summaryrefslogtreecommitdiffstats
path: root/Zpkgs/krebs
diff options
context:
space:
mode:
authortv <tv@shackspace.de>2015-07-24 12:03:51 +0200
committertv <tv@shackspace.de>2015-07-24 12:04:38 +0200
commite3b72bb66e7c6bf410c8db81ff04e355a7b22116 (patch)
tree53b9f0c9bc9042c612c9937d61af84e57500fc69 /Zpkgs/krebs
parentb6987329fe6dca5aca96fc651f06867c26dbf236 (diff)
3: {tv -> krebs}.github-hosts-sync
Diffstat (limited to 'Zpkgs/krebs')
-rw-r--r--Zpkgs/krebs/default.nix11
-rw-r--r--Zpkgs/krebs/github-hosts-sync.nix40
-rw-r--r--Zpkgs/krebs/github-known_hosts.nix13
3 files changed, 64 insertions, 0 deletions
diff --git a/Zpkgs/krebs/default.nix b/Zpkgs/krebs/default.nix
new file mode 100644
index 000000000..be8f72011
--- /dev/null
+++ b/Zpkgs/krebs/default.nix
@@ -0,0 +1,11 @@
+{ pkgs, ... }:
+
+let
+ inherit (pkgs) callPackage;
+in
+
+pkgs //
+{
+ github-hosts-sync = callPackage ./github-hosts-sync.nix {};
+ github-known_hosts = callPackage ./github-known_hosts.nix {};
+}
diff --git a/Zpkgs/krebs/github-hosts-sync.nix b/Zpkgs/krebs/github-hosts-sync.nix
new file mode 100644
index 000000000..d69b2b12b
--- /dev/null
+++ b/Zpkgs/krebs/github-hosts-sync.nix
@@ -0,0 +1,40 @@
+{ stdenv, fetchgit, pkgs, ... }:
+
+stdenv.mkDerivation {
+ name = "github-hosts-sync";
+
+ src = fetchgit {
+ url = https://github.com/krebscode/painload;
+ rev = "35ccac73d563ad30d2851b9aeed4cfef69ff74e3";
+ sha256 = "1y1fs2p3xj2yrqpw0h5kd0f3c5p1y70xk1hjnw99sr33r67s9c35";
+ };
+
+ phases = [
+ "unpackPhase"
+ "installPhase"
+ ];
+
+ installPhase =
+ let
+ ca-bundle = "${pkgs.cacert}/etc/ca-bundle.crt";
+ path = stdenv.lib.makeSearchPath "bin" (with pkgs; [
+ coreutils
+ findutils
+ git
+ gnugrep
+ gnused
+ openssh
+ socat
+ ]);
+ in
+ ''
+ mkdir -p $out/bin
+
+ sed \
+ 's,^main() {$,&\n export PATH=${path} GIT_SSL_CAINFO=${ca-bundle},' \
+ < ./retiolum/scripts/github_hosts_sync/hosts-sync \
+ > $out/bin/github-hosts-sync
+
+ chmod +x $out/bin/github-hosts-sync
+ '';
+}
diff --git a/Zpkgs/krebs/github-known_hosts.nix b/Zpkgs/krebs/github-known_hosts.nix
new file mode 100644
index 000000000..302fdd8d5
--- /dev/null
+++ b/Zpkgs/krebs/github-known_hosts.nix
@@ -0,0 +1,13 @@
+{ lib, ... }:
+
+with builtins;
+with lib;
+
+let
+ github-pubkey = removeSuffix "\n" (readFile ../../Zpubkeys/github.ssh.pub);
+in
+
+toFile "github-known_hosts"
+ (concatMapStrings
+ (i: "github.com,192.30.252.${toString i} ${github-pubkey}\n")
+ (range 0 255))