summaryrefslogtreecommitdiffstats
path: root/krebs/2configs
diff options
context:
space:
mode:
Diffstat (limited to 'krebs/2configs')
-rw-r--r--krebs/2configs/buildbot/master.nix33
-rw-r--r--krebs/2configs/buildbot/worker.nix13
-rw-r--r--krebs/2configs/default.nix3
-rw-r--r--krebs/2configs/exim-smarthost.nix5
-rw-r--r--krebs/2configs/hw/x220.nix2
-rw-r--r--krebs/2configs/mastodon.nix1
-rw-r--r--krebs/2configs/matterbridge.nix2
-rw-r--r--krebs/2configs/news-host.nix6
-rw-r--r--krebs/2configs/news.nix207
-rw-r--r--krebs/2configs/reaktor2.nix19
-rw-r--r--krebs/2configs/shack/esphome.nix7
-rw-r--r--krebs/2configs/shack/glados/default.nix13
-rw-r--r--krebs/2configs/shack/glados/zigbee-quirks/__init__.py0
-rw-r--r--krebs/2configs/shack/glados/zigbee-quirks/ts011f_power_monitoring.py96
-rw-r--r--krebs/2configs/shack/glados/zigbee.nix5
15 files changed, 166 insertions, 246 deletions
diff --git a/krebs/2configs/buildbot/master.nix b/krebs/2configs/buildbot/master.nix
new file mode 100644
index 000000000..9598f6fa0
--- /dev/null
+++ b/krebs/2configs/buildbot/master.nix
@@ -0,0 +1,33 @@
+{buildbot-nix,...}:
+let
+ #domain = "buildbot.krebsco.de";
+ domain = "build.hotdog.r";
+in {
+ imports = [
+ buildbot-nix.nixosModules.buildbot-master
+ ];
+
+ #services.nginx.virtualHosts."${domain}" = {
+ # enableACME = true;
+ # forceSSL = true;
+ #};
+
+
+ services.buildbot-nix.master = {
+ enable = true;
+ admins = [ "makefu" ];
+ buildSystems = [ "x86_64-linux" "aarch64-linux" ];
+ inherit domain;
+ evalMaxMemorySize = "4096";
+ evalWorkerCount = 16;
+ workersFile = "/var/src/secrets/buildbot/nix-workers";
+ github = {
+ tokenFile = "/var/src/secrets/buildbot/github-token";
+ webhookSecretFile = "/var/src/secrets/buildbot/github-webhook-secret";
+ oauthSecretFile = "/var/src/secrets/buildbot/github-oauth-secret";
+ oauthId = "Ov23lizFP7t7qoE9FuDA";
+ user = "krebs-bob";
+ topic = "buildbot";
+ };
+ };
+}
diff --git a/krebs/2configs/buildbot/worker.nix b/krebs/2configs/buildbot/worker.nix
new file mode 100644
index 000000000..5526a83d3
--- /dev/null
+++ b/krebs/2configs/buildbot/worker.nix
@@ -0,0 +1,13 @@
+{ config, buildbot-nix, ... }:
+{
+ imports = [
+ buildbot-nix.nixosModules.buildbot-worker
+ ];
+
+ services.buildbot-nix.worker = {
+ enable = true;
+ name = config.krebs.build.host.name;
+ workerPasswordFile = "/var/src/secrets/nix-worker-file";
+ masterUrl = "tcp:host=gum:port=9989";
+ };
+}
diff --git a/krebs/2configs/default.nix b/krebs/2configs/default.nix
index 5d64555c8..e7bf3078f 100644
--- a/krebs/2configs/default.nix
+++ b/krebs/2configs/default.nix
@@ -28,12 +28,11 @@ with import ../../lib/pure.nix { inherit lib; };
networking.hostName = config.krebs.build.host.name;
nix.maxJobs = 1;
- nix.useSandbox = true;
+ nix.settings.sandbox = true;
environment.systemPackages = with pkgs; [
git
vim
- rxvt_unicode.terminfo
];
console.keyMap = "us";
diff --git a/krebs/2configs/exim-smarthost.nix b/krebs/2configs/exim-smarthost.nix
index 6445783f0..ceb11ca64 100644
--- a/krebs/2configs/exim-smarthost.nix
+++ b/krebs/2configs/exim-smarthost.nix
@@ -16,7 +16,9 @@ in {
makefu
tv
];
- eloop-ml = spam-ml;
+ eloop-ml = spam-ml ++ [
+ { mail = "unreal@rtinf.net"; }
+ ];
krebstel-ml = [
config.krebs.users."0x4A6F"
{ mail = "krebstel-1rxz0mqa95nkmk298s1731ly0ii7vc36kkm36pnjj89hrq52pgn1@ni.r"; }
@@ -32,6 +34,7 @@ in {
in {
"brain@krebsco.de" = brain-ml;
"eloop2022@krebsco.de" = eloop-ml;
+ "2024@eloop.org" = eloop-ml;
"root@eloop.org" = eloop-ml; # obsolete, use spam@eloop.org instead
"spam@eloop.org" = eloop-ml;
"youtube@eloop.org" = eloop-ml; # obsolete, use spam@eloop.org instead
diff --git a/krebs/2configs/hw/x220.nix b/krebs/2configs/hw/x220.nix
index 980c2c9aa..a797673c9 100644
--- a/krebs/2configs/hw/x220.nix
+++ b/krebs/2configs/hw/x220.nix
@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }:
+{ lib, pkgs, ... }:
{
networking.wireless.enable = lib.mkDefault true;
diff --git a/krebs/2configs/mastodon.nix b/krebs/2configs/mastodon.nix
index ebc4207a0..b81c229b6 100644
--- a/krebs/2configs/mastodon.nix
+++ b/krebs/2configs/mastodon.nix
@@ -14,7 +14,6 @@
localDomain = "social.krebsco.de";
configureNginx = true;
streamingProcesses = 3;
- trustedProxy = config.krebs.hosts.prism.nets.retiolum.ip6.addr;
smtp.createLocally = false;
smtp.fromAddress = "derp";
};
diff --git a/krebs/2configs/matterbridge.nix b/krebs/2configs/matterbridge.nix
index f42921824..aa33f748f 100644
--- a/krebs/2configs/matterbridge.nix
+++ b/krebs/2configs/matterbridge.nix
@@ -1,4 +1,4 @@
-{ pkgs, lib, ... }: {
+{ pkgs, lib, config, ... }: {
services.matterbridge = {
enable = true;
configPath = let
diff --git a/krebs/2configs/news-host.nix b/krebs/2configs/news-host.nix
deleted file mode 100644
index 81922ef87..000000000
--- a/krebs/2configs/news-host.nix
+++ /dev/null
@@ -1,6 +0,0 @@
-{ config, ... }:
-{
- krebs.sync-containers3.containers.news = {
- sshKey = "${config.krebs.secret.directory}/news.sync.key";
- };
-}
diff --git a/krebs/2configs/news.nix b/krebs/2configs/news.nix
deleted file mode 100644
index 9d9470727..000000000
--- a/krebs/2configs/news.nix
+++ /dev/null
@@ -1,207 +0,0 @@
-{ config, pkgs, ... }:
-
-{
- services.rss-bridge = {
- enable = true;
- whitelist = [ "*" ];
- };
- services.nginx.virtualHosts = {
- rss-bridge = {
- serverAliases = [
- "rss.r"
- ];
- };
- "brockman.r" = {
- serverAliases = [
- "news.r"
- ];
- locations."/api".extraConfig = ''
- proxy_pass http://127.0.0.1:7777/;
- proxy_pass_header Server;
- '';
- locations."= /graph.html".extraConfig = ''
- alias ${pkgs.fetchurl {
- url = "https://raw.githubusercontent.com/kmein/brockman/05d33c8caaaf6255752f9600981974bb58390851/tools/graph.html";
- sha256 = "0iw2vdzj6kzkix1c447ybmc953lns6z4ap6sr9pcib8bany4g43w";
- }};
- '';
- locations."/".extraConfig = ''
- root /var/lib/brockman;
- index brockman.json;
- '';
- extraConfig = ''
- add_header 'Access-Control-Allow-Origin' '*';
- add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
- '';
- };
- };
- systemd.tmpfiles.rules = [
- "d /var/lib/brockman 1750 brockman nginx -"
- "d /run/irc-api 1750 brockman nginx -"
- ];
-
- systemd.services.brockman-graph = {
- path = [
- pkgs.graphviz
- pkgs.jq
- pkgs.inotify-tools
- ];
- serviceConfig = {
- ExecStart = pkgs.writers.writeDash "brockman-graph" ''
-
- while :; do
- graphviz="$(cat /var/lib/brockman/brockman.json \
- | jq -r '
- .bots |
- to_entries |
- map(select(.value.extraChannels|length > 1 )) |
- .[] |
- "\"\(.key)\" -> {\(.value.extraChannels|map("\""+.+"\"")|join(" "))}"
- ')"
- echo "digraph news { $graphviz }" | circo -Tsvg > /var/lib/brockman/graph.svg
-
- inotifywait -q -e MODIFY /var/lib/brockman/brockman.json
- done
- '';
- User = "brockman";
- };
- wantedBy = [ "multi-user.target" ];
- };
-
- services.ergochat.openFilesLimit = 16384;
- services.ergochat.settings = {
- limits.nicklen = 100;
- limits.identlen = 100;
- history.enabled = false;
- };
- systemd.services.brockman.bindsTo = [ "ergochat.service" ];
- systemd.services.brockman.serviceConfig.LimitNOFILE = 16384;
- systemd.services.brockman.environment.BROCKMAN_LOG_LEVEL = "DEBUG";
- krebs.brockman = {
- enable = true;
- config = {
- irc.host = "localhost";
- channel = "#all";
- shortener = "http://go.r";
- controller = {
- nick = "brockman";
- extraChannels = [ "#all" ];
- };
- statePath = "/var/state/brockman/brockman.json";
- bots = {};
- };
- };
-
- krebs.reaktor2.api = {
- hostname = "localhost";
- port = "6667";
- nick = "api";
- API.listen = "inet://127.0.0.1:7777";
- plugins = [
- {
- plugin = "register";
- config = {
- channels = [
- "#all"
- ];
- };
- }
- ];
- };
- krebs.reaktor2.news = let
- name = "candyman";
- in {
- hostname = "localhost";
- port = "6667";
- nick = name;
- plugins = [
- {
- plugin = "register";
- config = {
- channels = [
- "#all"
- "#aluhut"
- "#news"
- "#lasstube"
- ];
- };
- }
- {
- plugin = "system";
- config = {
- hooks.PRIVMSG = [
- {
- activate = "match";
- pattern = "^${name}:\\s*(\\S*)(?:\\s+(.*\\S))?\\s*$";
- command = 1;
- arguments = [2];
- commands = {
- add-reddit.filename = pkgs.writeDash "add-reddit" ''
- set -euf
- if [ "$#" -ne 1 ]; then
- echo 'usage: ${name}: add-reddit $reddit_channel'
- exit 1
- fi
- reddit_channel=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][0]')
- echo "brockman: add r_$reddit_channel http://rss.r/?action=display&bridge=Reddit&context=single&r=$reddit_channel&format=Atom"
- '';
- add-telegram.filename = pkgs.writeDash "add-telegram" ''
- set -euf
- if [ "$#" -ne 1 ]; then
- echo 'usage: ${name}: add-telegram $telegram_user'
- exit 1
- fi
- telegram_user=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][0]')
- echo "brockman: add t_$telegram_user http://rss.r/?action=display&bridge=Telegram&username=$telegram_user&format=Mrss"
- '';
- add-youtube.filename = pkgs.writeDash "add-youtube" ''
- set -euf
- if [ "$#" -ne 1 ]; then
- echo 'usage: ${name}: add-youtube $nick $channel/video/stream/id'
- exit 1
- fi
- youtube_nick=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][0]')
- youtube_url=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][1]')
- if [ ''${#youtube_url} -eq 24 ]; then
- youtube_id=$youtube_url
- else
- youtube_id=$(${pkgs.yt-dlp}/bin/yt-dlp --max-downloads 1 -j "$youtube_url" | ${pkgs.jq}/bin/jq -r '.channel_id')
- fi
- echo "brockman: add yt_$youtube_nick http://rss.r/?action=display&bridge=Youtube&context=By+channel+id&c=$youtube_id&duration_min=&duration_max=&format=Mrss"
- '';
- add-twitch.filename = pkgs.writeDash "add-twitch" ''
- set -euf
- if [ "$#" -ne 1 ]; then
- echo 'usage: ${name}: add-twitch $handle'
- exit 1
- fi
- twitch_nick=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][0]')
- echo "brockman: add twitch_$twitch_nick http://rss.r/?action=display&bridge=Twitch&channel=$twitch_nick&type=all&format=Atom"
- '';
- add-twitter.filename = pkgs.writeDash "add-twitter" ''
- set -euf
- if [ "$#" -ne 1 ]; then
- echo 'usage: ${name}: add-twitter $handle'
- exit 1
- fi
- twitter_nick=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][0]')
- echo "brockman: add tw_$twitter_nick http://rss.r/?action=display&bridge=Twitter&context=By+username&u=$twitter_nick&norep=on&noretweet=on&nopinned=on&nopic=on&format=Atom"
- '';
- search.filename = pkgs.writeDash "search" ''
- set -euf
- if [ "$#" -ne 1 ]; then
- echo 'usage: ${name}: search $searchterm'
- exit 1
- fi
- searchterm=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][0]')
- ${pkgs.curl}/bin/curl -Ss "https://feedsearch.dev/api/v1/search?url=$searchterm&info=true&favicon=false" |
- ${pkgs.jq}/bin/jq '.[].url'
- '';
- };
- }
- ];
- };
- }
- ];
- };
-}
diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix
index e84827656..7cc6c7550 100644
--- a/krebs/2configs/reaktor2.nix
+++ b/krebs/2configs/reaktor2.nix
@@ -253,24 +253,6 @@ let
};
};
- vicuna = {
- pattern = "^!vicuna (.*)$";
- activate = "match";
- arguments = [1];
- timeoutSec = 1337;
- command = {
- filename = pkgs.writeDash "vicuna" ''
- set -efu
-
- mkdir -p ${stateDir}/vicuna
- export CONTEXT=${stateDir}/vicuna/"$_msgtarget".context
- ${pkgs.vicuna-chat}/bin/vicuna-chat "$@" |
- echo "$_from: $(cat)" |
- fold -s -w 426
- '';
- };
- };
-
locationsLib = pkgs.writeText "locations.sh" ''
ENDPOINT=http://c.r/poi.json
get_locations() {
@@ -431,7 +413,6 @@ let
hooks.sed
interrogate
say
- vicuna
(generators.command_hook {
inherit (commands) dance random-emoji nixos-version;
tell = {
diff --git a/krebs/2configs/shack/esphome.nix b/krebs/2configs/shack/esphome.nix
new file mode 100644
index 000000000..b6bcbce3e
--- /dev/null
+++ b/krebs/2configs/shack/esphome.nix
@@ -0,0 +1,7 @@
+{
+ services.esphome = {
+ enable = true;
+ address = "0.0.0.0";
+ openFirewall = true;
+ };
+}
diff --git a/krebs/2configs/shack/glados/default.nix b/krebs/2configs/shack/glados/default.nix
index 236b5000d..e8ed18f0d 100644
--- a/krebs/2configs/shack/glados/default.nix
+++ b/krebs/2configs/shack/glados/default.nix
@@ -3,29 +3,26 @@ let
kodi-host = "192.168.8.11";
confdir = "/var/lib/homeassistant-docker";
in {
- imports = [
- ];
+ imports = [ ./zigbee.nix ];
- # networking.firewall.allowedTCPPorts = [ 8123 ];
+ networking.firewall.allowedTCPPorts = [ 8123 ];
virtualisation.oci-containers.containers.hass = {
image = "homeassistant/home-assistant:latest";
environment = {
TZ = "Europe/Berlin";
- # TODO create unique users
- PUID = toString config.users.users.news_container.uid;
- PGID = toString config.users.groups.news_container.gid;
UMASK = "007";
};
- extraOptions = ["--net=host" ];
+ extraOptions = ["--net=host" "--device=/dev/zigbee" ];
volumes = [
"${confdir}:/config"
+ "${./zigbee-quirks}:/quirks"
#"${confdir}/docker-run:/etc/services.d/home-assistant/run:"
];
};
systemd.tmpfiles.rules = [
#"f ${confdir}/docker-run 0770 kiosk kiosk - -"
# TODO:
- "d ${confdir} 0770 news_container news_container - -"
+ "d ${confdir} 0770 root root - -"
];
services.nginx.virtualHosts."hass.shack" = {
diff --git a/krebs/2configs/shack/glados/zigbee-quirks/__init__.py b/krebs/2configs/shack/glados/zigbee-quirks/__init__.py
new file mode 100644
index 000000000..e69de29bb
--- /dev/null
+++ b/krebs/2configs/shack/glados/zigbee-quirks/__init__.py
diff --git a/krebs/2configs/shack/glados/zigbee-quirks/ts011f_power_monitoring.py b/krebs/2configs/shack/glados/zigbee-quirks/ts011f_power_monitoring.py
new file mode 100644
index 000000000..b520fe947
--- /dev/null
+++ b/krebs/2configs/shack/glados/zigbee-quirks/ts011f_power_monitoring.py
@@ -0,0 +1,96 @@
+"""TS011F plug."""
+
+from zigpy.profiles import zgp, zha
+from zigpy.quirks import CustomDevice
+from zigpy.zcl.clusters.general import (
+ Basic,
+ GreenPowerProxy,
+ Groups,
+ Identify,
+ OnOff,
+ Ota,
+ Scenes,
+ Time,
+)
+from zigpy.zcl.clusters.homeautomation import ElectricalMeasurement
+from zigpy.zcl.clusters.lightlink import LightLink
+from zigpy.zcl.clusters.measurement import TemperatureMeasurement
+from zigpy.zcl.clusters.smartenergy import Metering
+
+from zhaquirks.const import (
+ DEVICE_TYPE,
+ ENDPOINTS,
+ INPUT_CLUSTERS,
+ MODEL,
+ MODELS_INFO,
+ OUTPUT_CLUSTERS,
+ PROFILE_ID,
+)
+from zhaquirks.quirk_ids import TUYA_PLUG_ONOFF
+from zhaquirks.tuya import (
+ EnchantedDevice,
+ TuyaNewManufCluster,
+ TuyaZB1888Cluster,
+ TuyaZBE000Cluster,
+ TuyaZBElectricalMeasurement,
+ TuyaZBExternalSwitchTypeCluster,
+ TuyaZBMeteringCluster,
+ TuyaZBMeteringClusterWithUnit,
+ TuyaZBOnOffAttributeCluster,
+)
+
+class Plug_v2l(EnchantedDevice):
+ """Another TS011F Tuya plug. First one using this definition is _TZ3000_okaz9tjs."""
+
+ quirk_id = TUYA_PLUG_ONOFF
+
+ signature = {
+ MODEL: "TS011F",
+ ENDPOINTS: {
+ # "profile_id": 260,
+ # "device_type": "0x0100",
+ # "in_clusters": ["0x0000", "0x0003", "0x0004", "0x0005", "0x0006", "0x0702", "0x0b04", "0xe001"],
+ # "in_clusters": ["0x0000", "0x0003", "0x0004", "0x0005", "0x0006", "0x000a", "0x0702", "0x0b04", "0x1000", "0xe000", "0xe001"],
+ # "out_clusters": []
+ 1: {
+ PROFILE_ID: zha.PROFILE_ID,
+ DEVICE_TYPE: zha.DeviceType.ON_OFF_LIGHT,
+ INPUT_CLUSTERS: [
+ Basic.cluster_id,
+ Identify.cluster_id,
+ Groups.cluster_id,
+ Scenes.cluster_id,
+ OnOff.cluster_id,
+ Time.cluster_id,
+ Metering.cluster_id,
+ ElectricalMeasurement.cluster_id,
+ LightLink.cluster_id,
+ TuyaZBE000Cluster.cluster_id,
+ TuyaZBExternalSwitchTypeCluster.cluster_id,
+ ],
+ OUTPUT_CLUSTERS: [],
+ },
+ },
+ }
+ replacement = {
+ ENDPOINTS: {
+ 1: {
+ PROFILE_ID: zha.PROFILE_ID,
+ DEVICE_TYPE: zha.DeviceType.SMART_PLUG,
+ INPUT_CLUSTERS: [
+ Basic.cluster_id,
+ Identify.cluster_id,
+ Groups.cluster_id,
+ Scenes.cluster_id,
+ TuyaZBOnOffAttributeCluster,
+ Time.cluster_id,
+ TuyaZBMeteringClusterWithUnit,
+ TuyaZBElectricalMeasurement,
+ LightLink.cluster_id,
+ TuyaZBE000Cluster.cluster_id,
+ TuyaZBExternalSwitchTypeCluster,
+ ],
+ OUTPUT_CLUSTERS: [],
+ },
+ },
+ }
diff --git a/krebs/2configs/shack/glados/zigbee.nix b/krebs/2configs/shack/glados/zigbee.nix
new file mode 100644
index 000000000..a8967cc37
--- /dev/null
+++ b/krebs/2configs/shack/glados/zigbee.nix
@@ -0,0 +1,5 @@
+{
+ services.udev.extraRules = ''
+ SUBSYSTEM=="tty", ATTRS{idVendor}=="10c4", ATTRS{idProduct}=="ea60", SYMLINK+="zigbee", MODE="0666"
+ '';
+}
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-13 12:41:21 +0000