diff options
| author | makefu <github@syntax-fehler.de> | 2021-11-07 14:31:25 +0100 |
|---|---|---|
| committer | makefu <github@syntax-fehler.de> | 2021-11-07 14:31:25 +0100 |
| commit | 597f546e9833b2569ee6ec540f688f7fb95bd26c (patch) | |
| tree | e7393bb0aea4faee24e85e63d82843bd3b9a0bac /krebs | |
| parent | 9392c355ad5198346313ef0972db1910c10d17bf (diff) | |
| parent | 0e668121a1388914f33a6546c2f63adc212a38c4 (diff) | |
Merge remote-tracking branch 'lass/master'
Diffstat (limited to 'krebs')
51 files changed, 290 insertions, 382 deletions
diff --git a/krebs/2configs/ircd.nix b/krebs/2configs/ircd.nix index d26aa5962..904878731 100644 --- a/krebs/2configs/ircd.nix +++ b/krebs/2configs/ircd.nix @@ -1,13 +1,13 @@ -{ config, pkgs, ... }: +{ config, pkgs, lib, ... }: { networking.firewall.allowedTCPPorts = [ 6667 6669 ]; - systemd.services.solanum.serviceConfig.LimitNOFILE = 16384; + systemd.services.solanum.serviceConfig.LimitNOFILE = lib.mkForce 16384; - krebs.solanum = { + services.solanum = { enable = true; motd = '' hello diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 149995a23..24b17487b 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -50,7 +50,6 @@ let ./secret.nix ./setuid.nix ./shadow.nix - ./solanum.nix ./sync-containers.nix ./tinc.nix ./tinc_graphs.nix diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index eff2967e0..28d58b525 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -150,6 +150,7 @@ in { "makanek.r" "makanek.kmein.r" "grafana.kmein.r" + "names.kmein.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -263,6 +264,7 @@ in { "zaatar.r" "zaatar.kmein.r" "radio.kmein.r" + "bvg.kmein.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -585,7 +587,7 @@ in { nets = { retiolum = { ip4.addr = "10.243.13.12"; - aliases = [ "catalonia.r" "aleph.r" ]; + aliases = [ "catalonia.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- MIICCgKCAgEAug+nej8/spuRHdzcfBYAuzUVoiq4YufmJqXSshvgf4aqjeVEt91Y diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix index 3ef693290..b4e046303 100644 --- a/krebs/3modules/external/mic92.nix +++ b/krebs/3modules/external/mic92.nix @@ -256,6 +256,10 @@ in { okelmann = { owner = config.krebs.users.mic92; nets.retiolum = { + addrs = [ + config.krebs.hosts.okelmann.nets.retiolum.ip4.addr + config.krebs.hosts.okelmann.nets.retiolum.ip6.addr + ]; ip4.addr = "10.243.29.190"; aliases = [ "okelmann.r" @@ -275,6 +279,10 @@ in { aendernix = { owner = config.krebs.users.mic92; nets.retiolum = { + addrs = [ + config.krebs.hosts.aendernix.nets.retiolum.ip4.addr + config.krebs.hosts.aendernix.nets.retiolum.ip6.addr + ]; ip4.addr = "10.243.29.172"; aliases = [ "aendernix.r" @@ -296,6 +304,30 @@ in { ''; }; }; + aenderpad = { + owner = config.krebs.users.mic92; + nets.retiolum = { + addrs = [ + config.krebs.hosts.aenderpad.nets.retiolum.ip4.addr + config.krebs.hosts.aenderpad.nets.retiolum.ip6.addr + ]; + ip4.addr = "10.243.29.201"; + aliases = [ + "aendernix.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAvHSVUd6/5P2rK3s9iQhVrxkjufDIi0Kn04iVB4Z0TpUvnmFAP+Hv + d7umo95lNkAPL9c3byv4ooQjOskrp7GmgQRijLUvJSAZ9FBVWPAjMXs+gk9oJnQj + 6bovXJ3DurmW3h1ZRmkWn256j7g8lEMtf5LGFxs9Bwi4wqZTbI6DzTQhmNm76Spb + 2UMSzr9kDcNj5r6LDhDKEDtx4P1Opshgsf9AusV81N5nqDcvAYsvEqYoPvjKIPwF + 5jtfHY7hM7SdYoVgdAY8RFH7xuRkLQW4LBxPKjP3pEQPCgXcuEELm33PGr+w/vhC + jxeyKP+uSeuBBMSatTWG3kU8W2LxVML65QIDAQAB + -----END RSA PUBLIC KEY----- + Ed25519PublicKey = jC2UzKiUtWUlZF2ET88qM+Ot+GpoWxFFfpi8TCCr0uM + ''; + }; + }; dimitra = { owner = config.krebs.users.mic92; nets.retiolum = { @@ -761,5 +793,81 @@ in { }; }; }; + + + ryan = { + owner = config.krebs.users.mic92; + nets = rec { + retiolum = { + addrs = [ + config.krebs.hosts.ryan.nets.retiolum.ip4.addr + config.krebs.hosts.ryan.nets.retiolum.ip6.addr + ]; + ip4.addr = "10.243.29.198"; + aliases = [ "ryan.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA0RE5jmBiEGmaYLVFmpCyVvlb6K3Zh2uxh7sVm44k31d9PEHHm4Wz + HQH+ueaefGVu19xLRJQGu4ZMl7oRbb5awiqKdSGgInhQaNzxUIHW4cCCdOVkgZSy + NjI9LMcc8tQtkoFGt6OhAzaViuGMo+aJAkLuXNf8hz5uR2flqQEeKfG5Kc7Z1DAQ + QNoBRtY0pltyK2y/Ip8cZ9cdxR5oLww67ykhY+eLy9tZLfKs6uWSq+2CV0cpNNQ9 + Sh8fSbkjb4+JkxWAHDOyAnwFxnxstMcW0cscOW7nXYDi5IpvvesJlk698un7bLhm + vCkAd+WiNuTGfs9t0r6FDDVDREBhNk1sLwIDAQAB + -----END RSA PUBLIC KEY----- + Ed25519PublicKey = sOD149OLZ2yUEjRpwbGdwHULKF2qNY3F+9AsEi1G0ZM + ''; + }; + }; + }; + + graham = { + owner = config.krebs.users.mic92; + nets = rec { + retiolum = { + addrs = [ + config.krebs.hosts.graham.nets.retiolum.ip4.addr + config.krebs.hosts.graham.nets.retiolum.ip6.addr + ]; + ip4.addr = "10.243.29.199"; + aliases = [ "graham.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAtnM8VqFlEPLPYfKOZvN4kKklrVEyX4WewlqHO8vtxML9ND5BHCdn + UeRsThvbKVRqEvZLTAXKClZRYVr2IroHqfx0euTq3FYTUbNNQ4KgcFAfLKWoxGfK + HsQbYpS93/sUtmhRBGcgXPnEkE6yqvFBXxcmB1QqdmgYKdY2Gtikwrv/5hb4AlNe + /gyzKGtAKYogspLI6EpEwlD9CGDNIUPJ4uQ56gDhV/qtyMSE6X0igSSVZayDc+x1 + InPkH90xsa0/uXjYDnXNdMguLArGkRzMhd6DzK4vEaPFIX59yMX+tEj46rGY7xAI + gUZUI2codqY5Z93W5GC+ws34y0bpfeMMWwIDAQAB + -----END RSA PUBLIC KEY----- + Ed25519PublicKey = xMJNMMXZRCbWkN9CzLFohkGUK54dPcrrosFD7xgIFXA + ''; + }; + }; + }; + + maurice = { + owner = config.krebs.users.mic92; + nets = rec { + retiolum = { + addrs = [ + config.krebs.hosts.maurice.nets.retiolum.ip4.addr + config.krebs.hosts.maurice.nets.retiolum.ip6.addr + ]; + ip4.addr = "10.243.29.200"; + aliases = [ "maurice.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAsLKBfPtZkjWGu6uitCV+4c5aQox2t4N8XNhY2mqE806XsYrqAC+y + d0oLOxRMUjfh9stDnEW/YRoLEKz9oZdRYd4eenP0Q3c3HdRFDBNCs27M5a8ysqZD + 5w9+B+9OfUmMv61NyKiaR6WtoGbE849cj1UNk1z04elshfU7h829D8QnD4j1A1gf + bOaNG+RzOP6qP/6Q30rxAiTxRPi+FhcHvxa33y1ZVobvnfGcJa+AzsTbgH9T9Yob + GuXFZvuQVSyWOLOgY/vVml904q8gScMpBesAsZJ7DEXxSTga0Rt99Ti3d9ABwBI5 + 1YabQlGLaAkrj3PMgrDyayzGBDDDva9fEQIDAQAB + -----END RSA PUBLIC KEY----- + Ed25519PublicKey = pkMuJ4kbyleQAdau+sfmLtzTuUy7uL+wwcgV/GWC7/N + ''; + }; + }; + }; }; } diff --git a/krebs/3modules/fetchWallpaper.nix b/krebs/3modules/fetchWallpaper.nix index 852c8f630..dc0133a63 100644 --- a/krebs/3modules/fetchWallpaper.nix +++ b/krebs/3modules/fetchWallpaper.nix @@ -55,10 +55,12 @@ let name = "fetchWallpaper"; uid = genid_uint31 "fetchWallpaper"; description = "fetchWallpaper user"; + group = "fetchWallpaper"; home = cfg.stateDir; createHome = true; isSystemUser = true; }; + users.groups.fetchWallpaper = {}; systemd.timers.fetchWallpaper = { description = "fetch wallpaper timer"; diff --git a/krebs/3modules/git.nix b/krebs/3modules/git.nix index d31d91b7c..0aa1ae0f2 100644 --- a/krebs/3modules/git.nix +++ b/krebs/3modules/git.nix @@ -362,10 +362,8 @@ let users.users.${cfg.user.name} = { inherit (cfg.user) home name uid; description = "Git repository hosting user"; - extraGroups = [ - # To allow running cgit-clear-cache via hooks. - cfg.cgit.fcgiwrap.group.name - ]; + # To allow running cgit-clear-cache via hooks. + group = cfg.cgit.fcgiwrap.group.name; isSystemUser = true; shell = "/bin/sh"; openssh.authorizedKeys.keys = diff --git a/krebs/3modules/krebs/default.nix b/krebs/3modules/krebs/default.nix index c05409fe9..ec499d63d 100644 --- a/krebs/3modules/krebs/default.nix +++ b/krebs/3modules/krebs/default.nix @@ -105,6 +105,7 @@ in { "go.r" "rss.r" ]; + tinc.port = 0; tinc.pubkey = '' -----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA9PY6t6P1ytgo8qYL2QDc @@ -165,6 +166,7 @@ in { "build.puyak.r" "cgit.puyak.r" ]; + tinc.port = 0; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- MIIBCgKCAQEAwwDvaVKSJmAi1fpbsmjLz1DQVTgqnx56GkHKbz5sHwAfPVQej955 diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 3419d806c..e96b4d8be 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -37,6 +37,7 @@ in { default._domainkey 60 IN TXT "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUv3DMndFellqu208feABEzT/PskOfTSdJCOF/HELBR0PHnbBeRoeHEm9XAcOe/Mz2t/ysgZ6JFXeFxCtoM5fG20brUMRzsVRxb9Ur5cEvOYuuRrbChYcKa+fopu8pYrlrqXD3miHISoy6ErukIYCRpXWUJHi1TlNQhLWFYqAaywIDAQAB" cache 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} cgit 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} + pad 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} codi 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} go 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} io 60 IN NS ions.lassul.us. @@ -48,6 +49,7 @@ in { jitsi 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} streaming 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} mumble 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} + mail 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} ''; }; nets = rec { @@ -122,33 +124,6 @@ in { ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsANFdMi825qWQXQbWLYuNZ6/fARt3lnh1KStQHQQMD"; syncthing.id = "QITFKYQ-VEPIPL2-AZIXHMD-BBT62ML-YHSB35A-BSUIBXS-QYMPFHW-M7XN2QU"; }; - uriel = { - monitoring = false; - cores = 1; - nets = { - retiolum = { - ip4.addr = "10.243.81.176"; - ip6.addr = r6 "1e1"; - aliases = [ - "uriel.r" - ]; - tinc.port = 0; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAzw0pvoEmqeqiZrzSOPH0IT99gr1rrvMZbvabXoU4MAiVgGoGrkmR - duJkk8Fj12ftMc+Of1gnwDkFhRcfAKOeH1RSc4CTircWVq99WyecTwEZoaR/goQb - MND022kIBoG6NQNxv1Y5I1B/h7hfloMFEPym9oFtOAXoGhBY2vVl4g64NNz+RLME - m1RipLXKANAh6LRNPGPQCUYX4TVY2ZJVxM3CM1XdomUAdOYXJmWFyUg9NcIKaacx - uRrmuy7J9yFBcihZX5Y7NV361kINrpRmZYxJRf9cr0hb5EkJJ7bMIKQMEFQ5RnYo - u7MPGKD7aNHa6hLLCeIfJ5u0igVmSLh3pwIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - ssh.privkey.path = <secrets/ssh.id_ed25519>; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBryIo/Waw8SWvlQ0+5I+Bd/dJgcMd6iPXtELS6gQXoc"; - secure = true; - }; mors = { cores = 2; nets = { @@ -418,38 +393,6 @@ in { ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE5HyLyaIvVH0qHIQ4ciKhDiElhSqsK+uXcA6lTvL+5n"; syncthing.id = "EA76ZHP-DF2I3CJ-NNTFEUH-YGPQK5S-T7FQ6JA-BNQQUNC-GF2YL46-CKOZCQM"; }; - red = { - monitoring = false; - cores = 1; - nets = { - retiolum = { - ip4.addr = "10.243.0.13"; - ip6.addr = r6 "12ed"; - aliases = [ - "red.r" - ]; - tinc.port = 0; - tinc.pubkey = '' - -----BEGIN PUBLIC KEY----- - MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArAN/62V2MV18wsZ9VMTG - 4/cqsjvHlffAN8jYDq+GImgREvbiLlFhhHgxwKh0gcDTR8P1xX/00P3/fx/g5bRF - Te7LZT2AFmVFFFfx1n9NBweN/gG2/hzB9J8epbWLNT+RzpzHuAoREvDZ+jweSXaI - phdmQY2s36yrR3TAShqq0q4cwlXuHT00J+InDutM0mTftBQG/fvYkBhHOfq4WSY0 - FeMK7DTKNbsqQiKKQ/kvWi7KfTW0F0c7SDpi7BLwbQzP2WbogtGy9MIrw9ZhE6Ox - TVdAksPKw0TlYdb16X/MkbzBqTYbxFlmWzpMJABMxIVwAfQx3ZGYvJDdDXmQS2qa - mDN2xBb/5pj3fbfp4wbwWlRVSd/AJQtRvaNY24F+UsRJb0WinIguDI6oRZx7Xt8w - oYirKqqq1leb3EYUt8TMIXQsOw0/Iq+JJCwB+ZyLLGVNB19XOxdR3RN1JYeZANpE - cMSS3SdFGgZ//ZAdhIN5kw9yMeKo6Rnt+Vdz3vZWTuSVp/xYO3IMGXNGAdIWIwrJ - 7fwSl/rfXGG816h0sD46U0mxd+i68YOtHlzOKe+vMZ4/FJZYd/E5/IDQluV8HLwa - 5lODfZXUmfStdV+GDA9KVEGUP5xSkC3rMnir66NgHzKpIL002/g/HfGu7O3MrvpW - ng7AMvRv5vbsYcJBj2HUhKUCAwEAAQ== - -----END PUBLIC KEY----- - ''; - }; - }; - ssh.privkey.path = <secrets/ssh.id_ed25519>; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKd/6eCR8yxC14zBJLIQgVa4Zbutv5yr2S8k08ztmBpp"; - }; yellow = { cores = 1; nets = { @@ -583,44 +526,6 @@ in { ci = false; syncthing.id = "PWKVXPB-JCNO6E4-KVIQ7CK-6FSOWHM-AWORMDU-HVVYLKW-44DQTYW-XZT7DQJ"; }; - morpheus = { - cores = 1; - nets = { - retiolum = { - ip4.addr = "10.243.0.19"; - ip6.addr = r6 "012f"; - aliases = [ - "morpheus.r" - ]; - tinc.port = 0; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIICCgKCAgEAptrlSKQKsBH2QMQxllZR94S/fXneajpJifRjXR5bi+7ME2ThdQXY - T7yWiKaUuBJThWged9PdPltLUEMmv+ubQqpWHZq442VWSS36r1yMSGpUeKK+oYMN - /Sfu+1yC4m2uXno95wpJZIcDfbbn26jT6ldJ4Yd97zyrXKljvcdrz3wZzQq0tojh - S5Q59x/aQMJbnQpnlFnMIEVgULuFPW16+vPGsXIPdYNggaF1avcBaFl8i3M0EZVz - Swn4hArDynDJhR7M0QdlwOpOh7O+1iOnmXqqei3LxMVHb+YtzfHgxOPxggUsy7CR - bj9uBR9loGwgmZwaxXd1Vfbw8kn/feOb9FcW73u+SZyzwEA9HFRV0jGQe3P9mGfI - Bwe02DOTVXEB8jTAGCw5T3bXLIOX8kqdlCECuAWFfrt8H+GjZDuGUWRcMn32orMz - sMvkab95ZOHK6Q31mrhILOIOdyZWKPZIabL3HF6CZtu52h6MDHbmGS0w0OJYhj2+ - VnT9ZBoaeooVg8QOE43rCXvmL5vzhLKrj4s/53wTGG5SpzLs9Q9rrJVgAnz4YQ7j - 3Ov5q3Zxyr+vO6O7Pb5X49vCQw/jzK41S0/15GEmKcoxXemzeZCpX1mbeeTUtLvA - U7OJwldrElzictBJ1gT94L4BDvoGZVqAkXJCJPamfsWaiw6SsMqtTfECAwEAAQ== - -----END RSA PUBLIC KEY----- - ''; - }; - wiregrill = { - ip6.addr = w6 "012f"; - aliases = [ - "morpheus.w" - ]; - wireguard.pubkey = "BdiIHJjJQThmZD8DehxPGA+bboBHjljedwaRaV5yyDY="; - }; - }; - ssh.privkey.path = <secrets/ssh.id_ed25519>; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHXS60mmNWMdMRvaPxGn91Cm/hm7zY8xn5rkI4n2KG/f "; - syncthing.id = "JS4RFIL-MJP2SMJ-EOQXCPQ-MC3NB4V-BQ77GN5-LPKGLWY-GHDP732-G22OJQQ"; - }; hilum = { cores = 1; nets = { diff --git a/krebs/3modules/solanum.nix b/krebs/3modules/solanum.nix deleted file mode 100644 index 9094d1003..000000000 --- a/krebs/3modules/solanum.nix +++ /dev/null @@ -1,104 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) mkEnableOption mkIf mkOption singleton types; - inherit (pkgs) coreutils solanum; - cfg = config.krebs.solanum; - - configFile = pkgs.writeText "solanum.conf" '' - ${cfg.config} - ''; -in - -{ - - ###### interface - - options = { - - krebs.solanum = { - - enable = mkEnableOption "Solanum IRC daemon"; - - config = mkOption { - type = types.str; - description = '' - Solanum IRC daemon configuration file. - ''; - }; - - statedir = mkOption { - type = types.path; - default = "/var/lib/solanum"; - description = '' - Location of the state directory of solanum. - ''; - }; - - user = mkOption { - type = types.str; - default = "ircd"; - description = '' - Solanum IRC daemon user. - ''; - }; - - group = mkOption { - type = types.str; - default = "ircd"; - description = '' - Solanum IRC daemon group. - ''; - }; - - motd = mkOption { - type = types.nullOr types.lines; - default = null; - description = '' - Solanum MOTD text. - - Solanum will read its MOTD from /etc/solanum/ircd.motd . - If set, the value of this option will be written to this path. - ''; - }; - - }; - - }; - - - ###### implementation - - config = mkIf cfg.enable (lib.mkMerge [ - { - users.users.${cfg.user} = { - description = "Solanum IRC daemon user"; - uid = config.ids.uids.ircd; - group = cfg.group; - }; - - users.groups.${cfg.group} = { - gid = config.ids.gids.ircd; - }; - - systemd.tmpfiles.rules = [ - "d ${cfg.statedir} - ${cfg.user} ${cfg.group} - -" - ]; - - systemd.services.solanum = { - description = "Solanum IRC daemon"; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - ExecStart = "${solanum}/bin/solanum -foreground -logfile /dev/stdout -configfile ${configFile} -pidfile ${cfg.statedir}/ircd.pid"; - Group = cfg.group; - User = cfg.user; - }; - }; - - } - - (mkIf (cfg.motd != null) { - environment.etc."solanum/ircd.motd".text = cfg.motd; - }) - ]); -} diff --git a/krebs/3modules/sync-containers.nix b/krebs/3modules/sync-containers.nix index fcfaf1dd0..e47f9a3a7 100644 --- a/krebs/3modules/sync-containers.nix +++ b/krebs/3modules/sync-containers.nix @@ -94,7 +94,7 @@ in { programs.fuse.userAllowOther = true; # allow syncthing to enter /var/lib/containers system.activationScripts.containers-enter = mkDefault '' - ${pkgs.coreutils}/bin/chmod a+x /var/lib/containers + ${pkgs.coreutils}/bin/chmod a+x /var/lib/containers || : ''; services.syncthing.declarative.folders = (mapAttrs' (_: ctr: nameValuePair "${(paths ctr.name).${ctr.format}}" ({ diff --git a/krebs/3modules/tinc.nix b/krebs/3modules/tinc.nix index a8a78a43e..2c19aefdb 100644 --- a/krebs/3modules/tinc.nix +++ b/krebs/3modules/tinc.nix @@ -237,9 +237,14 @@ let inherit (cfg.user) home name uid; createHome = true; isSystemUser = true; + group = netname; } ) config.krebs.tinc; + users.groups = mapAttrs' (netname: cfg: + nameValuePair netname {} + ) config.krebs.tinc; + environment.etc = mapAttrs' (netname: cfg: nameValuePair "tinc/${netname}" (mkIf cfg.enableLegacy { source = cfg.confDir; diff --git a/krebs/5pkgs/default.nix b/krebs/5pkgs/default.nix index c077bf4d7..f9ed6439c 100644 --- a/krebs/5pkgs/default.nix +++ b/krebs/5pkgs/default.nix @@ -1,18 +1,23 @@ -with import <stockholm/lib>; - +let + stockholm.lib = import ../../lib; +in +with stockholm.lib; self: super: - -# Import files and subdirectories like they are overlays. -foldl' mergeAttrs {} +fix (foldl' (flip extends) (self: super) ( + [ + (self: super: { inherit stockholm; }) + ] + ++ (map - (name: import (./. + "/${name}") self super) + (name: import (./. + "/${name}")) (filter (name: name != "default.nix" && !hasPrefix "." name) (attrNames (readDir ./.)))) - -// - -{ - brockman = self.haskellPackages.brockman; - reaktor2 = self.haskellPackages.reaktor2; -} + ++ + [ + (self: super: { + brockman = self.haskellPackages.brockman; + reaktor2 = self.haskellPackages.reaktor2; + }) + ] +)) diff --git a/krebs/5pkgs/haskell/X11-aeson.nix b/krebs/5pkgs/haskell/X11-aeson.nix index 7db6c28a8..103d87faa 100644 --- a/krebs/5pkgs/haskell/X11-aeson.nix +++ b/krebs/5pkgs/haskell/X11-aeson.nix @@ -1,4 +1,4 @@ -{ mkDerivation, aeson, base, fetchgit, stdenv, X11 }: +{ mkDerivation, aeson, base, fetchgit, lib, X11 }: mkDerivation { pname = "X11-aeson"; version = "1.0.0"; @@ -9,5 +9,5 @@ mkDerivation { fetchSubmodules = true; }; libraryHaskellDepends = [ aeson base X11 ]; - license = stdenv.lib.licenses.mit; + license = lib.licenses.mit; } diff --git a/krebs/5pkgs/haskell/blessings.nix b/krebs/5pkgs/haskell/blessings.nix index b0e81fdc1..2176db2ff 100644 --- a/krebs/5pkgs/haskell/blessings.nix +++ b/krebs/5pkgs/haskell/blessings.nix @@ -1,6 +1,7 @@ -with import <stockholm/lib>; -{ mkDerivation, base, fetchgit, hspec, QuickCheck, stdenv, text }: let +{ mkDerivation, base, fetchgit, hspec, QuickCheck, lib, stockholm, text }: +with stockholm.lib; +let cfg = { "18.03" = { version = "1.1.0"; @@ -23,5 +24,5 @@ in mkDerivation { testHaskellDepends = [ base hspec QuickCheck ]; doHaddock = false; # WTFPL is the true license, which is unknown to cabal. - license = stdenv.lib.licenses.wtfpl; + license = lib.licenses.wtfpl; } diff --git a/krebs/5pkgs/haskell/brockman/default.nix b/krebs/5pkgs/haskell/brockman/default.nix index d3dbcd89c..de41d1886 100644 --- a/krebs/5pkgs/haskell/brockman/default.nix +++ b/krebs/5pkgs/haskell/brockman/default.nix @@ -2,7 +2,7 @@ , case-insensitive, conduit, containers, directory, feed, filepath , hashable, hslogger, html-entity, http-client, irc-conduit, lens , lrucache, lrucaching, network, optparse-applicative, random, safe -, stdenv, text, time, timerep, wreq +, lib, text, time, timerep, wreq , fetchFromGitHub }: mkDerivation rec { @@ -22,5 +22,5 @@ mkDerivation rec { http-client irc-conduit lens lrucache lrucaching network optparse-applicative random safe text time timerep wreq ]; - license = stdenv.lib.licenses.mit; + license = lib.licenses.mit; } diff --git a/krebs/5pkgs/haskell/default.nix b/krebs/5pkgs/haskell/default.nix index e824699f9..98cbcb3b9 100644 --- a/krebs/5pkgs/haskell/default.nix +++ b/krebs/5pkgs/haskell/default.nix @@ -1,8 +1,9 @@ -with import <stockholm/lib>; +self: super: +with self.stockholm.lib; + let overrides = self: super: mapNixDir (path: self.callPackage path {}) ./.; in -self: super: { haskell = super.haskell // { packages = mapAttrs (name: value: diff --git a/krebs/5pkgs/haskell/email-header.nix b/krebs/5pkgs/haskell/email-header.nix index 94b33e28b..e1e9d423f 100644 --- a/krebs/5pkgs/haskell/email-header.nix +++ b/krebs/5pkgs/haskell/email-header.nix @@ -1,8 +1,10 @@ -with import <stockholm/lib>; { mkDerivation, attoparsec, base, base64-bytestring, bytestring , case-insensitive, containers, exceptions, fetchgit, QuickCheck -, stdenv, tasty, tasty-quickcheck, text, text-icu, time -}: let +, lib, stockholm, tasty, tasty-quickcheck, text, text-icu, time +}: +with stockholm.lib; + +let cfg = { "18.03" = { @@ -40,5 +42,5 @@ in mkDerivation { jailbreak = true; homepage = "http://github.com/knrafto/email-header"; description = "Parsing and rendering of email and MIME headers"; - license = stdenv.lib.licenses.bsd3; + license = lib.licenses.bsd3; } diff --git a/krebs/5pkgs/haskell/hack.nix b/krebs/5pkgs/haskell/hack.nix index 4e157107e..37ef94e46 100644 --- a/krebs/5pkgs/haskell/hack.nix +++ b/krebs/5pkgs/haskell/hack.nix @@ -1,6 +1,5 @@ { mkDerivation, base, blessings, containers, data-default, fetchgit -, lens, mtl, old-locale, process, scanner, stdenv, time, unix -, zippers +, lens, lib, mtl, old-locale, process, scanner, time, unix, zippers }: mkDerivation { pname = "hack"; @@ -18,5 +17,5 @@ mkDerivation { base blessings containers data-default lens mtl old-locale process scanner time unix zippers ]; - license = stdenv.lib.licenses.mit; + license = lib.licenses.mit; } diff --git a/krebs/5pkgs/haskell/kirk.nix b/krebs/5pkgs/haskell/kirk.nix index 073e5d505..d6fdec4c9 100644 --- a/krebs/5pkgs/haskell/kirk.nix +++ b/krebs/5pkgs/haskell/kirk.nix @@ -1,5 +1,5 @@ -{ mkDerivation, async, base, bytestring, fetchgit, network -, optparse-applicative, stdenv, text +{ mkDerivation, async, base, bytestring, fetchgit, lib, network +, optparse-applicative, text }: mkDerivation { pname = "kirk"; @@ -8,6 +8,7 @@ mkDerivation { url = "http://cgit.krebsco.de/kirk"; sha256 = "1acsmmc485c54axpy9bd0320j18hs261vl1vdxns4n04sxzqd7k0"; rev = "cdf3cb373af8f9b03a9487a63eb32e0226913589"; + fetchSubmodules = true; }; isLibrary = true; isExecutable = true; @@ -17,5 +18,5 @@ mkDerivation { executableHaskellDepends = [ async base network optparse-applicative text ]; - license = stdenv.lib.licenses.mit; + license = lib.licenses.mit; } diff --git a/krebs/5pkgs/haskell/much.nix b/krebs/5pkgs/haskell/much.nix index 0a5453c0c..f3aad2ee6 100644 --- a/krebs/5pkgs/haskell/much.nix +++ b/krebs/5pkgs/haskell/much.nix @@ -2,9 +2,9 @@ , blaze-builder, blessings, bytestring, case-insensitive , containers, data-default, deepseq, directory, either , email-header, fetchgit, filepath, friendly-time, http-types -, hyphenation, linebreak, network, old-locale, optparse-applicative -, process, random, rosezipper, safe, scanner, servant-server, split -, stdenv, terminal-size, text, time, transformers +, hyphenation, lib, linebreak, network, old-locale +, optparse-applicative, process, random, rosezipper, safe, scanner +, servant-server, split, terminal-size, text, time, transformers , transformers-compat, unix, vector, wai, warp }: mkDerivation { @@ -32,5 +32,5 @@ mkDerivation { data-default deepseq directory filepath hyphenation linebreak process rosezipper safe scanner text time transformers unix ]; - license = stdenv.lib.licenses.mit; + license = lib.licenses.mit; } diff --git a/krebs/5pkgs/haskell/news.nix b/krebs/5pkgs/haskell/news.nix index ba5e7a5e1..0274ac8d5 100644 --- a/krebs/5pkgs/haskell/news.nix +++ b/krebs/5pkgs/haskell/news.nix @@ -1,5 +1,5 @@ { mkDerivation, base, bloomfilter, bytestring, feed, fetchgit, lens -, stdenv, wreq +, lib, wreq }: mkDerivation { pname = "news"; @@ -14,5 +14,5 @@ mkDerivation { executableHaskellDepends = [ base bloomfilter bytestring feed lens wreq ]; - license = stdenv.lib.licenses.mit; + license = lib.licenses.mit; } diff --git a/krebs/5pkgs/haskell/reaktor2/default.nix b/krebs/5pkgs/haskell/reaktor2/default.nix index 6a48f865c..d41d8d818 100644 --- a/krebs/5pkgs/haskell/reaktor2/default.nix +++ b/krebs/5pkgs/haskell/reaktor2/default.nix @@ -2,7 +2,7 @@ , bytestring, containers, data-default, fetchgit, filepath , hashable, lens, lens-aeson, network, network-simple , network-simple-tls, network-uri, pcre-light, process, random -, servant-server, stdenv, string-conversions, stringsearch, text +, servant-server, lib, string-conversions, stringsearch, text , time, transformers, unagi-chan, unix, unordered-containers , vector, wai, warp }: @@ -24,5 +24,5 @@ mkDerivation rec { random servant-server string-conversions stringsearch text time transformers unagi-chan unix unordered-containers vector wai warp ]; - license = stdenv.lib.licenses.mit; + license = lib.licenses.mit; } diff --git a/krebs/5pkgs/haskell/recht.nix b/krebs/5pkgs/haskell/recht.nix index 7d884a9fa..bf62d3697 100644 --- a/krebs/5pkgs/haskell/recht.nix +++ b/krebs/5pkgs/haskell/recht.nix @@ -1,6 +1,6 @@ { mkDerivation, ansi-terminal, async, base, binary, bytestring , data-default, directory, filepath, megaparsec -, optparse-applicative, pandoc, random, safe, scalpel, stdenv, text +, optparse-applicative, pandoc, random, safe, scalpel, lib, text , time , fetchFromGitHub }: @@ -21,5 +21,5 @@ mkDerivation rec { filepath megaparsec optparse-applicative pandoc random safe scalpel text time ]; - license = stdenv.lib.licenses.mit; + license = lib.licenses.mit; } diff --git a/krebs/5pkgs/haskell/scanner.nix b/krebs/5pkgs/haskell/scanner.nix index 28f89b069..a317e575e 100644 --- a/krebs/5pkgs/haskell/scanner.nix +++ b/krebs/5pkgs/haskell/scanner.nix @@ -1,4 +1,4 @@ -{ mkDerivation, base, fetchgit, stdenv }: +{ mkDerivation, base, fetchgit, lib }: mkDerivation { pname = "scanner"; version = "1.0.1"; @@ -9,5 +9,5 @@ mkDerivation { fetchSubmodules = true; }; libraryHaskellDepends = [ base ]; - license = stdenv.lib.licenses.mit; + license = lib.licenses.mit; } diff --git a/krebs/5pkgs/haskell/xmonad-aeson.nix b/krebs/5pkgs/haskell/xmonad-aeson.nix index 3fccab469..d27f9c783 100644 --- a/krebs/5pkgs/haskell/xmonad-aeson.nix +++ b/krebs/5pkgs/haskell/xmonad-aeson.nix @@ -1,4 +1,4 @@ -{ mkDerivation, aeson, base, fetchgit, stdenv, X11-aeson, xmonad }: +{ mkDerivation, aeson, base, fetchgit, lib, X11-aeson, xmonad }: mkDerivation { pname = "xmonad-aeson"; version = "1.0.0"; @@ -9,5 +9,5 @@ mkDerivation { fetchSubmodules = true; }; libraryHaskellDepends = [ aeson base X11-aeson xmonad ]; - license = stdenv.lib.licenses.mit; + license = lib.licenses.mit; } diff --git a/krebs/5pkgs/haskell/xmonad-stockholm.nix b/krebs/5pkgs/haskell/xmonad-stockholm.nix index 1b197b914..751f26749 100644 --- a/krebs/5pkgs/haskell/xmonad-stockholm.nix +++ b/krebs/5pkgs/haskell/xmonad-stockholm.nix @@ -1,4 +1,4 @@ -{ mkDerivation, base, containers, fetchgit, filepath, stdenv, unix, X11, X11-xft , X11-xshape, xmonad, xmonad-contrib +{ mkDerivation, base, containers, fetchgit, filepath, lib, unix, X11, X11-xft , X11-xshape, xmonad, xmonad-contrib }: mkDerivation rec { pname = "xmonad-stockholm"; @@ -11,5 +11,5 @@ mkDerivation rec { libraryHaskellDepends = [ base containers filepath unix X11 X11-xft X11-xshape xmonad xmonad-contrib ]; - license = stdenv.lib.licenses.mit; + license = lib.licenses.mit; } diff --git a/krebs/5pkgs/override/default.nix b/krebs/5pkgs/override/default.nix index c2149ae55..2291132ba 100644 --- a/krebs/5pkgs/override/default.nix +++ b/krebs/5pkgs/override/default.nix @@ -1,4 +1,3 @@ -with import <stockholm/lib>; self: super: { bitlbee-facebook = super.bitlbee-facebook.overrideAttrs (old: { diff --git a/krebs/5pkgs/simple/bling/default.nix b/krebs/5pkgs/simple/bling/default.nix index 8d6207f65..1c8610325 100644 --- a/krebs/5pkgs/simple/bling/default.nix +++ b/krebs/5pkgs/simple/bling/default.nix @@ -1,6 +1,5 @@ -{ imagemagick, runCommand, ... }: - -with import <stockholm/lib>; +{ imagemagick, runCommand, stockholm, ... }: +with stockholm.lib; let krebs-v2 = [ diff --git a/krebs/5pkgs/simple/buildbot-classic/sqlparse.nix b/krebs/5pkgs/simple/buildbot-classic/sqlparse.nix index b6aee633e..2cbb51845 100644 --- a/krebs/5pkgs/simple/buildbot-classic/sqlparse.nix +++ b/krebs/5pkgs/simple/buildbot-classic/sqlparse.nix @@ -1,4 +1,4 @@ -{ stdenv +{ lib , buildPythonPackage , fetchPypi , pytest @@ -22,7 +22,7 @@ buildPythonPackage rec { # Package supports 3.x, but tests are clearly 2.x only. doCheck = !isPy3k; - meta = with stdenv.lib; { + meta = with lib; { description = "Non-validating SQL parser for Python"; longDescription = '' Provides support for parsing, splitting and formatting SQL statements. diff --git a/krebs/5pkgs/simple/cgit-clear-cache.nix b/krebs/5pkgs/simple/cgit-clear-cache.nix index 28402c39c..31a2eccb3 100644 --- a/krebs/5pkgs/simple/cgit-clear-cache.nix +++ b/krebs/5pkgs/simple/cgit-clear-cache.nix @@ -1,8 +1,6 @@ -with import <stockholm/lib>; - -{ cache-root ? "/tmp/cgit", findutils, writeDashBin }: +{ cache-root ? "/tmp/cgit", findutils, stockholm, writeDashBin }: writeDashBin "cgit-clear-cache" '' set -efu - ${findutils}/bin/find ${shell.escape cache-root} -type f -delete + ${findutils}/bin/find ${stockholm.lib.shell.escape cache-root} -type f -delete '' diff --git a/krebs/5pkgs/simple/default.nix b/krebs/5pkgs/simple/default.nix index 6ba4fec83..76ad6ff10 100644 --- a/krebs/5pkgs/simple/default.nix +++ b/krebs/5pkgs/simple/default.nix @@ -1,18 +1,16 @@ -with import <stockholm/lib>; - self: super: let # This callPackage will try to detect obsolete overrides. + lib = super.stockholm.lib; callPackage = path: args: let override = self.callPackage path args; - upstream = optionalAttrs (override ? "name") - (super.${(parseDrvName override.name).name} or {}); + upstream = lib.optionalAttrs (override ? "name") + (super.${(lib.parseDrvName override.name).name} or {}); in if upstream ? "name" && override ? "name" && - compareVersions upstream.name override.name != -1 - then trace "Upstream `${upstream.name}' gets overridden by `${override.name}'." override + lib.compareVersions upstream.name override.name != -1 + then lib.trace "Upstream `${upstream.name}' gets overridden by `${override.name}'." override else override; in - - mapNixDir (path: callPackage path {}) ./. + lib.mapNixDir (path: callPackage path {}) ./. diff --git a/krebs/5pkgs/simple/eximlog.nix b/krebs/5pkgs/simple/eximlog.nix index 2d64e13e9..9e5ae8d63 100644 --- a/krebs/5pkgs/simple/eximlog.nix +++ b/krebs/5pkgs/simple/eximlog.nix @@ -1,7 +1,7 @@ -{ jq, systemd, writeDashBin }: +{ jq, stockholm, systemd, writeDashBin }: let - lib = import <stockholm/lib>; + lib = stockholm.lib; user = "exim"; # TODO make this configurable in diff --git a/krebs/5pkgs/simple/flameshot-once/default.nix b/krebs/5pkgs/simple/flameshot-once/default.nix index 20c709fb5..0524c2cfa 100644 --- a/krebs/5pkgs/simple/flameshot-once/default.nix +++ b/krebs/5pkgs/simple/flameshot-once/default.nix @@ -1,5 +1,5 @@ -with import <stockholm/lib>; -{ pkgs, ... }@args: +{ pkgs, stockholm, ... }@args: +with stockholm.lib; let # config cannot be declared in the input attribute set because that would diff --git a/krebs/5pkgs/simple/flameshot-once/profile.nix b/krebs/5pkgs/simple/flameshot-once/profile.nix index 8aacbfa42..991b46118 100644 --- a/krebs/5pkgs/simple/flameshot-once/profile.nix +++ b/krebs/5pkgs/simple/flameshot-once/profile.nix @@ -1,5 +1,5 @@ -with import <stockholm/lib>; { config, pkgs }: +with pkgs.stockholm.lib; let # Refs https://github.com/lupoDharkael/flameshot/blob/master/src/widgets/capture/capturebutton.h diff --git a/krebs/5pkgs/simple/fzfmenu/default.nix b/krebs/5pkgs/simple/fzfmenu/default.nix index 537b90f42..f208f6a3e 100644 --- a/krebs/5pkgs/simple/fzfmenu/default.nix +++ b/krebs/5pkgs/simple/fzfmenu/default.nix @@ -1,5 +1,5 @@ -with import <stockholm/lib>; -{ pkgs, ... }@args: +{ pkgs, stockholm, ... }@args: +with stockholm.lib; let # config cannot be declared in the input attribute set because that would diff --git a/krebs/5pkgs/simple/git-hooks/default.nix b/krebs/5pkgs/simple/git-hooks/default.nix index acf34ad69..00a593be3 100644 --- a/krebs/5pkgs/simple/git-hooks/default.nix +++ b/krebs/5pkgs/simple/git-hooks/default.nix @@ -1,6 +1,6 @@ -{ pkgs, ... }: +{ pkgs, stockholm, ... }: -with import <stockholm/lib>; +with stockholm.lib; { # TODO irc-announce should return a derivation diff --git a/krebs/5pkgs/simple/htgen-cyberlocker/default.nix b/krebs/5pkgs/simple/htgen-cyberlocker/default.nix index 515ea3cf9..c7d7ebfd8 100644 --- a/krebs/5pkgs/simple/htgen-cyberlocker/default.nix +++ b/krebs/5pkgs/simple/htgen-cyberlocker/default.nix @@ -1,5 +1,6 @@ -with import <stockholm/lib>; -{ pkgs, stdenv }: +{ pkgs, stockholm, stdenv }: +with stockholm.lib; + stdenv.mkDerivation rec { pname = "htgen-cyberlocker"; version = "1.0.0"; diff --git a/krebs/5pkgs/simple/htgen-cyberlocker/src/htgen-cyberlocker b/krebs/5pkgs/simple/htgen-cyberlocker/src/htgen-cyberlocker index ab9c4e8e3..5ca0ddd3e 100644 --- a/krebs/5pkgs/simple/htgen-cyberlocker/src/htgen-cyberlocker +++ b/krebs/5pkgs/simple/htgen-cyberlocker/src/htgen-cyberlocker @@ -1,3 +1,10 @@ +emptyok_response() {( + printf "HTTP/1.1 204 OK\r\n" + printf 'Connection: close\r\n' + printf 'Server: %s\r\n' "$Server" + printf '\r\n' +)} + delete_response() { jq -n -r \ --arg server "$Server" \ @@ -44,7 +51,10 @@ read_uri() { } uri=$(read_uri "$Request_URI") -path=$(jq -nr --argjson uri "$uri" '$uri.path') +path=$(jq -nr --argjson uri "$uri" ' + $uri.path | + gsub("/+"; "/") +') case "$Method $path" in 'POST /'*|'PUT /'*) @@ -57,6 +67,8 @@ case "$Method $path" in mkdir -v -p $STATEDIR/items >&2 cp -v $content $item >&2 + + emptyok_response exit ;; 'GET /'*) diff --git a/krebs/5pkgs/simple/htgen-imgur/default.nix b/krebs/5pkgs/simple/htgen-imgur/default.nix index fe0b2ab04..f429ff7a6 100644 --- a/krebs/5pkgs/simple/htgen-imgur/default.nix +++ b/krebs/5pkgs/simple/htgen-imgur/default.nix @@ -1,5 +1,4 @@ -with import <stockholm/lib>; -{ attr, coreutils, exiv2, findutils, gnugrep, jq, nix, utillinux, stdenv }: +{ attr, coreutils, exiv2, findutils, gnugrep, jq, nix, stockholm, utillinux, stdenv }: stdenv.mkDerivation rec { pname = "htgen-imgur"; version = "1.0.0"; @@ -9,7 +8,7 @@ stdenv.mkDerivation rec { buildPhase = '' ( exec > htgen-imgur - echo PATH=${makeBinPath [ + echo PATH=${stockholm.lib.makeBinPath [ attr coreutils exiv2 @@ -18,7 +17,7 @@ stdenv.mkDerivation rec { jq nix utillinux ]} - echo STATEDIR=${shell.escape "\${STATEDIR-$HOME}"} + echo STATEDIR=${stockholm.lib.shell.escape "\${STATEDIR-$HOME}"} cat $src/htgen-imgur ) ''; diff --git a/krebs/5pkgs/simple/irc-announce/default.nix b/krebs/5pkgs/simple/irc-announce/default.nix index 5797b3667..7b2af0307 100644 --- a/krebs/5pkgs/simple/irc-announce/default.nix +++ b/krebs/5pkgs/simple/irc-announce/default.nix @@ -1,18 +1,8 @@ { pkgs, lib, ... }: -with lib; - pkgs.writeDashBin "irc-announce" '' set -euf - export PATH=${makeSearchPath "bin" (with pkgs; [ - coreutils - gawk - gnused - netcat - nettools - ])} - IRC_SERVER=$1 IRC_PORT=$2 IRC_NICK=$3_$$ @@ -20,57 +10,15 @@ pkgs.writeDashBin "irc-announce" '' IRC_TLS=$5 message=$6 - export IRC_CHANNEL # for privmsg_cat - - # echo2 and cat2 are used output to both, stdout and stderr - # This is used to see what we send to the irc server. (debug output) - echo2() { echo "$*"; echo "$*" >&2; } - cat2() { - awk '{ - print $0 - print $0 > "/dev/stderr" - }' - } - - # privmsg_cat transforms stdin to a privmsg - privmsg_cat() { awk '{ print "PRIVMSG "ENVIRON["IRC_CHANNEL"]" :"$0 }'; } - - tls_flag() { if [ "$IRC_TLS" -eq 1 ]; then echo "-c"; fi } - - # ircin is used to feed the output of netcat back to the "irc client" - # so we can implement expect-like behavior with sed^_^ - # XXX mkselfdestructingtmpfifo would be nice instead of this cruft - tmpdir=$(mktemp --tmpdir -d irc-announce_XXXXXXXX) - cd "$tmpdir" - mkfifo ircin - trap " - rm ircin - cd '$OLDPWD' - rmdir '$tmpdir' - trap - EXIT INT QUIT - " EXIT INT QUIT - - { - echo2 "USER $LOGNAME 0 * :$LOGNAME@$(hostname)" - echo2 "NICK $IRC_NICK" - - awk 'match($0, /PING(.*)/, m) {print "PONG", m[1]; exit}' - - # wait for MODE message - sed -n '/^:[^ ]* MODE /q' - - echo2 "JOIN $IRC_CHANNEL" - - printf '%s' "$message" \ - | privmsg_cat \ - | cat2 - - echo2 "PART $IRC_CHANNEL" - - # wait for PART confirmation - sed -n '/:'"$IRC_NICK"'![^ ]* PART /q' - - echo2 'QUIT :Gone to have lunch' - } < ircin \ - | nc $(tls_flag) "$IRC_SERVER" "$IRC_PORT" | tee -a ircin + if test "$IRC_TLS" != 1; then + unset IRC_TLS + fi + + printf %s "$message" | + ${pkgs.ircaids}/bin/ircsink \ + --nick="$IRC_NICK" \ + --port="$IRC_PORT" \ + --server="$IRC_SERVER" \ + --target="$IRC_CHANNEL" \ + ''${IRC_TLS:+--secure} '' diff --git a/krebs/5pkgs/simple/ircaids/default.nix b/krebs/5pkgs/simple/ircaids/default.nix new file mode 100644 index 000000000..61d3ee31c --- /dev/null +++ b/krebs/5pkgs/simple/ircaids/default.nix @@ -0,0 +1,32 @@ +{ lib, pkgs, stdenv }: + +stdenv.mkDerivation rec { + pname = "ircaids"; + version = "1.0.1"; + + src = pkgs.fetchgit { + url = "https://cgit.krebsco.de/ircaids"; + rev = "refs/tags/${version}"; + sha256 = "0wp01pag58c72rmx8j3i1vlq60na8lc91743832f0h27cik8yqvh"; + }; + + buildPhase = null; + + installPhase = '' + mkdir -p $out/bin + + cp $src/bin/ircsink $out/bin/ircsink + sed -i ' + s;^#! /bin/sh;#! ${pkgs.dash}/bin/dash; + s;^#!.*;&\nexport PATH=${lib.makeBinPath [ + pkgs.coreutils + pkgs.gawk + pkgs.gnused + pkgs.netcat + pkgs.nettools + pkgs.openssl + pkgs.utillinux + ]}; + ' $out/bin/ircsink + ''; +} diff --git a/krebs/5pkgs/simple/logf/default.nix b/krebs/5pkgs/simple/logf/default.nix index ac95acb33..36a7fed2f 100644 --- a/krebs/5pkgs/simple/logf/default.nix +++ b/krebs/5pkgs/simple/logf/default.nix @@ -1,7 +1,5 @@ { lib, pkgs, ... }: -with import <stockholm/lib>; - let default-host-colors = pkgs.writeJSON "logf.default-host-colors.json" { }; diff --git a/krebs/5pkgs/simple/netcup/default.nix b/krebs/5pkgs/simple/netcup/default.nix index d1f46299d..408672eff 100644 --- a/krebs/5pkgs/simple/netcup/default.nix +++ b/krebs/5pkgs/simple/netcup/default.nix @@ -1,5 +1,6 @@ -{ coreutils, curl, fetchgit, gawk, gnugrep, gnused, jq, stdenv, w3m, ... }: -with import <stockholm/lib>; +{ coreutils, curl, fetchgit, gawk, gnugrep, gnused, jq, stdenv, stockholm, w3m, ... }: +with stockholm.lib; + let readJSON = path: fromJSON (readFile path); sed.escape = replaceChars ["/"] ["\\/"]; # close enough diff --git a/krebs/5pkgs/simple/nomads-cloud/default.nix b/krebs/5pkgs/simple/nomads-cloud/default.nix index 97cf10d1f..cc9e7a964 100644 --- a/krebs/5pkgs/simple/nomads-cloud/default.nix +++ b/krebs/5pkgs/simple/nomads-cloud/default.nix @@ -1,10 +1,10 @@ { writers, coreutils, grib2json, curl, jq, findutils, imagemagick }: writers.writeDashBin "nomads-cloud" '' prefix=$(mktemp -d) - grib_path=$prefix.grib - json_path=$prefix.json - pgm_path=$prefix.pgm - png_path="$1" + grib_path=$prefix/clouds.grib + json_path=$prefix/clouds.json + pgm_path=$prefix/clouds.pgm + png_path=$1 mkdir -p "$prefix" diff --git a/krebs/5pkgs/simple/reaktor2-plugins.nix b/krebs/5pkgs/simple/reaktor2-plugins.nix index 4cd9e7d89..e23b14a23 100644 --- a/krebs/5pkgs/simple/reaktor2-plugins.nix +++ b/krebs/5pkgs/simple/reaktor2-plugins.nix @@ -1,5 +1,5 @@ -with import <stockholm/lib>; -{ lib, pkgs, ... }: +{ lib, pkgs, stockholm, ... }: +with stockholm.lib; rec { generators = { diff --git a/krebs/5pkgs/simple/urix.nix b/krebs/5pkgs/simple/urix.nix index c0db8c975..73ea3e665 100644 --- a/krebs/5pkgs/simple/urix.nix +++ b/krebs/5pkgs/simple/urix.nix @@ -1,5 +1,4 @@ -let lib = import <stockholm/lib>; in -{ pkgs }: +{ pkgs, stockholm }: # urix - URI eXtractor # Extract all the URIs from standard input and write them to standard output! @@ -10,6 +9,6 @@ pkgs.execBin "urix" { argv = [ "urix" "-Eo" - "\\b${lib.uri.posix-extended-regex}\\b" + "\\b${stockholm.lib.uri.posix-extended-regex}\\b" ]; } diff --git a/krebs/5pkgs/simple/withGetopt.nix b/krebs/5pkgs/simple/withGetopt.nix index d20802fb2..7f17a5934 100644 --- a/krebs/5pkgs/simple/withGetopt.nix +++ b/krebs/5pkgs/simple/withGetopt.nix @@ -1,5 +1,5 @@ -with import <stockholm/lib>; -{ coreutils, quote, utillinux, writeDash }: +{ coreutils, quote, stockholm, utillinux, writeDash }: +with stockholm.lib; opt-spec: cmd-spec: let diff --git a/krebs/5pkgs/test/default.nix b/krebs/5pkgs/test/default.nix index 5ee8f913b..713d4673c 100644 --- a/krebs/5pkgs/test/default.nix +++ b/krebs/5pkgs/test/default.nix @@ -1,5 +1,3 @@ -with import <stockholm/lib>; - self: super: { diff --git a/krebs/default.nix b/krebs/default.nix index 7ec791529..577cc269e 100644 --- a/krebs/default.nix +++ b/krebs/default.nix @@ -6,8 +6,8 @@ nixpkgs = { overlays = [ - (import ./5pkgs) (import ../submodules/nix-writers/pkgs) + (import ./5pkgs) ]; }; diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json index 6b5f8ec8f..594147405 100644 --- a/krebs/nixpkgs-unstable.json +++ b/krebs/nixpkgs-unstable.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "09cd65b33c5653d7d2954fef4b9f0e718c899743", - "date": "2021-09-08T11:21:07-05:00", - "path": "/nix/store/h4hgs0aiaszmgqcwwhw7q10vqgvgbimf-nixpkgs", - "sha256": "1h696xv2wdl1859jcr0bmv0m0rfsq4vpc1vc0hg3msfsdnz0aixl", + "rev": "b165ce0c4efbb74246714b5c66b6bcdce8cde175", + "date": "2021-11-01T19:42:18+01:00", + "path": "/nix/store/ccfd4ijkp4rn018sjghkhn4a7gkdq84l-nixpkgs", + "sha256": "1q7n9rk4i8ky2xxiymm72cfq1xra3ss3vkhbwf60rhiblslldgqg", "fetchSubmodules": false, "deepClone": false, "leaveDotGit": false diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index d0a011869..8bfd16523 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "6120ac5cd201f6cb593d1b80e861be0342495be9", - "date": "2021-09-18T21:31:09+02:00", - "path": "/nix/store/g1a0swq7h7b24g4vkn3wr3d8rwjazfmv-nixpkgs", - "sha256": "04mrjxr1qsdcgcryx7yy72cgcw14c0770gfcgzrdfpnvmjdgbi9i", + "rev": "f0869b1a2c0b150aac26e10bb5c2364ffb2e804f", + "date": "2021-10-31T15:33:08-07:00", + "path": "/nix/store/60dqlv3rf8dyf041qwx2bblmpd7mp7q6-nixpkgs", + "sha256": "150rrksrjf6w9m3c1ll04xilpglysklfpi636rxwyy318g5xss55", "fetchSubmodules": false, "deepClone": false, "leaveDotGit": false |