a bunch of random changes again

2024-01-16 09:03:26 +01:00
parent 6c72ddc81d
commit 22d3e2bd96
96 changed files with 1878 additions and 476 deletions
--- a/users/common/home.nix
+++ b/users/common/home.nix
@@ -1,7 +1,8 @@
-{ config, pkgs, self, secretsDir, inputs, persistentDir, ... }:
+{ config, pkgs, self, secretsDir, inputs, hostname, ... }:
 {
 	# The home.stateVersion option does not have a default and must be set
 	home.stateVersion = "23.05";
+  nixpkgs.config.allowUnfree = true;

  imports = [
    inputs.nix-index-database.hmModules.nix-index
@@ -24,15 +25,21 @@

 	home.sessionPath = [ "${self}/mybin" ];
  home.file = {
-    ".rclone.conf".source = config.lib.file.mkOutOfStoreSymlink "${secretsDir}/rclone-conf";
+     
    ".subversion/config".text = ''
      [miscellany]
      global-ignores = node_modules target
    ''; # documentation for this config file: https://svnbook.red-bean.com/en/1.7/svn.advanced.confarea.html
-  };
+
+    # rclone.conf only on main
+  } // (if hostname == "main" then { ".rclone.conf".source = config.lib.file.mkOutOfStoreSymlink "${secretsDir}/rclone-conf"; } else {});

   home.packages = with pkgs; [
-    hostname
+    borgbackup
+    rclone
+    archivemount
+    nmon
+    pkgs.hostname
 		vim
 		tree
 		htop
@@ -52,6 +59,9 @@
    wget
    tmux
    wireguard-tools
+    xorg.xauth
+    wakeonlan
+
 		# python....
 		(python310.withPackages (p: with p; [
 			pandas
@@ -75,6 +85,10 @@
 			'';
 		}))
     # */
+
+    # self packaged colored bandwith meter
+    (pkgs.callPackage ../../mods/cbm.nix {})
+
  ];

  # */
--- a/users/files/headless.nix
+++ b/users/files/headless.nix
@@ -3,7 +3,9 @@
 	users.users.files = {
   	isNormalUser = true;
 		password = "changeme";
+    group = "files";
 	};
+  users.groups.files = {};

  home-manager.extraSpecialArgs = {
    inherit self;
@@ -13,9 +15,9 @@
  home-manager.users.files = import ../common/home.nix;

  users.users.files.openssh.authorizedKeys.keys = [
-    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFjgXf9S9hxjyph2EEFh1el0z4OUT9fMoFAaDanjiuKa me@main"
-    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICWsqiz0gEepvPONYxqhKKq4Vxfe1h+jo11k88QozUch me@bitwarden"
-    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAioUu4ow6k+OMjjLdzogiQM4ZEM3TNekGNasaSDzQQE me@phone"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPAgNB1nsKZ5KXnmR6KWjQLfwhFKDispw24o8M7g/nbR me@bitwarden"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII/mCDzCBE2J1jGnEhhtttIRMKkXMi1pKCAEkxu+FAim me@main"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGw5kYmBQl8oolNg2VUlptvvSrFSESfeuWpsXRovny0x me@phone"

    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPmwi4ovyqhX/5YwGUZqntVD+i44qL+Nxf9Ubj4XxV9n me@acern"
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAIh7LDjwojcjJM8puPqFibx9zPn/k1cYgWXNQf0ZbC4 me@hpm"
--- a/users/me/default.nix
+++ b/users/me/default.nix
@@ -1,16 +0,0 @@
-{ pkgs, secretsDir, inputs, ... }:
-{
-	users.users.me = {
-   	isNormalUser = true;
-   	#passwordFile = "${secretsDir}/me-pwd";
-		password = "changeme";
-   	extraGroups = [ "networkmanager" "wheel" "libvirtd" ]; # Enable ‘sudo’ for the user.
-	};
-
-	#home-manager._module.args = { inherit inputs; };
-	home-manager.users.me = import ./home.nix;
-
-	fonts.fonts = with pkgs; [
-   	hack-font
-	];
-}
--- a/users/me/gui-home.nix
+++ b/users/me/gui-home.nix
@@ -1,5 +1,5 @@

-{ config, pkgs, self, secretsDir, inputs, persistentDir, ... }:
+{ config, pkgs, self, workDir, inputs, persistentDir, system, ... }:

 {
 	imports = [
@@ -7,9 +7,11 @@

    # my gui programs
 		../../programs/alacritty.nix
-		../../programs/emacs/default.nix
+    # stalls the build
+    #../../programs/emacs/default.nix
 		../../programs/rofi/default.nix
 		../../programs/zathura.nix
+    ../../programs/firefox/default.nix
 	];

 	gtk.cursorTheme = {
@@ -23,19 +25,24 @@
 	  };
 	};

+  home.sessionVariables = {
+    inherit system;
+  };
+
 	services.dunst.enable = true;


  home.file = {
-    ".mysecrets/root-pwd".text = "changeme";
+    ".mysecrets/root-pwd".text = "changemehiiii";
    ".mysecrets/me-pwd".text = "changeme";

-    ".mozilla/firefox".source = config.lib.file.mkOutOfStoreSymlink "${persistentDir}/firefox";
+    #".mozilla/firefox".source = config.lib.file.mkOutOfStoreSymlink "${persistentDir}/firefox";
    ".cache/rofi-3.runcache".source = config.lib.file.mkOutOfStoreSymlink "${persistentDir}/rofi-run-cache";
  };


 	home.packages = with pkgs; [
+    btrfs-progs

    # packages that i might not need everywhere??
 		wstunnel
@@ -77,20 +84,18 @@
 		gparted
 		xorg.xkill
    xorg.xmodmap
+    inkscape

    # my own packages
    supabase-cli

-		(inputs.firefox.packages.${pkgs.system}.firefox-nightly-bin.overrideAttrs (old: {
-      NIX_CFLAGS_COMPILE = [ (old.NIX_CFLAGS_COMPILE or "") ] ++ [ "-O3" "-march=native" "-fPIC" ];
-    }))
-
 		# base-devel
 		gcc

 		# rust
 		cargo
 		rust-analyzer
+    rustc

 		#localPacketTracer8

@@ -101,26 +106,52 @@
 		libvirt
 		virt-manager
 		freerdp
+    (pkgs.writeShellApplication {
+      name = "log";
+      #runtimeInputs = [ inputs.my-log.packages.${system}.pythonForLog ];
+      #text = "cd /home/me/work/log/new; nix develop -c 'python ${workDir}/log/new/client.py'";
+      text = ''${inputs.my-log.packages.${system}.pythonForLog}/bin/python ${workDir}/log/new/client.py "$@"'';
+    })
    (pkgs.writeShellApplication {
      name = "rpi";
      text = let 
-        myPythonRpi = pkgs.writers.writePython3Bin "myPythonRpi" { libraries = [pkgs.python310Packages.dnspython]; } ''
+        myPythonRpi = pkgs.writers.writePython3Bin "myPythonRpi" { libraries = [pkgs.python311Packages.dnspython]; } ''
          # flake8: noqa
          import os
+          import re
          import sys
          import subprocess

          import dns.resolver

+          import socket, struct
+
+          def get_default_gateway_linux():
+            """Read the default gateway directly from /proc."""
+            with open("/proc/net/route") as fh:
+              for line in fh:
+                fields = line.strip().split()
+                if fields[1] != '00000000' or not int(fields[3], 16) & 2:
+                  # If not default route or not RTF_GATEWAY, skip it
+                  continue
+                if fields[0] != "wlp2s0":
+                  # only check on wlan interface
+                  continue
+
+                return socket.inet_ntoa(struct.pack("<L", int(fields[2], 16)))
+
          pw_map = {
            "tab": "00:0a:50:90:f1:00",
-            "phone": "86:9d:6a:bc:ca:1b",
+            # "phone": "86:9d:6a:bc:ca:1b", # can't do that, because phone changes mac address on reactivation of hotspot
+            "lush": "dc:a6:32:cb:4d:5f",
          }

-
          if len(sys.argv) == 1:
-            print("one arg needed")
+            with open("/etc/hosts", "r") as file:
+              for line in file.readlines():
+                print(line, end="")
            exit()
+
          net = sys.argv[1]


@@ -154,8 +185,32 @@


          if net == "pw":
+            # get phone from default route
+            old["phone"] = get_default_gateway_linux()
+            print("default route: phone with ip ", old["phone"])
+
+            # search arp table
+            with os.popen('arp -a') as f:
+              data = f.read()
+            for line in data.split("\n"):
+              try:
+                parts = line.split(" ")
+                mac = parts[3]
+                ip = parts[1][1:-1]
+                for name, mac_table in pw_map.items():
+                  #print("trying mac:", mac, "from arp table:", parts)
+                  if mac == mac_table:
+                    # found name
+                    print(f"arp table: {name} with ip {ip}")
+                    old[name] = ip
+              except:
+                print("arp table line failed:", line)
+                continue
+
+            # do arp scan
            ips = subprocess.run(["sudo", "${pkgs.arp-scan}/bin/arp-scan", "-l", "-x", "-I", "wlp2s0"], capture_output=True)
            for line in ips.stdout.decode("utf-8").split("\n"):
+              #print("arp-scan line:", line)
              try:
                split = line.split("\t")
                ip = split[0]
@@ -167,10 +222,15 @@
              for name, mac_table in pw_map.items():
                if mac == mac_table:
                  # found name
-                  print(f"found {name} with ip {ip}")
+                  print(f"arp-scan: {name} with ip {ip}")
                  old[name] = ip


+
+
+          
+
+
          os.system("rm -rf /etc/hosts")
          with open("/etc/hosts", "w") as file:
            lines = []
--- a/users/me/gui.nix
+++ b/users/me/gui.nix
@@ -12,16 +12,18 @@
    hostname = config.networking.hostName;
  };

-	home-manager.users.me = import ./home.nix;
+	home-manager.users.me = import ./gui-home.nix;
+  #home-manager.useGlobalPkgs = true;
+  nixpkgs.config.allowUnfree = true;

 	fonts.fonts = with pkgs; [
   	hack-font
 	];

  users.users.me.openssh.authorizedKeys.keys = [
-    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFjgXf9S9hxjyph2EEFh1el0z4OUT9fMoFAaDanjiuKa me@main"
-    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICWsqiz0gEepvPONYxqhKKq4Vxfe1h+jo11k88QozUch me@bitwarden"
-    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAioUu4ow6k+OMjjLdzogiQM4ZEM3TNekGNasaSDzQQE me@phone"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPAgNB1nsKZ5KXnmR6KWjQLfwhFKDispw24o8M7g/nbR me@bitwarden"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII/mCDzCBE2J1jGnEhhtttIRMKkXMi1pKCAEkxu+FAim me@main"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGw5kYmBQl8oolNg2VUlptvvSrFSESfeuWpsXRovny0x me@phone"
  ];

 }
--- a/users/me/headless.nix
+++ b/users/me/headless.nix
@@ -1,4 +1,4 @@
-{ self, config, inputs, ... }:
+{ self, config, inputs, system, ... }:
 {
 	users.users.me = {
   	isNormalUser = true;
@@ -8,16 +8,16 @@
 	};

  home-manager.extraSpecialArgs = {
-    inherit self;
+    inherit self system;
    hostname = config.networking.hostName;
  };

  home-manager.users.me = import ../common/home.nix;

  users.users.me.openssh.authorizedKeys.keys = [
-    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFjgXf9S9hxjyph2EEFh1el0z4OUT9fMoFAaDanjiuKa me@main"
-    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICWsqiz0gEepvPONYxqhKKq4Vxfe1h+jo11k88QozUch me@bitwarden"
-    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAioUu4ow6k+OMjjLdzogiQM4ZEM3TNekGNasaSDzQQE me@phone"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPAgNB1nsKZ5KXnmR6KWjQLfwhFKDispw24o8M7g/nbR me@bitwarden"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII/mCDzCBE2J1jGnEhhtttIRMKkXMi1pKCAEkxu+FAim me@main"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGw5kYmBQl8oolNg2VUlptvvSrFSESfeuWpsXRovny0x me@phone"
  ];


--- a/users/root/default.nix
+++ b/users/root/default.nix
@@ -1,4 +1,9 @@
-{ ... }:
+{ self, config, secretsDir, ... }:
 {
 	home-manager.users.root = import ./home.nix;
+  home-manager.extraSpecialArgs = {
+    inherit self secretsDir;
+    hostname = config.networking.hostName;
+    test = 3;
+  };
 }
--- a/users/root/home.nix
+++ b/users/root/home.nix
@@ -7,5 +7,4 @@
      ../../programs/ssh.nix
   ];
   
-   home.file.test.text = "hello world\n";
 }
--- a/users/server/headles.nix
+++ b/users/server/headles.nix
@@ -3,8 +3,10 @@
 	users.users.server = {
   	isNormalUser = true;
   	#passwordFile = "${secretsDir}/me-pwd";
+    group = "server";
 		password = "changeme";
 	};
+  users.groups.server = {};

  home-manager.extraSpecialArgs = {
    inherit self;
@@ -14,9 +16,9 @@
  home-manager.users.server = import ../common/home.nix;

  users.users.server.openssh.authorizedKeys.keys = [
-    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFjgXf9S9hxjyph2EEFh1el0z4OUT9fMoFAaDanjiuKa me@main"
-    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICWsqiz0gEepvPONYxqhKKq4Vxfe1h+jo11k88QozUch me@bitwarden"
-    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAioUu4ow6k+OMjjLdzogiQM4ZEM3TNekGNasaSDzQQE me@phone"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPAgNB1nsKZ5KXnmR6KWjQLfwhFKDispw24o8M7g/nbR me@bitwarden"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII/mCDzCBE2J1jGnEhhtttIRMKkXMi1pKCAEkxu+FAim me@main"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGw5kYmBQl8oolNg2VUlptvvSrFSESfeuWpsXRovny0x me@phone"
  ];