This commit is contained in:
legendofmiracles 2021-05-01 22:19:02 +02:00
commit 4ee084bb41
No known key found for this signature in database
GPG key ID: 19B082B3DEFE5451
476 changed files with 8709 additions and 4495 deletions

View file

@ -1,7 +1,10 @@
name: "Checking EditorConfig"
permissions: read-all
on:
pull_request:
# avoids approving first time contributors
pull_request_target:
branches-ignore:
- 'release-**'
@ -21,17 +24,23 @@ jobs:
>> $GITHUB_ENV
echo 'EOF' >> $GITHUB_ENV
- uses: actions/checkout@v2
with:
# pull_request_target checks out the base branch by default
ref: refs/pull/${{ github.event.pull_request.number }}/merge
if: env.PR_DIFF
- name: Fetch editorconfig-checker
- uses: cachix/install-nix-action@v13
if: env.PR_DIFF
with:
# nixpkgs commit is pinned so that it doesn't break
nix_path: nixpkgs=https://github.com/NixOS/nixpkgs/archive/f93ecc4f6bc60414d8b73dbdf615ceb6a2c604df.tar.gz
- name: install editorconfig-checker
run: nix-env -iA editorconfig-checker -f '<nixpkgs>'
if: env.PR_DIFF
env:
ECC_VERSION: "2.3.5"
ECC_URL: "https://github.com/editorconfig-checker/editorconfig-checker/releases/download"
run: |
curl -sSf -O -L -C - "$ECC_URL/$ECC_VERSION/ec-linux-amd64.tar.gz" && \
tar xzf ec-linux-amd64.tar.gz && \
mv ./bin/ec-linux-amd64 ./bin/editorconfig-checker
- name: Checking EditorConfig
if: env.PR_DIFF
run: |
echo "$PR_DIFF" | xargs ./bin/editorconfig-checker -disable-indent-size
echo "$PR_DIFF" | xargs editorconfig-checker -disable-indent-size
- if: ${{ failure() }}
run: |
echo "::error :: Hey! It looks like your changes don't follow our editorconfig settings. Read https://editorconfig.org/#download to configure your editor so you never see this error again."

View file

@ -171,7 +171,8 @@
- Arguments should be listed in the order they are used, with the exception of `lib`, which always goes first.
- Prefer using the top-level `lib` over its alias `stdenv.lib`. `lib` is unrelated to `stdenv`, and so `stdenv.lib` should only be used as a convenience alias when developing to avoid having to modify the function inputs just to test something out.
- The top-level `lib` must be used in the master and 21.05 branch over its alias `stdenv.lib` as it now causes evaluation errors when aliases are disabled which is the case for ofborg.
`lib` is unrelated to `stdenv`, and so `stdenv.lib` should only be used as a convenience alias when developing locally to avoid having to modify the function inputs just to test something out.
## Package naming {#sec-package-naming}

View file

@ -66,8 +66,9 @@ let
stringLength sub substring tail trace;
inherit (self.trivial) id const pipe concat or and bitAnd bitOr bitXor
bitNot boolToString mergeAttrs flip mapNullable inNixShell isFloat min max
importJSON importTOML warn info showWarnings nixpkgsVersion version mod compare
splitByAndCompare functionArgs setFunctionArgs isFunction toHexString toBaseDigits;
importJSON importTOML warn warnIf info showWarnings nixpkgsVersion version
mod compare splitByAndCompare functionArgs setFunctionArgs isFunction
toHexString toBaseDigits;
inherit (self.fixedPoints) fix fix' converge extends composeExtensions
composeManyExtensions makeExtensible makeExtensibleWithCustomName;
inherit (self.attrsets) attrByPath hasAttrByPath setAttrByPath

View file

@ -37,7 +37,7 @@ let
setAttrByPath
toList
types
warn
warnIf
;
inherit (lib.options)
isOption
@ -516,8 +516,8 @@ rec {
value = if opt ? apply then opt.apply res.mergedValue else res.mergedValue;
warnDeprecation =
if opt.type.deprecationMessage == null then id
else warn "The type `types.${opt.type.name}' of option `${showOption loc}' defined in ${showFiles opt.declarations} is deprecated. ${opt.type.deprecationMessage}";
warnIf (opt.type.deprecationMessage != null)
"The type `types.${opt.type.name}' of option `${showOption loc}' defined in ${showFiles opt.declarations} is deprecated. ${opt.type.deprecationMessage}";
in warnDeprecation opt //
{ value = builtins.addErrorContext "while evaluating the option `${showOption loc}':" value;

View file

@ -606,7 +606,7 @@ rec {
This function will fail if the input string is longer than the
requested length.
Type: fixedWidthString :: int -> string -> string
Type: fixedWidthString :: int -> string -> string -> string
Example:
fixedWidthString 5 "0" (toString 15)
@ -644,8 +644,8 @@ rec {
floatToString = float: let
result = toString float;
precise = float == fromJSON result;
in if precise then result
else lib.warn "Imprecise conversion from float to string ${result}" result;
in lib.warnIf (!precise) "Imprecise conversion from float to string ${result}"
result;
/* Check whether a value can be coerced to a string */
isCoercibleToString = x:

View file

@ -297,12 +297,15 @@ rec {
# Usage:
# {
# foo = lib.warn "foo is deprecated" oldFoo;
# bar = lib.warnIf (bar == "") "Empty bar is deprecated" bar;
# }
#
# TODO: figure out a clever way to integrate location information from
# something like __unsafeGetAttrPos.
warn = msg: builtins.trace "warning: ${msg}";
warnIf = cond: msg: if cond then warn msg else id;
info = msg: builtins.trace "INFO: ${msg}";
showWarnings = warnings: res: lib.fold (w: x: warn w x) res warnings;

View file

@ -3029,6 +3029,12 @@
fingerprint = "F178 B4B4 6165 6D1B 7C15 B55D 4029 3358 C7B9 326B";
}];
};
erikbackman = {
email = "contact@ebackman.net";
github = "erikbackman";
githubId = 46724898;
name = "Erik Backman";
};
erikryb = {
email = "erik.rybakken@math.ntnu.no";
github = "erikryb";
@ -3107,6 +3113,16 @@
githubId = 2147649;
name = "Euan Kemp";
};
evalexpr = {
name = "Jonathan Wilkins";
email = "nixos@wilkins.tech";
github = "evalexpr";
githubId = 23485511;
keys = [{
longkeyid = "rsa4096/0x2D1D402E17763DD6";
fingerprint = "8129 5B85 9C5A F703 C2F4 1E29 2D1D 402E 1776 3DD6";
}];
};
evanjs = {
email = "evanjsx@gmail.com";
github = "evanjs";
@ -3991,6 +4007,16 @@
githubId = 19825977;
name = "Hiren Shah";
};
hiro98 = {
email = "hiro@protagon.space";
github = "vale981";
githubId = 4025991;
name = "Valentin Boettcher";
keys = [{
longkeyid = "rsa2048/0xC22D4DE4D7B32D19";
fingerprint = "45A9 9917 578C D629 9F5F B5B4 C22D 4DE4 D7B3 2D19";
}];
};
hjones2199 = {
email = "hjones2199@gmail.com";
github = "hjones2199";
@ -6134,11 +6160,11 @@
fingerprint = "B573 5118 0375 A872 FBBF 7770 B629 036B E399 EEE9";
}];
};
mausch = {
email = "mauricioscheffer@gmail.com";
github = "mausch";
githubId = 95194;
name = "Mauricio Scheffer";
masipcat = {
email = "jordi@masip.cat";
github = "masipcat";
githubId = 775189;
name = "Jordi Masip";
};
matejc = {
email = "cotman.matej@gmail.com";
@ -6194,6 +6220,12 @@
githubId = 136037;
name = "Matthew Maurer";
};
mausch = {
email = "mauricioscheffer@gmail.com";
github = "mausch";
githubId = 95194;
name = "Mauricio Scheffer";
};
maxdamantus = {
email = "maxdamantus@gmail.com";
github = "Maxdamantus";
@ -7031,6 +7063,12 @@
githubId = 628342;
name = "Tim Steinbach";
};
netcrns = {
email = "jason.wing@gmx.de";
github = "netcrns";
githubId = 34162313;
name = "Jason Wing";
};
netixx = {
email = "dev.espinetfrancois@gmail.com";
github = "netixx";
@ -10305,6 +10343,12 @@
githubId = 2212422;
name = "uwap";
};
V = {
name = "V";
email = "v@anomalous.eu";
github = "deviant";
githubId = 68829907;
};
va1entin = {
email = "github@valentinsblog.com";
github = "va1entin";

View file

@ -692,6 +692,12 @@ environment.systemPackages = [
<literal>skip-kernel-setup true</literal> and takes care of setting forwarding and rp_filter sysctls by itself as well
as for each interface in <varname>services.babeld.interfaces</varname>.
</para>
</listitem>
<listitem>
<para>
The <option>services.zigbee2mqtt.config</option> option has been renamed to <option>services.zigbee2mqtt.settings</option> and
now follows <link xlink:href="https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md">RFC 0042</link>.
</para>
</listitem>
</itemizedlist>
</section>

View file

@ -131,10 +131,8 @@ rec {
"it's currently ${toString testNameLen} characters long.")
else
"nixos-test-driver-${name}";
warn = if skipLint then lib.warn "Linting is disabled!" else lib.id;
in
warn (runCommand testDriverName
lib.warnIf skipLint "Linting is disabled" (runCommand testDriverName
{
buildInputs = [ makeWrapper ];
testScript = testScript';

View file

@ -41,7 +41,7 @@ in {
sizeMB = mkOption {
type = with types; either (enum [ "auto" ]) int;
default = "auto";
default = if config.ec2.hvm then 2048 else 8192;
example = 8192;
description = "The size in MB of the image";
};

View file

@ -126,6 +126,13 @@ in
'';
};
expandOnBoot = mkOption {
type = types.bool;
default = true;
description = ''
Whether to configure the sd image to expand it's partition on boot.
'';
};
};
config = {
@ -215,7 +222,7 @@ in
'';
}) {};
boot.postBootCommands = ''
boot.postBootCommands = lib.mkIf config.sdImage.expandOnBoot ''
# On the first boot do some maintenance tasks
if [ -f /nix-path-registration ]; then
set -euo pipefail

View file

@ -130,6 +130,7 @@
./programs/droidcam.nix
./programs/environment.nix
./programs/evince.nix
./programs/feedbackd.nix
./programs/file-roller.nix
./programs/firejail.nix
./programs/fish.nix
@ -163,6 +164,7 @@
./programs/partition-manager.nix
./programs/plotinus.nix
./programs/proxychains.nix
./programs/phosh.nix
./programs/qt5ct.nix
./programs/screen.nix
./programs/sedutil.nix
@ -632,6 +634,7 @@
./services/network-filesystems/xtreemfs.nix
./services/network-filesystems/ceph.nix
./services/networking/3proxy.nix
./services/networking/adguardhome.nix
./services/networking/amuled.nix
./services/networking/aria2.nix
./services/networking/asterisk.nix

View file

@ -17,7 +17,7 @@ in {
type = types.listOf types.str;
description = "Nix top-level packages to be compiled using CCache";
default = [];
example = [ "wxGTK30" "qt48" "ffmpeg_3_3" "libav_all" ];
example = [ "wxGTK30" "ffmpeg" "libav_all" ];
};
};

View file

@ -0,0 +1,32 @@
{ pkgs, lib, config, ... }:
with lib;
let
cfg = config.programs.feedbackd;
in {
options = {
programs.feedbackd = {
enable = mkEnableOption ''
Whether to enable the feedbackd D-BUS service and udev rules.
Your user needs to be in the `feedbackd` group to trigger effects.
'';
package = mkOption {
description = ''
Which feedbackd package to use.
'';
type = types.package;
default = pkgs.feedbackd;
};
};
};
config = mkIf cfg.enable {
environment.systemPackages = [ cfg.package ];
services.dbus.packages = [ cfg.package ];
services.udev.packages = [ cfg.package ];
users.groups.feedbackd = {};
};
}

View file

@ -0,0 +1,167 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.programs.phosh;
# Based on https://source.puri.sm/Librem5/librem5-base/-/blob/4596c1056dd75ac7f043aede07887990fd46f572/default/sm.puri.OSK0.desktop
oskItem = pkgs.makeDesktopItem {
name = "sm.puri.OSK0";
type = "Application";
desktopName = "On-screen keyboard";
exec = "${pkgs.squeekboard}/bin/squeekboard";
categories = "GNOME;Core;";
extraEntries = ''
OnlyShowIn=GNOME;
NoDisplay=true
X-GNOME-Autostart-Phase=Panel
X-GNOME-Provides=inputmethod
X-GNOME-Autostart-Notify=true
X-GNOME-AutoRestart=true
'';
};
phocConfigType = types.submodule {
options = {
xwayland = mkOption {
description = ''
Whether to enable XWayland support.
To start XWayland immediately, use `immediate`.
'';
type = types.enum [ "true" "false" "immediate" ];
default = "false";
};
cursorTheme = mkOption {
description = ''
Cursor theme to use in Phosh.
'';
type = types.str;
default = "default";
};
outputs = mkOption {
description = ''
Output configurations.
'';
type = types.attrsOf phocOutputType;
default = {
DSI-1 = {
scale = 2;
};
};
};
};
};
phocOutputType = types.submodule {
options = {
modeline = mkOption {
description = ''
One or more modelines.
'';
type = types.either types.str (types.listOf types.str);
default = [];
example = [
"87.25 720 776 848 976 1440 1443 1453 1493 -hsync +vsync"
"65.13 768 816 896 1024 1024 1025 1028 1060 -HSync +VSync"
];
};
mode = mkOption {
description = ''
Default video mode.
'';
type = types.nullOr types.str;
default = null;
example = "768x1024";
};
scale = mkOption {
description = ''
Display scaling factor.
'';
type = types.nullOr types.ints.unsigned;
default = null;
example = 2;
};
rotate = mkOption {
description = ''
Screen transformation.
'';
type = types.enum [
"90" "180" "270" "flipped" "flipped-90" "flipped-180" "flipped-270" null
];
default = null;
};
};
};
optionalKV = k: v: if v == null then "" else "${k} = ${builtins.toString v}";
renderPhocOutput = name: output: let
modelines = if builtins.isList output.modeline
then output.modeline
else [ output.modeline ];
renderModeline = l: "modeline = ${l}";
in ''
[output:${name}]
${concatStringsSep "\n" (map renderModeline modelines)}
${optionalKV "mode" output.mode}
${optionalKV "scale" output.scale}
${optionalKV "rotate" output.rotate}
'';
renderPhocConfig = phoc: let
outputs = mapAttrsToList renderPhocOutput phoc.outputs;
in ''
[core]
xwayland = ${phoc.xwayland}
${concatStringsSep "\n" outputs}
[cursor]
theme = ${phoc.cursorTheme}
'';
in {
options = {
programs.phosh = {
enable = mkEnableOption ''
Whether to enable, Phosh, related packages and default configurations.
'';
phocConfig = mkOption {
description = ''
Configurations for the Phoc compositor.
'';
type = types.oneOf [ types.lines types.path phocConfigType ];
default = {};
};
};
};
config = mkIf cfg.enable {
environment.systemPackages = [
pkgs.phoc
pkgs.phosh
pkgs.squeekboard
oskItem
];
programs.feedbackd.enable = true;
# https://source.puri.sm/Librem5/phosh/-/issues/303
security.pam.services.phosh = {
text = ''
auth requisite pam_nologin.so
auth required pam_succeed_if.so user != root quiet_success
auth required pam_securetty.so
auth requisite pam_nologin.so
'';
};
services.gnome3.core-shell.enable = true;
services.gnome3.core-os-services.enable = true;
services.xserver.displayManager.sessionPackages = [ pkgs.phosh ];
environment.etc."phosh/phoc.ini".source =
if builtins.isPath cfg.phocConfig then cfg.phocConfig
else if builtins.isString cfg.phocConfig then pkgs.writeText "phoc.ini" cfg.phocConfig
else pkgs.writeText "phoc.ini" (renderPhocConfig cfg.phocConfig);
};
}

View file

@ -76,7 +76,7 @@ let
};
tags = mkOption {
type = types.attrsOf types.str;
type = types.attrsOf (types.either types.str (types.listOf types.str));
default = {};
example = { queue = "default"; docker = "true"; ruby2 ="true"; };
description = ''
@ -230,7 +230,11 @@ in
## don't end up in the Nix store.
preStart = let
sshDir = "${cfg.dataDir}/.ssh";
tagStr = lib.concatStringsSep "," (lib.mapAttrsToList (name: value: "${name}=${value}") cfg.tags);
tagStr = name: value:
if lib.isList value
then lib.concatStringsSep "," (builtins.map (v: "${name}=${v}") value)
else "${name}=${value}";
tagsStr = lib.concatStringsSep "," (lib.mapAttrsToList tagStr cfg.tags);
in
optionalString (cfg.privateSshKeyPath != null) ''
mkdir -m 0700 -p "${sshDir}"
@ -241,7 +245,7 @@ in
token="$(cat ${toString cfg.tokenPath})"
name="${cfg.name}"
shell="${cfg.shell}"
tags="${tagStr}"
tags="${tagsStr}"
build-path="${cfg.dataDir}/builds"
hooks-path="${cfg.hooksPath}"
${cfg.extraConfig}

View file

@ -1,6 +0,0 @@
# Updating
1. Update the version & hash in pkgs/development/libraries/pipewire/default.nix
2. run `nix build -f /path/to/nixpkgs/checkout pipewire pipewire.mediaSession`
3. copy all JSON files from result/etc/pipewire and result-mediaSession/etc/pipewire/media-session.d to this directory
4. add new files to the module config and passthru tests

View file

@ -9,7 +9,7 @@
],
"actions": {
"update-props": {
"bluez5.reconnect-profiles": [
"bluez5.auto-connect": [
"hfp_hf",
"hsp_hs",
"a2dp_sink"

View file

@ -59,6 +59,7 @@
"with-pulseaudio": [
"with-audio",
"bluez5",
"logind",
"restore-stream",
"streams-follow-default"
]

View file

@ -30,7 +30,10 @@
"args": {
"server.address": [
"unix:native"
]
],
"vm.overrides": {
"pulse.min.quantum": "1024/48000"
}
}
}
],

View file

@ -2,7 +2,10 @@
"context.properties": {
"link.max-buffers": 16,
"core.daemon": true,
"core.name": "pipewire-0"
"core.name": "pipewire-0",
"vm.overrides": {
"default.clock.min-quantum": 1024
}
},
"context.spa-libs": {
"audio.convert.*": "audioconvert/libspa-audioconvert",

View file

@ -50,6 +50,7 @@ in
environment.etc."reader.conf".source = cfgFile;
environment.systemPackages = [ pkgs.pcsclite ];
systemd.packages = [ (getBin pkgs.pcsclite) ];
systemd.sockets.pcscd.wantedBy = [ "sockets.target" ];
@ -57,6 +58,16 @@ in
systemd.services.pcscd = {
environment.PCSCLITE_HP_DROPDIR = pluginEnv;
restartTriggers = [ "/etc/reader.conf" ];
# If the cfgFile is empty and not specified (in which case the default
# /etc/reader.conf is assumed), pcscd will happily start going through the
# entire confdir (/etc in our case) looking for a config file and try to
# parse everything it finds. Doesn't take a lot of imagination to see how
# well that works. It really shouldn't do that to begin with, but to work
# around it, we force the path to the cfgFile.
#
# https://github.com/NixOS/nixpkgs/issues/121088
serviceConfig.ExecStart = [ "" "${getBin pkgs.pcsclite}/bin/pcscd -f -x -c ${cfgFile}" ];
};
};
}

View file

@ -40,6 +40,7 @@ in {
serviceConfig = {
Restart = "on-failure";
TimeoutStopSec = 10;
ExecStart = "${pkgs.grafana-loki}/bin/promtail -config.file=${prettyJSON cfg.configuration} ${escapeShellArgs cfg.extraFlags}";

View file

@ -134,7 +134,7 @@ in {
ReadWritePaths = [ cfg.keyPath ];
AmbientCapabilities = [];
CapabilityBoundingSet = [];
CapabilityBoundingSet = "";
DevicePolicy = "closed";
LockPersonality = true;
MemoryDenyWriteExecute = true;

View file

@ -410,7 +410,7 @@ in
StateDirectoryMode = "0700";
AmbientCapabilities = [];
CapabilityBoundingSet = [];
CapabilityBoundingSet = "";
DevicePolicy = "closed";
LockPersonality = true;
NoNewPrivileges = true;

View file

@ -155,6 +155,7 @@ let
GITLAB_REDIS_CONFIG_FILE = pkgs.writeText "redis.yml" (builtins.toJSON redisConfig);
prometheus_multiproc_dir = "/run/gitlab";
RAILS_ENV = "production";
MALLOC_ARENA_MAX = "2";
};
gitlab-rake = pkgs.stdenv.mkDerivation {
@ -652,6 +653,105 @@ in {
description = "Extra configuration to merge into shell-config.yml";
};
puma.workers = mkOption {
type = types.int;
default = 2;
apply = x: builtins.toString x;
description = ''
The number of worker processes Puma should spawn. This
controls the amount of parallel Ruby code can be
executed. GitLab recommends <quote>Number of CPU cores -
1</quote>, but at least two.
<note>
<para>
Each worker consumes quite a bit of memory, so
be careful when increasing this.
</para>
</note>
'';
};
puma.threadsMin = mkOption {
type = types.int;
default = 0;
apply = x: builtins.toString x;
description = ''
The minimum number of threads Puma should use per
worker.
<note>
<para>
Each thread consumes memory and contributes to Global VM
Lock contention, so be careful when increasing this.
</para>
</note>
'';
};
puma.threadsMax = mkOption {
type = types.int;
default = 4;
apply = x: builtins.toString x;
description = ''
The maximum number of threads Puma should use per
worker. This limits how many threads Puma will automatically
spawn in response to requests. In contrast to workers,
threads will never be able to run Ruby code in parallel, but
give higher IO parallelism.
<note>
<para>
Each thread consumes memory and contributes to Global VM
Lock contention, so be careful when increasing this.
</para>
</note>
'';
};
sidekiq.memoryKiller.enable = mkOption {
type = types.bool;
default = true;
description = ''
Whether the Sidekiq MemoryKiller should be turned
on. MemoryKiller kills Sidekiq when its memory consumption
exceeds a certain limit.
See <link xlink:href="https://docs.gitlab.com/ee/administration/operations/sidekiq_memory_killer.html"/>
for details.
'';
};
sidekiq.memoryKiller.maxMemory = mkOption {
type = types.int;
default = 2000;
apply = x: builtins.toString (x * 1024);
description = ''
The maximum amount of memory, in MiB, a Sidekiq worker is
allowed to consume before being killed.
'';
};
sidekiq.memoryKiller.graceTime = mkOption {
type = types.int;
default = 900;
apply = x: builtins.toString x;
description = ''
The time MemoryKiller waits after noticing excessive memory
consumption before killing Sidekiq.
'';
};
sidekiq.memoryKiller.shutdownWait = mkOption {
type = types.int;
default = 30;
apply = x: builtins.toString x;
description = ''
The time allowed for all jobs to finish before Sidekiq is
killed forcefully.
'';
};
extraConfig = mkOption {
type = types.attrs;
default = {};
@ -993,7 +1093,11 @@ in {
] ++ optional (cfg.databaseHost == "") "postgresql.service";
wantedBy = [ "gitlab.target" ];
partOf = [ "gitlab.target" ];
environment = gitlabEnv;
environment = gitlabEnv // (optionalAttrs cfg.sidekiq.memoryKiller.enable {
SIDEKIQ_MEMORY_KILLER_MAX_RSS = cfg.sidekiq.memoryKiller.maxMemory;
SIDEKIQ_MEMORY_KILLER_GRACE_TIME = cfg.sidekiq.memoryKiller.graceTime;
SIDEKIQ_MEMORY_KILLER_SHUTDOWN_WAIT = cfg.sidekiq.memoryKiller.shutdownWait;
});
path = with pkgs; [
postgresqlPackage
git
@ -1005,13 +1109,15 @@ in {
# Needed for GitLab project imports
gnutar
gzip
procps # Sidekiq MemoryKiller
];
serviceConfig = {
Type = "simple";
User = cfg.user;
Group = cfg.group;
TimeoutSec = "infinity";
Restart = "on-failure";
Restart = "always";
WorkingDirectory = "${cfg.packages.gitlab}/share/gitlab";
ExecStart="${cfg.packages.gitlab.rubyEnv}/bin/sidekiq -C \"${cfg.packages.gitlab}/share/gitlab/config/sidekiq_queues.yml\" -e production";
};
@ -1145,7 +1251,13 @@ in {
TimeoutSec = "infinity";
Restart = "on-failure";
WorkingDirectory = "${cfg.packages.gitlab}/share/gitlab";
ExecStart = "${cfg.packages.gitlab.rubyEnv}/bin/puma -C ${cfg.statePath}/config/puma.rb -e production";
ExecStart = concatStringsSep " " [
"${cfg.packages.gitlab.rubyEnv}/bin/puma"
"-e production"
"-C ${cfg.statePath}/config/puma.rb"
"-w ${cfg.puma.workers}"
"-t ${cfg.puma.threadsMin}:${cfg.puma.threadsMax}"
];
};
};

View file

@ -70,6 +70,7 @@ in {
users.users = mkIf (cfg.user == "ombi") {
ombi = {
isSystemUser = true;
group = cfg.group;
home = cfg.dataDir;
};

View file

@ -5,29 +5,17 @@ with lib;
let
cfg = config.services.zigbee2mqtt;
configJSON = pkgs.writeText "configuration.json"
(builtins.toJSON (recursiveUpdate defaultConfig cfg.config));
configFile = pkgs.runCommand "configuration.yaml" { preferLocalBuild = true; } ''
${pkgs.remarshal}/bin/json2yaml -i ${configJSON} -o $out
'';
format = pkgs.formats.yaml { };
configFile = format.generate "zigbee2mqtt.yaml" cfg.settings;
# the default config contains all required settings,
# so the service starts up without crashing.
defaultConfig = {
homeassistant = false;
permit_join = false;
mqtt = {
base_topic = "zigbee2mqtt";
server = "mqtt://localhost:1883";
};
serial.port = "/dev/ttyACM0";
# put device configuration into separate file because configuration.yaml
# is copied from the store on startup
devices = "devices.yaml";
};
in
{
meta.maintainers = with maintainers; [ sweber ];
meta.maintainers = with maintainers; [ sweber hexa ];
imports = [
# Remove warning before the 21.11 release
(mkRenamedOptionModule [ "services" "zigbee2mqtt" "config" ] [ "services" "zigbee2mqtt" "settings" ])
];
options.services.zigbee2mqtt = {
enable = mkEnableOption "enable zigbee2mqtt service";
@ -37,7 +25,11 @@ in
default = pkgs.zigbee2mqtt.override {
dataDir = cfg.dataDir;
};
defaultText = "pkgs.zigbee2mqtt";
defaultText = literalExample ''
pkgs.zigbee2mqtt {
dataDir = services.zigbee2mqtt.dataDir
}
'';
type = types.package;
};
@ -47,9 +39,9 @@ in
type = types.path;
};
config = mkOption {
settings = mkOption {
type = format.type;
default = {};
type = with types; nullOr attrs;
example = literalExample ''
{
homeassistant = config.services.home-assistant.enable;
@ -61,11 +53,28 @@ in
'';
description = ''
Your <filename>configuration.yaml</filename> as a Nix attribute set.
Check the <link xlink:href="https://www.zigbee2mqtt.io/information/configuration.html">documentation</link>
for possible options.
'';
};
};
config = mkIf (cfg.enable) {
# preset config values
services.zigbee2mqtt.settings = {
homeassistant = mkDefault config.services.home-assistant.enable;
permit_join = mkDefault false;
mqtt = {
base_topic = mkDefault "zigbee2mqtt";
server = mkDefault "mqtt://localhost:1883";
};
serial.port = mkDefault "/dev/ttyACM0";
# reference device configuration, that is kept in a separate file
# to prevent it being overwritten in the units ExecStartPre script
devices = mkDefault "devices.yaml";
};
systemd.services.zigbee2mqtt = {
description = "Zigbee2mqtt Service";
wantedBy = [ "multi-user.target" ];
@ -76,10 +85,48 @@ in
User = "zigbee2mqtt";
WorkingDirectory = cfg.dataDir;
Restart = "on-failure";
# Hardening
CapabilityBoundingSet = "";
DeviceAllow = [
config.services.zigbee2mqtt.settings.serial.port
];
DevicePolicy = "closed";
LockPersonality = true;
MemoryDenyWriteExecute = false;
NoNewPrivileges = true;
PrivateDevices = false; # prevents access to /dev/serial, because it is set 0700 root:root
PrivateUsers = true;
PrivateTmp = true;
ProtectClock = true;
ProtectControlGroups = true;
ProtectHome = true;
ProtectHostname = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
ProtectProc = "invisible";
ProcSubset = "pid";
ProtectSystem = "strict";
ReadWritePaths = cfg.dataDir;
PrivateTmp = true;
RemoveIPC = true;
RestrictAddressFamilies = [
"AF_INET"
"AF_INET6"
];
RestrictNamespaces = true;
RestrictRealtime = true;
RestrictSUIDSGID = true;
SupplementaryGroups = [
"dialout"
];
SystemCallArchitectures = "native";
SystemCallFilter = [
"@system-service"
"~@privileged"
"~@resources"
];
UMask = "0077";
};
preStart = ''
cp --no-preserve=mode ${configFile} "${cfg.dataDir}/configuration.yaml"
@ -90,7 +137,6 @@ in
home = cfg.dataDir;
createHome = true;
group = "zigbee2mqtt";
extraGroups = [ "dialout" ];
uid = config.ids.uids.zigbee2mqtt;
};

View file

@ -59,6 +59,7 @@ let
"surfboard"
"systemd"
"tor"
"unbound"
"unifi"
"unifi-poller"
"varnish"

View file

@ -0,0 +1,59 @@
{ config, lib, pkgs, options }:
with lib;
let
cfg = config.services.prometheus.exporters.unbound;
in
{
port = 9167;
extraOpts = {
fetchType = mkOption {
# TODO: add shm when upstream implemented it
type = types.enum [ "tcp" "uds" ];
default = "uds";
description = ''
Which methods the exporter uses to get the information from unbound.
'';
};
telemetryPath = mkOption {
type = types.str;
default = "/metrics";
description = ''
Path under which to expose metrics.
'';
};
controlInterface = mkOption {
type = types.nullOr types.str;
default = null;
example = "/run/unbound/unbound.socket";
description = ''
Path to the unbound socket for uds mode or the control interface port for tcp mode.
Example:
uds-mode: /run/unbound/unbound.socket
tcp-mode: 127.0.0.1:8953
'';
};
};
serviceOpts = mkMerge ([{
serviceConfig = {
ExecStart = ''
${pkgs.prometheus-unbound-exporter}/bin/unbound-telemetry \
${cfg.fetchType} \
--bind ${cfg.listenAddress}:${toString cfg.port} \
--path ${cfg.telemetryPath} \
${optionalString (cfg.controlInterface != null) "--control-interface ${cfg.controlInterface}"} \
${toString cfg.extraFlags}
'';
};
}] ++ [
(mkIf config.services.unbound.enable {
after = [ "unbound.service" ];
requires = [ "unbound.service" ];
})
]);
}

View file

@ -0,0 +1,78 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.adguardhome;
args = concatStringsSep " " ([
"--no-check-update"
"--pidfile /run/AdGuardHome/AdGuardHome.pid"
"--work-dir /var/lib/AdGuardHome/"
"--config /var/lib/AdGuardHome/AdGuardHome.yaml"
"--host ${cfg.host}"
"--port ${toString cfg.port}"
] ++ cfg.extraArgs);
in
{
options.services.adguardhome = with types; {
enable = mkEnableOption "AdGuard Home network-wide ad blocker";
host = mkOption {
default = "0.0.0.0";
type = str;
description = ''
Host address to bind HTTP server to.
'';
};
port = mkOption {
default = 3000;
type = port;
description = ''
Port to serve HTTP pages on.
'';
};
openFirewall = mkOption {
default = false;
type = bool;
description = ''
Open ports in the firewall for the AdGuard Home web interface. Does not
open the port needed to access the DNS resolver.
'';
};
extraArgs = mkOption {
default = [ ];
type = listOf str;
description = ''
Extra command line parameters to be passed to the adguardhome binary.
'';
};
};
config = mkIf cfg.enable {
systemd.services.adguardhome = {
description = "AdGuard Home: Network-level blocker";
after = [ "syslog.target" "network.target" ];
wantedBy = [ "multi-user.target" ];
unitConfig = {
StartLimitIntervalSec = 5;
StartLimitBurst = 10;
};
serviceConfig = {
DynamicUser = true;
ExecStart = "${pkgs.adguardhome}/bin/adguardhome ${args}";
AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ];
Restart = "always";
RestartSec = 10;
RuntimeDirectory = "AdGuardHome";
StateDirectory = "AdGuardHome";
};
};
networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ cfg.port ];
};
}

View file

@ -29,8 +29,6 @@ let
+ concatMapStrings (mkListen "doh2") cfg.listenDoH
+ cfg.extraConfig
);
package = pkgs.knot-resolver;
in {
meta.maintainers = [ maintainers.vcunat /* upstream developer */ ];
@ -58,6 +56,15 @@ in {
and give commands interactively to kresd@1.service.
'';
};
package = mkOption {
type = types.package;
description = "
knot-resolver package to use.
";
default = pkgs.knot-resolver;
defaultText = "pkgs.knot-resolver";
example = literalExample "pkgs.knot-resolver.override { extraFeatures = true; }";
};
extraConfig = mkOption {
type = types.lines;
default = "";
@ -115,7 +122,7 @@ in {
};
users.groups.knot-resolver.gid = null;
systemd.packages = [ package ]; # the units are patched inside the package a bit
systemd.packages = [ cfg.package ]; # the units are patched inside the package a bit
systemd.targets.kresd = { # configure units started by default
wantedBy = [ "multi-user.target" ];
@ -123,8 +130,8 @@ in {
++ map (i: "kresd@${toString i}.service") (range 1 cfg.instances);
};
systemd.services."kresd@".serviceConfig = {
ExecStart = "${package}/bin/kresd --noninteractive "
+ "-c ${package}/lib/knot-resolver/distro-preconfig.lua -c ${configFile}";
ExecStart = "${cfg.package}/bin/kresd --noninteractive "
+ "-c ${cfg.package}/lib/knot-resolver/distro-preconfig.lua -c ${configFile}";
# Ensure /run/knot-resolver exists
RuntimeDirectory = "knot-resolver";
RuntimeDirectoryMode = "0770";

View file

@ -62,6 +62,22 @@ in
description = "The firewall package used by fail2ban service.";
};
extraPackages = mkOption {
default = [];
type = types.listOf types.package;
example = lib.literalExample "[ pkgs.ipset ]";
description = ''
Extra packages to be made available to the fail2ban service. The example contains
the packages needed by the `iptables-ipset-proto6` action.
'';
};
maxretry = mkOption {
default = 3;
type = types.ints.unsigned;
description = "Number of failures before a host gets banned.";
};
banaction = mkOption {
default = "iptables-multiport";
type = types.str;
@ -243,7 +259,7 @@ in
restartTriggers = [ fail2banConf jailConf pathsConf ];
reloadIfChanged = true;
path = [ cfg.package cfg.packageFirewall pkgs.iproute2 ];
path = [ cfg.package cfg.packageFirewall pkgs.iproute2 ] ++ cfg.extraPackages;
unitConfig.Documentation = "man:fail2ban(1)";
@ -291,7 +307,7 @@ in
''}
# Miscellaneous options
ignoreip = 127.0.0.1/8 ${optionalString config.networking.enableIPv6 "::1"} ${concatStringsSep " " cfg.ignoreIP}
maxretry = 3
maxretry = ${toString cfg.maxretry}
backend = systemd
# Actions
banaction = ${cfg.banaction}

View file

@ -93,6 +93,6 @@ in {
systemd.defaultUnit = "graphical.target";
};
meta.maintainers = with lib.maintainers; [ matthewbauer flokli ];
meta.maintainers = with lib.maintainers; [ matthewbauer ];
}

View file

@ -168,9 +168,10 @@ in
type = lib.types.str;
default = "keycloak";
description = ''
Username to use when connecting to an external or manually
provisioned database; has no effect when a local database is
automatically provisioned.
Username to use when connecting to the database.
This is also used for automatic provisioning of the database.
Changing this after the initial installation doesn't delete the
old user and can cause further problems.
'';
};
@ -587,8 +588,8 @@ in
PSQL=${config.services.postgresql.package}/bin/psql
db_password="$(<'${cfg.databasePasswordFile}')"
$PSQL -tAc "SELECT 1 FROM pg_roles WHERE rolname='keycloak'" | grep -q 1 || $PSQL -tAc "CREATE ROLE keycloak WITH LOGIN PASSWORD '$db_password' CREATEDB"
$PSQL -tAc "SELECT 1 FROM pg_database WHERE datname = 'keycloak'" | grep -q 1 || $PSQL -tAc 'CREATE DATABASE "keycloak" OWNER "keycloak"'
$PSQL -tAc "SELECT 1 FROM pg_roles WHERE rolname='${cfg.databaseUsername}'" | grep -q 1 || $PSQL -tAc "CREATE ROLE ${cfg.databaseUsername} WITH LOGIN PASSWORD '$db_password' CREATEDB"
$PSQL -tAc "SELECT 1 FROM pg_database WHERE datname = 'keycloak'" | grep -q 1 || $PSQL -tAc 'CREATE DATABASE "keycloak" OWNER "${cfg.databaseUsername}"'
'';
};
@ -606,9 +607,9 @@ in
set -eu
db_password="$(<'${cfg.databasePasswordFile}')"
( echo "CREATE USER IF NOT EXISTS 'keycloak'@'localhost' IDENTIFIED BY '$db_password';"
( echo "CREATE USER IF NOT EXISTS '${cfg.databaseUsername}'@'localhost' IDENTIFIED BY '$db_password';"
echo "CREATE DATABASE keycloak CHARACTER SET utf8 COLLATE utf8_unicode_ci;"
echo "GRANT ALL PRIVILEGES ON keycloak.* TO 'keycloak'@'localhost';"
echo "GRANT ALL PRIVILEGES ON keycloak.* TO '${cfg.databaseUsername}'@'localhost';"
) | ${config.services.mysql.package}/bin/mysql -N
'';
};

View file

@ -819,28 +819,38 @@ in
# Logs directory and mode
LogsDirectory = "nginx";
LogsDirectoryMode = "0750";
# Proc filesystem
ProcSubset = "pid";
ProtectProc = "invisible";
# New file permissions
UMask = "0027"; # 0640 / 0750
# Capabilities
AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" "CAP_SYS_RESOURCE" ];
CapabilityBoundingSet = [ "CAP_NET_BIND_SERVICE" "CAP_SYS_RESOURCE" ];
# Security
NoNewPrivileges = true;
# Sandboxing
# Sandboxing (sorted by occurrence in https://www.freedesktop.org/software/systemd/man/systemd.exec.html)
ProtectSystem = "strict";
ProtectHome = mkDefault true;
PrivateTmp = true;
PrivateDevices = true;
ProtectHostname = true;
ProtectClock = true;
ProtectKernelTunables = true;
ProtectKernelModules = true;
ProtectKernelLogs = true;
ProtectControlGroups = true;
RestrictAddressFamilies = [ "AF_UNIX" "AF_INET" "AF_INET6" ];
RestrictNamespaces = true;
LockPersonality = true;
MemoryDenyWriteExecute = !(builtins.any (mod: (mod.allowMemoryWriteExecute or false)) cfg.package.modules);
RestrictRealtime = true;
RestrictSUIDSGID = true;
RemoveIPC = true;
PrivateMounts = true;
# System Call Filtering
SystemCallArchitectures = "native";
SystemCallFilter = "~@chown @cpu-emulation @debug @keyring @ipc @module @mount @obsolete @privileged @raw-io @reboot @setuid @swap";
};
};

View file

@ -56,6 +56,8 @@ in {
systemd = {
packages = [ config.boot.kernelPackages.hyperv-daemons.lib ];
services.hv-vss.unitConfig.ConditionPathExists = [ "/dev/vmbus/hv_vss" ];
targets.hyperv-daemons = {
wantedBy = [ "multi-user.target" ];
};

View file

@ -35,6 +35,9 @@ let
''
#! ${pkgs.runtimeShell} -e
# Exit early if we're asked to shut down.
trap "exit 0" SIGRTMIN+3
# Initialise the container side of the veth pair.
if [ -n "$HOST_ADDRESS" ] || [ -n "$HOST_ADDRESS6" ] ||
[ -n "$LOCAL_ADDRESS" ] || [ -n "$LOCAL_ADDRESS6" ] ||
@ -60,8 +63,12 @@ let
${concatStringsSep "\n" (mapAttrsToList renderExtraVeth cfg.extraVeths)}
# Start the regular stage 1 script.
exec "$1"
# Start the regular stage 2 script.
# We source instead of exec to not lose an early stop signal, which is
# also the only _reliable_ shutdown signal we have since early stop
# does not execute ExecStop* commands.
set +e
. "$1"
''
);
@ -127,12 +134,16 @@ let
''}
# Run systemd-nspawn without startup notification (we'll
# wait for the container systemd to signal readiness).
# wait for the container systemd to signal readiness)
# Kill signal handling means systemd-nspawn will pass a system-halt signal
# to the container systemd when it receives SIGTERM for container shutdown;
# containerInit and stage2 have to handle this as well.
exec ${config.systemd.package}/bin/systemd-nspawn \
--keep-unit \
-M "$INSTANCE" -D "$root" $extraFlags \
$EXTRA_NSPAWN_FLAGS \
--notify-ready=yes \
--kill-signal=SIGRTMIN+3 \
--bind-ro=/nix/store \
--bind-ro=/nix/var/nix/db \
--bind-ro=/nix/var/nix/daemon-socket \
@ -259,13 +270,10 @@ let
Slice = "machine.slice";
Delegate = true;
# Hack: we don't want to kill systemd-nspawn, since we call
# "machinectl poweroff" in preStop to shut down the
# container cleanly. But systemd requires sending a signal
# (at least if we want remaining processes to be killed
# after the timeout). So send an ignored signal.
# We rely on systemd-nspawn turning a SIGTERM to itself into a shutdown
# signal (SIGRTMIN+3) for the inner container.
KillMode = "mixed";
KillSignal = "WINCH";
KillSignal = "TERM";
DevicePolicy = "closed";
DeviceAllow = map (d: "${d.node} ${d.modifier}") cfg.allowedDevices;
@ -747,8 +755,6 @@ in
postStart = postStartScript dummyConfig;
preStop = "machinectl poweroff $INSTANCE";
restartIfChanged = false;
serviceConfig = serviceDirectives dummyConfig;

View file

@ -224,6 +224,25 @@ in rec {
);
# Test job for https://github.com/NixOS/nixpkgs/issues/121354 to test
# automatic sizing without blocking the channel.
amazonImageAutomaticSize = forMatchingSystems [ "x86_64-linux" "aarch64-linux" ] (system:
with import ./.. { inherit system; };
hydraJob ((import lib/eval-config.nix {
inherit system;
modules =
[ configuration
versionModule
./maintainers/scripts/ec2/amazon-image.nix
({ ... }: { amazonImage.sizeMB = "auto"; })
];
}).config.system.build.amazonImage)
);
# Ensure that all packages used by the minimal NixOS config end up in the channel.
dummy = forAllSystems (system: pkgs.runCommand "dummy"
{ toplevel = (import lib/eval-config.nix {

View file

@ -47,7 +47,7 @@ in
buildkite-agents = handleTest ./buildkite-agents.nix {};
caddy = handleTest ./caddy.nix {};
cadvisor = handleTestOn ["x86_64-linux"] ./cadvisor.nix {};
cage = handleTest ./cage.nix {};
cage = handleTestOn ["x86_64-linux"] ./cage.nix {};
cagebreak = handleTest ./cagebreak.nix {};
calibre-web = handleTest ./calibre-web.nix {};
cassandra_2_1 = handleTest ./cassandra.nix { testPackage = pkgs.cassandra_2_1; };

View file

@ -3,7 +3,7 @@ import ./make-test-python.nix ({ pkgs, ...} :
{
name = "cage";
meta = with pkgs.lib.maintainers; {
maintainers = [ matthewbauer flokli ];
maintainers = [ matthewbauer ];
};
machine = { ... }:
@ -13,18 +13,10 @@ import ./make-test-python.nix ({ pkgs, ...} :
services.cage = {
enable = true;
user = "alice";
program = "${pkgs.xterm}/bin/xterm -cm -pc"; # disable color and bold to make OCR easier
# Disable color and bold and use a larger font to make OCR easier:
program = "${pkgs.xterm}/bin/xterm -cm -pc -fa Monospace -fs 24";
};
# this needs a fairly recent kernel, otherwise:
# [backend/drm/util.c:215] Unable to add DRM framebuffer: No such file or directory
# [backend/drm/legacy.c:15] Virtual-1: Failed to set CRTC: No such file or directory
# [backend/drm/util.c:215] Unable to add DRM framebuffer: No such file or directory
# [backend/drm/legacy.c:15] Virtual-1: Failed to set CRTC: No such file or directory
# [backend/drm/drm.c:618] Failed to initialize renderer on connector 'Virtual-1': initial page-flip failed
# [backend/drm/drm.c:701] Failed to initialize renderer for plane
boot.kernelPackages = pkgs.linuxPackages_latest;
virtualisation.memorySize = 1024;
};
@ -33,6 +25,11 @@ import ./make-test-python.nix ({ pkgs, ...} :
testScript = { nodes, ... }: let
user = nodes.machine.config.users.users.alice;
in ''
# Need to switch to a different VGA card / GPU driver because Cage segfaults with the default one (std):
# machine # [ 14.355893] .cage-wrapped[736]: segfault at 20 ip 00007f035fa0d8c7 sp 00007ffce9e4a2f0 error 4 in libwlroots.so.8[7f035fa07000+5a000]
# machine # [ 14.358108] Code: 4f a8 ff ff eb aa 0f 1f 44 00 00 c3 0f 1f 80 00 00 00 00 41 54 49 89 f4 55 31 ed 53 48 89 fb 48 8d 7f 18 48 8d 83 b8 00 00 00 <80> 7f 08 00 75 0d 48 83 3f 00 0f 85 91 00 00 00 48 89 fd 48 83 c7
os.environ["QEMU_OPTS"] = "-vga virtio"
with subtest("Wait for cage to boot up"):
start_all()
machine.wait_for_file("/run/user/${toString user.uid}/wayland-0.lock")

View file

@ -37,7 +37,7 @@ let
generateHost = { pkgs, cephConfig, networkConfig, ... }: {
virtualisation = {
memorySize = 512;
memorySize = 1024;
emptyDiskImages = [ 20480 ];
vlans = [ 1 ];
};
@ -120,6 +120,7 @@ let
)
monA.wait_for_unit("ceph-mon-${cfg.monA.name}")
monA.succeed("ceph mon enable-msgr2")
monA.succeed("ceph config set mon auth_allow_insecure_global_id_reclaim false")
# Can't check ceph status until a mon is up
monA.succeed("ceph -s | grep 'mon: 1 daemons'")

View file

@ -34,7 +34,7 @@ let
generateHost = { pkgs, cephConfig, networkConfig, ... }: {
virtualisation = {
memorySize = 512;
memorySize = 1024;
emptyDiskImages = [ 20480 20480 20480 ];
vlans = [ 1 ];
};
@ -95,6 +95,7 @@ let
)
monA.wait_for_unit("ceph-mon-${cfg.monA.name}")
monA.succeed("ceph mon enable-msgr2")
monA.succeed("ceph config set mon auth_allow_insecure_global_id_reclaim false")
# Can't check ceph status until a mon is up
monA.succeed("ceph -s | grep 'mon: 1 daemons'")

View file

@ -34,7 +34,7 @@ let
generateHost = { pkgs, cephConfig, networkConfig, ... }: {
virtualisation = {
memorySize = 512;
memorySize = 1024;
emptyDiskImages = [ 20480 20480 20480 ];
vlans = [ 1 ];
};
@ -95,6 +95,7 @@ let
)
monA.wait_for_unit("ceph-mon-${cfg.monA.name}")
monA.succeed("ceph mon enable-msgr2")
monA.succeed("ceph config set mon auth_allow_insecure_global_id_reclaim false")
# Can't check ceph status until a mon is up
monA.succeed("ceph -s | grep 'mon: 1 daemons'")

View file

@ -111,6 +111,26 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: {
machine.succeed(f"nixos-container stop {id1}")
machine.succeed(f"nixos-container start {id1}")
# clear serial backlog for next tests
machine.succeed("logger eat console backlog 3ea46eb2-7f82-4f70-b810-3f00e3dd4c4d")
machine.wait_for_console_text(
"eat console backlog 3ea46eb2-7f82-4f70-b810-3f00e3dd4c4d"
)
with subtest("Stop a container early"):
machine.succeed(f"nixos-container stop {id1}")
machine.succeed(f"nixos-container start {id1} &")
machine.wait_for_console_text("Stage 2")
machine.succeed(f"nixos-container stop {id1}")
machine.wait_for_console_text(f"Container {id1} exited successfully")
machine.succeed(f"nixos-container start {id1}")
with subtest("Stop a container without machined (regression test for #109695)"):
machine.systemctl("stop systemd-machined")
machine.succeed(f"nixos-container stop {id1}")
machine.wait_for_console_text(f"Container {id1} has been shut down")
machine.succeed(f"nixos-container start {id1}")
with subtest("tmpfiles are present"):
machine.log("creating container tmpfiles")
machine.succeed(

View file

@ -2,4 +2,14 @@
makeInstalledTest {
tested = pkgs.pipewire;
testConfig = {
hardware.pulseaudio.enable = false;
services.pipewire = {
enable = true;
pulse.enable = true;
jack.enable = true;
alsa.enable = true;
alsa.support32Bit = true;
};
};
}

View file

@ -1,65 +1,65 @@
{ system ? builtins.currentSystem
, config ? {}
, config ? { }
, pkgs ? import ../.. { inherit system config; }
}:
let
inherit (import ../lib/testing-python.nix { inherit system pkgs; }) makeTest;
inherit (pkgs.lib) concatStringsSep maintainers mapAttrs mkMerge
removeSuffix replaceChars singleton splitString;
removeSuffix replaceChars singleton splitString;
/*
* The attrset `exporterTests` contains one attribute
* for each exporter test. Each of these attributes
* is expected to be an attrset containing:
*
* `exporterConfig`:
* this attribute set contains config for the exporter itself
*
* `exporterTest`
* this attribute set contains test instructions
*
* `metricProvider` (optional)
* this attribute contains additional machine config
*
* `nodeName` (optional)
* override an incompatible testnode name
*
* Example:
* exporterTests.<exporterName> = {
* exporterConfig = {
* enable = true;
* };
* metricProvider = {
* services.<metricProvider>.enable = true;
* };
* exporterTest = ''
* wait_for_unit("prometheus-<exporterName>-exporter.service")
* wait_for_open_port("1234")
* succeed("curl -sSf 'localhost:1234/metrics'")
* '';
* };
*
* # this would generate the following test config:
*
* nodes.<exporterName> = {
* services.prometheus.<exporterName> = {
* enable = true;
* };
* services.<metricProvider>.enable = true;
* };
*
* testScript = ''
* <exporterName>.start()
* <exporterName>.wait_for_unit("prometheus-<exporterName>-exporter.service")
* <exporterName>.wait_for_open_port("1234")
* <exporterName>.succeed("curl -sSf 'localhost:1234/metrics'")
* <exporterName>.shutdown()
* '';
*/
/*
* The attrset `exporterTests` contains one attribute
* for each exporter test. Each of these attributes
* is expected to be an attrset containing:
*
* `exporterConfig`:
* this attribute set contains config for the exporter itself
*
* `exporterTest`
* this attribute set contains test instructions
*
* `metricProvider` (optional)
* this attribute contains additional machine config
*
* `nodeName` (optional)
* override an incompatible testnode name
*
* Example:
* exporterTests.<exporterName> = {
* exporterConfig = {
* enable = true;
* };
* metricProvider = {
* services.<metricProvider>.enable = true;
* };
* exporterTest = ''
* wait_for_unit("prometheus-<exporterName>-exporter.service")
* wait_for_open_port("1234")
* succeed("curl -sSf 'localhost:1234/metrics'")
* '';
* };
*
* # this would generate the following test config:
*
* nodes.<exporterName> = {
* services.prometheus.<exporterName> = {
* enable = true;
* };
* services.<metricProvider>.enable = true;
* };
*
* testScript = ''
* <exporterName>.start()
* <exporterName>.wait_for_unit("prometheus-<exporterName>-exporter.service")
* <exporterName>.wait_for_open_port("1234")
* <exporterName>.succeed("curl -sSf 'localhost:1234/metrics'")
* <exporterName>.shutdown()
* '';
*/
exporterTests = {
apcupsd = {
apcupsd = {
exporterConfig = {
enable = true;
};
@ -192,20 +192,21 @@ let
"plugin":"testplugin",
"time":DATE
}]
''; in ''
wait_for_unit("prometheus-collectd-exporter.service")
wait_for_open_port(9103)
succeed(
'echo \'${postData}\'> /tmp/data.json'
)
succeed('sed -ie "s DATE $(date +%s) " /tmp/data.json')
succeed(
"curl -sSfH 'Content-Type: application/json' -X POST --data @/tmp/data.json localhost:9103/collectd"
)
succeed(
"curl -sSf localhost:9103/metrics | grep -q 'collectd_testplugin_gauge{instance=\"testhost\"} 23'"
)
'';
''; in
''
wait_for_unit("prometheus-collectd-exporter.service")
wait_for_open_port(9103)
succeed(
'echo \'${postData}\'> /tmp/data.json'
)
succeed('sed -ie "s DATE $(date +%s) " /tmp/data.json')
succeed(
"curl -sSfH 'Content-Type: application/json' -X POST --data @/tmp/data.json localhost:9103/collectd"
)
succeed(
"curl -sSf localhost:9103/metrics | grep -q 'collectd_testplugin_gauge{instance=\"testhost\"} 23'"
)
'';
};
dnsmasq = {
@ -258,7 +259,8 @@ let
'';
};
fritzbox = { # TODO add proper test case
fritzbox = {
# TODO add proper test case
exporterConfig = {
enable = true;
};
@ -377,19 +379,19 @@ let
'';
systemd.services.lnd = {
serviceConfig.ExecStart = ''
${pkgs.lnd}/bin/lnd \
--datadir=/var/lib/lnd \
--tlscertpath=/var/lib/lnd/tls.cert \
--tlskeypath=/var/lib/lnd/tls.key \
--logdir=/var/log/lnd \
--bitcoin.active \
--bitcoin.mainnet \
--bitcoin.node=bitcoind \
--bitcoind.rpcuser=bitcoinrpc \
--bitcoind.rpcpass=hunter2 \
--bitcoind.zmqpubrawblock=tcp://127.0.0.1:28332 \
--bitcoind.zmqpubrawtx=tcp://127.0.0.1:28333 \
--readonlymacaroonpath=/var/lib/lnd/readonly.macaroon
${pkgs.lnd}/bin/lnd \
--datadir=/var/lib/lnd \
--tlscertpath=/var/lib/lnd/tls.cert \
--tlskeypath=/var/lib/lnd/tls.key \
--logdir=/var/log/lnd \
--bitcoin.active \
--bitcoin.mainnet \
--bitcoin.node=bitcoind \
--bitcoind.rpcuser=bitcoinrpc \
--bitcoind.rpcpass=hunter2 \
--bitcoind.zmqpubrawblock=tcp://127.0.0.1:28332 \
--bitcoind.zmqpubrawtx=tcp://127.0.0.1:28333 \
--readonlymacaroonpath=/var/lib/lnd/readonly.macaroon
'';
serviceConfig.StateDirectory = "lnd";
wantedBy = [ "multi-user.target" ];
@ -411,14 +413,14 @@ let
configuration = {
monitoringInterval = "2s";
mailCheckTimeout = "10s";
servers = [ {
servers = [{
name = "testserver";
server = "localhost";
port = 25;
from = "mail-exporter@localhost";
to = "mail-exporter@localhost";
detectionDir = "/var/spool/mail/mail-exporter/new";
} ];
}];
};
};
metricProvider = {
@ -520,15 +522,17 @@ let
url = "http://localhost";
};
metricProvider = {
systemd.services.nc-pwfile = let
passfile = (pkgs.writeText "pwfile" "snakeoilpw");
in {
requiredBy = [ "prometheus-nextcloud-exporter.service" ];
before = [ "prometheus-nextcloud-exporter.service" ];
serviceConfig.ExecStart = ''
${pkgs.coreutils}/bin/install -o nextcloud-exporter -m 0400 ${passfile} /var/nextcloud-pwfile
'';
};
systemd.services.nc-pwfile =
let
passfile = (pkgs.writeText "pwfile" "snakeoilpw");
in
{
requiredBy = [ "prometheus-nextcloud-exporter.service" ];
before = [ "prometheus-nextcloud-exporter.service" ];
serviceConfig.ExecStart = ''
${pkgs.coreutils}/bin/install -o nextcloud-exporter -m 0400 ${passfile} /var/nextcloud-pwfile
'';
};
services.nginx = {
enable = true;
virtualHosts."localhost" = {
@ -585,7 +589,7 @@ let
syslog = {
listen_address = "udp://127.0.0.1:10000";
format = "rfc3164";
tags = ["nginx"];
tags = [ "nginx" ];
};
};
}
@ -705,10 +709,10 @@ let
exporterConfig = {
enable = true;
group = "openvpn";
statusPaths = ["/run/openvpn-test"];
statusPaths = [ "/run/openvpn-test" ];
};
metricProvider = {
users.groups.openvpn = {};
users.groups.openvpn = { };
services.openvpn.servers.test = {
config = ''
dev tun
@ -828,19 +832,21 @@ let
};
metricProvider = {
# Mock rtl_433 binary to return a dummy metric stream.
nixpkgs.overlays = [ (self: super: {
rtl_433 = self.runCommand "rtl_433" {} ''
mkdir -p "$out/bin"
cat <<EOF > "$out/bin/rtl_433"
#!/bin/sh
while true; do
printf '{"time" : "2020-04-26 13:37:42", "model" : "zopieux", "id" : 55, "channel" : 3, "temperature_C" : 18.000}\n'
sleep 4
done
EOF
chmod +x "$out/bin/rtl_433"
'';
}) ];
nixpkgs.overlays = [
(self: super: {
rtl_433 = self.runCommand "rtl_433" { } ''
mkdir -p "$out/bin"
cat <<EOF > "$out/bin/rtl_433"
#!/bin/sh
while true; do
printf '{"time" : "2020-04-26 13:37:42", "model" : "zopieux", "id" : 55, "channel" : 3, "temperature_C" : 18.000}\n'
sleep 4
done
EOF
chmod +x "$out/bin/rtl_433"
'';
})
];
};
exporterTest = ''
wait_for_unit("prometheus-rtl_433-exporter.service")
@ -856,7 +862,7 @@ let
smokeping = {
exporterConfig = {
enable = true;
hosts = ["127.0.0.1"];
hosts = [ "127.0.0.1" ];
};
exporterTest = ''
wait_for_unit("prometheus-smokeping-exporter.service")
@ -994,7 +1000,7 @@ let
unifi-poller = {
nodeName = "unifi_poller";
exporterConfig.enable = true;
exporterConfig.controllers = [ { } ];
exporterConfig.controllers = [{ }];
exporterTest = ''
wait_for_unit("prometheus-unifi-poller-exporter.service")
wait_for_open_port(9130)
@ -1004,6 +1010,29 @@ let
'';
};
unbound = {
exporterConfig = {
enable = true;
fetchType = "uds";
controlInterface = "/run/unbound/unbound.ctl";
};
metricProvider = {
services.unbound = {
enable = true;
localControlSocketPath = "/run/unbound/unbound.ctl";
};
systemd.services.prometheus-unbound-exporter.serviceConfig = {
SupplementaryGroups = [ "unbound" ];
};
};
exporterTest = ''
wait_for_unit("unbound.service")
wait_for_unit("prometheus-unbound-exporter.service")
wait_for_open_port(9167)
succeed("curl -sSf localhost:9167/metrics | grep -q 'unbound_up 1'")
'';
};
varnish = {
exporterConfig = {
enable = true;
@ -1033,54 +1062,60 @@ let
'';
};
wireguard = let snakeoil = import ./wireguard/snakeoil-keys.nix; in {
exporterConfig.enable = true;
metricProvider = {
networking.wireguard.interfaces.wg0 = {
ips = [ "10.23.42.1/32" "fc00::1/128" ];
listenPort = 23542;
wireguard = let snakeoil = import ./wireguard/snakeoil-keys.nix; in
{
exporterConfig.enable = true;
metricProvider = {
networking.wireguard.interfaces.wg0 = {
ips = [ "10.23.42.1/32" "fc00::1/128" ];
listenPort = 23542;
inherit (snakeoil.peer0) privateKey;
inherit (snakeoil.peer0) privateKey;
peers = singleton {
allowedIPs = [ "10.23.42.2/32" "fc00::2/128" ];
peers = singleton {
allowedIPs = [ "10.23.42.2/32" "fc00::2/128" ];
inherit (snakeoil.peer1) publicKey;
inherit (snakeoil.peer1) publicKey;
};
};
systemd.services.prometheus-wireguard-exporter.after = [ "wireguard-wg0.service" ];
};
systemd.services.prometheus-wireguard-exporter.after = [ "wireguard-wg0.service" ];
exporterTest = ''
wait_for_unit("prometheus-wireguard-exporter.service")
wait_for_open_port(9586)
wait_until_succeeds(
"curl -sSf http://localhost:9586/metrics | grep '${snakeoil.peer1.publicKey}'"
)
'';
};
exporterTest = ''
wait_for_unit("prometheus-wireguard-exporter.service")
wait_for_open_port(9586)
wait_until_succeeds(
"curl -sSf http://localhost:9586/metrics | grep '${snakeoil.peer1.publicKey}'"
)
'';
};
};
in
mapAttrs (exporter: testConfig: (makeTest (let
nodeName = testConfig.nodeName or exporter;
mapAttrs
(exporter: testConfig: (makeTest (
let
nodeName = testConfig.nodeName or exporter;
in {
name = "prometheus-${exporter}-exporter";
in
{
name = "prometheus-${exporter}-exporter";
nodes.${nodeName} = mkMerge [{
services.prometheus.exporters.${exporter} = testConfig.exporterConfig;
} testConfig.metricProvider or {}];
nodes.${nodeName} = mkMerge [{
services.prometheus.exporters.${exporter} = testConfig.exporterConfig;
} testConfig.metricProvider or { }];
testScript = ''
${nodeName}.start()
${concatStringsSep "\n" (map (line:
if (builtins.substring 0 1 line == " " || builtins.substring 0 1 line == ")")
then line
else "${nodeName}.${line}"
) (splitString "\n" (removeSuffix "\n" testConfig.exporterTest)))}
${nodeName}.shutdown()
'';
testScript = ''
${nodeName}.start()
${concatStringsSep "\n" (map (line:
if (builtins.substring 0 1 line == " " || builtins.substring 0 1 line == ")")
then line
else "${nodeName}.${line}"
) (splitString "\n" (removeSuffix "\n" testConfig.exporterTest)))}
${nodeName}.shutdown()
'';
meta = with maintainers; {
maintainers = [ willibutz elseym ];
};
}))) exporterTests
meta = with maintainers; {
maintainers = [ willibutz elseym ];
};
}
)))
exporterTests

View file

@ -1,4 +1,4 @@
import ./make-test-python.nix ({ pkgs, ... }:
import ./make-test-python.nix ({ pkgs, lib, ... }:
{
machine = { pkgs, ... }:
@ -6,6 +6,8 @@ import ./make-test-python.nix ({ pkgs, ... }:
services.zigbee2mqtt = {
enable = true;
};
systemd.services.zigbee2mqtt.serviceConfig.DevicePolicy = lib.mkForce "auto";
};
testScript = ''
@ -14,6 +16,8 @@ import ./make-test-python.nix ({ pkgs, ... }:
machine.succeed(
"journalctl -eu zigbee2mqtt | grep \"Error: Error while opening serialport 'Error: Error: No such file or directory, cannot open /dev/ttyACM0'\""
)
machine.log(machine.succeed("systemd-analyze security zigbee2mqtt.service"))
'';
}
)

View file

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "BSlizr";
version = "1.2.12";
version = "1.2.14";
src = fetchFromGitHub {
owner = "sjaehn";
repo = pname;
rev = version;
sha256 = "sha256-vPkcgG+pAfjsPRMyxdMRUxWGch+RG+pdaAcekP5pKEA=";
sha256 = "sha256-dut3I68tJWQH+X6acKROqb5HywufeBQ4/HkXFKsA3hY=";
};
nativeBuildInputs = [ pkg-config ];

View file

@ -1,22 +1,42 @@
{ mkDerivation, lib, fetchFromGitHub, cmake, pkg-config
, qtbase, qtsvg, qttools, perl
{ mkDerivation
, lib
, fetchFromGitHub
, cmake
, pkg-config
, qtbase
, qtsvg
, qttools
, perl
# Cantata doesn't build with cdparanoia enabled so we disable that
# default for now until I (or someone else) figure it out.
, withCdda ? false, cdparanoia
, withCddb ? false, libcddb
, withLame ? false, lame
, withMusicbrainz ? false, libmusicbrainz5
# Cantata doesn't build with cdparanoia enabled so we disable that
# default for now until I (or someone else) figure it out.
, withCdda ? false
, cdparanoia
, withCddb ? false
, libcddb
, withLame ? false
, lame
, withMusicbrainz ? false
, libmusicbrainz5
, withTaglib ? true, taglib, taglib_extras
, withHttpStream ? true, qtmultimedia
, withReplaygain ? true, ffmpeg_3, speex, mpg123
, withMtp ? true, libmtp
, withTaglib ? true
, taglib
, taglib_extras
, withHttpStream ? true
, qtmultimedia
, withReplaygain ? true
, ffmpeg
, speex
, mpg123
, withMtp ? true
, libmtp
, withOnlineServices ? true
, withDevices ? true, udisks2
, withDevices ? true
, udisks2
, withDynamic ? true
, withHttpServer ? true
, withLibVlc ? false, libvlc
, withLibVlc ? false
, libvlc
, withStreams ? true
}:
@ -31,22 +51,25 @@ assert withReplaygain -> withTaglib;
assert withLibVlc -> withHttpStream;
let
version = "2.4.2";
pname = "cantata";
fstat = x: fn: "-DENABLE_" + fn + "=" + (if x then "ON" else "OFF");
fstats = x: map (fstat x);
fstat = x: fn:
"-DENABLE_${fn}=${if x then "ON" else "OFF"}";
fstats = x:
map (fstat x);
withUdisks = (withTaglib && withDevices);
perl' = perl.withPackages (ppkgs: [ ppkgs.URI ]);
perl' = perl.withPackages (ppkgs: with ppkgs; [ URI ]);
in mkDerivation {
name = "${pname}-${version}";
in
mkDerivation rec {
pname = "cantata";
version = "2.4.2";
src = fetchFromGitHub {
owner = "CDrummond";
repo = "cantata";
rev = "v${version}";
owner = "CDrummond";
repo = "cantata";
rev = "v${version}";
sha256 = "15qfx9bpfdplxxs08inwf2j8kvf7g5cln5sv1wj1l2l41vbf1mjr";
};
@ -63,44 +86,44 @@ in mkDerivation {
buildInputs = [ qtbase qtsvg perl' ]
++ lib.optionals withTaglib [ taglib taglib_extras ]
++ lib.optionals withReplaygain [ ffmpeg_3 speex mpg123 ]
++ lib.optional withHttpStream qtmultimedia
++ lib.optional withCdda cdparanoia
++ lib.optional withCddb libcddb
++ lib.optional withLame lame
++ lib.optional withMtp libmtp
++ lib.optional withMusicbrainz libmusicbrainz5
++ lib.optional withUdisks udisks2
++ lib.optional withLibVlc libvlc;
++ lib.optionals withReplaygain [ ffmpeg speex mpg123 ]
++ lib.optional withHttpStream qtmultimedia
++ lib.optional withCdda cdparanoia
++ lib.optional withCddb libcddb
++ lib.optional withLame lame
++ lib.optional withMtp libmtp
++ lib.optional withMusicbrainz libmusicbrainz5
++ lib.optional withUdisks udisks2
++ lib.optional withLibVlc libvlc;
nativeBuildInputs = [ cmake pkg-config qttools ];
cmakeFlags = lib.flatten [
(fstats withTaglib [ "TAGLIB" "TAGLIB_EXTRAS" ])
(fstats withReplaygain [ "FFMPEG" "MPG123" "SPEEXDSP" ])
(fstat withHttpStream "HTTP_STREAM_PLAYBACK")
(fstat withCdda "CDPARANOIA")
(fstat withCddb "CDDB")
(fstat withLame "LAME")
(fstat withMtp "MTP")
(fstat withMusicbrainz "MUSICBRAINZ")
(fstats withTaglib [ "TAGLIB" "TAGLIB_EXTRAS" ])
(fstats withReplaygain [ "FFMPEG" "MPG123" "SPEEXDSP" ])
(fstat withHttpStream "HTTP_STREAM_PLAYBACK")
(fstat withCdda "CDPARANOIA")
(fstat withCddb "CDDB")
(fstat withLame "LAME")
(fstat withMtp "MTP")
(fstat withMusicbrainz "MUSICBRAINZ")
(fstat withOnlineServices "ONLINE_SERVICES")
(fstat withDynamic "DYNAMIC")
(fstat withDevices "DEVICES_SUPPORT")
(fstat withHttpServer "HTTP_SERVER")
(fstat withLibVlc "LIBVLC")
(fstat withStreams "STREAMS")
(fstat withUdisks "UDISKS2")
(fstat withDynamic "DYNAMIC")
(fstat withDevices "DEVICES_SUPPORT")
(fstat withHttpServer "HTTP_SERVER")
(fstat withLibVlc "LIBVLC")
(fstat withStreams "STREAMS")
(fstat withUdisks "UDISKS2")
"-DENABLE_HTTPS_SUPPORT=ON"
];
meta = with lib; {
homepage = "https://github.com/cdrummond/cantata";
description = "A graphical client for MPD";
license = licenses.gpl3;
homepage = "https://github.com/cdrummond/cantata";
license = licenses.gpl3Only;
maintainers = with maintainers; [ peterhoeg ];
# Technically Cantata can run on Windows so if someone wants to
# Technically, Cantata should run on Darwin/Windows so if someone wants to
# bother figuring that one out, be my guest.
platforms = platforms.linux;
platforms = platforms.linux;
};
}

View file

@ -1,4 +1,4 @@
{ lib, stdenv, fetchFromGitHub, alsaLib, file, fluidsynth, ffmpeg_3, jack2,
{ lib, stdenv, fetchFromGitHub, alsaLib, file, fluidsynth, jack2,
liblo, libpulseaudio, libsndfile, pkg-config, python3Packages,
which, withFrontend ? true,
withQt ? true, qtbase ? null, wrapQtAppsHook ? null,
@ -33,7 +33,7 @@ stdenv.mkDerivation rec {
] ++ optional withFrontend pyqt5;
buildInputs = [
file liblo alsaLib fluidsynth ffmpeg_3 jack2 libpulseaudio libsndfile
file liblo alsaLib fluidsynth jack2 libpulseaudio libsndfile
] ++ optional withQt qtbase
++ optional withGtk2 gtk2
++ optional withGtk3 gtk3;

View file

@ -6,7 +6,7 @@
, cmake
, docbook_xml_dtd_45
, docbook_xsl
, ffmpeg_3
, ffmpeg
, flac
, id3lib
, libogg
@ -31,21 +31,22 @@ stdenv.mkDerivation rec {
version = "3.8.6";
src = fetchurl {
url = "mirror://sourceforge/project/kid3/kid3/${version}/${pname}-${version}.tar.gz";
sha256 = "sha256-ce+MWCJzAnN+u+07f0dvn0jnbqiUlS2RbcM9nAj5bgg=";
url = "https://download.kde.org/stable/${pname}/${version}/${pname}-${version}.tar.xz";
hash = "sha256-R4gAWlCw8RezhYbw1XDo+wdp797IbLoM3wqHwr+ul6k=";
};
nativeBuildInputs = [
cmake
docbook_xml_dtd_45
docbook_xsl
pkg-config
python3
wrapQtAppsHook
];
buildInputs = [
automoc4
chromaprint
docbook_xml_dtd_45
docbook_xsl
ffmpeg_3
ffmpeg
flac
id3lib
libogg
@ -53,7 +54,6 @@ stdenv.mkDerivation rec {
libxslt
mp4v2
phonon
python3
qtbase
qtmultimedia
qtquickcontrols
@ -71,6 +71,7 @@ stdenv.mkDerivation rec {
'';
meta = with lib; {
homepage = "https://kid3.kde.org/";
description = "A simple and powerful audio tag editor";
longDescription = ''
If you want to easily tag multiple MP3, Ogg/Vorbis, FLAC, MPC, MP4/AAC,
@ -101,7 +102,6 @@ stdenv.mkDerivation rec {
- Edit synchronized lyrics and event timing codes, import and export
LRC files.
'';
homepage = "http://kid3.sourceforge.net/";
license = licenses.lgpl2Plus;
maintainers = [ maintainers.AndersonTorres ];
platforms = platforms.linux;

View file

@ -28,6 +28,7 @@ stdenv.mkDerivation rec {
sha256 = "sha256-+qv2FXyMsbJKBZryduFi+p+aO5zTgQxDuRKIYMk4Ohs=";
};
enableParallelBuilding = true;
configureFlags = [ "BOOST_LIB_SUFFIX=" ]
++ optional outputsSupport "--enable-outputs"
++ optional visualizerSupport "--enable-visualizer --with-fftw"

View file

@ -11,17 +11,17 @@
stdenv.mkDerivation rec {
pname = "ocenaudio";
version = "3.10.2";
version = "3.10.6";
src = fetchurl {
url = "https://www.ocenaudio.com/downloads/index.php/ocenaudio_debian9_64.deb?version=${version}";
sha256 = "sha256-mmo6/zc/3R8ptXfY01RKUOLgmDhWTHiYBMlGqpdMTAo=";
sha256 = "0fgvm1xw2kgrqj3w6slpfxbb3pw9k8i0dz16q9d5d8gyyvr2mh8g";
};
nativeBuildInputs = [
autoPatchelfHook
qt5.qtbase
qt5.wrapQtAppsHook
libjack2
libpulseaudio
bzip2
@ -33,7 +33,6 @@ stdenv.mkDerivation rec {
dontUnpack = true;
dontBuild = true;
dontStrip = true;
dontWrapQtApps = true;
installPhase = ''
mkdir -p $out

View file

@ -1,23 +1,27 @@
{ lib, stdenv, fetchurl, pkg-config, openssl, libogg, libopus }:
stdenv.mkDerivation rec {
name = "opusfile-0.12";
pname = "opusfile";
version = "0.12";
src = fetchurl {
url = "http://downloads.xiph.org/releases/opus/${name}.tar.gz";
url = "http://downloads.xiph.org/releases/opus/opusfile-${version}.tar.gz";
sha256 = "02smwc5ah8nb3a67mnkjzqmrzk43j356hgj2a97s9midq40qd38i";
};
nativeBuildInputs = [ pkg-config ];
buildInputs = [ openssl libogg ];
propagatedBuildInputs = [ libopus ];
patches = [ ./include-multistream.patch ];
patches = [ ./include-multistream.patch ]
# fixes problem with openssl 1.1 dependency
# see https://github.com/xiph/opusfile/issues/13
++ lib.optionals stdenv.hostPlatform.isWindows [ ./disable-cert-store.patch ];
configureFlags = [ "--disable-examples" ];
meta = with lib; {
description = "High-level API for decoding and seeking in .opus files";
homepage = "https://www.opus-codec.org/";
license = licenses.bsd3;
platforms = platforms.linux ++ platforms.darwin;
maintainers = with maintainers; [ ];
platforms = platforms.all;
maintainers = with maintainers; [ taeer ];
};
}

View file

@ -0,0 +1,35 @@
diff --git a/src/http.c b/src/http.c
index bd08562..3a3592c 100644
--- a/src/http.c
+++ b/src/http.c
@@ -327,10 +327,12 @@ static int op_poll_win32(struct pollfd *_fds,nfds_t _nfds,int _timeout){
typedef ptrdiff_t ssize_t;
# endif
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
/*Load certificates from the built-in certificate store.*/
int SSL_CTX_set_default_verify_paths_win32(SSL_CTX *_ssl_ctx);
# define SSL_CTX_set_default_verify_paths \
SSL_CTX_set_default_verify_paths_win32
+#endif
# else
/*Normal Berkeley sockets.*/
diff --git a/src/wincerts.c b/src/wincerts.c
index 409a4e0..c355952 100644
--- a/src/wincerts.c
+++ b/src/wincerts.c
@@ -33,6 +33,8 @@
# include <openssl/err.h>
# include <openssl/x509.h>
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+
static int op_capi_new(X509_LOOKUP *_lu){
HCERTSTORE h_store;
h_store=CertOpenStore(CERT_STORE_PROV_SYSTEM_A,0,0,
@@ -171,3 +173,4 @@ int SSL_CTX_set_default_verify_paths_win32(SSL_CTX *_ssl_ctx){
}
#endif
+#endif

View file

@ -1,7 +1,7 @@
{ lib, stdenv, fetchurl, python3, wrapGAppsHook, gettext, libsoup, gnome3, gtk3, gdk-pixbuf, librsvg,
tag ? "", xvfb_run, dbus, glibcLocales, glib, glib-networking, gobject-introspection, hicolor-icon-theme,
gst_all_1, withGstPlugins ? true,
xineBackend ? false, xineLib,
xineBackend ? false, xine-lib,
withDbusPython ? false, withPyInotify ? false, withMusicBrainzNgs ? false, withPahoMqtt ? false,
webkitgtk ? null,
keybinder3 ? null, gtksourceview ? null, libmodplug ? null, kakasi ? null, libappindicator-gtk3 ? null }:
@ -23,7 +23,7 @@ python3.pkgs.buildPythonApplication rec {
checkInputs = [ gdk-pixbuf hicolor-icon-theme ] ++ (with python3.pkgs; [ pytest pytest_xdist polib xvfb_run dbus.daemon glibcLocales ]);
buildInputs = [ gnome3.adwaita-icon-theme libsoup glib glib-networking gtk3 webkitgtk gdk-pixbuf keybinder3 gtksourceview libmodplug libappindicator-gtk3 kakasi gobject-introspection ]
++ (if xineBackend then [ xineLib ] else with gst_all_1;
++ (if xineBackend then [ xine-lib ] else with gst_all_1;
[ gstreamer gst-plugins-base ] ++ optionals withGstPlugins [ gst-plugins-good gst-plugins-ugly gst-plugins-bad ]);
propagatedBuildInputs = with python3.pkgs; [ pygobject3 pycairo mutagen gst-python feedparser ]

View file

@ -0,0 +1,43 @@
{ stdenv, lib, config, fetchFromGitHub, cmake, pkg-config
, alsaSupport ? stdenv.isLinux, alsaLib
, pulseSupport ? config.pulseaudio or stdenv.isLinux, libpulseaudio
}:
stdenv.mkDerivation rec {
pname = "scream";
version = "3.6";
src = fetchFromGitHub {
owner = "duncanthrax";
repo = pname;
rev = version;
sha256 = "01k2zhfb781gfj3apmcjqbm5m05m6pvnh7fb5k81zwvqibai000v";
};
buildInputs = lib.optional pulseSupport libpulseaudio
++ lib.optional alsaSupport alsaLib;
nativeBuildInputs = [ cmake pkg-config ];
cmakeFlags = [
"-DPULSEAUDIO_ENABLE=${if pulseSupport then "ON" else "OFF"}"
"-DALSA_ENABLE=${if alsaSupport then "ON" else "OFF"}"
];
cmakeDir = "../Receivers/unix";
doInstallCheck = true;
installCheckPhase = ''
set +o pipefail
# Programs exit with code 1 when testing help, so grep for a string
$out/bin/scream -h 2>&1 | grep -q Usage:
'';
meta = with lib; {
description = "Audio receiver for the Scream virtual network sound card";
homepage = "https://github.com/duncanthrax/scream";
license = licenses.mspl;
platforms = platforms.linux;
maintainers = with maintainers; [ arcnmx ];
};
}

View file

@ -1,4 +1,5 @@
{ lib
, stdenv
, fetchurl
, appimageTools
, tor
@ -7,12 +8,20 @@
let
pname = "trezor-suite";
version = "21.2.2";
version = "21.4.1";
name = "${pname}-${version}";
suffix = {
aarch64-linux = "linux-arm64";
x86_64-linux = "linux-x86_64";
}.${stdenv.hostPlatform.system} or (throw "Unsupported system: ${stdenv.hostPlatform.system}");
src = fetchurl {
url = "https://github.com/trezor/${pname}/releases/download/v${version}/Trezor-Suite-${version}-linux-x86_64.AppImage";
sha256 = "0dj3azx9jvxchrpm02w6nkcis6wlnc6df04z7xc6f66fwn6r3kkw";
url = "https://github.com/trezor/${pname}/releases/download/v${version}/Trezor-Suite-${version}-${suffix}.AppImage";
sha256 = {
aarch64-linux = "51ea8a5210f008d13a729ac42085563b5e8b971b17ed766f84d69d76dcb2db0c";
x86_64-linux = "9219168a504356152b3b807e1e7282e21952461d277596c6b82ddfe81ac2419c";
}.${stdenv.hostPlatform.system} or (throw "Unsupported system: ${stdenv.hostPlatform.system}");
};
appimageContents = appimageTools.extractType2 {
@ -49,6 +58,6 @@ appimageTools.wrapType2 rec {
homepage = "https://suite.trezor.io";
license = licenses.unfree;
maintainers = with maintainers; [ prusnak ];
platforms = [ "x86_64-linux" ];
platforms = [ "aarch64-linux" "x86_64-linux" ];
};
}

View file

@ -242,12 +242,12 @@ in
clion = buildClion rec {
name = "clion-${version}";
version = "2021.1"; /* updated by script */
version = "2021.1.1"; /* updated by script */
description = "C/C++ IDE. New. Intelligent. Cross-platform";
license = lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/cpp/CLion-${version}.tar.gz";
sha256 = "1qq2k14pf2qy93y1xchlv08vvx99zcml8bdcx3h6jnjz6d7gz0px"; /* updated by script */
sha256 = "0xzlkf3gq6fcb0q9mcj8k39880l8h21pb1lz0xl2dqj8cfwpws9h"; /* updated by script */
};
wmClass = "jetbrains-clion";
update-channel = "CLion RELEASE"; # channel's id as in http://www.jetbrains.com/updates/updates.xml
@ -255,12 +255,12 @@ in
datagrip = buildDataGrip rec {
name = "datagrip-${version}";
version = "2021.1"; /* updated by script */
version = "2021.1.1"; /* updated by script */
description = "Your Swiss Army Knife for Databases and SQL";
license = lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/datagrip/${name}.tar.gz";
sha256 = "11am11lkrhgfianr1apkkl4mn8gcsf6p1vz47y7lz4rfm05ac4gj"; /* updated by script */
sha256 = "0smg0qbk3mnm2543w0nlvnyvbwmprf0p3z2spwrmcmfagv50crrx"; /* updated by script */
};
wmClass = "jetbrains-datagrip";
update-channel = "DataGrip RELEASE";
@ -268,12 +268,12 @@ in
goland = buildGoland rec {
name = "goland-${version}";
version = "2021.1"; /* updated by script */
version = "2021.1.1"; /* updated by script */
description = "Up and Coming Go IDE";
license = lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/go/${name}.tar.gz";
sha256 = "1hxid7k5b26hiwwdxbvhi1fzhlrvm1xsd5gb0vj0g5zw658y2lzz"; /* updated by script */
sha256 = "02fyrq4px9w34amincgjgm6maxpxn445j5h4nfbskx7z428ynx25"; /* updated by script */
};
wmClass = "jetbrains-goland";
update-channel = "GoLand RELEASE";
@ -281,12 +281,12 @@ in
idea-community = buildIdea rec {
name = "idea-community-${version}";
version = "2021.1"; /* updated by script */
version = "2021.1.1"; /* updated by script */
description = "Integrated Development Environment (IDE) by Jetbrains, community edition";
license = lib.licenses.asl20;
src = fetchurl {
url = "https://download.jetbrains.com/idea/ideaIC-${version}.tar.gz";
sha256 = "1d7m39rzdgh2fyx50rpifqfsdmvfpi04hjp52pl76m35gyb5hsvs"; /* updated by script */
sha256 = "1say19p7kgx4b2ccs9bv61phllzhl8gmrd1fp1a5cnagya7vl1c5"; /* updated by script */
};
wmClass = "jetbrains-idea-ce";
update-channel = "IntelliJ IDEA RELEASE";
@ -294,12 +294,12 @@ in
idea-ultimate = buildIdea rec {
name = "idea-ultimate-${version}";
version = "2021.1"; /* updated by script */
version = "2021.1.1"; /* updated by script */
description = "Integrated Development Environment (IDE) by Jetbrains, requires paid license";
license = lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/idea/ideaIU-${version}-no-jbr.tar.gz";
sha256 = "062kaph42xs5hc01sbmry4cm7nkyjks43qr5m7pbj5a2bgd7zzgx"; /* updated by script */
sha256 = "19zi4njz79z8gi458kz1m0sia79y3rhbayix4rmh93mwfc0npkii"; /* updated by script */
};
wmClass = "jetbrains-idea";
update-channel = "IntelliJ IDEA RELEASE";
@ -320,12 +320,12 @@ in
phpstorm = buildPhpStorm rec {
name = "phpstorm-${version}";
version = "2021.1"; /* updated by script */
version = "2021.1.2"; /* updated by script */
description = "Professional IDE for Web and PHP developers";
license = lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/webide/PhpStorm-${version}.tar.gz";
sha256 = "052m7mqa1s548my0gda9y2mysi2ijq27c9b3bskrwqsf1pm5ry63"; /* updated by script */
sha256 = "02s75fqd9hfh302zha4jw6qynpgm9nkrlq7s78nk3fc3d3hw8v5y"; /* updated by script */
};
wmClass = "jetbrains-phpstorm";
update-channel = "PhpStorm RELEASE";
@ -333,12 +333,12 @@ in
pycharm-community = buildPycharm rec {
name = "pycharm-community-${version}";
version = "2021.1"; /* updated by script */
version = "2021.1.1"; /* updated by script */
description = "PyCharm Community Edition";
license = lib.licenses.asl20;
src = fetchurl {
url = "https://download.jetbrains.com/python/${name}.tar.gz";
sha256 = "1iiglh7s2zm37kj6hzlzxb1jnzh2p0j1f2zzhg3nqyrrakfbyq3h"; /* updated by script */
sha256 = "04bs9sz872b0h1zzax23irvj6q5wxnzp6fl4f177j94kh4116cqh"; /* updated by script */
};
wmClass = "jetbrains-pycharm-ce";
update-channel = "PyCharm RELEASE";
@ -346,12 +346,12 @@ in
pycharm-professional = buildPycharm rec {
name = "pycharm-professional-${version}";
version = "2021.1"; /* updated by script */
version = "2021.1.1"; /* updated by script */
description = "PyCharm Professional Edition";
license = lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/python/${name}.tar.gz";
sha256 = "1n3b4mdygzal7w88gwka5wh5jp09bh2zmm4n5rz9s7hr2srz71mz"; /* updated by script */
sha256 = "0wc9j7nilakmm7scf7a71zb3k9vixgih05ni3n3pp4iznvwb3nxg"; /* updated by script */
};
wmClass = "jetbrains-pycharm";
update-channel = "PyCharm RELEASE";
@ -359,12 +359,12 @@ in
rider = buildRider rec {
name = "rider-${version}";
version = "2021.1.1"; /* updated by script */
version = "2021.1.2"; /* updated by script */
description = "A cross-platform .NET IDE based on the IntelliJ platform and ReSharper";
license = lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/rider/JetBrains.Rider-${version}.tar.gz";
sha256 = "00kdbsjw9hmq7x94pjscslv0b412g8l0jbvyi7jiyay8xc6wiaaj"; /* updated by script */
sha256 = "1a28pi18j0cb2wxhw1vnfg9gqsgf2kyfg0hl4xgqp50gzv7i3aam"; /* updated by script */
};
wmClass = "jetbrains-rider";
update-channel = "Rider RELEASE";
@ -372,12 +372,12 @@ in
ruby-mine = buildRubyMine rec {
name = "ruby-mine-${version}";
version = "2021.1"; /* updated by script */
version = "2021.1.1"; /* updated by script */
description = "The Most Intelligent Ruby and Rails IDE";
license = lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/ruby/RubyMine-${version}.tar.gz";
sha256 = "12mkb51x1w5wbx436pfnfzcad10qd53y43n0p4l2zg9yx985gm7v"; /* updated by script */
sha256 = "05sfjf5523idsl7byc7400r4xqv1d65gpmkh5x0lbgf1k3bx2wlm"; /* updated by script */
};
wmClass = "jetbrains-rubymine";
update-channel = "RubyMine RELEASE";
@ -385,12 +385,12 @@ in
webstorm = buildWebStorm rec {
name = "webstorm-${version}";
version = "2021.1"; /* updated by script */
version = "2021.1.1"; /* updated by script */
description = "Professional IDE for Web and JavaScript development";
license = lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/webstorm/WebStorm-${version}.tar.gz";
sha256 = "15i521qj2b0y1viqr0xx815ckpq359j6nars4xxq8xvy7cg729yc"; /* updated by script */
sha256 = "1hici40qsxj2fw29g68i6hr1vhr0h7xrlhkialy74ah53wi7myz1"; /* updated by script */
};
wmClass = "jetbrains-webstorm";
update-channel = "WebStorm RELEASE";

View file

@ -16,11 +16,11 @@ let
in stdenv.mkDerivation rec {
pname = "nano";
version = "5.6.1";
version = "5.7";
src = fetchurl {
url = "mirror://gnu/nano/${pname}-${version}.tar.xz";
sha256 = "02cbxqizbdlfwnz8dpq4fbzmdi4yk6fv0cragvpa0748w1cp03bn";
sha256 = "1ynarilx0ca0a5h6hl5bf276cymyy8s9wr5l24vyy7f15v683cfl";
};
nativeBuildInputs = [ texinfo ] ++ optional enableNls gettext;

View file

@ -45,6 +45,7 @@ in
Open source source code editor developed by Microsoft for Windows,
Linux and macOS
'';
mainProgram = "code";
longDescription = ''
Open source source code editor developed by Microsoft for Windows,
Linux and macOS. It includes support for debugging, embedded Git

View file

@ -78,5 +78,6 @@ stdenv.mkDerivation rec {
platforms = platforms.linux ++ platforms.darwin;
maintainers = with maintainers; [ erictapen ];
license = licenses.asl20;
mainProgram = "magick";
};
}

View file

@ -1,5 +1,4 @@
{ lib
, stdenv
, mkDerivation
, fetchurl
, poppler_utils
@ -42,18 +41,11 @@ mkDerivation rec {
++ lib.optional (!unrarSupport) ./dont_build_unrar_plugin.patch;
escaped_pyqt5_dir = builtins.replaceStrings ["/"] ["\\/"] (toString python3Packages.pyqt5);
platform_tag =
if stdenv.hostPlatform.isDarwin then
"WS_MACX"
else if stdenv.hostPlatform.isWindows then
"WS_WIN"
else
"WS_X11";
prePatch = ''
sed -i "s/\[tool.sip.project\]/[tool.sip.project]\nsip-include-dirs = [\"${escaped_pyqt5_dir}\/share\/sip\/PyQt5\"]/g" \
setup/build.py
sed -i "s/\[tool.sip.bindings.pictureflow\]/[tool.sip.bindings.pictureflow]\ntags = [\"${platform_tag}\"]/g" \
sed -i "s/\[tool.sip.bindings.pictureflow\]/[tool.sip.bindings.pictureflow]\ntags = [\"${python3Packages.sip_5.platform_tag}\"]/g" \
setup/build.py
# Remove unneeded files and libs

View file

@ -3,13 +3,13 @@
buildGoModule rec {
pname = "cheat";
version = "4.2.0";
version = "4.2.1";
src = fetchFromGitHub {
owner = "cheat";
repo = "cheat";
rev = version;
sha256 = "sha256-Q/frWu82gB15LEzwYCbJr7k0yZ+AXBvcPWxoevSpeqU=";
sha256 = "sha256-wH0MTTwUmi/QZXo3vWgRYmlPxMxgfhghrTIZAwdVjQ0=";
};
subPackages = [ "cmd/cheat" ];

View file

@ -1,5 +1,5 @@
{ lib, stdenv, fetchurl, perl, libX11, libXinerama, libjpeg, libpng, libtiff, pkg-config,
librsvg, glib, gtk2, libXext, libXxf86vm, poppler, xineLib, ghostscript, makeWrapper }:
librsvg, glib, gtk2, libXext, libXxf86vm, poppler, xine-lib, ghostscript, makeWrapper }:
stdenv.mkDerivation rec {
pname = "eaglemode";
@ -12,11 +12,11 @@ stdenv.mkDerivation rec {
nativeBuildInputs = [ pkg-config ];
buildInputs = [ perl libX11 libXinerama libjpeg libpng libtiff
librsvg glib gtk2 libXxf86vm libXext poppler xineLib ghostscript makeWrapper ];
librsvg glib gtk2 libXxf86vm libXext poppler xine-lib ghostscript makeWrapper ];
# The program tries to dlopen Xxf86vm, Xext and Xinerama, so we use the
# trick on NIX_LDFLAGS and dontPatchELF to make it find them.
# I use 'yes y' to skip a build error linking with xineLib,
# I use 'yes y' to skip a build error linking with xine-lib,
# because xine stopped exporting "_x_vo_new_port"
# https://sourceforge.net/projects/eaglemode/forums/forum/808824/topic/5115261
buildPhase = ''

View file

@ -41,6 +41,11 @@ stdenv.mkDerivation rec {
json-glib
];
postInstall = ''
mkdir -p $out/lib/udev/rules.d
sed "s|/usr/libexec/|$out/libexec/|" < $src/debian/feedbackd.udev > $out/lib/udev/rules.d/90-feedbackd.rules
'';
meta = with lib; {
description = "A daemon to provide haptic (and later more) feedback on events";
homepage = "https://source.puri.sm/Librem5/feedbackd";

View file

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
pname = "fuzzel";
version = "1.5.1";
version = "1.5.3";
src = fetchzip {
url = "https://codeberg.org/dnkl/fuzzel/archive/${version}.tar.gz";
sha256 = "0zy0icd3647jyq4xflp35vwn52yxgj3zz4n30br657xjq1l5afzl";
sha256 = "sha256-n2eXS4NdOBgn48KOJ+0sQeNMKL7OxB8tUB99narQG0o=";
};
nativeBuildInputs = [ pkg-config meson ninja scdoc git ];

View file

@ -2,16 +2,16 @@
buildGoModule rec {
pname = "geoipupdate";
version = "4.6.0";
version = "4.7.1";
src = fetchFromGitHub {
owner = "maxmind";
repo = "geoipupdate";
rev = "v${version}";
sha256 = "1rzc8kidm8nr9pbcbq96kax3cbf39afrk5vzpl04lzpw3jbbakjq";
sha256 = "sha256-nshQxr6y3TxKsAVSA9mzL7LJfCtpv0QuuTTqk3/lENc=";
};
vendorSha256 = "1f858k8cl0dgiw124jv0p9jhi9aqxnc3nmc7hksw70fla2nzjrv0";
vendorSha256 = "sha256-fqQWFhFeyW4GntRBxEeN6WSOo0G+1hH9vSEZmBKglz8=";
doCheck = false;

View file

@ -1,16 +1,16 @@
{ lib, fetchFromGitHub, atomicparsley, flvstreamer, ffmpeg_3, makeWrapper, perl, perlPackages, rtmpdump}:
{ lib, fetchFromGitHub, atomicparsley, flvstreamer, ffmpeg, makeWrapper, perl, perlPackages, rtmpdump}:
with lib;
perlPackages.buildPerlPackage rec {
pname = "get_iplayer";
version = "3.24";
version = "3.27";
src = fetchFromGitHub {
owner = "get-iplayer";
repo = "get_iplayer";
rev = "v${version}";
sha256 = "0yd84ncb6cjrk4v4kz3zrddkl7iwkm3zlfbjyswd9hanp8fvd4q3";
sha256 = "077y31gg020wjpx5pcivqgkqawcjxh5kjnvq97x2gd7i3wwc30qi";
};
nativeBuildInputs = [ makeWrapper ];
@ -26,7 +26,7 @@ perlPackages.buildPerlPackage rec {
installPhase = ''
mkdir -p $out/bin $out/share/man/man1
cp get_iplayer $out/bin
wrapProgram $out/bin/get_iplayer --suffix PATH : ${makeBinPath [ atomicparsley ffmpeg_3 flvstreamer rtmpdump ]} --prefix PERL5LIB : $PERL5LIB
wrapProgram $out/bin/get_iplayer --suffix PATH : ${makeBinPath [ atomicparsley ffmpeg flvstreamer rtmpdump ]} --prefix PERL5LIB : $PERL5LIB
cp get_iplayer.1 $out/share/man/man1
'';

View file

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
pname = "gpsprune";
version = "20.2";
version = "20.3";
src = fetchurl {
url = "https://activityworkshop.net/software/gpsprune/gpsprune_${version}.jar";
sha256 = "sha256-40GrihCeDAqJCFcg4FMFxCg7bzd6CrDR5JU70e5VHDE=";
sha256 = "sha256-hmAksLPQxzB4O+ET+O/pmL/J4FG4+Dt0ulSsgjBWKxw=";
};
nativeBuildInputs = [ makeWrapper ];

View file

@ -2,13 +2,13 @@
mkDerivation rec {
pname = "gpxsee";
version = "8.9";
version = "9.0";
src = fetchFromGitHub {
owner = "tumic0";
repo = "GPXSee";
rev = version;
sha256 = "sha256-nl9iu8ezgMZ1wy2swDXYRDLlkSz1II+C65UUWNvGBxg=";
sha256 = "sha256-4MzRXpxvJcj5KptTBH6rSr2ZyQ13nV7Yq96ti+CMytw=";
};
patches = (substituteAll {

View file

@ -27,10 +27,23 @@ stdenv.mkDerivation rec {
guile-reader
];
postInstall = ''
wrapProgram $out/bin/haunt \
--prefix GUILE_LOAD_PATH : "$out/share/guile/site:${guile-commonmark}/share/guile/site:${guile-reader}/share/guile/site" \
--prefix GUILE_LOAD_COMPILED_PATH : "$out/share/guile/site:${guile-commonmark}/share/guile/site:${guile-reader}/share/guile/site"
doCheck = true;
postInstall =
let
guileVersion = lib.versions.majorMinor guile.version;
in
''
wrapProgram $out/bin/haunt \
--prefix GUILE_LOAD_PATH : "$out/share/guile/site/${guileVersion}:$GUILE_LOAD_PATH" \
--prefix GUILE_LOAD_COMPILED_PATH : "$out/lib/guile/${guileVersion}/site-ccache:$GUILE_LOAD_COMPILED_PATH"
'';
doInstallCheck = true;
installCheckPhase = ''
runHook preInstallCheck
$out/bin/haunt --version
runHook postInstallCheck
'';
meta = with lib; {
@ -53,7 +66,7 @@ stdenv.mkDerivation rec {
to do things that aren't provided out-of-the-box.
'';
license = licenses.gpl3Plus;
maintainers = with maintainers; [ AndersonTorres ];
maintainers = with maintainers; [ AndersonTorres AluisioASG ];
platforms = guile.meta.platforms;
};
}

View file

@ -0,0 +1,77 @@
{ lib, stdenv, pkg-config, rustPlatform, fetchFromGitHub, fetchpatch
, makeWrapper, glib, gst_all_1, CoreServices, IOKit, Security }:
rustPlatform.buildRustPackage rec {
pname = "hunter";
version = "2020-05-25-unstable";
src = fetchFromGitHub {
owner = "rabite0";
repo = "hunter";
rev = "355d9a3101f6d8dc375807de79e368602f1cb87d";
sha256 = "sha256-R2wNkG8bFP7X2pdlebHK6GD15qmD/zD3L0MwVthvzzQ=";
};
patches = [
(fetchpatch {
name = "remove-dependencies-on-rust-nightly";
url = "https://github.com/06kellyjac/hunter/commit/a5943578e1ee679c8bc51b0e686c6dddcf74da2a.diff";
sha256 = "sha256-eOwBFfW5m8tPnu+whWY/53X9CaqiVj2WRr25G+Yy7qE=";
})
(fetchpatch {
name = "fix-accessing-core-when-moved-with-another-clone";
url = "https://github.com/06kellyjac/hunter/commit/2e95cc567c751263f8c318399f3c5bb01d36962a.diff";
sha256 = "sha256-yTzIXUw5qEaR2QZHwydg0abyZVXfK6fhJLVHBI7EAro=";
})
(fetchpatch {
name = "fix-resolve-breaking-changes-from-package-updates";
url = "https://github.com/06kellyjac/hunter/commit/2484f0db580bed1972fd5000e1e949a4082d2f01.diff";
sha256 = "sha256-K+WUxEr1eE68XejStj/JwQpMHlhkiOw6PmiSr1GO0kc=";
})
];
cargoPatches = [
(fetchpatch {
name = "chore-cargo-update";
url = "https://github.com/06kellyjac/hunter/commit/b0be49a82191a4420b6900737901a71140433efd.diff";
sha256 = "sha256-ctxoDwyIJgEhMbMUfrjCTy2SeMUQqMi971szrqEOJeg=";
})
(fetchpatch {
name = "chore-cargo-upgrade-+-cargo-update";
url = "https://github.com/06kellyjac/hunter/commit/1b8de9248312878358afaf1dac569ebbccc4321a.diff";
sha256 = "sha256-+4DZ8SaKwKNmr2SEgJJ7KZBIctnYFMQFKgG+yCkbUv0=";
})
];
RUSTC_BOOTSTRAP = 1;
nativeBuildInputs = [ makeWrapper pkg-config ];
buildInputs = [
glib
] ++ (with gst_all_1; [
gstreamer
gst-plugins-base
gst-plugins-good
gst-plugins-ugly
gst-plugins-bad
]) ++ lib.optionals stdenv.isDarwin [ CoreServices IOKit Security ];
cargoBuildFlags = [ "--no-default-features" "--features=img,video" ];
postInstall = ''
wrapProgram $out/bin/hunter --prefix GST_PLUGIN_SYSTEM_PATH_1_0 : "$GST_PLUGIN_SYSTEM_PATH_1_0"
'';
cargoSha256 = "sha256-Bd/gilebxC4H+/1A41OSSfWBlHcSczsFcU2b+USnI74=";
meta = with lib; {
description = "The fastest file manager in the galaxy!";
homepage = "https://github.com/rabite0/hunter";
license = licenses.wtfpl;
maintainers = with maintainers; [ fufexan ];
# error[E0308]: mismatched types
# --> src/files.rs:502:62
# expected raw pointer `*const u8`, found raw pointer `*const i8`
broken = stdenv.isAarch64;
};
}

View file

@ -1,24 +1,26 @@
{ lib, stdenv, fetchurl, fetchsvn, makeWrapper, unzip, jre, libXxf86vm }:
{ lib, stdenv, fetchurl, fetchsvn, makeWrapper, unzip, jre, libXxf86vm
, extraJavaOpts ? "-Djosm.restart=true -Djava.net.useSystemProxies=true"
}:
let
pname = "josm";
version = "17702";
version = "17833";
srcs = {
jar = fetchurl {
url = "https://josm.openstreetmap.de/download/josm-snapshot-${version}.jar";
sha256 = "1p7p0jd87sxrs5n0r82apkilx0phgmjw7vpdg8qrr5msda4rsmpk";
sha256 = "sha256-i3seRVfCLXNvUkWAAPZK0XloRHuXWCNp1tqnVr7CQ7Y=";
};
macosx = fetchurl {
url = "https://josm.openstreetmap.de/download/macosx/josm-macos-${version}-java16.zip";
sha256 = "0r17cphxm852ykb8mkil29rr7sb0bj5w69qd5wz8zf2f9djk9npk";
sha256 = "sha256-PM/wNXqtEwalhorWHqVHWsaiGv60SFrHXZrb1Mw/QqQ=";
};
pkg = fetchsvn {
url = "https://josm.openstreetmap.de/svn/trunk/native/linux/tested";
rev = version;
sha256 = "1b7dryvakph8znh2ahgywch66l4bl5rmgsr79axnz1xi12g8ac12";
sha256 = "sha256-IjCFngixh2+7SifrV3Ohi1BjIOP+QSWg/QjeqbbP7aw=";
};
};
in
stdenv.mkDerivation {
stdenv.mkDerivation rec {
inherit pname version;
dontUnpack = true;
@ -36,8 +38,7 @@ stdenv.mkDerivation {
# Add libXxf86vm to path because it is needed by at least Kendzi3D plugin
makeWrapper ${jre}/bin/java $out/bin/josm \
--add-flags "-Djosm.restart=true -Djava.net.useSystemProxies=true" \
--add-flags "-jar $out/share/josm/josm.jar" \
--add-flags "${extraJavaOpts} -jar $out/share/josm/josm.jar" \
--prefix LD_LIBRARY_PATH ":" '${libXxf86vm}/lib'
'';

View file

@ -1,25 +1,43 @@
{ lib, stdenv, fetchFromGitHub, libjpeg, autoreconfHook }:
{ lib
, stdenv
, fetchFromGitHub
, libjpeg
, libpng
, ncurses
, autoreconfHook
, autoconf-archive
, pkg-config
, bash-completion
}:
stdenv.mkDerivation rec {
version = "1.0.7";
version = "1.1.0";
pname = "jp2a";
src = fetchFromGitHub {
owner = "cslarsen";
owner = "Talinx";
repo = "jp2a";
rev = "v${version}";
sha256 = "12a1z9ba2j16y67f41y8ax5sgv1wdjd71pg7circdxkj263n78ql";
sha256 = "1dz2mrhl45f0vwyfx7qc3665xma78q024c10lfsgn6farrr0c2lb";
};
makeFlags = [ "PREFIX=$(out)" ];
nativeBuildInputs = [ autoreconfHook ];
buildInputs = [ libjpeg ];
nativeBuildInputs = [
autoreconfHook
autoconf-archive
pkg-config
bash-completion
];
buildInputs = [ libjpeg libpng ncurses ];
installFlags = [ "bashcompdir=\${out}/share/bash-completion/completions" ];
meta = with lib; {
homepage = "https://csl.name/jp2a/";
description = "A small utility that converts JPG images to ASCII";
license = licenses.gpl2;
license = licenses.gpl2Only;
maintainers = [ maintainers.FlorianFranzen ];
platforms = platforms.unix;
};
}

View file

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "kanboard";
version = "1.2.18";
version = "1.2.19";
src = fetchFromGitHub {
owner = "kanboard";
repo = "kanboard";
rev = "v${version}";
sha256 = "sha256-raXPRoydd3CfciF7S0cZiuY7EPFKfE8IU3qj2dOztHU=";
sha256 = "sha256-48U3eRg6obRjgK06SKN2g1+0wocqm2aGyXO2yZw5fs8=";
};
dontBuild = true;

View file

@ -7,7 +7,7 @@
, curl
, doxygen
, fetchFromGitHub
, ffmpeg_3
, ffmpeg
, libmediainfo
, libraw
, libsodium
@ -52,7 +52,7 @@ mkDerivation rec {
c-ares
cryptopp
curl
ffmpeg_3
ffmpeg
libmediainfo
libraw
libsodium

View file

@ -0,0 +1,84 @@
{ lib
, stdenv
, fetchFromGitLab
, fetchpatch
, meson
, ninja
, pkg-config
, python3
, wrapGAppsHook
, libinput
, gnome3
, glib
, gtk3
, wayland
, libdrm
, libxkbcommon
, wlroots
}:
let
phocWlroots = wlroots.overrideAttrs (old: {
patches = (old.patches or []) ++ [
# Temporary fix. Upstream report: https://source.puri.sm/Librem5/phosh/-/issues/422
(fetchpatch {
name = "0001-Revert-layer-shell-error-on-0-dimension-without-anch.patch";
url = "https://gitlab.alpinelinux.org/alpine/aports/-/raw/78fde4aaf1a74eb13a3f083cb6dfb29f578c3265/community/wlroots/0001-Revert-layer-shell-error-on-0-dimension-without-anch.patch";
sha256 = "1zjn7mwdj21z0jsc2mz90cnrzk97yqkiq58qqgpjav4h4dgpfb38";
})
# To fix missing header `EGL/eglmesaext.h` dropped upstream
(fetchpatch {
name = "0002-stop-including-eglmesaext-h.patch";
url = "https://github.com/swaywm/wlroots/commit/e18599b05e0f0cbeba11adbd489e801285470eab.patch";
sha256 = "17ax4dyk0584yhs3lq8ija5bkainjf7psx9c9r50cr4jm9c0i37l";
})
];
});
in stdenv.mkDerivation rec {
pname = "phoc";
version = "0.7.0";
src = fetchFromGitLab {
domain = "source.puri.sm";
owner = "Librem5";
repo = pname;
rev = "v${version}";
sha256 = "0afiyr2slg38ksrqn19zygsmjy9k5bpwv6n7zjas3s5djr6hch45";
};
nativeBuildInputs = [
meson
ninja
pkg-config
python3
wrapGAppsHook
];
buildInputs = [
libdrm.dev
libxkbcommon
libinput
glib
gtk3
gnome3.gnome-desktop
# For keybindings settings schemas
gnome3.mutter
wayland
phocWlroots
];
mesonFlags = ["-Dembed-wlroots=disabled"];
postPatch = ''
chmod +x build-aux/post_install.py
patchShebangs build-aux/post_install.py
'';
meta = with lib; {
description = "Wayland compositor for mobile phones like the Librem 5";
homepage = "https://source.puri.sm/Librem5/phoc";
license = licenses.gpl3Plus;
maintainers = with maintainers; [ archseer masipcat zhaofengli ];
platforms = platforms.linux;
};
}

View file

@ -0,0 +1,26 @@
{ lib, stdenv, fetchFromGitHub, rofi }:
stdenv.mkDerivation rec {
pname = "rofi-power-menu";
version = "3.0.2";
src = fetchFromGitHub {
owner = "jluttine";
repo = "rofi-power-menu";
rev = version;
sha256 = "sha256-Bkc87BXSnAR517wCkyOAfoACYx/5xprDGJQhLWGUNns=";
};
installPhase = ''
mkdir -p $out/bin
cp rofi-power-menu $out/bin/rofi-power-menu
cp dmenu-power-menu $out/bin/dmenu-power-menu
'';
meta = with lib; {
description = "Shows a Power/Lock menu with Rofi";
homepage = "https://github.com/jluttine/rofi-power-menu";
maintainers = with maintainers; [ ikervagyok ];
platforms = platforms.linux;
};
}

View file

@ -8,7 +8,7 @@
, pcre
, glib
, imlib2
, gtk2
, gtk3
, libXinerama
, libXrender
, libXcomposite
@ -24,13 +24,13 @@
stdenv.mkDerivation rec {
pname = "tint2";
version = "16.7";
version = "17.0";
src = fetchFromGitLab {
owner = "o9000";
repo = "tint2";
rev = version;
sha256 = "1937z0kixb6r82izj12jy4x8z4n96dfq1hx05vcsvsg1sx3wxgb0";
sha256 = "1gy5kki7vqrj43yl47cw5jqwmj45f7a8ppabd5q5p1gh91j7klgm";
};
nativeBuildInputs = [
@ -46,7 +46,7 @@ stdenv.mkDerivation rec {
pcre
glib
imlib2
gtk2
gtk3
libXinerama
libXrender
libXcomposite
@ -74,7 +74,7 @@ stdenv.mkDerivation rec {
meta = with lib; {
homepage = "https://gitlab.com/o9000/tint2";
description = "Simple panel/taskbar unintrusive and light (memory, cpu, aestetic)";
license = licenses.gpl2;
license = licenses.gpl2Only;
platforms = platforms.linux;
maintainers = [ maintainers.romildo ];
};

View file

@ -2,16 +2,16 @@
rustPlatform.buildRustPackage rec {
name = "xplr";
version = "0.5.7";
version = "0.5.10";
src = fetchFromGitHub {
owner = "sayanarijit";
repo = name;
rev = "v${version}";
sha256 = "1j417g0isy3cpxdb2wrvrvypnx99qffi83s4a98791wyi8yqiw6b";
sha256 = "1gy0iv39arq2ri57iqsycp1sfnn1yafnhblr7p1my2wnmqwmd4qw";
};
cargoSha256 = "0kpwhk2f4czhilcnfqkw5hw2vxvldxqg491xkkgxjkph3w4qv3ji";
cargoSha256 = "01b4dlbakkdn3pfyyphabzrmqyp7fjy6n1nfk38z3zap5zvx8ipl";
meta = with lib; {
description = "A hackable, minimal, fast TUI file explorer";

View file

@ -112,10 +112,8 @@ let
warnObsoleteVersionConditional = min-version: result:
let ungoogled-version = (importJSON ./upstream-info.json).ungoogled-chromium.version;
in if versionAtLeast ungoogled-version min-version
then warn "chromium: ungoogled version ${ungoogled-version} is newer than a conditional bounded at ${min-version}. You can safely delete it."
result
else result;
in warnIf (versionAtLeast ungoogled-version min-version) "chromium: ungoogled version ${ungoogled-version} is newer than a conditional bounded at ${min-version}. You can safely delete it."
result;
chromiumVersionAtLeast = min-version:
let result = versionAtLeast upstream-info.version min-version;
in warnObsoleteVersionConditional min-version result;

View file

@ -18,9 +18,9 @@
}
},
"beta": {
"version": "91.0.4472.19",
"sha256": "0p51cxz0dm9ss9k7b91c0nd560mgi2x4qdcpg12vdf8x24agai5x",
"sha256bin64": "0pf0sw8sskv4x057w7l6jh86q5mdvm800iikzy6fvambhh7bvd1i",
"version": "91.0.4472.27",
"sha256": "09mhrzfza9a2zfsnxskbdbk9cwxnswgprhnyv3pj0f215cva20sq",
"sha256bin64": "1iwjf993pmhm9r92h4hskfxqc9fhky3aabvmdsqys44251j3hvwg",
"deps": {
"gn": {
"version": "2021-04-06",
@ -31,9 +31,9 @@
}
},
"dev": {
"version": "92.0.4484.7",
"sha256": "1111b1vj4zqcz57c65pjbxjilvv2ps8cjz2smxxz0vjd432q2fdf",
"sha256bin64": "0qb5bngp3vwn7py38bn80k43safm395qda760nd5kzfal6c98fi1",
"version": "92.0.4491.6",
"sha256": "0dwmcqzr7ysy7555l5amzppz8rxgxbgf6fy8lq4ykn2abx4m8n8a",
"sha256bin64": "041j6nm49w03qadwlsav50avdp6pwf1a8asybgvkjaxy4fpck376",
"deps": {
"gn": {
"version": "2021-04-06",
@ -44,9 +44,9 @@
}
},
"ungoogled-chromium": {
"version": "90.0.4430.85",
"sha256": "08j9shrc6p0vpa3x7av7fj8wapnkr7h6m8ag1gh6gaky9d6mki81",
"sha256bin64": "0li9w6zfsmx5r90jm5v5gfv3l2a76jndg6z5jvb9yx9xvrp9gpir",
"version": "90.0.4430.93",
"sha256": "0zimr975vp0v12zz1nqjwag3f0q147wrmdhpzgi4yf089rgwfbjk",
"sha256bin64": "1vifcrrfv69i0q7qnnml43xr0c20bi22hfw6lygq3k2x70zdzgl6",
"deps": {
"gn": {
"version": "2021-02-09",
@ -55,8 +55,8 @@
"sha256": "1941bzg37c4dpsk3sh6ga3696gpq6vjzpcw9rsnf6kdr9mcgdxvn"
},
"ungoogled-patches": {
"rev": "90.0.4430.85-1",
"sha256": "04nrx6fgkizmza50xj236m4rb1j8yaw0cw5790df1vlmbsc81667"
"rev": "90.0.4430.93-1",
"sha256": "11adnd96iwkkri3yyzvxsq43gqsc12fvd87rvqqflj0irrdk98a0"
}
}
}

View file

@ -146,7 +146,7 @@ in stdenv.mkDerivation {
--prefix XDG_DATA_DIRS : "$XDG_ICON_DIRS:$GSETTINGS_SCHEMAS_PATH" \
--add-flags ${escapeShellArg commandLineArgs}
for elf in $out/share/google/$appname/{chrome,chrome-sandbox,nacl_helper}; do
for elf in $out/share/google/$appname/{chrome,chrome-sandbox,crashpad_handler,nacl_helper}; do
patchelf --set-rpath $rpath $elf
patchelf --set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" $elf
done
@ -161,5 +161,8 @@ in stdenv.mkDerivation {
# will try to merge PRs and respond to issues but I'm not actually using
# Google Chrome.
platforms = [ "x86_64-linux" ];
mainProgram =
if (channel == "dev") then "google-chrome-unstable"
else "google-chrome-${channel}";
};
}

View file

@ -14,13 +14,13 @@
stdenv.mkDerivation rec {
pname = "lagrange";
version = "1.3.2";
version = "1.3.4";
src = fetchFromGitHub {
owner = "skyjake";
repo = "lagrange";
rev = "v${version}";
sha256 = "sha256-90MN7JH84h10dSXt5Kwc2V3FKVutQ7AmNcR4TK2bpBY=";
sha256 = "sha256-hPNqyTH2oMPytvYAF9sjEQ9ibaJYDODA33ZrDuWnloU=";
fetchSubmodules = true;
};

View file

@ -26,9 +26,11 @@
, libXrandr
, libXrender
, libXtst
, libdrm
, libnotify
, libpulseaudio
, libuuid
, mesa
, nspr
, nss
, pango
@ -88,9 +90,11 @@ in stdenv.mkDerivation rec {
libXrandr
libXrender
libXtst
libdrm
libnotify
libuuid
libxcb
mesa
nspr
nss
pango

View file

@ -1,29 +1,59 @@
{ stdenv, lib, fetchFromGitHub, writeScript, desktop-file-utils
, pkg-config, autoconf213, alsaLib, bzip2, cairo
, dbus, dbus-glib, ffmpeg, file, fontconfig, freetype
, gnome2, gnum4, gtk2, hunspell, libevent, libjpeg
, libnotify, libstartup_notification, wrapGAppsHook
, libGLU, libGL, perl, python2, libpulseaudio
, unzip, xorg, wget, which, yasm, zip, zlib
, withGTK3 ? true, gtk3
# Compiler in stdenv MUST be a supported one for official branding
# See https://developer.palemoon.org/build/linux/
# TODO assert if stdenv.cc is supported?
{ stdenv
, lib
, fetchFromGitHub
, writeScript
, alsaLib
, autoconf213
, cairo
, desktop-file-utils
, dbus
, dbus-glib
, ffmpeg
, fontconfig
, freetype
, gnome2
, gnum4
, gtk2
, libevent
, libGL
, libGLU
, libnotify
, libpulseaudio
, libstartup_notification
, perl
, pkg-config
, python2
, unzip
, which
, wrapGAppsHook
, xorg
, yasm
, zip
, zlib
, withGTK3 ? true
, gtk3
}:
let
libPath = lib.makeLibraryPath [ ffmpeg libpulseaudio ];
libPath = lib.makeLibraryPath [
ffmpeg
libpulseaudio
];
gtkVersion = if withGTK3 then "3" else "2";
in stdenv.mkDerivation rec {
in
stdenv.mkDerivation rec {
pname = "palemoon";
version = "29.1.1";
version = "29.2.0";
src = fetchFromGitHub {
githubBase = "repo.palemoon.org";
owner = "MoonchildProductions";
repo = "Pale-Moon";
rev = "${version}_Release";
sha256 = "1ppdmj816zwccb0l0mgpq14ckdwg785wmqz41wran0nl63fg6i1x";
sha256 = "0pa9j41bbfarwi60a6hxi5vpn52mwgr4p05l98acv4fcs1ccb427";
fetchSubmodules = true;
};
@ -43,24 +73,55 @@ in stdenv.mkDerivation rec {
'';
nativeBuildInputs = [
desktop-file-utils file gnum4 perl pkg-config python2 wget which wrapGAppsHook unzip
autoconf213
desktop-file-utils
gnum4
perl
pkg-config
python2
unzip
which
wrapGAppsHook
yasm
zip
];
buildInputs = [
alsaLib bzip2 cairo dbus dbus-glib ffmpeg fontconfig freetype
gnome2.GConf gtk2 hunspell libevent libjpeg libnotify
libstartup_notification libGLU libGL
libpulseaudio yasm zip zlib
alsaLib
cairo
dbus
dbus-glib
ffmpeg
fontconfig
freetype
gnome2.GConf
gtk2
libevent
libGL
libGLU
libnotify
libpulseaudio
libstartup_notification
zlib
]
++ (with xorg; [
libX11 libXext libXft libXi libXrender libXScrnSaver
libXt pixman xorgproto
libX11
libXext
libXft
libXi
libXrender
libXScrnSaver
libXt
pixman
xorgproto
])
++ lib.optional withGTK3 gtk3;
enableParallelBuilding = true;
configurePhase = ''
runHook preConfigure
export MOZCONFIG=$PWD/mozconfig
export MOZ_NOSPAM=1
@ -96,9 +157,6 @@ in stdenv.mkDerivation rec {
ac_add_options --enable-official-branding
export MOZILLA_OFFICIAL=1
# For versions after 28.12.0
ac_add_options --enable-phoenix-extensions
ac_add_options --x-libraries=${lib.makeLibraryPath [ xorg.libX11 ]}
export MOZ_PKG_SPECIAL=gtk$_GTK_VERSION
@ -112,24 +170,42 @@ in stdenv.mkDerivation rec {
mk_add_options MOZ_MAKE_FLAGS="-j${if enableParallelBuilding then "$NIX_BUILD_CORES" else "1"}"
mk_add_options AUTOCONF=${autoconf213}/bin/autoconf
'
runHook postConfigure
'';
buildPhase = "./mach build";
buildPhase = ''
runHook preBuild
./mach build
runHook postBuild
'';
installPhase = ''
runHook preInstall
./mach install
# Fix missing icon due to wrong WMClass
# TODO report upstream
substituteInPlace ./palemoon/branding/official/palemoon.desktop \
--replace 'StartupWMClass="pale moon"' 'StartupWMClass=Pale moon'
desktop-file-install --dir=$out/share/applications \
./palemoon/branding/official/palemoon.desktop
# Install official branding icons
for iconname in default{16,22,24,32,48,256} mozicon128; do
n=''${iconname//[^0-9]/}
size=$n"x"$n
install -Dm644 ./palemoon/branding/official/$iconname.png $out/share/icons/hicolor/$size/apps/palemoon.png
done
# Remove unneeded SDK data from installation
# TODO: move to a separate output?
rm -rf $out/{include,share/idl,lib/palemoon-devel-${version}}
runHook postInstall
'';
dontWrapGApps = true;
@ -154,9 +230,9 @@ in stdenv.mkDerivation rec {
experience, while offering full customization and a growing collection of
extensions and themes to make the browser truly your own.
'';
homepage = "https://www.palemoon.org/";
license = licenses.mpl20;
homepage = "https://www.palemoon.org/";
license = licenses.mpl20;
maintainers = with maintainers; [ AndersonTorres OPNA2608 ];
platforms = [ "i686-linux" "x86_64-linux" ];
platforms = [ "i686-linux" "x86_64-linux" ];
};
}

View file

@ -1,4 +1,4 @@
{ lib, fetchurl, fetchzip, fetchpatch, python3
{ lib, fetchurl, fetchzip, python3
, mkDerivationWith, wrapQtAppsHook, wrapGAppsHook, qtbase, qtwebengine, glib-networking
, asciidoc, docbook_xml_dtd_45, docbook_xsl, libxml2
, libxslt, gst_all_1 ? null
@ -31,12 +31,12 @@ let
in mkDerivationWith python3Packages.buildPythonApplication rec {
pname = "qutebrowser";
version = "2.2.0";
version = "2.2.1";
# the release tarballs are different from the git checkout!
src = fetchurl {
url = "https://github.com/qutebrowser/qutebrowser/releases/download/v${version}/${pname}-${version}.tar.gz";
sha256 = "sha256:0anxhrkxqb35mxr7jr820xcfw0v514s92wffsiqap2a2sqaj0pgs";
sha256 = "sha256-JHymxnNPdMsVma3TUKCS+iRCe9J7I0A6iISP5OXtJm8=";
};
# Needs tox
@ -69,11 +69,6 @@ in mkDerivationWith python3Packages.buildPythonApplication rec {
patches = [
./fix-restart.patch
(fetchpatch {
name = "add-qtwebengine-version-override.patch";
url = "https://github.com/qutebrowser/qutebrowser/commit/febb921040b6670d9b1694a6ce55ae39384d1306.patch";
sha256 = "15p11kk8via7c7m14jiqgzc63qwxxzayr2bkl93jd10l2gx7pk9v";
})
];
dontWrapGApps = true;

View file

@ -402,6 +402,7 @@ stdenv.mkDerivation rec {
changelog = "https://gitweb.torproject.org/builders/tor-browser-build.git/plain/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt?h=maint-${version}";
platforms = attrNames srcs;
maintainers = with maintainers; [ offline matejc thoughtpolice joachifm hax404 cap KarlJoad ];
mainProgram = "tor-browser";
hydraPlatforms = [];
# MPL2.0+, GPL+, &c. While it's not entirely clear whether
# the compound is "libre" in a strict sense (some components place certain

View file

@ -1,40 +1,74 @@
{ lib, buildGoModule, fetchFromGitHub, packr }:
{ lib, buildGoModule, fetchFromGitHub, packr, makeWrapper, installShellFiles, helm, kustomize }:
buildGoModule rec {
pname = "argocd";
version = "1.8.6";
commit = "28aea3dfdede00443b52cc584814d80e8f896200";
version = "2.0.1";
commit = "33eaf11e3abd8c761c726e815cbb4b6af7dcb030";
tag = "v${version}";
src = fetchFromGitHub {
owner = "argoproj";
repo = "argo-cd";
rev = "v${version}";
sha256 = "sha256-kJ3/1owK5T+FbcvjmK2CO+i/KwmVZRSGzF6fCt8J9E8=";
rev = tag;
sha256 = "sha256-j/RdiMeaYxlmEvo5CKrGvkp25MrFsSYh+XNYWNcs0PE=";
};
vendorSha256 = "sha256-rZ/ox180h9scocheYtMmKkoHY2/jH+I++vYX8R0fdlA=";
vendorSha256 = "sha256-8j5v99wOHM/SndJwpmGWiCFEyw4K513HEEbkPrD8C90=";
doCheck = false;
nativeBuildInputs = [ packr ];
buildFlagsArray = ''
-ldflags=
-X github.com/argoproj/argo-cd/common.version=${version}
-X github.com/argoproj/argo-cd/common.buildDate=unknown
-X github.com/argoproj/argo-cd/common.gitCommit=${commit}
-X github.com/argoproj/argo-cd/common.gitTreeState=clean
'';
nativeBuildInputs = [ packr makeWrapper installShellFiles ];
# run packr to embed assets
preBuild = ''
packr
'';
buildFlagsArray =
let package_url = "github.com/argoproj/argo-cd/v2/common"; in
[
"-ldflags="
"-s -w"
"-X ${package_url}.version=${version}"
"-X ${package_url}.buildDate=unknown"
"-X ${package_url}.gitCommit=${commit}"
"-X ${package_url}.gitTag=${tag}"
"-X ${package_url}.gitTreeState=clean"
];
# Test is disabled because ksonnet is missing from nixpkgs.
# Log: https://gist.github.com/superherointj/79cbdc869dfd44d28a10dc6746ecb3f9
doCheck = false;
checkInputs = [
helm
kustomize
#ksonnet
];
doInstallCheck = true;
installCheckPhase = ''
$out/bin/argocd version --client | grep ${tag} > /dev/null
$out/bin/argocd-util version | grep ${tag} > /dev/null
'';
installPhase = ''
runHook preInstall
mkdir -p $out/bin
install -Dm755 "$GOPATH/bin/cmd" -T $out/bin/argocd
runHook postInstall
'';
postInstall = ''
for appname in argocd-util argocd-server argocd-repo-server argocd-application-controller argocd-dex ; do
makeWrapper $out/bin/argocd $out/bin/$appname --set ARGOCD_BINARY_NAME $appname
done
installShellCompletion --cmd argocd \
--bash <($out/bin/argocd completion bash) \
--zsh <($out/bin/argocd completion zsh)
'';
meta = with lib; {
description = "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes";
homepage = "https://github.com/argoproj/argo";
license = licenses.asl20;
maintainers = with maintainers; [ shahrukh330 ];
maintainers = with maintainers; [ shahrukh330 superherointj ];
};
}

View file

@ -1,11 +1,11 @@
{ lib, buildGoModule, fetchFromGitHub, fetchzip, installShellFiles }:
let
version = "0.12.0";
version = "0.13.2";
manifests = fetchzip {
url = "https://github.com/fluxcd/flux2/releases/download/v${version}/manifests.tar.gz";
sha256 = "sha256-8NgKr5uRVFBD1pARaD+vH9wPA5gUNltwMe0i0icED1c=";
sha256 = "sha256-+2JvJFzH1CjU/WQ7MLtqd5Adfi/ktX9lPq4IyxPcUD8=";
stripRoot = false;
};
in
@ -19,10 +19,10 @@ buildGoModule rec {
owner = "fluxcd";
repo = "flux2";
rev = "v${version}";
sha256 = "sha256-idHMijca1lYQF4aW+RPyzRraLDNdVavMuj4TP6z90Oo=";
sha256 = "sha256-yWcoHUHEiRp4YxTDxi+inJkpb8dnTVTwSO3MgFyhvps=";
};
vendorSha256 = "sha256-VrDO8y6omRKf3mPRAnRMZsSMwQHxQxShUa9HZ3dfCgM=";
vendorSha256 = "sha256-hSnTM89s3R7UDn1gLlb1gu6rhTPqVKJpWKCz1SDyfmg=";
nativeBuildInputs = [ installShellFiles ];

View file

@ -2,15 +2,15 @@
buildGoModule rec {
pname = "helm";
version = "3.5.3";
version = "3.5.4";
src = fetchFromGitHub {
owner = "helm";
repo = "helm";
rev = "v${version}";
sha256 = "sha256-7xO07JDy6ujWlDF+5Xd3myRQ8ajTppCXz9fNe4yizVw=";
sha256 = "sha256-u8GJVOubPlIG88TFG5+OvbovMz4Q595wWo2YCwuTgG8=";
};
vendorSha256 = "sha256-lpEoUgABtJczwShNdvD+zYAPDFTJqILSei2YY6mQ2mw=";
vendorSha256 = "sha256-zdZxGiwgx8c0zt9tQebJi7k/LNNYjhNInsVeBbxPsgE=";
doCheck = false;

View file

@ -2,13 +2,13 @@
buildGoModule rec {
pname = "kube-capacity";
version = "0.5.1";
version = "0.6.0";
src = fetchFromGitHub {
rev = "v${version}";
owner = "robscott";
repo = pname;
sha256 = "127583hmpj04y522wir76a39frm6zg9z7mb4ny5lxxjqhn0q0cd5";
sha256 = "sha256-IwlcxlzNNYWNANszTM+s6/SA1C2LXrydSTtAvniNKXE=";
};
vendorSha256 = "sha256-EgLWZs282IV1euCUCc5ucf267E2Z7GF9SgoImiGvuVM=";

View file

@ -2,13 +2,13 @@
buildGoModule rec {
pname = "tanka";
version = "0.15.0";
version = "0.15.1";
src = fetchFromGitHub {
owner = "grafana";
repo = pname;
rev = "v${version}";
sha256 = "sha256-ckXvDB3TU9HAXowAAr/fRmX3mylVvPKW8I74R/vUaRY=";
sha256 = "sha256-aCgr56nXZCkG8k/ZGH2/cDOaqkznnyb6JLEcImqLH64=";
};
vendorSha256 = "sha256-vpm2y/CxRNWkz6+AOMmmZH5AjRQWAa6WD5Fnx5lqJYw=";

View file

@ -2,13 +2,13 @@
buildGoModule rec {
pname = "terragrunt";
version = "0.29.0";
version = "0.29.1";
src = fetchFromGitHub {
owner = "gruntwork-io";
repo = pname;
rev = "v${version}";
sha256 = "sha256-Ubft+R2nBUNRx3SfksORxBbKY/mSvY+tKkz1UcGXyjw=";
sha256 = "sha256-fr33DRFZrUZQELYMf8z5ShOZobwylgoiW+yi6qdtFP4=";
};
vendorSha256 = "sha256-qlSCQtiGHmlk3DyETMoQbbSYhuUSZTsvAnBKuDJI8x8=";

View file

@ -2,11 +2,11 @@
python3Packages.buildPythonApplication rec {
pname = "dyndnsc";
version = "0.5.1";
version = "0.6.1";
src = python3Packages.fetchPypi {
inherit pname version;
hash = "sha256-Sy6U0XhIQ9mPmznmWKqoyqE34vaE84fwlivouaF7Dd0=";
sha256 = "13078d29eea2f9a4ca01f05676c3309ead5e341dab047e0d51c46f23d4b7fbb4";
};
postPatch = ''
@ -19,9 +19,10 @@ python3Packages.buildPythonApplication rec {
dnspython
netifaces
requests
json-logging
setuptools
];
checkInputs = with python3Packages; [ bottle pytestCheckHook ];
checkInputs = with python3Packages; [ bottle mock pytest-console-scripts pytestCheckHook ];
disabledTests = [
# dnswanip connects to an external server to discover the

View file

@ -17,11 +17,11 @@
stdenv.mkDerivation rec {
pname = "filezilla";
version = "3.53.0";
version = "3.53.1";
src = fetchurl {
url = "https://download.filezilla-project.org/client/FileZilla_${version}_src.tar.bz2";
sha256 = "sha256-MJXnYN9PVADttNqj3hshLElHk2Dy9FzE67clMMh85CA=";
sha256 = "sha256-ZWh08ursVGcscvQepeoUnFAZfFDeXWdIu0HXIr/D93k=";
};
# https://www.linuxquestions.org/questions/slackware-14/trouble-building-filezilla-3-47-2-1-current-4175671182/#post6099769

View file

@ -4,7 +4,7 @@
buildDunePackage rec {
pname = "google-drive-ocamlfuse";
version = "0.7.22";
version = "0.7.26";
useDune2 = true;
@ -14,7 +14,7 @@ buildDunePackage rec {
owner = "astrada";
repo = "google-drive-ocamlfuse";
rev = "v${version}";
sha256 = "027j1r2iy8vnbqs8bv893f0909yk5312ki5p3zh2pdz6s865h750";
sha256 = "sha256-8s3DnpdYIVyJj5rtsof3WpLvX9wCrWU47dp4D6c986s=";
};
buildInputs = [ ocaml_extlib ocamlfuse gapi_ocaml ocaml_sqlite3 ];

View file

@ -0,0 +1,42 @@
{ stdenv, lib, fetchFromGitHub, cacert, python3 }:
stdenv.mkDerivation {
pname = "matrix-commander";
version = "unstable-2021-04-18";
src = fetchFromGitHub {
owner = "8go";
repo = "matrix-commander";
rev = "3e89a5f4c98dd191880ae371cc63eb9282d7d91f";
sha256 = "08nwwszp1kv5b7bgf6mmfn42slxkyhy98x18xbn4pglc4bj32iql";
};
buildInputs = [
cacert
(python3.withPackages(ps: with ps; [
matrix-nio
magic
markdown
pillow
urllib3
aiofiles
]))];
installPhase = ''
runHook preInstall
mkdir -p $out/bin
cp $src/matrix-commander.py $out/bin/matrix-commander
chmod +x $out/bin/matrix-commander
runHook postInstall
'';
meta = with lib; {
description = "Simple but convenient CLI-based Matrix client app for sending and receiving";
homepage = "https://github.com/8go/matrix-commander";
license = licenses.gpl3Only;
platforms = platforms.linux;
maintainers = [ maintainers.seb314 ];
};
}

Some files were not shown because too many files have changed in this diff Show more