From 30e1376275bc5be97f36c6298dfe5c9203f31d18 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 30 Oct 2025 19:43:01 +0100 Subject: kartei tv: put ssh pubkeys in dedicated files --- kartei/tv/default.nix | 8 ++++---- kartei/tv/ssh/mv@vod.id_ed25519.pub | 1 + kartei/tv/ssh/tv@nomic.id_rsa.pub | 1 + kartei/tv/ssh/tv@wu.id_rsa.pub | 1 + kartei/tv/ssh/tv@xu.id_rsa.pub | 1 + 5 files changed, 8 insertions(+), 4 deletions(-) create mode 100644 kartei/tv/ssh/mv@vod.id_ed25519.pub create mode 100644 kartei/tv/ssh/tv@nomic.id_rsa.pub create mode 100644 kartei/tv/ssh/tv@wu.id_rsa.pub create mode 100644 kartei/tv/ssh/tv@xu.id_rsa.pub diff --git a/kartei/tv/default.nix b/kartei/tv/default.nix index e81bdd32b..5953a8b13 100644 --- a/kartei/tv/default.nix +++ b/kartei/tv/default.nix @@ -70,21 +70,21 @@ in { }; mv-ni = { mail = "mv@ni.r"; - pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGer9e2+Lew7vnisgBbsFNECEIkpNJgEaqQqgb9inWkQ mv@vod"; + pubkey = readFile (./ssh + "/mv@vod.id_ed25519.pub"); }; tv = { mail = "tv@nomic.r"; pgp.pubkeys.default = readFile ./pgp/CBF89B0B.asc; - pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDFR//RnCvEZAt0F6ExDsatKZ/DDdifanuSL360mqOhaFieKI34RoOwfQT9T+Ga52Vh5V2La6esvlph686EdgzeKLvDoxEwFM9ZYFBcMrNzu4bMTlgE7YUYw5JiORyXNfznBGnme6qpuvx9ibYhUyiZo99kM8ys5YrUHrP2JXQJMezDFZHxT4GFMOuSdh/1daGoKKD6hYL/jEHX8CI4E3BSmKK6ygYr1fVX0K0Tv77lIi5mLXucjR7CytWYWYnhM6DC3Hxpv2zRkPgf3k0x/Y1hrw3V/r0Me5h90pd2C8pFaWA2ZoUT/fmyVqvx1tZPYToU/O2dMItY0zgx2kR0yD+6g7Aahz3R+KlXkV8k5c8bbTbfGnZWDR1ZlbLRM9Yt5vosfwapUD90MmVkpmR3wUkO2sUKi80QfC7b4KvSDXQ+MImbGxMaU5Bnsq1PqLN95q+uat3nlAVBAELkcx51FlE9CaIS65y4J7FEDg8BE5JeuCNshh62VSYRXVSFt8bk3f/TFGgzC8OIo14BhVmiRQQ503Z1sROyf5xLX2a/EJavMm1i2Bs2TH6ROKY9z5Pz8hT5US0r381V8oG7TZyLF9HTtoy3wCYsgWA5EmLanjAsVU2YEeAA0rxzdtYP8Y2okFiJ6u+M4HQZ3Wg3peSodyp3vxdYce2vk4EKeqEFuuS82850DYb7Et7fmp+wQQUT8Q/bMO0DreWjHoMM5lE4LJ4ME6AxksmMiFtfo/4Fe2q9D+LAqZ+ANOcv9M+8Rn6ngiYmuRNd0l/a02q1PEvO6vTfXgcl4f7Z1IULHPEaDNZHCJS1K5RXYFqYQ6OHsTmOm7hnwaRAS97+VFMo1i5uvTx9nYaAcY7yzq3Ckfb67dMBKApGOpJpkvPgfrP7bgBO5rOZXM1opXqVPb09nljAhhAhyCTh1e/8+mJrBo0cLQ/LupQzVxGDgm3awSMPxsZAN45PSWz76zzxdDa1MMo51do+VJHfs7Wl0NcXAQrniOBYL9Wqt0qNkn1gY5smkkISGeQ/vxNap4MmzeZE7b5fpOy+2fpcRVQLpc4nooQzJvSVTFz+25lgZ6iHf45K87gQFMIAri1Pf/EDDpL87az+bRWvWi+BA2kMe1kf+Ay1LyMz8r+g51H0ma0bNFh6+fbWMfUiD9JCepIObclnUJ4NlWfcgHxTf17d/4tl6z4DTcLpCCk8Da77JouSHgvtcRbRlFV1OfhWZLXUsrlfpaQTiItv6TGIr3k7+7b66o3Qw/GQVs5GmYifaIZIz8n8my4XjkaMBd0SZfBzzvFjHMq6YUP9+SbjvReqofuoO+5tW1wTYZXitFFBfwuHlXm6w77K5QDBW6olT7pat41/F5eGxLcz tv@wu"; + pubkey = readFile (./ssh + "/tv@wu.id_rsa.pub"); uid = 1337; # TODO use default and document what has to be done (for vv) }; tv-nomic = { inherit (config.krebs.users.tv) mail; - pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC3dYR/n4Yw8OsYmfR2rSUG7o10G6AqOlSJHuHSEmANbMkqjiWl1TnpORtt5bAktyAGI4vWf9vhNEnxuIqGXWSV+3yCd7yfBHR1m0Y9QSw6blQ0xc1venl3JU0kpEyJfUn8a9cdXlnRiS0MP1gcsN7Zk8cqBELJYJajkSEnsT4eVaU5/wdnyzUO1fk8D8tFBJbF/tsWDLJPu4P18rpxq4wZgA2qmyHoVDEVlrz2OYcziXT6gpG0JGnToteaNg9ok5QavEYFpp8P+k1AacrBjc1PAb4MaMX1nfkSyaZwSqLdH35XkNRgPhVVmqZ5PlG3VeNpPSwpdcKi8P3zH1xG9g6Usx1SAyvcoAyGHdOwmFuA2tc1HgYEiQ+OsPrHZHujBOOZsKTN9+IZHScCAe+UmUcK413WEZKPs8PeFjf1gQAoDXb55JpksxLAnC/SQOl4FhkctIAXxr12ALlyt9UFPzIoj/Nj2MpFzGSlf653fTFmnMbQ8+GICc4TUpqx5GELZhfQuprBTv/55a9zKvM4B8XT3Bn9olQzMQIXEjXb3WUVFDDNWeNydToorYn1wG3ZWQ+3f0IlqRicWO7Q9BRj1Lp5rcUCb+naJ48tGY6HFUZ1Kz/0x458GDFvUd8mCJjqqmeSkUEeZd0xet5tVFg/bYoSslEqPF6pz7V3ruJMSdYxnQ== tv@nomic #2"; + pubkey = readFile (./ssh + "/tv@nomic.id_rsa.pub"); }; tv-xu = { inherit (config.krebs.users.tv) mail; - pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC/3nkqxe8YrDVt615n96A7iC3vvwsiqgpsBYC/bhwfBHu1bAtBmTWVqSKDIdwg7p8TQpIKtAgZ3IJT3BlrnVTeR4RIviLjHjYWW1NBhm+nXi+heThgi5fLciE3lVLVsy5X9Kc1ZPLgLa1In0REOanwbueOD0ESN1yKIDwUUdczw/o3dLDMzanqFHKuSSN4o9Ex2x+MRj9eLsb706s4VSYMo3lirRCJeAOGv1C7Xg1cuepdhIeJsq9aF7vSy15c0nCkWwr8zdY7pbMPYCe5zvIEymZ0UowZ5HQ3NmIZnYDxa4E1PFjDczHdQbVmmGMI80grNwMsHzQ6bynHSPXDoLf4WodXlhS0+9Ju5QavDT6uqZ9uhDBuWC8QNgWUMIJnEaTBFyA0OI1akl8Q2RLC+qnNf5IwItSq+GDwEsB2ZJNW3kOk1kNiCUrBafRYpPaFeP97wzzP4uYlBKAr2SOLrrkf7NFEdw2ihxhDMNnps/ErRJ8U0zdpmalw8mItGyqRULpHjk/wN00rYOdBIhW3G3QJuVgtGnWtGCBG5x70EfMiSEXPD3YSsVVsgKD+v8qr+YiilRRD+N3gaHhiOWA6HgxRNul/P4llk0ktTpb9LoHk2+oooTH5ZuuT/8yF8J4stZt7EIOH+mSOAXG1z0BwnEkQu7pVKwu/oOZpGJTvBrGwww== tv@xu"; + pubkey = readFile (./ssh + "/tv@xu.id_rsa.pub"); }; vv = { mail = "vv@mu.r"; diff --git a/kartei/tv/ssh/mv@vod.id_ed25519.pub b/kartei/tv/ssh/mv@vod.id_ed25519.pub new file mode 100644 index 000000000..7b7d2e260 --- /dev/null +++ b/kartei/tv/ssh/mv@vod.id_ed25519.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGer9e2+Lew7vnisgBbsFNECEIkpNJgEaqQqgb9inWkQ mv@vod diff --git a/kartei/tv/ssh/tv@nomic.id_rsa.pub b/kartei/tv/ssh/tv@nomic.id_rsa.pub new file mode 100644 index 000000000..519beb0e6 --- /dev/null +++ b/kartei/tv/ssh/tv@nomic.id_rsa.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC3dYR/n4Yw8OsYmfR2rSUG7o10G6AqOlSJHuHSEmANbMkqjiWl1TnpORtt5bAktyAGI4vWf9vhNEnxuIqGXWSV+3yCd7yfBHR1m0Y9QSw6blQ0xc1venl3JU0kpEyJfUn8a9cdXlnRiS0MP1gcsN7Zk8cqBELJYJajkSEnsT4eVaU5/wdnyzUO1fk8D8tFBJbF/tsWDLJPu4P18rpxq4wZgA2qmyHoVDEVlrz2OYcziXT6gpG0JGnToteaNg9ok5QavEYFpp8P+k1AacrBjc1PAb4MaMX1nfkSyaZwSqLdH35XkNRgPhVVmqZ5PlG3VeNpPSwpdcKi8P3zH1xG9g6Usx1SAyvcoAyGHdOwmFuA2tc1HgYEiQ+OsPrHZHujBOOZsKTN9+IZHScCAe+UmUcK413WEZKPs8PeFjf1gQAoDXb55JpksxLAnC/SQOl4FhkctIAXxr12ALlyt9UFPzIoj/Nj2MpFzGSlf653fTFmnMbQ8+GICc4TUpqx5GELZhfQuprBTv/55a9zKvM4B8XT3Bn9olQzMQIXEjXb3WUVFDDNWeNydToorYn1wG3ZWQ+3f0IlqRicWO7Q9BRj1Lp5rcUCb+naJ48tGY6HFUZ1Kz/0x458GDFvUd8mCJjqqmeSkUEeZd0xet5tVFg/bYoSslEqPF6pz7V3ruJMSdYxnQ== tv@nomic #2 diff --git a/kartei/tv/ssh/tv@wu.id_rsa.pub b/kartei/tv/ssh/tv@wu.id_rsa.pub new file mode 100644 index 000000000..b6e2634e8 --- /dev/null +++ b/kartei/tv/ssh/tv@wu.id_rsa.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDFR//RnCvEZAt0F6ExDsatKZ/DDdifanuSL360mqOhaFieKI34RoOwfQT9T+Ga52Vh5V2La6esvlph686EdgzeKLvDoxEwFM9ZYFBcMrNzu4bMTlgE7YUYw5JiORyXNfznBGnme6qpuvx9ibYhUyiZo99kM8ys5YrUHrP2JXQJMezDFZHxT4GFMOuSdh/1daGoKKD6hYL/jEHX8CI4E3BSmKK6ygYr1fVX0K0Tv77lIi5mLXucjR7CytWYWYnhM6DC3Hxpv2zRkPgf3k0x/Y1hrw3V/r0Me5h90pd2C8pFaWA2ZoUT/fmyVqvx1tZPYToU/O2dMItY0zgx2kR0yD+6g7Aahz3R+KlXkV8k5c8bbTbfGnZWDR1ZlbLRM9Yt5vosfwapUD90MmVkpmR3wUkO2sUKi80QfC7b4KvSDXQ+MImbGxMaU5Bnsq1PqLN95q+uat3nlAVBAELkcx51FlE9CaIS65y4J7FEDg8BE5JeuCNshh62VSYRXVSFt8bk3f/TFGgzC8OIo14BhVmiRQQ503Z1sROyf5xLX2a/EJavMm1i2Bs2TH6ROKY9z5Pz8hT5US0r381V8oG7TZyLF9HTtoy3wCYsgWA5EmLanjAsVU2YEeAA0rxzdtYP8Y2okFiJ6u+M4HQZ3Wg3peSodyp3vxdYce2vk4EKeqEFuuS82850DYb7Et7fmp+wQQUT8Q/bMO0DreWjHoMM5lE4LJ4ME6AxksmMiFtfo/4Fe2q9D+LAqZ+ANOcv9M+8Rn6ngiYmuRNd0l/a02q1PEvO6vTfXgcl4f7Z1IULHPEaDNZHCJS1K5RXYFqYQ6OHsTmOm7hnwaRAS97+VFMo1i5uvTx9nYaAcY7yzq3Ckfb67dMBKApGOpJpkvPgfrP7bgBO5rOZXM1opXqVPb09nljAhhAhyCTh1e/8+mJrBo0cLQ/LupQzVxGDgm3awSMPxsZAN45PSWz76zzxdDa1MMo51do+VJHfs7Wl0NcXAQrniOBYL9Wqt0qNkn1gY5smkkISGeQ/vxNap4MmzeZE7b5fpOy+2fpcRVQLpc4nooQzJvSVTFz+25lgZ6iHf45K87gQFMIAri1Pf/EDDpL87az+bRWvWi+BA2kMe1kf+Ay1LyMz8r+g51H0ma0bNFh6+fbWMfUiD9JCepIObclnUJ4NlWfcgHxTf17d/4tl6z4DTcLpCCk8Da77JouSHgvtcRbRlFV1OfhWZLXUsrlfpaQTiItv6TGIr3k7+7b66o3Qw/GQVs5GmYifaIZIz8n8my4XjkaMBd0SZfBzzvFjHMq6YUP9+SbjvReqofuoO+5tW1wTYZXitFFBfwuHlXm6w77K5QDBW6olT7pat41/F5eGxLcz tv@wu diff --git a/kartei/tv/ssh/tv@xu.id_rsa.pub b/kartei/tv/ssh/tv@xu.id_rsa.pub new file mode 100644 index 000000000..76d4f6962 --- /dev/null +++ b/kartei/tv/ssh/tv@xu.id_rsa.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC/3nkqxe8YrDVt615n96A7iC3vvwsiqgpsBYC/bhwfBHu1bAtBmTWVqSKDIdwg7p8TQpIKtAgZ3IJT3BlrnVTeR4RIviLjHjYWW1NBhm+nXi+heThgi5fLciE3lVLVsy5X9Kc1ZPLgLa1In0REOanwbueOD0ESN1yKIDwUUdczw/o3dLDMzanqFHKuSSN4o9Ex2x+MRj9eLsb706s4VSYMo3lirRCJeAOGv1C7Xg1cuepdhIeJsq9aF7vSy15c0nCkWwr8zdY7pbMPYCe5zvIEymZ0UowZ5HQ3NmIZnYDxa4E1PFjDczHdQbVmmGMI80grNwMsHzQ6bynHSPXDoLf4WodXlhS0+9Ju5QavDT6uqZ9uhDBuWC8QNgWUMIJnEaTBFyA0OI1akl8Q2RLC+qnNf5IwItSq+GDwEsB2ZJNW3kOk1kNiCUrBafRYpPaFeP97wzzP4uYlBKAr2SOLrrkf7NFEdw2ihxhDMNnps/ErRJ8U0zdpmalw8mItGyqRULpHjk/wN00rYOdBIhW3G3QJuVgtGnWtGCBG5x70EfMiSEXPD3YSsVVsgKD+v8qr+YiilRRD+N3gaHhiOWA6HgxRNul/P4llk0ktTpb9LoHk2+oooTH5ZuuT/8yF8J4stZt7EIOH+mSOAXG1z0BwnEkQu7pVKwu/oOZpGJTvBrGwww== tv@xu -- cgit v1.2.3 From 7435b5a59f4231baae07a5778f24f7229f4399fe Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 17 Nov 2025 00:59:31 +0100 Subject: kartei tv: evalSubmodule -> foldl' recursiveUpdate {} --- kartei/tv/default.nix | 27 +++++++++++---------------- 1 file changed, 11 insertions(+), 16 deletions(-) diff --git a/kartei/tv/default.nix b/kartei/tv/default.nix index 5953a8b13..84d529786 100644 --- a/kartei/tv/default.nix +++ b/kartei/tv/default.nix @@ -1,9 +1,8 @@ -{ config, lib, ... }@attrs: let +{ config, lib, ... }: let inherit (builtins) - getAttr head mapAttrs match pathExists readDir readFile typeOf; + getAttr mapAttrs pathExists readDir readFile typeOf; inherit (lib) - const hasAttrByPath mapAttrs' mkDefault mkIf optionalAttrs removeSuffix - toList; + const hasAttrByPath mapAttrs' mkDefault optionalAttrs removeSuffix; slib = import ../../lib/pure.nix { inherit lib; }; in { dns.providers = { @@ -11,13 +10,7 @@ in { }; hosts = mapAttrs - (hostName: hostFile: let - hostSource = import hostFile; - hostConfig = getAttr (typeOf hostSource) { - lambda = hostSource attrs; - set = hostSource; - }; - in slib.evalSubmodule slib.types.host [ + (hostName: hostConfig: builtins.foldl' lib.recursiveUpdate {} [ hostConfig { name = hostName; @@ -41,17 +34,19 @@ in { wireguard.pubkey = readFile pubkey-path; }; }) - (host: mkIf (host.config.ssh.pubkey != null) { - ssh.privkey = mapAttrs (const mkDefault) { - path = "${config.krebs.secret.directory}/ssh.id_${host.config.ssh.privkey.type}"; - type = head (toList (builtins.match "ssh-([^ ]+) .*" host.config.ssh.pubkey)); + (lib.optionalAttrs (hostConfig.ssh.pubkey or null != null) { + ssh.privkey = builtins.mapAttrs (const mkDefault) rec { + path = "${config.krebs.secret.directory}/ssh.id_${type}"; + type = builtins.head (lib.toList (builtins.match "ssh-([^ ]+) .*" hostConfig.ssh.pubkey)); }; }) ]) (mapAttrs' (name: type: { name = removeSuffix ".nix" name; - value = ./hosts + "/${name}"; + value = lib.toFunction (import (./hosts + "/${name}")) { + inherit config lib; + }; }) (readDir ./hosts)); sitemap = { -- cgit v1.2.3 From 05526b8847a23a5cc955115a676d2eacf31f6ff5 Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 17 Nov 2025 01:08:50 +0100 Subject: kartei tv ni: get slib from argument --- kartei/tv/default.nix | 2 +- kartei/tv/hosts/ni.nix | 4 +--- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/kartei/tv/default.nix b/kartei/tv/default.nix index 84d529786..3dbaf3389 100644 --- a/kartei/tv/default.nix +++ b/kartei/tv/default.nix @@ -45,7 +45,7 @@ in { (name: type: { name = removeSuffix ".nix" name; value = lib.toFunction (import (./hosts + "/${name}")) { - inherit config lib; + inherit config lib slib; }; }) (readDir ./hosts)); diff --git a/kartei/tv/hosts/ni.nix b/kartei/tv/hosts/ni.nix index d64874d9c..fed171f23 100644 --- a/kartei/tv/hosts/ni.nix +++ b/kartei/tv/hosts/ni.nix @@ -1,6 +1,4 @@ -{ config, lib, ... }: let - slib = import ../../../lib/pure.nix { inherit lib; }; -in { +{ config, lib, slib, ... }: { extraZones = { "krebsco.de" = '' ni 60 IN A ${config.krebs.hosts.ni.nets.internet.ip4.addr} -- cgit v1.2.3 From 6dcc80fc091904d7efc0f1085441a0d8975f6f5a Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 27 Nov 2025 04:20:17 +0100 Subject: kartei tv: add ne --- kartei/tv/hosts/ne.nix | 39 +++++++++++++++++++++++++++++++++++++++ krebs/2configs/nameserver.nix | 5 +++++ 2 files changed, 44 insertions(+) create mode 100644 kartei/tv/hosts/ne.nix diff --git a/kartei/tv/hosts/ne.nix b/kartei/tv/hosts/ne.nix new file mode 100644 index 000000000..8a0ea0e82 --- /dev/null +++ b/kartei/tv/hosts/ne.nix @@ -0,0 +1,39 @@ +{ config, ... }: { + extraZones = { + "krebsco.de" = '' + ne 60 IN A ${config.krebs.hosts.ne.nets.internet.ip4.addr} + ne 60 IN AAAA ${config.krebs.hosts.ne.nets.internet.ip6.addr} + ''; + }; + nets = { + internet = { + aliases = [ + "ne.i" + ]; + ip4 = rec { + addr = "159.195.31.38"; + prefix = "${addr}/32"; + }; + ip6 = rec { + addr = "2a0a:4cc0:c1:5eb0::1"; + prefix = "${addr}/64"; + prefixLength = 64; + }; + ssh.port = 11423; + }; + mycelium = { + aliases = [ + "ne.m" + ]; + ip6.addr = "45f:fa21:4bdd:a758:8091:947d:fe84:fac3"; + }; + retiolum = { + aliases = [ + "ne.r" + ]; + }; + wiregrill = { + ip4.addr = "10.244.3.2"; + }; + }; +} diff --git a/krebs/2configs/nameserver.nix b/krebs/2configs/nameserver.nix index 633f6f5d5..fb22dc6f9 100644 --- a/krebs/2configs/nameserver.nix +++ b/krebs/2configs/nameserver.nix @@ -66,6 +66,10 @@ in { - id: hostingde_ns1 address: 134.0.30.178 + - id: krebscode_ne + address: ${config.krebs.hosts.ne.nets.internet.ip4.addr} + key: krebs_transfer_notify_key + - id: krebscode_ni address: ${config.krebs.hosts.ni.nets.internet.ip4.addr} key: krebs_transfer_notify_key @@ -119,6 +123,7 @@ in { dnssec-policy: rsa2k notify: henet_ns1 notify: hostingde_ns1 + notify: krebscode_ne notify: krebscode_ni acl: transfer_to_henet_secondary acl: transfer_to_hostingde_secondary -- cgit v1.2.3 From 3c1e960b371215ed7653e9f7e0b9aca2a3b7058d Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 27 Nov 2025 13:46:36 +0100 Subject: kartei tv: foldl' recursiveUpdate {} -> foldl' extend --- kartei/tv/default.nix | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/kartei/tv/default.nix b/kartei/tv/default.nix index 3dbaf3389..52f66039f 100644 --- a/kartei/tv/default.nix +++ b/kartei/tv/default.nix @@ -4,19 +4,23 @@ inherit (lib) const hasAttrByPath mapAttrs' mkDefault optionalAttrs removeSuffix; slib = import ../../lib/pure.nix { inherit lib; }; + + extend = x: f: { + lambda = lib.recursiveUpdate x (f x); + set = lib.recursiveUpdate x f; + }.${builtins.typeOf f}; in { dns.providers = { "viljetic.de" = "regfish"; }; hosts = mapAttrs - (hostName: hostConfig: builtins.foldl' lib.recursiveUpdate {} [ - hostConfig + (hostName: lib.flip (builtins.foldl' extend) [ { name = hostName; owner = config.krebs.users.tv; } - (optionalAttrs (hasAttrByPath ["nets" "retiolum"] hostConfig) { + (hostConfig: optionalAttrs (hasAttrByPath ["nets" "retiolum"] hostConfig) { nets.retiolum = { ip6.addr = (slib.krebs.genipv6 "retiolum" "tv" { inherit hostName; }).address; @@ -34,7 +38,7 @@ in { wireguard.pubkey = readFile pubkey-path; }; }) - (lib.optionalAttrs (hostConfig.ssh.pubkey or null != null) { + (hostConfig: lib.optionalAttrs (hostConfig.ssh.pubkey or null != null) { ssh.privkey = builtins.mapAttrs (const mkDefault) rec { path = "${config.krebs.secret.directory}/ssh.id_${type}"; type = builtins.head (lib.toList (builtins.match "ssh-([^ ]+) .*" hostConfig.ssh.pubkey)); -- cgit v1.2.3 From e13546c0879ccef23ee32b6f8217a4cd691a859e Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 27 Nov 2025 13:51:57 +0100 Subject: kartei tv: don't inherit --- kartei/tv/default.nix | 30 +++++++++++++----------------- 1 file changed, 13 insertions(+), 17 deletions(-) diff --git a/kartei/tv/default.nix b/kartei/tv/default.nix index 52f66039f..60369d4df 100644 --- a/kartei/tv/default.nix +++ b/kartei/tv/default.nix @@ -1,8 +1,4 @@ { config, lib, ... }: let - inherit (builtins) - getAttr mapAttrs pathExists readDir readFile typeOf; - inherit (lib) - const hasAttrByPath mapAttrs' mkDefault optionalAttrs removeSuffix; slib = import ../../lib/pure.nix { inherit lib; }; extend = x: f: { @@ -14,13 +10,13 @@ in { "viljetic.de" = "regfish"; }; hosts = - mapAttrs + builtins.mapAttrs (hostName: lib.flip (builtins.foldl' extend) [ { name = hostName; owner = config.krebs.users.tv; } - (hostConfig: optionalAttrs (hasAttrByPath ["nets" "retiolum"] hostConfig) { + (hostConfig: lib.optionalAttrs (lib.hasAttrByPath ["nets" "retiolum"] hostConfig) { nets.retiolum = { ip6.addr = (slib.krebs.genipv6 "retiolum" "tv" { inherit hostName; }).address; @@ -28,31 +24,31 @@ in { }) (let pubkey-path = ./wiregrill + "/${hostName}.pub"; - in optionalAttrs (pathExists pubkey-path) { + in lib.optionalAttrs (builtins.pathExists pubkey-path) { nets.wiregrill = { aliases = [ "${hostName}.w" ]; ip6.addr = (slib.krebs.genipv6 "wiregrill" "tv" { inherit hostName; }).address; - wireguard.pubkey = readFile pubkey-path; + wireguard.pubkey = builtins.readFile pubkey-path; }; }) (hostConfig: lib.optionalAttrs (hostConfig.ssh.pubkey or null != null) { - ssh.privkey = builtins.mapAttrs (const mkDefault) rec { + ssh.privkey = builtins.mapAttrs (lib.const lib.mkDefault) rec { path = "${config.krebs.secret.directory}/ssh.id_${type}"; type = builtins.head (lib.toList (builtins.match "ssh-([^ ]+) .*" hostConfig.ssh.pubkey)); }; }) ]) - (mapAttrs' + (lib.mapAttrs' (name: type: { - name = removeSuffix ".nix" name; + name = lib.removeSuffix ".nix" name; value = lib.toFunction (import (./hosts + "/${name}")) { inherit config lib slib; }; }) - (readDir ./hosts)); + (builtins.readDir ./hosts)); sitemap = { "http://cgit.krebsco.de" = { desc = "Git repositories"; @@ -69,21 +65,21 @@ in { }; mv-ni = { mail = "mv@ni.r"; - pubkey = readFile (./ssh + "/mv@vod.id_ed25519.pub"); + pubkey = builtins.readFile (./ssh + "/mv@vod.id_ed25519.pub"); }; tv = { mail = "tv@nomic.r"; - pgp.pubkeys.default = readFile ./pgp/CBF89B0B.asc; - pubkey = readFile (./ssh + "/tv@wu.id_rsa.pub"); + pgp.pubkeys.default = builtins.readFile ./pgp/CBF89B0B.asc; + pubkey = builtins.readFile (./ssh + "/tv@wu.id_rsa.pub"); uid = 1337; # TODO use default and document what has to be done (for vv) }; tv-nomic = { inherit (config.krebs.users.tv) mail; - pubkey = readFile (./ssh + "/tv@nomic.id_rsa.pub"); + pubkey = builtins.readFile (./ssh + "/tv@nomic.id_rsa.pub"); }; tv-xu = { inherit (config.krebs.users.tv) mail; - pubkey = readFile (./ssh + "/tv@xu.id_rsa.pub"); + pubkey = builtins.readFile (./ssh + "/tv@xu.id_rsa.pub"); }; vv = { mail = "vv@mu.r"; -- cgit v1.2.3 From 7b6d9313f17461b79afdb95d8e8231a71fa2a462 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 27 Nov 2025 14:19:03 +0100 Subject: kartei tv ne: add NS for tv.krebsco.de --- kartei/tv/hosts/ne.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/kartei/tv/hosts/ne.nix b/kartei/tv/hosts/ne.nix index 8a0ea0e82..e7d9056b1 100644 --- a/kartei/tv/hosts/ne.nix +++ b/kartei/tv/hosts/ne.nix @@ -3,6 +3,7 @@ "krebsco.de" = '' ne 60 IN A ${config.krebs.hosts.ne.nets.internet.ip4.addr} ne 60 IN AAAA ${config.krebs.hosts.ne.nets.internet.ip6.addr} + tv 300 IN NS ne ''; }; nets = { -- cgit v1.2.3 From 156da811d7bbd47e99aec4493cacc6045200192d Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 27 Nov 2025 14:22:38 +0100 Subject: kartei tv ne: add MX for krebsco.de --- kartei/tv/hosts/ne.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/kartei/tv/hosts/ne.nix b/kartei/tv/hosts/ne.nix index e7d9056b1..d67df6209 100644 --- a/kartei/tv/hosts/ne.nix +++ b/kartei/tv/hosts/ne.nix @@ -1,6 +1,7 @@ { config, ... }: { extraZones = { "krebsco.de" = '' + @ 60 IN MX 5 ne ne 60 IN A ${config.krebs.hosts.ne.nets.internet.ip4.addr} ne 60 IN AAAA ${config.krebs.hosts.ne.nets.internet.ip6.addr} tv 300 IN NS ne -- cgit v1.2.3 From 687814fc09e4b803e0b0c1d9903911aa379533b4 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 27 Nov 2025 21:21:57 +0100 Subject: kartei: pass whole arg to modules --- kartei/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/kartei/default.nix b/kartei/default.nix index 046efdd7b..24a9e22b5 100644 --- a/kartei/default.nix +++ b/kartei/default.nix @@ -1,4 +1,4 @@ -{ config, lib, ... }: let +{ lib, ... }@arg: let removeTemplate = # TODO don't remove during CI lib.flip builtins.removeAttrs ["template"]; @@ -9,7 +9,7 @@ in { (name: _type: let path = ./. + "/${name}"; in { - krebs = import path { inherit config lib; }; + krebs = import path arg; }) (removeTemplate (lib.filterAttrs -- cgit v1.2.3 From e1363dcb1df2a455700ac3e28045f34d63e4c465 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 27 Nov 2025 21:22:41 +0100 Subject: kartei: lib.mkMerge -> imports Use imports instead of lib.mkMerge and sprinkle some _file attributes to facilitate debugging. --- kartei/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/kartei/default.nix b/kartei/default.nix index 24a9e22b5..7624807a0 100644 --- a/kartei/default.nix +++ b/kartei/default.nix @@ -3,12 +3,12 @@ # TODO don't remove during CI lib.flip builtins.removeAttrs ["template"]; in { - config = - lib.mkMerge + imports = (lib.mapAttrsToList (name: _type: let path = ./. + "/${name}"; in { + _file = toString path; krebs = import path arg; }) (removeTemplate -- cgit v1.2.3 From 03b2d5ef794e703156bdeadbb4806d279fc4322c Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 27 Nov 2025 22:33:56 +0100 Subject: modules: use lib.slib if possilbe --- krebs/3modules/airdcpp.nix | 2 +- krebs/3modules/announce-activation.nix | 2 +- krebs/3modules/backup.nix | 2 +- krebs/3modules/brockman.nix | 2 +- krebs/3modules/build.nix | 2 +- krebs/3modules/ci/default.nix | 2 +- krebs/3modules/dns.nix | 2 +- krebs/3modules/exim-retiolum.nix | 2 +- krebs/3modules/exim-smarthost.nix | 2 +- krebs/3modules/exim.nix | 2 +- krebs/3modules/git.nix | 2 +- krebs/3modules/hosts.nix | 2 +- krebs/3modules/htgen.nix | 2 +- krebs/3modules/iana-etc.nix | 2 +- krebs/3modules/konsens.nix | 2 +- krebs/3modules/on-failure.nix | 2 +- krebs/3modules/permown.nix | 2 +- krebs/3modules/reaktor2.nix | 2 +- krebs/3modules/realwallpaper.nix | 2 +- krebs/3modules/repo-sync.nix | 2 +- krebs/3modules/secret.nix | 2 +- krebs/3modules/setuid.nix | 2 +- krebs/3modules/sync-containers3.nix | 2 +- krebs/3modules/systemd.nix | 2 +- krebs/3modules/tinc.nix | 2 +- krebs/3modules/tinc_graphs.nix | 2 +- krebs/3modules/urlwatch.nix | 2 +- krebs/3modules/users.nix | 2 +- 28 files changed, 28 insertions(+), 28 deletions(-) diff --git a/krebs/3modules/airdcpp.nix b/krebs/3modules/airdcpp.nix index acd007cb8..901b1eb87 100644 --- a/krebs/3modules/airdcpp.nix +++ b/krebs/3modules/airdcpp.nix @@ -1,7 +1,7 @@ { config, lib, pkgs, ... }: with lib; let - slib = import ../../lib/pure.nix { inherit lib; }; + slib = lib.slib or (import ../../lib/pure.nix { inherit lib; }); cfg = config.krebs.airdcpp; out = { diff --git a/krebs/3modules/announce-activation.nix b/krebs/3modules/announce-activation.nix index fa0f1530c..1c4067e7a 100644 --- a/krebs/3modules/announce-activation.nix +++ b/krebs/3modules/announce-activation.nix @@ -1,6 +1,6 @@ { config, pkgs, lib, ... }: let - slib = import ../../lib/pure.nix { inherit lib; }; + slib = lib.slib or (import ../../lib/pure.nix { inherit lib; }); cfg = config.krebs.announce-activation; announce-activation = pkgs.writeDash "announce-activation" '' set -efu diff --git a/krebs/3modules/backup.nix b/krebs/3modules/backup.nix index 900be5139..2be3a1422 100644 --- a/krebs/3modules/backup.nix +++ b/krebs/3modules/backup.nix @@ -1,5 +1,5 @@ { config, lib, pkgs, ... }: -with import ../../lib/pure.nix { inherit lib; }; +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let out = { options.krebs.backup = api; diff --git a/krebs/3modules/brockman.nix b/krebs/3modules/brockman.nix index a3acf83cf..e7847aa09 100644 --- a/krebs/3modules/brockman.nix +++ b/krebs/3modules/brockman.nix @@ -1,7 +1,7 @@ { pkgs, config, lib, ... }: with lib; let - slib = import ../../lib/pure.nix { inherit lib; }; + slib = lib.slib or (import ../../lib/pure.nix { inherit lib; }); cfg = config.krebs.brockman; in { options.krebs.brockman = { diff --git a/krebs/3modules/build.nix b/krebs/3modules/build.nix index bf20cb099..6480c300f 100644 --- a/krebs/3modules/build.nix +++ b/krebs/3modules/build.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with import ../../lib/pure.nix { inherit lib; }; +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); { options.krebs.build = { diff --git a/krebs/3modules/ci/default.nix b/krebs/3modules/ci/default.nix index 5035a11a8..899db45c5 100644 --- a/krebs/3modules/ci/default.nix +++ b/krebs/3modules/ci/default.nix @@ -1,5 +1,5 @@ { config, lib, pkgs, ... }: -with import ../../../lib/pure.nix { inherit lib; }; +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let cfg = config.krebs.ci; diff --git a/krebs/3modules/dns.nix b/krebs/3modules/dns.nix index a268b931c..fd672a890 100644 --- a/krebs/3modules/dns.nix +++ b/krebs/3modules/dns.nix @@ -1,5 +1,5 @@ { config, lib, pkgs, ... }: -with import ../../lib/pure.nix { inherit lib; }; { +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); { options = { krebs.dns.providers = mkOption { type = types.attrsOf types.str; diff --git a/krebs/3modules/exim-retiolum.nix b/krebs/3modules/exim-retiolum.nix index f78f1746c..b5f8d187a 100644 --- a/krebs/3modules/exim-retiolum.nix +++ b/krebs/3modules/exim-retiolum.nix @@ -1,5 +1,5 @@ { config, pkgs, lib, ... }: -with import ../../lib/pure.nix { inherit lib; }; let +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let cfg = config.krebs.exim-retiolum; # Due to improvements to the JSON notation, braces around top-level objects diff --git a/krebs/3modules/exim-smarthost.nix b/krebs/3modules/exim-smarthost.nix index 4e42ce72e..14963f472 100644 --- a/krebs/3modules/exim-smarthost.nix +++ b/krebs/3modules/exim-smarthost.nix @@ -1,6 +1,6 @@ { config, pkgs, lib, ... }: -with import ../../lib/pure.nix { inherit lib; }; +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let cfg = config.krebs.exim-smarthost; diff --git a/krebs/3modules/exim.nix b/krebs/3modules/exim.nix index 583fd07b1..bb749b273 100644 --- a/krebs/3modules/exim.nix +++ b/krebs/3modules/exim.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }: with import ../../lib/pure.nix { inherit lib; }; let +{ config, lib, pkgs, ... }: with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let cfg = config.krebs.exim; in { options.krebs.exim = { diff --git a/krebs/3modules/git.nix b/krebs/3modules/git.nix index 6d666b6d6..8b8f205dc 100644 --- a/krebs/3modules/git.nix +++ b/krebs/3modules/git.nix @@ -6,7 +6,7 @@ # TODO when authorized_keys changes, then restart ssh # (or kill already connected users somehow) -with import ../../lib/pure.nix { inherit lib; }; +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let cfg = config.krebs.git; diff --git a/krebs/3modules/hosts.nix b/krebs/3modules/hosts.nix index 2333d0a8d..51aeefb9f 100644 --- a/krebs/3modules/hosts.nix +++ b/krebs/3modules/hosts.nix @@ -3,7 +3,7 @@ with lib; let check = hostname: any (domain: hasSuffix ".${domain}" hostname) domains; domains = attrNames (filterAttrs (_: slib.eq "hosts") config.krebs.dns.providers); # we need this import because we have infinite recursion otherwise - slib = import ../../lib/pure.nix { inherit lib; }; + slib = lib.slib or (import ../../lib/pure.nix { inherit lib; }); in { options = { diff --git a/krebs/3modules/htgen.nix b/krebs/3modules/htgen.nix index 334a83cb3..020b3eaea 100644 --- a/krebs/3modules/htgen.nix +++ b/krebs/3modules/htgen.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with import ../../lib/pure.nix { inherit lib; }; +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let optionalAttr = name: value: if name != null then diff --git a/krebs/3modules/iana-etc.nix b/krebs/3modules/iana-etc.nix index dabe2f8aa..8858c6ed5 100644 --- a/krebs/3modules/iana-etc.nix +++ b/krebs/3modules/iana-etc.nix @@ -1,5 +1,5 @@ { config, lib, pkgs, ... }: let - slib = import ../../lib/pure.nix { inherit lib; }; + slib = lib.slib or (import ../../lib/pure.nix { inherit lib; }); in with lib; { options.krebs.iana-etc.services = mkOption { diff --git a/krebs/3modules/konsens.nix b/krebs/3modules/konsens.nix index 0463de53f..b71cb2ba9 100644 --- a/krebs/3modules/konsens.nix +++ b/krebs/3modules/konsens.nix @@ -1,5 +1,5 @@ { config, lib, pkgs, ... }: -with import ../../lib/pure.nix { inherit lib; }; +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let cfg = config.krebs.konsens; diff --git a/krebs/3modules/on-failure.nix b/krebs/3modules/on-failure.nix index 11d2b4194..d87b279a0 100644 --- a/krebs/3modules/on-failure.nix +++ b/krebs/3modules/on-failure.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }: with import ../../lib/pure.nix { inherit lib; }; let +{ config, lib, pkgs, ... }: with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let out = { options.krebs.on-failure = api; config = lib.mkIf cfg.enable imp; diff --git a/krebs/3modules/permown.nix b/krebs/3modules/permown.nix index ae8702978..d65ce2a31 100644 --- a/krebs/3modules/permown.nix +++ b/krebs/3modules/permown.nix @@ -1,5 +1,5 @@ { config, pkgs, lib, ... }: let - slib = import ../../lib/pure.nix { inherit lib; }; + slib = lib.slib or (import ../../lib/pure.nix { inherit lib; }); in with lib; { diff --git a/krebs/3modules/reaktor2.nix b/krebs/3modules/reaktor2.nix index aa6254786..b977df99a 100644 --- a/krebs/3modules/reaktor2.nix +++ b/krebs/3modules/reaktor2.nix @@ -1,5 +1,5 @@ { config, pkgs, lib, ... }: -with import ../../lib/pure.nix { inherit lib; }; { +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); { options.krebs.reaktor2 = mkOption { default = {}; diff --git a/krebs/3modules/realwallpaper.nix b/krebs/3modules/realwallpaper.nix index a65a22b29..21603d94c 100644 --- a/krebs/3modules/realwallpaper.nix +++ b/krebs/3modules/realwallpaper.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with import ../../lib/pure.nix { inherit lib; }; +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let cfg = config.krebs.realwallpaper; diff --git a/krebs/3modules/repo-sync.nix b/krebs/3modules/repo-sync.nix index 5208d91ae..7b2be4057 100644 --- a/krebs/3modules/repo-sync.nix +++ b/krebs/3modules/repo-sync.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with import ../../lib/pure.nix { inherit lib; }; +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let cfg = config.krebs.repo-sync; diff --git a/krebs/3modules/secret.nix b/krebs/3modules/secret.nix index c35dceba3..13c4ecaec 100644 --- a/krebs/3modules/secret.nix +++ b/krebs/3modules/secret.nix @@ -1,5 +1,5 @@ { config, lib, pkgs, ... }: -with import ../../lib/pure.nix { inherit lib; }; let +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let cfg = config.krebs.secret; in { options.krebs.secret = { diff --git a/krebs/3modules/setuid.nix b/krebs/3modules/setuid.nix index e3108d88e..ce41548ae 100644 --- a/krebs/3modules/setuid.nix +++ b/krebs/3modules/setuid.nix @@ -1,5 +1,5 @@ { config, pkgs, lib, ... }: -with import ../../lib/pure.nix { inherit lib; }; +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let out = { diff --git a/krebs/3modules/sync-containers3.nix b/krebs/3modules/sync-containers3.nix index 12a5ee4e7..872f04db2 100644 --- a/krebs/3modules/sync-containers3.nix +++ b/krebs/3modules/sync-containers3.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: let cfg = config.krebs.sync-containers3; - slib = import ../../lib/pure.nix { inherit lib; }; + slib = lib.slib or (import ../../lib/pure.nix { inherit lib; }); in { options.krebs.sync-containers3 = { inContainer = { diff --git a/krebs/3modules/systemd.nix b/krebs/3modules/systemd.nix index 754b25675..c0bd4768b 100644 --- a/krebs/3modules/systemd.nix +++ b/krebs/3modules/systemd.nix @@ -1,6 +1,6 @@ { config, pkgs, lib, ... }: let { - slib = import ../../lib/pure.nix { inherit lib; }; + slib = lib.slib or (import ../../lib/pure.nix { inherit lib; }); body.options.krebs.systemd.services = lib.mkOption { default = {}; diff --git a/krebs/3modules/tinc.nix b/krebs/3modules/tinc.nix index d73d5ca61..debbb184b 100644 --- a/krebs/3modules/tinc.nix +++ b/krebs/3modules/tinc.nix @@ -1,5 +1,5 @@ { config, pkgs, lib, ... }: -with import ../../lib/pure.nix { inherit lib; }; { +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); { options.krebs.tinc = mkOption { default = {}; description = '' diff --git a/krebs/3modules/tinc_graphs.nix b/krebs/3modules/tinc_graphs.nix index dd132a2de..c8c75f919 100644 --- a/krebs/3modules/tinc_graphs.nix +++ b/krebs/3modules/tinc_graphs.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with import ../../lib/pure.nix { inherit lib; }; +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let cfg = config.krebs.tinc_graphs; internal_dir = "${cfg.workingDir}/internal"; diff --git a/krebs/3modules/urlwatch.nix b/krebs/3modules/urlwatch.nix index b811b6fa6..8d3bdfbe0 100644 --- a/krebs/3modules/urlwatch.nix +++ b/krebs/3modules/urlwatch.nix @@ -4,7 +4,7 @@ # TODO inform about unused caches # cache = url: "${cfg.dataDir}/.urlwatch/cache/${hashString "sha1" url}" -with import ../../lib/pure.nix { inherit lib; }; +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let cfg = config.krebs.urlwatch; diff --git a/krebs/3modules/users.nix b/krebs/3modules/users.nix index 614e6ab42..d41b34f7d 100644 --- a/krebs/3modules/users.nix +++ b/krebs/3modules/users.nix @@ -1,5 +1,5 @@ { config, lib, pkgs, ... }: let - slib = import ../../lib/pure.nix { inherit lib; }; + slib = lib.slib or (import ../../lib/pure.nix { inherit lib; }); in { options.krebs.users = lib.mkOption { type = lib.types.attrsOf slib.types.user; -- cgit v1.2.3 From aa4582de1e219c68bfe1c06b719e66bf2ebadd5d Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 27 Nov 2025 22:37:55 +0100 Subject: kartei tv: use lib.slib if possilbe --- kartei/tv/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kartei/tv/default.nix b/kartei/tv/default.nix index 60369d4df..848646510 100644 --- a/kartei/tv/default.nix +++ b/kartei/tv/default.nix @@ -1,5 +1,5 @@ { config, lib, ... }: let - slib = import ../../lib/pure.nix { inherit lib; }; + slib = lib.slib or (import ../../lib/pure.nix { inherit lib; }); extend = x: f: { lambda = lib.recursiveUpdate x (f x); -- cgit v1.2.3 From 488be4eefda718e715cfeb50214102e90d6588c2 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 27 Nov 2025 22:45:16 +0100 Subject: kartei tv ni: prefix -> prefixLength --- kartei/tv/hosts/ni.nix | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/kartei/tv/hosts/ni.nix b/kartei/tv/hosts/ni.nix index fed171f23..3e3d81c37 100644 --- a/kartei/tv/hosts/ni.nix +++ b/kartei/tv/hosts/ni.nix @@ -16,13 +16,12 @@ }; nets = { internet = { - ip4 = rec { + ip4 = { addr = "185.162.251.237"; - prefix = "${addr}/32"; }; - ip6 = rec { + ip6 = { addr = "2a03:4000:1a:cf::1"; - prefix = "${addr}/64"; + prefixLength = 64; }; aliases = [ "ni.i" -- cgit v1.2.3 From 6012364a170a0a787881ff39d7d2f74451825dec Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 27 Nov 2025 22:46:33 +0100 Subject: kartei tv ne: specify just prefixLength, not prefix --- kartei/tv/hosts/ne.nix | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/kartei/tv/hosts/ne.nix b/kartei/tv/hosts/ne.nix index d67df6209..584d7c433 100644 --- a/kartei/tv/hosts/ne.nix +++ b/kartei/tv/hosts/ne.nix @@ -12,13 +12,11 @@ aliases = [ "ne.i" ]; - ip4 = rec { + ip4 = { addr = "159.195.31.38"; - prefix = "${addr}/32"; }; - ip6 = rec { + ip6 = { addr = "2a0a:4cc0:c1:5eb0::1"; - prefix = "${addr}/64"; prefixLength = 64; }; ssh.port = 11423; -- cgit v1.2.3 From 39ef2da7d30dba7c5c1556ffa90d330a9607bb44 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 29 Dec 2025 19:12:20 +0100 Subject: pkgs.Reaktor -> reaktor2-plugins --- krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh | 6 -- krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh | 20 ---- krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py | 58 ----------- .../5pkgs/simple/Reaktor/scripts/shack-correct.sh | 6 -- krebs/5pkgs/simple/Reaktor/scripts/tell-on_join.sh | 25 ----- .../simple/Reaktor/scripts/tell-on_privmsg.sh | 18 ---- krebs/5pkgs/simple/reaktor2-plugins.nix | 108 --------------------- krebs/5pkgs/simple/reaktor2-plugins/default.nix | 108 +++++++++++++++++++++ .../reaktor2-plugins/scripts/random-emoji.sh | 6 ++ .../reaktor2-plugins/scripts/random-issue.sh | 20 ++++ .../simple/reaktor2-plugins/scripts/sed-plugin.py | 58 +++++++++++ .../reaktor2-plugins/scripts/shack-correct.sh | 6 ++ .../reaktor2-plugins/scripts/tell-on_join.sh | 25 +++++ .../reaktor2-plugins/scripts/tell-on_privmsg.sh | 18 ++++ 14 files changed, 241 insertions(+), 241 deletions(-) delete mode 100755 krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh delete mode 100755 krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh delete mode 100755 krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py delete mode 100755 krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh delete mode 100755 krebs/5pkgs/simple/Reaktor/scripts/tell-on_join.sh delete mode 100755 krebs/5pkgs/simple/Reaktor/scripts/tell-on_privmsg.sh delete mode 100644 krebs/5pkgs/simple/reaktor2-plugins.nix create mode 100644 krebs/5pkgs/simple/reaktor2-plugins/default.nix create mode 100755 krebs/5pkgs/simple/reaktor2-plugins/scripts/random-emoji.sh create mode 100755 krebs/5pkgs/simple/reaktor2-plugins/scripts/random-issue.sh create mode 100755 krebs/5pkgs/simple/reaktor2-plugins/scripts/sed-plugin.py create mode 100755 krebs/5pkgs/simple/reaktor2-plugins/scripts/shack-correct.sh create mode 100755 krebs/5pkgs/simple/reaktor2-plugins/scripts/tell-on_join.sh create mode 100755 krebs/5pkgs/simple/reaktor2-plugins/scripts/tell-on_privmsg.sh diff --git a/krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh b/krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh deleted file mode 100755 index 6f3dd4a3f..000000000 --- a/krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/sh -curl -sS http://emojicons.com/random | \ - grep data-text | \ - sed -n 's/.*>\(.*\)<\/textarea>/\1/p' | \ - head -n 1 | \ - xmlstarlet unesc diff --git a/krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh b/krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh deleted file mode 100755 index 5c47c6156..000000000 --- a/krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh +++ /dev/null @@ -1,20 +0,0 @@ -#! /bin/sh -set -eu -# requires env: -# $state_dir -# $origin - -# in PATH: git,lentil,coreutils -subdir=`echo "$1" | tr -dc "[:alnum:]"` -name=`echo "$origin" | tr -dc "[:alnum:]"` -track="$state_dir/$name-checkout" -(if test -e "$track" ;then - cd "$track" - git fetch origin master - git reset --hard origin/master -else - git clone "$origin" "$track" -fi) >&2 - -cd "$track" -lentil "${subdir:-.}" -f csv | sed 1d | shuf | head -1 diff --git a/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py b/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py deleted file mode 100755 index 4925b25bb..000000000 --- a/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py +++ /dev/null @@ -1,58 +0,0 @@ -#!/usr/bin/env python3 - -# Usage: -# _from=krebs state_dir=. python sed-plugin.py 'dick butt' -# _from=krebs state_dir=. python sed-plugin.py 's/t/l/g' -# > dick bull -import shelve -from os import environ -from os.path import join -from sys import argv -from time import sleep -import re - -# try to open the shelve file until it succeeds -while True: - try: - d = shelve.open( - join(environ['state_dir'], 'sed-plugin.shelve'), - writeback=True - ) - break - except: # noqa: E722 - sleep(0.2) -usr = environ['_from'] - - -def is_regex(line): - myre = re.compile(r'^s/(?:\\/|[^/])+/(?:\\/|[^/])*/[ig]?$') - return myre.match(line) - - -line = argv[1] - -if is_regex(line): - last = d.get(usr, None) - if last: - from subprocess import Popen, PIPE - p = Popen(['sed', line], stdin=PIPE, stdout=PIPE, stderr=PIPE) - so, se = p.communicate(bytes("{}\n".format(last), "UTF-8")) - if p.returncode: - print("something went wrong when trying to process your regex: {}".format(line.strip())) - ret = so.decode() - if len(ret) > 512: - print('message to long, skipped') - elif len(ret.split('\n')) > 5: - print('to many lines, skipped') - else: - if last.strip() != ret.strip(): - print("\x02{}\x02 meant: {}".format(usr, ret.strip())) - if ret: - d[usr] = ret - - else: - print("no last message") -else: - d[usr] = line - -d.close() diff --git a/krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh b/krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh deleted file mode 100755 index d500b3cb3..000000000 --- a/krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh +++ /dev/null @@ -1,6 +0,0 @@ -#! /bin/sh -set -eu -printf "Sie meinten wohl \"" -echo -n $@ | sed 's/Shack/shack/g' -echo "\" check out https://wiki.shackspace.de/project/logo_and_ci#name_ci" -echo "${_from}--" diff --git a/krebs/5pkgs/simple/Reaktor/scripts/tell-on_join.sh b/krebs/5pkgs/simple/Reaktor/scripts/tell-on_join.sh deleted file mode 100755 index 6978e38c6..000000000 --- a/krebs/5pkgs/simple/Reaktor/scripts/tell-on_join.sh +++ /dev/null @@ -1,25 +0,0 @@ -#! /bin/sh -set -euf - -# require flock from util-linux (pkgs.util-linux) -if test "${FLOCK-}" != "$state_file"; then - exec env FLOCK="$state_file" flock "$state_file" "$0" "$@" -fi - -# TODO tell now, if already joined -jq -r <"$state_file" \ - --arg to "$_from" \ - --arg msgtarget "$_msgtarget" \ - ' - select(.to == $to and .msgtarget == $msgtarget) | - "\(.to): \(.text) \u00032-- \(.from)\u00032 \(.date)" - ' - -jq -c <"$state_file" >"$state_file.tmp" \ - --arg to "$_from" \ - --arg msgtarget "$_msgtarget" \ - ' - select((.to == $to and .msgtarget == $msgtarget) | not) - ' - -mv "$state_file.tmp" "$state_file" diff --git a/krebs/5pkgs/simple/Reaktor/scripts/tell-on_privmsg.sh b/krebs/5pkgs/simple/Reaktor/scripts/tell-on_privmsg.sh deleted file mode 100755 index fc05bdefb..000000000 --- a/krebs/5pkgs/simple/Reaktor/scripts/tell-on_privmsg.sh +++ /dev/null @@ -1,18 +0,0 @@ -#! /bin/sh -set -euf - -# require flock from util-linux -if test "${FLOCK-}" != "$state_file"; then - exec env FLOCK="$state_file" flock "$state_file" "$0" "$@" -fi - -# TODO tell now, if already joined -jq -cn \ - --arg from "$_from" \ - --arg to "${1%% *}" \ - --arg text "${1#* }" \ - --arg msgtarget "$_msgtarget" \ - '{ $from, $to, $text, $msgtarget, date: (now | todate) }' \ - >> "$state_file" - -echo 'Consider it noted.' # that's what lambdabot says... diff --git a/krebs/5pkgs/simple/reaktor2-plugins.nix b/krebs/5pkgs/simple/reaktor2-plugins.nix deleted file mode 100644 index 5b7be5d33..000000000 --- a/krebs/5pkgs/simple/reaktor2-plugins.nix +++ /dev/null @@ -1,108 +0,0 @@ -{ pkgs, stockholm, ... }: -with stockholm.lib; - -{ - generators = { - command_hook = commands: { - pattern = - "^\\s*([0-9A-Za-z._][0-9A-Za-z._-]*)(?:\\s+(.*\\S))?\\s*$"; - command = 1; - arguments = [2]; - commands = commands; - }; - }; - - commands = { - - random-emoji = { - filename = stockholm.outPath + "/krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh"; - env = { - PATH = makeBinPath (with pkgs; [ coreutils gnused gnugrep xmlstarlet wget ]); - }; - }; - - dance = { - filename = pkgs.writers.writeDash "dance" '' - ${pkgs.krebsdance}/bin/krebsdance --dance "$@"; - ''; - }; - - nixos-version = { - filename = pkgs.writers.writeDash "nixos-version" '' - . /etc/os-release - echo "$PRETTY_NAME" - ''; - }; - - stockholm-issue = { - filename = stockholm.outPath + "/krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh"; - env = { - PATH = makeBinPath (with pkgs; [ coreutils git gnused haskellPackages.lentil ]); - origin = "http://cgit.gum/stockholm"; - state_dir = "/tmp/stockholm-issue"; - }; - }; - - }; - - hooks = { - - sed = { - activate = "always"; - pattern = "^(.*)$"; - arguments = [1]; - command = { - env = { - PATH = makeBinPath (with pkgs; [ gnused ]); - state_dir = "/tmp"; - }; - filename = pkgs.writers.writeDash "sed-plugin" '' - set -efu - exec ${pkgs.python3}/bin/python \ - ${./Reaktor/scripts/sed-plugin.py} "$@" - ''; - }; - }; - - shack-correct = { - activate = "match"; - pattern = "^(.*Shack.*)$"; - arguments = [1]; - command.filename = stockholm.outPath + "/krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh"; - }; - - - url-title = { - #pattern = "^.*(http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+).*$"; - pattern = "^.*(http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+).*$"; - activate = "match"; - arguments = [1]; - command = { - filename = pkgs.writePython3 "url-title" { deps = with pkgs.python3Packages; [ beautifulsoup4 lxml ]; } '' - import cgi - import sys - import urllib.request - from bs4 import BeautifulSoup - - try: - req = urllib.request.Request(sys.argv[1]) - req.add_header('user-agent', 'Reaktor-url-title') - resp = urllib.request.urlopen(req) - if resp.headers['content-type'].find('text/html') >= 0: - soup = BeautifulSoup(resp.read(16000), "lxml") - title = soup.find('title').string - - if len(title.split('\n')) > 5: - title = '\n'.join(title.split('\n')[:5]) - - print(title[:450]) - else: - cd_header = resp.headers['content-disposition'] - print(cgi.parse_header(cd_header)[1]['filename']) - except: # noqa: E722 - pass - ''; - }; - }; - }; -} diff --git a/krebs/5pkgs/simple/reaktor2-plugins/default.nix b/krebs/5pkgs/simple/reaktor2-plugins/default.nix new file mode 100644 index 000000000..3f2f6eac2 --- /dev/null +++ b/krebs/5pkgs/simple/reaktor2-plugins/default.nix @@ -0,0 +1,108 @@ +{ pkgs, stockholm, ... }: +with stockholm.lib; + +{ + generators = { + command_hook = commands: { + pattern = + "^\\s*([0-9A-Za-z._][0-9A-Za-z._-]*)(?:\\s+(.*\\S))?\\s*$"; + command = 1; + arguments = [2]; + commands = commands; + }; + }; + + commands = { + + random-emoji = { + filename = ./scripts/random-emoji.sh; + env = { + PATH = makeBinPath (with pkgs; [ coreutils gnused gnugrep xmlstarlet wget ]); + }; + }; + + dance = { + filename = pkgs.writers.writeDash "dance" '' + ${pkgs.krebsdance}/bin/krebsdance --dance "$@"; + ''; + }; + + nixos-version = { + filename = pkgs.writers.writeDash "nixos-version" '' + . /etc/os-release + echo "$PRETTY_NAME" + ''; + }; + + stockholm-issue = { + filename = ./scripts/random-issue.sh; + env = { + PATH = makeBinPath (with pkgs; [ coreutils git gnused haskellPackages.lentil ]); + origin = "http://cgit.gum/stockholm"; + state_dir = "/tmp/stockholm-issue"; + }; + }; + + }; + + hooks = { + + sed = { + activate = "always"; + pattern = "^(.*)$"; + arguments = [1]; + command = { + env = { + PATH = makeBinPath (with pkgs; [ gnused ]); + state_dir = "/tmp"; + }; + filename = pkgs.writers.writeDash "sed-plugin" '' + set -efu + exec ${pkgs.python3}/bin/python \ + ${./scripts/sed-plugin.py} "$@" + ''; + }; + }; + + shack-correct = { + activate = "match"; + pattern = "^(.*Shack.*)$"; + arguments = [1]; + command.filename = ./scripts/shack-correct.sh; + }; + + + url-title = { + #pattern = "^.*(http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+).*$"; + pattern = "^.*(http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+).*$"; + activate = "match"; + arguments = [1]; + command = { + filename = pkgs.writePython3 "url-title" { deps = with pkgs.python3Packages; [ beautifulsoup4 lxml ]; } '' + import cgi + import sys + import urllib.request + from bs4 import BeautifulSoup + + try: + req = urllib.request.Request(sys.argv[1]) + req.add_header('user-agent', 'Reaktor-url-title') + resp = urllib.request.urlopen(req) + if resp.headers['content-type'].find('text/html') >= 0: + soup = BeautifulSoup(resp.read(16000), "lxml") + title = soup.find('title').string + + if len(title.split('\n')) > 5: + title = '\n'.join(title.split('\n')[:5]) + + print(title[:450]) + else: + cd_header = resp.headers['content-disposition'] + print(cgi.parse_header(cd_header)[1]['filename']) + except: # noqa: E722 + pass + ''; + }; + }; + }; +} diff --git a/krebs/5pkgs/simple/reaktor2-plugins/scripts/random-emoji.sh b/krebs/5pkgs/simple/reaktor2-plugins/scripts/random-emoji.sh new file mode 100755 index 000000000..6f3dd4a3f --- /dev/null +++ b/krebs/5pkgs/simple/reaktor2-plugins/scripts/random-emoji.sh @@ -0,0 +1,6 @@ +#!/bin/sh +curl -sS http://emojicons.com/random | \ + grep data-text | \ + sed -n 's/.*>\(.*\)<\/textarea>/\1/p' | \ + head -n 1 | \ + xmlstarlet unesc diff --git a/krebs/5pkgs/simple/reaktor2-plugins/scripts/random-issue.sh b/krebs/5pkgs/simple/reaktor2-plugins/scripts/random-issue.sh new file mode 100755 index 000000000..5c47c6156 --- /dev/null +++ b/krebs/5pkgs/simple/reaktor2-plugins/scripts/random-issue.sh @@ -0,0 +1,20 @@ +#! /bin/sh +set -eu +# requires env: +# $state_dir +# $origin + +# in PATH: git,lentil,coreutils +subdir=`echo "$1" | tr -dc "[:alnum:]"` +name=`echo "$origin" | tr -dc "[:alnum:]"` +track="$state_dir/$name-checkout" +(if test -e "$track" ;then + cd "$track" + git fetch origin master + git reset --hard origin/master +else + git clone "$origin" "$track" +fi) >&2 + +cd "$track" +lentil "${subdir:-.}" -f csv | sed 1d | shuf | head -1 diff --git a/krebs/5pkgs/simple/reaktor2-plugins/scripts/sed-plugin.py b/krebs/5pkgs/simple/reaktor2-plugins/scripts/sed-plugin.py new file mode 100755 index 000000000..4925b25bb --- /dev/null +++ b/krebs/5pkgs/simple/reaktor2-plugins/scripts/sed-plugin.py @@ -0,0 +1,58 @@ +#!/usr/bin/env python3 + +# Usage: +# _from=krebs state_dir=. python sed-plugin.py 'dick butt' +# _from=krebs state_dir=. python sed-plugin.py 's/t/l/g' +# > dick bull +import shelve +from os import environ +from os.path import join +from sys import argv +from time import sleep +import re + +# try to open the shelve file until it succeeds +while True: + try: + d = shelve.open( + join(environ['state_dir'], 'sed-plugin.shelve'), + writeback=True + ) + break + except: # noqa: E722 + sleep(0.2) +usr = environ['_from'] + + +def is_regex(line): + myre = re.compile(r'^s/(?:\\/|[^/])+/(?:\\/|[^/])*/[ig]?$') + return myre.match(line) + + +line = argv[1] + +if is_regex(line): + last = d.get(usr, None) + if last: + from subprocess import Popen, PIPE + p = Popen(['sed', line], stdin=PIPE, stdout=PIPE, stderr=PIPE) + so, se = p.communicate(bytes("{}\n".format(last), "UTF-8")) + if p.returncode: + print("something went wrong when trying to process your regex: {}".format(line.strip())) + ret = so.decode() + if len(ret) > 512: + print('message to long, skipped') + elif len(ret.split('\n')) > 5: + print('to many lines, skipped') + else: + if last.strip() != ret.strip(): + print("\x02{}\x02 meant: {}".format(usr, ret.strip())) + if ret: + d[usr] = ret + + else: + print("no last message") +else: + d[usr] = line + +d.close() diff --git a/krebs/5pkgs/simple/reaktor2-plugins/scripts/shack-correct.sh b/krebs/5pkgs/simple/reaktor2-plugins/scripts/shack-correct.sh new file mode 100755 index 000000000..d500b3cb3 --- /dev/null +++ b/krebs/5pkgs/simple/reaktor2-plugins/scripts/shack-correct.sh @@ -0,0 +1,6 @@ +#! /bin/sh +set -eu +printf "Sie meinten wohl \"" +echo -n $@ | sed 's/Shack/shack/g' +echo "\" check out https://wiki.shackspace.de/project/logo_and_ci#name_ci" +echo "${_from}--" diff --git a/krebs/5pkgs/simple/reaktor2-plugins/scripts/tell-on_join.sh b/krebs/5pkgs/simple/reaktor2-plugins/scripts/tell-on_join.sh new file mode 100755 index 000000000..6978e38c6 --- /dev/null +++ b/krebs/5pkgs/simple/reaktor2-plugins/scripts/tell-on_join.sh @@ -0,0 +1,25 @@ +#! /bin/sh +set -euf + +# require flock from util-linux (pkgs.util-linux) +if test "${FLOCK-}" != "$state_file"; then + exec env FLOCK="$state_file" flock "$state_file" "$0" "$@" +fi + +# TODO tell now, if already joined +jq -r <"$state_file" \ + --arg to "$_from" \ + --arg msgtarget "$_msgtarget" \ + ' + select(.to == $to and .msgtarget == $msgtarget) | + "\(.to): \(.text) \u00032-- \(.from)\u00032 \(.date)" + ' + +jq -c <"$state_file" >"$state_file.tmp" \ + --arg to "$_from" \ + --arg msgtarget "$_msgtarget" \ + ' + select((.to == $to and .msgtarget == $msgtarget) | not) + ' + +mv "$state_file.tmp" "$state_file" diff --git a/krebs/5pkgs/simple/reaktor2-plugins/scripts/tell-on_privmsg.sh b/krebs/5pkgs/simple/reaktor2-plugins/scripts/tell-on_privmsg.sh new file mode 100755 index 000000000..fc05bdefb --- /dev/null +++ b/krebs/5pkgs/simple/reaktor2-plugins/scripts/tell-on_privmsg.sh @@ -0,0 +1,18 @@ +#! /bin/sh +set -euf + +# require flock from util-linux +if test "${FLOCK-}" != "$state_file"; then + exec env FLOCK="$state_file" flock "$state_file" "$0" "$@" +fi + +# TODO tell now, if already joined +jq -cn \ + --arg from "$_from" \ + --arg to "${1%% *}" \ + --arg text "${1#* }" \ + --arg msgtarget "$_msgtarget" \ + '{ $from, $to, $text, $msgtarget, date: (now | todate) }' \ + >> "$state_file" + +echo 'Consider it noted.' # that's what lambdabot says... -- cgit v1.2.3 From 68d3c925b0edb958fcbafa589d35967dfb2a979c Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 11 Jan 2026 01:29:31 +0100 Subject: 5pkgs: fix nix flake show compatibility Integrate nix-writers flake for extended writer functions (writeJq, writeGawkBin, etc.) using a fixpoint overlay so functions can reference each other. Update Python packages to new buildPythonPackage format: - Add pyproject = true and build-system for ovh-zone, python-dnsstamps, ssh-audit, tinc_graphs Fix writer function usage by taking them as arguments instead of accessing via pkgs: - nixos-format-error, untilport, qrscan, logf, gitignore, urix, etc. Update deprecated nixpkgs attribute names: - gdk_pixbuf -> gdk-pixbuf - libSM/libX11/libXinerama -> xorg.* - buildGo120Module -> buildGoModule Remove obsolete/broken packages: - buildbot-classic-slave (missing buildbot-classic) - cac-panel, drivedroid-gen-repo (Python 2 / format issues) - games-user-env, generate-secrets (unused) - internetarchive, bepasty-client-cli, krebspaste (Python 2) - qrscan (conflicts with removed nixpkgs package) Other fixes: - Use lib.callPackageWith for package interdependencies - Only export derivations in flake packages output - Limit packages output to Linux systems - Fix IFD in ukrepl by passing path to writer instead of readFile - Import stockholm.lib directly where needed (bling) - Rewrite brain and git-hooks to use runCommand --- flake.lock | 37 +++- flake.nix | 23 +- krebs/5pkgs/default.nix | 5 +- krebs/5pkgs/simple/bepasty-client-cli/default.nix | 23 -- krebs/5pkgs/simple/bling/default.nix | 5 +- krebs/5pkgs/simple/brain/default.nix | 35 +-- .../simple/buildbot-classic-slave/default.nix | 18 -- krebs/5pkgs/simple/cac-panel/default.nix | 18 -- krebs/5pkgs/simple/certaids.nix | 11 +- krebs/5pkgs/simple/cgit-clear-cache.nix | 6 +- krebs/5pkgs/simple/cunicu.nix | 2 +- krebs/5pkgs/simple/default.nix | 3 +- krebs/5pkgs/simple/drivedroid-gen-repo/default.nix | 22 -- krebs/5pkgs/simple/eximlog.nix | 6 +- krebs/5pkgs/simple/fortclientsslvpn/default.nix | 14 +- krebs/5pkgs/simple/ftb/default.nix | 6 +- krebs/5pkgs/simple/games-user-env/default.nix | 34 --- krebs/5pkgs/simple/generate-secrets/default.nix | 49 ----- krebs/5pkgs/simple/git-hooks/default.nix | 235 ++++++++++----------- krebs/5pkgs/simple/gitignore.nix | 18 +- krebs/5pkgs/simple/gnokii/default.nix | 4 +- krebs/5pkgs/simple/goify/default.nix | 4 +- krebs/5pkgs/simple/internetarchive/default.nix | 39 ---- krebs/5pkgs/simple/irc-announce/default.nix | 4 +- krebs/5pkgs/simple/krebspaste/default.nix | 12 -- krebs/5pkgs/simple/logf/default.nix | 16 +- krebs/5pkgs/simple/nixos-format-error.nix | 4 +- krebs/5pkgs/simple/ovh-zone/default.nix | 6 +- krebs/5pkgs/simple/python-dnsstamps.nix | 2 + krebs/5pkgs/simple/qrscan.nix | 7 - krebs/5pkgs/simple/realwallpaper/default.nix | 9 +- krebs/5pkgs/simple/ssh-audit.nix | 2 + krebs/5pkgs/simple/tinc_graphs/default.nix | 6 +- krebs/5pkgs/simple/ukrepl.nix | 6 +- krebs/5pkgs/simple/untilport/default.nix | 6 +- krebs/5pkgs/simple/urix.nix | 17 +- 36 files changed, 269 insertions(+), 445 deletions(-) delete mode 100644 krebs/5pkgs/simple/bepasty-client-cli/default.nix delete mode 100644 krebs/5pkgs/simple/buildbot-classic-slave/default.nix delete mode 100644 krebs/5pkgs/simple/cac-panel/default.nix delete mode 100644 krebs/5pkgs/simple/drivedroid-gen-repo/default.nix delete mode 100644 krebs/5pkgs/simple/games-user-env/default.nix delete mode 100644 krebs/5pkgs/simple/generate-secrets/default.nix delete mode 100644 krebs/5pkgs/simple/internetarchive/default.nix delete mode 100644 krebs/5pkgs/simple/krebspaste/default.nix delete mode 100644 krebs/5pkgs/simple/qrscan.nix diff --git a/flake.lock b/flake.lock index 1774af4dd..b11c289b4 100644 --- a/flake.lock +++ b/flake.lock @@ -44,6 +44,21 @@ "type": "github" } }, + "flake-utils": { + "locked": { + "lastModified": 1676283394, + "narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "hercules-ci-effects": { "inputs": { "flake-parts": [ @@ -70,7 +85,10 @@ } }, "nix-writers": { - "flake": false, + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs" + }, "locked": { "lastModified": 1677612737, "narHash": "sha256-UaCKZ4PbMZU6UZH7XNFcjRtd5jheswl66rjZDBfQgp8=", @@ -86,6 +104,21 @@ } }, "nixpkgs": { + "locked": { + "lastModified": 1677608380, + "narHash": "sha256-k82O23qBAK+43X0KSBjsMYXG2x4kWWXeAmpPTc2KRGY=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "4aba90e89f6d4ac6138939961f62842bd94ec929", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { "locked": { "lastModified": 1760878510, "narHash": "sha256-K5Osef2qexezUfs0alLvZ7nQFTGS9DL2oTVsIXsqLgs=", @@ -105,7 +138,7 @@ "inputs": { "buildbot-nix": "buildbot-nix", "nix-writers": "nix-writers", - "nixpkgs": "nixpkgs" + "nixpkgs": "nixpkgs_2" } }, "treefmt-nix": { diff --git a/flake.nix b/flake.nix index 0b8d875c7..c3a218dcf 100644 --- a/flake.nix +++ b/flake.nix @@ -1,10 +1,7 @@ { inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; - nix-writers = { - url = "git+https://cgit.krebsco.de/nix-writers"; - flake = false; - }; + nix-writers.url = "git+https://cgit.krebsco.de/nix-writers"; # disko.url = "github:nix-community/disko"; # disko.inputs.nixpkgs.follows = "nixpkgs"; buildbot-nix.url = "github:Mic92/buildbot-nix"; @@ -43,9 +40,21 @@ }; overlays.default = import ./krebs/5pkgs/default.nix; packages = let - packageNames = self.lib.attrNames (self.lib.mapNixDir (x: null) ./krebs/5pkgs/simple); - appliedOverlay = (system: self.overlays.default {} (self.inputs.nixpkgs.legacyPackages.${system} // { lib = self.lib; })); - in nixpkgs.lib.genAttrs [ "x86_64-linux" "aarch64-linux" "x86_64-darwin" "aarch64-darwin" ] (system: self.lib.getAttrs packageNames (appliedOverlay system)); + allNames = self.lib.attrNames (self.lib.mapNixDir (x: null) ./krebs/5pkgs/simple); + appliedOverlay = (system: + let + base = self.inputs.nixpkgs.legacyPackages.${system}; + # Apply nix-writers overlay with fixpoint so its functions can find each other + withWriters = nixpkgs.lib.fix (final: base // nix-writers.overlays.default final base); + in self.overlays.default {} (withWriters // { lib = self.lib; })); + # Only include derivations in packages output + getDerivations = overlay: builtins.listToAttrs (builtins.filter (x: x != null) (map (name: + let val = overlay.${name} or null; + in if val != null && (val.type or null) == "derivation" + then { inherit name; value = val; } +