From d2c388ce3928764a78e4158162cb64ce3b5e43ce Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 21 Sep 2017 20:59:38 +0200 Subject: [PATCH 1/5] iana-etc module: init --- krebs/3modules/default.nix | 1 + krebs/3modules/iana-etc.nix | 55 +++++++++++++++++++++++++++++++++++++ 2 files changed, 56 insertions(+) create mode 100644 krebs/3modules/iana-etc.nix diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 42df3f053..48cf7971b 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -24,6 +24,7 @@ let ./go.nix ./hidden-ssh.nix ./htgen.nix + ./iana-etc.nix ./iptables.nix ./kapacitor.nix ./monit.nix diff --git a/krebs/3modules/iana-etc.nix b/krebs/3modules/iana-etc.nix new file mode 100644 index 000000000..f6d47f27e --- /dev/null +++ b/krebs/3modules/iana-etc.nix @@ -0,0 +1,55 @@ +with import ; +{ config, pkgs, ... }: { + + options.krebs.iana-etc.services = mkOption { + default = {}; + type = types.attrsOf (types.submodule ({ config, ... }: { + options = { + port = mkOption { + default = config._module.args.name; + type = types.addCheck types.str (test "[1-9][0-9]*"); + }; + } // genAttrs ["tcp" "udp"] (protocol: mkOption { + default = null; + type = types.nullOr (types.submodule { + options = { + name = mkOption { + type = types.str; + }; + }; + }); + }); + })); + }; + + config.environment.etc = mkIf (config.krebs.iana-etc.services != {}) { + services.source = mkForce (pkgs.runCommand "krebs-iana-etc" {} '' + exec < ${pkgs.iana_etc}/etc/services + exec > $out + awk -F '[ /]+' ' + BEGIN { + port=0 + } + ${concatMapStringsSep "\n" (entry: '' + $2 == ${entry.port} { + port=$2 + next + } + port == ${entry.port} { + ${concatMapStringsSep "\n" + (proto: let + s = "${entry.${proto}.name} ${entry.port}/${proto}"; + in + "print ${toJSON s}") + (filter (proto: entry.${proto} != null) ["tcp" "udp"])} + port=0 + } + '') (attrValues config.krebs.iana-etc.services)} + { + print $0 + } + ' + ''); + }; + +} From 43b891ef00b10a4aa574e77b58773b0f2e7d15b4 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 21 Sep 2017 21:06:38 +0200 Subject: [PATCH 2/5] tv modules: s/_:// --- tv/3modules/default.nix | 2 -- 1 file changed, 2 deletions(-) diff --git a/tv/3modules/default.nix b/tv/3modules/default.nix index 57ffbfab8..493cc8b72 100644 --- a/tv/3modules/default.nix +++ b/tv/3modules/default.nix @@ -1,5 +1,3 @@ -_: - { imports = [ ./charybdis From 79df0635690a7e8457b3d4fa509be75b8f344146 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 21 Sep 2017 21:08:34 +0200 Subject: [PATCH 3/5] shell: inline utils.deploy --- shell.nix | 17 ++++++----------- 1 file changed, 6 insertions(+), 11 deletions(-) diff --git a/shell.nix b/shell.nix index 4b8abed58..c9b197a26 100644 --- a/shell.nix +++ b/shell.nix @@ -22,7 +22,12 @@ let . ${init.env} . ${init.proxy opts} - exec ${utils.deploy} + # Use system's nixos-rebuild, which is not self-contained + export PATH=/run/current-system/sw/bin + exec ${utils.with-whatsupnix} \ + nixos-rebuild switch \ + --show-trace \ + -I "$target_path" ''); cmds.install = pkgs.withGetopt { @@ -205,16 +210,6 @@ let -I "$target_path" \ ''; - utils.deploy = pkgs.writeDash "utils.deploy" '' - set -efu - # Use system's nixos-rebuild, which is not self-contained - export PATH=/run/current-system/sw/bin - ${utils.with-whatsupnix} \ - nixos-rebuild switch \ - --show-trace \ - -I "$target_path" - ''; - utils.with-whatsupnix = pkgs.writeDash "utils.with-whatsupnix" '' set -efu if \test "$quiet" = true; then From ea0b2cca51106bc7e92f36017bb3dc3ecdcc085e Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 22 Sep 2017 00:18:15 +0200 Subject: [PATCH 4/5] git-preview: init --- krebs/5pkgs/simple/git-preview.nix | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 krebs/5pkgs/simple/git-preview.nix diff --git a/krebs/5pkgs/simple/git-preview.nix b/krebs/5pkgs/simple/git-preview.nix new file mode 100644 index 000000000..d6c9579a7 --- /dev/null +++ b/krebs/5pkgs/simple/git-preview.nix @@ -0,0 +1,17 @@ +{ coreutils, git, writeDashBin }: + +writeDashBin "git-preview" '' + set -efu + head_commit=$(${git}/bin/git log -1 --format=%H) + merge_commit=$1; shift + merge_message='Merge for git-preview' + preview_dir=$(${coreutils}/bin/mktemp --tmpdir -d git-preview.XXXXXXXX) + preview_branch=$(${coreutils}/bin/basename "$preview_dir") + ${git}/bin/git worktree add -b "$preview_branch" "$preview_dir" >/dev/null + ${git}/bin/git -C "$preview_dir" checkout "$head_commit" + ${git}/bin/git -C "$preview_dir" merge -m "$merge_message" "$merge_commit" + ${git}/bin/git -C "$preview_dir" diff "$head_commit.." "$@" & + ${git}/bin/git branch -fd "$preview_branch" + ${coreutils}/bin/rm -fR "$preview_dir" + wait +'' From bbced2ea622d97aa14f8b9bf6a75748d7d51da53 Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 25 Sep 2017 12:00:29 +0200 Subject: [PATCH 5/5] mv nixpkgs: 56da88a -> 3d04a55 --- mv/source.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mv/source.nix b/mv/source.nix index aa2b13fd8..5dea13e73 100644 --- a/mv/source.nix +++ b/mv/source.nix @@ -10,7 +10,7 @@ in nixos-config.symlink = "stockholm/mv/1systems/${name}/config.nix"; nixpkgs.git = { # nixos-17.03 - ref = mkDefault "56da88a298a6f549701a10bb12072804a1ebfbd5"; + ref = mkDefault "3d04a557b72aa0987d9bf079e1445280b6bfd907"; url = https://github.com/NixOS/nixpkgs; }; secrets.file = getAttr builder {