Merge remote-tracking branch 'cd/master'

This commit is contained in:
lassulus 2016-06-13 13:50:52 +02:00
commit 23385c2984
23 changed files with 108 additions and 101 deletions

View File

@ -135,8 +135,7 @@ let
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
serviceConfig = { serviceConfig = {
PermissionsStartOnly = true; PermissionsStartOnly = true;
ExecStartPre = pkgs.writeScript "acng-init" '' ExecStartPre = pkgs.writeDash "acng-init" ''
#!/bin/sh
mkdir -p ${shell.escape cfg.cacheDir} ${shell.escape cfg.logDir} mkdir -p ${shell.escape cfg.cacheDir} ${shell.escape cfg.logDir}
chown acng:acng ${shell.escape cfg.cacheDir} ${shell.escape cfg.logDir} chown acng:acng ${shell.escape cfg.cacheDir} ${shell.escape cfg.logDir}
''; '';

View File

@ -121,8 +121,7 @@ let
"mkdir -m 0700 -p ${shell.escape plan.dst.path}/current" "mkdir -m 0700 -p ${shell.escape plan.dst.path}/current"
"flock -n ${shell.escape plan.dst.path} rsync" "flock -n ${shell.escape plan.dst.path} rsync"
]; ];
in pkgs.writeScript "backup.${plan.name}" '' in pkgs.writeBash "backup.${plan.name}" ''
#! ${pkgs.bash}/bin/bash
set -efu set -efu
start_date=$(date +%s) start_date=$(date +%s)
ssh_target=${shell.escape login-name}@$(${fastest-address remote.host}) ssh_target=${shell.escape login-name}@$(${fastest-address remote.host})

View File

@ -109,8 +109,7 @@ let
Type = "simple"; Type = "simple";
PrivateTmp = true; PrivateTmp = true;
ExecStartPre = assert server.secretKey != ""; pkgs.writeScript "bepasty-server.${name}-init" '' ExecStartPre = assert server.secretKey != ""; pkgs.writeDash "bepasty-server.${name}-init" ''
#!/bin/sh
mkdir -p "${server.dataDir}" "${server.workDir}" mkdir -p "${server.dataDir}" "${server.workDir}"
chown bepasty:bepasty "${server.workDir}" "${server.dataDir}" chown bepasty:bepasty "${server.workDir}" "${server.dataDir}"
cat > "${server.workDir}/bepasty-${name}.conf" <<EOF cat > "${server.workDir}/bepasty-${name}.conf" <<EOF

View File

@ -345,8 +345,7 @@ let
Type = "forking"; Type = "forking";
PIDFile = "${workdir}/twistd.pid"; PIDFile = "${workdir}/twistd.pid";
# TODO: maybe also prepare buildbot.tac? # TODO: maybe also prepare buildbot.tac?
ExecStartPre = pkgs.writeScript "buildbot-master-init" '' ExecStartPre = pkgs.writeDash "buildbot-master-init" ''
#!/bin/sh
set -efux set -efux
if [ ! -e ${workdir} ];then if [ ! -e ${workdir} ];then
mkdir -p ${workdir} mkdir -p ${workdir}

View File

@ -159,8 +159,7 @@ let
Type = "forking"; Type = "forking";
PIDFile = "${workdir}/twistd.pid"; PIDFile = "${workdir}/twistd.pid";
# TODO: maybe also prepare buildbot.tac? # TODO: maybe also prepare buildbot.tac?
ExecStartPre = pkgs.writeScript "buildbot-master-init" '' ExecStartPre = pkgs.writeDash "buildbot-master-init" ''
#!/bin/sh
set -efux set -efux
mkdir -p ${workdir}/info mkdir -p ${workdir}/info
cp ${buildbot-slave-init} ${workdir}/buildbot.tac cp ${buildbot-slave-init} ${workdir}/buildbot.tac

View File

@ -462,7 +462,7 @@ let
reponames = rules: sort lessThan (unique (map (x: x.repo.name) rules)); reponames = rules: sort lessThan (unique (map (x: x.repo.name) rules));
# TODO makeGitHooks that uses runCommand instead of scriptFarm? # TODO use `writeOut`
scriptFarm = scriptFarm =
farm-name: scripts: farm-name: scripts:
let let

View File

@ -37,8 +37,7 @@ let
SyslogIdentifier = "github-hosts-sync"; SyslogIdentifier = "github-hosts-sync";
User = user.name; User = user.name;
Restart = "always"; Restart = "always";
ExecStartPre = pkgs.writeScript "github-hosts-sync-init" '' ExecStartPre = pkgs.writeDash "github-hosts-sync-init" ''
#! /bin/sh
set -euf set -euf
install -m 0711 -o ${user.name} -d ${cfg.dataDir} install -m 0711 -o ${user.name} -d ${cfg.dataDir}
install -m 0700 -o ${user.name} -d ${cfg.dataDir}/.ssh install -m 0700 -o ${user.name} -d ${cfg.dataDir}/.ssh

View File

@ -1,7 +1,7 @@
arg@{ config, lib, pkgs, ... }: arg@{ config, lib, pkgs, ... }:
let let
inherit (pkgs) writeScript writeText; inherit (pkgs) writeText;
inherit (builtins) inherit (builtins)
elem elem
@ -175,8 +175,7 @@ let
${buildTables iptables-version tables} ${buildTables iptables-version tables}
''; '';
startScript = writeScript "krebs-iptables_start" '' startScript = pkgs.writeDash "krebs-iptables_start" ''
#! /bin/sh
set -euf set -euf
iptables-restore < ${rules4 4} iptables-restore < ${rules4 4}
ip6tables-restore < ${rules4 6} ip6tables-restore < ${rules4 6}

View File

@ -1,12 +1,12 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
with lib; with config.krebs.lib;
let let
cfg = config.krebs.repo-sync; cfg = config.krebs.repo-sync;
out = { out = {
options.krebs.repo-sync = api; options.krebs.repo-sync = api;
config = mkIf cfg.enable imp; config = lib.mkIf cfg.enable imp;
}; };
api = { api = {
@ -70,7 +70,7 @@ let
imp = { imp = {
users.users.repo-sync = { users.users.repo-sync = {
name = "repo-sync"; name = "repo-sync";
uid = config.krebs.lib.genid "repo-sync"; uid = genid "repo-sync";
description = "repo-sync user"; description = "repo-sync user";
home = cfg.stateDir; home = cfg.stateDir;
createHome = true; createHome = true;
@ -95,9 +95,8 @@ let
serviceConfig = { serviceConfig = {
Type = "simple"; Type = "simple";
PermissionsStartOnly = true; PermissionsStartOnly = true;
ExecStartPre = pkgs.writeScript "prepare-repo-sync-user" '' ExecStartPre = pkgs.writeDash "prepare-repo-sync-user" ''
#! /bin/sh cp -v ${shell.escape cfg.privateKeyFile} ${cfg.stateDir}/ssh.priv
cp -v ${config.krebs.lib.shell.escape cfg.privateKeyFile} ${cfg.stateDir}/ssh.priv
chown repo-sync ${cfg.stateDir}/ssh.priv chown repo-sync ${cfg.stateDir}/ssh.priv
''; '';
ExecStart = "${pkgs.repo-sync}/bin/repo-sync ${repo-sync-config}"; ExecStart = "${pkgs.repo-sync}/bin/repo-sync ${repo-sync-config}";

View File

@ -159,13 +159,13 @@ let
PrivateKeyFile = ${cfg.privkey.path} PrivateKeyFile = ${cfg.privkey.path}
${cfg.extraConfig} ${cfg.extraConfig}
''; '';
"tinc-up" = pkgs.writeScript "${cfg.netname}-tinc-up" '' "tinc-up" = pkgs.writeDash "${cfg.netname}-tinc-up" ''
${iproute}/sbin/ip link set ${cfg.netname} up ${iproute}/sbin/ip link set ${cfg.netname} up
${optionalString (net.ip4 != null) '' ${optionalString (net.ip4 != null) /* sh */ ''
${iproute}/sbin/ip -4 addr add ${net.ip4.addr} dev ${cfg.netname} ${iproute}/sbin/ip -4 addr add ${net.ip4.addr} dev ${cfg.netname}
${iproute}/sbin/ip -4 route add ${net.ip4.prefix} dev ${cfg.netname} ${iproute}/sbin/ip -4 route add ${net.ip4.prefix} dev ${cfg.netname}
''} ''}
${optionalString (net.ip6 != null) '' ${optionalString (net.ip6 != null) /* sh */ ''
${iproute}/sbin/ip -6 addr add ${net.ip6.addr} dev ${cfg.netname} ${iproute}/sbin/ip -6 addr add ${net.ip6.addr} dev ${cfg.netname}
${iproute}/sbin/ip -6 route add ${net.ip6.prefix} dev ${cfg.netname} ${iproute}/sbin/ip -6 route add ${net.ip6.prefix} dev ${cfg.netname}
''} ''}

View File

@ -94,8 +94,7 @@ let
TimeoutSec = 300; # we will wait 5 minutes, kill otherwise TimeoutSec = 300; # we will wait 5 minutes, kill otherwise
restart = "always"; restart = "always";
ExecStartPre = pkgs.writeScript "tinc_graphs-init" '' ExecStartPre = pkgs.writeDash "tinc_graphs-init" ''
#!/bin/sh
mkdir -p "${internal_dir}" "${external_dir}" mkdir -p "${internal_dir}" "${external_dir}"
if ! test -e "${cfg.workingDir}/internal/index.html"; then if ! test -e "${cfg.workingDir}/internal/index.html"; then
cp -fr "$(${pkgs.tinc_graphs}/bin/tincstats-static-dir)/internal/." "${internal_dir}" cp -fr "$(${pkgs.tinc_graphs}/bin/tincstats-static-dir)/internal/." "${internal_dir}"
@ -106,8 +105,7 @@ let
''; '';
ExecStart = "${pkgs.tinc_graphs}/bin/all-the-graphs"; ExecStart = "${pkgs.tinc_graphs}/bin/all-the-graphs";
ExecStartPost = pkgs.writeScript "tinc_graphs-post" '' ExecStartPost = pkgs.writeDash "tinc_graphs-post" ''
#!/bin/sh
# TODO: this may break if workingDir is set to something stupid # TODO: this may break if workingDir is set to something stupid
# this is needed because homedir is created with 700 # this is needed because homedir is created with 700
chmod 755 "${cfg.workingDir}" chmod 755 "${cfg.workingDir}"

View File

@ -15,6 +15,16 @@ let out = rec {
addNames = mapAttrs addName; addNames = mapAttrs addName;
guard = spec@{ type, value, ... }:
assert isOptionType type;
if type.check value
then value
else throw (toString (filter isString [
"argument"
(if spec ? name then "${spec.name}" else null)
"is not a ${type.name}"
]));
types = import ./types.nix { types = import ./types.nix {
inherit config; inherit config;
lib = lib // { inherit genid optionalTrace; }; lib = lib // { inherit genid optionalTrace; };
@ -27,6 +37,11 @@ let out = rec {
shell = import ./shell.nix { inherit lib; }; shell = import ./shell.nix { inherit lib; };
tree = import ./tree.nix { inherit lib; }; tree = import ./tree.nix { inherit lib; };
lpad = n: c: s:
if stringLength s < n
then lpad n c (c + s)
else s;
toC = x: let toC = x: let
type = typeOf x; type = typeOf x;
reject = throw "cannot convert ${type}"; reject = throw "cannot convert ${type}";
@ -41,6 +56,8 @@ let out = rec {
mapAttrs (name: _: path + "/${name}") mapAttrs (name: _: path + "/${name}")
(filterAttrs (_: eq "directory") (readDir path)); (filterAttrs (_: eq "directory") (readDir path));
genAttrs' = names: f: listToAttrs (map f names);
setAttr = name: value: set: set // { ${name} = value; }; setAttr = name: value: set: set // { ${name} = value; };
optionalTrace = c: msg: x: if c then trace msg x else x; optionalTrace = c: msg: x: if c then trace msg x else x;

View File

@ -163,7 +163,7 @@ types // rec {
secret-file = submodule ({ config, ... }: { secret-file = submodule ({ config, ... }: {
options = { options = {
path = mkOption { type = str; }; path = mkOption { type = str; };
mode = mkOption { type = str; default = "0400"; }; mode = mkOption { type = file-mode; default = "0400"; };
owner = mkOption { owner = mkOption {
type = user; type = user;
default = config.krebs.users.root; default = config.krebs.users.root;
@ -239,7 +239,7 @@ types // rec {
check = let check = let
IPv4address = let d = "([1-9]?[0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])"; in IPv4address = let d = "([1-9]?[0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])"; in
concatMapStringsSep "." (const d) (range 1 4); concatMapStringsSep "." (const d) (range 1 4);
in x: match IPv4address x != null; in x: isString x && match IPv4address x != null;
merge = mergeOneOption; merge = mergeOneOption;
}; };
addr6 = mkOptionType { addr6 = mkOptionType {
@ -247,7 +247,7 @@ types // rec {
check = let check = let
# TODO check IPv6 address harder # TODO check IPv6 address harder
IPv6address = "[0-9a-f.:]+"; IPv6address = "[0-9a-f.:]+";
in x: match IPv6address x != null; in x: isString x && match IPv6address x != null;
merge = mergeOneOption; merge = mergeOneOption;
}; };
@ -293,6 +293,12 @@ types // rec {
}; };
}; };
file-mode = mkOptionType {
name = "file mode";
check = x: isString x && match "[0-7]{4}" x != null;
merge = mergeOneOption;
};
haskell.conid = mkOptionType { haskell.conid = mkOptionType {
name = "Haskell constructor identifier"; name = "Haskell constructor identifier";
check = x: check = x:
@ -309,7 +315,7 @@ types // rec {
# RFC952, B. Lexical grammar, <hname> # RFC952, B. Lexical grammar, <hname>
hostname = mkOptionType { hostname = mkOptionType {
name = "hostname"; name = "hostname";
check = x: all label.check (splitString "." x); check = x: isString x && all label.check (splitString "." x);
merge = mergeOneOption; merge = mergeOneOption;
}; };
@ -318,14 +324,15 @@ types // rec {
label = mkOptionType { label = mkOptionType {
name = "label"; name = "label";
# TODO case-insensitive labels # TODO case-insensitive labels
check = x: match "[0-9A-Za-z]([0-9A-Za-z-]*[0-9A-Za-z])?" x != null; check = x: isString x
&& match "[0-9A-Za-z]([0-9A-Za-z-]*[0-9A-Za-z])?" x != null;
merge = mergeOneOption; merge = mergeOneOption;
}; };
# POSIX.12013, 3.278 Portable Filename Character Set # POSIX.12013, 3.278 Portable Filename Character Set
filename = mkOptionType { filename = mkOptionType {
name = "POSIX filename"; name = "POSIX filename";
check = x: match "([0-9A-Za-z._])[0-9A-Za-z._-]*" x != null; check = x: isString x && match "([0-9A-Za-z._])[0-9A-Za-z._-]*" x != null;
merge = mergeOneOption; merge = mergeOneOption;
}; };
@ -335,7 +342,7 @@ types // rec {
absolute-pathname = mkOptionType { absolute-pathname = mkOptionType {
name = "POSIX absolute pathname"; name = "POSIX absolute pathname";
check = x: let xs = splitString "/" x; xa = head xs; in check = x: let xs = splitString "/" x; xa = head xs; in
xa == "/" || (xa == "" && all filename.check (tail xs)); isString x && (xa == "/" || (xa == "" && all filename.check (tail xs)));
merge = mergeOneOption; merge = mergeOneOption;
}; };
@ -344,7 +351,7 @@ types // rec {
pathname = mkOptionType { pathname = mkOptionType {
name = "POSIX pathname"; name = "POSIX pathname";
check = x: let xs = splitString "/" x; in check = x: let xs = splitString "/" x; in
all filename.check (if head xs == "" then tail xs else xs); isString x && all filename.check (if head xs == "" then tail xs else xs);
merge = mergeOneOption; merge = mergeOneOption;
}; };

View File

@ -74,8 +74,7 @@ rec {
}; };
nixos-version = buildSimpleReaktorPlugin "nixos-version" { nixos-version = buildSimpleReaktorPlugin "nixos-version" {
script = pkgs.writeScript "nixos-version" '' script = pkgs.writeDash "nixos-version" ''
#! /bin/sh
. /etc/os-release . /etc/os-release
echo "$PRETTY_NAME" echo "$PRETTY_NAME"
''; '';

View File

@ -2,16 +2,16 @@
with config.krebs.lib; with config.krebs.lib;
rec { rec {
execve = name: { filename, argv ? null, envp ? {}, destination ? "" }: let execve = name: { filename, argv ? null, envp ? {}, destination ? "" }: let
in writeC name { inherit destination; } '' in writeC name { inherit destination; } /* c */ ''
#include <unistd.h> #include <unistd.h>
static char *const filename = ${toC filename}; static char *const filename = ${toC filename};
${if argv == null ${if argv == null
then /* Propagate arguments */ '' then /* Propagate arguments */ /* c */ ''
#define MAIN_ARGS int argc, char **argv #define MAIN_ARGS int argc, char **argv
'' ''
else /* Provide fixed arguments */ '' else /* Provide fixed arguments */ /* c */ ''
#define MAIN_ARGS void #define MAIN_ARGS void
static char *const argv[] = ${toC (argv ++ [null])}; static char *const argv[] = ${toC (argv ++ [null])};
''} ''}
@ -28,22 +28,22 @@ rec {
execveBin = name: cfg: execve name (cfg // { destination = "/bin/${name}"; }); execveBin = name: cfg: execve name (cfg // { destination = "/bin/${name}"; });
writeBash = name: text: pkgs.writeScript name '' makeScriptWriter = interpreter: name: text:
#! ${pkgs.bash}/bin/bash assert (with types; either absolute-pathname filename).check name;
${text} pkgs.writeOut (baseNameOf name) {
''; ${optionalString (types.absolute-pathname.check name) name} = {
executable = true;
text = "#! ${interpreter}\n${text}";
};
};
writeBashBin = name: text: pkgs.writeTextFile { writeBash = makeScriptWriter "${pkgs.bash}/bin/bash";
executable = true;
destination = "/bin/${name}";
name = name;
text = ''
#! ${pkgs.bash}/bin/bash
${text}
'';
};
writeC = name: { destination ? "" }: src: pkgs.runCommand name {} '' writeBashBin = name:
assert types.filename.check name;
pkgs.writeBash "/bin/${name}";
writeC = name: { destination ? "" }: src: pkgs.runCommand name {} /* sh */ ''
PATH=${makeBinPath (with pkgs; [ PATH=${makeBinPath (with pkgs; [
binutils binutils
coreutils coreutils
@ -56,37 +56,39 @@ rec {
strip --strip-unneeded "$exe" strip --strip-unneeded "$exe"
''; '';
writeDash = name: text: pkgs.writeScript name '' writeDash = makeScriptWriter "${pkgs.dash}/bin/dash";
#! ${pkgs.dash}/bin/dash
${text}
'';
writeDashBin = name: text: pkgs.writeTextFile { writeDashBin = name:
executable = true; assert types.filename.check name;
destination = "/bin/${name}"; pkgs.writeDash "/bin/${name}";
name = name;
text = ''
#! ${pkgs.dash}/bin/dash
${text}
'';
};
writeEximConfig = name: text: pkgs.runCommand name { writeEximConfig = name: text: pkgs.runCommand name {
inherit text; inherit text;
passAsFile = [ "text" ]; passAsFile = [ "text" ];
} '' } /* sh */ ''
# TODO validate exim config even with config.nix.useChroot == true # TODO validate exim config even with config.nix.useChroot == true
# currently doing so will fail because "user exim was not found" # currently doing so will fail because "user exim was not found"
#${pkgs.exim}/bin/exim -C "$textPath" -bV >/dev/null #${pkgs.exim}/bin/exim -C "$textPath" -bV >/dev/null
mv "$textPath" $out mv "$textPath" $out
''; '';
writeFiles = name: specs0: writeOut = name: specs0:
let let
specs = mapAttrsToList (path: spec0: { specs = mapAttrsToList (path0: spec0: rec {
path = assert types.pathname.check path; path; path = guard {
type = types.pathname;
value = path0;
};
var = "file_${hashString "sha1" path}"; var = "file_${hashString "sha1" path}";
text = spec0.text; text = spec0.text;
executable = guard {
type = types.bool;
value = spec0.executable or false;
};
mode = guard {
type = types.file-mode;
value = spec0.mode or (if executable then "0755" else "0644");
};
}) specs0; }) specs0;
filevars = genAttrs' specs (spec: nameValuePair spec.var spec.text); filevars = genAttrs' specs (spec: nameValuePair spec.var spec.text);
@ -97,7 +99,7 @@ rec {
set -efu set -efu
PATH=${makeBinPath [pkgs.coreutils]} PATH=${makeBinPath [pkgs.coreutils]}
${concatMapStrings (spec: /* sh */ '' ${concatMapStrings (spec: /* sh */ ''
install -D ''$${spec.var}Path $out${spec.path} install -m ${spec.mode} -D ''$${spec.var}Path $out${spec.path}
'') specs} '') specs}
''; '';
@ -119,7 +121,7 @@ rec {
isExecutable = executables != {}; isExecutable = executables != {};
isLibrary = library != null; isLibrary = library != null;
cabal-file = pkgs.writeText "${name}-${version}.cabal" '' cabal-file = pkgs.writeText "${name}-${version}.cabal" /* cabal */ ''
build-type: Simple build-type: Simple
cabal-version: >= 1.2 cabal-version: >= 1.2
name: ${name} name: ${name}
@ -135,7 +137,7 @@ rec {
, text , text
, ... }: , ... }:
if types.filename.check exe-name if types.filename.check exe-name
then "install -D ${file} $out/${relpath}" then /* sh */ "install -D ${file} $out/${relpath}"
else throw "argument exe-name is not a ${types.filename.name}"; else throw "argument exe-name is not a ${types.filename.name}";
exe-section = exe-section =
@ -145,7 +147,7 @@ rec {
, file ? pkgs.writeText "${name}-${exe-name}.hs" text , file ? pkgs.writeText "${name}-${exe-name}.hs" text
, relpath ? "${exe-name}.hs" , relpath ? "${exe-name}.hs"
, text , text
, ... }: '' , ... }: /* cabal */ ''
executable ${exe-name} executable ${exe-name}
build-depends: ${concatStringsSep "," build-depends} build-depends: ${concatStringsSep "," build-depends}
ghc-options: ${toString ghc-options} ghc-options: ${toString ghc-options}
@ -168,7 +170,7 @@ rec {
{ build-depends ? base-depends ++ extra-depends { build-depends ? base-depends ++ extra-depends
, extra-depends ? [] , extra-depends ? []
, exposed-modules , exposed-modules
, ... }: '' , ... }: /* cabal */ ''
library library
build-depends: ${concatStringsSep "," build-depends} build-depends: ${concatStringsSep "," build-depends}
ghc-options: ${toString ghc-options} ghc-options: ${toString ghc-options}
@ -182,7 +184,7 @@ rec {
, text , text
, ... }: , ... }:
if types.haskell.modid.check mod-name if types.haskell.modid.check mod-name
then "install -D ${file} $out/${relpath}" then /* sh */ "install -D ${file} $out/${relpath}"
else throw "argument mod-name is not a ${types.haskell.modid.name}"; else throw "argument mod-name is not a ${types.haskell.modid.name}";
in in
haskellPackages.mkDerivation { haskellPackages.mkDerivation {
@ -196,7 +198,7 @@ rec {
(optionals isLibrary (get-depends library)) (optionals isLibrary (get-depends library))
haskellPackages; haskellPackages;
pname = name; pname = name;
src = pkgs.runCommand "${name}-${version}-src" {} '' src = pkgs.runCommand "${name}-${version}-src" {} /* sh */ ''
install -D ${cabal-file} $out/${cabal-file.name} install -D ${cabal-file} $out/${cabal-file.name}
${optionalString isLibrary (lib-install library)} ${optionalString isLibrary (lib-install library)}
${concatStringsSep "\n" (mapAttrsToList exe-install executables)} ${concatStringsSep "\n" (mapAttrsToList exe-install executables)}
@ -208,7 +210,7 @@ rec {
"The function `writeNixFromCabal` has been deprecated in favour of" "The function `writeNixFromCabal` has been deprecated in favour of"
"`writeHaskell`." "`writeHaskell`."
]) ])
(name: path: pkgs.runCommand name {} '' (name: path: pkgs.runCommand name {} /* sh */ ''
${pkgs.cabal2nix}/bin/cabal2nix ${path} > $out ${pkgs.cabal2nix}/bin/cabal2nix ${path} > $out
''); '');
} }

View File

@ -101,8 +101,7 @@ let
fi fi
''; '';
irc-announce-script = pkgs.writeScript "irc-announce-script" '' irc-announce-script = pkgs.writeDash "irc-announce-script" ''
#! /bin/sh
set -euf set -euf
export PATH=${makeSearchPath "bin" (with pkgs; [ export PATH=${makeSearchPath "bin" (with pkgs; [

View File

@ -1,7 +1,6 @@
{ lib, pkgs, ... }: { lib, pkgs, ... }:
pkgs.writeScriptBin "hashPassword" '' pkgs.writeDashBin "hashPassword" ''
#! /bin/sh
# usage: hashPassword # usage: hashPassword
set -euf set -euf

View File

@ -1,7 +1,6 @@
{ writeScriptBin, pkgs }: { writeDashBin, bepasty-client-cli }:
# TODO: use `wrapProgram --add-flags` instead? # TODO use `execve` instead?
writeScriptBin "krebspaste" '' writeDashBin "krebspaste" ''
#! /bin/sh exec ${bepasty-client-cli}/bin/bepasty-cli --url http://paste.retiolum "$@"
exec ${pkgs.bepasty-client-cli}/bin/bepasty-cli --url http://paste.retiolum "$@"
'' ''

View File

@ -1,7 +1,6 @@
{ writeScriptBin }: { writeDashBin }:
writeScriptBin "pssh" '' writeDashBin "pssh" ''
#! /bin/sh
set -efu set -efu
case ''${1-} in case ''${1-} in

View File

@ -47,8 +47,7 @@ with config.krebs.lib;
boot.tmpOnTmpfs = true; boot.tmpOnTmpfs = true;
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
(writeScriptBin "play" '' (writeDashBin "play" ''
#! /bin/sh
set -euf set -euf
mpv() { exec ${mpv}/bin/mpv "$@"; } mpv() { exec ${mpv}/bin/mpv "$@"; }
case $1 in case $1 in

View File

@ -26,8 +26,7 @@ with config.krebs.lib;
hashPassword hashPassword
haskellPackages.lentil haskellPackages.lentil
parallel parallel
(pkgs.writeScriptBin "im" '' (pkgs.writeBashBin "im" ''
#! ${pkgs.bash}/bin/bash
export PATH=${makeSearchPath "bin" (with pkgs; [ export PATH=${makeSearchPath "bin" (with pkgs; [
tmux tmux
gnugrep gnugrep

View File

@ -67,8 +67,7 @@ in
}; };
serviceConfig = { serviceConfig = {
ExecStart = "${pkg}/bin/pulseaudio"; ExecStart = "${pkg}/bin/pulseaudio";
ExecStartPre = pkgs.writeScript "pulse-start" '' ExecStartPre = pkgs.writeDash "pulse-start" ''
#! /bin/sh
install -o pulse -g pulse -m 0750 -d ${runDir} install -o pulse -g pulse -m 0750 -d ${runDir}
install -o pulse -g pulse -m 0700 -d ${runDir}/home install -o pulse -g pulse -m 0700 -d ${runDir}/home
''; '';

View File

@ -3,8 +3,7 @@
{ {
nixpkgs.config.packageOverrides = { nixpkgs.config.packageOverrides = {
# TODO use XDG_RUNTIME_DIR? # TODO use XDG_RUNTIME_DIR?
cr = pkgs.writeScriptBin "cr" '' cr = pkgs.writeDashBin "cr" ''
#! /bin/sh
set -efu set -efu
export LC_TIME=de_DE.utf8 export LC_TIME=de_DE.utf8
exec ${pkgs.chromium}/bin/chromium \ exec ${pkgs.chromium}/bin/chromium \