colin/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge master into haskell-updates

Browse Source
This commit is contained in:
github-actions[bot] 2022-10-27 00:16:38 +00:00 committed by GitHub
commit 4404ed785e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
251 changed files with 9692 additions and 10533 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
doc/build-aux/pandoc-filters/docbook-writer/html-elements.lua Normal file
View File

@ -0,0 +1,11 @@
--[[
Converts some HTML elements commonly used in Markdown to corresponding DocBook elements.
]]
function RawInline(elem)
if elem.format == 'html' and elem.text == '<kbd>' then
return pandoc.RawInline('docbook', '<keycap>')
elseif elem.format == 'html' and elem.text == '</kbd>' then
return pandoc.RawInline('docbook', '</keycap>')
end
end

1
doc/doc-support/lib-function-docs.nix
View File

@ -22,6 +22,7 @@ with pkgs; stdenv.mkDerivation {
docgen lists 'List manipulation functions'
docgen debug 'Debugging functions'
docgen options 'NixOS / nixpkgs option handling'
docgen filesystem 'Filesystem functions'
docgen sources 'Source filtering functions'
'';
}

2
doc/functions/library.xml
View File

@ -26,5 +26,7 @@
<xi:include href="./library/generated/options.xml" />
<xi:include href="./library/generated/filesystem.xml" />
<xi:include href="./library/generated/sources.xml" />
</section>

58
lib/filesystem.nix
View File

@ -1,9 +1,23 @@
# Functions for copying sources to the Nix store.
{ lib }:
{ # haskellPathsInDir : Path -> Map String Path
# A map of all haskell packages defined in the given path,
# identified by having a cabal file with the same name as the
# directory itself.
haskellPathsInDir = root:
let
inherit (lib.strings)
hasPrefix
;
in
{
/*
A map of all haskell packages defined in the given path,
identified by having a cabal file with the same name as the
directory itself.
Type: Path -> Map String Path
*/
haskellPathsInDir =
# The directory within to search
root:
let # Files in the root
root-files = builtins.attrNames (builtins.readDir root);
# Files with their full paths
@ -17,15 +31,18 @@
builtins.pathExists (value + "/${name}.cabal")
) root-files-with-paths;
in builtins.listToAttrs cabal-subdirs;
# locateDominatingFile : RegExp
# -> Path
# -> Nullable { path : Path;
# matches : [ MatchResults ];
# }
# Find the first directory containing a file matching 'pattern'
# upward from a given 'file'.
# Returns 'null' if no directories contain a file matching 'pattern'.
locateDominatingFile = pattern: file:
/*
Find the first directory containing a file matching 'pattern'
upward from a given 'file'.
Returns 'null' if no directories contain a file matching 'pattern'.
Type: RegExp -> Path -> Nullable { path : Path; matches : [ MatchResults ]; }
*/
locateDominatingFile =
# The pattern to search for
pattern:
# The file to start searching upward from
file:
let go = path:
let files = builtins.attrNames (builtins.readDir path);
matches = builtins.filter (match: match != null)
@ -44,10 +61,15 @@
in go (if isDir then file else parent);
# listFilesRecursive: Path -> [ Path ]
#
# Given a directory, return a flattened list of all files within it recursively.
listFilesRecursive = dir: lib.flatten (lib.mapAttrsToList (name: type:
/*
Given a directory, return a flattened list of all files within it recursively.
Type: Path -> [ Path ]
*/
listFilesRecursive =
# The path to recursively list
dir:
lib.flatten (lib.mapAttrsToList (name: type:
if type == "directory" then
lib.filesystem.listFilesRecursive (dir + "/${name}")
else

43
maintainers/maintainer-list.nix
View File

@ -326,10 +326,10 @@
name = "Maxwell Huang-Hobbs";
};
adjacentresearch = {
email = "nate@adjacentresearch.xyz";
github = "0xperp";
githubId = 96147421;
name = "0xperp";
email = "nate@adjacentresearch.xyz";
github = "0xperp";
githubId = 96147421;
name = "0xperp";
};
adnelson = {
email = "ithinkican@gmail.com";
@ -528,10 +528,10 @@
name = "Aksh Gupta";
};
alapshin = {
email = "alapshin@fastmail.com";
github = "alapshin";
githubId = 321946;
name = "Andrei Lapshin";
email = "alapshin@fastmail.com";
github = "alapshin";
githubId = 321946;
name = "Andrei Lapshin";
};
albakham = {
email = "dev@geber.ga";
@ -5760,7 +5760,7 @@
githubId = 40234257;
name = "ilkecan bozdogan";
};
not-my-segfault = {
not-my-segfault = {
email = "michal@tar.black";
matrix = "@michal:tar.black";
github = "not-my-segfault";
@ -10755,6 +10755,15 @@
fingerprint = "B00F E582 FD3F 0732 EA48 3937 F558 14E4 D687 4375";
}];
};
PlayerNameHere = {
name = "Dixon Sean Low Yan Feng";
email = "dixonseanlow@protonmail.com";
github = "PlayerNameHere";
githubId = 56017218;
keys = [{
fingerprint = "E6F4 BFB4 8DE3 893F 68FC A15F FF5F 4B30 A41B BAC8";
}];
};
plchldr = {
email = "mail@oddco.de";
github = "plchldr";
@ -10767,6 +10776,12 @@
githubId = 358550;
name = "Philip Lykke Carlsen";
};
pleshevskiy = {
email = "dmitriy@pleshevski.ru";
github = "pleshevskiy";
githubId = 7839004;
name = "Dmitriy Pleshevskiy";
};
plumps = {
email = "maks.bronsky@web.de";
github = "plumps";
@ -14076,11 +14091,11 @@
name = "Urban Skudnik";
};
usrfriendly = {
name = "Arin Lares";
email = "arinlares@gmail.com";
github = "usrfriendly";
githubId = 2502060;
};
name = "Arin Lares";
email = "arinlares@gmail.com";
github = "usrfriendly";
githubId = 2502060;
};
utdemir = {
email = "me@utdemir.com";
github = "utdemir";

2
maintainers/scripts/luarocks-packages.csv
View File

@ -63,7 +63,7 @@ luaepnf,,,,,,
luaevent,,,,,,
luaexpat,,,,1.4.1-1,,arobyn flosse
luaffi,,,http://luarocks.org/dev,,,
luafilesystem,,,,1.7.0-2,,flosse
luafilesystem,,,,1.8.0-1,,flosse
lualogging,,,,,,
luaossl,,,,,5.1,
luaposix,,,,34.1.1-1,,vyp lblasc

1 name src ref server version luaversion maintainers
63 luaevent
64 luaexpat 1.4.1-1 arobyn flosse
65 luaffi http://luarocks.org/dev
66 luafilesystem 1.7.0-2 1.8.0-1 flosse
67 lualogging
68 luaossl 5.1
69 luaposix 34.1.1-1 vyp lblasc

148
nixos/doc/manual/from_md/installation/installing-usb.section.xml
View File

@ -1,35 +1,135 @@
<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-booting-from-usb">
<title>Booting from a USB Drive</title>
<title>Booting from a USB flash drive</title>
<para>
For systems without CD drive, the NixOS live CD can be booted from a
USB stick. You can use the <literal>dd</literal> utility to write
the image: <literal>dd if=path-to-image of=/dev/sdX</literal>. Be
careful about specifying the correct drive; you can use the
<literal>lsblk</literal> command to get a list of block devices.
The image has to be written verbatim to the USB flash drive for it
to be bootable on UEFI and BIOS systems. Here are the recommended
tools to do that.
</para>
<note>
<title>On macOS</title>
<section xml:id="sec-booting-from-usb-graphical">
<title>Creating bootable USB flash drive with a graphical
tool</title>
<para>
Etcher is a popular and user-friendly tool. It works on Linux,
Windows and macOS.
</para>
<para>
Download it from
<link xlink:href="https://www.balena.io/etcher/">balena.io</link>,
start the program, select the downloaded NixOS ISO, then select
the USB flash drive and flash it.
</para>
<warning>
<para>
Etcher reports errors and usage statistics by default, which can
be disabled in the settings.
</para>
</warning>
<para>
An alternative is
<link xlink:href="https://bztsrc.gitlab.io/usbimager">USBImager</link>,
which is very simple and does not connect to the internet.
Download the version with write-only (wo) interface for your
system. Start the program, select the image, select the USB flash
drive and click <quote>Write</quote>.
</para>
</section>
<section xml:id="sec-booting-from-usb-linux">
<title>Creating bootable USB flash drive from a Terminal on
Linux</title>
<orderedlist numeration="arabic" spacing="compact">
<listitem>
<para>
Plug in the USB flash drive.
</para>
</listitem>
<listitem>
<para>
Find the corresponding device with <literal>lsblk</literal>.
You can distinguish them by their size.
</para>
</listitem>
<listitem>
<para>
Make sure all partitions on the device are properly unmounted.
Replace <literal>sdX</literal> with your device (e.g.
<literal>sdb</literal>).
</para>
</listitem>
</orderedlist>
<programlisting>
$ diskutil list
[..]
/dev/diskN (external, physical):
#: TYPE NAME SIZE IDENTIFIER
[..]
$ diskutil unmountDisk diskN
Unmount of all volumes on diskN was successful
$ sudo dd if=nix.iso of=/dev/rdiskN bs=1M
sudo umount /dev/sdX*
</programlisting>
<orderedlist numeration="arabic" spacing="compact">
<listitem override="4">
<para>
Then use the <literal>dd</literal> utility to write the image
to the USB flash drive.
</para>
</listitem>
</orderedlist>
<programlisting>
sudo dd if=&lt;path-to-image&gt; of=/dev/sdX bs=4M conv=fsync
</programlisting>
</section>
<section xml:id="sec-booting-from-usb-macos">
<title>Creating bootable USB flash drive from a Terminal on
macOS</title>
<orderedlist numeration="arabic" spacing="compact">
<listitem>
<para>
Plug in the USB flash drive.
</para>
</listitem>
<listitem>
<para>
Find the corresponding device with
<literal>diskutil list</literal>. You can distinguish them by
their size.
</para>
</listitem>
<listitem>
<para>
Make sure all partitions on the device are properly unmounted.
Replace <literal>diskX</literal> with your device (e.g.
<literal>disk1</literal>).
</para>
</listitem>
</orderedlist>
<programlisting>
diskutil unmountDisk diskX
</programlisting>
<orderedlist numeration="arabic" spacing="compact">
<listitem override="4">
<para>
Then use the <literal>dd</literal> utility to write the image
to the USB flash drive.
</para>
</listitem>
</orderedlist>
<programlisting>
sudo dd if=&lt;path-to-image&gt; of=/dev/rdiskX bs=4m
</programlisting>
<para>
Using the 'raw' <literal>rdiskN</literal> device instead of
<literal>diskN</literal> completes in minutes instead of hours.
After <literal>dd</literal> completes, a GUI dialog &quot;The disk
you inserted was not readable by this computer&quot; will pop up,
which can be ignored.
</para>
</note>
<para>
The <literal>dd</literal> utility will write the image verbatim to
the drive, making it the recommended option for both UEFI and
non-UEFI installations.
</para>
<note>
<para>
Using the 'raw' <literal>rdiskX</literal> device instead of
<literal>diskX</literal> with dd completes in minutes instead of
hours.
</para>
</note>
<orderedlist numeration="arabic" spacing="compact">
<listitem override="5">
<para>
Eject the disk when it is finished.
</para>
</listitem>
</orderedlist>
<programlisting>
diskutil eject /dev/diskX
</programlisting>
</section>
</section>

1123
nixos/doc/manual/from_md/installation/installing.chapter.xml
View File

File diff suppressed because it is too large Load Diff

29
nixos/doc/manual/from_md/installation/obtaining.chapter.xml
View File

@ -2,16 +2,15 @@
<title>Obtaining NixOS</title>
<para>
NixOS ISO images can be downloaded from the
<link xlink:href="https://nixos.org/nixos/download.html">NixOS
download page</link>. There are a number of installation options. If
you happen to have an optical drive and a spare CD, burning the
image to CD and booting from that is probably the easiest option.
Most people will need to prepare a USB stick to boot from.
<xref linkend="sec-booting-from-usb" /> describes the preferred
method to prepare a USB stick. A number of alternative methods are
presented in the
<link xlink:href="https://nixos.wiki/wiki/NixOS_Installation_Guide#Making_the_installation_media">NixOS
Wiki</link>.
<link xlink:href="https://nixos.org/download.html#nixos-iso">NixOS
download page</link>. Follow the instructions in
<xref linkend="sec-booting-from-usb" /> to create a bootable USB
flash drive.
</para>
<para>
If you have a very old system that cant boot from USB, you can burn
the image to an empty CD. NixOS might not work very well on such
systems.
</para>
<para>
As an alternative to installing NixOS yourself, you can get a
@ -23,16 +22,16 @@
Using virtual appliances in Open Virtualization Format (OVF)
that can be imported into VirtualBox. These are available from
the
<link xlink:href="https://nixos.org/nixos/download.html">NixOS
<link xlink:href="https://nixos.org/download.html#nixos-virtualbox">NixOS
download page</link>.
</para>
</listitem>
<listitem>
<para>
Using AMIs for Amazons EC2. To find one for your region and
instance type, please refer to the
<link xlink:href="https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/virtualisation/ec2-amis.nix">list
of most recent AMIs</link>.
Using AMIs for Amazons EC2. To find one for your region, please
refer to the
<link xlink:href="https://nixos.org/download.html#nixos-amazon">download
page</link>.
</para>
</listitem>
<listitem>

25
nixos/doc/manual/from_md/release-notes/rl-2211.section.xml
View File

@ -312,6 +312,14 @@
<link linkend="opt-services.endlessh-go.enable">services.endlessh-go</link>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://garagehq.deuxfleurs.fr/">Garage</link>,
a simple object storage server for geodistributed deployments,
alternative to MinIO. Available as
<link linkend="opt-services.garage.enable">services.garage</link>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://netbird.io">netbird</link>, a zero
@ -761,6 +769,14 @@
for vim).
</para>
</listitem>
<listitem>
<para>
The <literal>adguardhome</literal> module no longer uses
<literal>host</literal> and <literal>port</literal> options,
use <literal>settings.bind_host</literal> and
<literal>settings.bind_port</literal> instead.
</para>
</listitem>
<listitem>
<para>
The default <literal>kops</literal> version is now 1.25.1 and
@ -885,6 +901,15 @@
<literal>~/.local/share/PrismLauncher/prismlauncher.cfg</literal>.
</para>
</listitem>
<listitem>
<para>
The <literal>bloat</literal> package has been updated from
unstable-2022-03-31 to unstable-2022-10-25, which brings a
breaking change. See
<link xlink:href="https://git.freesoftwareextremist.com/bloat/commit/?id=887ed241d64ba5db3fd3d87194fb5595e5ad7d73">this
upstream commit message</link> for details.
</para>
</listitem>
<listitem>
<para>
The <literal>services.matrix-synapse</literal> systemd unit

91
nixos/doc/manual/installation/installing-usb.section.md
View File

@ -1,31 +1,72 @@
# Booting from a USB Drive {#sec-booting-from-usb}
# Booting from a USB flash drive {#sec-booting-from-usb}
For systems without CD drive, the NixOS live CD can be booted from a USB
stick. You can use the `dd` utility to write the image:
`dd if=path-to-image of=/dev/sdX`. Be careful about specifying the correct
drive; you can use the `lsblk` command to get a list of block devices.
The image has to be written verbatim to the USB flash drive for it to be
bootable on UEFI and BIOS systems. Here are the recommended tools to do that.
::: {.note}
::: {.title}
On macOS
## Creating bootable USB flash drive with a graphical tool {#sec-booting-from-usb-graphical}
Etcher is a popular and user-friendly tool. It works on Linux, Windows and macOS.
Download it from [balena.io](https://www.balena.io/etcher/), start the program,
select the downloaded NixOS ISO, then select the USB flash drive and flash it.
::: {.warning}
Etcher reports errors and usage statistics by default, which can be disabled in
the settings.
:::
```ShellSession
$ diskutil list
[..]
/dev/diskN (external, physical):
#: TYPE NAME SIZE IDENTIFIER
[..]
$ diskutil unmountDisk diskN
Unmount of all volumes on diskN was successful
$ sudo dd if=nix.iso of=/dev/rdiskN bs=1M
```
An alternative is [USBImager](https://bztsrc.gitlab.io/usbimager),
which is very simple and does not connect to the internet. Download the version
with write-only (wo) interface for your system. Start the program,
select the image, select the USB flash drive and click "Write".
Using the \'raw\' `rdiskN` device instead of `diskN` completes in
minutes instead of hours. After `dd` completes, a GUI dialog \"The disk
you inserted was not readable by this computer\" will pop up, which can
be ignored.
:::
## Creating bootable USB flash drive from a Terminal on Linux {#sec-booting-from-usb-linux}
The `dd` utility will write the image verbatim to the drive, making it
the recommended option for both UEFI and non-UEFI installations.
1. Plug in the USB flash drive.
2. Find the corresponding device with `lsblk`. You can distinguish them by
their size.
3. Make sure all partitions on the device are properly unmounted. Replace `sdX`
with your device (e.g. `sdb`).
```ShellSession
sudo umount /dev/sdX*
```
4. Then use the `dd` utility to write the image to the USB flash drive.
```ShellSession
sudo dd if=<path-to-image> of=/dev/sdX bs=4M conv=fsync
```
## Creating bootable USB flash drive from a Terminal on macOS {#sec-booting-from-usb-macos}
1. Plug in the USB flash drive.
2. Find the corresponding device with `diskutil list`. You can distinguish them
by their size.
3. Make sure all partitions on the device are properly unmounted. Replace `diskX`
with your device (e.g. `disk1`).
```ShellSession
diskutil unmountDisk diskX
```
4. Then use the `dd` utility to write the image to the USB flash drive.
```ShellSession
sudo dd if=<path-to-image> of=/dev/rdiskX bs=4m
```
After `dd` completes, a GUI dialog \"The disk
you inserted was not readable by this computer\" will pop up, which can
be ignored.
::: {.note}
Using the \'raw\' `rdiskX` device instead of `diskX` with dd completes in
minutes instead of hours.
:::
5. Eject the disk when it is finished.
```ShellSession
diskutil eject /dev/diskX
```

166
nixos/doc/manual/installation/installing.chapter.md
View File

@ -1,30 +1,143 @@
# Installing NixOS {#sec-installation}
## Booting the system {#sec-installation-booting}
## Booting from the install medium {#sec-installation-booting}
To begin the installation, you have to boot your computer from the install drive.
1. Plug in the install drive. Then turn on or restart your computer.
2. Open the boot menu by pressing the appropriate key, which is usually shown
on the display on early boot.
Select the USB flash drive (the option usually contains the word "USB").
If you choose the incorrect drive, your computer will likely continue to
boot as normal. In that case restart your computer and pick a
different drive.
::: {.note}
The key to open the boot menu is different across computer brands and even
models. It can be <kbd>F12</kbd>, but also <kbd>F1</kbd>,
<kbd>F9</kbd>, <kbd>F10</kbd>, <kbd>Enter</kbd>, <kbd>Del</kbd>,
<kbd>Esc</kbd> or another function key. If you are unsure and don't see
it on the early boot screen, you can search online for your computers
brand, model followed by "boot from usb".
The computer might not even have that feature, so you have to go into the
BIOS/UEFI settings to change the boot order. Again, search online for
details about your specific computer model.
For Apple computers with Intel processors press and hold the <kbd></kbd>
(Option or Alt) key until you see the boot menu. On Apple silicon press
and hold the power button.
:::
::: {.note}
If your computer supports both BIOS and UEFI boot, choose the UEFI option.
:::
::: {.note}
If you use a CD for the installation, the computer will probably boot from
it automatically. If not, choose the option containing the word "CD" from
the boot menu.
:::
3. Shortly after selecting the appropriate boot drive, you should be
presented with a menu with different installer options. Leave the default
and wait (or press <kbd>Enter</kbd> to speed up).
4. The graphical images will start their corresponding desktop environment
and the graphical installer, which can take some time. The minimal images
will boot to a command line. You have to follow the instructions in
[](#sec-installation-manual) there.
## Graphical Installation {#sec-installation-graphical}
The graphical installer is recommended for desktop users and will guide you
through the installation.
1. In the "Welcome" screen, you can select the language of the Installer and
the installed system.
::: {.tip}
Leaving the language as "American English" will make it easier to search for
error messages in a search engine or to report an issue.
:::
2. Next you should choose your location to have the timezone set correctly.
You can actually click on the map!
::: {.note}
The installer will use an online service to guess your location based on
your public IP address.
:::
3. Then you can select the keyboard layout. The default keyboard model should
work well with most desktop keyboards. If you have a special keyboard or
notebook, your model might be in the list. Select the language you are most
comfortable typing in.
4. On the "Users" screen, you have to type in your display name, login name
and password. You can also enable an option to automatically login to the
desktop.
5. Then you have the option to choose a desktop environment. If you want to
create a custom setup with a window manager, you can select "No desktop".
::: {.tip}
If you don't have a favorite desktop and don't know which one to choose,
you can stick to either GNOME or Plasma. They have a quite different
design, so you should choose whichever you like better.
They are both popular choices and well tested on NixOS.
:::
6. You have the option to allow unfree software in the next screen.
7. The easiest option in the "Partitioning" screen is "Erase disk", which will
delete all data from the selected disk and install the system on it.
Also select "Swap (with Hibernation)" in the dropdown below it.
You have the option to encrypt the whole disk with LUKS.
::: {.note}
At the top left you see if the Installer was booted with BIOS or UEFI. If
you know your system supports UEFI and it shows "BIOS", reboot with the
correct option.
:::
::: {.warning}
Make sure you have selected the correct disk at the top and that no
valuable data is still on the disk! It will be deleted when
formatting the disk.
:::
8. Check the choices you made in the "Summary" and click "Install".
::: {.note}
The installation takes about 15 minutes. The time varies based on the
selected desktop environment, internet connection speed and disk write speed.
:::
9. When the install is complete, remove the USB flash drive and
reboot into your new system!
## Manual Installation {#sec-installation-manual}
NixOS can be installed on BIOS or UEFI systems. The procedure for a UEFI
installation is by and large the same as a BIOS installation. The
differences are mentioned in the steps that follow.
installation is broadly the same as for a BIOS installation. The differences
are mentioned in the following steps.
The installation media can be burned to a CD, or now more commonly,
"burned" to a USB drive (see [](#sec-booting-from-usb)).
The NixOS manual is available by running `nixos-help` in the command line
or from the application menu in the desktop environment.
The installation media contains a basic NixOS installation. When it's
finished booting, it should have detected most of your hardware.
The NixOS manual is available by running `nixos-help`.
To have access to the command line on the graphical images, open
Terminal (GNOME) or Konsole (Plasma) from the application menu.
You are logged-in automatically as `nixos`. The `nixos` user account has
an empty password so you can use `sudo` without a password:
```ShellSession
$ sudo -i
```
If you downloaded the graphical ISO image, you can run `systemctl
start display-manager` to start the desktop environment. If you want
to continue on the terminal, you can use `loadkeys` to switch to your
preferred keyboard layout. (We even provide neo2 via `loadkeys de
neo`!)
You can use `loadkeys` to switch to your preferred keyboard layout.
(We even provide neo2 via `loadkeys de neo`!)
If the text is too small to be legible, try `setfont ter-v32n` to
increase the font size.
@ -33,7 +146,8 @@ To install over a serial port connect with `115200n8` (e.g.
`picocom -b 115200 /dev/ttyUSB0`). When the bootloader lists boot
entries, select the serial console boot entry.
### Networking in the installer {#sec-installation-booting-networking}
### Networking in the installer {#sec-installation-manual-networking}
[]{#sec-installation-booting-networking} <!-- legacy anchor -->
The boot process should have brought up networking (check `ip
a`). Networking is necessary for the installer, since it will
@ -100,7 +214,8 @@ placed by mounting the image on a different machine). Alternatively you
must set a password for either `root` or `nixos` with `passwd` to be
able to login.
## Partitioning and formatting {#sec-installation-partitioning}
### Partitioning and formatting {#sec-installation-manual-partitioning}
[]{#sec-installation-partitioning} <!-- legacy anchor -->
The NixOS installer doesn't do any partitioning or formatting, so you
need to do that yourself.
@ -112,7 +227,8 @@ below use `parted`, but also provides `fdisk`, `gdisk`, `cfdisk`, and
The recommended partition scheme differs depending if the computer uses
*Legacy Boot* or *UEFI*.
### UEFI (GPT) {#sec-installation-partitioning-UEFI}
#### UEFI (GPT) {#sec-installation-manual-partitioning-UEFI}
[]{#sec-installation-partitioning-UEFI} <!-- legacy anchor -->
Here\'s an example partition scheme for UEFI, using `/dev/sda` as the
device.
@ -158,9 +274,10 @@ update /etc/fstab.
```
Once complete, you can follow with
[](#sec-installation-partitioning-formatting).
[](#sec-installation-manual-partitioning-formatting).
### Legacy Boot (MBR) {#sec-installation-partitioning-MBR}
#### Legacy Boot (MBR) {#sec-installation-manual-partitioning-MBR}
[]{#sec-installation-partitioning-MBR} <!-- legacy anchor -->
Here\'s an example partition scheme for Legacy Boot, using `/dev/sda` as
the device.
@ -202,9 +319,10 @@ update /etc/fstab.
:::
Once complete, you can follow with
[](#sec-installation-partitioning-formatting).
[](#sec-installation-manual-partitioning-formatting).
### Formatting {#sec-installation-partitioning-formatting}
#### Formatting {#sec-installation-manual-partitioning-formatting}
[]{#sec-installation-partitioning-formatting} <!-- legacy anchor -->
Use the following commands:
@ -239,7 +357,8 @@ Use the following commands:
- For creating software RAID devices, use `mdadm`.
## Installing {#sec-installation-installing}
### Installing {#sec-installation-manual-installing}
[]{#sec-installation-installing} <!-- legacy anchor -->
1. Mount the target file system on which NixOS should be installed on
`/mnt`, e.g.
@ -410,7 +529,8 @@ Use the following commands:
You may also want to install some software. This will be covered in
[](#sec-package-management).
## Installation summary {#sec-installation-summary}
### Installation summary {#sec-installation-manual-summary}
[]{#sec-installation-summary} <!-- legacy anchor -->
To summarise, [Example: Commands for Installing NixOS on `/dev/sda`](#ex-install-sequence)
shows a typical sequence of commands for installing NixOS on an empty hard

19
nixos/doc/manual/installation/obtaining.chapter.md
View File

@ -1,24 +1,21 @@
# Obtaining NixOS {#sec-obtaining}
NixOS ISO images can be downloaded from the [NixOS download
page](https://nixos.org/nixos/download.html). There are a number of
installation options. If you happen to have an optical drive and a spare
CD, burning the image to CD and booting from that is probably the
easiest option. Most people will need to prepare a USB stick to boot
from. [](#sec-booting-from-usb) describes the preferred method to
prepare a USB stick. A number of alternative methods are presented in
the [NixOS Wiki](https://nixos.wiki/wiki/NixOS_Installation_Guide#Making_the_installation_media).
page](https://nixos.org/download.html#nixos-iso). Follow the instructions in
[](#sec-booting-from-usb) to create a bootable USB flash drive.
If you have a very old system that can't boot from USB, you can burn the image
to an empty CD. NixOS might not work very well on such systems.
As an alternative to installing NixOS yourself, you can get a running
NixOS system through several other means:
- Using virtual appliances in Open Virtualization Format (OVF) that
can be imported into VirtualBox. These are available from the [NixOS
download page](https://nixos.org/nixos/download.html).
download page](https://nixos.org/download.html#nixos-virtualbox).
- Using AMIs for Amazon's EC2. To find one for your region and
instance type, please refer to the [list of most recent
AMIs](https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/virtualisation/ec2-amis.nix).
- Using AMIs for Amazon's EC2. To find one for your region, please refer
to the [download page](https://nixos.org/download.html#nixos-amazon).
- Using NixOps, the NixOS-based cloud deployment tool, which allows
you to provision VirtualBox and EC2 NixOS instances from declarative

1
nixos/doc/manual/md-to-db.sh
View File

@ -19,6 +19,7 @@ pandoc_flags=(
"--lua-filter=$DIR/../../../doc/build-aux/pandoc-filters/myst-reader/roles.lua"
"--lua-filter=$DIR/../../../doc/build-aux/pandoc-filters/link-unix-man-references.lua"
"--lua-filter=$DIR/../../../doc/build-aux/pandoc-filters/docbook-writer/rst-roles.lua"
"--lua-filter=$DIR/../../../doc/build-aux/pandoc-filters/docbook-writer/html-elements.lua"
"--lua-filter=$DIR/../../../doc/build-aux/pandoc-filters/docbook-writer/labelless-link-is-xref.lua"
-f "commonmark${pandoc_commonmark_enabled_extensions}+smart"
-t docbook

6
nixos/doc/manual/release-notes/rl-2211.section.md
View File

@ -108,6 +108,8 @@ In addition to numerous new and upgraded packages, this release has the followin
- [endlessh-go](https://github.com/shizunge/endlessh-go), an SSH tarpit that exposes Prometheus metrics. Available as [services.endlessh-go](#opt-services.endlessh-go.enable).
- [Garage](https://garagehq.deuxfleurs.fr/), a simple object storage server for geodistributed deployments, alternative to MinIO. Available as [services.garage](#opt-services.garage.enable).
- [netbird](https://netbird.io), a zero configuration VPN.
Available as [services.netbird](options.html#opt-services.netbird.enable).
@ -242,6 +244,8 @@ Available as [services.patroni](options.html#opt-services.patroni.enable).
Use `configure.packages` instead.
- Neovim can not be configured with plug anymore (still works for vim).
- The `adguardhome` module no longer uses `host` and `port` options, use `settings.bind_host` and `settings.bind_port` instead.
- The default `kops` version is now 1.25.1 and support for 1.22 and older has been dropped.
- `k3s` no longer supports docker as runtime due to upstream dropping support.
@ -283,6 +287,8 @@ Available as [services.patroni](options.html#opt-services.patroni.enable).
from `~/.local/share/polymc/polymc.cfg` to
`~/.local/share/PrismLauncher/prismlauncher.cfg`.
- The `bloat` package has been updated from unstable-2022-03-31 to unstable-2022-10-25, which brings a breaking change. See [this upstream commit message](https://git.freesoftwareextremist.com/bloat/commit/?id=887ed241d64ba5db3fd3d87194fb5595e5ad7d73) for details.
- The `services.matrix-synapse` systemd unit has been hardened.
- The `services.grafana` options were converted to a [RFC 0042](https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md) configuration.

6
nixos/lib/make-options-doc/default.nix
View File

@ -125,7 +125,11 @@ in rec {
nativeBuildInputs = [
pkgs.brotli
(let
self = (pkgs.python3Minimal.override {
# python3Minimal can't be overridden with packages on Darwin, due to a missing framework.
# Instead of modifying stdenv, we take the easy way out, since most people on Darwin will
# just be hacking on the Nixpkgs manual (which also uses make-options-doc).
python = if pkgs.stdenv.isDarwin then pkgs.python3 else pkgs.python3Minimal;
self = (python.override {
inherit self;
includeSiteCustomize = true;
});

3
nixos/modules/module-list.nix
View File

@ -979,6 +979,7 @@
./services/video/rtsp-simple-server.nix
./services/networking/uptermd.nix
./services/networking/v2ray.nix
./services/networking/vdirsyncer.nix
./services/networking/vsftpd.nix
./services/networking/wasabibackend.nix
./services/networking/websockify.nix
@ -1146,6 +1147,7 @@
./services/web-servers/caddy/default.nix
./services/web-servers/darkhttpd.nix
./services/web-servers/fcgiwrap.nix
./services/web-servers/garage.nix
./services/web-servers/hitch/default.nix
./services/web-servers/hydron.nix
./services/web-servers/jboss/default.nix
@ -1253,6 +1255,7 @@
./system/boot/systemd/user.nix
./system/boot/timesyncd.nix
./system/boot/tmp.nix
./system/boot/uvesafb.nix
./system/etc/etc-activation.nix
./tasks/auto-upgrade.nix
./tasks/bcache.nix

8
nixos/modules/security/polkit.nix
View File

@ -14,6 +14,8 @@ in
security.polkit.enable = mkEnableOption (lib.mdDoc "polkit");
security.polkit.debug = mkEnableOption (lib.mdDoc "debug logs from polkit. This is required in order to see log messages from rule definitions.");
security.polkit.extraConfig = mkOption {
type = types.lines;
default = "";
@ -21,6 +23,7 @@ in
''
/* Log authorization checks. */
polkit.addRule(function(action, subject) {
// Make sure to set { security.polkit.debug = true; } in configuration.nix
polkit.log("user " + subject.user + " is attempting action " + action.id + " from PID " + subject.pid);
});
@ -58,6 +61,11 @@ in
systemd.packages = [ pkgs.polkit.out ];
systemd.services.polkit.serviceConfig.ExecStart = [
""
"${pkgs.polkit.out}/lib/polkit-1/polkitd ${optionalString (!cfg.debug) "--no-debug"}"
];
systemd.services.polkit.restartTriggers = [ config.system.path ];
systemd.services.polkit.stopIfChanged = false;

6
nixos/modules/services/continuous-integration/gocd-server/default.nix
View File

@ -106,6 +106,8 @@ in {
"-Dcruise.config.file=${cfg.workDir}/conf/cruise-config.xml"
"-Dcruise.server.port=${toString cfg.port}"
"-Dcruise.server.ssl.port=${toString cfg.sslPort}"
"--add-opens=java.base/java.lang=ALL-UNNAMED"
"--add-opens=java.base/java.util=ALL-UNNAMED"
];
defaultText = literalExpression ''
[
@ -119,6 +121,8 @@ in {
"-Dcruise.config.file=''${config.${opt.workDir}}/conf/cruise-config.xml"
"-Dcruise.server.port=''${toString config.${opt.port}}"
"-Dcruise.server.ssl.port=''${toString config.${opt.sslPort}}"
"--add-opens=java.base/java.lang=ALL-UNNAMED"
"--add-opens=java.base/java.util=ALL-UNNAMED"
]
'';
@ -199,7 +203,7 @@ in {
${pkgs.git}/bin/git config --global --add http.sslCAinfo /etc/ssl/certs/ca-certificates.crt
${pkgs.jre}/bin/java -server ${concatStringsSep " " cfg.startupOptions} \
${concatStringsSep " " cfg.extraOptions} \
-jar ${pkgs.gocd-server}/go-server/go.jar
-jar ${pkgs.gocd-server}/go-server/lib/go.jar
'';
serviceConfig = {

2
nixos/modules/services/mail/listmonk.nix
View File

@ -202,7 +202,7 @@ in {
NoNewPrivileges = true;
CapabilityBoundingSet = "";
SystemCallArchitecture = "native";
SystemCallFilter = [ "@system-service" "~@privileged" "@resources" ];
SystemCallFilter = [ "@system-service" "~@privileged" ];
ProtectDevices = true;
ProtectControlGroups = true;
ProtectKernelTunables = true;

4
nixos/modules/services/misc/portunus.nix
View File

@ -212,9 +212,9 @@ in
staticClients = forEach cfg.dex.oidcClients (client: {
inherit (client) id;
redirectURIs = [ client.callbackURI ];
redirectURIs = [ client.callbackURL ];
name = "OIDC for ${client.id}";
secret = "$DEX_CLIENT_${client.id}";
secretEnv = "DEX_CLIENT_${client.id}";
});
};
};

16
nixos/modules/services/monitoring/grafana.nix
View File

@ -852,7 +852,7 @@ in {
};
contactPoints = mkOption {
description = lib.mdDoc "List of contact points to import or update.";
description = lib.mdDoc "List of contact points to import or update. Please note that sensitive data will end up in world-readable Nix store.";
default = [];
type = types.listOf (types.submodule {
freeformType = provisioningSettingsFormat.type;
@ -1158,17 +1158,23 @@ in {
};
config = mkIf cfg.enable {
warnings = flatten [
warnings = let
usesFileProvider = opt: defaultValue: builtins.match "^${defaultValue}$|^\\$__file\\{.*}$" opt != null;
in flatten [
(optional (
cfg.settings.database.password != "" ||
cfg.settings.security.admin_password != "admin"
! usesFileProvider cfg.settings.database.password "" ||
! usesFileProvider cfg.settings.security.admin_password "admin"
) "Grafana passwords will be stored as plaintext in the Nix store! Use file provider instead.")
(optional (
let
checkOpts = opt: any (x: x.password != null || x.basicAuthPassword != null || x.secureJsonData != null) opt;
datasourcesUsed = if (cfg.provision.datasources.settings == null) then [] else cfg.provision.datasources.settings.datasources;
in if (builtins.isList cfg.provision.datasources) then checkOpts cfg.provision.datasources else checkOpts datasourcesUsed
) "Datasource passwords will be stored as plaintext in the Nix store! Use file provider instead.")
) ''
Datasource passwords will be stored as plaintext in the Nix store!
It is not possible to use file provider in provisioning; please provision
datasources via `services.grafana.provision.datasources.path` instead.
'')
(optional (
any (x: x.secure_settings != null) cfg.provision.notifiers
) "Notifier secure settings will be stored as plaintext in the Nix store! Use file provider instead.")

66
nixos/modules/services/networking/adguardhome.nix
View File

@ -12,37 +12,26 @@ let
"--config /var/lib/AdGuardHome/AdGuardHome.yaml"
] ++ cfg.extraArgs);
baseConfig = {
bind_host = cfg.host;
bind_port = cfg.port;
};
configFile = pkgs.writeTextFile {
name = "AdGuardHome.yaml";
text = builtins.toJSON (recursiveUpdate cfg.settings baseConfig);
text = builtins.toJSON cfg.settings;
checkPhase = "${pkgs.adguardhome}/bin/adguardhome -c $out --check-config";
};
in {
in
{
imports =
let cfgPath = [ "services" "adguardhome" ];
in
[
(mkRenamedOptionModuleWith { sinceRelease = 2211; from = cfgPath ++ [ "host" ]; to = cfgPath ++ [ "settings" "bind_host" ]; })
(mkRenamedOptionModuleWith { sinceRelease = 2211; from = cfgPath ++ [ "port" ]; to = cfgPath ++ [ "settings" "bind_port" ]; })
];
options.services.adguardhome = with types; {
enable = mkEnableOption (lib.mdDoc "AdGuard Home network-wide ad blocker");
host = mkOption {
default = "0.0.0.0";
type = str;
description = lib.mdDoc ''
Host address to bind HTTP server to.
'';
};
port = mkOption {
default = 3000;
type = port;
description = lib.mdDoc ''
Port to serve HTTP pages on.
'';
};
openFirewall = mkOption {
default = false;
type = bool;
@ -62,8 +51,35 @@ in {
};
settings = mkOption {
type = (pkgs.formats.yaml { }).type;
default = { };
type = submodule {
freeformType = (pkgs.formats.yaml { }).type;
options = {
schema_version = mkOption {
default = pkgs.adguardhome.schema_version;
defaultText = literalExpression "pkgs.adguardhome.schema_version";
type = int;
description = lib.mdDoc ''
Schema version for the configuration.
Defaults to the `schema_version` supplied by `pkgs.adguardhome`.
'';
};
bind_host = mkOption {
default = "0.0.0.0";
type = str;
description = lib.mdDoc ''
Host address to bind HTTP server to.
'';
};
bind_port = mkOption {
default = 3000;
type = port;
description = lib.mdDoc ''
Port to serve HTTP pages on.
'';
};
};
};
description = lib.mdDoc ''
AdGuard Home configuration. Refer to
<https://github.com/AdguardTeam/AdGuardHome/wiki/Configuration#configuration-file>
@ -135,6 +151,6 @@ in {
};
};
networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ cfg.port ];
networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ cfg.settings.bind_port ];
};
}

2
nixos/modules/services/networking/croc.nix
View File

@ -72,7 +72,7 @@ in
RuntimeDirectoryMode = "700";
SystemCallFilter = [
"@system-service"
"~@aio" "~@keyring" "~@memlock" "~@privileged" "~@resources" "~@setuid" "~@sync" "~@timer"
"~@aio" "~@keyring" "~@memlock" "~@privileged" "~@setuid" "~@sync" "~@timer"
];
SystemCallArchitectures = "native";
SystemCallErrorNumber = "EPERM";

2
nixos/modules/services/networking/snowflake-proxy.nix
View File

@ -71,7 +71,7 @@ in
RestrictNamespaces = true;
RestrictRealtime = true;
SystemCallArchitectures = "native";
SystemCallFilter = "~@clock @cpu-emulation @debug @mount @obsolete @reboot @swap @privileged @resources";
SystemCallFilter = [ "@system-service" "~@privileged" ];
UMask = "0077";
};
};

214
nixos/modules/services/networking/vdirsyncer.nix Normal file
View File

@ -0,0 +1,214 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.vdirsyncer;
toIniJson = with generators; toINI {
mkKeyValue = mkKeyValueDefault {
mkValueString = builtins.toJSON;
} "=";
};
toConfigFile = name: cfg':
if
cfg'.configFile != null
then
cfg'.configFile
else
pkgs.writeText "vdirsyncer-${name}.conf" (toIniJson (
{
general = cfg'.config.general // (lib.optionalAttrs (cfg'.config.statusPath == null) {
status_path = "/var/lib/vdirsyncer/${name}";
});
} // (
mapAttrs' (name: nameValuePair "pair ${name}") cfg'.config.pairs
) // (
mapAttrs' (name: nameValuePair "storage ${name}") cfg'.config.storages
)
));
userUnitConfig = name: cfg': {
serviceConfig = {
User = if cfg'.user == null then "vdirsyncer" else cfg'.user;
Group = if cfg'.group == null then "vdirsyncer" else cfg'.group;
} // (optionalAttrs (cfg'.user == null) {
DynamicUser = true;
}) // (optionalAttrs (cfg'.additionalGroups != []) {
SupplementaryGroups = cfg'.additionalGroups;
}) // (optionalAttrs (cfg'.config.statusPath == null) {
StateDirectory = "vdirsyncer/${name}";
StateDirectoryMode = "0700";
});
};
commonUnitConfig = {
after = [ "network.target" ];
serviceConfig = {
Type = "oneshot";
# Sandboxing
PrivateTmp = true;
NoNewPrivileges = true;
ProtectSystem = "strict";
ProtectHome = true;
ProtectKernelTunables = true;
ProtectKernelModules = true;
ProtectControlGroups = true;
RestrictNamespaces = true;
MemoryDenyWriteExecute = true;
RestrictRealtime = true;
RestrictSUIDSGID = true;
RestrictAddressFamilies = "AF_INET AF_INET6";
LockPersonality = true;
};
};
in
{
options = {
services.vdirsyncer = {
enable = mkEnableOption (mdDoc "vdirsyncer");
package = mkPackageOption pkgs "vdirsyncer" {};
jobs = mkOption {
description = mdDoc "vdirsyncer job configurations";
type = types.attrsOf (types.submodule {
options = {
enable = (mkEnableOption (mdDoc "this vdirsyncer job")) // {
default = true;
example = false;
};
user = mkOption {
type = types.nullOr types.str;
default = null;
description = mdDoc ''
User account to run vdirsyncer as, otherwise as a systemd
dynamic user
'';
};
group = mkOption {
type = types.nullOr types.str;
default = null;
description = mdDoc "group to run vdirsyncer as";
};
additionalGroups = mkOption {
type = types.listOf types.str;
default = [];
description = mdDoc "additional groups to add the dynamic user to";
};
forceDiscover = mkOption {
type = types.bool;
default = false;
description = literalMD ''
Run `yes | vdirsyncer discover` prior to `vdirsyncer sync`
'';
};
timerConfig = mkOption {
type = types.attrs;
default = {
OnBootSec = "1h";
OnUnitActiveSec = "6h";
};
description = mdDoc "systemd timer configuration";
};
configFile = mkOption {
type = types.nullOr types.path;
default = null;
description = mdDoc "existing configuration file";
};
config = {
statusPath = mkOption {
type = types.nullOr types.str;
default = null;
defaultText = literalExpression "/var/lib/vdirsyncer/\${attrName}";
description = mdDoc "vdirsyncer's status path";
};
general = mkOption {
type = types.attrs;
default = {};
description = mdDoc "general configuration";
};
pairs = mkOption {
type = types.attrsOf types.attrs;
default = {};
description = mdDoc "vdirsyncer pair configurations";
example = literalExpression ''
{
my_contacts = {
a = "my_cloud_contacts";
b = "my_local_contacts";
collections = [ "from a" ];
conflict_resolution = "a wins";
metadata = [ "color" "displayname" ];
};
};
'';
};
storages = mkOption {
type = types.attrsOf types.attrs;
default = {};
description = mdDoc "vdirsyncer storage configurations";
example = literalExpression ''
{
my_cloud_contacts = {
type = "carddav";
url = "https://dav.example.com/";
read_only = true;
username = "user";
"password.fetch" = [ "command" "cat" "/etc/vdirsyncer/cloud.passwd" ];
};
my_local_contacts = {
type = "carddav";
url = "https://localhost/";
username = "user";
"password.fetch" = [ "command" "cat" "/etc/vdirsyncer/local.passwd" ];
};
}
'';
};
};
};
});
};
};
};
config = mkIf cfg.enable {
systemd.services = mapAttrs' (name: cfg': nameValuePair "vdirsyncer@${name}" (
foldr recursiveUpdate {} [
commonUnitConfig
(userUnitConfig name cfg')
{
description = "synchronize calendars and contacts (${name})";
environment.VDIRSYNCER_CONFIG = toConfigFile name cfg';
serviceConfig.ExecStart =
(optional cfg'.forceDiscover (
pkgs.writeShellScript "vdirsyncer-discover-yes" ''
set -e
yes | ${cfg.package}/bin/vdirsyncer discover
''
)) ++ [ "${cfg.package}/bin/vdirsyncer sync" ];
}
]
)) (filterAttrs (name: cfg': cfg'.enable) cfg.jobs);
systemd.timers = mapAttrs' (name: cfg': nameValuePair "vdirsyncer@${name}" {
wantedBy = [ "timers.target" ];
description = "synchronize calendars and contacts (${name})";
inherit (cfg') timerConfig;
}) cfg.jobs;
};
}

2
nixos/modules/services/networking/yggdrasil.nix
View File

@ -180,7 +180,7 @@ in {
RestrictNamespaces = true;
RestrictRealtime = true;
SystemCallArchitectures = "native";
SystemCallFilter = "~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @raw-io @resources";
SystemCallFilter = [ "@system-service" "~@privileged @keyring" ];
} // (if (cfg.group != null) then {
Group = cfg.group;
} else {});

4
nixos/modules/services/web-apps/dex.nix
View File

@ -58,7 +58,7 @@ in
'';
description = lib.mdDoc ''
The available options can be found in
[the example configuration](https://github.com/dexidp/dex/blob/v${pkgs.dex.version}/config.yaml.dist).
[the example configuration](https://github.com/dexidp/dex/blob/v${pkgs.dex-oidc.version}/config.yaml.dist).
It's also possible to refer to environment variables (defined in [services.dex.environmentFile](#opt-services.dex.environmentFile))
using the syntax `$VARIABLE_NAME`.
@ -119,7 +119,7 @@ in
RestrictRealtime = true;
RestrictSUIDSGID = true;
SystemCallArchitectures = "native";
SystemCallFilter = [ "@system-service" "~@privileged @resources @setuid @keyring" ];
SystemCallFilter = [ "@system-service" "~@privileged @setuid @keyring" ];
TemporaryFileSystem = "/:ro";
# Does not work well with the temporary root
#UMask = "0066";

2
nixos/modules/services/web-apps/galene.nix
View File

@ -191,7 +191,7 @@ in
RestrictRealtime = true;
RestrictSUIDSGID = true;
SystemCallArchitectures = "native";
SystemCallFilter = [ "@system-service" "~@privileged" "~@resources" ];
SystemCallFilter = [ "@system-service" "~@privileged" ];
UMask = "0077";
}
];

40
nixos/modules/services/web-apps/mastodon.nix
View File

@ -475,7 +475,6 @@ in {
} // cfgService;
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
};
systemd.services.mastodon-init-db = lib.mkIf cfg.automaticMigrations {
@ -500,16 +499,21 @@ in {
# System Call Filtering
SystemCallFilter = [ ("~" + lib.concatStringsSep " " (systemCallsList ++ [ "@resources" ])) "@chown" "pipe" "pipe2" ];
} // cfgService;
after = [ "mastodon-init-dirs.service" "network.target" ] ++ (if databaseActuallyCreateLocally then [ "postgresql.service" ] else []);
wantedBy = [ "multi-user.target" ];
after = [ "network.target" "mastodon-init-dirs.service" ]
++ lib.optional databaseActuallyCreateLocally "postgresql.service";
requires = [ "mastodon-init-dirs.service" ]
++ lib.optional databaseActuallyCreateLocally "postgresql.service";
};
systemd.services.mastodon-streaming = {
after = [ "network.target" ]
++ (if databaseActuallyCreateLocally then [ "postgresql.service" ] else [])
++ (if cfg.automaticMigrations then [ "mastodon-init-db.service" ] else [ "mastodon-init-dirs.service" ]);
description = "Mastodon streaming";
after = [ "network.target" "mastodon-init-dirs.service" ]
++ lib.optional databaseActuallyCreateLocally "postgresql.service"
++ lib.optional cfg.automaticMigrations "mastodon-init-db.service";
requires = [ "mastodon-init-dirs.service" ]
++ lib.optional databaseActuallyCreateLocally "postgresql.service"
++ lib.optional cfg.automaticMigrations "mastodon-init-db.service";
wantedBy = [ "multi-user.target" ];
description = "Mastodon streaming";
environment = env // (if cfg.enableUnixSocket
then { SOCKET = "/run/mastodon-streaming/streaming.socket"; }
else { PORT = toString(cfg.streamingPort); }
@ -529,11 +533,14 @@ in {
};
systemd.services.mastodon-web = {
after = [ "network.target" ]
++ (if databaseActuallyCreateLocally then [ "postgresql.service" ] else [])
++ (if cfg.automaticMigrations then [ "mastodon-init-db.service" ] else [ "mastodon-init-dirs.service" ]);
description = "Mastodon web";
after = [ "network.target" "mastodon-init-dirs.service" ]
++ lib.optional databaseActuallyCreateLocally "postgresql.service"
++ lib.optional cfg.automaticMigrations "mastodon-init-db.service";
requires = [ "mastodon-init-dirs.service" ]
++ lib.optional databaseActuallyCreateLocally "postgresql.service"
++ lib.optional cfg.automaticMigrations "mastodon-init-db.service";
wantedBy = [ "multi-user.target" ];
description = "Mastodon web";
environment = env // (if cfg.enableUnixSocket
then { SOCKET = "/run/mastodon-web/web.socket"; }
else { PORT = toString(cfg.webPort); }
@ -554,11 +561,14 @@ in {
};
systemd.services.mastodon-sidekiq = {
after = [ "network.target" ]
++ (if databaseActuallyCreateLocally then [ "postgresql.service" ] else [])
++ (if cfg.automaticMigrations then [ "mastodon-init-db.service" ] else [ "mastodon-init-dirs.service" ]);
description = "Mastodon sidekiq";
after = [ "network.target" "mastodon-init-dirs.service" ]
++ lib.optional databaseActuallyCreateLocally "postgresql.service"
++ lib.optional cfg.automaticMigrations "mastodon-init-db.service";
requires = [ "mastodon-init-dirs.service" ]
++ lib.optional databaseActuallyCreateLocally "postgresql.service"
++ lib.optional cfg.automaticMigrations "mastodon-init-db.service";
wantedBy = [ "multi-user.target" ];
description = "Mastodon sidekiq";
environment = env // {
PORT = toString(cfg.sidekiqPort);
DB_POOL = toString cfg.sidekiqThreads;

2
nixos/modules/services/web-apps/prosody-filer.nix
View File

@ -79,7 +79,7 @@ in {
LockPersonality = true;
RemoveIPC = true;
RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ];
SystemCallFilter = [ "@system-service" "~@privileged" "~@resources" ];
SystemCallFilter = [ "@system-service" "~@privileged" ];
};
};
};

48
nixos/modules/services/web-apps/snipe-it.nix
View File

@ -454,25 +454,43 @@ in {
# migrate db
${pkgs.php}/bin/php artisan migrate --force
# A placeholder file for invalid barcodes
invalid_barcode_location="${cfg.dataDir}/public/uploads/barcodes/invalid_barcode.gif"
[ ! -e "$invalid_barcode_location" ] \
&& cp ${snipe-it}/share/snipe-it/invalid_barcode.gif "$invalid_barcode_location"
'';
};
systemd.tmpfiles.rules = [
"d ${cfg.dataDir} 0710 ${user} ${group} - -"
"d ${cfg.dataDir}/bootstrap 0750 ${user} ${group} - -"
"d ${cfg.dataDir}/bootstrap/cache 0750 ${user} ${group} - -"
"d ${cfg.dataDir}/public 0750 ${user} ${group} - -"
"d ${cfg.dataDir}/public/uploads 0750 ${user} ${group} - -"
"d ${cfg.dataDir}/storage 0700 ${user} ${group} - -"
"d ${cfg.dataDir}/storage/app 0700 ${user} ${group} - -"
"d ${cfg.dataDir}/storage/fonts 0700 ${user} ${group} - -"
"d ${cfg.dataDir}/storage/framework 0700 ${user} ${group} - -"
"d ${cfg.dataDir}/storage/framework/cache 0700 ${user} ${group} - -"
"d ${cfg.dataDir}/storage/framework/sessions 0700 ${user} ${group} - -"
"d ${cfg.dataDir}/storage/framework/views 0700 ${user} ${group} - -"
"d ${cfg.dataDir}/storage/logs 0700 ${user} ${group} - -"
"d ${cfg.dataDir}/storage/uploads 0700 ${user} ${group} - -"
"d ${cfg.dataDir}/storage/private_uploads 0700 ${user} ${group} - -"
"d ${cfg.dataDir} 0710 ${user} ${group} - -"
"d ${cfg.dataDir}/bootstrap 0750 ${user} ${group} - -"
"d ${cfg.dataDir}/bootstrap/cache 0750 ${user} ${group} - -"
"d ${cfg.dataDir}/public 0750 ${user} ${group} - -"
"d ${cfg.dataDir}/public/uploads 0750 ${user} ${group} - -"
"d ${cfg.dataDir}/public/uploads/accessories 0750 ${user} ${group} - -"
"d ${cfg.dataDir}/public/uploads/assets 0750 ${user} ${group} - -"
"d ${cfg.dataDir}/public/uploads/avatars 0750 ${user} ${group} - -"
"d ${cfg.dataDir}/public/uploads/barcodes 0750 ${user} ${group} - -"
"d ${cfg.dataDir}/public/uploads/categories 0750 ${user} ${group} - -"
"d ${cfg.dataDir}/public/uploads/companies 0750 ${user} ${group} - -"
"d ${cfg.dataDir}/public/uploads/components 0750 ${user} ${group} - -"
"d ${cfg.dataDir}/public/uploads/consumables 0750 ${user} ${group} - -"
"d ${cfg.dataDir}/public/uploads/departments 0750 ${user} ${group} - -"
"d ${cfg.dataDir}/public/uploads/locations 0750 ${user} ${group} - -"
"d ${cfg.dataDir}/public/uploads/manufacturers 0750 ${user} ${group} - -"
"d ${cfg.dataDir}/public/uploads/models 0750 ${user} ${group} - -"
"d ${cfg.dataDir}/public/uploads/suppliers 0750 ${user} ${group} - -"
"d ${cfg.dataDir}/storage 0700 ${user} ${group} - -"
"d ${cfg.dataDir}/storage/app 0700 ${user} ${group} - -"
"d ${cfg.dataDir}/storage/fonts 0700 ${user} ${group} - -"
"d ${cfg.dataDir}/storage/framework 0700 ${user} ${group} - -"
"d ${cfg.dataDir}/storage/framework/cache 0700 ${user} ${group} - -"
"d ${cfg.dataDir}/storage/framework/sessions 0700 ${user} ${group} - -"
"d ${cfg.dataDir}/storage/framework/views 0700 ${user} ${group} - -"
"d ${cfg.dataDir}/storage/logs 0700 ${user} ${group} - -"
"d ${cfg.dataDir}/storage/uploads 0700 ${user} ${group} - -"
"d ${cfg.dataDir}/storage/private_uploads 0700 ${user} ${group} - -"
];
users = {

91
nixos/modules/services/web-servers/garage.nix Normal file
View File

@ -0,0 +1,91 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.garage;
toml = pkgs.formats.toml {};
configFile = toml.generate "garage.toml" cfg.settings;
in
{
meta.maintainers = [ maintainers.raitobezarius ];
options.services.garage = {
enable = mkEnableOption (lib.mdDoc "Garage Object Storage (S3 compatible)");
extraEnvironment = mkOption {
type = types.attrsOf types.str;
description = lib.mdDoc "Extra environment variables to pass to the Garage server.";
default = {};
example = { RUST_BACKTRACE="yes"; };
};
logLevel = mkOption {
type = types.enum (["info" "debug" "trace"]);
default = "info";
example = "debug";
description = lib.mdDoc "Garage log level, see <https://garagehq.deuxfleurs.fr/documentation/quick-start/#launching-the-garage-server> for examples.";
};
settings = mkOption {
type = types.submodule {
freeformType = toml.type;
options = {
metadata_dir = mkOption {
default = "/var/lib/garage/meta";
type = types.path;
description = lib.mdDoc "The metadata directory, put this on a fast disk (e.g. SSD) if possible.";
};
data_dir = mkOption {
default = "/var/lib/garage/data";
type = types.path;
description = lib.mdDoc "The main data storage, put this on your large storage (e.g. high capacity HDD)";
};
replication_mode = mkOption {
default = "none";
type = types.enum ([ "none" "1" "2" "3" 1 2 3 ]);
apply = v: toString v;
description = lib.mdDoc "Garage replication mode, defaults to none, see: <https://garagehq.deuxfleurs.fr/reference_manual/configuration.html#replication_mode> for reference.";
};
};
};
description = lib.mdDoc "Garage configuration, see <https://garagehq.deuxfleurs.fr/reference_manual/configuration.html> for reference.";
};
package = mkOption {
default = pkgs.garage;
defaultText = literalExpression "pkgs.garage";
type = types.package;
description = lib.mdDoc "Garage package to use.";
};
};
config = mkIf cfg.enable {
environment.etc."garage.toml" = {
source = configFile;
};
environment.systemPackages = [ cfg.package ]; # For administration
systemd.services.garage = {
description = "Garage Object Storage (S3 compatible)";
after = [ "network.target" "network-online.target" ];
wants = [ "network.target" "network-online.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${cfg.package}/bin/garage server";
StateDirectory = mkIf (hasPrefix "/var/lib/garage" cfg.settings.data_dir && hasPrefix "/var/lib/garage" cfg.settings.metadata_dir) "garage";
DynamicUser = lib.mkDefault true;
ProtectHome = true;
NoNewPrivileges = true;
};
environment = {
RUST_LOG = lib.mkDefault "garage=${cfg.logLevel}";
} // cfg.extraEnvironment;
};
};
}

39
nixos/modules/system/boot/uvesafb.nix Normal file
View File

@ -0,0 +1,39 @@
{ config, lib, pkgs, ... }:
let
cfg = config.boot.uvesafb;
inherit (lib) mkIf mkEnableOption mkOption mdDoc types;
in {
options = {
boot.uvesafb = {
enable = mkEnableOption (mdDoc "uvesafb");
gfx-mode = mkOption {
type = types.str;
default = "1024x768-32";
description = mdDoc "Screen resolution in modedb format. See [uvesafb](https://docs.kernel.org/fb/uvesafb.html) and [modedb](https://docs.kernel.org/fb/modedb.html) documentation for more details. The default value is a sensible default but may be not ideal for all setups.";
};
v86d.package = mkOption {
type = types.package;
description = mdDoc "Which v86d package to use with uvesafb";
defaultText = ''config.boot.kernelPackages.v86d.overrideAttrs (old: {
hardeningDisable = [ "all" ];
})'';
default = config.boot.kernelPackages.v86d.overrideAttrs (old: {
hardeningDisable = [ "all" ];
});
};
};
};
config = mkIf cfg.enable {
boot.initrd = {
kernelModules = [ "uvesafb" ];
extraFiles."/usr/v86d".source = cfg.v86d.package;
};
boot.kernelParams = [
"video=uvesafb:mode:${cfg.gfx-mode},mtrr:3,ywrap"
''uvesafb.v86d="${cfg.v86d.package}/bin/v86d"''
];
};
}

10
nixos/tests/adguardhome.nix
View File

@ -2,16 +2,13 @@
name = "adguardhome";
nodes = {
minimalConf = { ... }: {
services.adguardhome = { enable = true; };
};
declarativeConf = { ... }: {
services.adguardhome = {
enable = true;
mutableSettings = false;
settings = {
schema_version = 0;
dns = {
bind_host = "0.0.0.0";
bootstrap_dns = "127.0.0.1";
@ -26,6 +23,7 @@
mutableSettings = true;
settings = {
schema_version = 0;
dns = {
bind_host = "0.0.0.0";
bootstrap_dns = "127.0.0.1";
@ -36,10 +34,6 @@
};
testScript = ''
with subtest("Minimal config test"):
minimalConf.wait_for_unit("adguardhome.service")
minimalConf.wait_for_open_port(3000)
with subtest("Declarative config test, DNS will be reachable"):
declarativeConf.wait_for_unit("adguardhome.service")
declarativeConf.wait_for_open_port(53)

1
nixos/tests/all-tests.nix
View File

@ -214,6 +214,7 @@ in {
fsck = handleTest ./fsck.nix {};
ft2-clone = handleTest ./ft2-clone.nix {};
mimir = handleTest ./mimir.nix {};
garage = handleTest ./garage.nix {};
gerrit = handleTest ./gerrit.nix {};
geth = handleTest ./geth.nix {};
ghostunnel = handleTest ./ghostunnel.nix {};

6
nixos/tests/dnscrypt-proxy2.nix
View File

@ -1,4 +1,6 @@
import ./make-test-python.nix ({ pkgs, ... }: {
import ./make-test-python.nix ({ pkgs, ... }: let
localProxyPort = 43;
in {
name = "dnscrypt-proxy2";
meta = with pkgs.lib.maintainers; {
maintainers = [ joachifm ];
@ -9,7 +11,6 @@ import ./make-test-python.nix ({ pkgs, ... }: {
# for a caching DNS client.
client =
{ ... }:
let localProxyPort = 43; in
{
security.apparmor.enable = true;
@ -32,5 +33,6 @@ import ./make-test-python.nix ({ pkgs, ... }: {
testScript = ''
client.wait_for_unit("dnsmasq")
client.wait_for_unit("dnscrypt-proxy2")
client.wait_until_succeeds("ss --numeric --udp --listening | grep -q ${toString localProxyPort}")
'';
})

169
nixos/tests/garage.nix Normal file
View File

@ -0,0 +1,169 @@
import ./make-test-python.nix ({ pkgs, ...} :
let
mkNode = { replicationMode, publicV6Address ? "::1" }: { pkgs, ... }: {
networking.interfaces.eth1.ipv6.addresses = [{
address = publicV6Address;
prefixLength = 64;
}];
networking.firewall.allowedTCPPorts = [ 3901 3902 ];
services.garage = {
enable = true;
settings = {
replication_mode = replicationMode;
rpc_bind_addr = "[::]:3901";
rpc_public_addr = "[${publicV6Address}]:3901";
rpc_secret = "5c1915fa04d0b6739675c61bf5907eb0fe3d9c69850c83820f51b4d25d13868c";
s3_api = {
s3_region = "garage";
api_bind_addr = "[::]:3900";
root_domain = ".s3.garage";
};
s3_web = {
bind_addr = "[::]:3902";
root_domain = ".web.garage";
index = "index.html";
};
};
};
environment.systemPackages = [ pkgs.minio-client ];
# Garage requires at least 1GiB of free disk space to run.
virtualisation.diskSize = 2 * 1024;
};
in {
name = "garage";
meta = {
maintainers = with pkgs.lib.maintainers; [ raitobezarius ];
};
nodes = {
single_node = mkNode { replicationMode = "none"; };
node1 = mkNode { replicationMode = 3; publicV6Address = "fc00:1::1"; };
node2 = mkNode { replicationMode = 3; publicV6Address = "fc00:1::2"; };
node3 = mkNode { replicationMode = 3; publicV6Address = "fc00:1::3"; };
node4 = mkNode { replicationMode = 3; publicV6Address = "fc00:1::4"; };
};
testScript = ''
from typing import List
from dataclasses import dataclass
import re
start_all()
cur_version_regex = re.compile('Current cluster layout version: (?P<ver>\d*)')
key_creation_regex = re.compile('Key name: (?P<key_name>.*)\nKey ID: (?P<key_id>.*)\nSecret key: (?P<secret_key>.*)')
@dataclass
class S3Key:
key_name: str
key_id: str
secret_key: str
@dataclass
class GarageNode:
node_id: str
host: str
def get_node_fqn(machine: Machine) -> GarageNode:
node_id, host = machine.succeed("garage node id").split('@')
return GarageNode(node_id=node_id, host=host)
def get_node_id(machine: Machine) -> str:
return get_node_fqn(machine).node_id
def get_layout_version(machine: Machine) -> int:
version_data = machine.succeed("garage layout show")
m = cur_version_regex.search(version_data)
if m and m.group('ver') is not None:
return int(m.group('ver')) + 1
else:
raise ValueError('Cannot find current layout version')
def apply_garage_layout(machine: Machine, layouts: List[str]):
for layout in layouts:
machine.succeed(f"garage layout assign {layout}")
version = get_layout_version(machine)
machine.succeed(f"garage layout apply --version {version}")
def create_api_key(machine: Machine, key_name: str) -> S3Key:
output = machine.succeed(f"garage key new --name {key_name}")
m = key_creation_regex.match(output)
if not m or not m.group('key_id') or not m.group('secret_key'):
raise ValueError('Cannot parse API key data')
return S3Key(key_name=key_name, key_id=m.group('key_id'), secret_key=m.group('secret_key'))
def get_api_key(machine: Machine, key_pattern: str) -> S3Key:
output = machine.succeed(f"garage key info {key_pattern}")
m = key_creation_regex.match(output)
if not m or not m.group('key_name') or not m.group('key_id') or not m.group('secret_key'):
raise ValueError('Cannot parse API key data')
return S3Key(key_name=m.group('key_name'), key_id=m.group('key_id'), secret_key=m.group('secret_key'))
def test_bucket_writes(node):
node.succeed("garage bucket create test-bucket")
s3_key = create_api_key(node, "test-api-key")
node.succeed("garage bucket allow --read --write test-bucket --key test-api-key")
other_s3_key = get_api_key(node, 'test-api-key')
assert other_s3_key.secret_key == other_s3_key.secret_key
node.succeed(
f"mc alias set test-garage http://[::1]:3900 {s3_key.key_id} {s3_key.secret_key} --api S3v4"
)
node.succeed("echo test | mc pipe test-garage/test-bucket/test.txt")
assert node.succeed("mc cat test-garage/test-bucket/test.txt").strip() == "test"
def test_bucket_over_http(node, bucket='test-bucket', url=None):
if url is None:
url = f"{bucket}.web.garage"
node.succeed(f'garage bucket website --allow {bucket}')
node.succeed(f'echo hello world | mc pipe test-garage/{bucket}/index.html')
assert (node.succeed(f"curl -H 'Host: {url}' http://localhost:3902")).strip() == 'hello world'
with subtest("Garage works as a single-node S3 storage"):
single_node.wait_for_unit("garage.service")
single_node.wait_for_open_port(3900)
# Now Garage is initialized.
single_node_id = get_node_id(single_node)
apply_garage_layout(single_node, [f'-z qemutest -c 1 "{single_node_id}"'])
# Now Garage is operational.
test_bucket_writes(single_node)
test_bucket_over_http(single_node)
with subtest("Garage works as a multi-node S3 storage"):
nodes = ('node1', 'node2', 'node3', 'node4')
rev_machines = {m.name: m for m in machines}
def get_machine(key): return rev_machines[key]
for key in nodes:
node = get_machine(key)
node.wait_for_unit("garage.service")
node.wait_for_open_port(3900)
# Garage is initialized on all nodes.
node_ids = {key: get_node_fqn(get_machine(key)) for key in nodes}
for key in nodes:
for other_key in nodes:
if other_key != key:
other_id = node_ids[other_key]
get_machine(key).succeed(f"garage node connect {other_id.node_id}@{other_id.host}")
# Provide multiple zones for the nodes.
zones = ["nixcon", "nixcon", "paris_meetup", "fosdem"]
apply_garage_layout(node1,
[
f'{ndata.node_id} -z {zones[index]} -c 1'
for index, ndata in enumerate(node_ids.values())
])
# Now Garage is operational.
test_bucket_writes(node1)
for node in nodes:
test_bucket_over_http(get_machine(node))
'';
})

11
nixos/tests/kafka.nix
View File

@ -50,7 +50,7 @@ let
kafka.wait_until_succeeds(
"${kafkaPackage}/bin/kafka-topics.sh --create "
+ "--zookeeper zookeeper1:2181 --partitions 1 "
+ "--bootstrap-server localhost:9092 --partitions 1 "
+ "--replication-factor 1 --topic testtopic"
)
kafka.succeed(
@ -58,19 +58,12 @@ let
+ "${kafkaPackage}/bin/kafka-console-producer.sh "
+ "--broker-list localhost:9092 --topic testtopic"
)
'' + (if name == "kafka_0_9" then ''
assert "test 1" in kafka.succeed(
"${kafkaPackage}/bin/kafka-console-consumer.sh "
+ "--zookeeper zookeeper1:2181 --topic testtopic "
+ "--from-beginning --max-messages 1"
)
'' else ''
assert "test 1" in kafka.succeed(
"${kafkaPackage}/bin/kafka-console-consumer.sh "
+ "--bootstrap-server localhost:9092 --topic testtopic "
+ "--from-beginning --max-messages 1"
)
'');
'';
}) { inherit system; });
in with pkgs; {

11
nixos/tests/tracee.nix
View File

@ -14,15 +14,18 @@ import ./make-test-python.nix ({ pkgs, ... }: {
patches = oa.patches or [] ++ [
# change the prefix from /usr/bin to /run to find nix processes
../../pkgs/tools/security/tracee/test-EventFilters-prefix-nix-friendly.patch
# skip magic_write test that currently fails
../../pkgs/tools/security/tracee/test-EventFilters-magic_write-skip.patch
];
buildPhase = ''
runHook preBuild
# just build the static lib we need for the go test binary
make $makeFlags ''${enableParallelBuilding:+-j$NIX_BUILD_CORES -l$NIX_BUILD_CORES} bpf-core ./dist/btfhub ./dist/libbpf/libbpf.a
make $makeFlags ''${enableParallelBuilding:+-j$NIX_BUILD_CORES -l$NIX_BUILD_CORES} bpf-core ./dist/btfhub
# remove the /usr/bin prefix to work with the patch above
substituteInPlace tests/integration/integration_test.go \
--replace "/usr/bin/ls" "ls"
# then compile the tests to be ran later
CGO_CFLAGS="-I$PWD/dist/libbpf" CGO_LDFLAGS="-lelf -lz $PWD/dist/libbpf/libbpf.a" go test -tags core,ebpf,integration -p 1 -c -o $GOPATH/tracee-integration ./tests/integration/...
CGO_LDFLAGS="$(pkg-config --libs libbpf)" go test -tags core,ebpf,integration -p 1 -c -o $GOPATH/tracee-integration ./tests/integration/...
runHook postBuild
'';
doCheck = false;

2
pkgs/applications/audio/spot/default.nix
View File

@ -81,7 +81,7 @@ stdenv.mkDerivation rec {
description = "Native Spotify client for the GNOME desktop";
homepage = "https://github.com/xou816/spot";
license = licenses.mit;
maintainers = with maintainers; [ jtojnar tomfitzhenry ];
maintainers = with maintainers; [ tomfitzhenry ];
platforms = platforms.linux;
};
}

10
pkgs/applications/editors/rehex/default.nix
View File

@ -8,9 +8,10 @@
, capstone
, jansson
, libunistring
, wxGTK31
, wxGTK32
, lua53Packages
, perlPackages
, gtk3
, Carbon
, Cocoa
, IOKit
@ -18,21 +19,22 @@
stdenv.mkDerivation rec {
pname = "rehex";
version = "0.5.3";
version = "0.5.4";
src = fetchFromGitHub {
owner = "solemnwarning";
repo = pname;
rev = version;
hash = "sha256-VBHNrOVIz7UM9tY1V7Ykwt4Cv0fY++8gXc2og4sLDk8=";
hash = "sha256-UgwCfy2ssaPuSWeN2SXHBDXv/uLdrDoGr/Q9wXiuCnc=";
};
nativeBuildInputs = [ pkg-config which zip ]
++ lib.optionals stdenv.isDarwin [ libicns ];
buildInputs = [ capstone jansson libunistring wxGTK31 ]
buildInputs = [ capstone jansson libunistring wxGTK32 ]
++ (with lua53Packages; [ lua busted ])
++ (with perlPackages; [ perl TemplateToolkit ])
++ lib.optionals stdenv.isLinux [ gtk3 ]
++ lib.optionals stdenv.isDarwin [ Carbon Cocoa IOKit ];
makeFlags = [ "prefix=${placeholder "out"}" ]

468
pkgs/applications/editors/vim/plugins/generated.nix
View File

File diff suppressed because it is too large Load Diff

4
pkgs/applications/editors/vim/plugins/vim-plugin-names
View File

@ -459,6 +459,7 @@ https://github.com/ojroques/nvim-bufdel/,,
https://github.com/roxma/nvim-cm-racer/,,
https://github.com/hrsh7th/nvim-cmp/,,
https://github.com/weilbith/nvim-code-action-menu/,,
https://github.com/noib3/nvim-cokeline/,HEAD,
https://github.com/nvchad/nvim-colorizer.lua/,,
https://github.com/terrortylor/nvim-comment/,,
https://github.com/hrsh7th/nvim-compe/,,
@ -496,6 +497,7 @@ https://github.com/yamatsum/nvim-nonicons/,,
https://github.com/rcarriga/nvim-notify/,,
https://github.com/gennaro-tedesco/nvim-peekup/,,
https://github.com/olrtg/nvim-rename-state/,HEAD,
https://github.com/petertriho/nvim-scrollbar/,HEAD,
https://github.com/dstein64/nvim-scrollview/,,
https://github.com/dcampos/nvim-snippy/,HEAD,
https://github.com/ishan9299/nvim-solarized-lua/,,
@ -622,6 +624,7 @@ https://github.com/keith/swift.vim/,,
https://github.com/AndrewRadev/switch.vim/,,
https://github.com/simrat39/symbols-outline.nvim/,,
https://github.com/vim-syntastic/syntastic/,,
https://github.com/nanozuki/tabby.nvim/,HEAD,
https://github.com/kdheepak/tabline.nvim/,,
https://github.com/vim-scripts/tabmerge/,,
https://github.com/codota/tabnine-vim/,,
@ -740,6 +743,7 @@ https://github.com/gioele/vim-autoswap/,,
https://github.com/bazelbuild/vim-bazel/,,
https://github.com/moll/vim-bbye/,,
https://github.com/nathangrigg/vim-beancount/,,
https://github.com/sheoak/vim-bepoptimist/,HEAD,
https://github.com/ntpeters/vim-better-whitespace/,,
https://github.com/MattesGroeger/vim-bookmarks/,,
https://github.com/gyim/vim-boxdraw/,,

4
pkgs/applications/editors/vscode/extensions/default.nix
View File

@ -2178,8 +2178,8 @@ let
mktplcRef = {
name = "metals";
publisher = "scalameta";
version = "1.12.18";
sha256 = "104h3qfdn0y4138g3mdw1209qqh3mj3jsdsbzpnw2plk1cmr3nx5";
version = "1.20.0";
sha256 = "3EjXzSMBIim13dRP1fBmbV/OtLmBjvcmjDXwYoeGfLA=";
};
meta = {
license = lib.licenses.asl20;

2
pkgs/applications/editors/xxe-pe/default.nix
View File

@ -71,7 +71,7 @@ stdenv.mkDerivation rec {
description = "Strictly validating, near WYSIWYG, XML editor with DocBook support";
homepage = "https://www.xmlmind.com/xmleditor/";
license = licenses.unfree;
maintainers = [ maintainers.jtojnar ];
maintainers = [ ];
platforms = [ "x86_64-linux" ];
};
}

8
pkgs/applications/emulators/rpcs3/default.nix
View File

@ -9,10 +9,10 @@
let
# Keep these separate so the update script can regex them
rpcs3GitVersion = "14289-0da81d22d";
rpcs3Version = "0.0.24-14289-0da81d22d";
rpcs3Revision = "0da81d22d340dca1ac098a9de5274641bdc77869";
rpcs3Sha256 = "0qblfsdyngj8bb7g49am0q0mq5llwx3g4x4gi6h0jynk0d9j0ir0";
rpcs3GitVersion = "14337-5210df688";
rpcs3Version = "0.0.24-14337-5210df688";
rpcs3Revision = "5210df688262ec7fd8c21230d30e568d98724c8f";
rpcs3Sha256 = "1m0j53xl6g01s27bi2p9j23m724gq7a3hss7kqhc239a5m9akqdg";
ittapi = fetchFromGitHub {
owner = "intel";

6
pkgs/applications/emulators/ryujinx/default.nix
View File

@ -29,13 +29,13 @@
buildDotnetModule rec {
pname = "ryujinx";
version = "1.1.257"; # Based off of the official github actions builds: https://github.com/Ryujinx/Ryujinx/actions/workflows/release.yml
version = "1.1.327"; # Based off of the official github actions builds: https://github.com/Ryujinx/Ryujinx/actions/workflows/release.yml
src = fetchFromGitHub {
owner = "Ryujinx";
repo = "Ryujinx";
rev = "81f1a4dc3161882b0385c9d4752fbba84b9eca96";
sha256 = "1p4c8k8pc47hl32bml050fvxyhdjcd002xx60rwvzlgvdgw6b3xq";
rev = "9719b6a1129c017d96532ff026e2bb933c0b2d0b";
sha256 = "1vm1zwjm02jp64gjcfn923lxc4hqwgw44w9rspjy97q2z6r9vwjh";
};
nugetDeps = ./deps.nix;

2
pkgs/applications/emulators/ryujinx/deps.nix generated
View File

@ -159,7 +159,7 @@
(fetchNuGet { pname = "SkiaSharp.NativeAssets.WebAssembly"; version = "2.88.1-preview.1"; sha256 = "0mwj2yl4gn40lry03yqkj7sbi1drmm672dv88481sgah4c21lzrq"; })
(fetchNuGet { pname = "SkiaSharp.NativeAssets.Win32"; version = "2.88.0"; sha256 = "135ni4rba4wy4wyzy9ip11f3dwb1ipn38z9ps1p9xhw8jc06y5vp"; })
(fetchNuGet { pname = "SkiaSharp.NativeAssets.Win32"; version = "2.88.1-preview.1"; sha256 = "1k50abd147pif9z9lkckbbk91ga1vv6k4skjz2n7wpll6fn0fvlv"; })
(fetchNuGet { pname = "SPB"; version = "0.0.4-build24"; sha256 = "13wfjx5n540mlxlvys39g2rajrqbycdkyci2pcp3wygkqn4d87hm"; })
(fetchNuGet { pname = "SPB"; version = "0.0.4-build27"; sha256 = "16i10lp4w7gi5rzjs9v9vns858n735ixcb83kl2qqq9qwyrnv8mw"; })
(fetchNuGet { pname = "Svg.Custom"; version = "0.5.14"; sha256 = "1wjghs2n5hk7zszzk2p2a8m6ga2gc8sfd5mdqi15sbfkmwg2nbw7"; })
(fetchNuGet { pname = "Svg.Model"; version = "0.5.14"; sha256 = "1xilk95bmnsl93sbr7pah0jrjrnccf1ikcn8s7rkm0yjkj382hc8"; })
(fetchNuGet { pname = "Svg.Skia"; version = "0.5.14"; sha256 = "02wv040wi8ijw9mwg3c84f8bfyfv9n99ji8q1v2bs11b463zsyd1"; })

2
pkgs/applications/graphics/openimageio/2.x.nix
View File

@ -61,7 +61,7 @@ stdenv.mkDerivation rec {
homepage = "http://www.openimageio.org";
description = "A library and tools for reading and writing images";
license = licenses.bsd3;
maintainers = with maintainers; [ goibhniu jtojnar ];
maintainers = with maintainers; [ goibhniu ];
platforms = platforms.unix;
};
}

26
pkgs/applications/misc/keepassx/community.nix
View File

@ -25,12 +25,13 @@
, zlib
, withKeePassBrowser ? true
, withKeePassKeeShare ? true
, withKeePassSSHAgent ? true
, withKeePassNetworking ? true
, withKeePassTouchID ? true
, withKeePassYubiKey ? true
, withKeePassFDOSecrets ? true
, withKeePassKeeShare ? true
, withKeePassNetworking ? true
, withKeePassSSHAgent ? true
, withKeePassTouchID ? true
, withKeePassX11 ? true
, withKeePassYubiKey ? true
, nixosTests
}:
@ -39,13 +40,13 @@ with lib;
stdenv.mkDerivation rec {
pname = "keepassxc";
version = "2.7.1";
version = "2.7.3";
src = fetchFromGitHub {
owner = "keepassxreboot";
repo = "keepassxc";
rev = version;
sha256 = "sha256-BOtehDzlWhhfXj8TOFvFN4f86Hl2EC3rO4qUIl9fqq4=";
sha256 = "sha256-mtOnUB6+iBBqgPT5KKhEX4M7UUM3s5fT0OTePE6THXw=";
};
NIX_CFLAGS_COMPILE = optionalString stdenv.cc.isClang [
@ -65,11 +66,12 @@ stdenv.mkDerivation rec {
"-DWITH_GUI_TESTS=ON"
"-DWITH_XC_UPDATECHECK=OFF"
]
++ (optional (!withKeePassX11) "-DWITH_XC_X11=OFF")
++ (optional (withKeePassFDOSecrets && stdenv.isLinux) "-DWITH_XC_FDOSECRETS=ON")
++ (optional (withKeePassYubiKey && stdenv.isLinux) "-DWITH_XC_YUBIKEY=ON")
++ (optional withKeePassBrowser "-DWITH_XC_BROWSER=ON")
++ (optional withKeePassKeeShare "-DWITH_XC_KEESHARE=ON")
++ (optional withKeePassNetworking "-DWITH_XC_NETWORKING=ON")
++ (optional (withKeePassYubiKey && stdenv.isLinux) "-DWITH_XC_YUBIKEY=ON")
++ (optional (withKeePassFDOSecrets && stdenv.isLinux) "-DWITH_XC_FDOSECRETS=ON")
++ (optional withKeePassSSHAgent "-DWITH_XC_SSHAGENT=ON");
doCheck = true;
@ -103,13 +105,13 @@ stdenv.mkDerivation rec {
qrencode
qtbase
qtsvg
qtx11extras
readline
zlib
]
++ optional stdenv.isLinux libusb1
++ optional (stdenv.isDarwin && withKeePassTouchID) darwin.apple_sdk.frameworks.LocalAuthentication
++ optional stdenv.isDarwin qtmacextras
++ optional (stdenv.isDarwin && withKeePassTouchID) darwin.apple_sdk.frameworks.LocalAuthentication;
++ optional stdenv.isLinux libusb1
++ optional withKeePassX11 qtx11extras;
passthru.tests = nixosTests.keepassxc;

6
pkgs/applications/misc/limesctl/default.nix
View File

@ -2,16 +2,16 @@
buildGoModule rec {
pname = "limesctl";
version = "3.0.2";
version = "3.0.3";
src = fetchFromGitHub {
owner = "sapcc";
repo = pname;
rev = "v${version}";
sha256 = "sha256-+KOtGf+WgI2PhfFJnNyx5ycekRmfbqjSqvWOEhG65Oo=";
sha256 = "sha256-2eB+VpMrhzs0Dg+X1sf7TVW7uK/URETUuWO82jQl57k=";
};
vendorSha256 = "sha256-LzLUz6diWva2HaxlhEGElbwUvUhCR0Tjsk/G/n5N3+k=";
vendorSha256 = "sha256-VKxwdlyQUYmxubl4Y2uKvekuHd62GcGaoPeUBC+lcJU=";
subPackages = [ "." ];

6
pkgs/applications/misc/mangal/default.nix
View File

@ -2,17 +2,17 @@
buildGoModule rec {
pname = "mangal";
version = "3.14.0";
version = "3.14.2";
src = fetchFromGitHub {
owner = "metafates";
repo = pname;
rev = "v${version}";
hash = "sha256-IQSRPjtMaxwJuiKGjOYQ7jp0mAPS/V6fA1/Ek/K5yqk=";
hash = "sha256-W3oToI7frUfd3zwtr3UpbwAWzCVxDaZY9zhn8dO/4wA=";
};
proxyVendor = true;
vendorSha256 = "sha256-XslNMrFCI+dGaSw7ro1vBMamFukbMA3m0I3hOl9QccM=";
vendorSha256 = null;
ldflags = [ "-s" "-w" ];

57
pkgs/applications/misc/opencpn/default.nix
View File

@ -1,10 +1,12 @@
{ stdenv, lib
{ stdenv
, lib
, alsa-utils
, at-spi2-core
, cmake
, curl
, dbus
, fetchFromGitHub
, fetchpatch
, flac
, gtk3
, jasper
@ -26,6 +28,7 @@
, libxkbcommon
, lsb-release
, lz4
, makeWrapper
, pcre
, pkg-config
, portaudio
@ -33,7 +36,7 @@
, tinyxml
, udev
, util-linux
, wxGTK31-gtk3
, wxGTK32
, xorg
}:
@ -48,9 +51,32 @@ stdenv.mkDerivation rec {
hash = "sha256-sNZYf/2gtjRrrGPuazVnKTgcuIQpKPazhexqlK21T4g=";
};
nativeBuildInputs = [ cmake lsb-release pkg-config ];
patches = [
(fetchpatch {
url = "https://github.com/OpenCPN/OpenCPN/commit/30fa16850ba97d3df0622273947e3e3975b8e6c0.patch";
sha256 = "sha256-Sb4FE9QJA5kMJi52/x1Az6rMTS3WSURPx4QAhcv2j9E=";
})
];
postPatch = lib.optionalString stdenv.isDarwin ''
substituteInPlace cmake/TargetSetup.cmake \
--replace '"sw_vers" "-productVersion"' '"echo" "1"'
sed -i '/fixup_bundle/d' CMakeLists.txt
'' + lib.optionalString (stdenv.isDarwin && stdenv.isx86_64) ''
substituteInPlace CMakeLists.txt \
--replace 'DARWIN_VERSION LESS 16' 'TRUE'
'';
nativeBuildInputs = [
cmake
pkg-config
] ++ lib.optionals stdenv.isLinux [
lsb-release
] ++ lib.optionals stdenv.isDarwin [
makeWrapper
];
buildInputs = [
alsa-utils
at-spi2-core
curl
dbus
@ -65,8 +91,6 @@ stdenv.mkDerivation rec {
libexif
libogg
libopus
libselinux
libsepol
libsndfile
libthai
libunarr
@ -78,23 +102,36 @@ stdenv.mkDerivation rec {
portaudio
sqlite
tinyxml
wxGTK32
] ++ lib.optionals stdenv.isLinux [
alsa-utils
libselinux
libsepol
udev
util-linux
wxGTK31-gtk3
xorg.libXdmcp
xorg.libXtst
];
cmakeFlags = [ "-DOCPN_BUNDLE_DOCS=true" ];
NIX_CFLAGS_COMPILE = lib.optionals (!stdenv.hostPlatform.isx86) [
"-DSQUISH_USE_SSE=0"
];
postInstall = lib.optionals stdenv.isDarwin ''
mkdir -p $out/Applications
mv $out/bin/OpenCPN.app $out/Applications
makeWrapper $out/Applications/OpenCPN.app/Contents/MacOS/OpenCPN $out/bin/opencpn
'';
doCheck = true;
meta = with lib; {
description = "A concise ChartPlotter/Navigator";
maintainers = with maintainers; [ kragniz lovesegfault ];
platforms = [ "x86_64-linux" ];
license = licenses.gpl2;
platforms = platforms.unix;
license = licenses.gpl2Plus;
homepage = "https://opencpn.org/";
};
}

4
pkgs/applications/misc/xmrig/default.nix
View File

@ -4,13 +4,13 @@
stdenv.mkDerivation rec {
pname = "xmrig";
version = "6.18.0";
version = "6.18.1";
src = fetchFromGitHub {
owner = "xmrig";
repo = "xmrig";
rev = "v${version}";
sha256 = "sha256-vYXDQSEhPi/jxCO6pxOJ1q0AoBVVRU9vErtJLq90ltk=";
sha256 = "sha256-aTyJhPVqq3jGNVozD39RJ4n0FmAKAtPttW9ecoanEzg=";
};
nativeBuildInputs = [ cmake ];

20
pkgs/applications/networking/browsers/chromium/upstream-info.json
View File

@ -1,21 +1,21 @@
{
"stable": {
"version": "106.0.5249.119",
"sha256": "14niglj8q6mfkmgbbjhaipmyhv6vryx93crswb1xa871a14in28g",
"sha256bin64": "1kcf8l6ivqzx6qaiy7vx2l6mhfqn4lq93dkgcx1bdadikwcpq0dd",
"version": "107.0.5304.68",
"sha256": "0k5qrmby1k2gw3lj96x3qag20kka61my578pv0zyrqqj5sdz3i5a",
"sha256bin64": "1x9svz5s8fm2zhnpzjpqckzfp37hjni3nf3pm63rwnvbd06y48ja",
"deps": {
"gn": {
"version": "2022-08-11",
"version": "2022-09-14",
"url": "https://gn.googlesource.com/gn",
"rev": "0bcd37bd2b83f1a9ee17088037ebdfe6eab6d31a",
"sha256": "13zks2z65kg7fzzsysq4mswd4bhhy3h7ycdrpxfilcvixx2n2gac"
"rev": "fff29c1b3f9703ea449f720fe70fa73575ef24e5",
"sha256": "1c0dvpp4im1hf277bs5w7rgqxz3g2bax266i2g6smi3pl7a8jpnp"
}
},
"chromedriver": {
"version": "106.0.5249.61",
"sha256_linux": "0l2270d5az46pc6icpn3zx7yr8ilkszsrfy3qmwrx3cyc4xnmznj",
"sha256_darwin": "07k76i9m3j34h6ybn1wafy39d2ngf06bhp24qzwvv45rks714hqa",
"sha256_darwin_aarch64": "1nvid0s44nlzy46cgxzsyyb3jfpyl3xy7aqafwskmbxdczx7bdap"
"version": "107.0.5304.62",
"sha256_linux": "13s0kl0k8c6q6h548ay2qssv8j4bmm5b4p3h8bgby30nj9014bsh",
"sha256_darwin": "0awd59xz4cllkbd9r5hhk6sinf291ii81chi361nw67aj5vmj7is",
"sha256_darwin_aarch64": "01fr6518qycwsn6js64k7727jmp3hxmj70jcghmw1cgxam59nh7w"
}
},
"beta": {

786
pkgs/applications/networking/browsers/firefox-bin/release_sources.nix
View File

File diff suppressed because it is too large Load Diff

4
pkgs/applications/networking/browsers/firefox/packages.nix
View File

@ -3,10 +3,10 @@
rec {
firefox = buildMozillaMach rec {
pname = "firefox";
version = "106.0.1";
version = "106.0.2";
src = fetchurl {
url = "mirror://mozilla/firefox/releases/${version}/source/firefox-${version}.source.tar.xz";
sha512 = "15f5a65a69e11dd0c463b358cafb5ad0f31db93619b9ec3f89e8c5e14d4d319d9423fe4dcd0dbbcbedc1ad444dcbd8e5e30e483220277f5b550bff6124b66519";
sha512 = "2aad75c05c3398c19842be46dcde275581344b09f0c65b51a630cef201545996ee00f8020f52a0d7b6416d9ad52cbd5c71b8f1cdf47cd18e4abf1ba21f7cdb93";
};
# This patch could be applied anywhere (just rebuild, no effect)

6
pkgs/applications/networking/browsers/tor-browser-bundle-bin/default.nix
View File

@ -87,7 +87,7 @@ let
fteLibPath = makeLibraryPath [ stdenv.cc.cc gmp ];
# Upstream source
version = "11.5.4";
version = "11.5.5";
lang = "en-US";
@ -99,7 +99,7 @@ let
"https://tor.eff.org/dist/torbrowser/${version}/tor-browser-linux64-${version}_${lang}.tar.xz"
"https://tor.calyxinstitute.org/dist/torbrowser/${version}/tor-browser-linux64-${version}_${lang}.tar.xz"
];
sha256 = "sha256-23P8Ew0asOptDYVJ0xA+ATOOT92nz/I2F2+CsAejfKo=";
sha256 = "sha256-AOt0PFot6Qh9voqvi5bagW0HLk2kP8b6A2c8Jdv5vkQ=";
};
i686-linux = fetchurl {
@ -109,7 +109,7 @@ let
"https://tor.eff.org/dist/torbrowser/${version}/tor-browser-linux32-${version}_${lang}.tar.xz"
"https://tor.calyxinstitute.org/dist/torbrowser/${version}/tor-browser-linux32-${version}_${lang}.tar.xz"
];
sha256 = "sha256-ye4qq+zH1AlDItP8lKfA9YIJ7AMg1Roc4itpr0kWNtY=";
sha256 = "sha256-MQrJgdAsNvG+WCx4eeb2UHZp/0LoOIhZZQUKESNIGZY=";
};
};
in

4
pkgs/applications/networking/cluster/civo/default.nix
View File

@ -2,13 +2,13 @@
buildGoModule rec {
pname = "civo";
version = "1.0.40";
version = "1.0.41";
src = fetchFromGitHub {
owner = "civo";
repo = "cli";
rev = "v${version}";
sha256 = "sha256-rsO7vGPr80/ChoNtRGuJDnVDzxwBgLD//iMZEfvxvHc=";
sha256 = "sha256-dvbxxW+UyTA+EzBV6g9JRao8D6ZE5hhXLX4q/mmPIQg=";
};
vendorSha256 = "sha256-gBVSpjoAfbxlJnlrFrsBupJgVQ59sh1ipOry0Mgppig=";

32
pkgs/applications/networking/cluster/kluctl/default.nix Normal file
View File

@ -0,0 +1,32 @@
{ lib, stdenv, buildGoModule, fetchFromGitHub, testers, kluctl }:
buildGoModule rec {
pname = "kluctl";
version = "2.16.0";
src = fetchFromGitHub {
owner = "kluctl";
repo = "kluctl";
rev = "v${version}";
hash = "sha256-NwjPClD3P9EP7gKPPgKXI3h+kLeGPd7Gf6gZXMCCLHk=";
};
vendorHash = "sha256-IC+sjctDqd0lQD5labl+UYWsRiptQKSjSHYf2SGkp14=";
ldflags = [ "-s" "-w" "-X main.version=v${version}" ];
# Depends on docker
doCheck = false;
passthru.tests.version = testers.testVersion {
package = kluctl;
version = "v${version}";
};
meta = with lib; {
description = "The missing glue to put together large Kubernetes deployments";
homepage = "https://kluctl.io/";
license = licenses.asl20;
maintainers = with maintainers; [ sikmir ];
};
}

6
pkgs/applications/networking/cluster/kyverno/default.nix
View File

@ -2,13 +2,13 @@
buildGoModule rec {
pname = "kyverno";
version = "1.8.0";
version = "1.8.1";
src = fetchFromGitHub {
owner = "kyverno";
repo = "kyverno";
rev = "v${version}";
sha256 = "sha256-VJhn3z/utbcZdJjmVzsjyqPfpKMmDXSKUcoALSmawqs=";
sha256 = "sha256-pwT+fzFzJBkQkWmeHlqbTVSmmh7p3h7M4p5Wrrq+vJM=";
};
ldflags = [
@ -18,7 +18,7 @@ buildGoModule rec {
"-X github.com/kyverno/kyverno/pkg/version.BuildTime=1970-01-01_00:00:00"
];
vendorSha256 = "sha256-8Sk36IFk3tL/wqDnKJw/K1MtKBZuVRRFkyMl4b/XwDI=";
vendorSha256 = "sha256-QE2OWymT/ke/5+f3Sw5MBadorcn/vXJXvwOaFNqhxWQ=";
subPackages = [ "cmd/cli/kubectl-kyverno" ];

12
pkgs/applications/networking/cluster/terraform-providers/providers.json
View File

@ -138,13 +138,13 @@
"version": "1.0.0"
},
"baiducloud": {
"hash": "sha256-9r9Y1iegVgaZk+2bKB0uHy6w0JotDuNUXemOqtJSAeg=",
"hash": "sha256-7dNFy3UJ20HbacmaZDxv3IRxsDHGgJdMJFa4/pJIYdw=",
"owner": "baidubce",
"provider-source-address": "registry.terraform.io/baidubce/baiducloud",
"repo": "terraform-provider-baiducloud",
"rev": "v1.16.0",
"rev": "v1.16.1",
"vendorHash": null,
"version": "1.16.0"
"version": "1.16.1"
},
"bigip": {
"hash": "sha256-uSe+J4AlW8Dt96BVF1ZI/yrgWUbZsl64b/D+k5ysHC0=",
@ -349,13 +349,13 @@
"version": "2.22.0"
},
"elasticsearch": {
"hash": "sha256-7sMF7LBM5tnOtERufh7LaJlfcJ5WHIynpzlTg/05u3I=",
"hash": "sha256-+cktPArBOysc4V+uR3KWsVlxtxSIbuVMCmPSU21xF/U=",
"owner": "phillbaker",
"provider-source-address": "registry.terraform.io/phillbaker/elasticsearch",
"repo": "terraform-provider-elasticsearch",
"rev": "v2.0.5",
"rev": "v2.0.6",
"vendorHash": "sha256-oVTanZpCWs05HwyIKW2ajiBPz1HXOFzBAt5Us+EtTRw=",
"version": "2.0.5"
"version": "2.0.6"
},
"equinix": {
"hash": "sha256-gvI9awkKiWWnw6O/KvskFTHZfvajGfgYu8DGsT34Siw=",

14
pkgs/applications/networking/cluster/werf/default.nix
View File

@ -10,16 +10,16 @@
buildGoModule rec {
pname = "werf";
version = "1.2.180";
version = "1.2.184";
src = fetchFromGitHub {
owner = "werf";
repo = "werf";
rev = "v${version}";
hash = "sha256-6I1Elq5tA7Vh+FaPYNVfEynTbw35WM/UuruqArGhsz4=";
hash = "sha256-u3Mf7a+IGLWYvAt/Db/BwvtGc66SnYz5Qx2BkCCLKPg=";
};
vendorHash = "sha256-rdrIJ1knarb7tEXl4BxYckHdX5oS2yvfcuRAI16ThU4=";
vendorHash = "sha256-T9xGLQcnO9xyRVNX3xCwsOOXWvBbhhw9dH8gW7aBUjE=";
proxyVendor = true;
@ -36,16 +36,18 @@ buildGoModule rec {
"-s"
"-w"
"-X github.com/werf/werf/pkg/werf.Version=${src.rev}"
] ++ lib.optionals stdenv.isLinux [
"-extldflags '-static'"
] ++ lib.optionals (CGO_ENABLED == 1) [
"-extldflags=-static"
"-linkmode external"
];
tags = [
"containers_image_openpgp"
"dfrunmount"
"dfrunnetwork"
"dfrunsecurity"
"dfssh"
] ++ lib.optionals stdenv.isLinux [
] ++ lib.optionals (CGO_ENABLED == 1) [
"exclude_graphdriver_devicemapper"
"netgo"
"no_devmapper"

4
pkgs/applications/networking/flexget/default.nix
View File

@ -5,14 +5,14 @@
python3Packages.buildPythonApplication rec {
pname = "flexget";
version = "3.3.39";
version = "3.4.1";
# Fetch from GitHub in order to use `requirements.in`
src = fetchFromGitHub {
owner = "flexget";
repo = "flexget";
rev = "refs/tags/v${version}";
hash = "sha256-UJOV/KRJgy4r7iKWdlA8k51OLzMcfMHgFSvII/D5erA=";
hash = "sha256-OfRbkMIqusfiHyBPnPnbOPwYo7lF5bg46MEM8V5nGq4=";
};
postPatch = ''

4
pkgs/applications/networking/freefilesync/default.nix
View File

@ -13,13 +13,13 @@
gcc12Stdenv.mkDerivation rec {
pname = "freefilesync";
version = "11.26";
version = "11.27";
src = fetchFromGitHub {
owner = "hkneptune";
repo = "FreeFileSync";
rev = "v${version}";
sha256 = "sha256-MKs9PfxKVxfDYYB8Dqop9dUd757ajjgvIdMtKJX5dNw=";
sha256 = "sha256-ZIWqCR5/8qaK9Qcb0Uzi/wu3Do8nZ5DGAw8sfwUhCZg=";
};
# Patches from ROSA Linux

6
pkgs/applications/networking/instant-messengers/jami/default.nix
View File

@ -71,10 +71,14 @@ rec {
sha256 = "sha256-ENRfQh/HCXqInTV0tu8tGQO7+vTbST6XXpptERXMACE=";
};
patches = old.patches ++ (map (x: patch-src + x) (readLinesToList ./config/pjsip_patches));
patches = (map (x: patch-src + x) (readLinesToList ./config/pjsip_patches));
configureFlags = (readLinesToList ./config/pjsip_args_common)
++ lib.optionals stdenv.isLinux (readLinesToList ./config/pjsip_args_linux);
meta = {
knownVulnerabilities = [ "CVE-2022-39269" "CVE-2022-39244" ];
} // old.meta;
});
opendht-jami = opendht.override {

2
pkgs/applications/networking/instant-messengers/telepathy/logger/default.nix
View File

@ -30,7 +30,7 @@ stdenv.mkDerivation rec {
description = "Logger service for Telepathy framework";
homepage = "https://telepathy.freedesktop.org/components/telepathy-logger/";
license = licenses.lgpl21;
maintainers = with maintainers; [ jtojnar ];
maintainers = with maintainers; [ ];
platforms = platforms.gnu ++ platforms.linux; # Arbitrary choice
};
}

2
pkgs/applications/networking/instant-messengers/telepathy/mission-control/default.nix
View File

@ -47,7 +47,7 @@ stdenv.mkDerivation rec {
description = "An account manager and channel dispatcher for the Telepathy framework";
homepage = "https://telepathy.freedesktop.org/components/telepathy-mission-control/";
license = licenses.lgpl21Only;
maintainers = with maintainers; [ jtojnar ];
maintainers = with maintainers; [ ];
platforms = platforms.unix;
};
}

27
pkgs/applications/networking/p2p/magnetico/default.nix
View File

@ -1,27 +1,40 @@
{ lib, fetchFromGitHub, buildGoModule, go-bindata }:
{ lib
, fetchFromGitHub
, nixosTests
, buildGoModule
}:
buildGoModule rec {
pname = "magnetico";
version = "0.12.0";
version = "unstable-2022-08-10";
src = fetchFromGitHub {
owner = "boramalper";
owner = "ireun";
repo = "magnetico";
rev = "v${version}";
sha256 = "1avqnfn4llmc9xmpsjfc9ivki0cfvd8sljfzd9yac94xcj581s83";
rev = "828e230d3b3c0759d3274e27f5a7b70400f4d6ea";
sha256 = "sha256-V1pBzillWTk9iuHAhFztxYaq4uLL3U3HYvedGk6ffbk=";
};
vendorSha256 = "087kikj6sjhjxqymnj7bpxawfmwckihi6mbmi39w0bn2040aflx5";
vendorSha256 = "sha256-ngYkTtBEZSyYYnfBHi0VrotwKGvMOiowbrwigJnjsuU=";
nativeBuildInputs = [ go-bindata ];
buildPhase = ''
runHook preBuild
make magneticow magneticod
runHook postBuild
'';
checkPhase = ''
runHook preBuild
make test
runHook postBuild
'';
passthru.tests = { inherit (nixosTests) magnetico; };
meta = with lib; {
description = "Autonomous (self-hosted) BitTorrent DHT search engine suite";
homepage = "https://github.com/boramalper/magnetico";

10
pkgs/applications/networking/pjsip/default.nix
View File

@ -13,6 +13,16 @@ stdenv.mkDerivation rec {
patches = [
./fix-aarch64.patch
(fetchpatch {
name = "CVE-2022-39269.patch";
url = "https://github.com/pjsip/pjproject/commit/d2acb9af4e27b5ba75d658690406cec9c274c5cc.patch";
sha256 = "sha256-bKE/MrRAqN1FqD2ubhxIOOf5MgvZluHHeVXPjbR12iQ=";
})
(fetchpatch {
name = "CVE-2022-39244.patch";
url = "https://github.com/pjsip/pjproject/commit/c4d34984ec92b3d5252a7d5cddd85a1d3a8001ae.patch";
sha256 = "sha256-hTUMh6bYAizn6GF+sRV1vjKVxSf9pnI+eQdPOqsdJI4=";
})
];
buildInputs = [ openssl libsamplerate ]

4
pkgs/applications/radio/gnuradio/3.8.nix
View File

@ -271,11 +271,11 @@ stdenv.mkDerivation rec {
# order to build, see https://github.com/qradiolink/qradiolink/issues/67
++ lib.optionals (hasFeature "gr-vocoder") [
"-DLIBCODEC2_FOUND=TRUE"
"-DLIBCODEC2_LIBRARIES=${codec2}/lib/libcodec2.so"
"-DLIBCODEC2_LIBRARIES=${codec2}/lib/libcodec2${stdenv.hostPlatform.extensions.sharedLibrary}"
"-DLIBCODEC2_INCLUDE_DIRS=${codec2}/include"
"-DLIBCODEC2_HAS_FREEDV_API=ON"
"-DLIBGSM_FOUND=TRUE"
"-DLIBGSM_LIBRARIES=${gsm}/lib/libgsm.so"
"-DLIBGSM_LIBRARIES=${gsm}/lib/libgsm${stdenv.hostPlatform.extensions.sharedLibrary}"
"-DLIBGSM_INCLUDE_DIRS=${gsm}/include/gsm"
]
++ lib.optionals (hasFeature "volk" && volk != null) [

2
pkgs/applications/radio/gnuradio/3.9.nix
View File

@ -296,7 +296,7 @@ stdenv.mkDerivation rec {
# This is the only python reference worth removing, if needed.
+ lib.optionalString (!hasFeature "python-support") ''
${removeReferencesTo}/bin/remove-references-to -t ${python} $out/lib/cmake/gnuradio/GnuradioConfig.cmake
${removeReferencesTo}/bin/remove-references-to -t ${python} $(readlink -f $out/lib/libgnuradio-runtime.so)
${removeReferencesTo}/bin/remove-references-to -t ${python} $(readlink -f $out/lib/libgnuradio-runtime${stdenv.hostPlatform.extensions.sharedLibrary})
${removeReferencesTo}/bin/remove-references-to -t ${python.pkgs.pybind11} $out/lib/cmake/gnuradio/gnuradio-runtimeTargets.cmake
''
;

2
pkgs/applications/radio/gnuradio/default.nix
View File

@ -317,7 +317,7 @@ stdenv.mkDerivation rec {
# This is the only python reference worth removing, if needed.
+ lib.optionalString (!hasFeature "python-support") ''
${removeReferencesTo}/bin/remove-references-to -t ${python} $out/lib/cmake/gnuradio/GnuradioConfig.cmake
${removeReferencesTo}/bin/remove-references-to -t ${python} $(readlink -f $out/lib/libgnuradio-runtime.so)
${removeReferencesTo}/bin/remove-references-to -t ${python} $(readlink -f $out/lib/libgnuradio-runtime${stdenv.hostPlatform.extensions.sharedLibrary})
${removeReferencesTo}/bin/remove-references-to -t ${python.pkgs.pybind11} $out/lib/cmake/gnuradio/gnuradio-runtimeTargets.cmake
''
;

9
pkgs/applications/radio/gnuradio/shared.nix
View File

@ -84,7 +84,11 @@ rec {
postInstall = ""
# Gcc references
+ lib.optionalString (hasFeature "gnuradio-runtime") ''
${removeReferencesTo}/bin/remove-references-to -t ${stdenv.cc} $(readlink -f $out/lib/libgnuradio-runtime.so)
${removeReferencesTo}/bin/remove-references-to -t ${stdenv.cc} $(readlink -f $out/lib/libgnuradio-runtime${stdenv.hostPlatform.extensions.sharedLibrary})
''
# Clang references in InstalledDir
+ lib.optionalString (hasFeature "gnuradio-runtime" && stdenv.isDarwin) ''
${removeReferencesTo}/bin/remove-references-to -t ${stdenv.cc.cc} $(readlink -f $out/lib/libgnuradio-runtime${stdenv.hostPlatform.extensions.sharedLibrary})
''
;
# NOTE: Outputs are disabled due to upstream not using GNU InstallDIrs cmake
@ -112,7 +116,6 @@ rec {
doCheck = false;
meta = with lib; {
broken = stdenv.isDarwin;
description = "Software Defined Radio (SDR) software";
longDescription = ''
GNU Radio is a free & open-source software development toolkit that
@ -126,6 +129,6 @@ rec {
homepage = "https://www.gnuradio.org";
license = licenses.gpl3;
platforms = platforms.unix;
maintainers = with maintainers; [ doronbehar bjornfor fpletz ];
maintainers = with maintainers; [ doronbehar bjornfor fpletz jiegec ];
};
}

10
pkgs/applications/radio/gnuradio/wrapper.nix
View File

@ -98,19 +98,21 @@ let
"${
lib.makeSearchPath
unwrapped.qt.qtbase.qtPluginPrefix
(builtins.map lib.getBin [
(builtins.map lib.getBin ([
unwrapped.qt.qtbase
] ++ lib.optionals stdenv.isLinux [
unwrapped.qt.qtwayland
])
]))
}"
"--prefix" "QML2_IMPORT_PATH" ":"
"${
lib.makeSearchPath
unwrapped.qt.qtbase.qtQmlPrefix
(builtins.map lib.getBin [
(builtins.map lib.getBin ([
unwrapped.qt.qtbase
] ++ lib.optionals stdenv.isLinux [
unwrapped.qt.qtwayland
])
]))
}"
]
else

4
pkgs/applications/version-management/git-repo/default.nix
View File

@ -4,13 +4,13 @@
stdenv.mkDerivation rec {
pname = "git-repo";
version = "2.29.3";
version = "2.29.4";
src = fetchFromGitHub {
owner = "android";
repo = "tools_repo";
rev = "v${version}";
sha256 = "sha256-hZoiljARTEhsuaM7QEFl+XqLq4RksLfxDpht5V1aC2M=";
sha256 = "sha256-oUPY10B6JHixdfgi5BHzrg9nZ1DlFUhQyuXJj2fCSM4=";
};
# Fix 'NameError: name 'ssl' is not defined'

4
pkgs/applications/version-management/got/default.nix
View File

@ -4,11 +4,11 @@
stdenv.mkDerivation rec {
pname = "got";
version = "0.76";
version = "0.77";
src = fetchurl {
url = "https://gameoftrees.org/releases/portable/got-portable-${version}.tar.gz";
sha256 = "sha256-05VUIHUqXnES4CmgopzQ2LQ0uldSffsGF5ExedEO+yA=";
sha256 = "sha256-/O9u7Ei6f0rGr7LRWcG9FUQd7Z+qpq2/6H01jNR1C7o=";
};
nativeBuildInputs = [ pkg-config bison ];

2
pkgs/applications/video/davinci-resolve/default.nix
View File

@ -16,6 +16,7 @@
, xkeyboard_config
, glib
, libarchive
, libxcrypt
, python2
}:
@ -154,6 +155,7 @@ buildFHSUserEnv {
ocl-icd
glib
libarchive
libxcrypt # provides libcrypt.so.1
xdg-utils # xdg-open needed to open URLs
python2
# currently they want python 3.6 which is EOL

10
pkgs/applications/virtualization/docker/default.nix
View File

@ -238,19 +238,19 @@ rec {
# Get revisions from
# https://github.com/moby/moby/tree/${version}/hack/dockerfile/install/*
docker_20_10 = callPackage dockerGen rec {
version = "20.10.20";
version = "20.10.21";
rev = "v${version}";
sha256 = "sha256-hzD4p0cunU21n0eXuMPRz37T+KSvQ583cs64f51CxLM=";
sha256 = "sha256-hPQ1t7L2fqoFWoinqIrDwFQ1bo9TzMb4l3HmAotIUS8=";
moby-src = fetchFromGitHub {
owner = "moby";
repo = "moby";
rev = "v${version}";
sha256 = "sha256-BfFnG0cR0FyQvX683RPsY0gC5w2wvgvmDZgKnDJsnG4=";
sha256 = "sha256-BcYDh/UEmmURt7hWLWdPTKVu/Nzoeq/shE+HnUoh8b4=";
};
runcRev = "v1.1.4";
runcSha256 = "sha256-ougJHW1Z+qZ324P8WpZqawY1QofKnn8WezP7orzRTdA=";
containerdRev = "v1.6.8";
containerdSha256 = "sha256-0UiPhkTWV61DnAF5kWd1FctX8i0sXaJ1p/xCMznY/A8=";
containerdRev = "v1.6.9";
containerdSha256 = "sha256-KvQdYQLzgt/MKPsA/mO5un6nE3/xcvVYwIveNn/uDnU=";
tiniRev = "v0.19.0";
tiniSha256 = "sha256-ZDKu/8yE5G0RYFJdhgmCdN3obJNyRWv6K/Gd17zc1sI=";
};

2
pkgs/applications/window-managers/phosh/default.nix
View File

@ -128,7 +128,7 @@ stdenv.mkDerivation rec {
description = "A pure Wayland shell prototype for GNOME on mobile devices";
homepage = "https://gitlab.gnome.org/World/Phosh/phosh";
license = licenses.gpl3Plus;
maintainers = with maintainers; [ jtojnar masipcat zhaofengli ];
maintainers = with maintainers; [ masipcat zhaofengli ];
platforms = platforms.linux;
};
}

2
pkgs/data/fonts/tex-gyre/default.nix
View File

@ -28,7 +28,7 @@ let
# which is a free license, legally equivalent to the LaTeX Project Public
# License (LPPL), version 1.3c or later." - GUST website
license = licenses.lppl13c;
maintainers = with maintainers; [ jtojnar ];
maintainers = with maintainers; [ ];
platforms = platforms.all;
};
};

81
pkgs/data/icons/catppuccin-cursors/default.nix Normal file
View File

@ -0,0 +1,81 @@
{ lib
, stdenvNoCC
, fetchFromGitHub
, inkscape
, xcursorgen
, makeFontsConf
}:
let
dimensions = {
palette = [ "Frappe" "Latte" "Macchiato" "Mocha" ];
color = [ "Blue" "Dark" "Flamingo" "Green" "Lavender" "Light" "Maroon" "Mauve" "Peach" "Pink" "Red" "Rosewater" "Sapphire" "Sky" "Teal" "Yellow" ];
};
product = lib.attrsets.cartesianProductOfSets dimensions;
variantName = { palette, color }: (lib.strings.toLower palette) + color;
variants = map variantName product;
in
stdenvNoCC.mkDerivation {
pname = "catppuccin-cursors";
version = "unstable-2022-08-23";
src = fetchFromGitHub {
owner = "catppuccin";
repo = "cursors";
rev = "3d3023606939471c45cff7b643bffc5d5d4ff29c";
sha256 = "1z9cjxxsj3vrmhsw1k05b31zmncz1ksaswc4r1k3vd2mmpigq1nk";
};
outputs = variants ++ [ "out" ]; # dummy "out" output to prevent breakage
outputsToInstall = [];
nativeBuildInputs = [
inkscape
xcursorgen
];
postPatch = ''
patchShebangs ./build.sh
'';
# Make fontconfig stop warning about being unable to load config
FONTCONFIG_FILE = makeFontsConf { fontDirectories = [ ]; };
# Make inkscape stop warning about being unable to create profile directory
preBuild = ''
export HOME="$NIX_BUILD_ROOT"
'';
installPhase = ''
runHook preInstall
for output in $outputs; do
if [ "$output" != "out" ]; then
local outputDir="''${!output}"
local iconsDir="$outputDir"/share/icons
mkdir -p "$iconsDir"
# Convert to kebab case with the first letter of each word capitalized
local variant=$(sed 's/\([A-Z]\)/-\1/g' <<< "$output")
local variant=''${variant^}
cp -r dist/Catppuccin-"$variant"-Cursors "$iconsDir"
fi
done
# Needed to prevent breakage
mkdir -p "$out"
runHook postInstall
'';
meta = with lib; {
description = "Catppuccin cursor theme based on Volantes";
homepage = "https://github.com/catppuccin/cursors";
license = licenses.gpl2;
platforms = platforms.linux;
maintainers = with maintainers; [ PlayerNameHere ];
};
}

43
pkgs/desktops/gnome/extensions/extensions.json
View File

File diff suppressed because one or more lines are too long

2
pkgs/desktops/gnome/extensions/sound-output-device-chooser/default.nix
View File

@ -45,7 +45,7 @@ stdenv.mkDerivation rec {
meta = with lib; {
description = "GNOME Shell extension adding audio device chooser to panel";
license = licenses.gpl3Plus;
maintainers = with maintainers; [ jtojnar ];
maintainers = with maintainers; [ ];
homepage = "https://github.com/kgshank/gse-sound-output-device-chooser";
};
}

2
pkgs/desktops/gnome/extensions/window-corner-preview/default.nix
View File

@ -28,7 +28,7 @@ stdenv.mkDerivation rec {
meta = with lib; {
description = "GNOME Shell extension showing a video preview on the corner of the screen";
license = licenses.mit;
maintainers = with maintainers; [ jtojnar ];
maintainers = with maintainers; [ ];
homepage = "https://github.com/medenagan/window-corner-preview";
broken = lib.versionAtLeast gnome.gnome-shell.version "3.32"; # Doesn't support 3.34
};

4
pkgs/desktops/pantheon/apps/switchboard-plugs/display/default.nix
View File

@ -15,13 +15,13 @@
stdenv.mkDerivation rec {
pname = "switchboard-plug-display";
version = "2.3.2";
version = "2.3.3";
src = fetchFromGitHub {
owner = "elementary";
repo = pname;
rev = version;
sha256 = "sha256-3sYZCazGnTjIi3Iry5673TMI13sD0GuY+46AK+NJH70=";
sha256 = "sha256-d25++3msaS9dg2Rsl7mrAezDn8Lawd3/X0XPH5Zy6Rc=";
};
nativeBuildInputs = [

4
pkgs/desktops/pantheon/apps/switchboard-plugs/security-privacy/default.nix
View File

@ -21,13 +21,13 @@
stdenv.mkDerivation rec {
pname = "switchboard-plug-security-privacy";
version = "2.4.0";
version = "2.4.1";
src = fetchFromGitHub {
owner = "elementary";
repo = pname;
rev = version;
sha256 = "sha256-jT8aYE36ZAeB9ng3RojVqxzmLtzpbsNRHPuDQ03XKcI=";
sha256 = "sha256-k8IQumV8rjV3U4ACm5FxCqzSdwqKBaGAqsv45hsP/7c=";
};
nativeBuildInputs = [

2
pkgs/development/compilers/chicken/4/chicken.nix
View File

@ -41,6 +41,8 @@ stdenv.mkDerivation {
nativeBuildInputs = [
makeWrapper
] ++ lib.optionals (stdenv.isDarwin && stdenv.isAarch64) [
darwin.autoSignDarwinBinariesHook
];
buildInputs = lib.optionals (bootstrap-chicken != null) [

2
pkgs/development/compilers/chicken/5/chicken.nix
View File

@ -34,6 +34,8 @@ stdenv.mkDerivation rec {
nativeBuildInputs = [
makeWrapper
] ++ lib.optionals (stdenv.isDarwin && stdenv.isAarch64) [
darwin.autoSignDarwinBinariesHook
];
buildInputs = lib.optionals (bootstrap-chicken != null) [

11
pkgs/development/gnuradio-modules/grnet/default.nix
View File

@ -1,6 +1,7 @@
{ lib
, mkDerivation
, fetchFromGitHub
, fetchpatch
, gnuradio
, cmake
, pkg-config
@ -54,6 +55,16 @@ mkDerivation {
inherit src;
disabledForGRafter = "3.10";
patches = [
# Use cross platform struct ip instead of iphdr
# https://github.com/ghostop14/gr-grnet/pull/19
(fetchpatch {
name = "fix-compilation-on-darwin.patch";
url = "https://github.com/ghostop14/gr-grnet/commit/52c07daa9ba595b76ffa5dd90c0c96694d95d140.patch";
sha256 = "sha256-1gJaYLIn09blOhALMfBPROt5YBXaosG41Vsd3+5h518=";
})
];
buildInputs = [
boost
log4cpp

5
pkgs/development/gnuradio-modules/osmosdr/default.nix
View File

@ -1,4 +1,6 @@
{ lib
, stdenv
, darwin
, mkDerivation
, fetchgit
, gnuradio
@ -58,6 +60,9 @@ in mkDerivation {
] ++ lib.optionals (gnuradio.hasFeature "gr-ctrlport") [
thrift
python.pkgs.thrift
] ++ lib.optionals stdenv.isDarwin [
darwin.apple_sdk.frameworks.IOKit
darwin.apple_sdk.frameworks.Security
];
cmakeFlags = [
(if (gnuradio.hasFeature "python-support") then

44
pkgs/development/guile-modules/guile-sqlite3/default.nix Normal file
View File

@ -0,0 +1,44 @@
{ lib
, stdenv
, fetchFromGitea
, guile
, autoreconfHook
, pkg-config
, texinfo
, sqlite
}:
stdenv.mkDerivation rec {
pname = "guile-sqlite3";
version = "0.1.3";
src = fetchFromGitea {
domain = "notabug.org";
owner = pname;
repo = pname;
rev = "v${version}";
sha256 = "sha256-C1a6lMK4O49043coh8EQkTWALrPolitig3eYf+l+HmM=";
};
nativeBuildInputs = [
autoreconfHook
pkg-config
texinfo
];
buildInputs = [
guile
sqlite
];
doCheck = true;
makeFlags = [ "GUILE_AUTO_COMPILE=0" ];
enableParallelBuilding = true;
meta = with lib; {
description = "Guile bindings for the SQLite3 database engine";
homepage = "https://notabug.org/guile-sqlite3/guile-sqlite3";
license = licenses.gpl3Plus;
maintainers = with maintainers; [ miangraham ];
platforms = guile.meta.platforms;
};
}

4
pkgs/development/guile-modules/guile-ssh/default.nix
View File

@ -11,13 +11,13 @@
stdenv.mkDerivation rec {
pname = "guile-ssh";
version = "0.15.1";
version = "0.16.0";
src = fetchFromGitHub {
owner = "artyom-poptsov";
repo = pname;
rev = "v${version}";
sha256 = "sha256-+BhyaBieqMwTgsSLci3HJdCrNQmfPN/jK2Od5DQs9n8=";
sha256 = "sha256-3h4U/h6cVgHTJOyliw1gTYtgzQcatRLX6NrP87JXRc0=";
};
configureFlags = [ "--with-guilesitedir=\${out}/share/guile/site" ];

4
pkgs/development/interpreters/clojure/default.nix
View File

@ -2,12 +2,12 @@
stdenv.mkDerivation rec {
pname = "clojure";
version = "1.11.1.1177";
version = "1.11.1.1182";
src = fetchurl {
# https://clojure.org/releases/tools
url = "https://download.clojure.org/install/clojure-tools-${version}.tar.gz";
sha256 = "sha256-Axutyw+f7TPObxcw8llbu3r0zxYIKxFnBuUp+trR9eI=";
sha256 = "sha256-u6qTQwtoN47UedSsxsyV0ej3C6Ta5ncbP3lZzTmvPr8=";
};
nativeBuildInputs = [

43
pkgs/development/interpreters/luau/default.nix Normal file
View File

@ -0,0 +1,43 @@
{ lib, stdenv, fetchFromGitHub, cmake }:
stdenv.mkDerivation rec {
pname = "luau";
version = "0.550";
src = fetchFromGitHub {
owner = "Roblox";
repo = "luau";
rev = version;
sha256 = "sha256-bCZ1V3ygN6+6IHWxT8VPi7vWVk711fki9aIPUUsjiQA=";
};
nativeBuildInputs = [ cmake ];
installPhase = ''
runHook preInstall
install -Dm755 -t $out/bin luau
install -Dm755 -t $out/bin luau-analyze
runHook postInstall
'';
doCheck = true;
checkPhase = ''
runHook preCheck
./Luau.UnitTest
./Luau.Conformance
runHook postCheck
'';
meta = with lib; {
homepage = "https://luau-lang.org/";
description = "A fast, small, safe, gradually typed embeddable scripting language derived from Lua";
license = licenses.mit;
platforms = platforms.all;
maintainers = [ maintainers.marsam ];
};
}

4
pkgs/development/libraries/aws-c-auth/default.nix
View File

@ -14,13 +14,13 @@
stdenv.mkDerivation rec {
pname = "aws-c-auth";
version = "0.6.16";
version = "0.6.18";
src = fetchFromGitHub {
owner = "awslabs";
repo = "aws-c-auth";
rev = "v${version}";
sha256 = "sha256-JUCnrnJnXDCsdw9UcmujoxZ+cE9PDmqQNHYyvjSVBpw=";
sha256 = "sha256-id4PrPK40yG7DDVh5QWwq2PP7QAso47vgWT8TxIVYXY=";
};
nativeBuildInputs = [

4
pkgs/development/libraries/aws-c-cal/default.nix
View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "aws-c-cal";
version = "0.5.19";
version = "0.5.20";
src = fetchFromGitHub {
owner = "awslabs";
repo = pname;
rev = "v${version}";
sha256 = "sha256-VEjefo+y8bizCxvJmzx+dZ1BE9eT1cR3Tkfn1eVQI/0=";
sha256 = "sha256-YBZrOyianmD0E5WcklLkud1WGF/t08XIbfu5qbEo+g4=";
};
nativeBuildInputs = [ cmake ];

4
pkgs/development/libraries/aws-c-common/default.nix
View File

@ -7,13 +7,13 @@
stdenv.mkDerivation rec {
pname = "aws-c-common";
version = "0.7.4";
version = "0.8.4";
src = fetchFromGitHub {
owner = "awslabs";
repo = pname;
rev = "v${version}";
sha256 = "sha256-9k+/yvvQmq/aX4c3vmfZNtKD1PuYo27IUoNUQw0Adgc=";
sha256 = "sha256-8RKx3OPb53hCquFcT+AbtX+LDNEvzLHuqtkbvXewqRs=";
};
nativeBuildInputs = [ cmake ];

4
pkgs/development/libraries/aws-c-event-stream/default.nix
View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "aws-c-event-stream";
version = "0.2.14";
version = "0.2.15";
src = fetchFromGitHub {
owner = "awslabs";
repo = pname;
rev = "v${version}";
sha256 = "sha256-QUrDIeQjsmf8TKu4UoSZi0eNw7Yg/2HIvXo7Y0FLY6w=";
sha256 = "sha256-X0ExfVop/YjFmR8TrIejg76MOTMngdUruT7uy0BibrU=";
};
nativeBuildInputs = [ cmake ];

Some files were not shown because too many files have changed in this diff Show More