diff options
57 files changed, 674 insertions, 182 deletions
diff --git a/krebs/1systems/puyak/config.nix b/krebs/1systems/puyak/config.nix index a20f6929e..eb1256d69 100644 --- a/krebs/1systems/puyak/config.nix +++ b/krebs/1systems/puyak/config.nix @@ -31,7 +31,7 @@ loader.systemd-boot.enable = true; loader.efi.canTouchEfiVariables = true; - initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda3"; } ]; + initrd.luks.devices.luksroot.device = "/dev/sda3"; initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ]; diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix index 1356b4d7e..029644ca6 100644 --- a/krebs/1systems/wolf/config.nix +++ b/krebs/1systems/wolf/config.nix @@ -73,6 +73,9 @@ in # replacement for leases.shack and shackles.shack <stockholm/krebs/2configs/shack/shackDNS.nix> + # misc + <stockholm/krebs/2configs/save-diskspace.nix> + ]; # use your own binary cache, fallback use cache.nixos.org (which is used by # apt-cacher-ng in first place) diff --git a/krebs/2configs/default.nix b/krebs/2configs/default.nix index d7d6fbf37..3442272ec 100644 --- a/krebs/2configs/default.nix +++ b/krebs/2configs/default.nix @@ -29,8 +29,8 @@ with import <stockholm/lib>; rxvt_unicode.terminfo ]; + console.keyMap = "us"; i18n = { - consoleKeyMap = "us"; defaultLocale = lib.mkForce "C"; }; diff --git a/krebs/2configs/save-diskspace.nix b/krebs/2configs/save-diskspace.nix index b1416a97a..c70029646 100644 --- a/krebs/2configs/save-diskspace.nix +++ b/krebs/2configs/save-diskspace.nix @@ -3,8 +3,8 @@ { nix.gc.automatic = true; nix.gc.dates = lib.mkDefault "03:10"; - programs.info.enable = false; - programs.man.enable = false; + documentation.info.enable = false; + documentation.man.enable = false; services.journald.extraConfig = "SystemMaxUse=50M"; - services.nixosManual.enable = false; + documentation.nixos.enable = false; } diff --git a/krebs/2configs/shack/glados/automation/announcement.j2 b/krebs/2configs/shack/glados/automation/announcement.j2 new file mode 100644 index 000000000..d3838bb33 --- /dev/null +++ b/krebs/2configs/shack/glados/automation/announcement.j2 @@ -0,0 +1,28 @@ +Willkommen werter Keyholder {{ states("sensor.keyholder") }} in deinem Lieblingshackerspace. + +Es ist {{states("sensor.temperature") | round(1) | replace('.',' Komma ')}} Grad {% if states("sensor.temperature")|float > 25 %}heiss{%elif states("sensor.temperature")|float > 15%}warm{%else%}kalt{%endif%} bei {% if states("sensor.humidity") | int <45 %}trockenen{% elif states("sensor.humidity") | int <65 %}angenehmen{%else%}feuchten{%endif%} {{states("sensor.humidity") | int }} Prozent Luftfeuchtigkeit. + +{% if (states("sensor.fullstand_mate_1")|int == 0) and + states("sensor.fullstand_mate_2")|int == 0 %}ES IST MAHTECALYPSE, BEIDE MAHTESCHÄCHTE SIND LEER! {%if states("sensor.fullstand_mate_cola")| int == 0%} UND SOGAR DIE COLA IST ALLE. Ihr seid sowas von am Arsch!{%else%}Zum Glück gibt es noch Cola, Phew!{%endif%} +{% elif (states("sensor.fullstand_mate_1")|int + states("sensor.fullstand_mate_2")|int) < 5 %} +Der Mahtestand im Automaten ist mit {{states("sensor.fullstand_mate_1")|int + states("sensor.fullstand_mate_2")|int }} verbleibenden Flaschen kritisch! +{% else %} +Im Automaten sind noch {{states("sensor.fullstand_mate_1")|int + states("sensor.fullstand_mate_2")|int }} Flaschen Mahte und {{states("sensor.fullstand_mate_cola")}} Flaschen Cola. +{%endif%} + +Die Wettervorhersage: {{states("sensor.dark_sky_hourly_summary")}} Aktuell {{states("sensor.dark_sky_summary")}} bei {{states("sensor.dark_sky_temperature") | round(1) | replace('.',' Komma ')}} Grad. +Der Stromverbrauch liegt bei {{ (( states("sensor.l1_power")|int + states("sensor.l2_power")|int + states("sensor.l3_power")|int ) / 1000 )| round(1) | replace('.',' Komma ')}} Kilowatt. + +Im Fablab ist die Feinstaubbelastung {% if states("sensor.fablab_particulate_matter_2_5um_concentration") | float > 50 %}hoch!{%elif states("sensor.fablab_particulate_matter_2_5um_concentration") | float > 25 %}mäßig.{% else %}gering.{%endif%} + +{% if is_state("binary_sensor.door_rzl",'on') and is_state("binary_sensor.door_entropia",'on') %} +Das Raumzeitlabor und Entropia haben geöffnet. +{% elif is_state("binary_sensor.door_rzl",'off') and is_state("binary_sensor.door_entropia",'off') %} +Das Raumzeitlabor und Entropia haben geschlossen. +{% elif is_state("binary_sensor.door_rzl",'on') and is_state("binary_sensor.door_entropia",'off') %} +Das Raumzeitlabor hat geöffnet und Entropia hat geschlossen. +{% elif is_state("binary_sensor.door_rzl",'off') and is_state("binary_sensor.door_entropia",'on') %} +Das Raumzeitlabor hat geschlossen und Entropia hat geöffnet. +{%endif%} + +Die Glados Hackerspace Automation wünscht dir und allen Anwesenden einen produktiven und angenehmen Aufenthalt! diff --git a/krebs/2configs/shack/glados/automation/shack-startup.nix b/krebs/2configs/shack/glados/automation/shack-startup.nix index 35314923b..ac7dd4f1e 100644 --- a/krebs/2configs/shack/glados/automation/shack-startup.nix +++ b/krebs/2configs/shack/glados/automation/shack-startup.nix @@ -2,12 +2,20 @@ # binary_sensor.portal_lock # sensor.keyholder # media_player.lounge + +# additional state required on: +# mpd.shack: +# playlist "ansage" +# playlist "lassulus" +# lounge.kiosk.shack: +# playlist "ansage" + let glados = import ../lib; in [ { - alias = "Greet new keyholder for key exchange"; + alias = "Bedanken bei Übernahme von Key"; initial_state = true; trigger = { platform = "state"; @@ -15,15 +23,22 @@ in }; condition = { condition = "template"; - value_template = "{{ trigger.from_state.state != 'No Keyholder' }}"; + value_template = "{{ (trigger.from_state.state != 'No Keyholder') and (trigger.from_state.state != 'No Keyholder') }}"; }; - action = glados.say.kiosk "Danke {{trigger.to_state.state}} für das Übernehmen des Keys von {{trigger.from_state.state}}"; - # action = []; + action = glados.say.kiosk "Danke {{ trigger.to_state.state }} für das Übernehmen des Keys von {{ trigger.from_state.state }}"; + } + { + alias = "Keyholder Begrüßen wenn MPD hoch fährt"; + initial_state = true; + trigger = { + platform = "state"; + from = "unavailable"; + entity_id = "media_player.kiosk"; + }; + action = glados.say.kiosk (builtins.readFile ./announcement.j2); } - { alias = "Start Music on portal lock on"; - # TODO: use "power" trigger trigger = { platform = "state"; entity_id = "binary_sensor.portal_lock"; @@ -61,7 +76,7 @@ in media_content_id = "ansage"; }; } - { delay.seconds = 8; } + { delay.seconds = 8.5; } { service = "media_player.volume_set"; data = { @@ -74,7 +89,7 @@ in data = { entity_id = "media_player.lounge"; media_content_type = "playlist"; - media_content_id = "lassulus superradio"; + media_content_id = "lassulus"; }; } ]; diff --git a/krebs/2configs/shack/glados/default.nix b/krebs/2configs/shack/glados/default.nix index 920f2ed2f..b6bcc8673 100644 --- a/krebs/2configs/shack/glados/default.nix +++ b/krebs/2configs/shack/glados/default.nix @@ -131,11 +131,11 @@ in { }; #conversation = {}; history = {}; - logbook = {}; + #logbook = {}; logger = { default = "info"; }; - recorder = {}; + #recorder = {}; tts = [ { platform = "google_translate"; service_name = "say"; diff --git a/krebs/2configs/shack/glados/lib/default.nix b/krebs/2configs/shack/glados/lib/default.nix index 6d2b7749b..2cfac3daf 100644 --- a/krebs/2configs/shack/glados/lib/default.nix +++ b/krebs/2configs/shack/glados/lib/default.nix @@ -22,7 +22,7 @@ in service = "media_player.turn_on"; data.entity_id = "media_player.${entity}"; } - { delay.seconds = 8; } + { delay.seconds = 4.5; } { service = "tts.say"; entity_id = "media_player.${entity}"; data_template = { diff --git a/krebs/2configs/shack/ssh-keys.nix b/krebs/2configs/shack/ssh-keys.nix index 95c869bc9..f27b5bbc3 100644 --- a/krebs/2configs/shack/ssh-keys.nix +++ b/krebs/2configs/shack/ssh-keys.nix @@ -5,6 +5,7 @@ config.krebs.users.ulrich.pubkey config.krebs.users.raute.pubkey config.krebs.users.xq.pubkey + config.krebs.users.hase.pubkey "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDb9NPa2Hf51afcG1H13UPbE5E02J8aC9a1sGCRls592wAVlQbmojYR1jWDPA2m32Bsyv0ztqi81zDyndWWZPQVJVBk00VjYBcgk6D5ifqoAuWLzfuHJPWZGOvBf/U74/LNFNUkj1ywjneK7HYTRPXrRBBfBSQNmQzkvue7s599L2vdueZKyjNsMpx2m6nm2SchaMuDskSQut/168JgU1l4M8BeT68Bo4WdelhBYnhSI1a59FGkgdu2SCjyighLQRy2sOH3ksnkHWENPkA+wwQOlKl7R3DsEybrNd4NU9FSwFDyDmdhfv5gJp8UGSFdjAwx43+8zM5t5ruZ25J0LnVb0PuTuRA00UsW83MkLxFpDQLrQV08tlsY6iGrqxP67C3VJ6t4v6oTp7/vaRLhEFc1PhOLh+sZ18o8MLO+e2rGmHGHQnSKfBOLUvDMGa4jb01XBGjdnIXLOkVo79YR5jZn7jJb2gTZ95OD6bWSDADoURSuwuLa7kh4ti1ItAKuhkIvbuky3rRVvQEc92kJ6aNUswIUXJa0K2ibbIY6ycKAA3Ljksl3Mm9KzOn6yc/i/lSF+SOrTGhabPJigKkIoqKIwnV5IU3gkfsxPQJOBMPqHDGAOeYQe3WpWedEPYuhQEczw4exMb9TkNE96F71PzuQPJDl5sPAWyPLeMKpy5XbfRiF2by4nxN3ZIQvjtoyVkjNV+qM0q0yKBzLxuRAEQOZ2yCEaBudZQkQiwHD97H2vu4SRQ/2aOie1XiOnmdbQRDZSO3BsoDK569K1w+gDfSnqY7zVUMj6tw+uKx6Gstck5lbvYMtdWKsfPv/pDM8eyIVFLL93dKTX+ertcQj6xDwLfOiNubE5ayFXhYkjwImV6NgfBuq+3hLK0URP2rPlOZbbZTQ0WlKD6CCRZPMSZCU9oD2zYfqpvRArBUcdkAwGePezORkfJQLE6mYEJp6pdFkJ/IeFLbO6M0lZVlfnpzAC9kjjkMCRofZUETcFSppyTImCbgo3+ok59/PkNU5oavBXyW80ue2tWHr08HX/QALNte3UITmIIlU6SFMCPMWJqadK1eDPWfJ4H4iDXRNn3D5wqN++iMloKvpaj0wieqXLY4+YfvNTNr177OU48GEWW8DnoEkbpwsCbjPxznGDQhdDqdYyMY/fDgRQReKITvKYGHRzesGysw5cKsp9LEfXD0R6WE2TeiiENla5AWzTgXJB0AyZEcOiIfqOgT9Nr9S8q5gc/BdA7P+jhGGJgEHhV3dVlfIZ7pmZc27Yu7UTQ0lbAKWqcMSTOdne+QL6ILzbvLrQwdvax4tQdm5opfU16SrOox1AMwAbkdq84z6uJqYVx3cUXfMJgTyDNrVv3or root@plattenschwein" # for backup "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1Lx5MKtVjB/Ef6LpEiIAgVwY5xKQFdHuLQR+odQO4cAgxj1QaIXGN0moixY52DebVQhAtiCNiFZ83uJyOj8kmu30yuXwtSOQeqziA859qMJKZ4ZcYdKvbXwnf2Chm5Ck/0FvtpjTWHIZAogwP1wQto/lcqHOjrTAnZeJfQuHTswYUSnmUU5zdsEZ9HidDPUc2Gv0wkBNd+KMQyOZl0HkaxHWvn0h4KK4hYZisOpeTfXJxD87bo+Eg4LL2vvnHW6dF6Ygrbd/0XRMsRRI8OAReVBUoJn7IE1wwAl/FpblNmhaF9hlL7g7hR1ADvaWMMw0e8SSzW6Y+oIa8qFQL6wR1 gitlab-builder" # for being deployed by gitlab ci ]; diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index 62cdf8542..082dfd80f 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -134,6 +134,24 @@ in { }; }; }; + hasegateway = { + cores = 1; + owner = config.krebs.users.hase; + nets = { + #internet = { + # ip.addr = "37.24.200.174"; + # aliases = [ "hasegateway.i" ]; + #}; + retiolum = { + ip4.addr = "10.243.226.216"; + ip6.addr = "42:0:e644:9099:4f8:b9aa:3856:4e86"; + aliases = [ + "hasegateway.r" + ]; + tinc.pubkey = tinc-for "hasegateway"; + }; + }; + }; jongepad = { owner = config.krebs.users.jonge; nets = { @@ -465,6 +483,10 @@ in { mail = "shackspace.de@myvdr.de"; pubkey = ssh-for "ulrich"; }; + hase = { + mail = "hase.christian92@gmail.com"; + pubkey = ssh-for "hase"; + }; "0x4A6F" = { mail = "0x4a6f@shackspace.de"; pubkey = ssh-for "0x4A6F"; diff --git a/krebs/3modules/external/ssh/hase.pub b/krebs/3modules/external/ssh/hase.pub new file mode 100644 index 000000000..02051a81f --- /dev/null +++ b/krebs/3modules/external/ssh/hase.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCa40LWhpIngxvO2Vg2R0yZUmNUz7mT2m5fnVi9yKWKbUy+y3tMkC8bw+CjvOaFG8haXhPHue9IBvO7Fst1klyHXNlBPxxEuwnxvljV3rFPz8jxvxAnIJRdlxxpYGWSwOy/JxcjDdPlXBNvCFGQfxbHvwzC5wKyyCTEWgvcq+lK0xXcv/BJie8OM4H6z27a5BbV4GEDFki5fteCa3OPGCM4I/Ny/2cYMcJtXU/yQRYhcpNMu+4Q16YMkrut/r46ngcGTqnthE5LVOK9o+6LNR+ww6BSvm3bNccf3b85A1SG7tpIXMBKBMxD8Bt8/PmMlIGBvpqsv202MdpxAD6LYjLN 8c:48:47:bf:a4:f1:17:fb:ed:43:c6:2e:e5:97:7f:40 chris@chris-desktop-arch diff --git a/krebs/3modules/external/tinc/hasegateway.pub b/krebs/3modules/external/tinc/hasegateway.pub new file mode 100644 index 000000000..ef6520e85 --- /dev/null +++ b/krebs/3modules/external/tinc/hasegateway.pub @@ -0,0 +1,13 @@ +-----BEGIN RSA PUBLIC KEY----- +MIICCgKCAgEA4k9MVwBAQXpbLNOp9AenFPzxdgJ21xhMeqPGUhsNgZXlioHpvaVN +POx6nlcd4DBI1zg7GhYgWVHFerZzJ9/UD9cLufl+wIbtuAGlgsrqPkU4cCkDIKPb +d1tsok9s3rei2yQs8mQO5eIIYRxai8/gCAhsVjDZ5kONACmlq4xbjTZDxb7eaomZ +s//T6fiOMdEjo2Z6pahiEOEYdk+Nd18HOwuGQropzlBqtX4sa1ocfFT7/wXWMBm/ +/RL81t9HxSCGAogmb8leqGD7CGAPsJLfT+/54s7ZhdRMFYzE5deQKGYf15ZCYZsI +ZmrcwsD7JOfqxs0THZvQ38gM00b7qDJRMeEdcUeDtWdDR79g78yB1CMXJGz+dNCa +MM7yz6NScRLO5VN+irp9A2Z/wNSzIho7FVa93m4O3R1ft7bqjJNhMqI/3vxxT882 +X3o6K09UWau+xXHpHMGbrjePUnu0SGzntHVCSVJCRhRICzDnh+r+YURl6jlONHBU +qx7zkMYrbOTMkqmt1pFYWXSa92xDoxTtNjNFJMWEe9vB4UDmPMfFBSOBBQ7m8QRw +uNHGqjU9e3JOm3UtELUbnXtG6a2/5ve1kRpxGHoVWbHLosCieHbk9PQRVm74yfPE +4RETrUyQA5ueaMYfKqpYGNPOliWIp4u2DeKQCQDr4PG+nkS04ZFXOlECAwEAAQ== +-----END RSA PUBLIC KEY----- diff --git a/krebs/3modules/rtorrent.nix b/krebs/3modules/rtorrent.nix index eb27aa34d..e5566f329 100644 --- a/krebs/3modules/rtorrent.nix +++ b/krebs/3modules/rtorrent.nix @@ -328,6 +328,8 @@ let pools.rutorrent = { user = nginx-user; group = nginx-group; + phpEnv.PATH = makeBinPath rutorrent-deps; + settings = { "listen.owner" = nginx-user; "pm" = "dynamic"; @@ -335,14 +337,11 @@ let "pm.start_servers" = 2; "pm.min_spare_servers" = 1; "pm.max_spare_servers" = 3; + "chdir" = "/"; + "php_admin_value[error_log]" = "stderr"; + "php_admin_flag[log_errors]" = "on"; + "catch_workers_output" = "yes"; }; - extraConfig = '' - chdir = / - php_admin_value[error_log] = 'stderr' - php_admin_flag[log_errors] = on - catch_workers_output = yes - env[PATH] = ${makeBinPath rutorrent-deps} - ''; }; }; }; diff --git a/makefu/0tests/data/secrets/ham/nextcloud-calendar b/makefu/0tests/data/secrets/ham/nextcloud-calendar new file mode 100644 index 000000000..18b159112 --- /dev/null +++ b/makefu/0tests/data/secrets/ham/nextcloud-calendar @@ -0,0 +1,5 @@ +{ + username = "bob"; + password = "rob"; +} + diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index a38a671f4..d0ba1a3c6 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -116,7 +116,7 @@ in { <stockholm/makefu/2configs/wireguard/wiregrill.nix> # Removed until move: no extra mails - <stockholm/makefu/2configs/urlwatch> + # <stockholm/makefu/2configs/urlwatch> # Removed until move: avoid letsencrypt ban ### Web <stockholm/makefu/2configs/nginx/dl.euer.krebsco.de.nix> @@ -136,7 +136,7 @@ in { <stockholm/makefu/2configs/deployment/owncloud.nix> <stockholm/makefu/2configs/deployment/board.euer.krebsco.de.nix> <stockholm/makefu/2configs/deployment/rss.euer.krebsco.de.nix> - <stockholm/makefu/2configs/deployment/feed.euer.krebsco.de> + #<stockholm/makefu/2configs/deployment/feed.euer.krebsco.de> <stockholm/makefu/2configs/deployment/boot-euer.nix> <stockholm/makefu/2configs/deployment/gecloudpad> <stockholm/makefu/2configs/deployment/docker/archiveteam-warrior.nix> diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix index 34bd42592..423ebb4c6 100644 --- a/makefu/1systems/omo/config.nix +++ b/makefu/1systems/omo/config.nix @@ -14,6 +14,15 @@ in { <stockholm/makefu/2configs/headless.nix> <stockholm/makefu/2configs/support-nixos.nix> <stockholm/makefu/2configs/nur.nix> + # x11 forwarding + { + services.openssh.forwardX11 = true; + users.users.makefu.packages = [ + pkgs.tinymediamanager + ]; + } + { environment.systemPackages = [ pkgs.youtube-dl2kodi pkgs.youtube-dl]; } + <stockholm/makefu/2configs/zsh-user.nix> <stockholm/makefu/2configs/home-manager> @@ -35,7 +44,7 @@ in { #<stockholm/makefu/2configs/share-user-sftp.nix> <stockholm/makefu/2configs/urlwatch> - <stockholm/makefu/2configs/legacy_only.nix> + # <stockholm/makefu/2configs/legacy_only.nix> <stockholm/makefu/2configs/share/omo.nix> <stockholm/makefu/2configs/dcpp/airdcpp.nix> diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix index 4e6706b25..4781af357 100644 --- a/makefu/1systems/x/config.nix +++ b/makefu/1systems/x/config.nix @@ -14,6 +14,7 @@ <stockholm/makefu/2configs/home-manager/taskwarrior.nix> <stockholm/makefu/2configs/main-laptop.nix> + <stockholm/makefu/2configs/kdeconnect.nix> <stockholm/makefu/2configs/extra-fonts.nix> <stockholm/makefu/2configs/editor/neovim> <stockholm/makefu/2configs/tools/all.nix> @@ -21,7 +22,7 @@ { systemd.services.docker.wantedBy = lib.mkForce []; } <stockholm/makefu/2configs/dict.nix> - <stockholm/makefu/2configs/legacy_only.nix> + # <stockholm/makefu/2configs/legacy_only.nix> #<stockholm/makefu/3modules/netboot_server.nix> #{ # netboot_server = { @@ -48,6 +49,7 @@ # Testing # <stockholm/makefu/2configs/deployment/gitlab.nix> + # <stockholm/makefu/2configs/deployment/docker/etherpad.nix> # <stockholm/makefu/2configs/deployment/wiki-irc-bot> # <stockholm/makefu/2configs/torrent.nix> @@ -169,8 +171,6 @@ device = "/dev/sda2"; allowDiscards = true; }; - # avoid full boot dir - boot.loader.grub.configurationLimit = 3; environment.systemPackages = [ pkgs.passwdqc-utils ]; diff --git a/makefu/2configs/dcpp/hub.nix b/makefu/2configs/dcpp/hub.nix index 92977b4c8..4566a1f4f 100644 --- a/makefu/2configs/dcpp/hub.nix +++ b/makefu/2configs/dcpp/hub.nix @@ -33,8 +33,7 @@ let uhubDir = "/var/lib/uhub"; in { - users.extraUsers = singleton { - name = ddclientUser; + users.extraUsers."${ddclientUser}" = { uid = genid "ddclient"; description = "ddclient daemon user"; home = stateDir; |