https://github.com/akkartik/mu/blob/master/400.mu 
  1 # The 4xx series is for primitives implemented in Mu.
  2 
  3 # Signatures for major SubX functions defined so far.
  4 
  5 # autogenerated
  6 sig run-tests
  7 
  8 # init.linux
  9 # TODO: make this OS-specific
 10 # TODO: include result type at least, even if register args are too much
 11 sig syscall_exit  # status/ebx: int
 12 sig syscall_read  # fd/ebx: int, buf/ecx: addr, size/edx: int -> nbytes-or-error/eax: int
 13 sig syscall_write  # fd/ebx: int, buf/ecx: addr, size/edx: int -> nbytes-or-error/eax: int
 14 sig syscall_open  # filename/ebx: (addr kernel-string), flags/ecx: int, dummy=0x180/edx -> fd-or-error/eax: int
 15 sig syscall_close  # fd/ebx: int -> status/eax
 16 sig syscall_creat  # filename/ebx: (addr kernel-string) -> fd-or-error/eax: int
 17 sig syscall_unlink  # filename/ebx: (addr kernel-string) -> status/eax: int
 18 sig syscall_rename  # source/ebx: (addr kernel-string), dest/ecx: (addr kernel-string) -> status/eax: int
 19 sig syscall_mmap  # arg/ebx: (addr mmap_arg_struct) -> status/eax: int
 20 sig syscall_ioctl  # fd/ebx: int, cmd/ecx: int, arg/edx: (addr _)
 21 sig syscall_nanosleep  # req/ebx: (addr timespec)
 22 sig syscall_clock_gettime  # clock/ebx: int, out/ecx: (addr timespec)
 23 
 24 # Generated using:
 25 #   grep -h '^[a-z]' [0-9]*.subx |grep -v '^test-'
 26 # Functions we don't want to make accessible from Mu are commented out.
 27 # Many functions here may not be usable yet because of missing features
 28 # (global variable support, etc.)
 29 sig check-ints-equal a: int, b: int, msg: (addr array byte)
 30 sig kernel-string-equal? s: (addr kernel-string), benchmark: (addr array byte) -> _/eax: boolean
 31 sig new-segment len: int, ad: (addr allocation-descriptor)
 32 sig string-equal? s: (addr array byte), benchmark: (addr array byte) -> _/eax: boolean
 33 pre { line-height: 125%; }
td.linenos .normal { color: inherit; background-color: transparent; padding-left: 5px; padding-right: 5px; }
span.linenos { color: inherit; background-color: transparent; padding-left: 5px; padding-right: 5px; }
td.linenos .special { color: #000000; background-color: #ffffc0; padding-left: 5px; padding-right: 5px; }
span.linenos.special { color: #000000; background-color: #ffffc0; padding-left: 5px; padding-right: 5px; }
.highlight .hll { background-color: #ffffcc }
.highlight .c { color: #888888 } /* Comment */
.highlight .err { color: #a61717; background-color: #e3d2d2 } /* Error */
.highlight .k { color: #008800; font-weight: bold } /* Keyword */
.highlight .ch { color: #888888 } /* Comment.Hashbang */
.highlight .cm { color: #888888 } /* Comment.Multiline */
.highlight .cp { color: #cc0000; font-weight: bold } /* Comment.Preproc */
.highlight .cpf { color: #888888 } /* Comment.PreprocFile */
.highlight .c1 { color: #888888 } /* Comment.Single */
.highlight .cs { color: #cc0000; font-weight: bold; background-color: #fff0f0 } /* Comment.Special */
.highlight .gd { color: #000000; background-color: #ffdddd } /* Generic.Deleted */
.highlight .ge { font-style: italic } /* Generic.Emph */
.highlight .ges { font-weight: bold; font-style: italic } /* Generic.EmphStrong */
.highlight .gr { color: #aa0000 } /* Generic.Error */
.highlight .gh { color: #333333 } /* Generic.Heading */
.highlight .gi { color: #000000; background-color: #ddffdd } /* Generic.Inserted */
.highlight .go { color: #888888 } /* Generic.Output */
.highlight .gp { color: #555555 } /* Generic.Prompt */
.highlight .gs { font-weight: bold } /* Generic.Strong */
.highlight .gu { color: #666666 } /* Generic.Subheading */
.highlight .gt { color: #aa0000 } /* Generic.Traceback */
.highlight .kc { color: #008800; font-weight: bold } /* Keyword.Constant */
.highlight .kd { color: #008800; font-weight: bold } /* Keyword.Declaration */
.highlight .kn { color: #008800; font-weight: bold } /* Keyword.Namespace */
.highlight .kp { color: #008800 } /* Keyword.Pseudo */
.highlight .kr { color: #008800; font-weight: bold } /* Keyword.Reserved */
.highlight .kt { color: #888888; font-weight: bold } /* Keyword.Type */
.highlight .m { color: #0000DD; font-weight: bold } /* Literal.Number */
.highlight .s { color: #dd2200; background-color: #fff0f0 } /* Literal.String */
.highlight .na { color: #336699 } /* Name.Attribute */
.highlight .nb { color: #003388 } /* Name.Builtin */
.highlight .nc { color: #bb0066; font-weight: bold } /* Name.Class */
.highlight .no { color: #003366; font-weight: bold } /* Name.Constant */
.highlight .nd { color: #555555 } /* Name.Decorator */
.highlight .ne { color: #bb0066; font-weight: bold } /* Name.Exception */
.highlight .nf { color: #0066bb; font-weight: bold } /* Name.Function */
.highlight .nl { color: #336699; font-style: italic } /* Name.Label */
.highlight .nn { color: #bb0066; font-weight: bold } /* Name.Namespace */
.highlight .py { color: #336699; font-weight: bold } /* Name.Property */
.highlight .nt { color: #bb0066; font-weight: bold } /* Name.Tag */
.highlight .nv { color: #336699 } /* Name.Variable */
.highlight .ow { color: #008800 } /* Operator.Word */
.highlight .w { color: #bbbbbb } /* Text.Whitespace */
.highlight .mb { color: #0000DD; font-weight: bold } /* Literal.Number.Bin */
.highlight .mf { color: #0000DD; font-weight: bold } /* Literal.Number.Float */
.highlight .mh { color: #0000DD; font-weight: bold } /* Literal.Number.Hex */
.highlight .mi { color: #0000DD; font-weight: bold } /* Literal.Number.Integer */
.highlight .mo { color: #0000DD; font-weight: bold } /* Literal.Number.Oct */
.highlight .sa { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Affix */
.highlight .sb { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Backtick */
.highlight .sc { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Char */
.highlight .dl { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Delimiter */
.highlight .sd { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Doc */
.highlight .s2 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Double */
.highlight .se { color: #0044dd; background-color: #fff0f0 } /* Literal.String.Escape */
.highlight .sh { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Heredoc */
.highlight .si { color: #3333bb; background-color: #fff0f0 } /* Literal.String.Interpol */
.highlight .sx { color: #22bb22; background-color: #f0fff0 } /* Literal.String.Other */
.highlight .sr { color: #008800; background-color: #fff0ff } /* Literal.String.Regex */
.highlight .s1 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Single */
.highlight .ss { color: #aa6600; background-color: #fff0f0 } /* Literal.String.Symbol */
.highlight .bp { color: #003388 } /* Name.Builtin.Pseudo */
.highlight .fm { color: #0066bb; font-weight: bold } /* Name.Function.Magic */
.highlight .vc { color: #336699 } /* Name.Variable.Class */
.highlight .vg { color: #dd7700 } /* Name.Variable.Global */
.highlight .vi { color: #3333bb } /* Name.Variable.Instance */
.highlight .vm { color: #336699 } /* Name.Variable.Magic */
.highlight .il { color: #0000DD; font-weight: bold } /* Literal.Number.Integer.Long */
{ config, pkgs, ... }:
{
  imports = [ ./hardware-configuration.nix ];

  boot.tmp.cleanOnBoot = true;
  zramSwap.enable = true;

  networking.hostName = "djmuk2";
  networking.firewall = {
    enable = true;
    allowedTCPPorts = [ 113 ];
  };

  services.openssh = {
    enable = true;
    settings = {
      PermitRootLogin = "no";
      PasswordAuthentication = false;
      KbdInteractiveAuthentication = false;
    };
    extraConfig = ''
      #AllowTcpForwarding yes
      X11Forwarding no
      AllowAgentForwarding no
      AllowStreamLocalForwarding no
      AuthenticationMethods publickey
      AllowUsers djm
    '';
  };
  services.sshguard.enable = true;
  services.oidentd.enable = true;

  services.locate = {
    enable = true;
    package = pkgs.plocate;
    localuser = null;
  };

  # Emulate nix-sops. Technically an anti-pattern, but this isn't a real secret, and this has to be embedded here, as we cannot set a file path to read it from.
  # Populate/update with:
  # SOPS_AGE_KEY=$(doas ssh-to-age -private-key -i /etc/ssh/ssh_host_ed25519_key) sops -d --extract '["openiscsi_name"]' machines/djmuk2/secrets.yaml | doas tee /root/.config/secrets/openiscsi_name
  services.openiscsi.enable = true;
  services.openiscsi.name = builtins.readFile "/root/.config/secrets/openiscsi_name";
  #services.openiscsi.enableAutoLoginOut = true;

  users.users.djm = {
    isNormalUser = true;
    home = "/home/djm";
    description = "David Morgan";
    extraGroups = [
      "wheel"
      "plocate"
    ];
    shell = pkgs.zsh;
    openssh.authorizedKeys.keys = [
      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCurCpxZCHtByB5wXzsjTXwMyDSB4+B8rq5XY6EGss58NwD8jc5cII4i+QUbCOGTiAggSZUSC9YIP24hjpOeNT/IYs5m7Qn1B9MtBAiUSrIYew8eDwnMLlPzN+k2x9zCrJeCHIvGJaFHPXTh1Lf5Jt2fPVGW9lksE/XUVOe6ht4N/b+nqqszXFhc8Ug6le2bC1YeTCVEf8pjlh/I7DkDBl6IB8uEXc3X2vxxbV0Z4vlBrFkkAywcD3j5VlS/QYfBr4BICNmq/sO3fMkbMbtAPwuFxeL4+h6426AARQZiSS0qVEc8OoFRBVx3GEH5fqVAWfB1geyLzei22HbjUcT9+xN davidmo@gendros"
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK9UDTaVnUOU/JknrNdihlhhGOk53LmHq9I1ASri3aga djm@gaius"
    ];
  };

  security.sudo.extraConfig = ''
    djm ALL=(ALL) NOPASSWD: ALL
  '';
  security.doas = {
    enable = true;
    extraRules = [
      {
        users = [ "djm" ];
        noPass = true;
        keepEnv = true;
      }
    ];
  };

  programs.zsh.enable = true;

  programs.vim.defaultEditor = true;

  environment.systemPackages = with pkgs; [
    #procmail
    git
    vim
    wget
  ];

  nix.settings.trusted-users = [
    "root"
    "djm"
  ];
  nix.optimise.automatic = true;
  nix.optimise.dates = [ "03:00" ];

  i18n.defaultLocale = "en_GB.UTF-8";

  system.stateVersion = "22.05";
}
generated by cgit-pink 1.4.1-2-gfad0 (git 2.36.2.497.gbbea4dcf42) at 2024-11-20 15:39:14 +0000
html#L554'>skip-chars-not-matching in: (addr stream byte), delimiter: byte 105 sig skip-chars-not-matching-whitespace in: (addr stream byte) 106 #sig skip-chars-matching-in-slice curr: (addr byte), end: (addr byte), delimiter: byte -> _/eax: (addr byte) 107 #sig skip-chars-matching-whitespace-in-slice curr: (addr byte), end: (addr byte) -> _/eax: (addr byte) 108 #sig skip-chars-not-matching-in-slice curr: (addr byte), end: (addr byte), delimiter: byte -> _/eax: (addr byte) 109 #sig skip-chars-not-matching-whitespace-in-slice curr: (addr byte), end: (addr byte) -> _/eax: (addr byte) 110 sig skip-string line: (addr stream byte) 111 #sig skip-string-in-slice curr: (addr byte), end: (addr byte) -> _/eax: (addr byte) 112 sig skip-until-close-paren line: (addr stream byte) 113 #sig skip-until-close-paren-in-slice curr: (addr byte), end: (addr byte) -> _/eax: (addr byte) 114 sig write-stream-data f: (addr buffered-file), s: (addr stream byte) 115 sig write-int32-decimal out: (addr stream byte), n: int 116 sig is-decimal-digit? c: grapheme -> _/eax: boolean 117 sig to-decimal-digit in: grapheme -> _/eax: int 118 # bad name alert 119 # next-word really tokenizes 120 # next-raw-word really reads whitespace-separated words 121 sig next-word line: (addr stream byte), out: (addr slice) # skips '#' comments 122 sig next-raw-word line: (addr stream byte), out: (addr slice) # does not skip '#' comments 123 sig has-metadata? word: (addr slice), s: (addr string) -> _/eax: boolean 124 sig is-valid-name? in: (addr slice) -> _/eax: boolean 125 sig is-label? word: (addr slice) -> _/eax: boolean 126 sig emit-hex out: (addr buffered-file), n: int, width: int 127 sig emit out: (addr buffered-file), word: (addr slice), width: int 128 #sig get table: (addr stream {(handle array byte), T}), key: (addr array byte), row-size: int, abort-message-prefix: (addr array byte) -> _/eax: (addr T) 129 #sig get-slice table: (addr stream {(handle array byte), T}), key: (addr slice), row-size: int, abort-message-prefix: (addr array byte) -> _/eax: (addr T) 130 #sig get-or-insert table: (addr stream {(handle array byte), T}), key: (addr array byte), row-size: int, ad: (addr allocation-descriptor) -> _/eax: (addr T) 131 #sig get-or-insert-handle table: (addr stream {(handle array byte), T}), key: (handle array byte), row-size: int -> _/eax: (addr T) 132 #sig get-or-insert-slice table: (addr stream {(handle array byte), T}), key: (addr slice), row-size: int, ad: (addr allocation-descriptor) -> _/eax: (addr T) 133 #sig get-or-stop table: (addr stream {(handle array byte), T}), key: (addr array byte), row-size: int 134 #sig get-slice-or-stop table: (addr stream {(handle array byte), _}), key: (addr slice), row-size: int 135 #sig maybe-get table: (addr stream {(handle array byte), T}), key: (addr array byte), row-size: int -> _/eax: (addr T) 136 #sig maybe-get-slice table: (addr stream {(handle array byte), T}), key: (addr slice), row-size: int -> _/eax: (addr T) 137 sig slurp f: (addr buffered-file), s: (addr stream byte) 138 sig compute-width word: (addr array byte) -> _/eax: int 139 sig compute-width-of-slice s: (addr slice) -> _/eax: int 140 sig emit-hex-array out: (addr buffered-file), arr: (addr array byte) 141 sig next-word-or-string line: (addr stream byte), out: (addr slice) 142 sig write-int out: (addr stream byte), n: int 143 #sig clear-stack s: (addr stack) 144 #sig push s: (addr stack), n: int 145 #sig pop s: (addr stack) -> _/eax: int 146 #sig top s: (addr stack) -> _/eax: int 147 sig array-equal? a: (addr array int), b: (addr array int) -> _/eax: boolean 148 sig parse-array-of-ints s: (addr array byte), out: (addr handle array int) 149 sig parse-array-of-decimal-ints s: (addr array byte), out: (addr handle array int) 150 sig check-array-equal a: (addr array int), expected: (addr string), msg: (addr string) 151 #sig push-n-zero-bytes n: int 152 sig kernel-string-to-string ad: (addr allocation-descriptor), in: (addr kernel-string), out: (addr handle array byte) 153 sig kernel-string-length in: (addr kernel-string) -> _/eax: int 154 sig enable-screen-grid-mode 155 sig enable-screen-type-mode 156 sig real-screen-size -> _/eax: int, _/ecx: int 157 sig clear-real-screen 158 sig move-cursor-on-real-screen row: int, column: int 159 sig print-string-to-real-screen s: (addr array byte) 160 sig print-slice-to-real-screen s: (addr slice) 161 sig print-stream-to-real-screen s: (addr stream byte) 162 sig print-grapheme-to-real-screen c: grapheme 163 sig print-int32-hex-to-real-screen n: int 164 sig print-int32-hex-bits-to-real-screen n: int, bits: int 165 sig print-int32-decimal-to-real-screen n: int 166 sig write-int32-decimal-buffered f: (addr buffered-file), n: int 167 sig reset-formatting-on-real-screen 168 sig start-color-on-real-screen fg: int, bg: int 169 sig start-bold-on-real-screen 170 sig start-underline-on-real-screen 171 sig start-reverse-video-on-real-screen 172 sig start-blinking-on-real-screen 173 sig hide-cursor-on-real-screen 174 sig show-cursor-on-real-screen 175 sig enable-keyboard-immediate-mode 176 sig enable-keyboard-type-mode 177 sig read-key-from-real-keyboard -> _/eax: grapheme 178 sig read-line-from-real-keyboard out: (addr stream byte) 179 sig open filename: (addr array byte), write?: boolean, out: (addr handle buffered-file) 180 sig populate-buffered-file-containing contents: (addr array byte), out: (addr handle buffered-file) 181 sig new-buffered-file out: (addr handle buffered-file) 182 #sig size in: (addr array _) -> _/eax: int 183 184 sig stream-empty? s: (addr stream _) -> _/eax: boolean 185 sig stream-full? s: (addr stream _) -> _/eax: boolean 186 sig stream-to-array in: (addr stream _), out: (addr handle array _) 187 sig unquote-stream-to-array in: (addr stream _), out: (addr handle array _) 188 sig stream-first s: (addr stream byte) -> _/eax: byte 189 sig stream-final s: (addr stream byte) -> _/eax: byte 190 191 #sig copy-bytes src: (addr byte), dest: (addr byte), n: int 192 sig copy-array-object src: (addr array _), dest-ah: (addr handle array _) 193 sig copy-file src: (addr buffered-file), dest-ah: (addr handle buffered-file), filename: (addr array byte) 194 195 sig integer-divide a: int, b: int -> _/eax: int, _/edx: int