mirror of
https://github.com/kmein/niveum
synced 2026-03-28 15:21:08 +01:00
Compare commits
12 Commits
9db408226b
...
feature/ha
| Author | SHA1 | Date | |
|---|---|---|---|
| eafc87415a | |||
| 1e37581325 | |||
| c63cb4d157 | |||
| 88257e9ffb | |||
| b9d0258132 | |||
| 53bbc65716 | |||
| e76489b6d8 | |||
|
f4e2885b86 | ||
| 07f5d25e96 | |||
| b5e9fd73e0 | |||
| 34687dde21 | |||
| 4ce7c7a91a |
@@ -12,7 +12,6 @@
|
||||
in {
|
||||
imports = [
|
||||
inputs.self.nixosModules.system-dependent
|
||||
inputs.self.nixosModules.traadfri
|
||||
inputs.self.nixosModules.power-action
|
||||
{
|
||||
boot.supportedFilesystems = ["ntfs"];
|
||||
@@ -286,12 +285,12 @@ in {
|
||||
./sound.nix
|
||||
./sudo.nix
|
||||
./tmux.nix
|
||||
./traadfri.nix
|
||||
./unclutter.nix
|
||||
./vscode.nix
|
||||
./watson.nix
|
||||
./zsh.nix
|
||||
./tor.nix
|
||||
./stw-berlin.nix
|
||||
./mastodon-bot.nix
|
||||
];
|
||||
}
|
||||
|
||||
@@ -212,11 +212,7 @@ in {
|
||||
"${modifier}+r" = "mode resize";
|
||||
"${modifier}+v" = "split v";
|
||||
"${modifier}+w" = "layout tabbed";
|
||||
"${modifier}+q" = "exec ${pkgs.writers.writeDash "newsboat-sync" ''
|
||||
notify-send --app-name="newsboat" "Updating ..."
|
||||
newsboat -x reload
|
||||
notify-send --app-name="newsboat" "Finished updating."
|
||||
''}";
|
||||
"${modifier}+q" = "exec ${config.services.clipmenu.package}/bin/clipmenu";
|
||||
|
||||
"${modifier}+Return" = "exec ${(defaultApplications pkgs).terminal}";
|
||||
"${modifier}+t" = "exec ${(defaultApplications pkgs).fileManager}";
|
||||
|
||||
@@ -9,7 +9,7 @@
|
||||
startAt = "weekly";
|
||||
serviceConfig = {
|
||||
user = "kfm";
|
||||
WorkingDirectory = "/home/kfm/cloud/Seafile/Books/Germanistik/LB";
|
||||
WorkingDirectory = "/home/kfm/cloud/nextcloud/Books/Germanistik/LB";
|
||||
};
|
||||
script = ''
|
||||
first_year=2019
|
||||
|
||||
@@ -275,7 +275,7 @@ in {
|
||||
libreoffice
|
||||
# gnumeric
|
||||
dia
|
||||
pandoc
|
||||
unstablePackages.pandoc
|
||||
niveumPackages.man-pandoc
|
||||
typst
|
||||
# proselint
|
||||
|
||||
51
configs/stw-berlin.nix
Normal file
51
configs/stw-berlin.nix
Normal file
@@ -0,0 +1,51 @@
|
||||
{
|
||||
pkgs,
|
||||
config,
|
||||
...
|
||||
}: {
|
||||
age.secrets.stw-berlin-card-code.file = ../secrets/stw-berlin-card-code.age;
|
||||
|
||||
systemd.services.stw-berlin = {
|
||||
enable = true;
|
||||
wants = ["network-online.target"];
|
||||
startAt = "weekly";
|
||||
serviceConfig = {
|
||||
user = "kfm";
|
||||
WorkingDirectory = "/home/kfm/cloud/nextcloud/Uni/Meta/Mensa";
|
||||
LoadCredential = [
|
||||
"password:${config.age.secrets.stw-berlin-card-code.path}"
|
||||
];
|
||||
};
|
||||
script = ''
|
||||
KARTEN_ID=8071859
|
||||
PASSWORT=$(cat "$CREDENTIALS_DIRECTORY"/password)
|
||||
|
||||
endpoint=https://ks.stw.berlin:4433/TL1/TLM/KASVC
|
||||
authorization_header='Authorization: Basic S0FTVkM6ekt2NXlFMUxaVW12VzI5SQ=='
|
||||
|
||||
get_auth_token() {
|
||||
${pkgs.curl}/bin/curl -sSL "$endpoint/LOGIN?karteNr=$KARTEN_ID&format=JSON&datenformat=JSON" \
|
||||
-X POST \
|
||||
-H "$authorization_header" \
|
||||
--data-raw '{"BenutzerID":"'$KARTEN_ID'","Passwort":"'$PASSWORT'"}' \
|
||||
| ${pkgs.jq}/bin/jq -r '.[0].authToken|@uri'
|
||||
}
|
||||
|
||||
|
||||
get_transactions() {
|
||||
${pkgs.curl}/bin/curl -sSL "$endpoint/TRANS?format=JSON&authToken=$(get_auth_token)&karteNr=$KARTEN_ID&datumVon=12.02.2018&datumBis=$(date -d tomorrow +%d.%m.%Y)" \
|
||||
-H "$authorization_header" \
|
||||
| ${pkgs.jq}/bin/jq
|
||||
}
|
||||
|
||||
get_items() {
|
||||
${pkgs.curl}/bin/curl -sSL "$endpoint/TRANSPOS?format=JSON&authToken=$(get_auth_token)&karteNr=$KARTEN_ID&datumVon=12.02.2018&datumBis=$(date -d tomorrow +%d.%m.%Y)" \
|
||||
-H "$authorization_header" \
|
||||
| ${pkgs.jq}/bin/jq
|
||||
}
|
||||
|
||||
get_transactions > transactions-$(date -I).json
|
||||
get_items > items-$(date -I).json
|
||||
'';
|
||||
};
|
||||
}
|
||||
@@ -1,43 +0,0 @@
|
||||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}: let
|
||||
inherit (import ../lib) localAddresses;
|
||||
living-room-id = 131090;
|
||||
in {
|
||||
environment.systemPackages = [
|
||||
(pkgs.writers.writeDashBin "traadfri-party" ''
|
||||
while true; do
|
||||
for color in $(traadfri colours | shuf); do
|
||||
echo "$color"
|
||||
traadfri group "''${2:-${toString living-room-id}}" --on --colour="$color"
|
||||
sleep "''${1:-2}"
|
||||
done
|
||||
done
|
||||
'')
|
||||
];
|
||||
|
||||
age.secrets.traadfri-key = {
|
||||
file = ../secrets/traadfri-key.age;
|
||||
owner = config.users.users.me.name;
|
||||
group = config.users.users.me.group;
|
||||
mode = "400";
|
||||
};
|
||||
|
||||
niveum.traadfri = {
|
||||
enable = true;
|
||||
user = "kmein";
|
||||
host = localAddresses.tradfri;
|
||||
keyFile = config.age.secrets.traadfri-key.path;
|
||||
rooms = {
|
||||
corridor = 131080;
|
||||
kitchen = 131081;
|
||||
bedroom = 131082;
|
||||
living-room = living-room-id;
|
||||
bedside = 131087;
|
||||
chain = 131089;
|
||||
};
|
||||
};
|
||||
}
|
||||
60
flake.lock
generated
60
flake.lock
generated
@@ -122,11 +122,11 @@
|
||||
"systems": "systems"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1689068808,
|
||||
"narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=",
|
||||
"lastModified": 1692799911,
|
||||
"narHash": "sha256-3eihraek4qL744EvQXsK1Ha6C3CR7nnT8X2qWap4RNk=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4",
|
||||
"rev": "f9e7cf818399d17d347f847525c5a5a8032e4e44",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@@ -327,11 +327,11 @@
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1692414505,
|
||||
"narHash": "sha256-sSTuyR9JYSxmUcYcj0Jvw1hIq1tz/Canw9mK0hEJvnE=",
|
||||
"lastModified": 1692986144,
|
||||
"narHash": "sha256-M4VFpy7Av9j+33HF5nIGm0k2+DXXW4qSSKdidIKg5jY=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "4cdad15f34e6321a2f789b99d42815b9142ac2ba",
|
||||
"rev": "74e5bdc5478ebbe7ba5849f0d765f92757bb9dbf",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@@ -375,11 +375,11 @@
|
||||
},
|
||||
"nixpkgs-unstable": {
|
||||
"locked": {
|
||||
"lastModified": 1692490387,
|
||||
"narHash": "sha256-qU6BlSeuBeO3TsNqrLw6UksNSqyFOJ4pUGiC3WMsct0=",
|
||||
"lastModified": 1693094031,
|
||||
"narHash": "sha256-PyPWn5/WzryKDKuuiJJ8cd1BJCenhjbaicYQbwRM9Ao=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "0b6f3e17dda02c9cf1e8edc6e411ba37093f09e2",
|
||||
"rev": "38b9aaf6682015f1d2fc7b7f48da96992c30cfa3",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@@ -468,11 +468,11 @@
|
||||
},
|
||||
"nur": {
|
||||
"locked": {
|
||||
"lastModified": 1692488764,
|
||||
"narHash": "sha256-SCtwgqxLUCHf4gT83ab/46eqcw2ocm5FZanysSF9Bg4=",
|
||||
"lastModified": 1693082793,
|
||||
"narHash": "sha256-di/x+vrMYmjSHabbiuPi6EZ0m6HoPXOVtA7ugU3rVZM=",
|
||||
"owner": "nix-community",
|
||||
"repo": "NUR",
|
||||
"rev": "18436a20915d6cc569d7fb13807a07ae5de10661",
|
||||
"rev": "0f81f016eecec153a26099beb25b0c8bac87bd23",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@@ -541,7 +541,6 @@
|
||||
"stylix": "stylix",
|
||||
"telebots": "telebots",
|
||||
"tinc-graph": "tinc-graph",
|
||||
"traadfri": "traadfri",
|
||||
"voidrice": "voidrice",
|
||||
"wallpaper-generator": "wallpaper-generator",
|
||||
"wallpapers": "wallpapers"
|
||||
@@ -557,11 +556,11 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1692410823,
|
||||
"narHash": "sha256-YM1QCenpghNqgleUmoCJUArTuMEBqScyQuhepA6JZaI=",
|
||||
"lastModified": 1693015707,
|
||||
"narHash": "sha256-SFr93DYn502sVT9nB5U8/cKg1INyEk/jCeq8tHioz7Y=",
|
||||
"owner": "oxalica",
|
||||
"repo": "rust-overlay",
|
||||
"rev": "598b2f04ed252eb5808b108d7a10084c0c548753",
|
||||
"rev": "e90223633068a44f0fb62374e0fa360ccc987292",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@@ -682,37 +681,14 @@
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"traadfri": {
|
||||
"inputs": {
|
||||
"flake-utils": [
|
||||
"flake-utils"
|
||||
],
|
||||
"nixpkgs": [
|
||||
"nixpkgs-old"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1677165914,
|
||||
"narHash": "sha256-3N08NabgDwTUy1n5wxpT27iddFrgXW35E1x2UgAKkDQ=",
|
||||
"owner": "kmein",
|
||||
"repo": "traadfri",
|
||||
"rev": "11571116ed5d2c6478c615d663d1f96f57a97ba9",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "kmein",
|
||||
"repo": "traadfri",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"voidrice": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1692361205,
|
||||
"narHash": "sha256-xO5wT8Agu2PMGilpXobUwRliqNXYKl/x7OAaGRW83BI=",
|
||||
"lastModified": 1692950210,
|
||||
"narHash": "sha256-0RHvrinkg8LEV/aGnT2n9MNOwaf2ke/YAXRIipZiT2w=",
|
||||
"owner": "Lukesmithxyz",
|
||||
"repo": "voidrice",
|
||||
"rev": "f26e5678e626e604ed586fc6420b944dc023d3f2",
|
||||
"rev": "86f05abcce1fd270032975775adb40040c746cfe",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
||||
11
flake.nix
11
flake.nix
@@ -21,7 +21,6 @@
|
||||
stylix.url = "github:danth/stylix/release-23.05";
|
||||
telebots.url = "github:kmein/telebots";
|
||||
tinc-graph.url = "github:kmein/tinc-graph";
|
||||
traadfri.url = "github:kmein/traadfri";
|
||||
voidrice.url = "github:Lukesmithxyz/voidrice";
|
||||
wallpaper-generator.url = "github:pinpox/wallpaper-generator/v1.1";
|
||||
wallpapers.url = "github:kmein/wallpapers";
|
||||
@@ -51,8 +50,6 @@
|
||||
tinc-graph.inputs.flake-utils.follows = "flake-utils";
|
||||
tinc-graph.inputs.nixpkgs.follows = "nixpkgs";
|
||||
tinc-graph.inputs.rust-overlay.follows = "rust-overlay";
|
||||
traadfri.inputs.flake-utils.follows = "flake-utils";
|
||||
traadfri.inputs.nixpkgs.follows = "nixpkgs-old";
|
||||
voidrice.flake = false;
|
||||
wallpaper-generator.inputs.flake-utils.follows = "flake-utils";
|
||||
wallpapers.flake = false;
|
||||
@@ -82,7 +79,7 @@
|
||||
mock-secrets = {
|
||||
type = "app";
|
||||
program = toString (pkgs.writers.writeDash "mock-secrets" ''
|
||||
${pkgs.findutils}/bin/find secrets -not -path '*/.*' -type f > secrets.txt
|
||||
${pkgs.findutils}/bin/find secrets -not -path '*/.*' -type f | ${pkgs.coreutils}/bin/sort > secrets.txt
|
||||
'');
|
||||
};
|
||||
deploy = {
|
||||
@@ -109,7 +106,6 @@
|
||||
power-action = import modules/power-action.nix;
|
||||
system-dependent = import modules/system-dependent.nix;
|
||||
telegram-bot = import modules/telegram-bot.nix;
|
||||
traadfri = import modules/traadfri.nix;
|
||||
};
|
||||
|
||||
lib = {
|
||||
@@ -281,6 +277,9 @@
|
||||
})
|
||||
];
|
||||
};
|
||||
unstablePackages = import nixpkgs-unstable {
|
||||
inherit system;
|
||||
};
|
||||
wrapScript = {
|
||||
packages ? [],
|
||||
name,
|
||||
@@ -334,7 +333,7 @@
|
||||
mpv-radio = pkgs.callPackage packages/mpv-radio.nix {di-fm-key-file = "/dev/null";};
|
||||
mpv-tuner = pkgs.callPackage packages/mpv-tuner.nix {di-fm-key-file = "/dev/null";};
|
||||
mpv-tv = pkgs.callPackage packages/mpv-tv.nix {};
|
||||
mpv-visualizer = pkgs.callPackage packages/mpv-visualizer.nix {};
|
||||
mpv-visualizer = unstablePackages.mpvScripts.visualizer;
|
||||
new-mac = pkgs.callPackage packages/new-mac.nix {};
|
||||
nix-git = pkgs.callPackage packages/nix-git.nix {};
|
||||
nix-index-update = pkgs.callPackage packages/nix-index-update.nix {inherit system;};
|
||||
|
||||
@@ -5,7 +5,6 @@
|
||||
android = "192.168.178.35";
|
||||
manakish = "192.168.178.29";
|
||||
|
||||
tradfri = "192.168.178.28";
|
||||
officejet = "192.168.178.27";
|
||||
fritzbox = "192.168.178.1";
|
||||
}
|
||||
|
||||
@@ -1,47 +0,0 @@
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
config,
|
||||
inputs,
|
||||
...
|
||||
}:
|
||||
with lib; let
|
||||
cfg = config.niveum.traadfri;
|
||||
in {
|
||||
options.niveum.traadfri = {
|
||||
enable = mkEnableOption "Trådfri CLI";
|
||||
user = mkOption {type = types.str;};
|
||||
host = mkOption {type = types.str;};
|
||||
keyFile = mkOption {type = types.path;};
|
||||
rooms = mkOption {
|
||||
type = types.attrsOf types.int;
|
||||
default = {};
|
||||
};
|
||||
bulbs = mkOption {
|
||||
type = types.attrsOf types.int;
|
||||
default = {};
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
environment.systemPackages =
|
||||
[
|
||||
(pkgs.writers.writeDashBin "traadfri" ''
|
||||
export TRAADFRI_USER="${cfg.user}"
|
||||
export TRAADFRI_KEY="$(cat ${lib.escapeShellArg cfg.keyFile})"
|
||||
export TRAADFRI_HUB="${cfg.host}"
|
||||
${inputs.traadfri.defaultPackage.x86_64-linux}/bin/traadfri $@
|
||||
'')
|
||||
]
|
||||
++ lib.mapAttrsToList (name: value:
|
||||
pkgs.writers.writeDashBin "traadfri-${name}" ''
|
||||
exec traadfri --target Room ${toString value} "$@"
|
||||
'')
|
||||
cfg.rooms
|
||||
++ lib.mapAttrsToList (name: value:
|
||||
pkgs.writers.writeDashBin "traadfri-${name}" ''
|
||||
exec traadfri --target Bulb ${toString value} "$@"
|
||||
'')
|
||||
cfg.bulbs;
|
||||
};
|
||||
}
|
||||
@@ -1,36 +0,0 @@
|
||||
{
|
||||
lib,
|
||||
stdenvNoCC,
|
||||
fetchFromGitHub,
|
||||
curl,
|
||||
xclip,
|
||||
}:
|
||||
stdenvNoCC.mkDerivation rec {
|
||||
pname = "visualizer";
|
||||
version = "unstable-2021-07-10";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "mfcc64";
|
||||
repo = "mpv-scripts";
|
||||
rev = "a0cd87eeb974a4602c5d8086b4051b5ab72f42e1";
|
||||
sha256 = "1xgd1nd117lpj3ppynhgaa5sbkfm7l8n6c9a2fy8p07is2dkndrq";
|
||||
};
|
||||
|
||||
dontBuild = true;
|
||||
|
||||
installPhase = ''
|
||||
runHook preInstall
|
||||
mkdir -p $out/share/mpv/scripts
|
||||
cp visualizer.lua $out/share/mpv/scripts
|
||||
runHook postInstall
|
||||
'';
|
||||
|
||||
passthru.scriptName = "visualizer.lua";
|
||||
|
||||
meta = with lib; {
|
||||
description = "various audio visualization";
|
||||
homepage = "https://github.com/mfcc64/mpv-scripts";
|
||||
platforms = platforms.all;
|
||||
maintainers = with maintainers; [kmein];
|
||||
};
|
||||
}
|
||||
2
secrets
2
secrets
Submodule secrets updated: aaefa9ed14...9efd6ac7e1
121
secrets.txt
121
secrets.txt
@@ -1,65 +1,66 @@
|
||||
secrets/di-fm-key.age
|
||||
secrets/email-password-meinhark.age
|
||||
secrets/kabsa-retiolum-privateKey-ed25519.age
|
||||
secrets/makanek-specus-privateKey.age
|
||||
secrets/manakish-retiolum-privateKey-rsa.age
|
||||
secrets/kfm-password.age
|
||||
secrets/email-password-fysi.age
|
||||
secrets/github-token-i3status-rust.age
|
||||
secrets/nextcloud-password-admin.age
|
||||
secrets/zaatar-retiolum-privateKey-ed25519.age
|
||||
secrets/manakish-syncthing-cert.age
|
||||
secrets/telegram-token-betacode.age
|
||||
secrets/tabula-retiolum-privateKey-rsa.age
|
||||
secrets/zaatar-ympd-basicAuth.age
|
||||
secrets/zaatar-moodle-dl-basicAuth.age
|
||||
secrets/mega-password.age
|
||||
secrets/telegram-token-reverse.age
|
||||
secrets/email-password-meinhaki.age
|
||||
secrets/spotify-password.age
|
||||
secrets/telegram-token-kmein.age
|
||||
secrets/maxmind-license-key.age
|
||||
secrets/makanek-retiolum-privateKey-rsa.age
|
||||
secrets/spotify-username.age
|
||||
secrets/onlyoffice-jwt-key.age
|
||||
secrets/miniflux-credentials.age
|
||||
secrets/email-password-fsklassp.age
|
||||
secrets/kabsa-retiolum-privateKey-rsa.age
|
||||
secrets/traadfri-key.age
|
||||
secrets/tahina-retiolum-privateKey-rsa.age
|
||||
secrets/makanek-retiolum-privateKey-ed25519.age
|
||||
secrets/zaatar-retiolum-privateKey-rsa.age
|
||||
secrets/kabsa-specus-privateKey.age
|
||||
secrets/email-password-meinhak99.age
|
||||
secrets/nextcloud-password-kieran.age
|
||||
secrets/ful-root.age
|
||||
secrets/manakish-syncthing-key.age
|
||||
secrets/email-password-dslalewa.age
|
||||
secrets/zaatar-moodle-dl-tokens.json.age
|
||||
secrets/tabula-retiolum-privateKey-ed25519.age
|
||||
secrets/tahina-retiolum-privateKey-ed25519.age
|
||||
secrets/cifs-credentials-hu-berlin.age
|
||||
secrets/kabsa-syncthing-key.age
|
||||
secrets/hetzner-storagebox-credentials.age
|
||||
secrets/ful-retiolum-privateKey-rsa.age
|
||||
secrets/ful-retiolum-privateKey-ed25519.age
|
||||
secrets/zaatar-syncthing-key.age
|
||||
secrets/openweathermap-api-key.age
|
||||
secrets/secrets.nix
|
||||
secrets/email-password-cock.age
|
||||
secrets/telegram-token-nachtischsatan.age
|
||||
secrets/kabsa-syncthing-cert.age
|
||||
secrets/grafana-password-admin.age
|
||||
secrets/email-password-posteo.age
|
||||
secrets/manakish-retiolum-privateKey-ed25519.age
|
||||
secrets/restic.age
|
||||
secrets/home-assistant-token.age
|
||||
secrets/zaatar-syncthing-cert.age
|
||||
secrets/nextcloud-password-database.age
|
||||
secrets/telegram-token-menstruation.age
|
||||
secrets/alertmanager-token-reporters.age
|
||||
secrets/blackboard-calendar-ics.age
|
||||
secrets/cifs-credentials-hu-berlin.age
|
||||
secrets/di-fm-key.age
|
||||
secrets/email-password-cock.age
|
||||
secrets/email-password-dslalewa.age
|
||||
secrets/email-password-fsklassp.age
|
||||
secrets/email-password-fysi.age
|
||||
secrets/email-password-meinhak99.age
|
||||
secrets/email-password-meinhaki.age
|
||||
secrets/email-password-meinhark.age
|
||||
secrets/email-password-posteo.age
|
||||
secrets/ful-retiolum-privateKey-ed25519.age
|
||||
secrets/ful-retiolum-privateKey-rsa.age
|
||||
secrets/ful-root.age
|
||||
secrets/ful-specus-privateKey.age
|
||||
secrets/github-token-i3status-rust.age
|
||||
secrets/grafana-password-admin.age
|
||||
secrets/hetzner-storagebox-credentials.age
|
||||
secrets/home-assistant-token.age
|
||||
secrets/kabsa-retiolum-privateKey-ed25519.age
|
||||
secrets/kabsa-retiolum-privateKey-rsa.age
|
||||
secrets/kabsa-specus-privateKey.age
|
||||
secrets/kabsa-syncthing-cert.age
|
||||
secrets/kabsa-syncthing-key.age
|
||||
secrets/kfm-password.age
|
||||
secrets/ledger-basicAuth.age
|
||||
secrets/makanek-retiolum-privateKey-ed25519.age
|
||||
secrets/makanek-retiolum-privateKey-rsa.age
|
||||
secrets/makanek-specus-privateKey.age
|
||||
secrets/manakish-retiolum-privateKey-ed25519.age
|
||||
secrets/manakish-retiolum-privateKey-rsa.age
|
||||
secrets/manakish-syncthing-cert.age
|
||||
secrets/manakish-syncthing-key.age
|
||||
secrets/maxmind-license-key.age
|
||||
secrets/mega-password.age
|
||||
secrets/miniflux-credentials.age
|
||||
secrets/nextcloud-password-admin.age
|
||||
secrets/nextcloud-password-database.age
|
||||
secrets/nextcloud-password-fysi.age
|
||||
secrets/weechat-sec.conf.age
|
||||
secrets/nextcloud-password-kieran.age
|
||||
secrets/onlyoffice-jwt-key.age
|
||||
secrets/openweathermap-api-key.age
|
||||
secrets/restic.age
|
||||
secrets/secrets.nix
|
||||
secrets/spotify-password.age
|
||||
secrets/spotify-username.age
|
||||
secrets/stw-berlin-card-code.age
|
||||
secrets/tabula-retiolum-privateKey-ed25519.age
|
||||
secrets/tabula-retiolum-privateKey-rsa.age
|
||||
secrets/tahina-retiolum-privateKey-ed25519.age
|
||||
secrets/tahina-retiolum-privateKey-rsa.age
|
||||
secrets/telegram-token-betacode.age
|
||||
secrets/telegram-token-kmein.age
|
||||
secrets/telegram-token-menstruation.age
|
||||
secrets/telegram-token-nachtischsatan.age
|
||||
secrets/telegram-token-proverb.age
|
||||
secrets/telegram-token-reverse.age
|
||||
secrets/weechat-sec.conf.age
|
||||
secrets/zaatar-moodle-dl-basicAuth.age
|
||||
secrets/zaatar-moodle-dl-tokens.json.age
|
||||
secrets/zaatar-retiolum-privateKey-ed25519.age
|
||||
secrets/zaatar-retiolum-privateKey-rsa.age
|
||||
secrets/zaatar-syncthing-cert.age
|
||||
secrets/zaatar-syncthing-key.age
|
||||
secrets/zaatar-ympd-basicAuth.age
|
||||
|
||||
@@ -11,6 +11,7 @@ in {
|
||||
./matomo.nix
|
||||
./radio.nix
|
||||
./panoptikon.nix
|
||||
./ledger.nix
|
||||
../../configs/monitoring.nix
|
||||
../../configs/tor.nix
|
||||
../../configs/save-space.nix
|
||||
|
||||
54
systems/ful/ledger.nix
Normal file
54
systems/ful/ledger.nix
Normal file
@@ -0,0 +1,54 @@
|
||||
{
|
||||
config,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
services.hledger-web = {
|
||||
enable = true;
|
||||
capabilities = {
|
||||
add = true;
|
||||
view = true;
|
||||
manage = false;
|
||||
};
|
||||
serveApi = false; # serve only the JSON API
|
||||
baseUrl = "https://ledger.kmein.de";
|
||||
journalFiles = [
|
||||
"privat.journal"
|
||||
];
|
||||
};
|
||||
|
||||
systemd.services.hledger-backup = {
|
||||
enable = true;
|
||||
startAt = "hourly";
|
||||
wants = ["network-online.target"];
|
||||
wantedBy = ["multi-user.target"];
|
||||
script = ''
|
||||
${pkgs.git}/bin/git config user.name "hledger-web"
|
||||
${pkgs.git}/bin/git config user.email "hledger-web@${config.networking.hostName}"
|
||||
${pkgs.git}/bin/git commit -am $(date -Ih)
|
||||
${pkgs.git}/bin/git pull --rebase
|
||||
${pkgs.git}/bin/git push
|
||||
'';
|
||||
serviceConfig = {
|
||||
User = "hledger";
|
||||
Group = "hledger";
|
||||
WorkingDirectory = config.services.hledger-web.stateDir;
|
||||
};
|
||||
};
|
||||
|
||||
age.secrets = {
|
||||
ledger-basicAuth = {
|
||||
file = ../../secrets/ledger-basicAuth.age;
|
||||
owner = "nginx";
|
||||
group = "nginx";
|
||||
mode = "400";
|
||||
};
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts."ledger.kmein.de" = {
|
||||
enableACME = true;
|
||||
basicAuthFile = config.age.secrets.ledger-basicAuth.path;
|
||||
forceSSL = true;
|
||||
locations."/".proxyPass = "http://127.0.0.1:${toString config.services.hledger-web.port}";
|
||||
};
|
||||
}
|
||||
@@ -247,6 +247,12 @@ in {
|
||||
group = "prometheus";
|
||||
mode = "440";
|
||||
};
|
||||
home-assistant-token = {
|
||||
file = ../../../secrets/home-assistant-token.age;
|
||||
owner = "prometheus";
|
||||
group = "prometheus";
|
||||
mode = "440";
|
||||
};
|
||||
};
|
||||
|
||||
services.prometheus.alertmanagers = [
|
||||
@@ -315,6 +321,14 @@ in {
|
||||
}
|
||||
];
|
||||
}
|
||||
{
|
||||
job_name = "home_assistant";
|
||||
scrape_interval = "60s";
|
||||
metrics_path = "/api/prometheus";
|
||||
scheme = "http";
|
||||
static_configs = [{targets = ["zaatar.r:8123"];}];
|
||||
bearer_token_file = config.age.secrets.home-assistant-token.path;
|
||||
}
|
||||
{
|
||||
job_name = "ful";
|
||||
static_configs = [
|
||||
|
||||
@@ -1,9 +1,10 @@
|
||||
{config, ...}: let
|
||||
port = 8123;
|
||||
inherit (import ../../lib) restic;
|
||||
influxPort = 9100;
|
||||
volumeName = "home-assistant.bak";
|
||||
in {
|
||||
networking.firewall.allowedTCPPorts = [port];
|
||||
networking.firewall.allowedTCPPorts = [port influxPort];
|
||||
|
||||
services.nginx.virtualHosts."home.kmein.r" = {
|
||||
locations."/" = {
|
||||
@@ -11,6 +12,13 @@ in {
|
||||
};
|
||||
};
|
||||
|
||||
services.influxdb = {
|
||||
enable = true;
|
||||
extraConfig = {
|
||||
http.bind-address = ":${toString influxPort}";
|
||||
};
|
||||
};
|
||||
|
||||
services.restic.backups.niveum = {
|
||||
initialize = true;
|
||||
inherit (restic) repository;
|
||||
|
||||
Reference in New Issue
Block a user