From 3ce3820553ddaf709d4a6aab50556ac619f5ba2f Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sat, 23 Jan 2021 20:44:52 +0100
Subject: l: init ecrypt

---
 lass/5pkgs/ecrypt/default.nix | 108 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 108 insertions(+)
 create mode 100644 lass/5pkgs/ecrypt/default.nix

(limited to 'lass/5pkgs')

diff --git a/lass/5pkgs/ecrypt/default.nix b/lass/5pkgs/ecrypt/default.nix
new file mode 100644
index 000000000..9bb35a8dc
--- /dev/null
+++ b/lass/5pkgs/ecrypt/default.nix
@@ -0,0 +1,108 @@
+{ pkgs, lib }:
+
+#usage: ecrypt mount /var/crypted /var/unencrypted
+pkgs.writers.writeDashBin "ecrypt" ''
+  set -euf
+  set -x
+
+  PATH=${lib.makeBinPath (with pkgs; [
+    coreutils
+    ecryptfs
+    gnused
+    gnugrep
+    jq
+    mount
+    keyutils
+    umount
+  ])}
+
+  # turn echo back on if killed
+  trap 'stty echo' INT
+
+  case "$1" in
+    init)
+      shift
+      mkdir -p "$1" "$2"
+
+      # abort if src or dest are not empty
+      if [ -e "$1"/.cfg.json ]; then
+        echo 'source dir is already configured, aborting'
+        exit 1
+      elif ls -1qA "$2" | grep -q .; then
+        echo 'destination dir is not empty, aborting'
+        exit 1
+      else
+        stty -echo
+        printf "passphrase: "
+        read  passphrase
+        stty echo
+        sig=$(echo "$passphrase" | ecryptfs-add-passphrase | grep 'Inserted auth tok' | sed 's/.*\[\(.*\)\].*/\1/')
+        mount -t ecryptfs \
+          -o ecryptfs_unlink_sigs,ecryptfs_fnek_sig="$sig",ecryptfs_key_bytes=16,ecryptfs_cipher=aes,ecryptfs_sig="$sig" \
+          "$1" "$2"
+
+        # add sig to json state file
+        jq -n --arg sig "$sig" '{ "sig": $sig }' > "$1"/.cfg.json
+      fi
+      ;;
+
+    mount)
+      shift
+      if ! [ -e "$1"/.cfg.json ]; then
+        echo '.cfg.json missing in src'
+        exit 1
+      fi
+      old_sig=$(cat "$1"/.cfg.json | jq -r .sig)
+
+      # check if key is already in keyring, otherwise add it
+      
+      if keyctl list @u | grep -q "$old_sig"; then
+        echo 'pw already saved'
+      else
+        stty -echo
+        printf "passphrase: "
+        read  passphrase
+        stty echo
+        new_sig=$(echo "$passphrase" | ecryptfs-add-passphrase | grep 'Inserted auth tok' | sed 's/.*\[\(.*\)\].*/\1/')
+
+        # check if passphrase matches sig
+        if [ "$old_sig" != "$new_sig" ]; then
+          echo 'passphrase does not match sig, bailing out'
+          new_keyid=$(keyctl list @u | grep "$new_sig" | sed 's/\([0-9]*\).*/\1/')
+          keyctl revoke "$new_keyid"
+          keyctl unlink "$new_keyid"
+          exit 1
+        fi
+      fi
+
+      sig=$old_sig
+      keyid=$(keyctl list @u | grep "$sig" | sed 's/\([0-9]*\).*/\1/')
+      if (ls -1qA "$2" | grep -q .); then
+        echo 'destination is not empty, bailing out'
+        exit 1
+      else
+        mount -i -t ecryptfs \
+          -o ecryptfs_passthrough=no,verbose=no,ecryptfs_unlink_sigs,ecryptfs_fnek_sig="$sig",ecryptfs_key_bytes=16,ecryptfs_cipher=aes,ecryptfs_sig="$sig" \
+          "$1" "$2"
+      fi
+      ;;
+
+    unmount)
+      shift
+
+      sig=$(cat "$1"/.cfg.json | jq -r .sig)
+      keyid=$(keyctl list @u | grep "$sig" | sed 's/\s*\([0-9]*\).*/\1/')
+
+      umount "$2" || :
+      keyctl revoke "$keyid"
+      keyctl unlink "$keyid"
+      ;;
+
+    *)
+      echo 'usage:
+        ecrypt init /tmp/src/ /tmp/dst/
+        ecrypt mount /tmp/src/ /tmp/dst/
+        ecrypt unmount /tmp/src/ /tmp/dst/
+      '
+  esac
+''
-- 
cgit v1.2.3


From 9a5e3cb731a9d4740067e43c787bdedfc3e70ebf Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sat, 23 Jan 2021 22:27:46 +0100
Subject: l: init tdlibpurple at 0.7.6

---
 lass/5pkgs/tdlib-purple/default.nix | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 lass/5pkgs/tdlib-purple/default.nix

(limited to 'lass/5pkgs')

diff --git a/lass/5pkgs/tdlib-purple/default.nix b/lass/5pkgs/tdlib-purple/default.nix
new file mode 100644
index 000000000..445839a4b
--- /dev/null
+++ b/lass/5pkgs/tdlib-purple/default.nix
@@ -0,0 +1,33 @@
+{ stdenv, fetchFromGitHub, cmake, tdlib, pidgin, libwebp, libtgvoip } :
+
+stdenv.mkDerivation rec {
+  pname = "tdlib-purple";
+  version = "0.7.6";
+
+  src = fetchFromGitHub {
+    owner = "ars3niy";
+    repo = pname;
+    rev = "v${version}";
+    sha256 = "1inamfzbrz0sy4y431jgwjfg6lz14a7c71khrg02481raxchhzzf";
+  };
+
+  cmakeFlags = [
+    "-Dtgvoip_INCLUDE_DIRS=${libtgvoip.dev}/include/tgvoip"
+  ];
+
+  nativeBuildInputs = [ cmake ];
+  buildInputs = [ pidgin tdlib libwebp libtgvoip ];
+
+  installPhase = ''
+    mkdir -p $out/lib/purple-2/
+    cp *.so $out/lib/purple-2/
+  '';
+
+  meta = with stdenv.lib; {
+    homepage = "https://github.com/ars3niy/tdlib-purple";
+    description = "New libpurple plugin for Telegram";
+    license = licenses.gpl2;
+    maintainers = [ maintainers.lassulus ];
+    platforms = platforms.linux;
+  };
+}
-- 
cgit v1.2.3


From 1fb17be4d16a0dff55b7f384047c8ed2c660164a Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sun, 24 Jan 2021 09:49:20 +0100
Subject: l: l-gen-secrets: use new ip syntax

---
 lass/5pkgs/l-gen-secrets/default.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'lass/5pkgs')

diff --git a/lass/5pkgs/l-gen-secrets/default.nix b/lass/5pkgs/l-gen-secrets/default.nix
index 85b050644..6cf28c3c2 100644
--- a/lass/5pkgs/l-gen-secrets/default.nix
+++ b/lass/5pkgs/l-gen-secrets/default.nix
@@ -29,7 +29,7 @@ pkgs.writeDashBin "l-gen-secrets" ''
       nets = {
         retiolum = {
           ip4.addr = "10.243.0.changeme";
-          ip6.addr = "42:0:0:0:0:0:0:changeme";
+          ip6.addr = r6 "changeme";
           aliases = [
             "$HOSTNAME.r"
           ];
@@ -38,7 +38,7 @@ pkgs.writeDashBin "l-gen-secrets" ''
           ${"''"};
         };
         wiregrill = {
-          ip6.addr = (wip6 "changeme").address;
+          ip6.addr = w6 "changeme";
           aliases = [
             "$HOSTNAME.w"
           ];
-- 
cgit v1.2.3


From 5433345ad4c042313d30709b413d12dbbda3ed99 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sun, 24 Jan 2021 10:23:23 +0100
Subject: l: move ecryptfs-hack to wrapper

---
 lass/5pkgs/ecrypt/default.nix | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'lass/5pkgs')

diff --git a/lass/5pkgs/ecrypt/default.nix b/lass/5pkgs/ecrypt/default.nix
index 9bb35a8dc..f83f8cfe7 100644
--- a/lass/5pkgs/ecrypt/default.nix
+++ b/lass/5pkgs/ecrypt/default.nix
@@ -3,7 +3,6 @@
 #usage: ecrypt mount /var/crypted /var/unencrypted
 pkgs.writers.writeDashBin "ecrypt" ''
   set -euf
-  set -x
 
   PATH=${lib.makeBinPath (with pkgs; [
     coreutils
@@ -32,6 +31,8 @@ pkgs.writers.writeDashBin "ecrypt" ''
         echo 'destination dir is not empty, aborting'
         exit 1
       else
+        # we start and exit ecryptfs-manager again to circumvent a bug where mounting the ecryptfs fails
+        echo 4 | ecryptfs-manager
         stty -echo
         printf "passphrase: "
         read  passphrase
@@ -59,6 +60,8 @@ pkgs.writers.writeDashBin "ecrypt" ''
       if keyctl list @u | grep -q "$old_sig"; then
         echo 'pw already saved'
       else
+        # we start and exit ecryptfs-manager again to circumvent a bug where mounting the ecryptfs fails
+        echo 4 | ecryptfs-manager
         stty -echo
         printf "passphrase: "
         read  passphrase
-- 
cgit v1.2.3


From 293fa449e1d69d2d070f6990e414c76409c4913d Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sun, 24 Jan 2021 10:30:47 +0100
Subject: ecrypt: l -> krebs

---
 lass/5pkgs/ecrypt/default.nix | 111 ------------------------------------------
 1 file changed, 111 deletions(-)
 delete mode 100644 lass/5pkgs/ecrypt/default.nix

(limited to 'lass/5pkgs')

diff --git a/lass/5pkgs/ecrypt/default.nix b/lass/5pkgs/ecrypt/default.nix
deleted file mode 100644
index f83f8cfe7..000000000
--- a/lass/5pkgs/ecrypt/default.nix
+++ /dev/null
@@ -1,111 +0,0 @@
-{ pkgs, lib }:
-
-#usage: ecrypt mount /var/crypted /var/unencrypted
-pkgs.writers.writeDashBin "ecrypt" ''
-  set -euf
-
-  PATH=${lib.makeBinPath (with pkgs; [
-    coreutils
-    ecryptfs
-    gnused
-    gnugrep
-    jq
-    mount
-    keyutils
-    umount
-  ])}
-
-  # turn echo back on if killed
-  trap 'stty echo' INT
-
-  case "$1" in
-    init)
-      shift
-      mkdir -p "$1" "$2"
-
-      # abort if src or dest are not empty
-      if [ -e "$1"/.cfg.json ]; then
-        echo 'source dir is already configured, aborting'
-        exit 1
-      elif ls -1qA "$2" | grep -q .; then
-        echo 'destination dir is not empty, aborting'
-        exit 1
-      else
-        # we start and exit ecryptfs-manager again to circumvent a bug where mounting the ecryptfs fails
-        echo 4 | ecryptfs-manager
-        stty -echo
-        printf "passphrase: "
-        read  passphrase
-        stty echo
-        sig=$(echo "$passphrase" | ecryptfs-add-passphrase | grep 'Inserted auth tok' | sed 's/.*\[\(.*\)\].*/\1/')
-        mount -t ecryptfs \
-          -o ecryptfs_unlink_sigs,ecryptfs_fnek_sig="$sig",ecryptfs_key_bytes=16,ecryptfs_cipher=aes,ecryptfs_sig="$sig" \
-          "$1" "$2"
-
-        # add sig to json state file
-        jq -n --arg sig "$sig" '{ "sig": $sig }' > "$1"/.cfg.json
-      fi
-      ;;
-
-    mount)
-      shift
-      if ! [ -e "$1"/.cfg.json ]; then
-        echo '.cfg.json missing in src'
-        exit 1
-      fi
-      old_sig=$(cat "$1"/.cfg.json | jq -r .sig)
-
-      # check if key is already in keyring, otherwise add it
-      
-      if keyctl list @u | grep -q "$old_sig"; then
-        echo 'pw already saved'
-      else
-        # we start and exit ecryptfs-manager again to circumvent a bug where mounting the ecryptfs fails
-        echo 4 | ecryptfs-manager
-        stty -echo
-        printf "passphrase: "
-        read  passphrase
-        stty echo
-        new_sig=$(echo "$passphrase" | ecryptfs-add-passphrase | grep 'Inserted auth tok' | sed 's/.*\[\(.*\)\].*/\1/')
-
-        # check if passphrase matches sig
-        if [ "$old_sig" != "$new_sig" ]; then
-          echo 'passphrase does not match sig, bailing out'
-          new_keyid=$(keyctl list @u | grep "$new_sig" | sed 's/\([0-9]*\).*/\1/')
-          keyctl revoke "$new_keyid"
-          keyctl unlink "$new_keyid"
-          exit 1
-        fi
-      fi
-
-      sig=$old_sig
-      keyid=$(keyctl list @u | grep "$sig" | sed 's/\([0-9]*\).*/\1/')
-      if (ls -1qA "$2" | grep -q .); then
-        echo 'destination is not empty, bailing out'
-        exit 1
-      else
-        mount -i -t ecryptfs \
-          -o ecryptfs_passthrough=no,verbose=no,ecryptfs_unlink_sigs,ecryptfs_fnek_sig="$sig",ecryptfs_key_bytes=16,ecryptfs_cipher=aes,ecryptfs_sig="$sig" \
-          "$1" "$2"
-      fi
-      ;;
-
-    unmount)
-      shift
-
-      sig=$(cat "$1"/.cfg.json | jq -r .sig)
-      keyid=$(keyctl list @u | grep "$sig" | sed 's/\s*\([0-9]*\).*/\1/')
-
-      umount "$2" || :
-      keyctl revoke "$keyid"
-      keyctl unlink "$keyid"
-      ;;
-
-    *)
-      echo 'usage:
-        ecrypt init /tmp/src/ /tmp/dst/
-        ecrypt mount /tmp/src/ /tmp/dst/
-        ecrypt unmount /tmp/src/ /tmp/dst/
-      '
-  esac
-''
-- 
cgit v1.2.3