Merge master into staging-next
This commit is contained in:
commit
409234ba0c
|
@ -143,6 +143,8 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
|
||||||
|
|
||||||
- [systemd-lock-handler](https://git.sr.ht/~whynothugo/systemd-lock-handler/), a bridge between logind D-Bus events and systemd targets. Available as [services.systemd-lock-handler.enable](#opt-services.systemd-lock-handler.enable).
|
- [systemd-lock-handler](https://git.sr.ht/~whynothugo/systemd-lock-handler/), a bridge between logind D-Bus events and systemd targets. Available as [services.systemd-lock-handler.enable](#opt-services.systemd-lock-handler.enable).
|
||||||
|
|
||||||
|
- [wastebin](https://github.com/matze/wastebin), a pastebin server written in rust. Available as [services.wastebin](#opt-services.wastebin.enable).
|
||||||
|
|
||||||
- [Mealie](https://nightly.mealie.io/), a self-hosted recipe manager and meal planner with a RestAPI backend and a reactive frontend application built in NuxtJS for a pleasant user experience for the whole family. Available as [services.mealie](#opt-services.mealie.enable)
|
- [Mealie](https://nightly.mealie.io/), a self-hosted recipe manager and meal planner with a RestAPI backend and a reactive frontend application built in NuxtJS for a pleasant user experience for the whole family. Available as [services.mealie](#opt-services.mealie.enable)
|
||||||
|
|
||||||
- [Uni-Sync](https://github.com/EightB1ts/uni-sync), a synchronization tool for Lian Li Uni Controllers. Available as [hardware.uni-sync](#opt-hardware.uni-sync.enable)
|
- [Uni-Sync](https://github.com/EightB1ts/uni-sync), a synchronization tool for Lian Li Uni Controllers. Available as [hardware.uni-sync](#opt-hardware.uni-sync.enable)
|
||||||
|
|
|
@ -799,6 +799,7 @@
|
||||||
./services/misc/transfer-sh.nix
|
./services/misc/transfer-sh.nix
|
||||||
./services/misc/tzupdate.nix
|
./services/misc/tzupdate.nix
|
||||||
./services/misc/uhub.nix
|
./services/misc/uhub.nix
|
||||||
|
./services/misc/wastebin.nix
|
||||||
./services/misc/weechat.nix
|
./services/misc/weechat.nix
|
||||||
./services/misc/workout-tracker.nix
|
./services/misc/workout-tracker.nix
|
||||||
./services/misc/xmr-stak.nix
|
./services/misc/xmr-stak.nix
|
||||||
|
|
158
nixos/modules/services/misc/wastebin.nix
Normal file
158
nixos/modules/services/misc/wastebin.nix
Normal file
|
@ -0,0 +1,158 @@
|
||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
cfg = config.services.wastebin;
|
||||||
|
inherit (lib)
|
||||||
|
mkEnableOption mkPackageOption mkIf mkOption
|
||||||
|
types mapAttrs isBool getExe boolToString optionalAttrs;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
|
||||||
|
options.services.wastebin = {
|
||||||
|
|
||||||
|
enable = mkEnableOption "Wastenbin pastebin service";
|
||||||
|
|
||||||
|
package = mkPackageOption pkgs "wastebin" { };
|
||||||
|
|
||||||
|
stateDir = mkOption {
|
||||||
|
type = types.path;
|
||||||
|
default = "/var/lib/wastebin";
|
||||||
|
description = "State directory of the daemon.";
|
||||||
|
};
|
||||||
|
|
||||||
|
secretFile = mkOption {
|
||||||
|
type = types.nullOr types.path;
|
||||||
|
default = null;
|
||||||
|
example = "/run/secrets/wastebin.env";
|
||||||
|
description = ''
|
||||||
|
Path to file containing sensitive environment variables.
|
||||||
|
Some variables that can be considered secrets are:
|
||||||
|
|
||||||
|
- WASTEBIN_PASSWORD_SALT:
|
||||||
|
salt used to hash user passwords used for encrypting pastes.
|
||||||
|
|
||||||
|
- WASTEBIN_SIGNING_KEY:
|
||||||
|
sets the key to sign cookies. If not set, a random key will be
|
||||||
|
generated which means cookies will become invalid after restarts and
|
||||||
|
paste creators will not be able to delete their pastes anymore.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
settings = mkOption {
|
||||||
|
|
||||||
|
description = ''
|
||||||
|
Additional configuration for wastebin, see
|
||||||
|
<https://github.com/matze/wastebin#usage> for supported values.
|
||||||
|
For secrets use secretFile option instead.
|
||||||
|
'';
|
||||||
|
|
||||||
|
type = types.submodule {
|
||||||
|
|
||||||
|
freeformType = with types; attrsOf (oneOf [ bool int str ]);
|
||||||
|
|
||||||
|
options = {
|
||||||
|
|
||||||
|
WASTEBIN_ADDRESS_PORT = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
default = "0.0.0.0:8088";
|
||||||
|
description = "Address and port to bind to";
|
||||||
|
};
|
||||||
|
|
||||||
|
WASTEBIN_BASE_URL = mkOption {
|
||||||
|
default = "http://localhost";
|
||||||
|
example = "https://myhost.tld";
|
||||||
|
type = types.str;
|
||||||
|
description = ''
|
||||||
|
Base URL for the QR code display. If not set, the user agent's Host
|
||||||
|
header field is used as an approximation.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
WASTEBIN_CACHE_SIZE = mkOption {
|
||||||
|
default = 128;
|
||||||
|
type = types.int;
|
||||||
|
description = "Number of rendered syntax highlight items to cache. Can be disabled by setting to 0.";
|
||||||
|
};
|
||||||
|
|
||||||
|
WASTEBIN_DATABASE_PATH = mkOption {
|
||||||
|
default = "/var/lib/wastebin/sqlite3.db"; # TODO make this default to stateDir/sqlite3.db
|
||||||
|
type = types.str;
|
||||||
|
description = "Path to the sqlite3 database file. If not set, an in-memory database is used.";
|
||||||
|
};
|
||||||
|
|
||||||
|
WASTEBIN_HTTP_TIMEOUT = mkOption {
|
||||||
|
default = 5;
|
||||||
|
type = types.int;
|
||||||
|
description = "Maximum number of seconds a request can be processed until wastebin responds with 408";
|
||||||
|
};
|
||||||
|
|
||||||
|
WASTEBIN_MAX_BODY_SIZE = mkOption {
|
||||||
|
default = 1024;
|
||||||
|
type = types.int;
|
||||||
|
description = "Number of bytes to accept for POST requests";
|
||||||
|
};
|
||||||
|
|
||||||
|
WASTEBIN_TITLE = mkOption {
|
||||||
|
default = "wastebin";
|
||||||
|
type = types.str;
|
||||||
|
description = "Overrides the HTML page title";
|
||||||
|
};
|
||||||
|
|
||||||
|
RUST_LOG = mkOption {
|
||||||
|
default = "info";
|
||||||
|
type = types.str;
|
||||||
|
description =
|
||||||
|
''
|
||||||
|
Influences logging. Besides the typical trace, debug, info etc.
|
||||||
|
keys, you can also set the tower_http key to some log level to get
|
||||||
|
additional information request and response logs.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
default = { };
|
||||||
|
|
||||||
|
example = {
|
||||||
|
WASTEBIN_TITLE = "My awesome pastebin";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = mkIf cfg.enable
|
||||||
|
{
|
||||||
|
systemd.services.wastebin = {
|
||||||
|
after = [ "network.target" ];
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
environment = mapAttrs (_: v: if isBool v then boolToString v else toString v) cfg.settings;
|
||||||
|
serviceConfig = {
|
||||||
|
CapabilityBoundingSet = [ "CAP_NET_BIND_SERVICE" ];
|
||||||
|
DevicePolicy = "closed";
|
||||||
|
DynamicUser = true;
|
||||||
|
ExecStart = "${getExe cfg.package}";
|
||||||
|
LockPersonality = true;
|
||||||
|
MemoryDenyWriteExecute = true;
|
||||||
|
PrivateDevices = true;
|
||||||
|
PrivateUsers = true;
|
||||||
|
ProtectClock = true;
|
||||||
|
ProtectControlGroups = true;
|
||||||
|
ProtectHostname = true;
|
||||||
|
ProtectKernelLogs = true;
|
||||||
|
ProtectKernelModules = true;
|
||||||
|
ProtectKernelTunables = true;
|
||||||
|
ProtectProc = "invisible";
|
||||||
|
RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ];
|
||||||
|
RestrictNamespaces = true;
|
||||||
|
RestrictRealtime = true;
|
||||||
|
SystemCallArchitectures = [ "native" ];
|
||||||
|
SystemCallFilter = [ "@system-service" ];
|
||||||
|
StateDirectory = baseNameOf cfg.stateDir;
|
||||||
|
ReadWritePaths = cfg.stateDir;
|
||||||
|
} // optionalAttrs (cfg.secretFile != null) {
|
||||||
|
EnvironmentFile = cfg.secretFile;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
meta.maintainers = with lib.maintainers; [ pinpox ];
|
||||||
|
}
|
|
@ -985,6 +985,7 @@ in {
|
||||||
vsftpd = handleTest ./vsftpd.nix {};
|
vsftpd = handleTest ./vsftpd.nix {};
|
||||||
warzone2100 = handleTest ./warzone2100.nix {};
|
warzone2100 = handleTest ./warzone2100.nix {};
|
||||||
wasabibackend = handleTest ./wasabibackend.nix {};
|
wasabibackend = handleTest ./wasabibackend.nix {};
|
||||||
|
wastebin = handleTest ./wastebin.nix {};
|
||||||
watchdogd = handleTest ./watchdogd.nix {};
|
watchdogd = handleTest ./watchdogd.nix {};
|
||||||
webhook = runTest ./webhook.nix;
|
webhook = runTest ./webhook.nix;
|
||||||
wiki-js = handleTest ./wiki-js.nix {};
|
wiki-js = handleTest ./wiki-js.nix {};
|
||||||
|
|
19
nixos/tests/wastebin.nix
Normal file
19
nixos/tests/wastebin.nix
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
import ./make-test-python.nix ({ pkgs, lib, ... }: {
|
||||||
|
name = "wastebin";
|
||||||
|
|
||||||
|
meta = {
|
||||||
|
maintainers = with lib.maintainers; [ pinpox ];
|
||||||
|
};
|
||||||
|
|
||||||
|
nodes.machine = { pkgs, ... }: {
|
||||||
|
services.wastebin = {
|
||||||
|
enable = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
testScript = ''
|
||||||
|
machine.wait_for_unit("wastebin.service")
|
||||||
|
machine.wait_for_open_port(8088)
|
||||||
|
machine.succeed("curl --fail http://localhost:8088/")
|
||||||
|
'';
|
||||||
|
})
|
|
@ -11,7 +11,7 @@
|
||||||
|
|
||||||
stdenvNoCC.mkDerivation rec {
|
stdenvNoCC.mkDerivation rec {
|
||||||
pname = "irpf";
|
pname = "irpf";
|
||||||
version = "2023-1.5";
|
version = "2024-1.0";
|
||||||
|
|
||||||
# https://www.gov.br/receitafederal/pt-br/centrais-de-conteudo/download/pgd/dirpf
|
# https://www.gov.br/receitafederal/pt-br/centrais-de-conteudo/download/pgd/dirpf
|
||||||
# Para outros sistemas operacionais -> Multi
|
# Para outros sistemas operacionais -> Multi
|
||||||
|
@ -19,7 +19,7 @@ stdenvNoCC.mkDerivation rec {
|
||||||
year = lib.head (lib.splitVersion version);
|
year = lib.head (lib.splitVersion version);
|
||||||
in fetchzip {
|
in fetchzip {
|
||||||
url = "https://downloadirpf.receita.fazenda.gov.br/irpf/${year}/irpf/arquivos/IRPF${version}.zip";
|
url = "https://downloadirpf.receita.fazenda.gov.br/irpf/${year}/irpf/arquivos/IRPF${version}.zip";
|
||||||
hash = "sha256-L1X+xysQSJ43TO8NSdO+T4aalampd4REL+5Uv33kYUI=";
|
hash = "sha256-x47Ud/aSfPuZYMZSGhJLnNFtNE62I+WjaFFatJPMPYg=";
|
||||||
};
|
};
|
||||||
|
|
||||||
nativeBuildInputs = [ unzip makeWrapper copyDesktopItems ];
|
nativeBuildInputs = [ unzip makeWrapper copyDesktopItems ];
|
||||||
|
|
|
@ -7,6 +7,7 @@
|
||||||
makeWrapper,
|
makeWrapper,
|
||||||
meson,
|
meson,
|
||||||
ninja,
|
ninja,
|
||||||
|
nix-update-script,
|
||||||
nixosTests,
|
nixosTests,
|
||||||
pkg-config,
|
pkg-config,
|
||||||
python3,
|
python3,
|
||||||
|
@ -15,13 +16,13 @@
|
||||||
|
|
||||||
stdenv.mkDerivation rec {
|
stdenv.mkDerivation rec {
|
||||||
pname = "lxcfs";
|
pname = "lxcfs";
|
||||||
version = "5.0.4";
|
version = "6.0.0";
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "lxc";
|
owner = "lxc";
|
||||||
repo = "lxcfs";
|
repo = "lxcfs";
|
||||||
rev = "lxcfs-${version}";
|
rev = "v${version}";
|
||||||
sha256 = "sha256-vusxbFV7cnQVBOOo7E+fSyaE63f5QiE2xZhYavc8jJU=";
|
sha256 = "sha256-Mx2ZTul3hUEL9SloYSOh+MGoc2QmZg88MTsfIOvaIZU=";
|
||||||
};
|
};
|
||||||
|
|
||||||
patches = [
|
patches = [
|
||||||
|
@ -35,7 +36,6 @@ stdenv.mkDerivation rec {
|
||||||
./pidfd.patch
|
./pidfd.patch
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
||||||
nativeBuildInputs = [
|
nativeBuildInputs = [
|
||||||
meson
|
meson
|
||||||
help2man
|
help2man
|
||||||
|
@ -60,9 +60,13 @@ stdenv.mkDerivation rec {
|
||||||
patchelf --set-rpath "$(patchelf --print-rpath "$out/bin/lxcfs"):$out/lib" "$out/bin/lxcfs"
|
patchelf --set-rpath "$(patchelf --print-rpath "$out/bin/lxcfs"):$out/lib" "$out/bin/lxcfs"
|
||||||
'';
|
'';
|
||||||
|
|
||||||
passthru.tests = {
|
passthru = {
|
||||||
incus-container-old-init = nixosTests.incus.container-old-init;
|
tests = {
|
||||||
incus-container-new-init = nixosTests.incus.container-new-init;
|
incus-container-legacy-init = nixosTests.incus.container-legacy-init;
|
||||||
|
incus-container-systemd-init = nixosTests.incus.container-systemd-init;
|
||||||
|
};
|
||||||
|
|
||||||
|
updateScript = nix-update-script { };
|
||||||
};
|
};
|
||||||
|
|
||||||
meta = {
|
meta = {
|
43
pkgs/by-name/wa/wastebin/package.nix
Normal file
43
pkgs/by-name/wa/wastebin/package.nix
Normal file
|
@ -0,0 +1,43 @@
|
||||||
|
{ lib
|
||||||
|
, rustPlatform
|
||||||
|
, fetchFromGitHub
|
||||||
|
, pkg-config
|
||||||
|
, sqlite
|
||||||
|
, zstd
|
||||||
|
}:
|
||||||
|
|
||||||
|
rustPlatform.buildRustPackage rec {
|
||||||
|
pname = "wastebin";
|
||||||
|
version = "2.4.3";
|
||||||
|
|
||||||
|
src = fetchFromGitHub {
|
||||||
|
owner = "matze";
|
||||||
|
repo = "wastebin";
|
||||||
|
rev = version;
|
||||||
|
hash = "sha256-5L9ug/OOvobic3bYjz8KUkQdnaVmAb2ltXCCiZkVHOg=";
|
||||||
|
};
|
||||||
|
|
||||||
|
cargoHash = "sha256-KbYbsV3+xhGFgcKrdLMiQ5+1meePjXYMD9PltlO+QMA=";
|
||||||
|
|
||||||
|
nativeBuildInputs = [
|
||||||
|
pkg-config
|
||||||
|
];
|
||||||
|
|
||||||
|
buildInputs = [
|
||||||
|
sqlite
|
||||||
|
zstd
|
||||||
|
];
|
||||||
|
|
||||||
|
env = {
|
||||||
|
ZSTD_SYS_USE_PKG_CONFIG = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
meta = with lib; {
|
||||||
|
description = "Wastebin is a pastebin";
|
||||||
|
homepage = "https://github.com/matze/wastebin";
|
||||||
|
changelog = "https://github.com/matze/wastebin/blob/${src.rev}/CHANGELOG.md";
|
||||||
|
license = licenses.mit;
|
||||||
|
maintainers = with maintainers; [ pinpox matthiasbeyer ];
|
||||||
|
mainProgram = "wastebin";
|
||||||
|
};
|
||||||
|
}
|
|
@ -2,6 +2,7 @@
|
||||||
, buildPythonPackage
|
, buildPythonPackage
|
||||||
, pythonOlder
|
, pythonOlder
|
||||||
, fetchFromGitHub
|
, fetchFromGitHub
|
||||||
|
, setuptools
|
||||||
, requests
|
, requests
|
||||||
, pytestCheckHook
|
, pytestCheckHook
|
||||||
, responses
|
, responses
|
||||||
|
@ -9,19 +10,23 @@
|
||||||
|
|
||||||
buildPythonPackage rec {
|
buildPythonPackage rec {
|
||||||
pname = "herepy";
|
pname = "herepy";
|
||||||
version = "3.6.0";
|
version = "3.6.1";
|
||||||
format = "setuptools";
|
pyproject = true;
|
||||||
|
|
||||||
disabled = pythonOlder "3.5";
|
disabled = pythonOlder "3.8";
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "abdullahselek";
|
owner = "abdullahselek";
|
||||||
repo = "HerePy";
|
repo = "HerePy";
|
||||||
rev = "refs/tags/${version}";
|
rev = "refs/tags/${version}";
|
||||||
hash = "sha256-wz6agxPKQvWobRIiYKYU2og33tzswd0qG1hawPCh1qI=";
|
hash = "sha256-DOtlXoVelTGY/fKkHW/K0d0w52Q7N91Whi9AHG4tRZQ=";
|
||||||
};
|
};
|
||||||
|
|
||||||
propagatedBuildInputs = [
|
build-system = [
|
||||||
|
setuptools
|
||||||
|
];
|
||||||
|
|
||||||
|
dependencies = [
|
||||||
requests
|
requests
|
||||||
];
|
];
|
||||||
|
|
||||||
|
@ -35,6 +40,7 @@ buildPythonPackage rec {
|
||||||
];
|
];
|
||||||
|
|
||||||
meta = with lib; {
|
meta = with lib; {
|
||||||
|
changelog = "https://github.com/abdullahselek/HerePy/releases/tag/${version}";
|
||||||
description = "Library that provides a Python interface to the HERE APIs";
|
description = "Library that provides a Python interface to the HERE APIs";
|
||||||
homepage = "https://github.com/abdullahselek/HerePy";
|
homepage = "https://github.com/abdullahselek/HerePy";
|
||||||
license = licenses.mit;
|
license = licenses.mit;
|
||||||
|
|
|
@ -63,8 +63,8 @@ stdenv.mkDerivation rec {
|
||||||
|
|
||||||
passthru = {
|
passthru = {
|
||||||
tests = {
|
tests = {
|
||||||
incus-old-init = nixosTests.incus.container-old-init;
|
incus-legacy-init = nixosTests.incus.container-legacy-init;
|
||||||
incus-new-init = nixosTests.incus.container-new-init;
|
incus-systemd-init = nixosTests.incus.container-systemd-init;
|
||||||
};
|
};
|
||||||
updateScript = nix-update-script {
|
updateScript = nix-update-script {
|
||||||
extraArgs = [
|
extraArgs = [
|
||||||
|
|
|
@ -52,8 +52,8 @@ buildGoModule rec {
|
||||||
|
|
||||||
passthru = {
|
passthru = {
|
||||||
tests = {
|
tests = {
|
||||||
incus-old-init = nixosTests.incus.container-old-init;
|
incus-legacy-init = nixosTests.incus.container-legacy-init;
|
||||||
incus-new-init = nixosTests.incus.container-new-init;
|
incus-systemd-init = nixosTests.incus.container-systemd-init;
|
||||||
};
|
};
|
||||||
|
|
||||||
generator = callPackage ./generator.nix { inherit src version; };
|
generator = callPackage ./generator.nix { inherit src version; };
|
||||||
|
|
|
@ -10579,7 +10579,6 @@ with pkgs;
|
||||||
lwc = callPackage ../tools/misc/lwc { };
|
lwc = callPackage ../tools/misc/lwc { };
|
||||||
|
|
||||||
lxc = callPackage ../os-specific/linux/lxc { };
|
lxc = callPackage ../os-specific/linux/lxc { };
|
||||||
lxcfs = callPackage ../os-specific/linux/lxcfs { };
|
|
||||||
|
|
||||||
lxd = callPackage ../tools/admin/lxd/wrapper.nix { };
|
lxd = callPackage ../tools/admin/lxd/wrapper.nix { };
|
||||||
lxd-unwrapped = callPackage ../tools/admin/lxd {
|
lxd-unwrapped = callPackage ../tools/admin/lxd {
|
||||||
|
|
Loading…
Reference in New Issue
Block a user