1
0

add fieldpoc systemd-service

This commit is contained in:
Ember 'n0emis' Keske 2022-07-21 09:22:40 +02:00
parent 03957afd7e
commit fa8c8d4853
No known key found for this signature in database
GPG Key ID: 00FAF748B777CF10
3 changed files with 133 additions and 5 deletions

53
hosts/yate/secrets.yaml Normal file
View File

@ -0,0 +1,53 @@
ommpassword: ENC[AES256_GCM,data:OwtsLlRZ5rOE6UY=,iv:vOOVNBX5Rjkf3J/dz1COS2TOgNz3aZFsaqGTIX+Wlyk=,tag:3aqap0tovVMLHx8sfpFfvQ==,type:str]
sipsecret: ENC[AES256_GCM,data:FGX7yhqrDfWP9IvZi3WdR2ahgsq8DVhhtO+ONoSWhsg=,iv:5+aixENdMFw6B5wywzOFm5PqcwjfsBs9Mxs4wL6x05c=,tag:c6b36/kolZWM1jo0dt9chA==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age10pxa70g3ekxdrk788l52s93a6ftavdw3r8x6d23gmsluudmwq3asmu6ah9
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBic1NCbjlyWlJzODRqekJL
VE9TbFplenQ1SjFXM0M3S2hDTFNnakpOQWxFCmhDcHREN2wxSGt5OHhQYWRaQ1lu
K3NvZ2RpaWZPMWVzTkRqZ0xPKzNZem8KLS0tIEoxNVRKQ2ZDTXozV1R2R3JmZDI3
WEtWTTN3a2VFVHgxQXNXMmVEbnVZNFEKdP2ewBsZBr/thdqcF7RUF9L4ziy5YPVl
FJAMvB7VxUfICBbCwcehp+Lj248T2h7hdGrl3RMcT0NgbFw2XdjDRA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2022-07-21T07:22:05Z"
mac: ENC[AES256_GCM,data:zW/hdL7olhsRVy2dnhI+qvTDQmP5vUv+TZDSAW0M8JVbSbqA9PKR2RcKEw16Q1SwXEzGrFuN/zrDxv0BHMSTgwRfJlFFc12wMD4uGCZLkgn2gHklPHr33dwIvxhncQD0QNuo0uQXw41z/Sqme1t+M9UcUZYtXExrnllcFIKnbJQ=,iv:FYLdqGvjerSXVZwEHVcOL/udqcWfa0RSd9+t32KUQpg=,tag:SGswvKi9Q8C+Vm3e7EzxMw==,type:str]
pgp:
- created_at: "2022-07-20T11:12:30Z"
enc: |
-----BEGIN PGP MESSAGE-----
hQIMA6BIUohpxMXcAQ//SWYM12B8nQ7ngpp2gkFQaLayflfx5GZ/mXg0k45qgPnN
U8OftgWxP70XRO/8h/V7GoBS2sE2usZqNzn37VGjdyP2lnFr2DDaldbQntP0td59
zwJXdqXECP8JNFUQUd6O923CUvsl1V/QVcwMsN1/FX45dseyoxfHyy9K3JFfQuko
THNQAp/c8i5sFETF6JPrFNwRRL5ZBcDcu/m+B9T+64B/O+2BUMtlDqNEc4u26jC/
0/+B911lT7CNOqVSdOLmL6hYz7iV+XdkhLmMnwhKkYWDXw+u0A2gTlld6PK04dnq
GPJPTPM+aNJD72hTN0a5b0FKgBLY5Ne2EQcf5M5IcQDpmsYDFpAkzBLnZXcM1WTz
zhf1WGPYtS5SlpT9eAM+Q3ou5Hzmri1DDq/l9x5sUCBwHG6QIsMR2yokjunqSIEp
FoObyWmk2Fiz9YRTkNBcHxxwx5awGapXjnmc+43j9Anj477sdNTpxhuLRibs3Tkr
hXUjpIbfKR3+lvZ0ZlQu4UBsckdLFLACi5UzP3WompPPe9y+8PC0uDBgq9oHlPJw
z4IpBhYJscBIZe95H6XnLY72BlqeD7po+6P4kSbZFBoCiA8Jw1pUa4rR5+sWkjgN
67oIET9M0CO090stSa8d+8llK7cijAB31q3jAvwixTNhxw7Dm0jzkElpszxf5djS
XgFPoIjVXX/CV73qcNTsteL0bkr5TdENv6yyGG3ZtAEoo0yv1c1R8m1VOT1Jvk/x
Xst4xUWNROR5BhSBSoMHr8EqlOBdpTBUGAZFea5t3pJHC+iqyh9MZa9AeZSttH0=
=c6ck
-----END PGP MESSAGE-----
fp: DD2D88B9FCB74C81E6F63AAD5B5D448C88684BC3
- created_at: "2022-07-20T11:12:30Z"
enc: |
-----BEGIN PGP MESSAGE-----
hE4D6iFd6webPCUSAQdAnNWOc2A1xPEzatTwvDnpyVawW7VrfrpB5ibrXX3Ty2sg
ieeBlwSTTTbMkH4qq5z2nb6n0lJRTllK9uoPu7XYtv7SXgGCfQL45J8fARpS2oB3
9h7l+oVf9yMu5xNR/pQuDORj8VdVHBm7sYEXqHbmeyoBDybSyNE4BKeVpncHkLvz
BC0kdgFBTvtIYqOJLcoIGFh1Qe29HfvkrNmmvyvbMFw=
=MZgy
-----END PGP MESSAGE-----
fp: 6E10217E3187069E057DF5ABE0262A773B824745
unencrypted_suffix: _unencrypted
version: 3.7.1

View File

@ -1,8 +1,15 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
{ {
sops.secrets.ommpassword = {};
sops.secrets.sipsecret = {};
services.fieldpoc = { services.fieldpoc = {
enable = true; enable = true;
ommIp = "10.42.132.2";
ommUser = "omm";
ommPasswordPath = config.sops.secrets.ommpassword.path;
sipsecretPath = config.sops.secrets.sipsecret.path;
dhcp = { dhcp = {
enable = true; enable = true;
interface = "vlan132"; interface = "vlan132";
@ -50,4 +57,23 @@
ln -s ${./yintro.slin} $out/share/sounds/yate/yintro.slin ln -s ${./yintro.slin} $out/share/sounds/yate/yintro.slin
'') '')
]; ];
systemd.services.fieldpoc-nerd = {
wantedBy = ["multi-user.target"];
startAt = "*-*-* *:*:00";
script = let
reloadScript = pkgs.writeText "reload" ''
spawn ${pkgs.inetutils}/bin/telnet localhost 9437
expect "> "
send "reload\n"
expect "> "
send "exit\n"
expect "disconnecting"
'';
in ''
${pkgs.curl}/bin/curl https://nerd.bula22.de/export.json\?event=1 > /etc/fieldpoc/extensions.json
${pkgs.expect}/bin/expect ${reloadScript}
'';
};
} }

View File

@ -11,11 +11,18 @@ in {
options = { options = {
services.fieldpoc = { services.fieldpoc = {
enable = mkEnableOption "fieldpoc"; enable = mkEnableOption "fieldpoc";
# TODO: config ommIp = mkOption {
#config = mkOption { type = types.str;
# type = with types; attrsOf anything; };
# default = { }; ommUser = mkOption {
#}; type = types.str;
};
ommPasswordPath = mkOption {
type = types.path;
};
sipsecretPath = mkOption {
type = types.path;
};
}; };
}; };
@ -24,6 +31,48 @@ in {
python3.pkgs.fieldpoc python3.pkgs.fieldpoc
]; ];
systemd.services.fieldpoc = {
description = "Simple phone system";
wantedBy = [ "multi-user.target" ];
after = [ "network-online.target" "yate.service" ];
serviceConfig = {
Type = "simple";
ExecStart = "${pkgs.python3.pkgs.fieldpoc}/bin/fieldpoc -c /etc/fieldpoc/config.json -e /etc/fieldpoc/extensions.json --debug";
ConfigurationDirectory = "fieldpoc";
};
preStart = let
cfgFile = pkgs.writeText "config.json" (lib.generators.toJSON { } {
controller = {
host = "127.0.0.1";
port = 9437;
};
dect = {
host = cfg.ommIp;
username = cfg.ommUser;
password = "!!OMMPASSWORD!!";
sipsecret = "!!SIPSECRET!!";
};
yate = {
host = "127.0.0.1";
port = 5039;
};
database = {
hostname = "127.0.0.1";
username = "fieldpoc";
password = "fieldpoc";
database = "fieldpoc";
};
});
in ''
${pkgs.gnused}/bin/sed -e "s/!!OMMPASSWORD!!/$(cat ${cfg.ommPasswordPath})/g" -e "s/!!SIPSECRET!!/$(cat ${cfg.sipsecretPath})/g" ${cfgFile} > /etc/fieldpoc/config.json
if [ ! -f "/etc/fieldpoc/extensions.json" ]; then
echo '{"extensions": {}}' > /etc/fieldpoc/extensions.json
fi
'';
};
services.postgresql = { services.postgresql = {
enable = true; enable = true;
initialScript = pkgs.writeText "backend-initScript" '' initialScript = pkgs.writeText "backend-initScript" ''