From 0ac30a51902d034ebac88b225f4e7d432f7b755b Mon Sep 17 00:00:00 2001 From: Dominik Polakovics Date: Mon, 28 Apr 2025 10:40:44 +0200 Subject: [PATCH 1/7] fix: electricity pricing --- hosts/fw/modules/home-assistant/electricity.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/fw/modules/home-assistant/electricity.nix b/hosts/fw/modules/home-assistant/electricity.nix index 482de06..bf92b52 100644 --- a/hosts/fw/modules/home-assistant/electricity.nix +++ b/hosts/fw/modules/home-assistant/electricity.nix @@ -18,7 +18,7 @@ in { friendly_name = "Current Price of electricity"; unit_of_measurement = "EUR/kWh"; value_template = '' - {{ (((states('sensor.epex_spot_data_price') | int ) / 1000) + (0.0149 + 0.053 + 0.00866)) | float }} + {{ ((states('sensor.epex_spot_data_price') | int ) + (0.0149 + 0.074 + 0.007 + 0.0074 + 0.0006)) | float }} ''; }; }; From c8e3542fe87618fc1b2ea92552b1f8d5331f6a1c Mon Sep 17 00:00:00 2001 From: Dominik Polakovics Date: Mon, 28 Apr 2025 10:41:06 +0200 Subject: [PATCH 2/7] feat: add cloonar assistant config server --- hosts/fw/configuration.nix | 1 + .../cloonar-assistant-config-server.nix | 47 +++++++++++++++++++ 2 files changed, 48 insertions(+) create mode 100644 hosts/fw/modules/cloonar-assistant-config-server.nix diff --git a/hosts/fw/configuration.nix b/hosts/fw/configuration.nix index f1fa1f7..193a412 100644 --- a/hosts/fw/configuration.nix +++ b/hosts/fw/configuration.nix @@ -24,6 +24,7 @@ ./modules/podman.nix ./modules/omada.nix ./modules/ddclient.nix + ./modules/cloonar-assistant-config-server.nix # ./modules/wol.nix diff --git a/hosts/fw/modules/cloonar-assistant-config-server.nix b/hosts/fw/modules/cloonar-assistant-config-server.nix new file mode 100644 index 0000000..20717b3 --- /dev/null +++ b/hosts/fw/modules/cloonar-assistant-config-server.nix @@ -0,0 +1,47 @@ +{ + lib, + pkgs, + ... +}: let + users = [ + { + username = "ca-test"; + key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGzJRWe8hsqAVnGSjPrcheloteWMzORoQ5Gj4IfhCROF"; + } + ]; +in { + imports = builtins.map create_users users; + environment.etc = { + # our single user+key file + "cloonar_assistant_ssh/sftp_users_keys" = { + text = lib.concatStringsSep "\n" + (map (u: "${u.username} ${u.key}") users); + mode = "0600"; + owner = "root"; + group = "root"; + }; + + # the little awk script to extract the key for $1 + "ssh/sftp-fetch-key.sh" = { + text = '' + #!/usr/bin/env bash + awk -v u="$1" '$1==u { $1=""; sub(/^ +/, ""); print }' /etc/cloonar_assistant_ssh/sftp_users_keys + ''; + mode = "0700"; + owner = "root"; + group = "root"; + }; + }; + + services.openssh.extraConfig = '' + Match Exec "/bin/grep -qE '^%u[[:space:]]' /etc/cloonar_assistant_ssh/sftp_users_keys" + X11Forwarding no + AllowTcpForwarding no + ChrootDirectory %h + ForceCommand internal-sftp + + # ← only for those matched users: + AuthorizedKeysCommand /etc/cloonar_assistant_ssh/sftp-fetch-key.sh %u + AuthorizedKeysCommandUser root + ''; +} From e4eb5c80fc70113c6aa1951b3a4bb863787a0de9 Mon Sep 17 00:00:00 2001 From: Dominik Polakovics Date: Mon, 28 Apr 2025 10:54:03 +0200 Subject: [PATCH 3/7] fix: create the config files for ca config server the right way --- .../fw/modules/cloonar-assistant-config-server.nix | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/hosts/fw/modules/cloonar-assistant-config-server.nix b/hosts/fw/modules/cloonar-assistant-config-server.nix index 20717b3..d229c8f 100644 --- a/hosts/fw/modules/cloonar-assistant-config-server.nix +++ b/hosts/fw/modules/cloonar-assistant-config-server.nix @@ -10,14 +10,13 @@ } ]; in { - imports = builtins.map create_users users; environment.etc = { # our single user+key file "cloonar_assistant_ssh/sftp_users_keys" = { text = lib.concatStringsSep "\n" (map (u: "${u.username} ${u.key}") users); mode = "0600"; - owner = "root"; + user = "root"; group = "root"; }; @@ -28,16 +27,22 @@ in { awk -v u="$1" '$1==u { $1=""; sub(/^ +/, ""); print }' /etc/cloonar_assistant_ssh/sftp_users_keys ''; mode = "0700"; - owner = "root"; + user = "root"; group = "root"; }; }; + systemd.tmpfiles.rules = map (u: + # Type 'd' = create directory if missing + # Mode 0755, owner root:root + "d /home/cloonar-assistant-configs/${u.username} 0755 root root -" + ) users; + services.openssh.extraConfig = '' Match Exec "/bin/grep -qE '^%u[[:space:]]' /etc/cloonar_assistant_ssh/sftp_users_keys" X11Forwarding no AllowTcpForwarding no - ChrootDirectory %h + ChrootDirectory /home/cloonar-assistant-configs/%u ForceCommand internal-sftp # ← only for those matched users: From 87d22fba6dce427f06d1021e37c77c2fb70c3657 Mon Sep 17 00:00:00 2001 From: Dominik Polakovics Date: Mon, 28 Apr 2025 22:39:37 +0200 Subject: [PATCH 4/7] fix: electricity sensor home assistant --- hosts/fw/modules/home-assistant/electricity.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/hosts/fw/modules/home-assistant/electricity.nix b/hosts/fw/modules/home-assistant/electricity.nix index bf92b52..3698843 100644 --- a/hosts/fw/modules/home-assistant/electricity.nix +++ b/hosts/fw/modules/home-assistant/electricity.nix @@ -18,8 +18,12 @@ in { friendly_name = "Current Price of electricity"; unit_of_measurement = "EUR/kWh"; value_template = '' - {{ ((states('sensor.epex_spot_data_price') | int ) + (0.0149 + 0.074 + 0.007 + 0.0074 + 0.0006)) | float }} + {{ ((states('sensor.epex_spot_data_price') | float ) + (0.0149 + 0.074 + 0.007 + 0.0074 + 0.0006)) | float }} ''; + entity_id = [ + "sensor.epex_spot_data_price" + "sensor.time" + ]; }; }; } From b8453eaf43c0dc1092e984b65ab2f09a7522da8a Mon Sep 17 00:00:00 2001 From: Dominik Polakovics Date: Mon, 28 Apr 2025 22:39:51 +0200 Subject: [PATCH 5/7] fix: home assistant multimedia off automation --- hosts/fw/modules/home-assistant/multimedia.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/hosts/fw/modules/home-assistant/multimedia.nix b/hosts/fw/modules/home-assistant/multimedia.nix index d864b83..5bac9b6 100644 --- a/hosts/fw/modules/home-assistant/multimedia.nix +++ b/hosts/fw/modules/home-assistant/multimedia.nix @@ -246,6 +246,7 @@ platform = "state"; entity_id = "binary_sensor.multimedia_device_on"; to = "off"; + for = "00:00:30"; }; action = [ { @@ -290,7 +291,7 @@ }; } { - delay = 20; + delay = 30; } # turn off tv switch { From 2f1d88b001b1398871756df420caa16d4c7ad0b9 Mon Sep 17 00:00:00 2001 From: Dominik Polakovics Date: Mon, 28 Apr 2025 22:40:17 +0200 Subject: [PATCH 6/7] feat: add cloonar-assistant-customers repo --- hosts/nb/users/configs/project_history | 1 + hosts/nb/users/dominik.nix | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/hosts/nb/users/configs/project_history b/hosts/nb/users/configs/project_history index baf8d52..d2fbdd8 100644 --- a/hosts/nb/users/configs/project_history +++ b/hosts/nb/users/configs/project_history @@ -6,6 +6,7 @@ /home/dominik/projects/cloonar/phishguard-frontend /home/dominik/projects/cloonar/gitapi /home/dominik/projects/cloonar/cloonar-assistant +/home/dominik/projects/cloonar/cloonar-assistant-customers /home/dominik/projects/cloonar/updns /home/dominik/projects/cloonar/flow/flow-docs diff --git a/hosts/nb/users/dominik.nix b/hosts/nb/users/dominik.nix index ad4c827..83f2275 100644 --- a/hosts/nb/users/dominik.nix +++ b/hosts/nb/users/dominik.nix @@ -186,11 +186,10 @@ in url = "https://update.code.visualstudio.com/1.99.0-insider/linux-x64/insider"; sha256 = "0z3x9m9pndzka9gzm2phnks453d2mwbdid9yd7qw3bvv965h71j5"; }; - version = "1.99.0"; + version = "1.99.3"; }); }; - /* Here goes the rest of your home-manager config, e.g. home.packages = [ pkgs.foo ]; */ # home.persistence."/nix/persist/user/dominik" = { # allowOther = true; @@ -609,6 +608,7 @@ in git clone gitea@git.cloonar.com:Cloonar/gitapi.git ${persistHome}/projects/cloonar/gitapi 2>/dev/null git clone gitea@git.cloonar.com:Cloonar/ai.nvim.git ${persistHome}/cloonar/ai.nvim 2>/dev/null git clone gitea@git.cloonar.com:Cloonar/cloonar-assistant.git ${persistHome}/projects/cloonar/cloonar-assistant 2>/dev/null + git clone gitea@git.cloonar.com:Cloonar/cloonar-assistant-customers.git ${persistHome}/projects/cloonar/cloonar-assistant-customers 2>/dev/null git clone gitea@git.cloonar.com:Cloonar/updns.git ${persistHome}/projects/cloonar/updns 2>/dev/null git clone gitea@git.cloonar.com:Cloonar/flow-docs.git ${persistHome}/projects/cloonar/flow/flow-docs 2>/dev/null From c20998d3655e479d2004bc982907e79c67e81610 Mon Sep 17 00:00:00 2001 From: Dominik Polakovics Date: Mon, 28 Apr 2025 22:40:36 +0200 Subject: [PATCH 7/7] fix: cloonar assistant config server --- hosts/fw/modules/cloonar-assistant-config-server.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/hosts/fw/modules/cloonar-assistant-config-server.nix b/hosts/fw/modules/cloonar-assistant-config-server.nix index d229c8f..99745ea 100644 --- a/hosts/fw/modules/cloonar-assistant-config-server.nix +++ b/hosts/fw/modules/cloonar-assistant-config-server.nix @@ -6,9 +6,11 @@ users = [ { username = "ca-test"; - key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGzJRWe8hsqAVnGSjPrcheloteWMzORoQ5Gj4IfhCROF"; + key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDglSLU9AUtbU0fCN0eByi/EHyo1QiPPLiscN5RAR+wq"; } ]; + + userList = lib.concatStringsSep "," (map (u: u.username) users); in { environment.etc = { # our single user+key file @@ -39,7 +41,7 @@ in { ) users; services.openssh.extraConfig = '' - Match Exec "/bin/grep -qE '^%u[[:space:]]' /etc/cloonar_assistant_ssh/sftp_users_keys" + Match User ${userList} X11Forwarding no AllowTcpForwarding no ChrootDirectory /home/cloonar-assistant-configs/%u