kfm/niveum
1
0
Fork 0
mirror of https://github.com/kmein/niveum synced 2026-03-28 23:31:07 +01:00
Code Releases Activity

Compare commits

base: kfm:4fae6d1ed000ff653d670022e2e66fbc61b5fa71
Branches Tags
kfm:master kfm:update_flake_lock_action kfm:nethack kfm:wayland kfm:feature/hass-prometheus kfm:feature/itools kfm:feature/specus kfm:hass-nix-2 kfm:hass-nix kfm:grimm kfm:mympd kfm:tahina kfm:new-krops kfm:flakes kfm:flakes-2 kfm:20.09 kfm:mail
..
compare: kfm:hass-nix-2
Branches Tags
kfm:master kfm:update_flake_lock_action kfm:nethack kfm:wayland kfm:feature/hass-prometheus kfm:feature/itools kfm:feature/specus kfm:hass-nix-2 kfm:hass-nix kfm:grimm kfm:mympd kfm:tahina kfm:new-krops kfm:flakes kfm:flakes-2 kfm:20.09 kfm:mail

1 Commits
4fae6d1ed0 ... hass-nix-2

Author SHA1 Message Date
Kierán Meinhardt
62f3c7fcc0 wip 2023-02-09 18:05:17 +01:00
13 changed files with 227 additions and 106 deletions
Expand all files Collapse all files

4
configs/picom.nix → configs/compton.nix
View File

@@ -3,8 +3,8 @@
enable = true;
activeOpacity = 1;
fade = true;
fadeDelta = 5;
inactiveOpacity = 0.9;
fadeDelta = 10;
inactiveOpacity = 0.8;
shadow = true;
menuOpacity = 0.9;
shadowOpacity = 0.3;

2
configs/default.nix
View File

@@ -224,6 +224,7 @@ in {
./chromium.nix
./clipboard.nix
./cloud.nix
./compton.nix
./direnv.nix
./distrobump.nix
./docker.nix
@@ -246,7 +247,6 @@ in {
./newsboat.nix
./flameshot-once.nix
./packages.nix
./picom.nix
./stardict.nix
./polkit.nix
./power-action.nix

1
configs/mpv.nix
View File

@@ -23,7 +23,6 @@ in {
ytdl-raw-options = lib.concatStringsSep "," [''sub-lang="de,en"'' "write-sub=" "write-auto-sub="];
screenshot-template = "%F-%wH%wM%wS-%#04n";
script-opts = "ytdl_hook-ytdl_path=${pkgs.yt-dlp}/bin/yt-dlp";
ao = "pulse"; # no pipewire for me :(
};
bindings = {
"Alt+RIGHT" = "add video-rotate 90";

2
configs/ssh.nix
View File

@@ -72,8 +72,6 @@ in {
hostname = "135.181.85.233";
user = "root";
};
"cms-dev.woc2023.app".identityFile = sshIdentity "fysiweb";
"cms-master.woc2023.app".identityFile = sshIdentity "fysiweb";
"fysi-dev1" = {
hostname = "94.130.229.139";
user = "root";

40
flake.lock generated
View File

@@ -2,11 +2,11 @@
"nodes": {
"flake-utils": {
"locked": {
"lastModified": 1676283394,
"narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=",
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"type": "github"
},
"original": {
@@ -23,11 +23,11 @@
"utils": "utils"
},
"locked": {
"lastModified": 1676367705,
"narHash": "sha256-un5UbRat9TwruyImtwUGcKF823rCEp4fQxnsaLFL7CM=",
"lastModified": 1675371293,
"narHash": "sha256-LrCjtrAXj/WJphhGEMnHgZs7oTsfOlvPfOjFTIvg39k=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "da72e6fc6b7dc0c3f94edbd310aae7cd95c678b5",
"rev": "d1c7730bb707bf8124d997952f7babd2a281ae68",
"type": "github"
},
"original": {
@@ -110,11 +110,11 @@
},
"nixos-stable": {
"locked": {
"lastModified": 1676375384,
"narHash": "sha256-6HI3jZiuJX+KLz05cocYy2mBAWlISEKHU84ftYfxHZ8=",
"lastModified": 1675237434,
"narHash": "sha256-YoFR0vyEa1HXufLNIFgOGhIFMRnY6aZ0IepZF5cYemo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c43f676c938662072772339be6269226c77b51b8",
"rev": "285b3ff0660640575186a4086e1f8dc0df2874b5",
"type": "github"
},
"original": {
@@ -126,11 +126,11 @@
},
"nixos-unstable": {
"locked": {
"lastModified": 1676300157,
"narHash": "sha256-1HjRzfp6LOLfcj/HJHdVKWAkX9QRAouoh6AjzJiIerU=",
"lastModified": 1675273418,
"narHash": "sha256-tpYc4TEGvDzh9uRf44QemyQ4TpVuUbxb07b2P99XDbM=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "545c7a31e5dedea4a6d372712a18e00ce097d462",
"rev": "4d7c2644dbac9cf8282c0afe68fca8f0f3e7b2db",
"type": "github"
},
"original": {
@@ -158,11 +158,11 @@
},
"retiolum": {
"locked": {
"lastModified": 1676473689,
"narHash": "sha256-TGQbsiIojBj4DvGhhkI3i2dq9NmU2Vkt+i7Rw2U/BEg=",
"lastModified": 1675364416,
"narHash": "sha256-u7kbHg/cp+GdW55B6V52GG0D9+zWOhmVI2nh/NiMxfw=",
"ref": "refs/heads/master",
"rev": "30152917194d6e54ce68e45b499323356db3ae7c",
"revCount": 283,
"rev": "ae5112af96361acc314e1d270d0c9281984fc517",
"revCount": 280,
"type": "git",
"url": "https://git.thalheim.io/Mic92/retiolum"
},
@@ -210,11 +210,11 @@
"stockholm": {
"flake": false,
"locked": {
"lastModified": 1676206058,
"narHash": "sha256-httLH/By88YYpnfYAEnke2gnLiayMlcznia0aDNqK28=",
"lastModified": 1675564669,
"narHash": "sha256-Fd4wBl9b5Aqt4ctH2vJu/oPvgTOHD+ME8MUEu3oR2tE=",
"ref": "refs/heads/master",
"rev": "5234e1c7eaf478bc4ebd0edb48547168e91eba02",
"revCount": 11364,
"rev": "e44fe862f0bedc658aabd1daafb16376f188857e",
"revCount": 11353,
"type": "git",
"url": "https://cgit.krebsco.de/stockholm"
},

16
systems/ful/configuration.nix
View File

@@ -4,11 +4,10 @@
pkgs,
...
}: let
inherit (import <niveum/lib>) kieran retiolumAddresses restic;
inherit (import <niveum/lib>) kieran retiolumAddresses;
in {
imports = [
./hardware-configuration.nix
./matomo.nix
<niveum/configs/monitoring.nix>
<niveum/configs/nix.nix>
<niveum/configs/save-space.nix>
@@ -17,19 +16,6 @@ in {
<niveum/configs/retiolum.nix>
];
services.restic.backups.niveum = {
initialize = true;
inherit (restic) repository;
timerConfig = {
OnCalendar = "daily";
RandomizedDelaySec = "1h";
};
passwordFile = toString <secrets/restic/password>;
paths = [
config.services.mysqlBackup.location
];
};
nix.nixPath = ["/var/src"];
networking = {

42
systems/ful/matomo.nix
View File

@@ -1,42 +0,0 @@
{pkgs, ...}: let
inherit (import <niveum/lib>) kieran;
in {
services.nginx = {
enable = true;
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";
};
security.acme = {
acceptTerms = true;
defaults.email = kieran.email;
};
services.matomo = {
enable = true;
hostname = "matomo.kmein.de";
nginx = {
serverName = "matomo.kmein.de";
};
};
services.mysql = {
enable = true;
package = pkgs.mariadb;
ensureDatabases = ["matomo"];
ensureUsers = [
{
name = "matomo";
ensurePermissions."matomo.*" = "ALL PRIVILEGES";
}
];
};
services.mysqlBackup = {
enable = true;
databases = ["matomo"];
};
}

9
systems/makanek/moinbot.nix
View File

@@ -4,16 +4,13 @@
script = ''
greeting=$(echo "moin
oi
noim
MOIN
OI
moi" | shuf -n1)
noim" | shuf -n1)
echo "$greeting" | ${pkgs.ircaids}/bin/ircsink \
--nick "$greeting""bot" \
--server irc.hackint.org \
--port 6697 \
--secure \
--target '#hsmr-moin' >/dev/null 2>&1
--target '#hsmr' >/dev/null 2>&1
'';
serviceConfig.DynamicUser = true;
};
@@ -21,7 +18,7 @@
niveum.passport.services = [
{
title = "moinbot";
description = "greets #hsmr-moin:hackint.org daily.";
description = "greets #hsmr:hackint.org daily.";
}
];

2
systems/makanek/weechat.nix
View File

@@ -60,7 +60,7 @@ in {
addresses = "irc.hackint.org/6697";
ipv6 = true;
ssl = true;
autojoin = ["#eloop" "#krebs" "#hsmr" "#hsmr-moin" "#nixos" "#the_playlist" "#flipdot-berlin" "#hackint"];
autojoin = ["#eloop" "#krebs" "#hsmr" "#nixos" "#the_playlist" "#flipdot-berlin" "#hackint"];
sasl_mechanism = "plain";
sasl_username = nick;
sasl_password = lib.strings.fileContents <system-secrets/irc/hackint>;

4
systems/zaatar/backup.nix
View File

@@ -44,10 +44,6 @@ in {
inherit dport protocol;
source = retiolumAddresses.makanek.ipv4;
})
(firewall.accept {
inherit dport protocol;
source = retiolumAddresses.ful.ipv4;
})
];
in {
extraCommands = firewall.addRules rules;

2
systems/zaatar/configuration.nix
View File

@@ -15,7 +15,7 @@ in {
./moodle-dl-meinhark.nix
./pulseaudio.nix
./home-assistant.nix
./mpd.nix
./tuna.nix
./grocy.nix
./spotifyd.nix
<niveum/configs/keyboard.nix>

195
systems/zaatar/home-assistant.nix
View File

@@ -1,7 +1,46 @@
let
{pkgs, ...}: let
port = 8123;
mosquittoPort = 1883;
zigbee2mqttPort = 7977;
in {
networking.firewall.allowedTCPPorts = [port];
networking.firewall.allowedTCPPorts = [port zigbee2mqttPort];
services.zigbee2mqtt = {
enable = true;
settings = {
serial.port = "/dev/ttyACM0";
permit_join = true;
homeassistant = true;
frontend = {
port = zigbee2mqttPort;
host = "0.0.0.0";
};
experimental.new_api = true;
mqtt = {
discovery = true;
base_topic = "zigbee";
server = "mqtt://localhost:${toString mosquittoPort}";
user = "as59";
password = "as59-mqtt";
};
};
};
services.mosquitto = {
enable = true;
listeners = [
{
acl = [];
users.as59 = {
acl = ["readwrite #"];
password = "as59-mqtt";
};
port = mosquittoPort;
}
];
};
environment.systemPackages = [pkgs.mosquitto];
services.nginx.virtualHosts."home.kmein.r" = {
locations."/" = {
@@ -9,16 +48,150 @@ in {
};
};
virtualisation.oci-containers = {
backend = "podman";
containers.homeassistant = {
volumes = ["home-assistant:/config"];
environment.TZ = "Europe/Berlin";
image = "ghcr.io/home-assistant/home-assistant:stable";
extraOptions = [
"--network=host"
# "--device=/dev/ttyUSB0:/dev/ttyACM0" # Example, change this to match your own hardware
services.home-assistant = {
enable = true;
configWritable = true;
lovelaceConfigWritable = true;
config = let
in {
homeassistant = {
name = "Home";
time_zone = "Europe/Berlin";
latitude = "52.46187";
longitude = "13.41489";
elevation = 90;
unit_system = "metric";
# customize = friendly_names;
};
config = {};
sun.elevation = 66;
discovery = {};
frontend = {};
http = {};
weather = [
#{
# platform = "openweathermap";
# api_key = "xxx"; # TODO put into secrets
#}
];
system_health = {};
history = {};
switch = [
{
platform = "mqtt";
name = "zigbee2mqtt_join";
state_topic = "/zigbee2mqtt/bridge/config/permit_join";
command_topic = "/zigbee2mqtt/bridge/config/permit_join";
payload_on = "true";
payload_off = "false";
}
];
automation = [
{
id = "zigbee_join_enabled";
alias = "";
trigger = {
platform = "state";
entity_id = "switch.zigbee2mqtt_join";
to = "on";
};
action = {
service = "timer.start";
entity_id = "timer.zigbee_permit_join";
};
}
{
id = "zigbee_join_disabled";
trigger = [
{
platform = "event";
event_type = "timer.finished";
event_data.entity_id = "timer.zigbee_permit_join";
}
{
platform = "state";
entity_id = "switch.zigbee2mqtt_join";
to = "off";
}
];
action = [
{
service = "timer.cancel";
data.entity_id = "timer.zigbee_permit_join";
}
{
service = "switch.turn_off";
entity_id = "switch.zigbee2mqtt_join";
}
];
}
];
timer.zigbee_permit_join = {
name = "Zigbee Time remaining";
duration = 120;
};
mobile_app = {};
sensor = [
{
platform = "dwd_weather_warnings";
region_name = "Berlin";
}
# Sensor for monitoring the bridge state
{
platform = "mqtt";
name = "Zigbee2mqtt Bridge state";
state_topic = "/zigbee2mqtt/bridge/state";
icon = "mdi:router-wireless";
}
# Sensor for Showing the Zigbee2mqtt Version
{
platform = "mqtt";
name = "Zigbee2mqtt Version";
state_topic = "/zigbee2mqtt/bridge/config";
value_template = "{{ value_json.version }}";
icon = "mdi:zigbee";
}
# Sensor for Showing the Coordinator Version
{
platform = "mqtt";
name = "Coordinator Version";
state_topic = "/zigbee2mqtt/bridge/config";
value_template = "{{ value_json.coordinator }}";
icon = "mdi:chip";
}
];
mqtt = {
broker = "localhost";
port = mosquittoPort;
client_id = "home-assistant";
username = "gg23";
password = "gg23-mqtt";
keepalive = 60;
protocol = 3.1;
discovery = true;
birth_message = {
topic = "/hass/status";
payload = "online";
};
will_message = {
topic = "/hass/status";
payload = "offline";
};
};
};
};
# virtualisation.oci-containers = {
# backend = "podman";
# containers.homeassistant = {
# volumes = ["home-assistant:/config"];
# environment.TZ = "Europe/Berlin";
# image = "ghcr.io/home-assistant/home-assistant:stable";
# extraOptions = [
# "--network=host"
# # "--device=/dev/ttyUSB0:/dev/ttyACM0" # Example, change this to match your own hardware
# ];
# };
# };
}

14
systems/zaatar/mpd.nix → systems/zaatar/tuna.nix
View File

@@ -100,6 +100,20 @@ in {
})
];
services.tuna = {
enable = true;
# stationsFile = "/etc/tuna/stations.json";
stations = lib.lists.imap0 (id: {
desc ? "",
logo ? "https://picsum.photos/seed/${builtins.hashString "md5" stream}/300",
stream,
station,
...
}: {inherit id desc logo stream station;})
streams;
webPort = 7044;
};
services.ympd = {
enable = true;
mpd.port = config.services.mpd.network.port;