summaryrefslogtreecommitdiffstats
path: root/krebs/5pkgs
diff options
context:
space:
mode:
Diffstat (limited to 'krebs/5pkgs')
-rw-r--r--krebs/5pkgs/simple/Reaktor/plugins.nix65
-rw-r--r--krebs/5pkgs/simple/buildbot-classic/default.nix2
-rw-r--r--krebs/5pkgs/simple/ejabberd/default.nix24
-rw-r--r--krebs/5pkgs/simple/ejabberd/ejabberdctl.patch32
-rw-r--r--krebs/5pkgs/simple/generate-secrets/default.nix46
-rw-r--r--krebs/5pkgs/simple/kops.nix7
-rw-r--r--krebs/5pkgs/simple/krops.nix7
-rw-r--r--krebs/5pkgs/simple/painload/default.nix2
-rw-r--r--krebs/5pkgs/simple/pssh/default.nix36
-rw-r--r--krebs/5pkgs/simple/repo-sync/default.nix2
-rw-r--r--krebs/5pkgs/simple/retiolum-bootstrap/default.nix4
-rw-r--r--krebs/5pkgs/simple/thesauron/default.nix7
-rw-r--r--krebs/5pkgs/simple/ucspi-tcp/chmod.patch15
-rw-r--r--krebs/5pkgs/simple/ucspi-tcp/default.nix86
-rw-r--r--krebs/5pkgs/simple/urlwatch/default.nix29
15 files changed, 151 insertions, 213 deletions
diff --git a/krebs/5pkgs/simple/Reaktor/plugins.nix b/krebs/5pkgs/simple/Reaktor/plugins.nix
index bcfcbf76b..c39e39799 100644
--- a/krebs/5pkgs/simple/Reaktor/plugins.nix
+++ b/krebs/5pkgs/simple/Reaktor/plugins.nix
@@ -120,33 +120,48 @@ rec {
url-title = (buildSimpleReaktorPlugin "url-title" {
pattern = "^.*(?P<args>http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+).*$$";
path = with pkgs; [ curl perl ];
- script = pkgs.writeDash "lambda-pl" ''
- if [ "$#" -gt 0 ]; then
- curl -SsL --max-time 5 "$1" |
- perl -l -0777 -ne 'print $1 if /<title.*?>\s*(.*?)\s*<\/title/si'
- fi
+ script = pkgs.writePython3 [ "beautifulsoup4" "lxml" ] "url-title" ''
+ import sys
+ import urllib.request
+ from bs4 import BeautifulSoup
+
+ try:
+ soup = BeautifulSoup(urllib.request.urlopen(sys.argv[1]), "lxml")
+ title = soup.find('title').string
+
+ if title:
+ if len(title) > 512:
+ print('message to long, skipped')
+ elif len(title.split('\n')) > 5:
+ print('to many lines, skipped')
+ else:
+ print(title)
+ except: # noqa: E722
+ pass
'';
});
- wiki-todo-add = buildSimpleReaktorPlugin "wiki-todo-add" {
- pattern = "^wiki-todo: (?P<args>.*)$$";
- script = pkgs.writeDash "wiki-todo-add" ''
- echo "$*" >> wiki-todo
- echo "added todo. check on http://lassul.us/wiki-todo"
- '';
- };
- wiki-todo-done = buildSimpleReaktorPlugin "wiki-todo-done" {
- pattern = "^wiki-done: (?P<args>.*)$$";
- script = pkgs.writeDash "wiki-todo-done" ''
- ${pkgs.gnugrep}/bin/grep -Fvxe "$*" wiki-todo > wiki-todo.tmp
- ${pkgs.coreutils}/bin/mv wiki-todo.tmp wiki-todo
- echo "thank you for resolving todo: $*"
- '';
- };
- wiki-todo-show = buildSimpleReaktorPlugin "wiki-todo" {
- pattern = "^wiki-show$";
- script = pkgs.writeDash "wiki-show" ''
- ${pkgs.coreutils}/bin/cat wiki-todo
- '';
+ todo = name: {
+ add = buildSimpleReaktorPlugin "${name}-add" {
+ pattern = "^${name}-add: (?P<args>.*)$$";
+ script = pkgs.writeDash "${name}-add" ''
+ echo "$*" >> ${name}-todo
+ echo "added ${name} todo"
+ '';
+ };
+ delete = buildSimpleReaktorPlugin "${name}-delete" {
+ pattern = "^${name}-delete: (?P<args>.*)$$";
+ script = pkgs.writeDash "${name}-delete" ''
+ ${pkgs.gnugrep}/bin/grep -Fvxe "$*" ${name}-todo > ${name}-todo.tmp
+ ${pkgs.coreutils}/bin/mv ${name}-todo.tmp ${name}-todo
+ echo "removed ${name} todo: $*"
+ '';
+ };
+ show = buildSimpleReaktorPlugin "${name}-show" {
+ pattern = "^${name}-show$";
+ script = pkgs.writeDash "${name}-show" ''
+ ${pkgs.coreutils}/bin/cat ${name}-todo
+ '';
+ };
};
}
diff --git a/krebs/5pkgs/simple/buildbot-classic/default.nix b/krebs/5pkgs/simple/buildbot-classic/default.nix
index 3cb691f53..e6bafbd25 100644
--- a/krebs/5pkgs/simple/buildbot-classic/default.nix
+++ b/krebs/5pkgs/simple/buildbot-classic/default.nix
@@ -7,7 +7,7 @@ python2Packages.buildPythonApplication rec {
patches = [];
src = fetchFromGitHub {
- owner = "krebscode";
+ owner = "krebs";
repo = "buildbot-classic";
rev = version;
sha256 = "0g686n6m0cjfyympl0ksansllx503gby3hx9gmc8hiyx6x5fkjha";
diff --git a/krebs/5pkgs/simple/ejabberd/default.nix b/krebs/5pkgs/simple/ejabberd/default.nix
index 2799241fa..b4ab13b43 100644
--- a/krebs/5pkgs/simple/ejabberd/default.nix
+++ b/krebs/5pkgs/simple/ejabberd/default.nix
@@ -1,5 +1,5 @@
{ stdenv, writeScriptBin, lib, fetchurl, git, cacert
-, erlang, openssl, expat, libyaml, bash, gnused, gnugrep, coreutils, utillinux, procps
+, erlang, openssl, expat, libyaml, bash, gnused, gnugrep, coreutils, utillinux, procps, gd
, withMysql ? false
, withPgsql ? false
, withSqlite ? false, sqlite
@@ -23,17 +23,17 @@ let
ctlpath = lib.makeBinPath [ bash gnused gnugrep coreutils utillinux procps ];
in stdenv.mkDerivation rec {
- version = "17.07";
+ version = "18.01";
name = "ejabberd-${version}";
src = fetchurl {
url = "http://www.process-one.net/downloads/ejabberd/${version}/${name}.tgz";
- sha256 = "1p8ppp2czjgnq8xnhyksd82npvvx99fwr0g3rrq1wvnwh2vgb8km";
+ sha256 = "01i2n8mlgw293jdf4172f9q8ca8m35vysjws791p7nynpfdb4cn6";
};
nativeBuildInputs = [ fakegit ];
- buildInputs = [ erlang openssl expat libyaml ]
+ buildInputs = [ erlang openssl expat libyaml gd ]
++ lib.optional withSqlite sqlite
++ lib.optional withPam pam
++ lib.optional withZlib zlib
@@ -50,7 +50,7 @@ in stdenv.mkDerivation rec {
configureFlags = [ "--enable-all" "--with-sqlite3=${sqlite.dev}" ];
- buildInputs = [ git erlang openssl expat libyaml sqlite pam zlib elixir ];
+ nativeBuildInputs = [ git erlang openssl expat libyaml sqlite pam zlib elixir ];
GIT_SSL_CAINFO = "${cacert}/etc/ssl/certs/ca-bundle.crt";
@@ -74,7 +74,7 @@ in stdenv.mkDerivation rec {
outputHashMode = "recursive";
outputHashAlgo = "sha256";
- outputHash = "1q9yzccn4zf5i4hibq1r0i34q4986a93ph4792l1ph07aiisc8p7";
+ outputHash = "1v3h0c7kfifb6wsfxyv5j1wc7rlxbb7r0pgd4s340wiyxnllzzhk";
};
configureFlags =
@@ -92,6 +92,10 @@ in stdenv.mkDerivation rec {
enableParallelBuilding = true;
+ patches = [
+ ./ejabberdctl.patch
+ ];
+
preBuild = ''
cp -r $deps deps
chmod -R +w deps
@@ -107,12 +111,12 @@ in stdenv.mkDerivation rec {
$out/sbin/ejabberdctl
'';
- meta = {
+ meta = with stdenv.lib; {
description = "Open-source XMPP application server written in Erlang";
- license = lib.licenses.gpl2;
+ license = licenses.gpl2;
homepage = http://www.ejabberd.im;
- platforms = lib.platforms.linux;
- maintainers = [ lib.maintainers.sander lib.maintainers.abbradar ];
+ platforms = platforms.linux;
+ maintainers = with maintainers; [ sander abbradar ];
broken = withElixir;
};
}
diff --git a/krebs/5pkgs/simple/ejabberd/ejabberdctl.patch b/krebs/5pkgs/simple/ejabberd/ejabberdctl.patch
new file mode 100644
index 000000000..f7c842b7b
--- /dev/null
+++ b/krebs/5pkgs/simple/ejabberd/ejabberdctl.patch
@@ -0,0 +1,32 @@
+--- a/ejabberdctl.template 1970-01-01 01:00:01.000000000 +0100
++++ b/ejabberdctl.template 2018-04-24 23:06:54.127715441 +0200
+@@ -42,19 +42,18 @@
+ esac
+
+ # parse command line parameters
+-for arg; do
+- case $arg in
+- -n|--node) ERLANG_NODE_ARG=$2; shift;;
+- -s|--spool) SPOOL_DIR=$2; shift;;
+- -l|--logs) LOGS_DIR=$2; shift;;
+- -f|--config) EJABBERD_CONFIG_PATH=$2; shift;;
+- -c|--ctl-config) EJABBERDCTL_CONFIG_PATH=$2; shift;;
+- -d|--config-dir) ETC_DIR=$2; shift;;
+- -t|--no-timeout) NO_TIMEOUT="--no-timeout";;
+- --) :;;
++while test $# -gt 0; do
++ case $1 in
++ -n|--node) ERLANG_NODE_ARG=$2; shift 2;;
++ -s|--spool) SPOOL_DIR=$2; shift 2;;
++ -l|--logs) LOGS_DIR=$2; shift 2;;
++ -f|--config) EJABBERD_CONFIG_PATH=$2; shift 2;;
++ -c|--ctl-config) EJABBERDCTL_CONFIG_PATH=$2; shift 2;;
++ -d|--config-dir) ETC_DIR=$2; shift 2;;
++ -t|--no-timeout) NO_TIMEOUT="--no-timeout"; shift 1;;
++ # --) :;; what is this for?
+ *) break;;
+ esac
+- shift
+ done
+
+ # define ejabberd variables if not already defined from the command line
diff --git a/krebs/5pkgs/simple/generate-secrets/default.nix b/krebs/5pkgs/simple/generate-secrets/default.nix
new file mode 100644
index 000000000..a800ff543
--- /dev/null
+++ b/krebs/5pkgs/simple/generate-secrets/default.nix
@@ -0,0 +1,46 @@
+{ pkgs }:
+pkgs.writeDashBin "generate-secrets" ''
+ HOSTNAME="$1"
+ TMPDIR=$(${pkgs.coreutils}/bin/mktemp -d)
+ PASSWORD=$(${pkgs.pwgen}/bin/pwgen 25 1)
+ HASHED_PASSWORD=$(echo $PASSWORD | ${pkgs.hashPassword}/bin/hashPassword -s) > /dev/null
+
+ ${pkgs.openssh}/bin/ssh-keygen -t ed25519 -f $TMPDIR/ssh.id_ed25519 -P "" -C "" >/dev/null
+ ${pkgs.openssl}/bin/openssl genrsa -out $TMPDIR/retiolum.rsa_key.priv 4096 2>/dev/null > /dev/null
+ ${pkgs.openssl}/bin/openssl rsa -in $TMPDIR/retiolum.rsa_key.priv -pubout -out $TMPDIR/retiolum.rsa_key.pub 2>/dev/null > /dev/null
+ cat <<EOF > $TMPDIR/hashedPasswords.nix
+ {
+ root = "$HASHED_PASSWORD";
+ }
+ EOF
+
+ cd $TMPDIR
+ for x in *; do
+ ${pkgs.coreutils}/bin/cat $x | ${pkgs.brain}/bin/brain insert -m krebs-secrets/$HOSTNAME/$x > /dev/null
+ done
+ echo $PASSWORD | ${pkgs.brain}/bin/brain insert -m hosts/$HOSTNAME/root > /dev/null
+
+ cat <<EOF
+ $HOSTNAME = {
+ cores = 1;
+ owner = config.krebs.users.krebs;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.0.changeme";
+ ip6.addr = "42:0:0:0:0:0:0:changeme";
+ aliases = [
+ "$HOSTNAME.r"
+ ];
+ tinc.pubkey = ${"''"}
+ $(cat $TMPDIR/retiolum.rsa_key.pub)
+ ${"''"};
+ };
+ };
+ ssh.privkey.path = <secrets/ssh.id_ed25519>;
+ ssh.pubkey = "$(cat $TMPDIR/ssh.id_ed25519.pub)";
+ };
+ EOF
+
+ rm -rf $TMPDIR
+''
+
diff --git a/krebs/5pkgs/simple/kops.nix b/krebs/5pkgs/simple/kops.nix
deleted file mode 100644
index a6c82f3ca..000000000
--- a/krebs/5pkgs/simple/kops.nix
+++ /dev/null
@@ -1,7 +0,0 @@
-{ fetchgit, ... }:
-
-fetchgit {
- url = https://cgit.krebsco.de/kops;
- rev = "refs/tags/v1.0.0";
- sha256 = "0wg8d80sxa46z4i7ir79sci2hwmv3qskzqdg0si64p6vazy8vckb";
-}
diff --git a/krebs/5pkgs/simple/krops.nix b/krebs/5pkgs/simple/krops.nix
new file mode 100644
index 000000000..29bfb52f5
--- /dev/null
+++ b/krebs/5pkgs/simple/krops.nix
@@ -0,0 +1,7 @@
+{ fetchgit, ... }:
+
+fetchgit {
+ url = https://cgit.krebsco.de/krops;
+ rev = "refs/tags/v1.0.0";
+ sha256 = "0ahp3fxb3l1vcjylxw0cd0f4hfp98bxskkf3z9d37hl3m7v4pcb4";
+}
diff --git a/krebs/5pkgs/simple/painload/default.nix b/krebs/5pkgs/simple/painload/default.nix
index 136ec4394..3b1c83b42 100644
--- a/krebs/5pkgs/simple/painload/default.nix
+++ b/krebs/5pkgs/simple/painload/default.nix
@@ -1,7 +1,7 @@
{ fetchgit, ... }:
fetchgit {
- url = https://github.com/krebscode/painload;
+ url = https://github.com/krebs/painload;
rev = "c113487f73713a03b1a139b22bb34b86234d0495";
sha256 = "1irxklnmvm8wsa70ypjahkr8rfqq7357vcy8r0x1sfncs1hy6gr6";
}
diff --git a/krebs/5pkgs/simple/pssh/default.nix b/krebs/5pkgs/simple/pssh/default.nix
deleted file mode 100644
index 2676af0cf..000000000
--- a/krebs/5pkgs/simple/pssh/default.nix
+++ /dev/null
@@ -1,36 +0,0 @@
-{ writeDashBin }:
-
-writeDashBin "pssh" ''
- set -efu
- case ''${1-} in
-
- # TODO create plog with -o json | jq ... | map date
-
- # usage: pssh {-j,--journal} host...
- # Follow journal at each host.
- -j|--journal)
- shift
- "$0" journalctl -n0 -ocat --follow --all ::: "$@" \
- | while read line; do
- printf '%s %s\n' "$(date --rfc-3339=s)" "$line"
- done
- ;;
-
- -*)
- echo $0: unknown option: $1 >&2
- exit 1
- ;;
-
- # usage: pssh command [arg...] ::: host...
- # Run command at each host.
- *)
- exec parallel \
- --line-buffer \
- -j0 \
- --no-notice \
- --tagstring {} \
- ssh -T {} "$@"
- ;;
-
- esac
-''
diff --git a/krebs/5pkgs/simple/repo-sync/default.nix b/krebs/5pkgs/simple/repo-sync/default.nix
index 20326901d..8393cd79f 100644
--- a/krebs/5pkgs/simple/repo-sync/default.nix
+++ b/krebs/5pkgs/simple/repo-sync/default.nix
@@ -10,7 +10,7 @@ with python3Packages; buildPythonPackage rec {
pkgs.git
];
src = fetchFromGitHub {
- owner = "krebscode";
+ owner = "krebs";
repo = "repo-sync";
rev = version;
sha256 = "1qjf1jmxf7xzwskybdys4vqncnwj9f3xwk1gv354zrla68s533cw";
diff --git a/krebs/5pkgs/simple/retiolum-bootstrap/default.nix b/krebs/5pkgs/simple/retiolum-bootstrap/default.nix
index 331b1cb7f..c0651f627 100644
--- a/krebs/5pkgs/simple/retiolum-bootstrap/default.nix
+++ b/krebs/5pkgs/simple/retiolum-bootstrap/default.nix
@@ -6,7 +6,7 @@ stdenv.mkDerivation rec {
src = fetchurl {
- url = https://raw.githubusercontent.com/krebscode/painload/master/retiolum/scripts/tinc_setup/new_install.sh;
+ url = https://raw.githubusercontent.com/krebs/painload/master/retiolum/scripts/tinc_setup/new_install.sh;
sha256 = "03kmil8q2xm3rdm2jxyah7vww84pw6w01d0c3siid9zpn2j7la9s";
};
@@ -21,7 +21,7 @@ stdenv.mkDerivation rec {
meta = {
description = "Retiolum boostrap scripts";
- url = https://github.com/krebscode/painload;
+ url = https://github.com/krebs/painload;
license = licenses.wtfpl;
platforms = platforms.unix;
maintainers = with maintainers; [ makefu ];
diff --git a/krebs/5pkgs/simple/thesauron/default.nix b/krebs/5pkgs/simple/thesauron/default.nix
new file mode 100644
index 000000000..d543319f2
--- /dev/null
+++ b/krebs/5pkgs/simple/thesauron/default.nix
@@ -0,0 +1,7 @@
+{ fetchgit, callPackage }: let
+ src = fetchgit {
+ url = "https://github.com/krebs/thesauron";
+ rev = "8ac22588cf2c20465e3c9348e7ce04885599c2a5";
+ "sha256"= "1ivkjl235dnm5aaqqvarnxkz7zh0gvah22b0fqwlsflrcd5wmgva";
+ };
+in callPackage src {}
diff --git a/krebs/5pkgs/simple/ucspi-tcp/chmod.patch b/krebs/5pkgs/simple/ucspi-tcp/chmod.patch
deleted file mode 100644
index dd6933208..000000000
--- a/krebs/5pkgs/simple/ucspi-tcp/chmod.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-diff --git a/hier.c b/hier.c
-index 5663ada..1d73b84 100644
---- a/hier.c
-+++ b/hier.c
-@@ -2,8 +2,8 @@
-
- void hier()
- {
-- h(auto_home,-1,-1,02755);
-- d(auto_home,"bin",-1,-1,02755);
-+ h(auto_home,-1,-1,0755);
-+ d(auto_home,"bin",-1,-1,0755);
-
- c(auto_home,"bin","tcpserver",-1,-1,0755);
- c(auto_home,"bin","tcprules",-1,-1,0755);
diff --git a/krebs/5pkgs/simple/ucspi-tcp/default.nix b/krebs/5pkgs/simple/ucspi-tcp/default.nix
deleted file mode 100644
index 3b043be06..000000000
--- a/krebs/5pkgs/simple/ucspi-tcp/default.nix
+++ /dev/null
@@ -1,86 +0,0 @@
-{ stdenv, fetchurl }:
-
-stdenv.mkDerivation rec {
- name = "ucspi-tcp-0.88";
-
- src = fetchurl {
- url = "http://cr.yp.to/ucspi-tcp/${name}.tar.gz";
- sha256 = "171yl9kfm8w7l17dfxild99mbf877a9k5zg8yysgb1j8nz51a1ja";
- };
-
- # Plain upstream tarball doesn't build, get patches from Debian
- patches = [
- (fetchurl {
- url = "http://ftp.de.debian.org/debian/pool/main/u/ucspi-tcp/ucspi-tcp_0.88-3.diff.gz";
- sha256 = "0mzmhz8hjkrs0khmkzs5i0s1kgmgaqz07h493bd5jj5fm5njxln6";
- })
- ./chmod.patch
- ];
-
- # Apply Debian patches
- postPatch = ''
- for fname in debian/diff/*.diff; do
- echo "Applying patch $fname"
- patch < "$fname"
- done
- '';
-
- # The build system is weird; 'make install' doesn't install anything, instead
- # it builds an executable called ./install (from C code) which installs
- # binaries to the directory given on line 1 in ./conf-home.
- #
- # Also, assume getgroups and setgroups work, instead of doing a build time
- # test that breaks on NixOS (I think because nixbld users lack CAP_SETGID
- # capability).
- preBuild = ''
- echo "$out" > conf-home
-
- echo "main() { return 0; }" > chkshsgr.c
- '';
-
- installPhase = ''
- mkdir -p "$out/bin"
- mkdir -p "$out/share/man/man1"
-
- # run the newly built installer
- ./install
-
- # Install Debian man pages (upstream has none)
- cp debian/ucspi-tcp-man/*.1 "$out/share/man/man1"
- '';
-
- meta = with stdenv.lib; {
- description = "Command-line tools for building TCP client-server applications";
- longDescription = ''
- tcpserver waits for incoming connections and, for each connection, runs a
- program of your choice. Your program receives environment variables
- showing the local and remote host names, IP addresses, and port numbers.
-
- tcpserver offers a concurrency limit to protect you from running out of
- processes and memory. When you are handling 40 (by default) simultaneous
- connections, tcpserver smoothly defers acceptance of new connections.
-
- tcpserver also provides TCP access control features, similar to
- tcp-wrappers/tcpd's hosts.allow but much faster. Its access control rules
- are compiled into a hashed format with cdb, so it can easily deal with
- thousands of different hosts.
-
- This package includes a recordio tool that monitors all the input and
- output of a server.
-
- tcpclient makes a TCP connection and runs a program of your choice. It
- sets up the same environment variables as tcpserver.
-
- This package includes several sample clients built on top of tcpclient:
- who@, date@, finger@, http@, tcpcat, and mconnect.
-
- tcpserver and tcpclient conform to UCSPI, the UNIX Client-Server Program
- Interface, using the TCP protocol. UCSPI tools are available for several
- different networks.
- '';
- homepage = http://cr.yp.to/ucspi-tcp.html;
- license = licenses.publicDomain;
- platforms = platforms.linux;
- maintainers = [ maintainers.bjornfor ];
- };
-}
diff --git a/krebs/5pkgs/simple/urlwatch/default.nix b/krebs/5pkgs/simple/urlwatch/default.nix
deleted file mode 100644
index 64f3ad1ac..000000000
--- a/krebs/5pkgs/simple/urlwatch/default.nix
+++ /dev/null
@@ -1,29 +0,0 @@
-{ stdenv, fetchFromGitHub, python3Packages }:
-
-python3Packages.buildPythonApplication rec {
- name = "urlwatch-${version}";
- version = "2.8";
-
- src = fetchFromGitHub {
- owner = "thp";
- repo = "urlwatch";
- rev = version;
- sha256 = "1nja7n6pc45azd3l1xyvav89855lvcgwabrvf34rps81dbl8cnl4";
- };
-
- propagatedBuildInputs = with python3Packages; [
- appdirs
- keyring
- minidb
- pycodestyle
- pyyaml
- requests
- ];
-
- meta = with stdenv.lib; {
- description = "A tool for monitoring webpages for updates";
- homepage = https://thp.io/2008/urlwatch/;
- license = licenses.bsd3;
- maintainers = with maintainers; [ tv ];
- };
-}