summaryrefslogtreecommitdiffstats
path: root/krebs
diff options
context:
space:
mode:
Diffstat (limited to 'krebs')
-rw-r--r--krebs/1systems/hotdog/config.nix11
-rw-r--r--krebs/1systems/ponte/config.nix12
-rw-r--r--krebs/1systems/puyak/config.nix9
-rw-r--r--krebs/2configs/buildbot-stockholm.nix2
-rw-r--r--krebs/2configs/exim-smarthost.nix1
-rw-r--r--krebs/2configs/hw/x220.nix4
-rw-r--r--krebs/2configs/mastodon.nix28
-rw-r--r--krebs/2configs/nameserver.nix14
-rw-r--r--krebs/2configs/reaktor2.nix14
-rw-r--r--krebs/2configs/repo-sync.nix7
-rw-r--r--krebs/2configs/shack/share.nix28
-rw-r--r--krebs/2configs/shack/ssh-keys.nix1
-rw-r--r--krebs/2configs/shack/worlddomination.nix51
-rw-r--r--krebs/3modules/airdcpp.nix2
-rw-r--r--krebs/3modules/announce-activation.nix2
-rw-r--r--krebs/3modules/backup.nix2
-rw-r--r--krebs/3modules/brockman.nix5
-rw-r--r--krebs/3modules/build.nix2
-rw-r--r--krebs/3modules/ci/default.nix4
-rw-r--r--krebs/3modules/dns.nix2
-rw-r--r--krebs/3modules/exim-retiolum.nix2
-rw-r--r--krebs/3modules/exim-smarthost.nix2
-rw-r--r--krebs/3modules/exim.nix2
-rw-r--r--krebs/3modules/git.nix2
-rw-r--r--krebs/3modules/github/known-hosts.nix1
-rw-r--r--krebs/3modules/hosts.nix3
-rw-r--r--krebs/3modules/htgen.nix2
-rw-r--r--krebs/3modules/iana-etc.nix2
-rw-r--r--krebs/3modules/iptables.nix8
-rw-r--r--krebs/3modules/konsens.nix2
-rw-r--r--krebs/3modules/on-failure.nix2
-rw-r--r--krebs/3modules/per-user.nix7
-rw-r--r--krebs/3modules/permown.nix8
-rw-r--r--krebs/3modules/reaktor2.nix8
-rw-r--r--krebs/3modules/realwallpaper.nix2
-rw-r--r--krebs/3modules/repo-sync.nix3
-rw-r--r--krebs/3modules/secret.nix4
-rw-r--r--krebs/3modules/setuid.nix9
-rw-r--r--krebs/3modules/ssh.nix38
-rw-r--r--krebs/3modules/ssl.nix2
-rw-r--r--krebs/3modules/sync-containers3.nix6
-rw-r--r--krebs/3modules/systemd.nix2
-rw-r--r--krebs/3modules/tinc.nix22
-rw-r--r--krebs/3modules/tinc_graphs.nix2
-rw-r--r--krebs/3modules/urlwatch.nix3
-rw-r--r--krebs/3modules/users.nix2
-rw-r--r--krebs/3modules/zones.nix3
-rw-r--r--krebs/5pkgs/default.nix5
-rw-r--r--krebs/5pkgs/haskell/X11-aeson.nix13
-rw-r--r--krebs/5pkgs/haskell/blessings.nix28
-rw-r--r--krebs/5pkgs/haskell/blessings/default.nix16
-rw-r--r--krebs/5pkgs/haskell/email-header.nix46
-rw-r--r--krebs/5pkgs/haskell/kirk.nix22
-rw-r--r--krebs/5pkgs/haskell/mailaids.nix21
-rw-r--r--krebs/5pkgs/haskell/nix-serve-ng.nix30
-rw-r--r--krebs/5pkgs/haskell/purebred-email/default.nix30
-rw-r--r--krebs/5pkgs/haskell/purebred-email/untweak-mime-version-header.patch65
-rw-r--r--krebs/5pkgs/haskell/reaktor2/default.nix32
-rw-r--r--krebs/5pkgs/haskell/scanner.nix13
-rw-r--r--krebs/5pkgs/haskell/xmonad-aeson.nix13
-rw-r--r--krebs/5pkgs/haskell/xmonad-stockholm.nix18
-rw-r--r--krebs/5pkgs/simple/K_belwagen.nix38
-rw-r--r--krebs/5pkgs/simple/TabFS/src.json2
-rw-r--r--krebs/5pkgs/simple/airdcpp-webclient/default.nix2
-rw-r--r--krebs/5pkgs/simple/bepasty-client-cli/default.nix23
-rw-r--r--krebs/5pkgs/simple/bling/default.nix5
-rw-r--r--krebs/5pkgs/simple/brain/default.nix35
-rw-r--r--krebs/5pkgs/simple/buildbot-classic-slave/default.nix18
-rw-r--r--krebs/5pkgs/simple/cac-panel/default.nix18
-rw-r--r--krebs/5pkgs/simple/certaids.nix109
-rw-r--r--krebs/5pkgs/simple/cgit-clear-cache.nix6
-rw-r--r--krebs/5pkgs/simple/collectd-connect-time/default.nix6
-rw-r--r--krebs/5pkgs/simple/cunicu.nix2
-rw-r--r--krebs/5pkgs/simple/default.nix13
-rw-r--r--krebs/5pkgs/simple/dic/default.nix39
-rw-r--r--krebs/5pkgs/simple/drivedroid-gen-repo/default.nix22
-rw-r--r--krebs/5pkgs/simple/ecrypt/default.nix111
-rw-r--r--krebs/5pkgs/simple/eximlog.nix28
-rw-r--r--krebs/5pkgs/simple/font-size.nix1
-rw-r--r--krebs/5pkgs/simple/fortclientsslvpn/default.nix14
-rw-r--r--krebs/5pkgs/simple/ftb/default.nix6
-rw-r--r--krebs/5pkgs/simple/games-user-env/default.nix34
-rw-r--r--krebs/5pkgs/simple/generate-secrets/default.nix49
-rw-r--r--krebs/5pkgs/simple/git-hooks/default.nix7
-rw-r--r--krebs/5pkgs/simple/gitignore.nix46
-rw-r--r--krebs/5pkgs/simple/gnokii/default.nix4
-rw-r--r--krebs/5pkgs/simple/goify/default.nix4
-rw-r--r--krebs/5pkgs/simple/hashPassword/default.nix15
-rw-r--r--krebs/5pkgs/simple/htgen-imgur/src/htgen-imgur36
-rw-r--r--krebs/5pkgs/simple/htgen/default.nix2
-rw-r--r--krebs/5pkgs/simple/internetarchive/default.nix39
-rw-r--r--krebs/5pkgs/simple/irc-announce/default.nix4
-rw-r--r--krebs/5pkgs/simple/krebspaste/default.nix12
-rw-r--r--krebs/5pkgs/simple/logf/default.nix112
-rw-r--r--krebs/5pkgs/simple/netcup/default.nix33
-rw-r--r--krebs/5pkgs/simple/nixos-format-error.nix107
-rw-r--r--krebs/5pkgs/simple/ovh-zone/default.nix6
-rw-r--r--krebs/5pkgs/simple/python-dnsstamps.nix2
-rw-r--r--krebs/5pkgs/simple/qrscan.nix7
-rw-r--r--krebs/5pkgs/simple/reaktor2-plugins/default.nix (renamed from krebs/5pkgs/simple/reaktor2-plugins.nix)10
-rwxr-xr-xkrebs/5pkgs/simple/reaktor2-plugins/scripts/random-emoji.sh (renamed from krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh)0
-rwxr-xr-xkrebs/5pkgs/simple/reaktor2-plugins/scripts/random-issue.sh (renamed from krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh)0
-rwxr-xr-xkrebs/5pkgs/simple/reaktor2-plugins/scripts/sed-plugin.py (renamed from krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py)0
-rwxr-xr-xkrebs/5pkgs/simple/reaktor2-plugins/scripts/shack-correct.sh (renamed from krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh)0
-rwxr-xr-xkrebs/5pkgs/simple/reaktor2-plugins/scripts/tell-on_join.sh (renamed from krebs/5pkgs/simple/Reaktor/scripts/tell-on_join.sh)0
-rwxr-xr-xkrebs/5pkgs/simple/reaktor2-plugins/scripts/tell-on_privmsg.sh (renamed from krebs/5pkgs/simple/Reaktor/scripts/tell-on_privmsg.sh)0
-rw-r--r--krebs/5pkgs/simple/realwallpaper/default.nix9
-rw-r--r--krebs/5pkgs/simple/repo-sync/default.nix8
-rw-r--r--krebs/5pkgs/simple/ssh-audit.nix2
-rw-r--r--krebs/5pkgs/simple/tinc_graphs/default.nix6
-rw-r--r--krebs/5pkgs/simple/treq/default.nix8
-rw-r--r--krebs/5pkgs/simple/ukrepl.nix6
-rw-r--r--krebs/5pkgs/simple/untilport/default.nix6
-rw-r--r--krebs/5pkgs/simple/urix.nix17
-rw-r--r--krebs/5pkgs/simple/with-tmpdir/default.nix29
115 files changed, 364 insertions, 1456 deletions
diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix
index 91071ec85..655192077 100644
--- a/krebs/1systems/hotdog/config.nix
+++ b/krebs/1systems/hotdog/config.nix
@@ -5,6 +5,17 @@
../../../krebs
../../../krebs/2configs
../../../krebs/2configs/nginx.nix
+ {
+ # Cherry-pick services.nginx.recommendedTlsSettings to fix:
+ # nginx: [emerg] "ssl_conf_command" directive is not supported on this platform
+ services.nginx.recommendedTlsSettings = lib.mkForce false;
+ services.nginx.appendHttpConfig = ''
+ ssl_session_timeout 1d;
+ ssl_session_cache shared:SSL:10m;
+ ssl_session_tickets off;
+ ssl_prefer_server_ciphers off;
+ '';
+ }
../../../krebs/2configs/binary-cache/nixos.nix
../../../krebs/2configs/ircd.nix
diff --git a/krebs/1systems/ponte/config.nix b/krebs/1systems/ponte/config.nix
index 8bb14d517..5deeb9923 100644
--- a/krebs/1systems/ponte/config.nix
+++ b/krebs/1systems/ponte/config.nix
@@ -8,6 +8,18 @@
<stockholm/krebs/2configs/nameserver.nix>
];
+ #networking.defaultGateway6 = {
+ # address = "fe80::1";
+ # interface = "ens3";
+ #};
+ #networking.interfaces.ens3.ipv6.addresses = [
+ # {
+ # # old: address = "2a03:4000:13:4c::1";
+ # address = "2a03:4000:1a:cf::1"; #/64"
+ # prefixLength = 64;
+ # }
+ #];
+
networking.firewall.allowedTCPPorts = [ 80 443 ];
networking.firewall.logRefusedConnections = false;
networking.firewall.logRefusedUnicastsOnly = false;
diff --git a/krebs/1systems/puyak/config.nix b/krebs/1systems/puyak/config.nix
index 542106d5f..8e03e3b52 100644
--- a/krebs/1systems/puyak/config.nix
+++ b/krebs/1systems/puyak/config.nix
@@ -11,7 +11,7 @@
# brain hosts/puyak/root
../../2configs/hw/getty-for-esp.nix
- ../../2configs/buildbot/worker.nix
+ # ../../2configs/buildbot/worker.nix
## initrd unlocking
# (brain hosts/puyak/luks-ssd;echo) | ssh root@$(brain krebs-secrets/puyak/initrd/hostname) 'cat /crypt-ramfs/passphrase'
@@ -31,7 +31,7 @@
../../2configs/shack/ssh-keys.nix
# drivedroid.shack for shackphone
- ../../2configs/shack/drivedroid.nix
+ #../../2configs/shack/drivedroid.nix (FIXME error: attribute 'drivedroid-gen-repo' missing)
# ../../2configs/shack/nix-cacher.nix
# Say if muell will be collected
@@ -67,10 +67,10 @@
}
# create samba share for anonymous usage with the laser and 3d printer pc
- ../../2configs/shack/share.nix
+ # ../../2configs/shack/share.nix
# mobile.lounge.mpd.shack
- ../../2configs/shack/mobile.mpd.nix
+ #../../2configs/shack/mobile.mpd.nix (FIXME Compatibility with CMake < 3.5 has been removed from CMake.)
# hass.shack
../../2configs/shack/glados
@@ -159,7 +159,6 @@
services.logind.lidSwitchExternalPower = "ignore";
-
environment.systemPackages = [ pkgs.zsh ];
system.activationScripts."disengage fancontrol" = ''
diff --git a/krebs/2configs/buildbot-stockholm.nix b/krebs/2configs/buildbot-stockholm.nix
index 32452e010..c51d3c651 100644
--- a/krebs/2configs/buildbot-stockholm.nix
+++ b/krebs/2configs/buildbot-stockholm.nix
@@ -19,7 +19,6 @@ with import ../../lib/pure.nix { inherit lib; };
enable = true;
repos = {
disko.urls = [
- "http://cgit.gum.r/disko"
"http://cgit.ni.r/disko"
"http://cgit.orange.r/disko"
];
@@ -33,7 +32,6 @@ with import ../../lib/pure.nix { inherit lib; };
"http://cgit.orange.r/nix-writers"
];
stockholm.urls = [
- "http://cgit.gum.r/stockholm"
"http://cgit.ni.r/stockholm"
"http://cgit.orange.r/stockholm"
];
diff --git a/krebs/2configs/exim-smarthost.nix b/krebs/2configs/exim-smarthost.nix
index ceb11ca64..11b8b3ec1 100644
--- a/krebs/2configs/exim-smarthost.nix
+++ b/krebs/2configs/exim-smarthost.nix
@@ -35,6 +35,7 @@ in {
"brain@krebsco.de" = brain-ml;
"eloop2022@krebsco.de" = eloop-ml;
"2024@eloop.org" = eloop-ml;
+ "2025@eloop.org" = eloop-ml;
"root@eloop.org" = eloop-ml; # obsolete, use spam@eloop.org instead
"spam@eloop.org" = eloop-ml;
"youtube@eloop.org" = eloop-ml; # obsolete, use spam@eloop.org instead
diff --git a/krebs/2configs/hw/x220.nix b/krebs/2configs/hw/x220.nix
index a797673c9..937a20c29 100644
--- a/krebs/2configs/hw/x220.nix
+++ b/krebs/2configs/hw/x220.nix
@@ -17,8 +17,8 @@
};
hardware.opengl.extraPackages = [
- pkgs.vaapiIntel
- pkgs.vaapiVdpau
+ pkgs.intel-vaapi-driver
+ pkgs.libva-vdpau-driver
];
services.xserver = {
diff --git a/krebs/2configs/mastodon.nix b/krebs/2configs/mastodon.nix
index b81c229b6..3c7205167 100644
--- a/krebs/2configs/mastodon.nix
+++ b/krebs/2configs/mastodon.nix
@@ -1,4 +1,14 @@
{ config, lib, pkgs, ... }:
+let
+ mastodon-clear-cache = pkgs.writers.writeDashBin "mastodon-clear-cache" ''
+ /run/current-system/sw/bin/mastodon-tootctl media remove --prune-profiles --days=14 --concurrency=30
+ /run/current-system/sw/bin/mastodon-tootctl media remove-orphans
+ /run/current-system/sw/bin/mastodon-tootctl preview_cards remove --days=14
+ /run/current-system/sw/bin/mastodon-tootctl accounts prune
+ /run/current-system/sw/bin/mastodon-tootctl statuses remove --days 4
+ /run/current-system/sw/bin/mastodon-tootctl media remove --days 4
+ '';
+in
{
services.postgresql = {
enable = true;
@@ -25,12 +35,20 @@
443
];
+ systemd.services.mastodon-clear-cache = {
+ description = "Mastodon Clear Cache";
+ wantedBy = [ "timers.target" ];
+ startAt = "daily";
+ serviceConfig = {
+ Type = "oneshot";
+ ExecStart = "${mastodon-clear-cache}/bin/mastodon-clear-cache";
+ User = "mastodon";
+ WorkingDirectory = "/var/lib/mastodon";
+ };
+ };
+
environment.systemPackages = [
- (pkgs.writers.writeDashBin "clear-mastodon-cache" ''
- mastodon-tootctl media remove --prune-profiles --days=14 --concurrency=30
- mastodon-tootctl media remove-orphans
- mastodon-tootctl preview_cards remove --days=14
- '')
+ mastodon-clear-cache
(pkgs.writers.writeDashBin "create-mastodon-user" ''
set -efu
nick=$1
diff --git a/krebs/2configs/nameserver.nix b/krebs/2configs/nameserver.nix
index 633f6f5d5..c61b5c1b1 100644
--- a/krebs/2configs/nameserver.nix
+++ b/krebs/2configs/nameserver.nix
@@ -66,8 +66,8 @@ in {
- id: hostingde_ns1
address: 134.0.30.178
- - id: krebscode_ni
- address: ${config.krebs.hosts.ni.nets.internet.ip4.addr}
+ - id: krebscode_ne
+ address: ${config.krebs.hosts.ne.nets.internet.ip4.addr}
key: krebs_transfer_notify_key
acl:
@@ -119,7 +119,7 @@ in {
dnssec-policy: rsa2k
notify: henet_ns1
notify: hostingde_ns1
- notify: krebscode_ni
+ notify: krebscode_ne
acl: transfer_to_henet_secondary
acl: transfer_to_hostingde_secondary
acl: transfer_to_krebscode_secondary
@@ -141,10 +141,14 @@ in {
'';
};
+ #krebs.systemd.services.knot.restartIfCredentialsChange = true;
systemd.services."knsupdate-krebsco.de" = {
serviceConfig = {
Type = "oneshot";
SyslogIdentifier = "knsupdate-krebsco.de";
+ #LoadCredential = [
+ # "keys.conf:/var/src/secrets/knot-keys.conf"
+ #];
ExecStart = pkgs.writeDash "knsupdate-krebsco.de" /* sh */ ''
set -efu
@@ -165,8 +169,8 @@ in {
echo server krebsco.de.
echo zone krebsco.de.
echo origin krebsco.de.
- echo add _25._tcp.ni 60 IN TLSA 3 0 1 $certificate_association_data
- echo add _443._tcp.ni 60 IN TLSA 3 0 1 $certificate_association_data
+ echo add _25._tcp.ne 60 IN TLSA 3 0 1 $certificate_association_data
+ echo add _443._tcp.ne 60 IN TLSA 3 0 1 $certificate_association_data
echo show
echo send
echo answer
diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix
index faabf7677..600f7cd6d 100644
--- a/krebs/2configs/reaktor2.nix
+++ b/krebs/2configs/reaktor2.nix
@@ -235,20 +235,20 @@ let
env.TASKDATA = "${stateDir}/${name}";
commands = rec {
add.filename = pkgs.writers.writeDash "${name}-task-add" ''
- ${pkgs.taskwarrior}/bin/task rc:${taskRcFile} add "$1"
+ ${pkgs.taskwarrior2}/bin/task rc:${taskRcFile} add "$1"
'';
list.filename = pkgs.writers.writeDash "${name}-task-list" ''
- ${pkgs.taskwarrior}/bin/task rc:${taskRcFile} export \
+ ${pkgs.taskwarrior2}/bin/task rc:${taskRcFile} export \
| ${pkgs.jq}/bin/jq -r '
.[] | select(.id != 0) | "\(.id) \(.description)"
'
'';
delete.filename = pkgs.writers.writeDash "${name}-task-delete" ''
- ${pkgs.taskwarrior}/bin/task rc:${taskRcFile} delete "$1"
+ ${pkgs.taskwarrior2}/bin/task rc:${taskRcFile} delete "$1"
'';
del = delete;
done.filename = pkgs.writers.writeDash "${name}-task-done" ''
- ${pkgs.taskwarrior}/bin/task rc:${taskRcFile} done "$1"
+ ${pkgs.taskwarrior2}/bin/task rc:${taskRcFile} done "$1"
'';
};
};
@@ -293,7 +293,7 @@ let
{
activate = "always";
command = {
- filename = ../5pkgs/simple/Reaktor/scripts/tell-on_join.sh;
+ filename = ../5pkgs/simple/reaktor2-plugins/scripts/tell-on_join.sh;
env = {
PATH = makeBinPath [
pkgs.coreutils # XXX env, touch
@@ -415,7 +415,7 @@ let
(generators.command_hook {
inherit (commands) dance random-emoji nixos-version;
tell = {
- filename = ../5pkgs/simple/Reaktor/scripts/tell-on_privmsg.sh;
+ filename = ../5pkgs/simple/reaktor2-plugins/scripts/tell-on_privmsg.sh;
env = {
PATH = makeBinPath [
pkgs.coreutils # XXX date, env
@@ -456,7 +456,7 @@ in {
printf 'HTTP/1.1 200 OK\r\n'
printf 'Connection: close\r\n'
printf '\r\n'
- TASKDATA=/var/lib/reaktor2/agenda ${pkgs.taskwarrior}/bin/task rc:${taskRcFile} export
+ TASKDATA=/var/lib/reaktor2/agenda ${pkgs.taskwarrior2}/bin/task rc:${taskRcFile} export
exit
;;
esac
diff --git a/krebs/2configs/repo-sync.nix b/krebs/2configs/repo-sync.nix
index a488fdfea..1c7ed4719 100644
--- a/krebs/2configs/repo-sync.nix
+++ b/krebs/2configs/repo-sync.nix
@@ -98,7 +98,7 @@ in {
krebs.secret.files.konsens = {
path = "/var/lib/konsens/.ssh/id_ed25519";
owner = konsens-user;
- source-path = "${config.krebs.secret.directory}/konsens.id_ed25519>";
+ source-path = "${config.krebs.secret.directory}/konsens.id_ed25519";
};
imports = [
@@ -107,9 +107,10 @@ in {
desc = "take all computers hostage, they love it";
section = "configuration";
remotes = {
- makefu = "http://cgit.gum.r/stockholm";
- tv = "http://cgit.ni.r/stockholm";
+ krebs = "https://github.com/krebs/stockholm";
lassulus = "http://cgit.orange.r/stockholm";
+ makefu = "https://cgit.euer.krebsco.de/makefu/stockholm.git";
+ tv = "http://cgit.ni.r/stockholm";
};
})
({ krebs.git = defineRepo {
diff --git a/krebs/2configs/shack/share.nix b/krebs/2configs/shack/share.nix
index bc483e8d0..0ba22af78 100644
--- a/krebs/2configs/shack/share.nix
+++ b/krebs/2configs/shack/share.nix
@@ -26,21 +26,17 @@
"guest ok" = "yes";
};
};
- extraConfig = ''
- guest account = smbguest
- map to guest = bad user
- # disable printing
- load printers = no
- printing = bsd
- printcap name = /dev/null
- disable spoolss = yes
-
- # for legacy systems
- client min protocol = NT1
- server min protocol = NT1
- workgroup = WORKGROUP
- server string = ${config.networking.hostName}
- netbios name = ${config.networking.hostName}
- '';
+ settings.global = {
+ "guest account" = "smbguest";
+ "map to guest" = "bad user";
+ # disable printing
+ "load printers" = "no";
+ "printing" = "bsd";
+ "printcap name" = "/dev/null";
+ "disable spoolss" = "yes";
+ "workgroup" = "WORKGROUP";
+ "server string" = config.networking.hostName;
+ "netbios name" = config.networking.hostName;
+ };
};
}
diff --git a/krebs/2configs/shack/ssh-keys.nix b/krebs/2configs/shack/ssh-keys.nix
index 80957f3a5..183a81f99 100644
--- a/krebs/2configs/shack/ssh-keys.nix
+++ b/krebs/2configs/shack/ssh-keys.nix
@@ -2,6 +2,7 @@
{
users.users.root.openssh.authorizedKeys.keys = [
config.krebs.users."0x4A6F".pubkey
+ config.krebs.users.susanne.pubkey
config.krebs.users.hase.pubkey
config.krebs.users.neos.pubkey
config.krebs.users.raute.pubkey
diff --git a/krebs/2configs/shack/worlddomination.nix b/krebs/2configs/shack/worlddomination.nix
index b7a8f18df..eba6cc83b 100644
--- a/krebs/2configs/shack/worlddomination.nix
+++ b/krebs/2configs/shack/worlddomination.nix
@@ -3,17 +3,16 @@
with import ../../../lib/pure.nix { inherit lib; };
let
pkg = pkgs.stdenv.mkDerivation {
- name = "worlddomination-2020-12-01";
+ name = "worlddomination-2025-04-02";
src = pkgs.fetchFromGitHub {
owner = "shackspace";
repo = "worlddomination";
- rev = "c7aedcde7cd1fcb870b5356a6125e1a384b0776c";
- sha256 = "0y6haz5apwa33lz64l7b2x78wrrckbw39j4wzyd1hfk46478xi2y";
+ rev = "934387c3525e819e6b5981c417a7561d70b8b61a";
+ sha256 = "sha256-AbRqxxY6hYNg4qkk/akuw4f+wJh4nx1hfEA4Lp5B+1E=";
};
buildInputs = [
(pkgs.python3.withPackages (pythonPackages: with pythonPackages; [
docopt
- LinkHeader
aiocoap
grequests
paramiko
@@ -30,51 +29,7 @@ let
};
pythonPackages = pkgs.python3Packages;
# https://github.com/chrysn/aiocoap
- grequests = pythonPackages.buildPythonPackage rec {
- pname = "grequests";
- version = "0.3.1";
- name = "${pname}-${version}";
- src = pkgs.fetchFromGitHub {
- owner = "kennethreitz";
- repo = "grequests";
- rev = "d1e70eb";
- sha256 = "0drfx4fx65k0g5sj0pw8z3q1s0sp7idn2yz8xfb45nd6v82i37hc";
- };
-
- doCheck = false;
-
- propagatedBuildInputs = with pythonPackages; [ requests gevent ];
-
- meta = with lib;{
- description = "Asynchronous HTTP requests";
- homepage = https://github.com/kennethreitz/grequests;
- license = with licenses; [ bsd2 ];
- maintainers = with maintainers; [ matejc ];
- };
- };
-
- aiocoap = pythonPackages.buildPythonPackage {
- name = "aiocoap-0.3";
- src = pkgs.fetchurl { url = "https://pypi.python.org/packages/9c/f6/d839e4b14258d76e74a39810829c13f8dd31de2bfe0915579b2a609d1bbe/aiocoap-0.3.tar.gz"; sha256 = "402d4151db6d8d0b1d66af5b6e10e0de1521decbf12140637e5b8d2aa9c5aef6"; };
- propagatedBuildInputs = [ ];
- doCheck = false; # 2 errors, dunnolol
- meta = with pkgs.lib; {
- homepage = "";
- license = licenses.mit;
- description = "Python CoAP library";
- };
- };
- LinkHeader = pythonPackages.buildPythonPackage {
- name = "LinkHeader-0.4.3";
- src = pkgs.fetchurl { url = "https://files.pythonhosted.org/packages/27/d4/eb1da743b2dc825e936ef1d9e04356b5701e3a9ea022c7aaffdf4f6b0594/LinkHeader-0.4.3.tar.gz"; sha256 = "7fbbc35c0ba3fbbc530571db7e1c886e7db3d718b29b345848ac9686f21b50c3"; };
- propagatedBuildInputs = [ ];
- meta = with pkgs.lib; {
- homepage = "";
- license = licenses.bsdOriginal;
- description = "Parse and format link headers according to RFC 5988 \"Web Linking\"";
- };
- };
wdpath = "/usr/worlddomination/wd.lst";
esphost = "10.42.24.7"; # esp8266
afrihost = "10.42.25.201"; # africa
diff --git a/krebs/3modules/airdcpp.nix b/krebs/3modules/airdcpp.nix
index acd007cb8..901b1eb87 100644
--- a/krebs/3modules/airdcpp.nix
+++ b/krebs/3modules/airdcpp.nix
@@ -1,7 +1,7 @@
{ config, lib, pkgs, ... }:
with lib;
let
- slib = import ../../lib/pure.nix { inherit lib; };
+ slib = lib.slib or (import ../../lib/pure.nix { inherit lib; });
cfg = config.krebs.airdcpp;
out = {
diff --git a/krebs/3modules/announce-activation.nix b/krebs/3modules/announce-activation.nix
index fa0f1530c..1c4067e7a 100644
--- a/krebs/3modules/announce-activation.nix
+++ b/krebs/3modules/announce-activation.nix
@@ -1,6 +1,6 @@
{ config, pkgs, lib, ... }:
let
- slib = import ../../lib/pure.nix { inherit lib; };
+ slib = lib.slib or (import ../../lib/pure.nix { inherit lib; });
cfg = config.krebs.announce-activation;
announce-activation = pkgs.writeDash "announce-activation" ''
set -efu
diff --git a/krebs/3modules/backup.nix b/krebs/3modules/backup.nix
index 900be5139..2be3a1422 100644
--- a/krebs/3modules/backup.nix
+++ b/krebs/3modules/backup.nix
@@ -1,5 +1,5 @@
{ config, lib, pkgs, ... }:
-with import ../../lib/pure.nix { inherit lib; };
+with lib.slib or (import ../../lib/pure.nix { inherit lib; });
let
out = {
options.krebs.backup = api;
diff --git a/krebs/3modules/brockman.nix b/krebs/3modules/brockman.nix
index 3f0dd0861..e7847aa09 100644
--- a/krebs/3modules/brockman.nix
+++ b/krebs/3modules/brockman.nix
@@ -1,11 +1,12 @@
{ pkgs, config, lib, ... }:
with lib;
let
- slib = import ../../lib/pure.nix { inherit lib; };
+ slib = lib.slib or (import ../../lib/pure.nix { inherit lib; });
cfg = config.krebs.brockman;
in {
options.krebs.brockman = {
enable = mkEnableOption "brockman";
+ package = mkPackageOption pkgs "brockman" { };
config = mkOption { type = types.attrs; }; # TODO make real config here
};
@@ -26,7 +27,7 @@ in {
serviceConfig = {
Restart = "always";
ExecStart = ''
- ${pkgs.brockman}/bin/brockman ${pkgs.writeText "brockman.json" (builtins.toJSON cfg.config)}
+ ${cfg.package}/bin/brockman ${pkgs.writeText "brockman.json" (builtins.toJSON cfg.config)}
'';
User = config.users.extraUsers.brockman.name;
PrivateTmp = true;
diff --git a/krebs/3modules/build.nix b/krebs/3modules/build.nix
index bf20cb099..6480c300f 100644
--- a/krebs/3modules/build.nix
+++ b/krebs/3modules/build.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with import ../../lib/pure.nix { inherit lib; };
+with lib.slib or (import ../../lib/pure.nix { inherit lib; });
{
options.krebs.build = {
diff --git a/krebs/3modules/ci/default.nix b/krebs/3modules/ci/default.nix
index 5035a11a8..18fe46a98 100644
--- a/krebs/3modules/ci/default.nix
+++ b/krebs/3modules/ci/default.nix
@@ -1,5 +1,5 @@
{ config, lib, pkgs, ... }:
-with import ../../../lib/pure.nix { inherit lib; };
+with lib.slib or (import ../../../lib/pure.nix { inherit lib; });
let
cfg = config.krebs.ci;
@@ -50,7 +50,7 @@ let
"${url}",
workdir='${name}-${elemAt(splitString "." url) 1}', branches=True,
project='${name}',
- pollinterval=30
+ pollInterval=30
)
'') repo.urls
) cfg.repos;
diff --git a/krebs/3modules/dns.nix b/krebs/3modules/dns.nix
index a268b931c..fd672a890 100644
--- a/krebs/3modules/dns.nix
+++ b/krebs/3modules/dns.nix
@@ -1,5 +1,5 @@
{ config, lib, pkgs, ... }:
-with import ../../lib/pure.nix { inherit lib; }; {
+with lib.slib or (import ../../lib/pure.nix { inherit lib; }); {
options = {
krebs.dns.providers = mkOption {
type = types.attrsOf types.str;
diff --git a/krebs/3modules/exim-retiolum.nix b/krebs/3modules/exim-retiolum.nix
index f78f1746c..b5f8d187a 100644
--- a/krebs/3modules/exim-retiolum.nix
+++ b/krebs/3modules/exim-retiolum.nix
@@ -1,5 +1,5 @@
{ config, pkgs, lib, ... }:
-with import ../../lib/pure.nix { inherit lib; }; let
+with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let
cfg = config.krebs.exim-retiolum;
# Due to improvements to the JSON notation, braces around top-level objects
diff --git a/krebs/3modules/exim-smarthost.nix b/krebs/3modules/exim-smarthost.nix
index 4e42ce72e..14963f472 100644
--- a/krebs/3modules/exim-smarthost.nix
+++ b/krebs/3modules/exim-smarthost.nix
@@ -1,6 +1,6 @@
{ config, pkgs, lib, ... }:
-with import ../../lib/pure.nix { inherit lib; };
+with lib.slib or (import ../../lib/pure.nix { inherit lib; });
let
cfg = config.krebs.exim-smarthost;
diff --git a/krebs/3modules/exim.nix b/krebs/3modules/exim.nix
index 583fd07b1..bb749b273 100644
--- a/krebs/3modules/exim.nix
+++ b/krebs/3modules/exim.nix
@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }: with import ../../lib/pure.nix { inherit lib; }; let
+{ config, lib, pkgs, ... }: with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let
cfg = config.krebs.exim;
in {
options.krebs.exim = {
diff --git a/krebs/3modules/git.nix b/krebs/3modules/git.nix
index 6d666b6d6..8b8f205dc 100644
--- a/krebs/3modules/git.nix
+++ b/krebs/3modules/git.nix
@@ -6,7 +6,7 @@
# TODO when authorized_keys changes, then restart ssh
# (or kill already connected users somehow)
-with import ../../lib/pure.nix { inherit lib; };
+with lib.slib or (import ../../lib/pure.nix { inherit lib; });
let
cfg = config.krebs.git;
diff --git a/krebs/3modules/github/known-hosts.nix b/krebs/3modules/github/known-hosts.nix
index 3725ff2b8..6f10452e9 100644
--- a/krebs/3modules/github/known-hosts.nix
+++ b/krebs/3modules/github/known-hosts.nix
@@ -8,4 +8,5 @@
;
publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk=";
};
+ # ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl
}
diff --git a/krebs/3modules/hosts.nix b/krebs/3modules/hosts.nix
index 2333d0a8d..148b58d14 100644
--- a/krebs/3modules/hosts.nix
+++ b/krebs/3modules/hosts.nix
@@ -2,8 +2,7 @@
with lib; let
check = hostname: any (domain: hasSuffix ".${domain}" hostname) domains;
domains = attrNames (filterAttrs (_: slib.eq "hosts") config.krebs.dns.providers);
- # we need this import because we have infinite recursion otherwise
- slib = import ../../lib/pure.nix { inherit lib; };
+ slib = lib.slib or (import ../../lib/pure.nix { inherit lib; });
in {
options = {
diff --git a/krebs/3modules/htgen.nix b/krebs/3modules/htgen.nix
index 334a83cb3..020b3eaea 100644
--- a/krebs/3modules/htgen.nix
+++ b/krebs/3modules/htgen.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with import ../../lib/pure.nix { inherit lib; };
+with lib.slib or (import ../../lib/pure.nix { inherit lib; });
let
optionalAttr = name: value:
if name != null then
diff --git a/krebs/3modules/iana-etc.nix b/krebs/3modules/iana-etc.nix
index dabe2f8aa..8858c6ed5 100644
--- a/krebs/3modules/iana-etc.nix
+++ b/krebs/3modules/iana-etc.nix
@@ -1,5 +1,5 @@
{ config, lib, pkgs, ... }: let
- slib = import ../../lib/pure.nix { inherit lib; };
+ slib = lib.slib or (import ../../lib/pure.nix { inherit lib; });
in with lib; {
options.krebs.iana-etc.services = mkOption {
diff --git a/krebs/3modules/iptables.nix b/krebs/3modules/iptables.nix
index 16f1f3c84..1cde42dc3 100644
--- a/krebs/3modules/iptables.nix
+++ b/krebs/3modules/iptables.nix
@@ -19,6 +19,14 @@ let
api = {
enable = mkEnableOption "iptables";
+ rules4 = mkOption {
+ default = buildTables "v4" cfg.tables;
+ };
+
+ rules6 = mkOption {
+ default = buildTables "v6" cfg.tables;
+ };
+
#tables.filter.INPUT = {
# policy = "DROP";
# rules = [
diff --git a/krebs/3modules/konsens.nix b/krebs/3modules/konsens.nix
index 0463de53f..b71cb2ba9 100644
--- a/krebs/3modules/konsens.nix
+++ b/krebs/3modules/konsens.nix
@@ -1,5 +1,5 @@
{ config, lib, pkgs, ... }:
-with import ../../lib/pure.nix { inherit lib; };
+with lib.slib or (import ../../lib/pure.nix { inherit lib; });
let
cfg = config.krebs.konsens;
diff --git a/krebs/3modules/on-failure.nix b/krebs/3modules/on-failure.nix
index 11d2b4194..d87b279a0 100644
--- a/krebs/3modules/on-failure.nix
+++ b/krebs/3modules/on-failure.nix
@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }: with import ../../lib/pure.nix { inherit lib; }; let
+{ config, lib, pkgs, ... }: with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let
out = {
options.krebs.on-failure = api;
config = lib.mkIf cfg.enable imp;
diff --git a/krebs/3modules/per-user.nix b/krebs/3modules/per-user.nix
index c0368ee85..f83a29acb 100644
--- a/krebs/3modules/per-user.nix
+++ b/krebs/3modules/per-user.nix
@@ -28,7 +28,12 @@ in {
};
})
(filterAttrs (_: per-user: per-user.packages != []) cfg);
- profiles = ["/etc/per-user/$LOGNAME"];
+
+ # XXX this breaks /etc/pam/environment because $LOGNAME doesn't get
+ # replaced by @{PAM_USER} the way $USER does.
+ # See <nixpkgs/nixos/modules/config/system-environment.nix>
+ #profiles = ["/etc/per-user/$LOGNAME"];
+ profiles = ["/etc/per-user/$USER"];
};
};
}
diff --git a/krebs/3modules/permown.nix b/krebs/3modules/permown.nix
index ae8702978..51f5cb752 100644
--- a/krebs/3modules/permown.nix
+++ b/krebs/3modules/permown.nix
@@ -1,5 +1,5 @@
{ config, pkgs, lib, ... }: let
- slib = import ../../lib/pure.nix { inherit lib; };
+ slib = lib.slib or (import ../../lib/pure.nix { inherit lib; });
in
with lib; {
@@ -73,6 +73,12 @@ with lib; {
pkgs.findutils
pkgs.inotify-tools
];
+ # TODO
+ # der code könnte aber bisschen vorbereitet werden, damit man später einfach file-modes einbauen kann
+ # die drei finds müssten zu `find "$ROOT_PATH" -exec ${permown}` {} \;` werden
+ # und der while-block zu:
+ # ${permown} "$path" (egal ob vor oder nach dem if test -d)
+ # und dann müsste man danach nur das permown script bearbeiten
serviceConfig = {
ExecStart = pkgs.writeDash "permown" ''
set -efu
diff --git a/krebs/3modules/reaktor2.nix b/krebs/3modules/reaktor2.nix
index aa6254786..d552178f9 100644
--- a/krebs/3modules/reaktor2.nix
+++ b/krebs/3modules/reaktor2.nix
@@ -1,5 +1,5 @@
{ config, pkgs, lib, ... }:
-with import ../../lib/pure.nix { inherit lib; }; {
+with lib.slib or (import ../../lib/pure.nix { inherit lib; }); {
options.krebs.reaktor2 = mkOption {
default = {};
@@ -69,6 +69,12 @@ with import ../../lib/pure.nix { inherit lib; }; {
Group = "reaktor2";
DynamicUser = true;
StateDirectory = cfg.username;
+ #ExecStartPre = [
+ # (pkgs.writeDash "test-dynamic-user" ''
+ # set -efux
+ # ${pkgs.coreutils}/bin/id
+ # '')
+ #];
ExecStart = let
configFile = pkgs.writers.writeJSON configFileName configValue;
configFileName = "${cfg.systemd-service-name}.config.json";
diff --git a/krebs/3modules/realwallpaper.nix b/krebs/3modules/realwallpaper.nix
index a65a22b29..21603d94c 100644
--- a/krebs/3modules/realwallpaper.nix
+++ b/krebs/3modules/realwallpaper.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with import ../../lib/pure.nix { inherit lib; };
+with lib.slib or (import ../../lib/pure.nix { inherit lib; });
let
cfg = config.krebs.realwallpaper;
diff --git a/krebs/3modules/repo-sync.nix b/krebs/3modules/repo-sync.nix
index 5208d91ae..62d99e160 100644
--- a/krebs/3modules/repo-sync.nix
+++ b/krebs/3modules/repo-sync.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with import ../../lib/pure.nix { inherit lib; };
+with lib.slib or (import ../../lib/pure.nix { inherit lib; });
let
cfg = config.krebs.repo-sync;
@@ -17,6 +17,7 @@ let
branches = mkOption {
type = types.attrsOf (types.submodule ({ config, ... }: {
options = {
+ smart = mkEnableOption "smart sync behavior";
origin = mkOption {
type = types.source-types.git;
};
diff --git a/krebs/3modules/secret.nix b/krebs/3modules/secret.nix
index c35dceba3..ad9ceccbe 100644
--- a/krebs/3modules/secret.nix
+++ b/krebs/3modules/secret.nix
@@ -1,5 +1,5 @@
{ config, lib, pkgs, ... }:
-with import ../../lib/pure.nix { inherit lib; }; let
+with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let
cfg = config.krebs.secret;
in {
options.krebs.secret = {
@@ -15,7 +15,7 @@ in {
secret-file
else
secret-file // {
- source-path = "${config.krebs.secret.directory}/secret-file.source-path";
+ source-path = "${config.krebs.secret.directory}/${secret-file.source-path}";
}
);
};
diff --git a/krebs/3modules/setuid.nix b/krebs/3modules/setuid.nix
index e3108d88e..d13fcccaa 100644
--- a/krebs/3modules/setuid.nix
+++ b/krebs/3modules/setuid.nix
@@ -1,5 +1,5 @@
{ config, pkgs, lib, ... }:
-with import ../../lib/pure.nix { inherit lib; };
+with lib.slib or (import ../../lib/pure.nix { inherit lib; });
let
out = {
@@ -33,7 +33,7 @@ let
};
capabilities = mkOption {
default = [];
- type = types.listOf types.str;
+ type = types.listOf types.str; # TODO
};
owner = mkOption {
default = "root";
@@ -52,6 +52,8 @@ let
merge = mergeOneOption;
};
};
+ # TODO clear non-standard wrapperDirs
+ # TODO? allow only wrapperDirs below /run/wrappers?
wrapperDir = mkOption {
default = config.security.wrapperDir;
type = types.absolute-pathname;
@@ -73,13 +75,16 @@ let
chown ${cfg.owner}:${cfg.group} ${dst}
chmod ${cfg.mode} ${dst}
${optionalString (cfg.capabilities != []) /* sh */ ''
+ set -x
${pkgs.libcap.out}/bin/setcap ${concatMapStringsSep "," shell.escape cfg.capabilities} ${dst}
+ set +x
''}
'';
}));
};
imp = {
+ # run after "wrappers" so config.security.wrapperDir can be hijacked.
systemd.services."krebs.setuid" = {
wantedBy = [ "suid-sgid-wrappers.service" ];
after = [ "suid-sgid-wrappers.service" ];
diff --git a/krebs/3modules/ssh.nix b/krebs/3modules/ssh.nix
index aba825c29..012b365fb 100644
--- a/krebs/3modules/ssh.nix
+++ b/krebs/3modules/ssh.nix
@@ -62,24 +62,26 @@ let
}
]));
- programs.ssh.extraConfig = concatMapStrings
- (net: ''
- Host ${toString (net.aliases ++ net.addrs)}
- Port ${toString net.ssh.port}
- '')
- (filter
- (net: net.ssh.port != 22)
- (concatMap (host: attrValues host.nets)
- (mapAttrsToList
- (_: host: recursiveUpdate host
- (optionalAttrs (cfg.dns.search-domain != null &&
- hasAttr cfg.dns.search-domain host.nets) {
- nets."" = host.nets.${cfg.dns.search-domain} // {
- aliases = [host.name];
- addrs = [];
- };
- }))
- config.krebs.hosts)));
+ programs.ssh.extraConfig =
+ mkBefore/*<-KILLME*/
+ (concatMapStrings
+ (net: ''
+ Host ${toString (net.aliases ++ net.addrs)}
+ Port ${toString net.ssh.port}
+ '')
+ (filter
+ (net: net.ssh.port != 22)
+ (concatMap (host: attrValues host.nets)
+ (mapAttrsToList
+ (_: host: recursiveUpdate host
+ (optionalAttrs (cfg.dns.search-domain != null &&
+ hasAttr cfg.dns.search-domain host.nets) {
+ nets."" = host.nets.${cfg.dns.search-domain} // {
+ aliases = [host.name];
+ addrs = [];
+ };
+ }))
+ config.krebs.hosts))));
}
];
diff --git a/krebs/3modules/ssl.nix b/krebs/3modules/ssl.nix
index 8cbd8dcce..8d853b85e 100644
--- a/krebs/3modules/ssl.nix
+++ b/krebs/3modules/ssl.nix
@@ -22,7 +22,7 @@ in {
default = false;
description = ''
whether to trust the krebs root CA.
- This implies that krebs can forge a certficate for every domain
+ This implies that krebs can forge a certificate for every domain
'';
};
trustIntermediate = lib.mkOption {
diff --git a/krebs/3modules/sync-containers3.nix b/krebs/3modules/sync-containers3.nix
index 12a5ee4e7..cbffeb6f3 100644
--- a/krebs/3modules/sync-containers3.nix
+++ b/krebs/3modules/sync-containers3.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }: let
cfg = config.krebs.sync-containers3;
- slib = import ../../lib/pure.nix { inherit lib; };
+ slib = lib.slib or (import ../../lib/pure.nix { inherit lib; });
in {
options.krebs.sync-containers3 = {
inContainer = {
@@ -358,9 +358,7 @@ in {
networking.useNetworkd = true;
services.resolved = {
enable = true;
- extraConfig = ''
- Domains=~.
- '';
+ settings.Resolve.Domains = [ "~." ];
};
systemd.network = {
enable = true;
diff --git a/krebs/3modules/systemd.nix b/krebs/3modules/systemd.nix
index 754b25675..c0bd4768b 100644
--- a/krebs/3modules/systemd.nix
+++ b/krebs/3modules/systemd.nix
@@ -1,6 +1,6 @@
{ config, pkgs, lib, ... }: let {
- slib = import ../../lib/pure.nix { inherit lib; };
+ slib = lib.slib or (import ../../lib/pure.nix { inherit lib; });
body.options.krebs.systemd.services = lib.mkOption {
default = {};
diff --git a/krebs/3modules/tinc.nix b/krebs/3modules/tinc.nix
index d73d5ca61..65f4f6a2b 100644
--- a/krebs/3modules/tinc.nix
+++ b/krebs/3modules/tinc.nix
@@ -1,5 +1,6 @@
-{ config, pkgs, lib, ... }:
-with import ../../lib/pure.nix { inherit lib; }; {
+{ config, pkgs, lib, ... }: let
+ slib = lib.slib or (import ../../lib/pure.nix { inherit lib; });
+in with slib; {
options.krebs.tinc = mkOption {
default = {};
description = ''
@@ -91,7 +92,7 @@ with import ../../lib/pure.nix { inherit lib; }; {
hosts = mkOption {
type = with types; attrsOf host;
default =
- filterAttrs (_: h: hasAttr tinc.config.netname h.nets) config.krebs.hosts;
+ filterAttrs (_: h: hasAttr tinc.config.netname h.nets && h.nets.${tinc.config.netname}.tinc.config or null != null) config.krebs.hosts;
defaultText = "‹all-hosts-of-‹netname››";
description = ''
Hosts to generate <literal>config.krebs.tinc.retiolum.hostsPackage</literal>.
@@ -235,13 +236,14 @@ with import ../../lib/pure.nix { inherit lib; }; {
"$CREDENTIALS_DIRECTORY"/rsa_key.priv \
/etc/tinc/${netname}/
'';
- ExecStart = "+" + toString [
- "${cfg.tincPackage}/sbin/tincd"
- "-D"
- "-U ${cfg.username}"
- "-d 0"
- "-n ${netname}"
- ];
+ ExecStart = "+" + pkgs.writers.writeDash "tinc-${netname}" ''
+ set -efu
+ exec ${cfg.tincPackage}/sbin/tincd \
+ -D \
+ -U ${cfg.username} \
+ -d 0 \
+ -n ${netname}
+ '';
SyslogIdentifier = netname;
DynamicUser = true;
User = cfg.username;
diff --git a/krebs/3modules/tinc_graphs.nix b/krebs/3modules/tinc_graphs.nix
index dd132a2de..c8c75f919 100644
--- a/krebs/3modules/tinc_graphs.nix
+++ b/krebs/3modules/tinc_graphs.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with import ../../lib/pure.nix { inherit lib; };
+with lib.slib or (import ../../lib/pure.nix { inherit lib; });
let
cfg = config.krebs.tinc_graphs;
internal_dir = "${cfg.workingDir}/internal";
diff --git a/krebs/3modules/urlwatch.nix b/krebs/3modules/urlwatch.nix
index b811b6fa6..b2c264a06 100644
--- a/krebs/3modules/urlwatch.nix
+++ b/krebs/3modules/urlwatch.nix
@@ -4,7 +4,7 @@
# TODO inform about unused caches
# cache = url: "${cfg.dataDir}/.urlwatch/cache/${hashString "sha1" url}"
-with import ../../lib/pure.nix { inherit lib; };
+with lib.slib or (import ../../lib/pure.nix { inherit lib; });
let
cfg = config.krebs.urlwatch;
@@ -214,6 +214,7 @@ let
};
filter = mkOption {
default = null;
+ # TODO nullOr subtypes.filter
type =
with types;
nullOr (either str (listOf (pkgs.formats.json {}).type));
diff --git a/krebs/3modules/users.nix b/krebs/3modules/users.nix
index 614e6ab42..d41b34f7d 100644
--- a/krebs/3modules/users.nix
+++ b/krebs/3modules/users.nix
@@ -1,5 +1,5 @@
{ config, lib, pkgs, ... }: let
- slib = import ../../lib/pure.nix { inherit lib; };
+ slib = lib.slib or (import ../../lib/pure.nix { inherit lib; });
in {
options.krebs.users = lib.mkOption {
type = lib.types.attrsOf slib.types.user;
diff --git a/krebs/3modules/zones.nix b/krebs/3modules/zones.nix
index 51e559d88..6ac2ebac2 100644
--- a/krebs/3modules/zones.nix
+++ b/krebs/3modules/zones.nix
@@ -10,7 +10,8 @@ with lib; {
default = {
"krebsco.de" = /* bindzone */ ''
$TTL 60
- @ 3600 IN SOA spam.krebsco.de. spam.krebsco.de. 0 7200 3600 86400 3600
+ @ IN SOA spam.krebsco.de. spam.krebsco.de. 0 7200 3600 86400 3600
+
@ 3600 IN NS ns1
@ 3600 IN NS ni
@ 3600 IN NS ns2.he.net.
diff --git a/krebs/5pkgs/default.nix b/krebs/5pkgs/default.nix
index 866796a4e..f726475dd 100644
--- a/krebs/5pkgs/default.nix
+++ b/krebs/5pkgs/default.nix
@@ -8,7 +8,10 @@ with stockholm.lib;
fix (foldl' (flip extends) (self: super) (
[
- (self: super: { inherit stockholm; })
+ (self: super: {
+ inherit stockholm;
+ inherit (super.writers) writeBash writeBashBin writeDash writeDashBin writeJSON;
+ })
]
++
(map
diff --git a/krebs/5pkgs/haskell/X11-aeson.nix b/krebs/5pkgs/haskell/X11-aeson.nix
deleted file mode 100644
index 103d87faa..000000000
--- a/krebs/5pkgs/haskell/X11-aeson.nix
+++ /dev/null
@@ -1,13 +0,0 @@
-{ mkDerivation, aeson, base, fetchgit, lib, X11 }:
-mkDerivation {
- pname = "X11-aeson";
- version = "1.0.0";
- src = fetchgit {
- url = "https://cgit.krebsco.de/X11-aeson";
- sha256 = "0y9nvssqpvqgl46g7nz9738l8jmpa7an8r3am3qaqcvmvzgwxh0d";
- rev = "c0a70a62513baf2b437db4ebe3e5a32e3cfa5905";
- fetchSubmodules = true;
- };
- libraryHaskellDepends = [ aeson base X11 ];
- license = lib.licenses.mit;
-}
diff --git a/krebs/5pkgs/haskell/blessings.nix b/krebs/5pkgs/haskell/blessings.nix
deleted file mode 100644
index 2176db2ff..000000000
--- a/krebs/5pkgs/haskell/blessings.nix
+++ /dev/null
@@ -1,28 +0,0 @@
-{ mkDerivation, base, fetchgit, hspec, QuickCheck, lib, stockholm, text }:
-with stockholm.lib;
-
-let
- cfg = {
- "18.03" = {
- version = "1.1.0";
- sha256 = "1k908zap3694fcxdk4bb29s54b0lhdh557y10ybjskfwnym7szn1";
- };
- }.${versions.majorMinor version} or {
- version = "2.2.0";
- sha256 = "1pb56dgf3jj2kq3cbbppwzyg3ccgqy9xara62hkjwyxzdx20clk1";
- };
-
-in mkDerivation {
- pname = "blessings";
- version = cfg.version;
- src = fetchgit {
- url = http://cgit.ni.krebsco.de/blessings;
- rev = "refs/tags/v${cfg.version}";
- sha256 = cfg.sha256;
- };
- libraryHaskellDepends = [ base text ];
- testHaskellDepends = [ base hspec QuickCheck ];
- doHaddock = false;
- # WTFPL is the true license, which is unknown to cabal.
- license = lib.licenses.wtfpl;
-}
diff --git a/krebs/5pkgs/haskell/blessings/default.nix b/krebs/5pkgs/haskell/blessings/default.nix
new file mode 100644
index 000000000..643f320be
--- /dev/null
+++ b/krebs/5pkgs/haskell/blessings/default.nix
@@ -0,0 +1,16 @@
+{ mkDerivation, base, bytestring, extra, fetchgit, hspec, lib
+, QuickCheck, text, wcwidth
+}:
+mkDerivation {
+ pname = "blessings";
+ version = "2.5.0";
+ src = fetchgit {
+ url = "https://cgit.krebsco.de/blessings";
+ sha256 = "1spwm4xjz72c76wkkxxxbvxpgkxam344iwq37js5lhfbb2hbjqbx";
+ rev = "8f9b20f3aa93f7fbba9d24de7732f4cca0119154";
+ fetchSubmodules = true;
+ };
+ libraryHaskellDepends = [ base bytestring extra text wcwidth ];
+ testHaskellDepends = [ base hspec QuickCheck ];
+ license = lib.licenses.mit;
+}
diff --git a/krebs/5pkgs/haskell/email-header.nix b/krebs/5pkgs/haskell/email-header.nix
deleted file mode 100644
index f8ce03f39..000000000
--- a/krebs/5pkgs/haskell/email-header.nix
+++ /dev/null
@@ -1,46 +0,0 @@
-{ mkDerivation, attoparsec, base, base64-bytestring, bytestring
-, case-insensitive, containers, exceptions, fetchgit, QuickCheck
-, lib, stockholm, tasty, tasty-quickcheck, text, text-icu, time
-}:
-with stockholm.lib;
-
-let
-
- cfg = {
- "18.03" = {
- version = "0.3.0";
- rev = "7b179bd31192ead8afe7a0b6e34bcad4039deaa8";
- sha256 = "12j2n3sbvzjnw99gga7kkdygm8n3qx2lh8q26ad6a53xm5whnz59";
- };
- "20.03" = {
- version = "0.4.1-tv1";
- rev = "refs/tags/v${cfg.version}";
- sha256 = "11xjivpj495r2ss9aqljnpzzycb57cm4sr7yzmf939rzwsd3ib0x";
- };
- }.${versions.majorMinor version} or {
- version = "0.4.2-tv1";
- rev = "refs/tags/v${cfg.version}";
- sha256 = "JZfqvkbb/1t0q1iWmZHmmCN2Vr+QKTiq4LVncrG+xMU=";
- };
-
-in mkDerivation {
- pname = "email-header";
- version = cfg.version;
- src = fetchgit {
- url = "https://github.com/4z3/email-header";
- rev = cfg.rev;
- sha256 = cfg.sha256;
- };
- buildDepends = [
- attoparsec base base64-bytestring bytestring case-insensitive
- containers exceptions text text-icu time
- ];
- testDepends = [
- base bytestring case-insensitive containers QuickCheck tasty
- tasty-quickcheck text time
- ];
- jailbreak = true;
- homepage = "http://github.com/knrafto/email-header";
- description = "Parsing and rendering of email and MIME headers";
- license = lib.licenses.bsd3;
-}
diff --git a/krebs/5pkgs/haskell/kirk.nix b/krebs/5pkgs/haskell/kirk.nix
deleted file mode 100644
index d6fdec4c9..000000000
--- a/krebs/5pkgs/haskell/kirk.nix
+++ /dev/null
@@ -1,22 +0,0 @@
-{ mkDerivation, async, base, bytestring, fetchgit, lib, network
-, optparse-applicative, text
-}:
-mkDerivation {
- pname = "kirk";
- version = "1.0.1";
- src = fetchgit {
- url = "http://cgit.krebsco.de/kirk";
- sha256 = "1acsmmc485c54axpy9bd0320j18hs261vl1vdxns4n04sxzqd7k0";
- rev = "cdf3cb373af8f9b03a9487a63eb32e0226913589";
- fetchSubmodules = true;
- };
- isLibrary = true;
- isExecutable = true;
- libraryHaskellDepends = [
- base bytestring network optparse-applicative text
- ];
- executableHaskellDepends = [
- async base network optparse-applicative text
- ];
- license = lib.licenses.mit;
-}
diff --git a/krebs/5pkgs/haskell/mailaids.nix b/krebs/5pkgs/haskell/mailaids.nix
deleted file mode 100644
index 91b4cc451..000000000
--- a/krebs/5pkgs/haskell/mailaids.nix
+++ /dev/null
@@ -1,21 +0,0 @@
-{ mkDerivation, aeson, aeson-pretty, base, bytestring
-, case-insensitive, fetchgit, lens, lib, optparse-applicative
-, purebred-email, text, vector, word8
-}:
-mkDerivation {
- pname = "mailaids";
- version = "1.1.0";
- src = fetchgit {
- url = "https://cgit.krebsco.de/mailaids";
- sha256 = "0mkq3b0j28h7ydg6aaqlqnvajb8nhdc9g7rmil2d4vl5fxxaqspv";
- rev = "a25fc32eceefc10a91ef77ff2763b3f1b9324aaf";
- fetchSubmodules = true;
- };
- isLibrary = false;
- isExecutable = true;
- executableHaskellDepends = [
- aeson aeson-pretty base bytestring case-insensitive lens
- optparse-applicative purebred-email text vector word8
- ];
- license = lib.licenses.mit;
-}
diff --git a/krebs/5pkgs/haskell/nix-serve-ng.nix b/krebs/5pkgs/haskell/nix-serve-ng.nix
deleted file mode 100644
index 62e02ce82..000000000
--- a/krebs/5pkgs/haskell/nix-serve-ng.nix
+++ /dev/null
@@ -1,30 +0,0 @@
-{ mkDerivation, async, base, base16, base32, bytestring, charset
-, fetchgit, http-client, http-types, lib, managed, megaparsec, mtl
-, network, nix, optparse-applicative, tasty-bench, temporary, text
-, turtle, vector, wai, wai-extra, warp, warp-tls
-, boost
-}:
-mkDerivation {
- pname = "nix-serve-ng";
- version = "1.0.1";
- src = fetchgit {
- url = "https://github.com/aristanetworks/nix-serve-ng";
- sha256 = "sha256-PkzwtjUgYuqfWtCH1nRqVRaajihN1SqMVjWmoSG/CCY=";
- rev = "9b546864f4090736f3f9069a01ea5d42cf7bab7c";
- fetchSubmodules = true;
- };
- isLibrary = false;
- isExecutable = true;
- executableHaskellDepends = [
- base base16 base32 bytestring charset http-types managed megaparsec
- mtl network optparse-applicative vector wai wai-extra warp warp-tls
- ];
- executablePkgconfigDepends = [ nix ];
- executableSystemDepends = [ boost.dev ];
- benchmarkHaskellDepends = [
- async base bytestring http-client tasty-bench temporary text turtle
- vector
- ];
- description = "A drop-in replacement for nix-serve that's faster and more stable";
- license = lib.licenses.bsd3;
-}
diff --git a/krebs/5pkgs/haskell/purebred-email/default.nix b/krebs/5pkgs/haskell/purebred-email/default.nix
deleted file mode 100644
index 62fc82183..000000000
--- a/krebs/5pkgs/haskell/purebred-email/default.nix
+++ /dev/null
@@ -1,30 +0,0 @@
-{ mkDerivation, attoparsec, base, base64-bytestring, bytestring
-, case-insensitive, concise, deepseq, fetchgit, hedgehog, lens, lib
-, QuickCheck, quickcheck-instances, random, semigroupoids
-, stringsearch, tasty, tasty-golden, tasty-hedgehog, tasty-hunit
-, tasty-quickcheck, text, time
-}:
-mkDerivation {
- pname = "purebred-email";
- version = "0.5.1";
- src = fetchgit {
- url = "https://github.com/purebred-mua/purebred-email";
- sha256 = "0iilyy5dkbzbiazyyfjdz585c3x8b7c2piynmycm7krkc48993vw";
- rev = "7ba346e10ad1521a923bc04a4ffeca479d8dd071";
- fetchSubmodules = true;
- };
- isLibrary = true;
- isExecutable = true;
- libraryHaskellDepends = [
- attoparsec base base64-bytestring bytestring case-insensitive
- concise deepseq lens random semigroupoids stringsearch text time
- ];
- testHaskellDepends = [
- attoparsec base bytestring case-insensitive hedgehog lens
- QuickCheck quickcheck-instances random tasty tasty-golden
- tasty-hedgehog tasty-hunit tasty-quickcheck text time
- ];
- homepage = "https://github.com/purebred-mua/purebred-email";
- description = "types and parser for email messages (including MIME)";
- license = lib.licenses.agpl3Plus;
-}
diff --git a/krebs/5pkgs/haskell/purebred-email/untweak-mime-version-header.patch b/krebs/5pkgs/haskell/purebred-email/untweak-mime-version-header.patch
deleted file mode 100644
index 97baf7ac1..000000000
--- a/krebs/5pkgs/haskell/purebred-email/untweak-mime-version-header.patch
+++ /dev/null
@@ -1,65 +0,0 @@
-diff --git a/src/Data/MIME.hs b/src/Data/MIME.hs
-index 19af53e..be8cbd4 100644
---- a/src/Data/MIME.hs
-+++ b/src/Data/MIME.hs
-@@ -810,7 +810,6 @@ multipart takeTillEnd boundary =
- -- | Sets the @MIME-Version: 1.0@ header.
- --
- instance RenderMessage MIME where
-- tweakHeaders = set (headers . at "MIME-Version") (Just "1.0")
- buildBody h z = Just $ case z of
- Part partbody -> Builder.byteString partbody
- Encapsulated msg -> buildMessage msg
-diff --git a/tests/Generator.hs b/tests/Generator.hs
-index 9e1f166..23bd122 100644
---- a/tests/Generator.hs
-+++ b/tests/Generator.hs
-@@ -64,7 +64,7 @@ exampleMailsParseSuccessfully =
- textPlain7bit :: MIMEMessage
- textPlain7bit =
- let m = createTextPlainMessage "This is a simple mail."
-- in over headers (\(Headers xs) -> Headers $ (CI.mk "Subject", "Hello there") : xs) m
-+ in over headers (\(Headers xs) -> Headers $ (CI.mk "MIME-Version", "1.0") : (CI.mk "Subject", "Hello there") : xs) m
-
- multiPartMail :: MIMEMessage
- multiPartMail =
-@@ -72,13 +72,16 @@ multiPartMail =
- to' = Single $ Mailbox Nothing (AddrSpec "bar" (DomainDotAtom $ pure "bar.com"))
- subject = "Hello there"
- p = createTextPlainMessage "This is a simple mail."
-+ & set (headers . at "MIME-Version") (Just "1.0")
- a = createAttachment
- contentTypeApplicationOctetStream
- (Just "foo.bin")
- "fileContentsASDF"
-+ & set (headers . at "MIME-Version") (Just "1.0")
- now = UTCTime (ModifiedJulianDay 123) (secondsToDiffTime 123)
- in createMultipartMixedMessage "asdf" (fromList [p, a])
-- & set (headers . at "From") (Just $ renderMailboxes [from'])
-+ & set (headers . at "MIME-Version") (Just "1.0")
-+ . set (headers . at "From") (Just $ renderMailboxes [from'])
- . set (headers . at "To") (Just $ renderAddresses [to'])
- . set (headers . at "Date") (Just $ renderRFC5422Date now)
- . set (headers . at "Subject") (Just $ T.encodeUtf8 subject)
-diff --git a/tests/Message.hs b/tests/Message.hs
-index 6711519..3e40397 100644
---- a/tests/Message.hs
-+++ b/tests/Message.hs
-@@ -29,7 +29,7 @@ import Data.Char (isPrint)
- import Data.Foldable (fold)
- import Data.List.NonEmpty (NonEmpty(..), intersperse)
-
--import Control.Lens (set, view)
-+import Control.Lens ((&), at, set, view)
- import qualified Data.ByteString as B
- import qualified Data.Text as T
-
-@@ -99,7 +99,7 @@ genMessage = Gen.choice [ genTextPlain, genMultipart, encapsulate <$> genMessage
- prop_messageRoundTrip :: Property
- prop_messageRoundTrip = property $ do
- msg <- forAll genMessage
-- parse (message mime) (renderMessage msg) === Right msg
-+ parse (message mime) (renderMessage $ msg & set (headers . at "MIME-Version") (Just "1.0")) === Right msg
-
- prop_messageFromRoundTrip :: Property
- prop_messageFromRoundTrip = property $ do
diff --git a/krebs/5pkgs/haskell/reaktor2/default.nix b/krebs/5pkgs/haskell/reaktor2/default.nix
index 7f89c0b1f..d75de3a51 100644
--- a/krebs/5pkgs/haskell/reaktor2/default.nix
+++ b/krebs/5pkgs/haskell/reaktor2/default.nix
@@ -1,28 +1,30 @@
-{ mkDerivation, aeson, async, attoparsec, base, blessings
-, bytestring, containers, data-default, filepath, hashable, lens
-, lens-aeson, lib, network, network-simple, network-simple-tls
-, network-uri, pcre-light, process, random, servant-server
-, string-conversions, stringsearch, text, time, transformers
-, unagi-chan, unix, unordered-containers, vector, wai, warp
-, fetchgit
+{ mkDerivation, aeson, async, attoparsec, base, base64, blessings
+, bytestring, containers, data-default, directory, fetchgit
+, filepath, hashable, http-types, lens, lens-aeson, lib, network
+, network-simple, network-simple-tls, network-uri, pcre-light
+, process, random, servant-server, string-conversions, stringsearch
+, text, time, transformers, unagi-chan, unix, unordered-containers
+, vector, wai, warp
}:
mkDerivation {
pname = "reaktor2";
- version = "0.4.2";
+ version = "0.4.5";
src = fetchgit {
url = "https://cgit.krebsco.de/reaktor2";
- hash = "sha256-JPQyy0hDSH5JqQGjwoO5BNsD4qk+GKP1VH+j4/2cqes";
- rev = "53a11f421fb18e8687fa06e5511cea8bd9defc36";
+ sha256 = "0arcw06k3hhmcp6kk5lxrzadin3lx6ywxrznicljr92flkgj8isc";
+ rev = "6ff1335c7c9775e1cf167b950b6de97359d3b659";
fetchSubmodules = true;
};
isLibrary = false;
isExecutable = true;
executableHaskellDepends = [
- aeson async attoparsec base blessings bytestring containers
- data-default filepath hashable lens lens-aeson network
- network-simple network-simple-tls network-uri pcre-light process
- random servant-server string-conversions stringsearch text time
- transformers unagi-chan unix unordered-containers vector wai warp
+ aeson async attoparsec base base64 blessings bytestring containers
+ data-default directory filepath hashable http-types lens lens-aeson
+ network network-simple network-simple-tls network-uri pcre-light
+ process random servant-server string-conversions stringsearch text
+ time transformers unagi-chan unix unordered-containers vector wai
+ warp
];
license = lib.licenses.mit;
+ mainProgram = "reaktor";
}
diff --git a/krebs/5pkgs/haskell/scanner.nix b/krebs/5pkgs/haskell/scanner.nix
deleted file mode 100644
index a317e575e..000000000
--- a/krebs/5pkgs/haskell/scanner.nix
+++ /dev/null
@@ -1,13 +0,0 @@
-{ mkDerivation, base, fetchgit, lib }:
-mkDerivation {
- pname = "scanner";
- version = "1.0.1";
- src = fetchgit {
- url = "http://cgit.ni.krebsco.de/scanner";
- sha256 = "1lgl158axczsm4fx53fyq1d4116v91jsx4dbz66ka4k1ljqrmhgn";
- rev = "7f091a3bc152ad3974a1873b460fa1759bf8dcad";
- fetchSubmodules = true;
- };
- libraryHaskellDepends = [ base ];
- license = lib.licenses.mit;
-}
diff --git a/krebs/5pkgs/haskell/xmonad-aeson.nix b/krebs/5pkgs/haskell/xmonad-aeson.nix
deleted file mode 100644
index d27f9c783..000000000
--- a/krebs/5pkgs/haskell/xmonad-aeson.nix
+++ /dev/null
@@ -1,13 +0,0 @@
-{ mkDerivation, aeson, base, fetchgit, lib, X11-aeson, xmonad }:
-mkDerivation {
- pname = "xmonad-aeson";
- version = "1.0.0";
- src = fetchgit {
- url = "https://cgit.krebsco.de/xmonad-aeson";
- sha256 = "0l1gna6p1498vzm6kj0ywj0i7775mz5n7k9nymwggvfb1pyxv3h9";
- rev = "a95f652b150f17db3f2439214a6346335d6d8d89";
- fetchSubmodules = true;
- };
- libraryHaskellDepends = [ aeson base X11-aeson xmonad ];
- license = lib.licenses.mit;
-}
diff --git a/krebs/5pkgs/haskell/xmonad-stockholm.nix b/krebs/5pkgs/haskell/xmonad-stockholm.nix
deleted file mode 100644
index c43dbe271..000000000
--- a/krebs/5pkgs/haskell/xmonad-stockholm.nix
+++ /dev/null
@@ -1,18 +0,0 @@
-{ mkDerivation, base, containers, directory, fetchgit, filepath
-, lib, unix, X11, X11-xft, X11-xshape, xmonad, xmonad-contrib
-}:
-mkDerivation {
- pname = "xmonad-stockholm";
- version = "1.3.1";
- src = fetchgit {
- url = "https://cgit.krebsco.de/xmonad-stockholm";
- sha256 = "1m4kkppy143jvjzhy5aawh8q6sglpnqhiajxbdcr42j02ibf3vvq";
- rev = "89bae8aad73db8fe9e11da7d515f0b236e7fea51";
- fetchSubmodules = true;
- };
- libraryHaskellDepends = [
- base containers directory filepath unix X11 X11-xft X11-xshape
- xmonad xmonad-contrib
- ];
- license = lib.licenses.mit;
-}
diff --git a/krebs/5pkgs/simple/K_belwagen.nix b/krebs/5pkgs/simple/K_belwagen.nix
deleted file mode 100644
index 2f64bb09d..000000000
--- a/krebs/5pkgs/simple/K_belwagen.nix
+++ /dev/null
@@ -1,38 +0,0 @@
-{ lib, pkgs, stdenv }:
-
-stdenv.mkDerivation {
- pname = "K_belwagen";
- version = "1.0";
-
- src = pkgs.painload;
- sourceRoot = "source/K_belwagen";
-
- buildInputs = [
- pkgs.jack1
- pkgs.pkg-config
- ];
-
- patchPhase = ''
- sed -i '
- s@^cd@# &@
- s@^make@# &@
- s@^jackd@# &@
- s@^trap@# &@
-
- s@^set.*@&\nPATH=${lib.makeBinPath [
- pkgs.bc
- pkgs.coreutils
- ]}; export PATH@
-
- s@\./a\.out@'"$out"'/lib/a.out@
- ' alarm
- '';
-
- installPhase = ''
- mkdir -p $out/lib
- mkdir -p $out/bin
-
- cp alarm $out/bin
- cp a.out $out/lib
- '';
-}
diff --git a/krebs/5pkgs/simple/TabFS/src.json b/krebs/5pkgs/simple/TabFS/src.json
index 24e36aef3..931c9ecb8 100644
--- a/krebs/5pkgs/simple/TabFS/src.json
+++ b/krebs/5pkgs/simple/TabFS/src.json
@@ -1,8 +1,6 @@
{
"url": "https://cgit.krebsco.de/TabFS",
"rev": "a6045e0e29b85e3e66c468f3561009ded1db6ec5",
- "date": "2021-01-14T23:56:09+01:00",
- "path": "/nix/store/mbcywm1yq5vr7awxqb533faz34minfax-TabFS",
"sha256": "1z0kj95zh0jl8laa0whra1jys8pws3199sy29vmlv2nxrkz13blv",
"fetchSubmodules": false,
"deepClone": false,
diff --git a/krebs/5pkgs/simple/airdcpp-webclient/default.nix b/krebs/5pkgs/simple/airdcpp-webclient/default.nix
index 754fecf9c..f4634b595 100644
--- a/krebs/5pkgs/simple/airdcpp-webclient/default.nix
+++ b/krebs/5pkgs/simple/airdcpp-webclient/default.nix
@@ -4,7 +4,7 @@
stdenv.mkDerivation rec {
name = "airdcpp-webclient-${version}";
version = "2.3.0";
-
+
src = fetchurl {
url = http://web-builds.airdcpp.net/stable/airdcpp_2.3.0_webui-2.3.0_64-bit_portable.tar.gz;
sha256 = "0yvcl0nc70fghc7vfsgvbpryi5q97arld8adql4way4qa0mdnyv1";
diff --git a/krebs/5pkgs/simple/bepasty-client-cli/default.nix b/krebs/5pkgs/simple/bepasty-client-cli/default.nix
deleted file mode 100644
index 7811ef5fc..000000000
--- a/krebs/5pkgs/simple/bepasty-client-cli/default.nix
+++ /dev/null
@@ -1,23 +0,0 @@
-{ lib, pkgs, pythonPackages, fetchFromGitHub, ... }:
-
-with pythonPackages; buildPythonPackage rec {
- name = "bepasty-client-cli";
- propagatedBuildInputs = [
- python_magic
- click
- requests
- ];
-
- src = fetchFromGitHub {
- owner = "bepasty";
- repo = "bepasty-client-cli";
- rev = "4b7135ba8ba1e17501de08ad7b6aca73c0d949d2";
- sha256 = "1svchyk9zai1vip9ppm12jm7wfjbdr9ijhgcd2n10xh73jrn9cnc";
- };
-
- meta = {
- homepage = https://github.com/bepasty/bepasty-client-cli;
- description = "CLI client for bepasty-server";
- license = lib.licenses.bsd2;
- };
-}
diff --git a/krebs/5pkgs/simple/bling/default.nix b/krebs/5pkgs/simple/bling/default.nix
index 1c8610325..186aaa85e 100644
--- a/krebs/5pkgs/simple/bling/default.nix
+++ b/krebs/5pkgs/simple/bling/default.nix
@@ -1,4 +1,7 @@
-{ imagemagick, runCommand, stockholm, ... }:
+{ imagemagick, runCommand, lib, ... }:
+let
+ stockholm.lib = import ../../../../lib/pure.nix { inherit lib; };
+in
with stockholm.lib;
let
diff --git a/krebs/5pkgs/simple/brain/default.nix b/krebs/5pkgs/simple/brain/default.nix
index d7e36a527..9f183cfe9 100644
--- a/krebs/5pkgs/simple/brain/default.nix
+++ b/krebs/5pkgs/simple/brain/default.nix
@@ -4,25 +4,30 @@ let
pass = pkgs.pass.withExtensions (ext: [
ext.pass-otp
]);
-in
-pkgs.write "brain" {
- "/bin/brain".link = pkgs.writeDash "brain" ''
+ brain = pkgs.writeDash "brain" ''
PASSWORD_STORE_DIR=$HOME/brain \
exec ${pass}/bin/pass "$@"
'';
- "/bin/brainmenu".link = pkgs.writeDash "brainmenu" ''
+
+ brainmenu = pkgs.writeDash "brainmenu" ''
PASSWORD_STORE_DIR=$HOME/brain \
exec ${pass}/bin/passmenu "$@"
'';
- "/share/bash-completion/completions/brain".link =
- pkgs.runCommand "brain-completions" {
- } /* sh */ ''
- sed -r '
- s/\<_pass?(_|\>)/_brain\1/g
- s/\<__password_store/_brain/g
- s/\<pass\>/brain/
- s/\$HOME\/\.password-store/$HOME\/brain/
- ' < ${pass}/share/bash-completion/completions/pass > $out
- '';
-}
+
+ completions = pkgs.runCommand "brain-completions" {} ''
+ sed -r '
+ s/\<_pass?(_|\>)/_brain\1/g
+ s/\<__password_store/_brain/g
+ s/\<pass\>/brain/
+ s/\$HOME\/\.password-store/$HOME\/brain/
+ ' < ${pass}/share/bash-completion/completions/pass > $out
+ '';
+in
+
+pkgs.runCommand "brain" {} ''
+ mkdir -p $out/bin $out/share/bash-completion/completions
+ ln -s ${brain} $out/bin/brain
+ ln -s ${brainmenu} $out/bin/brainmenu
+ ln -s ${completions} $out/share/bash-completion/completions/brain
+''
diff --git a/krebs/5pkgs/simple/buildbot-classic-slave/default.nix b/krebs/5pkgs/simple/buildbot-classic-slave/default.nix
deleted file mode 100644
index a48c45ae0..000000000
--- a/krebs/5pkgs/simple/buildbot-classic-slave/default.nix
+++ /dev/null
@@ -1,18 +0,0 @@
-{ coreutils, fetchgit, git, buildbot-classic, python2Packages, ... }:
-
-python2Packages.buildPythonApplication {
- name = "buildbot-classic-slave-${buildbot-classic.version}";
- namePrefix = "";
-
- src = buildbot-classic.src;
- postUnpack = "sourceRoot=\${sourceRoot}/slave";
-
- nativeBuildInputs = [ git ];
- propagatedBuildInputs = [ python2Packages.twisted ];
- doCheck = false;
-
- postInstall = ''
- mkdir -p "$out/share/man/man1"
- cp docs/buildslave.1 "$out/share/man/man1"
- '';
-}
diff --git a/krebs/5pkgs/simple/cac-panel/default.nix b/krebs/5pkgs/simple/cac-panel/default.nix
deleted file mode 100644
index 57f58f4de..000000000
--- a/krebs/5pkgs/simple/cac-panel/default.nix
+++ /dev/null
@@ -1,18 +0,0 @@
-{pkgs, python3Packages, ...}:
-
-python3Packages.buildPythonPackage rec {
- name = "cac-panel-${version}";
- version = "0.4.4";
-
- src = pkgs.fetchurl {
- url = "https://pypi.python.org/packages/source/c/cac-panel/cac-panel-${version}.tar.gz";
- sha256 = "16bx67fsbgwxciik42jhdnfzxx1xp5b0rimzrif3r7h4fawlnld8";
- };
-
- propagatedBuildInputs = with python3Packages; [
- docopt
- requests
- beautifulsoup4
- ];
-}
-
diff --git a/krebs/5pkgs/simple/certaids.nix b/krebs/5pkgs/simple/certaids.nix
deleted file mode 100644
index 34f4c3e14..000000000
--- a/krebs/5pkgs/simple/certaids.nix
+++ /dev/null
@@ -1,109 +0,0 @@
-{ pkgs }:
-
-pkgs.write "certaids" {
- "/bin/cert2json".link = pkgs.writeDash "cert2json" ''
- # usage: cert2json < CERT > JSON
- set -efu
-
- ${pkgs.openssl}/bin/openssl crl2pkcs7 -nocrl -certfile /dev/stdin |
- ${pkgs.openssl}/bin/openssl pkcs7 -print_certs -text |
- ${pkgs.gawk}/bin/awk -F, -f ${pkgs.writeText "cert2json.awk" ''
- function abort(msg) {
- print(msg) > "/dev/stderr"
- exit 1
- }
-
- function toJSON(x, type, ret) {
- type = typeof(x)
- switch (type) {
- case "array":
- if (isArray(x)) return arrayToJSON(x)
- if (isObject(x)) return objectToJSON(x)
- abort("cannot render array to JSON", x)
- case "number":
- return numberToJSON(x)
- case "string":
- return stringToJSON(x)
- case "strnum":
- case "unassigned":
- case "regexp":
- case "untyped":
- default:
- abort("cannot render type: " type)
- }
- }
-
- function isArray(x, i, k) {
- i = 1
- for (k in x) {
- if (k != i++) return 0
- i++
- }
- return 1
- }
-
- function isObject(x, k) {
- for (k in x) {
- if (typeof(k) != "string") return 0
- }
- return 1
- }
-
- function arrayToJSON(x, k, ret) {
- ret = "["
- for (k in x) {
- ret=ret toJSON(x[k]) ","
- }
- sub(/,$/,"",ret)
- ret=ret "]"
- return ret
- }
-
- function objectToJSON(x, k,ret) {
- ret = "{"
- for (k in x) {
- ret = ret toJSON(k) ":" toJSON(x[k]) ","
- }
- sub(/,$/, "", ret)
- ret = ret "}"
- return ret
- }
-
- function numberToJSON(x) {
- return x
- }
-
- function stringToJSON(x) {
- gsub(/\\/, "&&",x)
- gsub(/\n/, "\\n", x)
- return "\"" x "\""
- }
-
- $1 ~ /^ *(Subject|Issuer):/ {
- sub(/^ */, "")
- sub(/: */, ",")
- key=tolower($1)
- sub(/[^,]*,/, "")
-
- # Normalize separators between relative distinguished names.
- # [1]: RFC2253, 3. Parsing a String back to a Distinguished Name
- # TODO support any distinguished name
- gsub(/ *[;,] */, ",")
-
- for(i = 0; i <= NF; i++) {
- split($i, a, "=")
- cache[key][a[1]] = a[2]
- }
- }
-
- /BEGIN CERTIFICATE/,/END CERTIFICATE/{
- cache["certificate"] = cache["certificate"] $0 "\n"
- }
-
- /END CERTIFICATE/{
- print toJSON(cache)
- delete cache
- }
- ''}
- '';
-}
diff --git a/krebs/5pkgs/simple/cgit-clear-cache.nix b/krebs/5pkgs/simple/cgit-clear-cache.nix
index 31a2eccb3..e630a4066 100644
--- a/krebs/5pkgs/simple/cgit-clear-cache.nix
+++ b/krebs/5pkgs/simple/cgit-clear-cache.nix
@@ -1,4 +1,8 @@
-{ cache-root ? "/tmp/cgit", findutils, stockholm, writeDashBin }:
+{ cache-root ? "/tmp/cgit", findutils, lib, writeDashBin }:
+
+let
+ stockholm.lib = import ../../../lib/pure.nix { inherit lib; };
+in
writeDashBin "cgit-clear-cache" ''
set -efu
diff --git a/krebs/5pkgs/simple/collectd-connect-time/default.nix b/krebs/5pkgs/simple/collectd-connect-time/default.nix
index 525388029..abbfae40a 100644
--- a/krebs/5pkgs/simple/collectd-connect-time/default.nix
+++ b/krebs/5pkgs/simple/collectd-connect-time/default.nix
@@ -1,8 +1,10 @@
-{lib, pkgs, pythonPackages, fetchurl, ... }:
+{lib, pkgs, python3Packages, fetchurl, ... }:
-pythonPackages.buildPythonPackage rec {
+python3Packages.buildPythonPackage rec {
name = "collectd-connect-time-${version}";
version = "0.3.0";
+ pyproject = true;
+ build-system = [ python3Packages.setuptools ];
src = fetchurl {
url = "https://pypi.python.org/packages/source/c/collectd-connect-time/collectd-connect-time-${version}.tar.gz";
sha256 = "0vvrf9py9bwc8hk3scxwg4x2j8jlp2qva0mv4q8d9m4b4mk99c95";
diff --git a/krebs/5pkgs/simple/cunicu.nix b/krebs/5pkgs/simple/cunicu.nix
index 4375a760c..8e193d455 100644
--- a/krebs/5pkgs/simple/cunicu.nix
+++ b/krebs/5pkgs/simple/cunicu.nix
@@ -1,6 +1,6 @@
{ lib, pkgs }:
-pkgs.buildGo120Module rec {
+pkgs.buildGoModule rec {
pname = "cunicu";
version = "g${lib.substring 0 7 src.rev}";
diff --git a/krebs/5pkgs/simple/default.nix b/krebs/5pkgs/simple/default.nix
index 76ad6ff10..e0b9ffdae 100644
--- a/krebs/5pkgs/simple/default.nix
+++ b/krebs/5pkgs/simple/default.nix
@@ -3,8 +3,9 @@ self: super:
let
# This callPackage will try to detect obsolete overrides.
lib = super.stockholm.lib;
+ callPackage' = lib.callPackageWith self;
callPackage = path: args: let
- override = self.callPackage path args;
+ override = callPackage' path args;
upstream = lib.optionalAttrs (override ? "name")
(super.${(lib.parseDrvName override.name).name} or {});
in if upstream ? "name" &&
@@ -12,5 +13,15 @@ let
lib.compareVersions upstream.name override.name != -1
then lib.trace "Upstream `${upstream.name}' gets overridden by `${override.name}'." override
else override;
+
+ ## This callPackage will try to detect obsolete overrides.
+ #callPackage = path: args: let
+ # pname = (parseDrvName override.name).name;
+ # override = self.callPackage path args;
+ # upstream = super.${pname} or { name = ""; };
+ #in
+ # override.overrideAttrs (old: {
+ # name = warnOldVersion upstream.name old.name;
+ # });
in
lib.mapNixDir (path: callPackage path {}) ./.
diff --git a/krebs/5pkgs/simple/dic/default.nix b/krebs/5pkgs/simple/dic/default.nix
deleted file mode 100644
index 39402c012..000000000
--- a/krebs/5pkgs/simple/dic/default.nix
+++ /dev/null
@@ -1,39 +0,0 @@
-{ fetchgit, lib, stdenv
-, coreutils, curl, gnugrep, gnused, util-linux
-}:
-
-stdenv.mkDerivation {
- name = "dic";
-
- src = fetchgit {
- url = https://cgit.ni.krebsco.de/dic;
- rev = "refs/tags/v1.1.1";
- sha256 = "1gbj967a5hj53fdkkxijqgwnl9hb8kskz0cmpjq7v65ffz3v6vag";
- };
-
- phases = [
- "unpackPhase"
- "installPhase"
- ];
-
- installPhase =
- let
- path = lib.makeBinPath [
- coreutils
- curl
- gnused
- gnugrep
- util-linux
- ];
- in
- ''
- mkdir -p $out/bin
-
- sed \
- 's,^main() {$,&\n PATH=${path}; export PATH,' \
- < ./dic \
- > $out/bin/dic
-
- chmod +x $out/bin/dic
- '';
-}
diff --git a/krebs/5pkgs/simple/drivedroid-gen-repo/default.nix b/krebs/5pkgs/simple/drivedroid-gen-repo/default.nix
deleted file mode 100644
index dee96d784..000000000
--- a/krebs/5pkgs/simple/drivedroid-gen-repo/default.nix
+++ /dev/null
@@ -1,22 +0,0 @@
-{ fetchurl, lib, stdenv, python3Packages }:
-
-python3Packages.buildPythonPackage rec {
- name = "drivedroid-gen-repo-${version}";
- version = "0.4.4";
-
- propagatedBuildInputs = [
- python3Packages.docopt
- ];
-
- src = fetchurl {
- url = "https://pypi.python.org/packages/source/d/drivedroid-gen-repo/drivedroid-gen-repo-${version}.tar.gz";
- sha256 = "09p58hzp61r5fp025lak9z52y0aakmaqpi59p9w5xq42dvy2hnvl";
- };
-
- meta = {
- homepage = http://krebsco.de/;
- description = "Generate Drivedroid repos";
- license = lib.licenses.wtfpl;
- };
-}
-
diff --git a/krebs/5pkgs/simple/ecrypt/default.nix b/krebs/5pkgs/simple/ecrypt/default.nix
deleted file mode 100644
index f83f8cfe7..000000000
--- a/krebs/5pkgs/simple/ecrypt/default.nix
+++ /dev/null
@@ -1,111 +0,0 @@
-{ pkgs, lib }:
-
-#usage: ecrypt mount /var/crypted /var/unencrypted
-pkgs.writers.writeDashBin "ecrypt" ''
- set -euf
-
- PATH=${lib.makeBinPath (with pkgs; [
- coreutils
- ecryptfs
- gnused
- gnugrep
- jq
- mount
- keyutils
- umount
- ])}
-
- # turn echo back on if killed
- trap 'stty echo' INT
-
- case "$1" in
- init)
- shift
- mkdir -p "$1" "$2"
-
- # abort if src or dest are not empty
- if [ -e "$1"/.cfg.json ]; then
- echo 'source dir is already configured, aborting'
- exit 1
- elif ls -1qA "$2" | grep -q .; then
- echo 'destination dir is not empty, aborting'
- exit 1
- else
- # we start and exit ecryptfs-manager again to circumvent a bug where mounting the ecryptfs fails
- echo 4 | ecryptfs-manager
- stty -echo
- printf "passphrase: "
- read passphrase
- stty echo
- sig=$(echo "$passphrase" | ecryptfs-add-passphrase | grep 'Inserted auth tok' | sed 's/.*\[\(.*\)\].*/\1/')
- mount -t ecryptfs \
- -o ecryptfs_unlink_sigs,ecryptfs_fnek_sig="$sig",ecryptfs_key_bytes=16,ecryptfs_cipher=aes,ecryptfs_sig="$sig" \
- "$1" "$2"
-
- # add sig to json state file
- jq -n --arg sig "$sig" '{ "sig": $sig }' > "$1"/.cfg.json
- fi
- ;;
-
- mount)
- shift
- if ! [ -e "$1"/.cfg.json ]; then
- echo '.cfg.json missing in src'
- exit 1
- fi
- old_sig=$(cat "$1"/.cfg.json | jq -r .sig)
-
- # check if key is already in keyring, otherwise add it
-
- if keyctl list @u | grep -q "$old_sig"; then
- echo 'pw already saved'
- else
- # we start and exit ecryptfs-manager again to circumvent a bug where mounting the ecryptfs fails
- echo 4 | ecryptfs-manager
- stty -echo
- printf "passphrase: "
- read passphrase
- stty echo
- new_sig=$(echo "$passphrase" | ecryptfs-add-passphrase | grep 'Inserted auth tok' | sed 's/.*\[\(.*\)\].*/\1/')
-
- # check if passphrase matches sig
- if [ "$old_sig" != "$new_sig" ]; then
- echo 'passphrase does not match sig, bailing out'
- new_keyid=$(keyctl list @u | grep "$new_sig" | sed 's/\([0-9]*\).*/\1/')
- keyctl revoke "$new_keyid"
- keyctl unlink "$new_keyid"
- exit 1
- fi
- fi
-
- sig=$old_sig
- keyid=$(keyctl list @u | grep "$sig" | sed 's/\([0-9]*\).*/\1/')
- if (ls -1qA "$2" | grep -q .); then
- echo 'destination is not empty, bailing out'
- exit 1
- else
- mount -i -t ecryptfs \
- -o ecryptfs_passthrough=no,verbose=no,ecryptfs_unlink_sigs,ecryptfs_fnek_sig="$sig",ecryptfs_key_bytes=16,ecryptfs_cipher=aes,ecryptfs_sig="$sig" \
- "$1" "$2"
- fi
- ;;
-
- unmount)
- shift
-
- sig=$(cat "$1"/.cfg.json | jq -r .sig)
- keyid=$(keyctl list @u | grep "$sig" | sed 's/\s*\([0-9]*\).*/\1/')
-
- umount "$2" || :
- keyctl revoke "$keyid"
- keyctl unlink "$keyid"
- ;;
-
- *)
- echo 'usage:
- ecrypt init /tmp/src/ /tmp/dst/
- ecrypt mount /tmp/src/ /tmp/dst/
- ecrypt unmount /tmp/src/ /tmp/dst/
- '
- esac
-''
diff --git a/krebs/5pkgs/simple/eximlog.nix b/krebs/5pkgs/simple/eximlog.nix
deleted file mode 100644
index 9e5ae8d63..000000000
--- a/krebs/5pkgs/simple/eximlog.nix
+++ /dev/null
@@ -1,28 +0,0 @@
-{ jq, stockholm, systemd, writeDashBin }:
-
-let
- lib = stockholm.lib;
- user = "exim"; # TODO make this configurable
-in
-
-# TODO execute eximlog only if journalctl doesn't fail
-# bash's set -o pipefail isn't enough
-
-writeDashBin "eximlog" ''
- ${systemd}/bin/journalctl \
- -u ${lib.shell.escape user} \
- -o short-unix \
- "$@" \
- |
- ${jq}/bin/jq -Rr '
- # Only select lines that start with a timestamp
- select(test("^[0-9]")) |
-
- split(" ") |
- (.[0] | tonumber) as $time |
- (.[3:] | join(" ")) as $message |
-
- "\($time | strftime("%Y-%m-%d %H:%M:%S %z")) \($message)"
-
- '
-''
diff --git a/krebs/5pkgs/simple/font-size.nix b/krebs/5pkgs/simple/font-size.nix
index 21097ed6a..829325192 100644
--- a/krebs/5pkgs/simple/font-size.nix
+++ b/krebs/5pkgs/simple/font-size.nix
@@ -1,3 +1,4 @@
+# TODO kill me in favor of urxvt-resize-font
{ writeDashBin }:
writeDashBin "font-size" ''
set -efu
diff --git a/krebs/5pkgs/simple/fortclientsslvpn/default.nix b/krebs/5pkgs/simple/fortclientsslvpn/default.nix
index 1f86d6fe4..b895eef89 100644
--- a/krebs/5pkgs/simple/fortclientsslvpn/default.nix
+++ b/krebs/5pkgs/simple/fortclientsslvpn/default.nix
@@ -1,4 +1,4 @@
-{ stdenv, lib, fetchurl, gnome3, glib, libSM, gdk_pixbuf, libX11, libXinerama, iproute,
+{ stdenv, lib, fetchurl, gtk3, glib, xorg, gdk-pixbuf, iproute2,
makeWrapper, libredirect, ppp, coreutils, gawk, pango }:
stdenv.mkDerivation rec {
name = "forticlientsslvpn";
@@ -31,12 +31,12 @@ stdenv.mkDerivation rec {
];
guiLibPath = lib.makeLibraryPath [
- gnome3.gtk
+ gtk3
glib
- libSM
- gdk_pixbuf
- libX11
- libXinerama
+ xorg.libSM
+ gdk-pixbuf
+ xorg.libX11
+ xorg.libXinerama
pango
];
@@ -63,7 +63,7 @@ stdenv.mkDerivation rec {
cp -r 64bit/. "$out/opt/fortinet"
wrapProgram $out/opt/fortinet/forticlientsslvpn \
--set LD_PRELOAD "${libredirect}/lib/libredirect.so" \
- --set NIX_REDIRECTS /usr/bin/tail=${coreutils}/bin/tail:/usr/sbin/ip=${iproute}/bin/ip:/usr/sbin/pppd=${ppp}/bin/pppd
+ --set NIX_REDIRECTS /usr/bin/tail=${coreutils}/bin/tail:/usr/sbin/ip=${iproute2}/bin/ip:/usr/sbin/pppd=${ppp}/bin/pppd
mkdir -p "$out/bin/"
diff --git a/krebs/5pkgs/simple/ftb/default.nix b/krebs/5pkgs/simple/ftb/default.nix
index 8007eaa52..1509961cd 100644
--- a/krebs/5pkgs/simple/ftb/default.nix
+++ b/krebs/5pkgs/simple/ftb/default.nix
@@ -1,7 +1,7 @@
{ fetchurl, lib, stdenv
-, jre, libX11, libXext, libXcursor, libXrandr, libXxf86vm
+, jre, xorg
, openjdk
-, mesa_glu, openal
+, libGLU, openal
, useAlsa ? false, alsaOss ? null }:
with lib;
@@ -26,7 +26,7 @@ stdenv.mkDerivation {
#!${stdenv.shell}
export _JAVA_AWT_WM_NONREPARENTING=1
- export LD_LIBRARY_PATH=\$LD_LIBRARY_PATH:${makeLibraryPath [ libX11 libXext libXcursor libXrandr libXxf86vm mesa_glu openal ]}
+ export LD_LIBRARY_PATH=\$LD_LIBRARY_PATH:${makeLibraryPath [ xorg.libX11 xorg.libXext xorg.libXcursor xorg.libXrandr xorg.libXxf86vm libGLU openal ]}
${if useAlsa then "${alsaOss}/bin/aoss" else "" } \
${jre}/bin/java -jar $out/ftb.jar
EOF
diff --git a/krebs/5pkgs/simple/games-user-env/default.nix b/krebs/5pkgs/simple/games-user-env/default.nix
deleted file mode 100644
index abe770ed1..000000000
--- a/krebs/5pkgs/simple/games-user-env/default.nix
+++ /dev/null
@@ -1,34 +0,0 @@
-{ lib, pkgs, ... }: let
-
-#TODO: make sure env exists prior to running
-env_nix = pkgs.writeText "env.nix" ''
- { pkgs ? import <nixpkgs> {} }:
-
- (pkgs.buildFHSUserEnv {
- name = "simple-x11-env";
- targetPkgs = pkgs: with pkgs; [
- coreutils
- ];
- multiPkgs = pkgs: with pkgs; [
- alsaLib
- zlib
- xorg.libXxf86vm
- curl
- openal
- openssl_1_0_2
- xorg.libXext
- xorg.libX11
- xorg.libXrandr
- xorg.libXcursor
- xorg.libXinerama
- xorg.libXi
- mesa_glu
- ];
- runScript = "bash";
- }).env
-'';
-
-
-in pkgs.writeDashBin "games-user-env" ''
- nix-shell ${env_nix}
-''
diff --git a/krebs/5pkgs/simple/generate-secrets/default.nix b/krebs/5pkgs/simple/generate-secrets/default.nix
deleted file mode 100644
index 8522b5dda..000000000
--- a/krebs/5pkgs/simple/generate-secrets/default.nix
+++ /dev/null
@@ -1,49 +0,0 @@
-{ pkgs }:
-pkgs.writers.writeDashBin "generate-secrets" ''
- set -eu
- HOSTNAME="$1"
- TMPDIR=$(${pkgs.coreutils}/bin/mktemp -d)
- cd $TMPDIR
-
- PASSWORD=$(${pkgs.pwgen}/bin/pwgen 25 1)
- HASHED_PASSWORD=$(echo $PASSWORD | ${pkgs.hashPassword}/bin/hashPassword -s) > /dev/null
-
- ${pkgs.openssh}/bin/ssh-keygen -t ed25519 -f $TMPDIR/ssh.id_ed25519 -P "" -C "" >/dev/null
- ${pkgs.tinc_pre}/bin/tinc --config "$TMPDIR" generate-keys 4096 >/dev/null
- cat <<EOF > $TMPDIR/hashedPasswords.nix
- {
- root = "$HASHED_PASSWORD";
- }
- EOF
-
- for x in *; do
- ${pkgs.coreutils}/bin/cat $x | ${pkgs.brain}/bin/brain insert -m krebs-secrets/$HOSTNAME/$x > /dev/null
- done
- echo $PASSWORD | ${pkgs.brain}/bin/brain insert -m hosts/$HOSTNAME/root > /dev/null
-
- cat <<EOF
- $HOSTNAME = {
- owner = config.krebs.users.krebs;
- nets = {
- retiolum = {
- ip4.addr = "10.243.0.changeme";
- ip6.addr = "42:0:0:0:0:0:0:changeme";
- aliases = [
- "$HOSTNAME.r"
- ];
- tinc = {
- pubkey = ${"''"}
- $(cat $TMPDIR/rsa_key.pub)
- ${"''"};
- pubkey_ed25519 = "$(cut -d ' ' -f 3 $TMPDIR/ed25519_key.pub)";
- };
- };
- };
- ssh.privkey.path = "\''${config.krebs.secret.directory}/ssh.id_ed25519";
- ssh.pubkey = "$(cat $TMPDIR/ssh.id_ed25519.pub)";
- };
- EOF
-
- rm -rf $TMPDIR
-''
-
diff --git a/krebs/5pkgs/simple/git-hooks/default.nix b/krebs/5pkgs/simple/git-hooks/default.nix
index 3ec43739c..fe159c833 100644
--- a/krebs/5pkgs/simple/git-hooks/default.nix
+++ b/krebs/5pkgs/simple/git-hooks/default.nix
@@ -1,5 +1,7 @@
-{ pkgs, stockholm, ... }:
-
+{ pkgs, lib, ... }:
+let
+ stockholm.lib = import ../../../../lib/pure.nix { inherit lib; };
+in
with stockholm.lib;
{
@@ -112,6 +114,7 @@ with stockholm.lib;
git diff --stat $id2..$id \
| sed '$!s/\(+*\)\(-*\)$/'$(green '\1')$(red '\2')'/'
)"
+ echo "$(red "$message")"
''}
done
diff --git a/krebs/5pkgs/simple/gitignore.nix b/krebs/5pkgs/simple/gitignore.nix
deleted file mode 100644
index b3c750a08..000000000
--- a/krebs/5pkgs/simple/gitignore.nix
+++ /dev/null
@@ -1,46 +0,0 @@
-{ pkgs }:
-
-/* gitignore - Filter for intentionally untracked lines or blocks of code
-
-This is a filter that allows specifying intentionally untracked lines and
-blocks of code that Git should ignore.
-
-Example:
-
- int main(void) {
- printf("I would never say derp.\n");
- //#gitignore-begin
- printf("DERP!\n");
- //#gitignore-end
- printf("DERP!\n"); //#gitignore
- return 0;
- }
-
-Installation:
-
- Define a filter, e.g. in ~/.config/git/config[1]:
-
- [filter "gitignore"]
- clean = gitignore
- smudge = cat
-
- Assing that filter to some paths, e.g. in ~/.config/git/attributes[2]:
-
- *.hs filter=gitignore
- *.c filter=gitignore
- ...
-
- [1]: For more information about defining filters see git-config(1).
- [2]: For more information about assigning filters see gitattributes(5).
-*/
-
-pkgs.execBin "gitignore" {
- filename = "${pkgs.gnused}/bin/sed";
- argv = [
- "gitignore"
- /* sed */ ''
- /#gitignore-begin/,/#gitignore-end/d
- /#gitignore/d
- ''
- ];
-}
diff --git a/krebs/5pkgs/simple/gnokii/default.nix b/krebs/5pkgs/simple/gnokii/default.nix
index 995de3468..c11a6be6d 100644
--- a/krebs/5pkgs/simple/gnokii/default.nix
+++ b/krebs/5pkgs/simple/gnokii/default.nix
@@ -1,5 +1,5 @@
{ lib, stdenv, fetchurl, intltool, perl, gettext, libusb-compat-0_1, pkg-config, bluez
-, readline, pcsclite, libical, gtk2, glib, libXpm
+, readline, pcsclite, libical, gtk2, glib, libxpm
, fetchpatch
}:
@@ -20,7 +20,7 @@ stdenv.mkDerivation rec {
buildInputs = [
perl intltool gettext libusb-compat-0_1
glib gtk2 pkg-config bluez readline
- libXpm pcsclite libical
+ libxpm pcsclite libical
];
meta = {
diff --git a/krebs/5pkgs/simple/goify/default.nix b/krebs/5pkgs/simple/goify/default.nix
index 9c44aaeeb..7cc3d1b86 100644
--- a/krebs/5pkgs/simple/goify/default.nix
+++ b/krebs/5pkgs/simple/goify/default.nix
@@ -1,6 +1,6 @@
-{ pkgs, ... }:
+{ pkgs, writeBashBin, ... }:
-pkgs.writeBashBin "goify" ''
+writeBashBin "goify" ''
set -euf
GO_HOST=''${GO_HOST:-go}
diff --git a/krebs/5pkgs/simple/hashPassword/default.nix b/krebs/5pkgs/simple/hashPassword/default.nix
deleted file mode 100644
index 8d3ba2525..000000000
--- a/krebs/5pkgs/simple/hashPassword/default.nix
+++ /dev/null
@@ -1,15 +0,0 @@
-{ lib, pkgs, ... }:
-
-pkgs.writers.writeDashBin "hashPassword" ''
- # usage: hashPassword [...]
- set -euf
-
- export PATH=${lib.makeBinPath (with pkgs; [
- coreutils
- mkpasswd
- openssl
- ])}
-
- salt=$(openssl rand -base64 16 | tr -d '+=' | head -c 16)
- exec mkpasswd -m sha-512 -S "$salt" "$@"
-''
diff --git a/krebs/5pkgs/simple/htgen-imgur/src/htgen-imgur b/krebs/5pkgs/simple/htgen-imgur/src/htgen-imgur
index 696d1c00d..bdfb3eb61 100644
--- a/krebs/5pkgs/simple/htgen-imgur/src/htgen-imgur
+++ b/krebs/5pkgs/simple/htgen-imgur/src/htgen-imgur
@@ -1,3 +1,4 @@
+# TODO dedup with paste
find_item() {
if test ${#1} -ge 7; then
set -- "$(find "$STATEDIR/items" -mindepth 1 -maxdepth 1 \
@@ -58,6 +59,9 @@ read_uri() {
$uri |
capture("^((?<scheme>[^:]*):)?(//(?<authority>[^/]*))?(?<path>[^?#]*)([?](?<query>[^#]*))?([#](?<fragment>.*))?$") |
. + {
+ #authority: (.authority | if . != null then
+ # capture("^((?<userinfo>[^@]*)@)?(?<host>[^:]*)(:(?<port>.*))?$")
+ #else . end),
query: (.query | if . != null then
split("&") |
map(split("=") | {key:.[0],value:.[1]}) |
@@ -141,26 +145,26 @@ case "$Method $path" in
description: $uri.query.description,
datetime: now,
type: $info["MIME type"],
- animated: false,
+ animated: false, # TODO
width: $info.width,
height: $info.height,
size: $info.size,
- views: 0,
- bandwidth: 0,
- vote: null,
- favorite: false,
- nsfw: null,
- section: null,
- account_url: null,
- acount_id: 0,
- is_ad: false,
- is_most_viral: false,
- tags: [],
- ad_type: 0,
- ad_url: "",
- in_gallery: false,
+ views: 0, # TODO
+ bandwidth: 0, # TODO
+ vote: null, # TODO
+ favorite: false, # TODO
+ nsfw: null, # TODO
+ section: null, # TODO
+ account_url: null, # TODO
+ acount_id: 0, # TODO
+ is_ad: false, # TODO
+ is_most_viral: false, # TODO
+ tags: [], # TODO
+ ad_type: 0, # TODO
+ ad_url: "", # TODO
+ in_gallery: false, # TODO
deletehash: @uri "\($id)?deletehash=\($deletehash)",
- name: "",
+ name: "", # TODO
link: $link,
}
')
diff --git a/krebs/5pkgs/simple/htgen/default.nix b/krebs/5pkgs/simple/htgen/default.nix
index 1ee13783b..945801bfe 100644
--- a/krebs/5pkgs/simple/htgen/default.nix
+++ b/krebs/5pkgs/simple/htgen/default.nix
@@ -12,7 +12,7 @@ stdenv.mkDerivation rec {
installPhase = ''
mkdir -p $out/bin
{
- echo '#! ${pkgs.dash}/bin/dash'
+ echo '#! ${pkgs.busybox}/bin/sh'
echo 'export PATH=${lib.makeBinPath [
pkgs.coreutils
pkgs.jq
diff --git a/krebs/5pkgs/simple/internetarchive/default.nix b/krebs/5pkgs/simple/internetarchive/default.nix
deleted file mode 100644
index dfe93befd..000000000
--- a/krebs/5pkgs/simple/internetarchive/default.nix
+++ /dev/null
@@ -1,39 +0,0 @@
-{ lib, pkgs, stdenv, pkgs }:
-with pkgs.python3Packages;
-buildPythonPackage rec {
- pname = "internetarchive";
- version = "1.7.3";
- name = "${pname}-${version}";
-
- src = fetchPypi {
- inherit pname version;
- sha256 = "0x3saklabdx7qrr11h5bjfd75hfbih7pw5gvl2784zvvvrqrz45g";
- };
-
- propagatedBuildInputs = [
- requests
- jsonpatch
- docopt
- clint
- six
- schema
- backports_csv
- ];
-
- # check only works when cloned from git repo
- doCheck = false;
-
- checkInputs = [
- pytest
- responses
- ];
-
- prePatch = ''
- sed -i "s/'schema.*'/'schema>=0.4.0'/" setup.py
- '';
-
- meta = with lib; {
- description = "python library and cli for uploading files to internet archive";
- license = licenses.agpl3;
- };
-}
diff --git a/krebs/5pkgs/simple/irc-announce/default.nix b/krebs/5pkgs/simple/irc-announce/default.nix
index 75036d41c..d5eae30c5 100644
--- a/krebs/5pkgs/simple/irc-announce/default.nix
+++ b/krebs/5pkgs/simple/irc-announce/default.nix
@@ -1,4 +1,4 @@
-{ pkgs, lib, ... }:
+{ pkgs, ircaids, ... }:
pkgs.writers.writeDashBin "irc-announce" ''
set -euf
@@ -15,7 +15,7 @@ pkgs.writers.writeDashBin "irc-announce" ''
fi
printf %s "$message" |
- ${pkgs.ircaids}/bin/ircsink \
+ ${ircaids}/bin/ircsink \
--nick="$IRC_NICK" \
--port="$IRC_PORT" \
--server="$IRC_SERVER" \
diff --git a/krebs/5pkgs/simple/krebspaste/default.nix b/krebs/5pkgs/simple/krebspaste/default.nix
deleted file mode 100644
index d97b6a053..000000000
--- a/krebs/5pkgs/simple/krebspaste/default.nix
+++ /dev/null
@@ -1,12 +0,0 @@
-{ bepasty-client-cli, gnused, writeDashBin }:
-
-writeDashBin "krebspaste" ''
- ${bepasty-client-cli}/bin/bepasty-cli -L 1m --url http://paste.r "$@" |
- ${gnused}/bin/sed '
- $ {
- s/$/\/+inline/
- p
- s/\<r\>/krebsco.de/
- }
- '
-''
diff --git a/krebs/5pkgs/simple/logf/default.nix b/krebs/5pkgs/simple/logf/default.nix
deleted file mode 100644
index 36a7fed2f..000000000
--- a/krebs/5pkgs/simple/logf/default.nix
+++ /dev/null
@@ -1,112 +0,0 @@
-{ lib, pkgs, ... }:
-
-let
- default-host-colors = pkgs.writeJSON "logf.default-host-colors.json" {
- };
- default-prio-colors = pkgs.writeJSON "logf.default-prio-colors.json" {
- "0" = 196; # emerg
- "1" = 160; # alert
- "2" = 124; # crit
- "3" = 009; # err
- "4" = 011; # warning
- "5" = 255; # notice
- "6" = 250; # info
- "7" = 139; # debug
- "-" = 005; # undefined priority
- };
- default-urgent = pkgs.writeJSON "logf.default-urgent.json" [
- ];
-in
-
-pkgs.writeDashBin "logf" ''
- export LOGF_HOST_COLORS LOGF_PRIO_COLORS LOGF_URGENT
- LOGF_HOST_COLORS=$(cat "''${LOGF_HOST_COLORS-${default-host-colors}}")
- LOGF_PRIO_COLORS=$(cat "''${LOGF_PRIO_COLORS-${default-prio-colors}}")
- LOGF_URGENT=$(cat "''${LOGF_URGENT-${default-urgent}}")
- printf '%s\0' "$@" \
- | ${pkgs.findutils}/bin/xargs -0 -P 0 -n 1 ${pkgs.writeDash "logf-remote" ''
- target=$1
- target_host=$(echo "$1" | sed 's/^.*@//;s/\..*//')
- exec 3>&1
- 2>&1 1>&3 ssh "$target" -T \
- -o PreferredAuthentications=publickey \
- -o StrictHostKeyChecking=yes \
- exec journalctl -af -n 0 -o json \
- | stdbuf -oL jq -Rcf ${pkgs.writeJq "logf-remote-error.jq" ''
- {
- PRIORITY: "4",
- MESSAGE: .,
- SYSLOG_IDENTIFIER: env.target_host,
- }
- ''}
- sleep 10m
- exec "$0" "$@"
- ''} \
- | ${pkgs.jq}/bin/jq -Rrf ${pkgs.writeJq "logf-filter.jq" ''
- (env.LOGF_HOST_COLORS | fromjson) as $host_colors |
- (env.LOGF_PRIO_COLORS | fromjson) as $prio_colors |
- (env.LOGF_URGENT | fromjson | map("(\(.))") | join("|"))
- as $urgent_regex |
-
- def when(c; f): if c then f else . end;
-
- # anaphoric gsub
- def agsub(re; f):
- # Don't try empty regex: https://github.com/stedolan/jq/issues/1206
- when(re != ""; gsub("(?<it>\(re))"; .it | f));
-
- # :: [int] -> sgr
- def sgr: "\u001b[\(map(tostring) | join(";"))m";
-
- # :: sgr
- def rst: [] | sgr;
-
- # :: int -> sgr
- def fg(i): [38,5,i]|sgr;
- # TODO def fg(r;g;b): [38,2,r,g,b]|sgr;
- # http://cvs.schmorp.de/rxvt-unicode/src/command.C?revision=1.570&view=markup&sortby=log&sortdir=down
-
- # (sgr; sgr) | (null; any) :: str -> str
- def col(a; b): when(a != null; a + . + b);
- def col(a): col(a; rst);
-
-
- def p_time:
- ._SOURCE_REALTIME_TIMESTAMP
- | if . != null then . | fromjson | . / 1000000 else now end
- | gmtime
- | todateiso8601
- | col(fg(237));
-
- def p_host:
- ._HOSTNAME
- | if . != null then . else "-" end
- | col($host_colors[.]|when(. != null; fg(.)));
-
- def p_ident:
- if .SYSLOG_IDENTIFIER != null then .SYSLOG_IDENTIFIER
- else ._COMM end
- | col(fg(244));
-
- def p_message:
- fg($prio_colors[if has("PRIORITY") then .PRIORITY else "-" end])
- as $prio_c |
- .MESSAGE
- | sub("\r$"; "")
- | agsub($urgent_regex; "\(.)\u0007" | col(fg(219); $prio_c))
- | col($prio_c);
-
- try fromjson catch {
- _SOURCE_REALTIME_TIMESTAMP: now | tostring | sub("[.]"; ""),
- SYSLOG_IDENTIFIER: "logf/journalctl",
- MESSAGE: .,
- } |
-
- [ p_time
- , p_host
- , p_ident
- , p_message
- ]
- | join(" ")
- ''}
-''
diff --git a/krebs/5pkgs/simple/netcup/default.nix b/krebs/5pkgs/simple/netcup/default.nix
deleted file mode 100644
index 750e9cfa9..000000000
--- a/krebs/5pkgs/simple/netcup/default.nix
+++ /dev/null
@@ -1,33 +0,0 @@
-{ coreutils, curl, fetchgit, gawk, gnugrep, gnused, jq, stdenv, stockholm, w3m, ... }:
-with stockholm.lib;
-
-let
- readJSON = path: fromJSON (readFile path);
- sed.escape = replaceStrings ["/"] ["\\/"]; # close enough
- PATH = makeBinPath [
- coreutils
- curl
- gawk
- gnugrep
- gnused
- jq
- w3m
- ];
-in
-stdenv.mkDerivation {
- name = "netcup-1.0.0";
- src = fetchgit {
- url = "http://cgit.ni.krebsco.de/netcup";
- rev = "refs/tags/v1.0.0";
- sha256 = "1rn7bncfhjw0bqjbvj38m7lks4nyf5qcvkj9dg0zr99ba6dylzx5";
- };
- phases = [ "unpackPhase" "patchPhase" "installPhase" ];
- patchPhase = ''
- path=${shell.escape (sed.escape PATH)}
- sed -i "1s/.*/&\nPATH=$path/" vcp
- '';
- installPhase = ''
- mkdir -p $out/bin
- cp vcp $out/bin
- '';
-}
diff --git a/krebs/5pkgs/simple/nixos-format-error.nix b/krebs/5pkgs/simple/nixos-format-error.nix
deleted file mode 100644
index a28f7245f..000000000
--- a/krebs/5pkgs/simple/nixos-format-error.nix
+++ /dev/null
@@ -1,107 +0,0 @@
-{ pkgs }:
-
-pkgs.writeGawkBin "nixos-format-error" ''
- # usage: nixos-rebuild ... 2>&1 | nixos-format-error
-
- function out() {
- print
- next
- }
-
- BEGIN {
- IDLE = 0
- ACTIVE = 1
- PASSIVE = 2
- ERROR = 3
-
- start_state = IDLE
-
- state = start_state
- }
-
- END {
- if (trace_count)
- for (i = trace_count - 1; i >= 0; i--)
- print trace[i]
- }
-
- state == PASSIVE {
- out()
- }
-
- state == IDLE {
- if ($0 ~ /^building the system configuration\.\.\. ?$/) {
- state = ACTIVE
- }
- out()
- }
-
- state == ACTIVE {
- if ($1 ~ /(\[[0-9;]+m)?error:(\[[0-9;]m)?/) {
- state = ERROR
- sub(/^/,"\x1b[31;1m"); sub(/$/,"\x1b[m")
- trace[trace_count++] = $0
-
- "stty -F /dev/tty size" |& getline
- COLUMNS = gensub(/.* ([0-9]+)$/, "\\1", "1")
-
- next
- }
- if ($0 ~ /^these [0-9]+ derivations will be built:/) {
- state = PASSIVE
- }
- if ($0 == "activating the configuration...") {
- state = PASSIVE
- }
- out()
- }
-
- state == ERROR {
- sub(/ $/, "")
- gsub(/\[[0-9;]*m/, "")
-
- if ($0 ~ /^\s*at /) {
- location = gensub(/^\s*at (.*):$/,"\\1","1")
- content = ""
- lnumcol = gensub(/^.*:([0-9]+:[0-9]+)$/,"\\1","1",location)
- lnum = gensub(/:.*/,"","1",lnumcol)
- col = gensub(/.*:/,"","1",lnumcol)
- next
- }
-
- if ($1 == lnum "|") {
- content = gensub(/^\s*[0-9]+\|(.*)/,"\\1","1")
-
- location = sprintf("%50s", location)
-
- preview_size = COLUMNS - length(location " ")
-
- prefix = gensub(/^\s*/,"","1",substr(content, 1, col))
- infix = gensub(/^([0-9a-zA-Z]+|.).*$/, "\\1", "1", substr(content, col + 1))
- suffix = substr(content, col + length(infix) + 1)
-
- if (length(prefix infix suffix) > preview_size) {
- n = (preview_size - length(infix)) / 2 - length(" ")
- prefix = substr(prefix, length(prefix) - n + 1)
- if (prefix != "") { prefix = "…" prefix }
- suffix = substr(suffix, 1, n)
- if (suffix != "") { suffix = suffix "…" }
- }
-
- preview = \
- "\x1b[38;5;244m" prefix "\x1b[m" \
- "\x1b[38;5;230m" infix "\x1b[m" \
- "\x1b[38;5;244m" suffix "\x1b[m"
-
- trace[trace_count++] = location " " preview
- next
- }
-
- if ($0 == "") next
- if ($0 ~ /^\s*… (from|while)/) next
- if ($0 ~ /^\s*([0-9]*)\|/) next
-
- trace[trace_count++] = $0
- next
- }
-''
diff --git a/krebs/5pkgs/simple/ovh-zone/default.nix b/krebs/5pkgs/simple/ovh-zone/default.nix
index bc0e45cb9..a31611ea2 100644
--- a/krebs/5pkgs/simple/ovh-zone/default.nix
+++ b/krebs/5pkgs/simple/ovh-zone/default.nix
@@ -6,9 +6,11 @@
## diff future.sorted current.sorted
python3Packages.buildPythonPackage rec {
- name = "ovh-zone-${version}";
+ pname = "ovh-zone";
version = "0.4.4";
- propagatedBuildInputs = with pkgs.python3Packages;[
+ pyproject = true;
+ build-system = [ python3Packages.setuptools ];
+ dependencies = with pkgs.python3Packages;[
ovh
docopt
];
diff --git a/krebs/5pkgs/simple/python-dnsstamps.nix b/krebs/5pkgs/simple/python-dnsstamps.nix
index 18d08fec8..314e11610 100644
--- a/krebs/5pkgs/simple/python-dnsstamps.nix
+++ b/krebs/5pkgs/simple/python-dnsstamps.nix
@@ -3,6 +3,8 @@
python3Packages.buildPythonPackage rec {
pname = "dnsstamps";
version = "1.3.0";
+ pyproject = true;
+ build-system = [ python3Packages.setuptools ];
src = python3Packages.fetchPypi {
inherit pname version;
diff --git a/krebs/5pkgs/simple/qrscan.nix b/krebs/5pkgs/simple/qrscan.nix
deleted file mode 100644
index df9a98053..000000000
--- a/krebs/5pkgs/simple/qrscan.nix
+++ /dev/null
@@ -1,7 +0,0 @@
-{ pkgs }:
-
-pkgs.writeDashBin "qrscan" ''
- set -efu
-
- ${pkgs.zbar}/bin/zbarcam -1 | ${pkgs.gnused}/bin/sed -n 's/^QR-Code://p'
-''
diff --git a/krebs/5pkgs/simple/reaktor2-plugins.nix b/krebs/5pkgs/simple/reaktor2-plugins/default.nix
index 5b7be5d33..73c46755f 100644
--- a/krebs/5pkgs/simple/reaktor2-plugins.nix
+++ b/krebs/5pkgs/simple/reaktor2-plugins/default.nix
@@ -15,7 +15,7 @@ with stockholm.lib;
commands = {
random-emoji = {
- filename = stockholm.outPath + "/krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh";
+ filename = ./scripts/random-emoji.sh;
env = {
PATH = makeBinPath (with pkgs; [ coreutils gnused gnugrep xmlstarlet wget ]);
};
@@ -35,10 +35,10 @@ with stockholm.lib;
};
stockholm-issue = {
- filename = stockholm.outPath + "/krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh";
+ filename = ./scripts/random-issue.sh;
env = {
PATH = makeBinPath (with pkgs; [ coreutils git gnused haskellPackages.lentil ]);
- origin = "http://cgit.gum/stockholm";
+ origin = "https://cgit.krebsco.de/stockholm";
state_dir = "/tmp/stockholm-issue";
};
};
@@ -59,7 +59,7 @@ with stockholm.lib;
filename = pkgs.writers.writeDash "sed-plugin" ''
set -efu
exec ${pkgs.python3}/bin/python \
- ${./Reaktor/scripts/sed-plugin.py} "$@"
+ ${./scripts/sed-plugin.py} "$@"
'';
};
};
@@ -68,7 +68,7 @@ with stockholm.lib;
activate = "match";
pattern = "^(.*Shack.*)$";
arguments = [1];
- command.filename = stockholm.outPath + "/krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh";
+ command.filename = ./scripts/shack-correct.sh;
};
diff --git a/krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh b/krebs/5pkgs/simple/reaktor2-plugins/scripts/random-emoji.sh
index 6f3dd4a3f..6f3dd4a3f 100755
--- a/krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh
+++ b/krebs/5pkgs/simple/reaktor2-plugins/scripts/random-emoji.sh
diff --git a/krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh b/krebs/5pkgs/simple/reaktor2-plugins/scripts/random-issue.sh
index 5c47c6156..5c47c6156 100755
--- a/krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh
+++ b/krebs/5pkgs/simple/reaktor2-plugins/scripts/random-issue.sh
diff --git a/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py b/krebs/5pkgs/simple/reaktor2-plugins/scripts/sed-plugin.py
index 4925b25bb..4925b25bb 100755
--- a/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py
+++ b/krebs/5pkgs/simple/reaktor2-plugins/scripts/sed-plugin.py
diff --git a/krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh b/krebs/5pkgs/simple/reaktor2-plugins/scripts/shack-correct.sh
index d500b3cb3..d500b3cb3 100755
--- a/krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh
+++ b/krebs/5pkgs/simple/reaktor2-plugins/scripts/shack-correct.sh
diff --git a/krebs/5pkgs/simple/Reaktor/scripts/tell-on_join.sh b/krebs/5pkgs/simple/reaktor2-plugins/scripts/tell-on_join.sh
index 6978e38c6..6978e38c6 100755
--- a/krebs/5pkgs/simple/Reaktor/scripts/tell-on_join.sh
+++ b/krebs/5pkgs/simple/reaktor2-plugins/scripts/tell-on_join.sh
diff --git a/krebs/5pkgs/simple/Reaktor/scripts/tell-on_privmsg.sh b/krebs/5pkgs/simple/reaktor2-plugins/scripts/tell-on_privmsg.sh
index fc05bdefb..fc05bdefb 100755
--- a/krebs/5pkgs/simple/Reaktor/scripts/tell-on_privmsg.sh
+++ b/krebs/5pkgs/simple/reaktor2-plugins/scripts/tell-on_privmsg.sh
diff --git a/krebs/5pkgs/simple/realwallpaper/default.nix b/krebs/5pkgs/simple/realwallpaper/default.nix
index 5364a37dc..44e888879 100644
--- a/krebs/5pkgs/simple/realwallpaper/default.nix
+++ b/krebs/5pkgs/simple/realwallpaper/default.nix
@@ -1,8 +1,10 @@
-{ pkgs, ... }:
+{ pkgs, nomads-cloud, ... }:
pkgs.writers.writeDashBin "generate-wallpaper" ''
set -euf
- export PATH=${with pkgs; lib.makeBinPath [
+ export PATH=${pkgs.lib.makeBinPath ([
+ nomads-cloud
+ ] ++ (with pkgs; [
coreutils
curl
gnugrep
@@ -12,9 +14,8 @@ pkgs.writers.writeDashBin "generate-wallpaper" ''
imagemagick
inkscape
jq
- nomads-cloud
xplanet
- ]}
+ ]))}
# usage: getimg FILENAME URL
fetch() {
diff --git a/krebs/5pkgs/simple/repo-sync/default.nix b/krebs/5pkgs/simple/repo-sync/default.nix
index 66f220ba6..1c88c2e91 100644
--- a/krebs/5pkgs/simple/repo-sync/default.nix
+++ b/krebs/5pkgs/simple/repo-sync/default.nix
@@ -2,17 +2,19 @@
with python3Packages; buildPythonPackage rec {
name = "repo-sync-${version}";
- version = "0.2.7";
+ version = "1.0.0";
+ pyproject = true;
+ build-system = [ python3Packages.setuptools ];
propagatedBuildInputs = [
docopt
- GitPython
+ gitpython
pkgs.git
];
src = fetchFromGitHub {
owner = "krebs";
repo = "repo-sync";
rev = version;
- sha256 = "1qjf1jmxf7xzwskybdys4vqncnwj9f3xwk1gv354zrla68s533cw";
+ hash = "sha256-dkhPUaCL+tZn5rF7NN8A6NK/0tz669dLLYRGtRxO+fM=";
};
meta = {
homepage = http://github.com/makefu/repo-sync;
diff --git a/krebs/5pkgs/simple/ssh-audit.nix b/krebs/5pkgs/simple/ssh-audit.nix
index 4574eb644..286282107 100644
--- a/krebs/5pkgs/simple/ssh-audit.nix
+++ b/krebs/5pkgs/simple/ssh-audit.nix
@@ -4,6 +4,8 @@ python3Packages.buildPythonPackage rec {
inherit (meta) version;
pname = "ssh-audit";
+ pyproject = true;
+ build-system = [ python3Packages.setuptools ];
src = fetchFromGitHub {
owner = "arthepsy";
diff --git a/krebs/5pkgs/simple/tinc_graphs/default.nix b/krebs/5pkgs/simple/tinc_graphs/default.nix
index 953804dd0..11079a9a3 100644
--- a/krebs/5pkgs/simple/tinc_graphs/default.nix
+++ b/krebs/5pkgs/simple/tinc_graphs/default.nix
@@ -1,10 +1,12 @@
{ fetchFromGitHub, lib, pkgs, python3Packages, stdenv }:
python3Packages.buildPythonPackage rec {
- name = "tinc_graphs-${version}";
+ pname = "tinc_graphs";
version = "0.4.0";
+ pyproject = true;
+ build-system = [ python3Packages.setuptools ];
- propagatedBuildInputs = with pkgs;[
+ dependencies = with pkgs;[
python3Packages.pygeoip
## ${geolite-legacy}/share/GeoIP/GeoIPCity.dat
];
diff --git a/krebs/5pkgs/simple/treq/default.nix b/krebs/5pkgs/simple/treq/default.nix
index 7cb826a51..8689479b3 100644
--- a/krebs/5pkgs/simple/treq/default.nix
+++ b/krebs/5pkgs/simple/treq/default.nix
@@ -1,14 +1,16 @@
-{ stdenv, fetchurl, pythonPackages }:
+{ stdenv, fetchurl, python3Packages }:
-pythonPackages.buildPythonPackage rec {
+python3Packages.buildPythonPackage rec {
name = "${pname}-${version}";
pname = "treq";
version = "15.1.0";
+ pyproject = true;
+ build-system = [ python3Packages.setuptools ];
src = fetchurl {
url = "mirror://pypi/t/${pname}/${name}.tar.gz";
sha256= "425a47d5d52a993d51211028fb6ade252e5fbea094e878bb4b644096a7322de8";
};
- propagatedBuildInputs = with pythonPackages; [
+ propagatedBuildInputs = with python3Packages; [
twisted
pyopenssl
requests
diff --git a/krebs/5pkgs/simple/ukrepl.nix b/krebs/5pkgs/simple/ukrepl.nix
index bdea4181f..da1c05c92 100644
--- a/krebs/5pkgs/simple/ukrepl.nix
+++ b/krebs/5pkgs/simple/ukrepl.nix
@@ -1,5 +1,5 @@
-{ lib, pkgs,stdenv }:
-let
+{ lib, pkgs, stdenv }:
+let
src = pkgs.fetchFromGitHub {
owner = "makefu";
repo = "ukrepl";
@@ -7,5 +7,5 @@ let
hash = "sha256:1lnhkf02f18fvf3l2fcszvs4x115lql17akabd5ph9ff9z33k8rv";
};
in
- pkgs.writers.writePython3Bin "ukrepl" {} (builtins.readFile (src + "/ukrepl"))
+ pkgs.writers.writePython3Bin "ukrepl" {} (src + "/ukrepl")
diff --git a/krebs/5pkgs/simple/untilport/default.nix b/krebs/5pkgs/simple/untilport/default.nix
index 2930fd1eb..d299ec807 100644
--- a/krebs/5pkgs/simple/untilport/default.nix
+++ b/krebs/5pkgs/simple/untilport/default.nix
@@ -1,6 +1,6 @@
-{ pkgs, ... }:
+{ libressl, writeDashBin, ... }:
-pkgs.writeDashBin "untilport" ''
+writeDashBin "untilport" ''
set -euf
usage() {
@@ -13,6 +13,6 @@ pkgs.writeDashBin "untilport" ''
if [ $# -ne 2 ]; then
usage
else
- until ${pkgs.libressl.nc}/bin/nc -z "$@"; do sleep 1; done
+ until ${libressl.nc}/bin/nc -z "$@"; do sleep 1; done
fi
''
diff --git a/krebs/5pkgs/simple/urix.nix b/krebs/5pkgs/simple/urix.nix
index 73ea3e665..9ac3a115c 100644
--- a/krebs/5pkgs/simple/urix.nix
+++ b/krebs/5pkgs/simple/urix.nix
@@ -1,14 +1,13 @@
-{ pkgs, stockholm }:
+{ pkgs, lib, writeDash }:
+
+let
+ stockholm.lib = import ../../../lib/pure.nix { inherit lib; };
+in
# urix - URI eXtractor
# Extract all the URIs from standard input and write them to standard output!
# usage: urix < SOMEFILE
-pkgs.execBin "urix" {
- filename = "${pkgs.gnugrep}/bin/grep";
- argv = [
- "urix"
- "-Eo"
- "\\b${stockholm.lib.uri.posix-extended-regex}\\b"
- ];
-}
+writeDash "urix" ''
+ exec ${pkgs.gnugrep}/bin/grep -Eo '\b${stockholm.lib.uri.posix-extended-regex}\b'
+''
diff --git a/krebs/5pkgs/simple/with-tmpdir/default.nix b/krebs/5pkgs/simple/with-tmpdir/default.nix
deleted file mode 100644
index 9862671f8..000000000
--- a/krebs/5pkgs/simple/with-tmpdir/default.nix
+++ /dev/null
@@ -1,29 +0,0 @@
-{ stdenv, fetchgit, coreutils, dash, ... }:
-
-stdenv.mkDerivation {
- name = "with-tmpdir-1";
-
- src = fetchgit {
- url = http://cgit.ni.krebsco.de/with-tmpdir;
- rev = "3243c02ed8cd27a04c080bd39560204980f6c16a";
- sha256 = "80ee6cafb2c337999ddcd1e41747d6256b7cfcea605358c2046eb7e3729555c6";
- };
-
- phases = [
- "unpackPhase"
- "installPhase"
- ];
-
- installPhase = ''
- mkdir -p $out/bin
-
- { echo '#! ${dash}/bin/dash'
- echo 'OLDPATH=$PATH'
- echo 'PATH=${coreutils}/bin'
- sed '$s/^/#/' ./with-tmpdir
- echo '(PATH=$OLDPATH; exec "$@")'
- } > $out/bin/with-tmpdir
-
- chmod +x $out/bin/with-tmpdir
- '';
-}
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-10 13:28:58 +0000
[cgit] Unable to lock slot /tmp/cgit/1f200000.lock: No such file or directory (2)