dan/liminix
1
0
Fork 5
Code

Compare commits

base: dan:12275f68968228b9d5490d9f70df1440855ddfba
Branches Tags
dan:main
dan:nftables-turned
dan:firescape
dan:runciter
dan:wip-pstore-tls
dan:fallover
dan:lte
dan:gateway-profile
dan:tftpboot-append-dtb
dan:mainline-omnia-wip
dan:armv7
dan:hark-how-all-the-belkin-rings
dan:first-do-no-arm
dan:doc-do-over
dan:module-based-network
dan:v1.0.0
..
compare: dan:cd0093279c07fb72db91ed2580bc91bda7bec74a
Branches Tags
dan:main
dan:nftables-turned
dan:firescape
dan:runciter
dan:wip-pstore-tls
dan:fallover
dan:lte
dan:gateway-profile
dan:tftpboot-append-dtb
dan:mainline-omnia-wip
dan:armv7
dan:hark-how-all-the-belkin-rings
dan:first-do-no-arm
dan:doc-do-over
dan:module-based-network
dan:v1.0.0

No commits in common. "12275f68968228b9d5490d9f70df1440855ddfba" and "cd0093279c07fb72db91ed2580bc91bda7bec74a" have entirely different histories.
12275f6896 ... cd0093279c

7 changed files with 163 additions and 132 deletions
Show Stats Expand all files Collapse all files

83
modules/ppp/common.nix
View File

@ -1,83 +0,0 @@
{ writeAshScript, liminix, svc, lib, serviceFns, output-template }:
{
command,
name,
debug
, username,
password,
lcpEcho,
ppp-options,
dependencies ? []
} :
let
inherit (lib) optional optionals escapeShellArgs concatStringsSep;
inherit (liminix.services) longrun;
inherit (builtins) toJSON toString typeOf;
ip-up = writeAshScript "ip-up" {} ''
. ${serviceFns}
(in_outputs ${name}
echo $1 > ifname
echo $2 > tty
echo $3 > speed
echo $4 > address
echo $5 > peer-address
echo $DNS1 > ns1
echo $DNS2 > ns2
)
echo >/proc/self/fd/10
'';
ip6-up = writeAshScript "ip6-up" {} ''
. ${serviceFns}
(in_outputs ${name}
echo $4 > ipv6-address
echo $5 > ipv6-peer-address
)
echo >/proc/self/fd/10
'';
literal_or_output =
let v = o: ({
string = toJSON;
int = toJSON;
lambda = (o: "output(${toJSON (o "service")}, ${toJSON (o "path")})");
}.${typeOf o}) o;
in o: "{{ ${v o} }}";
ppp-options' =
["+ipv6" "noauth"]
++ optional debug "debug"
++ optionals (username != null) ["name" (literal_or_output username)]
++ optionals (password != null) ["password" (literal_or_output password)]
++ optional lcpEcho.adaptive "lcp-echo-adaptive"
++ optionals (lcpEcho.interval != null)
["lcp-echo-interval" (toString lcpEcho.interval)]
++ optionals (lcpEcho.failure != null)
["lcp-echo-failure" (toString lcpEcho.failure)]
++ ppp-options
++ ["ip-up-script" ip-up
"ipv6-up-script" ip6-up
"ipparam" name
"nodetach"
"usepeerdns"
"nodefaultroute"
"logfd" "2"
];
service = longrun {
inherit name;
run = ''
mkdir -p /run/${name}
chmod 0700 /run/${name}
in_outputs ${name}
echo ${escapeShellArgs ppp-options'} | ${output-template}/bin/output-template '{{' '}}' > /run/${name}/ppp-options
${command}
'';
notification-fd = 10;
timeout-up = if lcpEcho.failure != null
then (10 + lcpEcho.failure * lcpEcho.interval) * 1000
else 60 * 1000;
inherit dependencies;
};
in svc.secrets.subscriber.build {
watch = [ username password ];
inherit service;
}

89
modules/ppp/l2tp.nix
View File

@ -1,13 +1,12 @@
{ {
lib, liminix
liminix, , lib
output-template, , svc
serviceFns, , output-template
svc, , writeAshScript
writeAshScript, , writeText
writeText, , serviceFns
xl2tpd, , xl2tpd
callPackage
} : } :
{ lns, { lns,
ppp-options, ppp-options,
@ -17,8 +16,57 @@
debug debug
}: }:
let let
inherit (liminix.services) longrun;
inherit (lib) optional optionals escapeShellArgs concatStringsSep;
name = "${lns}.l2tp"; name = "${lns}.l2tp";
common = callPackage ./common.nix { inherit svc; }; ip-up = writeAshScript "ip-up" {} ''
. ${serviceFns}
(in_outputs ${name}
echo $1 > ifname
echo $2 > tty
echo $3 > speed
echo $4 > address
echo $5 > peer-address
echo $DNS1 > ns1
echo $DNS2 > ns2
)
echo >/proc/self/fd/10
'';
ip6-up = writeAshScript "ip6-up" {} ''
. ${serviceFns}
(in_outputs ${name}
echo $4 > ipv6-address
echo $5 > ipv6-peer-address
)
echo >/proc/self/fd/10
'';
literal_or_output =
let v = o: ({
string = builtins.toJSON;
int = builtins.toJSON;
lambda = (o: "output(${builtins.toJSON (o "service")}, ${builtins.toJSON (o "path")})");
}.${builtins.typeOf o}) o;
in o: "{{ ${v o} }}";
ppp-options' =
["+ipv6" "noauth"]
++ optional debug "debug"
++ optionals (username != null) ["name" (literal_or_output username)]
++ optionals (password != null) ["password" (literal_or_output password)]
++ optional lcpEcho.adaptive "lcp-echo-adaptive"
++ optionals (lcpEcho.interval != null)
["lcp-echo-interval" (builtins.toString lcpEcho.interval)]
++ optionals (lcpEcho.failure != null)
["lcp-echo-failure" (builtins.toString lcpEcho.failure)]
++ ppp-options
++ ["ip-up-script" ip-up
"ipv6-up-script" ip6-up
"ipparam" name
"nodetach"
"usepeerdns"
"logfd" "2"
];
conf = writeText "xl2tpd.conf" '' conf = writeText "xl2tpd.conf" ''
[lac upstream] [lac upstream]
@ -31,10 +79,19 @@ let
max redials = 2 # this gives 1 actual retry, as xl2tpd can't count max redials = 2 # this gives 1 actual retry, as xl2tpd can't count
''; '';
control = "/run/${name}/control"; control = "/run/${name}/control";
in common { service = longrun {
inherit name debug username password lcpEcho ppp-options; inherit name;
command = '' run = ''
touch ${control} mkdir -p /run/${name}
exec ${xl2tpd}/bin/xl2tpd -D -p /run/${name}/${name}.pid -c ${conf} -C ${control} chmod 0700 /run/${name}
''; touch ${control}
in_outputs ${name}
echo ${escapeShellArgs ppp-options'} | ${output-template}/bin/output-template '{{' '}}' > /run/${name}/ppp-options
exec ${xl2tpd}/bin/xl2tpd -D -p /run/${name}/${name}.pid -c ${conf} -C ${control}
'';
notification-fd = 10;
};
in svc.secrets.subscriber.build {
watch = [ username password ];
inherit service;
} }

93
modules/ppp/pppoe.nix
View File

@ -1,13 +1,12 @@
{ {
lib, liminix
liminix, , svc
output-template, , lib
ppp, , output-template
pppoe, , ppp
serviceFns, , pppoe
svc, , writeAshScript
writeAshScript, , serviceFns
callPackage
} : } :
{ interface, { interface,
ppp-options, ppp-options,
@ -17,14 +16,74 @@
debug debug
}: }:
let let
inherit (liminix.services) longrun;
inherit (lib) optional optionals escapeShellArgs concatStringsSep;
name = "${interface.name}.pppoe"; name = "${interface.name}.pppoe";
common = callPackage ./common.nix { inherit svc; }; ip-up = writeAshScript "ip-up" {} ''
. ${serviceFns}
timeoutOpt = if lcpEcho.interval != null then "-T ${builtins.toString (4 * lcpEcho.interval)}" else ""; (in_outputs ${name}
in common { echo $1 > ifname
inherit name debug username password lcpEcho ppp-options; echo $2 > tty
command = '' echo $3 > speed
exec ${ppp}/bin/pppd pty "${pppoe}/bin/pppoe ${timeoutOpt} -I $(output ${interface} ifname)" file /run/${name}/ppp-options echo $4 > address
echo $5 > peer-address
echo $DNS1 > ns1
echo $DNS2 > ns2
)
echo >/proc/self/fd/10
''; '';
dependencies = [ interface ]; ip6-up = writeAshScript "ip6-up" {} ''
. ${serviceFns}
(in_outputs ${name}
echo $4 > ipv6-address
echo $5 > ipv6-peer-address
)
echo >/proc/self/fd/10
'';
literal_or_output =
let v = o: ({
string = builtins.toJSON;
int = builtins.toJSON;
lambda = (o: "output(${builtins.toJSON (o "service")}, ${builtins.toJSON (o "path")})");
}.${builtins.typeOf o}) o;
in o: "{{ ${v o} }}";
ppp-options' =
["+ipv6" "noauth"]
++ optional debug "debug"
++ optionals (username != null) ["name" (literal_or_output username)]
++ optionals (password != null) ["password" (literal_or_output password)]
++ optional lcpEcho.adaptive "lcp-echo-adaptive"
++ optionals (lcpEcho.interval != null)
["lcp-echo-interval" (builtins.toString lcpEcho.interval)]
++ optionals (lcpEcho.failure != null)
["lcp-echo-failure" (builtins.toString lcpEcho.failure)]
++ ppp-options
++ ["ip-up-script" ip-up
"ipv6-up-script" ip6-up
"ipparam" name
"nodetach"
"usepeerdns"
"logfd" "2"
];
timeoutOpt = if lcpEcho.interval != null then "-T ${builtins.toString (4 * lcpEcho.interval)}" else "";
service = longrun {
inherit name;
run = ''
mkdir -p /run/${name}
chmod 0700 /run/${name}
in_outputs ${name}
echo ${escapeShellArgs ppp-options'} | ${output-template}/bin/output-template '{{' '}}' > /run/${name}/ppp-options
exec ${ppp}/bin/pppd pty "${pppoe}/bin/pppoe ${timeoutOpt} -I $(output ${interface} ifname)" file /run/${name}/ppp-options
'';
notification-fd = 10;
timeout-up = if lcpEcho.failure != null
then (10 + lcpEcho.failure * lcpEcho.interval) * 1000
else 60 * 1000;
dependencies = [ interface ];
};
in svc.secrets.subscriber.build {
watch = [ username password ];
inherit service;
action = "restart-all";
} }

5
pkgs/anoia/init.fnl
View File

@ -66,10 +66,7 @@
(assert (table= {:a 1 :b {:l 17}} {:b {:l 17} :a 1})) (assert (table= {:a 1 :b {:l 17}} {:b {:l 17} :a 1}))
(assert (table= {:a [4 5 6 7] } {:a [4 5 6 7]})) (assert (table= {:a [4 5 6 7] } {:a [4 5 6 7]}))
(assert (not (table= {:a [4 5 6 7] } {:a [4 5 6 7 8]}))) (assert (not (table= {:a [4 5 6 7] } {:a [4 5 6 7 8]})))
(assert (not (table= {:a [4 5 7 6] } {:a [4 5 6 7 ]}))) (assert (not (table= {:a [4 5 7 6] } {:a [4 5 6 7 ]}))))
(assert (table= {} {}))
)
(fn dig [tree path] (fn dig [tree path]
(match path (match path

18
pkgs/tangc/tangc.fnl
View File

@ -102,19 +102,19 @@
(fn http-post [url body] (fn http-post [url body]
(match (match
(http.request "POST" url (http.request "POST" url
"" 0 "" 0
"application/x-www-form-urlencoded" "application/x-www-form-urlencoded"
body) body)
s (json.decode s) s (json.decode s)
(nil code msg) (error (.. "Error " code " POST " url ": " msg)))) (nil err) (error err)))
(fn http-get [url body] (fn http-get [url body]
(match (match
(http.fetch url) (http.fetch url)
s (json.decode s) s (json.decode s)
(nil code msg) (error (.. "Error " code " GET " url ": " msg)))) (nil code msg) (error (.. "Error: " code ": " msg))))
(fn decrypt [] (fn decrypt []
(let [b64 (base64 :url) (let [b64 (base64 :url)

6
pkgs/watch-ssh-keys/watch-ssh-keys.fnl
View File

@ -11,7 +11,6 @@
(fn write-changes [path old-tree new-tree] (fn write-changes [path old-tree new-tree]
(when (not (table= old-tree new-tree)) (when (not (table= old-tree new-tree))
(io.stderr:write "new ssh keys\n")
(each [username pubkeys (pairs new-tree)] (each [username pubkeys (pairs new-tree)]
(with-open [f (assert (io.open (.. path "/" username) :w))] (with-open [f (assert (io.open (.. path "/" username) :w))]
;; the keys are "1" "2" "3" etc, so pairs not ipairs ;; the keys are "1" "2" "3" etc, so pairs not ipairs
@ -48,13 +47,14 @@
(os.remove out-dir) (os.remove out-dir)
)) ))
(fn run [] (fn run []
(let [{: out-path : watched-service : path } (parse-args arg) (let [{: out-path : watched-service : path } (parse-args arg)
dir (.. watched-service "/.outputs") dir (.. watched-service "/.outputs")
service (assert (svc.open dir))] service (assert (svc.open dir))]
(accumulate [tree {} (accumulate [tree (service:output path)
v (service:events)] v (service:events)]
(write-changes out-path tree (or (service:output path) {}))))) (write-changes out-path tree (service:output path)))))
{ : run } { : run }

1
pkgs/write-fennel/default.nix
View File

@ -31,6 +31,7 @@ stdenv.mkDerivation {
echo "#!${lua}/bin/lua ${luaFlags}" echo "#!${lua}/bin/lua ${luaFlags}"
echo "package.path = ${lib.strings.escapeShellArg (concatStringsSep "" luapath)} .. package.path" echo "package.path = ${lib.strings.escapeShellArg (concatStringsSep "" luapath)} .. package.path"
echo "package.cpath = ${lib.strings.escapeShellArg (concatStringsSep "" luacpath)} .. package.cpath" echo "package.cpath = ${lib.strings.escapeShellArg (concatStringsSep "" luacpath)} .. package.cpath"
echo "local ok, stdlib = pcall(require,'posix.stdlib'); if ok then stdlib.setenv('PATH',${lib.escapeShellArg (lib.makeBinPath packages)} .. \":\" .. os.getenv('PATH')) end"
echo "local ok, ll = pcall(require,'lualinux'); if ok then ll.setenv('PATH',${lib.escapeShellArg (lib.makeBinPath packages)} .. \":\" .. os.getenv('PATH')) end" echo "local ok, ll = pcall(require,'lualinux'); if ok then ll.setenv('PATH',${lib.escapeShellArg (lib.makeBinPath packages)} .. \":\" .. os.getenv('PATH')) end"
fennel ${if macropath != "" then "--add-macro-path ${lib.strings.escapeShellArg macropath}" else ""} ${if correlate then "--correlate" else ""} --compile ${source} fennel ${if macropath != "" then "--add-macro-path ${lib.strings.escapeShellArg macropath}" else ""} ${if correlate then "--correlate" else ""} --compile ${source}
) > ${name}.lua ) > ${name}.lua