summaryrefslogtreecommitdiffstats
path: root/makefu
diff options
context:
space:
mode:
Diffstat (limited to 'makefu')
-rw-r--r--makefu/0tests/data/secrets/hass/tile.nix4
-rw-r--r--makefu/1systems/filepimp/config.nix8
-rw-r--r--makefu/1systems/gum/config.nix2
-rw-r--r--makefu/1systems/iso/target-config.nix6
-rw-r--r--makefu/1systems/omo/config.nix2
-rw-r--r--makefu/1systems/wbob/config.nix12
-rw-r--r--makefu/1systems/x/config.nix1
-rw-r--r--makefu/2configs/bureautomation/zigbee2mqtt/default.nix2
-rw-r--r--makefu/2configs/dcpp/hub.nix50
-rw-r--r--makefu/2configs/default.nix8
-rw-r--r--makefu/2configs/deployment/gecloudpad/gecloudpad.nix4
-rw-r--r--makefu/2configs/editor/neovim/default.nix6
-rw-r--r--makefu/2configs/filepimp-share.nix2
-rw-r--r--makefu/2configs/fs/sda-crypto-root.nix4
-rw-r--r--makefu/2configs/gui/wbob-kiosk.nix2
-rw-r--r--makefu/2configs/home/ham/automation/light_buttons.nix60
-rw-r--r--makefu/2configs/home/ham/default.nix1
-rw-r--r--makefu/2configs/home/ham/device_tracker/tile.nix10
-rw-r--r--makefu/2configs/home/ham/light/arbeitszimmer.nix20
-rw-r--r--makefu/2configs/home/ham/mqtt.nix43
-rw-r--r--makefu/2configs/lanparty/samba.nix2
-rw-r--r--makefu/2configs/minimal.nix4
-rw-r--r--makefu/2configs/mqtt.nix20
-rw-r--r--makefu/2configs/nix-community/supervision.nix1
-rw-r--r--makefu/2configs/nsupdate-data.nix6
-rw-r--r--makefu/2configs/share/omo.nix2
-rw-r--r--makefu/2configs/share/temp-share-samba.nix2
-rw-r--r--makefu/2configs/share/wbob.nix2
-rw-r--r--makefu/2configs/stats/arafetch.nix2
-rw-r--r--makefu/2configs/tools/android-pentest.nix2
-rw-r--r--makefu/2configs/tools/dev.nix5
-rw-r--r--makefu/2configs/tools/extra-gui.nix3
-rw-r--r--makefu/2configs/urlwatch/default.nix6
-rw-r--r--makefu/3modules/ps3netsrv.nix1
-rw-r--r--makefu/5pkgs/beef/default.nix4
-rw-r--r--makefu/5pkgs/bintray-upload/default.nix4
-rw-r--r--makefu/5pkgs/cmpforopenssl/default.nix8
-rw-r--r--makefu/5pkgs/custom/alsa-tools/default.nix6
-rw-r--r--makefu/5pkgs/custom/qcma/default.nix12
-rw-r--r--makefu/5pkgs/debmirror/default.nix8
-rw-r--r--makefu/5pkgs/default.nix4
-rw-r--r--makefu/5pkgs/devpi/default.nix2
-rw-r--r--makefu/5pkgs/drozer/default.nix1
-rw-r--r--makefu/5pkgs/gen-oath-safe/default.nix4
-rw-r--r--makefu/5pkgs/kalauerbot/default.nix6
-rw-r--r--makefu/5pkgs/logstash-input-rss/default.nix4
-rw-r--r--makefu/5pkgs/logstash-output-exec/default.nix4
-rw-r--r--makefu/5pkgs/novnc/default.nix6
-rw-r--r--makefu/5pkgs/ns-atmosphere-programmer/default.nix4
-rw-r--r--makefu/5pkgs/nx_game_info/default.nix8
-rw-r--r--makefu/5pkgs/pavumeter/default.nix6
-rw-r--r--makefu/5pkgs/studio-link/default.nix3
-rw-r--r--makefu/5pkgs/uhub/default.nix48
-rw-r--r--makefu/5pkgs/v4l2loopback-dc/default.nix4
-rw-r--r--makefu/5pkgs/xdcc-dl/default.nix16
-rw-r--r--makefu/5pkgs/xmm7360/default.nix4
-rw-r--r--makefu/krops.nix2
57 files changed, 262 insertions, 211 deletions
diff --git a/makefu/0tests/data/secrets/hass/tile.nix b/makefu/0tests/data/secrets/hass/tile.nix
new file mode 100644
index 000000000..cbcf433f7
--- /dev/null
+++ b/makefu/0tests/data/secrets/hass/tile.nix
@@ -0,0 +1,4 @@
+{
+ username = "lol";
+ password = "wut";
+}
diff --git a/makefu/1systems/filepimp/config.nix b/makefu/1systems/filepimp/config.nix
index 346de10ba..3edfffb78 100644
--- a/makefu/1systems/filepimp/config.nix
+++ b/makefu/1systems/filepimp/config.nix
@@ -17,12 +17,6 @@ in {
krebs.build.host = config.krebs.hosts.filepimp;
networking.firewall.trustedInterfaces = [ itf ];
+ networking.interfaces.${itf}.wakeOnLan.enable = true;
- services.wakeonlan.interfaces = [
- {
- interface = itf ;
- method = "password";
- password = "CA:FE:BA:BE:13:37";
- }
- ];
}
diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index 1cd569947..39c0554e0 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -159,7 +159,7 @@ in {
<stockholm/makefu/2configs/bgt/etherpad.euer.krebsco.de.nix>
# <stockholm/makefu/2configs/deployment/systemdultras-rss.nix>
- <stockholm/makefu/2configs/shiori.nix>
+ # <stockholm/makefu/2configs/shiori.nix>
# <stockholm/makefu/2configs/workadventure>
<stockholm/makefu/2configs/bgt/download.binaergewitter.de.nix>
diff --git a/makefu/1systems/iso/target-config.nix b/makefu/1systems/iso/target-config.nix
index ba4e3207b..6915e4137 100644
--- a/makefu/1systems/iso/target-config.nix
+++ b/makefu/1systems/iso/target-config.nix
@@ -1,4 +1,4 @@
-{ ... }:
+{ lib, ... }:
{
imports = [ ./hardware-configuration.nix ./generated.nix ];
@@ -33,8 +33,8 @@
defaultLocale = "en_US.UTF-8";
};
boot.kernel.sysctl = {
- "net.ipv6.conf.all.use_tempaddr" = 2;
- "net.ipv6.conf.default.use_tempaddr" = 2;
+ "net.ipv6.conf.all.use_tempaddr" = lib.mkDefault "2";
+ "net.ipv6.conf.default.use_tempaddr" = lib.mkDefault "2";
};
services.nscd.enable = false;
}
diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix
index 6afe792ec..0b4aaacb3 100644
--- a/makefu/1systems/omo/config.nix
+++ b/makefu/1systems/omo/config.nix
@@ -75,7 +75,7 @@ in {
# Logging
#influx + grafana
<stockholm/makefu/2configs/stats/server.nix>
- <stockholm/makefu/2configs/stats/nodisk-client.nix>
+ # <stockholm/makefu/2configs/stats/nodisk-client.nix>
# logs to influx
<stockholm/makefu/2configs/stats/external/aralast.nix>
<stockholm/makefu/2configs/stats/telegraf>
diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix
index 550afbeae..60f4f7b72 100644
--- a/makefu/1systems/wbob/config.nix
+++ b/makefu/1systems/wbob/config.nix
@@ -100,7 +100,7 @@ in {
networking.firewall.allowedUDPPorts = [ 655 ];
networking.firewall.allowedTCPPorts = [
655
- 8081 #smokeping
+ 8081 # smokeping
49152
];
networking.firewall.trustedInterfaces = [ "enp0s25" ];
@@ -111,15 +111,15 @@ in {
# Port = 1655
# '';
#};
- boot.kernelPackages = pkgs.linuxPackages_latest;
+ #boot.kernelPackages = pkgs.linuxPackages_latest;
# rt2870.bin wifi card, part of linux-unfree
hardware.enableRedistributableFirmware = true;
nixpkgs.config.allowUnfree = true;
# rt2870 with nonfree creates wlp2s0 from wlp0s20u2
# not explicitly setting the interface results in wpa_supplicant to crash
- networking.interfaces.virbr1.ipv4.addresses = [{
- address = "10.8.8.11";
- prefixLength = 24;
- }];
+ #networking.interfaces.virbr1.ipv4.addresses = [{
+ # address = "10.8.8.11";
+ # prefixLength = 24;
+ #}];
# nuc hardware
}
diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix
index dee6bd70e..224277861 100644
--- a/makefu/1systems/x/config.nix
+++ b/makefu/1systems/x/config.nix
@@ -178,6 +178,7 @@
# temporary
# { services.redis.enable = true; }
# { services.mongodb.enable = true; }
+ # { services.elasticsearch.enable = true; }
# <stockholm/makefu/2configs/deployment/nixos.wiki>
# <stockholm/makefu/2configs/home/photoprism.nix>
# <stockholm/makefu/2configs/dcpp/airdcpp.nix>
diff --git a/makefu/2configs/bureautomation/zigbee2mqtt/default.nix b/makefu/2configs/bureautomation/zigbee2mqtt/default.nix
index ba10ae74b..b35019793 100644
--- a/makefu/2configs/bureautomation/zigbee2mqtt/default.nix
+++ b/makefu/2configs/bureautomation/zigbee2mqtt/default.nix
@@ -12,7 +12,7 @@ in
services.zigbee2mqtt = {
enable = true;
inherit dataDir;
- config = {
+ settings = {
permit_join = true;
serial.port = "/dev/cc2531";
homeassistant = true;
diff --git a/makefu/2configs/dcpp/hub.nix b/makefu/2configs/dcpp/hub.nix
index d9a2869cc..b8ca49b74 100644
--- a/makefu/2configs/dcpp/hub.nix
+++ b/makefu/2configs/dcpp/hub.nix
@@ -39,7 +39,9 @@ in {
home = stateDir;
isSystemUser = true;
createHome = true;
+ group = ddclientUser;
};
+ users.groups.${ddclientUser} = {};
systemd.services = {
ddclient-nsupdate-uhub = {
@@ -80,32 +82,36 @@ in {
users.users.uhub = {
home = uhubDir;
createHome = true;
+ isSystemUser = true;
+ group = "uhub";
};
- services.uhub = {
+ users.groups.uhub = {};
+ services.uhub.home = {
enable = true;
- port = 1511;
enableTLS = true;
- hubConfig = ''
- hub_name = "krebshub"
- tls_certificate = ${uhubDir}/uhub.crt
- tls_private_key = ${uhubDir}/uhub.key
- registered_users_only = true
- '';
- plugins = {
- welcome = {
- enable = true;
- motd = "shareit";
- rules = "1. Don't be an asshole";
- };
- history = {
- enable = true;
- };
- authSqlite = {
- enable = true;
- file = "${uhubDir}/uhub.sql";
- };
-
+ settings = {
+ server_port = 1511;
+ hub_name = "krebshub";
+ tls_certificate = "${uhubDir}/uhub.crt";
+ tls_private_key = "${uhubDir}/uhub.key";
+ registered_users_only = true;
};
+ plugins = [
+ {
+ plugin = "${pkgs.uhub}/plugins/mod_auth_sqlite.so";
+ settings.file = "${uhubDir}/uhub.sql";
+ }
+ {
+ plugin = "${pkgs.uhub}/plugins/mod_welcome.so";
+ settings.motd = "shareit";
+ settings.rules = "1. Don't be an asshole";
+ }
+ {
+ plugin = "${pkgs.uhub}/plugins/mod_history.so";
+ settings.motd = "shareit";
+ settings.rules = "1. Don't be an asshole";
+ }
+ ];
};
networking.firewall.allowedTCPPorts = [ 411 1511 ];
}
diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix
index 52206c380..bb5c057be 100644
--- a/makefu/2configs/default.nix
+++ b/makefu/2configs/default.nix
@@ -75,10 +75,10 @@ with import <stockholm/lib>;
auto-optimise-store = true
'';
- security.wrappers.sendmail = {
- source = "${pkgs.exim}/bin/sendmail";
- setuid = true;
- };
+ #security.wrappers.sendmail = {
+ # source = "${pkgs.exim}/bin/sendmail";
+ # setuid = true;
+ #};
services.journald.extraConfig = ''
SystemMaxUse=1G
RuntimeMaxUse=128M
diff --git a/makefu/2configs/deployment/gecloudpad/gecloudpad.nix b/makefu/2configs/deployment/gecloudpad/gecloudpad.nix
index 7d51dfa0d..6f20ff579 100644
--- a/makefu/2configs/deployment/gecloudpad/gecloudpad.nix
+++ b/makefu/2configs/deployment/gecloudpad/gecloudpad.nix
@@ -11,8 +11,8 @@ with pkgs.python3Packages;buildPythonPackage rec {
src = fetchFromGitHub {
owner = "binaergewitter";
repo = "gecloudpad";
- rev = "master";
- sha256 = "0p9lcphp3r7hyypxadzw4x9ix6d0anmspxnjnj0v2jjll8gxqlhf";
+ rev = "1399ede4e609f63fbf1c4560979a6b22b924e0c5";
+ sha256 = "1w74j5ks7naalzrib87r0adq20ik5x3x5l520apagb7baszn17lb";
};
meta = {
diff --git a/makefu/2configs/editor/neovim/default.nix b/makefu/2configs/editor/neovim/default.nix
index e7e59373a..a6fc1abc1 100644
--- a/makefu/2configs/editor/neovim/default.nix
+++ b/makefu/2configs/editor/neovim/default.nix
@@ -29,7 +29,11 @@
enable = true;
withPython3 = true;
# withNodeJs = true;
- extraPython3Packages = (ps: with ps; [ python-language-server pyls-mypy black libxml2]);
+ extraPython3Packages = (ps: with ps; [
+ # python-language-server
+ # pyls-mypy
+ black libxml2
+ ]);
extraConfig = builtins.readFile ./vimrc;
plugins = with pkgs.vimPlugins;[
undotree
diff --git a/makefu/2configs/filepimp-share.nix b/makefu/2configs/filepimp-share.nix
index abbdcbbb2..850d432f3 100644
--- a/makefu/2configs/filepimp-share.nix
+++ b/makefu/2configs/filepimp-share.nix
@@ -9,7 +9,9 @@ in {
uid = config.ids.uids.smbguest; # effectively systemUser
description = "smb guest user";
home = "/var/empty";
+ group = "share";
};
+ users.groups.share = {};
services.samba = {
enable = true;
shares = {
diff --git a/makefu/2configs/fs/sda-crypto-root.nix b/makefu/2configs/fs/sda-crypto-root.nix
index e49843cfe..54ee9f9e5 100644
--- a/makefu/2configs/fs/sda-crypto-root.nix
+++ b/makefu/2configs/fs/sda-crypto-root.nix
@@ -16,8 +16,8 @@
loader.grub.version = 2;
loader.grub.device = lib.mkDefault "/dev/sda";
- initrd.luks.cryptoModules = ["aes" "sha512" "sha1" "xts" ];
- initrd.availableKernelModules = ["xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
+ #initrd.luks.cryptoModules = ["aes" "sha512" "sha1" "xts" ];
+ initrd.availableKernelModules = ["cbc" "hmac" "sha256" "rng" "aes" "encrypted_keys" "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
};
fileSystems = {
"/" = {
diff --git a/makefu/2configs/gui/wbob-kiosk.nix b/makefu/2configs/gui/wbob-kiosk.nix
index 2f6a26d82..dc28cf4d2 100644
--- a/makefu/2configs/gui/wbob-kiosk.nix
+++ b/makefu/2configs/gui/wbob-kiosk.nix
@@ -17,7 +17,7 @@
user = "makefu";
};
displayManager.defaultSession = "gnome";
- desktopManager.gnome3.enable = true;
+ desktopManager.gnome.enable = true;
displayManager.sessionCommands = ''
${pkgs.xlibs.xset}/bin/xset -display :0 s off -dpms
${pkgs.xlibs.xrandr}/bin/xrandr --output HDMI2 --right-of HDMI1
diff --git a/makefu/2configs/home/ham/automation/light_buttons.nix b/makefu/2configs/home/ham/automation/light_buttons.nix
index 62fc87bb4..1892917c4 100644
--- a/makefu/2configs/home/ham/automation/light_buttons.nix
+++ b/makefu/2configs/home/ham/automation/light_buttons.nix
@@ -1,27 +1,53 @@
let
inherit (import ../lib) btn_cycle_light;
- turn_off_all = btn: #lights:
- {
- alias = "Turn of all lights via ${btn} double click";
- trigger = {
- platform = "state";
- entity_id = "sensor.${btn}_click";
- to = "double";
- };
- action = {
- service = "light.turn_off";
- #entity_id = lights;
- entity_id = "all";
- };
- };
in {
services.home-assistant.config.automation = [
# (btn_cycle_light "light.arbeitszimmerbeleuchtung" "arbeitszimmer_btn1")
(btn_cycle_light "light.schlafzimmer_komode_osram" "schlafzimmer_btn2" 128)
-
- (btn_cycle_light "light.keller_osram" "keller_btn1" 128)
+ {
+ alias = "toggle keller";
+ trigger = {
+ platform = "state";
+ entity_id = "sensor.keller_btn1_click";
+ to = "single";
+ };
+ action = {
+ service = "light.toggle";
+ #entity_id = lights;
+ data = {
+ entity_id = "light.keller_osram";
+ brightness = 255;
+ };
+ };
+ }
+ {
+ alias = "low brightness keller with doubleclick";
+ trigger = {
+ platform = "state";
+ entity_id = "sensor.keller_btn1_click";
+ to = "double";
+ };
+ action = {
+ service = "light.toggle";
+ data = {
+ entity_id = "light.keller_osram";
+ brightness = 50;
+ };
+ };
+ }
# (btn_cycle_light "light.wohnzimmerbeleuchtung" "wohnzimmer_btn3")
- (turn_off_all "schlafzimmer_btn2" )
+ {
+ alias = "Turn of all lights via schlafzimmer_btn2 double click";
+ trigger = {
+ platform = "state";
+ entity_id = "sensor.schlafzimmer_btn2_click";
+ to = "double";
+ };
+ action = {
+ service = "light.turn_off";
+ entity_id = "all";
+ };
+ }
];
}
diff --git a/makefu/2configs/home/ham/default.nix b/makefu/2configs/home/ham/default.nix
index 6ab3cd46c..e17cfc35d 100644
--- a/makefu/2configs/home/ham/default.nix
+++ b/makefu/2configs/home/ham/default.nix
@@ -23,6 +23,7 @@ in {
# ./multi/fliegen-couter.nix
./device_tracker/openwrt.nix
+ ./device_tracker/tile.nix
./sensor/outside.nix
diff --git a/makefu/2configs/home/ham/device_tracker/tile.nix b/makefu/2configs/home/ham/device_tracker/tile.nix
new file mode 100644
index 000000000..ad1e6c15d
--- /dev/null
+++ b/makefu/2configs/home/ham/device_tracker/tile.nix
@@ -0,0 +1,10 @@
+{
+
+ services.home-assistant.config.device_tracker =
+ [
+ { inherit (import <secrets/hass/tile.nix>) username password;
+ platform = "tile";
+ show_inactive = true;
+ }
+ ];
+}
diff --git a/makefu/2configs/home/ham/light/arbeitszimmer.nix b/makefu/2configs/home/ham/light/arbeitszimmer.nix
index bc60678b3..45fbfb57b 100644
--- a/makefu/2configs/home/ham/light/arbeitszimmer.nix
+++ b/makefu/2configs/home/ham/light/arbeitszimmer.nix
@@ -6,7 +6,8 @@ let
];
arbeitszimmerbeleuchtung = [
"light.arbeitszimmer_schrank_dimmer"
- "light.arbeitszimmer_kerze" # arbeitszimmer_kerze
+ "light.arbeitszimmer_kerze"
+ "light.arbeitszimmer_pflanzenlicht"
];
in {
services.home-assistant.config.light = [
@@ -20,5 +21,22 @@ in {
name = "Arbeitszimmer Deko";
entities = arbeitszimmer_deko;
}
+ { platform = "switch";
+ name = "Arbeitszimmer Pflanzenlicht";
+ entity_id = "switch.arbeitszimmer_stecker1";
+ }
+ ];
+ services.home-assistant.config.automation = [
+ {
+ alias = "Toggle Arbeitszimmerbeleuchtung via Remote";
+ trigger = {
+ platform = "state";
+ entity_id = "sensor.arbeitszimmer_remote1_action";
+ };
+ action = {
+ service = "light.toggle";
+ data.entity_id = "light.arbeitszimmerbeleuchtung";
+ };
+ }
];
}
diff --git a/makefu/2configs/home/ham/mqtt.nix b/makefu/2configs/home/ham/mqtt.nix
index cd1c328d7..c90afff4a 100644
--- a/makefu/2configs/home/ham/mqtt.nix
+++ b/makefu/2configs/home/ham/mqtt.nix
@@ -1,24 +1,31 @@
{ pkgs, config, ... }:
{
+ environment.systemPackages = [ pkgs.mosquitto ];
+ # port open via trusted interface
services.mosquitto = {
enable = true;
- host = "0.0.0.0";
- allowAnonymous = false;
- checkPasswords = true;
- # see <host>/mosquitto
- users.sensor = {
- hashedPassword = "$6$2DXU7W1bvqXPqxkF$vtdz5KTd/T09hmoc9LjgEGFjvpwQbQth6vlVcr5hJNLgcBHv4U03YCKC8TKXbmQAa8xiJ76xJIg25kcL+KI3tg==";
- acl = [ "topic readwrite #" ];
- };
- users.hass = {
- hashedPassword = "$6$SHuYGrE5kPSUc/hu$EomZ0KBy+vkxLt/6eJkrSBjYblCCeMjhDfUd2mwqXYJ4XsP8hGmZ59mMlmBCd3AvlFYQxb4DT/j3TYlrqo7cDA==";
- acl = [ "topic readwrite #" ];
- };
- users.stats = {
- hashedPassword = "$6$j4H7KXD/YZgvgNmL$8e9sUKRXowDqJLOVgzCdDrvDE3+4dGgU6AngfAeN/rleGOgaMhee2Mbg2KS5TC1TOW3tYbk9NhjLYtjBgfRkoA==";
- acl = [ "topic read #" ];
- };
+ persistence = false;
+ settings.max_keepalive = 60;
+ listeners = [
+ {
+ port = 1883;
+ omitPasswordAuth = false;
+ users.sensor = {
+ hashedPassword = "$6$2DXU7W1bvqXPqxkF$vtdz5KTd/T09hmoc9LjgEGFjvpwQbQth6vlVcr5hJNLgcBHv4U03YCKC8TKXbmQAa8xiJ76xJIg25kcL+KI3tg==";
+ acl = [ "topic readwrite #" ];
+ };
+ users.hass = {
+ hashedPassword = "$6$SHuYGrE5kPSUc/hu$EomZ0KBy+vkxLt/6eJkrSBjYblCCeMjhDfUd2mwqXYJ4XsP8hGmZ59mMlmBCd3AvlFYQxb4DT/j3TYlrqo7cDA==";
+ acl = [ "topic readwrite #" ];
+ };
+ users.stats = {
+ hashedPassword = "$6$j4H7KXD/YZgvgNmL$8e9sUKRXowDqJLOVgzCdDrvDE3+4dGgU6AngfAeN/rleGOgaMhee2Mbg2KS5TC1TOW3tYbk9NhjLYtjBgfRkoA==";
+ acl = [ "topic read #" ];
+ };
+ settings = {
+ allow_anonymous = false;
+ };
+ }
+ ];
};
- environment.systemPackages = [ pkgs.mosquitto ];
- # port