Merge master into staging-next
This commit is contained in:
commit
f0ebfe8b52
@ -13639,6 +13639,7 @@
|
||||
pbsds = {
|
||||
name = "Peder Bergebakken Sundt";
|
||||
email = "pbsds@hotmail.com";
|
||||
matrix = "@pederbs:pvv.ntnu.no";
|
||||
github = "pbsds";
|
||||
githubId = 140964;
|
||||
};
|
||||
|
@ -125,6 +125,8 @@
|
||||
|
||||
- [Rosenpass](https://rosenpass.eu/), a service for post-quantum-secure VPNs with WireGuard. Available as [services.rosenpass](#opt-services.rosenpass.enable).
|
||||
|
||||
- [c2FmZQ](https://github.com/c2FmZQ/c2FmZQ/), an application that can securely encrypt, store, and share files, including but not limited to pictures and videos. Available as [services.c2fmzq-server](#opt-services.c2fmzq-server.enable).
|
||||
|
||||
## Backward Incompatibilities {#sec-release-23.11-incompatibilities}
|
||||
|
||||
- `network-online.target` has been fixed to no longer time out for systems with `networking.useDHCP = true` and `networking.useNetworkd = true`.
|
||||
|
@ -18,15 +18,10 @@ in
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
environment.etc."iproute2/bpf_pinning" = { mode = "0644"; text = fileContents "${pkgs.iproute2}/etc/iproute2/bpf_pinning"; };
|
||||
environment.etc."iproute2/ematch_map" = { mode = "0644"; text = fileContents "${pkgs.iproute2}/etc/iproute2/ematch_map"; };
|
||||
environment.etc."iproute2/group" = { mode = "0644"; text = fileContents "${pkgs.iproute2}/etc/iproute2/group"; };
|
||||
environment.etc."iproute2/nl_protos" = { mode = "0644"; text = fileContents "${pkgs.iproute2}/etc/iproute2/nl_protos"; };
|
||||
environment.etc."iproute2/rt_dsfield" = { mode = "0644"; text = fileContents "${pkgs.iproute2}/etc/iproute2/rt_dsfield"; };
|
||||
environment.etc."iproute2/rt_protos" = { mode = "0644"; text = fileContents "${pkgs.iproute2}/etc/iproute2/rt_protos"; };
|
||||
environment.etc."iproute2/rt_realms" = { mode = "0644"; text = fileContents "${pkgs.iproute2}/etc/iproute2/rt_realms"; };
|
||||
environment.etc."iproute2/rt_scopes" = { mode = "0644"; text = fileContents "${pkgs.iproute2}/etc/iproute2/rt_scopes"; };
|
||||
environment.etc."iproute2/rt_tables" = { mode = "0644"; text = (fileContents "${pkgs.iproute2}/etc/iproute2/rt_tables")
|
||||
+ (optionalString (cfg.rttablesExtraConfig != "") "\n\n${cfg.rttablesExtraConfig}"); };
|
||||
environment.etc."iproute2/rt_tables" = {
|
||||
mode = "0644";
|
||||
text = (fileContents "${pkgs.iproute2}/lib/iproute2/rt_tables")
|
||||
+ (optionalString (cfg.rttablesExtraConfig != "") "\n\n${cfg.rttablesExtraConfig}");
|
||||
};
|
||||
};
|
||||
}
|
||||
|
@ -1232,6 +1232,7 @@
|
||||
./services/web-apps/atlassian/jira.nix
|
||||
./services/web-apps/audiobookshelf.nix
|
||||
./services/web-apps/bookstack.nix
|
||||
./services/web-apps/c2fmzq-server.nix
|
||||
./services/web-apps/calibre-web.nix
|
||||
./services/web-apps/coder.nix
|
||||
./services/web-apps/changedetection-io.nix
|
||||
|
42
nixos/modules/services/web-apps/c2fmzq-server.md
Normal file
42
nixos/modules/services/web-apps/c2fmzq-server.md
Normal file
@ -0,0 +1,42 @@
|
||||
# c2FmZQ {#module-services-c2fmzq}
|
||||
|
||||
c2FmZQ is an application that can securely encrypt, store, and share files,
|
||||
including but not limited to pictures and videos.
|
||||
|
||||
The service `c2fmzq-server` can be enabled by setting
|
||||
```
|
||||
{
|
||||
services.c2fmzq-server.enable = true;
|
||||
}
|
||||
```
|
||||
This will spin up an instance of the server which is API-compatible with
|
||||
[Stingle Photos](https://stingle.org) and an experimental Progressive Web App
|
||||
(PWA) to interact with the storage via the browser.
|
||||
|
||||
In principle the server can be exposed directly on a public interface and there
|
||||
are command line options to manage HTTPS certificates directly, but the module
|
||||
is designed to be served behind a reverse proxy or only accessed via localhost.
|
||||
|
||||
```
|
||||
{
|
||||
services.c2fmzq-server = {
|
||||
enable = true;
|
||||
bindIP = "127.0.0.1"; # default
|
||||
port = 8080; # default
|
||||
};
|
||||
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
recommendedProxySettings = true;
|
||||
virtualHosts."example.com" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://127.0.0.1:8080";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
```
|
||||
|
||||
For more information, see <https://github.com/c2FmZQ/c2FmZQ/>.
|
125
nixos/modules/services/web-apps/c2fmzq-server.nix
Normal file
125
nixos/modules/services/web-apps/c2fmzq-server.nix
Normal file
@ -0,0 +1,125 @@
|
||||
{ lib, pkgs, config, ... }:
|
||||
|
||||
let
|
||||
inherit (lib) mkEnableOption mkPackageOption mkOption types;
|
||||
|
||||
cfg = config.services.c2fmzq-server;
|
||||
|
||||
argsFormat = {
|
||||
type = with lib.types; nullOr (oneOf [ bool int str ]);
|
||||
generate = lib.cli.toGNUCommandLineShell { };
|
||||
};
|
||||
in {
|
||||
options.services.c2fmzq-server = {
|
||||
enable = mkEnableOption "c2fmzq-server";
|
||||
|
||||
bindIP = mkOption {
|
||||
type = types.str;
|
||||
default = "127.0.0.1";
|
||||
description = "The local address to use.";
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
default = 8080;
|
||||
description = "The local port to use.";
|
||||
};
|
||||
|
||||
passphraseFile = mkOption {
|
||||
type = types.str;
|
||||
example = "/run/secrets/c2fmzq/pwfile";
|
||||
description = "Path to file containing the database passphrase";
|
||||
};
|
||||
|
||||
package = mkPackageOption pkgs "c2fmzq" { };
|
||||
|
||||
settings = mkOption {
|
||||
type = types.submodule {
|
||||
freeformType = argsFormat.type;
|
||||
|
||||
options = {
|
||||
address = mkOption {
|
||||
internal = true;
|
||||
type = types.str;
|
||||
default = "${cfg.bindIP}:${toString cfg.port}";
|
||||
};
|
||||
|
||||
database = mkOption {
|
||||
type = types.str;
|
||||
default = "%S/c2fmzq-server/data";
|
||||
description = "Path of the database";
|
||||
};
|
||||
|
||||
verbose = mkOption {
|
||||
type = types.ints.between 1 3;
|
||||
default = 2;
|
||||
description = "The level of logging verbosity: 1:Error 2:Info 3:Debug";
|
||||
};
|
||||
};
|
||||
};
|
||||
description = ''
|
||||
Configuration for c2FmZQ-server passed as CLI arguments.
|
||||
Run {command}`c2FmZQ-server help` for supported values.
|
||||
'';
|
||||
example = {
|
||||
verbose = 3;
|
||||
allow-new-accounts = true;
|
||||
auto-approve-new-accounts = true;
|
||||
encrypt-metadata = true;
|
||||
enable-webapp = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
systemd.services.c2fmzq-server = {
|
||||
description = "c2FmZQ-server";
|
||||
documentation = [ "https://github.com/c2FmZQ/c2FmZQ/blob/main/README.md" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network.target" "network-online.target" ];
|
||||
|
||||
serviceConfig = {
|
||||
ExecStart = "${lib.getExe cfg.package} ${argsFormat.generate cfg.settings}";
|
||||
AmbientCapabilities = "";
|
||||
CapabilityBoundingSet = "";
|
||||
DynamicUser = true;
|
||||
Environment = "C2FMZQ_PASSPHRASE_FILE=%d/passphrase-file";
|
||||
IPAccounting = true;
|
||||
IPAddressAllow = cfg.bindIP;
|
||||
IPAddressDeny = "any";
|
||||
LoadCredential = "passphrase-file:${cfg.passphraseFile}";
|
||||
LockPersonality = true;
|
||||
MemoryDenyWriteExecute = true;
|
||||
NoNewPrivileges = true;
|
||||
PrivateDevices = true;
|
||||
PrivateIPC = true;
|
||||
PrivateTmp = true;
|
||||
PrivateUsers = true;
|
||||
ProtectClock = true;
|
||||
ProtectControlGroups = true;
|
||||
ProtectHome = true;
|
||||
ProtectHostname = true;
|
||||
ProtectKernelLogs = true;
|
||||
ProtectKernelModules = true;
|
||||
ProtectKernelTunables = true;
|
||||
ProtectProc = "invisible";
|
||||
ProtectSystem = "strict";
|
||||
RemoveIPC = true;
|
||||
RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ];
|
||||
RestrictNamespaces = true;
|
||||
RestrictRealtime = true;
|
||||
RestrictSUIDSGID = true;
|
||||
SocketBindAllow = cfg.port;
|
||||
SocketBindDeny = "any";
|
||||
StateDirectory = "c2fmzq-server";
|
||||
SystemCallArchitectures = "native";
|
||||
SystemCallFilter = [ "@system-service" "~@privileged @obsolete" ];
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
meta = {
|
||||
doc = ./c2fmzq-server.md;
|
||||
maintainers = with lib.maintainers; [ hmenke ];
|
||||
};
|
||||
}
|
@ -18,15 +18,19 @@ let
|
||||
inherit (snipe-it.passthru) phpPackage;
|
||||
|
||||
# shell script for local administration
|
||||
artisan = pkgs.writeScriptBin "snipe-it" ''
|
||||
artisan = (pkgs.writeScriptBin "snipe-it" ''
|
||||
#! ${pkgs.runtimeShell}
|
||||
cd ${snipe-it}
|
||||
cd "${snipe-it}/share/php/snipe-it"
|
||||
sudo=exec
|
||||
if [[ "$USER" != ${user} ]]; then
|
||||
sudo='exec /run/wrappers/bin/sudo -u ${user}'
|
||||
fi
|
||||
$sudo ${phpPackage}/bin/php artisan $*
|
||||
'';
|
||||
'').overrideAttrs (old: {
|
||||
meta = old.meta // {
|
||||
mainProgram = "snipe-it";
|
||||
};
|
||||
});
|
||||
in {
|
||||
options.services.snipe-it = {
|
||||
|
||||
@ -357,7 +361,7 @@ in {
|
||||
services.nginx = {
|
||||
enable = mkDefault true;
|
||||
virtualHosts."${cfg.hostName}" = mkMerge [ cfg.nginx {
|
||||
root = mkForce "${snipe-it}/public";
|
||||
root = mkForce "${snipe-it}/share/php/snipe-it/public";
|
||||
extraConfig = optionalString (cfg.nginx.addSSL || cfg.nginx.forceSSL || cfg.nginx.onlySSL || cfg.nginx.enableACME) "fastcgi_param HTTPS on;";
|
||||
locations = {
|
||||
"/" = {
|
||||
@ -394,7 +398,7 @@ in {
|
||||
RuntimeDirectory = "snipe-it/cache";
|
||||
RuntimeDirectoryMode = "0700";
|
||||
};
|
||||
path = [ pkgs.replace-secret ];
|
||||
path = [ pkgs.replace-secret artisan ];
|
||||
script =
|
||||
let
|
||||
isSecret = v: isAttrs v && v ? _secret && (isString v._secret || builtins.isPath v._secret);
|
||||
@ -451,7 +455,7 @@ in {
|
||||
rm "${cfg.dataDir}"/bootstrap/cache/*.php || true
|
||||
|
||||
# migrate db
|
||||
${phpPackage}/bin/php artisan migrate --force
|
||||
${lib.getExe artisan} migrate --force
|
||||
|
||||
# A placeholder file for invalid barcodes
|
||||
invalid_barcode_location="${cfg.dataDir}/public/uploads/barcodes/invalid_barcode.gif"
|
||||
|
@ -97,6 +97,7 @@ in rec {
|
||||
(onSystems ["x86_64-linux"] "nixos.tests.installer.simpleUefiSystemdBoot")
|
||||
(onSystems ["x86_64-linux"] "nixos.tests.installer.simple")
|
||||
(onSystems ["x86_64-linux"] "nixos.tests.installer.swraid")
|
||||
(onSystems ["x86_64-linux"] "nixos.tests.installer.zfsroot")
|
||||
(onSystems ["x86_64-linux"] "nixos.tests.nixos-rebuild-specialisations")
|
||||
(onFullSupported "nixos.tests.ipv6")
|
||||
(onFullSupported "nixos.tests.keymap.azerty")
|
||||
|
@ -153,6 +153,7 @@ in {
|
||||
budgie = handleTest ./budgie.nix {};
|
||||
buildbot = handleTest ./buildbot.nix {};
|
||||
buildkite-agents = handleTest ./buildkite-agents.nix {};
|
||||
c2fmzq = handleTest ./c2fmzq.nix {};
|
||||
caddy = handleTest ./caddy.nix {};
|
||||
cadvisor = handleTestOn ["x86_64-linux"] ./cadvisor.nix {};
|
||||
cage = handleTest ./cage.nix {};
|
||||
|
75
nixos/tests/c2fmzq.nix
Normal file
75
nixos/tests/c2fmzq.nix
Normal file
@ -0,0 +1,75 @@
|
||||
import ./make-test-python.nix ({ pkgs, lib, ... }: {
|
||||
name = "c2FmZQ";
|
||||
meta.maintainers = with lib.maintainers; [ hmenke ];
|
||||
|
||||
nodes.machine = {
|
||||
services.c2fmzq-server = {
|
||||
enable = true;
|
||||
port = 8080;
|
||||
passphraseFile = builtins.toFile "pwfile" "hunter2"; # don't do this on real deployments
|
||||
settings = {
|
||||
verbose = 3; # debug
|
||||
};
|
||||
};
|
||||
environment = {
|
||||
sessionVariables = {
|
||||
C2FMZQ_PASSPHRASE = "lol";
|
||||
C2FMZQ_API_SERVER = "http://localhost:8080";
|
||||
};
|
||||
systemPackages = [
|
||||
pkgs.c2fmzq
|
||||
(pkgs.writeScriptBin "c2FmZQ-client-wrapper" ''
|
||||
#!${pkgs.expect}/bin/expect -f
|
||||
spawn c2FmZQ-client {*}$argv
|
||||
expect {
|
||||
"Enter password:" { send "$env(PASSWORD)\r" }
|
||||
"Type YES to confirm:" { send "YES\r" }
|
||||
timeout { exit 1 }
|
||||
eof { exit 0 }
|
||||
}
|
||||
interact
|
||||
'')
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
testScript = { nodes, ... }: ''
|
||||
machine.start()
|
||||
machine.wait_for_unit("c2fmzq-server.service")
|
||||
machine.wait_for_open_port(8080)
|
||||
|
||||
with subtest("Create accounts for alice and bob"):
|
||||
machine.succeed("PASSWORD=foobar c2FmZQ-client-wrapper -- -v 3 create-account alice@example.com")
|
||||
machine.succeed("PASSWORD=fizzbuzz c2FmZQ-client-wrapper -- -v 3 create-account bob@example.com")
|
||||
|
||||
with subtest("Log in as alice"):
|
||||
machine.succeed("PASSWORD=foobar c2FmZQ-client-wrapper -- -v 3 login alice@example.com")
|
||||
msg = machine.succeed("c2FmZQ-client -v 3 status")
|
||||
assert "Logged in as alice@example.com" in msg, f"ERROR: Not logged in as alice:\n{msg}"
|
||||
|
||||
with subtest("Create a new album, upload a file, and delete the uploaded file"):
|
||||
machine.succeed("c2FmZQ-client -v 3 create-album 'Rarest Memes'")
|
||||
machine.succeed("echo 'pls do not steal' > meme.txt")
|
||||
machine.succeed("c2FmZQ-client -v 3 import meme.txt 'Rarest Memes'")
|
||||
machine.succeed("c2FmZQ-client -v 3 sync")
|
||||
machine.succeed("rm meme.txt")
|
||||
|
||||
with subtest("Share the album with bob"):
|
||||
machine.succeed("c2FmZQ-client-wrapper -- -v 3 share 'Rarest Memes' bob@example.com")
|
||||
|
||||
with subtest("Log in as bob"):
|
||||
machine.succeed("PASSWORD=fizzbuzz c2FmZQ-client-wrapper -- -v 3 login bob@example.com")
|
||||
msg = machine.succeed("c2FmZQ-client -v 3 status")
|
||||
assert "Logged in as bob@example.com" in msg, f"ERROR: Not logged in as bob:\n{msg}"
|
||||
|
||||
with subtest("Download the shared file"):
|
||||
machine.succeed("c2FmZQ-client -v 3 download 'shared/Rarest Memes/meme.txt'")
|
||||
machine.succeed("c2FmZQ-client -v 3 export 'shared/Rarest Memes/meme.txt' .")
|
||||
msg = machine.succeed("cat meme.txt")
|
||||
assert "pls do not steal\n" == msg, f"File content is not the same:\n{msg}"
|
||||
|
||||
with subtest("Test that PWA is served"):
|
||||
msg = machine.succeed("curl -sSfL http://localhost:8080")
|
||||
assert "c2FmZQ" in msg, f"Could not find 'c2FmZQ' in the output:\n{msg}"
|
||||
'';
|
||||
})
|
4505
pkgs/applications/blockchains/lighthouse/Cargo.lock
generated
4505
pkgs/applications/blockchains/lighthouse/Cargo.lock
generated
File diff suppressed because it is too large
Load Diff
@ -23,7 +23,7 @@
|
||||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "lighthouse";
|
||||
version = "4.1.0";
|
||||
version = "4.5.0";
|
||||
|
||||
# lighthouse/common/deposit_contract/build.rs
|
||||
depositContractSpecVersion = "0.12.1";
|
||||
@ -33,7 +33,7 @@ rustPlatform.buildRustPackage rec {
|
||||
owner = "sigp";
|
||||
repo = "lighthouse";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-QVAFzV9sao8+eegI7bLfm+pPHyvDFhnADS80+nqqgtE=";
|
||||
hash = "sha256-UUOvTxOQXT1zfhDYEL/J6moHAyejZn7GyGS/XBmXxRQ=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
@ -47,15 +47,15 @@ rustPlatform.buildRustPackage rec {
|
||||
cargoLock = {
|
||||
lockFile = ./Cargo.lock;
|
||||
outputHashes = {
|
||||
"amcl-0.3.0" = "sha256-Mj4dXTlGVSleFfuTKgVDQ7S3jANMsdtVE5L90WGxA4U=";
|
||||
"arbitrary-1.3.0" = "sha256-BMxcBfxBRf+Kb0Tz55jtFbwokSeD2GPtB+KV8Wbne0g=";
|
||||
"beacon-api-client-0.1.0" = "sha256-fI8qST6HZrchg7yr/nVtRNrsW3f5ONSX+mGRYW+iiqA=";
|
||||
"ethereum-consensus-0.1.1" = "sha256-aBrZ786Me0BWpnncxQc5MT3r+O0yLQhqGKFBiNTdqSA=";
|
||||
"amcl-0.3.0" = "sha256-kc8k/ls4W0TwFBsRcyyotyz8ZBEjsZXHeJnJtsnW/LM=";
|
||||
"anvil-rpc-0.1.0" = "sha256-L38OioxnWEn94g3GJT4j3U1cJZ8jQDHp8d1QOHaVEuU=";
|
||||
"beacon-api-client-0.1.0" = "sha256-Z0CoPxZzl2bjb8vgmHWxq2orMawhMMs7beKGopilKjE=";
|
||||
"ethereum-consensus-0.1.1" = "sha256-biTrw3yMJUo9+56QK5RGWXLCoPPZEWp18SCs+Y9QWg4=";
|
||||
"libmdbx-0.1.4" = "sha256-NMsR/Wl1JIj+YFPyeMMkrJFfoS07iEAKEQawO89a+/Q=";
|
||||
"lmdb-rkv-0.14.0" = "sha256-sxmguwqqcyOlfXOZogVz1OLxfJPo+Q0+UjkROkbbOCk=";
|
||||
"mev-rs-0.2.1" = "sha256-n3ns1oynw5fKQtp/CQHER41+C1EmLCVEBqggkHc3or4=";
|
||||
"ssz-rs-0.8.0" = "sha256-k1JLu+jZrSqUyHou76gbJeA5CDWwdL0fPkek3Vzl4Gs=";
|
||||
"warp-0.3.2" = "sha256-m9lkEgeSs0yEc+6N6DG7IfQY/evkUMoNyst2hMUR//c=";
|
||||
"mev-rs-0.3.0" = "sha256-LCO0GTvWTLcbPt7qaSlLwlKmAjt3CIHVYTT/JRXpMEo=";
|
||||
"testcontainers-0.14.0" = "sha256-mSsp21G7MLEtFROWy88Et5s07PO0tjezovCGIMh+/oQ=";
|
||||
"warp-0.3.5" = "sha256-d5e6ASdL7+Dl3KsTNOb9B5RHpStrupOKsbGWsdu9Jfk=";
|
||||
};
|
||||
};
|
||||
|
||||
@ -103,8 +103,8 @@ rustPlatform.buildRustPackage rec {
|
||||
cargoTestFlags = [
|
||||
"--workspace"
|
||||
"--exclude beacon_node"
|
||||
"--exclude http_api"
|
||||
"--exclude beacon_chain"
|
||||
"--exclude http_api"
|
||||
"--exclude lighthouse"
|
||||
"--exclude lighthouse_network"
|
||||
"--exclude slashing_protection"
|
||||
@ -114,10 +114,21 @@ rustPlatform.buildRustPackage rec {
|
||||
|
||||
# All of these tests require network access
|
||||
checkFlags = [
|
||||
"--skip basic"
|
||||
"--skip deposit_tree::cache_consistency"
|
||||
"--skip deposit_tree::double_update"
|
||||
"--skip deposit_tree::updating"
|
||||
"--skip eth1_cache::big_skip"
|
||||
"--skip eth1_cache::double_update"
|
||||
"--skip eth1_cache::pruning"
|
||||
"--skip eth1_cache::simple_scenario"
|
||||
"--skip fast::deposit_cache_query"
|
||||
"--skip http::incrementing_deposits"
|
||||
"--skip persist::test_persist_caches"
|
||||
"--skip service::tests::tests::test_dht_persistence"
|
||||
"--skip time::test::test_reinsertion_updates_timeout"
|
||||
|
||||
] ++ lib.optionals (stdenv.isAarch64 && stdenv.isDarwin) [
|
||||
"--skip subnet_service::tests::attestation_service::test_subscribe_same_subnet_several_slots_apart"
|
||||
"--skip subnet_service::tests::sync_committee_service::same_subscription_with_lower_until_epoch"
|
||||
"--skip subnet_service::tests::sync_committee_service::subscribe_and_unsubscribe"
|
||||
];
|
||||
|
@ -1,26 +1,13 @@
|
||||
diff --git a/consensus/types/Cargo.toml b/consensus/types/Cargo.toml
|
||||
index 46b88af66..c8c909234 100644
|
||||
--- a/consensus/types/Cargo.toml
|
||||
+++ b/consensus/types/Cargo.toml
|
||||
@@ -37,7 +37,7 @@ cached_tree_hash = { path = "../cached_tree_hash" }
|
||||
serde_yaml = "0.8.13"
|
||||
tempfile = "3.1.0"
|
||||
derivative = "2.1.1"
|
||||
-rusqlite = { version = "0.28.0", features = ["bundled"], optional = true }
|
||||
+rusqlite = { version = "0.28.0", optional = true }
|
||||
# The arbitrary dependency is enabled by default since Capella to avoid complexity introduced by
|
||||
# `AbstractExecPayload`
|
||||
arbitrary = { version = "1.0", features = ["derive"] }
|
||||
diff --git a/validator_client/slashing_protection/Cargo.toml b/validator_client/slashing_protection/Cargo.toml
|
||||
index 631e54dc4..dec95156b 100644
|
||||
--- a/validator_client/slashing_protection/Cargo.toml
|
||||
+++ b/validator_client/slashing_protection/Cargo.toml
|
||||
@@ -12,7 +12,7 @@ path = "tests/main.rs"
|
||||
[dependencies]
|
||||
tempfile = "3.1.0"
|
||||
types = { path = "../../consensus/types" }
|
||||
-rusqlite = { version = "0.28.0", features = ["bundled"] }
|
||||
+rusqlite = { version = "0.28.0" }
|
||||
r2d2 = "0.8.9"
|
||||
r2d2_sqlite = "0.21.0"
|
||||
serde = "1.0.116"
|
||||
diff --git a/Cargo.toml b/Cargo.toml
|
||||
index 62c0e7bd2..a089e3c5b 100644
|
||||
--- a/Cargo.toml
|
||||
+++ b/Cargo.toml
|
||||
@@ -138,7 +138,7 @@ rayon = "1.7"
|
||||
regex = "1"
|
||||
reqwest = { version = "0.11", default-features = false, features = ["blocking", "json", "stream", "rustls-tls"] }
|
||||
ring = "0.16"
|
||||
-rusqlite = { version = "0.28", features = ["bundled"] }
|
||||
+rusqlite = { version = "0.28" }
|
||||
serde = { version = "1", features = ["derive"] }
|
||||
serde_json = "1"
|
||||
serde_repr = "0.1"
|
||||
|
@ -86,7 +86,7 @@ lib.warnIf (useHardenedMalloc != null)
|
||||
ffmpeg
|
||||
];
|
||||
|
||||
version = "13.0";
|
||||
version = "13.0.1";
|
||||
|
||||
sources = {
|
||||
x86_64-linux = fetchurl {
|
||||
@ -96,7 +96,7 @@ lib.warnIf (useHardenedMalloc != null)
|
||||
"https://tor.eff.org/dist/torbrowser/${version}/tor-browser-linux-x86_64-${version}.tar.xz"
|
||||
"https://tor.calyxinstitute.org/dist/torbrowser/${version}/tor-browser-linux-x86_64-${version}.tar.xz"
|
||||
];
|
||||
hash = "sha256-zdmPbmJo5FDoOjob+9TDCvCgKgLHvLi3bOMhcZg8DVM=";
|
||||
hash = "sha256-ORa973US2VY9Can4Nr35YSpZrYGqBP4I/S/ulsbRJLc=";
|
||||
};
|
||||
|
||||
i686-linux = fetchurl {
|
||||
@ -106,7 +106,7 @@ lib.warnIf (useHardenedMalloc != null)
|
||||
"https://tor.eff.org/dist/torbrowser/${version}/tor-browser-linux-i686-${version}.tar.xz"
|
||||
"https://tor.calyxinstitute.org/dist/torbrowser/${version}/tor-browser-linux-i686-${version}.tar.xz"
|
||||
];
|
||||
hash = "sha256-Hlvx2C4DF/wcHo9ES+g9UUgNFGDokW5OAX3FeOvR+fY=";
|
||||
hash = "sha256-OBUleXLTNFG+aFuftnphgBtQCfyoIWDcoVFs5elJ0tA=";
|
||||
};
|
||||
};
|
||||
|
||||
|
36
pkgs/by-name/c2/c2fmzq/package.nix
Normal file
36
pkgs/by-name/c2/c2fmzq/package.nix
Normal file
@ -0,0 +1,36 @@
|
||||
{ lib
|
||||
, buildGoModule
|
||||
, fetchFromGitHub
|
||||
, nixosTests
|
||||
}:
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "c2FmZQ";
|
||||
version = "0.4.8";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "c2FmZQ";
|
||||
repo = "c2FmZQ";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-IYSmGzjTDMBgEMVZsi6CuUz6L7BzpmbrJYVPUhFr7rw=";
|
||||
};
|
||||
|
||||
ldflags = [ "-s" "-w" ];
|
||||
|
||||
sourceRoot = "source/c2FmZQ";
|
||||
|
||||
vendorHash = "sha256-Hz6P+ptn1i+8Ek3pp8j+iB8NN5Xks50jyZuT8Ullxbo=";
|
||||
|
||||
subPackages = [ "c2FmZQ-client" "c2FmZQ-server" ];
|
||||
|
||||
passthru.tests = { inherit (nixosTests) c2fmzq; };
|
||||
|
||||
meta = with lib; {
|
||||
description = "Securely encrypt, store, and share files, including but not limited to pictures and videos";
|
||||
homepage = "https://github.com/c2FmZQ/c2FmZQ";
|
||||
license = licenses.gpl3Only;
|
||||
mainProgram = "c2FmZQ-server";
|
||||
maintainers = with maintainers; [ hmenke ];
|
||||
platforms = platforms.linux;
|
||||
};
|
||||
}
|
31
pkgs/by-name/pr/prox/package.nix
Normal file
31
pkgs/by-name/pr/prox/package.nix
Normal file
@ -0,0 +1,31 @@
|
||||
{ buildGoModule
|
||||
, fetchFromGitHub
|
||||
, lib
|
||||
}:
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "prox";
|
||||
# While upstream did release a v1.0.0, v0.5.2 is actually newer: https://github.com/fgrosse/prox/releases/tag/v0.5.2
|
||||
version = "0.5.2";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "fgrosse";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-mqx8ICne0NnyW0N1Jeu+PJXWDBr12OASLxlePI6v6Bc=";
|
||||
};
|
||||
|
||||
vendorHash = "sha256-4gZfEbyAzAzxtOR6FhP7eUSdln+fANn87+duCq1aq5A=";
|
||||
|
||||
postPatch = ''
|
||||
substituteInPlace cmd/prox/version.go \
|
||||
--replace '0.0.0-unknown' '${version}'
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
homepage = "https://github.com/fgrosse/prox";
|
||||
description = "A process runner for Procfile-based applications ";
|
||||
license = licenses.bsd2;
|
||||
maintainers = with maintainers; [ lucperkins ];
|
||||
};
|
||||
}
|
@ -14,13 +14,13 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "pantheon-tweaks";
|
||||
version = "1.1.0";
|
||||
version = "1.1.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "pantheon-tweaks";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
sha256 = "sha256-wj9bvcES8JAgDtW0Damfd8VQNLK+SCFTDVWp/nYGcgI=";
|
||||
sha256 = "sha256-KYnrQnh/Zz3EjMAqasdk2CZMXzw15txKtPm/K5+FzhI=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
|
@ -5,37 +5,63 @@
|
||||
, autoreconfHook
|
||||
, util-linux
|
||||
, openssl
|
||||
# The primary --enable-XXX variant. 'all' enables most features, but causes build-errors for some software,
|
||||
# requiring to build a special variant for that software. Example: 'haproxy'
|
||||
, variant ? "all"
|
||||
, extraConfigureFlags ? []
|
||||
, enableLto ? !(stdenv.isDarwin || stdenv.hostPlatform.isStatic || stdenv.cc.isClang)
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "wolfssl";
|
||||
stdenv.mkDerivation (finalAttrs: {
|
||||
pname = "wolfssl-${variant}";
|
||||
version = "5.6.3";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "wolfSSL";
|
||||
repo = "wolfssl";
|
||||
rev = "refs/tags/v${version}-stable";
|
||||
rev = "refs/tags/v${finalAttrs.version}-stable";
|
||||
hash = "sha256-UN4zs+Rxh/bsLD1BQA+f1YN/UOJ6OB2HduhoetEp10Y=";
|
||||
};
|
||||
|
||||
postPatch = ''
|
||||
patchShebangs ./scripts
|
||||
# ocsp tests require network access
|
||||
sed -i -e '/ocsp\.test/d' -e '/ocsp-stapling\.test/d' scripts/include.am
|
||||
# ocsp stapling tests require network access, so skip them
|
||||
sed -i -e'2s/.*/exit 77/' scripts/ocsp-stapling.test
|
||||
# ensure test detects musl-based systems too
|
||||
substituteInPlace scripts/ocsp-stapling2.test \
|
||||
--replace '"linux-gnu"' '"linux-"'
|
||||
'';
|
||||
|
||||
# Almost same as Debian but for now using --enable-all --enable-reproducible-build instead of --enable-distro to ensure options.h gets installed
|
||||
configureFlags = [
|
||||
"--enable-all"
|
||||
"--enable-base64encode"
|
||||
"--enable-${variant}"
|
||||
"--enable-reproducible-build"
|
||||
] ++ lib.optionals (variant == "all") [
|
||||
# Extra feature flags to add while building the 'all' variant.
|
||||
# Since they conflict while building other variants, only specify them for this one.
|
||||
"--enable-pkcs11"
|
||||
"--enable-writedup"
|
||||
"--enable-reproducible-build"
|
||||
"--enable-tls13"
|
||||
];
|
||||
"--enable-base64encode"
|
||||
] ++ [
|
||||
# We're not on tiny embedded machines.
|
||||
# Increase TLS session cache from 33 sessions to 20k.
|
||||
"--enable-bigcache"
|
||||
|
||||
# Use WolfSSL's Single Precision Math with timing-resistant cryptography.
|
||||
"--enable-sp=yes${lib.optionalString (!stdenv.isx86_32) ",asm"}"
|
||||
"--enable-sp-math-all"
|
||||
"--enable-harden"
|
||||
] ++ lib.optionals (stdenv.hostPlatform.isx86_64) [
|
||||
# Enable AVX/AVX2/AES-NI instructions, gated by runtime detection via CPUID.
|
||||
"--enable-intelasm"
|
||||
"--enable-aesni"
|
||||
] ++ lib.optionals (stdenv.isAarch64 && stdenv.isDarwin) [
|
||||
# No runtime detection under ARM and no platform function checks like for X86.
|
||||
# However, all ARM macOS systems have the supported extensions autodetected in the configure script.
|
||||
"--enable-armasm=inline"
|
||||
] ++ extraConfigureFlags;
|
||||
|
||||
# LTO should help with the C implementations.
|
||||
env.NIX_CFLAGS_COMPILE = lib.optionalString enableLto "-flto";
|
||||
env.NIX_LDFLAGS_COMPILE = lib.optionalString enableLto "-flto";
|
||||
|
||||
outputs = [
|
||||
"dev"
|
||||
@ -60,19 +86,19 @@ stdenv.mkDerivation rec {
|
||||
];
|
||||
|
||||
postInstall = ''
|
||||
# fix recursive cycle:
|
||||
# wolfssl-config points to dev, dev propagates bin
|
||||
moveToOutput bin/wolfssl-config "$dev"
|
||||
# moveToOutput also removes "$out" so recreate it
|
||||
mkdir -p "$out"
|
||||
# fix recursive cycle:
|
||||
# wolfssl-config points to dev, dev propagates bin
|
||||
moveToOutput bin/wolfssl-config "$dev"
|
||||
# moveToOutput also removes "$out" so recreate it
|
||||
mkdir -p "$out"
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
description = "A small, fast, portable implementation of TLS/SSL for embedded devices";
|
||||
homepage = "https://www.wolfssl.com/";
|
||||
changelog = "https://github.com/wolfSSL/wolfssl/releases/tag/v${version}-stable";
|
||||
changelog = "https://github.com/wolfSSL/wolfssl/releases/tag/v${finalAttrs.version}-stable";
|
||||
platforms = platforms.all;
|
||||
license = licenses.gpl2Plus;
|
||||
maintainers = with maintainers; [ fab ];
|
||||
maintainers = with maintainers; [ fab vifino ];
|
||||
};
|
||||
}
|
||||
})
|
||||
|
89
pkgs/development/python-modules/compressai/default.nix
Normal file
89
pkgs/development/python-modules/compressai/default.nix
Normal file
@ -0,0 +1,89 @@
|
||||
{ lib
|
||||
, buildPythonPackage
|
||||
, pythonOlder
|
||||
, fetchFromGitHub
|
||||
, pybind11
|
||||
, setuptools
|
||||
, wheel
|
||||
, numpy
|
||||
, matplotlib
|
||||
, pytorch-msssim
|
||||
, scipy
|
||||
, torch
|
||||
, torchvision
|
||||
, ipywidgets
|
||||
, jupyter
|
||||
, plotly
|
||||
, pytestCheckHook
|
||||
}:
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "compressai";
|
||||
version = "1.2.4";
|
||||
pyproject = true;
|
||||
|
||||
disabled = pythonOlder "3.6";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "InterDigitalInc";
|
||||
repo = "CompressAI";
|
||||
rev = "refs/tags/v${version}";
|
||||
hash = "sha256-nT2vd7t67agIWobJalORbRuns0UJGRGGbTX2/8vbTiY=";
|
||||
fetchSubmodules = true;
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
pybind11
|
||||
setuptools
|
||||
wheel
|
||||
];
|
||||
|
||||
propagatedBuildInputs = [
|
||||
numpy
|
||||
matplotlib
|
||||
pytorch-msssim
|
||||
scipy
|
||||
torch
|
||||
torchvision
|
||||
];
|
||||
|
||||
passthru.optional-dependencies = {
|
||||
tutorials = [
|
||||
ipywidgets
|
||||
jupyter
|
||||
];
|
||||
};
|
||||
|
||||
pythonImportsCheck = [
|
||||
"compressai"
|
||||
"compressai._CXX"
|
||||
];
|
||||
|
||||
preCheck = ''
|
||||
# We have to delete the source because otherwise it is used intead the installed package.
|
||||
rm -rf compressai
|
||||
|
||||
export HOME=$(mktemp -d)
|
||||
'';
|
||||
|
||||
nativeCheckInputs = [
|
||||
plotly
|
||||
pytestCheckHook
|
||||
];
|
||||
|
||||
disabledTests = [
|
||||
# Those tests require internet access to download some weights
|
||||
"test_image_codec"
|
||||
"test_update"
|
||||
"test_eval_model_pretrained"
|
||||
"test_cheng2020_anchor"
|
||||
"test_pretrained"
|
||||
];
|
||||
|
||||
meta = with lib; {
|
||||
description = "A PyTorch library and evaluation platform for end-to-end compression research";
|
||||
homepage = "https://github.com/InterDigitalInc/CompressAI";
|
||||
license = licenses.bsd3Clear;
|
||||
maintainers = with maintainers; [ GaetanLepage ];
|
||||
};
|
||||
}
|
@ -16,7 +16,7 @@
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "jedi-language-server";
|
||||
version = "0.41.0";
|
||||
version = "0.41.1-unstable-2023-10-04";
|
||||
format = "pyproject";
|
||||
|
||||
disabled = pythonOlder "3.8";
|
||||
@ -24,8 +24,8 @@ buildPythonPackage rec {
|
||||
src = fetchFromGitHub {
|
||||
owner = "pappasam";
|
||||
repo = pname;
|
||||
rev = "refs/tags/v${version}";
|
||||
hash = "sha256-1ujEhoxWcCM1g640aLE60YGiNQLB+G7t7oLVZXW8AMM=";
|
||||
rev = "c4c470cff67e54593a626b22d1b6b05e56fde3a3";
|
||||
hash = "sha256-qFBni97B/GkabbznnZtWTG4dCHFkOx5UQjuevxq+Uvo=";
|
||||
};
|
||||
|
||||
pythonRelaxDeps = [
|
||||
|
@ -2,22 +2,24 @@
|
||||
, buildPythonPackage
|
||||
, fetchFromGitHub
|
||||
, pydantic
|
||||
, setuptools
|
||||
, setuptools-scm
|
||||
}:
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "pydantic-scim";
|
||||
version = "0.0.7";
|
||||
format = "setuptools";
|
||||
version = "0.0.8";
|
||||
pyproject = true;
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "chalk-ai";
|
||||
repo = "pydantic-scim";
|
||||
rev = "refs/tags/v${version}";
|
||||
hash = "sha256-F+uj7kSz6iSb0Vg00VfJ5GcxghooNDKa75S/ZgU7WgI=";
|
||||
hash = "sha256-Hbc94v/+slXRGDKKbMui8WPwn28/1XcKvHkbLebWtj0=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
setuptools
|
||||
setuptools-scm
|
||||
];
|
||||
|
||||
|
@ -3,19 +3,17 @@
|
||||
, buildPythonPackage
|
||||
, pythonOlder
|
||||
, fetchFromGitHub
|
||||
, setuptools-scm
|
||||
, lsprotocol
|
||||
, toml
|
||||
, typeguard
|
||||
, mock
|
||||
, poetry-core
|
||||
, pytest-asyncio
|
||||
, pytestCheckHook
|
||||
}:
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "pygls";
|
||||
version = "1.0.2";
|
||||
format = "setuptools";
|
||||
version = "1.1.1";
|
||||
format = "pyproject";
|
||||
|
||||
disabled = pythonOlder "3.7";
|
||||
|
||||
@ -23,13 +21,11 @@ buildPythonPackage rec {
|
||||
owner = "openlawlibrary";
|
||||
repo = "pygls";
|
||||
rev = "refs/tags/v${version}";
|
||||
hash = "sha256-z673NRlnudFyDjKoM+xCbMRTFwh+tjUf4BaNtjwvKx8=";
|
||||
hash = "sha256-FOuBS/UJpkYbuIu193vkSpN/77gf+UWiS5f/t8BpAk4=";
|
||||
};
|
||||
|
||||
SETUPTOOLS_SCM_PRETEND_VERSION = version;
|
||||
nativeBuildInputs = [
|
||||
setuptools-scm
|
||||
toml
|
||||
poetry-core
|
||||
];
|
||||
|
||||
propagatedBuildInputs = [
|
||||
@ -38,7 +34,6 @@ buildPythonPackage rec {
|
||||
];
|
||||
|
||||
nativeCheckInputs = [
|
||||
mock
|
||||
pytest-asyncio
|
||||
pytestCheckHook
|
||||
];
|
||||
|
41
pkgs/development/python-modules/pytorch-msssim/default.nix
Normal file
41
pkgs/development/python-modules/pytorch-msssim/default.nix
Normal file
@ -0,0 +1,41 @@
|
||||
{ lib
|
||||
, buildPythonPackage
|
||||
, fetchFromGitHub
|
||||
, setuptools
|
||||
, wheel
|
||||
, torch
|
||||
}:
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "pytorch-msssim";
|
||||
version = "1.0.0";
|
||||
pyproject = true;
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "VainF";
|
||||
repo = "pytorch-msssim";
|
||||
rev = "refs/tags/v${version}";
|
||||
hash = "sha256-bghglwQhgByC7BqbDvImSvt6edKF55NLYEPjqmmSFH8=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
setuptools
|
||||
wheel
|
||||
];
|
||||
|
||||
propagatedBuildInputs = [
|
||||
torch
|
||||
];
|
||||
|
||||
pythonImportsCheck = [ "pytorch_msssim" ];
|
||||
|
||||
# This test doesn't have (automatic) tests
|
||||
doCheck = false;
|
||||
|
||||
meta = with lib; {
|
||||
description = "Fast and differentiable MS-SSIM and SSIM for pytorch";
|
||||
homepage = "https://github.com/VainF/pytorch-msssim";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ GaetanLepage ];
|
||||
};
|
||||
}
|
@ -1,4 +1,11 @@
|
||||
{ buildGoModule, fetchFromGitHub, lib, installShellFiles, testers, cue }:
|
||||
{ buildGoModule
|
||||
, fetchFromGitHub
|
||||
, fetchpatch
|
||||
, lib
|
||||
, installShellFiles
|
||||
, testers
|
||||
, cue
|
||||
}:
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "cue";
|
||||
@ -11,13 +18,21 @@ buildGoModule rec {
|
||||
hash = "sha256-1svWb83xbVZIlI9pviCYfQ6Kkp0QRjZwrauL7PPJLts=";
|
||||
};
|
||||
|
||||
vendorHash = "sha256-ku4tPTXdnKau0kqnAAEHDdSF4oAC/6SDkTq8cECOiEk=";
|
||||
|
||||
patches = [
|
||||
# Fix tests with go1.21. See https://github.com/cue-lang/cue/issues/2548.
|
||||
(fetchpatch {
|
||||
url = "https://github.com/cue-lang/cue/commit/3bf3dbd655284d3628399a83a703f4849b5f9374.patch";
|
||||
hash = "sha256-9Zi2mrqB1JTFvadiqWTgzzi1pffZ3gOmTtrDDQWye1Q=";
|
||||
})
|
||||
];
|
||||
|
||||
postPatch = ''
|
||||
# Disable script tests
|
||||
rm -f cmd/cue/cmd/script_test.go
|
||||
'';
|
||||
|
||||
vendorHash = "sha256-ku4tPTXdnKau0kqnAAEHDdSF4oAC/6SDkTq8cECOiEk=";
|
||||
|
||||
excludedPackages = [ "internal/ci/updatetxtar" "internal/cmd/embedpkg" "internal/cmd/qgo" "pkg/gen" ];
|
||||
|
||||
nativeBuildInputs = [ installShellFiles ];
|
||||
|
@ -1,7 +1,7 @@
|
||||
{ lib, buildGoModule, fetchFromGitHub }:
|
||||
|
||||
let
|
||||
version = "1.22.0";
|
||||
version = "1.23.0";
|
||||
in
|
||||
buildGoModule {
|
||||
pname = "sqlc";
|
||||
@ -11,11 +11,11 @@ buildGoModule {
|
||||
owner = "sqlc-dev";
|
||||
repo = "sqlc";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-aSu+d3ti/PpR5oQwciq1Cz+vxDPunGsVaUg/o/rfmsY=";
|
||||
hash = "sha256-MM4O/njW4R1darZMtoevuLMt14/BrCAaFvSX06CTso8=";
|
||||
};
|
||||
|
||||
proxyVendor = true;
|
||||
vendorHash = "sha256-sjGswoIUM+UL6qJORdB3UmPh7T6JmTBI5kksgGcRtY0=";
|
||||
vendorHash = "sha256-tJ+Bih+vwkYfEvIsJ6R2Z0eDS9m1eTOS68uyad0F6f0=";
|
||||
|
||||
subPackages = [ "cmd/sqlc" ];
|
||||
|
||||
|
@ -16,7 +16,7 @@
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "ruff-lsp";
|
||||
version = "0.0.40";
|
||||
version = "0.0.42";
|
||||
pyproject = true;
|
||||
disabled = pythonOlder "3.7";
|
||||
|
||||
@ -24,7 +24,7 @@ buildPythonPackage rec {
|
||||
owner = "astral-sh";
|
||||
repo = "ruff-lsp";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-CQ4SDIGhUTn7fdvoGag+XM7HcY+qJyp9McyzpoTQ0tM=";
|
||||
hash = "sha256-Dn/xPjYCyJYlDNMUfl61L/tWq5mRJ8WD0G5qZH9OepY=";
|
||||
};
|
||||
|
||||
postPatch = ''
|
||||
|
@ -4,32 +4,33 @@
|
||||
, cmake-format
|
||||
, pygls
|
||||
, cmake
|
||||
, pdm-pep517
|
||||
, pdm-backend
|
||||
, pytest-datadir
|
||||
, pytestCheckHook
|
||||
, pythonOlder
|
||||
}:
|
||||
|
||||
buildPythonApplication rec {
|
||||
pname = "cmake-language-server";
|
||||
version = "0.1.7";
|
||||
version = "0.1.8";
|
||||
format = "pyproject";
|
||||
|
||||
disabled = pythonOlder "3.7";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "regen100";
|
||||
repo = "cmake-language-server";
|
||||
rev = "refs/tags/v${version}";
|
||||
hash = "sha256-ExEAi47hxxEJeoT3FCwpRwJrf3URnI47/5FDL7fS5sY=";
|
||||
hash = "sha256-7AlF+FqhZR+6lLsR1dxAGHd/GU+mB3ojYLDXVm7Il4M=";
|
||||
};
|
||||
|
||||
PDM_PEP517_SCM_VERSION = version;
|
||||
|
||||
patches = [
|
||||
# Test timeouts occasionally cause the build to fail
|
||||
./disable-test-timeouts.patch
|
||||
];
|
||||
|
||||
nativeBuildInputs = [
|
||||
pdm-pep517
|
||||
pdm-backend
|
||||
];
|
||||
|
||||
propagatedBuildInputs = [
|
||||
@ -44,6 +45,16 @@ buildPythonApplication rec {
|
||||
pytestCheckHook
|
||||
];
|
||||
|
||||
# version.py generated by pdm, no idea why it's not present in test phase
|
||||
# https://github.com/regen100/cmake-language-server/blob/68bbc8187b6110a75f498647af7c44df790ffa87/pyproject.toml#L35-L36
|
||||
preCheck = ''
|
||||
echo "__version__ = \"$PDM_BUILD_SCM_VERSION\"" > cmake_language_server/version.py
|
||||
'';
|
||||
|
||||
postCheck = ''
|
||||
rm cmake_language_server/version.py
|
||||
'';
|
||||
|
||||
dontUseCmakeConfigure = true;
|
||||
|
||||
pythonImportsCheck = [
|
||||
|
@ -1,244 +0,0 @@
|
||||
# This file originates from composer2nix
|
||||
|
||||
{ stdenv, lib, writeTextFile, fetchurl, php, unzip, phpPackages }:
|
||||
|
||||
let
|
||||
inherit (phpPackages) composer;
|
||||
|
||||
filterSrc = src:
|
||||
builtins.filterSource (path: type: type != "directory" || (baseNameOf path != ".git" && baseNameOf path != ".git" && baseNameOf path != ".svn")) src;
|
||||
|
||||
buildZipPackage = { name, src }:
|
||||
stdenv.mkDerivation {
|
||||
inherit name src;
|
||||
nativeBuildInputs = [ unzip ];
|
||||
buildCommand = ''
|
||||
shopt -s dotglob
|
||||
unzip $src
|
||||
baseDir=$(find . -type d -mindepth 1 -maxdepth 1)
|
||||
cd $baseDir
|
||||
mkdir -p $out
|
||||
mv * $out
|
||||
'';
|
||||
};
|
||||
|
||||
buildPackage =
|
||||
{ name
|
||||
, src
|
||||
, packages ? {}
|
||||
, devPackages ? {}
|
||||
, buildInputs ? []
|
||||
, symlinkDependencies ? false
|
||||
, executable ? false
|
||||
, removeComposerArtifacts ? false
|
||||
, postInstall ? ""
|
||||
, noDev ? false
|
||||
, composerExtraArgs ? ""
|
||||
, unpackPhase ? "true"
|
||||
, buildPhase ? "true"
|
||||
, ...}@args:
|
||||
|
||||
let
|
||||
reconstructInstalled = writeTextFile {
|
||||
name = "reconstructinstalled.php";
|
||||
executable = true;
|
||||
text = ''
|
||||
#! ${php}/bin/php
|
||||
<?php
|
||||
if(file_exists($argv[1]))
|
||||
{
|
||||
$composerLockStr = file_get_contents($argv[1]);
|
||||
|
||||
if($composerLockStr === false)
|
||||
{
|
||||
fwrite(STDERR, "Cannot open composer.lock contents\n");
|
||||
exit(1);
|
||||
}
|
||||
else
|
||||
{
|
||||
$config = json_decode($composerLockStr, true);
|
||||
|
||||
if(array_key_exists("packages", $config))
|
||||
$allPackages = $config["packages"];
|
||||
else
|
||||
$allPackages = array();
|
||||
|
||||
${lib.optionalString (!noDev) ''
|
||||
if(array_key_exists("packages-dev", $config))
|
||||
$allPackages = array_merge($allPackages, $config["packages-dev"]);
|
||||
''}
|
||||
|
||||
$packagesStr = json_encode($allPackages, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES);
|
||||
print($packagesStr);
|
||||
}
|
||||
}
|
||||
else
|
||||
print("[]");
|
||||
?>
|
||||
'';
|
||||
};
|
||||
|
||||
constructBin = writeTextFile {
|
||||
name = "constructbin.php";
|
||||
executable = true;
|
||||
text = ''
|
||||
#! ${php}/bin/php
|
||||
<?php
|
||||
$composerJSONStr = file_get_contents($argv[1]);
|
||||
|
||||
if($composerJSONStr === false)
|
||||
{
|
||||
fwrite(STDERR, "Cannot open composer.json contents\n");
|
||||
exit(1);
|
||||
}
|
||||
else
|
||||
{
|
||||
$config = json_decode($composerJSONStr, true);
|
||||
|
||||
if(array_key_exists("bin-dir", $config))
|
||||
$binDir = $config["bin-dir"];
|
||||
else
|
||||
$binDir = "bin";
|
||||
|
||||
if(array_key_exists("bin", $config))
|
||||
{
|
||||
if(!file_exists("vendor/".$binDir))
|
||||
mkdir("vendor/".$binDir);
|
||||
|
||||
foreach($config["bin"] as $bin)
|
||||
symlink("../../".$bin, "vendor/".$binDir."/".basename($bin));
|
||||
}
|
||||
}
|
||||
?>
|
||||
'';
|
||||
};
|
||||
|
||||
bundleDependencies = dependencies:
|
||||
lib.concatMapStrings (dependencyName:
|
||||
let
|
||||
dependency = dependencies.${dependencyName};
|
||||
in
|
||||
''
|
||||
${if dependency.targetDir == "" then ''
|
||||
vendorDir="$(dirname ${dependencyName})"
|
||||
mkdir -p "$vendorDir"
|
||||
${if symlinkDependencies then
|
||||
''ln -s "${dependency.src}" "$vendorDir/$(basename "${dependencyName}")"''
|
||||
else
|
||||
''cp -av "${dependency.src}" "$vendorDir/$(basename "${dependencyName}")"''
|
||||
}
|
||||
'' else ''
|
||||
namespaceDir="${dependencyName}/$(dirname "${dependency.targetDir}")"
|
||||
mkdir -p "$namespaceDir"
|
||||
${if symlinkDependencies then
|
||||
''ln -s "${dependency.src}" "$namespaceDir/$(basename "${dependency.targetDir}")"''
|
||||
else
|
||||
''cp -av "${dependency.src}" "$namespaceDir/$(basename "${dependency.targetDir}")"''
|
||||
}
|
||||
''}
|
||||
'') (builtins.attrNames dependencies);
|
||||
|
||||
extraArgs = removeAttrs args [ "packages" "devPackages" "buildInputs" ];
|
||||
in
|
||||
stdenv.mkDerivation ({
|
||||
buildInputs = [ php composer ] ++ buildInputs;
|
||||
|
||||
inherit unpackPhase buildPhase;
|
||||
|
||||
installPhase = ''
|
||||
${if executable then ''
|
||||
mkdir -p $out/share/php
|
||||
cp -av $src $out/share/php/$name
|
||||
chmod -R u+w $out/share/php/$name
|
||||
cd $out/share/php/$name
|
||||
'' else ''
|
||||
cp -av $src $out
|
||||
chmod -R u+w $out
|
||||
cd $out
|
||||
''}
|
||||
|
||||
# Remove unwanted files
|
||||
rm -f *.nix
|
||||
|
||||
export HOME=$TMPDIR
|
||||
|
||||
# Remove the provided vendor folder if it exists
|
||||
rm -Rf vendor
|
||||
|
||||
# If there is no composer.lock file, compose a dummy file.
|
||||
# Otherwise, composer attempts to download the package.json file from
|
||||
# the registry which we do not want.
|
||||
if [ ! -f composer.lock ]
|
||||
then
|
||||
cat > composer.lock <<EOF
|
||||
{
|
||||
"packages": []
|
||||
}
|
||||
EOF
|
||||
fi
|
||||
|
||||
# Reconstruct the installed.json file from the lock file
|
||||
mkdir -p vendor/composer
|
||||
${php}/bin/php ${reconstructInstalled} composer.lock > vendor/composer/installed.json
|
||||
|
||||
# Copy or symlink the provided dependencies
|
||||
cd vendor
|
||||
${bundleDependencies packages}
|
||||
${lib.optionalString (!noDev) (bundleDependencies devPackages)}
|
||||
cd ..
|
||||
|
||||
# Reconstruct autoload scripts
|
||||
# We use the optimize feature because Nix packages cannot change after they have been built
|
||||
# Using the dynamic loader for a Nix package is useless since there is nothing to dynamically reload.
|
||||
composer dump-autoload --optimize ${lib.optionalString noDev "--no-dev"} ${composerExtraArgs}
|
||||
|
||||
# Run the install step as a validation to confirm that everything works out as expected
|
||||
composer install --optimize-autoloader ${lib.optionalString noDev "--no-dev"} ${composerExtraArgs}
|
||||
|
||||
${lib.optionalString executable ''
|
||||
# Reconstruct the bin/ folder if we deploy an executable project
|
||||
${php}/bin/php ${constructBin} composer.json
|
||||
ln -s $(pwd)/vendor/bin $out/bin
|
||||
''}
|
||||
|
||||
${lib.optionalString (!symlinkDependencies) ''
|
||||
# Patch the shebangs if possible
|
||||
if [ -d $(pwd)/vendor/bin ]
|
||||
then
|
||||
# Look for all executables in bin/
|
||||
for i in $(pwd)/vendor/bin/*
|
||||
do
|
||||
# Look for their location
|
||||
realFile=$(readlink -f "$i")
|
||||
|
||||
# Restore write permissions
|
||||
chmod u+wx "$(dirname "$realFile")"
|
||||
chmod u+w "$realFile"
|
||||
|
||||
# Patch shebang
|
||||
sed -e "s|#!/usr/bin/php|#!${php}/bin/php|" \
|
||||
-e "s|#!/usr/bin/env php|#!${php}/bin/php|" \
|
||||
"$realFile" > tmp
|
||||
mv tmp "$realFile"
|
||||
chmod u+x "$realFile"
|
||||
done
|
||||
fi
|
||||
''}
|
||||
|
||||
if [ "$removeComposerArtifacts" = "1" ]
|
||||
then
|
||||
# Remove composer stuff
|
||||
rm -f composer.json composer.lock
|
||||
fi
|
||||
|
||||
# Execute post install hook
|
||||
runHook postInstall
|
||||
'';
|
||||
} // extraArgs);
|
||||
in
|
||||
{
|
||||
inherit filterSrc;
|
||||
composer = lib.makeOverridable composer;
|
||||
buildZipPackage = lib.makeOverridable buildZipPackage;
|
||||
buildPackage = lib.makeOverridable buildPackage;
|
||||
}
|
@ -1,15 +0,0 @@
|
||||
{pkgs ? import <nixpkgs> {
|
||||
inherit system;
|
||||
}, system ? builtins.currentSystem, noDev ? false, php ? pkgs.php, phpPackages ? pkgs.phpPackages}:
|
||||
|
||||
let
|
||||
composerEnv = import ./composer-env.nix {
|
||||
inherit (pkgs) stdenv lib writeTextFile fetchurl unzip;
|
||||
inherit php phpPackages;
|
||||
};
|
||||
in
|
||||
import ./php-packages.nix {
|
||||
inherit composerEnv noDev;
|
||||
inherit (pkgs) fetchurl fetchgit fetchhg fetchsvn;
|
||||
}
|
||||
|
@ -1,52 +1,48 @@
|
||||
{ lib
|
||||
, pkgs
|
||||
, stdenv
|
||||
, fetchFromGitHub
|
||||
, dataDir ? "/var/lib/snipe-it"
|
||||
, fetchFromGitHub
|
||||
, mariadb
|
||||
, nixosTests
|
||||
, php
|
||||
, phpPackages
|
||||
}:
|
||||
|
||||
let
|
||||
package = (import ./composition.nix {
|
||||
inherit pkgs php phpPackages;
|
||||
inherit (stdenv.hostPlatform) system;
|
||||
noDev = true; # Disable development dependencies
|
||||
}).overrideAttrs (attrs : {
|
||||
installPhase = attrs.installPhase + ''
|
||||
# Before symlinking the following directories, copy the invalid_barcode.gif
|
||||
# to a different location. The `snipe-it-setup` oneshot service will then
|
||||
# copy the file back during bootstrap.
|
||||
mkdir -p $out/share/snipe-it
|
||||
cp $out/public/uploads/barcodes/invalid_barcode.gif $out/share/snipe-it/
|
||||
|
||||
rm -R $out/storage $out/public/uploads $out/bootstrap/cache
|
||||
ln -s ${dataDir}/.env $out/.env
|
||||
ln -s ${dataDir}/storage $out/
|
||||
ln -s ${dataDir}/public/uploads $out/public/uploads
|
||||
ln -s ${dataDir}/bootstrap/cache $out/bootstrap/cache
|
||||
|
||||
chmod +x $out/artisan
|
||||
|
||||
substituteInPlace config/database.php --replace "env('DB_DUMP_PATH', '/usr/local/bin')" "env('DB_DUMP_PATH', '${mariadb}/bin')"
|
||||
'';
|
||||
});
|
||||
|
||||
in package.override rec {
|
||||
php.buildComposerProject (finalAttrs: {
|
||||
pname = "snipe-it";
|
||||
version = "6.2.2";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "snipe";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "11i9ijkl7am5k48y7r5k6nki2827cd7mw3dr1xj8dvb8diwaskqi";
|
||||
repo = "snipe-it";
|
||||
rev = "v${finalAttrs.version}";
|
||||
hash = "sha256-EU+teGxo7YZkD7kNXk9jRyARpzWz5OMRmaWqQ6eMKYY=";
|
||||
};
|
||||
|
||||
passthru.tests = nixosTests.snipe-it;
|
||||
passthru.phpPackage = php;
|
||||
vendorHash = "sha256-JcBcrETbjGJFlG1dH/XXqmb9MlKr0ICdnEx7/61Z5io=";
|
||||
|
||||
postInstall = ''
|
||||
snipe_it_out="$out/share/php/snipe-it"
|
||||
|
||||
# Before symlinking the following directories, copy the invalid_barcode.gif
|
||||
# to a different location. The `snipe-it-setup` oneshot service will then
|
||||
# copy the file back during bootstrap.
|
||||
mkdir -p $out/share/snipe-it
|
||||
cp $snipe_it_out/public/uploads/barcodes/invalid_barcode.gif $out/share/snipe-it/
|
||||
|
||||
rm -R $snipe_it_out/storage $snipe_it_out/public/uploads $snipe_it_out/bootstrap/cache
|
||||
ln -s ${dataDir}/.env $snipe_it_out/.env
|
||||
ln -s ${dataDir}/storage $snipe_it_out/
|
||||
ln -s ${dataDir}/public/uploads $snipe_it_out/public/uploads
|
||||
ln -s ${dataDir}/bootstrap/cache $snipe_it_out/bootstrap/cache
|
||||
|
||||
chmod +x $snipe_it_out/artisan
|
||||
|
||||
substituteInPlace $snipe_it_out/config/database.php --replace "env('DB_DUMP_PATH', '/usr/local/bin')" "env('DB_DUMP_PATH', '${mariadb}/bin')"
|
||||
'';
|
||||
|
||||
passthru = {
|
||||
tests = nixosTests.snipe-it;
|
||||
phpPackage = php;
|
||||
};
|
||||
|
||||
meta = with lib; {
|
||||
description = "A free open source IT asset/license management system";
|
||||
@ -62,4 +58,4 @@ in package.override rec {
|
||||
maintainers = with maintainers; [ yayayayaka ];
|
||||
platforms = platforms.linux;
|
||||
};
|
||||
}
|
||||
})
|
||||
|
File diff suppressed because it is too large
Load Diff
@ -1,99 +0,0 @@
|
||||
#!/usr/bin/env nix-shell
|
||||
#! nix-shell -I nixpkgs=../../../.. -i bash -p nix curl jq nix-update
|
||||
# shellcheck shell=bash
|
||||
cd "$(dirname "$0")"
|
||||
|
||||
usage () {
|
||||
cat <<EOF
|
||||
# Snipe-IT Updater
|
||||
|
||||
A small script to update Snipe-IT to the latest release
|
||||
|
||||
Usage: $(basename "$0") [options]
|
||||
|
||||
-h, --help Display this message and quit
|
||||
-c, --commit Create a commit after updating
|
||||
-n, --no-build Just update, don't build the package
|
||||
|
||||
This script needs composer2nix in your PATH.
|
||||
https://github.com/svanderburg/composer2nix
|
||||
EOF
|
||||
}
|
||||
|
||||
# Parse command line arguments
|
||||
while [ $# -ge 1 ]; do
|
||||
case "$1" in
|
||||
-h|--help)
|
||||
usage
|
||||
exit 0
|
||||
;;
|
||||
-c|--commit)
|
||||
COMMIT_CHANGES=true
|
||||
;;
|
||||
-d|--dont-build)
|
||||
DONT_BUILD=true
|
||||
;;
|
||||
*)
|
||||
;;
|
||||
esac
|
||||
shift
|
||||
done
|
||||
|
||||
# check if composer2nix is installed
|
||||
if ! command -v composer2nix &> /dev/null; then
|
||||
echo "Please install composer2nix (https://github.com/svanderburg/composer2nix) to run this script."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
CURRENT_VERSION=$(nix eval -f ../../../.. --raw snipe-it.version)
|
||||
TARGET_VERSION_REMOTE=$(curl ${GITHUB_TOKEN:+" -u \":$GITHUB_TOKEN\""} https://api.github.com/repos/snipe/snipe-it/releases/latest | jq -r ".tag_name")
|
||||
TARGET_VERSION=${TARGET_VERSION_REMOTE:1}
|
||||
SNIPE_IT=https://github.com/snipe/snipe-it/raw/$TARGET_VERSION_REMOTE
|
||||
SHA256=$(nix-prefetch-url --unpack "https://github.com/snipe/snipe-it/archive/v$TARGET_VERSION/snipe-it.tar.gz")
|
||||
|
||||
if [[ "$CURRENT_VERSION" == "$TARGET_VERSION" ]]; then
|
||||
echo "snipe-it is up-to-date: ${CURRENT_VERSION}"
|
||||
exit 0
|
||||
fi
|
||||
|
||||
curl -LO "$SNIPE_IT/composer.json"
|
||||
curl -LO "$SNIPE_IT/composer.lock"
|
||||
|
||||
composer2nix --name "snipe-it" \
|
||||
--composition=composition.nix \
|
||||
--no-dev
|
||||
rm composer.json composer.lock
|
||||
|
||||
# change version number
|
||||
sed -e "s/version =.*;/version = \"$TARGET_VERSION\";/g" \
|
||||
-e "s/sha256 =.*;/sha256 = \"$SHA256\";/g" \
|
||||
-i ./default.nix
|
||||
|
||||
# fix composer-env.nix
|
||||
sed -e "s/stdenv\.lib/lib/g" \
|
||||
-e '3s/stdenv, writeTextFile/stdenv, lib, writeTextFile/' \
|
||||
-i ./composer-env.nix
|
||||
|
||||
# fix composition.nix
|
||||
sed -e '7s/stdenv writeTextFile/stdenv lib writeTextFile/' \
|
||||
-i composition.nix
|
||||
|
||||
# fix missing newline
|
||||
echo "" >> composition.nix
|
||||
echo "" >> php-packages.nix
|
||||
|
||||
if [ -z ${DONT_BUILD+x} ]; then
|
||||
(
|
||||
cd ../../../..
|
||||
nix-build -A snipe-it
|
||||
)
|
||||
fi
|
||||
|
||||
if [ -n "$COMMIT_CHANGES" ]; then
|
||||
git add .
|
||||
git commit -m "snipe-it: $CURRENT_VERSION -> $TARGET_VERSION
|
||||
|
||||
https://github.com/snipe/snipe-it/releases/tag/v$TARGET_VERSION"
|
||||
fi
|
||||
|
||||
exit $?
|
@ -27347,7 +27347,6 @@ with pkgs;
|
||||
|
||||
snipe-it = callPackage ../servers/web-apps/snipe-it {
|
||||
php = php81;
|
||||
phpPackages = php81Packages;
|
||||
};
|
||||
|
||||
sogo = callPackage ../servers/web-apps/sogo { };
|
||||
|
@ -2242,6 +2242,8 @@ self: super: with self; {
|
||||
|
||||
compreffor = callPackage ../development/python-modules/compreffor { };
|
||||
|
||||
compressai = callPackage ../development/python-modules/compressai { };
|
||||
|
||||
concurrent-log-handler = callPackage ../development/python-modules/concurrent-log-handler { };
|
||||
|
||||
conda = callPackage ../development/python-modules/conda { };
|
||||
@ -11642,6 +11644,8 @@ self: super: with self; {
|
||||
|
||||
pytorch-metric-learning = callPackage ../development/python-modules/pytorch-metric-learning { };
|
||||
|
||||
pytorch-msssim = callPackage ../development/python-modules/pytorch-msssim { };
|
||||
|
||||
pytorch-pfn-extras = callPackage ../development/python-modules/pytorch-pfn-extras { };
|
||||
|
||||
pytraccar = callPackage ../development/python-modules/pytraccar { };
|
||||
|
Loading…
Reference in New Issue
Block a user