summaryrefslogtreecommitdiffstats
path: root/krebs
diff options
context:
space:
mode:
Diffstat (limited to 'krebs')
-rw-r--r--krebs/5pkgs/simple/font-size.nix26
-rw-r--r--krebs/5pkgs/simple/pass-otp/default.nix30
-rw-r--r--krebs/5pkgs/simple/pass/default.nix121
-rw-r--r--krebs/5pkgs/simple/pass/no-darwin-getopt.patch9
-rw-r--r--krebs/5pkgs/simple/pass/rofi-pass.nix57
-rw-r--r--krebs/5pkgs/simple/pass/set-correct-program-name-for-sleep.patch69
-rw-r--r--krebs/5pkgs/simple/pssh/default.nix36
-rw-r--r--krebs/5pkgs/simple/ucspi-tcp/chmod.patch15
-rw-r--r--krebs/5pkgs/simple/ucspi-tcp/default.nix86
-rw-r--r--krebs/5pkgs/simple/urlwatch/default.nix29
10 files changed, 312 insertions, 166 deletions
diff --git a/krebs/5pkgs/simple/font-size.nix b/krebs/5pkgs/simple/font-size.nix
new file mode 100644
index 000000000..21097ed6a
--- /dev/null
+++ b/krebs/5pkgs/simple/font-size.nix
@@ -0,0 +1,26 @@
+{ writeDashBin }:
+writeDashBin "font-size" ''
+ set -efu
+
+ # set_font NORMAL_FONT BOLD_FONT
+ set_font() {
+ printf '\033]710;%s\007' "$1"
+ printf '\033]711;%s\007' "$2"
+ }
+
+ case ''${1-} in
+ '''|0|--reset)
+ set_font \
+ -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1 \
+ -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1 \
+ ;;
+ [1-9]|[1-9][0-9]|[1-9][0-9][0-9])
+ set_font \
+ xft:Monospace:size=$1 \
+ xft:Monospace:size=$1:bold \
+ ;;
+ *)
+ echo "$0: bad argument: $1" >&2
+ exit 1
+ esac
+''
diff --git a/krebs/5pkgs/simple/pass-otp/default.nix b/krebs/5pkgs/simple/pass-otp/default.nix
new file mode 100644
index 000000000..33411180a
--- /dev/null
+++ b/krebs/5pkgs/simple/pass-otp/default.nix
@@ -0,0 +1,30 @@
+{ stdenv, fetchFromGitHub, oathToolkit }:
+stdenv.mkDerivation rec {
+ name = "pass-otp-${version}";
+ version = "1.1.0";
+
+ src = fetchFromGitHub {
+ owner = "tadfisher";
+ repo = "pass-otp";
+ rev = "v${version}";
+ sha256 = "1cgj4zc8fq88n3h6c0vkv9i5al785mdprpgpbv5m22dz9p1wqvbb";
+ };
+
+ buildInputs = [ oathToolkit ];
+
+ patchPhase = ''
+ sed -i -e 's|OATH=\$(which oathtool)|OATH=${oathToolkit}/bin/oathtool|' otp.bash
+ '';
+
+ installPhase = ''
+ make PREFIX=$out install
+ '';
+
+ meta = with stdenv.lib; {
+ description = "A pass extension for managing one-time-password (OTP) tokens";
+ homepage = https://github.com/tadfisher/pass-otp;
+ license = licenses.gpl3;
+ maintainers = with maintainers; [ jwiegley tadfisher ];
+ platforms = platforms.unix;
+ };
+}
diff --git a/krebs/5pkgs/simple/pass/default.nix b/krebs/5pkgs/simple/pass/default.nix
new file mode 100644
index 000000000..3b6928087
--- /dev/null
+++ b/krebs/5pkgs/simple/pass/default.nix
@@ -0,0 +1,121 @@
+{ stdenv, lib, fetchurl, fetchFromGitHub
+, coreutils, gnused, getopt, git, tree, gnupg, which, procps, qrencode
+, makeWrapper
+
+, pass-otp
+
+, xclip ? null, xdotool ? null, dmenu ? null
+, x11Support ? !stdenv.isDarwin
+, tombPluginSupport ? false, tomb
+}:
+
+with lib;
+
+assert x11Support -> xclip != null
+ && xdotool != null
+ && dmenu != null;
+
+let
+ plugins = map (p: (fetchFromGitHub {
+ owner = "roddhjav";
+ repo = "pass-${p.name}";
+ inherit (p) rev sha256;
+ }))
+ ([
+ { name = "import";
+ rev = "491935bd275f29ceac2b876b3a288011d1ce31e7";
+ sha256 = "02mbh05ab8h7kc30hz718d1d1vkjz43b96c7p0xnd92610d2q66q"; }
+ { name = "update";
+ rev = "cf576c9036fd18efb9ed29e0e9f811207b556fde";
+ sha256 = "1hhbrg6a2walrvla6q4cd3pgrqbcrf9brzjkb748735shxfn52hd"; }
+ ] ++ stdenv.lib.optional tombPluginSupport {
+ name = "tomb";
+ rev = "3368134898a42c1b758fabac625ec240e125c6be";
+ sha256 = "0qqmxfg4w3r088qhlkhs44036mya82vjflsjjhw2hk8y0wd2i6ds"; }
+ );
+
+in stdenv.mkDerivation rec {
+ version = "1.7.1";
+ name = "pass-${version}";
+
+ src = fetchurl {
+ url = "http://git.zx2c4.com/password-store/snapshot/${name}.tar.xz";
+ sha256 = "0scqkpll2q8jhzcgcsh9kqz0gwdpvynivqjmmbzax2irjfaiklpn";
+ };
+
+ patches = [ ./set-correct-program-name-for-sleep.patch
+ ] ++ stdenv.lib.optional stdenv.isDarwin ./no-darwin-getopt.patch;
+
+ nativeBuildInputs = [ makeWrapper ];
+
+ installFlags = [ "PREFIX=$(out)" "WITH_ALLCOMP=yes" ];
+
+ postInstall = ''
+ # plugins
+ ${stdenv.lib.concatStringsSep "\n" (map (plugin: ''
+ pushd ${plugin}
+ PREFIX=$out make install
+ popd
+ '') plugins)}
+
+ ln -s \
+ ${pass-otp}/lib/password-store/extensions/otp.bash \
+ $out/lib/password-store/extensions/
+
+ ln -s \
+ ${pass-otp}/share/man/man1/pass-otp.1.gz \
+ $out/share/man/man1/
+
+ # Install Emacs Mode. NOTE: We can't install the necessary
+ # dependencies (s.el and f.el) here. The user has to do this
+ # himself.
+ mkdir -p "$out/share/emacs/site-lisp"
+ cp "contrib/emacs/password-store.el" "$out/share/emacs/site-lisp/"
+ '' + optionalString x11Support ''
+ cp "contrib/dmenu/passmenu" "$out/bin/"
+ '';
+
+ wrapperPath = with stdenv.lib; makeBinPath ([
+ coreutils
+ getopt
+ git
+ gnupg
+ gnused
+ tree
+ which
+ qrencode
+ ] ++ optional tombPluginSupport tomb
+ ++ optional stdenv.isLinux procps
+ ++ ifEnable x11Support [ dmenu xclip xdotool ]);
+
+ postFixup = ''
+ # Fix program name in --help
+ substituteInPlace $out/bin/pass \
+ --replace 'PROGRAM="''${0##*/}"' "PROGRAM=pass"
+
+ # Ensure all dependencies are in PATH
+ wrapProgram $out/bin/pass \
+ --prefix PATH : "${wrapperPath}"
+ '' + stdenv.lib.optionalString x11Support ''
+ # We just wrap passmenu with the same PATH as pass. It doesn't
+ # need all the tools in there but it doesn't hurt either.
+ wrapProgram $out/bin/passmenu \
+ --prefix PATH : "$out/bin:${wrapperPath}"
+ '';
+
+ meta = with stdenv.lib; {
+ description = "Stores, retrieves, generates, and synchronizes passwords securely";
+ homepage = https://www.passwordstore.org/;
+ license = licenses.gpl2Plus;
+ maintainers = with maintainers; [ lovek323 the-kenny fpletz ];
+ platforms = platforms.unix;
+
+ longDescription = ''
+ pass is a very simple password store that keeps passwords inside gpg2
+ encrypted files inside a simple directory tree residing at
+ ~/.password-store. The pass utility provides a series of commands for
+ manipulating the password store, allowing the user to add, remove, edit,
+ synchronize, generate, and manipulate passwords.
+ '';
+ };
+}
diff --git a/krebs/5pkgs/simple/pass/no-darwin-getopt.patch b/krebs/5pkgs/simple/pass/no-darwin-getopt.patch
new file mode 100644
index 000000000..e8f7e138f
--- /dev/null
+++ b/krebs/5pkgs/simple/pass/no-darwin-getopt.patch
@@ -0,0 +1,9 @@
+diff -Naur password-store-1.6.5-orig/src/platform/darwin.sh password-store-1.6.5/src/platform/darwin.sh
+--- password-store-1.6.5-orig/src/platform/darwin.sh 2015-01-28 16:43:02.000000000 +0000
++++ password-store-1.6.5/src/platform/darwin.sh 2015-02-15 16:09:02.000000000 +0000
+@@ -31,5 +31,4 @@
+ mount -t hfs -o noatime -o nobrowse "$DARWIN_RAMDISK_DEV" "$SECURE_TMPDIR" || die "Error: could not mount filesystem on ramdisk."
+ }
+
+-GETOPT="$(brew --prefix gnu-getopt 2>/dev/null || { which port &>/dev/null && echo /opt/local; } || echo /usr/local)/bin/getopt"
+ SHRED="srm -f -z"
diff --git a/krebs/5pkgs/simple/pass/rofi-pass.nix b/krebs/5pkgs/simple/pass/rofi-pass.nix
new file mode 100644
index 000000000..61f51973e
--- /dev/null
+++ b/krebs/5pkgs/simple/pass/rofi-pass.nix
@@ -0,0 +1,57 @@
+{ stdenv, fetchFromGitHub, pass, rofi, coreutils, utillinux, xdotool, gnugrep
+, libnotify, pwgen, findutils, gawk, gnused, xclip, makeWrapper
+}:
+
+stdenv.mkDerivation rec {
+ name = "rofi-pass-${version}";
+ version = "1.5.3";
+
+ src = fetchFromGitHub {
+ owner = "carnager";
+ repo = "rofi-pass";
+ rev = version;
+ sha256 = "1fn1j2rf3abc5qb44zfc8z8ffw6rva4xfp7597hwr1g3szacazpq";
+ };
+
+ buildInputs = [ makeWrapper ];
+
+ dontBuild = true;
+
+ installPhase = ''
+ mkdir -p $out/bin
+ cp -a rofi-pass $out/bin/rofi-pass
+
+ mkdir -p $out/share/doc/rofi-pass/
+ cp -a config.example $out/share/doc/rofi-pass/config.example
+ '';
+
+ wrapperPath = with stdenv.lib; makeBinPath [
+ coreutils
+ findutils
+ gawk
+ gnugrep
+ gnused
+ libnotify
+ pass
+ pwgen
+ rofi
+ utillinux
+ xclip
+ xdotool
+ ];
+
+ fixupPhase = ''
+ patchShebangs $out/bin
+
+ wrapProgram $out/bin/rofi-pass \
+ --prefix PATH : "${wrapperPath}"
+ '';
+
+ meta = {
+ description = "A script to make rofi work with password-store";
+ homepage = https://github.com/carnager/rofi-pass;
+ maintainers = with stdenv.lib.maintainers; [ the-kenny garbas ];
+ license = stdenv.lib.licenses.gpl3;
+ platforms = with stdenv.lib.platforms; linux;
+ };
+}
diff --git a/krebs/5pkgs/simple/pass/set-correct-program-name-for-sleep.patch b/krebs/5pkgs/simple/pass/set-correct-program-name-for-sleep.patch
new file mode 100644
index 000000000..782e06e20
--- /dev/null
+++ b/krebs/5pkgs/simple/pass/set-correct-program-name-for-sleep.patch
@@ -0,0 +1,69 @@
+From 25b44e00ed5df8ffe2782d38ad5cd9f514379599 Mon Sep 17 00:00:00 2001
+From: "Andrew R. M" <andrewmiller237@gmail.com>
+Date: Sat, 8 Apr 2017 13:50:01 -0400
+Subject: [PATCH] Patch the clip() function to work even when using
+ single-binary coreutils
+
+---
+ src/password-store.sh | 4 ++--
+ src/platform/cygwin.sh | 4 ++--
+ src/platform/darwin.sh | 4 ++--
+ 3 files changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/src/password-store.sh b/src/password-store.sh
+index 6a4172d..4dbd6b8 100755
+--- a/src/password-store.sh
++++ b/src/password-store.sh
+@@ -155,11 +155,11 @@ clip() {
+ # variable. Specifically, it cannot store nulls nor (non-trivally) store
+ # trailing new lines.
+ local sleep_argv0="password store sleep on display $DISPLAY"
+- pkill -f "^$sleep_argv0" 2>/dev/null && sleep 0.5
++ pkill -P $(pgrep -f "^$sleep_argv0") 2>/dev/null && sleep 0.5
+ local before="$(xclip -o -selection "$X_SELECTION" 2>/dev/null | base64)"
+ echo -n "$1" | xclip -selection "$X_SELECTION" || die "Error: Could not copy data to the clipboard"
+ (
+- ( exec -a "$sleep_argv0" bash <<<"trap 'kill %1' TERM; sleep '$CLIP_TIME' & wait" )
++ ( exec -a "$sleep_argv0" bash <(echo trap 'kill %1' TERM\; sleep "$CLIP_TIME & wait") )
+ local now="$(xclip -o -selection "$X_SELECTION" | base64)"
+ [[ $now != $(echo -n "$1" | base64) ]] && before="$now"
+
+diff --git a/src/platform/cygwin.sh b/src/platform/cygwin.sh
+index 6e5dd86..f3574c4 100644
+--- a/src/platform/cygwin.sh
++++ b/src/platform/cygwin.sh
+@@ -3,11 +3,11 @@
+
+ clip() {
+ local sleep_argv0="password store sleep on display $DISPLAY"
+- pkill -f "^$sleep_argv0" 2>/dev/null && sleep 0.5
++ pkill -P $(pgrep -f "^$sleep_argv0") 2>/dev/null && sleep 0.5
+ local before="$(base64 < /dev/clipboard)"
+ echo -n "$1" > /dev/clipboard
+ (
+- ( exec -a "$sleep_argv0" sleep "$CLIP_TIME" )
++ ( exec -a "$sleep_argv0" bash <(echo sleep "$CLIP_TIME") )
+ local now="$(base64 < /dev/clipboard)"
+ [[ $now != $(echo -n "$1" | base64) ]] && before="$now"
+ echo "$before" | base64 -d > /dev/clipboard
+diff --git a/src/platform/darwin.sh b/src/platform/darwin.sh
+index 86eb325..deb04c4 100644
+--- a/src/platform/darwin.sh
++++ b/src/platform/darwin.sh
+@@ -3,11 +3,11 @@
+
+ clip() {
+ local sleep_argv0="password store sleep for user $(id -u)"
+- pkill -f "^$sleep_argv0" 2>/dev/null && sleep 0.5
++ pkill -P $(pgrep -f "^$sleep_argv0") 2>/dev/null && sleep 0.5
+ local before="$(pbpaste | openssl base64)"
+ echo -n "$1" | pbcopy
+ (
+- ( exec -a "$sleep_argv0" sleep "$CLIP_TIME" )
++ ( exec -a "$sleep_argv0" bash <(echo sleep "$CLIP_TIME") )
+ local now="$(pbpaste | openssl base64)"
+ [[ $now != $(echo -n "$1" | openssl base64) ]] && before="$now"
+ echo "$before" | openssl base64 -d | pbcopy
+--
+2.12.2
+
diff --git a/krebs/5pkgs/simple/pssh/default.nix b/krebs/5pkgs/simple/pssh/default.nix
deleted file mode 100644
index 2676af0cf..000000000
--- a/krebs/5pkgs/simple/pssh/default.nix
+++ /dev/null
@@ -1,36 +0,0 @@
-{ writeDashBin }:
-
-writeDashBin "pssh" ''
- set -efu
- case ''${1-} in
-
- # TODO create plog with -o json | jq ... | map date
-
- # usage: pssh {-j,--journal} host...
- # Follow journal at each host.
- -j|--journal)
- shift
- "$0" journalctl -n0 -ocat --follow --all ::: "$@" \
- | while read line; do
- printf '%s %s\n' "$(date --rfc-3339=s)" "$line"
- done
- ;;
-
- -*)
- echo $0: unknown option: $1 >&2
- exit 1
- ;;
-
- # usage: pssh command [arg...] ::: host...
- # Run command at each host.
- *)
- exec parallel \
- --line-buffer \
- -j0 \
- --no-notice \
- --tagstring {} \
- ssh -T {} "$@"
- ;;
-
- esac
-''
diff --git a/krebs/5pkgs/simple/ucspi-tcp/chmod.patch b/krebs/5pkgs/simple/ucspi-tcp/chmod.patch
deleted file mode 100644
index dd6933208..000000000
--- a/krebs/5pkgs/simple/ucspi-tcp/chmod.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-diff --git a/hier.c b/hier.c
-index 5663ada..1d73b84 100644
---- a/hier.c
-+++ b/hier.c
-@@ -2,8 +2,8 @@
-
- void hier()
- {
-- h(auto_home,-1,-1,02755);
-- d(auto_home,"bin",-1,-1,02755);
-+ h(auto_home,-1,-1,0755);
-+ d(auto_home,"bin",-1,-1,0755);
-
- c(auto_home,"bin","tcpserver",-1,-1,0755);
- c(auto_home,"bin","tcprules",-1,-1,0755);
diff --git a/krebs/5pkgs/simple/ucspi-tcp/default.nix b/krebs/5pkgs/simple/ucspi-tcp/default.nix
deleted file mode 100644
index 3b043be06..000000000
--- a/krebs/5pkgs/simple/ucspi-tcp/default.nix
+++ /dev/null
@@ -1,86 +0,0 @@
-{ stdenv, fetchurl }:
-
-stdenv.mkDerivation rec {
- name = "ucspi-tcp-0.88";
-
- src = fetchurl {
- url = "http://cr.yp.to/ucspi-tcp/${name}.tar.gz";
- sha256 = "171yl9kfm8w7l17dfxild99mbf877a9k5zg8yysgb1j8nz51a1ja";
- };
-
- # Plain upstream tarball doesn't build, get patches from Debian
- patches = [
- (fetchurl {
- url = "http://ftp.de.debian.org/debian/pool/main/u/ucspi-tcp/ucspi-tcp_0.88-3.diff.gz";
- sha256 = "0mzmhz8hjkrs0khmkzs5i0s1kgmgaqz07h493bd5jj5fm5njxln6";
- })
- ./chmod.patch
- ];
-
- # Apply Debian patches
- postPatch = ''
- for fname in debian/diff/*.diff; do
- echo "Applying patch $fname"
- patch < "$fname"
- done
- '';
-
- # The build system is weird; 'make install' doesn't install anything, instead
- # it builds an executable called ./install (from C code) which installs
- # binaries to the directory given on line 1 in ./conf-home.
- #
- # Also, assume getgroups and setgroups work, instead of doing a build time
- # test that breaks on NixOS (I think because nixbld users lack CAP_SETGID
- # capability).
- preBuild = ''
- echo "$out" > conf-home
-
- echo "main() { return 0; }" > chkshsgr.c
- '';
-
- installPhase = ''
- mkdir -p "$out/bin"
- mkdir -p "$out/share/man/man1"
-
- # run the newly built installer
- ./install
-
- # Install Debian man pages (upstream has none)
- cp debian/ucspi-tcp-man/*.1 "$out/share/man/man1"
- '';
-
- meta = with stdenv.lib; {
- description = "Command-line tools for building TCP client-server applications";
- longDescription = ''
- tcpserver waits for incoming connections and, for each connection, runs a
- program of your choice. Your program receives environment variables
- showing the local and remote host names, IP addresses, and port numbers.
-
- tcpserver offers a concurrency limit to protect you from running out of
- processes and memory. When you are handling 40 (by default) simultaneous
- connections, tcpserver smoothly defers acceptance of new connections.
-
- tcpserver also provides TCP access control features, similar to
- tcp-wrappers/tcpd's hosts.allow but much faster. Its access control rules
- are compiled into a hashed format with cdb, so it can easily deal with
- thousands of different hosts.
-
- This package includes a recordio tool that monitors all the input and
- output of a server.
-
- tcpclient makes a TCP connection and runs a program of your choice. It
- sets up the same environment variables as tcpserver.
-
- This package includes several sample clients built on top of tcpclient:
- who@, date@, finger@, http@, tcpcat, and mconnect.
-
- tcpserver and tcpclient conform to UCSPI, the UNIX Client-Server Program
- Interface, using the TCP protocol. UCSPI tools are available for several
- different networks.
- '';
- homepage = http://cr.yp.to/ucspi-tcp.html;
- license = licenses.publicDomain;
- platforms = platforms.linux;
- maintainers = [ maintainers.bjornfor ];
- };
-}
diff --git a/krebs/5pkgs/simple/urlwatch/default.nix b/krebs/5pkgs/simple/urlwatch/default.nix
deleted file mode 100644
index 64f3ad1ac..000000000
--- a/krebs/5pkgs/simple/urlwatch/default.nix
+++ /dev/null
@@ -1,29 +0,0 @@
-{ stdenv, fetchFromGitHub, python3Packages }:
-
-python3Packages.buildPythonApplication rec {
- name = "urlwatch-${version}";
- version = "2.8";
-
- src = fetchFromGitHub {
- owner = "thp";
- repo = "urlwatch";
- rev = version;
- sha256 = "1nja7n6pc45azd3l1xyvav89855lvcgwabrvf34rps81dbl8cnl4";
- };
-
- propagatedBuildInputs = with python3Packages; [
- appdirs
- keyring
- minidb
- pycodestyle
- pyyaml
- requests
- ];
-
- meta = with stdenv.lib; {
- description = "A tool for monitoring webpages for updates";
- homepage = https://thp.io/2008/urlwatch/;
- license = licenses.bsd3;
- maintainers = with maintainers; [ tv ];
- };
-}