From 0cbb18c16e17e220ec3a7d9a44da8f22f083dd48 Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 3 Oct 2020 01:23:07 +0200 Subject: tv th-env: init at 1.0.0 --- tv/5pkgs/haskell/th-env/default.nix | 10 ++++++++ tv/5pkgs/haskell/th-env/src/THEnv.hs | 49 ++++++++++++++++++++++++++++++++++++ tv/5pkgs/haskell/th-env/th-env.cabal | 20 +++++++++++++++ 3 files changed, 79 insertions(+) create mode 100644 tv/5pkgs/haskell/th-env/default.nix create mode 100644 tv/5pkgs/haskell/th-env/src/THEnv.hs create mode 100644 tv/5pkgs/haskell/th-env/th-env.cabal diff --git a/tv/5pkgs/haskell/th-env/default.nix b/tv/5pkgs/haskell/th-env/default.nix new file mode 100644 index 00000000..474a63b8 --- /dev/null +++ b/tv/5pkgs/haskell/th-env/default.nix @@ -0,0 +1,10 @@ +{ mkDerivation, base, stdenv, template-haskell, text }: +mkDerivation { + pname = "th-env"; + version = "1.0.0"; + src = ./.; + libraryHaskellDepends = [ base template-haskell text ]; + homepage = "https://stackoverflow.com/q/57635686"; + license = "unknown"; + hydraPlatforms = stdenv.lib.platforms.none; +} diff --git a/tv/5pkgs/haskell/th-env/src/THEnv.hs b/tv/5pkgs/haskell/th-env/src/THEnv.hs new file mode 100644 index 00000000..b04f2ce0 --- /dev/null +++ b/tv/5pkgs/haskell/th-env/src/THEnv.hs @@ -0,0 +1,49 @@ +{-# LANGUAGE TemplateHaskell #-} +module THEnv + ( + -- * Compile-time configuration + lookupCompileEnv + , lookupCompileEnvExp + , getCompileEnv + , getCompileEnvExp + , fileAsString + ) where + +import Control.Monad +import qualified Data.Text as T +import qualified Data.Text.IO as T +import Language.Haskell.TH +import Language.Haskell.TH.Syntax (Lift(..)) +import System.Environment (getEnvironment) + +-- Functions that work with compile-time configuration + +-- | Looks up a compile-time environment variable. +lookupCompileEnv :: String -> Q (Maybe String) +lookupCompileEnv key = lookup key `liftM` runIO getEnvironment + +-- | Looks up a compile-time environment variable. The result is a TH +-- expression of type @Maybe String@. +lookupCompileEnvExp :: String -> Q Exp +lookupCompileEnvExp = (`sigE` [t| Maybe String |]) . lift <=< lookupCompileEnv + -- We need to explicly type the result so that things like `print Nothing` + -- work. + +-- | Looks up an compile-time environment variable and fail, if it's not +-- present. +getCompileEnv :: String -> Q String +getCompileEnv key = + lookupCompileEnv key >>= + maybe (fail $ "Environment variable " ++ key ++ " not defined") return + +-- | Looks up an compile-time environment variable and fail, if it's not +-- present. The result is a TH expression of type @String@. +getCompileEnvExp :: String -> Q Exp +getCompileEnvExp = lift <=< getCompileEnv + +-- | Loads the content of a file as a string constant expression. +-- The given path is relative to the source directory. +fileAsString :: FilePath -> Q Exp +fileAsString = do + -- addDependentFile path -- works only with template-haskell >= 2.7 + stringE . T.unpack . T.strip <=< runIO . T.readFile diff --git a/tv/5pkgs/haskell/th-env/th-env.cabal b/tv/5pkgs/haskell/th-env/th-env.cabal new file mode 100644 index 00000000..b9a2cff3 --- /dev/null +++ b/tv/5pkgs/haskell/th-env/th-env.cabal @@ -0,0 +1,20 @@ +name: th-env +version: 1.0.0 +-- license: https://creativecommons.org/licenses/by-sa/4.0/ +license: OtherLicense +author: https://stackoverflow.com/users/9348482 +homepage: https://stackoverflow.com/q/57635686 +maintainer: tv +build-type: Simple +cabal-version: >=1.10 + +library + hs-source-dirs: src + build-depends: + base, + template-haskell, + text + exposed-modules: + THEnv + default-language: Haskell2010 + ghc-options: -O2 -Wall -- cgit v1.2.3 From 291bc460d522b2e2c785ec3c3b71a80f22b67853 Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 3 Oct 2020 03:23:18 +0200 Subject: tv xmonad: read screen/font width from build env --- tv/2configs/xserver/default.nix | 8 +++++++- tv/5pkgs/haskell/xmonad-tv/default.nix | 9 +++++---- tv/5pkgs/haskell/xmonad-tv/src/THEnv/JSON.hs | 18 ++++++++++++++++++ tv/5pkgs/haskell/xmonad-tv/src/main.hs | 21 ++++++++++++++++++--- tv/5pkgs/haskell/xmonad-tv/src/xmonad-tv.cabal | 7 ++++++- 5 files changed, 54 insertions(+), 9 deletions(-) create mode 100644 tv/5pkgs/haskell/xmonad-tv/src/THEnv/JSON.hs diff --git a/tv/2configs/xserver/default.nix b/tv/2configs/xserver/default.nix index 4e9e3074..256604a4 100644 --- a/tv/2configs/xserver/default.nix +++ b/tv/2configs/xserver/default.nix @@ -6,6 +6,12 @@ let configDir = "/var/empty"; dataDir = "/run/xdg/${cfg.user.name}/xmonad"; user = config.krebs.build.user; + xmonad.pkg = pkgs.haskellPackages.xmonad-tv.overrideAttrs (_: { + XMONAD_BUILD_SCREEN_WIDTH = 1366; + XMONAD_BUILD_TERM_FONT_WIDTH = 6; + XMONAD_BUILD_TERM_FONT = "-*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1"; + XMONAD_BUILD_TERM_PADDING = 2; + }); }; in { @@ -51,7 +57,7 @@ in { systemd.services.display-manager.enable = false; systemd.services.xmonad = let - xmonad = "${pkgs.haskellPackages.xmonad-tv}/bin/xmonad"; + xmonad = "${cfg.xmonad.pkg}/bin/xmonad"; xmonad-start = pkgs.writeDash "xmonad-start" '' ${pkgs.coreutils}/bin/mkdir -p "$XMONAD_CACHE_DIR" ${pkgs.coreutils}/bin/mkdir -p "$XMONAD_CONFIG_DIR" diff --git a/tv/5pkgs/haskell/xmonad-tv/default.nix b/tv/5pkgs/haskell/xmonad-tv/default.nix index 42eb13d4..36dffaa1 100644 --- a/tv/5pkgs/haskell/xmonad-tv/default.nix +++ b/tv/5pkgs/haskell/xmonad-tv/default.nix @@ -1,5 +1,6 @@ -{ mkDerivation, base, containers, directory, extra, stdenv, unix -, X11, xmonad, xmonad-contrib, xmonad-stockholm +{ mkDerivation, aeson, base, bytestring, containers, directory +, extra, stdenv, template-haskell, th-env, unix, X11, xmonad +, xmonad-contrib, xmonad-stockholm }: mkDerivation { pname = "xmonad-tv"; @@ -8,8 +9,8 @@ mkDerivation { isLibrary = false; isExecutable = true; executableHaskellDepends = [ - base containers directory extra unix X11 xmonad xmonad-contrib - xmonad-stockholm + aeson base bytestring containers directory extra template-haskell + th-env unix X11 xmonad xmonad-contrib xmonad-stockholm ]; license = stdenv.lib.licenses.mit; } diff --git a/tv/5pkgs/haskell/xmonad-tv/src/THEnv/JSON.hs b/tv/5pkgs/haskell/xmonad-tv/src/THEnv/JSON.hs new file mode 100644 index 00000000..2a3a0e52 --- /dev/null +++ b/tv/5pkgs/haskell/xmonad-tv/src/THEnv/JSON.hs @@ -0,0 +1,18 @@ +{-# LANGUAGE ScopedTypeVariables #-} + +module THEnv.JSON where + +import Data.Aeson (eitherDecode,FromJSON) +import Data.ByteString.Lazy.Char8 (pack) +import Language.Haskell.TH.Syntax (Exp,Lift(lift),Q) +import THEnv (getCompileEnv) +import Control.Monad + +getCompileEnvJSON :: (FromJSON a) => String -> Q a +getCompileEnvJSON name = + either error (id :: a -> a) . eitherDecode . pack <$> getCompileEnv name + +getCompileEnvJSONExp :: + forall proxy a. (FromJSON a, Lift a) => proxy a -> String -> Q Exp +getCompileEnvJSONExp _ = + (lift :: a -> Q Exp) <=< getCompileEnvJSON diff --git a/tv/5pkgs/haskell/xmonad-tv/src/main.hs b/tv/5pkgs/haskell/xmonad-tv/src/main.hs index c83b411b..b8ddd27e 100644 --- a/tv/5pkgs/haskell/xmonad-tv/src/main.hs +++ b/tv/5pkgs/haskell/xmonad-tv/src/main.hs @@ -1,4 +1,6 @@ {-# LANGUAGE LambdaCase #-} +{-# LANGUAGE TemplateHaskell #-} +{-# LANGUAGE TypeApplications #-} module Main (main) where @@ -32,10 +34,23 @@ import XMonad.Stockholm.Pager import XMonad.Stockholm.Shutdown import qualified Paths +import THEnv.JSON (getCompileEnvJSONExp) + myFont :: String myFont = "-schumacher-*-*-*-*-*-*-*-*-*-*-*-iso10646-*" +myScreenWidth :: Dimension +myScreenWidth = + $(getCompileEnvJSONExp (id @Dimension) "XMONAD_BUILD_SCREEN_WIDTH") + +myTermFontWidth :: Dimension +myTermFontWidth = + $(getCompileEnvJSONExp (id @Dimension) "XMONAD_BUILD_TERM_FONT_WIDTH") + +myTermPadding :: Dimension +myTermPadding = 2 + main :: IO () main = getArgs >>= \case @@ -46,7 +61,6 @@ main = getArgs >>= \case mainNoArgs :: IO () mainNoArgs = do - let width = 1366 workspaces0 <- getWorkspaces0 handleShutdownEvent <- newShutdownEventHandler launch @@ -60,8 +74,9 @@ mainNoArgs = do smartBorders $ ResizableTall 1 - (10 * 6 / width) - ((80 * 6 + 2 * (1+1+1))/width) [] + (fromIntegral (10 * myTermFontWidth) / fromIntegral myScreenWidth) + (fromIntegral (80 * myTermFontWidth + 2 * (myTermPadding + borderWidth def)) / fromIntegral myScreenWidth) + [] ||| Full , manageHook = diff --git a/tv/5pkgs/haskell/xmonad-tv/src/xmonad-tv.cabal b/tv/5pkgs/haskell/xmonad-tv/src/xmonad-tv.cabal index f10bc4ae..d07e2b15 100644 --- a/tv/5pkgs/haskell/xmonad-tv/src/xmonad-tv.cabal +++ b/tv/5pkgs/haskell/xmonad-tv/src/xmonad-tv.cabal @@ -9,10 +9,14 @@ cabal-version: >=1.10 executable xmonad main-is: main.hs build-depends: + aeson, base, + bytestring, containers, directory, extra, + template-haskell, + th-env, unix, X11, xmonad, @@ -20,6 +24,7 @@ executable xmonad xmonad-stockholm other-modules: Helpers.Path, - Paths + Paths, + THEnv.JSON default-language: Haskell2010 ghc-options: -O2 -Wall -threaded -- cgit v1.2.3 From 9a63bb8769217a0240d00c226735f3bca95dbdee Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 3 Oct 2020 03:34:32 +0200 Subject: tv xserver: reconfigure xmonad for au --- tv/2configs/xserver/default.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/tv/2configs/xserver/default.nix b/tv/2configs/xserver/default.nix index 256604a4..032df5d9 100644 --- a/tv/2configs/xserver/default.nix +++ b/tv/2configs/xserver/default.nix @@ -7,6 +7,13 @@ let dataDir = "/run/xdg/${cfg.user.name}/xmonad"; user = config.krebs.build.user; xmonad.pkg = pkgs.haskellPackages.xmonad-tv.overrideAttrs (_: { + au = { + XMONAD_BUILD_SCREEN_WIDTH = 1920; + XMONAD_BUILD_TERM_FONT_WIDTH = 10; + XMONAD_BUILD_TERM_FONT = "xft:Input Mono:size=12:style=Regular"; + XMONAD_BUILD_TERM_PADDING = 2; + }; + }.${config.krebs.build.host.name} or { XMONAD_BUILD_SCREEN_WIDTH = 1366; XMONAD_BUILD_TERM_FONT_WIDTH = 6; XMONAD_BUILD_TERM_FONT = "-*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1"; -- cgit v1.2.3 From 2b63e26a2cdbce8438f3df5931a536569502a5bc Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 3 Oct 2020 03:45:00 +0200 Subject: tv viljetic-pages: add favicon.ico --- tv/5pkgs/simple/viljetic-pages/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/tv/5pkgs/simple/viljetic-pages/default.nix b/tv/5pkgs/simple/viljetic-pages/default.nix index 1ae55cca..ee07c927 100644 --- a/tv/5pkgs/simple/viljetic-pages/default.nix +++ b/tv/5pkgs/simple/viljetic-pages/default.nix @@ -11,6 +11,7 @@ stdenv.mkDerivation { installPhase = '' mkdir -p $out cp ${./index.html} $out/index.html + convert ${./logo.xpm} $out/favicon.ico convert ${./logo.xpm} $out/favicon2.png ''; } -- cgit v1.2.3 From 0d09e8aa03119ad7775ffc485abe48004d05d0eb Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 3 Oct 2020 03:46:55 +0200 Subject: tv vim nix: fix trigger for js --- tv/5pkgs/vim/nix.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tv/5pkgs/vim/nix.nix b/tv/5pkgs/vim/nix.nix index 4f3f83aa..52c465dc 100644 --- a/tv/5pkgs/vim/nix.nix +++ b/tv/5pkgs/vim/nix.nix @@ -133,7 +133,7 @@ with import ; (writer "Jq") (writerExt "jq") ]; - javascript.extraStart = comment "jq"; + javascript.extraStart = comment "js"; lua = {}; #nginx = {}; python.extraStart = alts [ -- cgit v1.2.3 From 7921b70b11acb0cbe3c820f61c572bedf9434a5f Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 3 Oct 2020 03:47:58 +0200 Subject: tv vim nix: recognize markdown by extension --- tv/5pkgs/vim/nix.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/tv/5pkgs/vim/nix.nix b/tv/5pkgs/vim/nix.nix index 52c465dc..c121d815 100644 --- a/tv/5pkgs/vim/nix.nix +++ b/tv/5pkgs/vim/nix.nix @@ -135,6 +135,7 @@ with import ; ]; javascript.extraStart = comment "js"; lua = {}; + markdown.extraStart = writerExt "md"; #nginx = {}; python.extraStart = alts [ (comment "py") -- cgit v1.2.3 From 58eb3302b0423347433d72248f90912f60b580bd Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 3 Oct 2020 04:07:25 +0200 Subject: tv: make default kernel easily overridable --- tv/2configs/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix index 9db35184..9132773c 100644 --- a/tv/2configs/default.nix +++ b/tv/2configs/default.nix @@ -1,7 +1,7 @@ with import ; { config, pkgs, ... }: { - boot.kernelPackages = pkgs.linuxPackages_latest; + boot.kernelPackages = mkDefault pkgs.linuxPackages_latest; boot.tmpOnTmpfs = true; -- cgit v1.2.3 From 74a65a60eadb6990d6cd6bcb06767f1f40e89f52 Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 3 Oct 2020 04:09:45 +0200 Subject: tv: cleanup stale shell aliases --- tv/2configs/default.nix | 5 ----- 1 file changed, 5 deletions(-) diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix index 9132773c..2d813fe3 100644 --- a/tv/2configs/default.nix +++ b/tv/2configs/default.nix @@ -68,18 +68,13 @@ with import ; ]; environment.shellAliases = mkForce { - # alias cal='cal -m3' gp = "${pkgs.pari}/bin/gp -q"; df = "df -h"; du = "du -h"; - # alias grep='grep --color=auto' # TODO alias cannot contain #\' # "ps?" = "ps ax | head -n 1;ps ax | fgrep -v ' grep --color=auto ' | grep"; - # alias la='ls -lA' - lAtr = "ls -lAtr"; - # alias ll='ls -l' ls = "ls -h --color=auto --group-directories-first"; dmesg = "dmesg -L --reltime"; view = "vim -R"; -- cgit v1.2.3 From dac9dba691cb35300ee62199f5bf7b8975f62a1d Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 3 Oct 2020 12:17:08 +0200 Subject: tv ppp: remove default config --- tv/2configs/ppp.nix | 30 ------------------------------ 1 file changed, 30 deletions(-) diff --git a/tv/2configs/ppp.nix b/tv/2configs/ppp.nix index 9cc7568a..02227343 100644 --- a/tv/2configs/ppp.nix +++ b/tv/2configs/ppp.nix @@ -1,32 +1,2 @@ { pkgs, ... }: { - - # usage: pppd call default - - environment.etc."ppp/peers/default".text = '' - /dev/ttyACM2 - 921600 - crtscts - defaultroute - holdoff 10 - lock - maxfail 0 - noauth - nodetach - noipdefault - passive - persist - usepeerdns - connect "${pkgs.ppp}/bin/chat -f ${pkgs.writeText "default.chat" '' - ABORT "BUSY" - ABORT "NO CARRIER" - REPORT CONNECT - "" "ATDT*99#" - CONNECT - ''}" - ''; - - environment.systemPackages = [ - pkgs.ppp - ]; - } -- cgit v1.2.3 From 3c9945364c294ab65c62c01447d00ebc980558bc Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 3 Oct 2020 12:19:13 +0200 Subject: tv ppp: add o2 config --- tv/2configs/ppp.nix | 34 +++++++++++++++++++++++++++++++++- tv/dummy_secrets/o2.pin | 1 + 2 files changed, 34 insertions(+), 1 deletion(-) create mode 100644 tv/dummy_secrets/o2.pin diff --git a/tv/2configs/ppp.nix b/tv/2configs/ppp.nix index 02227343..ecb17c3f 100644 --- a/tv/2configs/ppp.nix +++ b/tv/2configs/ppp.nix @@ -1,2 +1,34 @@ -{ pkgs, ... }: { +{ pkgs, ... }: let + lib = import ; + cfg = { + pin = "@${toString }"; + ttys.ppp = "/dev/ttyACM0"; + }; +in { + environment.etc."ppp/peers/o2".text = /* sh */ '' + ${cfg.ttys.ppp} + 921600 + crtscts + defaultroute + holdoff 10 + lock + maxfail 0 + noauth + nodetach + noipdefault + passive + persist + usepeerdns + connect "${pkgs.ppp}/bin/chat ''${DEBUG+-v} -Ss -f ${pkgs.writeText "o2.chat" /* sh */ '' + ABORT "BUSY" + ABORT "NO CARRIER" + REPORT CONNECT + "*EMRDY: 1" + ATZ OK + AT+CFUN=1 OK + ${cfg.pin} TIMEOUT 2 ERROR-AT-OK + AT+CGDCONT=1,\042IP\042,\042internet\042 OK + ATDT*99***1# CONNECT + ''}" + ''; } diff --git a/tv/dummy_secrets/o2.pin b/tv/dummy_secrets/o2.pin new file mode 100644 index 00000000..53a3137c --- /dev/null +++ b/tv/dummy_secrets/o2.pin @@ -0,0 +1 @@ +AT -- cgit v1.2.3 From 64a9aeed2298295d204efd05b321dea271ecdb2a Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 3 Oct 2020 12:22:04 +0200 Subject: tv ppp: add connect script --- tv/2configs/ppp.nix | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/tv/2configs/ppp.nix b/tv/2configs/ppp.nix index ecb17c3f..0c74e164 100644 --- a/tv/2configs/ppp.nix +++ b/tv/2configs/ppp.nix @@ -31,4 +31,30 @@ in { ATDT*99***1# CONNECT ''}" ''; + users.users.root.packages = [ + (pkgs.writeDashBin "connect" '' + # usage: + # connect wlan + # connect wwan [PEERNAME] + set -efu + rfkill_wlan=/sys/class/rfkill/rfkill2 + rfkill_wwan=/sys/class/rfkill/rfkill1 + case $1 in + wlan) + ${pkgs.procps}/bin/pkill pppd || : + echo 0 > "$rfkill_wwan"/state + echo 1 > "$rfkill_wlan"/state + ;; + wwan) + name=''${2-o2} + echo 0 > "$rfkill_wlan"/state + echo 1 > "$rfkill_wwan"/state + ${pkgs.ppp}/bin/pppd call "$name" updetach + ;; + *) + echo "$0: error: bad arguments: $*" >&2 + exit 1 + esac + '') + ]; } -- cgit v1.2.3 From 3f6a68eab4b49f16daf8373ee5d99b8ffd55a119 Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 3 Oct 2020 12:22:44 +0200 Subject: tv ppp: add modem-send script --- tv/2configs/ppp.nix | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/tv/2configs/ppp.nix b/tv/2configs/ppp.nix index 0c74e164..8c1dc65b 100644 --- a/tv/2configs/ppp.nix +++ b/tv/2configs/ppp.nix @@ -3,6 +3,7 @@ cfg = { pin = "@${toString }"; ttys.ppp = "/dev/ttyACM0"; + ttys.com = "/dev/ttyACM1"; }; in { environment.etc."ppp/peers/o2".text = /* sh */ '' @@ -56,5 +57,16 @@ in { exit 1 esac '') + (pkgs.writeDashBin "modem-send" '' + # usage: modem-send ATCOMMAND + set -efu + tty=${lib.shell.escape cfg.ttys.com} + exec <"$tty" + printf '%s\r\n' "$1" >"$tty" + ${pkgs.gnused}/bin/sed -E ' + /^OK\r?$/q + /^ERROR\r?$/q + ' + '') ]; } -- cgit v1.2.3 From 885e7857c0f3ac7dc7d73ceb6db6de9924f9b570 Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 3 Oct 2020 12:24:25 +0200 Subject: tv ppp: reconfigure resolv.conf --- tv/2configs/ppp.nix | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/tv/2configs/ppp.nix b/tv/2configs/ppp.nix index 8c1dc65b..ff61f943 100644 --- a/tv/2configs/ppp.nix +++ b/tv/2configs/ppp.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: let +{ config, pkgs, ... }: let lib = import ; cfg = { pin = "@${toString }"; @@ -6,6 +6,18 @@ ttys.com = "/dev/ttyACM1"; }; in { + assertions = [ + { + assertion = config.networking.resolvconf.enable; + message = "ppp configuration needs resolvconf"; + } + ]; + environment.etc."ppp/ip-up".source = pkgs.writeDash "ppp.ip-up" '' + ${pkgs.openresolv}/bin/resolvconf -a "$IFNAME" < /etc/ppp/resolv.conf + ''; + environment.etc."ppp/ip-down".source = pkgs.writeDash "ppp.ip-down" '' + ${pkgs.openresolv}/bin/resolvconf -fd "$IFNAME" + ''; environment.etc."ppp/peers/o2".text = /* sh */ '' ${cfg.ttys.ppp} 921600 -- cgit v1.2.3 From 654f64f05935a69607a540f2e8d15619cee9e15e Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 3 Oct 2020 13:04:58 +0200 Subject: tv au: add ppp --- tv/1systems/au/config.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/tv/1systems/au/config.nix b/tv/1systems/au/config.nix index fc4b216f..3891b757 100644 --- a/tv/1systems/au/config.nix +++ b/tv/1systems/au/config.nix @@ -3,6 +3,7 @@ ./disks.nix + ]; -- cgit v1.2.3 From 132549cded87755018df77b9c18e68d083cee4ca Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 3 Oct 2020 14:12:04 +0200 Subject: tv override: customize input-fonts --- tv/5pkgs/override/default.nix | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/tv/5pkgs/override/default.nix b/tv/5pkgs/override/default.nix index 99c1b3ec..789a3cfe 100644 --- a/tv/5pkgs/override/default.nix +++ b/tv/5pkgs/override/default.nix @@ -1,5 +1,15 @@ with import ; self: super: { + input-fonts = super.input-fonts.overrideAttrs (old: rec { + src = self.fetchurl { + url = "http://xu.r/~tv/mirrors/input-fonts/Input-Font-2.zip"; + sha256 = "1vvipqcflz4ximy7xpqy9idrdpq3a0c490hp5137r2dq03h865y0"; + }; + outputHash = null; + outputHashAlgo = null; + outputHashMode = null; + }); + rxvt_unicode = self.callPackage ./rxvt_unicode.nix { rxvt_unicode = super.rxvt_unicode; }; -- cgit v1.2.3 From 7dfc0f431f2bd87fa4656e1940e6330172d81720 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 14 Oct 2020 12:18:59 +0200 Subject: krebs.secret: add directory and file options --- krebs/3modules/secret.nix | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/krebs/3modules/secret.nix b/krebs/3modules/secret.nix index 67454d1f..978939f6 100644 --- a/krebs/3modules/secret.nix +++ b/krebs/3modules/secret.nix @@ -3,6 +3,14 @@ with import ; cfg = config.krebs.secret; in { options.krebs.secret = { + directory = mkOption { + default = toString ; + type = types.absolute-pathname; + }; + file = mkOption { + default = relpath: "${cfg.directory}/${relpath}"; + readOnly = true; + }; files = mkOption { type = with types; attrsOf secret-file; default = {}; -- cgit v1.2.3 From 2d3130e87095694be52962a8db0b7432b5661684 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 14 Oct 2020 13:02:09 +0200 Subject: tv * ssh.privkey.path: use krebs.secret.file --- krebs/3modules/tv/default.nix | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix index c86fda05..6a09cc83 100644 --- a/krebs/3modules/tv/default.nix +++ b/krebs/3modules/tv/default.nix @@ -52,7 +52,7 @@ in { ''; }; }; - ssh.privkey.path = ; + ssh.privkey.path = config.krebs.secret.file "ssh.id_rsa"; ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDP9JS2Nyjx4Pn+/4MrFi1EvBBYVKkGm2Q4lhgaAiSuiGLol53OSsL2KIo01mbcSSBWow9QpQpn8KDoRnT2aMLDrdTFqL20ztDLOXmtrSsz3flgCjmW4f6uOaoZF0RNjAybd1coqwSJ7EINugwoqOsg1zzN2qeIGKYFvqFIKibYFAnQ8hcksmkvPdIO5O8CbdIiP9sZSrSDp0ZyLK2T0PML2jensVZOeqSPulQDFqLsbmavpVLkpDjdzzPRwbZWNB4++YeipbYNOkX4GR1EB4wMZ93IbBV7kpJtib2Zb2AnUf7UW37hxWBjILdstj9ClwNOQggn8kD9ub7YxBzH1dz0Xd8a0mPOAWIDJz9MypXgFRc3vdvPB/W1I4Se0CLbgOkORun9CkgijKr9oEY8JNt8HFd6viZcAaQxOyIm6PNHZTnHfdSc7bIBS2n3e3IZBv0fTd77knGLXg402aTuu2bm/kxsKivxsILXIaGbeXe4ceN3Fynr3FzSM2bUkzHb0mAHu1BQ9YaX0xzCwjVueA5nzGls7ODSFkXsiBfg2FvMN/sTLFca6tnwyqcnD6nujoiS5+BxjDWPgnZYqCaW3B/IkpTsRMsX6QrfhOFcsP8qlJ2Cp82orWoDK/D0vZ9pdzAc6PFGga0RofuJKY2yiq+SRZ7/e9E6VncIVCYZ1OfN0Q=="; }; au = { @@ -79,7 +79,7 @@ in { }; }; secure = true; - ssh.privkey.path = ; + ssh.privkey.path = config.krebs.secret.file "ssh.id_ed25519"; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBsqDuhGJpjpqNv4QmjoOhcODObrPyY3GHLvtVkgXV0g root@au"; }; mu = { @@ -103,7 +103,7 @@ in { ''; }; }; - ssh.privkey.path = ; + ssh.privkey.path = config.krebs.secret.file "ssh.id_ed25519"; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM1vJsAddvxMA84u9iJEOrIkKn7pQiemMbfW5cfK1d7g root@mu"; }; ni = { @@ -177,7 +177,7 @@ in { }; }; secure = true; - ssh.privkey.path = ; + ssh.privkey.path = config.krebs.secret.file "ssh.id_ed25519"; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMIHmwXHV7E9UGuk4voVCADjlLkyygqNw054jvrsPn5t root@nomic"; }; wu = { @@ -203,7 +203,7 @@ in { }; }; secure = true; - ssh.privkey.path = ; + ssh.privkey.path = config.krebs.secret.file "ssh.id_ed25519"; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcJvu8JDVzObLUtlAQg9qVugthKSfitwCljuJ5liyHa"; }; querel = { @@ -262,7 +262,7 @@ in { }; }; secure = true; - ssh.privkey.path = ; + ssh.privkey.path = config.krebs.secret.file "ssh.id_ed25519"; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPnjfceKuHNQu7S4eYFN1FqgzMqiL7haNZMh2ZLhvuhK root@xu"; }; zu = { -- cgit v1.2.3 From f5133d7c26f467fa8fa43aa6665fbb678decf25d Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 14 Oct 2020 13:18:34 +0200 Subject: tv rxvt-unicode-256color-terminfo: init --- .../simple/rxvt-unicode-256color-terminfo/default.nix | 16 ++++++++++++++++ .../rxvt-unicode-256color.terminfo | Bin 0 -> 2239 bytes 2 files changed, 16 insertions(+) create mode 100644 tv/5pkgs/simple/rxvt-unicode-256color-terminfo/default.nix create mode 100644 tv/5pkgs/simple/rxvt-unicode-256color-terminfo/rxvt-unicode-256color.terminfo diff --git a/tv/5pkgs/simple/rxvt-unicode-256color-terminfo/default.nix b/tv/5pkgs/simple/rxvt-unicode-256color-terminfo/default.nix new file mode 100644 index 00000000..d2f6f46b --- /dev/null +++ b/tv/5pkgs/simple/rxvt-unicode-256color-terminfo/default.nix @@ -0,0 +1,16 @@ +# This package is mainly intended for cross-built systems for which we cannot +# or don't want to build pkgs.rxvt_unicode for some reason. +# +# ${./rxvt-unicode-256color.terminfo} was copied from a previously built +# /run/current-system/sw/share/terminfo/r/rxvt-unicode-256color +{ runCommand }: + +runCommand "rxvt-unicode-256color-terminfo" {} /* sh */ '' + mkdir -p $out/nix-support + mkdir -p $out/share/terminfo/r + + ln -s ${./rxvt-unicode-256color.terminfo} \ + $out/share/terminfo/r/rxvt-unicode-256color + + echo "$out" >> $out/nix-support/propagated-user-env-packages +'' diff --git a/tv/5pkgs/simple/rxvt-unicode-256color-terminfo/rxvt-unicode-256color.terminfo b/tv/5pkgs/simple/rxvt-unicode-256color-terminfo/rxvt-unicode-256color.terminfo new file mode 100644 index 00000000..3f43d0d5 Binary files /dev/null and b/tv/5pkgs/simple/rxvt-unicode-256color-terminfo/rxvt-unicode-256color.terminfo differ -- cgit v1.2.3 From a0110673120e5f72582ea02b7bc6d360a108f38d Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 15 Oct 2020 14:22:40 +0200 Subject: tv rpiPackages: init --- tv/5pkgs/rpi/default.nix | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 tv/5pkgs/rpi/default.nix diff --git a/tv/5pkgs/rpi/default.nix b/tv/5pkgs/rpi/default.nix new file mode 100644 index 00000000..f0ac47f6 --- /dev/null +++ b/tv/5pkgs/rpi/default.nix @@ -0,0 +1,9 @@ +let + lib = import ; +in + +self: super: + +{ + rpiPackages = lib.mapNixDir (path: self.callPackage path {}) ./.; +} -- cgit v1.2.3 From 9ed980f603c3afce53b577726a3f6af2a9bbed75 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 15 Oct 2020 13:47:46 +0200 Subject: tv rpiPacakges.WiringPi: init at 2020-09-14 --- tv/5pkgs/rpi/WiringPi/default.nix | 61 +++++++++++++++++++++++++++++++++++++++ tv/5pkgs/rpi/WiringPi/src.json | 6 ++++ 2 files changed, 67 insertions(+) create mode 100644 tv/5pkgs/rpi/WiringPi/default.nix create mode 100644 tv/5pkgs/rpi/WiringPi/src.json diff --git a/tv/5pkgs/rpi/WiringPi/default.nix b/tv/5pkgs/rpi/WiringPi/default.nix new file mode 100644 index 00000000..61c43556 --- /dev/null +++ b/tv/5pkgs/rpi/WiringPi/default.nix @@ -0,0 +1,61 @@ +{ fetchFromGitHub, runCommand, stdenv }: + +let + generic = name: extraAttrs: + stdenv.mkDerivation ({ + pname = "WiringPi-${name}"; + version = "2020-09-14"; + + src = fetchFromGitHub (stdenv.lib.importJSON ./src.json); + + buildPhase = '' + runHook postBuild + + make -C ${name} all + + runHook preBuild + ''; + + installPhase = '' + runHook preInstall + + export DESTDIR=$out + export PREFIX= + export LDCONFIG=true + + make -C ${name} install + + runHook postInstall + ''; + } // extraAttrs); + + fakeutils = runCommand "fakeutils-1.0" {} /* sh */ '' + mkdir -p $out/bin + for name in chown chmod; do + touch $out/bin/$name + chmod +x $out/bin/$name + done + ''; +in + +rec { + wiringPi = generic "wiringPi" {}; + wiringPiDev = generic "devLib" { + buildInputs = [ + wiringPi + ]; + }; + gpio = generic "gpio" { + preInstall = '' + # fakeutils cannot be buildInputs because they have to override existing + # executables and therefore need to be prepended to the search path. + PATH=${fakeutils}/bin:$PATH + + mkdir -p $out/bin + ''; + buildInputs = [ + wiringPi + wiringPiDev + ]; + }; +} diff --git a/tv/5pkgs/rpi/WiringPi/src.json b/tv/5pkgs/rpi/WiringPi/src.json new file mode 100644 index 00000000..edf4e827 --- /dev/null +++ b/tv/5pkgs/rpi/WiringPi/src.json @@ -0,0 +1,6 @@ +{ + "owner": "WiringPi", + "repo": "WiringPi", + "rev": "5c6bab7d4279e8c0cc890984eaa1a69ff3af1c99", + "sha256": "1jlx7lb3ybwv06b2dpmsr718d0xj85awl1dgdqc607k50kk25mjb" +} -- cgit v1.2.3 From 83bcb46ce98ba3ec07b2208a82b05116352ec602 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 15 Oct 2020 14:24:58 +0200 Subject: tv nix-prefetch-github: init at 3.0 --- tv/5pkgs/override/default.nix | 3 ++ tv/5pkgs/override/nix-prefetch-github.nix | 47 +++++++++++++++++++++++++++++++ 2 files changed, 50 insertions(+) create mode 100644 tv/5pkgs/override/nix-prefetch-github.nix diff --git a/tv/5pkgs/override/default.nix b/tv/5pkgs/override/default.nix index 789a3cfe..d18d6650 100644 --- a/tv/5pkgs/override/default.nix +++ b/tv/5pkgs/override/default.nix @@ -10,6 +10,9 @@ self: super: { outputHashMode = null; }); + nix-prefetch-github = + self.python3Packages.callPackage ./nix-prefetch-github.nix {}; + rxvt_unicode = self.callPackage ./rxvt_unicode.nix { rxvt_unicode = super.rxvt_unicode; }; diff --git a/tv/5pkgs/override/nix-prefetch-github.nix b/tv/5pkgs/override/nix-prefetch-github.nix new file mode 100644 index 00000000..67873f92 --- /dev/null +++ b/tv/5pkgs/override/nix-prefetch-github.nix @@ -0,0 +1,47 @@ +{ fetchPypi +, lib +, buildPythonPackage +, pythonOlder +, attrs +, click +, effect +, jinja2 +, git +, pytestCheckHook +, pytest-black +, pytestcov +, pytest-isort +}: + +buildPythonPackage rec { + pname = "nix-prefetch-github"; + version = "3.0"; + + src = fetchPypi { + inherit pname version; + sha256 = "sha256-EN+EbVXUaf+id5UsK4EBm/9k9FYaH79g08kblvW60XA="; + }; + + propagatedBuildInputs = [ + attrs + click + effect + jinja2 + ]; + + checkInputs = [ pytestCheckHook pytest-black pytestcov pytest-isort git ]; + checkPhase = '' + pytest -m 'not network' + ''; + + # latest version of isort will cause tests to fail + # ignore tests which are impure + disabledTests = [ "isort" "life" "outputs" "fetch_submodules" ]; + + meta = with lib; { + description = "Prefetch sources from github"; + homepage = "https://github.com/seppeljordan/nix-prefetch-github"; + license = licenses.gpl3; + maintainers = with maintainers; [ seppeljordan ]; + }; +} -- cgit v1.2.3 From acdb2bea876aaadf30430e2ea3cbef62808ca24c Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 15 Oct 2020 14:38:36 +0200 Subject: lib.mapNixDir1: prefix names starting with a digit --- lib/default.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/lib/default.nix b/lib/default.nix index f02959bb..be9f60f3 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -60,13 +60,17 @@ let }.${typeOf x}; mapNixDir1 = f: dirPath: + let + toPackageName = name: + if test "^[0-9].*" name then "_${name}" else name; + in listToAttrs (map (relPath: let name = removeSuffix ".nix" relPath; path = dirPath + "/${relPath}"; in - nameValuePair name (f path)) + nameValuePair (toPackageName name) (f path)) (filter (name: name != "default.nix" && !hasPrefix "." name) (attrNames (readDir dirPath)))); -- cgit v1.2.3 From cbf844cdde559ebd19b7c98d99abd858017951f1 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 15 Oct 2020 14:53:14 +0200 Subject: tv rpiPackages.433Utils: init at 2018-06-07 --- .../433Utils/RPi_utils.codesend.codestring.patch | 24 +++++++++++++ tv/5pkgs/rpi/433Utils/default.nix | 42 ++++++++++++++++++++++ tv/5pkgs/rpi/433Utils/rc-switch.protocols.patch | 10 ++++++ tv/5pkgs/rpi/433Utils/src.json | 7 ++++ 4 files changed, 83 insertions(+) create mode 100644 tv/5pkgs/rpi/433Utils/RPi_utils.codesend.codestring.patch create mode 100644 tv/5pkgs/rpi/433Utils/default.nix create mode 100644 tv/5pkgs/rpi/433Utils/rc-switch.protocols.patch create mode 100644 tv/5pkgs/rpi/433Utils/src.json diff --git a/tv/5pkgs/rpi/433Utils/RPi_utils.codesend.codestring.patch b/tv/5pkgs/rpi/433Utils/RPi_utils.codesend.codestring.patch new file mode 100644 index 00000000..447e42f1 --- /dev/null +++ b/tv/5pkgs/rpi/433Utils/RPi_utils.codesend.codestring.patch @@ -0,0 +1,24 @@ +--- a/RPi_utils/codesend.cpp ++++ b/RPi_utils/codesend.cpp +@@ -40,18 +40,18 @@ int main(int argc, char *argv[]) { + } + + // Change protocol and pulse length accroding to parameters +- int code = atoi(argv[1]); ++ const char *code = argv[1]; + if (argc >= 3) protocol = atoi(argv[2]); + if (argc >= 4) pulseLength = atoi(argv[3]); + + if (wiringPiSetup () == -1) return 1; +- printf("sending code[%i]\n", code); ++ printf("sending code[%s]\n", code); + RCSwitch mySwitch = RCSwitch(); + if (protocol != 0) mySwitch.setProtocol(protocol); + if (pulseLength != 0) mySwitch.setPulseLength(pulseLength); + mySwitch.enableTransmit(PIN); + +- mySwitch.send(code, 24); ++ mySwitch.send(code); + + return 0; + diff --git a/tv/5pkgs/rpi/433Utils/default.nix b/tv/5pkgs/rpi/433Utils/default.nix new file mode 100644 index 00000000..78be6de3 --- /dev/null +++ b/tv/5pkgs/rpi/433Utils/default.nix @@ -0,0 +1,42 @@ +{ fetchFromGitHub, stdenv +, wiringPi ? WiringPi.wiringPi +, wiringPiDev ? WiringPi.wiringPiDev +, WiringPi ? rpiPackages.WiringPi +, rpiPackages +}: + +stdenv.mkDerivation { + pname = "433Utils-RPi_utils"; + version = "2018-06-07"; + + src = fetchFromGitHub (stdenv.lib.importJSON ./src.json); + + patches = [ + ./rc-switch.protocols.patch + ./RPi_utils.codesend.codestring.patch + ]; + + buildPhase = '' + runHook postBuild + + make -C RPi_utils + + runHook preBuild + ''; + + buildInputs = [ + wiringPi + wiringPiDev + ]; + + installPhase = '' + runHook preInstall + + mkdir -p $out/bin + for name in send codesend RFSniffer; do + cp RPi_utils/$name $out/bin/ + done + + runHook postInstall + ''; +} diff --git a/tv/5pkgs/rpi/433Utils/rc-switch.protocols.patch b/tv/5pkgs/rpi/433Utils/rc-switch.protocols.patch new file mode 100644 index 00000000..41304ef8 --- /dev/null +++ b/tv/5pkgs/rpi/433Utils/rc-switch.protocols.patch @@ -0,0 +1,10 @@ +--- a/rc-switch/RCSwitch.cpp ++++ b/rc-switch/RCSwitch.cpp +@@ -78,6 +78,7 @@ static const RCSwitch::Protocol PROGMEM proto[] = { + { 100, { 30, 71 }, { 4, 11 }, { 9, 6 } }, // protocol 3 + { 380, { 1, 6 }, { 1, 3 }, { 3, 1 } }, // protocol 4 + { 500, { 6, 14 }, { 1, 2 }, { 2, 1 } }, // protocol 5 ++ { 136, { 1, 31 }, { 1, 3 }, { 3, 1 } }, // protocol 6 + }; + + enum { diff --git a/tv/5pkgs/rpi/433Utils/src.json b/tv/5pkgs/rpi/433Utils/src.json new file mode 100644 index 00000000..3cf23278 --- /dev/null +++ b/tv/5pkgs/rpi/433Utils/src.json @@ -0,0 +1,7 @@ +{ + "owner": "ninjablocks", + "repo": "433Utils", + "rev": "31c0ea4e158287595a6f6116b6151e72691e1839", + "sha256": "04r2qlkdsz46qgpnbizrfccz1i0qlkb1iqz0jzyq4fzvksqp9dg1", + "fetchSubmodules": true +} \ No newline at end of file -- cgit v1.2.3 From 4d5c1b6dbed3c07c030e1dfe9f033f707608d84a Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 16 Oct 2020 22:25:35 +0200 Subject: types.net: add mac option --- lib/types.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lib/types.nix b/lib/types.nix index 3eda2262..689a2c80 100644 --- a/lib/types.nix +++ b/lib/types.nix @@ -116,6 +116,10 @@ rec { type = listOf hostname; default = []; }; + mac = mkOption { + type = nullOr str; + default = null; + }; ip4 = mkOption { type = nullOr (submodule { options = { -- cgit v1.2.3 From b034f63f7a2e4361b32c33c0e1a980eecf1a5aa6 Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 17 Oct 2020 01:00:54 +0200 Subject: tv iptables: move sshd stuff to sshd config --- tv/2configs/sshd.nix | 20 ++++++++++++++++---- tv/3modules/iptables.nix | 9 +-------- 2 files changed, 17 insertions(+), 12 deletions(-) diff --git a/tv/2configs/sshd.nix b/tv/2configs/sshd.nix index 25468f23..79af5b01 100644 --- a/tv/2configs/sshd.nix +++ b/tv/2configs/sshd.nix @@ -1,10 +1,22 @@ -{ config, lib, pkgs, ... }: - with import ; - -{ +{ config, ... }: let + cfg.host = config.krebs.build.host; +in { services.openssh = { enable = true; }; tv.iptables.input-internet-accept-tcp = singleton "ssh"; + tv.iptables.extra.nat.OUTPUT = [ + "-o lo -p tcp --dport 11423 -j REDIRECT --to-ports 22" + ]; + tv.iptables.extra4.nat.PREROUTING = [ + "-d ${cfg.host.nets.retiolum.ip4.addr} -p tcp --dport 22 -j ACCEPT" + ]; + tv.iptables.extra6.nat.PREROUTING = [ + "-d ${cfg.host.nets.retiolum.ip6.addr} -p tcp --dport 22 -j ACCEPT" + ]; + tv.iptables.extra.nat.PREROUTING = [ + "-p tcp --dport 22 -j REDIRECT --to-ports 0" + "-p tcp --dport 11423 -j REDIRECT --to-ports 22" + ]; } diff --git a/tv/3modules/iptables.nix b/tv/3modules/iptables.nix index 3974760d..9cf0bd5a 100644 --- a/tv/3modules/iptables.nix +++ b/tv/3modules/iptables.nix @@ -135,15 +135,8 @@ let { :INPUT ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] - ${concatMapStringsSep "\n" (rule: "-A PREROUTING ${rule}") [ - "! -i retiolum -p tcp -m tcp --dport 22 -j REDIRECT --to-ports 0" - "-p tcp -m tcp --dport 11423 -j REDIRECT --to-ports 22" - ]} - ${concatMapStringsSep "\n" (rule: "-A OUTPUT ${rule}") [ - "-o lo -p tcp -m tcp --dport 11423 -j REDIRECT --to-ports 22" - ]} - ${formatTable cfg.extra.nat} ${formatTable cfg."extra${toString iptables-version}".nat} + ${formatTable cfg.extra.nat} COMMIT *filter :INPUT DROP [0:0] -- cgit v1.2.3