sane-scripts: include the python scripts
This commit is contained in:
parent
adf72fc9d4
commit
2a148c1543
|
@ -3,6 +3,7 @@
|
||||||
let
|
let
|
||||||
sane = rec {
|
sane = rec {
|
||||||
#### my own, non-upstreamable packages:
|
#### my own, non-upstreamable packages:
|
||||||
|
static-nix-shell = callPackages ../pkgs/static-nix-shell { };
|
||||||
sane-scripts = callPackage ../pkgs/sane-scripts { };
|
sane-scripts = callPackage ../pkgs/sane-scripts { };
|
||||||
feeds = recurseIntoAttrs (callPackage ../pkgs/feeds { });
|
feeds = recurseIntoAttrs (callPackage ../pkgs/feeds { });
|
||||||
tow-boot-pinephone = callPackage ../pkgs/tow-boot-pinephone { };
|
tow-boot-pinephone = callPackage ../pkgs/tow-boot-pinephone { };
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
{ lib
|
{ lib
|
||||||
, callPackage
|
, callPackage
|
||||||
, python3
|
, python3
|
||||||
, stdenv
|
, static-nix-shell
|
||||||
, writeShellScript
|
, writeShellScript
|
||||||
}:
|
}:
|
||||||
|
|
||||||
|
@ -21,21 +21,11 @@ let
|
||||||
feed-pkgs;
|
feed-pkgs;
|
||||||
in rec { # TODO: make this a scope
|
in rec { # TODO: make this a scope
|
||||||
inherit feed-pkgs;
|
inherit feed-pkgs;
|
||||||
update = stdenv.mkDerivation {
|
update = static-nix-shell.mkPython3Bin {
|
||||||
pname = "update";
|
pname = "update";
|
||||||
version = "0.1.0";
|
|
||||||
src = ./.;
|
src = ./.;
|
||||||
patchPhase =
|
pyPkgs = [ "feedsearch-crawler" ];
|
||||||
let
|
srcPath = "update.py";
|
||||||
pyEnv = python3.withPackages (ps: [ ps.feedsearch-crawler ]);
|
|
||||||
in ''
|
|
||||||
substituteInPlace ./update.py \
|
|
||||||
--replace "#!/usr/bin/env nix-shell" "#!${pyEnv.interpreter}"
|
|
||||||
'';
|
|
||||||
installPhase = ''
|
|
||||||
mkdir -p $out/bin
|
|
||||||
mv update.py $out/bin/update.py
|
|
||||||
'';
|
|
||||||
};
|
};
|
||||||
init-feed = writeShellScript
|
init-feed = writeShellScript
|
||||||
"init-feed"
|
"init-feed"
|
||||||
|
|
|
@ -1,108 +1,129 @@
|
||||||
{ lib
|
{ lib
|
||||||
, pkgs
|
, pkgs
|
||||||
, resholve
|
, resholve
|
||||||
|
, static-nix-shell
|
||||||
|
, symlinkJoin
|
||||||
}:
|
}:
|
||||||
|
|
||||||
# resholve documentation:
|
let
|
||||||
# - nix: https://github.com/nixos/nixpkgs/blob/master/pkgs/development/misc/resholve/README.md
|
shell-scripts = resholve.mkDerivation {
|
||||||
# - generic: https://github.com/abathur/resholve
|
# resholve documentation:
|
||||||
resholve.mkDerivation {
|
# - nix: https://github.com/nixos/nixpkgs/blob/master/pkgs/development/misc/resholve/README.md
|
||||||
pname = "sane-scripts";
|
# - generic: https://github.com/abathur/resholve
|
||||||
version = "0.1.0";
|
pname = "sane-scripts";
|
||||||
|
version = "0.1.0";
|
||||||
|
|
||||||
src = ./src;
|
src = ./src;
|
||||||
|
|
||||||
solutions = {
|
solutions = {
|
||||||
default = {
|
default = {
|
||||||
# note: `scripts` refers to the store path here
|
# note: `scripts` refers to the store path here
|
||||||
scripts = [ "bin/*" ];
|
scripts = [ "bin/*" ];
|
||||||
interpreter = "${pkgs.bash}/bin/bash";
|
interpreter = "${pkgs.bash}/bin/bash";
|
||||||
inputs = with pkgs; [
|
inputs = with pkgs; [
|
||||||
# string is interpreted as relative path from @OUT@.
|
# string is interpreted as relative path from @OUT@.
|
||||||
# this lets our scripts reference eachother.
|
# this lets our scripts reference eachother.
|
||||||
# see: <https://github.com/abathur/resholve/issues/26>
|
# see: <https://github.com/abathur/resholve/issues/26>
|
||||||
"bin"
|
"bin"
|
||||||
coreutils-full
|
coreutils-full
|
||||||
curl
|
curl
|
||||||
duplicity
|
duplicity
|
||||||
file
|
file
|
||||||
findutils
|
findutils
|
||||||
git
|
git
|
||||||
gnugrep
|
gnugrep
|
||||||
gnused
|
gnused
|
||||||
gocryptfs
|
gocryptfs
|
||||||
ifuse
|
ifuse
|
||||||
inetutils
|
inetutils
|
||||||
inotify-tools
|
inotify-tools
|
||||||
iwd
|
iwd
|
||||||
jq
|
jq
|
||||||
ncurses
|
ncurses
|
||||||
oath-toolkit
|
oath-toolkit
|
||||||
openssh
|
openssh
|
||||||
openssl
|
openssl
|
||||||
rmlint
|
rmlint
|
||||||
rsync
|
rsync
|
||||||
ssh-to-age
|
ssh-to-age
|
||||||
sops
|
sops
|
||||||
sudo
|
sudo
|
||||||
systemd
|
systemd
|
||||||
util-linux
|
util-linux
|
||||||
which
|
which
|
||||||
];
|
];
|
||||||
keep = {
|
keep = {
|
||||||
"/run/secrets/duplicity_passphrase" = true;
|
"/run/secrets/duplicity_passphrase" = true;
|
||||||
# we write here: keep it
|
# we write here: keep it
|
||||||
"/tmp/rmlint.sh" = true;
|
"/tmp/rmlint.sh" = true;
|
||||||
# intentionally escapes (into user code)
|
# intentionally escapes (into user code)
|
||||||
"$external_cmd" = true;
|
"$external_cmd" = true;
|
||||||
"$maybe_sudo" = true;
|
"$maybe_sudo" = true;
|
||||||
};
|
};
|
||||||
fake = {
|
fake = {
|
||||||
external = [
|
external = [
|
||||||
# https://github.com/abathur/resholve/issues/29
|
# https://github.com/abathur/resholve/issues/29
|
||||||
# "umount"
|
# "umount"
|
||||||
# "/run/wrappers/bin/sudo"
|
# "/run/wrappers/bin/sudo"
|
||||||
"sudo"
|
"sudo"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
fix = {
|
||||||
|
# this replaces umount with the non-setuid-wrapper umount.
|
||||||
|
# not sure if/where that lack of suid causes problems.
|
||||||
|
umount = true;
|
||||||
|
};
|
||||||
|
prologue = "bin/sane-resholve-prologue";
|
||||||
|
|
||||||
|
# list of programs which *can* or *cannot* exec their arguments
|
||||||
|
execer = with pkgs; [
|
||||||
|
"cannot:${duplicity}/bin/duplicity"
|
||||||
|
"cannot:${git}/bin/git"
|
||||||
|
"cannot:${gocryptfs}/bin/gocryptfs"
|
||||||
|
"cannot:${ifuse}/bin/ifuse"
|
||||||
|
"cannot:${iwd}/bin/iwctl"
|
||||||
|
"cannot:${oath-toolkit}/bin/oathtool"
|
||||||
|
"cannot:${openssh}/bin/ssh-keygen"
|
||||||
|
"cannot:${rmlint}/bin/rmlint"
|
||||||
|
"cannot:${rsync}/bin/rsync"
|
||||||
|
"cannot:${sops}/bin/sops"
|
||||||
|
"cannot:${ssh-to-age}/bin/ssh-to-age"
|
||||||
|
"cannot:${systemd}/bin/systemctl"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
fix = {
|
|
||||||
# this replaces umount with the non-setuid-wrapper umount.
|
|
||||||
# not sure if/where that lack of suid causes problems.
|
|
||||||
umount = true;
|
|
||||||
};
|
|
||||||
prologue = "bin/sane-resholve-prologue";
|
|
||||||
|
|
||||||
# list of programs which *can* or *cannot* exec their arguments
|
|
||||||
execer = with pkgs; [
|
|
||||||
"cannot:${duplicity}/bin/duplicity"
|
|
||||||
"cannot:${git}/bin/git"
|
|
||||||
"cannot:${gocryptfs}/bin/gocryptfs"
|
|
||||||
"cannot:${ifuse}/bin/ifuse"
|
|
||||||
"cannot:${iwd}/bin/iwctl"
|
|
||||||
"cannot:${oath-toolkit}/bin/oathtool"
|
|
||||||
"cannot:${openssh}/bin/ssh-keygen"
|
|
||||||
"cannot:${rmlint}/bin/rmlint"
|
|
||||||
"cannot:${rsync}/bin/rsync"
|
|
||||||
"cannot:${sops}/bin/sops"
|
|
||||||
"cannot:${ssh-to-age}/bin/ssh-to-age"
|
|
||||||
"cannot:${systemd}/bin/systemctl"
|
|
||||||
];
|
|
||||||
};
|
};
|
||||||
|
|
||||||
|
patchPhase = ''
|
||||||
|
# remove python scripts (we package them further below)
|
||||||
|
rm sane-bt-search
|
||||||
|
rm sane-date-math
|
||||||
|
rm sane-reclaim-boot-space
|
||||||
|
'';
|
||||||
|
|
||||||
|
installPhase = ''
|
||||||
|
mkdir -p $out/bin
|
||||||
|
cp -R * $out/bin/
|
||||||
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
patchPhase = ''
|
bt-search = static-nix-shell.mkPython3Bin {
|
||||||
# remove python scripts
|
pname = "sane-bt-search";
|
||||||
# TODO: figure out how to make resholve process only shell scripts
|
src = ./src;
|
||||||
rm sane-bt-search
|
pyPkgs = [ "natsort" "requests" ];
|
||||||
rm sane-date-math
|
};
|
||||||
rm sane-reclaim-boot-space
|
date-math = static-nix-shell.mkPython3Bin {
|
||||||
'';
|
pname = "sane-date-math";
|
||||||
|
src = ./src;
|
||||||
installPhase = ''
|
};
|
||||||
mkdir -p $out/bin
|
reclaim-boot-space = static-nix-shell.mkPython3Bin {
|
||||||
cp -R * $out/bin/
|
pname = "sane-reclaim-boot-space";
|
||||||
'';
|
src = ./src;
|
||||||
|
};
|
||||||
|
|
||||||
|
in
|
||||||
|
symlinkJoin {
|
||||||
|
name = "sane-scripts";
|
||||||
|
paths = [ shell-scripts bt-search date-math reclaim-boot-space ];
|
||||||
meta = {
|
meta = {
|
||||||
description = "collection of scripts associated with uninsane systems";
|
description = "collection of scripts associated with uninsane systems";
|
||||||
homepage = "https://git.uninsane.org";
|
homepage = "https://git.uninsane.org";
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
#!/usr/bin/env python3
|
#!/usr/bin/env nix-shell
|
||||||
|
#!nix-shell -i python3 -p "python3.withPackages (ps: [ ])"
|
||||||
|
|
||||||
# i just went overboard playing around with parsers, is all.
|
# i just went overboard playing around with parsers, is all.
|
||||||
# use this like `./sane-date-math 'today - 5d'`
|
# use this like `./sane-date-math 'today - 5d'`
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
#!/usr/bin/env python3
|
#!/usr/bin/env nix-shell
|
||||||
|
#!nix-shell -i python3 -p "python3.withPackages (ps: [ ])"
|
||||||
|
|
||||||
import os
|
import os
|
||||||
import os.path
|
import os.path
|
||||||
|
|
30
pkgs/static-nix-shell/default.nix
Normal file
30
pkgs/static-nix-shell/default.nix
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
{ stdenv
|
||||||
|
, python3
|
||||||
|
}:
|
||||||
|
|
||||||
|
{
|
||||||
|
# transform a file which uses `#!/usr/bin/env nix-shell` shebang with a `python3` interpreter
|
||||||
|
# into a derivation that can be built statically
|
||||||
|
mkPython3Bin = { pname, pyPkgs ? [], srcPath ? pname, ... }@attrs: stdenv.mkDerivation (
|
||||||
|
let
|
||||||
|
evalPyPkgs = ps: builtins.map (name: ps."${name}") pyPkgs;
|
||||||
|
pyEnv = python3.withPackages evalPyPkgs;
|
||||||
|
pyPkgsStr = builtins.concatStringsSep " " (builtins.map (p: "ps.${p}") pyPkgs);
|
||||||
|
in {
|
||||||
|
version = "0.1.0"; # default version
|
||||||
|
patchPhase = ''
|
||||||
|
substituteInPlace ${srcPath} \
|
||||||
|
--replace '#!/usr/bin/env nix-shell' '#!${pyEnv.interpreter}' \
|
||||||
|
--replace \
|
||||||
|
'#!nix-shell -i python3 -p "python3.withPackages (ps: [ ${pyPkgsStr} ])"' \
|
||||||
|
'# nix deps evaluated statically'
|
||||||
|
'';
|
||||||
|
installPhase = ''
|
||||||
|
mkdir -p $out/bin
|
||||||
|
mv ${srcPath} $out/bin/${srcPath}
|
||||||
|
# ensure that all nix-shell references were substituted
|
||||||
|
! grep nix-shell $out/bin/${srcPath}
|
||||||
|
'';
|
||||||
|
} // attrs
|
||||||
|
);
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user