summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/1systems/hotdog/config.nix3
-rw-r--r--krebs/1systems/puyak/config.nix3
-rw-r--r--krebs/1systems/test-all-krebs-modules/config.nix1
-rw-r--r--krebs/2configs/reaktor2.nix12
-rw-r--r--krebs/2configs/repo-sync.nix1
-rwxr-xr-xkrebs/2configs/shack/doorstatus.sh74
-rw-r--r--krebs/2configs/shack/glados/default.nix6
-rw-r--r--krebs/2configs/shack/light.shack.nix6
-rw-r--r--krebs/2configs/shack/muell_mail.nix5
-rw-r--r--krebs/2configs/shack/muellshack.nix5
-rw-r--r--krebs/2configs/shack/node-light.nix5
-rw-r--r--krebs/2configs/shack/powerraw.nix6
-rw-r--r--krebs/2configs/shack/reaktor.nix30
-rw-r--r--krebs/2configs/shack/s3-power.nix5
-rw-r--r--krebs/2configs/shack/shackDNS.nix7
-rw-r--r--krebs/2configs/shack/worlddomination.nix5
-rw-r--r--krebs/3modules/Reaktor.nix155
-rw-r--r--krebs/3modules/announce-activation.nix5
-rw-r--r--krebs/3modules/default.nix1
-rw-r--r--krebs/3modules/external/default.nix66
-rw-r--r--krebs/3modules/hidden-ssh.nix33
-rw-r--r--krebs/3modules/lass/default.nix57
-rw-r--r--krebs/3modules/makefu/default.nix1
-rw-r--r--krebs/3modules/realwallpaper.nix1
-rw-r--r--krebs/5pkgs/default.nix2
-rw-r--r--krebs/5pkgs/haskell/brockman/default.nix4
-rw-r--r--krebs/5pkgs/simple/Reaktor/default.nix24
-rw-r--r--krebs/5pkgs/simple/Reaktor/plugins.nix182
-rwxr-xr-xkrebs/5pkgs/simple/Reaktor/scripts/tell-on_join.sh25
-rwxr-xr-xkrebs/5pkgs/simple/Reaktor/scripts/tell-on_privmsg.sh18
-rw-r--r--krebs/5pkgs/simple/cyberlocker-tools/default.nix10
-rw-r--r--krebs/5pkgs/simple/git-hooks/default.nix3
-rw-r--r--krebs/5pkgs/simple/htgen-cyberlocker/src/htgen-cyberlocker5
-rw-r--r--krebs/5pkgs/simple/irc-announce/default.nix9
-rw-r--r--krebs/5pkgs/simple/reaktor2-plugins.nix4
-rw-r--r--krebs/nixpkgs-unstable.json8
-rw-r--r--krebs/nixpkgs.json8
-rw-r--r--lass/1systems/coaxmetal/physical.nix24
-rw-r--r--lass/1systems/lasspi/config.nix26
-rw-r--r--lass/1systems/lasspi/physical.nix43
-rw-r--r--lass/1systems/prism/config.nix18
-rw-r--r--lass/1systems/wizard/config.nix2
-rw-r--r--lass/2configs/baseX.nix11
-rw-r--r--lass/2configs/default.nix1
-rw-r--r--lass/2configs/docker.nix6
-rw-r--r--lass/2configs/murmur.nix39
-rw-r--r--lass/2configs/pipewire.nix72
-rw-r--r--lass/2configs/telegraf.nix67
-rw-r--r--lass/2configs/websites/domsen.nix42
-rw-r--r--lass/5pkgs/proxychains-ng/default.nix16
-rw-r--r--lass/5pkgs/sshify/default.nix38
-rw-r--r--makefu/0tests/data/secrets/mediawikibot-config.json1
-rw-r--r--makefu/1systems/gum/config.nix4
-rw-r--r--makefu/2configs/nix-community/mediawiki-matrix-bot.nix23
-rw-r--r--makefu/2configs/nix-community/supervision.nix82
-rw-r--r--makefu/2configs/tools/dev.nix1
-rw-r--r--makefu/5pkgs/chitubox/default.nix10
-rw-r--r--makefu/5pkgs/custom/mediawiki-matrix-bot/default.nix22
-rw-r--r--makefu/5pkgs/default.nix1
59 files changed, 819 insertions, 525 deletions
diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix
index a100e414d..9f1ac9134 100644
--- a/krebs/1systems/hotdog/config.nix
+++ b/krebs/1systems/hotdog/config.nix
@@ -10,6 +10,9 @@
<stockholm/krebs/2configs/ircd.nix>
<stockholm/krebs/2configs/reaktor2.nix>
<stockholm/krebs/2configs/wiki.nix>
+
+ ## shackie irc bot
+ <stockholm/krebs/2configs/shack/reaktor.nix>
];
krebs.build.host = config.krebs.hosts.hotdog;
diff --git a/krebs/1systems/puyak/config.nix b/krebs/1systems/puyak/config.nix
index 2f122f6ff..5ed946aca 100644
--- a/krebs/1systems/puyak/config.nix
+++ b/krebs/1systems/puyak/config.nix
@@ -109,7 +109,7 @@
<stockholm/krebs/2configs/shack/prometheus/node.nix>
<stockholm/krebs/2configs/shack/prometheus/server.nix>
<stockholm/krebs/2configs/shack/prometheus/blackbox.nix>
- <stockholm/krebs/2configs/shack/prometheus/unifi.nix>
+ #<stockholm/krebs/2configs/shack/prometheus/unifi.nix>
<stockholm/krebs/2configs/shack/prometheus/alertmanager-telegram.nix>
## Collect local statistics via collectd and send to collectd
@@ -124,7 +124,6 @@
loader.efi.canTouchEfiVariables = true;
initrd.luks.devices.luksroot.device = "/dev/sda3";
- initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
kernelModules = [ "kvm-intel" ];
diff --git a/krebs/1systems/test-all-krebs-modules/config.nix b/krebs/1systems/test-all-krebs-modules/config.nix
index 2e1b5c1ad..8495a3ded 100644
--- a/krebs/1systems/test-all-krebs-modules/config.nix
+++ b/krebs/1systems/test-all-krebs-modules/config.nix
@@ -10,7 +10,6 @@ in {
enable = true;
build.user = config.krebs.users.krebs;
build.host = config.krebs.hosts.test-all-krebs-modules;
- Reaktor.test = {};
apt-cacher-ng.enable = true;
backup.enable = true;
bepasty.enable = true;
diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix
index 4a33c33ec..cbf3e7889 100644
--- a/krebs/2configs/reaktor2.nix
+++ b/krebs/2configs/reaktor2.nix
@@ -47,7 +47,7 @@ let
activate = "always";
command = {
filename =
- "${pkgs.Reaktor.src}/reaktor/commands/tell-on_join";
+ <stockholm/krebs/5pkgs/simple/Reaktor/scripts/tell-on_join.sh>;
env = {
PATH = makeBinPath [
pkgs.coreutils # XXX env, touch
@@ -95,10 +95,10 @@ let
}
hooks.sed
(generators.command_hook {
- inherit (commands) hello random-emoji nixos-version;
+ inherit (commands) random-emoji nixos-version;
tell = {
filename =
- "${pkgs.Reaktor.src}/reaktor/commands/tell-on_privmsg";
+ <stockholm/krebs/5pkgs/simple/Reaktor/scripts/tell-on_privmsg.sh>;
env = {
PATH = makeBinPath [
pkgs.coreutils # XXX date, env
@@ -223,9 +223,13 @@ in {
spanDate.title = new Date(entryDate).toString();
spanDate.appendChild(document.createTextNode(entryDate));
+ const link = document.createElement("a");
+ link.href = "http://wiki.r/agenda/" + encodeURIComponent(agendaItem.description.replaceAll("/", "\u29F8"));
+ link.appendChild(document.createTextNode(agendaItem.description));
+
const dd = document.createElement("dd");
dd.className = "description";
- dd.appendChild(document.createTextNode(agendaItem.description));
+ dd.appendChild(link);
dd.appendChild(document.createTextNode(" "));
dd.appendChild(spanDate);
diff --git a/krebs/2configs/repo-sync.nix b/krebs/2configs/repo-sync.nix
index 392e6bed3..e2be477fd 100644
--- a/krebs/2configs/repo-sync.nix
+++ b/krebs/2configs/repo-sync.nix
@@ -183,7 +183,6 @@ in {
(sync-remote { name = "skytraq-datalogger"; url = "https://github.com/makefu/skytraq-datalogger"; })
(sync-remote { name = "realwallpaper"; url = "https://github.com/lassulus/realwallpaper"; })
(sync-remote { name = "painload"; url = "https://github.com/krebs/painload"; })
- (sync-remote { name = "Reaktor"; url = "https://github.com/krebs/Reaktor"; })
(sync-remote { name = "nixos-wiki"; url = "https://github.com/Mic92/nixos-wiki.wiki.git"; })
];
}
diff --git a/krebs/2configs/shack/doorstatus.sh b/krebs/2configs/shack/doorstatus.sh
new file mode 100755
index 000000000..11e710cfd
--- /dev/null
+++ b/krebs/2configs/shack/doorstatus.sh
@@ -0,0 +1,74 @@
+#!/bin/sh
+# needs in path:
+# curl jq
+# creates and manages $PWD/state
+set -euf
+
+send_reaktor(){
+ # usage: send_reaktor "text"
+ echo "send_reaktor: $1"
+ curl -fsS http://localhost:7777 \
+ -H content-type:application/json \
+ -d "$(jq -n \
+ --arg text "$1" '{
+ command:"PRIVMSG",
+ params:["#shackspace",$text]
+ }'
+ )"
+}
+
+open=$(shuf -n1 <<EOF
+happy hacking, shack ist offen
+Heureka, der shack ist offen
+Die Türe ist offen, der shack will bespielt werden
+Frohlocket, der shack ist offen
+shack is love, shack is life, shack is offen
+Bin da, wer noch? shack hat geöffnet!
+shack hat geöffnet: Arbeiten Sie sicher, arbeiten Sie klug!
+Bin ich schon drin? Ich bin schon drin.. das war ja einfach. Also im shack.
+Uuuuund es setzt sich in Bewegung, wir öffnen den shack, los, los! Ja da guckt ihr, jetzt gehts looos!
+EOF
+)
+
+close=$(shuf -n1 <<EOF
+Hacking vorbei, shack ist zu!
+Tja, shack ist zu
+Shackie-closie
+Der Sandmann kommt, alle shackies sind zu haus und die Tür ist zu
+shack hat Stromsparmodus aktiviert
+Tür ist zu, shackspace ist jetzt koronakonform
+Oh nein, eine Tür, sie ist verschlossen! Also, die vom shack
+Ihr kennt das ja: Abschalten. Der shack ist zu.
+EOF
+)
+error=$(shuf -n1 <<EOF
+Hase, api ist kaputt! Bitte reparieren
+API liefert kein sinnvolles Ergebnis, keine Ahnung ob shack offen oder zu ist
+shack api defekt :(
+Hubel Hubel, jemand könnte mal die shack api reparieren
+API sagt derp
+Siehste das? API? Da soll ich jetzt nen Request drauf machen? Jetzt werd ich aber langsam n bisschen wild hier langsam!
+Der API ist ein bisschen ein Otto geworden, ischwör der will mich flaxen
+ich möchte den geschäftsführer sprechen, das API geht nicht mehr!
+Herr makefu an Kasse 3 bitte, Kasse 3 bitte Herr makefu. Der API Computer ist mal wieder ausgefallen
+EOF
+)
+
+state=$(curl https://api.shackspace.de/v1/space | jq .doorState.open)
+prevstate=$(cat state ||:)
+
+if test "$state" == "$(cat state)";then
+ #echo "current and last state is the same ($state), doing nothing"
+ :
+else
+ echo "API state and last state differ ( '$state' != '$prevstate')"
+ if test "$state" == "true";then
+ send_reaktor "$open"
+ elif test "$state" == "false";then
+ send_reaktor "$close"
+ else
+ send_reaktor "$error"
+ fi
+ echo "updating state"
+ printf "%s" "$state" > state
+fi
diff --git a/krebs/2configs/shack/glados/default.nix b/krebs/2configs/shack/glados/default.nix
index 53d6e6f4a..51c2ad94f 100644
--- a/krebs/2configs/shack/glados/default.nix
+++ b/krebs/2configs/shack/glados/default.nix
@@ -112,7 +112,8 @@ in {
}
{ platform = "mpd";
name = "kiosk";
- host = "lounge.kiosk.shack";
+ #host = "lounge.kiosk.shack";
+ host = "kiosk.shack";
}
];
@@ -123,7 +124,7 @@ in {
http = {
base_url = "http://hass.shack";
use_x_forwarded_for = true;
- trusted_proxies = "127.0.0.1";
+ trusted_proxies = [ "127.0.0.1" "::1" ];
};
#conversation = {};
@@ -139,6 +140,7 @@ in {
language = "de";
cache = true;
time_memory = 57600;
+ base_url = "http://hass.shack";
}
];
device_tracker = [];
diff --git a/krebs/2configs/shack/light.shack.nix b/krebs/2configs/shack/light.shack.nix
index 8e01cb1bf..715339a69 100644
--- a/krebs/2configs/shack/light.shack.nix
+++ b/krebs/2configs/shack/light.shack.nix
@@ -1,7 +1,9 @@
{ config, pkgs, ... }:
let
- light-shack-src = pkgs.fetchgit {
- url = "https://git.shackspace.de/rz/standby.shack";
+ light-shack-src =
+ pkgs.fetchFromGitHub {
+ owner = "shackspace";
+ repo = "standby.shack";
rev = "e1b90a0a";
sha256 = "07fmz63arc5rxa0a3778srwz0jflp4ad6xnwkkc56hwybby0bclh";
};
diff --git a/krebs/2configs/shack/muell_mail.nix b/krebs/2configs/shack/muell_mail.nix
index 951450200..9308c7b13 100644
--- a/krebs/2configs/shack/muell_mail.nix
+++ b/krebs/2configs/shack/muell_mail.nix
@@ -2,8 +2,9 @@
let
pkg = pkgs.callPackage (
- pkgs.fetchgit {
- url = "https://git.shackspace.de/rz/muell_mail";
+ pkgs.fetchFromGitHub {
+ owner = "shackspace";
+ repo = "muell_mail";
rev = "c3e43687879f95e01a82ef176fa15678543b2eb8";
sha256 = "0hgchwam5ma96s2v6mx2jfkh833psadmisjbm3k3153rlxp46frx";
}) { mkYarnPackage = pkgs.yarn2nix-moretea.mkYarnPackage; };
diff --git a/krebs/2configs/shack/muellshack.nix b/krebs/2configs/shack/muellshack.nix
index b032b4299..cabe72b40 100644
--- a/krebs/2configs/shack/muellshack.nix
+++ b/krebs/2configs/shack/muellshack.nix
@@ -2,8 +2,9 @@
let
pkg = pkgs.callPackage (
- pkgs.fetchgit {
- url = "https://git.shackspace.de/rz/muellshack";
+ pkgs.fetchFromGitHub {
+ owner = "shackspace";
+ repo = "muellshack";
rev = "dc80cf1edaa3d86ec2bebae8596ad1d4c4e3650a";
sha256 = "1yipr66zhrg5m20pf3rzvgvvl78an6ddkq6zc45rxb2r0i7ipkyh";
diff --git a/krebs/2configs/shack/node-light.nix b/krebs/2configs/shack/node-light.nix
index 2e69d5aaa..7a648d4ee 100644
--- a/krebs/2configs/shack/node-light.nix
+++ b/krebs/2configs/shack/node-light.nix
@@ -2,8 +2,9 @@
let
pkg = pkgs.callPackage (
- pkgs.fetchgit {
- url = "https://git.shackspace.de/rz/node-light.git";
+ pkgs.fetchFromGitHub {
+ owner = "shackspace";
+ repo = "node-light";
rev = "90a9347b73af3a9960bd992e6293b357226ef6a0";
sha256 = "1av9w3w8aknlra25jw6gqxzbb01i9kdlfziy29lwz7mnryjayvwk";
}) { };
diff --git a/krebs/2configs/shack/powerraw.nix b/krebs/2configs/shack/powerraw.nix
index 43c743587..64e1911cf 100644
--- a/krebs/2configs/shack/powerraw.nix
+++ b/krebs/2configs/shack/powerraw.nix
@@ -6,14 +6,16 @@
let
influx-url = "http://influx.shack:8086";
pkg = pkgs.python3.pkgs.callPackage (
- pkgs.fetchgit {
- url = "https://git.shackspace.de/rz/powermeter.git";
+ pkgs.fetchFromGitHub {
+ owner = "shackspace";
+ repo = "powermeter";
rev = "438b08f";
sha256 = "0c5czmrwlw985b7ia6077mfrvbf2fq51iajb481pgqbywgxqis5m";
}) {};
in {
# receive response from light.shack / standby.shack
networking.firewall.allowedUDPPorts = [ 11111 ];
+ networking.firewall.allowedTCPPorts = [ 11111 ];
users.users.powermeter = {
extraGroups = [ "dialout" ];
isSystemUser = true;
diff --git a/krebs/2configs/shack/reaktor.nix b/krebs/2configs/shack/reaktor.nix
new file mode 100644
index 000000000..a31c7a687
--- /dev/null
+++ b/krebs/2configs/shack/reaktor.nix
@@ -0,0 +1,30 @@
+{ config, lib, pkgs, ... }:
+{
+ krebs.reaktor2.shackie = {
+ hostname = "irc.libera.chat";
+ port = "6697";
+ nick = "shackie";
+ API.listen = "inet://127.0.0.1:7777";
+ plugins = [
+ {
+ plugin = "register";
+ config = {
+ channels = [
+ "#shackspace"
+ ];
+ };
+ }
+ ];
+ };
+ systemd.services.announce_doorstatus = {
+ startAt = "*:0/1";
+ path = with pkgs; [ curl jq ];
+ script = builtins.readFile ./doorstatus.sh;
+ serviceConfig = {
+ DynamicUser = true;
+ StateDirectory = "doorstatus";
+ WorkingDirectory = "/var/lib/doorstatus";
+ PrivateTmp = true;
+ };
+ };
+}
diff --git a/krebs/2configs/shack/s3-power.nix b/krebs/2configs/shack/s3-power.nix
index 0ce8a8786..bed98d860 100644
--- a/krebs/2configs/shack/s3-power.nix
+++ b/krebs/2configs/shack/s3-power.nix
@@ -2,8 +2,9 @@
let
pkg = pkgs.callPackage (
- pkgs.fetchgit {
- url = "https://git.shackspace.de/rz/s3-power";
+ pkgs.fetchFromGitHub {
+ owner = "shackspace";
+ repo = "s3-power";
rev = "0687ab64";
sha256 = "1m8h4bwykv24bbgr5v51mam4wsbp5424xcrawhs4izv563jjf130";
}) { mkYarnPackage = pkgs.yarn2nix-moretea.mkYarnPackage; };
diff --git a/krebs/2configs/shack/shackDNS.nix b/krebs/2configs/shack/shackDNS.nix
index c9cdfd24b..00f79abc4 100644
--- a/krebs/2configs/shack/shackDNS.nix
+++ b/krebs/2configs/shack/shackDNS.nix
@@ -1,9 +1,10 @@
{ config, lib, pkgs, ... }:
let
- pkg =
- pkgs.fetchgit {
- url = "https://git.shackspace.de/rz/shackdns";
+ pkg =
+ pkgs.fetchFromGitHub {
+ owner = "shackspace";
+ repo = "shackdns";
rev = "e55cc906c734b398683f9607b93f1ad6435d8575";
sha256 = "1hkwhf3hqb4fz06b1ckh7sl0zcyi4da5fgdlksian8lxyd19n8sq";
};
diff --git a/krebs/2configs/shack/worlddomination.nix b/krebs/2configs/shack/worlddomination.nix
index 4bdb095f1..e339d3174 100644
--- a/krebs/2configs/shack/worlddomination.nix
+++ b/krebs/2configs/shack/worlddomination.nix
@@ -4,8 +4,9 @@ with import <stockholm/lib>;
let
pkg = pkgs.stdenv.mkDerivation {
name = "worlddomination-2020-12-01";
- src = pkgs.fetchgit {
- url = "https://git.shackspace.de/rz/worlddomination.git";
+ src = pkgs.fetchFromGitHub {
+ owner = "shackspace";
+ repo = "worlddomination";
rev = "c7aedcde7cd1fcb870b5356a6125e1a384b0776c";
sha256 = "0y6haz5apwa33lz64l7b2x78wrrckbw39j4wzyd1hfk46478xi2y";
};
diff --git a/krebs/3modules/Reaktor.nix b/krebs/3modules/Reaktor.nix
deleted file mode 100644
index 2a035d7be..000000000
--- a/krebs/3modules/Reaktor.nix
+++ /dev/null
@@ -1,155 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with import <stockholm/lib>;
-let
-
- cfg = config.krebs.Reaktor;
- homedir = "/var/lib/Reaktor";
-
- out = {
- options.krebs.Reaktor = api;
- config = mkIf (cfg != {}) imp;
- };
-
- api = mkOption {
- default = {};
- type = with types; attrsOf (submodule ({ options = {
-
- nickname = mkOption {
- default = config.krebs.build.host.name + "|r";
- type = types.str;
- description = ''
- The nick name of the irc bot.
- Defaults to {hostname}|r
- '';
- };
-
- overrideConfig = mkOption {
- default = null;
- type = types.nullOr types.str;
- description = ''
- configuration to be used instead of default ones.
- Reaktor default cfg can be retrieved via `reaktor get-config`
- '';
- };
-
- plugins = mkOption {
- default = [pkgs.ReaktorPlugins.nixos-version];
- };
-
- workdir = mkOption {
- default = "/var/lib/Reaktor";
- type = types.path;
- description = ''
- path to be used as workdir (home dir is still /var/lib/Reaktor)
- '';
- };
-
- extraConfig = mkOption {
- default = "";
- type = types.str;
- description = ''
- configuration appended to the default or overridden configuration
- '';
- };
-
- extraEnviron = mkOption {
- default = {};
- type = types.attrsOf types.str;
- description = ''
- Environment to be provided to the service, can be:
- REAKTOR_HOST
- REAKTOR_PORT
- REAKTOR_STATEDIR
-
- debug and nickname can be set separately via the Reaktor api
- '';
- };
-
- channels = mkOption {
- default = [ "#krebs" ];
- type = types.listOf types.str;
- description = ''
- Channels the Reaktor should connect to at startup.
- '';
- };
-
- debug = mkOption {
- default = false;
- description = ''
- Reaktor debug output
- '';
- };
- };}));
- };
-
- imp = {
- # TODO get user per configured bot
- # TODO get home from api
- # for reaktor get-config
- users.extraUsers = singleton rec {
- name = "Reaktor";
- uid = genid name;
- description = "Reaktor user";
- home = homedir;
- createHome = true;
- };
-
- #users.extraGroups = singleton {
- # name = "Reaktor";
- # gid = config.ids.gids.Reaktor;
- #};
-
- systemd.services = mapAttrs' (name: botcfg:
- let
- ReaktorConfig = pkgs.writeText "config.py" ''
- ${if (isString botcfg.overrideConfig ) then ''
- # Overriden Config
-