diff options
Diffstat (limited to 'hm')
| -rw-r--r-- | hm/default.nix | 2 | ||||
| -rw-r--r-- | hm/soispha/pkgs/default.nix | 2 | ||||
| -rw-r--r-- | hm/soispha/pkgs/scripts.nix | 20 | ||||
| -rw-r--r-- | hm/soispha/pkgs/scripts/apps/fupdate | 167 | ||||
| -rw-r--r-- | hm/soispha/pkgs/scripts/apps/fupdate.1.md | 62 |
5 files changed, 249 insertions, 4 deletions
diff --git a/hm/default.nix b/hm/default.nix index 292c7251..3017f8f2 100644 --- a/hm/default.nix +++ b/hm/default.nix @@ -12,7 +12,6 @@ river_init_lesser, grades, shell_library, - flake_update, # external deps user_js, # modules @@ -40,7 +39,6 @@ river_init_lesser grades shell_library - flake_update # external deps user_js diff --git a/hm/soispha/pkgs/default.nix b/hm/soispha/pkgs/default.nix index 8541e667..60884493 100644 --- a/hm/soispha/pkgs/default.nix +++ b/hm/soispha/pkgs/default.nix @@ -5,7 +5,6 @@ system, config, # my bins - flake_update, grades, video_pause, ... @@ -141,7 +140,6 @@ with pkgs; let in { home.packages = [ - flake_update.outputs.packages.${system}.default grades.outputs.packages.${system}.default video_pause.outputs.packages.${system}.default ] diff --git a/hm/soispha/pkgs/scripts.nix b/hm/soispha/pkgs/scripts.nix index e295a587..c801b3f0 100644 --- a/hm/soispha/pkgs/scripts.nix +++ b/hm/soispha/pkgs/scripts.nix @@ -107,6 +107,25 @@ path = "small_functions"; dependencies = builtins.attrValues {inherit (pkgs) git git-crypt nixos-rebuild sudo openssh coreutils mktemp gnugrep gnused;}; }; + fupdate-src = write_script { + name = "fupdate"; + path = "apps"; + dependencies = builtins.attrValues { + inherit + (pkgs) + dash + nix + gnugrep + fd + coreutils + bat # used by batgrep + gnused # required by batgrep + git # needed to fetch through git + git-crypt # needed to unlock git-crypted repos + ; + inherit (pkgs.bat-extras) batgrep; + }; + }; ll-scr = sysLib.writeShellScriptWithLibraryUnwrapped { name = "ll"; src = ./scripts/wrappers/ll; @@ -142,6 +161,7 @@ in [ screenshot_temporary-scr # spodi-scr # # TODO: Reactivate when spotdl builds again <2023-10-31> update-sys-scr + fupdate-src virsh-del-scr yti-scr ] diff --git a/hm/soispha/pkgs/scripts/apps/fupdate b/hm/soispha/pkgs/scripts/apps/fupdate new file mode 100644 index 00000000..030bcd75 --- /dev/null +++ b/hm/soispha/pkgs/scripts/apps/fupdate @@ -0,0 +1,167 @@ +#! /usr/bin/env dash + +# shellcheck source=/dev/null +SHELL_LIBRARY_VERSION="1.7.1" . %SHELL_LIBRARY_PATH + + +UPDATE_SCRIPT_NAME="update.sh"; +CONFIG_DIRECTORY_PATH="$HOME/.local/share/flake-update"; + +AUTHORS="Soispha" +YEARS="2023" + +# Searches upward for a `UPDATE_SCRIPT_NAME` script +# Returns a path to the script if it exists, otherwise nothing is returned +check_for_update_script() { + dirname="$(search_upward_files "$UPDATE_SCRIPT_NAME")" + if [ "$dirname" ]; then + printf "%s/%s" "$dirname" "$UPDATE_SCRIPT_NAME" + fi +} + +# Checks if a given path to the update script is allowed. +# Takes the path as input +# Return 0, if allowed, 1 if not. +check_for_allowed_update_script(){ + update_script="$1"; + config_path="${CONFIG_DIRECTORY_PATH}${update_script}"; + update_script_hash="$(sha256sum "$update_script")"; + if [ -f "$config_path" ]; then + if [ "$(cat "$config_path")" = "$update_script_hash" ];then + dbg "Recorded hash matches"; + return 0; + else + dbg "Recorded hash \'$(cat "$config_path")\' does not match real hash \'$update_script_hash\', assuming not allowed"; + return 1; + fi + else + dbg "Path \'$config_path\' does not exist, assuming not allowed"; + return 1; + fi +} + + +# Asks the user if they want to allow a given script. +# Takes the path as input +ask_to_allow_update_script(){ + update_script="$1"; + config_path="${CONFIG_DIRECTORY_PATH}${update_script}"; + update_script_hash="$(sha256sum "$update_script")"; + println "\033[2J"; # clear the screen + cat "$update_script"; + readp "Do you want to allow this script?[N/y]: " allow; + dbg "allow is: $allow"; + case "$allow" in + [yY]) + dbg "allowed script"; + dbg "storing contents in: $config_path"; + mkdir --parents "$(dirname "$config_path")"; + print "$update_script_hash" > "$config_path"; + ;; + *) + UPDATE_SCRIPT_NOT_ALLOWED=true; + ;; + esac +} + +# Runs the provided script and continues to update the nix flake +# Takes the path to the script and the directory to the flake as arguments +# If the path to the update script is empty, it will be ignored +update(){ + update_script="$1"; + flake_base_dir="$2"; + + [ "$update_script" = "" ] || "$update_script"; + dbg "changed directory to: $flake_base_dir"; + cd "$flake_base_dir" || die "Provided dir \'$flake_base_dir\' can not be accessed"; + + nix flake update + if grep '[^0-9]_[0-9]' flake.lock > /dev/null; then + batgrep '[^0-9]_[0-9]' flake.lock; + die "Your flake.nix contains duplicate inputs!"; + fi +} + +help() { +cat << EOF +This is a Nix flake update manager. + +Usage: + $NAME [--help] + +Options: + --help | -h + Display this help and exit. + --version | -v + Display version and copyright information and exit. + +Commands: + flake + update the flake project + <some other command> + runs a executable called "update-<some other command>", if it exists +EOF +} + +main() { + if ! [ "$UPDATE_SCRIPT_NOT_ALLOWED" = true ]; then + update_script="$(check_for_update_script)"; + flake_base_dir="$(search_flake_base_dir)"; # Assume, that the update script is in the base dir + dbg "update_script is: $update_script"; + dbg "flake_base_dir is: $flake_base_dir"; + + if [ "$update_script" = "" ]; then + update "" "$flake_base_dir"; + elif check_for_allowed_update_script "$update_script" && ! [ "$update_script" = "" ]; then + update "$update_script" "$flake_base_dir"; + else + ask_to_allow_update_script "$update_script"; + main; + fi + fi +} + +if [ "$#" -eq 0 ]; then + main; +fi + +for input in "$@"; do + case "$input" in + "--help" | "-h") + help; + exit 0; + ;; + "--version" | "-v") + version; + exit 0; + ;; + "--") + end_of_cli_options=true; + ;; + esac + [ "$end_of_cli_options" = "true" ] && break +done + +while [ "$#" -ne 0 ]; do + case "$1" in + "flake") + main; + shift 1; + ;; + *) + command="$1"; + shift 1; + [ "$1" = "--" ] && shift 1 + if which update-"$command" > /dev/null 2>&1;then + if [ "$end_of_cli_options" = "true" ]; then + update-"$command" "$@"; + else + update-"$command"; + fi + else + die "command \"update-$command\" is not executable, or does not exist"; + fi + ;; + esac + [ "$end_of_cli_options" = "true" ] && break +done diff --git a/hm/soispha/pkgs/scripts/apps/fupdate.1.md b/hm/soispha/pkgs/scripts/apps/fupdate.1.md new file mode 100644 index 00000000..b2b7bf4f --- /dev/null +++ b/hm/soispha/pkgs/scripts/apps/fupdate.1.md @@ -0,0 +1,62 @@ +% FUPDATE(1) fupdate 1.0.0 +% Soispha +% May 2023 + +# NAME +fupdate - updates your flake, while checking for common mistakes + +# SYNOPSIS +**fupdate** list of [*flake*|*<some word>*|*--help*|*-h*] + +# DESCRIPTION +Argument can be stacked, this makes it possible to specify multiple targets to be updated in succession. See the Examples section for further details. + +No argument or *flake* +: **fupdate**, when executed without arguments or with *flake*, will update your *flake.lock*, check for duplicate flake inputs, i.e., an input has an input declared, which you have also declared as input, and will run a script called *update.sh*, if you allow it. +The allowance for the script is asked, when you run **fupdate** and the found script is not yet allowed. Furthermore, the allowance is based on the concrete sha256 hash of the script, so any changes will require another allowance. + +**<some word>** as argument +: If the executable **update-<some word>** is reachable thought the PATH variable, than this is run. Otherwise, the program will exit. + +# OPTIONS +**\-\-help**, **-h** +: Displays a help message and exit. + +**\-\-version**, **-v** +: Displays the software version and exit. + +# EXAMPLES +**fupdate** or **fupdate flake** +: Updates your *flake.lock*. See the Description section for further details. + +**fupdate sys** +: Run the executable **update-sys**, if it exists. See the Description section for further details. + +**fupdate flake sys docs** +: First updates your flake, then, if the command succeeded, runs **update-sys**, afterweich **update-docs** is run. + +# FILES +*update.sh* +: This is supposed to be a shell script located in your flake base directory, i.e., the directory which contains both a *flake.nix* and a *flake.lock* file. + +*~/.local/share/flake-update/* +: **fupdate** will store the hashes to the allowed *update.sh* files here. + +# BUGS +Report bugs to <https://codeberg.org/soispha/flake_update/issues>. + +# COPYRIGHT +Copyright (C) 2023 Soispha + +This program is free software: you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation, either version 3 of the License, or +(at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program. If not, see <https://www.gnu.org/licenses/>. |