summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--kartei/lass/prism.nix1
-rw-r--r--krebs/2configs/cal.nix127
-rw-r--r--krebs/2configs/syncthing.nix12
-rw-r--r--krebs/5pkgs/simple/vicuna-chat/default.nix33
-rw-r--r--krebs/nixpkgs-unstable.json8
-rw-r--r--krebs/nixpkgs.json8
-rw-r--r--lass/1systems/radio/source.nix6
-rw-r--r--lass/2configs/fetchWallpaper.nix2
-rw-r--r--lass/2configs/mail.nix12
-rw-r--r--lass/2configs/pipewire.nix19
-rw-r--r--lass/2configs/realwallpaper.nix3
-rw-r--r--lass/2configs/services/radio/default.nix2
-rw-r--r--lass/2configs/services/radio/news.nix29
-rw-r--r--lass/2configs/themes.nix13
-rw-r--r--lass/2configs/weron/client.nix20
-rw-r--r--lass/2configs/weron/signaler.nix13
16 files changed, 245 insertions, 63 deletions
diff --git a/kartei/lass/prism.nix b/kartei/lass/prism.nix
index d72b167b6..ac7974731 100644
--- a/kartei/lass/prism.nix
+++ b/kartei/lass/prism.nix
@@ -71,6 +71,7 @@ rec {
"c.r"
"p.r"
"search.r"
+ "wallpaper.r"
];
tinc = {
pubkey = ''
diff --git a/krebs/2configs/cal.nix b/krebs/2configs/cal.nix
index 90093e8eb..15f0027b3 100644
--- a/krebs/2configs/cal.nix
+++ b/krebs/2configs/cal.nix
@@ -1,33 +1,116 @@
-{ config, lib, pkgs, ... }:
-{
- users.users.testing = {
- uid = pkgs.stockholm.lib.genid_uint31 "testing";
- isNormalUser = true;
- openssh.authorizedKeys.keys = [
- config.krebs.users.xkey.pubkey
- config.krebs.users.lass.pubkey
- ];
- packages = [
- pkgs.calendar-cli
- pkgs.tmux
- ];
- };
+{ config, lib, pkgs, ... }: let
+
+ setupGit = ''
+ export PATH=${lib.makeBinPath [
+ pkgs.coreutils
+ pkgs.git
+ ]}
+ export GIT_SSH_COMMAND='${pkgs.openssh}/bin/ssh -i /var/lib/radicale/.ssh/id_ed25519'
+ repo='git@localhost:cal'
+ cd /var/lib/radicale/collections
+ if ! test -d .git; then
+ git init
+ git config user.name "radicale"
+ git config user.email "radicale@${config.networking.hostName}"
+ elif ! url=$(git config remote.origin.url); then
+ git remote add origin "$repo"
+ elif test "$url" != "$repo"; then
+ git remote set-url origin "$repo"
+ fi
+ cp ${pkgs.writeText "gitignore" ''
+ .Radicale.cache
+ ''} .gitignore
+ git add .gitignore
+ '';
- services.xandikos = {
+ pushCal = pkgs.writeDash "push_cal" ''
+ ${setupGit}
+ git fetch origin
+ git merge --ff-only origin/master || :
+ '';
+
+ pushCgit = pkgs.writeDash "push_cgit" ''
+ ${setupGit}
+ git push origin master
+ '';
+
+in {
+ services.radicale = {
enable = true;
- extraOptions = [
- "--autocreate"
- "--defaults"
- "--current-user-principal /krebs"
- "--dump-dav-xml"
- ];
+ rights = {
+ krebs = {
+ user = ".*";
+ collection = ".*";
+ permissions = "rRwW";
+ };
+ };
+ settings = {
+ auth.type = "none";
+ server.hosts = [
+ "0.0.0.0:5232"
+ "[::]:5232"
+ ];
+ storage.filesystem_folder = "/var/lib/radicale/collections";
+ storage.hook = "${pkgs.writers.writeDash "radicale-hook" ''
+ set -efu
+ ${setupGit}
+ ${pkgs.git}/bin/git add -A
+ (${pkgs.git}/bin/git diff --cached --quiet || ${pkgs.git}/bin/git commit -m "Changes by \"$1\"")
+ ${pushCgit}
+ ''} %(user)s";
+ };
};
services.nginx = {
enable = true;
virtualHosts = {
- "calendar.r".locations."/".proxyPass = "http://localhost:${toString config.services.xandikos.port}/";
+ "calendar.r".locations."/".proxyPass = "http://localhost:5232/";
+ };
+ };
+ krebs.git = {
+ enable = true;
+ cgit.settings = {
+ root-title = "krebs repos";
+ };
+ rules = with pkgs.stockholm.lib.git; [
+ {
+ user = [
+ {
+ name = "cal";
+ pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGe1jtHaNFZKmWemWQVEGVYj+s4QGJaL9WYH+wokOZie";
+ }
+ ] ++ (lib.attrValues config.krebs.users);
+ repo = [ config.krebs.git.repos.cal ];
+ perm = push ''refs/heads/master'' [ create merge ];
+ }
+ ];
+ repos.cal = {
+ public = true;
+ name = "cal";
+ hooks = {
+ post-receive = ''
+ ${pkgs.git-hooks.irc-announce {
+ channel = "#xxx";
+ refs = [
+ "refs/heads/master"
+ ];
+ nick = config.networking.hostName;
+ server = "irc.r";
+ verbose = true;
+ }}
+ /run/wrappers/bin/sudo -S -u radicale ${pushCal}
+ '';
+ };
};
};
+ krebs.secret.files.calendar = {
+ path = "/var/lib/radicale/.ssh/id_ed25519";
+ owner = { name = "radicale"; };
+ source-path = "${<secrets/radicale.id_ed25519>}";
+ };
+
+ security.sudo.extraConfig = ''
+ git ALL=(radicale) NOPASSWD: ${pushCal}
+ '';
}
diff --git a/krebs/2configs/syncthing.nix b/krebs/2configs/syncthing.nix
index dac1863d5..d6d42ca11 100644
--- a/krebs/2configs/syncthing.nix
+++ b/krebs/2configs/syncthing.nix
@@ -1,17 +1,21 @@
-{ config, pkgs, ... }: with import <stockholm/lib>; let
+{ options, config, pkgs, ... }: with import <stockholm/lib>; let
mk_peers = mapAttrs (n: v: { id = v.syncthing.id; });
all_peers = filterAttrs (n: v: v.syncthing.id != null) config.krebs.hosts;
- used_peer_names = unique (flatten (mapAttrsToList (n: v: v.devices) config.services.syncthing.declarative.folders));
+ used_peer_names = unique (filter isString (flatten (mapAttrsToList (n: v: v.devices) config.services.syncthing.folders)));
used_peers = filterAttrs (n: v: elem n used_peer_names) all_peers;
in {
services.syncthing = {
enable = true;
configDir = "/var/lib/syncthing";
- devices = mk_peers used_peers;
key = toString <secrets/syncthing.key>;
cert = toString <secrets/syncthing.cert>;
- };
+ # workaround for infinite recursion on unstable, remove in 23.11
+ } // (if builtins.hasAttr "settings" options.services.syncthing then
+ { settings.devices = mk_peers used_peers; }
+ else
+ { devices = mk_peers used_peers; }
+ );
boot.kernel.sysctl."fs.inotify.max_user_watches" = 524288;
}
diff --git a/krebs/5pkgs/simple/vicuna-chat/default.nix b/krebs/5pkgs/simple/vicuna-chat/default.nix
new file mode 100644
index 000000000..11a11aabe
--- /dev/null
+++ b/krebs/5pkgs/simple/vicuna-chat/default.nix
@@ -0,0 +1,33 @@
+{ pkgs, ... }:
+pkgs.writers.writeDashBin "vicuna-chat" ''
+ set -efu
+
+ export PATH=${with pkgs; lib.makeBinPath [
+ coreutils
+ curl
+ jq
+ ]}
+
+ CONTEXT=''${CONTEXT:-$(date -Id)}
+ PROMPT=$*
+
+ if ! test -e "$CONTEXT"; then
+ echo -n 'null' > "$CONTEXT"
+ fi
+
+ add_to_context() {
+ jq -rc --argjson message "$1" '. + [$message]' "$CONTEXT" > "$CONTEXT.tmp"
+ mv "$CONTEXT.tmp" "$CONTEXT"
+ }
+
+ add_to_context "{\"role\": \"user\", \"content\": \"$PROMPT\"}"
+ response=$(
+ jq -nc --slurpfile context "$CONTEXT" '{
+ model: "vicuna-13b",
+ messages: $context[0],
+ }' |
+ curl -Ss http://vicuna.r/v1/chat/completions -H 'Content-Type: application/json' -d @-
+ )
+ add_to_context "$(jq -rcn --argjson response "$response" '$response.choices[0].message')"
+ jq -rcn --argjson response "$response" '$response.choices[0].message.content'
+''
diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json
index d9e81ad37..a30dffd71 100644
--- a/krebs/nixpkgs-unstable.json
+++ b/krebs/nixpkgs-unstable.json
@@ -1,9 +1,9 @@
{
"url": "https://github.com/NixOS/nixpkgs",
- "rev": "897876e4c484f1e8f92009fd11b7d988a121a4e7",
- "date": "2023-05-06T22:28:42+01:00",
- "path": "/nix/store/55lpvam2wgdmrbzx0j5gf51dqrqn8wqv-nixpkgs",
- "sha256": "0i9j45jwmqhiv7v8i4dmigaras3iw4hmrds2vvd5x8riln3hyizn",
+ "rev": "4729ffac6fd12e26e5a8de002781ffc49b0e94b7",
+ "date": "2023-06-05T20:59:20-06:00",
+ "path": "/nix/store/6r3d9mpbl3px7y8y6wcwsg60bvish21w-nixpkgs",
+ "sha256": "0gha78rczp5gbl6v39i2bm11kmi974akgqkj3hck5s2ri6abprsr",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json
index 4ba72d00d..5435dd9bd 100644
--- a/krebs/nixpkgs.json
+++ b/krebs/nixpkgs.json
@@ -1,9 +1,9 @@
{
"url": "https://github.com/NixOS/nixpkgs",
- "rev": "a08e061a4ee8329747d54ddf1566d34c55c895eb",
- "date": "2023-05-09T12:11:35+02:00",
- "path": "/nix/store/lwy9r49c92ml9mbvp2kx1m31p7bcpzxd-nixpkgs",
- "sha256": "1h0yd0xka6wj9sbbq34gw7a9qlp044b7dhg16bmn8bv96ix55vzj",
+ "rev": "d83945caa7624015f11b152bf5c6c4363ffe9f7c",
+ "date": "2023-06-06T09:06:53+02:00",
+ "path": "/nix/store/vzqz4lhcfjg5npn2fm7w3qpm7h0i5baz-nixpkgs",
+ "sha256": "0l4axff9lqc6qq1dkm1dgdp2zv7165a42d9l2zmf4njnhm91f5w5",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
diff --git a/lass/1systems/radio/source.nix b/lass/1systems/radio/source.nix
new file mode 100644
index 000000000..4acdb0c26
--- /dev/null
+++ b/lass/1systems/radio/source.nix
@@ -0,0 +1,6 @@
+{ lib, pkgs, test, ... }: let
+ npkgs = lib.importJSON ../../../krebs/nixpkgs-unstable.json;
+in if test then {} else {
+ nixpkgs.git.ref = lib.mkForce npkgs.rev;
+ nixpkgs-unstable = lib.mkForce { file = "/var/empty"; };
+}
diff --git a/lass/2configs/fetchWallpaper.nix b/lass/2configs/fetchWallpaper.nix
index 381df494d..781dad032 100644
--- a/lass/2configs/fetchWallpaper.nix
+++ b/lass/2configs/fetchWallpaper.nix
@@ -5,7 +5,7 @@ let
in {
krebs.fetchWallpaper = {
enable = true;
- url = "prism/realwallpaper-krebs-stars-berlin.png";
+ url = "http://wallpaper.r/realwallpaper-krebs-stars-berlin.png";
};
}
diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix
index 0adef8f8c..bf8904b89 100644
--- a/lass/2configs/mail.nix
+++ b/lass/2configs/mail.nix
@@ -124,15 +124,6 @@ let
'';
muttrc = pkgs.writeText "muttrc" ''
- # gpg
- source ${pkgs.neomutt}/share/doc/neomutt/samples/gpg.rc
- set pgp_use_gpg_agent = yes
- set pgp_sign_as = 0xDC2A43EF4F11E854B44D599A89E82952976A7E4D
- set crypt_autosign = no
- set crypt_replyencrypt = yes
- set crypt_verify_sig = yes
- set pgp_verify_command = "gpg --no-verbose --batch --output - --verify %s %f"
-
# read html mails
auto_view text/html
@@ -187,8 +178,7 @@ let
until ${pkgs.muchsync}/bin/muchsync -F lass@green.r; do
sleep 1
done
- ''}<enter> \
- 'run muchsync to green.r'
+ ''}<enter>
#killed
bind index d noop
diff --git a/lass/2configs/pipewire.nix b/lass/2configs/pipewire.nix
index ec5a67b6e..da9408669 100644
--- a/lass/2configs/pipewire.nix
+++ b/lass/2configs/pipewire.nix
@@ -22,15 +22,14 @@
pulse.enable = true;
jack.enable = true;
};
-
- systemd.services.wireplumber = {
- environment = {
- HOME = "/var/lib/wireplumber";
- DISPLAY = ":0";
- };
- path = [
- pkgs.dbus
- ];
- serviceConfig.StateDirectory = "wireplumber";
+ environment.etc = {
+ "wireplumber/bluetooth.lua.d/51-bluez-config.lua".text = ''
+ bluez_monitor.properties = {
+ ["bluez5.enable-sbc-xq"] = true,
+ ["bluez5.enable-msbc"] = true,
+ ["bluez5.enable-hw-volume"] = true,
+ ["bluez5.headset-roles"] = "[ hsp_hs hsp_ag hfp_hf hfp_ag ]"
+ }
+ '';
};
}
diff --git a/lass/2configs/realwallpaper.nix b/lass/2configs/realwallpaper.nix
index a82e1d010..d81642da1 100644
--- a/lass/2configs/realwallpaper.nix
+++ b/lass/2configs/realwallpaper.nix
@@ -19,8 +19,7 @@ in {
}
'';
serverAliases = [
- hostname
- "${hostname}.r"
+ "wallpaper.r"
];
locations."/realwallpaper/".extraConfig = ''
index on;
diff --git a/lass/2configs/services/radio/default.nix b/lass/2configs/services/radio/default.nix
index a511196fd..16ef31b6f 100644
--- a/lass/2configs/services/radio/default.nix
+++ b/lass/2configs/services/radio/default.nix
@@ -82,7 +82,7 @@ in {
users.users = {
"${name}" = rec {
inherit name;
- createHome = lib.mkForce false;
+ createHome = true;
group = name;
uid = pkgs.stockholm.lib.genid_uint31 name;
description = "radio manager";
diff --git a/lass/2configs/services/radio/news.nix b/lass/2configs/services/radio/news.nix
index 0dc711e6c..62f7f548c 100644
--- a/lass/2configs/services/radio/news.nix
+++ b/lass/2configs/services/radio/news.nix
@@ -1,6 +1,31 @@
{ config, lib, pkgs, ... }:
let
+ tts = pkgs.writers.writeBashBin "tts" ''
+ set -efu
+
+ offset=0
+ OUTPUT=$(mktemp -d)
+ trap 'rm -rf "$OUTPUT"' EXIT
+ SPEAKER=$[ $RANDOM % 900 ]
+ while read line; do
+ echo "$line" |
+ ${pkgs.larynx}/bin/larynx \
+ --model ${pkgs.fetchzip {
+ url = "https://github.com/rhasspy/piper/releases/download/v0.0.2/voice-en-us-libritts-high.tar.gz";
+ hash = "sha256-jCoK4p0O7BuF0nr6Sfj40tpivCvU5M3GHKQRg1tfIO8=";
+ stripRoot = false;
+ }}/en-us-libritts-high.onnx \
+ -s "$SPEAKER" \
+ -f "$OUTPUT"/"$offset".wav
+
+ ((offset+=1))
+ done
+
+ ${pkgs.sox}/bin/sox "$OUTPUT"/*.wav "$OUTPUT"/all.wav
+ cat "$OUTPUT"/all.wav
+ '';
+
send_to_radio = pkgs.writers.writeDashBin "send_to_radio" ''
${pkgs.vorbis-tools}/bin/oggenc - |
${pkgs.cyberlocker-tools}/bin/cput news.ogg
@@ -41,16 +66,16 @@ in
systemd.services.newsshow = {
path = [
newsshow
+ tts
send_to_radio
gc_news
get_current_news
- pkgs.curl
pkgs.retry
];
script = ''
set -efu
retry -t 5 -d 10 -- newsshow |
- retry -t 5 -d 10 -- curl -fSsG http://tts.r/api/tts --data-urlencode 'text@-' |
+ retry -t 5 -d 10 -- tts |
retry -t 5 -d 10 -- send_to_radio
'';
startAt = "*:00:00";
diff --git a/lass/2configs/themes.nix b/lass/2configs/themes.nix
index eb1a53987..e9f83deea 100644
--- a/lass/2configs/themes.nix
+++ b/lass/2configs/themes.nix
@@ -15,6 +15,7 @@
${pkgs.coreutils}/bin/chown lass:users /var/theme/current_theme
${pkgs.xorg.xrdb}/bin/xrdb -merge /var/theme/config/xresources
${pkgs.procps}/bin/pkill -HUP xsettingsd
+ ${pkgs.glib}/bin/gsettings set org.gnome.desktop.interface gtk-theme "$(cat /var/theme/config/gtk-theme)"
else
echo "theme $1 not found"
fi
@@ -37,17 +38,25 @@ in {
];
environment.systemPackages = [
switch-theme
+ pkgs.dracula-theme
+ pkgs.gnome3.adwaita-icon-theme
];
environment.etc = {
+ "themes/light/gtk-theme".text = ''
+ Adwaita
+ '';
"themes/light/xsettings.conf".text = ''
- Net/ThemeName "Adwaita"
+ Net/ThemeName "Adwaita"
'';
"themes/light/xresources".text = ''
*background: #ffffff
*foreground: #000000
'';
+ "themes/dark/gtk-theme".text = ''
+ Dracula
+ '';
"themes/dark/xsettings.conf".text = ''
- Net/ThemeName "Adwaita-dark"
+ Net/ThemeName "Dracula"
'';
"themes/dark/xresources".text = ''
*background: #000000
diff --git a/lass/2configs/weron/client.nix b/lass/2configs/weron/client.nix
new file mode 100644
index 000000000..55bc8a0da
--- /dev/null
+++ b/lass/2configs/weron/client.nix
@@ -0,0 +1,20 @@
+{ config, lib, pkgs, ... }:
+{
+ systemd.services.weron = {
+ wantedBy = [ "multi-user.target" ];
+ environment = {
+ WERON_RADDR = "ws://lassul.us:23420/";
+ };
+ serviceConfig = {
+ ExecStart = pkgs.writers.writeDash "weron" ''
+ ${pkgs.weron}/bin/weron vpn ip \
+ --community krebs \
+ --password aidsballs \
+ --key aidsballs \
+ --ips 10.249.1.0/24 \
+ --verbose 7 \
+ --dev weron
+ '';
+ };
+ };
+}
diff --git a/lass/2configs/weron/signaler.nix b/lass/2configs/weron/signaler.nix
new file mode 100644
index 000000000..9e817583b
--- /dev/null
+++ b/lass/2configs/weron/signaler.nix
@@ -0,0 +1,13 @@
+{ config, lib, pkgs, ... }:
+{
+ systemd.services.weron-signaler = {
+ wantedBy = [ "multi-user.target" ];
+ environment = {
+ };
+ serviceConfig = {
+ ExecStart = ''${pkgs.weron}/bin/weron signaler --verbose=7 --laddr ":23420"'';
+ };
+ };
+
+ networking.firewall.allowedTCPPorts = [ 23420 ];
+}