diff options
Diffstat (limited to 'lass/2configs')
-rw-r--r-- | lass/2configs/baseX.nix | 5 | ||||
-rw-r--r-- | lass/2configs/blue-host.nix | 90 | ||||
-rw-r--r-- | lass/2configs/blue.nix | 7 | ||||
-rw-r--r-- | lass/2configs/default.nix | 11 | ||||
-rw-r--r-- | lass/2configs/exim-smarthost.nix | 8 | ||||
-rw-r--r-- | lass/2configs/gc.nix | 1 | ||||
-rw-r--r-- | lass/2configs/git.nix | 4 | ||||
-rw-r--r-- | lass/2configs/green-host.nix | 109 | ||||
-rw-r--r-- | lass/2configs/hass/default.nix | 1 | ||||
-rw-r--r-- | lass/2configs/hass/rooms/bett.nix | 31 | ||||
-rw-r--r-- | lass/2configs/hw/x220.nix | 11 | ||||
-rw-r--r-- | lass/2configs/mail.nix | 19 | ||||
-rw-r--r-- | lass/2configs/mpv.nix | 2 | ||||
-rw-r--r-- | lass/2configs/paste.nix | 31 | ||||
-rw-r--r-- | lass/2configs/radio.nix | 29 | ||||
-rw-r--r-- | lass/2configs/steam.nix | 6 | ||||
-rw-r--r-- | lass/2configs/syncthing.nix | 1 | ||||
-rw-r--r-- | lass/2configs/websites/domsen.nix | 18 | ||||
-rw-r--r-- | lass/2configs/websites/lassulus.nix | 5 | ||||
-rw-r--r-- | lass/2configs/wine.nix | 3 | ||||
-rw-r--r-- | lass/2configs/zsh.nix | 13 |
21 files changed, 275 insertions, 130 deletions
diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index baf93ffe5..e92ddbcca 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -72,10 +72,11 @@ in { git-preview gnome3.dconf iodine + libarchive lm_sensors ncdu nix-index - nix-review + nixpkgs-review nmap pavucontrol ponymix @@ -92,6 +93,8 @@ in { xsel zathura (pkgs.writeDashBin "screenshot" '' + set -efu + ${pkgs.flameshot-once}/bin/flameshot-once ${pkgs.klem}/bin/klem '') diff --git a/lass/2configs/blue-host.nix b/lass/2configs/blue-host.nix index 718a92e9c..7aabf0931 100644 --- a/lass/2configs/blue-host.nix +++ b/lass/2configs/blue-host.nix @@ -49,54 +49,54 @@ in { }; - systemd.services = builtins.listToAttrs (map (host: - let - in nameValuePair "sync-blue-${host}" { - bindsTo = [ "container@blue.service" ]; - wantedBy = [ "container@blue.service" ]; - # ssh needed for rsync - path = [ pkgs.openssh ]; - serviceConfig = { - Restart = "always"; - RestartSec = 10; - ExecStart = pkgs.writeDash "sync-blue-${host}" '' - set -efu - #make sure blue is running - /run/wrappers/bin/ping -c1 blue.r > /dev/null + #systemd.services = builtins.listToAttrs (map (host: + # let + # in nameValuePair "sync-blue-${host}" { + # bindsTo = [ "container@blue.service" ]; + # wantedBy = [ "container@blue.service" ]; + # # ssh needed for rsync + # path = [ pkgs.openssh ]; + # serviceConfig = { + # Restart = "always"; + # RestartSec = 10; + # ExecStart = pkgs.writeDash "sync-blue-${host}" '' + # set -efu + # #make sure blue is running + # /run/wrappers/bin/ping -c1 blue.r > /dev/null - #make sure the container is unlocked - ${pkgs.mount}/bin/mount | ${pkgs.gnugrep}/bin/grep -q '^encfs on /var/lib/containers/blue' + # #make sure the container is unlocked + # ${pkgs.mount}/bin/mount | ${pkgs.gnugrep}/bin/grep -q '^encfs on /var/lib/containers/blue' - #make sure our target is reachable - ${pkgs.untilport}/bin/untilport ${host}.r 22 2>/dev/null + # #make sure our target is reachable + # ${pkgs.untilport}/bin/untilport ${host}.r 22 2>/dev/null - #start sync - ${pkgs.lsyncd}/bin/lsyncd -log scarce ${pkgs.writeText "lsyncd-config.lua" '' - settings { - nodaemon = true, - inotifyMode = "CloseWrite or Modify", - } - sync { - default.rsyncssh, - source = "/var/lib/containers/.blue", - host = "${host}.r", - targetdir = "/var/lib/containers/.blue", - rsync = { - archive = true, - owner = true, - group = true, - }; - ssh = { - binary = "${pkgs.openssh}/bin/ssh"; - identityFile = "/var/lib/containers/blue/home/lass/.ssh/id_rsa", - }, - } - ''} - ''; - }; - unitConfig.ConditionPathExists = "!/var/run/ppp0.pid"; - } - ) remote_hosts); + # #start sync + # ${pkgs.lsyncd}/bin/lsyncd -log scarce ${pkgs.writeText "lsyncd-config.lua" '' + # settings { + # nodaemon = true, + # inotifyMode = "CloseWrite or Modify", + # } + # sync { + # default.rsyncssh, + # source = "/var/lib/containers/.blue", + # host = "${host}.r", + # targetdir = "/var/lib/containers/.blue", + # rsync = { + # archive = true, + # owner = true, + # group = true, + # }; + # ssh = { + # binary = "${pkgs.openssh}/bin/ssh"; + # identityFile = "/var/lib/containers/blue/home/lass/.ssh/id_rsa", + # }, + # } + # ''} + # ''; + # }; + # unitConfig.ConditionPathExists = "!/var/run/ppp0.pid"; + # } + #) remote_hosts); environment.systemPackages = [ (pkgs.writeDashBin "start-blue" '' diff --git a/lass/2configs/blue.nix b/lass/2configs/blue.nix index a4000cada..15408a200 100644 --- a/lass/2configs/blue.nix +++ b/lass/2configs/blue.nix @@ -26,6 +26,8 @@ with (import <stockholm/lib>); { predicate = "-i wiregrill -p udp --dport 60000:61000"; target = "ACCEPT";} { predicate = "-i retiolum -p tcp --dport 9998:9999"; target = "ACCEPT";} { predicate = "-i wiregrill -p tcp --dport 9998:9999"; target = "ACCEPT";} + { predicate = "-i retiolum -p tcp --dport imap"; target = "ACCEPT";} + { predicate = "-i wiregrill -p tcp --dport imap"; target = "ACCEPT";} ]; systemd.services.chat = let @@ -64,4 +66,9 @@ with (import <stockholm/lib>); ExecStop = "${tmux} kill-session -t IM"; }; }; + + services.dovecot2 = { + enable = true; + mailLocation = "maildir:~/Maildir"; + }; } diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index ae2754c96..f59988b75 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -44,7 +44,15 @@ with import <stockholm/lib>; config.krebs.users.lass-yubikey.pubkey ]; }; + nix = { + isNormalUser = true; + uid = genid_uint31 "nix"; + openssh.authorizedKeys.keys = [ + config.krebs.hosts.mors.ssh.pubkey + ]; + }; }; + nix.trustedUsers = ["nix"]; } { environment.variables = { @@ -212,4 +220,7 @@ with import <stockholm/lib>; networking.dhcpcd.extraConfig = '' noipv4ll ''; + + # use 24:00 time format, the default got sneakily changed around 20.03 + i18n.defaultLocale = mkDefault "C.UTF-8"; } diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix index 82839beba..797864b15 100644 --- a/lass/2configs/exim-smarthost.nix +++ b/lass/2configs/exim-smarthost.nix @@ -2,8 +2,6 @@ to = concatStringsSep "," [ "lass@blue.r" - "lass@xerxes.r" - "lass@mors.r" ]; mails = [ @@ -110,6 +108,12 @@ "auschein@lassul.us" "tleech@lassul.us" "durstexpress@lassul.us" + "acme@lassul.us" + "antstore@lassul.us" + "openweather@lassul.us" + "lobsters@lassul.us" + "rewe@lassul.us" + "spotify@lassul.us" ]; in { diff --git a/lass/2configs/gc.nix b/lass/2configs/gc.nix index 0ddb63a03..f9c61c461 100644 --- a/lass/2configs/gc.nix +++ b/lass/2configs/gc.nix @@ -4,5 +4,6 @@ with import <stockholm/lib>; { nix.gc = { automatic = ! (elem config.krebs.build.host.name [ "mors" "xerxes" ] || config.boot.isContainer); + options = "--delete-older-than 15d"; }; } diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index eba68c0bc..edec2dcb4 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -58,6 +58,10 @@ let cgit.desc = "url shortener"; cgit.section = "software"; }; + grib2json-bin = { + cgit.desc = "build jar of grib2json"; + cgit.section = "deployment"; + }; krebspage = { cgit.desc = "homepage of krebs"; cgit.section = "configuration"; diff --git a/lass/2configs/green-host.nix b/lass/2configs/green-host.nix index 0cccbc30e..6cccab4b3 100644 --- a/lass/2configs/green-host.nix +++ b/lass/2configs/green-host.nix @@ -1,38 +1,44 @@ { config, lib, pkgs, ... }: with import <stockholm/lib>; -{ +let + + cname = "green"; + cryfs = pkgs.cryfs.overrideAttrs (old: { + patches = [ + (pkgs.writeText "file_mode.patch" '' + --- a/src/cryfs/filesystem/CryNode.cpp + +++ b/src/cryfs/filesystem/CryNode.cpp + @@ -171,7 +171,7 @@ CryNode::stat_info CryNode::stat() const { + result.uid = fspp::uid_t(getuid()); + result.gid = fspp::gid_t(getgid()); + #endif + - result.mode = fspp::mode_t().addDirFlag().addUserReadFlag().addUserWriteFlag().addUserExecFlag(); + + result.mode = fspp::mode_t().addDirFlag().addUserReadFlag().addUserWriteFlag().addUserExecFlag().addGroupReadFlag().addGroupExecFlag().addOtherReadFlag().addOtherExecFlag();; + result.size = fsblobstore::DirBlob::DIR_LSTAT_SIZE; + //TODO If possible without performance loss, then for a directory, st_nlink should return number of dir entries (including "." and "..") + result.nlink = 1; + '') + ] ++ old.patches; + }); + +in { imports = [ <stockholm/lass/2configs/container-networking.nix> <stockholm/lass/2configs/syncthing.nix> - { #hack for already defined - systemd.services."container@green".reloadIfChanged = mkForce false; - systemd.services."container@green".preStart = '' - ${pkgs.mount}/bin/mount | ${pkgs.gnugrep}/bin/grep -q ' on /var/lib/containers/green ' - ''; - systemd.services."container@green".postStop = '' - set -x - ${pkgs.umount}/bin/umount /var/lib/containers/green - ls -la /dev/mapper/control - ${pkgs.devicemapper}/bin/dmsetup ls - ${pkgs.cryptsetup}/bin/cryptsetup -v luksClose /var/lib/sync-containers/green.img - ''; - } ]; - services.syncthing.declarative.folders."/var/lib/sync-containers".devices = [ "icarus" "skynet" "littleT" "shodan" ]; - krebs.permown."/var/lib/sync-containers" = { - owner = "root"; - group = "syncthing"; - umask = "0007"; - }; + programs.fuse.userAllowOther = true; - system.activationScripts.containerPermissions = '' - mkdir -p /var/lib/containers - chmod 711 /var/lib/containers - ''; + services.syncthing.declarative.folders."/var/lib/sync-containers/${cname}".devices = [ "icarus" "skynet" "littleT" "shodan" ]; + # krebs.permown."/var/lib/sync-containers/${cname}" = { + # owner = "root"; + # group = "syncthing"; + # umask = "0007"; + # }; - containers.green = { + systemd.services."container@green".reloadIfChanged = mkForce false; + containers.${cname} = { config = { ... }: { environment.systemPackages = [ pkgs.git @@ -42,41 +48,52 @@ with import <stockholm/lib>; users.users.root.openssh.authorizedKeys.keys = [ config.krebs.users.lass.pubkey ]; + system.activationScripts.fuse = { + text = '' + ${pkgs.coreutils}/bin/mknod /dev/fuse c 10 229 + ''; + deps = []; + }; }; + allowedDevices = [ + { modifier = "rwm"; node = "/dev/fuse"; } + ]; autoStart = false; enableTun = true; privateNetwork = true; - hostAddress = "10.233.2.15"; - localAddress = "10.233.2.16"; + hostAddress = "10.233.2.15"; # TODO find way to automatically calculate IPs + localAddress = "10.233.2.16"; # TODO find way to automatically calculate IPs }; environment.systemPackages = [ - (pkgs.writeDashBin "start-green" '' - set -fu - CONTAINER='green' - IMAGE='/var/lib/sync-containers/green.img' - - ${pkgs.cryptsetup}/bin/cryptsetup status "$CONTAINER" >/dev/null - if [ "$?" -ne 0 ]; then - ${pkgs.cryptsetup}/bin/cryptsetup luksOpen "$IMAGE" "$CONTAINER" - fi - - mkdir -p /var/lib/containers/"$CONTAINER" + (pkgs.writeDashBin "start-${cname}" '' + set -euf - ${pkgs.mount}/bin/mount | grep -q " on /var/lib/containers/"$CONTAINER" " - if [ "$?" -ne 0 ]; then - ${pkgs.mount}/bin/mount -o sync /dev/mapper/"$CONTAINER" /var/lib/containers/"$CONTAINER" + mkdir -p /var/lib/containers/${cname}/var/state + chown ${config.services.syncthing.user}: /var/lib/containers/${cname}/var/state + if ! ${pkgs.mount}/bin/mount | grep -q '^cryfs@/var/lib/sync-containers/${cname} on /var/lib/containers/${cname}/var/state '; then + /run/wrappers/bin/sudo -u "${config.services.syncthing.user}" \ + ${cryfs}/bin/cryfs /var/lib/sync-containers/${cname} /var/lib/containers/${cname}/var/state -o allow_other -o default_permissions fi - STATE=$(${pkgs.nixos-container}/bin/nixos-container status "$CONTAINER") + STATE=$(${pkgs.nixos-container}/bin/nixos-container status ${cname}) if [ "$STATE" = 'down' ]; then - ${pkgs.nixos-container}/bin/nixos-container start "$CONTAINER" + ${pkgs.nixos-container}/bin/nixos-container start ${cname} fi - ping -c1 green.r - if [ "$?" -ne 0 ]; then - ${pkgs.nixos-container}/bin/nixos-container run green -- nixos-rebuild -I /var/src switch + + if ! ping -c1 -q -w5 ${cname}.r && [ -d /var/lib/containers/${cname}/var/src ]; then + ${pkgs.nixos-container}/bin/nixos-container run ${cname} -- ${pkgs.writeDash "deploy-${cname}" '' + mkdir -p /var/state/var_src + ln -sf state/var_Src /var/src + nixos-rebuild -I /var/src switch + ''} fi + '') + (pkgs.writeDashBin "stop-${cname}" '' + set -euf + ${pkgs.nixos-container}/bin/nixos-container stop ${cname} + ${cryfs}/bin/cryfs-unmount /var/lib/containers/${cname}/var/state '') ]; } diff --git a/lass/2configs/hass/default.nix b/lass/2configs/hass/default.nix index a48c61a69..66d430cd1 100644 --- a/lass/2configs/hass/default.nix +++ b/lass/2configs/hass/default.nix @@ -23,6 +23,7 @@ with import ./lib.nix { inherit lib; }; # extraComponents = [ "hue" ]; }; configWritable = true; + lovelaceConfigWritable = true; }; lass.hass.config = let diff --git a/lass/2configs/hass/rooms/bett.nix b/lass/2configs/hass/rooms/bett.nix index b5da9221c..16227fcb6 100644 --- a/lass/2configs/hass/rooms/bett.nix +++ b/lass/2configs/hass/rooms/bett.nix @@ -5,4 +5,35 @@ with import ../lib.nix { inherit lib; }; lass.hass.config = lib.mkMerge [ (lightswitch switches.dimmer.bett lights.bett) ]; + + lass.hass.love = { + resources = [{ + url = "https://raw.githubusercontent.com/ljmerza/light-entity-card/master/dist/light-entity-card.js.map"; + type = "js"; + }]; + views = [{ + title = "bett"; + cards = [ + { + type = "markdown"; + title = "hello world"; + content = "This is just a test"; + } + { + type = "light"; + entity = "light.${lights.bett}"; + } + { + type = "custom:light-entity-card"; + entity = "light.${lights.bett}"; + } + { + type = "history-graph"; + entities = [ + "light.${lights.bett}" + ]; + } + ]; + }]; + }; } diff --git a/lass/2configs/hw/x220.nix b/lass/2configs/hw/x220.nix index 89b119347..31f9787e0 100644 --- a/lass/2configs/hw/x220.nix +++ b/lass/2configs/hw/x220.nix @@ -5,7 +5,7 @@ ]; boot = { - initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda3"; } ]; + initrd.luks.devices.luksroot.device = "/dev/sda3"; initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ]; extraModulePackages = [ @@ -47,9 +47,10 @@ services.logind.lidSwitchDocked = "ignore"; services.tlp.enable = true; - services.tlp.extraConfig = '' - START_CHARGE_THRESH_BAT0=80 - STOP_CHARGE_THRESH_BAT0=95 - ''; + #services.tlp.extraConfig = '' + # START_CHARGE_THRESH_BAT0=80 + # STOP_CHARGE_THRESH_BAT0=95 + #''; + services.xserver.dpi = 80; } diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix index 174c1ab5e..98affdd83 100644 --- a/lass/2configs/mail.nix +++ b/lass/2configs/mail.nix @@ -107,10 +107,12 @@ let set mailcap_path = ${mailcap} # notmuch - set nm_default_uri="notmuch://$HOME/Maildir" # path to the maildir + set folder="$HOME/Maildir" + set nm_default_uri = "notmuch://$HOME/Maildir" set nm_record = yes set nm_record_tags = "-inbox me archive" - set virtual_spoolfile=yes # enable virtual folders + set spoolfile = +Inbox + set virtual_spoolfile = yes set sendmail="${msmtp}/bin/msmtp" # enables parsing of outgoing mail @@ -132,8 +134,8 @@ let # V ''} %r |" - virtual-mailboxes "INBOX" "notmuch://?query=tag:inbox" virtual-mailboxes "Unread" "notmuch://?query=tag:unread" + virtual-mailboxes "INBOX" "notmuch://?query=tag:inbox" ${concatMapStringsSep "\n" (i: ''${" "}virtual-mailboxes "${i.name}" "notmuch://?query=tag:${i.name}"'') (mapAttrsToList nameValuePair mailboxes)} virtual-mailboxes "TODO" "notmuch://?query=tag:TODO" virtual-mailboxes "Starred" "notmuch://?query=tag:*" @@ -200,9 +202,15 @@ let macro pager ] ,@1 'Toggle indexbar # sidebar + set sidebar_divider_char = '│' + set sidebar_delim_chars = "/" + set sidebar_short_path + set sidebar_folder_indent + set sidebar_visible = yes + set sidebar_format = '%B%?F? [%F]?%* %?N?%N/? %?S?%S?' set sidebar_width = 20 - set sidebar_visible = yes # set to "no" to disable sidebar view at startup - color sidebar_new yellow default + color sidebar_new yellow red + # sidebar bindings bind index <left> sidebar-prev # got to previous folder in sidebar bind index <right> sidebar-next # got to next folder in sidebar @@ -229,7 +237,6 @@ in { mutt pkgs.notmuch pkgs.muchsync - pkgs.haskellPackages.much tag-new-mails tag-old-mails ]; diff --git a/lass/2configs/mpv.nix b/lass/2configs/mpv.nix index 5d7bfed60..210551a62 100644 --- a/lass/2configs/mpv.nix +++ b/lass/2configs/mpv.nix @@ -80,7 +80,7 @@ let name = "mpv"; paths = [ (pkgs.writeDashBin "mpv" '' - exec ${pkgs.mpv}/bin/mpv --no-config --script=${autosub} "$@" + exec ${pkgs.mpv}/bin/mpv -vo=gpu --no-config --script=${autosub} "$@" '') pkgs.mpv ]; diff --git a/lass/2configs/paste.nix b/lass/2configs/paste.nix index 23cab8e6e..0cf62ec0b 100644 --- a/lass/2configs/paste.nix +++ b/lass/2configs/paste.nix @@ -7,7 +7,17 @@ with import <stockholm/lib>; locations."/".extraConfig = '' client_max_body_size 4G; proxy_set_header Host $host; - proxy_pass http://localhost:9081; + proxy_pass http://127.0.0.1:${toString config.krebs.htgen.paste.port}; + ''; + locations."/image".extraConfig = /* nginx */ '' + client_max_body_size 40M; + + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + + proxy_pass http://127.0.0.1:${toString config.krebs.htgen.imgur.port}; + proxy_pass_header Server; ''; }; services.nginx.virtualHosts."p.krebsco.de" = { @@ -19,21 +29,36 @@ with import <stockholm/lib>; return 403; } proxy_set_header Host $host; - proxy_pass http://localhost:9081; + proxy_pass http://127.0.0.1:${toString config.krebs.htgen.paste.port}; + ''; + locations."/image".extraConfig = '' + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + + proxy_pass http://127.0.0.1:${toString config.krebs.htgen.imgur.port}; + proxy_pass_header Server; ''; }; + krebs.htgen.paste = { port = 9081; script = toString [ "PATH=${makeBinPath [ pkgs.nix + pkgs.file ]}:$PATH" "STATEDIR=$HOME" ". ${pkgs.htgen}/examples/paste" ]; }; + krebs.htgen.imgur = { + port = 7771; + script = /* sh */ '' + (. ${pkgs.htgen-imgur}/bin/htgen-imgur) + ''; + }; krebs.iptables.tables.filter.INPUT.rules = [ { predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT";} - { predicate = "-i retiolum -p tcp --dport 9081"; target = "ACCEPT";} ]; } diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix index 6245691fe..3e8d12381 100644 --- a/lass/2configs/radio.nix +++ b/lass/2configs/radio.nix @@ -12,7 +12,16 @@ let music_dir = "/home/radio/music"; add_random = pkgs.writeDashBin "add_random" '' - ${pkgs.mpc_cli}/bin/mpc add "$(${pkgs.findutils}/bin/find "${music_dir}/the_playlist" | grep -v '/other/' | grep '\.ogg$' | shuf -n1 | sed 's,${music_dir}/,,')" + ${pkgs.mpc_cli}/bin/mpc add "$(${pkgs.findutils}/bin/find "${music_dir}/the_playlist" \ + | grep -Ev '/other/|/.graveyard/' \ + | grep '\.ogg$' \ + | shuf -n1 \ + | sed 's,${music_dir}/,,' \ + )" + ''; + + get_current_track_position = pkgs.writeDash "get_current_track_position" '' + ${pkgs.mpc_cli}/bin/mpc status | ${pkgs.gawk}/bin/awk '/^\[playing\]/ { sub(/\/.+/,"",$3); split($3,a,/:/); print a[1]*60+a[2] }' ''; skip_track = pkgs.writeBashBin "skip_track" '' @@ -28,8 +37,8 @@ let ${pkgs.attr}/bin/setfattr -n user.skip_count -v "$skip_count" "$music_dir"/"$current_track" echo skipping: "$track_infos" skip_count: "$skip_count" else - mkdir -p "$music_dir"/.graveyard/ - mv "$music_dir"/"$current_track" "$music_dir"/.graveyard/ + mkdir -p "$music_dir"/the_playlist/.graveyard/ + mv "$music_dir"/"$current_track" "$music_dir"/the_playlist/.graveyard/ echo killing: "$track_infos" fi ${pkgs.mpc_cli}/bin/mpc -q next @@ -62,10 +71,18 @@ let print_current_json = pkgs.writeDashBin "print_current_json" '' ${pkgs.jq}/bin/jq -n -c \ --arg name "$(${pkgs.mpc_cli}/bin/mpc current)" \ + --arg artist "$(${pkgs.mpc_cli}/bin/mpc current -f %artist%)" \ + --arg title "$(${pkgs.mpc_cli}/bin/mpc current -f %title%)" \ --arg filename "$(${pkgs.mpc_cli}/bin/mpc current -f %file%)" \ + --arg position "$(${get_current_track_position})" \ + --arg length "$(${pkgs.mpc_cli}/bin/mpc current -f %time%)" \ --arg youtube "$(${track_youtube_link})" '{ name: $name, + artist: $artist, + title: $title, filename: $filename, + position: $position, + length: $length, youtube: $youtube }' ''; @@ -193,7 +210,7 @@ in { timeLeft () { playlistDuration=$(${pkgs.mpc_cli}/bin/mpc --format '%time%' playlist | ${pkgs.gawk}/bin/awk -F ':' 'BEGIN{t=0} {t+=$1*60+$2} END{print t}') - currentTime=$(${pkgs.mpc_cli}/bin/mpc status | ${pkgs.gawk}/bin/awk '/^\[playing\]/ { sub(/\/.+/,"",$3); split($3,a,/:/); print a[1]*60+a[2] }') + currentTime=$(${get_current_track_position}) expr ''${playlistDuration:-0} - ''${currentTime:-0} } @@ -221,9 +238,11 @@ in { ${pkgs.mpc_cli}/bin/mpc idle player > /dev/null ${pkgs.mpc_cli}/bin/mpc current -f %file% done | while read track; do + listeners=$(${pkgs.curl}/bin/curl 'http://localhost:8000/status-json.xsl' \ + | ${pkgs.jq}/bin/jq '[.icestats.source[].listeners] | add') echo "$(date -Is)" "$track" | tee -a "$HISTORY_FILE" echo "$(tail -$LIMIT "$HISTORY_FILE")" > "$HISTORY_FILE" - ${write_to_irc} "playing: $track" + ${write_to_irc} "playing: $track listeners: $listeners" done ''; in { diff --git a/lass/2configs/steam.nix b/lass/2configs/steam.nix index eae31aec4..2b9811959 100644 --- a/lass/2configs/steam.nix +++ b/lass/2configs/steam.nix @@ -13,7 +13,11 @@ nixpkgs.config.steam.java = true; hardware.opengl.extraPackages32 = with pkgs.pkgsi686Linux; [ libva ]; - users.users.games.packages = [ pkgs.steam ]; + users.users.games.packages = [ (pkgs.steam.override { + extraPkgs = p: with p; [ + gnutls # needed for Halo MCC + ]; + }) ]; #ports for inhome streaming krebs.iptables = { diff --git a/lass/2configs/syncthing.nix b/lass/2configs/syncthing.nix index 5397c2ca6..7758b860d 100644 --- a/lass/2configs/syncthing.nix +++ b/lass/2configs/syncthing.nix @@ -31,5 +31,6 @@ in { owner = "lass"; group = "syncthing"; umask = "0002"; + keepGoing = true; }; } diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index bd113567f..a177a0228 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -26,6 +26,7 @@ in { ./default.nix ./sqlBackup.nix (servePage [ "aldonasiech.com" "www.aldonasiech.com" ]) + (servePage [ "apanowicz.de" "www.apanowicz.de" ]) (servePage [ "reich-gebaeudereinigung.de" "www.reich-gebaeudereinigung.de" ]) (servePage [ "freemonkey.art" @@ -34,7 +35,6 @@ in { (serveOwncloud [ "o.ubikmedia.de" ]) (serveWordpress [ "ubikmedia.de" - "apanowicz.de" "nirwanabluete.de" "ubikmedia.eu" "youthtube.xyz" @@ -42,7 +42,6 @@ in { "weirdwednesday.de" "jarugadesign.de" - "www.apanowicz.de" "www.nirwanabluete.de" "www.ubikmedia.eu" "www.youthtube.xyz" @@ -52,7 +51,6 @@ in { "www.jarugadesign.de" "aldona2.ubikmedia.de" - "apanowicz.ubikmedia.de" "cinevita.ubikmedia.de" "factscloud.ubikmedia.de" "illucloud.ubikmedia.de" @@ -93,6 +91,7 @@ in { services.nextcloud = { enable = true; hostName = "o.xanf.org"; + package = pkgs.nextcloud18; config = { adminpassFile = toString <secrets> + "/nextcloud_pw"; overwriteProtocol = "https"; @@ -107,6 +106,10 @@ in { # MAIL STUFF # TODO: make into its own module + + # workaround for android 7 + security.acme.certs."lassul.us".keyType = "rsa4096"; + services.dovecot2 = { enable = true; mailLocation = "maildir:~/Mail"; @@ -131,18 +134,16 @@ in { server_condition = ''${run{${config.lass.usershadow.path}/bin/verify_arg ${config.lass.usershadow.pattern} $auth1 $auth2}{yes}{no}} ''; internet-aliases = [ - { from = "dominik@apanowicz.de"; to = "dominik_a@gmx.de"; } { from = "dma@ubikmedia.de"; to = "domsen"; } { from = "dma@ubikmedia.eu"; to = "domsen"; } { from = "mail@habsys.de"; to = "domsen"; } { from = "mail@habsys.eu"; to = "domsen"; } + { from = "hallo@apanowicz.de"; to = "domsen"; } { from = "bruno@apanowicz.de"; to = "bruno"; } { from = "mail@jla-trading.com"; to = "jla-trading"; } { from = "jms@ubikmedia.eu"; to = "jms"; } { from = "ms@ubikmedia.eu"; to = "ms"; } { from = "ubik@ubikmedia.eu"; to = "domsen, jms, ms"; } - { from = "akayguen@freemonkey.art"; to ="akayguen"; } - { from = "bui@freemonkey.art"; to ="bui"; } { from = "kontakt@alewis.de"; to ="klabusterbeere"; } { from = "hallo@jarugadesign.de"; to ="kasia"; } @@ -153,9 +154,14 @@ in { "jla-trading.com" "ubikmedia.eu" "ubikmedia.de" + "apanowicz.de" "alewis.de" "jarugadesign.de" ]; + dkim = [ + { domain = "ubikmedia.eu"; } + { domain = "apanowicz.de"; } + ]; ssl_cert = "/var/lib/acme/lassul.us/fullchain.pem"; ssl_key = "/var/lib/acme/lassul.us/key.pem"; }; diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index baeac213b..74585a6f8 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -61,7 +61,7 @@ in { pubkey = config.krebs.users.lass.pubkey; }; in '' - alias ${initscript}; + alias ${initscript}/bin/init; ''; locations."= /blue.pub".extraConfig = '' alias ${pkgs.writeText "pub" config.krebs.users.lass.pubkey}; @@ -69,6 +69,9 @@ in { locations."= /mors.pub".extraConfig = '' alias ${pkgs.writeText "pub" config.krebs.users.lass-mors.pubkey}; ''; + locations."= /yubi.pub".extraConfig = '' + alias ${pkgs.writeText "pub" config.krebs.users.lass-yubikey.pubkey}; + ''; }; security.acme.certs."cgit.lassul.us" = { diff --git a/lass/2configs/wine.nix b/lass/2configs/wine.nix index 02d7ffc8c..5cb019c13 100644 --- a/lass/2configs/wine.nix +++ b/lass/2configs/wine.nix @@ -14,8 +14,7 @@ in { ]; createHome = true; packages = [ - pkgs.wine - pkgs.winetricks + pkgs.wineMinimal ]; }; }; diff --git a/lass/2configs/zsh.nix b/lass/2configs/zsh.nix index 05964eb51..e65cdd97d 100644 --- a/lass/2configs/zsh.nix +++ b/ |