summaryrefslogtreecommitdiffstats
path: root/krebs/5pkgs
diff options
context:
space:
mode:
Diffstat (limited to 'krebs/5pkgs')
-rw-r--r--krebs/5pkgs/haskell/nix-diff/default.nix25
-rw-r--r--krebs/5pkgs/haskell/nix-diff/nixos-system.patch18
-rw-r--r--krebs/5pkgs/haskell/xmonad-stockholm.nix8
-rw-r--r--krebs/5pkgs/simple/apt-cacher-ng/default.nix21
-rw-r--r--krebs/5pkgs/simple/cidr2glob.nix30
-rw-r--r--krebs/5pkgs/simple/internetarchive/default.nix38
-rw-r--r--krebs/5pkgs/simple/krebszones/default.nix2
-rw-r--r--krebs/5pkgs/simple/slog/default.nix26
-rw-r--r--krebs/5pkgs/simple/stockholm/default.nix291
-rw-r--r--krebs/5pkgs/simple/urlwatch/default.nix23
-rw-r--r--krebs/5pkgs/simple/withGetopt.nix2
11 files changed, 447 insertions, 37 deletions
diff --git a/krebs/5pkgs/haskell/nix-diff/default.nix b/krebs/5pkgs/haskell/nix-diff/default.nix
new file mode 100644
index 000000000..df0315048
--- /dev/null
+++ b/krebs/5pkgs/haskell/nix-diff/default.nix
@@ -0,0 +1,25 @@
+{ mkDerivation, attoparsec, base, containers, Diff, fetchgit, mtl
+, nix-derivation, optparse-generic, stdenv, system-filepath, text
+, unix, vector
+}:
+mkDerivation {
+ pname = "nix-diff";
+ version = "1.0.0-krebs1";
+ src = fetchgit {
+ url = "https://github.com/Gabriel439/nix-diff";
+ sha256 = "1k00nx8pannqmpzadkwfrs6bf79yk22ynhd033z5rsyw0m8fcz9k";
+ rev = "e32ffa2c7f38b47a71325a042c1d887fb46cdf7d";
+ };
+ patches = [
+ ./nixos-system.patch
+ ];
+ isLibrary = false;
+ isExecutable = true;
+ executableHaskellDepends = [
+ attoparsec base containers Diff mtl nix-derivation optparse-generic
+ system-filepath text unix vector
+ ];
+ homepage = "https://github.com/Gabriel439/nix-diff";
+ description = "Explain why two Nix derivations differ";
+ license = stdenv.lib.licenses.bsd3;
+}
diff --git a/krebs/5pkgs/haskell/nix-diff/nixos-system.patch b/krebs/5pkgs/haskell/nix-diff/nixos-system.patch
new file mode 100644
index 000000000..03e186aa9
--- /dev/null
+++ b/krebs/5pkgs/haskell/nix-diff/nixos-system.patch
@@ -0,0 +1,18 @@
+diff --git a/src/Main.hs b/src/Main.hs
+index 959ab8e..d3b6077 100644
+--- a/src/Main.hs
++++ b/src/Main.hs
+@@ -95,7 +95,12 @@ pathToText path =
+ underneath `/nix/store`, but this is the overwhelmingly common use case
+ -}
+ derivationName :: FilePath -> Text
+-derivationName = Data.Text.dropEnd 4 . Data.Text.drop 44 . pathToText
++derivationName p =
++ if Data.Text.isPrefixOf "nixos-system" s
++ then "nixos-system"
++ else s
++ where
++ s = Data.Text.dropEnd 4 . Data.Text.drop 44 . pathToText $ p
+
+ -- | Group input derivations by their name
+ groupByName :: Map FilePath (Set Text) -> Map Text (Map FilePath (Set Text))
diff --git a/krebs/5pkgs/haskell/xmonad-stockholm.nix b/krebs/5pkgs/haskell/xmonad-stockholm.nix
index bf19e7d66..954cfd76a 100644
--- a/krebs/5pkgs/haskell/xmonad-stockholm.nix
+++ b/krebs/5pkgs/haskell/xmonad-stockholm.nix
@@ -1,13 +1,13 @@
{ mkDerivation, base, containers, fetchgit, stdenv, X11, X11-xshape
, xmonad, xmonad-contrib
}:
-mkDerivation {
+mkDerivation rec {
pname = "xmonad-stockholm";
- version = "1.1.0";
+ version = "1.1.1";
src = fetchgit {
url = http://cgit.ni.krebsco.de/xmonad-stockholm;
- rev = "179d29fd4c765dee698058ef63295331ac603639";
- sha256 = "0c6mj68xsxxr4j8adkzhjszi7bg6cpisrsmqn587a16sblpbrnkj";
+ rev = "refs/tags/v${version}";
+ sha256 = "05nnfg6q35z3qgf507qa80bz32jl4k719dl5phlmchplp3769585";
};
libraryHaskellDepends = [
base containers X11 X11-xshape xmonad xmonad-contrib
diff --git a/krebs/5pkgs/simple/apt-cacher-ng/default.nix b/krebs/5pkgs/simple/apt-cacher-ng/default.nix
deleted file mode 100644
index e3986713b..000000000
--- a/krebs/5pkgs/simple/apt-cacher-ng/default.nix
+++ /dev/null
@@ -1,21 +0,0 @@
-{ stdenv, fetchurl, cmake, doxygen, zlib, openssl, bzip2, pkgconfig, libpthreadstubs }:
-
-stdenv.mkDerivation rec {
- name = "apt-cacher-ng-${version}";
- version = "2";
-
- src = fetchurl {
- url = "http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/apt-cacher-ng_${version}.orig.tar.xz";
- sha256 = "0bkc3012vinridl5ch46pwnxjalymx4wf6nxax64nm7bdkcj9azf";
- };
-
- NIX_LDFLAGS = "-lpthread";
- buildInputs = [ doxygen cmake zlib openssl bzip2 pkgconfig libpthreadstubs ];
-
- meta = {
- description = "A caching proxy specialized for linux distribution files";
- homepage = http://www.unix-ag.uni-kl.de/~bloch/acng/;
- license = stdenv.lib.licenses.gpl2;
- maintainers = [ stdenv.lib.maintainers.makefu ];
- };
-}
diff --git a/krebs/5pkgs/simple/cidr2glob.nix b/krebs/5pkgs/simple/cidr2glob.nix
new file mode 100644
index 000000000..9b0b3f86b
--- /dev/null
+++ b/krebs/5pkgs/simple/cidr2glob.nix
@@ -0,0 +1,30 @@
+{ python, writeScriptBin, ... }:
+
+let
+ pythonEnv = python.withPackages (ps: [ ps.netaddr ]);
+in
+ writeScriptBin "cidr2glob" ''
+ #! ${pythonEnv}/bin/python
+
+ import netaddr
+ import re
+ import sys
+
+ def cidr2glob(cidr):
+ net = netaddr.IPNetwork(cidr)
+
+ if net.prefixlen <= 8:
+ return map(lambda subnet: re.sub(r'\.0\.0\.0$', '.*', str(subnet.ip)), net.subnet(8))
+ elif net.prefixlen <= 16:
+ return map(lambda subnet: re.sub(r'\.0\.0$', '.*', str(subnet.ip)), net.subnet(16))
+ elif net.prefixlen <= 24:
+ return map(lambda subnet: re.sub(r'\.0$', '.*', str(subnet.ip)), net.subnet(24))
+ else:
+ return map(lambda ip: str(ip), list(net))
+
+ if __name__ == "__main__":
+ for cidr in sys.stdin:
+ for glob in cidr2glob(cidr):
+ print glob
+
+ ''
diff --git a/krebs/5pkgs/simple/internetarchive/default.nix b/krebs/5pkgs/simple/internetarchive/default.nix
new file mode 100644
index 000000000..f5e1bbff3
--- /dev/null
+++ b/krebs/5pkgs/simple/internetarchive/default.nix
@@ -0,0 +1,38 @@
+{ pkgs, fetchFromGitHub, ... }:
+with pkgs.python3Packages;
+buildPythonPackage rec {
+ pname = "internetarchive";
+ version = "1.7.3";
+ name = "${pname}-${version}";
+ propagatedBuildInputs = [
+ requests
+ jsonpatch
+ docopt
+ clint
+ six
+ schema
+ backports_csv
+ ];
+
+# check only works when cloned from git repo
+ doCheck = false;
+ checkInputs = [
+ pytest
+ responses
+ ];
+
+ prePatch = ''
+ sed -i "s/'schema.*'/'schema>=0.4.0'/" setup.py
+ '';
+
+ src = fetchPypi {
+ inherit pname version;
+ sha256 = "0x3saklabdx7qrr11h5bjfd75hfbih7pw5gvl2784zvvvrqrz45g";
+ };
+
+ meta = with stdenv.lib; {
+ description = "python library and cli for uploading files to internet archive";
+ license = licenses.agpl3;
+ };
+
+}
diff --git a/krebs/5pkgs/simple/krebszones/default.nix b/krebs/5pkgs/simple/krebszones/default.nix
index b54c95d88..32608e7fa 100644
--- a/krebs/5pkgs/simple/krebszones/default.nix
+++ b/krebs/5pkgs/simple/krebszones/default.nix
@@ -2,7 +2,7 @@
pkgs.writeDashBin "krebszones" ''
set -efu
- export OVH_ZONE_CONFIG=$HOME/.secrets/krebs/ovh-zone.conf
+ export OVH_ZONE_CONFIG=''${OVH_ZONE_CONFIG:-$HOME/.secrets/krebs/ovh-zone.conf}
case $* in
import)
set -- import /etc/zones/krebsco.de krebsco.de
diff --git a/krebs/5pkgs/simple/slog/default.nix b/krebs/5pkgs/simple/slog/default.nix
new file mode 100644
index 000000000..c74a2ad80
--- /dev/null
+++ b/krebs/5pkgs/simple/slog/default.nix
@@ -0,0 +1,26 @@
+{ pkgs, stdenv, fetchFromGitHub }:
+
+## use with:
+# . $(command -v slog.sh)
+stdenv.mkDerivation rec {
+ name = "slog-${version}";
+ version = "2017-10-27";
+
+ src = fetchFromGitHub {
+ owner = "makefu";
+ repo = "slog";
+ rev = "50367c3";
+ sha256 = "16wlh8xz430101lrxmgl2wangbbhvyj4pg8k5aibnh76sgj6x77r";
+ };
+
+ installPhase = ''
+ mkdir -p $out/bin
+ install -m755 slog.sh $out/bin
+ '';
+
+ meta = with stdenv.lib; {
+ description = "POSIX shell logging";
+ license = licenses.mit;
+ };
+
+}
diff --git a/krebs/5pkgs/simple/stockholm/default.nix b/krebs/5pkgs/simple/stockholm/default.nix
new file mode 100644
index 000000000..5705f086d
--- /dev/null
+++ b/krebs/5pkgs/simple/stockholm/default.nix
@@ -0,0 +1,291 @@
+{ pkgs }: let
+
+ stockholm-dir = ../../../..;
+
+ lib = import (stockholm-dir + "/lib");
+
+ #
+ # high level commands
+ #
+
+ cmds.deploy = pkgs.withGetopt {
+ diff = { default = /* sh */ "false"; switch = true; };
+ force-populate = { default = /* sh */ "false"; switch = true; };
+ quiet = { default = /* sh */ "false"; switch = true; };
+ source_file = {
+ default = /* sh */ "$user/1systems/$system/source.nix";
+ long = "source";
+ };
+ system = {};
+ target.default = /* sh */ "$system";
+ user.default = /* sh */ "$LOGNAME";
+ } (opts: pkgs.writeDash "stockholm.deploy" ''
+ set -efu
+
+ . ${init.env}
+ . ${init.proxy "deploy" opts}
+
+ if \test ${opts.diff.ref} = true; then
+
+ system_profile=/nix/var/nix/profiles/system
+ system_drv_cur=/etc/system.drv
+
+ system_drv_new=$(
+ ${pkgs.nix}/bin/nix-instantiate \
+ -Q \
+ -I "$target_path" \
+ -E '
+ (import <nixpkgs/nixos/lib/eval-config.nix> {
+ modules = [ <nixos-config> ];
+ }).config.system.build.toplevel
+ '
+ )
+
+ if \test -e "$system_drv_cur"; then
+
+ system_drv_cur_c=$(${pkgs.coreutils}/bin/readlink -f "$system_drv_cur")
+ system_drv_new_c=$(${pkgs.coreutils}/bin/readlink -f "$system_drv_new")
+
+ if \test "$system_drv_cur_c" = "$system_drv_new_c"; then
+ echo "$0: system up to date" >&2
+ exit 0
+ fi
+
+ system_drv_cur=$system_drv_cur_c \
+ system_drv_new=$system_drv_new_c \
+ ${pkgs.utillinux}/bin/script \
+ --command '
+ ${pkgs.haskellPackages.nix-diff}/bin/nix-diff \
+ "$system_drv_cur" "$system_drv_new"
+ ' \
+ --quiet \
+ --return \
+ /dev/null
+
+ printf 'deploy? [N/y] ' >&2
+ read -r REPLY
+ if \test "$REPLY" != y; then
+ echo "$0: abort!" >&2
+ exit 1
+ fi
+ else
+ echo "$0: --${opts.diff.long} has no effect because "$system_drv_cur" doesn't exist" >&2
+ fi
+
+ new_system=$(${pkgs.nix}/bin/nix-store --realize "$system_drv_new")
+
+ ${pkgs.nix}/bin/nix-env -p "$system_profile" --set "$new_system"
+ PATH=${lib.makeBinPath [
+ pkgs.systemd
+ ]} \
+ "$system_profile"/bin/switch-to-configuration switch
+
+ ${pkgs.coreutils}/bin/ln -fns "$system_drv_new" "$system_drv_cur"
+ exit
+ fi
+
+ # Use system's nixos-rebuild, which is not self-contained
+ export PATH=/run/current-system/sw/bin
+ exec ${utils.with-whatsupnix} \
+ nixos-rebuild switch \
+ --show-trace \
+ -I "$target_path"
+ '');
+
+ cmds.install = pkgs.withGetopt {
+ force-populate = { default = /* sh */ "false"; switch = true; };
+ quiet = { default = /* sh */ "false"; switch = true; };
+ source_file = {
+ default = /* sh */ "$user/1systems/$system/source.nix";
+ long = "source";
+ };
+ system = {};
+ target = {};
+ user.default = /* sh */ "$LOGNAME";
+ } (opts: pkgs.writeBash "stockholm.install" ''
+ set -efu
+
+ . ${init.env}
+
+ if \test "''${using_proxy-}" != true; then
+ ${pkgs.openssh}/bin/ssh \
+ -o StrictHostKeyChecking=no \
+ -o UserKnownHostsFile=/dev/null \
+ "$target_user@$target_host" -p "$target_port" \
+ env target_path=$(${pkgs.quote}/bin/quote "$target_path") \
+ sh -s prepare \
+ < ${stockholm-dir + "/krebs/4lib/infest/prepare.sh"}
+ # TODO inline prepare.sh?
+ fi
+
+ . ${init.proxy "install" opts}
+
+ # these variables get defined by nix-shell (i.e. nix-build) from
+ # XDG_RUNTIME_DIR and reference the wrong directory (/run/user/0),
+ # which only exists on / and not at /mnt.
+ export NIX_BUILD_TOP=/tmp
+ export TEMPDIR=/tmp
+ export TEMP=/tmp
+ export TMPDIR=/tmp
+ export TMP=/tmp
+ export XDG_RUNTIME_DIR=/tmp
+
+ export NIXOS_CONFIG="$target_path/nixos-config"
+
+ cd
+ exec nixos-install
+ '');
+
+ cmds.test = pkgs.withGetopt {
+ force-populate = { default = /* sh */ "false"; switch = true; };
+ quiet = { default = /* sh */ "false"; switch = true; };
+ source_file = {
+ default = /* sh */ "$user/1systems/$system/source.nix";
+ long = "source";
+ };
+ system = {};
+ target = {};
+ user.default = /* sh */ "$LOGNAME";
+ } (opts: pkgs.writeDash "stockholm.test" /* sh */ ''
+ set -efu
+
+ export dummy_secrets=true
+
+ . ${init.env}
+ . ${init.proxy "test" opts}
+
+ exec ${utils.build} config.system.build.toplevel
+ '');
+
+ #
+ # low level commands
+ #
+
+ # usage: get-source SOURCE_FILE
+ cmds.get-source = pkgs.writeDash "stockholm.get-source" ''
+ set -efu
+ exec ${pkgs.nix}/bin/nix-instantiate \
+ --eval \
+ --json \
+ --readonly-mode \
+ --show-trace \
+ --strict \
+ "$1"
+ '';
+
+ # usage: parse-target [--default=TARGET] TARGET
+ # TARGET = [USER@]HOST[:PORT][/PATH]
+ cmds.parse-target = pkgs.withGetopt {
+ default_target = {
+ long = "default";
+ short = "d";
+ };
+ } (opts: pkgs.writeDash "stockholm.parse-target" ''
+ set -efu
+ target=$1; shift
+ for arg; do echo "$0: bad argument: $arg" >&2; done
+ if \test $# != 0; then exit 2; fi
+ exec ${pkgs.jq}/bin/jq \
+ -enr \
+ --arg default_target "$default_target" \
+ --arg target "$target" \
+ -f ${pkgs.writeText "stockholm.parse-target.jq" ''
+ def parse: match("^(?:([^@]+)@)?([^:/]+)?(?::([0-9]+))?(/.*)?$") | {
+ user: .captures[0].string,
+ host: .captures[1].string,
+ port: .captures[2].string,
+ path: .captures[3].string,
+ };
+ def sanitize: with_entries(select(.value != null));
+ ($default_target | parse) + ($target | parse | sanitize) |
+ . + { local: (.user == env.LOGNAME and .host == env.HOSTNAME) }
+ ''}
+ '');
+
+ init.env = pkgs.writeText "init.env" /* sh */ ''
+
+ export HOSTNAME="$(${pkgs.nettools}/bin/hostname)"
+ export STOCKHOLM_VERSION="''${STOCKHOLM_VERSION-$(${shell.get-version})}"
+
+ export quiet
+ export system
+ export target
+ export user
+
+ default_target=root@$system:22/var/src
+
+ export target_object="$(
+ ${cmds.parse-target} "$target" -d "$default_target"
+ )"
+ export target_user="$(echo $target_object | ${pkgs.jq}/bin/jq -r .user)"
+ export target_host="$(echo $target_object | ${pkgs.jq}/bin/jq -r .host)"
+ export target_port="$(echo $target_object | ${pkgs.jq}/bin/jq -r .port)"
+ export target_path="$(echo $target_object | ${pkgs.jq}/bin/jq -r .path)"
+ export target_local="$(echo $target_object | ${pkgs.jq}/bin/jq -r .local)"
+ '';
+
+ init.proxy = command: opts: pkgs.writeText "init.proxy" /* sh */ ''
+ if \test "''${using_proxy-}" != true; then
+
+ source=$(${cmds.get-source} "$source_file")
+ qualified_target=$target_user@$target_host:$target_port$target_path
+ if \test "$force_populate" = true; then
+ echo "$source" | ${pkgs.populate}/bin/populate --force "$qualified_target"
+ else
+ echo "$source" | ${pkgs.populate}/bin/populate "$qualified_target"
+ fi
+
+ if \test "$target_local" != true; then
+ exec ${pkgs.openssh}/bin/ssh \
+ "$target_user@$target_host" -p "$target_port" \
+ cd "$target_path/stockholm" \; \
+ NIX_PATH=$(${pkgs.quote}/bin/quote "$target_path") \
+ STOCKHOLM_VERSION=$(${pkgs.quote}/bin/quote "$STOCKHOLM_VERSION") \
+ nix-shell --run "$(${pkgs.quote}/bin/quote "
+ ${lib.concatStringsSep " " (lib.mapAttrsToList
+ (name: opt: /* sh */
+ "${opt.varname}=\$(${pkgs.quote}/bin/quote ${opt.ref})")
+ opts
+ )} \
+ using_proxy=true \
+ ${lib.shell.escape command} \
+ $WITHGETOPT_ORIG_ARGS \
+ ")"
+ fi
+ fi
+ '';
+
+ utils.build = pkgs.writeDash "utils.build" ''
+ set -efu
+ ${utils.with-whatsupnix} \
+ ${pkgs.nix}/bin/nix-build \
+ --no-out-link \
+ --show-trace \
+ -E "with import <stockholm>; $1" \
+ -I "$target_path" \
+ '';
+
+ utils.with-whatsupnix = pkgs.writeDash "utils.with-whatsupnix" ''
+ set -efu
+ if \test "$quiet" = true; then
+ "$@" -Q 2>&1 | ${pkgs.whatsupnix}/bin/whatsupnix
+ else
+ exec "$@"
+ fi
+ '';
+
+ shell.get-version = pkgs.writeDash "stockholm.get-version" ''
+ set -efu
+ version=git.$(${pkgs.git}/bin/git describe --always --dirty)
+ case $version in (*-dirty)
+ version=$version@$HOSTNAME
+ esac
+ date=$(${pkgs.coreutils}/bin/date +%y.%m)
+ echo "$date.$version"
+ '';
+
+in
+
+ pkgs.writeOut "stockholm" (lib.mapAttrs' (name: link:
+ lib.nameValuePair "/bin/${name}" { inherit link; }
+ ) cmds)
diff --git a/krebs/5pkgs/simple/urlwatch/default.nix b/krebs/5pkgs/simple/urlwatch/default.nix
index adaefbc4d..ebf872568 100644
--- a/krebs/5pkgs/simple/urlwatch/default.nix
+++ b/krebs/5pkgs/simple/urlwatch/default.nix
@@ -1,14 +1,18 @@
-{ stdenv, fetchurl, python3Packages }:
+{ stdenv, fetchFromGitHub, python3Packages }:
-python3Packages.buildPythonPackage rec {
- name = "urlwatch-${meta.version}";
+python3Packages.buildPythonApplication rec {
+ name = "urlwatch-${version}";
+ version = "2.7";
- src = fetchurl {
- url = "https://github.com/thp/urlwatch/archive/${meta.version}.tar.gz";
- sha256 = "09bn31gn03swi7yr3s1ql8x07hx96gap1ka77kk44kk0lvfxn55b";
+ src = fetchFromGitHub {
+ owner = "thp";
+ repo = "urlwatch";
+ rev = version;
+ sha256 = "0fx964z73yv08b1lpymmjsigf6929zx9ax5bp34rcf2c5gk11l5m";
};
propagatedBuildInputs = with python3Packages; [
+ appdirs
keyring
minidb
pycodestyle
@@ -16,11 +20,10 @@ python3Packages.buildPythonPackage rec {
requests
];
- meta = {
+ meta = with stdenv.lib; {
description = "A tool for monitoring webpages for updates";
homepage = https://thp.io/2008/urlwatch/;
- license = stdenv.lib.licenses.bsd3;
- maintainers = [ stdenv.lib.maintainers.tv ];
- version = "2.6";
+ license = licenses.bsd3;
+ maintainers = with maintainers; [ tv ];
};
}
diff --git a/krebs/5pkgs/simple/withGetopt.nix b/krebs/5pkgs/simple/withGetopt.nix
index 179051bdf..d20802fb2 100644
--- a/krebs/5pkgs/simple/withGetopt.nix
+++ b/krebs/5pkgs/simple/withGetopt.nix
@@ -20,7 +20,7 @@ opt-spec: cmd-spec: let
# true if b requires a to define its default value
opts-before = a: b:
- test ".*[$]${stringAsChars (c: "[${c}]") a.varname}\\>.*" (b.default or "");
+ test ".*[$]${stringAsChars (c: "[${c}]") a.varname}([^0-9A-Za-z_].*)?" (b.default or "");
opts-list = let
sort-out = toposort opts-before (attrValues opts);