7 files changed, 154 insertions, 30 deletions
diff --git a/default.nix b/default.nix
index d828027..5227b47 100644
--- a/default.nix
+++ b/default.nix
@@ -10,6 +10,15 @@ let
      src = fetchFromGitHub json.github;
    };
+  fetchedGit = path:
+    let
+      json = lib.importJSON path;
+    in rec {
+      version = json.tag;
+      name = "${json.meta.name}-${version}";
+      src = fetchgit json.git;
+    };
  ledger = (nixpkgs.ledger.override { boost = boost166; }).overrideAttrs (oldAttrs:
    fetchedGithub ./fetched/ledger.json // {
      postInstall = "";
@@ -50,11 +59,15 @@ let
    configureFlags = oldAttrs.configureFlags ++ [ "--with-slrnpull" ];
  });
-  ldapvi = nixpkgs.ldapvi.overrideAttrs (oldAttrs: rec {
+  ldapvi = nixpkgs.ldapvi.overrideAttrs (oldAttrs: fetchedGit ./fetched/ldapvi.json);
-    name = "ldapvi-${version}";
-    version = "f1d42ba-master";
+  nixos = import ./nixos_tools.nix {};
-    src = fetchgit (lib.importJSON ./ldapvi.json);
-  });
+  pass = nixpkgs.pass.overrideAttrs (oldAttrs:
+    fetchedGit ./fetched/pass.json // {
+      patches = oldAttrs.patches ++ [ ./patches/pass-fix-pass-init.patch ];
+    }
+  );
  #weechat = callPackage nixpkgs.weechat { guileSupport = false; luaSupport = false; rubySupport = false; tclSupport = false; };
 in
@@ -66,4 +79,16 @@ in
    inherit slrn;
    inherit sc-im;
    inherit ldapvi;
+    inherit pal;
+    inherit duplicity duply;
+    inherit pdftk;
+    inherit googler;
+    inherit jrnl;
+    inherit apg;
+    inherit newsboat;
+    inherit vcsh;
+    inherit xmr-stak;
+    inherit urlwatch;
+    inherit pass;
+    #inherit nixos;
  }
diff --git a/fetch_version b/fetch_version
index db0af1b..cbbeb64 100755
--- a/fetch_version
+++ b/fetch_version
@@ -2,7 +2,7 @@
 usage() {
  echo "$0 file.json"
-  echo "$0 [-n|--name name] [-b|--branch branch] [-h|--help] (-u|--url) url"
+  echo "$0 [-n|--name name] [-b|--branch branch] [-f|--file out_file] [-h|--help] (-u|--url) url"
  exit
 }
@@ -17,6 +17,7 @@ while [[ $# -gt 0 ]]; do
      name="$(echo "$content" | jq -r ".meta.name")"
      url="$(echo "$content" | jq -r ".meta.url")"
      branch="$(echo "$content" | jq -r ".meta.branch")"
+      break
      ;;
    -n|--name)
      name=$1
@@ -30,6 +31,10 @@ while [[ $# -gt 0 ]]; do
      branch=$1
      shift
      ;;
+    -f|--file)
+      file=$1
+      shift
+      ;;
    -h|--help)
      usage
      ;;
@@ -75,26 +80,52 @@ function fetch_github () {
  tag=${rev:0:7}-$branch
 }
-fetch_github 2>/dev/null
+function fetch_other () {
+  rev="$(git ls-remote --refs $url refs/heads/$branch | head -n1 | cut -f1)"
+  sha="$(nix-prefetch-git --url $url --rev refs/heads/$branch | jq -r '.sha256')"
+  tag=${rev:0:7}-$branch
+}
-owner=$(echo "$url" | cut -d"/" -f4)
+case "$url" in
-repo=$(echo "$url" | cut -d"/" -f5)
+  https://*github.com/*)
+    fetch_github 2>/dev/null
+    owner=$(echo "$url" | cut -d"/" -f4)
+    repo=$(echo "$url" | cut -d"/" -f5)
-F='{
+    F='{
-  "tag": $tag,
+      "tag": $tag,
-  "meta": {
+      "meta": {
-    "name": $name,
+        "name": $name,
-    "url": $url,
+        "url": $url,
-    "branch": $branch
+        "branch": $branch
-  },
+      },
-  "github": {
+      "github": {
-    "owner": $owner,
+        "owner": $owner,
-    "repo": $repo,
+        "repo": $repo,
-    "rev": $rev,
+        "rev": $rev,
-    "sha256": $sha,
+        "sha256": $sha,
-    "fetchSubmodules": true
+        "fetchSubmodules": true
-  }
+      }
-}'
+    }'
+    ;;
+  *)
+    fetch_other 2>/dev/null
+    F='{
+      "tag": $tag,
+      "meta": {
+        "name": $name,
+        "url": $url,
+        "branch": $branch
+      },
+      "git": {
+        "url": $url,
+        "rev": $rev,
+        "sha256": $sha,
+        "fetchSubmodules": true
+      }
+    }'
+    ;;
+esac
 jq -n \
  --arg name "$name" \
diff --git a/fetched/ldapvi.json b/fetched/ldapvi.json
new file mode 100644
index 0000000..ceaff71
--- /dev/null
+++ b/fetched/ldapvi.json
@@ -0,0 +1,14 @@
+{
+  "tag": "f1d42ba-master",
+  "meta": {
+    "name": "ldapvi",
+    "url": "http://www.lichteblau.com/git/ldapvi.git",
+    "branch": "master"
+  },
+  "git": {
+    "url": "http://www.lichteblau.com/git/ldapvi.git",
+    "rev": "f1d42bad66cc4623d1ff21fbd5dddbf5009d3e40",
+    "sha256": "0c2h4b1spp9z6a16gy9azf0wyxq397yy7001x1zlvc7c60q11wry",
+    "fetchSubmodules": true
+  }
+}
diff --git a/fetched/pass.json b/fetched/pass.json
new file mode 100644
index 0000000..a4638c1
--- /dev/null
+++ b/fetched/pass.json
@@ -0,0 +1,14 @@
+{
+  "tag": "d29a389-master",
+  "meta": {
+    "name": "password-store",
+    "url": "https://git.zx2c4.com/password-store/",
+    "branch": "master"
+  },
+  "git": {
+    "url": "https://git.zx2c4.com/password-store/",
+    "rev": "d29a389a40524c684595f51bb937f66958bc14ea",
+    "sha256": "17g43i0if9nggcq6005iyxxy9my8s15ihc2nzwjgqzhy3svh5xvn",
+    "fetchSubmodules": true
+  }
+}
diff --git a/ldapvi.json b/ldapvi.json
deleted file mode 100644
index d04f22c..0000000
--- a/ldapvi.json
+++ /dev/null
@@ -1,6 +0,0 @@
-{
-  "url": "http://www.lichteblau.com/git/ldapvi.git",
-  "rev": "f1d42bad66cc4623d1ff21fbd5dddbf5009d3e40",
-  "sha256": "0c2h4b1spp9z6a16gy9azf0wyxq397yy7001x1zlvc7c60q11wry",
-  "fetchSubmodules": false
-}
diff --git a/nixos_tools.nix b/nixos_tools.nix
new file mode 100644
index 0000000..0b52e8d
--- /dev/null
+++ b/nixos_tools.nix
@@ -0,0 +1,4 @@
+_:
+with import <nixpkgs/nixos> { configuration = {}; };
+with config.system.build;
+  [ nixos-generate-config nixos-install nixos-enter manual.manpages ]
diff --git a/patches/pass-fix-pass-init.patch b/patches/pass-fix-pass-init.patch
new file mode 100644
index 0000000..10a76c1
--- /dev/null
+++ b/patches/pass-fix-pass-init.patch
@@ -0,0 +1,42 @@
+From 33e8f1cd0065639a948d7b5ba3f93d43bdf7f3be Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= <ismael.bouya@normalesup.org>
+Date: Sun, 11 Nov 2018 19:47:33 +0100
+Subject: [PATCH] Fix pass init for some gpg keys
+This fixes the pass init for gpg keys which have their main key as
+encryption key. This may happen for instance with RSA keys and specific
+configuration.
+---
+ src/password-store.sh       | 2 +-
+ tests/t0300-reencryption.sh | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+diff --git a/src/password-store.sh b/src/password-store.sh
+index d89d455..44d122e 100755
+--- a/src/password-store.sh
+++ b/src/password-store.sh
+@@ -124,7 +124,7 @@ reencrypt_path() {
+                                IFS=";" eval 'GPG_RECIPIENTS+=( $group )' # http://unix.stackexchange.com/a/92190
+                                unset "GPG_RECIPIENTS[$index]"
+                        done
+-                       gpg_keys="$($GPG $PASSWORD_STORE_GPG_OPTS --list-keys --with-colons "${GPG_RECIPIENTS[@]}" | sed -n 's/^sub:[^:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p' | LC_ALL=C sort -u)"
+                       gpg_keys="$($GPG $PASSWORD_STORE_GPG_OPTS --list-keys --with-colons "${GPG_RECIPIENTS[@]}" | sed -n 's/^[ps]ub:[^:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p' | LC_ALL=C sort -u)"
+                fi
+                current_keys="$(LC_ALL=C $GPG $PASSWORD_STORE_GPG_OPTS -v --no-secmem-warning --no-permission-warning --decrypt --list-only --keyid-format long "$passfile" 2>&1 | sed -n 's/^gpg: public key is \([A-F0-9]\+\)$/\1/p' | LC_ALL=C sort -u)"
+ 
+diff --git a/tests/t0300-reencryption.sh b/tests/t0300-reencryption.sh
+index 3c88987..57d873f 100755
+--- a/tests/t0300-reencryption.sh
+++ b/tests/t0300-reencryption.sh
+@@ -7,7 +7,7 @@ cd "$(dirname "$0")"
+ INITIAL_PASSWORD="will this password live? a big question indeed..."
+ 
+ canonicalize_gpg_keys() {
+-       $GPG --list-keys --with-colons "$@" | sed -n 's/sub:[^:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p' | LC_ALL=C sort -u
+       $GPG --list-keys --with-colons "$@" | sed -n 's/[ps]ub:[^:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p' | LC_ALL=C sort -u
+ }
+ gpg_keys_from_encrypted_file() {
+        $GPG -v --no-secmem-warning --no-permission-warning --decrypt --list-only --keyid-format long "$1" 2>&1 | grep "public key is" | cut -d ' ' -f 5 | LC_ALL=C sort -u
+-- 
+2.19.1

diff --git a/default.nix b/default.nix index d828027..5227b47 100644 --- a/default.nix +++ b/default.nix
@@ -10,6 +10,15 @@ let
10	src = fetchFromGitHub json.github;	10	src = fetchFromGitHub json.github;
11	};	11	};
12		12
		13	fetchedGit = path:
		14	let
		15	json = lib.importJSON path;
		16	in rec {
		17	version = json.tag;
		18	name = "${json.meta.name}-${version}";
		19	src = fetchgit json.git;
		20	};
		21
13	ledger = (nixpkgs.ledger.override { boost = boost166; }).overrideAttrs (oldAttrs:	22	ledger = (nixpkgs.ledger.override { boost = boost166; }).overrideAttrs (oldAttrs:
14	fetchedGithub ./fetched/ledger.json // {	23	fetchedGithub ./fetched/ledger.json // {
15	postInstall = "";	24	postInstall = "";
@@ -50,11 +59,15 @@ let
50	configureFlags = oldAttrs.configureFlags ++ [ "--with-slrnpull" ];	59	configureFlags = oldAttrs.configureFlags ++ [ "--with-slrnpull" ];
51	});	60	});
52		61
53	ldapvi = nixpkgs.ldapvi.overrideAttrs (oldAttrs: rec {	62	ldapvi = nixpkgs.ldapvi.overrideAttrs (oldAttrs: fetchedGit ./fetched/ldapvi.json);
54	name = "ldapvi-${version}";	63
55	version = "f1d42ba-master";	64	nixos = import ./nixos_tools.nix {};
56	src = fetchgit (lib.importJSON ./ldapvi.json);	65
57	});	66	pass = nixpkgs.pass.overrideAttrs (oldAttrs:
		67	fetchedGit ./fetched/pass.json // {
		68	patches = oldAttrs.patches ++ [ ./patches/pass-fix-pass-init.patch ];
		69	}
		70	);
58		71
59	#weechat = callPackage nixpkgs.weechat { guileSupport = false; luaSupport = false; rubySupport = false; tclSupport = false; };	72	#weechat = callPackage nixpkgs.weechat { guileSupport = false; luaSupport = false; rubySupport = false; tclSupport = false; };
60	in	73	in
@@ -66,4 +79,16 @@ in
66	inherit slrn;	79	inherit slrn;
67	inherit sc-im;	80	inherit sc-im;
68	inherit ldapvi;	81	inherit ldapvi;
		82	inherit pal;
		83	inherit duplicity duply;
		84	inherit pdftk;
		85	inherit googler;
		86	inherit jrnl;
		87	inherit apg;
		88	inherit newsboat;
		89	inherit vcsh;
		90	inherit xmr-stak;
		91	inherit urlwatch;
		92	inherit pass;
		93	#inherit nixos;
69	}	94	}


diff --git a/fetch_version b/fetch_version index db0af1b..cbbeb64 100755 --- a/fetch_version +++ b/fetch_version
@@ -2,7 +2,7 @@
2		2
3	usage() {	3	usage() {
4	echo "$0 file.json"	4	echo "$0 file.json"
5	echo "$0 [-n\|--name name] [-b\|--branch branch] [-h\|--help] (-u\|--url) url"	5	echo "$0 [-n\|--name name] [-b\|--branch branch] [-f\|--file out_file] [-h\|--help] (-u\|--url) url"
6	exit	6	exit
7	}	7	}
8		8
@@ -17,6 +17,7 @@ while [[ $# -gt 0 ]]; do
17	name="$(echo "$content" \| jq -r ".meta.name")"	17	name="$(echo "$content" \| jq -r ".meta.name")"
18	url="$(echo "$content" \| jq -r ".meta.url")"	18	url="$(echo "$content" \| jq -r ".meta.url")"
19	branch="$(echo "$content" \| jq -r ".meta.branch")"	19	branch="$(echo "$content" \| jq -r ".meta.branch")"
		20	break
20	;;	21	;;
21	-n\|--name)	22	-n\|--name)
22	name=$1	23	name=$1
@@ -30,6 +31,10 @@ while [[ $# -gt 0 ]]; do
30	branch=$1	31	branch=$1
31	shift	32	shift
32	;;	33	;;
		34	-f\|--file)
		35	file=$1
		36	shift
		37	;;
33	-h\|--help)	38	-h\|--help)
34	usage	39	usage
35	;;	40	;;
@@ -75,26 +80,52 @@ function fetch_github () {
75	tag=${rev:0:7}-$branch	80	tag=${rev:0:7}-$branch
76	}	81	}
77		82
78	fetch_github 2>/dev/null	83	function fetch_other () {
		84	rev="$(git ls-remote --refs $url refs/heads/$branch \| head -n1 \| cut -f1)"
		85	sha="$(nix-prefetch-git --url $url --rev refs/heads/$branch \| jq -r '.sha256')"
		86	tag=${rev:0:7}-$branch
		87	}
79		88
80	owner=$(echo "$url" \| cut -d"/" -f4)	89	case "$url" in
81	repo=$(echo "$url" \| cut -d"/" -f5)	90	https://github.com/)
		91	fetch_github 2>/dev/null
		92	owner=$(echo "$url" \| cut -d"/" -f4)
		93	repo=$(echo "$url" \| cut -d"/" -f5)
82		94
83	F='{	95	F='{
84	"tag": $tag,	96	"tag": $tag,
85	"meta": {	97	"meta": {
86	"name": $name,	98	"name": $name,
87	"url": $url,	99	"url": $url,
88	"branch": $branch	100	"branch": $branch
89	},	101	},
90	"github": {	102	"github": {
91	"owner": $owner,	103	"owner": $owner,
92	"repo": $repo,	104	"repo": $repo,
93	"rev": $rev,	105	"rev": $rev,
94	"sha256": $sha,	106	"sha256": $sha,
95	"fetchSubmodules": true	107	"fetchSubmodules": true
96	}	108	}
97	}'	109	}'
		110	;;
		111	*)
		112	fetch_other 2>/dev/null
		113	F='{
		114	"tag": $tag,
		115	"meta": {
		116	"name": $name,
		117	"url": $url,
		118	"branch": $branch
		119	},
		120	"git": {
		121	"url": $url,
		122	"rev": $rev,
		123	"sha256": $sha,
		124	"fetchSubmodules": true
		125	}
		126	}'
		127	;;
		128	esac
98		129
99	jq -n \	130	jq -n \
100	--arg name "$name" \	131	--arg name "$name" \


diff --git a/fetched/ldapvi.json b/fetched/ldapvi.json new file mode 100644 index 0000000..ceaff71 --- /dev/null +++ b/fetched/ldapvi.json
@@ -0,0 +1,14 @@
		1	{
		2	"tag": "f1d42ba-master",
		3	"meta": {
		4	"name": "ldapvi",
		5	"url": "http://www.lichteblau.com/git/ldapvi.git",
		6	"branch": "master"
		7	},
		8	"git": {
		9	"url": "http://www.lichteblau.com/git/ldapvi.git",
		10	"rev": "f1d42bad66cc4623d1ff21fbd5dddbf5009d3e40",
		11	"sha256": "0c2h4b1spp9z6a16gy9azf0wyxq397yy7001x1zlvc7c60q11wry",
		12	"fetchSubmodules": true
		13	}
		14	}


diff --git a/fetched/pass.json b/fetched/pass.json new file mode 100644 index 0000000..a4638c1 --- /dev/null +++ b/fetched/pass.json
@@ -0,0 +1,14 @@
		1	{
		2	"tag": "d29a389-master",
		3	"meta": {
		4	"name": "password-store",
		5	"url": "https://git.zx2c4.com/password-store/",
		6	"branch": "master"
		7	},
		8	"git": {
		9	"url": "https://git.zx2c4.com/password-store/",
		10	"rev": "d29a389a40524c684595f51bb937f66958bc14ea",
		11	"sha256": "17g43i0if9nggcq6005iyxxy9my8s15ihc2nzwjgqzhy3svh5xvn",
		12	"fetchSubmodules": true
		13	}
		14	}


diff --git a/ldapvi.json b/ldapvi.json deleted file mode 100644 index d04f22c..0000000 --- a/ldapvi.json +++ /dev/null
@@ -1,6 +0,0 @@
1	{
2	"url": "http://www.lichteblau.com/git/ldapvi.git",
3	"rev": "f1d42bad66cc4623d1ff21fbd5dddbf5009d3e40",
4	"sha256": "0c2h4b1spp9z6a16gy9azf0wyxq397yy7001x1zlvc7c60q11wry",
5	"fetchSubmodules": false
6	}


diff --git a/nixos_tools.nix b/nixos_tools.nix new file mode 100644 index 0000000..0b52e8d --- /dev/null +++ b/nixos_tools.nix
@@ -0,0 +1,4 @@
		1	_:
		2	with import <nixpkgs/nixos> { configuration = {}; };
		3	with config.system.build;
		4	[ nixos-generate-config nixos-install nixos-enter manual.manpages ]


diff --git a/patches/pass-fix-pass-init.patch b/patches/pass-fix-pass-init.patch new file mode 100644 index 0000000..10a76c1 --- /dev/null +++ b/patches/pass-fix-pass-init.patch
@@ -0,0 +1,42 @@
		1	From 33e8f1cd0065639a948d7b5ba3f93d43bdf7f3be Mon Sep 17 00:00:00 2001
		2	From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= <ismael.bouya@normalesup.org>
		3	Date: Sun, 11 Nov 2018 19:47:33 +0100
		4	Subject: [PATCH] Fix pass init for some gpg keys
		5
		6	This fixes the pass init for gpg keys which have their main key as
		7	encryption key. This may happen for instance with RSA keys and specific
		8	configuration.
		9	---
		10	src/password-store.sh \| 2 +-
		11	tests/t0300-reencryption.sh \| 2 +-
		12	2 files changed, 2 insertions(+), 2 deletions(-)
		13
		14	diff --git a/src/password-store.sh b/src/password-store.sh
		15	index d89d455..44d122e 100755
		16	--- a/src/password-store.sh
		17	+++ b/src/password-store.sh
		18	@@ -124,7 +124,7 @@ reencrypt_path() {
		19	IFS=";" eval 'GPG_RECIPIENTS+=( $group )' # http://unix.stackexchange.com/a/92190
		20	unset "GPG_RECIPIENTS[$index]"
		21	done
		22	- gpg_keys="$($GPG $PASSWORD_STORE_GPG_OPTS --list-keys --with-colons "${GPG_RECIPIENTS[@]}" \| sed -n 's/^sub:[^:]:[^:]:[^:]:\([^:]\):[^:]:[^:]:[^:]:[^:]:[^:]:[^:]:[a-zA-Z]e[a-zA-Z]:.*/\1/p' \| LC_ALL=C sort -u)"
		23	+ gpg_keys="$($GPG $PASSWORD_STORE_GPG_OPTS --list-keys --with-colons "${GPG_RECIPIENTS[@]}" \| sed -n 's/^[ps]ub:[^:]:[^:]:[^:]:\([^:]\):[^:]:[^:]:[^:]:[^:]:[^:]:[^:]:[a-zA-Z]e[a-zA-Z]:.*/\1/p' \| LC_ALL=C sort -u)"
		24	fi
		25	current_keys="$(LC_ALL=C $GPG $PASSWORD_STORE_GPG_OPTS -v --no-secmem-warning --no-permission-warning --decrypt --list-only --keyid-format long "$passfile" 2>&1 \| sed -n 's/^gpg: public key is \([A-F0-9]\+\)$/\1/p' \| LC_ALL=C sort -u)"
		26
		27	diff --git a/tests/t0300-reencryption.sh b/tests/t0300-reencryption.sh
		28	index 3c88987..57d873f 100755
		29	--- a/tests/t0300-reencryption.sh
		30	+++ b/tests/t0300-reencryption.sh
		31	@@ -7,7 +7,7 @@ cd "$(dirname "$0")"
		32	INITIAL_PASSWORD="will this password live? a big question indeed..."
		33
		34	canonicalize_gpg_keys() {
		35	- $GPG --list-keys --with-colons "$@" \| sed -n 's/sub:[^:]:[^:]:[^:]:\([^:]\):[^:]:[^:]:[^:]:[^:]:[^:]:[^:]:[a-zA-Z]e[a-zA-Z]:.*/\1/p' \| LC_ALL=C sort -u
		36	+ $GPG --list-keys --with-colons "$@" \| sed -n 's/[ps]ub:[^:]:[^:]:[^:]:\([^:]\):[^:]:[^:]:[^:]:[^:]:[^:]:[^:]:[a-zA-Z]e[a-zA-Z]:.*/\1/p' \| LC_ALL=C sort -u
		37	}
		38	gpg_keys_from_encrypted_file() {
		39	$GPG -v --no-secmem-warning --no-permission-warning --decrypt --list-only --keyid-format long "$1" 2>&1 \| grep "public key is" \| cut -d ' ' -f 5 \| LC_ALL=C sort -u
		40	--
		41	2.19.1
		42