summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/3modules/exim-retiolum.nix23
-rw-r--r--krebs/3modules/external/default.nix4
-rw-r--r--krebs/3modules/external/mic92.nix34
-rw-r--r--krebs/3modules/external/ssh/shannan.pub1
-rw-r--r--krebs/3modules/lass/default.nix39
-rw-r--r--krebs/3modules/tinc.nix6
-rw-r--r--krebs/5pkgs/haskell/email-header.nix5
-rw-r--r--krebs/5pkgs/simple/realwallpaper/default.nix5
-rw-r--r--krebs/nixpkgs-unstable.json11
-rw-r--r--krebs/nixpkgs.json11
-rw-r--r--lass/1systems/green/source.nix13
-rw-r--r--lass/1systems/prism/config.nix11
-rw-r--r--lass/1systems/styx/config.nix80
-rw-r--r--lass/1systems/styx/physical.nix34
-rw-r--r--lass/2configs/default.nix1
-rw-r--r--lass/2configs/hass/default.nix2
-rw-r--r--lass/2configs/hass/rooms/bett.nix62
-rw-r--r--lass/2configs/hass/rooms/essen.nix2
-rw-r--r--lass/2configs/hass/rooms/nass.nix2
-rw-r--r--lass/2configs/hass/zigbee.nix58
-rw-r--r--lass/2configs/jitsi.nix21
-rw-r--r--lass/2configs/radio.nix61
-rw-r--r--lass/2configs/tv.nix160
-rw-r--r--lass/2configs/websites/domsen.nix2
-rw-r--r--lass/3modules/default.nix1
-rw-r--r--lass/3modules/hass.nix51
-rw-r--r--tv/2configs/default.nix2
27 files changed, 512 insertions, 190 deletions
diff --git a/krebs/3modules/exim-retiolum.nix b/krebs/3modules/exim-retiolum.nix
index 118a8b2d5..a16661c9f 100644
--- a/krebs/3modules/exim-retiolum.nix
+++ b/krebs/3modules/exim-retiolum.nix
@@ -10,6 +10,11 @@ with import <stockholm/lib>;
(s: substring 1 (stringLength s - 2) s)
(toJSON value);
+ to-lsearch = concatMapStrings ({ from, to, ... }: "${from}: ${to}\n");
+ lsearch = mapAttrs (name: set: toFile name (to-lsearch set)) ({
+ inherit (cfg) system-aliases;
+ });
+
in {
options.krebs.exim-retiolum = {
enable = mkEnableOption "krebs.exim-retiolum";
@@ -59,6 +64,19 @@ in {
};
};
};
+ system-aliases = mkOption {
+ type = types.listOf (types.submodule ({
+ options = {
+ from = mkOption {
+ type = types.str; # TODO e-mail address
+ };
+ to = mkOption {
+ type = types.str; # TODO e-mail address / TODO listOf
+ };
+ };
+ }));
+ default = [];
+ };
};
imports = [
{
@@ -145,6 +163,11 @@ in {
begin routers
+ system_aliases:
+ debug_print = "R: system_aliases for $local_part@$domain"
+ driver = redirect
+ data = ''${lookup{$local_part}lsearch{${lsearch.system-aliases}}}
+
local:
driver = accept
domains = +local_domains
diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix
index d14526703..277169e11 100644
--- a/krebs/3modules/external/default.nix
+++ b/krebs/3modules/external/default.nix
@@ -608,6 +608,10 @@ in {
mail = "joerg@thalheim.io";
pubkey = ssh-for "mic92";
};
+ shannan = {
+ mail = "shannan@lekwati.com";
+ pubkey = ssh-for "shannan";
+ };
qubasa = {
mail = "luis.nixos@gmail.com";
pubkey = ssh-for "qubasa";
diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix
index 39d738337..29d0b27fa 100644
--- a/krebs/3modules/external/mic92.nix
+++ b/krebs/3modules/external/mic92.nix
@@ -347,7 +347,10 @@ in {
nets = {
retiolum = {
ip4.addr = "10.243.29.171";
- aliases = [ "rock.r" ];
+ aliases = [
+ "rock.r"
+ "loki.r"
+ ];
tinc.pubkey = ''
-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0uhNk3XXVxQcIVhD1Ime
@@ -465,6 +468,7 @@ in {
aliases = [
"eva.r"
"prometheus.r"
+ "alertmanager.r"
];
tinc.pubkey = ''
-----BEGIN PUBLIC KEY-----
@@ -508,5 +512,33 @@ in {
};
};
};
+ bernie = {
+ owner = config.krebs.users.mic92;
+ nets = rec {
+ retiolum = {
+ addrs = [
+ config.krebs.hosts.bernie.nets.retiolum.ip4.addr
+ config.krebs.hosts.bernie.nets.retiolum.ip6.addr
+ ];
+ ip4.addr = "10.243.29.169";
+ aliases = [ "bernie.r" ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIICCgKCAgEApH5nG/Lwe/LiBkdL38vk1QcjOG/kf8dUqifouB56OQqe+MXASTSM
+ vhipszZqXVGgWRVrSH3WSZt0YAXTQQGEjtnAr6fSSnUek21omRGFgr47LiGJp9R8
+ OuhGPQs1sykIyl3HNSvDxj2EfWrXO73bKQPYdGIlfJWmsL69akWGlyYdEK1kloLC
+ ld5+eYICjiTtqAQ8snZQNaPIucW4cGOa0sATUP4H1jbDWtFCKE2/mR/gGo/W/opC
+ oOcJM7d5mb63blWVp9Zji/Gb64QltR50N3qvwc6W5ANHXIV97jYcNhSGqTsV0CEd
+ n0cqUqymh2e8fJdmbB4DvwqhWITn6nwuFOWoVCSFMmbiidyTm3RAH9ztZARzsQRL
+ Nj8OmeAr+plrzNH7AJpSkz30zukawCnbt+qWjqXLULH4kxJfOwzVh+KDfLzy7iLe
+ OWWrblgJZA2GHKzCC5zntNujW6Nr2AliSY2Hch2XfkLTWeNtclKIEXMkRxif5oxm
+ XpEJJ3lqdXz9/e37R/mkWVrdhpVfll2/v5c/PlnKMzky2mgkGpzegO0IiQcdJjrl
+ fuXAsh5UbnE5kt6vKL5aducScatyd5FRkNumKG5ji26eZR4lZmXn380JLDInV4n7
+ SODZL2fQFBnSD1wTWcq9Q/luPh4FitzJUZzHexvNxR/KBZycZJtdVw8CAwEAAQ==
+ -----END RSA PUBLIC KEY-----
+ '';
+ };
+ };
+ };
};
}
diff --git a/krebs/3modules/external/ssh/shannan.pub b/krebs/3modules/external/ssh/shannan.pub
new file mode 100644
index 000000000..ed89d702a
--- /dev/null
+++ b/krebs/3modules/external/ssh/shannan.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOBXTForyB6oNMK5bbGpALKU4lPsKRGxNLhrE/PnHHq7 shannan@bernie
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index d2a945284..3466ef8eb 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -645,6 +645,45 @@ in {
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPARXXe0HaP1r0pLqtInhnbYSZsP0g4VC6aaWP7qi5+w";
syncthing.id = "J6PHKTS-2JG5NOL-H5ZWOF6-6L6ENA7-L4RO6DV-BQHU7YL-CHOLDCC-S5YX3AC";
};
+ styx = {
+ cores = 1;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.11.1";
+ ip6.addr = r6 "111";
+ aliases = [
+ "styx.r"
+ ];
+ tinc.pubkey = ''
+ -----BEGIN PUBLIC KEY-----
+ MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAuMJFklzpbxoDGD8LQ3tn
+ ETYrLu/TJjq5iSQx/JbbonJriMS3X/0+m8JREzeol67svQDuZEXTEg5EfEldxrrU
+ aZpNmTSmFbj2NLLCIfNBL/oLOvg9ElzhN+f+4jvakfEKi7Y7LekV25VVGrHbOEVE
+ 3G6XWfHx5qO5Vd6kqNWQKD3LG38aZ/Lx9XYDMbujYxPGCtOsabtAz8BKo/RgOZzi
+ 6A/54RFhdecJm0VoQk3iKpp2YqyCN6dLfJVLil4cREs4sW6nDyF4Y4l3dtZdfskq
+ m/MoZt6fwOjNIKuI9DGdU4/X1hQelnemstzxY5x1XwG52cz+ww0h7pMF2aggsHqn
+ Vmaq3b0fXrbn066Ybkbhz3UEIU9zKQGYaANGCnXxbvkd5lWbIN60GEXGE3zYJSAt
+ EH3FLDTGa27fTNgAnbdnSV40KWKN4FM0iY/xrt3aOXfneTP9S2fqzTVEL9vd04C/
+ 7RWvRjvZ7mlAi+kVKSHkOibFVjeo+Z4Pvw5YxCAavrjXCiWj8zP8o3MNWcq/bMao
+ Uk9zBMXymm8zX43w5LNnhf59oitBjiY/mzZ3NDI9N3szMvJsaUEnhO4Kq1CWtMs2
+ 6/TpEyRSmen1UmNwgKKFx3rELuctwMmNbOLL8cGLotEBhIk7vnZKD7NvLVX7xtOF
+ wzhy2N6a3ypB4XqM7dBzzAUCAwEAAQ==
+ -----END PUBLIC KEY-----
+ '';
+ };
+ wiregrill = {
+ ip6.addr = w6 "111";
+ aliases = [
+ "styx.w"
+ ];
+ wireguard.pubkey = ''
+ 0BZfd8f0pZMRfyoHrdYZY0cR5zfFvJcS8gQLn6xGuFs=
+ '';
+ };
+ };
+ ssh.privkey.path = <secrets/ssh.id_ed25519>;
+ ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII3OpzRB3382d7c2apdHC+U/R0ZlaWxXZa3GFAj54ZhU ";
+ };
};
users = rec {
lass = lass-blue;
diff --git a/krebs/3modules/tinc.nix b/krebs/3modules/tinc.nix
index 0f5e1aa83..4252c8d3b 100644
--- a/krebs/3modules/tinc.nix
+++ b/krebs/3modules/tinc.nix
@@ -112,13 +112,15 @@ let
hostsArchive = mkOption {
type = types.package;
- default = pkgs.runCommand "retiolum-hosts.tar.bz2" {} ''
+ default = pkgs.runCommand "retiolum-hosts.tar.bz2" {
+ nativeBuildInputs = [ pkgs.gnutar pkgs.coreutils ];
+ } ''
cp \
--no-preserve=mode \
--recursive \
${tinc.config.hostsPackage} \
hosts
- ${pkgs.gnutar}/bin/tar -cjf $out hosts
+ tar -cjf $out hosts
'';
readOnly = true;
};
diff --git a/krebs/5pkgs/haskell/email-header.nix b/krebs/5pkgs/haskell/email-header.nix
index b1e8e1153..94b33e28b 100644
--- a/krebs/5pkgs/haskell/email-header.nix
+++ b/krebs/5pkgs/haskell/email-header.nix
@@ -10,6 +10,11 @@ with import <stockholm/lib>;
rev = "7b179bd31192ead8afe7a0b6e34bcad4039deaa8";
sha256 = "12j2n3sbvzjnw99gga7kkdygm8n3qx2lh8q26ad6a53xm5whnz59";
};
+ "20.03" = {
+ version = "0.4.1-tv1";
+ rev = "refs/tags/v${cfg.version}";
+ sha256 = "11xjivpj495r2ss9aqljnpzzycb57cm4sr7yzmf939rzwsd3ib0x";
+ };
}.${versions.majorMinor version} or {
version = "0.4.1-tv2";
rev = "refs/tags/v${cfg.version}";
diff --git a/krebs/5pkgs/simple/realwallpaper/default.nix b/krebs/5pkgs/simple/realwallpaper/default.nix
index 72a314ba9..56a7dfb98 100644
--- a/krebs/5pkgs/simple/realwallpaper/default.nix
+++ b/krebs/5pkgs/simple/realwallpaper/default.nix
@@ -108,7 +108,10 @@ pkgs.writers.writeDashBin "generate-wallpaper" ''
'https://neo.sci.gsfc.nasa.gov/view.php?datasetId=MOD14A1_E_FIRE') &
# regular fetches
- fetch marker.json "$marker_url" &
+ fetch marker.json.tmp "$marker_url"
+ if [ -s marker.json.tmp ]; then
+ mv marker.json.tmp marker.json
+ fi
fetch sun-raw.jpg 'https://sdo.gsfc.nasa.gov/assets/img/latest/latest_512_0171.jpg' &
wait
diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json
index 9ea1d4141..4f07b0e88 100644
--- a/krebs/nixpkgs-unstable.json
+++ b/krebs/nixpkgs-unstable.json
@@ -1,7 +1,10 @@
{
"url": "https://github.com/NixOS/nixpkgs",
- "rev": "34ad166a830d3ac1541dcce571c52231f2f0865a",
- "date": "2020-11-02T21:18:15-05:00",
- "sha256": "1jvi1562x3kq65w642vfimpszv65zbc7c2nv8gakhzcx4n3f47xq",
- "fetchSubmodules": false
+ "rev": "e9158eca70ae59e73fae23be5d13d3fa0cfc78b4",
+ "date": "2020-12-09T15:09:49+01:00",
+ "path": "/nix/store/cx4wf6pi1l2p01sz7png891m65kinfz3-nixpkgs",
+ "sha256": "0cnmvnvin9ixzl98fmlm3g17l6w95gifqfb3rfxs55c0wj2ddy53",
+ "fetchSubmodules": false,
+ "deepClone": false,
+ "leaveDotGit": false
}
diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json
index b21087764..44e373b81 100644
--- a/krebs/nixpkgs.json
+++ b/krebs/nixpkgs.json
@@ -1,7 +1,10 @@
{
"url": "https://github.com/NixOS/nixpkgs",
- "rev": "f41c0fc7d8e49d94220f74495d4d702922df2a67",
- "date": "2020-11-15T21:38:00-06:00",
- "sha256": "01wim7ayn69y056q28ifw2f0mdypidpc0z15dda54aj5yy5vai09",
- "fetchSubmodules": false
+ "rev": "3d2d8f281a27d466fa54b469b5993f7dde198375",
+ "date": "2020-12-20T14:17:36+01:00",
+ "path": "/nix/store/mqn37480fj6x9xbq3igz4haw3m2lc7fm-nixpkgs",
+ "sha256": "1hfis53xyzy6hfdivlwkwdy7irbhk7c500a4lf7x43cfkijx5ks1",
+ "fetchSubmodules": false,
+ "deepClone": false,
+ "leaveDotGit": false
}
diff --git a/lass/1systems/green/source.nix b/lass/1systems/green/source.nix
index 21f3a8bd5..48499c9db 100644
--- a/lass/1systems/green/source.nix
+++ b/lass/1systems/green/source.nix
@@ -1,14 +1,5 @@
{ lib, pkgs, ... }:
{
- nixpkgs = lib.mkForce {
- file = {
- path = toString (pkgs.fetchFromGitHub {
- owner = "nixos";
- repo = "nixpkgs";
- rev = (lib.importJSON ../../../krebs/nixpkgs.json).rev;
- sha256 = (lib.importJSON ../../../krebs/nixpkgs.json).sha256;
- });
- useChecksum = true;
- };
- };
+ nixpkgs-unstable = lib.mkForce { file = "/var/empty"; };
+ nixpkgs.git.shallow = true;
}
diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index 944a68beb..f63c6a05a 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -6,6 +6,7 @@ with import <stockholm/lib>;
<stockholm/lass>
<stockholm/lass/2configs/retiolum.nix>
<stockholm/lass/2configs/libvirt.nix>
+ <stockholm/lass/2configs/tv.nix>
{
services.nginx.enable = true;
imports = [
@@ -120,6 +121,7 @@ with import <stockholm/lib>;
<stockholm/lass/2configs/reaktor-coders.nix>
<stockholm/lass/2configs/ciko.nix>
<stockholm/lass/2configs/container-networking.nix>
+ <stockholm/lass/2configs/jitsi.nix>
{ # quasi bepasty.nix
imports = [
<stockholm/lass/2configs/bepasty.nix>
@@ -392,6 +394,15 @@ with import <stockholm/lib>;
];
}
{
+ users.users.shannan = {
+ uid = genid_uint31 "shannan";
+ isNormalUser = true;
+ openssh.authorizedKeys.keys = [
+ config.krebs.users.shannan.pubkey
+ ];
+ };
+ }
+ {
nix.trustedUsers = [ "mic92" ];
users.users.mic92 = {
uid = genid_uint31 "mic92";
diff --git a/lass/1systems/styx/config.nix b/lass/1systems/styx/config.nix
new file mode 100644
index 000000000..4c3ae1411
--- /dev/null
+++ b/lass/1systems/styx/config.nix
@@ -0,0 +1,80 @@
+{ config, pkgs, ... }:
+
+with import <stockholm/lib>;
+{
+ imports = [
+ <stockholm/lass>
+
+ <stockholm/lass/2configs/mouse.nix>
+ <stockholm/lass/2configs/retiolum.nix>
+ <stockholm/lass/2configs/baseX.nix>
+ <stockholm/lass/2configs/exim-retiolum.nix>
+ <stockholm/lass/2configs/browsers.nix>
+ <stockholm/lass/2configs/programs.nix>
+ <stockholm/lass/2configs/nfs-dl.nix>
+ # <stockholm/lass/2configs/gg23.nix>
+ # <stockholm/lass/2configs/hass>
+ # <stockholm/lass/2configs/br.nix>
+ <stockholm/lass/2configs/fetchWallpaper.nix>
+ <stockholm/lass/2configs/home-media.nix>
+ # <stockholm/lass/2configs/syncthing.nix>
+ # <stockholm/lass/2configs/sync/sync.nix>
+ # <stockholm/lass/2configs/idc.nix>
+ ];
+
+ krebs.build.host = config.krebs.hosts.styx;
+
+ krebs.iptables.tables.filter.INPUT.rules = [
+ { predicate = "-p tcp --dport ${toString config.services.smokeping.port}"; target = "ACCEPT"; }
+ ];
+ services.smokeping = {
+ enable = true;
+ targetConfig = ''
+ probe = FPing
+ menu = top
+ title = top
+
+ + Local
+ menu = Local
+ title = Local Network
+ ++ LocalMachine
+ menu = Local Machine
+ title = This host
+ host = localhost
+
+ + Internet
+ menu = internet
+ title = internet
+
+ ++ CloudflareDNS
+ menu = Cloudflare DNS
+ title = Cloudflare DNS server
+ host = 1.1.1.1
+
+ ++ GoogleDNS
+ menu = Google DNS
+ title = Google DNS server
+ host = 8.8.8.8
+
+ + retiolum
+ menu = retiolum
+ title = retiolum
+
+ ++ gum
+ menu = gum.r
+ title = gum.r
+ host = gum.r
+
+ ++ ni
+ menu = ni.r
+ title = ni.r
+ host = ni.r
+
+ ++ prism
+ menu = prism.r
+ title = prism.r
+ host = prism.r
+ '';
+ };
+}
+
diff --git a/lass/1systems/styx/physical.nix b/lass/1systems/styx/physical.nix
new file mode 100644
index 000000000..a3899f87d
--- /dev/null
+++ b/lass/1systems/styx/physical.nix
@@ -0,0 +1,34 @@
+{ config, lib, pkgs, ... }:
+
+{
+ imports = [
+ ./config.nix
+ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
+ ];
+
+ boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "sd_mod" ];
+ boot.initrd.kernelModules = [ "dm-snapshot" ];
+ boot.kernelModules = [ "kvm-intel" ];
+ boot.extraModulePackages = [ ];
+
+ boot.loader.grub.enable = true;
+ boot.loader.grub.efiSupport = true;
+ boot.loader.grub.device = "/dev/disk/by-id/ata-SanDisk_SSD_G5_BICS4_20248F446514";
+ boot.loader.grub.efiInstallAsRemovable = true;
+
+
+ fileSystems."/" =
+ { device = "/dev/disk/by-uuid/ee5c9099-17fa-401e-852e-67cb4ae068f4";
+ fsType = "ext4";
+ };
+
+ fileSystems."/boot" =
+ { device = "/dev/disk/by-uuid/EAA5-88A9";
+ fsType = "vfat";
+ };
+
+ swapDevices = [ ];
+
+ nix.maxJobs = lib.mkDefault 4;
+ powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
+}
diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix
index babcb51de..1cf421fed 100644
--- a/lass/2configs/default.nix
+++ b/lass/2configs/default.nix
@@ -222,4 +222,5 @@ with import <stockholm/lib>;
# use 24:00 time format, the default got sneakily changed around 20.03
i18n.defaultLocale = mkDefault "C.UTF-8";
+ system.stateVersion = mkDefault "20.03";
}
diff --git a/lass/2configs/hass/default.nix b/lass/2configs/hass/default.nix
index 66d430cd1..78379ba1c 100644
--- a/lass/2configs/hass/default.nix
+++ b/lass/2configs/hass/default.nix
@@ -26,7 +26,7 @@ with import ./lib.nix { inherit lib; };
lovelaceConfigWritable = true;
};
- lass.hass.config = let
+ services.home-assistant.config = let
tasmota_s20 = name: topic: {
platform = "mqtt";
inherit name;
diff --git a/lass/2configs/hass/rooms/bett.nix b/lass/2configs/hass/rooms/bett.nix
index 16227fcb6..48a1f72d7 100644
--- a/lass/2configs/hass/rooms/bett.nix
+++ b/lass/2configs/hass/rooms/bett.nix
@@ -2,38 +2,38 @@
with import ../lib.nix { inherit lib; };
{
- lass.hass.config = lib.mkMerge [
+ services.home-assistant.config = lib.mkMerge [
(lightswitch switches.dimmer.bett lights.bett)
];
- lass.hass.love = {
- resources = [{
- url = "https://raw.githubusercontent.com/ljmerza/light-entity-card/master/dist/light-entity-card.js.map";
- type = "js";
- }];
- views = [{
- title = "bett";
- cards = [
- {
- type = "markdown";
- title = "hello world";
- content = "This is just a test";
- }
- {
- type = "light";
- entity = "light.${lights.bett}";
- }
- {
- type = "custom:light-entity-card";
- entity = "light.${lights.bett}";
- }
- {
- type = "history-graph";
- entities = [
- "light.${lights.bett}"
- ];
- }
- ];
- }];
- };
+ # lass.hass.love = {
+ # resources = [{
+ # url = "https://raw.githubusercontent.com/ljmerza/light-entity-card/master/dist/light-entity-card.js.map";
+ # type = "js";
+ # }];
+ # views = [{
+ # title = "bett";
+ # cards = [
+ # {
+ # type = "markdown";
+ # title = "hello world";
+ # content = "This is just a test";
+ # }
+ # {
+ # type = "light";
+ # entity = "light.${lights.bett}";
+ # }
+ # {
+ # type = "custom:light-entity-card";
+ # entity = "light.${lights.bett}";
+ # }
+ # {
+ # type = "history-graph";
+ # entities = [
+ # "light.${lights.bett}"
+ # ];
+ # }
+ # ];
+ # }];
+ # };
}
diff --git a/lass/2configs/hass/rooms/essen.nix b/lass/2configs/hass/rooms/essen.nix
index f74996154..eeb3d30d2 100644
--- a/lass/2configs/hass/rooms/essen.nix
+++ b/lass/2configs/hass/rooms/essen.nix
@@ -2,7 +2,7 @@
with import ../lib.nix { inherit lib; };
{
- lass.hass.config = lib.mkMerge [
+ services.home-assistant.config = lib.mkMerge [
(detect_movement sensors.movement.essen lights.essen 10)
(lightswitch switches.dimmer.essen lights.essen)
];
diff --git a/lass/2configs/hass/rooms/nass.nix b/lass/2configs/hass/rooms/nass.nix
index 163f4fc48..7e6298738 100644
--- a/lass/2configs/hass/rooms/nass.nix
+++ b/lass/2configs/hass/rooms/nass.nix
@@ -2,7 +2,7 @@
with import ../lib.nix { inherit lib; };
{
- lass.hass.config = lib.mkMerge [
+ services.home-assistant.config = lib.mkMerge [
(detect_movement sensors.movement.nass lights.nass 100)
(lightswitch switches.dimmer.nass lights.nass)
];
diff --git a/lass/2configs/hass/zigbee.nix b/lass/2configs/hass/zigbee.nix
index 6d091066e..789a7fb92 100644
--- a/lass/2configs/hass/zigbee.nix
+++ b/lass/2configs/hass/zigbee.nix
@@ -1,41 +1,43 @@
{config, pkgs, lib, ...}: let
- zigbee2mqtt_cfg = pkgs.writeText "zigbee2mqtt.json" (builtins.toJSON {
- homeassistant = true;
- permit_join = false;
- mqtt = {
- discovery = true;
- base_topic = "zigbee";
- server = "mqtt://10.42.0.1";
- user = "gg23";
- password = "gg23-mqtt";
- };
- serial.port = "/dev/cc2531";
- });
+ unstable-pkgs = import <nixpkgs-unstable> {};
in {
# symlink the zigbee controller
services.udev.extraRules = ''
- SUBSYSTEM=="tty", ATTRS{idVendor}=="0451", ATTRS{idProduct}=="16a8", SYMLINK+="cc2531", MODE="0660", GROUP="dailout"
- '';
-
- system.activationScripts.installZigbee = ''
- install -d /var/lib/zigbee2mqtt
- install ${zigbee2mqtt_cfg} /var/lib/zigbee2mqtt/configuration.yaml
+ SUBSYSTEM=="tty", ATTRS{idVendor}=="0451", ATTRS{idProduct}=="16a8", SYMLINK+="cc2531", MODE="0660", GROUP="dialout"
+ SUBSYSTEM=="tty", ATTRS{idVendor}=="10c4", ATTRS{idProduct}=="ea60", SYMLINK+="cc2652", MODE="0660", GROUP="dialout"
'';
- # hack to restart docker container on config change
- systemd.services.docker-zigbee2mqtt.environment.cfg = zigbee2mqtt_cfg;
+ # needed to use unstable package
+ systemd.services.zigbee2mqtt.environment.ZIGBEE2MQTT_DATA = "/var/lib/zigbee2mqtt";
- docker-containers.zigbee2mqtt = {
- image = "koenkk/zigbee2mqtt";
- extraDockerOptions = [
- "--device=/dev/cc2531:/dev/cc2531"
- ];
- volumes = ["/var/lib/zigbee2mqtt:/app/data"];
+ services.zigbee2mqtt = {
+ enable = true;
+ package = unstable-pkgs.zigbee2mqtt;
+ config = {
+ homeassistant = true;
+ frontend.port = 1337;
+ experimental.new_api = true;
+ permit_join = false;
+ mqtt = {
+ discovery = true;
+ base_topic = "zigbee";
+ server = "mqtt://10.42.0.1";
+ user = "gg23";
+ password = "gg23-mqtt";
+ };
+ serial = {
+ port = "/dev/cc2652";
+ # disable_led = true;
+ };
+ advanced = {
+ pan_id = 4222;
+ };
+ };
};
- lass.hass.config = {
+ services.home-assistant.config = {
sensor = [
# Sensor for monitoring the bridge state
{
@@ -93,7 +95,6 @@ in {
{
id = "zigbee_join_enabled";
alias = "";
- hide_entity = "true";
trigger = {
platform = "state";
entity_id = "switch.zigbee2mqtt_join";
@@ -107,7 +108,6 @@ in {
# Automation to stop timer when switch turned off and turn off switch when timer finished
{
id = "zigbee_join_disabled";
- hide_entity = "true";
trigger = [
{
platform = "event";
diff --git a/lass/2configs/jitsi.nix b/lass/2configs/jitsi.nix
new file mode 100644
index 000000000..1435ccb5c
--- /dev/null
+++ b/lass/2configs/jitsi.nix
@@ -0,0 +1,21 @@
+{ config, lib, pkgs, ... }:
+{
+
+ services.jitsi-meet = {
+ enable = true;
+ hostName = "jitsi.lassul.us";
+ config = {
+ enableWelcomePage = true;
+ requireDisplayName = true;
+ };
+ interfaceConfig = {
+ SHOW_JITSI_WATERMARK = false;
+ SHOW_WATERMARK_FOR_GUESTS = false;
+ };
+ };
+
+ krebs.iptables.tables.filter.INPUT.rules = [
+ { predicate = "-p tcp --dport 4443"; target = "ACCEPT"; }
+ { predicate = "-p udp --dport 10000"; target = "ACCEPT"; }
+ ];
+}
diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix
index 3e8d12381..8c95b535d 100644
--- a/lass/2configs/radio.nix
+++ b/lass/2configs/radio.nix
@@ -6,9 +6,6 @@ let
name = "radio";
mainUser = config.users.extraUsers.mainUser;
- admin-password = import <secrets/icecast-admin-pw>;
- source-password = import <secrets/icecast-source-pw>;
-
music_dir = "/home/radio/music";
add_random = pkgs.writeDashBin "add_random" ''
@@ -138,54 +135,19 @@ in {
auto_update "yes"
audio_output {
- type "shout"
- encoding "lame"
- name "the_playlist_mp3"
- host "localhost"
- port "8000"
- mount "/radio.mp3"
- password "${source-password}"
- bitrate "128"
-
- format "44100:16:2"
-
- user "source"
- genre "good music"
- }
- audio_output {
- type "shout"
- encoding "ogg"
- name "the_playlist_ogg"
- host "localhost"
- port "8000"
- mount "/radio.ogg"
- password "${source-password}"
- bitrate "128"
-
- format "44100:16:2"
-
- user "source"
- genre "good music"
+ type "httpd"
+ name "lassulus radio"
+ encoder "vorbis" # optional
+ port "8000"
+ quality "5.0" # do not define if bitrate is defined
+ # bitrate "128" # do not define if quality is defined
+ format "44100:16:2"
+ always_on "yes" # prevent MPD from disconnecting all listeners when playback is stopped.
+ tags "yes" # httpd supports sending tags to listening streams.
}
'';
};
- services.icecast = {
- enable = true;
- hostname = "radio.lassul.us";
- admin.password = admin-password;
- extraConf = ''
- <mount>
- <mount-name>/radio.mp3</mount-name>
- <password>${source-password}</password>
- </mount>
- <mount>
- <mount-name>/radio.ogg</mount-name>
- <password>${source-password}</password>
- </mount>
- '';
- };
-
krebs.iptables = {
tables = {
filter.INPUT.rules = [
@@ -206,7 +168,7 @@ in {
systemd.services.radio = let
autoAdd = pkgs.writeDash "autoAdd" ''
- LIMIT=$1 #in secconds
+ LIMIT=$1 #in seconds
timeLeft () {
playlistDuration=$(${pkgs.mpc_cli}/bin/mpc --format '%time%' playlist | ${pkgs.gawk}/bin/awk -F ':' 'BEGIN{t=0} {t+=$1*60+$2} END{print t}')
@@ -238,8 +200,7 @@ in {
${pkgs.mpc_cli}/bin/mpc idle player > /dev/null
${pkgs.mpc_cli}/bin/mpc current -f %file%
done | while read track; do
- listeners=$(${pkgs.curl}/bin/curl 'http://localhost:8000/status-json.xsl' \
- | ${pkgs.jq}/bin/jq '[.icestats.source[].listeners] | add')
+ listeners=$(${pkgs.iproute}/bin/ss -Hno state established '( sport = :8000 )' | wc -l)
echo "$(date -Is)" "$track" | tee -a "$HISTORY_FILE"
echo "$(tail -$LIMIT "$HISTORY_FILE")" > "$HISTORY_FILE"
${write_to_irc} "playing: $track listeners: $listeners"
diff --git a/lass/2conf