diff options
| author | lassulus <git@lassul.us> | 2026-01-11 01:29:31 +0100 |
|---|---|---|
| committer | lassulus <git@lassul.us> | 2026-01-11 01:29:31 +0100 |
| commit | 68d3c925b0edb958fcbafa589d35967dfb2a979c (patch) | |
| tree | 82018f93e411fcad47cb45867c646ce0f8feb683 | |
| parent | 39ef2da7d30dba7c5c1556ffa90d330a9607bb44 (diff) | |
5pkgs: fix nix flake show compatibility
Integrate nix-writers flake for extended writer functions (writeJq,
writeGawkBin, etc.) using a fixpoint overlay so functions can reference
each other.
Update Python packages to new buildPythonPackage format:
- Add pyproject = true and build-system for ovh-zone, python-dnsstamps,
ssh-audit, tinc_graphs
Fix writer function usage by taking them as arguments instead of
accessing via pkgs:
- nixos-format-error, untilport, qrscan, logf, gitignore, urix, etc.
Update deprecated nixpkgs attribute names:
- gdk_pixbuf -> gdk-pixbuf
- libSM/libX11/libXinerama -> xorg.*
- buildGo120Module -> buildGoModule
Remove obsolete/broken packages:
- buildbot-classic-slave (missing buildbot-classic)
- cac-panel, drivedroid-gen-repo (Python 2 / format issues)
- games-user-env, generate-secrets (unused)
- internetarchive, bepasty-client-cli, krebspaste (Python 2)
- qrscan (conflicts with removed nixpkgs package)
Other fixes:
- Use lib.callPackageWith for package interdependencies
- Only export derivations in flake packages output
- Limit packages output to Linux systems
- Fix IFD in ukrepl by passing path to writer instead of readFile
- Import stockholm.lib directly where needed (bling)
- Rewrite brain and git-hooks to use runCommand
36 files changed, 269 insertions, 445 deletions
diff --git a/flake.lock b/flake.lock index 1774af4dd..b11c289b4 100644 --- a/flake.lock +++ b/flake.lock @@ -44,6 +44,21 @@ "type": "github" } }, + "flake-utils": { + "locked": { + "lastModified": 1676283394, + "narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "hercules-ci-effects": { "inputs": { "flake-parts": [ @@ -70,7 +85,10 @@ } }, "nix-writers": { - "flake": false, + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs" + }, "locked": { "lastModified": 1677612737, "narHash": "sha256-UaCKZ4PbMZU6UZH7XNFcjRtd5jheswl66rjZDBfQgp8=", @@ -87,6 +105,21 @@ }, "nixpkgs": { "locked": { + "lastModified": 1677608380, + "narHash": "sha256-k82O23qBAK+43X0KSBjsMYXG2x4kWWXeAmpPTc2KRGY=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "4aba90e89f6d4ac6138939961f62842bd94ec929", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { "lastModified": 1760878510, "narHash": "sha256-K5Osef2qexezUfs0alLvZ7nQFTGS9DL2oTVsIXsqLgs=", "owner": "NixOS", @@ -105,7 +138,7 @@ "inputs": { "buildbot-nix": "buildbot-nix", "nix-writers": "nix-writers", - "nixpkgs": "nixpkgs" + "nixpkgs": "nixpkgs_2" } }, "treefmt-nix": { @@ -1,10 +1,7 @@ { inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; - nix-writers = { - url = "git+https://cgit.krebsco.de/nix-writers"; - flake = false; - }; + nix-writers.url = "git+https://cgit.krebsco.de/nix-writers"; # disko.url = "github:nix-community/disko"; # disko.inputs.nixpkgs.follows = "nixpkgs"; buildbot-nix.url = "github:Mic92/buildbot-nix"; @@ -43,9 +40,21 @@ }; overlays.default = import ./krebs/5pkgs/default.nix; packages = let - packageNames = self.lib.attrNames (self.lib.mapNixDir (x: null) ./krebs/5pkgs/simple); - appliedOverlay = (system: self.overlays.default {} (self.inputs.nixpkgs.legacyPackages.${system} // { lib = self.lib; })); - in nixpkgs.lib.genAttrs [ "x86_64-linux" "aarch64-linux" "x86_64-darwin" "aarch64-darwin" ] (system: self.lib.getAttrs packageNames (appliedOverlay system)); + allNames = self.lib.attrNames (self.lib.mapNixDir (x: null) ./krebs/5pkgs/simple); + appliedOverlay = (system: + let + base = self.inputs.nixpkgs.legacyPackages.${system}; + # Apply nix-writers overlay with fixpoint so its functions can find each other + withWriters = nixpkgs.lib.fix (final: base // nix-writers.overlays.default final base); + in self.overlays.default {} (withWriters // { lib = self.lib; })); + # Only include derivations in packages output + getDerivations = overlay: builtins.listToAttrs (builtins.filter (x: x != null) (map (name: + let val = overlay.${name} or null; + in if val != null && (val.type or null) == "derivation" + then { inherit name; value = val; } + else null + ) allNames)); + in nixpkgs.lib.genAttrs [ "x86_64-linux" "aarch64-linux" ] (system: getDerivations (appliedOverlay system)); lib = import (self.outPath + "/lib/pure.nix") { lib = nixpkgs.lib; }; }; } diff --git a/krebs/5pkgs/default.nix b/krebs/5pkgs/default.nix index 866796a4e..f726475dd 100644 --- a/krebs/5pkgs/default.nix +++ b/krebs/5pkgs/default.nix @@ -8,7 +8,10 @@ with stockholm.lib; fix (foldl' (flip extends) (self: super) ( [ - (self: super: { inherit stockholm; }) + (self: super: { + inherit stockholm; + inherit (super.writers) writeBash writeBashBin writeDash writeDashBin writeJSON; + }) ] ++ (map diff --git a/krebs/5pkgs/simple/bepasty-client-cli/default.nix b/krebs/5pkgs/simple/bepasty-client-cli/default.nix deleted file mode 100644 index 7811ef5fc..000000000 --- a/krebs/5pkgs/simple/bepasty-client-cli/default.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ lib, pkgs, pythonPackages, fetchFromGitHub, ... }: - -with pythonPackages; buildPythonPackage rec { - name = "bepasty-client-cli"; - propagatedBuildInputs = [ - python_magic - click - requests - ]; - - src = fetchFromGitHub { - owner = "bepasty"; - repo = "bepasty-client-cli"; - rev = "4b7135ba8ba1e17501de08ad7b6aca73c0d949d2"; - sha256 = "1svchyk9zai1vip9ppm12jm7wfjbdr9ijhgcd2n10xh73jrn9cnc"; - }; - - meta = { - homepage = https://github.com/bepasty/bepasty-client-cli; - description = "CLI client for bepasty-server"; - license = lib.licenses.bsd2; - }; -} diff --git a/krebs/5pkgs/simple/bling/default.nix b/krebs/5pkgs/simple/bling/default.nix index 1c8610325..186aaa85e 100644 --- a/krebs/5pkgs/simple/bling/default.nix +++ b/krebs/5pkgs/simple/bling/default.nix @@ -1,4 +1,7 @@ -{ imagemagick, runCommand, stockholm, ... }: +{ imagemagick, runCommand, lib, ... }: +let + stockholm.lib = import ../../../../lib/pure.nix { inherit lib; }; +in with stockholm.lib; let diff --git a/krebs/5pkgs/simple/brain/default.nix b/krebs/5pkgs/simple/brain/default.nix index d7e36a527..9f183cfe9 100644 --- a/krebs/5pkgs/simple/brain/default.nix +++ b/krebs/5pkgs/simple/brain/default.nix @@ -4,25 +4,30 @@ let pass = pkgs.pass.withExtensions (ext: [ ext.pass-otp ]); -in -pkgs.write "brain" { - "/bin/brain".link = pkgs.writeDash "brain" '' + brain = pkgs.writeDash "brain" '' PASSWORD_STORE_DIR=$HOME/brain \ exec ${pass}/bin/pass "$@" ''; - "/bin/brainmenu".link = pkgs.writeDash "brainmenu" '' + + brainmenu = pkgs.writeDash "brainmenu" '' PASSWORD_STORE_DIR=$HOME/brain \ exec ${pass}/bin/passmenu "$@" ''; - "/share/bash-completion/completions/brain".link = - pkgs.runCommand "brain-completions" { - } /* sh */ '' - sed -r ' - s/\<_pass?(_|\>)/_brain\1/g - s/\<__password_store/_brain/g - s/\<pass\>/brain/ - s/\$HOME\/\.password-store/$HOME\/brain/ - ' < ${pass}/share/bash-completion/completions/pass > $out - ''; -} + + completions = pkgs.runCommand "brain-completions" {} '' + sed -r ' + s/\<_pass?(_|\>)/_brain\1/g + s/\<__password_store/_brain/g + s/\<pass\>/brain/ + s/\$HOME\/\.password-store/$HOME\/brain/ + ' < ${pass}/share/bash-completion/completions/pass > $out + ''; +in + +pkgs.runCommand "brain" {} '' + mkdir -p $out/bin $out/share/bash-completion/completions + ln -s ${brain} $out/bin/brain + ln -s ${brainmenu} $out/bin/brainmenu + ln -s ${completions} $out/share/bash-completion/completions/brain +'' diff --git a/krebs/5pkgs/simple/buildbot-classic-slave/default.nix b/krebs/5pkgs/simple/buildbot-classic-slave/default.nix deleted file mode 100644 index a48c45ae0..000000000 --- a/krebs/5pkgs/simple/buildbot-classic-slave/default.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ coreutils, fetchgit, git, buildbot-classic, python2Packages, ... }: - -python2Packages.buildPythonApplication { - name = "buildbot-classic-slave-${buildbot-classic.version}"; - namePrefix = ""; - - src = buildbot-classic.src; - postUnpack = "sourceRoot=\${sourceRoot}/slave"; - - nativeBuildInputs = [ git ]; - propagatedBuildInputs = [ python2Packages.twisted ]; - doCheck = false; - - postInstall = '' - mkdir -p "$out/share/man/man1" - cp docs/buildslave.1 "$out/share/man/man1" - ''; -} diff --git a/krebs/5pkgs/simple/cac-panel/default.nix b/krebs/5pkgs/simple/cac-panel/default.nix deleted file mode 100644 index 57f58f4de..000000000 --- a/krebs/5pkgs/simple/cac-panel/default.nix +++ /dev/null @@ -1,18 +0,0 @@ -{pkgs, python3Packages, ...}: - -python3Packages.buildPythonPackage rec { - name = "cac-panel-${version}"; - version = "0.4.4"; - - src = pkgs.fetchurl { - url = "https://pypi.python.org/packages/source/c/cac-panel/cac-panel-${version}.tar.gz"; - sha256 = "16bx67fsbgwxciik42jhdnfzxx1xp5b0rimzrif3r7h4fawlnld8"; - }; - - propagatedBuildInputs = with python3Packages; [ - docopt - requests - beautifulsoup4 - ]; -} - diff --git a/krebs/5pkgs/simple/certaids.nix b/krebs/5pkgs/simple/certaids.nix index 34f4c3e14..094868680 100644 --- a/krebs/5pkgs/simple/certaids.nix +++ b/krebs/5pkgs/simple/certaids.nix @@ -1,7 +1,7 @@ { pkgs }: -pkgs.write "certaids" { - "/bin/cert2json".link = pkgs.writeDash "cert2json" '' +let + cert2json = pkgs.writeDash "cert2json" '' # usage: cert2json < CERT > JSON set -efu @@ -106,4 +106,9 @@ pkgs.write "certaids" { } ''} ''; -} +in + +pkgs.runCommand "certaids" {} '' + mkdir -p $out/bin + ln -s ${cert2json} $out/bin/cert2json +'' diff --git a/krebs/5pkgs/simple/cgit-clear-cache.nix b/krebs/5pkgs/simple/cgit-clear-cache.nix index 31a2eccb3..e630a4066 100644 --- a/krebs/5pkgs/simple/cgit-clear-cache.nix +++ b/krebs/5pkgs/simple/cgit-clear-cache.nix @@ -1,4 +1,8 @@ -{ cache-root ? "/tmp/cgit", findutils, stockholm, writeDashBin }: +{ cache-root ? "/tmp/cgit", findutils, lib, writeDashBin }: + +let + stockholm.lib = import ../../../lib/pure.nix { inherit lib; }; +in writeDashBin "cgit-clear-cache" '' set -efu diff --git a/krebs/5pkgs/simple/cunicu.nix b/krebs/5pkgs/simple/cunicu.nix index 4375a760c..8e193d455 100644 --- a/krebs/5pkgs/simple/cunicu.nix +++ b/krebs/5pkgs/simple/cunicu.nix @@ -1,6 +1,6 @@ { lib, pkgs }: -pkgs.buildGo120Module rec { +pkgs.buildGoModule rec { pname = "cunicu"; version = "g${lib.substring 0 7 src.rev}"; diff --git a/krebs/5pkgs/simple/default.nix b/krebs/5pkgs/simple/default.nix index 76ad6ff10..a07e88c3b 100644 --- a/krebs/5pkgs/simple/default.nix +++ b/krebs/5pkgs/simple/default.nix @@ -3,8 +3,9 @@ self: super: let # This callPackage will try to detect obsolete overrides. lib = super.stockholm.lib; + callPackage' = lib.callPackageWith self; callPackage = path: args: let - override = self.callPackage path args; + override = callPackage' path args; upstream = lib.optionalAttrs (override ? "name") (super.${(lib.parseDrvName override.name).name} or {}); in if upstream ? "name" && diff --git a/krebs/5pkgs/simple/drivedroid-gen-repo/default.nix b/krebs/5pkgs/simple/drivedroid-gen-repo/default.nix deleted file mode 100644 index dee96d784..000000000 --- a/krebs/5pkgs/simple/drivedroid-gen-repo/default.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ fetchurl, lib, stdenv, python3Packages }: - -python3Packages.buildPythonPackage rec { - name = "drivedroid-gen-repo-${version}"; - version = "0.4.4"; - - propagatedBuildInputs = [ - python3Packages.docopt - ]; - - src = fetchurl { - url = "https://pypi.python.org/packages/source/d/drivedroid-gen-repo/drivedroid-gen-repo-${version}.tar.gz"; - sha256 = "09p58hzp61r5fp025lak9z52y0aakmaqpi59p9w5xq42dvy2hnvl"; - }; - - meta = { - homepage = http://krebsco.de/; - description = "Generate Drivedroid repos"; - license = lib.licenses.wtfpl; - }; -} - diff --git a/krebs/5pkgs/simple/eximlog.nix b/krebs/5pkgs/simple/eximlog.nix index 9e5ae8d63..4abbcfc5a 100644 --- a/krebs/5pkgs/simple/eximlog.nix +++ b/krebs/5pkgs/simple/eximlog.nix @@ -1,7 +1,7 @@ -{ jq, stockholm, systemd, writeDashBin }: +{ jq, lib, systemd, writeDashBin }: let - lib = stockholm.lib; + stockholm.lib = import ../../../lib/pure.nix { inherit lib; }; user = "exim"; # TODO make this configurable in @@ -10,7 +10,7 @@ in writeDashBin "eximlog" '' ${systemd}/bin/journalctl \ - -u ${lib.shell.escape user} \ + -u ${stockholm.lib.shell.escape user} \ -o short-unix \ "$@" \ | diff --git a/krebs/5pkgs/simple/fortclientsslvpn/default.nix b/krebs/5pkgs/simple/fortclientsslvpn/default.nix index 1f86d6fe4..b895eef89 100644 --- a/krebs/5pkgs/simple/fortclientsslvpn/default.nix +++ b/krebs/5pkgs/simple/fortclientsslvpn/default.nix @@ -1,4 +1,4 @@ -{ stdenv, lib, fetchurl, gnome3, glib, libSM, gdk_pixbuf, libX11, libXinerama, iproute, +{ stdenv, lib, fetchurl, gtk3, glib, xorg, gdk-pixbuf, iproute2, makeWrapper, libredirect, ppp, coreutils, gawk, pango }: stdenv.mkDerivation rec { name = "forticlientsslvpn"; @@ -31,12 +31,12 @@ stdenv.mkDerivation rec { ]; guiLibPath = lib.makeLibraryPath [ - gnome3.gtk + gtk3 glib - libSM - gdk_pixbuf - libX11 - libXinerama + xorg.libSM + gdk-pixbuf + xorg.libX11 + xorg.libXinerama pango ]; @@ -63,7 +63,7 @@ stdenv.mkDerivation rec { cp -r 64bit/. "$out/opt/fortinet" wrapProgram $out/opt/fortinet/forticlientsslvpn \ --set LD_PRELOAD "${libredirect}/lib/libredirect.so" \ - --set NIX_REDIRECTS /usr/bin/tail=${coreutils}/bin/tail:/usr/sbin/ip=${iproute}/bin/ip:/usr/sbin/pppd=${ppp}/bin/pppd + --set NIX_REDIRECTS /usr/bin/tail=${coreutils}/bin/tail:/usr/sbin/ip=${iproute2}/bin/ip:/usr/sbin/pppd=${ppp}/bin/pppd mkdir -p "$out/bin/" diff --git a/krebs/5pkgs/simple/ftb/default.nix b/krebs/5pkgs/simple/ftb/default.nix index 8007eaa52..1509961cd 100644 --- a/krebs/5pkgs/simple/ftb/default.nix +++ b/krebs/5pkgs/simple/ftb/default.nix @@ -1,7 +1,7 @@ { fetchurl, lib, stdenv -, jre, libX11, libXext, libXcursor, libXrandr, libXxf86vm +, jre, xorg , openjdk -, mesa_glu, openal +, libGLU, openal , useAlsa ? false, alsaOss ? null }: with lib; @@ -26,7 +26,7 @@ stdenv.mkDerivation { #!${stdenv.shell} export _JAVA_AWT_WM_NONREPARENTING=1 - export LD_LIBRARY_PATH=\$LD_LIBRARY_PATH:${makeLibraryPath [ libX11 libXext libXcursor libXrandr libXxf86vm mesa_glu openal ]} + export LD_LIBRARY_PATH=\$LD_LIBRARY_PATH:${makeLibraryPath [ xorg.libX11 xorg.libXext xorg.libXcursor xorg.libXrandr xorg.libXxf86vm libGLU openal ]} ${if useAlsa then "${alsaOss}/bin/aoss" else "" } \ ${jre}/bin/java -jar $out/ftb.jar EOF diff --git a/krebs/5pkgs/simple/games-user-env/default.nix b/krebs/5pkgs/simple/games-user-env/default.nix deleted file mode 100644 index abe770ed1..000000000 --- a/krebs/5pkgs/simple/games-user-env/default.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ lib, pkgs, ... }: let - -#TODO: make sure env exists prior to running -env_nix = pkgs.writeText "env.nix" '' - { pkgs ? import <nixpkgs> {} }: - - (pkgs.buildFHSUserEnv { - name = "simple-x11-env"; - targetPkgs = pkgs: with pkgs; [ - coreutils - ]; - multiPkgs = pkgs: with pkgs; [ - alsaLib - zlib - xorg.libXxf86vm - curl - openal - openssl_1_0_2 - xorg.libXext - xorg.libX11 - xorg.libXrandr - xorg.libXcursor - xorg.libXinerama - xorg.libXi - mesa_glu - ]; - runScript = "bash"; - }).env -''; - - -in pkgs.writeDashBin "games-user-env" '' - nix-shell ${env_nix} -'' diff --git a/krebs/5pkgs/simple/generate-secrets/default.nix b/krebs/5pkgs/simple/generate-secrets/default.nix deleted file mode 100644 index 8522b5dda..000000000 --- a/krebs/5pkgs/simple/generate-secrets/default.nix +++ /dev/null @@ -1,49 +0,0 @@ -{ pkgs }: -pkgs.writers.writeDashBin "generate-secrets" '' - set -eu - HOSTNAME="$1" - TMPDIR=$(${pkgs.coreutils}/bin/mktemp -d) - cd $TMPDIR - - PASSWORD=$(${pkgs.pwgen}/bin/pwgen 25 1) - HASHED_PASSWORD=$(echo $PASSWORD | ${pkgs.hashPassword}/bin/hashPassword -s) > /dev/null - - ${pkgs.openssh}/bin/ssh-keygen -t ed25519 -f $TMPDIR/ssh.id_ed25519 -P "" -C "" >/dev/null - ${pkgs.tinc_pre}/bin/tinc --config "$TMPDIR" generate-keys 4096 >/dev/null - cat <<EOF > $TMPDIR/hashedPasswords.nix - { - root = "$HASHED_PASSWORD"; - } - EOF - - for x in *; do - ${pkgs.coreutils}/bin/cat $x | ${pkgs.brain}/bin/brain insert -m krebs-secrets/$HOSTNAME/$x > /dev/null - done - echo $PASSWORD | ${pkgs.brain}/bin/brain insert -m hosts/$HOSTNAME/root > /dev/null - - cat <<EOF - $HOSTNAME = { - owner = config.krebs.users.krebs; - nets = { - retiolum = { - ip4.addr = "10.243.0.changeme"; - ip6.addr = "42:0:0:0:0:0:0:changeme"; - aliases = [ - "$HOSTNAME.r" - ]; - tinc = { - pubkey = ${"''"} - $(cat $TMPDIR/rsa_key.pub) - ${"''"}; - pubkey_ed25519 = "$(cut -d ' ' -f 3 $TMPDIR/ed25519_key.pub)"; - }; - }; - }; - ssh.privkey.path = "\''${config.krebs.secret.directory}/ssh.id_ed25519"; - ssh.pubkey = "$(cat $TMPDIR/ssh.id_ed25519.pub)"; - }; - EOF - - rm -rf $TMPDIR -'' - diff --git a/krebs/5pkgs/simple/git-hooks/default.nix b/krebs/5pkgs/simple/git-hooks/default.nix index 3ec43739c..e6cde671e 100644 --- a/krebs/5pkgs/simple/git-hooks/default.nix +++ b/krebs/5pkgs/simple/git-hooks/default.nix @@ -1,129 +1,108 @@ -{ pkgs, stockholm, ... }: - -with stockholm.lib; - -{ - # TODO irc-announce should return a derivation - # but it cannot because krebs.git.repos.*.hooks :: attrsOf str - irc-announce = - { cgit_endpoint ? "http://cgit.${nick}.r" - , channel - , nick - , port ? 6667 - , refs ? [] - , server - , tls ? false - , verbose ? false - }: /* sh */ '' - #! /bin/sh - set -euf - - export PATH=${makeBinPath (with pkgs; [ - coreutils - git - gnugrep - gnused - ])} - - green() { printf '\x0303,99%s\x0F' "$1"; } - red() { printf '\x0304,99%s\x0F' "$1"; } - orange() { printf '\x0307,99%s\x0F' "$1"; } - pink() { printf '\x0313,99%s\x0F' "$1"; } - gray() { printf '\x0314,99%s\x0F' "$1"; } - - unset message - add_message() { - message="''${message+$message - }$*" - } - - nick=${escapeShellArg nick} - channel=${escapeShellArg channel} - server=${escapeShellArg server} - tls=${escapeShellArg tls} - port=${toString port} - - host=$nick - - empty=0000000000000000000000000000000000000000 - - while read oldrev newrev ref; do - - if [ $oldrev = $empty ]; then - receive_mode=create - elif [ $newrev = $empty ]; then - receive_mode=delete - elif [ "$(git merge-base $oldrev $newrev)" = $oldrev ]; then - receive_mode=fast-forward - else - receive_mode=non-fast-forward - fi - - ${optionalString (refs != []) '' - if ! { echo "$ref" | grep -qE "${concatStringsSep "|" refs}"; }; then - echo "we are not announcing this ref: $h" - exit 0 - fi - ''} - - h=$(echo $ref | sed 's:^refs/heads/::') - - # empty_tree=$(git hash-object -t tree /dev/null) - empty_tree=4b825dc6 - - id=$(echo $newrev | cut -b-7) - id2=$(echo $oldrev | cut -b-7) - if [ $newrev = $empty ]; then id=$empty_tree; fi - if [ $oldrev = $empty ]; then id2=$empty_tree; fi - - ${if cgit_endpoint != null then /* sh */ '' - cgit_endpoint=${escapeShellArg cgit_endpoint} - case $receive_mode in - create) - link="$cgit_endpoint/$GIT_SSH_REPO/?h=$h" - ;; - delete) - link="$cgit_endpoint/$GIT_SSH_REPO/ ($h)" - ;; - fast-forward|non-fast-forward) - link="$cgit_endpoint/$GIT_SSH_REPO/diff/?h=$h&id=$id&id2=$id2" - ;; - esac - '' else /* sh */ '' - link="$GIT_SSH_REPO $h" - ''} - - #$host $GIT_SSH_REPO $ref $link - add_message $(pink push) $link $(gray "($receive_mode)") - - ${optionalString (verbose == true || typeOf verbose == "set") /* sh */ '' - ${optionalString (verbose.exclude or [] != []) /* sh */ '' - case $ref in (${concatStringsSep "|" verbose.exclude}) - continue - esac - ''} - add_message "$( - git log \ - --format="$(orange %h) %s $(gray '(%ar)')" \ - --no-merges \ - --reverse \ - $id2..$id - - git diff --stat $id2..$id \ - | sed '$!s/\(+*\)\(-*\)$/'$(green '\1')$(red '\2')'/' - )" - ''} - - done - - if test -n "''${message-}"; then - exec ${pkgs.irc-announce}/bin/irc-announce \ - "$server" \ - "$port" \ - "$nick" \ - "$channel" \ - "$tls" \ - "$message" - fi - ''; +{ pkgs, lib, writeDash, ... }: + +let + stockholm.lib = import ../../../../lib/pure.nix { inherit lib; }; + inherit (stockholm.lib) makeBinPath; +in + +pkgs.runCommand "irc-announce-git-hook" {} '' + mkdir -p $out/bin + cat > $out/bin/irc-announce-git-hook << 'OUTER' +#!${pkgs.dash}/bin/dash +set -euf + +# Required environment variables: +# IRC_SERVER, IRC_PORT, IRC_NICK, IRC_CHANNEL +# Optional: IRC_TLS (set to "true" for TLS), CGIT_ENDPOINT, VERBOSE + +export PATH=${makeBinPath (with pkgs; [ + coreutils + git + gnugrep + gnused +])}:$PATH + +green() { printf '\x0303,99%s\x0F' "$1"; } +red() { printf '\x0304,99%s\x0F' "$1"; } +orange() { printf '\x0307,99%s\x0F' "$1"; } +pink() { printf '\x0313,99%s\x0F' "$1"; } +gray() { printf '\x0314,99%s\x0F' "$1"; } + +unset message +add_message() { + message="''${message+$message +}$*" } + +empty=0000000000000000000000000000000000000000 + +while read oldrev newrev ref; do + + if [ $oldrev = $empty ]; then + receive_mode=create + elif [ $newrev = $empty ]; then + receive_mode=delete + elif [ "$(git merge-base $oldrev $newrev)" = $oldrev ]; then + receive_mode=fast-forward + else + receive_mode=non-fast-forward + fi + + h=$(echo $ref | sed 's:^refs/heads/::') + + empty_tree=4b825dc6 + + id=$(echo $newrev | cut -b-7) + id2=$(echo $oldrev | cut -b-7) + if [ $newrev = $empty ]; then id=$empty_tree; fi + if [ $oldrev = $empty ]; then id2=$empty_tree; fi + + if [ -n "''${CGIT |