palo/nixos-config
palo/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions1

workhorse done and nixpkgs-fmt

Browse source
This commit is contained in:
Ingolf Wagner 2021-11-01 09:20:42 +01:00
parent 87be340dfa
commit fc33e57a54
No known key found for this signature in database
GPG key ID: 76BF5F1928B9618B
124 changed files with 3142 additions and 2590 deletions

47
nixos/modules/services/castget.nix
View file

@ -6,7 +6,8 @@ let
cfg = config.custom.services.castget;
in {
in
{
options.custom.services.castget = {
enable = mkEnableOption "enable custom.services.castget";
@ -67,25 +68,33 @@ in {
restartIfChanged = false;
serviceConfig.User = cfg.user;
preStart = let
mkSpools =
mapAttrsToList (ignore: value: "mkdir -p ${value.spool}") cfg.feeds;
in concatStringsSep "\n" mkSpools;
script = let
channels = mapAttrsToList (key: ignore: key) cfg.feeds;
castget = "${pkgs.castget}/bin/castget";
preStart =
let
mkSpools =
mapAttrsToList (ignore: value: "mkdir -p ${value.spool}") cfg.feeds;
in
concatStringsSep "\n" mkSpools;
script =
let
channels = mapAttrsToList (key: ignore: key) cfg.feeds;
castget = "${pkgs.castget}/bin/castget";
configurationFile = let
configurations = mapAttrsToList (key: value: ''
[${key}]
url=${value.url}
spool=${value.spool}
'') cfg.feeds;
in (pkgs.writeText "castget-configuration"
(concatStringsSep "" configurations));
in (concatMapStringsSep "\n"
(channel: "${castget} --rcfile ${configurationFile} ${channel}")
channels);
configurationFile =
let
configurations = mapAttrsToList
(key: value: ''
[${key}]
url=${value.url}
spool=${value.spool}
'')
cfg.feeds;
in
(pkgs.writeText "castget-configuration"
(concatStringsSep "" configurations));
in
(concatMapStringsSep "\n"
(channel: "${castget} --rcfile ${configurationFile} ${channel}")
channels);
};
systemd.timers."${cfg.serviceName}" = {

23
nixos/modules/services/home-assistant.nix
View file

@ -11,21 +11,24 @@ let
inherit example description default;
type = with lib.types;
let
valueType = nullOr (oneOf [
bool
int
float
str
(attrsOf valueType)
(listOf valueType)
]) // {
valueType = nullOr
(oneOf [
bool
int
float
str
(attrsOf valueType)
(listOf valueType)
]) // {
description = "";
emptyValue.value = { };
};
in valueType;
in
valueType;
};
in {
in
{
options.services.homeAssistantConfig = mkMagicMergeOption {
description = ''

95
nixos/modules/services/lektor.nix
View file

@ -6,7 +6,8 @@ let
cfg = config.services.lektor;
in {
in
{
options.services.lektor = {
enable = mkEnableOption "enable services.lektor";
@ -107,57 +108,59 @@ in {
TimeoutStartSec =
"infinity"; # it might take some time will this thing is up
ExecStartPre = let
ExecStartPre =
let
sshKeyTarget = "/run/keys.lektor/id_rsa";
sshKeyTarget = "/run/keys.lektor/id_rsa";
sshConfig = pkgs.writeText "sshconfig" ''
Host ${cfg.host}
IdentityFile ${sshKeyTarget}
sshConfig = pkgs.writeText "sshconfig" ''
Host ${cfg.host}
IdentityFile ${sshKeyTarget}
Host *
ForwardAgent no
Compression no
ServerAliveInterval 0
HashKnownHosts no
UserKnownHostsFile ~/.ssh/known_hosts
ControlMaster no
ControlPath ~/.ssh/master-%r@%n:%p
ControlPersist no
'';
sshKeyScript = pkgs.writers.writeDash "keyfile-gen" # sh
''
set -x
# setup ~/.ssh
mkdir -p ${cfg.home}/.ssh
chown ${cfg.user} ${cfg.home}/.ssh
chmod 700 ${cfg.home}/.ssh
cp ${sshConfig} ${cfg.home}/.ssh/config
chown ${cfg.user} ${cfg.home}/.ssh/config
chmod 500 ${cfg.home}/.ssh/config
mkdir -p ${dirOf sshKeyTarget}
chmod 700 ${dirOf sshKeyTarget}
chown ${cfg.user} ${dirOf sshKeyTarget}
cp ${toString cfg.sshKey} ${sshKeyTarget}
chown ${cfg.user} ${sshKeyTarget}
chmod 500 ${sshKeyTarget}
Host *
ForwardAgent no
Compression no
ServerAliveInterval 0
HashKnownHosts no
UserKnownHostsFile ~/.ssh/known_hosts
ControlMaster no
ControlPath ~/.ssh/master-%r@%n:%p
ControlPersist no
'';
cloneScript = pkgs.writers.writeDash "clone" # sh
''
set -x
if [[ `ls ~/${cfg.user} | wc -l` == 0 ]]
then
rm ~/${cfg.user}
fi
${pkgs.git}/bin/git clone ${cfg.repository} ~/${cfg.user}
'';
sshKeyScript = pkgs.writers.writeDash "keyfile-gen" # sh
''
set -x
in [ "+${sshKeyScript}" "-${cloneScript}" ];
# setup ~/.ssh
mkdir -p ${cfg.home}/.ssh
chown ${cfg.user} ${cfg.home}/.ssh
chmod 700 ${cfg.home}/.ssh
cp ${sshConfig} ${cfg.home}/.ssh/config
chown ${cfg.user} ${cfg.home}/.ssh/config
chmod 500 ${cfg.home}/.ssh/config
mkdir -p ${dirOf sshKeyTarget}
chmod 700 ${dirOf sshKeyTarget}
chown ${cfg.user} ${dirOf sshKeyTarget}
cp ${toString cfg.sshKey} ${sshKeyTarget}
chown ${cfg.user} ${sshKeyTarget}
chmod 500 ${sshKeyTarget}
'';
cloneScript = pkgs.writers.writeDash "clone" # sh
''
set -x
if [[ `ls ~/${cfg.user} | wc -l` == 0 ]]
then
rm ~/${cfg.user}
fi
${pkgs.git}/bin/git clone ${cfg.repository} ~/${cfg.user}
'';
in
[ "+${sshKeyScript}" "-${cloneScript}" ];
};
# todo : add restart ruling

23
nixos/modules/services/light-control.nix
View file

@ -11,24 +11,27 @@ let
inherit example description default;
type = with lib.types;
let
valueType = nullOr (oneOf [
bool
int
float
str
(attrsOf valueType)
(listOf valueType)
]) // {
valueType = nullOr
(oneOf [
bool
int
float
str
(attrsOf valueType)
(listOf valueType)
]) // {
description = "";
emptyValue.value = { };
};
in valueType;
in
valueType;
};
lightControlConfig =
pkgs.writeText "light-control.json" (builtins.toJSON cfg.config);
in {
in
{
options.services.mqtt.light-control = {
enable = mkEnableOption "enable mqtt.light-control";

39
nixos/modules/services/samba-share.nix
View file

@ -6,7 +6,8 @@ let
cfg = config.custom.samba-share;
in {
in
{
options.custom.samba-share = {
enable = mkEnableOption "enable custom.samba-share";
@ -61,27 +62,31 @@ in {
disable spoolss = yes
'';
shares = mapAttrs' (name: path: {
name = name;
value = {
browsable = "yes";
comment = "read only share ${name}";
path = path;
"read only" = "yes";
"guest ok" = "yes";
};
}) cfg.folders // (mapAttrs' (name:
{ users, folder, ... }: {
shares = mapAttrs'
(name: path: {
name = name;
value = {
browsable = "yes";
comment = "read only share ${name}";
path = folder;
"read only" = "no";
"valid users" = users;
"guest ok" = "false";
path = path;
"read only" = "yes";
"guest ok" = "yes";
};
}) cfg.private);
})
cfg.folders // (mapAttrs'
(name:
{ users, folder, ... }: {
name = name;
value = {
browsable = "yes";
comment = "read only share ${name}";
path = folder;
"read only" = "no";
"valid users" = users;
"guest ok" = "false";
};
})
cfg.private);
};
users.users.smbguest = {

21
nixos/modules/services/sshd.nix
View file

@ -6,7 +6,8 @@ let
cfg = config.services.custom.ssh;
in {
in
{
options.services.custom.ssh = {
tools.enable = mkEnableOption "Add ssh tools";
@ -44,14 +45,16 @@ in {
Banner /etc/sshd/banner-line
'';
environment.etc."sshd/banner-line".text = let
text = config.networking.hostName;
size = 80 - (lib.stringLength text);
space = lib.fixedWidthString size " " "";
in ''
${space}${text}
'';
environment.etc."sshd/banner-line".text =
let
text = config.networking.hostName;
size = 80 - (lib.stringLength text);
space = lib.fixedWidthString size " " "";
in
''
${space}${text}
'';
})

75
nixos/modules/services/taskwarrior-pushover.nix
View file

@ -14,7 +14,7 @@ in
default = "4:00:00";
};
recurrence = mkOption {
type = enum["on" "off"];
type = enum [ "on" "off" ];
default = "off";
};
pushoverApiTokenFile = mkOption {
@ -37,7 +37,7 @@ in
certificateFile = mkOption {
type = path;
};
credentials= mkOption {
credentials = mkOption {
type = str;
};
keyFile = mkOption {
@ -55,43 +55,44 @@ in
DynamicUser = true;
StateDirectory = name;
};
script = let
taskwarriorCommand = pkgs.writers.writeDash "taskwarrior-push" ''
${pkgs.taskwarrior}/bin/task \
rc.recurrence=${cfg.recurrence} \
rc:/var/lib/${name}/.taskrc \
rc.data.location=/var/lib/${name}/${cfg.dataDir} \
rc.taskd.ca=${cfg.caFile} \
rc.taskd.certificate=${cfg.certificateFile} \
rc.taskd.credentials="${cfg.credentials}" \
rc.taskd.key=${cfg.keyFile} \
rc.taskd.server=${cfg.server} \
"$@"
'';
in
script =
let
taskwarriorCommand = pkgs.writers.writeDash "taskwarrior-push" ''
${pkgs.taskwarrior}/bin/task \
rc.recurrence=${cfg.recurrence} \
rc:/var/lib/${name}/.taskrc \
rc.data.location=/var/lib/${name}/${cfg.dataDir} \
rc.taskd.ca=${cfg.caFile} \
rc.taskd.certificate=${cfg.certificateFile} \
rc.taskd.credentials="${cfg.credentials}" \
rc.taskd.key=${cfg.keyFile} \
rc.taskd.server=${cfg.server} \
"$@"
'';
in
''
if [ -d /var/lib/${name}/${cfg.dataDir} ]
then
echo "synchronize {cfg.dataDir}"
${taskwarriorCommand} sync
else
echo "initialize ${cfg.dataDir}"
${pkgs.coreutils}/bin/yes | ${taskwarriorCommand} sync init
fi
if [ -d /var/lib/${name}/${cfg.dataDir} ]
then
echo "synchronize {cfg.dataDir}"
${taskwarriorCommand} sync
else
echo "initialize ${cfg.dataDir}"
${pkgs.coreutils}/bin/yes | ${taskwarriorCommand} sync init
fi
${taskwarriorCommand} '${cfg.query}' export \
| ${pkgs.jq}/bin/jq -r '.[] | @base64' | while read entry
do
echo $entry | base64 --decode | \
${pkgs.jq}/bin/jq '{
"token": "'`cat ${cfg.pushoverApiTokenFile}`'",
"user": "'`cat ${cfg.pushoverUserKeyFile}`'",
"titel": "taskwarrior",
message: .description
}' \
| ${pkgs.curl}/bin/curl -sS -X POST -H 'Content-Type: application/json' -d @- \
"https://api.pushover.net/1/messages.json"
done
${taskwarriorCommand} '${cfg.query}' export \
| ${pkgs.jq}/bin/jq -r '.[] | @base64' | while read entry
do
echo $entry | base64 --decode | \
${pkgs.jq}/bin/jq '{
"token": "'`cat ${cfg.pushoverApiTokenFile}`'",
"user": "'`cat ${cfg.pushoverUserKeyFile}`'",
"titel": "taskwarrior",
message: .description
}' \
| ${pkgs.curl}/bin/curl -sS -X POST -H 'Content-Type: application/json' -d @- \
"https://api.pushover.net/1/messages.json"
done
'';
};
systemd.timers.taskwarrior-pushover = {

22
nixos/modules/services/videoencoder.nix
View file

@ -30,7 +30,8 @@ let
fi
'';
in {
in
{
options.service.videoencoder = {
enable = mkEnableOption "enable service.videoencoder";
@ -91,14 +92,17 @@ in {
systemd.services."videoEncoding" = {
wantedBy = [ "multi-user.target" ];
enable = true;
script = let
myList = map (value:
createEncoder "/tmp/videoencoder" value.inputFile value.outputFile)
cfg.fileConfig;
in ''
set -x
${concatStringsSep "\n" myList}
'';
script =
let
myList = map
(value:
createEncoder "/tmp/videoencoder" value.inputFile value.outputFile)
cfg.fileConfig;
in
''
set -x
${concatStringsSep "\n" myList}
'';
};