Compare revisions

6555b6fa · f7fb2209 · 6555b6fa · 6555b6fa · 6555b6fa · 6555b6fa
--- a/nixpkgs-ps.nix
+++ b/nixpkgs-ps.nix
-import (builtins.fetchTarball (builtins.fromJSON (builtins.readFile ./nixpkgs-ps.json)))
+import (builtins.fetchTarball (builtins.fromJSON (builtins.readFile ./nixpkgs.json)))
--- a/privatestorageio.nix
+++ b/privatestorageio.nix
-{ stdenv, lib, graphviz, python3Packages }:
-stdenv.mkDerivation rec {
-  version = "0.0";
-  name = "privatestorageio-${version}";
-  src = lib.cleanSource ./.;
-
-  depsBuildBuild = [
-    graphviz
-  ];
-
-  buildPhase = ''
-  ${python3Packages.sphinx}/bin/sphinx-build -W docs/source docs/build
-  '';
-
-  installPhase = ''
-  mkdir $out
-  mv docs/build $out/docs
-  '';
-}
--- a/shell.nix
+++ b/shell.nix
 let
-  release2105 = import ./nixpkgs-2105.nix { };
+  pinned-pkgs = import ./nixpkgs.nix { };
 in
-{ pkgs ? release2105, lib ? pkgs.lib, python ? pkgs.python3 }:
+{ pkgs ? pinned-pkgs, lib ? pkgs.lib, python ? pkgs.python3 }:
 let
  tools = pkgs.callPackage ./tools {};
 in
@@ -10,7 +10,7 @@ pkgs.mkShell {
  # first adds that path to the store, and then interpolates the store path
  # into the string.  We use `builtins.toString` to convert the path to a
  # string without copying it to the store before interpolating. Either the
-  # path is already in the store (e.g. when `pkgs` is `release2105`) so we
+  # path is already in the store (e.g. when `pkgs` is `pinned-pkgs`) so we
  # avoid making a second copy with a longer name, or the user passed in local
  # path (e.g. a checkout of nixpkgs) and we point at it directly, rather than
  # a snapshot of it.
@@ -22,6 +22,8 @@ pkgs.mkShell {
  inputsFrom = [tools];
  buildInputs = [
    tools
+    pkgs.cacert
+    pkgs.nix
    pkgs.morph
    pkgs.jp
  ];

--- a/tools/default.nix
+++ b/tools/default.nix
@@ -16,6 +16,7 @@ let
  python-commands = [
    ./update-nixpkgs
    ./update-gitlab-repo
+    ./update-github-repo
  ];
 in
  # This derivation creates a package that wraps our tools to setup an environment

--- a/tools/get-vpn-config.nix
+++ b/tools/get-vpn-config.nix
@@ -9,11 +9,9 @@
 { pathToGrid }:
 let
  grid = import pathToGrid;
-  vpnConfig = node: node.services.private-storage.monitoring.vpn or null;
-  vpnClientIP = node: (vpnConfig node).client.ip or null;
-  vpnServerIP = node: (vpnConfig node).server.ip or null;
-in
+  vpnIP = node: node.config.grid.monitoringvpnIPv4 or null;  # "or null" since "network" in grid doesn't have a monitoringIPv4
+in rec
 {
- "serverIP" = vpnServerIP grid.monitoring;
- "clientIPs" = builtins.filter (x: x != null) (map vpnClientIP (builtins.attrValues grid));
+ serverIP = vpnIP grid.monitoring;
+ clientIPs = builtins.filter (x: x != serverIP && x != null) (map vpnIP (builtins.attrValues grid));
 }
--- a/tools/update-github-repo
+++ b/tools/update-github-repo
+#!/usr/bin/env python
+
+"""
+Update a pinned github repository.
+
+Pass this path to a JSON file and it will update it to the latest
+version of the branch it specifies. You can also pass a different
+branch or repository owner, which will update the file to point at
+the new branch/repository, and update to the latest version.
+"""
+
+import argparse
+import json
+from pathlib import Path
+
+import httpx
+from ps_tools import get_url_hash
+
+HASH_TYPE = "sha512"
+
+ARCHIVE_TEMPLATE = "https://api.github.com/repos/{owner}/{repo}/tarball/{rev}"
+BRANCH_TEMPLATE = (
+    "https://api.github.com/repos/{owner}/{repo}/commits/{branch}"
+)
+
+
+def get_github_commit(config):
+    response = httpx.get(BRANCH_TEMPLATE.format(**config))
+    response.raise_for_status()
+    return response.json()["sha"]
+
+
+def get_github_archive_url(config):
+    return ARCHIVE_TEMPLATE.format(**config)
+
+
+def main():
+    parser = argparse.ArgumentParser(description=__doc__)
+    parser.add_argument(
+        "repo_file",
+        metavar="repo-file",
+        type=Path,
+        help="JSON file with pinned configuration.",
+    )
+    parser.add_argument(
+        "--branch",
+        type=str,
+        help="Branch to update to.",
+    )
+    parser.add_argument(
+        "--owner",
+        type=str,
+        help="Repository owner to update to.",
+    )
+    parser.add_argument(
+        "--rev",
+        type=str,
+        help="Revision to pin.",
+    )
+    parser.add_argument(
+        "--dry-run",
+        action="store_true",
+    )
+    args = parser.parse_args()
+
+    repo_file = args.repo_file
+    config = json.loads(repo_file.read_text())
+
+    for key in ["owner", "branch"]:
+        if getattr(args, key) is not None:
+            config[key] = getattr(args, key)
+
+    if args.rev is not None:
+        config["rev"] = args.rev
+    else:
+        config["rev"] = get_github_commit(config)
+
+    archive_url = get_github_archive_url(config)
+    config.update(get_url_hash(HASH_TYPE, "source", archive_url))
+
+    output = json.dumps(config, indent=2)
+    if args.dry_run:
+        print(output)
+    else:
+        repo_file.write_text(output)
+
+
+if __name__ == "__main__":
+    main()
--- a/tools/update-nixpkgs
+++ b/tools/update-nixpkgs
@@ -10,7 +10,7 @@ from ps_tools import get_url_hash
 # We pass this to builtins.fetchTarball which only supports sha256
 HASH_TYPE = "sha256"

-DEFAULT_CHANNEL = "nixos-21.05"
+DEFAULT_CHANNEL = "nixos-25.05"
 CHANNEL_URL_TEMPLATE = "https://channels.nixos.org/{channel}/nixexprs.tar.xz"


@@ -24,9 +24,8 @@ def get_nixos_channel_url(*, channel):
    the release.
    """
    response = httpx.head(
-        CHANNEL_URL_TEMPLATE.format(channel=channel), allow_redirects=False
+        CHANNEL_URL_TEMPLATE.format(channel=channel), follow_redirects=False
    )
-    response.raise_for_status()
    assert response.is_redirect
    return str(response.next_request.url)

@@ -37,7 +36,7 @@ def main():
        "repo_file",
        metavar="repo-file",
        nargs="?",
-        default=Path(__file__).parent.with_name("nixpkgs-2105.json"),
+        default=Path(__file__).parent.with_name("nixpkgs.json"),
        type=Path,
        help="JSON file with pinned configuration.",
    )
@@ -49,7 +48,9 @@ def main():
    args = parser.parse_args()

    repo_file = args.repo_file
+    print(f"reading {repo_file}")
    config = json.loads(repo_file.read_text())
+    print(f"read {config!r}")

    config["url"] = get_nixos_channel_url(channel=args.channel)
    hash_data = get_url_hash(HASH_TYPE, name=config["name"], url=config["url"])
@@ -59,6 +60,7 @@ def main():
    if args.dry_run:
        print(output)
    else:
+        print(f"writing to {repo_file}")
        repo_file.write_text(output)
No results found