Todo aus readme verschieben

.gitea/workflows/eval-hydra-jobs.yml

@@ -1,15 +0,0 @@
-name: "Evaluate Hydra Jobs"
-on:
-  pull_request:
-  push:
-jobs:
-  eval-hydra-jobs:
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v4
-    - name: Install dependencies for Nix setup action
-      run: |
-        apt update -y
-        apt install sudo -y        
-    - uses: cachix/install-nix-action@v27
-    - run: nix eval --no-update-lock-file --accept-flake-config .\#hydraJobs

.gitignore

@@ -4,3 +4,4 @@
 result
 *.qcow2
 .direnv/
+book/

README.md

@@ -98,34 +98,3 @@ for documentation we currently just use README.md files.
 
 the devshell provides the python package ['grip'](https://github.com/joeyespo/grip) which can be used to preview different README.md files in the browser.
 the usage is simple, just run ```grip``` in the same folder as the README.md you wanna preview. then open your browser at ```http://localhost:6419 ```.
-
-## todos...
-
-#### infrastructure
-* [ ] host a local wiki with public available information about the space, for example:
-  * [ ] how to use coffe machine
-  * [ ] how to turn on/off electricity
-  * [ ] how to use beamer
-  * [ ] how to buecher ausleihen
-  * ...
-* [x] host some pad (codimd aka hedgedoc)
-* [ ] some network fileshare for storing the movies and streaming them within the network
-* [x] malobeo network infrastructure rework
-  * [x] request mulvad acc
-  * [x] remove freifunk, use openwrt with mulvad configured
-* [ ] evaluate imposing solutions
-    * [ ] pdfarranger
-
-#### external services
-we want to host two services that need a bit more resources, this is a booking system for the room itself and a library system.
-- [x] analyse best way to include our stuff into external nixOs server
-  - [x] writing some module that is included by the server
-  - [x] directly use nixOs container on host
-  - [x] combination of both (module that manages nginx blabla + nixOs container for the services
-
-#### bots&progrmaming
-* [ ] create telegram bot automatically posting tuesday events
-* [x] create webapp/interface replacing current task list pad
-  * could be a simple form for every tuesday
-  * [x] element bot should send updates if some tasks are not filled out
-

book.toml

@@ -0,0 +1,6 @@
+[book]
+authors = ["ahtlon"]
+language = "de"
+multilingual = false
+src = "src"
+title = "Malobeo Infrastruktur Dokumentation"

flake.lock

@@ -28,16 +28,16 @@
         ]
       },
       "locked": {
-        "lastModified": 1726989464,
-        "narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=",
+        "lastModified": 1719827415,
+        "narHash": "sha256-pvh+1hStXXAZf0sZ1xIJbWGx4u+OGBC1rVx6Wsw0fBw=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176",
+        "rev": "f2e3c19867262dbe84fdfab42467fc8dd83a2005",
         "type": "github"
       },
       "original": {
         "owner": "nix-community",
-        "ref": "release-24.05",
+        "ref": "release-23.11",
         "repo": "home-manager",
         "type": "github"
       }
@@ -63,11 +63,11 @@
     },
     "nixlib": {
       "locked": {
-        "lastModified": 1729386149,
+        "lastModified": 1728781282,
         "narHash": "sha256-hUP9oxmnOmNnKcDOf5Y55HQ+NnoT0+bLWHLQWLLw9Ks=",
         "owner": "nix-community",
         "repo": "nixpkgs.lib",
-        "rev": "cce4521b6df014e79a7b7afc58c703ed683c916e",
+        "rev": "16340f605f4e8e5cf07fd74dcbe692eee2d4f51b",
         "type": "github"
       },
       "original": {
@@ -84,11 +84,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1729472750,
-        "narHash": "sha256-s93LPHi5BN7I2xSGNAFWiYb8WRsPvT1LE9ZjZBrpFlg=",
+        "lastModified": 1729127034,
+        "narHash": "sha256-42AMGl+dh4I2wGgICSeDI1mqYaDEJhwqquHJ1vA0QiQ=",
         "owner": "nix-community",
         "repo": "nixos-generators",
-        "rev": "7c60ba4bc8d6aa2ba3e5b0f6ceb9fc07bc261565",
+        "rev": "dd28a0806e7124fe392c33c9ccaa12f21970401f",
         "type": "github"
       },
       "original": {
@@ -99,11 +99,11 @@
     },
     "nixos-hardware": {
       "locked": {
-        "lastModified": 1729742320,
-        "narHash": "sha256-u3Of8xRkN//me8PU+RucKA59/6RNy4B2jcGAF36P4jI=",
+        "lastModified": 1729333370,
+        "narHash": "sha256-NU+tYe3QWzDNpB8RagpqR3hNQXn4BNuBd7ZGosMHLL8=",
         "owner": "NixOS",
         "repo": "nixos-hardware",
-        "rev": "e8a2f6d5513fe7b7d15701b2d05404ffdc3b6dda",
+        "rev": "38279034170b1e2929b2be33bdaedbf14a57bfeb",
         "type": "github"
       },
       "original": {
@@ -131,11 +131,11 @@
     },
     "nixpkgs-stable": {
       "locked": {
-        "lastModified": 1729357638,
-        "narHash": "sha256-66RHecx+zohbZwJVEPF7uuwHeqf8rykZTMCTqIrOew4=",
+        "lastModified": 1728156290,
+        "narHash": "sha256-uogSvuAp+1BYtdu6UWuObjHqSbBohpyARXDWqgI12Ss=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "bb8c2cf7ea0dd2e18a52746b2c3a5b0c73b93c22",
+        "rev": "17ae88b569bb15590549ff478bab6494dde4a907",
         "type": "github"
       },
       "original": {
@@ -147,11 +147,11 @@
     },
     "nixpkgs-unstable": {
       "locked": {
-        "lastModified": 1729665710,
-        "narHash": "sha256-AlcmCXJZPIlO5dmFzV3V2XF6x/OpNWUV8Y/FMPGd8Z4=",
+        "lastModified": 1729256560,
+        "narHash": "sha256-/uilDXvCIEs3C9l73JTACm4quuHUsIHcns1c+cHUJwA=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "2768c7d042a37de65bb1b5b3268fc987e534c49d",
+        "rev": "4c2fcb090b1f3e5b47eaa7bd33913b574a11e0a0",
         "type": "github"
       },
       "original": {
@@ -163,11 +163,11 @@
     },
     "nixpkgs_2": {
       "locked": {
-        "lastModified": 1729449015,
-        "narHash": "sha256-Gf04dXB0n4q0A9G5nTGH3zuMGr6jtJppqdeljxua1fo=",
+        "lastModified": 1729181673,
+        "narHash": "sha256-LDiPhQ3l+fBjRATNtnuDZsBS7hqoBtPkKBkhpoBHv3I=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "89172919243df199fe237ba0f776c3e3e3d72367",
+        "rev": "4eb33fe664af7b41a4c446f87d20c9a0a6321fa3",
         "type": "github"
       },
       "original": {
@@ -199,11 +199,11 @@
         "nixpkgs-stable": "nixpkgs-stable"
       },
       "locked": {
-        "lastModified": 1729695320,
-        "narHash": "sha256-Fm4cGAlaDwekQvYX0e6t0VjT6YJs3fRXtkyuE4/NzzU=",
+        "lastModified": 1728345710,
+        "narHash": "sha256-lpunY1+bf90ts+sA2/FgxVNIegPDKCpEoWwOPu4ITTQ=",
         "owner": "Mic92",
         "repo": "sops-nix",
-        "rev": "d089e742fb79259b9c4dd9f18e9de1dd4fa3c1ec",
+        "rev": "06535d0e3d0201e6a8080dd32dbfde339b94f01b",
         "type": "github"
       },
       "original": {
@@ -264,11 +264,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1729717517,
-        "narHash": "sha256-Gul0Zqy0amouh8Hs8BL/DIKFYD6BmdTo4H8+5K5+mTo=",
+        "lastModified": 1721034873,
+        "narHash": "sha256-3Bpj3h2UHXgBwlVm+jB5qCLtbn42LunCIEDg1IX111M=",
         "ref": "refs/heads/master",
-        "rev": "610269a14232c2888289464feb5227e284eef336",
-        "revCount": 27,
+        "rev": "a4a9bf571de0880621739228358a5d31e4c14d43",
+        "revCount": 16,
         "type": "git",
         "url": "https://git.dynamicdiscord.de/kalipso/tasklist"
       },

flake.nix

@@ -29,7 +29,7 @@
     };
 
     home-manager=  {
-      url = "github:nix-community/home-manager/release-24.05";
+      url = "github:nix-community/home-manager/release-23.11";
       inputs = {
         nixpkgs.follows = "nixpkgs";
       };

machines/configuration.nix

@@ -74,4 +74,16 @@ in
       ./lucia/hardware_configuration.nix
     ];
   };
+
+  sdImageLucia = nixosSystem {
+    system = "aarch64-linux";
+    specialArgs.inputs = inputs;
+    modules = defaultModules ++ [
+      "${nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64.nix"
+      ./lucia/configuration.nix
+      {
+        sdImage.compressImage = false;
+      }
+    ];
+  };
 }

machines/lucia/configuration.nix

@@ -7,7 +7,6 @@ in
   imports =
     [ # Include the results of the hardware scan.
       ../modules/malobeo_user.nix
-      ./file_server.nix
     ];
 
   sops.defaultSopsFile = ./secrets.yaml;
@@ -174,7 +173,7 @@ in
     mpv
     ncmpcpp
     ncpamixer
-    # pulseaudio
+    pulseaudio
     vim
     htop
     wget
@@ -183,19 +182,19 @@ in
     nix-tree
   ];
 
-  #hardware.pulseaudio = {
-  #  enable = true;
-  #  systemWide = true;
-  #  tcp = {
-  #    enable = true;
-  #    anonymousClients.allowedIpRanges = [
-  #      "127.0.0.0/8"
-  #      "192.168.1.0/24"
-  #    ];
-  #  };
+  hardware.pulseaudio = {
+    enable = true;
+    systemWide = true;
+    tcp = {
+      enable = true;
+      anonymousClients.allowedIpRanges = [
+        "127.0.0.0/8"
+        "192.168.1.0/24"
+      ];
+    };
 
-  #  zeroconf.publish.enable = true;
-  #};
+    zeroconf.publish.enable = true;
+  };
 
   services.avahi = {
     enable = true;

machines/lucia/file_server.nix

@@ -1,36 +0,0 @@
-{
-  #automount mit udisks2
-    #siehe udevadm monitor
-    #bash-script?
-    #user-oder root mount
-  #systemd-automount villeicht
-    fileSystems = {
-      "/mnt/extHdd0" = {               #statisches mounten ist am einfachsten aber kein hotplug möglich
-        device = "/dev/disk/by-uuid/"; #noch ausfüllen
-        fsType = "ext4";               #zfs wäre hier cool
-        options = [ "users" "nofail" ];
-      };
-      "/exports/extHdd0" = {
-        device = "/mnt/extHdd0";
-        fsType = "none";
-      };
-    };
-
-    users.groups = { nfs = {gid = 1003; }; }; #erstelle nfs user und gruppe für isolation
-    users.users.nfs = {
-      isSystemUser = true;
-      group = "nfs";
-      uid = 1003;
-    };
-    users.users.malobeo.extraGroups = [ "nfs" ];
-    
-    systemd.tmpfiles.rules = [ "d /export 0775 nfs nfs -" ]; #erstelle nfs ordner
-
-    services.nfs.server = {
-      enable = true;
-      exports = ''
-        /export 192.168.1.0/24(ro, nohide, no_subtree_check, async, all_squash, anonuid=1003, anongid=1003)
-      '';
-    };
-    networking.firewall.allowedTCPPorts = [ 2049 ]; #wir benutzen NfsV4 hoffentlich
-}

machines/modules/autoupdate.nix

@@ -100,12 +100,11 @@ in
     nix = {
       # Show a diff when activating a new system except for microvms which handle this seperately
       #diffSystem = config.malobeo.deployment.server or "" == "";
-      #TODO: THIS WIPES HOSTS NIX STORE FROM WITHIN NIXOS-CONTAINER
-      #gc = lib.mkIf config.malobeo.autoUpdate.enable {
-      #  automatic = true;
-      #  randomizedDelaySec = "6h";
-      #  options = "--delete-older-than 21d";
-      #};
+      gc = lib.mkIf config.malobeo.autoUpdate.enable {
+        automatic = true;
+        randomizedDelaySec = "6h";
+        options = "--delete-older-than 21d";
+      };
     };
 
     environment.systemPackages = [ (

outputs.nix

@@ -36,4 +36,26 @@ in (utils.lib.eachSystem (builtins.filter filter_system utils.lib.defaultSystems
       nixpkgs.lib.mapAttrs getBuildEntry self.nixosConfigurations
 
       );
+
+      #lucia = self.nixosConfigurations.lucia.config.system.build.toplevel;
+    
+
+    #images.lucia_base_image = nixosConfigurations.lucia.config.system.build.sdImage;
+
+    #packages.x86_64-linux = {
+    #  lucia_base_img = nixos-generators.nixosGenerate {
+    #    system = "aarch64-linux";
+    #    modules = [
+    #      #"${nixpkgs}/nixos/modules/installer/sd-card/sd-image-raspberrypi.nix"
+    #      ./machines/modules/sshd.nix
+    #      {
+    #        nixpkgs.config.allowUnsupportedSystem = true;
+    #        nixpkgs.crossSystem.system = "aarch64-linux";
+    #        networking.dhcpcd.enable = true;
+    #      }
+    #    ];
+
+    #    format = "sd-aarch64-installer";
+    #  };
+    #};
 }

shell.nix

@@ -18,5 +18,6 @@ mkShell {
     sops-init-gpg-key
     sops
     pkgs.python310Packages.grip
+    pkgs.mdbook
   ];
 }

src/Index.md

@@ -0,0 +1 @@
+# Index

src/SUMMARY.md

@@ -0,0 +1,15 @@
+# Summary
+
+- [Index](./Index.md)
+    - [Info]()
+        - [Aktuelle Server]()
+            - [Durruti](./server/durruti.md)
+            - [Lucia](./server/lucia.md)
+        - [Hardware]()
+        - [Netzwerk]()
+        - [Seiten]()
+            - [musik](./projekte/musik.md)
+        - [TODO](./todo.md)
+    - [How-to]()
+        - [Updates](./anleitung/updates.md)
+        - [Rollbacks](./anleitung/rollback.md)

src/anleitung/rollback.md

@@ -0,0 +1 @@
+# Rollbacks

src/anleitung/updates.md

@@ -0,0 +1 @@
+# Updates

src/projekte/musik.md

@@ -0,0 +1 @@
+# musik

src/server/durruti.md

@@ -0,0 +1 @@
+# Durruti

src/server/lucia.md

@@ -0,0 +1 @@
+# Lucia

src/todo.md

@@ -0,0 +1,29 @@
+# TODO
+- [ ] Dieses wiki schreiben
+#### infrastructure
+* [ ] host a local wiki with public available information about the space, for example:
+  * [ ] how to use coffe machine
+  * [ ] how to turn on/off electricity
+  * [ ] how to use beamer
+  * [ ] how to buecher ausleihen
+  * ...
+* [x] host some pad (codimd aka hedgedoc)
+* [ ] some network fileshare for storing the movies and streaming them within the network
+* [x] malobeo network infrastructure rework
+  * [x] request mulvad acc
+  * [x] remove freifunk, use openwrt with mulvad configured
+* [ ] evaluate imposing solutions
+    * [ ] pdfarranger
+
+#### external services
+we want to host two services that need a bit more resources, this is a booking system for the room itself and a library system.
+- [x] analyse best way to include our stuff into external nixOs server
+  - [x] writing some module that is included by the server
+  - [x] directly use nixOs container on host
+  - [x] combination of both (module that manages nginx blabla + nixOs container for the services
+
+#### bots&progrmaming
+* [ ] create telegram bot automatically posting tuesday events
+* [x] create webapp/interface replacing current task list pad
+  * could be a simple form for every tuesday
+  * [x] element bot should send updates if some tasks are not filled out