - ip4.addr = "10.243.29.178"; - aliases = [ "rose.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIICCgKCAgEA0h88uEcgVFhggGh3xqHySt8T+oDdoSN8ve4ZPmMzrGCD4dnlWcUO - 6uMiwE7XG667wvjB0J2RbCJ8n8/r6eQgp6sRfPzSQL/Mc74J+py+sOVOjjjL5wJX - btrYmASO3GKUSMhGmM0IiwHMIPrmUViaREDrweF3bUwK45d/ocqpBkc+nF27kksd - DMYjHMWRIkKuQaj592zo/kY1pAJ/yAvDPess0x1CLL6uDNbjTr2S/L7JHdzZs9Xq - 1+SGdVtqD0sWgSBKA0PC/Mi+Divd4PC1SoSL7wZRWD0Y2DNgj3+xUc7hAWRCw2Gs - 5wofK+qiwnyYAmeNYcyQfDLosKZF9hOM8U3UbxptkPLsOK3cfZoGoLQCuOryVDBe - 6GfJkJ49WfuSSNWs3WPWL6/6zmVPeGR0TvoMt02VQ3cKTmeIkWyTIzSVoC7wYv5D - Dl8Xt3aFr9UFI2GxenesViyuDLi8cy2fOsM3r+gowXQtgEKoXc9W2vyPwIIlcWUJ - QrKVsyNlkKKL0YjsnGazaEvqdiE30/Iq7f7VBnXnWXRLnZhr85HbTdDQnpT4GcEv - W3jpl1y5zShr5Hz90QoYcUTsxg9uk/+yqKpwUySZ6Gh4q0bo5k7nkM9i8mCMfNGZ - 0UU94QmwS9RoV4Mt4pSLYRcCs0mVeEjLuIfTFHkXc6LCjBWMn8ICfeMCAwEAAQ== - -----END RSA PUBLIC KEY----- - ''; - tinc.pubkey_ed25519 = "0O1LrgXAFOuei1NfU0vow+qUfim3htBOyCJvPrQFwHE"; - }; - }; - }; turingmachine = { owner = config.krebs.users.mic92; nets = rec { @@ -661,26 +539,6 @@ in { }; }; }; - doctor = { - owner = config.krebs.users.mic92; - nets = rec { - retiolum = { - ip4.addr = "10.243.29.186"; - aliases = [ "doctor.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAx0zdjPX9C0fBQR+8kdlsBTuMr4KxWhqw4ARqW02oSGKJxY+D57oO - ORVfjBhrvIiZJfXaY0M+/n+M4Bvt4r5ol3N1NxkT7vc0bAbz9Kk/0M8dlspNoSO9 - WW+mITVfxg/DgzDegjj4TOrsWC1jBjo4PVrvA+PnxZC4VucnqZZ55JHWAk/mPtzs - PUc3mkn3e9pwwrJMQRy7qg9fbatljHCb/fJoDk6DiQP4ZRE/pCf4OYCx7huHibsd - EMp7y5QJySmKwJ/XsS6yiHeYXLFwWvfReja/IRFL4RiDSW+6ES4PTEXxoLVDpqgv - KF44qim4UBabCMTPVtZcU3Rr+ufBALKJCwIDAQAB - -----END RSA PUBLIC KEY----- - ''; - tinc.pubkey_ed25519 = "PmZ8i6lB0Ij/d8qjA0y3QI2rMAlrTZn1ES/hUSNNWMP"; - }; - }; - }; bernie = { owner = config.krebs.users.mic92; nets = rec { @@ -1048,6 +906,27 @@ in { }; }; }; + + blob64 = { + owner = config.krebs.users.mic92; + nets = rec { + retiolum = { + aliases = [ "blob64.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAsl8LfS/l8zhkF9wqUTXndGZovIdIeZXeH/AZ3VopHn2yMn7HN3sy + sM+p0ypXgV02h8faWgQsKzbhZI1XNl8vK5jo0snb9wO0qTiIViSeVfcGJN3rMvsW + FmgcoVX7Juf3RD+oHbBc9CM7+vRbk6aIKyr3zRbGF1Ge9x/N2HSqjhYYKZ74JzJf + kTbN/t05gvzYcQCa6ueR1K+jysALC2SCbRNXMLDQtgMc9Jv+oPJfxxCxZUJR2/M6 + E/+sfbJ+oOl/EviXzM/HH14sOeO1v1xbw0ih75BWAOC1zvrIPg/Cr3y+RmDsK53K + eWa+2bvT7quaBLsVh9N51RSORUlXKdd2lwIDAQAB + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "m6YO0REcHjSORwOJCUBLciavYTNewcbxdt2TJnGz9xE"; + }; + }; + }; + hal9000 = { owner = config.krebs.users.mic92; nets = rec { diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json index 97294d16d..fd33ef219 100644 --- a/krebs/nixpkgs-unstable.json +++ b/krebs/nixpkgs-unstable.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "af9e00071d0971eb292fd5abef334e66eda3cb69", - "date": "2022-08-15T16:41:53+02:00", - "path": "/nix/store/6dvbaqmjjxx2rlh6986y2mj05083xy33-nixpkgs", - "sha256": "1mdwy0419m5i9ss6s5frbhgzgyccbwycxm5nal40c8486bai0hwy", + "rev": "c97e777ff06fcb8d37dcdf5e21e9eff1f34f0e90", + "date": "2022-09-11T12:47:08-03:00", + "path": "/nix/store/ixhh3xyag61ps64dgbclgkz80hgv36qv-nixpkgs", + "sha256": "1h4g8hf7zi6an5j2lnwf7kbmmbrwp6hhqdf87gd14y24d43sp4x0", "fetchLFS": false, "fetchSubmodules": false, "deepClone": false, diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index 3f3290eff..c0dee0c6e 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "3d47bbaa26e7a771059d828eecf3bd8bf28a8b0f", - "date": "2022-08-15T18:36:06+02:00", - "path": "/nix/store/h05whycbmdvxzxp2zqzfm2rjbanr77q9-nixpkgs", - "sha256": "0xnk777bwrdw2zklnhs4sq6rgzb4gn002ybwlizj35g3vy5rppvs", + "rev": "bf014cad818ecd1b28e68c1e7138fb988f504fdc", + "date": "2022-09-12T09:29:23+02:00", + "path": "/nix/store/cpp120bajfgdb8sb1nmm316pav16cjk4-nixpkgs", + "sha256": "0xdf1xclck8j8zxlnhkjgci4a4405rh9n6wx9c3vmk0dvb31lvi9", "fetchLFS": false, "fetchSubmodules": false, "deepClone": false, diff --git a/lass/1systems/icarus/config.nix b/lass/1systems/icarus/config.nix index 609da6011..2d2f23f95 100644 --- a/lass/1systems/icarus/config.nix +++ b/lass/1systems/icarus/config.nix @@ -10,6 +10,7 @@ with import <stockholm/lib>; <stockholm/lass/2configs/git.nix> <stockholm/lass/2configs/exim-retiolum.nix> <stockholm/lass/2configs/baseX.nix> + <stockholm/lass/2configs/pipewire.nix> <stockholm/lass/2configs/browsers.nix> <stockholm/lass/2configs/programs.nix> <stockholm/lass/2configs/fetchWallpaper.nix> @@ -21,6 +22,7 @@ with import <stockholm/lib>; #<stockholm/lass/2configs/prism-share.nix> <stockholm/lass/2configs/network-manager.nix> <stockholm/lass/2configs/home-media.nix> + <stockholm/lass/2configs/snapclient.nix> ]; krebs.build.host = config.krebs.hosts.icarus; diff --git a/lass/1systems/shodan/config.nix b/lass/1systems/shodan/config.nix index 7695e637b..5d6a440e0 100644 --- a/lass/1systems/shodan/config.nix +++ b/lass/1systems/shodan/config.nix @@ -8,6 +8,7 @@ with import <stockholm/lib>; <stockholm/lass/2configs/mouse.nix> <stockholm/lass/2configs/retiolum.nix> <stockholm/lass/2configs/baseX.nix> + <stockholm/lass/2configs/pipewire.nix> <stockholm/lass/2configs/exim-retiolum.nix> <stockholm/lass/2configs/browsers.nix> <stockholm/lass/2configs/programs.nix> @@ -21,6 +22,7 @@ with import <stockholm/lib>; <stockholm/lass/2configs/home-media.nix> <stockholm/lass/2configs/syncthing.nix> <stockholm/lass/2configs/sync/sync.nix> + <stockholm/lass/2configs/snapclient.nix> ]; krebs.build.host = config.krebs.hosts.shodan; diff --git a/lass/1systems/styx/config.nix b/lass/1systems/styx/config.nix index 016d1480f..e49d24f9a 100644 --- a/lass/1systems/styx/config.nix +++ b/lass/1systems/styx/config.nix @@ -8,6 +8,7 @@ with import <stockholm/lib>; <stockholm/lass/2configs/mouse.nix> <stockholm/lass/2configs/retiolum.nix> <stockholm/lass/2configs/baseX.nix> + <stockholm/lass/2configs/pipewire.nix> <stockholm/lass/2configs/exim-retiolum.nix> <stockholm/lass/2configs/browsers.nix> <stockholm/lass/2configs/programs.nix> @@ -23,6 +24,8 @@ with import <stockholm/lib>; <stockholm/lass/2configs/sync/sync.nix> # <stockholm/lass/2configs/idc.nix> <stockholm/lass/2configs/ppp/umts-stick.nix> + <stockholm/lass/2configs/snapserver.nix> + <stockholm/lass/2configs/snapclient.nix> ]; krebs.build.host = config.krebs.hosts.styx; diff --git a/lass/2configs/binary-cache/server.nix b/lass/2configs/binary-cache/server.nix index 1abf51ae6..dcc4b5f1a 100644 --- a/lass/2configs/binary-cache/server.nix +++ b/lass/2configs/binary-cache/server.nix @@ -1,6 +1,17 @@ -{ config, lib, pkgs, stockholm, ...}: +{ config, lib, pkgs, ...}: +let + nix-serve-ng-src = builtins.fetchTarball { + # Replace the URL and hash with whatever you actually need + url = "https://github.com/aristanetworks/nix-serve-ng/archive/1937593598bb1285b41804f25cd6f9ddd4d5f1cb.tar.gz"; + sha256 = "1lqd207gbx1wjbhky33d2r8xi6avfbx4v0kpsvn84zaanifdgz2g"; + }; + + nix-serve-ng = import nix-serve-ng-src; + +in { + imports = [ nix-serve-ng.nixosModules.default ]; # generate private key with: # nix-store --generate-binary-cache-key my-secret-key my-public-key services.nix-serve = { diff --git a/lass/2configs/home-media.nix b/lass/2configs/home-media.nix index f250ca8d8..f3908e6be 100644 --- a/lass/2configs/home-media.nix +++ b/lass/2configs/home-media.nix @@ -20,4 +20,15 @@ with import <stockholm/lib>; krebs.iptables.tables.filter.INPUT.rules = [ { predicate = "-p tcp --dport 4713"; target = "ACCEPT"; } # pulseaudio ]; + + environment.systemPackages = [ + (pkgs.writers.writeDashBin "snapmpv" '' + /run/current-system/sw/bin/mpv \ + --audio-display=no --audio-channels=stereo \ + --audio-samplerate=48000 --audio-format=s16 \ + --ao-pcm-file=/run/snapserver/snapfifo --ao=pcm \ + --audio-delay=-1 \ + "$@" + '') + ]; } diff --git a/lass/2configs/snapclient.nix b/lass/2configs/snapclient.nix new file mode 100644 index 000000000..8015680e9 --- /dev/null +++ b/lass/2configs/snapclient.nix @@ -0,0 +1,12 @@ +{ config, lib, pkgs, ... }: +{ + systemd.services.snapclient = { + wantedBy = [ "multi-user.target" ]; + path = [ pkgs.snapcast ]; + script = "snapclient -h 10.42.0.1"; + serviceConfig = { + DynamicUser = true; + Group = "pipewire"; + }; + }; +} diff --git a/lass/2configs/snapserver.nix b/lass/2configs/snapserver.nix new file mode 100644 index 000000000..3c6dbf750 --- /dev/null +++ b/lass/2configs/snapserver.nix @@ -0,0 +1,13 @@ +{ config, lib, pkgs, ... }: +{ + services.snapserver = { + enable = true; + openFirewall = true; + streams = { + pipewire = { + type = "pipe"; + location = "/run/snapserver/snapfifo"; + }; + }; + }; +} |