diff options
Diffstat (limited to 'makefu')
61 files changed, 1092 insertions, 439 deletions
diff --git a/makefu/0tests/data/secrets/hass/adbkey b/makefu/0tests/data/secrets/hass/adbkey new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/makefu/0tests/data/secrets/hass/adbkey diff --git a/makefu/0tests/data/secrets/hass/router.nix b/makefu/0tests/data/secrets/hass/router.nix new file mode 100644 index 000000000..e16c76dff --- /dev/null +++ b/makefu/0tests/data/secrets/hass/router.nix @@ -0,0 +1 @@ +"" diff --git a/makefu/0tests/data/secrets/hass/telegram-bot.json b/makefu/0tests/data/secrets/hass/telegram-bot.json new file mode 100644 index 000000000..1e1857df9 --- /dev/null +++ b/makefu/0tests/data/secrets/hass/telegram-bot.json @@ -0,0 +1,5 @@ +{ + "platform": "polling", + "api_key": "1:A", + "allowed_chat_ids": [ 0, 1 ] +} diff --git a/makefu/0tests/data/secrets/id_nixBuild b/makefu/0tests/data/secrets/id_nixBuild new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/makefu/0tests/data/secrets/id_nixBuild diff --git a/makefu/1systems/cake/config.nix b/makefu/1systems/cake/config.nix index e40042b2d..8617578f0 100644 --- a/makefu/1systems/cake/config.nix +++ b/makefu/1systems/cake/config.nix @@ -1,9 +1,16 @@ { config, lib, pkgs, ... }: -{ +let + primaryInterface = "eth0"; +in { imports = [ <stockholm/makefu> ./hardware-config.nix - <stockholm/makefu/2configs/tools/core.nix> + # <stockholm/makefu/2configs/tools/core.nix> + { environment.systemPackages = with pkgs;[ rsync screen curl git ];} + <stockholm/makefu/2configs/binary-cache/nixos.nix> + #<stockholm/makefu/2configs/support-nixos.nix> + <stockholm/makefu/2configs/homeautomation/default.nix> + <stockholm/makefu/2configs/homeautomation/google-muell.nix> # configure your hw: # <stockholm/makefu/2configs/save-diskspace.nix> ]; @@ -12,7 +19,7 @@ tinc.retiolum.enable = true; build.host = config.krebs.hosts.cake; }; - + networking.firewall.trustedInterfaces = [ primaryInterface ]; documentation.info.enable = false; documentation.man.enable = false; services.nixosManual.enable = false; diff --git a/makefu/1systems/crapi/config.nix b/makefu/1systems/crapi/config.nix index d96b872d5..e7c6c3666 100644 --- a/makefu/1systems/crapi/config.nix +++ b/makefu/1systems/crapi/config.nix @@ -1,46 +1,15 @@ { config, pkgs, lib, ... }: { - # :l <nixpkgs> - # builtins.readDir (pkgs.fetchFromGitHub { owner = "nixos"; repo = "nixpkgs-channels"; rev = "6c064e6b"; sha256 = "1rqzh475xn43phagrr30lb0fd292c1s8as53irihsnd5wcksnbyd"; }) imports = [ <stockholm/makefu> + ./hardware-config.nix <stockholm/makefu/2configs> <stockholm/makefu/2configs/tinc/retiolum.nix> <stockholm/makefu/2configs/save-diskspace.nix> ]; krebs.build.host = config.krebs.hosts.crapi; - # NixOS wants to enable GRUB by default - boot.loader.grub.enable = false; - # Enables the generation of /boot/extlinux/extlinux.conf - boot.loader.generic-extlinux-compatible.enable = true; - - boot.kernelPackages = pkgs.linuxPackages_rpi; - - nix.binaryCaches = [ "http://nixos-arm.dezgeg.me/channel" ]; - nix.binaryCachePublicKeys = [ "nixos-arm.dezgeg.me-1:xBaUKS3n17BZPKeyxL4JfbTqECsT+ysbDJz29kLFRW0=%" ]; - - fileSystems = { - "/boot" = { - device = "/dev/disk/by-label/NIXOS_BOOT"; - fsType = "vfat"; - }; - "/" = { - device = "/dev/disk/by-label/NIXOS_SD"; - fsType = "ext4"; - }; - }; - - system.activationScripts.create-swap = '' - if [ ! -e /swapfile ]; then - fallocate -l 2G /swapfile - mkswap /swapfile - fi - ''; - swapDevices = [ { device = "/swapfile"; size = 2048; } ]; - - nix.package = lib.mkForce pkgs.nixStable; services.openssh.enable = true; } diff --git a/makefu/1systems/crapi/hardware-config.nix b/makefu/1systems/crapi/hardware-config.nix new file mode 100644 index 000000000..bba31dabd --- /dev/null +++ b/makefu/1systems/crapi/hardware-config.nix @@ -0,0 +1,39 @@ +{ pkgs, lib, ... }: +{ + #raspi1 + boot.kernelParams = ["cma=32M" "console=ttyS0,115200n8" "console=tty0" "console=ttyS1,115200n8" ]; + + boot.loader.grub.enable = false; + boot.loader.raspberryPi.enable = true; + boot.loader.raspberryPi.version = 1; + boot.loader.raspberryPi.uboot.enable = true; + boot.loader.raspberryPi.uboot.configurationLimit = 1; + boot.loader.generationsDir.enable = lib.mkDefault false; + hardware.enableRedistributableFirmware = true; + boot.cleanTmpDir = true; + environment.systemPackages = [ pkgs.raspberrypi-tools ]; + boot.kernelPackages = pkgs.linuxPackages_rpi; + + nix.binaryCaches = [ "http://nixos-arm.dezgeg.me/channel" ]; + nix.binaryCachePublicKeys = [ "nixos-arm.dezgeg.me-1:xBaUKS3n17BZPKeyxL4JfbTqECsT+ysbDJz29kLFRW0=%" ]; + + fileSystems = { + "/boot" = { + device = "/dev/disk/by-label/NIXOS_BOOT"; + fsType = "vfat"; + }; + "/" = { + device = "/dev/disk/by-label/NIXOS_SD"; + fsType = "ext4"; + }; + }; + + system.activationScripts.create-swap = '' + if [ ! -e /swapfile ]; then + fallocate -l 2G /swapfile + mkswap /swapfile + chmod 600 /swapfile + fi + ''; + swapDevices = [ { device = "/swapfile"; size = 4096; } ]; +} diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index e274b4bf8..7bc06f833 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -84,6 +84,7 @@ in { <stockholm/makefu/2configs/shack/events-publisher> <stockholm/makefu/2configs/shack/gitlab-runner> <stockholm/makefu/2configs/remote-build/slave.nix> + <stockholm/makefu/2configs/remote-build/aarch64-community.nix> <stockholm/makefu/2configs/taskd.nix> # services diff --git a/makefu/1systems/gum/hardware-config.nix b/makefu/1systems/gum/hardware-config.nix index 542b79fe7..857fad7aa 100644 --- a/makefu/1systems/gum/hardware-config.nix +++ b/makefu/1systems/gum/hardware-config.nix @@ -41,36 +41,36 @@ in { boot.loader.grub.enable = true; boot.loader.grub.version = 2; boot.loader.grub.devices = [ main-disk ]; - boot.initrd.kernelModules = [ "dm-raid" ]; + boot.initrd.kernelModules = [ "dm-raid" "dm_cache" ]; boot.initrd.availableKernelModules = [ "ata_piix" "vmw_pvscsi" "virtio_pci" "sd_mod" "ahci" "xhci_pci" "ehci_pci" "ahci" "sd_mod" ]; - boot.kernelModules = [ "dm-thin-pool" "kvm-intel" ]; + boot.kernelModules = [ "dm-raid" "dm_cache" "dm-thin-pool" "kvm-intel" ]; hardware.enableRedistributableFirmware = true; fileSystems."/" = { - device = "/dev/mapper/nixos-root"; + device = "/dev/nixos/root"; fsType = "ext4"; }; fileSystems."/var/lib" = { - device = "/dev/mapper/nixos-lib"; + device = "/dev/nixos/lib"; fsType = "ext4"; }; fileSystems."/var/log" = { - device = "/dev/mapper/nixos-log"; + device = "/dev/nixos/log"; fsType = "ext4"; }; fileSystems."/var/download" = { - device = "/dev/mapper/nixos-download"; + device = "/dev/nixos/download"; fsType = "ext4"; }; fileSystems."/var/www/binaergewitter" = { - device = "/dev/mapper/nixos-binaergewitter"; + device = "/dev/nixos/binaergewitter"; fsType = "ext4"; - options = [ "nofail" ]; + options = [ "nofail" "x-systemd.automount" "x-systemd.device-timeout=5s" "x-systemd.mount-timeout=5s" ]; }; fileSystems."/var/lib/borgbackup" = { - device = "/dev/mapper/nixos-backup"; + device = "/dev/nixos/backup"; fsType = "ext4"; }; fileSystems."/boot" = { diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix index 3930406b1..ab77f16dd 100644 --- a/makefu/1systems/wbob/config.nix +++ b/makefu/1systems/wbob/config.nix @@ -9,6 +9,7 @@ in { imports = [ # Include the results of the hardware scan. <stockholm/makefu> + <stockholm/makefu/2configs/support-nixos.nix> <stockholm/makefu/2configs/zsh-user.nix> <stockholm/makefu/2configs/tools/core.nix> # <stockholm/makefu/2configs/disable_v6.nix> @@ -39,7 +40,6 @@ in { <stockholm/makefu/2configs/stats/telegraf/europastats.nix> <stockholm/makefu/2configs/stats/external/aralast.nix> <stockholm/makefu/2configs/stats/arafetch.nix> - <stockholm/makefu/2configs/deployment/led-fader.nix> <stockholm/makefu/2configs/hw/mceusb.nix> # <stockholm/makefu/2configs/stats/telegraf/bamstats.nix> { environment.systemPackages = [ pkgs.vlc ]; } @@ -51,6 +51,7 @@ in { ]; } <stockholm/makefu/2configs/bureautomation> + <stockholm/makefu/2configs/bureautomation/led-fader.nix> <stockholm/makefu/2configs/bureautomation/mpd.nix> <stockholm/makefu/2configs/bureautomation/hass.nix> (let diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix index 138735d91..de55e9e89 100644 --- a/makefu/1systems/x/config.nix +++ b/makefu/1systems/x/config.nix @@ -15,6 +15,13 @@ <stockholm/makefu/2configs/extra-fonts.nix> <stockholm/makefu/2configs/tools/all.nix> <stockholm/makefu/2configs/dict.nix> + #<stockholm/makefu/3modules/netboot_server.nix> + #{ + # netboot_server = { + # network.wan = "wlp3s0"; + # network.lan = "enp0s25"; + # }; + #} <stockholm/makefu/2configs/backup/state.nix> # <stockholm/makefu/2configs/dnscrypt/client.nix> @@ -53,20 +60,22 @@ <stockholm/makefu/2configs/virtualisation/libvirt.nix> <stockholm/makefu/2configs/virtualisation/docker.nix> <stockholm/makefu/2configs/virtualisation/virtualbox.nix> - { - networking.firewall.allowedTCPPorts = [ 8080 ]; - networking.nat = { - enable = true; - externalInterface = "wlp3s0"; - internalInterfaces = [ "vboxnet0" ]; - }; - } + #{ + # networking.firewall.allowedTCPPorts = [ 8080 ]; + # networking.nat = { + # enable = true; + # externalInterface = "wlp3s0"; + # internalInterfaces = [ "vboxnet0" ]; + # }; + #} # Services <stockholm/makefu/2configs/git/brain-retiolum.nix> <stockholm/makefu/2configs/tor.nix> <stockholm/makefu/2configs/vpn/vpngate.nix> # <stockholm/makefu/2configs/buildbot-standalone.nix> <stockholm/makefu/2configs/remote-build/aarch64-community.nix> + <stockholm/makefu/2configs/remote-build/gum.nix> + { nixpkgs.overlays = [ (self: super: super.prefer-remote-fetch self super) ]; } # Hardware <stockholm/makefu/2configs/hw/tp-x230.nix> @@ -162,7 +171,6 @@ "/home/makefu/docs" "/home/makefu/.password-store" "/home/makefu/.secrets-pass" - "/home/makefu/autosync/Database.kdb" ]; services.syncthing.user = lib.mkForce "makefu"; diff --git a/makefu/2configs/bureautomation/automation/10h_timer.nix b/makefu/2configs/bureautomation/automation/10h_timer.nix new file mode 100644 index 000000000..dd747114e --- /dev/null +++ b/makefu/2configs/bureautomation/automation/10h_timer.nix @@ -0,0 +1,154 @@ +[ + { alias = "start Felix 10h"; + trigger = { + platform = "state"; + entity_id = [ "device_tracker.felix_phone" "device_tracker.felix_laptop" ]; + from = "not_home"; + to = "home"; + }; + condition = { + condition = "and"; + conditions = [ + { + condition = "state"; + entity_id = "timer.felix_10h"; + state = "idle"; + } + { + condition = "time"; + after = "06:00:00"; + before = "12:00:00"; + } + ]; + }; + action = [ + { service = "timer.start"; + entity_id = [ "timer.felix_10h" "timer.felix_8_30h" "timer.felix_7h" ] ; + } + { service = "homeassistant.turn_on"; + entity_id = [ + "script.buzz_red_led_fast" + "script.blitz_10s" + ]; + } + { service = "light.turn_on"; + data = { + effect = "2"; + entity_id = [ "light.status_felix" ]; + }; + } + ]; + } + + { alias = "Disable Felix timer at button press"; + trigger = { + platform = "state"; + entity_id = "binary_sensor.redbutton"; + to = "on"; + }; + condition = { + condition = "and"; + conditions = [ + { + condition = "state"; + entity_id = "timer.felix_10h"; + state = "active"; + } + { + condition = "time"; + after = "12:00:00"; + before = "22:00:00"; + } + ]; + }; + action = + [ + { + service = "timer.cancel"; + entity_id = [ "timer.felix_10h" "timer.felix_8_30h" "timer.felix_7h" ]; + } + { + service = "homeassistant.turn_on"; + entity_id = [ "script.buzz_red_led_fast" ]; + } + { + service = "homeassistant.turn_off"; + entity_id = [ "light.status_felix" ]; + } + ]; + } + + { + alias = "Genug gearbeitet Felix"; + trigger = + { + platform = "event"; + event_type = "timer.finished"; + event_data.entity_id = "timer.felix_7h"; + }; + action = + [ + { service = "light.turn_on"; + data = { + rgb_color= [0 255 0]; + # effect = "0"; + entity_id = [ "light.status_felix" ]; + }; + } + ]; + } + + { + alias = "nun aber nach hause"; + trigger = + { + platform = "event"; + event_type = "timer.finished"; + event_data.entity_id = "timer.felix_8_30h"; + }; + action = + [ + { service = "light.turn_on"; + data = { + rgb_color= [255 255 0]; + # effect = "0"; + entity_id = [ "light.status_felix" ]; + }; + } + ]; + } + + { + alias = "Zu lange Felix!"; + trigger = + { + platform = "event"; + event_type = "timer.finished"; + event_data.entity_id = "timer.felix_10h"; + }; + action = + [ + { + service = "notify.telegrambot"; + data = { + title = "Zu lange Felix!"; + message = "Du bist schon 10 Stunden auf Arbeit, geh jetzt gefälligst nach Hause!"; + }; + } + { + service = "homeassistant.turn_on"; + entity_id = [ + "script.buzz_red_led" + "script.blitz_10s" + ]; + } + { service = "light.turn_on"; + data = { + rgb_color= [255 0 0]; + effect = "0"; + entity_id = [ "light.status_felix" ]; + }; + } + ]; + } +] diff --git a/makefu/2configs/bureautomation/automation/bureau-shutdown.nix b/makefu/2configs/bureautomation/automation/bureau-shutdown.nix new file mode 100644 index 000000000..c632a9e69 --- /dev/null +++ b/makefu/2configs/bureautomation/automation/bureau-shutdown.nix @@ -0,0 +1,66 @@ +[ + { alias = "Turn on Fernseher on group home"; + trigger = { + platform = "state"; + entity_id = "group.team"; + from = "not_home"; + to = "home"; + }; + action = { + service = "homeassistant.turn_on"; + entity_id = [ + "switch.fernseher" + "switch.feuer" + ]; + }; + } + { alias = "Turn off Fernseher after last in group left"; + trigger = [ + { # trigger when movement was detected at the time + platform = "state"; + entity_id = "group.team"; + from = "home"; + to = "not_home"; + } + { # trigger at 18:00 no matter what + # to avoid 'everybody left before 18:00:00' + platform = "time"; + at = "18:00:00"; + } + ]; + action = [ + { + service = "homeassistant.turn_off"; + entity_id = [ + "switch.fernseher" + "switch.feuer" + "light.status_felix" + "light.status_daniel" + ]; + } + { + service = "notify.telegrambot"; + data = { + title = "Bureau Shutdown"; + message = "All devices are turned off due to {{ trigger.platform }} - {{ trigger }}"; + }; + } + ]; + condition = + { condition = "and"; + conditions = [ + { + condition = "time"; + before = "06:30:00"; #only turn off between 6:30 and 18:00 + after = "18:00:00"; + # weekday = [ "mon" "tue" "wed" "thu" "fri" ]; + } + { # if anybody is still there + condition = "state"; + entity_id = "group.team"; + state = "not_home"; + } + ]; + }; + } +] diff --git a/makefu/2configs/bureautomation/automation/nachtlicht.nix b/makefu/2configs/bureautomation/automation/nachtlicht.nix new file mode 100644 index 000000000..2becd4a39 --- /dev/null +++ b/makefu/2configs/bureautomation/automation/nachtlicht.nix @@ -0,0 +1,43 @@ +[ + { + alias = "Turn off Nachtlicht on sunrise"; + trigger = + { + platform = "sun"; + event = "sunrise"; + }; + action = + { + service = "homeassistant.turn_off"; + entity_id = [ "group.nachtlicht" ]; + }; + } + + { + alias = "Turn on Nachtlicht on motion and dusk"; + trigger = + { + platform = "state"; + entity_id = "binary_sensor.motion"; + to = "on"; + }; + condition = # 'when dark' + { + condition = "or"; + conditions = [ + { condition = "sun"; + after = "sunset"; + |