Mic92/stockholm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge remote-tracking branch 'cd/master'

Browse Source
This commit is contained in:
makefu 2016-06-14 01:36:15 +02:00
commit eb710a17e2
No known key found for this signature in database
GPG Key ID: 36F7711F3FC0F225
25 changed files with 146 additions and 122 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Makefile
View File

@ -13,6 +13,9 @@ system ?= $(HOSTNAME)
$(if $(system),,$(error unbound variable: system)) $(if $(system),,$(error unbound variable: system))
nixos-config ?= $(stockholm)/$(LOGNAME)/1systems/$(system).nix nixos-config ?= $(stockholm)/$(LOGNAME)/1systems/$(system).nix
ifneq ($(words $(wildcard $(nixos-config))),1)
$(error bad nixos-config: $(nixos-config))
endif
# target = [target_user@]target_host[:target_port][/target_path] # target = [target_user@]target_host[:target_port][/target_path]
ifdef target ifdef target

3
krebs/3modules/apt-cacher-ng.nix
View File

@ -135,8 +135,7 @@ let
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
serviceConfig = { serviceConfig = {
PermissionsStartOnly = true; PermissionsStartOnly = true;
ExecStartPre = pkgs.writeScript "acng-init" '' ExecStartPre = pkgs.writeDash "acng-init" ''
#!/bin/sh
mkdir -p ${shell.escape cfg.cacheDir} ${shell.escape cfg.logDir} mkdir -p ${shell.escape cfg.cacheDir} ${shell.escape cfg.logDir}
chown acng:acng ${shell.escape cfg.cacheDir} ${shell.escape cfg.logDir} chown acng:acng ${shell.escape cfg.cacheDir} ${shell.escape cfg.logDir}
''; '';

3
krebs/3modules/backup.nix
View File

@ -121,8 +121,7 @@ let
"mkdir -m 0700 -p ${shell.escape plan.dst.path}/current" "mkdir -m 0700 -p ${shell.escape plan.dst.path}/current"
"flock -n ${shell.escape plan.dst.path} rsync" "flock -n ${shell.escape plan.dst.path} rsync"
]; ];
in pkgs.writeScript "backup.${plan.name}" '' in pkgs.writeBash "backup.${plan.name}" ''
#! ${pkgs.bash}/bin/bash
set -efu set -efu
start_date=$(date +%s) start_date=$(date +%s)
ssh_target=${shell.escape login-name}@$(${fastest-address remote.host}) ssh_target=${shell.escape login-name}@$(${fastest-address remote.host})

3
krebs/3modules/bepasty-server.nix
View File

@ -109,8 +109,7 @@ let
Type = "simple"; Type = "simple";
PrivateTmp = true; PrivateTmp = true;
ExecStartPre = assert server.secretKey != ""; pkgs.writeScript "bepasty-server.${name}-init" '' ExecStartPre = assert server.secretKey != ""; pkgs.writeDash "bepasty-server.${name}-init" ''
#!/bin/sh
mkdir -p "${server.dataDir}" "${server.workDir}" mkdir -p "${server.dataDir}" "${server.workDir}"
chown bepasty:bepasty "${server.workDir}" "${server.dataDir}" chown bepasty:bepasty "${server.workDir}" "${server.dataDir}"
cat > "${server.workDir}/bepasty-${name}.conf" <<EOF cat > "${server.workDir}/bepasty-${name}.conf" <<EOF

3
krebs/3modules/buildbot/master.nix
View File

@ -345,8 +345,7 @@ let
Type = "forking"; Type = "forking";
PIDFile = "${workdir}/twistd.pid"; PIDFile = "${workdir}/twistd.pid";
# TODO: maybe also prepare buildbot.tac? # TODO: maybe also prepare buildbot.tac?
ExecStartPre = pkgs.writeScript "buildbot-master-init" '' ExecStartPre = pkgs.writeDash "buildbot-master-init" ''
#!/bin/sh
set -efux set -efux
if [ ! -e ${workdir} ];then if [ ! -e ${workdir} ];then
mkdir -p ${workdir} mkdir -p ${workdir}

3
krebs/3modules/buildbot/slave.nix
View File

@ -159,8 +159,7 @@ let
Type = "forking"; Type = "forking";
PIDFile = "${workdir}/twistd.pid"; PIDFile = "${workdir}/twistd.pid";
# TODO: maybe also prepare buildbot.tac? # TODO: maybe also prepare buildbot.tac?
ExecStartPre = pkgs.writeScript "buildbot-master-init" '' ExecStartPre = pkgs.writeDash "buildbot-master-init" ''
#!/bin/sh
set -efux set -efux
mkdir -p ${workdir}/info mkdir -p ${workdir}/info
cp ${buildbot-slave-init} ${workdir}/buildbot.tac cp ${buildbot-slave-init} ${workdir}/buildbot.tac

2
krebs/3modules/git.nix
View File

@ -462,7 +462,7 @@ let
reponames = rules: sort lessThan (unique (map (x: x.repo.name) rules)); reponames = rules: sort lessThan (unique (map (x: x.repo.name) rules));
# TODO makeGitHooks that uses runCommand instead of scriptFarm? # TODO use `writeOut`
scriptFarm = scriptFarm =
farm-name: scripts: farm-name: scripts:
let let

3
krebs/3modules/github-hosts-sync.nix
View File

@ -37,8 +37,7 @@ let
SyslogIdentifier = "github-hosts-sync"; SyslogIdentifier = "github-hosts-sync";
User = user.name; User = user.name;
Restart = "always"; Restart = "always";
ExecStartPre = pkgs.writeScript "github-hosts-sync-init" '' ExecStartPre = pkgs.writeDash "github-hosts-sync-init" ''
#! /bin/sh
set -euf set -euf
install -m 0711 -o ${user.name} -d ${cfg.dataDir} install -m 0711 -o ${user.name} -d ${cfg.dataDir}
install -m 0700 -o ${user.name} -d ${cfg.dataDir}/.ssh install -m 0700 -o ${user.name} -d ${cfg.dataDir}/.ssh

5
krebs/3modules/iptables.nix
View File

@ -1,7 +1,7 @@
arg@{ config, lib, pkgs, ... }: arg@{ config, lib, pkgs, ... }:
let let
inherit (pkgs) writeScript writeText; inherit (pkgs) writeText;
inherit (builtins) inherit (builtins)
elem elem
@ -175,8 +175,7 @@ let
${buildTables iptables-version tables} ${buildTables iptables-version tables}
''; '';
startScript = writeScript "krebs-iptables_start" '' startScript = pkgs.writeDash "krebs-iptables_start" ''
#! /bin/sh
set -euf set -euf
iptables-restore < ${rules4 4} iptables-restore < ${rules4 4}
ip6tables-restore < ${rules4 6} ip6tables-restore < ${rules4 6}

11
krebs/3modules/repo-sync.nix
View File

@ -1,12 +1,12 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
with lib; with config.krebs.lib;
let let
cfg = config.krebs.repo-sync; cfg = config.krebs.repo-sync;
out = { out = {
options.krebs.repo-sync = api; options.krebs.repo-sync = api;
config = mkIf cfg.enable imp; config = lib.mkIf cfg.enable imp;
}; };
api = { api = {
@ -70,7 +70,7 @@ let
imp = { imp = {
users.users.repo-sync = { users.users.repo-sync = {
name = "repo-sync"; name = "repo-sync";
uid = config.krebs.lib.genid "repo-sync"; uid = genid "repo-sync";
description = "repo-sync user"; description = "repo-sync user";
home = cfg.stateDir; home = cfg.stateDir;
createHome = true; createHome = true;
@ -95,9 +95,8 @@ let
serviceConfig = { serviceConfig = {
Type = "simple"; Type = "simple";
PermissionsStartOnly = true; PermissionsStartOnly = true;
ExecStartPre = pkgs.writeScript "prepare-repo-sync-user" '' ExecStartPre = pkgs.writeDash "prepare-repo-sync-user" ''
#! /bin/sh cp -v ${shell.escape cfg.privateKeyFile} ${cfg.stateDir}/ssh.priv
cp -v ${config.krebs.lib.shell.escape cfg.privateKeyFile} ${cfg.stateDir}/ssh.priv
chown repo-sync ${cfg.stateDir}/ssh.priv chown repo-sync ${cfg.stateDir}/ssh.priv
''; '';
ExecStart = "${pkgs.repo-sync}/bin/repo-sync ${repo-sync-config}"; ExecStart = "${pkgs.repo-sync}/bin/repo-sync ${repo-sync-config}";

6
krebs/3modules/retiolum.nix
View File

@ -159,13 +159,13 @@ let
PrivateKeyFile = ${cfg.privkey.path} PrivateKeyFile = ${cfg.privkey.path}
${cfg.extraConfig} ${cfg.extraConfig}
''; '';
"tinc-up" = pkgs.writeScript "${cfg.netname}-tinc-up" '' "tinc-up" = pkgs.writeDash "${cfg.netname}-tinc-up" ''
${iproute}/sbin/ip link set ${cfg.netname} up ${iproute}/sbin/ip link set ${cfg.netname} up
${optionalString (net.ip4 != null) '' ${optionalString (net.ip4 != null) /* sh */ ''
${iproute}/sbin/ip -4 addr add ${net.ip4.addr} dev ${cfg.netname} ${iproute}/sbin/ip -4 addr add ${net.ip4.addr} dev ${cfg.netname}
${iproute}/sbin/ip -4 route add ${net.ip4.prefix} dev ${cfg.netname} ${iproute}/sbin/ip -4 route add ${net.ip4.prefix} dev ${cfg.netname}
''} ''}
${optionalString (net.ip6 != null) '' ${optionalString (net.ip6 != null) /* sh */ ''
${iproute}/sbin/ip -6 addr add ${net.ip6.addr} dev ${cfg.netname} ${iproute}/sbin/ip -6 addr add ${net.ip6.addr} dev ${cfg.netname}
${iproute}/sbin/ip -6 route add ${net.ip6.prefix} dev ${cfg.netname} ${iproute}/sbin/ip -6 route add ${net.ip6.prefix} dev ${cfg.netname}
''} ''}

6
krebs/3modules/tinc_graphs.nix
View File

@ -94,8 +94,7 @@ let
TimeoutSec = 300; # we will wait 5 minutes, kill otherwise TimeoutSec = 300; # we will wait 5 minutes, kill otherwise
restart = "always"; restart = "always";
ExecStartPre = pkgs.writeScript "tinc_graphs-init" '' ExecStartPre = pkgs.writeDash "tinc_graphs-init" ''
#!/bin/sh
mkdir -p "${internal_dir}" "${external_dir}" mkdir -p "${internal_dir}" "${external_dir}"
if ! test -e "${cfg.workingDir}/internal/index.html"; then if ! test -e "${cfg.workingDir}/internal/index.html"; then
cp -fr "$(${pkgs.tinc_graphs}/bin/tincstats-static-dir)/internal/." "${internal_dir}" cp -fr "$(${pkgs.tinc_graphs}/bin/tincstats-static-dir)/internal/." "${internal_dir}"
@ -106,8 +105,7 @@ let
''; '';
ExecStart = "${pkgs.tinc_graphs}/bin/all-the-graphs"; ExecStart = "${pkgs.tinc_graphs}/bin/all-the-graphs";
ExecStartPost = pkgs.writeScript "tinc_graphs-post" '' ExecStartPost = pkgs.writeDash "tinc_graphs-post" ''
#!/bin/sh
# TODO: this may break if workingDir is set to something stupid # TODO: this may break if workingDir is set to something stupid
# this is needed because homedir is created with 700 # this is needed because homedir is created with 700
chmod 755 "${cfg.workingDir}" chmod 755 "${cfg.workingDir}"

17
krebs/4lib/default.nix
View File

@ -15,6 +15,16 @@ let out = rec {
addNames = mapAttrs addName; addNames = mapAttrs addName;
guard = spec@{ type, value, ... }:
assert isOptionType type;
if type.check value
then value
else throw (toString (filter isString [
"argument"
(if spec ? name then "${spec.name}" else null)
"is not a ${type.name}"
]));
types = import ./types.nix { types = import ./types.nix {
inherit config; inherit config;
lib = lib // { inherit genid optionalTrace; }; lib = lib // { inherit genid optionalTrace; };
@ -27,6 +37,11 @@ let out = rec {
shell = import ./shell.nix { inherit lib; }; shell = import ./shell.nix { inherit lib; };
tree = import ./tree.nix { inherit lib; }; tree = import ./tree.nix { inherit lib; };
lpad = n: c: s:
if stringLength s < n
then lpad n c (c + s)
else s;
toC = x: let toC = x: let
type = typeOf x; type = typeOf x;
reject = throw "cannot convert ${type}"; reject = throw "cannot convert ${type}";
@ -41,6 +56,8 @@ let out = rec {
mapAttrs (name: _: path + "/${name}") mapAttrs (name: _: path + "/${name}")
(filterAttrs (_: eq "directory") (readDir path)); (filterAttrs (_: eq "directory") (readDir path));
genAttrs' = names: f: listToAttrs (map f names);
setAttr = name: value: set: set // { ${name} = value; }; setAttr = name: value: set: set // { ${name} = value; };
optionalTrace = c: msg: x: if c then trace msg x else x; optionalTrace = c: msg: x: if c then trace msg x else x;

23
krebs/4lib/types.nix
View File

@ -163,7 +163,7 @@ types // rec {
secret-file = submodule ({ config, ... }: { secret-file = submodule ({ config, ... }: {
options = { options = {
path = mkOption { type = str; }; path = mkOption { type = str; };
mode = mkOption { type = str; default = "0400"; }; mode = mkOption { type = file-mode; default = "0400"; };
owner = mkOption { owner = mkOption {
type = user; type = user;
default = config.krebs.users.root; default = config.krebs.users.root;
@ -239,7 +239,7 @@ types // rec {
check = let check = let
IPv4address = let d = "([1-9]?[0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])"; in IPv4address = let d = "([1-9]?[0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])"; in
concatMapStringsSep "." (const d) (range 1 4); concatMapStringsSep "." (const d) (range 1 4);
in x: match IPv4address x != null; in x: isString x && match IPv4address x != null;
merge = mergeOneOption; merge = mergeOneOption;
}; };
addr6 = mkOptionType { addr6 = mkOptionType {
@ -247,7 +247,7 @@ types // rec {
check = let check = let
# TODO check IPv6 address harder # TODO check IPv6 address harder
IPv6address = "[0-9a-f.:]+"; IPv6address = "[0-9a-f.:]+";
in x: match IPv6address x != null; in x: isString x && match IPv6address x != null;
merge = mergeOneOption; merge = mergeOneOption;
}; };
@ -293,6 +293,12 @@ types // rec {
}; };
}; };
file-mode = mkOptionType {
name = "file mode";
check = x: isString x && match "[0-7]{4}" x != null;
merge = mergeOneOption;
};
haskell.conid = mkOptionType { haskell.conid = mkOptionType {
name = "Haskell constructor identifier"; name = "Haskell constructor identifier";
check = x: check = x:
@ -309,7 +315,7 @@ types // rec {
# RFC952, B. Lexical grammar, <hname> # RFC952, B. Lexical grammar, <hname>
hostname = mkOptionType { hostname = mkOptionType {
name = "hostname"; name = "hostname";
check = x: all label.check (splitString "." x); check = x: isString x && all label.check (splitString "." x);
merge = mergeOneOption; merge = mergeOneOption;
}; };
@ -318,14 +324,15 @@ types // rec {
label = mkOptionType { label = mkOptionType {
name = "label"; name = "label";
# TODO case-insensitive labels # TODO case-insensitive labels
check = x: match "[0-9A-Za-z]([0-9A-Za-z-]*[0-9A-Za-z])?" x != null; check = x: isString x
&& match "[0-9A-Za-z]([0-9A-Za-z-]*[0-9A-Za-z])?" x != null;
merge = mergeOneOption; merge = mergeOneOption;
}; };
# POSIX.12013, 3.278 Portable Filename Character Set # POSIX.12013, 3.278 Portable Filename Character Set
filename = mkOptionType { filename = mkOptionType {
name = "POSIX filename"; name = "POSIX filename";
check = x: match "([0-9A-Za-z._])[0-9A-Za-z._-]*" x != null; check = x: isString x && match "([0-9A-Za-z._])[0-9A-Za-z._-]*" x != null;
merge = mergeOneOption; merge = mergeOneOption;
}; };
@ -335,7 +342,7 @@ types // rec {
absolute-pathname = mkOptionType { absolute-pathname = mkOptionType {
name = "POSIX absolute pathname"; name = "POSIX absolute pathname";
check = x: let xs = splitString "/" x; xa = head xs; in check = x: let xs = splitString "/" x; xa = head xs; in
xa == "/" || (xa == "" && all filename.check (tail xs)); isString x && (xa == "/" || (xa == "" && all filename.check (tail xs)));
merge = mergeOneOption; merge = mergeOneOption;
}; };
@ -344,7 +351,7 @@ types // rec {
pathname = mkOptionType { pathname = mkOptionType {
name = "POSIX pathname"; name = "POSIX pathname";
check = x: let xs = splitString "/" x; in check = x: let xs = splitString "/" x; in
all filename.check (if head xs == "" then tail xs else xs); isString x && all filename.check (if head xs == "" then tail xs else xs);
merge = mergeOneOption; merge = mergeOneOption;
}; };

3
krebs/5pkgs/Reaktor/plugins.nix
View File

@ -74,8 +74,7 @@ rec {
}; };
nixos-version = buildSimpleReaktorPlugin "nixos-version" { nixos-version = buildSimpleReaktorPlugin "nixos-version" {
script = pkgs.writeScript "nixos-version" '' script = pkgs.writeDash "nixos-version" ''
#! /bin/sh
. /etc/os-release . /etc/os-release
echo "$PRETTY_NAME" echo "$PRETTY_NAME"
''; '';

84
krebs/5pkgs/builders.nix
View File

@ -2,16 +2,16 @@
with config.krebs.lib; with config.krebs.lib;
rec { rec {
execve = name: { filename, argv ? null, envp ? {}, destination ? "" }: let execve = name: { filename, argv ? null, envp ? {}, destination ? "" }: let
in writeC name { inherit destination; } '' in writeC name { inherit destination; } /* c */ ''
#include <unistd.h> #include <unistd.h>
static char *const filename = ${toC filename}; static char *const filename = ${toC filename};
${if argv == null ${if argv == null
then /* Propagate arguments */ '' then /* Propagate arguments */ /* c */ ''
#define MAIN_ARGS int argc, char **argv #define MAIN_ARGS int argc, char **argv
'' ''
else /* Provide fixed arguments */ '' else /* Provide fixed arguments */ /* c */ ''
#define MAIN_ARGS void #define MAIN_ARGS void
static char *const argv[] = ${toC (argv ++ [null])}; static char *const argv[] = ${toC (argv ++ [null])};
''} ''}
@ -28,22 +28,22 @@ rec {
execveBin = name: cfg: execve name (cfg // { destination = "/bin/${name}"; }); execveBin = name: cfg: execve name (cfg // { destination = "/bin/${name}"; });
writeBash = name: text: pkgs.writeScript name '' makeScriptWriter = interpreter: name: text:
#! ${pkgs.bash}/bin/bash assert (with types; either absolute-pathname filename).check name;
${text} pkgs.writeOut (baseNameOf name) {
''; ${optionalString (types.absolute-pathname.check name) name} = {
writeBashBin = name: text: pkgs.writeTextFile {
executable = true; executable = true;
destination = "/bin/${name}"; text = "#! ${interpreter}\n${text}";
name = name; };
text = ''
#! ${pkgs.bash}/bin/bash
${text}
'';
}; };
writeC = name: { destination ? "" }: src: pkgs.runCommand name {} '' writeBash = makeScriptWriter "${pkgs.bash}/bin/bash";
writeBashBin = name:
assert types.filename.check name;
pkgs.writeBash "/bin/${name}";
writeC = name: { destination ? "" }: src: pkgs.runCommand name {} /* sh */ ''
PATH=${makeBinPath (with pkgs; [ PATH=${makeBinPath (with pkgs; [
binutils binutils
coreutils coreutils
@ -56,37 +56,39 @@ rec {
strip --strip-unneeded "$exe" strip --strip-unneeded "$exe"
''; '';
writeDash = name: text: pkgs.writeScript name '' writeDash = makeScriptWriter "${pkgs.dash}/bin/dash";
#! ${pkgs.dash}/bin/dash
${text}
'';
writeDashBin = name: text: pkgs.writeTextFile { writeDashBin = name:
executable = true; assert types.filename.check name;
destination = "/bin/${name}"; pkgs.writeDash "/bin/${name}";
name = name;
text = ''
#! ${pkgs.dash}/bin/dash
${text}
'';
};
writeEximConfig = name: text: pkgs.runCommand name { writeEximConfig = name: text: pkgs.runCommand name {
inherit text; inherit text;
passAsFile = [ "text" ]; passAsFile = [ "text" ];
} '' } /* sh */ ''
# TODO validate exim config even with config.nix.useChroot == true # TODO validate exim config even with config.nix.useChroot == true
# currently doing so will fail because "user exim was not found" # currently doing so will fail because "user exim was not found"
#${pkgs.exim}/bin/exim -C "$textPath" -bV >/dev/null #${pkgs.exim}/bin/exim -C "$textPath" -bV >/dev/null
mv "$textPath" $out mv "$textPath" $out
''; '';
writeFiles = name: specs0: writeOut = name: specs0:
let let
specs = mapAttrsToList (path: spec0: { specs = mapAttrsToList (path0: spec0: rec {
path = assert types.pathname.check path; path; path = guard {
type = types.pathname;
value = path0;
};
var = "file_${hashString "sha1" path}"; var = "file_${hashString "sha1" path}";
text = spec0.text; text = spec0.text;
executable = guard {
type = types.bool;
value = spec0.executable or false;
};
mode = guard {
type = types.file-mode;
value = spec0.mode or (if executable then "0755" else "0644");
};
}) specs0; }) specs0;
filevars = genAttrs' specs (spec: nameValuePair spec.var spec.text); filevars = genAttrs' specs (spec: nameValuePair spec.var spec.text);
@ -97,7 +99,7 @@ rec {
set -efu set -efu
PATH=${makeBinPath [pkgs.coreutils]} PATH=${makeBinPath [pkgs.coreutils]}
${concatMapStrings (spec: /* sh */ '' ${concatMapStrings (spec: /* sh */ ''
install -D ''$${spec.var}Path $out${spec.path} install -m ${spec.mode} -D ''$${spec.var}Path $out${spec.path}
'') specs} '') specs}
''; '';
@ -119,7 +121,7 @@ rec {
isExecutable = executables != {}; isExecutable = executables != {};
isLibrary = library != null; isLibrary = library != null;
cabal-file = pkgs.writeText "${name}-${version}.cabal" '' cabal-file = pkgs.writeText "${name}-${version}.cabal" /* cabal */ ''
build-type: Simple build-type: Simple
cabal-version: >= 1.2 cabal-version: >= 1.2
name: ${name} name: ${name}
@ -135,7 +137,7 @@ rec {
, text , text
, ... }: , ... }:
if types.filename.check exe-name if types.filename.check exe-name
then "install -D ${file} $out/${relpath}" then /* sh */ "install -D ${file} $out/${relpath}"
else throw "argument exe-name is not a ${types.filename.name}"; else throw "argument exe-name is not a ${types.filename.name}";
exe-section = exe-section =
@ -145,7 +147,7 @@ rec {
, file ? pkgs.writeText "${name}-${exe-name}.hs" text , file ? pkgs.writeText "${name}-${exe-name}.hs" text
, relpath ? "${exe-name}.hs" , relpath ? "${exe-name}.hs"
, text , text
, ... }: '' , ... }: /* cabal */ ''
executable ${exe-name} executable ${exe-name}
build-depends: ${concatStringsSep "," build-depends} build-depends: ${concatStringsSep "," build-depends}
ghc-options: ${toString ghc-options} ghc-options: ${toString ghc-options}
@ -168,7 +170,7 @@ rec {
{ build-depends ? base-depends ++ extra-depends { build-depends ? base-depends ++ extra-depends
, extra-depends ? [] , extra-depends ? []
, exposed-modules , exposed-modules
, ... }: '' , ... }: /* cabal */ ''
library library
build-depends: ${concatStringsSep "," build-depends} build-depends: ${concatStringsSep "," build-depends}
ghc-options: ${toString ghc-options} ghc-options: ${toString ghc-options}
@ -182,7 +184,7 @@ rec {
, text , text
, ... }: , ... }:
if types.haskell.modid.check mod-name if types.haskell.modid.check mod-name
then "install -D ${file} $out/${relpath}" then /* sh */ "install -D ${file} $out/${relpath}"
else throw "argument mod-name is not a ${types.haskell.modid.name}"; else throw "argument mod-name is not a ${types.haskell.modid.name}";
in in
haskellPackages.mkDerivation { haskellPackages.mkDerivation {
@ -196,7 +198,7 @@ rec {
(optionals isLibrary (get-depends library)) (optionals isLibrary (get-depends library))
haskellPackages; haskellPackages;
pname = name; pname = name;
src = pkgs.runCommand "${name}-${version}-src" {} '' src = pkgs.runCommand "${name}-${version}-src" {} /* sh */ ''
install -D ${cabal-file} $out/${cabal-file.name} install -D ${cabal-file} $out/${cabal-file.name}
${optionalString isLibrary (lib-install library)} ${optionalString isLibrary (lib-install library)}
${concatStringsSep "\n" (mapAttrsToList exe-install executables)} ${concatStringsSep "\n" (mapAttrsToList exe-install executables)}
@ -208,7 +210,7 @@ rec {
"The function `writeNixFromCabal` has been deprecated in favour of" "The function `writeNixFromCabal` has been deprecated in favour of"
"`writeHaskell`." "`writeHaskell`."
]) ])
(name: path: pkgs.runCommand name {} '' (name: path: pkgs.runCommand name {} /* sh */ ''
${pkgs.cabal2nix}/bin/cabal2nix ${path} > $out ${pkgs.cabal2nix}/bin/cabal2nix ${path} > $out
''); '');
} }

3
krebs/5pkgs/git-hooks/default.nix
View File

@ -101,8 +101,7 @@ let
fi fi
''; '';
irc-announce-script = pkgs.writeScript "irc-announce-script" '' irc-announce-script = pkgs.writeDash "irc-announce-script" ''
#! /bin/sh
set -euf set -euf
export PATH=${makeSearchPath "bin" (with pkgs; [ export PATH=${makeSearchPath "bin" (with pkgs; [

3
krebs/5pkgs/hashPassword/default.nix
View File

@ -1,7 +1,6 @@
{ lib, pkgs, ... }: { lib, pkgs, ... }:
pkgs.writeScriptBin "hashPassword" '' pkgs.writeDashBin "hashPassword" ''
#! /bin/sh
# usage: hashPassword # usage: hashPassword
set -euf set -euf

9
krebs/5pkgs/krebspaste/default.nix
View File

@ -1,7 +1,6 @@
{ writeScriptBin, pkgs }: { writeDashBin, bepasty-client-cli }:
# TODO: use `wrapProgram --add-flags` instead? # TODO use `execve` instead?
writeScriptBin "krebspaste" '' writeDashBin "krebspaste" ''
#! /bin/sh exec ${bepasty-client-cli}/bin/bepasty-cli --url http://paste.retiolum "$@"
exec ${pkgs.bepasty-client-cli}/bin/bepasty-cli --url http://paste.retiolum "$@"
'' ''

5
krebs/5pkgs/pssh/default.nix
View File

@ -1,7 +1,6 @@
{ writeScriptBin }: { writeDashBin }:
writeScriptBin "pssh" '' writeDashBin "pssh" ''
#! /bin/sh
set -efu set -efu
case ''${1-} in case ''${1-} in

3
tv/1systems/nomic.nix
View File

@ -47,8 +47,7 @@ with config.krebs.lib;
boot.tmpOnTmpfs = true; boot.tmpOnTmpfs = true;
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
(writeScriptBin "play" '' (writeDashBin "play" ''
#! /bin/sh
set -euf set -euf
mpv() { exec ${mpv}/bin/mpv "$@"; } mpv() { exec ${mpv}/bin/mpv "$@"; }
case $1 in case $1 in

3
tv/1systems/xu.nix
View File

@ -26,8 +26,7 @@ with config.krebs.lib;
hashPassword hashPassword
haskellPackages.lentil haskellPackages.lentil
parallel parallel
(pkgs.writeScriptBin "im" '' (pkgs.writeBashBin "im" ''
#! ${pkgs.bash}/bin/bash
export PATH=${makeSearchPath "bin" (with pkgs; [ export PATH=${makeSearchPath "bin" (with pkgs; [
tmux tmux
gnugrep gnugrep

3
tv/2configs/pulse.nix
View File

@ -67,8 +67,7 @@ in
}; };
serviceConfig = { serviceConfig = {
ExecStart = "${pkg}/bin/pulseaudio"; ExecStart = "${pkg}/bin/pulseaudio";
ExecStartPre = pkgs.writeScript "pulse-start" '' ExecStartPre = pkgs.writeDash "pulse-start" ''
#! /bin/sh
install -o pulse -g pulse -m 0750 -d ${runDir} install -o pulse -g pulse -m 0750 -d ${runDir}
install -o pulse -g pulse -m 0700 -d ${runDir}/home install -o pulse -g pulse -m 0700 -d ${runDir}/home
''; '';

56
tv/2configs/vim.nix
View File

@ -211,9 +211,8 @@ let
nix.vim = pkgs.writeText "nix.vim" '' nix.vim = pkgs.writeText "nix.vim" ''
setf nix setf nix
syn match NixCode /./
" Ref <nix/src/libexpr/lexer.l> " Ref <nix/src/libexpr/lexer.l>
syn match NixID /[a-zA-Z\_][a-zA-Z0-9\_\'\-]*/
syn match NixINT /\<[0-9]\+\>/ syn match NixINT /\<[0-9]\+\>/
syn match NixPATH /[a-zA-Z0-9\.\_\-\+]*\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/ syn match NixPATH /[a-zA-Z0-9\.\_\-\+]*\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/
syn match NixHPATH /\~\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/ syn match NixHPATH /\~\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/
@ -230,7 +229,7 @@ let
\ skip="'''\('\|[$]\|\\[nrt]\)" \ skip="'''\('\|[$]\|\\[nrt]\)"
\ end="'''" \ end="'''"
syn cluster NixStrings contains=NixSTRING,NixIND_STRING syn match NixOther /[():/;=.,?\[\]]/
syn match NixCommentMatch /\(^\|\s\)#.*/ syn match NixCommentMatch /\(^\|\s\)#.*/
syn region NixCommentRegion start="/\*" end="\*/" syn region NixCommentRegion start="/\*" end="\*/"
@ -241,6 +240,7 @@ let
hi link NixCommentMatch NixComment hi link NixCommentMatch NixComment
hi link NixCommentRegion NixComment hi link NixCommentRegion NixComment
hi link NixID NixCode
hi link NixINT NixData hi link NixINT NixData
hi link NixPATH NixData hi link NixPATH NixData
hi link NixHPATH NixData hi link NixHPATH NixData
@ -250,12 +250,12 @@ let
hi link NixIND_STRING NixData hi link NixIND_STRING NixData
hi link NixEnter NixCode hi link NixEnter NixCode
hi link NixExit NixData hi link NixOther NixCode
hi link NixQuote NixData hi link NixQuote NixData
hi link NixQuote2 NixQuote
hi link NixQuote3 NixQuote
syn cluster NixSubLangs contains=NONE syn cluster nix_has_dollar_curly contains=@nix_ind_strings,@nix_strings
syn cluster nix_ind_strings contains=NixIND_STRING
syn cluster nix_strings contains=NixSTRING
${concatStringsSep "\n" (mapAttrsToList (lang: { extraStart ? null }: let ${concatStringsSep "\n" (mapAttrsToList (lang: { extraStart ? null }: let
startAlts = filter isString [ startAlts = filter isString [
@ -269,27 +269,35 @@ let
syn match nix_${lang}_sigil syn match nix_${lang}_sigil
\ X${replaceStrings ["X"] ["\\X"] sigil}\ze\('''\|"\)X \ X${replaceStrings ["X"] ["\\X"] sigil}\ze\('''\|"\)X
\ nextgroup=nix_${lang}_region \ nextgroup=nix_${lang}_region_IND_STRING,nix_${lang}_region_STRING
\ transparent \ transparent
syn region nix_${lang}_region syn region nix_${lang}_region_STRING
\ matchgroup=NixSTRING \ matchgroup=NixSTRING
\ start='"' \ start='"'
\ skip='\\"' \ skip='\\"'
\ end='"' \ end='"'
\ contained \ contained
\ contains=@nix_${lang}_syntax \ contains=@nix_${lang}_syntax
\ transparent
syn region nix_${lang}_region syn region nix_${lang}_region_IND_STRING
\ matchgroup=NixIND_STRING \ matchgroup=NixIND_STRING
\ start="'''" \ start="'''"
\ skip="'''\('\|[$]\|\\[nrt]\)" \ skip="'''\('\|[$]\|\\[nrt]\)"
\ end="'''" \ end="'''"
\ contained \ contained
\ contains=@nix_${lang}_syntax \ contains=@nix_${lang}_syntax
\ transparent
syn cluster NixSubLangs syn cluster nix_ind_strings
\ add=nix_${lang}_region,@nix_${lang}_syntax \ add=nix_${lang}_region_IND_STRING
syn cluster nix_strings
\ add=nix_${lang}_region_STRING
syn cluster nix_has_dollar_curly
\ add=@nix_${lang}_syntax
'') { '') {
c = {}; c = {};
cabal = {}; cabal = {};
@ -299,26 +307,32 @@ let
''write[^ \t\r\n]*[ \t\r\n]*"\(\([^"]*\.\)\?vimrc\|[^"]*\.vim\)"''; ''write[^ \t\r\n]*[ \t\r\n]*"\(\([^"]*\.\)\?vimrc\|[^"]*\.vim\)"'';
})} })}
" Clear syntax that interferes with NixBlock. " Clear syntax that interferes with nixINSIDE_DOLLAR_CURLY.
" TODO redefine NixBlock so syntax don't have to be cleared syn clear shVarAssign
syn clear shOperator shSetList shVarAssign
syn region NixBlock syn region nixINSIDE_DOLLAR_CURLY
\ matchgroup=NixEnter \ matchgroup=NixEnter
\ start="[$]{" \ start="[$]{"
\ end="}" \ end="}"
\ contains=TOP \ contains=TOP
\ containedin=@NixSubLangs,@NixStrings \ containedin=@nix_has_dollar_curly
\ transparent
syn region NixBlockHack syn region nix_inside_curly
\ matchgroup=NixEnter \ matchgroup=NixEnter
\ start="{" \ start="{"
\ end="}" \ end="}"
\ contains=TOP \ contains=TOP
\ containedin=nixINSIDE_DOLLAR_CURLY,nix_inside_curly
\ transparent
syn match NixQuote "'''[$]"he=e-1 contained containedin=@NixSubLangs syn match NixQuote /'''\([''$']\|\\.\)/he=s+2
syn match NixQuote2 "''''"he=s+1 contained containedin=@NixSubLangs \ containedin=@nix_ind_strings
syn match NixQuote3 "'''\\[nrt]" contained containedin=@NixSubLangs \ contained
syn match NixQuote /\\./he=s+1
\ containedin=@nix_strings
\ contained
syn sync fromstart syn sync fromstart

3
tv/5pkgs/default.nix
View File

@ -3,8 +3,7 @@
{ {
nixpkgs.config.packageOverrides = { nixpkgs.config.packageOverrides = {
# TODO use XDG_RUNTIME_DIR? # TODO use XDG_RUNTIME_DIR?
cr = pkgs.writeScriptBin "cr" '' cr = pkgs.writeDashBin "cr" ''
#! /bin/sh
set -efu set -efu
export LC_TIME=de_DE.utf8 export LC_TIME=de_DE.utf8
exec ${pkgs.chromium}/bin/chromium \ exec ${pkgs.chromium}/bin/chromium \