b12f/nixpkgs
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/master' into staging

Browse source
This commit is contained in:
Franz Pletz 2016-10-11 18:33:08 +02:00
parent f9e0254290 733c706c91
commit 14df9ad496
No known key found for this signature in database
GPG key ID: 846FDED7792617B4
329 changed files with 9822 additions and 4871 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
doc/stdenv.xml
View file

@ -27,7 +27,7 @@ stdenv.mkDerivation {
name = "libfoo-1.2.3";
src = fetchurl {
url = http://example.org/libfoo-1.2.3.tar.bz2;
md5 = "e1ec107956b6ddcb0b8b0679367e9ac9";
sha256 = "0x2g1jqygyr5wiwg4ma1nd7w4ydpy82z9gkcv8vh2v8dn3y58v5m";
};
}</programlisting>

5
lib/licenses.nix
View file

@ -110,6 +110,11 @@ lib.mapAttrs (n: v: v // { shortName = n; }) rec {
fullName = "Creative Commons Attribution Non Commercial Share Alike 4.0";
};
cc-by-nd-30 = spdx {
spdxId = "CC-BY-ND-3.0";
fullName = "Creative Commons Attribution-No Derivative Works v3.00";
};
cc-by-sa-25 = spdx {
spdxId = "CC-BY-SA-2.5";
fullName = "Creative Commons Attribution Share Alike 2.5";

6
lib/maintainers.nix
View file

@ -169,6 +169,7 @@
globin = "Robin Gloster <mail@glob.in>";
gnidorah = "Alex Ivanov <yourbestfriend@opmbx.org>";
goibhniu = "Cillian de Róiste <cillian.deroiste@gmail.com>";
goodrone = "Andrew Trachenko <goodrone@gmail.com>";
Gonzih = "Max Gonzih <gonzih@gmail.com>";
gpyh = "Yacine Hmito <yacine.hmito@gmail.com>";
grahamc = "Graham Christensen <graham@grahamc.com>";
@ -239,7 +240,7 @@
lucas8 = "Luc Chabassier <luc.linux@mailoo.org>";
ludo = "Ludovic Courtès <ludo@gnu.org>";
luispedro = "Luis Pedro Coelho <luis@luispedro.org>";
lukasepple = "Lukas Epple <post@lukasepple.de>";
sternenseemann = "Lukas Epple <post@lukasepple.de>";
lukego = "Luke Gorrie <luke@snabb.co>";
lw = "Sergey Sofeychuk <lw@fmap.me>";
madjar = "Georges Dubus <georges.dubus@compiletoi.net>";
@ -272,6 +273,7 @@
mingchuan = "Ming Chuan <ming@culpring.com>";
mirdhyn = "Merlin Gaillard <mirdhyn@gmail.com>";
mirrexagon = "Andrew Abbott <mirrexagon@mirrexagon.com>";
mlieberman85 = "Michael Lieberman <mlieberman85@gmail.com>";
modulistic = "Pablo Costa <modulistic@gmail.com>";
mog = "Matthew O'Gorman <mog-lists@rldn.net>";
moosingin3space = "Nathan Moos <moosingin3space@gmail.com>";
@ -334,6 +336,7 @@
pmahoney = "Patrick Mahoney <pat@polycrystal.org>";
pmiddend = "Philipp Middendorf <pmidden@secure.mailbox.org>";
prikhi = "Pavan Rikhi <pavan.rikhi@gmail.com>";
primeos = "Michael Weiss <dev.primeos@gmail.com>";
profpatsch = "Profpatsch <mail@profpatsch.de>";
proglodyte = "Proglodyte <proglodyte23@gmail.com>";
pshendry = "Paul Hendry <paul@pshendry.com>";
@ -365,6 +368,7 @@
roblabla = "Robin Lambertz <robinlambertz+dev@gmail.com>";
roconnor = "Russell O'Connor <roconnor@theorem.ca>";
romildo = "José Romildo Malaquias <malaquias@gmail.com>";
ronny = "Ronny Pfannschmidt <nixos@ronnypfannschmidt.de>";
rszibele = "Richard Szibele <richard_szibele@hotmail.com>";
rushmorem = "Rushmore Mushambi <rushmore@webenchanter.com>";
rvl = "Rodney Lorrimar <dev+nix@rodney.id.au>";

3
lib/trivial.nix
View file

@ -113,4 +113,7 @@ rec {
*/
warn = msg: builtins.trace "WARNING: ${msg}";
info = msg: builtins.trace "INFO: ${msg}";
fetchMD5warn = name: context : data : warn
"Deprecated use of MD5 hash in ${name} to fetch ${context}" data;
}

2
nixos/doc/manual/development/development.xml
View file

@ -14,9 +14,11 @@ NixOS.</para>
<xi:include href="sources.xml" />
<xi:include href="writing-modules.xml" />
<xi:include href="building-parts.xml" />
<xi:include href="writing-documentation.xml" />
<xi:include href="building-nixos.xml" />
<xi:include href="nixos-tests.xml" />
<xi:include href="testing-installer.xml" />
<xi:include href="reviewing-contributions.xml" />
<xi:include href="releases.xml" />
</part>

241
nixos/doc/manual/development/releases.xml Executable file
View file

@ -0,0 +1,241 @@
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="ch-releases">
<title>Releases</title>
<section xml:id="release-process">
<title>Release process</title>
<para>
Going through an example of releasing NixOS 15.09:
</para>
<section xml:id="one-month-before-the-beta">
<title>One month before the beta</title>
<itemizedlist spacing="compact">
<listitem>
<para>
Send an email to nix-dev mailinglist as a warning about upcoming beta "feature freeze" in a month.
</para>
</listitem>
<listitem>
<para>
Discuss with Eelco Dolstra and the community (via IRC, ML) about what will reach the deadline.
Any issue or Pull Request targeting the release should have assigned milestone.
</para>
</listitem>
</itemizedlist>
</section>
<section xml:id="at-beta-release-time">
<title>At beta release time</title>
<itemizedlist spacing="compact">
<listitem>
<para>
Rename <literal>rl-unstable.xml</literal> -&gt;
<literal>rl-1509.xml</literal>.
</para>
</listitem>
<listitem>
<para>
<literal>git tag -a -m &quot;Release 15.09-beta&quot; 15.09-beta &amp;&amp; git push --tags</literal>
</para>
</listitem>
<listitem>
<para>
From the master branch run <literal>git checkout -B release-15.09</literal>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/NixOS/nixos-org-configurations/pull/18">
Make sure channel is created at http://nixos.org/channels/.
</link>
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/NixOS/nixpkgs/settings/branches">
Lock the branch on github (so developers cant force push)
</link>
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/NixOS/nixpkgs/compare/bdf161ed8d21...6b63c4616790">bump
<literal>system.defaultChannel</literal> attribute in
<literal>nixos/modules/misc/version.nix</literal></link>
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/NixOS/nixpkgs/commit/d6b08acd1ccac0d9d502c4b635e00b04d3387f06">update
<literal>versionSuffix</literal> in
<literal>nixos/release.nix</literal></link>, use
<literal>git log --format=%an|wc -l</literal> to get commit
count
</para>
</listitem>
<listitem>
<para>
<literal>echo -n &quot;16.03&quot; &gt; .version</literal> in
master.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/NixOS/nixpkgs/commit/b8a4095003e27659092892a4708bb3698231a842">pick
a new name for unstable branch.</link>
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/NixOS/nixpkgs/issues/13559">Create
an issue for tracking Zero Hydra Failures progress. ZHF is an effort
to get build failures down to zero.</link>
</para>
</listitem>
<listitem>
<para>
Use https://lwn.net/Vulnerabilities/ and
<link xlink:href="https://github.com/NixOS/nixpkgs/search?utf8=%E2%9C%93&amp;q=vulnerabilities&amp;type=Issues">triage vulnerabilities in an issue</link>.
</para>
</listitem>
<listitem>
<para>
Create two Hydra jobsets: release-15.09 and release-15.09-small with <literal>stableBranch</literal> set to false
</para>
</listitem>
<listitem>
<para>
Edit changelog at
<literal>nixos/doc/manual/release-notes/rl-1509.xml</literal>
(double check desktop versions are noted)
</para>
<itemizedlist spacing="compact">
<listitem>
<para>
Get all new NixOS modules
<literal>git diff release-14.12..release-15.09 nixos/modules/module-list.nix|grep ^+</literal>
</para>
</listitem>
<listitem>
<para>
Note systemd, kernel, glibc and Nix upgrades.
</para>
</listitem>
</itemizedlist>
</listitem>
</itemizedlist>
</section>
<section xml:id="before-the-final-release">
<title>Before the final release</title>
<itemizedlist spacing="compact">
<listitem>
<para>
Release Nix (currently only Eelco Dolstra can do that).
<link xlink:href="https://github.com/NixOS/nixpkgs/commit/53710c752a85f00658882531bc90a23a3d1287e4">
Make sure fallback is updated.
</link>
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/NixOS/nixpkgs/commit/40fd9ae3ac8048758abdcfc7d28a78b5f22fe97e">
Update README.md with new stable NixOS version information.
</link>
</para>
</listitem>
<listitem>
<para>
Change <literal>stableBranch</literal> to true and wait for channel to update.
</para>
</listitem>
</itemizedlist>
</section>
<section xml:id="at-final-release-time">
<title>At final release time</title>
<itemizedlist spacing="compact">
<listitem>
<para>
<literal>git tag -s -a -m &quot;Release 15.09&quot; 15.09</literal>
</para>
</listitem>
<listitem>
<para>
Update http://nixos.org/nixos/download.html and http://nixos.org/nixos/manual in https://github.com/NixOS/nixos-org-configurations
</para>
</listitem>
<listitem>
<para>
Get number of commits for the release:
<literal>git log release-14.04..release-14.12 --format=%an|wc -l</literal>
</para>
</listitem>
<listitem>
<para>
Commits by contributor:
<literal>git log release-14.04..release-14.12 --format=%an|sort|uniq -c|sort -rn</literal>
</para>
</listitem>
<listitem>
<para>
Send an email to nix-dev to announce the release with above information. Best to check how previous email was formulated
to see what needs to be included.
</para>
</listitem>
</itemizedlist>
</section>
</section>
<section xml:id="release-schedule">
<title>Release schedule</title>
<informaltable>
<tgroup cols="2">
<colspec align="left" />
<colspec align="left" />
<thead>
<row>
<entry>
Date
</entry>
<entry>
Event
</entry>
</row>
</thead>
<tbody>
<row>
<entry>
2016-07-25
</entry>
<entry>
Send email to nix-dev about upcoming branch-off
</entry>
</row>
<row>
<entry>
2016-09-01
</entry>
<entry>
<literal>release-16.09</literal> branch and corresponding jobsets are created,
change freeze
</entry>
</row>
<row>
<entry>
2016-09-30
</entry>
<entry>
NixOS 16.09 released
</entry>
</row>
</tbody>
</tgroup>
</informaltable>
</section>
</chapter>

147
nixos/doc/manual/development/writing-documentation.xml Normal file
View file

@ -0,0 +1,147 @@
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-writing-documentation">
<title>Writing NixOS Documentation</title>
<para>
As NixOS grows, so too does the need for a catalogue and explanation
of its extensive functionality. Collecting pertinent information
from disparate sources and presenting it in an accessible style
would be a worthy contribution to the project.
</para>
<section>
<title>Building the Manual</title>
<para>
The DocBook sources of the <xref linkend="book-nixos-manual"/> are in the
<link xlink:href="https://github.com/NixOS/nixpkgs/tree/master/nixos/doc/manual"><filename>nixos/doc/manual</filename></link>
subdirectory of the Nixpkgs repository. If you make modifications to
the manual, it's important to build it before committing. You can do
that as follows:
<screen>nix-build nixos/release.nix -A manual.x86_64-linux</screen>
</para>
<para>
When this command successfully finishes, it will tell you where the
manual got generated. The HTML will be accessible through the
<filename>result</filename> symlink at
<filename>./result/share/doc/nixos/index.html</filename>.
</para>
</section>
<section>
<title>Editing DocBook XML</title>
<para>
For general information on how to write in DocBook, see
<link xlink:href="http://www.docbook.org/tdg5/en/html/docbook.html">
DocBook 5: The Definitive Guide</link>.
</para>
<para>
Emacs nXML Mode is very helpful for editing DocBook XML because it
validates the document as you write, and precisely locates
errors. To use it, see <xref linkend="sec-emacs-docbook-xml"/>.
</para>
<para>
<link xlink:href="http://pandoc.org">Pandoc</link> can generate
DocBook XML from a multitude of formats, which makes a good starting
point.
<example xml:id="ex-pandoc-xml-conv">
<title>Pandoc invocation to convert GitHub-Flavoured MarkDown to DocBook 5 XML</title>
<screen>pandoc -f markdown_github -t docbook5 docs.md -o my-section.md</screen>
</example>
Pandoc can also quickly convert a single
<filename>section.xml</filename> to HTML, which is helpful when
drafting.
</para>
<para>
Sometimes writing valid DocBook is simply too difficult. In this
case, submit your documentation updates in a <link
xlink:href="https://github.com/NixOS/nixpkgs/issues/new">GitHub
Issue</link> and someone will handle the conversion to XML for you.
</para>
</section>
<section>
<title>Creating a Topic</title>
<para>
You can use an existing topic as a basis for the new topic or create a topic from scratch.
</para>
<para>
Keep the following guidelines in mind when you create and add a topic:
<itemizedlist>
<listitem><para>
The NixOS <link xlink:href="http://www.docbook.org/tdg5/en/html/book.html"><tag>book</tag></link>
element is in <filename>nixos/doc/manual/manual.xml</filename>.
It includes several
<link xlink:href="http://www.docbook.org/tdg5/en/html/book.html"><tag>part</tag>s</link>
which are in subdirectories.
</para></listitem>
<listitem><para>
Store the topic file in the same directory as the <tag>part</tag>
to which it belongs. If your topic is about configuring a NixOS
module, then the XML file can be stored alongside the module
definition <filename>nix</filename> file.
</para></listitem>
<listitem><para>
If you include multiple words in the file name, separate the words
with a dash. For example: <filename>ipv6-config.xml</filename>.
</para></listitem>
<listitem><para>
Make sure that the <tag>xml:id</tag> value is unique. You can use
abbreviations if the ID is too long. For example:
<varname>nixos-config</varname>.
</para></listitem>
<listitem><para>
Determine whether your topic is a chapter or a section. If you are
unsure, open an existing topic file and check whether the main
element is chapter or section.
</para></listitem>
</itemizedlist>
</para>
</section>
<section>
<title>Adding a Topic to the Book</title>
<para>
Open the parent XML file and add an <varname>xi:include</varname>
element to the list of chapters with the file name of the topic that
you created. If you created a <tag>section</tag>, you add the file to
the <tag>chapter</tag> file. If you created a <tag>chapter</tag>, you
add the file to the <tag>part</tag> file.
</para>
<para>
If the topic is about configuring a NixOS module, it can be
automatically included in the manual by using the
<varname>meta.doc</varname> attribute. See <xref
linkend="sec-meta-attributes"/> for an explanation.
</para>
</section>
</chapter>

7
nixos/doc/manual/release-notes/rl-1609.xml
View file

@ -165,6 +165,13 @@ following incompatible changes:</para>
</para>
</listitem>
<listitem>
<para>PHP now scans for extra configuration .ini files in /etc/php.d
instead of /etc. This prevents accidentally loading non-PHP .ini files
that may be in /etc.
</para>
</listitem>
</itemizedlist>

9
nixos/doc/manual/release-notes/rl-1703.xml
View file

@ -43,6 +43,15 @@ following incompatible changes:</para>
<literal>radicale</literal>.
</para>
</listitem>
<listitem>
<para>
The Yama LSM is now enabled by default in the kernel,
which prevents ptracing non-child processes.
This means you will not be able to attach gdb to an existing process,
but will need to start that process from gdb (so it is a child).
</para>
</listitem>
</itemizedlist>

2
nixos/modules/config/debug-info.nix
View file

@ -20,7 +20,7 @@ with lib;
<!-- FIXME: ugly, see #10721 -->
<programlisting>
nixpkgs.config.packageOverrides = pkgs: {
hello = overrideDerivation pkgs.hello (attrs: {
hello = pkgs.lib.overrideDerivation pkgs.hello (attrs: {
outputs = attrs.outputs or ["out"] ++ ["debug"];
buildInputs = attrs.buildInputs ++ [&lt;nixpkgs/pkgs/build-support/setup-hooks/separate-debug-info.sh>];
});

5
nixos/modules/config/timezone.nix
View file

@ -37,14 +37,15 @@ in
environment.sessionVariables.TZDIR = "/etc/zoneinfo";
# This way services are restarted when tzdata changes.
systemd.globalEnvironment.TZDIR = tzdir;
environment.etc.localtime =
{ source = "${tzdir}/${config.time.timeZone}";
{ source = "/etc/zoneinfo/${config.time.timeZone}";
mode = "direct-symlink";
};
environment.etc.zoneinfo.source = "${pkgs.tzdata}/share/zoneinfo";
environment.etc.zoneinfo.source = tzdir;
};

4
nixos/modules/module-list.nix
View file

@ -437,6 +437,7 @@
./services/networking/wakeonlan.nix
./services/networking/websockify.nix
./services/networking/wicd.nix
./services/networking/wireguard.nix
./services/networking/wpa_supplicant.nix
./services/networking/xinetd.nix
./services/networking/xl2tpd.nix
@ -480,6 +481,7 @@
./services/ttys/gpm.nix
./services/ttys/kmscon.nix
./services/web-apps/mattermost.nix
./services/web-apps/nixbot.nix
./services/web-apps/pump.io.nix
./services/web-apps/tt-rss.nix
./services/web-apps/selfoss.nix
@ -515,6 +517,7 @@
./services/x11/hardware/synaptics.nix
./services/x11/hardware/wacom.nix
./services/x11/redshift.nix
./services/x11/urxvtd.nix
./services/x11/window-managers/awesome.nix
#./services/x11/window-managers/compiz.nix
./services/x11/window-managers/default.nix
@ -557,6 +560,7 @@
./system/boot/stage-1.nix
./system/boot/stage-2.nix
./system/boot/systemd.nix
./system/boot/systemd-nspawn.nix
./system/boot/timesyncd.nix
./system/boot/tmp.nix
./system/etc/etc.nix

28
nixos/modules/security/ca.nix
View file

@ -4,10 +4,16 @@ with lib;
let
cfg = config.security.pki;
cacertPackage = pkgs.cacert.override {
blacklist = cfg.caCertificateBlacklist;
};
caCertificates = pkgs.runCommand "ca-certificates.crt"
{ files =
config.security.pki.certificateFiles ++
[ (builtins.toFile "extra.crt" (concatStringsSep "\n" config.security.pki.certificates)) ];
cfg.certificateFiles ++
[ (builtins.toFile "extra.crt" (concatStringsSep "\n" cfg.certificates)) ];
}
''
cat $files > $out
@ -52,11 +58,27 @@ in
'';
};
security.pki.caCertificateBlacklist = mkOption {
type = types.listOf types.str;
default = [];
example = [
"WoSign" "WoSign China"
"CA WoSign ECC Root"
"Certification Authority of WoSign G2"
];
description = ''
A list of blacklisted CA certificate names that won't be imported from
the Mozilla Trust Store into
<filename>/etc/ssl/certs/ca-certificates.crt</filename>. Use the
names from that file.
'';
};
};
config = {
security.pki.certificateFiles = [ "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" ];
security.pki.certificateFiles = [ "${cacertPackage}/etc/ssl/certs/ca-bundle.crt" ];
# NixOS canonical location + Debian/Ubuntu/Arch/Gentoo compatibility.
environment.etc."ssl/certs/ca-certificates.crt".source = caCertificates;

3
nixos/modules/services/databases/mysql.nix
View file

@ -53,7 +53,8 @@ in
package = mkOption {
type = types.package;
default = pkgs.mysql;
example = literalExample "pkgs.mysql";
defaultText = "pkgs.mysql";
example = literalExample "pkgs.mysql55";
description = "
Which MySQL derivation to use.
";

56
nixos/modules/services/editors/emacs.xml
View file

@ -43,9 +43,10 @@
<title>Installing <application>Emacs</application></title>
<para>
Emacs can installed in the normal way for Nix (see <xref
linkend="sec-package-management" />). In addition, a NixOS
<emphasis>service</emphasis> can be enabled.
Emacs can be installed in the normal way for Nix (see
<xref linkend="sec-package-management" />).
In addition, a NixOS <emphasis>service</emphasis>
can be enabled.
</para>
<section>
@ -564,6 +565,55 @@ services.emacs.install = true;
&lt;RET&gt; nixos-rebuild &lt;RET&gt;.</literal>
</para>
</section>
<section xml:id="sec-emacs-docbook-xml">
<title>Editing DocBook 5 XML Documents</title>
<para>
Emacs includes <link
xlink:href="https://www.gnu.org/software/emacs/manual/html_node/nxml-mode/Introduction.html">nXML</link>,
a major-mode for validating and editing XML documents.
When editing DocBook 5.0 documents, such as
<link linkend="book-nixos-manual">this one</link>,
nXML needs to be configured with the relevant schema, which is
not included.
</para>
<para>
To install the DocBook 5.0 schemas, either add
<varname>pkgs.docbook5</varname> to
<varname>environment.systemPackages</varname> (<link
linkend="sec-declarative-package-mgmt">NixOS</link>), or run
<literal>nix-env -i pkgs.docbook5</literal>
(<link linkend="sec-ad-hoc-packages">Nix</link>).
</para>
<para>
Then customize the variable <varname>rng-schema-locating-files</varname> to include <filename>~/.emacs.d/schemas.xml</filename> and put the following text into that file:
<example xml:id="ex-emacs-docbook-xml">
<title>nXML Schema Configuration (<filename>~/.emacs.d/schemas.xml</filename>)</title>
<programlisting language="xml"><![CDATA[
<?xml version="1.0"?>
<!--
To let emacs find this file, evaluate:
(add-to-list 'rng-schema-locating-files "~/.emacs.d/schemas.xml")
-->
<locatingRules xmlns="http://thaiopensource.com/ns/locating-rules/1.0">
<!--
Use this variation if pkgs.docbook5 is added to environment.systemPackages
-->
<namespace ns="http://docbook.org/ns/docbook"
uri="/run/current-system/sw/share/xml/docbook-5.0/rng/docbookxi.rnc"/>
<!--
Use this variation if installing schema with "nix-env -iA pkgs.docbook5".
<namespace ns="http://docbook.org/ns/docbook"
uri="../.nix-profile/share/xml/docbook-5.0/rng/docbookxi.rnc"/>
-->
</locatingRules>
]]></programlisting>
</example>
</para>
</section>
</section>
</chapter>

4
nixos/modules/services/monitoring/prometheus/default.nix
View file

@ -300,13 +300,14 @@ let
};
regex = mkOption {
type = types.str;
default = "(.*)";
description = ''
Regular expression against which the extracted value is matched.
'';
};
replacement = mkOption {
type = types.str;
default = "";
default = "$1";
description = ''
Replacement value against which a regex replace is performed if the
regular expression matches.
@ -314,6 +315,7 @@ let
};
action = mkOption {
type = types.enum ["replace" "keep" "drop"];
default = "replace";
description = ''
Action to perform based on regex matching.
'';

9
nixos/modules/services/networking/dhcpd.nix
View file

@ -66,6 +66,14 @@ in
";
};
extraFlags = mkOption {
default = "";
example = "-6";
description = "
Additional command line flags to be passed to the dhcpd daemon.
";
};
configFile = mkOption {
default = null;
description = "
@ -138,6 +146,7 @@ in
{ ExecStart = "@${pkgs.dhcp}/sbin/dhcpd dhcpd"
+ " -pf /run/dhcpd/dhcpd.pid -cf ${configFile}"
+ " -lf ${stateDir}/dhcpd.leases -user dhcpd -group nogroup"
+ " ${cfg.extraFlags}"
+ " ${toString cfg.interfaces}";
Restart = "always";
Type = "forking";

13
nixos/modules/services/networking/firewall.nix
View file

@ -100,13 +100,13 @@ let
# Perform a reverse-path test to refuse spoofers
# For now, we just drop, as the raw table doesn't have a log-refuse yet
${optionalString (kernelHasRPFilter && cfg.checkReversePath) ''
${optionalString (kernelHasRPFilter && (cfg.checkReversePath != false)) ''
# Clean up rpfilter rules
ip46tables -t raw -D PREROUTING -j nixos-fw-rpfilter 2> /dev/null || true
ip46tables -t raw -F nixos-fw-rpfilter 2> /dev/null || true
ip46tables -t raw -N nixos-fw-rpfilter 2> /dev/null || true
ip46tables -t raw -A nixos-fw-rpfilter -m rpfilter -j RETURN
ip46tables -t raw -A nixos-fw-rpfilter -m rpfilter ${optionalString (cfg.checkReversePath == "loose") "--loose"} -j RETURN
# Allows this host to act as a DHCPv4 server
iptables -t raw -A nixos-fw-rpfilter -s 0.0.0.0 -d 255.255.255.255 -p udp --sport 68 --dport 67 -j RETURN
@ -200,7 +200,7 @@ let
# Clean up after added ruleset
ip46tables -D INPUT -j nixos-fw 2>/dev/null || true
${optionalString (kernelHasRPFilter && cfg.checkReversePath) ''
${optionalString (kernelHasRPFilter && (cfg.checkReversePath != false)) ''
ip46tables -t raw -D PREROUTING -j nixos-fw-rpfilter 2>/dev/null || true
''}
@ -373,7 +373,7 @@ in
networking.firewall.checkReversePath = mkOption {
default = kernelHasRPFilter;
type = types.bool;
type = types.either types.bool (types.enum ["strict" "loose"]);
description =
''
Performs a reverse path filter test on a packet.
@ -381,7 +381,8 @@ in
that the packet arrived on, it is refused.
If using asymmetric routing or other complicated routing,
disable this setting and setup your own counter-measures.
set this option to loose mode or disable it and setup your
own counter-measures.
(needs kernel 3.3+)
'';
@ -482,7 +483,7 @@ in
options nf_conntrack nf_conntrack_helper=0
'';
assertions = [ { assertion = ! cfg.checkReversePath || kernelHasRPFilter;
assertions = [ { assertion = (cfg.checkReversePath != false) || kernelHasRPFilter;
message = "This kernel does not support rpfilter"; }
{ assertion = cfg.autoLoadConntrackHelpers || kernelCanDisableHelpers;
message = "This kernel does not support disabling conntrack helpers"; }

6
nixos/modules/services/networking/kippo.nix
View file

@ -54,7 +54,7 @@ rec {
};
config = mkIf cfg.enable {
environment.systemPackages = with pkgs.pythonPackages; [
python twisted_11 pycrypto pyasn1 ];
python pkgs.kippo.twisted pycrypto pyasn1 ];
environment.etc."kippo.cfg".text = ''
# Automatically generated by NixOS.
@ -84,7 +84,7 @@ rec {
description = "Kippo Web Server";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
environment.PYTHONPATH = "${pkgs.kippo}/src/:${pkgs.pythonPackages.pycrypto}/lib/python2.7/site-packages/:${pkgs.pythonPackages.pyasn1}/lib/python2.7/site-packages/:${pkgs.pythonPackages.python}/lib/python2.7/site-packages/:${pkgs.pythonPackages.twisted_11}/lib/python2.7/site-packages/:.";
environment.PYTHONPATH = "${pkgs.kippo}/src/:${pkgs.pythonPackages.pycrypto}/lib/python2.7/site-packages/:${pkgs.pythonPackages.pyasn1}/lib/python2.7/site-packages/:${pkgs.pythonPackages.python}/lib/python2.7/site-packages/:${pkgs.kippo.twisted}/lib/python2.7/site-packages/:.";
preStart = ''
if [ ! -d ${cfg.varPath}/ ] ; then
mkdir -p ${cfg.logPath}/tty
@ -107,7 +107,7 @@ rec {
fi
'';
serviceConfig.ExecStart = "${pkgs.pythonPackages.twisted_11}/bin/twistd -y ${pkgs.kippo}/src/kippo.tac --syslog --rundir=${cfg.varPath}/ --pidfile=${cfg.pidPath}/kippo.pid --prefix=kippo -n";
serviceConfig.ExecStart = "${pkgs.kippo.twisted}/bin/twistd -y ${pkgs.kippo}/src/kippo.tac --syslog --rundir=${cfg.varPath}/ --pidfile=${cfg.pidPath}/kippo.pid --prefix=kippo -n";
serviceConfig.PermissionsStartOnly = true;
serviceConfig.User = "kippo";
serviceConfig.Group = "kippo";

103
nixos/modules/services/networking/smokeping.nix
View file

@ -6,31 +6,39 @@ let
cfg = config.services.smokeping;
smokepingHome = "/var/lib/smokeping";
smokepingPidDir = "/run";
configFile = ''
*** General ***
owner = ${cfg.owner}
contact = ${cfg.ownerEmail}
mailhost = ${cfg.mailHost}
#sendmail = /var/setuid-wrappers/sendmail
imgcache = ${smokepingHome}/cache
imgurl = http://${cfg.hostName}:${builtins.toString cfg.port}/cache
datadir = ${smokepingHome}/data
piddir = ${smokepingPidDir}
cgiurl = http://${cfg.hostName}:${builtins.toString cfg.port}/smokeping.cgi
smokemail = ${cfg.smokeMailTemplate}
*** Presentation ***
template = ${cfg.presentationTemplate}
${cfg.presentationConfig}
#*** Alerts ***
#${cfg.alertConfig}
*** Database ***
${cfg.databaseConfig}
*** Probes ***
${cfg.probeConfig}
*** Targets ***
${cfg.targetConfig}
${cfg.extraConfig}
'';
configFile =
if cfg.config == null
then
''
*** General ***
owner = ${cfg.owner}
contact = ${cfg.ownerEmail}
${lib.optionalString (cfg.mailHost != "") "mailhost = ${cfg.mailHost}"}
${lib.optionalString (cfg.sendmail != null) "sendmail = ${cfg.sendmail}"}
imgcache = ${smokepingHome}/cache
imgurl = http://${cfg.hostName}:${builtins.toString cfg.port}/cache
datadir = ${smokepingHome}/data
pagedir = ${smokepingHome}/cache
piddir = ${smokepingPidDir}
cgiurl = http://${cfg.hostName}:${builtins.toString cfg.port}/smokeping.cgi
linkstyle = ${cfg.linkStyle}
smokemail = ${cfg.smokeMailTemplate}
*** Presentation ***
template = ${cfg.presentationTemplate}
${cfg.presentationConfig}
*** Alerts ***
${cfg.alertConfig}
*** Database ***
${cfg.databaseConfig}
*** Probes ***
${cfg.probeConfig}
*** Targets ***
${cfg.targetConfig}
${cfg.extraConfig}
''
else
cfg.config;
configPath = pkgs.writeText "smokeping.conf" configFile;
cgiHome = pkgs.writeScript "smokeping.fcgi" ''
#!${pkgs.bash}/bin/bash
@ -59,8 +67,15 @@ in
};
mailHost = mkOption {
type = types.string;
default = "127.0.0.1";
description = "Use this SMTP server rather than localhost";
default = "";
example = "localhost";
description = "Use this SMTP server to send alerts";
};
sendmail = mkOption {
type = types.nullOr types.path;
default = null;
example = "/var/setuid-wrappers/sendmail";
description = "Use this sendmail compatible script to deliver alerts";
};
smokeMailTemplate = mkOption {
type = types.string;
@ -71,6 +86,7 @@ in
package = mkOption {
type = types.package;
default = pkgs.smokeping;
defaultText = "pkgs.smokeping";
description = "Specify a custom smokeping package";
};
owner = mkOption {
@ -85,6 +101,12 @@ in
example = "somewhere.example.com";
description = "DNS name for the urls generated in the cgi.";
};
linkStyle = mkOption {
type = types.enum ["original" "absolute" "relative"];
default = "relative";
example = "absolute";
description = "DNS name for the urls generated in the cgi.";
};
port = mkOption {
type = types.int;
default = 8081;
@ -132,7 +154,10 @@ in
};
alertConfig = mkOption {
type = types.string;
default = "";
default = ''
to = root@localhost
from = smokeping@localhost
'';
example = literalExample ''
to = alertee@address.somewhere
from = smokealert@company.xy
@ -223,12 +248,26 @@ in
default = "";
description = "Any additional customization not already included.";
};
config = mkOption {
type = types.nullOr types.string;
default = null;
description = "Full smokeping config supplied by the user. Overrides " +
"and replaces any other configuration supplied.";
};
};
};
config = mkIf cfg.enable {
assertions = [
{
assertion = !(cfg.sendmail != null && cfg.mailHost != "");
message = "services.smokeping: sendmail and Mailhost cannot both be enabled.";
}
];
security.setuidPrograms = [ "fping" ];
environment.systemPackages = [ pkgs.fping ];
users.extraUsers = singleton {
name = cfg.user;
isNormalUser = false;
@ -243,9 +282,12 @@ in
serviceConfig.PermissionsStartOnly = true;
preStart = ''
mkdir -m 0755 -p ${smokepingHome}/cache ${smokepingHome}/data
rm -f ${smokepingHome}/cropper
ln -s ${cfg.package}/htdocs/cropper ${smokepingHome}/cropper
chown -R ${cfg.user} ${smokepingHome}
cp ${cgiHome} ${smokepingHome}/smokeping.fcgi
${cfg.package}/bin/smokeping --check --config=${configPath}
${cfg.package}/bin/smokeping --static --config=${configPath}
'';
script = ''${cfg.package}/bin/smokeping --config=${configPath} --nodaemon'';
};
@ -253,8 +295,9 @@ in
wantedBy = [ "multi-user.target"];
requires = [ "smokeping.service"];
partOf = [ "smokeping.service"];
path = with pkgs; [ bash rrdtool smokeping ];
script = ''${pkgs.thttpd}/bin/thttpd -u ${cfg.user} -c "**.fcgi" -d ${smokepingHome} -p ${builtins.toString cfg.port} -D'';
path = with pkgs; [ bash rrdtool smokeping thttpd ];
script = ''thttpd -u ${cfg.user} -c "**.fcgi" -d ${smokepingHome} -p ${builtins.toString cfg.port} -D -nos'';
serviceConfig.Restart = "always";
};
};
}

225
nixos/modules/services/networking/wireguard.nix Normal file
View file

@ -0,0 +1,225 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.networking.wireguard;
kernel = config.boot.kernelPackages;
# interface options
interfaceOpts = { name, ... }: {
options = {
ips = mkOption {
example = [ "192.168.2.1/24" ];
default = [];
type = with types; listOf str;
description = "The IP addresses of the interface.";
};
privateKey = mkOption {
example = "yAnz5TF+lXXJte14tji3zlMNq+hd2rYUIgJBgB3fBmk=";
type = types.str;
description = "Base64 private key generated by wg genkey.";
};
presharedKey = mkOption {
default = null;
example = "rVXs/Ni9tu3oDBLS4hOyAUAa1qTWVA3loR8eL20os3I=";
type = with types; nullOr str;
description = ''base64 preshared key generated by wg genpsk. Optional,
and may be omitted. This option adds an additional layer of
symmetric-key cryptography to be mixed into the already existing
public-key cryptography, for post-quantum resistance.'';
};
listenPort = mkOption {
default = null;
type = with types; nullOr int;
example = 51820;
description = ''16-bit port for listening. Optional; if not specified,
automatically generated based on interface name.'';
};
preSetup = mkOption {
example = literalExample [''
${pkgs.iproute}/bin/ip netns add foo
''];
default = [];
type = with types; listOf str;
description = ''A list of commands called at the start of the interface
setup.'';
};
postSetup = mkOption {
example = literalExample [''
${pkgs.bash} -c 'printf "nameserver 10.200.100.1" | ${pkgs.openresolv}/bin/resolvconf -a wg0 -m 0'
''];
default = [];
type = with types; listOf str;
description = "A list of commands called at the end of the interface setup.";
};
postShutdown = mkOption {
example = literalExample ["${pkgs.openresolv}/bin/resolvconf -d wg0"];
default = [];
type = with types; listOf str;
description = "A list of commands called after shutting down the interface.";
};
peers = mkOption {
default = [];
description = "Peers linked to the interface.";
type = with types; listOf (submodule peerOpts);
};
};
};
# peer options
peerOpts = {
options = {
publicKey = mkOption {
example = "xTIBA5rboUvnH4htodjb6e697QjLERt1NAB4mZqp8Dg=";
type = types.str;
description = "The base64 public key the peer.";
};
allowedIPs = mkOption {
example = [ "10.192.122.3/32" "10.192.124.1/24" ];
type = with types; listOf str;
description = ''List of IP (v4 or v6) addresses with CIDR masks from
which this peer is allowed to send incoming traffic and to which
outgoing traffic for this peer is directed. The catch-all 0.0.0.0/0 may
be specified for matching all IPv4 addresses, and ::/0 may be specified
for matching all IPv6 addresses.'';
};
endpoint = mkOption {
default = null;
example = "demo.wireguard.io:12913";
type = with types; nullOr str;
description = ''Endpoint IP or hostname of the peer, followed by a colon,
and then a port number of the peer.'';
};
persistentKeepalive = mkOption {
default = null;
type = with types; nullOr int;
example = 25;
description = ''This is optional and is by default off, because most
users will not need it. It represents, in seconds, between 1 and 65535
inclusive, how often to send an authenticated empty packet to the peer,
for the purpose of keeping a stateful firewall or NAT mapping valid
persistently. For example, if the interface very rarely sends traffic,
but it might at anytime receive traffic from a peer, and it is behind
NAT, the interface might benefit from having a persistent keepalive
interval of 25 seconds; however, most users will not need this.'';
};
};
};
generateConf = name: values: pkgs.writeText "wireguard-${name}.conf" ''
[Interface]
PrivateKey = ${values.privateKey}
${optionalString (values.presharedKey != null) "PresharedKey = ${values.presharedKey}"}
${optionalString (values.listenPort != null) "ListenPort = ${toString values.listenPort}"}
${concatStringsSep "\n\n" (map (peer: ''
[Peer]
PublicKey = ${peer.publicKey}
${optionalString (peer.allowedIPs != []) "AllowedIPs = ${concatStringsSep ", " peer.allowedIPs}"}
${optionalString (peer.endpoint != null) "Endpoint = ${peer.endpoint}"}
${optionalString (peer.persistentKeepalive != null) "PersistentKeepalive = ${toString peer.persistentKeepalive}"}
'') values.peers)}
'';
ipCommand = "${pkgs.iproute}/bin/ip";
wgCommand = "${pkgs.wireguard}/bin/wg";
generateUnit = name: values:
nameValuePair "wireguard-${name}"
{
description = "WireGuard Tunnel - ${name}";
wantedBy = [ "ip-up.target" ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
ExecStart = lib.flatten([
values.preSetup
"-${ipCommand} link del dev ${name}"
"${ipCommand} link add dev ${name} type wireguard"
"${wgCommand} setconf ${name} ${generateConf name values}"
(map (ip:
''${ipCommand} address add ${ip} dev ${name}''
) values.ips)
"${ipCommand} link set up dev ${name}"
(flatten (map (peer: (map (ip:
"${ipCommand} route add ${ip} dev ${name}"
) peer.allowedIPs)) values.peers))
values.postSetup
]);
ExecStop = [ ''${ipCommand} link del dev "${name}"'' ] ++ values.postShutdown;
};
};
in
{
###### interface
options = {
networking.wireguard = {
interfaces = mkOption {
description = "Wireguard interfaces.";
default = {};
example = {
wg0 = {
ips = [ "192.168.20.4/24" ];
privateKey = "yAnz5TF+lXXJte14tji3zlMNq+hd2rYUIgJBgB3fBmk=";
peers = [
{ allowedIPs = [ "192.168.20.1/32" ];
publicKey = "xTIBA5rboUvnH4htodjb6e697QjLERt1NAB4mZqp8Dg=";
endpoint = "demo.wireguard.io:12913"; }
];
};
};
type = with types; attrsOf (submodule interfaceOpts);
};
};
};
###### implementation
config = mkIf (cfg.interfaces != {}) {
boot.extraModulePackages = [ kernel.wireguard ];
environment.systemPackages = [ pkgs.wireguard ];
systemd.services = mapAttrs' generateUnit cfg.interfaces;
};
}

57
nixos/modules/services/torrent/deluge.nix
View file

@ -5,26 +5,36 @@ with lib;
let
cfg = config.services.deluge;
cfg_web = config.services.deluge.web;
openFilesLimit = 4096;
in {
options = {
services.deluge = {
enable = mkOption {
default = false;
example = true;
description = ''
Start Deluge daemon.
'';
};
};
services = {
deluge = {
enable = mkOption {
default = false;
example = true;
description = "Start the Deluge daemon";
};
services.deluge.web = {
enable = mkOption {
default = false;
example = true;
description = ''
Start Deluge Web daemon.
'';
};
openFilesLimit = mkOption {
default = openFilesLimit;
example = 8192;
description = ''
Number of files to allow deluged to open.
'';
};
};
deluge.web = {
enable = mkOption {
default = false;
example = true;
description = ''
Start Deluge Web daemon.
'';
};
};
};
};
@ -35,11 +45,14 @@ in {
description = "Deluge BitTorrent Daemon";
wantedBy = [ "multi-user.target" ];
path = [ pkgs.pythonPackages.deluge ];
serviceConfig.ExecStart = "${pkgs.pythonPackages.deluge}/bin/deluged -d";
# To prevent "Quit & shutdown daemon" from working; we want systemd to manage it!
serviceConfig.Restart = "on-success";
serviceConfig.User = "deluge";
serviceConfig.Group = "deluge";
serviceConfig = {
ExecStart = "${pkgs.pythonPackages.deluge}/bin/deluged -d";
# To prevent "Quit & shutdown daemon" from working; we want systemd to manage it!
Restart = "on-success";
User = "deluge";
Group = "deluge";
LimitNOFILE = cfg.openFilesLimit;
};
};
systemd.services.delugeweb = mkIf cfg_web.enable {

149
nixos/modules/services/web-apps/nixbot.nix Normal file
View file

@ -0,0 +1,149 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.nixbot;
pyramidIni = ''
###
# app configuration
# http://docs.pylonsproject.org/projects/pyramid/en/1.7-branch/narr/environment.html
###
[app:main]
use = egg:nixbot
nixbot.github_token = ${cfg.githubToken}
nixbot.bot_name = ${cfg.botName}
nixbot.repo = ${cfg.repo}
nixbot.pr_repo = ${cfg.prRepo}
nixbot.hydra_jobsets_repo = ${cfg.hydraJobsetsRepo}
nixbot.github_secret = justnotsorandom
nixbot.public_url = ${cfg.publicUrl}
nixbot.repo_dir = ${cfg.repoDir}
pyramid.reload_templates = false
pyramid.debug_authorization = false
pyramid.debug_notfound = false
pyramid.debug_routematch = false
pyramid.default_locale_name = en
# By default, the toolbar only appears for clients from IP addresses
# '127.0.0.1' and '::1'.
# debugtoolbar.hosts = 127.0.0.1 ::1
###
# wsgi server configuration
###
[server:main]
use = egg:waitress#main
host = 0.0.0.0
port = 6543
###
# logging configuration
# http://docs.pylonsproject.org/projects/pyramid/en/1.7-branch/narr/logging.html
###
[loggers]
keys = root, nixbot
[handlers]
keys = console
[formatters]
keys = generic
[logger_root]
level = INFO
handlers = console
[logger_nixbot]
level = INFO
handlers =
qualname = nixbot
[handler_console]
class = StreamHandler
args = (sys.stderr,)
level = NOTSET
formatter = generic
[formatter_generic]
format = %(asctime)s %(levelname)-5.5s [%(name)s:%(lineno)s][%(threadName)s] %(message)s
'';
in {
options = {
services.nixbot = {
enable = mkEnableOption "nixbot";
botName = mkOption {
type = types.str;
description = "The bot's github user account name.";
default = "nixbot";
};
githubToken = mkOption {
type = types.str;
description = "The bot's github user account token.";
example = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
};
repo = mkOption {
type = types.str;
description = "The github repository to check for PRs.";
example = "nixos/nixpkgs";
};
prRepo = mkOption {
type = types.str;
description = "The github repository to push the testing branches to.";
example = "nixos/nixpkgs-pr";
};
hydraJobsetsRepo = mkOption {
type = types.str;
description = "The github repository to push the hydra jobset definitions to.";
example = "nixos/hydra-jobsets";
};
publicUrl = mkOption {
type = types.str;
description = "The public URL the bot is reachable at (Github hook endpoint).";
example = "https://nixbot.nixos.org";
};
repoDir = mkOption {
type = types.path;
description = "The directory the repositories are stored in.";
default = "/var/lib/nixbot";
};
};
};
config = mkIf cfg.enable {
users.extraUsers.nixbot = {
createHome = true;
home = cfg.repoDir;
};
systemd.services.nixbot = let
env = pkgs.python3.buildEnv.override {
extraLibs = [ pkgs.nixbot ];
};
in {
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
script = ''
${env}/bin/pserve ${pkgs.writeText "production.ini" pyramidIni}
'';
serviceConfig = {
User = "nixbot";
Group = "nogroup";
PermissionsStartOnly = true;
};
};
};
}

3
nixos/modules/services/web-servers/nginx/default.nix
View file

@ -394,6 +394,9 @@ in
optionalAttrs vhostConfig.enableACME {
webroot = vhostConfig.acmeRoot;
extraDomains = genAttrs vhostConfig.serverAliases (alias: null);
postRun = ''
systemctl reload nginx
'';
}
) virtualHosts
);

2
nixos/modules/services/web-servers/phpfpm/default.nix
View file

@ -128,8 +128,8 @@ in {
serviceConfig = {
Type = "notify";
ExecStart = "${cfg.phpPackage}/bin/php-fpm -y ${cfgFile} -c ${phpIni}";
ExecReload = "${pkgs.coreutils}/bin/kill -USR2 $MAINPID";
};
};
};
}

2
nixos/modules/services/x11/desktop-managers/default.nix
View file

@ -19,7 +19,7 @@ in
# E.g., if KDE is enabled, it supersedes xterm.
imports = [
./none.nix ./xterm.nix ./xfce.nix ./kde4.nix ./kde5.nix
./enlightenment.nix ./gnome3.nix ./kodi.nix
./lxqt.nix ./enlightenment.nix ./gnome3.nix ./kodi.nix
];
options = {

81
nixos/modules/services/x11/desktop-managers/lxqt.nix Normal file
View file

@ -0,0 +1,81 @@
{ config, lib, pkgs, ... }:
with lib;
let
xcfg = config.services.xserver;
cfg = xcfg.desktopManager.lxqt;
in
{
options = {
services.xserver.desktopManager.lxqt.enable = mkOption {
type = types.bool;
default = false;
description = "Enable the LXQt desktop manager";
};
};
config = mkIf (xcfg.enable && cfg.enable) {
services.xserver.desktopManager.session = singleton {
name = "lxqt";
start = ''
exec ${pkgs.lxqt.lxqt-common}/bin/startlxqt
'';
};
environment.systemPackages = [
pkgs.kde5.kwindowsystem # provides some QT5 plugins needed by lxqt-panel
pkgs.kde5.libkscreen # provides plugins for screen management software
pkgs.kde5.oxygen-icons5 # default icon theme
pkgs.libfm
pkgs.libfm-extra
pkgs.lxmenu-data
pkgs.lxqt.compton-conf
pkgs.lxqt.libfm-qt
pkgs.lxqt.liblxqt
pkgs.lxqt.libqtxdg
pkgs.lxqt.libsysstat
pkgs.lxqt.lximage-qt
pkgs.lxqt.lxqt-about
pkgs.lxqt.lxqt-admin
pkgs.lxqt.lxqt-common
pkgs.lxqt.lxqt-config
pkgs.lxqt.lxqt-globalkeys
pkgs.lxqt.lxqt-l10n
pkgs.lxqt.lxqt-notificationd
pkgs.lxqt.lxqt-openssh-askpass
pkgs.lxqt.lxqt-panel
pkgs.lxqt.lxqt-policykit
pkgs.lxqt.lxqt-powermanagement
pkgs.lxqt.lxqt-qtplugin
pkgs.lxqt.lxqt-runner
pkgs.lxqt.lxqt-session
pkgs.lxqt.lxqt-sudo
pkgs.lxqt.obconf-qt
pkgs.lxqt.pavucontrol-qt
pkgs.lxqt.pcmanfm-qt
pkgs.lxqt.qps
pkgs.lxqt.qterminal
pkgs.lxqt.qtermwidget
pkgs.menu-cache
pkgs.openbox # default window manager
pkgs.qt5.qtsvg # provides QT5 plugins for svg icons
pkgs.xscreensaver
];
# Link some extra directories in /run/current-system/software/share
environment.pathsToLink = [
"/share/desktop-directories"
"/share/icons"
"/share/lxqt"
];
};
}

2
nixos/modules/services/x11/display-managers/sddm.nix
View file

@ -14,7 +14,7 @@ let
xserverWrapper = pkgs.writeScript "xserver-wrapper" ''
#!/bin/sh
${concatMapStrings (n: "export ${n}=\"${getAttr n xEnv}\"\n") (attrNames xEnv)}
exec ${dmcfg.xserverBin} ${dmcfg.xserverArgs} "$@"
exec systemd-cat ${dmcfg.xserverBin} ${dmcfg.xserverArgs} "$@"
'';
Xsetup = pkgs.writeScript "Xsetup" ''

49
nixos/modules/services/x11/urxvtd.nix Normal file
View file

@ -0,0 +1,49 @@
{ config, lib, pkgs, ... }:
# maintainer: siddharthist
with lib;
let
cfg = config.services.urxvtd;
in {
options.services.urxvtd.enable = mkOption {
type = types.bool;
default = false;
example = true;
description = ''
Enable urxvtd, the urxvt terminal daemon. To use urxvtd, run
"urxvtc".
'';
};
config = mkIf cfg.enable {
systemd.user = {
sockets.urxvtd = {
description = "socket for urxvtd, the urxvt terminal daemon";
after = [ "graphical.target" ];
wants = [ "graphical.target" ];
wantedBy = [ "sockets.target" ];
socketConfig = {
ListenStream = "%t/urxvtd-socket";
};
};
services.urxvtd = {
description = "urxvt terminal daemon";
serviceConfig = {
ExecStart = "${pkgs.rxvt_unicode-with-plugins}/bin/urxvtd -o";
Environment = "RXVT_SOCKET=%t/urxvtd-socket";
Restart = "on-failure";
RestartSec = "5s";
};
};
};
environment.systemPackages = [ pkgs.rxvt_unicode-with-plugins ];
environment.variables.RXVT_SOCKET = "/run/user/$(id -u)/urxvtd-socket";
};
}

4
nixos/modules/services/x11/xserver.nix
View file

@ -539,6 +539,10 @@ in
Restart = "always";
RestartSec = "200ms";
SyslogIdentifier = "display-manager";
# Stop restarting if the display manager stops (crashes) 2 times
# in one minute. Starting X typically takes 3-4s.
StartLimitInterval = "30s";
StartLimitBurst = "3";
};
};

1
nixos/modules/system/activation/activation-script.nix
View file

@ -145,6 +145,7 @@ in
${pkgs.e2fsprogs}/bin/chattr -f -i /var/empty || true
find /var/empty -mindepth 1 -delete
chmod 0555 /var/empty
chown root:root /var/empty
${pkgs.e2fsprogs}/bin/chattr -f +i /var/empty || true
'';

121
nixos/modules/system/boot/systemd-nspawn.nix Normal file
View file

@ -0,0 +1,121 @@
{ config, lib , pkgs, ...}:
with lib;
with import ./systemd-unit-options.nix { inherit config lib; };
with import ./systemd-lib.nix { inherit config lib pkgs; };
let
cfg = config.systemd.nspawn;
assertions = [
# boot = true -> processtwo != true
];
checkExec = checkUnitConfig "Exec" [
(assertOnlyFields [
"Boot" "ProcessTwo" "Parameters" "Environment" "User" "WorkingDirectory"
"Capability" "DropCapability" "KillSignal" "Personality" "MachineId"
"PrivateUsers"
])
(assertValueOneOf "Boot" boolValues)
(assertValueOneOf "ProcessTwo" boolValues)
(assertValueOneOf "PrivateUsers" (boolValues ++ [ "pick" ]))
];
checkFiles = checkUnitConfig "Files" [
(assertOnlyFields [
"ReadOnly" "Volatile" "Bind" "BindReadOnly" "TemporaryFileSystems"
"PrivateUsersChown"
])
(assertValueOneOf "ReadOnly" boolValues)
(assertValueOneOf "Volatile" (boolValues ++ [ "state" ]))
(assertValueOneOf "PrivateUsersChown" boolValues)
];
checkNetwork = checkUnitConfig "Network" [
(assertOnlyFields [
"Private" "VirtualEthernet" "VirtualEthernetExtra" "Interface" "MACVLAN"
"IPVLAN" "Bridge" "Zone" "Port"
])
(assertValueOneOf "Private" boolValues)
(assertValueOneOf "VirtualEthernet" boolValues)
];
instanceOptions = {
execConfig = mkOption {
default = {};
example = { Parameters = "/bin/sh"; };
type = types.addCheck (types.attrsOf unitOption) checkExec;
description = ''
Each attribute in this set specifies an option in the
<literal>[Exec]</literal> section of this unit. See
<citerefentry><refentrytitle>systemd.nspawn</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
filesConfig = mkOption {
default = {};
example = { Bind = [ "/home/alice" ]; };
type = types.addCheck (types.attrsOf unitOption) checkFiles;
description = ''
Each attribute in this set specifies an option in the
<literal>[Files]</literal> section of this unit. See
<citerefentry><refentrytitle>systemd.nspawn</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
networkConfig = mkOption {
default = {};
example = { Private = false; };
type = types.addCheck (types.attrsOf unitOption) checkNetwork;
description = ''
Each attribute in this set specifies an option in the
<literal>[Network]</literal> section of this unit. See
<citerefentry><refentrytitle>systemd.nspawn</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
};
instanceToUnit = name: def:
{ text = ''
[Exec]
${attrsToSection def.execConfig}
[Files]
${attrsToSection def.filesConfig}
[Network]
${attrsToSection def.networkConfig}
'';
};
in {
options = {
systemd.nspawn = mkOption {
default = {};
type = types.attrsOf types.optionSet;
options = [ instanceOptions ];
description = "Definition of systemd-nspawn configurations.";
};
};
config =
let
units = mapAttrs' (n: v: nameValuePair "${n}.nspawn" (instanceToUnit n v)) cfg.instances;
in mkIf (cfg != {}) {
environment.etc."systemd/nspawn".source = generateUnits "nspawn" units [] [];
systemd.services."systemd-nspawn@" = {
wantedBy = [ "machine.target" ];
};
};
}

33
nixos/modules/tasks/network-interfaces-scripted.nix
View file

@ -46,6 +46,23 @@ in
systemd.services =
let
deviceDependency = dev:
if (config.boot.isContainer == false)
then
# Trust udev when not in the container
[ (subsystemDevice dev) ]
else
# When in the container, check whether the interface is built from other definitions
if (hasAttr dev cfg.bridges) ||
(hasAttr dev cfg.bonds) ||
(hasAttr dev cfg.macvlans) ||
(hasAttr dev cfg.sits) ||
(hasAttr dev cfg.vlans) ||
(hasAttr dev cfg.vswitches) ||
(hasAttr dev cfg.wlanInterfaces)
then [ "${dev}-netdev.service" ]
else [];
networkLocalCommands = {
after = [ "network-setup.service" ];
bindsTo = [ "network-setup.service" ];
@ -120,8 +137,8 @@ in
# order before network-setup because the routes that are configured
# there may need ip addresses configured
before = [ "network-setup.service" ];
bindsTo = [ (subsystemDevice i.name) ];
after = [ (subsystemDevice i.name) "network-pre.target" ];
bindsTo = deviceDependency i.name;
after = [ "network-pre.target" ] ++ (deviceDependency i.name);
serviceConfig.Type = "oneshot";
serviceConfig.RemainAfterExit = true;
path = [ pkgs.iproute ];
@ -179,7 +196,7 @@ in
createBridgeDevice = n: v: nameValuePair "${n}-netdev"
(let
deps = map subsystemDevice v.interfaces;
deps = concatLists (map deviceDependency v.interfaces);
in
{ description = "Bridge Interface ${n}";
wantedBy = [ "network-setup.service" (subsystemDevice n) ];
@ -220,7 +237,7 @@ in
createVswitchDevice = n: v: nameValuePair "${n}-netdev"
(let
deps = map subsystemDevice v.interfaces;
deps = concatLists (map deviceDependency v.interfaces);
ofRules = pkgs.writeText "vswitch-${n}-openFlowRules" v.openFlowRules;
in
{ description = "Open vSwitch Interface ${n}";
@ -253,7 +270,7 @@ in
createBondDevice = n: v: nameValuePair "${n}-netdev"
(let
deps = map subsystemDevice v.interfaces;
deps = concatLists (map deviceDependency v.interfaces);
in
{ description = "Bond Interface ${n}";
wantedBy = [ "network-setup.service" (subsystemDevice n) ];
@ -291,7 +308,7 @@ in
createMacvlanDevice = n: v: nameValuePair "${n}-netdev"
(let
deps = [ (subsystemDevice v.interface) ];
deps = deviceDependency v.interface;
in
{ description = "Vlan Interface ${n}";
wantedBy = [ "network-setup.service" (subsystemDevice n) ];
@ -316,7 +333,7 @@ in
createSitDevice = n: v: nameValuePair "${n}-netdev"
(let
deps = optional (v.dev != null) (subsystemDevice v.dev);
deps = optional (v.dev != null) (deviceDependency v.dev);
in
{ description = "6-to-4 Tunnel Interface ${n}";
wantedBy = [ "network-setup.service" (subsystemDevice n) ];
@ -344,7 +361,7 @@ in
createVlanDevice = n: v: nameValuePair "${n}-netdev"
(let
deps = [ (subsystemDevice v.interface) ];
deps = deviceDependency v.interface;
in
{ description = "Vlan Interface ${n}";
wantedBy = [ "network-setup.service" (subsystemDevice n) ];

13
nixos/modules/tasks/network-interfaces.nix
View file

@ -310,9 +310,9 @@ in
generate a random 32-bit ID using the following commands:
<literal>cksum /etc/machine-id | while read c rest; do printf "%x" $c; done</literal>
(this derives it from the machine-id that systemd generates) or
<literal>head -c4 /dev/urandom | od -A none -t x4</literal>
'';
};
@ -972,12 +972,17 @@ in
'';
};
} // (listToAttrs (flip map interfaces (i:
let
deviceDependency = if config.boot.isContainer
then []
else [ (subsystemDevice i.name) ];
in
nameValuePair "network-link-${i.name}"
{ description = "Link configuration of ${i.name}";
wantedBy = [ "network-interfaces.target" ];
before = [ "network-interfaces.target" ];
bindsTo = [ (subsystemDevice i.name) ];
after = [ (subsystemDevice i.name) "network-pre.target" ];
bindsTo = deviceDependency;
after = [ "network-pre.target" ] ++ deviceDependency;
path = [ pkgs.iproute ];
serviceConfig = {
Type = "oneshot";

2
nixos/modules/virtualisation/containers.nix
View file

@ -473,7 +473,7 @@ in
};
extraVeths = mkOption {
type = with types; attrsOf (submodule networkOptions);
type = with types; attrsOf (submodule { options = networkOptions; });
default = {};
description = ''
Extra veth-pairs to be created for the container

1
nixos/release.nix
View file

@ -227,6 +227,7 @@ in rec {
tests.containers-bridge = callTest tests/containers-bridge.nix {};
tests.containers-imperative = callTest tests/containers-imperative.nix {};
tests.containers-extra_veth = callTest tests/containers-extra_veth.nix {};
tests.containers-physical_interfaces = callTest tests/containers-physical_interfaces.nix {};
tests.docker = hydraJob (import tests/docker.nix { system = "x86_64-linux"; });
tests.dnscrypt-proxy = callTest tests/dnscrypt-proxy.nix { system = "x86_64-linux"; };
tests.ecryptfs = callTest tests/ecryptfs.nix {};

2
nixos/tests/boot-stage1.nix
View file

@ -3,7 +3,7 @@ import ./make-test.nix ({ pkgs, ... }: {
machine = { config, pkgs, lib, ... }: {
boot.extraModulePackages = let
compileKernelModule = name: source: pkgs.runCommand name rec {
compileKernelModule = name: source: pkgs.runCommandCC name rec {
inherit source;
kdev = config.boot.kernelPackages.kernel.dev;
kver = config.boot.kernelPackages.kernel.modDirVersion;

133
nixos/tests/containers-physical_interfaces.nix Normal file
View file

@ -0,0 +1,133 @@
import ./make-test.nix ({ pkgs, ...} : {
name = "containers-physical_interfaces";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ kampfschlaefer ];
};
nodes = {
server = { config, pkgs, ... }:
{
virtualisation.memorySize = 256;
virtualisation.vlans = [ 1 ];
containers.server = {
privateNetwork = true;
interfaces = [ "eth1" ];
config = {
networking.interfaces.eth1 = {
ip4 = [ { address = "10.10.0.1"; prefixLength = 24; } ];
};
networking.firewall.enable = false;
};
};
};
bridged = { config, pkgs, ... }: {
virtualisation.memorySize = 128;
virtualisation.vlans = [ 1 ];
containers.bridged = {
privateNetwork = true;
interfaces = [ "eth1" ];
config = {
networking.bridges.br0.interfaces = [ "eth1" ];
networking.interfaces.br0 = {
ip4 = [ { address = "10.10.0.2"; prefixLength = 24; } ];
};
networking.firewall.enable = false;
};
};
};
bonded = { config, pkgs, ... }: {
virtualisation.memorySize = 128;
virtualisation.vlans = [ 1 ];
containers.bonded = {
privateNetwork = true;
interfaces = [ "eth1" ];
config = {
networking.bonds.bond0 = {
interfaces = [ "eth1" ];
mode = "active-backup";
};
networking.interfaces.bond0 = {
ip4 = [ { address = "10.10.0.3"; prefixLength = 24; } ];
};
networking.firewall.enable = false;
};
};
};
bridgedbond = { config, pkgs, ... }: {
virtualisation.memorySize = 128;
virtualisation.vlans = [ 1 ];
containers.bridgedbond = {
privateNetwork = true;
interfaces = [ "eth1" ];
config = {
networking.bonds.bond0 = {
interfaces = [ "eth1" ];
mode = "active-backup";
};
networking.bridges.br0.interfaces = [ "bond0" ];
networking.interfaces.br0 = {
ip4 = [ { address = "10.10.0.4"; prefixLength = 24; } ];
};
networking.firewall.enable = false;
};
};
};
};
testScript = ''
startAll;
subtest "prepare server", sub {
$server->waitForUnit("default.target");
$server->succeed("ip link show dev eth1 >&2");
};
subtest "simple physical interface", sub {
$server->succeed("nixos-container start server");
$server->waitForUnit("container\@server");
$server->succeed("systemctl -M server list-dependencies network-addresses-eth1.service >&2");
# The other tests will ping this container on its ip. Here we just check
# that the device is present in the container.
$server->succeed("nixos-container run server -- ip a show dev eth1 >&2");
};
subtest "physical device in bridge in container", sub {
$bridged->waitForUnit("default.target");
$bridged->succeed("nixos-container start bridged");
$bridged->waitForUnit("container\@bridged");
$bridged->succeed("systemctl -M bridged list-dependencies network-addresses-br0.service >&2");
$bridged->succeed("systemctl -M bridged status -n 30 -l network-addresses-br0.service");
$bridged->succeed("nixos-container run bridged -- ping -w 10 -c 1 -n 10.10.0.1");
};
subtest "physical device in bond in container", sub {
$bonded->waitForUnit("default.target");
$bonded->succeed("nixos-container start bonded");
$bonded->waitForUnit("container\@bonded");
$bonded->succeed("systemctl -M bonded list-dependencies network-addresses-bond0 >&2");
$bonded->succeed("systemctl -M bonded status -n 30 -l network-addresses-bond0 >&2");
$bonded->succeed("nixos-container run bonded -- ping -w 10 -c 1 -n 10.10.0.1");
};
subtest "physical device in bond in bridge in container", sub {
$bridgedbond->waitForUnit("default.target");
$bridgedbond->succeed("nixos-container start bridgedbond");
$bridgedbond->waitForUnit("container\@bridgedbond");
$bridgedbond->succeed("systemctl -M bridgedbond list-dependencies network-addresses-br0.service >&2");
$bridgedbond->succeed("systemctl -M bridgedbond status -n 30 -l network-addresses-br0.service");
$bridgedbond->succeed("nixos-container run bridgedbond -- ping -w 10 -c 1 -n 10.10.0.1");
};
'';
})

4
nixos/tests/smokeping.nix
View file

@ -11,9 +11,10 @@ import ./make-test.nix ({ pkgs, ...} : {
services.smokeping = {
enable = true;
port = 8081;
mailHost = "127.0.0.2";
probeConfig = ''
+ FPing
binary = ${pkgs.fping}/bin/fping
binary = /var/setuid-wrappers/fping
offset = 0%
'';
};
@ -27,5 +28,6 @@ import ./make-test.nix ({ pkgs, ...} : {
$sm->waitForFile("/var/lib/smokeping/data/Local/LocalMachine.rrd");
$sm->succeed("curl -s -f localhost:8081/smokeping.fcgi?target=Local");
$sm->succeed("ls /var/lib/smokeping/cache/Local/LocalMachine_mini.png");
$sm->succeed("ls /var/lib/smokeping/cache/index.html");
'';
})

86
pkgs/applications/audio/ardour/ardour4.nix Normal file
View file

@ -0,0 +1,86 @@
{ stdenv, fetchFromGitHub, alsaLib, aubio, boost, cairomm, curl, doxygen, dbus, fftw
, fftwSinglePrec, flac, glibc, glibmm, graphviz, gtkmm2, libjack2
, libgnomecanvas, libgnomecanvasmm, liblo, libmad, libogg, librdf
, librdf_raptor, librdf_rasqal, libsamplerate, libsigcxx, libsndfile
, libusb, libuuid, libxml2, libxslt, lilv-svn, lv2, makeWrapper, pango
, perl, pkgconfig, python, rubberband, serd, sord-svn, sratom, suil, taglib, vampSDK }:
let
# Ardour git repo uses a mix of annotated and lightweight tags. Annotated
# tags are used for MAJOR.MINOR versioning, and lightweight tags are used
# in-between; MAJOR.MINOR.REV where REV is the number of commits since the
# last annotated tag. A slightly different version string format is needed
# for the 'revision' info that is built into the binary; it is the format of
# "git describe" when _not_ on an annotated tag(!): MAJOR.MINOR-REV-HASH.
# Version to build.
tag = "4.7";
in
stdenv.mkDerivation rec {
name = "ardour-${tag}";
src = fetchFromGitHub {
owner = "Ardour";
repo = "ardour";
rev = "d84a8222f2b6dab5028b2586f798535a8766670e";
sha256 = "149gswphz77m3pkzsn2nqbm6yvcfa3fva560bcvjzlgb73f64q5l";
};
buildInputs =
[ alsaLib aubio boost cairomm curl doxygen dbus fftw fftwSinglePrec flac glibc
glibmm graphviz gtkmm2 libjack2 libgnomecanvas libgnomecanvasmm liblo
libmad libogg librdf librdf_raptor librdf_rasqal libsamplerate
libsigcxx libsndfile libusb libuuid libxml2 libxslt lilv-svn lv2
makeWrapper pango perl pkgconfig python rubberband serd sord-svn sratom suil taglib vampSDK
];
# ardour's wscript has a "tarball" target but that required the git revision
# be available. Since this is an unzipped tarball fetched from github we
# have to do that ourself.
patchPhase = ''
printf '#include "libs/ardour/ardour/revision.h"\nnamespace ARDOUR { const char* revision = \"${tag}-${builtins.substring 0 8 src.rev}\"; }\n' > libs/ardour/revision.cc
sed 's|/usr/include/libintl.h|${glibc.dev}/include/libintl.h|' -i wscript
patchShebangs ./tools/
'';
configurePhase = "python waf configure --optimize --docs --with-backends=jack,alsa --prefix=$out";
buildPhase = "python waf";
installPhase = ''
python waf install
# Install desktop file
mkdir -p "$out/share/applications"
cat > "$out/share/applications/ardour.desktop" << EOF
[Desktop Entry]
Name=Ardour 4
GenericName=Digital Audio Workstation
Comment=Multitrack harddisk recorder
Exec=$out/bin/ardour4
Icon=$out/share/ardour4/icons/ardour_icon_256px.png
Terminal=false
Type=Application
X-MultipleArgs=false
Categories=GTK;Audio;AudioVideoEditing;AudioVideo;Video;
EOF
'';
meta = with stdenv.lib; {
description = "Multi-track hard disk recording software";
longDescription = ''
Ardour is a digital audio workstation (DAW), You can use it to
record, edit and mix multi-track audio and midi. Produce your
own CDs. Mix video soundtracks. Experiment with new ideas about
music and sound.
Please consider supporting the ardour project financially:
https://community.ardour.org/node/8288
'';
homepage = http://ardour.org/;
license = licenses.gpl2;
platforms = platforms.linux;
maintainers = [ maintainers.goibhniu maintainers.fps ];
};
}

27
pkgs/applications/audio/ardour/default.nix
View file

@ -1,9 +1,10 @@
{ stdenv, fetchFromGitHub, alsaLib, aubio, boost, cairomm, curl, doxygen, dbus, fftw
{ stdenv, fetchgit, alsaLib, aubio, boost, cairomm, curl, doxygen
, fftwSinglePrec, flac, glibc, glibmm, graphviz, gtkmm2, libjack2
, libgnomecanvas, libgnomecanvasmm, liblo, libmad, libogg, librdf
, librdf_raptor, librdf_rasqal, libsamplerate, libsigcxx, libsndfile
, libusb, libuuid, libxml2, libxslt, lilv-svn, lv2, makeWrapper, pango
, perl, pkgconfig, python, rubberband, serd, sord-svn, sratom, suil, taglib, vampSDK }:
, libusb, libuuid, libxml2, libxslt, lilv-svn, lv2, makeWrapper
, perl, pkgconfig, python, rubberband, serd, sord-svn, sratom
, taglib, vampSDK, dbus, fftw, pango, suil, libarchive }:
let
@ -15,18 +16,17 @@ let
# "git describe" when _not_ on an annotated tag(!): MAJOR.MINOR-REV-HASH.
# Version to build.
tag = "4.7";
tag = "5.4";
in
stdenv.mkDerivation rec {
name = "ardour-${tag}";
src = fetchFromGitHub {
owner = "Ardour";
repo = "ardour";
rev = "d84a8222f2b6dab5028b2586f798535a8766670e";
sha256 = "149gswphz77m3pkzsn2nqbm6yvcfa3fva560bcvjzlgb73f64q5l";
src = fetchgit {
url = "git://git.ardour.org/ardour/ardour.git";
rev = "bb3312c3bb9c6ed9b75ac6739a6ee720ddf86c86";
sha256 = "1yrg0d86k9fqw7lmzjglilbadb4cjqxqkf6ii4bjs6rihj6b0qrf";
};
buildInputs =
@ -34,7 +34,8 @@ stdenv.mkDerivation rec {
glibmm graphviz gtkmm2 libjack2 libgnomecanvas libgnomecanvasmm liblo
libmad libogg librdf librdf_raptor librdf_rasqal libsamplerate
libsigcxx libsndfile libusb libuuid libxml2 libxslt lilv-svn lv2
makeWrapper pango perl pkgconfig python rubberband serd sord-svn sratom suil taglib vampSDK
makeWrapper pango perl pkgconfig python rubberband serd sord-svn
sratom suil taglib vampSDK libarchive
];
# ardour's wscript has a "tarball" target but that required the git revision
@ -57,11 +58,11 @@ stdenv.mkDerivation rec {
mkdir -p "$out/share/applications"
cat > "$out/share/applications/ardour.desktop" << EOF
[Desktop Entry]
Name=Ardour 4
Name=Ardour 5
GenericName=Digital Audio Workstation
Comment=Multitrack harddisk recorder
Exec=$out/bin/ardour4
Icon=$out/share/ardour4/icons/ardour_icon_256px.png
Exec=$out/bin/ardour5
Icon=$out/share/ardour5/icons/ardour_icon_256px.png
Terminal=false
Type=Application
X-MultipleArgs=false

23
pkgs/applications/audio/openmpt123/default.nix Normal file
View file

@ -0,0 +1,23 @@
{ stdenv, fetchurl, SDL2, pkgconfig }:
let
version = "0.2.7025-beta20.1";
in stdenv.mkDerivation rec {
name = "openmpt123-${version}";
src = fetchurl {
url = "https://lib.openmpt.org/files/libopenmpt/src/libopenmpt-${version}.tar.gz";
sha256 = "0qp2nnz6pnl1d7yv9hcjyim7q6yax5881k1jxm8jfgjqagmz5k6p";
};
buildInputs = [ SDL2 pkgconfig ];
makeFlags = [ "NO_LTDL=1 TEST=0 EXAMPLES=0" ]
++ stdenv.lib.optional (stdenv.isDarwin) "SHARED_SONAME=0";
installFlags = "PREFIX=\${out}";
meta = with stdenv.lib; {
description = "A cross-platform command-line based module file player";
homepage = https://lib.openmpt.org/libopenmpt/;
license = licenses.bsd3;
maintainers = [ stdenv.lib.maintainers.gnidorah ];
platforms = stdenv.lib.platforms.unix;
};
}

17
pkgs/applications/audio/ponymix/default.nix
View file

@ -1,11 +1,14 @@
{ stdenv, fetchurl, libpulseaudio, libnotify, pkgconfig }:
{ stdenv, fetchFromGitHub, libpulseaudio, libnotify, pkgconfig }:
stdenv.mkDerivation rec {
name = "ponymix-${version}";
version = "5";
src = fetchurl {
url = "http://code.falconindy.com/archive/ponymix/${name}.tar.xz";
sha256 = "0qn2kms9h9b7da2xzkdgzrykhhdywr4psxnz03j8rg7wa9nwfw0x";
src = fetchFromGitHub {
owner = "falconindy";
repo = "ponymix";
rev = version;
sha256 = "08yp7fprmzm6px5yx2rvzri0l60bra5h59l26pn0k071a37ks1rb";
};
buildInputs = [ libpulseaudio libnotify ];
@ -13,9 +16,11 @@ stdenv.mkDerivation rec {
postPatch = ''substituteInPlace Makefile --replace "\$(DESTDIR)/usr" "$out"'';
meta = {
meta = with stdenv.lib; {
description = "CLI PulseAudio Volume Control";
homepage = "http://github.com/falconindy/ponymix";
license = "mit";
license = licenses.mit;
platforms = platforms.linux;
maintainers = with maintainers; [ ericsagnes ];
};
}

20
pkgs/applications/audio/uade123/default.nix Normal file
View file

@ -0,0 +1,20 @@
{ stdenv, fetchurl, which, libao, pkgconfig }:
let
version = "2.13";
in stdenv.mkDerivation rec {
name = "uade123-${version}";
src = fetchurl {
url = "http://zakalwe.fi/uade/uade2/uade-${version}.tar.bz2";
sha256 = "04nn5li7xy4g5ysyjjngmv5d3ibxppkbb86m10vrvadzxdd4w69v";
};
buildInputs = [ which libao pkgconfig ];
meta = with stdenv.lib; {
description = "Plays old Amiga tunes through UAE emulation and cloned m68k-assembler Eagleplayer API";
homepage = http://zakalwe.fi/uade/;
license = licenses.gpl2;
maintainers = [ stdenv.lib.maintainers.gnidorah ];
platforms = stdenv.lib.platforms.unix;
};
}

54
pkgs/applications/editors/emacs-modes/proofgeneral/4.2.nix
View file

@ -1,54 +0,0 @@
{ stdenv, fetchurl, emacs, texinfo, texLive, perl, which, automake }:
stdenv.mkDerivation (rec {
name = "ProofGeneral-4.2";
src = fetchurl {
url = http://proofgeneral.inf.ed.ac.uk/releases/ProofGeneral-4.2.tgz;
sha256 = "09qb0myq66fw17v4ziz401ilsb5xlxz1nl2wsp69d0vrfy0bcrrm";
};
sourceRoot = name;
buildInputs = [ emacs texinfo texLive perl which ];
prePatch =
'' sed -i "Makefile" \
-e "s|^\(\(DEST_\)\?PREFIX\)=.*$|\1=$out|g ; \
s|/sbin/install-info|install-info|g"
# Workaround for bug #458
# ProofGeneral 4.2 byte-compilation fails with Emacs 24.2.90
# http://proofgeneral.inf.ed.ac.uk/trac/ticket/458
sed -i "Makefile" \
-e "s|(setq byte-compile-error-on-warn t)||g"
sed -i "bin/proofgeneral" -e's/which/type -p/g'
# @image{ProofGeneral} fails, so remove it.
sed -i '94d' doc/PG-adapting.texi
sed -i '101d' doc/ProofGeneral.texi
'';
preBuild = ''
make clean;
'';
installPhase =
# Copy `texinfo.tex' in the right place so that `texi2pdf' works.
'' cp -v "${automake}/share/"automake-*/texinfo.tex doc
make install install-doc
'';
meta = {
description = "Proof General, an Emacs front-end for proof assistants";
longDescription = ''
Proof General is a generic front-end for proof assistants (also known as
interactive theorem provers), based on the customizable text editor Emacs.
'';
homepage = http://proofgeneral.inf.ed.ac.uk;
license = stdenv.lib.licenses.gpl2Plus;
platforms = stdenv.lib.platforms.unix; # arbitrary choice
};
})

44
pkgs/applications/editors/emacs-modes/proofgeneral/4.3pre.nix → pkgs/applications/editors/emacs-modes/proofgeneral/4.4.nix
View file

@ -1,44 +1,38 @@
{ stdenv, fetchurl, emacs, texinfo, texLive, perl, which, automake, enableDoc ? false }:
{ stdenv, fetchFromGitHub, emacs, texinfo, texLive, which, automake, enableDoc ? false }:
stdenv.mkDerivation (rec {
name = "ProofGeneral-4.3pre150313";
stdenv.mkDerivation rec {
name = "ProofGeneral-${version}";
version = "4.4";
src = fetchurl {
url = "http://proofgeneral.inf.ed.ac.uk/releases/${name}.tgz";
sha256 = "1jq5ykkk14xr5qcn4kyxmi5ls0fibr0y47gfygzm1mzrfvz9aw3f";
src = fetchFromGitHub {
owner = "ProofGeneral";
repo = "PG";
rev = "v${version}";
sha256 = "0bdfk91wf71z80mdfnl8hpinripndcjgdkz854zil6521r84nqk8";
};
sourceRoot = name;
buildInputs = [ emacs texinfo perl which ] ++ stdenv.lib.optional enableDoc texLive;
buildInputs = [ emacs which ] ++ stdenv.lib.optionals enableDoc [ texinfo texLive ];
prePatch =
'' sed -i "Makefile" \
-e "s|^\(\(DEST_\)\?PREFIX\)=.*$|\1=$out|g ; \
s|/sbin/install-info|install-info|g"
sed -i "bin/proofgeneral" -e's/which/type -p/g'
# @image{ProofGeneral} fails, so remove it.
sed -i '94d' doc/PG-adapting.texi
chmod +x bin/proofgeneral
# @image{ProofGeneral-image} fails, so remove it.
sed -i '91d' doc/PG-adapting.texi
sed -i '96d' doc/ProofGeneral.texi
'' + stdenv.lib.optionalString enableDoc
# Copy `texinfo.tex' in the right place so that `texi2pdf' works.
'' cp -v "${automake}/share/"automake-*/texinfo.tex doc
'';
patches = [ ./pg.patch ];
preBuild = ''
make clean;
'';
installPhase =
if enableDoc
then
# Copy `texinfo.tex' in the right place so that `texi2pdf' works.
'' cp -v "${automake}/share/"automake-*/texinfo.tex doc
make install install-doc
''
else "make install";
installTargets = [ "install" ] ++ stdenv.lib.optional enableDoc "install-doc";
meta = {
description = "Proof General, an Emacs front-end for proof assistants";
@ -50,4 +44,4 @@ stdenv.mkDerivation (rec {
license = stdenv.lib.licenses.gpl2Plus;
platforms = stdenv.lib.platforms.unix; # arbitrary choice
};
})
}

21
pkgs/applications/editors/emacs/default.nix
View file

@ -6,6 +6,7 @@
, withGTK2 ? true, gtk2 ? null
, withGTK3 ? false, gtk3 ? null
, withXwidgets ? false, webkitgtk24x ? null, wrapGAppsHook ? null, glib_networking ? null
, withCsrc ? true
, srcRepo ? false, autoconf ? null, automake ? null, texinfo ? null
}:
@ -24,7 +25,9 @@ let
else "lucid";
in
stdenv.mkDerivation rec {
name = "emacs-25.1";
name = "emacs-${version}${versionModifier}";
version = "25.1";
versionModifier = "";
src = fetchurl {
url = "mirror://gnu//emacs/${name}.tar.xz";
@ -71,9 +74,23 @@ stdenv.mkDerivation rec {
done
'';
installTargets = "tags install";
postInstall = ''
mkdir -p $out/share/emacs/site-lisp/
mkdir -p $out/share/emacs/site-lisp
cp ${./site-start.el} $out/share/emacs/site-lisp/site-start.el
$out/bin/emacs --batch -f batch-byte-compile $out/share/emacs/site-lisp/site-start.el
rm -rf $out/var
rm -rf $out/share/emacs/${version}/site-lisp
'' + lib.optionalString withCsrc ''
for srcdir in src lisp lwlib ; do
dstdir=$out/share/emacs/${version}/$srcdir
mkdir -p $dstdir
find $srcdir -name "*.[chm]" -exec cp {} $dstdir \;
cp $srcdir/TAGS $dstdir
echo '((nil . ((tags-file-name . "TAGS"))))' > $dstdir/.dir-locals.el
done
'' + lib.optionalString stdenv.isDarwin ''
mkdir -p $out/Applications
mv nextstep/Emacs.app $out/Applications

24
pkgs/applications/editors/emacs/site-start.el
View file

@ -1,4 +1,4 @@
;; NixOS specific load-path
;;; NixOS specific load-path
(setq load-path
(append (reverse (mapcar (lambda (x) (concat x "/share/emacs/site-lisp/"))
(split-string (or (getenv "NIX_PROFILES") ""))))
@ -11,7 +11,25 @@
(split-string (or (getenv "NIX_PROFILES") ""))))
woman-manpath)))
;; Make tramp work for remote NixOS machines
;;; NOTE: You might want to add
;;; Make tramp work for remote NixOS machines
(eval-after-load 'tramp
'(add-to-list 'tramp-remote-path "/run/current-system/sw/bin"))
;;; C source directory
;;;
;;; Computes the location of the C source directory from the path of
;;; the current file:
;;; from: /nix/store/<hash>-emacs-<version>/share/emacs/site-lisp/site-start.el
;;; to: /nix/store/<hash>-emacs-<version>/share/emacs/<version>/src/
(let ((emacs
(file-name-directory ;; .../emacs/
(directory-file-name ;; .../emacs/site-lisp
(file-name-directory load-file-name)))) ;; .../emacs/site-lisp/
(version
(file-name-as-directory
(concat
(number-to-string emacs-major-version)
"."
(number-to-string emacs-minor-version))))
(src (file-name-as-directory "src")))
(setq find-function-C-source-directory (concat emacs version src)))

8
pkgs/applications/editors/idea/default.nix
View file

@ -240,24 +240,24 @@ in
pycharm-community = buildPycharm rec {
name = "pycharm-community-${version}";
version = "2016.2.2";
version = "2016.2.3";
description = "PyCharm Community Edition";
license = stdenv.lib.licenses.asl20;
src = fetchurl {
url = "https://download.jetbrains.com/python/${name}.tar.gz";
sha256 = "1v6vy4xh0n8wdjc25clxg57z7ria11x1zdba4j1hjs2z6l80kxbb";
sha256 = "0nph0dp0a2y6vrbc1a2d5iy1fzhm4wbkp6kpdk6mcfpnz5ppz84f";
};
wmClass = "jetbrains-pycharm-ce";
};
pycharm-professional = buildPycharm rec {
name = "pycharm-professional-${version}";
version = "2016.2.2";
version = "2016.2.3";
description = "PyCharm Professional Edition";
license = stdenv.lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/python/${name}.tar.gz";
sha256 = "08x2x6lhr9100lmw1dq8rkz4mlyj4avcj2hpbd5qqybx9j4g6g44";
sha256 = "0pjgdwpkbf6fgrhml97inmsjavz1n9l4ns1pnhv3mssnribg3vm1";
};
wmClass = "jetbrains-pycharm";
};

6
pkgs/applications/graphics/rawtherapee/ReleaseInfo.cmake
View file

@ -1,4 +1,4 @@
set(GIT_BRANCH master)
set(GIT_VERSION 4.2.1050)
set(GIT_CHANGESET 2d0e5e4feeac9801994d82c5931531f508deb2e9)
set(GIT_TAGDISTANCE 1050)
set(GIT_VERSION 4.2.1115)
set(GIT_CHANGESET 0821eea7b6a4ac2fce1fcf644e06078e161e41e3)
set(GIT_TAGDISTANCE 1115)

4
pkgs/applications/graphics/rawtherapee/default.nix
View file

@ -16,6 +16,10 @@ stdenv.mkDerivation rec {
buildInputs = [ pkgconfig cmake pixman libpthreadstubs gtkmm2 libXau libXdmcp
lcms2 libiptcdata libcanberra_gtk2 fftw expat pcre libsigcxx ];
patches = [
./fix-glibmm-output.patch
];
cmakeFlags = [
"-DPROC_TARGET_NUMBER=2"
];

6
pkgs/applications/graphics/rawtherapee/dev.nix
View file

@ -3,13 +3,13 @@
}:
stdenv.mkDerivation rec {
name = "rawtherapee-git-2016-09-21";
name = "rawtherapee-git-2016-10-10";
src = fetchFromGitHub {
owner = "Beep6581";
repo = "RawTherapee";
rev = "2d0e5e4feeac9801994d82c5931531f508deb2e9";
sha256 = "1d9bi3b6cslm0rhhqf0rx47nlnsnky284vqsxyq3mss6bd8880xh";
rev = "0821eea7b6a4ac2fce1fcf644e06078e161e41e3";
sha256 = "1nwb6b1qrpdyigwig7bvr42lf7na1ngm0q2cislcvb2v1nmk6nlz";
};
buildInputs = [ pkgconfig cmake pixman libpthreadstubs gtkmm2 libXau libXdmcp

23
pkgs/applications/graphics/rawtherapee/fix-glibmm-output.patch Normal file
View file

@ -0,0 +1,23 @@
From ca0afa8d5f3cc7d09b6bab32d155a87c550f0d7b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fl=C3=B6ssie?= <floessie.mail@gmail.com>
Date: Sat, 1 Oct 2016 12:38:24 +0200
Subject: [PATCH] Fix incompatibility with glibmm 2.50 (#3440)
Kudos to @Hombre57 for the suggestion.
---
rtgui/dirbrowser.cc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/rtgui/dirbrowser.cc b/rtgui/dirbrowser.cc
index d3fc8bf..6f25f0f 100644
--- a/rtgui/dirbrowser.cc
+++ b/rtgui/dirbrowser.cc
@@ -59,7 +59,7 @@ std::vector<Glib::ustring> listSubDirs (const Glib::RefPtr<Gio::File>& dir, bool
} catch (const Glib::Exception& exception) {
if (options.rtSettings.verbose) {
- std::cerr << "Failed to list subdirectories of \"" << dir << "\": " << exception.what () << std::endl;
+ std::cerr << "Failed to list subdirectories of \"" << dir->get_basename() << "\": " << exception.what () << std::endl;
}
}

2
pkgs/applications/misc/electrum-dash/default.nix
View file

@ -13,7 +13,7 @@ pythonPackages.buildPythonApplication rec {
dns
ecdsa
pbkdf2
protobuf
protobuf3_0
pyasn1
pyasn1-modules
pycrypto

22
pkgs/applications/misc/electrum/default.nix
View file

@ -1,21 +1,5 @@
{ stdenv, fetchurl, pythonPackages }:
let
jsonrpclib = pythonPackages.buildPythonPackage rec {
version = "0.1.7";
name = "jsonrpclib-${version}";
src = fetchurl {
url = "mirror://pypi/j/jsonrpclib/${name}.tar.gz";
sha256 = "02vgirw2bcgvpcxhv5hf3yvvb4h5wzd1lpjx8na5psdmaffj6l3z";
};
propagatedBuildInputs = [ pythonPackages.cjson ];
meta = {
homepage = https://pypi.python.org/pypi/jsonrpclib;
license = stdenv.lib.licenses.asl20;
};
};
in
pythonPackages.buildPythonApplication rec {
name = "electrum-${version}";
version = "2.6.4";
@ -30,7 +14,7 @@ pythonPackages.buildPythonApplication rec {
ecdsa
jsonrpclib
pbkdf2
protobuf
protobuf3_0
pyasn1
pyasn1-modules
pycrypto
@ -61,14 +45,14 @@ pythonPackages.buildPythonApplication rec {
'';
meta = with stdenv.lib; {
description = "Bitcoin thin-client";
description = "A lightweight Bitcoin wallet";
longDescription = ''
An easy-to-use Bitcoin client featuring wallets generated from
mnemonic seeds (in addition to other, more advanced, wallet options)
and the ability to perform transactions without downloading a copy
of the blockchain.
'';
homepage = https://electrum.org;
homepage = https://electrum.org/;
license = licenses.mit;
maintainers = with maintainers; [ ehmry joachifm np ];
};

2
pkgs/applications/misc/fehlstart/default.nix
View file

@ -20,7 +20,7 @@ stdenv.mkDerivation {
meta = with stdenv.lib; {
description = "Small desktop application launcher with reasonable memory footprint";
homepage = https://gitlab.com/fehlstart/fehlstart;
licence = licenses.gpl3;
license = licenses.gpl3;
maintainers = [ maintainers.mounium ];
platforms = platforms.all;
};

31
pkgs/applications/misc/get_iplayer/default.nix
View file

@ -1,30 +1,33 @@
{stdenv, fetchurl, flvstreamer, ffmpeg, makeWrapper, perl, buildPerlPackage, perlPackages, vlc, rtmpdump}:
buildPerlPackage {
name = "get_iplayer-2.94";
{stdenv, fetchurl, atomicparsley, flvstreamer, ffmpeg, makeWrapper, perl, buildPerlPackage, perlPackages, rtmpdump}:
buildPerlPackage rec {
name = "get_iplayer-${version}";
version = "2.97";
buildInputs = [makeWrapper perl];
propagatedBuildInputs = with perlPackages; [HTMLParser HTTPCookies LWP XMLSimple];
propagatedBuildInputs = with perlPackages; [HTMLParser HTTPCookies LWP XMLLibXML XMLSimple];
preConfigure = "touch Makefile.PL";
doCheck = false;
outputs = [ "out" "man" ];
patchPhase = ''
sed -e 's|^update_script|#update_script|' \
-e '/WARNING.*updater/d' \
-i get_iplayer
'';
installPhase = ''
installPhase = ''
mkdir -p $out/bin $out/share/man/man1
cp get_iplayer $out/bin
wrapProgram $out/bin/get_iplayer --suffix PATH : ${stdenv.lib.makeBinPath [ ffmpeg flvstreamer vlc rtmpdump ]} --prefix PERL5LIB : $PERL5LIB
wrapProgram $out/bin/get_iplayer --suffix PATH : ${stdenv.lib.makeBinPath [ atomicparsley ffmpeg flvstreamer rtmpdump ]} --prefix PERL5LIB : $PERL5LIB
cp get_iplayer.1 $out/share/man/man1
'';
src = fetchurl {
url = ftp://ftp.infradead.org/pub/get_iplayer/get_iplayer-2.94.tar.gz;
sha256 = "16p0bw879fl8cs6rp37g1hgrcai771z6rcqk2nvm49kk39dx1zi4";
url = "https://github.com/get-iplayer/get_iplayer/archive/v${version}.tar.gz";
sha256 = "0bb6kmzjmazwfxq5ip7yxm39vssfgz3v5vfx1114wfssp6pw0r44";
};
meta = {
description = "Downloads TV and radio from BBC iPlayer";
license = stdenv.lib.licenses.gpl3Plus;
homepage = https://squarepenguin.co.uk/;
downloadPage = https://github.com/get-iplayer/get_iplayer/releases;
platforms = stdenv.lib.platforms.all;
};
}

39
pkgs/applications/misc/octoprint/default.nix
View file

@ -1,6 +1,41 @@
{ stdenv, fetchFromGitHub, pythonPackages }:
{ stdenv, fetchFromGitHub, pythonPackages, fetchurl }:
pythonPackages.buildPythonApplication rec {
let
tornado_4_0_1 = pythonPackages.buildPythonPackage rec {
name = "tornado-${version}";
version = "4.0.1";
propagatedBuildInputs = with pythonPackages; [ backports_ssl_match_hostname_3_4_0_2 certifi ];
src = fetchurl {
url = "mirror://pypi/t/tornado/${name}.tar.gz";
sha256 = "00crp5vnasxg7qyjv89qgssb69vd7qr13jfghdryrcbnn9l8c1df";
};
};
sockjs-tornado = pythonPackages.buildPythonPackage rec {
name = "sockjs-tornado-${version}";
version = "1.0.2";
src = fetchurl {
url = "mirror://pypi/s/sockjs-tornado/${name}.tar.gz";
sha256 = "15lcy40h2cm0l8aknbrk48p2sni5wzybsqjx1hxwpk9lfa1xryyv";
};
# This is needed for compatibility with OctoPrint
propagatedBuildInputs = [ tornado_4_0_1 ];
meta = with stdenv.lib; {
description = "SockJS python server implementation on top of Tornado framework";
homepage = http://github.com/mrjoes/sockjs-tornado/;
license = licenses.mit;
platforms = platforms.all;
maintainers = with maintainers; [ abbradar ];
};
};
in pythonPackages.buildPythonApplication rec {
name = "OctoPrint-${version}";
version = "1.2.15";

60
pkgs/applications/misc/pcmanfm-qt/default.nix
View file

@ -1,60 +0,0 @@
{ stdenv
, fetchFromGitHub
, cmake
, pkgconfig
, qt5
, menu-cache
, libfm
, elementary-icon-theme
}:
let
version = "0.11.0";
buildInputsCommon = [ cmake pkgconfig qt5.qtbase qt5.qttools qt5.qtx11extras menu-cache libfm ];
libfm-qt = stdenv.mkDerivation rec {
name = "${pname}-${version}";
pname = "libfm-qt";
src = fetchFromGitHub {
owner = "lxde";
repo = pname;
rev = version;
sha256 = "0a8rd0m66l6n2jl7fin74byyy69pyc6rgnfkpmkbi6561l903592";
};
buildInputs = buildInputsCommon;
};
in stdenv.mkDerivation rec {
name = "${pname}-${version}";
pname = "pcmanfm-qt";
src = fetchFromGitHub {
owner = "lxde";
repo = pname;
rev = version;
sha256 = "139l8m32sqcjmydppbv24iqnfsbl5b4rqmqzdayvlh6haf1ihinn";
};
buildInputs = buildInputsCommon ++ [ libfm-qt qt5.makeQtWrapper ];
postPatch = ''
substituteInPlace pcmanfm/settings.cpp --replace \"elementary\" \"Elementary\"
'';
postInstall = ''
wrapQtProgram $out/bin/pcmanfm-qt \
--prefix XDG_DATA_DIRS : "${elementary-icon-theme}/share"
'';
meta = with stdenv.lib; {
homepage = "https://github.com/lxde/pcmanfm-qt";
license = licenses.gpl2Plus;
description = "File manager with QT interface";
maintainers = with maintainers; [ obadz ];
platforms = platforms.linux;
};
}

12
pkgs/applications/misc/qtpass/default.nix
View file

@ -1,12 +1,14 @@
{ stdenv, fetchzip, git, gnupg, makeQtWrapper, pass, qtbase, qtsvg, qttools, qmakeHook }:
{ stdenv, fetchFromGitHub, git, gnupg, makeQtWrapper, pass, qtbase, qtsvg, qttools, qmakeHook }:
stdenv.mkDerivation rec {
name = "qtpass-${version}";
version = "1.1.3";
version = "1.1.4";
src = fetchzip {
url = "https://github.com/IJHack/qtpass/archive/v${version}.tar.gz";
sha256 = "114rqvd2jl98c75zmhdwfmp44kxa4v459naiivb4w020d60ziq7l";
src = fetchFromGitHub {
owner = "IJHack";
repo = "QtPass";
rev = "v${version}";
sha256 = "0jxb15jn6vv54wb2z52wv9b2mq38xff8akyzwj5xx2332bc9xra2";
};
buildInputs = [ git gnupg pass qtbase qtsvg qttools ];

42
pkgs/applications/misc/styx/default.nix Normal file
View file

@ -0,0 +1,42 @@
{ stdenv, fetchFromGitHub, caddy, asciidoctor }:
stdenv.mkDerivation rec {
name = "styx-${version}";
version = "0.2.0";
src = fetchFromGitHub {
owner = "styx-static";
repo = "styx";
rev = "v${version}";
sha256 = "1bcd0ss628mhchrl85fy6acxcxqvm1d3qywfaxhikahl1r7inpwg";
};
server = caddy.bin;
nativeBuildInputs = [ asciidoctor ];
setSourceRoot = "cd styx-*/src; export sourceRoot=`pwd`";
installPhase = ''
mkdir $out
install -D -m 777 $sourceRoot/styx.sh $out/bin/styx
mkdir -p $out/share/styx
cp -r $sourceRoot/sample $out/share/styx
mkdir -p $out/share/doc/styx
asciidoctor $sourceRoot/doc/manual.doc -o $out/share/doc/styx/index.html
substituteAllInPlace $out/bin/styx
substituteAllInPlace $out/share/doc/styx/index.html
'';
meta = with stdenv.lib; {
description = "Nix based static site generator";
maintainers = with maintainers; [ ericsagnes ];
homepage = https://styx-static.github.io/styx-site/;
downloadPage = https://github.com/styx-static/styx/;
platforms = platforms.all;
license = licenses.mit;
};
}

6
pkgs/applications/misc/tasksh/default.nix
View file

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
name = "tasksh-${version}";
version = "1.0.0";
version = "1.1.0";
enableParallelBuilding = true;
src = fetchurl {
url = "http://taskwarrior.org/download/tasksh-latest.tar.gz";
sha256 = "0ll6pwhw4wsdffacsmpq46fqh084p9mdaa777giqbag3b8gwik4s";
url = "http://taskwarrior.org/download/${name}.tar.gz";
sha256 = "0900nzfgvhcc106pl68d0v0qszvdc34yi59mw70b34b2gmkwdxzf";
};
nativeBuildInputs = [ cmake ];

18
pkgs/applications/networking/browsers/chromium/upstream-info.nix
View file

@ -1,18 +1,18 @@
# This file is autogenerated from update.sh in the same directory.
{
beta = {
sha256 = "1wpcl6cgiv02s3zgxvgsmrws454g81lnvyfjmhhcdckkwyljcv5l";
sha256bin64 = "0snr5rd2r5jfjqhqwkxcw26j53fivmf60g3qfnp5xz5b6nlsab9g";
version = "54.0.2840.34";
sha256 = "0f6cqvhlg06lrf4bzaiwzm9yi3fi1dk5jrzvjcg7alw3mzrmh2wv";
sha256bin64 = "02cv9vc1l2nlwa4a0lc7cj9c9czrwp1jd8d024bq16a5fvmhl01l";
version = "54.0.2840.50";
};
dev = {
sha256 = "1lbpj1wm35l2qf4fxfivd9drwwdrylv3knh8db889dyz5hrh3j5y";
sha256bin64 = "0rkvrrcr1j9662v00kf7x7qmdps1pd4hq818x7crkilczybd05pr";
version = "55.0.2868.3";
sha256 = "06kcymwi0wfir7w10g8viayk2h0b5a66dav76mlia4lm30p502kz";
sha256bin64 = "0mgamiffnnkaw8c68b5kyna84x7hlhrzmqfc36kzf434fmm8v5d6";
version = "55.0.2873.0";
};
stable = {
sha256 = "0qk0y457l91yzxradpinayzw3947s5s4axd75h968vrl0jan51vs";
sha256bin64 = "0sz4dfwxvkffcj4rrqh3vn2xxp2vvjzdjsy0s9wcvam01igmy261";
version = "53.0.2785.116";
sha256 = "1hyw0z7dsfaxyy8b4mvnfjy5yj0160hzz9m0wj3vn9zvkfvmhan5";
sha256bin64 = "0n0px7yi94gdxq7p6pjqfdz04bnh3mcvbaccjaglj6h5p0jc8abq";
version = "53.0.2785.143";
};
}

4
pkgs/applications/networking/browsers/firefox/default.nix
View file

@ -141,8 +141,8 @@ in {
firefox-unwrapped = common {
pname = "firefox";
version = "49.0";
sha512 = "9431f86dec5587131699ae57ae428be168e4d6c7d1d48df643c10540e8e18bc5eadfcd08bb204950be611c87d35d8a40aa8ece454b7dfa3992239639c2d688a9";
version = "49.0.1";
sha512 = "0b1lmsxazd32xxlbbzg01xam7qc9m7abv6fnl1ixv4dz0xpfc88l1zikskghhdk9snzglyl3lidgnbkli9039g3gf9m06yv77gasmkg";
};
firefox-esr-unwrapped = common {

4
pkgs/applications/networking/browsers/mozilla-plugins/flashplayer-11/default.nix
View file

@ -70,11 +70,11 @@ let
in
stdenv.mkDerivation rec {
name = "flashplayer-${version}";
version = "11.2.202.635";
version = "11.2.202.637";
src = fetchurl {
url = "https://fpdownload.macromedia.com/pub/flashplayer/installers/archive/fp_${version}_archive.zip";
sha256 = "0xlaf6152ksknigrv6fsasscyfnjkxml4nl22apiwzb34nrbzk3m";
sha256 = "0xp1pxhrnam4yi8wfwaifqx7m2im0zx2xv8xgbdm0llrzbkc57mh";
};
nativeBuildInputs = [ unzip ];

31
pkgs/applications/networking/cluster/kops/default.nix Normal file
View file

@ -0,0 +1,31 @@
{ stdenv, lib, buildGoPackage, fetchFromGitHub, go-bindata }:
buildGoPackage rec {
name = "kops-${version}";
version = "1.4.0";
rev = "v${version}";
goPackagePath = "k8s.io/kops";
src = fetchFromGitHub {
inherit rev;
owner = "kubernetes";
repo = "kops";
sha256 = "1jwgn7l8c639j5annwymqjdw5mcajwn58y21042jy5lhgdh8pdf5";
};
buildInputs = [go-bindata];
subPackages = ["cmd/kops"];
preBuild = ''
(cd go/src/k8s.io/kops
go-bindata -o upup/models/bindata.go -pkg models -prefix upup/models/ upup/models/...)
'';
meta = with stdenv.lib; {
description = "Easiest way to get a production Kubernetes up and running";
homepage = https://github.com/kubernetes/kops;
license = licenses.asl20;
maintainers = with maintainers; [offline];
};
}

6
pkgs/applications/networking/dropbox/default.nix
View file

@ -23,11 +23,11 @@
let
# NOTE: When updating, please also update in current stable,
# as older versions stop working
version = "11.4.21";
version = "11.4.22";
sha256 =
{
"x86_64-linux" = "179ajawqy43jhgvysc386hdyz9hdandwvh8m2y2rassvycn9kr8z";
"i686-linux" = "1y4z9rb06f2a3cj51xawgpzgar9x7gvr4jrazncqfpfqkv7zayv1";
"x86_64-linux" = "1fpwknf8as2h6d8d11nb8i0q4ap5r6fvii919b3pj5d29jgfd25l";
"i686-linux" = "1dv60ijb93464js34vk3l8hm8a57zdpkzhrfkv2kp3v3172cqj8s";
}."${stdenv.system}" or (throw "system ${stdenv.system} not supported");
arch =

4
pkgs/applications/networking/instant-messengers/slack/default.nix
View file

@ -4,7 +4,7 @@
let
version = "2.1.2";
version = "2.2.1";
rpath = stdenv.lib.makeLibraryPath [
alsaLib
@ -43,7 +43,7 @@ let
if stdenv.system == "x86_64-linux" then
fetchurl {
url = "https://slack-ssb-updates.global.ssl.fastly.net/linux_releases/slack-desktop-${version}-amd64.deb";
sha256 = "0bmz9d0p6676lzl4qxy6xmcampr2ilkc0mhh67860kcxjaz6sms6";
sha256 = "1x08bmkanllv3lpi2s722xs7qia8igf6zxzkc3g7vs5jms3mdrad";
}
else
throw "Slack is not supported on ${stdenv.system}";

4
pkgs/applications/networking/mailreaders/mutt/default.nix
View file

@ -20,11 +20,11 @@ with stdenv.lib;
stdenv.mkDerivation rec {
name = "mutt-${version}";
version = "1.7.0";
version = "1.7.1";
src = fetchurl {
url = "http://ftp.mutt.org/pub/mutt/${name}.tar.gz";
sha256 = "0idkamdiwj9fgqaz1vzkfg78cnmkzp74skv0ibw2xjfq6ds9hghx";
sha256 = "1pyns0xw52s4yma1a93pdcl4dirs55q2m1hd7w1r11nlhf7giip9";
};
buildInputs =

4
pkgs/applications/networking/syncthing/default.nix
View file

@ -1,14 +1,14 @@
{ stdenv, fetchFromGitHub, go }:
stdenv.mkDerivation rec {
version = "0.14.7";
version = "0.14.8";
name = "syncthing-${version}";
src = fetchFromGitHub {
owner = "syncthing";
repo = "syncthing";
rev = "v${version}";
sha256 = "1mcn2vmv3hvp0ni9jxbjj3qp0l6ls07qmq33amhvjhpfafqzn279";
sha256 = "0zhxgl6pgf60x99cappdfzk7h23g37hlanh72bwypx7pwbvhc91l";
};
buildInputs = [ go ];

4
pkgs/applications/office/scribus/default.nix
View file

@ -1,5 +1,5 @@
{ stdenv, fetchurl, pkgconfig, freetype, lcms, libtiff, libxml2
, libart_lgpl, qt4, python, cups, fontconfig, libjpeg
, libart_lgpl, qt4, pythonFull, cups, fontconfig, libjpeg
, zlib, libpng, xorg, cairo, podofo, aspell, boost, cmake }:
stdenv.mkDerivation rec {
@ -14,7 +14,7 @@ stdenv.mkDerivation rec {
buildInputs = with xorg;
[ pkgconfig cmake freetype lcms libtiff libxml2 libart_lgpl qt4
python cups fontconfig
pythonFull cups fontconfig
libjpeg zlib libpng podofo aspell cairo
boost # for internal 2geom library
libXaw libXext libX11 libXtst libXi libXinerama

20
pkgs/applications/science/logic/coq/default.nix
View file

@ -14,8 +14,8 @@ let
substituteInPlace plugins/micromega/sos.ml --replace "; csdp" "; ${csdp}/bin/csdp"
substituteInPlace plugins/micromega/coq_micromega.ml --replace "System.is_in_system_path \"csdp\"" "true"
'' else "";
in
self =
stdenv.mkDerivation {
name = "coq-${version}";
@ -62,6 +62,22 @@ stdenv.mkDerivation {
envHooks=(''${envHooks[@]} addCoqPath)
'';
passthru = {
emacsBufferSetup = pkgs: ''
; Propagate coq paths to children
(inherit-local-permanent coq-prog-name "${self}/bin/coqtop")
(inherit-local-permanent coq-dependency-analyzer "${self}/bin/coqdep")
(inherit-local-permanent coq-compiler "${self}/bin/coqc")
; If the coq-library path was already set, re-set it based on our current coq
(when (fboundp 'get-coq-library-directory)
(inherit-local-permanent coq-library-directory (get-coq-library-directory))
(coq-prog-args))
; Pass proof-general's coq flags to flycheck command (pretty ugly, should probably be part of PG)
(inherit-local-permanent flycheck-command-wrapper-function (lambda (cmd)
(append (funcall (default-value 'flycheck-command-wrapper-function) cmd) (coq-coqtop-prog-args coq-load-path))))
'';
};
meta = with stdenv.lib; {
description = "Formal proof management system";
longDescription = ''
@ -76,4 +92,4 @@ stdenv.mkDerivation {
maintainers = with maintainers; [ roconnor thoughtpolice vbgl ];
platforms = platforms.unix;
};
}
}; in self

4
pkgs/applications/version-management/git-and-tools/git-extras/default.nix
View file

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
name = "git-extras-${version}";
version = "4.1.0";
version = "4.2.0";
src = fetchurl {
url = "https://github.com/tj/git-extras/archive/${version}.tar.gz";
sha256 = "d4c028e2fe78abde8f3e640b70f431318fb28d82894dde22772efe8ba3563f85";
sha256 = "0pr2vf5rajkwjm45zvnwkc13kvk3kyr18axxvmm8drsqdkr8lrjk";
};
phases = [ "unpackPhase" "installPhase" ];

2
pkgs/applications/version-management/yadm/default.nix
View file

@ -28,7 +28,7 @@ stdenv.mkDerivation {
a specific OS or host. Supplies a method of encrypting confidential data so it
can safely be stored in your repository.
'';
licence = stdenv.lib.licenses.gpl3;
license = stdenv.lib.licenses.gpl3;
platforms = stdenv.lib.platforms.unix;
};
}

6
pkgs/applications/video/handbrake/default.nix
View file

@ -44,7 +44,6 @@ stdenv.mkDerivation rec {
lame ffmpeg libdvdread libdvdnav libbluray mp4v2 mpeg2dec x264 x265 libvpx
] ++ buildInputsX;
src = fetchurl {
url = "http://download.handbrake.fr/releases/${version}/HandBrake-${version}.tar.bz2";
sha256 = "1w720y3bplkz187wgvy4a4xm0vpppg45mlni55l6yi8v2bfk14pv";
@ -75,6 +74,11 @@ stdenv.mkDerivation rec {
cd build
'';
LD_LIBRARY_PATH = stdenv.lib.makeLibraryPath [ x265 ];
preFixup = ''
gappsWrapperArgs+=(--prefix LD_LIBRARY_PATH : "${LD_LIBRARY_PATH}")
'';
meta = {
homepage = http://handbrake.fr/;
description = "A tool for ripping DVDs into video files";

4
pkgs/applications/video/shotcut/default.nix
View file

@ -5,11 +5,11 @@ qmakeHook, makeQtWrapper }:
stdenv.mkDerivation rec {
name = "shotcut-${version}";
version = "16.08";
version = "16.10";
src = fetchurl {
url = "https://github.com/mltframework/shotcut/archive/v${version}.tar.gz";
sha256 = "10f32mfj3f8mjp0yi0jb7wc5d3inycn5c1pvqdagjhyyv3rvx9zy";
sha256 = "0brskci86bwdj2ahjfvv3v254ligjn97bm0f6c8yg46r0jb8q5xw";
};
buildInputs = [ SDL frei0r gettext mlt pkgconfig qtbase qtmultimedia qtwebkit

37
pkgs/applications/window-managers/lemonbar/default.nix
View file

@ -1,27 +1,22 @@
{ stdenv, fetchFromGitHub, perl, libxcb }:
{ stdenv, fetchurl, perl, libxcb }:
let
version = "1.2pre";
in
stdenv.mkDerivation rec {
name = "lemonbar-${version}";
stdenv.mkDerivation rec {
name = "lemonbar-1.2";
src = fetchFromGitHub {
owner = "LemonBoy";
repo = "bar";
rev = "61985278f2af1e4e85d63a696ffedc5616b06bc0";
sha256 = "0a8djlayimjdg5fj50lpifsv6gkb577bca68wmk9wg9y9n27pgay";
};
src = fetchurl {
url = "https://github.com/LemonBoy/bar/archive/v1.2.tar.gz";
sha256 = "1smz8lh930bnb6a4lrm07l3z2k071kc8p2pljk5wsrch3x2xhimq";
};
buildInputs = [ libxcb perl ];
buildInputs = [ libxcb perl ];
prePatch = ''sed -i "s@/usr@$out@" Makefile'';
prePatch = ''sed -i "s@/usr@$out@" Makefile'';
meta = with stdenv.lib; {
description = "A lightweight xcb based bar";
homepage = https://github.com/LemonBoy/bar;
maintainers = [ maintainers.meisternu ];
license = "Custom";
platforms = platforms.linux;
};
meta = with stdenv.lib; {
description = "A lightweight xcb based bar";
homepage = https://github.com/LemonBoy/bar;
maintainers = [ maintainers.meisternu ];
license = "Custom";
platforms = platforms.linux;
};
}

37
pkgs/applications/window-managers/lemonbar/xft.nix
View file

@ -1,27 +1,24 @@
{ stdenv, fetchFromGitHub, perl, libxcb, libXft }:
let
version = "2015-07-23";
in
stdenv.mkDerivation rec {
name = "bar-xft-git-${version}";
stdenv.mkDerivation rec {
name = "lemonbar-xft-unstable-2016-02-17";
src = fetchFromGitHub {
owner = "krypt-n";
repo = "bar";
rev = "3020df19232153f9e98ae0c8111db3de938a2719";
sha256 = "0a54yr534jd4l5gjzpypc0y5lh2qb2wsrd662s84jjgq8bpss8av";
};
src = fetchFromGitHub {
owner = "krypt-n";
repo = "bar";
rev = "a43b801ddc0f015ce8b1211f4c062fad12cd63a9";
sha256 = "0iqas07qjvabxyvna2m9aj5bcwnkdii1izl9jxha63vz0zlsc4gd";
};
buildInputs = [ libxcb libXft perl ];
buildInputs = [ libxcb libXft perl ];
prePatch = ''sed -i "s@/usr@$out@" Makefile'';
prePatch = ''sed -i "s@/usr@$out@" Makefile'';
meta = {
description = "A lightweight xcb based bar with XFT-support";
homepage = https://github.com/krypt-n/bar;
maintainers = [ stdenv.lib.maintainers.hiberno ];
license = "Custom";
platforms = stdenv.lib.platforms.linux;
};
meta = {
description = "A lightweight xcb based bar with XFT-support";
homepage = https://github.com/krypt-n/bar;
maintainers = [ stdenv.lib.maintainers.hiberno ];
license = "Custom";
platforms = stdenv.lib.platforms.linux;
};
}

1
pkgs/build-support/build-fhs-userenv/env.nix
View file

@ -89,6 +89,7 @@ let
# symlink other core stuff
ln -s /host/etc/localtime localtime
ln -s /host/etc/zoneinfo zoneinfo
ln -s /host/etc/machine-id machine-id
ln -s /host/etc/os-release os-release

15
pkgs/build-support/cc-wrapper/default.nix
View file

@ -46,7 +46,20 @@ stdenv.mkDerivation {
inherit cc shell libc_bin libc_dev libc_lib binutils_bin coreutils_bin;
gnugrep_bin = if nativeTools then "" else gnugrep;
passthru = { inherit libc nativeTools nativeLibc nativePrefix isGNU isClang; };
passthru = {
inherit libc nativeTools nativeLibc nativePrefix isGNU isClang;
emacsBufferSetup = pkgs: ''
; We should handle propagation here too
(mapc (lambda (arg)
(when (file-directory-p (concat arg "/include"))
(setenv "NIX_CFLAGS_COMPILE" (concat (getenv "NIX_CFLAGS_COMPILE") " -isystem " arg "/include")))
(when (file-directory-p (concat arg "/lib"))
(setenv "NIX_LDFLAGS" (concat (getenv "NIX_LDFLAGS") " -L" arg "/lib")))
(when (file-directory-p (concat arg "/lib64"))
(setenv "NIX_LDFLAGS" (concat (getenv "NIX_LDFLAGS") " -L" arg "/lib64")))) '(${concatStringsSep " " (map (pkg: "\"${pkg}\"") pkgs)}))
'';
};
buildCommand =
''

48
pkgs/build-support/emacs/buffer.nix
View file

@ -1,23 +1,47 @@
# Functions to build elisp files to locally configure emcas buffers.
# See https://github.com/shlevy/nix-buffer
{ lib, writeText }:
{ lib, writeText, inherit-local }:
{
withPackages = pkgs: let
coqs = builtins.filter (x: (builtins.parseDrvName x.name).name == "coq") pkgs;
coq = builtins.head coqs;
pg-setup = if builtins.length coqs == 0 then "" else ''
(setq-local coq-prog-name "${coq}/bin/coqtop")
(setq-local coq-dependency-analyzer "${coq}/bin/coqdep")
(setq-local coq-compiler "${coq}/bin/coqc")
(setq-local coq-library-directory (get-coq-library-directory))
(coq-prog-args)
'';
extras = map (x: x.emacsBufferSetup pkgs) (builtins.filter (builtins.hasAttr "emacsBufferSetup") pkgs);
in writeText "dir-locals.el" ''
(require 'inherit-local "${inherit-local}/share/emacs/site-lisp/elpa/inherit-local-${inherit-local.version}/inherit-local.elc")
; Only set up nixpkgs buffer handling when we have some buffers active
(defvar nixpkgs--buffer-count 0)
(when (eq nixpkgs--buffer-count 0)
; When generating a new temporary buffer (one whose name starts with a space), do inherit-local inheritance and make it a nixpkgs buffer
(defun nixpkgs--around-generate (orig name)
(if (eq (aref name 0) ?\s)
(let ((buf (funcall orig name)))
(when (inherit-local-inherit-child buf)
(with-current-buffer buf
(make-local-variable 'kill-buffer-hook)
(setq nixpkgs--buffer-count (1+ nixpkgs--buffer-count))
(add-hook 'kill-buffer-hook 'nixpkgs--decrement-buffer-count)))
buf)
(funcall orig name)))
(advice-add 'generate-new-buffer :around #'nixpkgs--around-generate)
; When we have no more nixpkgs buffers, tear down the buffer handling
(defun nixpkgs--decrement-buffer-count ()
(setq nixpkgs--buffer-count (1- nixpkgs--buffer-count))
(when (eq nixpkgs--buffer-count 0)
(advice-remove 'generate-new-buffer #'nixpkgs--around-generate)
(fmakunbound 'nixpkgs--around-generate)
(fmakunbound 'nixpkgs--decrement-buffer-count))))
(setq nixpkgs--buffer-count (1+ nixpkgs--buffer-count))
(make-local-variable 'kill-buffer-hook)
(add-hook 'kill-buffer-hook 'nixpkgs--decrement-buffer-count)
; Add packages to PATH and exec-path
(make-local-variable 'process-environment)
(put 'process-environment 'permanent-local t)
(inherit-local 'process-environment)
(setenv "PATH" (concat "${lib.makeSearchPath "bin" pkgs}:" (getenv "PATH")))
(setq-local exec-path (append '(${builtins.concatStringsSep " " (map (p: "\"${p}/bin\"") pkgs)}) exec-path))
${pg-setup}
(inherit-local-permanent exec-path (append '(${builtins.concatStringsSep " " (map (p: "\"${p}/bin\"") pkgs)}) exec-path))
${lib.concatStringsSep "\n" extras}
'';
}

3
pkgs/build-support/emacs/wrapper.nix
View file

@ -85,13 +85,14 @@ stdenv.mkDerivation {
done
siteStart="$out/share/emacs/site-lisp/site-start.el"
siteStartByteCompiled="$siteStart"c
# A dependency may have brought the original siteStart, delete it and
# create our own
# Begin the new site-start.el by loading the original, which sets some
# NixOS-specific paths. Paths are searched in the reverse of the order
# they are specified in, so user and system profile paths are searched last.
rm -f $siteStart
rm -f $siteStart $siteStartByteCompiled
cat >"$siteStart" <<EOF
(load-file "$emacs/share/emacs/site-lisp/site-start.el")
(add-to-list 'load-path "$out/share/emacs/site-lisp")

3
pkgs/build-support/fetchdarcs/default.nix
View file

@ -7,7 +7,8 @@ stdenv.mkDerivation {
outputHashAlgo = if sha256 == "" then "md5" else "sha256";
outputHashMode = "recursive";
outputHash = if sha256 == "" then md5 else sha256;
outputHash = if sha256 == "" then
(stdenv.lib.fetchMD5warn "fetchdarcs" url md5) else sha256;
inherit url rev context;
}

3
pkgs/build-support/fetchegg/default.nix
View file

@ -11,7 +11,8 @@ stdenv.mkDerivation {
outputHashAlgo = if sha256 == "" then "md5" else "sha256";
outputHashMode = "recursive";
outputHash = if sha256 == "" then md5 else sha256;
outputHash = if sha256 == "" then
(stdenv.lib.fetchMD5warn "fetchegg" name md5) else sha256;
inherit version;

8
pkgs/build-support/fetchfile/default.nix
View file

@ -1,7 +1,11 @@
{stdenv}: {pathname, md5}: stdenv.mkDerivation {
{stdenv}: {pathname, md5 ? "", sha256 ? ""}: stdenv.mkDerivation {
name = baseNameOf (toString pathname);
builder = ./builder.sh;
pathname = pathname;
md5 = md5;
} // if (sha256 == "") then {
md5 = (stdenv.lib.fetchMD5warn "fetchfile" pathname md5);
id = md5;
} else {
sha256 = sha256;
id = sha256;
}

3
pkgs/build-support/fetchgit/default.nix
View file

@ -50,7 +50,8 @@ stdenv.mkDerivation {
outputHashAlgo = if sha256 == "" then "md5" else "sha256";
outputHashMode = "recursive";
outputHash = if sha256 == "" then md5 else sha256;
outputHash = if sha256 == "" then
(stdenv.lib.fetchMD5warn "fetchgit" url md5) else sha256;
inherit url rev leaveDotGit fetchSubmodules deepClone branchName;

3
pkgs/build-support/fetchhg/default.nix
View file

@ -15,7 +15,8 @@ stdenv.mkDerivation {
outputHashAlgo = if md5 != null then "md5" else "sha256";
outputHashMode = "recursive";
outputHash = if md5 != null then md5 else sha256;
outputHash = if md5 != null then
(stdenv.lib.fetchMD5warn "fetchhg" url md5) else sha256;
inherit url rev;
preferLocalBuild = true;

3
pkgs/build-support/fetchsvn/default.nix
View file

@ -29,7 +29,8 @@ stdenv.mkDerivation {
outputHashAlgo = if sha256 == "" then "md5" else "sha256";
outputHashMode = "recursive";
outputHash = if sha256 == "" then md5 else sha256;
outputHash = if sha256 == "" then
(stdenv.lib.fetchMD5warn "fetchsvn" url md5) else sha256;
inherit url rev sshSupport openssh ignoreExternals;

3
pkgs/build-support/fetchsvnssh/default.nix
View file

@ -8,7 +8,8 @@ stdenv.mkDerivation {
outputHashAlgo = if sha256 == "" then "md5" else "sha256";
outputHashMode = "recursive";
outputHash = if sha256 == "" then md5 else sha256;
outputHash = if sha256 == "" then
(stdenv.lib.fetchMD5warn "fetchsvnssh" url md5) else sha256;
sshSubversion = ./sshsubversion.exp;

3
pkgs/build-support/fetchurl/default.nix
View file

@ -112,7 +112,8 @@ if (!hasHash) then throw "Specify hash for fetchurl fixed-output derivation: ${s
outputHashAlgo = if outputHashAlgo != "" then outputHashAlgo else
if sha512 != "" then "sha512" else if sha256 != "" then "sha256" else if sha1 != "" then "sha1" else "md5";
outputHash = if outputHash != "" then outputHash else
if sha512 != "" then sha512 else if sha256 != "" then sha256 else if sha1 != "" then sha1 else md5;
if sha512 != "" then sha512 else if sha256 != "" then sha256 else if sha1 != "" then sha1 else
(stdenv.lib.fetchMD5warn "fetchurl" (builtins.head urls_) md5);
outputHashMode = if (recursiveHash || executable) then "recursive" else "flat";

4
pkgs/build-support/ocaml/default.nix
View file

@ -1,4 +1,4 @@
{ stdenv, writeText, ocaml, findlib, camlp4 }:
{ stdenv, writeText, ocaml, findlib, ocamlbuild, camlp4 }:
{ name, version, buildInputs ? [],
createFindlibDestdir ? true,
@ -19,7 +19,7 @@ in
stdenv.mkDerivation (args // {
name = "ocaml-${name}-${version}";
buildInputs = [ ocaml findlib camlp4 ] ++ buildInputs;
buildInputs = [ ocaml findlib ocamlbuild camlp4 ] ++ buildInputs;
setupHook = if setupHook == null && hasSharedObjects
then writeText "setupHook.sh" ''

2
pkgs/data/documentation/stdman/default.nix
View file

@ -28,7 +28,7 @@ stdenv.mkDerivation rec {
formatting for easy readability.";
homepage = https://github.com/jeaye/stdman;
license = licenses.mit;
platforms = platforms.linux;
platforms = platforms.unix;
maintainers = [ maintainers.twey ];
};
}

5
pkgs/data/documentation/zeal/default.nix
View file

@ -2,14 +2,14 @@
, qtimageformats, qtwebkit, qtx11extras, xcbutilkeysyms, qmakeHook }:
stdenv.mkDerivation rec {
version = "0.2.1";
version = "0.3.0";
name = "zeal-${version}";
src = fetchFromGitHub {
owner = "zealdocs";
repo = "zeal";
rev = "v${version}";
sha256 = "1j1nfvkwkb2xdh289q5gdb526miwwqmqjyd6fz9qm5dg467wmwa3";
sha256 = "1f0nsnily2lsrraj1f8j34lqhiskiyq22clkci7w4h2zfv35j1s0";
};
buildInputs = [
@ -34,4 +34,3 @@ stdenv.mkDerivation rec {
maintainers = with stdenv.lib.maintainers; [ skeidel ];
};
}

27
pkgs/data/fonts/camingo-code/default.nix Normal file
View file

@ -0,0 +1,27 @@
{ stdenv, fetchurl, unzip }:
stdenv.mkDerivation rec {
name = "camingo-code-${version}";
version = "1.0";
src = fetchurl {
url = https://github.com/chrissimpkins/codeface/releases/download/font-collection/codeface-fonts.zip;
sha256 = "1gbpfa5mqyhi5yrb6dl708pggiwp002b532fn3axiagb0cxxf02s";
};
buildInputs = [ unzip ];
installPhase = ''
mkdir -p $out/share/fonts/truetype
mkdir -p $out/share/doc/${name}
cp -v camingo-code/*.ttf $out/share/fonts/truetype/
cp -v camingo-code/*.txt $out/share/doc/${name}/
'';
meta = with stdenv.lib; {
homepage = https://www.myfonts.com/fonts/jan-fromm/camingo-code/;
description = "A monospaced typeface designed for source-code editors";
platforms = platforms.all;
license = licenses.cc-by-nd-30;
};
}

46
pkgs/data/fonts/input-fonts/default.nix Normal file
View file

@ -0,0 +1,46 @@
{ stdenv, requireFile, unzip }:
stdenv.mkDerivation rec {
name = "input-fonts-${version}";
version = "2016-10-06"; # date of the download and checksum
src = requireFile {
name = "Input-Font.zip";
url = "http://input.fontbureau.com/download/";
sha256 = "06hrsrb5a6hzrgkkhk0gdj92rhgr433vgn4j5g3pd8f1ijlfqn4y";
};
nativeBuildInputs = [ unzip ];
phases = [ "unpackPhase" "installPhase" ];
sourceRoot = ".";
installPhase = ''
mkdir -p $out/share/fonts/truetype
find Input_Fonts -name "*.ttf" -exec cp -a {} "$out"/share/fonts/truetype/ \;
mkdir -p "$out"/share/doc
cp -a *.txt "$out"/share/doc/
'';
meta = with stdenv.lib; {
description = "Fonts for Code, from Font Bureau";
longDescrition = ''
Input is a font family designed for computer programming, data,
and text composition. It was designed by David Jonathan Ross
between 2012 and 2014 and published by The Font Bureau. It
contains a wide array of styles so you can fine-tune the
typography that works best in your editing environment.
Input Mono is a monospaced typeface, where all characters occupy
a fixed width. Input Sans and Serif are proportional typefaces
that are designed with all of the features of a good monospace
generous spacing, large punctuation, and easily distinguishable
characters but without the limitations of a fixed width.
'';
homepage = http://input.fontbureau.com;
license = licenses.unfree;
maintainers = with maintainers; [ romildo ];
platforms = platforms.all;
};
}

17
pkgs/data/icons/maia-icon-theme/default.nix
View file

@ -1,27 +1,30 @@
{ stdenv, fetchFromGitHub }:
stdenv.mkDerivation {
name = "maia-icon-theme";
stdenv.mkDerivation rec {
name = "maia-icon-theme-${version}";
version = "2016-09-16";
src = fetchFromGitHub {
owner = "manjaro";
repo = "artwork-maia";
rev = "23235fa56e6111d30e9f92576030cc855a0facbe";
sha256 = "1d5bv13gds1nx88pc6a9gkrz1lb8sji0wcc5h3bf4mjw0q072nfr";
rev = "f6718cd9c383adb77af54b694c47efa4d581f5b5";
sha256 = "0f9l3k9abgg8islzddrxgbxaw6vbai5bvz5qi1v2fzir7ykx7bgj";
};
dontBuild = true;
installPhase = ''
install -dm 755 $out/share/icons
rm icons/CMakeLists.txt
cp -dr --no-preserve='ownership' icons $out/share/icons/Maia
for f in "" "-dark"; do
rm icons$f/CMakeLists.txt
cp -dr --no-preserve='ownership' icons$f $out/share/icons/maia$f
done
'';
meta = with stdenv.lib; {
description = "Icons based on Breeze and Super Flat Remix";
homepage = https://github.com/manjaro/artwork-maia;
licence = licenses.free;
license = licenses.free;
maintainers = [ maintainers.mounium ];
platforms = platforms.all;
};

52
pkgs/data/misc/cacert/default.nix
View file

@ -1,25 +1,49 @@
{ stdenv, nss, curl, perl }:
{ stdenv, fetchurl, writeText, nss, python
, blacklist ? []
, includeEmail ? false
}:
with stdenv.lib;
let
certdata2pem = fetchurl {
name = "certdata2pem.py";
url = "https://anonscm.debian.org/cgit/collab-maint/ca-certificates.git/plain/mozilla/certdata2pem.py?h=debian/20160104";
sha256 = "0bw11mgfrf19qziyvdnq22kirp0nn54lfsanrg5h6djs6ig1c2im";
};
in
stdenv.mkDerivation rec {
name = "nss-cacert-${nss.version}";
src = nss.src;
postPatch = ''
unpackFile ${curl.src};
nativeBuildInputs = [ python ];
# Remove dependency on LWP, curl is enough. Also, since curl here
# is working on a local file it will not actually get a 200 OK, so
# remove that expectation.
substituteInPlace curl-*/lib/mk-ca-bundle.pl \
--replace 'use LWP::UserAgent;' "" \
--replace ' && $out[0] == 200' ""
configurePhase = ''
ln -s nss/lib/ckfw/builtins/certdata.txt
cat << EOF > blacklist.txt
${concatStringsSep "\n" (map (c: ''"${c}"'') blacklist)}
EOF
cp ${certdata2pem} certdata2pem.py
${optionalString includeEmail ''
# Disable CAs used for mail signing
substituteInPlace certdata2pem.py --replace \[\'CKA_TRUST_EMAIL_PROTECTION\'\] '''
''}
'';
nativeBuildInputs = [ curl perl ];
buildPhase = ''
perl curl-*/lib/mk-ca-bundle.pl -d "file://$(pwd)/nss/lib/ckfw/builtins/certdata.txt" ca-bundle.crt
python certdata2pem.py | grep -vE '^(!|UNTRUSTED)'
for cert in *.crt; do
echo $cert | cut -d. -f1 | sed -e 's,_, ,g' >> ca-bundle.crt
cat $cert >> ca-bundle.crt
echo >> ca-bundle.crt
done
'';
installPhase = ''
@ -27,10 +51,10 @@ stdenv.mkDerivation rec {
cp -v ca-bundle.crt $out/etc/ssl/certs
'';
meta = with stdenv.lib; {
meta = {
homepage = http://curl.haxx.se/docs/caextract.html;
description = "A bundle of X.509 certificates of public Certificate Authorities (CA)";
platforms = platforms.all;
maintainers = with maintainers; [ wkennington ];
maintainers = with maintainers; [ wkennington fpletz ];
};
}

3
pkgs/desktops/gnome-3/3.20/core/epiphany/default.nix
View file

@ -18,7 +18,8 @@ stdenv.mkDerivation rec {
webkitgtk libsoup libsecret gnome_desktop libnotify libtool
sqlite isocodes nss itstool p11_kit nspr icu gnome3.yelp_tools
gdk_pixbuf gnome3.defaultIconTheme librsvg which gnome_common
gcr avahi gnome3.gsettings_desktop_schemas gnome3.dconf ];
gcr avahi gnome3.gsettings_desktop_schemas gnome3.dconf
gnome3.glib_networking ];
NIX_CFLAGS_COMPILE = "-I${nspr.dev}/include/nspr -I${nss.dev}/include/nss -I${glib.dev}/include/gio-unix-2.0";

44
pkgs/desktops/lxqt/base/liblxqt/default.nix Normal file
View file

@ -0,0 +1,44 @@
{ stdenv, fetchFromGitHub, cmake, qt5, kde5, lxqt, xorg }:
stdenv.mkDerivation rec {
name = "${pname}-${version}";
pname = "liblxqt";
version = "0.11.0";
src = fetchFromGitHub {
owner = "lxde";
repo = pname;
rev = version;
sha256 = "12gla3pdg0n28w15qrmha83xm3021xdby8ydwp1qzcips5pa5zac";
};
nativeBuildInputs = [
cmake
];
buildInputs = [
qt5.qtx11extras
qt5.qttools
qt5.qtsvg
kde5.kwindowsystem
lxqt.libqtxdg
xorg.libXScrnSaver
];
cmakeFlags = [
"-DPULL_TRANSLATIONS=NO"
"-DLXQT_ETC_XDG_DIR=/run/current-system/sw/etc/xdg"
];
patchPhase = ''
sed -i 's|set(LXQT_SHARE_DIR .*)|set(LXQT_SHARE_DIR "/run/current-system/sw/share/lxqt")|' CMakeLists.txt
'';
meta = with stdenv.lib; {
description = "Core utility library for all LXQt components";
homepage = https://github.com/lxde/liblxqt;
license = licenses.lgpl21Plus;
maintainers = with maintainers; [ romildo ];
platforms = with platforms; unix;
};
}

25
pkgs/desktops/lxqt/base/libqtxdg/default.nix Normal file
View file

@ -0,0 +1,25 @@
{ stdenv, fetchFromGitHub, cmake, qt5 }:
stdenv.mkDerivation rec {
name = "libqtxdg-${version}";
version = "2.0.0";
src = fetchFromGitHub {
owner = "lxde";
repo = "libqtxdg";
rev = version;
sha256 = "1s5jw4q6gcivk7mc95ir9q2nry4yyhfwy039ddf5ymh79nynv8vy";
};
nativeBuildInputs = [ cmake ];
buildInputs = [ qt5.qtbase qt5.qtsvg ];
meta = with stdenv.lib; {
description = "Qt implementation of freedesktop.org xdg specs";
homepage = https://github.com/lxde/libqtxdg;
license = licenses.lgpl21;
maintainers = with maintainers; [ romildo ];
platforms = with platforms; unix;
};
}

Some files were not shown because too many files have changed in this diff Show more