b12f/nixpkgs
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Merge branch 'master' into staging-next

Browse source
This commit is contained in:
Uli Baum 2018-09-13 10:08:53 +02:00
parent 1428d00aa4 0f2b10d1ac
commit 1df2560dde
752 changed files with 25957 additions and 14014 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

82
doc/languages-frameworks/vim.section.md
View file

@ -5,11 +5,16 @@ date: 2016-06-25
---
# User's Guide to Vim Plugins/Addons/Bundles/Scripts in Nixpkgs
You'll get a vim(-your-suffix) in PATH also loading the plugins you want.
Both Neovim and Vim can be configured to include your favorite plugins
and additional libraries.
Loading can be deferred; see examples.
Vim packages, VAM (=vim-addon-manager) and Pathogen are supported to load
packages.
At the moment we support three different methods for managing plugins:
- Vim packages (*recommend*)
- VAM (=vim-addon-manager)
- Pathogen
## Custom configuration
@ -25,7 +30,19 @@ vim_configurable.customize {
}
```
## Vim packages
For Neovim the `configure` argument can be overridden to achieve the same:
```
neovim.override {
configure = {
customRC = ''
# here your custom configuration goes!
'';
};
}
```
## Managing plugins with Vim packages
To store you plugins in Vim packages the following example can be used:
@ -38,13 +55,50 @@ vim_configurable.customize {
opt = [ phpCompletion elm-vim ];
# To automatically load a plugin when opening a filetype, add vimrc lines like:
# autocmd FileType php :packadd phpCompletion
}
};
};
}
```
## VAM
For Neovim the syntax is
### dependencies by Vim plugins
```
neovim.override {
configure = {
customRC = ''
# here your custom configuration goes!
'';
packages.myVimPackage = with pkgs.vimPlugins; {
# see examples below how to use custom packages
start = [ ];
opt = [ ];
};
};
}
```
The resulting package can be added to `packageOverrides` in `~/.nixpkgs/config.nix` to make it installable:
```
{
packageOverrides = pkgs: with pkgs; {
myVim = vim_configurable.customize {
name = "vim-with-plugins";
# add here code from the example section
};
myNeovim = neovim.override {
configure = {
# add here code from the example section
};
};
};
}
```
After that you can install your special grafted `myVim` or `myNeovim` packages.
## Managing plugins with VAM
### Handling dependencies of Vim plugins
VAM introduced .json files supporting dependencies without versioning
assuming that "using latest version" is ok most of the time.
@ -125,6 +179,18 @@ Sample output2:
]
## Adding new plugins to nixpkgs
In `pkgs/misc/vim-plugins/vim-plugin-names` we store the plugin names
for all vim plugins we automatically generate plugins for.
The format of this file `github username/github repository`:
For example https://github.com/scrooloose/nerdtree becomes `scrooloose/nerdtree`.
After adding your plugin to this file run the `./update.py` in the same folder.
This will updated a file called `generated.nix` and make your plugin accessible in the
`vimPlugins` attribute set (`vimPlugins.nerdtree` in our example).
If additional steps to the build process of the plugin are required, add an
override to the `pkgs/misc/vim-plugins/default.nix` in the same directory.
## Important repositories
- [vim-pi](https://bitbucket.org/vimcommunity/vim-pi) is a plugin repository

51
doc/package-notes.xml
View file

@ -671,6 +671,8 @@ overrides = super: self: rec {
plugins = with availablePlugins; [ python perl ];
}
}</programlisting>
If the <literal>configure</literal> function returns an attrset without the <literal>plugins</literal>
attribute, <literal>availablePlugins</literal> will be used automatically.
</para>
<para>
@ -704,6 +706,55 @@ overrides = super: self: rec {
}; }
</programlisting>
</para>
<para>
WeeChat allows to set defaults on startup using the <literal>--run-command</literal>.
The <literal>configure</literal> method can be used to pass commands to the program:
<programlisting>weechat.override {
configure = { availablePlugins, ... }: {
init = ''
/set foo bar
/server add freenode chat.freenode.org
'';
};
}</programlisting>
Further values can be added to the list of commands when running
<literal>weechat --run-command "your-commands"</literal>.
</para>
<para>
Additionally it's possible to specify scripts to be loaded when starting <literal>weechat</literal>.
These will be loaded before the commands from <literal>init</literal>:
<programlisting>weechat.override {
configure = { availablePlugins, ... }: {
scripts = with pkgs.weechatScripts; [
weechat-xmpp weechat-matrix-bridge wee-slack
];
init = ''
/set plugins.var.python.jabber.key "val"
'':
};
}</programlisting>
</para>
<para>
In <literal>nixpkgs</literal> there's a subpackage which contains derivations for
WeeChat scripts. Such derivations expect a <literal>passthru.scripts</literal> attribute
which contains a list of all scripts inside the store path. Furthermore all scripts
have to live in <literal>$out/share</literal>. An exemplary derivation looks like this:
<programlisting>{ stdenv, fetchurl }:
stdenv.mkDerivation {
name = "exemplary-weechat-script";
src = fetchurl {
url = "https://scripts.tld/your-scripts.tar.gz";
sha256 = "...";
};
passthru.scripts = [ "foo.py" "bar.lua" ];
installPhase = ''
mkdir $out/share
cp foo.py $out/share
cp bar.lua $out/share
'';
}</programlisting>
</para>
</section>
<section xml:id="sec-citrix">
<title>Citrix Receiver</title>

44
lib/asserts.nix Normal file
View file

@ -0,0 +1,44 @@
{ lib }:
rec {
/* Print a trace message if pred is false.
Intended to be used to augment asserts with helpful error messages.
Example:
assertMsg false "nope"
=> false
stderr> trace: nope
assert (assertMsg ("foo" == "bar") "foo is not bar, silly"); ""
stderr> trace: foo is not bar, silly
stderr> assert failed at
Type:
assertMsg :: Bool -> String -> Bool
*/
# TODO(Profpatsch): add tests that check stderr
assertMsg = pred: msg:
if pred
then true
else builtins.trace msg false;
/* Specialized `assertMsg` for checking if val is one of the elements
of a list. Useful for checking enums.
Example:
let sslLibrary = "libressl"
in assertOneOf "sslLibrary" sslLibrary [ "openssl" "bearssl" ]
=> false
stderr> trace: sslLibrary must be one of "openssl", "bearssl", but is: "libressl"
Type:
assertOneOf :: String -> ComparableVal -> List ComparableVal -> Bool
*/
assertOneOf = name: val: xs: assertMsg
(lib.elem val xs)
"${name} must be one of ${
lib.generators.toPretty {} xs}, but is: ${
lib.generators.toPretty {} val}";
}

6
lib/default.nix
View file

@ -38,10 +38,11 @@ let
systems = callLibs ./systems;
# misc
asserts = callLibs ./asserts.nix;
debug = callLibs ./debug.nix;
generators = callLibs ./generators.nix;
misc = callLibs ./deprecated.nix;
# domain-specific
fetchers = callLibs ./fetchers.nix;
@ -60,7 +61,6 @@ let
boolToString mergeAttrs flip mapNullable inNixShell min max
importJSON warn info nixpkgsVersion version mod compare
splitByAndCompare functionArgs setFunctionArgs isFunction;
inherit (fixedPoints) fix fix' extends composeExtensions
makeExtensible makeExtensibleWithCustomName;
inherit (attrsets) attrByPath hasAttrByPath setAttrByPath
@ -117,6 +117,8 @@ let
unknownModule mkOption;
inherit (types) isType setType defaultTypeMerge defaultFunctor
isOptionType mkOptionType;
inherit (asserts)
assertMsg assertOneOf;
inherit (debug) addErrorContextToAttrs traceIf traceVal traceValFn
traceXMLVal traceXMLValMarked traceSeq traceSeqN traceValSeq
traceValSeqFn traceValSeqN traceValSeqNFn traceShowVal

5
lib/licenses.nix
View file

@ -355,6 +355,11 @@ lib.mapAttrs (n: v: v // { shortName = n; }) rec {
fullName = "Independent JPEG Group License";
};
imagemagick = spdx {
fullName = "ImageMagick License";
spdxId = "imagemagick";
};
inria-compcert = {
fullName = "INRIA Non-Commercial License Agreement for the CompCert verified compiler";
url = "http://compcert.inria.fr/doc/LICENSE";

7
lib/lists.nix
View file

@ -509,7 +509,8 @@ rec {
=> 3
*/
last = list:
assert list != []; elemAt list (length list - 1);
assert lib.assertMsg (list != []) "lists.last: list must not be empty!";
elemAt list (length list - 1);
/* Return all elements but the last
@ -517,7 +518,9 @@ rec {
init [ 1 2 3 ]
=> [ 1 2 ]
*/
init = list: assert list != []; take (length list - 1) list;
init = list:
assert lib.assertMsg (list != []) "lists.init: list must not be empty!";
take (length list - 1) list;
/* return the image of the cross product of some lists by a function

12
lib/strings.nix
View file

@ -410,7 +410,7 @@ rec {
components = splitString "/" url;
filename = lib.last components;
name = builtins.head (splitString sep filename);
in assert name != filename; name;
in assert name != filename; name;
/* Create an --{enable,disable}-<feat> string that can be passed to
standard GNU Autoconf scripts.
@ -468,7 +468,10 @@ rec {
strw = lib.stringLength str;
reqWidth = width - (lib.stringLength filler);
in
assert strw <= width;
assert lib.assertMsg (strw <= width)
"fixedWidthString: requested string length (${
toString width}) must not be shorter than actual length (${
toString strw})";
if strw == width then str else filler + fixedWidthString reqWidth filler str;
/* Format a number adding leading zeroes up to fixed width.
@ -501,7 +504,7 @@ rec {
isStorePath = x:
isCoercibleToString x
&& builtins.substring 0 1 (toString x) == "/"
&& dirOf (builtins.toPath x) == builtins.storeDir;
&& dirOf x == builtins.storeDir;
/* Convert string to int
Obviously, it is a bit hacky to use fromJSON that way.
@ -537,11 +540,10 @@ rec {
*/
readPathsFromFile = rootPath: file:
let
root = toString rootPath;
lines = lib.splitString "\n" (builtins.readFile file);
removeComments = lib.filter (line: line != "" && !(lib.hasPrefix "#" line));
relativePaths = removeComments lines;
absolutePaths = builtins.map (path: builtins.toPath (root + "/" + path)) relativePaths;
absolutePaths = builtins.map (path: rootPath + "/${path}") relativePaths;
in
absolutePaths;

4
lib/tests/misc.nix
View file

@ -112,7 +112,7 @@ runTests {
storePathAppendix = isStorePath
"${goodPath}/bin/python";
nonAbsolute = isStorePath (concatStrings (tail (stringToCharacters goodPath)));
asPath = isStorePath (builtins.toPath goodPath);
asPath = isStorePath goodPath;
otherPath = isStorePath "/something/else";
otherVals = {
attrset = isStorePath {};
@ -357,7 +357,7 @@ runTests {
int = 42;
bool = true;
string = ''fno"rd'';
path = /. + "/foo"; # toPath returns a string
path = /. + "/foo";
null_ = null;
function = x: x;
functionArgs = { arg ? 4, foo }: arg;

2
lib/trivial.nix
View file

@ -171,7 +171,7 @@ rec {
builtins.fromJSON (builtins.readFile path);
## Warnings and asserts
## Warnings
/* See https://github.com/NixOS/nix/issues/749. Eventually we'd like these
to expand to Nix builtins that carry metadata so that Nix can filter out

8
lib/types.nix
View file

@ -119,7 +119,9 @@ rec {
let
betweenDesc = lowest: highest:
"${toString lowest} and ${toString highest} (both inclusive)";
between = lowest: highest: assert lowest <= highest;
between = lowest: highest:
assert lib.assertMsg (lowest <= highest)
"ints.between: lowest must be smaller than highest";
addCheck int (x: x >= lowest && x <= highest) // {
name = "intBetween";
description = "integer between ${betweenDesc lowest highest}";
@ -439,7 +441,9 @@ rec {
# Either value of type `finalType` or `coercedType`, the latter is
# converted to `finalType` using `coerceFunc`.
coercedTo = coercedType: coerceFunc: finalType:
assert coercedType.getSubModules == null;
assert lib.assertMsg (coercedType.getSubModules == null)
"coercedTo: coercedType must not have submodules (its a ${
coercedType.description})";
mkOptionType rec {
name = "coercedTo";
description = "${finalType.description} or ${coercedType.description} convertible to it";

25
maintainers/maintainer-list.nix
View file

@ -1847,6 +1847,11 @@
github = "jerith666";
name = "Matt McHenry";
};
jethro = {
email = "jethrokuan95@gmail.com";
github = "jethrokuan";
name = "Jethro Kuan";
};
jfb = {
email = "james@yamtime.com";
github = "tftio";
@ -3396,6 +3401,11 @@
github = "relrod";
name = "Ricky Elrod";
};
renatoGarcia = {
email = "fgarcia.renato@gmail.com";
github = "renatoGarcia";
name = "Renato Garcia";
};
renzo = {
email = "renzocarbonara@gmail.com";
github = "k0001";
@ -3888,6 +3898,11 @@
github = "StillerHarpo";
name = "Florian Engel";
};
stites = {
email = "sam@stites.io";
github = "stites";
name = "Sam Stites";
};
stumoss = {
email = "samoss@gmail.com";
github = "stumoss";
@ -4153,6 +4168,11 @@
github = "tomsmeets";
name = "Tom Smeets";
};
toonn = {
email = "nnoot@toonn.io";
github = "toonn";
name = "Toon Nolten";
};
travisbhartwell = {
email = "nafai@travishartwell.net";
github = "travisbhartwell";
@ -4508,6 +4528,11 @@
github = "y0no";
name = "Yoann Ono";
};
yarny = {
email = "41838844+Yarny0@users.noreply.github.com";
github = "Yarny0";
name = "Yarny";
};
yarr = {
email = "savraz@gmail.com";
github = "Eternity-Yarr";

9
nixos/doc/manual/installation/upgrading.xml
View file

@ -52,10 +52,13 @@
</listitem>
</itemizedlist>
To see what channels are available, go to
<link
xlink:href="https://nixos.org/channels"/>. (Note that the URIs of the
<link xlink:href="https://nixos.org/channels"/>. (Note that the URIs of the
various channels redirect to a directory that contains the channels latest
version and includes ISO images and VirtualBox appliances.)
version and includes ISO images and VirtualBox appliances.) Please note that
during the release process, channels that are not yet released will be
present here as well. See the Getting NixOS page
<link xlink:href="https://nixos.org/nixos/download.html"/> to find the newest
supported stable release.
</para>
<para>
When you first install NixOS, youre automatically subscribed to the NixOS

15
nixos/doc/manual/release-notes/rl-1809.xml
View file

@ -283,6 +283,14 @@ $ nix-instantiate -E '(import &lt;nixpkgsunstable&gt; {}).gitFull'
from your config without any issues.
</para>
</listitem>
<listitem>
<para>
<literal>stdenv.system</literal> and <literal>system</literal> in nixpkgs now refer to the host platform instead of the build platform.
For native builds this is not change, let alone a breaking one.
For cross builds, it is a breaking change, and <literal>stdenv.buildPlatform.system</literal> can be used instead for the old behavior.
They should be using that anyways for clarity.
</para>
</listitem>
</itemizedlist>
</section>
@ -536,6 +544,13 @@ inherit (pkgs.nixos {
a new paragraph.
</para>
</listitem>
<listitem>
<para>
Top-level <literal>buildPlatform</literal>, <literal>hostPlatform</literal>, and <literal>targetPlatform</literal> in Nixpkgs are deprecated.
Please use their equivalents in <literal>stdenv</literal> instead:
<literal>stdenv.buildPlatform</literal>, <literal>stdenv.hostPlatform</literal>, and <literal>stdenv.targetPlatform</literal>.
</para>
</listitem>
</itemizedlist>
</section>
</section>

8
nixos/lib/eval-config.nix
View file

@ -28,7 +28,7 @@
let extraArgs_ = extraArgs; pkgs_ = pkgs;
extraModules = let e = builtins.getEnv "NIXOS_EXTRA_MODULE_PATH";
in if e == "" then [] else [(import (builtins.toPath e))];
in if e == "" then [] else [(import e)];
in
let
@ -36,7 +36,11 @@ let
_file = ./eval-config.nix;
key = _file;
config = {
nixpkgs.localSystem = lib.mkDefault { inherit system; };
# Explicit `nixpkgs.system` or `nixpkgs.localSystem` should override
# this. Since the latter defaults to the former, the former should
# default to the argument. That way this new default could propagate all
# they way through, but has the last priority behind everything else.
nixpkgs.system = lib.mkDefault system;
_module.args.pkgs = lib.mkIf (pkgs_ != null) (lib.mkForce pkgs_);
};
};

21
nixos/modules/config/shells-environment.nix
View file

@ -163,15 +163,24 @@ in
/bin/sh
'';
# For resetting environment with `. /etc/set-environment` when needed
# and discoverability (see motivation of #30418).
environment.etc."set-environment".source = config.system.build.setEnvironment;
system.build.setEnvironment = pkgs.writeText "set-environment"
''
${exportedEnvVars}
''
# DO NOT EDIT -- this file has been generated automatically.
${cfg.extraInit}
# Prevent this file from being sourced by child shells.
export __NIXOS_SET_ENVIRONMENT_DONE=1
# ~/bin if it exists overrides other bin directories.
export PATH="$HOME/bin:$PATH"
'';
${exportedEnvVars}
${cfg.extraInit}
# ~/bin if it exists overrides other bin directories.
export PATH="$HOME/bin:$PATH"
'';
system.activationScripts.binsh = stringAfter [ "stdio" ]
''

14
nixos/modules/config/xdg/mime.nix
View file

@ -7,7 +7,7 @@ with lib;
type = types.bool;
default = true;
description = ''
Whether to install files to support the
Whether to install files to support the
<link xlink:href="https://specifications.freedesktop.org/shared-mime-info-spec/shared-mime-info-spec-latest.html">XDG Shared MIME-info specification</link> and the
<link xlink:href="https://specifications.freedesktop.org/mime-apps-spec/mime-apps-spec-latest.html">XDG MIME Applications specification</link>.
'';
@ -17,18 +17,18 @@ with lib;
config = mkIf config.xdg.mime.enable {
environment.pathsToLink = [ "/share/mime" ];
environment.systemPackages = [
# this package also installs some useful data, as well as its utilities
pkgs.shared-mime-info
environment.systemPackages = [
# this package also installs some useful data, as well as its utilities
pkgs.shared-mime-info
];
environment.extraSetup = ''
if [ -w $out/share/mime ]; then
XDG_DATA_DIRS=$out/share ${pkgs.shared-mime-info}/bin/update-mime-database -V $out/share/mime > /dev/null
if [ -w $out/share/mime ] && [ -d $out/share/mime/packages ]; then
XDG_DATA_DIRS=$out/share ${pkgs.shared-mime-info}/bin/update-mime-database -V $out/share/mime > /dev/null
fi
if [ -w $out/share/applications ]; then
${pkgs.desktop-file-utils}/bin/update-desktop-database $out/share/applications
${pkgs.desktop-file-utils}/bin/update-desktop-database $out/share/applications
fi
'';
};

8
nixos/modules/installer/tools/nix-fallback-paths.nix
View file

@ -1,6 +1,6 @@
{
x86_64-linux = "/nix/store/r9i30v8nasafg2851wflg71ln49fw03y-nix-2.1";
i686-linux = "/nix/store/dsg3pr7wwrk51f7la9wgby173j18llqh-nix-2.1";
aarch64-linux = "/nix/store/m3qgnch4xin21pmd1azas8kkcp9rhkr6-nix-2.1";
x86_64-darwin = "/nix/store/n7fvy0k555gwkkdszdkhi3h0aahca8h3-nix-2.1";
x86_64-linux = "/nix/store/h180y3n5k1ypxgm1pcvj243qix5j45zz-nix-2.1.1";
i686-linux = "/nix/store/v2y4k4v9ml07jmfq739wyflapg3b7b5k-nix-2.1.1";
aarch64-linux = "/nix/store/v485craglq7xm5996ci8qy5dyc17dab0-nix-2.1.1";
x86_64-darwin = "/nix/store/lc3ymlix73kaad5srjdgaxp9ngr1sg6g-nix-2.1.1";
}

2
nixos/modules/misc/ids.nix
View file

@ -53,7 +53,7 @@
tomcat = 16;
#audio = 17; # unused
#floppy = 18; # unused
#uucp = 19; # unused
uucp = 19;
#lp = 20; # unused
#proc = 21; # unused
pulseaudio = 22; # must match `pulseaudio' GID

12
nixos/modules/misc/nixpkgs.nix
View file

@ -62,12 +62,11 @@ in
pkgs = mkOption {
defaultText = literalExample
''import "''${nixos}/.." {
inherit (config.nixpkgs) config overlays localSystem crossSystem;
inherit (cfg) config overlays localSystem crossSystem;
}
'';
default = import ../../.. {
localSystem = { inherit (cfg) system; } // cfg.localSystem;
inherit (cfg) config overlays crossSystem;
inherit (cfg) config overlays localSystem crossSystem;
};
type = pkgsType;
example = literalExample ''import <nixpkgs> {}'';
@ -140,8 +139,11 @@ in
localSystem = mkOption {
type = types.attrs; # TODO utilize lib.systems.parsedPlatform
default = { system = builtins.currentSystem; };
default = { inherit (cfg) system; };
example = { system = "aarch64-linux"; config = "aarch64-unknown-linux-gnu"; };
# Make sure that the final value has all fields for sake of other modules
# referring to this. TODO make `lib.systems` itself use the module system.
apply = lib.systems.elaborate;
defaultText = literalExample
''(import "''${nixos}/../lib").lib.systems.examples.aarch64-multiplatform'';
description = ''
@ -180,6 +182,7 @@ in
system = mkOption {
type = types.str;
example = "i686-linux";
default = { system = builtins.currentSystem; };
description = ''
Specifies the Nix platform type on which NixOS should be built.
It is better to specify <code>nixpkgs.localSystem</code> instead.
@ -196,6 +199,7 @@ in
</programlisting>
See <code>nixpkgs.localSystem</code> for more information.
Ignored when <code>nixpkgs.localSystem</code> is set.
Ignored when <code>nixpkgs.pkgs</code> is set.
'';
};

4
nixos/modules/module-list.nix
View file

@ -245,6 +245,7 @@
./services/desktops/gnome3/gnome-user-share.nix
./services/desktops/gnome3/gpaste.nix
./services/desktops/gnome3/gvfs.nix
./services/desktops/gnome3/rygel.nix
./services/desktops/gnome3/seahorse.nix
./services/desktops/gnome3/sushi.nix
./services/desktops/gnome3/tracker.nix
@ -406,6 +407,7 @@
./services/misc/taskserver
./services/misc/tzupdate.nix
./services/misc/uhub.nix
./services/misc/weechat.nix
./services/misc/xmr-stak.nix
./services/misc/zookeeper.nix
./services/monitoring/apcupsd.nix
@ -515,9 +517,11 @@
./services/networking/heyefi.nix
./services/networking/hostapd.nix
./services/networking/htpdate.nix
./services/networking/hylafax/default.nix
./services/networking/i2pd.nix
./services/networking/i2p.nix
./services/networking/iodine.nix
./services/networking/iperf3.nix
./services/networking/ircd-hybrid/default.nix
./services/networking/iwd.nix
./services/networking/keepalived/default.nix

12
nixos/modules/programs/bash/bash.nix
View file

@ -126,7 +126,9 @@ in
programs.bash = {
shellInit = ''
${config.system.build.setEnvironment.text}
if [ -z "$__NIXOS_SET_ENVIRONMENT_DONE" ]; then
. ${config.system.build.setEnvironment}
fi
${cfge.shellInit}
'';
@ -166,11 +168,11 @@ in
# Read system-wide modifications.
if test -f /etc/profile.local; then
. /etc/profile.local
. /etc/profile.local
fi
if [ -n "''${BASH_VERSION:-}" ]; then
. /etc/bashrc
. /etc/bashrc
fi
'';
@ -191,12 +193,12 @@ in
# We are not always an interactive shell.
if [ -n "$PS1" ]; then
${cfg.interactiveShellInit}
${cfg.interactiveShellInit}
fi
# Read system-wide modifications.
if test -f /etc/bashrc.local; then
. /etc/bashrc.local
. /etc/bashrc.local
fi
'';

2
nixos/modules/programs/dconf.nix
View file

@ -32,6 +32,8 @@ in
environment.etc = optionals (cfg.profiles != {})
(mapAttrsToList mkDconfProfile cfg.profiles);
services.dbus.packages = [ pkgs.gnome3.dconf ];
environment.variables.GIO_EXTRA_MODULES = optional cfg.enable
"${pkgs.gnome3.dconf.lib}/lib/gio/modules";
# https://github.com/NixOS/nixpkgs/pull/31891

19
nixos/modules/programs/fish.nix
View file

@ -27,7 +27,7 @@ in
'';
type = types.bool;
};
vendor.config.enable = mkOption {
type = types.bool;
default = true;
@ -43,7 +43,7 @@ in
Whether fish should use completion files provided by other packages.
'';
};
vendor.functions.enable = mkOption {
type = types.bool;
default = true;
@ -107,9 +107,11 @@ in
# This happens before $__fish_datadir/config.fish sets fish_function_path, so it is currently
# unset. We set it and then completely erase it, leaving its configuration to $__fish_datadir/config.fish
set fish_function_path ${pkgs.fish-foreign-env}/share/fish-foreign-env/functions $__fish_datadir/functions
# source the NixOS environment config
fenv source ${config.system.build.setEnvironment}
if [ -z "$__NIXOS_SET_ENVIRONMENT_DONE" ]
fenv source ${config.system.build.setEnvironment}
end
# clear fish_function_path so that it will be correctly set when we return to $__fish_datadir/config.fish
set -e fish_function_path
@ -123,7 +125,7 @@ in
set fish_function_path ${pkgs.fish-foreign-env}/share/fish-foreign-env/functions $fish_function_path
fenv source /etc/fish/foreign-env/shellInit > /dev/null
set -e fish_function_path[1]
${cfg.shellInit}
# and leave a note so we don't source this config section again from
@ -137,7 +139,7 @@ in
set fish_function_path ${pkgs.fish-foreign-env}/share/fish-foreign-env/functions $fish_function_path
fenv source /etc/fish/foreign-env/loginShellInit > /dev/null
set -e fish_function_path[1]
${cfg.loginShellInit}
# and leave a note so we don't source this config section again from
@ -149,12 +151,11 @@ in
status --is-interactive; and not set -q __fish_nixos_interactive_config_sourced
and begin
${fishAliases}
set fish_function_path ${pkgs.fish-foreign-env}/share/fish-foreign-env/functions $fish_function_path
fenv source /etc/fish/foreign-env/interactiveShellInit > /dev/null
set -e fish_function_path[1]
${cfg.promptInit}
${cfg.interactiveShellInit}
@ -170,7 +171,7 @@ in
++ optional cfg.vendor.config.enable "/share/fish/vendor_conf.d"
++ optional cfg.vendor.completions.enable "/share/fish/vendor_completions.d"
++ optional cfg.vendor.functions.enable "/share/fish/vendor_functions.d";
environment.systemPackages = [ pkgs.fish ];
environment.shells = [

14
nixos/modules/programs/zsh/zsh.nix
View file

@ -70,7 +70,7 @@ in
promptInit = mkOption {
default = ''
if [ "$TERM" != dumb ]; then
autoload -U promptinit && promptinit && prompt walters
autoload -U promptinit && promptinit && prompt walters
fi
'';
description = ''
@ -116,7 +116,9 @@ in
if [ -n "$__ETC_ZSHENV_SOURCED" ]; then return; fi
export __ETC_ZSHENV_SOURCED=1
${config.system.build.setEnvironment.text}
if [ -z "$__NIXOS_SET_ENVIRONMENT_DONE" ]; then
. ${config.system.build.setEnvironment}
fi
${cfge.shellInit}
@ -124,7 +126,7 @@ in
# Read system-wide modifications.
if test -f /etc/zshenv.local; then
. /etc/zshenv.local
. /etc/zshenv.local
fi
'';
@ -143,7 +145,7 @@ in
# Read system-wide modifications.
if test -f /etc/zprofile.local; then
. /etc/zprofile.local
. /etc/zprofile.local
fi
'';
@ -169,7 +171,7 @@ in
# Tell zsh how to find installed completions
for p in ''${(z)NIX_PROFILES}; do
fpath+=($p/share/zsh/site-functions $p/share/zsh/$ZSH_VERSION/functions $p/share/zsh/vendor-completions)
fpath+=($p/share/zsh/site-functions $p/share/zsh/$ZSH_VERSION/functions $p/share/zsh/vendor-completions)
done
${optionalString cfg.enableGlobalCompInit "autoload -U compinit && compinit"}
@ -184,7 +186,7 @@ in
# Read system-wide modifications.
if test -f /etc/zshrc.local; then
. /etc/zshrc.local
. /etc/zshrc.local
fi
'';

8
nixos/modules/security/acme.nix
View file

@ -302,15 +302,15 @@ in
workdir="$(mktemp -d)"
# Create CA
openssl genrsa -des3 -passout pass:x -out $workdir/ca.pass.key 2048
openssl rsa -passin pass:x -in $workdir/ca.pass.key -out $workdir/ca.key
openssl genrsa -des3 -passout pass:xxxx -out $workdir/ca.pass.key 2048
openssl rsa -passin pass:xxxx -in $workdir/ca.pass.key -out $workdir/ca.key
openssl req -new -key $workdir/ca.key -out $workdir/ca.csr \
-subj "/C=UK/ST=Warwickshire/L=Leamington/O=OrgName/OU=Security Department/CN=example.com"
openssl x509 -req -days 1 -in $workdir/ca.csr -signkey $workdir/ca.key -out $workdir/ca.crt
# Create key
openssl genrsa -des3 -passout pass:x -out $workdir/server.pass.key 2048
openssl rsa -passin pass:x -in $workdir/server.pass.key -out $workdir/server.key
openssl genrsa -des3 -passout pass:xxxx -out $workdir/server.pass.key 2048
openssl rsa -passin pass:xxxx -in $workdir/server.pass.key -out $workdir/server.key
openssl req -new -key $workdir/server.key -out $workdir/server.csr \
-subj "/C=UK/ST=Warwickshire/L=Leamington/O=OrgName/OU=IT Department/CN=example.com"
openssl x509 -req -days 1 -in $workdir/server.csr -CA $workdir/ca.crt \

10
nixos/modules/services/computing/slurm/slurm.nix
View file

@ -8,6 +8,7 @@ let
# configuration file can be generated by http://slurm.schedmd.com/configurator.html
configFile = pkgs.writeTextDir "slurm.conf"
''
ClusterName=${cfg.clusterName}
${optionalString (cfg.controlMachine != null) ''controlMachine=${cfg.controlMachine}''}
${optionalString (cfg.controlAddr != null) ''controlAddr=${cfg.controlAddr}''}
${optionalString (cfg.nodeName != null) ''nodeName=${cfg.nodeName}''}
@ -105,6 +106,15 @@ in
'';
};
clusterName = mkOption {
type = types.str;
default = "default";
example = "myCluster";
description = ''
Necessary to distinguish accounting records in a multi-cluster environment.
'';
};
nodeName = mkOption {
type = types.nullOr types.str;
default = null;

30
nixos/modules/services/desktops/gnome3/rygel.nix Normal file
View file

@ -0,0 +1,30 @@
# rygel service.
{ config, lib, pkgs, ... }:
with lib;
{
###### interface
options = {
services.gnome3.rygel = {
enable = mkOption {
default = false;
description = ''
Whether to enable Rygel UPnP Mediaserver.
You will need to also allow UPnP connections in firewall, see the following <link xlink:href="https://github.com/NixOS/nixpkgs/pull/45045#issuecomment-416030795">comment</link>.
'';
type = types.bool;
};
};
};
###### implementation
config = mkIf config.services.gnome3.rygel.enable {
environment.systemPackages = [ pkgs.gnome3.rygel ];
services.dbus.packages = [ pkgs.gnome3.rygel ];
systemd.packages = [ pkgs.gnome3.rygel ];
};
}

56
nixos/modules/services/misc/weechat.nix Normal file
View file

@ -0,0 +1,56 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.weechat;
in
{
options.services.weechat = {
enable = mkEnableOption "weechat";
root = mkOption {
description = "Weechat state directory.";
type = types.str;
default = "/var/lib/weechat";
};
sessionName = mkOption {
description = "Name of the `screen' session for weechat.";
default = "weechat-screen";
type = types.str;
};
binary = mkOption {
description = "Binary to execute (by default \${weechat}/bin/weechat).";
example = literalExample ''
''${pkgs.weechat}/bin/weechat-headless
'';
default = "${pkgs.weechat}/bin/weechat";
};
};
config = mkIf cfg.enable {
users = {
groups.weechat = {};
users.weechat = {
createHome = true;
group = "weechat";
home = cfg.root;
isSystemUser = true;
};
};
systemd.services.weechat = {
environment.WEECHAT_HOME = cfg.root;
serviceConfig = {
User = "weechat";
Group = "weechat";
RemainAfterExit = "yes";
};
script = "exec ${pkgs.screen}/bin/screen -Dm -S ${cfg.sessionName} ${cfg.binary}";
wantedBy = [ "multi-user.target" ];
wants = [ "network.target" ];
};
};
meta.doc = ./weechat.xml;
}

61
nixos/modules/services/misc/weechat.xml Normal file
View file

@ -0,0 +1,61 @@
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="module-services-weechat">
<title>WeeChat</title>
<para><link xlink:href="https://weechat.org/">WeeChat</link> is a fast and extensible IRC client.</para>
<section><title>Basic Usage</title>
<para>
By default, the module creates a
<literal><link xlink:href="https://www.freedesktop.org/wiki/Software/systemd/">systemd</link></literal> unit
which runs the chat client in a detached
<literal><link xlink:href="https://www.gnu.org/software/screen/">screen</link></literal> session.
</para>
<para>
This can be done by enabling the <literal>weechat</literal> service:
<programlisting>
{ ... }:
{
<link linkend="opt-services.weechat.enable">services.weechat.enable</link> = true;
}
</programlisting>
</para>
<para>
The service is managed by a dedicated user
named <literal>weechat</literal> in the state directory
<literal>/var/lib/weechat</literal>.
</para>
</section>
<section><title>Re-attaching to WeeChat</title>
<para>
WeeChat runs in a screen session owned by a dedicated user. To explicitly
allow your another user to attach to this session, the <literal>screenrc</literal> needs to be tweaked
by adding <link xlink:href="https://www.gnu.org/software/screen/manual/html_node/Multiuser.html#Multiuser">multiuser</link> support:
<programlisting>
{
<link linkend="opt-programs.screen.screenrc">programs.screen.screenrc</link> = ''
multiuser on
acladd normal_user
'';
}
</programlisting>
Now, the session can be re-attached like this:
<programlisting>
screen -r weechat-screen
</programlisting>
</para>
<para>
<emphasis>The session name can be changed using <link linkend="opt-services.weechat.sessionName">services.weechat.sessionName.</link></emphasis>
</para>
</section>
</chapter>

2
nixos/modules/services/monitoring/grafana.nix
View file

@ -235,7 +235,7 @@ in {
but without GF_ prefix
'';
default = {};
type = types.attrsOf types.str;
type = with types; attrsOf (either str path);
};
};

22
nixos/modules/services/monitoring/riemann.nix
View file

@ -17,9 +17,9 @@ let
launcher = writeScriptBin "riemann" ''
#!/bin/sh
exec ${jdk}/bin/java ${concatStringsSep "\n" cfg.extraJavaOpts} \
exec ${jdk}/bin/java ${concatStringsSep " " cfg.extraJavaOpts} \
-cp ${classpath} \
riemann.bin ${writeText "riemann-config.clj" riemannConfig}
riemann.bin ${cfg.configFile}
'';
in {
@ -37,7 +37,8 @@ in {
config = mkOption {
type = types.lines;
description = ''
Contents of the Riemann configuration file.
Contents of the Riemann configuration file. For more complicated
config you should use configFile.
'';
};
configFiles = mkOption {
@ -47,7 +48,15 @@ in {
Extra files containing Riemann configuration. These files will be
loaded at runtime by Riemann (with Clojure's
<literal>load-file</literal> function) at the end of the
configuration.
configuration if you use the config option, this is ignored if you
use configFile.
'';
};
configFile = mkOption {
type = types.str;
description = ''
A Riemann config file. Any files in the same directory as this file
will be added to the classpath by Riemann.
'';
};
extraClasspathEntries = mkOption {
@ -77,6 +86,10 @@ in {
group = "riemann";
};
services.riemann.configFile = mkDefault (
writeText "riemann-config.clj" riemannConfig
);
systemd.services.riemann = {
wantedBy = [ "multi-user.target" ];
path = [ inetutils ];
@ -84,6 +97,7 @@ in {
User = "riemann";
ExecStart = "${launcher}/bin/riemann";
};
serviceConfig.LimitNOFILE = 65536;
};
};

29
nixos/modules/services/networking/hylafax/default.nix Normal file
View file

@ -0,0 +1,29 @@
{ config, lib, pkgs, ... }:
{
imports = [
./options.nix
./systemd.nix
];
config = lib.modules.mkIf config.services.hylafax.enable {
environment.systemPackages = [ pkgs.hylafaxplus ];
users.users.uucp = {
uid = config.ids.uids.uucp;
group = "uucp";
description = "Unix-to-Unix CoPy system";
isSystemUser = true;
inherit (config.users.users.nobody) home;
};
assertions = [{
assertion = config.services.hylafax.modems != {};
message = ''
HylaFAX cannot be used without modems.
Please define at least one modem with
<option>config.services.hylafax.modems</option>.
'';
}];
};
}

12
nixos/modules/services/networking/hylafax/faxq-default.nix Normal file
View file

@ -0,0 +1,12 @@
{ ... }:
# see man:hylafax-config(5)
{
ModemGroup = [ ''"any:.*"'' ];
ServerTracing = "0x78701";
SessionTracing = "0x78701";
UUCPLockDir = "/var/lock";
}

29
nixos/modules/services/networking/hylafax/faxq-wait.sh Executable file
View file

@ -0,0 +1,29 @@
#! @shell@ -e
# skip this if there are no modems at all
if ! stat -t "@spoolAreaPath@"/etc/config.* >/dev/null 2>&1
then
exit 0
fi
echo "faxq started, waiting for modem(s) to initialize..."
for i in `seq @timeoutSec@0 -1 0` # gracefully timeout
do
sleep 0.1
# done if status files exist, but don't mention initialization
if \
stat -t "@spoolAreaPath@"/status/* >/dev/null 2>&1 \
&& \
! grep --silent --ignore-case 'initializing server' \
"@spoolAreaPath@"/status/*
then
echo "modem(s) apparently ready"
exit 0
fi
# if i reached 0, modems probably failed to initialize
if test $i -eq 0
then
echo "warning: modem initialization timed out"
fi
done

10
nixos/modules/services/networking/hylafax/hfaxd-default.nix Normal file
View file

@ -0,0 +1,10 @@
{ ... }:
# see man:hfaxd(8)
{
ServerTracing = "0x91";
XferLogFile = "/clientlog";
}

22
nixos/modules/services/networking/hylafax/modem-default.nix Normal file
View file

@ -0,0 +1,22 @@
{ pkgs, ... }:
# see man:hylafax-config(5)
{
TagLineFont = "etc/LiberationSans-25.pcf";
TagLineLocale = ''en_US.UTF-8'';
AdminGroup = "root"; # groups that can change server config
AnswerRotary = "fax"; # don't accept anything else but faxes
LogFileMode = "0640";
PriorityScheduling = true;
RecvFileMode = "0640";
ServerTracing = "0x78701";
SessionTracing = "0x78701";
UUCPLockDir = "/var/lock";
SendPageCmd = ''${pkgs.coreutils}/bin/false''; # prevent pager transmit
SendUUCPCmd = ''${pkgs.coreutils}/bin/false''; # prevent UUCP transmit
}

375
nixos/modules/services/networking/hylafax/options.nix Normal file
View file

@ -0,0 +1,375 @@
{ config, lib, pkgs, ... }:
let
inherit (lib.options) literalExample mkEnableOption mkOption;
inherit (lib.types) bool enum int lines loaOf nullOr path str submodule;
inherit (lib.modules) mkDefault mkIf mkMerge;
commonDescr = ''
Values can be either strings or integers
(which will be added to the config file verbatimly)
or lists thereof
(which will be translated to multiple
lines with the same configuration key).
Boolean values are translated to "Yes" or "No".
The default contains some reasonable
configuration to yield an operational system.
'';
str1 = lib.types.addCheck str (s: s!=""); # non-empty string
int1 = lib.types.addCheck int (i: i>0); # positive integer
configAttrType =
# Options in HylaFAX configuration files can be
# booleans, strings, integers, or list thereof
# representing multiple config directives with the same key.
# This type definition resolves all
# those types into a list of strings.
let
inherit (lib.types) attrsOf coercedTo listOf;
innerType = coercedTo bool (x: if x then "Yes" else "No")
(coercedTo int (toString) str);
in
attrsOf (coercedTo innerType lib.singleton (listOf innerType));
cfg = config.services.hylafax;
modemConfigOptions = { name, config, ... }: {
options = {
name = mkOption {
type = str1;
example = "ttyS1";
description = ''
Name of modem device,
will be searched for in <filename>/dev</filename>.
'';
};
type = mkOption {
type = str1;
example = "cirrus";
description = ''
Name of modem configuration file,
will be searched for in <filename>config</filename>
in the spooling area directory.
'';
};
config = mkOption {
type = configAttrType;
example = {
AreaCode = "49";
LocalCode = "30";
FAXNumber = "123456";
LocalIdentifier = "LostInBerlin";
};
description = ''
Attribute set of values for the given modem.
${commonDescr}
Options defined here override options in
<option>commonModemConfig</option> for this modem.
'';
};
};
config.name = mkDefault name;
config.config.Include = [ "config/${config.type}" ];
};
defaultConfig =
let
inherit (config.security) wrapperDir;
inherit (config.services.mail.sendmailSetuidWrapper) program;
mkIfDefault = cond: value: mkIf cond (mkDefault value);
noWrapper = config.services.mail.sendmailSetuidWrapper==null;
# If a sendmail setuid wrapper exists,
# we add the path to the default configuration file.
# Otherwise, we use `false` to provoke
# an error if hylafax tries to use it.
c.sendmailPath = mkMerge [
(mkIfDefault noWrapper ''${pkgs.coreutils}/bin/false'')
(mkIfDefault (!noWrapper) ''${wrapperDir}/${program}'')
];
importDefaultConfig = file:
lib.attrsets.mapAttrs
(lib.trivial.const mkDefault)
(import file { inherit pkgs; });
c.commonModemConfig = importDefaultConfig ./modem-default.nix;
c.faxqConfig = importDefaultConfig ./faxq-default.nix;
c.hfaxdConfig = importDefaultConfig ./hfaxd-default.nix;
in
c;
localConfig =
let
c.hfaxdConfig.UserAccessFile = cfg.userAccessFile;
c.faxqConfig = lib.attrsets.mapAttrs
(lib.trivial.const (v: mkIf (v!=null) v))
{
AreaCode = cfg.areaCode;
CountryCode = cfg.countryCode;
LongDistancePrefix = cfg.longDistancePrefix;
InternationalPrefix = cfg.internationalPrefix;
};
c.commonModemConfig = c.faxqConfig;
in
c;
in
{
options.services.hylafax = {
enable = mkEnableOption ''HylaFAX server'';
autostart = mkOption {
type = bool;
default = true;
example = false;
description = ''
Autostart the HylaFAX queue manager at system start.
If this is <literal>false</literal>, the queue manager
will still be started if there are pending
jobs or if a user tries to connect to it.
'';
};
countryCode = mkOption {
type = nullOr str1;
default = null;
example = "49";
description = ''Country code for server and all modems.'';
};
areaCode = mkOption {
type = nullOr str1;
default = null;
example = "30";
description = ''Area code for server and all modems.'';
};
longDistancePrefix = mkOption {
type = nullOr str;
default = null;
example = "0";
description = ''Long distance prefix for server and all modems.'';
};
internationalPrefix = mkOption {
type = nullOr str;
default = null;
example = "00";
description = ''International prefix for server and all modems.'';
};
spoolAreaPath = mkOption {
type = path;
default = "/var/spool/fax";
description = ''
The spooling area will be created/maintained
at the location given here.
'';
};
userAccessFile = mkOption {
type = path;
default = "/etc/hosts.hfaxd";
description = ''
The <filename>hosts.hfaxd</filename>
file entry in the spooling area
will be symlinked to the location given here.
This file must exist and be
readable only by the <literal>uucp</literal> user.
See hosts.hfaxd(5) for details.
This configuration permits access for all users:
<literal>
environment.etc."hosts.hfaxd" = {
mode = "0600";
user = "uucp";
text = ".*";
};
</literal>
Note that host-based access can be controlled with
<option>config.systemd.sockets.hylafax-hfaxd.listenStreams</option>;
by default, only 127.0.0.1 is permitted to connect.
'';
};
sendmailPath = mkOption {
type = path;
example = literalExample "''${pkgs.postfix}/bin/sendmail";
# '' ; # fix vim
description = ''
Path to <filename>sendmail</filename> program.
The default uses the local sendmail wrapper
(see <option>config.services.mail.sendmailSetuidWrapper</option>),
otherwise the <filename>false</filename>
binary to cause an error if used.
'';
};
hfaxdConfig = mkOption {
type = configAttrType;
example.RecvqProtection = "0400";
description = ''
Attribute set of lines for the global
hfaxd config file <filename>etc/hfaxd.conf</filename>.
${commonDescr}
'';
};
faxqConfig = mkOption {
type = configAttrType;
example = {
InternationalPrefix = "00";
LongDistancePrefix = "0";
};
description = ''
Attribute set of lines for the global
faxq config file <filename>etc/config</filename>.
${commonDescr}
'';
};
commonModemConfig = mkOption {
type = configAttrType;
example = {
InternationalPrefix = "00";
LongDistancePrefix = "0";
};
description = ''
Attribute set of default values for
modem config files <filename>etc/config.*</filename>.
${commonDescr}
Think twice before changing
paths of fax-processing scripts.
'';
};
modems = mkOption {
type = loaOf (submodule [ modemConfigOptions ]);
default = {};
example.ttyS1 = {
type = "cirrus";
config = {
FAXNumber = "123456";
LocalIdentifier = "Smith";
};
};
description = ''
Description of installed modems.
At least on modem must be defined
to enable the HylaFAX server.
'';
};
spoolExtraInit = mkOption {
type = lines;
default = "";
example = ''chmod 0755 . # everyone may read my faxes'';
description = ''
Additional shell code that is executed within the
spooling area directory right after its setup.
'';
};
faxcron.enable.spoolInit = mkEnableOption ''
Purge old files from the spooling area with
<filename>faxcron</filename>
each time the spooling area is initialized.
'';
faxcron.enable.frequency = mkOption {
type = nullOr str1;
default = null;
example = "daily";
description = ''
Purge old files from the spooling area with
<filename>faxcron</filename> with the given frequency
(see systemd.time(7)).
'';
};
faxcron.infoDays = mkOption {
type = int1;
default = 30;
description = ''
Set the expiration time for data in the
remote machine information directory in days.
'';
};
faxcron.logDays = mkOption {
type = int1;
default = 30;
description = ''
Set the expiration time for
session trace log files in days.
'';
};
faxcron.rcvDays = mkOption {
type = int1;
default = 7;
description = ''
Set the expiration time for files in
the received facsimile queue in days.
'';
};
faxqclean.enable.spoolInit = mkEnableOption ''
Purge old files from the spooling area with
<filename>faxqclean</filename>
each time the spooling area is initialized.
'';
faxqclean.enable.frequency = mkOption {
type = nullOr str1;
default = null;
example = "daily";
description = ''
Purge old files from the spooling area with
<filename>faxcron</filename> with the given frequency
(see systemd.time(7)).
'';
};
faxqclean.archiving = mkOption {
type = enum [ "never" "as-flagged" "always" ];
default = "as-flagged";
example = "always";
description = ''
Enable or suppress job archiving:
<literal>never</literal> disables job archiving,
<literal>as-flagged</literal> archives jobs that
have been flagged for archiving by sendfax,
<literal>always</literal> forces archiving of all jobs.
See also sendfax(1) and faxqclean(8).
'';
};
faxqclean.doneqMinutes = mkOption {
type = int1;
default = 15;
example = literalExample ''24*60'';
description = ''
Set the job
age threshold (in minutes) that controls how long
jobs may reside in the doneq directory.
'';
};
faxqclean.docqMinutes = mkOption {
type = int1;
default = 60;
example = literalExample ''24*60'';
description = ''
Set the document
age threshold (in minutes) that controls how long
unreferenced files may reside in the docq directory.
'';
};
};
config.services.hylafax =
mkIf
(config.services.hylafax.enable)
(mkMerge [ defaultConfig localConfig ])
;
}

111
nixos/modules/services/networking/hylafax/spool.sh Executable file
View file

@ -0,0 +1,111 @@
#! @shell@ -e
# The following lines create/update the HylaFAX spool directory:
# Subdirectories/files with persistent data are kept,
# other directories/files are removed/recreated,
# mostly from the template spool
# directory in the HylaFAX package.
# This block explains how the spool area is
# derived from the spool template in the HylaFAX package:
#
# + capital letter: directory; file otherwise
# + P/p: persistent directory
# + F/f: directory with symlinks per entry
# + T/t: temporary data
# + S/s: single symlink into package
# |
# | + u: change ownership to uucp:uucp
# | + U: ..also change access mode to user-only
# | |
# archive P U
# bin S
# client T u (client connection info)
# config S
# COPYRIGHT s
# dev T u (maybe some FIFOs)
# docq P U
# doneq P U
# etc F contains customized config files!
# etc/hosts.hfaxd f
# etc/xferfaxlog f
# info P u (database of called devices)
# log P u (communication logs)
# pollq P U
# recvq P u
# sendq P U
# status T u (modem status info files)
# tmp T U
shopt -s dotglob # if bash sees "*", it also includes dot files
lnsym () { ln --symbol "$@" ; }
lnsymfrc () { ln --symbolic --force "$@" ; }
cprd () { cp --remove-destination "$@" ; }
update () { install --owner=@faxuser@ --group=@faxgroup@ "$@" ; }
## create/update spooling area
update --mode=0750 -d "@spoolAreaPath@"
cd "@spoolAreaPath@"
persist=(archive docq doneq info log pollq recvq sendq)
# remove entries that don't belong here
touch dummy # ensure "*" resolves to something
for k in *
do
keep=0
for j in "${persist[@]}" xferfaxlog clientlog faxcron.lastrun
do
if test "$k" == "$j"
then
keep=1
break
fi
done
if test "$keep" == "0"
then
rm --recursive "$k"
fi
done
# create persistent data directories (unless they exist already)
update --mode=0700 -d "${persist[@]}"
chmod 0755 info log recvq
# create ``xferfaxlog``, ``faxcron.lastrun``, ``clientlog``
touch clientlog faxcron.lastrun xferfaxlog
chown @faxuser@:@faxgroup@ clientlog faxcron.lastrun xferfaxlog
# create symlinks for frozen directories/files
lnsym --target-directory=. "@hylafax@"/spool/{COPYRIGHT,bin,config}
# create empty temporary directories
update --mode=0700 -d client dev status
update -d tmp
## create and fill etc
install -d "@spoolAreaPath@/etc"
cd "@spoolAreaPath@/etc"
# create symlinks to all files in template's etc
lnsym --target-directory=. "@hylafax@/spool/etc"/*
# set LOCKDIR in setup.cache
sed --regexp-extended 's|^(UUCP_LOCKDIR=).*$|\1'"'@lockPath@'|g" --in-place setup.cache
# etc/{xferfaxlog,lastrun} are stored in the spool root
lnsymfrc --target-directory=. ../xferfaxlog
lnsymfrc --no-target-directory ../faxcron.lastrun lastrun
# etc/hosts.hfaxd is provided by the NixOS configuration
lnsymfrc --no-target-directory "@userAccessFile@" hosts.hfaxd
# etc/config and etc/config.${DEVID} must be copied:
# hfaxd reads these file after locking itself up in a chroot
cprd --no-target-directory "@globalConfigPath@" config
cprd --target-directory=. "@modemConfigPath@"/*

249
nixos/modules/services/networking/hylafax/systemd.nix Normal file
View file

@ -0,0 +1,249 @@
{ config, lib, pkgs, ... }:
let
inherit (lib) mkIf mkMerge;
inherit (lib) concatStringsSep optionalString;
cfg = config.services.hylafax;
mapModems = lib.flip map (lib.attrValues cfg.modems);
mkConfigFile = name: conf:
# creates hylafax config file,
# makes sure "Include" is listed *first*
let
mkLines = conf:
(lib.concatLists
(lib.flip lib.mapAttrsToList conf
(k: map (v: ''${k}: ${v}'')
)));
include = mkLines { Include = conf.Include or []; };
other = mkLines ( conf // { Include = []; } );
in
pkgs.writeText ''hylafax-config${name}''
(concatStringsSep "\n" (include ++ other));
globalConfigPath = mkConfigFile "" cfg.faxqConfig;
modemConfigPath =
let
mkModemConfigFile = { config, name, ... }:
mkConfigFile ''.${name}''
(cfg.commonModemConfig // config);
mkLine = { name, type, ... }@modem: ''
# check if modem config file exists:
test -f "${pkgs.hylafaxplus}/spool/config/${type}"
ln \
--symbolic \
--no-target-directory \
"${mkModemConfigFile modem}" \
"$out/config.${name}"
'';
in
pkgs.runCommand "hylafax-config-modems" {}
''mkdir --parents "$out/" ${concatStringsSep "\n" (mapModems mkLine)}'';
setupSpoolScript = pkgs.substituteAll {
name = "hylafax-setup-spool.sh";
src = ./spool.sh;
isExecutable = true;
inherit (pkgs.stdenv) shell;
hylafax = pkgs.hylafaxplus;
faxuser = "uucp";
faxgroup = "uucp";
lockPath = "/var/lock";
inherit globalConfigPath modemConfigPath;
inherit (cfg) sendmailPath spoolAreaPath userAccessFile;
};
waitFaxqScript = pkgs.substituteAll {
# This script checks the modems status files
# and waits until all modems report readiness.
name = "hylafax-faxq-wait-start.sh";
src = ./faxq-wait.sh;
isExecutable = true;
timeoutSec = toString 10;
inherit (pkgs.stdenv) shell;
inherit (cfg) spoolAreaPath;
};
sockets."hylafax-hfaxd" = {
description = "HylaFAX server socket";
documentation = [ "man:hfaxd(8)" ];
wantedBy = [ "multi-user.target" ];
listenStreams = [ "127.0.0.1:4559" ];
socketConfig.FreeBind = true;
socketConfig.Accept = true;
};
paths."hylafax-faxq" = {
description = "HylaFAX queue manager sendq watch";
documentation = [ "man:faxq(8)" "man:sendq(5)" ];
wantedBy = [ "multi-user.target" ];
pathConfig.PathExistsGlob = [ ''${cfg.spoolAreaPath}/sendq/q*'' ];
};
timers = mkMerge [
(
mkIf (cfg.faxcron.enable.frequency!=null)
{ "hylafax-faxcron".timerConfig.Persistent = true; }
)
(
mkIf (cfg.faxqclean.enable.frequency!=null)
{ "hylafax-faxqclean".timerConfig.Persistent = true; }
)
];
hardenService =
# Add some common systemd service hardening settings,
# but allow each service (here) to override
# settings by explicitely setting those to `null`.
# More hardening would be nice but makes
# customizing hylafax setups very difficult.
# If at all, it should only be added along
# with some options to customize it.
let
hardening = {
PrivateDevices = true; # breaks /dev/tty...
PrivateNetwork = true;
PrivateTmp = true;
ProtectControlGroups = true;
#ProtectHome = true; # breaks custom spool dirs
ProtectKernelModules = true;
ProtectKernelTunables = true;
#ProtectSystem = "strict"; # breaks custom spool dirs
RestrictNamespaces = true;
RestrictRealtime = true;
};
filter = key: value: (value != null) || ! (lib.hasAttr key hardening);
apply = service: lib.filterAttrs filter (hardening // (service.serviceConfig or {}));
in
service: service // { serviceConfig = apply service; };
services."hylafax-spool" = {
description = "HylaFAX spool area preparation";
documentation = [ "man:hylafax-server(4)" ];
script = ''
${setupSpoolScript}
cd "${cfg.spoolAreaPath}"
${cfg.spoolExtraInit}
if ! test -f "${cfg.spoolAreaPath}/etc/hosts.hfaxd"
then
echo hosts.hfaxd is missing
exit 1
fi
'';
serviceConfig.ExecStop = ''${setupSpoolScript}'';
serviceConfig.RemainAfterExit = true;
serviceConfig.Type = "oneshot";
unitConfig.RequiresMountsFor = [ cfg.spoolAreaPath ];
};
services."hylafax-faxq" = {
description = "HylaFAX queue manager";
documentation = [ "man:faxq(8)" ];
requires = [ "hylafax-spool.service" ];
after = [ "hylafax-spool.service" ];
wants = mapModems ( { name, ... }: ''hylafax-faxgetty@${name}.service'' );
wantedBy = mkIf cfg.autostart [ "multi-user.target" ];
serviceConfig.Type = "forking";
serviceConfig.ExecStart = ''${pkgs.hylafaxplus}/spool/bin/faxq -q "${cfg.spoolAreaPath}"'';
# This delays the "readiness" of this service until
# all modems are initialized (or a timeout is reached).
# Otherwise, sending a fax with the fax service
# stopped will always yield a failed send attempt:
# The fax service is started when the job is created with
# `sendfax`, but modems need some time to initialize.
serviceConfig.ExecStartPost = [ ''${waitFaxqScript}'' ];
# faxquit fails if the pipe is already gone
# (e.g. the service is already stopping)
serviceConfig.ExecStop = ''-${pkgs.hylafaxplus}/spool/bin/faxquit -q "${cfg.spoolAreaPath}"'';
# disable some systemd hardening settings
serviceConfig.PrivateDevices = null;
serviceConfig.RestrictRealtime = null;
};
services."hylafax-hfaxd@" = {
description = "HylaFAX server";
documentation = [ "man:hfaxd(8)" ];
after = [ "hylafax-faxq.service" ];
requires = [ "hylafax-faxq.service" ];
serviceConfig.StandardInput = "socket";
serviceConfig.StandardOutput = "socket";
serviceConfig.ExecStart = ''${pkgs.hylafaxplus}/spool/bin/hfaxd -q "${cfg.spoolAreaPath}" -d -I'';
unitConfig.RequiresMountsFor = [ cfg.userAccessFile ];
# disable some systemd hardening settings
serviceConfig.PrivateDevices = null;
serviceConfig.PrivateNetwork = null;
};
services."hylafax-faxcron" = rec {
description = "HylaFAX spool area maintenance";
documentation = [ "man:faxcron(8)" ];
after = [ "hylafax-spool.service" ];
requires = [ "hylafax-spool.service" ];
wantedBy = mkIf cfg.faxcron.enable.spoolInit requires;
startAt = mkIf (cfg.faxcron.enable.frequency!=null) cfg.faxcron.enable.frequency;
serviceConfig.ExecStart = concatStringsSep " " [
''${pkgs.hylafaxplus}/spool/bin/faxcron''
''-q "${cfg.spoolAreaPath}"''
''-info ${toString cfg.faxcron.infoDays}''
''-log ${toString cfg.faxcron.logDays}''
''-rcv ${toString cfg.faxcron.rcvDays}''
];
};
services."hylafax-faxqclean" = rec {
description = "HylaFAX spool area queue cleaner";
documentation = [ "man:faxqclean(8)" ];
after = [ "hylafax-spool.service" ];
requires = [ "hylafax-spool.service" ];
wantedBy = mkIf cfg.faxqclean.enable.spoolInit requires;
startAt = mkIf (cfg.faxqclean.enable.frequency!=null) cfg.faxqclean.enable.frequency;
serviceConfig.ExecStart = concatStringsSep " " [
''${pkgs.hylafaxplus}/spool/bin/faxqclean''
''-q "${cfg.spoolAreaPath}"''
''-v''
(optionalString (cfg.faxqclean.archiving!="never") ''-a'')
(optionalString (cfg.faxqclean.archiving=="always") ''-A'')
''-j ${toString (cfg.faxqclean.doneqMinutes*60)}''
''-d ${toString (cfg.faxqclean.docqMinutes*60)}''
];
};
mkFaxgettyService = { name, ... }:
lib.nameValuePair ''hylafax-faxgetty@${name}'' rec {
description = "HylaFAX faxgetty for %I";
documentation = [ "man:faxgetty(8)" ];
bindsTo = [ "dev-%i.device" ];
requires = [ "hylafax-spool.service" ];
after = bindsTo ++ requires;
before = [ "hylafax-faxq.service" "getty.target" ];
unitConfig.StopWhenUnneeded = true;
unitConfig.AssertFileNotEmpty = ''${cfg.spoolAreaPath}/etc/config.%I'';
serviceConfig.UtmpIdentifier = "%I";
serviceConfig.TTYPath = "/dev/%I";
serviceConfig.Restart = "always";
serviceConfig.KillMode = "process";
serviceConfig.IgnoreSIGPIPE = false;
serviceConfig.ExecStart = ''-${pkgs.hylafaxplus}/spool/bin/faxgetty -q "${cfg.spoolAreaPath}" /dev/%I'';
# faxquit fails if the pipe is already gone
# (e.g. the service is already stopping)
serviceConfig.ExecStop = ''-${pkgs.hylafaxplus}/spool/bin/faxquit -q "${cfg.spoolAreaPath}" %I'';
# disable some systemd hardening settings
serviceConfig.PrivateDevices = null;
serviceConfig.RestrictRealtime = null;
};
modemServices =
lib.listToAttrs (mapModems mkFaxgettyService);
in
{
config.systemd = mkIf cfg.enable {
inherit sockets timers paths;
services = lib.mapAttrs (lib.const hardenService) (services // modemServices);
};
}

618
nixos/modules/services/networking/i2pd.nix
View file

@ -8,6 +8,17 @@ let
homeDir = "/var/lib/i2pd";
strOpt = k: v: k + " = " + v;
boolOpt = k: v: k + " = " + boolToString v;
intOpt = k: v: k + " = " + toString v;
lstOpt = k: xs: k + " = " + concatStringsSep "," xs;
optionalNullString = o: s: optional (! isNull s) (strOpt o s);
optionalNullBool = o: b: optional (! isNull b) (boolOpt o b);
optionalNullInt = o: i: optional (! isNull i) (intOpt o i);
optionalEmptyList = o: l: optional ([] != l) (lstOpt o l);
mkEnableTrueOption = name: mkEnableOption name // { default = true; };
mkEndpointOpt = name: addr: port: {
enable = mkEnableOption name;
name = mkOption {
@ -18,42 +29,54 @@ let
address = mkOption {
type = types.str;
default = addr;
description = "Bind address for ${name} endpoint. Default: " + addr;
description = "Bind address for ${name} endpoint.";
};
port = mkOption {
type = types.int;
default = port;
description = "Bind port for ${name} endoint. Default: " + toString port;
description = "Bind port for ${name} endoint.";
};
};
mkKeyedEndpointOpt = name: addr: port: keyFile:
i2cpOpts = name: {
length = mkOption {
type = types.int;
description = "Guaranteed minimum hops for ${name} tunnels.";
default = 3;
};
quantity = mkOption {
type = types.int;
description = "Number of simultaneous ${name} tunnels.";
default = 5;
};
};
mkKeyedEndpointOpt = name: addr: port: keyloc:
(mkEndpointOpt name addr port) // {
keys = mkOption {
type = types.str;
default = "";
type = with types; nullOr str;
default = keyloc;
description = ''
File to persist ${lib.toUpper name} keys.
'';
};
inbound = i2cpOpts name;
outbound = i2cpOpts name;
latency.min = mkOption {
type = with types; nullOr int;
description = "Min latency for tunnels.";
default = null;
};
latency.max = mkOption {
type = with types; nullOr int;
description = "Max latency for tunnels.";
default = null;
};
};
commonTunOpts = let
i2cpOpts = {
length = mkOption {
type = types.int;
description = "Guaranteed minimum hops.";
default = 3;
};
quantity = mkOption {
type = types.int;
description = "Number of simultaneous tunnels.";
default = 5;
};
};
in name: {
outbound = i2cpOpts;
inbound = i2cpOpts;
commonTunOpts = name: {
outbound = i2cpOpts name;
inbound = i2cpOpts name;
crypto.tagsToSend = mkOption {
type = types.int;
description = "Number of ElGamal/AES tags to send.";
@ -70,94 +93,142 @@ let
};
} // mkEndpointOpt name "127.0.0.1" 0;
i2pdConf = pkgs.writeText "i2pd.conf" ''
# DO NOT EDIT -- this file has been generated automatically.
loglevel = ${cfg.logLevel}
ipv4 = ${boolToString cfg.enableIPv4}
ipv6 = ${boolToString cfg.enableIPv6}
notransit = ${boolToString cfg.notransit}
floodfill = ${boolToString cfg.floodfill}
netid = ${toString cfg.netid}
${if isNull cfg.bandwidth then "" else "bandwidth = ${toString cfg.bandwidth}" }
${if isNull cfg.port then "" else "port = ${toString cfg.port}"}
[limits]
transittunnels = ${toString cfg.limits.transittunnels}
[upnp]
enabled = ${boolToString cfg.upnp.enable}
name = ${cfg.upnp.name}
[precomputation]
elgamal = ${boolToString cfg.precomputation.elgamal}
[reseed]
verify = ${boolToString cfg.reseed.verify}
file = ${cfg.reseed.file}
urls = ${builtins.concatStringsSep "," cfg.reseed.urls}
[addressbook]
defaulturl = ${cfg.addressbook.defaulturl}
subscriptions = ${builtins.concatStringsSep "," cfg.addressbook.subscriptions}
${flip concatMapStrings
sec = name: "\n[" + name + "]";
notice = "# DO NOT EDIT -- this file has been generated automatically.";
i2pdConf = let
opts = [
notice
(strOpt "loglevel" cfg.logLevel)
(boolOpt "logclftime" cfg.logCLFTime)
(boolOpt "ipv4" cfg.enableIPv4)
(boolOpt "ipv6" cfg.enableIPv6)
(boolOpt "notransit" cfg.notransit)
(boolOpt "floodfill" cfg.floodfill)
(intOpt "netid" cfg.netid)
] ++ (optionalNullInt "bandwidth" cfg.bandwidth)
++ (optionalNullInt "port" cfg.port)
++ (optionalNullString "family" cfg.family)
++ (optionalNullString "datadir" cfg.dataDir)
++ (optionalNullInt "share" cfg.share)
++ (optionalNullBool "ssu" cfg.ssu)
++ (optionalNullBool "ntcp" cfg.ntcp)
++ (optionalNullString "ntcpproxy" cfg.ntcpProxy)
++ (optionalNullString "ifname" cfg.ifname)
++ (optionalNullString "ifname4" cfg.ifname4)
++ (optionalNullString "ifname6" cfg.ifname6)
++ [
(sec "limits")
(intOpt "transittunnels" cfg.limits.transittunnels)
(intOpt "coresize" cfg.limits.coreSize)
(intOpt "openfiles" cfg.limits.openFiles)
(intOpt "ntcphard" cfg.limits.ntcpHard)
(intOpt "ntcpsoft" cfg.limits.ntcpSoft)
(intOpt "ntcpthreads" cfg.limits.ntcpThreads)
(sec "upnp")
(boolOpt "enabled" cfg.upnp.enable)
(sec "precomputation")
(boolOpt "elgamal" cfg.precomputation.elgamal)
(sec "reseed")
(boolOpt "verify" cfg.reseed.verify)
] ++ (optionalNullString "file" cfg.reseed.file)
++ (optionalEmptyList "urls" cfg.reseed.urls)
++ (optionalNullString "floodfill" cfg.reseed.floodfill)
++ (optionalNullString "zipfile" cfg.reseed.zipfile)
++ (optionalNullString "proxy" cfg.reseed.proxy)
++ [
(sec "trust")
(boolOpt "enabled" cfg.trust.enable)
(boolOpt "hidden" cfg.trust.hidden)
] ++ (optionalEmptyList "routers" cfg.trust.routers)
++ (optionalNullString "family" cfg.trust.family)
++ [
(sec "websockets")
(boolOpt "enabled" cfg.websocket.enable)
(strOpt "address" cfg.websocket.address)
(intOpt "port" cfg.websocket.port)
(sec "exploratory")
(intOpt "inbound.length" cfg.exploratory.inbound.length)
(intOpt "inbound.quantity" cfg.exploratory.inbound.quantity)
(intOpt "outbound.length" cfg.exploratory.outbound.length)
(intOpt "outbound.quantity" cfg.exploratory.outbound.quantity)
(sec "ntcp2")
(boolOpt "enabled" cfg.ntcp2.enable)
(boolOpt "published" cfg.ntcp2.published)
(intOpt "port" cfg.ntcp2.port)
(sec "addressbook")
(strOpt "defaulturl" cfg.addressbook.defaulturl)
] ++ (optionalEmptyList "subscriptions" cfg.addressbook.subscriptions)
++ (flip map
(collect (proto: proto ? port && proto ? address && proto ? name) cfg.proto)
(proto: ''
[${proto.name}]
enabled = ${boolToString proto.enable}
address = ${proto.address}
port = ${toString proto.port}
${if proto ? keys then "keys = ${proto.keys}" else ""}
${if proto ? auth then "auth = ${boolToString proto.auth}" else ""}
${if proto ? user then "user = ${proto.user}" else ""}
${if proto ? pass then "pass = ${proto.pass}" else ""}
${if proto ? outproxy then "outproxy = ${proto.outproxy}" else ""}
${if proto ? outproxyPort then "outproxyport = ${toString proto.outproxyPort}" else ""}
'')
}
'';
(proto: let protoOpts = [
(sec proto.name)
(boolOpt "enabled" proto.enable)
(strOpt "address" proto.address)
(intOpt "port" proto.port)
] ++ (if proto ? keys then optionalNullString "keys" proto.keys else [])
++ (if proto ? auth then optionalNullBool "auth" proto.auth else [])
++ (if proto ? user then optionalNullString "user" proto.user else [])
++ (if proto ? pass then optionalNullString "pass" proto.pass else [])
++ (if proto ? strictHeaders then optionalNullBool "strictheaders" proto.strictHeaders else [])
++ (if proto ? hostname then optionalNullString "hostname" proto.hostname else [])
++ (if proto ? outproxy then optionalNullString "outproxy" proto.outproxy else [])
++ (if proto ? outproxyPort then optionalNullInt "outproxyport" proto.outproxyPort else [])
++ (if proto ? outproxyEnable then optionalNullBool "outproxy.enabled" proto.outproxyEnable else []);
in (concatStringsSep "\n" protoOpts)
));
in
pkgs.writeText "i2pd.conf" (concatStringsSep "\n" opts);
i2pdTunnelConf = pkgs.writeText "i2pd-tunnels.conf" ''
# DO NOT EDIT -- this file has been generated automatically.
${flip concatMapStrings
tunnelConf = let opts = [
notice
(flip map
(collect (tun: tun ? port && tun ? destination) cfg.outTunnels)
(tun: ''
[${tun.name}]
type = client
destination = ${tun.destination}
destinationport = ${toString tun.destinationPort}
keys = ${tun.keys}
address = ${tun.address}
port = ${toString tun.port}
inbound.length = ${toString tun.inbound.length}
outbound.length = ${toString tun.outbound.length}
inbound.quantity = ${toString tun.inbound.quantity}
outbound.quantity = ${toString tun.outbound.quantity}
crypto.tagsToSend = ${toString tun.crypto.tagsToSend}
'')
}
${flip concatMapStrings
(tun: let outTunOpts = [
(sec tun.name)
"type = client"
(intOpt "port" tun.port)
(strOpt "destination" tun.destination)
] ++ (if tun ? destinationPort then optionalNullInt "destinationport" tun.destinationPort else [])
++ (if tun ? keys then
optionalNullString "keys" tun.keys else [])
++ (if tun ? address then
optionalNullString "address" tun.address else [])
++ (if tun ? inbound.length then
optionalNullInt "inbound.length" tun.inbound.length else [])
++ (if tun ? inbound.quantity then
optionalNullInt "inbound.quantity" tun.inbound.quantity else [])
++ (if tun ? outbound.length then
optionalNullInt "outbound.length" tun.outbound.length else [])
++ (if tun ? outbound.quantity then
optionalNullInt "outbound.quantity" tun.outbound.quantity else [])
++ (if tun ? crypto.tagsToSend then
optionalNullInt "crypto.tagstosend" tun.crypto.tagsToSend else []);
in concatStringsSep "\n" outTunOpts))
(flip map
(collect (tun: tun ? port && tun ? address) cfg.inTunnels)
(tun: ''
[${tun.name}]
type = server
destination = ${tun.destination}
keys = ${tun.keys}
host = ${tun.address}
port = ${toString tun.port}
inport = ${toString tun.inPort}
accesslist = ${builtins.concatStringsSep "," tun.accessList}
'')
}
'';
(tun: let inTunOpts = [
(sec tun.name)
"type = server"
(intOpt "port" tun.port)
(strOpt "host" tun.address)
] ++ (if tun ? destination then
optionalNullString "destination" tun.destination else [])
++ (if tun ? keys then
optionalNullString "keys" tun.keys else [])
++ (if tun ? inPort then
optionalNullInt "inport" tun.inPort else [])
++ (if tun ? accessList then
optionalEmptyList "accesslist" tun.accessList else []);
in concatStringsSep "\n" inTunOpts))];
in pkgs.writeText "i2pd-tunnels.conf" opts;
i2pdSh = pkgs.writeScriptBin "i2pd" ''
#!/bin/sh
exec ${pkgs.i2pd}/bin/i2pd \
${if isNull cfg.address then "" else "--host="+cfg.address} \
--service \
--conf=${i2pdConf} \
--tunconf=${i2pdTunnelConf}
--tunconf=${tunnelConf}
'';
in
@ -170,9 +241,7 @@ in
services.i2pd = {
enable = mkOption {
type = types.bool;
default = false;
enable = mkEnableOption "I2Pd daemon" // {
description = ''
Enables I2Pd as a running service upon activation.
Please read http://i2pd.readthedocs.io/en/latest/ for further
@ -192,6 +261,8 @@ in
'';
};
logCLFTime = mkEnableOption "Full CLF-formatted date and time to log";
address = mkOption {
type = with types; nullOr str;
default = null;
@ -200,17 +271,72 @@ in
'';
};
notransit = mkOption {
type = types.bool;
default = false;
family = mkOption {
type = with types; nullOr str;
default = null;
description = ''
Specify a family the router belongs to.
'';
};
dataDir = mkOption {
type = with types; nullOr str;
default = null;
description = ''
Alternative path to storage of i2pd data (RI, keys, peer profiles, ...)
'';
};
share = mkOption {
type = types.int;
default = 100;
description = ''
Limit of transit traffic from max bandwidth in percents.
'';
};
ifname = mkOption {
type = with types; nullOr str;
default = null;
description = ''
Network interface to bind to.
'';
};
ifname4 = mkOption {
type = with types; nullOr str;
default = null;
description = ''
IPv4 interface to bind to.
'';
};
ifname6 = mkOption {
type = with types; nullOr str;
default = null;
description = ''
IPv6 interface to bind to.
'';
};
ntcpProxy = mkOption {
type = with types; nullOr str;
default = null;
description = ''
Proxy URL for NTCP transport.
'';
};
ntcp = mkEnableTrueOption "ntcp";
ssu = mkEnableTrueOption "ssu";
notransit = mkEnableOption "notransit" // {
description = ''
Tells the router to not accept transit tunnels during startup.
'';
};
floodfill = mkOption {
type = types.bool;
default = false;
floodfill = mkEnableOption "floodfill" // {
description = ''
If the router is declared to be unreachable and needs introduction nodes.
'';
@ -241,51 +367,20 @@ in
'';
};
enableIPv4 = mkOption {
type = types.bool;
default = true;
enableIPv4 = mkEnableTrueOption "IPv4 connectivity";
enableIPv6 = mkEnableOption "IPv6 connectivity";
nat = mkEnableTrueOption "NAT bypass";
upnp.enable = mkEnableOption "UPnP service discovery";
upnp.name = mkOption {
type = types.str;
default = "I2Pd";
description = ''
Enables IPv4 connectivity. Enabled by default.
Name i2pd appears in UPnP forwardings list.
'';
};
enableIPv6 = mkOption {
type = types.bool;
default = false;
description = ''
Enables IPv6 connectivity. Disabled by default.
'';
};
nat = mkOption {
type = types.bool;
default = true;
description = ''
Assume router is NATed. Enabled by default.
'';
};
upnp = {
enable = mkOption {
type = types.bool;
default = false;
description = ''
Enables UPnP.
'';
};
name = mkOption {
type = types.str;
default = "I2Pd";
description = ''
Name i2pd appears in UPnP forwardings list.
'';
};
};
precomputation.elgamal = mkOption {
type = types.bool;
default = true;
precomputation.elgamal = mkEnableTrueOption "Precomputed ElGamal tables" // {
description = ''
Whenever to use precomputated tables for ElGamal.
<command>i2pd</command> defaults to <literal>false</literal>
@ -296,76 +391,154 @@ in
'';
};
reseed = {
verify = mkOption {
type = types.bool;
default = false;
description = ''
Request SU3 signature verification
'';
};
reseed.verify = mkEnableOption "SU3 signature verification";
file = mkOption {
type = types.str;
default = "";
description = ''
Full path to SU3 file to reseed from
'';
};
urls = mkOption {
type = with types; listOf str;
default = [
"https://reseed.i2p-project.de/"
"https://i2p.mooo.com/netDb/"
"https://netdb.i2p2.no/"
"https://us.reseed.i2p2.no:444/"
"https://uk.reseed.i2p2.no:444/"
"https://i2p.manas.ca:8443/"
];
description = ''
Reseed URLs
'';
};
reseed.file = mkOption {
type = with types; nullOr str;
default = null;
description = ''
Full path to SU3 file to reseed from.
'';
};
addressbook = {
defaulturl = mkOption {
type = types.str;
default = "http://joajgazyztfssty4w2on5oaqksz6tqoxbduy553y34mf4byv6gpq.b32.i2p/export/alive-hosts.txt";
description = ''
AddressBook subscription URL for initial setup
'';
};
subscriptions = mkOption {
type = with types; listOf str;
default = [
"http://inr.i2p/export/alive-hosts.txt"
"http://i2p-projekt.i2p/hosts.txt"
"http://stats.i2p/cgi-bin/newhosts.txt"
];
description = ''
AddressBook subscription URLs
'';
};
reseed.urls = mkOption {
type = with types; listOf str;
default = [];
description = ''
Reseed URLs.
'';
};
reseed.floodfill = mkOption {
type = with types; nullOr str;
default = null;
description = ''
Path to router info of floodfill to reseed from.
'';
};
reseed.zipfile = mkOption {
type = with types; nullOr str;
default = null;
description = ''
Path to local .zip file to reseed from.
'';
};
reseed.proxy = mkOption {
type = with types; nullOr str;
default = null;
description = ''
URL for reseed proxy, supports http/socks.
'';
};
addressbook.defaulturl = mkOption {
type = types.str;
default = "http://joajgazyztfssty4w2on5oaqksz6tqoxbduy553y34mf4byv6gpq.b32.i2p/export/alive-hosts.txt";
description = ''
AddressBook subscription URL for initial setup
'';
};
addressbook.subscriptions = mkOption {
type = with types; listOf str;
default = [
"http://inr.i2p/export/alive-hosts.txt"
"http://i2p-projekt.i2p/hosts.txt"
"http://stats.i2p/cgi-bin/newhosts.txt"
];
description = ''
AddressBook subscription URLs
'';
};
trust.enable = mkEnableOption "Explicit trust options";
trust.family = mkOption {
type = with types; nullOr str;
default = null;
description = ''
Router Familiy to trust for first hops.
'';
};
trust.routers = mkOption {
type = with types; listOf str;
default = [];
description = ''
Only connect to the listed routers.
'';
};
trust.hidden = mkEnableOption "Router concealment.";
websocket = mkEndpointOpt "websockets" "127.0.0.1" 7666;
exploratory.inbound = i2cpOpts "exploratory";
exploratory.outbound = i2cpOpts "exploratory";
ntcp2.enable = mkEnableTrueOption "NTCP2.";
ntcp2.published = mkEnableOption "NTCP2 publication.";
ntcp2.port = mkOption {
type = types.int;
default = 0;
description = ''
Port to listen for incoming NTCP2 connections (0=auto).
'';
};
limits.transittunnels = mkOption {
type = types.int;
default = 2500;
description = ''
Maximum number of active transit sessions
Maximum number of active transit sessions.
'';
};
limits.coreSize = mkOption {
type = types.int;
default = 0;
description = ''
Maximum size of corefile in Kb (0 - use system limit).
'';
};
limits.openFiles = mkOption {
type = types.int;
default = 0;
description = ''
Maximum number of open files (0 - use system default).
'';
};
limits.ntcpHard = mkOption {
type = types.int;
default = 0;
description = ''
Maximum number of active transit sessions.
'';
};
limits.ntcpSoft = mkOption {
type = types.int;
default = 0;
description = ''
Threshold to start probabalistic backoff with ntcp sessions (default: use system limit).
'';
};
limits.ntcpThreads = mkOption {
type = types.int;
default = 1;
description = ''
Maximum number of threads used by NTCP DH worker.
'';
};
proto.http = (mkEndpointOpt "http" "127.0.0.1" 7070) // {
auth = mkOption {
type = types.bool;
default = false;
description = ''
Enable authentication for webconsole.
'';
};
auth = mkEnableOption "Webconsole authentication";
user = mkOption {
type = types.str;
default = "i2pd";
@ -373,6 +546,7 @@ in
Username for webconsole access
'';
};
pass = mkOption {
type = types.str;
default = "i2pd";
@ -380,11 +554,35 @@ in
Password for webconsole access.
'';
};
strictHeaders = mkOption {
type = with types; nullOr bool;
default = null;
description = ''
Enable strict host checking on WebUI.
'';
};
hostname = mkOption {
type = with types; nullOr str;
default = null;
description = ''
Expected hostname for WebUI.
'';
};
};
proto.httpProxy = mkKeyedEndpointOpt "httpproxy" "127.0.0.1" 4444 "";
proto.socksProxy = (mkKeyedEndpointOpt "socksproxy" "127.0.0.1" 4447 "")
proto.httpProxy = (mkKeyedEndpointOpt "httpproxy" "127.0.0.1" 4444 "httpproxy-keys.dat")
// {
outproxy = mkOption {
type = with types; nullOr str;
default = null;
description = "Upstream outproxy bind address.";
};
};
proto.socksProxy = (mkKeyedEndpointOpt "socksproxy" "127.0.0.1" 4447 "socksproxy-keys.dat")
// {
outproxyEnable = mkEnableOption "SOCKS outproxy";
outproxy = mkOption {
type = types.str;
default = "127.0.0.1";
@ -408,8 +606,8 @@ in
{ name, ... }: {
options = {
destinationPort = mkOption {
type = types.int;
default = 0;
type = with types; nullOr int;
default = null;
description = "Connect to particular port at destination.";
};
} // commonTunOpts name;

87
nixos/modules/services/networking/iperf3.nix Normal file
View file

@ -0,0 +1,87 @@
{ config, lib, pkgs, ... }: with lib;
let
cfg = config.services.iperf3;
api = {
enable = mkEnableOption "iperf3 network throughput testing server";
port = mkOption {
type = types.ints.u16;
default = 5201;
description = "Server port to listen on for iperf3 client requsts.";
};
affinity = mkOption {
type = types.nullOr types.ints.unsigned;
default = null;
description = "CPU affinity for the process.";
};
bind = mkOption {
type = types.nullOr types.str;
default = null;
description = "Bind to the specific interface associated with the given address.";
};
verbose = mkOption {
type = types.bool;
default = false;
description = "Give more detailed output.";
};
forceFlush = mkOption {
type = types.bool;
default = false;
description = "Force flushing output at every interval.";
};
debug = mkOption {
type = types.bool;
default = false;
description = "Emit debugging output.";
};
rsaPrivateKey = mkOption {
type = types.nullOr types.path;
default = null;
description = "Path to the RSA private key (not password-protected) used to decrypt authentication credentials from the client.";
};
authorizedUsersFile = mkOption {
type = types.nullOr types.path;
default = null;
description = "Path to the configuration file containing authorized users credentials to run iperf tests.";
};
extraFlags = mkOption {
type = types.listOf types.str;
default = [ ];
description = "Extra flags to pass to iperf3(1).";
};
};
imp = {
systemd.services.iperf3 = {
description = "iperf3 daemon";
unitConfig.Documentation = "man:iperf3(1) https://iperf.fr/iperf-doc.php";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
Restart = "on-failure";
RestartSec = 2;
DynamicUser = true;
PrivateDevices = true;
CapabilityBoundingSet = "";
NoNewPrivileges = true;
ExecStart = ''
${pkgs.iperf3}/bin/iperf \
--server \
--port ${toString cfg.port} \
${optionalString (cfg.affinity != null) "--affinity ${toString cfg.affinity}"} \
${optionalString (cfg.bind != null) "--bind ${cfg.bind}"} \
${optionalString (cfg.rsaPrivateKey != null) "--rsa-private-key-path ${cfg.rsaPrivateKey}"} \
${optionalString (cfg.authorizedUsersFile != null) "--authorized-users-path ${cfg.authorizedUsersFile}"} \
${optionalString cfg.verbose "--verbose"} \
${optionalString cfg.debug "--debug"} \
${optionalString cfg.forceFlush "--forceflush"} \
${escapeShellArgs cfg.extraFlags}
'';
};
};
};
in {
options.services.iperf3 = api;
config = mkIf cfg.enable imp;
}

14
nixos/modules/services/networking/networkmanager.nix
View file

@ -406,25 +406,25 @@ in {
{ source = configFile;
target = "NetworkManager/NetworkManager.conf";
}
{ source = "${networkmanager-openvpn}/etc/NetworkManager/VPN/nm-openvpn-service.name";
{ source = "${networkmanager-openvpn}/lib/NetworkManager/VPN/nm-openvpn-service.name";
target = "NetworkManager/VPN/nm-openvpn-service.name";
}
{ source = "${networkmanager-vpnc}/etc/NetworkManager/VPN/nm-vpnc-service.name";
{ source = "${networkmanager-vpnc}/lib/NetworkManager/VPN/nm-vpnc-service.name";
target = "NetworkManager/VPN/nm-vpnc-service.name";
}
{ source = "${networkmanager-openconnect}/etc/NetworkManager/VPN/nm-openconnect-service.name";
{ source = "${networkmanager-openconnect}/lib/NetworkManager/VPN/nm-openconnect-service.name";
target = "NetworkManager/VPN/nm-openconnect-service.name";
}
{ source = "${networkmanager-fortisslvpn}/etc/NetworkManager/VPN/nm-fortisslvpn-service.name";
{ source = "${networkmanager-fortisslvpn}/lib/NetworkManager/VPN/nm-fortisslvpn-service.name";
target = "NetworkManager/VPN/nm-fortisslvpn-service.name";
}
{ source = "${networkmanager-l2tp}/etc/NetworkManager/VPN/nm-l2tp-service.name";
{ source = "${networkmanager-l2tp}/lib/NetworkManager/VPN/nm-l2tp-service.name";
target = "NetworkManager/VPN/nm-l2tp-service.name";
}
{ source = "${networkmanager_strongswan}/etc/NetworkManager/VPN/nm-strongswan-service.name";
{ source = "${networkmanager_strongswan}/lib/NetworkManager/VPN/nm-strongswan-service.name";
target = "NetworkManager/VPN/nm-strongswan-service.name";
}
{ source = "${networkmanager-iodine}/etc/NetworkManager/VPN/nm-iodine-service.name";
{ source = "${networkmanager-iodine}/lib/NetworkManager/VPN/nm-iodine-service.name";
target = "NetworkManager/VPN/nm-iodine-service.name";
}
] ++ optional (cfg.appendNameservers == [] || cfg.insertNameservers == [])

20
nixos/modules/services/networking/zeronet.nix
View file

@ -12,6 +12,8 @@ let
log_dir = ${cfg.logDir}
'' + lib.optionalString (cfg.port != null) ''
ui_port = ${toString cfg.port}
'' + lib.optionalString (cfg.torAlways) ''
tor = always
'' + cfg.extraConfig;
};
in with lib; {
@ -35,11 +37,17 @@ in with lib; {
port = mkOption {
type = types.nullOr types.int;
default = null;
example = 15441;
description = "Optional zeronet port.";
example = 43110;
description = "Optional zeronet web UI port.";
};
tor = mkOption {
type = types.bool;
default = false;
description = "Use TOR for zeronet traffic where possible.";
};
torAlways = mkOption {
type = types.bool;
default = false;
description = "Use TOR for all zeronet traffic.";
@ -60,9 +68,13 @@ in with lib; {
services.tor = mkIf cfg.tor {
enable = true;
controlPort = 9051;
extraConfig = "CookieAuthentication 1";
extraConfig = ''
CacheDirectoryGroupReadable 1
CookieAuthentication 1
CookieAuthFileGroupReadable 1
'';
};
systemd.services.zeronet = {
description = "zeronet";
after = [ "network.target" (optionalString cfg.tor "tor.service") ];

100
nixos/modules/services/security/sks.nix
View file

@ -3,78 +3,112 @@
with lib;
let
cfg = config.services.sks;
sksPkg = cfg.package;
in
{
in {
meta.maintainers = with maintainers; [ primeos calbrecht jcumming ];
options = {
services.sks = {
enable = mkEnableOption "sks";
enable = mkEnableOption ''
SKS (synchronizing key server for OpenPGP) and start the database
server. You need to create "''${dataDir}/dump/*.gpg" for the initial
import'';
package = mkOption {
default = pkgs.sks;
defaultText = "pkgs.sks";
type = types.package;
description = "
Which sks derivation to use.
";
description = "Which SKS derivation to use.";
};
dataDir = mkOption {
type = types.path;
default = "/var/db/sks";
example = "/var/lib/sks";
# TODO: The default might change to "/var/lib/sks" as this is more
# common. There's also https://github.com/NixOS/nixpkgs/issues/26256
# and "/var/db" is not FHS compliant (seems to come from BSD).
description = ''
Data directory (-basedir) for SKS, where the database and all
configuration files are located (e.g. KDB, PTree, membership and
sksconf).
'';
};
hkpAddress = mkOption {
default = [ "127.0.0.1" "::1" ];
type = types.listOf types.str;
description = "
Wich ip addresses the sks-keyserver is listening on.
";
description = ''
Domain names, IPv4 and/or IPv6 addresses to listen on for HKP
requests.
'';
};
hkpPort = mkOption {
default = 11371;
type = types.int;
description = "
Which port the sks-keyserver is listening on.
";
type = types.ints.u16;
description = "HKP port to listen on.";
};
webroot = mkOption {
type = types.nullOr types.path;
default = "${sksPkg.webSamples}/OpenPKG";
defaultText = "\${pkgs.sks.webSamples}/OpenPKG";
description = ''
Source directory (will be symlinked, if not null) for the files the
built-in webserver should serve. SKS (''${pkgs.sks.webSamples})
provides the following examples: "HTML5", "OpenPKG", and "XHTML+ES".
The index file can be named index.html, index.htm, index.xhtm, or
index.xhtml. Files with the extensions .css, .es, .js, .jpg, .jpeg,
.png, or .gif are supported. Subdirectories and filenames with
anything other than alphanumeric characters and the '.' character
will be ignored.
'';
};
};
};
config = mkIf cfg.enable {
environment.systemPackages = [ sksPkg ];
users.users.sks = {
createHome = true;
home = "/var/db/sks";
isSystemUser = true;
shell = "${pkgs.coreutils}/bin/true";
users = {
users.sks = {
isSystemUser = true;
description = "SKS user";
home = cfg.dataDir;
createHome = true;
group = "sks";
useDefaultShell = true;
packages = [ sksPkg pkgs.db ];
};
groups.sks = { };
};
systemd.services = let
hkpAddress = "'" + (builtins.concatStringsSep " " cfg.hkpAddress) + "'" ;
hkpPort = builtins.toString cfg.hkpPort;
home = config.users.users.sks.home;
user = config.users.users.sks.name;
in {
sks-keyserver = {
"sks-db" = {
description = "SKS database server";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
preStart = ''
mkdir -p ${home}/dump
${pkgs.sks}/bin/sks build ${home}/dump/*.gpg -n 10 -cache 100 || true #*/
${pkgs.sks}/bin/sks cleandb || true
${pkgs.sks}/bin/sks pbuild -cache 20 -ptree_cache 70 || true
${lib.optionalString (cfg.webroot != null)
"ln -sfT \"${cfg.webroot}\" web"}
mkdir -p dump
${sksPkg}/bin/sks build dump/*.gpg -n 10 -cache 100 || true #*/
${sksPkg}/bin/sks cleandb || true
${sksPkg}/bin/sks pbuild -cache 20 -ptree_cache 70 || true
'';
serviceConfig = {
WorkingDirectory = home;
User = user;
WorkingDirectory = "~";
User = "sks";
Group = "sks";
Restart = "always";
ExecStart = "${pkgs.sks}/bin/sks db -hkp_address ${hkpAddress} -hkp_port ${hkpPort}";
ExecStart = "${sksPkg}/bin/sks db -hkp_address ${hkpAddress} -hkp_port ${hkpPort}";
};
};
};

6
nixos/modules/services/system/kerberos.nix
View file

@ -42,7 +42,7 @@ in
protocol = "tcp";
user = "root";
server = "${pkgs.tcp_wrappers}/bin/tcpd";
serverArgs = "${pkgs.heimdalFull}/bin/kadmind";
serverArgs = "${pkgs.heimdalFull}/libexec/heimdal/kadmind";
};
systemd.services.kdc = {
@ -51,13 +51,13 @@ in
preStart = ''
mkdir -m 0755 -p ${stateDir}
'';
script = "${heimdalFull}/bin/kdc";
script = "${heimdalFull}/libexec/heimdal/kdc";
};
systemd.services.kpasswdd = {
description = "Kerberos Password Changing daemon";
wantedBy = [ "multi-user.target" ];
script = "${heimdalFull}/bin/kpasswdd";
script = "${heimdalFull}/libexec/heimdal/kpasswdd";
};
};

2
nixos/modules/services/x11/desktop-managers/enlightenment.nix
View file

@ -66,7 +66,7 @@ in
'';
}];
security.wrappers = (import (builtins.toPath "${e.enlightenment}/e-wrappers.nix")).security.wrappers;
security.wrappers = (import "${e.enlightenment}/e-wrappers.nix").security.wrappers;
environment.etc = singleton
{ source = xcfg.xkbDir;

1
nixos/modules/services/x11/desktop-managers/gnome3.nix
View file

@ -110,6 +110,7 @@ in {
services.gnome3.gnome-terminal-server.enable = mkDefault true;
services.gnome3.gnome-user-share.enable = mkDefault true;
services.gnome3.gvfs.enable = true;
services.gnome3.rygel.enable = mkDefault true;
services.gnome3.seahorse.enable = mkDefault true;
services.gnome3.sushi.enable = mkDefault true;
services.gnome3.tracker.enable = mkDefault true;

2
nixos/modules/system/activation/switch-to-configuration.pl
View file

@ -419,7 +419,7 @@ while (my $f = <$listActiveUsers>) {
my ($uid, $name) = ($+{uid}, $+{user});
print STDERR "reloading user units for $name...\n";
system("su", "-l", $name, "-c", "XDG_RUNTIME_DIR=/run/user/$uid @systemd@/bin/systemctl --user daemon-reload");
system("su", "-s", "@shell@", "-l", $name, "-c", "XDG_RUNTIME_DIR=/run/user/$uid @systemd@/bin/systemctl --user daemon-reload");
}
close $listActiveUsers;

1
nixos/modules/system/activation/top-level.nix
View file

@ -115,6 +115,7 @@ let
inherit (pkgs) utillinux coreutils;
systemd = config.systemd.package;
inherit (pkgs.stdenv) shell;
inherit children;
kernelParams = config.boot.kernelParams;

6
nixos/modules/system/boot/networkd.nix
View file

@ -208,7 +208,6 @@ let
"InitialCongestionWindow" "InitialAdvertisedReceiveWindow" "QuickAck"
"MTUBytes"
])
(assertHasField "Gateway")
];
checkDhcp = checkUnitConfig "DHCP" [
@ -249,13 +248,14 @@ let
# .network files have a [Link] section with different options than in .netlink files
checkNetworkLink = checkUnitConfig "Link" [
(assertOnlyFields [
"MACAddress" "MTUBytes" "ARP" "Unmanaged" "RequiredForOnline"
"MACAddress" "MTUBytes" "ARP" "Multicast" "Unmanaged" "RequiredForOnline"
])
(assertMacAddress "MACAddress")
(assertByteFormat "MTUBytes")
(assertValueOneOf "ARP" boolValues)
(assertValueOneOf "Multicast" boolValues)
(assertValueOneOf "Unmanaged" boolValues)
(assertValueOneOf "RquiredForOnline" boolValues)
(assertValueOneOf "RequiredForOnline" boolValues)
];

2
nixos/modules/tasks/network-interfaces.nix
View file

@ -341,7 +341,7 @@ in
You should try to make this ID unique among your machines. You can
generate a random 32-bit ID using the following commands:
<literal>cksum /etc/machine-id | while read c rest; do printf "%x" $c; done</literal>
<literal>head -c 8 /etc/machine-id</literal>
(this derives it from the machine-id that systemd generates) or

2
nixos/release.nix
View file

@ -399,7 +399,7 @@ in rec {
tests.slurm = callTest tests/slurm.nix {};
tests.smokeping = callTest tests/smokeping.nix {};
tests.snapper = callTest tests/snapper.nix {};
tests.statsd = callTest tests/statsd.nix {};
#tests.statsd = callTest tests/statsd.nix {}; # statsd is broken: #45946
tests.strongswan-swanctl = callTest tests/strongswan-swanctl.nix {};
tests.sudo = callTest tests/sudo.nix {};
tests.systemd = callTest tests/systemd.nix {};

8
nixos/tests/novacomd.nix
View file

@ -9,12 +9,16 @@ import ./make-test.nix ({ pkgs, ...} : {
};
testScript = ''
startAll;
$machine->waitForUnit("multi-user.target");
# multi-user.target wants novacomd.service, but let's make sure
$machine->waitForUnit("novacomd.service");
# Check status and try connecting with novacom
$machine->succeed("systemctl status novacomd.service >&2");
# to prevent non-deterministic failure,
# make sure the daemon is really listening
$machine->waitForOpenPort(6968);
$machine->succeed("novacom -l");
# Stop the daemon, double-check novacom fails if daemon isn't working
@ -23,6 +27,8 @@ import ./make-test.nix ({ pkgs, ...} : {
# And back again for good measure
$machine->startJob("novacomd");
# make sure the daemon is really listening
$machine->waitForOpenPort(6968);
$machine->succeed("novacom -l");
'';
})

8
nixos/tests/opensmtpd.nix
View file

@ -102,11 +102,17 @@ import ./make-test.nix {
testScript = ''
startAll;
$client->waitForUnit("network.target");
$client->waitForUnit("network-online.target");
$smtp1->waitForUnit('opensmtpd');
$smtp2->waitForUnit('opensmtpd');
$smtp2->waitForUnit('dovecot2');
# To prevent sporadic failures during daemon startup, make sure
# services are listening on their ports before sending requests
$smtp1->waitForOpenPort(25);
$smtp2->waitForOpenPort(25);
$smtp2->waitForOpenPort(143);
$client->succeed('send-a-test-mail');
$smtp1->waitUntilFails('smtpctl show queue | egrep .');
$smtp2->waitUntilFails('smtpctl show queue | egrep .');

1
pkgs/applications/altcoins/bitcoin-abc.nix
View file

@ -38,6 +38,7 @@ stdenv.mkDerivation rec {
homepage = https://bitcoinabc.org/;
maintainers = with maintainers; [ lassulus ];
license = licenses.mit;
broken = stdenv.isDarwin;
platforms = platforms.unix;
};
}

1
pkgs/applications/altcoins/bitcoin-classic.nix
View file

@ -46,6 +46,7 @@ stdenv.mkDerivation rec {
homepage = https://bitcoinclassic.com/;
maintainers = with maintainers; [ jefdaj ];
license = licenses.mit;
broken = stdenv.isDarwin;
platforms = platforms.unix;
};
}

1
pkgs/applications/altcoins/bitcoin-unlimited.nix
View file

@ -62,6 +62,7 @@ stdenv.mkDerivation rec {
homepage = https://www.bitcoinunlimited.info/;
maintainers = with maintainers; [ DmitryTsygankov ];
license = licenses.mit;
broken = stdenv.isDarwin;
platforms = platforms.unix;
};
}

1
pkgs/applications/altcoins/bitcoin-xt.nix
View file

@ -43,6 +43,7 @@ stdenv.mkDerivation rec{
homepage = https://bitcoinxt.software/;
maintainers = with maintainers; [ jefdaj ];
license = licenses.mit;
broken = stdenv.isDarwin;
platforms = platforms.unix;
};
}

17
pkgs/applications/altcoins/btc1.nix
View file

@ -1,6 +1,8 @@
{ stdenv, fetchurl, pkgconfig, autoreconfHook, openssl, db48, boost
, zlib, miniupnpc, qt4, utillinux, protobuf, qrencode, libevent
, withGui }:
{ stdenv, fetchurl, pkgconfig, autoreconfHook, hexdump, openssl, db48
, boost, zlib, miniupnpc, qt4, utillinux, protobuf, qrencode, libevent
, AppKit
, withGui ? !stdenv.isDarwin
}:
with stdenv.lib;
stdenv.mkDerivation rec{
@ -12,11 +14,10 @@ stdenv.mkDerivation rec{
sha256 = "0v0g2wb4nsnhddxzb63vj2bc1mgyj05vqm5imicjfz8prvgc0si8";
};
nativeBuildInputs = [ pkgconfig autoreconfHook ];
buildInputs = [ openssl db48 boost zlib
miniupnpc protobuf libevent]
++ optionals stdenv.isLinux [ utillinux ]
++ optionals withGui [ qt4 qrencode ];
nativeBuildInputs = [ pkgconfig autoreconfHook hexdump ];
buildInputs = [ openssl db48 boost zlib miniupnpc protobuf libevent ]
++ optionals withGui [ qt4 qrencode ]
++ optional stdenv.isDarwin AppKit;
configureFlags = [ "--with-boost-libdir=${boost.out}/lib" ]
++ optionals withGui [ "--with-gui=qt4" ];

17
pkgs/applications/altcoins/default.nix
View file

@ -1,4 +1,4 @@
{ callPackage, boost155, boost165, openssl_1_1_0, haskellPackages, darwin, libsForQt5, miniupnpc_2, python3, buildGo110Package }:
{ callPackage, boost155, boost165, openssl_1_1, haskellPackages, darwin, libsForQt5, miniupnpc_2, python3, buildGo110Package }:
rec {
@ -32,8 +32,11 @@ rec {
boost = boost165; withGui = false;
};
btc1 = callPackage ./btc1.nix { boost = boost165; withGui = true; };
btc1d = callPackage ./btc1.nix { boost = boost165; withGui = false; };
btc1 = callPackage ./btc1.nix {
inherit (darwin.apple_sdk.frameworks) AppKit;
boost = boost165;
};
btc1d = btc1.override { withGui = false; };
cryptop = python3.pkgs.callPackage ./cryptop { };
@ -59,8 +62,10 @@ rec {
buildGoPackage = buildGo110Package;
};
litecoin = callPackage ./litecoin.nix { withGui = true; };
litecoind = callPackage ./litecoin.nix { withGui = false; };
litecoin = callPackage ./litecoin.nix {
inherit (darwin.apple_sdk.frameworks) AppKit;
};
litecoind = litecoin.override { withGui = false; };
masari = callPackage ./masari.nix { };
@ -85,7 +90,7 @@ rec {
zcash = callPackage ./zcash {
withGui = false;
openssl = openssl_1_1_0;
openssl = openssl_1_1;
};
parity = callPackage ./parity { };

1
pkgs/applications/altcoins/ethsign/default.nix
View file

@ -54,6 +54,7 @@ buildGoPackage rec {
meta = with stdenv.lib; {
homepage = https://github.com/dapphub/ethsign;
description = "Make raw signed Ethereum transactions";
broken = stdenv.isDarwin; # test with CoreFoundation 10.11
license = [licenses.gpl3];
};
}

9
pkgs/applications/altcoins/litecoin.nix
View file

@ -2,9 +2,12 @@
, pkgconfig, autoreconfHook
, openssl, db48, boost, zlib, miniupnpc
, glib, protobuf, utillinux, qt4, qrencode
, withGui, libevent }:
, AppKit
, withGui ? true, libevent
}:
with stdenv.lib;
stdenv.mkDerivation rec {
name = "litecoin" + (toString (optional (!withGui) "d")) + "-" + version;
@ -20,6 +23,7 @@ stdenv.mkDerivation rec {
nativeBuildInputs = [ pkgconfig autoreconfHook ];
buildInputs = [ openssl db48 boost zlib
miniupnpc glib protobuf utillinux libevent ]
++ optionals stdenv.isDarwin [ AppKit ]
++ optionals withGui [ qt4 qrencode ];
configureFlags = [ "--with-boost-libdir=${boost.out}/lib" ]
@ -39,6 +43,7 @@ stdenv.mkDerivation rec {
homepage = https://litecoin.org/;
platforms = platforms.unix;
license = licenses.mit;
maintainers = with maintainers; [ offline AndersonTorres ];
broken = stdenv.isDarwin;
maintainers = with maintainers; [ offline AndersonTorres ];
};
}

7
pkgs/applications/altcoins/monero-gui/default.nix
View file

@ -12,13 +12,13 @@ with stdenv.lib;
stdenv.mkDerivation rec {
name = "monero-gui-${version}";
version = "0.12.0.0";
version = "0.12.3.0";
src = fetchFromGitHub {
owner = "monero-project";
repo = "monero-gui";
rev = "v${version}";
sha256 = "1mg5ival8a2wdp14yib4wzqax4xyvd40zjy9anhszljds1439jhl";
sha256 = "1ry0455cgirkc6n46qnlv5p49axjllil78xmx6469nbp3a2r3z7i";
};
nativeBuildInputs = [ qmake pkgconfig ];
@ -70,7 +70,8 @@ stdenv.mkDerivation rec {
cp ${desktopItem}/share/applications/* $out/share/applications
# install translations
cp -r release/bin/translations $out/share/
mkdir -p $out/share/translations
cp translations/*.qm $out/share/translations/
# install icons
for n in 16 24 32 48 64 96 128 256; do

55
pkgs/applications/altcoins/monero-gui/move-log-file.patch
View file

@ -1,38 +1,27 @@
diff --git a/main.cpp b/main.cpp
index c03b160..a8ea263 100644
index 79223c0..e80b317 100644
--- a/main.cpp
+++ b/main.cpp
@@ -80,14 +80,16 @@ int main(int argc, char *argv[])
// qDebug() << "High DPI auto scaling - enabled";
//#endif
- // Log settings
- Monero::Wallet::init(argv[0], "monero-wallet-gui");
-// qInstallMessageHandler(messageHandler);
-
MainApp app(argc, argv);
qDebug() << "app startd";
+ // Log settings
+ QString logfile =
+ QStandardPaths::writableLocation(QStandardPaths::CacheLocation)
+ + "/monero-wallet-gui.log";
+ Monero::Wallet::init(argv[0], logfile.toUtf8().constData());
+
app.setApplicationName("monero-core");
app.setOrganizationDomain("getmonero.org");
app.setOrganizationName("monero-project");
diff --git a/src/libwalletqt/Wallet.cpp b/src/libwalletqt/Wallet.cpp
index 74649ce..fe1efc6 100644
--- a/src/libwalletqt/Wallet.cpp
+++ b/src/libwalletqt/Wallet.cpp
@@ -729,7 +729,7 @@ QString Wallet::getWalletLogPath() const
#ifdef Q_OS_MACOS
return QStandardPaths::standardLocations(QStandardPaths::HomeLocation).at(0) + "/Library/Logs/" + filename;
#else
- return QCoreApplication::applicationDirPath() + "/" + filename;
+ return QStandardPaths::writableLocation(QStandardPaths::CacheLocation) + filename;
@@ -115,6 +115,9 @@ int main(int argc, char *argv[])
QCommandLineOption logPathOption(QStringList() << "l" << "log-file",
QCoreApplication::translate("main", "Log to specified file"),
QCoreApplication::translate("main", "file"));
+ logPathOption.setDefaultValue(
+ QStandardPaths::writableLocation(QStandardPaths::CacheLocation)
+ + "/monero-wallet-gui.log");
parser.addOption(logPathOption);
parser.addHelpOption();
parser.process(app);
diff --git a/Logger.cpp b/Logger.cpp
index 660bafc..dae24d4 100644
--- a/Logger.cpp
+++ b/Logger.cpp
@@ -15,7 +15,7 @@ static const QString default_name = "monero-wallet-gui.log";
#elif defined(Q_OS_MAC)
static const QString osPath = QStandardPaths::standardLocations(QStandardPaths::HomeLocation).at(0) + "/Library/Logs";
#else // linux + bsd
- static const QString osPath = QStandardPaths::standardLocations(QStandardPaths::HomeLocation).at(0);
+ static const QString osPath = QStandardPaths::standardLocations(QStandardPaths::CacheLocation).at(0);
#endif
}

15
pkgs/applications/altcoins/monero-gui/move-translations-dir.patch
View file

@ -1,14 +1,13 @@
diff --git a/TranslationManager.cpp b/TranslationManager.cpp
index fa39d35..5a410f7 100644
index e7fc52a..83534cc 100644
--- a/TranslationManager.cpp
+++ b/TranslationManager.cpp
@@ -29,7 +29,7 @@ bool TranslationManager::setLanguage(const QString &language)
#ifdef Q_OS_MACX
QString dir = qApp->applicationDirPath() + "/../Resources/translations";
#else
@@ -25,7 +25,7 @@ bool TranslationManager::setLanguage(const QString &language)
return true;
}
- QString dir = qApp->applicationDirPath() + "/translations";
+ QString dir = qApp->applicationDirPath() + "/../share/translations";
#endif
QString filename = "monero-core_" + language;
qDebug("%s: loading translation file '%s' from '%s'",

21
pkgs/applications/altcoins/monero/default.nix
View file

@ -1,4 +1,4 @@
{ stdenv, fetchFromGitHub, fetchpatch
{ stdenv, fetchgit
, cmake, pkgconfig, git
, boost, miniupnpc, openssl, unbound, cppzmq
, zeromq, pcsclite, readline
@ -11,25 +11,16 @@ with stdenv.lib;
stdenv.mkDerivation rec {
name = "monero-${version}";
version = "0.12.0.0";
version = "0.12.3.0";
src = fetchFromGitHub {
owner = "monero-project";
repo = "monero";
src = fetchgit {
url = "https://github.com/monero-project/monero.git";
rev = "v${version}";
sha256 = "1lc9mkrl1m8mdbvj88y8y5rv44vinxf7dyv221ndmw5c5gs5zfgk";
sha256 = "1609k1qn9xx37a92ai36rajds9cmdjlkqyka95hks5xjr3l5ca8i";
};
nativeBuildInputs = [ cmake pkgconfig git ];
patches = [
# fix daemon crash, remove with 0.12.1.0 update
(fetchpatch {
url = "https://github.com/monero-project/monero/commit/08343ab.diff";
sha256 = "0f1snrl2mk2czwk1ysympzr8ismjx39fcqgy13276vcmw0cfqi83";
})
];
buildInputs = [
boost miniupnpc openssl unbound
cppzmq zeromq pcsclite readline
@ -39,7 +30,7 @@ stdenv.mkDerivation rec {
"-DCMAKE_BUILD_TYPE=Release"
"-DBUILD_GUI_DEPS=ON"
"-DReadline_ROOT_DIR=${readline.dev}"
];
] ++ optional stdenv.isDarwin "-DBoost_USE_MULTITHREADED=OFF";
hardeningDisable = [ "fortify" ];

57
pkgs/applications/audio/banshee/default.nix
View file

@ -1,57 +0,0 @@
{ stdenv, lib, fetchurl, intltool, pkgconfig, gstreamer, gst-plugins-base
, gst-plugins-good, gst-plugins-bad, gst-plugins-ugly, gst-ffmpeg, glib
, mono, mono-addins, dbus-sharp-1_0, dbus-sharp-glib-1_0, notify-sharp, gtk-sharp-2_0
, boo, gdata-sharp, taglib-sharp, sqlite, gnome-sharp, gconf, gtk-sharp-beans, gio-sharp
, libmtp, libgpod, mono-zeroconf }:
stdenv.mkDerivation rec {
name = "banshee-${version}";
version = "2.6.2";
src = fetchurl {
url = "https://ftp.gnome.org/pub/GNOME/sources/banshee/2.6/banshee-${version}.tar.xz";
sha256 = "1y30p8wxx5li39i5gpq2wib0ympy8llz0gyi6ri9bp730ndhhz7p";
};
dontStrip = true;
nativeBuildInputs = [ pkgconfig intltool ];
buildInputs = [
gtk-sharp-2_0.gtk gstreamer gst-plugins-base gst-plugins-good
gst-plugins-bad gst-plugins-ugly gst-ffmpeg
mono dbus-sharp-1_0 dbus-sharp-glib-1_0 mono-addins notify-sharp
gtk-sharp-2_0 boo gdata-sharp taglib-sharp sqlite gnome-sharp gconf gtk-sharp-beans
gio-sharp libmtp libgpod mono-zeroconf
];
makeFlags = [ "PREFIX=$(out)" ];
postPatch = ''
patchShebangs data/desktop-files/update-desktop-file.sh
patchShebangs build/private-icon-theme-installer
sed -i "s,DOCDIR=.*,DOCDIR=$out/lib/monodoc," configure
'';
postInstall = let
ldLibraryPath = lib.makeLibraryPath [ gtk-sharp-2_0.gtk gtk-sharp-2_0 sqlite gconf glib gstreamer ];
monoGACPrefix = lib.concatStringsSep ":" [
mono dbus-sharp-1_0 dbus-sharp-glib-1_0 mono-addins notify-sharp gtk-sharp-2_0
boo gdata-sharp taglib-sharp sqlite gnome-sharp gconf gtk-sharp-beans
gio-sharp libmtp libgpod mono-zeroconf
];
in ''
sed -e '2a export MONO_GAC_PREFIX=${monoGACPrefix}' \
-e 's|LD_LIBRARY_PATH=|LD_LIBRARY_PATH=${ldLibraryPath}:|' \
-e "s|GST_PLUGIN_PATH=|GST_PLUGIN_PATH=$GST_PLUGIN_SYSTEM_PATH:|" \
-e 's| mono | ${mono}/bin/mono |' \
-i $out/bin/banshee
'';
meta = with lib; {
homepage = "http://banshee.fm/";
description = "A music player written in C# using GNOME technologies";
platforms = platforms.linux;
maintainers = [ maintainers.zohl ];
license = licenses.mit;
};
}

20
pkgs/applications/audio/milkytracker/decompressor_gzip.patch
View file

@ -1,20 +0,0 @@
https://bugs.archlinux.org/task/31324
https://410333.bugs.gentoo.org/attachment.cgi?id=322456
diff -ur src.old/compression/DecompressorGZIP.cpp src/compression/DecompressorGZIP.cpp
--- src.old/compression/DecompressorGZIP.cpp 2012-08-28 17:54:46.000000000 +0200
+++ src/compression/DecompressorGZIP.cpp 2012-08-28 17:55:21.000000000 +0200
@@ -57,11 +57,11 @@
bool DecompressorGZIP::decompress(const PPSystemString& outFileName, Hints hint)
{
- gzFile *gz_input_file = NULL;
+ gzFile gz_input_file = NULL;
int len = 0;
pp_uint8 *buf;
- if ((gz_input_file = (void **)gzopen (fileName.getStrBuffer(), "r")) == NULL)
+ if ((gz_input_file = gzopen (fileName.getStrBuffer(), "r")) == NULL)
return false;
if ((buf = new pp_uint8[0x10000]) == NULL)

27
pkgs/applications/audio/milkytracker/default.nix
View file

@ -1,29 +1,26 @@
{ stdenv, fetchurl, SDL2, alsaLib, cmake, libjack2, perl
, zlib, zziplib, pkgconfig, makeWrapper
}:
{ stdenv, fetchFromGitHub, cmake, pkgconfig, makeWrapper
, SDL2, alsaLib, libjack2, lhasa, perl, rtmidi, zlib, zziplib }:
stdenv.mkDerivation rec {
version = "1.01";
version = "1.02.00";
name = "milkytracker-${version}";
src = fetchurl {
url = "https://github.com/milkytracker/MilkyTracker/archive/v${version}.00.tar.gz";
sha256 = "1dvnddsnn9c83lz4dlm0cfjpc0m524amfkbalxbswdy0qc8cj1wv";
src = fetchFromGitHub {
owner = "milkytracker";
repo = "MilkyTracker";
rev = "v${version}";
sha256 = "05a6d7l98k9i82dwrgi855dnccm3f2lkb144gi244vhk1156n0ca";
};
preBuild=''
export CPATH=${zlib.out}/lib
'';
nativeBuildInputs = [ cmake pkgconfig makeWrapper ];
buildInputs = [ SDL2 alsaLib libjack2 perl zlib zziplib ];
buildInputs = [ SDL2 alsaLib libjack2 lhasa perl rtmidi zlib zziplib ];
meta = {
meta = with stdenv.lib; {
description = "Music tracker application, similar to Fasttracker II";
homepage = http://milkytracker.org;
license = stdenv.lib.licenses.gpl3Plus;
license = licenses.gpl3Plus;
platforms = [ "x86_64-linux" "i686-linux" ];
maintainers = [ stdenv.lib.maintainers.zoomulator ];
maintainers = with maintainers; [ zoomulator ];
};
}

63
pkgs/applications/audio/pulseaudio-modules-bt/default.nix Normal file
View file

@ -0,0 +1,63 @@
{ stdenv
, runCommand
, fetchFromGitHub
, libpulseaudio
, pulseaudio
, pkgconfig
, libtool
, cmake
, bluez
, dbus
, sbc
}:
let
pulseSources = runCommand "pulseaudio-sources" {} ''
mkdir $out
tar -xf ${pulseaudio.src}
mv pulseaudio*/* $out/
'';
in stdenv.mkDerivation rec {
name = "pulseaudio-modules-bt-${version}";
version = "unstable-2018-09-11";
src = fetchFromGitHub {
owner = "EHfive";
repo = "pulseaudio-modules-bt";
rev = "9c6ad75382f3855916ad2feaa6b40e37356d80cc";
sha256 = "1iz4m3y6arsvwcyvqc429w252dl3apnhvl1zhyvfxlbg00d2ii0h";
fetchSubmodules = true;
};
nativeBuildInputs = [
pkgconfig
cmake
];
buildInputs = [
libpulseaudio
pulseaudio
libtool
bluez
dbus
sbc
];
NIX_CFLAGS_COMPILE = [
"-L${pulseaudio}/lib/pulseaudio"
];
prePatch = ''
rm -r pa
ln -s ${pulseSources} pa
'';
meta = with stdenv.lib; {
homepage = https://github.com/EHfive/pulseaudio-modules-bt;
description = "SBC, Sony LDAC codec (A2DP Audio) support for Pulseaudio";
platforms = platforms.linux;
license = licenses.mit;
maintainers = with maintainers; [ adisbladis ];
};
}

4
pkgs/applications/audio/puredata/default.nix
View file

@ -4,11 +4,11 @@
stdenv.mkDerivation rec {
name = "puredata-${version}";
version = "0.48-0";
version = "0.48-2";
src = fetchurl {
url = "http://msp.ucsd.edu/Software/pd-${version}.src.tar.gz";
sha256 = "0wy9kl2v00fl27x4mfzhbca415hpaisp6ls8a6mkl01qbw20krny";
sha256 = "0p86hncgzkrl437v2wch2fg9iyn6mnrgbn811sh9pwmrjj2f06v8";
};
nativeBuildInputs = [ autoreconfHook gettext makeWrapper ];

4
pkgs/applications/audio/qmmp/default.nix
View file

@ -29,11 +29,11 @@
# handle that.
stdenv.mkDerivation rec {
name = "qmmp-1.2.2";
name = "qmmp-1.2.3";
src = fetchurl {
url = "http://qmmp.ylsoftware.com/files/${name}.tar.bz2";
sha256 = "01nnyg8m3p3px1fj3lfsqqv9zh1388dwx1bm2qv4v87jywimgp79";
sha256 = "05lqmj22vr5ch1i0928d64ybdnn3qc66s9lgarx5s6x6ffr6589j";
};
buildInputs =

4
pkgs/applications/audio/rosegarden/default.nix
View file

@ -3,12 +3,12 @@
, liblo, liblrdf, libsamplerate, libsndfile, lirc ? null, qtbase }:
stdenv.mkDerivation (rec {
version = "17.12.1";
version = "18.06";
name = "rosegarden-${version}";
src = fetchurl {
url = "mirror://sourceforge/rosegarden/${name}.tar.bz2";
sha256 = "155kqbxg85wqv0w97cmmx8wq0r4xb3qpnk20lfma04vj8k6hc1mg";
sha256 = "04qc80sqb2ji42pq3mayhvqqn39hlxzymsywpbpzfpchr19chxx7";
};
patchPhase = ''

4
pkgs/applications/audio/snd/default.nix
View file

@ -4,11 +4,11 @@
}:
stdenv.mkDerivation rec {
name = "snd-18.6";
name = "snd-18.7";
src = fetchurl {
url = "mirror://sourceforge/snd/${name}.tar.gz";
sha256 = "1jyqkkz2a6zw0jn9y15xd3027r8glkpw794fjk6hd3al1byjhz2z";
sha256 = "1d7g043r534shwsq5s4xsywgn5qv96v9wnhdx04j21s9w7fy9ypl";
};
nativeBuildInputs = [ pkgconfig ];

2
pkgs/applications/audio/sound-juicer/default.nix
View file

@ -22,6 +22,8 @@ in stdenv.mkDerivation rec{
gst_all_1.gst-libav
];
NIX_CFLAGS_COMPILE="-Wno-error=format-nonliteral";
passthru = {
updateScript = gnome3.updateScript {
packageName = pname;

8
pkgs/applications/audio/spotify/default.nix
View file

@ -5,14 +5,14 @@
let
# TO UPDATE: just execute the ./update.sh script (won't do anything if there is no update)
# "rev" decides what is actually being downloaded
version = "1.0.88.353.g15c26ea1-14";
version = "1.0.83.316.ge96b6e67-5";
# To get the latest stable revision:
# curl -H 'X-Ubuntu-Series: 16' 'https://api.snapcraft.io/api/v1/snaps/details/spotify?channel=stable' | jq '.download_url,.version,.last_updated'
# To get general information:
# curl -H 'Snap-Device-Series: 16' 'https://api.snapcraft.io/v2/snaps/info/spotify' | jq '.'
# More exapmles of api usage:
# More examples of api usage:
# https://github.com/canonical-websites/snapcraft.io/blob/master/webapp/publisher/snaps/views.py
rev = "19";
rev = "17";
deps = [
@ -65,7 +65,7 @@ stdenv.mkDerivation {
# https://community.spotify.com/t5/Desktop-Linux/Redistribute-Spotify-on-Linux-Distributions/td-p/1695334
src = fetchurl {
url = "https://api.snapcraft.io/api/v1/snaps/download/pOBIoZ2LrCB3rDohMxoYGnbN14EHOgD7_${rev}.snap";
sha512 = "3a068cbe3c1fca84ae67e28830216f993aa459947517956897c3b3f63063005c9db646960e85185b149747ffc302060c208a7f9968ea69d50a3496067089f3db";
sha512 = "19bbr4142shsl4qrikf48vq7kyrd4k4jbsada13qxicxps46a9bx51vjm2hkijqv739c1gdkgzwx7llyk95z26lhrz53shm2n5ij8xi";
};
buildInputs = [ squashfsTools makeWrapper ];

12
pkgs/applications/editors/android-studio/default.nix
View file

@ -13,14 +13,14 @@ let
sha256Hash = "0xx6yprylmcb32ipmwdcfkgddlm1nrxi1w68miclvgrbk015brf2";
};
betaVersion = {
version = "3.2.0.24"; # "Android Studio 3.2 RC 2"
build = "181.4974118";
sha256Hash = "0sj848pzpsbmnfi2692gg73v6m72hr1pwlk5x8q912w60iypi3pz";
version = "3.2.0.25"; # "Android Studio 3.2 RC 3"
build = "181.4987877";
sha256Hash = "0mriakxxchc0wbqkl236pp4fsqbq3gb2qrkdg5hx9zz763dc59gp";
};
latestVersion = { # canary & dev
version = "3.3.0.7"; # "Android Studio 3.3 Canary 8"
build = "182.4978721";
sha256Hash = "0xa19wrw1a6y7f2jdv8699yqv7g34h3zdw3wc0ql0447afzwg9a9";
version = "3.3.0.9"; # "Android Studio 3.3 Canary 10"
build = "182.4996246";
sha256Hash = "0g6hhfhlfj9szw48z22n869n6d0rw5fhljazj63dmw6i4v6rd92g";
};
in rec {
# Old alias

24
pkgs/applications/editors/aseprite/default.nix
View file

@ -1,5 +1,5 @@
{ stdenv, lib, fetchFromGitHub, cmake, pkgconfig
, curl, freetype, giflib, libjpeg, libpng, libwebp, pixman, tinyxml, zlib
{ stdenv, lib, fetchFromGitHub, fetchpatch, cmake, pkgconfig
, curl, freetype, giflib, harfbuzz, libjpeg, libpng, libwebp, pixman, tinyxml, zlib
, libX11, libXext, libXcursor, libXxf86vm
, unfree ? false
, cmark
@ -11,7 +11,7 @@
stdenv.mkDerivation rec {
name = "aseprite-${version}";
version = if unfree then "1.2.4" else "1.1.7";
version = if unfree then "1.2.9" else "1.1.7";
src = fetchFromGitHub {
owner = "aseprite";
@ -19,16 +19,27 @@ stdenv.mkDerivation rec {
rev = "v${version}";
fetchSubmodules = true;
sha256 = if unfree
then "1rnf4a8vgddz8x55rpqaihlxmqip1kgpdhqb4d3l71h1zmidg5k3"
then "0a9xk163j0984n8nn6pqf27n83gr6w7g25wkiv591zx88pa6cpbd"
else "0gd49lns2bpzbkwax5jf9x1xmg1j8ij997kcxr2596cwiswnw4di";
};
nativeBuildInputs = [ cmake pkgconfig ];
buildInputs = [
curl freetype giflib libjpeg libpng libwebp pixman tinyxml zlib
curl freetype giflib harfbuzz libjpeg libpng libwebp pixman tinyxml zlib
libX11 libXext libXcursor libXxf86vm
] ++ lib.optionals unfree [ cmark ];
] ++ lib.optionals unfree [ cmark harfbuzz ];
patches = lib.optionals unfree [
(fetchpatch {
url = "https://github.com/aseprite/aseprite/commit/cfb4dac6feef1f39e161c23c886055a8f9acfd0d.patch";
sha256 = "1qhjfpngg8b1vvb9w26lhjjfamfx57ih0p31km3r5l96nm85l7f9";
})
(fetchpatch {
url = "https://github.com/orivej/aseprite/commit/ea87e65b357ad0bd65467af5529183b5a48a8c17.patch";
sha256 = "1vwn8ivap1pzdh444sdvvkndp55iz146nhmd80xbm8cyzn3qmg91";
})
];
postPatch = ''
sed -i src/config.h -e "s-\\(#define VERSION\\) .*-\\1 \"$version\"-"
@ -49,6 +60,7 @@ stdenv.mkDerivation rec {
"-DWITH_WEBP_SUPPORT=ON"
] ++ lib.optionals unfree [
"-DUSE_SHARED_CMARK=ON"
"-DUSE_SHARED_HARFBUZZ=ON"
# Aseprite needs internal freetype headers.
"-DUSE_SHARED_FREETYPE=OFF"
# Disable libarchive programs.

32
pkgs/applications/editors/emacs/default.nix
View file

@ -4,8 +4,9 @@
, alsaLib, cairo, acl, gpm, AppKit, GSS, ImageIO, m17n_lib, libotf
, systemd ? null
, withX ? !stdenv.isDarwin
, withGTK2 ? false, gtk2 ? null
, withGTK3 ? true, gtk3 ? null, gsettings-desktop-schemas ? null
, withNS ? stdenv.isDarwin
, withGTK2 ? false, gtk2-x11 ? null
, withGTK3 ? true, gtk3-x11 ? null, gsettings-desktop-schemas ? null
, withXwidgets ? false, webkitgtk ? null, wrapGAppsHook ? null, glib-networking ? null
, withCsrc ? true
, srcRepo ? false, autoconf ? null, automake ? null, texinfo ? null
@ -13,10 +14,12 @@
assert (libXft != null) -> libpng != null; # probably a bug
assert stdenv.isDarwin -> libXaw != null; # fails to link otherwise
assert withGTK2 -> withX || stdenv.isDarwin;
assert withGTK3 -> withX || stdenv.isDarwin;
assert withGTK2 -> !withGTK3 && gtk2 != null;
assert withGTK3 -> !withGTK2 && gtk3 != null;
assert withNS -> !withX;
assert withNS -> stdenv.isDarwin;
assert (withGTK2 && !withNS) -> withX;
assert (withGTK3 && !withNS) -> withX;
assert withGTK2 -> !withGTK3 && gtk2-x11 != null;
assert withGTK3 -> !withGTK2 && gtk3-x11 != null;
assert withXwidgets -> withGTK3 && webkitgtk != null;
let
@ -56,19 +59,22 @@ stdenv.mkDerivation rec {
++ lib.optionals stdenv.isLinux [ dbus libselinux systemd ]
++ lib.optionals withX
[ xlibsWrapper libXaw Xaw3d libXpm libpng libjpeg libungif libtiff librsvg libXft
imagemagick gconf m17n_lib libotf ]
++ lib.optional (withX && withGTK2) gtk2
++ lib.optionals (withX && withGTK3) [ gtk3 gsettings-desktop-schemas ]
imagemagick gconf ]
++ lib.optionals (stdenv.isLinux && withX) [ m17n_lib libotf ]
++ lib.optional (withX && withGTK2) gtk2-x11
++ lib.optionals (withX && withGTK3) [ gtk3-x11 gsettings-desktop-schemas ]
++ lib.optional (stdenv.isDarwin && withX) cairo
++ lib.optionals (withX && withXwidgets) [ webkitgtk ];
propagatedBuildInputs = lib.optionals stdenv.isDarwin [ AppKit GSS ImageIO ];
propagatedBuildInputs = lib.optionals withNS [ AppKit GSS ImageIO ];
hardeningDisable = [ "format" ];
configureFlags = [ "--with-modules" ] ++
(if stdenv.isDarwin
then [ "--with-ns" "--disable-ns-self-contained" ]
(lib.optional stdenv.isDarwin
(lib.withFeature withNS "ns")) ++
(if withNS
then [ "--disable-ns-self-contained" ]
else if withX
then [ "--with-x-toolkit=${toolkit}" "--with-xft" ]
else [ "--with-x=no" "--with-xpm=no" "--with-jpeg=no" "--with-png=no"
@ -103,7 +109,7 @@ stdenv.mkDerivation rec {
cp $srcdir/TAGS $dstdir
echo '((nil . ((tags-file-name . "TAGS"))))' > $dstdir/.dir-locals.el
done
'' + lib.optionalString stdenv.isDarwin ''
'' + lib.optionalString withNS ''
mkdir -p $out/Applications
mv nextstep/Emacs.app $out/Applications
'';

4
pkgs/applications/editors/focuswriter/default.nix
View file

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
name = "focuswriter-${version}";
version = "1.6.15";
version = "1.6.16";
src = fetchurl {
url = "https://gottcode.org/focuswriter/focuswriter-${version}-src.tar.bz2";
sha256 = "0afs9cm5q7zxag28m427ycwwxkbn47zw7v111x7963ydqyn9gr9q";
sha256 = "1warfv9d485a7ysmjazxw4zvi9l0ih1021s6c5adkc86m88k296m";
};
nativeBuildInputs = [ pkgconfig qmake qttools ];

6
pkgs/applications/editors/kakoune/default.nix
View file

@ -4,12 +4,12 @@ with stdenv.lib;
stdenv.mkDerivation rec {
name = "kakoune-unstable-${version}";
version = "2018-08-05";
version = "2018.09.04";
src = fetchFromGitHub {
repo = "kakoune";
owner = "mawww";
rev = "ae75032936ed9ffa2bf14589fef115d3d684a7c6";
sha256 = "1qm6i8vzr4wjxxdvhr54pan0ysxq1sn880bz8p2w9y6qa91yd3m3";
rev = "v${version}";
sha256 = "08v55hh7whm6hx6a047gszh0h5g35k3r8r52aggv7r2ybzrrw6w1";
};
nativeBuildInputs = [ pkgconfig ];
buildInputs = [ ncurses asciidoc docbook_xsl libxslt ];

8
pkgs/applications/editors/nano/default.nix
View file

@ -14,17 +14,17 @@ let
nixSyntaxHighlight = fetchFromGitHub {
owner = "seitz";
repo = "nanonix";
rev = "7483fd8b79f1f3f2179dbbd46aa400df4320ba10";
sha256 = "10pv75kfrgnziz8sr83hdbb0c3klm2fmsdw3i5cpqqf5va1fzb8h";
rev = "bf8d898efaa10dce3f7972ff765b58c353b4b4ab";
sha256 = "0773s5iz8aw9npgyasb0r2ybp6gvy2s9sq51az8w7h52bzn5blnn";
};
in stdenv.mkDerivation rec {
name = "nano-${version}";
version = "2.9.8";
version = "3.0";
src = fetchurl {
url = "mirror://gnu/nano/${name}.tar.xz";
sha256 = "122lm0z97wk3mgnbn8m4d769d4j9rxyc9z7s89xd4gsdp8qsrpn2";
sha256 = "1868hg9s584fwjrh0fzdrixmxc2qhw520z4q5iv68kjiajivr9g0";
};
nativeBuildInputs = [ texinfo ] ++ optional enableNls gettext;

29
pkgs/applications/editors/nano/nanorc/default.nix Normal file
View file

@ -0,0 +1,29 @@
{ stdenv, fetchFromGitHub }:
stdenv.mkDerivation rec {
name = "nanorc-${version}";
version = "2018-09-05";
src = fetchFromGitHub {
owner = "scopatz";
repo = "nanorc";
rev = "1e589cb729d24fba470228d429e6dde07973d597";
sha256 = "136yxr38lzrfv8bar0c6c56rh54q9s94zpwa19f425crh44drppl";
};
dontBuild = true;
installPhase = ''
mkdir -p $out/share
install *.nanorc $out/share/
'';
meta = {
description = "Improved Nano Syntax Highlighting Files";
homepage = https://github.com/scopatz/nanorc;
license = stdenv.lib.licenses.gpl3;
maintainers = with stdenv.lib.maintainers; [ nequissimus ];
platforms = stdenv.lib.platforms.all;
};
}

2
pkgs/applications/editors/neovim/wrapper.nix
View file

@ -30,7 +30,7 @@ let
/* for compatibility with passing extraPythonPackages as a list; added 2018-07-11 */
compatFun = funOrList: (if builtins.isList funOrList then
(_: builtins.trace "passing a list as extraPythonPackages to the neovim wrapper is deprecated, pass a function as to python.withPackages instead" funOrList)
(_: lib.warn "passing a list as extraPythonPackages to the neovim wrapper is deprecated, pass a function as to python.withPackages instead" funOrList)
else funOrList);
extraPythonPackagesFun = compatFun extraPythonPackages;
extraPython3PackagesFun = compatFun extraPython3Packages;

4
pkgs/applications/editors/okteta/default.nix
View file

@ -4,11 +4,11 @@
stdenv.mkDerivation rec {
name = "okteta-${version}";
version = "0.25.2";
version = "0.25.3";
src = fetchurl {
url = "mirror://kde/stable/okteta/${version}/src/${name}.tar.xz";
sha256 = "00mw8gdqvn6vn6ir6kqnp7xi3lpn6iyp4f5aknxwq6mdcxgjmh1p";
sha256 = "0mm6pmk7k9c581b12a3wl0ayhadvyymfzmscy9x32b391qy9inai";
};
nativeBuildInputs = [ qtscript extra-cmake-modules kdoctools ];

4
pkgs/applications/editors/rednotebook/default.nix
View file

@ -5,13 +5,13 @@
buildPythonApplication rec {
pname = "rednotebook";
version = "2.3";
version = "2.6.1";
src = fetchFromGitHub {
owner = "jendrikseipp";
repo = "rednotebook";
rev = "v${version}";
sha256 = "0zkfid104hcsf20r6829v11wxdghqkd3j1zbgyvd1s7q4nxjn5lj";
sha256 = "1x6acx0hagsawx84cv55qz17p8qjpq1v1zaf8rmm6ifsslsxw91h";
};
# We have not packaged tests.

43
pkgs/applications/editors/thonny/default.nix Normal file
View file

@ -0,0 +1,43 @@
{ stdenv, fetchFromBitbucket, python3 }:
with python3.pkgs;
buildPythonApplication rec {
pname = "thonny";
version = "3.0.0b3";
src = fetchFromBitbucket {
owner = "plas";
repo = pname;
rev = "a511d4539c532b6dddf6d7f1586d30e1ac35bd86";
sha256 = "1s3pp97r6p3j81idglnml4faxryk7saszxmv3gys1agdfj75qczr";
};
propagatedBuildInputs = with python3.pkgs; [ jedi pyserial tkinter docutils pylint ];
preInstall = ''
export HOME=$(mktemp -d)
'';
preFixup = ''
wrapProgram "$out/bin/thonny" \
--prefix PYTHONPATH : $PYTHONPATH:$(toPythonPath ${python3.pkgs.jedi})
'';
# Tests need a DISPLAY
doCheck = false;
meta = with stdenv.lib; {
description = "Python IDE for beginners";
longDescription = ''
Thonny is a Python IDE for beginners. It supports different ways
of stepping through the code, step-by-step expression
evaluation, detailed visualization of the call stack and a mode
for explaining the concepts of references and heap.
'';
homepage = https://www.thonny.org/;
license = licenses.mit;
maintainers = with maintainers; [ leenaars ];
platforms = platforms.linux;
};
}

16
pkgs/applications/graphics/PythonMagick/default.nix
View file

@ -1,6 +1,6 @@
# This expression provides Python bindings to ImageMagick. Python libraries are supposed to be called via `python-packages.nix`.
{stdenv, fetchurl, python, boost, pkgconfig, imagemagick}:
{ stdenv, fetchurl, python, pkgconfig, imagemagick, autoreconfHook }:
stdenv.mkDerivation rec {
name = "pythonmagick-${version}";
@ -11,10 +11,18 @@ stdenv.mkDerivation rec {
sha256 = "137278mfb5079lns2mmw73x8dhpzgwha53dyl00mmhj2z25varpn";
};
nativeBuildInputs = [ pkgconfig ];
buildInputs = [python boost imagemagick];
postPatch = ''
rm configure
'';
meta = {
configureFlags = [ "--with-boost=${python.pkgs.boost}" ];
nativeBuildInputs = [ pkgconfig autoreconfHook ];
buildInputs = [ python python.pkgs.boost imagemagick ];
meta = with stdenv.lib; {
homepage = http://www.imagemagick.org/script/api.php;
license = licenses.imagemagick;
description = "PythonMagick provides object oriented bindings for the ImageMagick Library.";
};
}

26
pkgs/applications/graphics/antimony/default.nix
View file

@ -1,29 +1,34 @@
{ stdenv, fetchFromGitHub, libpng, python3, boost, libGLU_combined, qtbase, ncurses, cmake, flex, lemon }:
{ stdenv, fetchFromGitHub, libpng, python3
, libGLU_combined, qtbase, ncurses
, cmake, flex, lemon
}:
let
gitRev = "020910c25614a3752383511ede5a1f5551a8bd39";
gitBranch = "master";
gitRev = "60a58688e552f12501980c4bdab034ab0f2ba059";
gitBranch = "develop";
gitTag = "0.9.3";
in
stdenv.mkDerivation rec {
name = "antimony-${version}";
version = gitTag;
version = "2018-07-17";
src = fetchFromGitHub {
owner = "mkeeter";
repo = "antimony";
rev = gitTag;
sha256 = "1vm5h5py8l3b8h4pbmm8s3wlxvlw492xfwnlwx0nvl0cjs8ba6r4";
owner = "mkeeter";
repo = "antimony";
rev = gitRev;
sha256 = "0pgf6kr23xw012xsil56j5gq78mlirmrlqdm09m5wlgcf4vr6xnl";
};
patches = [ ./paths-fix.patch ];
postPatch = ''
sed -i "s,/usr/local,$out,g" app/CMakeLists.txt app/app/app.cpp app/app/main.cpp
sed -i "s,/usr/local,$out,g" \
app/CMakeLists.txt app/app/app.cpp app/app/main.cpp
sed -i "s,python-py35,python36," CMakeLists.txt
'';
buildInputs = [
libpng python3 (boost.override { python = python3; })
libpng python3 python3.pkgs.boost
libGLU_combined qtbase ncurses
];
@ -41,6 +46,7 @@ in
description = "A computer-aided design (CAD) tool from a parallel universe";
homepage = "https://github.com/mkeeter/antimony";
license = licenses.mit;
maintainers = with maintainers; [ rnhmjoj ];
platforms = platforms.linux;
};
}

2
pkgs/applications/graphics/imv/default.nix
View file

@ -26,7 +26,7 @@ stdenv.mkDerivation rec {
homepage = https://github.com/eXeC64/imv;
license = licenses.gpl2;
maintainers = with maintainers; [ rnhmjoj ];
platforms = [ "x86_64-linux" ];
platforms = [ "i686-linux" "x86_64-linux" ];
};
}

4
pkgs/applications/graphics/kipi-plugins/default.nix
View file

@ -7,11 +7,11 @@
stdenv.mkDerivation rec {
name = "kipi-plugins-${version}";
version = "5.2.0";
version = "5.9.0";
src = fetchurl {
url = "http://download.kde.org/stable/digikam/digikam-${version}.tar.xz";
sha256 = "0q4j7iv20cxgfsr14qwzx05wbp2zkgc7cg2pi7ibcnwba70ky96g";
sha256 = "06qdalf2mwx2f43p3bljy3vn5bk8n3x539kha6ky2vzxvkp343b6";
};
prePatch = ''

2
pkgs/applications/kde/fetch.sh
View file

@ -1 +1 @@
WGET_ARGS=( https://download.kde.org/stable/applications/18.08.0/ -A '*.tar.xz' )
WGET_ARGS=( https://download.kde.org/stable/applications/18.08.1/ -A '*.tar.xz' )

1712
pkgs/applications/kde/srcs.nix
View file

File diff suppressed because it is too large Load diff

4
pkgs/applications/misc/dbeaver/default.nix
View file

@ -7,7 +7,7 @@
stdenv.mkDerivation rec {
name = "dbeaver-ce-${version}";
version = "5.1.6";
version = "5.2.0";
desktopItem = makeDesktopItem {
name = "dbeaver";
@ -30,7 +30,7 @@ stdenv.mkDerivation rec {
src = fetchurl {
url = "https://dbeaver.io/files/${version}/dbeaver-ce-${version}-linux.gtk.x86_64.tar.gz";
sha256 = "1zypadnyhinm6mfv91s7zs2s55bhzgkqhl6ai6x3yqwhvayc02nn";
sha256 = "13j2qc4g24d2gmkxj9zpqrcbai9aq8rassrq3c9mp9ir6sf4q0jf";
};
installPhase = ''

26
pkgs/applications/misc/electrum/default.nix
View file

@ -1,12 +1,24 @@
{ stdenv, fetchurl, python3, python3Packages, zbar }:
let
qdarkstyle = python3Packages.buildPythonPackage rec {
pname = "QDarkStyle";
version = "2.5.4";
src = python3Packages.fetchPypi {
inherit pname version;
sha256 = "1w715m1i5pycfqcpkrggpn0rs9cakx6cm5v8rggcxnf4p0i0kdiy";
};
doCheck = false; # no tests
};
in
python3Packages.buildPythonApplication rec {
name = "electrum-${version}";
version = "3.1.3";
version = "3.2.3";
src = fetchurl {
url = "https://download.electrum.org/${version}/Electrum-${version}.tar.gz";
sha256 = "05m28yd3zr9awjhaqikf4rg08j5i4ygm750ip1z27wl446sysniy";
sha256 = "022iw4cq0c009wvqn7wd815jc0nv8198lq3cawn8h6c28hw2mhs1";
};
propagatedBuildInputs = with python3Packages; [
@ -17,12 +29,14 @@ python3Packages.buildPythonApplication rec {
pbkdf2
protobuf
pyaes
pycrypto
pycryptodomex
pyqt5
pysocks
qdarkstyle
qrcode
requests
tlslite
typing
# plugins
keepkey
@ -35,10 +49,10 @@ python3Packages.buildPythonApplication rec {
preBuild = ''
sed -i 's,usr_share = .*,usr_share = "'$out'/share",g' setup.py
pyrcc5 icons.qrc -o gui/qt/icons_rc.py
pyrcc5 icons.qrc -o electrum/gui/qt/icons_rc.py
# Recording the creation timestamps introduces indeterminism to the build
sed -i '/Created: .*/d' gui/qt/icons_rc.py
sed -i "s|name = 'libzbar.*'|name='${zbar}/lib/libzbar.so'|" lib/qrscanner.py
sed -i '/Created: .*/d' electrum/gui/qt/icons_rc.py
sed -i "s|name = 'libzbar.*'|name='${zbar}/lib/libzbar.so'|" electrum/qrscanner.py
'';
postInstall = ''

4
pkgs/applications/misc/josm/default.nix
View file

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
name = "josm-${version}";
version = "14066";
version = "14178";
src = fetchurl {
url = "https://josm.openstreetmap.de/download/josm-snapshot-${version}.jar";
sha256 = "06mhaz5vr19ydqc5irhgcbl0s8fifwvaq60iz2nsnlxb1pw89xia";
sha256 = "08an4s8vbcd8vyinnvd7cxmgnrsy47j78a94nk6vq244gp7v5n0r";
};
buildInputs = [ jre10 makeWrapper ];

4
pkgs/applications/misc/khal/default.nix
View file

@ -46,6 +46,10 @@ in with python.pkgs; buildPythonApplication rec {
nativeBuildInputs = [ setuptools_scm pkgs.glibcLocales ];
checkInputs = [ pytest ];
postInstall = ''
install -D misc/__khal $out/share/zsh/site-functions/__khal
'';
checkPhase = ''
py.test
'';

8
pkgs/applications/misc/kitty/default.nix
View file

@ -2,12 +2,12 @@
fontconfig, pkgconfig, ncurses, imagemagick, xsel,
libstartup_notification, libX11, libXrandr, libXinerama, libXcursor,
libxkbcommon, libXi, libXext, wayland-protocols, wayland,
which
which, dbus
}:
with python3Packages;
buildPythonApplication rec {
version = "0.11.3";
version = "0.12.0";
name = "kitty-${version}";
format = "other";
@ -15,13 +15,13 @@ buildPythonApplication rec {
owner = "kovidgoyal";
repo = "kitty";
rev = "v${version}";
sha256 = "1fql8ayxvip8hgq9gy0dhqfvngv13gh5bf71vnc3agd80kzq1n73";
sha256 = "1n2pi9pc903inls1fvz257q7wpif76rj394qkgq7pixpisijdyjm";
};
buildInputs = [
fontconfig glfw ncurses libunistring harfbuzz libX11
libXrandr libXinerama libXcursor libxkbcommon libXi libXext
wayland-protocols wayland
wayland-protocols wayland dbus
];
nativeBuildInputs = [ pkgconfig which sphinx ];

5
pkgs/applications/misc/lilyterm/default.nix
View file

@ -1,13 +1,12 @@
{ stdenv, fetchurl, fetchFromGitHub
{ stdenv, lib, fetchurl, fetchFromGitHub
, pkgconfig
, autoconf, automake, intltool, gettext
, gtk, vte
# "stable" or "git"
, flavour ? "stable"
}:
assert flavour == "stable" || flavour == "git";
assert lib.assertOneOf "flavour" flavour [ "stable" "git" ];
let
stuff =

4
pkgs/applications/misc/mediainfo-gui/default.nix
View file

@ -2,11 +2,11 @@
, desktop-file-utils, libSM, imagemagick }:
stdenv.mkDerivation rec {
version = "18.05";
version = "18.08";
name = "mediainfo-gui-${version}";
src = fetchurl {
url = "https://mediaarea.net/download/source/mediainfo/${version}/mediainfo_${version}.tar.xz";
sha256 = "0rgsfplisf729n1j3fyg82wpw88aahisrddn5wq9yx8hz6m96h6r";
sha256 = "0l4bhrgwfn3da6cr0jz5vs17sk7k0bc26nk7hymv04xifns5999n";
};
nativeBuildInputs = [ autoreconfHook pkgconfig ];

Some files were not shown because too many files have changed in this diff Show more