From 3253a217d78fd0b53e4bd40ee5386eadeaabecf1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kier=C3=A1n=20Meinhardt?= Date: Tue, 10 Dec 2024 13:04:44 +0100 Subject: [PATCH] bye bye hu --- configs/default.nix | 1 - configs/hu-berlin.nix | 148 ------------------------------------- configs/networkmanager.nix | 42 +---------- configs/seafile.nix | 23 ------ secrets | 2 +- 5 files changed, 2 insertions(+), 214 deletions(-) delete mode 100644 configs/hu-berlin.nix delete mode 100644 configs/seafile.nix diff --git a/configs/default.nix b/configs/default.nix index fd623da6..7824f8ba 100644 --- a/configs/default.nix +++ b/configs/default.nix @@ -233,7 +233,6 @@ in { ./git.nix ./hledger.nix ./htop.nix - ./hu-berlin.nix ./fu-berlin.nix ./fysi.nix ./i3.nix diff --git a/configs/hu-berlin.nix b/configs/hu-berlin.nix deleted file mode 100644 index 75790b35..00000000 --- a/configs/hu-berlin.nix +++ /dev/null @@ -1,148 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: let - inherit (import ../lib/email.nix) defaults pronouns; - inherit (import ../lib) remoteDir; - hu-defaults = { - imap.host = "mailbox.cms.hu-berlin.de"; - imap.port = 993; - smtp.host = "mailhost.cms.hu-berlin.de"; - smtp.port = 25; - smtp.tls.useStartTls = true; - }; - hu-berlin-cifs-options = [ - "uid=${toString config.users.users.me.uid}" - "gid=${toString config.users.groups.users.gid}" - "sec=ntlmv2" - "workgroup=german" - "credentials=${config.age.secrets.cifs-credentials-hu-berlin.path}" - "noauto" - "x-systemd.automount" - "x-systemd.device-timeout=1" - "x-systemd.idle-timeout=1min" - ]; -in { - fileSystems."${remoteDir}/hu/germpro2" = { - device = "//hugerm31c.user.hu-berlin.de/germpro2/ling"; - fsType = "cifs"; - options = hu-berlin-cifs-options; - }; - - fileSystems."${remoteDir}/hu/meinhaki/home" = { - device = "//hugerm31c.user.hu-berlin.de/germhome/ling/meinhaki"; - fsType = "cifs"; - options = hu-berlin-cifs-options; - }; - - age.secrets = { - cifs-credentials-hu-berlin.file = ../secrets/cifs-credentials-hu-berlin.age; - email-password-meinhaki = { - file = ../secrets/email-password-meinhaki.age; - owner = config.users.users.me.name; - group = config.users.users.me.group; - mode = "400"; - }; - email-password-dslalewa = { - file = ../secrets/email-password-dslalewa.age; - owner = config.users.users.me.name; - group = config.users.users.me.group; - mode = "400"; - }; - }; - - home-manager.users.me = { - programs.ssh = { - matchBlocks = { - "alew.hu-berlin.de" = { - user = "centos"; - hostname = "141.20.187.219"; - }; - }; - }; - - accounts.email.accounts = rec { - hu-employee = - lib.recursiveUpdate defaults - (lib.recursiveUpdate hu-defaults - rec { - userName = "meinhaki"; - address = "kieran.meinhardt@hu-berlin.de"; - aliases = ["${userName}@hu-berlin.de"]; - passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-meinhaki.path}"; - aerc.extraAccounts.signature-file = toString (pkgs.writeText "signature" signature.text); - himalaya = { - enable = true; - settings.backend = "imap"; - }; - signature = { - showSignature = "append"; - text = '' - ${defaults.realName} - ${pronouns} - Studentische Hilfskraft / Administrator ALEW - Humboldt-Universität zu Berlin - - Telefon: +49 (0)30 2093 9634 - Raum 3.212, Dorotheenstraße 24, 10117 Berlin-Mitte - https://alew.hu-berlin.de - ''; - }; - }); - hu-admin = - lib.recursiveUpdate defaults - (lib.recursiveUpdate hu-defaults - rec { - userName = "dslalewa"; - address = "admin.alew.vglsprwi@hu-berlin.de"; - himalaya = { - enable = true; - settings.backend = "imap"; - }; - aliases = ["${userName}@hu-berlin.de"]; - passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-dslalewa.path}"; - inherit (hu-employee) signature; - aerc.extraAccounts.signature-file = toString (pkgs.writeText "signature" signature.text); - }); - }; - }; - - environment.systemPackages = [ - (pkgs.writers.writeDashBin "hu-ip" '' - ${pkgs.w3m}/bin/w3m -dump meineip.hu-berlin.de | head --lines=-4 | tail --lines=+3 - '') - ( - pkgs.writers.writePython3Bin "hu-eduroam-install" - { - libraries = with pkgs.python3Packages; [distro pyopenssl dbus-python]; - flakeIgnore = ["E501" "E123" "W504" "E722" "F821" "E226" "E126" "E265" "W291"]; - } - (builtins.readFile (builtins.fetchurl { - url = "https://www.cms.hu-berlin.de/de/dl/netze/wlan/config/eduroam/linux-installer/eduroam-linux-hub.py"; - sha256 = "19x2kvwxx13265b2hj5fjf53g0liw6dw7xf9j9cav67cswmz60kf"; - })) - ) - ]; - - # ref https://github.com/NixOS/nixpkgs/issues/231038#issuecomment-1591888919 - environment.etc."ppp/options".text = "ipcp-accept-remote"; - - systemd.services.hu-vpn = { - enable = true; - wants = ["network-online.target"]; - serviceConfig.LoadCredential = "password:${config.age.secrets.email-password-meinhaki.path}"; - script = '' - ${pkgs.openfortivpn}/bin/openfortivpn \ - --password="$(cat "$CREDENTIALS_DIRECTORY/password")" \ - --config=${ - pkgs.writeText "hu-berlin.config" '' - host = forti-ssl.vpn.hu-berlin.de - port = 443 - username = meinhaki - '' - } - ''; - }; -} diff --git a/configs/networkmanager.nix b/configs/networkmanager.nix index a337b3e0..03e2d00c 100644 --- a/configs/networkmanager.nix +++ b/configs/networkmanager.nix @@ -1,47 +1,7 @@ { - lib, pkgs, ... -}: let - profile = name: custom: - lib.recursiveUpdate { - connection.id = name; - connection.type = "wifi"; - connection.interface-name = "wlp3s0"; - connection.permissions = ""; - wifi.mac-address-blacklist = ""; - wifi.ssid = name; - wifi.mode = "infrastructure"; - ipv4.dns-search = ""; - ipv4.method = "auto"; - ipv6.addr-gen-mode = "stable-privacy"; - ipv6.dns-search = ""; - ipv6.method = "auto"; - proxy = {}; - } - custom; - eduroamProfile = { - connection.uuid = "eae9fee6-a7d2-4120-a609-440b457d6fcf"; - wifi-security = { - group = "ccmp;tkip;"; - key-mgmt = "wpa-eap"; - pairwise = "ccmp;"; - proto = "rsn;"; - }; - "802-1x" = { - altsubject-matches = "DNS:srv1-radius.cms.hu-berlin.de;DNS:srv2-radius.cms.hu-berlin.de;"; - anonymous-identity = "anonymous@wlan.hu-berlin.de"; - ca-cert = pkgs.fetchurl { - url = "https://www.cms.hu-berlin.de/de/dl/netze/wlan/config/eduroam/t-telesec_globalroot_class_2.pem"; - sha256 = "0if8aqd06sid7a0vw009zpa087wxcgdd2x6z2zs4pis5kvyqj2dk"; - }; - eap = "ttls;"; - identity = lib.strings.fileContents ; - password = lib.strings.fileContents ; - phase2-auth = "pap"; - }; - }; -in { +}: { programs.nm-applet.enable = true; networking.networkmanager = { diff --git a/configs/seafile.nix b/configs/seafile.nix deleted file mode 100644 index 95222869..00000000 --- a/configs/seafile.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ - pkgs, - config, - ... -}: { - services.xserver.displayManager.sessionCommands = "${pkgs.seafile-client}/bin/seafile-applet &"; - - home-manager.users.me.xdg.configFile = { - "Seafile/Seafile Client.conf".source = (pkgs.formats.ini {}).generate "Seafile Client.conf" { - Behavior = { - hideDockIcon = false; - hideMainWindowWhenStarted = true; - }; - Settings = { - computerName = config.networking.hostName; - lastShiburl = "https://box.hu-berlin.de"; - }; - UsedServerAddresses.main = "https://box.hu-berlin.de"; - }; - }; - - environment.systemPackages = [pkgs.seafile-client]; -} diff --git a/secrets b/secrets index 6c23ca9f..5892b05a 160000 --- a/secrets +++ b/secrets @@ -1 +1 @@ -Subproject commit 6c23ca9fcc39db49e455cd85347c57f392b1e60b +Subproject commit 5892b05a9c2c90bfa2d4b7a3234d53c5ae8d878d