Merge master into haskell-updates
This commit is contained in:
commit
0f196bb1eb
2
.github/CODEOWNERS
vendored
2
.github/CODEOWNERS
vendored
@ -48,6 +48,8 @@
|
||||
/pkgs/build-support/setup-hooks/auto-patchelf.sh @layus
|
||||
/pkgs/build-support/setup-hooks/auto-patchelf.py @layus
|
||||
/pkgs/pkgs-lib @infinisil
|
||||
## Format generators/serializers
|
||||
/pkgs/pkgs-lib/formats/libconfig @ckiee
|
||||
|
||||
# pkgs/by-name
|
||||
/pkgs/test/nixpkgs-check-by-name @infinisil
|
||||
|
76
.github/ISSUE_TEMPLATE/unreproducible_package.md
vendored
76
.github/ISSUE_TEMPLATE/unreproducible_package.md
vendored
@ -7,25 +7,81 @@ assignees: ''
|
||||
|
||||
---
|
||||
|
||||
Building this package twice does not produce the bit-by-bit identical result each time, making it harder to detect CI breaches. You can read more about this at https://reproducible-builds.org/ .
|
||||
<!--
|
||||
Hello dear reporter,
|
||||
|
||||
Fixing bit-by-bit reproducibility also has additional advantages, such as avoiding hard-to-reproduce bugs, making content-addressed storage more effective and reducing rebuilds in such systems.
|
||||
Thank you for bringing attention to this issue. Your insights are valuable to
|
||||
us, and we appreciate the time you took to document the problem.
|
||||
|
||||
I wanted to kindly point out that in this issue template, it would be beneficial
|
||||
to replace the placeholder `<package>` with the actual, canonical name of the
|
||||
package you're reporting the issue for. Doing so will provide better context and
|
||||
facilitate quicker troubleshooting for anyone who reads this issue in the
|
||||
future.
|
||||
|
||||
Best regards
|
||||
-->
|
||||
|
||||
Building this package multiple times does not yield bit-by-bit identical
|
||||
results, complicating the detection of Continuous Integration (CI) breaches. For
|
||||
more information on this issue, visit
|
||||
[reproducible-builds.org](https://reproducible-builds.org/).
|
||||
|
||||
Fixing bit-by-bit reproducibility also has additional advantages, such as
|
||||
avoiding hard-to-reproduce bugs, making content-addressed storage more effective
|
||||
and reducing rebuilds in such systems.
|
||||
|
||||
### Steps To Reproduce
|
||||
|
||||
```
|
||||
nix-build '<nixpkgs>' -A ... && nix-build '<nixpkgs>' -A ... --check --keep-failed
|
||||
```
|
||||
In the following steps, replace `<package>` with the canonical name of the
|
||||
package.
|
||||
|
||||
If this command completes successfully, no differences where found. However, when it ends in `error: derivation '<X>' may not be deterministic: output '<Y>' differs from '<Z>'`, you can use `diffoscope <Y> <Z>` to analyze the differences in the output of the two builds.
|
||||
#### 1. Build the package
|
||||
|
||||
To view the build log of the build that produced the artifact in the binary cache:
|
||||
This step will build the package. Specific arguments are passed to the command
|
||||
to keep the build artifacts so we can compare them in case of differences.
|
||||
|
||||
Execute the following command:
|
||||
|
||||
```
|
||||
nix-store --read-log $(nix-instantiate '<nixpkgs>' -A ...)
|
||||
nix-build '<nixpkgs>' -A <package> && nix-build '<nixpkgs>' -A <package> --check --keep-failed
|
||||
```
|
||||
|
||||
Or using the new command line style:
|
||||
|
||||
```
|
||||
nix build nixpkgs#<package> && nix build nixpkgs#<package> --rebuild --keep-failed
|
||||
```
|
||||
|
||||
#### 2. Compare the build artifacts
|
||||
|
||||
If the previous command completes successfully, no differences were found and
|
||||
there's nothing to do, builds are reproducible.
|
||||
If it terminates with the error message `error: derivation '<X>' may not be
|
||||
deterministic: output '<Y>' differs from '<Z>'`, use `diffoscope` to investigate
|
||||
the discrepancies between the two build outputs. You may need to add the
|
||||
`--exclude-directory-metadata recursive` option to ignore files and directories
|
||||
metadata (*e.g. timestamp*) differences.
|
||||
|
||||
```
|
||||
nix run nixpkgs#diffoscopeMinimal -- --exclude-directory-metadata recursive <Y> <Z>
|
||||
```
|
||||
|
||||
#### 3. Examine the build log
|
||||
|
||||
To examine the build log, use:
|
||||
|
||||
```
|
||||
nix-store --read-log $(nix-instantiate '<nixpkgs>' -A <package>)
|
||||
```
|
||||
|
||||
Or with the new command line style:
|
||||
|
||||
```
|
||||
nix log $(nix path-info --derivation nixpkgs#<package>)
|
||||
```
|
||||
|
||||
### Additional context
|
||||
|
||||
(please share the relevant fragment of the diffoscope output here,
|
||||
and any additional analysis you may have done)
|
||||
(please share the relevant fragment of the diffoscope output here, and any
|
||||
additional analysis you may have done)
|
||||
|
@ -45,7 +45,7 @@ rec {
|
||||
}
|
||||
```
|
||||
|
||||
This is where `fix` comes in, it contains the syntactic that's not in `f` anymore.
|
||||
This is where `fix` comes in, it contains the syntactic recursion that's not in `f` anymore.
|
||||
|
||||
```nix
|
||||
nix-repl> fix = f:
|
||||
|
@ -162,5 +162,12 @@ rec {
|
||||
getExe' pkgs.imagemagick "convert"
|
||||
=> "/nix/store/5rs48jamq7k6sal98ymj9l4k2bnwq515-imagemagick-7.1.1-15/bin/convert"
|
||||
*/
|
||||
getExe' = x: y: "${lib.getBin x}/bin/${y}";
|
||||
getExe' = x: y:
|
||||
assert lib.assertMsg (lib.isDerivation x)
|
||||
"lib.meta.getExe': The first argument is of type ${builtins.typeOf x}, but it should be a derivation instead.";
|
||||
assert lib.assertMsg (lib.isString y)
|
||||
"lib.meta.getExe': The second argument is of type ${builtins.typeOf y}, but it should be a string instead.";
|
||||
assert lib.assertMsg (builtins.length (lib.splitString "/" y) == 1)
|
||||
"lib.meta.getExe': The second argument \"${y}\" is a nested path with a \"/\" character, but it should just be the name of the executable instead.";
|
||||
"${lib.getBin x}/bin/${y}";
|
||||
}
|
||||
|
@ -1906,4 +1906,32 @@ runTests {
|
||||
expr = (with types; either int (listOf (either bool str))).description;
|
||||
expected = "signed integer or list of (boolean or string)";
|
||||
};
|
||||
|
||||
# Meta
|
||||
testGetExe'Output = {
|
||||
expr = getExe' {
|
||||
type = "derivation";
|
||||
out = "somelonghash";
|
||||
bin = "somelonghash";
|
||||
} "executable";
|
||||
expected = "somelonghash/bin/executable";
|
||||
};
|
||||
|
||||
testGetExeOutput = {
|
||||
expr = getExe {
|
||||
type = "derivation";
|
||||
out = "somelonghash";
|
||||
bin = "somelonghash";
|
||||
meta.mainProgram = "mainProgram";
|
||||
};
|
||||
expected = "somelonghash/bin/mainProgram";
|
||||
};
|
||||
|
||||
testGetExe'FailureFirstArg = testingThrow (
|
||||
getExe' "not a derivation" "executable"
|
||||
);
|
||||
|
||||
testGetExe'FailureSecondArg = testingThrow (
|
||||
getExe' { type = "derivation"; } "dir/executable"
|
||||
);
|
||||
}
|
||||
|
@ -5969,6 +5969,11 @@
|
||||
githubId = 119691;
|
||||
name = "Michael Gough";
|
||||
};
|
||||
franciscod = {
|
||||
github = "franciscod";
|
||||
githubId = 726447;
|
||||
name = "Francisco Demartino";
|
||||
};
|
||||
franzmondlichtmann = {
|
||||
name = "Franz Schroepf";
|
||||
email = "franz-schroepf@t-online.de";
|
||||
@ -6111,7 +6116,7 @@
|
||||
};
|
||||
fugi = {
|
||||
email = "me@fugi.dev";
|
||||
github = "FugiMuffi";
|
||||
github = "fugidev";
|
||||
githubId = 21362942;
|
||||
name = "Fugi";
|
||||
};
|
||||
@ -18862,6 +18867,13 @@
|
||||
fingerprint = "47F7 009E 3AE3 1DA7 988E 12E1 8C9B 0A8F C0C0 D862";
|
||||
}];
|
||||
};
|
||||
wamirez = {
|
||||
email = "wamirez@protonmail.com";
|
||||
matrix = "@wamirez:matrix.org";
|
||||
github = "wamirez";
|
||||
githubId = 24505474;
|
||||
name = "Daniel Ramirez";
|
||||
};
|
||||
wamserma = {
|
||||
name = "Markus S. Wamser";
|
||||
email = "github-dev@mail2013.wamser.eu";
|
||||
|
@ -8,4 +8,5 @@ installing.chapter.md
|
||||
changing-config.chapter.md
|
||||
upgrading.chapter.md
|
||||
building-nixos.chapter.md
|
||||
building-images-via-systemd-repart.chapter.md
|
||||
```
|
||||
|
@ -38,6 +38,8 @@
|
||||
true`. This is generally safe behavior, but for anyone needing to opt out from
|
||||
the check `users.users.${USERNAME}.ignoreShellProgramCheck = true` will do the job.
|
||||
|
||||
- Cassandra now defaults to 4.x, updated from 3.11.x.
|
||||
|
||||
## New Services {#sec-release-23.11-new-services}
|
||||
|
||||
- [MCHPRS](https://github.com/MCHPR/MCHPRS), a multithreaded Minecraft server built for redstone. Available as [services.mchprs](#opt-services.mchprs.enable).
|
||||
@ -72,6 +74,8 @@
|
||||
|
||||
- [LibreNMS](https://www.librenms.org), a auto-discovering PHP/MySQL/SNMP based network monitoring. Available as [services.librenms](#opt-services.librenms.enable).
|
||||
|
||||
- [Livebook](https://livebook.dev/), an interactive notebook with support for Elixir, graphs, machine learning, and more.
|
||||
|
||||
- [sitespeed-io](https://sitespeed.io), a tool that can generate metrics (timings, diagnostics) for websites. Available as [services.sitespeed-io](#opt-services.sitespeed-io.enable).
|
||||
|
||||
- [stalwart-mail](https://stalw.art), an all-in-one email server (SMTP, IMAP, JMAP). Available as [services.stalwart-mail](#opt-services.stalwart-mail.enable).
|
||||
@ -337,6 +341,8 @@
|
||||
|
||||
- `service.borgmatic.settings.location` and `services.borgmatic.configurations.<name>.location` are deprecated, please move your options out of sections to the global scope.
|
||||
|
||||
- `privacyidea` (and the corresponding `privacyidea-ldap-proxy`) has been removed from nixpkgs because it has severely outdated dependencies that became unmaintainable with nixpkgs' python package-set.
|
||||
|
||||
- `dagger` was removed because using a package called `dagger` and packaging it from source violates their trademark policy.
|
||||
|
||||
- `win-virtio` package was renamed to `virtio-win` to be consistent with the upstream package name.
|
||||
@ -488,10 +494,14 @@ The module update takes care of the new config syntax and the data itself (user
|
||||
|
||||
If you use this feature, updates to CoreDNS may require updating `vendorHash` by following these steps again.
|
||||
|
||||
- `postgresql_11` has been removed since it'll stop receiving fixes on November 9 2023.
|
||||
|
||||
- `ffmpeg` default upgraded from `ffmpeg_5` to `ffmpeg_6`.
|
||||
|
||||
- `fusuma` now enables the following plugins: [appmatcher](https://github.com/iberianpig/fusuma-plugin-appmatcher), [keypress](https://github.com/iberianpig/fusuma-plugin-keypress), [sendkey](https://github.com/iberianpig/fusuma-plugin-sendkey), [tap](https://github.com/iberianpig/fusuma-plugin-tap) and [wmctrl](https://github.com/iberianpig/fusuma-plugin-wmctrl).
|
||||
|
||||
- `services.bitcoind` now properly respects the `enable` option.
|
||||
|
||||
## Nixpkgs internals {#sec-release-23.11-nixpkgs-internals}
|
||||
|
||||
- The use of `sourceRoot = "source";`, `sourceRoot = "source/subdir";`, and similar lines in package derivations using the default `unpackPhase` is deprecated as it requires `unpackPhase` to always produce a directory named "source". Use `sourceRoot = src.name`, `sourceRoot = "${src.name}/subdir";`, or `setSourceRoot = "sourceRoot=$(echo */subdir)";` or similar instead.
|
||||
|
@ -21,11 +21,12 @@ in rec {
|
||||
{ preferLocalBuild = true;
|
||||
allowSubstitutes = false;
|
||||
inherit (unit) text;
|
||||
passAsFile = [ "text" ];
|
||||
}
|
||||
''
|
||||
name=${shellEscape name}
|
||||
mkdir -p "$out/$(dirname -- "$name")"
|
||||
echo -n "$text" > "$out/$name"
|
||||
mv "$textPath" "$out/$name"
|
||||
''
|
||||
else
|
||||
pkgs.runCommand "unit-${mkPathSafeName name}-disabled"
|
||||
|
@ -99,7 +99,7 @@ in
|
||||
|
||||
systemd.tmpfiles.rules = lib.mkIf cfg.channel.enable [
|
||||
"f /root/.nix-channels -"
|
||||
''w "/root/.nix-channels" - - - - "${config.system.defaultChannel} nixos\n"''
|
||||
''w+ "/root/.nix-channels" - - - - ${config.system.defaultChannel} nixos\n''
|
||||
];
|
||||
};
|
||||
}
|
||||
|
@ -34,12 +34,13 @@ let
|
||||
};
|
||||
});
|
||||
default = { };
|
||||
example = lib.literalExpression '' {
|
||||
"/EFI/BOOT/BOOTX64.EFI".source =
|
||||
"''${pkgs.systemd}/lib/systemd/boot/efi/systemd-bootx64.efi";
|
||||
example = lib.literalExpression ''
|
||||
{
|
||||
"/EFI/BOOT/BOOTX64.EFI".source =
|
||||
"''${pkgs.systemd}/lib/systemd/boot/efi/systemd-bootx64.efi";
|
||||
|
||||
"/loader/entries/nixos.conf".source = systemdBootEntry;
|
||||
}
|
||||
"/loader/entries/nixos.conf".source = systemdBootEntry;
|
||||
}
|
||||
'';
|
||||
description = lib.mdDoc "The contents to end up in the filesystem image.";
|
||||
};
|
||||
@ -90,34 +91,33 @@ in
|
||||
|
||||
package = lib.mkPackageOption pkgs "systemd-repart" {
|
||||
default = "systemd";
|
||||
example = lib.literalExpression ''
|
||||
pkgs.systemdMinimal.override { withCryptsetup = true; }
|
||||
'';
|
||||
example = "pkgs.systemdMinimal.override { withCryptsetup = true; }";
|
||||
};
|
||||
|
||||
partitions = lib.mkOption {
|
||||
type = with lib.types; attrsOf (submodule partitionOptions);
|
||||
default = { };
|
||||
example = lib.literalExpression '' {
|
||||
"10-esp" = {
|
||||
contents = {
|
||||
"/EFI/BOOT/BOOTX64.EFI".source =
|
||||
"''${pkgs.systemd}/lib/systemd/boot/efi/systemd-bootx64.efi";
|
||||
}
|
||||
repartConfig = {
|
||||
Type = "esp";
|
||||
Format = "fat";
|
||||
example = lib.literalExpression ''
|
||||
{
|
||||
"10-esp" = {
|
||||
contents = {
|
||||
"/EFI/BOOT/BOOTX64.EFI".source =
|
||||
"''${pkgs.systemd}/lib/systemd/boot/efi/systemd-bootx64.efi";
|
||||
}
|
||||
repartConfig = {
|
||||
Type = "esp";
|
||||
Format = "fat";
|
||||
};
|
||||
};
|
||||
"20-root" = {
|
||||
storePaths = [ config.system.build.toplevel ];
|
||||
repartConfig = {
|
||||
Type = "root";
|
||||
Format = "ext4";
|
||||
Minimize = "guess";
|
||||
};
|
||||
};
|
||||
};
|
||||
"20-root" = {
|
||||
storePaths = [ config.system.build.toplevel ];
|
||||
repartConfig = {
|
||||
Type = "root";
|
||||
Format = "ext4";
|
||||
Minimize = "guess";
|
||||
};
|
||||
};
|
||||
};
|
||||
'';
|
||||
description = lib.mdDoc ''
|
||||
Specify partitions as a set of the names of the partitions with their
|
||||
@ -208,10 +208,7 @@ in
|
||||
| tee repart-output.json
|
||||
'';
|
||||
|
||||
meta = {
|
||||
maintainers = with lib.maintainers; [ nikstur ];
|
||||
doc = ./repart.md;
|
||||
};
|
||||
meta.maintainers = with lib.maintainers; [ nikstur ];
|
||||
|
||||
};
|
||||
}
|
||||
|
@ -485,6 +485,7 @@
|
||||
./services/development/hoogle.nix
|
||||
./services/development/jupyter/default.nix
|
||||
./services/development/jupyterhub/default.nix
|
||||
./services/development/livebook.nix
|
||||
./services/development/lorri.nix
|
||||
./services/development/rstudio-server/default.nix
|
||||
./services/development/zammad.nix
|
||||
@ -1175,7 +1176,6 @@
|
||||
./services/security/opensnitch.nix
|
||||
./services/security/pass-secret-service.nix
|
||||
./services/security/physlock.nix
|
||||
./services/security/privacyidea.nix
|
||||
./services/security/shibboleth-sp.nix
|
||||
./services/security/sks.nix
|
||||
./services/security/sshguard.nix
|
||||
@ -1530,5 +1530,9 @@
|
||||
./virtualisation/waydroid.nix
|
||||
./virtualisation/xe-guest-utilities.nix
|
||||
./virtualisation/xen-dom0.nix
|
||||
{ documentation.nixos.extraModules = [ ./virtualisation/qemu-vm.nix ]; }
|
||||
{ documentation.nixos.extraModules = [
|
||||
./virtualisation/qemu-vm.nix
|
||||
./image/repart.nix
|
||||
];
|
||||
}
|
||||
]
|
||||
|
@ -54,7 +54,7 @@ in {
|
||||
};
|
||||
|
||||
imports = [
|
||||
(lib.mkRemovedOptionModule ["programs" "direnv" "persistDerivations"] "persistDerivations was removed as it is on longer necessary")
|
||||
(lib.mkRemovedOptionModule ["programs" "direnv" "persistDerivations"] "persistDerivations was removed as it is no longer necessary")
|
||||
];
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
@ -7,7 +7,7 @@ let
|
||||
options = {
|
||||
postgresqlPackage = mkOption {
|
||||
type = types.package;
|
||||
example = literalExpression "pkgs.postgresql_11";
|
||||
example = literalExpression "pkgs.postgresql_15";
|
||||
description = lib.mdDoc ''
|
||||
PostgreSQL package to use.
|
||||
'';
|
||||
@ -124,7 +124,7 @@ in {
|
||||
example = literalExpression ''
|
||||
{
|
||||
main = {
|
||||
postgresqlPackage = pkgs.postgresql_11;
|
||||
postgresqlPackage = pkgs.postgresql_15;
|
||||
directory = /mnt/pg_wal/main/;
|
||||
slot = "main_wal_receiver";
|
||||
connection = "postgresql://user@somehost";
|
||||
|
@ -17,9 +17,9 @@ PostgreSQL is an advanced, free relational database.
|
||||
To enable PostgreSQL, add the following to your {file}`configuration.nix`:
|
||||
```
|
||||
services.postgresql.enable = true;
|
||||
services.postgresql.package = pkgs.postgresql_11;
|
||||
services.postgresql.package = pkgs.postgresql_15;
|
||||
```
|
||||
Note that you are required to specify the desired version of PostgreSQL (e.g. `pkgs.postgresql_11`). Since upgrading your PostgreSQL version requires a database dump and reload (see below), NixOS cannot provide a default value for [](#opt-services.postgresql.package) such as the most recent release of PostgreSQL.
|
||||
Note that you are required to specify the desired version of PostgreSQL (e.g. `pkgs.postgresql_15`). Since upgrading your PostgreSQL version requires a database dump and reload (see below), NixOS cannot provide a default value for [](#opt-services.postgresql.package) such as the most recent release of PostgreSQL.
|
||||
|
||||
<!--
|
||||
After running {command}`nixos-rebuild`, you can verify
|
||||
@ -119,27 +119,27 @@ A complete list of options for the PostgreSQL module may be found [here](#opt-se
|
||||
|
||||
## Plugins {#module-services-postgres-plugins}
|
||||
|
||||
Plugins collection for each PostgreSQL version can be accessed with `.pkgs`. For example, for `pkgs.postgresql_11` package, its plugin collection is accessed by `pkgs.postgresql_11.pkgs`:
|
||||
Plugins collection for each PostgreSQL version can be accessed with `.pkgs`. For example, for `pkgs.postgresql_15` package, its plugin collection is accessed by `pkgs.postgresql_15.pkgs`:
|
||||
```ShellSession
|
||||
$ nix repl '<nixpkgs>'
|
||||
|
||||
Loading '<nixpkgs>'...
|
||||
Added 10574 variables.
|
||||
|
||||
nix-repl> postgresql_11.pkgs.<TAB><TAB>
|
||||
postgresql_11.pkgs.cstore_fdw postgresql_11.pkgs.pg_repack
|
||||
postgresql_11.pkgs.pg_auto_failover postgresql_11.pkgs.pg_safeupdate
|
||||
postgresql_11.pkgs.pg_bigm postgresql_11.pkgs.pg_similarity
|
||||
postgresql_11.pkgs.pg_cron postgresql_11.pkgs.pg_topn
|
||||
postgresql_11.pkgs.pg_hll postgresql_11.pkgs.pgjwt
|
||||
postgresql_11.pkgs.pg_partman postgresql_11.pkgs.pgroonga
|
||||
nix-repl> postgresql_15.pkgs.<TAB><TAB>
|
||||
postgresql_15.pkgs.cstore_fdw postgresql_15.pkgs.pg_repack
|
||||
postgresql_15.pkgs.pg_auto_failover postgresql_15.pkgs.pg_safeupdate
|
||||
postgresql_15.pkgs.pg_bigm postgresql_15.pkgs.pg_similarity
|
||||
postgresql_15.pkgs.pg_cron postgresql_15.pkgs.pg_topn
|
||||
postgresql_15.pkgs.pg_hll postgresql_15.pkgs.pgjwt
|
||||
postgresql_15.pkgs.pg_partman postgresql_15.pkgs.pgroonga
|
||||
...
|
||||
```
|
||||
|
||||
To add plugins via NixOS configuration, set `services.postgresql.extraPlugins`:
|
||||
```
|
||||
services.postgresql.package = pkgs.postgresql_11;
|
||||
services.postgresql.extraPlugins = with pkgs.postgresql_11.pkgs; [
|
||||
services.postgresql.package = pkgs.postgresql_12;
|
||||
services.postgresql.extraPlugins = with pkgs.postgresql_12.pkgs; [
|
||||
pg_repack
|
||||
postgis
|
||||
];
|
||||
@ -148,7 +148,7 @@ services.postgresql.extraPlugins = with pkgs.postgresql_11.pkgs; [
|
||||
You can build custom PostgreSQL-with-plugins (to be used outside of NixOS) using function `.withPackages`. For example, creating a custom PostgreSQL package in an overlay can look like:
|
||||
```
|
||||
self: super: {
|
||||
postgresql_custom = self.postgresql_11.withPackages (ps: [
|
||||
postgresql_custom = self.postgresql_12.withPackages (ps: [
|
||||
ps.pg_repack
|
||||
ps.postgis
|
||||
]);
|
||||
@ -158,9 +158,9 @@ self: super: {
|
||||
Here's a recipe on how to override a particular plugin through an overlay:
|
||||
```
|
||||
self: super: {
|
||||
postgresql_11 = super.postgresql_11.override { this = self.postgresql_11; } // {
|
||||
pkgs = super.postgresql_11.pkgs // {
|
||||
pg_repack = super.postgresql_11.pkgs.pg_repack.overrideAttrs (_: {
|
||||
postgresql_15 = super.postgresql_15.override { this = self.postgresql_15; } // {
|
||||
pkgs = super.postgresql_15.pkgs // {
|
||||
pg_repack = super.postgresql_15.pkgs.pg_repack.overrideAttrs (_: {
|
||||
name = "pg_repack-v20181024";
|
||||
src = self.fetchzip {
|
||||
url = "https://github.com/reorg/pg_repack/archive/923fa2f3c709a506e111cc963034bf2fd127aa00.tar.gz";
|
||||
|
@ -55,7 +55,7 @@ in
|
||||
|
||||
package = mkOption {
|
||||
type = types.package;
|
||||
example = literalExpression "pkgs.postgresql_11";
|
||||
example = literalExpression "pkgs.postgresql_15";
|
||||
description = lib.mdDoc ''
|
||||
PostgreSQL package to use.
|
||||
'';
|
||||
@ -78,7 +78,7 @@ in
|
||||
dataDir = mkOption {
|
||||
type = types.path;
|
||||
defaultText = literalExpression ''"/var/lib/postgresql/''${config.services.postgresql.package.psqlSchema}"'';
|
||||
example = "/var/lib/postgresql/11";
|
||||
example = "/var/lib/postgresql/15";
|
||||
description = lib.mdDoc ''
|
||||
The data directory for PostgreSQL. If left as the default value
|
||||
this directory will automatically be created before the PostgreSQL server starts, otherwise
|
||||
@ -387,7 +387,7 @@ in
|
||||
extraPlugins = mkOption {
|
||||
type = types.listOf types.path;
|
||||
default = [];
|
||||
example = literalExpression "with pkgs.postgresql_11.pkgs; [ postgis pg_repack ]";
|
||||
example = literalExpression "with pkgs.postgresql_15.pkgs; [ postgis pg_repack ]";
|
||||
description = lib.mdDoc ''
|
||||
List of PostgreSQL plugins. PostgreSQL version for each plugin should
|
||||
match version for `services.postgresql.package` value.
|
||||
@ -399,7 +399,7 @@ in
|
||||
default = {};
|
||||
description = lib.mdDoc ''
|
||||
PostgreSQL configuration. Refer to
|
||||
<https://www.postgresql.org/docs/11/config-setting.html#CONFIG-SETTING-CONFIGURATION-FILE>
|
||||
<https://www.postgresql.org/docs/15/config-setting.html#CONFIG-SETTING-CONFIGURATION-FILE>
|
||||
for an overview of `postgresql.conf`.
|
||||
|
||||
::: {.note}
|
||||
@ -461,7 +461,7 @@ in
|
||||
base = if versionAtLeast config.system.stateVersion "23.11" then pkgs.postgresql_15
|
||||
else if versionAtLeast config.system.stateVersion "22.05" then pkgs.postgresql_14
|
||||
else if versionAtLeast config.system.stateVersion "21.11" then pkgs.postgresql_13
|
||||
else if versionAtLeast config.system.stateVersion "20.03" then pkgs.postgresql_11
|
||||
else if versionAtLeast config.system.stateVersion "20.03" then mkThrow "11"
|
||||
else if versionAtLeast config.system.stateVersion "17.09" then mkThrow "9_6"
|
||||
else mkThrow "9_5";
|
||||
in
|
||||
|
39
nixos/modules/services/development/livebook.md
Normal file
39
nixos/modules/services/development/livebook.md
Normal file
@ -0,0 +1,39 @@
|
||||
# Livebook {#module-services-livebook}
|
||||
|
||||
[Livebook](https://livebook.dev/) is a web application for writing
|
||||
interactive and collaborative code notebooks.
|
||||
|
||||
## Basic Usage {#module-services-livebook-basic-usage}
|
||||
|
||||
Enabling the `livebook` service creates a user
|
||||
[`systemd`](https://www.freedesktop.org/wiki/Software/systemd/) unit
|
||||
which runs the server.
|
||||
|
||||
```
|
||||
{ ... }:
|
||||
|
||||
{
|
||||
services.livebook = {
|
||||
enableUserService = true;
|
||||
port = 20123;
|
||||
# See note below about security
|
||||
environmentFile = pkgs.writeText "livebook.env" ''
|
||||
LIVEBOOK_PASSWORD = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
|
||||
'';
|
||||
};
|
||||
}
|
||||
```
|
||||
|
||||
::: {.note}
|
||||
|
||||
The Livebook server has the ability to run any command as the user it
|
||||
is running under, so securing access to it with a password is highly
|
||||
recommended.
|
||||
|
||||
Putting the password in the Nix configuration like above is an easy
|
||||
way to get started but it is not recommended in the real world because
|
||||
the `livebook.env` file will be added to the world-readable Nix store.
|
||||
A better approach would be to put the password in some secure
|
||||
user-readable location and set `environmentFile = /home/user/secure/livebook.env`.
|
||||
|
||||
:::
|
90
nixos/modules/services/development/livebook.nix
Normal file
90
nixos/modules/services/development/livebook.nix
Normal file
@ -0,0 +1,90 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
cfg = config.services.livebook;
|
||||
in
|
||||
{
|
||||
options.services.livebook = {
|
||||
# Since livebook doesn't have a granular permission system (a user
|
||||
# either has access to all the data or none at all), the decision
|
||||
# was made to run this as a user service. If that changes in the
|
||||
# future, this can be changed to a system service.
|
||||
enableUserService = mkEnableOption "a user service for Livebook";
|
||||
|
||||
environmentFile = mkOption {
|
||||
type = types.path;
|
||||
description = lib.mdDoc ''
|
||||
Environment file as defined in {manpage}`systemd.exec(5)` passed to the service.
|
||||
|
||||
This must contain at least `LIVEBOOK_PASSWORD` or
|
||||
`LIVEBOOK_TOKEN_ENABLED=false`. See `livebook server --help`
|
||||
for other options.'';
|
||||
};
|
||||
|
||||
erlang_node_short_name = mkOption {
|
||||
type = with types; nullOr str;
|
||||
default = null;
|
||||
example = "livebook";
|
||||
description = "A short name for the distributed node.";
|
||||
};
|
||||
|
||||
erlang_node_name = mkOption {
|
||||
type = with types; nullOr str;
|
||||
default = null;
|
||||
example = "livebook@127.0.0.1";
|
||||
description = "The name for the app distributed node.";
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
default = 8080;
|
||||
description = "The port to start the web application on.";
|
||||
};
|
||||
|
||||
address = mkOption {
|
||||
type = types.str;
|
||||
default = "127.0.0.1";
|
||||
description = lib.mdDoc ''
|
||||
The address to start the web application on. Must be a valid IPv4 or
|
||||
IPv6 address.
|
||||
'';
|
||||
};
|
||||
|
||||
options = mkOption {
|
||||
type = with types; attrsOf str;
|
||||
default = { };
|
||||
description = lib.mdDoc ''
|
||||
Additional options to pass as command-line arguments to the server.
|
||||
'';
|
||||
example = literalExpression ''
|
||||
{
|
||||
cookie = "a value shared by all nodes in this cluster";
|
||||
}
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enableUserService {
|
||||
systemd.user.services.livebook = {
|
||||
serviceConfig = {
|
||||
Restart = "always";
|
||||
EnvironmentFile = cfg.environmentFile;
|
||||
ExecStart =
|
||||
let
|
||||
args = lib.cli.toGNUCommandLineShell { } ({
|
||||
inherit (cfg) port;
|
||||
ip = cfg.address;
|
||||
name = cfg.erlang_node_name;
|
||||
sname = cfg.erlang_node_short_name;
|
||||
} // cfg.options);
|
||||
in
|
||||
"${pkgs.livebook}/bin/livebook server ${args}";
|
||||
};
|
||||
path = [ pkgs.bash ];
|
||||
wantedBy = [ "default.target" ];
|
||||
};
|
||||
};
|
||||
|
||||
meta.doc = ./livebook.md;
|
||||
}
|
@ -3,8 +3,7 @@
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
eachBitcoind = config.services.bitcoind;
|
||||
eachBitcoind = filterAttrs (bitcoindName: cfg: cfg.enable) config.services.bitcoind;
|
||||
|
||||
rpcUserOpts = { name, ... }: {
|
||||
options = {
|
||||
|
@ -1,458 +0,0 @@
|
||||
{ config, lib, options, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.privacyidea;
|
||||
opt = options.services.privacyidea;
|
||||
|
||||
uwsgi = pkgs.uwsgi.override { plugins = [ "python3" ]; python3 = pkgs.python310; };
|
||||
python = uwsgi.python3;
|
||||
penv = python.withPackages (const [ pkgs.privacyidea ]);
|
||||
logCfg = pkgs.writeText "privacyidea-log.cfg" ''
|
||||
[formatters]
|
||||
keys=detail
|
||||
|
||||
[handlers]
|
||||
keys=stream
|
||||
|
||||
[formatter_detail]
|
||||
class=privacyidea.lib.log.SecureFormatter
|
||||
format=[%(asctime)s][%(process)d][%(thread)d][%(levelname)s][%(name)s:%(lineno)d] %(message)s
|
||||
|
||||
[handler_stream]
|
||||
class=StreamHandler
|
||||
level=NOTSET
|
||||
formatter=detail
|
||||
args=(sys.stdout,)
|
||||
|
||||
[loggers]
|
||||
keys=root,privacyidea
|
||||
|
||||
[logger_privacyidea]
|
||||
handlers=stream
|
||||
qualname=privacyidea
|
||||
level=INFO
|
||||
|
||||
[logger_root]
|
||||
handlers=stream
|
||||
level=ERROR
|
||||
'';
|
||||
|
||||
piCfgFile = pkgs.writeText "privacyidea.cfg" ''
|
||||
SUPERUSER_REALM = [ '${concatStringsSep "', '" cfg.superuserRealm}' ]
|
||||
SQLALCHEMY_DATABASE_URI = 'postgresql+psycopg2:///privacyidea'
|
||||
SECRET_KEY = '${cfg.secretKey}'
|
||||
PI_PEPPER = '${cfg.pepper}'
|
||||
PI_ENCFILE = '${cfg.encFile}'
|
||||
PI_AUDIT_KEY_PRIVATE = '${cfg.auditKeyPrivate}'
|
||||
PI_AUDIT_KEY_PUBLIC = '${cfg.auditKeyPublic}'
|
||||
PI_LOGCONFIG = '${logCfg}'
|
||||
${cfg.extraConfig}
|
||||
'';
|
||||
|
||||
renderValue = x:
|
||||
if isList x then concatMapStringsSep "," (x: ''"${x}"'') x
|
||||
else if isString x && hasInfix "," x then ''"${x}"''
|
||||
else x;
|
||||
|
||||
ldapProxyConfig = pkgs.writeText "ldap-proxy.ini"
|
||||
(generators.toINI {}
|
||||
(flip mapAttrs cfg.ldap-proxy.settings
|
||||
(const (mapAttrs (const renderValue)))));
|
||||
|
||||
privacyidea-token-janitor = pkgs.writeShellScriptBin "privacyidea-token-janitor" ''
|
||||
exec -a privacyidea-token-janitor \
|
||||
/run/wrappers/bin/sudo -u ${cfg.user} \
|
||||
env PRIVACYIDEA_CONFIGFILE=${cfg.stateDir}/privacyidea.cfg \
|
||||
${penv}/bin/privacyidea-token-janitor $@
|
||||
'';
|
||||
in
|
||||
|
||||
{
|
||||
options = {
|
||||
services.privacyidea = {
|
||||
enable = mkEnableOption (lib.mdDoc "PrivacyIDEA");
|
||||
|
||||
environmentFile = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
default = null;
|
||||
example = "/root/privacyidea.env";
|
||||
description = lib.mdDoc ''
|
||||
File to load as environment file. Environment variables
|
||||
from this file will be interpolated into the config file
|
||||
using `envsubst` which is helpful for specifying
|
||||
secrets:
|
||||
```
|
||||
{ services.privacyidea.secretKey = "$SECRET"; }
|
||||
```
|
||||
|
||||
The environment-file can now specify the actual secret key:
|
||||
```
|
||||
SECRET=veryverytopsecret
|
||||
```
|
||||
'';
|
||||
};
|
||||
|
||||
stateDir = mkOption {
|
||||
type = types.str;
|
||||
default = "/var/lib/privacyidea";
|
||||
description = lib.mdDoc ''
|
||||
Directory where all PrivacyIDEA files will be placed by default.
|
||||
'';
|
||||
};
|
||||
|
||||
superuserRealm = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [ "super" "administrators" ];
|
||||
description = lib.mdDoc ''
|
||||
The realm where users are allowed to login as administrators.
|
||||
'';
|
||||
};
|
||||
|
||||
secretKey = mkOption {
|
||||
type = types.str;
|
||||
example = "t0p s3cr3t";
|
||||
description = lib.mdDoc ''
|
||||
This is used to encrypt the auth_token.
|
||||
'';
|
||||
};
|
||||
|
||||
pepper = mkOption {
|
||||
type = types.str;
|
||||
example = "Never know...";
|
||||
description = lib.mdDoc ''
|
||||
This is used to encrypt the admin passwords.
|
||||
'';
|
||||
};
|
||||
|
||||
encFile = mkOption {
|
||||
type = types.str;
|
||||
default = "${cfg.stateDir}/enckey";
|
||||
defaultText = literalExpression ''"''${config.${opt.stateDir}}/enckey"'';
|
||||
description = lib.mdDoc ''
|
||||
This is used to encrypt the token data and token passwords
|
||||
'';
|
||||
};
|
||||
|
||||
auditKeyPrivate = mkOption {
|
||||
type = types.str;
|
||||
default = "${cfg.stateDir}/private.pem";
|
||||
defaultText = literalExpression ''"''${config.${opt.stateDir}}/private.pem"'';
|
||||
description = lib.mdDoc ''
|
||||
Private Key for signing the audit log.
|
||||
'';
|
||||
};
|
||||
|
||||
auditKeyPublic = mkOption {
|
||||
type = types.str;
|
||||
default = "${cfg.stateDir}/public.pem";
|
||||
defaultText = literalExpression ''"''${config.${opt.stateDir}}/public.pem"'';
|
||||
description = lib.mdDoc ''
|
||||
Public key for checking signatures of the audit log.
|
||||
'';
|
||||
};
|
||||
|
||||
adminPasswordFile = mkOption {
|
||||
type = types.path;
|
||||
description = lib.mdDoc "File containing password for the admin user";
|
||||
};
|
||||
|
||||
adminEmail = mkOption {
|
||||
type = types.str;
|
||||
example = "admin@example.com";
|
||||
description = lib.mdDoc "Mail address for the admin user";
|
||||
};
|
||||
|
||||
extraConfig = mkOption {
|
||||
type = types.lines;
|
||||
default = "";
|
||||
description = lib.mdDoc ''
|
||||
Extra configuration options for pi.cfg.
|
||||
'';
|
||||
};
|
||||
|
||||
user = mkOption {
|
||||
type = types.str;
|
||||
default = "privacyidea";
|
||||
description = lib.mdDoc "User account under which PrivacyIDEA runs.";
|
||||
};
|
||||
|
||||
group = mkOption {
|
||||
type = types.str;
|
||||
default = "privacyidea";
|
||||
description = lib.mdDoc "Group account under which PrivacyIDEA runs.";
|
||||
};
|
||||
|
||||
tokenjanitor = {
|
||||
enable = mkEnableOption (lib.mdDoc "automatic runs of the token janitor");
|
||||
interval = mkOption {
|
||||
default = "quarterly";
|
||||
type = types.str;
|
||||
description = lib.mdDoc ''
|
||||
Interval in which the cleanup program is supposed to run.
|
||||
See {manpage}`systemd.time(7)` for further information.
|
||||
'';
|
||||
};
|
||||
action = mkOption {
|
||||
type = types.enum [ "delete" "mark" "disable" "unassign" ];
|
||||
description = lib.mdDoc ''
|
||||
Which action to take for matching tokens.
|
||||
'';
|
||||
};
|
||||
unassigned = mkOption {
|
||||
default = false;
|
||||
type = types.bool;
|
||||
description = lib.mdDoc ''
|
||||
Whether to search for **unassigned** tokens
|
||||
and apply [](#opt-services.privacyidea.tokenjanitor.action)
|
||||
onto them.
|
||||
'';
|
||||
};
|
||||
orphaned = mkOption {
|
||||
default = true;
|
||||
type = types.bool;
|
||||
description = lib.mdDoc ''
|
||||
Whether to search for **orphaned** tokens
|
||||
and apply [](#opt-services.privacyidea.tokenjanitor.action)
|
||||
onto them.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
ldap-proxy = {
|
||||
enable = mkEnableOption (lib.mdDoc "PrivacyIDEA LDAP Proxy");
|
||||
|
||||
configFile = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
default = null;
|
||||
description = lib.mdDoc ''
|
||||
Path to PrivacyIDEA LDAP Proxy configuration (proxy.ini).
|
||||
'';
|
||||
};
|
||||
|
||||
user = mkOption {
|
||||
type = types.str;
|
||||
default = "pi-ldap-proxy";
|
||||
description = lib.mdDoc "User account under which PrivacyIDEA LDAP proxy runs.";
|
||||
};
|
||||
|
||||
group = mkOption {
|
||||
type = types.str;
|
||||
default = "pi-ldap-proxy";
|
||||
description = lib.mdDoc "Group account under which PrivacyIDEA LDAP proxy runs.";
|
||||
};
|
||||
|
||||
settings = mkOption {
|
||||
type = with types; attrsOf (attrsOf (oneOf [ str bool int (listOf str) ]));
|
||||
default = {};
|
||||
description = lib.mdDoc ''
|
||||
Attribute-set containing the settings for `privacyidea-ldap-proxy`.
|
||||
It's possible to pass secrets using env-vars as substitutes and
|
||||
use the option [](#opt-services.privacyidea.ldap-proxy.environmentFile)
|
||||
to inject them via `envsubst`.
|
||||
'';
|
||||
};
|
||||
|
||||
environmentFile = mkOption {
|
||||
default = null;
|
||||
type = types.nullOr types.str;
|
||||
description = lib.mdDoc ''
|
||||
Environment file containing secrets to be substituted into
|
||||
[](#opt-services.privacyidea.ldap-proxy.settings).
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = mkMerge [
|
||||
|
||||
(mkIf cfg.enable {
|
||||
|
||||
assertions = [
|
||||
{
|
||||
assertion = cfg.tokenjanitor.enable -> (cfg.tokenjanitor.orphaned || cfg.tokenjanitor.unassigned);
|
||||
message = ''
|
||||
privacyidea-token-janitor has no effect if neither orphaned nor unassigned tokens
|
||||
are to be searched.
|
||||
'';
|
||||
}
|
||||
];
|
||||
|
||||
environment.systemPackages = [ pkgs.privacyidea (hiPrio privacyidea-token-janitor) ];
|
||||
|
||||
services.postgresql.enable = mkDefault true;
|
||||
|
||||
systemd.services.privacyidea-tokenjanitor = mkIf cfg.tokenjanitor.enable {
|
||||
environment.PRIVACYIDEA_CONFIGFILE = "${cfg.stateDir}/privacyidea.cfg";
|
||||
path = [ penv ];
|
||||
serviceConfig = {
|
||||
CapabilityBoundingSet = [ "" ];
|
||||
ExecStart = "${pkgs.writeShellScript "pi-token-janitor" ''
|
||||
${optionalString cfg.tokenjanitor.orphaned ''
|
||||
echo >&2 "Removing orphaned tokens..."
|
||||
privacyidea-token-janitor find \
|
||||
--orphaned true \
|
||||
--action ${cfg.tokenjanitor.action}
|
||||
''}
|
||||
${optionalString cfg.tokenjanitor.unassigned ''
|
||||
echo >&2 "Removing unassigned tokens..."
|
||||
privacyidea-token-janitor find \
|
||||
--assigned false \
|
||||
--action ${cfg.tokenjanitor.action}
|
||||
''}
|
||||
''}";
|
||||
Group = cfg.group;
|
||||
LockPersonality = true;
|
||||
MemoryDenyWriteExecute = true;
|
||||
ProtectHome = true;
|
||||
ProtectHostname = true;
|
||||
ProtectKernelLogs = true;
|
||||
ProtectKernelModules = true;
|
||||
ProtectKernelTunables = true;
|
||||
ProtectSystem = "strict";
|
||||
ReadWritePaths = cfg.stateDir;
|
||||
Type = "oneshot";
|
||||
User = cfg.user;
|
||||
WorkingDirectory = cfg.stateDir;
|
||||
};
|
||||
};
|
||||
systemd.timers.privacyidea-tokenjanitor = mkIf cfg.tokenjanitor.enable {
|
||||
wantedBy = [ "timers.target" ];
|
||||
timerConfig.OnCalendar = cfg.tokenjanitor.interval;
|
||||
timerConfig.Persistent = true;
|
||||
};
|
||||
|
||||
systemd.services.privacyidea = let
|
||||
piuwsgi = pkgs.writeText "uwsgi.json" (builtins.toJSON {
|
||||
uwsgi = {
|
||||
buffer-size = 8192;
|
||||
plugins = [ "python3" ];
|
||||
pythonpath = "${penv}/${uwsgi.python3.sitePackages}";
|
||||
socket = "/run/privacyidea/socket";
|
||||
uid = cfg.user;
|
||||
gid = cfg.group;
|
||||
chmod-socket = 770;
|
||||
chown-socket = "${cfg.user}:nginx";
|
||||
chdir = cfg.stateDir;
|
||||
wsgi-file = "${penv}/etc/privacyidea/privacyideaapp.wsgi";
|
||||
processes = 4;
|
||||
harakiri = 60;
|
||||
reload-mercy = 8;
|
||||
stats = "/run/privacyidea/stats.socket";
|
||||
max-requests = 2000;
|
||||
limit-as = 1024;
|
||||
reload-on-as = 512;
|
||||
reload-on-rss = 256;
|
||||
no-orphans = true;
|
||||
vacuum = true;
|
||||
};
|
||||
});
|
||||
in {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "postgresql.service" ];
|
||||
path = with pkgs; [ openssl ];
|
||||
environment.PRIVACYIDEA_CONFIGFILE = "${cfg.stateDir}/privacyidea.cfg";
|
||||
preStart = let
|
||||
pi-manage = "${config.security.sudo.package}/bin/sudo -u privacyidea -HE ${penv}/bin/pi-manage";
|
||||
pgsu = config.services.postgresql.superUser;
|
||||
psql = config.services.postgresql.package;
|
||||
in ''
|
||||
mkdir -p ${cfg.stateDir} /run/privacyidea
|
||||
chown ${cfg.user}:${cfg.group} -R ${cfg.stateDir} /run/privacyidea
|
||||
umask 077
|
||||
${lib.getBin pkgs.envsubst}/bin/envsubst -o ${cfg.stateDir}/privacyidea.cfg \
|
||||
-i "${piCfgFile}"
|
||||
chown ${cfg.user}:${cfg.group} ${cfg.stateDir}/privacyidea.cfg
|
||||
if ! test -e "${cfg.stateDir}/db-created"; then
|
||||
${config.security.sudo.package}/bin/sudo -u ${pgsu} ${psql}/bin/createuser --no-superuser --no-createdb --no-createrole ${cfg.user}
|
||||
${config.security.sudo.package}/bin/sudo -u ${pgsu} ${psql}/bin/createdb --owner ${cfg.user} privacyidea
|
||||
${pi-manage} create_enckey
|
||||
${pi-manage} create_audit_keys
|
||||
${pi-manage} createdb
|
||||
${pi-manage} admin add admin -e ${cfg.adminEmail} -p "$(cat ${cfg.adminPasswordFile})"
|
||||
${pi-manage} db stamp head -d ${penv}/lib/privacyidea/migrations
|
||||
touch "${cfg.stateDir}/db-created"
|
||||
chmod g+r "${cfg.stateDir}/enckey" "${cfg.stateDir}/private.pem"
|
||||
fi
|
||||
${pi-manage} db upgrade -d ${penv}/lib/privacyidea/migrations
|
||||
'';
|
||||
serviceConfig = {
|
||||
Type = "notify";
|
||||
ExecStart = "${uwsgi}/bin/uwsgi --json ${piuwsgi}";
|
||||
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
|
||||
EnvironmentFile = lib.mkIf (cfg.environmentFile != null) cfg.environmentFile;
|
||||
ExecStop = "${pkgs.coreutils}/bin/kill -INT $MAINPID";
|
||||
NotifyAccess = "main";
|
||||
KillSignal = "SIGQUIT";
|
||||
};
|
||||
};
|
||||
|
||||
users.users.privacyidea = mkIf (cfg.user == "privacyidea") {
|
||||
group = cfg.group;
|
||||
isSystemUser = true;
|
||||
};
|
||||
|
||||
users.groups.privacyidea = mkIf (cfg.group == "privacyidea") {};
|
||||
})
|
||||
|
||||
(mkIf cfg.ldap-proxy.enable {
|
||||
|
||||
assertions = [
|
||||
{ assertion = let
|
||||
xor = a: b: a && !b || !a && b;
|
||||
in xor (cfg.ldap-proxy.settings == {}) (cfg.ldap-proxy.configFile == null);
|
||||
message = "configFile & settings are mutually exclusive for services.privacyidea.ldap-proxy!";
|
||||
}
|
||||
];
|
||||
|
||||
warnings = mkIf (cfg.ldap-proxy.configFile != null) [
|
||||
"Using services.privacyidea.ldap-proxy.configFile is deprecated! Use the RFC42-style settings option instead!"
|
||||
];
|
||||
|
||||
systemd.services.privacyidea-ldap-proxy = let
|
||||
ldap-proxy-env = pkgs.python3.withPackages (ps: [ ps.privacyidea-ldap-proxy ]);
|
||||
in {
|
||||
description = "privacyIDEA LDAP proxy";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
User = cfg.ldap-proxy.user;
|
||||
Group = cfg.ldap-proxy.group;
|
||||
StateDirectory = "privacyidea-ldap-proxy";
|
||||
EnvironmentFile = mkIf (cfg.ldap-proxy.environmentFile != null)
|
||||
[ cfg.ldap-proxy.environmentFile ];
|
||||
ExecStartPre =
|
||||
"${pkgs.writeShellScript "substitute-secrets-ldap-proxy" ''
|
||||
umask 0077
|
||||
${pkgs.envsubst}/bin/envsubst \
|
||||
-i ${ldapProxyConfig} \
|
||||
-o $STATE_DIRECTORY/ldap-proxy.ini
|
||||
''}";
|
||||
ExecStart = let
|
||||
configPath = if cfg.ldap-proxy.settings != {}
|
||||
then "%S/privacyidea-ldap-proxy/ldap-proxy.ini"
|
||||
else cfg.ldap-proxy.configFile;
|
||||
in ''
|
||||
${ldap-proxy-env}/bin/twistd \
|
||||
--nodaemon \
|
||||
--pidfile= \
|
||||
-u ${cfg.ldap-proxy.user} \
|
||||
-g ${cfg.ldap-proxy.group} \
|
||||
ldap-proxy \
|
||||
-c ${configPath}
|
||||
'';
|
||||
Restart = "always";
|
||||
};
|
||||
};
|
||||
|
||||
users.users.pi-ldap-proxy = mkIf (cfg.ldap-proxy.user == "pi-ldap-proxy") {
|
||||
group = cfg.ldap-proxy.group;
|
||||
isSystemUser = true;
|
||||
};
|
||||
|
||||
users.groups.pi-ldap-proxy = mkIf (cfg.ldap-proxy.group == "pi-ldap-proxy") {};
|
||||
})
|
||||
];
|
||||
|
||||
}
|
@ -352,6 +352,7 @@ in {
|
||||
};
|
||||
storage = {
|
||||
tmp = lib.mkDefault "/var/lib/peertube/storage/tmp/";
|
||||
tmp_persistent = lib.mkDefault "/var/lib/peertube/storage/tmp_persistent/";
|
||||
bin = lib.mkDefault "/var/lib/peertube/storage/bin/";
|
||||
avatars = lib.mkDefault "/var/lib/peertube/storage/avatars/";
|
||||
videos = lib.mkDefault "/var/lib/peertube/storage/videos/";
|
||||
@ -521,6 +522,21 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
locations."~ ^/api/v1/runners/jobs/[^/]+/(update|success)$" = {
|
||||
tryFiles = "/dev/null @api";
|
||||
root = cfg.settings.storage.tmp;
|
||||
priority = 1135;
|
||||
|
||||
extraConfig = ''
|
||||
client_max_body_size 12G;
|
||||
add_header X-File-Maximum-Size 8G always;
|
||||
'' + lib.optionalString cfg.enableWebHttps ''
|
||||
add_header Strict-Transport-Security 'max-age=63072000; includeSubDomains';
|
||||
'' + lib.optionalString config.services.nginx.virtualHosts.${cfg.localDomain}.http3 ''
|
||||
add_header Alt-Svc 'h3=":443"; ma=86400';
|
||||
'';
|
||||
};
|
||||
|
||||
locations."~ ^/api/v1/(videos|video-playlists|video-channels|users/me)" = {
|
||||
tryFiles = "/dev/null @api";
|
||||
priority = 1140;
|
||||
@ -607,70 +623,7 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
locations."^~ /lazy-static/avatars/" = {
|
||||
tryFiles = "$uri @api";
|
||||
root = cfg.settings.storage.avatars;
|
||||
priority = 1330;
|
||||
extraConfig = ''
|
||||
if ($request_method = 'OPTIONS') {
|
||||
${nginxCommonHeaders}
|
||||
add_header Access-Control-Max-Age 1728000;
|
||||
add_header Cache-Control 'no-cache';
|
||||
add_header Content-Type 'text/plain charset=UTF-8';
|
||||
add_header Content-Length 0;
|
||||
return 204;
|
||||
}
|
||||
|
||||
${nginxCommonHeaders}
|
||||
add_header Cache-Control 'public, max-age=7200';
|
||||
|
||||
rewrite ^/lazy-static/avatars/(.*)$ /$1 break;
|
||||
'';
|
||||
};
|
||||
|
||||
locations."^~ /lazy-static/banners/" = {
|
||||
tryFiles = "$uri @api";
|
||||
root = cfg.settings.storage.avatars;
|
||||
priority = 1340;
|
||||
extraConfig = ''
|
||||
if ($request_method = 'OPTIONS') {
|
||||
${nginxCommonHeaders}
|
||||
add_header Access-Control-Max-Age 1728000;
|
||||
add_header Cache-Control 'no-cache';
|
||||
add_header Content-Type 'text/plain charset=UTF-8';
|
||||
add_header Content-Length 0;
|
||||
return 204;
|
||||
}
|
||||
|
||||
${nginxCommonHeaders}
|
||||
add_header Cache-Control 'public, max-age=7200';
|
||||
|
||||
rewrite ^/lazy-static/banners/(.*)$ /$1 break;
|
||||
'';
|
||||
};
|
||||
|
||||
locations."^~ /lazy-static/previews/" = {
|
||||
tryFiles = "$uri @api";
|
||||
root = cfg.settings.storage.previews;
|
||||
priority = 1350;
|
||||
extraConfig = ''
|
||||
if ($request_method = 'OPTIONS') {
|
||||
${nginxCommonHeaders}
|
||||
add_header Access-Control-Max-Age 1728000;
|
||||
add_header Cache-Control 'no-cache';
|
||||
add_header Content-Type 'text/plain charset=UTF-8';
|
||||
add_header Content-Length 0;
|
||||
return 204;
|
||||
}
|
||||
|
||||
${nginxCommonHeaders}
|
||||
add_header Cache-Control 'public, max-age=7200';
|
||||
|
||||
rewrite ^/lazy-static/previews/(.*)$ /$1 break;
|
||||
'';
|
||||
};
|
||||
|
||||
locations."^~ /static/streaming-playlists/private/" = {
|
||||
locations."^~ /download/" = {
|
||||
proxyPass = "http://127.0.0.1:${toString cfg.listenHttp}";
|
||||
priority = 1410;
|
||||
extraConfig = ''
|
||||
@ -682,7 +635,7 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
locations."^~ /static/webseed/private/" = {
|
||||
locations."^~ /static/streaming-playlists/private/" = {
|
||||
proxyPass = "http://127.0.0.1:${toString cfg.listenHttp}";
|
||||
priority = 1420;
|
||||
extraConfig = ''
|
||||
@ -694,31 +647,34 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
locations."^~ /static/thumbnails/" = {
|
||||
tryFiles = "$uri @api";
|
||||
root = cfg.settings.storage.thumbnails;
|
||||
locations."^~ /static/web-videos/private/" = {
|
||||
proxyPass = "http://127.0.0.1:${toString cfg.listenHttp}";
|
||||
priority = 1430;
|
||||
extraConfig = ''
|
||||
if ($request_method = 'OPTIONS') {
|
||||
${nginxCommonHeaders}
|
||||
add_header Access-Control-Max-Age 1728000;
|
||||
add_header Cache-Control 'no-cache';
|
||||
add_header Content-Type 'text/plain charset=UTF-8';
|
||||
add_header Content-Length 0;
|
||||
return 204;
|
||||
}
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
|
||||
${nginxCommonHeaders}
|
||||
add_header Cache-Control 'public, max-age=7200';
|
||||
proxy_limit_rate 5M;
|
||||
'';
|
||||
};
|
||||
|
||||
rewrite ^/static/thumbnails/(.*)$ /$1 break;
|
||||
locations."^~ /static/webseed/private/" = {
|
||||
proxyPass = "http://127.0.0.1:${toString cfg.listenHttp}";
|
||||
priority = 1440;
|
||||
extraConfig = ''
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
|
||||
proxy_limit_rate 5M;
|
||||
'';
|
||||
};
|
||||
|
||||
locations."^~ /static/redundancy/" = {
|
||||
tryFiles = "$uri @api";
|
||||
root = cfg.settings.storage.redundancy;
|
||||
priority = 1440;
|
||||
priority = 1450;
|
||||
extraConfig = ''
|
||||
set $peertube_limit_rate 800k;
|
||||
|
||||
@ -753,7 +709,42 @@ in {
|
||||
locations."^~ /static/streaming-playlists/" = {
|
||||
tryFiles = "$uri @api";
|
||||
root = cfg.settings.storage.streaming_playlists;
|
||||
priority = 1450;
|
||||
priority = 1460;
|
||||
extraConfig = ''
|
||||
set $peertube_limit_rate 800k;
|
||||
|
||||
if ($request_uri ~ -fragmented.mp4$) {
|
||||
set $peertube_limit_rate 5M;
|
||||
}
|
||||
|
||||
if ($request_method = 'OPTIONS') {
|
||||
${nginxCommonHeaders}
|
||||
add_header Access-Control-Max-Age 1728000;
|
||||
add_header Content-Type 'text/plain charset=UTF-8';
|
||||
add_header Content-Length 0;
|
||||
return 204;
|
||||
}
|
||||
if ($request_method = 'GET') {
|
||||
${nginxCommonHeaders}
|
||||
|
||||
access_log off;
|
||||
}
|
||||
|
||||
aio threads;
|
||||
sendfile on;
|
||||
sendfile_max_chunk 1M;
|
||||
|
||||
limit_rate $peertube_limit_rate;
|
||||
limit_rate_after 5M;
|
||||
|
||||
rewrite ^/static/streaming-playlists/(.*)$ /$1 break;
|
||||
'';
|
||||
};
|
||||
|
||||
locations."^~ /static/web-videos/" = {
|
||||
tryFiles = "$uri @api";
|
||||
root = cfg.settings.storage.streaming_playlists;
|
||||
priority = 1470;
|
||||
extraConfig = ''
|
||||
set $peertube_limit_rate 800k;
|
||||
|
||||
@ -788,7 +779,7 @@ in {
|
||||
locations."^~ /static/webseed/" = {
|
||||
tryFiles = "$uri @api";
|
||||
root = cfg.settings.storage.videos;
|
||||
priority = 1460;
|
||||
priority = 1480;
|
||||
extraConfig = ''
|
||||
set $peertube_limit_rate 800k;
|
||||
|
||||
|
@ -239,6 +239,26 @@ let
|
||||
mkService = name: container: let
|
||||
dependsOn = map (x: "${cfg.backend}-${x}.service") container.dependsOn;
|
||||
escapedName = escapeShellArg name;
|
||||
preStartScript = pkgs.writeShellApplication {
|
||||
name = "pre-start";
|
||||
runtimeInputs = [ ];
|
||||
text = ''
|
||||
${cfg.backend} rm -f ${name} || true
|
||||
${optionalString (isValidLogin container.login) ''
|
||||
cat ${container.login.passwordFile} | \
|
||||
${cfg.backend} login \
|
||||
${container.login.registry} \
|
||||
--username ${container.login.username} \
|
||||
--password-stdin
|
||||
''}
|
||||
${optionalString (container.imageFile != null) ''
|
||||
${cfg.backend} load -i ${container.imageFile}
|
||||
''}
|
||||
${optionalString (cfg.backend == "podman") ''
|
||||
rm -f /run/podman-${escapedName}.ctr-id
|
||||
''}
|
||||
'';
|
||||
};
|
||||
in {
|
||||
wantedBy = [] ++ optional (container.autoStart) "multi-user.target";
|
||||
after = lib.optionals (cfg.backend == "docker") [ "docker.service" "docker.socket" ]
|
||||
@ -253,23 +273,6 @@ let
|
||||
else if cfg.backend == "podman" then [ config.virtualisation.podman.package ]
|
||||
else throw "Unhandled backend: ${cfg.backend}";
|
||||
|
||||
preStart = ''
|
||||
${cfg.backend} rm -f ${name} || true
|
||||
${optionalString (isValidLogin container.login) ''
|
||||
cat ${container.login.passwordFile} | \
|
||||
${cfg.backend} login \
|
||||
${container.login.registry} \
|
||||
--username ${container.login.username} \
|
||||
--password-stdin
|
||||
''}
|
||||
${optionalString (container.imageFile != null) ''
|
||||
${cfg.backend} load -i ${container.imageFile}
|
||||
''}
|
||||
${optionalString (cfg.backend == "podman") ''
|
||||
rm -f /run/podman-${escapedName}.ctr-id
|
||||
''}
|
||||
'';
|
||||
|
||||
script = concatStringsSep " \\\n " ([
|
||||
"exec ${cfg.backend} run"
|
||||
"--rm"
|
||||
@ -318,7 +321,7 @@ let
|
||||
###
|
||||
# ExecReload = ...;
|
||||
###
|
||||
|
||||
ExecStartPre = [ "${preStartScript}/bin/pre-start" ];
|
||||
TimeoutStartSec = 0;
|
||||
TimeoutStopSec = 120;
|
||||
Restart = "always";
|
||||
|
@ -10,7 +10,8 @@
|
||||
nix.channel.enable = true;
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
print(machine.succeed("cat /root/.nix-channels"))
|
||||
testScript = { nodes, ... }: ''
|
||||
assert machine.succeed("cat /root/.nix-channels") == "${nodes.machine.system.defaultChannel} nixos\n"
|
||||
'';
|
||||
|
||||
}
|
||||
|
@ -306,6 +306,7 @@ in {
|
||||
forgejo = handleTest ./forgejo.nix { };
|
||||
freenet = handleTest ./freenet.nix {};
|
||||
freeswitch = handleTest ./freeswitch.nix {};
|
||||
freetube = discoverTests (import ./freetube.nix);
|
||||
freshrss-sqlite = handleTest ./freshrss-sqlite.nix {};
|
||||
freshrss-pgsql = handleTest ./freshrss-pgsql.nix {};
|
||||
frigate = handleTest ./frigate.nix {};
|
||||
@ -371,6 +372,7 @@ in {
|
||||
honk = runTest ./honk.nix;
|
||||
installed-tests = pkgs.recurseIntoAttrs (handleTest ./installed-tests {});
|
||||
invidious = handleTest ./invidious.nix {};
|
||||
livebook-service = handleTest ./livebook-service.nix {};
|
||||
oci-containers = handleTestOn ["aarch64-linux" "x86_64-linux"] ./oci-containers.nix {};
|
||||
odoo = handleTest ./odoo.nix {};
|
||||
odoo15 = handleTest ./odoo.nix { package = pkgs.odoo15; };
|
||||
@ -571,7 +573,6 @@ in {
|
||||
nginx-njs = handleTest ./nginx-njs.nix {};
|
||||
nginx-proxyprotocol = handleTest ./nginx-proxyprotocol {};
|
||||
nginx-pubhtml = handleTest ./nginx-pubhtml.nix {};
|
||||
nginx-sandbox = handleTestOn ["x86_64-linux"] ./nginx-sandbox.nix {};
|
||||
nginx-sso = handleTest ./nginx-sso.nix {};
|
||||
nginx-status-page = handleTest ./nginx-status-page.nix {};
|
||||
nginx-tmpdir = handleTest ./nginx-tmpdir.nix {};
|
||||
@ -683,7 +684,6 @@ in {
|
||||
predictable-interface-names = handleTest ./predictable-interface-names.nix {};
|
||||
printing-socket = handleTest ./printing.nix { socket = true; };
|
||||
printing-service = handleTest ./printing.nix { socket = false; };
|
||||
privacyidea = handleTest ./privacyidea.nix {};
|
||||
privoxy = handleTest ./privoxy.nix {};
|
||||
prometheus = handleTest ./prometheus.nix {};
|
||||
prometheus-exporters = handleTest ./prometheus-exporters.nix {};
|
||||
|
41
nixos/tests/freetube.nix
Normal file
41
nixos/tests/freetube.nix
Normal file
@ -0,0 +1,41 @@
|
||||
let
|
||||
tests = {
|
||||
wayland = { pkgs, ... }: {
|
||||
imports = [ ./common/wayland-cage.nix ];
|
||||
services.cage.program = "${pkgs.freetube}/bin/freetube";
|
||||
virtualisation.memorySize = 2047;
|
||||
environment.variables.NIXOS_OZONE_WL = "1";
|
||||
environment.variables.DISPLAY = "do not use";
|
||||
};
|
||||
xorg = { pkgs, ... }: {
|
||||
imports = [ ./common/user-account.nix ./common/x11.nix ];
|
||||
virtualisation.memorySize = 2047;
|
||||
services.xserver.enable = true;
|
||||
services.xserver.displayManager.sessionCommands = ''
|
||||
${pkgs.freetube}/bin/freetube
|
||||
'';
|
||||
test-support.displayManager.auto.user = "alice";
|
||||
};
|
||||
};
|
||||
|
||||
mkTest = name: machine:
|
||||
import ./make-test-python.nix ({ pkgs, ... }: {
|
||||
inherit name;
|
||||
nodes = { "${name}" = machine; };
|
||||
meta.maintainers = with pkgs.lib.maintainers; [ kirillrdy ];
|
||||
enableOCR = true;
|
||||
|
||||
testScript = ''
|
||||
start_all()
|
||||
machine.wait_for_unit('graphical.target')
|
||||
machine.wait_for_text('Your Subscription list is currently empty')
|
||||
machine.send_key("ctrl-r")
|
||||
machine.wait_for_text('Your Subscription list is currently empty')
|
||||
machine.screenshot("main.png")
|
||||
machine.send_key("ctrl-comma")
|
||||
machine.wait_for_text('General Settings', timeout=30)
|
||||
machine.screenshot("preferences.png")
|
||||
'';
|
||||
});
|
||||
in
|
||||
builtins.mapAttrs (k: v: mkTest k v { }) tests
|
43
nixos/tests/livebook-service.nix
Normal file
43
nixos/tests/livebook-service.nix
Normal file
@ -0,0 +1,43 @@
|
||||
import ./make-test-python.nix ({ lib, pkgs, ... }: {
|
||||
name = "livebook-service";
|
||||
|
||||
nodes = {
|
||||
machine = { config, pkgs, ... }: {
|
||||
imports = [
|
||||
./common/user-account.nix
|
||||
];
|
||||
|
||||
services.livebook = {
|
||||
enableUserService = true;
|
||||
port = 20123;
|
||||
environmentFile = pkgs.writeText "livebook.env" ''
|
||||
LIVEBOOK_PASSWORD = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
|
||||
'';
|
||||
options = {
|
||||
cookie = "chocolate chip";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
testScript = { nodes, ... }:
|
||||
let
|
||||
user = nodes.machine.config.users.users.alice;
|
||||
sudo = lib.concatStringsSep " " [
|
||||
"XDG_RUNTIME_DIR=/run/user/${toString user.uid}"
|
||||
"sudo"
|
||||
"--preserve-env=XDG_RUNTIME_DIR"
|
||||
"-u"
|
||||
"alice"
|
||||
];
|
||||
in
|
||||
''
|
||||
machine.wait_for_unit("multi-user.target")
|
||||
|
||||
machine.succeed("loginctl enable-linger alice")
|
||||
machine.wait_until_succeeds("${sudo} systemctl --user is-active livebook.service")
|
||||
machine.wait_for_open_port(20123)
|
||||
|
||||
machine.succeed("curl -L localhost:20123 | grep 'Type password'")
|
||||
'';
|
||||
})
|
@ -1,65 +0,0 @@
|
||||
import ./make-test-python.nix ({ pkgs, ... }: {
|
||||
name = "nginx-sandbox";
|
||||
meta = with pkgs.lib.maintainers; {
|
||||
maintainers = [ izorkin ];
|
||||
};
|
||||
|
||||
# This test checks the creation and reading of a file in sandbox mode. Used simple lua script.
|
||||
|
||||
nodes.machine = { pkgs, ... }: {
|
||||
nixpkgs.overlays = [
|
||||
(self: super: {
|
||||
nginx-lua = super.nginx.override {
|
||||
modules = [
|
||||
pkgs.nginxModules.lua
|
||||
];
|
||||
};
|
||||
})
|
||||
];
|
||||
services.nginx.enable = true;
|
||||
services.nginx.package = pkgs.nginx-lua;
|
||||
services.nginx.virtualHosts.localhost = {
|
||||
extraConfig = ''
|
||||
location /test1-write {
|
||||
content_by_lua_block {
|
||||
local create = os.execute('${pkgs.coreutils}/bin/mkdir /tmp/test1-read')
|
||||
local create = os.execute('${pkgs.coreutils}/bin/touch /tmp/test1-read/foo.txt')
|
||||
local echo = os.execute('${pkgs.coreutils}/bin/echo worked > /tmp/test1-read/foo.txt')
|
||||
}
|
||||
}
|
||||
location /test1-read {
|
||||
root /tmp;
|
||||
}
|
||||
location /test2-write {
|
||||
content_by_lua_block {
|
||||
local create = os.execute('${pkgs.coreutils}/bin/mkdir /var/web/test2-read')
|
||||
local create = os.execute('${pkgs.coreutils}/bin/touch /var/web/test2-read/bar.txt')
|
||||
local echo = os.execute('${pkgs.coreutils}/bin/echo error-worked > /var/web/test2-read/bar.txt')
|
||||
}
|
||||
}
|
||||
location /test2-read {
|
||||
root /var/web;
|
||||
}
|
||||
'';
|
||||
};
|
||||
users.users.foo.isNormalUser = true;
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
machine.wait_for_unit("nginx")
|
||||
machine.wait_for_open_port(80)
|
||||
|
||||
# Checking write in temporary folder
|
||||
machine.succeed("$(curl -vvv http://localhost/test1-write)")
|
||||
machine.succeed('test "$(curl -fvvv http://localhost/test1-read/foo.txt)" = worked')
|
||||
|
||||
# Checking write in protected folder. In sandbox mode for the nginx service, the folder /var/web is mounted
|
||||
# in read-only mode.
|
||||
machine.succeed("mkdir -p /var/web")
|
||||
machine.succeed("chown nginx:nginx /var/web")
|
||||
machine.succeed("$(curl -vvv http://localhost/test2-write)")
|
||||
assert "404 Not Found" in machine.succeed(
|
||||
"curl -vvv -s http://localhost/test2-read/bar.txt"
|
||||
)
|
||||
'';
|
||||
})
|
@ -16,6 +16,12 @@ import ./make-test-python.nix ({ pkgs, lib, ... }:
|
||||
|
||||
nodes = {
|
||||
webserver = { pkgs, lib, ... }: {
|
||||
networking = {
|
||||
extraHosts = ''
|
||||
127.0.0.1 default.test
|
||||
127.0.0.1 sandbox.test
|
||||
'';
|
||||
};
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
package = pkgs.openresty;
|
||||
@ -24,7 +30,7 @@ import ./make-test-python.nix ({ pkgs, lib, ... }:
|
||||
lua_package_path '${luaPath};;';
|
||||
'';
|
||||
|
||||
virtualHosts."default" = {
|
||||
virtualHosts."default.test" = {
|
||||
default = true;
|
||||
locations."/" = {
|
||||
extraConfig = ''
|
||||
@ -36,6 +42,33 @@ import ./make-test-python.nix ({ pkgs, lib, ... }:
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
virtualHosts."sandbox.test" = {
|
||||
locations."/test1-write" = {
|
||||
extraConfig = ''
|
||||
content_by_lua_block {
|
||||
local create = os.execute('${pkgs.coreutils}/bin/mkdir /tmp/test1-read')
|
||||
local create = os.execute('${pkgs.coreutils}/bin/touch /tmp/test1-read/foo.txt')
|
||||
local echo = os.execute('${pkgs.coreutils}/bin/echo worked > /tmp/test1-read/foo.txt')
|
||||
}
|
||||
'';
|
||||
};
|
||||
locations."/test1-read" = {
|
||||
root = "/tmp";
|
||||
};
|
||||
locations."/test2-write" = {
|
||||
extraConfig = ''
|
||||
content_by_lua_block {
|
||||
local create = os.execute('${pkgs.coreutils}/bin/mkdir /var/web/test2-read')
|
||||
local create = os.execute('${pkgs.coreutils}/bin/touch /var/web/test2-read/bar.txt')
|
||||
local echo = os.execute('${pkgs.coreutils}/bin/echo error-worked > /var/web/test2-read/bar.txt')
|
||||
}
|
||||
'';
|
||||
};
|
||||
locations."/test2-read" = {
|
||||
root = "/var/web";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
@ -51,5 +84,18 @@ import ./make-test-python.nix ({ pkgs, lib, ... }:
|
||||
f"curl -w '%{{http_code}}' --head --fail {url}"
|
||||
)
|
||||
assert http_code.split("\n")[-1] == "200"
|
||||
|
||||
# This test checks the creation and reading of a file in sandbox mode.
|
||||
# Checking write in temporary folder
|
||||
webserver.succeed("$(curl -vvv http://sandbox.test/test1-write)")
|
||||
webserver.succeed('test "$(curl -fvvv http://sandbox.test/test1-read/foo.txt)" = worked')
|
||||
# Checking write in protected folder. In sandbox mode for the nginx service, the folder /var/web is mounted
|
||||
# in read-only mode.
|
||||
webserver.succeed("mkdir -p /var/web")
|
||||
webserver.succeed("chown nginx:nginx /var/web")
|
||||
webserver.succeed("$(curl -vvv http://sandbox.test/test2-write)")
|
||||
assert "404 Not Found" in machine.succeed(
|
||||
"curl -vvv -s http://sandbox.test/test2-read/bar.txt"
|
||||
)
|
||||
'';
|
||||
})
|
||||
|
@ -219,8 +219,6 @@ let
|
||||
in
|
||||
concatMapAttrs (name: package: {
|
||||
${name} = make-postgresql-test name package false;
|
||||
${name + "-backup-all"} = make-postgresql-test "${name + "-backup-all"}" package true;
|
||||
${name + "-clauses"} = mk-ensure-clauses-test name package;
|
||||
}) postgresql-versions
|
||||
// {
|
||||
postgresql_11-backup-all = make-postgresql-test "postgresql_11-backup-all" postgresql-versions.postgresql_11 true;
|
||||
}
|
||||
|
@ -1,43 +0,0 @@
|
||||
# Miscellaneous small tests that don't warrant their own VM run.
|
||||
|
||||
import ./make-test-python.nix ({ pkgs, ...} : rec {
|
||||
name = "privacyidea";
|
||||
meta = with pkgs.lib.maintainers; {
|
||||
maintainers = [ ];
|
||||
};
|
||||
|
||||
nodes.machine = { ... }: {
|
||||
virtualisation.cores = 2;
|
||||
|
||||
services.privacyidea = {
|
||||
enable = true;
|
||||
secretKey = "$SECRET_KEY";
|
||||
pepper = "$PEPPER";
|
||||
adminPasswordFile = pkgs.writeText "admin-password" "testing";
|
||||
adminEmail = "root@localhost";
|
||||
|
||||
# Don't try this at home!
|
||||
environmentFile = pkgs.writeText "pi-secrets.env" ''
|
||||
SECRET_KEY=testing
|
||||
PEPPER=testing
|
||||
'';
|
||||
};
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
virtualHosts."_".locations."/".extraConfig = ''
|
||||
uwsgi_pass unix:/run/privacyidea/socket;
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
machine.start()
|
||||
machine.wait_for_unit("multi-user.target")
|
||||
machine.succeed("curl --fail http://localhost | grep privacyIDEA")
|
||||
machine.succeed("grep \"SECRET_KEY = 'testing'\" /var/lib/privacyidea/privacyidea.cfg")
|
||||
machine.succeed("grep \"PI_PEPPER = 'testing'\" /var/lib/privacyidea/privacyidea.cfg")
|
||||
machine.succeed(
|
||||
"curl --fail http://localhost/auth -F username=admin -F password=testing | grep token"
|
||||
)
|
||||
'';
|
||||
})
|
@ -19,6 +19,8 @@ mkDerivation rec {
|
||||
|
||||
buildInputs = [ alsa-lib pipewire ];
|
||||
|
||||
cmakeFlags = [ "-DCONFIG_WAYLAND=ON" ];
|
||||
|
||||
meta = with lib; {
|
||||
description = "Qt graph manager for PipeWire, similar to QjackCtl.";
|
||||
longDescription = ''
|
||||
|
@ -11,13 +11,13 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "fulcrum";
|
||||
version = "1.9.2";
|
||||
version = "1.9.3";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "cculianu";
|
||||
repo = "Fulcrum";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-iHVrJySNdbZ9RXP7QgsDy2o2U/EISAp1/9NFpcEOGeI=";
|
||||
sha256 = "sha256-hSunoltau1eG0DDM/bxZ/ssxd7pbutNC34Nwtbu9Fqk=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ pkg-config qmake ];
|
||||
|
@ -5,11 +5,11 @@
|
||||
|
||||
let
|
||||
pname = "codux";
|
||||
version = "15.10.0";
|
||||
version = "15.13.0";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/wixplosives/codux-versions/releases/download/${version}/Codux-${version}.x86_64.AppImage";
|
||||
sha256 = "sha256-lz1dDbYq7aTGQoED07K8I9E0/XsnSlPL81/4W8Vix3E=";
|
||||
sha256 = "sha256-63t3v6abr9cZ0mKSPogevKwcFsvGh2udBPRn4k4XAd4=";
|
||||
};
|
||||
|
||||
appimageContents = appimageTools.extractType2 { inherit pname version src; };
|
||||
|
@ -688,6 +688,27 @@ let
|
||||
--replace '"mozc_emacs_helper"' '"${pkgs.ibus-engines.mozc}/lib/mozc/mozc_emacs_helper"'
|
||||
'';
|
||||
});
|
||||
|
||||
# Build a helper executable that interacts with the macOS Dictionary.app
|
||||
osx-dictionary =
|
||||
if pkgs.stdenv.isDarwin
|
||||
then super.osx-dictionary.overrideAttrs (old: {
|
||||
buildInputs =
|
||||
old.buildInputs ++
|
||||
(with pkgs.darwin.apple_sdk.frameworks; [CoreServices Foundation]);
|
||||
dontUnpack = false;
|
||||
buildPhase = (old.buildPhase or "") + ''
|
||||
cd source
|
||||
$CXX -O3 -framework CoreServices -framework Foundation osx-dictionary.m -o osx-dictionary-cli
|
||||
'';
|
||||
postInstall = (old.postInstall or "") + "\n" + ''
|
||||
outd=$out/share/emacs/site-lisp/elpa/osx-dictionary-*
|
||||
mkdir -p $out/bin
|
||||
install -m444 -t $out/bin osx-dictionary-cli
|
||||
rm $outd/osx-dictionary.m
|
||||
'';
|
||||
})
|
||||
else super.osx-dictionary;
|
||||
};
|
||||
|
||||
in lib.mapAttrs (n: v: if lib.hasAttr n overrides then overrides.${n} else v) super);
|
||||
|
File diff suppressed because it is too large
Load Diff
@ -11,13 +11,13 @@
|
||||
}:
|
||||
|
||||
let
|
||||
version = "0.45";
|
||||
version = "0.46";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "liuchengxu";
|
||||
repo = "vim-clap";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-espFos1Mrxdq2p+qi0ooTWAV8EgV/lTx9KuP3GkMWos=";
|
||||
hash = "sha256-KWBuoZ2GxjwIu7L1PPq/7u3iuYFp5QrlsleL2RQTdUE=";
|
||||
};
|
||||
|
||||
meta = with lib; {
|
||||
@ -47,8 +47,7 @@ let
|
||||
libgit2
|
||||
zlib
|
||||
] ++ lib.optionals stdenv.isDarwin [
|
||||
darwin.apple_sdk.frameworks.CoreFoundation
|
||||
darwin.apple_sdk.frameworks.Security
|
||||
darwin.apple_sdk.frameworks.CoreServices
|
||||
];
|
||||
};
|
||||
in
|
||||
|
@ -3537,15 +3537,15 @@ let
|
||||
mktplcRef = {
|
||||
name = "uiua-vscode";
|
||||
publisher = "uiua-lang";
|
||||
version = "0.0.21";
|
||||
sha256 = "sha256-u57U/MmxvionFZp/tLK/KpddaxA/SUffeggKBSzmsXo=";
|
||||
version = "0.0.22";
|
||||
sha256 = "sha256-fJcSJwwRVofduWEEMa5f2VrSfyONKPkFl9OW+++lSRw=";
|
||||
};
|
||||
meta = {
|
||||
description = "VSCode language extension for Uiua";
|
||||
downloadPage = "https://marketplace.visualstudio.com/items?itemName=uiua-lang.uiua-vscode";
|
||||
homepage = "https://github.com/uiua-lang/uiua-vscode";
|
||||
license = lib.licenses.mit;
|
||||
maintainers = [ lib.maintainers.wackbyte ];
|
||||
maintainers = with lib.maintainers; [ tomasajt wackbyte ];
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -38,14 +38,14 @@ let
|
||||
in
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "mame";
|
||||
version = "0.259";
|
||||
version = "0.260";
|
||||
srcVersion = builtins.replaceStrings [ "." ] [ "" ] version;
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "mamedev";
|
||||
repo = "mame";
|
||||
rev = "mame${srcVersion}";
|
||||
hash = "sha256-F8psPvwuaILXZF7dCStJApVTD9zzzBwjf1CKGelHlqE=";
|
||||
hash = "sha256-spWnaf7xXK2xzgdUagsgN5doVrpJk7EA6fzYd9FlFm0=";
|
||||
};
|
||||
|
||||
outputs = [ "out" "tools" ];
|
||||
|
@ -2,7 +2,7 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "imgcat";
|
||||
version = "2.5.1";
|
||||
version = "2.5.2";
|
||||
|
||||
buildInputs = [ ncurses cimg ];
|
||||
|
||||
@ -16,7 +16,7 @@ stdenv.mkDerivation rec {
|
||||
owner = "eddieantonio";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-EkVE6BgoA1lo4oqlNETTxLILIVvGXspFyXykxpmYk8M=";
|
||||
sha256 = "sha256-61xIB/Fa+Utu694aITzBoMQeYa0Trh5L0oIKp8Be+D0=";
|
||||
};
|
||||
|
||||
env.NIX_CFLAGS_COMPILE = "-Wno-error";
|
||||
|
@ -10,13 +10,13 @@
|
||||
|
||||
mkDerivation rec {
|
||||
pname = "ddcui";
|
||||
version = "0.3.0";
|
||||
version = "0.4.2";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "rockowitz";
|
||||
repo = "ddcui";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-P8dh6k8lht1/JNILzNZEyYD8loNoJjG5869K2Hl11z8=";
|
||||
sha256 = "sha256-T4/c8K1P/o91DWJik/9HtHav948vbVa40qPdy7nKmos=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
@ -28,7 +28,7 @@
|
||||
, isocodes
|
||||
, gtksourceview
|
||||
, gtksourceviewmm
|
||||
, postgresql_11
|
||||
, postgresql_15
|
||||
, gobject-introspection
|
||||
, yelp-tools
|
||||
, wrapGAppsHook
|
||||
@ -93,7 +93,7 @@ in stdenv.mkDerivation rec {
|
||||
python3.pkgs.pygobject3
|
||||
gtksourceview
|
||||
gtksourceviewmm
|
||||
postgresql_11 # for pg_config
|
||||
postgresql_15 # for postgresql utils
|
||||
];
|
||||
|
||||
enableParallelBuilding = true;
|
||||
@ -102,6 +102,7 @@ in stdenv.mkDerivation rec {
|
||||
|
||||
configureFlags = [
|
||||
"--with-boost-python=boost_python${lib.versions.major python3.version}${lib.versions.minor python3.version}"
|
||||
"--with-postgres-utils=${lib.getBin postgresql_15}/bin"
|
||||
];
|
||||
|
||||
makeFlags = [
|
||||
|
@ -2,13 +2,13 @@
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "limesctl";
|
||||
version = "3.3.0";
|
||||
version = "3.3.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "sapcc";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
hash = "sha256-zR0+tTPRdmv04t3V0KDA/hG5ZJMT2RYI3+2dkmZHdhk=";
|
||||
hash = "sha256-osXwVZuMB9cMj0tEMBOQ8hrKWAmfXui4ELoi0dm9yB4=";
|
||||
};
|
||||
|
||||
vendorHash = null;
|
||||
|
@ -1,263 +0,0 @@
|
||||
{ lib, fetchFromGitHub, cacert, openssl, nixosTests
|
||||
, python310, fetchPypi, fetchpatch
|
||||
}:
|
||||
|
||||
let
|
||||
dropDocOutput = { outputs, ... }: {
|
||||
outputs = lib.filter (x: x != "doc") outputs;
|
||||
};
|
||||
|
||||
# Follow issue below for Python 3.11 support
|
||||
# https://github.com/privacyidea/privacyidea/issues/3593
|
||||
python3' = python310.override {
|
||||
packageOverrides = self: super: {
|
||||
django = super.django_3;
|
||||
|
||||
sqlalchemy = super.sqlalchemy.overridePythonAttrs (oldAttrs: rec {
|
||||
version = "1.3.24";
|
||||
src = fetchPypi {
|
||||
inherit (oldAttrs) pname;
|
||||
inherit version;
|
||||
hash = "sha256-67t3fL+TEjWbiXv4G6ANrg9ctp+6KhgmXcwYpvXvdRk=";
|
||||
};
|
||||
doCheck = false;
|
||||
});
|
||||
# version 3.3.0+ does not support SQLAlchemy 1.3
|
||||
factory-boy = super.factory-boy.overridePythonAttrs (oldAttrs: rec {
|
||||
version = "3.2.1";
|
||||
src = oldAttrs.src.override {
|
||||
inherit version;
|
||||
hash = "sha256-qY0newwEfHXrbkq4UIp/gfsD0sshmG9ieRNUbveipV4=";
|
||||
};
|
||||
postPatch = "";
|
||||
});
|
||||
# fails with `no tests ran in 1.75s`
|
||||
alembic = super.alembic.overridePythonAttrs (lib.const {
|
||||
doCheck = false;
|
||||
});
|
||||
flask-migrate = super.flask-migrate.overridePythonAttrs (oldAttrs: rec {
|
||||
version = "2.7.0";
|
||||
src = fetchPypi {
|
||||
pname = "Flask-Migrate";
|
||||
inherit version;
|
||||
hash = "sha256-ri8FZxWIdi3YOiHYsYxR/jVehng+JFlJlf+Nc4Df/jg=";
|
||||
};
|
||||
});
|
||||
flask-sqlalchemy = super.flask-sqlalchemy.overridePythonAttrs (old: rec {
|
||||
version = "2.5.1";
|
||||
format = "setuptools";
|
||||
src = fetchPypi {
|
||||
pname = "Flask-SQLAlchemy";
|
||||
inherit version;
|
||||
hash = "sha256:2bda44b43e7cacb15d4e05ff3cc1f8bc97936cc464623424102bfc2c35e95912";
|
||||
};
|
||||
});
|
||||
# Taken from by https://github.com/NixOS/nixpkgs/pull/173090/commits/d2c0c7eb4cc91beb0a1adbaf13abc0a526a21708
|
||||
werkzeug = super.werkzeug.overridePythonAttrs (old: rec {
|
||||
version = "1.0.1";
|
||||
src = old.src.override {
|
||||
inherit version;
|
||||
hash = "sha256-bICx5a02ZSkOo5MguR4b4eDV9gZSuWSjBwIW3oPS5Hw=";
|
||||
};
|
||||
nativeCheckInputs = old.nativeCheckInputs ++ (with self; [
|
||||
requests
|
||||
]);
|
||||
doCheck = false;
|
||||
});
|
||||
# Required by flask-1.1
|
||||
jinja2 = super.jinja2.overridePythonAttrs (old: rec {
|
||||
version = "2.11.3";
|
||||
src = old.src.override {
|
||||
inherit version;
|
||||
hash = "sha256-ptWEM94K6AA0fKsfowQ867q+i6qdKeZo8cdoy4ejM8Y=";
|
||||
};
|
||||
patches = [
|
||||
# python 3.10 compat fixes. In later upstream releases, but these
|
||||
# are not compatible with flask 1 which we need here :(
|
||||
(fetchpatch {
|
||||
url = "https://github.com/thmo/jinja/commit/1efb4cc918b4f3d097c376596da101de9f76585a.patch";
|
||||
hash = "sha256-GFaSvYxgzOEFmnnDIfcf0ImScNTh1lR4lxt2Uz1DYdU=";
|
||||
})
|
||||
(fetchpatch {
|
||||
url = "https://github.com/mkrizek/jinja/commit/bd8bad37d1c0e2d8995a44fd88e234f5340afec5.patch";
|
||||
hash = "sha256-Uow+gaO+/dH6zavC0X/SsuMAfhTLRWpamVlL87DXDRA=";
|
||||
excludes = [ "CHANGES.rst" ];
|
||||
})
|
||||
];
|
||||
});
|
||||
# Required by jinja2-2.11.3
|
||||
markupsafe = super.markupsafe.overridePythonAttrs (old: rec {
|
||||
version = "2.0.1";
|
||||
src = old.src.override {
|
||||
inherit version;
|
||||
hash = "sha256-WUxngH+xYjizDES99082wCzfItHIzake+KDtjav1Ygo=";
|
||||
};
|
||||
});
|
||||
itsdangerous = super.itsdangerous.overridePythonAttrs (old: rec {
|
||||
version = "1.1.0";
|
||||
src = old.src.override {
|
||||
inherit version;
|
||||
hash = "sha256-MhsDPQfypBNtPsdi6snxahDM1g9TwMka+QIXrOe6Hxk=";
|
||||
};
|
||||
});
|
||||
flask = super.flask.overridePythonAttrs (old: rec {
|
||||
version = "1.1.4";
|
||||
src = old.src.override {
|
||||
inherit version;
|
||||
hash = "sha256-D762GA04OpGG0NbtlU4AQq2fGODo3giLK0GdUmkn0ZY=";
|
||||
};
|
||||
});
|
||||
sqlsoup = super.sqlsoup.overrideAttrs ({ meta ? {}, ... }: {
|
||||
meta = meta // { broken = false; };
|
||||
});
|
||||
click = super.click.overridePythonAttrs (old: rec {
|
||||
version = "7.1.2";
|
||||
src = old.src.override {
|
||||
inherit version;
|
||||
hash = "sha256-0rUlXHxjSbwb0eWeCM0SrLvWPOZJ8liHVXg6qU37axo=";
|
||||
};
|
||||
disabledTests = [ "test_bytes_args" ]; # https://github.com/pallets/click/commit/6e05e1fa1c2804
|
||||
});
|
||||
# Now requires `lingua` as check input that requires a newer `click`,
|
||||
# however `click-7` is needed by the older flask we need here. Since it's just
|
||||
# for the test-suite apparently, let's skip it for now.
|
||||
mako = super.mako.overridePythonAttrs (lib.const {
|
||||
nativeCheckInputs = [];
|
||||
doCheck = false;
|
||||
});
|
||||
# Requires pytest-httpserver as checkInput now which requires Werkzeug>=2 which is not
|
||||
# supported by current privacyIDEA.
|
||||
responses = super.responses.overridePythonAttrs (lib.const {
|
||||
doCheck = false;
|
||||
});
|
||||
flask-babel = (super.flask-babel.override {
|
||||
sphinxHook = null;
|
||||
furo = null;
|
||||
}).overridePythonAttrs (old: (dropDocOutput old) // rec {
|
||||
pname = "Flask-Babel";
|
||||
version = "2.0.0";
|
||||
format = "setuptools";
|
||||
src = fetchPypi {
|
||||
inherit pname;
|
||||
inherit version;
|
||||
hash = "sha256:f9faf45cdb2e1a32ea2ec14403587d4295108f35017a7821a2b1acb8cfd9257d";
|
||||
};
|
||||
disabledTests = [
|
||||
# AssertionError: assert 'Apr 12, 2010...46:00\u202fPM' == 'Apr 12, 2010, 1:46:00 PM'
|
||||
# Note the `\u202f` (narrow, no-break space) vs space.
|
||||
"test_basics"
|
||||
"test_init_app"
|
||||
"test_custom_locale_selector"
|
||||
"test_refreshing"
|
||||
];
|
||||
});
|
||||
psycopg2 = (super.psycopg2.override {
|
||||
sphinxHook = null;
|
||||
sphinx-better-theme = null;
|
||||
}).overridePythonAttrs dropDocOutput;
|
||||
pyjwt = (super.pyjwt.override {
|
||||
sphinxHook = null;
|
||||
sphinx-rtd-theme = null;
|
||||
}).overridePythonAttrs (old: (dropDocOutput old) // { format = "setuptools"; });
|
||||
beautifulsoup4 = (super.beautifulsoup4.override {
|
||||
sphinxHook = null;
|
||||
}).overridePythonAttrs dropDocOutput;
|
||||
pydash = (super.pydash.override {
|
||||
sphinx-rtd-theme = null;
|
||||
}).overridePythonAttrs (old: rec {
|
||||
version = "5.1.0";
|
||||
src = fetchPypi {
|
||||
inherit (old) pname;
|
||||
inherit version;
|
||||
hash = "sha256-GysFCsG64EnNB/WSCxT6u+UmOPSF2a2h6xFanuv/aDU=";
|
||||
};
|
||||
format = "setuptools";
|
||||
doCheck = false;
|
||||
});
|
||||
pyopenssl = (super.pyopenssl.override {
|
||||
sphinxHook = null;
|
||||
sphinx-rtd-theme = null;
|
||||
}).overridePythonAttrs dropDocOutput;
|
||||
deprecated = (super.deprecated.override {
|
||||
sphinxHook = null;
|
||||
}).overridePythonAttrs dropDocOutput;
|
||||
wrapt = (super.wrapt.override {
|
||||
sphinxHook = null;
|
||||
sphinx-rtd-theme = null;
|
||||
}).overridePythonAttrs dropDocOutput;
|
||||
};
|
||||
};
|
||||
in
|
||||
python3'.pkgs.buildPythonPackage rec {
|
||||
pname = "privacyIDEA";
|
||||
version = "3.8.1";
|
||||
format = "setuptools";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = pname;
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
hash = "sha256-SYXw8PBCb514v3rcy15W/vZS5JyMsu81D2sJmviLRtw=";
|
||||
fetchSubmodules = true;
|
||||
};
|
||||
|
||||
patches = [
|
||||
# https://github.com/privacyidea/privacyidea/pull/3611
|
||||
(fetchpatch {
|
||||
url = "https://github.com/privacyidea/privacyidea/commit/7db6509721726a34e8528437ddbd4210019b11ef.patch";
|
||||
sha256 = "sha256-ZvtauCs1vWyxzGbA0B2+gG8q5JyUO8DF8nm/3/vcYmE=";
|
||||
})
|
||||
];
|
||||
|
||||
propagatedBuildInputs = with python3'.pkgs; [
|
||||
cryptography pyrad pymysql python-dateutil flask-versioned flask-script
|
||||
defusedxml croniter flask-migrate pyjwt configobj sqlsoup pillow
|
||||
python-gnupg passlib pyopenssl beautifulsoup4 smpplib flask-babel
|
||||
ldap3 huey pyyaml qrcode oauth2client requests lxml cbor2 psycopg2
|
||||
pydash ecdsa google-auth importlib-metadata argon2-cffi bcrypt segno
|
||||
];
|
||||
|
||||
passthru.tests = { inherit (nixosTests) privacyidea; };
|
||||
|
||||
nativeCheckInputs = with python3'.pkgs; [ openssl mock pytestCheckHook responses testfixtures ];
|
||||
preCheck = "export HOME=$(mktemp -d)";
|
||||
postCheck = "unset HOME";
|
||||
disabledTests = [
|
||||
# expects `/home/` to exist, fails with `FileNotFoundError: [Errno 2] No such file or directory: '/home/'`.
|
||||
"test_01_loading_scripts"
|
||||
|
||||
# Tries to connect to `fcm.googleapis.com`.
|
||||
"test_02_api_push_poll"
|
||||
"test_04_decline_auth_request"
|
||||
|
||||
# Timezone info not available in build sandbox
|
||||
"test_14_convert_timestamp_to_utc"
|
||||
|
||||
# Fails because of different logger configurations
|
||||
"test_01_create_default_app"
|
||||
"test_03_logging_config_file"
|
||||
"test_04_logging_config_yaml"
|
||||
"test_05_logging_config_broken_yaml"
|
||||
];
|
||||
|
||||
pythonImportsCheck = [ "privacyidea" ];
|
||||
|
||||
postPatch = ''
|
||||
patchShebangs tests/testdata/scripts
|
||||
substituteInPlace privacyidea/lib/resolvers/LDAPIdResolver.py --replace \
|
||||
"/etc/privacyidea/ldap-ca.crt" \
|
||||
"${cacert}/etc/ssl/certs/ca-bundle.crt"
|
||||
'';
|
||||
|
||||
postInstall = ''
|
||||
rm -r $out/${python3'.sitePackages}/tests
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
description = "Multi factor authentication system (2FA, MFA, OTP Server)";
|
||||
license = licenses.agpl3Plus;
|
||||
homepage = "http://www.privacyidea.org";
|
||||
maintainers = with maintainers; [ ma27 ];
|
||||
platforms = platforms.linux;
|
||||
};
|
||||
}
|
@ -46,7 +46,7 @@ let
|
||||
, extraPrefs ? ""
|
||||
, extraPrefsFiles ? []
|
||||
# For more information about policies visit
|
||||
# https://github.com/mozilla/policy-templates#enterprisepoliciesenabled
|
||||
# https://mozilla.github.io/policy-templates/
|
||||
, extraPolicies ? {}
|
||||
, extraPoliciesFiles ? []
|
||||
, libName ? browser.libName or "firefox" # Important for tor package or the like
|
||||
|
@ -1,15 +1,15 @@
|
||||
{
|
||||
"packageVersion": "118.0.1-1",
|
||||
"packageVersion": "119.0-5",
|
||||
"source": {
|
||||
"rev": "118.0.1-1",
|
||||
"sha256": "1wdqiif1la97w9b3xsz20xrcg2d1c0j13pdfcj7z23jz8846iqk4"
|
||||
"rev": "119.0-5",
|
||||
"sha256": "0ql4i6b4fvydiyscj8ki2pnzr67bmb3azpdm6kk5y8yyw2697230"
|
||||
},
|
||||
"settings": {
|
||||
"rev": "9c862f06f970d69e00c1035e0d4774fb44fd84a6",
|
||||
"sha256": "0ay58wrhfn0b56748phpn0ahz11ls9y8d2fd1z4zrj6dv398vlmb"
|
||||
},
|
||||
"firefox": {
|
||||
"version": "118.0.1",
|
||||
"sha512": "b1efa1afea70434dc2a18d335bb8b526883cde200f1503b8c5fd2e7db8285e6a999cfa3aac354ea1c15a91d13a46d68db37023235314240b59eb8f55e01554ad"
|
||||
"version": "119.0",
|
||||
"sha512": "4b555c444add36567fd538752b122f227cf78bb70b72c79e6d8ae8d9c2e61c3cdacfae79c37970753b8b5c7716b28c686071eb7b551773c30a76852f3550676c"
|
||||
}
|
||||
}
|
||||
|
@ -2,16 +2,16 @@
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "helm-unittest";
|
||||
version = "0.3.3";
|
||||
version = "0.3.5";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = pname;
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
hash = "sha256-11rgARUfTbr8FkmR2lI4uoIqzi9cRuVPalUOsxsnO3E=";
|
||||
hash = "sha256-RgEYFTI1uaW1aTr+/lpKQ39o5CLsj/p0JeSTUXti/IM=";
|
||||
};
|
||||
|
||||
vendorHash = "sha256-E9HSP8c/rGG+PLbnT8V5GflpnFItCeXyeLGiqDj4tRI=";
|
||||
vendorHash = "sha256-P0PVzgaUN9X9x77v1psV13vNl06HrHbdlA1YHCq/eCo=";
|
||||
|
||||
# NOTE: Remove the install and upgrade hooks.
|
||||
postPatch = ''
|
||||
|
@ -22,6 +22,6 @@ buildGoModule rec {
|
||||
description = "A Kubernetes credential plugin implementing Azure authentication";
|
||||
inherit (src.meta) homepage;
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ yurrriq ];
|
||||
maintainers = [];
|
||||
};
|
||||
}
|
||||
|
@ -75,9 +75,9 @@ rec {
|
||||
|
||||
nomad_1_6 = generic {
|
||||
buildGoModule = buildGo121Module;
|
||||
version = "1.6.2";
|
||||
sha256 = "sha256-Q0RyO9FZWGxWgVmTU07/pw5P4Ebcwcednq8TDmshuAk=";
|
||||
vendorHash = "sha256-XCuWhKuBtSPTK8fXwgjMKMjwLnl1KWZKSJ4Ih9XDIDc=";
|
||||
version = "1.6.3";
|
||||
sha256 = "sha256-5UWGriDy15PX3+9UppcUsEwih/e9COLVBis3fn+24L0=";
|
||||
vendorHash = "sha256-gXoheW6Ww9Iu4utKNHweP2blzhWid+Q9Tp0ZgCmBAVg=";
|
||||
passthru.tests.nomad = nixosTests.nomad;
|
||||
preCheck = ''
|
||||
export PATH="$PATH:$NIX_BUILD_TOP/go/bin"
|
||||
|
@ -6,16 +6,16 @@
|
||||
|
||||
buildGo121Module rec {
|
||||
pname = "timoni";
|
||||
version = "0.14.2";
|
||||
version = "0.15.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "stefanprodan";
|
||||
repo = "timoni";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-45OIj57gb8njYoks7SgIlcMjz07ShEz2G/EECaTRTQg=";
|
||||
hash = "sha256-kMqQiFicuKa0j/li9UmitEeSof0vLlgGR4AMtJksROs=";
|
||||
};
|
||||
|
||||
vendorHash = "sha256-lRZFRnft8vEntVxiLOBcR00FP8AXexLyo3h2LCNWN00=";
|
||||
vendorHash = "sha256-tAqmTl+5tScXOaYWEvMs2RPTdyLTAemQN1VqOQGe6lU=";
|
||||
|
||||
subPackages = [ "cmd/timoni" ];
|
||||
nativeBuildInputs = [ installShellFiles ];
|
||||
|
@ -24,11 +24,11 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "liferea";
|
||||
version = "1.15.3";
|
||||
version = "1.15.4";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/lwindolf/${pname}/releases/download/v${version}/${pname}-${version}.tar.bz2";
|
||||
hash = "sha256-FKjsosSSW0U8fQwV6QYhsbuuaTeCt6SfHEcY0v5xUO4=";
|
||||
hash = "sha256-twczHU41xXJvBg4nTQyJrmNCCSoJWAnRLs4DV0uKpjE=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
@ -2,14 +2,14 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "libutp";
|
||||
version = "unstable-2023-08-04";
|
||||
version = "unstable-2023-10-16";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
# Use transmission fork from post-3.4-transmission branch
|
||||
owner = "transmission";
|
||||
repo = pname;
|
||||
rev = "09ef1be66397873516c799b4ec070690ff7365b2";
|
||||
hash = "sha256-DlEbU7uAcQOiBf7QS/1kiw3E0nk3xKhlzhAi8buQNCI=";
|
||||
rev = "2589200eac82fc91b65979680e4b3c026dff0278";
|
||||
hash = "sha256-wsDqdbMWVm3ubTbg5XClEWutJz1irSIazVLFeCyAAL4=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake ];
|
||||
|
@ -5,29 +5,20 @@
|
||||
, installShellFiles
|
||||
, jq
|
||||
, python3
|
||||
, fetchpatch
|
||||
}:
|
||||
|
||||
python3.pkgs.buildPythonApplication rec {
|
||||
pname = "todoman";
|
||||
version = "4.3.2";
|
||||
version = "4.4.0";
|
||||
format = "pyproject";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "pimutils";
|
||||
repo = pname;
|
||||
rev = "refs/tags/v${version}";
|
||||
hash = "sha256-dxyI9ypZZBouTUF72wzvi7j+CeoQ9JNSiXrVeV7ForY=";
|
||||
hash = "sha256-5tQaNT6QVN9mxa9t6OvMux4ZGy4flUqszTAwet2QL0w=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
(fetchpatch {
|
||||
name = "disable-broken-urwid-test.patch";
|
||||
url = "https://github.com/pimutils/todoman/commit/7ff0d2e2e69e24df5d66fecc58f8cd0b4e5ced6d.patch";
|
||||
hash = "sha256-MMNnnIthNqobexd8GaA6lYxzv5gr1l0e9YK+Ygeje2w=";
|
||||
})
|
||||
];
|
||||
|
||||
SETUPTOOLS_SCM_PRETEND_VERSION = version;
|
||||
|
||||
nativeBuildInputs = [
|
||||
@ -64,7 +55,7 @@ python3.pkgs.buildPythonApplication rec {
|
||||
|
||||
postInstall = ''
|
||||
installShellCompletion --bash contrib/completion/bash/_todo
|
||||
substituteInPlace contrib/completion/zsh/_todo --replace "jq " "${jq}/bin/jq "
|
||||
substituteInPlace contrib/completion/zsh/_todo --replace "jq " "${lib.getExe jq} "
|
||||
installShellCompletion --zsh contrib/completion/zsh/_todo
|
||||
'';
|
||||
|
||||
@ -85,7 +76,7 @@ python3.pkgs.buildPythonApplication rec {
|
||||
"todoman"
|
||||
];
|
||||
|
||||
meta = with lib; {
|
||||
meta = {
|
||||
homepage = "https://github.com/pimutils/todoman";
|
||||
description = "Standards-based task manager based on iCalendar";
|
||||
longDescription = ''
|
||||
@ -99,9 +90,9 @@ python3.pkgs.buildPythonApplication rec {
|
||||
now.
|
||||
Unsupported fields may not be shown but are never deleted or altered.
|
||||
'';
|
||||
changelog = "https://github.com/pimutils/todoman/raw/v${version}/CHANGELOG.rst";
|
||||
license = licenses.isc;
|
||||
maintainers = with maintainers; [ leenaars antonmosich ];
|
||||
changelog = "https://todoman.readthedocs.io/en/stable/changelog.html#v${builtins.replaceStrings ["."] ["-"] version}";
|
||||
license = lib.licenses.isc;
|
||||
maintainers = with lib.maintainers; [ leenaars antonmosich ];
|
||||
mainProgram = "todo";
|
||||
};
|
||||
}
|
||||
|
@ -24,7 +24,7 @@
|
||||
, libbladeRF
|
||||
, mbelib
|
||||
, ninja
|
||||
, opencv3
|
||||
, opencv4
|
||||
, pkg-config
|
||||
, qtcharts
|
||||
, qtdeclarative
|
||||
@ -52,13 +52,13 @@
|
||||
|
||||
stdenv.mkDerivation (finalAttrs: {
|
||||
pname = "sdrangel";
|
||||
version = "7.16.0";
|
||||
version = "7.17.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "f4exb";
|
||||
repo = "sdrangel";
|
||||
rev = "v${finalAttrs.version}";
|
||||
hash = "sha256-k35TZ2H8GX3gSYyb27hTY6gHHnxPkFwp1v4OJXhvV7A=";
|
||||
hash = "sha256-v2ESMFAbsYbZVVIHlGCU01QPDorUZyLiUEhexr6zF5o=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
@ -90,7 +90,7 @@ stdenv.mkDerivation (finalAttrs: {
|
||||
libusb1
|
||||
limesuite
|
||||
mbelib
|
||||
opencv3
|
||||
opencv4
|
||||
qtcharts
|
||||
qtdeclarative
|
||||
qtgamepad
|
||||
|
@ -9,13 +9,13 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "lean4";
|
||||
version = "4.1.0";
|
||||
version = "4.2.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "leanprover";
|
||||
repo = "lean4";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-6qbCafG0bL5KxQt2gL6hV4PFDsEMM0UXfldeOOqxsaE=";
|
||||
hash = "sha256-56YtHCiNMP5fJoddSokEl0ws06IwetYLer4aLCnujZA=";
|
||||
};
|
||||
|
||||
postPatch = ''
|
||||
|
@ -1,12 +1,13 @@
|
||||
{ config, stdenv, lib
|
||||
, fetchFromGitHub
|
||||
, fetchurl
|
||||
, fetchpatch
|
||||
, cmake
|
||||
, boost
|
||||
, gflags
|
||||
, glog
|
||||
, hdf5-cpp
|
||||
, opencv3
|
||||
, opencv4
|
||||
, protobuf
|
||||
, doxygen
|
||||
, blas
|
||||
@ -71,7 +72,7 @@ stdenv.mkDerivation rec {
|
||||
++ ["-DUSE_LEVELDB=${toggle leveldbSupport}"]
|
||||
++ ["-DUSE_LMDB=${toggle lmdbSupport}"];
|
||||
|
||||
buildInputs = [ boost gflags glog protobuf hdf5-cpp opencv3 blas ]
|
||||
buildInputs = [ boost gflags glog protobuf hdf5-cpp opencv4 blas ]
|
||||
++ lib.optional cudaSupport cudatoolkit
|
||||
++ lib.optional cudnnSupport cudnn
|
||||
++ lib.optional lmdbSupport lmdb
|
||||
@ -96,6 +97,11 @@ stdenv.mkDerivation rec {
|
||||
|
||||
patches = [
|
||||
./darwin.patch
|
||||
(fetchpatch {
|
||||
name = "support-opencv4";
|
||||
url = "https://github.com/BVLC/caffe/pull/6638/commits/0a04cc2ccd37ba36843c18fea2d5cbae6e7dd2b5.patch";
|
||||
hash = "sha256-ZegTvp0tTHlopQv+UzHDigs6XLkP2VfqLCWXl6aKJSI=";
|
||||
})
|
||||
] ++ lib.optional pythonSupport (substituteAll {
|
||||
src = ./python.patch;
|
||||
inherit (python.sourceVersion) major minor; # Should be changed in case of PyPy
|
||||
@ -148,7 +154,7 @@ stdenv.mkDerivation rec {
|
||||
'';
|
||||
homepage = "http://caffe.berkeleyvision.org/";
|
||||
maintainers = with maintainers; [ ];
|
||||
broken = pythonSupport && (python.isPy310);
|
||||
broken = (pythonSupport && (python.isPy310)) || cudaSupport;
|
||||
license = licenses.bsd2;
|
||||
platforms = platforms.linux ++ platforms.darwin;
|
||||
};
|
||||
|
@ -1,5 +1,5 @@
|
||||
{ config, stdenv, lib, fetchurl, fetchpatch, bash, cmake
|
||||
, opencv3, gtest, blas, gomp, llvmPackages, perl
|
||||
, opencv4, gtest, blas, gomp, llvmPackages, perl
|
||||
, cudaSupport ? config.cudaSupport, cudaPackages ? { }, nvidia_x11
|
||||
, cudnnSupport ? cudaSupport
|
||||
}:
|
||||
@ -37,7 +37,7 @@ stdenv.mkDerivation rec {
|
||||
|
||||
nativeBuildInputs = [ cmake perl ];
|
||||
|
||||
buildInputs = [ opencv3 gtest blas.provider ]
|
||||
buildInputs = [ opencv4 gtest blas.provider ]
|
||||
++ lib.optional stdenv.cc.isGNU gomp
|
||||
++ lib.optional stdenv.cc.isClang llvmPackages.openmp
|
||||
# FIXME: when cuda build is fixed, remove nvidia_x11, and use /run/opengl-driver/lib
|
||||
|
@ -27,14 +27,14 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "boinc";
|
||||
version = "7.24.1";
|
||||
version = "7.24.2";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
name = "${pname}-${version}-src";
|
||||
owner = "BOINC";
|
||||
repo = "boinc";
|
||||
rev = "client_release/${lib.versions.majorMinor version}/${version}";
|
||||
hash = "sha256-CAzAKxNHG8ew9v2B1jK7MxfWGwTfdmDncDe7QT+twd8=";
|
||||
hash = "sha256-Aaoqf53wagCkzkZUs7mVbE2Z2P6GvxiQYxPrL6ahGqA=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ libtool automake autoconf m4 pkg-config ];
|
||||
|
@ -10,7 +10,7 @@
|
||||
}:
|
||||
|
||||
let
|
||||
version = "5.12.167";
|
||||
version = "5.12.169";
|
||||
in
|
||||
rustPlatform.buildRustPackage {
|
||||
pname = "git-mit";
|
||||
@ -20,10 +20,10 @@ rustPlatform.buildRustPackage {
|
||||
owner = "PurpleBooth";
|
||||
repo = "git-mit";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-tselj673Zkur0IAuOt0l/RffJiA6x2PYkdV+dCrNx+M=";
|
||||
hash = "sha256-+PBZZhWTm+as6eZjPq+dsUVBOIPN2qvj3zoqN2+xEmA=";
|
||||
};
|
||||
|
||||
cargoHash = "sha256-t2u8umPy8fJLjbUEpkufE96n+FXcV0ZCVYrK0lNBhHA=";
|
||||
cargoHash = "sha256-TQR9yAV4aYuMH36hvx7y47403V7h54yCed44heSkMd8=";
|
||||
|
||||
nativeBuildInputs = [ pkg-config ];
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
{ stdenv, lib, fetchurl, appimageTools, makeWrapper, electron_22 }:
|
||||
{ stdenv, lib, fetchurl, appimageTools, makeWrapper, electron, nixosTests }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "freetube";
|
||||
@ -9,6 +9,8 @@ stdenv.mkDerivation rec {
|
||||
sha256 = "add96ad3509d4d5c6d8658b005dfd046963cd6bb0a4e1f3e88f726a86c05810f";
|
||||
};
|
||||
|
||||
passthru.tests = nixosTests.freetube;
|
||||
|
||||
appimageContents = appimageTools.extractType2 {
|
||||
name = "${pname}-${version}";
|
||||
inherit src;
|
||||
@ -35,9 +37,8 @@ stdenv.mkDerivation rec {
|
||||
runHook postInstall
|
||||
'';
|
||||
|
||||
# Electron version is set to 22 in order to match upstream
|
||||
postFixup = ''
|
||||
makeWrapper ${electron_22}/bin/electron $out/bin/${pname} \
|
||||
makeWrapper ${electron}/bin/electron $out/bin/${pname} \
|
||||
--add-flags $out/share/${pname}/resources/app.asar
|
||||
'';
|
||||
|
||||
@ -46,6 +47,6 @@ stdenv.mkDerivation rec {
|
||||
homepage = "https://freetubeapp.io/";
|
||||
license = licenses.agpl3Only;
|
||||
maintainers = with maintainers; [ ryneeverett alyaeanyx ];
|
||||
inherit (electron_22.meta) platforms;
|
||||
inherit (electron.meta) platforms;
|
||||
};
|
||||
}
|
||||
|
@ -42,6 +42,8 @@
|
||||
|
||||
obs-pipewire-audio-capture = callPackage ./obs-pipewire-audio-capture.nix { };
|
||||
|
||||
obs-replay-source = qt6Packages.callPackage ./obs-replay-source.nix { };
|
||||
|
||||
obs-rgb-levels-filter = callPackage ./obs-rgb-levels-filter.nix { };
|
||||
|
||||
obs-scale-to-sound = callPackage ./obs-scale-to-sound.nix { };
|
||||
|
@ -10,13 +10,13 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "obs-pipewire-audio-capture";
|
||||
version = "1.1.1";
|
||||
version = "1.1.2";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "dimtpap";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
sha256 = "sha256-D4ONz/4S5Kt23Tmfa6jvw0X7680R9YDqG8/N6HhIQLE=";
|
||||
sha256 = "sha256-9HPQ17swMlsCnKkYQXIUzEbx2vKuBUfGf58Up2hHVGI=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake ninja pkg-config ];
|
||||
|
@ -0,0 +1,40 @@
|
||||
{ stdenv
|
||||
, lib
|
||||
, fetchFromGitHub
|
||||
, cmake
|
||||
, libcaption
|
||||
, obs-studio
|
||||
, qtbase
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation (finalAttrs: {
|
||||
pname = "obs-replay-source";
|
||||
version = "1.6.12";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "exeldro";
|
||||
repo = "obs-replay-source";
|
||||
rev = finalAttrs.version;
|
||||
sha256 = "sha256-MzugH6r/jY5Kg7GIR8/o1BN36FenBzMnqrPUceJmbPs=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake ];
|
||||
buildInputs = [ libcaption obs-studio qtbase ];
|
||||
|
||||
postInstall = ''
|
||||
mkdir -p "$out/lib" "$out/share"
|
||||
mv "$out/obs-plugins/64bit" "$out/lib/obs-plugins"
|
||||
rm -rf "$out/obs-plugins"
|
||||
mv "$out/data" "$out/share/obs"
|
||||
'';
|
||||
|
||||
dontWrapQtApps = true;
|
||||
|
||||
meta = with lib; {
|
||||
description = "Replay source for OBS studio";
|
||||
homepage = "https://github.com/exeldro/obs-replay-source";
|
||||
license = licenses.gpl2Only;
|
||||
platforms = platforms.linux;
|
||||
maintainers = with maintainers; [ pschmitt ];
|
||||
};
|
||||
})
|
@ -39,13 +39,13 @@ let
|
||||
in
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "crun";
|
||||
version = "1.10";
|
||||
version = "1.11";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "containers";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
hash = "sha256-deva/IPyjcGGAnUIofev3RV2ia7uI+OgSiUz/GtHhxE=";
|
||||
hash = "sha256-38IqVt/XZeZQRXjiPNz4qDibBHMBVZwzAcxrobzEWdI=";
|
||||
fetchSubmodules = true;
|
||||
};
|
||||
|
||||
|
@ -41,6 +41,7 @@
|
||||
);
|
||||
|
||||
binRustcOpts = lib.concatStringsSep " " (
|
||||
[ "-C linker=${stdenv.cc}/bin/${stdenv.cc.targetPrefix}cc" ] ++
|
||||
baseRustcOpts
|
||||
);
|
||||
|
||||
|
38
pkgs/by-name/ax/axmldec/package.nix
Normal file
38
pkgs/by-name/ax/axmldec/package.nix
Normal file
@ -0,0 +1,38 @@
|
||||
{ lib
|
||||
, stdenv
|
||||
, fetchFromGitHub
|
||||
, cmake
|
||||
, doxygen
|
||||
, boost
|
||||
, zlib
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "axmldec";
|
||||
version = "1.2.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "ytsutano";
|
||||
repo = "axmldec";
|
||||
rev = "v${version}";
|
||||
fetchSubmodules = true;
|
||||
hash = "sha256-LFDZZbRDa8mQmglgS4DA/OqXp0HJZ2uqg1hbStdgvUw=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake doxygen ];
|
||||
buildInputs = [ boost zlib ];
|
||||
|
||||
meta = with lib; {
|
||||
description = "Stand-alone binary AndroidManifest.xml decoder";
|
||||
longDescription = ''
|
||||
This tool accepts either a binary or a text XML file and prints the
|
||||
decoded XML to the standard output or a file. It also allows you to
|
||||
extract the decoded AndroidManifest.xml directly from an APK file.
|
||||
'';
|
||||
homepage = "https://github.com/ytsutano/axmldec";
|
||||
license = licenses.isc;
|
||||
mainProgram = "axmldec";
|
||||
maintainers = with maintainers; [ franciscod ];
|
||||
platforms = platforms.unix ++ platforms.windows;
|
||||
};
|
||||
}
|
1
pkgs/by-name/ho/hottext/lock.json
Normal file
1
pkgs/by-name/ho/hottext/lock.json
Normal file
@ -0,0 +1 @@
|
||||
{"depends":[{"method":"fetchzip","path":"/nix/store/vx0a8hw7hs5an0dnbrn6l16bd6is7hdr-source","rev":"07f6ba8ab96238e5bd1264cf0cea1d1746abb00c","sha256":"005nrldaasfl09zdsni1vi8s7dk0y85ijv6rm2wpj94435x66s36","url":"https://github.com/treeform/flatty/archive/07f6ba8ab96238e5bd1264cf0cea1d1746abb00c.tar.gz","ref":"0.3.4","packages":["flatty"],"srcDir":"src"},{"method":"fetchzip","path":"/nix/store/lk4hcmvwvliliyyidx7k3fk9yfijddc5-source","rev":"b2e71179174e040884ebf6a16cbac711c84620b9","sha256":"0pi6cq43ysm1wy5vva3i2dqvyh4dqppjjjl04yj9wfq7mngpqaa1","url":"https://github.com/treeform/chroma/archive/b2e71179174e040884ebf6a16cbac711c84620b9.tar.gz","ref":"0.2.7","packages":["chroma"],"srcDir":"src"},{"method":"fetchzip","path":"/nix/store/bah1zq369ikykm6dz3r0hzhcq4s88sxq-source","rev":"a2a5165c36e0098dea526712890fb7e988ba27f2","sha256":"0n42hlvh0d9wkjr01p04jnkyn7y4y62pwjdcqw52absapbpsr1lb","url":"https://github.com/treeform/typography/archive/a2a5165c36e0098dea526712890fb7e988ba27f2.tar.gz","ref":"0.7.14","packages":["typography"],"srcDir":"src"},{"method":"fetchzip","path":"/nix/store/9hfg3703m28w76ics7rn0hw1qymz0jrh-source","rev":"156e424306756a106442aca985eed61a8d12097b","sha256":"0hg9iq509rjsgd33cp3452v7whgbc30b5lnajifkls0z66rc2ndh","url":"https://github.com/guzba/nimsimd/archive/156e424306756a106442aca985eed61a8d12097b.tar.gz","ref":"1.2.6","packages":["nimsimd"],"srcDir":"src"},{"method":"fetchzip","path":"/nix/store/xjk8cg4dmja48rcswy0nphy3xhmf7nsz-source","rev":"f3e73f722fbb0e5d496fbc59ee860a9fd49983de","sha256":"12mqlczckhxcrg6il213fn7mcnqz3khwkh7i4bn57l55nzrhfvrh","url":"https://github.com/treeform/pixie/archive/f3e73f722fbb0e5d496fbc59ee860a9fd49983de.tar.gz","ref":"5.0.6","packages":["pixie"],"srcDir":"src"},{"method":"fetchzip","path":"/nix/store/f9dp6njaay5rf32f6l9gkw0dm25gim47-source","rev":"7282ae1247f2f384ebeaec3826d7fa38fd0e1df1","sha256":"1plw9lfrm42qar01rnjhm0d9mkzsc7c3b8kz43w5pb8j8drx1lyn","url":"https://github.com/treeform/vmath/archive/7282ae1247f2f384ebeaec3826d7fa38fd0e1df1.tar.gz","ref":"2.0.0","packages":["vmath"],"srcDir":"src"},{"method":"fetchzip","path":"/nix/store/16h19n8ndv42v8gn2vfdisdszv2wrln1-source","rev":"fb09637d6ebd6416b322a2b9bb95dd513040dea7","sha256":"1lyfnirwpy12lq9gr0sbnkf7ih7ayfvb1acjxk2z5gzlgxm1azp1","url":"https://github.com/treeform/print/archive/fb09637d6ebd6416b322a2b9bb95dd513040dea7.tar.gz","ref":"1.0.2","packages":["print"],"srcDir":"src"},{"method":"fetchzip","path":"/nix/store/zrm3y895iwn057y5c4374bviih962w0v-source","rev":"d0c9ad33ae72aece49093d7688fc78a7101aa4b0","sha256":"14qgxcnyznjc180kdbilqzzya589rqaznfpp75yp37n47zdknfw0","url":"https://github.com/guzba/crunchy/archive/d0c9ad33ae72aece49093d7688fc78a7101aa4b0.tar.gz","ref":"0.1.9","packages":["crunchy"],"srcDir":"src"},{"method":"fetchzip","path":"/nix/store/da49jl6rhz6jlix6mds0alhlbq1qlkfy-source","rev":"84d4702e838d684b7304882ffe796f57ef422fb6","sha256":"1vilid9xx5mp2yvssa3wf6g9svqdan87090klis891k9w1dd8i51","url":"https://github.com/nim-lang/sdl2/archive/84d4702e838d684b7304882ffe796f57ef422fb6.tar.gz","ref":"v2.0.5","packages":["sdl2"],"srcDir":"src"},{"method":"fetchzip","path":"/nix/store/rpa0bv740i3yagp0ldkb68jp6scw4i5l-source","rev":"d7eaf00c24820ad0317c9926737402e62431e931","sha256":"0wrvdpvbwv4ysjsqc6hhvd97vql4k0m5l0zdrsrjlljd1n5g2haq","url":"https://github.com/treeform/bumpy/archive/d7eaf00c24820ad0317c9926737402e62431e931.tar.gz","ref":"1.1.2","packages":["bumpy"],"srcDir":"src"},{"method":"fetchzip","path":"/nix/store/b98qlpki45417ws4pmjq052q1s7333wc-source","rev":"a3fd6f0458ffdd7cbbd416be99f2ca80a7852d82","sha256":"0zmavr2jnyyqkvvi6hlg2kh6qv6lzakwvsqjy0sjm3qdsna0aldg","url":"https://github.com/guzba/zippy/archive/a3fd6f0458ffdd7cbbd416be99f2ca80a7852d82.tar.gz","ref":"0.10.10","packages":["zippy"],"srcDir":"src"}]}
|
41
pkgs/by-name/ho/hottext/package.nix
Normal file
41
pkgs/by-name/ho/hottext/package.nix
Normal file
@ -0,0 +1,41 @@
|
||||
{ lib, nim2Packages, fetchFromSourcehut, gentium, makeDesktopItem, nim_lk, SDL2 }:
|
||||
|
||||
nim2Packages.buildNimPackage (finalAttrs: {
|
||||
pname = "hottext";
|
||||
version = "20231003";
|
||||
|
||||
nimBinOnly = true;
|
||||
|
||||
src = fetchFromSourcehut {
|
||||
owner = "~ehmry";
|
||||
repo = "hottext";
|
||||
rev = finalAttrs.version;
|
||||
hash = "sha256-ncH/1PV4vZY7JCUJ87FPz5bdrQsNlYxzGdc5BQNfQeA=";
|
||||
};
|
||||
|
||||
buildInputs = [ SDL2 ];
|
||||
|
||||
nimFlags = nim_lk.passthru.nimFlagsFromLockFile ./lock.json;
|
||||
|
||||
HOTTEXT_FONT_PATH = "${gentium}/share/fonts/truetype/GentiumPlus-Regular.ttf";
|
||||
|
||||
desktopItem = makeDesktopItem {
|
||||
categories = [ "Utility" ];
|
||||
comment = finalAttrs.meta.description;
|
||||
desktopName = finalAttrs.pname;
|
||||
exec = finalAttrs.pname;
|
||||
name = finalAttrs.pname;
|
||||
};
|
||||
|
||||
postInstall = ''
|
||||
cp -r $desktopItem/* $out
|
||||
'';
|
||||
|
||||
meta = finalAttrs.src.meta // {
|
||||
description = "Simple RSVP speed-reading utility";
|
||||
license = lib.licenses.unlicense;
|
||||
homepage = "https://git.sr.ht/~ehmry/hottext";
|
||||
maintainers = with lib.maintainers; [ ehmry ];
|
||||
mainProgram = "hottext";
|
||||
};
|
||||
})
|
@ -2,25 +2,15 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "libcpuid";
|
||||
version = "0.6.3";
|
||||
version = "0.6.4";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "anrieff";
|
||||
repo = "libcpuid";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-lhoHqdS5tke462guORg+PURjVmjAgviT5KJHp6PyvUA=";
|
||||
sha256 = "sha256-Zs5GKvSasdfLqo8oErDQNAuXRG27Bm9vNwyooqbol0Q=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
# Fixes cross-compilation to NetBSD
|
||||
# https://github.com/anrieff/libcpuid/pull/190
|
||||
(fetchpatch {
|
||||
name = "pass-pthread-to-linker.patch";
|
||||
url = "https://github.com/anrieff/libcpuid/commit/c28436e7239f28dab0e2a3bcdbce95f41e1363b1.patch";
|
||||
sha256 = "sha256-J2mB010JcE4si0rERjcrL9kJgbWHKaQCIZPDkmRvcq4=";
|
||||
})
|
||||
];
|
||||
|
||||
nativeBuildInputs = [ autoreconfHook ];
|
||||
|
||||
meta = with lib; {
|
71
pkgs/by-name/mo/monophony/package.nix
Normal file
71
pkgs/by-name/mo/monophony/package.nix
Normal file
@ -0,0 +1,71 @@
|
||||
{ lib
|
||||
, fetchFromGitLab
|
||||
, python3Packages
|
||||
, wrapGAppsHook4
|
||||
, gst_all_1
|
||||
, gobject-introspection
|
||||
, yt-dlp
|
||||
, libadwaita
|
||||
, libsoup_3
|
||||
, glib-networking
|
||||
}:
|
||||
python3Packages.buildPythonApplication rec {
|
||||
pname = "monophony";
|
||||
version = "2.3.1";
|
||||
format = "other";
|
||||
|
||||
sourceRoot = "source/source";
|
||||
src = fetchFromGitLab {
|
||||
owner = "zehkira";
|
||||
repo = "monophony";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-dpRTHsujaIwzgr+qY5LC9xtXz40g3akdpEiHuxiilZM=";
|
||||
};
|
||||
|
||||
pythonPath = with python3Packages; [
|
||||
mpris-server
|
||||
pygobject3
|
||||
ytmusicapi
|
||||
];
|
||||
|
||||
nativeBuildInputs = [
|
||||
python3Packages.nuitka
|
||||
gobject-introspection
|
||||
wrapGAppsHook4
|
||||
];
|
||||
|
||||
buildInputs =
|
||||
[
|
||||
libadwaita
|
||||
# needed for gstreamer https
|
||||
libsoup_3
|
||||
glib-networking
|
||||
]
|
||||
++ (with gst_all_1; [
|
||||
gst-plugins-base
|
||||
gst-plugins-good
|
||||
gstreamer
|
||||
]);
|
||||
|
||||
installFlags = [ "prefix=$(out)" ];
|
||||
|
||||
preFixup = ''
|
||||
buildPythonPath "$pythonPath"
|
||||
gappsWrapperArgs+=(
|
||||
--prefix PYTHONPATH : "$program_PYTHONPATH"
|
||||
--prefix PATH : "${lib.makeBinPath [yt-dlp]}"
|
||||
# needed for gstreamer https
|
||||
--prefix LD_LIBRARY_PATH : "${libsoup_3.out}/lib"
|
||||
)
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
homepage = "https://gitlab.com/zehkira/monophony";
|
||||
description = "Linux app for streaming music from YouTube";
|
||||
longDescription = "Monophony is a free and open source Linux app for streaming music from YouTube. It has no ads and does not require an account.";
|
||||
license = licenses.agpl3Plus;
|
||||
mainProgram = "monophony";
|
||||
platforms = platforms.linux;
|
||||
maintainers = with maintainers; [ quadradical ];
|
||||
};
|
||||
}
|
1
pkgs/by-name/ni/nim_lk/lock.json
Normal file
1
pkgs/by-name/ni/nim_lk/lock.json
Normal file
@ -0,0 +1 @@
|
||||
{"depends":[{"method":"fetchzip","packages":["npeg"],"path":"/nix/store/ffkxmjmigfs7zhhiiqm0iw2c34smyciy-source","ref":"1.2.1","rev":"26d62fdc40feb84c6533956dc11d5ee9ea9b6c09","sha256":"0xpzifjkfp49w76qmaylan8q181bs45anmp46l4bwr3lkrr7bpwh","srcDir":"src","url":"https://github.com/zevv/npeg/archive/26d62fdc40feb84c6533956dc11d5ee9ea9b6c09.tar.gz"},{"method":"fetchzip","packages":["preserves"],"path":"/nix/store/nrcpzf9hx70kry3gwhrdzcs3qicjncjh-source","ref":"20231021","rev":"edece399be70818208bf2263c30cb2bcf435bbff","sha256":"0xmw35wmw3a4lja9q4qvlvpxv3xk0hnkjg4fwfw6f3inh6zfiqki","srcDir":"src","url":"https://git.syndicate-lang.org/ehmry/preserves-nim/archive/edece399be70818208bf2263c30cb2bcf435bbff.tar.gz"}]}
|
52
pkgs/by-name/ni/nim_lk/package.nix
Normal file
52
pkgs/by-name/ni/nim_lk/package.nix
Normal file
@ -0,0 +1,52 @@
|
||||
{ lib, buildPackages, nim2Packages, fetchFromSourcehut, openssl }:
|
||||
|
||||
nim2Packages.buildNimPackage (finalAttrs: {
|
||||
pname = "nim_lk";
|
||||
version = "20231031";
|
||||
nimBinOnly = true;
|
||||
|
||||
src = fetchFromSourcehut {
|
||||
owner = "~ehmry";
|
||||
repo = "nim_lk";
|
||||
rev = finalAttrs.version;
|
||||
hash = "sha256-dXm3dfXAxgucek19f1KdRShOsJyELPTB32qgGSKId6A=";
|
||||
};
|
||||
|
||||
buildInputs = [ openssl ];
|
||||
|
||||
nimFlags = finalAttrs.passthru.nimFlagsFromLockFile ./lock.json;
|
||||
|
||||
meta = finalAttrs.src.meta // {
|
||||
description = "Generate Nix specific lock files for Nim packages";
|
||||
homepage = "https://git.sr.ht/~ehmry/nim_lk";
|
||||
mainProgram = "nim_lk";
|
||||
license = lib.licenses.bsd3;
|
||||
platforms = lib.platforms.unix;
|
||||
maintainers = with lib.maintainers; [ ehmry ];
|
||||
};
|
||||
|
||||
passthru.nimFlagsFromLockFile = let
|
||||
fetchDependency = let
|
||||
methods = {
|
||||
fetchzip = { url, sha256, ... }:
|
||||
buildPackages.fetchzip {
|
||||
name = "source";
|
||||
inherit url sha256;
|
||||
};
|
||||
git = { fetchSubmodules, leaveDotGit, rev, sha256, url, ... }:
|
||||
buildPackages.fetchgit {
|
||||
inherit fetchSubmodules leaveDotGit rev sha256 url;
|
||||
};
|
||||
};
|
||||
in attrs@{ method, ... }: methods.${method} attrs // attrs;
|
||||
in lockFile:
|
||||
with builtins;
|
||||
lib.pipe lockFile [
|
||||
readFile
|
||||
fromJSON
|
||||
(getAttr "depends")
|
||||
(map fetchDependency)
|
||||
(map ({ outPath, srcDir, ... }: ''--path:"${outPath}/${srcDir}"''))
|
||||
];
|
||||
|
||||
})
|
102
pkgs/by-name/oc/ocsinventory-agent/package.nix
Normal file
102
pkgs/by-name/oc/ocsinventory-agent/package.nix
Normal file
@ -0,0 +1,102 @@
|
||||
{ lib
|
||||
, stdenv
|
||||
, perlPackages
|
||||
, fetchFromGitHub
|
||||
, makeWrapper
|
||||
, shortenPerlShebang
|
||||
, coreutils
|
||||
, dmidecode
|
||||
, findutils
|
||||
, inetutils
|
||||
, ipmitool
|
||||
, iproute2
|
||||
, lvm2
|
||||
, nmap
|
||||
, pciutils
|
||||
, usbutils
|
||||
, util-linux
|
||||
, testers
|
||||
, ocsinventory-agent
|
||||
, nix-update-script
|
||||
}:
|
||||
|
||||
perlPackages.buildPerlPackage rec {
|
||||
version = "2.10.1";
|
||||
pname = "ocsinventory-agent";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "OCSInventory-NG";
|
||||
repo = "UnixAgent";
|
||||
rev = "refs/tags/v${version}-MAC";
|
||||
hash = "sha256-aFzBrUsVttUhpYGEYd/yYuXmE90PGCiBmBsVjtHcHLg=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ makeWrapper ] ++ lib.optional stdenv.isDarwin shortenPerlShebang;
|
||||
|
||||
buildInputs = with perlPackages; [
|
||||
perl
|
||||
DataUUID
|
||||
IOCompress
|
||||
IOSocketSSL
|
||||
LWP
|
||||
LWPProtocolHttps
|
||||
NetIP
|
||||
NetNetmask
|
||||
NetSNMP
|
||||
ParseEDID
|
||||
ProcDaemon
|
||||
ProcPIDFile
|
||||
XMLSimple
|
||||
] ++ lib.optionals stdenv.isLinux (with perlPackages; [
|
||||
NetCUPS # cups-filters is broken on darwin
|
||||
]) ++ lib.optionals stdenv.isDarwin (with perlPackages; [
|
||||
MacSysProfile
|
||||
]);
|
||||
|
||||
postInstall = let
|
||||
runtimeDependencies = [
|
||||
coreutils # uname, cut, df, stat, uptime
|
||||
findutils # find
|
||||
inetutils # ifconfig
|
||||
ipmitool # ipmitool
|
||||
nmap # nmap
|
||||
pciutils # lspci
|
||||
] ++ lib.optionals stdenv.isLinux [
|
||||
dmidecode # dmidecode
|
||||
iproute2 # ip
|
||||
lvm2 # pvs
|
||||
usbutils # lsusb
|
||||
util-linux # last, lsblk, mount
|
||||
];
|
||||
in lib.optionalString stdenv.isDarwin ''
|
||||
shortenPerlShebang $out/bin/ocsinventory-agent
|
||||
'' + ''
|
||||
wrapProgram $out/bin/ocsinventory-agent --prefix PATH : ${lib.makeBinPath runtimeDependencies}
|
||||
'';
|
||||
|
||||
passthru = {
|
||||
tests.version = testers.testVersion {
|
||||
package = ocsinventory-agent;
|
||||
command = "ocsinventory-agent --version";
|
||||
# upstream has not updated version in lib/Ocsinventory/Agent/Config.pm
|
||||
version = "2.10.0";
|
||||
};
|
||||
updateScript = nix-update-script { };
|
||||
};
|
||||
|
||||
meta = with lib; {
|
||||
description = "OCS Inventory unified agent for Unix operating systems";
|
||||
longDescription = ''
|
||||
Open Computers and Software Inventory (OCS) is an application designed
|
||||
to help a network or system administrator to keep track of the hardware and
|
||||
software configurations of computers that are installed on the network.
|
||||
'';
|
||||
homepage = "https://ocsinventory-ng.org";
|
||||
changelog = "https://github.com/OCSInventory-NG/UnixAgent/releases/tag/v${version}";
|
||||
downloadPage = "https://github.com/OCSInventory-NG/UnixAgent/releases";
|
||||
license = licenses.gpl2Only;
|
||||
mainProgram = "ocsinventory-agent";
|
||||
maintainers = with maintainers; [ totoroot anthonyroussel ];
|
||||
platforms = platforms.unix;
|
||||
};
|
||||
}
|
@ -1,6 +1,7 @@
|
||||
{ lib
|
||||
, stdenv
|
||||
, fetchurl
|
||||
, callPackage
|
||||
, cmake
|
||||
, gmp
|
||||
, halibut
|
||||
@ -32,6 +33,12 @@ stdenv.mkDerivation (finalAttrs: {
|
||||
|
||||
strictDeps = true;
|
||||
|
||||
passthru.tests = {
|
||||
approximation = callPackage ./tests/approximation.nix {
|
||||
spigot = finalAttrs.finalPackage;
|
||||
};
|
||||
};
|
||||
|
||||
meta = {
|
||||
homepage = "https://www.chiark.greenend.org.uk/~sgtatham/spigot/";
|
||||
description = "A command-line exact real calculator";
|
21
pkgs/by-name/sp/spigot/tests/approximation.nix
Normal file
21
pkgs/by-name/sp/spigot/tests/approximation.nix
Normal file
@ -0,0 +1,21 @@
|
||||
{ lib
|
||||
, stdenv
|
||||
, spigot
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation {
|
||||
pname = "spigot-approximation";
|
||||
inherit (spigot) version;
|
||||
|
||||
nativeBuildInputs = [ spigot ];
|
||||
|
||||
dontInstall = true;
|
||||
|
||||
buildCommand = ''
|
||||
[ "$(spigot -b2 -d32 '(pi/1-355/113)')" = "-0.00000000000000000000010001111001" ]
|
||||
[ "$(spigot -b2 -d32 '(e/1-1457/536)')" = "-0.00000000000000000001110101101011" ]
|
||||
touch $out
|
||||
'';
|
||||
|
||||
meta.timeout = 10;
|
||||
}
|
@ -2,20 +2,21 @@
|
||||
, rustPlatform
|
||||
, fetchFromGitHub
|
||||
, installShellFiles
|
||||
, nix-update-script
|
||||
}:
|
||||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "thud";
|
||||
version = "0.3.0";
|
||||
version = "0.3.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "donovanglover";
|
||||
repo = "thud";
|
||||
rev = version;
|
||||
hash = "sha256-3MxmVKs0huXPnL9mqDniaIarkAvJmwSOMii2ntXtOos=";
|
||||
hash = "sha256-BmrJaZ1IKXjx4/QkBDZyXvTTaalfEOKsBp9ZCW8px7I=";
|
||||
};
|
||||
|
||||
cargoHash = "sha256-Hk3HlcA253FAA9hw5p9W+Mvec84zLo7bEmM2/BbmjiM=";
|
||||
cargoHash = "sha256-rmVVdes7GuGV+ClqJGxNIrs7oSwe8/ZHFD6OfP/UW7A=";
|
||||
|
||||
nativeBuildInputs = [
|
||||
installShellFiles
|
||||
@ -25,14 +26,16 @@ rustPlatform.buildRustPackage rec {
|
||||
install -Dm644 assets/thud.thumbnailer $out/share/thumbnailers/thud.thumbnailer
|
||||
substituteInPlace $out/share/thumbnailers/thud.thumbnailer --replace "thud" "$out/bin/thud"
|
||||
|
||||
installManPage man/thud.1
|
||||
installManPage target/man/thud.1
|
||||
|
||||
installShellCompletion --cmd thud \
|
||||
--bash <(cat completions/thud.bash) \
|
||||
--fish <(cat completions/thud.fish) \
|
||||
--zsh <(cat completions/_thud)
|
||||
--bash <(cat target/completions/thud.bash) \
|
||||
--fish <(cat target/completions/thud.fish) \
|
||||
--zsh <(cat target/completions/_thud)
|
||||
'';
|
||||
|
||||
passthru.updateScript = nix-update-script { };
|
||||
|
||||
meta = with lib; {
|
||||
description = "Generate directory thumbnails for GTK-based file browsers from images inside them";
|
||||
homepage = "https://github.com/donovanglover/thud";
|
||||
|
@ -14,16 +14,16 @@
|
||||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "uiua";
|
||||
version = "0.0.23";
|
||||
version = "0.0.25";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "uiua-lang";
|
||||
repo = "uiua";
|
||||
rev = version;
|
||||
hash = "sha256-+Q/dn0pGZ3R+UlAt9stQZU1n+WITujJzTxY5dpXc+Bc=";
|
||||
hash = "sha256-3ALtWcHLkwu+ddZfYMTtAPM9fQI4ceF0KG1jxozi3EQ=";
|
||||
};
|
||||
|
||||
cargoHash = "sha256-R4jQ9Or9vh3dtqJH7nPvYM4o1h277sFUf+nC1VQl1Uk=";
|
||||
cargoHash = "sha256-2qlvAZCKBZlkM7EYceITx1Py1/9F0dS2xorpCtKGi9I=";
|
||||
|
||||
nativeBuildInputs = lib.optionals stdenv.isDarwin [
|
||||
rustPlatform.bindgenHook
|
||||
|
@ -14,7 +14,7 @@ stdenvNoCC.mkDerivation {
|
||||
'';
|
||||
|
||||
meta = {
|
||||
description = "An Uiua font";
|
||||
description = "A Uiua font";
|
||||
homepage = "https://uiua.org/";
|
||||
license = lib.licenses.mit;
|
||||
maintainers = with lib.maintainers; [ skykanin ];
|
||||
|
@ -2,28 +2,25 @@
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "yggdrasil";
|
||||
version = "0.4.7";
|
||||
version = "0.5.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "yggdrasil-network";
|
||||
repo = "yggdrasil-go";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-01ciAutRIn4DmqlvDTXhRiuZHTtF8b6js7SUrLOjtAY=";
|
||||
sha256 = "sha256-JeeOT3fb+4+eUyWl7rAXa5+Yf1XCT20xJeCdhBC0oeo=";
|
||||
};
|
||||
|
||||
vendorHash = "sha256-hwDi59Yp92eMDqA8OD56nxsKSX2ngxs0lYdmEMLX+Oc=";
|
||||
|
||||
# Change the default location of the management socket on Linux
|
||||
# systems so that the yggdrasil system service unit does not have to
|
||||
# be granted write permission to /run.
|
||||
patches = [ ./change-runtime-dir.patch ];
|
||||
vendorHash = "sha256-yu725RgKDRmpNFNuffBFKZjZOFyzt00kKGuz696JHk0=";
|
||||
|
||||
subPackages = [ "cmd/genkeys" "cmd/yggdrasil" "cmd/yggdrasilctl" ];
|
||||
|
||||
ldflags = [
|
||||
"-X github.com/yggdrasil-network/yggdrasil-go/src/version.buildVersion=${version}"
|
||||
"-X github.com/yggdrasil-network/yggdrasil-go/src/version.buildName=${pname}"
|
||||
"-s" "-w"
|
||||
"-X github.com/yggdrasil-network/yggdrasil-go/src/config.defaultAdminListen=unix:///var/run/yggdrasil/yggdrasil.sock"
|
||||
"-s"
|
||||
"-w"
|
||||
];
|
||||
|
||||
passthru.tests.basic = nixosTests.yggdrasil;
|
@ -4,11 +4,11 @@
|
||||
}:
|
||||
stdenvNoCC.mkDerivation rec {
|
||||
pname = "commit-mono";
|
||||
version = "1.138";
|
||||
version = "1.139";
|
||||
|
||||
src = fetchzip {
|
||||
url = "https://github.com/eigilnikolajsen/commit-mono/releases/download/${version}/CommitMono-${version}.zip";
|
||||
sha256 = "sha256-ae2eeHh57i6d0kDMZ68aXvLGFj+rXhwg1CC8cV3ndAQ=";
|
||||
url = "https://github.com/eigilnikolajsen/commit-mono/releases/download/v${version}/CommitMono-${version}.zip";
|
||||
hash = "sha256-TrXuWQzNlJsFwwOsnLuCCEj/9B9XrTNHSDVES68gIYs=";
|
||||
stripRoot = false;
|
||||
};
|
||||
|
||||
@ -20,8 +20,8 @@ stdenvNoCC.mkDerivation rec {
|
||||
|
||||
installPhase = ''
|
||||
runHook preInstall
|
||||
install -Dm644 -t $out/share/fonts/opentype/ CommitMono-${version}/*.otf
|
||||
install -Dm644 -t $out/share/fonts/truetype/ CommitMono-${version}/ttfautohint/*.ttf
|
||||
install -Dm644 CommitMono-${version}/*.otf -t $out/share/fonts/opentype
|
||||
install -Dm644 CommitMono-${version}/ttfautohint/*.ttf -t $out/share/fonts/truetype
|
||||
runHook postInstall
|
||||
'';
|
||||
|
||||
|
@ -2,16 +2,16 @@
|
||||
|
||||
stdenvNoCC.mkDerivation (finalAttrs: {
|
||||
pname = "intel-one-mono";
|
||||
version = "1.2.1";
|
||||
version = "1.3.0";
|
||||
|
||||
srcs = [
|
||||
(fetchurl {
|
||||
url = "https://github.com/intel/intel-one-mono/releases/download/V${finalAttrs.version}/otf.zip";
|
||||
hash = "sha256-RBJwIUkmAZIRaIEWUxFZlRMfFTUFdLbHCMRkagU0gU0=";
|
||||
hash = "sha256-iZIfkXH+GplVwES4LaQBIaCWs7OKmEto9J2SpzvagSs=";
|
||||
})
|
||||
(fetchurl {
|
||||
url = "https://github.com/intel/intel-one-mono/releases/download/V${finalAttrs.version}/ttf.zip";
|
||||
hash = "sha256-DV/PT+P+GGq/ejS5cx5ENuCy+iiE32AMOirwuTCP3vY=";
|
||||
hash = "sha256-EeUTEMuoTHKmuO5Uj0jjiDRF9t7jxbIy45nTWozlgfc=";
|
||||
})
|
||||
];
|
||||
|
||||
|
@ -4,16 +4,16 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "unifont";
|
||||
version = "15.1.02";
|
||||
version = "15.1.03";
|
||||
|
||||
otf = fetchurl {
|
||||
url = "mirror://gnu/unifont/${pname}-${version}/${pname}-${version}.otf";
|
||||
hash = "sha256-fmhm74zc6wJK2f5XkDq/BRc5Lv+rCvcDRodgHCSiUQA=";
|
||||
hash = "sha256-DGRIxE0HDX/cx7mQMBmGgRrbbj7fzWDAOMlhZM1/EEw=";
|
||||
};
|
||||
|
||||
pcf = fetchurl {
|
||||
url = "mirror://gnu/unifont/${pname}-${version}/${pname}-${version}.pcf.gz";
|
||||
hash = "sha256-cCDXjSbpCe1U+Fx/xH/9NXWg6bkdRBV5AawFR0NyOHM=";
|
||||
hash = "sha256-/fogZ8mkOz/4YFZVxU3tTZfYwZw7zGizoQ3yQkF+aME=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ libfaketime xorg.fonttosfnt xorg.mkfontscale ];
|
||||
|
@ -19,13 +19,13 @@ lib.checkListOfEnum "${pname}: theme variants" [ "aliz" "azul" "sea" "pueril" "a
|
||||
|
||||
stdenvNoCC.mkDerivation rec {
|
||||
inherit pname;
|
||||
version = "2023-04-03";
|
||||
version = "2023-10-30";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "vinceliuice";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
sha256 = "mr9X7p/H8H2QKZxAQC9j/8OLK4D3EnWLxriFlh16diE=";
|
||||
sha256 = "+sWYUCFp5J+fhPHxicwtsHCQkFTpKwjj9H3GAXqNaYo=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
@ -9,16 +9,16 @@
|
||||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "erg";
|
||||
version = "0.6.23";
|
||||
version = "0.6.24";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "erg-lang";
|
||||
repo = "erg";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-7UzITXvEpzMdKj9YIsuz6uYBLtk//OmTlnUegTLu+HA=";
|
||||
hash = "sha256-J8Zw79TXYpDfnsx6UgB4sqY1vdwVHildqtCcXlBvUxQ=";
|
||||
};
|
||||
|
||||
cargoHash = "sha256-A2HjobYgM22CIWYJusJUfPObNHlhN7y1lsv2mVzvluk=";
|
||||
cargoHash = "sha256-4FhD9MvAhP88WGqVIUG2JHxd/gbDYf++bdlS6lVW0xs=";
|
||||
|
||||
nativeBuildInputs = [
|
||||
makeWrapper
|
||||
|
@ -8,6 +8,7 @@
|
||||
|
||||
inherit version;
|
||||
defaultVersion = with lib.versions; lib.switch [ coq.version mathcomp.version ] [
|
||||
{ cases = [ (range "8.16" "8.18") (isGe "2.0.0") ]; out = "2.0.0"; }
|
||||
{ cases = [ (range "8.15" "8.18") (isGe "1.15.0") ]; out = "1.1.3"; }
|
||||
{ cases = [ (range "8.13" "8.17") (isGe "1.13.0") ]; out = "1.1.1"; }
|
||||
{ cases = [ (range "8.10" "8.15") (isGe "1.12.0") ]; out = "1.1.0"; }
|
||||
@ -16,6 +17,7 @@
|
||||
{ cases = [ (isGe "8.7") "1.10.0" ]; out = "1.0.3"; }
|
||||
] null;
|
||||
|
||||
release."2.0.0".sha256 = "sha256-SG/KVnRJz2P+ZxkWVp1dDOnc/JVgigoexKfRUh1Y0GM";
|
||||
release."1.1.3".sha256 = "sha256-xhqWpg86xbU1GbDtXXInNCTArjjPnWZctWiiasq1ScU=";
|
||||
release."1.1.1".sha256 = "sha256-ExAdC3WuArNxS+Sa1r4x5aT7ylbCvP/BZXfkdQNAvZ8=";
|
||||
release."1.1.0".sha256 = "1vyhfna5frkkq2fl1fkg2mwzpg09k3sbzxxpyp14fjay81xajrxr";
|
||||
|
@ -10,10 +10,12 @@ mkCoqDerivation {
|
||||
release."1.2.4".sha256 = "sha256-iSW2O1kuunvOqTolmGGXmsYTxo2MJYCdW3BnEhp6Ksg=";
|
||||
release."1.2.5".sha256 = "sha256-3qOPNCRjGK2UdHGMSqElpIXhAPVCklpeQgZwf9AFals=";
|
||||
release."1.3.0".sha256 = "sha256-h9pa6vaKT6jCEaIdEdcu0498Ou5kEXtZdb9P7WXK1DQ=";
|
||||
release."1.3.1".sha256 = "sha256-wBizm1hJXPYBu0tHFNScQHd22FebsJYoggT5OlhY/zM=";
|
||||
|
||||
inherit version;
|
||||
defaultVersion = with lib.versions; lib.switch [ coq.version mathcomp.version ] [
|
||||
{ cases = [ (isGe "8.16") (isGe "2.0") ]; out = "1.3.0"; }
|
||||
{ cases = [ (isGe "8.16") (isGe "2.0") ]; out = "1.3.1"; }
|
||||
{ cases = [ (isGe "8.16") "2.0.0" ]; out = "1.3.0"; }
|
||||
{ cases = [ (isGe "8.11") (range "1.12" "1.17") ]; out = "1.2.5"; }
|
||||
{ cases = [ (isGe "8.11") (range "1.11" "1.14") ]; out = "1.2.4"; }
|
||||
{ cases = [ (isLe "8.13") (lib.pred.inter (isGe "1.11.0") (isLt "1.13")) ]; out = "1.2.3"; }
|
||||
|
@ -9,12 +9,14 @@ mkCoqDerivation {
|
||||
|
||||
defaultVersion = with lib.versions;
|
||||
lib.switch [ coq.coq-version mathcomp-algebra.version ] [
|
||||
{ cases = [ (range "8.16" "8.18") (isGe "2.0") ]; out = "1.2.2"; }
|
||||
{ cases = [ (range "8.16" "8.18") (isGe "1.15") ]; out = "1.1.1"; }
|
||||
{ cases = [ (range "8.13" "8.16") (isGe "1.12") ]; out = "1.0.0"; }
|
||||
] null;
|
||||
|
||||
release."1.0.0".sha256 = "sha256-kszARPBizWbxSQ/Iqpf2vLbxYc6AjpUCLnSNlPcNfls=";
|
||||
release."1.1.1".sha256 = "sha256-5wItMeeTRoJlRBH3zBNc2VUZn6pkDde60YAvXTx+J3U=";
|
||||
release."1.2.2".sha256 = "sha256-EU9RJGV3BvnmsX+mGH+6+MDXiGHgDI7aP5sIYiMUXTs=";
|
||||
|
||||
propagatedBuildInputs = [ mathcomp-algebra coq-elpi mathcomp-zify ];
|
||||
|
||||
|
@ -8,6 +8,7 @@ mkCoqDerivation {
|
||||
owner = "math-comp";
|
||||
inherit version;
|
||||
release = {
|
||||
"2.0.0".sha256 = "sha256-sZvfiC5+5Lg4nRhfKKqyFzovCj2foAhqaq/w9F2bdU8=";
|
||||
"1.1.4".sha256 = "sha256-8Hs6XfowbpeRD8RhMRf4ZJe2xf8kE0e8m7bPUzR/IM4=";
|
||||
"1.1.3".sha256 = "1vwmmnzy8i4f203i2s60dn9i0kr27lsmwlqlyyzdpsghvbr8h5b7";
|
||||
"1.1.2".sha256 = "0907x4nf7nnvn764q3x9lx41g74rilvq5cki5ziwgpsdgb98pppn";
|
||||
@ -19,6 +20,7 @@ mkCoqDerivation {
|
||||
};
|
||||
|
||||
defaultVersion = with lib.versions; lib.switch [ coq.version mathcomp.version ] [
|
||||
{ cases = [ (isGe "8.16") (isGe "2.0.0") ]; out = "2.0.0"; }
|
||||
{ cases = [ (isGe "8.13") (isGe "1.13.0") ]; out = "1.1.4"; }
|
||||
{ cases = [ (isGe "8.13") (isGe "1.12.0") ]; out = "1.1.3"; }
|
||||
{ cases = [ (isGe "8.10") (isGe "1.12.0") ]; out = "1.1.2"; }
|
||||
|
@ -8,8 +8,9 @@
|
||||
owner = "math-comp";
|
||||
|
||||
inherit version;
|
||||
defaultVersion = with lib.versions; lib.switch [ coq.version mathcomp.version ] [
|
||||
{ cases = [ (isGe "8.16") (isGe "2.0.0") ]; out = "2.0.0"; }
|
||||
defaultVersion = with lib.versions; lib.switch [ coq.version mathcomp.version ] [
|
||||
{ cases = [ (isGe "8.16") (isGe "2.1.0") ]; out = "2.1.0"; }
|
||||
{ cases = [ (isGe "8.16") "2.0.0" ]; out = "2.0.0"; }
|
||||
{ cases = [ (isGe "8.15") (range "1.15.0" "1.17.0") ]; out = "1.6.0"; }
|
||||
{ cases = [ (isGe "8.10") (range "1.13.0" "1.17.0") ]; out = "1.5.6"; }
|
||||
{ cases = [ (range "8.10" "8.16") (range "1.12.0" "1.15.0") ]; out = "1.5.5"; }
|
||||
@ -20,6 +21,7 @@
|
||||
{ cases = [ "8.6" (range "1.6" "1.7") ]; out = "1.1"; }
|
||||
] null;
|
||||
release = {
|
||||
"2.1.0".sha256 = "sha256-QT91SBJ6DXhyg4j/okTvPP6yj2DnnPbnSlJ/p8pvZbY=";
|
||||
"2.0.0".sha256 = "sha256-2zWHzMBsO2j8EjN7CgCmKQcku9Be8aVlme0LD5p4ab8=";
|
||||
"1.6.0".sha256 = "sha256-lEM+sjqajIOm1c3lspHqcSIARgMR9RHbTQH4veHLJfU=";
|
||||
"1.5.6".sha256 = "sha256-cMixgc34T9Ic6v+tYmL49QUNpZpPV5ofaNuHqblX6oY=";
|
||||
|
@ -1,20 +1,22 @@
|
||||
{ lib, mkCoqDerivation, coq, ssreflect, version ? null }:
|
||||
{ lib, mkCoqDerivation, coq, mathcomp, version ? null }:
|
||||
|
||||
mkCoqDerivation {
|
||||
pname = "reglang";
|
||||
|
||||
releaseRev = v: "v${v}";
|
||||
|
||||
release."1.2.0".sha256 = "sha256-gSqQ7D2HLwM4oYopTWkMFYfYXxsH/7VxI3AyrLwNf3o=";
|
||||
release."1.1.3".sha256 = "sha256-kaselYm8K0JBsTlcI6K24m8qpv8CZ9+VNDJrOtFaExg=";
|
||||
release."1.1.2".sha256 = "sha256-SEnMilLNxh6a3oiDNGLaBr8quQ/nO2T9Fwdf/1il2Yk=";
|
||||
|
||||
inherit version;
|
||||
defaultVersion = with lib.versions; lib.switch coq.coq-version [
|
||||
{ case = range "8.10" "8.18"; out = "1.1.3"; }
|
||||
defaultVersion = with lib.versions; lib.switch [ coq.coq-version mathcomp.version ] [
|
||||
{ cases = [ (range "8.16" "8.18") (isGe "2.0.0") ]; out = "1.2.0"; }
|
||||
{ cases = [ (range "8.10" "8.18") (isLt "2.0.0") ]; out = "1.1.3"; }
|
||||
] null;
|
||||
|
||||
|
||||
propagatedBuildInputs = [ ssreflect ];
|
||||
propagatedBuildInputs = [ mathcomp.ssreflect ];
|
||||
|
||||
meta = with lib; {
|
||||
description = "Regular Language Representations in Coq";
|
||||
|
@ -2,13 +2,13 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "luau";
|
||||
version = "0.600";
|
||||
version = "0.601";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "Roblox";
|
||||
repo = "luau";
|
||||
rev = version;
|
||||
hash = "sha256-fu4ALQ6mpxSQAWdz6zzcHRC4Z5ykVB0G7e2QzpHt8K8=";
|
||||
hash = "sha256-RkclNY5ZDP0Urht/JBx00SbeQ958CJCTIru2YUIYFa4=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake ];
|
||||
|
@ -1,18 +1,20 @@
|
||||
{ lib, stdenv, fetchFromGitHub }:
|
||||
{ lib, stdenv, fetchFromGitHub, unstableGitUpdater }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "zuo";
|
||||
version = "unstable-2023-01-02";
|
||||
version = "unstable-2023-10-17";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "racket";
|
||||
repo = "zuo";
|
||||
rev = "464aae9ae90dcb43ab003b922e4ae4d08611c55b";
|
||||
hash = "sha256-O8p3dEXqAP2UNPNBla9AtkndxgL8UoVp/QygXOmcgWg=";
|
||||
rev = "493e9cd08147add01bba9247f36759f095b87678";
|
||||
hash = "sha256-gsCjB3V+A0kMZJZ9onZ57R6b1Ha0K+Q383DQoVGfY7I=";
|
||||
};
|
||||
|
||||
doCheck = true;
|
||||
|
||||
passthru.updateScript = unstableGitUpdater { };
|
||||
|
||||
meta = with lib; {
|
||||
description = "A Tiny Racket for Scripting";
|
||||
homepage = "https://github.com/racket/zuo";
|
||||
|
@ -77,6 +77,10 @@ stdenv.mkDerivation rec {
|
||||
"-Dintrospection=enabled"
|
||||
"-Dinstalled_test_datadir=${placeholder "installedTests"}/share"
|
||||
"-Dinstalled_test_bindir=${placeholder "installedTests"}/libexec"
|
||||
] ++ lib.optionals stdenv.isAarch32 [
|
||||
# the box test is failing with SIGBUS on armv7l-linux
|
||||
# https://github.com/ebassi/graphene/issues/215
|
||||
"-Darm_neon=false"
|
||||
];
|
||||
|
||||
doCheck = true;
|
||||
|
@ -3,20 +3,15 @@
|
||||
|
||||
stdenv.mkDerivation {
|
||||
pname = "libbap";
|
||||
version = "master-2020-11-25";
|
||||
version = "master-2022-07-13";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "BinaryAnalysisPlatform";
|
||||
repo = "bap-bindings";
|
||||
rev = "3193cb31e1b1f2455406ea0c819dad9dfa2ba10d";
|
||||
sha256 = "0m4spva3z6fgbwlg4zq53l5p227dic893q2qq65pvzxyf7k7nmil";
|
||||
rev = "4d324dd794f8e022e8eddecbb2ae2e7b28173947";
|
||||
hash = "sha256-la47HR+i99ueDEWR91YIXGdKflpE1E0qmmJjeowmGSI=";
|
||||
};
|
||||
|
||||
postPatch = ''
|
||||
substituteInPlace Makefile.in \
|
||||
--replace "-linkpkg" "-thread -linkpkg"
|
||||
'';
|
||||
|
||||
nativeBuildInputs = [ autoreconfHook which ocaml findlib ];
|
||||
buildInputs = [ bap ctypes ];
|
||||
|
||||
|
30
pkgs/development/libraries/libcaption/default.nix
Normal file
30
pkgs/development/libraries/libcaption/default.nix
Normal file
@ -0,0 +1,30 @@
|
||||
{ stdenv
|
||||
, lib
|
||||
, fetchFromGitHub
|
||||
, cmake
|
||||
, re2c
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation (finalAttrs: {
|
||||
pname = "libcaption";
|
||||
version = "0.7";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "szatmary";
|
||||
repo = "libcaption";
|
||||
rev = finalAttrs.version;
|
||||
sha256 = "sha256-OBtxoFJF0cxC+kfSK8TIKIdLkmCh5WOJlI0fejnisJo=";
|
||||
fetchSubmodules = true;
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake ];
|
||||
buildInputs = [ re2c ];
|
||||
|
||||
meta = with lib; {
|
||||
description = "Free open-source CEA608 / CEA708 closed-caption encoder/decoder";
|
||||
homepage = "https://github.com/szatmary/libcaption";
|
||||
license = licenses.mit;
|
||||
platforms = platforms.all;
|
||||
maintainers = with maintainers; [ pschmitt ];
|
||||
};
|
||||
})
|
@ -47,7 +47,6 @@ stdenv.mkDerivation rec {
|
||||
badPlatforms = flatten [
|
||||
systems.inspect.platformPatterns.isStatic
|
||||
systems.inspect.patterns.isMusl
|
||||
systems.inspect.patterns.isAarch64
|
||||
];
|
||||
};
|
||||
}
|
||||
|
@ -6,13 +6,13 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "vapoursynth";
|
||||
version = "64";
|
||||
version = "65";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "vapoursynth";
|
||||
repo = "vapoursynth";
|
||||
rev = "R${version}";
|
||||
sha256 = "sha256-EdIe0hWsx0W9+03O0Avk4DV2jKv8s4wGAKk0NxIAuTU=";
|
||||
sha256 = "sha256-HrTXhRoKSFeLXYQM7W2FvYf7yCD1diSZGtPop9urrSk=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
|
@ -153,7 +153,6 @@
|
||||
, "katex"
|
||||
, "keyoxide"
|
||||
, "lcov-result-merger"
|
||||
, "lean-language-server"
|
||||
, "lerna"
|
||||
, "less"
|
||||
, "less-plugin-clean-css"
|
||||
|
11451
pkgs/development/node-packages/node-packages.nix
generated
11451
pkgs/development/node-packages/node-packages.nix
generated
File diff suppressed because it is too large
Load Diff
@ -1,6 +1,6 @@
|
||||
{ lib, fetchurl, version, astring, base, camlp-streams, cmdliner_1_0
|
||||
{ lib, fetchurl, version ? "0.26.1", astring, base, camlp-streams, cmdliner_1_0
|
||||
, cmdliner_1_1, csexp, dune-build-info, either, fix, fpath, menhirLib, menhirSdk
|
||||
, ocaml-version, ocp-indent, odoc-parser, result, stdio, uuseg, uutf }:
|
||||
, ocaml-version, ocp-indent, odoc-parser, result, stdio, uuseg, uutf, ... }:
|
||||
|
||||
# The ocamlformat package have been split into two in version 0.25.1:
|
||||
# one for the library and one for the executable.
|
||||
@ -23,9 +23,12 @@ rec {
|
||||
"0.24.1" = "sha256-AjQl6YGPgOpQU3sjcaSnZsFJqZV9BYB+iKAE0tX0Qc4=";
|
||||
"0.25.1" = "sha256-3I8qMwyjkws2yssmI7s2Dti99uSorNKT29niJBpv0z0=";
|
||||
"0.26.0" = "sha256-AxSUq3cM7xCo9qocvrVmDkbDqmwM1FexEP7IWadeh30=";
|
||||
"0.26.1" = "sha256-2gBuQn8VuexhL7gI1EZZm9m3w+4lq+s9VVdHpw10xtc=";
|
||||
}."${version}";
|
||||
};
|
||||
|
||||
inherit version;
|
||||
|
||||
odoc-parser_v = odoc-parser.override {
|
||||
version = if lib.versionAtLeast version "0.24.0" then
|
||||
"2.0.0"
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user