Skip to content

Instantly share code, notes, and snippets.

View phaer's full-sized avatar

Paul Haerle phaer

View GitHub Profile
@roberth
roberth / minimod.nix
Last active December 17, 2024 13:31
Simple and quick module system alternative + thoughts and tasks
/*
minimod: A stripped down module system
TODO Comparison:
- [ ] Come up with a benchmark "logic" using plain old functions and let bindings
- [ ] Write the benchmark for the module system
- [ ] Write the benchmark for POP?
- [ ] Qualitative comparison of extensibility in the context of composable
Nixpkgs packaging logic
TODO Fine-tuning:
{ pkgs, ... }:
let
domain = "upterm.numtide.com";
upterm-client = import ./upterm-client/BUILD.nix {
inherit pkgs;
};
in
{
services.uptermd = {
@udf
udf / write_up.md
Last active November 13, 2024 05:44
A Trick To Use mkMerge at The Top Level of a NixOS module

The Setup

I wanted to write a module that generates multiple systemd services and timers to scrub some zfs pools at certain intervals. The default scrub config does not support individual scrub intervals for each pool.

I want the config to look like this:

{
  services.zfs-auto-scrub = {
 tank = "Sat *-*-* 00:00:00";
@borkdude
borkdude / gallery.cljs
Last active March 30, 2024 17:36 — forked from yogthos/gallery.cljs
script to download walpapers from windowsonearth.org, adapted for nbb
@edolstra
edolstra / nix-lang.md
Last active October 30, 2024 00:36
Nix language changes

This document contains some ideas for additions to the Nix language.

Motivation

The Nix package manager, Nixpkgs and NixOS currently have several problems:

  • Poor discoverability of package options. Package functions have function arguments like enableFoo, but there is no way for the Nix UI to discover them, let alone to provide programmatic ways to
@ageis
ageis / systemd_service_hardening.md
Last active December 10, 2024 22:16
Options for hardening systemd service units

security and hardening options for systemd service units

A common and reliable pattern in service unit files is thus:

NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
DevicePolicy=closed
ProtectSystem=strict
(*
ocamlbuild \
-pkg containers \
-pkg lwt \
-pkg yojson \
-pkg conduit.lwt-unix \
-pkg nocrypto \
-pkg nocrypto.unix \
-pkg websocket.lwt \
-cflags "-w A-4-40-41-42-44" \
@teh
teh / avahi_publish.py
Created June 8, 2012 08:41
avahi publish
#! /usr/bin/env python
# avahi-alias.py
import avahi, dbus
from encodings.idna import ToASCII
import logging
# Got these from /usr/include/avahi-common/defs.h
CLASS_IN = 0x01
TYPE_CNAME = 0x05
@Gozala
Gozala / example.js
Created January 29, 2012 03:46
Workaround for lack of "tail call optimization" in JS
// Lack of tail call optimization in JS
var sum = function(x, y) {
return y > 0 ? sum(x + 1, y - 1) :
y < 0 ? sum(x - 1, y + 1) :
x
}
sum(20, 100000) // => RangeError: Maximum call stack size exceeded
// Using workaround
@phaer
phaer / ostatus_tag.rb
Created April 10, 2011 16:06
Simple Jekyll tag which displays the notices in a given status.net/ostatus feed.
require 'date'
require 'ostatus'
module Jekyll
class RenderOStatus < Liquid::Tag
def render(context)
site = context.registers[:site]
feed = OStatus::Feed.from_url(site.config['ostatus_feed'])
result = "<h2>#{feed.author.name}'s microblog</h2>"