colin/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/master' into hardened-stdenv

Browse Source
This commit is contained in:
Franz Pletz 2016-05-18 17:10:02 +02:00
commit f8d481754c
No known key found for this signature in database
GPG Key ID: 846FDED7792617B4
1470 changed files with 62103 additions and 28701 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
doc/languages-frameworks/python.md
View File

@ -534,6 +534,7 @@ All parameters from `mkDerivation` function are still supported.
* `postShellHook`: Hook to execute commands after `shellHook`.
* `makeWrapperArgs`: A list of strings. Arguments to be passed to `makeWrapper`, which wraps generated binaries. By default, the arguments to `makeWrapper` set `PATH` and `PYTHONPATH` environment variables before calling the binary. Additional arguments here can allow a developer to set environment variables which will be available when the binary is run. For example, `makeWrapperArgs = ["--set FOO BAR" "--set BAZ QUX"]`.
* `installFlags`: A list of strings. Arguments to be passed to `pip install`. To pass options to `python setup.py install`, use `--install-option`. E.g., `installFlags=["--install-option='--cpp_implementation'"].
* `format`: Format of the source. Options are `setup` for when the source has a `setup.py` and `setuptools` is used to build a wheel, and `wheel` in case the source is already a binary wheel. The default value is `setup`.
#### `buildPythonApplication` function

16
doc/package-notes.xml
View File

@ -366,4 +366,20 @@ it. Place the resulting <filename>package.nix</filename> file into
</section>
<section xml:id="sec-autojump">
<title>Autojump</title>
<para>
autojump needs the shell integration to be useful but unlike other systems,
nix doesn't have a standard share directory location. This is why a
<command>autojump-share</command> script is shipped that prints the location
of the shared folder. This can then be used in the .bashrc like this:
<screen>
source "$(autojump-share)/autojump.bash"
</screen>
</para>
</section>
</chapter>

12
doc/stdenv.xml
View File

@ -1169,7 +1169,17 @@ PATH=/nix/store/68afga4khv0w...-coreutils-6.12/bin
echo @foo@
</programlisting>
That is, no substitution is performed for undefined variables.</para></listitem>
That is, no substitution is performed for undefined variables.</para>
<para>Environment variables that start with an uppercase letter or an
underscore are filtered out,
to prevent global variables (like <literal>HOME</literal>) or private
variables (like <literal>__ETC_PROFILE_DONE</literal>) from accidentally
getting substituted.
The variables also have to be valid bash “names”, as
defined in the bash manpage (alphanumeric or <literal>_</literal>,
must not start with a number).</para>
</listitem>
</varlistentry>

26
lib/attrsets.nix
View File

@ -438,23 +438,21 @@ rec {
overrideExisting = old: new:
old // listToAttrs (map (attr: nameValuePair attr (attrByPath [attr] old.${attr} new)) (attrNames old));
/* Try given attributes in order. If no attributes are found, return
attribute list itself.
/* Get a package output.
If no output is found, fallback to `.out` and then to the default.
Example:
tryAttrs ["a" "b"] { a = 1; b = 2; }
=> 1
tryAttrs ["a" "b"] { c = 3; }
=> { c = 3; }
getOutput "dev" pkgs.openssl
=> "/nix/store/9rz8gxhzf8sw4kf2j2f1grr49w8zx5vj-openssl-1.0.1r-dev"
*/
tryAttrs = allAttrs: set:
let tryAttrs_ = attrs:
if attrs == [] then set
else
(let h = head attrs; in
if hasAttr h set then getAttr h set
else tryAttrs_ (tail attrs));
in tryAttrs_ allAttrs;
getOutput = output: pkg:
if pkg.outputUnspecified or false
then pkg.${output} or pkg.out or pkg
else pkg;
getBin = getOutput "bin";
getLib = getOutput "lib";
getDev = getOutput "dev";
/*** deprecated stuff ***/

16
lib/maintainers.nix
View File

@ -13,8 +13,8 @@
aboseley = "Adam Boseley <adam.boseley@gmail.com>";
adev = "Adrien Devresse <adev@adev.name>";
Adjective-Object = "Maxwell Huang-Hobbs <mhuan13@gmail.com>";
aespinosa = "Allan Espinosa <allan.espinosa@outlook.com>";
adnelson = "Allen Nelson <ithinkican@gmail.com>";
aespinosa = "Allan Espinosa <allan.espinosa@outlook.com>";
aflatter = "Alexander Flatter <flatter@fastmail.fm>";
aforemny = "Alexander Foremny <alexanderforemny@googlemail.com>";
afranchuk = "Alex Franchuk <alex.franchuk@gmail.com>";
@ -149,6 +149,7 @@
globin = "Robin Gloster <mail@glob.in>";
goibhniu = "Cillian de Róiste <cillian.deroiste@gmail.com>";
Gonzih = "Max Gonzih <gonzih@gmail.com>";
gpyh = "Yacine Hmito <yacine.hmito@gmail.com>";
gridaphobe = "Eric Seidel <eric@seidel.io>";
guibert = "David Guibert <david.guibert@gmail.com>";
havvy = "Ryan Scheel <ryan.havvy@gmail.com>";
@ -159,7 +160,7 @@
hrdinka = "Christoph Hrdinka <c.nix@hrdinka.at>";
iand675 = "Ian Duncan <ian@iankduncan.com>";
ianwookim = "Ian-Woo Kim <ianwookim@gmail.com>";
iElectric = "Domen Kozar <domen@dev.si>";
domenkozar = "Domen Kozar <domen@dev.si>";
igsha = "Igor Sharonov <igor.sharonov@gmail.com>";
ikervagyok = "Balázs Lengyel <ikervagyok@gmail.com>";
j-keck = "Jürgen Keck <jhyphenkeck@gmail.com>";
@ -178,6 +179,7 @@
joelteon = "Joel Taylor <me@joelt.io>";
jpbernardy = "Jean-Philippe Bernardy <jeanphilippe.bernardy@gmail.com>";
jraygauthier = "Raymond Gauthier <jraygauthier@gmail.com>";
juliendehos = "Julien Dehos <dehos@lisic.univ-littoral.fr>";
jwiegley = "John Wiegley <johnw@newartisans.com>";
jwilberding = "Jordan Wilberding <jwilberding@afiniate.com>";
jzellner = "Jeff Zellner <jeffz@eml.cc>";
@ -220,12 +222,13 @@
marcweber = "Marc Weber <marco-oweber@gmx.de>";
markus1189 = "Markus Hauck <markus1189@gmail.com>";
markWot = "Markus Wotringer <markus@wotringer.de>";
martijnvermaat = "Martijn Vermaat <martijn@vermaat.name>";
matejc = "Matej Cotman <cotman.matej@gmail.com>";
mathnerd314 = "Mathnerd314 <mathnerd314.gph+hs@gmail.com>";
matthiasbeyer = "Matthias Beyer <mail@beyermatthias.de>";
mbauer = "Matthew Bauer <mjbauer95@gmail.com>";
maurer = "Matthew Maurer <matthew.r.maurer+nix@gmail.com>";
mbakke = "Marius Bakke <ymse@tuta.io>";
mbauer = "Matthew Bauer <mjbauer95@gmail.com>";
mbe = "Brandon Edens <brandonedens@gmail.com>";
mboes = "Mathieu Boespflug <mboes@tweag.net>";
mcmtroffaes = "Matthias C. M. Troffaes <matthias.troffaes@gmail.com>";
@ -235,6 +238,7 @@
michelk = "Michel Kuhlmann <michel@kuhlmanns.info>";
mingchuan = "Ming Chuan <ming@culpring.com>";
mirdhyn = "Merlin Gaillard <mirdhyn@gmail.com>";
mirrexagon = "Andrew Abbott <mirrexagon@mirrexagon.com>";
modulistic = "Pablo Costa <modulistic@gmail.com>";
mog = "Matthew O'Gorman <mog-lists@rldn.net>";
moosingin3space = "Nathan Moos <moosingin3space@gmail.com>";
@ -257,7 +261,7 @@
notthemessiah = "Brian Cohen <brian.cohen.88@gmail.com>";
np = "Nicolas Pouillard <np.nix@nicolaspouillard.fr>";
nslqqq = "Nikita Mikhailov <nslqqq@gmail.com>";
obadz = "obadz <nixos@obadz.com>";
obadz = "obadz <obadz-nixos@obadz.com>";
ocharles = "Oliver Charles <ollie@ocharles.org.uk>";
odi = "Oliver Dunkl <oliver.dunkl@gmail.com>";
offline = "Jaka Hudoklin <jakahudoklin@gmail.com>";
@ -273,6 +277,7 @@
pashev = "Igor Pashev <pashev.igor@gmail.com>";
pesterhazy = "Paulus Esterhazy <pesterhazy@gmail.com>";
peterhoeg = "Peter Hoeg <peter@hoeg.com>";
peti = "Peter Simons <simons@cryp.to>";
philandstuff = "Philip Potter <philip.g.potter@gmail.com>";
phile314 = "Philipp Hausmann <nix@314.ch>";
Phlogistique = "Noé Rubinstein <noe.rubinstein@gmail.com>";
@ -325,11 +330,11 @@
schristo = "Scott Christopher <schristopher@konputa.com>";
scolobb = "Sergiu Ivanov <sivanov@colimite.fr>";
sepi = "Raffael Mancini <raffael@mancini.lu>";
seppeljordan = "Sebastian Jordan <sebastian.jordan.mail@googlemail.com>";
sheenobu = "Sheena Artrip <sheena.artrip@gmail.com>";
sheganinans = "Aistis Raulinaitis <sheganinans@gmail.com>";
shell = "Shell Turner <cam.turn@gmail.com>";
shlevy = "Shea Levy <shea@shealevy.com>";
simons = "Peter Simons <simons@cryp.to>";
simonvandel = "Simon Vandel Sillesen <simon.vandel@gmail.com>";
sjagoe = "Simon Jagoe <simon@simonjagoe.com>";
sjmackenzie = "Stewart Mackenzie <setori88@gmail.com>";
@ -352,6 +357,7 @@
tailhook = "Paul Colomiets <paul@colomiets.name>";
taktoa = "Remy Goldschmidt <taktoa@gmail.com>";
tavyc = "Octavian Cerna <octavian.cerna@gmail.com>";
teh = "Tom Hunger <tehunger@gmail.com>";
telotortium = "Robert Irelan <rirelan@gmail.com>";
thall = "Niclas Thall <niclas.thall@gmail.com>";
thammers = "Tobias Hammerschmidt <jawr@gmx.de>";

19
lib/strings.nix
View File

@ -88,15 +88,14 @@ rec {
makeSearchPath = subDir: packages:
concatStringsSep ":" (map (path: path + "/" + subDir) packages);
/* Construct a Unix-style search path, given trying outputs in order.
/* Construct a Unix-style search path, using given package output.
If no output is found, fallback to `.out` and then to the default.
Example:
makeSearchPathOutputs "bin" ["bin"] [ pkgs.openssl pkgs.zlib ]
=> "/nix/store/9rz8gxhzf8sw4kf2j2f1grr49w8zx5vj-openssl-1.0.1r-bin/bin:/nix/store/wwh7mhwh269sfjkm6k5665b5kgp7jrk2-zlib-1.2.8/bin"
makeSearchPathOutput "dev" "bin" [ pkgs.openssl pkgs.zlib ]
=> "/nix/store/9rz8gxhzf8sw4kf2j2f1grr49w8zx5vj-openssl-1.0.1r-dev/bin:/nix/store/wwh7mhwh269sfjkm6k5665b5kgp7jrk2-zlib-1.2.8/bin"
*/
makeSearchPathOutputs = subDir: outputs: pkgs:
makeSearchPath subDir (map (pkg: if pkg.outputUnspecified or false then lib.tryAttrs (outputs ++ ["out"]) pkg else pkg) pkgs);
makeSearchPathOutput = output: subDir: pkgs: makeSearchPath subDir (map (lib.getOutput output) pkgs);
/* Construct a library search path (such as RPATH) containing the
libraries for a set of packages
@ -108,9 +107,7 @@ rec {
makeLibraryPath [ pkgs.openssl pkgs.zlib ]
=> "/nix/store/9rz8gxhzf8sw4kf2j2f1grr49w8zx5vj-openssl-1.0.1r/lib:/nix/store/wwh7mhwh269sfjkm6k5665b5kgp7jrk2-zlib-1.2.8/lib"
*/
makeLibraryPath = pkgs: makeSearchPath "lib"
# try to guess the right output of each pkg
(map (pkg: if pkg.outputUnspecified or false then pkg.lib or (pkg.out or pkg) else pkg) pkgs);
makeLibraryPath = makeSearchPathOutput "lib" "lib";
/* Construct a binary search path (such as $PATH) containing the
binaries for a set of packages.
@ -119,8 +116,7 @@ rec {
makeBinPath ["/root" "/usr" "/usr/local"]
=> "/root/bin:/usr/bin:/usr/local/bin"
*/
makeBinPath = pkgs: makeSearchPath "bin"
(map (pkg: if pkg.outputUnspecified or false then pkg.bin or (pkg.out or pkg) else pkg) pkgs);
makeBinPath = makeSearchPathOutput "bin" "bin";
/* Construct a perl search path (such as $PERL5LIB)
@ -132,8 +128,7 @@ rec {
makePerlPath [ pkgs.perlPackages.NetSMTP ]
=> "/nix/store/n0m1fk9c960d8wlrs62sncnadygqqc6y-perl-Net-SMTP-1.25/lib/perl5/site_perl"
*/
makePerlPath = pkgs: makeSearchPath "lib/perl5/site_perl"
(map (pkg: if pkg.outputUnspecified or false then pkg.lib or (pkg.out or pkg) else pkg) pkgs);
makePerlPath = makeSearchPathOutput "lib" "lib/perl5/site_perl";
/* Dependening on the boolean `cond', return either the given string
or the empty string. Useful to contatenate against a bigger string.

63
maintainers/scripts/copy-tarballs.pl
View File

@ -5,7 +5,7 @@
# content-addressed cache used by fetchurl as a fallback for when
# upstream tarballs disappear or change. Usage:
#
# 1) To upload a single file:
# 1) To upload one or more files:
#
# $ copy-tarballs.pl --file /path/to/tarball.tar.gz
#
@ -22,12 +22,38 @@ use JSON;
use Net::Amazon::S3;
use Nix::Store;
isValidPath("/nix/store/foo"); # FIXME: forces Nix::Store initialisation
isValidPath("/nix/store/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-foo"); # FIXME: forces Nix::Store initialisation
sub usage {
die "Syntax: $0 [--dry-run] [--exclude REGEXP] [--expr EXPR | --file FILES...]\n";
}
my $dryRun = 0;
my $expr;
my @fileNames;
my $exclude;
while (@ARGV) {
my $flag = shift @ARGV;
if ($flag eq "--expr") {
$expr = shift @ARGV or die "--expr requires an argument";
} elsif ($flag eq "--file") {
@fileNames = @ARGV;
last;
} elsif ($flag eq "--dry-run") {
$dryRun = 1;
} elsif ($flag eq "--exclude") {
$exclude = shift @ARGV or die "--exclude requires an argument";
} else {
usage();
}
}
# S3 setup.
my $aws_access_key_id = $ENV{'AWS_ACCESS_KEY_ID'} or die;
my $aws_secret_access_key = $ENV{'AWS_SECRET_ACCESS_KEY'} or die;
my $aws_access_key_id = $ENV{'AWS_ACCESS_KEY_ID'} or die "AWS_ACCESS_KEY_ID not set\n";
my $aws_secret_access_key = $ENV{'AWS_SECRET_ACCESS_KEY'} or die "AWS_SECRET_ACCESS_KEY not set\n";
my $s3 = Net::Amazon::S3->new(
{ aws_access_key_id => $aws_access_key_id,
@ -37,12 +63,15 @@ my $s3 = Net::Amazon::S3->new(
my $bucket = $s3->bucket("nixpkgs-tarballs") or die;
my $cacheFile = "/tmp/copy-tarballs-cache";
my $doWrite = 0;
my $cacheFile = ($ENV{"HOME"} or die "\$HOME is not set") . "/.cache/nix/copy-tarballs";
my %cache;
$cache{$_} = 1 foreach read_file($cacheFile, err_mode => 'quiet', chomp => 1);
$doWrite = 1;
END() {
write_file($cacheFile, map { "$_\n" } keys %cache);
File::Path::mkpath(dirname($cacheFile), 0, 0755);
write_file($cacheFile, map { "$_\n" } keys %cache) if $doWrite;
}
sub alreadyMirrored {
@ -87,11 +116,9 @@ sub uploadFile {
$cache{$mainKey} = 1;
}
my $op = shift @ARGV;
if ($op eq "--file") {
if (scalar @fileNames) {
my $res = 0;
foreach my $fn (@ARGV) {
foreach my $fn (@fileNames) {
eval {
if (alreadyMirrored("sha512", hashFile("sha512", 0, $fn))) {
print STDERR "$fn is already mirrored\n";
@ -100,17 +127,16 @@ if ($op eq "--file") {
}
};
if ($@) {
warn "$@\n";
warn "$@";
$res = 1;
}
}
exit $res;
}
elsif ($op eq "--expr") {
elsif (defined $expr) {
# Evaluate find-tarballs.nix.
my $expr = $ARGV[0] // die "$0: --expr requires a Nix expression\n";
my $pid = open(JSON, "-|", "nix-instantiate", "--eval", "--json", "--strict",
"<nixpkgs/maintainers/scripts/find-tarballs.nix>",
"--arg", "expr", $expr);
@ -126,7 +152,7 @@ elsif ($op eq "--expr") {
# Check every fetchurl call discovered by find-tarballs.nix.
my $mirrored = 0;
my $have = 0;
foreach my $fetch (@{$fetches}) {
foreach my $fetch (sort { $a->{url} cmp $b->{url} } @{$fetches}) {
my $url = $fetch->{url};
my $algo = $fetch->{type};
my $hash = $fetch->{hash};
@ -142,6 +168,8 @@ elsif ($op eq "--expr") {
next;
}
next if defined $exclude && $url =~ /$exclude/;
if (alreadyMirrored($algo, $hash)) {
$have++;
next;
@ -151,7 +179,10 @@ elsif ($op eq "--expr") {
print STDERR "mirroring $url ($storePath)...\n";
next if $ENV{DRY_RUN};
if ($dryRun) {
$mirrored++;
next;
}
# Substitute the output.
if (!isValidPath($storePath)) {
@ -184,5 +215,5 @@ elsif ($op eq "--expr") {
}
else {
die "Syntax: $0 --file FILENAMES... | --expr EXPR\n";
usage();
}

3
maintainers/scripts/travis-nox-review-pr.sh
View File

@ -23,6 +23,9 @@ elif [[ $1 == nox ]]; then
elif [[ $1 == build ]]; then
source $HOME/.nix-profile/etc/profile.d/nix.sh
echo "=== Checking NixOS options"
nix-build nixos/release.nix -A options
echo "=== Checking tarball creation"
nix-build pkgs/top-level/release.nix -A tarball

7
nixos/maintainers/scripts/ec2/create-amis.sh
View File

@ -102,6 +102,11 @@ for type in hvm pv; do
mv $vhdFile.tmp $vhdFile
fi
vhdFileLogicalBytes="$(qemu-img info "$vhdFile" | grep ^virtual\ size: | cut -f 2 -d \( | cut -f 1 -d \ )"
vhdFileLogicalGigaBytes=$(((vhdFileLogicalBytes-1)/1024/1024/1024+1)) # Round to the next GB
echo "Disk size is $vhdFileLogicalBytes bytes. Will be registered as $vhdFileLogicalGigaBytes GB."
taskId=$(cat $stateDir/$region.$type.task-id 2> /dev/null || true)
volId=$(cat $stateDir/$region.$type.vol-id 2> /dev/null || true)
snapId=$(cat $stateDir/$region.$type.snap-id 2> /dev/null || true)
@ -165,7 +170,7 @@ for type in hvm pv; do
rm -f $stateDir/$region.$type.vol-id
fi
extraFlags="-b /dev/sda1=$snapId:20:true:gp2"
extraFlags="-b /dev/sda1=$snapId:$vhdFileLogicalGigaBytes:true:gp2"
if [ $type = pv ]; then
extraFlags+=" --root-device-name=/dev/sda1"

2
nixos/modules/config/krb5.nix
View File

@ -173,6 +173,8 @@ in
${cfg.domainRealm} = ${cfg.defaultRealm}
.mit.edu = ATHENA.MIT.EDU
mit.edu = ATHENA.MIT.EDU
.exchange.mit.edu = EXCHANGE.MIT.EDU
exchange.mit.edu = EXCHANGE.MIT.EDU
.media.mit.edu = MEDIA-LAB.MIT.EDU
media.mit.edu = MEDIA-LAB.MIT.EDU
.csail.mit.edu = CSAIL.MIT.EDU

12
nixos/modules/config/pulseaudio.nix
View File

@ -98,9 +98,9 @@ in {
package = mkOption {
type = types.package;
default = pulseaudioLight.out;
defaultText = "pkgs.pulseaudioLight.out";
example = literalExample "pkgs.pulseaudioFull.out";
default = pulseaudioLight;
defaultText = "pkgs.pulseaudioLight";
example = literalExample "pkgs.pulseaudioFull";
description = ''
The PulseAudio derivation to use. This can be used to enable
features (such as JACK support, Bluetooth) via the
@ -130,7 +130,7 @@ in {
source = clientConf;
};
hardware.pulseaudio.configFile = mkDefault "${cfg.package.out}/etc/pulse/default.pa";
hardware.pulseaudio.configFile = mkDefault "${getBin cfg.package}/etc/pulse/default.pa";
}
(mkIf cfg.enable {
@ -158,7 +158,7 @@ in {
wantedBy = [ "default.target" ];
serviceConfig = {
Type = "notify";
ExecStart = "${cfg.package.out}/bin/pulseaudio --daemonize=no";
ExecStart = "${getBin cfg.package}/bin/pulseaudio --daemonize=no";
Restart = "on-failure";
};
};
@ -195,7 +195,7 @@ in {
environment.PULSE_RUNTIME_PATH = stateDir;
serviceConfig = {
Type = "notify";
ExecStart = "${cfg.package.out}/bin/pulseaudio --daemonize=no --log-level=${cfg.daemon.logLevel} --system -n --file=${cfg.configFile}";
ExecStart = "${getBin cfg.package}/bin/pulseaudio --daemonize=no --log-level=${cfg.daemon.logLevel} --system -n --file=${cfg.configFile}";
Restart = "on-failure";
};
};

4
nixos/modules/config/shells-environment.nix
View File

@ -150,6 +150,10 @@ in
system.build.binsh = pkgs.bashInteractive;
# Ensure TERMINFO is set appropriately *before* user shells are run,
# as they may depend on it
environment.sessionVariables.TERMINFO = "/run/current-system/sw/share/terminfo";
# Set session variables in the shell as well. This is usually
# unnecessary, but it allows changes to session variables to take
# effect without restarting the session (e.g. by opening a new

3
nixos/modules/config/system-path.nix
View File

@ -40,6 +40,7 @@ let
pkgs.time
pkgs.texinfoInteractive
pkgs.utillinux
pkgs.which # 88K size
];
in
@ -102,6 +103,8 @@ in
environment.pathsToLink =
[ "/bin"
"/etc/xdg"
"/etc/gtk-2.0"
"/etc/gtk-3.0"
"/info"
"/lib" # FIXME: remove and update debug-info.nix
"/sbin"

17
nixos/modules/config/unix-odbc-drivers.nix
View File

@ -5,14 +5,21 @@ with lib;
# unixODBC drivers (this solution is not perfect.. Because the user has to
# ask the admin to add a driver.. but it's simple and works
{
let
iniDescription = pkg: ''
[${pkg.fancyName}]
Description = ${pkg.meta.description}
Driver = ${pkg}/${pkg.driver}
'';
in {
###### interface
options = {
environment.unixODBCDrivers = mkOption {
type = types.listOf types.package;
default = [];
example = literalExample "with pkgs.unixODBCDrivers; [ mysql psql psqlng ]";
example = literalExample "with pkgs.unixODBCDrivers; [ sqlite psql ]";
description = ''
Specifies Unix ODBC drivers to be registered in
<filename>/etc/odbcinst.ini</filename>. You may also want to
@ -25,11 +32,7 @@ with lib;
###### implementation
config = mkIf (config.environment.unixODBCDrivers != []) {
environment.etc."odbcinst.ini".text =
let inis = map (x : x.ini) config.environment.unixODBCDrivers;
in lib.concatStringsSep "\n" inis;
environment.etc."odbcinst.ini".text = concatMapStringsSep "\n" iniDescription config.environment.unixODBCDrivers;
};
}

42
nixos/modules/i18n/input-method/default.nix
View File

@ -1,10 +1,32 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.i18n.inputMethod;
gtk2_cache = pkgs.stdenv.mkDerivation {
preferLocalBuild = true;
allowSubstitutes = false;
name = "gtk2-immodule.cache";
buildInputs = [ pkgs.gtk cfg.package ];
buildCommand = ''
mkdir -p $out/etc/gtk-2.0/
GTK_PATH=${cfg.package}/lib/gtk-2.0/ gtk-query-immodules-2.0 > $out/etc/gtk-2.0/immodules.cache
'';
};
gtk3_cache = pkgs.stdenv.mkDerivation {
preferLocalBuild = true;
allowSubstitutes = false;
name = "gtk3-immodule.cache";
buildInputs = [ pkgs.gtk3 cfg.package ];
buildCommand = ''
mkdir -p $out/etc/gtk-3.0/
GTK_PATH=${cfg.package}/lib/gtk-3.0/ gtk-query-immodules-3.0 > $out/etc/gtk-3.0/immodules.cache
'';
};
in
{
options = {
i18n.inputMethod = {
options.i18n = {
inputMethod = {
enabled = mkOption {
type = types.nullOr (types.enum [ "ibus" "fcitx" "nabi" "uim" ]);
default = null;
@ -24,6 +46,20 @@ with lib;
</itemizedlist>
'';
};
package = mkOption {
internal = true;
type = types.path;
default = null;
description = ''
The input method method package.
'';
};
};
};
config = mkIf (cfg.enabled != null) {
environment.systemPackages = [ cfg.package gtk2_cache gtk3_cache ];
};
}

2
nixos/modules/i18n/input-method/fcitx.nix
View File

@ -32,7 +32,7 @@ in
};
config = mkIf (config.i18n.inputMethod.enabled == "fcitx") {
environment.systemPackages = [ fcitxPackage ];
i18n.inputMethod.package = fcitxPackage;
environment.variables = {
GTK_IM_MODULE = "fcitx";

4
nixos/modules/i18n/input-method/ibus.nix
View File

@ -41,9 +41,11 @@ in
};
config = mkIf (config.i18n.inputMethod.enabled == "ibus") {
i18n.inputMethod.package = ibusPackage;
# Without dconf enabled it is impossible to use IBus
environment.systemPackages = with pkgs; [
ibusPackage ibus-qt gnome3.dconf ibusAutostart
ibus-qt gnome3.dconf ibusAutostart
];
environment.variables = {

2
nixos/modules/i18n/input-method/nabi.nix
View File

@ -3,7 +3,7 @@
with lib;
{
config = mkIf (config.i18n.inputMethod.enabled == "nabi") {
environment.systemPackages = [ pkgs.nabi ];
i18n.inputMethod.package = pkgs.nabi;
environment.variables = {
GTK_IM_MODULE = "nabi";

2
nixos/modules/i18n/input-method/uim.nix
View File

@ -22,7 +22,7 @@ in
};
config = mkIf (config.i18n.inputMethod.enabled == "uim") {
environment.systemPackages = [ pkgs.uim ];
i18n.inputMethod.package = pkgs.uim;
environment.variables = {
GTK_IM_MODULE = "uim";

4
nixos/modules/misc/ids.nix
View File

@ -265,6 +265,8 @@
factorio = 241;
emby = 242;
graylog = 243;
sniproxy = 244;
nzbget = 245;
# When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399!
@ -500,6 +502,8 @@
taskd = 240;
factorio = 241;
emby = 242;
sniproxy = 244;
nzbget = 245;
# When adding a gid, make sure it doesn't match an existing
# uid. Users and groups with the same name should have equal

2
nixos/modules/module-list.nix
View File

@ -239,6 +239,7 @@
./services/misc/nix-gc.nix
./services/misc/nixos-manual.nix
./services/misc/nix-ssh-serve.nix
./services/misc/nzbget.nix
./services/misc/octoprint.nix
./services/misc/parsoid.nix
./services/misc/phd.nix
@ -379,6 +380,7 @@
./services/networking/skydns.nix
./services/networking/shairport-sync.nix
./services/networking/shout.nix
./services/networking/sniproxy.nix
./services/networking/softether.nix
./services/networking/spiped.nix
./services/networking/sslh.nix

2
nixos/modules/rename.nix
View File

@ -123,6 +123,8 @@ with lib;
(mkRemovedOptionModule [ "services" "printing" "cupsFilesConf" ])
(mkRemovedOptionModule [ "services" "printing" "cupsdConf" ])
(mkRemovedOptionModule [ "services" "xserver" "startGnuPGAgent" ])
(mkRemovedOptionModule [ "services" "phpfpm" "phpIni" ])
(mkRemovedOptionModule [ "services" "dovecot2" "package" ])
];
}

2
nixos/modules/security/apparmor-suid.nix
View File

@ -29,7 +29,7 @@ with lib;
network inet raw,
${pkgs.glibc.out}/lib/*.so mr,
${pkgs.libcap.out}/lib/libcap.so* mr,
${pkgs.libcap.lib}/lib/libcap.so* mr,
${pkgs.attr.out}/lib/libattr.so* mr,
${pkgs.iputils}/bin/ping mixr,

30
nixos/modules/security/grsecurity.nix
View File

@ -126,6 +126,19 @@ in
'';
};
denyChrootCaps = mkOption {
type = types.bool;
default = false;
description = ''
Whether to lower capabilities of all processes within a chroot,
preventing commands that require <literal>CAP_SYS_ADMIN</literal>.
This protection is disabled by default because it breaks
<literal>nixos-rebuild</literal>. Whenever possible, it is
highly recommended to enable this protection.
'';
};
denyUSB = mkOption {
type = types.bool;
default = false;
@ -194,6 +207,23 @@ in
'';
};
disableSimultConnect = mkOption {
type = types.bool;
default = false;
description = ''
Disable TCP simultaneous connect. The TCP simultaneous connect
feature allows two clients to connect without either of them
entering the listening state. This feature of the TCP specification
is claimed to enable an attacker to deny the target access to a given
server by guessing the source port the target would use to make the
connection.
This option is OFF by default because TCP simultaneous connect has
some legitimate uses. Enable this option if you know what this TCP
feature is for and know that you do not need it.
'';
};
verboseVersion = mkOption {
type = types.bool;
default = false;

1
nixos/modules/security/pam.nix
View File

@ -471,6 +471,7 @@ in
cups = {};
ftp = {};
i3lock = {};
i3lock-color = {};
screen = {};
vlock = {};
xlock = {};

56
nixos/modules/services/backup/rsnapshot.nix
View File

@ -2,12 +2,30 @@
with lib;
let cfg = config.services.rsnapshot;
let
cfg = config.services.rsnapshot;
cfgfile = pkgs.writeText "rsnapshot.conf" ''
config_version 1.2
cmd_cp ${pkgs.coreutils}/bin/cp
cmd_rsync ${pkgs.rsync}/bin/rsync
cmd_ssh ${pkgs.openssh}/bin/ssh
cmd_logger ${pkgs.inetutils}/bin/logger
cmd_du ${pkgs.coreutils}/bin/du
lockfile /run/rsnapshot.pid
${cfg.extraConfig}
'';
in
{
options = {
services.rsnapshot = {
enable = mkEnableOption "rsnapshot backups";
enableManualRsnapshot = mkOption {
description = "Whether to enable manual usage of the rsnapshot command with this module.";
default = true;
example = false;
type = types.bool;
};
extraConfig = mkOption {
default = "";
@ -39,37 +57,17 @@ in
as retain options.
'';
};
package = mkOption {
type = types.package;
default = pkgs.rsnapshot;
defaultText = "pkgs.rsnapshot";
example = literalExample "pkgs.rsnapshotGit";
description = ''
RSnapshot package to use.
'';
};
};
};
config = mkIf cfg.enable (let
myRsnapshot = cfg.package.override { configFile = rsnapshotCfg; };
rsnapshotCfg = with pkgs; writeText "gen-rsnapshot.conf" (''
config_version 1.2
cmd_cp ${coreutils}/bin/cp
cmd_rsync ${rsync}/bin/rsync
cmd_ssh ${openssh}/bin/ssh
cmd_logger ${inetutils}/bin/logger
cmd_du ${coreutils}/bin/du
lockfile /run/rsnapshot.pid
${cfg.extraConfig}
'');
in {
environment.systemPackages = [ myRsnapshot ];
config = mkIf cfg.enable (mkMerge [
{
services.cron.systemCronJobs =
mapAttrsToList (interval: time: "${time} root ${myRsnapshot}/bin/rsnapshot ${interval}") cfg.cronIntervals;
mapAttrsToList (interval: time: "${time} root ${pkgs.rsnapshot}/bin/rsnapshot -c ${cfgfile} ${interval}") cfg.cronIntervals;
}
);
(mkIf cfg.enableManualRsnapshot {
environment.systemPackages = [ pkgs.rsnapshot ];
environment.etc."rsnapshot.conf".source = cfgfile;
})
]);
}

12
nixos/modules/services/continuous-integration/jenkins/default.nix
View File

@ -161,16 +161,8 @@ in {
'';
postStart = ''
until ${pkgs.curl.bin}/bin/curl -s -L ${cfg.listenAddress}:${toString cfg.port}${cfg.prefix} ; do
sleep 10
done
while true ; do
index=`${pkgs.curl.bin}/bin/curl -s -L ${cfg.listenAddress}:${toString cfg.port}${cfg.prefix}`
if [[ !("$index" =~ 'Please wait while Jenkins is restarting' ||
"$index" =~ 'Please wait while Jenkins is getting ready to work') ]]; then
exit 0
fi
sleep 30
until [[ $(${pkgs.curl.bin}/bin/curl -s --head -w '\n%{http_code}' http://${cfg.listenAddress}:${toString cfg.port}${cfg.prefix} | tail -n1) =~ ^(200|403)$ ]]; do
sleep 1
done
'';

7
nixos/modules/services/games/factorio.nix
View File

@ -75,9 +75,10 @@ in
after = [ "network.target" ];
preStart = ''
test -e ${stateDir}/saves/${cfg.saveName}.zip || ${pkgs.factorio-headless}/bin/factorio \
--config=${cfg.configFile} \
--create=${cfg.saveName}
test -e ${stateDir}/saves/${cfg.saveName}.zip || \
${pkgs.factorio-headless}/bin/factorio \
--config=${cfg.configFile} \
--create=${cfg.saveName}
'';
serviceConfig = {

2
nixos/modules/services/games/minetest-server.nix
View File

@ -97,7 +97,7 @@ in
script = ''
cd /var/lib/minetest
exec ${pkgs.minetest}/bin/minetestserver ${concatStrings flags}
exec ${pkgs.minetest}/bin/minetest --server ${concatStrings flags}
'';
};
};

6
nixos/modules/services/hardware/bluetooth.nix
View File

@ -9,7 +9,7 @@ let
serviceConfig = {
Type = "dbus";
BusName = "org.bluez";
ExecStart = "${bluez-bluetooth}/sbin/bluetoothd -n";
ExecStart = "${getBin bluez-bluetooth}/bin/bluetoothd -n";
};
wantedBy = [ "bluetooth.target" ];
};
@ -19,7 +19,7 @@ let
serviceConfig = {
Type = "dbus";
BusName = "org.bluez";
ExecStart = "${bluez-bluetooth}/sbin/bluetoothd -n";
ExecStart = "${getBin bluez-bluetooth}/bin/bluetoothd -n";
NotifyAccess="main";
CapabilityBoundingSet="CAP_NET_ADMIN CAP_NET_BIND_SERVICE";
LimitNPROC=1;
@ -32,7 +32,7 @@ let
serviceConfig = {
Type = "dbus";
BusName = "org.bluez.obex";
ExecStart = "${bluez-bluetooth}/sbin/obexd";
ExecStart = "${getBin bluez-bluetooth}/bin/obexd";
};
};

1
nixos/modules/services/hardware/udev.nix
View File

@ -193,6 +193,7 @@ in
<filename><replaceable>pkg</replaceable>/lib/udev/rules.d</filename>
will be included.
'';
apply = map getBin;
};
path = mkOption {

12
nixos/modules/services/mail/dovecot.nix
View File

@ -4,7 +4,7 @@ with lib;
let
cfg = config.services.dovecot2;
dovecotPkg = cfg.package;
dovecotPkg = pkgs.dovecot;
baseDir = "/run/dovecot2";
stateDir = "/var/lib/dovecot";
@ -98,13 +98,6 @@ in
description = "Additional listeners to start when Dovecot is enabled.";
};
package = mkOption {
type = types.package;
default = pkgs.dovecot;
defaultText = "pkgs.dovecot";
description = "Dovecot package to use.";
};
user = mkOption {
type = types.str;
default = "dovecot2";
@ -159,8 +152,7 @@ in
description = ''
Symlinks the contents of lib/dovecot of every given package into
/etc/dovecot/modules. This will make the given modules available
if a dovecot package with the module_dir patch applied (like
pkgs.dovecot22, the default) is being used.
if a dovecot package with the module_dir patch applied is being used.
'';
};

4
nixos/modules/services/misc/dictd.nix
View File

@ -11,6 +11,7 @@ with lib;
services.dictd = {
enable = mkOption {
type = types.bool;
default = false;
description = ''
Whether to enable the DICT.org dictionary server.
@ -18,8 +19,9 @@ with lib;
};
DBs = mkOption {
type = types.listOf types.package;
default = [];
# example = [ pkgs.dictDBs.nld2eng ];
example = [ pkgs.dictdDBs.nld2eng ];
description = ''List of databases to make available.'';
};

85
nixos/modules/services/misc/nzbget.nix Normal file
View File

@ -0,0 +1,85 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.nzbget;
nzbget = pkgs.nzbget;
in
{
options = {
services.nzbget = {
enable = mkEnableOption "NZBGet";
package = mkOption {
type = types.package;
default = pkgs.nzbget;
defaultText = "pkgs.nzbget";
description = "The NZBGet package to use";
};
user = mkOption {
type = types.str;
default = "nzbget";
description = "User account under which NZBGet runs";
};
group = mkOption {
type = types.str;
default = "nzbget";
description = "Group under which NZBGet runs";
};
};
};
config = mkIf cfg.enable {
systemd.services.nzbget = {
description = "NZBGet Daemon";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
path = with pkgs; [
unrar
p7zip
];
preStart = ''
test -d /var/lib/nzbget || {
echo "Creating nzbget state directoy in /var/lib/"
mkdir -p /var/lib/nzbget
}
test -f /var/lib/nzbget/nzbget.conf || {
echo "nzbget.conf not found. Copying default config to /var/lib/nzbget/nzbget.conf"
cp ${cfg.package}/share/nzbget/nzbget.conf /var/lib/nzbget/nzbget.conf
echo "Setting file mode of nzbget.conf to 0700 (needs to be written and contains plaintext credentials)"
chmod 0700 /var/lib/nzbget/nzbget.conf
echo "Setting temporary \$MAINDIR variable in default config required in order to allow nzbget to complete initial start"
echo "Remember to change this to a proper value once NZBGet startup has been completed"
sed -i -e 's/MainDir=.*/MainDir=\/tmp/g' /var/lib/nzbget/nzbget.conf
}
echo "Ensuring proper ownership of /var/lib/nzbget (${cfg.user}:${cfg.group})."
chown -R ${cfg.user}:${cfg.group} /var/lib/nzbget
'';
serviceConfig = {
Type = "forking";
User = cfg.user;
Group = cfg.group;
PermissionsStartOnly = "true";
ExecStart = "${cfg.package}/bin/nzbget --daemon --configfile /var/lib/nzbget/nzbget.conf";
Restart = "on-failure";
};
};
users.extraUsers = mkIf (cfg.user == "nzbget") {
nzbget = {
group = cfg.group;
uid = config.ids.uids.nzbget;
};
};
users.extraGroups = mkIf (cfg.group == "nzbget") {
nzbget = {
gid = config.ids.gids.nzbget;
};
};
};
}

2
nixos/modules/services/misc/octoprint.nix
View File

@ -102,7 +102,7 @@ in
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
path = [ pluginsEnv ];
environment.PYTHONPATH = makeSearchPathOutputs pkgs.python.sitePackages ["lib"] [ pluginsEnv ];
environment.PYTHONPATH = makeSearchPathOutput "lib" pkgs.python.sitePackages [ pluginsEnv ];
preStart = ''
mkdir -p "${cfg.stateDir}"

70
nixos/modules/services/misc/subsonic.nix
View File

@ -2,19 +2,14 @@
with lib;
let
cfg = config.services.subsonic;
homeDir = "/var/subsonic";
in
{
let cfg = config.services.subsonic; in {
options = {
services.subsonic = {
enable = mkEnableOption "Subsonic daemon";
home = mkOption {
type = types.path;
default = "${homeDir}";
default = "/var/lib/subsonic";
description = ''
The directory where Subsonic will create files.
Make sure it is writable.
@ -112,30 +107,43 @@ in
description = "Personal media streamer";
after = [ "local-fs.target" "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = ''
${pkgs.jre}/bin/java -Xmx${toString cfg.maxMemory}m \
-Dsubsonic.home=${cfg.home} \
-Dsubsonic.host=${cfg.listenAddress} \
-Dsubsonic.port=${toString cfg.port} \
-Dsubsonic.httpsPort=${toString cfg.httpsPort} \
-Dsubsonic.contextPath=${cfg.contextPath} \
-Dsubsonic.defaultMusicFolder=${cfg.defaultMusicFolder} \
-Dsubsonic.defaultPodcastFolder=${cfg.defaultPodcastFolder} \
-Dsubsonic.defaultPlaylistFolder=${cfg.defaultPlaylistFolder} \
-Djava.awt.headless=true \
-verbose:gc \
-jar ${pkgs.subsonic}/subsonic-booter-jar-with-dependencies.jar
'';
script = ''
${pkgs.jre}/bin/java -Xmx${toString cfg.maxMemory}m \
-Dsubsonic.home=${cfg.home} \
-Dsubsonic.host=${cfg.listenAddress} \
-Dsubsonic.port=${toString cfg.port} \
-Dsubsonic.httpsPort=${toString cfg.httpsPort} \
-Dsubsonic.contextPath=${cfg.contextPath} \
-Dsubsonic.defaultMusicFolder=${cfg.defaultMusicFolder} \
-Dsubsonic.defaultPodcastFolder=${cfg.defaultPodcastFolder} \
-Dsubsonic.defaultPlaylistFolder=${cfg.defaultPlaylistFolder} \
-Djava.awt.headless=true \
-verbose:gc \
-jar ${pkgs.subsonic}/subsonic-booter-jar-with-dependencies.jar
'';
preStart = ''
# Formerly this module set cfg.home to /var/subsonic. Try to move
# /var/subsonic to cfg.home.
oldHome="/var/subsonic"
if [ "${cfg.home}" != "$oldHome" ] &&
! [ -e "${cfg.home}" ] &&
[ -d "$oldHome" ] &&
[ $(${pkgs.coreutils}/bin/stat -c %u "$oldHome") -eq \
${toString config.users.extraUsers.subsonic.uid} ]; then
logger Moving "$oldHome" to "${cfg.home}"
${pkgs.coreutils}/bin/mv -T "$oldHome" "${cfg.home}"
fi
# Install transcoders.
ExecStartPre = ''
${pkgs.coreutils}/bin/rm -rf ${cfg.home}/transcode ; \
${pkgs.coreutils}/bin/mkdir -p ${cfg.home}/transcode ; \
${pkgs.bash}/bin/bash -c ' \
for exe in "$@"; do \
${pkgs.coreutils}/bin/ln -sf "$exe" ${cfg.home}/transcode; \
done' IGNORED_FIRST_ARG ${toString cfg.transcoders}
'';
${pkgs.coreutils}/bin/rm -rf ${cfg.home}/transcode ; \
${pkgs.coreutils}/bin/mkdir -p ${cfg.home}/transcode ; \
${pkgs.bash}/bin/bash -c ' \
for exe in "$@"; do \
${pkgs.coreutils}/bin/ln -sf "$exe" ${cfg.home}/transcode; \
done' IGNORED_FIRST_ARG ${toString cfg.transcoders}
'';
serviceConfig = {
# Needed for Subsonic to find subsonic.war.
WorkingDirectory = "${pkgs.subsonic}";
Restart = "always";
@ -146,7 +154,7 @@ in
users.extraUsers.subsonic = {
description = "Subsonic daemon user";
home = homeDir;
home = cfg.home;
createHome = true;
group = "subsonic";
uid = config.ids.uids.subsonic;

14
nixos/modules/services/monitoring/grafana.nix
View File

@ -36,7 +36,9 @@ let
USERS_AUTO_ASSIGN_ORG = b2s cfg.users.autoAssignOrg;
USERS_AUTO_ASSIGN_ORG_ROLE = cfg.users.autoAssignOrgRole;
AUTH_ANONYMOUS_ENABLE = b2s cfg.auth.anonymous.enable;
AUTH_ANONYMOUS_ENABLED = b2s cfg.auth.anonymous.enable;
ANALYTICS_REPORTING_ENABLED = b2s cfg.analytics.reporting.enable;
} // cfg.extraOptions;
in {
@ -196,6 +198,14 @@ in {
};
};
analytics.reporting = {
enable = mkOption {
description = "Whether to allow anonymous usage reporting to stats.grafana.net";
default = true;
type = types.bool;
};
};
extraOptions = mkOption {
description = ''
Extra configuration options passed as env variables as specified in
@ -218,7 +228,7 @@ in {
after = ["networking.target"];
environment = mapAttrs' (n: v: nameValuePair "GF_${n}" (toString v)) envOptions;
serviceConfig = {
ExecStart = "${cfg.package}/bin/grafana -homepath ${cfg.dataDir}";
ExecStart = "${cfg.package}/bin/grafana-server -homepath ${cfg.dataDir}";
WorkingDirectory = cfg.dataDir;
User = "grafana";
};

2
nixos/modules/services/network-filesystems/nfsd.nix
View File

@ -126,7 +126,7 @@ in
{ description = "NFSv3 Mount Daemon";
requires = [ "rpcbind.service" ];
after = [ "rpcbind.service" ];
after = [ "rpcbind.service" "local-fs.target" ];
path = [ pkgs.nfs-utils pkgs.sysvtools pkgs.utillinux ];

2
nixos/modules/services/networking/bind.nix
View File

@ -154,7 +154,7 @@ in
chown ${bindUser} /var/run/named
'';
script = "${pkgs.bind}/sbin/named -u ${bindUser} ${optionalString cfg.ipv4Only "-4"} -c ${cfg.configFile} -f";
script = "${pkgs.bind.bin}/sbin/named -u ${bindUser} ${optionalString cfg.ipv4Only "-4"} -c ${cfg.configFile} -f";
};
};
}

41
nixos/modules/services/networking/dnscrypt-proxy.nix
View File

@ -6,7 +6,6 @@ let
dnscrypt-proxy = pkgs.dnscrypt-proxy;
cfg = config.services.dnscrypt-proxy;
resolverListFile = "${dnscrypt-proxy}/share/dnscrypt-proxy/dnscrypt-resolvers.csv";
localAddress = "${cfg.localAddress}:${toString cfg.localPort}";
daemonArgs =
@ -23,7 +22,7 @@ let
"--provider-key=${cfg.customResolver.key}"
]
else
[ "--resolvers-list=${resolverListFile}"
[ "--resolvers-list=${cfg.resolverList}"
"--resolver-name=${toString cfg.resolverName}"
];
in
@ -77,12 +76,24 @@ in
default = "dnscrypt.eu-nl";
type = types.nullOr types.string;
description = ''
The name of the upstream DNSCrypt resolver to use. See
<filename>${resolverListFile}</filename> for alternative resolvers.
The name of the upstream DNSCrypt resolver to use, taken from the
list named in the <literal>resolverList</literal> option.
The default resolver is located in Holland, supports DNS security
extensions, and claims to not keep logs.
'';
};
resolverList = mkOption {
description = ''
The list of upstream DNSCrypt resolvers. By default, we use the most
recent list published by upstream.
'';
example = literalExample "${pkgs.dnscrypt-proxy}/share/dnscrypt-proxy/dnscrypt-resolvers.csv";
default = pkgs.fetchurl {
url = "https://raw.githubusercontent.com/jedisct1/dnscrypt-proxy/master/dnscrypt-resolvers.csv";
sha256 = "07kbbisrvrqdxif3061hxj3whin3llg4nh50ln7prisi2vbd76xd";
};
defaultText = "pkgs.fetchurl { url = ...; sha256 = ...; }";
};
customResolver = mkOption {
default = null;
description = ''
@ -151,7 +162,7 @@ in
/etc/group r,
${config.environment.etc."nsswitch.conf".source} r,
${pkgs.glibc.out}/lib/*.so mr,
${getLib pkgs.glibc}/lib/*.so mr,
${pkgs.tzdata}/share/zoneinfo/** r,
network inet stream,
@ -159,17 +170,17 @@ in
network inet dgram,
network inet6 dgram,
${pkgs.gcc.cc.lib}/lib/libssp.so.* mr,
${pkgs.libsodium.out}/lib/libsodium.so.* mr,
${pkgs.systemd}/lib/libsystemd.so.* mr,
${pkgs.xz.out}/lib/liblzma.so.* mr,
${pkgs.libgcrypt.out}/lib/libgcrypt.so.* mr,
${pkgs.libgpgerror.out}/lib/libgpg-error.so.* mr,
${pkgs.libcap.out}/lib/libcap.so.* mr,
${pkgs.lz4}/lib/liblz4.so.* mr,
${pkgs.attr.out}/lib/libattr.so.* mr,
${getLib pkgs.gcc.cc}/lib/libssp.so.* mr,
${getLib pkgs.libsodium}/lib/libsodium.so.* mr,
${getLib pkgs.systemd}/lib/libsystemd.so.* mr,
${getLib pkgs.xz}/lib/liblzma.so.* mr,
${getLib pkgs.libgcrypt}/lib/libgcrypt.so.* mr,
${getLib pkgs.libgpgerror}/lib/libgpg-error.so.* mr,
${getLib pkgs.libcap}/lib/libcap.so.* mr,
${getLib pkgs.lz4}/lib/liblz4.so.* mr,
${getLib pkgs.attr}/lib/libattr.so.* mr,
${resolverListFile} r,
${cfg.resolverList} r,
}
''));

8
nixos/modules/services/networking/ejabberd.nix
View File

@ -78,6 +78,12 @@ in {
description = "Configuration dumps that should be loaded on the first startup";
example = literalExample "[ ./myejabberd.dump ]";
};
imagemagick = mkOption {
type = types.bool;
default = false;
description = "Add ImageMagick to server's path; allows for image thumbnailing";
};
};
};
@ -105,7 +111,7 @@ in {
description = "ejabberd server";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
path = [ pkgs.findutils pkgs.coreutils ];
path = [ pkgs.findutils pkgs.coreutils ] ++ lib.optional cfg.imagemagick pkgs.imagemagick;
serviceConfig = {
Type = "forking";

8
nixos/modules/services/networking/networkmanager.nix
View File

@ -114,10 +114,12 @@ in {
# Ugly hack for using the correct gnome3 packageSet
basePackages = mkOption {
type = types.attrsOf types.package;
default = { inherit networkmanager modemmanager wpa_supplicant
default = { inherit modemmanager wpa_supplicant
networkmanager_openvpn networkmanager_vpnc
networkmanager_openconnect
networkmanager_pptp networkmanager_l2tp; };
networkmanager_pptp networkmanager_l2tp;
networkmanager = networkmanager.out;
};
internal = true;
};
@ -187,7 +189,7 @@ in {
boot.kernelModules = [ "ppp_mppe" ]; # Needed for most (all?) PPTP VPN connections.
environment.etc = with cfg.basePackages; [
environment.etc = with mapAttrs (name: getBin) cfg.basePackages; [
{ source = ipUpScript;
target = "NetworkManager/dispatcher.d/01nixos-ip-up";
}

99
nixos/modules/services/networking/sniproxy.nix Normal file
View File

@ -0,0 +1,99 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.sniproxy;
configFile = pkgs.writeText "sniproxy.conf" ''
user ${cfg.user}
pidfile /run/sniproxy.pid
${cfg.config}
'';
in
{
options = {
services.sniproxy = {
enable = mkEnableOption "sniproxy server";
user = mkOption {
type = types.str;
default = "sniproxy";
description = "User account under which sniproxy runs.";
};
group = mkOption {
type = types.str;
default = "sniproxy";
description = "Group under which sniproxy runs.";
};
config = mkOption {
type = types.lines;
default = "";
description = "sniproxy.conf configuration excluding the daemon username and pid file.";
example = literalExample ''
error_log {
filename /var/log/sniproxy/error.log
}
access_log {
filename /var/log/sniproxy/access.log
}
listen 443 {
proto tls
}
table {
example.com 192.0.2.10
example.net 192.0.2.20
}
'';
};
logDir = mkOption {
type = types.str;
default = "/var/log/sniproxy/";
description = "Location of the log directory for sniproxy.";
};
};
};
config = mkIf cfg.enable {
systemd.services.sniproxy = {
description = "sniproxy server";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
preStart = ''
test -d ${cfg.logDir} || {
echo "Creating initial log directory for sniproxy in ${cfg.logDir}"
mkdir -p ${cfg.logDir}
chmod 640 ${cfg.logDir}
}
chown -R ${cfg.user}:${cfg.group} ${cfg.logDir}
'';
serviceConfig = {
Type = "forking";
ExecStart = "${pkgs.sniproxy}/bin/sniproxy -c ${configFile}";
Restart = "always";
};
};
users.extraUsers = mkIf (cfg.user == "sniproxy") {
sniproxy = {
group = cfg.group;
uid = config.ids.uids.sniproxy;
};
};
users.extraGroups = mkIf (cfg.group == "sniproxy") {
sniproxy = {
gid = config.ids.gids.sniproxy;
};
};
};
}

2
nixos/modules/services/networking/ssh/sshd.nix
View File

@ -195,7 +195,7 @@ in
authorizedKeysFiles = mkOption {
type = types.listOf types.str;
default = [];
description = "Files from with authorized keys are read.";
description = "Files from which authorized keys are read.";
};
extraConfig = mkOption {

47
nixos/modules/services/networking/teamspeak3.nix
View File

@ -10,13 +10,12 @@ let
in
{
###### interface
options = {
services.teamspeak3 = {
enable = mkOption {
type = types.bool;
default = false;
@ -96,34 +95,32 @@ in
###### implementation
config = mkIf cfg.enable {
users.extraUsers.teamspeak =
{ name = "teamspeak";
config = mkMerge [
(mkIf cfg.enable {
users.users.teamspeak = {
description = "Teamspeak3 voice communication server daemon";
group = group;
uid = config.ids.uids.teamspeak;
home = cfg.dataDir;
createHome = true;
};
users.extraGroups.teamspeak =
{ name = "teamspeak";
users.groups.teamspeak = {
gid = config.ids.gids.teamspeak;
};
systemd.services.teamspeak3-server = {
description = "Teamspeak3 voice communication server daemon";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
systemd.services.teamspeak3-server = {
description = "Teamspeak3 voice communication server daemon";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
preStart = ''
mkdir -p ${cfg.dataDir}
mkdir -p ${cfg.logPath}
chown ${user}:${group} ${cfg.dataDir}
chown ${user}:${group} ${cfg.logPath}
'';
preStart = ''
mkdir -p ${cfg.logPath}
chown ${user}:${group} ${cfg.logPath}
'';
serviceConfig =
{ ExecStart = ''
serviceConfig = {
ExecStart = ''
${ts3}/bin/ts3server \
dbsqlpath=${ts3}/lib/teamspeak/sql/ logpath=${cfg.logPath} \
voice_ip=${cfg.voiceIP} default_voice_port=${toString cfg.defaultVoicePort} \
@ -133,10 +130,12 @@ in
WorkingDirectory = cfg.dataDir;
User = user;
Group = group;
PermissionsStartOnly = true; # preStart needs to run with root permissions
PermissionsStartOnly = true;
};
};
};
})
{
meta.maintainers = with lib.maintainers; [ arobyn ];
}
];
}

5
nixos/modules/services/system/dbus-session-local.conf.in Normal file
View File

@ -0,0 +1,5 @@
<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-Bus Bus Configuration 1.0//EN"
"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
@extra@
</busconfig>

6
nixos/modules/services/system/dbus-system-local.conf.in Normal file
View File

@ -0,0 +1,6 @@
<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-Bus Bus Configuration 1.0//EN"
"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
<servicehelper>@servicehelper@</servicehelper>
@extra@
</busconfig>

68
nixos/modules/services/system/dbus.nix
View File

@ -10,6 +10,16 @@ let
homeDir = "/var/run/dbus";
systemExtraxml = concatStrings (flip concatMap cfg.packages (d: [
"<servicedir>${d}/share/dbus-1/system-services</servicedir>"
"<includedir>${d}/etc/dbus-1/system.d</includedir>"
]));
sessionExtraxml = concatStrings (flip concatMap cfg.packages (d: [
"<servicedir>${d}/share/dbus-1/services</servicedir>"
"<includedir>${d}/etc/dbus-1/session.d</includedir>"
]));
configDir = pkgs.stdenv.mkDerivation {
name = "dbus-conf";
@ -19,47 +29,17 @@ let
buildCommand = ''
mkdir -p $out
cp -v ${pkgs.dbus.daemon}/etc/dbus-1/system.conf $out/system.conf
sed '${./dbus-system-local.conf.in}' \
-e 's,@servicehelper@,${config.security.wrapperDir}/dbus-daemon-launch-helper,g' \
-e 's,@extra@,${systemExtraxml},' \
> "$out/system-local.conf"
# !!! Hm, these `sed' calls are rather error-prone...
# Tell the daemon where the setuid wrapper around
# dbus-daemon-launch-helper lives.
sed -i $out/system.conf \
-e 's|<servicehelper>.*/libexec/dbus-daemon-launch-helper|<servicehelper>${config.security.wrapperDir}/dbus-daemon-launch-helper|'
# Add the system-services and system.d directories to the system
# bus search path.
sed -i $out/system.conf \
-e 's|<standard_system_servicedirs/>|${systemServiceDirs}|' \
-e 's|<includedir>system.d</includedir>|${systemIncludeDirs}|'
cp ${pkgs.dbus.daemon}/etc/dbus-1/session.conf $out/session.conf
# Add the services and session.d directories to the session bus
# search path.
sed -i $out/session.conf \
-e 's|<standard_session_servicedirs />|${sessionServiceDirs}&|' \
-e 's|<includedir>session.d</includedir>|${sessionIncludeDirs}|'
''; # */
sed '${./dbus-session-local.conf.in}' \
-e 's,@extra@,${sessionExtraxml},' \
> "$out/session-local.conf"
'';
};
systemServiceDirs = concatMapStrings
(d: "<servicedir>${d}/share/dbus-1/system-services</servicedir> ")
cfg.packages;
systemIncludeDirs = concatMapStrings
(d: "<includedir>${d}/etc/dbus-1/system.d</includedir> ")
cfg.packages;
sessionServiceDirs = concatMapStrings
(d: "<servicedir>${d}/share/dbus-1/services</servicedir> ")
cfg.packages;
sessionIncludeDirs = concatMapStrings
(d: "<includedir>${d}/etc/dbus-1/session.d</includedir> ")
cfg.packages;
in
{
@ -72,7 +52,7 @@ in
enable = mkOption {
type = types.bool;
default = true;
default = false;
internal = true;
description = ''
Whether to start the D-Bus message bus daemon, which is
@ -82,7 +62,7 @@ in
packages = mkOption {
type = types.listOf types.path;
default = [];
default = [ ];
description = ''
Packages whose D-Bus configuration files should be included in
the configuration of the D-Bus system-wide message bus.
@ -129,10 +109,10 @@ in
permissions = "u+rx,g+rx,o-rx";
};
services.dbus.packages =
[ "/nix/var/nix/profiles/default"
config.system.path
];
services.dbus.packages = [
pkgs.dbus
config.system.path
];
# Don't restart dbus-daemon. Bad things tend to happen if we do.
systemd.services.dbus.reloadIfChanged = true;

2
nixos/modules/services/torrent/transmission.nix
View File

@ -126,7 +126,7 @@ in
${pkgs.libgpgerror.out}/lib/libgpg-error*.so* mr,
${pkgs.nghttp2.lib}/lib/libnghttp2*.so* mr,
${pkgs.c-ares.out}/lib/libcares*.so* mr,
${pkgs.libcap.out}/lib/libcap*.so* mr,
${pkgs.libcap.lib}/lib/libcap*.so* mr,
${pkgs.attr.out}/lib/libattr*.so* mr,
${pkgs.lz4}/lib/liblz4*.so* mr,

2
nixos/modules/services/web-servers/apache-httpd/default.nix
View File

@ -406,7 +406,7 @@ let
([ mainCfg.phpOptions ] ++ (map (svc: svc.phpOptions) allSubservices));
}
''
cat ${php}/etc/php-recommended.ini > $out
cat ${php}/etc/php.ini > $out
echo "$options" >> $out
'';

2
nixos/modules/services/web-servers/apache-httpd/trac.nix
View File

@ -96,7 +96,7 @@ in
globalEnvVars = singleton
{ name = "PYTHONPATH";
value =
makeSearchPathOutputs "lib/${pkgs.python.libPrefix}/site-packages" ["lib"]
makeSearchPathOutput "lib" "lib/${pkgs.python.libPrefix}/site-packages"
[ pkgs.mod_python
pkgs.pythonPackages.trac
pkgs.setuptools

21
nixos/modules/services/web-servers/phpfpm.nix
View File

@ -19,6 +19,12 @@ let
${concatStringsSep "\n" (mapAttrsToList (n: v: "[${n}]\n${v}") cfg.poolConfigs)}
'';
phpIni = pkgs.writeText "php.ini" ''
${readFile "${cfg.phpPackage}/etc/php.ini"}
${cfg.phpOptions}
'';
in {
options = {
@ -44,10 +50,15 @@ in {
'';
};
phpIni = mkOption {
type = types.path;
default = "${cfg.phpPackage}/etc/php-recommended.ini";
description = "php.ini file to use.";
phpOptions = mkOption {
type = types.lines;
default = "";
example =
''
date.timezone = "CET"
'';
description =
"Options appended to the PHP configuration file <filename>php.ini</filename>.";
};
poolConfigs = mkOption {
@ -84,7 +95,7 @@ in {
mkdir -p "${stateDir}"
'';
serviceConfig = {
ExecStart = "${cfg.phpPackage}/sbin/php-fpm -y ${cfgFile} -c ${cfg.phpIni}";
ExecStart = "${cfg.phpPackage}/bin/php-fpm -y ${cfgFile} -c ${phpIni}";
PIDFile = pidFile;
};
};

2
nixos/modules/services/x11/desktop-managers/enlightenment.nix
View File

@ -7,7 +7,7 @@ let
e = pkgs.enlightenment;
xcfg = config.services.xserver;
cfg = xcfg.desktopManager.enlightenment;
GST_PLUGIN_PATH = lib.makeSearchPathOutputs "lib/gstreamer-1.0" ["lib"] [
GST_PLUGIN_PATH = lib.makeSearchPathOutput "lib" "lib/gstreamer-1.0" [
pkgs.gst_all_1.gst-plugins-base
pkgs.gst_all_1.gst-plugins-good
pkgs.gst_all_1.gst-plugins-bad

6
nixos/modules/services/x11/desktop-managers/kde4.nix
View File

@ -29,7 +29,7 @@ let
phononBackends = {
gstreamer = [
pkgs.phonon_backend_gstreamer
pkgs.phonon-backend-gstreamer
pkgs.gst_all.gstPluginsBase
pkgs.gst_all.gstPluginsGood
pkgs.gst_all.gstPluginsUgly
@ -38,7 +38,7 @@ let
pkgs.gst_all.gstreamer # needed?
];
vlc = [pkgs.phonon_backend_vlc];
vlc = [pkgs.phonon-backend-vlc];
};
phononBackendPackages = flip concatMap cfg.phononBackends
@ -111,7 +111,7 @@ in
# Load PulseAudio module for routing support.
# See http://colin.guthr.ie/2009/10/so-how-does-the-kde-pulseaudio-support-work-anyway/
${optionalString config.hardware.pulseaudio.enable ''
${config.hardware.pulseaudio.package}/bin/pactl load-module module-device-manager "do_routing=1"
${getBin config.hardware.pulseaudio.package}/bin/pactl load-module module-device-manager "do_routing=1"
''}
# Start KDE.

80
nixos/modules/services/x11/desktop-managers/kde5.nix
View File

@ -22,26 +22,6 @@ in
description = "Enable the Plasma 5 (KDE 5) desktop environment.";
};
phonon = {
gstreamer = {
enable = mkOption {
type = types.bool;
default = true;
description = "Enable the GStreamer Phonon backend (recommended).";
};
};
vlc = {
enable = mkOption {
type = types.bool;
default = false;
description = "Enable the VLC Phonon backend.";
};
};
};
};
};
@ -59,7 +39,7 @@ in
# Load PulseAudio module for routing support.
# See http://colin.guthr.ie/2009/10/so-how-does-the-kde-pulseaudio-support-work-anyway/
${optionalString config.hardware.pulseaudio.enable ''
${config.hardware.pulseaudio.package}/bin/pactl load-module module-device-manager "do_routing=1"
${getBin config.hardware.pulseaudio.package}/bin/pactl load-module module-device-manager "do_routing=1"
''}
exec "${kde5.startkde}"
@ -122,6 +102,9 @@ in
pkgs.hicolor_icon_theme
kde5.kde-gtk-config
pkgs.phonon-backend-gstreamer
pkgs.kde5.phonon-backend-gstreamer
]
# Plasma 5.5 and later has a Breeze GTK theme.
@ -131,37 +114,16 @@ in
# Install Breeze icons if available
++ lib.optional (lib.hasAttr "breeze-icons" kde5) kde5.breeze-icons
# Install activity manager if available
++ lib.optional (lib.hasAttr "kactivitymanagerd" kde5) kde5.kactivitymanagerd
# Optional hardware support features
++ lib.optional config.hardware.bluetooth.enable kde5.bluedevil
++ lib.optional config.networking.networkmanager.enable kde5.plasma-nm
++ lib.optional config.hardware.pulseaudio.enable kde5.plasma-pa
++ lib.optional config.powerManagement.enable kde5.powerdevil
++ lib.optional config.services.colord.enable kde5.colord-kde
++ lib.optionals config.services.samba.enable [ kde5.kdenetwork-filesharing pkgs.samba ]
++ lib.optionals cfg.phonon.gstreamer.enable
[
pkgs.phonon_backend_gstreamer
pkgs.gst_all.gstreamer
pkgs.gst_all.gstPluginsBase
pkgs.gst_all.gstPluginsGood
pkgs.gst_all.gstPluginsUgly
pkgs.gst_all.gstPluginsBad
pkgs.gst_all.gstFfmpeg # for mp3 playback
pkgs.qt55.phonon-backend-gstreamer
pkgs.gst_all_1.gstreamer
pkgs.gst_all_1.gst-plugins-base
pkgs.gst_all_1.gst-plugins-good
pkgs.gst_all_1.gst-plugins-ugly
pkgs.gst_all_1.gst-plugins-bad
pkgs.gst_all_1.gst-libav # for mp3 playback
]
++ lib.optionals cfg.phonon.vlc.enable
[
pkgs.phonon_qt5_backend_vlc
pkgs.qt55.phonon-backend-vlc
];
++ lib.optionals config.services.samba.enable [ kde5.kdenetwork-filesharing pkgs.samba ];
environment.pathsToLink = [ "/share" ];
@ -170,17 +132,23 @@ in
target = "X11/xkb";
};
environment.profileRelativeEnvVars =
mkIf cfg.phonon.gstreamer.enable
{
GST_PLUGIN_SYSTEM_PATH = [ "/lib/gstreamer-0.10" ];
GST_PLUGIN_SYSTEM_PATH_1_0 = [ "/lib/gstreamer-1.0" ];
};
# Enable GTK applications to load SVG icons
environment.variables = mkIf (lib.hasAttr "breeze-icons" kde5) {
GDK_PIXBUF_MODULE_FILE = "${pkgs.librsvg.out}/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache";
};
environment.variables =
{
GST_PLUGIN_SYSTEM_PATH_1_0 =
lib.makeSearchPath "/lib/gstreamer-1.0"
(builtins.map (pkg: pkg.out) (with pkgs.gst_all_1; [
gstreamer
gst-plugins-base
gst-plugins-good
gst-plugins-ugly
gst-plugins-bad
gst-libav # for mp3 playback
]));
}
// (if (lib.hasAttr "breeze-icons" kde5)
then { GDK_PIXBUF_MODULE_FILE = "${pkgs.librsvg.out}/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache"; }
else { });
fonts.fonts = [ (kde5.oxygen-fonts or pkgs.noto-fonts) ];

45
nixos/modules/services/x11/desktop-managers/xfce.nix
View File

@ -12,20 +12,29 @@ in
{
options = {
services.xserver.desktopManager.xfce.enable = mkOption {
type = types.bool;
default = false;
description = "Enable the Xfce desktop environment.";
services.xserver.desktopManager.xfce = {
enable = mkOption {
type = types.bool;
default = false;
description = "Enable the Xfce desktop environment.";
};
thunarPlugins = mkOption {
default = [];
type = types.listOf types.package;
example = literalExample "[ pkgs.xfce.thunar-archive-plugin ]";
description = ''
A list of plugin that should be installed with Thunar.
'';
};
noDesktop = mkOption {
type = types.bool;
default = false;
description = "Don't install XFCE desktop components (xfdesktop, panel and notification daemon).";
};
};
services.xserver.desktopManager.xfce.thunarPlugins = mkOption {
default = [];
type = types.listOf types.package;
example = literalExample "[ pkgs.xfce.thunar-archive-plugin ]";
description = ''
A list of plugin that should be installed with Thunar.
'';
};
};
@ -62,14 +71,12 @@ in
pkgs.xfce.terminal
(pkgs.xfce.thunar.override { thunarPlugins = cfg.thunarPlugins; })
pkgs.xfce.xfce4icontheme
pkgs.xfce.xfce4panel
pkgs.xfce.xfce4session
pkgs.xfce.xfce4settings
pkgs.xfce.xfce4mixer
pkgs.xfce.xfce4volumed
pkgs.xfce.xfce4screenshooter
pkgs.xfce.xfce4-screenshooter
pkgs.xfce.xfconf
pkgs.xfce.xfdesktop
pkgs.xfce.xfwm4
# This supplies some "abstract" icons such as
# "utilities-terminal" and "accessories-text-editor".
@ -81,9 +88,13 @@ in
pkgs.xfce.gvfs
pkgs.xfce.xfce4_appfinder
pkgs.xfce.tumbler # found via dbus
pkgs.xfce.xfce4notifyd # found via dbus
]
++ optional config.powerManagement.enable pkgs.xfce.xfce4_power_manager;
++ optional config.powerManagement.enable pkgs.xfce.xfce4_power_manager
++ optionals (!cfg.noDesktop)
[ pkgs.xfce.xfce4panel
pkgs.xfce.xfdesktop
pkgs.xfce.xfce4notifyd # found via dbus
];
environment.pathsToLink =
[ "/share/xfce4" "/share/themes" "/share/mime" "/share/desktop-directories" "/share/gtksourceview-2.0" ];

71
nixos/modules/services/x11/unclutter.nix
View File

@ -1,32 +1,79 @@
{ config, lib, pkgs, ... }:
with lib;
let cfg = config.services.unclutter;
in {
options = {
services.unclutter.enable = mkOption {
options.services.unclutter = {
enable = mkOption {
description = "Enable unclutter to hide your mouse cursor when inactive";
type = types.bool;
default = false;
example = true;
description = "Enable unclutter to hide your mouse cursor when inactive";
};
services.unclutter.arguments = mkOption {
description = "Arguments to pass to unclutter command";
default = "-idle 1";
package = mkOption {
type = types.package;
default = pkgs.unclutter;
defaultText = "pkgs.unclutter";
description = "unclutter derivation to use.";
};
keystroke = mkOption {
description = "Wait for a keystroke before hiding the cursor";
type = types.bool;
default = false;
};
timeout = mkOption {
description = "Number of seconds before the cursor is marked inactive";
type = types.int;
default = 1;
};
threeshold = mkOption {
description = "Minimum number of pixels considered cursor movement";
type = types.int;
default = 1;
};
displayName = mkOption {
description = "Name of the X11 display";
type = types.str;
default = ":0";
};
excluded = mkOption {
description = "Names of windows where unclutter should not apply";
type = types.listOf types.str;
default = [];
example = [ "" ];
};
extraOptions = mkOption {
description = "More arguments to pass to the unclutter command";
type = types.listOf types.str;
default = [];
example = [ "noevent" "grab" ];
};
};
config = mkIf cfg.enable {
systemd.services.unclutter = {
systemd.user.services.unclutter = {
description = "unclutter";
requires = [ "display-manager.service" ];
after = [ "display-manager.service" ];
wantedBy = [ "graphical.target" ];
wantedBy = [ "default.target" ];
serviceConfig.ExecStart = ''
${pkgs.unclutter}/bin/unclutter ${cfg.arguments}
${cfg.package}/bin/unclutter \
-idle ${toString cfg.timeout} \
-display ${cfg.displayName} \
-jitter ${toString (cfg.threeshold - 1)} \
${optionalString cfg.keystroke "-keystroke"} \
${concatMapStrings (x: " -"+x) cfg.extraOptions} \
-not ${concatStringsSep " " cfg.excluded} \
'';
environment = { DISPLAY = ":0"; };
serviceConfig.RestartSec = 3;
serviceConfig.Restart = "always";
};
};

1
nixos/modules/services/x11/window-managers/bspwm.nix
View File

@ -38,6 +38,7 @@ in
start = if cfg.startThroughSession
then cfg.sessionScript
else ''
export _JAVA_AWT_WM_NONREPARENTING=1
SXHKD_SHELL=/bin/sh ${pkgs.sxhkd}/bin/sxhkd -f 100 &
${pkgs.bspwm}/bin/bspwm
'';

3
nixos/modules/system/activation/activation-script.nix
View File

@ -12,8 +12,7 @@ let
'';
});
path = map # outputs TODO?
(pkg: (pkg.bin or (pkg.out or pkg)))
path = map getBin
[ pkgs.coreutils pkgs.gnugrep pkgs.findutils
pkgs.glibc # needed for getent
pkgs.shadow

2
nixos/modules/system/boot/initrd-ssh.nix
View File

@ -88,7 +88,7 @@ in
boot.initrd.extraUtilsCommands = ''
copy_bin_and_libs ${pkgs.dropbear}/bin/dropbear
cp -pv ${pkgs.glibc}/lib/libnss_files.so.* $out/lib
cp -pv ${pkgs.glibc.out}/lib/libnss_files.so.* $out/lib
'';
boot.initrd.extraUtilsCommandsTest = ''

2
nixos/modules/system/boot/loader/grub/grub.nix
View File

@ -58,7 +58,7 @@ let
path = (makeBinPath ([
pkgs.coreutils pkgs.gnused pkgs.gnugrep pkgs.findutils pkgs.diffutils pkgs.btrfs-progs
pkgs.utillinux ] ++ (if cfg.efiSupport && (cfg.version == 2) then [pkgs.efibootmgr ] else [])
)) + ":" + (makeSearchPathOutputs "sbin" ["bin"] [
)) + ":" + (makeSearchPathOutput "bin" "sbin" [
pkgs.mdadm pkgs.utillinux
]);
});

14
nixos/modules/system/boot/stage-1-init.sh
View File

@ -439,8 +439,18 @@ eval "exec $logOutFd>&- $logErrFd>&-"
# Kill any remaining processes, just to be sure we're not taking any
# with us into stage 2. But keep storage daemons like unionfs-fuse.
pkill -9 -v -f '@'
#
# Storage daemons are distinguished by an @ in front of their command line:
# https://www.freedesktop.org/wiki/Software/systemd/RootStorageDaemons/
local pidsToKill="$(pgrep -v -f '^@')"
for pid in $pidsToKill; do
# Make sure we don't kill kernel processes, see #15226 and:
# http://stackoverflow.com/questions/12213445/identifying-kernel-threads
readlink "/proc/$pid/exe" &> /dev/null || continue
# Try to avoid killing ourselves.
[ $pid -eq $$ ] && continue
kill -9 "$pid"
done
if test -n "$debug1mounts"; then fail; fi

2
nixos/modules/system/boot/systemd-unit-options.nix
View File

@ -193,7 +193,7 @@ in rec {
path = mkOption {
default = [];
apply = ps: "${makeBinPath ps}:${makeSearchPathOutputs "sbin" ["bin"] ps}";
apply = ps: "${makeBinPath ps}:${makeSearchPathOutput "bin" "sbin" ps}";
description = ''
Packages added to the service's <envar>PATH</envar>
environment variable. Both the <filename>bin</filename>

2
nixos/modules/system/boot/systemd.nix
View File

@ -689,6 +689,8 @@ in
"systemd/system-generators" = { source = generators; };
});
services.dbus.enable = true;
system.activationScripts.systemd = stringAfter [ "groups" ]
''
mkdir -m 0755 -p /var/lib/udev

2
nixos/modules/virtualisation/vmware-guest.nix
View File

@ -25,6 +25,8 @@ in
serviceConfig.ExecStart = "${open-vm-tools}/bin/vmtoolsd";
};
environment.etc."vmware-tools".source = "${pkgs.open-vm-tools}/etc/vmware-tools/*";
services.xserver = {
videoDrivers = mkOverride 50 [ "vmware" ];

3
nixos/release-combined.nix
View File

@ -48,7 +48,7 @@ in rec {
nixos.ova.x86_64-linux
#(all nixos.tests.containers)
(all nixos.tests.chromium.stable)
nixos.tests.chromium
(all nixos.tests.firefox)
(all nixos.tests.firewall)
nixos.tests.gnome3.x86_64-linux # FIXME: i686-linux
@ -67,6 +67,7 @@ in rec {
(all nixos.tests.boot.biosUsb)
(all nixos.tests.boot.uefiCdrom)
(all nixos.tests.boot.uefiUsb)
(all nixos.tests.boot-stage1)
(all nixos.tests.ipv6)
(all nixos.tests.kde4)
#(all nixos.tests.lightdm)

3
nixos/release.nix
View File

@ -209,8 +209,9 @@ in rec {
tests.bittorrent = callTest tests/bittorrent.nix {};
tests.blivet = callTest tests/blivet.nix {};
tests.boot = callSubTests tests/boot.nix {};
tests.boot-stage1 = callTest tests/boot-stage1.nix {};
tests.cadvisor = hydraJob (import tests/cadvisor.nix { system = "x86_64-linux"; });
tests.chromium = callSubTests tests/chromium.nix {};
tests.chromium = (callSubTests tests/chromium.nix { system = "x86_64-linux"; }).stable;
tests.cjdns = callTest tests/cjdns.nix {};
tests.containers-ipv4 = callTest tests/containers-ipv4.nix {};
tests.containers-ipv6 = callTest tests/containers-ipv6.nix {};

2
nixos/tests/bittorrent.nix
View File

@ -25,7 +25,7 @@ in
{
name = "bittorrent";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ iElectric eelco chaoflow rob wkennington ];
maintainers = [ domenkozar eelco chaoflow rob wkennington ];
};
nodes =

155
nixos/tests/boot-stage1.nix Normal file
View File

@ -0,0 +1,155 @@
import ./make-test.nix ({ pkgs, ... }: {
name = "boot-stage1";
machine = { config, pkgs, lib, ... }: {
boot.extraModulePackages = let
compileKernelModule = name: source: pkgs.runCommand name rec {
inherit source;
kdev = config.boot.kernelPackages.kernel.dev;
kver = config.boot.kernelPackages.kernel.modDirVersion;
ksrc = "${kdev}/lib/modules/${kver}/build";
} ''
echo "obj-m += $name.o" > Makefile
echo "$source" > "$name.c"
make -C "$ksrc" M=$(pwd) modules
install -vD "$name.ko" "$out/lib/modules/$kver/$name.ko"
'';
# This spawns a kthread which just waits until it gets a signal and
# terminates if that is the case. We want to make sure that nothing during
# the boot process kills any kthread by accident, like what happened in
# issue #15226.
kcanary = compileKernelModule "kcanary" ''
#include <linux/init.h>
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/kthread.h>
#include <linux/sched.h>
struct task_struct *canaryTask;
static int kcanary(void *nothing)
{
allow_signal(SIGINT);
allow_signal(SIGTERM);
allow_signal(SIGKILL);
while (!kthread_should_stop()) {
set_current_state(TASK_INTERRUPTIBLE);
schedule_timeout_interruptible(msecs_to_jiffies(100));
if (signal_pending(current)) break;
}
return 0;
}
static int kcanaryInit(void)
{
kthread_run(&kcanary, NULL, "kcanary");
return 0;
}
static void kcanaryExit(void)
{
kthread_stop(canaryTask);
}
module_init(kcanaryInit);
module_exit(kcanaryExit);
'';
in lib.singleton kcanary;
boot.initrd.kernelModules = [ "kcanary" ];
boot.initrd.extraUtilsCommands = let
compile = name: source: pkgs.runCommand name { inherit source; } ''
mkdir -p "$out/bin"
echo "$source" | gcc -Wall -o "$out/bin/$name" -xc -
'';
daemonize = name: source: compile name ''
#include <stdio.h>
#include <unistd.h>
void runSource(void) {
${source}
}
int main(void) {
if (fork() > 0) return 0;
setsid();
runSource();
return 1;
}
'';
mkCmdlineCanary = { name, cmdline ? "", source ? "" }: (daemonize name ''
char *argv[] = {"${cmdline}", NULL};
execvp("${name}-child", argv);
'') // {
child = compile "${name}-child" ''
#include <stdio.h>
#include <unistd.h>
int main(void) {
${source}
while (1) sleep(1);
return 1;
}
'';
};
copyCanaries = with lib; concatMapStrings (canary: ''
${optionalString (canary ? child) ''
copy_bin_and_libs "${canary.child}/bin/${canary.child.name}"
''}
copy_bin_and_libs "${canary}/bin/${canary.name}"
'');
in copyCanaries [
# Simple canary process which just sleeps forever and should be killed by
# stage 2.
(daemonize "canary1" "while (1) sleep(1);")
# We want this canary process to try mimicking a kthread using a cmdline
# with a zero length so we can make sure that the process is properly
# killed in stage 1.
(mkCmdlineCanary {
name = "canary2";
source = ''
FILE *f;
f = fopen("/run/canary2.pid", "w");
fprintf(f, "%d\n", getpid());
fclose(f);
'';
})
# This canary process mimicks a storage daemon, which we do NOT want to be
# killed before going into stage 2. For more on root storage daemons, see:
# https://www.freedesktop.org/wiki/Software/systemd/RootStorageDaemons/
(mkCmdlineCanary {
name = "canary3";
cmdline = "@canary3";
})
];
boot.initrd.postMountCommands = ''
canary1
canary2
canary3
# Make sure the pidfile of canary 2 is created so that we still can get
# its former pid after the killing spree starts next within stage 1.
while [ ! -s /run/canary2.pid ]; do sleep 0.1; done
'';
};
testScript = ''
$machine->waitForUnit("multi-user.target");
$machine->succeed('test -s /run/canary2.pid');
$machine->fail('pgrep -a canary1');
$machine->fail('kill -0 $(< /run/canary2.pid)');
$machine->succeed('pgrep -a -f \'^@canary3$\''');
$machine->succeed('pgrep -a -f \'^kcanary$\''');
'';
meta.maintainers = with pkgs.stdenv.lib.maintainers; [ aszlig ];
})

15
nixos/tests/boot.nix
View File

@ -64,11 +64,14 @@ in {
'';
destination = "/boot.ipxe";
};
ipxeBootDir = pkgs.symlinkJoin "ipxeBootDir" [
config.system.build.netbootRamdisk
config.system.build.kernel
ipxeScriptDir
];
ipxeBootDir = pkgs.symlinkJoin {
name = "ipxeBootDir";
paths = [
config.system.build.netbootRamdisk
config.system.build.kernel
ipxeScriptDir
];
};
in
makeTest {
name = "boot-netboot";
@ -81,4 +84,4 @@ in {
$machine->shutdown;
'';
};
}
}

13
nixos/tests/containers-imperative.nix
View File

@ -7,11 +7,20 @@ import ./make-test.nix ({ pkgs, ...} : {
};
machine =
{ config, pkgs, ... }:
{ config, pkgs, lib, ... }:
{ imports = [ ../modules/installer/cd-dvd/channel.nix ];
virtualisation.writableStore = true;
virtualisation.memorySize = 768;
virtualisation.pathsInNixDB = [ pkgs.stdenv ];
# Make sure we always have all the required dependencies for creating a
# container available within the VM, because we don't have network access.
virtualisation.pathsInNixDB = let
emptyContainer = import ../lib/eval-config.nix {
inherit (config.nixpkgs) system;
modules = lib.singleton {
containers.foo.config = {};
};
};
in [ pkgs.stdenv emptyContainer.config.containers.foo.path ];
};
testScript =

2
nixos/tests/gitlab.nix
View File

@ -3,7 +3,7 @@
import ./make-test.nix ({ pkgs, ...} : {
name = "gitlab";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ iElectric offline ];
maintainers = [ domenkozar offline ];
};
nodes = {

2
nixos/tests/gnome3.nix
View File

@ -1,7 +1,7 @@
import ./make-test.nix ({ pkgs, ...} : {
name = "gnome3";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ iElectric eelco chaoflow lethalman ];
maintainers = [ domenkozar eelco chaoflow lethalman ];
};
machine =

83
nixos/tests/installer.nix
View File

@ -7,7 +7,7 @@ with pkgs.lib;
let
# The configuration to install.
makeConfig = { grubVersion, grubDevice, grubIdentifier
makeConfig = { bootLoader, grubVersion, grubDevice, grubIdentifier
, extraConfig, forceGrubReinstallCount ? 0
}:
pkgs.writeText "configuration.nix" ''
@ -18,15 +18,21 @@ let
<nixpkgs/nixos/modules/testing/test-instrumentation.nix>
];
boot.loader.grub.version = ${toString grubVersion};
${optionalString (grubVersion == 1) ''
boot.loader.grub.splashImage = null;
''}
boot.loader.grub.device = "${grubDevice}";
boot.loader.grub.extraConfig = "serial; terminal_output.serial";
boot.loader.grub.fsIdentifier = "${grubIdentifier}";
${optionalString (bootLoader == "grub") ''
boot.loader.grub.version = ${toString grubVersion};
${optionalString (grubVersion == 1) ''
boot.loader.grub.splashImage = null;
''}
boot.loader.grub.device = "${grubDevice}";
boot.loader.grub.extraConfig = "serial; terminal_output.serial";
boot.loader.grub.fsIdentifier = "${grubIdentifier}";
boot.loader.grub.configurationLimit = 100 + ${toString forceGrubReinstallCount};
boot.loader.grub.configurationLimit = 100 + ${toString forceGrubReinstallCount};
''}
${optionalString (bootLoader == "gummiboot") ''
boot.loader.gummiboot.enable = true;
''}
hardware.enableAllFirmware = lib.mkForce false;
@ -42,7 +48,7 @@ let
# disk, and then reboot from the hard disk. It's parameterized with
# a test script fragment `createPartitions', which must create
# partitions and filesystems.
testScriptFun = { createPartitions, grubVersion, grubDevice
testScriptFun = { bootLoader, createPartitions, grubVersion, grubDevice
, grubIdentifier, preBootCommands, extraConfig
}:
let
@ -50,7 +56,8 @@ let
qemuFlags =
(if system == "x86_64-linux" then "-m 768 " else "-m 512 ") +
(optionalString (system == "x86_64-linux") "-cpu kvm64 ");
hdFlags = ''hda => "vm-state-machine/machine.qcow2", hdaInterface => "${iface}", '';
hdFlags = ''hda => "vm-state-machine/machine.qcow2", hdaInterface => "${iface}", ''
+ optionalString (bootLoader == "gummiboot") ''bios => "${pkgs.OVMF}/FV/OVMF.fd", '';
in
''
$machine->start;
@ -73,7 +80,7 @@ let
$machine->succeed("cat /mnt/etc/nixos/hardware-configuration.nix >&2");
$machine->copyFileFromHost(
"${ makeConfig { inherit grubVersion grubDevice grubIdentifier extraConfig; } }",
"${ makeConfig { inherit bootLoader grubVersion grubDevice grubIdentifier extraConfig; } }",
"/mnt/etc/nixos/configuration.nix");
# Perform the installation.
@ -97,7 +104,11 @@ let
# Did /boot get mounted?
$machine->waitForUnit("local-fs.target");
$machine->succeed("test -e /boot/grub");
${if bootLoader == "grub" then
''$machine->succeed("test -e /boot/grub");''
else
''$machine->succeed("test -e /boot/loader/loader.conf");''
}
# Check whether /root has correct permissions.
$machine->succeed("stat -c '%a' /root") =~ /700/ or die;
@ -114,7 +125,7 @@ let
# We need to a writable nix-store on next boot.
$machine->copyFileFromHost(
"${ makeConfig { inherit grubVersion grubDevice grubIdentifier extraConfig; forceGrubReinstallCount = 1; } }",
"${ makeConfig { inherit bootLoader grubVersion grubDevice grubIdentifier extraConfig; forceGrubReinstallCount = 1; } }",
"/etc/nixos/configuration.nix");
# Check whether nixos-rebuild works.
@ -132,7 +143,7 @@ let
${preBootCommands}
$machine->waitForUnit("multi-user.target");
$machine->copyFileFromHost(
"${ makeConfig { inherit grubVersion grubDevice grubIdentifier extraConfig; forceGrubReinstallCount = 2; } }",
"${ makeConfig { inherit bootLoader grubVersion grubDevice grubIdentifier extraConfig; forceGrubReinstallCount = 2; } }",
"/etc/nixos/configuration.nix");
$machine->succeed("nixos-rebuild boot >&2");
$machine->shutdown;
@ -148,8 +159,9 @@ let
makeInstallerTest = name:
{ createPartitions, preBootCommands ? "", extraConfig ? ""
, grubVersion ? 2, grubDevice ? "/dev/vda"
, grubIdentifier ? "uuid", enableOCR ? false, meta ? {}
, bootLoader ? "grub" # either "grub" or "gummiboot"
, grubVersion ? 2, grubDevice ? "/dev/vda", grubIdentifier ? "uuid"
, enableOCR ? false, meta ? {}
}:
makeTest {
inherit enableOCR;
@ -183,6 +195,8 @@ let
virtualisation.qemu.diskInterface =
if grubVersion == 1 then "scsi" else "virtio";
boot.loader.gummiboot.enable = mkIf (bootLoader == "gummiboot") true;
hardware.enableAllFirmware = mkForce false;
# The test cannot access the network, so any packages we
@ -198,8 +212,8 @@ let
pkgs.perlPackages.XMLLibXML
pkgs.perlPackages.ListCompare
]
++ optional (grubVersion == 1) pkgs.grub
++ optionals (grubVersion == 2) [ pkgs.grub2 pkgs.grub2_efi ];
++ optional (bootLoader == "grub" && grubVersion == 1) pkgs.grub
++ optionals (bootLoader == "grub" && grubVersion == 2) [ pkgs.grub2 pkgs.grub2_efi ];
nix.binaryCaches = mkForce [ ];
};
@ -207,8 +221,8 @@ let
};
testScript = testScriptFun {
inherit createPartitions preBootCommands grubVersion
grubDevice grubIdentifier extraConfig;
inherit bootLoader createPartitions preBootCommands
grubVersion grubDevice grubIdentifier extraConfig;
};
};
@ -236,6 +250,29 @@ in {
'';
};
# Simple GPT/UEFI configuration using Gummiboot with 3 partitions: ESP, swap & root filesystem
simpleUefiGummiboot = makeInstallerTest "simpleUefiGummiboot"
{ createPartitions =
''
$machine->succeed(
"parted /dev/vda mklabel gpt",
"parted -s /dev/vda -- mkpart ESP fat32 1M 50MiB", # /boot
"parted -s /dev/vda -- set 1 boot on",
"parted -s /dev/vda -- mkpart primary linux-swap 50MiB 1024MiB",
"parted -s /dev/vda -- mkpart primary ext2 1024MiB -1MiB", # /
"udevadm settle",
"mkswap /dev/vda2 -L swap",
"swapon -L swap",
"mkfs.ext3 -L nixos /dev/vda3",
"mount LABEL=nixos /mnt",
"mkfs.vfat -n BOOT /dev/vda1",
"mkdir -p /mnt/boot",
"mount LABEL=BOOT /mnt/boot",
);
'';
bootLoader = "gummiboot";
};
# Same as the previous, but now with a separate /boot partition.
separateBoot = makeInstallerTest "separateBoot"
{ createPartitions =
@ -370,6 +407,10 @@ in {
"mdadm --verbose -W /dev/md1",
);
'';
preBootCommands = ''
$machine->start;
$machine->fail("dmesg | grep 'immediate safe mode'");
'';
};
# Test a basic install using GRUB 1.

2
nixos/tests/jenkins.nix
View File

@ -6,7 +6,7 @@
import ./make-test.nix ({ pkgs, ...} : {
name = "jenkins";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ bjornfor coconnor iElectric eelco chaoflow ];
maintainers = [ bjornfor coconnor domenkozar eelco chaoflow ];
};
nodes = {

2
nixos/tests/kde4.nix
View File

@ -1,7 +1,7 @@
import ./make-test.nix ({ pkgs, ... }: {
name = "kde4";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ iElectric eelco chaoflow ];
maintainers = [ domenkozar eelco chaoflow ];
};
machine =

2
nixos/tests/munin.nix
View File

@ -4,7 +4,7 @@
import ./make-test.nix ({ pkgs, ...} : {
name = "munin";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ iElectric eelco chaoflow ];
maintainers = [ domenkozar eelco chaoflow ];
};
nodes = {

2
nixos/tests/printing.nix
View File

@ -3,7 +3,7 @@
import ./make-test.nix ({pkgs, ... }: {
name = "printing";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ iElectric eelco chaoflow jgeerds ];
maintainers = [ domenkozar eelco chaoflow jgeerds ];
};
nodes = {

2
nixos/tests/quake3.nix
View File

@ -22,7 +22,7 @@ in
rec {
name = "quake3";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ iElectric eelco chaoflow ];
maintainers = [ domenkozar eelco chaoflow ];
};
# TODO: lcov doesn't work atm

2
pkgs/applications/altcoins/bitcoin-classic.nix
View File

@ -17,7 +17,7 @@ stdenv.mkDerivation rec {
miniupnpc utillinux protobuf ]
++ optionals withGui [ qt4 qrencode ];
configureFlags = [ "--with-boost-libdir=${boost.lib}/lib" ]
configureFlags = [ "--with-boost-libdir=${boost.out}/lib" ]
++ optionals withGui [ "--with-gui=qt4" ];
meta = {

2
pkgs/applications/altcoins/bitcoin-xt.nix
View File

@ -18,7 +18,7 @@ stdenv.mkDerivation rec{
++ optionals withGui [ qt4 qrencode ];
configureFlags = [
"--with-boost-libdir=${boost.lib}/lib"
"--with-boost-libdir=${boost.out}/lib"
"--with-libcurl-headers=${curl.dev}/include"
] ++ optionals withGui [ "--with-gui=qt4" ];

2
pkgs/applications/altcoins/bitcoin.nix
View File

@ -21,7 +21,7 @@ stdenv.mkDerivation rec{
++ optionals stdenv.isLinux [ utillinux ]
++ optionals withGui [ qt4 qrencode ];
configureFlags = [ "--with-boost-libdir=${boost.lib}/lib" ]
configureFlags = [ "--with-boost-libdir=${boost.out}/lib" ]
++ optionals withGui [ "--with-gui=qt4" ];
meta = {

2
pkgs/applications/altcoins/dashpay.nix
View File

@ -16,7 +16,7 @@ stdenv.mkDerivation rec {
buildInputs = [ pkgconfig autoreconfHook glib openssl db48 yasm
boost zlib miniupnpc protobuf qt4 qrencode utillinux ];
configureFlags = [ "--with-boost-libdir=${boost.lib}/lib" ];
configureFlags = [ "--with-boost-libdir=${boost.out}/lib" ];
meta = with stdenv.lib; {
version = "0.12.0.55";

2
pkgs/applications/altcoins/dogecoin.nix
View File

@ -29,7 +29,7 @@ stdenv.mkDerivation rec {
'';
configureFlags = [ "--with-incompatible-bdb"
"--with-boost-libdir=${boost.lib}/lib" ]
"--with-boost-libdir=${boost.out}/lib" ]
++ optionals withGui [ "--with-gui" ];
meta = {

2
pkgs/applications/altcoins/litecoin.nix
View File

@ -19,7 +19,7 @@ stdenv.mkDerivation rec {
openssl db48 boost zlib miniupnpc glib protobuf utillinux ]
++ optionals withGui [ qt4 qrencode ];
configureFlags = [ "--with-boost-libdir=${boost.lib}/lib" ]
configureFlags = [ "--with-boost-libdir=${boost.out}/lib" ]
++ optionals withGui [ "--with-gui=qt4" ];
meta = with stdenv.lib; {

2
pkgs/applications/altcoins/memorycoin.nix
View File

@ -17,7 +17,7 @@ stdenv.mkDerivation rec{
miniupnpc utillinux protobuf ]
++ optionals withGui [ qt4 qmake4Hook qrencode ];
configureFlags = [ "--with-boost-libdir=${boost.lib}/lib" ]
configureFlags = [ "--with-boost-libdir=${boost.out}/lib" ]
++ optionals withGui [ "--with-gui=qt4" ];
preBuild = optional (!withGui) "cd src; cp makefile.unix Makefile";

2
pkgs/applications/altcoins/primecoin.nix
View File

@ -17,7 +17,7 @@ stdenv.mkDerivation rec{
miniupnpc utillinux protobuf ]
++ optionals withGui [ qt4 qmake4Hook qrencode ];
configureFlags = [ "--with-boost-libdir=${boost.lib}/lib" ]
configureFlags = [ "--with-boost-libdir=${boost.out}/lib" ]
++ optionals withGui [ "--with-gui=qt4" ];
preBuild = optional (!withGui) "cd src; cp makefile.unix Makefile";

8
pkgs/applications/audio/CharacterCompressor/default.nix
View File

@ -1,4 +1,4 @@
{ stdenv, fetchFromGitHub, faust2jack, faust2lv2 }:
{ stdenv, fetchFromGitHub, faust2jaqt, faust2lv2gui }:
stdenv.mkDerivation rec {
name = "CharacterCompressor-${version}";
version = "0.2";
@ -10,11 +10,11 @@ stdenv.mkDerivation rec {
sha256 = "0fvi8m4nshcxypn4jgxhnh7pxp68wshhav3k8wn3il7qpw71pdxi";
};
buildInputs = [ faust2jack faust2lv2 ];
buildInputs = [ faust2jaqt faust2lv2gui ];
buildPhase = ''
faust2jack -t 99999 CharacterCompressor.dsp
faust2lv2 -t 99999 CharacterCompressor.dsp
faust2jaqt -t 99999 CharacterCompressor.dsp
faust2lv2 -gui -t 99999 CharacterCompressor.dsp
'';
installPhase = ''

8
pkgs/applications/audio/CompBus/default.nix
View File

@ -1,4 +1,4 @@
{ stdenv, fetchFromGitHub, faust2jack, faust2lv2 }:
{ stdenv, fetchFromGitHub, faust2jaqt, faust2lv2gui }:
stdenv.mkDerivation rec {
name = "CompBus-${version}";
version = "1.1.02";
@ -10,13 +10,13 @@ stdenv.mkDerivation rec {
sha256 = "025vi60caxk3j2vxxrgbc59xlyr88vgn7k3127s271zvpyy7apwh";
};
buildInputs = [ faust2jack faust2lv2 ];
buildInputs = [ faust2jaqt faust2lv2gui ];
buildPhase = ''
for f in *.dsp;
do
faust2jack -t 99999 $f
faust2lv2 -t 99999 $f
faust2jaqt -t 99999 $f
faust2lv2 -gui -t 99999 $f
done
'';

8
pkgs/applications/audio/LazyLimiter/default.nix
View File

@ -1,4 +1,4 @@
{ stdenv, fetchFromGitHub, faust2jack, faust2lv2 }:
{ stdenv, fetchFromGitHub, faust2jaqt, faust2lv2gui }:
stdenv.mkDerivation rec {
name = "LazyLimiter-${version}";
version = "0.3.01";
@ -10,11 +10,11 @@ stdenv.mkDerivation rec {
sha256 = "1yx9d5cakmqbiwb1j9v2af9h5lqzahl3kaamnyk71cf4i8g7zp3l";
};
buildInputs = [ faust2jack faust2lv2 ];
buildInputs = [ faust2jaqt faust2lv2gui ];
buildPhase = ''
faust2jack -t 99999 LazyLimiter.dsp
faust2lv2 -t 99999 LazyLimiter.dsp
faust2jaqt -t 99999 LazyLimiter.dsp
faust2lv2 -gui -t 99999 LazyLimiter.dsp
'';
installPhase = ''

8
pkgs/applications/audio/MBdistortion/default.nix
View File

@ -1,4 +1,4 @@
{ stdenv, fetchFromGitHub, faust2jack, faust2lv2 }:
{ stdenv, fetchFromGitHub, faust2jaqt, faust2lv2gui }:
stdenv.mkDerivation rec {
name = "MBdistortion-${version}";
version = "1.1";
@ -10,11 +10,11 @@ stdenv.mkDerivation rec {
sha256 = "1rmvfi48hg8ybfw517zgj3fjj2xzckrmv8x131i26vj0fv7svjsp";
};
buildInputs = [ faust2jack faust2lv2 ];
buildInputs = [ faust2jaqt faust2lv2gui ];
buildPhase = ''
faust2jack -t 99999 MBdistortion.dsp
faust2lv2 -t 99999 MBdistortion.dsp
faust2jaqt -t 99999 MBdistortion.dsp
faust2lv2 -gui -t 99999 MBdistortion.dsp
'';
installPhase = ''

8
pkgs/applications/audio/RhythmDelay/default.nix
View File

@ -1,4 +1,4 @@
{ stdenv, fetchFromGitHub, faust2jack, faust2lv2 }:
{ stdenv, fetchFromGitHub, faust2jaqt, faust2lv2gui }:
stdenv.mkDerivation rec {
name = "RhythmDelay-${version}";
version = "2.0";
@ -10,11 +10,11 @@ stdenv.mkDerivation rec {
sha256 = "0n938nm08mf3lz92k6v07k1469xxzmfkgclw40jgdssfcfa16bn7";
};
buildInputs = [ faust2jack faust2lv2 ];
buildInputs = [ faust2jaqt faust2lv2gui ];
buildPhase = ''
faust2jack -t 99999 RhythmDelay.dsp
faust2lv2 -t 99999 RhythmDelay.dsp
faust2jaqt -t 99999 RhythmDelay.dsp
faust2lv2 -gui -t 99999 RhythmDelay.dsp
'';
installPhase = ''

4
pkgs/applications/audio/amarok/default.nix
View File

@ -2,7 +2,7 @@
, qtscriptgenerator, gettext, curl , libxml2, mysql, taglib
, taglib_extras, loudmouth , kdelibs , qca2, libmtp, liblastfm, libgpod
, phonon , strigi, soprano, qjson, ffmpeg, libofa, nepomuk_core ? null
, lz4, lzo, snappy, libaio
, lz4, lzo, snappy, libaio, pcre
}:
stdenv.mkDerivation rec {
@ -24,7 +24,7 @@ stdenv.mkDerivation rec {
qtscriptgenerator stdenv.cc.libc gettext curl libxml2 mysql.lib
taglib taglib_extras loudmouth kdelibs phonon strigi soprano qca2
libmtp liblastfm libgpod qjson ffmpeg libofa nepomuk_core
lz4 lzo snappy libaio
lz4 lzo snappy libaio pcre
];
# This is already fixed upstream, will be release in 2.9

2
pkgs/applications/audio/audacious/default.nix
View File

@ -60,7 +60,7 @@ stdenv.mkDerivation {
meta = {
description = "Audio player";
homepage = http://audacious-media-player.org/;
maintainers = with stdenv.lib.maintainers; [ eelco simons ];
maintainers = with stdenv.lib.maintainers; [ eelco ];
platforms = stdenv.lib.platforms.linux;
};
}

2
pkgs/applications/audio/baudline/default.nix
View File

@ -29,7 +29,7 @@ stdenv.mkDerivation rec {
# Prebuilt binary distribution.
# "patchelf --set-rpath" seems to break the application (cannot start), using
# LD_LIBRARY_PATH wrapper script instead.
buildPhase = "true";
dontBuild = true;
installPhase = ''
mkdir -p "$out/bin"
mkdir -p "$out/libexec/baudline"

30
pkgs/applications/audio/cava/default.nix
View File

@ -1,26 +1,36 @@
{ stdenv, fetchgit, alsaLib, fftw }:
{ stdenv, fetchFromGitHub, autoreconfHook, alsaLib, fftw,
libpulseaudio, ncurses }:
stdenv.mkDerivation rec {
name = "cava-${version}";
version = "27dbdf47daae44c780db9998c760007b3bf63738";
version = "0.4.1";
buildInputs = [ alsaLib fftw ];
buildInputs = [
alsaLib
fftw
libpulseaudio
ncurses
];
src = fetchgit {
url = "https://github.com/karlstav/cava";
src = fetchFromGitHub {
owner = "karlstav";
repo = "cava";
rev = version;
sha256 = "1a61e2c869376276cf78e6446cd1cc7f96b3e378fa8bc0bc4c5ca81945429909";
sha256 = "157hw4cn3qjic7ymn5vy67paxmzssc33h1zswx72ss7j6nc8707f";
};
installPhase = ''
mkdir -p $out/bin
cp cava $out/bin
nativeBuildInputs = [ autoreconfHook ];
postConfigure = ''
substituteInPlace Makefile \
--replace "-L/usr/local/lib -Wl,-rpath /usr/local/lib" ""
'';
meta = with stdenv.lib; {
description = "Console-based Audio Visualizer for Alsa";
homepage = https://github.com/karlstav/cava;
maintainers = with maintainers; [offline];
license = licenses.mit;
maintainers = with maintainers; [ offline mirrexagon ];
platforms = platforms.linux;
};
}

16
pkgs/applications/audio/constant-detune-chorus/default.nix
View File

@ -1,27 +1,27 @@
{ stdenv, fetchFromGitHub, faust2jack, faust2lv2 }:
{ stdenv, fetchFromGitHub, faust2jaqt, faust2lv2gui }:
stdenv.mkDerivation rec {
name = "constant-detune-chorus-${version}";
version = "0.1.01";
version = "0.1.2";
src = fetchFromGitHub {
owner = "magnetophon";
repo = "constant-detune-chorus";
rev = "v${version}";
sha256 = "1z8aj1a36ix9jizk9wl06b3i98hrkg47qxqp8vx930r624pc5z86";
sha256 = "1ks2k6pflqyi2cs26bnbypphyrrgn0xf31l31kgx1qlilyc57vln";
};
buildInputs = [ faust2jack faust2lv2 ];
buildInputs = [ faust2jaqt faust2lv2gui ];
buildPhase = ''
faust2jack -t 99999 constant-detune-chorus.dsp
faust2lv2 -t 99999 constant-detune-chorus.dsp
faust2jaqt -t 99999 ConstantDetuneChorus.dsp
faust2lv2 -gui -t 99999 ConstantDetuneChorus.dsp
'';
installPhase = ''
mkdir -p $out/bin
cp constant-detune-chorus $out/bin/
cp ConstantDetuneChorus $out/bin/
mkdir -p $out/lib/lv2
cp -r constant-detune-chorus.lv2/ $out/lib/lv2
cp -r ConstantDetuneChorus.lv2/ $out/lib/lv2
'';
meta = {

11
pkgs/applications/audio/deadbeef/default.nix
View File

@ -1,7 +1,7 @@
{ stdenv, fetchurl, intltool, pkgconfig, fetchpatch, jansson
# deadbeef can use either gtk2 or gtk3
, gtk2Support ? false, gtk2 ? null
, gtk3Support ? true, gtk3 ? null, gsettings_desktop_schemas ? null, makeWrapper ? null
, gtk3Support ? true, gtk3 ? null, gsettings_desktop_schemas ? null, wrapGAppsHook ? null
# input plugins
, vorbisSupport ? true, libvorbis ? null
, mp123Support ? true, libmad ? null
@ -30,7 +30,7 @@
assert gtk2Support || gtk3Support;
assert gtk2Support -> gtk2 != null;
assert gtk3Support -> gtk3 != null && gsettings_desktop_schemas != null && makeWrapper != null;
assert gtk3Support -> gtk3 != null && gsettings_desktop_schemas != null && wrapGAppsHook != null;
assert vorbisSupport -> libvorbis != null;
assert mp123Support -> libmad != null;
assert flacSupport -> flac != null;
@ -85,15 +85,10 @@ stdenv.mkDerivation rec {
;
nativeBuildInputs = with stdenv.lib; [ intltool pkgconfig ]
++ optional gtk3Support makeWrapper;
++ optional gtk3Support wrapGAppsHook;
enableParallelBuilding = true;
postInstall = if !gtk3Support then "" else ''
wrapProgram "$out/bin/deadbeef" \
--prefix XDG_DATA_DIRS : "$GSETTINGS_SCHEMAS_PATH"
'';
meta = with stdenv.lib; {
description = "Ultimate Music Player for GNU/Linux";
homepage = "http://deadbeef.sourceforge.net/";

5
pkgs/applications/audio/faust/faust1.nix
View File

@ -25,7 +25,6 @@ let
};
faust = stdenv.mkDerivation {
name = "faust-${version}";
inherit src;
@ -107,9 +106,7 @@ let
inherit src;
configurePhase = ":";
buildPhase = ":";
dontBuild = true;
installPhase = ''
runHook preInstall

210
pkgs/applications/audio/faust/faust1git.nix Normal file
View File

@ -0,0 +1,210 @@
{ stdenv
, coreutils
, fetchgit
, makeWrapper
, pkgconfig
}:
with stdenv.lib.strings;
let
version = "2016-04-27";
src = fetchgit {
url = "git://git.code.sf.net/p/faudiostream/code";
rev = "931fca3e649f99ef09025d37bd6a7dc70a03e6f6";
sha256 = "05yam8jfdnziysvpxa5w118k5bbl103vamyqgka6vyhjjizp1nx7";
};
meta = with stdenv.lib; {
homepage = http://faust.grame.fr/;
downloadPage = http://sourceforge.net/projects/faudiostream/files/;
license = licenses.gpl2;
platforms = platforms.linux;
maintainers = with maintainers; [ magnetophon pmahoney ];
};
faust = stdenv.mkDerivation {
name = "faust-${version}";
inherit src;
buildInputs = [ makeWrapper ];
passthru = {
inherit wrap wrapWithBuildEnv;
};
preConfigure = ''
makeFlags="$makeFlags prefix=$out"
# The faust makefiles use 'system ?= $(shell uname -s)' but nix
# defines 'system' env var, so undefine that so faust detects the
# correct system.
unset system
'';
# Remove most faust2appl scripts since they won't run properly
# without additional paths setup. See faust.wrap,
# faust.wrapWithBuildEnv.
postInstall = ''
# syntax error when eval'd directly
pattern="faust2!(svg)"
(shopt -s extglob; rm "$out"/bin/$pattern)
'';
postFixup = ''
# Set faustpath explicitly.
substituteInPlace "$out"/bin/faustpath \
--replace "/usr/local /usr /opt /opt/local" "$out"
# The 'faustoptflags' is 'source'd into other faust scripts and
# not used as an executable, so patch 'uname' usage directly
# rather than use makeWrapper.
substituteInPlace "$out"/bin/faustoptflags \
--replace uname "${coreutils}/bin/uname"
# wrapper for scripts that don't need faust.wrap*
for script in "$out"/bin/faust2*; do
wrapProgram "$script" \
--prefix PATH : "$out"/bin
done
'';
meta = meta // {
description = "A functional programming language for realtime audio signal processing";
longDescription = ''
FAUST (Functional Audio Stream) is a functional programming
language specifically designed for real-time signal processing
and synthesis. FAUST targets high-performance signal processing
applications and audio plug-ins for a variety of platforms and
standards.
The Faust compiler translates DSP specifications into very
efficient C++ code. Thanks to the notion of architecture,
FAUST programs can be easily deployed on a large variety of
audio platforms and plugin formats (jack, alsa, ladspa, maxmsp,
puredata, csound, supercollider, pure, vst, coreaudio) without
any change to the FAUST code.
This package has just the compiler, libraries, and headers.
Install faust2* for specific faust2appl scripts.
'';
};
};
# Default values for faust2appl.
faust2ApplBase =
{ baseName
, dir ? "tools/faust2appls"
, scripts ? [ baseName ]
, ...
}@args:
args // {
name = "${baseName}-${version}";
inherit src;
configurePhase = ":";
buildPhase = ":";
installPhase = ''
runHook preInstall
mkdir -p "$out/bin"
for script in ${concatStringsSep " " scripts}; do
cp "${dir}/$script" "$out/bin/"
done
runHook postInstall
'';
postInstall = ''
# For the faust2appl script, change 'faustpath' and
# 'faustoptflags' to absolute paths.
for script in "$out"/bin/*; do
substituteInPlace "$script" \
--replace ". faustpath" ". '${faust}/bin/faustpath'" \
--replace ". faustoptflags" ". '${faust}/bin/faustoptflags'"
done
'';
meta = meta // {
description = "The ${baseName} script, part of faust functional programming language for realtime audio signal processing";
};
};
# Some 'faust2appl' scripts, such as faust2alsa, run faust to
# generate cpp code, then invoke the c++ compiler to build the code.
# This builder wraps these scripts in parts of the stdenv such that
# when the scripts are called outside any nix build, they behave as
# if they were running inside a nix build in terms of compilers and
# paths being configured (e.g. rpath is set so that compiled
# binaries link to the libs inside the nix store)
#
# The function takes two main args: the appl name (e.g.
# 'faust2alsa') and an optional list of propagatedBuildInputs. It
# returns a derivation that contains only the bin/${appl} script,
# wrapped up so that it will run as if it was inside a nix build
# with those build inputs.
#
# The build input 'faust' is automatically added to the
# propagatedBuildInputs.
wrapWithBuildEnv =
{ baseName
, propagatedBuildInputs ? [ ]
, ...
}@args:
stdenv.mkDerivation ((faust2ApplBase args) // {
buildInputs = [ makeWrapper pkgconfig ];
propagatedBuildInputs = [ faust ] ++ propagatedBuildInputs;
postFixup = ''
# export parts of the build environment
for script in "$out"/bin/*; do
wrapProgram "$script" \
--set FAUSTLIB "${faust}/lib/faust" \
--set FAUSTINC "${faust}/include/faust" \
--prefix PATH : "$PATH" \
--prefix PKG_CONFIG_PATH : "$PKG_CONFIG_PATH" \
--set NIX_CFLAGS_COMPILE "\"$NIX_CFLAGS_COMPILE\"" \
--set NIX_LDFLAGS "\"$NIX_LDFLAGS\""
done
'';
});
# Builder for 'faust2appl' scripts, such as faust2firefox that
# simply need to be wrapped with some dependencies on PATH.
#
# The build input 'faust' is automatically added to the PATH.
wrap =
{ baseName
, runtimeInputs ? [ ]
, ...
}@args:
let
runtimePath = concatStringsSep ":" (map (p: "${p}/bin") ([ faust ] ++ runtimeInputs));
in stdenv.mkDerivation ((faust2ApplBase args) // {
buildInputs = [ makeWrapper ];
postFixup = ''
for script in "$out"/bin/*; do
wrapProgram "$script" --prefix PATH : "${runtimePath}"
done
'';
});
in faust

Some files were not shown because too many files have changed in this diff Show More