From 8748cbe3e182b99bbf81ee7d830111bc3930dc95 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 19 Nov 2020 01:39:10 +0100 Subject: ma ham: add light toggle switches --- makefu/2configs/ham/automation/light_buttons.nix | 33 ++++++++++++++++++++++++ makefu/2configs/ham/default.nix | 1 + makefu/2configs/ham/light/groups.nix | 2 +- 3 files changed, 35 insertions(+), 1 deletion(-) create mode 100644 makefu/2configs/ham/automation/light_buttons.nix (limited to 'makefu') diff --git a/makefu/2configs/ham/automation/light_buttons.nix b/makefu/2configs/ham/automation/light_buttons.nix new file mode 100644 index 00000000..7b43027f --- /dev/null +++ b/makefu/2configs/ham/automation/light_buttons.nix @@ -0,0 +1,33 @@ +let + toggle = light: btn: + { + alias = "Toggle Light ${light} via ${btn}"; + trigger = { + platform = "state"; + entity_id = "sensor.${btn}_click"; + to = "single"; + }; + action = { + service = "light.toggle"; + entity = light; + }; + }; + turn_off_all = btn: + { + alias = "Turn of all lights via ${btn} double click"; + trigger = { + platform = "state"; + entity_id = "sensor.${btn}_click"; + to = "double"; + }; + action = { + service = "light.turn_off"; + entity = "light.alle_lichter"; + }; + }; +in { + services.home-assistant.config.automation = [ + (toggle "light.wohnzimmer_lichter" "btn3") + (turn_off_all "btn3") + ]; +} diff --git a/makefu/2configs/ham/default.nix b/makefu/2configs/ham/default.nix index 9e3f7f66..1cd06f6a 100644 --- a/makefu/2configs/ham/default.nix +++ b/makefu/2configs/ham/default.nix @@ -26,6 +26,7 @@ in { ./calendar/nextcloud.nix ./automation/firetv_restart.nix + ./automation/light_buttons.nix ./light/groups.nix ]; diff --git a/makefu/2configs/ham/light/groups.nix b/makefu/2configs/ham/light/groups.nix index e1812b68..274fd60a 100644 --- a/makefu/2configs/ham/light/groups.nix +++ b/makefu/2configs/ham/light/groups.nix @@ -13,7 +13,7 @@ let "light.wohnzimmer_stehlampe_osram_light" ]; schlafzimmer_licht = [ - "schlafzimmer_komode_osram_light" + "light.schlafzimmer_komode_osram_light" ]; in { services.home-assistant.config.light = [ -- cgit v1.2.3 From 3417a4f8908ec157c0d6a10af0a0b053f231376c Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 19 Nov 2020 01:39:34 +0100 Subject: ma zsh: use plugin directly from navi src --- makefu/2configs/home-manager/zsh.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/2configs/home-manager/zsh.nix b/makefu/2configs/home-manager/zsh.nix index 862ee5df..8d6c1f2f 100644 --- a/makefu/2configs/home-manager/zsh.nix +++ b/makefu/2configs/home-manager/zsh.nix @@ -52,6 +52,7 @@ xo = "mimeopen"; nmap = "nmap -oN $HOME/loot/scan-`date +\%s`.nmap -oX $HOME/loot/scan-`date +%s`.xml"; }; + # navi package does not come with the navi.plugin.zsh anymore so we use .src initExtra = '' bindkey -e # shift-tab @@ -69,7 +70,7 @@ zstyle ':completion::complete:secrets::' prefix "$HOME/.secrets-pass/" # navi - source ${pkgs.navi}/share/navi/shell/navi.plugin.zsh + . ${pkgs.navi.src}/shell/navi.plugin.zsh # ctrl-x ctrl-e autoload -U compinit && compinit autoload -U edit-command-line -- cgit v1.2.3 From 9d32c9731b90afe0f2227979185364efbe6e0ef4 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 2 Dec 2020 22:26:24 +0100 Subject: ma pkgs.awesomecfg: fix eval error for nur --- makefu/5pkgs/awesomecfg/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/5pkgs/awesomecfg/default.nix b/makefu/5pkgs/awesomecfg/default.nix index acbe61f3..7a4d3013 100644 --- a/makefu/5pkgs/awesomecfg/default.nix +++ b/makefu/5pkgs/awesomecfg/default.nix @@ -6,7 +6,7 @@ , blueman , clipit , flameshot -, chapter-marker +, chapter-marker ? false , modkey ? "Mod4" , locker? "${pkgs.xlock}/bin/xlock -mode blank" , ... }: -- cgit v1.2.3 From db80207267dd750d6e5fce0a4c15961aa324627b Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 16 Dec 2020 16:10:08 +0100 Subject: ma anon-sftp: init --- makefu/2configs/ham/light/groups.nix | 41 ------------------------------ makefu/2configs/ham/light/schlafzimmer.nix | 41 ++++++++++++++++++++++++++++++ makefu/2configs/share/anon-sftp.nix | 25 ++++++++++++++++++ 3 files changed, 66 insertions(+), 41 deletions(-) delete mode 100644 makefu/2configs/ham/light/groups.nix create mode 100644 makefu/2configs/ham/light/schlafzimmer.nix create mode 100644 makefu/2configs/share/anon-sftp.nix (limited to 'makefu') diff --git a/makefu/2configs/ham/light/groups.nix b/makefu/2configs/ham/light/groups.nix deleted file mode 100644 index 274fd60a..00000000 --- a/makefu/2configs/ham/light/groups.nix +++ /dev/null @@ -1,41 +0,0 @@ -let - arbeitszimmer_licht = [ - "light.led_wand" - "light.arbeitszimmer_led1_led_strip" # LED-Kreis in cube - "light.arbeitszimmer_flur_osram_light" - "light.arbeitszimmer_schrank_dimmer_light" - "light.arbeitszimmer_schrank_osram_light" - ]; - wohnzimmer_licht = [ - "light.wohnzimmer_fernseher_led_strip" # led um fernseher - "light.wohnzimmer_komode_osram_light" - "light.wohnzimmer_schrank_osram_light" - "light.wohnzimmer_stehlampe_osram_light" - ]; - schlafzimmer_licht = [ - "light.schlafzimmer_komode_osram_light" - ]; -in { - services.home-assistant.config.light = [ - { - platform = "group"; - name = "Arbeitszimmer Lichter"; - entities = arbeitszimmer_licht; - } - { - platform = "group"; - name = "Wohnzimmer Lichter"; - entities = wohnzimmer_licht; - } - { - platform = "group"; - name = "Schlafzimmer Lichter"; - entities = schlafzimmer_licht; - } - { - platform = "group"; - name = "Alle Lichter"; - entities = arbeitszimmer_licht ++ wohnzimmer_licht ++ schlafzimmer_licht; - } - ]; -} diff --git a/makefu/2configs/ham/light/schlafzimmer.nix b/makefu/2configs/ham/light/schlafzimmer.nix new file mode 100644 index 00000000..274fd60a --- /dev/null +++ b/makefu/2configs/ham/light/schlafzimmer.nix @@ -0,0 +1,41 @@ +let + arbeitszimmer_licht = [ + "light.led_wand" + "light.arbeitszimmer_led1_led_strip" # LED-Kreis in cube + "light.arbeitszimmer_flur_osram_light" + "light.arbeitszimmer_schrank_dimmer_light" + "light.arbeitszimmer_schrank_osram_light" + ]; + wohnzimmer_licht = [ + "light.wohnzimmer_fernseher_led_strip" # led um fernseher + "light.wohnzimmer_komode_osram_light" + "light.wohnzimmer_schrank_osram_light" + "light.wohnzimmer_stehlampe_osram_light" + ]; + schlafzimmer_licht = [ + "light.schlafzimmer_komode_osram_light" + ]; +in { + services.home-assistant.config.light = [ + { + platform = "group"; + name = "Arbeitszimmer Lichter"; + entities = arbeitszimmer_licht; + } + { + platform = "group"; + name = "Wohnzimmer Lichter"; + entities = wohnzimmer_licht; + } + { + platform = "group"; + name = "Schlafzimmer Lichter"; + entities = schlafzimmer_licht; + } + { + platform = "group"; + name = "Alle Lichter"; + entities = arbeitszimmer_licht ++ wohnzimmer_licht ++ schlafzimmer_licht; + } + ]; +} diff --git a/makefu/2configs/share/anon-sftp.nix b/makefu/2configs/share/anon-sftp.nix new file mode 100644 index 00000000..7cde9317 --- /dev/null +++ b/makefu/2configs/share/anon-sftp.nix @@ -0,0 +1,25 @@ +{ config, lib, pkgs, ... }: + +with import ; +{ + services.openssh = { + allowSFTP = true; + sftpFlags = [ "-l VERBOSE" ]; + extraConfig = '' + Match User anonymous + ForceCommand internal-sftp + AllowTcpForwarding no + X11Forwarding no + PasswordAuthentication no + ''; + }; + + users.users.anonymous = { + uid = genid "anonymous"; + useDefaultShell = false; + password = "anonymous"; + home = "/media/anon"; + createHome = true; + }; + +} -- cgit v1.2.3 From 60a492344bf224982978fd6765aaaadbaf4effc1 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 30 Dec 2020 11:02:21 +0100 Subject: ma ham: update config --- makefu/2configs/ham/automation/giesskanne.nix | 102 +++++++++++++++++++++ makefu/2configs/ham/automation/light_buttons.nix | 19 +++- makefu/2configs/ham/automation/urlaub.nix | 44 +++++++++ .../ham/automation/wohnzimmer_rf_fernbedienung.nix | 61 ++++++++++++ makefu/2configs/ham/default.nix | 9 +- makefu/2configs/ham/light/arbeitszimmer.nix | 24 +++++ makefu/2configs/ham/light/schlafzimmer.nix | 33 +------ makefu/2configs/ham/light/wohnzimmer.nix | 24 +++++ 8 files changed, 280 insertions(+), 36 deletions(-) create mode 100644 makefu/2configs/ham/automation/giesskanne.nix create mode 100644 makefu/2configs/ham/automation/urlaub.nix create mode 100644 makefu/2configs/ham/automation/wohnzimmer_rf_fernbedienung.nix create mode 100644 makefu/2configs/ham/light/arbeitszimmer.nix create mode 100644 makefu/2configs/ham/light/wohnzimmer.nix (limited to 'makefu') diff --git a/makefu/2configs/ham/automation/giesskanne.nix b/makefu/2configs/ham/automation/giesskanne.nix new file mode 100644 index 00000000..d89ea595 --- /dev/null +++ b/makefu/2configs/ham/automation/giesskanne.nix @@ -0,0 +1,102 @@ +# uses: +# switch.crafting_giesskanne_relay +let + cam = { + name = "chilicam"; + camera = "camera.espcam_02"; + light = "light.espcam_02_light"; + seconds = 60; # default shutoff to protect the LED from burning out + }; + seconds = 6; + pump = "switch.arbeitszimmer_giesskanne_relay"; + # sensor = "sensor.statistics_for_sensor_crafting_brotbox_soil_moisture"; +in +{ + services.home-assistant.config = + { + #sensor = map ( entity_id: { + # platform = "statistics"; + # name = "Statistics for ${entity_id}"; + # inherit entity_id; + # max_age.minutes = "60"; + # sampling_size = 1000; + # }) [ "sensor.crafting_brotbox_soil_moisture" ]; + + automation = + [ + + ##### brotbox + { alias = "Water the plant for ${toString seconds} seconds"; + trigger = [ + { # trigger at 23:15 no matter what + # TODO: retry or run only if switch.wasser is available + platform = "time"; + at = "23:15:00"; + } + ]; + action = + [ + { # take a snapshot before watering + service = "homeassistant.turn_on"; + entity_id = [ cam.light ]; + } + { # TODO: we could also create a recording with camera.record + service = "camera.snapshot"; + data = { + entity_id = cam.camera; + # TODO: create /var/lib/hass/cam/ - now being done manually + filename = "/var/lib/hass/cam/${cam.name}_{{ now().strftime('%Y%m%d-%H%M%S') }}.jpg"; + }; + } + + { # now turn on the pumping services + # i do not start hte pump and light before the snapshot because i do + # not know how long it takes (do not want to water the plants for too long) + service = "homeassistant.turn_on"; + entity_id = [ pump ]; + } + { delay.seconds = seconds; } + { + service = "homeassistant.turn_off"; + entity_id = [ pump cam.light ]; + } + ]; + } + { alias = "Always turn off the light after ${toString (cam.seconds)}s"; + trigger = [ + { + platform = "state"; + entity_id = cam.light; + to = "on"; + for.seconds = cam.seconds; + } + ]; + action = + [ + { + service = "homeassistant.turn_off"; + entity_id = [ pump cam.light ]; + } + ]; + } + + { alias = "Always turn off water after ${toString (seconds * 2)}s"; + trigger = [ + { + platform = "state"; + entity_id = pump; + to = "on"; + for.seconds = seconds*2; + } + ]; + action = + [ + { + service = "homeassistant.turn_off"; + entity_id = [ pump cam.light ]; + } + ]; + } + ]; + }; +} diff --git a/makefu/2configs/ham/automation/light_buttons.nix b/makefu/2configs/ham/automation/light_buttons.nix index 7b43027f..32d134ec 100644 --- a/makefu/2configs/ham/automation/light_buttons.nix +++ b/makefu/2configs/ham/automation/light_buttons.nix @@ -1,3 +1,9 @@ +# light.wohnzimmerbeleuchtung +# light.wohnzimmer_deko +# light.arbeitszimmerbeleuchtung +# light.arbeitszimmer_deko +# light.schlafzimmerbeleuchtung + let toggle = light: btn: { @@ -9,7 +15,8 @@ let }; action = { service = "light.toggle"; - entity = light; + data.entity_id = light; + data.transition = 0; }; }; turn_off_all = btn: @@ -22,12 +29,16 @@ let }; action = { service = "light.turn_off"; - entity = "light.alle_lichter"; + entity_id = "all"; }; }; in { services.home-assistant.config.automation = [ - (toggle "light.wohnzimmer_lichter" "btn3") - (turn_off_all "btn3") + (toggle "light.arbeitszimmerbeleuchtung" "arbeitszimmer_btn1") + (toggle "light.schlafzimmerbeleuchtung" "schlafzimmer_btn2") + (toggle "light.wohnzimmerbeleuchtung" "wohnzimmer_btn3") + (turn_off_all "arbeitszimmer_btn1") + (turn_off_all "schlafzimmer_btn2") + (turn_off_all "wohnzimmer_btn3") ]; } diff --git a/makefu/2configs/ham/automation/urlaub.nix b/makefu/2configs/ham/automation/urlaub.nix new file mode 100644 index 00000000..a6b9be96 --- /dev/null +++ b/makefu/2configs/ham/automation/urlaub.nix @@ -0,0 +1,44 @@ +# uses: +# light.wohnzimmer_schrank_osram +# light.wohnzimmer_fernseher_led_strip +# "all" lights + +let + schranklicht = "light.wohnzimmer_schrank_osram"; + fernsehlicht = "light.wohnzimmer_fernseher_led_strip"; + final_off = "01:00"; + + turn_on = entity_id: at: + { alias = "Turn on ${entity_id} at ${at}"; + trigger = [ + { platform = "time"; inherit at; } + ]; + action = + [ + { service = "light.turn_on"; inherit entity_id; } + ]; + }; +in +{ + services.home-assistant.config = + { + automation = + [ + (turn_on schranklicht "17:30") + (turn_on fernsehlicht "19:00") + + { alias = "Always turn off the urlaub lights at ${final_off}"; + trigger = [ + { platform = "time"; at = final_off; } + ]; + action = + [ + { + service = "light.turn_off"; + entity_id = [ schranklicht fernsehlicht ]; + } + ]; + } + ]; + }; +} diff --git a/makefu/2configs/ham/automation/wohnzimmer_rf_fernbedienung.nix b/makefu/2configs/ham/automation/wohnzimmer_rf_fernbedienung.nix new file mode 100644 index 00000000..f0609466 --- /dev/null +++ b/makefu/2configs/ham/automation/wohnzimmer_rf_fernbedienung.nix @@ -0,0 +1,61 @@ +# This module maps the RF433 Remote Control to zigbee and wifi lights +let + rf_turn_off = code: light: + { + alias = "Turn off ${light} via rf code ${code}"; + trigger = { + platform = "event"; + event_type = "esphome.rf_code_received"; + event_data.code = code; + }; + action = { + service = "light.turn_off"; + data.entity_id = light; + }; + }; + rf_turn_on = code: light: + { + alias = "Turn on ${light} via rf code ${code}"; + trigger = { + platform = "event"; + event_type = "esphome.rf_code_received"; + event_data.code = code; + }; + action = { + service = "light.turn_on"; + data.entity_id = light; + }; + }; + rf_toggle = code: light: + { + alias = "Toggle ${light} via rf code ${code}"; + trigger = { + platform = "event"; + event_type = "esphome.rf_code_received"; + event_data.code = code; + }; + action = { + service = "light.toggle"; + data.entity_id = light; + }; + }; + +in +{ + services.home-assistant.config.automation = [ + (rf_toggle "400551" "light.wohnzimmer_fernseher_led_strip") # A + (rf_toggle "401151" "light.wohnzimmer_stehlampe_osram") # B + (rf_toggle "401451" "light.wohnzimmer_komode_osram") # C + (rf_toggle "401511" "light.wohnzimmer_schrank_osram") # D + + # OFF Lane + (rf_turn_off "400554" "all") # A + (rf_toggle "401154" "light.wohnzimmer_fenster_lichterkette_licht") # B + (rf_toggle "401454" "light.wohnzimmer_fernsehwand_led") # C + # (rf_toggle "401514" "") # D + ]; + # "400554" # A OFF + # "401154" # B OFF + # "401454" # C OFF + # "401514" # D OFF +} diff --git a/makefu/2configs/ham/default.nix b/makefu/2configs/ham/default.nix index 1cd06f6a..d610fa5c 100644 --- a/makefu/2configs/ham/default.nix +++ b/makefu/2configs/ham/default.nix @@ -17,7 +17,7 @@ in { # ./multi/flurlicht.nix ./multi/kurzzeitwecker.nix ./multi/the_playlist.nix - ./multi/fliegen-couter.nix + # ./multi/fliegen-couter.nix ./device_tracker/openwrt.nix @@ -27,8 +27,13 @@ in { ./automation/firetv_restart.nix ./automation/light_buttons.nix + ./automation/wohnzimmer_rf_fernbedienung.nix + ./automation/giesskanne.nix + ./automation/urlaub.nix - ./light/groups.nix + ./light/arbeitszimmer.nix + ./light/schlafzimmer.nix + ./light/wohnzimmer.nix ]; services.home-assistant = { diff --git a/makefu/2configs/ham/light/arbeitszimmer.nix b/makefu/2configs/ham/light/arbeitszimmer.nix new file mode 100644 index 00000000..bc60678b --- /dev/null +++ b/makefu/2configs/ham/light/arbeitszimmer.nix @@ -0,0 +1,24 @@ +let + arbeitszimmer_deko = [ + "light.led_wand" + "light.box_led_status" + "light.arbeitszimmer_led1_led_strip" # LED-Kreis in cube + ]; + arbeitszimmerbeleuchtung = [ + "light.arbeitszimmer_schrank_dimmer" + "light.arbeitszimmer_kerze" # arbeitszimmer_kerze + ]; +in { + services.home-assistant.config.light = [ + { + platform = "group"; + name = "Arbeitszimmerbeleuchtung"; + entities = arbeitszimmerbeleuchtung; + } + { + platform = "group"; + name = "Arbeitszimmer Deko"; + entities = arbeitszimmer_deko; + } + ]; +} diff --git a/makefu/2configs/ham/light/schlafzimmer.nix b/makefu/2configs/ham/light/schlafzimmer.nix index 274fd60a..e5370e3f 100644 --- a/makefu/2configs/ham/light/schlafzimmer.nix +++ b/makefu/2configs/ham/light/schlafzimmer.nix @@ -1,41 +1,14 @@ let - arbeitszimmer_licht = [ - "light.led_wand" - "light.arbeitszimmer_led1_led_strip" # LED-Kreis in cube - "light.arbeitszimmer_flur_osram_light" - "light.arbeitszimmer_schrank_dimmer_light" - "light.arbeitszimmer_schrank_osram_light" - ]; - wohnzimmer_licht = [ - "light.wohnzimmer_fernseher_led_strip" # led um fernseher - "light.wohnzimmer_komode_osram_light" - "light.wohnzimmer_schrank_osram_light" - "light.wohnzimmer_stehlampe_osram_light" - ]; schlafzimmer_licht = [ - "light.schlafzimmer_komode_osram_light" + "light.schlafzimmer_komode_osram" + # "light.schlafzimmer_schrank_osram" ]; in { services.home-assistant.config.light = [ { platform = "group"; - name = "Arbeitszimmer Lichter"; - entities = arbeitszimmer_licht; - } - { - platform = "group"; - name = "Wohnzimmer Lichter"; - entities = wohnzimmer_licht; - } - { - platform = "group"; - name = "Schlafzimmer Lichter"; + name = "Schlafzimmerbeleuchtung"; entities = schlafzimmer_licht; } - { - platform = "group"; - name = "Alle Lichter"; - entities = arbeitszimmer_licht ++ wohnzimmer_licht ++ schlafzimmer_licht; - } ]; } diff --git a/makefu/2configs/ham/light/wohnzimmer.nix b/makefu/2configs/ham/light/wohnzimmer.nix new file mode 100644 index 00000000..bc9c2778 --- /dev/null +++ b/makefu/2configs/ham/light/wohnzimmer.nix @@ -0,0 +1,24 @@ +let + wohnzimmerbeleuchtung = [ + "light.wohnzimmer_komode_osram_light" + "light.wohnzimmer_schrank_osram_light" + ]; + wohnzimmer_deko = [ + "light.wohnzimmer_fernseher_led_strip" # led um fernseher + "light.wohnzimmer_lichterkette_led_strip" # led um fernsehwand + "light.kinderzimmer_lichterkette_licht" # led um fenster + ]; +in { + services.home-assistant.config.light = [ + { + platform = "group"; + name = "Wohnzimmerbeleuchtung"; + entities = wohnzimmerbeleuchtung; + } + { + platform = "group"; + name = "Wohnzimmer Deko"; + entities = wohnzimmer_deko; + } + ]; +} -- cgit v1.2.3 From 6a53d3e0fd78bbb9094b7c1f59be0bb6742cf67d Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 1 Jan 2021 00:45:06 +0100 Subject: ma dl.gum: provide access to internal host --- makefu/0tests/data/secrets/dl.gum-auth.nix | 2 ++ makefu/2configs/nginx/dl.euer.krebsco.de.nix | 9 +++++++-- 2 files changed, 9 insertions(+), 2 deletions(-) create mode 100644 makefu/0tests/data/secrets/dl.gum-auth.nix (limited to 'makefu') diff --git a/makefu/0tests/data/secrets/dl.gum-auth.nix b/makefu/0tests/data/secrets/dl.gum-auth.nix new file mode 100644 index 00000000..2c63c085 --- /dev/null +++ b/makefu/0tests/data/secrets/dl.gum-auth.nix @@ -0,0 +1,2 @@ +{ +} diff --git a/makefu/2configs/nginx/dl.euer.krebsco.de.nix b/makefu/2configs/nginx/dl.euer.krebsco.de.nix index 828a66a7..5380d843 100644 --- a/makefu/2configs/nginx/dl.euer.krebsco.de.nix +++ b/makefu/2configs/nginx/dl.euer.krebsco.de.nix @@ -1,9 +1,8 @@ { config, lib, pkgs, ... }: -with import ; { services.nginx = { - enable = mkDefault true; + enable = lib.mkDefault true; recommendedGzipSettings = true; recommendedOptimisation = true; virtualHosts."dl.euer.krebsco.de" = { @@ -13,5 +12,11 @@ with import ; enableACME = true; basicAuth = import ; }; + virtualHosts."dl.gum.r" = { + serverAliases = [ "dl.gum" "dl.makefu.r" "dl.makefu" ]; + root = config.makefu.dl-dir; + extraConfig = "autoindex on;"; + basicAuth = import ; + }; }; } -- cgit v1.2.3 From 4a119186038fb0b6b60ce1861abec573d8f4081e Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 3 Jan 2021 02:03:12 +0100 Subject: ma deployment/owncloud: use upstream module --- makefu/2configs/deployment/owncloud.nix | 266 +++++++------------------------- 1 file changed, 56 insertions(+), 210 deletions(-) (limited to 'makefu') diff --git a/makefu/2configs/deployment/owncloud.nix b/makefu/2configs/deployment/owncloud.nix index af6592b2..7a5a5e2b 100644 --- a/makefu/2configs/deployment/owncloud.nix +++ b/makefu/2configs/deployment/owncloud.nix @@ -1,216 +1,62 @@ { lib, pkgs, config, ... }: with lib; -# imperative in config.php: -# #local memcache: -# 'memcache.local' => '\\OC\\Memcache\\APCu', -# #local locking: -# 'memcache.locking' => '\\OC\\Memcache\\Redis', -# 'redis' => -# array ( -# 'host' => 'localhost', -# 'port' => 6379, -# ), - - let - phpPackage = let - base = pkgs.php74; - in - base.buildEnv { - extensions = { enabled, all }: with all; - enabled ++ [ - apcu redis memcached imagick - ]; - }; - - # TODO: copy-paste from lass/2/websites/util.nix - nextcloud = pkgs.nextcloud20; - serveCloud = domains: - let - domain = head domains; - root = "/var/www/${domain}/"; - socket = "/var/run/${domain}-phpfpm.sock"; - in { - system.activationScripts."prepare-nextcloud-${domain}" = '' - if test ! -e ${root} ;then - echo "copying latest ${nextcloud.name} release to ${root}" - mkdir -p $(dirname "${root}") - cp -r ${nextcloud} "${root}" - chown -R nginx:nginx "${root}" - chmod 770 "${root}" - fi - ''; - services.nginx.virtualHosts."${domain}" = { - forceSSL = true; - enableACME = true; - serverAliases = domains; - extraConfig = '' - - # Add headers to serve security related headers - add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; - add_header X-Content-Type-Options nosniff; - add_header X-Frame-Options "SAMEORIGIN"; - add_header X-XSS-Protection "1; mode=block"; - add_header X-Robots-Tag none; - add_header X-Download-Options noopen; - add_header X-Permitted-Cross-Domain-Policies none; - - # Path to the root of your installation - root ${root}; - # set max upload size - client_max_body_size 10G; - fastcgi_buffers 64 4K; - fastcgi_read_timeout 120; - - # Disable gzip to avoid the removal of the ETag header - gzip off; - - # Uncomment if your server is build with the ngx_pagespeed module - # This module is currently not supported. - #pagespeed off; - - index index.php; - error_page 403 /core/templates/403.php; - error_page 404 /core/templates/404.php; - - rewrite ^/.well-known/carddav /remote.php/carddav/ permanent; - rewrite ^/.well-known/caldav /remote.php/caldav/ permanent; - - # The following 2 rules are only needed for the user_webfinger app. - # Uncomment it if you're planning to use this app. - rewrite ^/.well-known/host-meta /public.php?service=host-meta last; - rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; - ''; - locations."/robots.txt".extraConfig = '' - allow all; - log_not_found off; - access_log off; - ''; - locations."~ ^/(build|tests|config|lib|3rdparty|templates|data)/".extraConfig = '' - deny all; - ''; - - locations."~ ^/(?:autotest|occ|issue|indie|db_|console)".extraConfig = '' - deny all; - ''; - - locations."/".extraConfig = '' - rewrite ^/remote/(.*) /remote.php last; - rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; - try_files $uri $uri/ =404; - ''; - - locations."~ \.php(?:$|/)".extraConfig = '' - fastcgi_split_path_info ^(.+\.php)(/.+)$; - include ${pkgs.nginx}/conf/fastcgi_params; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_param PATH_INFO $fastcgi_path_info; - fastcgi_param HTTPS on; - fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice - fastcgi_pass unix:${config.services.phpfpm.pools.${domain}.socket}; - fastcgi_intercept_errors on; - ''; - - # Adding the cache control header for js and css files - # Make sure it is BELOW the location ~ \.php(?:$|/) block - locations."~* \.(?:css|js)$".extraConfig = '' - add_header Cache-Control "public, max-age=7200"; - # Add headers to serve security related headers - add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; - add_header X-Content-Type-Options nosniff; - add_header X-XSS-Protection "1; mode=block"; - add_header X-Robots-Tag none; - add_header X-Frame-Options SAMEORIGIN; - add_header X-Download-Options noopen; - add_header X-Permitted-Cross-Domain-Policies none; - - # Optional: Don't log access to assets - access_log off; - ''; - # Optional: Don't log access to other assets - locations."~* \.(?:jpg|jpeg|gif|bmp|ico|png|swf)$".extraConfig = '' - access_log off; - ''; - }; - services.phpfpm.pools."${domain}" = { - user = "nginx"; - group = "nginx"; - phpPackage = phpPackage; - settings = { - "listen.owner" = "nginx"; - "pm" = "dynamic"; - "pm.max_children" = 32; - "pm.max_requests" = 500; - "pm.start_servers" = 2; - "pm.min_spare_servers" = 2; - "pm.max_spare_servers" = 5; - "php_admin_value[error_log]" = "stderr"; - "php_admin_flag[log_errors]" = "on"; - "catch_workers_output" = true; - }; - phpEnv."PATH" = lib.makeBinPath [ phpPackage ]; - }; - services.phpfpm.phpOptions = '' - opcache.enable=1 - opcache.enable_cli=1 - opcache.interned_strings_buffer=8 - opcache.max_accelerated_files=10000 - opcache.memory_consumption=128 - opcache.save_comments=1 - opcache.revalidate_freq=1 - opcache.file_cache = .opcache - zend_extension=${phpPackage}/lib/php/extensions/opcache.so - - display_errors = on - display_startup_errors = on - always_populate_raw_post_data = -1 - error_reporting = E_ALL | E_STRICT - html_errors = On - date.timezone = "Europe/Berlin" - extension=${phpPackage}/lib/php/extensions/memcached.so - extension=${phpPackage}/lib/php/extensions/redis.so - extension=${phpPackage}/lib/php/extensions/apcu.so - ''; - - systemd.services."nextcloud-cron-${domain}" = { - serviceConfig = { - User = "nginx"; - ExecStart = "${phpPackage}/bin/php -f ${root}/cron.php"; - }; - startAt = "*:0/15"; - }; + adminpw = "/run/secret/nextcloud-admin-pw"; + dbpw = "/run/secret/nextcloud-db-pw"; +in { + krebs.secret.files.nextcloud-db-pw = { + path = dbpw; + owner.name = "nextcloud"; + source-path = toString + "/nextcloud-db-pw"; + }; + + krebs.secret.files.nextcloud-admin-pw = { + path = adminpw; + owner.name = "nextcloud"; + source-path = toString + "/nextcloud-admin-pw"; + }; + + services.nginx.virtualHosts."o.euer.krebsco.de" = { + forceSSL = true; + enableACME = true; + }; + + services.nextcloud = { + enable = true; + package = pkgs.nextcloud20; + hostName = "o.euer.krebsco.de"; + # Use HTTPS for links + https = true; + # Auto-update Nextcloud Apps + autoUpdateApps.enable = true; + # Set what time makes sense for you + autoUpdateApps.startAt = "05:00:00"; + + config = { + # Further forces Nextcloud to use HTTPS + overwriteProtocol = "https"; + + # Nextcloud PostegreSQL database configuration, recommended over using SQLite + dbtype = "pgsql"; + dbuser = "nextcloud"; + dbhost = "/run/postgresql"; # nextcloud will add /.s.PGSQL.5432 by itself + dbname = "nextcloud"; + dbpassFile = dbpw; + adminpassFile = adminpw; + adminuser = "admin"; }; -in { - imports = [ - ( serveCloud [ "o.euer.krebsco.de" ] ) - ]; - - networking.firewall.allowedTCPPorts = [ 80 443 ]; - services.redis.enable = true; - - #services.mysql = { - # enable = false; - # package = pkgs.mariadb; - # rootPassword = config.krebs.secret.files.mysql_rootPassword.path; - # initialDatabases = [ - # # Or use writeText instead of literalExample? - # #{ name = "nextcloud"; schema = literalExample "./nextcloud.sql"; } - # { - # name = "nextcloud"; - # schema = pkgs.writeText "nextcloud.sql" - # '' - # create user if not exists 'nextcloud'@'localhost' identified by 'password'; - # grant all privileges on nextcloud.* to 'nextcloud'@'localhost' identified by 'password'; - # ''; - # } - # ]; - #}; - - # dataDir is only defined after mysql is enabled - #krebs.secret.files.mysql_rootPassword = { - # path = "${config.services.mysql.dataDir}/mysql_rootPassword"; - # owner.name = "root"; - # source-path = toString + "/mysql_rootPassword"; - #}; + }; + + services.postgresql = { + enable = true; + # Ensure the database, user, and permissions always exist + ensureDatabases = [ "nextcloud" ]; + ensureUsers = [ { name = "nextcloud"; ensurePermissions."DATABASE nextcloud" = "ALL PRIVILEGES"; } ]; + }; + + systemd.services."nextcloud-setup" = { + requires = ["postgresql.service"]; + after = ["postgresql.service"]; + }; } -- cgit v1.2.3 From dfb850d6d11eefe684af54ded7acdad69a1aa244 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 3 Jan 2021 10:59:50 +0100 Subject: ma owncloud: enable caching --- makefu/2configs/deployment/owncloud.nix | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) (limited to 'makefu') diff --git a/makefu/2configs/deployment/owncloud.nix b/makefu/2configs/deployment/owncloud.nix index 7a5a5e2b..571e5627 100644 --- a/makefu/2configs/deployment/owncloud.nix +++ b/makefu/2configs/deployment/owncloud.nix @@ -1,10 +1,25 @@ { lib, pkgs, config, ... }: with lib; +# services.redis.enable = true; +# to enable caching with redis first start up everything, then run: +# nextcloud-occ config:system:set redis 'host' --value 'localhost' --type string +# nextcloud-occ config:system:set redis 'port' --value 6379 --type integer +# nextcloud-occ config:system:set memcache.local --value '\OC\Memcache\Redis' --type string +# nextcloud-occ config:system:set memcache.locking --value '\OC\Memcache\Redis' --type string + +# services.memcached.enable = true; +# to enable caching with memcached run: +# nextcloud-occ config:system:set memcached_servers 0 0 --value 127.0.0.1 --type string +# nextcloud-occ config:system:set memcached_servers 0 1 --value 11211 --type integer +# nextcloud-occ config:system:set memcache.local --value '\OC\Memcache\APCu' --type string +# nextcloud-occ config:system:set memcache.distributed --value '\OC\Memcache\Memcached' --type string + let adminpw = "/run/secret/nextcloud-admin-pw"; dbpw = "/run/secret/nextcloud-db-pw"; in { + krebs.secret.files.nextcloud-db-pw = { path = dbpw; owner.name = "nextcloud"; @@ -21,7 +36,7 @@ in { forceSSL = true; enableACME = true; }; - + state = [ "${config.services.nextcloud.home}/config" ]; services.nextcloud = { enable = true; package = pkgs.nextcloud20; @@ -33,6 +48,8 @@ in { # Set what time makes sense for you autoUpdateApps.startAt = "05:00:00"; + caching.redis = true; + # caching.memcached = true; config = { # Further forces Nextcloud to use HTTPS overwriteProtocol = "https"; @@ -47,7 +64,8 @@ in { adminuser = "admin"; }; }; - + services.redis.enable = true; + systemd.services.redis.serviceConfig.LimitNOFILE=65536; services.postgresql = { enable = true; # Ensure the database, user, and permissions always exist -- cgit v1.2.3 From eff5c83773fdad9f463997c4ccdb836edc8cc579 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 4 Jan 2021 11:45:25 +0100 Subject: ma systemdultras: init config for ircbot --- makefu/2configs/systemdultras/ircbot.nix | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 makefu/2configs/systemdultras/ircbot.nix (limited to 'makefu') diff --git a/makefu/2configs/systemdultras/ircbot.nix b/makefu/2configs/systemdultras/ircbot.nix new file mode 100644 index 00000000..c5f1bbed --- /dev/null +++ b/makefu/2configs/systemdultras/ircbot.nix @@ -0,0 +1,24 @@ +{ + krebs.brockman = { + enable = true; + config = { + irc = { + host = "irc.freenode.net"; + port = 6667; + }; + bots = { + r-systemdultras-rss = { + feed = "https://www.reddit.com/r/systemdultras/.rss"; + delay = 136; + channels = [ "#systemdultras" ]; + }; + r-systemd-rss = { + feed = "https://www.reddit.com/r/systemd/.rss"; + delay = 172; + channels = [ "#systemdultras" ]; + }; + }; + }; + + }; +} -- cgit v1.2.3 From d34dc528ee720af767c3b5a36d6e641c1b7b63d4 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 4 Jan 2021 12:04:17 +0100 Subject: ma dcpp: remove redis config --- makefu/2configs/dcpp/hub.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'makefu') diff --git a/makefu/2configs/dcpp/hub.nix b/makefu/2configs/dcpp/hub.nix index 4566a1f4..fbbce1f0 100644 --- a/makefu/2configs/dcpp/hub.nix +++ b/makefu/2configs/dcpp/hub.nix @@ -41,7 +41,6 @@ in { }; systemd.services = { - redis.serviceConfig.LimitNOFILE=10032; ddclient-nsupdate-uhub = { wantedBy = [ "multi-user.target" ]; after = [ "ip-up.target" ]; -- cgit v1.2.3