From f811bc0144b7268031a960d85e0dfee35d5e8fed Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 26 Jul 2015 14:03:39 +0200 Subject: 1 tv wu: systemPackages += ff --- 1systems/tv/wu.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/1systems/tv/wu.nix b/1systems/tv/wu.nix index 37264635b..f542581ba 100644 --- a/1systems/tv/wu.nix +++ b/1systems/tv/wu.nix @@ -29,6 +29,12 @@ in Zpkgs.genid Zpkgs.hashPassword Zpkgs.lentil + (pkgs.writeScriptBin "ff" '' + #! ${pkgs.bash}/bin/bash + exec sudo -u ff -i < Date: Sun, 26 Jul 2015 14:17:39 +0200 Subject: 1 tv wu: systemPackages += im -= weechat --- 1systems/tv/wu.nix | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/1systems/tv/wu.nix b/1systems/tv/wu.nix index f542581ba..192b65b9d 100644 --- a/1systems/tv/wu.nix +++ b/1systems/tv/wu.nix @@ -35,6 +35,19 @@ in exec ${pkgs.firefoxWrapper}/bin/firefox $(printf " %q" "$@") EOF '') + (pkgs.writeScriptBin "im" '' + #! ${pkgs.bash}/bin/bash + export PATH=${makeSearchPath "bin" (with pkgs; [ + tmux + gnugrep + weechat + ])} + if tmux list-sessions -F\#S | grep -q '^im''$'; then + exec tmux attach -t im + else + exec tmux new -s im weechat + fi + '') # root cryptsetup @@ -62,7 +75,6 @@ in sxiv texLive tmux - weechat zathura Zpkgs.dic -- cgit v1.2.3 From 09ab49dfcab63a3a7d8c19c58f320ab294daa50f Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 26 Jul 2015 18:18:41 +0200 Subject: use new krebs config for hostname --- 1systems/makefu/pnp.nix | 9 ++------- 2configs/makefu/base.nix | 5 +++++ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/1systems/makefu/pnp.nix b/1systems/makefu/pnp.nix index 7e4ccf2c1..1019c4d70 100644 --- a/1systems/makefu/pnp.nix +++ b/1systems/makefu/pnp.nix @@ -11,7 +11,8 @@ ../../2configs/makefu/base.nix ../../2configs/makefu/cgit-retiolum.nix ]; - krebs.enable = true; + krebs.build.host = config.krebs.hosts.pnp; + boot.loader.grub.enable = true; boot.loader.grub.version = 2; boot.loader.grub.device = "/dev/vda"; @@ -39,14 +40,8 @@ ]; }; - nix.maxJobs = 2; - networking.hostName = "pnp"; # Define your hostname. - # $ nix-env -qaP | grep wget environment.systemPackages = with pkgs; [ - wget - git - gnumake jq ]; } diff --git a/2configs/makefu/base.nix b/2configs/makefu/base.nix index 25b80930b..b052b13e4 100644 --- a/2configs/makefu/base.nix +++ b/2configs/makefu/base.nix @@ -3,6 +3,10 @@ with lib; { imports = [ ]; + krebs.enable = true; + krebs.search-domain = "retiolum"; + + networking.hostName = config.krebs.build.host.name; users.extraUsers = { root = { openssh.authorizedKeys.keys = [ config.krebs.users.makefu.pubkey ]; @@ -37,6 +41,7 @@ with lib; environment.systemPackages = with pkgs; [ git vim + gnumake rxvt_unicode.terminfo ]; -- cgit v1.2.3 From 00dca31b6c9898b482d4a0ae7dea32f12d4bedf0 Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 26 Jul 2015 19:13:21 +0200 Subject: 0 tv wu nixpkgs: 7725eb1 -> 9d5508d --- 0make/tv/wu.makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/0make/tv/wu.makefile b/0make/tv/wu.makefile index ef7e51194..7614af776 100644 --- a/0make/tv/wu.makefile +++ b/0make/tv/wu.makefile @@ -1,4 +1,4 @@ deploy_host := root@wu nixpkgs_url := /home/tv/src/nixpkgs -nixpkgs_rev := 7725eb1d3ed85fc34edde3c3a7907ab234933a68 +nixpkgs_rev := 9d5508d85c33b8fb22d79dde6176792eac2c2696 secrets_dir := /home/tv/secrets/wu -- cgit v1.2.3 From 4926abb00f74614e7748b8959b8d2fcd8e98dacc Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 26 Jul 2015 20:12:35 +0200 Subject: 0 tv mkdir nixpkgs: 4c01e6d -> 9d5508d --- 0make/tv/mkdir.makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/0make/tv/mkdir.makefile b/0make/tv/mkdir.makefile index b10398a07..1e8bf7df3 100644 --- a/0make/tv/mkdir.makefile +++ b/0make/tv/mkdir.makefile @@ -1,4 +1,4 @@ deploy_host := root@mkdir nixpkgs_url := https://github.com/NixOS/nixpkgs -nixpkgs_rev := 4c01e6d91993b6de128795f4fbdd25f6227fb870 +nixpkgs_rev := 9d5508d85c33b8fb22d79dde6176792eac2c2696 secrets_dir := /home/tv/secrets/mkdir -- cgit v1.2.3 From 98bc5991db76171ae9e1631b66f41061420624db Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 26 Jul 2015 21:04:13 +0200 Subject: 3 krebs: make dns.providers part of api --- 3modules/krebs/default.nix | 61 +++++++++++++++++++++++----------------------- 4lib/krebs/default.nix | 21 +++------------- 4lib/krebs/dns.nix | 31 +++++++++++++++++++++++ 4lib/krebs/listset.nix | 11 +++++++++ 4lib/krebs/tree.nix | 13 ++++++++++ 5 files changed, 88 insertions(+), 49 deletions(-) create mode 100644 4lib/krebs/dns.nix create mode 100644 4lib/krebs/listset.nix create mode 100644 4lib/krebs/tree.nix diff --git a/3modules/krebs/default.nix b/3modules/krebs/default.nix index 33c108811..70d454971 100644 --- a/3modules/krebs/default.nix +++ b/3modules/krebs/default.nix @@ -34,6 +34,14 @@ let default = {}; }; + dns = { + providers = mkOption { + # TODO with types; tree dns.label dns.provider, so we can merge. + # Currently providers can only be merged if aliases occur just once. + type = with types; attrsOf unspecified; + }; + }; + hosts = mkOption { type = with types; attrsOf host; }; @@ -56,38 +64,26 @@ let { krebs = makefu-imp; } { krebs = tv-imp; } { - # XXX This overlaps with krebs.retiolum - networking.extraHosts = - let - # TODO move domain name providers to a dedicated module - # providers : tree label providername - providers = { - internet = "hosts"; - retiolum = "hosts"; - de.viljetic = "regfish"; - de.krebsco = "ovh"; - }; - - # splitByProvider : [alias] -> listset providername alias - splitByProvider = foldl (acc: alias: listset-insert (providerOf alias) alias acc) {}; + krebs.dns.providers = { + de.krebsco = "ovh"; + internet = "hosts"; + retiolum = "hosts"; + }; - # providerOf : alias -> providername - providerOf = alias: - tree-get (splitString "." alias) providers; - in - concatStringsSep "\n" (flatten ( - # TODO deepMap ["hosts" "nets"] (hostname: host: netname: net: - mapAttrsToList (hostname: host: - mapAttrsToList (netname: net: - let - aliases = toString (unique (longs ++ shorts)); - longs = (splitByProvider net.aliases).hosts; - shorts = map (removeSuffix ".${cfg.search-domain}") longs; - in - map (addr: "${addr} ${aliases}") net.addrs - ) host.nets - ) config.krebs.hosts - )); + # XXX This overlaps with krebs.retiolum + networking.extraHosts = concatStringsSep "\n" (flatten ( + mapAttrsToList (hostname: host: + mapAttrsToList (netname: net: + let + aliases = toString (unique (longs ++ shorts)); + providers = dns.split-by-provider net.aliases cfg.dns.providers; + longs = providers.hosts; + shorts = map (removeSuffix ".${cfg.search-domain}") longs; + in + map (addr: "${addr} ${aliases}") net.addrs + ) host.nets + ) cfg.hosts + )); } ]; @@ -139,6 +135,9 @@ let }; tv-imp = { + dns.providers = { + de.viljetic = "regfish"; + }; hosts = addNames { cd = { cores = 2; diff --git a/4lib/krebs/default.nix b/4lib/krebs/default.nix index 0c42a5de3..b67585335 100644 --- a/4lib/krebs/default.nix +++ b/4lib/krebs/default.nix @@ -12,22 +12,7 @@ builtins // lib // rec { types = import ./types.nix { inherit lib; }; - - # listset k v = set k [v] - - # listset-insert : k -> v -> listset k v -> listset k v - listset-insert = name: value: set: - set // { ${name} = set.${name} or [] ++ [value]; }; - - # tree k v = set k (either v (tree k v)) - - # tree-get : [k] -> tree k v -> v - tree-get = path: x: - let - y = x.${last path}; - in - if typeOf y != "set" - then y - else tree-get (init path) y; - + dns = import ./dns.nix { inherit lib; }; + listset = import ./listset.nix { inherit lib; }; + tree = import ./tree.nix { inherit lib; }; } diff --git a/4lib/krebs/dns.nix b/4lib/krebs/dns.nix new file mode 100644 index 000000000..b2cf3c24c --- /dev/null +++ b/4lib/krebs/dns.nix @@ -0,0 +1,31 @@ +{ lib, ... }: + +let + listset = import ./listset.nix { inherit lib; }; +in + +with builtins; +with lib; + +rec { + # label = string + + # TODO does it make sense to have alias = list label? + + # split-by-provider : + # [[label]] -> tree label provider -> listset provider alias + split-by-provider = as: providers: + foldl (m: a: listset.insert (provider-of a providers) a m) {} as; + + # provider-of : alias -> tree label provider -> provider + # Note that we cannot use tree.get here, because path can be longer + # than the tree depth. + provider-of = a: + let + go = path: tree: + if typeOf tree == "string" + then tree + else go (tail path) tree.${head path}; + in + go (reverseList (splitString "." a)); +} diff --git a/4lib/krebs/listset.nix b/4lib/krebs/listset.nix new file mode 100644 index 000000000..3aae22f20 --- /dev/null +++ b/4lib/krebs/listset.nix @@ -0,0 +1,11 @@ +{ lib, ... }: + +with lib; + +rec { + # listset k v = set k [v] + + # insert : k -> v -> listset k v -> listset k v + insert = name: value: set: + set // { ${name} = set.${name} or [] ++ [value]; }; +} diff --git a/4lib/krebs/tree.nix b/4lib/krebs/tree.nix new file mode 100644 index 000000000..1cd83b3f6 --- /dev/null +++ b/4lib/krebs/tree.nix @@ -0,0 +1,13 @@ +{ lib, ... }: + +with lib; + +rec { + # tree k v = set k (either v (tree k v)) + + # get : [k] -> tree k v -> v + get = path: tree: + if length path > 0 + then get (tail path) tree.${head path} # TODO check if elem exists + else tree; +} -- cgit v1.2.3 From 0057d3a1916b2438ca7a113b9d2977ba0808054e Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 27 Jul 2015 00:49:06 +0200 Subject: 1 tv wu: simplify users --- 1systems/tv/wu.nix | 76 +++++++----------------------------------------------- 1 file changed, 10 insertions(+), 66 deletions(-) diff --git a/1systems/tv/wu.nix b/1systems/tv/wu.nix index 192b65b9d..9228e65ca 100644 --- a/1systems/tv/wu.nix +++ b/1systems/tv/wu.nix @@ -169,19 +169,21 @@ in } { users.extraGroups = { - tv-sub.gid = 1337; + tv.gid = 1337; + slaves.gid = 3799582008; # genid slaves }; users.extraUsers = - mapAttrs (name: user: user // { + mapAttrs (name: user@{ extraGroups ? [], ... }: user // { inherit name; home = "/home/${name}"; createHome = true; useDefaultShell = true; + group = "tv"; + extraGroups = ["slaves"] ++ extraGroups; }) { ff = { uid = 13378001; - group = "tv-sub"; extraGroups = [ "audio" "video" @@ -190,17 +192,6 @@ in cr = { uid = 13378002; - group = "tv-sub"; - extraGroups = [ - "audio" - "video" - "bumblebee" - ]; - }; - - vimb = { - uid = 13378003; - group = "tv-sub"; extraGroups = [ "audio" "video" @@ -210,47 +201,38 @@ in fa = { uid = 2300001; - group = "tv-sub"; }; rl = { uid = 2300002; - group = "tv-sub"; }; tief = { uid = 2300702; - group = "tv-sub"; }; btc-bitcoind = { uid = 2301001; - group = "tv-sub"; }; btc-electrum = { uid = 2301002; - group = "tv-sub"; }; ltc-litecoind = { uid = 2301101; - group = "tv-sub"; }; eth = { uid = 2302001; - group = "tv-sub"; }; emse-hsdb = { uid = 4200101; - group = "tv-sub"; }; wine = { uid = 13370400; - group = "tv-sub"; extraGroups = [ "audio" "video" @@ -258,21 +240,8 @@ in ]; }; - # dwarffortress df = { uid = 13370401; - group = "tv-sub"; - extraGroups = [ - "audio" - "video" - "bumblebee" - ]; - }; - - # XXX visudo: Warning: Runas_Alias `FTL' referenced but not defined - FTL = { - uid = 13370402; - #group = "tv-sub"; extraGroups = [ "audio" "video" @@ -280,14 +249,8 @@ in ]; }; - freeciv = { - uid = 13370403; - group = "tv-sub"; - }; - xr = { uid = 13370061; - group = "tv-sub"; extraGroups = [ "audio" "video" @@ -296,26 +259,14 @@ in "23" = { uid = 13370023; - group = "tv-sub"; }; electrum = { uid = 13370102; - group = "tv-sub"; - }; - - Reaktor = { - uid = 4230010; - group = "tv-sub"; - }; - - gitolite = { - uid = 7700; }; skype = { uid = 6660001; - group = "tv-sub"; extraGroups = [ "audio" ]; @@ -323,12 +274,10 @@ in onion = { uid = 6660010; - group = "tv-sub"; }; zalora = { uid = 1000301; - group = "tv-sub"; extraGroups = [ "audio" # TODO remove vboxusers when hardening is active @@ -340,17 +289,12 @@ in security.sudo.extraConfig = let - inherit (import ../../4lib/tv { inherit lib pkgs; }) - isSuffixOf; - - hasMaster = { group ? "", ... }: - isSuffixOf "-sub" group; - - masterOf = user : removeSuffix "-sub" user.group; + isSlave = u: elem "slaves" u.extraGroups; + masterOf = u: u.group; + slaves = filterAttrs (_: isSlave) config.users.extraUsers; + toSudoers = u: "${masterOf u} ALL=(${u.name}) NOPASSWD: ALL"; in - concatStringsSep "\n" - (map (u: "${masterOf u} ALL=(${u.name}) NOPASSWD: ALL") - (filter hasMaster (attrValues config.users.extraUsers))); + concatMapStringsSep "\n" toSudoers (attrValues slaves); } ]; -- cgit v1.2.3 From 45b173c11ecc7d6e8a177d7121bd06d923691b4b Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 27 Jul 2015 00:54:15 +0200 Subject: 4 tv: purge cruft --- 4lib/tv/default.nix | 27 +-------------------------- 1 file changed, 1 insertion(+), 26 deletions(-) diff --git a/4lib/tv/default.nix b/4lib/tv/default.nix index 16888c214..e0a295f17 100644 --- a/4lib/tv/default.nix +++ b/4lib/tv/default.nix @@ -9,38 +9,13 @@ with krebs; krebs // rec { git = import ./git.nix { - lib = lib // { - inherit addNames; - }; + lib = krebs; inherit pkgs; }; # "7.4.335" -> "74" majmin = with lib; x : concatStrings (take 2 (splitString "." x)); - concat = xs : - if xs == [] - then "" - else head xs + concat (tail xs) - ; - - flip = f : x : y : f y x; - - # isSuffixOf :: String -> String -> Bool - isSuffixOf = - s : xs : - let - sn = stringLength s; - xsn = stringLength xs; - in - xsn >= sn && substring (xsn - sn) sn xs == s ; - - # setMap :: (String -> a -> b) -> Set String a -> [b] - #setMap = f: xs: map (k : f k (getAttr k xs)) (attrNames xs); - - # setToList :: Set k a -> [a] - #setToList = setMap (_: v: v); - shell-escape = let isSafeChar = c: match "[-./0-9_a-zA-Z]" c != null; -- cgit v1.2.3 From afb6afff1d0f81d8a0dcfd94fa8e46a849bb094f Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 27 Jul 2015 02:02:34 +0200 Subject: * tv -> tv * --- 1systems/tv/cd.nix | 127 ------ 1systems/tv/mkdir.nix | 67 --- 1systems/tv/nomic.nix | 100 ----- 1systems/tv/rmdir.nix | 68 --- 1systems/tv/wu.nix | 393 ----------------- 2configs/tv/AO753.nix | 39 -- 2configs/tv/CAC-CentOS-7-64bit.nix | 47 -- 2configs/tv/CAC-Developer-1.nix | 6 - 2configs/tv/CAC-Developer-2.nix | 6 - 2configs/tv/base.nix | 188 -------- 2configs/tv/bash_completion.sh | 779 --------------------------------- 2configs/tv/charybdis.nix | 603 ------------------------- 2configs/tv/consul-client.nix | 9 - 2configs/tv/consul-server.nix | 21 - 2configs/tv/cryptoroot.nix | 4 - 2configs/tv/exim-retiolum.nix | 126 ------ 2configs/tv/exim-smarthost.nix | 475 -------------------- 2configs/tv/git.nix | 90 ---- 2configs/tv/mail-client.nix | 14 - 2configs/tv/smartd.nix | 17 - 2configs/tv/synaptics.nix | 14 - 2configs/tv/urlwatch.nix | 51 --- 2configs/tv/urxvt.nix | 24 - 2configs/tv/w110er.nix | 42 -- 2configs/tv/xserver.nix | 41 -- 3modules/tv/consul.nix | 118 ----- 3modules/tv/default.nix | 9 - 3modules/tv/ejabberd.nix | 166 ------- 3modules/tv/iptables.nix | 126 ------ 4lib/tv/default.nix | 27 -- 4lib/tv/git.nix | 182 -------- 4lib/tv/modules.nix | 21 - Zpkgs/tv/charybdis/default.nix | 34 -- Zpkgs/tv/charybdis/remove-setenv.patch | 12 - Zpkgs/tv/default.nix | 13 - Zpkgs/tv/lentil/1.patch | 39 -- Zpkgs/tv/lentil/default.nix | 17 - Zpkgs/tv/lentil/syntaxes.patch | 11 - Zpkgs/tv/much.nix | 64 --- Zpkgs/tv/viljetic-pages/default.nix | 16 - Zpkgs/tv/viljetic-pages/index.html | 10 - Zpkgs/tv/viljetic-pages/logo.xpm | 24 - tv/configs/AO753.nix | 39 ++ tv/configs/CAC-CentOS-7-64bit.nix | 47 ++ tv/configs/CAC-Developer-1.nix | 6 + tv/configs/CAC-Developer-2.nix | 6 + tv/configs/base.nix | 188 ++++++++ tv/configs/bash_completion.sh | 779 +++++++++++++++++++++++++++++++++ tv/configs/charybdis.nix | 605 +++++++++++++++++++++++++ tv/configs/consul-client.nix | 9 + tv/configs/consul-server.nix | 21 + tv/configs/cryptoroot.nix | 4 + tv/configs/exim-retiolum.nix | 126 ++++++ tv/configs/exim-smarthost.nix | 475 ++++++++++++++++++++ tv/configs/git.nix | 90 ++++ tv/configs/mail-client.nix | 14 + tv/configs/smartd.nix | 17 + tv/configs/synaptics.nix | 14 + tv/configs/urlwatch.nix | 51 +++ tv/configs/urxvt.nix | 24 + tv/configs/w110er.nix | 42 ++ tv/configs/xserver.nix | 41 ++ tv/lib/default.nix | 27 ++ tv/lib/git.nix | 182 ++++++++ tv/lib/modules.nix | 21 + tv/modules/consul.nix | 118 +++++ tv/modules/default.nix | 9 + tv/modules/ejabberd.nix | 166 +++++++ tv/modules/iptables.nix | 126 ++++++ tv/pkgs/charybdis/default.nix | 34 ++ tv/pkgs/charybdis/remove-setenv.patch | 12 + tv/pkgs/default.nix | 13 + tv/pkgs/lentil/1.patch | 39 ++ tv/pkgs/lentil/default.nix | 17 + tv/pkgs/lentil/syntaxes.patch | 11 + tv/pkgs/much.nix | 64 +++ tv/pkgs/viljetic-pages/default.nix | 16 + tv/pkgs/viljetic-pages/index.html | 10 + tv/pkgs/viljetic-pages/logo.xpm | 24 + tv/systems/cd.nix | 127 ++++++ tv/systems/mkdir.nix | 67 +++ tv/systems/nomic.nix | 100 +++++ tv/systems/rmdir.nix | 68 +++ tv/systems/wu.nix | 393 +++++++++++++++++ 84 files changed, 4242 insertions(+), 4240 deletions(-) delete mode 100644 1systems/tv/cd.nix delete mode 100644 1systems/tv/mkdir.nix delete mode 100644 1systems/tv/nomic.nix delete mode 100644 1systems/tv/rmdir.nix delete mode 100644 1systems/tv/wu.nix delete mode 100644 2configs/tv/AO753.nix delete mode 100644 2configs/tv/CAC-CentOS-7-64bit.nix delete mode 100644 2configs/tv/CAC-Developer-1.nix delete mode 100644 2configs/tv/CAC-Developer-2.nix delete mode 100644 2configs/tv/base.nix delete mode 100644 2configs/tv/bash_completion.sh delete mode 100644 2configs/tv/charybdis.nix delete mode 100644 2configs/tv/consul-client.nix delete mode 100644 2configs/tv/consul-server.nix delete mode 100644 2configs/tv/cryptoroot.nix delete mode 100644 2configs/tv/exim-retiolum.nix delete mode 100644 2configs/tv/exim-smarthost.nix delete mode 100644 2configs/tv/git.nix delete mode 100644 2configs/tv/mail-client.nix delete mode 100644 2configs/tv/smartd.nix delete mode 100644 2configs/tv/synaptics.nix delete mode 100644 2configs/tv/urlwatch.nix delete mode 100644 2configs/tv/urxvt.nix delete mode 100644 2configs/tv/w110er.nix delete mode 100644 2configs/tv/xserver.nix delete mode 100644 3modules/tv/consul.nix delete mode 100644 3modules/tv/default.nix delete mode 100644 3modules/tv/ejabberd.nix delete mode 100644 3modules/tv/iptables.nix delete mode 100644 4lib/tv/default.nix delete mode 100644 4lib/tv/git.nix delete mode 100644 4lib/tv/modules.nix delete mode 100644 Zpkgs/tv/charybdis/default.nix delete mode 100644 Zpkgs/tv/charybdis/remove-setenv.patch delete mode 100644 Zpkgs/tv/default.nix delete mode 100644 Zpkgs/tv/lentil/1.patch delete mode 100644 Zpkgs/tv/lentil/default.nix delete mode 100644 Zpkgs/tv/lentil/syntaxes.patch delete mode 100644 Zpkgs/tv/much.nix delete mode 100644 Zpkgs/tv/viljetic-pages/default.nix delete mode 100644 Zpkgs/tv/viljetic-pages/index.html delete mode 100644 Zpkgs/tv/viljetic-pages/logo.xpm create mode 100644 tv/configs/AO753.nix create mode 100644 tv/configs/CAC-CentOS-7-64bit.nix create mode 100644 tv/configs/CAC-Developer-1.nix create mode 100644 tv/configs/CAC-Developer-2.nix create mode 100644 tv/configs/base.nix create mode 100644 tv/configs/bash_completion.sh create mode 100644 tv/configs/charybdis.nix create mode 100644 tv/configs/consul-client.nix create mode 100644 tv/configs/consul-server.nix create mode 100644 tv/configs/cryptoroot.nix create mode 100644 tv/configs/exim-retiolum.nix create mode 100644 tv/configs/exim-smarthost.nix create mode 100644 tv/configs/git.nix create mode 100644 tv/configs/mail-client.nix create mode 100644 tv/configs/smartd.nix create mode 100644 tv/configs/synaptics.nix create mode 100644 tv/configs/urlwatch.nix create mode 100644 tv/configs/urxvt.nix create mode 100644 tv/configs/w110er.nix create mode 100644 tv/configs/xserver.nix create mode 100644 tv/lib/default.nix create mode 100644 tv/lib/git.nix create mode 100644 tv/lib/modules.nix create mode 100644 tv/modules/consul.nix create mode 100644 tv/modules/default.nix create mode 100644 tv/modules/ejabberd.nix create mode 100644 tv/modules/iptables.nix create mode 100644 tv/pkgs/charybdis/default.nix create mode 100644 tv/pkgs/charybdis/remove-setenv.patch create mode 100644 tv/pkgs/default.nix create mode 100644 tv/pkgs/lentil/1.patch create mode 100644 tv/pkgs/lentil/default.nix create mode 100644 tv/pkgs/lentil/syntaxes.patch create mode 100644 tv/pkgs/much.nix create mode 100644 tv/pkgs/viljetic-pages/default.nix create mode 100644 tv/pkgs/viljetic-pages/index.html create mode 100644 tv/pkgs/viljetic-pages/logo.xpm create mode 100644 tv/systems/cd.nix create mode 100644 tv/systems/mkdir.nix create mode 100644 tv/systems/nomic.nix create mode 100644 tv/systems/rmdir.nix create mode 100644 tv/systems/wu.nix diff --git a/1systems/tv/cd.nix b/1systems/tv/cd.nix deleted file mode 100644 index 6913508b5..000000000 --- a/1systems/tv/cd.nix +++ /dev/null @@ -1,127 +0,0 @@ -{ config, lib, pkgs, ... }: - -with lib; - -let - Zpkgs = import ../../Zpkgs/tv { inherit pkgs; }; -in - -{ - krebs.build.host = config.krebs.hosts.cd; - - imports = [ - ../../2configs/tv/CAC-Developer-2.nix - ../../2configs/tv/CAC-CentOS-7-64bit.nix - ../../2configs/tv/base.nix - ../../2configs/tv/consul-server.nix - ../../2configs/tv/exim-smarthost.nix - ../../2configs/tv/git.nix - { - imports = [ ../../2configs/tv/charybdis.nix ]; - tv.charybdis = { - enable = true; - sslCert = ../../Zcerts/charybdis_cd.crt.pem; - }; - } - { - tv.ejabberd = { - enable = true; - hosts = [ "jabber.viljetic.de" ]; - }; - } - { - krebs.github-hosts-sync.enable = true; - tv.iptables.input-internet-accept-new-tcp = - singleton config.krebs.github-hosts-sync.port; - } - { - tv.iptables = { - enable = true; - input-internet-accept-new-tcp = [ - "ssh" - "tinc" - "smtp" - "xmpp-client" - "xmpp-server" - ]; - input-retiolum-accept-new-tcp = [ - "http" - ]; - }; - } - { - tv.iptables.input-internet-accept-new-tcp = singleton "http"; - krebs.nginx.servers.cgit.server-names = singleton "cgit.cd.viljetic.de"; - } - { - # TODO make public_html also available to cd, cd.retiolum (AKA default) - tv.iptables.input-internet-accept-new-tcp = singleton "http"; - krebs.nginx.servers.public_html = { - server-names = singleton "cd.viljetic.de"; - locations = singleton (nameValuePair "~ ^/~(.+?)(/.*)?\$" '' - alias /home/$1/public_html$2; - ''); - }; - } - { - krebs.nginx.servers.viljetic = { - server-names = singleton "viljetic.de"; - # TODO directly set root (instead via location) - locations = singleton (nameValuePair "/" '' - root ${Zpkgs.viljetic-pages}; - ''); - }; - } - { - krebs.retiolum = { - enable = true; - connectTo = [ - "fastpoke" - "pigstarter" - "ire" - ]; - }; - } - ]; - - networking.interfaces.enp2s1.ip4 = [ - { - address = "162.219.7.216"; - prefixLength = 24; - } - ]; - networking.defaultGateway = "162.219.7.1"; - networking.nameservers = [ - "8.8.8.8" - ]; - - environment.systemPackages = with pkgs; [ - git # required for ./deploy, clone_or_update - htop - iftop - iotop - iptables - mutt # for mv - nethogs - rxvt_unicode.terminfo - tcpdump - ]; - - services.journald.extraConfig = '' - SystemMaxUse=1G - RuntimeMaxUse=128M - ''; - - users.extraUsers = { - mv = { - uid = 1338; - group = "users"; - home = "/home/mv"; - createHome = true; - useDefaultShell = true; - openssh.authorizedKeys.keys = [ - config.krebs.users.mv.pubkey - ]; - }; - }; -} diff --git a/1systems/tv/mkdir.nix b/1systems/tv/mkdir.nix deleted file mode 100644 index 7542ad0ce..000000000 --- a/1systems/tv/mkdir.nix +++ /dev/null @@ -1,67 +0,0 @@ -{ config, lib, pkgs, ... }: - -with lib; - -{ - krebs.build.host = config.krebs.hosts.mkdir; - - imports = [ - ../../2configs/tv/CAC-Developer-1.nix - ../../2configs/tv/CAC-CentOS-7-64bit.nix - ../../2configs/tv/base.nix - ../../2configs/tv/consul-server.nix - ../../2configs/tv/exim-smarthost.nix - ../../2configs/tv/git.nix - { - tv.iptables = { - enable = true; - input-internet-accept-new-tcp = [ - "ssh" - "tinc" - "smtp" - ]; - input-retiolum-accept-new-tcp = [ - "http" - ]; - }; - } - { - krebs.retiolum = { - enable = true; - connectTo = [ - "cd" - "fastpoke" - "pigstarter" - "ire" - ]; - }; - } - ]; - - networking.interfaces.enp2s1.ip4 = [ - { - address = "162.248.167.241"; # TODO - prefixLength = 24; - } - ]; - networking.defaultGateway = "162.248.167.1"; - networking.nameservers = [ - "8.8.8.8" - ]; - - environment.systemPackages = with pkgs; [ - git # required for ./deploy, clone_or_update - htop - iftop - iotop - iptables - nethogs - rxvt_unicode.terminfo - tcpdump - ]; - - services.journald.extraConfig = '' - SystemMaxUse=1G - RuntimeMaxUse=128M - ''; -} diff --git a/1systems/tv/nomic.nix b/1systems/tv/nomic.nix deleted file mode 100644 index cd6e02596..000000000 --- a/1systems/tv/nomic.nix +++ /dev/null @@ -1,100 +0,0 @@ -{ config, lib, pkgs, ... }: - -with lib; - -{ - krebs.build.host = config.krebs.hosts.nomic; - - imports = [ - ../../2configs/tv/AO753.nix - ../../2configs/tv/base.nix - ../../2configs/tv/consul-server.nix - ../../2configs/tv/exim-retiolum.nix - ../../2configs/tv/git.nix - { - tv.iptables = { - enable = true; - input-internet-accept-new-tcp = [ - "ssh" - "http" - "tinc" - "smtp" - ]; - }; - } - { - krebs.nginx = { - enable = true; - servers.default.locations = [ - (nameValuePair "~ ^/~(.+?)(/.*)?\$" '' - alias /home/$1/public_html$2; - '') - ]; - }; - } - { - krebs.retiolum = { - enable = true; - connectTo = [ - "gum" - "pigstarter" - ]; - }; - } - ]; - - boot.initrd.luks = { - cryptoModules = [ "aes" "sha1" "xts" ]; - devices = [ - { - name = "luks1"; - device = "/dev/disk/by-uuid/cac73902-1023-4906-8e95-3a8b245337d4"; - } - ]; - }; - - fileSystems."/" = - { device = "/dev/disk/by-uuid/de4780fc-0473-4708-81df-299b7383274c"; - fsType = "btrfs"; - }; - - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/be3a1d80-3157-4d7c-86cc-ef01b64eff5e"; - fsType = "ext4"; - }; - - fileSystems."/home" = - { device = "/dev/disk/by-uuid/9db9c8ff-51da-4cbd-9f0a-0cd3333bbaff"; - fsType = "btrfs"; - }; - - swapDevices = [ ]; - - nix = { - buildCores = 2; - maxJobs = 2; - daemonIONiceLevel = 1; - daemonNiceLevel = 1; - }; - - # TODO base - boot.tmpOnTmpfs = true; - - environment.systemPackages = with pkgs; [ - (writeScriptBin "play" '' - #! /bin/sh - set -euf - mpv() { exec ${mpv}/bin/mpv "$@"; } - case $1 in - deepmix) mpv http://deepmix.ru/deepmix128.pls;; - groovesalad) mpv http://somafm.com/play/groovesalad;; - ntslive) mpv http://listen2.ntslive.co.uk/listen.pls;; - *) - echo "$0: bad argument: $*" >&2 - exit 23 - esac - '') - rxvt_unicode.terminfo - tmux - ]; -} diff --git a/1systems/tv/rmdir.nix b/1systems/tv/rmdir.nix deleted file mode 100644 index 9233014ba..000000000 --- a/1systems/tv/rmdir.nix +++ /dev/null @@ -1,68 +0,0 @@ -{ config, lib, pkgs, ... }: - -with lib; - -{ - krebs.build.host = config.krebs.hosts.rmdir; - - imports = [ - ../../2configs/tv/CAC-Developer-1.nix - ../../2configs/tv/CAC-CentOS-7-64bit.nix - ../../2configs/tv/base.nix - ../../2configs/tv/consul-server.nix - ../../2configs/tv/exim-smarthost.nix - ../../2configs/tv/git.nix - { - tv.iptables = { - enable = true; - input-internet-accept-new-tcp = [ - "ssh" - "tinc" - "smtp" - ]; - input-retiolum-accept-new-tcp = [ - "http" - ]; - }; - } - { - krebs.retiolum = { - enable = true; - connectTo = [ - "cd" - "mkdir" - "fastpoke" - "pigstarter" - "ire" - ]; - }; - } - ]; - - networking.interfaces.enp2s1.ip4 = [ - { - address = "167.88.44.94"; - prefixLength = 24; - } - ]; - networking.defaultGateway = "167.88.44.1"; - networking.nameservers = [ - "8.8.8.8" - ]; - - environment.systemPackages = with pkgs; [ - git # required for ./deploy, clone_or_update - htop - iftop - iotop - iptables - nethogs - rxvt_unicode.terminfo - tcpdump - ]; - - services.journald.extraConfig = '' - SystemMaxUse=1G - RuntimeMaxUse=128M - ''; -} diff --git a/1systems/tv/wu.nix b/1systems/tv/wu.nix deleted file mode 100644 index 9228e65ca..000000000 --- a/1systems/tv/wu.nix +++ /dev/null @@ -1,393 +0,0 @@ -{ config, lib, pkgs, ... }: - -with lib; - -let - Zpkgs = import ../../Zpkgs/tv { inherit pkgs; }; -in - -{ - krebs.build.host = config.krebs.hosts.wu; - - imports = [ - ../../2configs/tv/w110er.nix - ../../2configs/tv/base.nix - ../../2configs/tv/consul-client.nix - ../../2configs/tv/exim-retiolum.nix - ../../2configs/tv/git.nix - ../../2configs/tv/mail-client.nix - ../../2configs/tv/xserver.nix - ../../2configs/tv/synaptics.nix # TODO w110er if xserver is enabled - ../../2configs/tv/urlwatch.nix - { - environment.systemPackages = with pkgs; [ - - # stockholm - git - gnumake - parallel - Zpkgs.genid - Zpkgs.hashPassword - Zpkgs.lentil - (pkgs.writeScriptBin "ff" '' - #! ${pkgs.bash}/bin/bash - exec sudo -u ff -i < "74" - majmin = x: concatStrings (take 2 (splitString "." x)); -in - -{ - krebs.enable = true; - krebs.search-domain = "retiolum"; - - networking.hostName = config.krebs.build.host.name; - - imports = [ - { - users.extraUsers = - mapAttrs (_: h: { hashedPassword = h; }) - (import /root/src/secrets/hashedPasswords.nix); - } - { - users.defaultUserShell = "/run/current-system/sw/bin/bash"; - users.mutableUsers = false; - } - { - users.extraUsers = { - root = { - openssh.authorizedKeys.keys = [ - config.krebs.users.tv.pubkey - ]; - }; - tv = { - uid = 1337; - group = "users"; - home = "/home/tv"; - createHome = true; - useDefaultShell = true; - extraGroups = [ - "audio" - "video" - "wheel" - ]; - openssh.authorizedKeys.keys = [ - config.krebs.users.tv.pubkey - ]; - }; - }; - } - { - security.sudo.extraConfig = '' - Defaults mailto="${config.krebs.users.tv.mail}" - ''; - time.timeZone = "Europe/Berlin"; - } - { - # TODO check if both are required: - nix.chrootDirs = [ "/etc/protocols" pkgs.iana_etc.outPath ]; - - nix.trustedBinaryCaches = [ - "https://cache.nixos.org" - "http://cache.nixos.org" - "http://hydra.nixos.org" - ]; - - nix.useChroot = true; - } - { - # oldvim - environment.systemPackages = with pkgs; [ - vim - ]; - - environment.etc."vim/vimrc".text = '' - set nocp - ''; - - environment.etc."vim/vim${majmin pkgs.vim.version}".source = - "${pkgs.vim}/share/vim/vim${majmin pkgs.vim.version}"; - - # multiple-definition-problem when defining environment.variables.EDITOR - environment.extraInit = '' - EDITOR=vim - ''; - - environment.variables.VIM = "/etc/vim"; - } - { - environment.systemPackages = with pkgs; [ - rxvt_unicode.terminfo - ]; - - environment.shellAliases = { - # alias cal='cal -m3' - gp = "${pkgs.pari}/bin/gp -q"; - df = "df -h"; - du = "du -h"; - # alias grep='grep --color=auto' - - # TODO alias cannot contain #\' - # "ps?" = "ps ax | head -n 1;ps ax | fgrep -v ' grep --color=auto ' | grep"; - - # alias la='ls -lA' - lAtr = "ls -lAtr"; - # alias ll='ls -l' - ls = "ls -h --color=auto --group-directories-first"; - # alias vim='vim -p' - # alias vi='vim' - # alias view='vim -R' - dmesg = "dmesg -L --reltime"; - }; - - programs.bash = { - interactiveShellInit = '' - HISTCONTROL='erasedups:ignorespace' - HISTSIZE=65536 - HISTFILESIZE=$HISTSIZE - - shopt -s checkhash - shopt -s histappend histreedit histverify - shopt -s no_empty_cmd_completion - complete -d cd - - ${readFile ./bash_completion.sh} - - # TODO source bridge - ''; - promptInit = '' - case $UID in - 0) - PS1='\[\e[1;31m\]\w\[\e[0m\] ' - ;; - 1337) - PS1='\[\e[1;32m\]\w\[\e[0m\] ' - ;; - *) - PS1='\[\e[1;35m\]\u \[\e[1;32m\]\w\[\e[0m\] ' - ;; - esac - if test -n "$SSH_CLIENT"; then - PS1='\[\e[35m\]\h'" $PS1" - fi - if test -n "$SSH_AGENT_PID"; then - PS1="ssh-agent[$SSH_AGENT_PID] $PS1" - fi - ''; - }; - - programs.ssh.startAgent = false; - } - - { - nixpkgs.config.packageOverrides = pkgs: - { - nano = pkgs.runCommand "empty" {} "mkdir -p $out"; - }; - - services.cron.enable = false; - services.nscd.enable = false; - services.ntp.enable = false; - } - - { - boot.kernel.sysctl = { - # Enable IPv6 Privacy Extensions - "net.ipv6.conf.all.use_tempaddr" = 2; - "net.ipv6.conf.default.use_tempaddr" = 2; - }; - } - - { - services.openssh = { - enable = true; - hostKeys = [ - { type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; } - ]; - }; - } - - { - # TODO: exim - security.setuidPrograms = [ - "sendmail" # for sudo - ]; - } - ]; -} diff --git a/2configs/tv/bash_completion.sh b/2configs/tv/bash_completion.sh deleted file mode 100644 index 537484fb9..000000000 --- a/2configs/tv/bash_completion.sh +++ /dev/null @@ -1,779 +0,0 @@ - -# Expand variable starting with tilde (~) -# We want to expand ~foo/... to /home/foo/... to avoid problems when -# word-to-complete starting with a tilde is fed to commands and ending up -# quoted instead of expanded. -# Only the first portion of the variable from the tilde up to the first slash -# (~../) is expanded. The remainder of the variable, containing for example -# a dollar sign variable ($) or asterisk (*) is not expanded. -# Example usage: -# -# $ v="~"; __expand_tilde_by_ref v; echo "$v" -# -# Example output: -# -# v output -# -------- ---------------- -# ~ /home/user -# ~foo/bar /home/foo/bar -# ~foo/$HOME /home/foo/$HOME -# ~foo/a b /home/foo/a b -# ~foo/* /home/foo/* -# -# @param $1 Name of variable (not the value of the variable) to expand -__expand_tilde_by_ref() -{ - # Does $1 start with tilde (~)? - if [[ ${!1} == \~* ]]; then - # Does $1 contain slash (/)? - if [[ ${!1} == */* ]]; then - # Yes, $1 contains slash; - # 1: Remove * including and after first slash (/), i.e. "~a/b" - # becomes "~a". Double quotes allow eval. - # 2: Remove * before the first slash (/), i.e. "~a/b" - # becomes "b". Single quotes prevent eval. - # +-----1----+ +---2----+ - eval $1="${!1/%\/*}"/'${!1#*/}' - else - # No, $1 doesn't contain slash - eval $1="${!1}" - fi - fi -} # __expand_tilde_by_ref() - - -# Get the word to complete. -# This is nicer than ${COMP_WORDS[$COMP_CWORD]}, since it handles cases -# where the user is completing in the middle of a word. -# (For example, if the line is "ls foobar", -# and the cursor is here --------> ^ -# @param $1 string Characters out of $COMP_WORDBREAKS which should NOT be -# considered word breaks. This is useful for things like scp where -# we want to return host:path and not only path, so we would pass the -# colon (:) as $1 in this case. -# @param $2 integer Index number of word to return, negatively offset to the -# current word (default is 0, previous is 1), respecting the exclusions -# given at $1. For example, `_get_cword "=:" 1' returns the word left of -# the current word, respecting the exclusions "=:". -# @deprecated Use `_get_comp_words_by_ref cur' instead -# @see _get_comp_words_by_ref() -_get_cword() -{ - local LC_CTYPE=C - local cword words - __reassemble_comp_words_by_ref "$1" words cword - - # return previous word offset by $2 - if [[ ${2//[^0-9]/} ]]; then - printf "%s" "${words[cword-$2]}" - elif [[ "${#words[cword]}" -eq 0 || "$COMP_POINT" == "${#COMP_LINE}" ]]; then - printf "%s" "${words[cword]}" - else - local i - local cur="$COMP_LINE" - local index="$COMP_POINT" - for (( i = 0; i <= cword; ++i )); do - while [[ - # Current word fits in $cur? - "${#cur}" -ge ${#words[i]} && - # $cur doesn't match cword? - "${cur:0:${#words[i]}}" != "${words[i]}" - ]]; do - # Strip first character - cur="${cur:1}" - # Decrease cursor position - ((index--)) - done - - # Does found word matches cword? - if [[ "$i" -lt "$cword" ]]; then - # No, cword lies further; - local old_size="${#cur}" - cur="${cur#${words[i]}}" - local new_size="${#cur}" - index=$(( index - old_size + new_size )) - fi - done - - if [[ "${words[cword]:0:${#cur}}" != "$cur" ]]; then - # We messed up! At least return the whole word so things - # keep working - printf "%s" "${words[cword]}" - else - printf "%s" "${cur:0:$index}" - fi - fi -} # _get_cword() - - -# Get word previous to the current word. -# This is a good alternative to `prev=${COMP_WORDS[COMP_CWORD-1]}' because bash4 -# will properly return the previous word with respect to any given exclusions to -# COMP_WORDBREAKS. -# @deprecated Use `_get_comp_words_by_ref cur prev' instead -# @see _get_comp_words_by_ref() -# -_get_pword() -{ - if [[ $COMP_CWORD -ge 1 ]]; then - _get_cword "${@:-}" 1 - fi -} - - - -# Complete variables. -# @return True (0) if variables were completed, -# False (> 0) if not. -_variables() -{ - if [[ $cur =~ ^(\$\{?)([A-Za-z0-9_]*)$ ]]; then - [[ $cur == *{* ]] && local suffix=} || local suffix= - COMPREPLY+=( $( compgen -P ${BASH_REMATCH[1]} -S "$suffix" -v -- \ - "${BASH_REMATCH[2]}" ) ) - return 0 - fi - return 1 -} - -# Assign variable one scope above the caller -# Usage: local "$1" && _upvar $1 "value(s)" -# Param: $1 Variable name to assign value to -# Param: $* Value(s) to assign. If multiple values, an array is -# assigned, otherwise a single value is assigned. -# NOTE: For assigning multiple variables, use '_upvars'. Do NOT -# use multiple '_upvar' calls, since one '_upvar' call might -# reassign a variable to be used by another '_upvar' call. -# See: http://fvue.nl/wiki/Bash:_Passing_variables_by_reference -_upvar() -{ - if unset -v "$1"; then # Unset & validate varname - if (( $# == 2 )); then - eval $1=\"\$2\" # Return single value - else - eval $1=\(\"\${@:2}\"\) # Return array - fi - fi -} - -# Assign variables one scope above the caller -# Usage: local varname [varname ...] && -# _upvars [-v varname value] | [-aN varname [value ...]] ... -# Available OPTIONS: -# -aN Assign next N values to varname as array -# -v Assign single value to varname -# Return: 1 if error occurs -# See: http://fvue.nl/wiki/Bash:_Passing_variables_by_reference -_upvars() -{ - if ! (( $# )); then - echo "${FUNCNAME[0]}: usage: ${FUNCNAME[0]} [-v varname"\ - "value] | [-aN varname [value ...]] ..." 1>&2 - return 2 - fi - while (( $# )); do - case $1 in - -a*) - # Error checking - [[ ${1#-a} ]] || { echo "bash: ${FUNCNAME[0]}: \`$1': missing"\ - "number specifier" 1>&2; return 1; } - printf %d "${1#-a}" &> /dev/null || { echo "bash:"\ - "${FUNCNAME[0]}: \`$1': invalid number specifier" 1>&2 - return 1; } - # Assign array of -aN elements - [[ "$2" ]] && unset -v "$2" && eval $2=\(\"\${@:3:${1#-a}}\"\) && - shift $((${1#-a} + 2)) || { echo "bash: ${FUNCNAME[0]}:"\ - "\`$1${2+ }$2': missing argument(s)" 1>&2; return 1; } - ;; - -v) - # Assign single value - [[ "$2" ]] && unset -v "$2" && eval $2=\"\$3\" && - shift 3 || { echo "bash: ${FUNCNAME[0]}: $1: missing"\ - "argument(s)" 1>&2; return 1; } - ;; - *) - echo "bash: ${FUNCNAME[0]}: $1: invalid option" 1>&2 - return 1 ;; - esac - done -} - -# @param $1 exclude Characters out of $COMP_WORDBREAKS which should NOT be -# considered word breaks. This is useful for things like scp where -# we want to return host:path and not only path, so we would pass the -# colon (:) as $1 in this case. -# @param $2 words Name of variable to return words to -# @param $3 cword Name of variable to return cword to -# @param $4 cur Name of variable to return current word to complete to -# @see __reassemble_comp_words_by_ref() -__get_cword_at_cursor_by_ref() -{ - local cword words=() - __reassemble_comp_words_by_ref "$1" words cword - - local i cur index=$COMP_POINT lead=${COMP_LINE:0:$COMP_POINT} - # Cursor not at position 0 and not leaded by just space(s)? - if [[ $index -gt 0 && ( $lead && ${lead//[[:space:]]} ) ]]; then - cur=$COMP_LINE - for (( i = 0; i <= cword; ++i )); do - while [[ - # Current word fits in $cur? - ${#cur} -ge ${#words[i]} && - # $cur doesn't match cword? - "${cur:0:${#words[i]}}" != "${words[i]}" - ]]; do - # Strip first character - cur="${cur:1}" - # Decrease cursor position - ((index--)) - done - - # Does found word match cword? - if [[ $i -lt $cword ]]; then - # No, cword lies further; - local old_size=${#cur} - cur="${cur#"${words[i]}"}" - local new_size=${#cur} - index=$(( index - old_size + new_size )) - fi - done - # Clear $cur if just space(s) - [[ $cur && ! ${cur//[[:space:]]} ]] && cur= - # Zero $index if negative - [[ $index -lt 0 ]] && index=0 - fi - - local "$2" "$3" "$4" && _upvars -a${#words[@]} $2 "${words[@]}" \ - -v $3 "$cword" -v $4 "${cur:0:$index}" -} - -# Reassemble command line words, excluding specified characters from the -# list of word completion separators (COMP_WORDBREAKS). -# @param $1 chars Characters out of $COMP_WORDBREAKS which should -# NOT be considered word breaks. This is useful for things like scp where -# we want to return host:path and not only path, so we would pass the -# colon (:) as $1 here. -# @param $2 words Name of variable to return words to -# @param $3 cword Name of variable to return cword to -# -__reassemble_comp_words_by_ref() -{ - local exclude i j line ref - # Exclude word separator characters? - if [[ $1 ]]; then - # Yes, exclude word separator characters; - # Exclude only those characters, which were really included - exclude="${1//[^$COMP_WORDBREAKS]}" - fi - - # Default to cword unchanged - eval $3=$COMP_CWORD - # Are characters excluded which were former included? - if [[ $exclude ]]; then - # Yes, list of word completion separators has shrunk; - line=$COMP_LINE - # Re-assemble words to complete - for (( i=0, j=0; i < ${#COMP_WORDS[@]}; i++, j++)); do - # Is current word not word 0 (the command itself) and is word not - # empty and is word made up of just word separator characters to - # be excluded and is current word not preceded by whitespace in - # original line? - while [[ $i -gt 0 && ${COMP_WORDS[$i]} == +([$exclude]) ]]; do - # Is word separator not preceded by whitespace in original line - # and are we not going to append to word 0 (the command - # itself), then append to current word. - [[ $line != [$' \t']* ]] && (( j >= 2 )) && ((j--)) - # Append word separator to current or new word - ref="$2[$j]" - eval $2[$j]=\${!ref}\${COMP_WORDS[i]} - # Indicate new cword - [[ $i == $COMP_CWORD ]] && eval $3=$j - # Remove optional whitespace + word separator from line copy - line=${line#*"${COMP_WORDS[$i]}"} - # Start new word if word separator in original line is - # followed by whitespace. - [[ $line == [$' \t']* ]] && ((j++)) - # Indicate next word if available, else end *both* while and - # for loop - (( $i < ${#COMP_WORDS[@]} - 1)) && ((i++)) || break 2 - done - # Append word to current word - ref="$2[$j]" - eval $2[$j]=\${!ref}\${COMP_WORDS[i]} - # Remove optional whitespace + word from line copy - line=${line#*"${COMP_WORDS[i]}"} - # Indicate new cword - [[ $i == $COMP_CWORD ]] && eval $3=$j - done - [[ $i == $COMP_CWORD ]] && eval $3=$j - else - # No, list of word completions separators hasn't changed; - eval $2=\( \"\${COMP_WORDS[@]}\" \) - fi -} # __reassemble_comp_words_by_ref() - - -# If the word-to-complete contains a colon (:), left-trim COMPREPLY items with -# word-to-complete. -# With a colon in COMP_WORDBREAKS, words containing -# colons are always completed as entire words if the word to complete contains -# a colon. This function fixes this, by removing the colon-containing-prefix -# from COMPREPLY items. -# The preferred solution is to remove the colon (:) from COMP_WORDBREAKS in -# your .bashrc: -# -# # Remove colon (:) from list of word completion separators -# COMP_WORDBREAKS=${COMP_WORDBREAKS//:} -# -# See also: Bash FAQ - E13) Why does filename completion misbehave if a colon -# appears in the filename? - http://tiswww.case.edu/php/chet/bash/FAQ -# @param $1 current word to complete (cur) -# @modifies global array $COMPREPLY -# -__ltrim_colon_completions() -{ - if [[ "$1" == *:* && "$COMP_WORDBREAKS" == *:* ]]; then - # Remove colon-word prefix from COMPREPLY items - local colon_word=${1%"${1##*:}"} - local i=${#COMPREPLY[*]} - while [[ $((--i)) -ge 0 ]]; do - COMPREPLY[$i]=${COMPREPLY[$i]#"$colon_word"} - done - fi -} # __ltrim_colon_completions() - - -# NOTE: Using this function as a helper function is deprecated. Use -# `_known_hosts_real' instead. -_known_hosts() -{ - local cur prev words cword - _init_completion -n : || return - - # NOTE: Using `_known_hosts' as a helper function and passing options