colin/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge master into staging-next

Browse Source
This commit is contained in:
github-actions[bot] 2023-10-27 00:02:24 +00:00 committed by GitHub
commit f0ebfe8b52
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
34 changed files with 2606 additions and 4745 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
maintainers/maintainer-list.nix
View File

@ -13639,6 +13639,7 @@
pbsds = {
name = "Peder Bergebakken Sundt";
email = "pbsds@hotmail.com";
matrix = "@pederbs:pvv.ntnu.no";
github = "pbsds";
githubId = 140964;
};

2
nixos/doc/manual/release-notes/rl-2311.section.md
View File

@ -125,6 +125,8 @@
- [Rosenpass](https://rosenpass.eu/), a service for post-quantum-secure VPNs with WireGuard. Available as [services.rosenpass](#opt-services.rosenpass.enable).
- [c2FmZQ](https://github.com/c2FmZQ/c2FmZQ/), an application that can securely encrypt, store, and share files, including but not limited to pictures and videos. Available as [services.c2fmzq-server](#opt-services.c2fmzq-server.enable).
## Backward Incompatibilities {#sec-release-23.11-incompatibilities}
- `network-online.target` has been fixed to no longer time out for systems with `networking.useDHCP = true` and `networking.useNetworkd = true`.

15
nixos/modules/config/iproute2.nix
View File

@ -18,15 +18,10 @@ in
};
config = mkIf cfg.enable {
environment.etc."iproute2/bpf_pinning" = { mode = "0644"; text = fileContents "${pkgs.iproute2}/etc/iproute2/bpf_pinning"; };
environment.etc."iproute2/ematch_map" = { mode = "0644"; text = fileContents "${pkgs.iproute2}/etc/iproute2/ematch_map"; };
environment.etc."iproute2/group" = { mode = "0644"; text = fileContents "${pkgs.iproute2}/etc/iproute2/group"; };
environment.etc."iproute2/nl_protos" = { mode = "0644"; text = fileContents "${pkgs.iproute2}/etc/iproute2/nl_protos"; };
environment.etc."iproute2/rt_dsfield" = { mode = "0644"; text = fileContents "${pkgs.iproute2}/etc/iproute2/rt_dsfield"; };
environment.etc."iproute2/rt_protos" = { mode = "0644"; text = fileContents "${pkgs.iproute2}/etc/iproute2/rt_protos"; };
environment.etc."iproute2/rt_realms" = { mode = "0644"; text = fileContents "${pkgs.iproute2}/etc/iproute2/rt_realms"; };
environment.etc."iproute2/rt_scopes" = { mode = "0644"; text = fileContents "${pkgs.iproute2}/etc/iproute2/rt_scopes"; };
environment.etc."iproute2/rt_tables" = { mode = "0644"; text = (fileContents "${pkgs.iproute2}/etc/iproute2/rt_tables")
+ (optionalString (cfg.rttablesExtraConfig != "") "\n\n${cfg.rttablesExtraConfig}"); };
environment.etc."iproute2/rt_tables" = {
mode = "0644";
text = (fileContents "${pkgs.iproute2}/lib/iproute2/rt_tables")
+ (optionalString (cfg.rttablesExtraConfig != "") "\n\n${cfg.rttablesExtraConfig}");
};
};
}

1
nixos/modules/module-list.nix
View File

@ -1232,6 +1232,7 @@
./services/web-apps/atlassian/jira.nix
./services/web-apps/audiobookshelf.nix
./services/web-apps/bookstack.nix
./services/web-apps/c2fmzq-server.nix
./services/web-apps/calibre-web.nix
./services/web-apps/coder.nix
./services/web-apps/changedetection-io.nix

42
nixos/modules/services/web-apps/c2fmzq-server.md Normal file
View File

@ -0,0 +1,42 @@
# c2FmZQ {#module-services-c2fmzq}
c2FmZQ is an application that can securely encrypt, store, and share files,
including but not limited to pictures and videos.
The service `c2fmzq-server` can be enabled by setting
```
{
services.c2fmzq-server.enable = true;
}
```
This will spin up an instance of the server which is API-compatible with
[Stingle Photos](https://stingle.org) and an experimental Progressive Web App
(PWA) to interact with the storage via the browser.
In principle the server can be exposed directly on a public interface and there
are command line options to manage HTTPS certificates directly, but the module
is designed to be served behind a reverse proxy or only accessed via localhost.
```
{
services.c2fmzq-server = {
enable = true;
bindIP = "127.0.0.1"; # default
port = 8080; # default
};
services.nginx = {
enable = true;
recommendedProxySettings = true;
virtualHosts."example.com" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:8080";
};
};
};
}
```
For more information, see <https://github.com/c2FmZQ/c2FmZQ/>.

125
nixos/modules/services/web-apps/c2fmzq-server.nix Normal file
View File

@ -0,0 +1,125 @@
{ lib, pkgs, config, ... }:
let
inherit (lib) mkEnableOption mkPackageOption mkOption types;
cfg = config.services.c2fmzq-server;
argsFormat = {
type = with lib.types; nullOr (oneOf [ bool int str ]);
generate = lib.cli.toGNUCommandLineShell { };
};
in {
options.services.c2fmzq-server = {
enable = mkEnableOption "c2fmzq-server";
bindIP = mkOption {
type = types.str;
default = "127.0.0.1";
description = "The local address to use.";
};
port = mkOption {
type = types.port;
default = 8080;
description = "The local port to use.";
};
passphraseFile = mkOption {
type = types.str;
example = "/run/secrets/c2fmzq/pwfile";
description = "Path to file containing the database passphrase";
};
package = mkPackageOption pkgs "c2fmzq" { };
settings = mkOption {
type = types.submodule {
freeformType = argsFormat.type;
options = {
address = mkOption {
internal = true;
type = types.str;
default = "${cfg.bindIP}:${toString cfg.port}";
};
database = mkOption {
type = types.str;
default = "%S/c2fmzq-server/data";
description = "Path of the database";
};
verbose = mkOption {
type = types.ints.between 1 3;
default = 2;
description = "The level of logging verbosity: 1:Error 2:Info 3:Debug";
};
};
};
description = ''
Configuration for c2FmZQ-server passed as CLI arguments.
Run {command}`c2FmZQ-server help` for supported values.
'';
example = {
verbose = 3;
allow-new-accounts = true;
auto-approve-new-accounts = true;
encrypt-metadata = true;
enable-webapp = true;
};
};
};
config = lib.mkIf cfg.enable {
systemd.services.c2fmzq-server = {
description = "c2FmZQ-server";
documentation = [ "https://github.com/c2FmZQ/c2FmZQ/blob/main/README.md" ];
wantedBy = [ "multi-user.target" ];
after = [ "network.target" "network-online.target" ];
serviceConfig = {
ExecStart = "${lib.getExe cfg.package} ${argsFormat.generate cfg.settings}";
AmbientCapabilities = "";
CapabilityBoundingSet = "";
DynamicUser = true;
Environment = "C2FMZQ_PASSPHRASE_FILE=%d/passphrase-file";
IPAccounting = true;
IPAddressAllow = cfg.bindIP;
IPAddressDeny = "any";
LoadCredential = "passphrase-file:${cfg.passphraseFile}";
LockPersonality = true;
MemoryDenyWriteExecute = true;
NoNewPrivileges = true;
PrivateDevices = true;
PrivateIPC = true;
PrivateTmp = true;
PrivateUsers = true;
ProtectClock = true;
ProtectControlGroups = true;
ProtectHome = true;
ProtectHostname = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
ProtectProc = "invisible";
ProtectSystem = "strict";
RemoveIPC = true;
RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ];
RestrictNamespaces = true;
RestrictRealtime = true;
RestrictSUIDSGID = true;
SocketBindAllow = cfg.port;
SocketBindDeny = "any";
StateDirectory = "c2fmzq-server";
SystemCallArchitectures = "native";
SystemCallFilter = [ "@system-service" "~@privileged @obsolete" ];
};
};
};
meta = {
doc = ./c2fmzq-server.md;
maintainers = with lib.maintainers; [ hmenke ];
};
}

16
nixos/modules/services/web-apps/snipe-it.nix
View File

@ -18,15 +18,19 @@ let
inherit (snipe-it.passthru) phpPackage;
# shell script for local administration
artisan = pkgs.writeScriptBin "snipe-it" ''
artisan = (pkgs.writeScriptBin "snipe-it" ''
#! ${pkgs.runtimeShell}
cd ${snipe-it}
cd "${snipe-it}/share/php/snipe-it"
sudo=exec
if [[ "$USER" != ${user} ]]; then
sudo='exec /run/wrappers/bin/sudo -u ${user}'
fi
$sudo ${phpPackage}/bin/php artisan $*
'';
'').overrideAttrs (old: {
meta = old.meta // {
mainProgram = "snipe-it";
};
});
in {
options.services.snipe-it = {
@ -357,7 +361,7 @@ in {
services.nginx = {
enable = mkDefault true;
virtualHosts."${cfg.hostName}" = mkMerge [ cfg.nginx {
root = mkForce "${snipe-it}/public";
root = mkForce "${snipe-it}/share/php/snipe-it/public";
extraConfig = optionalString (cfg.nginx.addSSL || cfg.nginx.forceSSL || cfg.nginx.onlySSL || cfg.nginx.enableACME) "fastcgi_param HTTPS on;";
locations = {
"/" = {
@ -394,7 +398,7 @@ in {
RuntimeDirectory = "snipe-it/cache";
RuntimeDirectoryMode = "0700";
};
path = [ pkgs.replace-secret ];
path = [ pkgs.replace-secret artisan ];
script =
let
isSecret = v: isAttrs v && v ? _secret && (isString v._secret || builtins.isPath v._secret);
@ -451,7 +455,7 @@ in {
rm "${cfg.dataDir}"/bootstrap/cache/*.php || true
# migrate db
${phpPackage}/bin/php artisan migrate --force
${lib.getExe artisan} migrate --force
# A placeholder file for invalid barcodes
invalid_barcode_location="${cfg.dataDir}/public/uploads/barcodes/invalid_barcode.gif"

1
nixos/release-combined.nix
View File

@ -97,6 +97,7 @@ in rec {
(onSystems ["x86_64-linux"] "nixos.tests.installer.simpleUefiSystemdBoot")
(onSystems ["x86_64-linux"] "nixos.tests.installer.simple")
(onSystems ["x86_64-linux"] "nixos.tests.installer.swraid")
(onSystems ["x86_64-linux"] "nixos.tests.installer.zfsroot")
(onSystems ["x86_64-linux"] "nixos.tests.nixos-rebuild-specialisations")
(onFullSupported "nixos.tests.ipv6")
(onFullSupported "nixos.tests.keymap.azerty")

1
nixos/tests/all-tests.nix
View File

@ -153,6 +153,7 @@ in {
budgie = handleTest ./budgie.nix {};
buildbot = handleTest ./buildbot.nix {};
buildkite-agents = handleTest ./buildkite-agents.nix {};
c2fmzq = handleTest ./c2fmzq.nix {};
caddy = handleTest ./caddy.nix {};
cadvisor = handleTestOn ["x86_64-linux"] ./cadvisor.nix {};
cage = handleTest ./cage.nix {};

75
nixos/tests/c2fmzq.nix Normal file
View File

@ -0,0 +1,75 @@
import ./make-test-python.nix ({ pkgs, lib, ... }: {
name = "c2FmZQ";
meta.maintainers = with lib.maintainers; [ hmenke ];
nodes.machine = {
services.c2fmzq-server = {
enable = true;
port = 8080;
passphraseFile = builtins.toFile "pwfile" "hunter2"; # don't do this on real deployments
settings = {
verbose = 3; # debug
};
};
environment = {
sessionVariables = {
C2FMZQ_PASSPHRASE = "lol";
C2FMZQ_API_SERVER = "http://localhost:8080";
};
systemPackages = [
pkgs.c2fmzq
(pkgs.writeScriptBin "c2FmZQ-client-wrapper" ''
#!${pkgs.expect}/bin/expect -f
spawn c2FmZQ-client {*}$argv
expect {
"Enter password:" { send "$env(PASSWORD)\r" }
"Type YES to confirm:" { send "YES\r" }
timeout { exit 1 }
eof { exit 0 }
}
interact
'')
];
};
};
testScript = { nodes, ... }: ''
machine.start()
machine.wait_for_unit("c2fmzq-server.service")
machine.wait_for_open_port(8080)
with subtest("Create accounts for alice and bob"):
machine.succeed("PASSWORD=foobar c2FmZQ-client-wrapper -- -v 3 create-account alice@example.com")
machine.succeed("PASSWORD=fizzbuzz c2FmZQ-client-wrapper -- -v 3 create-account bob@example.com")
with subtest("Log in as alice"):
machine.succeed("PASSWORD=foobar c2FmZQ-client-wrapper -- -v 3 login alice@example.com")
msg = machine.succeed("c2FmZQ-client -v 3 status")
assert "Logged in as alice@example.com" in msg, f"ERROR: Not logged in as alice:\n{msg}"
with subtest("Create a new album, upload a file, and delete the uploaded file"):
machine.succeed("c2FmZQ-client -v 3 create-album 'Rarest Memes'")
machine.succeed("echo 'pls do not steal' > meme.txt")
machine.succeed("c2FmZQ-client -v 3 import meme.txt 'Rarest Memes'")
machine.succeed("c2FmZQ-client -v 3 sync")
machine.succeed("rm meme.txt")
with subtest("Share the album with bob"):
machine.succeed("c2FmZQ-client-wrapper -- -v 3 share 'Rarest Memes' bob@example.com")
with subtest("Log in as bob"):
machine.succeed("PASSWORD=fizzbuzz c2FmZQ-client-wrapper -- -v 3 login bob@example.com")
msg = machine.succeed("c2FmZQ-client -v 3 status")
assert "Logged in as bob@example.com" in msg, f"ERROR: Not logged in as bob:\n{msg}"
with subtest("Download the shared file"):
machine.succeed("c2FmZQ-client -v 3 download 'shared/Rarest Memes/meme.txt'")
machine.succeed("c2FmZQ-client -v 3 export 'shared/Rarest Memes/meme.txt' .")
msg = machine.succeed("cat meme.txt")
assert "pls do not steal\n" == msg, f"File content is not the same:\n{msg}"
with subtest("Test that PWA is served"):
msg = machine.succeed("curl -sSfL http://localhost:8080")
assert "c2FmZQ" in msg, f"Could not find 'c2FmZQ' in the output:\n{msg}"
'';
})

4505
pkgs/applications/blockchains/lighthouse/Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

33
pkgs/applications/blockchains/lighthouse/default.nix
View File

@ -23,7 +23,7 @@
rustPlatform.buildRustPackage rec {
pname = "lighthouse";
version = "4.1.0";
version = "4.5.0";
# lighthouse/common/deposit_contract/build.rs
depositContractSpecVersion = "0.12.1";
@ -33,7 +33,7 @@ rustPlatform.buildRustPackage rec {
owner = "sigp";
repo = "lighthouse";
rev = "v${version}";
hash = "sha256-QVAFzV9sao8+eegI7bLfm+pPHyvDFhnADS80+nqqgtE=";
hash = "sha256-UUOvTxOQXT1zfhDYEL/J6moHAyejZn7GyGS/XBmXxRQ=";
};
patches = [
@ -47,15 +47,15 @@ rustPlatform.buildRustPackage rec {
cargoLock = {
lockFile = ./Cargo.lock;
outputHashes = {
"amcl-0.3.0" = "sha256-Mj4dXTlGVSleFfuTKgVDQ7S3jANMsdtVE5L90WGxA4U=";
"arbitrary-1.3.0" = "sha256-BMxcBfxBRf+Kb0Tz55jtFbwokSeD2GPtB+KV8Wbne0g=";
"beacon-api-client-0.1.0" = "sha256-fI8qST6HZrchg7yr/nVtRNrsW3f5ONSX+mGRYW+iiqA=";
"ethereum-consensus-0.1.1" = "sha256-aBrZ786Me0BWpnncxQc5MT3r+O0yLQhqGKFBiNTdqSA=";
"amcl-0.3.0" = "sha256-kc8k/ls4W0TwFBsRcyyotyz8ZBEjsZXHeJnJtsnW/LM=";
"anvil-rpc-0.1.0" = "sha256-L38OioxnWEn94g3GJT4j3U1cJZ8jQDHp8d1QOHaVEuU=";
"beacon-api-client-0.1.0" = "sha256-Z0CoPxZzl2bjb8vgmHWxq2orMawhMMs7beKGopilKjE=";
"ethereum-consensus-0.1.1" = "sha256-biTrw3yMJUo9+56QK5RGWXLCoPPZEWp18SCs+Y9QWg4=";
"libmdbx-0.1.4" = "sha256-NMsR/Wl1JIj+YFPyeMMkrJFfoS07iEAKEQawO89a+/Q=";
"lmdb-rkv-0.14.0" = "sha256-sxmguwqqcyOlfXOZogVz1OLxfJPo+Q0+UjkROkbbOCk=";
"mev-rs-0.2.1" = "sha256-n3ns1oynw5fKQtp/CQHER41+C1EmLCVEBqggkHc3or4=";
"ssz-rs-0.8.0" = "sha256-k1JLu+jZrSqUyHou76gbJeA5CDWwdL0fPkek3Vzl4Gs=";
"warp-0.3.2" = "sha256-m9lkEgeSs0yEc+6N6DG7IfQY/evkUMoNyst2hMUR//c=";
"mev-rs-0.3.0" = "sha256-LCO0GTvWTLcbPt7qaSlLwlKmAjt3CIHVYTT/JRXpMEo=";
"testcontainers-0.14.0" = "sha256-mSsp21G7MLEtFROWy88Et5s07PO0tjezovCGIMh+/oQ=";
"warp-0.3.5" = "sha256-d5e6ASdL7+Dl3KsTNOb9B5RHpStrupOKsbGWsdu9Jfk=";
};
};
@ -103,8 +103,8 @@ rustPlatform.buildRustPackage rec {
cargoTestFlags = [
"--workspace"
"--exclude beacon_node"
"--exclude http_api"
"--exclude beacon_chain"
"--exclude http_api"
"--exclude lighthouse"
"--exclude lighthouse_network"
"--exclude slashing_protection"
@ -114,10 +114,21 @@ rustPlatform.buildRustPackage rec {
# All of these tests require network access
checkFlags = [
"--skip basic"
"--skip deposit_tree::cache_consistency"
"--skip deposit_tree::double_update"
"--skip deposit_tree::updating"
"--skip eth1_cache::big_skip"
"--skip eth1_cache::double_update"
"--skip eth1_cache::pruning"
"--skip eth1_cache::simple_scenario"
"--skip fast::deposit_cache_query"
"--skip http::incrementing_deposits"
"--skip persist::test_persist_caches"
"--skip service::tests::tests::test_dht_persistence"
"--skip time::test::test_reinsertion_updates_timeout"
] ++ lib.optionals (stdenv.isAarch64 && stdenv.isDarwin) [
"--skip subnet_service::tests::attestation_service::test_subscribe_same_subnet_several_slots_apart"
"--skip subnet_service::tests::sync_committee_service::same_subscription_with_lower_until_epoch"
"--skip subnet_service::tests::sync_committee_service::subscribe_and_unsubscribe"
];

39
pkgs/applications/blockchains/lighthouse/use-system-sqlite.patch
View File

@ -1,26 +1,13 @@
diff --git a/consensus/types/Cargo.toml b/consensus/types/Cargo.toml
index 46b88af66..c8c909234 100644
--- a/consensus/types/Cargo.toml
+++ b/consensus/types/Cargo.toml
@@ -37,7 +37,7 @@ cached_tree_hash = { path = "../cached_tree_hash" }
serde_yaml = "0.8.13"
tempfile = "3.1.0"
derivative = "2.1.1"
-rusqlite = { version = "0.28.0", features = ["bundled"], optional = true }
+rusqlite = { version = "0.28.0", optional = true }
# The arbitrary dependency is enabled by default since Capella to avoid complexity introduced by
# `AbstractExecPayload`
arbitrary = { version = "1.0", features = ["derive"] }
diff --git a/validator_client/slashing_protection/Cargo.toml b/validator_client/slashing_protection/Cargo.toml
index 631e54dc4..dec95156b 100644
--- a/validator_client/slashing_protection/Cargo.toml
+++ b/validator_client/slashing_protection/Cargo.toml
@@ -12,7 +12,7 @@ path = "tests/main.rs"
[dependencies]
tempfile = "3.1.0"
types = { path = "../../consensus/types" }
-rusqlite = { version = "0.28.0", features = ["bundled"] }
+rusqlite = { version = "0.28.0" }
r2d2 = "0.8.9"
r2d2_sqlite = "0.21.0"
serde = "1.0.116"
diff --git a/Cargo.toml b/Cargo.toml
index 62c0e7bd2..a089e3c5b 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -138,7 +138,7 @@ rayon = "1.7"
regex = "1"
reqwest = { version = "0.11", default-features = false, features = ["blocking", "json", "stream", "rustls-tls"] }
ring = "0.16"
-rusqlite = { version = "0.28", features = ["bundled"] }
+rusqlite = { version = "0.28" }
serde = { version = "1", features = ["derive"] }
serde_json = "1"
serde_repr = "0.1"

6
pkgs/applications/networking/browsers/tor-browser/default.nix
View File

@ -86,7 +86,7 @@ lib.warnIf (useHardenedMalloc != null)
ffmpeg
];
version = "13.0";
version = "13.0.1";
sources = {
x86_64-linux = fetchurl {
@ -96,7 +96,7 @@ lib.warnIf (useHardenedMalloc != null)
"https://tor.eff.org/dist/torbrowser/${version}/tor-browser-linux-x86_64-${version}.tar.xz"
"https://tor.calyxinstitute.org/dist/torbrowser/${version}/tor-browser-linux-x86_64-${version}.tar.xz"
];
hash = "sha256-zdmPbmJo5FDoOjob+9TDCvCgKgLHvLi3bOMhcZg8DVM=";
hash = "sha256-ORa973US2VY9Can4Nr35YSpZrYGqBP4I/S/ulsbRJLc=";
};
i686-linux = fetchurl {
@ -106,7 +106,7 @@ lib.warnIf (useHardenedMalloc != null)
"https://tor.eff.org/dist/torbrowser/${version}/tor-browser-linux-i686-${version}.tar.xz"
"https://tor.calyxinstitute.org/dist/torbrowser/${version}/tor-browser-linux-i686-${version}.tar.xz"
];
hash = "sha256-Hlvx2C4DF/wcHo9ES+g9UUgNFGDokW5OAX3FeOvR+fY=";
hash = "sha256-OBUleXLTNFG+aFuftnphgBtQCfyoIWDcoVFs5elJ0tA=";
};
};

36
pkgs/by-name/c2/c2fmzq/package.nix Normal file
View File

@ -0,0 +1,36 @@
{ lib
, buildGoModule
, fetchFromGitHub
, nixosTests
}:
buildGoModule rec {
pname = "c2FmZQ";
version = "0.4.8";
src = fetchFromGitHub {
owner = "c2FmZQ";
repo = "c2FmZQ";
rev = "v${version}";
hash = "sha256-IYSmGzjTDMBgEMVZsi6CuUz6L7BzpmbrJYVPUhFr7rw=";
};
ldflags = [ "-s" "-w" ];
sourceRoot = "source/c2FmZQ";
vendorHash = "sha256-Hz6P+ptn1i+8Ek3pp8j+iB8NN5Xks50jyZuT8Ullxbo=";
subPackages = [ "c2FmZQ-client" "c2FmZQ-server" ];
passthru.tests = { inherit (nixosTests) c2fmzq; };
meta = with lib; {
description = "Securely encrypt, store, and share files, including but not limited to pictures and videos";
homepage = "https://github.com/c2FmZQ/c2FmZQ";
license = licenses.gpl3Only;
mainProgram = "c2FmZQ-server";
maintainers = with maintainers; [ hmenke ];
platforms = platforms.linux;
};
}

31
pkgs/by-name/pr/prox/package.nix Normal file
View File

@ -0,0 +1,31 @@
{ buildGoModule
, fetchFromGitHub
, lib
}:
buildGoModule rec {
pname = "prox";
# While upstream did release a v1.0.0, v0.5.2 is actually newer: https://github.com/fgrosse/prox/releases/tag/v0.5.2
version = "0.5.2";
src = fetchFromGitHub {
owner = "fgrosse";
repo = pname;
rev = "v${version}";
sha256 = "sha256-mqx8ICne0NnyW0N1Jeu+PJXWDBr12OASLxlePI6v6Bc=";
};
vendorHash = "sha256-4gZfEbyAzAzxtOR6FhP7eUSdln+fANn87+duCq1aq5A=";
postPatch = ''
substituteInPlace cmd/prox/version.go \
--replace '0.0.0-unknown' '${version}'
'';
meta = with lib; {
homepage = "https://github.com/fgrosse/prox";
description = "A process runner for Procfile-based applications ";
license = licenses.bsd2;
maintainers = with maintainers; [ lucperkins ];
};
}

4
pkgs/desktops/pantheon/third-party/pantheon-tweaks/default.nix vendored
View File

@ -14,13 +14,13 @@
stdenv.mkDerivation rec {
pname = "pantheon-tweaks";
version = "1.1.0";
version = "1.1.1";
src = fetchFromGitHub {
owner = "pantheon-tweaks";
repo = pname;
rev = version;
sha256 = "sha256-wj9bvcES8JAgDtW0Damfd8VQNLK+SCFTDVWp/nYGcgI=";
sha256 = "sha256-KYnrQnh/Zz3EjMAqasdk2CZMXzw15txKtPm/K5+FzhI=";
};
patches = [

66
pkgs/development/libraries/wolfssl/default.nix
View File

@ -5,37 +5,63 @@
, autoreconfHook
, util-linux
, openssl
# The primary --enable-XXX variant. 'all' enables most features, but causes build-errors for some software,
# requiring to build a special variant for that software. Example: 'haproxy'
, variant ? "all"
, extraConfigureFlags ? []
, enableLto ? !(stdenv.isDarwin || stdenv.hostPlatform.isStatic || stdenv.cc.isClang)
}:
stdenv.mkDerivation rec {
pname = "wolfssl";
stdenv.mkDerivation (finalAttrs: {
pname = "wolfssl-${variant}";
version = "5.6.3";
src = fetchFromGitHub {
owner = "wolfSSL";
repo = "wolfssl";
rev = "refs/tags/v${version}-stable";
rev = "refs/tags/v${finalAttrs.version}-stable";
hash = "sha256-UN4zs+Rxh/bsLD1BQA+f1YN/UOJ6OB2HduhoetEp10Y=";
};
postPatch = ''
patchShebangs ./scripts
# ocsp tests require network access
sed -i -e '/ocsp\.test/d' -e '/ocsp-stapling\.test/d' scripts/include.am
# ocsp stapling tests require network access, so skip them
sed -i -e'2s/.*/exit 77/' scripts/ocsp-stapling.test
# ensure test detects musl-based systems too
substituteInPlace scripts/ocsp-stapling2.test \
--replace '"linux-gnu"' '"linux-"'
'';
# Almost same as Debian but for now using --enable-all --enable-reproducible-build instead of --enable-distro to ensure options.h gets installed
configureFlags = [
"--enable-all"
"--enable-base64encode"
"--enable-${variant}"
"--enable-reproducible-build"
] ++ lib.optionals (variant == "all") [
# Extra feature flags to add while building the 'all' variant.
# Since they conflict while building other variants, only specify them for this one.
"--enable-pkcs11"
"--enable-writedup"
"--enable-reproducible-build"
"--enable-tls13"
];
"--enable-base64encode"
] ++ [
# We're not on tiny embedded machines.
# Increase TLS session cache from 33 sessions to 20k.
"--enable-bigcache"
# Use WolfSSL's Single Precision Math with timing-resistant cryptography.
"--enable-sp=yes${lib.optionalString (!stdenv.isx86_32) ",asm"}"
"--enable-sp-math-all"
"--enable-harden"
] ++ lib.optionals (stdenv.hostPlatform.isx86_64) [
# Enable AVX/AVX2/AES-NI instructions, gated by runtime detection via CPUID.
"--enable-intelasm"
"--enable-aesni"
] ++ lib.optionals (stdenv.isAarch64 && stdenv.isDarwin) [
# No runtime detection under ARM and no platform function checks like for X86.
# However, all ARM macOS systems have the supported extensions autodetected in the configure script.
"--enable-armasm=inline"
] ++ extraConfigureFlags;
# LTO should help with the C implementations.
env.NIX_CFLAGS_COMPILE = lib.optionalString enableLto "-flto";
env.NIX_LDFLAGS_COMPILE = lib.optionalString enableLto "-flto";
outputs = [
"dev"
@ -60,19 +86,19 @@ stdenv.mkDerivation rec {
];
postInstall = ''
# fix recursive cycle:
# wolfssl-config points to dev, dev propagates bin
moveToOutput bin/wolfssl-config "$dev"
# moveToOutput also removes "$out" so recreate it
mkdir -p "$out"
# fix recursive cycle:
# wolfssl-config points to dev, dev propagates bin
moveToOutput bin/wolfssl-config "$dev"
# moveToOutput also removes "$out" so recreate it
mkdir -p "$out"
'';
meta = with lib; {
description = "A small, fast, portable implementation of TLS/SSL for embedded devices";
homepage = "https://www.wolfssl.com/";
changelog = "https://github.com/wolfSSL/wolfssl/releases/tag/v${version}-stable";
changelog = "https://github.com/wolfSSL/wolfssl/releases/tag/v${finalAttrs.version}-stable";
platforms = platforms.all;
license = licenses.gpl2Plus;
maintainers = with maintainers; [ fab ];
maintainers = with maintainers; [ fab vifino ];
};
}
})

89
pkgs/development/python-modules/compressai/default.nix Normal file
View File

@ -0,0 +1,89 @@
{ lib
, buildPythonPackage
, pythonOlder
, fetchFromGitHub
, pybind11
, setuptools
, wheel
, numpy
, matplotlib
, pytorch-msssim
, scipy
, torch
, torchvision
, ipywidgets
, jupyter
, plotly
, pytestCheckHook
}:
buildPythonPackage rec {
pname = "compressai";
version = "1.2.4";
pyproject = true;
disabled = pythonOlder "3.6";
src = fetchFromGitHub {
owner = "InterDigitalInc";
repo = "CompressAI";
rev = "refs/tags/v${version}";
hash = "sha256-nT2vd7t67agIWobJalORbRuns0UJGRGGbTX2/8vbTiY=";
fetchSubmodules = true;
};
nativeBuildInputs = [
pybind11
setuptools
wheel
];
propagatedBuildInputs = [
numpy
matplotlib
pytorch-msssim
scipy
torch
torchvision
];
passthru.optional-dependencies = {
tutorials = [
ipywidgets
jupyter
];
};
pythonImportsCheck = [
"compressai"
"compressai._CXX"
];
preCheck = ''
# We have to delete the source because otherwise it is used intead the installed package.
rm -rf compressai
export HOME=$(mktemp -d)
'';
nativeCheckInputs = [
plotly
pytestCheckHook
];
disabledTests = [
# Those tests require internet access to download some weights
"test_image_codec"
"test_update"
"test_eval_model_pretrained"
"test_cheng2020_anchor"
"test_pretrained"
];
meta = with lib; {
description = "A PyTorch library and evaluation platform for end-to-end compression research";
homepage = "https://github.com/InterDigitalInc/CompressAI";
license = licenses.bsd3Clear;
maintainers = with maintainers; [ GaetanLepage ];
};
}

6
pkgs/development/python-modules/jedi-language-server/default.nix
View File

@ -16,7 +16,7 @@
buildPythonPackage rec {
pname = "jedi-language-server";
version = "0.41.0";
version = "0.41.1-unstable-2023-10-04";
format = "pyproject";
disabled = pythonOlder "3.8";
@ -24,8 +24,8 @@ buildPythonPackage rec {
src = fetchFromGitHub {
owner = "pappasam";
repo = pname;
rev = "refs/tags/v${version}";
hash = "sha256-1ujEhoxWcCM1g640aLE60YGiNQLB+G7t7oLVZXW8AMM=";
rev = "c4c470cff67e54593a626b22d1b6b05e56fde3a3";
hash = "sha256-qFBni97B/GkabbznnZtWTG4dCHFkOx5UQjuevxq+Uvo=";
};
pythonRelaxDeps = [

8
pkgs/development/python-modules/pydantic-scim/default.nix
View File

@ -2,22 +2,24 @@
, buildPythonPackage
, fetchFromGitHub
, pydantic
, setuptools
, setuptools-scm
}:
buildPythonPackage rec {
pname = "pydantic-scim";
version = "0.0.7";
format = "setuptools";
version = "0.0.8";
pyproject = true;
src = fetchFromGitHub {
owner = "chalk-ai";
repo = "pydantic-scim";
rev = "refs/tags/v${version}";
hash = "sha256-F+uj7kSz6iSb0Vg00VfJ5GcxghooNDKa75S/ZgU7WgI=";
hash = "sha256-Hbc94v/+slXRGDKKbMui8WPwn28/1XcKvHkbLebWtj0=";
};
nativeBuildInputs = [
setuptools
setuptools-scm
];

15
pkgs/development/python-modules/pygls/default.nix
View File

@ -3,19 +3,17 @@
, buildPythonPackage
, pythonOlder
, fetchFromGitHub
, setuptools-scm
, lsprotocol
, toml
, typeguard
, mock
, poetry-core
, pytest-asyncio
, pytestCheckHook
}:
buildPythonPackage rec {
pname = "pygls";
version = "1.0.2";
format = "setuptools";
version = "1.1.1";
format = "pyproject";
disabled = pythonOlder "3.7";
@ -23,13 +21,11 @@ buildPythonPackage rec {
owner = "openlawlibrary";
repo = "pygls";
rev = "refs/tags/v${version}";
hash = "sha256-z673NRlnudFyDjKoM+xCbMRTFwh+tjUf4BaNtjwvKx8=";
hash = "sha256-FOuBS/UJpkYbuIu193vkSpN/77gf+UWiS5f/t8BpAk4=";
};
SETUPTOOLS_SCM_PRETEND_VERSION = version;
nativeBuildInputs = [
setuptools-scm
toml
poetry-core
];
propagatedBuildInputs = [
@ -38,7 +34,6 @@ buildPythonPackage rec {
];
nativeCheckInputs = [
mock
pytest-asyncio
pytestCheckHook
];

41
pkgs/development/python-modules/pytorch-msssim/default.nix Normal file
View File

@ -0,0 +1,41 @@
{ lib
, buildPythonPackage
, fetchFromGitHub
, setuptools
, wheel
, torch
}:
buildPythonPackage rec {
pname = "pytorch-msssim";
version = "1.0.0";
pyproject = true;
src = fetchFromGitHub {
owner = "VainF";
repo = "pytorch-msssim";
rev = "refs/tags/v${version}";
hash = "sha256-bghglwQhgByC7BqbDvImSvt6edKF55NLYEPjqmmSFH8=";
};
nativeBuildInputs = [
setuptools
wheel
];
propagatedBuildInputs = [
torch
];
pythonImportsCheck = [ "pytorch_msssim" ];
# This test doesn't have (automatic) tests
doCheck = false;
meta = with lib; {
description = "Fast and differentiable MS-SSIM and SSIM for pytorch";
homepage = "https://github.com/VainF/pytorch-msssim";
license = licenses.mit;
maintainers = with maintainers; [ GaetanLepage ];
};
}

21
pkgs/development/tools/cue/default.nix
View File

@ -1,4 +1,11 @@
{ buildGoModule, fetchFromGitHub, lib, installShellFiles, testers, cue }:
{ buildGoModule
, fetchFromGitHub
, fetchpatch
, lib
, installShellFiles
, testers
, cue
}:
buildGoModule rec {
pname = "cue";
@ -11,13 +18,21 @@ buildGoModule rec {
hash = "sha256-1svWb83xbVZIlI9pviCYfQ6Kkp0QRjZwrauL7PPJLts=";
};
vendorHash = "sha256-ku4tPTXdnKau0kqnAAEHDdSF4oAC/6SDkTq8cECOiEk=";
patches = [
# Fix tests with go1.21. See https://github.com/cue-lang/cue/issues/2548.
(fetchpatch {
url = "https://github.com/cue-lang/cue/commit/3bf3dbd655284d3628399a83a703f4849b5f9374.patch";
hash = "sha256-9Zi2mrqB1JTFvadiqWTgzzi1pffZ3gOmTtrDDQWye1Q=";
})
];
postPatch = ''
# Disable script tests
rm -f cmd/cue/cmd/script_test.go
'';
vendorHash = "sha256-ku4tPTXdnKau0kqnAAEHDdSF4oAC/6SDkTq8cECOiEk=";
excludedPackages = [ "internal/ci/updatetxtar" "internal/cmd/embedpkg" "internal/cmd/qgo" "pkg/gen" ];
nativeBuildInputs = [ installShellFiles ];

6
pkgs/development/tools/database/sqlc/default.nix
View File

@ -1,7 +1,7 @@
{ lib, buildGoModule, fetchFromGitHub }:
let
version = "1.22.0";
version = "1.23.0";
in
buildGoModule {
pname = "sqlc";
@ -11,11 +11,11 @@ buildGoModule {
owner = "sqlc-dev";
repo = "sqlc";
rev = "v${version}";
hash = "sha256-aSu+d3ti/PpR5oQwciq1Cz+vxDPunGsVaUg/o/rfmsY=";
hash = "sha256-MM4O/njW4R1darZMtoevuLMt14/BrCAaFvSX06CTso8=";
};
proxyVendor = true;
vendorHash = "sha256-sjGswoIUM+UL6qJORdB3UmPh7T6JmTBI5kksgGcRtY0=";
vendorHash = "sha256-tJ+Bih+vwkYfEvIsJ6R2Z0eDS9m1eTOS68uyad0F6f0=";
subPackages = [ "cmd/sqlc" ];

4
pkgs/development/tools/language-servers/ruff-lsp/default.nix
View File

@ -16,7 +16,7 @@
buildPythonPackage rec {
pname = "ruff-lsp";
version = "0.0.40";
version = "0.0.42";
pyproject = true;
disabled = pythonOlder "3.7";
@ -24,7 +24,7 @@ buildPythonPackage rec {
owner = "astral-sh";
repo = "ruff-lsp";
rev = "v${version}";
hash = "sha256-CQ4SDIGhUTn7fdvoGag+XM7HcY+qJyp9McyzpoTQ0tM=";
hash = "sha256-Dn/xPjYCyJYlDNMUfl61L/tWq5mRJ8WD0G5qZH9OepY=";
};
postPatch = ''

23
pkgs/development/tools/misc/cmake-language-server/default.nix
View File

@ -4,32 +4,33 @@
, cmake-format
, pygls
, cmake
, pdm-pep517
, pdm-backend
, pytest-datadir
, pytestCheckHook
, pythonOlder
}:
buildPythonApplication rec {
pname = "cmake-language-server";
version = "0.1.7";
version = "0.1.8";
format = "pyproject";
disabled = pythonOlder "3.7";
src = fetchFromGitHub {
owner = "regen100";
repo = "cmake-language-server";
rev = "refs/tags/v${version}";
hash = "sha256-ExEAi47hxxEJeoT3FCwpRwJrf3URnI47/5FDL7fS5sY=";
hash = "sha256-7AlF+FqhZR+6lLsR1dxAGHd/GU+mB3ojYLDXVm7Il4M=";
};
PDM_PEP517_SCM_VERSION = version;
patches = [
# Test timeouts occasionally cause the build to fail
./disable-test-timeouts.patch
];
nativeBuildInputs = [
pdm-pep517
pdm-backend
];
propagatedBuildInputs = [
@ -44,6 +45,16 @@ buildPythonApplication rec {
pytestCheckHook
];
# version.py generated by pdm, no idea why it's not present in test phase
# https://github.com/regen100/cmake-language-server/blob/68bbc8187b6110a75f498647af7c44df790ffa87/pyproject.toml#L35-L36
preCheck = ''
echo "__version__ = \"$PDM_BUILD_SCM_VERSION\"" > cmake_language_server/version.py
'';
postCheck = ''
rm cmake_language_server/version.py
'';
dontUseCmakeConfigure = true;
pythonImportsCheck = [

244
pkgs/servers/web-apps/snipe-it/composer-env.nix
View File

@ -1,244 +0,0 @@
# This file originates from composer2nix
{ stdenv, lib, writeTextFile, fetchurl, php, unzip, phpPackages }:
let
inherit (phpPackages) composer;
filterSrc = src:
builtins.filterSource (path: type: type != "directory" || (baseNameOf path != ".git" && baseNameOf path != ".git" && baseNameOf path != ".svn")) src;
buildZipPackage = { name, src }:
stdenv.mkDerivation {
inherit name src;
nativeBuildInputs = [ unzip ];
buildCommand = ''
shopt -s dotglob
unzip $src
baseDir=$(find . -type d -mindepth 1 -maxdepth 1)
cd $baseDir
mkdir -p $out
mv * $out
'';
};
buildPackage =
{ name
, src
, packages ? {}
, devPackages ? {}
, buildInputs ? []
, symlinkDependencies ? false
, executable ? false
, removeComposerArtifacts ? false
, postInstall ? ""
, noDev ? false
, composerExtraArgs ? ""
, unpackPhase ? "true"
, buildPhase ? "true"
, ...}@args:
let
reconstructInstalled = writeTextFile {
name = "reconstructinstalled.php";
executable = true;
text = ''
#! ${php}/bin/php
<?php
if(file_exists($argv[1]))
{
$composerLockStr = file_get_contents($argv[1]);
if($composerLockStr === false)
{
fwrite(STDERR, "Cannot open composer.lock contents\n");
exit(1);
}
else
{
$config = json_decode($composerLockStr, true);
if(array_key_exists("packages", $config))
$allPackages = $config["packages"];
else
$allPackages = array();
${lib.optionalString (!noDev) ''
if(array_key_exists("packages-dev", $config))
$allPackages = array_merge($allPackages, $config["packages-dev"]);
''}
$packagesStr = json_encode($allPackages, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES);
print($packagesStr);
}
}
else
print("[]");
?>
'';
};
constructBin = writeTextFile {
name = "constructbin.php";
executable = true;
text = ''
#! ${php}/bin/php
<?php
$composerJSONStr = file_get_contents($argv[1]);
if($composerJSONStr === false)
{
fwrite(STDERR, "Cannot open composer.json contents\n");
exit(1);
}
else
{
$config = json_decode($composerJSONStr, true);
if(array_key_exists("bin-dir", $config))
$binDir = $config["bin-dir"];
else
$binDir = "bin";
if(array_key_exists("bin", $config))
{
if(!file_exists("vendor/".$binDir))
mkdir("vendor/".$binDir);
foreach($config["bin"] as $bin)
symlink("../../".$bin, "vendor/".$binDir."/".basename($bin));
}
}
?>
'';
};
bundleDependencies = dependencies:
lib.concatMapStrings (dependencyName:
let
dependency = dependencies.${dependencyName};
in
''
${if dependency.targetDir == "" then ''
vendorDir="$(dirname ${dependencyName})"
mkdir -p "$vendorDir"
${if symlinkDependencies then
''ln -s "${dependency.src}" "$vendorDir/$(basename "${dependencyName}")"''
else
''cp -av "${dependency.src}" "$vendorDir/$(basename "${dependencyName}")"''
}
'' else ''
namespaceDir="${dependencyName}/$(dirname "${dependency.targetDir}")"
mkdir -p "$namespaceDir"
${if symlinkDependencies then
''ln -s "${dependency.src}" "$namespaceDir/$(basename "${dependency.targetDir}")"''
else
''cp -av "${dependency.src}" "$namespaceDir/$(basename "${dependency.targetDir}")"''
}
''}
'') (builtins.attrNames dependencies);
extraArgs = removeAttrs args [ "packages" "devPackages" "buildInputs" ];
in
stdenv.mkDerivation ({
buildInputs = [ php composer ] ++ buildInputs;
inherit unpackPhase buildPhase;
installPhase = ''
${if executable then ''
mkdir -p $out/share/php
cp -av $src $out/share/php/$name
chmod -R u+w $out/share/php/$name
cd $out/share/php/$name
'' else ''
cp -av $src $out
chmod -R u+w $out
cd $out
''}
# Remove unwanted files
rm -f *.nix
export HOME=$TMPDIR
# Remove the provided vendor folder if it exists
rm -Rf vendor
# If there is no composer.lock file, compose a dummy file.
# Otherwise, composer attempts to download the package.json file from
# the registry which we do not want.
if [ ! -f composer.lock ]
then
cat > composer.lock <<EOF
{
"packages": []
}
EOF
fi
# Reconstruct the installed.json file from the lock file
mkdir -p vendor/composer
${php}/bin/php ${reconstructInstalled} composer.lock > vendor/composer/installed.json
# Copy or symlink the provided dependencies
cd vendor
${bundleDependencies packages}
${lib.optionalString (!noDev) (bundleDependencies devPackages)}
cd ..
# Reconstruct autoload scripts
# We use the optimize feature because Nix packages cannot change after they have been built
# Using the dynamic loader for a Nix package is useless since there is nothing to dynamically reload.
composer dump-autoload --optimize ${lib.optionalString noDev "--no-dev"} ${composerExtraArgs}
# Run the install step as a validation to confirm that everything works out as expected
composer install --optimize-autoloader ${lib.optionalString noDev "--no-dev"} ${composerExtraArgs}
${lib.optionalString executable ''
# Reconstruct the bin/ folder if we deploy an executable project
${php}/bin/php ${constructBin} composer.json
ln -s $(pwd)/vendor/bin $out/bin
''}
${lib.optionalString (!symlinkDependencies) ''
# Patch the shebangs if possible
if [ -d $(pwd)/vendor/bin ]
then
# Look for all executables in bin/
for i in $(pwd)/vendor/bin/*
do
# Look for their location
realFile=$(readlink -f "$i")
# Restore write permissions
chmod u+wx "$(dirname "$realFile")"
chmod u+w "$realFile"
# Patch shebang
sed -e "s|#!/usr/bin/php|#!${php}/bin/php|" \
-e "s|#!/usr/bin/env php|#!${php}/bin/php|" \
"$realFile" > tmp
mv tmp "$realFile"
chmod u+x "$realFile"
done
fi
''}
if [ "$removeComposerArtifacts" = "1" ]
then
# Remove composer stuff
rm -f composer.json composer.lock
fi
# Execute post install hook
runHook postInstall
'';
} // extraArgs);
in
{
inherit filterSrc;
composer = lib.makeOverridable composer;
buildZipPackage = lib.makeOverridable buildZipPackage;
buildPackage = lib.makeOverridable buildPackage;
}

15
pkgs/servers/web-apps/snipe-it/composition.nix
View File

@ -1,15 +0,0 @@
{pkgs ? import <nixpkgs> {
inherit system;
}, system ? builtins.currentSystem, noDev ? false, php ? pkgs.php, phpPackages ? pkgs.phpPackages}:
let
composerEnv = import ./composer-env.nix {
inherit (pkgs) stdenv lib writeTextFile fetchurl unzip;
inherit php phpPackages;
};
in
import ./php-packages.nix {
inherit composerEnv noDev;
inherit (pkgs) fetchurl fetchgit fetchhg fetchsvn;
}

68
pkgs/servers/web-apps/snipe-it/default.nix
View File

@ -1,52 +1,48 @@
{ lib
, pkgs
, stdenv
, fetchFromGitHub
, dataDir ? "/var/lib/snipe-it"
, fetchFromGitHub
, mariadb
, nixosTests
, php
, phpPackages
}:
let
package = (import ./composition.nix {
inherit pkgs php phpPackages;
inherit (stdenv.hostPlatform) system;
noDev = true; # Disable development dependencies
}).overrideAttrs (attrs : {
installPhase = attrs.installPhase + ''
# Before symlinking the following directories, copy the invalid_barcode.gif
# to a different location. The `snipe-it-setup` oneshot service will then
# copy the file back during bootstrap.
mkdir -p $out/share/snipe-it
cp $out/public/uploads/barcodes/invalid_barcode.gif $out/share/snipe-it/
rm -R $out/storage $out/public/uploads $out/bootstrap/cache
ln -s ${dataDir}/.env $out/.env
ln -s ${dataDir}/storage $out/
ln -s ${dataDir}/public/uploads $out/public/uploads
ln -s ${dataDir}/bootstrap/cache $out/bootstrap/cache
chmod +x $out/artisan
substituteInPlace config/database.php --replace "env('DB_DUMP_PATH', '/usr/local/bin')" "env('DB_DUMP_PATH', '${mariadb}/bin')"
'';
});
in package.override rec {
php.buildComposerProject (finalAttrs: {
pname = "snipe-it";
version = "6.2.2";
src = fetchFromGitHub {
owner = "snipe";
repo = pname;
rev = "v${version}";
sha256 = "11i9ijkl7am5k48y7r5k6nki2827cd7mw3dr1xj8dvb8diwaskqi";
repo = "snipe-it";
rev = "v${finalAttrs.version}";
hash = "sha256-EU+teGxo7YZkD7kNXk9jRyARpzWz5OMRmaWqQ6eMKYY=";
};
passthru.tests = nixosTests.snipe-it;
passthru.phpPackage = php;
vendorHash = "sha256-JcBcrETbjGJFlG1dH/XXqmb9MlKr0ICdnEx7/61Z5io=";
postInstall = ''
snipe_it_out="$out/share/php/snipe-it"
# Before symlinking the following directories, copy the invalid_barcode.gif
# to a different location. The `snipe-it-setup` oneshot service will then
# copy the file back during bootstrap.
mkdir -p $out/share/snipe-it
cp $snipe_it_out/public/uploads/barcodes/invalid_barcode.gif $out/share/snipe-it/
rm -R $snipe_it_out/storage $snipe_it_out/public/uploads $snipe_it_out/bootstrap/cache
ln -s ${dataDir}/.env $snipe_it_out/.env
ln -s ${dataDir}/storage $snipe_it_out/
ln -s ${dataDir}/public/uploads $snipe_it_out/public/uploads
ln -s ${dataDir}/bootstrap/cache $snipe_it_out/bootstrap/cache
chmod +x $snipe_it_out/artisan
substituteInPlace $snipe_it_out/config/database.php --replace "env('DB_DUMP_PATH', '/usr/local/bin')" "env('DB_DUMP_PATH', '${mariadb}/bin')"
'';
passthru = {
tests = nixosTests.snipe-it;
phpPackage = php;
};
meta = with lib; {
description = "A free open source IT asset/license management system";
@ -62,4 +58,4 @@ in package.override rec {
maintainers = with maintainers; [ yayayayaka ];
platforms = platforms.linux;
};
}
})

1708
pkgs/servers/web-apps/snipe-it/php-packages.nix
View File

File diff suppressed because it is too large Load Diff

99
pkgs/servers/web-apps/snipe-it/update.sh
View File

@ -1,99 +0,0 @@
#!/usr/bin/env nix-shell
#! nix-shell -I nixpkgs=../../../.. -i bash -p nix curl jq nix-update
# shellcheck shell=bash
cd "$(dirname "$0")"
usage () {
cat <<EOF
# Snipe-IT Updater
A small script to update Snipe-IT to the latest release
Usage: $(basename "$0") [options]
-h, --help Display this message and quit
-c, --commit Create a commit after updating
-n, --no-build Just update, don't build the package
This script needs composer2nix in your PATH.
https://github.com/svanderburg/composer2nix
EOF
}
# Parse command line arguments
while [ $# -ge 1 ]; do
case "$1" in
-h|--help)
usage
exit 0
;;
-c|--commit)
COMMIT_CHANGES=true
;;
-d|--dont-build)
DONT_BUILD=true
;;
*)
;;
esac
shift
done
# check if composer2nix is installed
if ! command -v composer2nix &> /dev/null; then
echo "Please install composer2nix (https://github.com/svanderburg/composer2nix) to run this script."
exit 1
fi
CURRENT_VERSION=$(nix eval -f ../../../.. --raw snipe-it.version)
TARGET_VERSION_REMOTE=$(curl ${GITHUB_TOKEN:+" -u \":$GITHUB_TOKEN\""} https://api.github.com/repos/snipe/snipe-it/releases/latest | jq -r ".tag_name")
TARGET_VERSION=${TARGET_VERSION_REMOTE:1}
SNIPE_IT=https://github.com/snipe/snipe-it/raw/$TARGET_VERSION_REMOTE
SHA256=$(nix-prefetch-url --unpack "https://github.com/snipe/snipe-it/archive/v$TARGET_VERSION/snipe-it.tar.gz")
if [[ "$CURRENT_VERSION" == "$TARGET_VERSION" ]]; then
echo "snipe-it is up-to-date: ${CURRENT_VERSION}"
exit 0
fi
curl -LO "$SNIPE_IT/composer.json"
curl -LO "$SNIPE_IT/composer.lock"
composer2nix --name "snipe-it" \
--composition=composition.nix \
--no-dev
rm composer.json composer.lock
# change version number
sed -e "s/version =.*;/version = \"$TARGET_VERSION\";/g" \
-e "s/sha256 =.*;/sha256 = \"$SHA256\";/g" \
-i ./default.nix
# fix composer-env.nix
sed -e "s/stdenv\.lib/lib/g" \
-e '3s/stdenv, writeTextFile/stdenv, lib, writeTextFile/' \
-i ./composer-env.nix
# fix composition.nix
sed -e '7s/stdenv writeTextFile/stdenv lib writeTextFile/' \
-i composition.nix
# fix missing newline
echo "" >> composition.nix
echo "" >> php-packages.nix
if [ -z ${DONT_BUILD+x} ]; then
(
cd ../../../..
nix-build -A snipe-it
)
fi
if [ -n "$COMMIT_CHANGES" ]; then
git add .
git commit -m "snipe-it: $CURRENT_VERSION -> $TARGET_VERSION
https://github.com/snipe/snipe-it/releases/tag/v$TARGET_VERSION"
fi
exit $?

1
pkgs/top-level/all-packages.nix
View File

@ -27347,7 +27347,6 @@ with pkgs;
snipe-it = callPackage ../servers/web-apps/snipe-it {
php = php81;
phpPackages = php81Packages;
};
sogo = callPackage ../servers/web-apps/sogo { };

4
pkgs/top-level/python-packages.nix
View File

@ -2242,6 +2242,8 @@ self: super: with self; {
compreffor = callPackage ../development/python-modules/compreffor { };
compressai = callPackage ../development/python-modules/compressai { };
concurrent-log-handler = callPackage ../development/python-modules/concurrent-log-handler { };
conda = callPackage ../development/python-modules/conda { };
@ -11642,6 +11644,8 @@ self: super: with self; {
pytorch-metric-learning = callPackage ../development/python-modules/pytorch-metric-learning { };
pytorch-msssim = callPackage ../development/python-modules/pytorch-msssim { };
pytorch-pfn-extras = callPackage ../development/python-modules/pytorch-pfn-extras { };
pytraccar = callPackage ../development/python-modules/pytraccar { };