diff options
author | nin <nineinchnade@gmail.com> | 2017-07-06 20:36:05 +0200 |
---|---|---|
committer | nin <nineinchnade@gmail.com> | 2017-07-06 20:36:05 +0200 |
commit | de8baa21bf122242c4ad6a4c17405259037149c8 (patch) | |
tree | 85e34f8040799313fa73a23eddb41ab5eec1d9e9 /krebs | |
parent | 060ae725c32e6490d47bc3153de076ace26b59fd (diff) | |
parent | 438fdd2bd8e363567f544966e49d00f728921301 (diff) |
Merge branch 'master' of prism:stockholm
Diffstat (limited to 'krebs')
-rw-r--r-- | krebs/3modules/build.nix | 2 | ||||
-rw-r--r-- | krebs/3modules/makefu/default.nix | 2 | ||||
-rw-r--r-- | krebs/3modules/urlwatch.nix | 17 | ||||
-rw-r--r-- | krebs/5pkgs/simple/ucspi-tcp/chmod.patch | 15 | ||||
-rw-r--r-- | krebs/5pkgs/simple/ucspi-tcp/default.nix | 86 | ||||
-rw-r--r-- | krebs/5pkgs/simple/whatsupnix/whatsupnix.bash | 9 |
6 files changed, 112 insertions, 19 deletions
diff --git a/krebs/3modules/build.nix b/krebs/3modules/build.nix index 51f192703..976d378f9 100644 --- a/krebs/3modules/build.nix +++ b/krebs/3modules/build.nix @@ -24,4 +24,6 @@ with import <stockholm/lib>; type = types.user; }; }; + + config.krebs.build.source.stockholm.file = mkDefault (toString <stockholm>); } diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 4c0ce0fe3..c517ac1d8 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -308,7 +308,6 @@ with import <stockholm/lib>; extraZones = { "krebsco.de" = '' wry IN A ${nets.internet.ip4.addr} - io IN NS wry.krebsco.de. tinc IN A ${nets.internet.ip4.addr} ''; }; @@ -470,6 +469,7 @@ with import <stockholm/lib>; wiki.euer IN A ${nets.internet.ip4.addr} graph IN A ${nets.internet.ip4.addr} ghook IN A ${nets.internet.ip4.addr} + io IN NS gum.krebsco.de. ''; }; nets = rec { diff --git a/krebs/3modules/urlwatch.nix b/krebs/3modules/urlwatch.nix index c06e5ddb1..463fa26ba 100644 --- a/krebs/3modules/urlwatch.nix +++ b/krebs/3modules/urlwatch.nix @@ -60,6 +60,7 @@ let description = "URL to watch."; example = [ https://nixos.org/channels/nixos-unstable/git-revision + { url = http://localhost ; filter = "grep:important.*stuff"; } ]; apply = map (x: getAttr (typeOf x) { set = x; @@ -79,7 +80,8 @@ let }; urlsFile = pkgs.writeText "urls" - (concatMapStringsSep "\n---\n" toJSON cfg.urls); + (concatMapStringsSep "\n---\n" + (x: toJSON (filterAttrs (n: v: n != "_module") x)) cfg.urls); hooksFile = cfg.hooksFile; @@ -142,17 +144,6 @@ let PrivateTmp = "true"; SyslogIdentifier = "urlwatch"; Type = "oneshot"; - ExecStartPre = - pkgs.writeDash "urlwatch-prestart" '' - set -euf - - dataDir=$HOME - - if ! test -e "$dataDir"; then - mkdir -m 0700 -p "$dataDir" - chown ${user.name}: "$dataDir" - fi - ''; ExecStart = pkgs.writeDash "urlwatch" '' set -euf @@ -185,6 +176,8 @@ let }; users.extraUsers = singleton { inherit (user) name uid; + home = cfg.dataDir; + createHome = true; }; }; diff --git a/krebs/5pkgs/simple/ucspi-tcp/chmod.patch b/krebs/5pkgs/simple/ucspi-tcp/chmod.patch new file mode 100644 index 000000000..dd6933208 --- /dev/null +++ b/krebs/5pkgs/simple/ucspi-tcp/chmod.patch @@ -0,0 +1,15 @@ +diff --git a/hier.c b/hier.c +index 5663ada..1d73b84 100644 +--- a/hier.c ++++ b/hier.c +@@ -2,8 +2,8 @@ + + void hier() + { +- h(auto_home,-1,-1,02755); +- d(auto_home,"bin",-1,-1,02755); ++ h(auto_home,-1,-1,0755); ++ d(auto_home,"bin",-1,-1,0755); + + c(auto_home,"bin","tcpserver",-1,-1,0755); + c(auto_home,"bin","tcprules",-1,-1,0755); diff --git a/krebs/5pkgs/simple/ucspi-tcp/default.nix b/krebs/5pkgs/simple/ucspi-tcp/default.nix new file mode 100644 index 000000000..3b043be06 --- /dev/null +++ b/krebs/5pkgs/simple/ucspi-tcp/default.nix @@ -0,0 +1,86 @@ +{ stdenv, fetchurl }: + +stdenv.mkDerivation rec { + name = "ucspi-tcp-0.88"; + + src = fetchurl { + url = "http://cr.yp.to/ucspi-tcp/${name}.tar.gz"; + sha256 = "171yl9kfm8w7l17dfxild99mbf877a9k5zg8yysgb1j8nz51a1ja"; + }; + + # Plain upstream tarball doesn't build, get patches from Debian + patches = [ + (fetchurl { + url = "http://ftp.de.debian.org/debian/pool/main/u/ucspi-tcp/ucspi-tcp_0.88-3.diff.gz"; + sha256 = "0mzmhz8hjkrs0khmkzs5i0s1kgmgaqz07h493bd5jj5fm5njxln6"; + }) + ./chmod.patch + ]; + + # Apply Debian patches + postPatch = '' + for fname in debian/diff/*.diff; do + echo "Applying patch $fname" + patch < "$fname" + done + ''; + + # The build system is weird; 'make install' doesn't install anything, instead + # it builds an executable called ./install (from C code) which installs + # binaries to the directory given on line 1 in ./conf-home. + # + # Also, assume getgroups and setgroups work, instead of doing a build time + # test that breaks on NixOS (I think because nixbld users lack CAP_SETGID + # capability). + preBuild = '' + echo "$out" > conf-home + + echo "main() { return 0; }" > chkshsgr.c + ''; + + installPhase = '' + mkdir -p "$out/bin" + mkdir -p "$out/share/man/man1" + + # run the newly built installer + ./install + + # Install Debian man pages (upstream has none) + cp debian/ucspi-tcp-man/*.1 "$out/share/man/man1" + ''; + + meta = with stdenv.lib; { + description = "Command-line tools for building TCP client-server applications"; + longDescription = '' + tcpserver waits for incoming connections and, for each connection, runs a + program of your choice. Your program receives environment variables + showing the local and remote host names, IP addresses, and port numbers. + + tcpserver offers a concurrency limit to protect you from running out of + processes and memory. When you are handling 40 (by default) simultaneous + connections, tcpserver smoothly defers acceptance of new connections. + + tcpserver also provides TCP access control features, similar to + tcp-wrappers/tcpd's hosts.allow but much faster. Its access control rules + are compiled into a hashed format with cdb, so it can easily deal with + thousands of different hosts. + + This package includes a recordio tool that monitors all the input and + output of a server. + + tcpclient makes a TCP connection and runs a program of your choice. It + sets up the same environment variables as tcpserver. + + This package includes several sample clients built on top of tcpclient: + who@, date@, finger@, http@, tcpcat, and mconnect. + + tcpserver and tcpclient conform to UCSPI, the UNIX Client-Server Program + Interface, using the TCP protocol. UCSPI tools are available for several + different networks. + ''; + homepage = http://cr.yp.to/ucspi-tcp.html; + license = licenses.publicDomain; + platforms = platforms.linux; + maintainers = [ maintainers.bjornfor ]; + }; +} diff --git a/krebs/5pkgs/simple/whatsupnix/whatsupnix.bash b/krebs/5pkgs/simple/whatsupnix/whatsupnix.bash index 042763048..2ad9aadc9 100644 --- a/krebs/5pkgs/simple/whatsupnix/whatsupnix.bash +++ b/krebs/5pkgs/simple/whatsupnix/whatsupnix.bash @@ -17,25 +17,22 @@ # 2 Build error; at least one failed derivation could be found. # -GAWK=${GAWK:-gawk} -NIX_STORE=${NIX_STORE:-nix-store} - failed_drvs=$(mktemp --tmpdir whatsupnix.XXXXXXXX) trap 'rm -f -- "$failed_drvs"' EXIT exec >&2 -$GAWK -v failed_drvs="$failed_drvs" ' +gawk -v failed_drvs="$failed_drvs" ' match($0, /^builder for ‘(\/nix\/store\/[^’]+\.drv)’ failed/, m) { print m[1] >> failed_drvs } - { print $0 } + { print $0; fflush("/dev/stdout") } ' case $# in 0) print_log() { - NIX_PAGER= $NIX_STORE -l "$1" + NIX_PAGER= nix-store -l "$1" } ;; 1) |