diff options
40 files changed, 391 insertions, 396 deletions
diff --git a/flake.lock b/flake.lock index 9a05f5a3c..85e508e47 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,48 @@ { "nodes": { + "buildbot-nix": { + "inputs": { + "flake-parts": "flake-parts", + "nixpkgs": [ + "nixpkgs" + ], + "treefmt-nix": "treefmt-nix" + }, + "locked": { + "lastModified": 1719326738, + "narHash": "sha256-9gEgR/teWxH1E3JUUunLrcgOpMel19nw//eK3XKU6RQ=", + "owner": "Mic92", + "repo": "buildbot-nix", + "rev": "6e342155745f68b6d7ccc5557fa3d320b8aa3273", + "type": "github" + }, + "original": { + "owner": "Mic92", + "repo": "buildbot-nix", + "type": "github" + } + }, + "flake-parts": { + "inputs": { + "nixpkgs-lib": [ + "buildbot-nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1717285511, + "narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, "nix-writers": { "flake": false, "locked": { @@ -18,11 +61,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1707956935, - "narHash": "sha256-ZL2TrjVsiFNKOYwYQozpbvQSwvtV/3Me7Zwhmdsfyu4=", + "lastModified": 1719254875, + "narHash": "sha256-ECni+IkwXjusHsm9Sexdtq8weAq/yUyt1TWIemXt3Ko=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a4d4fe8c5002202493e87ec8dbc91335ff55552c", + "rev": "2893f56de08021cffd9b6b6dfc70fd9ccd51eb60", "type": "github" }, "original": { @@ -34,9 +77,31 @@ }, "root": { "inputs": { + "buildbot-nix": "buildbot-nix", "nix-writers": "nix-writers", "nixpkgs": "nixpkgs" } + }, + "treefmt-nix": { + "inputs": { + "nixpkgs": [ + "buildbot-nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1718522839, + "narHash": "sha256-ULzoKzEaBOiLRtjeY3YoGFJMwWSKRYOic6VNw2UyTls=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "68eb1dc333ce82d0ab0c0357363ea17c31ea1f81", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } } }, "root": "root", @@ -7,15 +7,18 @@ }; # disko.url = "github:nix-community/disko"; # disko.inputs.nixpkgs.follows = "nixpkgs"; + buildbot-nix.url = "github:Mic92/buildbot-nix"; + buildbot-nix.inputs.nixpkgs.follows = "nixpkgs"; }; description = "stockholm"; - outputs = { self, nixpkgs, nix-writers }: { + outputs = { self, nixpkgs, nix-writers, buildbot-nix, ... }@inputs: { nixosConfigurations = nixpkgs.lib.mapAttrs (machineName: _: nixpkgs.lib.nixosSystem { system = "x86_64-linux"; specialArgs.stockholm = self; specialArgs.nix-writers = nix-writers; + specialArgs.buildbot-nix = buildbot-nix; modules = [ ./krebs/1systems/${machineName}/config.nix { diff --git a/kartei/makefu/default.nix b/kartei/makefu/default.nix index f215f1fcb..6dd59be55 100644 --- a/kartei/makefu/default.nix +++ b/kartei/makefu/default.nix @@ -96,6 +96,16 @@ in { retiolum.ip4.addr = "10.243.0.212"; }; }; + savarcast = rec { + nets = { + retiolum.ip4 = { + addr = "10.243.136.238"; + }; + retiolum.aliases = [ + "sava.r" + ]; + }; + }; x = { syncthing.id = "OA36OF6-JEFCUJQ-OEYVTMH-DPCACQI-3AJRE5G-BFVMOUG-RPYJQE3-4ZCUWA5"; nets = { @@ -127,6 +137,7 @@ in { aliases = [ "omo.r" "dcpp.omo.r" + "hass.omo.r" "backup.makefu.r" "torrent.omo.r" "music.omo.r" @@ -200,6 +211,7 @@ in { bookmark.euer IN A ${nets.internet.ip4.addr} boot IN A ${nets.internet.ip4.addr} boot.euer IN A ${nets.internet.ip4.addr} + build.euer IN A ${nets.internet.ip4.addr} cache.euer IN A ${nets.internet.ip4.addr} cache.gum IN A ${nets.internet.ip4.addr} cgit.euer IN A ${nets.internet.ip4.addr} @@ -239,6 +251,7 @@ in { ul.work.euer IN A ${nets.internet.ip4.addr} music.euer IN A ${nets.internet.ip4.addr} ntfy.euer IN A ${nets.internet.ip4.addr} + paper.euer IN A ${nets.internet.ip4.addr} ''; }; nets = rec { diff --git a/kartei/makefu/retiolum/savarcast.pub b/kartei/makefu/retiolum/savarcast.pub new file mode 100644 index 000000000..65da0d5f9 --- /dev/null +++ b/kartei/makefu/retiolum/savarcast.pub @@ -0,0 +1,8 @@ +-----BEGIN RSA PUBLIC KEY----- +MIIBCgKCAQEAvxhCwL7g+p3rp2aelJHKHowLLcDZVqZnsuViW5jzQ5kQuDB6Rc7f +IiUXXzg6/BL2o7jUW1gRrHbiVy7360HxsTwQvV8j0/s+UsCQCybWclGE2NlsjCUM +xi/zTn/R523o43J4t6L7ohDlJVBCPMVJu5ZWVIlMAWSHI45WFu9JAyKOZJnPEYQb +eyw8P93ztZyijoRTV1SEYK9FiSsfmNgGIqPlE6QPE1S+oR6j+718WSrmQjcBO8uO +cbj4ZPEgokYRF+WH4m9fPfkTWH6qQ1idqiWZfeUR2TfLLDQ+zDpJpoXlXk/JOqMu +7kdx3dfuiulI93pUDVeGXh0YCyTmVvavdQIDAQAB +-----END RSA PUBLIC KEY----- diff --git a/kartei/makefu/retiolum/savarcast_ed25519.pub b/kartei/makefu/retiolum/savarcast_ed25519.pub new file mode 100644 index 000000000..e08b7f1b7 --- /dev/null +++ b/kartei/makefu/retiolum/savarcast_ed25519.pub @@ -0,0 +1 @@ +Ed25519PublicKey = s/m2cdP6VguKTzTFLdoHMG7t4+94NNT/+ZHYcmSxSVP diff --git a/kartei/makefu/wiregrill/savarcast.pub b/kartei/makefu/wiregrill/savarcast.pub new file mode 100644 index 000000000..f6153f5f8 --- /dev/null +++ b/kartei/makefu/wiregrill/savarcast.pub @@ -0,0 +1 @@ +mM/QKHTnLlC5qyClRY9WZKg3TK4F+WpLIKRtjCmCCHM= diff --git a/kartei/makefu/wiregrill/telex.pub b/kartei/makefu/wiregrill/telex.pub index 12a42177e..4a5f666cc 100644 --- a/kartei/makefu/wiregrill/telex.pub +++ b/kartei/makefu/wiregrill/telex.pub @@ -1 +1 @@ -T7Cr80dBbtPFCPdz4OS7whDlQJzn2Orclq5rLVtD+Ds= +yAKvxTvcEVdn+MeKsmptZkR3XSEue+wSyLxwcjBYxxo= diff --git a/kartei/mic92/default.nix b/kartei/mic92/default.nix index 96edeba55..ef37cc760 100644 --- a/kartei/mic92/default.nix +++ b/kartei/mic92/default.nix @@ -74,9 +74,6 @@ in { }; eve = { owner = config.krebs.users.mic92; - extraZones."krebsco.de" = '' - mukke IN CNAME eve.thalheim.io. - ''; nets = rec { internet = { # eve.thalheim.io @@ -476,21 +473,15 @@ in { aliases = [ "ryan.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- - MIICCgKCAgEApu7U9HP1Uo+kTDI+KTCs+YFLcSYct1qPuMkntKonYgdiW9Z4Ud99 - tU0VmJWdDnKaRxIcjC2Bmy342G3QN+UgdnTxyEWggWRKHUDjWMXBuj5n+uBgzTyM - XDwuQR7RZmStBG6vDRIQWL07/b0u/wzyrhXDERx7o2msOLfnaU271aVrDM/Y67fL - PMfKBtfckv7+W5e7KspJRIyhj7mqXMsSHaroqgoikK+Xyv44OxlklV7VnmACaNLf - Yg0AiSjIrMtkTQ85m9t6q147lWBKlAK7yqEHUPyVNGMf/Mh6M1Xg1t0oc9hcb7/F - VAPNbwFiwm0rR8ugjW5Gn5i/uZDeDDSQcc8m1tsB+86peuS16sfOXZewXH9bYDFo - 9n28+vFjyF5FRI1J6fAjneFm5PyoLvowgwvVECEDRgUF2+ySwfWawF+LPDpRZiZ4 - NfHN2qT81QWa1UfWdaudCYbwMK5iQskCUtRw20ABsR0Kg6oHGG/uiLZ4pYReeM/n - agefDCe9PN5bkjonwOxN2klV8QgYQeznm1gdsFjMdvJUcba2kZICpRy8Wx9Sc0ai - oO8HKLqRoO5sV4Nv1FcY6EFq05AR1PPt6LoE0AY5REwVuNZSyiBp8lzzDj2E3JYf - obeZ8RtCYmNkXL3I+wfm/73SrIrX/ombqeaWGJB/rX2DEwco0IFau4ECAwEAAQ== + MIIBCgKCAQEAzvThkmiCHUWwof7UYZQ7BPTYN4ibQqO3WMig/FNalZHLBJeyyhu3 + oEvw065RyJukX4eEFySdys8JU8GWRU0EB/opquKLy1tkLokBfH+/z0/C/VhtTWUC + S/ZqC53N7BkYuxkLsvp5fc2G1Ttm04vQUJ/dHMpxnIfw4SLEJnNBL/5/cYEtCRWn + I4BXmvkW8K34NypVLumJuWfQ5S2NVryXe/il1GUd/TaCiBWNwZ86x9bfJuKc2/p7 + Se8PIAQaN1GdpmGIsj/2yNkxI1Y87E9DE6UJFD444IQ/fFMq3oLuAMFrRJSM2rTy + 15h5kZ5KV2nkarPZmIRADTp/tzoMdJmh5wIDAQAB -----END RSA PUBLIC KEY----- ''; - - tinc.pubkey_ed25519 = "/KoqKeQsdRWnhva7/YTX65mUxuyKaFNjA8LlxmAUQXP"; + tinc.pubkey_ed25519 = "saaS/b0GU3s268Move4i4mxNmxWACTiOvdGY6TpT0uH"; }; }; }; @@ -509,15 +500,15 @@ in { aliases = [ "graham.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAtnM8VqFlEPLPYfKOZvN4kKklrVEyX4WewlqHO8vtxML9ND5BHCdn - UeRsThvbKVRqEvZLTAXKClZRYVr2IroHqfx0euTq3FYTUbNNQ4KgcFAfLKWoxGfK - HsQbYpS93/sUtmhRBGcgXPnEkE6yqvFBXxcmB1QqdmgYKdY2Gtikwrv/5hb4AlNe - /gyzKGtAKYogspLI6EpEwlD9CGDNIUPJ4uQ56gDhV/qtyMSE6X0igSSVZayDc+x1 - InPkH90xsa0/uXjYDnXNdMguLArGkRzMhd6DzK4vEaPFIX59yMX+tEj46rGY7xAI - gUZUI2codqY5Z93W5GC+ws34y0bpfeMMWwIDAQAB + MIIBCgKCAQEAs+UnyCIjHAGiecv6lFHVRw9pLuHfqmIlyKToQChJKvsMEh1G5KpO + KdvLuXcCzWQlhg3Tuh2a8vAYfACeJkqHY9YgH9ZSCrP+Fn9hb7eeosspQzLbC/6S + xq4QXSLgnGmwolS5TV4FgaxPgi/cKCAfT+Az9yXyVYWX3xmyfgPULUDiFdoTXBZ+ + H2M+tDhzd9mNIZYHNcHPE7hccRETFhM80w1R9w1eyb4MkZ4XA3FBZ8hm4L7/XSNJ + EtDiBnB3q1HwlfGzcju+TLCHal7Z+wZJ8u/1iNmhieGxzg5tQTuhMa1bn/uaqyct + bdqnXGk6UcOUlxV8gdJh1I4M6MF8DXH4hwIDAQAB -----END RSA PUBLIC KEY----- ''; - tinc.pubkey_ed25519 = "xMJNMMXZRCbWkN9CzLFohkGUK54dPcrrosFD7xgIFXA"; + tinc.pubkey_ed25519 = "WOyyqCmTWMqjakFBnUoxsJv9o/XvdIJT9UHt6JfRuQM"; }; }; }; @@ -577,20 +568,15 @@ in { aliases = [ "mickey.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- - MIICCgKCAgEA7TwI3/tyl3z46Enr6p/0bpl5CpG6DZLxjAhsMcWBM+4xTL9s18IZ - 2FGbyS3EyOBprMBQULrik1u0rfZ0AL8XdO6h+r1BD6XmlZtUu3FJaVeXrLBPGtC0 - qqC0mZOj1ezTl3kC9/O7slU1/vuIRWiiRuvmvLnc6uWo+ShTl8fs0a3rY7/FsFVY - ZClf2M/5cJmeZpwy+PvgGmhSvjflO5+v+C+LvvhfVzoLw2zf8Gbi23ifS0uhhJt2 - 9ztGnmQg+n4+EWEN3XFS1XXHO2P2jyy1ss5NrN0JrO/1J519owHXxbo096MV12xr - azD6of8k0xHbfW4PW0/U1qzs9Ra1T54D+xtnyemLOyeCApwUy+bSg+XuqMz1Wy55 - dci7cBguTIn+pnJqcf8lGSfWDSxlBiwrbXSPszlRQ6vO8MA2uciSmOKodKtNj4bQ - 5IfdHHOHGAuuE+ZNt6owc/8QzQ3dVT+fVmTeN1PB4FmPmF5E2kOpe4NebZ0DhD+g - +g/bNO5FFlIy2M+LKauIXugAHlrVrxl4blfjVkb9xrfsSJHQl8/G/F9zMUAzUBv3 - W8cVFn9mAw0FFaQljs9iha92we6Vs93v+ZvsmSG2MVOYBVwka4FJ7kjaABLFXcjN - RA8gQM/P3j1EmDvemlskWOoCLVELR40BtKdM9MFiGqxGMoNh3DvGWTECAwEAAQ== + MIIBCgKCAQEAx2EgoPlsOZ+2+R2Gdn6E2QK1Jo+v4g16M+PqqBYtc0vno8uFmBZu + q2S6UuHFtS3VfUL0I1+ZYcOWkNuMrL6PYBdu3MeK2GGW8IB4RSzoba7QIcz2W6ls + YuyLbsBKJafMzNi2E+7fTrkJRezrcbS8IUhHuKYgDSHH81yXquaJhgGid7dtZPFD + KHA4Y2l9zOGGyiFi2XfkvDES7uAAnBzOgTZzH5iR40qRqZhH4Tj5iowKvZZw7/A5 + G+v7v1YXXYW6ROsfEtMlxns921nkeZIlMaAofoaV2Qtf757GGcg6UjJHH9X6mwSb + 165IRVWSikZjkbdeg4Zz3dYkHtfFhNQM7QIDAQAB -----END RSA PUBLIC KEY----- ''; - tinc.pubkey_ed25519 = "cE450gYxzp9kAzV5ytU9N7aV+WdnD7wQMjkPWV7r/bC"; + tinc.pubkey_ed25519 = "Pc/H50xDTU3dUxYynclf/Nxg2Q5k1aSdwGv4SBQPYCO"; }; }; }; diff --git a/kartei/rtunreal/default.nix b/kartei/rtunreal/default.nix index de6c528fa..8418697b2 100644 --- a/kartei/rtunreal/default.nix +++ b/kartei/rtunreal/default.nix @@ -32,6 +32,28 @@ in }; }; hosts = mapAttrs hostDefaults { + rtworker = { + nets.retiolum = { + aliases = [ "worker.rtunreal.r" ]; + ip4.addr = "10.243.20.24"; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAs6abzbB+Jljux8ivE8gtuYpTxP3FDcXQ+p8DKwadwXyDwehfyKpJ + nMMOBPnFzUgrN9zTx7Y1unvzjyxDUoyCBrDv6VLG+cS1wDQJTkovVjqWgZAWEg66 + UteNIxZoTqkQan8UD1Hb2rStpI+1C/fgqc4Kc0KX10sBp9qpsUBWwXqsXGsGOWEm + zLqjM5o0HnK9s4vKHatxvxe1yNoFiivsYDiiStnx0jXHuWcsDcazJeTYLJAdS9mC + nMfvpp6QTlDiGxxYzQrImo+KZ5aD3ugtvChK0UyIwdD1FDjgHm/NsZ1spheBhCNA + ddmS5s5xhwh86wMnbOIdrPYJweGyw4jLX6C3nqO/WJegJsfRFPKcBc0oR2lZ3pk+ + JkcvdbxiqRBEuDjttkGia4TbJ8jFHDfGDAmuIMa0Oa0GmuF+DD3Fm6GTXsKTS2jZ + sAL3b5wH1iOWCKYQhZmHlqw9DiaywsNKeH+/YtAAArH0Mle1yDP0QwSHvI3xlg5H + 6igmHcK70j0ZYQKQHm5Y6FboUTZUsXkIQFdMOdHUW2KeFVQOHDpnH/dXYW97Z0fU + e4/SOdveJmF1QOygwhdddcumblBJIk0ljMkIA1fo8D4viCo6Vu0wwZbzAXhZlYkr + dXVy/bhx6xNjFMsNvmsdGx7NEulyukrApLy3JmVYZEYvcKd5lMmvxksCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "cm3VTJMq+Z9JDaIAZhgNjs5nYOHzM8m4gglX4YCFfnF"; + }; + }; rtspinner = { nets.retiolum = { aliases = [ "spinner.rtunreal.r" ]; diff --git a/kartei/tv/hosts/leg.nix b/kartei/tv/hosts/leg.nix index aa023b42d..c09749302 100644 --- a/kartei/tv/hosts/leg.nix +++ b/kartei/tv/hosts/leg.nix @@ -17,6 +17,9 @@ ''; tinc.pubkey_ed25519 = " qmxNtjkjzXP4QCIJwXLncYFrIfU7royMlQNSVvR3XKH"; }; + wiregrill = { + ip4.addr = "10.244.3.43"; + }; }; secure = true; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGiputkYYQbg8sUHu+dMVOEuqhPYwPhPdmkS6LopPx17 root@leg"; diff --git a/kartei/tv/hosts/pa.nix b/kartei/tv/hosts/pa.nix new file mode 100644 index 000000000..95026a24b --- /dev/null +++ b/kartei/tv/hosts/pa.nix @@ -0,0 +1,3 @@ +{ + nets.wiregrill.ip4.addr = "10.244.3.103"; +} diff --git a/kartei/tv/wiregrill/pa.pub b/kartei/tv/wiregrill/pa.pub new file mode 100644 index 000000000..3af7a8e7e --- /dev/null +++ b/kartei/tv/wiregrill/pa.pub @@ -0,0 +1 @@ +X+Sm5uyeI1B6cVeyxPz0YXy6L5jrs2GKwfjfPuF67GA= diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix index 0a103ed1a..91071ec85 100644 --- a/krebs/1systems/hotdog/config.nix +++ b/krebs/1systems/hotdog/config.nix @@ -6,7 +6,6 @@ ../../../krebs/2configs ../../../krebs/2configs/nginx.nix - ../../../krebs/2configs/buildbot-stockholm.nix ../../../krebs/2configs/binary-cache/nixos.nix ../../../krebs/2configs/ircd.nix ../../../krebs/2configs/reaktor2.nix @@ -15,6 +14,10 @@ ../../../krebs/2configs/mud.nix ../../../krebs/2configs/repo-sync.nix + ../../../krebs/2configs/buildbot-stockholm.nix + #../../../krebs/2configs/buildbot/master.nix + #../../../krebs/2configs/buildbot/worker.nix + ../../../krebs/2configs/cal.nix ../../../krebs/2configs/mastodon.nix diff --git a/krebs/1systems/puyak/config.nix b/krebs/1systems/puyak/config.nix index 60c1c941a..d3891af82 100644 --- a/krebs/1systems/puyak/config.nix +++ b/krebs/1systems/puyak/config.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +{ config, pkgs, lib, ... }: { imports = [ ./net.nix @@ -73,6 +73,7 @@ # hass.shack <stockholm/krebs/2configs/shack/glados> + <stockholm/krebs/2configs/shack/esphome.nix> # connect to git.shackspace.de as group runner for rz <stockholm/krebs/2configs/shack/gitlab-runner.nix> @@ -170,4 +171,5 @@ isNormalUser = true; shell = "/run/current-system/sw/bin/zsh"; }; + system.stateVersion = lib.mkForce "24.05"; } diff --git a/krebs/1systems/puyak/net.nix b/krebs/1systems/puyak/net.nix index 59b22b380..fe2fd238e 100644 --- a/krebs/1systems/puyak/net.nix +++ b/krebs/1systems/puyak/net.nix @@ -14,7 +14,7 @@ in { interfaces."${ext-if}".ipv4.addresses = [ { address = shack-ip; - prefixLength = 22; + prefixLength = 20; } ]; diff --git a/krebs/2configs/buildbot/master.nix b/krebs/2configs/buildbot/master.nix new file mode 100644 index 000000000..9598f6fa0 --- /dev/null +++ b/krebs/2configs/buildbot/master.nix @@ -0,0 +1,33 @@ +{buildbot-nix,...}: +let + #domain = "buildbot.krebsco.de"; + domain = "build.hotdog.r"; +in { + imports = [ + buildbot-nix.nixosModules.buildbot-master + ]; + + #services.nginx.virtualHosts."${domain}" = { + # enableACME = true; + # forceSSL = true; + #}; + + + services.buildbot-nix.master = { + enable = true; + admins = [ "makefu" ]; + buildSystems = [ "x86_64-linux" "aarch64-linux" ]; + inherit domain; + evalMaxMemorySize = "4096"; + evalWorkerCount = 16; + workersFile = "/var/src/secrets/buildbot/nix-workers"; + github = { + tokenFile = "/var/src/secrets/buildbot/github-token"; + webhookSecretFile = "/var/src/secrets/buildbot/github-webhook-secret"; + oauthSecretFile = "/var/src/secrets/buildbot/github-oauth-secret"; + oauthId = "Ov23lizFP7t7qoE9FuDA"; + user = "krebs-bob"; + topic = "buildbot"; + }; + }; +} diff --git a/krebs/2configs/buildbot/worker.nix b/krebs/2configs/buildbot/worker.nix new file mode 100644 index 000000000..e96c6df14 --- /dev/null +++ b/krebs/2configs/buildbot/worker.nix @@ -0,0 +1,11 @@ +{ buildbot-nix, ... }: +{ + imports = [ + buildbot-nix.nixosModules.buildbot-worker + ]; + + services.buildbot-nix.worker = { + enable = true; + workerPasswordFile = "/var/src/secrets/nix-worker-file"; + }; +} diff --git a/krebs/2configs/default.nix b/krebs/2configs/default.nix index 5d64555c8..6ca7c732a 100644 --- a/krebs/2configs/default.nix +++ b/krebs/2configs/default.nix @@ -28,7 +28,7 @@ with import ../../lib/pure.nix { inherit lib; }; networking.hostName = config.krebs.build.host.name; nix.maxJobs = 1; - nix.useSandbox = true; + nix.settings.sandbox = true; environment.systemPackages = with pkgs; [ git diff --git a/krebs/2configs/matterbridge.nix b/krebs/2configs/matterbridge.nix index f42921824..aa33f748f 100644 --- a/krebs/2configs/matterbridge.nix +++ b/krebs/2configs/matterbridge.nix @@ -1,4 +1,4 @@ -{ pkgs, lib, ... }: { +{ pkgs, lib, config, ... }: { services.matterbridge = { enable = true; configPath = let diff --git a/krebs/2configs/news-host.nix b/krebs/2configs/news-host.nix index 81922ef87..9b8627d61 100644 --- a/krebs/2configs/news-host.nix +++ b/krebs/2configs/news-host.nix @@ -1,5 +1,6 @@ -{ config, ... }: +{ config,lib, ... }: { + nixpkgs.config.allowUnfree = true; # "consul-1.18.0" krebs.sync-containers3.containers.news = { sshKey = "${config.krebs.secret.directory}/news.sync.key"; }; diff --git a/krebs/2configs/shack/esphome.nix b/krebs/2configs/shack/esphome.nix new file mode 100644 index 000000000..b6bcbce3e --- /dev/null +++ b/krebs/2configs/shack/esphome.nix @@ -0,0 +1,7 @@ +{ + services.esphome = { + enable = true; + address = "0.0.0.0"; + openFirewall = true; + }; +} diff --git a/krebs/2configs/shack/glados/default.nix b/krebs/2configs/shack/glados/default.nix index 236b5000d..e8ed18f0d 100644 --- a/krebs/2configs/shack/glados/default.nix +++ b/krebs/2configs/shack/glados/default.nix @@ -3,29 +3,26 @@ let kodi-host = "192.168.8.11"; confdir = "/var/lib/homeassistant-docker"; in { - imports = [ - ]; + imports = [ ./zigbee.nix ]; - # networking.firewall.allowedTCPPorts = [ 8123 ]; + networking.firewall.allowedTCPPorts = [ 8123 ]; virtualisation.oci-containers.containers.hass = { image = "homeassistant/home-assistant:latest"; environment = { TZ = "Europe/Berlin"; - # TODO create unique users - PUID = toString config.users.users.news_container.uid; - PGID = toString config.users.groups.news_container.gid; UMASK = "007"; }; - extraOptions = ["--net=host" ]; + extraOptions = ["--net=host" "--device=/dev/zigbee" ]; volumes = [ "${confdir}:/config" + "${./zigbee-quirks}:/quirks" #"${confdir}/docker-run:/etc/services.d/home-assistant/run:" ]; }; systemd.tmpfiles.rules = [ #"f ${confdir}/docker-run 0770 kiosk kiosk - -" # TODO: - "d ${confdir} 0770 news_container news_container - -" + "d ${confdir} 0770 root root - -" ]; services.nginx.virtualHosts."hass.shack" = { diff --git a/krebs/2configs/shack/glados/zigbee-quirks/__init__.py b/krebs/2configs/shack/glados/zigbee-quirks/__init__.py new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/krebs/2configs/shack/glados/zigbee-quirks/__init__.py diff --git a/krebs/2configs/shack/glados/zigbee-quirks/ts011f_power_monitoring.py b/krebs/2configs/shack/glados/zigbee-quirks/ts011f_power_monitoring.py new file mode 100644 index 000000000..b520fe947 --- /dev/null +++ b/krebs/2configs/shack/glados/zigbee-quirks/ts011f_power_monitoring.py @@ -0,0 +1,96 @@ +"""TS011F plug.""" + +from zigpy.profiles import zgp, zha +from zigpy.quirks import CustomDevice +from zigpy.zcl.clusters.general import ( + Basic, + GreenPowerProxy, + Groups, + Identify, + OnOff, + Ota, + Scenes, + Time, +) +from zigpy.zcl.clusters.homeautomation import ElectricalMeasurement +from zigpy.zcl.clusters.lightlink import LightLink +from zigpy.zcl.clusters.measurement import TemperatureMeasurement +from zigpy.zcl.clusters.smartenergy import Metering + +from zhaquirks.const import ( + DEVICE_TYPE, + ENDPOINTS, + INPUT_CLUSTERS, + MODEL, + MODELS_INFO, + OUTPUT_CLUSTERS, + PROFILE_ID, +) +from zhaquirks.quirk_ids import TUYA_PLUG_ONOFF +from zhaquirks.tuya import ( + EnchantedDevice, + TuyaNewManufCluster, + TuyaZB1888Cluster, + TuyaZBE000Cluster, + TuyaZBElectricalMeasurement, + TuyaZBExternalSwitchTypeCluster, + TuyaZBMeteringCluster, + TuyaZBMeteringClusterWithUnit, + TuyaZBOnOffAttributeCluster, +) + +class Plug_v2l(EnchantedDevice): + """Another TS011F Tuya plug. First one using this definition is _TZ3000_okaz9tjs.""" + + quirk_id = TUYA_PLUG_ONOFF + + signature = { + MODEL: "TS011F", + ENDPOINTS: { + # "profile_id": 260, + # "device_type": "0x0100", + # "in_clusters": ["0x0000", "0x0003", "0x0004", "0x0005", "0x0006", "0x0702", "0x0b04", "0xe001"], + # "in_clusters": ["0x0000", "0x0003", "0x0004", "0x0005", "0x0006", "0x000a", "0x0702", "0x0b04", "0x1000", "0xe000", "0xe001"], + # "out_clusters": [] + 1: { + PROFILE_ID: zha.PROFILE_ID, + DEVICE_TYPE: zha.DeviceType.ON_OFF_LIGHT, + INPUT_CLUSTERS: [ + Basic.cluster_id, + Identify.cluster_id, + Groups.cluster_id, + Scenes.cluster_id, + OnOff.cluster_id, + Time.cluster_id, + Metering.cluster_id, + ElectricalMeasurement.cluster_id, + LightLink.cluster_id, + TuyaZBE000Cluster.cluster_id, + TuyaZBExternalSwitchTypeCluster.cluster_id, + ], + OUTPUT_CLUSTERS: [], + }, + }, + } + replacement = { + ENDPOINTS: { + 1: { + PROFILE_ID: zha.PROFILE_ID, + DEVICE_TYPE: zha.DeviceType.SMART_PLUG, + INPUT_CLUSTERS: [ + Basic.cluster_id, + Identify.cluster_id, + Groups.cluster_id, + Scenes.cluster_id, + TuyaZBOnOffAttributeCluster, + Time.cluster_id, + TuyaZBMeteringClusterWithUnit, + TuyaZBElectricalMeasurement, + |