From d6fb2ab5b4c564d1045d568d7768be699f68f949 Mon Sep 17 00:00:00 2001 From: Colin Date: Fri, 19 May 2023 17:58:32 +0000 Subject: [PATCH 1/4] flake/nixpkgs 2023-05-14 -> 2023-05-18; nix-serve -> 2023-05-17 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ``` • Updated input 'nix-serve': 'github:edolstra/nix-serve/3b6d30016d910a43e0e16f94170440a3e0b8fa8d' (2023-03-07) → 'github:edolstra/nix-serve/e6e3d09438e803daa5374ad8edf1271289348456' (2023-05-17) • Updated input 'nixpkgs-unpatched': 'github:nixos/nixpkgs/0470f36b02ef01d4f43c641bbf07020bcab71bf1' (2023-05-14) → 'github:nixos/nixpkgs/48a0fb7aab511df92a17cf239c37f2bd2ec9ae3a' (2023-05-18) ``` --- flake.lock | 12 ++++++------ hosts/by-name/desko/default.nix | 6 ++---- hosts/by-name/lappy/default.nix | 3 ++- nixpatches/list.nix | 7 ------- 4 files changed, 10 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index e6985aef..fc07af92 100644 --- a/flake.lock +++ b/flake.lock @@ -36,11 +36,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1678202930, - "narHash": "sha256-SF82/tTnagdazlETJLzXD9kjZ6lyk38agdLbmMx1UZE=", + "lastModified": 1684319086, + "narHash": "sha256-5wwlkWqP1cQUPXp/PJsi09FkgAule5yBghngRZZbUQg=", "owner": "edolstra", "repo": "nix-serve", - "rev": "3b6d30016d910a43e0e16f94170440a3e0b8fa8d", + "rev": "e6e3d09438e803daa5374ad8edf1271289348456", "type": "github" }, "original": { @@ -82,11 +82,11 @@ }, "nixpkgs-unpatched": { "locked": { - "lastModified": 1684049129, - "narHash": "sha256-7WB9LpnPNAS8oI7hMoHeKLNhRX7k3CI9uWBRSfmOCCE=", + "lastModified": 1684385584, + "narHash": "sha256-O7y0gK8OLIDqz+LaHJJyeu09IGiXlZIS3+JgEzGmmJA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "0470f36b02ef01d4f43c641bbf07020bcab71bf1", + "rev": "48a0fb7aab511df92a17cf239c37f2bd2ec9ae3a", "type": "github" }, "original": { diff --git a/hosts/by-name/desko/default.nix b/hosts/by-name/desko/default.nix index 23bce3c5..c3f67ea0 100644 --- a/hosts/by-name/desko/default.nix +++ b/hosts/by-name/desko/default.nix @@ -36,11 +36,9 @@ services.snapper.configs.nix = { # TODO: for the impermanent setup, we'd prefer to just do /nix/persist, # but that also requires setting up the persist dir as a subvol - subvolume = "/nix"; + SUBVOLUME = "/nix"; # TODO: ALLOW_USERS doesn't seem to work. still need `sudo snapper -c nix list` - extraConfig = '' - ALLOW_USERS = "colin"; - ''; + ALLOW_USERS = [ "colin" ]; }; programs.steam = { diff --git a/hosts/by-name/lappy/default.nix b/hosts/by-name/lappy/default.nix index 9cbf5f85..149109c6 100644 --- a/hosts/by-name/lappy/default.nix +++ b/hosts/by-name/lappy/default.nix @@ -29,7 +29,8 @@ services.snapper.configs.nix = { # TODO: for the impermanent setup, we'd prefer to just do /nix/persist, # but that also requires setting up the persist dir as a subvol - subvolume = "/nix"; + SUBVOLUME = "/nix"; + ALLOW_USERS = [ "colin" ]; }; # TODO: only here for debugging diff --git a/nixpatches/list.nix b/nixpatches/list.nix index 4d96dae4..12c23e86 100644 --- a/nixpatches/list.nix +++ b/nixpatches/list.nix @@ -68,13 +68,6 @@ in [ hash = "sha256-Z1HOps3w/WvxAiyUAHWszKqwS9EwA6rf4XfgPGp+2sQ="; }) - (fetchpatch' { - # kiwix-tools: 3.4.0 -> 3.5.0 - saneCommit = "146f2449a19101ee202aa578a2b1d7377779890b"; - prUrl = "https://github.com/NixOS/nixpkgs/pull/232020"; - hash = "sha256-Tqr8Ri8X2dDljDmWmjAQDRJGNenSFhrY/wr24h2JAh0="; - }) - (fetchpatch' { # nixos/lemmy: support nginx saneCommit = "4c86db6dcb78795ac9bb514d9c779fd591070b23"; From c6629364909e0b4c53bf1e1ef2f5b8ad37af441b Mon Sep 17 00:00:00 2001 From: Colin Date: Fri, 19 May 2023 19:48:52 +0000 Subject: [PATCH 2/4] sane-bt-add: add help message & port to nix-shell --- pkgs/additional/sane-scripts/default.nix | 13 ++++++++---- pkgs/additional/sane-scripts/src/sane-bt-add | 21 ++++++++++++++++++-- 2 files changed, 28 insertions(+), 6 deletions(-) diff --git a/pkgs/additional/sane-scripts/default.nix b/pkgs/additional/sane-scripts/default.nix index 8e256e36..e832a5be 100644 --- a/pkgs/additional/sane-scripts/default.nix +++ b/pkgs/additional/sane-scripts/default.nix @@ -108,17 +108,22 @@ let }; py-scripts = { - # anything added to this attrset gets symlink-joined into into `sane-scripts` - bt-search = static-nix-shell.mkPython3Bin { - pname = "sane-bt-search"; + # anything added to this attrset gets symlink-joined into `sane-scripts` + bt-add = static-nix-shell.mkBash { + pname = "sane-bt-add"; src = ./src; - pyPkgs = [ "natsort" "requests" ]; + pkgs = [ "transmission" ]; }; bt-rm = static-nix-shell.mkBash { pname = "sane-bt-rm"; src = ./src; pkgs = [ "transmission" ]; }; + bt-search = static-nix-shell.mkPython3Bin { + pname = "sane-bt-search"; + src = ./src; + pyPkgs = [ "natsort" "requests" ]; + }; date-math = static-nix-shell.mkPython3Bin { pname = "sane-date-math"; src = ./src; diff --git a/pkgs/additional/sane-scripts/src/sane-bt-add b/pkgs/additional/sane-scripts/src/sane-bt-add index 00b4ddf7..9865d057 100755 --- a/pkgs/additional/sane-scripts/src/sane-bt-add +++ b/pkgs/additional/sane-scripts/src/sane-bt-add @@ -1,11 +1,12 @@ -#!/usr/bin/env bash +#!/usr/bin/env nix-shell +#!nix-shell -i bash -p transmission set -e endpoint=https://bt.uninsane.org/transmission/rpc PASS=$(sudo cat /run/secrets/transmission_passwd) -options=$(getopt -l prefix:,film,show:,book:,audiobook:,vn:,author: -- "" "${@}") +options=$(getopt -l help,prefix:,film,show:,book:,audiobook:,vn:,author: -- "" "${@}") eval "set -- ${options}" type= @@ -14,6 +15,22 @@ author= prefix= while true; do case "$1" in + (--help) + echo "add a .torrent or magnet:// file to be downloaded by and stored on my server" + echo "usage: sane-bt-add [options] " + echo "options:" + echo " --prefix " + echo " --film" + echo " --show " + echo " --book " + echo " --audiobook " + echo " --vn " + echo " --author " + echo "" + echo "the above options are used to construct the filesystem path where the torrent data will live" + echo "everything is relative to the root media directory (not /)" + exit + ;; (--prefix) shift prefix="$1" From ae2e4931f33c34ab24820e83d1a3bd31786a7a4a Mon Sep 17 00:00:00 2001 From: Colin Date: Fri, 19 May 2023 19:52:44 +0000 Subject: [PATCH 3/4] sane-bt-show: port to nix-shell --- pkgs/additional/sane-scripts/default.nix | 6 +++++- pkgs/additional/sane-scripts/src/sane-bt-show | 3 ++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/pkgs/additional/sane-scripts/default.nix b/pkgs/additional/sane-scripts/default.nix index e832a5be..719c8e1a 100644 --- a/pkgs/additional/sane-scripts/default.nix +++ b/pkgs/additional/sane-scripts/default.nix @@ -49,7 +49,6 @@ let sops sudo systemd - transmission util-linux which ]; @@ -124,6 +123,11 @@ let src = ./src; pyPkgs = [ "natsort" "requests" ]; }; + bt-show = static-nix-shell.mkBash { + pname = "sane-bt-show"; + src = ./src; + pkgs = [ "transmission" ]; + }; date-math = static-nix-shell.mkPython3Bin { pname = "sane-date-math"; src = ./src; diff --git a/pkgs/additional/sane-scripts/src/sane-bt-show b/pkgs/additional/sane-scripts/src/sane-bt-show index 62db7c85..2f234dd5 100755 --- a/pkgs/additional/sane-scripts/src/sane-bt-show +++ b/pkgs/additional/sane-scripts/src/sane-bt-show @@ -1,4 +1,5 @@ -#!/usr/bin/env bash +#!/usr/bin/env nix-shell +#!nix-shell -i bash -p transmission endpoint=https://bt.uninsane.org/transmission/rpc PASS=$(sudo cat /run/secrets/transmission_passwd) From 21d17c330f4920f7de7f78661e0be3169a0824cd Mon Sep 17 00:00:00 2001 From: Colin Date: Fri, 19 May 2023 19:58:37 +0000 Subject: [PATCH 4/4] sane-backup-*: port to nix-shell --- pkgs/additional/sane-scripts/default.nix | 14 ++++++++++---- pkgs/additional/sane-scripts/src/sane-backup-ls | 5 +++-- .../sane-scripts/src/sane-backup-restore | 5 +++-- 3 files changed, 16 insertions(+), 8 deletions(-) diff --git a/pkgs/additional/sane-scripts/default.nix b/pkgs/additional/sane-scripts/default.nix index 719c8e1a..f95f9ced 100644 --- a/pkgs/additional/sane-scripts/default.nix +++ b/pkgs/additional/sane-scripts/default.nix @@ -27,7 +27,6 @@ let "bin" coreutils-full curl - duplicity file findutils git @@ -53,7 +52,6 @@ let which ]; keep = { - "/run/secrets/duplicity_passphrase" = true; # we write here: keep it "/tmp/rmlint.sh" = true; # intentionally escapes (into user code) @@ -77,7 +75,6 @@ let # list of programs which *can* or *cannot* exec their arguments execer = with pkgs; [ - "cannot:${duplicity}/bin/duplicity" "cannot:${git}/bin/git" "cannot:${gocryptfs}/bin/gocryptfs" "cannot:${ifuse}/bin/ifuse" @@ -89,7 +86,6 @@ let "cannot:${sops}/bin/sops" "cannot:${ssh-to-age}/bin/ssh-to-age" "cannot:${systemd}/bin/systemctl" - "cannot:${transmission}/bin/transmission-remote" ]; }; }; @@ -108,6 +104,16 @@ let py-scripts = { # anything added to this attrset gets symlink-joined into `sane-scripts` + backup-ls = static-nix-shell.mkBash { + pname = "sane-backup-ls"; + src = ./src; + pkgs = [ "duplicity" ]; + }; + backup-restore = static-nix-shell.mkBash { + pname = "sane-backup-restore"; + src = ./src; + pkgs = [ "duplicity" ]; + }; bt-add = static-nix-shell.mkBash { pname = "sane-bt-add"; src = ./src; diff --git a/pkgs/additional/sane-scripts/src/sane-backup-ls b/pkgs/additional/sane-scripts/src/sane-backup-ls index 23279d6f..3d076d11 100755 --- a/pkgs/additional/sane-scripts/src/sane-backup-ls +++ b/pkgs/additional/sane-scripts/src/sane-backup-ls @@ -1,10 +1,11 @@ -#!/usr/bin/env bash +#!/usr/bin/env nix-shell +#!nix-shell -i bash -p duplicity # N.B. must be run as root set -ex # source the URL; hack to satisfy resholve -external_cmd="source /run/secrets/duplicity_passphrase" +external_cmd="source /run/secrets/duplicity_passphrase.env" $external_cmd duplicity list-current-files --archive-dir /var/lib/duplicity $DUPLICITY_URL diff --git a/pkgs/additional/sane-scripts/src/sane-backup-restore b/pkgs/additional/sane-scripts/src/sane-backup-restore index 0cc3726d..2d947444 100755 --- a/pkgs/additional/sane-scripts/src/sane-backup-restore +++ b/pkgs/additional/sane-scripts/src/sane-backup-restore @@ -1,4 +1,5 @@ -#!/usr/bin/env bash +#!/usr/bin/env nix-shell +#!nix-shell -i bash -p duplicity # N.B. must be run as root @@ -8,6 +9,6 @@ dest_path="$1" source_path="$2" # source the URL; hack to satisfy resholve -external_cmd="source /run/secrets/duplicity_passphrase" +external_cmd="source /run/secrets/duplicity_passphrase.env" $external_cmd duplicity restore --archive-dir /var/lib/duplicity --file-to-restore "$source_path" $DUPLICITY_URL "$dest_path"