summaryrefslogtreecommitdiffstats
path: root/lass/2configs
diff options
context:
space:
mode:
Diffstat (limited to 'lass/2configs')
-rw-r--r--lass/2configs/fysiirc.nix42
-rw-r--r--lass/2configs/hass/zigbee.nix2
-rw-r--r--lass/2configs/murmur.nix6
-rw-r--r--lass/2configs/retiolum.nix5
-rw-r--r--lass/2configs/sync/decsync.nix2
-rw-r--r--lass/2configs/sync/sync.nix2
-rw-r--r--lass/2configs/sync/the_playlist.nix9
-rw-r--r--lass/2configs/sync/weechat.nix2
8 files changed, 55 insertions, 15 deletions
diff --git a/lass/2configs/fysiirc.nix b/lass/2configs/fysiirc.nix
index d2aaa73c5..f3c1d5b7c 100644
--- a/lass/2configs/fysiirc.nix
+++ b/lass/2configs/fysiirc.nix
@@ -1,5 +1,33 @@
-{ config, lib, pkgs, ... }:
-{
+{ config, lib, pkgs, ... }: let
+
+ format-github-message = pkgs.writeDashBin "format-github-message" ''
+ set -xefu
+ export PATH=${lib.makeBinPath [
+ pkgs.jq
+ ]}
+ INPUT=$(jq -c .)
+ if $(echo "$INPUT" | jq 'has("issue") or has("pull_request")'); then
+ ${write_to_irc} "$(echo "$INPUT" | jq -r '
+ "\(.action): " +
+ "[\(.issue.title // .pull_request.title)] " +
+ "\(.comment.html_url // .issue.html_url // .pull_request.html_url) " +
+ "by \(.comment.user.login // .issue.user.login // .pull_request.user.login)"
+ ')"
+ fi
+ '';
+
+ write_to_irc = pkgs.writeDash "write_to_irc" ''
+ ${pkgs.curl}/bin/curl -fsSv http://localhost:44001 \
+ -H content-type:application/json \
+ -d "$(${pkgs.jq}/bin/jq -n \
+ --arg text "$1" '{
+ command:"PRIVMSG",
+ params:["#fysi",$text]
+ }'
+ )"
+ '';
+
+in {
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-p tcp --dport 44002"; target = "ACCEPT"; }
];
@@ -26,20 +54,14 @@
name = "reaktor2-fysiweb-github";
};
script = ''. ${pkgs.writeDash "github-irc" ''
+ set -efu
case "$Method $Request_URI" in
"POST /")
payload=$(head -c "$req_content_length" \
| sed 's/+/ /g;s/%\(..\)/\\x\1/g;' \
| xargs -0 echo -e \
)
- ${pkgs.curl}/bin/curl -fsSv http://localhost:44001/ \
- -H content-type:application/json \
- -d "$(echo "$payload" | ${pkgs.jq}/bin/jq \
- '{
- command:"PRIVMSG",
- params:["#fysi", "\(.action): \(.comment.html_url // .issue.html_url // .pull_request.html_url)"]
- }'
- )"
+ echo "$payload" | ${format-github-message}/bin/format-github-message
printf 'HTTP/1.1 200 OK\r\n'
printf 'Connection: close\r\n'
printf '\r\n'
diff --git a/lass/2configs/hass/zigbee.nix b/lass/2configs/hass/zigbee.nix
index 789a7fb92..8fc02263b 100644
--- a/lass/2configs/hass/zigbee.nix
+++ b/lass/2configs/hass/zigbee.nix
@@ -15,7 +15,7 @@ in {
services.zigbee2mqtt = {
enable = true;
package = unstable-pkgs.zigbee2mqtt;
- config = {
+ settings = {
homeassistant = true;
frontend.port = 1337;
experimental.new_api = true;
diff --git a/lass/2configs/murmur.nix b/lass/2configs/murmur.nix
index 7cc4051a8..42670dfbb 100644
--- a/lass/2configs/murmur.nix
+++ b/lass/2configs/murmur.nix
@@ -2,10 +2,16 @@
{
services.murmur = {
enable = true;
+ allowHtml = false;
bandwidth = 10000000;
registerName = "lassul.us";
autobanTime = 30;
+ sslCert = "/var/lib/acme/lassul.us/cert.pem";
+ sslKey = "/var/lib/acme/lassul.us/key.pem";
};
+ users.groups.lasscert.members = [
+ "murmur"
+ ];
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-p tcp --dport 64738"; target = "ACCEPT";}
{ predicate = "-p udp --dport 64738"; target = "ACCEPT";}
diff --git a/lass/2configs/retiolum.nix b/lass/2configs/retiolum.nix
index 2ddfbcf8f..a305d3e18 100644
--- a/lass/2configs/retiolum.nix
+++ b/lass/2configs/retiolum.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, ... }:
+{ config, lib, pkgs, ... }:
{
@@ -22,6 +22,9 @@
];
extraConfig = ''
StrictSubnets = yes
+ ${lib.optionalString (config.krebs.build.host.nets.retiolum.via != null) ''
+ LocalDiscovery = no
+ ''}
'';
};
diff --git a/lass/2configs/sync/decsync.nix b/lass/2configs/sync/decsync.nix
index 9caefdd2d..a38cff8d6 100644
--- a/lass/2configs/sync/decsync.nix
+++ b/lass/2configs/sync/decsync.nix
@@ -1,5 +1,5 @@
{
- services.syncthing.declarative.folders.decsync = {
+ services.syncthing.folders.decsync = {
path = "/home/lass/decsync";
devices = [ "mors" "blue" "green" "phone" ];
};
diff --git a/lass/2configs/sync/sync.nix b/lass/2configs/sync/sync.nix
index 7c0f2e030..a0927c199 100644
--- a/lass/2configs/sync/sync.nix
+++ b/lass/2configs/sync/sync.nix
@@ -1,5 +1,5 @@
{
- services.syncthing.declarative.folders."/home/lass/sync" = {
+ services.syncthing.folders."/home/lass/sync" = {
devices = [ "mors" "icarus" "xerxes" "shodan" "green" "blue" "coaxmetal" ];
};
krebs.permown."/home/lass/sync" = {
diff --git a/lass/2configs/sync/the_playlist.nix b/lass/2configs/sync/the_playlist.nix
new file mode 100644
index 000000000..5bbf790a7
--- /dev/null
+++ b/lass/2configs/sync/the_playlist.nix
@@ -0,0 +1,9 @@
+{
+ services.syncthing.folders.the_playlist = {
+ path = "/home/lass/tmp/the_playlist";
+ devices = [ "mors" "phone" "prism" ];
+ };
+ lass.acl."/home/lass/tmp/the_playlist"."u:syncthing:X".parents = true;
+ lass.acl."/home/lass/tmp/the_playlist"."u:syncthing:rwX" = {};
+ lass.acl."/home/lass/tmp/the_playlist"."u:lass:rwX" = {};
+}
diff --git a/lass/2configs/sync/weechat.nix b/lass/2configs/sync/weechat.nix
index 7970f3081..eb6b0aa16 100644
--- a/lass/2configs/sync/weechat.nix
+++ b/lass/2configs/sync/weechat.nix
@@ -1,5 +1,5 @@
{
- services.syncthing.declarative.folders."/home/lass/.weechat".devices = [ "green" "mors" ];
+ services.syncthing.folders."/home/lass/.weechat".devices = [ "green" "mors" ];
krebs.permown."/home/lass/.weechat" = {
owner = "lass";
group = "syncthing";