diff options
-rw-r--r-- | kartei/lass/prism.nix | 1 | ||||
-rw-r--r-- | krebs/2configs/cal.nix | 127 | ||||
-rw-r--r-- | krebs/2configs/syncthing.nix | 12 | ||||
-rw-r--r-- | krebs/5pkgs/simple/vicuna-chat/default.nix | 33 | ||||
-rw-r--r-- | krebs/nixpkgs-unstable.json | 8 | ||||
-rw-r--r-- | krebs/nixpkgs.json | 8 | ||||
-rw-r--r-- | lass/1systems/radio/source.nix | 6 | ||||
-rw-r--r-- | lass/2configs/fetchWallpaper.nix | 2 | ||||
-rw-r--r-- | lass/2configs/mail.nix | 12 | ||||
-rw-r--r-- | lass/2configs/pipewire.nix | 19 | ||||
-rw-r--r-- | lass/2configs/realwallpaper.nix | 3 | ||||
-rw-r--r-- | lass/2configs/services/radio/default.nix | 2 | ||||
-rw-r--r-- | lass/2configs/services/radio/news.nix | 29 | ||||
-rw-r--r-- | lass/2configs/themes.nix | 13 | ||||
-rw-r--r-- | lass/2configs/weron/client.nix | 20 | ||||
-rw-r--r-- | lass/2configs/weron/signaler.nix | 13 |
16 files changed, 245 insertions, 63 deletions
diff --git a/kartei/lass/prism.nix b/kartei/lass/prism.nix index d72b167b6..ac7974731 100644 --- a/kartei/lass/prism.nix +++ b/kartei/lass/prism.nix @@ -71,6 +71,7 @@ rec { "c.r" "p.r" "search.r" + "wallpaper.r" ]; tinc = { pubkey = '' diff --git a/krebs/2configs/cal.nix b/krebs/2configs/cal.nix index 90093e8eb..15f0027b3 100644 --- a/krebs/2configs/cal.nix +++ b/krebs/2configs/cal.nix @@ -1,33 +1,116 @@ -{ config, lib, pkgs, ... }: -{ - users.users.testing = { - uid = pkgs.stockholm.lib.genid_uint31 "testing"; - isNormalUser = true; - openssh.authorizedKeys.keys = [ - config.krebs.users.xkey.pubkey - config.krebs.users.lass.pubkey - ]; - packages = [ - pkgs.calendar-cli - pkgs.tmux - ]; - }; +{ config, lib, pkgs, ... }: let + + setupGit = '' + export PATH=${lib.makeBinPath [ + pkgs.coreutils + pkgs.git + ]} + export GIT_SSH_COMMAND='${pkgs.openssh}/bin/ssh -i /var/lib/radicale/.ssh/id_ed25519' + repo='git@localhost:cal' + cd /var/lib/radicale/collections + if ! test -d .git; then + git init + git config user.name "radicale" + git config user.email "radicale@${config.networking.hostName}" + elif ! url=$(git config remote.origin.url); then + git remote add origin "$repo" + elif test "$url" != "$repo"; then + git remote set-url origin "$repo" + fi + cp ${pkgs.writeText "gitignore" '' + .Radicale.cache + ''} .gitignore + git add .gitignore + ''; - services.xandikos = { + pushCal = pkgs.writeDash "push_cal" '' + ${setupGit} + git fetch origin + git merge --ff-only origin/master || : + ''; + + pushCgit = pkgs.writeDash "push_cgit" '' + ${setupGit} + git push origin master + ''; + +in { + services.radicale = { enable = true; - extraOptions = [ - "--autocreate" - "--defaults" - "--current-user-principal /krebs" - "--dump-dav-xml" - ]; + rights = { + krebs = { + user = ".*"; + collection = ".*"; + permissions = "rRwW"; + }; + }; + settings = { + auth.type = "none"; + server.hosts = [ + "0.0.0.0:5232" + "[::]:5232" + ]; + storage.filesystem_folder = "/var/lib/radicale/collections"; + storage.hook = "${pkgs.writers.writeDash "radicale-hook" '' + set -efu + ${setupGit} + ${pkgs.git}/bin/git add -A + (${pkgs.git}/bin/git diff --cached --quiet || ${pkgs.git}/bin/git commit -m "Changes by \"$1\"") + ${pushCgit} + ''} %(user)s"; + }; }; services.nginx = { enable = true; virtualHosts = { - "calendar.r".locations."/".proxyPass = "http://localhost:${toString config.services.xandikos.port}/"; + "calendar.r".locations."/".proxyPass = "http://localhost:5232/"; + }; + }; + krebs.git = { + enable = true; + cgit.settings = { + root-title = "krebs repos"; + }; + rules = with pkgs.stockholm.lib.git; [ + { + user = [ + { + name = "cal"; + pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGe1jtHaNFZKmWemWQVEGVYj+s4QGJaL9WYH+wokOZie"; + } + ] ++ (lib.attrValues config.krebs.users); + repo = [ config.krebs.git.repos.cal ]; + perm = push ''refs/heads/master'' [ create merge ]; + } + ]; + repos.cal = { + public = true; + name = "cal"; + hooks = { + post-receive = '' + ${pkgs.git-hooks.irc-announce { + channel = "#xxx"; + refs = [ + "refs/heads/master" + ]; + nick = config.networking.hostName; + server = "irc.r"; + verbose = true; + }} + /run/wrappers/bin/sudo -S -u radicale ${pushCal} + ''; + }; }; }; + krebs.secret.files.calendar = { + path = "/var/lib/radicale/.ssh/id_ed25519"; + owner = { name = "radicale"; }; + source-path = "${<secrets/radicale.id_ed25519>}"; + }; + + security.sudo.extraConfig = '' + git ALL=(radicale) NOPASSWD: ${pushCal} + ''; } diff --git a/krebs/2configs/syncthing.nix b/krebs/2configs/syncthing.nix index dac1863d5..d6d42ca11 100644 --- a/krebs/2configs/syncthing.nix +++ b/krebs/2configs/syncthing.nix @@ -1,17 +1,21 @@ -{ config, pkgs, ... }: with import <stockholm/lib>; let +{ options, config, pkgs, ... }: with import <stockholm/lib>; let mk_peers = mapAttrs (n: v: { id = v.syncthing.id; }); all_peers = filterAttrs (n: v: v.syncthing.id != null) config.krebs.hosts; - used_peer_names = unique (flatten (mapAttrsToList (n: v: v.devices) config.services.syncthing.declarative.folders)); + used_peer_names = unique (filter isString (flatten (mapAttrsToList (n: v: v.devices) config.services.syncthing.folders))); used_peers = filterAttrs (n: v: elem n used_peer_names) all_peers; in { services.syncthing = { enable = true; configDir = "/var/lib/syncthing"; - devices = mk_peers used_peers; key = toString <secrets/syncthing.key>; cert = toString <secrets/syncthing.cert>; - }; + # workaround for infinite recursion on unstable, remove in 23.11 + } // (if builtins.hasAttr "settings" options.services.syncthing then + { settings.devices = mk_peers used_peers; } + else + { devices = mk_peers used_peers; } + ); boot.kernel.sysctl."fs.inotify.max_user_watches" = 524288; } diff --git a/krebs/5pkgs/simple/vicuna-chat/default.nix b/krebs/5pkgs/simple/vicuna-chat/default.nix new file mode 100644 index 000000000..11a11aabe --- /dev/null +++ b/krebs/5pkgs/simple/vicuna-chat/default.nix @@ -0,0 +1,33 @@ +{ pkgs, ... }: +pkgs.writers.writeDashBin "vicuna-chat" '' + set -efu + + export PATH=${with pkgs; lib.makeBinPath [ + coreutils + curl + jq + ]} + + CONTEXT=''${CONTEXT:-$(date -Id)} + PROMPT=$* + + if ! test -e "$CONTEXT"; then + echo -n 'null' > "$CONTEXT" + fi + + add_to_context() { + jq -rc --argjson message "$1" '. + [$message]' "$CONTEXT" > "$CONTEXT.tmp" + mv "$CONTEXT.tmp" "$CONTEXT" + } + + add_to_context "{\"role\": \"user\", \"content\": \"$PROMPT\"}" + response=$( + jq -nc --slurpfile context "$CONTEXT" '{ + model: "vicuna-13b", + messages: $context[0], + }' | + curl -Ss http://vicuna.r/v1/chat/completions -H 'Content-Type: application/json' -d @- + ) + add_to_context "$(jq -rcn --argjson response "$response" '$response.choices[0].message')" + jq -rcn --argjson response "$response" '$response.choices[0].message.content' +'' diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json index d9e81ad37..a30dffd71 100644 --- a/krebs/nixpkgs-unstable.json +++ b/krebs/nixpkgs-unstable.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "897876e4c484f1e8f92009fd11b7d988a121a4e7", - "date": "2023-05-06T22:28:42+01:00", - "path": "/nix/store/55lpvam2wgdmrbzx0j5gf51dqrqn8wqv-nixpkgs", - "sha256": "0i9j45jwmqhiv7v8i4dmigaras3iw4hmrds2vvd5x8riln3hyizn", + "rev": "4729ffac6fd12e26e5a8de002781ffc49b0e94b7", + "date": "2023-06-05T20:59:20-06:00", + "path": "/nix/store/6r3d9mpbl3px7y8y6wcwsg60bvish21w-nixpkgs", + "sha256": "0gha78rczp5gbl6v39i2bm11kmi974akgqkj3hck5s2ri6abprsr", "fetchLFS": false, "fetchSubmodules": false, "deepClone": false, diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index 4ba72d00d..5435dd9bd 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "a08e061a4ee8329747d54ddf1566d34c55c895eb", - "date": "2023-05-09T12:11:35+02:00", - "path": "/nix/store/lwy9r49c92ml9mbvp2kx1m31p7bcpzxd-nixpkgs", - "sha256": "1h0yd0xka6wj9sbbq34gw7a9qlp044b7dhg16bmn8bv96ix55vzj", + "rev": "d83945caa7624015f11b152bf5c6c4363ffe9f7c", + "date": "2023-06-06T09:06:53+02:00", + "path": "/nix/store/vzqz4lhcfjg5npn2fm7w3qpm7h0i5baz-nixpkgs", + "sha256": "0l4axff9lqc6qq1dkm1dgdp2zv7165a42d9l2zmf4njnhm91f5w5", "fetchLFS": false, "fetchSubmodules": false, "deepClone": false, diff --git a/lass/1systems/radio/source.nix b/lass/1systems/radio/source.nix new file mode 100644 index 000000000..4acdb0c26 --- /dev/null +++ b/lass/1systems/radio/source.nix @@ -0,0 +1,6 @@ +{ lib, pkgs, test, ... }: let + npkgs = lib.importJSON ../../../krebs/nixpkgs-unstable.json; +in if test then {} else { + nixpkgs.git.ref = lib.mkForce npkgs.rev; + nixpkgs-unstable = lib.mkForce { file = "/var/empty"; }; +} diff --git a/lass/2configs/fetchWallpaper.nix b/lass/2configs/fetchWallpaper.nix index 381df494d..781dad032 100644 --- a/lass/2configs/fetchWallpaper.nix +++ b/lass/2configs/fetchWallpaper.nix @@ -5,7 +5,7 @@ let in { krebs.fetchWallpaper = { enable = true; - url = "prism/realwallpaper-krebs-stars-berlin.png"; + url = "http://wallpaper.r/realwallpaper-krebs-stars-berlin.png"; }; } diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix index 0adef8f8c..bf8904b89 100644 --- a/lass/2configs/mail.nix +++ b/lass/2configs/mail.nix @@ -124,15 +124,6 @@ let ''; muttrc = pkgs.writeText "muttrc" '' - # gpg - source ${pkgs.neomutt}/share/doc/neomutt/samples/gpg.rc - set pgp_use_gpg_agent = yes - set pgp_sign_as = 0xDC2A43EF4F11E854B44D599A89E82952976A7E4D - set crypt_autosign = no - set crypt_replyencrypt = yes - set crypt_verify_sig = yes - set pgp_verify_command = "gpg --no-verbose --batch --output - --verify %s %f" - # read html mails auto_view text/html @@ -187,8 +178,7 @@ let until ${pkgs.muchsync}/bin/muchsync -F lass@green.r; do sleep 1 done - ''}<enter> \ - 'run muchsync to green.r' + ''}<enter> #killed bind index d noop diff --git a/lass/2configs/pipewire.nix b/lass/2configs/pipewire.nix index ec5a67b6e..da9408669 100644 --- a/lass/2configs/pipewire.nix +++ b/lass/2configs/pipewire.nix @@ -22,15 +22,14 @@ pulse.enable = true; jack.enable = true; }; - - systemd.services.wireplumber = { - environment = { - HOME = "/var/lib/wireplumber"; - DISPLAY = ":0"; - }; - path = [ - pkgs.dbus - ]; - serviceConfig.StateDirectory = "wireplumber"; + environment.etc = { + "wireplumber/bluetooth.lua.d/51-bluez-config.lua".text = '' + bluez_monitor.properties = { + ["bluez5.enable-sbc-xq"] = true, + ["bluez5.enable-msbc"] = true, + ["bluez5.enable-hw-volume"] = true, + ["bluez5.headset-roles"] = "[ hsp_hs hsp_ag hfp_hf hfp_ag ]" + } + ''; }; } diff --git a/lass/2configs/realwallpaper.nix b/lass/2configs/realwallpaper.nix index a82e1d010..d81642da1 100644 --- a/lass/2configs/realwallpaper.nix +++ b/lass/2configs/realwallpaper.nix @@ -19,8 +19,7 @@ in { } ''; serverAliases = [ - hostname - "${hostname}.r" + "wallpaper.r" ]; locations."/realwallpaper/".extraConfig = '' index on; diff --git a/lass/2configs/services/radio/default.nix b/lass/2configs/services/radio/default.nix index a511196fd..16ef31b6f 100644 --- a/lass/2configs/services/radio/default.nix +++ b/lass/2configs/services/radio/default.nix @@ -82,7 +82,7 @@ in { users.users = { "${name}" = rec { inherit name; - createHome = lib.mkForce false; + createHome = true; group = name; uid = pkgs.stockholm.lib.genid_uint31 name; description = "radio manager"; diff --git a/lass/2configs/services/radio/news.nix b/lass/2configs/services/radio/news.nix index 0dc711e6c..62f7f548c 100644 --- a/lass/2configs/services/radio/news.nix +++ b/lass/2configs/services/radio/news.nix @@ -1,6 +1,31 @@ { config, lib, pkgs, ... }: let + tts = pkgs.writers.writeBashBin "tts" '' + set -efu + + offset=0 + OUTPUT=$(mktemp -d) + trap 'rm -rf "$OUTPUT"' EXIT + SPEAKER=$[ $RANDOM % 900 ] + while read line; do + echo "$line" | + ${pkgs.larynx}/bin/larynx \ + --model ${pkgs.fetchzip { + url = "https://github.com/rhasspy/piper/releases/download/v0.0.2/voice-en-us-libritts-high.tar.gz"; + hash = "sha256-jCoK4p0O7BuF0nr6Sfj40tpivCvU5M3GHKQRg1tfIO8="; + stripRoot = false; + }}/en-us-libritts-high.onnx \ + -s "$SPEAKER" \ + -f "$OUTPUT"/"$offset".wav + + ((offset+=1)) + done + + ${pkgs.sox}/bin/sox "$OUTPUT"/*.wav "$OUTPUT"/all.wav + cat "$OUTPUT"/all.wav + ''; + send_to_radio = pkgs.writers.writeDashBin "send_to_radio" '' ${pkgs.vorbis-tools}/bin/oggenc - | ${pkgs.cyberlocker-tools}/bin/cput news.ogg @@ -41,16 +66,16 @@ in systemd.services.newsshow = { path = [ newsshow + tts send_to_radio gc_news get_current_news - pkgs.curl pkgs.retry ]; script = '' set -efu retry -t 5 -d 10 -- newsshow | - retry -t 5 -d 10 -- curl -fSsG http://tts.r/api/tts --data-urlencode 'text@-' | + retry -t 5 -d 10 -- tts | retry -t 5 -d 10 -- send_to_radio ''; startAt = "*:00:00"; diff --git a/lass/2configs/themes.nix b/lass/2configs/themes.nix index eb1a53987..e9f83deea 100644 --- a/lass/2configs/themes.nix +++ b/lass/2configs/themes.nix @@ -15,6 +15,7 @@ ${pkgs.coreutils}/bin/chown lass:users /var/theme/current_theme ${pkgs.xorg.xrdb}/bin/xrdb -merge /var/theme/config/xresources ${pkgs.procps}/bin/pkill -HUP xsettingsd + ${pkgs.glib}/bin/gsettings set org.gnome.desktop.interface gtk-theme "$(cat /var/theme/config/gtk-theme)" else echo "theme $1 not found" fi @@ -37,17 +38,25 @@ in { ]; environment.systemPackages = [ switch-theme + pkgs.dracula-theme + pkgs.gnome3.adwaita-icon-theme ]; environment.etc = { + "themes/light/gtk-theme".text = '' + Adwaita + ''; "themes/light/xsettings.conf".text = '' - Net/ThemeName "Adwaita" + Net/ThemeName "Adwaita" ''; "themes/light/xresources".text = '' *background: #ffffff *foreground: #000000 ''; + "themes/dark/gtk-theme".text = '' + Dracula + ''; "themes/dark/xsettings.conf".text = '' - Net/ThemeName "Adwaita-dark" + Net/ThemeName "Dracula" ''; "themes/dark/xresources".text = '' *background: #000000 diff --git a/lass/2configs/weron/client.nix b/lass/2configs/weron/client.nix new file mode 100644 index 000000000..55bc8a0da --- /dev/null +++ b/lass/2configs/weron/client.nix @@ -0,0 +1,20 @@ +{ config, lib, pkgs, ... }: +{ + systemd.services.weron = { + wantedBy = [ "multi-user.target" ]; + environment = { + WERON_RADDR = "ws://lassul.us:23420/"; + }; + serviceConfig = { + ExecStart = pkgs.writers.writeDash "weron" '' + ${pkgs.weron}/bin/weron vpn ip \ + --community krebs \ + --password aidsballs \ + --key aidsballs \ + --ips 10.249.1.0/24 \ + --verbose 7 \ + --dev weron + ''; + }; + }; +} diff --git a/lass/2configs/weron/signaler.nix b/lass/2configs/weron/signaler.nix new file mode 100644 index 000000000..9e817583b --- /dev/null +++ b/lass/2configs/weron/signaler.nix @@ -0,0 +1,13 @@ +{ config, lib, pkgs, ... }: +{ + systemd.services.weron-signaler = { + wantedBy = [ "multi-user.target" ]; + environment = { + }; + serviceConfig = { + ExecStart = ''${pkgs.weron}/bin/weron signaler --verbose=7 --laddr ":23420"''; + }; + }; + + networking.firewall.allowedTCPPorts = [ 23420 ]; +} |