diff options
| author | lassulus <lass@aidsballs.de> | 2016-06-13 13:50:52 +0200 |
|---|---|---|
| committer | lassulus <lass@aidsballs.de> | 2016-06-13 13:50:52 +0200 |
| commit | 23385c2984c9d4fbff65c920d9d59bc29314a639 (patch) | |
| tree | d7e4f635be78922359b21970f6a6c8731995e38d | |
| parent | de43b0e6f50e4d044cc0609a3d7d7c7d869552fe (diff) | |
| parent | 2dd4dbbf6ea77972c7d5edb0ec25b8e778bfeb50 (diff) | |
Merge remote-tracking branch 'cd/master'
| -rw-r--r-- | krebs/3modules/apt-cacher-ng.nix | 3 | ||||
| -rw-r--r-- | krebs/3modules/backup.nix | 3 | ||||
| -rw-r--r-- | krebs/3modules/bepasty-server.nix | 3 | ||||
| -rw-r--r-- | krebs/3modules/buildbot/master.nix | 3 | ||||
| -rw-r--r-- | krebs/3modules/buildbot/slave.nix | 3 | ||||
| -rw-r--r-- | krebs/3modules/git.nix | 2 | ||||
| -rw-r--r-- | krebs/3modules/github-hosts-sync.nix | 3 | ||||
| -rw-r--r-- | krebs/3modules/iptables.nix | 5 | ||||
| -rw-r--r-- | krebs/3modules/repo-sync.nix | 11 | ||||
| -rw-r--r-- | krebs/3modules/retiolum.nix | 6 | ||||
| -rw-r--r-- | krebs/3modules/tinc_graphs.nix | 6 | ||||
| -rw-r--r-- | krebs/4lib/default.nix | 17 | ||||
| -rw-r--r-- | krebs/4lib/types.nix | 23 | ||||
| -rw-r--r-- | krebs/5pkgs/Reaktor/plugins.nix | 3 | ||||
| -rw-r--r-- | krebs/5pkgs/builders.nix | 86 | ||||
| -rw-r--r-- | krebs/5pkgs/git-hooks/default.nix | 3 | ||||
| -rw-r--r-- | krebs/5pkgs/hashPassword/default.nix | 3 | ||||
| -rw-r--r-- | krebs/5pkgs/krebspaste/default.nix | 9 | ||||
| -rw-r--r-- | krebs/5pkgs/pssh/default.nix | 5 | ||||
| -rw-r--r-- | tv/1systems/nomic.nix | 3 | ||||
| -rw-r--r-- | tv/1systems/xu.nix | 3 | ||||
| -rw-r--r-- | tv/2configs/pulse.nix | 3 | ||||
| -rw-r--r-- | tv/5pkgs/default.nix | 3 |
23 files changed, 108 insertions, 101 deletions
diff --git a/krebs/3modules/apt-cacher-ng.nix b/krebs/3modules/apt-cacher-ng.nix index 46b405842..e80d383f8 100644 --- a/krebs/3modules/apt-cacher-ng.nix +++ b/krebs/3modules/apt-cacher-ng.nix @@ -135,8 +135,7 @@ let wantedBy = [ "multi-user.target" ]; serviceConfig = { PermissionsStartOnly = true; - ExecStartPre = pkgs.writeScript "acng-init" '' - #!/bin/sh + ExecStartPre = pkgs.writeDash "acng-init" '' mkdir -p ${shell.escape cfg.cacheDir} ${shell.escape cfg.logDir} chown acng:acng ${shell.escape cfg.cacheDir} ${shell.escape cfg.logDir} ''; diff --git a/krebs/3modules/backup.nix b/krebs/3modules/backup.nix index 71b22d8cb..4569d400f 100644 --- a/krebs/3modules/backup.nix +++ b/krebs/3modules/backup.nix @@ -121,8 +121,7 @@ let "mkdir -m 0700 -p ${shell.escape plan.dst.path}/current" "flock -n ${shell.escape plan.dst.path} rsync" ]; - in pkgs.writeScript "backup.${plan.name}" '' - #! ${pkgs.bash}/bin/bash + in pkgs.writeBash "backup.${plan.name}" '' set -efu start_date=$(date +%s) ssh_target=${shell.escape login-name}@$(${fastest-address remote.host}) diff --git a/krebs/3modules/bepasty-server.nix b/krebs/3modules/bepasty-server.nix index cbf87b2a7..080d2188d 100644 --- a/krebs/3modules/bepasty-server.nix +++ b/krebs/3modules/bepasty-server.nix @@ -109,8 +109,7 @@ let Type = "simple"; PrivateTmp = true; - ExecStartPre = assert server.secretKey != ""; pkgs.writeScript "bepasty-server.${name}-init" '' - #!/bin/sh + ExecStartPre = assert server.secretKey != ""; pkgs.writeDash "bepasty-server.${name}-init" '' mkdir -p "${server.dataDir}" "${server.workDir}" chown bepasty:bepasty "${server.workDir}" "${server.dataDir}" cat > "${server.workDir}/bepasty-${name}.conf" <<EOF diff --git a/krebs/3modules/buildbot/master.nix b/krebs/3modules/buildbot/master.nix index 2a1dbe31a..c365798f3 100644 --- a/krebs/3modules/buildbot/master.nix +++ b/krebs/3modules/buildbot/master.nix @@ -345,8 +345,7 @@ let Type = "forking"; PIDFile = "${workdir}/twistd.pid"; # TODO: maybe also prepare buildbot.tac? - ExecStartPre = pkgs.writeScript "buildbot-master-init" '' - #!/bin/sh + ExecStartPre = pkgs.writeDash "buildbot-master-init" '' set -efux if [ ! -e ${workdir} ];then mkdir -p ${workdir} diff --git a/krebs/3modules/buildbot/slave.nix b/krebs/3modules/buildbot/slave.nix index 248b46132..02331ee12 100644 --- a/krebs/3modules/buildbot/slave.nix +++ b/krebs/3modules/buildbot/slave.nix @@ -159,8 +159,7 @@ let Type = "forking"; PIDFile = "${workdir}/twistd.pid"; # TODO: maybe also prepare buildbot.tac? - ExecStartPre = pkgs.writeScript "buildbot-master-init" '' - #!/bin/sh + ExecStartPre = pkgs.writeDash "buildbot-master-init" '' set -efux mkdir -p ${workdir}/info cp ${buildbot-slave-init} ${workdir}/buildbot.tac diff --git a/krebs/3modules/git.nix b/krebs/3modules/git.nix index 0f5e3172e..6a03b4638 100644 --- a/krebs/3modules/git.nix +++ b/krebs/3modules/git.nix @@ -462,7 +462,7 @@ let reponames = rules: sort lessThan (unique (map (x: x.repo.name) rules)); - # TODO makeGitHooks that uses runCommand instead of scriptFarm? + # TODO use `writeOut` scriptFarm = farm-name: scripts: let diff --git a/krebs/3modules/github-hosts-sync.nix b/krebs/3modules/github-hosts-sync.nix index 1d3873232..3646d35d6 100644 --- a/krebs/3modules/github-hosts-sync.nix +++ b/krebs/3modules/github-hosts-sync.nix @@ -37,8 +37,7 @@ let SyslogIdentifier = "github-hosts-sync"; User = user.name; Restart = "always"; - ExecStartPre = pkgs.writeScript "github-hosts-sync-init" '' - #! /bin/sh + ExecStartPre = pkgs.writeDash "github-hosts-sync-init" '' set -euf install -m 0711 -o ${user.name} -d ${cfg.dataDir} install -m 0700 -o ${user.name} -d ${cfg.dataDir}/.ssh diff --git a/krebs/3modules/iptables.nix b/krebs/3modules/iptables.nix index bb06a9388..dccc11b3f 100644 --- a/krebs/3modules/iptables.nix +++ b/krebs/3modules/iptables.nix @@ -1,7 +1,7 @@ arg@{ config, lib, pkgs, ... }: let - inherit (pkgs) writeScript writeText; + inherit (pkgs) writeText; inherit (builtins) elem @@ -175,8 +175,7 @@ let ${buildTables iptables-version tables} ''; - startScript = writeScript "krebs-iptables_start" '' - #! /bin/sh + startScript = pkgs.writeDash "krebs-iptables_start" '' set -euf iptables-restore < ${rules4 4} ip6tables-restore < ${rules4 6} diff --git a/krebs/3modules/repo-sync.nix b/krebs/3modules/repo-sync.nix index 7a7c80a75..c5c806cdf 100644 --- a/krebs/3modules/repo-sync.nix +++ b/krebs/3modules/repo-sync.nix @@ -1,12 +1,12 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; let cfg = config.krebs.repo-sync; out = { options.krebs.repo-sync = api; - config = mkIf cfg.enable imp; + config = lib.mkIf cfg.enable imp; }; api = { @@ -70,7 +70,7 @@ let imp = { users.users.repo-sync = { name = "repo-sync"; - uid = config.krebs.lib.genid "repo-sync"; + uid = genid "repo-sync"; description = "repo-sync user"; home = cfg.stateDir; createHome = true; @@ -95,9 +95,8 @@ let serviceConfig = { Type = "simple"; PermissionsStartOnly = true; - ExecStartPre = pkgs.writeScript "prepare-repo-sync-user" '' - #! /bin/sh - cp -v ${config.krebs.lib.shell.escape cfg.privateKeyFile} ${cfg.stateDir}/ssh.priv + ExecStartPre = pkgs.writeDash "prepare-repo-sync-user" '' + cp -v ${shell.escape cfg.privateKeyFile} ${cfg.stateDir}/ssh.priv chown repo-sync ${cfg.stateDir}/ssh.priv ''; ExecStart = "${pkgs.repo-sync}/bin/repo-sync ${repo-sync-config}"; diff --git a/krebs/3modules/retiolum.nix b/krebs/3modules/retiolum.nix index 5a035fa50..22991f093 100644 --- a/krebs/3modules/retiolum.nix +++ b/krebs/3modules/retiolum.nix @@ -159,13 +159,13 @@ let PrivateKeyFile = ${cfg.privkey.path} ${cfg.extraConfig} ''; - "tinc-up" = pkgs.writeScript "${cfg.netname}-tinc-up" '' + "tinc-up" = pkgs.writeDash "${cfg.netname}-tinc-up" '' ${iproute}/sbin/ip link set ${cfg.netname} up - ${optionalString (net.ip4 != null) '' + ${optionalString (net.ip4 != null) /* sh */ '' ${iproute}/sbin/ip -4 addr add ${net.ip4.addr} dev ${cfg.netname} ${iproute}/sbin/ip -4 route add ${net.ip4.prefix} dev ${cfg.netname} ''} - ${optionalString (net.ip6 != null) '' + ${optionalString (net.ip6 != null) /* sh */ '' ${iproute}/sbin/ip -6 addr add ${net.ip6.addr} dev ${cfg.netname} ${iproute}/sbin/ip -6 route add ${net.ip6.prefix} dev ${cfg.netname} ''} diff --git a/krebs/3modules/tinc_graphs.nix b/krebs/3modules/tinc_graphs.nix index 2692de982..dec89d249 100644 --- a/krebs/3modules/tinc_graphs.nix +++ b/krebs/3modules/tinc_graphs.nix @@ -94,8 +94,7 @@ let TimeoutSec = 300; # we will wait 5 minutes, kill otherwise restart = "always"; - ExecStartPre = pkgs.writeScript "tinc_graphs-init" '' - #!/bin/sh + ExecStartPre = pkgs.writeDash "tinc_graphs-init" '' mkdir -p "${internal_dir}" "${external_dir}" if ! test -e "${cfg.workingDir}/internal/index.html"; then cp -fr "$(${pkgs.tinc_graphs}/bin/tincstats-static-dir)/internal/." "${internal_dir}" @@ -106,8 +105,7 @@ let ''; ExecStart = "${pkgs.tinc_graphs}/bin/all-the-graphs"; - ExecStartPost = pkgs.writeScript "tinc_graphs-post" '' - #!/bin/sh + ExecStartPost = pkgs.writeDash "tinc_graphs-post" '' # TODO: this may break if workingDir is set to something stupid # this is needed because homedir is created with 700 chmod 755 "${cfg.workingDir}" diff --git a/krebs/4lib/default.nix b/krebs/4lib/default.nix index bfe8c581c..afff17296 100644 --- a/krebs/4lib/default.nix +++ b/krebs/4lib/default.nix @@ -15,6 +15,16 @@ let out = rec { addNames = mapAttrs addName; + guard = spec@{ type, value, ... }: + assert isOptionType type; + if type.check value + then value + else throw (toString (filter isString [ + "argument" + (if spec ? name then "‘${spec.name}’" else null) + "is not a ${type.name}" + ])); + types = import ./types.nix { inherit config; lib = lib // { inherit genid optionalTrace; }; @@ -27,6 +37,11 @@ let out = rec { shell = import ./shell.nix { inherit lib; }; tree = import ./tree.nix { inherit lib; }; + lpad = n: c: s: + if stringLength s < n + then lpad n c (c + s) + else s; + toC = x: let type = typeOf x; reject = throw "cannot convert ${type}"; @@ -41,6 +56,8 @@ let out = rec { mapAttrs (name: _: path + "/${name}") (filterAttrs (_: eq "directory") (readDir path)); + genAttrs' = names: f: listToAttrs (map f names); + setAttr = name: value: set: set // { ${name} = value; }; optionalTrace = c: msg: x: if c then trace msg x else x; diff --git a/krebs/4lib/types.nix b/krebs/4lib/types.nix index 4742877a7..0d5b51f76 100644 --- a/krebs/4lib/types.nix +++ b/krebs/4lib/types.nix @@ -163,7 +163,7 @@ types // rec { secret-file = submodule ({ config, ... }: { options = { path = mkOption { type = str; }; - mode = mkOption { type = str; default = "0400"; }; + mode = mkOption { type = file-mode; default = "0400"; }; owner = mkOption { type = user; default = config.krebs.users.root; @@ -239,7 +239,7 @@ types // rec { check = let IPv4address = let d = "([1-9]?[0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])"; in concatMapStringsSep "." (const d) (range 1 4); - in x: match IPv4address x != null; + in x: isString x && match IPv4address x != null; merge = mergeOneOption; }; addr6 = mkOptionType { @@ -247,7 +247,7 @@ types // rec { check = let # TODO check IPv6 address harder IPv6address = "[0-9a-f.:]+"; - in x: match IPv6address x != null; + in x: isString x && match IPv6address x != null; merge = mergeOneOption; }; @@ -293,6 +293,12 @@ types // rec { }; }; + file-mode = mkOptionType { + name = "file mode"; + check = x: isString x && match "[0-7]{4}" x != null; + merge = mergeOneOption; + }; + haskell.conid = mkOptionType { name = "Haskell constructor identifier"; check = x: @@ -309,7 +315,7 @@ types // rec { # RFC952, B. Lexical grammar, <hname> hostname = mkOptionType { name = "hostname"; - check = x: all label.check (splitString "." x); + check = x: isString x && all label.check (splitString "." x); merge = mergeOneOption; }; @@ -318,14 +324,15 @@ types // rec { label = mkOptionType { name = "label"; # TODO case-insensitive labels - check = x: match "[0-9A-Za-z]([0-9A-Za-z-]*[0-9A-Za-z])?" x != null; + check = x: isString x + && match "[0-9A-Za-z]([0-9A-Za-z-]*[0-9A-Za-z])?" x != null; merge = mergeOneOption; }; # POSIX.1‐2013, 3.278 Portable Filename Character Set filename = mkOptionType { name = "POSIX filename"; - check = x: match "([0-9A-Za-z._])[0-9A-Za-z._-]*" x != null; + check = x: isString x && match "([0-9A-Za-z._])[0-9A-Za-z._-]*" x != null; merge = mergeOneOption; }; @@ -335,7 +342,7 @@ types // rec { absolute-pathname = mkOptionType { name = "POSIX absolute pathname"; check = x: let xs = splitString "/" x; xa = head xs; in - xa == "/" || (xa == "" && all filename.check (tail xs)); + isString x && (xa == "/" || (xa == "" && all filename.check (tail xs))); merge = mergeOneOption; }; @@ -344,7 +351,7 @@ types // rec { pathname = mkOptionType { name = "POSIX pathname"; check = x: let xs = splitString "/" x; in - all filename.check (if head xs == "" then tail xs else xs); + isString x && all filename.check (if head xs == "" then tail xs else xs); merge = mergeOneOption; }; diff --git a/krebs/5pkgs/Reaktor/plugins.nix b/krebs/5pkgs/Reaktor/plugins.nix index 0f61688e3..a483db32c 100644 --- a/krebs/5pkgs/Reaktor/plugins.nix +++ b/krebs/5pkgs/Reaktor/plugins.nix @@ -74,8 +74,7 @@ rec { }; nixos-version = buildSimpleReaktorPlugin "nixos-version" { - script = pkgs.writeScript "nixos-version" '' - #! /bin/sh + script = pkgs.writeDash "nixos-version" '' . /etc/os-release echo "$PRETTY_NAME" ''; diff --git a/krebs/5pkgs/builders.nix b/krebs/5pkgs/builders.nix index 8ba0ab5a7..924e0c086 100644 --- a/krebs/5pkgs/builders.nix +++ b/krebs/5pkgs/builders.nix @@ -2,16 +2,16 @@ with config.krebs.lib; rec { execve = name: { filename, argv ? null, envp ? {}, destination ? "" }: let - in writeC name { inherit destination; } '' + in writeC name { inherit destination; } /* c */ '' #include <unistd.h> static char *const filename = ${toC filename}; ${if argv == null - then /* Propagate arguments */ '' + then /* Propagate arguments */ /* c */ '' #define MAIN_ARGS int argc, char **argv '' - else /* Provide fixed arguments */ '' + else /* Provide fixed arguments */ /* c */ '' #define MAIN_ARGS void static char *const argv[] = ${toC (argv ++ [null])}; ''} @@ -28,22 +28,22 @@ rec { execveBin = name: cfg: execve name (cfg // { destination = "/bin/${name}"; }); - writeBash = name: text: pkgs.writeScript name '' - #! ${pkgs.bash}/bin/bash - ${text} - ''; + makeScriptWriter = interpreter: name: text: + assert (with types; either absolute-pathname filename).check name; + pkgs.writeOut (baseNameOf name) { + ${optionalString (types.absolute-pathname.check name) name} = { + executable = true; + text = "#! ${interpreter}\n${text}"; + }; + }; - writeBashBin = name: text: pkgs.writeTextFile { - executable = true; - destination = "/bin/${name}"; - name = name; - text = '' - #! ${pkgs.bash}/bin/bash - ${text} - ''; - }; + writeBash = makeScriptWriter "${pkgs.bash}/bin/bash"; - writeC = name: { destination ? "" }: src: pkgs.runCommand name {} '' + writeBashBin = name: + assert types.filename.check name; + pkgs.writeBash "/bin/${name}"; + + writeC = name: { destination ? "" }: src: pkgs.runCommand name {} /* sh */ '' PATH=${makeBinPath (with pkgs; [ binutils coreutils @@ -56,37 +56,39 @@ rec { strip --strip-unneeded "$exe" ''; - writeDash = name: text: pkgs.writeScript name '' - #! ${pkgs.dash}/bin/dash - ${text} - ''; + writeDash = makeScriptWriter "${pkgs.dash}/bin/dash"; - writeDashBin = name: text: pkgs.writeTextFile { - executable = true; - destination = "/bin/${name}"; - name = name; - text = '' - #! ${pkgs.dash}/bin/dash - ${text} - ''; - }; + writeDashBin = name: + assert types.filename.check name; + pkgs.writeDash "/bin/${name}"; writeEximConfig = name: text: pkgs.runCommand name { inherit text; passAsFile = [ "text" ]; - } '' + } /* sh */ '' # TODO validate exim config even with config.nix.useChroot == true # currently doing so will fail because "user exim was not found" #${pkgs.exim}/bin/exim -C "$textPath" -bV >/dev/null mv "$textPath" $out ''; - writeFiles = name: specs0: + writeOut = name: specs0: let - specs = mapAttrsToList (path: spec0: { - path = assert types.pathname.check path; path; + specs = mapAttrsToList (path0: spec0: rec { + path = guard { + type = types.pathname; + value = path0; + }; var = "file_${hashString "sha1" path}"; text = spec0.text; + executable = guard { + type = types.bool; + value = spec0.executable or false; + }; + mode = guard { + type = types.file-mode; + value = spec0.mode or (if executable then "0755" else "0644"); + }; }) specs0; filevars = genAttrs' specs (spec: nameValuePair spec.var spec.text); @@ -97,7 +99,7 @@ rec { set -efu PATH=${makeBinPath [pkgs.coreutils]} ${concatMapStrings (spec: /* sh */ '' - install -D ''$${spec.var}Path $out${spec.path} + install -m ${spec.mode} -D ''$${spec.var}Path $out${spec.path} '') specs} ''; @@ -119,7 +121,7 @@ rec { isExecutable = executables != {}; isLibrary = library != null; - cabal-file = pkgs.writeText "${name}-${version}.cabal" '' + cabal-file = pkgs.writeText "${name}-${version}.cabal" /* cabal */ '' build-type: Simple cabal-version: >= 1.2 name: ${name} @@ -135,7 +137,7 @@ rec { , text , ... }: if types.filename.check exe-name - then "install -D ${file} $out/${relpath}" + then /* sh */ "install -D ${file} $out/${relpath}" else throw "argument ‘exe-name’ is not a ${types.filename.name}"; exe-section = @@ -145,7 +147,7 @@ rec { , file ? pkgs.writeText "${name}-${exe-name}.hs" text , relpath ? "${exe-name}.hs" , text - , ... }: '' + , ... }: /* cabal */ '' executable ${exe-name} build-depends: ${concatStringsSep "," build-depends} ghc-options: ${toString ghc-options} @@ -168,7 +170,7 @@ rec { { build-depends ? base-depends ++ extra-depends , extra-depends ? [] , exposed-modules - , ... }: '' + , ... }: /* cabal */ '' library build-depends: ${concatStringsSep "," build-depends} ghc-options: ${toString ghc-options} @@ -182,7 +184,7 @@ rec { , text , ... }: if types.haskell.modid.check mod-name - then "install -D ${file} $out/${relpath}" + then /* sh */ "install -D ${file} $out/${relpath}" else throw "argument ‘mod-name’ is not a ${types.haskell.modid.name}"; in haskellPackages.mkDerivation { @@ -196,7 +198,7 @@ rec { (optionals isLibrary (get-depends library)) haskellPackages; pname = name; - src = pkgs.runCommand "${name}-${version}-src" {} '' + src = pkgs.runCommand "${name}-${version}-src" {} /* sh */ '' install -D ${cabal-file} $out/${cabal-file.name} ${optionalString isLibrary (lib-install library)} ${concatStringsSep "\n" (mapAttrsToList exe-install executables)} @@ -208,7 +210,7 @@ rec { "The function `writeNixFromCabal` has been deprecated in favour of" "`writeHaskell`." ]) - (name: path: pkgs.runCommand name {} '' + (name: path: pkgs.runCommand name {} /* sh */ '' ${pkgs.cabal2nix}/bin/cabal2nix ${path} > $out ''); } diff --git a/krebs/5pkgs/git-hooks/default.nix b/krebs/5pkgs/git-hooks/default.nix index 3aba90535..c8e8c8f53 100644 --- a/krebs/5pkgs/git-hooks/default.nix +++ b/krebs/5pkgs/git-hooks/default.nix @@ -101,8 +101,7 @@ let fi ''; - irc-announce-script = pkgs.writeScript "irc-announce-script" '' - #! /bin/sh + irc-announce-script = pkgs.writeDash "irc-announce-script" '' set -euf export PATH=${makeSearchPath "bin" (with pkgs; [ diff --git a/krebs/5pkgs/hashPassword/default.nix b/krebs/5pkgs/hashPassword/default.nix index 6a7c51c57..3da65ad79 100644 --- a/krebs/5pkgs/hashPassword/default.nix +++ b/krebs/5pkgs/hashPassword/default.nix @@ -1,7 +1,6 @@ { lib, pkgs, ... }: -pkgs.writeScriptBin "hashPassword" '' - #! /bin/sh +pkgs.writeDashBin "hashPassword" '' # usage: hashPassword set -euf diff --git a/krebs/5pkgs/krebspaste/default.nix b/krebs/5pkgs/krebspaste/default.nix index fb318af83..dd7616a05 100644 --- a/krebs/5pkgs/krebspaste/default.nix +++ b/krebs/5pkgs/krebspaste/default.nix @@ -1,7 +1,6 @@ -{ writeScriptBin, pkgs }: +{ writeDashBin, bepasty-client-cli }: -# TODO: use `wrapProgram --add-flags` instead? -writeScriptBin "krebspaste" '' - #! /bin/sh - exec ${pkgs.bepasty-client-cli}/bin/bepasty-cli --url http://paste.retiolum "$@" +# TODO use `execve` instead? +writeDashBin "krebspaste" '' + exec ${bepasty-client-cli}/bin/bepasty-cli --url http://paste.retiolum "$@" '' diff --git a/krebs/5pkgs/pssh/default.nix b/krebs/5pkgs/pssh/default.nix index fd48d3e7c..2676af0cf 100644 --- a/krebs/5pkgs/pssh/default.nix +++ b/krebs/5pkgs/pssh/default.nix @@ -1,7 +1,6 @@ -{ writeScriptBin }: +{ writeDashBin }: -writeScriptBin "pssh" '' - #! /bin/sh +writeDashBin "pssh" '' set -efu case ''${1-} in diff --git a/tv/1systems/nomic.nix b/tv/1systems/nomic.nix index fed67a105..3696bcdfc 100644 --- a/tv/1systems/nomic.nix +++ b/tv/1systems/nomic.nix @@ -47,8 +47,7 @@ with config.krebs.lib; boot.tmpOnTmpfs = true; environment.systemPackages = with pkgs; [ - (writeScriptBin "play" '' - #! /bin/sh + (writeDashBin "play" '' set -euf mpv() { exec ${mpv}/bin/mpv "$@"; } case $1 in diff --git a/tv/1systems/xu.nix b/tv/1systems/xu.nix index a79ae498b..6ba7ab327 100644 --- a/tv/1systems/xu.nix +++ b/tv/1systems/xu.nix @@ -26,8 +26,7 @@ with config.krebs.lib; hashPassword haskellPackages.lentil parallel - (pkgs.writeScriptBin "im" '' - #! ${pkgs.bash}/bin/bash + (pkgs.writeBashBin "im" '' export PATH=${makeSearchPath "bin" (with pkgs; [ tmux gnugrep diff --git a/tv/2configs/pulse.nix b/tv/2configs/pulse.nix index 8e611f21e..512919759 100644 --- a/tv/2configs/pulse.nix +++ b/tv/2configs/pulse.nix @@ -67,8 +67,7 @@ in }; serviceConfig = { ExecStart = "${pkg}/bin/pulseaudio"; - ExecStartPre = pkgs.writeScript "pulse-start" '' - #! /bin/sh + ExecStartPre = pkgs.writeDash "pulse-start" '' install -o pulse -g pulse -m 0750 -d ${runDir} install -o pulse -g pulse -m 0700 -d ${runDir}/home ''; diff --git a/tv/5pkgs/default.nix b/tv/5pkgs/default.nix index da3c914b8..607980807 100644 --- a/tv/5pkgs/default.nix +++ b/tv/5pkgs/default.nix @@ -3,8 +3,7 @@ { nixpkgs.config.packageOverrides = { # TODO use XDG_RUNTIME_DIR? - cr = pkgs.writeScriptBin "cr" '' - #! /bin/sh + cr = pkgs.writeDashBin "cr" '' set -efu export LC_TIME=de_DE.utf8 exec ${pkgs.chromium}/bin/chromium \ |