github-hosts-sync: 1.0.0 -> 2.0.0

2019-05-17 13:06:36 +02:00 · 2019-05-17 13:06:36 +02:00 · acb3f95fa6
parent 4630d10b31
commit acb3f95fa6
3 changed files with 56 additions and 86 deletions
--- a/krebs/3modules/github-hosts-sync.nix
+++ b/krebs/3modules/github-hosts-sync.nix
@ -11,17 +11,25 @@ let

  api = {
    enable = mkEnableOption "krebs.github-hosts-sync";
-    port = mkOption {
-      type = types.int; # TODO port type
-      default = 1028;
-    };
    dataDir = mkOption {
      type = types.str; # TODO path (but not just into store)
      default = "/var/lib/github-hosts-sync";
    };
+    srcDir = mkOption {
+      type = types.str;
+      default = "${config.krebs.tinc.retiolum.confDir}/hosts";
+    };
    ssh-identity-file = mkOption {
      type = types.suffixed-str [".ssh.id_ed25519" ".ssh.id_rsa"];
-      default = toString <secrets/github-hosts-sync.ssh.id_rsa>;
+      default = toString <secrets/github-hosts-sync.ssh.id_ed25519>;
+    };
+    url = mkOption {
+      type = types.str;
+      default = "git@github.com:krebscode/hosts.git";
+    };
+    workTree = mkOption {
+      type = types.absolute-pathname;
+      default = "${cfg.dataDir}/cache";
    };
  };

@ -30,13 +38,16 @@ let
      after = [ "network.target" ];
      wantedBy = [ "multi-user.target" ];
      environment = {
-        port = toString cfg.port;
+        GITHUB_HOST_SYNC_SRCDIR = cfg.srcDir;
+        GITHUB_HOST_SYNC_WORKTREE = cfg.workTree;
+        GITHUB_HOST_SYNC_URL = cfg.url;
      };
      serviceConfig = {
        PermissionsStartOnly = "true";
        SyslogIdentifier = "github-hosts-sync";
        User = user.name;
-        Restart = "always";
+        Type = "oneshot";
+        RemainAfterExit = true;
        ExecStartPre = pkgs.writeDash "github-hosts-sync-init" ''
          set -euf
          install -m 0711 -o ${user.name} -d ${cfg.dataDir}
--- a/krebs/5pkgs/simple/github-hosts-sync/default.nix
+++ b/krebs/5pkgs/simple/github-hosts-sync/default.nix
@ -1,7 +1,8 @@
 { pkgs, stdenv, ... }:

-stdenv.mkDerivation {
-  name = "github-hosts-sync";
+stdenv.mkDerivation rec {
+  name = "github-hosts-sync-${version}";
+  version = "2.0.0";

  src = ./src;

@ -10,28 +11,21 @@ stdenv.mkDerivation {
    "installPhase"
  ];

-  installPhase =
-    let
-      ca-bundle = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
-      path = stdenv.lib.makeBinPath (with pkgs; [
-        coreutils
-        findutils
-        git
-        gnugrep
-        gnused
-        nettools
-        openssh
-        socat
-      ]);
-    in
+  installPhase = let
+    ca-bundle = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
+    path = stdenv.lib.makeBinPath [
+      pkgs.git
+      pkgs.openssh
+      pkgs.rsync
+    ];
+  in
    ''
      mkdir -p $out/bin

-      sed \
-        's,^main() {$,&\n  export PATH=${path} GIT_SSL_CAINFO=${ca-bundle},' \
-        < hosts-sync \
-        > $out/bin/github-hosts-sync
+      cp hosts-sync $out/bin/github-hosts-sync

-      chmod +x $out/bin/github-hosts-sync
+      sed -i \
+        '1s,$,\nPATH=${path}''${PATH+:$PATH} GIT_SSL_CAINFO=${ca-bundle},' \
+        $out/bin/github-hosts-sync
    '';
 }
--- a/krebs/5pkgs/simple/github-hosts-sync/src/hosts-sync
+++ b/krebs/5pkgs/simple/github-hosts-sync/src/hosts-sync
@ -1,66 +1,31 @@
 #! /bin/sh
-# TODO do_work should retry until success
-set -euf
+set -efu
+exec >&2

-port=${port-1028}
-local_painload=$HOME/painload
-remote_painload="https://github.com/krebscode/painload"
-local_hosts=$HOME/hosts
-remote_hosts="git@github.com:krebscode/hosts.git"
+hosts_srcdir=$GITHUB_HOST_SYNC_SRCDIR
+hosts_worktree=${GITHUB_HOST_SYNC_WORKTREE-/tmp/hosts}
+hosts_url=${GITHUB_HOST_SYNC_URL-git@github.com:krebscode/hosts.git}

-main() {
-  ensure_local_painload
-  ensure_local_hosts
-  is_worker && do_work || become_server
-}
+test -d "$hosts_worktree" || git clone "$hosts_url" "$hosts_worktree"

-ensure_local_painload() {
-  test -d "$local_painload" || git clone "$remote_painload" "$local_painload"
-}
+cd "$hosts_worktree"

-ensure_local_hosts() {
-  test -d "$local_hosts" || git clone "$remote_hosts" "$local_hosts"
-}
+git pull

-become_server() {
-  exec socat "TCP-LISTEN:$port,reuseaddr,fork" "EXEC:$0"
-}
+rsync \
+    --chmod D755,F644 \
+    --delete-excluded \
+    --filter 'protect .git' \
+    --recursive \
+    --verbose \
+    "$hosts_srcdir/" \
+    .

-is_worker() {
-  test "${SOCAT_SOCKPORT-}" = "$port"
-}
+git add .

-do_work() {
-  # read request
-  req_line="$(read line && echo "$line")"
-  req_hdrs="$(sed -n '/^\r$/q;p')"
-
-  set -x
-
-  cd "$local_hosts"
-  git pull >&2
-
-  cd "$local_hosts"
-  find . -name .git -prune -o -type f -exec git rm \{\} \; >/dev/null
-
-  cd "$local_painload"
-  git pull >&2
-
-  find "$local_painload/retiolum/hosts" -type f -exec cp \{\} "$local_hosts" \;
-
-  cd "$local_hosts"
-  find . -name .git -prune -o -type f -exec git add \{\} \; >&2
-  if git status --porcelain | grep -q .; then
-    git config user.email "$LOGNAME@$(hostname)"
-    git config user.name "$LOGNAME"
-    git commit -m bump >&2
-    git push >&2
-  fi
-
-  echo "HTTP/1.1 200 OK"
-  echo
-  echo "https://github.com/krebscode/hosts/archive/master.tar.gz"
-  echo "https://github.com/krebscode/hosts/archive/master.zip"
-}
-
-main "$@"
+if test -n "$(git status --porcelain)"; then
+  git config user.email "$LOGNAME@$(hostname)"
+  git config user.name "$LOGNAME"
+  git commit -m bump
+  git push
+fi