From fa8c8d4853a3bf6c09441704e3d98265af9b526d Mon Sep 17 00:00:00 2001
From: Ember 'n0emis' Keske <git@n0emis.eu>
Date: Thu, 21 Jul 2022 09:22:40 +0200
Subject: [PATCH] add fieldpoc systemd-service

---
 hosts/yate/secrets.yaml      | 53 ++++++++++++++++++++++++++++++++
 hosts/yate/voip.nix          | 26 ++++++++++++++++
 modules/fieldpoc/default.nix | 59 +++++++++++++++++++++++++++++++++---
 3 files changed, 133 insertions(+), 5 deletions(-)
 create mode 100644 hosts/yate/secrets.yaml

diff --git a/hosts/yate/secrets.yaml b/hosts/yate/secrets.yaml
new file mode 100644
index 0000000..c22b256
--- /dev/null
+++ b/hosts/yate/secrets.yaml
@@ -0,0 +1,53 @@
+ommpassword: ENC[AES256_GCM,data:OwtsLlRZ5rOE6UY=,iv:vOOVNBX5Rjkf3J/dz1COS2TOgNz3aZFsaqGTIX+Wlyk=,tag:3aqap0tovVMLHx8sfpFfvQ==,type:str]
+sipsecret: ENC[AES256_GCM,data:FGX7yhqrDfWP9IvZi3WdR2ahgsq8DVhhtO+ONoSWhsg=,iv:5+aixENdMFw6B5wywzOFm5PqcwjfsBs9Mxs4wL6x05c=,tag:c6b36/kolZWM1jo0dt9chA==,type:str]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age:
+        - recipient: age10pxa70g3ekxdrk788l52s93a6ftavdw3r8x6d23gmsluudmwq3asmu6ah9
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBic1NCbjlyWlJzODRqekJL
+            VE9TbFplenQ1SjFXM0M3S2hDTFNnakpOQWxFCmhDcHREN2wxSGt5OHhQYWRaQ1lu
+            K3NvZ2RpaWZPMWVzTkRqZ0xPKzNZem8KLS0tIEoxNVRKQ2ZDTXozV1R2R3JmZDI3
+            WEtWTTN3a2VFVHgxQXNXMmVEbnVZNFEKdP2ewBsZBr/thdqcF7RUF9L4ziy5YPVl
+            FJAMvB7VxUfICBbCwcehp+Lj248T2h7hdGrl3RMcT0NgbFw2XdjDRA==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2022-07-21T07:22:05Z"
+    mac: ENC[AES256_GCM,data:zW/hdL7olhsRVy2dnhI+qvTDQmP5vUv+TZDSAW0M8JVbSbqA9PKR2RcKEw16Q1SwXEzGrFuN/zrDxv0BHMSTgwRfJlFFc12wMD4uGCZLkgn2gHklPHr33dwIvxhncQD0QNuo0uQXw41z/Sqme1t+M9UcUZYtXExrnllcFIKnbJQ=,iv:FYLdqGvjerSXVZwEHVcOL/udqcWfa0RSd9+t32KUQpg=,tag:SGswvKi9Q8C+Vm3e7EzxMw==,type:str]
+    pgp:
+        - created_at: "2022-07-20T11:12:30Z"
+          enc: |
+            -----BEGIN PGP MESSAGE-----
+
+            hQIMA6BIUohpxMXcAQ//SWYM12B8nQ7ngpp2gkFQaLayflfx5GZ/mXg0k45qgPnN
+            U8OftgWxP70XRO/8h/V7GoBS2sE2usZqNzn37VGjdyP2lnFr2DDaldbQntP0td59
+            zwJXdqXECP8JNFUQUd6O923CUvsl1V/QVcwMsN1/FX45dseyoxfHyy9K3JFfQuko
+            THNQAp/c8i5sFETF6JPrFNwRRL5ZBcDcu/m+B9T+64B/O+2BUMtlDqNEc4u26jC/
+            0/+B911lT7CNOqVSdOLmL6hYz7iV+XdkhLmMnwhKkYWDXw+u0A2gTlld6PK04dnq
+            GPJPTPM+aNJD72hTN0a5b0FKgBLY5Ne2EQcf5M5IcQDpmsYDFpAkzBLnZXcM1WTz
+            zhf1WGPYtS5SlpT9eAM+Q3ou5Hzmri1DDq/l9x5sUCBwHG6QIsMR2yokjunqSIEp
+            FoObyWmk2Fiz9YRTkNBcHxxwx5awGapXjnmc+43j9Anj477sdNTpxhuLRibs3Tkr
+            hXUjpIbfKR3+lvZ0ZlQu4UBsckdLFLACi5UzP3WompPPe9y+8PC0uDBgq9oHlPJw
+            z4IpBhYJscBIZe95H6XnLY72BlqeD7po+6P4kSbZFBoCiA8Jw1pUa4rR5+sWkjgN
+            67oIET9M0CO090stSa8d+8llK7cijAB31q3jAvwixTNhxw7Dm0jzkElpszxf5djS
+            XgFPoIjVXX/CV73qcNTsteL0bkr5TdENv6yyGG3ZtAEoo0yv1c1R8m1VOT1Jvk/x
+            Xst4xUWNROR5BhSBSoMHr8EqlOBdpTBUGAZFea5t3pJHC+iqyh9MZa9AeZSttH0=
+            =c6ck
+            -----END PGP MESSAGE-----
+          fp: DD2D88B9FCB74C81E6F63AAD5B5D448C88684BC3
+        - created_at: "2022-07-20T11:12:30Z"
+          enc: |
+            -----BEGIN PGP MESSAGE-----
+
+            hE4D6iFd6webPCUSAQdAnNWOc2A1xPEzatTwvDnpyVawW7VrfrpB5ibrXX3Ty2sg
+            ieeBlwSTTTbMkH4qq5z2nb6n0lJRTllK9uoPu7XYtv7SXgGCfQL45J8fARpS2oB3
+            9h7l+oVf9yMu5xNR/pQuDORj8VdVHBm7sYEXqHbmeyoBDybSyNE4BKeVpncHkLvz
+            BC0kdgFBTvtIYqOJLcoIGFh1Qe29HfvkrNmmvyvbMFw=
+            =MZgy
+            -----END PGP MESSAGE-----
+          fp: 6E10217E3187069E057DF5ABE0262A773B824745
+    unencrypted_suffix: _unencrypted
+    version: 3.7.1
diff --git a/hosts/yate/voip.nix b/hosts/yate/voip.nix
index 1bebb56..820a60b 100644
--- a/hosts/yate/voip.nix
+++ b/hosts/yate/voip.nix
@@ -1,8 +1,15 @@
 { config, pkgs, lib, ... }:
 
 {
+  sops.secrets.ommpassword = {};
+  sops.secrets.sipsecret = {};
+
   services.fieldpoc = {
     enable = true;
+    ommIp = "10.42.132.2";
+    ommUser = "omm";
+    ommPasswordPath = config.sops.secrets.ommpassword.path;
+    sipsecretPath = config.sops.secrets.sipsecret.path;
     dhcp = {
       enable = true;
       interface = "vlan132";
@@ -50,4 +57,23 @@
       ln -s ${./yintro.slin} $out/share/sounds/yate/yintro.slin
     '')
   ];
+
+  systemd.services.fieldpoc-nerd = {
+    wantedBy = ["multi-user.target"];
+    startAt = "*-*-* *:*:00";
+    script = let
+      reloadScript = pkgs.writeText "reload" ''
+        spawn ${pkgs.inetutils}/bin/telnet localhost 9437
+        expect "> "
+        send "reload\n"
+        expect "> "
+        send "exit\n"
+        expect "disconnecting"
+      '';
+    in ''
+      ${pkgs.curl}/bin/curl https://nerd.bula22.de/export.json\?event=1 > /etc/fieldpoc/extensions.json
+
+      ${pkgs.expect}/bin/expect ${reloadScript}
+    '';
+  };
 }
diff --git a/modules/fieldpoc/default.nix b/modules/fieldpoc/default.nix
index 90acbab..3a02781 100644
--- a/modules/fieldpoc/default.nix
+++ b/modules/fieldpoc/default.nix
@@ -11,11 +11,18 @@ in {
   options = {
     services.fieldpoc = {
       enable = mkEnableOption "fieldpoc";
-      # TODO: config
-      #config = mkOption {
-      #  type = with types; attrsOf anything;
-      #  default = { };
-      #};
+      ommIp = mkOption {
+        type = types.str;
+      };
+      ommUser = mkOption {
+        type = types.str;
+      };
+      ommPasswordPath = mkOption {
+        type = types.path;
+      };
+      sipsecretPath = mkOption {
+        type = types.path;
+      };
     };
   };
 
@@ -24,6 +31,48 @@ in {
       python3.pkgs.fieldpoc
     ];
 
+    systemd.services.fieldpoc = {
+      description = "Simple phone system";
+      wantedBy = [ "multi-user.target" ];
+      after = [ "network-online.target" "yate.service" ];
+
+      serviceConfig = {
+        Type = "simple";
+        ExecStart = "${pkgs.python3.pkgs.fieldpoc}/bin/fieldpoc -c /etc/fieldpoc/config.json -e /etc/fieldpoc/extensions.json --debug";
+        ConfigurationDirectory = "fieldpoc";
+      };
+
+      preStart = let
+        cfgFile = pkgs.writeText "config.json" (lib.generators.toJSON { } {
+          controller = {
+            host = "127.0.0.1";
+            port = 9437;
+          };
+          dect = {
+            host = cfg.ommIp;
+            username = cfg.ommUser;
+            password = "!!OMMPASSWORD!!";
+            sipsecret = "!!SIPSECRET!!";
+          };
+          yate = {
+            host = "127.0.0.1";
+            port = 5039;
+          };
+          database = {
+            hostname = "127.0.0.1";
+            username = "fieldpoc";
+            password = "fieldpoc";
+            database = "fieldpoc";
+          };
+        });
+      in ''
+        ${pkgs.gnused}/bin/sed -e "s/!!OMMPASSWORD!!/$(cat ${cfg.ommPasswordPath})/g" -e "s/!!SIPSECRET!!/$(cat ${cfg.sipsecretPath})/g" ${cfgFile} > /etc/fieldpoc/config.json
+        if [ ! -f "/etc/fieldpoc/extensions.json" ]; then
+          echo '{"extensions": {}}' > /etc/fieldpoc/extensions.json
+        fi
+      '';
+    };
+
     services.postgresql = {
       enable = true;
       initialScript = pkgs.writeText "backend-initScript" ''