diff options
Diffstat (limited to 'krebs/2configs')
| -rw-r--r-- | krebs/2configs/reaktor2.nix | 57 | ||||
| -rw-r--r-- | krebs/2configs/security-workarounds.nix | 25 | ||||
| -rwxr-xr-x | krebs/2configs/shack/doorstatus.sh | 2 | ||||
| -rw-r--r-- | krebs/2configs/shack/reaktor.nix | 15 |
4 files changed, 72 insertions, 27 deletions
diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix index 0ea1ab2fa..3e88c0899 100644 --- a/krebs/2configs/reaktor2.nix +++ b/krebs/2configs/reaktor2.nix @@ -51,6 +51,29 @@ let }; }; + confuse = { + pattern = "^!confuse (.*)$"; + activate = "match"; + arguments = [1]; + command = { + filename = pkgs.writeDash "confuse" '' + set -efu + export PATH=${makeBinPath [ + pkgs.coreutils + pkgs.curl + pkgs.gnused + pkgs.stable-generate + ]} + stable_url=$(stable-generate "$@") + paste_url=$(curl -Ss "$stable_url" | + curl -Ss https://p.krebsco.de --data-binary @- | + tail -1 + ) + echo "$_from: $paste_url" + ''; + }; + }; + taskRcFile = builtins.toFile "taskrc" '' confirmation=no ''; @@ -203,6 +226,12 @@ let osm-restaurants = pkgs.callPackage "${osm-restaurants-src}/osm-restaurants" {}; in pkgs.writeDash "krebsfood" '' set -efu + export PATH=${makeBinPath [ + osm-restaurants + pkgs.coreutils + pkgs.curl + pkgs.jq + ]} poi=$(curl -fsS http://c.r/poi.json | jq --arg name "$1" '.[$name]') if [ "$poi" = null ]; then latitude=52.51252 @@ -212,34 +241,12 @@ let longitude=$(echo "$poi" | jq -r .longitude) fi - ${osm-restaurants}/bin/osm-restaurants --radius "$2" --latitude "$latitude" --longitude "$longitude" \ - | ${pkgs.jq}/bin/jq -r '"How about \(.tags.name) (https://www.openstreetmap.org/\(.type)/\(.id)), open \(.tags.opening_hours)?"' - ' - ''; - }; - } - { - pattern = ''^([\H-]*?):?\s+([+-][1-9][0-9]*)\s+(\S+)$''; - activate = "match"; - arguments = [1 2 3]; - command = { - env = { - # TODO; get state as argument - state_file = "${stateDir}/ledger"; - }; - filename = pkgs.writeDash "ledger-add" '' - set -x - tonick=$1 - amt=$2 - unit=$3 - printf '%s\n %s %d %s\n %s %d %s\n' "$(date -Id)" "$tonick" "$amt" "$unit" "$_from" "$(expr 0 - "''${amt#+}")" "$unit" >> $state_file - ${pkgs.hledger}/bin/hledger -f $state_file bal -N -O csv \ - | ${pkgs.coreutils}/bin/tail +2 \ - | ${pkgs.miller}/bin/mlr --icsv --opprint cat \ - | ${pkgs.gnugrep}/bin/grep "$_from" + osm-restaurants --radius "$2" --latitude "$latitude" --longitude "$longitude" \ + | jq -r '"How about \(.tags.name) (https://www.openstreetmap.org/\(.type)/\(.id)), open \(.tags.opening_hours)?"' ''; }; } + confuse bedger-add bedger-balance hooks.sed diff --git a/krebs/2configs/security-workarounds.nix b/krebs/2configs/security-workarounds.nix index b1a492f51..cb5d236ac 100644 --- a/krebs/2configs/security-workarounds.nix +++ b/krebs/2configs/security-workarounds.nix @@ -1,4 +1,27 @@ { config, lib, pkgs, ... }: -with import <stockholm/lib>; { + # OpenSSL pre-3.0.7 vulnerabilities + nixpkgs.overlays = [ + (self: super: { + exim = + super.exim.overrideAttrs (old: let + key = if builtins.hasAttr "preBuild" old then + "preBuild" + else + "configurePhase"; + in { + buildInputs = old.buildInputs ++ [ self.gnutls ]; + ${key} = /* sh */ '' + ${old.${key}} + sed -Ei ' + s:^USE_OPENSSL=.*:# &: + s:^# (USE_GNUTLS)=.*:\1=yes: + s:^# (USE_GNUTLS_PC=.*):\1: + ' Local/Makefile + ''; + }); + }) + ]; + # OpenSSL pre-3.0.7 vulnerabilities + services.nginx.package = lib.mkDefault (pkgs.nginxStable.override { openssl = pkgs.libressl; }); } diff --git a/krebs/2configs/shack/doorstatus.sh b/krebs/2configs/shack/doorstatus.sh index 11e710cfd..46314cb9c 100755 --- a/krebs/2configs/shack/doorstatus.sh +++ b/krebs/2configs/shack/doorstatus.sh @@ -54,7 +54,7 @@ Herr makefu an Kasse 3 bitte, Kasse 3 bitte Herr makefu. Der API Computer ist ma EOF ) -state=$(curl https://api.shackspace.de/v1/space | jq .doorState.open) +state=$(curl -fSsk https://api.shackspace.de/v1/space | jq .doorState.open) prevstate=$(cat state ||:) if test "$state" == "$(cat state)";then diff --git a/krebs/2configs/shack/reaktor.nix b/krebs/2configs/shack/reaktor.nix index a31c7a687..1f723c8e6 100644 --- a/krebs/2configs/shack/reaktor.nix +++ b/krebs/2configs/shack/reaktor.nix @@ -14,6 +14,21 @@ ]; }; } + { + plugin = "system"; + config = { + hooks.PRIVMSG = [ + { + pattern = ''\.open\??$|\.offen\??$''; + activate = "match"; + command.filename = pkgs.writers.writeDash "is_shack_open" '' + ${pkgs.curl}/bin/curl -fSsk https://api.shackspace.de/v1/space | + ${pkgs.jq}/bin/jq '.doorState.open' + ''; + } + ]; + }; + } ]; }; systemd.services.announce_doorstatus = { |