From 6dc6b9037886ca56b4216672766e8ee4fd31a197 Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 16 Oct 2016 20:14:44 +0200 Subject: tv URxvt.saveLines: 4096 --- tv/2configs/xserver/Xresources.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/tv/2configs/xserver/Xresources.nix b/tv/2configs/xserver/Xresources.nix index f9af89c7e..ad41f3a94 100644 --- a/tv/2configs/xserver/Xresources.nix +++ b/tv/2configs/xserver/Xresources.nix @@ -207,6 +207,7 @@ pkgs.writeText "Xresources" /* xdefaults */ '' URxvt*url-select.underline: true URxvt*colorUL: #4682B4 URxvt.perl-lib: ${pkgs.urxvt_perls}/lib/urxvt/perl + URxvt.saveLines: 4096 root-urxvt*background: #230000 root-urxvt*foreground: #e0c0c0 -- cgit v1.2.3 From 91d6bd66f4d50d47692f55c16bfb14bdf4837520 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 20 Oct 2016 19:42:30 +0200 Subject: tv nixpkgs: 354fd37 -> b8ede35 --- tv/2configs/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix index 442d7370a..abc657ec0 100644 --- a/tv/2configs/default.nix +++ b/tv/2configs/default.nix @@ -14,7 +14,7 @@ with config.krebs.lib; stockholm.file = "/home/tv/stockholm"; nixpkgs.git = { url = https://github.com/NixOS/nixpkgs; - ref = "354fd3728952c229fee4f2924737c601d7ab4725"; + ref = "b8ede35d2efa96490857c22c751e75d600bea44f"; }; } // optionalAttrs host.secure { secrets-master.file = "/home/tv/secrets/master"; -- cgit v1.2.3 From 844d347ce7cf0b7646e9ecba3fbdc0b90e608501 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 20 Oct 2016 20:21:59 +0200 Subject: lib: import bulk of krebs/4lib --- krebs/4lib/default.nix | 59 ------- krebs/4lib/genid.nix | 37 ---- krebs/4lib/git.nix | 47 ----- krebs/4lib/tree.nix | 13 -- krebs/4lib/types.nix | 446 ----------------------------------------------- lib/default.nix | 36 +++- lib/genid.nix | 37 ++++ lib/git.nix | 47 +++++ lib/types.nix | 459 +++++++++++++++++++++++++++++++++++++++++++++++++ 9 files changed, 578 insertions(+), 603 deletions(-) delete mode 100644 krebs/4lib/default.nix delete mode 100644 krebs/4lib/genid.nix delete mode 100644 krebs/4lib/git.nix delete mode 100644 krebs/4lib/tree.nix delete mode 100644 krebs/4lib/types.nix create mode 100644 lib/genid.nix create mode 100644 lib/git.nix create mode 100644 lib/types.nix diff --git a/krebs/4lib/default.nix b/krebs/4lib/default.nix deleted file mode 100644 index c40b9a868..000000000 --- a/krebs/4lib/default.nix +++ /dev/null @@ -1,59 +0,0 @@ -_: - -let - lib = import ; -in - -with lib; - -let out = lib // rec { - - guard = spec@{ type, value, ... }: - assert isOptionType type; - if type.check value - then value - else throw (toString (filter isString [ - "argument" - (if spec ? name then "‘${spec.name}’" else null) - "is not a ${type.name}" - ])); - - types = import ./types.nix { - lib = lib // { inherit genid optionalTrace; }; - }; - - genid = import ./genid.nix { lib = lib // out; }; - genid_signed = x: ((genid x) + 16777216) / 2; - git = import ./git.nix { lib = lib // out; }; - tree = import ./tree.nix { inherit lib; }; - - lpad = n: c: s: - if stringLength s < n - then lpad n c (c + s) - else s; - - toC = x: let - type = typeOf x; - reject = throw "cannot convert ${type}"; - in { - list = "{ ${concatStringsSep ", " (map toC x)} }"; - null = "NULL"; - set = if isDerivation x then toJSON x else reject; - string = toJSON x; # close enough - }.${type} or reject; - - subdirsOf = path: - mapAttrs (name: _: path + "/${name}") - (filterAttrs (_: eq "directory") (readDir path)); - - genAttrs' = names: f: listToAttrs (map f names); - - getAttrs = names: set: - listToAttrs (map (name: nameValuePair name set.${name}) - (filter (flip hasAttr set) names)); - - setAttr = name: value: set: set // { ${name} = value; }; - - optionalTrace = c: msg: x: if c then trace msg x else x; - -}; in out diff --git a/krebs/4lib/genid.nix b/krebs/4lib/genid.nix deleted file mode 100644 index 0aed1d351..000000000 --- a/krebs/4lib/genid.nix +++ /dev/null @@ -1,37 +0,0 @@ -{ lib, ... }: -with lib; -with builtins; -let out = genid; - - # id = genid s = (hash s + min) % max - # min <= genid s < max - # - # min = 2^24 = 16777216 = 0x001000000 - # max = 2^32 = 4294967296 = 0x100000000 - # - # id is bigger than UID of nobody and GID of nogroup - # see and some spare for stuff like lxd. - # - # :: str -> uint32 - genid = s: sum16 (addmod16_16777216 (hash s)); - - # :: str -> list8 uint4 - hash = s: - map hexint (stringToCharacters (substring 32 8 (hashString "sha1" s))); - - # :: list uint -> uint - sum16 = foldl (a: i: a * 16 + i) 0; - - # :: list8 uint4 -> list1 uint8 ++ list6 uint4 - addmod16_16777216 = x: let - a = 16 * head x + head (tail x); - d = tail (tail x); - in [(mod (a + 1) 256)] ++ d; - - # :: char -> uint4 - hexint = x: hexvals.${toLower x}; - - # :: attrset char uint4 - hexvals = listToAttrs (imap (i: c: { name = c; value = i - 1; }) - (stringToCharacters "0123456789abcdef")); -in out diff --git a/krebs/4lib/git.nix b/krebs/4lib/git.nix deleted file mode 100644 index 005c017a9..000000000 --- a/krebs/4lib/git.nix +++ /dev/null @@ -1,47 +0,0 @@ -{ lib, ... }: - -with lib; - -let - addName = name: set: - set // { inherit name; }; - - addNames = mapAttrs addName; - - commands = addNames { - git-receive-pack = {}; - git-upload-pack = {}; - }; - - receive-modes = addNames { - fast-forward = {}; - non-fast-forward = {}; - create = {}; - delete = {}; - merge = {}; # TODO implement in git.nix - }; - - permissions = { - fetch = { - allow-commands = [ - commands.git-upload-pack - ]; - }; - - push = ref: extra-modes: { - allow-commands = [ - commands.git-receive-pack - commands.git-upload-pack - ]; - allow-receive-ref = ref; - allow-receive-modes = [ receive-modes.fast-forward ] ++ extra-modes; - }; - }; - - refs = { - master = "refs/heads/master"; - all-heads = "refs/heads/*"; - }; - -in -commands // receive-modes // permissions // refs diff --git a/krebs/4lib/tree.nix b/krebs/4lib/tree.nix deleted file mode 100644 index 1cd83b3f6..000000000 --- a/krebs/4lib/tree.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ lib, ... }: - -with lib; - -rec { - # tree k v = set k (either v (tree k v)) - - # get : [k] -> tree k v -> v - get = path: tree: - if length path > 0 - then get (tail path) tree.${head path} # TODO check if elem exists - else tree; -} diff --git a/krebs/4lib/types.nix b/krebs/4lib/types.nix deleted file mode 100644 index 8d6ace2e5..000000000 --- a/krebs/4lib/types.nix +++ /dev/null @@ -1,446 +0,0 @@ -{ lib, ... }: - -with builtins; -with lib; -with types; - -types // rec { - - host = submodule ({ config, ... }: { - options = { - name = mkOption { - type = label; - default = config._module.args.name; - }; - cores = mkOption { - type = positive; - }; - nets = mkOption { - type = attrsOf net; - default = {}; - }; - - owner = mkOption { - type = user; - }; - - extraZones = mkOption { - default = {}; - # TODO: string is either MX, NS, A or AAAA - type = with types; attrsOf string; - }; - - secure = mkOption { - type = bool; - default = false; - description = '' - If true, then the host is capable of keeping secret information. - - TODO define minimum requirements for secure hosts - ''; - }; - - ssh.pubkey = mkOption { - type = nullOr ssh-pubkey; - default = null; - }; - ssh.privkey = mkOption { - type = nullOr ssh-privkey; - default = null; - }; - }; - }); - - net = submodule ({ config, ... }: { - options = { - name = mkOption { - type = label; - default = config._module.args.name; - }; - via = mkOption { - type = nullOr net; - default = null; - }; - addrs = mkOption { - type = listOf addr; - default = - optional (config.ip4 != null) config.ip4.addr ++ - optional (config.ip6 != null) config.ip6.addr; - }; - aliases = mkOption { - # TODO nonEmptyListOf hostname - type = listOf hostname; - default = []; - }; - ip4 = mkOption { - type = nullOr (submodule { - options = { - addr = mkOption { - type = addr4; - }; - prefix = mkOption ({ - type = str; # TODO routing prefix (CIDR) - } // optionalAttrs (config.name == "retiolum") { - default = "10.243.0.0/16"; - }); - }; - }); - default = null; - }; - ip6 = mkOption { - type = nullOr (submodule { - options = { - addr = mkOption { - type = addr6; - }; - prefix = mkOption ({ - type = str; # TODO routing prefix (CIDR) - } // optionalAttrs (config.name == "retiolum") { - default = "42::/16"; - }); - }; - }); - default = null; - }; - ssh = mkOption { - type = submodule { - options = { - port = mkOption { - type = int; - default = 22; - }; - }; - }; - default = {}; - }; - tinc = mkOption { - type = let net = config; in nullOr (submodule ({ config, ... }: { - options = { - config = mkOption { - type = str; - default = concatStringsSep "\n" ( - (optionals (net.via != null) - (map (a: "Address = ${a} ${toString config.port}") net.via.addrs)) - ++ - (map (a: "Subnet = ${a}") net.addrs) - ++ - [config.extraConfig] - ++ - [config.pubkey] - ); - }; - pubkey = mkOption { - type = tinc-pubkey; - }; - extraConfig = mkOption { - description = "Extra Configuration to be appended to the hosts file"; - default = ""; - type = string; - }; - port = mkOption { - type = int; - description = "tinc port to use to connect to host"; - default = 655; - }; - }; - })); - default = null; - }; - }; - }); - - positive = mkOptionType { - name = "positive integer"; - check = x: isInt x && x > 0; - merge = mergeOneOption; - }; - - uint = mkOptionType { - name = "unsigned integer"; - check = x: isInt x && x >= 0; - merge = mergeOneOption; - }; - - secret-file = submodule ({ config, ... }: { - options = { - name = mkOption { - type = filename; - default = config._module.args.name; - }; - path = mkOption { - type = absolute-pathname; - default = "/run/keys/${config.name}"; - }; - mode = mkOption { - type = file-mode; - default = "0400"; - }; - owner = mkOption { - type = user; - }; - group-name = mkOption { - type = str; - default = "root"; - }; - source-path = mkOption { - type = str; - default = toString + "/${config.name}"; - }; - }; - }); - - - source = submodule ({ config, ... }: { - options = { - type = let - types = ["file" "git" "symlink"]; - in mkOption { - type = enum types; - default = let - cands = filter (k: config.${k} != null) types; - in - if length cands == 1 - then head cands - else throw "cannot determine type"; - }; - file = let - file-path = (file-source.getSubOptions "FIXME").path.type; - in mkOption { - type = nullOr (either file-source file-path); - default = null; - apply = x: - if file-path.check x - then { path = x; } - else x; - }; - git = mkOption { - type = nullOr git-source; - default = null; - }; - symlink = let - symlink-target = (symlink-source.getSubOptions "FIXME").target.type; - in mkOption { - type = nullOr (either symlink-source symlink-target); - default = null; - apply = x: - if symlink-target.check x - then { target = x; } - else x; - }; - }; - }); - - file-source = submodule { - options = { - path = mkOption { - type = absolute-pathname; - }; - }; - }; - - git-source = submodule { - options = { - ref = mkOption { - type = str; # TODO types.git.ref - }; - url = mkOption { - type = str; # TODO types.git.url - }; - }; - }; - - symlink-source = submodule { - options = { - target = mkOption { - type = pathname; # TODO relative-pathname - }; - }; - }; - - - suffixed-str = suffs: - mkOptionType { - name = "string suffixed by ${concatStringsSep ", " suffs}"; - check = x: isString x && any (flip hasSuffix x) suffs; - merge = mergeOneOption; - }; - - user = submodule ({ config, ... }: { - options = { - home = mkOption { - type = absolute-pathname; - default = "/home/${config.name}"; - }; - mail = mkOption { - type = str; # TODO retiolum mail address - default = "${config._module.args.name}@${config.networking.hostName}.r"; - }; - name = mkOption { - type = username; - default = config._module.args.name; - }; - pgp.pubkeys = mkOption { - type = attrsOf pgp-pubkey; - default = {}; - description = '' - Set of user's PGP public keys. - - Modules supporting PGP may use well-known key names to define - default values for options, in which case the well-known name - should be documented in the respective option's description. - ''; - }; - pubkey = mkOption { - type = nullOr ssh-pubkey; - default = null; - }; - uid = mkOption { - type = int; - default = genid config.name; - }; - }; - }); - group = submodule ({ config, ... }: { - options = { - name = mkOption { - type = username; - default = config._module.args.name; - }; - gid = mkOption { - type = int; - default = genid config.name; - }; - }; - }); - - addr = either addr4 addr6; - addr4 = mkOptionType { - name = "IPv4 address"; - check = let - IPv4address = let d = "([1-9]?[0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])"; in - concatMapStringsSep "." (const d) (range 1 4); - in x: isString x && match IPv4address x != null; - merge = mergeOneOption; - }; - addr6 = mkOptionType { - name = "IPv6 address"; - check = let - # TODO check IPv6 address harder - IPv6address = "[0-9a-f.:]+"; - in x: isString x && match IPv6address x != null; - merge = mergeOneOption; - }; - - pgp-pubkey = str; - - ssh-pubkey = str; - ssh-privkey = submodule { - options = { - bits = mkOption { - type = nullOr (enum ["4096"]); - default = null; - }; - path = mkOption { - type = either path str; - apply = x: { - path = toString x; - string = x; - }.${typeOf x}; - }; - type = mkOption { - type = enum ["rsa" "ed25519"]; - default = "ed25519"; - }; - }; - }; - - tinc-pubkey = str; - - krebs.file-location = types.submodule { - options = { - # TODO user - host = mkOption { - type = host; - }; - # TODO merge with ssl.privkey.path - path = mkOption { - type = types.either types.path types.str; - apply = x: { - path = toString x; - string = x; - }.${typeOf x}; - }; - }; - }; - - file-mode = mkOptionType { - name = "file mode"; - check = x: isString x && match "[0-7]{4}" x != null; - merge = mergeOneOption; - }; - - haskell.conid = mkOptionType { - name = "Haskell constructor identifier"; - check = x: - isString x && match "[[:upper:]][[:lower:]_[:upper:]0-9']*" x != null; - merge = mergeOneOption; - }; - - haskell.modid = mkOptionType { - name = "Haskell module identifier"; - check = x: isString x && all haskell.conid.check (splitString "." x); - merge = mergeOneOption; - }; - - # RFC952, B. Lexical grammar, - hostname = mkOptionType { - name = "hostname"; - check = x: isString x && all label.check (splitString "." x); - merge = mergeOneOption; - }; - - # RFC952, B. Lexical grammar, - # RFC1123, 2.1 Host Names and Numbers - label = mkOptionType { - name = "label"; - # TODO case-insensitive labels - check = x: isString x - && match "[0-9A-Za-z]([0-9A-Za-z-]*[0-9A-Za-z])?" x != null; - merge = mergeOneOption; - }; - - # POSIX.1‐2013, 3.278 Portable Filename Character Set - filename = mkOptionType { - name = "POSIX filename"; - check = x: isString x && match "([0-9A-Za-z._])[0-9A-Za-z._-]*" x != null; - merge = mergeOneOption; - }; - - # POSIX.1‐2013, 3.2 Absolute Pathname - # TODO normalize slashes - # TODO two slashes - absolute-pathname = mkOptionType { - name = "POSIX absolute pathname"; - check = x: let xs = splitString "/" x; xa = head xs; in - isString x - && stringLength x > 0 - && (xa == "/" || (xa == "" && all filename.check (tail xs))); - merge = mergeOneOption; - }; - - # POSIX.1‐2013, 3.267 Pathname - # TODO normalize slashes - pathname = mkOptionType { - name = "POSIX pathname"; - check = x: let xs = splitString "/" x; in - isString x && all filename.check (if head xs == "" then tail xs else xs); - merge = mergeOneOption; - }; - - # POSIX.1-2013, 3.431 User Name - username = mkOptionType { - name = "POSIX username"; - check = filename.check; - merge = mergeOneOption; - }; -} diff --git a/lib/default.nix b/lib/default.nix index 1f5010853..2b12fa4bf 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -1,10 +1,44 @@ let - lib = import // builtins // { + nixpkgs-lib = import ; + lib = with lib; nixpkgs-lib // builtins // { + git = import ./git.nix { inherit lib; }; shell = import ./shell.nix { inherit lib; }; + types = nixpkgs-lib.types // import ./types.nix { inherit lib; }; eq = x: y: x == y; ne = x: y: x != y; mod = x: y: x - y * (x / y); + + genid = import ./genid.nix { inherit lib; }; + genid_signed = x: ((lib.genid x) + 16777216) / 2; + + lpad = n: c: s: + if lib.stringLength s < n + then lib.lpad n c (c + s) + else s; + + subdirsOf = path: + lib.mapAttrs (name: _: path + "/${name}") + (filterAttrs (_: eq "directory") (readDir path)); + + genAttrs' = names: f: listToAttrs (map f names); + + getAttrs = names: set: + listToAttrs (map (name: nameValuePair name set.${name}) + (filter (flip hasAttr set) names)); + + setAttr = name: value: set: set // { ${name} = value; }; + + toC = x: let + type = typeOf x; + reject = throw "cannot convert ${type}"; + in { + list = "{ ${concatStringsSep ", " (map toC x)} }"; + null = "NULL"; + set = if isDerivation x then toJSON x else reject; + string = toJSON x; # close enough + }.${type} or reject; + }; in diff --git a/lib/genid.nix b/lib/genid.nix new file mode 100644 index 000000000..0aed1d351 --- /dev/null +++ b/lib/genid.nix @@ -0,0 +1,37 @@ +{ lib, ... }: +with lib; +with builtins; +let out = genid; + + # id = genid s = (hash s + min) % max + # min <= genid s < max + # + # min = 2^24 = 16777216 = 0x001000000 + # max = 2^32 = 4294967296 = 0x100000000 + # + # id is bigger than UID of nobody and GID of nogroup + # see and some spare for stuff like lxd. + # + # :: str -> uint32 + genid = s: sum16 (addmod16_16777216 (hash s)); + + # :: str -> list8 uint4 + hash = s: + map hexint (stringToCharacters (substring 32 8 (hashString "sha1" s))); + + # :: list uint -> uint + sum16 = foldl (a: i: a * 16 + i) 0; + + # :: list8 uint4 -> list1 uint8 ++ list6 uint4 + addmod16_16777216 = x: let + a = 16 * head x + head (tail x); + d = tail (tail x); + in [(mod (a + 1) 256)] ++ d; + + # :: char -> uint4 + hexint = x: hexvals.${toLower x}; + + # :: attrset char uint4 + hexvals = listToAttrs (imap (i: c: { name = c; value = i - 1; }) + (stringToCharacters "0123456789abcdef")); +in out diff --git a/lib/git.nix b/lib/git.nix new file mode 100644 index 000000000..005c017a9 --- /dev/null +++ b/lib/git.nix @@ -0,0 +1,47 @@ +{ lib, ... }: + +with lib; + +let + addName = name: set: + set // { inherit name; }; + + addNames = mapAttrs addName; + + commands = addNames { + git-receive-pack = {}; + git-upload-pack = {}; + }; + + receive-modes = addNames { + fast-forward = {}; + non-fast-forward = {}; + create = {}; + delete = {}; + merge = {}; # TODO implement in git.nix + }; + + permissions = { + fetch = { + allow-commands = [ + commands.git-upload-pack + ]; + }; + + push = ref: extra-modes: { + allow-commands = [ + commands.git-receive-pack + commands.git-upload-pack + ]; + allow-receive-ref = ref; + allow-receive-modes = [ receive-modes.fast-forward ] ++ extra-modes; + }; + }; + + refs = { + master = "refs/heads/master"; + all-heads = "refs/heads/*"; + }; + +in +commands // receive-modes // permissions // refs diff --git a/lib/types.nix b/lib/types.nix new file mode 100644 index 000000000..edd48c35b --- /dev/null +++ b/lib/types.nix @@ -0,0 +1,459 @@ +{ lib, ... }: + +let + inherit (lib) + all any concatMapStringsSep concatStringsSep const filter flip genid + hasSuffix head isInt isString length match mergeOneOption mkOption + mkOptionType optional optionalAttrs optionals range splitString + stringLength tail typeOf; + inherit (lib.types) + attrsOf bool either enum int listOf nullOr path str string submodule; +in + +rec { + + host = submodule ({ config, ... }: { + options = { + name = mkOption { + type = label; + default = config._module.args.name; + }; + cores = mkOption { + type = positive; + }; + nets = mkOption { + type = attrsOf net; + default = {}; + }; + + binary-cache.pubkey = mkOption { + type = nullOr binary-cache-pubkey; + default = null; + }; + + owner = mkOption { + type = user; + }; + + extraZones = mkOption { + default = {}; + # TODO: string is either MX, NS, A or AAAA + type = attrsOf string; + }; + + secure = mkOption { + type = bool; + default = false; + description = '' + If true, then the host is capable of keeping secret information. + + TODO define minimum requirements for secure hosts + ''; + }; + + ssh.pubkey = mkOption { + type = nullOr ssh-pubkey; + default = null; + }; + ssh.privkey = mkOption { + type = nullOr ssh-privkey; + default = null; + }; + }; + }); + + net = submodule ({ config, ... }: { + options = { + name = mkOption { + type = label; + default = config._module.args.name; + }; + via = mkOption { + type = nullOr net; + default = null; + }; + addrs = mkOption { + type = listOf addr; + default = + optional (config.ip4 != null) config.ip4.addr ++ + optional (config.ip6 != null) config.ip6.addr; + }; + aliases = mkOption { + # TODO nonEmptyListOf hostname + type = listOf hostname; + default = []; + }; + ip4 = mkOption { + type = nullOr (submodule { + options = { + addr = mkOption { + type = addr4; + }; + prefix = mkOption ({ + type = str; # TODO routing prefix (CIDR) + } // optionalAttrs (config.name == "retiolum") { + default = "10.243.0.0/16"; + }); + }; + }); + default = null; + }; + ip6 = mkOption { + type = nullOr (submodule { + options = { + addr = mkOption { + type = addr6; + }; + prefix = mkOption ({ + type = str; # TODO routing prefix (CIDR) + } // optionalAttrs (config.name == "retiolum") { + default = "42::/16"; + }); + }; + }); + default = null; + }; + ssh = mkOption { + type = submodule { + options = { + port = mkOption { + type = int; + default = 22; + }; + }; + }; + default = {}; + }; + tinc = mkOption { + type = let net = config; in nullOr (submodule ({ config, ... }: { + options = { + config = mkOption { + type = str; + default = concatStringsSep "\n" ( + (optionals (net.via != null) + (map (a: "Address = ${a} ${toString config.port}") net.via.addrs)) + ++ + (map (a: "Subnet = ${a}") net.addrs) + ++ + [config.extraConfig] + ++ + [config.pubkey] + ); + }; + pubkey = mkOption { + type = tinc-pubkey; + }; + extraConfig = mkOption { + description = "Extra Configuration to be appended to the hosts file"; + default = ""; + type = string; + }; + port = mkOption { + type = int; + description = "tinc port to use to connect to host"; + default = 655; + }; + }; + })); + default = null; + }; + }; + }); + + positive = mkOptionType { + name = "positive integer"; + check = x: isInt x && x > 0; + merge = mergeOneOption; + }; + + uint = mkOptionType { + name = "unsigned integer"; + check = x: isInt x && x >= 0; + merge = mergeOneOption; + }; + + secret-file = submodule ({ config, ... }: { + options = { + name = mkOption { + type = filename; + default = config._module.args.name; + }; + path = mkOption { + type = absolute-pathname; + default = "/run/keys/${config.name}"; + }; + mode = mkOption { + type = file-mode; + default = "0400"; + }; + owner = mkOption { + type = user; + }; + group-name = mkOption { + type = str; + default = "root"; + }; + source-path = mkOption { + type = str; + default = toString + "/${config.name}"; + }; + }; + }); + + + source = submodule ({ config, ... }: { + options = { + type = let + types = ["file" "git" "symlink"]; + in mkOption { + type = enum types; + default = let + cands = filter (k: config.${k} != null) types; + in + if length cands == 1 + then head cands + else throw "cannot determine type"; + }; + file = let + file-path = (file-source.getSubOptions "FIXME").path.type; + in mkOption { + type = nullOr (either file-source file-path); + default = null; + apply = x: + if file-path.check x + then { path = x; } + else x; + }; + git = mkOption { + type = nullOr git-source; + default = null; + }; + symlink = let + symlink-target = (symlink-source.getSubOptions "FIXME").target.type; + in mkOption { + type = nullOr (either symlink-source symlink-target); + default = null; + apply = x: + if symlink-target.check x + then { target = x; } + else x; + }; + }; + }); + + file-source = submodule { + options = { + path = mkOption { + type = absolute-pathname; + }; + }; + }; + + git-source = submodule { + options = { + ref = mkOption { + type = str; # TODO types.git.ref + }; + url = mkOption { + type = str; # TODO types.git.url + }; + }; + }; + + symlink-source = submodule { + options = { + target = mkOption { + type = pathname; # TODO relative-pathname + }; + }; + }; + + + suffixed-str = suffs: + mkOptionType { + name = "string suffixed by ${concatStringsSep ", " suffs}"; + check = x: isString x && any (flip hasSuffix x) suffs; + merge = mergeOneOption; + }; + + user = submodule ({ config, ... }: { + options = { + home = mkOption { + type = absolute-pathname; + default = "/home/${config.name}"; + }; + mail = mkOption { + type = str; # TODO retiolum mail address + default = "${config._module.args.name}@${config.networking.hostName}.r"; + }; + name = mkOption { + type = username; + default = config._module.args.name; + }; + pgp.pubkeys = mkOption { + type = attrsOf pgp-pubkey; + default = {}; + description = '' + Set of user's PGP public keys. + + Modules supporting PGP may use well-known key names to define + default values for options, in which case the well-known name + should be documented in the respective option's description. + ''; + }; + pubkey = mkOption { + type = nullOr ssh-pubkey; + default = null; + }; + uid = mkOption { + type = int; + default = genid config.name; + }; + }; + }); + group = submodule ({ config, ... }: { + options = { + name = mkOption { + type = username; + default = config._module.args.name; + }; + gid = mkOption { + type = int; + default = genid config.name; + }; + }; + }); + + addr = either addr4 addr6; + addr4 = mkOptionType { + name = "IPv4 address"; + check = let + IPv4address = let d = "([1-9]?[0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])"; in + concatMapStringsSep "." (const d) (range 1 4); + in x: isString x && match IPv4address x != null; + merge = mergeOneOption; + }; + addr6 = mkOptionType { + name = "IPv6 address"; + check = let + # TODO check IPv6 address harder + IPv6address = "[0-9a-f.:]+"; + in x: isString x && match IPv6address x != null; + merge = mergeOneOption; + }; + + binary-cache-pubkey = str; + + pgp-pubkey = str; + + ssh-pubkey = str; + ssh-privkey = submodule { + options = { + bits = mkOption { + type = nullOr (enum ["4096"]); + default = null; + }; + path = mkOption { + type = either path str; + apply = x: { + path = toString x; + string = x; + }.${typeOf x}; + }; + type = mkOption { + type = enum ["rsa" "ed25519"]; + default = "ed25519"; + }; + }; + }; + + tinc-pubkey = str; + + krebs.file-location = submodule { + options = { + # TODO user + host = mkOption { + type = host; + }; + # TODO merge with ssl.privkey.path + path = mkOption { + type = either path str; + apply = x: { + path = toString x; + string = x; + }.${typeOf x}; + }; + }; + }; + + file-mode = mkOptionType { + name = "file mode"; + check = x: isString x && match "[0-7]{4}" x != null; + merge = mergeOneOption; + }; + + haskell.conid = mkOptionType { + name = "Haskell constructor identifier"; + check = x: + isString x && match "[[:upper:]][[:lower:]_[:upper:]0-9']*" x != null; + merge = mergeOneOption; + }; + + haskell.modid = mkOptionType { + name = "Haskell module identifier"; + check = x: isString x && all haskell.conid.check (splitString "." x); + merge = mergeOneOption; + }; + + # RFC952, B. Lexical grammar, + hostname = mkOptionType { + name = "hostname"; + check = x: isString x && all label.check (splitString "." x); + merge = mergeOneOption; + }; + + # RFC952, B. Lexical grammar, + # RFC1123, 2.1 Host Names and Numbers + label = mkOptionType { + name = "label"; + # TODO case-insensitive labels + check = x: isString x + && match "[0-9A-Za-z]([0-9A-Za-z-]*[0-9A-Za-z])?" x != null; + merge = mergeOneOption; + }; + + # POSIX.1‐2013, 3.278 Portable Filename Character Set + filename = mkOptionType { + name = "POSIX filename"; + check = x: isString x && match "([0-9A-Za-z._])[0-9A-Za-z._-]*" x != null; + merge = mergeOneOption; + }; + + # POSIX.1‐2013, 3.2 Absolute Pathname + # TODO normalize slashes + # TODO two slashes + absolute-pathname = mkOptionType { + name = "POSIX absolute pathname"; + check = x: let xs = splitString "/" x; xa = head xs; in + isString x + && stringLength x > 0 + && (xa == "/" || (xa == "" && all filename.check (tail xs))); + merge = mergeOneOption; + }; + + # POSIX.1‐2013, 3.267 Pathname + # TODO normalize slashes + pathname = mkOptionType { + name = "POSIX pathname"; + check = x: let xs = splitString "/" x; in + isString x && all filename.check (if head xs == "" then tail xs else xs); + merge = mergeOneOption; + }; + + # POSIX.1-2013, 3.431 User Name + username = mkOptionType { + name = "POSIX username"; + check = filename.check; + merge = mergeOneOption; + }; +} -- cgit v1.2.3 From 4a6fbbbe503e32096a30a07c3ee51d3524057b8e Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 20 Oct 2016 20:26:15 +0200 Subject: krebs.lib: use --- krebs/3modules/lib.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/3modules/lib.nix b/krebs/3modules/lib.nix index ccd6a6afa..1b812366e 100644 --- a/krebs/3modules/lib.nix +++ b/krebs/3modules/lib.nix @@ -10,6 +10,6 @@ let type = types.attrs; }; imp = { - krebs.lib = lib // import ../4lib { inherit config lib; } // builtins; + krebs.lib = import ; }; in out -- cgit v1.2.3 From f47bab7f710b7c8a282c3a3c38affc8a0bc30cc9 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 20 Oct 2016 20:54:38 +0200 Subject: drop config.krebs.lib --- krebs/3modules/Reaktor.nix | 2 +- krebs/3modules/apt-cacher-ng.nix | 2 +- krebs/3modules/backup.nix | 2 +- krebs/3modules/bepasty-server.nix | 2 +- krebs/3modules/build.nix | 2 +- krebs/3modules/buildbot/master.nix | 2 +- krebs/3modules/buildbot/slave.nix | 2 +- krebs/3modules/current.nix | 2 +- krebs/3modules/default.nix | 3 +-- krebs/3modules/exim-retiolum.nix | 2 +- krebs/3modules/exim-smarthost.nix | 2 +- krebs/3modules/exim.nix | 2 +- krebs/3modules/fetchWallpaper.nix | 2 +- krebs/3modules/git.nix | 4 ++-- krebs/3modules/github-hosts-sync.nix | 2 +- krebs/3modules/go.nix | 2 +- krebs/3modules/lass/default.nix | 2 +- krebs/3modules/lib.nix | 15 --------------- krebs/3modules/makefu/default.nix | 2 +- krebs/3modules/mv/default.nix | 2 +- krebs/3modules/nginx.nix | 2 +- krebs/3modules/nixpkgs.nix | 2 +- krebs/3modules/on-failure.nix | 2 +- krebs/3modules/os-release.nix | 2 +- krebs/3modules/per-user.nix | 2 +- krebs/3modules/power-action.nix | 2 +- krebs/3modules/realwallpaper.nix | 2 +- krebs/3modules/repo-sync.nix | 2 +- krebs/3modules/retiolum-bootstrap.nix | 2 +- krebs/3modules/retiolum.nix | 2 +- krebs/3modules/rtorrent.nix | 2 +- krebs/3modules/secret.nix | 2 +- krebs/3modules/setuid.nix | 2 +- krebs/3modules/shared/default.nix | 2 +- krebs/3modules/tinc_graphs.nix | 2 +- krebs/3modules/tv/default.nix | 2 +- krebs/3modules/urlwatch.nix | 2 +- krebs/5pkgs/builders.nix | 2 +- krebs/5pkgs/default.nix | 2 +- krebs/default.nix | 2 +- lass/1systems/helios.nix | 2 +- lass/1systems/mors.nix | 2 +- lass/1systems/prism.nix | 2 +- lass/1systems/uriel.nix | 2 +- lass/2configs/backups.nix | 2 +- lass/2configs/browsers.nix | 2 +- lass/2configs/buildbot-standalone.nix | 2 +- lass/2configs/c-base.nix | 2 +- lass/2configs/default.nix | 2 +- lass/2configs/downloading.nix | 2 +- lass/2configs/exim-retiolum.nix | 2 +- lass/2configs/exim-smarthost.nix | 2 +- lass/2configs/gc.nix | 2 +- lass/2configs/git.nix | 2 +- lass/2configs/go.nix | 2 +- lass/2configs/hw/tp-x220.nix | 2 +- lass/2configs/libvirt.nix | 2 +- lass/2configs/pulse.nix | 2 +- lass/2configs/radio.nix | 4 ++-- lass/2configs/repo-sync.nix | 2 +- lass/2configs/skype.nix | 2 +- lass/2configs/teamviewer.nix | 2 +- lass/2configs/vim.nix | 2 +- lass/2configs/weechat.nix | 2 +- lass/2configs/xserver/Xresources.nix | 2 +- lass/2configs/xserver/default.nix | 2 +- lass/2configs/xserver/xserver.conf.nix | 2 +- lass/3modules/ejabberd/config.nix | 2 +- lass/3modules/ejabberd/default.nix | 2 +- lass/3modules/hosts.nix | 2 +- lass/3modules/owncloud_nginx.nix | 2 +- lass/3modules/static_nginx.nix | 2 +- lass/3modules/umts.nix | 2 +- lass/3modules/usershadow.nix | 2 +- lass/3modules/wordpress_nginx.nix | 2 +- makefu/1systems/darth.nix | 2 +- makefu/1systems/gum.nix | 2 +- makefu/1systems/omo.nix | 2 +- makefu/1systems/wry.nix | 2 +- makefu/2configs/backup.nix | 2 +- makefu/2configs/base-gui.nix | 2 +- makefu/2configs/bepasty-dual.nix | 2 +- makefu/2configs/collectd/collectd-base.nix | 2 +- makefu/2configs/default.nix | 2 +- makefu/2configs/deployment/mycube.connector.one.nix | 2 +- makefu/2configs/elchos/stats.nix | 2 +- makefu/2configs/exim-retiolum.nix | 2 +- makefu/2configs/filepimp-share.nix | 2 +- makefu/2configs/fs/cac-boot-partition.nix | 2 +- makefu/2configs/fs/sda-crypto-root-home.nix | 2 +- makefu/2configs/fs/sda-crypto-root.nix | 2 +- makefu/2configs/fs/vm-single-partition.nix | 2 +- makefu/2configs/git/brain-retiolum.nix | 2 +- makefu/2configs/git/cgit-retiolum.nix | 2 +- makefu/2configs/graphite-standalone.nix | 2 +- makefu/2configs/hw/tp-x200.nix | 2 +- makefu/2configs/hw/tp-x220.nix | 2 +- makefu/2configs/hw/tp-x2x0.nix | 2 +- makefu/2configs/mail-client.nix | 2 +- makefu/2configs/main-laptop.nix | 2 +- makefu/2configs/mattermost-docker.nix | 2 +- makefu/2configs/nginx/euer.blog.nix | 2 +- makefu/2configs/nginx/euer.test.nix | 2 +- makefu/2configs/nginx/euer.wiki.nix | 2 +- makefu/2configs/nginx/icecult.nix | 2 +- makefu/2configs/nginx/public_html.nix | 2 +- makefu/2configs/nginx/update.connector.one.nix | 2 +- makefu/2configs/omo-share.nix | 2 +- makefu/2configs/sabnzbd.nix | 2 +- makefu/2configs/solr.nix | 2 +- makefu/2configs/torrent.nix | 2 +- makefu/2configs/zsh-user.nix | 2 +- makefu/3modules/awesome-extra.nix | 2 +- makefu/3modules/deluge.nix | 2 +- makefu/3modules/forward-journal.nix | 2 +- makefu/3modules/opentracker.nix | 2 +- makefu/3modules/ps3netsrv.nix | 2 +- makefu/3modules/snapraid.nix | 2 +- makefu/3modules/taskserver.nix | 2 +- makefu/3modules/udpt.nix | 2 +- makefu/3modules/umts.nix | 2 +- mv/1systems/stro.nix | 2 +- shared/2configs/cgit-mirror.nix | 2 +- shared/2configs/collectd-base.nix | 2 +- shared/2configs/default.nix | 2 +- shared/2configs/graphite.nix | 2 +- shared/2configs/shack-drivedroid.nix | 2 +- tv/1systems/alnus.nix | 2 +- tv/1systems/caxi.nix | 2 +- tv/1systems/cd.nix | 2 +- tv/1systems/mu.nix | 2 +- tv/1systems/nomic.nix | 2 +- tv/1systems/wu.nix | 2 +- tv/1systems/xu.nix | 2 +- tv/1systems/zu.nix | 2 +- tv/2configs/backup.nix | 2 +- tv/2configs/bash.nix | 2 +- tv/2configs/default.nix | 2 +- tv/2configs/exim-retiolum.nix | 2 +- tv/2configs/exim-smarthost.nix | 2 +- tv/2configs/git.nix | 2 +- tv/2configs/hw/AO753.nix | 2 +- tv/2configs/im.nix | 2 +- tv/2configs/nginx/default.nix | 2 +- tv/2configs/nginx/public_html.nix | 2 +- tv/2configs/pulse.nix | 2 +- tv/2configs/retiolum.nix | 2 +- tv/2configs/ssh.nix | 2 +- tv/2configs/sshd.nix | 2 +- tv/2configs/urlwatch.nix | 2 +- tv/2configs/vim.nix | 2 +- tv/2configs/wu-binary-cache/default.nix | 2 +- tv/2configs/xdg.nix | 2 +- tv/2configs/xserver/Xmodmap.nix | 2 +- tv/2configs/xserver/Xresources.nix | 2 +- tv/2configs/xserver/default.nix | 2 +- tv/2configs/xserver/xserver.conf.nix | 2 +- tv/2configs/xu-qemu0.nix | 2 +- tv/3modules/charybdis/config.nix | 2 +- tv/3modules/charybdis/default.nix | 2 +- tv/3modules/ejabberd/config.nix | 2 +- tv/3modules/ejabberd/default.nix | 2 +- tv/3modules/hosts.nix | 2 +- tv/3modules/iptables.nix | 2 +- tv/5pkgs/default.nix | 2 +- 165 files changed, 166 insertions(+), 182 deletions(-) delete mode 100644 krebs/3modules/lib.nix diff --git a/krebs/3modules/Reaktor.nix b/krebs/3modules/Reaktor.nix index d58661a28..d87003ac2 100644 --- a/krebs/3modules/Reaktor.nix +++ b/krebs/3modules/Reaktor.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import ; let ReaktorConfig = pkgs.writeText "config.py" '' diff --git a/krebs/3modules/apt-cacher-ng.nix b/krebs/3modules/apt-cacher-ng.nix index e80d383f8..f3c8ff0cd 100644 --- a/krebs/3modules/apt-cacher-ng.nix +++ b/krebs/3modules/apt-cacher-ng.nix @@ -1,6 +1,6 @@ { config, pkgs, lib, ... }: -with config.krebs.lib; +with import ; let acng-config = pkgs.writeTextFile { name = "acng-configuration"; diff --git a/krebs/3modules/backup.nix b/krebs/3modules/backup.nix index 4569d400f..96b283002 100644 --- a/krebs/3modules/backup.nix +++ b/krebs/3modules/backup.nix @@ -1,5 +1,5 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import ; let out = { options.krebs.backup = api; diff --git a/krebs/3modules/bepasty-server.nix b/krebs/3modules/bepasty-server.nix index 080d2188d..50e04cf80 100644 --- a/krebs/3modules/bepasty-server.nix +++ b/krebs/3modules/bepasty-server.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import ; let gunicorn = pkgs.pythonPackages.gunicorn; bepasty = pkgs.pythonPackages.bepasty-server; diff --git a/krebs/3modules/build.nix b/krebs/3modules/build.nix index 4848748cd..51f192703 100644 --- a/krebs/3modules/build.nix +++ b/krebs/3modules/build.nix @@ -1,6 +1,6 @@ { config, ... }: -with config.krebs.lib; +with import ; { options.krebs.build = { diff --git a/krebs/3modules/buildbot/master.nix b/krebs/3modules/buildbot/master.nix index bd17c3765..9e144ee0e 100644 --- a/krebs/3modules/buildbot/master.nix +++ b/krebs/3modules/buildbot/master.nix @@ -1,6 +1,6 @@ { config, pkgs, lib, ... }: -with config.krebs.lib; +with import ; let # https://github.com/NixOS/nixpkgs/issues/14026 diff --git a/krebs/3modules/buildbot/slave.nix b/krebs/3modules/buildbot/slave.nix index 02331ee12..650594a6c 100644 --- a/krebs/3modules/buildbot/slave.nix +++ b/krebs/3modules/buildbot/slave.nix @@ -1,6 +1,6 @@ { config, pkgs, lib, ... }: -with config.krebs.lib; +with import ; let buildbot-slave-init = pkgs.writeText "buildbot-slave.tac" '' import os diff --git a/krebs/3modules/current.nix b/krebs/3modules/current.nix index 9f63e33ac..e97e53479 100644 --- a/krebs/3modules/current.nix +++ b/krebs/3modules/current.nix @@ -1,6 +1,6 @@ { config, pkgs, lib, ... }: -with config.krebs.lib; +with import ; let cfg = config.krebs.current; diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index a4a5f9cad..ec85464df 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: -with config.krebs.lib; +with import ; let cfg = config.krebs; @@ -21,7 +21,6 @@ let ./git.nix ./go.nix ./iptables.nix - ./lib.nix ./newsbot-js.nix ./nginx.nix ./nixpkgs.nix diff --git a/krebs/3modules/exim-retiolum.nix b/krebs/3modules/exim-retiolum.nix index a18f1c979..05840e80a 100644 --- a/krebs/3modules/exim-retiolum.nix +++ b/krebs/3modules/exim-retiolum.nix @@ -1,6 +1,6 @@ { config, pkgs, lib, ... }: -with config.krebs.lib; +with import ; let cfg = config.krebs.exim-retiolum; diff --git a/krebs/3modules/exim-smarthost.nix b/krebs/3modules/exim-smarthost.nix index cfe2e5f04..2ed5607f1 100644 --- a/krebs/3modules/exim-smarthost.nix +++ b/krebs/3modules/exim-smarthost.nix @@ -1,6 +1,6 @@ { config, pkgs, lib, ... }: -with config.krebs.lib; +with import ; let indent = replaceChars ["\n"] ["\n "]; cfg = config.krebs.exim-smarthost; diff --git a/krebs/3modules/exim.nix b/krebs/3modules/exim.nix index 7b18c72c1..1127c0a50 100644 --- a/krebs/3modules/exim.nix +++ b/krebs/3modules/exim.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }: with config.krebs.lib; let +{ config, lib, pkgs, ... }: with import ; let cfg = config.krebs.exim; in { options.krebs.exim = { diff --git a/krebs/3modules/fetchWallpaper.nix b/krebs/3modules/fetchWallpaper.nix index 0adcec3d8..94bcbed9d 100644 --- a/krebs/3modules/fetchWallpaper.nix +++ b/krebs/3modules/fetchWallpaper.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import ; let cfg = config.krebs.fetchWallpaper; diff --git a/krebs/3modules/git.nix b/krebs/3modules/git.nix index 6a03b4638..e6b98a923 100644 --- a/krebs/3modules/git.nix +++ b/krebs/3modules/git.nix @@ -6,7 +6,7 @@ # TODO when authorized_keys changes, then restart ssh # (or kill already connected users somehow) -with config.krebs.lib; +with import ; let cfg = config.krebs.git; @@ -97,7 +97,7 @@ let singleton { user = [ config.krebs.users.tv ]; repo = [ testing ]; # see literal example of repos - perm = push "refs/*" (with config.krebs.lib.git; [ + perm = push "refs/*" (with git; [ non-fast-forward create delete merge ]); } diff --git a/krebs/3modules/github-hosts-sync.nix b/krebs/3modules/github-hosts-sync.nix index 3646d35d6..e6db3aa42 100644 --- a/krebs/3modules/github-hosts-sync.nix +++ b/krebs/3modules/github-hosts-sync.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import ; let cfg = config.krebs.github-hosts-sync; diff --git a/krebs/3modules/go.nix b/krebs/3modules/go.nix index 52a104bb9..a86f444dc 100644 --- a/krebs/3modules/go.nix +++ b/krebs/3modules/go.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import ; let cfg = config.krebs.go; diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 08e8995fa..5c4f5fa24 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: -with config.krebs.lib; +with import ; { hosts = mapAttrs (_: setAttr "owner" config.krebs.users.lass) { diff --git a/krebs/3modules/lib.nix b/krebs/3modules/lib.nix deleted file mode 100644 index 1b812366e..000000000 --- a/krebs/3modules/lib.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ config, pkgs, lib, ... }: -with lib; -let - out = { - options.krebs.lib = api; - config = imp; - }; - api = mkOption { - default = {}; - type = types.attrs; - }; - imp = { - krebs.lib = import ; - }; -in out diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index e79e54aa6..7317e0b60 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: -with config.krebs.lib; +with import ; { hosts = mapAttrs (_: setAttr "owner" config.krebs.users.makefu) { diff --git a/krebs/3modules/mv/default.nix b/krebs/3modules/mv/default.nix index dc47d8983..a95536122 100644 --- a/krebs/3modules/mv/default.nix +++ b/krebs/3modules/mv/default.nix @@ -1,6 +1,6 @@ { config, ... }: -with config.krebs.lib; +with import ; { hosts = mapAttrs (_: setAttr "owner" config.krebs.users.mv) { diff --git a/krebs/3modules/nginx.nix b/krebs/3modules/nginx.nix index 214f55018..1577c5b64 100644 --- a/krebs/3modules/nginx.nix +++ b/krebs/3modules/nginx.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import ; let cfg = config.krebs.nginx; diff --git a/krebs/3modules/nixpkgs.nix b/krebs/3modules/nixpkgs.nix index 5816b8a30..796ee537e 100644 --- a/krebs/3modules/nixpkgs.nix +++ b/krebs/3modules/nixpkgs.nix @@ -1,5 +1,5 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import ; let cfg = config.krebs.nixpkgs; diff --git a/krebs/3modules/on-failure.nix b/krebs/3modules/on-failure.nix index a471a4bc2..8bb022442 100644 --- a/krebs/3modules/on-failure.nix +++ b/krebs/3modules/on-failure.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }: with config.krebs.lib; let +{ config, lib, pkgs, ... }: with import ; let out = { options.krebs.on-failure = api; config = lib.mkIf cfg.enable imp; diff --git a/krebs/3modules/os-release.nix b/krebs/3modules/os-release.nix index 4c803fff8..50cf72ef9 100644 --- a/krebs/3modules/os-release.nix +++ b/krebs/3modules/os-release.nix @@ -1,5 +1,5 @@ { config, ... }: -with config.krebs.lib; +with import ; let nixos-version-id = "${config.system.nixosVersion}"; nixos-version = "${nixos-version-id} (${config.system.nixosCodeName})"; diff --git a/krebs/3modules/per-user.nix b/krebs/3modules/per-user.nix index 93a7d2293..1b8d092bb 100644 --- a/krebs/3modules/per-user.nix +++ b/krebs/3modules/per-user.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import ; let cfg = config.krebs.per-user; diff --git a/krebs/3modules/power-action.nix b/krebs/3modules/power-action.nix index bb5b3e521..f405482de 100644 --- a/krebs/3modules/power-action.nix +++ b/krebs/3modules/power-action.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import ; let cfg = config.krebs.power-action; diff --git a/krebs/3modules/realwallpaper.nix b/krebs/3modules/realwallpaper.nix index df374e184..1564bd94a 100644 --- a/krebs/3modules/realwallpaper.nix +++ b/krebs/3modules/realwallpaper.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import ; let cfg = config.krebs.realwallpaper; diff --git a/krebs/3modules/repo-sync.nix b/krebs/3modules/repo-sync.nix index bcd9da5ea..7705635f0 100644 --- a/krebs/3modules/repo-sync.nix +++ b/krebs/3modules/repo-sync.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import ; let cfg = config.krebs.repo-sync; diff --git a/krebs/3modules/retiolum-bootstrap.nix b/krebs/3modules/retiolum-bootstrap.nix index 9d393c90b..4bcd596d4 100644 --- a/krebs/3modules/retiolum-bootstrap.nix +++ b/krebs/3modules/retiolum-bootstrap.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import ; let cfg = config.krebs.retiolum-bootstrap; diff --git a/krebs/3modules/retiolum.nix b/krebs/3modules/retiolum.nix index 2b181a556..fddaed9e3 100644 --- a/krebs/3modules/retiolum.nix +++ b/krebs/3modules/retiolum.nix @@ -1,5 +1,5 @@ { config, pkgs, lib, ... }: -with config.krebs.lib; +with import ; let out = { options.krebs.tinc = api; diff --git a/krebs/3modules/rtorrent.nix b/krebs/3modules/rtorrent.nix index d53482339..bcc52fb6e 100644 --- a/krebs/3modules/rtorrent.nix +++ b/krebs/3modules/rtorrent.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import ; let cfg = config.krebs.rtorrent; webcfg = config.krebs.rtorrent.web; diff --git a/krebs/3modules/secret.nix b/krebs/3modules/secret.nix index 579f375f3..672c503b0 100644 --- a/krebs/3modules/secret.nix +++ b/krebs/3modules/secret.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }@args: with config.krebs.lib; let +{ config, lib, pkgs, ... }@args: with import ; let cfg = config.krebs.secret; in { options.krebs.secret = { diff --git a/krebs/3modules/setuid.nix b/krebs/3modules/setuid.nix index 65a4abe1c..13f981437 100644 --- a/krebs/3modules/setuid.nix +++ b/krebs/3modules/setuid.nix @@ -1,5 +1,5 @@ { config, pkgs, lib, ... }: -with config.krebs.lib; +with import ; let cfg = config.krebs.setuid; diff --git a/krebs/3modules/shared/default.nix b/krebs/3modules/shared/default.nix index a9868954e..a05889632 100644 --- a/krebs/3modules/shared/default.nix +++ b/krebs/3modules/shared/default.nix @@ -1,6 +1,6 @@ { config, ... }: -with config.krebs.lib; +with import ; let testHosts = genAttrs [ "test-arch" diff --git a/krebs/3modules/tinc_graphs.nix b/krebs/3modules/tinc_graphs.nix index d783ba03b..26a51de00 100644 --- a/krebs/3modules/tinc_graphs.nix +++ b/krebs/3modules/tinc_graphs.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import ; let cfg = config.krebs.tinc_graphs; internal_dir = "${cfg.workingDir}/internal"; diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix index a933cbddb..5773255ec 100644 --- a/krebs/3modules/tv/default.nix +++ b/krebs/3modules/tv/default.nix @@ -1,6 +1,6 @@ { config, ... }: -with config.krebs.lib; +with import ; { dns.providers = { diff --git a/krebs/3modules/urlwatch.nix b/krebs/3modules/urlwatch.nix index ed1a21260..e43f8de4a 100644 --- a/krebs/3modules/urlwatch.nix +++ b/krebs/3modules/urlwatch.nix @@ -4,7 +4,7 @@ # TODO inform about unused caches # cache = url: "${cfg.dataDir}/.urlwatch/cache/${hashString "sha1" url}" -with config.krebs.lib; +with import ; let cfg = config.krebs.urlwatch; diff --git a/krebs/5pkgs/builders.nix b/krebs/5pkgs/builders.nix index 841543819..5860b9a15 100644 --- a/krebs/5pkgs/builders.nix +++ b/krebs/5pkgs/builders.nix @@ -1,5 +1,5 @@ { config, pkgs, ... }: -with config.krebs.lib; +with import ; rec { execve = name: { filename, argv ? null, envp ? {}, destination ? "" }: let in writeC name { inherit destination; } /* c */ '' diff --git a/krebs/5pkgs/default.nix b/krebs/5pkgs/default.nix index 75d1dac82..876f8b9a4 100644 --- a/krebs/5pkgs/default.nix +++ b/krebs/5pkgs/default.nix @@ -1,5 +1,5 @@ { config, lib, pkgs, ... }@args: -with config.krebs.lib; +with import ; { nixpkgs.config.packageOverrides = pkgs: let diff --git a/krebs/default.nix b/krebs/default.nix index 93e006f3d..e5e8cbc49 100644 --- a/krebs/default.nix +++ b/krebs/default.nix @@ -1,5 +1,5 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import ; { imports = [ ./3modules diff --git a/lass/1systems/helios.nix b/lass/1systems/helios.nix index 8ce1d5748..c16080762 100644 --- a/lass/1systems/helios.nix +++ b/lass/1systems/helios.nix @@ -1,7 +1,7 @@ { config, pkgs, ... }: with builtins; -with config.krebs.lib; +with import ; { imports = [ diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index 1028ca652..ae48761e7 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -1,6 +1,6 @@ { config, pkgs, ... }: -with config.krebs.lib; +with import ; { imports = [ ../. diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index 8b4f1d7a2..76710ac9d 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import ; let ip = config.krebs.build.host.nets.internet.ip4.addr; diff --git a/lass/1systems/uriel.nix b/lass/1systems/uriel.nix index e1417c83d..b84fec317 100644 --- a/lass/1systems/uriel.nix +++ b/lass/1systems/uriel.nix @@ -1,7 +1,7 @@ { config, pkgs, ... }: with builtins; -with config.krebs.lib; +with import ; { imports = [ ../. diff --git a/lass/2configs/backups.nix b/lass/2configs/backups.nix index 916e08219..22b48f6e8 100644 --- a/lass/2configs/backups.nix +++ b/lass/2configs/backups.nix @@ -1,5 +1,5 @@ { config, lib, ... }: -with config.krebs.lib; +with import ; { krebs.backup.plans = { diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix index 90f420674..88ee70802 100644 --- a/lass/2configs/browsers.nix +++ b/lass/2configs/browsers.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import ; let mainUser = config.users.extraUsers.mainUser; diff --git a/lass/2configs/buildbot-standalone.nix b/lass/2configs/buildbot-standalone.nix index 628fdf61f..df01a84c0 100644 --- a/lass/2configs/buildbot-standalone.nix +++ b/lass/2configs/buildbot-standalone.nix @@ -1,6 +1,6 @@ { lib, config, pkgs, ... }: -with config.krebs.lib; +with import ; let sshHostConfig = pkgs.writeText "ssh-config" '' diff --git a/lass/2configs/c-base.nix b/lass/2configs/c-base.nix index 9d13bc30d..9295fd9ef 100644 --- a/lass/2configs/c-base.nix +++ b/lass/2configs/c-base.nix @@ -1,7 +1,7 @@ { config, lib, pkgs, ... }: let - inherit (config.krebs.lib) genid; + inherit (import ) genid; in { diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index 0b7ca8eaa..43c4d5b0d 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import ; { imports = [ ../2configs/audit.nix diff --git a/lass/2configs/downloading.nix b/lass/2configs/downloading.nix index 1bba5b416..79a609e2b 100644 --- a/lass/2configs/downloading.nix +++ b/lass/2configs/downloading.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import ; { users.extraUsers = { diff --git a/lass/2configs/exim-retiolum.nix b/lass/2configs/exim-retiolum.nix index c07b6c15a..1ee8d843e 100644 --- a/lass/2configs/exim-retiolum.nix +++ b/lass/2configs/exim-retiolum.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import ; { krebs.exim-retiolum.enable = true; diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix index 3ed8be77f..3bf78d9f4 100644 --- a/lass/2configs/exim-smarthost.nix +++ b/lass/2configs/exim-smarthost.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import ; { krebs.exim-smarthost = { diff --git a/lass/2configs/gc.nix b/lass/2configs/gc.nix index 8762ad95e..00f318e51 100644 --- a/lass/2configs/gc.nix +++ b/lass/2configs/gc.nix @@ -1,6 +1,6 @@ { config, ... }: -with config.krebs.lib; +with import ; { nix.gc = { automatic = ! elem config.krebs.build.host.name [ "prism" "mors" ]; diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index ab4450715..06cae734e 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import ; let diff --git a/lass/2configs/go.nix b/lass/2configs/go.nix index 795ad7a26..7d694c173 100644 --- a/lass/2configs/go.nix +++ b/lass/2configs/go.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import ; { environment.systemPackages = [ pkgs.go diff --git a/lass/2configs/hw/tp-x220.nix b/lass/2configs/hw/tp-x220.nix index be1faccea..4a7d0bbcd 100644 --- a/lass/2configs/hw/tp-x220.nix +++ b/lass/2configs/hw/tp-x220.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import ; { networking.wireless.enable = lib.mkDefault true; diff --git a/lass/2configs/libvirt.nix b/lass/2configs/libvirt.nix index a51ccae58..e739d2f79 100644 --- a/lass/2configs/libvirt.nix +++ b/lass/2configs/libvirt.nix @@ -2,7 +2,7 @@ let mainUser = config.users.extraUsers.mainUser; - inherit (config.krebs.lib) genid; + inherit (import ) genid; in { virtualisation.libvirtd.enable = true; diff --git a/lass/2configs/pulse.nix b/lass/2configs/pulse.nix index 3be482191..373207461 100644 --- a/lass/2configs/pulse.nix +++ b/lass/2configs/pulse.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import ; let pkg =