~jb55/citadel

6f273f1ccbe0c3a2499b705d9afe56f22f1248bb — William Casarin 1 year, 18 days ago 19fc94f + e742da3
Merge branch 'laptop' into master
M bin/books => bin/books +3 -1
@@ 1,7 1,9 @@
#!/usr/bin/env bash
BOOKS_DIR="${1:-$HOME/docs}"

find "$BOOKS_DIR" -name '*.txt' -type f -printf '%f\t%p\n' |
find "$BOOKS_DIR" -name '*.txt' -type f -printf '%T@\t%f\t%p\n' |
  sort -rn |
  cutt -f2- |
  fzf |
  awkt '{print $2}' |
  xargs lessr

M nix-config/configuration.nix => nix-config/configuration.nix +1 -0
@@ 60,6 60,7 @@ in {
      (import (machinePath "") extra)
    ] ++ (if isDesktop then [
      (import ./hardware/desktop extra)
      (import ./networking/desktop extra)
      # ./wayland
      (import ./fonts extra)
      (import ./environment/desktop { inherit userConfig theme icon-theme extra; })

M nix-config/machines/monad/default.nix => nix-config/machines/monad/default.nix +0 -13
@@ 146,19 146,6 @@ in
  # shitcoin vendor
  services.keybase.enable = false;

  systemd.user.services.udp-notify-daemon = {
    enable = true;
    description = "udp notification daemon";
    wantedBy = [ "default.target" ];
    after    = [ "default.target" ];

    path = with pkgs; [ bash gnupg libnotify netcat nettools ];

    serviceConfig.ExecStart = util.writeBash "notify-daemon" ''
      exec ${pkgs.socat}/bin/socat -d -d udp4-recvfrom:${toString extra.private.notify-port},reuseaddr,fork exec:/home/jb55/bin/recvalert
    '';
  };

  systemd.services.block-distracting-hosts = {
    description = "Block Distracting Hosts";


M nix-config/machines/monad/networking/default.nix => nix-config/machines/monad/networking/default.nix +0 -1
@@ 24,7 24,6 @@ let
  };

  firewallRules = [
    "nixos-fw -s 10.100.0.1/24,45.79.91.128,192.168.86.0/24 -p udp --dport ${toString ports.notify-port} -j nixos-fw-accept"
    "nixos-fw -s 192.168.122.218 -p udp --dport 137 -j nixos-fw-accept"
    "nixos-fw -s 192.168.122.218 -p udp --dport 138 -j nixos-fw-accept"
    "nixos-fw -s 192.168.122.218 -p tcp --dport 139 -j nixos-fw-accept"

M nix-config/machines/quiver/default.nix => nix-config/machines/quiver/default.nix +2 -2
@@ 133,13 133,13 @@ extra:
      do
          percent=$(acpi -b | sed -E -n 's/.* ([0-9]+)%.*/\1/p')

          if [ $percent -lt $limit ] && [ "$state" != "heartbeat" ]
          if ! acpi -b | grep Charging && [ $percent -lt $limit ] && [ "$state" != "heartbeat" ]
          then
              printf "battery %d%% < %d%%, setting heartbeat trigger\n" "$percent" "$limit" >&2
              echo heartbeat > "$LED"/trigger
              echo heartbeat > "$LED2"/trigger
              state="heartbeat"
          elif [ $percent -ge $limit ] && [ "$state" = "heartbeat" ]
          elif acpi -b | grep Charging || [ $percent -ge $limit ] && [ "$state" = "heartbeat" ]
          then
              printf "battery %d%% >= %d%%, resetting led trigger\n" "$percent" "$limit" >&2
              echo none > "$LED"/trigger

M nix-config/machines/quiver/networking/default.nix => nix-config/machines/quiver/networking/default.nix +1 -5
@@ 37,15 37,11 @@ in
      peers = [
        # For a client configuration, one peer entry for the server will suffice.
        {
          # Public key of the server (not a file path).
          publicKey = "TbGgpOqD6teLon0ksZKS8zvvjHtkOGKNWPpHZxhVFWA=";

          allowedIPs = [ "10.100.0.1/32" ];

          # Set this to the server IP and port.
          #endpoint = "127.0.0.1:3333";
          endpoint = "24.84.152.187:53";

          # Send keepalives every 25 seconds. Important to keep NAT tables alive.
          persistentKeepalive = 25;
        }
        {

A nix-config/networking/desktop/default.nix => nix-config/networking/desktop/default.nix +20 -0
@@ 0,0 1,20 @@
extra:
{ config, lib, pkgs, ... }:
let
  ports = {
    notify = extra.private.notify-port;
  };

  firewallRules = [
    "nixos-fw -s 10.100.0.1/24,45.79.91.128 -p udp --dport ${toString ports.notify} -j nixos-fw-accept"
  ];

  addRule = rule: "iptables -A ${rule}";
  rmRule = rule: "iptables -D ${rule} || true";
  extraCommands = lib.concatStringsSep "\n" (map addRule firewallRules);
  extraStopCommands = lib.concatStringsSep "\n" (map rmRule firewallRules);
in
{
  networking.firewall.extraCommands = extraCommands;
  networking.firewall.extraStopCommands = extraStopCommands;
}

M nix-config/services/desktop/default.nix => nix-config/services/desktop/default.nix +13 -0
@@ 99,6 99,19 @@ in
    };
  };

  systemd.user.services.udp-notify-daemon = {
    enable = true;
    description = "udp notification daemon";
    wantedBy = [ "default.target" ];
    after    = [ "default.target" ];

    path = with pkgs; [ bash gnupg libnotify netcat nettools ];

    serviceConfig.ExecStart = util.writeBash "notify-daemon" ''
      exec ${pkgs.socat}/bin/socat -d -d udp4-recvfrom:${toString extra.private.notify-port},reuseaddr,fork exec:/home/jb55/bin/recvalert
    '';
  };

  systemd.user.services.kindle-sync3 = {
    enable = false;
    description = "sync kindle";