colin/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/master' into retroarch-update

Browse Source
This commit is contained in:
Matthew Bauer 2020-03-21 23:01:45 -04:00
commit 293b16aae9
337 changed files with 24575 additions and 10665 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
doc/languages-frameworks/android.section.md
View File

@ -235,5 +235,5 @@ package manager uses. To update the expressions run the `generate.sh` script
that is stored in the `pkgs/development/mobile/androidenv/` sub directory:
```bash
sh ./generate.sh
./generate.sh
```

17
lib/modules.nix
View File

@ -93,7 +93,11 @@ rec {
res set._definedNames
else
res;
result = { inherit options config; };
result = {
inherit options;
config = removeAttrs config [ "_module" ];
inherit (config) _module;
};
in result;
# collectModules :: (modulesPath: String) -> (modules: [ Module ]) -> (args: Attrs) -> [ Module ]
@ -295,7 +299,9 @@ rec {
in
throw "The option `${showOption loc}' in `${firstOption._file}' is a prefix of options in `${firstNonOption._file}'."
else
mergeModules' loc decls defns
if all (def: isAttrs def.value) defns' then mergeModules' loc decls defns
else let firstInvalid = findFirst (def: ! isAttrs def.value) null defns';
in throw "The option path `${showOption loc}' is an attribute set of options, but it is defined to not be an attribute set in `${firstInvalid.file}'. Did you define its value at the correct and complete path?"
))
// { _definedNames = map (m: { inherit (m) file; names = attrNames m.config; }) configs; };
@ -410,10 +416,9 @@ rec {
# Type-check the remaining definitions, and merge them. Or throw if no definitions.
mergedValue =
if isDefined then
foldl' (res: def:
if type.check def.value then res
else throw "The option value `${showOption loc}' in `${def.file}' is not of type `${type.description}'."
) (type.merge loc defsFinal) defsFinal
if all (def: type.check def.value) defsFinal then type.merge loc defsFinal
else let firstInvalid = findFirst (def: ! type.check def.value) null defsFinal;
in throw "The option value `${showOption loc}' in `${firstInvalid.file}' is not of type `${type.description}'."
else
# (nixos-option detects this specific error message and gives it special
# handling. If changed here, please change it there too.)

13
lib/tests/modules.sh
View File

@ -185,6 +185,11 @@ checkConfigError 'The option .* defined in .* does not exist' config.enable ./di
# Check that imports can depend on derivations
checkConfigOutput "true" config.enable ./import-from-store.nix
# Check that configs can be conditional on option existence
checkConfigOutput true config.enable ./define-option-dependently.nix ./declare-enable.nix ./declare-int-positive-value.nix
checkConfigOutput 360 config.value ./define-option-dependently.nix ./declare-enable.nix ./declare-int-positive-value.nix
checkConfigOutput 7 config.value ./define-option-dependently.nix ./declare-int-positive-value.nix
# Check attrsOf and lazyAttrsOf. Only lazyAttrsOf should be lazy, and only
# attrsOf should work with conditional definitions
# In addition, lazyAttrsOf should honor an options emptyValue
@ -194,6 +199,14 @@ checkConfigOutput "true" config.conditionalWorks ./declare-attrsOf.nix ./attrsOf
checkConfigOutput "false" config.conditionalWorks ./declare-lazyAttrsOf.nix ./attrsOf-conditional-check.nix
checkConfigOutput "empty" config.value.foo ./declare-lazyAttrsOf.nix ./attrsOf-conditional-check.nix
# Check error for when an option set is defined to be a non-attribute set value
checkConfigError 'The option path .* is an attribute set of options, but it is defined to not be an attribute set in' \
config.value ./declare-option-set.nix ./define-value-int-zero.nix
# Even with multiple assignments, a type error should be thrown if any of them aren't valid
checkConfigError 'The option value .* in .* is not of type .*' \
config.value ./declare-int-unsigned-value.nix ./define-value-list.nix ./define-value-int-positive.nix
cat <<EOF
====== module tests ======
$pass Pass

3
lib/tests/modules/declare-option-set.nix Normal file
View File

@ -0,0 +1,3 @@
{
options.value = {};
}

16
lib/tests/modules/define-option-dependently.nix Normal file
View File

@ -0,0 +1,16 @@
{ lib, options, ... }:
# Some modules may be distributed separately and need to adapt to other modules
# that are distributed and versioned separately.
{
# Always defined, but the value depends on the presence of an option.
config = {
value = if options ? enable then 360 else 7;
}
# Only define if possible.
// lib.optionalAttrs (options ? enable) {
enable = true;
};
}

28
maintainers/maintainer-list.nix
View File

@ -711,6 +711,12 @@
githubId = 55833;
name = "Troels Henriksen";
};
atkinschang = {
email = "atkinschang+nixpkgs@gmail.com";
github = "AtkinsChang";
githubId = 5193600;
name = "Atkins Chang";
};
atnnn = {
email = "etienne@atnnn.com";
github = "atnnn";
@ -4147,6 +4153,12 @@
github = "leonardoce";
name = "Leonardo Cecchi";
};
leshainc = {
email = "leshainc@fomalhaut.me";
github = "LeshaInc";
githubId = 42153076;
name = "Alexey Nikashkin";
};
lethalman = {
email = "lucabru@src.gnome.org";
github = "lethalman";
@ -4159,6 +4171,16 @@
githubId = 3425311;
name = "Antoine Eiche";
};
lexuge = {
name = "Harry Ying";
email = "lexugeyky@outlook.com";
github = "LEXUGE";
githubId = 13804737;
keys = [{
longkeyid = "rsa4096/0xAE53B4C2E58EDD45";
fingerprint = "7FE2 113A A08B 695A C8B8 DDE6 AE53 B4C2 E58E DD45";
}];
};
lheckemann = {
email = "git@sphalerite.org";
github = "lheckemann";
@ -4602,6 +4624,12 @@
githubId = 1269099;
name = "Marius Bakke";
};
mbaillie = {
email = "martin@baillie.email";
github = "martinbaillie";
githubId = 613740;
name = "Martin Baillie";
};
mbbx6spp = {
email = "me@susanpotter.net";
github = "mbbx6spp";

13
maintainers/scripts/nix-generate-from-cpan.pl
View File

@ -6,6 +6,7 @@ use warnings;
use CPAN::Meta();
use CPANPLUS::Backend();
use Module::CoreList;
use Getopt::Long::Descriptive qw( describe_options );
use JSON::PP qw( encode_json );
use Log::Log4perl qw(:easy);
@ -164,7 +165,7 @@ Readonly::Hash my %LICENSE_MAP => (
# License not provided in metadata.
unknown => {
licenses => [qw( unknown )],
licenses => [],
amb => 1
}
);
@ -278,14 +279,8 @@ sub get_deps {
foreach my $n ( $deps->required_modules ) {
next if $n eq "perl";
# Figure out whether the module is a core module by attempting
# to `use` the module in a pure Perl interpreter and checking
# whether it succeeded. Note, $^X is a magic variable holding
# the path to the running Perl interpreter.
if ( system("env -i $^X -M$n -e1 >/dev/null 2>&1") == 0 ) {
DEBUG("skipping Perl-builtin module $n");
next;
}
my @core = Module::CoreList->find_modules(qr/^$n$/);
next if (@core);
my $pkg = module_to_pkg( $cb, $n );

9
maintainers/team-list.nix
View File

@ -21,4 +21,13 @@ with lib.maintainers; {
members = [ jtojnar worldofpeace ];
scope = "Maintain Freedesktop.org packages for graphical desktop.";
};
gnome = {
members = [
hedning
jtojnar
worldofpeace
];
scope = "Maintain GNOME desktop environment and platform.";
};
}

1
nixos/doc/manual/configuration/configuration.xml
View File

@ -21,7 +21,6 @@
<xi:include href="xfce.xml" />
<xi:include href="networking.xml" />
<xi:include href="linux-kernel.xml" />
<xi:include href="matrix.xml" />
<xi:include href="../generated/modules.xml" xpointer="xpointer(//section[@id='modules']/*)" />
<xi:include href="profiles.xml" />
<xi:include href="kubernetes.xml" />

66
nixos/doc/manual/release-notes/rl-2003.xml
View File

@ -196,10 +196,10 @@ services.xserver.displayManager.defaultSession = "xfce+icewm";
</listitem>
<listitem>
<para>
There is now only one Xfce package-set and module. This means attributes, <literal>xfce4-14</literal>
<literal>xfce4-12</literal>, and <literal>xfceUnstable</literal> all now point to the latest Xfce 4.14
packages. And in future NixOS releases will be the latest released version of Xfce available at the
time during the releases development (if viable).
There is now only one Xfce package-set and module. This means that attributes <literal>xfce4-14</literal>
and <literal>xfceUnstable</literal> all now point to the latest Xfce 4.14
packages. And in the future NixOS releases will be the latest released version of Xfce available at the
time of the release's development (if viable).
</para>
</listitem>
<listitem>
@ -235,7 +235,7 @@ services.xserver.displayManager.defaultSession = "xfce+icewm";
<listitem>
<para>
The <literal>buildRustCrate</literal> infrastructure now produces <literal>lib</literal> outputs in addition to the <literal>out</literal> output.
This has led to drastically reduced closed sizes for some rust crates since development dependencies are now in the <literal>lib</literal> output.
This has led to drastically reduced closure sizes for some rust crates since development dependencies are now in the <literal>lib</literal> output.
</para>
</listitem>
<listitem>
@ -641,6 +641,13 @@ auth required pam_succeed_if.so uid >= 1000 quiet
The previous behavior can be restored by setting <literal>config.riot-web.conf = { disable_guests = false; piwik = true; }</literal>.
</para>
</listitem>
<listitem>
<para>
Stand-alone usage of <literal>Upower</literal> now requires
<option>services.upower.enable</option> instead of just installing into
<xref linkend="opt-environment.systemPackages"/>.
</para>
</listitem>
</itemizedlist>
</section>
@ -712,6 +719,55 @@ auth required pam_succeed_if.so uid >= 1000 quiet
For further reference, please read <link xlink:href="https://github.com/NixOS/nixpkgs/pull/68953">#68953</link> or the corresponding <link xlink:href="https://discourse.nixos.org/t/predictable-network-interface-names-in-initrd/4055">discourse thread</link>.
</para>
</listitem>
<listitem>
<para>
The <package>matrix-synapse</package>-package has been updated to
<link xlink:href="https://github.com/matrix-org/synapse/releases/tag/v1.11.1">v1.11.1</link>.
Due to <link xlink:href="https://github.com/matrix-org/synapse/releases/tag/v1.10.0rc1">stricter requirements</link>
for database configuration when using <package>postgresql</package>, the automated database setup
of the module has been removed to avoid any further edge-cases.
</para>
<para>
<package>matrix-synapse</package> expects <literal>postgresql</literal>-databases to have the options
<literal>LC_COLLATE</literal> and <literal>LC_CTYPE</literal> set to
<link xlink:href="https://www.postgresql.org/docs/12/locale.html"><literal>'C'</literal></link> which basically
instructs <literal>postgresql</literal> to ignore any locale-based preferences.
</para>
<para>
Depending on your setup, you need to incorporate one of the following changes in your setup to
upgrade to 20.03:
<itemizedlist>
<listitem><para>If you use <literal>sqlite3</literal> you don't need to do anything.</para></listitem>
<listitem><para>If you use <literal>postgresql</literal> on a different server, you don't need
to change anything as well since this module was never designed to configure remote databases.
</para></listitem>
<listitem><para>If you use <literal>postgresql</literal> and configured your synapse initially on
<literal>19.09</literal> or older, you simply need to enable <package>postgresql</package>-support
explicitly:
<programlisting>{ ... }: {
services.matrix-synapse = {
<link linkend="opt-services.matrix-synapse.enable">enable</link> = true;
/* and all the other config you've defined here */
};
<link linkend="opt-services.postgresql.enable">services.postgresql.enable</link> = true;
}</programlisting>
</para></listitem>
<listitem><para>If you deploy a fresh <package>matrix-synapse</package>, you need to configure
the database yourself (e.g. by using the
<link linkend="opt-services.postgresql.initialScript">services.postgresql.initialScript</link>
option). An example for this can be found in the
<link linkend="module-services-matrix">documentation of the Matrix module</link>.
</para></listitem>
<listitem><para>If you initially deployed your <package>matrix-synapse</package> on
<literal>nixos-unstable</literal> <emphasis>after</emphasis> the <literal>19.09</literal>-release,
your database is misconfigured due to a regression in NixOS. For now, <package>matrix-synapse</package> will
startup with a warning, but it's recommended to reconfigure the database to set the values
<literal>LC_COLLATE</literal> and <literal>LC_CTYPE</literal> to
<link xlink:href="https://www.postgresql.org/docs/12/locale.html"><literal>'C'</literal></link>.
</para></listitem>
</itemizedlist>
</para>
</listitem>
</itemizedlist>
</section>
</section>

10
nixos/doc/manual/release-notes/rl-2009.xml
View File

@ -86,6 +86,16 @@
}</programlisting>
</para>
</listitem>
<listitem>
<para>
The <link linkend="opt-services.supybot.enable">supybot</link> module now uses <literal>/var/lib/supybot</literal>
as its default <link linkend="opt-services.supybot.stateDir">stateDir</link> path if <literal>stateVersion</literal>
is 20.09 or higher. It also enables number of
<link xlink:href="https://www.freedesktop.org/software/systemd/man/systemd.exec.html#Sandboxing">systemd sandboxing options</link>
which may possibly interfere with some plugins. If this is the case you can disable the options through attributes in
<option>systemd.services.supybot.serviceConfig</option>.
</para>
</listitem>
</itemizedlist>
</section>

3
nixos/modules/module-list.nix
View File

@ -200,6 +200,7 @@
./security/wrappers/default.nix
./security/sudo.nix
./security/systemd-confinement.nix
./security/tpm2.nix
./services/admin/oxidized.nix
./services/admin/salt/master.nix
./services/admin/salt/minion.nix
@ -709,6 +710,7 @@
./services/networking/shorewall6.nix
./services/networking/shout.nix
./services/networking/sniproxy.nix
./services/networking/smartdns.nix
./services/networking/smokeping.nix
./services/networking/softether.nix
./services/networking/spacecookie.nix
@ -726,6 +728,7 @@
./services/networking/syncthing.nix
./services/networking/syncthing-relay.nix
./services/networking/syncplay.nix
./services/networking/tailscale.nix
./services/networking/tcpcrypt.nix
./services/networking/teamspeak3.nix
./services/networking/tedicross.nix

185
nixos/modules/security/tpm2.nix Normal file
View File

@ -0,0 +1,185 @@
{ lib, pkgs, config, ... }:
let
cfg = config.security.tpm2;
# This snippet is taken from tpm2-tss/dist/tpm-udev.rules, but modified to allow custom user/groups
# The idea is that the tssUser is allowed to acess the TPM and kernel TPM resource manager, while
# the tssGroup is only allowed to access the kernel resource manager
# Therefore, if either of the two are null, the respective part isn't generated
udevRules = tssUser: tssGroup: ''
${lib.optionalString (tssUser != null) ''KERNEL=="tpm[0-9]*", MODE="0660", OWNER="${tssUser}"''}
${lib.optionalString (tssUser != null || tssGroup != null)
''KERNEL=="tpmrm[0-9]*", MODE="0660"''
+ lib.optionalString (tssUser != null) '', OWNER="${tssUser}"''
+ lib.optionalString (tssGroup != null) '', GROUP="${tssGroup}"''
}
'';
in {
options.security.tpm2 = {
enable = lib.mkEnableOption "Trusted Platform Module 2 support";
tssUser = lib.mkOption {
description = ''
Name of the tpm device-owner and service user, set if applyUdevRules is
set.
'';
type = lib.types.nullOr lib.types.str;
default = if cfg.abrmd.enable then "tss" else "root";
defaultText = ''"tss" when using the userspace resource manager,'' +
''"root" otherwise'';
};
tssGroup = lib.mkOption {
description = ''
Group of the tpm kernel resource manager (tpmrm) device-group, set if
applyUdevRules is set.
'';
type = lib.types.nullOr lib.types.str;
default = "tss";
};
applyUdevRules = lib.mkOption {
description = ''
Whether to make the /dev/tpm[0-9] devices accessible by the tssUser, or
the /dev/tpmrm[0-9] by tssGroup respectively
'';
type = lib.types.bool;
default = true;
};
abrmd = {
enable = lib.mkEnableOption ''
Trusted Platform 2 userspace resource manager daemon
'';
package = lib.mkOption {
description = "tpm2-abrmd package to use";
type = lib.types.package;
default = pkgs.tpm2-abrmd;
defaultText = "pkgs.tpm2-abrmd";
};
};
pkcs11 = {
enable = lib.mkEnableOption ''
TPM2 PKCS#11 tool and shared library in system path
(<literal>/run/current-system/sw/lib/libtpm2_pkcs11.so</literal>)
'';
package = lib.mkOption {
description = "tpm2-pkcs11 package to use";
type = lib.types.package;
default = pkgs.tpm2-pkcs11;
defaultText = "pkgs.tpm2-pkcs11";
};
};
tctiEnvironment = {
enable = lib.mkOption {
description = ''
Set common TCTI environment variables to the specified value.
The variables are
<itemizedlist>
<listitem>
<para>
<literal>TPM2TOOLS_TCTI</literal>
</para>
</listitem>
<listitem>
<para>
<literal>TPM2_PKCS11_TCTI</literal>
</para>
</listitem>
</itemizedlist>
'';
type = lib.types.bool;
default = false;
};
interface = lib.mkOption {
description = ''
The name of the TPM command transmission interface (TCTI) library to
use.
'';
type = lib.types.enum [ "tabrmd" "device" ];
default = "device";
};
deviceConf = lib.mkOption {
description = ''
Configuration part of the device TCTI, e.g. the path to the TPM device.
Applies if interface is set to "device".
The format is specified in the
<link xlink:href="https://github.com/tpm2-software/tpm2-tools/blob/master/man/common/tcti.md#tcti-options">
tpm2-tools repository</link>.
'';
type = lib.types.str;
default = "/dev/tpmrm0";
};
tabrmdConf = lib.mkOption {
description = ''
Configuration part of the tabrmd TCTI, like the D-Bus bus name.
Applies if interface is set to "tabrmd".
The format is specified in the
<link xlink:href="https://github.com/tpm2-software/tpm2-tools/blob/master/man/common/tcti.md#tcti-options">
tpm2-tools repository</link>.
'';
type = lib.types.str;
default = "bus_name=com.intel.tss2.Tabrmd";
};
};
};
config = lib.mkIf cfg.enable (lib.mkMerge [
{
# PKCS11 tools and library
environment.systemPackages = lib.mkIf cfg.pkcs11.enable [
(lib.getBin cfg.pkcs11.package)
(lib.getLib cfg.pkcs11.package)
];
services.udev.extraRules = lib.mkIf cfg.applyUdevRules
(udevRules cfg.tssUser cfg.tssGroup);
# Create the tss user and group only if the default value is used
users.users.${cfg.tssUser} = lib.mkIf (cfg.tssUser == "tss") {
isSystemUser = true;
};
users.groups.${cfg.tssGroup} = lib.mkIf (cfg.tssGroup == "tss") {};
environment.variables = lib.mkIf cfg.tctiEnvironment.enable (
lib.attrsets.genAttrs [
"TPM2TOOLS_TCTI"
"TPM2_PKCS11_TCTI"
] (_: ''${cfg.tctiEnvironment.interface}:${
if cfg.tctiEnvironment.interface == "tabrmd" then
cfg.tctiEnvironment.tabrmdConf
else
cfg.tctiEnvironment.deviceConf
}'')
);
}
(lib.mkIf cfg.abrmd.enable {
systemd.services."tpm2-abrmd" = {
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "dbus";
Restart = "always";
RestartSec = 30;
BusName = "com.intel.tss2.Tabrmd";
StandardOutput = "syslog";
ExecStart = "${cfg.abrmd.package}/bin/tpm2-abrmd";
User = "tss";
Group = "nogroup";
};
};
services.dbus.packages = lib.singleton cfg.abrmd.package;
})
]);
meta.maintainers = with lib.maintainers; [ lschuermann ];
}

46
nixos/modules/services/misc/matrix-synapse.nix
View File

@ -111,6 +111,9 @@ app_service_config_files: ${builtins.toJSON cfg.app_service_config_files}
${cfg.extraConfig}
'';
hasLocalPostgresDB = let args = cfg.database_args; in
usePostgresql && (!(args ? host) || (elem args.host [ "localhost" "127.0.0.1" "::1" ]));
in {
options = {
services.matrix-synapse = {
@ -354,13 +357,6 @@ in {
The database engine name. Can be sqlite or psycopg2.
'';
};
create_local_database = mkOption {
type = types.bool;
default = true;
description = ''
Whether to create a local database automatically.
'';
};
database_name = mkOption {
type = types.str;
default = "matrix-synapse";
@ -657,6 +653,25 @@ in {
};
config = mkIf cfg.enable {
assertions = [
{ assertion = hasLocalPostgresDB -> config.services.postgresql.enable;
message = ''
Cannot deploy matrix-synapse with a configuration for a local postgresql database
and a missing postgresql service. Since 20.03 it's mandatory to manually configure the
database (please read the thread in https://github.com/NixOS/nixpkgs/pull/80447 for
further reference).
If you
- try to deploy a fresh synapse, you need to configure the database yourself. An example
for this can be found in <nixpkgs/nixos/tests/matrix-synapse.nix>
- update your existing matrix-synapse instance, you simply need to add `services.postgresql.enable = true`
to your configuration.
For further information about this update, please read the release-notes of 20.03 carefully.
'';
}
];
users.users.matrix-synapse = {
group = "matrix-synapse";
home = cfg.dataDir;
@ -669,18 +684,9 @@ in {
gid = config.ids.gids.matrix-synapse;
};
services.postgresql = mkIf (usePostgresql && cfg.create_local_database) {
enable = mkDefault true;
ensureDatabases = [ cfg.database_name ];
ensureUsers = [{
name = cfg.database_user;
ensurePermissions = { "DATABASE \"${cfg.database_name}\"" = "ALL PRIVILEGES"; };
}];
};
systemd.services.matrix-synapse = {
description = "Synapse Matrix homeserver";
after = [ "network.target" ] ++ lib.optional config.services.postgresql.enable "postgresql.service" ;
after = [ "network.target" ] ++ optional hasLocalPostgresDB "postgresql.service";
wantedBy = [ "multi-user.target" ];
preStart = ''
${cfg.package}/bin/homeserver \
@ -709,6 +715,12 @@ in {
The `trusted_third_party_id_servers` option as been removed in `matrix-synapse` v1.4.0
as the behavior is now obsolete.
'')
(mkRemovedOptionModule [ "services" "matrix-synapse" "create_local_database" ] ''
Database configuration must be done manually. An exemplary setup is demonstrated in
<nixpkgs/nixos/tests/matrix-synapse.nix>
'')
];
meta.doc = ./matrix-synapse.xml;
}

97
nixos/doc/manual/configuration/matrix.xml → nixos/modules/services/misc/matrix-synapse.xml
View File

@ -40,26 +40,35 @@ let
in join config.networking.hostName config.networking.domain;
in {
networking = {
hostName = "myhostname";
domain = "example.org";
<link linkend="opt-networking.hostName">hostName</link> = "myhostname";
<link linkend="opt-networking.domain">domain</link> = "example.org";
};
networking.firewall.allowedTCPPorts = [ 80 443 ];
<link linkend="opt-networking.firewall.allowedTCPPorts">networking.firewall.allowedTCPPorts</link> = [ 80 443 ];
<link linkend="opt-services.postgresql.enable">services.postgresql.enable</link> = true;
<link linkend="opt-services.postgresql.initialScript">services.postgresql.initialScript</link> = ''
CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse';
CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse"
TEMPLATE template0
LC_COLLATE = "C"
LC_CTYPE = "C";
'';
services.nginx = {
enable = true;
<link linkend="opt-services.nginx.enable">enable</link> = true;
# only recommendedProxySettings and recommendedGzipSettings are strictly required,
# but the rest make sense as well
recommendedTlsSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
recommendedProxySettings = true;
<link linkend="opt-services.nginx.recommendedTlsSettings">recommendedTlsSettings</link> = true;
<link linkend="opt-services.nginx.recommendedOptimisation">recommendedOptimisation</link> = true;
<link linkend="opt-services.nginx.recommendedGzipSettings">recommendedGzipSettings</link> = true;
<link linkend="opt-services.nginx.recommendedProxySettings">recommendedProxySettings</link> = true;
virtualHosts = {
<link linkend="opt-services.nginx.virtualHosts">virtualHosts</link> = {
# This host section can be placed on a different host than the rest,
# i.e. to delegate from the host being accessible as ${config.networking.domain}
# to another host actually running the Matrix homeserver.
"${config.networking.domain}" = {
locations."= /.well-known/matrix/server".extraConfig =
<link linkend="opt-services.nginx.virtualHosts._name_.locations._name_.extraConfig">locations."= /.well-known/matrix/server".extraConfig</link> =
let
# use 443 instead of the default 8448 port to unite
# the client-server and server-server port for simplicity
@ -68,7 +77,7 @@ in {
add_header Content-Type application/json;
return 200 '${builtins.toJSON server}';
'';
locations."= /.well-known/matrix/client".extraConfig =
<link linkend="opt-services.nginx.virtualHosts._name_.locations._name_.extraConfig">locations."= /.well-known/matrix/client".extraConfig</link> =
let
client = {
"m.homeserver" = { "base_url" = "https://${fqdn}"; };
@ -84,34 +93,37 @@ in {
# Reverse proxy for Matrix client-server and server-server communication
${fqdn} = {
enableACME = true;
forceSSL = true;
<link linkend="opt-services.nginx.virtualHosts._name_.enableACME">enableACME</link> = true;
<link linkend="opt-services.nginx.virtualHosts._name_.forceSSL">forceSSL</link> = true;
# Or do a redirect instead of the 404, or whatever is appropriate for you.
# But do not put a Matrix Web client here! See the Riot Web section below.
locations."/".extraConfig = ''
<link linkend="opt-services.nginx.virtualHosts._name_.locations._name_.extraConfig">locations."/".extraConfig</link> = ''
return 404;
'';
# forward all Matrix API calls to the synapse Matrix homeserver
locations."/_matrix" = {
proxyPass = "http://[::1]:8008"; # without a trailing /
<link linkend="opt-services.nginx.virtualHosts._name_.locations._name_.proxyPass">proxyPass</link> = "http://[::1]:8008"; # without a trailing /
};
};
};
};
services.matrix-synapse = {
enable = true;
server_name = config.networking.domain;
listeners = [
<link linkend="opt-services.matrix-synapse.enable">enable</link> = true;
<link linkend="opt-services.matrix-synapse.server_name">server_name</link> = config.networking.domain;
<link linkend="opt-services.matrix-synapse.listeners">listeners</link> = [
{
port = 8008;
bind_address = "::1";
type = "http";
tls = false;
x_forwarded = true;
resources = [
{ names = [ "client" "federation" ]; compress = false; }
<link linkend="opt-services.matrix-synapse.listeners._.port">port</link> = 8008;
<link linkend="opt-services.matrix-synapse.listeners._.bind_address">bind_address</link> = "::1";
<link linkend="opt-services.matrix-synapse.listeners._.type">type</link> = "http";
<link linkend="opt-services.matrix-synapse.listeners._.tls">tls</link> = false;
<link linkend="opt-services.matrix-synapse.listeners._.x_forwarded">x_forwarded</link> = true;
<link linkend="opt-services.matrix-synapse.listeners._.resources">resources</link> = [
{
<link linkend="opt-services.matrix-synapse.listeners._.resources._.names">names</link> = [ "client" "federation" ];
<link linkend="opt-services.matrix-synapse.listeners._.resources._.compress">compress</link> = false;
}
];
}
];
@ -135,10 +147,10 @@ in {
<para>
If you want to run a server with public registration by anybody, you can
then enable <option>services.matrix-synapse.enable_registration =
true;</option>. Otherwise, or you can generate a registration secret with
then enable <literal><link linkend="opt-services.matrix-synapse.enable_registration">services.matrix-synapse.enable_registration</link> =
true;</literal>. Otherwise, or you can generate a registration secret with
<command>pwgen -s 64 1</command> and set it with
<option>services.matrix-synapse.registration_shared_secret</option>. To
<option><link linkend="opt-services.matrix-synapse.registration_shared_secret">services.matrix-synapse.registration_shared_secret</link></option>. To
create a new user or admin, run the following after you have set the secret
and have rebuilt NixOS:
<screen>
@ -154,8 +166,8 @@ Success!
<literal>@your-username:example.org</literal>. Note that the registration
secret ends up in the nix store and therefore is world-readable by any user
on your machine, so it makes sense to only temporarily activate the
<option>registration_shared_secret</option> option until a better solution
for NixOS is in place.
<link linkend="opt-services.matrix-synapse.registration_shared_secret">registration_shared_secret</link>
option until a better solution for NixOS is in place.
</para>
</section>
<section xml:id="module-services-matrix-riot-web">
@ -177,15 +189,24 @@ Success!
Matrix Now!</link> for a list of existing clients and their supported
featureset.
<programlisting>
services.nginx.virtualHosts."riot.${fqdn}" = {
enableACME = true;
forceSSL = true;
serverAliases = [
"riot.${config.networking.domain}"
];
{
services.nginx.virtualHosts."riot.${fqdn}" = {
<link linkend="opt-services.nginx.virtualHosts._name_.enableACME">enableACME</link> = true;
<link linkend="opt-services.nginx.virtualHosts._name_.forceSSL">forceSSL</link> = true;
<link linkend="opt-services.nginx.virtualHosts._name_.serverAliases">serverAliases</link> = [
"riot.${config.networking.domain}"
];
root = pkgs.riot-web;
};
<link linkend="opt-services.nginx.virtualHosts._name_.root">root</link> = pkgs.riot-web.override {
conf = {
default_server_config."m.homeserver" = {
"base_url" = "${config.networking.domain}";
"server_name" = "${fqdn}";
};
};
};
};
}
</programlisting>
</para>

10
nixos/modules/services/networking/firewall.nix
View File

@ -546,9 +546,13 @@ in
options nf_conntrack nf_conntrack_helper=1
'';
assertions = [ { assertion = cfg.checkReversePath -> kernelHasRPFilter;
message = "This kernel does not support rpfilter"; }
];
assertions = [
# This is approximately "checkReversePath -> kernelHasRPFilter",
# but the checkReversePath option can include non-boolean
# values.
{ assertion = cfg.checkReversePath == false || kernelHasRPFilter;
message = "This kernel does not support rpfilter"; }
];
systemd.services.firewall = {
description = "Firewall";

157
nixos/modules/services/networking/iodine.nix
View File

@ -9,6 +9,8 @@ let
iodinedUser = "iodined";
/* is this path made unreadable by ProtectHome = true ? */
isProtected = x: hasPrefix "/root" x || hasPrefix "/home" x;
in
{
imports = [
@ -35,45 +37,48 @@ in
corresponding attribute name.
'';
example = literalExample ''
{
foo = {
server = "tunnel.mdomain.com";
relay = "8.8.8.8";
extraConfig = "-v";
{
foo = {
server = "tunnel.mdomain.com";
relay = "8.8.8.8";
extraConfig = "-v";
}
}
}
'';
type = types.attrsOf (types.submodule (
{
options = {
server = mkOption {
type = types.str;
default = "";
description = "Domain or Subdomain of server running iodined";
example = "tunnel.mydomain.com";
};
type = types.attrsOf (
types.submodule (
{
options = {
server = mkOption {
type = types.str;
default = "";
description = "Hostname of server running iodined";
example = "tunnel.mydomain.com";
};
relay = mkOption {
type = types.str;
default = "";
description = "DNS server to use as a intermediate relay to the iodined server";
example = "8.8.8.8";
};
relay = mkOption {
type = types.str;
default = "";
description = "DNS server to use as an intermediate relay to the iodined server";
example = "8.8.8.8";
};
extraConfig = mkOption {
type = types.str;
default = "";
description = "Additional command line parameters";
example = "-l 192.168.1.10 -p 23";
};
extraConfig = mkOption {
type = types.str;
default = "";
description = "Additional command line parameters";
example = "-l 192.168.1.10 -p 23";
};
passwordFile = mkOption {
type = types.str;
default = "";
description = "File that contains password";
};
};
}));
passwordFile = mkOption {
type = types.str;
default = "";
description = "Path to a file containing the password.";
};
};
}
)
);
};
server = {
@ -121,31 +126,67 @@ in
boot.kernelModules = [ "tun" ];
systemd.services =
let
createIodineClientService = name: cfg:
{
description = "iodine client - ${name}";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
script = "exec ${pkgs.iodine}/bin/iodine -f -u ${iodinedUser} ${cfg.extraConfig} ${optionalString (cfg.passwordFile != "") "< \"${cfg.passwordFile}\""} ${cfg.relay} ${cfg.server}";
serviceConfig = {
RestartSec = "30s";
Restart = "always";
let
createIodineClientService = name: cfg:
{
description = "iodine client - ${name}";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
script = "exec ${pkgs.iodine}/bin/iodine -f -u ${iodinedUser} ${cfg.extraConfig} ${optionalString (cfg.passwordFile != "") "< \"${builtins.toString cfg.passwordFile}\""} ${cfg.relay} ${cfg.server}";
serviceConfig = {
RestartSec = "30s";
Restart = "always";
# hardening :
# Filesystem access
ProtectSystem = "strict";
ProtectHome = if isProtected cfg.passwordFile then "read-only" else "true" ;
PrivateTmp = true;
ReadWritePaths = "/dev/net/tun";
PrivateDevices = false;
ProtectKernelTunables = true;
ProtectKernelModules = true;
ProtectControlGroups = true;
# Caps
NoNewPrivileges = true;
# Misc.
LockPersonality = true;
RestrictRealtime = true;
PrivateMounts = true;
MemoryDenyWriteExecute = true;
};
};
in
listToAttrs (
mapAttrsToList
(name: value: nameValuePair "iodine-${name}" (createIodineClientService name value))
cfg.clients
) // {
iodined = mkIf (cfg.server.enable) {
description = "iodine, ip over dns server daemon";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
script = "exec ${pkgs.iodine}/bin/iodined -f -u ${iodinedUser} ${cfg.server.extraConfig} ${optionalString (cfg.server.passwordFile != "") "< \"${builtins.toString cfg.server.passwordFile}\""} ${cfg.server.ip} ${cfg.server.domain}";
serviceConfig = {
# Filesystem access
ProtectSystem = "strict";
ProtectHome = if isProtected cfg.server.passwordFile then "read-only" else "true" ;
PrivateTmp = true;
ReadWritePaths = "/dev/net/tun";
PrivateDevices = false;
ProtectKernelTunables = true;
ProtectKernelModules = true;
ProtectControlGroups = true;
# Caps
NoNewPrivileges = true;
# Misc.
LockPersonality = true;
RestrictRealtime = true;
PrivateMounts = true;
MemoryDenyWriteExecute = true;
};
};
};
};
in
listToAttrs (
mapAttrsToList
(name: value: nameValuePair "iodine-${name}" (createIodineClientService name value))
cfg.clients
) // {
iodined = mkIf (cfg.server.enable) {
description = "iodine, ip over dns server daemon";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
script = "exec ${pkgs.iodine}/bin/iodined -f -u ${iodinedUser} ${cfg.server.extraConfig} ${optionalString (cfg.server.passwordFile != "") "< \"${cfg.server.passwordFile}\""} ${cfg.server.ip} ${cfg.server.domain}";
};
};
users.users.${iodinedUser} = {
uid = config.ids.uids.iodined;

61
nixos/modules/services/networking/smartdns.nix Normal file
View File

@ -0,0 +1,61 @@
{ lib, pkgs, config, ... }:
with lib;
let
inherit (lib.types) attrsOf coercedTo listOf oneOf str int bool;
cfg = config.services.smartdns;
confFile = pkgs.writeText "smartdns.conf" (with generators;
toKeyValue {
mkKeyValue = mkKeyValueDefault {
mkValueString = v:
if isBool v then
if v then "yes" else "no"
else
mkValueStringDefault { } v;
} " ";
listsAsDuplicateKeys =
true; # Allowing duplications because we need to deal with multiple entries with the same key.
} cfg.settings);
in {
options.services.smartdns = {
enable = mkEnableOption "SmartDNS DNS server";
bindPort = mkOption {
type = types.port;
default = 53;
description = "DNS listening port number.";
};
settings = mkOption {
type =
let atom = oneOf [ str int bool ];
in attrsOf (coercedTo atom toList (listOf atom));
example = literalExample ''
{
bind = ":5353 -no-rule -group example";
cache-size = 4096;
server-tls = [ "8.8.8.8:853" "1.1.1.1:853" ];
server-https = "https://cloudflare-dns.com/dns-query -exclude-default-group";
prefetch-domain = true;
speed-check-mode = "ping,tcp:80";
};
'';
description = ''
A set that will be generated into configuration file, see the <link xlink:href="https://github.com/pymumu/smartdns/blob/master/ReadMe_en.md#configuration-parameter">SmartDNS README</link> for details of configuration parameters.
You could override the options here like <option>services.smartdns.bindPort</option> by writing <literal>settings.bind = ":5353 -no-rule -group example";</literal>.
'';
};
};
config = lib.mkIf cfg.enable {
services.smartdns.settings.bind = mkDefault ":${toString cfg.bindPort}";
systemd.packages = [ pkgs.smartdns ];
systemd.services.smartdns.wantedBy = [ "multi-user.target" ];
environment.etc."smartdns/smartdns.conf".source = confFile;
environment.etc."default/smartdns".source =
"${pkgs.smartdns}/etc/default/smartdns";
};
}

1
nixos/modules/services/networking/stubby.nix
View File

@ -205,6 +205,7 @@ in
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "notify";
AmbientCapabilities = "CAP_NET_BIND_SERVICE";
CapabilityBoundingSet = "CAP_NET_BIND_SERVICE";
ExecStart = "${pkgs.stubby}/bin/stubby -C ${confFile} ${optionalString cfg.debugLogging "-l"}";

109
nixos/modules/services/networking/supybot.nix
View File

@ -3,32 +3,35 @@
with lib;
let
cfg = config.services.supybot;
isStateDirHome = hasPrefix "/home/" cfg.stateDir;
isStateDirVar = cfg.stateDir == "/var/lib/supybot";
pyEnv = pkgs.python3.withPackages (p: [ p.limnoria ] ++ (cfg.extraPackages p));
in
{
options = {
services.supybot = {
enable = mkOption {
type = types.bool;
default = false;
description = "Enable Supybot, an IRC bot";
description = "Enable Supybot, an IRC bot (also known as Limnoria).";
};
stateDir = mkOption {
# Setting this to /var/lib/supybot caused useradd to fail
default = "/home/supybot";
type = types.path;
default = if versionAtLeast config.system.stateVersion "20.09"
then "/var/lib/supybot"
else "/home/supybot";
defaultText = "/var/lib/supybot";
description = "The root directory, logs and plugins are stored here";
};
configFile = mkOption {
type = types.path;
description = ''
Path to a supybot config file. This can be generated by
Path to initial supybot config file. This can be generated by
running supybot-wizard.
Note: all paths should include the full path to the stateDir
@ -36,21 +39,54 @@ in
'';
};
plugins = mkOption {
type = types.attrsOf types.path;
default = {};
description = ''
Attribute set of additional plugins that will be symlinked to the
<filename>plugin</filename> subdirectory.
Please note that you still need to add the plugins to the config
file (or with <literal>!load</literal>) using their attribute name.
'';
example = literalExample ''
let
plugins = pkgs.fetchzip {
url = "https://github.com/ProgVal/Supybot-plugins/archive/57c2450c.zip";
sha256 = "077snf84ibnva3sbpzdfpfma6hcdw7dflwnhg6pw7mgnf0nd84qd";
};
in
{
Wikipedia = "''${plugins}/Wikipedia";
Decide = ./supy-decide;
}
'';
};
extraPackages = mkOption {
default = p: [];
description = ''
Extra Python packages available to supybot plugins. The
value must be a function which receives the attrset defined
in <varname>python3Packages</varname> as the sole argument.
'';
example = literalExample ''p: [ p.lxml p.requests ]'';
};
};
};
config = mkIf cfg.enable {
environment.systemPackages = [ pkgs.pythonPackages.limnoria ];
environment.systemPackages = [ pkgs.python3Packages.limnoria ];
users.users.supybot = {
uid = config.ids.uids.supybot;
group = "supybot";
description = "Supybot IRC bot user";
home = cfg.stateDir;
createHome = true;
isSystemUser = true;
};
users.groups.supybot = {
@ -59,19 +95,16 @@ in
systemd.services.supybot = {
description = "Supybot, an IRC bot";
documentation = [ "https://limnoria.readthedocs.io/" ];
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
path = [ pkgs.pythonPackages.limnoria ];
preStart = ''
cd ${cfg.stateDir}
mkdir -p backup conf data plugins logs/plugins tmp web
ln -sf ${cfg.configFile} supybot.cfg
# This needs to be created afresh every time
rm -f supybot.cfg.bak
rm -f '${cfg.stateDir}/supybot.cfg.bak'
'';
serviceConfig = {
ExecStart = "${pkgs.pythonPackages.limnoria}/bin/supybot ${cfg.stateDir}/supybot.cfg";
ExecStart = "${pyEnv}/bin/supybot ${cfg.stateDir}/supybot.cfg";
PIDFile = "/run/supybot.pid";
User = "supybot";
Group = "supybot";
@ -79,8 +112,50 @@ in
Restart = "on-abort";
StartLimitInterval = "5m";
StartLimitBurst = "1";
NoNewPrivileges = true;
PrivateDevices = true;
PrivateMounts = true;
PrivateTmp = true;
ProtectControlGroups = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ];
RestrictSUIDSGID = true;
SystemCallArchitectures = "native";
RestrictNamespaces = true;
RestrictRealtime = true;
LockPersonality = true;
MemoryDenyWriteExecute = true;
RemoveIPC = true;
ProtectHostname = true;
CapabilityBoundingSet = "";
ProtectSystem = "full";
}
// optionalAttrs isStateDirVar {
StateDirectory = "supybot";
ProtectSystem = "strict";
}
// optionalAttrs (!isStateDirHome) {
ProtectHome = true;
};
};
systemd.tmpfiles.rules = [
"d '${cfg.stateDir}' 0700 supybot supybot - -"
"d '${cfg.stateDir}/backup' 0750 supybot supybot - -"
"d '${cfg.stateDir}/conf' 0750 supybot supybot - -"
"d '${cfg.stateDir}/data' 0750 supybot supybot - -"
"d '${cfg.stateDir}/plugins' 0750 supybot supybot - -"
"d '${cfg.stateDir}/logs' 0750 supybot supybot - -"
"d '${cfg.stateDir}/logs/plugins' 0750 supybot supybot - -"
"d '${cfg.stateDir}/tmp' 0750 supybot supybot - -"
"d '${cfg.stateDir}/web' 0750 supybot supybot - -"
"L '${cfg.stateDir}/supybot.cfg' - - - - ${cfg.configFile}"
]
++ (flip mapAttrsToList cfg.plugins (name: dest:
"L+ '${cfg.stateDir}/plugins/${name}' - - - - ${dest}"
));
};
}

46
nixos/modules/services/networking/tailscale.nix Normal file
View File

@ -0,0 +1,46 @@
{ config, lib, pkgs, ... }:
with lib;
let cfg = config.services.tailscale;
in {
meta.maintainers = with maintainers; [ danderson mbaillie ];
options.services.tailscale = {
enable = mkEnableOption "Tailscale client daemon";
port = mkOption {
type = types.port;
default = 41641;
description = "The port to listen on for tunnel traffic (0=autoselect).";
};
};
config = mkIf cfg.enable {
systemd.services.tailscale = {
description = "Tailscale client daemon";
after = [ "network-pre.target" ];
wants = [ "network-pre.target" ];
wantedBy = [ "multi-user.target" ];
unitConfig = {
StartLimitIntervalSec = 0;
StartLimitBurst = 0;
};
serviceConfig = {
ExecStart =
"${pkgs.tailscale}/bin/tailscaled --port ${toString cfg.port}";
RuntimeDirectory = "tailscale";
RuntimeDirectoryMode = 755;
StateDirectory = "tailscale";
StateDirectoryMode = 700;
Restart = "on-failure";
};
};
};
}

227
nixos/modules/system/boot/kernel.nix
View File

@ -192,139 +192,144 @@ in
###### implementation
config = mkIf (!config.boot.isContainer) {
config = mkMerge
[ (mkIf config.boot.initrd.enable {
boot.initrd.availableKernelModules =
[ # Note: most of these (especially the SATA/PATA modules)
# shouldn't be included by default since nixos-generate-config
# detects them, but I'm keeping them for now for backwards
# compatibility.
system.build = { inherit kernel; };
# Some SATA/PATA stuff.
"ahci"
"sata_nv"
"sata_via"
"sata_sis"
"sata_uli"
"ata_piix"
"pata_marvell"
system.modulesTree = [ kernel ] ++ config.boot.extraModulePackages;
# Standard SCSI stuff.
"sd_mod"
"sr_mod"
# Implement consoleLogLevel both in early boot and using sysctl
# (so you don't need to reboot to have changes take effect).
boot.kernelParams =
[ "loglevel=${toString config.boot.consoleLogLevel}" ] ++
optionals config.boot.vesa [ "vga=0x317" "nomodeset" ];
# SD cards and internal eMMC drives.
"mmc_block"
boot.kernel.sysctl."kernel.printk" = mkDefault config.boot.consoleLogLevel;
# Support USB keyboards, in case the boot fails and we only have
# a USB keyboard, or for LUKS passphrase prompt.
"uhci_hcd"
"ehci_hcd"
"ehci_pci"
"ohci_hcd"
"ohci_pci"
"xhci_hcd"
"xhci_pci"
"usbhid"
"hid_generic" "hid_lenovo" "hid_apple" "hid_roccat"
"hid_logitech_hidpp" "hid_logitech_dj"
boot.kernelModules = [ "loop" "atkbd" ];
] ++ optionals (pkgs.stdenv.isi686 || pkgs.stdenv.isx86_64) [
# Misc. x86 keyboard stuff.
"pcips2" "atkbd" "i8042"
boot.initrd.availableKernelModules =
[ # Note: most of these (especially the SATA/PATA modules)
# shouldn't be included by default since nixos-generate-config
# detects them, but I'm keeping them for now for backwards
# compatibility.
# x86 RTC needed by the stage 2 init script.
"rtc_cmos"
];
# Some SATA/PATA stuff.
"ahci"
"sata_nv"
"sata_via"
"sata_sis"
"sata_uli"
"ata_piix"
"pata_marvell"
boot.initrd.kernelModules =
[ # For LVM.
"dm_mod"
];
})
# Standard SCSI stuff.
"sd_mod"
"sr_mod"
(mkIf (!config.boot.isContainer) {
system.build = { inherit kernel; };
# SD cards and internal eMMC drives.
"mmc_block"
system.modulesTree = [ kernel ] ++ config.boot.extraModulePackages;
# Support USB keyboards, in case the boot fails and we only have
# a USB keyboard, or for LUKS passphrase prompt.
"uhci_hcd"
"ehci_hcd"
"ehci_pci"
"ohci_hcd"
"ohci_pci"
"xhci_hcd"
"xhci_pci"
"usbhid"
"hid_generic" "hid_lenovo" "hid_apple" "hid_roccat"
"hid_logitech_hidpp" "hid_logitech_dj"
# Implement consoleLogLevel both in early boot and using sysctl
# (so you don't need to reboot to have changes take effect).
boot.kernelParams =
[ "loglevel=${toString config.boot.consoleLogLevel}" ] ++
optionals config.boot.vesa [ "vga=0x317" "nomodeset" ];
] ++ optionals (pkgs.stdenv.isi686 || pkgs.stdenv.isx86_64) [
# Misc. x86 keyboard stuff.
"pcips2" "atkbd" "i8042"
boot.kernel.sysctl."kernel.printk" = mkDefault config.boot.consoleLogLevel;
# x86 RTC needed by the stage 2 init script.
"rtc_cmos"
];
boot.kernelModules = [ "loop" "atkbd" ];
boot.initrd.kernelModules =
[ # For LVM.
"dm_mod"
];
# The Linux kernel >= 2.6.27 provides firmware.
hardware.firmware = [ kernel ];
# The Linux kernel >= 2.6.27 provides firmware.
hardware.firmware = [ kernel ];
# Create /etc/modules-load.d/nixos.conf, which is read by
# systemd-modules-load.service to load required kernel modules.
environment.etc =
{ "modules-load.d/nixos.conf".source = kernelModulesConf;
};
systemd.services.systemd-modules-load =
{ wantedBy = [ "multi-user.target" ];
restartTriggers = [ kernelModulesConf ];
serviceConfig =
{ # Ignore failed module loads. Typically some of the
# modules in boot.kernelModules are "nice to have but
# not required" (e.g. acpi-cpufreq), so we don't want to
# barf on those.
SuccessExitStatus = "0 1";
# Create /etc/modules-load.d/nixos.conf, which is read by
# systemd-modules-load.service to load required kernel modules.
environment.etc =
{ "modules-load.d/nixos.conf".source = kernelModulesConf;
};
};
lib.kernelConfig = {
isYes = option: {
assertion = config: config.isYes option;
message = "CONFIG_${option} is not yes!";
configLine = "CONFIG_${option}=y";
};
systemd.services.systemd-modules-load =
{ wantedBy = [ "multi-user.target" ];
restartTriggers = [ kernelModulesConf ];
serviceConfig =
{ # Ignore failed module loads. Typically some of the
# modules in boot.kernelModules are "nice to have but
# not required" (e.g. acpi-cpufreq), so we don't want to
# barf on those.
SuccessExitStatus = "0 1";
};
};
isNo = option: {
assertion = config: config.isNo option;
message = "CONFIG_${option} is not no!";
configLine = "CONFIG_${option}=n";
};
lib.kernelConfig = {
isYes = option: {
assertion = config: config.isYes option;
message = "CONFIG_${option} is not yes!";
configLine = "CONFIG_${option}=y";
};
isModule = option: {
assertion = config: config.isModule option;
message = "CONFIG_${option} is not built as a module!";
configLine = "CONFIG_${option}=m";
};
isNo = option: {
assertion = config: config.isNo option;
message = "CONFIG_${option} is not no!";
configLine = "CONFIG_${option}=n";
};
### Usually you will just want to use these two
# True if yes or module
isEnabled = option: {
assertion = config: config.isEnabled option;
message = "CONFIG_${option} is not enabled!";
configLine = "CONFIG_${option}=y";
};
isModule = option: {
assertion = config: config.isModule option;
message = "CONFIG_${option} is not built as a module!";
configLine = "CONFIG_${option}=m";
};
# True if no or omitted
isDisabled = option: {
assertion = config: config.isDisabled option;
message = "CONFIG_${option} is not disabled!";
configLine = "CONFIG_${option}=n";
};
};
### Usually you will just want to use these two
# True if yes or module
isEnabled = option: {
assertion = config: config.isEnabled option;
message = "CONFIG_${option} is not enabled!";
configLine = "CONFIG_${option}=y";
};
# The config options that all modules can depend upon
system.requiredKernelConfig = with config.lib.kernelConfig; [
# !!! Should this really be needed?
(isYes "MODULES")
(isYes "BINFMT_ELF")
] ++ (optional (randstructSeed != "") (isYes "GCC_PLUGIN_RANDSTRUCT"));
# True if no or omitted
isDisabled = option: {
assertion = config: config.isDisabled option;
message = "CONFIG_${option} is not disabled!";
configLine = "CONFIG_${option}=n";
};
};
# nixpkgs kernels are assumed to have all required features
assertions = if config.boot.kernelPackages.kernel ? features then [] else
let cfg = config.boot.kernelPackages.kernel.config; in map (attrs:
{ assertion = attrs.assertion cfg; inherit (attrs) message; }
) config.system.requiredKernelConfig;
# The config options that all modules can depend upon
system.requiredKernelConfig = with config.lib.kernelConfig;
[
# !!! Should this really be needed?
(isYes "MODULES")
(isYes "BINFMT_ELF")
] ++ (optional (randstructSeed != "") (isYes "GCC_PLUGIN_RANDSTRUCT"));
};
# nixpkgs kernels are assumed to have all required features
assertions = if config.boot.kernelPackages.kernel ? features then [] else
let cfg = config.boot.kernelPackages.kernel.config; in map (attrs:
{ assertion = attrs.assertion cfg; inherit (attrs) message; }
) config.system.requiredKernelConfig;
})
];
}

13
nixos/modules/system/boot/stage-1.nix
View File

@ -390,6 +390,17 @@ in
'';
};
boot.initrd.enable = mkOption {
type = types.bool;
default = !config.boot.isContainer;
defaultText = "!config.boot.isContainer";
description = ''
Whether to enable the NixOS initial RAM disk (initrd). This may be
needed to perform some initialisation tasks (like mounting
network/encrypted file systems) before continuing the boot process.
'';
};
boot.initrd.prepend = mkOption {
default = [ ];
type = types.listOf types.str;
@ -555,7 +566,7 @@ in
};
config = mkIf (!config.boot.isContainer) {
config = mkIf config.boot.initrd.enable {
assertions = [
{ assertion = any (fs: fs.mountPoint == "/") fileSystems;
message = "The fileSystems option does not specify your root file system.";

1
nixos/tests/all-tests.nix
View File

@ -135,6 +135,7 @@ in
initrd-network-ssh = handleTest ./initrd-network-ssh {};
initrdNetwork = handleTest ./initrd-network.nix {};
installer = handleTest ./installer.nix {};
iodine = handleTest ./iodine.nix {};
ipv6 = handleTest ./ipv6.nix {};
jackett = handleTest ./jackett.nix {};
jellyfin = handleTest ./jellyfin.nix {};

63
nixos/tests/iodine.nix Normal file
View File

@ -0,0 +1,63 @@
import ./make-test-python.nix (
{ pkgs, ... }: let
domain = "whatever.example.com";
in
{
name = "iodine";
nodes = {
server =
{ ... }:
{
networking.firewall = {
allowedUDPPorts = [ 53 ];
trustedInterfaces = [ "dns0" ];
};
boot.kernel.sysctl = {
"net.ipv4.ip_forward" = 1;
"net.ipv6.ip_forward" = 1;
};
services.iodine.server = {
enable = true;
ip = "10.53.53.1/24";
passwordFile = "${builtins.toFile "password" "foo"}";
inherit domain;
};
# test resource: accessible only via tunnel
services.openssh = {
enable = true;
openFirewall = false;
};
};
client =
{ ... }: {
services.iodine.clients.testClient = {
# test that ProtectHome is "read-only"
passwordFile = "/root/pw";
relay = "server";
server = domain;
};
systemd.tmpfiles.rules = [
"f /root/pw 0666 root root - foo"
];
environment.systemPackages = [
pkgs.nagiosPluginsOfficial
];
};
};
testScript = ''
start_all()
server.wait_for_unit("sshd")
server.wait_for_unit("iodined")
client.wait_for_unit("iodine-testClient")
client.succeed("check_ssh -H 10.53.53.1")
'';
}
)

21
nixos/tests/matrix-synapse.nix
View File

@ -35,12 +35,31 @@ in {
nodes = {
# Since 0.33.0, matrix-synapse doesn't allow underscores in server names
serverpostgres = args: {
serverpostgres = { pkgs, ... }: {
services.matrix-synapse = {
enable = true;
database_type = "psycopg2";
tls_certificate_path = "${cert}";
tls_private_key_path = "${key}";
database_args = {
password = "synapse";
};
};
services.postgresql = {
enable = true;
# The database name and user are configured by the following options:
# - services.matrix-synapse.database_name
# - services.matrix-synapse.database_user
#
# The values used here represent the default values of the module.
initialScript = pkgs.writeText "synapse-init.sql" ''
CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse';
CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse"
TEMPLATE template0
LC_COLLATE = "C"
LC_CTYPE = "C";
'';
};
};

37
pkgs/applications/audio/aucatctl/default.nix Normal file
View File

@ -0,0 +1,37 @@
{ stdenv, fetchurl, sndio, libbsd }:
stdenv.mkDerivation rec {
pname = "aucatctl";
version = "0.1";
src = fetchurl {
url = "http://www.sndio.org/${pname}-${version}.tar.gz";
sha256 = "524f2fae47db785234f166551520d9605b9a27551ca438bd807e3509ce246cf0";
};
buildInputs = [ sndio ]
++ stdenv.lib.optional (!stdenv.isDarwin && !stdenv.targetPlatform.isBSD)
libbsd;
outputs = [ "out" "man" ];
preBuild = ''
makeFlagsArray+=("PREFIX=$out")
'' + stdenv.lib.optionalString
(!stdenv.isDarwin && !stdenv.targetPlatform.isBSD) ''
makeFlagsArray+=(LDADD="-lsndio -lbsd")
# Fix warning about implicit declaration of function 'strlcpy'
substituteInPlace aucatctl.c \
--replace '#include <string.h>' '#include <bsd/string.h>'
'';
meta = with stdenv.lib; {
description =
"The aucatctl utility sends MIDI messages to control sndiod and/or aucat volumes";
homepage = "http://www.sndio.org";
license = licenses.isc;
maintainers = with maintainers; [ sna ];
platforms = platforms.unix;
};
}

2
pkgs/applications/audio/clementine/default.nix
View File

@ -125,7 +125,7 @@ let
mkdir -p $out/share
for dir in applications icons kde4; do
ln -s "$free/share/$dir" "$out/share/$dir"
ln -s "${free}/share/$dir" "$out/share/$dir"
done
'';
enableParallelBuilding = true;

33
pkgs/applications/audio/cmt/default.nix Normal file
View File

@ -0,0 +1,33 @@
{ stdenv
, fetchurl
, ladspaH
}:
stdenv.mkDerivation rec {
name = "cmt";
version = "1.17";
src = fetchurl {
url = "http://www.ladspa.org/download/${name}_${version}.tgz";
sha256 = "07xd0xmwpa0j12813jpf87fr9hwzihii5l35mp8ady7xxfmxfmpb";
};
buildInputs = [ ladspaH ];
preBuild = ''
cd src
'';
installFlags = [ "INSTALL_PLUGINS_DIR=${placeholder "out"}/lib/ladspa" ];
preInstall = ''
mkdir -p $out/lib/ladspa
'';
meta = with stdenv.lib; {
description = "Computer Music Toolkit";
homepage = "https://www.ladspa.org/cmt";
license = licenses.gpl2;
platforms = platforms.linux;
maintainers = with maintainers; [ sjfloat ];
};
}

4
pkgs/applications/audio/mopidy/iris.nix
View File

@ -2,11 +2,11 @@
python3Packages.buildPythonApplication rec {
pname = "Mopidy-Iris";
version = "3.45.1";
version = "3.46.0";
src = python3Packages.fetchPypi {
inherit pname version;
sha256 = "02jmylz76wlwxlv8drndprb7r9l8kqqgjkp17mjx5ngnl545pc2w";
sha256 = "0c7b6zbcj4bq5qsxvhjwqclrl1k2hs3wb50pfjbw7gs7m3gm2b7d";
};
propagatedBuildInputs = [

51
pkgs/applications/audio/soundtracker/default.nix Normal file
View File

@ -0,0 +1,51 @@
{ stdenv
, fetchurl
, pkg-config
, autoconf
, gtk2
, alsaLib
, SDL
, jack2
, goocanvas # graphical envelope editing
}:
stdenv.mkDerivation rec {
pname = "soundtracker";
version = "1.0.0.1";
src = fetchurl {
# Past releases get moved to the "old releases" directory.
# Only the latest release (currently a prerelease) is at the top level.
url = "mirror://sourceforge/soundtracker/old%20releases/soundtracker-${version}.tar.bz2";
sha256 = "1ggliswz5ngmlnrnyhv3x1arh5w77an0ww9p53cddp9aas5q11jm";
};
nativeBuildInputs = [
pkg-config
autoconf
];
buildInputs = [
gtk2
SDL
jack2
goocanvas
] ++ stdenv.lib.optional stdenv.isLinux alsaLib;
meta = with stdenv.lib; {
description = "A music tracking tool similar in design to the DOS program FastTracker and the Amiga legend ProTracker";
longDescription = ''
SoundTracker is a pattern-oriented music editor (similar to the DOS
program 'FastTracker'). Samples are lined up on tracks and patterns
which are then arranged to a song. Supported module formats are XM and
MOD; the player code is the one from OpenCP. A basic sample recorder
and editor is also included.
'';
homepage = "http://www.soundtracker.org/";
downloadPage = "https://sourceforge.net/projects/soundtracker/files/";
license = licenses.gpl2Plus;
maintainers = with maintainers; [ fgaz ];
platforms = platforms.all;
# gdk/gdkx.h not found
broken = stdenv.isDarwin;
};
}

4
pkgs/applications/audio/vorbis-tools/default.nix
View File

@ -3,8 +3,8 @@
let
debPatch = fetchzip {
url = "mirror://debian/pool/main/v/vorbis-tools/vorbis-tools_1.4.0-6.debian.tar.xz";
sha256 = "1xmmpdvxyr84lazlg23c6ck5ic97ga2rkiqabb1d98ix2zdzyqz5";
url = "mirror://debian/pool/main/v/vorbis-tools/vorbis-tools_1.4.0-11.debian.tar.xz";
sha256 = "0kvmd5nslyqplkdb7pnmqj47ir3y5lmaxd12wmrnqh679a8jhcyi";
};
in
stdenv.mkDerivation {

16
pkgs/applications/blockchains/zcash/default.nix
View File

@ -7,15 +7,19 @@ with stdenv.lib;
stdenv.mkDerivation rec {
pname = "zcash";
version = "2.1.0-1";
version = "2.1.1-1";
src = fetchFromGitHub {
owner = "zcash";
repo = "zcash";
rev = "v${version}";
sha256 = "05bnn4lxrrcv1ha3jdfrgwg4ar576161n3j9d4gpc14ww3zgf9vz";
sha256 = "1g5zlfzfp31my8w8nlg5fncpr2y95iv9fm04x57sjb93rgmjdh5n";
};
patchPhase = ''
sed -i"" 's,-fvisibility=hidden,,g' src/Makefile.am
'';
nativeBuildInputs = [ autoreconfHook pkgconfig ];
buildInputs = [ gtest gmock gmp openssl wget db62 boost17x zlib
protobuf libevent libsodium librustzcash ]
@ -23,17 +27,15 @@ stdenv.mkDerivation rec {
configureFlags = [ "--with-boost-libdir=${boost17x.out}/lib" ];
patchPhase = ''
sed -i"" 's,-fvisibility=hidden,,g' src/Makefile.am
'';
postInstall = ''
cp zcutil/fetch-params.sh $out/bin/zcash-fetch-params
'';
enableParallelBuilding = true;
meta = {
description = "Peer-to-peer, anonymous electronic cash system";
homepage = https://z.cash/;
homepage = "https://z.cash/";
maintainers = with maintainers; [ rht tkerber ];
license = licenses.mit;
platforms = platforms.linux;

16
pkgs/applications/blockchains/zcash/librustzcash/default.nix
View File

@ -1,20 +1,17 @@
{ stdenv, fetchFromGitHub, rustPlatform }:
rustPlatform.buildRustPackage rec {
pname = "librustzcash-unstable";
version = "2018-10-27";
pname = "librustzcash";
version = "0.1.0";
src = fetchFromGitHub {
owner = "zcash";
repo = "librustzcash";
rev = "06da3b9ac8f278e5d4ae13088cf0a4c03d2c13f5";
sha256 = "0md0pp3k97iv7kfjpfkg14pjanhrql4vafa8ggbxpkajv1j4xldv";
rev = version;
sha256 = "0d28k29sgzrg9clynz29kpw50kbkp0a4dfdayqhmpjmsh05y6261";
};
# Delete this on next update; see #79975 for details
legacyCargoFetcher = true;
cargoSha256 = "166v8cxlpfslbs5gljbh7wp0lxqakayw47ikxm9r9a39n7j36mq1";
cargoSha256 = "1wzyrcmcbrna6rjzw19c4lq30didzk4w6fs6wmvxp0xfg4qqdlax";
installPhase = ''
mkdir -p $out/lib
@ -23,11 +20,12 @@ rustPlatform.buildRustPackage rec {
cp librustzcash/include/librustzcash.h $out/include/
'';
# The tests do pass, but they take an extremely long time to run.
doCheck = false;
meta = with stdenv.lib; {
description = "Rust-language assets for Zcash";
homepage = https://github.com/zcash/librustzcash;
homepage = "https://github.com/zcash/librustzcash";
maintainers = with maintainers; [ rht tkerber ];
license = with licenses; [ mit asl20 ];
platforms = platforms.unix;

21
pkgs/applications/editors/emacs-modes/elpa-generated.nix generated
View File

@ -1070,10 +1070,10 @@
elpaBuild {
pname = "elisp-benchmarks";
ename = "elisp-benchmarks";
version = "1.2";
version = "1.3";
src = fetchurl {
url = "https://elpa.gnu.org/packages/elisp-benchmarks-1.2.tar";
sha256 = "0grm4qw3aaf3hzrfg0vdgb5q67haappbc77qjgsy4jip85z7njmj";
url = "https://elpa.gnu.org/packages/elisp-benchmarks-1.3.tar";
sha256 = "05a891mwbz50q3a44irbf2w4wlp5dm2yxwcvxqrckvpjm1amndmf";
};
packageRequires = [];
meta = {
@ -3365,6 +3365,21 @@
license = lib.licenses.free;
};
}) {};
vcard = callPackage ({ elpaBuild, emacs, fetchurl, lib }:
elpaBuild {
pname = "vcard";
ename = "vcard";
version = "0.1";
src = fetchurl {
url = "https://elpa.gnu.org/packages/vcard-0.1.tar";
sha256 = "1awcm2s292r2nkyz5bwjaga46jsh5rn92469wrg1ag843mlyxbd0";
};
packageRequires = [ emacs ];
meta = {
homepage = "https://elpa.gnu.org/packages/vcard.html";
license = lib.licenses.free;
};
}) {};
vcl-mode = callPackage ({ elpaBuild, fetchurl, lib }:
elpaBuild {
pname = "vcl-mode";

1181
pkgs/applications/editors/emacs-modes/recipes-archive-melpa.json
View File

File diff suppressed because it is too large Load Diff

4
pkgs/applications/editors/emacs/default.nix
View File

@ -7,7 +7,7 @@
, withNS ? stdenv.isDarwin
, withGTK2 ? false, gtk2-x11 ? null
, withGTK3 ? true, gtk3-x11 ? null, gsettings-desktop-schemas ? null
, withXwidgets ? false, webkitgtk ? null, wrapGAppsHook ? null
, withXwidgets ? false, webkitgtk ? null, wrapGAppsHook ? null, glib-networking ? null
, withCsrc ? true
, srcRepo ? false, autoconf ? null, automake ? null, texinfo ? null
, siteStart ? ./site-start.el
@ -67,7 +67,7 @@ stdenv.mkDerivation rec {
++ lib.optional (withX && withGTK2) gtk2-x11
++ lib.optionals (withX && withGTK3) [ gtk3-x11 gsettings-desktop-schemas ]
++ lib.optional (stdenv.isDarwin && withX) cairo
++ lib.optionals (withX && withXwidgets) [ webkitgtk ]
++ lib.optionals (withX && withXwidgets) [ webkitgtk glib-networking ]
++ lib.optionals withNS [ AppKit GSS ImageIO ];
hardeningDisable = [ "format" ];

10
pkgs/applications/editors/neovim/wrapper.nix
View File

@ -95,6 +95,16 @@ let
'' + optionalString (configure != {}) ''
echo "Generating remote plugin manifest"
export NVIM_RPLUGIN_MANIFEST=$out/rplugin.vim
# Some plugins assume that the home directory is accessible for
# initializing caches, temporary files, etc. Even if the plugin isn't
# actively used, it may throw an error as soon as Neovim is launched
# (e.g., inside an autoload script), causing manifest generation to
# fail. Therefore, let's create a fake home directory before generating
# the manifest, just to satisfy the needs of these plugins.
#
# See https://github.com/Yggdroot/LeaderF/blob/v1.21/autoload/lfMru.vim#L10
# for an example of this behavior.
export HOME="$(mktemp -d)"
# Launch neovim with a vimrc file containing only the generated plugin
# code. Pass various flags to disable temp file generation
# (swap/viminfo) and redirect errors to stderr.

6
pkgs/applications/gis/openorienteering-mapper/default.nix
View File

@ -4,7 +4,7 @@
stdenv.mkDerivation rec {
pname = "OpenOrienteering-Mapper";
version = "0.9.1";
version = "0.9.2";
buildInputs = [ gdal qtbase qttools qtlocation qtimageformats
qtsensors clipper zlib proj doxygen cups];
@ -15,7 +15,7 @@ stdenv.mkDerivation rec {
owner = "OpenOrienteering";
repo = "mapper";
rev = "v${version}";
sha256 = "1fyhvf2y89hj7wj89kxccx3dqcja6ndy3w4rx1vmzrp246jpz7wb";
sha256 = "1787f2agjzcyizk2m60icb44yv9dlwv6irw3k53fqfmwkhkd2h5p";
};
cmakeFlags =
@ -54,7 +54,7 @@ stdenv.mkDerivation rec {
OpenOrienteering Mapper is an orienteering mapmaking program
and provides a free alternative to the existing proprietary solution.
'';
homepage = https://www.openorienteering.org/apps/mapper/;
homepage = "https://www.openorienteering.org/apps/mapper/";
license = licenses.gpl3;
platforms = with platforms; linux ++ darwin;
maintainers = with maintainers; [ mpickering sikmir ];

8
pkgs/applications/gis/saga/default.nix
View File

@ -4,7 +4,7 @@
stdenv.mkDerivation {
pname = "saga";
version = "7.5.0";
version = "7.6.1";
# See https://groups.google.com/forum/#!topic/nix-devel/h_vSzEJAPXs
# for why the have additional buildInputs on darwin
@ -18,13 +18,13 @@ stdenv.mkDerivation {
CXXFLAGS = stdenv.lib.optionalString stdenv.cc.isClang "-std=c++11 -Wno-narrowing";
src = fetchurl {
url = "https://sourceforge.net/projects/saga-gis/files/SAGA%20-%207/SAGA%20-%207.5.0/saga-7.5.0.tar.gz";
sha256 = "0s5195802xwlkb2w4i4vd9ys95d7fnzn5cnnixh1csaqc2x1qp6r";
url = "https://sourceforge.net/projects/saga-gis/files/SAGA%20-%207/SAGA%20-%207.6.1/saga-7.6.1.tar.gz";
sha256 = "1i0cp1lms6cmjl7f5vgr9pl3qc02fmappn4kq21y0dn2gy7j2mkn";
};
meta = with stdenv.lib; {
description = "System for Automated Geoscientific Analyses";
homepage = http://www.saga-gis.org;
homepage = "http://www.saga-gis.org";
license = licenses.gpl2Plus;
maintainers = with maintainers; [ michelk mpickering ];
platforms = with platforms; unix;

42
pkgs/applications/graphics/jbrout/default.nix
View File

@ -1,42 +0,0 @@
{ stdenv, fetchsvn, pythonPackages, makeWrapper, fbida, which }:
let
inherit (pythonPackages) python;
in pythonPackages.buildPythonApplication rec {
pname = "jbrout";
version = "338";
src = fetchsvn {
url = "http://jbrout.googlecode.com/svn/trunk";
rev = version;
sha256 = "0257ni4vkxgd0qhs73fw5ppw1qpf11j8fgwsqc03b1k1yv3hk4hf";
};
doCheck = false;
# XXX: patchPhase to avoid this
# File "/nix/store/vnyjxn6h3rbrn49m25yyw7i1chlxglhw-python-2.7.1/lib/python2.7/zipfile.py", line 348, in FileHeader
# len(filename), len(extra))
#struct.error: ushort format requires 0 <= number <= USHRT_MAX
patchPhase = ''
find | xargs touch
substituteInPlace setup.py --replace "version=__version__" "version=baseVersion"
'';
postInstall = ''
mkdir $out/bin
echo "python $out/${python.sitePackages}/jbrout/jbrout.py" > $out/bin/jbrout
chmod +x $out/bin/jbrout
'';
buildInputs = [ python makeWrapper which ];
propagatedBuildInputs = with pythonPackages; [ pillow lxml pyGtkGlade pyexiv2 fbida ];
meta = {
homepage = https://manatlan.com/jbrout/;
description = "Photo manager";
platforms = stdenv.lib.platforms.linux;
license = stdenv.lib.licenses.gpl2Plus;
};
}

12
pkgs/applications/graphics/rx/default.nix
View File

@ -1,5 +1,5 @@
{ stdenv, rustPlatform, fetchFromGitHub, makeWrapper
, cmake, pkgconfig
, cmake, pkg-config
, xorg ? null
, libGL ? null }:
@ -7,18 +7,18 @@ with stdenv.lib;
rustPlatform.buildRustPackage rec {
pname = "rx";
version = "0.3.2";
version = "0.4.0";
src = fetchFromGitHub {
owner = "cloudhead";
repo = pname;
rev = "v${version}";
sha256 = "1n5s7v2z13550gkqz7w6dw62jdy60wdi8w1lfa23609b4yhg4w94";
sha256 = "1pln65pqy39ijrld11d06klwzfhhzmrgdaxijpx9q7w9z66zmqb8";
};
cargoSha256 = "077cs9bf7f3h5aschcv7pbbnpaq1rg79j7f6pnyrzkmn7gxzicg3";
cargoSha256 = "143a5x61s7ywk0ljqd10jkfvs6lrhlibkm2a9lw41wq13mgzb78j";
nativeBuildInputs = [ cmake pkgconfig makeWrapper ];
nativeBuildInputs = [ cmake pkg-config makeWrapper ];
buildInputs = optionals stdenv.isLinux
(with xorg; [
@ -37,7 +37,7 @@ rustPlatform.buildRustPackage rec {
meta = {
description = "Modern and extensible pixel editor implemented in Rust";
homepage = "https://cloudhead.io/rx/";
homepage = "https://rx.cloudhead.io/";
license = licenses.gpl3;
maintainers = with maintainers; [ minijackson filalex77 ];
platforms = [ "x86_64-linux" ];

4
pkgs/applications/misc/blender/default.nix
View File

@ -1,7 +1,7 @@
{ config, stdenv, lib, fetchurl, boost, cmake, ffmpeg, gettext, glew
, ilmbase, libXi, libX11, libXext, libXrender
, libjpeg, libpng, libsamplerate, libsndfile
, libtiff, libGLU, libGL, openal, opencolorio, openexr, openimageio2, openjpeg, python3Packages
, libtiff, libGLU, libGL, openal, opencolorio, openexr, openimagedenoise, openimageio2, openjpeg, python3Packages
, openvdb, libXxf86vm, tbb, alembic
, zlib, fftw, opensubdiv, freetype, jemalloc, ocl-icd, addOpenGLRunpath
, jackaudioSupport ? false, libjack2
@ -30,7 +30,7 @@ stdenv.mkDerivation rec {
buildInputs =
[ boost ffmpeg gettext glew ilmbase
freetype libjpeg libpng libsamplerate libsndfile libtiff
opencolorio openexr openimageio2 openjpeg python zlib fftw jemalloc
opencolorio openexr openimagedenoise openimageio2 openjpeg python zlib fftw jemalloc
alembic
(opensubdiv.override { inherit cudaSupport; })
tbb

8
pkgs/applications/misc/cura/default.nix
View File

@ -2,20 +2,20 @@
mkDerivation rec {
pname = "cura";
version = "4.4.0";
version = "4.5.0";
src = fetchFromGitHub {
owner = "Ultimaker";
repo = "Cura";
rev = "v${version}";
sha256 = "131n36qhdfky584wr3zv73ckjjprwaqb5fih8yln2syf8b7ziwlz";
rev = version;
sha256 = "0fm04s912sgmr66wyb55ly4jh39ijsj6lx4fx9wn7hchlqmw5jxi";
};
materials = fetchFromGitHub {
owner = "Ultimaker";
repo = "fdm_materials";
rev = version;
sha256 = "141cv1f2pv2pznhgj32zg8bw3kmw9002g6rx16jq7lhclr0x3xls";
sha256 = "0fgkwz1anw49macq1jxjhjr79slhmx7g3zwij7g9fqyzzhrrmwqn";
};
buildInputs = [ qtbase qtquickcontrols2 qtgraphicaleffects ];

6
pkgs/applications/misc/curaengine/default.nix
View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "curaengine";
version = "4.4.0";
version = "4.5.0";
src = fetchFromGitHub {
owner = "Ultimaker";
repo = "CuraEngine";
rev = version;
sha256 = "1m89bp4g0dldh7vv1clj110m29ajiaghdq7b49mb3y8ifgrf8rdi";
sha256 = "1gml8f6yqmghgncl1zggs7h2hdh05wf68jw9npg0gh7n9l7yzkk4";
};
nativeBuildInputs = [ cmake ];
@ -18,7 +18,7 @@ stdenv.mkDerivation rec {
meta = with stdenv.lib; {
description = "A powerful, fast and robust engine for processing 3D models into 3D printing instruction";
homepage = https://github.com/Ultimaker/CuraEngine;
homepage = "https://github.com/Ultimaker/CuraEngine";
license = licenses.agpl3;
platforms = platforms.linux;
maintainers = with maintainers; [ abbradar gebner ];

6
pkgs/applications/misc/hugo/default.nix
View File

@ -2,7 +2,7 @@
buildGoModule rec {
pname = "hugo";
version = "0.67.0";
version = "0.67.1";
goPackagePath = "github.com/gohugoio/hugo";
@ -10,10 +10,10 @@ buildGoModule rec {
owner = "gohugoio";
repo = pname;
rev = "v${version}";
sha256 = "0rgwrcs1ydwccyf714zpn3427p8zlwynn0q1v8k5j63zxr91jdbq";
sha256 = "0q55f8w0drc1miqziqp8r064h7900hrgj7nixxs71cb1p8ih4cq3";
};
modSha256 = "1f320zbqnv2ybsp3qmlgn3rsjgp2zdb24qjd3gcys30mw48cx3na";
modSha256 = "0s7a13jkhsr6h19a9ysr8877imac5skdray0zg2qgwrapic2nw17";
buildFlags = [ "-tags" "extended" ];

83
pkgs/applications/misc/megasync/default.nix
View File

@ -1,50 +1,22 @@
{ stdenv
, autoconf
, automake
, c-ares
, cryptopp
, curl
, doxygen
, fetchFromGitHub
, ffmpeg
, libmediainfo
, libraw
, libsodium
, libtool
, libuv
, libzen
, lsb-release
, mkDerivation
, pkgconfig
, qtbase
, qttools
, sqlite
, swig
, unzip
, wget
}:
{ stdenv, autoconf, automake, c-ares, cryptopp, curl, doxygen, fetchFromGitHub
, fetchpatch, ffmpeg, libmediainfo, libraw, libsodium, libtool, libuv, libzen
, lsb-release, mkDerivation, pkgconfig, qtbase, qttools, sqlite, swig, unzip
, wget }:
mkDerivation rec {
pname = "megasync";
version = "4.2.3.0";
version = "4.3.0.8";
src = fetchFromGitHub {
owner = "meganz";
repo = "MEGAsync";
rev = "v${version}_Linux";
sha256 = "0l4yfrxjb62vc9dnlzy8rjqi68ga1bys5x5rfzs40daw13yf1adv";
sha256 = "1rhxkc6j3039rcsi8cxy3n00g6w7acir82ymnksbpsnp4yxqv5r3";
fetchSubmodules = true;
};
nativeBuildInputs = [
autoconf
automake
doxygen
lsb-release
pkgconfig
qttools
swig
];
nativeBuildInputs =
[ autoconf automake doxygen lsb-release pkgconfig qttools swig ];
buildInputs = [
c-ares
cryptopp
@ -85,21 +57,21 @@ mkDerivation rec {
'';
configureFlags = [
"--disable-examples"
"--disable-java"
"--disable-php"
"--enable-chat"
"--with-cares"
"--with-cryptopp"
"--with-curl"
"--with-ffmpeg"
"--without-freeimage" # unreferenced even when found
"--without-readline"
"--without-termcap"
"--with-sodium"
"--with-sqlite"
"--with-zlib"
];
"--disable-examples"
"--disable-java"
"--disable-php"
"--enable-chat"
"--with-cares"
"--with-cryptopp"
"--with-curl"
"--with-ffmpeg"
"--without-freeimage" # unreferenced even when found
"--without-readline"
"--without-termcap"
"--with-sodium"
"--with-sqlite"
"--with-zlib"
];
postConfigure = ''
cd ../..
@ -114,10 +86,11 @@ mkDerivation rec {
'';
meta = with stdenv.lib; {
description = "Easy automated syncing between your computers and your MEGA Cloud Drive";
homepage = https://mega.nz/;
license = licenses.unfree;
platforms = [ "i686-linux" "x86_64-linux" ];
description =
"Easy automated syncing between your computers and your MEGA Cloud Drive";
homepage = "https://mega.nz/";
license = licenses.unfree;
platforms = [ "i686-linux" "x86_64-linux" ];
maintainers = [ maintainers.michojel ];
};
}

16
pkgs/applications/misc/toggldesktop/default.nix
View File

@ -1,4 +1,4 @@
{ stdenv, fetchzip, buildEnv, makeDesktopItem, runCommand, writeText, pkgconfig
{ mkDerivation, lib, fetchzip, buildEnv, makeDesktopItem, runCommand, writeText, pkgconfig
, cmake, qmake, cacert, jsoncpp, libX11, libXScrnSaver, lua, openssl, poco
, qtbase, qtwebengine, qtx11extras, sqlite }:
@ -11,7 +11,7 @@ let
sha256 = "01hqkx9dljnhwnyqi6mmzfp02hnbi2j50rsfiasniqrkbi99x9v1";
};
bugsnag-qt = stdenv.mkDerivation rec {
bugsnag-qt = mkDerivation rec {
pname = "bugsnag-qt";
version = "20180522.005732";
@ -24,7 +24,7 @@ let
buildInputs = [ qtbase ];
};
qxtglobalshortcut = stdenv.mkDerivation rec {
qxtglobalshortcut = mkDerivation rec {
pname = "qxtglobalshortcut";
version = "f584471dada2099ba06c574bdfdd8b078c2e3550";
@ -37,7 +37,7 @@ let
buildInputs = [ qtbase qtx11extras ];
};
qt-oauth-lib = stdenv.mkDerivation rec {
qt-oauth-lib = mkDerivation rec {
pname = "qt-oauth-lib";
version = "20190125.190943";
@ -62,7 +62,7 @@ let
mkdir -p $out/lib/pkgconfig && ln -s ${poco-pc} $_/poco.pc
'';
libtoggl = stdenv.mkDerivation {
libtoggl = mkDerivation {
name = "libtoggl-${version}";
inherit src version;
@ -77,7 +77,7 @@ let
'';
};
toggldesktop = stdenv.mkDerivation {
toggldesktop = mkDerivation {
name = "${name}-unwrapped";
inherit src version;
@ -108,7 +108,7 @@ let
];
};
toggldesktop-icons = stdenv.mkDerivation {
toggldesktop-icons = mkDerivation {
name = "${name}-icons";
inherit (toggldesktop) src sourceRoot;
@ -138,7 +138,7 @@ buildEnv {
inherit name;
paths = [ desktopItem toggldesktop-icons toggldesktop-wrapped ];
meta = with stdenv.lib; {
meta = with lib; {
description = "Client for Toggl time tracking service";
homepage = https://github.com/toggl/toggldesktop;
license = licenses.bsd3;

6
pkgs/applications/networking/browsers/tor-browser-bundle-bin/default.nix
View File

@ -90,19 +90,19 @@ let
fteLibPath = makeLibraryPath [ stdenv.cc.cc gmp ];
# Upstream source
version = "9.0.5";
version = "9.0.6";
lang = "en-US";
srcs = {
x86_64-linux = fetchurl {
url = "https://dist.torproject.org/torbrowser/${version}/tor-browser-linux64-${version}_${lang}.tar.xz";
sha256 = "1d4c3mrvqd6v086mwn3rnv776y2j3y45agnd0k5njqnmr53ybn2s";
sha256 = "1vk1pww8zmpjd5snyfz0if9v17g140ymlp6navxp28snzlffahss";
};
i686-linux = fetchurl {
url = "https://dist.torproject.org/torbrowser/${version}/tor-browser-linux32-${version}_${lang}.tar.xz";
sha256 = "040nh79hjkg5afvzshzhp7588dbi1pcpjsyk8phfqaapds74ma8y";
sha256 = "0bhikdilfz31iilgb48mayy9f4lilycq24pqsrq7w3dqdjg4v55v";
};
};
in

22
pkgs/applications/networking/cluster/docker-machine/hyperkit.nix Normal file
View File

@ -0,0 +1,22 @@
{ lib, buildGoModule, minikube }:
buildGoModule rec {
inherit (minikube) version src nativeBuildInputs buildInputs goPackagePath preBuild;
pname = "docker-machine-hyperkit";
subPackages = [ "cmd/drivers/hyperkit" ];
modSha256 = minikube.go-modules.outputHash;
postInstall = ''
mv $out/bin/hyperkit $out/bin/docker-machine-driver-hyperkit
'';
meta = with lib; {
homepage = https://github.com/kubernetes/minikube/blob/master/docs/drivers.md;
description = "HyperKit driver for docker-machine.";
license = licenses.asl20;
maintainers = with maintainers; [ atkinschang ];
platforms = platforms.darwin;
};
}

22
pkgs/applications/networking/cluster/docker-machine/kvm2.nix
View File

@ -1,32 +1,22 @@
{ stdenv, buildGoModule, libvirt, pkgconfig, minikube }:
{ lib, buildGoModule, minikube }:
buildGoModule rec {
pname = "docker-machine-kvm2";
version = minikube.version;
inherit (minikube) version src nativeBuildInputs buildInputs goPackagePath preBuild;
goPackagePath = "k8s.io/minikube";
pname = "docker-machine-kvm2";
subPackages = [ "cmd/drivers/kvm" ];
src = minikube.src;
modSha256 = minikube.go-modules.outputHash;
nativeBuildInputs = [ pkgconfig ];
buildInputs = [ libvirt ];
preBuild = ''
export buildFlagsArray=(-ldflags="-X k8s.io/minikube/pkg/drivers/kvm/version.VERSION=v${version}")
'';
modSha256 = minikube.go-modules.outputHash;
postInstall = ''
mv $out/bin/kvm $out/bin/docker-machine-driver-kvm2
'';
meta = with stdenv.lib; {
meta = with lib; {
homepage = https://github.com/kubernetes/minikube/blob/master/docs/drivers.md;
description = "KVM2 driver for docker-machine.";
license = licenses.asl20;
maintainers = with maintainers; [ tadfisher ];
maintainers = with maintainers; [ tadfisher atkinschang ];
platforms = platforms.unix;
};
}

31
pkgs/applications/networking/cluster/habitat/default.nix
View File

@ -1,27 +1,23 @@
{ lib, fetchFromGitHub, rustPlatform, pkgconfig
, libsodium, libarchive, openssl }:
{ stdenv, fetchFromGitHub, rustPlatform, pkgconfig
, libsodium, libarchive, openssl, zeromq }:
with rustPlatform;
buildRustPackage rec {
rustPlatform.buildRustPackage rec {
pname = "habitat";
version = "0.30.2";
# Newer versions required protobuf, which requires some finesse to get to
# compile with the vendored protobuf crate.
version = "0.90.6";
src = fetchFromGitHub {
owner = "habitat-sh";
repo = "habitat";
rev = version;
sha256 = "0pqrm85pd9hqn5fwqjbyyrrfh4k7q9mi9qy9hm8yigk5l8mw44y1";
sha256 = "0rwi0lkmhlq4i8fba3s9nd9ajhz2dqxzkgfp5i8y0rvbfmhmfd6b";
};
# Delete this on next update; see #79975 for details
legacyCargoFetcher = true;
cargoSha256 = "1ahfm5agvabqqqgjsyjb95xxbc7mng1mdyclcakwp1m1qdkxx9p0";
buildInputs = [ libsodium libarchive openssl ];
cargoSha256 = "08sncz0jgsr2s821j3s4bk7d54xqwmnld7m57avavym1xqvsnbmy";
nativeBuildInputs = [ pkgconfig ];
buildInputs = [ libsodium libarchive openssl zeromq ];
cargoBuildFlags = ["--package hab"];
@ -32,12 +28,11 @@ buildRustPackage rec {
runHook postCheck
'';
meta = with lib; {
meta = with stdenv.lib; {
description = "An application automation framework";
homepage = https://www.habitat.sh;
homepage = "https://www.habitat.sh";
license = licenses.asl20;
maintainers = [ maintainers.rushmorem ];
platforms = [ "x86_64-linux" "x86_64-darwin" ];
broken = true; # mark temporary as broken due git dependencies
maintainers = with maintainers; [ rushmorem ];
platforms = [ "x86_64-linux" ];
};
}

8
pkgs/applications/networking/cluster/hetzner-kube/default.nix
View File

@ -2,16 +2,16 @@
buildGoModule rec {
pname = "hetzner-kube";
version = "0.4.1";
version = "0.5.1";
src = fetchFromGitHub {
owner = "xetys";
repo = "hetzner-kube";
rev = version;
sha256 = "11202i3340vaz8xh59gwj5x0djcgbzq9jfy2214lcpml71qc85f0";
sha256 = "1iqgpmljqx6rhmvsir2675waj78amcfiw08knwvlmavjgpxx2ysw";
};
modSha256 = "1j04xyjkz7jcqrs5p5z94jqagrzcxjr9m3lyp8i91c0ymxf5m2g3";
modSha256 = "0jjrk93wdi13wrb5gchhqk7rgwm74kcizrbqsibgkgs2dszwfazh";
buildFlagsArray = ''
-ldflags=
@ -20,7 +20,7 @@ buildGoModule rec {
meta = {
description = "A CLI tool for provisioning Kubernetes clusters on Hetzner Cloud";
homepage = https://github.com/xetys/hetzner-kube;
homepage = "https://github.com/xetys/hetzner-kube";
license = lib.licenses.asl20;
maintainers = with lib.maintainers; [ eliasp ];
platforms = lib.platforms.unix;

25
pkgs/applications/networking/cluster/kubeval/default.nix
View File

@ -1,26 +1,5 @@
{ stdenv, lib, fetchFromGitHub, buildGoModule, makeWrapper }:
let
# Cache schema as a package so network calls are not
# necessary at runtime, allowing use in package builds
schema = stdenv.mkDerivation {
name = "kubeval-schema";
src = fetchFromGitHub {
owner = "instrumenta";
repo = "kubernetes-json-schema";
rev = "6a498a60dc68c5f6a1cc248f94b5cd1e7241d699";
sha256 = "1y9m2ma3n4h7sf2lg788vjw6pkfyi0fa7gzc870faqv326n6x2jr";
};
installPhase = ''
mkdir -p $out/kubernetes-json-schema/master
cp -R . $out/kubernetes-json-schema/master
'';
};
in
buildGoModule rec {
pname = "kubeval";
version = "0.14.0";
@ -32,12 +11,8 @@ buildGoModule rec {
sha256 = "0kpwk7bv36m3i8vavm1pqc8l611c6l9qbagcc64v6r85qig4w5xv";
};
buildInputs = [ makeWrapper ];
modSha256 = "0y9x44y3bchi8xg0a6jmp2rmi8dybkl6qlywb6nj1viab1s8dd4y";
postFixup = "wrapProgram $out/bin/kubeval --set KUBEVAL_SCHEMA_LOCATION file:///${schema}/kubernetes-json-schema/master";
meta = with lib; {
description = "Validate your Kubernetes configuration files";
homepage = https://github.com/instrumenta/kubeval;

15
pkgs/applications/networking/cluster/kubeval/schema.nix Normal file
View File

@ -0,0 +1,15 @@
{ fetchFromGitHub }:
# To cache schema as a package so network calls are not
# necessary at runtime, allowing use in package builds you can use the following:
# KUBEVAL_SCHEMA_LOCATION="file:///${kubeval-schema}";
(fetchFromGitHub {
name = "kubeval-schema";
owner = "instrumenta";
repo = "kubernetes-json-schema";
rev = "6a498a60dc68c5f6a1cc248f94b5cd1e7241d699";
sha256 = "1y9m2ma3n4h7sf2lg788vjw6pkfyi0fa7gzc870faqv326n6x2jr";
}) // {
# the schema is huge (> 7GB), we don't get any benefit from building int on hydra
meta.hydraPlatforms = [];
}

59
pkgs/applications/networking/cluster/minikube/default.nix
View File

@ -1,68 +1,67 @@
{ stdenv, buildGoModule, fetchFromGitHub, go-bindata, libvirt, qemu
, gpgme, makeWrapper, vmnet
, docker-machine-kvm, docker-machine-kvm2
, extraDrivers ? []
{ stdenv
, buildGoModule
, fetchFromGitHub
, pkgconfig
, makeWrapper
, go-bindata
, libvirt
, vmnet
}:
let
drivers = stdenv.lib.filter (d: d != null) (extraDrivers
++ stdenv.lib.optionals stdenv.isLinux [ docker-machine-kvm docker-machine-kvm2 ]);
binPath = drivers
++ stdenv.lib.optionals stdenv.isLinux ([ libvirt qemu ]);
in buildGoModule rec {
buildGoModule rec {
pname = "minikube";
version = "1.2.0";
kubernetesVersion = "1.15.0";
version = "1.8.1";
# for -ldflags
commit = "cbda04cf6bbe65e987ae52bb393c10099ab62014";
goPackagePath = "k8s.io/minikube";
subPackages = [ "cmd/minikube" ];
modSha256 = "1wyz8aq291lx614ilqrcgzdc8rjxbd6v3rv1fy6r2m6snyysycfn";
src = fetchFromGitHub {
owner = "kubernetes";
repo = "minikube";
rev = "v${version}";
sha256 = "0l9znrp49877cp1bkwx84c8lv282ga5a946rjbxi8gznkf3kwaw7";
sha256 = "1nf0n701rw3anp8j7k3f553ipqwpzzxci41zsi0il4l35dpln5g0";
};
modSha256 = "1cp63n0x2lgbqvvymx9byx48r42qw6w224x5x4iiarc2nryfdhn0";
buildInputs = [ go-bindata makeWrapper gpgme ] ++ stdenv.lib.optional stdenv.hostPlatform.isDarwin vmnet;
subPackages = [ "cmd/minikube" ] ++ stdenv.lib.optional stdenv.hostPlatform.isDarwin "cmd/drivers/hyperkit";
nativeBuildInputs = [ pkgconfig go-bindata makeWrapper ];
buildInputs = stdenv.lib.optionals stdenv.isLinux [ libvirt ]
++ stdenv.lib.optionals stdenv.isDarwin [ vmnet ];
preBuild = ''
go-bindata -nomemcopy -o pkg/minikube/assets/assets.go -pkg assets deploy/addons/...
go-bindata -nomemcopy -o pkg/minikube/translate/translations.go -pkg translate translations/...
VERSION_MAJOR=$(grep "^VERSION_MAJOR" Makefile | sed "s/^.*\s//")
VERSION_MINOR=$(grep "^VERSION_MINOR" Makefile | sed "s/^.*\s//")
ISO_VERSION=v$VERSION_MAJOR.$VERSION_MINOR.0
ISO_BUCKET=$(grep "^ISO_BUCKET" Makefile | sed "s/^.*\s//")
KUBERNETES_VERSION=${kubernetesVersion}
export buildFlagsArray="-ldflags=\
-X k8s.io/minikube/pkg/version.version=v${version} \
-X k8s.io/minikube/pkg/version.isoVersion=$ISO_VERSION \
-X k8s.io/minikube/pkg/version.isoPath=$ISO_BUCKET \
-X k8s.io/minikube/vendor/k8s.io/client-go/pkg/version.gitVersion=$KUBERNETES_VERSION \
-X k8s.io/minikube/vendor/k8s.io/kubernetes/pkg/version.gitVersion=$KUBERNETES_VERSION"
-X ${goPackagePath}/pkg/version.version=v${version} \
-X ${goPackagePath}/pkg/version.isoVersion=$ISO_VERSION \
-X ${goPackagePath}/pkg/version.isoPath=$ISO_BUCKET \
-X ${goPackagePath}/pkg/version.gitCommitID=${commit} \
-X ${goPackagePath}/pkg/drivers/kvm.version=v${version} \
-X ${goPackagePath}/pkg/drivers/kvm.gitCommitID=${commit} \
-X ${goPackagePath}/pkg/drivers/hyperkit.version=v${version} \
-X ${goPackagePath}/pkg/drivers/hyperkit.gitCommitID=${commit}"
'';
postInstall = ''
wrapProgram $out/bin/${pname} --prefix PATH : $out/bin:${stdenv.lib.makeBinPath binPath}
mkdir -p $out/share/bash-completion/completions/
MINIKUBE_WANTUPDATENOTIFICATION=false MINIKUBE_WANTKUBECTLDOWNLOADMSG=false HOME=$PWD $out/bin/minikube completion bash > $out/share/bash-completion/completions/minikube
mkdir -p $out/share/zsh/site-functions/
MINIKUBE_WANTUPDATENOTIFICATION=false MINIKUBE_WANTKUBECTLDOWNLOADMSG=false HOME=$PWD $out/bin/minikube completion zsh > $out/share/zsh/site-functions/_minikube
''+ stdenv.lib.optionalString stdenv.hostPlatform.isDarwin ''
mv $out/bin/hyperkit $out/bin/docker-machine-driver-hyperkit
'';
meta = with stdenv.lib; {
homepage = https://github.com/kubernetes/minikube;
description = "A tool that makes it easy to run Kubernetes locally";
license = licenses.asl20;
maintainers = with maintainers; [ ebzzry copumpkin vdemeester ];
maintainers = with maintainers; [ ebzzry copumpkin vdemeester atkinschang ];
platforms = with platforms; unix;
};
}

4
pkgs/applications/networking/cluster/openshift/default.nix
View File

@ -33,7 +33,9 @@ in buildGoPackage rec {
goPackagePath = "github.com/openshift/origin";
buildInputs = [ which rsync go-bindata kerberos clang ];
buildInputs = [ kerberos ];
nativeBuildInputs = [ which rsync go-bindata clang ];
patchPhase = ''
patchShebangs ./hack

8
pkgs/applications/networking/cluster/qbec/default.nix
View File

@ -2,20 +2,20 @@
buildGoModule rec {
pname = "qbec";
version = "0.7.5";
version = "0.10.5";
src = fetchFromGitHub {
owner = "splunk";
repo = "qbec";
rev = "v${version}";
sha256 = "1q3rbxih4fn0zv8dni5dxb3pq840spplfy08x941najqfgflv9gb";
sha256 = "0j0ybbv4ix864scmghy1lvr3rs2fbj49cva6x48kbwli4y447758";
};
modSha256 = "0s1brqvzm1ghhqb46aqfj0lpnaq76rav0hwwb82ccw8h7052y4jn";
modSha256 = "165zqmannlylkzaz9gkmcrlyx8rfhz70ahzhiks4ycgq1qxr0av9";
meta = with lib; {
description = "Configure kubernetes objects on multiple clusters using jsonnet https://qbec.io";
homepage = https://github.com/splunk/qbec;
homepage = "https://github.com/splunk/qbec";
license = licenses.asl20;
maintainers = with maintainers; [ groodt ];
};

2
pkgs/applications/networking/cluster/spacegun/node-composition.nix
View File

@ -1,4 +1,4 @@
# This file has been generated by node2nix 1.7.0. Do not edit!
# This file has been generated by node2nix 1.8.0. Do not edit!
{pkgs ? import <nixpkgs> {
inherit system;

1783
pkgs/applications/networking/cluster/spacegun/node-packages.nix generated
View File

File diff suppressed because it is too large Load Diff

36
pkgs/applications/networking/instant-messengers/deltachat-electron/default.nix Normal file
View File

@ -0,0 +1,36 @@
{ lib, fetchurl, appimageTools }:
let
pname = "deltachat-electron";
version = "1.1.0";
name = "${pname}-${version}";
src = fetchurl {
url =
"https://download.delta.chat/desktop/r${version}/DeltaChat-${version}.AppImage";
sha256 = "0pbn45cyv0h3fp7s9v9q93v12ah2gj7daaq0r3z140im6zv0rkrc";
};
appimageContents = appimageTools.extract { inherit name src; };
in appimageTools.wrapType2 {
inherit name src;
extraInstallCommands = ''
mv $out/bin/${name} $out/bin/${pname}
install -m 444 -D \
${appimageContents}/deltachat-desktop.desktop \
$out/share/applications/${pname}.desktop
substituteInPlace $out/share/applications/${pname}.desktop \
--replace 'Exec=AppRun' 'Exec=${pname}'
cp -r ${appimageContents}/usr/share/icons $out/share
'';
meta = with lib; {
description = "Electron client for DeltaChat";
homepage = "https://delta.chat/";
license = licenses.gpl3;
maintainers = with maintainers; [ ehmry ];
platforms = [ "x86_64-linux" ];
};
}

4
pkgs/applications/networking/instant-messengers/riot/riot-desktop.nix
View File

@ -6,12 +6,12 @@
let
executableName = "riot-desktop";
version = "1.5.12";
version = "1.5.13";
riot-web-src = fetchFromGitHub {
owner = "vector-im";
repo = "riot-web";
rev = "v${version}";
sha256 = "1qz3n2dlklhbi6rbhv2v769xbr4rcp9s6pm2cc9r33ak6axn4aym";
sha256 = "1p2bdqq8yziv3l7kjkwqvi27a8djav7rk3lsipl7dvdjk1926941";
};
electron = electron_7;

4
pkgs/applications/networking/instant-messengers/riot/riot-web.nix
View File

@ -12,11 +12,11 @@ let
in stdenv.mkDerivation rec {
pname = "riot-web";
version = "1.5.12";
version = "1.5.13";
src = fetchurl {
url = "https://github.com/vector-im/riot-web/releases/download/v${version}/riot-v${version}.tar.gz";
sha256 = "064zghrsl348ydzngwxhwjn0d0gkkf3nkzq03v5gad2f11qwnwb6";
sha256 = "0xghpf9rv7ns5aipc6n517qd9dp50rr93arvx6r36kqhkdyzbfad";
};
installPhase = ''

4
pkgs/applications/networking/instant-messengers/ripcord/default.nix
View File

@ -5,12 +5,12 @@
mkDerivation rec {
pname = "ripcord";
version = "0.4.23";
version = "0.4.24";
src = let
appimage = fetchurl {
url = "https://cancel.fm/dl/Ripcord-${version}-x86_64.AppImage";
sha256 = "0395w0pwr1cz8ichcbyrsscmm2p7srgjk4vkqvqgwyx41prm0x2h";
sha256 = "0rscmnwxvbdl0vfx1pz7x5gxs9qsjk905zmcad4f330j5l5m227z";
name = "${pname}-${version}.AppImage";
};
in appimageTools.extract {

4
pkgs/applications/networking/mailreaders/aerc/default.nix
View File

@ -17,10 +17,8 @@ in buildGoModule rec {
modSha256 = "127xrah6xxrvc224g5dxn432sagrssx8v7phzapcsdajsnmagq6x";
nativeBuildInputs = [
go
scdoc
python3.pkgs.wrapPython
notmuch
];
patches = [
@ -31,7 +29,7 @@ in buildGoModule rec {
python3.pkgs.colorama
];
buildInputs = [ python3 perl ];
buildInputs = [ python3 notmuch ];
GOFLAGS="-tags=notmuch";

2
pkgs/applications/networking/p2p/magnetico/default.nix
View File

@ -13,7 +13,7 @@ buildGoModule rec {
modSha256 = "1h9fij8mxlxfw7kxix00n10fkhkvmf8529fxbk1n30cxc1bs2szf";
buildInputs = [ go-bindata ];
nativeBuildInputs = [ go-bindata ];
buildPhase = ''
make magneticow magneticod
'';

2
pkgs/applications/networking/sniffers/wireshark/default.nix
View File

@ -26,6 +26,8 @@ in stdenv.mkDerivation {
cmakeFlags = [
"-DBUILD_wireshark=${if withQt then "ON" else "OFF"}"
"-DENABLE_APPLICATION_BUNDLE=${if withQt && stdenv.isDarwin then "ON" else "OFF"}"
# Fix `extcap` and `plugins` paths. See https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16444
"-DCMAKE_INSTALL_LIBDIR=lib"
];
nativeBuildInputs = [

52
pkgs/applications/networking/sync/unison/4.08-compatibility.patch Normal file
View File

@ -0,0 +1,52 @@
From 29fa058c3127f3b47c347dcaa4a94f4c0e888308 Mon Sep 17 00:00:00 2001
From: Jaap Boender <jaapb@kerguelen.org>
Date: Thu, 21 Mar 2019 12:26:51 +0000
Subject: [PATCH] Compatibility with OCaml 4.08
---
src/files.ml | 2 +-
src/recon.ml | 4 ++--
src/system/system_generic.ml | 2 +-
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/files.ml b/src/files.ml
index ba42ad57..5babf21e 100644
--- a/src/files.ml
+++ b/src/files.ml
@@ -722,7 +722,7 @@ let get_files_in_directory dir =
with End_of_file ->
dirh.System.closedir ()
end;
- Sort.list (<) !files
+ List.sort String.compare !files
let ls dir pattern =
Util.convertUnixErrorsToTransient
diff --git a/src/recon.ml b/src/recon.ml
index 5ed358d7..0df2cfe4 100644
--- a/src/recon.ml
+++ b/src/recon.ml
@@ -651,8 +651,8 @@ let rec reconcile
(* Sorts the paths so that they will be displayed in order *)
let sortPaths pathUpdatesList =
- Sort.list
- (fun (p1, _) (p2, _) -> Path.compare p1 p2 <= 0)
+ List.sort
+ Path.compare
pathUpdatesList
let rec enterPath p1 p2 t =
diff --git a/src/system/system_generic.ml b/src/system/system_generic.ml
index ed8e18f3..0e28a781 100755
--- a/src/system/system_generic.ml
+++ b/src/system/system_generic.ml
@@ -47,7 +47,7 @@ let open_out_gen = open_out_gen
let chmod = Unix.chmod
let chown = Unix.chown
let utimes = Unix.utimes
-let link = Unix.link
+let link s d = Unix.link s d
let openfile = Unix.openfile
let opendir f =
let h = Unix.opendir f in

6
pkgs/applications/networking/sync/unison/default.nix
View File

@ -27,6 +27,12 @@ stdenv.mkDerivation (rec {
"UISTYLE=${if enableX11 then "gtk2" else "text"}"
] ++ stdenv.lib.optional (!ocaml.nativeCompilers) "NATIVE=false";
patches = [
# NOTE: Only needed until Unison 2.51.3 is released!
./4.08-compatibility.patch
./lablgtk.patch
];
preInstall = "mkdir -p $out/bin";
postInstall = if enableX11 then ''

31
pkgs/applications/networking/sync/unison/lablgtk.patch Normal file
View File

@ -0,0 +1,31 @@
From 2e7ea9481c6c3ff2ec513c39f73cfe15c0763c06 Mon Sep 17 00:00:00 2001
From: daviddavid <geiger.david68210@gmail.com>
Date: Mon, 26 Feb 2018 13:36:36 +0100
Subject: [PATCH] Fix for lablgtk >= 2.18.6
---
src/uigtk2.ml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/uigtk2.ml b/src/uigtk2.ml
index 2ba6d79..04c4da4 100644
--- a/src/uigtk2.ml
+++ b/src/uigtk2.ml
@@ -89,12 +89,12 @@ let fontItalic = lazy (Pango.Font.from_string "italic")
(* This does not work with the current version of Lablgtk, due to a bug
let icon =
GdkPixbuf.from_data ~width:48 ~height:48 ~has_alpha:true
- (Gpointer.region_of_string Pixmaps.icon_data)
+ (Gpointer.region_of_bytes Pixmaps.icon_data)
*)
let icon =
let p = GdkPixbuf.create ~width:48 ~height:48 ~has_alpha:true () in
Gpointer.blit
- (Gpointer.region_of_string Pixmaps.icon_data) (GdkPixbuf.get_pixels p);
+ (Gpointer.region_of_bytes Pixmaps.icon_data) (GdkPixbuf.get_pixels p);
p
let leftPtrWatch =
--
2.25.1

6
pkgs/applications/radio/gnss-sdr/default.nix
View File

@ -20,13 +20,13 @@
stdenv.mkDerivation rec {
pname = "gnss-sdr";
version = "0.0.11";
version = "0.0.12";
src = fetchFromGitHub {
owner = "gnss-sdr";
repo = "gnss-sdr";
rev = "v${version}";
sha256 = "0ajj0wx68yyzigppxxa1wag3hzkrjj8dqq8k28rj0jhp8a6bw2q7";
sha256 = "0i9cz85jc2m758pzy3bq4dk4vj9wv7k2z118lasb09xldx01dwsq";
};
buildInputs = [
@ -73,7 +73,7 @@ stdenv.mkDerivation rec {
meta = with stdenv.lib; {
description = "An open source Global Navigation Satellite Systems software-defined receiver";
homepage = https://gnss-sdr.org/;
homepage = "https://gnss-sdr.org/";
license = licenses.gpl3Plus;
platforms = platforms.linux;
};

4
pkgs/applications/science/electronics/kicad/default.nix
View File

@ -137,5 +137,9 @@ stdenv.mkDerivation rec {
maintainers = with maintainers; [ evils kiwi berce ];
# kicad's cross-platform, not sure what to fill in here
platforms = with platforms; linux;
} // optionalAttrs with3d {
# We can't download the 3d models on Hydra - they are a ~1 GiB download and
# they occupy ~5 GiB in store.
hydraPlatforms = [];
};
}

17
pkgs/applications/science/electronics/kicad/libraries.nix
View File

@ -12,8 +12,8 @@
# };
with lib;
let
mkLib = name: attrs:
stdenv.mkDerivation (
mkLib = name:
stdenv.mkDerivation
{
pname = "kicad-${name}";
version = "${version}";
@ -27,16 +27,13 @@ let
);
nativeBuildInputs = [ cmake ];
meta.license = licenses.cc-by-sa-40;
} // attrs
);
};
in
{
symbols = mkLib "symbols" { };
templates = mkLib "templates" { };
footprints = mkLib "footprints" { };
packages3d = mkLib "packages3d" {
hydraPlatforms = []; # this is a ~1 GiB download, occupies ~5 GiB in store
};
symbols = mkLib "symbols";
templates = mkLib "templates";
footprints = mkLib "footprints";
packages3d = mkLib "packages3d";
# i18n is a special case, not actually a library
# more a part of kicad proper, but also optional and separate

39
pkgs/applications/science/logic/abc/default.nix
View File

@ -1,35 +1,32 @@
{ fetchFromGitHub, stdenv, readline, cmake }:
{ stdenv, fetchFromGitHub
, readline, cmake
}:
let
rev = "71f2b40320127561175ad60f6f2428f3438e5243";
in stdenv.mkDerivation {
pname = "abc-verifier";
version = "2020-01-11";
stdenv.mkDerivation rec {
pname = "abc-verifier";
version = "2020.03.05";
src = fetchFromGitHub {
inherit rev;
owner = "berkeley-abc";
repo = "abc";
sha256 = "15sn146ajxql7l1h8rsag5lhn4spwvgjhwzqawfr78snzadw8by3";
owner = "berkeley-abc";
repo = "abc";
rev = "ed90ce20df9c7c4d6e1db5d3f786f9b52e06bab1";
sha256 = "01sw67pkrb6wzflkxbkxzwsnli3nvp0yxwp3j1ngb3c0j86ri437";
};
passthru.rev = rev;
nativeBuildInputs = [ cmake ];
buildInputs = [ readline ];
enableParallelBuilding = true;
installPhase = "mkdir -p $out/bin && mv abc $out/bin";
installPhase = ''
mkdir -p $out/bin
mv abc $out/bin
'';
# needed by yosys
passthru.rev = src.rev;
meta = {
meta = with stdenv.lib; {
description = "A tool for squential logic synthesis and formal verification";
homepage = https://people.eecs.berkeley.edu/~alanmi/abc;
license = stdenv.lib.licenses.mit;
platforms = stdenv.lib.platforms.unix;
maintainers = [ stdenv.lib.maintainers.thoughtpolice ];
homepage = "https://people.eecs.berkeley.edu/~alanmi/abc";
license = licenses.mit;
platforms = platforms.unix;
maintainers = with maintainers; [ thoughtpolice ];
};
}

17
pkgs/applications/science/logic/mcy/default.nix
View File

@ -7,28 +7,31 @@ let
in
stdenv.mkDerivation {
pname = "mcy";
version = "2020.02.05";
version = "2020.03.16";
src = fetchFromGitHub {
owner = "YosysHQ";
repo = "mcy";
rev = "83deeddd12d583a89ad4aa1d2147efa4d6adc33c";
sha256 = "1i0cabiqr68zflwzc6z894i4n7k6m3hbfck58vzh8zb9jwxwizav";
rev = "562c02375067428bb657f57faa5131ee1ab44051";
sha256 = "0q77v2hxnmv61zx5bl4lrqiavgvsiyb5qxdp9hnihimj1m30bc5h";
};
buildInputs = [ python ];
patchPhase = ''
substituteInPlace mcy.py \
--replace yosys '${yosys}/bin/yosys' \
--replace 'os.execvp("mcy-dash"' "os.execvp(\"$out/libexec/mcy/mcy-dash.py\""
--replace 'os.execvp("mcy-dash"' "os.execvp(\"$out/bin/mcy-dash\""
substituteInPlace mcy-dash.py \
--replace 'app.run(debug=True)' 'app.run(host="0.0.0.0",debug=True)'
'';
# the build needs a bit of work...
buildPhase = "true";
installPhase = ''
mkdir -p $out/bin $out/libexec/mcy
install mcy.py $out/bin/mcy && chmod +x $out/bin/mcy
install mcy-dash.py $out/libexec/mcy/mcy-dash.py
mkdir -p $out/bin $out/share/mcy/dash
install mcy.py $out/bin/mcy && chmod +x $out/bin/mcy
install mcy-dash.py $out/bin/mcy-dash && chmod +x $out/bin/mcy-dash
cp -r dash/. $out/share/mcy/dash/.
'';
meta = {

12
pkgs/applications/science/logic/symbiyosys/default.nix
View File

@ -1,17 +1,17 @@
{ stdenv, fetchFromGitHub
, bash, python3, yosys
, yices, boolector, aiger, abc-verifier
, yices, boolector, aiger
}:
stdenv.mkDerivation {
pname = "symbiyosys";
version = "2020.02.08";
version = "2020.02.11";
src = fetchFromGitHub {
owner = "YosysHQ";
repo = "SymbiYosys";
rev = "500b526131f434b9679732fc89515dbed67c8d7d";
sha256 = "1pwbirszc80r288x81nx032snniqgmc80i09bbha2i3zd0c3pj5h";
rev = "0a7013017f9d583ef6cc8d10712f4bf11cf6e024";
sha256 = "08xz8sgvs1qy7jxp8ma5yl49i6nl7k6bkhry4afdvwg3fvwis39c";
};
buildInputs = [ python3 ];
@ -29,8 +29,8 @@ stdenv.mkDerivation {
--replace ': "btormc"' ': "${boolector}/bin/btormc"' \
--replace ': "yosys"' ': "${yosys}/bin/yosys"' \
--replace ': "yosys-smtbmc"' ': "${yosys}/bin/yosys-smtbmc"' \
--replace ': "yosys-abc"' ': "${abc-verifier}/bin/abc"' \
--replace ': "aigbmc"' ': "${aiger}/bin/aigbmc"' \
--replace ': "yosys-abc"' ': "${yosys}/bin/yosys-abc"' \
--replace ': "aigbmc"' ': "${aiger}/bin/aigbmc"' \
'';
buildPhase = "true";

2
pkgs/applications/version-management/git-and-tools/gitstatus/default.nix
View File

@ -2,7 +2,7 @@
stdenv.mkDerivation {
pname = "gitstatus";
version = "unstable-2020-03-06";
version = "unstable-2020-03-15";
src = fetchFromGitHub {
owner = "romkatv";

4
pkgs/applications/virtualization/conmon/default.nix
View File

@ -8,13 +8,13 @@
stdenv.mkDerivation rec {
pname = "conmon";
version = "2.0.11";
version = "2.0.13";
src = fetchFromGitHub {
owner = "containers";
repo = pname;
rev = "v${version}";
sha256 = "1mdnfkbbv41g590a1ja4rfw69z6kp03znyhikdmg6zqp4qsv32ib";
sha256 = "1cp9hhanndr6c71g4hdxfgwk348vnnlgijkr12f7qmd5acwfl7jc";
};
nativeBuildInputs = [ pkg-config ];

2
pkgs/applications/virtualization/gvisor/containerd-shim.nix
View File

@ -1,4 +1,4 @@
{ lib, fetchFromGitHub, buildGoModule, go-bindata }:
{ lib, fetchFromGitHub, buildGoModule }:
buildGoModule rec {
name = "gvisor-containerd-shim-${version}";

7
pkgs/applications/virtualization/virtualbox/extpack.nix
View File

@ -1,8 +1,9 @@
{fetchurl, lib}:
{fetchurl, lib, virtualbox}:
with lib;
let version = "6.0.14";
let
inherit (virtualbox) version;
in
fetchurl rec {
name = "Oracle_VM_VirtualBox_Extension_Pack-${version}.vbox-extpack";
@ -11,7 +12,7 @@ fetchurl rec {
# Manually sha256sum the extensionPack file, must be hex!
# Thus do not use `nix-prefetch-url` but instead plain old `sha256sum`.
# Checksums can also be found at https://www.virtualbox.org/download/hashes/${version}/SHA256SUMS
let value = "c8a5cc980c9c94cdac3d94e23cf159c2433aae76b416dbfb5b1a918758f21e63";
let value = "3b73798d776ff223ea8025b1a45001762f8d4e5bcd1ea61449773c1249935800";
in assert (builtins.stringLength value) == 64; value;
meta = {

42
pkgs/applications/window-managers/wtftw/default.nix
View File

@ -1,42 +0,0 @@
{ stdenv, fetchFromGitHub, rustPlatform, libXinerama, libX11, pkgconfig }:
rustPlatform.buildRustPackage {
name = "wtftw-0.0pre20170921";
src = fetchFromGitHub {
owner = "kintaro";
repo = "wtftw";
rev = "13712d4c051938520b90b6639d4ff813f6fe5f48";
sha256 = "1r74nhcwiy2rmifzjhdal3jcqz4jz48nfvhdyw4gasa6nxp3msdl";
};
# Delete this on next update; see #79975 for details
legacyCargoFetcher = true;
cargoSha256 = "18lb24k71sndklbwwhbv8jglj2d4y9mdk07l60wsvn5m2jbnpckk";
nativeBuildInputs = [ pkgconfig ];
buildInputs = [ libXinerama libX11 ];
libPath = stdenv.lib.makeLibraryPath [ libXinerama libX11 ];
preInstall = ''
cargo update
'';
installPhase = ''
mkdir -p $out/bin
mkdir -p $out/share/xsessions
cp -p target/release/wtftw $out/bin/
echo "[Desktop Entry]
Name=wtftw
Exec=$out/bin/wtftw
Type=XSession
DesktopName=wtftw" > $out/share/xsessions/wtftw.desktop
'';
meta = with stdenv.lib; {
broken = true;
description = "A tiling window manager in Rust";
homepage = https://github.com/Kintaro/wtftw;
license = stdenv.lib.licenses.bsd3;
};
}

4
pkgs/data/misc/unicode-character-database/default.nix
View File

@ -5,11 +5,11 @@
stdenv.mkDerivation rec {
pname = "unicode-character-database";
version = "12.1.0";
version = "13.0.0";
src = fetchurl {
url = "https://www.unicode.org/Public/zipped/${version}/UCD.zip";
sha256 = "19m06iw0jl7lhlggcmghi12p6jld0qrmfpksgc243yn6sjh53fi5";
sha256 = "0ld97ppkb5f8d5b3mlkxfwnr6f3inijyqias9xc4bbin9lxrfxig";
};
nativeBuildInputs = [

40
pkgs/data/themes/ant-theme/ant-bloody.nix Normal file
View File

@ -0,0 +1,40 @@
{ stdenv, fetchurl, gtk-engine-murrine }:
let
themeName = "Ant-Bloody";
in
stdenv.mkDerivation rec {
pname = "ant-bloody-theme";
version = "1.3.0";
src = fetchurl {
url = "https://github.com/EliverLara/${themeName}/releases/download/v${version}/${themeName}.tar";
sha256 = "0rrz50kmzjmqj17hvrw67pbaclwxv85i5m08s7842iky6dnn5z8s";
};
propagatedUserEnvPkgs = [
gtk-engine-murrine
];
dontBuild = true;
installPhase = ''
runHook preInstall
mkdir -p $out/share/themes/${themeName}
cp -a * $out/share/themes/${themeName}
rm -r $out/share/themes/${themeName}/{Art,LICENSE,README.md,gtk-2.0/render-assets.sh}
runHook postInstall
'';
outputHashAlgo = "sha256";
outputHashMode = "recursive";
outputHash = "0v5pdhysa2460sh400cpq11smcfsi9g1lbfzx8nj1w5a21d811cz";
meta = with stdenv.lib; {
description = "Bloody variant of the Ant theme";
homepage = "https://github.com/EliverLara/${themeName}";
license = licenses.gpl3;
platforms = platforms.all;
maintainers = with maintainers; [ alexarice ];
};
}

40
pkgs/data/themes/ant-theme/ant-dracula.nix Normal file
View File

@ -0,0 +1,40 @@
{ stdenv, fetchurl, gtk-engine-murrine }:
let
themeName = "Ant-Dracula";
in
stdenv.mkDerivation rec {
pname = "ant-dracula-theme";
version = "1.3.0";
src = fetchurl {
url = "https://github.com/EliverLara/${themeName}/releases/download/v${version}/${themeName}.tar";
sha256 = "00b8w69xapqy8kc7zqwlfz1xpld6hibbh35djvhcnd905gzzymkd";
};
propagatedUserEnvPkgs = [
gtk-engine-murrine
];
dontBuild = true;
installPhase = ''
runHook preInstall
mkdir -p $out/share/themes/${themeName}
cp -a * $out/share/themes/${themeName}
rm -r $out/share/themes/${themeName}/{Art,LICENSE,README.md,gtk-2.0/render-assets.sh}
runHook postInstall
'';
outputHashAlgo = "sha256";
outputHashMode = "recursive";
outputHash = "1a9mkxfb0zixx8s05h15lhnnzygh2qzc8k2q10i0khx90bf72x14";
meta = with stdenv.lib; {
description = "Dracula variant of the Ant theme";
homepage = "https://github.com/EliverLara/${themeName}";
license = licenses.gpl3;
platforms = platforms.all;
maintainers = with maintainers; [ alexarice ];
};
}

40
pkgs/data/themes/ant-theme/ant-nebula.nix Normal file
View File

@ -0,0 +1,40 @@
{ stdenv, fetchurl, gtk-engine-murrine }:
let
themeName = "Ant-Nebula";
in
stdenv.mkDerivation rec {
pname = "ant-nebula-theme";
version = "1.3.0";
src = fetchurl {
url = "https://github.com/EliverLara/${themeName}/releases/download/v${version}/${themeName}.tar";
sha256 = "1xpgw577nmgjk547mg2vvv0gdai60srgncykm5pb1w8dnlk69jbz";
};
propagatedUserEnvPkgs = [
gtk-engine-murrine
];
dontBuild = true;
installPhase = ''
runHook preInstall
mkdir -p $out/share/themes/${themeName}
cp -a * $out/share/themes/${themeName}
rm -r $out/share/themes/${themeName}/{Art,LICENSE,README.md,gtk-2.0/render-assets.sh}
runHook postInstall
'';
outputHashAlgo = "sha256";
outputHashMode = "recursive";
outputHash = "1lmlc4fvjnp05gshc0arfysh8r1xxzpzdv3j0bk40mjf3d59814c";
meta = with stdenv.lib; {
description = "Nebula variant of the Ant theme";
homepage = "https://github.com/EliverLara/${themeName}";
license = licenses.gpl3;
platforms = platforms.all;
maintainers = with maintainers; [ alexarice ];
};
}

17
pkgs/data/themes/ant-theme/default.nix → pkgs/data/themes/ant-theme/ant.nix
View File

@ -1,11 +1,14 @@
{ stdenv, fetchurl, gtk-engine-murrine }:
let
themeName = "Ant";
in
stdenv.mkDerivation rec {
pname = "ant-theme";
version = "1.3.0";
src = fetchurl {
url = "https://github.com/EliverLara/Ant/releases/download/v${version}/Ant.tar";
url = "https://github.com/EliverLara/${themeName}/releases/download/v${version}/${themeName}.tar";
sha256 = "1r795v96ywzcb4dq08q2fdbmfia32g36cc512mhy41s8fb1a47dz";
};
@ -17,21 +20,21 @@ stdenv.mkDerivation rec {
installPhase = ''
runHook preInstall
mkdir -p $out/share/themes/Ant
cp -a * $out/share/themes/Ant
rm -r $out/share/themes/Ant/{Art,LICENSE,README.md,gtk-2.0/render-assets.sh}
mkdir -p $out/share/themes/${themeName}
cp -a * $out/share/themes/${themeName}
rm -r $out/share/themes/${themeName}/{Art,LICENSE,README.md,gtk-2.0/render-assets.sh}
runHook postInstall
'';
outputHashAlgo = "sha256";
outputHashMode = "recursive";
outputHash = "1gpacrmi5y87shp39jgy78n0ca2xdpvbqfh0mgldlxx99ca9rvvy";
outputHash = "07iv4jangqnzrvjr749vl3x31z7dxds51bq1bhz5acbjbwf25wjf";
meta = with stdenv.lib; {
description = "A flat and light theme with a modern look";
homepage = https://github.com/EliverLara/Ant;
homepage = "https://github.com/EliverLara/${themeName}";
license = licenses.gpl3;
platforms = platforms.all;
maintainers = [ ];
maintainers = with maintainers; [ alexarice ];
};
}

4
pkgs/data/themes/matcha/default.nix
View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "matcha";
version = "2020-03-11";
version = "2020-03-15";
src = fetchFromGitHub {
owner = "vinceliuice";
repo = pname;
rev = version;
sha256 = "1np2964g5f0vwdvfmi8gidsk9jj7v43nkshiqnfdbvmwa85ldpfl";
sha256 = "0hj1hpg9p46hyfcssd5ac7m599zkq7nrbwdwfbp98g5rw4fq8jaw";
};
buildInputs = [ gdk-pixbuf librsvg ];

3
pkgs/desktops/cinnamon/cinnamon-control-center/default.nix
View File

@ -13,6 +13,7 @@
, libxml2
, systemd
, upower
, gnome-online-accounts
, cinnamon-settings-daemon
, colord
, polkit
@ -67,7 +68,7 @@ stdenv.mkDerivation rec {
colord
cinnamon-settings-daemon
libwacom
gnome3.gnome-online-accounts
gnome-online-accounts
tzdata
networkmanager
networkmanagerapplet

2
pkgs/desktops/gnome-3/default.nix
View File

@ -18,7 +18,7 @@ lib.makeScope pkgs.newScope (self: with self; {
in
lib.filter (x: !(builtins.elem (lib.getName x) namesToRemove)) packages;
maintainers = with pkgs.lib.maintainers; [ lethalman jtojnar hedning worldofpeace ];
maintainers = lib.teams.gnome.members;
libsoup = pkgs.libsoup.override { gnomeSupport = true; };
libchamplain = pkgs.libchamplain.override { libsoup = libsoup; };

2
pkgs/desktops/xfce/core/xfwm4/default.nix
View File

@ -5,7 +5,7 @@
mkXfceDerivation {
category = "xfce";
pname = "xfwm4";
version = "4.14.0";
version = "4.14.0"; # TODO: remove xfce4-14 alias when this gets bumped
sha256 = "1z5aqij2d8n9wnha88b0qzkvss54jvqs8w1w5m3mzjl4c9mn9n8m";

40
pkgs/development/compilers/elm/default.nix
View File

@ -42,6 +42,7 @@ let
doCheck = false;
jailbreak = true;
}));
elmi-to-json = justStaticExecutables (overrideCabal (self.callPackage ./packages/elmi-to-json.nix {}) (drv: {
prePatch = ''
substituteInPlace package.yaml --replace "- -Werror" ""
@ -50,6 +51,23 @@ let
jailbreak = true;
}));
elm-instrument = justStaticExecutables (overrideCabal (self.callPackage ./packages/elm-instrument.nix {}) (drv: {
patches = [(
# GHC 8.8.1 and Cabal >= 1.25.0 support
# https://github.com/zwilias/elm-instrument/pull/3
fetchpatch {
url = "https://github.com/turboMaCk/elm-instrument/commit/4272db2aea742c8b54509e536fa4f35d04f95da5.patch";
sha256 = "1d1lc43lp3x5jfhlyb1b7na7nj1g1i1vc1np26pcisg9c2s7gjz6";
}
)];
prePatch = ''
sed "s/desc <-.*/let desc = \"${drv.version}\"/g" Setup.hs --in-place
'';
jailbreak = true;
# Tests are failing because of missing instances for Eq and Show type classes
doCheck = false;
}));
inherit fetchElmDeps;
elmVersion = elmPkgs.elm.version;
};
@ -73,9 +91,29 @@ let
inherit nodejs pkgs;
inherit (stdenv.hostPlatform) system;
};
in with hsPkgs.elmPkgs; {
in with hsPkgs.elmPkgs; rec {
elm-test = patchBinwrap [elmi-to-json] nodePkgs.elm-test;
elm-verify-examples = patchBinwrap [elmi-to-json] nodePkgs.elm-verify-examples;
elm-coverage =
let patched = patchBinwrap [elm elmi-to-json] nodePkgs.elm-coverage;
in patched.override {
preRebuild = ''
sed 's/\"install\".*/\"install\":\"echo no-op\"/g' --in-place package.json
# This should not be needed (thanks to binwrap* being nooped) but for some reason it still needs to be done
# in case of just this package
sed 's/\"install\".*/\"install\":\"echo no-op\",/g' --in-place node_modules/elmi-to-json/package.json
rm node_modules/elm/install.js
echo "console.log('no-op');" > node_modules/elm/install.js
'';
# Link Elm instrument binary
postInstall = patched.postInstall + ''
mkdir -p unpacked_bin
ln -sf ${elm-instrument}/bin/elm-instrument unpacked_bin/elm-instrument
'';
};
elm-language-server = nodePkgs."@elm-tooling/elm-language-server";
inherit (nodePkgs) elm-doc-preview elm-live elm-upgrade elm-xref elm-analyse;

34
pkgs/development/compilers/elm/packages/elm-instrument.nix Normal file
View File

@ -0,0 +1,34 @@
{ mkDerivation, ansi-terminal, ansi-wl-pprint, base, binary
, bytestring, Cabal, cmark, containers, directory, elm-format
, fetchgit, filepath, free, HUnit, indents, json, mtl
, optparse-applicative, parsec, process, QuickCheck, quickcheck-io
, split, stdenv, tasty, tasty-golden, tasty-hunit, tasty-quickcheck
, text, elm
}:
mkDerivation {
pname = "elm-instrument";
version = "0.0.7";
src = fetchgit {
url = "https://github.com/zwilias/elm-instrument.git";
sha256 = "14yfzwsyvgc6rzn19sdmwk2mc1vma9hcljnmjnmlig8mp0271v56";
rev = "31b527e405a6afdb25bb87ad7bd14f979e65cff7";
fetchSubmodules = true;
};
isLibrary = true;
isExecutable = true;
setupHaskellDepends = [ base Cabal directory filepath process ];
libraryHaskellDepends = [
ansi-terminal ansi-wl-pprint base binary bytestring containers
directory filepath free indents json mtl optparse-applicative
parsec process split text
];
executableHaskellDepends = [ base ];
testHaskellDepends = [
base cmark containers elm-format HUnit mtl parsec QuickCheck
quickcheck-io split tasty tasty-golden tasty-hunit tasty-quickcheck
text
];
homepage = "http://elm-lang.org";
description = "Instrumentation library for Elm";
license = stdenv.lib.licenses.bsd3;
}

8
pkgs/development/compilers/elm/packages/elmi-to-json.nix
View File

@ -5,11 +5,11 @@
}:
mkDerivation {
pname = "elmi-to-json";
version = "1.2.0";
version = "1.3.0";
src = fetchgit {
url = "https://github.com/stoeffel/elmi-to-json.git";
sha256 = "1kxai87h2g0749yq0fkxwk3xaavydraaivhnavbwr62q2hw4wrj7";
rev = "af08ceafe742a252f1f1f3c229b0ce3b3e00084d";
url = "https://github.com/stoeffel/elmi-to-json";
sha256 = "11j56vcyhijkwi9hzggkwwmxlhzhgm67ab2m7kxkhcbbqgpasa8n";
rev = "ae40d1aa1e3d6878f2af514e611d44890e7abc1e";
fetchSubmodules = true;
};
isLibrary = true;

13
pkgs/development/compilers/elm/packages/node-packages.json
View File

@ -1,10 +1,11 @@
[
"elm-test",
"elm-verify-examples",
"elm-doc-preview",
"elm-upgrade",
"elm-analyse",
"elm-coverage",
"elm-doc-preview",
"@elm-tooling/elm-language-server",
"elm-live",
"elm-xref",
"@elm-tooling/elm-language-server"
"elm-test",
"elm-upgrade",
"elm-verify-examples",
"elm-xref"
]

1865
pkgs/development/compilers/elm/packages/node-packages.nix generated
View File

File diff suppressed because it is too large Load Diff

4
pkgs/development/compilers/gcc/8/default.nix
View File

@ -43,7 +43,7 @@ with stdenv.lib;
with builtins;
let majorVersion = "8";
version = "${majorVersion}.3.0";
version = "${majorVersion}.4.0";
inherit (stdenv) buildPlatform hostPlatform targetPlatform;
@ -77,7 +77,7 @@ stdenv.mkDerivation ({
src = fetchurl {
url = "mirror://gcc/releases/gcc-${version}/gcc-${version}.tar.xz";
sha256 = "0b3xv411xhlnjmin2979nxcbnidgvzqdf4nbhix99x60dkzavfk4";
sha256 = "1m1d3gfix56w4aq8myazzfffkl8bqcrx4jhhapnjf7qfs596w2p3";
};
inherit patches;

6
pkgs/development/compilers/tinygo/default.nix
View File

@ -3,16 +3,16 @@
buildGoModule rec {
pname = "tinygo";
version = "0.11.0";
version = "0.12.0";
src = fetchFromGitHub {
owner = "tinygo-org";
repo = "tinygo";
rev = "v${version}";
sha256 = "0cmg8x9hpvzlxp6hiy9hkh9nn7ig7b0x6k8a2c3bw19pfx9lxksf";
sha256 = "0dw3kxf55p617pb0bj3knsqcfvap5scxlvhh3a9g9ia92kann4v1";
};
modSha256 = "0r3lfi1bj550sf3b7ysz62c2c33f8zfli8208xixj3jadycb6r3z";
modSha256 = "1bjq4vaf38hi204lr9w3r3wcy1rzj06ygi5gzfa7dl3kx10hw6p0";
enableParallelBuilding = true;
subPackages = [ "." ];
buildInputs = [ llvm clang-unwrapped makeWrapper ];

41
pkgs/development/compilers/yosys/default.nix
View File

@ -14,14 +14,14 @@
}:
stdenv.mkDerivation rec {
pname = "yosys";
version = "2020.02.25";
pname = "yosys";
version = "2020.03.16";
src = fetchFromGitHub {
owner = "YosysHQ";
repo = "yosys";
rev = "6edca05793197a846bbfb0329e836c87fa5aabb6";
sha256 = "1cwps3nsld80bh2b66l8fx3fa2zsx174mw72kqxyihpfdm0m0z1s";
rev = "ed4fa19ba2812c286562baf26bbbcb49afad83bc";
sha256 = "1sza5ng0q8dy6p4hks9b2db129xjcid9n6l8aglf2cj5ks82k5nv";
};
enableParallelBuilding = true;
@ -51,7 +51,7 @@ stdenv.mkDerivation rec {
# we have to do this ourselves for some reason...
(cd misc && ${protobuf}/bin/protoc --cpp_out ../backends/protobuf/ ./yosys.proto)
if ! grep -q "ABCREV = ${shortAbcRev}" Makefile;then
if ! grep -q "ABCREV = ${shortAbcRev}" Makefile; then
echo "yosys isn't compatible with the provided abc (${shortAbcRev}), failing."
exit 1
fi
@ -60,20 +60,21 @@ stdenv.mkDerivation rec {
doCheck = true;
checkInputs = [ verilog ];
meta = {
description = "Framework for RTL synthesis tools";
longDescription = ''
Yosys is a framework for RTL synthesis tools. It currently has
extensive Verilog-2005 support and provides a basic set of
synthesis algorithms for various application domains.
Yosys can be adapted to perform any synthesis job by combining
the existing passes (algorithms) using synthesis scripts and
adding additional passes as needed by extending the yosys C++
code base.
'';
homepage = http://www.clifford.at/yosys/;
license = stdenv.lib.licenses.isc;
maintainers = with stdenv.lib.maintainers; [ shell thoughtpolice emily ];
platforms = stdenv.lib.platforms.all;
# Internally, yosys knows to use the specified hardcoded ABCEXTERNAL binary.
# But other tools (like mcy or symbiyosys) can't know how yosys was built, so
# they just assume that 'yosys-abc' is available -- but it's not installed
# when using ABCEXTERNAL
#
# add a symlink to fake things so that both variants work the same way.
postInstall = ''
ln -sfv ${abc-verifier}/bin/abc $out/bin/yosys-abc
'';
meta = with stdenv.lib; {
description = "Open RTL synthesis framework and tools";
homepage = "http://www.clifford.at/yosys/";
license = licenses.isc;
platforms = platforms.all;
maintainers = with maintainers; [ shell thoughtpolice emily ];
};
}

2
pkgs/development/go-modules/generic/default.nix
View File

@ -208,6 +208,8 @@ let
find $out/bin -type f -exec ${removeExpr removeReferences} '{}' + || true
'';
strictDeps = true;
disallowedReferences = lib.optional (!allowGoReference) go;
passthru = passthru // { inherit go go-modules modSha256; };

2
pkgs/development/go-packages/generic/default.nix
View File

@ -243,7 +243,7 @@ let
} // meta // {
# add an extra maintainer to every package
maintainers = (meta.maintainers or []) ++
[ lib.maintainers.ehmry lib.maintainers.lethalman ];
[ lib.maintainers.lethalman ];
};
});
in if disabled then

Some files were not shown because too many files have changed in this diff Show More