Merge remote-tracking branch 'origin/master' into syncserver
This commit is contained in:
commit
0570a08b83
@ -135,7 +135,7 @@ lib.mapAttrs (n: v: v // { shortName = n; }) rec {
|
||||
};
|
||||
|
||||
gpl1 = spdx {
|
||||
shortName = "GPL-1.0";
|
||||
spdxId = "GPL-1.0";
|
||||
fullName = "GNU General Public License v1.0 only";
|
||||
};
|
||||
|
||||
|
@ -115,6 +115,7 @@
|
||||
nslqqq = "Nikita Mikhailov <nslqqq@gmail.com>";
|
||||
ocharles = "Oliver Charles <ollie@ocharles.org.uk>";
|
||||
offline = "Jaka Hudoklin <jakahudoklin@gmail.com>";
|
||||
olcai = "Erik Timan <dev@timan.info>";
|
||||
orbitz = "Malcolm Matalka <mmatalka@gmail.com>";
|
||||
page = "Carles Pagès <page@cubata.homelinux.net>";
|
||||
pashev = "Igor Pashev <pashev.igor@gmail.com>";
|
||||
@ -123,6 +124,7 @@
|
||||
piotr = "Piotr Pietraszkiewicz <ppietrasa@gmail.com>";
|
||||
pkmx = "Chih-Mao Chen <pkmx.tw@gmail.com>";
|
||||
plcplc = "Philip Lykke Carlsen <plcplc@gmail.com>";
|
||||
prikhi = "Pavan Rikhi <pavan.rikhi@gmail.com>";
|
||||
pSub = "Pascal Wittmann <mail@pascal-wittmann.de>";
|
||||
puffnfresh = "Brian McKenna <brian@brianmckenna.org>";
|
||||
qknight = "Joachim Schiele <js@lastlog.de>";
|
||||
@ -180,4 +182,5 @@
|
||||
zef = "Zef Hemel <zef@zef.me>";
|
||||
zimbatm = "zimbatm <zimbatm@zimbatm.com>";
|
||||
zoomulator = "Kim Simmons <zoomulator@gmail.com>";
|
||||
Gonzih = "Max Gonzih <gonzih@gmail.com>";
|
||||
}
|
||||
|
@ -3,7 +3,7 @@
|
||||
stdenv.mkDerivation {
|
||||
name = "nix-generate-from-cpan-1";
|
||||
|
||||
buildInputs = [ makeWrapper perl perlPackages.YAMLLibYAML perlPackages.JSON ];
|
||||
buildInputs = [ makeWrapper perl perlPackages.YAMLLibYAML perlPackages.JSON perlPackages.CPANPLUS ];
|
||||
|
||||
unpackPhase = "true";
|
||||
buildPhase = "true";
|
||||
@ -19,4 +19,4 @@ stdenv.mkDerivation {
|
||||
maintainers = [ stdenv.lib.maintainers.eelco ];
|
||||
description = "Utility to generate a Nix expression for a Perl package from CPAN";
|
||||
};
|
||||
}
|
||||
}
|
||||
|
@ -100,7 +100,7 @@ sub get_deps {
|
||||
foreach my $n (keys %{$deps}) {
|
||||
next if $n eq "perl";
|
||||
# Hacky way to figure out if this module is part of Perl.
|
||||
if ($n !~ /^JSON/ && $n !~ /^YAML/) {
|
||||
if ($n !~ /^JSON/ && $n !~ /^YAML/ && $n !~ /^Module::Pluggable/) {
|
||||
eval "use $n;";
|
||||
if (!$@) {
|
||||
print STDERR "skipping Perl-builtin module $n\n";
|
||||
|
@ -12,9 +12,9 @@ pre-built binary. That is, whenever a command like
|
||||
<command>nixos-rebuild</command> needs a path in the Nix store, Nix
|
||||
will try to download that path from the Internet rather than build it
|
||||
from source. The default binary cache is
|
||||
<uri>http://cache.nixos.org/</uri>. If this cache is unreachable, Nix
|
||||
operations may take a long time due to HTTP connection timeouts. You
|
||||
can disable the use of the binary cache by adding <option>--option
|
||||
<uri>https://cache.nixos.org/</uri>. If this cache is unreachable,
|
||||
Nix operations may take a long time due to HTTP connection timeouts.
|
||||
You can disable the use of the binary cache by adding <option>--option
|
||||
use-binary-caches false</option>, e.g.
|
||||
|
||||
<screen>
|
||||
@ -30,4 +30,4 @@ $ nixos-rebuild switch --option binary-caches http://my-cache.example.org/
|
||||
|
||||
</para>
|
||||
|
||||
</section>
|
||||
</section>
|
||||
|
@ -8,9 +8,14 @@
|
||||
|
||||
<para>NixOS ISO images can be downloaded from the <link
|
||||
xlink:href="http://nixos.org/nixos/download.html">NixOS
|
||||
homepage</link>. These can be burned onto a CD. It is also possible
|
||||
to copy them onto a USB stick and install NixOS from there. For
|
||||
details, see the <link
|
||||
homepage</link>. There are a number of installation options. If
|
||||
you happen to have an optical drive and a spare CD, burning the
|
||||
image to CD and booting from that is probably the easiest option.
|
||||
Most people will need to prepare a USB stick to boot from.
|
||||
Unetbootin is recommended and the process is described in brief below.
|
||||
Note that systems which use UEFI require some additional manual steps.
|
||||
If you run into difficulty a number of alternative methods are presented
|
||||
in the <link
|
||||
xlink:href="https://nixos.org/wiki/Installing_NixOS_from_a_USB_stick">NixOS
|
||||
Wiki</link>.</para>
|
||||
|
||||
|
@ -10,7 +10,7 @@
|
||||
<para>This section lists the release notes for each stable version of NixOS.</para>
|
||||
</partintro>
|
||||
|
||||
<xi:include href="rl-1411.xml" />
|
||||
<xi:include href="rl-1412.xml" />
|
||||
<xi:include href="rl-1404.xml" />
|
||||
<xi:include href="rl-1310.xml" />
|
||||
|
||||
|
@ -2,9 +2,9 @@
|
||||
xmlns:xlink="http://www.w3.org/1999/xlink"
|
||||
xmlns:xi="http://www.w3.org/2001/XInclude"
|
||||
version="5.0"
|
||||
xml:id="sec-release-14.11">
|
||||
xml:id="sec-release-14.12">
|
||||
|
||||
<title>Release 14.11 (“Caterpillar”, 2014/11/??)</title>
|
||||
<title>Release 14.12 (“Caterpillar”, 2014/12/??)</title>
|
||||
|
||||
<para>When upgrading from a previous release, please be aware of the
|
||||
following incompatible changes:
|
||||
@ -24,6 +24,11 @@ services.httpd.package = pkgs.apacheHttpd_2_2;
|
||||
|
||||
</para></listitem>
|
||||
|
||||
<listitem><para>PHP 5.3 has been removed because it is no longer
|
||||
supported by the PHP project. A <link
|
||||
xlink:href="http://php.net/migration54">migration guide</link> is
|
||||
available.</para></listitem>
|
||||
|
||||
<listitem><para>The host side of a container virtual Ethernet pair
|
||||
is now called <literal>ve-<replaceable>container-name</replaceable></literal>
|
||||
rather than <literal>c-<replaceable>container-name</replaceable></literal>.</para></listitem>
|
@ -16,6 +16,9 @@
|
||||
# symlink to `object' that will be added to the tarball.
|
||||
storeContents ? []
|
||||
|
||||
# Extra commands to be executed before archiving files
|
||||
, extraCommands ? ""
|
||||
|
||||
# Extra tar arguments
|
||||
, extraArgs ? ""
|
||||
}:
|
||||
@ -25,7 +28,7 @@ stdenv.mkDerivation {
|
||||
builder = ./make-system-tarball.sh;
|
||||
buildInputs = [perl xz];
|
||||
|
||||
inherit fileName pathsFromGraph extraArgs;
|
||||
inherit fileName pathsFromGraph extraArgs extraCommands;
|
||||
|
||||
# !!! should use XML.
|
||||
sources = map (x: x.source) contents;
|
||||
|
@ -33,7 +33,7 @@ for i in $storePaths; do
|
||||
done
|
||||
|
||||
|
||||
# TODO tar ruxo
|
||||
# TODO tar ruxo
|
||||
# Also include a manifest of the closures in a format suitable for
|
||||
# nix-store --load-db.
|
||||
printRegistration=1 perl $pathsFromGraph closure-* > nix-path-registration
|
||||
@ -48,6 +48,8 @@ for ((n = 0; n < ${#objects[*]}; n++)); do
|
||||
fi
|
||||
done
|
||||
|
||||
$extraCommands
|
||||
|
||||
mkdir -p $out/tarball
|
||||
|
||||
tar cvJf $out/tarball/$fileName.tar.xz * $extraArgs
|
||||
|
193
nixos/modules/config/fonts/fontconfig-ultimate.nix
Normal file
193
nixos/modules/config/fonts/fontconfig-ultimate.nix
Normal file
@ -0,0 +1,193 @@
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
with pkgs.lib;
|
||||
|
||||
let fcBool = x: if x then "<bool>true</bool>" else "<bool>false</bool>";
|
||||
in
|
||||
{
|
||||
|
||||
options = {
|
||||
|
||||
fonts = {
|
||||
|
||||
fontconfig = {
|
||||
|
||||
ultimate = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
Enable fontconfig-ultimate settings (formerly known as
|
||||
Infinality). Besides the customizable settings in this NixOS
|
||||
module, fontconfig-ultimate also provides many font-specific
|
||||
rendering tweaks.
|
||||
'';
|
||||
};
|
||||
|
||||
allowBitmaps = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
Allow bitmap fonts. Set to <literal>false</literal> to ban all
|
||||
bitmap fonts.
|
||||
'';
|
||||
};
|
||||
|
||||
allowType1 = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Allow Type-1 fonts. Default is <literal>false</literal> because of
|
||||
poor rendering.
|
||||
'';
|
||||
};
|
||||
|
||||
useEmbeddedBitmaps = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''Use embedded bitmaps in fonts like Calibri.'';
|
||||
};
|
||||
|
||||
forceAutohint = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Force use of the TrueType Autohinter. Useful for debugging or
|
||||
free-software purists.
|
||||
'';
|
||||
};
|
||||
|
||||
renderMonoTTFAsBitmap = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''Render some monospace TTF fonts as bitmaps.'';
|
||||
};
|
||||
|
||||
substitutions = mkOption {
|
||||
type = types.str // {
|
||||
check = flip elem ["none" "free" "combi" "ms"];
|
||||
};
|
||||
default = "free";
|
||||
description = ''
|
||||
Font substitutions to replace common Type 1 fonts with nicer
|
||||
TrueType fonts. <literal>free</literal> uses free fonts,
|
||||
<literal>ms</literal> uses Microsoft fonts,
|
||||
<literal>combi</literal> uses a combination, and
|
||||
<literal>none</literal> disables the substitutions.
|
||||
'';
|
||||
};
|
||||
|
||||
rendering = mkOption {
|
||||
type = types.attrs;
|
||||
default = pkgs.fontconfig-ultimate.rendering.ultimate;
|
||||
description = ''
|
||||
FreeType rendering settings presets. The default is
|
||||
<literal>pkgs.fontconfig-ultimate.rendering.ultimate</literal>.
|
||||
The other available styles are:
|
||||
<literal>ultimate-lighter</literal>,
|
||||
<literal>ultimate-darker</literal>,
|
||||
<literal>ultimate-lightest</literal>,
|
||||
<literal>ultimate-darkest</literal>,
|
||||
<literal>default</literal> (the original Infinality default),
|
||||
<literal>osx</literal>,
|
||||
<literal>ipad</literal>,
|
||||
<literal>ubuntu</literal>,
|
||||
<literal>linux</literal>,
|
||||
<literal>winxplight</literal>,
|
||||
<literal>win7light</literal>,
|
||||
<literal>winxp</literal>,
|
||||
<literal>win7</literal>,
|
||||
<literal>vanilla</literal>,
|
||||
<literal>classic</literal>,
|
||||
<literal>nudge</literal>,
|
||||
<literal>push</literal>,
|
||||
<literal>shove</literal>,
|
||||
<literal>sharpened</literal>,
|
||||
<literal>infinality</literal>. Any of the presets may be
|
||||
customized by editing the attributes. To disable, set this option
|
||||
to the empty attribute set <literal>{}</literal>.
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
|
||||
config =
|
||||
let ultimate = config.fonts.fontconfig.ultimate;
|
||||
fontconfigUltimateConf = ''
|
||||
<?xml version="1.0"?>
|
||||
<!DOCTYPE fontconfig SYSTEM "fonts.dtd">
|
||||
<fontconfig>
|
||||
|
||||
${optionalString ultimate.allowBitmaps ''
|
||||
<!-- Reject bitmap fonts -->
|
||||
<selectfont>
|
||||
<rejectfont>
|
||||
<pattern>
|
||||
<patelt name="scalable"><bool>false</bool></patelt>
|
||||
</pattern>
|
||||
</rejectfont>
|
||||
</selectfont>
|
||||
''}
|
||||
|
||||
${optionalString ultimate.allowType1 ''
|
||||
<!-- Reject Type 1 fonts -->
|
||||
<selectfont>
|
||||
<rejectfont>
|
||||
<pattern>
|
||||
<patelt name="fontformat">
|
||||
<string>Type 1</string>
|
||||
</patelt>
|
||||
</pattern>
|
||||
</rejectfont>
|
||||
</selectfont>
|
||||
''}
|
||||
|
||||
<!-- Use embedded bitmaps in fonts like Calibri? -->
|
||||
<match target="font">
|
||||
<edit name="embeddedbitmap" mode="assign">
|
||||
${fcBool ultimate.useEmbeddedBitmaps}
|
||||
</edit>
|
||||
</match>
|
||||
|
||||
<!-- Force autohint always -->
|
||||
<match target="font">
|
||||
<edit name="force_autohint" mode="assign">
|
||||
${fcBool ultimate.forceAutohint}
|
||||
</edit>
|
||||
</match>
|
||||
|
||||
<!-- Render some monospace TTF fonts as bitmaps -->
|
||||
<match target="pattern">
|
||||
<edit name="bitmap_monospace" mode="assign">
|
||||
${fcBool ultimate.renderMonoTTFAsBitmap}
|
||||
</edit>
|
||||
</match>
|
||||
|
||||
${optionalString (ultimate.substitutions != "none") ''
|
||||
<!-- Type 1 font substitutions -->
|
||||
<include ignore_missing="yes">${pkgs.fontconfig-ultimate.confd}/etc/fonts/presets/${ultimate.substitutions}</include>
|
||||
''}
|
||||
|
||||
<include ignore_missing="yes">${pkgs.fontconfig-ultimate.confd}/etc/fonts/conf.d</include>
|
||||
|
||||
</fontconfig>
|
||||
'';
|
||||
in mkIf (config.fonts.fontconfig.enable && ultimate.enable) {
|
||||
|
||||
environment.etc."fonts/conf.d/52-fontconfig-ultimate.conf" = {
|
||||
text = fontconfigUltimateConf;
|
||||
};
|
||||
|
||||
environment.etc."fonts/${pkgs.fontconfig.configVersion}/conf.d/52-fontconfig-ultimate.conf" = {
|
||||
text = fontconfigUltimateConf;
|
||||
};
|
||||
|
||||
environment.variables = ultimate.rendering;
|
||||
|
||||
};
|
||||
|
||||
}
|
@ -8,72 +8,250 @@ with lib;
|
||||
|
||||
fonts = {
|
||||
|
||||
enableFontConfig = mkOption { # !!! should be enableFontconfig
|
||||
type = types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
If enabled, a Fontconfig configuration file will be built
|
||||
pointing to a set of default fonts. If you don't care about
|
||||
running X11 applications or any other program that uses
|
||||
Fontconfig, you can turn this option off and prevent a
|
||||
dependency on all those fonts.
|
||||
'';
|
||||
fontconfig = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
If enabled, a Fontconfig configuration file will be built
|
||||
pointing to a set of default fonts. If you don't care about
|
||||
running X11 applications or any other program that uses
|
||||
Fontconfig, you can turn this option off and prevent a
|
||||
dependency on all those fonts.
|
||||
'';
|
||||
};
|
||||
|
||||
antialias = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
description = "Enable font antialiasing.";
|
||||
};
|
||||
|
||||
dpi = mkOption {
|
||||
type = types.int;
|
||||
default = 0;
|
||||
description = ''
|
||||
Force DPI setting. Setting to <literal>0</literal> disables DPI
|
||||
forcing; the DPI detected for the display will be used.
|
||||
'';
|
||||
};
|
||||
|
||||
defaultFonts = {
|
||||
monospace = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = ["DejaVu Sans Mono"];
|
||||
description = ''
|
||||
System-wide default monospace font(s). Multiple fonts may be
|
||||
listed in case multiple languages must be supported.
|
||||
'';
|
||||
};
|
||||
|
||||
sansSerif = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = ["DejaVu Sans"];
|
||||
description = ''
|
||||
System-wide default sans serif font(s). Multiple fonts may be
|
||||
listed in case multiple languages must be supported.
|
||||
'';
|
||||
};
|
||||
|
||||
serif = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = ["DejaVu Serif"];
|
||||
description = ''
|
||||
System-wide default serif font(s). Multiple fonts may be listed
|
||||
in case multiple languages must be supported.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
hinting = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
description = "Enable TrueType hinting.";
|
||||
};
|
||||
|
||||
autohint = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
Enable the autohinter, which provides hinting for otherwise
|
||||
un-hinted fonts. The results are usually lower quality than
|
||||
correctly-hinted fonts.
|
||||
'';
|
||||
};
|
||||
|
||||
style = mkOption {
|
||||
type = types.str // {
|
||||
check = flip elem ["none" "slight" "medium" "full"];
|
||||
};
|
||||
default = "full";
|
||||
description = ''
|
||||
TrueType hinting style, one of <literal>none</literal>,
|
||||
<literal>slight</literal>, <literal>medium</literal>, or
|
||||
<literal>full</literal>.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
includeUserConf = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
Include the user configuration from
|
||||
<filename>~/.config/fontconfig/fonts.conf</filename> or
|
||||
<filename>~/.config/fontconfig/conf.d</filename>.
|
||||
'';
|
||||
};
|
||||
|
||||
subpixel = {
|
||||
|
||||
rgba = mkOption {
|
||||
type = types.string // {
|
||||
check = flip elem ["rgb" "bgr" "vrgb" "vbgr" "none"];
|
||||
};
|
||||
default = "rgb";
|
||||
description = ''
|
||||
Subpixel order, one of <literal>none</literal>,
|
||||
<literal>rgb</literal>, <literal>bgr</literal>,
|
||||
<literal>vrgb</literal>, or <literal>vbgr</literal>.
|
||||
'';
|
||||
};
|
||||
|
||||
lcdfilter = mkOption {
|
||||
type = types.str // {
|
||||
check = flip elem ["none" "default" "light" "legacy"];
|
||||
};
|
||||
default = "default";
|
||||
description = ''
|
||||
FreeType LCD filter, one of <literal>none</literal>,
|
||||
<literal>default</literal>, <literal>light</literal>, or
|
||||
<literal>legacy</literal>.
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
config =
|
||||
let fontconfig = config.fonts.fontconfig;
|
||||
fcBool = x: "<bool>" + (if x then "true" else "false") + "</bool>";
|
||||
nixosConf = ''
|
||||
<?xml version='1.0'?>
|
||||
<!DOCTYPE fontconfig SYSTEM 'fonts.dtd'>
|
||||
<fontconfig>
|
||||
|
||||
config = mkIf config.fonts.enableFontConfig {
|
||||
<!-- Default rendering settings -->
|
||||
<match target="font">
|
||||
<edit mode="assign" name="hinting">
|
||||
${fcBool fontconfig.hinting.enable}
|
||||
</edit>
|
||||
<edit mode="assign" name="autohint">
|
||||
${fcBool fontconfig.hinting.autohint}
|
||||
</edit>
|
||||
<edit mode="assign" name="hintstyle">
|
||||
<const>hint${fontconfig.hinting.style}</const>
|
||||
</edit>
|
||||
<edit mode="assign" name="antialias">
|
||||
${fcBool fontconfig.antialias}
|
||||
</edit>
|
||||
<edit mode="assign" name="rgba">
|
||||
<const>${fontconfig.subpixel.rgba}</const>
|
||||
</edit>
|
||||
<edit mode="assign" name="lcdfilter">
|
||||
<const>lcd${fontconfig.subpixel.lcdfilter}</const>
|
||||
</edit>
|
||||
</match>
|
||||
|
||||
# Fontconfig 2.10 backward compatibility
|
||||
<!-- Default fonts -->
|
||||
${optionalString (fontconfig.defaultFonts.sansSerif != []) ''
|
||||
<alias>
|
||||
<family>sans-serif</family>
|
||||
<prefer>
|
||||
${concatStringsSep "\n"
|
||||
(map (font: "<family>${font}</family>")
|
||||
fontconfig.defaultFonts.sansSerif)}
|
||||
</prefer>
|
||||
</alias>
|
||||
''}
|
||||
${optionalString (fontconfig.defaultFonts.serif != []) ''
|
||||
<alias>
|
||||
<family>serif</family>
|
||||
<prefer>
|
||||
${concatStringsSep "\n"
|
||||
(map (font: "<family>${font}</family>")
|
||||
fontconfig.defaultFonts.serif)}
|
||||
</prefer>
|
||||
</alias>
|
||||
''}
|
||||
${optionalString (fontconfig.defaultFonts.monospace != []) ''
|
||||
<alias>
|
||||
<family>monospace</family>
|
||||
<prefer>
|
||||
${concatStringsSep "\n"
|
||||
(map (font: "<family>${font}</family>")
|
||||
fontconfig.defaultFonts.monospace)}
|
||||
</prefer>
|
||||
</alias>
|
||||
''}
|
||||
|
||||
# Bring in the default (upstream) fontconfig configuration, only for fontconfig 2.10
|
||||
environment.etc."fonts/fonts.conf".source =
|
||||
pkgs.makeFontsConf { fontconfig = pkgs.fontconfig_210; fontDirectories = config.fonts.fonts; };
|
||||
${optionalString (fontconfig.dpi != 0) ''
|
||||
<match target="pattern">
|
||||
<edit name="dpi" mode="assign">
|
||||
<double>${fontconfig.dpi}</double>
|
||||
</edit>
|
||||
</match>
|
||||
''}
|
||||
|
||||
environment.etc."fonts/conf.d/00-nixos.conf".text =
|
||||
''
|
||||
<?xml version='1.0'?>
|
||||
<!DOCTYPE fontconfig SYSTEM 'fonts.dtd'>
|
||||
<fontconfig>
|
||||
</fontconfig>
|
||||
'';
|
||||
in mkIf fontconfig.enable {
|
||||
|
||||
<!-- Set the default hinting style to "slight". -->
|
||||
<match target="font">
|
||||
<edit mode="assign" name="hintstyle">
|
||||
<const>hintslight</const>
|
||||
</edit>
|
||||
</match>
|
||||
# Fontconfig 2.10 backward compatibility
|
||||
|
||||
</fontconfig>
|
||||
'';
|
||||
# Bring in the default (upstream) fontconfig configuration, only for fontconfig 2.10
|
||||
environment.etc."fonts/fonts.conf".source =
|
||||
pkgs.makeFontsConf { fontconfig = pkgs.fontconfig_210; fontDirectories = config.fonts.fonts; };
|
||||
|
||||
# Versioned fontconfig > 2.10. Take shared fonts.conf from fontconfig.
|
||||
# Otherwise specify only font directories.
|
||||
environment.etc."fonts/${pkgs.fontconfig.configVersion}/fonts.conf".source =
|
||||
"${pkgs.fontconfig}/etc/fonts/fonts.conf";
|
||||
environment.etc."fonts/${pkgs.fontconfig.configVersion}/conf.d/00-nixos.conf".text =
|
||||
''
|
||||
<?xml version='1.0'?>
|
||||
<!DOCTYPE fontconfig SYSTEM 'fonts.dtd'>
|
||||
<fontconfig>
|
||||
environment.etc."fonts/conf.d/98-nixos.conf".text = nixosConf;
|
||||
|
||||
<!-- Set the default hinting style to "slight". -->
|
||||
<match target="font">
|
||||
<edit mode="assign" name="hintstyle">
|
||||
<const>hintslight</const>
|
||||
</edit>
|
||||
</match>
|
||||
# Versioned fontconfig > 2.10. Take shared fonts.conf from fontconfig.
|
||||
# Otherwise specify only font directories.
|
||||
environment.etc."fonts/${pkgs.fontconfig.configVersion}/fonts.conf".source =
|
||||
"${pkgs.fontconfig}/etc/fonts/fonts.conf";
|
||||
|
||||
<!-- Font directories -->
|
||||
${concatStringsSep "\n" (map (font: "<dir>${font}</dir>") config.fonts.fonts)}
|
||||
environment.etc."fonts/${pkgs.fontconfig.configVersion}/conf.d/00-nixos.conf".text =
|
||||
''
|
||||
<?xml version='1.0'?>
|
||||
<!DOCTYPE fontconfig SYSTEM 'fonts.dtd'>
|
||||
<fontconfig>
|
||||
<!-- Font directories -->
|
||||
${concatStringsSep "\n" (map (font: "<dir>${font}</dir>") config.fonts.fonts)}
|
||||
</fontconfig>
|
||||
'';
|
||||
|
||||
</fontconfig>
|
||||
'';
|
||||
environment.etc."fonts/${pkgs.fontconfig.configVersion}/conf.d/98-nixos.conf".text = nixosConf;
|
||||
|
||||
environment.systemPackages = [ pkgs.fontconfig ];
|
||||
environment.etc."fonts/${pkgs.fontconfig.configVersion}/conf.d/99-user.conf" = {
|
||||
enable = fontconfig.includeUserConf;
|
||||
text = ''
|
||||
<?xml version="1.0"?>
|
||||
<!DOCTYPE fontconfig SYSTEM "fonts.dtd">
|
||||
<fontconfig>
|
||||
<include ignore_missing="yes" prefix="xdg">fontconfig/conf.d</include>
|
||||
<include ignore_missing="yes" prefix="xdg">fontconfig/fonts.conf</include>
|
||||
</fontconfig>
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
environment.systemPackages = [ pkgs.fontconfig ];
|
||||
|
||||
};
|
||||
|
||||
}
|
||||
|
@ -25,7 +25,7 @@ with lib;
|
||||
[ pkgs.xorg.fontbhttf
|
||||
pkgs.xorg.fontbhlucidatypewriter100dpi
|
||||
pkgs.xorg.fontbhlucidatypewriter75dpi
|
||||
pkgs.ttf_bitstream_vera
|
||||
pkgs.dejavu_fonts
|
||||
pkgs.freefont_ttf
|
||||
pkgs.liberation_ttf
|
||||
pkgs.xorg.fontbh100dpi
|
||||
|
@ -24,7 +24,7 @@ with lib;
|
||||
programs.ssh.setXAuthLocation = false;
|
||||
security.pam.services.su.forwardXAuth = lib.mkForce false;
|
||||
|
||||
fonts.enableFontConfig = false;
|
||||
fonts.fontconfig.enable = false;
|
||||
|
||||
nixpkgs.config.packageOverrides = pkgs:
|
||||
{ dbus = pkgs.dbus.override { useX11 = false; }; };
|
||||
|
@ -12,7 +12,8 @@ with lib;
|
||||
default = false;
|
||||
type = types.bool;
|
||||
description = ''
|
||||
Turn on this option if you want to enable all the firmware shipped with Debian/Ubuntu.
|
||||
Turn on this option if you want to enable all the firmware shipped with Debian/Ubuntu
|
||||
and iwlwifi.
|
||||
'';
|
||||
};
|
||||
|
||||
@ -22,7 +23,11 @@ with lib;
|
||||
###### implementation
|
||||
|
||||
config = mkIf config.hardware.enableAllFirmware {
|
||||
hardware.firmware = [ "${pkgs.firmwareLinuxNonfree}/lib/firmware" ];
|
||||
hardware.firmware = [
|
||||
"${pkgs.firmwareLinuxNonfree}/lib/firmware"
|
||||
"${pkgs.iwlegacy}/lib/firmware"
|
||||
"${pkgs.iwlwifi}/lib/firmware"
|
||||
];
|
||||
};
|
||||
|
||||
}
|
||||
|
@ -156,7 +156,7 @@ if [ -n "$buildNix" ]; then
|
||||
exit 1
|
||||
fi
|
||||
if ! nix-store -r $nixStorePath --add-root $tmpDir/nix --indirect \
|
||||
--option extra-binary-caches http://cache.nixos.org/; then
|
||||
--option extra-binary-caches https://cache.nixos.org/; then
|
||||
echo "warning: don't know how to get latest Nix" >&2
|
||||
fi
|
||||
# Older version of nix-store -r don't support --add-root.
|
||||
|
@ -170,6 +170,8 @@
|
||||
scollector = 160;
|
||||
bosun = 161;
|
||||
kubernetes = 162;
|
||||
peerflix = 163;
|
||||
chronos = 164;
|
||||
|
||||
# When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399!
|
||||
|
||||
@ -210,6 +212,7 @@
|
||||
privoxy = 32;
|
||||
disnix = 33;
|
||||
osgi = 34;
|
||||
tor = 35;
|
||||
ghostOne = 40;
|
||||
git = 41;
|
||||
fourstore = 42;
|
||||
@ -304,6 +307,7 @@
|
||||
scollector = 156;
|
||||
bosun = 157;
|
||||
kubernetes = 158;
|
||||
fleet = 159;
|
||||
|
||||
# When adding a gid, make sure it doesn't match an existing uid. And don't use gids above 399!
|
||||
|
||||
|
@ -1,6 +1,7 @@
|
||||
[
|
||||
./config/fonts/corefonts.nix
|
||||
./config/fonts/fontconfig.nix
|
||||
./config/fonts/fontconfig-ultimate.nix
|
||||
./config/fonts/fontdir.nix
|
||||
./config/fonts/fonts.nix
|
||||
./config/fonts/ghostscript.nix
|
||||
@ -101,6 +102,8 @@
|
||||
./services/backup/rsnapshot.nix
|
||||
./services/backup/sitecopy-backup.nix
|
||||
./services/backup/tarsnap.nix
|
||||
./services/cluster/fleet.nix
|
||||
./services/cluster/kubernetes.nix
|
||||
./services/computing/torque/server.nix
|
||||
./services/computing/torque/mom.nix
|
||||
./services/continuous-integration/jenkins/default.nix
|
||||
@ -293,6 +296,7 @@
|
||||
./services/networking/znc.nix
|
||||
./services/printing/cupsd.nix
|
||||
./services/scheduling/atd.nix
|
||||
./services/scheduling/chronos.nix
|
||||
./services/scheduling/cron.nix
|
||||
./services/scheduling/fcron.nix
|
||||
./services/search/elasticsearch.nix
|
||||
@ -302,7 +306,6 @@
|
||||
./services/security/fprot.nix
|
||||
./services/security/frandom.nix
|
||||
./services/security/haveged.nix
|
||||
./services/security/torify.nix
|
||||
./services/security/tor.nix
|
||||
./services/security/torsocks.nix
|
||||
./services/system/dbus.nix
|
||||
@ -310,6 +313,7 @@
|
||||
./services/system/nscd.nix
|
||||
./services/system/uptimed.nix
|
||||
./services/torrent/deluge.nix
|
||||
./services/torrent/peerflix.nix
|
||||
./services/torrent/transmission.nix
|
||||
./services/ttys/agetty.nix
|
||||
./services/ttys/gpm.nix
|
||||
@ -358,6 +362,7 @@
|
||||
./system/boot/loader/efi.nix
|
||||
./system/boot/loader/generations-dir/generations-dir.nix
|
||||
./system/boot/loader/grub/grub.nix
|
||||
./system/boot/loader/grub/ipxe.nix
|
||||
./system/boot/loader/grub/memtest.nix
|
||||
./system/boot/loader/gummiboot/gummiboot.nix
|
||||
./system/boot/loader/init-script/init-script.nix
|
||||
@ -398,7 +403,6 @@
|
||||
./virtualisation/container-config.nix
|
||||
./virtualisation/containers.nix
|
||||
./virtualisation/docker.nix
|
||||
./virtualisation/kubernetes.nix
|
||||
./virtualisation/libvirtd.nix
|
||||
./virtualisation/lxc.nix
|
||||
#./virtualisation/nova.nix
|
||||
|
57
nixos/modules/profiles/container.nix
Normal file
57
nixos/modules/profiles/container.nix
Normal file
@ -0,0 +1,57 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
pkgs2storeContents = l : map (x: { object = x; symlink = "none"; }) l;
|
||||
|
||||
in {
|
||||
# Docker image config.
|
||||
imports = [
|
||||
../installer/cd-dvd/channel.nix
|
||||
./minimal.nix
|
||||
./clone-config.nix
|
||||
];
|
||||
|
||||
# Create the tarball
|
||||
system.build.tarball = import ../../lib/make-system-tarball.nix {
|
||||
inherit (pkgs) stdenv perl xz pathsFromGraph;
|
||||
|
||||
contents = [];
|
||||
extraArgs = "--owner=0";
|
||||
|
||||
# Some container managers like lxc need these
|
||||
extraCommands = "mkdir -p proc sys dev";
|
||||
|
||||
# Add init script to image
|
||||
storeContents = [
|
||||
{ object = config.system.build.toplevel + "/init";
|
||||
symlink = "/init";
|
||||
}
|
||||
] ++ (pkgs2storeContents [ pkgs.stdenv ]);
|
||||
};
|
||||
|
||||
boot.postBootCommands =
|
||||
''
|
||||
# After booting, register the contents of the Nix store in the Nix
|
||||
# database.
|
||||
if [ -f /nix-path-registration ]; then
|
||||
${config.nix.package}/bin/nix-store --load-db < /nix-path-registration &&
|
||||
rm /nix-path-registration
|
||||
fi
|
||||
|
||||
# nixos-rebuild also requires a "system" profile and an
|
||||
# /etc/NIXOS tag.
|
||||
touch /etc/NIXOS
|
||||
${config.nix.package}/bin/nix-env -p /nix/var/nix/profiles/system --set /run/current-system
|
||||
'';
|
||||
|
||||
boot.isContainer = true;
|
||||
|
||||
# Disable some features that are not useful in a container.
|
||||
sound.enable = mkDefault false;
|
||||
services.udisks2.enable = mkDefault false;
|
||||
|
||||
# Shut up warnings about not having a boot loader.
|
||||
system.build.installBootLoader = "${pkgs.coreutils}/bin/true";
|
||||
}
|
@ -105,7 +105,7 @@ in
|
||||
};
|
||||
|
||||
enableCompletion = mkOption {
|
||||
default = false;
|
||||
default = true;
|
||||
description = ''
|
||||
Enable Bash completion for all interactive bash shells.
|
||||
'';
|
||||
|
@ -74,6 +74,7 @@ in zipModules ([]
|
||||
++ obsolete [ "environment" "x11Packages" ] [ "environment" "systemPackages" ]
|
||||
++ obsolete [ "environment" "enableBashCompletion" ] [ "programs" "bash" "enableCompletion" ]
|
||||
++ obsolete [ "environment" "nix" ] [ "nix" "package" ]
|
||||
++ obsolete [ "fonts" "enableFontConfig" ] [ "fonts" "fontconfig" "enable" ]
|
||||
++ obsolete [ "fonts" "extraFonts" ] [ "fonts" "fonts" ]
|
||||
|
||||
++ obsolete [ "security" "extraSetuidPrograms" ] [ "security" "setuidPrograms" ]
|
||||
|
@ -16,6 +16,8 @@ with lib;
|
||||
{ SSL_CERT_FILE = "/etc/ssl/certs/ca-bundle.crt";
|
||||
# FIXME: unneeded - remove eventually.
|
||||
OPENSSL_X509_CERT_FILE = "/etc/ssl/certs/ca-bundle.crt";
|
||||
# FIXME: unneeded - remove eventually.
|
||||
GIT_SSL_CAINFO = "/etc/ssl/certs/ca-bundle.crt";
|
||||
};
|
||||
|
||||
};
|
||||
|
@ -109,6 +109,7 @@ in {
|
||||
};
|
||||
|
||||
sqlalchemy_engine_url = mkOption {
|
||||
default = "postgresql:///bacula";
|
||||
example = ''
|
||||
postgresql://bacula:bacula@localhost:5432/bacula
|
||||
mysql+mysqlconnector://<user>:<password>@<hostname>/<database>'
|
||||
|
150
nixos/modules/services/cluster/fleet.nix
Normal file
150
nixos/modules/services/cluster/fleet.nix
Normal file
@ -0,0 +1,150 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.fleet;
|
||||
|
||||
in {
|
||||
|
||||
##### Interface
|
||||
options.services.fleet = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to enable fleet service.
|
||||
'';
|
||||
};
|
||||
|
||||
listen = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [ "/var/run/fleet.sock" ];
|
||||
example = [ "/var/run/fleet.sock" "127.0.0.1:49153" ];
|
||||
description = ''
|
||||
Fleet listening addresses.
|
||||
'';
|
||||
};
|
||||
|
||||
etcdServers = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [ "http://127.0.0.1:4001" ];
|
||||
description = ''
|
||||
Fleet list of etcd endpoints to use.
|
||||
'';
|
||||
};
|
||||
|
||||
publicIp = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = "";
|
||||
description = ''
|
||||
Fleet IP address that should be published with the local Machine's
|
||||
state and any socket information. If not set, fleetd will attempt
|
||||
to detect the IP it should publish based on the machine's IP
|
||||
routing information.
|
||||
'';
|
||||
};
|
||||
|
||||
etcdCafile = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
default = null;
|
||||
description = ''
|
||||
Fleet TLS ca file when SSL certificate authentication is enabled
|
||||
in etcd endpoints.
|
||||
'';
|
||||
};
|
||||
|
||||
etcdKeyfile = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
default = null;
|
||||
description = ''
|
||||
Fleet TLS key file when SSL certificate authentication is enabled
|
||||
in etcd endpoints.
|
||||
'';
|
||||
};
|
||||
|
||||
etcdCertfile = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
default = null;
|
||||
description = ''
|
||||
Fleet TLS cert file when SSL certificate authentication is enabled
|
||||
in etcd endpoints.
|
||||
'';
|
||||
};
|
||||
|
||||
metadata = mkOption {
|
||||
type = types.attrsOf types.str;
|
||||
default = {};
|
||||
apply = attrs: concatMapStringsSep "," (n: "${n}=${attrs."${n}"}") (attrNames attrs);
|
||||
example = literalExample ''
|
||||
{
|
||||
region = "us-west";
|
||||
az = "us-west-1";
|
||||
}
|
||||
'';
|
||||
description = ''
|
||||
Key/value pairs that are published with the local to the fleet registry.
|
||||
This data can be used directly by a client of fleet to make scheduling decisions.
|
||||
'';
|
||||
};
|
||||
|
||||
extraConfig = mkOption {
|
||||
type = types.attrsOf types.str;
|
||||
apply = mapAttrs' (n: v: nameValuePair ("ETCD_" + n) v);
|
||||
default = {};
|
||||
example = literalExample ''
|
||||
{
|
||||
VERBOSITY = 1;
|
||||
ETCD_REQUEST_TIMEOUT = "2.0";
|
||||
AGENT_TTL = "40s";
|
||||
}
|
||||
'';
|
||||
description = ''
|
||||
Fleet extra config. See
|
||||
<link xlink:href="https://github.com/coreos/fleet/blob/master/Documentation/deployment-and-configuration.md"/>
|
||||
for configuration options.
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
##### Implementation
|
||||
config = mkIf cfg.enable {
|
||||
systemd.services.fleet = {
|
||||
description = "Fleet Init System Daemon";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network.target" "fleet.socket" "etcd.service" "docker.service" ];
|
||||
requires = [ "fleet.socket" ];
|
||||
environment = {
|
||||
FLEET_ETCD_SERVERS = concatStringsSep "," cfg.etcdServers;
|
||||
FLEET_PUBLIC_IP = cfg.publicIp;
|
||||
FLEET_ETCD_CAFILE = cfg.etcdCafile;
|
||||
FLEET_ETCD_KEYFILE = cfg.etcdKeyfile;
|
||||
FEELT_ETCD_CERTFILE = cfg.etcdCertfile;
|
||||
FLEET_METADATA = cfg.metadata;
|
||||
} // cfg.extraConfig;
|
||||
serviceConfig = {
|
||||
ExecStart = "${pkgs.fleet}/bin/fleetd";
|
||||
Group = "fleet";
|
||||
};
|
||||
};
|
||||
|
||||
systemd.sockets.fleet = {
|
||||
description = "Fleet Socket for the API";
|
||||
wantedBy = [ "sockets.target" ];
|
||||
listenStreams = cfg.listen;
|
||||
socketConfig = {
|
||||
ListenStream = "/var/run/fleet.sock";
|
||||
SocketMode = "0660";
|
||||
SocketUser = "root";
|
||||
SocketGroup = "fleet";
|
||||
};
|
||||
};
|
||||
|
||||
services.etcd.enable = mkDefault true;
|
||||
virtualisation.docker.enable = mkDefault true;
|
||||
|
||||
environment.systemPackages = [ pkgs.fleet ];
|
||||
users.extraGroups.fleet.gid = config.ids.gids.fleet;
|
||||
};
|
||||
}
|
@ -3,16 +3,15 @@
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.virtualisation.kubernetes;
|
||||
cfg = config.services.kubernetes;
|
||||
|
||||
in {
|
||||
|
||||
###### interface
|
||||
|
||||
options.virtualisation.kubernetes = {
|
||||
options.services.kubernetes = {
|
||||
package = mkOption {
|
||||
description = "Kubernetes package to use.";
|
||||
default = pkgs.kubernetes;
|
||||
type = types.package;
|
||||
};
|
||||
|
||||
@ -421,15 +420,15 @@ in {
|
||||
})
|
||||
|
||||
(mkIf (any (el: el == "master") cfg.roles) {
|
||||
virtualisation.kubernetes.apiserver.enable = mkDefault true;
|
||||
virtualisation.kubernetes.scheduler.enable = mkDefault true;
|
||||
virtualisation.kubernetes.controllerManager.enable = mkDefault true;
|
||||
services.kubernetes.apiserver.enable = mkDefault true;
|
||||
services.kubernetes.scheduler.enable = mkDefault true;
|
||||
services.kubernetes.controllerManager.enable = mkDefault true;
|
||||
})
|
||||
|
||||
(mkIf (any (el: el == "node") cfg.roles) {
|
||||
virtualisation.docker.enable = mkDefault true;
|
||||
virtualisation.kubernetes.kubelet.enable = mkDefault true;
|
||||
virtualisation.kubernetes.proxy.enable = mkDefault true;
|
||||
services.kubernetes.kubelet.enable = mkDefault true;
|
||||
services.kubernetes.proxy.enable = mkDefault true;
|
||||
})
|
||||
|
||||
(mkIf (any (el: el == "node" || el == "master") cfg.roles) {
|
||||
@ -443,6 +442,8 @@ in {
|
||||
cfg.kubelet.enable ||
|
||||
cfg.proxy.enable
|
||||
) {
|
||||
services.kubernetes.package = mkDefault pkgs.kubernetes;
|
||||
|
||||
environment.systemPackages = [ cfg.package ];
|
||||
|
||||
users.extraUsers = singleton {
|
@ -1,6 +1,6 @@
|
||||
# gvfs backends
|
||||
|
||||
{ config, lib, ... }:
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
@ -37,6 +37,8 @@ in
|
||||
|
||||
services.dbus.packages = [ gnome3.gvfs ];
|
||||
|
||||
services.udev.packages = [ pkgs.libmtp ];
|
||||
|
||||
};
|
||||
|
||||
}
|
||||
|
@ -88,7 +88,7 @@ let
|
||||
done
|
||||
|
||||
${optionalString config.networking.usePredictableInterfaceNames ''
|
||||
cp ${./80-net-name-slot.rules} $out/80-net-name-slot.rules
|
||||
cp ${./80-net-setup-link.rules} $out/80-net-setup-link.rules
|
||||
''}
|
||||
|
||||
# If auto-configuration is disabled, then remove
|
||||
|
@ -84,7 +84,7 @@ in
|
||||
startOn = "started network-interfaces";
|
||||
stopOn = "stopping network-interfaces";
|
||||
|
||||
path = [ pkgs.nfsUtils pkgs.sshfsFuse ];
|
||||
path = [ pkgs.nfs-utils pkgs.sshfsFuse ];
|
||||
|
||||
preStop =
|
||||
''
|
||||
|
@ -4,11 +4,11 @@ with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.mesos.master;
|
||||
|
||||
|
||||
in {
|
||||
|
||||
options.services.mesos = {
|
||||
|
||||
|
||||
master = {
|
||||
enable = mkOption {
|
||||
description = "Whether to enable the Mesos Master.";
|
||||
@ -31,36 +31,36 @@ in {
|
||||
'';
|
||||
type = types.str;
|
||||
};
|
||||
|
||||
|
||||
workDir = mkOption {
|
||||
description = "The Mesos work directory.";
|
||||
default = "/var/lib/mesos/master";
|
||||
type = types.str;
|
||||
};
|
||||
|
||||
|
||||
extraCmdLineOptions = mkOption {
|
||||
description = ''
|
||||
Extra command line options for Mesos Master.
|
||||
|
||||
|
||||
See https://mesos.apache.org/documentation/latest/configuration/
|
||||
'';
|
||||
default = [ "" ];
|
||||
type = types.listOf types.string;
|
||||
example = [ "--credentials=VALUE" ];
|
||||
};
|
||||
|
||||
|
||||
quorum = mkOption {
|
||||
description = ''
|
||||
The size of the quorum of replicas when using 'replicated_log' based
|
||||
registry. It is imperative to set this value to be a majority of
|
||||
masters i.e., quorum > (number of masters)/2.
|
||||
|
||||
|
||||
If 0 will fall back to --registry=in_memory.
|
||||
'';
|
||||
default = 0;
|
||||
type = types.int;
|
||||
};
|
||||
|
||||
|
||||
logLevel = mkOption {
|
||||
description = ''
|
||||
The logging level used. Possible values:
|
||||
@ -86,11 +86,12 @@ in {
|
||||
${pkgs.mesos}/bin/mesos-master \
|
||||
--port=${toString cfg.port} \
|
||||
--zk=${cfg.zk} \
|
||||
${if cfg.quorum == 0 then "--registry=in_memory" else "--registry=replicated_log --quorum=${cfg.quorum}"} \
|
||||
${if cfg.quorum == 0 then "--registry=in_memory" else "--registry=replicated_log --quorum=${toString cfg.quorum}"} \
|
||||
--work_dir=${cfg.workDir} \
|
||||
--logging_level=${cfg.logLevel} \
|
||||
${toString cfg.extraCmdLineOptions}
|
||||
'';
|
||||
Restart = "on-failure";
|
||||
PermissionsStartOnly = true;
|
||||
};
|
||||
preStart = ''
|
||||
@ -98,6 +99,6 @@ in {
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
@ -4,7 +4,7 @@ with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.mesos.slave;
|
||||
|
||||
|
||||
in {
|
||||
|
||||
options.services.mesos = {
|
||||
@ -29,30 +29,30 @@ in {
|
||||
'';
|
||||
type = types.str;
|
||||
};
|
||||
|
||||
|
||||
withHadoop = mkOption {
|
||||
description = "Add the HADOOP_HOME to the slave.";
|
||||
default = false;
|
||||
type = types.bool;
|
||||
};
|
||||
|
||||
|
||||
workDir = mkOption {
|
||||
description = "The Mesos work directory.";
|
||||
default = "/var/lib/mesos/slave";
|
||||
type = types.str;
|
||||
};
|
||||
|
||||
|
||||
extraCmdLineOptions = mkOption {
|
||||
description = ''
|
||||
Extra command line options for Mesos Slave.
|
||||
|
||||
|
||||
See https://mesos.apache.org/documentation/latest/configuration/
|
||||
'';
|
||||
default = [ "" ];
|
||||
type = types.listOf types.string;
|
||||
example = [ "--gc_delay=3days" ];
|
||||
};
|
||||
|
||||
|
||||
logLevel = mkOption {
|
||||
description = ''
|
||||
The logging level used. Possible values:
|
||||
@ -72,6 +72,7 @@ in {
|
||||
description = "Mesos Slave";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network-interfaces.target" ];
|
||||
environment.MESOS_CONTAINERIZERS = "docker,mesos";
|
||||
serviceConfig = {
|
||||
ExecStart = ''
|
||||
${pkgs.mesos}/bin/mesos-slave \
|
||||
@ -80,6 +81,7 @@ in {
|
||||
${optionalString cfg.withHadoop "--hadoop-home=${pkgs.hadoop}"} \
|
||||
--work_dir=${cfg.workDir} \
|
||||
--logging_level=${cfg.logLevel} \
|
||||
--docker=${pkgs.docker}/libexec/docker/docker \
|
||||
${toString cfg.extraCmdLineOptions}
|
||||
'';
|
||||
PermissionsStartOnly = true;
|
||||
@ -89,5 +91,5 @@ in {
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -225,7 +225,7 @@ in
|
||||
|
||||
binaryCaches = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [ http://cache.nixos.org/ ];
|
||||
default = [ https://cache.nixos.org/ ];
|
||||
description = ''
|
||||
List of binary cache URLs used to obtain pre-built binaries
|
||||
of Nix packages.
|
||||
|
@ -81,27 +81,26 @@ in
|
||||
|
||||
###### implementation
|
||||
|
||||
config = {
|
||||
|
||||
systemd.services."synergy-client" = {
|
||||
enable = cfgC.enable;
|
||||
after = [ "network.target" ];
|
||||
description = "Synergy client";
|
||||
wantedBy = optional cfgC.autoStart "multi-user.target";
|
||||
path = [ pkgs.synergy ];
|
||||
serviceConfig.ExecStart = ''${pkgs.synergy}/bin/synergyc -f ${optionalString (cfgC.screenName != "") "-n ${cfgC.screenName}"} ${cfgC.serverAddress}'';
|
||||
};
|
||||
|
||||
systemd.services."synergy-server" = {
|
||||
enable = cfgS.enable;
|
||||
after = [ "network.target" ];
|
||||
description = "Synergy server";
|
||||
wantedBy = optional cfgS.autoStart "multi-user.target";
|
||||
path = [ pkgs.synergy ];
|
||||
serviceConfig.ExecStart = ''${pkgs.synergy}/bin/synergys -c ${cfgS.configFile} -f ${optionalString (cfgS.address != "") "-a ${cfgS.address}"} ${optionalString (cfgS.screenName != "") "-n ${cfgS.screenName}" }'';
|
||||
};
|
||||
|
||||
};
|
||||
config = mkMerge [
|
||||
(mkIf cfgC.enable {
|
||||
systemd.services."synergy-client" = {
|
||||
after = [ "network.target" ];
|
||||
description = "Synergy client";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
path = [ pkgs.synergy ];
|
||||
serviceConfig.ExecStart = ''${pkgs.synergy}/bin/synergyc -f ${optionalString (cfgC.screenName != "") "-n ${cfgC.screenName}"} ${cfgC.serverAddress}'';
|
||||
};
|
||||
})
|
||||
(mkIf cfgS.enable {
|
||||
systemd.services."synergy-server" = {
|
||||
after = [ "network.target" ];
|
||||
description = "Synergy server";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
path = [ pkgs.synergy ];
|
||||
serviceConfig.ExecStart = ''${pkgs.synergy}/bin/synergys -c ${cfgS.configFile} -f ${optionalString (cfgS.address != "") "-a ${cfgS.address}"} ${optionalString (cfgS.screenName != "") "-n ${cfgS.screenName}" }'';
|
||||
};
|
||||
})
|
||||
];
|
||||
|
||||
}
|
||||
|
||||
|
@ -30,7 +30,6 @@ in {
|
||||
|
||||
package = mkOption {
|
||||
type = types.package;
|
||||
default = pkgs.bosun;
|
||||
example = literalExample "pkgs.bosun";
|
||||
description = ''
|
||||
bosun binary to use.
|
||||
@ -94,8 +93,9 @@ in {
|
||||
|
||||
};
|
||||
|
||||
config = mkIf config.services.bosun.enable {
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
services.bosun.package = mkDefault pkgs.bosun;
|
||||
|
||||
systemd.services.bosun = {
|
||||
description = "bosun metrics collector (part of Bosun)";
|
||||
|
@ -86,7 +86,7 @@ in
|
||||
|
||||
boot.supportedFilesystems = [ "nfs" ]; # needed for statd and idmapd
|
||||
|
||||
environment.systemPackages = [ pkgs.nfsUtils ];
|
||||
environment.systemPackages = [ pkgs.nfs-utils ];
|
||||
|
||||
environment.etc = singleton
|
||||
{ source = exports;
|
||||
@ -104,7 +104,7 @@ in
|
||||
after = [ "rpcbind.service" "mountd.service" "idmapd.service" ];
|
||||
before = [ "statd.service" ];
|
||||
|
||||
path = [ pkgs.nfsUtils ];
|
||||
path = [ pkgs.nfs-utils ];
|
||||
|
||||
script =
|
||||
''
|
||||
@ -131,7 +131,7 @@ in
|
||||
requires = [ "rpcbind.service" ];
|
||||
after = [ "rpcbind.service" ];
|
||||
|
||||
path = [ pkgs.nfsUtils pkgs.sysvtools pkgs.utillinux ];
|
||||
path = [ pkgs.nfs-utils pkgs.sysvtools pkgs.utillinux ];
|
||||
|
||||
preStart =
|
||||
''
|
||||
@ -157,7 +157,7 @@ in
|
||||
|
||||
serviceConfig.Type = "forking";
|
||||
serviceConfig.ExecStart = ''
|
||||
@${pkgs.nfsUtils}/sbin/rpc.mountd rpc.mountd \
|
||||
@${pkgs.nfs-utils}/sbin/rpc.mountd rpc.mountd \
|
||||
${if cfg.mountdPort != null then "-p ${toString cfg.mountdPort}" else ""}
|
||||
'';
|
||||
serviceConfig.Restart = "always";
|
||||
|
@ -8,7 +8,6 @@ let
|
||||
|
||||
configOptions = {
|
||||
data_dir = dataDir;
|
||||
rejoin_after_leave = true;
|
||||
}
|
||||
// (if cfg.webUi then { ui_dir = "${pkgs.consul.ui}"; } else { })
|
||||
// cfg.extraConfig;
|
||||
@ -41,6 +40,35 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
leaveOnStop = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
If enabled, causes a leave action to be sent when closing consul.
|
||||
This allows a clean termination of the node, but permanently removes
|
||||
it from the cluster. You probably don't want this option unless you
|
||||
are running a node which going offline in a permanent / semi-permanent
|
||||
fashion.
|
||||
'';
|
||||
};
|
||||
|
||||
joinNodes = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [ ];
|
||||
description = ''
|
||||
A list of addresses of nodes which should be joined at startup if the
|
||||
current node is in a left state.
|
||||
'';
|
||||
};
|
||||
|
||||
joinRetries = mkOption {
|
||||
type = types.int;
|
||||
default = 10;
|
||||
description = ''
|
||||
The number of times to retry connecting to the join nodes.
|
||||
'';
|
||||
};
|
||||
|
||||
interface = {
|
||||
|
||||
advertise = mkOption {
|
||||
@ -119,13 +147,14 @@ in
|
||||
serviceConfig = {
|
||||
ExecStart = "@${pkgs.consul}/bin/consul consul agent"
|
||||
+ concatMapStrings (n: " -config-file ${n}") configFiles;
|
||||
ExecStop = "${pkgs.consul}/bin/consul leave";
|
||||
ExecReload = "${pkgs.consul}/bin/consul reload";
|
||||
PermissionsStartOnly = true;
|
||||
User = if cfg.dropPrivileges then "consul" else null;
|
||||
};
|
||||
} // (optionalAttrs (cfg.leaveOnStop) {
|
||||
ExecStop = "${pkgs.consul}/bin/consul leave";
|
||||
});
|
||||
|
||||
path = with pkgs; [ iproute gnugrep gawk ];
|
||||
path = with pkgs; [ iproute gnugrep gawk consul ];
|
||||
preStart = ''
|
||||
mkdir -m 0700 -p ${dataDir}
|
||||
chown -R consul ${dataDir}
|
||||
@ -160,6 +189,18 @@ in
|
||||
echo " \"\": \"\"" >> /etc/consul-addrs.json
|
||||
echo "}" >> /etc/consul-addrs.json
|
||||
'';
|
||||
postStart = ''
|
||||
# Issues joins to nodes which we statically connect to
|
||||
${flip concatMapStrings cfg.joinNodes (addr: ''
|
||||
for i in {0..${toString cfg.joinRetries}}; do
|
||||
# Try to join the other nodes ${toString cfg.joinRetries} times before failing
|
||||
consul join "${addr}" && break
|
||||
sleep 1
|
||||
done &
|
||||
'')}
|
||||
wait
|
||||
exit 0
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
|
@ -458,8 +458,9 @@ in
|
||||
|
||||
systemd.services.firewall = {
|
||||
description = "Firewall";
|
||||
wantedBy = [ "network.target" ];
|
||||
after = [ "network-interfaces.target" "systemd-modules-load.service" ];
|
||||
wantedBy = [ "network-pre.target" ];
|
||||
before = [ "network-pre.target" ];
|
||||
after = [ "systemd-modules-load.service" ];
|
||||
|
||||
path = [ pkgs.iptables ];
|
||||
|
||||
|
@ -44,6 +44,8 @@ in
|
||||
path = [ pkgs.iptables pkgs.tcpcrypt pkgs.procps ];
|
||||
|
||||
preStart = ''
|
||||
mkdir -p /var/run/tcpcryptd
|
||||
chown tcpcryptd /var/run/tcpcryptd
|
||||
sysctl -n net.ipv4.tcp_ecn >/run/pre-tcpcrypt-ecn-state
|
||||
sysctl -w net.ipv4.tcp_ecn=0
|
||||
|
||||
|
@ -48,6 +48,7 @@ in
|
||||
systemd.mounts = map ({ what, where }: {
|
||||
bindsTo = [ "unifi.service" ];
|
||||
partOf = [ "unifi.service" ];
|
||||
unitConfig.RequiresMountsFor = stateDir;
|
||||
options = "bind";
|
||||
what = what;
|
||||
where = where;
|
||||
@ -59,6 +60,7 @@ in
|
||||
after = [ "network.target" ] ++ systemdMountPoints;
|
||||
partOf = systemdMountPoints;
|
||||
bindsTo = systemdMountPoints;
|
||||
unitConfig.RequiresMountsFor = stateDir;
|
||||
|
||||
preStart = ''
|
||||
# Ensure privacy of state
|
||||
|
54
nixos/modules/services/scheduling/chronos.nix
Normal file
54
nixos/modules/services/scheduling/chronos.nix
Normal file
@ -0,0 +1,54 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.chronos;
|
||||
|
||||
in {
|
||||
|
||||
###### interface
|
||||
|
||||
options.services.chronos = {
|
||||
enable = mkOption {
|
||||
description = "Whether to enable graphite web frontend.";
|
||||
default = false;
|
||||
type = types.uniq types.bool;
|
||||
};
|
||||
|
||||
httpPort = mkOption {
|
||||
description = "Chronos listening port";
|
||||
default = 8080;
|
||||
type = types.int;
|
||||
};
|
||||
|
||||
master = mkOption {
|
||||
description = "Chronos mesos master zookeeper address";
|
||||
default = "zk://${head cfg.zookeeperHosts}/mesos";
|
||||
type = types.str;
|
||||
};
|
||||
|
||||
zookeeperHosts = mkOption {
|
||||
description = "Chronos mesos zookepper addresses";
|
||||
default = [ "localhost:2181" ];
|
||||
type = types.listOf types.str;
|
||||
};
|
||||
};
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
systemd.services.chronos = {
|
||||
description = "Chronos Service";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network-interfaces.target" "zookeeper.service" ];
|
||||
|
||||
serviceConfig = {
|
||||
ExecStart = "${pkgs.chronos}/bin/chronos --master ${cfg.master} --zk_hosts ${concatStringsSep "," cfg.zookeeperHosts} --http_port ${toString cfg.httpPort}";
|
||||
User = "chronos";
|
||||
};
|
||||
};
|
||||
|
||||
users.extraUsers.chronos.uid = config.ids.uids.chronos;
|
||||
};
|
||||
}
|
@ -3,120 +3,116 @@
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
inherit (pkgs) tor privoxy;
|
||||
|
||||
stateDir = "/var/lib/tor";
|
||||
privoxyDir = stateDir+"/privoxy";
|
||||
|
||||
cfg = config.services.tor;
|
||||
torDirectory = "/var/lib/tor";
|
||||
|
||||
torUser = "tor";
|
||||
opt = name: value: optionalString (value != null) "${name} ${value}";
|
||||
optint = name: value: optionalString (value != 0) "${name} ${toString value}";
|
||||
|
||||
opt = name: value: if value != "" then "${name} ${value}" else "";
|
||||
optint = name: value: if value != 0 then "${name} ${toString value}" else "";
|
||||
torRc = ''
|
||||
User tor
|
||||
DataDirectory ${torDirectory}
|
||||
|
||||
${optint "ControlPort" cfg.controlPort}
|
||||
''
|
||||
# Client connection config
|
||||
+ optionalString cfg.client.enable ''
|
||||
SOCKSPort ${cfg.client.socksListenAddress}
|
||||
${opt "SocksPolicy" cfg.client.socksPolicy}
|
||||
''
|
||||
# Relay config
|
||||
+ optionalString cfg.relay.enable ''
|
||||
ORPort ${cfg.relay.portSpec}
|
||||
${opt "Nickname" cfg.relay.nickname}
|
||||
${opt "ContactInfo" cfg.relay.contactInfo}
|
||||
|
||||
${optint "RelayBandwidthRate" cfg.relay.bandwidthRate}
|
||||
${optint "RelayBandwidthBurst" cfg.relay.bandwidthBurst}
|
||||
${opt "AccountingMax" cfg.relay.accountingMax}
|
||||
${opt "AccountingStart" cfg.relay.accountingStart}
|
||||
|
||||
${if cfg.relay.isExit then
|
||||
opt "ExitPolicy" cfg.relay.exitPolicy
|
||||
else
|
||||
"ExitPolicy reject *:*"}
|
||||
|
||||
${optionalString cfg.relay.isBridge ''
|
||||
BridgeRelay 1
|
||||
ServerTransportPlugin obfs2,obfs3 exec ${pkgs.pythonPackages.obfsproxy}/bin/obfsproxy managed
|
||||
''}
|
||||
''
|
||||
+ cfg.extraConfig;
|
||||
|
||||
torRcFile = pkgs.writeText "torrc" torRc;
|
||||
in
|
||||
|
||||
{
|
||||
|
||||
###### interface
|
||||
|
||||
options = {
|
||||
|
||||
services.tor = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Enable the Tor daemon. By default, the daemon is run without
|
||||
relay, exit, bridge or client connectivity.
|
||||
'';
|
||||
};
|
||||
|
||||
config = mkOption {
|
||||
extraConfig = mkOption {
|
||||
type = types.lines;
|
||||
default = "";
|
||||
description = ''
|
||||
Extra configuration. Contents will be added verbatim to the
|
||||
configuration file.
|
||||
configuration file at the end.
|
||||
'';
|
||||
};
|
||||
|
||||
controlPort = mkOption {
|
||||
type = types.int;
|
||||
default = 0;
|
||||
example = 9051;
|
||||
description = ''
|
||||
If set, Tor will accept connections on the specified port
|
||||
and allow them to control the tor process.
|
||||
'';
|
||||
};
|
||||
|
||||
client = {
|
||||
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to enable Tor daemon to route application connections.
|
||||
You might want to disable this if you plan running a dedicated Tor relay.
|
||||
Whether to enable Tor daemon to route application
|
||||
connections. You might want to disable this if you plan
|
||||
running a dedicated Tor relay.
|
||||
'';
|
||||
};
|
||||
|
||||
socksListenAddress = mkOption {
|
||||
type = types.str;
|
||||
default = "127.0.0.1:9050";
|
||||
example = "192.168.0.1:9100";
|
||||
description = ''
|
||||
Bind to this address to listen for connections from Socks-speaking
|
||||
applications.
|
||||
'';
|
||||
};
|
||||
|
||||
socksListenAddressFaster = mkOption {
|
||||
default = "127.0.0.1:9063";
|
||||
description = ''
|
||||
Same as socksListenAddress but uses weaker circuit isolation to provide
|
||||
performance suitable for a web browser.
|
||||
Bind to this address to listen for connections from
|
||||
Socks-speaking applications.
|
||||
'';
|
||||
};
|
||||
|
||||
socksPolicy = mkOption {
|
||||
default = "";
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
example = "accept 192.168.0.0/16, reject *";
|
||||
description = ''
|
||||
Entry policies to allow/deny SOCKS requests based on IP address.
|
||||
First entry that matches wins. If no SocksPolicy is set, we accept
|
||||
all (and only) requests from SocksListenAddress.
|
||||
Entry policies to allow/deny SOCKS requests based on IP
|
||||
address. First entry that matches wins. If no SocksPolicy
|
||||
is set, we accept all (and only) requests from
|
||||
SocksListenAddress.
|
||||
'';
|
||||
};
|
||||
|
||||
privoxy = {
|
||||
|
||||
enable = mkOption {
|
||||
default = true;
|
||||
description = ''
|
||||
Whether to enable a special instance of privoxy dedicated to Tor.
|
||||
To have anonymity, protocols need to be scrubbed of identifying
|
||||
information.
|
||||
Most people using Tor want to anonymize their web traffic, so by
|
||||
default we enable an special instance of privoxy specifically for
|
||||
Tor.
|
||||
However, if you are only going to use Tor only for other kinds of
|
||||
traffic then you can disable this option.
|
||||
'';
|
||||
};
|
||||
|
||||
listenAddress = mkOption {
|
||||
default = "127.0.0.1:8118";
|
||||
description = ''
|
||||
Address that Tor's instance of privoxy is listening to.
|
||||
*This does not configure the standard NixOS instance of privoxy.*
|
||||
This is for Tor connections only!
|
||||
See services.privoxy.listenAddress to configure the standard NixOS
|
||||
instace of privoxy.
|
||||
'';
|
||||
};
|
||||
|
||||
config = mkOption {
|
||||
default = "";
|
||||
description = ''
|
||||
Extra configuration for Tor's instance of privoxy. Contents will be
|
||||
added verbatim to the configuration file.
|
||||
*This does not configure the standard NixOS instance of privoxy.*
|
||||
This is for Tor connections only!
|
||||
See services.privoxy.extraConfig to configure the standard NixOS
|
||||
instace of privoxy.
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
relay = {
|
||||
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to enable relaying TOR traffic for others.
|
||||
@ -126,16 +122,19 @@ in
|
||||
};
|
||||
|
||||
isBridge = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Bridge relays (or "bridges" ) are Tor relays that aren't listed in the
|
||||
main directory. Since there is no complete public list of them, even if an
|
||||
ISP is filtering connections to all the known Tor relays, they probably
|
||||
Bridge relays (or "bridges") are Tor relays that aren't
|
||||
listed in the main directory. Since there is no complete
|
||||
public list of them, even if an ISP is filtering
|
||||
connections to all the known Tor relays, they probably
|
||||
won't be able to block all the bridges.
|
||||
|
||||
A bridge relay can't be an exit relay.
|
||||
|
||||
You need to set relay.enable to true for this option to take effect.
|
||||
You need to set relay.enable to true for this option to
|
||||
take effect.
|
||||
|
||||
The bridge is set up with an obfuscated transport proxy.
|
||||
|
||||
@ -144,25 +143,72 @@ in
|
||||
};
|
||||
|
||||
isExit = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
An exit relay allows Tor users to access regular Internet services.
|
||||
An exit relay allows Tor users to access regular Internet
|
||||
services.
|
||||
|
||||
Unlike running a non-exit relay, running an exit relay may expose
|
||||
you to abuse complaints. See https://www.torproject.org/faq.html.en#ExitPolicies for more info.
|
||||
Unlike running a non-exit relay, running an exit relay may
|
||||
expose you to abuse complaints. See
|
||||
https://www.torproject.org/faq.html.en#ExitPolicies for
|
||||
more info.
|
||||
|
||||
You can specify which services Tor users may access via your exit relay using exitPolicy option.
|
||||
You can specify which services Tor users may access via
|
||||
your exit relay using exitPolicy option.
|
||||
'';
|
||||
};
|
||||
|
||||
nickname = mkOption {
|
||||
type = types.str;
|
||||
default = "anonymous";
|
||||
description = ''
|
||||
A unique handle for your TOR relay.
|
||||
'';
|
||||
};
|
||||
|
||||
contactInfo = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
example = "admin@relay.com";
|
||||
description = ''
|
||||
Contact information for the relay owner (e.g. a mail
|
||||
address and GPG key ID).
|
||||
'';
|
||||
};
|
||||
|
||||
accountingMax = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
example = "450 GBytes";
|
||||
description = ''
|
||||
Specify maximum bandwidth allowed during an accounting
|
||||
period. This allows you to limit overall tor bandwidth
|
||||
over some time period. See the
|
||||
<literal>AccountingMax</literal> option by looking at the
|
||||
tor manual (<literal>man tor</literal>) for more.
|
||||
|
||||
Note this limit applies individually to upload and
|
||||
download; if you specify <literal>"500 GBytes"</literal>
|
||||
here, then you may transfer up to 1 TBytes of overall
|
||||
bandwidth (500 GB upload, 500 GB download).
|
||||
'';
|
||||
};
|
||||
|
||||
accountingStart = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
example = "month 1 1:00";
|
||||
description = ''
|
||||
Specify length of an accounting period. This allows you to
|
||||
limit overall tor bandwidth over some time period. See the
|
||||
<literal>AccountingStart</literal> option by looking at
|
||||
the tor manual (<literal>man tor</literal>) for more.
|
||||
'';
|
||||
};
|
||||
|
||||
bandwidthRate = mkOption {
|
||||
type = types.int;
|
||||
default = 0;
|
||||
example = 100;
|
||||
description = ''
|
||||
@ -172,6 +218,7 @@ in
|
||||
};
|
||||
|
||||
bandwidthBurst = mkOption {
|
||||
type = types.int;
|
||||
default = cfg.relay.bandwidthRate;
|
||||
example = 200;
|
||||
description = ''
|
||||
@ -181,143 +228,99 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
default = 9001;
|
||||
portSpec = mkOption {
|
||||
type = types.str;
|
||||
example = "143";
|
||||
description = ''
|
||||
What port to advertise for Tor connections.
|
||||
'';
|
||||
};
|
||||
What port to advertise for Tor connections. This corresponds
|
||||
to the <literal>ORPort</literal> section in the Tor manual; see
|
||||
<literal>man tor</literal> for more details.
|
||||
|
||||
listenAddress = mkOption {
|
||||
default = "";
|
||||
example = "0.0.0.0:9090";
|
||||
description = ''
|
||||
Set this if you need to listen on a port other than the one advertised
|
||||
in relayPort (e.g. to advertise 443 but bind to 9090). You'll need to do
|
||||
ipchains or other port forwsarding yourself to make this work.
|
||||
At a minimum, you should just specify the port for the
|
||||
relay to listen on; a common one like 143, 22, 80, or 443
|
||||
to help Tor users who may have very restrictive port-based
|
||||
firewalls.
|
||||
'';
|
||||
};
|
||||
|
||||
exitPolicy = mkOption {
|
||||
default = "";
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
example = "accept *:6660-6667,reject *:*";
|
||||
description = ''
|
||||
A comma-separated list of exit policies. They're considered first
|
||||
to last, and the first match wins. If you want to _replace_
|
||||
the default exit policy, end this with either a reject *:* or an
|
||||
accept *:*. Otherwise, you're _augmenting_ (prepending to) the
|
||||
default exit policy. Leave commented to just use the default, which is
|
||||
available in the man page or at https://www.torproject.org/documentation.html
|
||||
A comma-separated list of exit policies. They're
|
||||
considered first to last, and the first match wins. If you
|
||||
want to _replace_ the default exit policy, end this with
|
||||
either a reject *:* or an accept *:*. Otherwise, you're
|
||||
_augmenting_ (prepending to) the default exit
|
||||
policy. Leave commented to just use the default, which is
|
||||
available in the man page or at
|
||||
https://www.torproject.org/documentation.html
|
||||
|
||||
Look at https://www.torproject.org/faq-abuse.html#TypicalAbuses
|
||||
for issues you might encounter if you use the default exit policy.
|
||||
|
||||
If certain IPs and ports are blocked externally, e.g. by your firewall,
|
||||
you should update your exit policy to reflect this -- otherwise Tor
|
||||
users will be told that those destinations are down.
|
||||
If certain IPs and ports are blocked externally, e.g. by
|
||||
your firewall, you should update your exit policy to
|
||||
reflect this -- otherwise Tor users will be told that
|
||||
those destinations are down.
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf (cfg.client.enable || cfg.relay.enable) {
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
assertions = singleton
|
||||
{ assertion = cfg.relay.enable -> !(cfg.relay.isBridge && cfg.relay.isExit);
|
||||
message = "Can't be both an exit and a bridge relay at the same time";
|
||||
{ message = "Can't be both an exit and a bridge relay at the same time";
|
||||
assertion =
|
||||
cfg.relay.enable -> !(cfg.relay.isBridge && cfg.relay.isExit);
|
||||
};
|
||||
|
||||
users.extraUsers = singleton
|
||||
{ name = torUser;
|
||||
uid = config.ids.uids.tor;
|
||||
description = "Tor daemon user";
|
||||
home = stateDir;
|
||||
users.extraGroups.tor.gid = config.ids.gids.tor;
|
||||
users.extraUsers.tor =
|
||||
{ description = "Tor Daemon User";
|
||||
createHome = true;
|
||||
home = torDirectory;
|
||||
group = "tor";
|
||||
uid = config.ids.uids.tor;
|
||||
};
|
||||
|
||||
jobs = {
|
||||
tor = { name = "tor";
|
||||
systemd.services.tor =
|
||||
{ description = "Tor Daemon";
|
||||
path = [ pkgs.tor ];
|
||||
|
||||
startOn = "started network-interfaces";
|
||||
stopOn = "stopping network-interfaces";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network.target" ];
|
||||
restartTriggers = [ torRcFile ];
|
||||
|
||||
preStart = ''
|
||||
mkdir -m 0755 -p ${stateDir}
|
||||
chown ${torUser} ${stateDir}
|
||||
'';
|
||||
exec = "${tor}/bin/tor -f ${pkgs.writeText "torrc" cfg.config}";
|
||||
}; }
|
||||
// optionalAttrs (cfg.client.privoxy.enable && cfg.client.enable) {
|
||||
torPrivoxy = { name = "tor-privoxy";
|
||||
# Translated from the upstream contrib/dist/tor.service.in
|
||||
serviceConfig =
|
||||
{ Type = "simple";
|
||||
ExecStartPre = "${pkgs.tor}/bin/tor -f ${torRcFile} --verify-config";
|
||||
ExecStart = "${pkgs.tor}/bin/tor -f ${torRcFile} --RunAsDaemon 0";
|
||||
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
|
||||
KillSignal = "SIGINT";
|
||||
TimeoutSec = 30;
|
||||
Restart = "on-failure";
|
||||
LimitNOFILE = 32768;
|
||||
|
||||
startOn = "started network-interfaces";
|
||||
stopOn = "stopping network-interfaces";
|
||||
|
||||
preStart = ''
|
||||
mkdir -m 0755 -p ${privoxyDir}
|
||||
chown ${torUser} ${privoxyDir}
|
||||
'';
|
||||
exec = "${privoxy}/sbin/privoxy --no-daemon --user ${torUser} ${pkgs.writeText "torPrivoxy.conf" cfg.client.privoxy.config}";
|
||||
}; };
|
||||
|
||||
services.tor.config = ''
|
||||
DataDirectory ${stateDir}
|
||||
User ${torUser}
|
||||
''
|
||||
+ optionalString cfg.client.enable ''
|
||||
SOCKSPort ${cfg.client.socksListenAddress} IsolateDestAddr
|
||||
SOCKSPort ${cfg.client.socksListenAddressFaster}
|
||||
${opt "SocksPolicy" cfg.client.socksPolicy}
|
||||
''
|
||||
+ optionalString cfg.relay.enable ''
|
||||
ORPort ${toString cfg.relay.port}
|
||||
${opt "ORListenAddress" cfg.relay.listenAddress }
|
||||
${opt "Nickname" cfg.relay.nickname}
|
||||
${optint "RelayBandwidthRate" cfg.relay.bandwidthRate}
|
||||
${optint "RelayBandwidthBurst" cfg.relay.bandwidthBurst}
|
||||
${if cfg.relay.isExit then opt "ExitPolicy" cfg.relay.exitPolicy else "ExitPolicy reject *:*"}
|
||||
${if cfg.relay.isBridge then ''
|
||||
BridgeRelay 1
|
||||
ServerTransportPlugin obfs2,obfs3 exec ${pkgs.pythonPackages.obfsproxy}/bin/obfsproxy managed
|
||||
'' else ""}
|
||||
'';
|
||||
|
||||
services.tor.client.privoxy.config = ''
|
||||
# Generally, this file goes in /etc/privoxy/config
|
||||
#
|
||||
# Tor listens as a SOCKS4a proxy here:
|
||||
forward-socks4a / ${cfg.client.socksListenAddressFaster} .
|
||||
confdir ${privoxy}/etc
|
||||
logdir ${privoxyDir}
|
||||
# actionsfile standard # Internal purpose, recommended
|
||||
actionsfile default.action # Main actions file
|
||||
actionsfile user.action # User customizations
|
||||
filterfile default.filter
|
||||
|
||||
# Don't log interesting things, only startup messages, warnings and errors
|
||||
logfile logfile
|
||||
#jarfile jarfile
|
||||
#debug 0 # show each GET/POST/CONNECT request
|
||||
debug 4096 # Startup banner and warnings
|
||||
debug 8192 # Errors - *we highly recommended enabling this*
|
||||
|
||||
user-manual ${privoxy}/doc/privoxy/user-manual
|
||||
listen-address ${cfg.client.privoxy.listenAddress}
|
||||
toggle 1
|
||||
enable-remote-toggle 0
|
||||
enable-edit-actions 0
|
||||
enable-remote-http-toggle 0
|
||||
buffer-limit 4096
|
||||
|
||||
# Extra config goes here
|
||||
'';
|
||||
# Hardening
|
||||
# Note: DevicePolicy is set to 'closed', although the
|
||||
# minimal permissions are really:
|
||||
# DeviceAllow /dev/null rw
|
||||
# DeviceAllow /dev/urandom r
|
||||
# .. but we can't specify DeviceAllow multiple times. 'closed'
|
||||
# is close enough.
|
||||
PrivateTmp = "yes";
|
||||
DevicePolicy = "closed";
|
||||
InaccessibleDirectories = "/home";
|
||||
ReadOnlyDirectories = "/";
|
||||
ReadWriteDirectories = torDirectory;
|
||||
NoNewPrivileges = "yes";
|
||||
};
|
||||
};
|
||||
|
||||
environment.systemPackages = [ pkgs.tor ];
|
||||
};
|
||||
|
||||
}
|
||||
|
@ -1,69 +0,0 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
with lib;
|
||||
let
|
||||
|
||||
cfg = config.services.tor;
|
||||
|
||||
torify = pkgs.writeTextFile {
|
||||
name = "torify";
|
||||
text = ''
|
||||
#!${pkgs.stdenv.shell}
|
||||
TSOCKS_CONF_FILE=${pkgs.writeText "tsocks.conf" cfg.torify.config} LD_PRELOAD="${pkgs.tsocks}/lib/libtsocks.so $LD_PRELOAD" "$@"
|
||||
'';
|
||||
executable = true;
|
||||
destination = "/bin/torify";
|
||||
};
|
||||
|
||||
in
|
||||
|
||||
{
|
||||
|
||||
###### interface
|
||||
|
||||
options = {
|
||||
|
||||
services.tor.torify = {
|
||||
|
||||
enable = mkOption {
|
||||
default = cfg.client.enable;
|
||||
description = ''
|
||||
Whether to build torify scipt to relay application traffic via TOR.
|
||||
'';
|
||||
};
|
||||
|
||||
server = mkOption {
|
||||
default = "localhost:9050";
|
||||
example = "192.168.0.20";
|
||||
description = ''
|
||||
IP address of TOR client to use.
|
||||
'';
|
||||
};
|
||||
|
||||
config = mkOption {
|
||||
default = "";
|
||||
description = ''
|
||||
Extra configuration. Contents will be added verbatim to TSocks
|
||||
configuration file.
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf cfg.torify.enable {
|
||||
|
||||
environment.systemPackages = [ torify ]; # expose it to the users
|
||||
|
||||
services.tor.torify.config = ''
|
||||
server = ${toString(head (splitString ":" cfg.torify.server))}
|
||||
server_port = ${toString(tail (splitString ":" cfg.torify.server))}
|
||||
|
||||
local = 127.0.0.0/255.128.0.0
|
||||
local = 127.128.0.0/255.192.0.0
|
||||
'';
|
||||
};
|
||||
|
||||
}
|
@ -1,85 +1,100 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.tor.torsocks;
|
||||
optionalNullStr = b: v: optionalString (b != null) v;
|
||||
|
||||
cfg = config.services.tor;
|
||||
configFile = ''
|
||||
TorAddress ${toString (head (splitString ":" cfg.server))}
|
||||
TorPort ${toString (tail (splitString ":" cfg.server))}
|
||||
|
||||
makeConfig = server: ''
|
||||
server = ${toString(head (splitString ":" server))}
|
||||
server_port = ${toString(tail (splitString ":" server))}
|
||||
OnionAddrRange ${cfg.onionAddrRange}
|
||||
|
||||
local = 127.0.0.0/255.128.0.0
|
||||
local = 127.128.0.0/255.192.0.0
|
||||
local = 169.254.0.0/255.255.0.0
|
||||
local = 172.16.0.0/255.240.0.0
|
||||
local = 192.168.0.0/255.255.0.0
|
||||
${optionalNullStr cfg.socks5Username
|
||||
"SOCKS5Username ${cfg.socks5Username}"}
|
||||
${optionalNullStr cfg.socks5Password
|
||||
"SOCKS5Password ${cfg.socks5Password}"}
|
||||
|
||||
${cfg.torsocks.config}
|
||||
'';
|
||||
makeTorsocks = name: server: pkgs.writeTextFile {
|
||||
name = name;
|
||||
text = ''
|
||||
#!${pkgs.stdenv.shell}
|
||||
TORSOCKS_CONF_FILE=${pkgs.writeText "torsocks.conf" (makeConfig server)} LD_PRELOAD="${pkgs.torsocks}/lib/torsocks/libtorsocks.so $LD_PRELOAD" "$@"
|
||||
'';
|
||||
executable = true;
|
||||
destination = "/bin/${name}";
|
||||
};
|
||||
|
||||
torsocks = makeTorsocks "torsocks" cfg.torsocks.server;
|
||||
torsocksFaster = makeTorsocks "torsocks-faster" cfg.torsocks.serverFaster;
|
||||
AllowInbound ${if cfg.allowInbound then "1" else "0"}
|
||||
'';
|
||||
in
|
||||
|
||||
{
|
||||
|
||||
###### interface
|
||||
|
||||
options = {
|
||||
|
||||
services.tor.torsocks = {
|
||||
|
||||
enable = mkOption {
|
||||
default = cfg.client.enable;
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to build torsocks scipt to relay application traffic via TOR.
|
||||
Whether to build <literal>/etc/tor/torsocks.conf</literal>
|
||||
containing the specified global torsocks configuration.
|
||||
'';
|
||||
};
|
||||
|
||||
server = mkOption {
|
||||
default = cfg.client.socksListenAddress;
|
||||
example = "192.168.0.20:9050";
|
||||
type = types.str;
|
||||
default = "127.0.0.1:9050";
|
||||
example = "192.168.0.20:1234";
|
||||
description = ''
|
||||
IP address of TOR client to use.
|
||||
IP/Port of the Tor SOCKS server. Currently, hostnames are
|
||||
NOT supported by torsocks.
|
||||
'';
|
||||
};
|
||||
|
||||
serverFaster = mkOption {
|
||||
default = cfg.client.socksListenAddressFaster;
|
||||
example = "192.168.0.20:9063";
|
||||
onionAddrRange = mkOption {
|
||||
type = types.str;
|
||||
default = "127.42.42.0/24";
|
||||
description = ''
|
||||
IP address of TOR client to use for applications like web browsers which
|
||||
need less circuit isolation to achive satisfactory performance.
|
||||
Tor hidden sites do not have real IP addresses. This
|
||||
specifies what range of IP addresses will be handed to the
|
||||
application as "cookies" for .onion names. Of course, you
|
||||
should pick a block of addresses which you aren't going to
|
||||
ever need to actually connect to. This is similar to the
|
||||
MapAddress feature of the main tor daemon.
|
||||
'';
|
||||
};
|
||||
|
||||
config = mkOption {
|
||||
default = "";
|
||||
socks5Username = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
example = "bob";
|
||||
description = ''
|
||||
Extra configuration. Contents will be added verbatim to torsocks
|
||||
configuration file.
|
||||
SOCKS5 username. The <literal>TORSOCKS_USERNAME</literal>
|
||||
environment variable overrides this option if it is set.
|
||||
'';
|
||||
};
|
||||
|
||||
socks5Password = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
example = "sekret";
|
||||
description = ''
|
||||
SOCKS5 password. The <literal>TORSOCKS_PASSWORD</literal>
|
||||
environment variable overrides this option if it is set.
|
||||
'';
|
||||
};
|
||||
|
||||
allowInbound = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Set Torsocks to accept inbound connections. If set to
|
||||
<literal>true</literal>, listen() and accept() will be
|
||||
allowed to be used with non localhost address.
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf cfg.torsocks.enable {
|
||||
|
||||
environment.systemPackages = [ torsocks torsocksFaster ]; # expose it to the users
|
||||
config = mkIf cfg.enable {
|
||||
environment.systemPackages = [ pkgs.torsocks ];
|
||||
|
||||
environment.etc =
|
||||
[ { source = pkgs.writeText "torsocks.conf" configFile;
|
||||
target = "tor/torsocks.conf";
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
}
|
||||
|
63
nixos/modules/services/torrent/peerflix.nix
Normal file
63
nixos/modules/services/torrent/peerflix.nix
Normal file
@ -0,0 +1,63 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.peerflix;
|
||||
|
||||
configFile = pkgs.writeText "peerflix-config.json" ''
|
||||
{
|
||||
"connections": 50,
|
||||
"tmp": "${cfg.downloadDir}"
|
||||
}
|
||||
'';
|
||||
|
||||
in {
|
||||
|
||||
###### interface
|
||||
|
||||
options.services.peerflix = {
|
||||
enable = mkOption {
|
||||
description = "Whether to enable peerflix service.";
|
||||
default = false;
|
||||
type = types.uniq types.bool;
|
||||
};
|
||||
|
||||
stateDir = mkOption {
|
||||
description = "Peerflix state directory.";
|
||||
default = "/var/lib/peerflix";
|
||||
type = types.path;
|
||||
};
|
||||
|
||||
downloadDir = mkOption {
|
||||
description = "Peerflix temporary download directory.";
|
||||
default = "${cfg.stateDir}/torrents";
|
||||
type = types.path;
|
||||
};
|
||||
};
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
systemd.services.peerflix = {
|
||||
description = "Peerflix Daemon";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network-interfaces.target" ];
|
||||
environment.HOME = cfg.stateDir;
|
||||
|
||||
preStart = ''
|
||||
mkdir -p "${cfg.stateDir}"/{torrents,.config/peerflix-server}
|
||||
if [ "$(id -u)" = 0 ]; then chown -R peerflix "${cfg.stateDir}"; fi
|
||||
ln -fs "${configFile}" "${cfg.stateDir}/.config/peerflix-server/config.json"
|
||||
'';
|
||||
|
||||
serviceConfig = {
|
||||
ExecStart = "${pkgs.nodePackages.peerflix-server}/bin/peerflix-server";
|
||||
PermissionsStartOnly = true;
|
||||
User = "peerflix";
|
||||
};
|
||||
};
|
||||
|
||||
users.extraUsers.peerflix.uid = config.ids.uids.peerflix;
|
||||
};
|
||||
}
|
@ -23,6 +23,7 @@ in
|
||||
services.nginx = {
|
||||
enable = mkOption {
|
||||
default = false;
|
||||
type = types.bool;
|
||||
description = "
|
||||
Enable the nginx Web Server.
|
||||
";
|
||||
@ -70,11 +71,13 @@ in
|
||||
};
|
||||
|
||||
user = mkOption {
|
||||
type = types.str;
|
||||
default = "nginx";
|
||||
description = "User account under which nginx runs.";
|
||||
};
|
||||
|
||||
group = mkOption {
|
||||
type = types.str;
|
||||
default = "nginx";
|
||||
description = "Group account under which nginx runs.";
|
||||
};
|
||||
|
@ -23,6 +23,17 @@ let
|
||||
pathsToLink = [ "/" ];
|
||||
};
|
||||
|
||||
fontconfig = config.fonts.fontconfig;
|
||||
xresourcesXft = pkgs.writeText "Xresources-Xft" ''
|
||||
${optionalString (fontconfig.dpi != 0) ''Xft.dpi: ${fontconfig.dpi}''}
|
||||
Xft.antialias: ${if fontconfig.antialias then "1" else "0"}
|
||||
Xft.rgba: ${fontconfig.subpixel.rgba}
|
||||
Xft.lcdfilter: lcd${fontconfig.subpixel.lcdfilter}
|
||||
Xft.hinting: ${if fontconfig.hinting.enable then "1" else "0"}
|
||||
Xft.autohint: ${if fontconfig.hinting.autohint then "1" else "0"}
|
||||
Xft.hintstyle: hint${fontconfig.hinting.style}
|
||||
'';
|
||||
|
||||
# file provided by services.xserver.displayManager.session.script
|
||||
xsession = wm: dm: pkgs.writeScript "xsession"
|
||||
''
|
||||
@ -79,6 +90,7 @@ let
|
||||
''}
|
||||
|
||||
# Load X defaults.
|
||||
${xorg.xrdb}/bin/xrdb -merge ${xresourcesXft}
|
||||
if test -e ~/.Xresources; then
|
||||
${xorg.xrdb}/bin/xrdb -merge ~/.Xresources
|
||||
elif test -e ~/.Xdefaults; then
|
||||
|
@ -341,8 +341,9 @@ addEntry("NixOS - Default", $defaultConfig);
|
||||
|
||||
$conf .= "$extraEntries\n" unless $extraEntriesBeforeNixOS;
|
||||
|
||||
my $grubBootPath = $grubBoot->path;
|
||||
# extraEntries could refer to @bootRoot@, which we have to substitute
|
||||
$conf =~ s/\@bootRoot\@/$grubBoot->path/g;
|
||||
$conf =~ s/\@bootRoot\@/$grubBootPath/g;
|
||||
|
||||
# Emit submenus for all system profiles.
|
||||
sub addProfile {
|
||||
|
64
nixos/modules/system/boot/loader/grub/ipxe.nix
Normal file
64
nixos/modules/system/boot/loader/grub/ipxe.nix
Normal file
@ -0,0 +1,64 @@
|
||||
# This module adds a scripted iPXE entry to the GRUB boot menu.
|
||||
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
scripts = builtins.attrNames config.boot.loader.grub.ipxe;
|
||||
|
||||
grubEntry = name:
|
||||
''
|
||||
menuentry "iPXE - ${name}" {
|
||||
linux16 @bootRoot@/ipxe.lkrn
|
||||
initrd16 @bootRoot@/${name}.ipxe
|
||||
}
|
||||
|
||||
'';
|
||||
|
||||
scriptFile = name:
|
||||
let
|
||||
value = builtins.getAttr name config.boot.loader.grub.ipxe;
|
||||
in
|
||||
if builtins.typeOf value == "path" then value
|
||||
else builtins.toFile "${name}.ipxe" value;
|
||||
in
|
||||
{
|
||||
options =
|
||||
{ boot.loader.grub.ipxe = mkOption {
|
||||
type = types.attrsOf (types.either types.path types.str);
|
||||
description =
|
||||
''
|
||||
Set of iPXE scripts available for
|
||||
booting from the GRUB boot menu.
|
||||
'';
|
||||
default = { };
|
||||
example = literalExample ''
|
||||
{ demo = '''
|
||||
#!ipxe
|
||||
dhcp
|
||||
chain http://boot.ipxe.org/demo/boot.php
|
||||
''';
|
||||
};
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf (builtins.length scripts != 0) {
|
||||
|
||||
boot.loader.grub.extraEntries =
|
||||
if config.boot.loader.grub.version == 2 then
|
||||
toString (map grubEntry scripts)
|
||||
else
|
||||
throw "iPXE is not supported with GRUB 1.";
|
||||
|
||||
boot.loader.grub.extraFiles =
|
||||
{ "ipxe.lkrn" = "${pkgs.ipxe}/ipxe.lkrn"; }
|
||||
//
|
||||
builtins.listToAttrs ( map
|
||||
(name: { name = name+".ipxe"; value = scriptFile name; })
|
||||
scripts
|
||||
);
|
||||
};
|
||||
|
||||
}
|
@ -36,6 +36,7 @@ let
|
||||
"graphical.target"
|
||||
"multi-user.target"
|
||||
"network.target"
|
||||
"network-pre.target"
|
||||
"network-online.target"
|
||||
"nss-lookup.target"
|
||||
"nss-user-lookup.target"
|
||||
@ -347,7 +348,8 @@ let
|
||||
[Service]
|
||||
${let env = cfg.globalEnvironment // def.environment;
|
||||
in concatMapStrings (n:
|
||||
let s = "Environment=\"${n}=${env.${n}}\"\n";
|
||||
let s = optionalString (env."${n}" != null)
|
||||
"Environment=\"${n}=${env.${n}}\"\n";
|
||||
in if stringLength s >= 2048 then throw "The value of the environment variable ‘${n}’ in systemd service ‘${name}.service’ is too long." else s) (attrNames env)}
|
||||
${if def.reloadIfChanged then ''
|
||||
X-ReloadIfChanged=true
|
||||
@ -947,6 +949,16 @@ in
|
||||
|
||||
systemd.targets.network-online.after = [ "ip-up.target" ];
|
||||
|
||||
systemd.targets.network-pre = {
|
||||
wantedBy = [ "network.target" ];
|
||||
before = [ "network.target" ];
|
||||
};
|
||||
|
||||
systemd.targets.remote-fs-pre = {
|
||||
wantedBy = [ "remote-fs.target" ];
|
||||
before = [ "remote-fs.target" ];
|
||||
};
|
||||
|
||||
systemd.units =
|
||||
mapAttrs' (n: v: nameValuePair "${n}.target" (targetToUnit n v)) cfg.targets
|
||||
// mapAttrs' (n: v: nameValuePair "${n}.service" (serviceToUnit n v)) cfg.services
|
||||
@ -986,6 +998,15 @@ in
|
||||
users.extraUsers.systemd-journal-gateway.uid = config.ids.uids.systemd-journal-gateway;
|
||||
users.extraGroups.systemd-journal-gateway.gid = config.ids.gids.systemd-journal-gateway;
|
||||
|
||||
users.extraUsers.systemd-network.uid = config.ids.uids.systemd-network;
|
||||
users.extraGroups.systemd-network.gid = config.ids.gids.systemd-network;
|
||||
|
||||
users.extraUsers.systemd-resolve.uid = config.ids.uids.systemd-resolve;
|
||||
users.extraGroups.systemd-resolve.gid = config.ids.gids.systemd-resolve;
|
||||
|
||||
users.extraUsers.systemd-timesync.uid = config.ids.uids.systemd-timesync;
|
||||
users.extraGroups.systemd-timesync.gid = config.ids.gids.systemd-timesync;
|
||||
|
||||
# Generate timer units for all services that have a ‘startAt’ value.
|
||||
systemd.timers =
|
||||
mapAttrs (name: service:
|
||||
@ -1021,9 +1042,6 @@ in
|
||||
|
||||
}
|
||||
(mkIf config.systemd.network.enable {
|
||||
users.extraUsers.systemd-network.uid = config.ids.uids.systemd-network;
|
||||
users.extraGroups.systemd-network.gid = config.ids.gids.systemd-network;
|
||||
|
||||
systemd.services.systemd-networkd = {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
before = [ "network-interfaces.target" ];
|
||||
@ -1051,9 +1069,6 @@ in
|
||||
services.timesyncd.enable = mkDefault config.services.ntp.enable;
|
||||
})
|
||||
(mkIf config.services.resolved.enable {
|
||||
users.extraUsers.systemd-resolve.uid = config.ids.uids.systemd-resolve;
|
||||
users.extraGroups.systemd-resolve.gid = config.ids.gids.systemd-resolve;
|
||||
|
||||
systemd.services.systemd-resolved = {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
restartTriggers = [ config.environment.etc."systemd/resolved.conf".source ];
|
||||
@ -1065,9 +1080,6 @@ in
|
||||
'';
|
||||
})
|
||||
(mkIf config.services.timesyncd.enable {
|
||||
users.extraUsers.systemd-timesync.uid = config.ids.uids.systemd-timesync;
|
||||
users.extraGroups.systemd-timesync.gid = config.ids.gids.systemd-timesync;
|
||||
|
||||
systemd.services.systemd-timesyncd = {
|
||||
wantedBy = [ "sysinit.target" ];
|
||||
restartTriggers = [ config.environment.etc."systemd/timesyncd.conf".source ];
|
||||
|
@ -58,7 +58,7 @@ in
|
||||
|
||||
services.rpcbind.enable = true;
|
||||
|
||||
system.fsPackages = [ pkgs.nfsUtils ];
|
||||
system.fsPackages = [ pkgs.nfs-utils ];
|
||||
|
||||
boot.extraModprobeConfig = mkIf (cfg.lockdPort != null) ''
|
||||
options lockd nlm_udpport=${toString cfg.lockdPort} nlm_tcpport=${toString cfg.lockdPort}
|
||||
@ -71,11 +71,12 @@ in
|
||||
systemd.services.statd =
|
||||
{ description = "NFSv3 Network Status Monitor";
|
||||
|
||||
path = [ pkgs.nfsUtils pkgs.sysvtools pkgs.utillinux ];
|
||||
path = [ pkgs.nfs-utils pkgs.sysvtools pkgs.utillinux ];
|
||||
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
wantedBy = [ "remote-fs-pre.target" ];
|
||||
before = [ "remote-fs-pre.target" ];
|
||||
requires = [ "basic.target" "rpcbind.service" ];
|
||||
after = [ "basic.target" "rpcbind.service" "network.target" ];
|
||||
after = [ "basic.target" "rpcbind.service" ];
|
||||
|
||||
unitConfig.DefaultDependencies = false; # don't stop during shutdown
|
||||
|
||||
@ -88,7 +89,7 @@ in
|
||||
|
||||
serviceConfig.Type = "forking";
|
||||
serviceConfig.ExecStart = ''
|
||||
@${pkgs.nfsUtils}/sbin/rpc.statd rpc.statd --no-notify \
|
||||
@${pkgs.nfs-utils}/sbin/rpc.statd rpc.statd --no-notify \
|
||||
${if cfg.statdPort != null then "-p ${toString statdPort}" else ""}
|
||||
'';
|
||||
serviceConfig.Restart = "always";
|
||||
@ -99,7 +100,8 @@ in
|
||||
|
||||
path = [ pkgs.sysvtools pkgs.utillinux ];
|
||||
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
wantedBy = [ "remote-fs-pre.target" ];
|
||||
before = [ "remote-fs-pre.target" ];
|
||||
requires = [ "rpcbind.service" ];
|
||||
after = [ "rpcbind.service" ];
|
||||
|
||||
@ -115,7 +117,7 @@ in
|
||||
'';
|
||||
|
||||
serviceConfig.Type = "forking";
|
||||
serviceConfig.ExecStart = "@${pkgs.nfsUtils}/sbin/rpc.idmapd rpc.idmapd -c ${idmapdConfFile}";
|
||||
serviceConfig.ExecStart = "@${pkgs.nfs-utils}/sbin/rpc.idmapd rpc.idmapd -c ${idmapdConfFile}";
|
||||
serviceConfig.Restart = "always";
|
||||
};
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
{ config, lib, pkgs, utils, ... }:
|
||||
|
||||
with lib;
|
||||
with utils;
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
@ -54,7 +54,7 @@ in
|
||||
networkSetup =
|
||||
{ description = "Networking Setup";
|
||||
|
||||
after = [ "network-interfaces.target" ];
|
||||
after = [ "network-interfaces.target" "network-pre.target" ];
|
||||
before = [ "network.target" ];
|
||||
wantedBy = [ "network.target" ];
|
||||
|
||||
@ -66,7 +66,7 @@ in
|
||||
serviceConfig.RemainAfterExit = true;
|
||||
|
||||
script =
|
||||
(optionalString (!config.services.resolved.enable) ''
|
||||
''
|
||||
# Set the static DNS configuration, if given.
|
||||
${pkgs.openresolv}/sbin/resolvconf -m 1 -a static <<EOF
|
||||
${optionalString (cfg.nameservers != [] && cfg.domain != null) ''
|
||||
@ -77,9 +77,9 @@ in
|
||||
nameserver ${ns}
|
||||
'')}
|
||||
EOF
|
||||
'') + ''
|
||||
|
||||
# Set the default gateway.
|
||||
${optionalString (cfg.defaultGateway != null) ''
|
||||
${optionalString (cfg.defaultGateway != null && cfg.defaultGateway != "") ''
|
||||
# FIXME: get rid of "|| true" (necessary to make it idempotent).
|
||||
ip route add default via "${cfg.defaultGateway}" ${
|
||||
optionalString (cfg.defaultGatewayWindowSize != null)
|
||||
@ -105,7 +105,7 @@ in
|
||||
wantedBy = [ "network-interfaces.target" ];
|
||||
before = [ "network-interfaces.target" ];
|
||||
bindsTo = [ (subsystemDevice i.name) ];
|
||||
after = [ (subsystemDevice i.name) ];
|
||||
after = [ (subsystemDevice i.name) "network-pre.target" ];
|
||||
serviceConfig.Type = "oneshot";
|
||||
serviceConfig.RemainAfterExit = true;
|
||||
path = [ pkgs.iproute ];
|
||||
@ -155,7 +155,7 @@ in
|
||||
createTunDevice = i: nameValuePair "${i.name}-netdev"
|
||||
{ description = "Virtual Network Interface ${i.name}";
|
||||
requires = [ "dev-net-tun.device" ];
|
||||
after = [ "dev-net-tun.device" ];
|
||||
after = [ "dev-net-tun.device" "network-pre.target" ];
|
||||
wantedBy = [ "network.target" (subsystemDevice i.name) ];
|
||||
before = [ "network-interfaces.target" (subsystemDevice i.name) ];
|
||||
path = [ pkgs.iproute ];
|
||||
@ -180,7 +180,8 @@ in
|
||||
{ description = "Bridge Interface ${n}";
|
||||
wantedBy = [ "network.target" (subsystemDevice n) ];
|
||||
bindsTo = deps;
|
||||
after = deps ++ concatMap (i: [ "network-addresses-${i}.service" "network-link-${i}.service" ]) v.interfaces;
|
||||
after = [ "network-pre.target" ] ++ deps
|
||||
++ concatMap (i: [ "network-addresses-${i}.service" "network-link-${i}.service" ]) v.interfaces;
|
||||
before = [ "network-interfaces.target" (subsystemDevice n) ];
|
||||
serviceConfig.Type = "oneshot";
|
||||
serviceConfig.RemainAfterExit = true;
|
||||
@ -214,7 +215,8 @@ in
|
||||
{ description = "Bond Interface ${n}";
|
||||
wantedBy = [ "network.target" (subsystemDevice n) ];
|
||||
bindsTo = deps;
|
||||
after = deps ++ concatMap (i: [ "network-addresses-${i}.service" "network-link-${i}.service" ]) v.interfaces;
|
||||
after = [ "network-pre.target" ] ++ deps
|
||||
++ concatMap (i: [ "network-addresses-${i}.service" "network-link-${i}.service" ]) v.interfaces;
|
||||
before = [ "network-interfaces.target" (subsystemDevice n) ];
|
||||
serviceConfig.Type = "oneshot";
|
||||
serviceConfig.RemainAfterExit = true;
|
||||
@ -250,7 +252,7 @@ in
|
||||
{ description = "Vlan Interface ${n}";
|
||||
wantedBy = [ "network.target" (subsystemDevice n) ];
|
||||
bindsTo = deps;
|
||||
after = deps;
|
||||
after = [ "network-pre.target" ] ++ deps;
|
||||
before = [ "network-interfaces.target" (subsystemDevice n) ];
|
||||
serviceConfig.Type = "oneshot";
|
||||
serviceConfig.RemainAfterExit = true;
|
||||
@ -274,7 +276,7 @@ in
|
||||
{ description = "6-to-4 Tunnel Interface ${n}";
|
||||
wantedBy = [ "network.target" (subsystemDevice n) ];
|
||||
bindsTo = deps;
|
||||
after = deps;
|
||||
after = [ "network-pre.target" ] ++ deps;
|
||||
before = [ "network-interfaces.target" (subsystemDevice n) ];
|
||||
serviceConfig.Type = "oneshot";
|
||||
serviceConfig.RemainAfterExit = true;
|
||||
@ -301,7 +303,7 @@ in
|
||||
{ description = "Vlan Interface ${n}";
|
||||
wantedBy = [ "network.target" (subsystemDevice n) ];
|
||||
bindsTo = deps;
|
||||
after = deps;
|
||||
after = [ "network-pre.target" ] ++ deps;
|
||||
before = [ "network-interfaces.target" (subsystemDevice n) ];
|
||||
serviceConfig.Type = "oneshot";
|
||||
serviceConfig.RemainAfterExit = true;
|
||||
|
@ -1,7 +1,7 @@
|
||||
{ config, lib, pkgs, utils, ... }:
|
||||
|
||||
with lib;
|
||||
with utils;
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
|
@ -669,6 +669,7 @@ in
|
||||
{ description = "All Network Interfaces";
|
||||
wantedBy = [ "network.target" ];
|
||||
before = [ "network.target" ];
|
||||
after = [ "network-pre.target" ];
|
||||
unitConfig.X-StopOnReconfiguration = true;
|
||||
};
|
||||
|
||||
@ -677,6 +678,7 @@ in
|
||||
description = "Extra networking commands.";
|
||||
before = [ "network.target" ];
|
||||
wantedBy = [ "network.target" ];
|
||||
after = [ "network-pre.target" ];
|
||||
unitConfig.ConditionCapability = "CAP_NET_ADMIN";
|
||||
path = [ pkgs.iproute ];
|
||||
serviceConfig.Type = "oneshot";
|
||||
@ -692,7 +694,7 @@ in
|
||||
wantedBy = [ "network-interfaces.target" ];
|
||||
before = [ "network-interfaces.target" ];
|
||||
bindsTo = [ (subsystemDevice i.name) ];
|
||||
after = [ (subsystemDevice i.name) ];
|
||||
after = [ (subsystemDevice i.name) "network-pre.target" ];
|
||||
path = [ pkgs.iproute ];
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
|
@ -1,67 +1,19 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
pkgs2storeContents = l : map (x: { object = x; symlink = "none"; }) l;
|
||||
|
||||
in {
|
||||
# Create the tarball
|
||||
system.build.dockerImage = import ../../lib/make-system-tarball.nix {
|
||||
inherit (pkgs) stdenv perl xz pathsFromGraph;
|
||||
|
||||
contents = [];
|
||||
extraArgs = "--owner=0";
|
||||
storeContents = [
|
||||
{ object = config.system.build.toplevel + "/init";
|
||||
symlink = "/bin/init";
|
||||
}
|
||||
] ++ (pkgs2storeContents [ pkgs.stdenv ]);
|
||||
};
|
||||
{
|
||||
imports = [
|
||||
../profiles/container.nix
|
||||
];
|
||||
|
||||
boot.postBootCommands =
|
||||
''
|
||||
# After booting, register the contents of the Nix store in the Nix
|
||||
# database.
|
||||
if [ -f /nix-path-registration ]; then
|
||||
${config.nix.package}/bin/nix-store --load-db < /nix-path-registration &&
|
||||
rm /nix-path-registration
|
||||
fi
|
||||
|
||||
# nixos-rebuild also requires a "system" profile and an
|
||||
# /etc/NIXOS tag.
|
||||
touch /etc/NIXOS
|
||||
${config.nix.package}/bin/nix-env -p /nix/var/nix/profiles/system --set /run/current-system
|
||||
|
||||
# Set virtualisation to docker
|
||||
echo "docker" > /run/systemd/container
|
||||
echo "docker" > /run/systemd/container
|
||||
'';
|
||||
|
||||
|
||||
# Docker image config.
|
||||
imports = [
|
||||
../installer/cd-dvd/channel.nix
|
||||
../profiles/minimal.nix
|
||||
../profiles/clone-config.nix
|
||||
];
|
||||
|
||||
boot.isContainer = true;
|
||||
|
||||
# Iptables do not work in Docker.
|
||||
networking.firewall.enable = false;
|
||||
|
||||
services.openssh.enable = true;
|
||||
|
||||
# Socket activated ssh presents problem in Docker.
|
||||
services.openssh.startWhenNeeded = false;
|
||||
|
||||
# Allow the user to login as root without password.
|
||||
users.extraUsers.root.initialHashedPassword = mkOverride 150 "";
|
||||
|
||||
# Some more help text.
|
||||
services.mingetty.helpLine =
|
||||
''
|
||||
|
||||
Log in as "root" with an empty password.
|
||||
'';
|
||||
}
|
||||
|
@ -7,8 +7,8 @@ with lib;
|
||||
let
|
||||
|
||||
cfg = config.virtualisation.docker;
|
||||
pro = config.nix.proxy;
|
||||
proxy_env = optionalAttrs (pro != "") { Environment = "\"http_proxy=${pro}\""; };
|
||||
pro = config.networking.proxy.default;
|
||||
proxy_env = optionalAttrs (pro != null) { Environment = "\"http_proxy=${pro}\""; };
|
||||
|
||||
in
|
||||
|
||||
|
26
nixos/modules/virtualisation/lxc-container.nix
Normal file
26
nixos/modules/virtualisation/lxc-container.nix
Normal file
@ -0,0 +1,26 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
{
|
||||
imports = [
|
||||
../profiles/container.nix
|
||||
];
|
||||
|
||||
# Allow the user to login as root without password.
|
||||
users.extraUsers.root.initialHashedPassword = mkOverride 150 "";
|
||||
|
||||
# Some more help text.
|
||||
services.mingetty.helpLine =
|
||||
''
|
||||
|
||||
Log in as "root" with an empty password.
|
||||
'';
|
||||
|
||||
# Containers should be light-weight, so start sshd on demand.
|
||||
services.openssh.enable = mkDefault true;
|
||||
services.openssh.startWhenNeeded = mkDefault true;
|
||||
|
||||
# Allow ssh connections
|
||||
networking.firewall.allowedTCPPorts = [ 22 ];
|
||||
}
|
@ -213,6 +213,12 @@ in rec {
|
||||
inherit system;
|
||||
});
|
||||
|
||||
# Provide container tarball for lxc, libvirt-lxc, docker-lxc, ...
|
||||
container_tarball = forAllSystems (system: makeSystemTarball {
|
||||
module = ./modules/virtualisation/lxc-container.nix;
|
||||
inherit system;
|
||||
});
|
||||
|
||||
/*
|
||||
system_tarball_fuloong2f =
|
||||
assert builtins.currentSystem == "mips64-linux";
|
||||
@ -239,10 +245,12 @@ in rec {
|
||||
tests.chromium = callTest tests/chromium.nix {};
|
||||
tests.cjdns = callTest tests/cjdns.nix {};
|
||||
tests.containers = callTest tests/containers.nix {};
|
||||
tests.docker = scrubDrv (import tests/docker.nix { system = "x86_64-linux"; });
|
||||
tests.dockerRegistry = scrubDrv (import tests/docker-registry.nix { system = "x86_64-linux"; });
|
||||
tests.etcd = scrubDrv (import tests/etcd.nix { system = "x86_64-linux"; });
|
||||
tests.firefox = callTest tests/firefox.nix {};
|
||||
tests.firewall = callTest tests/firewall.nix {};
|
||||
tests.fleet = scrubDrv (import tests/fleet.nix { system = "x86_64-linux"; });
|
||||
tests.gnome3 = callTest tests/gnome3.nix {};
|
||||
tests.installer.grub1 = forAllSystems (system: scrubDrv (import tests/installer.nix { inherit system; }).grub1.test);
|
||||
tests.installer.lvm = forAllSystems (system: scrubDrv (import tests/installer.nix { inherit system; }).lvm.test);
|
||||
@ -290,6 +298,7 @@ in rec {
|
||||
tests.nfs3 = callTest tests/nfs.nix { version = 3; };
|
||||
tests.nsd = callTest tests/nsd.nix {};
|
||||
tests.openssh = callTest tests/openssh.nix {};
|
||||
tests.peerflix = callTest tests/peerflix.nix {};
|
||||
tests.printing = callTest tests/printing.nix {};
|
||||
tests.proxy = callTest tests/proxy.nix {};
|
||||
tests.quake3 = callTest tests/quake3.nix {};
|
||||
|
@ -81,7 +81,7 @@ in
|
||||
# Create the torrent.
|
||||
$tracker->succeed("mkdir /tmp/data");
|
||||
$tracker->succeed("cp ${file} /tmp/data/test.tar.bz2");
|
||||
$tracker->succeed("transmission-create /tmp/data/test.tar.bz2 -t http://${(pkgs.lib.head nodes.tracker.config.networking.interfaces.eth1.ip4).address}:6969/announce -o /tmp/test.torrent");
|
||||
$tracker->succeed("transmission-create /tmp/data/test.tar.bz2 -p -t http://${(pkgs.lib.head nodes.tracker.config.networking.interfaces.eth1.ip4).address}:6969/announce -o /tmp/test.torrent");
|
||||
$tracker->succeed("chmod 644 /tmp/test.torrent");
|
||||
|
||||
# Start the tracker. !!! use a less crappy tracker
|
||||
|
24
nixos/tests/docker.nix
Normal file
24
nixos/tests/docker.nix
Normal file
@ -0,0 +1,24 @@
|
||||
# This test runs docker and checks if simple container starts
|
||||
|
||||
import ./make-test.nix {
|
||||
name = "docker";
|
||||
|
||||
nodes = {
|
||||
docker =
|
||||
{ config, pkgs, ... }:
|
||||
{
|
||||
virtualisation.docker.enable = true;
|
||||
};
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
startAll;
|
||||
|
||||
$docker->waitForUnit("docker.service");
|
||||
$docker->succeed("tar cv --files-from /dev/null | docker import - scratch");
|
||||
$docker->succeed("docker run -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratch /bin/sleep 10");
|
||||
$docker->succeed("docker ps | grep sleeping");
|
||||
$docker->succeed("docker stop sleeping");
|
||||
'';
|
||||
|
||||
}
|
73
nixos/tests/fleet.nix
Normal file
73
nixos/tests/fleet.nix
Normal file
@ -0,0 +1,73 @@
|
||||
import ./make-test.nix rec {
|
||||
name = "simple";
|
||||
|
||||
nodes = {
|
||||
node1 =
|
||||
{ config, pkgs, ... }:
|
||||
{
|
||||
services = {
|
||||
etcd = {
|
||||
enable = true;
|
||||
listenPeerUrls = ["http://0.0.0.0:7001"];
|
||||
initialAdvertisePeerUrls = ["http://node1:7001"];
|
||||
initialCluster = ["node1=http://node1:7001" "node2=http://node2:7001"];
|
||||
};
|
||||
};
|
||||
|
||||
services.fleet = {
|
||||
enable = true;
|
||||
metadata.name = "node1";
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 7001 ];
|
||||
};
|
||||
|
||||
node2 =
|
||||
{ config, pkgs, ... }:
|
||||
{
|
||||
services = {
|
||||
etcd = {
|
||||
enable = true;
|
||||
listenPeerUrls = ["http://0.0.0.0:7001"];
|
||||
initialAdvertisePeerUrls = ["http://node2:7001"];
|
||||
initialCluster = ["node1=http://node1:7001" "node2=http://node2:7001"];
|
||||
};
|
||||
};
|
||||
|
||||
services.fleet = {
|
||||
enable = true;
|
||||
metadata.name = "node2";
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 7001 ];
|
||||
};
|
||||
};
|
||||
|
||||
service = builtins.toFile "hello.service" ''
|
||||
[Unit]
|
||||
Description=Hello World
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -c "while true; do echo \"Hello, world\"; /var/run/current-system/sw/bin/sleep 1; done"
|
||||
|
||||
[X-Fleet]
|
||||
MachineMetadata=name=node2
|
||||
'';
|
||||
|
||||
testScript =
|
||||
''
|
||||
startAll;
|
||||
$node1->waitForUnit("fleet.service");
|
||||
$node2->waitForUnit("fleet.service");
|
||||
|
||||
$node2->waitUntilSucceeds("fleetctl list-machines | grep node1");
|
||||
$node1->waitUntilSucceeds("fleetctl list-machines | grep node2");
|
||||
|
||||
$node1->succeed("cp ${service} hello.service && fleetctl submit hello.service");
|
||||
$node1->succeed("fleetctl list-unit-files | grep hello");
|
||||
$node1->succeed("fleetctl start hello.service");
|
||||
$node1->waitUntilSucceeds("fleetctl list-units | grep running");
|
||||
$node1->succeed("fleetctl stop hello.service");
|
||||
$node1->succeed("fleetctl destroy hello.service");
|
||||
'';
|
||||
}
|
@ -29,6 +29,10 @@ let
|
||||
pkgs.unionfs-fuse
|
||||
pkgs.gummiboot
|
||||
];
|
||||
|
||||
# Don't use https://cache.nixos.org since the fake
|
||||
# cache.nixos.org doesn't do https.
|
||||
nix.binaryCaches = [ http://cache.nixos.org/ ];
|
||||
}
|
||||
];
|
||||
}).config.system.build.isoImage;
|
||||
@ -38,7 +42,7 @@ let
|
||||
makeConfig = { testChannel, grubVersion, grubDevice, grubIdentifier
|
||||
, readOnly ? true, forceGrubReinstallCount ? 0 }:
|
||||
pkgs.writeText "configuration.nix" ''
|
||||
{ config, pkgs, modulesPath, ... }:
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{ imports =
|
||||
[ ./hardware-configuration.nix
|
||||
@ -59,6 +63,8 @@ let
|
||||
${optionalString (!readOnly) "nix.readOnlyStore = false;"}
|
||||
|
||||
environment.systemPackages = [ ${optionalString testChannel "pkgs.rlwrap"} ];
|
||||
|
||||
nix.binaryCaches = [ http://cache.nixos.org/ ];
|
||||
}
|
||||
'';
|
||||
|
||||
@ -66,7 +72,7 @@ let
|
||||
# Configuration of a web server that simulates the Nixpkgs channel
|
||||
# distribution server.
|
||||
webserver =
|
||||
{ config, pkgs, ... }:
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{ services.httpd.enable = true;
|
||||
services.httpd.adminAddr = "foo@example.org";
|
||||
@ -185,8 +191,9 @@ let
|
||||
$machine->succeed("test -e /boot/grub");
|
||||
|
||||
# Did the swap device get activated?
|
||||
$machine->waitForUnit("swap.target");
|
||||
$machine->succeed("cat /proc/swaps | grep -q /dev");
|
||||
# uncomment once https://bugs.freedesktop.org/show_bug.cgi?id=86930 is resolved
|
||||
#$machine->waitForUnit("swap.target");
|
||||
$machine->waitUntilSucceeds("cat /proc/swaps | grep -q /dev");
|
||||
|
||||
# Check whether the channel works.
|
||||
$machine->succeed("nix-env -i coreutils >&2");
|
||||
|
@ -41,8 +41,7 @@ import ./make-test.nix ({ pkgs, ... }: {
|
||||
];
|
||||
};
|
||||
|
||||
testScript =
|
||||
''
|
||||
testScript = ''
|
||||
$machine->waitUntilSucceeds("pgrep plasma-desktop");
|
||||
$machine->waitForWindow(qr/plasma-desktop/);
|
||||
|
||||
@ -60,7 +59,7 @@ import ./make-test.nix ({ pkgs, ... }: {
|
||||
|
||||
$machine->sleep(10);
|
||||
|
||||
$machine->screenshot("screen");
|
||||
$machine->screenshot("screen");
|
||||
'';
|
||||
|
||||
})
|
||||
|
@ -45,10 +45,10 @@ import ./make-test.nix rec {
|
||||
|
||||
nodes = {
|
||||
master =
|
||||
{ config, pkgs, nodes, ... }:
|
||||
{ config, pkgs, lib, nodes, ... }:
|
||||
{
|
||||
virtualisation.memorySize = 512;
|
||||
virtualisation.kubernetes = {
|
||||
services.kubernetes = {
|
||||
roles = ["master" "node"];
|
||||
controllerManager.machines = ["master" "node"];
|
||||
kubelet.extraOpts = "-network_container_image=master:5000/pause";
|
||||
@ -75,6 +75,7 @@ import ./make-test.nix rec {
|
||||
ipAddress = "10.10.0.1";
|
||||
prefixLength = 24;
|
||||
};
|
||||
eth2.ip4 = lib.mkOverride 0 [ ];
|
||||
};
|
||||
networking.localCommands = ''
|
||||
ip route add 10.10.0.0/16 dev cbr0
|
||||
@ -89,9 +90,9 @@ import ./make-test.nix rec {
|
||||
};
|
||||
|
||||
node =
|
||||
{ config, pkgs, nodes, ... }:
|
||||
{ config, pkgs, lib, nodes, ... }:
|
||||
{
|
||||
virtualisation.kubernetes = {
|
||||
services.kubernetes = {
|
||||
roles = ["node"];
|
||||
kubelet.extraOpts = "-network_container_image=master:5000/pause";
|
||||
verbose = true;
|
||||
@ -112,6 +113,7 @@ import ./make-test.nix rec {
|
||||
ipAddress = "10.10.1.1";
|
||||
prefixLength = 24;
|
||||
};
|
||||
eth2.ip4 = lib.mkOverride 0 [ ];
|
||||
};
|
||||
networking.localCommands = ''
|
||||
ip route add 10.10.0.0/16 dev cbr0
|
||||
|
25
nixos/tests/mesos.nix
Normal file
25
nixos/tests/mesos.nix
Normal file
@ -0,0 +1,25 @@
|
||||
import ./make-test.nix {
|
||||
name = "simple";
|
||||
|
||||
machine = { config, pkgs, ... }: {
|
||||
services.zookeeper.enable = true;
|
||||
virtualisation.docker.enable = true;
|
||||
services.mesos = {
|
||||
slave = {
|
||||
enable = true;
|
||||
master = "zk://localhost:2181/mesos";
|
||||
};
|
||||
master = {
|
||||
enable = true;
|
||||
zk = "zk://localhost:2181/mesos";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
testScript =
|
||||
''
|
||||
startAll;
|
||||
$machine->waitForUnit("mesos-master.service");
|
||||
$machine->waitForUnit("mesos-slave.service");
|
||||
'';
|
||||
}
|
@ -38,7 +38,8 @@ in
|
||||
testScript =
|
||||
''
|
||||
$server->waitForUnit("nfsd");
|
||||
$server->waitForUnit("network.target");
|
||||
$server->succeed("systemctl start network-online.target");
|
||||
$server->waitForUnit("network-online.target");
|
||||
|
||||
startAll;
|
||||
|
||||
|
21
nixos/tests/peerflix.nix
Normal file
21
nixos/tests/peerflix.nix
Normal file
@ -0,0 +1,21 @@
|
||||
# This test runs peerflix and checks if peerflix starts
|
||||
|
||||
import ./make-test.nix {
|
||||
name = "peerflix";
|
||||
|
||||
nodes = {
|
||||
peerflix =
|
||||
{ config, pkgs, ... }:
|
||||
{
|
||||
services.peerflix.enable = true;
|
||||
};
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
startAll;
|
||||
|
||||
$peerflix->waitForUnit("peerflix.service");
|
||||
$peerflix->waitUntilSucceeds("curl localhost:9000");
|
||||
'';
|
||||
|
||||
}
|
@ -1,6 +1,6 @@
|
||||
{ stdenv, fetchurl, cmake
|
||||
, withQt4 ? true, qt4
|
||||
, withQt5 ? false, qt5
|
||||
, withQt4 ? false, qt4
|
||||
, withQt5 ? true, qt5
|
||||
|
||||
# I'm unable to make KDE work here, crashes at runtime so I simply
|
||||
# make Qt4 the default until someone who wants KDE can figure it out.
|
||||
@ -39,7 +39,7 @@ assert withOnlineServices -> withTaglib;
|
||||
assert withReplaygain -> withTaglib;
|
||||
|
||||
let
|
||||
version = "1.5.0";
|
||||
version = "1.5.1";
|
||||
pname = "cantata";
|
||||
fstat = x: fn: "-DENABLE_" + fn + "=" + (if x then "ON" else "OFF");
|
||||
fstats = x: map (fstat x);
|
||||
@ -50,8 +50,8 @@ stdenv.mkDerivation rec {
|
||||
|
||||
src = fetchurl {
|
||||
inherit name;
|
||||
url = "https://drive.google.com/uc?export=download&id=0Bzghs6gQWi60c0pFbEtldEk1UnM";
|
||||
sha256 = "0gnqfp3ps79d500hrivxj2xkkia042knhg86md6w8ycl3945611p";
|
||||
url = "https://drive.google.com/uc?export=download&id=0Bzghs6gQWi60UktwaTRMTjRIUW8";
|
||||
sha256 = "0y7y3nbiqgh1ghb47n4lfyp163wvazvhavlshb1c18ik03fkn5sp";
|
||||
};
|
||||
|
||||
buildInputs =
|
||||
|
@ -5,11 +5,11 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "easytag-${version}";
|
||||
version = "2.3.1";
|
||||
version = "2.3.2";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://gnome/sources/easytag/2.3/${name}.tar.xz";
|
||||
sha256 = "19cdx4hma4nl38m1zrc3mq9cjg6knw970abk5anhg7cvpc1371s7";
|
||||
sha256 = "0bj3sj4yzlnhan38j84acs7qv27fl3xy4rdrfq6dnpz4q6qccm84";
|
||||
};
|
||||
|
||||
preFixup = ''
|
||||
|
@ -1,11 +1,11 @@
|
||||
{ stdenv, fetchurl, libogg }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "flac-1.3.0";
|
||||
name = "flac-1.3.1";
|
||||
|
||||
src = fetchurl {
|
||||
url = "http://downloads.xiph.org/releases/flac/${name}.tar.xz";
|
||||
sha256 = "1p0hh190kqvpkbk1bbajd81jfbmkyl4fn2i7pggk2zppq6m68bgs";
|
||||
sha256 = "4773c0099dba767d963fd92143263be338c48702172e8754b9bc5103efe1c56c";
|
||||
};
|
||||
|
||||
buildInputs = [ libogg ];
|
||||
|
@ -13,6 +13,7 @@ stdenv.mkDerivation rec {
|
||||
url = http://download.sarine.nl/Programs/gmpc/11.8/libmpd-11.8.17.tar.gz;
|
||||
sha256 = "10vspwsgr8pwf3qp2bviw6b2l8prgdiswgv7qiqiyr0h1mmk487y";
|
||||
};
|
||||
patches = [ ./libmpd-11.8.17-remove-strndup.patch ];
|
||||
buildInputs = [ pkgconfig glib ];
|
||||
};
|
||||
|
||||
|
@ -0,0 +1,15 @@
|
||||
diff --git a/src/libmpd-internal.h b/src/libmpd-internal.h
|
||||
index c84c3a4..51be441 100644
|
||||
--- a/src/libmpd-internal.h
|
||||
+++ b/src/libmpd-internal.h
|
||||
@@ -206,10 +206,6 @@ int mpd_unlock_conn(MpdObj *mi);
|
||||
MpdData * mpd_misc_sort_tag_list(MpdData *data);
|
||||
|
||||
|
||||
-#ifndef HAVE_STRNDUP
|
||||
-char * strndup (const char *s, size_t n);
|
||||
-#endif
|
||||
-
|
||||
int mpd_server_get_allowed_commands(MpdObj *mi);
|
||||
typedef enum _MpdSearchType {
|
||||
MPD_SEARCH_TYPE_NONE,
|
@ -4,11 +4,11 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "guitarix-${version}";
|
||||
version = "0.32.0";
|
||||
version = "0.32.1";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://sourceforge/guitarix/guitarix2-${version}.tar.bz2";
|
||||
sha256 = "06qxydcba1ga1l19kyqy0mk141mv6pa4wbkyh75xbwhyr65bwkc4";
|
||||
sha256 = "1sl7ca1lj0wchh3xq7qw3zqrbyyh4r8cwljb9i3yplpsn90d1i3k";
|
||||
};
|
||||
|
||||
buildInputs = [
|
||||
|
@ -1,27 +1,37 @@
|
||||
{ stdenv, fetchsvn, boost, ganv, glibmm, gtk, gtkmm, jack2, lilv
|
||||
, lv2, pkgconfig, python, raul, serd, sord, sratom, suil
|
||||
, lv2, makeWrapper, pkgconfig, python, raul, rdflib, serd, sord, sratom
|
||||
, suil
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "ingen-svn-${rev}";
|
||||
rev = "5464";
|
||||
rev = "5490";
|
||||
|
||||
src = fetchsvn {
|
||||
url = "http://svn.drobilla.net/lad/trunk/ingen";
|
||||
rev = rev;
|
||||
sha256 = "1p5rsxwanpj3kj5yai7zqbharj2ldvn78x3p739vkgpr3dinp506";
|
||||
sha256 = "09h2mrkzpwzhhyqy21xr7jhfbl82gmqfyj0lzhnjsrab8z56yzk6";
|
||||
};
|
||||
|
||||
buildInputs = [
|
||||
boost ganv glibmm gtk gtkmm jack2 lilv lv2 pkgconfig python
|
||||
raul serd sord sratom suil
|
||||
boost ganv glibmm gtk gtkmm jack2 lilv lv2 makeWrapper pkgconfig
|
||||
python raul serd sord sratom suil
|
||||
];
|
||||
|
||||
configurePhase = "python waf configure --prefix=$out";
|
||||
|
||||
propagatedBuildInputs = [ rdflib ];
|
||||
|
||||
buildPhase = "python waf";
|
||||
|
||||
installPhase = "python waf install";
|
||||
installPhase = ''
|
||||
python waf install
|
||||
for program in ingenams ingenish
|
||||
do
|
||||
wrapProgram $out/bin/$program \
|
||||
--prefix PYTHONPATH : $out/lib/python${python.majorVersion}/site-packages:$PYTHONPATH
|
||||
done
|
||||
'';
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "A modular audio processing system using JACK and LV2 or LADSPA plugins";
|
||||
|
47
pkgs/applications/audio/meters_lv2/default.nix
Normal file
47
pkgs/applications/audio/meters_lv2/default.nix
Normal file
@ -0,0 +1,47 @@
|
||||
{ stdenv, fetchurl, pkgconfig
|
||||
, lv2, mesa, gtk2, cairo, pango, fftw }:
|
||||
|
||||
let
|
||||
version = "0.8.1";
|
||||
name = "meters.lv2-${version}";
|
||||
|
||||
# robtk submodule is pegged to this version
|
||||
robtkVersion = "0.3.0";
|
||||
robtkName = "robtk-${robtkVersion}";
|
||||
|
||||
src = fetchurl {
|
||||
name = "${name}.tar.gz";
|
||||
url = "https://github.com/x42/meters.lv2/archive/v${version}.tar.gz";
|
||||
sha256 = "142dg0j34mv5b0agajj2x1n9kgsmkfh08n1cjzk0j8n4xk2wb6ri";
|
||||
};
|
||||
|
||||
robtkSrc = fetchurl {
|
||||
name = "${robtkName}.tar.gz";
|
||||
url = "https://github.com/x42/robtk/archive/v${robtkVersion}.tar.gz";
|
||||
sha256 = "1ny89i2sgga56k7fxskp9y8sb7pfhp6wgw5mni842p19z6q7h8rq";
|
||||
};
|
||||
|
||||
in
|
||||
stdenv.mkDerivation {
|
||||
inherit name;
|
||||
|
||||
buildInputs = [ pkgconfig lv2 mesa gtk2 cairo pango fftw ];
|
||||
|
||||
srcs = [ src robtkSrc ];
|
||||
sourceRoot = name;
|
||||
|
||||
postUnpack = "mv ${robtkName}/* ${name}/robtk"; # */
|
||||
|
||||
postPatch = "sed -i 's/fftw3f/fftw3/' Makefile";
|
||||
|
||||
preConfigure = "makeFlagsArray=( PREFIX=$out )";
|
||||
meter_VERSION = version;
|
||||
|
||||
meta = with stdenv.lib;
|
||||
{ description = "Collection of audio level meters with GUI in LV2 plugin format";
|
||||
homepage = http://x42.github.io/meters.lv2/;
|
||||
maintainers = with maintainers; [ emery ];
|
||||
license = licenses.gpl2;
|
||||
platforms = platforms.linux;
|
||||
};
|
||||
}
|
23
pkgs/applications/audio/mopidy-mopify/default.nix
Normal file
23
pkgs/applications/audio/mopidy-mopify/default.nix
Normal file
@ -0,0 +1,23 @@
|
||||
{ stdenv, fetchurl, pythonPackages, mopidy }:
|
||||
|
||||
pythonPackages.buildPythonPackage rec {
|
||||
name = "mopidy-mopify-${version}";
|
||||
|
||||
version = "0.1.6";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/dirkgroenen/mopidy-mopify/archive/${version}.tar.gz";
|
||||
sha256 = "3581de6b0b42d2ece63bc153dcdba0594fbbeaacf695f2cd1e5d199670d83775";
|
||||
};
|
||||
|
||||
propagatedBuildInputs = [ mopidy ];
|
||||
|
||||
doCheck = false;
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
homepage = https://github.com/dirkgroenen/mopidy-mopify;
|
||||
description = "A mopidy webclient based on the Spotify webbased interface.";
|
||||
license = licenses.gpl3;
|
||||
maintainers = [ maintainers.Gonzih ];
|
||||
};
|
||||
}
|
@ -28,11 +28,11 @@
|
||||
# handle that.
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "qmmp-0.7.6";
|
||||
name = "qmmp-0.8.2";
|
||||
|
||||
src = fetchurl {
|
||||
url = "http://qmmp.ylsoftware.com/files/${name}.tar.bz2";
|
||||
sha256 = "1hq08ii06lyfg516jrvxdfcjj509gvglvdlsr96aqi1fh8v4k5p9";
|
||||
sha256 = "1vwjy3bv1gj6k5kqkhw2q7aspashw6x4lxccl28iydjfzk7d7cd4";
|
||||
};
|
||||
|
||||
buildInputs =
|
||||
|
23
pkgs/applications/audio/schismtracker/default.nix
Normal file
23
pkgs/applications/audio/schismtracker/default.nix
Normal file
@ -0,0 +1,23 @@
|
||||
{ stdenv, fetchurl, alsaLib, python, SDL }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
version = "20120105";
|
||||
name = "schismtracker-${version}";
|
||||
|
||||
src = fetchurl {
|
||||
url = "http://schismtracker.org/dl/${name}.tar.bz2";
|
||||
sha256 = "1ny7wv2wxm1av299wvpskall6438wjjpadphmqc7c0h6d0zg5kii";
|
||||
};
|
||||
|
||||
configureFlags = "--enable-dependency-tracking";
|
||||
|
||||
buildInputs = [ alsaLib python SDL ];
|
||||
|
||||
meta = {
|
||||
description = "Music tracker application, free reimplementation of Impulse Tracker";
|
||||
homepage = "http://schismtracker.org/";
|
||||
license = stdenv.lib.licenses.gpl2;
|
||||
platforms = [ "x86_64-linux" "i686-linux" ];
|
||||
maintainers = [ stdenv.lib.maintainers.ftrvxmtrx ];
|
||||
};
|
||||
}
|
@ -1,6 +1,6 @@
|
||||
{ stdenv, fetchurl, cmake, pkgconfig, attica, boost, gnutls, libechonest
|
||||
, liblastfm, lucenepp, phonon, phonon_backend_vlc, qca2, qjson, qt4, qtkeychain
|
||||
, quazip, sparsehash, taglib, websocketpp
|
||||
, liblastfm, lucenepp, phonon, phonon_backend_vlc, qca2, qca2_ossl, qjson, qt4
|
||||
, qtkeychain, quazip, sparsehash, taglib, websocketpp, makeWrapper
|
||||
|
||||
, enableXMPP ? true, libjreen ? null
|
||||
, enableKDE ? false, kdelibs ? null
|
||||
@ -15,11 +15,11 @@ let
|
||||
quazipQt4 = quazip.override { qt = qt4; };
|
||||
in stdenv.mkDerivation rec {
|
||||
name = "tomahawk-${version}";
|
||||
version = "0.8.1";
|
||||
version = "0.8.2";
|
||||
|
||||
src = fetchurl {
|
||||
url = "http://download.tomahawk-player.org/tomahawk-0.8.1.tar.bz2";
|
||||
sha256 = "0ca6fah30a2s8nnlryav95wyzhwys1ikjfwakrqf2hb0y5aczdpw";
|
||||
url = "http://download.tomahawk-player.org/${name}.tar.bz2";
|
||||
sha256 = "1bmkkpqhflpm42sn6zf7hxv3936h3p0kdiqzmj88jm7qfgw2wbaj";
|
||||
};
|
||||
|
||||
cmakeFlags = [
|
||||
@ -30,11 +30,21 @@ in stdenv.mkDerivation rec {
|
||||
buildInputs = [
|
||||
cmake pkgconfig attica boost gnutls libechonest liblastfm lucenepp phonon
|
||||
qca2 qjson qt4 qtkeychain quazipQt4 sparsehash taglib websocketpp
|
||||
makeWrapper
|
||||
] ++ stdenv.lib.optional enableXMPP libjreen
|
||||
++ stdenv.lib.optional enableKDE kdelibs
|
||||
++ stdenv.lib.optional enableTelepathy telepathy_qt;
|
||||
|
||||
propagatedBuildInputs = [ phonon_backend_vlc ];
|
||||
postInstall = let
|
||||
pluginPath = stdenv.lib.concatStringsSep ":" [
|
||||
"${phonon_backend_vlc}/lib/kde4/plugins"
|
||||
"${qca2_ossl}/lib/qt4/plugins"
|
||||
];
|
||||
in ''
|
||||
for i in "$out"/bin/*; do
|
||||
wrapProgram "$i" --prefix QT_PLUGIN_PATH : "${pluginPath}"
|
||||
done
|
||||
'';
|
||||
|
||||
enableParallelBuilding = true;
|
||||
|
||||
|
@ -25,5 +25,6 @@ cabal.mkDerivation (self: {
|
||||
license = self.stdenv.lib.licenses.mit;
|
||||
platforms = self.ghc.meta.platforms;
|
||||
maintainers = with self.stdenv.lib.maintainers; [ jzellner ];
|
||||
broken = self.stdenv.isLinux && self.stdenv.isi686;
|
||||
};
|
||||
})
|
||||
|
@ -1,20 +1,20 @@
|
||||
{ stdenv, fetchurl, alsaLib, boost, cairo, cmake, fftwSinglePrec, fltk
|
||||
, jack2, libsndfile, mesa, minixml, pkgconfig, zlib, xorg
|
||||
, jack2, libsndfile, lv2, mesa, minixml, pkgconfig, zlib, xorg
|
||||
}:
|
||||
|
||||
assert stdenv ? glibc;
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "yoshimi-${version}";
|
||||
version = "1.2.5";
|
||||
version = "1.3.0";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://sourceforge/yoshimi/${name}.tar.bz2";
|
||||
sha256 = "0lixrxv0wds3p50kmy9k166qhavdjkhlxs432s248hk43k7n6c1h";
|
||||
sha256 = "1zxblcl6ffwwzxh3d17hw1mp398b73wk5bsagdmx5gph038gdh7y";
|
||||
};
|
||||
|
||||
buildInputs = [
|
||||
alsaLib boost cairo fftwSinglePrec fltk jack2 libsndfile mesa
|
||||
alsaLib boost cairo fftwSinglePrec fltk jack2 libsndfile lv2 mesa
|
||||
minixml zlib xorg.libpthreadstubs
|
||||
];
|
||||
|
||||
|
@ -179,6 +179,7 @@ let
|
||||
buildPycharm = { name, version, build, src, license, description }:
|
||||
(mkIdeaProduct rec {
|
||||
inherit name version build src;
|
||||
patchSnappy = false;
|
||||
product = "PyCharm";
|
||||
meta = with stdenv.lib; {
|
||||
homepage = "https://www.jetbrains.com/pycharm/";
|
||||
@ -270,25 +271,25 @@ in
|
||||
|
||||
pycharm-community = buildPycharm rec {
|
||||
name = "pycharm-community-${version}";
|
||||
version = "3.4.1";
|
||||
build = "135.1057";
|
||||
description = "PyCharm 3.4 Community Edition";
|
||||
version = "4.0.1";
|
||||
build = "139.574";
|
||||
description = "PyCharm 4.0 Community Edition";
|
||||
license = stdenv.lib.licenses.asl20;
|
||||
src = fetchurl {
|
||||
url = "http://download.jetbrains.com/python/${name}.tar.gz";
|
||||
sha256 = "96427b1e842e7c09141ec4d3ede627c5ca7d821c0d6c98169b56a34f9035ef64";
|
||||
sha256 = "0jh0sxi5dpgpw7ga018fby7zvb4i9k49vwl8422lfcrgckdz9nv2";
|
||||
};
|
||||
};
|
||||
|
||||
pycharm-professional = buildPycharm rec {
|
||||
name = "pycharm-professional-${version}";
|
||||
version = "3.4.1";
|
||||
build = "135.1057";
|
||||
description = "PyCharm 3.4 Professional Edition";
|
||||
version = "4.0.1";
|
||||
build = "139.574";
|
||||
description = "PyCharm 4.0 Professional Edition";
|
||||
license = stdenv.lib.licenses.unfree;
|
||||
src = fetchurl {
|
||||
url = "http://download.jetbrains.com/python/${name}.tar.gz";
|
||||
sha256 = "e4f85f3248e8985ac9f8c326543f979b47ba1d7ac6b128a2cf2b3eb8ec545d2b";
|
||||
sha256 = "04yjhg6vi2kz00sy8zg4wkz26ai90vbp0cnd850ynsab0jsy24w4";
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -20,7 +20,7 @@
|
||||
|
||||
let
|
||||
|
||||
version = "6.8.9-8";
|
||||
version = "6.9.0-0";
|
||||
|
||||
arch =
|
||||
if stdenv.system == "i686-linux" then "i686"
|
||||
@ -34,7 +34,7 @@ stdenv.mkDerivation rec {
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://imagemagick/releases/${name}.tar.xz";
|
||||
sha256 = "1c792hbwi308lm9xkml319xaa4w3bz6hwy6i92jwrm7kqr4h8di7";
|
||||
sha256 = "1dmrl5x63msdnxsf4cmhz5v4ard2z3jrgp2zhqlb27399j81qcqj";
|
||||
};
|
||||
|
||||
enableParallelBuilding = true;
|
||||
|
@ -9,12 +9,12 @@
|
||||
assert stdenv ? glibc;
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
version = "1.4.2";
|
||||
version = "1.6.0";
|
||||
name = "darktable-${version}";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://sourceforge/darktable/darktable/1.2/darktable-${version}.tar.xz";
|
||||
sha256 = "02875rnabw5m9aqfls59901889iyxkmm4xk445fvh1v06dp1lcf1";
|
||||
url = "https://github.com/darktable-org/darktable/releases/download/release-${version}/darktable-${version}.tar.xz";
|
||||
sha256 = "0zjrcd9a73ikn9g8yx9lixz1ifwbmy2vg2ipc24lnkpqhrbb1y1b";
|
||||
};
|
||||
|
||||
buildInputs =
|
||||
@ -46,9 +46,9 @@ stdenv.mkDerivation rec {
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "Virtual lighttable and darkroom for photographers";
|
||||
homepage = http://darktable.sourceforge.net;
|
||||
homepage = http://www.darktable.org;
|
||||
license = licenses.gpl3Plus;
|
||||
platforms = platforms.linux;
|
||||
maintainers = [ maintainers.goibhniu maintainers.rickynils ];
|
||||
maintainers = [ maintainers.goibhniu maintainers.rickynils maintainers.flosse ];
|
||||
};
|
||||
}
|
||||
|
@ -1,4 +1,4 @@
|
||||
{ stdenv, cmake, fetchurl, pkgconfig, qt5, boost, exiv2, fftwFloat, gsl
|
||||
{ stdenv, cmake, fetchurl, fetchpatch, pkgconfig, qt5, boost, exiv2, fftwFloat, gsl
|
||||
, ilmbase, lcms2, libraw, libtiff, openexr
|
||||
}:
|
||||
|
||||
@ -10,6 +10,13 @@ stdenv.mkDerivation rec {
|
||||
sha256 = "00fldbcizrx8jcnjgq74n3zmbm27dxzl96fxa7q49689mfnlw08l";
|
||||
};
|
||||
|
||||
patches = [(fetchpatch {
|
||||
name = "fix-qt53-build.diff";
|
||||
url = "http://anonscm.debian.org/cgit/pkg-phototools/luminance-hdr.git/"
|
||||
+ "plain/debian/patches/51_qt5_printsupport.diff?id=00c869a860062dac181303f2c03a3513c0e210bc";
|
||||
sha256 = "0nzvfxd3ybxx61rj6vxcaaxfrsxrl9af3h8jj7pr3rncisnl9gkl";
|
||||
})];
|
||||
|
||||
NIX_CFLAGS_COMPILE = "-I${ilmbase}/include/OpenEXR";
|
||||
|
||||
buildInputs = [ qt5 boost exiv2 fftwFloat gsl ilmbase lcms2 libraw libtiff openexr ];
|
||||
|
@ -5,8 +5,8 @@ stdenv.mkDerivation {
|
||||
|
||||
src = fetchgit {
|
||||
url = "https://github.com/muennich/sxiv.git";
|
||||
rev = "54af451b4a81b5b1072f27de0981a2d39cabc2d6";
|
||||
sha256 = "1b0fb6bd8d36af4c7f1160fcc12b5b7382546c7da35b4924d259f7efaa4c97d0";
|
||||
rev = "6216bf6c2d42be63025d29550831d9f4447f4066";
|
||||
sha256 = "e25e19cf073cc2621656e50d2c31cc59cc0fc200716f96c765374568a26977f1";
|
||||
};
|
||||
|
||||
postUnpack = ''
|
||||
|
@ -1,6 +1,6 @@
|
||||
{ fetchurl, stdenv, pkgconfig
|
||||
, openssl, db48, boost, zlib, miniupnpc, qt4, qrencode, glib, protobuf
|
||||
, utillinux, autogen, autoconf, autobuild, automake, db }:
|
||||
, utillinux, autogen, autoconf, autobuild, automake, autoreconfHook, db }:
|
||||
|
||||
with stdenv.lib;
|
||||
|
||||
@ -8,7 +8,7 @@ let
|
||||
buildAltcoin = makeOverridable ({walletName, gui ? true, ...}@a:
|
||||
stdenv.mkDerivation ({
|
||||
name = "${walletName}${toString (optional (!gui) "d")}-${a.version}";
|
||||
buildInputs = [ openssl db48 boost zlib miniupnpc ]
|
||||
buildInputs = [ pkgconfig openssl db48 boost zlib miniupnpc ]
|
||||
++ optionals gui [ qt4 qrencode ] ++ a.extraBuildInputs or [];
|
||||
|
||||
configurePhase = optional gui "qmake";
|
||||
@ -27,7 +27,7 @@ let
|
||||
meta = {
|
||||
platforms = platforms.unix;
|
||||
license = license.mit;
|
||||
maintainers = [ maintainers.offline ];
|
||||
maintainers = [ maintainers.offline ] ++ a.extraMaintainers;
|
||||
};
|
||||
} // a)
|
||||
);
|
||||
@ -35,31 +35,6 @@ let
|
||||
in rec {
|
||||
inherit buildAltcoin;
|
||||
|
||||
litecoin = buildAltcoin rec {
|
||||
walletName = "litecoin";
|
||||
version = "0.8.5.3-rc3";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/litecoin-project/litecoin/archive/v${version}.tar.gz";
|
||||
sha256 = "1z4a7bm3z9kd7n0s38kln31z8shsd32d5d5v3br5p0jlnr5g3lk7";
|
||||
};
|
||||
|
||||
meta = {
|
||||
description = "A lite version of Bitcoin using scrypt as a proof-of-work algorithm";
|
||||
longDescription= ''
|
||||
Litecoin is a peer-to-peer Internet currency that enables instant payments
|
||||
to anyone in the world. It is based on the Bitcoin protocol but differs
|
||||
from Bitcoin in that it can be efficiently mined with consumer-grade hardware.
|
||||
Litecoin provides faster transaction confirmations (2.5 minutes on average)
|
||||
and uses a memory-hard, scrypt-based mining proof-of-work algorithm to target
|
||||
the regular computers and GPUs most people already have.
|
||||
The Litecoin network is scheduled to produce 84 million currency units.
|
||||
'';
|
||||
homepage = https://litecoin.org/;
|
||||
};
|
||||
};
|
||||
litecoind = litecoin.override { gui = false; };
|
||||
|
||||
namecoin = buildAltcoin rec {
|
||||
walletName = "namecoin";
|
||||
version = "0.3.51.00";
|
||||
@ -80,4 +55,28 @@ in rec {
|
||||
};
|
||||
};
|
||||
|
||||
darkcoin = buildAltcoin rec {
|
||||
walletName = "darkcoin";
|
||||
version = "0.9.13.15";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/darkcoin/darkcoin/archive/v${version}.tar.gz";
|
||||
sha256 = "1kly2y3g4dr1jwwf81smqvc7k662x6rvg4ggmxva1yaifb67bgjb";
|
||||
};
|
||||
|
||||
extraBuildInputs = [ glib ];
|
||||
|
||||
meta = {
|
||||
description = "A decentralized key/value registration and transfer system";
|
||||
longDescription = ''
|
||||
Darkcoin (DRK) is an open sourced, privacy-centric digital
|
||||
currency. It allows you keep your finances private as you make
|
||||
transactions, similar to cash.
|
||||
'';
|
||||
homepage = http://darkcoin.io;
|
||||
extraMaintainers = [ maintainers.AndersonTorres ];
|
||||
};
|
||||
};
|
||||
darkcoind = darkcoin.override { gui = false; };
|
||||
|
||||
}
|
||||
|
60
pkgs/applications/misc/bitcoin/litecoin.nix
Normal file
60
pkgs/applications/misc/bitcoin/litecoin.nix
Normal file
@ -0,0 +1,60 @@
|
||||
{ stdenv, fetchurl, pkgconfig
|
||||
, openssl, db48, boost, zlib, miniupnpc, qt4, qrencode, glib, protobuf
|
||||
, utillinux, autogen, autoreconfHook }:
|
||||
|
||||
with stdenv.lib;
|
||||
|
||||
let
|
||||
mkAutoreconfCoin =
|
||||
{ name, version, withGui, src, meta }:
|
||||
|
||||
stdenv.mkDerivation {
|
||||
|
||||
inherit src meta;
|
||||
|
||||
name = name + (toString (optional (!withGui) "d")) + "-" + version;
|
||||
|
||||
buildInputs = [ autogen autoreconfHook pkgconfig openssl
|
||||
boost zlib miniupnpc db48 glib utillinux protobuf ]
|
||||
++ optionals withGui [ qt4 qrencode protobuf ];
|
||||
|
||||
configureFlags = [ "--with-boost-libdir=${boost.lib}/lib" ] ++ optionals withGui [ "--with-gui=qt4" ];
|
||||
};
|
||||
|
||||
mkLitecoin = { withGui }:
|
||||
|
||||
mkAutoreconfCoin rec {
|
||||
|
||||
name = "litecoin";
|
||||
version = "0.9.3-preview5";
|
||||
inherit withGui;
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/litecoin-project/litecoin/archive/v${version}.tar.gz";
|
||||
sha256 = "0nnfz4s2g28jb5fqy6cabsryp3h2amzlyslr6g6k8r1vmzvx5ym6";
|
||||
};
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "A lite version of Bitcoin using scrypt as a proof-of-work algorithm";
|
||||
longDescription= ''
|
||||
Litecoin is a peer-to-peer Internet currency that enables instant payments
|
||||
to anyone in the world. It is based on the Bitcoin protocol but differs
|
||||
from Bitcoin in that it can be efficiently mined with consumer-grade hardware.
|
||||
Litecoin provides faster transaction confirmations (2.5 minutes on average)
|
||||
and uses a memory-hard, scrypt-based mining proof-of-work algorithm to target
|
||||
the regular computers and GPUs most people already have.
|
||||
The Litecoin network is scheduled to produce 84 million currency units.
|
||||
'';
|
||||
homepage = https://litecoin.org/;
|
||||
platforms = platforms.unix;
|
||||
license = licenses.mit;
|
||||
maintainers = [ maintainers.offline maintainers.AndersonTorres ];
|
||||
};
|
||||
};
|
||||
|
||||
in {
|
||||
|
||||
litecoin = mkLitecoin { withGui = true; };
|
||||
litecoind = mkLitecoin { withGui = false; };
|
||||
|
||||
}
|
@ -1,4 +1,4 @@
|
||||
{ stdenv, fetchFromGitHub, qt53 }:
|
||||
{ stdenv, fetchFromGitHub, qt5 }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
version = "0.9";
|
||||
@ -11,7 +11,7 @@ stdenv.mkDerivation rec {
|
||||
sha256 = "8462f3eded7b2219acc143258544b0dfac32d81e10cac61ff14276d426704c93";
|
||||
};
|
||||
|
||||
buildInputs = [ qt53 ];
|
||||
buildInputs = [ qt5 ];
|
||||
|
||||
buildPhase = ''
|
||||
pushd ./konsole-qml-plugin
|
||||
@ -31,7 +31,7 @@ stdenv.mkDerivation rec {
|
||||
|
||||
cat > $out/bin/cool-old-term <<EOF
|
||||
#!${stdenv.shell}
|
||||
${qt53}/bin/qmlscene -I $out/lib/cool-old-term/imports $out/share/cool-old-term/app/main.qml
|
||||
${qt5}/bin/qmlscene -I $out/lib/cool-old-term/imports $out/share/cool-old-term/app/main.qml
|
||||
EOF
|
||||
chmod a+x $out/bin/cool-old-term
|
||||
'';
|
||||
|
@ -19,7 +19,7 @@ stdenv.mkDerivation rec {
|
||||
# http://sourceforge.net/projects/eaglemode/forums/forum/808824/topic/5115261
|
||||
buildPhase = ''
|
||||
export NIX_LDFLAGS="$NIX_LDFLAGS -lXxf86vm -lXext"
|
||||
yes y | perl make.pl build
|
||||
perl make.pl build
|
||||
'';
|
||||
|
||||
dontPatchELF = true;
|
||||
|
@ -1,7 +1,7 @@
|
||||
{ stdenv, fetchgit, autoconf, automake, pkgconfig, libxml2 }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "evtest-1.31";
|
||||
name = "evtest-1.32";
|
||||
|
||||
preConfigure = "autoreconf -iv";
|
||||
|
||||
@ -9,8 +9,8 @@ stdenv.mkDerivation rec {
|
||||
|
||||
src = fetchgit {
|
||||
url = "git://anongit.freedesktop.org/evtest";
|
||||
rev = "871371806017301373b8b0e5b7e8f168ce1ea13f";
|
||||
sha256 = "1hxldlldlrb9lnnybn839a97fpqd1cixbmci2wzgr0rzhjbwhcgp";
|
||||
rev = "refs/tags/evtest-1.32";
|
||||
sha256 = "150lb7d2gnkcqgfw1hcnb8lcvdb52fpig9j9qxjizp6irhlw2a31";
|
||||
};
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
|
@ -7,12 +7,12 @@ assert pythonSupport -> python != null && swig != null;
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "gnuradio-osmosdr-${version}";
|
||||
version = "0.1.0";
|
||||
version = "0.1.4";
|
||||
|
||||
src = fetchgit {
|
||||
url = "git://git.osmocom.org/gr-osmosdr";
|
||||
rev = "refs/tags/v${version}";
|
||||
sha256 = "112zfvnr6fjvhdc06ihi2sb0dp441qy7jq8rvr81nbyv3r8jspj4";
|
||||
sha256 = "0vyzr4fhkblf2v3d7m0ch5hws4c493jw3ydl4y6b2dfbfzchhsz8";
|
||||
};
|
||||
|
||||
buildInputs = [
|
||||
|
@ -23,11 +23,11 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "gnuradio-${version}";
|
||||
version = "3.7.5";
|
||||
version = "3.7.5.1";
|
||||
|
||||
src = fetchurl {
|
||||
url = "http://gnuradio.org/releases/gnuradio/${name}.tar.gz";
|
||||
sha256 = "0hv2nyz2hp1mjinin2q7jimh9mr81rjqvghqmaglz8w70qcn4zs6";
|
||||
sha256 = "0gg4i8s1z5pcfk8d7n7baxv3lx2cjcizimvbziraj27lcbvpmwar";
|
||||
};
|
||||
|
||||
buildInputs = [
|
||||
|
@ -7,7 +7,7 @@ stdenv.mkDerivation {
|
||||
name = "gosmore-r${version}";
|
||||
src = fetchsvn {
|
||||
url = http://svn.openstreetmap.org/applications/rendering/gosmore;
|
||||
sha256 = "0qyvrb4xgy4msc7f65widzkvjzc8mlddc4dyr1i76b7wd3gpk0xj";
|
||||
sha256 = "0d8ddfa0nhz51ambwj9y5jjbizl9y9w44sviisk3ysqvn8q0phds";
|
||||
rev = "${version}";
|
||||
};
|
||||
|
||||
|
@ -8,11 +8,11 @@ assert pulseaudioSupport -> pulseaudio != null;
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "gqrx-${version}";
|
||||
version = "2.2.0";
|
||||
version = "2.3.0";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://sourceforge/project/gqrx/${version}/${name}-src.tar.gz";
|
||||
sha256 = "15ncx2shh43skph7sj3jvmkls9cbbbysld49c8xd23fhdsxanj9x";
|
||||
url = "mirror://sourceforge/project/gqrx/${version}/${name}.tar.xz";
|
||||
sha256 = "0fyfkdd2ailg54ppv1y2fy2c692jmlmsyl1lxr20lyn6bvd9gpyn";
|
||||
};
|
||||
|
||||
buildInputs = [
|
||||
@ -21,6 +21,14 @@ stdenv.mkDerivation rec {
|
||||
|
||||
configurePhase = ''qmake PREFIX="$out"'';
|
||||
|
||||
postInstall = ''
|
||||
mkdir -p "$out/share/applications"
|
||||
mkdir -p "$out/share/icons"
|
||||
|
||||
cp gqrx.desktop "$out/share/applications/"
|
||||
cp icons/gqrx.svg "$out/share/icons/"
|
||||
'';
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "Software defined radio (SDR) receiver";
|
||||
longDescription = ''
|
||||
|
57
pkgs/applications/misc/gramps/default.nix
Normal file
57
pkgs/applications/misc/gramps/default.nix
Normal file
@ -0,0 +1,57 @@
|
||||
{ stdenv, fetchurl, gtk3, pythonPackages, python, pycairo, pygobject3, intltool,
|
||||
pango, gsettings_desktop_schemas }:
|
||||
|
||||
pythonPackages.buildPythonPackage rec {
|
||||
version = "4.1.1";
|
||||
name = "gramps-${version}";
|
||||
namePrefix = "";
|
||||
|
||||
buildInputs = [ intltool gtk3 ];
|
||||
|
||||
# Currently broken
|
||||
doCheck = false;
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://sourceforge/gramps/Stable/${version}/${name}.tar.gz";
|
||||
sha256 = "0jdps7yx2mlma1hdj64wssvnqd824xdvw0bmn2dnal5fn3h7h060";
|
||||
};
|
||||
|
||||
pythonPath = [ pygobject3 pango pycairo pythonPackages.bsddb ];
|
||||
|
||||
# Same installPhase as in buildPythonPackage but without --old-and-unmanageble
|
||||
# install flag.
|
||||
installPhase = ''
|
||||
runHook preInstall
|
||||
|
||||
mkdir -p "$out/lib/${python.libPrefix}/site-packages"
|
||||
|
||||
export PYTHONPATH="$out/lib/${python.libPrefix}/site-packages:$PYTHONPATH"
|
||||
|
||||
${python}/bin/${python.executable} setup.py install \
|
||||
--install-lib=$out/lib/${python.libPrefix}/site-packages \
|
||||
--prefix="$out"
|
||||
|
||||
eapth="$out/lib/${python.libPrefix}"/site-packages/easy-install.pth
|
||||
if [ -e "$eapth" ]; then
|
||||
# move colliding easy_install.pth to specifically named one
|
||||
mv "$eapth" $(dirname "$eapth")/${name}.pth
|
||||
fi
|
||||
|
||||
rm -f "$out/lib/${python.libPrefix}"/site-packages/site.py*
|
||||
|
||||
runHook postInstall
|
||||
'';
|
||||
|
||||
# gobjectIntrospection package, wrap accordingly
|
||||
preFixup = ''
|
||||
wrapProgram $out/bin/gramps \
|
||||
--prefix GI_TYPELIB_PATH : "$GI_TYPELIB_PATH" \
|
||||
--prefix XDG_DATA_DIRS : "$GSETTINGS_SCHEMAS_PATH:$out/share"
|
||||
'';
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "Genealogy software";
|
||||
homepage = http://gramps-project.org;
|
||||
license = licenses.gpl2;
|
||||
};
|
||||
}
|
@ -20,10 +20,11 @@ let
|
||||
};
|
||||
|
||||
in stdenv.mkDerivation rec {
|
||||
name = "k2pdfopt";
|
||||
name = "k2pdfopt-${version}";
|
||||
version = "2.30";
|
||||
src = fetchzip {
|
||||
url = http://www.willus.com/k2pdfopt/src/k2pdfopt_v2.21_src.zip;
|
||||
sha256 = "1vy0yw41z6p95gmivjk4r534zbg0kqap4lr9ps56kvjw51q8r54j";
|
||||
url = "http://www.willus.com/k2pdfopt/src/k2pdfopt_v${version}_src.zip";
|
||||
sha256 = "1fjjznkplrbyrg48wbij4kqgkz9i5icq7savl6brsf9haahdz6q5";
|
||||
};
|
||||
|
||||
buildInputs = [ libX11 libXext autoconf automake libtool leptonica libpng libtiff zlib
|
||||
|
@ -16,6 +16,9 @@ stdenv.mkDerivation {
|
||||
# these tests take a long time and don't
|
||||
# always complete in the build environment
|
||||
postPatch = "sed -i '/add_subdirectory(tests)/d' CMakeLists.txt";
|
||||
|
||||
NIX_CFLAGS_COMPILE = "-Wno-error=cpp";
|
||||
|
||||
doCheck = false;
|
||||
checkTarget = "test-release"; # this would be the target
|
||||
|
||||
|
44
pkgs/applications/misc/rescuetime/default.nix
Normal file
44
pkgs/applications/misc/rescuetime/default.nix
Normal file
@ -0,0 +1,44 @@
|
||||
{ stdenv, lib, fetchurl, dpkg, patchelf, qt4, libXtst, libXext, libX11, makeWrapper, libXScrnSaver }:
|
||||
|
||||
let
|
||||
src =
|
||||
if stdenv.system == "i686-linux" then fetchurl {
|
||||
name = "rescuetime-installer.deb";
|
||||
url = "https://www.rescuetime.com/installers/rescuetime_current_i386.deb";
|
||||
sha256 = "03dj0ivavxlcvx7dv7y6zllwqkclfyxkfax691zv2qclmk5gf8wz";
|
||||
} else fetchurl {
|
||||
name = "rescuetime-installer.deb";
|
||||
url = "https://www.rescuetime.com/installers/rescuetime_current_amd64.deb";
|
||||
sha256 = "11by4lkij1ryv8h3mz55hj3ssrikl697rs5b7mlg3g058gr2v3wl";
|
||||
};
|
||||
|
||||
in
|
||||
|
||||
stdenv.mkDerivation {
|
||||
name = "rescuetime-2.8.6.1015";
|
||||
inherit src;
|
||||
buildInputs = [ dpkg makeWrapper ];
|
||||
unpackPhase = ''
|
||||
mkdir pkg
|
||||
dpkg-deb -x $src pkg
|
||||
sourceRoot=pkg
|
||||
'';
|
||||
installPhase = ''
|
||||
mkdir -p $out/bin
|
||||
cp usr/bin/rescuetime $out/bin
|
||||
|
||||
${patchelf}/bin/patchelf \
|
||||
--interpreter "$(cat $NIX_GCC/nix-support/dynamic-linker)" \
|
||||
$out/bin/rescuetime
|
||||
|
||||
wrapProgram $out/bin/rescuetime \
|
||||
--prefix LD_PRELOAD : ${qt4}/lib/libQtGui.so.4:${qt4}/lib/libQtCore.so.4:${libXtst}/lib/libXtst.so.6:${libXext}/lib/libXext.so.6:${libX11}/lib/libX11.so.6:${libXScrnSaver}/lib/libXss.so.1
|
||||
'';
|
||||
meta = with lib; {
|
||||
description = "Helps you understand your daily habits so you can focus and be more productive";
|
||||
homepage = "https://www.rescuetime.com";
|
||||
maintainers = with maintainers; [ cstrahan ];
|
||||
license = licenses.unfree;
|
||||
platforms = [ "i686-linux" "x86_64-linux" ];
|
||||
};
|
||||
}
|
@ -69,5 +69,6 @@ stdenv.mkDerivation rec {
|
||||
license = licenses.agpl3;
|
||||
platforms = platforms.linux;
|
||||
maintainers = with maintainers; [ bjornfor the-kenny ];
|
||||
broken = true; # requires Perl 5.14
|
||||
};
|
||||
}
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user