From 74d2ef3f26e30a065674b1d9fa911f0f8f18e05d Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 27 May 2022 13:43:52 +0200 Subject: nixpkgs: fd3e33d -> 06db2e2 --- krebs/nixpkgs.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'krebs') diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index 970ffa20..8e371efa 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "fd3e33d696b81e76b30160dfad2efb7ac1f19879", - "date": "2022-04-30T11:27:15+02:00", - "path": "/nix/store/4n9dqxd8j90h0j99n8pyim6n5q1zviwg-nixpkgs", - "sha256": "1liw3glyv1cx0bxgxnq2yjp0ismg0np2ycg72rqghv75qb73zf9h", + "rev": "06db2e2197401b74fcf82d4e84be15b0b5851c7b", + "date": "2022-05-22T09:30:24-05:00", + "path": "/nix/store/6s5x7d30gcc48ryc2rym3gy17r626g25-nixpkgs", + "sha256": "0p3c9gjjdr1gz55al2s5yhh59kx8fqbgzhw4cab3mqair9h84m4j", "fetchLFS": false, "fetchSubmodules": false, "deepClone": false, -- cgit v1.2.3 From 9777d03ec0efb7a93d7401cbeadcbb59e430b2e0 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 27 May 2022 13:57:25 +0200 Subject: nixpkgs-unstable: 2a3aac4 -> 5ce6597 --- krebs/nixpkgs-unstable.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'krebs') diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json index 30be112d..49d65160 100644 --- a/krebs/nixpkgs-unstable.json +++ b/krebs/nixpkgs-unstable.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "2a3aac479caeba0a65b2ad755fe5f284f1fde74d", - "date": "2022-05-09T07:45:23+00:00", - "path": "/nix/store/56hy8l0ky71qdx5zibjzzg0q8ivkk7vc-nixpkgs", - "sha256": "0px2fk64s56qxd8ir8xg8bsj5yz1w399ps4xfkyx29n2ywp9ar7c", + "rev": "5ce6597eca7d7b518c03ecda57d45f9404b5e060", + "date": "2022-05-24T17:55:48+02:00", + "path": "/nix/store/glvcj0zmqq9z5wf6bppnppbpf8w85iwf-nixpkgs", + "sha256": "1hs1lnnbp1dky3nfp7xlricpp5c63sr46jyrnvykci8bl8jnxnl3", "fetchLFS": false, "fetchSubmodules": false, "deepClone": false, -- cgit v1.2.3 From 08887763dcf8a3e4d2a8152f051d4fa00d5b216e Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 27 May 2022 19:59:06 +0200 Subject: l security-workarounds: remove pkexec fix --- krebs/2configs/security-workarounds.nix | 2 -- 1 file changed, 2 deletions(-) (limited to 'krebs') diff --git a/krebs/2configs/security-workarounds.nix b/krebs/2configs/security-workarounds.nix index 0743f2b4..b1a492f5 100644 --- a/krebs/2configs/security-workarounds.nix +++ b/krebs/2configs/security-workarounds.nix @@ -1,6 +1,4 @@ { config, lib, pkgs, ... }: with import ; { - # https://github.com/Lassulus/CVE-2021-4034 - security.wrappers.pkexec.source = lib.mkForce (pkgs.writeText "pkexec" ""); } -- cgit v1.2.3 From a6c74f87d1075d06bc9215db128479b74297ac7e Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 27 May 2022 20:13:03 +0200 Subject: news: youtube-dl -> yt-dlp --- krebs/2configs/news.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/2configs/news.nix b/krebs/2configs/news.nix index 1f966bf2..9e2cec10 100644 --- a/krebs/2configs/news.nix +++ b/krebs/2configs/news.nix @@ -164,7 +164,7 @@ if [ ''${#youtube_url} -eq 24 ]; then youtube_id=$youtube_url else - youtube_id=$(${pkgs.youtube-dl}/bin/youtube-dl --max-downloads 1 -j "$youtube_url" | ${pkgs.jq}/bin/jq -r '.channel_id') + youtube_id=$(${pkgs.yt-dlp}/bin/yt-dlp --max-downloads 1 -j "$youtube_url" | ${pkgs.jq}/bin/jq -r '.channel_id') fi echo "brockman: add yt_$youtube_nick http://rss.r/?action=display&bridge=Youtube&context=By+channel+id&c=$youtube_id&duration_min=&duration_max=&format=Mrss" ''; -- cgit v1.2.3 From 9e36a59fb16d7c4eb5dacae77069403790302aa1 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 28 May 2022 12:11:37 +0200 Subject: container-networking: NAT to con* --- krebs/2configs/container-networking.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/2configs/container-networking.nix b/krebs/2configs/container-networking.nix index fa448880..bf3fe711 100644 --- a/krebs/2configs/container-networking.nix +++ b/krebs/2configs/container-networking.nix @@ -1,7 +1,7 @@ { lib, ... }: { networking.nat.enable = true; - networking.nat.internalInterfaces = ["ve-+"]; + networking.nat.internalInterfaces = ["ve-+" "ctr+" ]; networking.nat.externalInterface = lib.mkDefault "et0"; networking.networkmanager.unmanaged = [ "interface-name:ve-*" ]; } -- cgit v1.2.3 From d9fe5d46299206730e88ba61a32f4a34c6eea44c Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 28 May 2022 12:13:38 +0200 Subject: matterbridge: remove mumble bridge --- krebs/2configs/matterbridge.nix | 9 --------- 1 file changed, 9 deletions(-) (limited to 'krebs') diff --git a/krebs/2configs/matterbridge.nix b/krebs/2configs/matterbridge.nix index 9c0908de..a68aa292 100644 --- a/krebs/2configs/matterbridge.nix +++ b/krebs/2configs/matterbridge.nix @@ -19,11 +19,6 @@ inherit Nick; }; }; - mumble.lassulus = { - Server = "lassul.us:64738"; - Nick = "krebs_bridge"; - SkipTLSVerify = true; - }; gateway = [ { name = "krebs-bridge"; @@ -37,10 +32,6 @@ account = "telegram.krebs"; channel = "-330372458"; } - { - account = "mumble.lassulus"; - channel = 6; # "nixos" - } ]; } ]; -- cgit v1.2.3 From 3c2e24df1cb4a80481fa2c123fa910692c4f21a2 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 28 May 2022 12:19:51 +0200 Subject: acl: run mkdir, skip / --- krebs/3modules/acl.nix | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) (limited to 'krebs') diff --git a/krebs/3modules/acl.nix b/krebs/3modules/acl.nix index 9cdbb6cf..d2370649 100644 --- a/krebs/3modules/acl.nix +++ b/krebs/3modules/acl.nix @@ -1,7 +1,7 @@ { config, lib, pkgs, ... }: let parents = dir: if dir == "/" then - [ dir ] + [] else [ dir ] ++ parents (builtins.dirOf dir) ; @@ -40,13 +40,16 @@ in { pkgs.coreutils ]; serviceConfig = { - ExecStart = pkgs.writers.writeDash "acl" (lib.concatStrings ( - lib.mapAttrsToList (_: rule: '' - setfacl -${lib.optionalString rule.recursive "R"}m ${rule.rule} ${path} - ${lib.optionalString rule.default "setfacl -${lib.optionalString rule.recursive "R"}dm ${rule.rule} ${path}"} - ${lib.optionalString rule.parents (lib.concatMapStringsSep "\n" (folder: "setfacl -m ${rule.rule} ${folder}") (parents path))} - '') rules - )); + ExecStart = pkgs.writers.writeDash "acl" '' + mkdir -p "${path}" + ${lib.concatStrings ( + lib.mapAttrsToList (_: rule: '' + setfacl -${lib.optionalString rule.recursive "R"}m ${rule.rule} ${path} + ${lib.optionalString rule.default "setfacl -${lib.optionalString rule.recursive "R"}dm ${rule.rule} ${path}"} + ${lib.optionalString rule.parents (lib.concatMapStringsSep "\n" (folder: "setfacl -m ${rule.rule} ${folder}") (parents (builtins.dirOf path)))} + '') rules + )} + ''; RemainAfterExit = true; Type = "simple"; }; -- cgit v1.2.3 From ea3c3d52f7ddd7d770f28315b444efb0fc931ec5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 28 May 2022 16:20:56 +0200 Subject: agenda.r: add kri.r alias --- krebs/2configs/reaktor2.nix | 1 + krebs/3modules/krebs/default.nix | 1 + 2 files changed, 2 insertions(+) (limited to 'krebs') diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix index 305d3140..205cc96f 100644 --- a/krebs/2configs/reaktor2.nix +++ b/krebs/2configs/reaktor2.nix @@ -148,6 +148,7 @@ in { services.nginx = { virtualHosts."agenda.r" = { + serverAliases = [ "kri.r" ]; locations."= /index.html".extraConfig = '' alias ${pkgs.writeText "agenda.html" '' diff --git a/krebs/3modules/krebs/default.nix b/krebs/3modules/krebs/default.nix index d58f0fba..854176f0 100644 --- a/krebs/3modules/krebs/default.nix +++ b/krebs/3modules/krebs/default.nix @@ -74,6 +74,7 @@ in { aliases = [ "hotdog.r" "agenda.r" + "kri.r" "build.r" "build.hotdog.r" "ca.r" -- cgit v1.2.3 From c79ecd830f86d2075cfbdb5cd2221b5536e07881 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 28 May 2022 16:34:01 +0200 Subject: realwallpaper: don't fail on fetch error --- krebs/5pkgs/simple/realwallpaper/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/5pkgs/simple/realwallpaper/default.nix b/krebs/5pkgs/simple/realwallpaper/default.nix index 2fbc7ff8..832e47f2 100644 --- a/krebs/5pkgs/simple/realwallpaper/default.nix +++ b/krebs/5pkgs/simple/realwallpaper/default.nix @@ -122,7 +122,7 @@ pkgs.writers.writeDashBin "generate-wallpaper" '' 'https://neo.sci.gsfc.nasa.gov/view.php?datasetId=MOD14A1_E_FIRE') & # regular fetches - fetch marker.json.tmp "$marker_url" + fetch marker.json.tmp "$marker_url" || : if [ -s marker.json.tmp ]; then mv marker.json.tmp marker.json fi -- cgit v1.2.3 From e02f6475da13a12b2489e4d5f69ec58fd41bfac4 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 29 May 2022 20:48:43 +0200 Subject: update-nixpkgs: 21.11 -> 22.05 --- krebs/update-nixpkgs.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/update-nixpkgs.sh b/krebs/update-nixpkgs.sh index bc421a75..59dbd91b 100755 --- a/krebs/update-nixpkgs.sh +++ b/krebs/update-nixpkgs.sh @@ -3,7 +3,7 @@ dir=$(dirname $0) oldrev=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/') nix-shell -p nix-prefetch-git --run 'nix-prefetch-git \ --url https://github.com/NixOS/nixpkgs \ - --rev refs/heads/nixos-21.11' \ + --rev refs/heads/nixos-22.05' \ > $dir/nixpkgs.json newrev=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/') git commit $dir/nixpkgs.json -m "nixpkgs: $oldrev -> $newrev" -- cgit v1.2.3 From 5264380174c8e826968fd6c5bd6f675dc6c7b01c Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 29 May 2022 20:49:49 +0200 Subject: nixpkgs: 06db2e2 -> d108690 --- krebs/nixpkgs.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'krebs') diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index 8e371efa..3e20b2a8 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "06db2e2197401b74fcf82d4e84be15b0b5851c7b", - "date": "2022-05-22T09:30:24-05:00", - "path": "/nix/store/6s5x7d30gcc48ryc2rym3gy17r626g25-nixpkgs", - "sha256": "0p3c9gjjdr1gz55al2s5yhh59kx8fqbgzhw4cab3mqair9h84m4j", + "rev": "d1086907f56c5a6c33c0c2e8dc9f42ef6988294f", + "date": "2022-05-28T12:29:49+02:00", + "path": "/nix/store/56gsa390lyiik6jdapnj98a2ww8af8ig-nixpkgs", + "sha256": "009dc0njvdn5pzcyd8bp4sc9byf70w4msdkv6q2zfdlnh36im1jl", "fetchLFS": false, "fetchSubmodules": false, "deepClone": false, -- cgit v1.2.3 From 0501d689a1d3c54035bea7cb8fe0ca01e1d87b98 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 1 Jun 2022 11:15:55 +0200 Subject: brockman: 4.0.3 -> 4.0.4 --- krebs/5pkgs/haskell/brockman/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'krebs') diff --git a/krebs/5pkgs/haskell/brockman/default.nix b/krebs/5pkgs/haskell/brockman/default.nix index 8a2311a2..6a0c7f9d 100644 --- a/krebs/5pkgs/haskell/brockman/default.nix +++ b/krebs/5pkgs/haskell/brockman/default.nix @@ -7,19 +7,19 @@ }: mkDerivation rec { pname = "brockman"; - version = "4.0.3"; + version = "4.0.4"; src = fetchFromGitHub { owner = "kmein"; repo = "brockman"; rev = version; - sha256 = "sha256-rjwroSG9ys0FV2JM70kzmCutMVpUTx8cQ+jQq8Hw1kw="; + sha256 = "sha256-GOEEUjehFgMMf6cNpi0AP/Rz74sTDEcpKRbLD+6YEz0="; }; isLibrary = false; isExecutable = true; executableHaskellDepends = [ aeson aeson-pretty base bytestring case-insensitive conduit containers directory feed filepath hashable hslogger html-entity - http-client irc-conduit lens lrucache lrucaching network + http-client irc-conduit lens lrucache network optparse-applicative random safe text time timerep wreq ]; license = lib.licenses.mit; -- cgit v1.2.3 From 0966b595c6236f6ad7629b74e2ceb7a54a608a79 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 1 Jun 2022 11:20:30 +0200 Subject: reaktor2: 0.4.0 -> 0.4.0a --- krebs/5pkgs/haskell/reaktor2/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'krebs') diff --git a/krebs/5pkgs/haskell/reaktor2/default.nix b/krebs/5pkgs/haskell/reaktor2/default.nix index d41d8d81..9ff2bd88 100644 --- a/krebs/5pkgs/haskell/reaktor2/default.nix +++ b/krebs/5pkgs/haskell/reaktor2/default.nix @@ -8,11 +8,11 @@ }: mkDerivation rec { pname = "reaktor2"; - version = "0.4.0"; + version = "0.4.0a"; src = fetchgit { - url = "https://cgit.krebsco.de/reaktor2"; - sha256 = "0bnn23hjl57y0a5rf3h8kq078dziby7il7fandz5wh6s4i3psicp"; - rev = "v${version}"; + url = "https://cgit.lassul.us/reaktor2"; + sha256 = "sha256-x1i2TWcycYVFij6832xaBiQa1RQ1VmSfu5Qt1QrUtds="; + rev = "6d3eb6de5e770ee26874bb7449934f0c55bd1efa"; fetchSubmodules = true; }; isLibrary = false; -- cgit v1.2.3 From d3c06d9667264d1d3f199f0d9abab7e7b04d3885 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 5 Jun 2022 10:01:10 +0200 Subject: weechat-declarative: write commands to extra file --- krebs/5pkgs/simple/weechat-declarative/default.nix | 85 +++++++++++++--------- 1 file changed, 50 insertions(+), 35 deletions(-) (limited to 'krebs') diff --git a/krebs/5pkgs/simple/weechat-declarative/default.nix b/krebs/5pkgs/simple/weechat-declarative/default.nix index e6ecfd63..5f9c8635 100644 --- a/krebs/5pkgs/simple/weechat-declarative/default.nix +++ b/krebs/5pkgs/simple/weechat-declarative/default.nix @@ -109,45 +109,60 @@ let }; }; + setFile = pkgs.writeText "weechat.set" ( + lib.optionalString (cfg.settings != {}) + (lib.concatStringsSep "\n" ( + lib.optionals + (cfg.settings.irc or {} != {}) + (lib.mapAttrsToList + (name: server: "/server add ${name} ${lib.toWeechatValue server.addresses}") + cfg.settings.irc.server) + ++ + lib.optionals + (cfg.settings.matrix or {} != {}) + (lib.mapAttrsToList + (name: server: "/matrix server add ${name} ${server.address}") + cfg.settings.matrix.server) + ++ + lib.mapAttrsToList lib.setCommand (lib.attrPathsSep "." cfg.settings) + ++ + lib.optionals + (cfg.settings.filters or {} != {}) + (lib.mapAttrsToList lib.filterAddreplace cfg.settings.filters) + ++ + lib.singleton cfg.extraCommands + )) + ); + weechat = pkgs.weechat.override { configure = _: { - init = lib.optionalString (cfg.settings != {}) - (lib.concatStringsSep "\n" ( - lib.optionals - (cfg.settings.irc or {} != {}) - (lib.mapAttrsToList - (name: server: "/server add ${name} ${server.address}") - cfg.settings.irc.server) - ++ - lib.optionals - (cfg.settings.matrix or {} != {}) - (lib.mapAttrsToList - (name: server: "/matrix server add ${name} ${server.address}") - cfg.settings.matrix.server) - ++ - lib.mapAttrsToList lib.setCommand (lib.attrPathsSep "." cfg.settings) - ++ - lib.optionals - (cfg.settings.filters or {} != {}) - (lib.mapAttrsToList lib.filterAddreplace cfg.settings.filters) - ++ - lib.singleton cfg.extraCommands - )); + init = "/exec -oc cat ${setFile}"; scripts = cfg.scripts; }; }; -in pkgs.writers.writeDashBin "weechat" '' - CONFDIR=''${XDG_CONFIG_HOME:-$HOME/.config}/weechat - ${pkgs.coreutils}/bin/mkdir -p "$CONFDIR" - ${lib.concatStringsSep "\n" - (lib.mapAttrsToList - (name: target: /* sh */ '' - ${pkgs.coreutils}/bin/ln -s ${lib.escapeShellArg target} "$CONFDIR"/${lib.escapeShellArg name} - '') - cfg.files - ) - } - exec ${weechat}/bin/weechat "$@" -'' + wrapper = pkgs.writers.writeDashBin "weechat" '' + CONFDIR=''${XDG_CONFIG_HOME:-$HOME/.config}/weechat + ${pkgs.coreutils}/bin/mkdir -p "$CONFDIR" + ${lib.concatStringsSep "\n" + (lib.mapAttrsToList + (name: target: /* sh */ '' + ${pkgs.coreutils}/bin/ln -s ${lib.escapeShellArg target} "$CONFDIR"/${lib.escapeShellArg name} + '') + cfg.files + ) + } + exec ${weechat}/bin/weechat "$@" + ''; + +in pkgs.symlinkJoin { + name = "weechat-configured"; + paths = [ + wrapper + pkgs.weechat + ]; + postBuild = '' + ln -s ${setFile} $out/weechat.set + ''; +} -- cgit v1.2.3