From ed56f41ddc1775ef8938befa88dcb7d029bf6450 Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 4 Jun 2016 19:06:50 +0200 Subject: krebs types.haskell.{con,mod}id: init --- krebs/4lib/types.nix | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'krebs') diff --git a/krebs/4lib/types.nix b/krebs/4lib/types.nix index 56d1d55c3..66191d0b3 100644 --- a/krebs/4lib/types.nix +++ b/krebs/4lib/types.nix @@ -286,6 +286,19 @@ types // rec { }; }; + haskell.conid = mkOptionType { + name = "Haskell constructor identifier"; + check = x: + isString x && match "[[:upper:]][[:lower:]_[:upper:]0-9']*" x != null; + merge = mergeOneOption; + }; + + haskell.modid = mkOptionType { + name = "Haskell module identifier"; + check = x: isString x && all haskell.conid.check (splitString "." x); + merge = mergeOneOption; + }; + # RFC952, B. Lexical grammar, hostname = mkOptionType { name = "hostname"; -- cgit v1.2.3 From fc826f8f7a613c68e595e16fd793b0b318425af8 Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 4 Jun 2016 19:09:19 +0200 Subject: krebs pkgs.{writeHaskellBin => writeHaskell} --- krebs/5pkgs/builders.nix | 98 +++++++++++++++++++++++++++++++++++++++--------- 1 file changed, 80 insertions(+), 18 deletions(-) (limited to 'krebs') diff --git a/krebs/5pkgs/builders.nix b/krebs/5pkgs/builders.nix index 39b91d144..ac355991a 100644 --- a/krebs/5pkgs/builders.nix +++ b/krebs/5pkgs/builders.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }: +{ config, pkgs, ... }: with config.krebs.lib; rec { execve = name: { filename, argv ? null, envp ? {}, destination ? "" }: let @@ -66,50 +66,112 @@ rec { mv "$textPath" $out ''; - writeHaskellBin = + writeHaskell = k: let k' = parseDrvName k; name = k'.name; version = if k'.version != "" then k'.version else "0"; in - { build-depends ? ["base"] ++ depends - , depends ? [] + { base-depends ? ["base"] + , executables ? {} , ghc-options ? ["-Wall" "-O3" "-threaded" "-rtsopts"] , haskellPackages ? pkgs.haskellPackages + , library ? null , license ? "WTFPL" }: - main-text: let + isExecutable = executables != {}; + isLibrary = library != null; + cabal-file = pkgs.writeText "${name}-${version}.cabal" '' build-type: Simple cabal-version: >= 1.2 name: ${name} version: ${version} - - executable ${name} - build-depends: ${concatStringsSep "," build-depends} - ghc-options: ${toString ghc-options} - main-is: ${main-file.name} + ${concatStringsSep "\n" (mapAttrsToList exe-section executables)} + ${optionalString isLibrary (lib-section library)} ''; - main-file = pkgs.writeText "${name}-${version}.hs" main-text; + + exe-install = + exe-name: + { file ? pkgs.writeText "${name}-${exe-name}.hs" text + , relpath ? "${exe-name}.hs" + , text + , ... }: + if types.filename.check exe-name + then "install -D ${file} $out/${relpath}" + else throw "argument ‘exe-name’ is not a ${types.filename.name}"; + + exe-section = + exe-name: + { build-depends ? base-depends ++ extra-depends + , extra-depends ? [] + , file ? pkgs.writeText "${name}-${exe-name}.hs" text + , relpath ? "${exe-name}.hs" + , text + , ... }: '' + executable ${exe-name} + build-depends: ${concatStringsSep "," build-depends} + ghc-options: ${toString ghc-options} + main-is: ${relpath} + ''; + + get-depends = + { build-depends ? base-depends ++ extra-depends + , extra-depends ? [] + , ... + }: + build-depends; + + lib-install = + { exposed-modules + , ... }: + concatStringsSep "\n" (mapAttrsToList mod-install exposed-modules); + + lib-section = + { build-depends ? base-depends ++ extra-depends + , extra-depends ? [] + , exposed-modules + , ... }: '' + library + build-depends: ${concatStringsSep "," build-depends} + ghc-options: ${toString ghc-options} + exposed-modules: ${concatStringsSep "," (attrNames exposed-modules)} + ''; + + mod-install = + mod-name: + { file ? pkgs.writeText "${name}-${mod-name}.hs" text + , relpath ? "${replaceStrings ["."] ["/"] mod-name}.hs" + , text + , ... }: + if types.haskell.modid.check mod-name + then "install -D ${file} $out/${relpath}" + else throw "argument ‘mod-name’ is not a ${types.haskell.modid.name}"; in - haskellPackages.mkDerivation rec { - inherit license version; - executableHaskellDepends = attrVals build-depends haskellPackages; - isExecutable = true; - isLibrary = false; + haskellPackages.mkDerivation { + inherit isExecutable isLibrary license version; + executableHaskellDepends = + attrVals + (concatMap get-depends (attrValues executables)) + haskellPackages; + libraryHaskellDepends = + attrVals + (optionals isLibrary (get-depends library)) + haskellPackages; pname = name; src = pkgs.runCommand "${name}-${version}-src" {} '' install -D ${cabal-file} $out/${cabal-file.name} - install -D ${main-file} $out/${main-file.name} + ${optionalString isLibrary (lib-install library)} + ${concatStringsSep "\n" (mapAttrsToList exe-install executables)} ''; }; writeNixFromCabal = trace (toString [ "The function `writeNixFromCabal` has been deprecated in favour of" - "`writeHaskellBin'." + "`writeHaskell`." ]) (name: path: pkgs.runCommand name {} '' ${pkgs.cabal2nix}/bin/cabal2nix ${path} > $out -- cgit v1.2.3 From a0a2606f8d3469baa2b05cdb17c88ce031484e14 Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 5 Jun 2016 00:24:42 +0200 Subject: krebs pkgs.writeBash{,Bin}: init --- krebs/5pkgs/builders.nix | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'krebs') diff --git a/krebs/5pkgs/builders.nix b/krebs/5pkgs/builders.nix index ac355991a..f60bbc9d0 100644 --- a/krebs/5pkgs/builders.nix +++ b/krebs/5pkgs/builders.nix @@ -28,6 +28,21 @@ rec { execveBin = name: cfg: execve name (cfg // { destination = "/bin/${name}"; }); + writeBash = name: text: pkgs.writeScript name '' + #! ${pkgs.bash}/bin/bash + ${text} + ''; + + writeBashBin = name: text: pkgs.writeTextFile { + executable = true; + destination = "/bin/${name}"; + name = name; + text = '' + #! ${pkgs.bash}/bin/bash + ${text} + ''; + }; + writeC = name: { destination ? "" }: src: pkgs.runCommand name {} '' PATH=${makeBinPath (with pkgs; [ binutils -- cgit v1.2.3 From c1c645b545b960eb639fc6d41dfa35ee187ae164 Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 5 Jun 2016 00:31:36 +0200 Subject: krebs.setuid: add option "envp" --- krebs/3modules/setuid.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/3modules/setuid.nix b/krebs/3modules/setuid.nix index cfb8382e8..65a4abe1c 100644 --- a/krebs/3modules/setuid.nix +++ b/krebs/3modules/setuid.nix @@ -20,6 +20,10 @@ let type = types.filename; default = config._module.args.name; }; + envp = mkOption { + type = types.attrsOf types.str; + default = {}; + }; filename = mkOption { type = mkOptionType { # TODO unyuck string and merge with toC @@ -57,7 +61,7 @@ let }; config.activate = let src = pkgs.execve config.name { - inherit (config) filename; + inherit (config) envp filename; }; dst = "${wrapperDir}/${config.name}"; in '' -- cgit v1.2.3