diff --git a/hosts/fw.cloonar.com/configuration.nix b/hosts/fw.cloonar.com/configuration.nix index ad42652..293e8e4 100644 --- a/hosts/fw.cloonar.com/configuration.nix +++ b/hosts/fw.cloonar.com/configuration.nix @@ -37,6 +37,7 @@ # gaming ./modules/palworld.nix + ./modules/ark-survival-evolved.nix ./hardware-configuration.nix diff --git a/hosts/fw.cloonar.com/modules/ark-survival-evolved.nix b/hosts/fw.cloonar.com/modules/ark-survival-evolved.nix new file mode 100644 index 0000000..0ee6236 --- /dev/null +++ b/hosts/fw.cloonar.com/modules/ark-survival-evolved.nix @@ -0,0 +1,24 @@ +{ config, pkgs, ... }: + +{ + virtualisation.oci-containers.backend = "podman"; + virtualisation.oci-containers.containers = { + ark = { + image = "hermsi/ark-server:latest"; + autoStart = true; + environmentFiles = [ + config.sops.secrets.ark.path + ]; + volumes = [ + "/var/lib/ark/app:/app/" + "/var/lib/ark/backup:/home/steam/ARK-Backups" + ]; + extraOptions = [ + "--network=server" + "--ip=10.42.97.201" + ]; + }; + }; + + sops.secrets.ark = {}; +} diff --git a/hosts/fw.cloonar.com/modules/dhcp4.nix b/hosts/fw.cloonar.com/modules/dhcp4.nix index 9b5ecc3..4004939 100644 --- a/hosts/fw.cloonar.com/modules/dhcp4.nix +++ b/hosts/fw.cloonar.com/modules/dhcp4.nix @@ -117,16 +117,6 @@ } ]; reservations = [ - { - hw-address = "0a:0e:52:a2:f7:8e"; - ip-address = "10.42.101.20"; - server-hostname = "home-assistant.cloonar.com"; - } - { - hw-address = "36:2a:c9:26:d7:77"; - ip-address = "10.42.101.118"; - server-hostname = "git.cloonar.com"; - } ]; } { @@ -168,7 +158,7 @@ hostname = "ps5"; } { - hw-address = "bc:33:29:ed:24:f1"; + hw-address = "e4:2a:ac:32:3f:79"; ip-address = "10.42.99.13"; hostname = "xbox"; } @@ -177,6 +167,11 @@ ip-address = "10.42.99.14"; hostname = "switch"; } + { + hw-address = "f0:2f:9e:c1:74:72"; + ip-address = "10.42.99.21"; + hostname = "firetv-bedroom"; + } ]; } { @@ -221,97 +216,131 @@ } ]; reservations = [ + # need fixed ips for all shelly devices + # living room 1 - 14 + # 10.42.100.2 # bulb1 + # 10.42.100.3 # bulb2 + # 10.42.100.4 # bulb3 + # 10.42.100.5 # bulb4 + # 10.42.100.6 # bulb5 + # 10.42.100.7 # bulb6 + # 10.42.100.8 # piano + # 10.42.100.9 # switch + # 10.42.100.10 # steamdeck + # kitchen: + # 10.42.100.17 # coffee + # 10.42.100.18 # bar + # bedroom: + # 10.42.100.33 # switch + # 10.42.100.34 # button1 + # 10.42.100.35 # button2 + # 10.42.100.36 # readingled1 + # 10.42.100.37 # readingled2 + # 10.42.100.38 # bedled + # bath: + # 10.42.100.49 # switch + # 10.42.100.50 # bulb1 + # 10.42.100.51 # bulb2 + # 10.42.100.52 # smallswitch + # 10.42.100.53 # ht + # hallway: + # 10.42.100.65 # switch + # 10.42.100.66 # bulb1 + # 10.42.100.67 # bulb2 + # 10.42.100.68 # bulb3 + # 10.42.100.69 # bulb4 + # toilet: + # 10.42.100.81 # switch + # 10.42.100.82 # bulb + # storage: + # 10.42.100.97 # switch + { hw-address = "60:a4:23:97:4a:ec"; ip-address = "10.42.100.21"; - server-hostname = "shellymotionsensor-60A423974AEC.cloonar.com"; + server-hostname = "shellymotionsensor-60A423974AEC"; } { hw-address = "8c:aa:b5:61:6f:e2"; ip-address = "10.42.100.103"; - server-hostname = "ShellyBulbDuo-8CAAB5616FE2.cloonar.com"; + server-hostname = "ShellyBulbDuo-8CAAB5616FE2"; } { hw-address = "8c:aa:b5:61:6e:9e"; ip-address = "10.42.100.104"; - server-hostname = "ShellyBulbDuo-8CAAB5616E9E.cloonar.com"; + server-hostname = "ShellyBulbDuo-8CAAB5616E9E"; } { hw-address = "cc:50:e3:bc:27:64"; ip-address = "10.42.100.112"; - server-hostname = "Nuki_Bridge_1A753F72.cloonar.com"; - } - { - hw-address = "e8:db:84:aa:19:6d"; - ip-address = "10.42.100.116"; - server-hostname = "shellybutton1-E8DB84AA196D.cloonar.com"; + server-hostname = "Nuki_Bridge_1A753F72"; } { hw-address = "e8:db:84:a9:ea:be"; ip-address = "10.42.100.117"; - server-hostname = "ShellyBulbDuo-E8DB84A9EABE.cloonar.com"; + server-hostname = "ShellyBulbDuo-E8DB84A9EABE"; } { hw-address = "e8:db:84:a9:d1:8b"; ip-address = "10.42.100.119"; - server-hostname = "shellycolorbulb-E8DB84A9D18B.cloonar.com"; + server-hostname = "shellycolorbulb-E8DB84A9D18B"; } { hw-address = "3c:61:05:e5:96:e0"; ip-address = "10.42.100.120"; - server-hostname = "shellycolorbulb-3C6105E596E0.cloonar.com"; + server-hostname = "shellycolorbulb-3C6105E596E0"; } { hw-address = "e8:db:84:a9:d7:ef"; ip-address = "10.42.100.121"; - server-hostname = "shellycolorbulb-E8DB84A9D7EF.cloonar.com"; + server-hostname = "shellycolorbulb-E8DB84A9D7EF"; } { hw-address = "e8:db:84:aa:51:aa"; ip-address = "10.42.100.122"; - server-hostname = "shellycolorbulb-E8DB84AA51AA.cloonar.com"; + server-hostname = "shellycolorbulb-E8DB84AA51AA"; } { hw-address = "34:94:54:79:bc:57"; ip-address = "10.42.100.130"; - server-hostname = "shellycolorbulb-34945479bc57.cloonar.com"; + server-hostname = "shellycolorbulb-34945479bc57"; } { hw-address = "48:55:19:d9:a1:b2"; ip-address = "10.42.100.131"; - server-hostname = "shellycolorbulb-485519d9a1b2.cloonar.com"; + server-hostname = "shellycolorbulb-485519d9a1b2"; } { hw-address = "48:55:19:d9:ae:95"; ip-address = "10.42.100.132"; - server-hostname = "shellycolorbulb-485519d9ae95.cloonar.com"; + server-hostname = "shellycolorbulb-485519d9ae95"; } { hw-address = "48:55:19:d9:4a:28"; ip-address = "10.42.100.133"; - server-hostname = "shellycolorbulb-485519d94a28.cloonar.com"; + server-hostname = "shellycolorbulb-485519d94a28"; } { hw-address = "48:55:19:da:6b:6a"; ip-address = "10.42.100.134"; - server-hostname = "shellycolorbulb-485519da6b6a.cloonar.com"; + server-hostname = "shellycolorbulb-485519da6b6a"; } { hw-address = "48:55:19:d9:e0:18"; ip-address = "10.42.100.135"; - server-hostname = "shellycolorbulb-485519d9e018.cloonar.com"; + server-hostname = "shellycolorbulb-485519d9e018"; } { hw-address = "34:6f:24:f3:af:ad"; ip-address = "10.42.100.137"; - server-hostname = "daikin86604.cloonar.com"; + server-hostname = "daikin86604"; } { hw-address = "34:6f:24:c1:f8:54"; ip-address = "10.42.100.139"; - server-hostname = "daikin53800.cloonar.com"; + server-hostname = "daikin53800"; } ]; } diff --git a/hosts/fw.cloonar.com/modules/firewall.nix b/hosts/fw.cloonar.com/modules/firewall.nix index 129db77..62ca733 100644 --- a/hosts/fw.cloonar.com/modules/firewall.nix +++ b/hosts/fw.cloonar.com/modules/firewall.nix @@ -30,7 +30,8 @@ iifname lo accept iifname "wan" udp dport 51820 counter accept comment "Wireguard traffic" iifname { "server", "vserver", "lan", "wg_cloonar" } counter accept comment "allow trusted to router" - iifname { "multimedia", "smart" } udp dport { 53, 5353 } counter accept comment "DNS" + iifname { "multimedia", "smart", "infrastructure", "podman0" } udp dport { 53, 5353 } counter accept comment "DNS" + iifname { "wan", "multimedia" } icmp type { echo-request, destination-unreachable, time-exceeded } counter accept comment "Allow select ICMP" # Accept mDNS for avahi reflection iifname "server" ip saddr 10.42.97.20/32 tcp dport { llmnr } counter accept @@ -78,6 +79,7 @@ # smart home coap iifname "smart" oifname "server" ip daddr 10.42.97.20/32 udp dport { 5683 } counter accept + iifname "smart" oifname "server" ip daddr 10.42.97.20/32 tcp dport { 1883 } counter accept # Forward to git server oifname "server" ip daddr 10.42.97.50 tcp dport { 22, 80, 443 } counter accept @@ -91,6 +93,9 @@ # accept palword server iifname { "wan", "lan" } oifname "podman0" udp dport { 8211, 27015 } counter accept comment "palworld" + # forward to ark server + oifname "server" ip daddr 10.42.97.201 tcp dport { 27020 } counter accept comment "ark survival evolved" + oifname "server" ip daddr 10.42.97.201 udp dport { 7777, 7778, 27015 } counter accept comment "ark survival evolved" # allow all established, related ct state { established, related } accept comment "Allow established traffic" @@ -121,13 +126,16 @@ chain prerouting { type nat hook prerouting priority filter; policy accept; iifname "wan" tcp dport { 22, 80, 443 } dnat to 10.42.97.50 + iifname { "wan", "lan" } udp dport { 7777, 7778, 27015 } dnat to 10.42.97.201 + iifname { "wan", "lan" } tcp dport { 27020 } dnat to 10.42.97.201 } # Setup NAT masquerading on external interfaces chain postrouting { type nat hook postrouting priority filter; policy accept; oifname { "wan", "wg_cloonar", "wrwks", "wg_epicenter", "wg_ghetto_at" } masquerade - ip daddr 10.42.97.50 masquerade + iifname { "wan", "wg_cloonar" } ip daddr 10.42.97.50 masquerade + iifname { "wan", "wg_cloonar" } ip daddr 10.42.97.201 masquerade } ''; }; diff --git a/hosts/fw.cloonar.com/modules/home-assistant/3dprinter.nix b/hosts/fw.cloonar.com/modules/home-assistant/3dprinter.nix new file mode 100644 index 0000000..4e4e261 --- /dev/null +++ b/hosts/fw.cloonar.com/modules/home-assistant/3dprinter.nix @@ -0,0 +1,71 @@ +{ config, ... }: +let + unstable = import + (builtins.fetchTarball https://github.com/nixos/nixpkgs/tarball/nixpkgs-unstable) + # reuse the current configuration + { config = config.nixpkgs.config; }; +in { + services.home-assistant.customComponents = with unstable.home-assistant-custom-components; [ + moonraker + ]; + + services.home-assistant.config = { + sensor = [ + { + platform = "rest"; + name = "creality extruder"; + resource = "http://k1c-63e9.cloonar.smart:7125/printer/objects/query?extruder"; + value_template = "OK"; + json_attributes_path = "$.result.status.extruder"; + json_attributes = [ + "pressure_advance" + "power" + "target" + "temperature" + ]; + } + { + platform = "rest"; + name = "creality print stats"; + resource = "http://k1c-63e9.cloonar.smart:7125/printer/objects/query?print_stats"; + value_template = "OK"; + json_attributes_path = "$.result.status.print_stats"; + json_attributes = [ + "filename" + "total_duration" + "print_duration" + "filament_used" + "state" + "message" + ]; + } + { + platform = "template"; + sensors = { + crality_hotend_actual = { + friendly_name = "Hot End Actual"; + value_template = "{{ state_attr('sensor.creality_extruder', 'temperature') | float | round(1) }}"; + device_class = "temperature"; + unit_of_measurement = "°C"; + }; + }; + } + ]; + "automation 3d printer state" = { + alias = "3d printer state change"; + hide_entity = true; + trigger = [ + { + platform = "template"; + value_template = "{{ state_attr('sensor.creality_print_stats','state') == 'standby' }}"; + } + ]; + action = { + service = "notify.mobile_app_dominiks_iphone"; + data = { + message = "Printer status changed to {{ state_attr('sensor.creality_print_stats','state') }}"; + }; + }; + }; + }; +} diff --git a/hosts/fw.cloonar.com/modules/home-assistant/ac.nix b/hosts/fw.cloonar.com/modules/home-assistant/ac.nix index 1998e2c..7cdb55b 100644 --- a/hosts/fw.cloonar.com/modules/home-assistant/ac.nix +++ b/hosts/fw.cloonar.com/modules/home-assistant/ac.nix @@ -7,20 +7,33 @@ services.home-assistant.config = { sensor = [ { - name = "Living Room Window Handle"; + name = "Living Room Window Handle 2"; platform = "enocean"; id = [ 129 0 227 53 ]; device_class = "windowhandle"; } + { + name = "Living Room Window Handle 1"; + platform = "enocean"; + id = [ 129 0 229 8 ]; + device_class = "windowhandle"; + } ]; "automation ac_livingroom" = { alias = "ac_livingroom"; hide_entity = true; - trigger = { - platform = "state"; - entity_id = "sensor.windowhandle_living_room_window_handle"; - to = [ "open" "tilt" ]; - }; + trigger = [ + { + platform = "state"; + entity_id = "sensor.windowhandle_living_room_window_handle_1"; + to = [ "open" "tilt" ]; + } + { + platform = "state"; + entity_id = "sensor.windowhandle_living_room_window_handle_2"; + to = [ "open" "tilt" ]; + } + ]; action = { service = "climate.set_hvac_mode"; target = { diff --git a/hosts/fw.cloonar.com/modules/home-assistant/default.nix b/hosts/fw.cloonar.com/modules/home-assistant/default.nix index 4529ee4..93e82dc 100644 --- a/hosts/fw.cloonar.com/modules/home-assistant/default.nix +++ b/hosts/fw.cloonar.com/modules/home-assistant/default.nix @@ -66,9 +66,11 @@ in }; config = { lib, config, pkgs, ... }: { imports = [ + ./3dprinter.nix ./ac.nix # ./aeg.nix ./battery.nix + ./electricity.nix ./enocean.nix ./ldap.nix ./light.nix @@ -77,6 +79,7 @@ in ./notify.nix ./pc.nix ./pushover.nix + ./presense.nix ./roborock.nix ./scene-switch.nix ./sleep.nix @@ -201,8 +204,18 @@ in ]; }; - users.users.hass.extraGroups = [ "dialout" ]; + services.mosquitto = { + enable = true; + listeners = [ + { + acl = [ "pattern readwrite #" ]; + omitPasswordAuth = true; + settings.allow_anonymous = true; + } + ]; + }; + users.users.hass.extraGroups = [ "dialout" ]; system.stateVersion = "23.05"; }; }; diff --git a/hosts/fw.cloonar.com/modules/home-assistant/electricity.nix b/hosts/fw.cloonar.com/modules/home-assistant/electricity.nix new file mode 100644 index 0000000..d71ee79 --- /dev/null +++ b/hosts/fw.cloonar.com/modules/home-assistant/electricity.nix @@ -0,0 +1,28 @@ +{ config, ... }: +let + unstable = import + (builtins.fetchTarball https://github.com/nixos/nixpkgs/tarball/nixpkgs-unstable) + # reuse the current configuration + { config = config.nixpkgs.config; }; +in { + services.home-assistant.customComponents = with unstable.home-assistant-custom-components; [ + epex_spot + ]; + + services.home-assistant.config = { + sensor = [ + { + platform = "template"; + sensors = { + electricity_price = { + friendly_name = "Current Price of electricity"; + unit_of_measurement = "EUR/kWh"; + value_template = '' + {{ (((states('sensor.epex_spot_data_price') | int ) / 1000) + (0.0149 + 0.0053 + 0.00866)) | float }} + ''; + }; + }; + } + ]; + }; +} diff --git a/hosts/fw.cloonar.com/modules/home-assistant/multimedia.nix b/hosts/fw.cloonar.com/modules/home-assistant/multimedia.nix index 47c95e4..ea55f50 100644 --- a/hosts/fw.cloonar.com/modules/home-assistant/multimedia.nix +++ b/hosts/fw.cloonar.com/modules/home-assistant/multimedia.nix @@ -11,15 +11,22 @@ name = "xbox"; platform = "ping"; host = "xbox.cloonar.multimedia"; - count = 1; - scan_interval = 2; + count = 2; + scan_interval = 5; } { name = "ps5"; platform = "ping"; host = "ps5.cloonar.multimedia"; - count = 1; - scan_interval = 2; + count = 2; + scan_interval = 5; + } + { + name = "steamdeck"; + platform = "ping"; + host = "steamdeck.cloonar.com"; + count = 2; + scan_interval = 5; } { platform = "template"; @@ -28,7 +35,7 @@ friendly_name = "Any multimedia device on"; device_class = "connectivity"; value_template = '' - {% if is_state('binary_sensor.ps5', 'on') or is_state('binary_sensor.xbox', 'on') or states('media_player.fire_tv_firetv_living_cloonar_multimedia') != 'off' %} + {% if is_state('binary_sensor.ps5', 'on') or is_state('binary_sensor.xbox', 'on') or (states('media_player.fire_tv_firetv_living_cloonar_multimedia') != 'off' and states('media_player.fire_tv_firetv_living_cloonar_multimedia') != 'unavailable') or (is_state('binary_sensor.steamdeck', 'on') and (states('sensor.steamdeck_power') | float > 5)) %} on {% else %} off @@ -80,6 +87,25 @@ # }; # }; # }; + "automation steamdeck on" = { + alias = "steamdeck on"; + hide_entity = true; + trigger = { + platform = "template"; + value_template = "{% if is_state('binary_sensor.steamdeck', 'on') and (states('sensor.steamdeck_power') | float > 5) %}true{% endif %}"; + }; + action = [ + { + service = "denonavr.get_command"; + target = { + entity_id = "media_player.marantz_sr6015"; + }; + data = { + command = "/goform/formiPhoneAppDirect.xml?SIDVD"; + }; + } + ]; + }; "automation xbox on" = { alias = "xbox on"; hide_entity = true; @@ -90,26 +116,14 @@ }; action = [ { - service = "media_player.select_source"; + service = "denonavr.get_command"; target = { entity_id = "media_player.marantz_sr6015"; }; data = { - source = "Xbox"; + command = "/goform/formiPhoneAppDirect.xml?SIGAME"; }; } - # { - # delay = 5; - # } - # { - # service = "denonavr.get_command"; - # target = { - # entity_id = "media_player.marantz_sr6015"; - # }; - # data = { - # command = "/goform/formiPhoneAppDirect.xml?PWSTANDBY"; - # }; - # } ]; }; "automation firetv on" = { @@ -258,29 +272,188 @@ } ]; }; - # "automation multimedia input" = { - # hide_entity = true; - # trigger = { - # platform = "state"; - # entity_id = "sensor.computer_power"; - # }; - # condition = { - # condition = "and"; - # conditions = [ - # { - # condition = "numeric_state"; - # entity_id = "sensor.computer_power"; - # below = 15; - # } - # "{{ (as_timestamp(now()) - as_timestamp(states.switch.computer.last_changed)) > 300 }}" - # ]; - # }; - # action = { - # service = "switch.turn_off"; - # target = { - # entity_id = [ "switch.computer" ]; - # }; - # }; - # }; + "automation bedroom tv off" = { + alias = "bedroom tv off"; + hide_entity = true; + trigger = { + platform = "state"; + entity_id = "media_player.fire_tv_firetv_bedroom_cloonar_multimedia"; + to = "off"; + }; + action = [ + { + service = "media_player.turn_off"; + target = { + entity_id = "media_player.samsung_7_series_55"; + }; + } + ]; + }; + "automation multimedia scene switch" = { + trigger = { + platform = "state"; + entity_id = "sensor.computer_power"; + }; + condition = { + condition = "state"; + entity_id = "binary_sensor.multimedia_device_on"; + state = "on"; + }; + action = [ + { + choose = [ + { + conditions = [ + { + condition = "state"; + entity_id = "media_player.android_tv_metz_cloonar_multimedia"; + state = "on"; + } + ]; + sequence = [ + { + service = "remote.send_command"; + target = { + entity_id = "remote.rmproplus"; + }; + data = { + num_repeats = 1; + delay_secs = 0.4; + hold_secs = 0; + command = "b64:sQs0AB0JCxsLGx0IHQgLGh0ICxoLGx0JCxodCQobCxoLAAEXHQgdCR0JCxodCQsbCxsLGx0JCxoAAAAA"; + }; + } + { + delay = 1; + } + { + service = "remote.send_command"; + target = { + entity_id = "remote.rmproplus"; + }; + data = { + num_repeats = 1; + delay_secs = 0.4; + hold_secs = 0; + command = "b64:sgAQAhgMGAwZCwcdGQsHHQcdBx0ZCwcdGQsHHQcdGQsZCwcdGQwGHgYeGAwYDAYeBx0GHgcAARgZCxkMGAwGHhkLBh4HHQYeGQsHHRkLBx0GHhkLGQsHHhgMBh4GHhgMGAwGHgcdBh4GAAEZGQwYDBgMBx0YDAYeBx0GHhgMBx0ZCwcdBx0ZCxkMBh4YDAYeBh4YDBgMBh4GHgcdBgABGhgMGAwYDAYeGQsHHQYeBh4YDAYeGAwHHQcdGQwYDAYeGAwGHgYeGAwYDAYeBh4HHQcAARkYDBgMGAwGHhkLBx0HHQcdGQsHHRkMBh0HHRkMGAwGHhgMBh4HHRkLGAwHHQcdBx0HAAEZGAwZCxkLBx0ZDAYdBx0HHRkMBh0ZDAYeBh4YDBgMBh4ZCwcdBx0ZCxkMBh0HHQcdBwABGRkLGQwYDAYeGAwGHgYeBh0ZDAYeGAwHHQcdGQsZDAYdGQwGHQcdGQsZDAYdBx4GHgYAARkZDBgNFwwHHRkMBh0HHQcdGQsHHRkNBR8FHhgMGAwGHRkMBh4GHhkLGA0FHwYdBx4GAAEaGAsZDBgMBh8XDAYeBh4GHhg1EwwGHgcdGAwZDAYeGAwGHgYeGAsZDAYeBh4GHQcAARkZCxkMGAwGHhgMBh4GHgYeGQsHHRgMBx0HHRkLGQwGHhgMBh4GHhkLGQsHHQcdBx0HAAEZGQsYDRgPBAAF3AAAAAAAAAAA"; + }; + } + { + delay = 1; + } + # TODO turn on beamer + { + service = "media_player.turn_off"; + target = { + entity_id = "media_player.android_tv_metz_cloonar_multimedia"; + }; + } + ]; + } + { + conditions = [ + { + condition = "or"; + conditions = [ + { + condition = "state"; + entity_id = "media_player.android_tv_metz_cloonar_multimedia"; + state = "off"; + } + { + condition = "state"; + entity_id = "media_player.android_tv_metz_cloonar_multimedia"; + state = "unavailable"; + } + ]; + } + ]; + sequence = [ + { + service = "remote.send_command"; + target = { + entity_id = "remote.rmproplus"; + }; + data = { + num_repeats = 1; + delay_secs = 0.4; + hold_secs = 0; + command = "b64:sQs0AB0JCxsLGx0IHQgLGh0ICxoLGx0JCxodCQobCxoLAAEXHQgdCR0JCxodCQsbCxsLGx0JCxoAAAAA"; + }; + } + { + delay = 1; + } + { + service = "remote.send_command"; + target = { + entity_id = "remote.rmproplus"; + }; + data = { + num_repeats = 1; + delay_secs = 0.4; + hold_secs = 0; + command = "b64:sgBqAgkaBBoJCRsJHBoKGgoJGgQaCQkaBAgbGwoIHAgcGwkJGwgAARkbCRsJGwkJGgQaCgkaBAgbCRsbCQkbGwkJGgQIGxwJGwkJGxsJCRwIHBoKCBsECBsbCAQIGwkAARgbChoKGgoJGxsJCRoECBsJHBsJCRoEGgkJGwkcGgobCQkbGwkJGwkbGwoIHAkbGwkJGwkAARgbCRsJGwoIGxwJCRsJGwkbGwoIGxwIChoKGhwJGwkJHBsJCRsJGxsJCRsJHBsJCRsJAAEYGwkbCRsKCBscCQkbCRsJGxsJCRwbCQkbCRsbCRsJCRscCQgcCRocCQkbCRsbCQobCQABGBsJGwkbCQkbHAkJGwkbCRsbCQkbGwoJGwkbGwkbCQkbGwoIHAkbGwkJGgobGwkKGwkAARccCRsJGwkJHBsJCRsJGwkbGwkJGxsKCRsIHBsJGwkJGxsKCRoJGxwJCRsJGxsJChsIAAEZGwgcCRsJCRscCQkbCRsJGhwJCRscCQkaChsbCRsJCRscCQgcCRocCQkbCRsbCggcCQABGBsJGwkbCggcGwkJGwkbCRsbCggcGgoJGwkbGwkbCggcGwkJGwkbGwkJHAgcGwkJGwkAARgbChoKGgoJGhwJCRsJGwkcGgoJGxsJCRsJGxsJHAkJGxsJCRsJGhwJCRwJGhwJCRsJAAEYGwoaChsJCRsbCQkaChsJGxwJCRsbCQkbCRsbChsJCRsbCQkbCRsbCgkbCRsbCQkcCAABFwQaChsJGwkJGxsKCBwIHAgcGwkJGxsKCBwIGwQaCRsJCRwaCggcCBwbCQkbCRwaCggcCAAF3AAAAAAAAAAAAAAAAAAA"; + }; + } + ]; + # TODO turn off beamer + } + { + conditions = [ + { + condition = "state"; + entity_id = "media_player.android_tv_metz_cloonar_multimedia"; + state = "off"; + } + ]; + sequence = [ + { + service = "media_player.turn_on"; + target = { + entity_id = "media_player.android_tv_metz_cloonar_multimedia"; + }; + } + ]; + } + { + conditions = [ + { + condition = "state"; + entity_id = "media_player.android_tv_metz_cloonar_multimedia"; + state = "unavailable"; + } + ]; + sequence = [ + { + service = "remote.send_command"; + target = { + entity_id = "remote.rmproplus"; + }; + data = { + num_repeats = 1; + delay_secs = 0.4; + hold_secs = 0; + command = "b64:JgBOAJaSFREVNRU2FTUVERURFRAVERURFTUVNhU1FREVERUQFREVERUQFTYVNRURFREVEBURFTYVNRURFRAVNhU1FTYVNRUABfmWkhURFQANBQAAAAAAAAAAAAA="; + }; + } + ]; + } + ]; + } + { + delay = 5; + } + { + service = "androidtv.adb_command"; + target = { + entity_id = "media_player.android_tv_metz_cloonar_multimedia"; + }; + data = { + command = "adb shell am start -a android.intent.action.VIEW -d content://android.media.tv/passthrough/com.mediatek.tvinput%2F.hdmi.HDMIInputService%2FHDMI100004"; + }; + } + ]; + }; }; } diff --git a/hosts/fw.cloonar.com/modules/home-assistant/presense.nix b/hosts/fw.cloonar.com/modules/home-assistant/presense.nix new file mode 100644 index 0000000..02279b6 --- /dev/null +++ b/hosts/fw.cloonar.com/modules/home-assistant/presense.nix @@ -0,0 +1,138 @@ +{ + services.home-assistant.extraComponents = [ + "daikin" + "enocean" + ]; + + services.home-assistant.config = { + "automation presense kitchen" = { + alias = "presense kitchen"; + mode = "restart"; + trigger = { + platform = "state"; + entity_id = [ + "sensor.presense_kitchen" + ]; + }; + action = [ + { + choose = [ + { + conditions = [ "{{ trigger.to_state.state == \"\" }}" ]; + sequence = [ + ]; + } + { + conditions = [ "{{ trigger.to_state.state != \"\" }}" ]; + sequence = [ + { + service = "light.turn_on"; + entity_id = "light.kitchen_lights"; + } + ]; + } + ]; + } + ]; + }; + sensor = [ + { + platform = "mqtt_room"; + device_id = "dominiksiphone"; + name = "Dominiks iPhone"; + state_topic = "espresense/devices/dominiksiphone"; + timeout = 10; + away_timeout = 120; + } + { + platform = "template"; + sensors = { + presense_devices = { + friendly_name = "Presense Devices"; + value_template = "dominiks_iphone"; + }; + }; + } + { + platform = "template"; + sensors = { + presense_livingroom = { + friendly_name = "Presense Livingroom"; + value_template = '' + {% set room = "livingroom" %} + {% set presense = namespace(list=[]) %} + {% set presense_list = [] %} + {% set device_list = states('sensor.presense_devices').split(',') %} + {% for device in device_list %} + {% if is_state('sensor.' + device, room) %} + {% set presense.list = presense.list + [device] %} + {% endif %} + {% endfor %} + {{ presense.list | join("") }} + ''; + }; + }; + } + { + platform = "template"; + sensors = { + presense_kitchen = { + friendly_name = "Presense Kitchen"; + value_template = '' + {% set room = "kitchen" %} + {% set presense = namespace(list=[]) %} + {% set presense_list = [] %} + {% set device_list = states('sensor.presense_devices').split(',') %} + {% for device in device_list %} + {% if is_state('sensor.' + device, room) %} + {% set presense.list = presense.list + [device] %} + {% endif %} + {% endfor %} + {{ presense.list | join("") }} + ''; + }; + }; + } + { + platform = "template"; + sensors = { + presense_hallway = { + friendly_name = "Presense Hallway"; + value_template = '' + {% set room = "hallway" %} + {% set presense = namespace(list=[]) %} + {% set presense_list = [] %} + {% set device_list = states('sensor.presense_devices').split(',') %} + {% for device in device_list %} + {% if is_state('sensor.' + device, room) %} + {% set presense.list = presense.list + [device] %} + {% endif %} + {% endfor %} + {{ presense.list | join("") }} + ''; + }; + }; + } + { + platform = "template"; + sensors = { + presense_bedroom = { + friendly_name = "Presense Bedroom"; + value_template = '' + {% set room = "bedroom" %} + {% set presense = namespace(list=[]) %} + {% set presense_list = [] %} + {% set device_list = states('sensor.presense_devices').split(',') %} + {% for device in device_list %} + {% if is_state('sensor.' + device, room) %} + {% set presense.list = presense.list + [device] %} + {% endif %} + {% endfor %} + {{ presense.list | join("") }} + ''; + }; + }; + } + ]; + }; +} diff --git a/hosts/fw.cloonar.com/modules/home-assistant/sleep.nix b/hosts/fw.cloonar.com/modules/home-assistant/sleep.nix index 80f7757..d12c25a 100644 --- a/hosts/fw.cloonar.com/modules/home-assistant/sleep.nix +++ b/hosts/fw.cloonar.com/modules/home-assistant/sleep.nix @@ -4,10 +4,8 @@ alias = "wakeup"; hide_entity = true; trigger = { - platform = "template"; - value_template = '' - {{ now().timestamp() | timestamp_custom('%H:%M') == (as_timestamp(strptime(states('sensor.bedtime_alarm'), "%H:%M")) - 1800) | timestamp_custom('%H:%M', false) }} - ''; + platform = "time"; + at = "input_datetime.wakeup"; }; action = { service_template = "switch.turn_on"; diff --git a/hosts/fw.cloonar.com/modules/omada.nix b/hosts/fw.cloonar.com/modules/omada.nix index c1eb85d..bd72f5a 100644 --- a/hosts/fw.cloonar.com/modules/omada.nix +++ b/hosts/fw.cloonar.com/modules/omada.nix @@ -12,7 +12,7 @@ virtualisation = { oci-containers.containers = { omada = { - autoStart = false; + autoStart = true; image = "mbentley/omada-controller:5.9"; volumes = [ "/var/lib/omada/data:/opt/tplink/EAPController/data" @@ -21,6 +21,7 @@ extraOptions = [ "--network=server" "--mac-address=1a:c4:04:6e:29:bd" + "--ip=10.42.97.2" ]; }; }; diff --git a/hosts/fw.cloonar.com/modules/unbound.nix b/hosts/fw.cloonar.com/modules/unbound.nix index 0534102..c6a84eb 100644 --- a/hosts/fw.cloonar.com/modules/unbound.nix +++ b/hosts/fw.cloonar.com/modules/unbound.nix @@ -3,10 +3,7 @@ let cids = import ../modules/staticids.nix; domain = "ns.cloonar.com"; cfg = { - remote-control = { - control-enable = true; - control-use-cert = false; - }; + remote-control.control-enable = true; server = { interface = [ "0.0.0.0" "::0" ]; interface-automatic = "yes"; @@ -19,7 +16,7 @@ let "10.42.101.0/24 allow" "0.0.0.0/0 allow" ]; - tls-cert-bundle = "/var/lib/acme/ns.cloonar.com/fullchain.pem"; + # tls-cert-bundle = "/var/lib/acme/ns.cloonar.com/fullchain.pem"; local-zone = "\"cloonar.com\" transparent"; local-data = [ "\"localhost A 127.0.0.1\"" @@ -73,19 +70,55 @@ let "\"upgrade-staging.wienbautvor.at IN A 10.254.240.110\"" "\"upgrade-staging.wienwohntbesser.at IN A 10.254.240.110\"" + "\"deconz.cloonar.multimedia IN A 10.42.97.22\"" "\"metz.cloonar.multimedia IN A 10.42.99.10\"" - "\"ps5.cloonar.multimedia IN A 10.42.99.12\"" + # "\"ps5.cloonar.multimedia IN A 10.42.99.12\"" "\"xbox.cloonar.multimedia IN A 10.42.99.13\"" - "\"switch.cloonar.multimedia IN A 10.42.99.14\"" - - "\"shellycolorbulb-34945479bc57.cloonar.com IN A 10.42.100.130\"" - "\"shellycolorbulb-485519d9a1b2.cloonar.com IN A 10.42.100.131\"" - "\"shellycolorbulb-485519d9ae95.cloonar.com IN A 10.42.100.132\"" - "\"shellycolorbulb-485519d94a28.cloonar.com IN A 10.42.100.133\"" - "\"shellycolorbulb-485519da6b6a.cloonar.com IN A 10.42.100.134\"" - "\"shellycolorbulb-485519d9e018.cloonar.com IN A 10.42.100.135\"" - + # "\"switch.cloonar.multimedia IN A 10.42.99.14\"" + #living room + "\"shellycolorbulb-livingroom-1.cloonar.smart IN A 10.42.100.2\"" + "\"shellycolorbulb-livingroom-2.cloonar.smart IN A 10.42.100.3\"" + "\"shellycolorbulb-livingroom-3.cloonar.smart IN A 10.42.100.4\"" + "\"shellycolorbulb-livingroom-4.cloonar.smart IN A 10.42.100.5\"" + "\"shellycolorbulb-livingroom-5.cloonar.smart IN A 10.42.100.6\"" + "\"shellycolorbulb-livingroom-6.cloonar.smart IN A 10.42.100.7\"" + "\"shellyuni-livingroom-1.cloonar.smart IN A 10.42.100.8\"" + "\"shellyswitch25-livingroom-1.cloonar.smart IN A 10.42.100.9\"" + "\"shellyplug-s-living-1.cloonar.smart IN A 10.42.100.10\"" + "\"shellyplug-s-living-2.cloonar.smart IN A 10.42.100.11\"" + # kitchen + "\"shellyplug-s-kitchen-1.cloonar.smart IN A 10.42.100.17\"" + "\"shellyrgbw2-kitchen-1.cloonar.smart IN A 10.42.100.18\"" + #bedroom + "\"shelly1-bedroom-1.cloonar.smart IN A 10.42.100.33\"" + "\"shellybutton1-bedroom-1.cloonar.smart IN A 10.42.100.34\"" + "\"shellybutton1-bedroom-2.cloonar.smart IN A 10.42.100.35\"" # todo + "\"shellyrgbw2-bedroom-1.cloonar.smart IN A 10.42.100.36\"" + "\"shellyrgbw2-bedroom-2.cloonar.smart IN A 10.42.100.37\"" + "\"shellyrgbw2-bedroom-3.cloonar.smart IN A 10.42.100.38\"" + # bath + "\"shellyswitch25-bath-1.cloonar.smart IN A 10.42.100.49\"" + "\"shellybulbduo-bath-1.cloonar.smart IN A 10.42.100.50\"" + "\"shellybulbduo-bath-2.cloonar.smart IN A 10.42.100.51\"" + "\"shelly1pm-bath-1.cloonar.smart IN A 10.42.100.52\"" + "\"shellyht-bath-1.cloonar.smart IN A 10.42.100.53\"" # todo + # hallway + "\"shelly1-hallway-1.cloonar.smart IN A 10.42.100.65\"" + "\"shellycolorbulb-hallway-1.cloonar.smart IN A 10.42.100.66\"" + "\"shellycolorbulb-hallway-2.cloonar.smart IN A 10.42.100.67\"" + "\"shellycolorbulb-hallway-3.cloonar.smart IN A 10.42.100.68\"" + "\"shellycolorbulb-hallway-4.cloonar.smart IN A 10.42.100.69\"" + "\"shellyem3.cloonar.smart IN A 10.42.100.70\"" + "\"shellypro-1.cloonar.smart IN A 10.42.100.71\"" + "\"shellypro-2.cloonar.smart IN A 10.42.100.72\"" + # toilet + "\"shelly1-toilet-1.cloonar.smart IN A 10.42.100.81\"" + "\"shellybulbduo-toilet-1.cloonar.smart IN A 10.42.100.82\"" + # storage + "\"shelly1-storage-1.cloonar.smart IN A 10.42.100.97\"" + "\"ddl-warez.to IN A 172.67.184.30\"" + "\"cdnjs.cloudflare.com IN A 104.17.24.14\"" ]; local-data-ptr = [ "\"127.0.0.1 localhost\"" @@ -102,7 +135,9 @@ let "\"10.254.240.110 a.stage.wohnservice-wien.at\"" "\"172.67.184.30 ddl-warez.to\"" + "\"104.17.24.14 cdnjs.cloudflare.com\"" ]; + # ssl-upstream = "yes"; }; forward-zone = [ { @@ -137,12 +172,14 @@ let } { name = "."; + # forward-addr = "104.16.248.249@853#cloudflare-dns.com"; forward-addr = [ - # "10.44.96.1" - # "9.9.9.9#dns11.quad9.net" - # "149.112.112.112#dns11.quad9.net" + # "9.9.9.9@853#dns9.quad9.net" + # "149.112.112.11@853#dns11.quad9.net" + # "9.9.9.9@853" + # "149.112.112.11@853" "9.9.9.9" - "149.112.112.112" + "149.112.112.11" ]; } ]; @@ -204,19 +241,20 @@ in { if [[ "''\$2" == "A" ]] ; then echo ''\${address} | while IFS=. read -r ip0 ip1 ip2 ip3 do - if [[ "''\${hostname}" != "" ]] && [[ "''\${hostname}" != *. ]]; then - if [[ "''\${ip2}" == 96 ]]; then - unbound-control local_data ''\${hostname}.cloonar.com ''\$2 ''\${address} - fi - if [[ "''\${ip2}" == 97 ]]; then - unbound-control local_data ''\${hostname}.cloonar.com ''\$2 ''\${address} - fi + if [[ "''\${hostname}" != "" ]]; then + domain=cloonar.com if [[ "''\${ip2}" == 99 ]]; then - unbound-control local_data ''\${hostname}.cloonar.multimedia ''\$2 ''\${address} + domain=cloonar.multimedia fi if [[ "''\${ip2}" == 100 ]]; then - unbound-control local_data ''\${hostname}.cloonar.smart ''\$2 ''\${address} + domain=cloonar.smart fi + if [[ "''\${hostname}" != *. ]]; then + unbound-control local_data ''\${hostname}.''\${domain} ''\$2 ''\${address} + else + unbound-control local_data ''\${hostname}''\${domain} ''\$2 ''\${address} + fi + fi unbound-control local_data ''\${ip3}.''\${ip2}.''\${ip1}.''\${ip0}.ip4.arpa. PTR ''\${hostname} unbound-control local_data ''\${ip3}.''\${ip2}.''\${ip1}.''\${ip0}.in-addr.arpa. PTR ''\${hostname} diff --git a/hosts/fw.cloonar.com/secrets.yaml b/hosts/fw.cloonar.com/secrets.yaml index 1287f97..c4b479d 100644 --- a/hosts/fw.cloonar.com/secrets.yaml +++ b/hosts/fw.cloonar.com/secrets.yaml @@ -10,7 +10,8 @@ gitea-runner-token: ENC[AES256_GCM,data:Nd0vsnuJficsdZaqeBZXa9vD7PLMdDtV9sMX0TxU drone: ENC[AES256_GCM,data:S8WTZqGHfcdpSojavZ87GdE5dagcTAdHBVQEbHHgnB4V7aczS6c5QdEJxK920Pjpf6o54OOQYniVsPiiXSxwjExDKPzhs/DG2hfigmf8RgfkP+3tF2W0KiPmV2jxog8w226ZKnI+hSBs8tuIfJBhrpY7Y/YNmTPfq+cnnLS8ibYqytcpzoogI9I8THzHCu3r+yejoGSyTMs9L4gPhOjz5aK4UV6V,iv:zqN/aSBI3xGGNDnpHPGyQnQP2YZOGUk6dAGtON/QlHU=,tag:o9YFDKAB5uR9lPmChyxB8g==,type:str] home-assistant-ldap: ENC[AES256_GCM,data:uZEPbSnkgQYSd8ev6FD8TRHWWr+vusadtMcvP7KKL2AZAV0h1hga5fODN6I5u0DNL9hq2pNM+FwU0E/svWLRww==,iv:IhmUgSu34NaAY+kUZehx40uymydUYYAyte1aGqQ33/8=,tag:BKFCJPr7Vz4EG78ry/ZD7g==,type:str] home-assistant-secrets.yaml: ENC[AES256_GCM,data:m7uOVo7hPk/RmqqRS6y7NKoMKsR9Bdi1ntatsZdDOAbJMjZmZL2FgPEHi/zF73zCfRfTOca3dwpulR3WXZ9Ic1sbUIggmusJMg4Gellw1CUhx7SbQN5nieAbPbB9GVxMuV4OakD1u7Swz8JggDT6IwojSnuD5omCRCyUH1wvKB+Re59q6EStderlm5MJNVFlVrbKVbLKLcw4yRgTh34BGnTTjcJmgSlQjO1ciu2B7YQmdl0Fw6d8AdbEzgB5TFG5ONc85UhJDE8Wlw==,iv:GCtpcVChN2UMWtfnWURozCfVj2YbRPqp/bH4Jjntybs=,tag:pcxP7gTBtXMNT5iyW5YXTw==,type:str] -palworld: ENC[AES256_GCM,data:93LMjHr7zEI67ZDHNr/MErZ+EIey8YccvemvwVbnql7WaJ3ynMMkowmJALCwsD8DfvHqSSLzR1Uz3roIx3FEhBBhiAXY0uDEvuvlG3LB4XS2FefTnuDAxyRKe9S8E7zMH3U5lYEMFhmXdkH3ctXqhZWdB0aSXJesAQQ00EC3igMfezS2fa8=,iv:2Nd+PoCtNhTypGs2iAzFEZ8XTusFtvCDwCqyh9mn+D8=,tag:yVJ6bfU8YnKza0l3+b+stg==,type:str] +palworld: ENC[AES256_GCM,data:rdqChPt4gSJHS1D60+HJ+4m5mg35JbC+pOmevK21Y95QyAIeyBLVGhRYlOaUcqdZM2e4atyTTSf6z4nHsm539ddCbW7J2DCdF5PQkrAGDmmdTVq+jyJAT8gTrbXXCglT1wvFYY5dbf2NKA4ASJIA8bdVNuwRZU0CtFiishzLuc9m8ZcGCNwQ/+xkMZgkUAHYRlEJAZyMpXR6KkFftiR05JRAFczD4N7GXPPe+vyvgXg7QBGtf20Qd4SGBUw0zI/SNTRmifHUuc4Z6+Fe9JHgvTc3uFcTMVnty0fEuL+a29liaVdAFq8BnqJfc5CNV401ZSUeMbG41lCn1cegP/WChs9J6HXNrhWDgiXa6ln++NoKcfOHIfZVbYOCoOxFR6+YWeBU2+sHmdwI9j5XQf5Ly2hmg12j0Ds2Cn8k4PG5aQP+HT2bedqyxwSt6fi97A0Osnh4ig7+DzYAjSNLewbYLzVdK39VdvB9hqLto+yFS3gAaeYOHwPwtqa+COI85c55lHiyKHlSwPhBqYaaiDu00lQTUzq9R5vz6F/l+T3bUjuna5RryUu8yhnk5DyK834KycTOg4ETcZTqro6prfiEBxc+Utsc9JvEtZgwFv6fsVLOu7nHxuiYuvseZ4YA8LlYdwPJboMPO2XsuhwWtT1uz/rh2orH7/vsXvzA/kF8NFemWBEMVLYA8byC5ze8doiGDYp4T5AAf10nJB1ceQ==,iv:gs78fxhvo9KlTaR5nzs12/LdgPChSFPHD2k4VQp3ARo=,tag:lpWBOi9xh2cWkS+71KD/UQ==,type:str] +ark: ENC[AES256_GCM,data:YYGyzoVIKI9Ac1zGOr0BEpd3fgBsvp1hSwAvfO07/EQdg8ufMWUkNvqNHDKN62ZK5A1NnY3JTA1p4gyZ4ryQeAOsbwqU1GSk2YKHFyPeEnpLz/Ml82KMsv7XPGXuKRXZ4v3UcLu0R8k1Q0gQsMWo4FjCs3FF5mVtJG/YWxxbCYHoBLJ/di5p0DgjuFgJBQknYBpuLzr+yIoeqEyN7XcGYAJO53trEJuOOxLILULifkqISHjZ66i5F1fHW0iUdRbmeWV4aOAeOrsQqXYv,iv:gJwV5ip84zHqpU0l0uESfWWOtcgihMvEEdLaeI+twcU=,tag:sy8udVQsKxV/jOqwhJmWAg==,type:str] sops: kms: [] gcp_kms: [] @@ -35,8 +36,8 @@ sops: Tlo3NHBlMkJEaXNOZkxSKytGSDNEMWcKquNuAzbPWwAjqc65BcAA/DMltFjC6Ayb CKmJ7kaYFFUAIuBXhksvlH2b7vRZLT1QlwqUcRIRjxe+mZnsMIqE7w== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-02-09T22:05:20Z" - mac: ENC[AES256_GCM,data:6vieCZv+E6wHG+vkTg6V+fzuGlRBG91sWUrfIvAY1qSZ7sm1OdRsEhnjCJXnYwO8FCHx/GZRZDJqmDl6Iz21tbGQkul8rn3VV0qgslBWEHYCvKiULVfa78Ep3uDEu3Mqtsr3dNbQS6faTPNgpZIVFdZZzcKJfoaQVzzS98fJEno=,iv:pKpRATCTAe6zTXC7fl9uh6NIB+BKtdxOmfa+j7wftWU=,tag:4PYkA3ILTgHcj5HjOCeFgQ==,type:str] + lastmodified: "2024-04-30T23:51:24Z" + mac: ENC[AES256_GCM,data:joDgRM3f4Faimhx/kU3YZmcaouuWlkyr5AniEWGzAsWkipp5XjIJ10gQ7nnu7zhVfTnwJCNoamjdkoAMfeINY6LK/QCVXIxr4821nqlhLbQfKlZYlEei4ryy1sXmW/n2uhV5rHJqmSo/OKfqGmdRY6heCefseNXDETfxj86NN0s=,iv:rAIspyGn7IFzXUuZZEPEuBnwRMOwBWwycXPiMXtDEKY=,tag:RISzmjUiV+fR6PUcz9PVDw==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.8.1 diff --git a/hosts/nb-01.cloonar.com/channel b/hosts/nb-01.cloonar.com/channel new file mode 100644 index 0000000..425c774 --- /dev/null +++ b/hosts/nb-01.cloonar.com/channel @@ -0,0 +1 @@ +https://channels.nixos.org/nixos-24.05 diff --git a/hosts/nb-01.cloonar.com/configuration.nix b/hosts/nb-01.cloonar.com/configuration.nix index 8e843ce..e61786f 100644 --- a/hosts/nb-01.cloonar.com/configuration.nix +++ b/hosts/nb-01.cloonar.com/configuration.nix @@ -94,13 +94,6 @@ in { displayManager.sessionPackages = [ pkgs.sway ]; displayManager.defaultSession = "sway"; libinput.enable = true; - desktopManager.gnome = { - enable = true; - extraGSettingsOverrides = '' - [org.gnome.desktop.interface] - gtk-theme='Dracula' - ''; - }; }; # Set your time zone. @@ -150,19 +143,6 @@ in { ]; }; - services.postgresql = { - enable = true; - ensureUsers = [ - { - name = "dominik"; - ensurePermissions = { - "DATABASE \"zammad\"" = "ALL PRIVILEGES"; - }; - } - ]; - ensureDatabases = [ "zammad" ]; - }; - system.stateVersion = "22.11"; # Did you read the comment? security.polkit.enable = true; diff --git a/hosts/nb-01.cloonar.com/modules/nvim/config/copilot.lua b/hosts/nb-01.cloonar.com/modules/nvim/config/copilot.lua new file mode 100644 index 0000000..e69de29 diff --git a/hosts/nb-01.cloonar.com/modules/nvim/default.nix b/hosts/nb-01.cloonar.com/modules/nvim/default.nix index b07d7d7..7a6f51b 100644 --- a/hosts/nb-01.cloonar.com/modules/nvim/default.nix +++ b/hosts/nb-01.cloonar.com/modules/nvim/default.nix @@ -25,6 +25,10 @@ cmp-treesitter cmp-vsnip comment-nvim + copilot-vim + copilot-lua + copilot-cmp + CopilotChat-nvim dracula-vim friendly-snippets gitsigns-nvim @@ -37,11 +41,11 @@ nvim-colorizer-lua nvim-lspconfig nvim-tree-lua - nvim-ts-rainbow pkgs.vimPlugins.nvim-treesitter.withAllGrammars # (nvim-treesitter.withPlugins (_: pkgs.tree-sitter.allGrammars)) plenary-nvim project-nvim + rainbow-delimiters-nvim telescope-fzf-native-nvim telescope-nvim todo-comments-nvim diff --git a/hosts/nb-01.cloonar.com/modules/sway/sway.conf b/hosts/nb-01.cloonar.com/modules/sway/sway.conf index 2d398a7..b944954 100644 --- a/hosts/nb-01.cloonar.com/modules/sway/sway.conf +++ b/hosts/nb-01.cloonar.com/modules/sway/sway.conf @@ -308,6 +308,7 @@ exec dunst #exec --no-startup-id swaybg -c "#000000" -m fill -i ~/.config/wallpaper/wot.jpg # exec --no-startup-id gnome-keyring-daemon --start --components=pkcs11,secrets,ssh exec 'sleep 2; swaymsg workspace $ws8; swaymsg layout tabbed' +exec mako --default-timeout=5000 # wallpaper output eDP-1 scale 1.5 @@ -340,8 +341,8 @@ set $laptop_screen 'eDP-1' # Clamshell mode or lock & sleep # This is a if/else statement: [ outputs_count == 1 ] && true || false -bindswitch --locked lid:on exec '[ $(swaymsg -t get_outputs | grep name | wc -l) == 1 ] && ($sleep) || swaymsg output $laptop_screen disable' -#bindswitch --locked lid:on exec 'swaymsg output $laptop_screen disable' +# bindswitch --locked lid:on exec '[ $(swaymsg -t get_outputs | grep name | wc -l) == 1 ] && ($sleep) || swaymsg output $laptop_screen disable' +bindswitch --locked lid:on exec 'swaymsg output $laptop_screen disable' bindswitch --locked lid:off output $laptop_screen enable # disable xwayland diff --git a/hosts/nb-01.cloonar.com/modules/sway/sway.nix b/hosts/nb-01.cloonar.com/modules/sway/sway.nix index e1c1fc8..92c90d2 100644 --- a/hosts/nb-01.cloonar.com/modules/sway/sway.nix +++ b/hosts/nb-01.cloonar.com/modules/sway/sway.nix @@ -18,6 +18,7 @@ let }; sway-conf = builtins.readFile ./sway.conf + cfg.additionalConfig; + unstable = import { config = { allowUnfree = true; }; }; in { imports = [ ./social.nix @@ -40,16 +41,28 @@ in { hardware.sane.enable = true; hardware.pulseaudio.enable = false; + virtualisation.virtualbox.host.enable = true; + users.extraGroups.vboxusers.members = [ "dominik" ]; + services.gnome.gnome-keyring.enable = true; environment.systemPackages = with pkgs; [ alsaUtils apache-directory-studio bitwarden + bitwarden-cli + rofi-rbw-wayland brave cryptomator - dbeaver + chromium + + unstable.cura + freecad + openscad + + dbeaver-bin dbus-sway-environment + ddev dracula-theme firefox foot @@ -60,10 +73,14 @@ in { gnome.seahorse gnome3.adwaita-icon-theme grim + hunspell + hunspellDicts.de_DE + hunspellDicts.en_US jmeter libreoffice librewolf mako + mqttui networkmanagerapplet nextcloud-client onlyoffice-bin diff --git a/hosts/web-01.cloonar.com/configuration.nix b/hosts/web-01.cloonar.com/configuration.nix index 2df995b..16a9c9a 100644 --- a/hosts/web-01.cloonar.com/configuration.nix +++ b/hosts/web-01.cloonar.com/configuration.nix @@ -9,6 +9,7 @@ ./modules/bitwarden ./modules/zammad ./modules/authelia + ./modules/collabora.nix # ./modules/nextcloud ./modules/rustdesk.nix ./modules/postgresql.nix @@ -28,26 +29,26 @@ ./sites/autoconfig.cloonar.com.nix - ./sites/api.optiprot.eu.nix + # ./sites/api.optiprot.eu.nix ./sites/cloonar.com.nix ./sites/gbv-aktuell.at.nix ./sites/matomo.cloonar.com.nix - ./sites/optiprot.eu.nix + # ./sites/optiprot.eu.nix # ./sites/paraclub.at.nix # ./sites/api.paraclub.at.nix # ./sites/tandem.paraclub.at.nix # ./sites/module.paraclub.at.nix - ./sites/api.optiprot.cloonar.dev.nix + # ./sites/api.optiprot.cloonar.dev.nix ./sites/cloonar.dev.nix ./sites/paraclub.cloonar.dev.nix ./sites/api.paraclub.cloonar.dev.nix ./sites/tandem.paraclub.cloonar.dev.nix ./sites/module.paraclub.cloonar.dev.nix ./sites/gbv-aktuell.cloonar.dev.nix - ./sites/optiprot.cloonar.dev.nix - ./sites/mehr-leistbaren-wohnraum-schaffen.at.nix - ./sites/mehr-leistbaren-wohnraum-schaffen.cloonar.dev.nix + # ./sites/optiprot.cloonar.dev.nix + # ./sites/mehr-leistbaren-wohnraum-schaffen.at.nix + # ./sites/mehr-leistbaren-wohnraum-schaffen.cloonar.dev.nix ]; nixpkgs.config.permittedInsecurePackages = [ diff --git a/hosts/web-01.cloonar.com/modules/collabora.nix b/hosts/web-01.cloonar.com/modules/collabora.nix new file mode 100644 index 0000000..da679af --- /dev/null +++ b/hosts/web-01.cloonar.com/modules/collabora.nix @@ -0,0 +1,66 @@ +{ config, ... }: +{ + #Collabora Containers + virtualisation.oci-containers.containers.collabora = { + image = "docker.io/collabora/code:latest"; + ports = [ "9980:9980/tcp" ]; + environment = { + server_name = "code.cloonar.com"; + aliasgroup1 = "https://cloud.cloonar.com:443"; + dictionaries = "en_US"; + extra_params = "--o:ssl.enable=false --o:ssl.termination=true"; + }; + extraOptions = [ + "--pull=newer" + ]; + }; + + services.nginx.virtualHosts.${config.virtualisation.oci-containers.containers.collabora.environment.server_name} = { + enableACME = true; + forceSSL = true; + + extraConfig = '' + # static files + location ^~ /browser { + proxy_pass http://127.0.0.1:9980; + proxy_set_header Host $host; + } + + # WOPI discovery URL + location ^~ /hosting/discovery { + proxy_pass http://127.0.0.1:9980; + proxy_set_header Host $host; + } + + # Capabilities + location ^~ /hosting/capabilities { + proxy_pass http://127.0.0.1:9980; + proxy_set_header Host $host; + } + + # main websocket + location ~ ^/cool/(.*)/ws$ { + proxy_pass http://127.0.0.1:9980; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + proxy_set_header Host $host; + proxy_read_timeout 36000s; + } + + # download, presentation and image upload + location ~ ^/(c|l)ool { + proxy_pass http://127.0.0.1:9980; + proxy_set_header Host $host; + } + + # Admin Console websocket + location ^~ /cool/adminws { + proxy_pass http://127.0.0.1:9980; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + proxy_set_header Host $host; + proxy_read_timeout 36000s; + } + ''; + }; +} diff --git a/raspberry/README.md b/raspberry/README.md index fd52e33..75a761c 100644 --- a/raspberry/README.md +++ b/raspberry/README.md @@ -2,3 +2,8 @@ - change hostname in sd-card.nix - add wifi psk - nix-build '' -A config.system.build.sdImage -I nixos-config=./sd-card.nix --argstr system aarch64-linux + +# raspberry Pi Zero Mutliroom audio client +- change hostname in sd-card-zero.nix +- add wifi psk +- nix-build '' -A config.system.build.sdImage -I nixos-config=./sd-card-zero.nix --argstr system aarch64-linux diff --git a/raspberry/sd-card-zero.nix b/raspberry/sd-card-zero.nix index c4604b8..8bc28a0 100644 --- a/raspberry/sd-card-zero.nix +++ b/raspberry/sd-card-zero.nix @@ -5,14 +5,14 @@ ... }: let - hostName = "music-"; - outputDevice = "Headphones"; + hostName = "music-bedroom"; snapserverHost = "snapcast.cloonar.com"; in { nixpkgs.crossSystem.system = "aarch64-linux"; imports = [ + ]; networking.hostName = hostName; @@ -21,25 +21,95 @@ in networks = { "Cloonar-Multimedia" = { hidden = true; - psk = "K2MC28Zhk$4zsx6Y"; + psk = ""; }; }; }; boot = { + # loader.grub.enable = false; + # loader.raspberryPi.enable = true; + # loader.raspberryPi.version = 3; loader.raspberryPi.firmwareConfig = '' dtparam=audio=on ''; - extraModprobeConfig = '' - options snd_bcm2835 enable_headphones=1 - ''; }; - # hardware.raspberry-pi."4" = { - # fkms-3d.enable = true; - # audio.enable = true; - # dwc2.enable = true; - # }; + hardware.deviceTree.filter = "bcm2710-rpi-zero-2-w.dtb"; + hardware.deviceTree = { + enable = true; + overlays = [ + { + name = "hifiberry-dacplus"; + dtsText = '' + /dts-v1/; + /plugin/; + + / { + compatible = "brcm,bcm2710,bcm2837"; + + fragment@0 { + target-path = "/"; + __overlay__ { + dacpro_osc: dacpro_osc { + compatible = "hifiberry,dacpro-clk"; + #clock-cells = <0>; + }; + }; + }; + + fragment@1 { + target = <&i2s>; + __overlay__ { + status = "okay"; + }; + }; + + fragment@2 { + target = <&i2c1>; + __overlay__ { + #address-cells = <1>; + #size-cells = <0>; + status = "okay"; + + pcm5122@4d { + #sound-dai-cells = <0>; + compatible = "ti,pcm5122"; + reg = <0x4d>; + clocks = <&dacpro_osc>; + AVDD-supply = <&vdd_3v3_reg>; + DVDD-supply = <&vdd_3v3_reg>; + CPVDD-supply = <&vdd_3v3_reg>; + status = "okay"; + }; + hpamp: hpamp@60 { + compatible = "ti,tpa6130a2"; + reg = <0x60>; + status = "disabled"; + }; + }; + }; + + fragment@3 { + target = <&sound>; + hifiberry_dacplus: __overlay__ { + compatible = "hifiberry,hifiberry-dacplus"; + i2s-controller = <&i2s>; + status = "okay"; + }; + }; + + __overrides__ { + 24db_digital_gain = + <&hifiberry_dacplus>,"hifiberry,24db_digital_gain?"; + slave = <&hifiberry_dacplus>,"hifiberry-dacplus,slave?"; + leds_off = <&hifiberry_dacplus>,"hifiberry-dacplus,leds_off?"; + }; + }; + ''; + } + ]; + }; sound.enable = true; @@ -51,7 +121,7 @@ in serviceConfig = { Type = "forking"; - ExecStart = "${pkgs.snapcast}/bin/snapclient --daemon --hostID ${config.networking.hostName} -h ${snapserverHost} --player alsa -s ${outputDevice}"; + ExecStart = "${pkgs.snapcast}/bin/snapclient --daemon --hostID ${config.networking.hostName} -h ${snapserverHost} --player alsa"; PIDFile = "/run/snapclient/pid"; Restart = "on-failure"; RestartSec = "5s";