megamanmalte/nixos
0
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

[user/malte, user/marie, host/faunus-ater] Add printing service

Browse source
This commit is contained in:
Malte Tammena 2022-10-15 12:50:04 +02:00
parent b3d0ef58fc
commit ae990fccfa
9 changed files with 108 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

54
hosts/faunus-ater.nix
View file

@ -319,6 +319,60 @@ in {
# };
# networking.firewall.allowedTCPPorts = [config.services.seafile.seafileSettings.fileserver.port];
# === Print Service ===
systemd.paths."print-all-files" = {
requires = ["printer.target"];
after = ["printer.target"];
wantedBy = ["default.target"];
pathConfig = {
DirectoryNotEmpty = "/srv/to-be-printed";
MakeDirectory = true;
DirectoryMode = "777";
Unit = "print-all-files.service";
};
};
systemd.services."print-all-files" = let
printAndDeleteFile = pkgs.writeShellApplication {
name = "print-and-delete-file";
runtimeInputs = [
pkgs.coreutils
pkgs.cups
];
text = ''
echo Printing "$1"
lp -- "$1"
rm "$1"
'';
};
script = pkgs.writeShellApplication {
name = "print-all-files-script";
runtimeInputs = [
pkgs.coreutils
printAndDeleteFile
];
text = ''
find . -type f -exec print-and-delete-file "{}" \;
'';
};
in {
requires = ["printer.target"];
after = ["printer.target"];
serviceConfig = {
WorkingDirectory = "/srv/to-be-printed";
ExecStart = "${script}/bin/print-all-files-script";
};
};
users.users.sftp = {
description = "User used for all sftp stuff";
isNormalUser = true;
group = "sftp";
openssh.authorizedKeys.keyFiles = [
../secrets/users/malte/sftp-key.pub
../secrets/users/marie/sftp-key.pub
];
};
users.groups.sftp = {};
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
# === BACKUPS ===

3
modules/malte.nix
View file

@ -81,6 +81,9 @@ in {
pw-mail-schulverwalter = {
inherit sopsFile owner mode;
};
sftp-key = {
inherit sopsFile owner mode;
};
};
};
}

11
modules/marie.nix
View file

@ -29,11 +29,18 @@ in {
programs.fish.enable = true;
home-manager.users.marie.imports = [../users/marie/home.nix];
sops.secrets."restic-backup-marie" = {
sops.secrets = let
sopsFile = ../secrets/users/marie/secrets.yaml;
owner = "marie";
mode = "0400";
key = "restic-backup";
in {
restic-backup-marie = {
inherit sopsFile owner mode;
key = "restic-backup";
};
sftp-key = {
inherit sopsFile owner mode;
};
};
};
}

5
secrets/users/malte/secrets.yaml
View file

File diff suppressed because one or more lines are too long

1
secrets/users/malte/sftp-key.pub Normal file
View file

@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINZDmBkN2YF6kygXwbyeYXlRop/rSD8aGqA8cAm7RKzP malte@helix-texta

7
secrets/users/marie/secrets.yaml
View file

@ -1,4 +1,5 @@
restic-backup: ENC[AES256_GCM,data:kZJ/1pUYxRowRfjQj5wSQAlHwZPO0yfN6qcQWtBSoWI=,iv:ll56IJhqejkTFH53FGH8orFpoelbCzOe698jgafM1h0=,tag:/4Z6f5ygN6gbild/7Wi/cQ==,type:str]
sftp-key: ENC[AES256_GCM,data:U9f1ar18f3takUVC+fE3LQ7yC3hbgYYMy8lvWPi8bElTZzgMPQDwTIdZ85k+UbfAT/L55SJZ/Enp96QXKCkdDQTVKW7sPUU0waoqQ3grsKoc0CcPOmB4FLKiQbOBQkm/cdTUBOPXrBeSMZD1jSzjiWsIbn6ymWSuREJuODY/phQbkgOTc2RYsZktgQC+vLod7Xk4ToQJu356I+/s5lYpgfOREWdevGcyDzTKPeSKtdzvMsoJM4H+tMasoIjcNrAgjIKn4+EzuMEUt3KWaJ1udY/gKKnWzBemvUtOTN/RkYiceOsCM2qCHHiUFuVb5mLbYbkuxvcFTAbi8NcJk7vYZPZGSXAR12AqhoAh3LdwM2PjAo5uhgOhSlkcwJRUt6yYf1sDfSC2bLQwheHJprBDnHeSYIDVfCTa/pK1TRiPuESCHW/Xi/gFFBtC6muIvphPY7lY9dNLkHUEH6IYNz+EJxtA1pehU0XNwTcQMNRQEAc79ovzLgpoY7t/PrkVk6UyG7OxY5k9yX7nxw0ExIGEdPjohUkMfYaYaVzJ,iv:dSi2QQ5hQ836VPVrghPNL7uP3v03EtkWjOo/X+dlsfE=,tag:KBiHVFZvCoTe9l7AFg3kGw==,type:str]
sops:
kms: []
gcp_kms: []
@ -23,8 +24,8 @@ sops:
RE1vZDNrY2hYUS9CS1lBUzZySXIwcW8KSKQb0FTxHlDybLaj14X5E3PGT8f2/JLH
wLzdbHHuPbo2Fbed7vipfIOhaUoFntERjLu83C3ovdK/UtfmYgyAtA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2022-01-13T19:23:50Z"
mac: ENC[AES256_GCM,data:u04zcXFhEsjQ0w00ashtjrKybQGbqizoibJvNyr1TxIRtc6uhKuqqviY1jqFFpn4I2T2iefCnoiZJv//YbPXSstZGF9VEE9T38mQ5ZFS5o8GybxiyoWtgLWs2tbQX5S8ML7lUBuyRXO1d25Ts0Qt4tTkKRNVkgraM2UwPX0m6B8=,iv:QRwioLOqNOzAArGfcgqsfmm1AHNCUvNOyeNO4gK8SW0=,tag:bRiELZ8XkMLTBBHyaAMKAQ==,type:str]
lastmodified: "2022-10-15T10:26:47Z"
mac: ENC[AES256_GCM,data:iWqxkmGX5A1/4197WUAlmEFPnwlENjEPOEiN4c38DPAfquDEgTGBdm3yzMQwyXeYsqtQ6uzA8c1enucM57Ru8b/vSys048Zw1k/lKT99uCPNYa/hmOeJShyVUxgZV5M1TnLlq3fyi1yYqTli1FkLZSO9aRjxwIKxAk03KH8KiA4=,iv:7ZykawbDrG7/R87XxGIB+WCyFsKmgByB0zZjoB1ZFBY=,tag:falyeGErvplvaEcbNod4MA==,type:str]
pgp:
- created_at: "2022-01-16T13:13:17Z"
enc: |
@ -47,4 +48,4 @@ sops:
-----END PGP MESSAGE-----
fp: 71E08E591553F5EA4CB98745BCE9E4BF632E7CED
unencrypted_suffix: _unencrypted
version: 3.7.1
version: 3.7.3

1
secrets/users/marie/sftp-key.pub Normal file
View file

@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINejc/nHFr4ZFXuVaSLS3k822SIPSSKq+XWpkcGfPquC malte@helix-texta

16
users/malte/home.nix
View file

@ -203,6 +203,22 @@ in {
defaultCalendar = "Malte";
};
# TODO: Merge with Marie's part
systemd.user.mounts."home-malte-to\\x2dbe\\x2dprinted" = {
Unit = {
Description = "Directory that prints everything";
};
Install = {
WantedBy = ["default.target"];
};
Mount = {
What = "sftp@faunus-ater:/srv/to-be-printed";
Where = "/home/malte/to-be-printed";
Type = "fuse.sshfs";
Options = "IdentityFile=/run/secrets/sftp-key";
};
};
services.protonmailBridge.enable = true;
services.darkman.enable = true;

17
users/marie/home.nix
View file

@ -26,6 +26,7 @@ in {
shotwell
signal-desktop
skypeforlinux
sshfs
tdesktop
texlive.combined.scheme-full
texmaker
@ -65,6 +66,22 @@ in {
"org/gnome/desktop/background" = {picture-uri = "file://${bg}";};
};
# TODO: Merge with Malte's part
systemd.user.mounts."home-marie-to\\x2dbe\\x2dprinted" = {
Unit = {
Description = "Directory that prints everything";
};
Install = {
WantedBy = ["default.target"];
};
Mount = {
What = "sftp@faunus-ater:/srv/to-be-printed";
Where = "/home/marie/to-be-printed";
Type = "fuse.sshfs";
Options = "IdentityFile=/run/secrets/sftp-key";
};
};
home.stateVersion = "18.09";
};
}