irc-announce: add tls flag

author: lassulus <lassulus@lassul.us> 2021-09-05 22:51:37 +0200
committer: lassulus <lassulus@lassul.us> 2021-09-05 23:09:21 +0200
commit: b471ff4191011b000f60dd2c6dafc6e5ed9458c2 (patch)
tree: d83a70b841bda26335a2771fcf5470a5afce9222 /krebs
parent: aaae1b2f5b6532ae6f5def1678957e2a6dc00c28 (diff)
4 files changed, 31 insertions, 6 deletions
diff --git a/krebs/3modules/announce-activation.nix b/krebs/3modules/announce-activation.nix
index 76eb4b13..a40ae8ce 100644
--- a/krebs/3modules/announce-activation.nix
+++ b/krebs/3modules/announce-activation.nix
@@ -9,6 +9,7 @@ with import <stockholm/lib>;
         ${shell.escape (toString cfg.irc.port)} \
         ${shell.escape cfg.irc.nick} \
         ${shell.escape cfg.irc.channel} \
+        ${escapeShellArg cfg.irc.tls} \
         "$message"
   '';
   default-get-message = pkgs.writeDash "announce-activation-get-message" ''
@@ -50,6 +51,10 @@ in {
         default = "irc.r";
         type = types.hostname;
       };
+      tls = mkOption {
+        default = false;
+        type = types.bool;
+      };
     };
   };
   config = mkIf cfg.enable {
diff --git a/krebs/3modules/hidden-ssh.nix b/krebs/3modules/hidden-ssh.nix
index 4436a616..acbe717d 100644
--- a/krebs/3modules/hidden-ssh.nix
+++ b/krebs/3modules/hidden-ssh.nix
@@ -19,6 +19,14 @@ let
       type = types.str;
       default = "irc.hackint.org";
     };
+    port = mkOption {
+      type = types.int;
+      default = 6697;
+    };
+    tls = mkOption {
+      type = types.bool;
+      default = true;
+    };
     message = mkOption {
       type = types.str;
       default = "SSH Hidden Service at ";
@@ -53,10 +61,14 @@ let
             echo "still waiting for ${hiddenServiceDir}/hostname"
             sleep 1
           done
-          ${pkgs.untilport}/bin/untilport ${cfg.server} 6667 && \
-            ${pkgs.irc-announce}/bin/irc-announce \
-            ${cfg.server} 6667 ${config.krebs.build.host.name}-ssh \
-            \${cfg.channel} \
+          ${pkgs.untilport}/bin/untilport ${escapeShellArg cfg.server} ${toString cfg.port}
+
+          ${pkgs.irc-announce}/bin/irc-announce \
+            ${escapeShellArg cfg.server} \
+            ${toString cfg.port} \
+            "${config.krebs.build.host.name}-ssh" \
+            ${escapeShellArg cfg.channel} \
+            ${escapeShellArg cfg.tls} \
             "${cfg.message}$(cat ${hiddenServiceDir}/hostname)"
         '';
         PrivateTmp = "true";
diff --git a/krebs/5pkgs/simple/git-hooks/default.nix b/krebs/5pkgs/simple/git-hooks/default.nix
index 0a2c8441..012c4ccf 100644
--- a/krebs/5pkgs/simple/git-hooks/default.nix
+++ b/krebs/5pkgs/simple/git-hooks/default.nix
@@ -12,6 +12,7 @@ with import <stockholm/lib>;
   , port ? 6667
   , refs ? []
   , server
+  , tls ? false
   , verbose ? false
   }: /* sh */ ''
     #! /bin/sh
@@ -39,6 +40,7 @@ with import <stockholm/lib>;
     nick=${escapeShellArg nick}
     channel=${escapeShellArg channel}
     server=${escapeShellArg server}
+    tls=${escapeShellArg tls}
     port=${toString port}
 
     host=$nick
@@ -114,6 +116,7 @@ with import <stockholm/lib>;
         "$port" \
         "$nick" \
         "$channel" \
+        "tls" \
         "$message"
     fi
   '';
diff --git a/krebs/5pkgs/simple/irc-announce/default.nix b/krebs/5pkgs/simple/irc-announce/default.nix
index 52cf1286..5797b366 100644
--- a/krebs/5pkgs/simple/irc-announce/default.nix
+++ b/krebs/5pkgs/simple/irc-announce/default.nix
@@ -17,7 +17,8 @@ pkgs.writeDashBin "irc-announce" ''
   IRC_PORT=$2
   IRC_NICK=$3_$$
   IRC_CHANNEL=$4
-  message=$5
+  IRC_TLS=$5
+  message=$6
 
   export IRC_CHANNEL # for privmsg_cat
 
@@ -34,6 +35,8 @@ pkgs.writeDashBin "irc-announce" ''
   # privmsg_cat transforms stdin to a privmsg
   privmsg_cat() { awk '{ print "PRIVMSG "ENVIRON["IRC_CHANNEL"]" :"$0 }'; }
 
+  tls_flag() { if [ "$IRC_TLS" -eq 1 ]; then echo "-c"; fi }
+
   # ircin is used to feed the output of netcat back to the "irc client"
   # so we can implement expect-like behavior with sed^_^
   # XXX mkselfdestructingtmpfifo would be nice instead of this cruft
@@ -51,6 +54,8 @@ pkgs.writeDashBin "irc-announce" ''
     echo2 "USER $LOGNAME 0 * :$LOGNAME@$(hostname)"
     echo2 "NICK $IRC_NICK"
 
+    awk 'match($0, /PING(.*)/, m) {print "PONG", m[1]; exit}'
+
     # wait for MODE message
     sed -n '/^:[^ ]* MODE /q'
 
@@ -67,5 +72,5 @@ pkgs.writeDashBin "irc-announce" ''
 
     echo2 'QUIT :Gone to have lunch'
   } < ircin \
-    | nc "$IRC_SERVER" "$IRC_PORT" | tee -a ircin
+    | nc $(tls_flag) "$IRC_SERVER" "$IRC_PORT" | tee -a ircin
 ''
author	lassulus <lassulus@lassul.us>	2021-09-05 22:51:37 +0200
committer	lassulus <lassulus@lassul.us>	2021-09-05 23:09:21 +0200
commit	b471ff4191011b000f60dd2c6dafc6e5ed9458c2 (patch)
tree	d83a70b841bda26335a2771fcf5470a5afce9222 /krebs
parent	aaae1b2f5b6532ae6f5def1678957e2a6dc00c28 (diff)