From 952ea9255534ff158ca614a92b5cf6e36043541d Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 3 May 2022 21:43:47 +0200 Subject: generate-secrets: add retiolum ed25519 keys --- krebs/5pkgs/simple/generate-secrets/default.nix | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/krebs/5pkgs/simple/generate-secrets/default.nix b/krebs/5pkgs/simple/generate-secrets/default.nix index a800ff543..f9a7450f7 100644 --- a/krebs/5pkgs/simple/generate-secrets/default.nix +++ b/krebs/5pkgs/simple/generate-secrets/default.nix @@ -1,20 +1,21 @@ { pkgs }: -pkgs.writeDashBin "generate-secrets" '' +pkgs.writers.writeDashBin "generate-secrets" '' + set -eu HOSTNAME="$1" TMPDIR=$(${pkgs.coreutils}/bin/mktemp -d) + cd $TMPDIR + PASSWORD=$(${pkgs.pwgen}/bin/pwgen 25 1) HASHED_PASSWORD=$(echo $PASSWORD | ${pkgs.hashPassword}/bin/hashPassword -s) > /dev/null ${pkgs.openssh}/bin/ssh-keygen -t ed25519 -f $TMPDIR/ssh.id_ed25519 -P "" -C "" >/dev/null - ${pkgs.openssl}/bin/openssl genrsa -out $TMPDIR/retiolum.rsa_key.priv 4096 2>/dev/null > /dev/null - ${pkgs.openssl}/bin/openssl rsa -in $TMPDIR/retiolum.rsa_key.priv -pubout -out $TMPDIR/retiolum.rsa_key.pub 2>/dev/null > /dev/null + ${pkgs.tinc_pre}/bin/tinc --config "$TMPDIR" generate-keys 4096 >/dev/null cat < $TMPDIR/hashedPasswords.nix { root = "$HASHED_PASSWORD"; } EOF - cd $TMPDIR for x in *; do ${pkgs.coreutils}/bin/cat $x | ${pkgs.brain}/bin/brain insert -m krebs-secrets/$HOSTNAME/$x > /dev/null done @@ -31,9 +32,12 @@ pkgs.writeDashBin "generate-secrets" '' aliases = [ "$HOSTNAME.r" ]; - tinc.pubkey = ${"''"} - $(cat $TMPDIR/retiolum.rsa_key.pub) - ${"''"}; + tinc = { + pubkey = ${"''"} + $(cat $TMPDIR/rsa_key.pub) + ${"''"}; + pubkey_ed25519 = "$(cut -d ' ' -f 3 $TMPDIR/ed25519_key.pub)"; + }; }; }; ssh.privkey.path = ; -- cgit v1.2.3 From 83ae50c31a73d17885baf38586c892124fc076c2 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 3 May 2022 22:55:35 +0200 Subject: ponte.r: init --- krebs/1systems/ponte/config.nix | 10 ++++++++++ krebs/1systems/ponte/hw.nix | 13 +++++++++++++ krebs/3modules/krebs/default.nix | 33 +++++++++++++++++++++++++++++++++ 3 files changed, 56 insertions(+) create mode 100644 krebs/1systems/ponte/config.nix create mode 100644 krebs/1systems/ponte/hw.nix diff --git a/krebs/1systems/ponte/config.nix b/krebs/1systems/ponte/config.nix new file mode 100644 index 000000000..1e25ca9bf --- /dev/null +++ b/krebs/1systems/ponte/config.nix @@ -0,0 +1,10 @@ +{ config, pkgs, ... }: +{ + imports = [ + ./hw.nix + + + ]; + + krebs.build.host = config.krebs.hosts.ponte; +} diff --git a/krebs/1systems/ponte/hw.nix b/krebs/1systems/ponte/hw.nix new file mode 100644 index 000000000..83b537484 --- /dev/null +++ b/krebs/1systems/ponte/hw.nix @@ -0,0 +1,13 @@ +{ modulesPath, ... }: +{ + imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; + boot.loader.grub = { + efiSupport = true; + efiInstallAsRemovable = true; + device = "nodev"; + copyKernels = false; + }; + fileSystems."/boot" = { device = "/dev/disk/by-uuid/628A-7F3B"; fsType = "vfat"; }; + boot.initrd.kernelModules = [ "nvme" ]; + fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; }; +} diff --git a/krebs/3modules/krebs/default.nix b/krebs/3modules/krebs/default.nix index 5e0e69924..67d54b455 100644 --- a/krebs/3modules/krebs/default.nix +++ b/krebs/3modules/krebs/default.nix @@ -160,6 +160,39 @@ in { ssh.privkey.path = ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAcZg+iLaPZ0SpLM+nANxIjZC/RIsansjyutK0+gPhIe "; }; + ponte = { + cores = 1; + owner = config.krebs.users.krebs; + nets = { + retiolum = { + ip4.addr = "10.243.4.43"; + ip6.addr = "42::443"; + aliases = [ + "ponte.r" + ]; + tinc = { + pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEA52Glj/C85oMy3cnaRAtg2qkleaJFWiqwaQNUsk4JgX1PwZJ8aInD + YAMXj0H0wz7h3mh5QVRDq4i11LXOIy1P6J6QAvb3lssYnFfJkR9j/dArCIFsEhHf + V41E4KMcHV9t17xO6wQitXqzvcmxodxly8qAx1k7ddlGdQPTWXVvQTRgWBwm9oQ9 + w0d5p2fej/E5iOmbLyVjiJ72rFJIQdfPo782W78ZQftMSXsnyrr5OJu1b4qsga1Q + fYiAKjNE29OPiw5hLy9W/jLJMm0eR94LpUy0MZ5hYkYmvII1TqIqxVgj48gYfJ5v + QCjU9R2H5pUNfDiYutCqscRn5YDe44dcYBeG8Rkf0i4BTdqiE7h1AIciccXsJddt + HFxbWqi3HDoWlo7cFK9vYVUi4jgQP5cUVP85I43aDu3S3M3mszk1nyP+gDobE5Z9 + jPGckgn7wTYXlDioIlExJJ6FCaSWSxvh0Zh0HDrTD+WKP6qJ2aYnAz2xptiQGNCu + rYEvFoWd5T7VMzI02Z2hCiE2fFWlH63Am1tKspFKl+lHjwMrwcwFA5WoNHCeXx2X + S1T3I7P4SkRZervYJ55wQxCBKLgvZP2I1J1JzMkyuTszg9tex14MdVdZZrKXVrnr + exCMJruliLbZmtrbHHTXoCngppylnJOxKXpfpogLTZzLGncO6Ry5G18CAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + pubkey_ed25519 = "0l+q3Bg5gYcw8VDjSYV7+wVSO3t4Es5jizAYJ9UR8cA"; + }; + }; + }; + ssh.privkey.path = ; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJEw9fo8Qtb/DTLacdrJP7Ti7c4UXTm6wUUX+iRFweEo "; + }; puyak = { ci = true; cores = 4; -- cgit v1.2.3 From 264827aac1123ba4dd87a309b0171d2114695ea6 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 4 May 2022 13:30:59 +0200 Subject: ponte.r: put kernels/initrd on root platform --- krebs/1systems/ponte/hw.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/krebs/1systems/ponte/hw.nix b/krebs/1systems/ponte/hw.nix index 83b537484..78f7a603e 100644 --- a/krebs/1systems/ponte/hw.nix +++ b/krebs/1systems/ponte/hw.nix @@ -1,13 +1,14 @@ { modulesPath, ... }: { imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; + boot.loader.efi.efiSysMountPoint = "/boot/EFI"; boot.loader.grub = { efiSupport = true; efiInstallAsRemovable = true; device = "nodev"; copyKernels = false; }; - fileSystems."/boot" = { device = "/dev/disk/by-uuid/628A-7F3B"; fsType = "vfat"; }; boot.initrd.kernelModules = [ "nvme" ]; fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; }; + fileSystems."/boot/EFI" = { device = "/dev/disk/by-uuid/628A-7F3B"; fsType = "vfat"; }; } -- cgit v1.2.3 From 376b92c877442ec3be476ea5f4c89f8a715426dd Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 4 May 2022 13:41:40 +0200 Subject: ponte.r: add public ipv4 --- krebs/3modules/krebs/default.nix | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/krebs/3modules/krebs/default.nix b/krebs/3modules/krebs/default.nix index 67d54b455..d58f0fbaa 100644 --- a/krebs/3modules/krebs/default.nix +++ b/krebs/3modules/krebs/default.nix @@ -163,8 +163,15 @@ in { ponte = { cores = 1; owner = config.krebs.users.krebs; - nets = { + nets = rec { + internet = { + ip4 = { + addr = "141.147.36.79"; + prefix = "0.0.0.0/0"; + }; + }; retiolum = { + via = internet; ip4.addr = "10.243.4.43"; ip6.addr = "42::443"; aliases = [ -- cgit v1.2.3 From c4888bf3ff629dafebe4758b37ea16cebae0265a Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 10 May 2022 18:57:57 +0200 Subject: l themes: fix startup, add xresources --- lass/2configs/themes.nix | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/lass/2configs/themes.nix b/lass/2configs/themes.nix index 118619c1d..e020c62c4 100644 --- a/lass/2configs/themes.nix +++ b/lass/2configs/themes.nix @@ -12,6 +12,7 @@ ${pkgs.rsync}/bin/rsync --chown=lass:users -a --delete "/etc/themes/$1/" /var/theme/config/ echo "$1" > /var/theme/current_theme ${pkgs.coreutils}/bin/chown lass:users /var/theme/current_theme + ${pkgs.xorg.xrdb}/bin/xrdb -merge /var/theme/config/xresources ${pkgs.procps}/bin/pkill -HUP xsettingsd else echo "theme $1 not found" @@ -26,6 +27,8 @@ in { serviceConfig = { ExecStart = "${pkgs.xsettingsd}/bin/xsettingsd -c /var/theme/config/xsettings.conf"; User = "lass"; + Restart = "always"; + RestartSec = "15s"; }; }; systemd.tmpfiles.rules = [ @@ -38,11 +41,20 @@ in { "themes/light/xsettings.conf".text = '' Net/ThemeName "Adwaita" ''; + "themes/light/xresources".text = '' + *background: #ffffff + *foreground: #000000 + ''; "themes/dark/xsettings.conf".text = '' Net/ThemeName "Adwaita-dark" ''; + "themes/dark/xresources".text = '' + *background: #000000 + *foreground: #ffffff + ''; }; system.activationScripts.theme.text = '' + export DISPLAY=:0 if test -e /var/theme/current_theme; then ${switch-theme}/bin/switch-theme "$(cat /var/theme/current_theme)" || ${switch-theme}/bin/switch-theme dark -- cgit v1.2.3 From 8858488fa977c6313a30de50af8419759d34795a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kier=C3=A1n=20Meinhardt?= Date: Tue, 10 May 2022 19:11:31 +0200 Subject: external: add kmein gpg key --- krebs/3modules/external/gpg/kmein.gpg | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 krebs/3modules/external/gpg/kmein.gpg diff --git a/krebs/3modules/external/gpg/kmein.gpg b/krebs/3modules/external/gpg/kmein.gpg new file mode 100644 index 000000000..1fa694326 --- /dev/null +++ b/krebs/3modules/external/gpg/kmein.gpg @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQENBF0GDc0BCACZi+PQgX6Lefq/36X68W+XEyA2fWbMPJE1vAHETlzcMluOIL++ +6KRYqGr0ieFcaXNn4joNDN7cFMN0YHF2Rr7k6SWjOtcHS1RnZ8g/N+uxEvTBug60 +tRbhcO80rnHHb25jloV//wAAWD2ukTtwXWAMVBXwEXMc1JBOlFXcIDlNPdBMJG7A +/5+AKMXg8HYUSbsad1SyagZbo9KuC/s4BVReBr4vK/zTo1gIwy95dQrBnC31O7Wa +/s9CpNG//QJAbAxMN15P7Yo9xxG/AALjPSnKamp3yJsSiSyxhXImXEZtxU7ahq3t +/DzuI2BbIv3Nj/39IZLgETrplzKUnWV18TzdABEBAAG0HUtpZXLDoW4gTWVpbmhh +cmR0IDxrZm1Ad2lsZGU+iQFOBBMBCAA4FiEEnt6CzHKjQ6lSZtD0RIVwdKOsyLcF +Al0GDc0CGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQRIVwdKOsyLfHDQf/ +YLaprugBmzaCvAGADzdgSrQJyFY2BnncVH1b/0HQ1p1smrcvKqbCXxlUmrWM896B +7xHpcDPz/mMfNPTvSrcUHgqVkiiSsSzno1RCmeHKMiUaR/M6Ik59aa/EzxJf/QDT +3QYy3mFIj44M0ZWjRZJ/3RhVT6QxaUh7fRNzduVE0LH6suybPcTcnIUGSURKwG9F +cTXtMJA3+7UGj/emHk8yaFOWMJDY6h7rnXxiD5xcxapjrygFFNfAuaA2NcY3HEeG +yOVYGwPQhwFWjbUhC1RIYu2fz7fkD11zQ22gt0aEn5fqiIVssBEvHJqNp577QxO4 +6q4ag1Js/gbus6PfQzlvqrkBDQRdBg3NAQgA1ewP1suBTB5UxyqEl7fpisD6hZ62 +9TDQUSn2yfxa8W1wtTH5i1Mw0p5e/+vPFqfu2TMSPoqASq9sDjeWSsiCdtaHbLu0 +y1W5hhQwGcxqauFJBSj/VpDnKd38inOvbW5PwDqZBqnbRZOpsdvsQ2dlaS0/5AJa +RqJXNRc7Owg3ssqeBuhvZKeiPNADn3k9ZbAYNfDkYPJDbHTNPd8eu44vlBlMC7kX +IkucV8zV31x9lCZx0cjI+OQbd/4GOSxBKqjBX5SBUQAlzHUT2CLoeKkivxbnHH40 +gV1PP/3QVVMJjkAot0v/n95KRj78iYOU2PrP5DiPogtLO4v14/lE3eaENwARAQAB +iQE2BBgBCAAgFiEEnt6CzHKjQ6lSZtD0RIVwdKOsyLcFAl0GDc0CGwwACgkQRIVw +dKOsyLfjegf/bX4MkzqsIOOAcmVla7M29Uk0HX5j4dK5t4Z7kx8OnhbYUMr8vr1w ++2D5HiaV2kib5yhI17z9lL6vKyIWwTdf93zS+ivV+IUpxbx/KAdr83dd7B3RCdU7 +GFMzj7f3ieGQYOXw7pROZQR1zF90H6AtW/8qvOs73hSdcnQOtnmntvY/S5ifnzxi +jpsOgjM7VD+BWsmhmYw7E4FiZOaLfoRsylyj5I+Sim2j9Xnu6lYvcgBXvwIqfunO +O/gY21iomMwQm4mlXsFVRfSzRE4zlNASql1zcS1mbO6yeKJDKJgzqvWkcjd3OOuF +e67yzkzlwiVDJIjhV6B0tRCDIqiOaiS3vw== +=pwUK +-----END PGP PUBLIC KEY BLOCK----- -- cgit v1.2.3 From 4abb1cb1d564fac9cb3204ab78c32b83a485b3e6 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 10 May 2022 20:40:07 +0200 Subject: nixpkgs-unstable: e10da1c -> 2a3aac4 --- krebs/nixpkgs-unstable.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json index 5e98fcb79..30be112d1 100644 --- a/krebs/nixpkgs-unstable.json +++ b/krebs/nixpkgs-unstable.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "e10da1c7f542515b609f8dfbcf788f3d85b14936", - "date": "2022-04-27T07:19:43+10:00", - "path": "/nix/store/hzywi4az4ldmh416hpm4r27075qvfmsf-nixpkgs", - "sha256": "1if304v4i4lm217kp9f11f241kl3drbix3d0f08vgd6g43pv5mhq", + "rev": "2a3aac479caeba0a65b2ad755fe5f284f1fde74d", + "date": "2022-05-09T07:45:23+00:00", + "path": "/nix/store/56hy8l0ky71qdx5zibjzzg0q8ivkk7vc-nixpkgs", + "sha256": "0px2fk64s56qxd8ir8xg8bsj5yz1w399ps4xfkyx29n2ywp9ar7c", "fetchLFS": false, "fetchSubmodules": false, "deepClone": false, -- cgit v1.2.3 From 39c7bd462a43b90d113ad4315266b0166dff09da Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 10 May 2022 21:52:25 +0200 Subject: l: remove legacy pgp keys --- krebs/3modules/lass/default.nix | 2 -- krebs/3modules/lass/pgp/blue.pgp | 51 --------------------------------------- krebs/3modules/lass/pgp/green.pgp | 40 ------------------------------ 3 files changed, 93 deletions(-) delete mode 100644 krebs/3modules/lass/pgp/blue.pgp delete mode 100644 krebs/3modules/lass/pgp/green.pgp diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 25125157d..a0518a068 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -875,12 +875,10 @@ in { lass-blue = { mail = "lass@blue.r"; pubkey = builtins.readFile ./ssh/blue.rsa; - pgp.pubkeys.default = builtins.readFile ./pgp/blue.pgp; }; lass-green = { mail = "lass@green.r"; pubkey = builtins.readFile ./ssh/green.ed25519; - pgp.pubkeys.default = builtins.readFile ./pgp/green.pgp; }; lass-mors = { mail = "lass@mors.r"; diff --git a/krebs/3modules/lass/pgp/blue.pgp b/krebs/3modules/lass/pgp/blue.pgp deleted file mode 100644 index e7a1ac0e1..000000000 --- a/krebs/3modules/lass/pgp/blue.pgp +++ /dev/null @@ -1,51 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- - -mQINBFr9fAEBEACz2E2E7uBulVBBtPmk9IR2yB+uAWSe8Hi7vNiGc1Dbs40jzWuy -AqouqyC5xnVw66+cQaYOsgXiwencmu/cFEV2x2uRLDVh1E/fvc8yxAOizEIY0jm/ -WZ/4IWvTZLVPF3BOhM4p/HGNbdZhRc4RoljLTB34VuY1KSMhs3Vx7n3HgZzdbD7D -itUFU4oY5CnkQp4yl1Htat08cZmbD51VTZB1hDw2Uea+VuMQ/ImRtTqW+Ss4xyPA -DwUE/vRM3CKwBvcjbNL3uUqc5dtZuvruuFeK3ScmdNLytcgXqJzLlwuzHmSt/Tnc -DQZWKGiHnMvrAOkMEvsmiKhboWSAq4sRUPhISqZ7MSvPfhaH5Gcmhi+hL8FZhGY0 -qF7MNLHoimw6MBV6FIIA0vCDn2p5Vwc7L+LqLjWqAvxdfVoeUJjUWbWWNNWg4Tw7 -9e7rAR86e4AvhCZRubRn1aOfKGF5vg/El98OeIwBFQHpr7uznKfjmAEpoGveV+vG -amptMCBAr4Hw76U708XWOQkZ2GDY9cfdxUllhAmmPrNQ/OcT2b4x0xKvMi4nA5G8 -PBOFErkS61zNxsHgpFe2isG+VDqYLfeQhOdB101Qn6IHw3KxyW85CwImUpdRLMUi -0wtcA7M5GB94HRZ8qW6LtFBjwqm2NGudB0alfIWIq7KuRMXus3sJKQ2gDQARAQAB -tBlsYXNzQGJsdWUuciA8bGFzc0BibHVlLnI+iQJOBBMBCAA4FiEEuOpc8JA44Pd5 -NXyK8UJeZkL6H7wFAlr9fAECGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQ -8UJeZkL6H7ygPQ/+JydbB0IX64ojm34YaeWKVdM5D7JFBdNuKgbAMf0Uhcja6YcU -0YRvuOPpw4lNZqV/1yxDXGHJrVfGolq6uz28oWr+9VUD8QXH9ODm1EMLsU8Jb1Nh -SE+rWSAhEmdw8l9Bi12wq4v/z/JC93/VJLnBGOL8LDEsJ9OatUw71KIt/a50ERoz -uCZbMeLPym8WqSK1kjQehL5pj97BzxmBNpFYwqaniTAuqTN6bhs2ws+k89vjaWIP -T+bEqsJV/vR9KZcNlmKlTQwbsjQ1BZ9EuV4EBL6IAMrqxDeY3mFnT+EpkabfIVSh -38KmG+4PZDXaj6rCsrsH2pUKaZ/Z6Mr3lmFb/1aaK3xKiQyxcMrbcixIIVI8ihTM -HUC3DFFlA7+02b67QomWFLRiZid4gCry7xhZyryQJkN2l20fzRjWf0myzcPO0qxc -y39gUyEqy1oeaffCc1QgDJH2Hvf+P9StyMZIulNuCKJ9tfQR5nkkDAy/2p405Lmf -mdKOMha6bZ+mA5HbmjMqwyFPHEtU6t/mUhlh7mYqNYAJikuqV00N6nTKVrBb2IfK -atoHeUcmvMWBGL7+x3zxwf2pnum6a5iDES2ir87ltOGKGDeMt2Y/Ap30P+uZGnn1 -AiRu2bGkCiQ/WH1StJhAhJeleUfdbOa7/voc14nl3rewqyhqYd8dlI+TWAu5Ag0E -Wv18AQEQAOFMwY2ky5TyRrDqJosq0y/9+8D6RiXlyOnyTQ+bqu4mDEaVu3xNcKLH -CQsTM7gDR9pivapoDo84CK8w519DHCA2EpNGTDO4twcQ3jKqPth809LnibwdKJCe -qsfxsIfN8LbpKDOygZ2av11gcT0ye9uOMkiiRSE2MMGDU/50sskecavUAExDgwFs -v72ReU3fXRfTqYT6p/i/qMB7GbS8PlKFz61JKHDceS5GJUZJ5OWOoq7ZMCz6zrLW -2mQIJ7kblGCJKUnx/lZ5y9nqSCk7jer2qENxWNPOCwD48A78u1Bz8xSN5D1gFO3f -YSKh60kK5UljwkvRD7NvAcg2ifwL1e+/7v8WV9OsHDUBEiJO05tsjJ76QwHnEq6j -4peArcTAHWZ4uGncAgYN/Uii+0vs3oVDsZ9d2uLJxuR3h6T4XVejeuZ3j3o/XX/E -aZwcdH3VpKqEjdG4c4TMz96bN7ZN2DbgTf40rwPFKgWnvhCA9dWlmfy9pW2z2hyg -rJaRGXd/4znj5YlMliDrL4/Yp9j1J1CsoZM68er6/zMU1SA9U/y+MVqMoPCPlczx -mbwWQm1JH6fZv2SzHbZOrZYWKVWX+jPZQV6SjKwSiVrLlZJ0Z8u00HBRRRzXLwXa -OLL/dGP1v+msMv1oCJT1AsMcBEE3bY1efnDP1XK8vBLzoMKGS1RtABEBAAGJAjYE -GAEIACAWIQS46lzwkDjg93k1fIrxQl5mQvofvAUCWv18AQIbDAAKCRDxQl5mQvof -vOC1D/wO+tGKz/y5dc/ifJGTndxoHnU8tarboDll0kcdpTGU7It+ReNustqJZj5v -HK4V/ZXUw5+y6ZasNa/mFYY8oACOI40SlMdyt708XfPqYKXOpnM0oGRGfALi+oKg -iIzYtXsqYk5ZYSFWpgxajHef9HMmHNJ8riSVRugUPubPMKPR65DOXl+BdVIlQw7o -2g3s4Lii0IRKov3BvB51oJMhRK2Ne55VDBid32oIoqXLXS2E2gJQegioAiDUA5J4 -1f96RCeYfxOgaPj/o4eiXK0H3owA3W78/tIjq5218PCIYFsOKPhrSqJ7ZF/5yGwW -ppVzsaz1sE9oULR0VOFUwjpYmyH32WwKkLF6mKumb8Q7Pd/FJq0I3/kxD/OrlNVZ -8UCX0CzxMyfEeSUfScunKLMfopEGxXTR4l8jew7CwxX08H0nkqyegDZSN8MjYxQL -V/zoL+aPjYh1WYf1L8wyBZjQbA6khHwYRZPaHrGfGaCGC8MHiSjPb/nt54+vZXtt -17LcX4VvHwWIBf88JpZO9eyTFPdYIZANSyo6ltbRoomuAywuA5IibCwh/BXi/aVa -Jro4UvbiwMqbVgSAt15VAwEK1Re/NNLBTcVVMHsWr5WNmo0s2C7+j+iIMPEOwhRs -ZFj74cztyOF/dGeCv9ycW29g+ejXaPpFOYQz0A9bBdkEdTGWhQ== -=D854 ------END PGP PUBLIC KEY BLOCK----- diff --git a/krebs/3modules/lass/pgp/green.pgp b/krebs/3modules/lass/pgp/green.pgp deleted file mode 100644 index 96b2b38e4..000000000 --- a/krebs/3modules/lass/pgp/green.pgp +++ /dev/null @@ -1,40 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- - -mQGNBGAMS3EBDACzbsaP9nhJ8GrAk5JLlz+ruDbEGuvJXvh+spVq9i9TCCGAraPo -z8Tmgsw6SJhJMW/170OZJ+GMMEDRpRbvh8tLZ0jsTIwINasRjC68tF9dgjjPZdNN -cVOpFw4Wf4ueMmoEG/9Xyehm+YEJFTj5wul2uJtfj5NJB43daDn4e3ieGExd+zE0 -FTP4yAmxVMbN4BiyZPX7CxeTzJS0g4aVnMq9RqtYbxd1Uv++LmPh1ZkEyNNKItfC -nRFeZzjhnmD7LvwsixE2ENnbiL9Ho7Mc4C7kRKSJ+LvXH6ChJJtDy9ApVA+u90i5 -Rd7y9rdzFY+NCHusWg0/U/t2FoLc/hRa0eLE1KFtzWzH35TMl8R/7NrPztTwT/fH -xt3qSiwMUvH9X9TGvh5N0WwqgtEe6mpZvpq+4gyOiyA+EwE73rnxG2DzmM6CFHyo -Qm/OOfjuFH+l0PkAqti+f41SqlEOiOAAFzgz7gaTdJ8gXs8piOGxk4U5EK/p1OTW -4e6DrxqcxmHgoAUAEQEAAbQMbGFzc0BncmVlbi5yiQHUBBMBCAA+FiEE6Ed5jGI3 -gop09K1NMwheLc2Sjz0FAmAMS3ECGwMFCQPCZwAFCwkIBwIGFQoJCAsCBBYCAwEC -HgECF4AACgkQMwheLc2Sjz0otwv+I8Sw0ENqy6SsrZSGDtmhAouCeTIUseRQ66tp -UFnxDVPYhhdM2ubTtIqOfx20Xdy/7N/POyYMJ5VR+IaFcB9wUlrhdjwUlCtoUipx -EycZloccMPGySxAxR3Kcy/SFzUKWwQ10/mfSQg/4+vYayZNuSvEpviMEZn0prpmw -jwFJcHOu0NL+7eYULMdit1BDaZfBaAu/otKn18878+0hVimyjW27564uXtJYnbf1 -hUVGvPLaSo74XBFra+kujcA3zIjWiPn6dRA5dzLrRRkb30Unl1+0a9QwY3wd3vCV -UHWSgDNaV+o7yPTuxoMsfrxHPAc3JlaKM6ka/EdK04tbgMH/N7FHXqDqCEIBWML4 -1/+HxkP2UW59zLefQwvBqWcF6bA7kgHGhIDkg1yg7ygP0t2mH6ktuEAYYr24BFx7 -b8nK/jhK+rp3LomLTLQ6e/6mikfoDr636sB1/Bc+pTdWsJnuQTzaWBDloVEr/2hz -/K5+wH2kgSKaWYUtaR6wiMbVKq3HuQGNBGAMS3EBDAC1xQNCJD3hlnihHBv7jxfH -CI5HdnUEh1eP8mUKjSE+Z0xGEMq8Z9sbTHQxtDdmC4ZOq1Kkt2LmtQQQAIH+Qnu6 -RYFOAPRmegouIxg4S3eTPZhZRo1ZqCphqbL2mQ9ifNrG3VVvQGXNvjo3Cuwj0uzx -EDtOilKEtHZhG0cfehGV+nO1n/g50EQMC7JkFWnryxVL8i4l3KstOdj+LcIT6c27 -EE2fzOUekeltBHGRFSM1Yzmn2lxruuK4I8zoiqak2St1788ay//F9tiZPfhWRb6+ -DF+JgRLCXatqTJppPpkui1irw6jN5ZabjyS7GBtH+5wpnvuMEMr484OXEg17VnCd -Tx/RTLyjfffDtTkC4M7oiAr5SUbkJjVkEuwjxp1N19epD8gzrBQC2W7XKM3z+mtG -ZLJtiW5hM+QylMv7VWxbQ21ObJmUqBQUZLPlpl3dlGU/ILw3U4urBibD9oPT2QAX -J6Db/STyl6w0bzRbMJmaEM4P0FcdEKTuw7tOpl5zBUkAEQEAAYkBtgQYAQgAIBYh -BOhHeYxiN4KKdPStTTMIXi3Nko89BQJgDEtxAhsMAAoJEDMIXi3Nko89yc8MAJKg -M5lbA/PJYlIju/qWKWt7yZbsIGuDfmuKfYftjXDOqskEqDyYgr31Txd43bWM6Ec7 -gb5JVmtzvLull0/KRwMcKAFNTXIYcb3jKpanwWRgHQlt/D6zlQula73WxwNUlZWl -Q8FCWjGa2hC8oKlTbtzm5osdcK+YhlpTpK5y4Mrg0f9Rcd297ygFQSDInpGq7ILY -sFat3HU7w9oPp9Q5RS8/EmrvAx1kFj9mZRs4L9inJJnHFpb1R6snojcKPwEyIWBi -+PFZ6ns296FjW9C+Ci7C+aaAzVDM7NAwU0/EhWeDKKHITU3Zaz4gnShesKBiVxhI -JQNFCjWlnc+o3RqbAhDQhlwFrCZWUxQi1qWy4U88IYqR9hxV0eNtGSRmwnGCT9RV -Nxb6CjtmHpgUmzyvwBpBJya8bLYu5tCKnUodtFiq/poxEfI5WrP6pu5l648AwuPa -ioovprweDWs38Q8wd/SuoaUtIoj378UDXq8acFvHHnOS/bBBfAE9tutY1ycJdg== -=Fg3f ------END PGP PUBLIC KEY BLOCK----- -- cgit v1.2.3 From 62e78fd17b54eae17e5871f0dcde6d4a3a9addf5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sun, 8 May 2022 19:50:55 +0200 Subject: mic92: add hostnames to rock and rauter --- krebs/3modules/external/mic92.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix index 779e242c0..fa0e4ff97 100644 --- a/krebs/3modules/external/mic92.nix +++ b/krebs/3modules/external/mic92.nix @@ -163,6 +163,7 @@ in { rauter = { owner = config.krebs.users.mic92; nets = rec { + internet.addrs = [ "rauter.thalheim.io" ]; retiolum = { aliases = [ "rauter.r" ]; tinc.pubkey = '' @@ -472,6 +473,7 @@ in { rock = { owner = config.krebs.users.mic92; nets = { + internet.addrs = [ "rock.thalheim.io" ]; retiolum = { aliases = [ "rock.r" -- cgit v1.2.3 From 3997231dae35bb9c78bed4b656b1cc2c57a105d0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Wed, 11 May 2022 15:38:18 +0200 Subject: mic92: add maurice-home --- krebs/3modules/external/mic92.nix | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix index fa0e4ff97..8afb12794 100644 --- a/krebs/3modules/external/mic92.nix +++ b/krebs/3modules/external/mic92.nix @@ -804,6 +804,26 @@ in { }; }; + maurice-home = { + owner = config.krebs.users.mic92; + nets = rec { + retiolum = { + aliases = [ "maurice-home.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAwFmnVmH2n3sa/iJE1u7kSWHMW2nx66wnq7ZA2XF5Wt1hiky4BKBj + jxIIdXHlSmARhDSCMgBKl9Z6/8PsmCK3xEO8q60oTsT8PQIhN3eSF8n92iK3dyKx + PyUsUUHjkqkNtmo/M70T4gAEuB1b/QRkATco/pTv+lMVkYdIydtdALjSxU0YrTiz + J5Ntsngi9+yUJ5g3r/lCuWobKxd5Dlsx3nXg81jTsp9hlXW2HC0XTbOSyH2NC36C + 97Kgx2T25cG/FPhtQztQOems+FhbyJTFyZTGa8v/5rXeJlwcVFRh8sZ7E5yPzbJV + ZlBaorcpRtx8NY4jd8FnZftHF0BeAQJoYwIDAQAB + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "ohFUBMdmgS/DMe24sZ1+jNWzx65jCxto9pVjPnYIqzL"; + }; + }; + }; + mickey = { owner = config.krebs.users.mic92; nets = rec { -- cgit v1.2.3 From 11d2266f518e73bd96ab7c73130404053872902c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Wed, 11 May 2022 16:20:01 +0200 Subject: mic92: fix tinc name for maurice --- krebs/3modules/external/mic92.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix index 8afb12794..bb9e45382 100644 --- a/krebs/3modules/external/mic92.nix +++ b/krebs/3modules/external/mic92.nix @@ -804,7 +804,7 @@ in { }; }; - maurice-home = { + mauricehome = { owner = config.krebs.users.mic92; nets = rec { retiolum = { -- cgit v1.2.3 From 1c82c6c2a3abd4a3da448cc80c461932864e560f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Wed, 11 May 2022 16:22:44 +0200 Subject: mic92: also rename alias for maurice --- krebs/3modules/external/mic92.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix index bb9e45382..03201ddab 100644 --- a/krebs/3modules/external/mic92.nix +++ b/krebs/3modules/external/mic92.nix @@ -808,7 +808,7 @@ in { owner = config.krebs.users.mic92; nets = rec { retiolum = { - aliases = [ "maurice-home.r" ]; + aliases = [ "mauricehome.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- MIIBCgKCAQEAwFmnVmH2n3sa/iJE1u7kSWHMW2nx66wnq7ZA2XF5Wt1hiky4BKBj -- cgit v1.2.3 From c87ba30c0c1cf344c7cc090d73a2ba44140f15d9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Wed, 11 May 2022 20:04:50 +0200 Subject: mic92: add too many new hosts --- krebs/3modules/external/mic92.nix | 157 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 157 insertions(+) diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix index 03201ddab..d63a6b306 100644 --- a/krebs/3modules/external/mic92.nix +++ b/krebs/3modules/external/mic92.nix @@ -912,6 +912,163 @@ in { }; }; }; + + jackson = { + owner = config.krebs.users.mic92; + nets = rec { + internet = { + # jackson.dse.in.tum.de + ip4.addr = "131.159.102.3"; + ip6.addr = "2a09:80c0:102::3"; + aliases = [ "jackson.i" ]; + }; + retiolum = { + via = internet; + aliases = [ "jackson.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA11g2uc9+tw1Bmvs4U6gsyimZ1hR1rnWTJw8CDRw6t7gx0HhRnRgB + 0Fv11KjFGbImrcZ1wxCOJA+RQise18YnlpWIwYf/nDPGR21a1wcg3ZxVRa3/UQzb + pvbTFqK9NpPt7ENWs25ZLnatTFfc+D3kfoUSrwIVGKAaM87GlMkTH3FsARo4xj6H + NJeQ2snOIbLQ3xXQm3oZ5YN4CN30mtrcae+jIMlKnagBuDjP9UZ73GLHu1gJAPb6 + iXdBK6/UTGY9uYKNHXnpf11I4rPSPK1r/6KxS1sX65hh4BT5Fs5goRhVqIeeICVJ + Ufnwj7se3Ao24nLXyTRmVXaTEVN/AqPyyQIDAQAB + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "cjYmx4Bb0JjogXNov+wSiPPIHM06n1jQnPJbP/E1yRN"; + }; + }; + }; + adelaide = { + owner = config.krebs.users.mic92; + nets = rec { + internet = { + # adelaide.dse.in.tum.de + ip4.addr = "131.159.102.13"; + ip6.addr = "2a09:80c0:102::13"; + aliases = [ "adelaide.i" ]; + }; + retiolum = { + via = internet; + aliases = [ "adelaide.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAzxKKd1dV+XDUV8pHqkAtbLcwEZVsf0kK+y5X/zbZcXEZhQQv6/dY + YJRoNG3lo8+7FMwYO2b2uyIkO1PopsORMAA2vIFaKJ2Qnt7byuIQ6n9CafIADx1M + dVf+cwUhY8IVIX2ndz9pIAY8NhmzEcjG5vGKxRqev1zNwa1LtsLDLObhkKYznM6y + HV5F92GONMeNOovHCxIYsSJ8jLn8BB60toADzocgzKvCiEw4IwKnzL/au9RGY4Xi + 25YXBzF5ai84e+HyaGGGD/qa4SqL9/jCkDB7QAwRqb01wGhtTLty+ubjzh1HF3am + zpizPVNwBTqHW1S3W1i/yi5a5w4D/zdrRQIDAQAB + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "YzB5BqgIQ4f209B2KhpdHu6gRYj5IS64zy1wneq/yiG"; + }; + }; + }; + christina = { + owner = config.krebs.users.mic92; + nets = rec { + internet = { + # christina.dse.in.tum.de + ip4.addr = "131.159.102.14"; + ip6.addr = "2a09:80c0:102::14"; + aliases = [ "christina.i" ]; + }; + retiolum = { + via = internet; + aliases = [ "christina.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA2pP2uCuvFWKfUwYIOcmPkqG8q/rNNyfw9C39tIC0VsDD6WJ0I7xZ + S57AiG4j6OZwbv7/89qAR94SM4Q9LgmVHhUHf06gPhO0MTVNt0N1PrOnfxeCOlgK + aH6DWZVhiwwiYwAJ55CVNFSkuL7/FtJAkAXmP0Y+xmn0mi1GpMa6RfSazqNPkXik + HdB7u96D7Ul75yPdTDi0dvMvCxQGo4PQBctheNPY61s7P1/7tRhBT+22iJn3v2Bc + Q9qLa6WuGIuFYCxT7GDGrKVu+V9VhFJe42p8yyIscqFagc61C/whN6v7eOh22gSR + 8EbaexJIQ5xl8ZIJto+fr8MvYAQR4FpopwIDAQAB + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "/W10YGvcWZnVxCB6pxsC2D5A7QMk1Aw81YWi1p0Ex9O"; + }; + }; + }; + wilfred = { + owner = config.krebs.users.mic92; + nets = rec { + internet = { + # wilfred.dse.in.tum.de + ip4.addr = "131.159.102.15"; + ip6.addr = "2a09:80c0:102::15"; + aliases = [ "wilfred.i" ]; + }; + retiolum = { + via = internet; + aliases = [ "wilfred.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAtQMC/LTfesg49VU06TFt3ikA9cdXuWzvg1FkCo6yXBlQt8fLFYg1 + YBthh7W6CZYJwf6lGXUBtCiOnxidoQ89Fq61AQGGYzW8G/vqHwFaPGHQ42Eru+XG + RDi7ZjqOibdTemahX7gcDk6irB9WbkuXIS15n5FdQHhmjiun3zaEMoWpyiSM1HFQ + UfJLI8pRtB65RTdT3yp8XMASldTAlSlFj2AYlDZkgcRYLZuVWb/Wz7EewG4SiB9T + wZ1pUIhdnGNdb37S/VIjMPavaV4HK7u7awqwaaIRUYwWloCo8LGRDCXa3iEMql7J + tI4iMEsmjHi8P5mQp4ZwwNLWucdM9+Wt6QIDAQAB + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "5dMnJmUDmCnN/3dc7fTPlXweMmbs6W+VgSgZi+p+u2B"; + }; + }; + }; + river = { + owner = config.krebs.users.mic92; + nets = rec { + internet = { + # river.dse.in.tum.de + ip4.addr = "131.159.102.16"; + ip6.addr = "2a09:80c0:102::16"; + aliases = [ "river.i" ]; + }; + retiolum = { + via = internet; + aliases = [ "river.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAumAOQf8/nv2Ml082e7fgoicoQ7stspsx8v1bkoubW9yq/LbdcTki + cP6uZkLBXgd9cPq4vhSso/kaGn6UzPWeUCLv17gPn6jFlB1AYN6mJNLOxJyotajc + 78SyqzDyZ4iA0W44w98ic5yWQ/uaF3q3npFlHtAN4fD0aw50uR+2TgH5zCB8iNul + CNIRWU9sp1t6VFYSN49tcqZ4j6jb6q/MyH5o5WLPasnq0SzQd09rnhUax7QLbIBP + iNBYLOFYMYmoN1WlPwZf1Dt6NeFGyNn5aWE3xtOG6FYwzzCEXYOxxdXzuL5Mmiv9 + 6d71+XWEAzNT9OQB3oGCLAamT+9le7SqnwIDAQAB + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "gcgEqGyhO4S7Q44vID/cpbbVaLSNYov97oGwa3pSI4N"; + }; + }; + }; + jack = { + owner = config.krebs.users.mic92; + nets = rec { + internet = { + # river.dse.in.tum.de + ip4.addr = "131.159.102.17"; + ip6.addr = "2a09:80c0:102::17"; + aliases = [ "jack.i" ]; + }; + retiolum = { + via = internet; + aliases = [ "jack.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAx5ROeRs0CxD2IPfkrFB4O03/Kf8Ajjmd/J1gpCvHROKL+gDvaCO1 + 68RbTdC1f5K6Dwc51oX87XisrD435aNCqnlE8fw1X8ZYLKRlZmLDBJGSupm35jj3 + w80L9OTK07I3cK6AqCfRWyI9Ja6J9PGOT95h8OtiAPlYssEkSqGJrtwe61V5rq1A + st7khZO0b+xYsr+ZgOVuZMDAco9DwG7NFfpWkzAgTF6q0a+kdjFrFb6SaeJJf12t + WUGWEkaTP5iLQ/h3M+a7MH0Col+aPNEWE4ycqZR9U3E4pMqoD7tjkYdYtv9kR/j+ + ZtN2Vlw+hKC47DA3zRNRcg7DC+FFDNFaYwIDAQAB + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "vmtUoblzicabsNFu7u889cF9pgBKoJpHHIhY8Y/eQgC"; + }; + }; + }; hal9000 = { owner = config.krebs.users.mic92; nets = rec { -- cgit v1.2.3 From ac50726777d4bc3c7552d0e5841804348f6a30f8 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 17 May 2022 20:15:10 +0200 Subject: crustacea.r: fix ip6 address --- krebs/3modules/external/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index e12f097cb..bf0b82de0 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -306,7 +306,7 @@ in { nets = { retiolum = { ip4.addr = "10.243.42.63"; - ip6.addr = "42:4a6f::4263"; + ip6.addr = "42:0:4a6f::4263"; aliases = [ "crustacea.r" ]; -- cgit v1.2.3 From 57464602911efcfac2c5465fba5b9b6bc1b44156 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 17 May 2022 22:36:07 +0200 Subject: ponte.r: add matterbridge service --- krebs/1systems/ponte/config.nix | 1 + krebs/2configs/matterbridge.nix | 49 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 50 insertions(+) create mode 100644 krebs/2configs/matterbridge.nix diff --git a/krebs/1systems/ponte/config.nix b/krebs/1systems/ponte/config.nix index 1e25ca9bf..8250ebad9 100644 --- a/krebs/1systems/ponte/config.nix +++ b/krebs/1systems/ponte/config.nix @@ -4,6 +4,7 @@ ./hw.nix + ]; krebs.build.host = config.krebs.hosts.ponte; diff --git a/krebs/2configs/matterbridge.nix b/krebs/2configs/matterbridge.nix new file mode 100644 index 000000000..9c0908def --- /dev/null +++ b/krebs/2configs/matterbridge.nix @@ -0,0 +1,49 @@ +{ pkgs, lib, ... }: { + services.matterbridge = { + enable = true; + configPath = let + bridgeBotToken = lib.strings.fileContents ; + in + toString ((pkgs.formats.toml {}).generate "config.toml" { + general = { + RemoteNickFormat = "[{NICK}] "; + Charset = "utf-8"; + }; + telegram.krebs.Token = bridgeBotToken; + irc = let + Nick = "ponte"; + in { + hackint = { + Server = "irc.hackint.org:6697"; + UseTLS = true; + inherit Nick; + }; + }; + mumble.lassulus = { + Server = "lassul.us:64738"; + Nick = "krebs_bridge"; + SkipTLSVerify = true; + }; + gateway = [ + { + name = "krebs-bridge"; + enable = true; + inout = [ + { + account = "irc.hackint"; + channel = "#krebs"; + } + { + account = "telegram.krebs"; + channel = "-330372458"; + } + { + account = "mumble.lassulus"; + channel = 6; # "nixos" + } + ]; + } + ]; + }); + }; +} -- cgit v1.2.3 From 2da726f93d219bdc9abf6f7d7134e30138f619e2 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 17 May 2022 23:46:47 +0200 Subject: pager: bump to fix hang during load --- krebs/5pkgs/haskell/pager.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/krebs/5pkgs/haskell/pager.nix b/krebs/5pkgs/haskell/pager.nix index 3c9f80466..2f4a71f34 100644 --- a/krebs/5pkgs/haskell/pager.nix +++ b/krebs/5pkgs/haskell/pager.nix @@ -8,8 +8,8 @@ mkDerivation { version = "1.0.0"; src = fetchgit { url = "https://cgit.krebsco.de/pager"; - sha256 = "1kqd27faxinkwpxancyk0xl6n7ljlc8iqhnnq85l76bk4qi9b45i"; - rev = "f4cdf79bd4a75e9eafe68b9a908f4cc68682b7ef"; + sha256 = "1qlkhqidaa6w02ix9ambfdsm7lfyx30ap481b9ic1ppyfkhqzfp6"; + rev = "fc6105a5e7d1e3a07bf07ea85e7902dd8e9fc849"; fetchSubmodules = true; }; isLibrary = false; -- cgit v1.2.3 From 5cbb9aeb7249c51e7a6f4075695e0ca1ec9e0296 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 18 May 2022 16:57:57 +0200 Subject: l: move radio to subfolder --- lass/1systems/prism/config.nix | 3 +- lass/2configs/radio-news.nix | 99 -------- lass/2configs/radio.nix | 492 --------------------------------------- lass/2configs/radio/default.nix | 504 ++++++++++++++++++++++++++++++++++++++++ lass/2configs/radio/news.nix | 120 ++++++++++ 5 files changed, 625 insertions(+), 593 deletions(-) delete mode 100644 lass/2configs/radio-news.nix delete mode 100644 lass/2configs/radio.nix create mode 100644 lass/2configs/radio/default.nix create mode 100644 lass/2configs/radio/news.nix diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index c62091428..d174e6057 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -113,8 +113,7 @@ with import ; } - - + diff --git a/lass/2configs/radio-news.nix b/lass/2configs/radio-news.nix deleted file mode 100644 index eb7d3bd9a..000000000 --- a/lass/2configs/radio-news.nix +++ /dev/null @@ -1,99 +0,0 @@ -{ config, lib, pkgs, ... }: -let - weather_report = pkgs.writers.writeDashBin "weather_report" '' - set -efu - ${pkgs.curl}/bin/curl -fsSL https://wttr.in/''${1-}?format=j1 \ - | ${pkgs.jq}/bin/jq -r ' - [.nearest_area[0] | "Weather report for \(.areaName[0].value), \(.country[0].value)."] - + [.current_condition[0] | "Currently it is \(.weatherDesc[0].value) outside with a temperature of \(.temp_C) degrees."] - | join("\n") - ' - ''; - send_to_radio = pkgs.writers.writeDashBin "send_to_radio" '' - ${pkgs.vorbisTools}/bin/oggenc - | - ${pkgs.libshout}/bin/shout --format ogg --host localhost --port 1338 --mount /live - ''; - - gc_news = pkgs.writers.writeDashBin "gc_news" '' - set -xefu - ${pkgs.coreutils}/bin/cat $HOME/news | ${pkgs.jq}/bin/jq -cs 'map(select((.to|fromdateiso8601) > now)) | .[]' > $HOME/bla-news.tmp - ${pkgs.coreutils}/bin/mv $HOME/bla-news.tmp $HOME/news - ''; - - get_current_news = pkgs.writers.writeDashBin "get_current_news" '' - set -xefu - ${pkgs.coreutils}/bin/cat $HOME/news | ${pkgs.jq}/bin/jq -rs 'map(select(((.to | fromdateiso8601) > now) and (.from|fromdateiso8601) < now) | .text) | .[]' - ''; - - newsshow = pkgs.writers.writeDashBin "newsshow" /* sh */ '' - echo " - hello crabpeople! - $(${pkgs.ddate}/bin/ddate | sed 's/YOLD/Year of Discord/')! - It is $(date --utc +%H) o clock UTC. - todays news: - $(get_current_news) - $(gc_news) - $(weather_report berlin) - $(weather_report 70173) - $(weather_report munich) - " - ''; -in -{ - systemd.services.newsshow = { - path = [ - newsshow - send_to_radio - gc_news - get_current_news - weather_report - pkgs.curl - pkgs.retry - ]; - script = '' - set -efu - retry -t 5 -d 10 -- newsshow | - retry -t 5 -d 10 -- curl -fSsG http://tts.r/api/tts --data-urlencode 'text@-' | - retry -t 5 -d 10 -- send_to_radio - ''; - startAt = "*:00:00"; - serviceConfig = { - User = "radio-news"; - }; - }; - - krebs.iptables.tables.filter.INPUT.rules = [ - { predicate = "-p tcp --dport 7999"; target = "ACCEPT"; } - ]; - - krebs.htgen.news = { - port = 7999; - user = { - name = "radio-news"; - }; - script = ''. ${pkgs.writers.writeDash "htgen-news" '' - set -xefu - case "$Method $Request_URI" in - "POST /") - payload=$(head -c "$req_content_length" \ - | sed 's/+/ /g;s/%\(..\)/\\x\1/g;' \ - | xargs -0 echo -e \ - ) - echo "$payload" | jq 'has("from") and has("to") and has("text")' >&2 - echo "$payload" | jq -c '{ from: (.from | fromdate | todate), to: (.to | fromdate | todate), text: .text }' >> $HOME/news - printf 'HTTP/1.1 200 OK\r\n' - printf 'Connection: close\r\n' - printf '\r\n' - exit - ;; - esac - ''}''; - }; - - ## debug - # environment.systemPackages = [ - # weather_report - # send_to_radio - # newsshow - # ]; -} diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix deleted file mode 100644 index 15d07dada..000000000 --- a/lass/2configs/radio.nix +++ /dev/null @@ -1,492 +0,0 @@ -{ config, pkgs, ... }: -with pkgs.stockholm.lib; - -let - name = "radio"; - - music_dir = "/home/radio/music"; - - add_random = pkgs.writeDashBin "add_random" '' - ${pkgs.mpc_cli}/bin/mpc add "$(${pkgs.findutils}/bin/find "${music_dir}/the_playlist" \ - | grep -Ev '/other/|/.graveyard/' \ - | grep '\.ogg$' \ - | shuf -n1 \ - | sed 's,${music_dir}/,,' \ - )" - ''; - - get_current_track_position = pkgs.writeDash "get_current_track_position" '' - ${pkgs.mpc_cli}/bin/mpc status | ${pkgs.gawk}/bin/awk '/^\[playing\]/ { sub(/\/.+/,"",$3); split($3,a,/:/); print a[1]*60+a[2] }' - ''; - - skip_track = pkgs.writeBashBin "skip_track" '' - set -eu - - ${add_random}/bin/add_random - music_dir=${escapeShellArg music_dir} - current_track=$(${pkgs.mpc_cli}/bin/mpc current -f %file%) - track_infos=$(${print_current}/bin/print_current) - skip_count=$(${pkgs.attr}/bin/getfattr -n user.skip_count --only-values "$music_dir"/"$current_track" || echo 0) - if [[ "$current_track" =~ ^the_playlist/music/.* ]] && [ "$skip_count" -le 2 ]; then - skip_count=$((skip_count+1)) - ${pkgs.attr}/bin/setfattr -n user.skip_count -v "$skip_count" "$music_dir"/"$current_track" - echo skipping: "$track_infos" skip_count: "$skip_count" - else - mkdir -p "$music_dir"/the_playlist/.graveyard/ - mv "$music_dir"/"$current_track" "$music_dir"/the_playlist/.graveyard/ - echo killing: "$track_infos" - fi - ${pkgs.mpc_cli}/bin/mpc -q next - ''; - - good_track = pkgs.writeBashBin "good_track" '' - set -eu - - music_dir=${escapeShellArg music_dir} - current_track=$(${pkgs.mpc_cli}/bin/mpc current -f %file%) - track_infos=$(${print_current}/bin/print_current) - if [[ "$current_track" =~ ^the_playlist/music/.* ]]; then - ${pkgs.attr}/bin/setfattr -n user.skip_count -v 0 "$music_dir"/"$current_track" - else - mv "$music_dir"/"$current_track" "$music_dir"/the_playlist/music/ || : - fi - echo good: "$track_infos" - ''; - - track_youtube_link = pkgs.writeDash "track_youtube_link" '' - ${pkgs.mpc_cli}/bin/mpc current -f %file% \ - | ${pkgs.gnused}/bin/sed 's@.*\(.\{11\}\)\.ogg@https://www.youtube.com/watch?v=\1@' - ''; - - print_current = pkgs.writeDashBin "print_current" '' - echo "$(${pkgs.mpc_cli}/bin/mpc current -f %file%) \ - $(${track_youtube_link})" - ''; - - print_current_json = pkgs.writeDashBin "print_current_json" '' - ${pkgs.jq}/bin/jq -n -c \ - --arg name "$(${pkgs.mpc_cli}/bin/mpc current)" \ - --arg artist "$(${pkgs.mpc_cli}/bin/mpc current -f %artist%)" \ - --arg title "$(${pkgs.mpc_cli}/bin/mpc current -f %title%)" \ - --arg filename "$(${pkgs.mpc_cli}/bin/mpc current -f %file%)" \ - --arg position "$(${get_current_track_position})" \ - --arg length "$(${pkgs.mpc_cli}/bin/mpc current -f %time%)" \ - --arg youtube "$(${track_youtube_link})" '{ - name: $name, - artist: $artist, - title: $title, - filename: $filename, - position: $position, - length: $length, - youtube: $youtube - }' - ''; - - set_irc_topic = pkgs.writeDash "set_irc_topic" '' - ${pkgs.curl}/bin/curl -fsS --unix-socket /home/radio/reaktor.sock http://z/ \ - -H content-type:application/json \ - -d "$(${pkgs.jq}/bin/jq -n \ - --arg text "$1" '{ - command:"TOPIC", - params:["#the_playlist",$text] - }' - )" - ''; - - write_to_irc = pkgs.writeDash "write_to_irc" '' - ${pkgs.curl}/bin/curl -fsSv --unix-socket /home/radio/reaktor.sock http://z/ \ - -H content-type:application/json \ - -d "$(${pkgs.jq}/bin/jq -n \ - --arg text "$1" '{ - command:"PRIVMSG", - params:["#the_playlist",$text] - }' - )" - ''; - -in { - users.users = { - "${name}" = rec { - inherit name; - createHome = mkForce false; - group = name; - uid = genid_uint31 name; - description = "radio manager"; - home = "/home/${name}"; - useDefaultShell = true; - openssh.authorizedKeys.keys = with config.krebs.users; [ - lass.pubkey - lass-mors.pubkey - ]; - }; - }; - - users.groups = { - "radio" = {}; - }; - - krebs.per-user.${name}.packages = with pkgs; [ - add_random - good_track - skip_track - print_current - print_current_json - ncmpcpp - mpc_cli - ]; - - services.mpd = { - enable = true; - user = "radio"; - musicDirectory = "${music_dir}"; - dataDir = "/home/radio/state"; # TODO create this somwhere - extraConfig = '' - log_level "default" - auto_update "yes" - volume_normalization "yes" - - audio_output { - type "httpd" - name "raw radio" - encoder "wave" - port "7900" - format "44100:16:2" - always_on "yes" # prevent MPD from disconnecting all listeners when playback is stopped. - tags "yes" # httpd supports sending tags to listening streams. - } - ''; - }; - services.liquidsoap.streams.radio-news = pkgs.writeText "radio-news.liq" '' - source = mksafe(input.http("http://localhost:7900/raw.wave")) - - output.icecast(mount = '/music.ogg', password = 'hackme', %vorbis(quality = 1), source) - output.icecast(mount = '/music.mp3', password = 'hackme', %mp3.vbr(), source) - output.icecast(mount = '/music.opus', password = 'hackme', %opus(), source) - - extra_input = audio_to_stereo(input.harbor("live", port=1338)) - - o = smooth_add(normal = source, special = extra_input) - output.icecast(mount = '/radio.ogg', password = 'hackme', %vorbis(quality = 1), o) - output.icecast(mount = '/radio.mp3', password = 'hackme', %mp3.vbr(), o) - output.icecast(mount = '/radio.opus', password = 'hackme', %opus(), o) - ''; - services.icecast = { - enable = true; - hostname = "radio.lassul.us"; - admin.password = "hackme"; - extraConf = '' - - hackme - - ''; - }; - - krebs.iptables = { - tables = { - filter.INPUT.rules = [ - { predicate = "-p tcp --dport 8000"; target = "ACCEPT"; } - { predicate = "-i retiolum -p tcp --dport 8001"; target = "ACCEPT"; } - ]; - }; - }; - - systemd.timers.radio = { - description = "radio autoadder timer"; - wantedBy = [ "timers.target" ]; - - timerConfig = { - OnCalendar = "*:0/1"; - }; - }; - - systemd.services.radio = let - autoAdd = pkgs.writeDash "autoAdd" '' - LIMIT=$1 #in seconds - - timeLeft () { - playlistDuration=$(${pkgs.mpc_cli}/bin/mpc --format '%time%' playlist | ${pkgs.gawk}/bin/awk -F ':' 'BEGIN{t=0} {t+=$1*60+$2} END{print t}') - currentTime=$(${get_current_track_position}) - expr ''${playlistDuration:-0} - ''${currentTime:-0} - } - - if test $(timeLeft) -le $LIMIT; then - ${add_random}/bin/add_random - fi - ${pkgs.mpc_cli}/bin/mpc play > /dev/null - ''; - in { - description = "radio playlist autoadder"; - after = [ "network.target" ]; - - restartIfChanged = true; - - serviceConfig = { - ExecStart = "${autoAdd} 150"; - }; - }; - - systemd.services.radio-recent = let - recentlyPlayed = pkgs.writeDash "recentlyPlayed" '' - set -xeu - LIMIT=1000 #how many tracks to keep in the history - HISTORY_FILE=/var/lib/radio/recent - while :; do - ${pkgs.mpc_cli}/bin/mpc idle player > /dev/null - ${pkgs.mpc_cli}/bin/mpc current -f %file% - done | while read track; do - - listeners=$(${pkgs.curl}/bin/curl lassul.us:8000/status-json.xsl | - ${pkgs.jq}/bin/jq '[.icestats.source[].listeners] | add') - echo "$(date -Is)" "$track" | tee -a "$HISTORY_FILE" - echo "$(tail -$LIMIT "$HISTORY_FILE")" > "$HISTORY_FILE" - ${set_irc_topic} "playing: $track listeners: $listeners" - done - ''; - in { - description = "radio recently played"; - after = [ "mpd.service" "network.target" ]; - wantedBy = [ "multi-user.target" ]; - - restartIfChanged = true; - - serviceConfig = { - ExecStart = recentlyPlayed; - User = "radio"; - }; - }; - - # allow reaktor2 to modify files - systemd.services."reaktor2-the_playlist".serviceConfig.DynamicUser = mkForce false; - - krebs.reaktor2.the_playlist = { - hostname = "irc.hackint.org"; - port = "6697"; - useTLS = true; - nick = "the_playlist"; - username = "radio"; - API.listen = "unix:/home/radio/reaktor.sock"; - plugins = [ - { - plugin = "register"; - config = { - channels = [ - "#the_playlist" - "#krebs" - ]; - }; - } - { - plugin = "system"; - config = { - workdir = config.krebs.reaktor2.the_playlist.stateDir; - hooks.PRIVMSG = [ - { - activate = "match"; - pattern = "^(?:.*\\s)?\\s*the_playlist:\\s*([0-9A-Za-z._][0-9A-Za-z._-]*)(?:\\s+(.*\\S))?\\s*$"; - command = 1; - arguments = [2]; - commands = { - skip.filename = "${skip_track}/bin/skip_track"; - next.filename = "${skip_track}/bin/skip_track"; - bad.filename = "${skip_track}/bin/skip_track"; - - good.filename = "${good_track}/bin/good_track"; - nice.filename = "${good_track}/bin/good_track"; - like.filename = "${good_track}/bin/good_track"; - - current.filename = "${print_current}/bin/print_current"; - suggest.filename = pkgs.writeDash "suggest" '' - echo "$@" >> playlist_suggest - ''; - }; - } - ]; - }; - } - ]; - }; - - krebs.htgen.radio = { - port = 8001; - user = { - name = "radio"; - }; - script = ''. ${pkgs.writeDash "radio" '' - case "$Method $Request_URI" in - "GET /current") - printf 'HTTP/1.1 200 OK\r\n' - printf 'Connection: close\r\n' - printf '\r\n' - ${print_current_json}/bin/print_current_json - exit - ;; - "POST /skip") - printf 'HTTP/1.1 200 OK\r\n' - printf 'Connection: close\r\n' - printf '\r\n' - msg=$(${skip_track}/bin/skip_track) - ${write_to_irc} "$msg" - echo "$msg" - exit - ;; - "POST /good") - printf 'HTTP/1.1 200 OK\r\n' - printf 'Connection: close\r\n' - printf '\r\n' - msg=$(${good_track}/bin/good_track) - ${write_to_irc} "$msg" - echo "$msg" - exit - ;; - esac - ''}''; - }; - - services.nginx = { - enable = true; - virtualHosts."radio.lassul.us" = { - forceSSL = true; - enableACME = true; - locations."/".extraConfig = '' - proxy_set_header Host $host; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Host $host; - proxy_set_header X-Forwarded-Server $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_pass http://localhost:8000; - ''; - locations."= /recent".extraConfig = '' - default_type "text/plain"; - alias /var/lib/radio/recent; - ''; - locations."= /current".extraConfig = '' - proxy_pass http://localhost:8001; - ''; - locations."= /skip".extraConfig = '' - proxy_pass http://localhost:8001; - ''; - locations."= /good".extraConfig = '' - proxy_pass http://localhost:8001; - ''; - locations."= /controls".extraConfig = '' - default_type "text/html"; - alias ${pkgs.writeText "controls.html" '' - - - - - - - - The_Playlist Voting! - - - - - -
- - - -
- Currently Running:
- -
-
-
- -
- - - - - ''}; - ''; - extraConfig = '' - add_header 'Access-Control-Allow-Origin' '*'; - add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; - ''; - }; - virtualHosts."lassul.us".locations."= /the_playlist".extraConfig = let - html = pkgs.writeText "index.html" '' - - - - - lassulus playlist - - -
- -
-
- -
- - - - ''; - in '' - default_type "text/html"; - alias ${html}; - ''; - }; - services.syncthing.declarative.folders."the_playlist" = { - path = "/home/radio/music/the_playlist"; - devices = [ "mors" "phone" "prism" ]; - }; - krebs.permown."/home/radio/music/the_playlist" = { - owner = "radio"; - group = "syncthing"; - umask = "0002"; - }; -} diff --git a/lass/2configs/radio/default.nix b/lass/2configs/radio/default.nix new file mode 100644 index 000000000..34115f56a --- /dev/null +++ b/lass/2configs/radio/default.nix @@ -0,0 +1,504 @@ +{ config, pkgs, ... }: +with pkgs.stockholm.lib; + +let + name = "radio"; + + music_dir = "/home/radio/music"; + + add_random = pkgs.writeDashBin "add_random" '' + ${pkgs.mpc_cli}/bin/mpc add "$(${pkgs.findutils}/bin/find "${music_dir}/the_playlist" \ + | grep -Ev '/other/|/.graveyard/' \ + | grep '\.ogg$' \ + | shuf -n1 \ + | sed 's,${music_dir}/,,' \ + )" + ''; + + get_current_track_position = pkgs.writeDash "get_current_track_position" '' + ${pkgs.mpc_cli}/bin/mpc status | ${pkgs.gawk}/bin/awk '/^\[playing\]/ { sub(/\/.+/,"",$3); split($3,a,/:/); print a[1]*60+a[2] }' + ''; + + skip_track = pkgs.writeBashBin "skip_track" '' + set -eu + + ${add_random}/bin/add_random + music_dir=${escapeShellArg music_dir} + current_track=$(${pkgs.mpc_cli}/bin/mpc current -f %file%) + track_infos=$(${print_current}/bin/print_current) + skip_count=$(${pkgs.attr}/bin/getfattr -n user.skip_count --only-values "$music_dir"/"$current_track" || echo 0) + if [[ "$current_track" =~ ^the_playlist/music/.* ]] && [ "$skip_count" -le 2 ]; then + skip_count=$((skip_count+1)) + ${pkgs.attr}/bin/setfattr -n user.skip_count -v "$skip_count" "$music_dir"/"$current_track" + echo skipping: "$track_infos" skip_count: "$skip_count" + else + mkdir -p "$music_dir"/the_playlist/.graveyard/ + mv "$music_dir"/"$current_track" "$music_dir"/the_playlist/.graveyard/ + echo killing: "$track_infos" + fi + ${pkgs.mpc_cli}/bin/mpc -q next + ''; + + good_track = pkgs.writeBashBin "good_track" '' + set -eu + + music_dir=${escapeShellArg music_dir} + current_track=$(${pkgs.mpc_cli}/bin/mpc current -f %file%) + track_infos=$(${print_current}/bin/print_current) + if [[ "$current_track" =~ ^the_playlist/music/.* ]]; then + ${pkgs.attr}/bin/setfattr -n user.skip_count -v 0 "$music_dir"/"$current_track" + else + mv "$music_dir"/"$current_track" "$music_dir"/the_playlist/music/ || : + fi + echo good: "$track_infos" + ''; + + track_youtube_link = pkgs.writeDash "track_youtube_link" '' + ${pkgs.mpc_cli}/bin/mpc current -f %file% \ + | ${pkgs.gnused}/bin/sed 's@.*\(.\{11\}\)\.ogg@https://www.youtube.com/watch?v=\1@' + ''; + + print_current = pkgs.writeDashBin "print_current" '' + echo "$(${pkgs.mpc_cli}/bin/mpc current -f %file%) \ + $(${track_youtube_link})" + ''; + + print_current_json = pkgs.writeDashBin "print_current_json" '' + ${pkgs.jq}/bin/jq -n -c \ + --arg name "$(${pkgs.mpc_cli}/bin/mpc current)" \ + --arg artist "$(${pkgs.mpc_cli}/bin/mpc current -f %artist%)" \ + --arg title "$(${pkgs.mpc_cli}/bin/mpc current -f %title%)" \ + --arg filename "$(${pkgs.mpc_cli}/bin/mpc current -f %file%)" \ + --arg position "$(${get_current_track_position})" \ + --arg length "$(${pkgs.mpc_cli}/bin/mpc current -f %time%)" \ + --arg youtube "$(${track_youtube_link})" '{ + name: $name, + artist: $artist, + title: $title, + filename: $filename, + position: $position, + length: $length, + youtube: $youtube + }' + ''; + + set_irc_topic = pkgs.writeDash "set_irc_topic" '' + ${pkgs.curl}/bin/curl -fsS --unix-socket /home/radio/reaktor.sock http://z/ \ + -H content-type:application/json \ + -d "$(${pkgs.jq}/bin/jq -n \ + --arg text "$1" '{ + command:"TOPIC", + params:["#the_playlist",$text] + }' + )" + ''; + + write_to_irc = pkgs.writeDash "write_to_irc" '' + ${pkgs.curl}/bin/curl -fsSv --unix-socket /home/radio/reaktor.sock http://z/ \ + -H content-type:application/json \ + -d "$(${pkgs.jq}/bin/jq -n \ + --arg text "$1" '{ + command:"PRIVMSG", + params:["#the_playlist",$text] + }' + )" + ''; + +in { + imports = [ + ./news.nix + ]; + + users.users = { + "${name}" = rec { + inherit name; + createHome = mkForce false; + group = name; + uid = genid_uint31 name; + description = "radio manager"; + home = "/home/${name}"; + useDefaultShell = true; + openssh.authorizedKeys.keys = with config.krebs.users; [ + lass.pubkey + lass-mors.pubkey + ]; + }; + }; + + users.groups = { + "radio" = {}; + }; + + krebs.per-user.${name}.packages = with pkgs; [ + add_random + good_track + skip_track + print_current + print_current_json + ncmpcpp + mpc_cli + ]; + + services.mpd = { + enable = true; + user = "radio"; + musicDirectory = "${music_dir}"; + dataDir = "/home/radio/state"; # TODO create this somwhere + extraConfig = '' + log_level "default" + auto_update "yes" + volume_normalization "yes" + + audio_output { + type "httpd" + name "raw radio" + encoder "wave" + port "7900" + format "44100:16:2" + always_on "yes" # prevent MPD from disconnecting all listeners when playback is stopped. + tags "yes" # httpd supports sending tags to listening streams. + } + ''; + }; + services.liquidsoap.streams.radio-news = pkgs.writeText "radio-news.liq" '' + source = mksafe(input.http("http://localhost:7900/raw.wave")) + + output.icecast(mount = '/music.ogg', password = 'hackme', %vorbis(quality = 1), source) + output.icecast(mount = '/music.mp3', password = 'hackme', %mp3.vbr(), source) + output.icecast(mount = '/music.opus', password = 'hackme', %opus(bitrate = 64), source) + + extra_input = audio_to_stereo(input.harbor("live", port=1338)) + + o = smooth_add(normal = source, special = extra_input) + output.icecast(mount = '/radio.ogg', password = 'hackme', %vorbis(quality = 1), o) + output.icecast(mount = '/radio.mp3', password = 'hackme', %mp3.vbr(), o) + output.icecast(mount = '/radio.opus', password = 'hackme', %opus(bitrate = 64), o) + ''; + services.icecast = { + enable = true; + hostname = "radio.lassul.us"; + admin.password = "hackme"; + extraConf = '' + + hackme + + ''; + }; + + krebs.iptables = { + tables = { + filter.INPUT.rules = [ + { predicate = "-p tcp --dport 8000"; target = "ACCEPT"; } + { predicate = "-i retiolum -p tcp --dport 8001"; target = "ACCEPT"; } + ]; + }; + }; + + systemd.timers.radio = { + description = "radio autoadder timer"; + wantedBy = [ "timers.target" ]; + + timerConfig = { + OnCalendar = "*:0/1"; + }; + }; + + systemd.services.radio = let + autoAdd = pkgs.writeDash "autoAdd" '' + LIMIT=$1 #in seconds + + timeLeft () { + playlistDuration=$(${pkgs.mpc_cli}/bin/mpc --format '%time%' playlist | ${pkgs.gawk}/bin/awk -F ':' 'BEGIN{t=0} {t+=$1*60+$2} END{print t}') + currentTime=$(${get_current_track_position}) + expr ''${playlistDuration:-0} - ''${currentTime:-0} + } + + if test $(timeLeft) -le $LIMIT; then + ${add_random}/bin/add_random + fi + ${pkgs.mpc_cli}/bin/mpc play > /dev/null + ''; + in { + description = "radio playlist autoadder"; + after = [ "network.target" ]; + + restartIfChanged = true; + + serviceConfig = { + ExecStart = "${autoAdd} 150"; + }; + }; + + systemd.services.radio-recent = let + recentlyPlayed = pkgs.writeDash "recentlyPlayed" '' + set -xefu + LIMIT=1000 #how many tracks to keep in the history + HISTORY_FILE=/var/lib/radio/recent + while :; do + ${pkgs.mpc_cli}/bin/mpc idle player > /dev/null + ${pkgs.mpc_cli}/bin/mpc current -f %file% + done | while read track; do + + listeners=$(${pkgs.curl}/bin/curl lassul.us:8000/status-json.xsl | + ${pkgs.jq}/bin/jq '[.icestats.source[].listeners] | add') + echo "$(date -Is)" "$track" | tee -a "$HISTORY_FILE" + echo "$(tail -$LIMIT "$HISTORY_FILE")" > "$HISTORY_FILE" + ${set_irc_topic} "playing: $track listeners: $listeners" + done + ''; + in { + description = "radio recently played"; + after = [ "mpd.service" "network.target" ]; + wantedBy = [ "multi-user.target" ]; + + restartIfChanged = true; + + serviceConfig = { + ExecStart = recentlyPlayed; + User = "radio"; + }; + }; + + # allow reaktor2 to modify files + systemd.services."reaktor2-the_playlist".serviceConfig.DynamicUser = mkForce false; + + krebs.reaktor2.the_playlist = { + hostname = "irc.hackint.org"; + port = "6697"; + useTLS = true; + nick = "the_playlist"; + username = "radio"; + API.listen = "unix:/home/radio/reaktor.sock"; + plugins = [ + { + plugin = "register"; + config = { + channels = [ + "#the_playlist" + "#krebs" + ]; + }; + } + { + plugin = "system"; + config = { + workdir = config.krebs.reaktor2.the_playlist.stateDir; + hooks.PRIVMSG = [ + { + activate = "match"; + pattern = "^(?:.*\\s)?\\s*the_playlist:\\s*([0-9A-Za-z._][0-9A-Za-z._-]*)(?:\\s+(.*\\S))?\\s*$"; + command = 1; + arguments = [2]; + commands = { + skip.filename = "${skip_track}/bin/skip_track"; + next.filename = "${skip_track}/bin/skip_track"; + bad.filename = "${skip_track}/bin/skip_track"; + + good.filename = "${good_track}/bin/good_track"; + nice.filename = "${good_track}/bin/good_track"; + like.filename = "${good_track}/bin/good_track"; + + current.filename = "${print_current}/bin/print_current"; + suggest.filename = pkgs.writeDash "suggest" '' + echo "$@" >> playlist_suggest + ''; + }; + } + ]; + }; + } + ]; + }; + + krebs.htgen.radio = { + port = 8001; + user = { + name = "radio"; +