From: Ismaƫl Bouya Date: Wed, 19 Dec 2018 00:39:00 +0000 (+0100) Subject: multiple improvements X-Git-Tag: nur_publish~425 X-Git-Url: https://git.immae.eu/?p=perso%2FImmae%2FConfig%2FNix.git;a=commitdiff_plain;h=6b53d1164c3b51999ffef9e11587285c1ac9c7c9 multiple improvements Add a generic fetch_git script. New applications: pal duplicity duply pdftk googler jrnl apg newsboat vcsh xmr-stak urlwatch pass --- diff --git a/default.nix b/default.nix index d828027..5227b47 100644 --- a/default.nix +++ b/default.nix @@ -10,6 +10,15 @@ let src = fetchFromGitHub json.github; }; + fetchedGit = path: + let + json = lib.importJSON path; + in rec { + version = json.tag; + name = "${json.meta.name}-${version}"; + src = fetchgit json.git; + }; + ledger = (nixpkgs.ledger.override { boost = boost166; }).overrideAttrs (oldAttrs: fetchedGithub ./fetched/ledger.json // { postInstall = ""; @@ -50,11 +59,15 @@ let configureFlags = oldAttrs.configureFlags ++ [ "--with-slrnpull" ]; }); - ldapvi = nixpkgs.ldapvi.overrideAttrs (oldAttrs: rec { - name = "ldapvi-${version}"; - version = "f1d42ba-master"; - src = fetchgit (lib.importJSON ./ldapvi.json); - }); + ldapvi = nixpkgs.ldapvi.overrideAttrs (oldAttrs: fetchedGit ./fetched/ldapvi.json); + + nixos = import ./nixos_tools.nix {}; + + pass = nixpkgs.pass.overrideAttrs (oldAttrs: + fetchedGit ./fetched/pass.json // { + patches = oldAttrs.patches ++ [ ./patches/pass-fix-pass-init.patch ]; + } + ); #weechat = callPackage nixpkgs.weechat { guileSupport = false; luaSupport = false; rubySupport = false; tclSupport = false; }; in @@ -66,4 +79,16 @@ in inherit slrn; inherit sc-im; inherit ldapvi; + inherit pal; + inherit duplicity duply; + inherit pdftk; + inherit googler; + inherit jrnl; + inherit apg; + inherit newsboat; + inherit vcsh; + inherit xmr-stak; + inherit urlwatch; + inherit pass; + #inherit nixos; } diff --git a/fetch_version b/fetch_version index db0af1b..cbbeb64 100755 --- a/fetch_version +++ b/fetch_version @@ -2,7 +2,7 @@ usage() { echo "$0 file.json" - echo "$0 [-n|--name name] [-b|--branch branch] [-h|--help] (-u|--url) url" + echo "$0 [-n|--name name] [-b|--branch branch] [-f|--file out_file] [-h|--help] (-u|--url) url" exit } @@ -17,6 +17,7 @@ while [[ $# -gt 0 ]]; do name="$(echo "$content" | jq -r ".meta.name")" url="$(echo "$content" | jq -r ".meta.url")" branch="$(echo "$content" | jq -r ".meta.branch")" + break ;; -n|--name) name=$1 @@ -30,6 +31,10 @@ while [[ $# -gt 0 ]]; do branch=$1 shift ;; + -f|--file) + file=$1 + shift + ;; -h|--help) usage ;; @@ -75,26 +80,52 @@ function fetch_github () { tag=${rev:0:7}-$branch } -fetch_github 2>/dev/null +function fetch_other () { + rev="$(git ls-remote --refs $url refs/heads/$branch | head -n1 | cut -f1)" + sha="$(nix-prefetch-git --url $url --rev refs/heads/$branch | jq -r '.sha256')" + tag=${rev:0:7}-$branch +} -owner=$(echo "$url" | cut -d"/" -f4) -repo=$(echo "$url" | cut -d"/" -f5) +case "$url" in + https://*github.com/*) + fetch_github 2>/dev/null + owner=$(echo "$url" | cut -d"/" -f4) + repo=$(echo "$url" | cut -d"/" -f5) -F='{ - "tag": $tag, - "meta": { - "name": $name, - "url": $url, - "branch": $branch - }, - "github": { - "owner": $owner, - "repo": $repo, - "rev": $rev, - "sha256": $sha, - "fetchSubmodules": true - } -}' + F='{ + "tag": $tag, + "meta": { + "name": $name, + "url": $url, + "branch": $branch + }, + "github": { + "owner": $owner, + "repo": $repo, + "rev": $rev, + "sha256": $sha, + "fetchSubmodules": true + } + }' + ;; + *) + fetch_other 2>/dev/null + F='{ + "tag": $tag, + "meta": { + "name": $name, + "url": $url, + "branch": $branch + }, + "git": { + "url": $url, + "rev": $rev, + "sha256": $sha, + "fetchSubmodules": true + } + }' + ;; +esac jq -n \ --arg name "$name" \ diff --git a/fetched/ldapvi.json b/fetched/ldapvi.json new file mode 100644 index 0000000..ceaff71 --- /dev/null +++ b/fetched/ldapvi.json @@ -0,0 +1,14 @@ +{ + "tag": "f1d42ba-master", + "meta": { + "name": "ldapvi", + "url": "http://www.lichteblau.com/git/ldapvi.git", + "branch": "master" + }, + "git": { + "url": "http://www.lichteblau.com/git/ldapvi.git", + "rev": "f1d42bad66cc4623d1ff21fbd5dddbf5009d3e40", + "sha256": "0c2h4b1spp9z6a16gy9azf0wyxq397yy7001x1zlvc7c60q11wry", + "fetchSubmodules": true + } +} diff --git a/fetched/pass.json b/fetched/pass.json new file mode 100644 index 0000000..a4638c1 --- /dev/null +++ b/fetched/pass.json @@ -0,0 +1,14 @@ +{ + "tag": "d29a389-master", + "meta": { + "name": "password-store", + "url": "https://git.zx2c4.com/password-store/", + "branch": "master" + }, + "git": { + "url": "https://git.zx2c4.com/password-store/", + "rev": "d29a389a40524c684595f51bb937f66958bc14ea", + "sha256": "17g43i0if9nggcq6005iyxxy9my8s15ihc2nzwjgqzhy3svh5xvn", + "fetchSubmodules": true + } +} diff --git a/ldapvi.json b/ldapvi.json deleted file mode 100644 index d04f22c..0000000 --- a/ldapvi.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "url": "http://www.lichteblau.com/git/ldapvi.git", - "rev": "f1d42bad66cc4623d1ff21fbd5dddbf5009d3e40", - "sha256": "0c2h4b1spp9z6a16gy9azf0wyxq397yy7001x1zlvc7c60q11wry", - "fetchSubmodules": false -} diff --git a/nixos_tools.nix b/nixos_tools.nix new file mode 100644 index 0000000..0b52e8d --- /dev/null +++ b/nixos_tools.nix @@ -0,0 +1,4 @@ +_: +with import { configuration = {}; }; +with config.system.build; + [ nixos-generate-config nixos-install nixos-enter manual.manpages ] diff --git a/patches/pass-fix-pass-init.patch b/patches/pass-fix-pass-init.patch new file mode 100644 index 0000000..10a76c1 --- /dev/null +++ b/patches/pass-fix-pass-init.patch @@ -0,0 +1,42 @@ +From 33e8f1cd0065639a948d7b5ba3f93d43bdf7f3be Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= +Date: Sun, 11 Nov 2018 19:47:33 +0100 +Subject: [PATCH] Fix pass init for some gpg keys + +This fixes the pass init for gpg keys which have their main key as +encryption key. This may happen for instance with RSA keys and specific +configuration. +--- + src/password-store.sh | 2 +- + tests/t0300-reencryption.sh | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/password-store.sh b/src/password-store.sh +index d89d455..44d122e 100755 +--- a/src/password-store.sh ++++ b/src/password-store.sh +@@ -124,7 +124,7 @@ reencrypt_path() { + IFS=";" eval 'GPG_RECIPIENTS+=( $group )' # http://unix.stackexchange.com/a/92190 + unset "GPG_RECIPIENTS[$index]" + done +- gpg_keys="$($GPG $PASSWORD_STORE_GPG_OPTS --list-keys --with-colons "${GPG_RECIPIENTS[@]}" | sed -n 's/^sub:[^:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p' | LC_ALL=C sort -u)" ++ gpg_keys="$($GPG $PASSWORD_STORE_GPG_OPTS --list-keys --with-colons "${GPG_RECIPIENTS[@]}" | sed -n 's/^[ps]ub:[^:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p' | LC_ALL=C sort -u)" + fi + current_keys="$(LC_ALL=C $GPG $PASSWORD_STORE_GPG_OPTS -v --no-secmem-warning --no-permission-warning --decrypt --list-only --keyid-format long "$passfile" 2>&1 | sed -n 's/^gpg: public key is \([A-F0-9]\+\)$/\1/p' | LC_ALL=C sort -u)" + +diff --git a/tests/t0300-reencryption.sh b/tests/t0300-reencryption.sh +index 3c88987..57d873f 100755 +--- a/tests/t0300-reencryption.sh ++++ b/tests/t0300-reencryption.sh +@@ -7,7 +7,7 @@ cd "$(dirname "$0")" + INITIAL_PASSWORD="will this password live? a big question indeed..." + + canonicalize_gpg_keys() { +- $GPG --list-keys --with-colons "$@" | sed -n 's/sub:[^:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p' | LC_ALL=C sort -u ++ $GPG --list-keys --with-colons "$@" | sed -n 's/[ps]ub:[^:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p' | LC_ALL=C sort -u + } + gpg_keys_from_encrypted_file() { + $GPG -v --no-secmem-warning --no-permission-warning --decrypt --list-only --keyid-format long "$1" 2>&1 | grep "public key is" | cut -d ' ' -f 5 | LC_ALL=C sort -u +-- +2.19.1 +