feat: convert to flake

feat(zaatar): convert to flake

feat(tahina, tabula): convert to flake

feat(makanek): convert to flake

feat(manakish, zaatar): convert to flake

feat(ci): build flake systems

fix: ci build

feat: secrets via submodule

foo

foo

foo

packages/cyberlocker-tools.nix

@@ -0,0 +1,23 @@
+{pkgs}:
+pkgs.symlinkJoin {
+  name = "cyberlocker-tools";
+  paths = [
+    (pkgs.writers.writeDashBin "cput" ''
+      set -efu
+      path=''${1:-$(hostname)}
+      path=$(echo "/$path" | sed -E 's:/+:/:')
+      url=http://c.r$path
+
+      ${pkgs.curl}/bin/curl -fSs --data-binary @- "$url"
+      echo "$url"
+    '')
+    (pkgs.writers.writeDashBin "cdel" ''
+      set -efu
+      path=$1
+      path=$(echo "/$path" | sed -E 's:/+:/:')
+      url=http://c.r$path
+
+      ${pkgs.curl}/bin/curl -f -X DELETE "$url"
+    '')
+  ];
+}

packages/dic.nix

@@ -0,0 +1,43 @@
+{
+  fetchgit,
+  lib,
+  stdenv,
+  coreutils,
+  curl,
+  gnugrep,
+  gnused,
+  util-linux,
+}:
+stdenv.mkDerivation {
+  name = "dic";
+
+  src = fetchgit {
+    url = https://cgit.ni.krebsco.de/dic;
+    rev = "refs/tags/v1.1.1";
+    sha256 = "1gbj967a5hj53fdkkxijqgwnl9hb8kskz0cmpjq7v65ffz3v6vag";
+  };
+
+  phases = [
+    "unpackPhase"
+    "installPhase"
+  ];
+
+  installPhase = let
+    path = lib.makeBinPath [
+      coreutils
+      curl
+      gnused
+      gnugrep
+      util-linux
+    ];
+  in ''
+    mkdir -p $out/bin
+
+    sed \
+      's,^main() {$,&\n  PATH=${path}; export PATH,' \
+      < ./dic \
+      > $out/bin/dic
+
+    chmod +x $out/bin/dic
+  '';
+}

packages/git-preview.nix

@@ -0,0 +1,23 @@
+{
+  coreutils,
+  git,
+  writers,
+}:
+writers.writeDashBin "git-preview" ''
+  set -efu
+  head_commit=$(${git}/bin/git log -1 --format=%H)
+  merge_commit=$1; shift
+  merge_message='Merge for git-preview'
+  preview_dir=$(${coreutils}/bin/mktemp --tmpdir -d git-preview.XXXXXXXX)
+  preview_name=$(${coreutils}/bin/basename "$preview_dir")
+  ${git}/bin/git worktree add --detach -f "$preview_dir" 2>/dev/null
+  ${git}/bin/git -C "$preview_dir" checkout -q "$head_commit"
+  ${git}/bin/git -C "$preview_dir" merge \
+      ''${GIT_PREVIEW_MERGE_STRATEGY+-s "$GIT_PREVIEW_MERGE_STRATEGY"} \
+      -m "$merge_message" \
+      -q \
+      "$merge_commit"
+  ${git}/bin/git -C "$preview_dir" diff "$head_commit.." "$@"
+  ${coreutils}/bin/rm -fR "$preview_dir"
+  ${coreutils}/bin/rm -R .git/worktrees/"$preview_name"
+''

packages/hc.nix

@@ -0,0 +1,49 @@
+{
+  fetchgit,
+  lib,
+  makeWrapper,
+  stdenv,
+  coreutils,
+  findutils,
+  gawk,
+  gnugrep,
+  qrencode,
+  texlive,
+  utillinux,
+  zbar,
+}:
+stdenv.mkDerivation rec {
+  name = "hc-${meta.version}";
+
+  src = fetchgit {
+    url = "https://cgit.krebsco.de/hc";
+    rev = "refs/tags/v${meta.version}";
+    sha256 = "09349gja22p0j3xs082kp0fnaaada14bafszn4r3q7rg1id2slfb";
+  };
+
+  nativeBuildInputs = [makeWrapper];
+
+  buildPhase = null;
+
+  installPhase = ''
+    mkdir -p $out/bin
+
+    cp $src/bin/hc $out/bin/hc
+
+    wrapProgram $out/bin/hc \
+      --prefix PATH : ${lib.makeBinPath [
+      coreutils
+      findutils
+      gawk
+      gnugrep
+      qrencode
+      texlive.combined.scheme-full
+      utillinux
+      zbar
+    ]}
+  '';
+
+  meta = {
+    version = "1.0.0";
+  };
+}

packages/htgen.nix

@@ -0,0 +1,31 @@
+{
+  fetchgit,
+  lib,
+  pkgs,
+  stdenv,
+}:
+stdenv.mkDerivation rec {
+  pname = "htgen";
+  version = "1.3.1";
+
+  src = fetchgit {
+    url = "http://cgit.krebsco.de/htgen";
+    rev = "refs/tags/${version}";
+    sha256 = "0ml8kp89bwkrwy6iqclzyhxgv2qn9dcpwaafbmsr4mgcl70zx22r";
+  };
+
+  installPhase = ''
+    mkdir -p $out/bin
+    {
+      echo '#! ${pkgs.dash}/bin/dash'
+      echo 'export PATH=${lib.makeBinPath [
+      pkgs.coreutils
+      pkgs.jq
+      pkgs.ucspi-tcp
+    ]}''${PATH+":$PATH"}'
+      sed 's:^Server=htgen$:&/${version}:' htgen
+    } > $out/bin/htgen
+    chmod +x $out/bin/htgen
+    cp -r examples $out
+  '';
+}

packages/kpaste.nix

@@ -0,0 +1,9 @@
+{
+  curl,
+  gnused,
+  writers,
+}:
+writers.writeDashBin "kpaste" ''
+  ${curl}/bin/curl -sS http://p.r --data-binary @"''${1:--}" |
+  ${gnused}/bin/sed '$ {p;s|http://p.r|https://p.krebsco.de|}'
+''

packages/scripts/default.nix

@@ -1,11 +1,12 @@
 {
   pkgs,
   lib,
+  config,
   ...
 }: let
   kpaste = pkgs.callPackage <stockholm/krebs/5pkgs/simple/kpaste> {};
-  opustags = pkgs.callPackage <niveum/packages/opustags.nix> {};
-  betacode = pkgs.callPackage <niveum/packages/python3Packages/betacode.nix> {};
+  opustags = pkgs.callPackage ../opustags.nix {};
+  betacode = pkgs.callPackage ../python3Packages/betacode.nix {};
   wrapScript = {
     packages ? [],
     name,
@@ -73,33 +74,6 @@ in
       ${pkgs.coreutils}/bin/printf '%s\n' 'nameserver 1.1.1.1' 'options edns0' > /etc/resolv.conf
     '';
 
-    much-scripts = let
-      much-current-query = wrapScript {
-        packages = [pkgs.curl];
-        name = "much-current-query";
-        script = ./much-current-query.sh;
-      };
-      mail-send = wrapScript {
-        packages = [pkgs.notmuch pkgs.msmtp pkgs.jq];
-        name = "mail-send";
-        script = ./mail-send.sh;
-      };
-      mail-reply = wrapScript {
-        packages = [much-current-query pkgs.notmuch pkgs.gnused pkgs.jq];
-        name = "mail-reply";
-        script = ./mail-reply.sh;
-      };
-      mail-kill = wrapScript {
-        name = "mail-kill";
-        script = ./mail-kill.sh;
-        packages = [pkgs.notmuch];
-      };
-    in
-      pkgs.symlinkJoin {
-        name = "much-scripts";
-        paths = [mail-send much-current-query mail-reply mail-kill];
-      };
-
     showkeys-toggle = pkgs.writers.writeDashBin "showkeys-toggle" ''
       if ${pkgs.procps}/bin/pgrep screenkey; then
         exec ${pkgs.procps}/bin/pkill screenkey
@@ -205,7 +179,7 @@ in
         | ${pkgs.man}/bin/man --local-file --pager="${pkgs.bat}/bin/bat -p" -
     '';
 
-    playlist = import ./pls.nix {inherit pkgs;};
+    playlist = import ./pls.nix {inherit pkgs lib config;};
 
     mpv-tv = import ./mpv-tv.nix {inherit pkgs lib;};
 
@@ -396,8 +370,8 @@ in
     unicodmenu = pkgs.callPackage ./unicodmenu.nix {};
 
     mpv-radio = let
-      streams = import <niveum/lib/streams.nix> {
-        di-fm-key = lib.strings.fileContents <secrets/di.fm/key>;
+      streams = import ../../lib/streams.nix {
+        di-fm-key = "%DI_FM_KEY%"; # lib.strings.fileContents <secrets/di.fm/key>;
       };
       streams-tsv = pkgs.writeText "streams.tsv" (lib.concatMapStringsSep "\n" ({
         desc ? "",
@@ -408,7 +382,12 @@ in
       streams);
     in
       pkgs.writers.writeDashBin "mpv-radio" ''
-        exec ${pkgs.mpv}/bin/mpv --force-window=yes "$(${pkgs.dmenu}/bin/dmenu -i -l 5 < ${streams-tsv} | ${pkgs.coreutils}/bin/cut -f3)"
+        export DI_FM_KEY=$(cat "${config.age.secrets.di-fm-key.path}")
+        exec ${pkgs.mpv}/bin/mpv --force-window=yes "$(
+          ${pkgs.dmenu}/bin/dmenu -i -l 5 < ${streams-tsv} \
+            | ${pkgs.coreutils}/bin/cut -f3 \
+            | ${pkgs.gnused}/bin/sed s/%DI_FM_KEY%/"$DI_FM_KEY"/
+        )"
       '';
 
     rfc = wrapScript {
@@ -489,11 +468,11 @@ in
     '';
   }
   // {
-    devour = pkgs.callPackage <niveum/packages/devour.nix> {};
-    depp = pkgs.callPackage <niveum/packages/depp.nix> {};
-    text2pdf = pkgs.callPackage <niveum/packages/text2pdf.nix> {};
-    vimv = pkgs.callPackage <niveum/packages/vimv.nix> {};
-    when = pkgs.callPackage <niveum/packages/when.nix> {};
-    mahlzeit = pkgs.haskellPackages.callPackage <niveum/packages/mahlzeit.nix> {};
+    devour = pkgs.callPackage ../devour.nix {};
+    depp = pkgs.callPackage ../depp.nix {};
+    text2pdf = pkgs.callPackage ../text2pdf.nix {};
+    vimv = pkgs.callPackage ../vimv.nix {};
+    when = pkgs.callPackage ../when.nix {};
+    mahlzeit = pkgs.haskellPackages.callPackage ../mahlzeit.nix {};
     inherit opustags;
   }

packages/scripts/mail-kill.sh

@@ -1,20 +0,0 @@
-#! /bin/sh
-set -efu
-
-if ! notmuch search --exclude=false tag:deleted | tac | grep .; then
-  echo 'No killed mail.'
-  exit 1
-fi
-
-printf 'want do rm these mail? [y/N] '
-read REPLY
-case "$REPLY" in
-  y|Y) :;; # continue
-  *)
-    echo 'abort.'
-    exit 2
-    ;;
-esac
-
-notmuch search --output=files --exclude=false tag:deleted | xargs -l rm -v
-notmuch new

packages/scripts/mail-reply.sh

@@ -1,47 +0,0 @@
-#! /bin/sh
-set -efu
-
-reply_to=$(much-current-query)
-
-if ! test "$(notmuch search --output=messages "$reply_to" | wc -l)" = 1; then
-  echo "current query doesn't point to exactly one message. abort." >&2
-  exit 1
-fi
-
-# TODO update headers
-
-notmuch reply "$reply_to" |
-sed '
-  /^Non-text part: /d
-  /^Attachment: /d
-' |
-jq -Rrs '
-  # TODO dedup with mail-send
-  split("\n") |
-  index("") as $i |
-  .[:$i] as $head |
-  .[$i:] as $body |
-
-  {
-    "MIME-Version": "1.0",
-    "Content-Type": "text/plain; charset=UTF-8; format=flowed",
-    "Content-Transfer-Encoding": "8bit"
-  } as $extra_head |
-
-  ($extra_head | keys | join("|")) as $extra_head_regex |
-  ($extra_head | to_entries | map("\(.key): \(.value)")) as $extra_head_lines |
-
-  # TODO each of these could be followed by multiple lines starting with spaces
-  ($head | map(select(test("^(\($extra_head_regex)):";"i") | not))) as $head |
-
-  ($head + $extra_head_lines) as $head |
-
-  ($head + $body) | join("\n")
-'
-
-
-# TODO fix From:
-# TODO tune quote
-
-# TODO write draft
-# TODO send mail

packages/scripts/mail-send.sh

@@ -1,56 +0,0 @@
-#! /bin/sh
-# usage: mail-send < FILE
-set -efu
-
-get_in_reply_to() {
-  sed -n '/^In-Reply-to:/I{s/In-Reply-to:\s*//I;h;:a;n;/^\s/{s/^\s*//;H;ba};x;p;q}' |
-  sed -n 's/^<\(.*\)>$/\1/p' |
-  grep .
-}
-
-now=$(date --rfc-email)
-id=$(whoami)+$(date +%s -d "$now")@$(hostname -f)
-
-# TODO check if mail with that ID already exists
-
-# TODO encode subject https://ncona.com/2011/06/using-utf-8-characters-on-an-e-mail-subject/
-#       and maybe recipients
-
-# TODO use tmpfile instead?
-mail=$(
-  env now="$now" id="$id" \
-  jq -Rrs '
-    # TODO dedup with mail-reply
-    split("\n") |
-    index("") as $i |
-    .[:$i] as $head |
-    .[$i:] as $body |
-
-    # TODO each of these could be followed by multiple lines starting with spaces
-    ($head | map(select(test("^(Date|Message-ID|User-Agent):";"i") | not))) as $head |
-
-    ($head + [
-      "Date: \(env.now)",
-      "Message-ID: <\(env.id)>",
-      "User-Agent: much"
-    ]) as $head |
-
-    ($head + $body) | join("\n")
-  '
-)
-
-printf %s "$mail" | msmtpq --read-recipients --read-envelope-from
-
-printf %s "$mail" | notmuch insert
-
-if in_reply_to=$(printf %s "$mail" | get_in_reply_to); then
-  if test "$(notmuch search --output=messages "id:$in_reply_to")" != "id:$in_reply_to"; then
-    echo "while trying to put replied tag, failed to find exactly one message" >&2
-    echo "  query = id:$in_reply_to" >&2
-    exit 1
-  fi
-
-  notmuch tag +replied -unread -- "id:$in_reply_to"
-fi
-
-echo "id:$id"

packages/scripts/pls.nix

@@ -1,10 +1,12 @@
-{pkgs}: let
-  inherit (pkgs) lib;
-
+{
+  config,
+  pkgs,
+  lib,
+}: let
   playlistAPI = "https://radio.lassul.us";
 
   sendIRC = pkgs.writers.writeDash "send-irc" ''
-    ${pkgs.ircaids}/bin/ircsink \
+    ${config.nur.repos.mic92.ircsink}/bin/ircsink \
       --nick musikkritiker \
       --server irc.hackint.org \
       --port 6697 \

packages/untilport.nix

@@ -0,0 +1,17 @@
+{pkgs, ...}:
+pkgs.writers.writeDashBin "untilport" ''
+  set -euf
+
+  usage() {
+    echo 'untiport $target $port'
+    echo 'Sleeps until the destinated port is reachable.'
+    echo 'ex: untilport google.de 80 && echo "google is now reachable"'
+  }
+
+
+  if [ $# -ne 2 ]; then
+    usage
+  else
+    until ${pkgs.libressl.nc}/bin/nc -z "$@"; do sleep 1; done
+  fi
+''

packages/weechat-declarative.nix

@@ -0,0 +1,177 @@
+{
+  pkgs,
+  lib,
+  ...
+} @ args: let
+  # config cannot be declared in the input attribute set because that would
+  # cause callPackage to inject the wrong config.  Instead, get it from ...
+  # via args.
+  config = args.config or {};
+
+  lib =
+    args.lib
+    // rec {
+      attrPaths = let
+        recurse = path: value:
+          if builtins.isAttrs value
+          then lib.mapAttrsToList (name: recurse (path ++ [name])) value
+          else [(lib.nameValuePair path value)];
+      in
+        attrs: lib.flatten (recurse [] attrs);
+
+      attrPathsSep = sep: attrs: lib.listToAttrs (map (x: x // {name = lib.concatStringsSep sep x.name;}) (attrPaths attrs));
+
+      toWeechatValue = x:
+        {
+          bool = builtins.toJSON x;
+          string = x;
+          list = lib.concatMapStringsSep "," toWeechatValue x;
+          int = toString x;
+        }
+        .${builtins.typeOf x};
+
+      setCommand = name: value: "/set ${name} \"${toWeechatValue value}\"";
+
+      filterAddreplace = name: filter: "/filter addreplace ${name} ${filter.buffer} ${toWeechatValue filter.tags} ${filter.regex}";
+    };
+
+  cfg = eval.config;
+
+  eval = lib.evalModules {
+    modules = lib.singleton {
+      _file = toString ./default.nix;
+      imports = lib.singleton config;
+      options = {
+        scripts = lib.mkOption {
+          type = lib.types.listOf lib.types.package;
+          default = [];
+          description = ''
+            some stuff from pkgs.weechatScripts
+          '';
+        };
+        settings = lib.mkOption {
+          type = (pkgs.formats.json {}).type;
+          description = ''
+            your weechat config in nix-style syntax.
+            secrets can be defined with \''${my.secret.value}
+          '';
+          default = {};
+          example = {
+            irc.server_default.nicks = "rick_\\\${sec.data.foo}";
+            irc.server_default.msg_part = "ciao kakao";
+            irc.server_default.msg_quit = "tschö mit \\\${sec.data.foo}";
+            irc.look.color_nicks_in_nicklist = true;
+            matrix.server.nibbana = {
+              address = "nibbana.jp";
+            };
+            irc.server.hackint = {
+              address = "irc.hackint.org/6697";
+              ssl = true;
+              autoconnect = true;
+              autojoin = ["#krebs"];
+            };
+            weechat.bar.buflist.hidden = true;
+            irc.server.hackint.command = lib.concatStringsSep "\\;" [
+              "/msg nickserv IDENTIFY \\\${sec.data.hackint_password}"
+              "/msg nickserv SET CLOAK ON"
+            ];
+            filters.playlist_topic = {
+              buffer = "irc.*.#the_playlist";
+              tags = ["irc_topic"];
+              regex = "*";
+            };
+            relay = {
+              port.weechat = 9000;
+              network.password = "hunter2";
+            };
+            alias.cmd.mod = "quote omode $channel +o $nick";
+            secure.test.passphrase_command = "echo lol1234123124";
+          };
+        };
+        extraCommands = lib.mkOption {
+          type = lib.types.lines;
+          default = "";
+        };
+        files = lib.mkOption {
+          type = lib.types.attrsOf lib.types.str;
+          default = {};
+          example = lib.literalExpression ''
+            {
+              "sec.conf" = toString (pkgs.writeText "sec.conf" '''
+                [crypt]
+                cipher = aes256
+                hash_algo = sha256
+                passphrase_command = ""
+                salt = on
+
+                [data]
+                __passphrase__ = off
+                foo = "bar"
+              ''');
+            }
+          '';
+        };
+      };
+    };
+  };
+
+  setFile = pkgs.writeText "weechat.set" (
+    lib.optionalString (cfg.settings != {})
+    (lib.concatStringsSep "\n" (
+      lib.optionals
+      (cfg.settings.irc or {} != {})
+      (lib.mapAttrsToList
+        (name: server: "/server add ${name} ${lib.toWeechatValue server.addresses}")
+        cfg.settings.irc.server)
+      ++ lib.optionals
+      (cfg.settings.matrix or {} != {})
+      (lib.mapAttrsToList
+        (name: server: "/matrix server add ${name} ${server.address}")
+        cfg.settings.matrix.server)
+      ++ lib.mapAttrsToList lib.setCommand (lib.attrPathsSep "." cfg.settings)
+      ++ lib.optionals
+      (cfg.settings.filters or {} != {})
+      (lib.mapAttrsToList lib.filterAddreplace cfg.settings.filters)
+      ++ lib.singleton cfg.extraCommands
+    ))
+  );
+
+  weechat = pkgs.weechat.override {
+    configure = _: {
+      init = "/exec -oc cat ${setFile}";
+
+      scripts = cfg.scripts;
+    };
+  };
+
+  wrapper = pkgs.writers.writeDashBin "weechat" ''
+    CONFDIR=''${XDG_CONFIG_HOME:-$HOME/.config}/weechat
+    ${pkgs.coreutils}/bin/mkdir -p "$CONFDIR"
+    ${
+      lib.concatStringsSep "\n"
+      (
+        lib.mapAttrsToList
+        (name: target:
+          /*
+          sh
+          */
+          ''
+            ${pkgs.coreutils}/bin/cp ${lib.escapeShellArg target} "$CONFDIR"/${lib.escapeShellArg name}
+            ${pkgs.coreutils}/bin/chmod +w "$CONFDIR"/${lib.escapeShellArg name}
+          '')
+        cfg.files
+      )
+    }
+    exec ${weechat}/bin/weechat "$@"
+  '';
+in
+  pkgs.symlinkJoin {
+    name = "weechat-configured";
+    paths = [
+      wrapper
+      pkgs.weechat
+    ];
+    postBuild = ''
+      ln -s ${setFile} $out/weechat.set
+    '';
+  }