feat: withings, ...

home/default.nix

@@ -23,6 +23,7 @@ in
     gui = {
       imports = with dirImports; [
         gui
+        vscode
 				wezterm
         firefox
         konawall

home/gui/packages.nix

@@ -1,5 +1,4 @@
 { config, lib, pkgs, ... }:
-
 {
   home.packages = with pkgs; [
     btop
@@ -22,5 +21,6 @@
     element-desktop
     cryptsetup
     esphome
+    esptool
   ];
 }

home/konawall.nix

@@ -13,7 +13,7 @@
     commonTags = [ "width:>=1600" ];
     tagList = map (lib.toList) [
       (["score:>=50"
-      "touhou" "rating:s"]) #++ optional (nixos.networking.hostName == "koishi") "rating:s")
+      "rating:s"]) #++ optional (nixos.networking.hostName == "koishi") "rating:s")
     ];
   };
 }

home/vim/init.lua

@@ -230,22 +230,6 @@ end, { silent = true })
 require('nvim-treesitter.configs').setup {
 	-- A list of parser names, or "all"
 	ensure_installed = {
-		"c",
-		"lua",
-		"rust",
-		"bash",
-		"css",
-		"dockerfile",
-		"go",
-		"hcl",
-		"html",
-		"javascript",
-		"markdown",
-		"nix",
-		"norg",
-		"python",
-		"regex",
-		"scss",
 	},
 
 	sync_install = false,

home/vscode.nix

@@ -0,0 +1,11 @@
+{ config, lib, pkgs, ... }: {
+  programs.vscode = {
+    enable = true;
+    extensions = with pkgs.vscode-extensions; [
+      jnoortheen.nix-ide
+    ];
+  };
+  home.packages = with pkgs; [
+    rnix-lsp
+  ];
+}

modules/meta/network.nix

@@ -167,7 +167,6 @@ with lib;
           meta.modules.nixos
           meta.modules.system
           meta.modules.type
-          meta.nixos.network
           meta.system
       ];
       specialArgs = {

modules/meta/tailscale.nix

@@ -14,6 +14,12 @@ in {
           ipv6 = mkOption {
             type = types.str;
           };
+          id = mkOption {
+            type = types.str;
+          };
+          user = mkOption {
+            type = types.str;
+          };
           pp = mkOption {
             type = types.unspecified;
             default = family: port: "http://${config."ipv${toString family}"}:${toString port}/";
@@ -35,6 +41,8 @@ in {
       raw = home.resources.tailnet_devices.importAttr "devices";
     in mkIf (home.state.enable) (mapListToAttrs (elet: nameValuePair (removeSuffix ".${config.tailnet_uri}" elet.name) {
         tags = elet.tags;
+        id = elet.id;
+        user = elet.user;
           ipv4 = head (filter (e: hasInfix "." e) elet.addresses);
           ipv6 = head (filter (e: hasInfix ":" e) elet.addresses);
         }) raw);

modules/nixos/network.nix

@@ -313,6 +313,14 @@
           tailnet = "inskip.me";
         };
       };
+      resources.tailnet_device_key = {
+        provider = "tailscale";
+        type = "device_key";
+        inputs = {
+          device_id = meta.tailnet.${config.networking.hostName}.id;
+          key_expiry_disabled = true;
+        };
+      };
       resources.tailnet_key = {
         provider = "tailscale";
         type = "tailnet_key";

modules/nixos/storage.nix

@@ -0,0 +1,77 @@
+{ config, lib, pkgs, meta, tf, ... }: let
+  inherit (lib.options) mkOption mkEnableOption;
+  inherit (lib.modules) mkIf mkMerge;
+  inherit (lib.attrsets) mapAttrs filterAttrs mapAttrsToList attrValues;
+  inherit (lib.lists) concatLists;
+  inherit (lib.types) attrsOf listOf str;
+  cfg = config.storage;
+  in {
+  options.storage = {
+    enable = mkEnableOption "nixfiles storage primitives";
+    replica = mkEnableOption "full replication of our volumes onto a node";
+    defaultBrick = mkEnableOption "naively create a default brick for this node";
+    bricks = mkOption {
+      type = attrsOf str;
+      default = if cfg.defaultBrick then {
+        default = "/export/default/brick";
+      } else {};
+      description = "the brick locations used by glusterfs";
+    };
+    replicas = mkOption {
+      type = listOf str;
+      default = let
+        replicaNodes = filterAttrs (_: node: node.storage.replica) config.network.nodes.nixos;
+      in concatLists (mapAttrsToList (_: node: map (brick: "${node.networks.tailscale.uqdn}:${brick}" (attrValues node.storage.bricks)) replicaNodes));
+    };
+    services = mkOption {
+      type = listOf str;
+      default = let
+        filteredServices = removeAttrs config.services [
+          "chronos" "beegfs" "beegfsEnable" "bird"
+          "bird6" "bitwarden_rs" "buildkite-agent" "cgmanager"
+          "codimd" "couchpotato" "cryptpad" "dd-agent"
+          "deepin" "dnscrypt-proxy" "flashpolicyd" "dhcpd"
+          "foldingAtHome" "fourStore" "fourStoreEndpoint" "fprot"
+          "frab" "geoip-updater" "gogoclient" "hbase"
+          "iodined" "kippo" "localtime" "mailpile"
+          "marathon" "mathics" "meguca" "mesos"
+          "mingetty" "moinmoin" "mwlib" "nixosManual"
+          "openfire" "openvpn" "osquery" "paperless-ng"
+          "piwik" "plexpy" "prey" "prometheus2"
+          "quagga" "racoon" "railcar" "redis"
+          "riak" "rmilter" "seeks" "shellinabox"
+          "ssmtp" "venus" "virtuoso" "vmwareGuest"
+          "wakeonlan" "winstone" "nginx"
+        ];
+        #enabledServices = filterAttrs (_: settings: (settings ? enable) && settings.enable) filteredServices;
+        enabledServices = filterAttrs (_: service: service ? serviceConfig.RuntimeDirectory) config.systemd.services;
+        serviceDirs = mapAttrsToList (service: _: service) enabledServices;
+      in serviceDirs;
+    };
+  };
+  config = mkMerge [
+    (mkIf cfg.enable {
+      environment.systemPackages = [ pkgs.glusterfs ];
+
+      services.glusterfs = {
+        enable = true;
+        tlsSettings = {
+          tlsKeyPath = config.networks.tailscale.key_path;
+          tlsPem = config.networks.tailscale.cert_path;
+        };
+      };
+
+      deploy.tf = {
+      };
+    })
+    (mkIf cfg.defaultBrick {
+      system.activationScripts.nixfiles-storage-defaultbrick.text = ''
+        mkdir -p /export/default/brick
+      '';
+    })
+    (mkIf cfg.replica {
+      deploy.tf = {
+      };
+    })
+  ];
+}

nixos/base/system.nix

@@ -11,6 +11,8 @@
     "net.core.wmem_max" = "16777216";
     "net.ipv4.tcp_rmem" = "4096 87380 16777216";
     "net.ipv4.tcp_wmem" = "4096 65536 16777216";
+    "net.ipv4.ip_forward" = "1";
+    "net.ipv6.conf.all.forwarding" = "1";
   };
   services.journald.extraConfig = "SystemMaxUse=512M";
   users.mutableUsers = false;

nixos/systems/daiyousei.nix

@@ -2,7 +2,6 @@
   imports = with meta; [
     hardware.aarch64-linux
     hardware.oracle.ubuntu
-    nixos.network
     home.weechat
     home.services.weechat
     services.nginx

nixos/systems/koishi.nix

@@ -4,7 +4,6 @@
     hardware.local
     nixos.gui
     nixos.light
-    nixos.network
     services.nginx
     home.gui
   ];
@@ -19,6 +18,7 @@
 
 virtualisation.docker.enable = true;
 
+services.avahi.enable = true;
 environment.systemPackages = [ pkgs.docker-compose ];
 
   nix.buildMachines = [ {
@@ -53,7 +53,7 @@ environment.systemPackages = [ pkgs.docker-compose ];
     powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
     
     boot = {
-      supportedFilesystems = [ "xfs" "zfs" ];
+      supportedFilesystems = [ "xfs" ];
       initrd.luks.devices."cryptroot".device = "/dev/disk/by-uuid/f0ea08b4-6af7-4d90-a2ad-edd5672a2105";
       loader = {
         efi = {

nixos/systems/marisa.nix

@@ -2,7 +2,6 @@
   imports = with meta; [
     (modulesPath + "/profiles/qemu-guest.nix")
     hardware.manual
-    nixos.network
     services.nginx
     services.access
     services.irlsite

nixos/systems/rinnosuke.nix

@@ -1,7 +1,6 @@
 { config, tf, meta, nixfiles, pkgs, lib, ... }: with lib; {
   imports = with meta; [
     hardware.oracle.ubuntu
-    nixos.network
     services.nginx
     services.knot
   ];

nixos/systems/tewi/home-assistant.nix

@@ -66,7 +66,6 @@ in {
     field = "mpd";
   };
 
-
   secrets.files.home-assistant-secrets = {
     text = let
       espresenceDevices = {
@@ -80,7 +79,7 @@ in {
       longitude = tf.variables.longitude.ref;
       elevation = tf.variables.elevation.ref;
       mpd-shanghai-password = tf.variables.mpd-shanghai-password.ref;
-    } // mapAttrs' (key: device_id:
+    } // espresenceDevices // mapAttrs' (key: device_id:
       nameValuePair "${key}-topic" "espresense/devices/${device_id}"
     ) espresenceDevices);
     owner = "hass";
@@ -320,13 +319,14 @@ in {
         (mkESPresenceBeacon {
           device_id = "!secret tile-kat-keys";
           state_topic = "!secret tile-kat-keys-topic";
-          name = "Knife";
+          name = "Girlwife";
         })
       ];
     };
     extraPackages = python3Packages: with python3Packages; [
       psycopg2
       aiohomekit
+      pkgs.withings-api
       securetar
       getmac # for upnp integration
       (aiogithubapi.overrideAttrs (_: { doInstallCheck = false; }))

nixos/systems/tewi/nixos.nix

@@ -4,7 +4,6 @@
   imports = with meta; [
     (modulesPath + "/installer/scan/not-detected.nix")
     hardware.local
-    nixos.network
     nixos.arc
     services.cockroachdb
     services.minio

nixos/systems/tewi/zigbee2mqtt.nix

@@ -28,6 +28,8 @@
     group = "zigbee2mqtt";
   };
 
+  users.groups.input.members = [ "zigbee2mqtt" ];
+
   services.zigbee2mqtt = {
     enable = true;
     settings = {
@@ -46,9 +48,8 @@
         port = 8072;
       };
       serial = {
-        port = "/dev/serial/by-id/usb-Silicon_Labs_Sonoff_Zigbee_3.0_USB_Dongle_Plus_0001-if00-port0";
+        port = "/dev/ttyUSB0";
       };
-
     };
   };
 

nixos/systems/yukari.nix

@@ -2,7 +2,6 @@
   imports = with meta; [
     hardware.rm-310
     hardware.local
-    nixos.network
     nixos.arc
     services.ha
     services.nextcloud

overlays/local/default.nix

@@ -1,4 +1,6 @@
 final: prev: {
+  requests-oauth = final.python3Packages.callPackage ./requests-oauth.nix { };
+  withings-api = final.python3Packages.callPackage ./withings-api.nix { };
   irlsite = final.callPackage ./irlsite.nix { };
   vips = prev.vips.override { libjxl = null; };
   yabai = final.callPackage ./yabai.nix { };

overlays/local/requests-oauth.nix

@@ -0,0 +1,32 @@
+{ lib
+, buildPythonPackage
+, pythonOlder
+, fetchPypi
+, requests
+}:
+
+buildPythonPackage rec {
+  pname = "requests-oauth";
+  version = "0.4.1";
+  format = "setuptools";
+
+  disabled = pythonOlder "3.6";
+
+  src = fetchPypi {
+    inherit pname version;
+    sha256 = "sha256-nBsHOJZ+8cD28Osf8JpwAEmc0HpgnqjxdwtRW5U69pI=";
+  };
+
+  propagatedBuildInputs = [
+    requests
+  ];
+
+  doCheck = false; # disabled due to Python 2 tests (?) - missing parenthesis
+
+  meta = {
+    description = " Python's Requests OAuth (Open Authentication) plugin";
+    homepage = "https://github.com/maraujop/requests-oauth";
+    license = lib.licenses.bsd3;
+    maintainers = with lib.maintainers; [ kittywitch ];
+  };
+}

overlays/local/withings-api.nix

@@ -0,0 +1,41 @@
+{ lib
+, buildPythonPackage
+, pythonOlder
+, fetchPypi
+, poetry
+, arrow
+, requests-oauth
+, requests-oauthlib
+, typing-extensions
+, pydantic
+}:
+
+buildPythonPackage rec {
+  pname = "withings-api";
+  version = "2.4.0";
+  format = "pyproject";
+
+  disabled = pythonOlder "3.6";
+
+  src = fetchPypi {
+    pname = "withings_api"; # source and whl distribution use _ instead of -
+    inherit version;
+    sha256 = "sha256-vQ6MKeD4g4QTkXx638FW53mTkx78af7NQXF00kxgM10=";
+  };
+
+  propagatedBuildInputs = [
+    poetry
+    arrow
+    requests-oauth
+    requests-oauthlib
+    typing-extensions
+    pydantic
+  ];
+
+  meta = {
+    description = "Library for the Withings Health API";
+    homepage = "https://github.com/vangorra/python_withings_api";
+    license = lib.licenses.mit;
+    maintainers = with lib.maintainers; [ kittywitch ];
+  };
+}

tf

@@ -1 +1 @@
-Subproject commit 5ce8affee5346b7ab4d89060ea398212f9ca4630
+Subproject commit ef3c926623860647b4a3f9e28c22863bceaa0838