rrvsh/pantheon
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

refactor: rename modules folder

Browse source
This commit is contained in:
Mohammad Rafiq 2025-04-10 16:28:33 +08:00
parent f082ed8ac0
commit 2a80ef07bf
No known key found for this signature in database
69 changed files with 16 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

40
configs/programs/scripts/byebye.sh Normal file
View file

@ -0,0 +1,40 @@
# Set up the terminal to read input immediately, without waiting for Enter.
# This is done using the `stty` command.
# `stty` controls terminal settings.
# `-icanon` disables canonical mode. In canonical mode, the terminal buffers input until a newline is received. Disabling it makes input available immediately.
# `min 1` specifies that at least 1 character should be read.
# `time 0` specifies that the read should return immediately if a character is available.
stty -icanon min 1 time 0
# Prompt the user to enter 'y' or 'n' to confirm or cancel the poweroff.
# `echo -n` prints the prompt without a trailing newline, so the input will appear on the same line.
echo -n "Poweroff system? (y/n) [n]: "
# Read a single character from the input and store it in the 'answer' variable.
# `read -n 1 answer` reads only 1 character.
read -n 1 answer
# Print a newline character after the input has been read.
# This makes the output more readable, as the subsequent messages will appear on a new line.
echo
# Restore the terminal settings to their default values.
# This is important, as leaving the terminal in non-canonical mode can cause unexpected behavior.
# `stty icanon` re-enables canonical mode.
stty icanon
# Check the value of the 'answer' variable.
# `[[ ... ]]` is a more robust and feature-rich way to perform conditional tests than `[ ... ]`.
# `"y"` matches only the lowercase "y". If you want case-insensitive matching, consider using `[[ ${answer,,} == "y" ]]` (converts answer to lowercase).
if [[ "$answer" == "y" ]]; then
# If the user entered 'y', proceed with the poweroff.
echo "Powering off..."
# Execute the systemctl poweroff command with root privileges using sudo.
# `sudo` allows you to run commands as the superuser (root).
# `systemctl poweroff` sends the command to the systemd init system to shut down the machine.
sudo systemctl poweroff
else
# If the user entered anything other than 'y', cancel the poweroff.
echo "Poweroff cancelled."
fi

68
configs/programs/scripts/default.nix Normal file
View file

@ -0,0 +1,68 @@
{ pkgs, ... }:
{
home-manager.users.rafiq = {
home.packages = [
(pkgs.writers.writePython3Bin "git-extract" {
libraries = with pkgs.python3Packages; [
magic
chardet
];
} (builtins.readFile ./git-extract.py))
(pkgs.writeShellScriptBin "rebuild" # sh
''
rebuild_remote() {
git add .
hostname=$1
builder="nemesis"
if [[ "''${hostname}" == "''${builder}" ]]; then
nh os switch .
else
nixos-rebuild switch \
--flake .#"''${hostname}" \
--target-host "$(whoami)"@"''${hostname}" \
--build-host "''${builder}" \
--use-remote-sudo
fi
}
main() {
if [[ $# -gt 1 ]]; then
echo "Only one argument is allowed. Pass in a hostname or all."
exit 1
elif [[ $# -lt 1 ]]; then
rebuild_remote "$HOSTNAME"
exit 0
fi
case "$1" in
all)
# Create a list of hostnames to rebuild
hosts=("nemesis" "apollo")
# Use parallel to rebuild each host
, parallel rebuild ::: "''${hosts[@]}"
# Check the exit code of parallel
if [[ $? -ne 0 ]]; then
echo "One or more rebuilds failed."
exit 1
else
exit 0
fi
;;
*)
rebuild_remote "$1"
exit 0
;;
esac
}
main "$@"
''
)
(pkgs.writeShellScriptBin "byebye" (builtins.readFile ./byebye.sh))
(pkgs.writeShellScriptBin "deploy" (builtins.readFile ./deploy.sh))
];
};
}

81
configs/programs/scripts/deploy.sh Executable file
View file

@ -0,0 +1,81 @@
# Set default values
flake=".#default" # Default flake attribute if none is provided
target_host="nixos@<hostname>" # Default target host
# Process command-line arguments
while [[ $# -gt 0 ]]; do
case "$1" in
--flake)
flake="$2"
shift # past argument
shift # past value
;;
--target-host)
target_host="$2"
shift # past argument
shift # past value
;;
*)
echo "Unknown option: $1" >&2
exit 1
;;
esac
done
# Prepare temporary directory and copy necessary files
root=$(mktemp -d)
# Files should be copied to the persist directory
# because that's where impermanence looks for them in.
mkdir -p "${root}"/persist
root_persist=${root}/persist
sudo cp --verbose --archive --parents /etc/ssh/ssh_host_* "${root_persist}"
sudo cp --verbose --archive --parents /home/rafiq/.ssh/id_ed25519 "${root_persist}"
sudo cp --verbose --archive --parents /home/rafiq/.config/sops/age/keys.txt "${root_persist}"
# Run nixos-anywhere
# Copy over the necesary files to the persist directory.
sudo nix run github:nix-community/nixos-anywhere -- \
--flake "${flake}" \
--target-host "${target_host}" \
--copy-host-keys \
--extra-files "${root}" \
--chown /persist/home/rafiq 1000:100 \
--chown /home/rafiq 1000:100
# Clean up the temporary directory
sudo rm -rf "$root"
# Wait for SSH to be back up
MAX_TRIES=60 # Maximum attempts
SLEEP_SECONDS=5 # Time to wait between attempts
tries=0
while true; do
tries=$((tries + 1))
# Check network reachability with ping
ping -c 1 "$(echo "${target_host}" | awk -F'@' '{print $NF}')" >/dev/null 2>&1 #Extract IP/hostname from username@host
if [ $? -eq 0 ]; then
# Network is reachable, try SSH
ssh -q -o "ConnectTimeout=5" "${target_host}" 'exit 0'
if [ $? -eq 0 ]; then
echo "SSH is up. Connecting..."
ssh "${target_host}" &&
nixos-rebuild switch --flake "${flake}" --use-remote-sudo --target-host "${target_host}"
exit 0
else
echo "SSH not yet available (attempt $tries/$MAX_TRIES). Waiting..."
fi
else
echo "Host is not reachable via ping (attempt $tries/$MAX_TRIES). Waiting..."
fi
if [ $tries -ge $MAX_TRIES ]; then
echo "Maximum attempts reached. SSH still not available."
exit 1
fi
sleep "$SLEEP_SECONDS"
done
echo "---DEPLOYMENT DONE!---"

317
configs/programs/scripts/git-extract.py Normal file
View file

@ -0,0 +1,317 @@
# flake8: noqa: E501
import subprocess
import os
import tempfile
import shutil
import argparse
import magic
import chardet
import math
def is_ascii(file_path):
"""
Checks if a file contains only ASCII characters.
Args:
file_path (str): The path to the file.
Returns:
bool: True if the file contains only ASCII characters, False otherwise.
None: If the file does not exist.
"""
if not os.path.exists(file_path):
return None # Indicate file not found.
try:
with open(file_path, "r", encoding="ascii") as f:
f.read() # Attempt to read the entire file as ASCII
return True
except UnicodeDecodeError:
return False
def has_high_entropy(file_path, threshold=0.7):
"""
Checks if a file has high entropy, which might indicate it's not text.
Args:
file_path (str): The path to the file.
threshold (float): Entropy threshold above which it's considered high entropy.
Returns:
bool: True if entropy is above the threshold, False otherwise.
None: If the file does not exist.
"""
if not os.path.exists(file_path):
return None
try:
with open(file_path, "rb") as f: # Important: Read as binary
data = f.read()
except IOError:
return True # Treat as non-text if there is an I/O error
if not data:
return False # empty files considered text
entropy = calculate_entropy(data)
return entropy > threshold
def calculate_entropy(data):
"""
Calculates the entropy of a byte string.
Args:
data (bytes): The byte string.
Returns:
float: The entropy.
"""
if not data:
return 0.0 # Avoid log(0)
entropy = 0
data_length = len(data)
seen_bytes = bytearray(range(256)) # All possible byte values
counts = [0] * 256
for byte in data:
counts[byte] += 1
for byte in seen_bytes:
probability = float(counts[byte]) / data_length
if probability > 0:
entropy -= probability * math.log(probability, 2)
return entropy
def check_chardet_encoding(file_path, confidence_threshold=0.8):
"""
Checks the file encoding using chardet library.
Args:
file_path (str): The path to the file.
confidence_threshold (float): The minimum confidence level for encoding detection.
Returns:
bool: True if the encoding is detected with high confidence and is a text encoding, False otherwise.
None: If the file does not exist.
"""
if not os.path.exists(file_path):
return None
try:
with open(file_path, "rb") as f: # Important: Read as binary
data = f.read()
except IOError:
return False # If file can't be opened, assume it's not a simple text file.
if not data:
return True # Empty files are usually considered text
result = chardet.detect(data)
encoding = result["encoding"]
confidence = result["confidence"]
if encoding and confidence > confidence_threshold:
# Check if it's a recognized text encoding (not binary or None)
if encoding != "binary" and encoding is not None:
return True
return False
def is_text_file(file_path, aggressive=False):
"""
Wrapper function to check if a file is a text file using multiple methods.
Args:
file_path (str): The path to the file.
aggressive (bool, optional): If True, combines all checks for stricter verification.
If False, returns True if any check passes. Defaults to False.
Returns:
bool: True if the file is a text file, False otherwise.
None: If the file does not exist.
"""
if not os.path.exists(file_path):
return None
# Basic checks
ascii_check = is_ascii(file_path)
if ascii_check is None:
return None # File not found
if aggressive:
# Run all checks and require them all to pass
high_entropy_check = not has_high_entropy(
file_path
) # Invert because we want to know if it DOESN'T have high entropy
chardet_check = check_chardet_encoding(file_path)
return ascii_check and high_entropy_check and chardet_check
else:
# Run checks and return True if any of them pass
high_entropy_check = not has_high_entropy(file_path)
chardet_check = check_chardet_encoding(file_path)
return ascii_check or high_entropy_check or chardet_check
def get_latest_text_files_to_stdout(remote_repo_url=None, ignored_files=None):
"""
Checks out the latest commit from a remote Git repository or the current
working directory (if no URL is provided) to a temporary folder,
and then prints the contents of all files identified as text files to stdout,
prepended by their relative paths from the repository root, excluding specified
ignored files. Supports "!" to specify includes only.
Args:
remote_repo_url: The URL of the remote Git repository (optional). If None,
the current working directory is assumed to be a Git repo.
ignored_files: A list of files or directories to ignore (relative to the repo root).
If a list contains a value starting with "!", it means "include only".
"""
temp_dir = None
if ignored_files is None:
ignored_files = []
# Ensure .git and .gitignore are always ignored (unless include only is specified)
include_only = any(item.startswith("!") for item in ignored_files)
if not include_only:
ignored_files.extend([".git", ".gitignore"])
ignored_files = list(set(ignored_files)) # remove duplicates
# Determine if "include only" is active and extract the include paths
include_only = any(item.startswith("!") for item in ignored_files)
include_paths = [item[1:] for item in ignored_files if item.startswith("!")]
ignore_paths = [item for item in ignored_files if not item.startswith("!")]
try:
# Create a temporary directory
temp_dir = tempfile.mkdtemp()
# Clone the repository, but only the latest commit (shallow clone)
clone_command = ["git", "clone", "--depth", "1"]
if remote_repo_url:
clone_command.extend([remote_repo_url, temp_dir])
else:
# Check if the current directory is a Git repository.
try:
subprocess.run(
["git", "rev-parse", "--is-inside-work-tree"],
check=True,
capture_output=True,
text=True,
cwd=os.getcwd(),
) # run in current directory
except subprocess.CalledProcessError:
raise ValueError(
"No Git repository URL provided and current directory is not a Git repository."
)
clone_command.extend([os.getcwd(), temp_dir]) # clone current dir to temp
subprocess.run(clone_command, check=True, capture_output=True, text=True)
# Find all files and filter for text files
text_files = []
for root, _, files in os.walk(temp_dir):
for file in files:
file_path = os.path.join(root, file)
relative_path = os.path.relpath(file_path, temp_dir)
if include_only:
# Include only logic
include = False
for include_path in include_paths:
if relative_path.startswith(include_path):
include = True
break
if not include:
continue # Skip if not in include paths
else:
# Ignore logic (standard ignore)
ignore = False
path_components = relative_path.split(
os.sep
) # split based on OS-specific path separator
current_path = ""
for component in path_components:
current_path = (
os.path.join(current_path, component)
if current_path
else component
) # prevent empty first join
if current_path in ignore_paths:
ignore = True
break
if ignore:
continue
if is_text_file(file_path): # Use the is_text_file function
text_files.append(file_path)
# Print the contents of each text file, prepended by its relative path
for file_path in text_files:
relative_path = os.path.relpath(file_path, temp_dir)
print(f"--- {relative_path} ---")
try:
with open(file_path, "r", encoding="utf-8") as f: # Use UTF-8 encoding
print(f.read())
except UnicodeDecodeError:
print(
f"Error: Could not decode file {relative_path} using UTF-8. Skipping file contents."
) # handle binary or other non-UTF-8 encodings
print() # Add a blank line between files
except subprocess.CalledProcessError as e:
print(f"Error executing Git command: {e.stderr}")
except ValueError as e:
print(e)
except Exception as e:
print(f"An error occurred: {e}")
finally:
# Clean up the temporary directory
if temp_dir:
shutil.rmtree(temp_dir)
if __name__ == "__main__":
parser = argparse.ArgumentParser(
description="Checkout and print text files from a remote Git repository."
)
parser.add_argument(
"-r",
"--repo",
required=False,
help="The URL of the remote Git repository. If not provided, the current directory is used if it's a Git repository.",
)
parser.add_argument(
"-i",
"--ignored-files",
nargs="+",
default=[],
help="Files or directories to ignore (space-separated). Use !<path> to specify include only.",
)
args = parser.parse_args()
remote_repository_url = args.repo
ignored_files = args.ignored_files
# Verify the URL only if it's provided
if remote_repository_url:
if (
"github.com" not in remote_repository_url
and "gitlab.com" not in remote_repository_url
and "bitbucket.org" not in remote_repository_url
):
print(
"Warning: This script is designed for common public repository hosting providers. Ensure the Git URL is correct."
)
get_latest_text_files_to_stdout(remote_repository_url, ignored_files)