palo
/
nixos-config
1
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity

fix taskwarrior-pushover problems

feature/hass
Ingolf Wagner 2022-01-15 09:32:59 +01:00
parent 3c1a5938ad
commit e752805f52
Signed by: palo
GPG Key ID: 76BF5F1928B9618B
15 changed files with 130 additions and 113 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
flake.lock
View File

@ -68,12 +68,12 @@
"rev": "16bbe8a0157d5aa669b2572cda7186a2f108e676",
"revCount": 27,
"type": "git",
"url": "ssh://gitlab@gitlab.ingolf-wagner.de/palo/nixos-secrets"
"url": "ssh://gitea@git.ingolf-wagner.de/palo/nixos-secrets.git"
},
"original": {
"ref": "main",
"type": "git",
"url": "ssh://gitlab@gitlab.ingolf-wagner.de/palo/nixos-secrets"
"url": "ssh://gitea@git.ingolf-wagner.de/palo/nixos-secrets.git"
}
}
},

2
flake.nix
View File

@ -4,7 +4,7 @@
inputs = {
secrets = {
url = "git+ssh://gitlab@gitlab.ingolf-wagner.de/palo/nixos-secrets?ref=main";
url = "git+ssh://gitea@git.ingolf-wagner.de/palo/nixos-secrets.git?ref=main";
flake = false;
};
nixpkgs.url = "github:nixos/nixpkgs/nixos-21.05";

6
nixos/configs/pepe/configuration.nix
View File

@ -51,9 +51,9 @@
# nix-shell -p speedtest_cli --run speedtest
configuration.fireqos = {
enable = true;
interface = "wlp3s0";
input = 80000;
output = 2500;
interface = "enp0s25";
input = 200000;
output = 2000;
balance = false;
};

3
nixos/configs/pepe/mpd.nix
View File

@ -19,7 +19,10 @@
users.users."spotifyd" = {
isSystemUser = true;
group = "spotifyd";
};
users.groups.spotifyd = { };
sops.secrets.spotify_pass = {
owner = "spotifyd";

188
nixos/configs/pepe/syncthing.nix
View File

@ -5,12 +5,12 @@
custom.samba-share = {
enable = true;
folders = {
movies = config.services.syncthing.declarative.folders.movies.path;
music = config.services.syncthing.declarative.folders.music-library.path;
samples = config.services.syncthing.declarative.folders.samples.path;
series = config.services.syncthing.declarative.folders.series.path;
movies = config.services.syncthing.folders.movies.path;
music = config.services.syncthing.folders.music-library.path;
samples = config.services.syncthing.folders.samples.path;
series = config.services.syncthing.folders.series.path;
series2 = "/media/series";
books = config.services.syncthing.declarative.folders.books.path;
books = config.services.syncthing.folders.books.path;
};
#private.test = {
# folder = ;
@ -24,99 +24,97 @@
services.syncthing = {
enable = true;
openDefaultPorts = true;
declarative = {
cert = toString config.sops.secrets.syncthing_cert.path;
key = toString config.sops.secrets.syncthing_key.path;
cert = toString config.sops.secrets.syncthing_cert.path;
key = toString config.sops.secrets.syncthing_key.path;
overrideFolders = true;
folders = {
# on encrypted drive
# ------------------
private = {
enable = true;
path = "/home/syncthing/private";
};
desktop = {
enable = true;
path = "/home/syncthing/desktop";
};
finance = {
enable = true;
path = "/home/syncthing/finance";
};
lost-fotos = {
enable = true;
path = "/home/syncthing/lost-fotos.ct";
};
fotos = {
enable = true;
path = "/home/syncthing/fotos";
};
zettlr = {
enable = true;
path = "/home/syncthing/zettlr";
};
# no need to be encrypted
# -----------------------
borg-mirror = {
enable = true;
path = "/media/syncthing/borg";
rescanInterval = 36 * 3600;
type = "receiveonly";
};
books = {
enable = true;
path = "/media/syncthing/books";
rescanInterval = 8 * 3600;
};
movies = {
enable = true;
path = "/media/syncthing/movies";
rescanInterval = 8 * 3600;
};
music-projects = {
enable = true;
path = "/media/syncthing/music-projects";
};
music-library = {
enable = true;
path = "/media/syncthing/music-library";
rescanInterval = 8 * 3600;
};
music-library-free = {
enable = true;
path = "/media/syncthing/music-library-free";
rescanInterval = 8 * 3600;
};
samples = {
enable = true;
path = "/media/syncthing/samples";
rescanInterval = 8 * 3600;
};
series = {
enable = true;
path = "/media/syncthing/series";
rescanInterval = 8 * 3600;
};
smartphone-folder = {
enable = true;
path = "/media/syncthing/smartphone-folder";
rescanInterval = 8 * 3600;
};
video-material = {
enable = true;
path = "/media/syncthing/video-material";
rescanInterval = 8 * 3600;
};
processing = {
enable = true;
path = "/media/syncthing/sketchbook";
rescanInterval = 8 * 3600;
};
overrideFolders = true;
folders = {
# on encrypted drive
# ------------------
private = {
enable = true;
path = "/home/syncthing/private";
};
desktop = {
enable = true;
path = "/home/syncthing/desktop";
};
finance = {
enable = true;
path = "/home/syncthing/finance";
};
lost-fotos = {
enable = true;
path = "/home/syncthing/lost-fotos.ct";
};
fotos = {
enable = true;
path = "/home/syncthing/fotos";
};
zettlr = {
enable = true;
path = "/home/syncthing/zettlr";
};
# no need to be encrypted
# -----------------------
borg-mirror = {
enable = true;
path = "/media/syncthing/borg";
rescanInterval = 36 * 3600;
type = "receiveonly";
};
books = {
enable = true;
path = "/media/syncthing/books";
rescanInterval = 8 * 3600;
};
movies = {
enable = true;
path = "/media/syncthing/movies";
rescanInterval = 8 * 3600;
};
music-projects = {
enable = true;
path = "/media/syncthing/music-projects";
};
music-library = {
enable = true;
path = "/media/syncthing/music-library";
rescanInterval = 8 * 3600;
};
music-library-free = {
enable = true;
path = "/media/syncthing/music-library-free";
rescanInterval = 8 * 3600;
};
samples = {
enable = true;
path = "/media/syncthing/samples";
rescanInterval = 8 * 3600;
};
series = {
enable = true;
path = "/media/syncthing/series";
rescanInterval = 8 * 3600;
};
smartphone-folder = {
enable = true;
path = "/media/syncthing/smartphone-folder";
rescanInterval = 8 * 3600;
};
video-material = {
enable = true;
path = "/media/syncthing/video-material";
rescanInterval = 8 * 3600;
};
processing = {
enable = true;
path = "/media/syncthing/sketchbook";
rescanInterval = 8 * 3600;
};
};
};

1
nixos/configs/pepe/taskwarrior-pushover.nix
View File

@ -1,7 +1,6 @@
{ config, lib, pkgs, ... }:
{
users.users."taskwarrior-pushover".isSystemUser = true;
sops.secrets.pushoverApiToken.owner = "taskwarrior-pushover";
sops.secrets.pushoverUserKey.owner = "taskwarrior-pushover";

2
nixos/configs/pepe/tinc.nix
View File

@ -18,4 +18,6 @@ with lib;
sops.secrets.tinc_retiolum_ed25519_key = { };
sops.secrets.tinc_retiolum_rsa_key = { };
users.users."tinc.retiolum".group = "tinc.retiolum";
users.groups."tinc.retiolum" = { };
}

3
nixos/configs/robi/bitwarden.nix
View File

@ -1,6 +1,7 @@
{ config, pkgs, lib, ... }: {
services.bitwarden_rs = {
services.vaultwarden = {
enable = true;
# backupDir =
config = {
domain = "https://bitwarden.ingolf-wagner.de";
signupsAllowed = false;

4
nixos/configs/robi/gitea.nix
View File

@ -29,5 +29,7 @@
};
};
#backup.dirs = [ config.services.gogs.repositoryRoot ];
#backup.dirs = [ config.services.gogs.repositoryRoot ];
};
}

3
nixos/configs/sterni/configuration.nix
View File

@ -20,9 +20,6 @@
system.custom.wifi.interfaces = [ "wlp3s0" ];
sops.secrets.tinc_retiolum_ed25519_key = { };
sops.secrets.tinc_retiolum_rsa_key = { };
security.wrappers = {
pmount = {
source = "${pkgs.pmount}/bin/pmount";

5
nixos/configs/sterni/tinc.nix
View File

@ -20,8 +20,13 @@ with lib;
connectTo = [ "sputnik" ];
};
};
sops.secrets.tinc_retiolum_ed25519_key = { };
sops.secrets.tinc_retiolum_rsa_key = { };
users.users."tinc.retiolum".group = "tinc.retiolum";
users.groups."tinc.retiolum" = { };
users.users."tinc.secret".group = "tinc.secret";
users.groups."tinc.secret" = { };

2
nixos/modules/services/samba-share.nix
View File

@ -95,7 +95,9 @@ in
description = "smb guest user";
home = "/home/smbguest";
createHome = true;
group = "smbguest";
};
users.groups.smbguest = { };
})
# todo : maybe better to have a parameter for this

14
nixos/modules/services/taskwarrior-pushover.nix
View File

@ -49,19 +49,27 @@ in
};
config = mkIf cfg.enable {
users.users.${name} = {
isSystemUser = true;
home = "/var/lib/${name}";
group = name;
};
users.groups.${name} = { };
systemd.services.taskwarrior-pushover = {
enable = true;
serviceConfig = {
DynamicUser = true;
User = name;
StateDirectory = name;
};
script =
let
taskwarriorCommand = pkgs.writers.writeDash "taskwarrior-push" ''
${pkgs.taskwarrior}/bin/task \
rc.recurrence=${cfg.recurrence} \
rc:/var/lib/${name}/.taskrc \
rc.data.location=/var/lib/${name}/${cfg.dataDir} \
rc.recurrence=${cfg.recurrence} \
rc.taskd.ca=${cfg.caFile} \
rc.taskd.certificate=${cfg.certificateFile} \
rc.taskd.credentials="${cfg.credentials}" \
@ -73,7 +81,7 @@ in
''
if [ -d /var/lib/${name}/${cfg.dataDir} ]
then
echo "synchronize {cfg.dataDir}"
echo "synchronize ${cfg.dataDir}"
${taskwarriorCommand} sync
else
echo "initialize ${cfg.dataDir}"

4
nixos/system/all/syncthing.nix
View File

@ -10,8 +10,8 @@ with lib; {
"${name}" = {
name = name;
id = id;
addresses =
[ "tcp://${name}.private:22000" ];
#addresses =
# [ "tcp://${name}.private:22000" ];
};
};
in

2
nixos/system/server/initssh.nix
View File

@ -23,7 +23,7 @@ in
};
port = mkOption {
default = 22;
default = 2222;
type = with types; int;
};