8 files changed, 152 insertions, 31 deletions

diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix
index 87a5c2e1..07e7ff11 100644
--- a/tv/2configs/default.nix
+++ b/tv/2configs/default.nix
@@ -90,9 +90,6 @@ with import <stockholm/lib>;
 
     {
       services.cron.enable = false;
-      services.nscd.enable =
-        # Since 20.09 nscd doesn't cache anymore.
-        versionAtLeast (versions.majorMinor version) "20.09";
       services.ntp.enable = false;
       services.timesyncd.enable = true;
     }
diff --git a/tv/2configs/elm-packages-proxy.nix b/tv/2configs/elm-packages-proxy.nix
index 17a0d230..ecced3da 100644
--- a/tv/2configs/elm-packages-proxy.nix
+++ b/tv/2configs/elm-packages-proxy.nix
@@ -4,20 +4,45 @@
   cfg.packageDir = "/var/lib/elm-packages";
   cfg.port = 7782;
 
+  # TODO secret files
+  cfg.htpasswd = "/var/lib/certs/package.elm-lang.org/htpasswd";
+  cfg.sslCertificate = "/var/lib/certs/package.elm-lang.org/fullchain.pem";
+  cfg.sslCertificateKey = "/var/lib/certs/package.elm-lang.org/key.pem";
+
+  semverRegex =
+    "(?<major>0|[1-9]\\d*)\\.(?<minor>0|[1-9]\\d*)\\.(?<patch>0|[1-9]\\d*)(?:-(?<prerelease>(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+(?<buildmetadata>[0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?";
+
 in {
   services.nginx.virtualHosts."package.elm-lang.org" = {
     addSSL = true;
 
-    # TODO secret files
-    sslCertificate = "/var/lib/certs/package.elm-lang.org/fullchain.pem";
-    sslCertificateKey = "/var/lib/certs/package.elm-lang.org/key.pem";
+    sslCertificate = cfg.sslCertificate;
+    sslCertificateKey = cfg.sslCertificateKey;
+
+    locations."/all-packages".extraConfig = ''
+      proxy_pass http://127.0.0.1:${toString config.krebs.htgen.elm-packages-proxy.port};
+      proxy_pass_header Server;
+    '';
 
     locations."/all-packages/since/".extraConfig = ''
       proxy_pass http://127.0.0.1:${toString config.krebs.htgen.elm-packages-proxy.port};
       proxy_pass_header Server;
     '';
 
-    locations."~ ^/packages/(?<author>[A-Za-z0-9-]+)/(?<pname>[A-Za-z0-9-]+)/(?<version>(?<major>0|[1-9]\\d*)\\.(?<minor>0|[1-9]\\d*)\\.(?<patch>0|[1-9]\\d*)(?:-(?<prerelease>(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+(?<buildmetadata>[0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)/(?:zipball|elm.json|endpoint.json)\$".extraConfig = ''
+    locations."~ ^/packages/(?<author>[A-Za-z0-9-]+)/(?<pname>[A-Za-z0-9-]+)/(?<version>${semverRegex})\$".extraConfig = ''
+      auth_basic "Restricted Area";
+      auth_basic_user_file ${cfg.htpasswd};
+
+      proxy_set_header X-User $remote_user;
+      proxy_set_header X-Author $author;
+      proxy_set_header X-Package $pname;
+      proxy_set_header X-Version $version;
+      proxy_pass_header Server;
+
+      proxy_pass http://127.0.0.1:${toString config.krebs.htgen.elm-packages-proxy.port};
+    '';
+
+    locations."~ ^/packages/(?<author>[A-Za-z0-9-]+)/(?<pname>[A-Za-z0-9-]+)/(?<version>${semverRegex})/(?:zipball|elm.json|endpoint.json)\$".extraConfig = ''
       set $zipball "${cfg.packageDir}/$author/$pname/$version/zipball";
       proxy_set_header X-Author $author;
       proxy_set_header X-Package $pname;
@@ -39,14 +64,14 @@ in {
 
   krebs.htgen.elm-packages-proxy = {
     port = cfg.port;
-    script = /* sh */ ''(. ${pkgs.writeDash "elm-packages-proxy.sh" ''
+    script = /* sh */ ''. ${pkgs.writeDash "elm-packages-proxy.sh" ''
       PATH=${lib.makeBinPath [
         pkgs.coreutils
         pkgs.curl
         pkgs.findutils
         pkgs.gnugrep
         pkgs.jq
-        pkgs.unzip
+        pkgs.p7zip
       ]}
       export PATH
       file_response() {(
@@ -99,7 +124,7 @@ in {
             ;;
             elm.json)
               if ! test -f "$elmjson"; then
-                unzip -p "$zipball" \*/elm.json > "$elmjson"
+                7z x -so "$zipball" \*/elm.json > "$elmjson"
               fi
               file_response 200 OK "$elmjson" 'application/json; charset=UTF-8'
               exit
@@ -119,36 +144,86 @@ in {
             ;;
           esac
         ;;
-        'POST /all-packages/since/'*)
+        'POST /packages/'*)
+
+          author=$req_x_author
+          pname=$req_x_package
+          user=$req_x_user
+          version=$req_x_version
+
+          zipball=${cfg.packageDir}/$author/$pname/$version/zipball
+
+          if test -e "$zipball"; then
+            string_response 409 Conflict \
+                "package already exists: $author/$pname@$version" \
+                text/plain
+          else
+            echo "user $user is uploading package $author/$pname@$version" >&2
+            mkdir -p "$(dirname "$zipball")"
+            head -c $req_content_length > "$zipball"
+            string_response 200 OK \
+                "package created: $author/$pname@$version" \
+                text/plain
+          fi
+          exit
+        ;;
+        'GET /all-packages'|'POST /all-packages')
 
-          # TODO only show newest?
-          my_packages=$(
-            cd ${cfg.packageDir}
-            find -mindepth 3 -maxdepth 3 |
+          response=$(mktemp -t htgen.$$.elm-packages-proxy.all-packages.XXXXXXXX)
+          trap "rm $response >&2" EXIT
+
+          {
+            # upstream packages
+            curl -fsS https://package.elm-lang.org"$Request_URI"
+
+            # private packages
+            (cd ${cfg.packageDir}; find -mindepth 3 -maxdepth 3) |
             jq -Rs '
               split("\n") |
               map(
                 select(.!="") |
-                sub("^\\./(?<author>[^/]+)/(?<pname>[^/]+)/(?<version>[^/]+)$";"\(.author)/\(.pname)@\(.version)")
+                match("^\\./(?<author>[^/]+)/(?<pname>[^/]+)/(?<version>[^/]+)$").captures |
+                map({key:.name,value:.string}) |
+                from_entries
+              ) |
+              reduce .[] as $item ({};
+                ($item|"\(.author)/\(.pname)") as $name |
+                . + { "\($name)": ((.[$name] // []) + [$item.version]) }
               )
             '
-          )
+          } |
+          jq -cs add > $response
 
-          new_upstream_packages=$(
+          file_response 200 OK "$response" 'application/json; charset=UTF-8'
+          exit
+        ;;
+        'GET /all-packages/since/'*|'POST /all-packages/since/'*)
+
+          response=$(mktemp -t htgen.$$.elm-packages-proxy.all-packages.XXXXXXXX)
+          trap "rm $response >&2" EXIT
+
+          {
+            # upstream packages
             curl -fsS https://package.elm-lang.org"$Request_URI"
-          )
 
-          response=$(
-            jq -n \
-                --argjson my_packages "$my_packages" \
-                --argjson new_upstream_packages "$new_upstream_packages" \
-                '$new_upstream_packages + $my_packages'
-          )
+            # private packages
+            (cd ${cfg.packageDir}; find -mindepth 3 -maxdepth 3) |
+            jq -Rs '
+              split("\n") |
+              map(
+                select(.!="") |
+                sub("^\\./(?<author>[^/]+)/(?<pname>[^/]+)/(?<version>[^/]+)$";"\(.author)/\(.pname)@\(.version)")
+              ) |
+              sort_by(split("@") | [.[0]]+(.[1]|split("."))) |
+              reverse
+            '
+          } |
+          jq -cs add > $response
 
-          string_response 200 OK "$response" 'application/json; charset=UTF-8'
+          file_response 200 OK "$response" 'application/json; charset=UTF-8'
           exit
         ;;
       esac
-    ''})'';
+    ''}'';
   };
 }
diff --git a/tv/2configs/exim-smarthost.nix b/tv/2configs/exim-smarthost.nix
index 68fbcd15..4a0dcf61 100644
--- a/tv/2configs/exim-smarthost.nix
+++ b/tv/2configs/exim-smarthost.nix
@@ -26,7 +26,6 @@ with import <stockholm/lib>;
       { from = "postmaster@viljetic.de"; to = tv.mail; } # RFC 822
       { from = "mirko@viljetic.de"; to = mv-ni.mail; }
       { from = "tomislav@viljetic.de"; to = tv.mail; }
-      { from = "tv@destroy.dyn.shackspace.de"; to = tv.mail; }
       { from = "tv@viljetic.de"; to = tv.mail; }
       { from = "tv@shackspace.de"; to = tv.mail; }
     ];
diff --git a/tv/2configs/gitrepos.nix b/tv/2configs/gitrepos.nix
index 59090c8e..991281ed 100644
--- a/tv/2configs/gitrepos.nix
+++ b/tv/2configs/gitrepos.nix
@@ -83,6 +83,9 @@ let {
     krops = {
       cgit.desc = "deployment tools";
     };
+    mailaids = {
+      cgit.desc = "Assortment of aids for working with electronic mail";
+    };
     much = {};
     netcup = {
       cgit.desc = "netcup command line interface";
diff --git a/tv/2configs/hw/x220.nix b/tv/2configs/hw/x220.nix
index 61b47553..aadfc669 100644
--- a/tv/2configs/hw/x220.nix
+++ b/tv/2configs/hw/x220.nix
@@ -48,9 +48,9 @@
   };
 
   services.tlp.enable = true;
-  services.tlp.extraConfig = ''
-    START_CHARGE_THRESH_BAT0=80
-  '';
+  services.tlp.settings = {
+    START_CHARGE_THRESH_BAT0 = 80;
+  };
 
   nix = {
     buildCores = 2;
diff --git a/tv/5pkgs/haskell/mailaids.nix b/tv/5pkgs/haskell/mailaids.nix
new file mode 100644
index 00000000..b705c7c6
--- /dev/null
+++ b/tv/5pkgs/haskell/mailaids.nix
@@ -0,0 +1,21 @@
+{ mkDerivation, aeson, aeson-pretty, base, bytestring
+, case-insensitive, fetchgit, lens, optparse-applicative
+, purebred-email, stdenv, text, vector, word8
+}:
+mkDerivation {
+  pname = "mailaids";
+  version = "1.0.0";
+  src = fetchgit {
+    url = "https://cgit.krebsco.de/mailaids";
+    sha256 = "15h0k82czm89gkwhp1rwdy77jz8dmb626qdz7c2narvz9j7169v5";
+    rev = "8f11927ea74d6adb332c884502ebd9c486837523";
+    fetchSubmodules = true;
+  };
+  isLibrary = false;
+  isExecutable = true;
+  executableHaskellDepends = [
+    aeson aeson-pretty base bytestring case-insensitive lens
+    optparse-applicative purebred-email text vector word8
+  ];
+  license = stdenv.lib.licenses.mit;
+}
diff --git a/tv/5pkgs/override/rxvt_unicode.nix b/tv/5pkgs/override/rxvt_unicode.nix
index da657fb2..4d9c3abc 100644
--- a/tv/5pkgs/override/rxvt_unicode.nix
+++ b/tv/5pkgs/override/rxvt_unicode.nix
@@ -2,8 +2,16 @@
 rxvt_unicode.overrideAttrs (old: {
   patches = old.patches ++ [
     (fetchurl {
+      name = "rxvt-unicode.cancel-running-selection-request.patch";
       url = https://cgit.krebsco.de/rxvt-unicode/patch/?id=15f3f94;
       sha256 = "12vldwsds27c9l15ffc6svk9mj17jhypcz736pvpmpqbsymlkz2p";
     })
+
+    # Fix segfault when calling editor-input from XMonad.
+    (fetchurl {
+      name = "rxvt-unicode.no-perl_destruct.patch";
+      url = "https://cgit.krebsco.de/rxvt-unicode/patch/?id=d63f96a";
+      sha256 = "0i8nqrqgprv7cygflkrdp5zx75dv9bv84vrr2yc3vnfpqxamc43n";
+    })
   ];
 })
diff --git a/tv/5pkgs/simple/editor-input.nix b/tv/5pkgs/simple/editor-input.nix
new file mode 100644
index 00000000..931179af
--- /dev/null
+++ b/tv/5pkgs/simple/editor-input.nix
@@ -0,0 +1,18 @@
+{ pkgs }:
+pkgs.writeDashBin "editor-input" ''
+  exec \
+  ${pkgs.utillinux}/bin/setsid -f \
+  ${pkgs.with-tmpdir}/bin/with-tmpdir -t editor-input.XXXXXXXX \
+  ${pkgs.writeDash "editor-input.sh" ''
+    f=$TMPDIR/input
+    ${pkgs.rxvt_unicode}/bin/urxvt -name editor-input-urxvt -e \
+       ${pkgs.vim}/bin/vim --cmd ':set noeol binary' -c startinsert "$f"
+    if test -e "$f"; then
+      ${pkgs.xsel}/bin/xsel -ip < "$f"
+      ${pkgs.xsel}/bin/xsel -ib < "$f"
+      ${pkgs.xdotool}/bin/xdotool key --clearmodifiers shift+Insert
+      ${pkgs.xsel}/bin/xsel -dp
+      ${pkgs.xsel}/bin/xsel -db
+    fi
+  ''}
+''