Merge #275620: staging-next 2023-12-20
This commit is contained in:
commit
bae093a327
|
@ -7,7 +7,7 @@ binaryheap,,,,,,vcunat
|
||||||
busted,,,,,,
|
busted,,,,,,
|
||||||
cassowary,,,,,,marsam alerque
|
cassowary,,,,,,marsam alerque
|
||||||
cldr,,,,,,alerque
|
cldr,,,,,,alerque
|
||||||
compat53,,,,0.7-1,,vcunat
|
compat53,,,,,,vcunat
|
||||||
cosmo,,,,,,marsam
|
cosmo,,,,,,marsam
|
||||||
coxpcall,,,,1.17.0-1,,
|
coxpcall,,,,1.17.0-1,,
|
||||||
cqueues,,,,,,vcunat
|
cqueues,,,,,,vcunat
|
||||||
|
@ -15,6 +15,7 @@ cyan,,,,,,
|
||||||
digestif,https://github.com/astoff/digestif.git,,,,5.3,
|
digestif,https://github.com/astoff/digestif.git,,,,5.3,
|
||||||
dkjson,,,,,,
|
dkjson,,,,,,
|
||||||
fennel,,,,,,misterio77
|
fennel,,,,,,misterio77
|
||||||
|
fidget.nvim,,,,,,mrcjkb
|
||||||
fifo,,,,,,
|
fifo,,,,,,
|
||||||
fluent,,,,,,alerque
|
fluent,,,,,,alerque
|
||||||
fzy,,,,,,mrcjkb
|
fzy,,,,,,mrcjkb
|
||||||
|
@ -55,7 +56,7 @@ lua-subprocess,https://github.com/0x0ade/lua-subprocess,,,,5.1,scoder12
|
||||||
lua-term,,,,,,
|
lua-term,,,,,,
|
||||||
lua-toml,,,,,,
|
lua-toml,,,,,,
|
||||||
lua-zlib,,,,,,koral
|
lua-zlib,,,,,,koral
|
||||||
lua_cliargs,https://github.com/amireh/lua_cliargs.git,,,,,
|
lua_cliargs,,,,,,
|
||||||
luabitop,https://github.com/teto/luabitop.git,,,,,
|
luabitop,https://github.com/teto/luabitop.git,,,,,
|
||||||
luacheck,,,,,,
|
luacheck,,,,,,
|
||||||
luacov,,,,,,
|
luacov,,,,,,
|
||||||
|
@ -86,7 +87,7 @@ luautf8,,,,,,pstn
|
||||||
luazip,,,,,,
|
luazip,,,,,,
|
||||||
lua-yajl,,,,,,pstn
|
lua-yajl,,,,,,pstn
|
||||||
lua-iconv,,,,7.0.0,,
|
lua-iconv,,,,7.0.0,,
|
||||||
luuid,,,,,,
|
luuid,,,,20120509-2,,
|
||||||
luv,,,,1.44.2-1,,
|
luv,,,,1.44.2-1,,
|
||||||
lush.nvim,https://github.com/rktjmp/lush.nvim,,,,,teto
|
lush.nvim,https://github.com/rktjmp/lush.nvim,,,,,teto
|
||||||
lyaml,,,,,,lblasc
|
lyaml,,,,,,lblasc
|
||||||
|
|
|
|
@ -26,6 +26,8 @@ In addition to numerous new and upgraded packages, this release has the followin
|
||||||
|
|
||||||
- [maubot](https://github.com/maubot/maubot), a plugin-based Matrix bot framework. Available as [services.maubot](#opt-services.maubot.enable).
|
- [maubot](https://github.com/maubot/maubot), a plugin-based Matrix bot framework. Available as [services.maubot](#opt-services.maubot.enable).
|
||||||
|
|
||||||
|
- systemd's gateway, upload, and remote services, which provides ways of sending journals across the network. Enable using [services.journald.gateway](#opt-services.journald.gateway.enable), [services.journald.upload](#opt-services.journald.upload.enable), and [services.journald.remote](#opt-services.journald.remote.enable).
|
||||||
|
|
||||||
- [GNS3](https://www.gns3.com/), a network software emulator. Available as [services.gns3-server](#opt-services.gns3-server.enable).
|
- [GNS3](https://www.gns3.com/), a network software emulator. Available as [services.gns3-server](#opt-services.gns3-server.enable).
|
||||||
|
|
||||||
- [rspamd-trainer](https://gitlab.com/onlime/rspamd-trainer), script triggered by a helper which reads mails from a specific mail inbox and feeds them into rspamd for spam/ham training.
|
- [rspamd-trainer](https://gitlab.com/onlime/rspamd-trainer), script triggered by a helper which reads mails from a specific mail inbox and feeds them into rspamd for spam/ham training.
|
||||||
|
|
|
@ -120,7 +120,7 @@ in rec {
|
||||||
{ meta.description = "List of NixOS options in JSON format";
|
{ meta.description = "List of NixOS options in JSON format";
|
||||||
nativeBuildInputs = [
|
nativeBuildInputs = [
|
||||||
pkgs.brotli
|
pkgs.brotli
|
||||||
pkgs.python3Minimal
|
pkgs.python3
|
||||||
];
|
];
|
||||||
options = builtins.toFile "options.json"
|
options = builtins.toFile "options.json"
|
||||||
(builtins.unsafeDiscardStringContext (builtins.toJSON optionsNix));
|
(builtins.unsafeDiscardStringContext (builtins.toJSON optionsNix));
|
||||||
|
|
|
@ -18,7 +18,7 @@ python3Packages.buildPythonApplication {
|
||||||
pname = "nixos-test-driver";
|
pname = "nixos-test-driver";
|
||||||
version = "1.1";
|
version = "1.1";
|
||||||
src = ./.;
|
src = ./.;
|
||||||
format = "pyproject";
|
pyproject = true;
|
||||||
|
|
||||||
propagatedBuildInputs = [
|
propagatedBuildInputs = [
|
||||||
coreutils
|
coreutils
|
||||||
|
@ -32,6 +32,10 @@ python3Packages.buildPythonApplication {
|
||||||
++ (lib.optionals enableOCR [ imagemagick_light tesseract4 ])
|
++ (lib.optionals enableOCR [ imagemagick_light tesseract4 ])
|
||||||
++ extraPythonPackages python3Packages;
|
++ extraPythonPackages python3Packages;
|
||||||
|
|
||||||
|
nativeBuildInputs = [
|
||||||
|
python3Packages.setuptools
|
||||||
|
];
|
||||||
|
|
||||||
passthru.tests = {
|
passthru.tests = {
|
||||||
inherit (nixosTests.nixos-test-driver) driver-timeout;
|
inherit (nixosTests.nixos-test-driver) driver-timeout;
|
||||||
};
|
};
|
||||||
|
|
|
@ -13,11 +13,12 @@ in
|
||||||
enable = mkEnableOption (lib.mdDoc "support for Intel IPU6/MIPI cameras");
|
enable = mkEnableOption (lib.mdDoc "support for Intel IPU6/MIPI cameras");
|
||||||
|
|
||||||
platform = mkOption {
|
platform = mkOption {
|
||||||
type = types.enum [ "ipu6" "ipu6ep" ];
|
type = types.enum [ "ipu6" "ipu6ep" "ipu6epmtl" ];
|
||||||
description = lib.mdDoc ''
|
description = lib.mdDoc ''
|
||||||
Choose the version for your hardware platform.
|
Choose the version for your hardware platform.
|
||||||
|
|
||||||
Use `ipu6` for Tiger Lake and `ipu6ep` for Alder Lake respectively.
|
Use `ipu6` for Tiger Lake, `ipu6ep` for Alder Lake or Raptor Lake,
|
||||||
|
and `ipu6epmtl` for Meteor Lake.
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -29,9 +30,7 @@ in
|
||||||
ipu6-drivers
|
ipu6-drivers
|
||||||
];
|
];
|
||||||
|
|
||||||
hardware.firmware = with pkgs; [ ]
|
hardware.firmware = [ pkgs.ipu6-camera-bins ];
|
||||||
++ optional (cfg.platform == "ipu6") ipu6-camera-bin
|
|
||||||
++ optional (cfg.platform == "ipu6ep") ipu6ep-camera-bin;
|
|
||||||
|
|
||||||
services.udev.extraRules = ''
|
services.udev.extraRules = ''
|
||||||
SUBSYSTEM=="intel-ipu6-psys", MODE="0660", GROUP="video"
|
SUBSYSTEM=="intel-ipu6-psys", MODE="0660", GROUP="video"
|
||||||
|
@ -44,14 +43,13 @@ in
|
||||||
|
|
||||||
extraPackages = with pkgs.gst_all_1; [ ]
|
extraPackages = with pkgs.gst_all_1; [ ]
|
||||||
++ optional (cfg.platform == "ipu6") icamerasrc-ipu6
|
++ optional (cfg.platform == "ipu6") icamerasrc-ipu6
|
||||||
++ optional (cfg.platform == "ipu6ep") icamerasrc-ipu6ep;
|
++ optional (cfg.platform == "ipu6ep") icamerasrc-ipu6ep
|
||||||
|
++ optional (cfg.platform == "ipu6epmtl") icamerasrc-ipu6epmtl;
|
||||||
|
|
||||||
input = {
|
input = {
|
||||||
pipeline = "icamerasrc";
|
pipeline = "icamerasrc";
|
||||||
format = mkIf (cfg.platform == "ipu6ep") (mkDefault "NV12");
|
format = mkIf (cfg.platform != "ipu6") (mkDefault "NV12");
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1476,6 +1476,9 @@
|
||||||
./system/boot/systemd/initrd-secrets.nix
|
./system/boot/systemd/initrd-secrets.nix
|
||||||
./system/boot/systemd/initrd.nix
|
./system/boot/systemd/initrd.nix
|
||||||
./system/boot/systemd/journald.nix
|
./system/boot/systemd/journald.nix
|
||||||
|
./system/boot/systemd/journald-gateway.nix
|
||||||
|
./system/boot/systemd/journald-remote.nix
|
||||||
|
./system/boot/systemd/journald-upload.nix
|
||||||
./system/boot/systemd/logind.nix
|
./system/boot/systemd/logind.nix
|
||||||
./system/boot/systemd/nspawn.nix
|
./system/boot/systemd/nspawn.nix
|
||||||
./system/boot/systemd/oomd.nix
|
./system/boot/systemd/oomd.nix
|
||||||
|
|
135
nixos/modules/system/boot/systemd/journald-gateway.nix
Normal file
135
nixos/modules/system/boot/systemd/journald-gateway.nix
Normal file
|
@ -0,0 +1,135 @@
|
||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
cfg = config.services.journald.gateway;
|
||||||
|
|
||||||
|
cliArgs = lib.cli.toGNUCommandLineShell { } {
|
||||||
|
# If either of these are null / false, they are not passed in the command-line
|
||||||
|
inherit (cfg) cert key trust system user merge;
|
||||||
|
};
|
||||||
|
in
|
||||||
|
{
|
||||||
|
meta.maintainers = [ lib.maintainers.raitobezarius ];
|
||||||
|
options.services.journald.gateway = {
|
||||||
|
enable = lib.mkEnableOption "the HTTP gateway to the journal";
|
||||||
|
|
||||||
|
port = lib.mkOption {
|
||||||
|
default = 19531;
|
||||||
|
type = lib.types.port;
|
||||||
|
description = ''
|
||||||
|
The port to listen to.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
cert = lib.mkOption {
|
||||||
|
default = null;
|
||||||
|
type = with lib.types; nullOr str;
|
||||||
|
description = lib.mdDoc ''
|
||||||
|
The path to a file or `AF_UNIX` stream socket to read the server
|
||||||
|
certificate from.
|
||||||
|
|
||||||
|
The certificate must be in PEM format. This option switches
|
||||||
|
`systemd-journal-gatewayd` into HTTPS mode and must be used together
|
||||||
|
with {option}`services.journald.gateway.key`.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
key = lib.mkOption {
|
||||||
|
default = null;
|
||||||
|
type = with lib.types; nullOr str;
|
||||||
|
description = lib.mdDoc ''
|
||||||
|
Specify the path to a file or `AF_UNIX` stream socket to read the
|
||||||
|
secret server key corresponding to the certificate specified with
|
||||||
|
{option}`services.journald.gateway.cert` from.
|
||||||
|
|
||||||
|
The key must be in PEM format.
|
||||||
|
|
||||||
|
This key should not be world-readable, and must be readably by the
|
||||||
|
`systemd-journal-gateway` user.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
trust = lib.mkOption {
|
||||||
|
default = null;
|
||||||
|
type = with lib.types; nullOr str;
|
||||||
|
description = lib.mdDoc ''
|
||||||
|
Specify the path to a file or `AF_UNIX` stream socket to read a CA
|
||||||
|
certificate from.
|
||||||
|
|
||||||
|
The certificate must be in PEM format.
|
||||||
|
|
||||||
|
Setting this option enforces client certificate checking.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
system = lib.mkOption {
|
||||||
|
default = true;
|
||||||
|
type = lib.types.bool;
|
||||||
|
description = lib.mdDoc ''
|
||||||
|
Serve entries from system services and the kernel.
|
||||||
|
|
||||||
|
This has the same meaning as `--system` for {manpage}`journalctl(1)`.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
user = lib.mkOption {
|
||||||
|
default = true;
|
||||||
|
type = lib.types.bool;
|
||||||
|
description = lib.mdDoc ''
|
||||||
|
Serve entries from services for the current user.
|
||||||
|
|
||||||
|
This has the same meaning as `--user` for {manpage}`journalctl(1)`.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
merge = lib.mkOption {
|
||||||
|
default = false;
|
||||||
|
type = lib.types.bool;
|
||||||
|
description = lib.mdDoc ''
|
||||||
|
Serve entries interleaved from all available journals, including other
|
||||||
|
machines.
|
||||||
|
|
||||||
|
This has the same meaning as `--merge` option for
|
||||||
|
{manpage}`journalctl(1)`.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = lib.mkIf cfg.enable {
|
||||||
|
assertions = [
|
||||||
|
{
|
||||||
|
# This prevents the weird case were disabling "system" and "user"
|
||||||
|
# actually enables both because the cli flags are not present.
|
||||||
|
assertion = cfg.system || cfg.user;
|
||||||
|
message = ''
|
||||||
|
systemd-journal-gatewayd cannot serve neither "system" nor "user"
|
||||||
|
journals.
|
||||||
|
'';
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
|
systemd.additionalUpstreamSystemUnits = [
|
||||||
|
"systemd-journal-gatewayd.socket"
|
||||||
|
"systemd-journal-gatewayd.service"
|
||||||
|
];
|
||||||
|
|
||||||
|
users.users.systemd-journal-gateway.uid = config.ids.uids.systemd-journal-gateway;
|
||||||
|
users.users.systemd-journal-gateway.group = "systemd-journal-gateway";
|
||||||
|
users.groups.systemd-journal-gateway.gid = config.ids.gids.systemd-journal-gateway;
|
||||||
|
|
||||||
|
systemd.services.systemd-journal-gatewayd.serviceConfig.ExecStart = [
|
||||||
|
# Clear the default command line
|
||||||
|
""
|
||||||
|
"${pkgs.systemd}/lib/systemd/systemd-journal-gatewayd ${cliArgs}"
|
||||||
|
];
|
||||||
|
|
||||||
|
systemd.sockets.systemd-journal-gatewayd = {
|
||||||
|
wantedBy = [ "sockets.target" ];
|
||||||
|
listenStreams = [
|
||||||
|
# Clear the default port
|
||||||
|
""
|
||||||
|
(toString cfg.port)
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
163
nixos/modules/system/boot/systemd/journald-remote.nix
Normal file
163
nixos/modules/system/boot/systemd/journald-remote.nix
Normal file
|
@ -0,0 +1,163 @@
|
||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
cfg = config.services.journald.remote;
|
||||||
|
format = pkgs.formats.systemd;
|
||||||
|
|
||||||
|
cliArgs = lib.cli.toGNUCommandLineShell { } {
|
||||||
|
inherit (cfg) output;
|
||||||
|
# "-3" specifies the file descriptor from the .socket unit.
|
||||||
|
"listen-${cfg.listen}" = "-3";
|
||||||
|
};
|
||||||
|
in
|
||||||
|
{
|
||||||
|
meta.maintainers = [ lib.maintainers.raitobezarius ];
|
||||||
|
options.services.journald.remote = {
|
||||||
|
enable = lib.mkEnableOption "receiving systemd journals from the network";
|
||||||
|
|
||||||
|
listen = lib.mkOption {
|
||||||
|
default = "https";
|
||||||
|
type = lib.types.enum [ "https" "http" ];
|
||||||
|
description = lib.mdDoc ''
|
||||||
|
Which protocol to listen to.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
output = lib.mkOption {
|
||||||
|
default = "/var/log/journal/remote/";
|
||||||
|
type = lib.types.str;
|
||||||
|
description = lib.mdDoc ''
|
||||||
|
The location of the output journal.
|
||||||
|
|
||||||
|
In case the output file is not specified, journal files will be created
|
||||||
|
underneath the selected directory. Files will be called
|
||||||
|
{file}`remote-hostname.journal`, where the `hostname` part is the
|
||||||
|
escaped hostname of the source endpoint of the connection, or the
|
||||||
|
numerical address if the hostname cannot be determined.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
port = lib.mkOption {
|
||||||
|
default = 19532;
|
||||||
|
type = lib.types.port;
|
||||||
|
description = ''
|
||||||
|
The port to listen to.
|
||||||
|
|
||||||
|
Note that this option is used only if
|
||||||
|
{option}`services.journald.upload.listen` is configured to be either
|
||||||
|
"https" or "http".
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
settings = lib.mkOption {
|
||||||
|
default = { };
|
||||||
|
|
||||||
|
description = lib.mdDoc ''
|
||||||
|
Configuration in the journal-remote configuration file. See
|
||||||
|
{manpage}`journal-remote.conf(5)` for available options.
|
||||||
|
'';
|
||||||
|
|
||||||
|
type = lib.types.submodule {
|
||||||
|
freeformType = format.type;
|
||||||
|
|
||||||
|
options.Remote = {
|
||||||
|
Seal = lib.mkOption {
|
||||||
|
default = false;
|
||||||
|
example = true;
|
||||||
|
type = lib.types.bool;
|
||||||
|
description = ''
|
||||||
|
Periodically sign the data in the journal using Forward Secure
|
||||||
|
Sealing.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
SplitMode = lib.mkOption {
|
||||||
|
default = "host";
|
||||||
|
example = "none";
|
||||||
|
type = lib.types.enum [ "host" "none" ];
|
||||||
|
description = lib.mdDoc ''
|
||||||
|
With "host", a separate output file is used, based on the
|
||||||
|
hostname of the other endpoint of a connection. With "none", only
|
||||||
|
one output journal file is used.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
ServerKeyFile = lib.mkOption {
|
||||||
|
default = "/etc/ssl/private/journal-remote.pem";
|
||||||
|
type = lib.types.str;
|
||||||
|
description = lib.mdDoc ''
|
||||||
|
A path to a SSL secret key file in PEM format.
|
||||||
|
|
||||||
|
Note that due to security reasons, `systemd-journal-remote` will
|
||||||
|
refuse files from the world-readable `/nix/store`. This file
|
||||||
|
should be readable by the "" user.
|
||||||
|
|
||||||
|
This option can be used with `listen = "https"`. If the path
|
||||||
|
refers to an `AF_UNIX` stream socket in the file system a
|
||||||
|
connection is made to it and the key read from it.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
ServerCertificateFile = lib.mkOption {
|
||||||
|
default = "/etc/ssl/certs/journal-remote.pem";
|
||||||
|
type = lib.types.str;
|
||||||
|
description = lib.mdDoc ''
|
||||||
|
A path to a SSL certificate file in PEM format.
|
||||||
|
|
||||||
|
This option can be used with `listen = "https"`. If the path
|
||||||
|
refers to an `AF_UNIX` stream socket in the file system a
|
||||||
|
connection is made to it and the certificate read from it.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
TrustedCertificateFile = lib.mkOption {
|
||||||
|
default = "/etc/ssl/ca/trusted.pem";
|
||||||
|
type = lib.types.str;
|
||||||
|
description = lib.mdDoc ''
|
||||||
|
A path to a SSL CA certificate file in PEM format, or `all`.
|
||||||
|
|
||||||
|
If `all` is set, then client certificate checking will be
|
||||||
|
disabled.
|
||||||
|
|
||||||
|
This option can be used with `listen = "https"`. If the path
|
||||||
|
refers to an `AF_UNIX` stream socket in the file system a
|
||||||
|
connection is made to it and the certificate read from it.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = lib.mkIf cfg.enable {
|
||||||
|
systemd.additionalUpstreamSystemUnits = [
|
||||||
|
"systemd-journal-remote.service"
|
||||||
|
"systemd-journal-remote.socket"
|
||||||
|
];
|
||||||
|
|
||||||
|
systemd.services.systemd-journal-remote.serviceConfig.ExecStart = [
|
||||||
|
# Clear the default command line
|
||||||
|
""
|
||||||
|
"${pkgs.systemd}/lib/systemd/systemd-journal-remote ${cliArgs}"
|
||||||
|
];
|
||||||
|
|
||||||
|
systemd.sockets.systemd-journal-remote = {
|
||||||
|
wantedBy = [ "sockets.target" ];
|
||||||
|
listenStreams = [
|
||||||
|
# Clear the default port
|
||||||
|
""
|
||||||
|
(toString cfg.port)
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
# User and group used by systemd-journal-remote.service
|
||||||
|
users.groups.systemd-journal-remote = { };
|
||||||
|
users.users.systemd-journal-remote = {
|
||||||
|
isSystemUser = true;
|
||||||
|
group = "systemd-journal-remote";
|
||||||
|
};
|
||||||
|
|
||||||
|
environment.etc."systemd/journal-remote.conf".source =
|
||||||
|
format.generate "journal-remote.conf" cfg.settings;
|
||||||
|
};
|
||||||
|
}
|
111
nixos/modules/system/boot/systemd/journald-upload.nix
Normal file
111
nixos/modules/system/boot/systemd/journald-upload.nix
Normal file
|
@ -0,0 +1,111 @@
|
||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
cfg = config.services.journald.upload;
|
||||||
|
format = pkgs.formats.systemd;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
meta.maintainers = [ lib.maintainers.raitobezarius ];
|
||||||
|
options.services.journald.upload = {
|
||||||
|
enable = lib.mkEnableOption "uploading the systemd journal to a remote server";
|
||||||
|
|
||||||
|
settings = lib.mkOption {
|
||||||
|
default = { };
|
||||||
|
|
||||||
|
description = lib.mdDoc ''
|
||||||
|
Configuration for journal-upload. See {manpage}`journal-upload.conf(5)`
|
||||||
|
for available options.
|
||||||
|
'';
|
||||||
|
|
||||||
|
type = lib.types.submodule {
|
||||||
|
freeformType = format.type;
|
||||||
|
|
||||||
|
options.Upload = {
|
||||||
|
URL = lib.mkOption {
|
||||||
|
type = lib.types.str;
|
||||||
|
example = "https://192.168.1.1";
|
||||||
|
description = ''
|
||||||
|
The URL to upload the journal entries to.
|
||||||
|
|
||||||
|
See the description of `--url=` option in
|
||||||
|
{manpage}`systemd-journal-upload(8)` for the description of
|
||||||
|
possible values.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
ServerKeyFile = lib.mkOption {
|
||||||
|
type = with lib.types; nullOr str;
|
||||||
|
example = lib.literalExpression "./server-key.pem";
|
||||||
|
# Since systemd-journal-upload uses a DynamicUser, permissions must
|
||||||
|
# be done using groups
|
||||||
|
description = ''
|
||||||
|
SSL key in PEM format.
|
||||||
|
|
||||||
|
In contrary to what the name suggests, this option configures the
|
||||||
|
client private key sent to the remote journal server.
|
||||||
|
|
||||||
|
This key should not be world-readable, and must be readably by
|
||||||
|
the `systemd-journal` group.
|
||||||
|
'';
|
||||||
|
default = null;
|
||||||
|
};
|
||||||
|
|
||||||
|
ServerCertificateFile = lib.mkOption {
|
||||||
|
type = with lib.types; nullOr str;
|
||||||
|
example = lib.literalExpression "./server-ca.pem";
|
||||||
|
description = ''
|
||||||
|
SSL CA certificate in PEM format.
|
||||||
|
|
||||||
|
In contrary to what the name suggests, this option configures the
|
||||||
|
client certificate sent to the remote journal server.
|
||||||
|
'';
|
||||||
|
default = null;
|
||||||
|
};
|
||||||
|
|
||||||
|
TrustedCertificateFile = lib.mkOption {
|
||||||
|
type = with lib.types; nullOr str;
|
||||||
|
example = lib.literalExpression "./ca";
|
||||||
|
description = ''
|
||||||
|
SSL CA certificate.
|
||||||
|
|
||||||
|
This certificate will be used to check the remote journal HTTPS
|
||||||
|
server certificate.
|
||||||
|
'';
|
||||||
|
default = null;
|
||||||
|
};
|
||||||
|
|
||||||
|
NetworkTimeoutSec = lib.mkOption {
|
||||||
|
type = with lib.types; nullOr str;
|
||||||
|
example = "1s";
|
||||||
|
description = ''
|
||||||
|
When network connectivity to the server is lost, this option
|
||||||
|
configures the time to wait for the connectivity to get restored.
|
||||||
|
|
||||||
|
If the server is not reachable over the network for the
|
||||||
|
configured time, `systemd-journal-upload` exits. Takes a value in
|
||||||
|
seconds (or in other time units if suffixed with "ms", "min",
|
||||||
|
"h", etc). For details, see {manpage}`systemd.time(5)`.
|
||||||
|
'';
|
||||||
|
default = null;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = lib.mkIf cfg.enable {
|
||||||
|
systemd.additionalUpstreamSystemUnits = [ "systemd-journal-upload.service" ];
|
||||||
|
|
||||||
|
systemd.services."systemd-journal-upload" = {
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
serviceConfig = {
|
||||||
|
Restart = "always";
|
||||||
|
# To prevent flooding the server in case the server is struggling
|
||||||
|
RestartSec = "3sec";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
environment.etc."systemd/journal-upload.conf".source =
|
||||||
|
format.generate "journal-upload.conf" cfg.settings;
|
||||||
|
};
|
||||||
|
}
|
|
@ -5,6 +5,10 @@ with lib;
|
||||||
let
|
let
|
||||||
cfg = config.services.journald;
|
cfg = config.services.journald;
|
||||||
in {
|
in {
|
||||||
|
imports = [
|
||||||
|
(mkRenamedOptionModule [ "services" "journald" "enableHttpGateway" ] [ "services" "journald" "gateway" "enable" ])
|
||||||
|
];
|
||||||
|
|
||||||
options = {
|
options = {
|
||||||
services.journald.console = mkOption {
|
services.journald.console = mkOption {
|
||||||
default = "";
|
default = "";
|
||||||
|
@ -71,14 +75,6 @@ in {
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
services.journald.enableHttpGateway = mkOption {
|
|
||||||
default = false;
|
|
||||||
type = types.bool;
|
|
||||||
description = lib.mdDoc ''
|
|
||||||
Whether to enable the HTTP gateway to the journal.
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
services.journald.forwardToSyslog = mkOption {
|
services.journald.forwardToSyslog = mkOption {
|
||||||
default = config.services.rsyslogd.enable || config.services.syslog-ng.enable;
|
default = config.services.rsyslogd.enable || config.services.syslog-ng.enable;
|
||||||
defaultText = literalExpression "services.rsyslogd.enable || services.syslog-ng.enable";
|
defaultText = literalExpression "services.rsyslogd.enable || services.syslog-ng.enable";
|
||||||
|
@ -101,9 +97,6 @@ in {
|
||||||
] ++ (optional (!config.boot.isContainer) "systemd-journald-audit.socket") ++ [
|
] ++ (optional (!config.boot.isContainer) "systemd-journald-audit.socket") ++ [
|
||||||
"systemd-journald-dev-log.socket"
|
"systemd-journald-dev-log.socket"
|
||||||
"syslog.socket"
|
"syslog.socket"
|
||||||
] ++ optionals cfg.enableHttpGateway [
|
|
||||||
"systemd-journal-gatewayd.socket"
|
|
||||||
"systemd-journal-gatewayd.service"
|
|
||||||
];
|
];
|
||||||
|
|
||||||
environment.etc = {
|
environment.etc = {
|
||||||
|
@ -124,12 +117,6 @@ in {
|
||||||
};
|
};
|
||||||
|
|
||||||
users.groups.systemd-journal.gid = config.ids.gids.systemd-journal;
|
users.groups.systemd-journal.gid = config.ids.gids.systemd-journal;
|
||||||
users.users.systemd-journal-gateway.uid = config.ids.uids.systemd-journal-gateway;
|
|
||||||
users.users.systemd-journal-gateway.group = "systemd-journal-gateway";
|
|
||||||
users.groups.systemd-journal-gateway.gid = config.ids.gids.systemd-journal-gateway;
|
|
||||||
|
|
||||||
systemd.sockets.systemd-journal-gatewayd.wantedBy =
|
|
||||||
optional cfg.enableHttpGateway "sockets.target";
|
|
||||||
|
|
||||||
systemd.services.systemd-journal-flush.restartIfChanged = false;
|
systemd.services.systemd-journal-flush.restartIfChanged = false;
|
||||||
systemd.services.systemd-journald.restartTriggers = [ config.environment.etc."systemd/journald.conf".source ];
|
systemd.services.systemd-journald.restartTriggers = [ config.environment.etc."systemd/journald.conf".source ];
|
||||||
|
|
|
@ -46,6 +46,13 @@ with lib;
|
||||||
wantedBy = [ "sysinit.target" ];
|
wantedBy = [ "sysinit.target" ];
|
||||||
aliases = [ "dbus-org.freedesktop.timesync1.service" ];
|
aliases = [ "dbus-org.freedesktop.timesync1.service" ];
|
||||||
restartTriggers = [ config.environment.etc."systemd/timesyncd.conf".source ];
|
restartTriggers = [ config.environment.etc."systemd/timesyncd.conf".source ];
|
||||||
|
# systemd-timesyncd disables DNSSEC validation in the nss-resolve module by setting SYSTEMD_NSS_RESOLVE_VALIDATE to 0 in the unit file.
|
||||||
|
# This is required in order to solve the chicken-and-egg problem when DNSSEC validation needs the correct time to work, but to set the
|
||||||
|
# correct time, we need to connect to an NTP server, which usually requires resolving its hostname.
|
||||||
|
# In order for nss-resolve to be able to read this environment variable we patch systemd-timesyncd to disable NSCD and use NSS modules directly.
|
||||||
|
# This means that systemd-timesyncd needs to have NSS modules path in LD_LIBRARY_PATH. When systemd-resolved is disabled we still need to set
|
||||||
|
# NSS module path so that systemd-timesyncd keeps using other NSS modules that are configured in the system.
|
||||||
|
environment.LD_LIBRARY_PATH = config.system.nssModules.path;
|
||||||
|
|
||||||
preStart = (
|
preStart = (
|
||||||
# Ensure that we have some stored time to prevent
|
# Ensure that we have some stored time to prevent
|
||||||
|
|
|
@ -843,6 +843,8 @@ in {
|
||||||
systemd-initrd-networkd-openvpn = handleTestOn [ "x86_64-linux" "i686-linux" ] ./initrd-network-openvpn { systemdStage1 = true; };
|
systemd-initrd-networkd-openvpn = handleTestOn [ "x86_64-linux" "i686-linux" ] ./initrd-network-openvpn { systemdStage1 = true; };
|
||||||
systemd-initrd-vlan = handleTest ./systemd-initrd-vlan.nix {};
|
systemd-initrd-vlan = handleTest ./systemd-initrd-vlan.nix {};
|
||||||
systemd-journal = handleTest ./systemd-journal.nix {};
|
systemd-journal = handleTest ./systemd-journal.nix {};
|
||||||
|
systemd-journal-gateway = handleTest ./systemd-journal-gateway.nix {};
|
||||||
|
systemd-journal-upload = handleTest ./systemd-journal-upload.nix {};
|
||||||
systemd-machinectl = handleTest ./systemd-machinectl.nix {};
|
systemd-machinectl = handleTest ./systemd-machinectl.nix {};
|
||||||
systemd-networkd = handleTest ./systemd-networkd.nix {};
|
systemd-networkd = handleTest ./systemd-networkd.nix {};
|
||||||
systemd-networkd-dhcpserver = handleTest ./systemd-networkd-dhcpserver.nix {};
|
systemd-networkd-dhcpserver = handleTest ./systemd-networkd-dhcpserver.nix {};
|
||||||
|
@ -858,6 +860,7 @@ in {
|
||||||
systemd-shutdown = handleTest ./systemd-shutdown.nix {};
|
systemd-shutdown = handleTest ./systemd-shutdown.nix {};
|
||||||
systemd-sysupdate = runTest ./systemd-sysupdate.nix;
|
systemd-sysupdate = runTest ./systemd-sysupdate.nix;
|
||||||
systemd-timesyncd = handleTest ./systemd-timesyncd.nix {};
|
systemd-timesyncd = handleTest ./systemd-timesyncd.nix {};
|
||||||
|
systemd-timesyncd-nscd-dnssec = handleTest ./systemd-timesyncd-nscd-dnssec.nix {};
|
||||||
systemd-user-tmpfiles-rules = handleTest ./systemd-user-tmpfiles-rules.nix {};
|
systemd-user-tmpfiles-rules = handleTest ./systemd-user-tmpfiles-rules.nix {};
|
||||||
systemd-misc = handleTest ./systemd-misc.nix {};
|
systemd-misc = handleTest ./systemd-misc.nix {};
|
||||||
systemd-userdbd = handleTest ./systemd-userdbd.nix {};
|
systemd-userdbd = handleTest ./systemd-userdbd.nix {};
|
||||||
|
|
|
@ -510,14 +510,8 @@ let
|
||||||
ntp
|
ntp
|
||||||
perlPackages.ListCompare
|
perlPackages.ListCompare
|
||||||
perlPackages.XMLLibXML
|
perlPackages.XMLLibXML
|
||||||
python3Minimal
|
|
||||||
# make-options-doc/default.nix
|
# make-options-doc/default.nix
|
||||||
(let
|
python3.withPackages (p: [ p.mistune ])
|
||||||
self = (pkgs.python3Minimal.override {
|
|
||||||
inherit self;
|
|
||||||
includeSiteCustomize = true;
|
|
||||||
});
|
|
||||||
in self.withPackages (p: [ p.mistune ]))
|
|
||||||
shared-mime-info
|
shared-mime-info
|
||||||
sudo
|
sudo
|
||||||
texinfo
|
texinfo
|
||||||
|
|
|
@ -95,7 +95,7 @@ in {
|
||||||
ntp
|
ntp
|
||||||
perlPackages.ListCompare
|
perlPackages.ListCompare
|
||||||
perlPackages.XMLLibXML
|
perlPackages.XMLLibXML
|
||||||
python3Minimal
|
python3
|
||||||
shared-mime-info
|
shared-mime-info
|
||||||
stdenv
|
stdenv
|
||||||
sudo
|
sudo
|
||||||
|
|
90
nixos/tests/systemd-journal-gateway.nix
Normal file
90
nixos/tests/systemd-journal-gateway.nix
Normal file
|
@ -0,0 +1,90 @@
|
||||||
|
import ./make-test-python.nix ({ lib, pkgs, ... }:
|
||||||
|
{
|
||||||
|
name = "systemd-journal-gateway";
|
||||||
|
meta = with pkgs.lib.maintainers; {
|
||||||
|
maintainers = [ minijackson raitobezarius ];
|
||||||
|
};
|
||||||
|
|
||||||
|
# Named client for coherence with the systemd-journal-upload test, and for
|
||||||
|
# certificate validation
|
||||||
|
nodes.client = {
|
||||||
|
services.journald.gateway = {
|
||||||
|
enable = true;
|
||||||
|
cert = "/run/secrets/client/cert.pem";
|
||||||
|
key = "/run/secrets/client/key.pem";
|
||||||
|
trust = "/run/secrets/ca.cert.pem";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
testScript = ''
|
||||||
|
import json
|
||||||
|
import subprocess
|
||||||
|
import tempfile
|
||||||
|
|
||||||
|
tmpdir_o = tempfile.TemporaryDirectory()
|
||||||
|
tmpdir = tmpdir_o.name
|
||||||
|
|
||||||
|
def generate_pems(domain: str):
|
||||||
|
subprocess.run(
|
||||||
|
[
|
||||||
|
"${pkgs.minica}/bin/minica",
|
||||||
|
"--ca-key=ca.key.pem",
|
||||||
|
"--ca-cert=ca.cert.pem",
|
||||||
|
f"--domains={domain}",
|
||||||
|
],
|
||||||
|
cwd=str(tmpdir),
|
||||||
|
)
|
||||||
|
|
||||||
|
with subtest("Creating keys and certificates"):
|
||||||
|
generate_pems("server")
|
||||||
|
generate_pems("client")
|
||||||
|
|
||||||
|
client.wait_for_unit("multi-user.target")
|
||||||
|
|
||||||
|
def copy_pem(file: str):
|
||||||
|
machine.copy_from_host(source=f"{tmpdir}/{file}", target=f"/run/secrets/{file}")
|
||||||
|
machine.succeed(f"chmod 644 /run/secrets/{file}")
|
||||||
|
|
||||||
|
with subtest("Copying keys and certificates"):
|
||||||
|
machine.succeed("mkdir -p /run/secrets/{client,server}")
|
||||||
|
copy_pem("server/cert.pem")
|
||||||
|
copy_pem("server/key.pem")
|
||||||
|
copy_pem("client/cert.pem")
|
||||||
|
copy_pem("client/key.pem")
|
||||||
|
copy_pem("ca.cert.pem")
|
||||||
|
|
||||||
|
client.wait_for_unit("multi-user.target")
|
||||||
|
|
||||||
|
curl = '${pkgs.curl}/bin/curl'
|
||||||
|
accept_json = '--header "Accept: application/json"'
|
||||||
|
cacert = '--cacert /run/secrets/ca.cert.pem'
|
||||||
|
cert = '--cert /run/secrets/server/cert.pem'
|
||||||
|
key = '--key /run/secrets/server/key.pem'
|
||||||
|
base_url = 'https://client:19531'
|
||||||
|
|
||||||
|
curl_cli = f"{curl} {accept_json} {cacert} {cert} {key} --fail"
|
||||||
|
|
||||||
|
machine_info = client.succeed(f"{curl_cli} {base_url}/machine")
|
||||||
|
assert json.loads(machine_info)["hostname"] == "client", "wrong machine name"
|
||||||
|
|
||||||
|
# The HTTP request should have started the gateway service, triggered by
|
||||||
|
# the .socket unit
|
||||||
|
client.wait_for_unit("systemd-journal-gatewayd.service")
|
||||||
|
|
||||||
|
identifier = "nixos-test"
|
||||||
|
message = "Hello from NixOS test infrastructure"
|
||||||
|
|
||||||
|
client.succeed(f"systemd-cat --identifier={identifier} <<< '{message}'")
|
||||||
|
|
||||||
|
# max-time is a workaround against a bug in systemd-journal-gatewayd where
|
||||||
|
# if TLS is enabled, the connection is never closed. Since it will timeout,
|
||||||
|
# we ignore the return code.
|
||||||
|
entries = client.succeed(
|
||||||
|
f"{curl_cli} --max-time 5 {base_url}/entries?SYSLOG_IDENTIFIER={identifier} || true"
|
||||||
|
)
|
||||||
|
|
||||||
|
# Number of entries should be only 1
|
||||||
|
added_entry = json.loads(entries)
|
||||||
|
assert added_entry["SYSLOG_IDENTIFIER"] == identifier and added_entry["MESSAGE"] == message, "journal entry does not correspond"
|
||||||
|
'';
|
||||||
|
})
|
101
nixos/tests/systemd-journal-upload.nix
Normal file
101
nixos/tests/systemd-journal-upload.nix
Normal file
|
@ -0,0 +1,101 @@
|
||||||
|
import ./make-test-python.nix ({ pkgs, ... }:
|
||||||
|
{
|
||||||
|
name = "systemd-journal-upload";
|
||||||
|
meta = with pkgs.lib.maintainers; {
|
||||||
|
maintainers = [ minijackson raitobezarius ];
|
||||||
|
};
|
||||||
|
|
||||||
|
nodes.server = { nodes, ... }: {
|
||||||
|
services.journald.remote = {
|
||||||
|
enable = true;
|
||||||
|
listen = "http";
|
||||||
|
settings.Remote = {
|
||||||
|
ServerCertificateFile = "/run/secrets/sever.cert.pem";
|
||||||
|
ServerKeyFile = "/run/secrets/sever.key.pem";
|
||||||
|
TrustedCertificateFile = "/run/secrets/ca.cert.pem";
|
||||||
|
Seal = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
networking.firewall.allowedTCPPorts = [ nodes.server.services.journald.remote.port ];
|
||||||
|
};
|
||||||
|
|
||||||
|
nodes.client = { lib, nodes, ... }: {
|
||||||
|
services.journald.upload = {
|
||||||
|
enable = true;
|
||||||
|
settings.Upload = {
|
||||||
|
URL = "http://server:${toString nodes.server.services.journald.remote.port}";
|
||||||
|
ServerCertificateFile = "/run/secrets/client.cert.pem";
|
||||||
|
ServerKeyFile = "/run/secrets/client.key.pem";
|
||||||
|
TrustedCertificateFile = "/run/secrets/ca.cert.pem";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
# Wait for the PEMs to arrive
|
||||||
|
systemd.services.systemd-journal-upload.wantedBy = lib.mkForce [];
|
||||||
|
systemd.paths.systemd-journal-upload = {
|
||||||
|
wantedBy = [ "default.target" ];
|
||||||
|
# This file must be copied last
|
||||||
|
pathConfig.PathExists = [ "/run/secrets/ca.cert.pem" ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
testScript = ''
|
||||||
|
import subprocess
|
||||||
|
import tempfile
|
||||||
|
|
||||||
|
tmpdir_o = tempfile.TemporaryDirectory()
|
||||||
|
tmpdir = tmpdir_o.name
|
||||||
|
|
||||||
|
def generate_pems(domain: str):
|
||||||
|
subprocess.run(
|
||||||
|
[
|
||||||
|
"${pkgs.minica}/bin/minica",
|
||||||
|
"--ca-key=ca.key.pem",
|
||||||
|
"--ca-cert=ca.cert.pem",
|
||||||
|
f"--domains={domain}",
|
||||||
|
],
|
||||||
|
cwd=str(tmpdir),
|
||||||
|
)
|
||||||
|
|
||||||
|
with subtest("Creating keys and certificates"):
|
||||||
|
generate_pems("server")
|
||||||
|
generate_pems("client")
|
||||||
|
|
||||||
|
server.wait_for_unit("multi-user.target")
|
||||||
|
client.wait_for_unit("multi-user.target")
|
||||||
|
|
||||||
|
def copy_pems(machine: Machine, domain: str):
|
||||||
|
machine.succeed("mkdir /run/secrets")
|
||||||
|
machine.copy_from_host(
|
||||||
|
source=f"{tmpdir}/{domain}/cert.pem",
|
||||||
|
target=f"/run/secrets/{domain}.cert.pem",
|
||||||
|
)
|
||||||
|
machine.copy_from_host(
|
||||||
|
source=f"{tmpdir}/{domain}/key.pem",
|
||||||
|
target=f"/run/secrets/{domain}.key.pem",
|
||||||
|
)
|
||||||
|
# Should be last
|
||||||
|
machine.copy_from_host(
|
||||||
|
source=f"{tmpdir}/ca.cert.pem",
|
||||||
|
target="/run/secrets/ca.cert.pem",
|
||||||
|
)
|
||||||
|
|
||||||
|
with subtest("Copying keys and certificates"):
|
||||||
|
copy_pems(server, "server")
|
||||||
|
copy_pems(client, "client")
|
||||||
|
|
||||||
|
client.wait_for_unit("systemd-journal-upload.service")
|
||||||
|
# The journal upload should have started the remote service, triggered by
|
||||||
|
# the .socket unit
|
||||||
|
server.wait_for_unit("systemd-journal-remote.service")
|
||||||
|
|
||||||
|
identifier = "nixos-test"
|
||||||
|
message = "Hello from NixOS test infrastructure"
|
||||||
|
|
||||||
|
client.succeed(f"systemd-cat --identifier={identifier} <<< '{message}'")
|
||||||
|
server.wait_until_succeeds(
|
||||||
|
f"journalctl --file /var/log/journal/remote/remote-*.journal --identifier={identifier} | grep -F '{message}'"
|
||||||
|
)
|
||||||
|
'';
|
||||||
|
})
|
|
@ -6,17 +6,11 @@ import ./make-test-python.nix ({ pkgs, ... }:
|
||||||
maintainers = [ lewo ];
|
maintainers = [ lewo ];
|
||||||
};
|
};
|
||||||
|
|
||||||
nodes.machine = { pkgs, lib, ... }: {
|
nodes.machine = { };
|
||||||
services.journald.enableHttpGateway = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
testScript = ''
|
testScript = ''
|
||||||
machine.wait_for_unit("multi-user.target")
|
machine.wait_for_unit("multi-user.target")
|
||||||
|
|
||||||
machine.succeed("journalctl --grep=systemd")
|
machine.succeed("journalctl --grep=systemd")
|
||||||
|
|
||||||
machine.succeed(
|
|
||||||
"${pkgs.curl}/bin/curl -s localhost:19531/machine | ${pkgs.jq}/bin/jq -e '.hostname == \"machine\"'"
|
|
||||||
)
|
|
||||||
'';
|
'';
|
||||||
})
|
})
|
||||||
|
|
61
nixos/tests/systemd-timesyncd-nscd-dnssec.nix
Normal file
61
nixos/tests/systemd-timesyncd-nscd-dnssec.nix
Normal file
|
@ -0,0 +1,61 @@
|
||||||
|
# This test verifies that systemd-timesyncd can resolve the NTP server hostname when DNSSEC validation
|
||||||
|
# fails even though it is enforced in the systemd-resolved settings. It is required in order to solve
|
||||||
|
# the chicken-and-egg problem when DNSSEC validation needs the correct time to work, but to set the
|
||||||
|
# correct time, we need to connect to an NTP server, which usually requires resolving its hostname.
|
||||||
|
#
|
||||||
|
# This test does the following:
|
||||||
|
# - Sets up a DNS server (tinydns) listening on the eth1 ip addess, serving .ntp and fake.ntp records.
|
||||||
|
# - Configures that DNS server as a resolver and enables DNSSEC in systemd-resolved settings.
|
||||||
|
# - Configures systemd-timesyncd to use fake.ntp hostname as an NTP server.
|
||||||
|
# - Performs a regular DNS lookup, to ensure it fails due to broken DNSSEC.
|
||||||
|
# - Waits until systemd-timesyncd resolves fake.ntp by checking its debug output.
|
||||||
|
# Here, we don't expect systemd-timesyncd to connect and synchronize time because there is no NTP
|
||||||
|
# server running. For this test to succeed, we only need to ensure that systemd-timesyncd
|
||||||
|
# resolves the IP address of the fake.ntp host.
|
||||||
|
|
||||||
|
import ./make-test-python.nix ({ pkgs, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
ntpHostname = "fake.ntp";
|
||||||
|
ntpIP = "192.0.2.1";
|
||||||
|
in
|
||||||
|
{
|
||||||
|
name = "systemd-timesyncd";
|
||||||
|
nodes.machine = { pkgs, lib, config, ... }:
|
||||||
|
let
|
||||||
|
eth1IP = (lib.head config.networking.interfaces.eth1.ipv4.addresses).address;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
# Setup a local DNS server for the NTP domain on the eth1 IP address
|
||||||
|
services.tinydns = {
|
||||||
|
enable = true;
|
||||||
|
ip = eth1IP;
|
||||||
|
data = ''
|
||||||
|
.ntp:${eth1IP}
|
||||||
|
+.${ntpHostname}:${ntpIP}
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
# Enable systemd-resolved with DNSSEC and use the local DNS as a name server
|
||||||
|
services.resolved.enable = true;
|
||||||
|
services.resolved.dnssec = "true";
|
||||||
|
networking.nameservers = [ eth1IP ];
|
||||||
|
|
||||||
|
# Configure systemd-timesyncd to use our NTP hostname
|
||||||
|
services.timesyncd.enable = lib.mkForce true;
|
||||||
|
services.timesyncd.servers = [ ntpHostname ];
|
||||||
|
services.timesyncd.extraConfig = ''
|
||||||
|
FallbackNTP=${ntpHostname}
|
||||||
|
'';
|
||||||
|
|
||||||
|
# The debug output is necessary to determine whether systemd-timesyncd successfully resolves our NTP hostname or not
|
||||||
|
systemd.services.systemd-timesyncd.environment.SYSTEMD_LOG_LEVEL = "debug";
|
||||||
|
};
|
||||||
|
|
||||||
|
testScript = ''
|
||||||
|
machine.wait_for_unit("tinydns.service")
|
||||||
|
machine.wait_for_unit("systemd-timesyncd.service")
|
||||||
|
machine.fail("resolvectl query ${ntpHostname}")
|
||||||
|
machine.wait_until_succeeds("journalctl -u systemd-timesyncd.service --grep='Resolved address ${ntpIP}:123 for ${ntpHostname}'")
|
||||||
|
'';
|
||||||
|
})
|
|
@ -2,6 +2,7 @@
|
||||||
, stdenv
|
, stdenv
|
||||||
, fetchgit
|
, fetchgit
|
||||||
, fetchzip
|
, fetchzip
|
||||||
|
, fetchpatch
|
||||||
, alsa-lib
|
, alsa-lib
|
||||||
, aubio
|
, aubio
|
||||||
, boost
|
, boost
|
||||||
|
@ -79,6 +80,12 @@ stdenv.mkDerivation rec {
|
||||||
# AS=as in the environment causes build failure https://tracker.ardour.org/view.php?id=8096
|
# AS=as in the environment causes build failure https://tracker.ardour.org/view.php?id=8096
|
||||||
./as-flags.patch
|
./as-flags.patch
|
||||||
./default-plugin-search-paths.patch
|
./default-plugin-search-paths.patch
|
||||||
|
|
||||||
|
# Fix build with libxml2 2.12.
|
||||||
|
(fetchpatch {
|
||||||
|
url = "https://github.com/Ardour/ardour/commit/e995daa37529715214c6c4a2587e4134aaaba02f.patch";
|
||||||
|
hash = "sha256-EpXOIIObOwwcNgNma0E3nvaBad3930sagDjBpa+78WI=";
|
||||||
|
})
|
||||||
];
|
];
|
||||||
|
|
||||||
# Ardour's wscript requires git revision and date to be available.
|
# Ardour's wscript requires git revision and date to be available.
|
||||||
|
|
|
@ -66,6 +66,7 @@ python3.pkgs.buildPythonApplication rec {
|
||||||
] ++ (with python3.pkgs; [
|
] ++ (with python3.pkgs; [
|
||||||
sphinx-rtd-theme
|
sphinx-rtd-theme
|
||||||
sphinxHook
|
sphinxHook
|
||||||
|
setuptools
|
||||||
]);
|
]);
|
||||||
|
|
||||||
buildInputs = [
|
buildInputs = [
|
||||||
|
|
|
@ -64,10 +64,6 @@ in python3.pkgs.buildPythonApplication rec {
|
||||||
"--prefix" "PATH" ":" (lib.makeBinPath bins)
|
"--prefix" "PATH" ":" (lib.makeBinPath bins)
|
||||||
];
|
];
|
||||||
|
|
||||||
preBuild = ''
|
|
||||||
export SETUPTOOLS_SCM_PRETEND_VERSION="${version}"
|
|
||||||
'';
|
|
||||||
|
|
||||||
outputs = [ "out" "man" ];
|
outputs = [ "out" "man" ];
|
||||||
postBuild = ''
|
postBuild = ''
|
||||||
make -C man
|
make -C man
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
, rocksdb
|
, rocksdb
|
||||||
, rust-jemalloc-sys-unprefixed
|
, rust-jemalloc-sys-unprefixed
|
||||||
, rustPlatform
|
, rustPlatform
|
||||||
, rustc-wasm32
|
, rustc
|
||||||
, stdenv
|
, stdenv
|
||||||
, Security
|
, Security
|
||||||
, SystemConfiguration
|
, SystemConfiguration
|
||||||
|
@ -63,8 +63,8 @@ rustPlatform.buildRustPackage rec {
|
||||||
|
|
||||||
nativeBuildInputs = [
|
nativeBuildInputs = [
|
||||||
rustPlatform.bindgenHook
|
rustPlatform.bindgenHook
|
||||||
rustc-wasm32
|
rustc
|
||||||
rustc-wasm32.llvmPackages.lld
|
rustc.llvmPackages.lld
|
||||||
];
|
];
|
||||||
|
|
||||||
# NOTE: jemalloc is used by default on Linux with unprefixed enabled
|
# NOTE: jemalloc is used by default on Linux with unprefixed enabled
|
||||||
|
|
|
@ -13,6 +13,12 @@ stdenv.mkDerivation {
|
||||||
buildInputs = [ gtk2 ];
|
buildInputs = [ gtk2 ];
|
||||||
sourceRoot = "scintilla/gtk";
|
sourceRoot = "scintilla/gtk";
|
||||||
|
|
||||||
|
CXXFLAGS = [
|
||||||
|
# GCC 13: error: 'intptr_t' does not name a type
|
||||||
|
"-include cstdint"
|
||||||
|
"-include system_error"
|
||||||
|
];
|
||||||
|
|
||||||
buildPhase = ''
|
buildPhase = ''
|
||||||
make
|
make
|
||||||
cd ../../lexilla/src
|
cd ../../lexilla/src
|
||||||
|
|
|
@ -37,6 +37,11 @@ mkDerivation rec {
|
||||||
"-DALGLIB_DIR:PATH=${alglib}"
|
"-DALGLIB_DIR:PATH=${alglib}"
|
||||||
];
|
];
|
||||||
|
|
||||||
|
CXXFLAGS = [
|
||||||
|
# GCC 13: error: 'uint32_t' does not name a type
|
||||||
|
"-include cstdint"
|
||||||
|
];
|
||||||
|
|
||||||
patches = [
|
patches = [
|
||||||
# https://github.com/jcelaya/hdrmerge/pull/222
|
# https://github.com/jcelaya/hdrmerge/pull/222
|
||||||
(fetchpatch {
|
(fetchpatch {
|
||||||
|
|
|
@ -6,6 +6,7 @@
|
||||||
, cmake
|
, cmake
|
||||||
, desktopToDarwinBundle
|
, desktopToDarwinBundle
|
||||||
, fetchurl
|
, fetchurl
|
||||||
|
, fetchpatch
|
||||||
, gettext
|
, gettext
|
||||||
, ghostscript
|
, ghostscript
|
||||||
, glib
|
, glib
|
||||||
|
@ -92,6 +93,13 @@ stdenv.mkDerivation rec {
|
||||||
src = ./fix-ps2pdf-path.patch;
|
src = ./fix-ps2pdf-path.patch;
|
||||||
inherit ghostscript;
|
inherit ghostscript;
|
||||||
})
|
})
|
||||||
|
|
||||||
|
# Fix build with libxml2 2.12
|
||||||
|
# https://gitlab.com/inkscape/inkscape/-/merge_requests/6089
|
||||||
|
(fetchpatch {
|
||||||
|
url = "https://gitlab.com/inkscape/inkscape/-/commit/694d8ae43d06efff21adebf377ce614d660b24cd.patch";
|
||||||
|
hash = "sha256-9IXJzpZbNU5fnt7XKgqCzUDrwr08qxGwo8TqnL+xc6E=";
|
||||||
|
})
|
||||||
];
|
];
|
||||||
|
|
||||||
postPatch = ''
|
postPatch = ''
|
||||||
|
|
|
@ -21,6 +21,15 @@ mkDerivation rec {
|
||||||
inherit hash;
|
inherit hash;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
patches = [
|
||||||
|
# Fixes build with SIP 6.8
|
||||||
|
(fetchpatch {
|
||||||
|
name = "bump-SIP-ABI-version-to-12.8.patch";
|
||||||
|
url = "https://invent.kde.org/graphics/krita/-/commit/2d71c47661d43a4e3c1ab0c27803de980bdf2bb2.diff";
|
||||||
|
hash = "sha256-U3E44nj4vra++PJV20h4YHjES78kgrJtr4ktNeQfOdA=";
|
||||||
|
})
|
||||||
|
];
|
||||||
|
|
||||||
nativeBuildInputs = [ cmake extra-cmake-modules pkg-config python3Packages.sip makeWrapper ];
|
nativeBuildInputs = [ cmake extra-cmake-modules pkg-config python3Packages.sip makeWrapper ];
|
||||||
|
|
||||||
buildInputs = [
|
buildInputs = [
|
||||||
|
|
|
@ -75,6 +75,11 @@ mkDerivation rec {
|
||||||
"-DALLOW_BUNDLED_LEVMAR=ON"
|
"-DALLOW_BUNDLED_LEVMAR=ON"
|
||||||
];
|
];
|
||||||
|
|
||||||
|
CXXFLAGS = [
|
||||||
|
# GCC 13: error: 'int16_t' has not been declared in 'std'
|
||||||
|
"-include cstdint"
|
||||||
|
];
|
||||||
|
|
||||||
postFixup = ''
|
postFixup = ''
|
||||||
patchelf --add-needed $out/lib/meshlab/libmeshlab-common.so $out/bin/.meshlab-wrapped
|
patchelf --add-needed $out/lib/meshlab/libmeshlab-common.so $out/bin/.meshlab-wrapped
|
||||||
'';
|
'';
|
||||||
|
|
|
@ -16,6 +16,14 @@ stdenv.mkDerivation rec {
|
||||||
# great, but tesseract4's days are numbered anyway
|
# great, but tesseract4's days are numbered anyway
|
||||||
postPatch = ''
|
postPatch = ''
|
||||||
sed -i '/allheaders.h/a#include "pix_internal.h"' src/textord/devanagari_processing.cpp
|
sed -i '/allheaders.h/a#include "pix_internal.h"' src/textord/devanagari_processing.cpp
|
||||||
|
|
||||||
|
# gcc-13 compat fix, simulate this upstream patch:
|
||||||
|
# https://github.com/tesseract-ocr/tesseract/commit/17e795aaae7d40dbcb7d3365835c2f55ecc6355d.patch
|
||||||
|
# https://github.com/tesseract-ocr/tesseract/commit/c0db7b7e930322826e09981360e39fdbd16cc9b0.patch
|
||||||
|
|
||||||
|
sed -i src/ccutil/helpers.h -e '1i #include <climits>'
|
||||||
|
sed -i src/ccutil/helpers.h -e '1i #include <cstdint>'
|
||||||
|
sed -i src/dict/matchdefs.h -e '1i #include <cstdint>'
|
||||||
'';
|
'';
|
||||||
|
|
||||||
enableParallelBuilding = true;
|
enableParallelBuilding = true;
|
||||||
|
|
|
@ -34,6 +34,7 @@ python3.pkgs.buildPythonApplication rec {
|
||||||
];
|
];
|
||||||
|
|
||||||
pytestFlagsArray = [
|
pytestFlagsArray = [
|
||||||
|
"-W" "ignore::sphinx.deprecation.RemovedInSphinx90Warning"
|
||||||
"--rootdir" "src/ablog"
|
"--rootdir" "src/ablog"
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
|
@ -6,15 +6,21 @@
|
||||||
python3Packages.buildPythonApplication rec {
|
python3Packages.buildPythonApplication rec {
|
||||||
pname = "acpic";
|
pname = "acpic";
|
||||||
version = "1.0.0";
|
version = "1.0.0";
|
||||||
format = "setuptools";
|
pyproject = true;
|
||||||
|
|
||||||
src = fetchPypi {
|
src = fetchPypi {
|
||||||
inherit version pname;
|
inherit version pname;
|
||||||
hash = "sha256-vQ9VxCNbOmqHIY3e1wq1wNJl5ywfU2tm62gDg3vKvcg=";
|
hash = "sha256-vQ9VxCNbOmqHIY3e1wq1wNJl5ywfU2tm62gDg3vKvcg=";
|
||||||
};
|
};
|
||||||
|
|
||||||
nativeBuildInputs = [
|
postPatch = ''
|
||||||
python3Packages.pbr
|
substituteInPlace setup.py \
|
||||||
|
--replace "pbr>=5.8.1,<6" "pbr"
|
||||||
|
'';
|
||||||
|
|
||||||
|
nativeBuildInputs = with python3Packages; [
|
||||||
|
pbr
|
||||||
|
setuptools
|
||||||
];
|
];
|
||||||
|
|
||||||
# no tests
|
# no tests
|
||||||
|
|
|
@ -79,6 +79,8 @@ stdenv.mkDerivation rec {
|
||||||
++ lib.optional enableLibpulseaudio libpulseaudio
|
++ lib.optional enableLibpulseaudio libpulseaudio
|
||||||
++ lib.optional stdenv.isDarwin CoreAudio;
|
++ lib.optional stdenv.isDarwin CoreAudio;
|
||||||
|
|
||||||
|
enableParallelBuilding = true;
|
||||||
|
|
||||||
meta = with lib; {
|
meta = with lib; {
|
||||||
description = "Sample Rate Converter for audio";
|
description = "Sample Rate Converter for audio";
|
||||||
homepage = "https://sox.sourceforge.net/";
|
homepage = "https://sox.sourceforge.net/";
|
||||||
|
|
|
@ -26,6 +26,11 @@ mkDerivation rec {
|
||||||
})
|
})
|
||||||
];
|
];
|
||||||
|
|
||||||
|
CXXFLAGS = [
|
||||||
|
# error: 'uint8_t' is not a member of 'std'; did you mean 'wint_t'?
|
||||||
|
"-include cstdint"
|
||||||
|
];
|
||||||
|
|
||||||
buildInputs = [ curl xorg.libX11 xorg.libXext xorg.libXtst avahiWithLibdnssdCompat qtbase ];
|
buildInputs = [ curl xorg.libX11 xorg.libXext xorg.libXtst avahiWithLibdnssdCompat qtbase ];
|
||||||
nativeBuildInputs = [ cmake wrapGAppsHook ];
|
nativeBuildInputs = [ cmake wrapGAppsHook ];
|
||||||
|
|
||||||
|
|
|
@ -19,6 +19,7 @@ in
|
||||||
with python3.pkgs; buildPythonApplication rec {
|
with python3.pkgs; buildPythonApplication rec {
|
||||||
version = "4.8";
|
version = "4.8";
|
||||||
pname = "buku";
|
pname = "buku";
|
||||||
|
pyproject = true;
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "jarun";
|
owner = "jarun";
|
||||||
|
@ -27,6 +28,10 @@ with python3.pkgs; buildPythonApplication rec {
|
||||||
sha256 = "sha256-kPVlfTYUusf5CZnKB53WZcCHo3MEnA2bLUHTRPGPn+8=";
|
sha256 = "sha256-kPVlfTYUusf5CZnKB53WZcCHo3MEnA2bLUHTRPGPn+8=";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
nativeBuildInputs = [
|
||||||
|
setuptools
|
||||||
|
];
|
||||||
|
|
||||||
nativeCheckInputs = [
|
nativeCheckInputs = [
|
||||||
hypothesis
|
hypothesis
|
||||||
pytest
|
pytest
|
||||||
|
|
|
@ -17,8 +17,6 @@ python3Packages.buildPythonApplication rec {
|
||||||
hatch-vcs
|
hatch-vcs
|
||||||
];
|
];
|
||||||
|
|
||||||
env.SETUPTOOLS_SCM_PRETEND_VERSION = version;
|
|
||||||
|
|
||||||
propagatedBuildInputs = with python3Packages; [
|
propagatedBuildInputs = with python3Packages; [
|
||||||
pykeepass
|
pykeepass
|
||||||
pynput
|
pynput
|
||||||
|
|
|
@ -17,8 +17,6 @@ python3.pkgs.buildPythonApplication rec {
|
||||||
hash = "sha256-yI33pB/t+UISvSbLUzmsZqBxLF6r8R3j9iPNeosKcYw=";
|
hash = "sha256-yI33pB/t+UISvSbLUzmsZqBxLF6r8R3j9iPNeosKcYw=";
|
||||||
};
|
};
|
||||||
|
|
||||||
SETUPTOOLS_SCM_PRETEND_VERSION = version;
|
|
||||||
|
|
||||||
nativeBuildInputs = [
|
nativeBuildInputs = [
|
||||||
glibcLocales
|
glibcLocales
|
||||||
installShellFiles
|
installShellFiles
|
||||||
|
|
|
@ -9,7 +9,6 @@ python3.pkgs.buildPythonApplication rec {
|
||||||
sha256 = "sha256-WfMKDaPD2j6wT02+GO5HY5E7aF2Z7IQY/VdKiMSRxJA=";
|
sha256 = "sha256-WfMKDaPD2j6wT02+GO5HY5E7aF2Z7IQY/VdKiMSRxJA=";
|
||||||
};
|
};
|
||||||
|
|
||||||
SETUPTOOLS_SCM_PRETEND_VERSION = version;
|
|
||||||
nativeBuildInputs = with python3.pkgs; [
|
nativeBuildInputs = with python3.pkgs; [
|
||||||
setuptools-scm
|
setuptools-scm
|
||||||
sphinxHook
|
sphinxHook
|
||||||
|
|
|
@ -30,8 +30,6 @@ python3.pkgs.buildPythonApplication rec {
|
||||||
setuptools-scm
|
setuptools-scm
|
||||||
];
|
];
|
||||||
|
|
||||||
env.SETUPTOOLS_SCM_PRETEND_VERSION = version;
|
|
||||||
|
|
||||||
propagatedBuildInputs = with python3.pkgs; [
|
propagatedBuildInputs = with python3.pkgs; [
|
||||||
colorama
|
colorama
|
||||||
distro
|
distro
|
||||||
|
|
|
@ -165,10 +165,14 @@ stdenv.mkDerivation rec {
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
moveToOutput "bin" "$bin"
|
moveToOutput "bin" "$bin"
|
||||||
'' + lib.optionalString (enableX11 || enableGL) ''
|
'' + (lib.optionalString (stdenv.isDarwin) ''
|
||||||
|
for exe in $bin/bin/*; do
|
||||||
|
install_name_tool -change build/shared-release/libmupdf.dylib $out/lib/libmupdf.dylib "$exe"
|
||||||
|
done
|
||||||
|
'') + (lib.optionalString (enableX11 || enableGL) ''
|
||||||
mkdir -p $bin/share/icons/hicolor/48x48/apps
|
mkdir -p $bin/share/icons/hicolor/48x48/apps
|
||||||
cp docs/logo/mupdf.png $bin/share/icons/hicolor/48x48/apps
|
cp docs/logo/mupdf.png $bin/share/icons/hicolor/48x48/apps
|
||||||
'' + (if enableGL then ''
|
'') + (if enableGL then ''
|
||||||
ln -s "$bin/bin/mupdf-gl" "$bin/bin/mupdf"
|
ln -s "$bin/bin/mupdf-gl" "$bin/bin/mupdf"
|
||||||
'' else lib.optionalString (enableX11) ''
|
'' else lib.optionalString (enableX11) ''
|
||||||
ln -s "$bin/bin/mupdf-x11" "$bin/bin/mupdf"
|
ln -s "$bin/bin/mupdf-x11" "$bin/bin/mupdf"
|
||||||
|
|
|
@ -163,7 +163,7 @@ let
|
||||||
zeroconf
|
zeroconf
|
||||||
zipstream-ng
|
zipstream-ng
|
||||||
class-doc
|
class-doc
|
||||||
pydantic
|
pydantic_1
|
||||||
] ++ lib.optionals stdenv.isDarwin [
|
] ++ lib.optionals stdenv.isDarwin [
|
||||||
py.pkgs.appdirs
|
py.pkgs.appdirs
|
||||||
] ++ lib.optionals (!stdenv.isDarwin) [
|
] ++ lib.optionals (!stdenv.isDarwin) [
|
||||||
|
|
|
@ -7,7 +7,7 @@
|
||||||
, binaryen
|
, binaryen
|
||||||
, gzip
|
, gzip
|
||||||
, nodejs
|
, nodejs
|
||||||
, rustc-wasm32
|
, rustc
|
||||||
, wasm-bindgen-cli
|
, wasm-bindgen-cli
|
||||||
, wasm-pack
|
, wasm-pack
|
||||||
}:
|
}:
|
||||||
|
@ -66,8 +66,8 @@ rustPlatform.buildRustPackage rec {
|
||||||
binaryen
|
binaryen
|
||||||
gzip
|
gzip
|
||||||
nodejs
|
nodejs
|
||||||
rustc-wasm32
|
rustc
|
||||||
rustc-wasm32.llvmPackages.lld
|
rustc.llvmPackages.lld
|
||||||
wasm-bindgen-84
|
wasm-bindgen-84
|
||||||
wasm-pack
|
wasm-pack
|
||||||
];
|
];
|
||||||
|
|
|
@ -15,9 +15,14 @@ python3.pkgs.buildPythonApplication rec {
|
||||||
hash = "sha256-TwHDXWgGWuQVgatBDc1iympnb6dy4xYThLR5MouEZHA=";
|
hash = "sha256-TwHDXWgGWuQVgatBDc1iympnb6dy4xYThLR5MouEZHA=";
|
||||||
};
|
};
|
||||||
|
|
||||||
nativeBuildInputs = [
|
nativeBuildInputs = with python3.pkgs; [
|
||||||
python3.pkgs.setuptools
|
setuptools
|
||||||
python3.pkgs.wheel
|
pythonRelaxDepsHook
|
||||||
|
];
|
||||||
|
|
||||||
|
pythonRelaxDeps = [
|
||||||
|
"click"
|
||||||
|
"rich"
|
||||||
];
|
];
|
||||||
|
|
||||||
propagatedBuildInputs = with python3.pkgs; [
|
propagatedBuildInputs = with python3.pkgs; [
|
||||||
|
|
|
@ -15,8 +15,6 @@ python3.pkgs.buildPythonApplication rec {
|
||||||
hash = "sha256-OzcoOIgEiadWrsUPIxBJTuZQYjScJBYKyqCu1or6fz8=";
|
hash = "sha256-OzcoOIgEiadWrsUPIxBJTuZQYjScJBYKyqCu1or6fz8=";
|
||||||
};
|
};
|
||||||
|
|
||||||
SETUPTOOLS_SCM_PRETEND_VERSION = version;
|
|
||||||
|
|
||||||
nativeBuildInputs = with python3.pkgs; [
|
nativeBuildInputs = with python3.pkgs; [
|
||||||
hatchling
|
hatchling
|
||||||
hatch-vcs
|
hatch-vcs
|
||||||
|
|
|
@ -82,6 +82,7 @@ stdenv.mkDerivation (finalAttrs: {
|
||||||
mesonBuildType = "release";
|
mesonBuildType = "release";
|
||||||
|
|
||||||
mesonFlags = [
|
mesonFlags = [
|
||||||
|
(lib.mesonBool "werror" false)
|
||||||
(lib.mesonEnable "backend-x11" x11Support)
|
(lib.mesonEnable "backend-x11" x11Support)
|
||||||
(lib.mesonEnable "backend-wayland" waylandSupport)
|
(lib.mesonEnable "backend-wayland" waylandSupport)
|
||||||
];
|
];
|
||||||
|
|
|
@ -24,7 +24,7 @@ python3.pkgs.buildPythonApplication rec {
|
||||||
attrs
|
attrs
|
||||||
click
|
click
|
||||||
cloudflare
|
cloudflare
|
||||||
pydantic
|
pydantic_1
|
||||||
requests
|
requests
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
|
@ -23,8 +23,6 @@ python3.pkgs.buildPythonApplication rec {
|
||||||
setuptools-scm
|
setuptools-scm
|
||||||
];
|
];
|
||||||
|
|
||||||
SETUPTOOLS_SCM_PRETEND_VERSION = version;
|
|
||||||
|
|
||||||
propagatedBuildInputs = with python3.pkgs; [
|
propagatedBuildInputs = with python3.pkgs; [
|
||||||
appdirs
|
appdirs
|
||||||
deltachat
|
deltachat
|
||||||
|
|
|
@ -85,19 +85,26 @@ stdenv.mkDerivation rec {
|
||||||
patchShebangs notmuch-git
|
patchShebangs notmuch-git
|
||||||
'';
|
'';
|
||||||
|
|
||||||
preCheck = let
|
preCheck =
|
||||||
test-database = fetchurl {
|
let
|
||||||
url = "https://notmuchmail.org/releases/test-databases/database-v1.tar.xz";
|
test-database = fetchurl {
|
||||||
sha256 = "1lk91s00y4qy4pjh8638b5lfkgwyl282g1m27srsf7qfn58y16a2";
|
url = "https://notmuchmail.org/releases/test-databases/database-v1.tar.xz";
|
||||||
};
|
sha256 = "1lk91s00y4qy4pjh8638b5lfkgwyl282g1m27srsf7qfn58y16a2";
|
||||||
in ''
|
};
|
||||||
mkdir -p test/test-databases
|
in
|
||||||
ln -s ${test-database} test/test-databases/database-v1.tar.xz
|
''
|
||||||
''
|
mkdir -p test/test-databases
|
||||||
# Issues since gnupg: 2.4.0 -> 2.4.1
|
ln -s ${test-database} test/test-databases/database-v1.tar.xz
|
||||||
+ ''
|
''
|
||||||
rm test/{T350-crypto,T357-index-decryption}.sh
|
+ ''
|
||||||
'';
|
# Issues since gnupg: 2.4.0 -> 2.4.1
|
||||||
|
rm test/{T350-crypto,T357-index-decryption}.sh
|
||||||
|
# Issues since pbr 6.0.0 bump (ModuleNotFoundError: No module named 'notmuch2')
|
||||||
|
rm test/T055-path-config.sh
|
||||||
|
# Flaky, seems to get its paths wrong sometimes (?)
|
||||||
|
# *ERROR*: Opening output file: Permission denied, /nix/store/bzy21v2cd5sq1djzwa9b19q08wpp9mm0-emacs-29.1/bin/OUTPUT
|
||||||
|
rm test/T460-emacs-tree.sh
|
||||||
|
'';
|
||||||
|
|
||||||
doCheck = !stdenv.hostPlatform.isDarwin && (lib.versionAtLeast gmime3.version "3.0.3");
|
doCheck = !stdenv.hostPlatform.isDarwin && (lib.versionAtLeast gmime3.version "3.0.3");
|
||||||
checkTarget = "test";
|
checkTarget = "test";
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
{ lib, stdenv
|
{ lib, stdenv
|
||||||
, fetchurl
|
, fetchurl
|
||||||
|
, fetchpatch
|
||||||
, pkg-config
|
, pkg-config
|
||||||
, intltool
|
, intltool
|
||||||
, python3Packages
|
, python3Packages
|
||||||
|
@ -31,6 +32,16 @@ stdenv.mkDerivation rec {
|
||||||
hash = "sha256-7lanrs63N6ZnqxvjcW/+cUZVDqUbML2gftQUc/sLr3Q=";
|
hash = "sha256-7lanrs63N6ZnqxvjcW/+cUZVDqUbML2gftQUc/sLr3Q=";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
patches = [
|
||||||
|
# Pull upstream fix for libxml2-2.12 compatibility:
|
||||||
|
# https://github.com/lwindolf/liferea/pull/1329
|
||||||
|
(fetchpatch {
|
||||||
|
name = "libxml2-2.12.patch";
|
||||||
|
url = "https://github.com/lwindolf/liferea/commit/be8ef494586d9ef73c04ec4ca058a9a158ae3562.patch";
|
||||||
|
hash = "sha256-K1R7dJMm7ui6QKQqAHCo/ZrLCW3PhPU1EKRPEICtCsQ=";
|
||||||
|
})
|
||||||
|
];
|
||||||
|
|
||||||
nativeBuildInputs = [
|
nativeBuildInputs = [
|
||||||
wrapGAppsHook
|
wrapGAppsHook
|
||||||
python3Packages.wrapPython
|
python3Packages.wrapPython
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
{ lib
|
{ lib
|
||||||
, stdenv
|
, stdenv
|
||||||
, fetchurl
|
, fetchurl
|
||||||
|
, fetchpatch
|
||||||
, pkg-config
|
, pkg-config
|
||||||
, gtk3
|
, gtk3
|
||||||
, fribidi
|
, fribidi
|
||||||
|
@ -28,6 +29,14 @@ stdenv.mkDerivation rec {
|
||||||
hash = "sha256-ElckfplwUI1tFFbT4zDNGQnEtCsl4PChvDJSbW86IbQ=";
|
hash = "sha256-ElckfplwUI1tFFbT4zDNGQnEtCsl4PChvDJSbW86IbQ=";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
patches = [
|
||||||
|
# Fix build with libxml2 2.12
|
||||||
|
(fetchpatch {
|
||||||
|
url = "https://gitlab.gnome.org/World/AbiWord/-/commit/2a06be6a10a0718f8a3d8e00c317f5042c99a467.patch";
|
||||||
|
hash = "sha256-vfh81tGXe9dgnjcAtoWHOK8CtW7MZ75FFjnfKTkiKkk=";
|
||||||
|
})
|
||||||
|
];
|
||||||
|
|
||||||
nativeBuildInputs = [
|
nativeBuildInputs = [
|
||||||
pkg-config
|
pkg-config
|
||||||
wrapGAppsHook
|
wrapGAppsHook
|
||||||
|
|
|
@ -13,6 +13,7 @@
|
||||||
, IOCompress
|
, IOCompress
|
||||||
, zlib
|
, zlib
|
||||||
, libjpeg
|
, libjpeg
|
||||||
|
, liblangtag
|
||||||
, expat
|
, expat
|
||||||
, freetype
|
, freetype
|
||||||
, libwpd
|
, libwpd
|
||||||
|
@ -225,6 +226,17 @@ in stdenv.mkDerivation (finalAttrs: {
|
||||||
url = "https://cgit.freedesktop.org/libreoffice/core/patch/?id=ececb678b8362e3be8e02768ddd5e4197d87dc2a";
|
url = "https://cgit.freedesktop.org/libreoffice/core/patch/?id=ececb678b8362e3be8e02768ddd5e4197d87dc2a";
|
||||||
hash = "sha256-TUfKlwNxUTOJ95VLqwVD+ez1xhu7bW6xZlgIaCyIiNg=";
|
hash = "sha256-TUfKlwNxUTOJ95VLqwVD+ez1xhu7bW6xZlgIaCyIiNg=";
|
||||||
})
|
})
|
||||||
|
|
||||||
|
# Backport libxml 2.12 build fixes
|
||||||
|
# FIXME: remove in next release
|
||||||
|
(fetchpatch {
|
||||||
|
url = "https://cgit.freedesktop.org/libreoffice/core/patch/?id=c8f7408db73d2f2ccacb25a2b4fef8dfebdfc6cb";
|
||||||
|
hash = "sha256-uEgRx1eyS3Wx2ZDWEsUmpIbuKezVrIbO++qSL2QI8Lk=";
|
||||||
|
})
|
||||||
|
(fetchpatch {
|
||||||
|
url = "https://cgit.freedesktop.org/libreoffice/core/patch/?id=cbb17a548b5cc6a99b6ed7735479bb4f2bc40f26";
|
||||||
|
hash = "sha256-ofhif37uvQI+gidaUpyr6XlyBc3gTJUDBRb3ootrzz0=";
|
||||||
|
})
|
||||||
];
|
];
|
||||||
|
|
||||||
# libreoffice tries to reference the BUILDCONFIG (e.g. PKG_CONFIG_PATH)
|
# libreoffice tries to reference the BUILDCONFIG (e.g. PKG_CONFIG_PATH)
|
||||||
|
@ -436,6 +448,7 @@ in stdenv.mkDerivation (finalAttrs: {
|
||||||
"--with-system-headers"
|
"--with-system-headers"
|
||||||
"--with-system-openssl"
|
"--with-system-openssl"
|
||||||
"--with-system-libabw"
|
"--with-system-libabw"
|
||||||
|
"--with-system-liblangtag"
|
||||||
"--without-system-libcmis"
|
"--without-system-libcmis"
|
||||||
"--with-system-libwps"
|
"--with-system-libwps"
|
||||||
"--with-system-openldap"
|
"--with-system-openldap"
|
||||||
|
@ -466,7 +479,6 @@ in stdenv.mkDerivation (finalAttrs: {
|
||||||
"--without-system-lpsolve"
|
"--without-system-lpsolve"
|
||||||
"--without-system-libetonyek"
|
"--without-system-libetonyek"
|
||||||
"--without-system-libfreehand"
|
"--without-system-libfreehand"
|
||||||
"--without-system-liblangtag"
|
|
||||||
"--without-system-libmspub"
|
"--without-system-libmspub"
|
||||||
"--without-system-libnumbertext"
|
"--without-system-libnumbertext"
|
||||||
"--without-system-libpagemaker"
|
"--without-system-libpagemaker"
|
||||||
|
@ -566,6 +578,7 @@ in stdenv.mkDerivation (finalAttrs: {
|
||||||
libepoxy
|
libepoxy
|
||||||
libexttextcat
|
libexttextcat
|
||||||
libjpeg
|
libjpeg
|
||||||
|
liblangtag
|
||||||
libmspack
|
libmspack
|
||||||
libmwaw
|
libmwaw
|
||||||
libmysqlclient
|
libmysqlclient
|
||||||
|
|
|
@ -29,8 +29,6 @@ buildPythonPackage rec {
|
||||||
patchShebangs ../tools
|
patchShebangs ../tools
|
||||||
'';
|
'';
|
||||||
|
|
||||||
env.SETUPTOOLS_SCM_PRETEND_VERSION = version;
|
|
||||||
|
|
||||||
propagatedBuildInputs = [
|
propagatedBuildInputs = [
|
||||||
distro
|
distro
|
||||||
setuptools
|
setuptools
|
||||||
|
|
|
@ -29,8 +29,6 @@ buildPythonPackage rec {
|
||||||
patchShebangs ../tools
|
patchShebangs ../tools
|
||||||
'';
|
'';
|
||||||
|
|
||||||
env.SETUPTOOLS_SCM_PRETEND_VERSION = version;
|
|
||||||
|
|
||||||
nativeBuildInputs = [
|
nativeBuildInputs = [
|
||||||
pkgs.gettext
|
pkgs.gettext
|
||||||
pkgs.which
|
pkgs.which
|
||||||
|
|
|
@ -44,8 +44,6 @@ buildPythonPackage rec {
|
||||||
patchShebangs ../tools
|
patchShebangs ../tools
|
||||||
'';
|
'';
|
||||||
|
|
||||||
env.SETUPTOOLS_SCM_PRETEND_VERSION = version;
|
|
||||||
|
|
||||||
propagatedBuildInputs = [
|
propagatedBuildInputs = [
|
||||||
distro
|
distro
|
||||||
gtk3
|
gtk3
|
||||||
|
|
|
@ -42,8 +42,6 @@ python3Packages.buildPythonApplication rec {
|
||||||
|
|
||||||
sourceRoot = "${src.name}/paperwork-gtk";
|
sourceRoot = "${src.name}/paperwork-gtk";
|
||||||
|
|
||||||
env.SETUPTOOLS_SCM_PRETEND_VERSION = version;
|
|
||||||
|
|
||||||
postPatch = ''
|
postPatch = ''
|
||||||
chmod a+w -R ..
|
chmod a+w -R ..
|
||||||
patchShebangs ../tools
|
patchShebangs ../tools
|
||||||
|
|
|
@ -32,8 +32,6 @@ buildPythonPackage rec {
|
||||||
chmod a+w -R ..
|
chmod a+w -R ..
|
||||||
patchShebangs ../tools
|
patchShebangs ../tools
|
||||||
'';
|
'';
|
||||||
env.SETUPTOOLS_SCM_PRETEND_VERSION = version;
|
|
||||||
|
|
||||||
propagatedBuildInputs = [
|
propagatedBuildInputs = [
|
||||||
openpaperwork-core
|
openpaperwork-core
|
||||||
paperwork-backend
|
paperwork-backend
|
||||||
|
|
|
@ -19,8 +19,6 @@ python3.pkgs.buildPythonApplication rec {
|
||||||
hash = "sha256-5tQaNT6QVN9mxa9t6OvMux4ZGy4flUqszTAwet2QL0w=";
|
hash = "sha256-5tQaNT6QVN9mxa9t6OvMux4ZGy4flUqszTAwet2QL0w=";
|
||||||
};
|
};
|
||||||
|
|
||||||
SETUPTOOLS_SCM_PRETEND_VERSION = version;
|
|
||||||
|
|
||||||
nativeBuildInputs = [
|
nativeBuildInputs = [
|
||||||
installShellFiles
|
installShellFiles
|
||||||
] ++ (with python3.pkgs; [
|
] ++ (with python3.pkgs; [
|
||||||
|
|
|
@ -31,8 +31,6 @@ python3.pkgs.buildPythonApplication rec {
|
||||||
setuptools-scm
|
setuptools-scm
|
||||||
];
|
];
|
||||||
|
|
||||||
SETUPTOOLS_SCM_PRETEND_VERSION = version;
|
|
||||||
|
|
||||||
doCheck = false;
|
doCheck = false;
|
||||||
|
|
||||||
dontWrapGApps = true;
|
dontWrapGApps = true;
|
||||||
|
|
|
@ -2,13 +2,13 @@
|
||||||
|
|
||||||
stdenv.mkDerivation rec {
|
stdenv.mkDerivation rec {
|
||||||
pname = "fasttext";
|
pname = "fasttext";
|
||||||
version = "0.9.2";
|
version = "0.9.2-unstable-2023-11-28";
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "facebookresearch";
|
owner = "facebookresearch";
|
||||||
repo = "fastText";
|
repo = "fastText";
|
||||||
rev = "v${version}";
|
rev = "6c2204ba66776b700095ff73e3e599a908ffd9c3";
|
||||||
sha256 = "07cz2ghfq6amcljaxpdr5chbd64ph513y8zqmibfx2xwfp74xkhn";
|
hash = "sha256-lSIah4T+QqZwCRpeI3mxJ7PZT6pSHBO26rcEFfK8DSk=";
|
||||||
};
|
};
|
||||||
|
|
||||||
nativeBuildInputs = [ cmake ];
|
nativeBuildInputs = [ cmake ];
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
{ lib, stdenv, fetchurl, cmake, blas, lapack, gfortran, gmm, fltk, libjpeg
|
{ lib, stdenv, fetchurl, fetchpatch, cmake, blas, lapack, gfortran, gmm, fltk, libjpeg
|
||||||
, zlib, libGL, libGLU, xorg, opencascade-occt
|
, zlib, libGL, libGLU, xorg, opencascade-occt
|
||||||
, python ? null, enablePython ? false }:
|
, python ? null, enablePython ? false }:
|
||||||
|
|
||||||
|
@ -24,7 +24,22 @@ stdenv.mkDerivation rec {
|
||||||
|
|
||||||
enableParallelBuilding = true;
|
enableParallelBuilding = true;
|
||||||
|
|
||||||
patches = [ ./fix-python.patch ];
|
patches = [
|
||||||
|
./fix-python.patch
|
||||||
|
|
||||||
|
# Pull upstream fix git gcc-13:
|
||||||
|
# https://gitlab.onelab.info/gmsh/gmsh/-/issues/2416
|
||||||
|
(fetchpatch {
|
||||||
|
name = "gcc-13-p1.patch";
|
||||||
|
url = "https://gitlab.onelab.info/gmsh/gmsh/-/commit/fb81a9c9026700e078de947b4522cb39e543a86b.patch";
|
||||||
|
hash = "sha256-1GInFqQZvOgflC3eQTjmZ9uBGFASRNCpCwDACN3yTQ4=";
|
||||||
|
})
|
||||||
|
(fetchpatch {
|
||||||
|
name = "gcc-13-p2.patch";
|
||||||
|
url = "https://gitlab.onelab.info/gmsh/gmsh/-/commit/aceb09c807b78ea26555f99fcb16c4f87c31fb5a.patch";
|
||||||
|
hash = "sha256-6FI0hIvj8hglCvxoKV0GzT2/F/Wz+ddkxV/TLzzJBLU=";
|
||||||
|
})
|
||||||
|
];
|
||||||
|
|
||||||
postPatch = ''
|
postPatch = ''
|
||||||
substituteInPlace api/gmsh.py --subst-var-by LIBPATH ${placeholder "out"}/lib/libgmsh.so
|
substituteInPlace api/gmsh.py --subst-var-by LIBPATH ${placeholder "out"}/lib/libgmsh.so
|
||||||
|
|
|
@ -97,7 +97,10 @@ mkDerivation rec {
|
||||||
(lib.withFeature stdenv.isLinux "inotify")
|
(lib.withFeature stdenv.isLinux "inotify")
|
||||||
];
|
];
|
||||||
|
|
||||||
env.NIX_CFLAGS_COMPILE = toString [ "-DNIXPKGS" ];
|
env.NIX_CFLAGS_COMPILE = toString [
|
||||||
|
"-DNIXPKGS"
|
||||||
|
"-fpermissive" # libxml2-2.12 changed const qualifiers
|
||||||
|
];
|
||||||
|
|
||||||
patches = [
|
patches = [
|
||||||
# fix "No/bad main configuration file" error
|
# fix "No/bad main configuration file" error
|
||||||
|
|
|
@ -52,8 +52,6 @@ python3.pkgs.buildPythonApplication rec {
|
||||||
pyyaml
|
pyyaml
|
||||||
];
|
];
|
||||||
|
|
||||||
SETUPTOOLS_SCM_PRETEND_VERSION = version;
|
|
||||||
|
|
||||||
makeFlags = [
|
makeFlags = [
|
||||||
"PREFIX=${placeholder "out"}"
|
"PREFIX=${placeholder "out"}"
|
||||||
];
|
];
|
||||||
|
|
|
@ -11,8 +11,6 @@ python3Packages.buildPythonApplication rec {
|
||||||
hash = "sha256-PtV2mzxOfZ88THiFD4K+qtOi41GeLF1GcdiFFhUR8Ak=";
|
hash = "sha256-PtV2mzxOfZ88THiFD4K+qtOi41GeLF1GcdiFFhUR8Ak=";
|
||||||
};
|
};
|
||||||
|
|
||||||
env.SETUPTOOLS_SCM_PRETEND_VERSION = version;
|
|
||||||
|
|
||||||
buildInputs = lib.optionals stdenv.isLinux [ qt5.qtwayland ];
|
buildInputs = lib.optionals stdenv.isLinux [ qt5.qtwayland ];
|
||||||
propagatedBuildInputs = with python3Packages; [ git pyqt5 qtpy send2trash ];
|
propagatedBuildInputs = with python3Packages; [ git pyqt5 qtpy send2trash ];
|
||||||
nativeBuildInputs = with python3Packages; [ setuptools-scm gettext qt5.wrapQtAppsHook ];
|
nativeBuildInputs = with python3Packages; [ setuptools-scm gettext qt5.wrapQtAppsHook ];
|
||||||
|
|
|
@ -29,7 +29,7 @@ assert sendEmailSupport -> perlSupport;
|
||||||
assert svnSupport -> perlSupport;
|
assert svnSupport -> perlSupport;
|
||||||
|
|
||||||
let
|
let
|
||||||
version = "2.42.0";
|
version = "2.43.0";
|
||||||
svn = subversionClient.override { perlBindings = perlSupport; };
|
svn = subversionClient.override { perlBindings = perlSupport; };
|
||||||
gitwebPerlLibs = with perlPackages; [ CGI HTMLParser CGIFast FCGI FCGIProcManager HTMLTagCloud ];
|
gitwebPerlLibs = with perlPackages; [ CGI HTMLParser CGIFast FCGI FCGIProcManager HTMLTagCloud ];
|
||||||
in
|
in
|
||||||
|
@ -42,7 +42,7 @@ stdenv.mkDerivation (finalAttrs: {
|
||||||
|
|
||||||
src = fetchurl {
|
src = fetchurl {
|
||||||
url = "https://www.kernel.org/pub/software/scm/git/git-${version}.tar.xz";
|
url = "https://www.kernel.org/pub/software/scm/git/git-${version}.tar.xz";
|
||||||
hash = "sha256-MnghDp/SmUuEhN1+Pd2eqLlA71IXDNtgbaqU2IfJOw0=";
|
hash = "sha256-VEZgPnPZEXgdJZ5WV1Dc0nekKDbI45LKyRzxN6qbduw=";
|
||||||
};
|
};
|
||||||
|
|
||||||
outputs = [ "out" ] ++ lib.optional withManual "doc";
|
outputs = [ "out" ] ++ lib.optional withManual "doc";
|
||||||
|
|
|
@ -17,8 +17,6 @@ python3.pkgs.buildPythonApplication rec {
|
||||||
hash = "sha256-4SGkkC4LjZXTDXwK6jMOIKXR1qX76CasOwSqv8XUrjs=";
|
hash = "sha256-4SGkkC4LjZXTDXwK6jMOIKXR1qX76CasOwSqv8XUrjs=";
|
||||||
};
|
};
|
||||||
|
|
||||||
SETUPTOOLS_SCM_PRETEND_VERSION = version;
|
|
||||||
|
|
||||||
# Upstream splitted the project into gitlint and gitlint-core to
|
# Upstream splitted the project into gitlint and gitlint-core to
|
||||||
# simplify the dependency handling
|
# simplify the dependency handling
|
||||||
sourceRoot = "${src.name}/gitlint-core";
|
sourceRoot = "${src.name}/gitlint-core";
|
||||||
|
|
|
@ -1,6 +1,8 @@
|
||||||
{ lib, stdenv, fetchurl, fetchpatch, python3Packages, makeWrapper, gettext, installShellFiles
|
{ lib, stdenv, fetchurl, fetchpatch, python3Packages, makeWrapper, gettext, installShellFiles
|
||||||
, re2Support ? true
|
, re2Support ? true
|
||||||
, rustSupport ? stdenv.hostPlatform.isLinux, cargo, rustPlatform, rustc
|
# depends on rust-cpython which won't support python312
|
||||||
|
# https://github.com/dgrunwald/rust-cpython/commit/e815555629e557be084813045ca1ddebc2f76ef9
|
||||||
|
, rustSupport ? (stdenv.hostPlatform.isLinux && python3Packages.pythonOlder "3.12"), cargo, rustPlatform, rustc
|
||||||
, fullBuild ? false
|
, fullBuild ? false
|
||||||
, gitSupport ? fullBuild
|
, gitSupport ? fullBuild
|
||||||
, guiSupport ? fullBuild, tk
|
, guiSupport ? fullBuild, tk
|
||||||
|
@ -21,11 +23,11 @@ let
|
||||||
|
|
||||||
self = python3Packages.buildPythonApplication rec {
|
self = python3Packages.buildPythonApplication rec {
|
||||||
pname = "mercurial${lib.optionalString fullBuild "-full"}";
|
pname = "mercurial${lib.optionalString fullBuild "-full"}";
|
||||||
version = "6.5.3";
|
version = "6.6.1";
|
||||||
|
|
||||||
src = fetchurl {
|
src = fetchurl {
|
||||||
url = "https://mercurial-scm.org/release/mercurial-${version}.tar.gz";
|
url = "https://mercurial-scm.org/release/mercurial-${version}.tar.gz";
|
||||||
sha256 = "sha256-LNyB+t4SnPVrEoQXUn8ZC6cv13ZWc5TOVO7XZOZn59U=";
|
sha256 = "sha256-opRlo/5Ao+jUm6g0MTSsKrooa2g//rg42gz25FIflpU=";
|
||||||
};
|
};
|
||||||
|
|
||||||
format = "other";
|
format = "other";
|
||||||
|
@ -35,7 +37,7 @@ let
|
||||||
cargoDeps = if rustSupport then rustPlatform.fetchCargoTarball {
|
cargoDeps = if rustSupport then rustPlatform.fetchCargoTarball {
|
||||||
inherit src;
|
inherit src;
|
||||||
name = "mercurial-${version}";
|
name = "mercurial-${version}";
|
||||||
sha256 = "sha256-ob81zMUY4AVNIbkFKyImnj7QhHTh7LVOCcGeZDtTAXc=";
|
sha256 = "sha256-wLV0qdCfMgGpZRxnZik/lRwZHm/66p0sJn/mYVRvRkQ=";
|
||||||
sourceRoot = "mercurial-${version}/rust";
|
sourceRoot = "mercurial-${version}/rust";
|
||||||
} else null;
|
} else null;
|
||||||
cargoRoot = if rustSupport then "rust" else null;
|
cargoRoot = if rustSupport then "rust" else null;
|
||||||
|
@ -43,7 +45,7 @@ let
|
||||||
propagatedBuildInputs = lib.optional re2Support fb-re2
|
propagatedBuildInputs = lib.optional re2Support fb-re2
|
||||||
++ lib.optional gitSupport pygit2
|
++ lib.optional gitSupport pygit2
|
||||||
++ lib.optional highlightSupport pygments;
|
++ lib.optional highlightSupport pygments;
|
||||||
nativeBuildInputs = [ makeWrapper gettext installShellFiles ]
|
nativeBuildInputs = [ makeWrapper gettext installShellFiles python3Packages.setuptools ]
|
||||||
++ lib.optionals rustSupport [
|
++ lib.optionals rustSupport [
|
||||||
rustPlatform.cargoSetupHook
|
rustPlatform.cargoSetupHook
|
||||||
cargo
|
cargo
|
||||||
|
|
|
@ -42,9 +42,6 @@ python3.pkgs.buildPythonApplication rec {
|
||||||
substituteInPlace pyproject.toml requirements.txt --replace "opencv-python" "opencv"
|
substituteInPlace pyproject.toml requirements.txt --replace "opencv-python" "opencv"
|
||||||
'';
|
'';
|
||||||
|
|
||||||
# Let setuptools know deface version
|
|
||||||
SETUPTOOLS_SCM_PRETEND_VERSION = "v${version}";
|
|
||||||
|
|
||||||
pythonImportsCheck = [ "deface" "onnx" "onnxruntime" ];
|
pythonImportsCheck = [ "deface" "onnx" "onnxruntime" ];
|
||||||
|
|
||||||
meta = with lib; {
|
meta = with lib; {
|
||||||
|
|
|
@ -25,6 +25,12 @@ let
|
||||||
|
|
||||||
python = python3.override {
|
python = python3.override {
|
||||||
packageOverrides = self: super: {
|
packageOverrides = self: super: {
|
||||||
|
pydantic = super.pydantic_1;
|
||||||
|
|
||||||
|
versioningit = super.versioningit.overridePythonAttrs {
|
||||||
|
# checkPhase requires pydantic>=2
|
||||||
|
doCheck = false;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -10,6 +10,7 @@
|
||||||
{ stdenv
|
{ stdenv
|
||||||
, lib
|
, lib
|
||||||
, fetchFromGitHub
|
, fetchFromGitHub
|
||||||
|
, fetchpatch
|
||||||
# For tests
|
# For tests
|
||||||
, testers
|
, testers
|
||||||
, runCommand
|
, runCommand
|
||||||
|
@ -135,6 +136,11 @@ let
|
||||||
"${src}/contrib/ffmpeg/A28-avcodec-amfenc-HDR-metadata.patch"
|
"${src}/contrib/ffmpeg/A28-avcodec-amfenc-HDR-metadata.patch"
|
||||||
# This patch is not applying since ffmpeg 5.1.1, probably it was backported by upstream
|
# This patch is not applying since ffmpeg 5.1.1, probably it was backported by upstream
|
||||||
# "${src}/contrib/ffmpeg/A30-svt-av1-backports.patch"
|
# "${src}/contrib/ffmpeg/A30-svt-av1-backports.patch"
|
||||||
|
(fetchpatch {
|
||||||
|
name = "vulkan-remove-extensions.patch";
|
||||||
|
url = "https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff_plain/eb0455d64690";
|
||||||
|
hash = "sha256-qvLrb7b+9/bel8A2lZuSmBiJtHXsABw0Lvgn1ggnmCU=";
|
||||||
|
})
|
||||||
];
|
];
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
|
@ -2,10 +2,11 @@
|
||||||
, lib
|
, lib
|
||||||
, stdenv
|
, stdenv
|
||||||
, fetchFromGitHub
|
, fetchFromGitHub
|
||||||
|
, fetchpatch
|
||||||
, addOpenGLRunpath
|
, addOpenGLRunpath
|
||||||
, cmake
|
, cmake
|
||||||
, fdk_aac
|
, fdk_aac
|
||||||
, ffmpeg_4
|
, ffmpeg
|
||||||
, jansson
|
, jansson
|
||||||
, libjack2
|
, libjack2
|
||||||
, libxkbcommon
|
, libxkbcommon
|
||||||
|
@ -74,6 +75,25 @@ stdenv.mkDerivation (finalAttrs: {
|
||||||
# Lets obs-browser build against CEF 90.1.0+
|
# Lets obs-browser build against CEF 90.1.0+
|
||||||
./Enable-file-access-and-universal-access-for-file-URL.patch
|
./Enable-file-access-and-universal-access-for-file-URL.patch
|
||||||
./fix-nix-plugin-path.patch
|
./fix-nix-plugin-path.patch
|
||||||
|
|
||||||
|
# Backport ffmpeg 6.1 / GCC 13 build fixes
|
||||||
|
# FIXME: remove in next release
|
||||||
|
(fetchpatch {
|
||||||
|
url = "https://github.com/obsproject/obs-studio/commit/cd784644f5e82b9988043f229c19603289c6d32c.patch";
|
||||||
|
hash = "sha256-S4JE5kgr4x3uMHY2GRh0GBJpb7o/wYZb/v0CDITFNnQ=";
|
||||||
|
})
|
||||||
|
(fetchpatch {
|
||||||
|
url = "https://github.com/obsproject/obs-studio/commit/758b47d4ed9a25b8d64ad481d8d039990b9e57c9.patch";
|
||||||
|
hash = "sha256-jYpjwhx6e+dhN3kzbd6FcdjQ+WhIX0/BOu9PSkt+2yI=";
|
||||||
|
})
|
||||||
|
(fetchpatch {
|
||||||
|
url = "https://github.com/obsproject/obs-studio/commit/4b5be75c7e4b8cee908ed4a02fe0078285b4e8c9.patch";
|
||||||
|
hash = "sha256-tuOevhyxchwG42ilrplbiWoiDAKaY4HgzShlvp4VSQI=";
|
||||||
|
})
|
||||||
|
(fetchpatch {
|
||||||
|
url = "https://github.com/obsproject/obs-studio/commit/6e080a68067b27fe5463f0f4eee7df690451f3d7.patch";
|
||||||
|
hash = "sha256-nbn/q3uszoHaDvaW8Et1MS1sgQzMsJRmjGSMHzUxV70=";
|
||||||
|
})
|
||||||
];
|
];
|
||||||
|
|
||||||
nativeBuildInputs = [
|
nativeBuildInputs = [
|
||||||
|
@ -87,7 +107,7 @@ stdenv.mkDerivation (finalAttrs: {
|
||||||
|
|
||||||
buildInputs = [
|
buildInputs = [
|
||||||
curl
|
curl
|
||||||
ffmpeg_4
|
ffmpeg
|
||||||
jansson
|
jansson
|
||||||
libcef
|
libcef
|
||||||
libjack2
|
libjack2
|
||||||
|
|
|
@ -1,13 +1,12 @@
|
||||||
{ stdenv, fetchgit, lib, dtc }:
|
{ stdenv, fetchzip, lib, dtc }:
|
||||||
|
|
||||||
stdenv.mkDerivation {
|
stdenv.mkDerivation {
|
||||||
pname = "kvmtool";
|
pname = "kvmtool";
|
||||||
version = "unstable-2023-07-12";
|
version = "unstable-2023-07-12";
|
||||||
|
|
||||||
src = fetchgit {
|
src = fetchzip {
|
||||||
url = "https://git.kernel.org/pub/scm/linux/kernel/git/will/kvmtool.git";
|
url = "https://git.kernel.org/pub/scm/linux/kernel/git/will/kvmtool.git/snapshot/kvmtool-106e2ea7756d980454d68631b87d5e25ba4e4881.tar.gz";
|
||||||
rev = "106e2ea7756d980454d68631b87d5e25ba4e4881";
|
hash = "sha256-wpc5DfHnui0lBVH4uOq6a7pXVUZStjNLRvauu6QpRvE=";
|
||||||
sha256 = "sha256-wpc5DfHnui0lBVH4uOq6a7pXVUZStjNLRvauu6QpRvE=";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
patches = [ ./strlcpy-glibc-2.38-fix.patch ];
|
patches = [ ./strlcpy-glibc-2.38-fix.patch ];
|
||||||
|
|
|
@ -1,8 +1,6 @@
|
||||||
{ lib
|
{ lib
|
||||||
, fetchFromGitHub
|
, fetchFromGitHub
|
||||||
, hostPlatform
|
, hostPlatform
|
||||||
, cargo
|
|
||||||
, rustc
|
|
||||||
, lld
|
, lld
|
||||||
}:
|
}:
|
||||||
|
|
||||||
|
@ -24,12 +22,7 @@ let
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# inherit (cross) rustPlatform;
|
inherit (cross) rustPlatform;
|
||||||
# ^ breaks because we are doing a no_std embedded build with a custom sysroot,
|
|
||||||
# but the fast_cross rustc wrapper already passes a sysroot argument
|
|
||||||
rustPlatform = cross.makeRustPlatform {
|
|
||||||
inherit rustc cargo;
|
|
||||||
};
|
|
||||||
|
|
||||||
in
|
in
|
||||||
|
|
||||||
|
|
|
@ -33,6 +33,28 @@
|
||||||
, useMacosReexportHack ? false
|
, useMacosReexportHack ? false
|
||||||
, wrapGas ? false
|
, wrapGas ? false
|
||||||
|
|
||||||
|
# Note: the hardening flags are part of the bintools-wrapper, rather than
|
||||||
|
# the cc-wrapper, because a few of them are handled by the linker.
|
||||||
|
, defaultHardeningFlags ? with stdenvNoCC; [
|
||||||
|
"bindnow"
|
||||||
|
"format"
|
||||||
|
"fortify"
|
||||||
|
"fortify3"
|
||||||
|
"pic"
|
||||||
|
"relro"
|
||||||
|
"stackprotector"
|
||||||
|
"strictoverflow"
|
||||||
|
] ++ lib.optional (
|
||||||
|
# Musl-based platforms will keep "pie", other platforms will not.
|
||||||
|
# If you change this, make sure to update section `{#sec-hardening-in-nixpkgs}`
|
||||||
|
# in the nixpkgs manual to inform users about the defaults.
|
||||||
|
targetPlatform.libc == "musl"
|
||||||
|
# Except when:
|
||||||
|
# - static aarch64, where compilation works, but produces segfaulting dynamically linked binaries.
|
||||||
|
# - static armv7l, where compilation fails.
|
||||||
|
&& !(targetPlatform.isAarch && targetPlatform.isStatic)
|
||||||
|
) "pie"
|
||||||
|
|
||||||
# Darwin code signing support utilities
|
# Darwin code signing support utilities
|
||||||
, postLinkSignHook ? null, signingUtils ? null
|
, postLinkSignHook ? null, signingUtils ? null
|
||||||
}:
|
}:
|
||||||
|
@ -124,6 +146,8 @@ stdenv.mkDerivation {
|
||||||
(setenv "NIX_LDFLAGS_${suffixSalt}" (concat (getenv "NIX_LDFLAGS_${suffixSalt}") " -L" arg "/lib64"))))
|
(setenv "NIX_LDFLAGS_${suffixSalt}" (concat (getenv "NIX_LDFLAGS_${suffixSalt}") " -L" arg "/lib64"))))
|
||||||
'(${concatStringsSep " " (map (pkg: "\"${pkg}\"") pkgs)}))
|
'(${concatStringsSep " " (map (pkg: "\"${pkg}\"") pkgs)}))
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
inherit defaultHardeningFlags;
|
||||||
};
|
};
|
||||||
|
|
||||||
dontBuild = true;
|
dontBuild = true;
|
||||||
|
@ -380,6 +404,7 @@ stdenv.mkDerivation {
|
||||||
wrapperName = "BINTOOLS_WRAPPER";
|
wrapperName = "BINTOOLS_WRAPPER";
|
||||||
inherit dynamicLinker targetPrefix suffixSalt coreutils_bin;
|
inherit dynamicLinker targetPrefix suffixSalt coreutils_bin;
|
||||||
inherit bintools_bin libc_bin libc_dev libc_lib;
|
inherit bintools_bin libc_bin libc_dev libc_lib;
|
||||||
|
default_hardening_flags_str = builtins.toString defaultHardeningFlags;
|
||||||
};
|
};
|
||||||
|
|
||||||
meta =
|
meta =
|
||||||
|
|
|
@ -65,7 +65,7 @@ do
|
||||||
done
|
done
|
||||||
|
|
||||||
# If unset, assume the default hardening flags.
|
# If unset, assume the default hardening flags.
|
||||||
: ${NIX_HARDENING_ENABLE="fortify stackprotector pic strictoverflow format relro bindnow"}
|
: ${NIX_HARDENING_ENABLE="@default_hardening_flags_str@"}
|
||||||
export NIX_HARDENING_ENABLE
|
export NIX_HARDENING_ENABLE
|
||||||
|
|
||||||
# No local scope in sourced file
|
# No local scope in sourced file
|
||||||
|
|
|
@ -32,7 +32,7 @@ if [[ -n "${hardeningEnableMap[fortify3]-}" ]]; then
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if (( "${NIX_DEBUG:-0}" >= 1 )); then
|
if (( "${NIX_DEBUG:-0}" >= 1 )); then
|
||||||
declare -a allHardeningFlags=(fortify stackprotector pie pic strictoverflow format)
|
declare -a allHardeningFlags=(fortify fortify3 stackprotector pie pic strictoverflow format)
|
||||||
declare -A hardeningDisableMap=()
|
declare -A hardeningDisableMap=()
|
||||||
|
|
||||||
# Determine which flags were effectively disabled so we can report below.
|
# Determine which flags were effectively disabled so we can report below.
|
||||||
|
|
|
@ -218,6 +218,8 @@ let
|
||||||
then guess
|
then guess
|
||||||
else null;
|
else null;
|
||||||
|
|
||||||
|
defaultHardeningFlags = bintools.defaultHardeningFlags or [];
|
||||||
|
|
||||||
darwinPlatformForCC = optionalString stdenv.targetPlatform.isDarwin (
|
darwinPlatformForCC = optionalString stdenv.targetPlatform.isDarwin (
|
||||||
if (targetPlatform.darwinPlatform == "macos" && isGNU) then "macosx"
|
if (targetPlatform.darwinPlatform == "macos" && isGNU) then "macosx"
|
||||||
else targetPlatform.darwinPlatform
|
else targetPlatform.darwinPlatform
|
||||||
|
@ -271,6 +273,8 @@ stdenv.mkDerivation {
|
||||||
inherit expand-response-params;
|
inherit expand-response-params;
|
||||||
|
|
||||||
inherit nixSupport;
|
inherit nixSupport;
|
||||||
|
|
||||||
|
inherit defaultHardeningFlags;
|
||||||
};
|
};
|
||||||
|
|
||||||
dontBuild = true;
|
dontBuild = true;
|
||||||
|
@ -706,6 +710,7 @@ stdenv.mkDerivation {
|
||||||
inherit suffixSalt coreutils_bin bintools;
|
inherit suffixSalt coreutils_bin bintools;
|
||||||
inherit libc_bin libc_dev libc_lib;
|
inherit libc_bin libc_dev libc_lib;
|
||||||
inherit darwinPlatformForCC darwinMinVersion darwinMinVersionVariable;
|
inherit darwinPlatformForCC darwinMinVersion darwinMinVersionVariable;
|
||||||
|
default_hardening_flags_str = builtins.toString defaultHardeningFlags;
|
||||||
};
|
};
|
||||||
|
|
||||||
meta =
|
meta =
|
||||||
|
|
|
@ -4,8 +4,7 @@ getTargetRoleWrapper
|
||||||
export FC${role_post}=@named_fc@
|
export FC${role_post}=@named_fc@
|
||||||
|
|
||||||
# If unset, assume the default hardening flags.
|
# If unset, assume the default hardening flags.
|
||||||
# These are different for fortran.
|
: ${NIX_HARDENING_ENABLE="@default_hardening_flags_str@"}
|
||||||
: ${NIX_HARDENING_ENABLE="stackprotector pic strictoverflow relro bindnow"}
|
|
||||||
export NIX_HARDENING_ENABLE
|
export NIX_HARDENING_ENABLE
|
||||||
|
|
||||||
unset -v role_post
|
unset -v role_post
|
||||||
|
|
|
@ -111,7 +111,7 @@ export CC${role_post}=@named_cc@
|
||||||
export CXX${role_post}=@named_cxx@
|
export CXX${role_post}=@named_cxx@
|
||||||
|
|
||||||
# If unset, assume the default hardening flags.
|
# If unset, assume the default hardening flags.
|
||||||
: ${NIX_HARDENING_ENABLE="fortify fortify3 stackprotector pic strictoverflow format relro bindnow"}
|
: ${NIX_HARDENING_ENABLE="@default_hardening_flags_str@"}
|
||||||
export NIX_HARDENING_ENABLE
|
export NIX_HARDENING_ENABLE
|
||||||
|
|
||||||
# No local scope in sourced file
|
# No local scope in sourced file
|
||||||
|
|
|
@ -11,8 +11,8 @@ let
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "melpa";
|
owner = "melpa";
|
||||||
repo = "package-build";
|
repo = "package-build";
|
||||||
rev = "c3c535e93d9dc92acd21ebc4b15016b5c3b90e7d";
|
rev = "c48aa078c01b4f07b804270c4583a0a58ffea1c0";
|
||||||
sha256 = "17z0wbqdd6fspbj43yq8biff6wfggk74xgnaf1xx6ynsp1i74is5";
|
sha256 = "sha256-MzPj375upIiYXdQR+wWXv3A1zMqbSrZlH0taLuxx/1M=";
|
||||||
};
|
};
|
||||||
|
|
||||||
patches = [ ./package-build-dont-use-mtime.patch ];
|
patches = [ ./package-build-dont-use-mtime.patch ];
|
||||||
|
|
|
@ -11,22 +11,22 @@
|
||||||
;; Allow installing package tarfiles larger than 10MB
|
;; Allow installing package tarfiles larger than 10MB
|
||||||
(setq large-file-warning-threshold nil)
|
(setq large-file-warning-threshold nil)
|
||||||
|
|
||||||
(defun melpa2nix-build-package-1 (rcp version commit)
|
(defun melpa2nix-build-package-1 (rcp)
|
||||||
(let ((source-dir (package-recipe--working-tree rcp)))
|
(let* ((default-directory (package-recipe--working-tree rcp)))
|
||||||
(unwind-protect
|
(unwind-protect
|
||||||
(let ((files (package-build-expand-files-spec rcp t)))
|
(let ((files (package-build-expand-files-spec rcp t)))
|
||||||
(cond
|
(unless files
|
||||||
((= (length files) 1)
|
(error "Unable to find files matching recipe patterns"))
|
||||||
(package-build--build-single-file-package
|
(if (> (length files) 1)
|
||||||
rcp version commit files source-dir))
|
(package-build--build-multi-file-package rcp files)
|
||||||
((> (length files) 1)
|
(package-build--build-single-file-package rcp files))))))
|
||||||
(package-build--build-multi-file-package
|
|
||||||
rcp version commit files source-dir))
|
|
||||||
(t (error "Unable to find files matching recipe patterns")))))))
|
|
||||||
|
|
||||||
(defun melpa2nix-build-package ()
|
(defun melpa2nix-build-package ()
|
||||||
(if (not noninteractive)
|
(unless noninteractive
|
||||||
(error "`melpa2nix-build-package' is to be used only with -batch"))
|
(error "`melpa2nix-build-package' is to be used only with -batch"))
|
||||||
(pcase command-line-args-left
|
(pcase command-line-args-left
|
||||||
(`(,package ,version ,commit)
|
(`(,package ,version ,commit)
|
||||||
(melpa2nix-build-package-1 (package-recipe-lookup package) version commit))))
|
(let ((recipe (package-recipe-lookup package)))
|
||||||
|
(setf (oref recipe commit) commit)
|
||||||
|
(setf (oref recipe version) version)
|
||||||
|
(melpa2nix-build-package-1 recipe)))))
|
||||||
|
|
|
@ -1,40 +1,21 @@
|
||||||
diff --git a/package-build.el b/package-build.el
|
diff --git a/package-build.el b/package-build.el
|
||||||
index e572045..9eb0f82 100644
|
index 29cdb61..c19be1b 100644
|
||||||
--- a/package-build.el
|
--- a/package-build.el
|
||||||
+++ b/package-build.el
|
+++ b/package-build.el
|
||||||
@@ -415,7 +415,7 @@ (defun package-build--write-pkg-file (desc dir)
|
@@ -923,7 +923,6 @@ DIRECTORY is a temporary directory that contains the directory
|
||||||
(princ ";; Local Variables:\n;; no-byte-compile: t\n;; End:\n"
|
that is put in the tarball."
|
||||||
(current-buffer)))))
|
(let* ((name (oref rcp name))
|
||||||
|
(version (oref rcp version))
|
||||||
-(defun package-build--create-tar (name version directory mtime)
|
- (time (oref rcp time))
|
||||||
+(defun package-build--create-tar (name version directory)
|
(tar (expand-file-name (concat name "-" version ".tar")
|
||||||
"Create a tar file containing the contents of VERSION of package NAME.
|
package-build-archive-dir))
|
||||||
DIRECTORY is a temporary directory that contains the directory
|
(dir (concat name "-" version)))
|
||||||
that is put in the tarball. MTIME is used as the modification
|
@@ -939,7 +938,7 @@ that is put in the tarball."
|
||||||
@@ -434,7 +434,7 @@ (defun package-build--create-tar (name version directory mtime)
|
;; prevent a reproducible tarball as described at
|
||||||
;; prevent a reproducable tarball as described at
|
|
||||||
;; https://reproducible-builds.org/docs/archives.
|
;; https://reproducible-builds.org/docs/archives.
|
||||||
"--sort=name"
|
"--sort=name"
|
||||||
- (format "--mtime=@%d" mtime)
|
- (format "--mtime=@%d" time)
|
||||||
+ "--mtime=@0"
|
+ "--mtime=@0"
|
||||||
"--owner=0" "--group=0" "--numeric-owner"
|
"--owner=0" "--group=0" "--numeric-owner"
|
||||||
"--pax-option=exthdr.name=%d/PaxHeaders/%f,delete=atime,delete=ctime"))
|
"--pax-option=exthdr.name=%d/PaxHeaders/%f,delete=atime,delete=ctime"))
|
||||||
(when (and package-build-verbose noninteractive)
|
(when (and package-build-verbose noninteractive)
|
||||||
@@ -848,12 +848,11 @@ (defun package-build--build-multi-file-package (rcp version commit files source-
|
|
||||||
(package-build--desc-from-library
|
|
||||||
name version commit files 'tar)
|
|
||||||
(error "%s[-pkg].el matching package name is missing"
|
|
||||||
- name))))
|
|
||||||
- (mtime (package-build--get-commit-time rcp commit)))
|
|
||||||
+ name)))))
|
|
||||||
(package-build--copy-package-files files source-dir target)
|
|
||||||
(package-build--write-pkg-file desc target)
|
|
||||||
(package-build--generate-info-files files source-dir target)
|
|
||||||
- (package-build--create-tar name version tmp-dir mtime)
|
|
||||||
+ (package-build--create-tar name version tmp-dir)
|
|
||||||
(package-build--write-pkg-readme name files source-dir)
|
|
||||||
(package-build--write-archive-entry desc))
|
|
||||||
(delete-directory tmp-dir t nil))))
|
|
||||||
--
|
|
||||||
2.37.2
|
|
||||||
|
|
||||||
|
|
|
@ -125,6 +125,7 @@
|
||||||
|
|
||||||
# Mirrors from https://download.kde.org/ls-lR.mirrorlist
|
# Mirrors from https://download.kde.org/ls-lR.mirrorlist
|
||||||
kde = [
|
kde = [
|
||||||
|
"https://cdn.download.kde.org/"
|
||||||
"https://download.kde.org/download.php?url="
|
"https://download.kde.org/download.php?url="
|
||||||
"https://ftp.gwdg.de/pub/linux/kde/"
|
"https://ftp.gwdg.de/pub/linux/kde/"
|
||||||
"https://mirrors.ocf.berkeley.edu/kde/"
|
"https://mirrors.ocf.berkeley.edu/kde/"
|
||||||
|
|
|
@ -25,7 +25,7 @@ maturinBuildHook() {
|
||||||
|
|
||||||
# Move the wheel to dist/ so that regular Python tooling can find it.
|
# Move the wheel to dist/ so that regular Python tooling can find it.
|
||||||
mkdir -p dist
|
mkdir -p dist
|
||||||
mv target/wheels/*.whl dist/
|
mv ${cargoRoot:+$cargoRoot/}target/wheels/*.whl dist/
|
||||||
|
|
||||||
# These are python build hooks and may depend on ./dist
|
# These are python build hooks and may depend on ./dist
|
||||||
runHook postBuild
|
runHook postBuild
|
||||||
|
|
|
@ -1,6 +1,19 @@
|
||||||
#!@shell@
|
#!@shell@
|
||||||
|
|
||||||
extraBefore=(@sysroot@)
|
defaultSysroot=(@sysroot@)
|
||||||
|
|
||||||
|
for arg; do
|
||||||
|
case "$arg" in
|
||||||
|
--sysroot)
|
||||||
|
defaultSysroot=()
|
||||||
|
;;
|
||||||
|
--)
|
||||||
|
break
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
|
||||||
|
extraBefore=("${defaultSysroot[@]}")
|
||||||
extraAfter=($NIX_RUSTFLAGS)
|
extraAfter=($NIX_RUSTFLAGS)
|
||||||
|
|
||||||
# Optionally print debug info.
|
# Optionally print debug info.
|
||||||
|
|
|
@ -53,17 +53,30 @@ autoPatchelf() {
|
||||||
esac
|
esac
|
||||||
done
|
done
|
||||||
|
|
||||||
readarray -td' ' ignoreMissingDepsArray < <(echo -n "$autoPatchelfIgnoreMissingDeps")
|
if [ -n "$__structuredAttrs" ]; then
|
||||||
if [ "$autoPatchelfIgnoreMissingDeps" == "1" ]; then
|
local ignoreMissingDepsArray=( "${autoPatchelfIgnoreMissingDeps[@]}" )
|
||||||
echo "autoPatchelf: WARNING: setting 'autoPatchelfIgnoreMissingDeps" \
|
local appendRunpathsArray=( "${appendRunpaths[@]}" )
|
||||||
"= true;' is deprecated and will be removed in a future release." \
|
local runtimeDependenciesArray=( "${runtimeDependencies[@]}" )
|
||||||
"Use 'autoPatchelfIgnoreMissingDeps = [ \"*\" ];' instead." >&2
|
local patchelfFlagsArray=( "${patchelfFlags[@]}" )
|
||||||
ignoreMissingDepsArray=( "*" )
|
else
|
||||||
|
readarray -td' ' ignoreMissingDepsArray < <(echo -n "$autoPatchelfIgnoreMissingDeps")
|
||||||
|
local appendRunpathsArray=($appendRunpaths)
|
||||||
|
local runtimeDependenciesArray=($runtimeDependencies)
|
||||||
|
local patchelfFlagsArray=($patchelfFlags)
|
||||||
fi
|
fi
|
||||||
|
|
||||||
local appendRunpathsArray=($appendRunpaths)
|
# Check if ignoreMissingDepsArray contains "1" and if so, replace it with
|
||||||
local runtimeDependenciesArray=($runtimeDependencies)
|
# "*", printing a deprecation warning.
|
||||||
local patchelfFlagsArray=($patchelfFlags)
|
for dep in "${ignoreMissingDepsArray[@]}"; do
|
||||||
|
if [ "$dep" == "1" ]; then
|
||||||
|
echo "autoPatchelf: WARNING: setting 'autoPatchelfIgnoreMissingDeps" \
|
||||||
|
"= true;' is deprecated and will be removed in a future release." \
|
||||||
|
"Use 'autoPatchelfIgnoreMissingDeps = [ \"*\" ];' instead." >&2
|
||||||
|
ignoreMissingDepsArray=( "*" )
|
||||||
|
break
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
@pythonInterpreter@ @autoPatchelfScript@ \
|
@pythonInterpreter@ @autoPatchelfScript@ \
|
||||||
${norecurse:+--no-recurse} \
|
${norecurse:+--no-recurse} \
|
||||||
--ignore-missing "${ignoreMissingDepsArray[@]}" \
|
--ignore-missing "${ignoreMissingDepsArray[@]}" \
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
{ lib
|
{ lib
|
||||||
, python3
|
, python3
|
||||||
, fetchPypi
|
, fetchPypi
|
||||||
, argparse
|
|
||||||
, kubernetes-helm
|
, kubernetes-helm
|
||||||
, kind
|
, kind
|
||||||
, docker
|
, docker
|
||||||
|
@ -17,16 +16,22 @@ python3.pkgs.buildPythonApplication rec {
|
||||||
inherit pname version;
|
inherit pname version;
|
||||||
hash = "sha256-1LE3fpfX4NExJdUdSjt4BXvxQTLJ8zrRkGHkxo/6Pb8=";
|
hash = "sha256-1LE3fpfX4NExJdUdSjt4BXvxQTLJ8zrRkGHkxo/6Pb8=";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
postPatch = ''
|
||||||
|
sed -i '/argparse/d' pyproject.toml
|
||||||
|
'';
|
||||||
|
|
||||||
|
nativeBuildInputs = [
|
||||||
|
python3.pkgs.poetry-core
|
||||||
|
];
|
||||||
|
|
||||||
buildInputs = [
|
buildInputs = [
|
||||||
kubernetes-helm
|
kubernetes-helm
|
||||||
kind
|
kind
|
||||||
docker
|
docker
|
||||||
];
|
];
|
||||||
nativeBuildInputs = [
|
|
||||||
python3.pkgs.poetry-core
|
|
||||||
];
|
|
||||||
propagatedBuildInputs = with python3.pkgs; [
|
propagatedBuildInputs = with python3.pkgs; [
|
||||||
argparse
|
|
||||||
halo
|
halo
|
||||||
pyyaml
|
pyyaml
|
||||||
hiyapyco
|
hiyapyco
|
||||||
|
|
|
@ -26,8 +26,6 @@ python3.pkgs.buildPythonApplication rec {
|
||||||
pygls
|
pygls
|
||||||
];
|
];
|
||||||
|
|
||||||
SETUPTOOLS_SCM_PRETEND_VERSION = version;
|
|
||||||
|
|
||||||
passthru.updateScript = nix-update-script { };
|
passthru.updateScript = nix-update-script { };
|
||||||
|
|
||||||
meta = with lib; {
|
meta = with lib; {
|
||||||
|
|
|
@ -138,8 +138,6 @@ stdenv.mkDerivation (finalAttrs: {
|
||||||
"CFLAGS=-D_FILE_OFFSET_BITS=64"
|
"CFLAGS=-D_FILE_OFFSET_BITS=64"
|
||||||
"CXXFLAGS=-D_FILE_OFFSET_BITS=64"
|
"CXXFLAGS=-D_FILE_OFFSET_BITS=64"
|
||||||
]
|
]
|
||||||
# Workaround missing atomic ops with gcc <13
|
|
||||||
++ lib.optional stdenv.hostPlatform.isRiscV "LDFLAGS=-latomic"
|
|
||||||
++ [
|
++ [
|
||||||
"--"
|
"--"
|
||||||
# We should set the proper `CMAKE_SYSTEM_NAME`.
|
# We should set the proper `CMAKE_SYSTEM_NAME`.
|
||||||
|
|
|
@ -16,8 +16,12 @@ python3.pkgs.buildPythonApplication rec {
|
||||||
};
|
};
|
||||||
|
|
||||||
nativeBuildInputs = with python3.pkgs; [
|
nativeBuildInputs = with python3.pkgs; [
|
||||||
|
pythonRelaxDepsHook
|
||||||
setuptools
|
setuptools
|
||||||
wheel
|
];
|
||||||
|
|
||||||
|
pythonRelaxDeps = [
|
||||||
|
"aiohttp"
|
||||||
];
|
];
|
||||||
|
|
||||||
propagatedBuildInputs = with python3.pkgs; [
|
propagatedBuildInputs = with python3.pkgs; [
|
||||||
|
|
27
pkgs/by-name/me/meson/007-darwin-case-sensitivity.patch
Normal file
27
pkgs/by-name/me/meson/007-darwin-case-sensitivity.patch
Normal file
|
@ -0,0 +1,27 @@
|
||||||
|
From a908a574daf8bac10bb2a0ee3771052d2167a85f Mon Sep 17 00:00:00 2001
|
||||||
|
From: Randy Eckenrode <randy@largeandhighquality.com>
|
||||||
|
Date: Sun, 3 Dec 2023 15:41:20 -0500
|
||||||
|
Subject: [PATCH] Fix test failure on Darwin on a case-sensitive fs
|
||||||
|
|
||||||
|
This was encountered while looking into an issue with
|
||||||
|
https://github.com/NixOS/nixpkgs/pull/268583.
|
||||||
|
|
||||||
|
I run my Nix store on case-sensitive APFS, so the test fails due to
|
||||||
|
trying to link `-framework ldap` instead of `-framework LDAP`.
|
||||||
|
---
|
||||||
|
test cases/osx/5 extra frameworks/meson.build | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/test cases/osx/5 extra frameworks/meson.build b/test cases/osx/5 extra frameworks/meson.build
|
||||||
|
index f6c01e63a1bd..96532846c632 100644
|
||||||
|
--- a/test cases/osx/5 extra frameworks/meson.build
|
||||||
|
+++ b/test cases/osx/5 extra frameworks/meson.build
|
||||||
|
@@ -7,7 +7,7 @@ dep_main = dependency('Foundation')
|
||||||
|
assert(dep_main.type_name() == 'extraframeworks', 'type_name is ' + dep_main.type_name())
|
||||||
|
|
||||||
|
# https://github.com/mesonbuild/meson/issues/10002
|
||||||
|
-ldap_dep = dependency('ldap', method : 'extraframework')
|
||||||
|
+ldap_dep = dependency('LDAP', method : 'extraframework')
|
||||||
|
assert(ldap_dep.type_name() == 'extraframeworks', 'type_name is ' + ldap_dep.type_name())
|
||||||
|
|
||||||
|
stlib = static_library('stat', 'stat.c', install : true, dependencies: [opengl_dep, ldap_dep])
|
|
@ -1,11 +1,11 @@
|
||||||
{ lib
|
{ lib
|
||||||
, stdenv
|
, stdenv
|
||||||
, fetchFromGitHub
|
, fetchFromGitHub
|
||||||
, fetchpatch
|
|
||||||
, installShellFiles
|
, installShellFiles
|
||||||
, coreutils
|
, coreutils
|
||||||
, darwin
|
, darwin
|
||||||
, libxcrypt
|
, libxcrypt
|
||||||
|
, openldap
|
||||||
, ninja
|
, ninja
|
||||||
, pkg-config
|
, pkg-config
|
||||||
, python3
|
, python3
|
||||||
|
@ -14,17 +14,17 @@
|
||||||
}:
|
}:
|
||||||
|
|
||||||
let
|
let
|
||||||
inherit (darwin.apple_sdk.frameworks) AppKit Cocoa Foundation OpenGL;
|
inherit (darwin.apple_sdk.frameworks) AppKit Cocoa Foundation LDAP OpenGL;
|
||||||
in
|
in
|
||||||
python3.pkgs.buildPythonApplication rec {
|
python3.pkgs.buildPythonApplication rec {
|
||||||
pname = "meson";
|
pname = "meson";
|
||||||
version = "1.2.3";
|
version = "1.3.0";
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "mesonbuild";
|
owner = "mesonbuild";
|
||||||
repo = "meson";
|
repo = "meson";
|
||||||
rev = "refs/tags/${version}";
|
rev = "refs/tags/${version}";
|
||||||
hash = "sha256-dgYYz3tQDG6Z4eE77WO2dXdardxVzzGaFLQ5znPcTlw=";
|
hash = "sha256-Jt3PWnbv/8P6Rvf3E/Yli2vdtfgx3CmsW+jlc9CK5KA=";
|
||||||
};
|
};
|
||||||
|
|
||||||
patches = [
|
patches = [
|
||||||
|
@ -66,15 +66,8 @@ python3.pkgs.buildPythonApplication rec {
|
||||||
# Nixpkgs cctools does not have bitcode support.
|
# Nixpkgs cctools does not have bitcode support.
|
||||||
./006-disable-bitcode.patch
|
./006-disable-bitcode.patch
|
||||||
|
|
||||||
# Fix passing multiple --define-variable arguments to pkg-config.
|
# https://github.com/mesonbuild/meson/pull/12587
|
||||||
# https://github.com/mesonbuild/meson/pull/10670
|
./007-darwin-case-sensitivity.patch
|
||||||
(fetchpatch {
|
|
||||||
url = "https://github.com/mesonbuild/meson/commit/d5252c5d4cf1c1931fef0c1c98dd66c000891d21.patch";
|
|
||||||
hash = "sha256-GiUNVul1N5Fl8mfqM7vA/r1FdKqImiDYLXMVDt77gvw=";
|
|
||||||
excludes = [
|
|
||||||
"docs/yaml/objects/dep.yaml"
|
|
||||||
];
|
|
||||||
})
|
|
||||||
];
|
];
|
||||||
|
|
||||||
buildInputs = lib.optionals (python3.pythonOlder "3.9") [
|
buildInputs = lib.optionals (python3.pythonOlder "3.9") [
|
||||||
|
@ -95,7 +88,9 @@ python3.pkgs.buildPythonApplication rec {
|
||||||
AppKit
|
AppKit
|
||||||
Cocoa
|
Cocoa
|
||||||
Foundation
|
Foundation
|
||||||
|
LDAP
|
||||||
OpenGL
|
OpenGL
|
||||||
|
openldap
|
||||||
];
|
];
|
||||||
|
|
||||||
checkPhase = lib.concatStringsSep "\n" ([
|
checkPhase = lib.concatStringsSep "\n" ([
|
||||||
|
|
|
@ -85,6 +85,11 @@ stdenv.mkDerivation rec {
|
||||||
|
|
||||||
propagatedBuildInputs = [ mpi ];
|
propagatedBuildInputs = [ mpi ];
|
||||||
|
|
||||||
|
CXXFLAGS = [
|
||||||
|
# GCC 13: error: 'uintptr_t' in namespace 'std' does not name a type
|
||||||
|
"-include cstdint"
|
||||||
|
];
|
||||||
|
|
||||||
cmakeFlags = [
|
cmakeFlags = [
|
||||||
"-DUSE_SCALAPACK=ON"
|
"-DUSE_SCALAPACK=ON"
|
||||||
"-DBUILD_TESTING=ON"
|
"-DBUILD_TESTING=ON"
|
||||||
|
|
36
pkgs/by-name/uc/ucode/package.nix
Normal file
36
pkgs/by-name/uc/ucode/package.nix
Normal file
|
@ -0,0 +1,36 @@
|
||||||
|
{ lib
|
||||||
|
, stdenv
|
||||||
|
, fetchFromGitHub
|
||||||
|
, cmake
|
||||||
|
, pkg-config
|
||||||
|
, json_c
|
||||||
|
}:
|
||||||
|
|
||||||
|
stdenv.mkDerivation rec {
|
||||||
|
pname = "ucode";
|
||||||
|
version = "0.0.20231102";
|
||||||
|
|
||||||
|
src = fetchFromGitHub {
|
||||||
|
owner = "jow-";
|
||||||
|
repo = "ucode";
|
||||||
|
rev = "v${version}";
|
||||||
|
hash = "sha256-dJjlwuQLS73D6W/bmhWLPPaT7himQyO1RvD+MXVxBMw=";
|
||||||
|
};
|
||||||
|
|
||||||
|
buildInputs = [
|
||||||
|
json_c
|
||||||
|
];
|
||||||
|
|
||||||
|
nativeBuildInputs = [
|
||||||
|
cmake
|
||||||
|
pkg-config
|
||||||
|
];
|
||||||
|
|
||||||
|
meta = with lib; {
|
||||||
|
description = "JavaScript-like language with optional templating";
|
||||||
|
homepage = "https://github.com/jow-/ucode";
|
||||||
|
license = licenses.isc;
|
||||||
|
platforms = platforms.linux;
|
||||||
|
maintainers = with maintainers; [ mkg20001 ];
|
||||||
|
};
|
||||||
|
}
|
41
pkgs/by-name/ud/udebug/package.nix
Normal file
41
pkgs/by-name/ud/udebug/package.nix
Normal file
|
@ -0,0 +1,41 @@
|
||||||
|
{ lib
|
||||||
|
, stdenv
|
||||||
|
, cmake
|
||||||
|
, fetchgit
|
||||||
|
, pkg-config
|
||||||
|
, ubus
|
||||||
|
, libubox
|
||||||
|
, ucode
|
||||||
|
, json_c
|
||||||
|
}:
|
||||||
|
|
||||||
|
stdenv.mkDerivation {
|
||||||
|
pname = "udebug";
|
||||||
|
version = "unstable-2023-11-28";
|
||||||
|
|
||||||
|
src = fetchgit {
|
||||||
|
url = "https://git.openwrt.org/project/udebug.git";
|
||||||
|
rev = "d49aadabb7a147b99a3e6299a77d7fda4e266091";
|
||||||
|
hash = "sha256-5I50q+oUQ5f82ngKl7bX50J+3pBviNk3iVEChNjt5wY=";
|
||||||
|
};
|
||||||
|
|
||||||
|
buildInputs = [
|
||||||
|
ubus
|
||||||
|
libubox
|
||||||
|
ucode
|
||||||
|
json_c
|
||||||
|
];
|
||||||
|
|
||||||
|
nativeBuildInputs = [
|
||||||
|
cmake
|
||||||
|
pkg-config
|
||||||
|
];
|
||||||
|
|
||||||
|
meta = with lib; {
|
||||||
|
description = "OpenWrt debugging helper library/service";
|
||||||
|
homepage = "https://git.openwrt.org/?p=project/udebug.git;a=summary";
|
||||||
|
license = licenses.free;
|
||||||
|
platforms = platforms.linux;
|
||||||
|
maintainers = with maintainers; [ mkg20001 ];
|
||||||
|
};
|
||||||
|
}
|
|
@ -5,18 +5,17 @@
|
||||||
|
|
||||||
python3.pkgs.buildPythonApplication rec {
|
python3.pkgs.buildPythonApplication rec {
|
||||||
pname = "websecprobe";
|
pname = "websecprobe";
|
||||||
version = "0.0.10";
|
version = "0.0.11";
|
||||||
pyproject = true;
|
pyproject = true;
|
||||||
|
|
||||||
src = fetchPypi {
|
src = fetchPypi {
|
||||||
pname = "WebSecProbe";
|
pname = "WebSecProbe";
|
||||||
inherit version;
|
inherit version;
|
||||||
hash = "sha256-QvXOyQUptMyim/bgvhihjgGs7vX0qX8MqK2ol8q9ePc=";
|
hash = "sha256-OKbKz3HSTtwyx/JNUtLJBTaHQcxkUWroMg9/msVWgk4=";
|
||||||
};
|
};
|
||||||
|
|
||||||
nativeBuildInputs = with python3.pkgs; [
|
nativeBuildInputs = with python3.pkgs; [
|
||||||
setuptools
|
setuptools
|
||||||
wheel
|
|
||||||
];
|
];
|
||||||
|
|
||||||
propagatedBuildInputs = with python3.pkgs; [
|
propagatedBuildInputs = with python3.pkgs; [
|
||||||
|
|
|
@ -2,16 +2,16 @@
|
||||||
|
|
||||||
stdenv.mkDerivation rec {
|
stdenv.mkDerivation rec {
|
||||||
pname = "tzdata";
|
pname = "tzdata";
|
||||||
version = "2023c";
|
version = "2023d";
|
||||||
|
|
||||||
srcs = [
|
srcs = [
|
||||||
(fetchurl {
|
(fetchurl {
|
||||||
url = "https://data.iana.org/time-zones/releases/tzdata${version}.tar.gz";
|
url = "https://data.iana.org/time-zones/releases/tzdata${version}.tar.gz";
|
||||||
hash = "sha256-P1ELXRtK6bs45IWqMCp3azF/s2N722QExK33tsrdllw=";
|
hash = "sha256-28ohlwsKi4wM7O7B17kfqQO+D27KWucytTKWciMqCPM=";
|
||||||
})
|
})
|
||||||
(fetchurl {
|
(fetchurl {
|
||||||
url = "https://data.iana.org/time-zones/releases/tzcode${version}.tar.gz";
|
url = "https://data.iana.org/time-zones/releases/tzcode${version}.tar.gz";
|
||||||
hash = "sha256-RtF/K7Ga1zKQ8DogMAYVLg+g17EeW3FGfEqCOBGyFOc=";
|
hash = "sha256-6aX54RiIbS3pK2K7BVEKKMxsBY15HJO9a4TTKSw8Fh4=";
|
||||||
})
|
})
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
|
@ -9,7 +9,6 @@
|
||||||
, itstool
|
, itstool
|
||||||
, desktop-file-utils
|
, desktop-file-utils
|
||||||
, vala
|
, vala
|
||||||
, gobject-introspection
|
|
||||||
, libxml2
|
, libxml2
|
||||||
, gtk4
|
, gtk4
|
||||||
, glib
|
, glib
|
||||||
|
@ -43,7 +42,6 @@ stdenv.mkDerivation rec {
|
||||||
wrapGAppsHook4
|
wrapGAppsHook4
|
||||||
desktop-file-utils
|
desktop-file-utils
|
||||||
libxml2
|
libxml2
|
||||||
gobject-introspection # for finding vapi files
|
|
||||||
];
|
];
|
||||||
|
|
||||||
buildInputs = [
|
buildInputs = [
|
||||||
|
|
|
@ -57,10 +57,6 @@ stdenv.mkDerivation rec {
|
||||||
gnupg
|
gnupg
|
||||||
desktop-file-utils
|
desktop-file-utils
|
||||||
gcr
|
gcr
|
||||||
# error: Package `...' not found in specified Vala API directories or GObject-Introspection GIR directories
|
|
||||||
# TODO: the vala setuphook should look for vala filess in targetOffset instead of hostOffset
|
|
||||||
libhandy
|
|
||||||
libsecret
|
|
||||||
];
|
];
|
||||||
|
|
||||||
buildInputs = [
|
buildInputs = [
|
||||||
|
|
|
@ -36,10 +36,6 @@ stdenv.mkDerivation rec {
|
||||||
pkg-config
|
pkg-config
|
||||||
vala
|
vala
|
||||||
wrapGAppsHook4
|
wrapGAppsHook4
|
||||||
# Prevents “error: Package `libadwaita-1' not found in specified Vala API
|
|
||||||
# directories or GObject-Introspection GIR directories” with strictDeps,
|
|
||||||
# even though it should only be a runtime dependency.
|
|
||||||
libadwaita
|
|
||||||
];
|
];
|
||||||
|
|
||||||
buildInputs = [
|
buildInputs = [
|
||||||
|
|
|
@ -12,7 +12,6 @@
|
||||||
, glib
|
, glib
|
||||||
, gtksourceview5
|
, gtksourceview5
|
||||||
, wrapGAppsHook4
|
, wrapGAppsHook4
|
||||||
, gobject-introspection
|
|
||||||
, gnome
|
, gnome
|
||||||
, mpfr
|
, mpfr
|
||||||
, gmp
|
, gmp
|
||||||
|
@ -40,7 +39,6 @@ stdenv.mkDerivation rec {
|
||||||
gettext
|
gettext
|
||||||
itstool
|
itstool
|
||||||
wrapGAppsHook4
|
wrapGAppsHook4
|
||||||
gobject-introspection # for finding vapi files
|
|
||||||
];
|
];
|
||||||
|
|
||||||
buildInputs = [
|
buildInputs = [
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
{ lib, stdenv, fetchurl, meson, ninja, vala, gobject-introspection, pkg-config, gnome, gtk3, wrapGAppsHook
|
{ lib, stdenv, fetchurl, meson, ninja, vala, pkg-config, gnome, gtk3, wrapGAppsHook
|
||||||
, librsvg, gettext, itstool, python3, libxml2, libgnome-games-support, libgee, desktop-file-utils }:
|
, librsvg, gettext, itstool, python3, libxml2, libgnome-games-support, libgee, desktop-file-utils }:
|
||||||
|
|
||||||
stdenv.mkDerivation rec {
|
stdenv.mkDerivation rec {
|
||||||
|
@ -10,9 +10,8 @@ stdenv.mkDerivation rec {
|
||||||
sha256 = "NQLps/ccs7LnEcDmAZGH/rzCvKh349RW3KtwD3vjEnI=";
|
sha256 = "NQLps/ccs7LnEcDmAZGH/rzCvKh349RW3KtwD3vjEnI=";
|
||||||
};
|
};
|
||||||
|
|
||||||
# gobject-introspection for finding vapi files
|
|
||||||
nativeBuildInputs = [
|
nativeBuildInputs = [
|
||||||
meson ninja vala gobject-introspection pkg-config gettext itstool python3
|
meson ninja vala pkg-config gettext itstool python3
|
||||||
libxml2 wrapGAppsHook desktop-file-utils
|
libxml2 wrapGAppsHook desktop-file-utils
|
||||||
];
|
];
|
||||||
buildInputs = [ gtk3 librsvg gnome.adwaita-icon-theme libgnome-games-support libgee ];
|
buildInputs = [ gtk3 librsvg gnome.adwaita-icon-theme libgnome-games-support libgee ];
|
||||||
|
|
|
@ -13,13 +13,20 @@ stdenv.mkDerivation rec {
|
||||||
hash = "sha256-gMwbWiP+YDCVafQMBWhTuJGWmkYtnhEdn/oofKaUT08=";
|
hash = "sha256-gMwbWiP+YDCVafQMBWhTuJGWmkYtnhEdn/oofKaUT08=";
|
||||||
};
|
};
|
||||||
|
|
||||||
# Fix build with Node 20
|
|
||||||
# FIXME: remove for next release
|
# FIXME: remove for next release
|
||||||
patches = [
|
patches = [
|
||||||
(fetchpatch {
|
(fetchpatch {
|
||||||
|
name = "nodejs-20.patch";
|
||||||
url = "https://github.com/WebAssembly/binaryen/commit/889422e0c92552ff484659f9b41e777ba7ab35c1.patch";
|
url = "https://github.com/WebAssembly/binaryen/commit/889422e0c92552ff484659f9b41e777ba7ab35c1.patch";
|
||||||
hash = "sha256-acM8mytL9nhm4np9tpUbd1X0wJ7y308HV2fvgcAW1lY=";
|
hash = "sha256-acM8mytL9nhm4np9tpUbd1X0wJ7y308HV2fvgcAW1lY=";
|
||||||
})
|
})
|
||||||
|
|
||||||
|
# Fix fmin tests on gcc-13: https://github.com/WebAssembly/binaryen/pull/5994
|
||||||
|
(fetchpatch {
|
||||||
|
name = "gcc-13.patch";
|
||||||
|
url = "https://github.com/WebAssembly/binaryen/commit/1e17dfb695a19d5d41f1f88411fbcbc5f2408c8f.patch";
|
||||||
|
hash = "sha256-5JZh15CXkg5XdTG8eRJXPwO+zmymYeFjKbHutRPTmlU=";
|
||||||
|
})
|
||||||
];
|
];
|
||||||
|
|
||||||
nativeBuildInputs = [ cmake python3 ];
|
nativeBuildInputs = [ cmake python3 ];
|
||||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user