From 5dbb36955870955f643c89d65430d2440e747e3a Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 5 Sep 2021 20:22:06 +0200 Subject: l prism.r: add telegraf.nix --- lass/1systems/prism/config.nix | 3 +- lass/2configs/telegraf.nix | 67 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 69 insertions(+), 1 deletion(-) create mode 100644 lass/2configs/telegraf.nix (limited to 'lass') diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 421afab2a..6ce4332da 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -7,11 +7,12 @@ with import ; + + { services.nginx.enable = true; imports = [ - ]; # needed by domsen.nix ^^ lass.usershadow = { diff --git a/lass/2configs/telegraf.nix b/lass/2configs/telegraf.nix new file mode 100644 index 000000000..4f46cd721 --- /dev/null +++ b/lass/2configs/telegraf.nix @@ -0,0 +1,67 @@ +{ config, lib, pkgs, ... }: +let + isVM = lib.any (mod: mod == "xen-blkfront" || mod == "virtio_console") config.boot.initrd.kernelModules; +in { + + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-i retiolum -p tcp --dport 9273"; target = "ACCEPT"; } + ]; + + systemd.services.telegraf.path = [ pkgs.nvme-cli ]; + + services.telegraf = { + enable = true; + extraConfig = { + agent.interval = "60s"; + inputs = { + prometheus.metric_version = 2; + kernel_vmstat = { }; + # smart = lib.mkIf (!isVM) { + # path = pkgs.writeShellScript "smartctl" '' + # exec /run/wrappers/bin/sudo ${pkgs.smartmontools}/bin/smartctl "$@" + # ''; + # }; + system = { }; + mem = { }; + file = [{ + data_format = "influx"; + file_tag = "name"; + files = [ "/var/log/telegraf/*" ]; + }] ++ lib.optional (lib.any (fs: fs == "ext4") config.boot.supportedFilesystems) { + name_override = "ext4_errors"; + files = [ "/sys/fs/ext4/*/errors_count" ]; + data_format = "value"; + }; + exec = lib.optionalAttrs (lib.any (fs: fs == "zfs") config.boot.supportedFilesystems) { + ## Commands array + commands = [ + (pkgs.writeScript "zpool-health" '' + #!${pkgs.gawk}/bin/awk -f + BEGIN { + while ("${pkgs.zfs}/bin/zpool status" | getline) { + if ($1 ~ /pool:/) { printf "zpool_status,name=%s ", $2 } + if ($1 ~ /state:/) { printf " state=\"%s\",", $2 } + if ($1 ~ /errors:/) { + if (index($2, "No")) printf "errors=0i\n"; else printf "errors=%di\n", $2 + } + } + } + '') + ]; + data_format = "influx"; + }; + systemd_units = { }; + swap = { }; + disk.tagdrop = { + fstype = [ "tmpfs" "ramfs" "devtmpfs" "devfs" "iso9660" "overlay" "aufs" "squashfs" ]; + device = [ "rpc_pipefs" "lxcfs" "nsfs" "borgfs" ]; + }; + diskio = { }; + }; + outputs.prometheus_client = { + listen = ":9273"; + metric_version = 2; + }; + }; + }; +} -- cgit v1.2.3 From 5129440d6f13676cdeb998e6db705f820d9fbbbd Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 5 Sep 2021 22:52:06 +0200 Subject: l wizard: fix autologinUser --- lass/1systems/wizard/config.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/1systems/wizard/config.nix b/lass/1systems/wizard/config.nix index 8f9db7d3c..e158fa728 100644 --- a/lass/1systems/wizard/config.nix +++ b/lass/1systems/wizard/config.nix @@ -271,7 +271,7 @@ in { message = "lassulus: torify sshn root@"; }; systemd.services.hidden-ssh-announce.wantedBy = mkForce []; - services.mingetty.autologinUser = lib.mkForce "root"; + services.getty.autologinUser = lib.mkForce "root"; nixpkgs.config.packageOverrides = super: { dmenu = pkgs.writeDashBin "dmenu" '' -- cgit v1.2.3 From f2287d2024a5e3634ffb2115204aa4065afe2a4f Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 10 Sep 2021 09:22:08 +0200 Subject: l: add mumble.lassul.us for mumble-web --- lass/1systems/prism/config.nix | 14 +------------- lass/2configs/murmur.nix | 39 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 40 insertions(+), 13 deletions(-) create mode 100644 lass/2configs/murmur.nix (limited to 'lass') diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 6ce4332da..3a6ab25a4 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -276,19 +276,7 @@ with import ; { predicate = "-p udp --dport 60000:61000"; target = "ACCEPT";} ]; } - { - services.murmur = { - enable = true; - bandwidth = 10000000; - registerName = "lassul.us"; - autobanTime = 30; - }; - krebs.iptables.tables.filter.INPUT.rules = [ - { predicate = "-p tcp --dport 64738"; target = "ACCEPT";} - { predicate = "-p udp --dport 64738"; target = "ACCEPT";} - ]; - - } + { systemd.services."container@yellow".reloadIfChanged = mkForce false; containers.yellow = { diff --git a/lass/2configs/murmur.nix b/lass/2configs/murmur.nix new file mode 100644 index 000000000..9f325d0af --- /dev/null +++ b/lass/2configs/murmur.nix @@ -0,0 +1,39 @@ +{ config, lib, pkgs, ... }: +{ + services.murmur = { + enable = true; + bandwidth = 10000000; + registerName = "lassul.us"; + autobanTime = 30; + }; + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p tcp --dport 64738"; target = "ACCEPT";} + { predicate = "-p udp --dport 64738"; target = "ACCEPT";} + ]; + + systemd.services.docker-mumble-web.serviceConfig = { + StandardOutput = lib.mkForce "journal"; + StandardError = lib.mkForce "journal"; + }; + virtualisation.oci-containers.containers.mumble-web = { + image = "rankenstein/mumble-web"; + environment = { + MUMBLE_SERVER = "lassul.us:64738"; + }; + ports = [ + "64739:8080" + ]; + }; + + services.nginx.virtualHosts."mumble.lassul.us" = { + enableACME = true; + forceSSL = true; + locations."/".extraConfig = '' + proxy_pass http://localhost:64739/; + proxy_set_header Accept-Encoding ""; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + ''; + }; +} -- cgit v1.2.3 From b8cd625a70fdd8811b8c5bfd0abf17a00c2e628c Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 10 Sep 2021 09:23:02 +0200 Subject: l: add lasspi & domsen-pixel hosts --- lass/1systems/lasspi/config.nix | 26 +++++++++++++++++++++++ lass/1systems/lasspi/physical.nix | 43 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 69 insertions(+) create mode 100644 lass/1systems/lasspi/config.nix create mode 100644 lass/1systems/lasspi/physical.nix (limited to 'lass') diff --git a/lass/1systems/lasspi/config.nix b/lass/1systems/lasspi/config.nix new file mode 100644 index 000000000..9f823dfc8 --- /dev/null +++ b/lass/1systems/lasspi/config.nix @@ -0,0 +1,26 @@ +with import ; +{ config, lib, pkgs, ... }: +let +in +{ + imports = [ + + + + ]; + + krebs.build.host = config.krebs.hosts.lasspi; + + networking = { + networkmanager = { + enable = true; + }; + }; + environment.systemPackages = with pkgs; [ + vim + rxvt_unicode.terminfo + ]; + services.openssh.enable = true; + + system.stateVersion = "21.05"; +} diff --git a/lass/1systems/lasspi/physical.nix b/lass/1systems/lasspi/physical.nix new file mode 100644 index 000000000..80c459a95 --- /dev/null +++ b/lass/1systems/lasspi/physical.nix @@ -0,0 +1,43 @@ +{ config, lib, pkgs, ... }: +{ + # This configuration worked on 09-03-2021 nixos-unstable @ commit 102eb68ceec + # The image used https://hydra.nixos.org/build/134720986 + imports = [ + ./config.nix + ]; + + boot = { + # kernelPackages = pkgs.linuxPackages_rpi4; + tmpOnTmpfs = true; + initrd.availableKernelModules = [ "usbhid" "usb_storage" ]; + # ttyAMA0 is the serial console broken out to the GPIO + kernelParams = [ + "8250.nr_uarts=1" + "console=ttyAMA0,115200" + "console=tty1" + # Some gui programs need this + "cma=128M" + ]; + }; + + boot.loader.raspberryPi = { + enable = true; + version = 4; + }; + boot.loader.grub.enable = false; + boot.loader.generic-extlinux-compatible.enable = true; + + # Required for the Wireless firmware + hardware.enableRedistributableFirmware = true; + + # Assuming this is installed on top of the disk image. + fileSystems = { + "/" = { + device = "/dev/disk/by-label/NIXOS_SD"; + fsType = "ext4"; + options = [ "noatime" ]; + }; + }; + + powerManagement.cpuFreqGovernor = "ondemand"; +} -- cgit v1.2.3 From 04ba40838dc4d3b644bf8af2d4da7c0ea417e7c4 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 14 Sep 2021 19:18:53 +0200 Subject: l coaxmetal.r: use default kernel --- lass/1systems/coaxmetal/physical.nix | 2 -- 1 file changed, 2 deletions(-) (limited to 'lass') diff --git a/lass/1systems/coaxmetal/physical.nix b/lass/1systems/coaxmetal/physical.nix index 3632ffd3e..d3810e768 100644 --- a/lass/1systems/coaxmetal/physical.nix +++ b/lass/1systems/coaxmetal/physical.nix @@ -22,8 +22,6 @@ ]; hardware.opengl.extraPackages = [ pkgs.amdvlk ]; - # is required for amd graphics support ( xorg wont boot otherwise ) - boot.kernelPackages = pkgs.linuxPackages_latest; environment.variables.VK_ICD_FILENAMES = "/run/opengl-driver/share/vulkan/icd.d/amd_icd64.json"; -- cgit v1.2.3 From 8acf89ffdb51e4727abe7538c89f854329ef7fa3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 15 Sep 2021 21:23:29 +0200 Subject: l prism.r: add docker workaround for mumble-web firewall --- lass/1systems/prism/config.nix | 1 + lass/2configs/docker.nix | 6 ++++++ 2 files changed, 7 insertions(+) create mode 100644 lass/2configs/docker.nix (limited to 'lass') diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 3a6ab25a4..d43fb804a 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -277,6 +277,7 @@ with import ; ]; } + { systemd.services."container@yellow".reloadIfChanged = mkForce false; containers.yellow = { diff --git a/lass/2configs/docker.nix b/lass/2configs/docker.nix new file mode 100644 index 000000000..2bc3a2361 --- /dev/null +++ b/lass/2configs/docker.nix @@ -0,0 +1,6 @@ +{ pkgs, lib, config, ... }: +{ + systemd.services.krebs-iptables.serviceConfig.ExecStartPost = pkgs.writeDash "kick_docker" '' + ${pkgs.systemd}/bin/systemctl restart docker.service + ''; +} -- cgit v1.2.3 From bcc305c30723c167f5189229edd2480214f0bebf Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 16 Sep 2021 08:32:30 +0200 Subject: l coaxmetal.r: add config for trackpoint/trackpad --- lass/1systems/coaxmetal/physical.nix | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) (limited to 'lass') diff --git a/lass/1systems/coaxmetal/physical.nix b/lass/1systems/coaxmetal/physical.nix index d3810e768..b033477fe 100644 --- a/lass/1systems/coaxmetal/physical.nix +++ b/lass/1systems/coaxmetal/physical.nix @@ -45,7 +45,25 @@ services.logind.lidSwitch = "ignore"; services.logind.lidSwitchDocked = "ignore"; - boot.extraModprobeConfig = '' - options psmouse proto=imps + + # Mouse stuff + services.xserver.libinput.enable = lib.mkForce false; + services.xserver.synaptics.enable = true; + + services.xserver.displayManager.sessionCommands = '' + xinput disable 'ETPS/2 Elantech Touchpad' + xinput set-prop 'ETPS/2 Elantech TrackPoint' 'Evdev Wheel Emulation' 1 + xinput set-prop 'ETPS/2 Elantech TrackPoint' 'Evdev Wheel Emulation Button' 2 + xinput set-prop 'ETPS/2 Elantech TrackPoint' 'Evdev Wheel Emulation Axes' 6 7 4 5 ''; + + # https://forums.lenovo.com/t5/Fedora/T14s-AMD-Trackpoint-almost-unusable/m-p/5064952?page=4 + # https://bugzilla.kernel.org/show_bug.cgi?id=209167#c1 + boot.kernelPatches = [{ + name = "fix-trackpoint-jumping"; + patch = pkgs.fetchurl { + url = "https://patchwork.kernel.org/project/linux-input/patch/20210729010940.5752-1-phoenix@emc.com.tw/raw/"; + sha256 = "0apbf7c8w830dbdsrmxpip90d5zbg74a939x89jfgpvm5gbdqdjg"; + }; + }]; } -- cgit v1.2.3 From 48421ac4b07a9a3c21ffa932d6cb817ddcbd8e1f Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 19 Sep 2021 16:47:25 +0200 Subject: l domsen: add illustra.de --- lass/2configs/websites/domsen.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass') diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index e603f49da..5da4b0ae2 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -28,6 +28,7 @@ in { (servePage [ "aldonasiech.com" "www.aldonasiech.com" ]) (servePage [ "apanowicz.de" "www.apanowicz.de" ]) (servePage [ "reich-gebaeudereinigung.de" "www.reich-gebaeudereinigung.de" ]) + (servePage [ "illustra.de" "www.illustra.de" ]) (servePage [ "freemonkey.art" "www.freemonkey.art" -- cgit v1.2.3 From a602201eb253ee297f51b605881f42c7b71e4768 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 19 Sep 2021 16:48:05 +0200 Subject: l domsen: set nextcloud pw via krebs.secret --- lass/2configs/websites/domsen.nix | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 5da4b0ae2..453ecff8c 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -89,12 +89,18 @@ in { file_uploads = on ''; + krebs.secret.files.nextcloud_pw = { + path = "/run/nextcloud.pw"; + owner.name = "nextcloud"; + group-name = "nextcloud"; + source-path = toString + "/nextcloud_pw"; + }; services.nextcloud = { enable = true; hostName = "o.xanf.org"; package = pkgs.nextcloud20; config = { - adminpassFile = toString + "/nextcloud_pw"; + adminpassFile = "/run/nextcloud.pw"; overwriteProtocol = "https"; }; https = true; -- cgit v1.2.3 From 41d90b07e021ff19156aaec0bc9336c2cbc4442c Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 19 Sep 2021 16:48:21 +0200 Subject: l domsen: pin php to 7.3 --- lass/2configs/websites/domsen.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass') diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 453ecff8c..1032ea19d 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -82,6 +82,7 @@ in { "o_ubikmedia_de" ]; + services.phpfpm.phpPackage = pkgs.php73; services.phpfpm.phpOptions = '' sendmail_path = ${sendmail} -t upload_max_filesize = 100M -- cgit v1.2.3 From d5e692105fe23ab5a90eb020c75eaf8c22d37ecb Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 19 Sep 2021 16:48:37 +0200 Subject: l domsen nextcloud: 20 -> 21 --- lass/2configs/websites/domsen.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 1032ea19d..88888c099 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -99,7 +99,7 @@ in { services.nextcloud = { enable = true; hostName = "o.xanf.org"; - package = pkgs.nextcloud20; + package = pkgs.nextcloud21; config = { adminpassFile = "/run/nextcloud.pw"; overwriteProtocol = "https"; -- cgit v1.2.3 From 924752a609c4ac890f77043aebd97339812d8402 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 19 Sep 2021 16:49:04 +0200 Subject: l domsen: dont createHome on shared user --- lass/2configs/websites/domsen.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 88888c099..567f6033e 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -186,7 +186,7 @@ in { group = "xanf"; home = "/home/xanf"; useDefaultShell = true; - createHome = true; + createHome = false; # creathome forces permissions isNormalUser = true; }; -- cgit v1.2.3 From c1b390bfef47f6c40ee2aea08784100ee5e73b4a Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 19 Sep 2021 16:49:34 +0200 Subject: l domsen: fix permissions --- lass/2configs/websites/domsen.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'lass') diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 567f6033e..45406a407 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -340,14 +340,14 @@ in { ''; krebs.permown = { - "/backups/domsen" = { - owner = "backup"; + "/srv/http" = { group = "syncthing"; + owner = "nginx"; umask = "0007"; }; - "/srv/http" = { - owner = "syncthing"; - group = "nginx"; + "/home/xanf/XANF_TEAM" = { + owner = "XANF_TEAM"; + group = "xanf"; umask = "0007"; }; }; -- cgit v1.2.3 From 6915a8dcc3e8cfccc223bada053612ea64085ef0 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 19 Sep 2021 16:49:46 +0200 Subject: l domsen: add more users --- lass/2configs/websites/domsen.nix | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'lass') diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 45406a407..40f67537e 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -299,6 +299,24 @@ in { isNormalUser = true; }; + users.users.movematchers = { + uid = genid_uint31 "movematchers"; + home = "/home/movematchers"; + useDefaultShell = true; + extraGroups = [ "xanf" ]; + createHome = true; + isNormalUser = true; + }; + + users.users.blackphoton = { + uid = genid_uint31 "blackphoton"; + home = "/home/blackphoton"; + useDefaultShell = true; + extraGroups = [ "xanf" ]; + createHome = true; + isNormalUser = true; + }; + users.groups.xanf = {}; krebs.on-failure.plans.restic-backups-domsen = { -- cgit v1.2.3 From a324b1add1f7b8b14ae7309840915f238e0985e2 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 22 Sep 2021 11:24:07 +0200 Subject: l pkgs.proxychain-ng: init at 4.15 --- lass/5pkgs/proxychains-ng/default.nix | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 lass/5pkgs/proxychains-ng/default.nix (limited to 'lass') diff --git a/lass/5pkgs/proxychains-ng/default.nix b/lass/5pkgs/proxychains-ng/default.nix new file mode 100644 index 000000000..488293f7c --- /dev/null +++ b/lass/5pkgs/proxychains-ng/default.nix @@ -0,0 +1,16 @@ +{ lib +, stdenv +, fetchFromGitHub +}: + +stdenv.mkDerivation rec { + pname = "proxychains-ng"; + version = "4.15"; + + src = fetchFromGitHub { + owner = "rofl0r"; + repo = pname; + rev = "v${version}"; + sha256 = "128d502y8pn7q2ls6glx9bvibwzfh321sah5r5li6b6iywh2zqlc"; + }; +} -- cgit v1.2.3 From 9472181f2880c3558fcc80439cd9b92ef2b3b086 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 22 Sep 2021 11:24:32 +0200 Subject: l sshify: init --- lass/2configs/default.nix | 1 + lass/5pkgs/sshify/default.nix | 38 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 39 insertions(+) create mode 100644 lass/5pkgs/sshify/default.nix (limited to 'lass') diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index adfeef19d..eb38d0e97 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -117,6 +117,7 @@ with import ; iftop tcpdump mosh + sshify #stuff for dl aria2 diff --git a/lass/5pkgs/sshify/default.nix b/lass/5pkgs/sshify/default.nix new file mode 100644 index 000000000..aba0ab6bb --- /dev/null +++ b/lass/5pkgs/sshify/default.nix @@ -0,0 +1,38 @@ +{ pkgs }: +pkgs.writers.writeBashBin "sshify" '' + set -efu + + TMPDIR=$(mktemp -d) + + SSH_ARGS=() + + while [[ "$#" -gt 0 ]]; do + case $1 in + --) + shift + break + ;; + *) + SSH_ARGS+=($1) + ;; + esac + shift + done + + if [[ "$#" -le 0 ]]; then + echo no command specified + exit 1 + fi + + RANDOM_HIGH_PORT=$(shuf -i 20000-65000 -n 1) + + cat << EOF >$TMPDIR/proxychains.conf + [ProxyList] + socks4 127.0.0.1 $RANDOM_HIGH_PORT + EOF + + ssh -fNM -S "$TMPDIR/socket" -D "$RANDOM_HIGH_PORT" "''${SSH_ARGS[@]}" + trap "ssh -S $TMPDIR/socket -O exit bla 2>/dev/null; rm -rf $TMPDIR >&2" EXIT + + ${pkgs.proxychains-ng}/bin/proxychains4 -q -f "$TMPDIR/proxychains.conf" "$@" +'' -- cgit v1.2.3 From f636869f26513deff75470d5e750a06d2b7b24e0 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 24 Sep 2021 16:57:18 +0200 Subject: l: switch from pulse to pipewire --- lass/2configs/baseX.nix | 11 ++----- lass/2configs/pipewire.nix | 72 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 74 insertions(+), 9 deletions(-) create mode 100644 lass/2configs/pipewire.nix (limited to 'lass') diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 655e7912f..23eaa2802 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -10,14 +10,7 @@ in { ./urxvt.nix ./xdg-open.nix ./yubikey.nix - { - hardware.pulseaudio = { - enable = true; - systemWide = true; - }; - security.rtkit.enable = true; - sound.enableOSSEmulation = false; - } + ./pipewire.nix ./xmonad.nix { krebs.per-user.lass.packages = [ @@ -50,7 +43,7 @@ in { } ]; - users.extraUsers.mainUser.extraGroups = [ "audio" "video" ]; + users.users.mainUser.extraGroups = [ "audio" "video" ]; time.timeZone = "Europe/Berlin"; diff --git a/lass/2configs/pipewire.nix b/lass/2configs/pipewire.nix new file mode 100644 index 000000000..8fdcff4e3 --- /dev/null +++ b/lass/2configs/pipewire.nix @@ -0,0 +1,72 @@ +{ config, lib, pkgs, ... }: +# TODO test `alsactl init` after suspend to reinit mic +{ + security.rtkit.enable = true; + + hardware.bluetooth = { + enable = true; + powerOnBoot = true; + }; + + # autostart with login + systemd.user.services.pipewire-pulse = { + wantedBy = [ "graphical-session.target" ]; + }; + + environment.systemPackages = with pkgs; [ + alsaUtils + pulseaudioLight + ]; + + environment.variables.PULSE_SERVER = "localhost:4713"; + services.pipewire = { + enable = true; + socketActivation = false; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + jack.enable = true; + # https://gitlab.freedesktop.org/pipewire/pipewire/-/wikis/Migrate-PulseAudio#module-native-protocol-tcp + config.pipewire-pulse = { + "context.properties" = { + "log.level" = 2; + }; + "context.modules" = [ + { + name = "libpipewire-module-rtkit"; + # args = { + # "nice.level" = -15; + # "rt.prio" = 88; + # "rt.time.soft" = 200000; + # "rt.time.hard" = 200000; + # }; + flags = [ "ifexists" "nofail" ]; + } + { name = "libpipewire-module-protocol-native"; } + { name = "libpipewire-module-client-node"; } + { name = "libpipewire-module-adapter"; } + { name = "libpipewire-module-metadata"; } + { + name = "libpipewire-module-protocol-pulse"; + args = { + "vm.overrides" = { + # "pulse.min.req" = "32/48000"; + # "pulse.default.req" = "32/48000"; + # "pulse.max.req" = "32/48000"; + "pulse.min.quantum" = "1024/48000"; + # "pulse.max.quantum" = "32/48000"; + }; + "server.address" = [ + "unix:native" + "tcp:4713" + ]; + }; + } + ]; + "stream.properties" = { + # "node.latency" = "32/48000"; + # "resample.quality" = 1; + }; + }; + }; +} -- cgit v1.2.3