From afc80d8f4242c30c061433a881663dc3527f67f1 Mon Sep 17 00:00:00 2001
From: Nikolaos Karaolidis <nick@karaolidis.com>
Date: Sun, 17 Aug 2025 12:24:38 +0300
Subject: [PATCH] Add libs

Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
---
 README.md                               |  2 +-
 flake.lock                              | 48 +++++++++++++++++++++++++
 flake.nix                               | 31 ++++++++++++++++
 lib/default.nix                         |  5 +++
 lib/fetchers/default.nix                |  4 +++
 lib/fetchers/sshKnownHosts/default.nix  | 33 +++++++++++++++++
 lib/runtime/default.nix                 |  4 +++
 lib/runtime/merge/default.nix           |  4 +++
 lib/runtime/merge/keyValue/default.nix  | 11 ++++++
 lib/runtime/merge/keyValue/key-value.sh | 15 ++++++++
 treefmt.nix                             | 26 ++++++++++++++
 11 files changed, 182 insertions(+), 1 deletion(-)
 create mode 100644 flake.lock
 create mode 100644 flake.nix
 create mode 100644 lib/default.nix
 create mode 100644 lib/fetchers/default.nix
 create mode 100644 lib/fetchers/sshKnownHosts/default.nix
 create mode 100644 lib/runtime/default.nix
 create mode 100644 lib/runtime/merge/default.nix
 create mode 100644 lib/runtime/merge/keyValue/default.nix
 create mode 100644 lib/runtime/merge/keyValue/key-value.sh
 create mode 100644 treefmt.nix

diff --git a/README.md b/README.md
index d9fa058..752efc0 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,3 @@
 # nix-lib
 
-NixOS libraries and utilities
\ No newline at end of file
+Nix library function definitions and utilities.
diff --git a/flake.lock b/flake.lock
new file mode 100644
index 0000000..c168958
--- /dev/null
+++ b/flake.lock
@@ -0,0 +1,48 @@
+{
+  "nodes": {
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1754725699,
+        "narHash": "sha256-iAcj9T/Y+3DBy2J0N+yF9XQQQ8IEb5swLFzs23CdP88=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "85dbfc7aaf52ecb755f87e577ddbe6dbbdbc1054",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "nixpkgs": "nixpkgs",
+        "treefmt-nix": "treefmt-nix"
+      }
+    },
+    "treefmt-nix": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1754847726,
+        "narHash": "sha256-2vX8QjO5lRsDbNYvN9hVHXLU6oMl+V/PsmIiJREG4rE=",
+        "owner": "numtide",
+        "repo": "treefmt-nix",
+        "rev": "7d81f6fb2e19bf84f1c65135d1060d829fae2408",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "treefmt-nix",
+        "type": "github"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
diff --git a/flake.nix b/flake.nix
new file mode 100644
index 0000000..99fcaaf
--- /dev/null
+++ b/flake.nix
@@ -0,0 +1,31 @@
+{
+  inputs = {
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
+
+    treefmt-nix = {
+      url = "github:numtide/treefmt-nix";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+  };
+
+  outputs =
+    inputs:
+    (
+      let
+        system = "x86_64-linux";
+
+        pkgs = import inputs.nixpkgs {
+          inherit system;
+          config.allowUnfree = true;
+        };
+
+        treefmt = inputs.treefmt-nix.lib.evalModule pkgs ./treefmt.nix;
+      in
+      {
+        lib.${system} = import ./lib { inherit pkgs; };
+
+        formatter.${system} = treefmt.config.build.wrapper;
+        checks.${system}.formatting = treefmt.config.build.check inputs.self;
+      }
+    );
+}
diff --git a/lib/default.nix b/lib/default.nix
new file mode 100644
index 0000000..8f17b57
--- /dev/null
+++ b/lib/default.nix
@@ -0,0 +1,5 @@
+{ pkgs, ... }:
+{
+  fetchers = import ./fetchers { inherit pkgs; };
+  runtime = import ./runtime { inherit pkgs; };
+}
diff --git a/lib/fetchers/default.nix b/lib/fetchers/default.nix
new file mode 100644
index 0000000..2b9448f
--- /dev/null
+++ b/lib/fetchers/default.nix
@@ -0,0 +1,4 @@
+{ pkgs, ... }:
+{
+  sshKnownHosts = import ./sshKnownHosts { inherit pkgs; };
+}
diff --git a/lib/fetchers/sshKnownHosts/default.nix b/lib/fetchers/sshKnownHosts/default.nix
new file mode 100644
index 0000000..440c1c0
--- /dev/null
+++ b/lib/fetchers/sshKnownHosts/default.nix
@@ -0,0 +1,33 @@
+{ pkgs, ... }:
+pkgs.lib.fetchers.withNormalizedHash { } (
+  {
+    host,
+    name ? "ssh-known-hosts-${host}",
+    outputHash,
+    outputHashAlgo,
+    port ? 22,
+    keyTypes ? [
+      "rsa"
+      "ecdsa"
+      "ed25519"
+    ],
+  }:
+  let
+    keyTypeArgs = pkgs.lib.concatStringsSep "," keyTypes;
+  in
+  pkgs.runCommandLocal name
+    {
+      inherit outputHash outputHashAlgo;
+      outputHashMode = "flat";
+      preferLocalBuild = true;
+
+      nativeBuildInputs = with pkgs; [
+        openssh
+        gnugrep
+        coreutils
+      ];
+    }
+    ''
+      ssh-keyscan -p ${toString port} -t ${keyTypeArgs} ${host} | grep -v '^#' | sort > $out
+    ''
+)
diff --git a/lib/runtime/default.nix b/lib/runtime/default.nix
new file mode 100644
index 0000000..8c9cbce
--- /dev/null
+++ b/lib/runtime/default.nix
@@ -0,0 +1,4 @@
+{ pkgs, ... }:
+{
+  merge = import ./merge { inherit pkgs; };
+}
diff --git a/lib/runtime/merge/default.nix b/lib/runtime/merge/default.nix
new file mode 100644
index 0000000..347ec94
--- /dev/null
+++ b/lib/runtime/merge/default.nix
@@ -0,0 +1,4 @@
+{ pkgs, ... }:
+{
+  keyValue = import ./keyValue { inherit pkgs; };
+}
diff --git a/lib/runtime/merge/keyValue/default.nix b/lib/runtime/merge/keyValue/default.nix
new file mode 100644
index 0000000..e4504c8
--- /dev/null
+++ b/lib/runtime/merge/keyValue/default.nix
@@ -0,0 +1,11 @@
+{ pkgs, ... }:
+"${
+  pkgs.writeShellApplication {
+    name = "merge-key-value";
+    runtimeInputs = with pkgs; [
+      coreutils
+      gawk
+    ];
+    text = builtins.readFile ./key-value.sh;
+  }
+}/bin/merge-key-value"
diff --git a/lib/runtime/merge/keyValue/key-value.sh b/lib/runtime/merge/keyValue/key-value.sh
new file mode 100644
index 0000000..d238bdd
--- /dev/null
+++ b/lib/runtime/merge/keyValue/key-value.sh
@@ -0,0 +1,15 @@
+# shellcheck shell=bash
+
+source=$(realpath -m "$1")
+target=$(realpath -m "$2")
+
+if [[ -f "$target" ]]; then
+  temp=$(mktemp)
+  awk -F '=' 'NR==FNR{a[$1]=$0;next}($1 in a){$0=a[$1]}1' "$source" "$target" > "$temp"
+  mv "$temp" "$target"
+else
+  mkdir -p "$(dirname "$target")"
+  cp "$source" "$target"
+fi
+
+echo "Configuration file $target has been updated."
diff --git a/treefmt.nix b/treefmt.nix
new file mode 100644
index 0000000..a98422c
--- /dev/null
+++ b/treefmt.nix
@@ -0,0 +1,26 @@
+{ ... }:
+{
+  projectRootFile = "flake.nix";
+
+  programs = {
+    nixfmt = {
+      enable = true;
+      strict = true;
+    };
+
+    shellcheck.enable = true;
+    prettier.enable = true;
+    gofmt.enable = true;
+  };
+
+  settings.global.excludes = [
+    # Git
+    "*/.gitignore"
+    ".gitattributes"
+    ".envrc"
+    # Manifest Files
+    "*/package.json"
+    "*/go.mod"
+    "*/bun.lockb"
+  ];
+}