aboutsummaryrefslogtreecommitdiff
path: root/nixos/modules
diff options
context:
space:
mode:
Diffstat (limited to 'nixos/modules')
-rw-r--r--nixos/modules/autounlock.nix30
-rw-r--r--nixos/modules/compile.nix24
-rw-r--r--nixos/modules/desktop.nix278
-rw-r--r--nixos/modules/develop.nix127
-rw-r--r--nixos/modules/gaming.nix23
-rw-r--r--nixos/modules/generic.nix153
-rw-r--r--nixos/modules/home-assistant.nix70
-rw-r--r--nixos/modules/hosts.nix18
-rw-r--r--nixos/modules/monitoring.nix127
-rw-r--r--nixos/modules/openvpn.nix18
-rw-r--r--nixos/modules/router.nix21
-rw-r--r--nixos/modules/syncthing.nix53
-rw-r--r--nixos/modules/wifi-client.nix11
13 files changed, 542 insertions, 411 deletions
diff --git a/nixos/modules/autounlock.nix b/nixos/modules/autounlock.nix
index 0458c7b..7f7c24e 100644
--- a/nixos/modules/autounlock.nix
+++ b/nixos/modules/autounlock.nix
@@ -1,13 +1,12 @@
-{ config, lib, pkgs, ... }:
-
-with lib;
-
-let
-
+{
+ config,
+ lib,
+ pkgs,
+ ...
+}:
+with lib; let
cnf = config.cynerd.autounlock;
-
in {
-
options = {
cynerd.autounlock = mkOption {
type = with types; attrsOf string;
@@ -17,24 +16,23 @@ in {
};
config = mkIf (cnf != {}) {
-
- environment.systemPackages = [ pkgs.luks-hw-password ];
+ environment.systemPackages = [pkgs.luks-hw-password];
boot.initrd = {
extraFiles."/luks-hw-password".source = pkgs.luks-hw-password;
- luks.devices = mapAttrs (name: value: {
+ luks.devices =
+ mapAttrs (name: value: {
device = value;
keyFile = "/keys/${name}.key";
fallbackToPassword = true;
preOpenCommands = ''
mkdir -p /keys
/luks-hw-password/bin/luks-hw-password > /keys/${name}.key
- '';
+ '';
postOpenCommands = ''
rm -rf /keys
- '';
- }) cnf;
+ '';
+ })
+ cnf;
};
-
};
-
}
diff --git a/nixos/modules/compile.nix b/nixos/modules/compile.nix
index ffa339f..6a6b7b2 100644
--- a/nixos/modules/compile.nix
+++ b/nixos/modules/compile.nix
@@ -1,9 +1,10 @@
-{ config, lib, pkgs, ... }:
-
-with lib;
-
{
-
+ config,
+ lib,
+ pkgs,
+ ...
+}:
+with lib; {
options = {
cynerd.compile = mkOption {
type = types.bool;
@@ -21,33 +22,32 @@ with lib;
aarch64-linux = {
fixBinary = true;
wrapInterpreterInShell = false;
- interpreter = (lib.systems.elaborate { system = "aarch64-linux"; }).emulator pkgs;
+ interpreter = (lib.systems.elaborate {system = "aarch64-linux";}).emulator pkgs;
magicOrExtension = "\\x7fELF\\x02\\x01\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x02\\x00\\xb7\\x00";
mask = "\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\x00\\xff\\xff\\xff\\xff\\xff\\xff\\x00\\xff\\xfe\\xff\\xff\\xff";
};
armv7l-linux = {
fixBinary = true;
wrapInterpreterInShell = false;
- interpreter = (lib.systems.elaborate { system = "armv7l-linux"; }).emulator pkgs;
+ interpreter = (lib.systems.elaborate {system = "armv7l-linux";}).emulator pkgs;
magicOrExtension = "\\x7fELF\\x01\\x01\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x02\\x00\\x28\\x00";
mask = "\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\x00\\xff\\xff\\xff\\xff\\xff\\xff\\x00\\xff\\xfe\\xff\\xff\\xff";
};
};
nix.settings.extra-platforms = [
- "aarch64-linux" "armv7l-linux"
+ "aarch64-linux"
+ "armv7l-linux"
];
environment.systemPackages = with pkgs; [
# Tools
- git bash
+ git
+ bash
#uroot
qemu
# Python
python3Packages.pip
-
];
-
};
-
}
diff --git a/nixos/modules/desktop.nix b/nixos/modules/desktop.nix
index 27beb04..e7c6ecc 100644
--- a/nixos/modules/desktop.nix
+++ b/nixos/modules/desktop.nix
@@ -1,12 +1,12 @@
-{ config, lib, pkgs, ... }:
-
-with lib;
-let
-
+{
+ config,
+ lib,
+ pkgs,
+ ...
+}:
+with lib; let
cnf = config.cynerd.desktop;
-
in {
-
options = {
cynerd.desktop = {
enable = mkOption {
@@ -25,106 +25,146 @@ in {
config = mkIf cnf.enable {
programs.sway.enable = true;
programs.sway.wrapperFeatures.gtk = true;
- programs.sway.extraPackages = with pkgs; [
- gnome.dconf-editor
- glib gsettings-desktop-schemas
- i3blocks sysstat
- wofi rofimoji wev
- swaybackground myswaylock
-
- alacritty
-
- kanshi wdisplays wayvnc wl-mirror
- slurp grim
- wf-recorder
- wl-clipboard wl-color-picker
- swayidle
- dunst libnotify
-
- isync msmtp notmuch astroid
- taskwarrior vdirsyncer khal khard
- gnupg pinentry-gnome pinentry-curses
- (pass.withExtensions (exts: [
- exts.pass-otp exts.pass-audit
- ]))
-
- firefox chromium
- ferdium signal-desktop
- libreoffice
- mupdf pdfgrep
-
- xdg-utils xdg-launch
- mesa-demos vulkan-tools
-
- pulsemixer
- mpd mpc-cli ncmpcpp
- feh shotwell id3lib
- vlc mpv youtube-dl
-
- nordic
- delft-icon-theme gnome.adwaita-icon-theme
- vanilla-dmz
- sound-theme-freedesktop
- gucharmap
-
- (sdcv.withDictionaries [ stardict-en-cz stardict-de-cz stardict-cz ])
-
- samba cifs-utils
-
- tigervnc freerdp
- plasma5Packages.kdeconnect-kde
-
- hdparm ethtool multipath-tools
- usb-modeswitch
- v4l-utils
-
- # Calculating
- python3Packages.numpy python3Packages.sympy python3Packages.matplotlib
-
- # Creation
- simple-scan
- audacity
- gimp inkscape
- blender
- kdenlive
-
- # GStreamer
- gst_all_1.gst-libav
- gst_all_1.gst-plugins-bad
- gst_all_1.gst-plugins-base
- gst_all_1.gst-plugins-good
- gst_all_1.gst-plugins-ugly
- gst_all_1.gst-plugins-viperfx
-
- # Latex
- texlive.combined.scheme-full
-
- # Gnome utils
- gnome-firmware
- gaphor
-
- # CAD
- freecad
- kicad-with-packages3d
- sweethome3d.application
- qelectrotech
-
- ] ++ (optionals cnf.laptop [
- # Power management
- powertop
- acpi
- ]);
+ programs.sway.extraPackages = with pkgs;
+ [
+ gnome.dconf-editor
+ glib
+ gsettings-desktop-schemas
+ i3blocks
+ sysstat
+ wofi
+ rofimoji
+ wev
+ swaybackground
+ myswaylock
+
+ alacritty
+
+ kanshi
+ wdisplays
+ wayvnc
+ wl-mirror
+ slurp
+ grim
+ wf-recorder
+ wl-clipboard
+ wl-color-picker
+ swayidle
+ dunst
+ libnotify
+
+ isync
+ msmtp
+ notmuch
+ astroid
+ taskwarrior
+ vdirsyncer
+ khal
+ khard
+ gnupg
+ pinentry-gnome
+ pinentry-curses
+ (pass.withExtensions (exts: [
+ exts.pass-otp
+ exts.pass-audit
+ ]))
+
+ firefox
+ chromium
+ ferdium
+ signal-desktop
+ libreoffice
+ mupdf
+ pdfgrep
+
+ xdg-utils
+ xdg-launch
+ mesa-demos
+ vulkan-tools
+
+ pulsemixer
+ mpd
+ mpc-cli
+ ncmpcpp
+ feh
+ shotwell
+ id3lib
+ vlc
+ mpv
+ youtube-dl
+
+ nordic
+ delft-icon-theme
+ gnome.adwaita-icon-theme
+ vanilla-dmz
+ sound-theme-freedesktop
+ gucharmap
+
+ (sdcv.withDictionaries [stardict-en-cz stardict-de-cz stardict-cz])
+
+ samba
+ cifs-utils
+
+ tigervnc
+ freerdp
+ plasma5Packages.kdeconnect-kde
+
+ hdparm
+ ethtool
+ multipath-tools
+ usb-modeswitch
+ v4l-utils
+
+ # Calculating
+ python3Packages.numpy
+ python3Packages.sympy
+ python3Packages.matplotlib
+
+ # Creation
+ simple-scan
+ audacity
+ gimp
+ inkscape
+ blender
+ kdenlive
+
+ # GStreamer
+ gst_all_1.gst-libav
+ gst_all_1.gst-plugins-bad
+ gst_all_1.gst-plugins-base
+ gst_all_1.gst-plugins-good
+ gst_all_1.gst-plugins-ugly
+ gst_all_1.gst-plugins-viperfx
+
+ # Latex
+ texlive.combined.scheme-full
+
+ # Gnome utils
+ gnome-firmware
+ gaphor
+
+ # CAD
+ freecad
+ kicad-with-packages3d
+ sweethome3d.application
+ qelectrotech
+ ]
+ ++ (optionals cnf.laptop [
+ # Power management
+ powertop
+ acpi
+ ]);
programs.vim.package = pkgs.vimHugeX;
programs.shellrc.desktop = true;
xdg.portal.enable = true;
xdg.portal.wlr.enable = true;
- xdg.portal.extraPortals = with pkgs; [ xdg-desktop-portal-gtk ];
+ xdg.portal.extraPortals = with pkgs; [xdg-desktop-portal-gtk];
xdg.mime.defaultApplications = {
- "text/html" = [ "firefox.desktop" ];
- "application/pdf" = [ "mupdf.desktop" ];
- "image/jpeg" = [ "feh.desktop" ];
- "image/png" = [ "feh.desktop" ];
- "image/svg" = [ "feh.desktop" ];
+ "text/html" = ["firefox.desktop"];
+ "application/pdf" = ["mupdf.desktop"];
+ "image/jpeg" = ["feh.desktop"];
+ "image/png" = ["feh.desktop"];
+ "image/svg" = ["feh.desktop"];
};
programs.usbkey = {
@@ -137,7 +177,7 @@ in {
enableSSHSupport = true;
enableBrowserSocket = true;
};
- services.dbus.packages = [ pkgs.gcr ];
+ services.dbus.packages = [pkgs.gcr];
programs.kdeconnect.enable = true;
@@ -148,7 +188,7 @@ in {
pulse.enable = true;
config.pipewire = {
context.modules = [
- { name = "libpipewire-module-zeroconf-discover"; }
+ {name = "libpipewire-module-zeroconf-discover";}
];
};
};
@@ -157,7 +197,8 @@ in {
services.printing = {
enable = true;
drivers = with pkgs; [
- gutenprint gutenprintBin
+ gutenprint
+ gutenprintBin
cnijfilter2
];
};
@@ -167,8 +208,8 @@ in {
enable = true;
discovery = true;
};
- networking.firewall.allowedTCPPorts = [ 5357 ];
- networking.firewall.allowedUDPPorts = [ 3702 ];
+ networking.firewall.allowedTCPPorts = [5357];
+ networking.firewall.allowedUDPPorts = [3702];
fonts.fonts = with pkgs; [
arkpandora_ttf
@@ -188,7 +229,7 @@ in {
services.udev.extraRules = ''
ACTION=="add|change", KERNEL=="sd*[!0-9]", ATTR{queue/scheduler}="bfq"
- '';
+ '';
hardware.opengl.driSupport = true;
hardware.opengl.driSupport32Bit = true;
@@ -224,7 +265,7 @@ in {
# Autologin on the first TTY
services.getty = {
- extraArgs = [ "--skip-login" ];
+ extraArgs = ["--skip-login"];
loginProgram = "${pkgs.bash}/bin/sh";
loginOptions = toString (pkgs.writeText "login-program.sh" ''
if [[ "$(tty)" == '/dev/tty1' ]]; then
@@ -238,8 +279,22 @@ in {
# VTI settings
console = {
colors = [
- "2e3440" "3b4252" "434c5e" "4c566a" "d8dee9" "e5e9f0" "eceff4" "8fbcbb"
- "88c0d0" "81a1c1" "5e81ac" "bf616a" "d08770" "ebcb8b" "a3be8c" "b48ead"
+ "2e3440"
+ "3b4252"
+ "434c5e"
+ "4c566a"
+ "d8dee9"
+ "e5e9f0"
+ "eceff4"
+ "8fbcbb"
+ "88c0d0"
+ "81a1c1"
+ "5e81ac"
+ "bf616a"
+ "d08770"
+ "ebcb8b"
+ "a3be8c"
+ "b48ead"
];
earlySetup = true;
useXkbConfig = true;
@@ -248,6 +303,5 @@ in {
services.gpm.enable = true;
services.locate.enable = true;
-
};
}
diff --git a/nixos/modules/develop.nix b/nixos/modules/develop.nix
index 2bf085f..c7ab1d2 100644
--- a/nixos/modules/develop.nix
+++ b/nixos/modules/develop.nix
@@ -1,11 +1,11 @@
-{ config, lib, pkgs, ... }:
-
-with lib;
-
-let
-
+{
+ config,
+ lib,
+ pkgs,
+ ...
+}:
+with lib; let
in {
-
options = {
cynerd.develop = mkOption {
type = types.bool;
@@ -19,7 +19,10 @@ in {
environment.enableDebugInfo = true;
environment.systemPackages = with pkgs; [
# Tools
- tig gource hub github-cli # Git
+ tig
+ gource
+ hub
+ github-cli # Git
wlc # Weblate
cloc
openssl
@@ -28,7 +31,9 @@ in {
# Nix
dev
- nix-prefetch-git nix-prefetch-github nix-prefetch-scripts
+ nix-prefetch-git
+ nix-prefetch-github
+ nix-prefetch-scripts
nix-universal-prefetch
rnix-lsp
cachix
@@ -36,50 +41,61 @@ in {
# Shell
dash # Posix shell
bats
- shellcheck shfmt
- jq yq
+ shellcheck
+ shfmt
+ jq
+ yq
# Python
- (python3.withPackages (pypkgs: with pypkgs; [
- ipython
-
- pytest pytest-html pytest-tap
- coverage
- python-lsp-black
- pylint pydocstyle
-
- mypy
-
- pygobject3
- pygraphviz matplotlib
-
- python-gitlab PyGithub
-
- schema
- jinja2
- ruamel-yaml
- msgpack
- urllib3 influxdb-client
-
- psycopg
-
- humanize rich
- lorem-text.pythonPackage
-
- pyserial pylibftdi
- pylxd
- selenium
-
- paho-mqtt
-
- ]))
+ (python3.withPackages (pypkgs:
+ with pypkgs; [
+ ipython
+
+ pytest
+ pytest-html
+ pytest-tap
+ coverage
+ python-lsp-black
+ pylint
+ pydocstyle
+
+ mypy
+
+ pygobject3
+ pygraphviz
+ matplotlib
+
+ python-gitlab
+ PyGithub
+
+ schema
+ jinja2
+ ruamel-yaml
+ msgpack
+ urllib3
+ influxdb-client
+
+ psycopg
+
+ humanize
+ rich
+ lorem-text.pythonPackage
+
+ pyserial
+ pylibftdi
+ pylxd
+ selenium
+
+ paho-mqtt
+ ]))
geckodriver
chromedriver
# Lua
- (lua5_1.withPackages (luapkgs: with luapkgs; [
- luacheck
- ]))
+ (lua5_1.withPackages (luapkgs:
+ with luapkgs; [
+ luacheck
+ ]))
# Ansible
ansible
@@ -93,7 +109,8 @@ in {
tftp-hpa
# Network
- iperf2 iperf3
+ iperf2
+ iperf3
wireshark
inetutils
@@ -107,7 +124,9 @@ in {
dfeet
# Documentation
- man-pages man-pages-posix linux-manual
+ man-pages
+ man-pages-posix
+ linux-manual
# SHV
shvspy
@@ -134,11 +153,13 @@ in {
virtualisation.lxc.enable = true;
virtualisation.libvirtd.enable = true;
- users.groups.develop = { };
+ users.groups.develop = {};
users.users.cynerd.extraGroups = [
- "docker" "lxd" "develop" "libvirtd" "wireshark"
+ "docker"
+ "lxd"
+ "develop"
+ "libvirtd"
+ "wireshark"
];
-
};
-
}
diff --git a/nixos/modules/gaming.nix b/nixos/modules/gaming.nix
index f61f85e..82a7335 100644
--- a/nixos/modules/gaming.nix
+++ b/nixos/modules/gaming.nix
@@ -1,12 +1,12 @@
-{ config, lib, pkgs, ... }:
-
-with lib;
-let
-
+{
+ config,
+ lib,
+ pkgs,
+ ...
+}:
+with lib; let
cnf = config.cynerd.gaming;
-
in {
-
options = {
cynerd.gaming = mkOption {
type = types.bool;
@@ -29,12 +29,11 @@ in {
};
nixpkgs.config.packageOverrides = pkgs: {
steam = pkgs.steam.override {
- extraPkgs = pkgs: with pkgs; [
- ncurses
- ];
+ extraPkgs = pkgs:
+ with pkgs; [
+ ncurses
+ ];
};
};
-
-
};
}
diff --git a/nixos/modules/generic.nix b/nixos/modules/generic.nix
index 121133f..25fcbde 100644
--- a/nixos/modules/generic.nix
+++ b/nixos/modules/generic.nix
@@ -1,13 +1,12 @@
-{ config, lib, pkgs, ... }:
-
-with lib;
-
-let
-
+{
+ config,
+ lib,
+ pkgs,
+ ...
+}:
+with lib; let
isNative = config.nixpkgs.crossSystem == null;
-
in {
-
config = {
system.stateVersion = "22.05";
@@ -23,7 +22,7 @@ in {
"thefloweringash-armv7.cachix.org-1:v+5yzBD2odFKeXbmC+OPWVqx4WVoIVO6UXgnSAWFtso="
"arm.cachix.org-1:K3XjAeWPgWkFtSS9ge5LJSLw3xgnNqyOaG7MDecmTQ8="
];
- trusted-users = [ "@wheel" ];
+ trusted-users = ["@wheel"];
};
registry = {
personal.to = {
@@ -40,52 +39,70 @@ in {
hardware.enableAllFirmware = true;
services.fwupd.enable = mkIf (pkgs.system == "x86_64-linux") true;
-
nixpkgs.config.allowUnfree = true;
- environment.systemPackages = with pkgs; [
- git # We need git for this repository to even work
- # Administration tools
- #coreutils moreutils binutils psmisc progress lshw file
- coreutils binutils psmisc progress lshw file vde2
- ldns wget
- gnumake
- exfat exfatprogs ntfs3g
- nix-index
- usbutils pciutils smartmontools
-
- # NCurses tools
- htop iotop #glances
- mc
- screen tmux
-
- # ls tools
- tree
- lsof
- strace
- #mlocate
-
- sourceHighlight # Colors for less
- unrar p7zip zip unzip
-
- # Network
- nmap netcat traceroute
- iftop nethogs
- # TODO add mdns
- sshfs
- wakeonlan
-
- lm_sensors
-
- ] ++ optionals (system == "x86_64-linux") [
- ltrace
- ] ++ optionals (!isNative) [
- ncdu_1
- ] ++ optionals (isNative) [
- moreutils
- glances
- ncdu
- mlocate
- ];
+ environment.systemPackages = with pkgs;
+ [
+ git # We need git for this repository to even work
+ # Administration tools
+ coreutils
+ binutils
+ psmisc
+ progress
+ lshw
+ file
+ vde2
+ ldns
+ wget
+ gnumake
+ exfat
+ exfatprogs
+ ntfs3g
+ nix-index
+ usbutils
+ pciutils
+ smartmontools
+
+ # NCurses tools
+ htop
+ iotop
+ mc
+ screen
+ tmux
+
+ # ls tools
+ tree
+ lsof
+ strace
+
+ sourceHighlight # Colors for less
+ unrar
+ p7zip
+ zip
+ unzip
+
+ # Network
+ nmap
+ netcat
+ traceroute
+ iftop
+ nethogs
+ sshfs
+ wakeonlan
+
+ lm_sensors
+ ]
+ ++ optionals (system == "x86_64-linux") [
+ ltrace
+ ]
+ ++ optionals (!isNative) [
+ ncdu_1
+ ]
+ ++ optionals isNative [
+ moreutils
+ glances
+ ncdu
+ mlocate
+ ];
users.mutableUsers = false;
users.groups.cynerd.gid = 1000;
@@ -97,11 +114,24 @@ in {
group = "cynerd";
extraGroups = ["users" "wheel" "dialout" "kvm" "uucp"];
uid = 1000;
- subUidRanges = [{ count = 65534; startUid = 10000; }];
- subGidRanges = [{ count = 65534; startGid = 10000; }];
+ subUidRanges = [
+ {
+ count = 65534;
+ startUid = 10000;
+ }
+ ];
+ subGidRanges = [
+ {
+ count = 65534;
+ startGid = 10000;
+ }
+ ];
isNormalUser = true;
createHome = true;
- shell = if isNative then pkgs.zsh.out else pkgs.bash.out;
+ shell =
+ if isNative
+ then pkgs.zsh.out
+ else pkgs.bash.out;
passwordFile = "/run/secrets/cynerd.pass";
openssh.authorizedKeys.keyFiles = [
(config.personal-secrets + "/unencrypted/git-private.pub")
@@ -113,7 +143,10 @@ in {
programs.vim.defaultEditor = mkDefault true;
security.sudo.extraRules = [
- { groups = [ "wheel" ]; commands = [ "ALL" ]; }
+ {
+ groups = ["wheel"];
+ commands = ["ALL"];
+ }
];
networking.dhcpcd.extraConfig = "controlgroup wheel";
environment.etc."dhcpcd.conf".text = "controlgroup wheel";
@@ -123,7 +156,7 @@ in {
time.timeZone = "Europe/Prague";
i18n.defaultLocale = "en_US.UTF-8";
- services.udev.packages = [
+ services.udev.packages = [
(pkgs.writeTextFile rec {
name = "bfq-drives.rules";
destination = "/etc/udev/rules.d/60-${name}";
@@ -140,7 +173,5 @@ in {
'';
programs.fuse.userAllowOther = true;
-
};
-
}
diff --git a/nixos/modules/home-assistant.nix b/nixos/modules/home-assistant.nix
index e4f2232..0f2df9e 100644
--- a/nixos/modules/home-assistant.nix
+++ b/nixos/modules/home-assistant.nix
@@ -1,18 +1,17 @@
-{ config, lib, pkgs, ... }:
-
-with lib;
-
-let
-
+{
+ config,
+ lib,
+ pkgs,
+ ...
+}:
+with lib; let
cnf = config.cynerd.home-assistant;
-
in {
options = {
cynerd.home-assistant = mkEnableOption "Enable Home Assistant and Bigclown";
};
config = mkIf cnf {
-
services.mosquitto = {
enable = true;
listeners = [
@@ -134,27 +133,31 @@ in {
};
services.telegraf.extraConfig = {
- outputs.influxdb_v2 = [{
- urls = ["http://errol:8086"];
- token = "$INFLUX_TOKEN";
- organization = "personal";
- bucket = "bigclown";
- tagpass.source = ["bigclown"];
- }];
+ outputs.influxdb_v2 = [
+ {
+ urls = ["http://errol:8086"];
+ token = "$INFLUX_TOKEN";
+ organization = "personal";
+ bucket = "bigclown";
+ tagpass.source = ["bigclown"];
+ }
+ ];
inputs.mqtt_consumer = let
consumer = data_type: topics: {
- tags = { source = "bigclown"; };
+ tags = {source = "bigclown";};
servers = ["tcp://localhost:1883"];
topics = topics;
username = "telegraf";
password = "$MQTT_PASSWORD";
data_format = "value";
data_type = data_type;
- topic_parsing = [{
- topic = "bigclown/node/+/+/+/+";
- measurement = "_/_/_/_/_/measurement";
- tags = "_/_/device/field/_/_";
- }];
+ topic_parsing = [
+ {
+ topic = "bigclown/node/+/+/+/+";
+ measurement = "_/_/_/_/_/measurement";
+ tags = "_/_/device/field/_/_";
+ }
+ ];
};
in [
(consumer "float" [
@@ -170,11 +173,13 @@ in {
"bigclown/node/+/flood-detector/+/alarm"
])
];
- processors.pivot = [{
- tag_key = "field";
- value_key = "value";
- tagpass.source = ["bigclown"];
- }];
+ processors.pivot = [
+ {
+ tag_key = "field";
+ value_key = "value";
+ tagpass.source = ["bigclown"];
+ }
+ ];
};
services.home-assistant = {
@@ -204,10 +209,11 @@ in {
};
extraComponents = [];
package = pkgs.home-assistant.override {
- extraPackages = pkgs: with pkgs; [
- securetar
- ];
- packageOverrides = (self: super: {
+ extraPackages = pkgs:
+ with pkgs; [
+ securetar
+ ];
+ packageOverrides = self: super: {
scapy = super.scapy.override {
withPlottingSupport = false;
};
@@ -215,10 +221,8 @@ in {
dontUsePytestCheck = true;
dontUseSetuptoolsCheck = true;
});
- });
+ };
};
};
-
};
-
}
diff --git a/nixos/modules/hosts.nix b/nixos/modules/hosts.nix
index ca9daa1..8a53578 100644
--- a/nixos/modules/hosts.nix
+++ b/nixos/modules/hosts.nix
@@ -1,18 +1,17 @@
-{ config, lib, pkgs, ... }:
-
-with lib;
-
-let
-
+{
+ config,
+ lib,
+ pkgs,
+ ...
+}:
+with lib; let
cnf = config.cynerd.hosts;
staticZoneOption = mkOption {
type = types.attrsOf types.str;
readOnly = true;
};
-
in {
-
options = {
cynerd.hosts = {
enable = mkOption {
@@ -62,7 +61,7 @@ in {
"3dprint" = "10.8.3.80";
"mpd" = "192.168.0.51";
# Portable
- "albert" ="10.8.3.61";
+ "albert" = "10.8.3.61";
"susan" = "10.8.3.62";
"binky" = "10.8.3.63";
};
@@ -100,5 +99,4 @@ in {
"${cnf.adm.mpd}" = ["mpd.adm"];
};
};
-
}
diff --git a/nixos/modules/monitoring.nix b/nixos/modules/monitoring.nix
index abeba2d..86a37e4 100644
--- a/nixos/modules/monitoring.nix
+++ b/nixos/modules/monitoring.nix
@@ -1,13 +1,13 @@
-{ config, lib, pkgs, ... }:
-
-with lib;
-
-let
-
-cnf = config.cynerd.monitoring;
-hostName = config.networking.hostName;
-isHost = cnf.host == hostName;
-
+{
+ config,
+ lib,
+ pkgs,
+ ...
+}:
+with lib; let
+ cnf = config.cynerd.monitoring;
+ hostName = config.networking.hostName;
+ isHost = cnf.host == hostName;
in {
options.cynerd.monitoring = {
enable = mkOption {
@@ -29,7 +29,7 @@ in {
};
config = mkMerge [
- { cynerd.monitoring.host = "errol"; }
+ {cynerd.monitoring.host = "errol";}
(mkIf cnf.enable {
# Telegraf configuration
@@ -38,53 +38,75 @@ in {
environmentFiles = ["/run/secrets/telegraf.env"];
extraConfig = {
agent = {};
- outputs.influxdb_v2 = [{
- urls = ["http://errol:8086"];
- token = "$INFLUX_TOKEN";
- organization = "personal";
- bucket = "monitoring";
- tagdrop.source = ["bigclown"]; # See home-assistant.nix
- }];
- inputs = {
- cpu = [{
- percpu = true;
- totalcpu = true;
- }];
- mem = [{}];
- swap = [{}];
- disk = [{
- ignore_fs = [
- "tmpfs" "devtmpfs" "devfs" "iso9660" "overlay" "aufs" "squashfs"
+ outputs.influxdb_v2 = [
+ {
+ urls = ["http://errol:8086"];
+ token = "$INFLUX_TOKEN";
+ organization = "personal";
+ bucket = "monitoring";
+ tagdrop.source = ["bigclown"]; # See home-assistant.nix
+ }
+ ];
+ inputs =
+ {
+ cpu = [
+ {
+ percpu = true;
+ totalcpu = true;
+ }
];
- }];
- diskio = [{}];
- net = [{}];
- system = [{}];
- processes = [{}];
- systemd_units = [{}];
- wireguard = [{}];
- } // (optionalAttrs cnf.hw {
- sensors = [{}];
- smart = [{
- path_smartctl = "${pkgs.smartmontools}/bin/smartctl";
- use_sudo = true;
- }];
- wireless = [{}];
- });
+ mem = [{}];
+ swap = [{}];
+ disk = [
+ {
+ ignore_fs = [
+ "tmpfs"
+ "devtmpfs"
+ "devfs"
+ "iso9660"
+ "overlay"
+ "aufs"
+ "squashfs"
+ ];
+ }
+ ];
+ diskio = [{}];
+ net = [{}];
+ system = [{}];
+ processes = [{}];
+ systemd_units = [{}];
+ wireguard = [{}];
+ }
+ // (optionalAttrs cnf.hw {
+ sensors = [{}];
+ smart = [
+ {
+ path_smartctl = "${pkgs.smartmontools}/bin/smartctl";
+ use_sudo = true;
+ }
+ ];
+ wireless = [{}];
+ });
};
};
- systemd.services.telegraf.path = with pkgs; [
- "/run/wrappers"
- ] ++ (optionals cnf.hw [
- lm_sensors smartmontools nvme-cli
- ]);
+ systemd.services.telegraf.path = with pkgs;
+ [
+ "/run/wrappers"
+ ]
+ ++ (optionals cnf.hw [
+ lm_sensors
+ smartmontools
+ nvme-cli
+ ]);
security.sudo.extraRules = [
{
users = ["telegraf"];
- commands = [{
- command = "${pkgs.smartmontools}/bin/smartctl";
- options = ["NOPASSWD"];
- }];
+ commands = [
+ {
+ command = "${pkgs.smartmontools}/bin/smartctl";
+ options = ["NOPASSWD"];
+ }
+ ];
}
];
})
@@ -112,6 +134,5 @@ in {
};
networking.firewall.allowedTCPPorts = [8086 3000];
})
-
];
}
diff --git a/nixos/modules/openvpn.nix b/nixos/modules/openvpn.nix
index d070cb2..ee62582 100644
--- a/nixos/modules/openvpn.nix
+++ b/nixos/modules/openvpn.nix
@@ -1,13 +1,12 @@
-{ config, lib, pkgs, ... }:
-
-with lib;
-
-let
-
+{
+ config,
+ lib,
+ pkgs,
+ ...
+}:
+with lib; let
cnf = config.cynerd.openvpn;
-
in {
-
options = {
cynerd.openvpn = {
personal = mkOption {
@@ -36,11 +35,10 @@ in {
oldpersonal = mkIf cnf.oldpersonal {
config = "config /run/secrets/old.ovpn";
};
- elektroline = mkIf cnf.elektroline {
+ elektroline = mkIf cnf.elektroline {
autoStart = false;
config = "config /run/secrets/elektroline.ovpn";
};
};
};
-
}
diff --git a/nixos/modules/router.nix b/nixos/modules/router.nix
index e65ef10..00a3c03 100644
--- a/nixos/modules/router.nix
+++ b/nixos/modules/router.nix
@@ -1,12 +1,12 @@
-{ config, lib, pkgs, ... }:
-
-with lib;
-let
-
+{
+ config,
+ lib,
+ pkgs,
+ ...
+}:
+with lib; let
cnf = config.cynerd.router;
-
in {
-
options = {
cynerd.router = {
enable = mkOption {
@@ -28,16 +28,14 @@ in {
};
config = mkIf cnf {
-
# TODO firewall NAT
networking = {
-
};
services.dhcpd4 = {
enable = true;
authoritative = true;
- interfaces = [ "brlan" ];
+ interfaces = ["brlan"];
extraConfig = ''
'';
};
@@ -45,7 +43,7 @@ in {
services.dhcpd6 = {
enable = true;
authoritative = true;
- interfaces = [ "brlan" ];
+ interfaces = ["brlan"];
extraConfig = ''
'';
};
@@ -53,6 +51,5 @@ in {
services.kresd = {
enable = true;
};
-
};
}
diff --git a/nixos/modules/syncthing.nix b/nixos/modules/syncthing.nix
index 44c1ac1..db8b6a8 100644
--- a/nixos/modules/syncthing.nix
+++ b/nixos/modules/syncthing.nix
@@ -1,28 +1,38 @@
-{ config, lib, pkgs, ... }:
-
+{
+ config,
+ lib,
+ pkgs,
+ ...
+}:
with builtins;
-with lib;
-
-let
-
+with lib; let
cnf = config.cynerd.syncthing;
hostName = config.networking.hostName;
allDevices = [
- "albert" "binky" "errol" "lipwig" "ridcully" "susan" "spt-omnia"
+ "albert"
+ "binky"
+ "errol"
+ "lipwig"
+ "ridcully"
+ "susan"
+ "spt-omnia"
];
mediaDevices = [
- "lipwig" "binky" "errol" "ridcully" "spt-omnia"
+ "lipwig"
+ "binky"
+ "errol"
+ "ridcully"
+ "spt-omnia"
];
bigStorageDevices = [
- "errol" "ridcully" "spt-omnia"
+ "errol"
+ "ridcully"
+ "spt-omnia"
];
filterDevice = folders: filterAttrs (n: v: any (d: d == hostName) v.devices) folders;
-
in {
-
options = {
cynerd.syncthing = {
-
enable = mkOption {
type = types.bool;
default = false;
@@ -34,13 +44,12 @@ in {
default = "/home/cynerd";
description = "Base directory for all folders being synced.";
};
-
};
};
config = mkIf cnf.enable {
services.syncthing = {
- enable = any (n: n == hostName) allDevices;
+ enable = any (n: n == hostName) allDevices;
user = mkDefault "cynerd";
key = "/run/secrets/syncthing/key.pem";
cert = "/run/secrets/syncthing/cert.pem";
@@ -101,15 +110,15 @@ in {
};
overrideDevices = true;
- devices = recursiveUpdate
- (genAttrs allDevices (name: {
- id = config.secrets.syncthingIDs."${name}";
- }))
- {
- lipwig.addresses = ["tcp://cynerd.cz"];
- };
+ devices =
+ recursiveUpdate
+ (genAttrs allDevices (name: {
+ id = config.secrets.syncthingIDs."${name}";
+ }))
+ {
+ lipwig.addresses = ["tcp://cynerd.cz"];
+ };
# TODO phone
};
};
-
}
diff --git a/nixos/modules/wifi-client.nix b/nixos/modules/wifi-client.nix
index af09155..fd0944a 100644
--- a/nixos/modules/wifi-client.nix
+++ b/nixos/modules/wifi-client.nix
@@ -1,9 +1,10 @@
-{ config, lib, pkgs, ... }:
-
-with lib;
-
{
-
+ config,
+ lib,
+ pkgs,
+ ...
+}:
+with lib; {
options = {
cynerd.wifiClient = mkOption {
type = types.bool;