Merge remote-tracking branch 'temp/master'

author: nin <nineinchnade@gmail.com> 2017-10-17 19:54:15 +0200
committer: nin <nineinchnade@gmail.com> 2017-10-17 19:54:15 +0200
commit: d22de8bfd2e86e2491be0d8fdb6911a07b69872b (patch)
tree: abc52d24c500591c0f35bbb50cb2daba11759ba3
parent: 93d67cfb618d8f8aff014ecbd6abbf9325cb5f84 (diff)
parent: 99f5c3bbe1d601be84f40d777885dcc6887382ff (diff)
15 files changed, 85 insertions, 129 deletions
diff --git a/lib/types.nix b/lib/types.nix
index 70570a6..08dc097 100644
--- a/lib/types.nix
+++ b/lib/types.nix
@@ -92,7 +92,7 @@ rec {
         default = null;
       };
       addrs = mkOption {
-        type = listOf addr;
+        type = listOf cidr;
         default =
           optional (config.ip4 != null) config.ip4.addr ++
           optional (config.ip6 != null) config.ip6.addr;
@@ -109,7 +109,7 @@ rec {
               type = addr4;
             };
             prefix = mkOption ({
-              type = str; # TODO routing prefix (CIDR)
+              type = cidr4;
             } // optionalAttrs (config.name == "retiolum") {
               default = "10.243.0.0/16";
             });
@@ -125,7 +125,7 @@ rec {
               apply = lib.normalize-ip6-addr;
             };
             prefix = mkOption ({
-              type = str; # TODO routing prefix (CIDR)
+              type = cidr6;
             } // optionalAttrs (config.name == "retiolum") {
               default = "42::/16";
             });
@@ -364,6 +364,26 @@ rec {
     merge = mergeOneOption;
   };
 
+  cidr = either cidr4 cidr6;
+  cidr4 = mkOptionType {
+    name = "CIDRv4 address";
+    check = let
+      CIDRv4address = let d = "([1-9]?[0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])"; in
+        concatMapStringsSep "." (const d) (range 1 4) + "(/([1-2]?[0-9]|3[0-2]))?";
+    in
+      test CIDRv4address;
+    merge = mergeOneOption;
+  };
+  cidr6 = mkOptionType {
+    name = "CIDRv6 address";
+    check = let
+      # TODO check IPv6 address harder
+      CIDRv6address = "[0-9a-f.:]+(/([0-9][0-9]?|1[0-2][0-8]))?";
+    in
+      test CIDRv6address;
+    merge = mergeOneOption;
+  };
+
   binary-cache-pubkey = str;
 
   pgp-pubkey = str;
diff --git a/mv/source.nix b/mv/source.nix
index aa2b13f..2fa53a1 100644
--- a/mv/source.nix
+++ b/mv/source.nix
@@ -9,8 +9,8 @@ in
     {
       nixos-config.symlink = "stockholm/mv/1systems/${name}/config.nix";
       nixpkgs.git = {
-        # nixos-17.03
-        ref = mkDefault "56da88a298a6f549701a10bb12072804a1ebfbd5";
+        # nixos-17.09
+        ref = mkDefault "d0f0657ca06cc8cb239cb94f430b53bcdf755887";
         url = https://github.com/NixOS/nixpkgs;
       };
       secrets.file = getAttr builder {
diff --git a/shell.nix b/shell.nix
index 4b8abed..c9b197a 100644
--- a/shell.nix
+++ b/shell.nix
@@ -22,7 +22,12 @@ let
     . ${init.env}
     . ${init.proxy opts}
 
-    exec ${utils.deploy}
+    # Use system's nixos-rebuild, which is not self-contained
+    export PATH=/run/current-system/sw/bin
+    exec ${utils.with-whatsupnix} \
+    nixos-rebuild switch \
+        --show-trace \
+        -I "$target_path"
   '');
 
   cmds.install = pkgs.withGetopt {
@@ -205,16 +210,6 @@ let
         -I "$target_path" \
   '';
 
-  utils.deploy = pkgs.writeDash "utils.deploy" ''
-    set -efu
-    # Use system's nixos-rebuild, which is not self-contained
-    export PATH=/run/current-system/sw/bin
-    ${utils.with-whatsupnix} \
-    nixos-rebuild switch \
-        --show-trace \
-        -I "$target_path"
-  '';
-
   utils.with-whatsupnix = pkgs.writeDash "utils.with-whatsupnix" ''
     set -efu
     if \test "$quiet" = true; then
diff --git a/tv/1systems/alnus/source.nix b/tv/1systems/alnus/source.nix
index c3ed4dc..9fd2f66 100644
--- a/tv/1systems/alnus/source.nix
+++ b/tv/1systems/alnus/source.nix
@@ -1,4 +1,4 @@
 import <stockholm/tv/source.nix> {
   name = "alnus";
-  override.nixpkgs.git.ref = "9b948ea439ddbaa26740ce35543e7e35d2aa6d18";
+  override.nixpkgs.git.ref = "d0f0657ca06cc8cb239cb94f430b53bcdf755887";
 }
diff --git a/tv/1systems/mu/config.nix b/tv/1systems/mu/config.nix
index f3e7b51..10d7b21 100644
--- a/tv/1systems/mu/config.nix
+++ b/tv/1systems/mu/config.nix
@@ -56,7 +56,6 @@ with import <stockholm/lib>;
     firefoxWrapper
     gimp
     iptables
-    kdeApplications.l10n.de.qt5
     libreoffice
     pidginotr
     pidgin-with-plugins
diff --git a/tv/2configs/br.nix b/tv/2configs/br.nix
index c7eb20e..d660ebc 100644
--- a/tv/2configs/br.nix
+++ b/tv/2configs/br.nix
@@ -45,5 +45,4 @@ with import <stockholm/lib>;
     ];
   };
 
-  systemd.services.cups.serviceConfig.PrivateTmp = true;
 }
diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix
index 9ad0253..f418b9f 100644
--- a/tv/2configs/default.nix
+++ b/tv/2configs/default.nix
@@ -80,6 +80,12 @@ with import <stockholm/lib>;
         dmesg = "dmesg -L --reltime";
         view = "vim -R";
 
+        deploy = pkgs.writeDash "deploy" ''
+          set -eu
+          cd ~/stockholm
+          export SYSTEM="$1"
+          exec nix-shell -I stockholm="$PWD" --run 'deploy --system="$SYSTEM"'
+        '';
         reload = "systemctl reload";
         restart = "systemctl restart";
         start = "systemctl start";
diff --git a/tv/2configs/gitrepos.nix b/tv/2configs/gitrepos.nix
index b6480f3..2c4b486 100644
--- a/tv/2configs/gitrepos.nix
+++ b/tv/2configs/gitrepos.nix
@@ -100,10 +100,10 @@ let {
   );
 
   irc-announce = args: pkgs.git-hooks.irc-announce (recursiveUpdate {
-    channel = "#retiolum";
+    channel = "#xxx";
     # TODO make nick = config.krebs.build.host.name the default
     nick = config.krebs.build.host.name;
-    server = "ni.r";
+    server = "irc.r";
     verbose = true;
   } args);
 
diff --git a/tv/2configs/urlwatch.nix b/tv/2configs/urlwatch.nix
index 5779240..515f899 100644
--- a/tv/2configs/urlwatch.nix
+++ b/tv/2configs/urlwatch.nix
@@ -31,7 +31,7 @@ with import <stockholm/lib>;
 
       ## other
 
-      https://nixos.org/channels/nixos-17.03/git-revision
+      https://nixos.org/channels/nixos-17.09/git-revision
       https://nixos.org/channels/nixos-unstable/git-revision
 
       ## 2014-10-17
diff --git a/tv/3modules/default.nix b/tv/3modules/default.nix
index 57ffbfa..493cc8b 100644
--- a/tv/3modules/default.nix
+++ b/tv/3modules/default.nix
@@ -1,5 +1,3 @@
-_:
-
 {
   imports = [
     ./charybdis
diff --git a/tv/3modules/ejabberd/default.nix b/tv/3modules/ejabberd/default.nix
index d7b8deb..e99b94f 100644
--- a/tv/3modules/ejabberd/default.nix
+++ b/tv/3modules/ejabberd/default.nix
@@ -34,18 +34,24 @@ in {
     hosts = mkOption {
       type = with types; listOf str;
     };
-    pkgs.ejabberdctl = mkOption {
+    pkgs.ejabberd = mkOption {
       type = types.package;
-      default = pkgs.writeDashBin "ejabberdctl" ''
-        exec ${pkgs.ejabberd}/bin/ejabberdctl \
-            --config ${toFile "ejabberd.yaml" (import ./config.nix {
-              inherit pkgs;
-              config = cfg;
-            })} \
-            --logs ${shell.escape cfg.user.home} \
-            --spool ${shell.escape cfg.user.home} \
-            "$@"
-      '';
+      default = pkgs.symlinkJoin {
+        name = "ejabberd-wrapper";
+        paths = [
+          (pkgs.writeDashBin "ejabberdctl" ''
+            exec ${pkgs.ejabberd}/bin/ejabberdctl \
+                --config ${toFile "ejabberd.yaml" (import ./config.nix {
+                  inherit pkgs;
+                  config = cfg;
+                })} \
+                --logs ${shell.escape cfg.user.home} \
+                --spool ${shell.escape cfg.user.home} \
+                "$@"
+          '')
+          pkgs.ejabberd
+        ];
+      };
     };
     registration_watchers = mkOption {
       type = types.listOf types.str;
@@ -66,7 +72,21 @@ in {
     };
   };
   config = lib.mkIf cfg.enable {
-    environment.systemPackages = [ cfg.pkgs.ejabberdctl ];
+    environment.systemPackages = [
+      (pkgs.symlinkJoin {
+        name = "ejabberd-sudo-wrapper";
+        paths = [
+          (pkgs.writeDashBin "ejabberdctl" ''
+            set -efu
+            cd ${shell.escape cfg.user.home}
+            exec /run/wrappers/bin/sudo \
+                -u ${shell.escape cfg.user.name} \
+                ${cfg.pkgs.ejabberd}/bin/ejabberdctl "$@"
+          '')
+          cfg.pkgs.ejabberd
+        ];
+      })
+    ];
 
     krebs.secret.files = {
       ejabberd-certfile = cfg.certfile;
@@ -79,7 +99,7 @@ in {
       after = [ "network.target" "secret.service" ];
       serviceConfig = {
         ExecStartPre = "${gen-dhparam} ${cfg.dhfile.path}";
-        ExecStart = "${cfg.pkgs.ejabberdctl}/bin/ejabberdctl foreground";
+        ExecStart = "${cfg.pkgs.ejabberd}/bin/ejabberdctl foreground";
         PermissionsStartOnly = true;
         SyslogIdentifier = "ejabberd";
         User = cfg.user.name;
diff --git a/tv/5pkgs/default.nix b/tv/5pkgs/default.nix
index 1796609..9dc7ae7 100644
--- a/tv/5pkgs/default.nix
+++ b/tv/5pkgs/default.nix
@@ -13,6 +13,14 @@ foldl' mergeAttrs {}
 //
 
 {
+  brscan4 = overrideDerivation super.brscan4 (original: rec {
+    name = "brscan4-0.4.4-4";
+    src = super.fetchurl {
+      url = "http://download.brother.com/welcome/dlf006645/${name}.amd64.deb";
+      sha256 = "0xy5px96y1saq9l80vwvfn6anr2q42qlxdhm6ci2a0diwib5q9fd";
+    };
+  });
+
   # TODO use XDG_RUNTIME_DIR?
   cr = self.writeDashBin "cr" ''
     set -efu
@@ -32,7 +40,7 @@ foldl' mergeAttrs {}
     exec ${self.firefoxWrapper}/bin/firefox "$@"
   '';
 
-  gnupg = self.gnupg21;
+  gnupg = self.gnupg22;
 
   # https://github.com/NixOS/nixpkgs/issues/16113
   wvdial = let
diff --git a/tv/5pkgs/simple/mfcl2700dncupswrapper/default.nix b/tv/5pkgs/simple/mfcl2700dncupswrapper/default.nix
deleted file mode 100644
index 1ef018b..0000000
--- a/tv/5pkgs/simple/mfcl2700dncupswrapper/default.nix
+++ /dev/null
@@ -1,45 +0,0 @@
-{ coreutils, dpkg, fetchurl, gnugrep, gnused, makeWrapper, mfcl2700dnlpr,
-perl, stdenv }:
-
-stdenv.mkDerivation rec {
-  name = "mfcl2700dncupswrapper-${meta.version}";
-
-  src = fetchurl {
-    url = "http://download.brother.com/welcome/dlf102086/${name}.i386.deb";
-    sha256 = "07w48mah0xbv4h8vsh1qd5cd4b463bx8y6gc5x9pfgsxsy6h6da1";
-  };
-
-  nativeBuildInputs = [ dpkg makeWrapper ];
-
-  phases = [ "installPhase" ];
-
-  installPhase = ''
-    dpkg-deb -x $src $out
-
-    basedir=${mfcl2700dnlpr}/opt/brother/Printers/MFCL2700DN
-    dir=$out/opt/brother/Printers/MFCL2700DN
-
-    substituteInPlace $dir/cupswrapper/brother_lpdwrapper_MFCL2700DN \
-      --replace /usr/bin/perl ${perl}/bin/perl \
-      --replace "basedir =~" "basedir = \"$basedir\"; #" \
-      --replace "PRINTER =~" "PRINTER = \"MFCL2700DN\"; #"
-
-    wrapProgram $dir/cupswrapper/brother_lpdwrapper_MFCL2700DN \
-      --prefix PATH : ${stdenv.lib.makeBinPath [ coreutils gnugrep gnused ]}
-
-    mkdir -p $out/lib/cups/filter
-    mkdir -p $out/share/cups/model
-
-    ln $dir/cupswrapper/brother_lpdwrapper_MFCL2700DN $out/lib/cups/filter
-    ln $dir/cupswrapper/brother-MFCL2700DN-cups-en.ppd $out/share/cups/model
-  '';
-
-  meta = {
-    description = "Brother MFC-L2700DN CUPS wrapper driver";
-    homepage = "http://www.brother.com/";
-    license = stdenv.lib.licenses.gpl2Plus;
-    maintainers = [ stdenv.lib.maintainers.tv ];
-    platforms = stdenv.lib.platforms.linux;
-    version = "3.2.0-1";
-  };
-}
diff --git a/tv/5pkgs/simple/mfcl2700dnlpr/default.nix b/tv/5pkgs/simple/mfcl2700dnlpr/default.nix
deleted file mode 100644
index fc11b53..0000000
--- a/tv/5pkgs/simple/mfcl2700dnlpr/default.nix
+++ /dev/null
@@ -1,44 +0,0 @@
-{ coreutils, dpkg, fetchurl, ghostscript, gnugrep, gnused, pkgsi686Linux, makeWrapper, perl, stdenv, which }:
-
-stdenv.mkDerivation rec {
-  name = "mfcl2700dnlpr-${meta.version}";
-
-  src = fetchurl {
-    url = "http://download.brother.com/welcome/dlf102085/${name}.i386.deb";
-    sha256 = "170qdzxlqikzvv2wphvfb37m19mn13az4aj88md87ka3rl5knk4m";
-  };
-
-  nativeBuildInputs = [ dpkg makeWrapper ];
-
-  phases = [ "installPhase" ];
-
-  installPhase = ''
-    dpkg-deb -x $src $out
-
-    dir=$out/opt/brother/Printers/MFCL2700DN
-
-    substituteInPlace $dir/lpd/filter_MFCL2700DN \
-      --replace /usr/bin/perl ${perl}/bin/perl \
-      --replace "BR_PRT_PATH =~" "BR_PRT_PATH = \"$dir\"; #" \
-      --replace "PRINTER =~" "PRINTER = \"MFCL2700DN\"; #"
-
-    wrapProgram $dir/lpd/filter_MFCL2700DN \
-      --prefix PATH : ${stdenv.lib.makeBinPath [
-        coreutils ghostscript gnugrep gnused which
-      ]}
-
-    interpreter=${pkgsi686Linux.stdenv.cc.libc.out}/lib/ld-linux.so.2
-    patchelf --set-interpreter "$interpreter" $dir/inf/braddprinter
-    patchelf --set-interpreter "$interpreter" $dir/lpd/brprintconflsr3
-    patchelf --set-interpreter "$interpreter" $dir/lpd/rawtobr3
-  '';
-
-  meta = {
-    description = "Brother MFC-L2700DN LPR driver";
-    homepage = "http://www.brother.com/";
-    license = stdenv.lib.licenses.unfree;
-    maintainers = [ stdenv.lib.maintainers.tv ];
-    platforms = stdenv.lib.platforms.linux;
-    version = "3.2.0-1";
-  };
-}
diff --git a/tv/source.nix b/tv/source.nix
index 18733ee..f3bda27 100644
--- a/tv/source.nix
+++ b/tv/source.nix
@@ -9,8 +9,8 @@ in
     {
       nixos-config.symlink = "stockholm/tv/1systems/${name}/config.nix";
       nixpkgs.git = {
-        # nixos-17.03
-        ref = mkDefault "94941cb0455bfc50b1bf63186cfad7136d629f78";
+        # nixos-17.09
+        ref = mkDefault "d0f0657ca06cc8cb239cb94f430b53bcdf755887";
         url = https://github.com/NixOS/nixpkgs;
       };
       secrets.file = getAttr builder {
author	nin <nineinchnade@gmail.com>	2017-10-17 19:54:15 +0200
committer	nin <nineinchnade@gmail.com>	2017-10-17 19:54:15 +0200
commit	d22de8bfd2e86e2491be0d8fdb6911a07b69872b (patch)
tree	abc52d24c500591c0f35bbb50cb2daba11759ba3
parent	93d67cfb618d8f8aff014ecbd6abbf9325cb5f84 (diff)
parent	99f5c3bbe1d601be84f40d777885dcc6887382ff (diff)