palo/nixos-config
palo/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix taskwarrior-pushover problems

Browse source
This commit is contained in:
Ingolf Wagner 2022-01-15 09:32:59 +01:00
parent 3c1a5938ad
commit e752805f52
No known key found for this signature in database
GPG key ID: 76BF5F1928B9618B
15 changed files with 130 additions and 113 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
flake.lock
View file

@ -68,12 +68,12 @@
"rev": "16bbe8a0157d5aa669b2572cda7186a2f108e676", "rev": "16bbe8a0157d5aa669b2572cda7186a2f108e676",
"revCount": 27, "revCount": 27,
"type": "git", "type": "git",
"url": "ssh://gitlab@gitlab.ingolf-wagner.de/palo/nixos-secrets" "url": "ssh://gitea@git.ingolf-wagner.de/palo/nixos-secrets.git"
}, },
"original": { "original": {
"ref": "main", "ref": "main",
"type": "git", "type": "git",
"url": "ssh://gitlab@gitlab.ingolf-wagner.de/palo/nixos-secrets" "url": "ssh://gitea@git.ingolf-wagner.de/palo/nixos-secrets.git"
} }
} }
}, },

2
flake.nix
View file

@ -4,7 +4,7 @@
inputs = { inputs = {
secrets = { secrets = {
url = "git+ssh://gitlab@gitlab.ingolf-wagner.de/palo/nixos-secrets?ref=main"; url = "git+ssh://gitea@git.ingolf-wagner.de/palo/nixos-secrets.git?ref=main";
flake = false; flake = false;
}; };
nixpkgs.url = "github:nixos/nixpkgs/nixos-21.05"; nixpkgs.url = "github:nixos/nixpkgs/nixos-21.05";

6
nixos/configs/pepe/configuration.nix
View file

@ -51,9 +51,9 @@
# nix-shell -p speedtest_cli --run speedtest # nix-shell -p speedtest_cli --run speedtest
configuration.fireqos = { configuration.fireqos = {
enable = true; enable = true;
interface = "wlp3s0"; interface = "enp0s25";
input = 80000; input = 200000;
output = 2500; output = 2000;
balance = false; balance = false;
}; };

3
nixos/configs/pepe/mpd.nix
View file

@ -19,7 +19,10 @@
users.users."spotifyd" = { users.users."spotifyd" = {
isSystemUser = true; isSystemUser = true;
group = "spotifyd";
}; };
users.groups.spotifyd = { };
sops.secrets.spotify_pass = { sops.secrets.spotify_pass = {
owner = "spotifyd"; owner = "spotifyd";

188
nixos/configs/pepe/syncthing.nix
View file

@ -5,12 +5,12 @@
custom.samba-share = { custom.samba-share = {
enable = true; enable = true;
folders = { folders = {
movies = config.services.syncthing.declarative.folders.movies.path; movies = config.services.syncthing.folders.movies.path;
music = config.services.syncthing.declarative.folders.music-library.path; music = config.services.syncthing.folders.music-library.path;
samples = config.services.syncthing.declarative.folders.samples.path; samples = config.services.syncthing.folders.samples.path;
series = config.services.syncthing.declarative.folders.series.path; series = config.services.syncthing.folders.series.path;
series2 = "/media/series"; series2 = "/media/series";
books = config.services.syncthing.declarative.folders.books.path; books = config.services.syncthing.folders.books.path;
}; };
#private.test = { #private.test = {
# folder = ; # folder = ;
@ -24,99 +24,97 @@
services.syncthing = { services.syncthing = {
enable = true; enable = true;
openDefaultPorts = true; openDefaultPorts = true;
declarative = { cert = toString config.sops.secrets.syncthing_cert.path;
cert = toString config.sops.secrets.syncthing_cert.path; key = toString config.sops.secrets.syncthing_key.path;
key = toString config.sops.secrets.syncthing_key.path;
overrideFolders = true; overrideFolders = true;
folders = { folders = {
# on encrypted drive
# ------------------
private = {
enable = true;
path = "/home/syncthing/private";
};
desktop = {
enable = true;
path = "/home/syncthing/desktop";
};
finance = {
enable = true;
path = "/home/syncthing/finance";
};
lost-fotos = {
enable = true;
path = "/home/syncthing/lost-fotos.ct";
};
fotos = {
enable = true;
path = "/home/syncthing/fotos";
};
zettlr = {
enable = true;
path = "/home/syncthing/zettlr";
};
# no need to be encrypted
# -----------------------
borg-mirror = {
enable = true;
path = "/media/syncthing/borg";
rescanInterval = 36 * 3600;
type = "receiveonly";
};
books = {
enable = true;
path = "/media/syncthing/books";
rescanInterval = 8 * 3600;
};
movies = {
enable = true;
path = "/media/syncthing/movies";
rescanInterval = 8 * 3600;
};
music-projects = {
enable = true;
path = "/media/syncthing/music-projects";
};
music-library = {
enable = true;
path = "/media/syncthing/music-library";
rescanInterval = 8 * 3600;
};
music-library-free = {
enable = true;
path = "/media/syncthing/music-library-free";
rescanInterval = 8 * 3600;
};
samples = {
enable = true;
path = "/media/syncthing/samples";
rescanInterval = 8 * 3600;
};
series = {
enable = true;
path = "/media/syncthing/series";
rescanInterval = 8 * 3600;
};
smartphone-folder = {
enable = true;
path = "/media/syncthing/smartphone-folder";
rescanInterval = 8 * 3600;
};
video-material = {
enable = true;
path = "/media/syncthing/video-material";
rescanInterval = 8 * 3600;
};
processing = {
enable = true;
path = "/media/syncthing/sketchbook";
rescanInterval = 8 * 3600;
};
# on encrypted drive
# ------------------
private = {
enable = true;
path = "/home/syncthing/private";
}; };
desktop = {
enable = true;
path = "/home/syncthing/desktop";
};
finance = {
enable = true;
path = "/home/syncthing/finance";
};
lost-fotos = {
enable = true;
path = "/home/syncthing/lost-fotos.ct";
};
fotos = {
enable = true;
path = "/home/syncthing/fotos";
};
zettlr = {
enable = true;
path = "/home/syncthing/zettlr";
};
# no need to be encrypted
# -----------------------
borg-mirror = {
enable = true;
path = "/media/syncthing/borg";
rescanInterval = 36 * 3600;
type = "receiveonly";
};
books = {
enable = true;
path = "/media/syncthing/books";
rescanInterval = 8 * 3600;
};
movies = {
enable = true;
path = "/media/syncthing/movies";
rescanInterval = 8 * 3600;
};
music-projects = {
enable = true;
path = "/media/syncthing/music-projects";
};
music-library = {
enable = true;
path = "/media/syncthing/music-library";
rescanInterval = 8 * 3600;
};
music-library-free = {
enable = true;
path = "/media/syncthing/music-library-free";
rescanInterval = 8 * 3600;
};
samples = {
enable = true;
path = "/media/syncthing/samples";
rescanInterval = 8 * 3600;
};
series = {
enable = true;
path = "/media/syncthing/series";
rescanInterval = 8 * 3600;
};
smartphone-folder = {
enable = true;
path = "/media/syncthing/smartphone-folder";
rescanInterval = 8 * 3600;
};
video-material = {
enable = true;
path = "/media/syncthing/video-material";
rescanInterval = 8 * 3600;
};
processing = {
enable = true;
path = "/media/syncthing/sketchbook";
rescanInterval = 8 * 3600;
};
}; };
}; };

1
nixos/configs/pepe/taskwarrior-pushover.nix
View file

@ -1,7 +1,6 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
{ {
users.users."taskwarrior-pushover".isSystemUser = true;
sops.secrets.pushoverApiToken.owner = "taskwarrior-pushover"; sops.secrets.pushoverApiToken.owner = "taskwarrior-pushover";
sops.secrets.pushoverUserKey.owner = "taskwarrior-pushover"; sops.secrets.pushoverUserKey.owner = "taskwarrior-pushover";

2
nixos/configs/pepe/tinc.nix
View file

@ -18,4 +18,6 @@ with lib;
sops.secrets.tinc_retiolum_ed25519_key = { }; sops.secrets.tinc_retiolum_ed25519_key = { };
sops.secrets.tinc_retiolum_rsa_key = { }; sops.secrets.tinc_retiolum_rsa_key = { };
users.users."tinc.retiolum".group = "tinc.retiolum";
users.groups."tinc.retiolum" = { };
} }

3
nixos/configs/robi/bitwarden.nix
View file

@ -1,6 +1,7 @@
{ config, pkgs, lib, ... }: { { config, pkgs, lib, ... }: {
services.bitwarden_rs = { services.vaultwarden = {
enable = true; enable = true;
# backupDir =
config = { config = {
domain = "https://bitwarden.ingolf-wagner.de"; domain = "https://bitwarden.ingolf-wagner.de";
signupsAllowed = false; signupsAllowed = false;

4
nixos/configs/robi/gitea.nix
View file

@ -29,5 +29,7 @@
}; };
}; };
#backup.dirs = [ config.services.gogs.repositoryRoot ]; #backup.dirs = [ config.services.gogs.repositoryRoot ];
};
} }

3
nixos/configs/sterni/configuration.nix
View file

@ -20,9 +20,6 @@
system.custom.wifi.interfaces = [ "wlp3s0" ]; system.custom.wifi.interfaces = [ "wlp3s0" ];
sops.secrets.tinc_retiolum_ed25519_key = { };
sops.secrets.tinc_retiolum_rsa_key = { };
security.wrappers = { security.wrappers = {
pmount = { pmount = {
source = "${pkgs.pmount}/bin/pmount"; source = "${pkgs.pmount}/bin/pmount";

5
nixos/configs/sterni/tinc.nix
View file

@ -20,8 +20,13 @@ with lib;
connectTo = [ "sputnik" ]; connectTo = [ "sputnik" ];
}; };
}; };
sops.secrets.tinc_retiolum_ed25519_key = { };
sops.secrets.tinc_retiolum_rsa_key = { };
users.users."tinc.retiolum".group = "tinc.retiolum"; users.users."tinc.retiolum".group = "tinc.retiolum";
users.groups."tinc.retiolum" = { }; users.groups."tinc.retiolum" = { };
users.users."tinc.secret".group = "tinc.secret"; users.users."tinc.secret".group = "tinc.secret";
users.groups."tinc.secret" = { }; users.groups."tinc.secret" = { };

2
nixos/modules/services/samba-share.nix
View file

@ -95,7 +95,9 @@ in
description = "smb guest user"; description = "smb guest user";
home = "/home/smbguest"; home = "/home/smbguest";
createHome = true; createHome = true;
group = "smbguest";
}; };
users.groups.smbguest = { };
}) })
# todo : maybe better to have a parameter for this # todo : maybe better to have a parameter for this

14
nixos/modules/services/taskwarrior-pushover.nix
View file

@ -49,19 +49,27 @@ in
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.users.${name} = {
isSystemUser = true;
home = "/var/lib/${name}";
group = name;
};
users.groups.${name} = { };
systemd.services.taskwarrior-pushover = { systemd.services.taskwarrior-pushover = {
enable = true; enable = true;
serviceConfig = { serviceConfig = {
DynamicUser = true; User = name;
StateDirectory = name; StateDirectory = name;
}; };
script = script =
let let
taskwarriorCommand = pkgs.writers.writeDash "taskwarrior-push" '' taskwarriorCommand = pkgs.writers.writeDash "taskwarrior-push" ''
${pkgs.taskwarrior}/bin/task \ ${pkgs.taskwarrior}/bin/task \
rc.recurrence=${cfg.recurrence} \
rc:/var/lib/${name}/.taskrc \ rc:/var/lib/${name}/.taskrc \
rc.data.location=/var/lib/${name}/${cfg.dataDir} \ rc.data.location=/var/lib/${name}/${cfg.dataDir} \
rc.recurrence=${cfg.recurrence} \
rc.taskd.ca=${cfg.caFile} \ rc.taskd.ca=${cfg.caFile} \
rc.taskd.certificate=${cfg.certificateFile} \ rc.taskd.certificate=${cfg.certificateFile} \
rc.taskd.credentials="${cfg.credentials}" \ rc.taskd.credentials="${cfg.credentials}" \
@ -73,7 +81,7 @@ in
'' ''
if [ -d /var/lib/${name}/${cfg.dataDir} ] if [ -d /var/lib/${name}/${cfg.dataDir} ]
then then
echo "synchronize {cfg.dataDir}" echo "synchronize ${cfg.dataDir}"
${taskwarriorCommand} sync ${taskwarriorCommand} sync
else else
echo "initialize ${cfg.dataDir}" echo "initialize ${cfg.dataDir}"

4
nixos/system/all/syncthing.nix
View file

@ -10,8 +10,8 @@ with lib; {
"${name}" = { "${name}" = {
name = name; name = name;
id = id; id = id;
addresses = #addresses =
[ "tcp://${name}.private:22000" ]; # [ "tcp://${name}.private:22000" ];
}; };
}; };
in in

2
nixos/system/server/initssh.nix
View file

@ -23,7 +23,7 @@ in
}; };
port = mkOption { port = mkOption {
default = 22; default = 2222;
type = with types; int; type = with types; int;
}; };