diff options
Diffstat (limited to 'krebs')
| -rw-r--r-- | krebs/2configs/cal.nix | 127 | ||||
| -rw-r--r-- | krebs/2configs/reaktor2.nix | 5 | ||||
| -rw-r--r-- | krebs/2configs/syncthing.nix | 12 | ||||
| -rw-r--r-- | krebs/5pkgs/simple/vicuna-chat/default.nix | 33 | ||||
| -rw-r--r-- | krebs/nixpkgs-unstable.json | 8 | ||||
| -rw-r--r-- | krebs/nixpkgs.json | 8 |
6 files changed, 157 insertions, 36 deletions
diff --git a/krebs/2configs/cal.nix b/krebs/2configs/cal.nix index 90093e8eb..15f0027b3 100644 --- a/krebs/2configs/cal.nix +++ b/krebs/2configs/cal.nix @@ -1,33 +1,116 @@ -{ config, lib, pkgs, ... }: -{ - users.users.testing = { - uid = pkgs.stockholm.lib.genid_uint31 "testing"; - isNormalUser = true; - openssh.authorizedKeys.keys = [ - config.krebs.users.xkey.pubkey - config.krebs.users.lass.pubkey - ]; - packages = [ - pkgs.calendar-cli - pkgs.tmux - ]; - }; +{ config, lib, pkgs, ... }: let + + setupGit = '' + export PATH=${lib.makeBinPath [ + pkgs.coreutils + pkgs.git + ]} + export GIT_SSH_COMMAND='${pkgs.openssh}/bin/ssh -i /var/lib/radicale/.ssh/id_ed25519' + repo='git@localhost:cal' + cd /var/lib/radicale/collections + if ! test -d .git; then + git init + git config user.name "radicale" + git config user.email "radicale@${config.networking.hostName}" + elif ! url=$(git config remote.origin.url); then + git remote add origin "$repo" + elif test "$url" != "$repo"; then + git remote set-url origin "$repo" + fi + cp ${pkgs.writeText "gitignore" '' + .Radicale.cache + ''} .gitignore + git add .gitignore + ''; - services.xandikos = { + pushCal = pkgs.writeDash "push_cal" '' + ${setupGit} + git fetch origin + git merge --ff-only origin/master || : + ''; + + pushCgit = pkgs.writeDash "push_cgit" '' + ${setupGit} + git push origin master + ''; + +in { + services.radicale = { enable = true; - extraOptions = [ - "--autocreate" - "--defaults" - "--current-user-principal /krebs" - "--dump-dav-xml" - ]; + rights = { + krebs = { + user = ".*"; + collection = ".*"; + permissions = "rRwW"; + }; + }; + settings = { + auth.type = "none"; + server.hosts = [ + "0.0.0.0:5232" + "[::]:5232" + ]; + storage.filesystem_folder = "/var/lib/radicale/collections"; + storage.hook = "${pkgs.writers.writeDash "radicale-hook" '' + set -efu + ${setupGit} + ${pkgs.git}/bin/git add -A + (${pkgs.git}/bin/git diff --cached --quiet || ${pkgs.git}/bin/git commit -m "Changes by \"$1\"") + ${pushCgit} + ''} %(user)s"; + }; }; services.nginx = { enable = true; virtualHosts = { - "calendar.r".locations."/".proxyPass = "http://localhost:${toString config.services.xandikos.port}/"; + "calendar.r".locations."/".proxyPass = "http://localhost:5232/"; + }; + }; + krebs.git = { + enable = true; + cgit.settings = { + root-title = "krebs repos"; + }; + rules = with pkgs.stockholm.lib.git; [ + { + user = [ + { + name = "cal"; + pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGe1jtHaNFZKmWemWQVEGVYj+s4QGJaL9WYH+wokOZie"; + } + ] ++ (lib.attrValues config.krebs.users); + repo = [ config.krebs.git.repos.cal ]; + perm = push ''refs/heads/master'' [ create merge ]; + } + ]; + repos.cal = { + public = true; + name = "cal"; + hooks = { + post-receive = '' + ${pkgs.git-hooks.irc-announce { + channel = "#xxx"; + refs = [ + "refs/heads/master" + ]; + nick = config.networking.hostName; + server = "irc.r"; + verbose = true; + }} + /run/wrappers/bin/sudo -S -u radicale ${pushCal} + ''; + }; }; }; + krebs.secret.files.calendar = { + path = "/var/lib/radicale/.ssh/id_ed25519"; + owner = { name = "radicale"; }; + source-path = "${<secrets/radicale.id_ed25519>}"; + }; + + security.sudo.extraConfig = '' + git ALL=(radicale) NOPASSWD: ${pushCal} + ''; } diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix index 67c2dd4cd..45ff61baf 100644 --- a/krebs/2configs/reaktor2.nix +++ b/krebs/2configs/reaktor2.nix @@ -77,7 +77,7 @@ let if [ "$?" -ne 0 ]; then report_error "$response" else - if ! text=$(printf '%s' "$response" | jq -er '.item.messages[1].text'); then + if ! text=$(printf '%s' "$response" | jq -er '.item.messages[-1].text'); then echo "$_from: $(report_error "$response")" exit 0 fi @@ -85,7 +85,7 @@ let echo "$_from: $text" | fold -s -w 426 printf '%s' "$response" | - jq -r '[.item.messages[1].sourceAttributions[].seeMoreUrl] | to_entries[] | "[\(.key + 1)]: \(.value)"' + jq -r '[.item.messages[-1].sourceAttributions[].seeMoreUrl] | to_entries[] | "[\(.key + 1)]: \(.value)"' fi ''; }; @@ -158,6 +158,7 @@ let ''; }; }; + interrogate = { pattern = "^!interrogate (.*)$"; activate = "match"; diff --git a/krebs/2configs/syncthing.nix b/krebs/2configs/syncthing.nix index dac1863d5..d6d42ca11 100644 --- a/krebs/2configs/syncthing.nix +++ b/krebs/2configs/syncthing.nix @@ -1,17 +1,21 @@ -{ config, pkgs, ... }: with import <stockholm/lib>; let +{ options, config, pkgs, ... }: with import <stockholm/lib>; let mk_peers = mapAttrs (n: v: { id = v.syncthing.id; }); all_peers = filterAttrs (n: v: v.syncthing.id != null) config.krebs.hosts; - used_peer_names = unique (flatten (mapAttrsToList (n: v: v.devices) config.services.syncthing.declarative.folders)); + used_peer_names = unique (filter isString (flatten (mapAttrsToList (n: v: v.devices) config.services.syncthing.folders))); used_peers = filterAttrs (n: v: elem n used_peer_names) all_peers; in { services.syncthing = { enable = true; configDir = "/var/lib/syncthing"; - devices = mk_peers used_peers; key = toString <secrets/syncthing.key>; cert = toString <secrets/syncthing.cert>; - }; + # workaround for infinite recursion on unstable, remove in 23.11 + } // (if builtins.hasAttr "settings" options.services.syncthing then + { settings.devices = mk_peers used_peers; } + else + { devices = mk_peers used_peers; } + ); boot.kernel.sysctl."fs.inotify.max_user_watches" = 524288; } diff --git a/krebs/5pkgs/simple/vicuna-chat/default.nix b/krebs/5pkgs/simple/vicuna-chat/default.nix new file mode 100644 index 000000000..11a11aabe --- /dev/null +++ b/krebs/5pkgs/simple/vicuna-chat/default.nix @@ -0,0 +1,33 @@ +{ pkgs, ... }: +pkgs.writers.writeDashBin "vicuna-chat" '' + set -efu + + export PATH=${with pkgs; lib.makeBinPath [ + coreutils + curl + jq + ]} + + CONTEXT=''${CONTEXT:-$(date -Id)} + PROMPT=$* + + if ! test -e "$CONTEXT"; then + echo -n 'null' > "$CONTEXT" + fi + + add_to_context() { + jq -rc --argjson message "$1" '. + [$message]' "$CONTEXT" > "$CONTEXT.tmp" + mv "$CONTEXT.tmp" "$CONTEXT" + } + + add_to_context "{\"role\": \"user\", \"content\": \"$PROMPT\"}" + response=$( + jq -nc --slurpfile context "$CONTEXT" '{ + model: "vicuna-13b", + messages: $context[0], + }' | + curl -Ss http://vicuna.r/v1/chat/completions -H 'Content-Type: application/json' -d @- + ) + add_to_context "$(jq -rcn --argjson response "$response" '$response.choices[0].message')" + jq -rcn --argjson response "$response" '$response.choices[0].message.content' +'' diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json index d9e81ad37..a30dffd71 100644 --- a/krebs/nixpkgs-unstable.json +++ b/krebs/nixpkgs-unstable.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "897876e4c484f1e8f92009fd11b7d988a121a4e7", - "date": "2023-05-06T22:28:42+01:00", - "path": "/nix/store/55lpvam2wgdmrbzx0j5gf51dqrqn8wqv-nixpkgs", - "sha256": "0i9j45jwmqhiv7v8i4dmigaras3iw4hmrds2vvd5x8riln3hyizn", + "rev": "4729ffac6fd12e26e5a8de002781ffc49b0e94b7", + "date": "2023-06-05T20:59:20-06:00", + "path": "/nix/store/6r3d9mpbl3px7y8y6wcwsg60bvish21w-nixpkgs", + "sha256": "0gha78rczp5gbl6v39i2bm11kmi974akgqkj3hck5s2ri6abprsr", "fetchLFS": false, "fetchSubmodules": false, "deepClone": false, diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index 4ba72d00d..5435dd9bd 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "a08e061a4ee8329747d54ddf1566d34c55c895eb", - "date": "2023-05-09T12:11:35+02:00", - "path": "/nix/store/lwy9r49c92ml9mbvp2kx1m31p7bcpzxd-nixpkgs", - "sha256": "1h0yd0xka6wj9sbbq34gw7a9qlp044b7dhg16bmn8bv96ix55vzj", + "rev": "d83945caa7624015f11b152bf5c6c4363ffe9f7c", + "date": "2023-06-06T09:06:53+02:00", + "path": "/nix/store/vzqz4lhcfjg5npn2fm7w3qpm7h0i5baz-nixpkgs", + "sha256": "0l4axff9lqc6qq1dkm1dgdp2zv7165a42d9l2zmf4njnhm91f5w5", "fetchLFS": false, "fetchSubmodules": false, "deepClone": false, |