diff options
Diffstat (limited to 'krebs/3modules')
| -rw-r--r-- | krebs/3modules/apt-cacher-ng.nix | 3 | ||||
| -rw-r--r-- | krebs/3modules/backup.nix | 3 | ||||
| -rw-r--r-- | krebs/3modules/bepasty-server.nix | 3 | ||||
| -rw-r--r-- | krebs/3modules/buildbot/master.nix | 3 | ||||
| -rw-r--r-- | krebs/3modules/buildbot/slave.nix | 3 | ||||
| -rw-r--r-- | krebs/3modules/git.nix | 2 | ||||
| -rw-r--r-- | krebs/3modules/github-hosts-sync.nix | 3 | ||||
| -rw-r--r-- | krebs/3modules/iptables.nix | 5 | ||||
| -rw-r--r-- | krebs/3modules/repo-sync.nix | 11 | ||||
| -rw-r--r-- | krebs/3modules/retiolum.nix | 6 | ||||
| -rw-r--r-- | krebs/3modules/tinc_graphs.nix | 6 |
11 files changed, 19 insertions, 29 deletions
diff --git a/krebs/3modules/apt-cacher-ng.nix b/krebs/3modules/apt-cacher-ng.nix index 46b405842..e80d383f8 100644 --- a/krebs/3modules/apt-cacher-ng.nix +++ b/krebs/3modules/apt-cacher-ng.nix @@ -135,8 +135,7 @@ let wantedBy = [ "multi-user.target" ]; serviceConfig = { PermissionsStartOnly = true; - ExecStartPre = pkgs.writeScript "acng-init" '' - #!/bin/sh + ExecStartPre = pkgs.writeDash "acng-init" '' mkdir -p ${shell.escape cfg.cacheDir} ${shell.escape cfg.logDir} chown acng:acng ${shell.escape cfg.cacheDir} ${shell.escape cfg.logDir} ''; diff --git a/krebs/3modules/backup.nix b/krebs/3modules/backup.nix index 71b22d8cb..4569d400f 100644 --- a/krebs/3modules/backup.nix +++ b/krebs/3modules/backup.nix @@ -121,8 +121,7 @@ let "mkdir -m 0700 -p ${shell.escape plan.dst.path}/current" "flock -n ${shell.escape plan.dst.path} rsync" ]; - in pkgs.writeScript "backup.${plan.name}" '' - #! ${pkgs.bash}/bin/bash + in pkgs.writeBash "backup.${plan.name}" '' set -efu start_date=$(date +%s) ssh_target=${shell.escape login-name}@$(${fastest-address remote.host}) diff --git a/krebs/3modules/bepasty-server.nix b/krebs/3modules/bepasty-server.nix index cbf87b2a7..080d2188d 100644 --- a/krebs/3modules/bepasty-server.nix +++ b/krebs/3modules/bepasty-server.nix @@ -109,8 +109,7 @@ let Type = "simple"; PrivateTmp = true; - ExecStartPre = assert server.secretKey != ""; pkgs.writeScript "bepasty-server.${name}-init" '' - #!/bin/sh + ExecStartPre = assert server.secretKey != ""; pkgs.writeDash "bepasty-server.${name}-init" '' mkdir -p "${server.dataDir}" "${server.workDir}" chown bepasty:bepasty "${server.workDir}" "${server.dataDir}" cat > "${server.workDir}/bepasty-${name}.conf" <<EOF diff --git a/krebs/3modules/buildbot/master.nix b/krebs/3modules/buildbot/master.nix index 2a1dbe31a..c365798f3 100644 --- a/krebs/3modules/buildbot/master.nix +++ b/krebs/3modules/buildbot/master.nix @@ -345,8 +345,7 @@ let Type = "forking"; PIDFile = "${workdir}/twistd.pid"; # TODO: maybe also prepare buildbot.tac? - ExecStartPre = pkgs.writeScript "buildbot-master-init" '' - #!/bin/sh + ExecStartPre = pkgs.writeDash "buildbot-master-init" '' set -efux if [ ! -e ${workdir} ];then mkdir -p ${workdir} diff --git a/krebs/3modules/buildbot/slave.nix b/krebs/3modules/buildbot/slave.nix index 248b46132..02331ee12 100644 --- a/krebs/3modules/buildbot/slave.nix +++ b/krebs/3modules/buildbot/slave.nix @@ -159,8 +159,7 @@ let Type = "forking"; PIDFile = "${workdir}/twistd.pid"; # TODO: maybe also prepare buildbot.tac? - ExecStartPre = pkgs.writeScript "buildbot-master-init" '' - #!/bin/sh + ExecStartPre = pkgs.writeDash "buildbot-master-init" '' set -efux mkdir -p ${workdir}/info cp ${buildbot-slave-init} ${workdir}/buildbot.tac diff --git a/krebs/3modules/git.nix b/krebs/3modules/git.nix index 0f5e3172e..6a03b4638 100644 --- a/krebs/3modules/git.nix +++ b/krebs/3modules/git.nix @@ -462,7 +462,7 @@ let reponames = rules: sort lessThan (unique (map (x: x.repo.name) rules)); - # TODO makeGitHooks that uses runCommand instead of scriptFarm? + # TODO use `writeOut` scriptFarm = farm-name: scripts: let diff --git a/krebs/3modules/github-hosts-sync.nix b/krebs/3modules/github-hosts-sync.nix index 1d3873232..3646d35d6 100644 --- a/krebs/3modules/github-hosts-sync.nix +++ b/krebs/3modules/github-hosts-sync.nix @@ -37,8 +37,7 @@ let SyslogIdentifier = "github-hosts-sync"; User = user.name; Restart = "always"; - ExecStartPre = pkgs.writeScript "github-hosts-sync-init" '' - #! /bin/sh + ExecStartPre = pkgs.writeDash "github-hosts-sync-init" '' set -euf install -m 0711 -o ${user.name} -d ${cfg.dataDir} install -m 0700 -o ${user.name} -d ${cfg.dataDir}/.ssh diff --git a/krebs/3modules/iptables.nix b/krebs/3modules/iptables.nix index bb06a9388..dccc11b3f 100644 --- a/krebs/3modules/iptables.nix +++ b/krebs/3modules/iptables.nix @@ -1,7 +1,7 @@ arg@{ config, lib, pkgs, ... }: let - inherit (pkgs) writeScript writeText; + inherit (pkgs) writeText; inherit (builtins) elem @@ -175,8 +175,7 @@ let ${buildTables iptables-version tables} ''; - startScript = writeScript "krebs-iptables_start" '' - #! /bin/sh + startScript = pkgs.writeDash "krebs-iptables_start" '' set -euf iptables-restore < ${rules4 4} ip6tables-restore < ${rules4 6} diff --git a/krebs/3modules/repo-sync.nix b/krebs/3modules/repo-sync.nix index 7a7c80a75..c5c806cdf 100644 --- a/krebs/3modules/repo-sync.nix +++ b/krebs/3modules/repo-sync.nix @@ -1,12 +1,12 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; let cfg = config.krebs.repo-sync; out = { options.krebs.repo-sync = api; - config = mkIf cfg.enable imp; + config = lib.mkIf cfg.enable imp; }; api = { @@ -70,7 +70,7 @@ let imp = { users.users.repo-sync = { name = "repo-sync"; - uid = config.krebs.lib.genid "repo-sync"; + uid = genid "repo-sync"; description = "repo-sync user"; home = cfg.stateDir; createHome = true; @@ -95,9 +95,8 @@ let serviceConfig = { Type = "simple"; PermissionsStartOnly = true; - ExecStartPre = pkgs.writeScript "prepare-repo-sync-user" '' - #! /bin/sh - cp -v ${config.krebs.lib.shell.escape cfg.privateKeyFile} ${cfg.stateDir}/ssh.priv + ExecStartPre = pkgs.writeDash "prepare-repo-sync-user" '' + cp -v ${shell.escape cfg.privateKeyFile} ${cfg.stateDir}/ssh.priv chown repo-sync ${cfg.stateDir}/ssh.priv ''; ExecStart = "${pkgs.repo-sync}/bin/repo-sync ${repo-sync-config}"; diff --git a/krebs/3modules/retiolum.nix b/krebs/3modules/retiolum.nix index 5a035fa50..22991f093 100644 --- a/krebs/3modules/retiolum.nix +++ b/krebs/3modules/retiolum.nix @@ -159,13 +159,13 @@ let PrivateKeyFile = ${cfg.privkey.path} ${cfg.extraConfig} ''; - "tinc-up" = pkgs.writeScript "${cfg.netname}-tinc-up" '' + "tinc-up" = pkgs.writeDash "${cfg.netname}-tinc-up" '' ${iproute}/sbin/ip link set ${cfg.netname} up - ${optionalString (net.ip4 != null) '' + ${optionalString (net.ip4 != null) /* sh */ '' ${iproute}/sbin/ip -4 addr add ${net.ip4.addr} dev ${cfg.netname} ${iproute}/sbin/ip -4 route add ${net.ip4.prefix} dev ${cfg.netname} ''} - ${optionalString (net.ip6 != null) '' + ${optionalString (net.ip6 != null) /* sh */ '' ${iproute}/sbin/ip -6 addr add ${net.ip6.addr} dev ${cfg.netname} ${iproute}/sbin/ip -6 route add ${net.ip6.prefix} dev ${cfg.netname} ''} diff --git a/krebs/3modules/tinc_graphs.nix b/krebs/3modules/tinc_graphs.nix index 2692de982..dec89d249 100644 --- a/krebs/3modules/tinc_graphs.nix +++ b/krebs/3modules/tinc_graphs.nix @@ -94,8 +94,7 @@ let TimeoutSec = 300; # we will wait 5 minutes, kill otherwise restart = "always"; - ExecStartPre = pkgs.writeScript "tinc_graphs-init" '' - #!/bin/sh + ExecStartPre = pkgs.writeDash "tinc_graphs-init" '' mkdir -p "${internal_dir}" "${external_dir}" if ! test -e "${cfg.workingDir}/internal/index.html"; then cp -fr "$(${pkgs.tinc_graphs}/bin/tincstats-static-dir)/internal/." "${internal_dir}" @@ -106,8 +105,7 @@ let ''; ExecStart = "${pkgs.tinc_graphs}/bin/all-the-graphs"; - ExecStartPost = pkgs.writeScript "tinc_graphs-post" '' - #!/bin/sh + ExecStartPost = pkgs.writeDash "tinc_graphs-post" '' # TODO: this may break if workingDir is set to something stupid # this is needed because homedir is created with 700 chmod 755 "${cfg.workingDir}" |