diff options
Diffstat (limited to '3modules')
| -rw-r--r-- | 3modules/krebs/default.nix | 308 | ||||
| -rw-r--r-- | 3modules/krebs/git.nix (renamed from 3modules/tv/git.nix) | 33 | ||||
| -rw-r--r-- | 3modules/krebs/github-hosts-sync.nix (renamed from 3modules/tv/github-hosts-sync.nix) | 8 | ||||
| -rw-r--r-- | 3modules/krebs/nginx.nix (renamed from 3modules/tv/nginx.nix) | 7 | ||||
| -rw-r--r-- | 3modules/krebs/retiolum.nix (renamed from 3modules/tv/retiolum.nix) | 60 | ||||
| -rw-r--r-- | 3modules/krebs/urlwatch.nix (renamed from 3modules/tv/urlwatch.nix) | 6 | ||||
| -rw-r--r-- | 3modules/makefu/default.nix | 19 | ||||
| -rw-r--r-- | 3modules/tv/consul.nix | 1 | ||||
| -rw-r--r-- | 3modules/tv/default.nix | 9 | ||||
| -rw-r--r-- | 3modules/tv/identity.nix | 88 |
10 files changed, 399 insertions, 140 deletions
diff --git a/3modules/krebs/default.nix b/3modules/krebs/default.nix new file mode 100644 index 000000000..33c108811 --- /dev/null +++ b/3modules/krebs/default.nix @@ -0,0 +1,308 @@ +{ config, lib, ... }: + +with import ../../4lib/krebs { inherit lib; }; +let + cfg = config.krebs; + + out = { + imports = [ + ./github-hosts-sync.nix + ./git.nix + ./nginx.nix + ./retiolum.nix + ./urlwatch.nix + ]; + options.krebs = api; + config = mkIf cfg.enable imp; + }; + + api = { + enable = mkEnableOption "krebs"; + + build = mkOption { + type = types.submodule { + options = { + host = mkOption { + type = types.host; + }; + user = mkOption { + type = types.user; + }; + }; + }; + # Define defaul value, so unset values of the submodule get reported. + default = {}; + }; + + hosts = mkOption { + type = with types; attrsOf host; + }; + + users = mkOption { + type = with types; attrsOf user; + }; + + # XXX is there a better place to define search-domain? + # TODO search-domains :: listOf hostname + search-domain = mkOption { + type = types.hostname; + default = ""; + example = "retiolum"; + }; + }; + + imp = mkMerge [ + { krebs = lass-imp; } + { krebs = makefu-imp; } + { krebs = tv-imp; } + { + # XXX This overlaps with krebs.retiolum + networking.extraHosts = + let + # TODO move domain name providers to a dedicated module + # providers : tree label providername + providers = { + internet = "hosts"; + retiolum = "hosts"; + de.viljetic = "regfish"; + de.krebsco = "ovh"; + }; + + # splitByProvider : [alias] -> listset providername alias + splitByProvider = foldl (acc: alias: listset-insert (providerOf alias) alias acc) {}; + + # providerOf : alias -> providername + providerOf = alias: + tree-get (splitString "." alias) providers; + in + concatStringsSep "\n" (flatten ( + # TODO deepMap ["hosts" "nets"] (hostname: host: netname: net: + mapAttrsToList (hostname: host: + mapAttrsToList (netname: net: + let + aliases = toString (unique (longs ++ shorts)); + longs = (splitByProvider net.aliases).hosts; + shorts = map (removeSuffix ".${cfg.search-domain}") longs; + in + map (addr: "${addr} ${aliases}") net.addrs + ) host.nets + ) config.krebs.hosts + )); + } + ]; + + lass-imp = { + hosts = addNames { + }; + users = addNames { + lass = { + pubkey = readFile ../../Zpubkeys/lass.ssh.pub; + }; + uriel = { + pubkey = readFile ../../Zpubkeys/uriel.ssh.pub; + }; + }; + }; + + makefu-imp = { + hosts = addNames { + pnp = { + cores = 1; + dc = "makefu"; #vm on 'omo' + nets = { + retiolum = { + addrs4 = ["10.243.0.210"]; + addrs6 = ["42:f9f1:0000:0000:0000:0000:0000:0001"]; + aliases = [ + "pnp.retiolum" + "cgit.pnp.retiolum" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAugkgEK4iy2C5+VZHwhjj/q3IOhhazE3TYHuipz37KxHWX8ZbjH+g + Ewtm79dVysujAOX8ZqV8nD8JgDAvkIZDp8FCIK0/rgckhpTsy1HVlHxa7ECrOS8V + pGz4xOxgcPFRbv5H2coHtbnfQc4GdA5fcNedQ3BP3T2Tn7n/dbbVs30bOP5V0EMR + SqZwNmtqaDQxOvjpPg9EoHvAYTevrpbbIst9UzCyvmNli9R+SsiDrzEPgB7zOc4T + TG12MT+XQr6JUu4jPpzdhb6H/36V6ADCIkBjzWh0iSfWGiFDQFinD+YSWbA1NOTr + Qtd1I3Ov+He7uc2Z719mb0Og2kCGnCnPIwIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + }; + users = addNames { + makefu = { + pubkey = readFile ../../Zpubkeys/makefu_arch.ssh.pub; + }; + }; + }; + + tv-imp = { + hosts = addNames { + cd = { + cores = 2; + dc = "tv"; #dc = "cac"; + nets = rec { + internet = { + addrs4 = ["162.219.7.216"]; + aliases = [ + "cd.internet" + "cd.viljetic.de" + "cgit.cd.viljetic.de" + "cd.krebsco.de" + ]; + }; + retiolum = { + via = internet; + addrs4 = ["10.243.113.222"]; + addrs6 = ["42:4522:25f8:36bb:8ccb:0150:231a:2af3"]; + aliases = [ + "cd.retiolum" + "cgit.cd.retiolum" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAvmCBVNKT/Su4v9nl/Nm3STPo5QxWPg7xEkzIs3Oh39BS8+r6/7UQ + rebib7mczb+ebZd+Rg2yFoGrWO8cmM0VcLy5bYRMK7in8XroLEjWecNNM4TRfNR4 + e53+LhcPdkxo0A3/D+yiut+A2Mkqe+4VXDm/JhAiAYkZTn7jUtj00Atrc7CWW1gN + sP3jIgv4+CGftdSYOB4dm699B7OD9XDLci2kOaFqFl4cjDYUok03G0AduUlRx10v + CKbKOTIdm8C36A902/3ms+Hyzkruu+VagGIZuPSwqXHJPCu7Ju+jarKQstMmpQi0 + PubweWDL0o/Dfz2qT3DuL4xDecIvGE6kv3m41hHJYiK+2/azTSehyPFbsVbL7w0V + LgKN3usnZNcpTsBWxRGT7nMFSnX2FLDu7d9OfCuaXYxHVFLZaNrpccOq8NF/7Hbk + DDW81W7CvLyJDlp0WLnAawSOGTUTPoYv/2wAapJ89i8QGCueGvEc6o2EcnBVMFEW + ejWTQzyD816f4RsplnrRqLVlIMbr9Q/n5TvlgjjhX7IMEfMy4+7qLGRQkNbFzgwK + jxNG2fFSCjOEQitm0gAtx7QRIyvYr6c7/xiHz4AwxYzBmvQsL/OK57NO4+Krwgj5 + Vk8TQ2jGO7J4bB38zaxK+Lrtfl8i1AK1171JqFMhOc34JSJ7T4LWDMECAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + mkdir = { + cores = 1; + dc = "tv"; #dc = "cac"; + nets = rec { + internet = { + addrs4 = ["162.248.167.241"]; + aliases = [ + "mkdir.internet" + ]; + }; + retiolum = { + via = internet; + addrs4 = ["10.243.113.223"]; + addrs6 = ["42:4522:25f8:36bb:8ccb:0150:231a:2af4"]; + aliases = [ + "mkdir.retiolum" + "cgit.mkdir.retiolum" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAuyfM+3od75zOYXqnqRMAt+yp/4z/vC3vSWdjUvEmCuM23c5BOBw+ + dKqbWoSPTzOuaQ0szdL7a6YxT+poSUXd/i3pPz59KgCl192rd1pZoJKgvoluITev + voYSP9rFQOUrustfDb9qKW/ZY95cwdCvypo7Vf4ghxwDCnlmyCGz7qXTJMLydNKF + 2PH9KiY4suv15sCg/zisu+q0ZYQXUc1TcgpoIYBOftDunOJoNdbti+XjwWdjGmJZ + Bn4GelsrrpwJFvfDmouHUe8GsD7nTgbZFtiJbKfCEiK16N0Q0d0ZFHhAV2nPjsk2 + 3JhG4n9vxATBkO82f7RLrcrhkx9cbLfN3wIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + nomic = { + cores = 2; + dc = "tv"; #dc = "gg23"; + nets = rec { + retiolum = { + addrs4 = ["10.243.0.110"]; + addrs6 = ["42:02d5:733f:d6da:c0f5:2bb7:2b18:09ec"]; + aliases = [ + "nomic.retiolum" + "cgit.nomic.retiolum" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAwb8Yk/YRc17g2J9n960p6j4W/l559OPyuMPdGJ4DmCm3WNQtxoa+ + qTFUiDiI85BcmfqnSeddLG8zTC2XnSlIvCRMJ9oKzppFM4PX4OTAaJZVE5WyCQhw + Kd4tHVdoQgJW5yFepmT9IUmHqkxXJ0R2W93l2eSZNOcnFvFn0ooiAlRi4zAiHClu + 5Mz80Sc2rvez+n9wtC2D06aYjP23pHYld2xighHR9SUqX1dFzgSXNSoWWCcgNp2a + OKcM8LzxLV7MTMZFOJCJndZ77e4LsUvxhQFP6nyKZWg30PC0zufZsuN5o2xsWSlA + Wi9sMB1AUR6mZrxgcgTFpUjbjbLQf+36CwIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + secure = true; + }; + rmdir = { + cores = 1; + dc = "tv"; #dc = "cac"; + nets = rec { + internet = { + addrs4 = ["167.88.44.94"]; + aliases = [ + "rmdir.internet" + ]; + }; + retiolum = { + via = internet; + addrs4 = ["10.243.113.224"]; + addrs6 = ["42:4522:25f8:36bb:8ccb:0150:231a:2af5"]; + aliases = [ + "rmdir.retiolum" + "cgit.rmdir.retiolum" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA+twy4obSbJdmZLfBoe9YYeyoDnXkO/WPa2D6Eh6jXrWk5fbhBjRf + i3EAQfLiXXFJX3E8V8YvJyazXklI19jJtCLDiu/F5kgJJfyAkWHH+a/hcg7qllDM + Xx2CvS/nCbs+p48/VLO6zLC7b1oHu3K/ob5M5bwPK6j9NEDIL5qYiM5PQzV6zryz + hS9E/+l8Z+UUpYcfS3bRovXJAerB4txc/gD3Xmptq1zk53yn1kJFYfVlwyyz+NEF + 59JZj2PDrvWoG0kx/QjiNurs6XfdnyHe/gP3rmSTrihKFVuA3cZM62sDR4FcaeWH + SnKSp02pqjBOjC/dOK97nXpKLJgNH046owIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + wu = { + cores = 4; + # TODO wu is mobile, so dc means "home data center" + dc = "tv"; #dc = "gg23"; + nets = { + retiolum = { + addrs4 = ["10.243.13.37"]; + addrs6 = ["42:0:0:0:0:0:0:1337"]; + aliases = [ + "wu.retiolum" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEArDvU0cuBsVqTjCX2TlWL4XHSy4qSjUhjrDvUPZSKTVN7x6OENCUn + M27g9H7j4/Jw/8IHoJLiKnXHavOoc9UJM+P9Fla/4TTVADr69UDSnLgH+wGiHcEg + GxPkb2jt0Z8zcpD6Fusj1ATs3sssaLHTHvg1D0LylEWA3cI4WPP13v23PkyUENQT + KpSWfR+obqDl38Q7LuFi6dH9ruyvqK+4syddrBwjPXrcNxcGL9QbDn7+foRNiWw4 + 4CE5z25oGG2iWMShI7fe3ji/fMUAl7DSOOrHVVG9eMtpzy+uI8veOHrdTax4oKik + AFGCrMIov3F0GIeu3nDlrTIZPZDTodbFKQIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + secure = true; + }; + }; + users = addNames { + mv = { + mail = "mv@cd.retiolum"; + pubkey = readFile ../../Zpubkeys/mv_vod.ssh.pub; + }; + tv = { + mail = "tv@wu.retiolum"; + pubkey = readFile ../../Zpubkeys/tv_wu.ssh.pub; + }; + }; + }; + +in +out diff --git a/3modules/tv/git.nix b/3modules/krebs/git.nix index 8c73d0354..604645189 100644 --- a/3modules/tv/git.nix +++ b/3modules/krebs/git.nix @@ -6,16 +6,16 @@ # TODO when authorized_keys changes, then restart ssh # (or kill already connected users somehow) -with builtins; -with lib; +with import ../../4lib/krebs { inherit lib; }; let - cfg = config.tv.git; + cfg = config.krebs.git; out = { + # TODO don't import krebs.nginx here imports = [ - ../../3modules/tv/nginx.nix + ../../3modules/krebs/nginx.nix ]; - options.tv.git = api; + options.krebs.git = api; config = mkIf cfg.enable (mkMerge [ (mkIf cfg.cgit cgit-imp) git-imp @@ -23,12 +23,20 @@ let }; api = { - enable = mkEnableOption "tv.git"; + enable = mkEnableOption "krebs.git"; cgit = mkOption { type = types.bool; default = true; - description = "Enable cgit."; # TODO better desc; talk about nginx + description = '' + Enable cgit. + Cgit is an attempt to create a fast web interface for the git version + control system, using a built in cache to decrease pressure on the + git server. + cgit in this module is being served via fastcgi nginx.This module + deploys a http://cgit.<hostname> nginx configuration and enables nginx + if not yet enabled. + ''; }; dataDir = mkOption { type = types.str; @@ -64,6 +72,7 @@ let }; hooks = mkOption { type = types.attrsOf types.str; + default = {}; description = '' Repository-specific hooks. ''; @@ -118,9 +127,6 @@ let rules = mkOption { type = types.unspecified; }; - users = mkOption { - type = types.unspecified; - }; }; git-imp = { @@ -148,7 +154,8 @@ let name = "git"; shell = "/bin/sh"; openssh.authorizedKeys.keys = - mapAttrsToList (_: makeAuthorizedKey git-ssh-command) cfg.users; + mapAttrsToList (_: makeAuthorizedKey git-ssh-command) + config.krebs.users; uid = 129318403; # genid git }; }; @@ -210,7 +217,7 @@ let chown ${toString fcgitwrap-user.uid}:${toString fcgitwrap-group.gid} /tmp/cgit ''; - tv.nginx = { + krebs.nginx = { enable = true; servers.cgit = { server-names = [ @@ -254,7 +261,7 @@ let isPublicRepo = getAttr "public"; # TODO this is also in ./cgit.nix - makeAuthorizedKey = git-ssh-command: user@{ name, pubkey }: + makeAuthorizedKey = git-ssh-command: user@{ name, pubkey, ... }: # TODO assert name # TODO assert pubkey let diff --git a/3modules/tv/github-hosts-sync.nix b/3modules/krebs/github-hosts-sync.nix index f50bf2b1b..c3b56ef94 100644 --- a/3modules/tv/github-hosts-sync.nix +++ b/3modules/krebs/github-hosts-sync.nix @@ -3,15 +3,15 @@ with builtins; with lib; let - cfg = config.tv.github-hosts-sync; + cfg = config.krebs.github-hosts-sync; out = { - options.tv.github-hosts-sync = api; + options.krebs.github-hosts-sync = api; config = mkIf cfg.enable imp; }; api = { - enable = mkEnableOption "tv.github-hosts-sync"; + enable = mkEnableOption "krebs.github-hosts-sync"; port = mkOption { type = types.int; # TODO port type default = 1028; @@ -78,6 +78,6 @@ let uid = 3220554646; # genid github-hosts-sync }; - Zpkgs = import ../../Zpkgs/tv { inherit pkgs; }; + Zpkgs = import ../../Zpkgs/krebs { inherit pkgs; }; in out diff --git a/3modules/tv/nginx.nix b/3modules/krebs/nginx.nix index a58c49520..702e8a7f6 100644 --- a/3modules/tv/nginx.nix +++ b/3modules/krebs/nginx.nix @@ -3,21 +3,22 @@ with builtins; with lib; let - cfg = config.tv.nginx; + cfg = config.krebs.nginx; out = { - options.tv.nginx = api; + options.krebs.nginx = api; config = mkIf cfg.enable imp; }; api = { - enable = mkEnableOption "tv.nginx"; + enable = mkEnableOption "krebs.nginx"; servers = mkOption { type = with types; attrsOf optionSet; options = singleton { server-names = mkOption { type = with types; listOf str; + # TODO use identity default = [ "${config.networking.hostName}" "${config.networking.hostName}.retiolum" diff --git a/3modules/tv/retiolum.nix b/3modules/krebs/retiolum.nix index ca1418c32..481d6565c 100644 --- a/3modules/tv/retiolum.nix +++ b/3modules/krebs/retiolum.nix @@ -3,15 +3,15 @@ with builtins; with lib; let - cfg = config.tv.retiolum; + cfg = config.krebs.retiolum; out = { - options.tv.retiolum = api; + options.krebs.retiolum = api; config = mkIf cfg.enable imp; }; api = { - enable = mkEnableOption "tv.retiolum"; + enable = mkEnableOption "krebs.retiolum"; name = mkOption { type = types.str; @@ -57,9 +57,9 @@ let }; hosts = mkOption { - default = null; + type = with types; either package path; + default = ../../Zhosts; description = '' - Hosts package or path to use. If a path is given, then it will be used to generate an ad-hoc package. ''; }; @@ -76,13 +76,21 @@ let # bad unsafe permissions... type = types.str; default = "/root/src/secrets/retiolum.rsa_key.priv"; - description = "Generate file with <literal>tincd -K</literal>."; + description = '' + Generate file with <literal>tincd -K</literal>. + This file must exist on the local system. The default points to + <secrets/retiolum.rsa_key.priv>. + ''; }; connectTo = mkOption { type = types.listOf types.str; - default = [ "fastpoke" "pigstarter" "kheurop" ]; - description = "TODO describe me"; + default = [ "fastpoke" "pigstarter" "gum" ]; + description = '' + The list of hosts in the network which the client will try to connect + to. These hosts should have an 'Address' configured which points to a + routeable IPv4 or IPv6 address. + ''; }; }; @@ -123,24 +131,20 @@ let }; tinc = cfg.tincPackage; - hostsType = builtins.typeOf cfg.hosts; - hosts = - if hostsType == "package" then - # use package as is - cfg.hosts - else if hostsType == "path" then - # use path to generate a package - pkgs.stdenv.mkDerivation { - name = "custom-retiolum-hosts"; - src = cfg.hosts; - installPhase = '' - mkdir $out - find . -name .git -prune -o -type f -print0 | xargs -0 cp --target-directory $out - ''; - } - else - abort "The option `services.retiolum.hosts' must be set to a package or a path" - ; + + hosts = getAttr (typeOf cfg.hosts) { + package = cfg.hosts; + path = pkgs.stdenv.mkDerivation { + name = "custom-retiolum-hosts"; + src = cfg.hosts; + installPhase = '' + mkdir $out + find . -name .git -prune -o -type f -print0 \ + | xargs -0 cp --target-directory $out + ''; + }; + }; + iproute = cfg.iproutePackage; retiolumExtraHosts = import (pkgs.runCommand "retiolum-etc-hosts" @@ -218,5 +222,5 @@ let chmod +x $out/tinc-up ''; -in -out + +in out diff --git a/3modules/tv/urlwatch.nix b/3modules/krebs/urlwatch.nix index a659fc74f..58de72fc6 100644 --- a/3modules/tv/urlwatch.nix +++ b/3modules/krebs/urlwatch.nix @@ -8,16 +8,16 @@ with builtins; with lib; let - cfg = config.tv.urlwatch; + cfg = config.krebs.urlwatch; # TODO assert sendmail's existence out = { - options.tv.urlwatch = api; + options.krebs.urlwatch = api; config = mkIf cfg.enable imp; }; api = { - enable = mkEnableOption "tv.urlwatch"; + enable = mkEnableOption "krebs.urlwatch"; dataDir = mkOption { type = types.str; diff --git a/3modules/makefu/default.nix b/3modules/makefu/default.nix new file mode 100644 index 000000000..45ca8c3eb --- /dev/null +++ b/3modules/makefu/default.nix @@ -0,0 +1,19 @@ +{ config, lib, ... }: + +with import ../../4lib/krebs { inherit lib; }; +let + cfg = config.krebs; + + out = { + imports = [ + ]; + options.krebs = api; + config = mkIf cfg.enable imp; + }; + + api = { }; + + imp = { }; + +in +out diff --git a/3modules/tv/consul.nix b/3modules/tv/consul.nix index 312faa02f..4e54c2ab0 100644 --- a/3modules/tv/consul.nix +++ b/3modules/tv/consul.nix @@ -10,7 +10,6 @@ let cfg = config.tv.consul; out = { - imports = [ ../../3modules/tv/iptables.nix ]; options.tv.consul = api; config = mkIf cfg.enable (mkMerge [ imp diff --git a/3modules/tv/default.nix b/3modules/tv/default.nix new file mode 100644 index 000000000..bb10d8261 --- /dev/null +++ b/3modules/tv/default.nix @@ -0,0 +1,9 @@ +_: + +{ + imports = [ + ./consul.nix + ./ejabberd.nix + ./iptables.nix + ]; +} diff --git a/3modules/tv/identity.nix b/3modules/tv/identity.nix deleted file mode 100644 index 9a83908a6..000000000 --- a/3modules/tv/identity.nix +++ /dev/null @@ -1,88 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ../../4lib/tv { inherit lib pkgs; }; -let - cfg = config.tv.identity; - - out = { - options.tv.identity = api; - config = mkIf cfg.enable imp; - }; - - api = { - enable = mkEnableOption "tv.identity"; - - self = mkOption { - type = types.host; - }; - - #others = mkOption { - # type = types.host; - # default = filterAttrs (name: _host: name != cfg.self.name) cfg.hosts; - #}; - - hosts = mkOption { - type = with types; attrsOf host; - apply = mapAttrs (name: value: value // { inherit name; }); - }; - - search = mkOption { - type = types.hostname; - }; - }; - - imp = { - networking.extraHosts = - concatStringsSep "\n" (flatten ( - # TODO deepMap ["hosts" "nets"] (hostname: host: netname: net: - mapAttrsToList (hostname: host: - mapAttrsToList (netname: net: - let - aliases = toString (unique (longs ++ shorts)); - longs = (splitByProvider net.aliases).hosts; - shorts = map (removeSuffix ".${cfg.search}") longs; - in - map (addr: "${addr} ${aliases}") net.addrs - ) host.nets - ) cfg.hosts - )); - }; - - # TODO move domain name providers to a dedicated module - # providers : tree label providername - providers = { - internet = "hosts"; - retiolum = "hosts"; - de.viljetic = "regfish"; - de.krebsco = "ovh"; - de.habsys = "hosts"; - de.pixelpocket = "hosts"; - de.karlaskop = "hosts"; - de.ubikmedia = "hosts"; - de.apanowicz = "hosts"; - de.aidsballs = "hosts"; - }; - - # splitByProvider : [alias] -> set providername [alias] - splitByProvider = foldl (acc: alias: insert (providerOf alias) alias acc) {}; - - # providerOf : alias -> providername - providerOf = alias: - tree-get (splitString "." alias) providers; - - # insert : k -> v -> set k [v] -> set k [v] - insert = name: value: set: - set // { ${name} = set.${name} or [] ++ [value]; }; - - # tree k v = set k (either v (tree k v)) - - # tree-get : [k] -> tree k v -> v - tree-get = path: x: - let - y = x.${last path}; - in - if typeOf y != "set" - then y - else tree-get (init path) y; -in -out |