Merge remote-tracking branch 'cd/master'

Conflicts:
	3modules/tv/retiolum.nix

1systems/tv/wu.nix

@@ -168,7 +168,7 @@ in
           # then we have to update the package
 
           # ref src/nixpkgs/pkgs/tools/admin/sec/default.nix
-          http://simple-evcorr.sourceforge.net/
+          https://api.github.com/repos/simple-evcorr/sec/tags
 
           # ref src/nixpkgs/pkgs/tools/networking/urlwatch/default.nix
           https://thp.io/2008/urlwatch/

2configs/tv/git-public.nix

@@ -1,87 +1,80 @@
 { config, lib, pkgs, ... }:
-
+with import ../../4lib/tv { inherit lib pkgs; };
-with lib;
 let
-  inherit (builtins) map readFile;
-  inherit (lib) concatMap listToAttrs;
-  # TODO lib should already include our stuff
-  inherit (import ../../4lib/tv { inherit lib pkgs; }) addNames git;
 
-  public-git-repos = [
+  out = {
-    (public "cgserver")
+    imports = [ ../../3modules/tv/git.nix ];
-    (public "crude-mail-setup")
+    tv.git = {
-    (public "dot-xmonad")
+      enable = true;
-    (public "hack")
+      root-title = "public repositories at ${config.tv.identity.self.name}";
-    (public "load-env")
+      root-desc = "keep calm and engage";
-    (public "make-snapshot")
+      inherit repos rules users;
-    (public "mime")
+    };
-    (public "much")
-    (public "nixos-infest")
-    (public "nixpkgs")
-    (public "painload")
-    (public "quipper")
-    (public "regfish")
-    (public' {
-      name = "shitment";
-      desc = "turn all the computers into one computer!";
-    })
-    (public "wai-middleware-time")
-    (public "web-routes-wai-custom")
-    (public "xintmap")
-  ];
-
-  users = addNames {
-    tv = { pubkey = readFile ../../Zpubkeys/tv_wu.ssh.pub; };
-    lass = { pubkey = readFile ../../Zpubkeys/lass.ssh.pub; };
-    uriel = { pubkey = readFile ../../Zpubkeys/uriel.ssh.pub; };
-    makefu = { pubkey = readFile ../../Zpubkeys/makefu.ssh.pub; };
   };
 
-  repos = listToAttrs (map ({ repo, ... }: { name = repo.name; value = repo; }) public-git-repos);
+  repos = public-repos;
+  rules = concatMap make-rules (attrValues repos);
 
-  rules = concatMap ({ rules, ... }: rules) public-git-repos;
+  public-repos = mapAttrs make-public-repo {
+    cgserver = {};
+    crude-mail-setup = {};
+    dot-xmonad = {};
+    hack = {};
+    load-env = {};
+    make-snapshot = {};
+    mime = {};
+    much = {};
+    nixos-infest = {};
+    nixpkgs = {};
+    painload = {};
+    quipper = {};
+    regfish = {};
+    stockholm = {
+      desc = "take all the computers hostage, they'll love you!";
+    };
+    wai-middleware-time = {};
+    web-routes-wai-custom = {};
+    xintmap = {};
+  };
 
-  public' = { name, desc }:
+  # TODO move users to separate module
-    let
+  users = mapAttrs make-user {
-      x = public name;
+    tv = ../../Zpubkeys/tv_wu.ssh.pub;
-    in
+    lass = ../../Zpubkeys/lass.ssh.pub;
-    x // { repo = x.repo // { inherit desc; }; };
+    uriel = ../../Zpubkeys/uriel.ssh.pub;
+    makefu = ../../Zpubkeys/makefu.ssh.pub;
+  };
 
-  public = repo-name:
+  make-public-repo = name: { desc ? null, ... }: {
-    rec {
+    inherit name desc;
-      repo = {
+    public = true;
-        name = repo-name;
     hooks = {
       post-receive = git.irc-announce {
-            nick = config.networking.hostName; # TODO make this the default
+        # TODO make nick = config.tv.identity.self.name the default
+        nick = config.tv.identity.self.name;
         channel = "#retiolum";
         server = "cd.retiolum";
       };
     };
-        public = true;
   };
-      rules = with git; with users; [
+
-        { user = tv;
+  make-rules =
+    with git // users;
+    repo:
+      singleton {
+        user = tv;
         repo = [ repo ];
         perm = push "refs/*" [ non-fast-forward create delete merge ];
-        }
+      } ++
-        { user = [ lass makefu uriel ];
+      optional repo.public {
+        user = [ lass makefu uriel ];
         repo = [ repo ];
         perm = fetch;
-        }
-      ];
       };
 
-in
+  make-user = name: pubkey-file: {
-
+    inherit name;
-{
+    pubkey = readFile pubkey-file;
-  imports = [
-    ../../3modules/tv/git.nix
-  ];
-  tv.git = {
-    enable = true;
-    inherit repos rules users;
-    root-title = "public repositories at ${config.networking.hostName}";
-    root-desc = "keep calm and engage";
   };
-}
+
+in out

3modules/tv/retiolum.nix

@@ -83,11 +83,10 @@ let
       type = types.listOf types.str;
       default = [ "fastpoke" "pigstarter" "kheurop" ];
       description = ''
-      The list of hosts in the network which the client will try to connect to.
+        The list of hosts in the network which the client will try to connect
-      These hosts should have an 'Address' configured which points to a routeable
+        to.  These hosts should have an 'Address' configured which points to a
-      IPv4 or IPv6 address
+        routeable IPv4 or IPv6 address.
-      ''
+      '';
-      ;
     };
 
   };