b12f/nixpkgs
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Merge master into staging-next

Browse source
This commit is contained in:
github-actions[bot] 2022-12-12 12:01:25 +00:00 committed by GitHub
parent 63c2909cc1 ae11c6f4e5
commit 3fcd016cea
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
44 changed files with 488 additions and 123 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
nixos/doc/manual/from_md/release-notes/rl-2305.section.xml
View file

@ -214,7 +214,7 @@
</listitem>
<listitem>
<para>
The minimal ISO image now use
The minimal ISO image now uses the
<literal>nixos/modules/profiles/minimal.nix</literal> profile.
</para>
</listitem>

2
nixos/doc/manual/release-notes/rl-2305.section.md
View file

@ -64,7 +64,7 @@ In addition to numerous new and upgraded packages, this release has the followin
- To reduce closure size in `nixos/modules/profiles/minimal.nix` profile disabled installation documentations and manuals. Also disabled `logrotate` and `udisks2` services.
- The minimal ISO image now use `nixos/modules/profiles/minimal.nix` profile.
- The minimal ISO image now uses the `nixos/modules/profiles/minimal.nix` profile.
- A new `virtualisation.rosetta` module was added to allow running `x86_64` binaries through [Rosetta](https://developer.apple.com/documentation/apple-silicon/about-the-rosetta-translation-environment) inside virtualised NixOS guests on Apple silicon. This feature works by default with the [UTM](https://docs.getutm.app/) virtualisation [package](https://search.nixos.org/packages?channel=unstable&show=utm&from=0&size=1&sort=relevance&type=packages&query=utm).

5
nixos/maintainers/scripts/lxd/lxd-image-inner.nix
View file

@ -94,9 +94,4 @@ with lib;
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "21.05"; # Did you read the comment?
# As this is intended as a stadalone image, undo some of the minimal profile stuff
documentation.enable = true;
documentation.nixos.enable = true;
environment.noXlibs = false;
}

5
nixos/maintainers/scripts/lxd/lxd-image.nix
View file

@ -26,9 +26,4 @@ with lib;
# Network
networking.useDHCP = false;
networking.interfaces.eth0.useDHCP = true;
# As this is intended as a standalone image, undo some of the minimal profile stuff
documentation.enable = true;
documentation.nixos.enable = true;
environment.noXlibs = false;
}

2
nixos/modules/services/monitoring/prometheus/alertmanager.nix
View file

@ -34,7 +34,7 @@ in {
(mkRemovedOptionModule [ "services" "prometheus" "alertmanager" "group" ] "The alertmanager service is now using systemd's DynamicUser mechanism which obviates a group setting.")
(mkRemovedOptionModule [ "services" "prometheus" "alertmanagerURL" ] ''
Due to incompatibility, the alertmanagerURL option has been removed,
please use 'services.prometheus2.alertmanagers' instead.
please use 'services.prometheus.alertmanagers' instead.
'')
];

8
nixos/modules/virtualisation/lxc-container.nix
View file

@ -51,8 +51,8 @@ in
{
imports = [
../installer/cd-dvd/channel.nix
../profiles/minimal.nix
../profiles/clone-config.nix
../profiles/minimal.nix
];
options = {
@ -199,5 +199,11 @@ in
# Containers should be light-weight, so start sshd on demand.
services.openssh.enable = mkDefault true;
services.openssh.startWhenNeeded = mkDefault true;
# As this is intended as a standalone image, undo some of the minimal profile stuff
environment.noXlibs = false;
documentation.enable = true;
documentation.nixos.enable = true;
services.logrotate.enable = true;
};
}

1
pkgs/applications/misc/metamorphose2/default.nix
View file

@ -28,7 +28,6 @@ stdenv.mkDerivation {
--add-flags "-O $out/share/metamorphose2/metamorphose2.py -w=3"
'';
buildInput = [ gettext python3 ];
nativeBuildInputs = [ makeWrapper ];
propagatedBuildInputs = with python3.pkgs; [ mutagen wxPython_4_1 pillow six ];

5
pkgs/applications/networking/flexget/default.nix
View file

@ -5,7 +5,7 @@
python3Packages.buildPythonApplication rec {
pname = "flexget";
version = "3.5.9";
version = "3.5.10";
format = "pyproject";
# Fetch from GitHub in order to use `requirements.in`
@ -13,7 +13,7 @@ python3Packages.buildPythonApplication rec {
owner = "flexget";
repo = "flexget";
rev = "refs/tags/v${version}";
hash = "sha256-oxWN+gFjy/Kf447SBiD7oUTA9+JhmtQ2oaAMQESsGUs=";
hash = "sha256-vxwhqbupXr0Kj3+HeXBrI2pfvr+ClaVlCblva+gq0/k=";
};
postPatch = ''
@ -72,6 +72,7 @@ python3Packages.buildPythonApplication rec {
meta = with lib; {
homepage = "https://flexget.com/";
changelog = "https://github.com/Flexget/Flexget/releases/tag/v${version}";
description = "Multipurpose automation tool for all of your media";
license = licenses.mit;
maintainers = with maintainers; [ marsam ];

4
pkgs/applications/office/appflowy/default.nix
View file

@ -13,11 +13,11 @@
stdenv.mkDerivation rec {
pname = "appflowy";
version = "0.0.8";
version = "0.0.8.1";
src = fetchzip {
url = "https://github.com/AppFlowy-IO/appflowy/releases/download/${version}/AppFlowy-linux-x86.tar.gz";
sha256 = "sha256-+nizRA42c0ZzuN8D/puh0TFLnRJVgyAujcTmJZ1UVzo=";
sha256 = "sha256-QMlJSNjN6pe9NNWoCFwo++Ic4/pbDPEjHFabcV2lZo8=";
};
nativeBuildInputs = [

6
pkgs/development/libraries/bencode/default.nix
View file

@ -11,13 +11,13 @@
stdenv.mkDerivation rec {
pname = "bencode";
version = "0.5.0";
version = "1.0.1";
src = fetchFromGitHub {
owner = "fbdtemme";
repo = "bencode";
rev = "v${version}";
hash = "sha256-ePbQ6oTumQ+T5TOb+ReaOYa8Q3lvcMBZ6jTMoquTngg=";
rev = version;
hash = "sha256-zpxvADZfYTUdlNLMZJSCanPL40EGl9BBCxR7oDhvOTw=";
};
nativeBuildInputs = [

6
pkgs/development/ocaml-modules/uecc/default.nix
View file

@ -2,17 +2,15 @@
buildDunePackage rec {
pname = "uecc";
version = "0.3";
version = "0.4";
src = fetchFromGitLab {
owner = "nomadic-labs";
repo = "ocaml-uecc";
rev = "v${version}";
sha256 = "0m3cw34254baajscrwlrj0jp5n0yad3dhgi4jh3pz89iqykj15fr";
hash = "sha256-o/DylUx+olRRloiCU6b1t/xOmW8A5IZB2n3U7fkMo80=";
};
useDune2 = true;
propagatedBuildInputs = [
bigstring
];

49
pkgs/development/python-modules/aiolivisi/default.nix Normal file
View file

@ -0,0 +1,49 @@
{ lib
, aiohttp
, buildPythonPackage
, fetchPypi
, pydantic
, pytestCheckHook
, pythonOlder
, websockets
}:
buildPythonPackage rec {
pname = "aiolivisi";
version = "0.0.14";
format = "setuptools";
disabled = pythonOlder "3.8";
src = fetchPypi {
inherit pname version;
hash = "sha256-n7EQCOItr6MZRnTCfkJrq39bDbw09XyIRzSuZR2TsNg=";
};
postPatch = ''
# https://github.com/StefanIacobLivisi/aiolivisi/pull/3
substituteInPlace setup.py \
--replace 'REQUIREMENTS = list(val.strip() for val in open("requirements.txt"))' "" \
--replace "REQUIREMENTS," "[],"
'';
propagatedBuildInputs = [
aiohttp
pydantic
websockets
];
# Module has no tests
doCheck = false;
pythonImportsCheck = [
"aiolivisi"
];
meta = with lib; {
description = "Module to communicate with LIVISI Smart Home Controller";
homepage = "https://github.com/StefanIacobLivisi/aiolivisi";
license = with licenses; [ asl20 ];
maintainers = with maintainers; [ fab ];
};
}

4
pkgs/development/python-modules/appthreat-vulnerability-db/default.nix
View file

@ -15,7 +15,7 @@
buildPythonPackage rec {
pname = "appthreat-vulnerability-db";
version = "4.1.6";
version = "4.1.8";
format = "setuptools";
disabled = pythonOlder "3.7";
@ -24,7 +24,7 @@ buildPythonPackage rec {
owner = "AppThreat";
repo = "vulnerability-db";
rev = "refs/tags/v${version}";
sha256 = "sha256-iRcRVBkkx8DUoswzyCAIEoP4YoWENb2GsCFgdxS962E=";
hash = "sha256-whTRmVLwJdQDxJEg50xSbzIm6KygPJE4qhQ1BT883T4=";
};
propagatedBuildInputs = [

43
pkgs/development/python-modules/aranet4/default.nix Normal file
View file

@ -0,0 +1,43 @@
{ lib
, bleak
, buildPythonPackage
, fetchFromGitHub
, pytestCheckHook
, pythonOlder
, requests
}:
buildPythonPackage rec {
pname = "aranet4";
version = "2.1.3";
format = "setuptools";
disabled = pythonOlder "3.7";
src = fetchFromGitHub {
owner = "Anrijs";
repo = "Aranet4-Python";
rev = "refs/tags/v${version}";
hash = "sha256-5q4eOC9iuN8pUmDsiQ7OwEXkxi4KdL+bhGVjlQlTBAg=";
};
propagatedBuildInputs = [
bleak
requests
];
checkInputs = [
pytestCheckHook
];
pythonImportsCheck = [
"aranet4"
];
meta = with lib; {
description = "Module to interact with Aranet4 devices";
homepage = "https://github.com/Anrijs/Aranet4-Python";
license = with licenses; [ mit ];
maintainers = with maintainers; [ fab ];
};
}

4
pkgs/development/python-modules/google-cloud-bigtable/default.nix
View file

@ -13,14 +13,14 @@
buildPythonPackage rec {
pname = "google-cloud-bigtable";
version = "2.14.0";
version = "2.14.1";
format = "setuptools";
disabled = pythonOlder "3.7";
src = fetchPypi {
inherit pname version;
hash = "sha256-hJgEFRr65eGuV0xx/4leyBZzdd9jt/SEKm3MApzHCGA=";
hash = "sha256-A40lbmMijD0d1B81n2bcJ43gGaRYkVfmquOO8usRXew=";
};
propagatedBuildInputs = [

4
pkgs/development/python-modules/griffe/default.nix
View file

@ -12,7 +12,7 @@
buildPythonPackage rec {
pname = "griffe";
version = "0.24.1";
version = "0.25.0";
format = "pyproject";
disabled = pythonOlder "3.7";
@ -21,7 +21,7 @@ buildPythonPackage rec {
owner = "mkdocstrings";
repo = pname;
rev = "refs/tags/${version}";
hash = "sha256-HOjwm/IktllmD7Gg9bu8NZqe2RazFC5MNMgH3cld6/8=";
hash = "sha256-LOxk1qQmFJ9gzr6M+Q48KKQmkjuKMxKgrc5ZSbNSFHo=";
};
postPatch = ''

4
pkgs/development/python-modules/hahomematic/default.nix
View file

@ -15,7 +15,7 @@
buildPythonPackage rec {
pname = "hahomematic";
version = "2022.12.1";
version = "2022.12.2";
format = "pyproject";
disabled = pythonOlder "3.9";
@ -24,7 +24,7 @@ buildPythonPackage rec {
owner = "danielperna84";
repo = pname;
rev = "refs/tags/${version}";
sha256 = "sha256-4HJ4WCEi94dIr7QTpgA/9O2YAyt30L+6xJihKfbC6rg=";
sha256 = "sha256-mU/YOOYlXNQQyzH2t+XZEi2+w8rzcoxIIxrdwAM4C00=";
};
nativeBuildInputs = [

4
pkgs/development/python-modules/imageio/default.nix
View file

@ -16,11 +16,11 @@
buildPythonPackage rec {
pname = "imageio";
version = "2.22.1";
version = "2.22.4";
disabled = pythonOlder "3.7";
src = fetchPypi {
sha256 = "sha256-Rl7DX5GdU4kG0wI7Yczsdm2OdXX+Vfy9dmns5Vr7l8o=";
sha256 = "sha256-D64Cet3wK8icc6VswVethFV/i4uEqhm0y3Bv78otiP8=";
inherit pname version;
};

4
pkgs/development/python-modules/life360/default.nix
View file

@ -8,7 +8,7 @@
buildPythonPackage rec {
pname = "life360";
version = "5.4.0";
version = "5.4.1";
format = "setuptools";
disabled = pythonOlder "3.8";
@ -17,7 +17,7 @@ buildPythonPackage rec {
owner = "pnbruckner";
repo = pname;
rev = "refs/tags/v${version}";
hash = "sha256-AY3TW6gpKST2uxxpmtlLz+qP18yJHyOk6XdA5yGJBEg=";
hash = "sha256-uFKRWTFrc1AYn0Rc8HhcVPkmdAbwFJuj8tXZjglGq8E=";
};
propagatedBuildInputs = [

24
pkgs/development/python-modules/logilab_astng/default.nix
View file

@ -1,24 +0,0 @@
{ lib
, buildPythonPackage
, fetchurl
, logilab-common
}:
buildPythonPackage rec {
pname = "logilab-astng";
version = "0.24.3";
src = fetchurl {
url = "http://download.logilab.org/pub/astng/${pname}-${version}.tar.gz";
sha256 = "0np4wpxyha7013vkkrdy54dvnil67gzi871lg60z8lap0l5h67wn";
};
propagatedBuildInputs = [ logilab-common ];
meta = with lib; {
homepage = "https://www.logilab.org/project/logilab-astng";
description = "Python Abstract Syntax Tree New Generation";
license = licenses.lgpl2;
};
}

4
pkgs/development/python-modules/lupupy/default.nix
View file

@ -9,14 +9,14 @@
buildPythonPackage rec {
pname = "lupupy";
version = "0.2.1";
version = "0.2.3";
format = "setuptools";
disabled = pythonOlder "3.6";
src = fetchPypi {
inherit pname version;
hash = "sha256-c3t7tIDzF9pG4i00rEIsSUMcrrRE0d6yyMIGBMm9D5A=";
hash = "sha256-GR/sCR8BkqfSLCftLrCAaSYYcaYugX3ItM55+KcghL8=";
};
propagatedBuildInputs = [

4
pkgs/development/python-modules/peaqevcore/default.nix
View file

@ -6,14 +6,14 @@
buildPythonPackage rec {
pname = "peaqevcore";
version = "9.0.1";
version = "9.1.0";
format = "setuptools";
disabled = pythonOlder "3.7";
src = fetchPypi {
inherit pname version;
hash = "sha256-Zandkxbok64TopHnpmUShlGP7IOrqShStDU5RuUICNs=";
hash = "sha256-6SA+JdZwF2Q0RrlPlJvsTXDofrluVcQ+hVMlSFYTjxw=";
};
postPatch = ''

24
pkgs/development/python-modules/pyeconet/default.nix
View file

@ -1,23 +1,30 @@
{ lib
, paho-mqtt
, buildPythonPackage
, fetchPypi
, aiohttp
, buildPythonPackage
, fetchFromGitHub
, paho-mqtt
, pythonOlder
, setuptools
}:
buildPythonPackage rec {
pname = "pyeconet";
version = "0.1.15";
format = "setuptools";
version = "0.1.17";
format = "pyproject";
disabled = pythonOlder "3.7";
src = fetchPypi {
inherit pname version;
sha256 = "sha256-zxD2sjKWB/bmxwpVFgkKTngMhr4bVuW+qkSt+pbxqPY=";
src = fetchFromGitHub {
owner = "w1ll1am23";
repo = pname;
rev = "refs/tags/v${version}";
hash = "sha256-ntxITedoJOt5d7V9TSFQHg0oqBEw8jNGeDLM00RRWHI=";
};
nativeBuildInputs = [
setuptools
];
propagatedBuildInputs = [
paho-mqtt
aiohttp
@ -33,6 +40,7 @@ buildPythonPackage rec {
meta = with lib; {
description = "Python interface to the EcoNet API";
homepage = "https://github.com/w1ll1am23/pyeconet";
changelog = "https://github.com/w1ll1am23/pyeconet/releases/tag/v${version}";
license = with licenses; [ mit ];
maintainers = with maintainers; [ fab ];
};

5
pkgs/development/python-modules/pykeyatome/default.nix
View file

@ -13,7 +13,7 @@
buildPythonPackage rec {
pname = "pykeyatome";
version = "2.1.0";
version = "2.1.1";
format = "setuptools";
disabled = pythonOlder "3.8";
@ -22,7 +22,7 @@ buildPythonPackage rec {
owner = "jugla";
repo = "pyKeyAtome";
rev = "refs/tags/V${version}";
sha256 = "sha256-DUnER/Vom5Yc3syx4kPP1WbI7FpC+XGK9X4c1RrJJFk=";
hash = "sha256-/HfWPrpW4NowFmdmU2teIiex1O03bHemnUdhOoEDRgc=";
};
propagatedBuildInputs = [
@ -53,6 +53,7 @@ buildPythonPackage rec {
meta = with lib; {
description = "Python module to get data from Atome Key";
homepage = "https://github.com/jugla/pyKeyAtome";
changelog = "https://github.com/jugla/pyKeyAtome/releases/tag/V${version}";
license = licenses.mit;
maintainers = with maintainers; [ fab ];
};

4
pkgs/development/python-modules/pyvicare/default.nix
View file

@ -10,7 +10,7 @@
buildPythonPackage rec {
pname = "pyvicare";
version = "2.20.0";
version = "2.21.0";
format = "setuptools";
disabled = pythonOlder "3.7";
@ -19,7 +19,7 @@ buildPythonPackage rec {
owner = "somm15";
repo = "PyViCare";
rev = version;
sha256 = "sha256-ZWnUqobpgY3Iy0vsAG9ldCfIHtOjlkkl+gFOfliIIQE=";
sha256 = "sha256-zAm1kN5oRVzoRElIabeMmZYuZQHqrgNqHxbVv/UbN/8=";
};
SETUPTOOLS_SCM_PRETEND_VERSION = version;

4
pkgs/development/python-modules/teslajsonpy/default.nix
View file

@ -15,7 +15,7 @@
buildPythonPackage rec {
pname = "teslajsonpy";
version = "3.5.0";
version = "3.5.1";
format = "pyproject";
disabled = pythonOlder "3.7";
@ -24,7 +24,7 @@ buildPythonPackage rec {
owner = "zabuldon";
repo = pname;
rev = "refs/tags/v${version}";
hash = "sha256-mjKbCy4WalB3kRk1x6bTBLARCW0vrUbSdcvvDP//TzM=";
hash = "sha256-rLpjzH5YI+pTW5SxPOqXXnjDxWv0SBzShOvuBXbvF4c=";
};
nativeBuildInputs = [

63
pkgs/development/python-modules/todoist-api-python/default.nix Normal file
View file

@ -0,0 +1,63 @@
{ lib
, attrs
, buildPythonPackage
, fetchFromGitHub
, fetchpatch
, poetry-core
, pytest-asyncio
, pytestCheckHook
, pythonOlder
, requests
, responses
}:
buildPythonPackage rec {
pname = "todoist-api-python";
version = "2.0.2";
format = "pyproject";
disabled = pythonOlder "3.7";
src = fetchFromGitHub {
owner = "Doist";
repo = pname;
rev = "refs/tags/v${version}";
hash = "sha256-CKOsUb35+7WjSNf4Xo0SK5loIqWJbEnHdmhw9QXWFAI=";
};
patches = [
# Switch to poetry-core, https://github.com/Doist/todoist-api-python/pull/81
(fetchpatch {
name = "switch-to-poetry-core.patch";
url = "https://github.com/Doist/todoist-api-python/commit/42288e066d2f0c69611ab50cb57ca98b8c6bd1ca.patch";
sha256 = "sha256-yq+VVvjPYywvUn+ydyWVQPkiYPYWe9U6w38G54L2lkE=";
})
];
nativeBuildInputs = [
poetry-core
];
propagatedBuildInputs = [
attrs
requests
];
checkInputs = [
pytest-asyncio
pytestCheckHook
responses
];
pythonImportsCheck = [
"todoist_api_python"
];
meta = with lib; {
description = "Library for the Todoist REST API";
homepage = "https://github.com/Doist/todoist-api-python";
changelog = "https://github.com/Doist/todoist-api-python/blob/v${version}/CHANGELOG.md";
license = with licenses; [ mit ];
maintainers = with maintainers; [ fab ];
};
}

22
pkgs/development/python-modules/todoist/default.nix
View file

@ -1,21 +1,33 @@
{ lib, fetchPypi, buildPythonPackage
, requests, pythonOlder, typing
{ lib
, fetchPypi
, buildPythonPackage
, requests
, pythonOlder
}:
buildPythonPackage rec {
pname = "todoist-python";
version = "8.1.3";
format = "setuptools";
disabled = pythonOlder "3.7";
src = fetchPypi {
inherit pname version;
sha256 = "sha256-AFRKA5VRD6jyiguZYP7WOQOWqHq1GjUzbuez0f1070U=";
hash = "sha256-AFRKA5VRD6jyiguZYP7WOQOWqHq1GjUzbuez0f1070U=";
};
propagatedBuildInputs = [ requests ] ++ lib.optional (pythonOlder "3.5") typing;
propagatedBuildInputs = [
requests
];
pythonImportsCheck = [
"todoist"
];
meta = with lib; {
description = "The official Todoist Python API library";
homepage = "https://todoist-python.readthedocs.io/en/latest/";
homepage = "https://todoist-python.readthedocs.io/";
license = licenses.mit;
maintainers = with maintainers; [ ];
};

4
pkgs/development/tools/clj-kondo/default.nix
View file

@ -2,11 +2,11 @@
buildGraalvmNativeImage rec {
pname = "clj-kondo";
version = "2022.12.08";
version = "2022.12.10";
src = fetchurl {
url = "https://github.com/clj-kondo/${pname}/releases/download/v${version}/${pname}-${version}-standalone.jar";
sha256 = "sha256-9BFu9vD+DrMW/25do5jWhBU1Dog7XaiWhBxFIBgR6io=";
sha256 = "sha256-7o2VFPNhV+GLcUJCJWcHwcp1mCa1q9KG98nUP4/6MeU=";
};
extraNativeImageBuildArgs = [

25
pkgs/development/tools/kubernetes-code-generator/default.nix Normal file
View file

@ -0,0 +1,25 @@
{ lib, buildGoModule, fetchFromGitHub }:
buildGoModule rec {
pname = "code-generator";
version = "0.25.4";
src = fetchFromGitHub {
owner = "kubernetes";
repo = pname;
rev = "v${version}";
hash = "sha256-GKF6DXvyZujInOZbV0ePUu71BEl1s/chNTN1PucdIYw=";
};
vendorHash = "sha256-zjgTtGen6a8TPi/DrwheTS1VQ+hd+KI7UHoyMZ4W4+k=";
ldflags = [ "-s" "-w" ];
meta = with lib; {
homepage = "https://github.com/kubernetes/code-generator";
changelog = "https://github.com/kubernetes/code-generator/releases/tag/v${version}";
description = "Kubernetes code generation";
license = licenses.asl20;
maintainers = with maintainers; [ urandom ];
};
}

8
pkgs/servers/home-assistant/component-packages.nix
View file

@ -181,6 +181,7 @@
]; # missing inputs: sharp_aquos_rc
"aranet" = ps: with ps; [
aiohttp-cors
aranet4
bleak-retry-connector
bleak
bluetooth-adapters
@ -194,7 +195,7 @@
pyserial
pyudev
sqlalchemy
]; # missing inputs: aranet4
];
"arcam_fmj" = ps: with ps; [
arcam-fmj
];
@ -1898,7 +1899,8 @@
pylitterbot
];
"livisi" = ps: with ps; [
]; # missing inputs: aiolivisi
aiolivisi
];
"llamalab_automate" = ps: with ps; [
];
"local_calendar" = ps: with ps; [
@ -4115,6 +4117,7 @@
"application_credentials"
"apprise"
"aprs"
"aranet"
"arcam_fmj"
"aseko_pool_live"
"asuswrt"
@ -4396,6 +4399,7 @@
"lifx"
"light"
"litterrobot"
"livisi"
"local_calendar"
"local_file"
"local_ip"

14
pkgs/servers/nextcloud/default.nix
View file

@ -4,7 +4,9 @@ let
generic = {
version, sha256,
eol ? false, extraVulnerabilities ? []
}: stdenv.mkDerivation rec {
}: let
major = lib.versions.major version;
in stdenv.mkDerivation rec {
pname = "nextcloud";
inherit version;
@ -13,7 +15,7 @@ let
inherit sha256;
};
patches = [ ./0001-Setup-remove-custom-dbuser-creation-behavior.patch ];
patches = [ (./patches + "/v${major}/0001-Setup-remove-custom-dbuser-creation-behavior.patch") ];
passthru.tests = nixosTests.nextcloud;
@ -48,13 +50,13 @@ in {
'';
nextcloud24 = generic {
version = "24.0.7";
sha256 = "a1c7344a4eb27260a9f6f6e6f586bdc4fb35e1e9330e1a6e8d46c05634db6384";
version = "24.0.8";
sha256 = "a5c3a070516debba991355e6b737b261396b15b9f2cd939617611ab0bed99299";
};
nextcloud25 = generic {
version = "25.0.1";
sha256 = "72d4076924caf19139c40178597af6211799e20440ce196fb43b9c4e47d77515";
version = "25.0.2";
sha256 = "d6ab40faa108937bda42395f570ff111f4c97343b55be1420024da3177e37d59";
};
# tip: get the sha with:

0
pkgs/servers/nextcloud/0001-Setup-remove-custom-dbuser-creation-behavior.patch → pkgs/servers/nextcloud/patches/v24/0001-Setup-remove-custom-dbuser-creation-behavior.patch
View file

146
pkgs/servers/nextcloud/patches/v25/0001-Setup-remove-custom-dbuser-creation-behavior.patch Normal file
View file

@ -0,0 +1,146 @@
From fc3e14155b3c4300b691ab46579830e725457a54 Mon Sep 17 00:00:00 2001
From: Maximilian Bosch <maximilian@mbosch.me>
Date: Sat, 10 Sep 2022 15:18:05 +0200
Subject: [PATCH] Setup: remove custom dbuser creation behavior
Both PostgreSQL and MySQL can be authenticated against from Nextcloud by
supplying a database password. Now, during setup the following things
happen:
* When using postgres and the db user has elevated permissions, a new
unprivileged db user is created and the settings `dbuser`/`dbpass` are
altered in `config.php`.
* When using MySQL, the password is **always** regenerated since
24.0.5/23.0.9[1].
I consider both cases problematic: the reason why people do configuration
management is to have it as single source of truth! So, IMHO any
application that silently alters config and thus causes deployed
nodes to diverge from the configuration is harmful for that.
I guess it was sheer luck that it worked for so long in NixOS because
nobody has apparently used password authentication with a privileged
user to operate Nextcloud (which is a good thing in fact).
[1] https://github.com/nextcloud/server/pull/33513
---
lib/private/Setup/MySQL.php | 53 --------------------------------
lib/private/Setup/PostgreSQL.php | 37 ----------------------
2 files changed, 90 deletions(-)
diff --git a/lib/private/Setup/MySQL.php b/lib/private/Setup/MySQL.php
index e3004c269bc..bc958e84e44 100644
--- a/lib/private/Setup/MySQL.php
+++ b/lib/private/Setup/MySQL.php
@@ -141,59 +141,6 @@ class MySQL extends AbstractDatabase {
$rootUser = $this->dbUser;
$rootPassword = $this->dbPassword;
- //create a random password so we don't need to store the admin password in the config file
- $saveSymbols = str_replace(['\"', '\\', '\'', '`'], '', ISecureRandom::CHAR_SYMBOLS);
- $password = $this->random->generate(22, ISecureRandom::CHAR_ALPHANUMERIC . $saveSymbols)
- . $this->random->generate(2, ISecureRandom::CHAR_UPPER)
- . $this->random->generate(2, ISecureRandom::CHAR_LOWER)
- . $this->random->generate(2, ISecureRandom::CHAR_DIGITS)
- . $this->random->generate(2, $saveSymbols)
- ;
- $this->dbPassword = str_shuffle($password);
-
- try {
- //user already specified in config
- $oldUser = $this->config->getValue('dbuser', false);
-
- //we don't have a dbuser specified in config
- if ($this->dbUser !== $oldUser) {
- //add prefix to the admin username to prevent collisions
- $adminUser = substr('oc_' . $username, 0, 16);
-
- $i = 1;
- while (true) {
- //this should be enough to check for admin rights in mysql
- $query = 'SELECT user FROM mysql.user WHERE user=?';
- $result = $connection->executeQuery($query, [$adminUser]);
-
- //current dbuser has admin rights
- $data = $result->fetchAll();
- $result->closeCursor();
- //new dbuser does not exist
- if (count($data) === 0) {
- //use the admin login data for the new database user
- $this->dbUser = $adminUser;
- $this->createDBUser($connection);
-
- break;
- } else {
- //repeat with different username
- $length = strlen((string)$i);
- $adminUser = substr('oc_' . $username, 0, 16 - $length) . $i;
- $i++;
- }
- }
- }
- } catch (\Exception $ex) {
- $this->logger->info('Can not create a new MySQL user, will continue with the provided user.', [
- 'exception' => $ex,
- 'app' => 'mysql.setup',
- ]);
- // Restore the original credentials
- $this->dbUser = $rootUser;
- $this->dbPassword = $rootPassword;
- }
-
$this->config->setValues([
'dbuser' => $this->dbUser,
'dbpassword' => $this->dbPassword,
diff --git a/lib/private/Setup/PostgreSQL.php b/lib/private/Setup/PostgreSQL.php
index af816c7ad04..e49e5508e15 100644
--- a/lib/private/Setup/PostgreSQL.php
+++ b/lib/private/Setup/PostgreSQL.php
@@ -45,43 +45,6 @@ class PostgreSQL extends AbstractDatabase {
$connection = $this->connect([
'dbname' => 'postgres'
]);
- //check for roles creation rights in postgresql
- $builder = $connection->getQueryBuilder();
- $builder->automaticTablePrefix(false);
- $query = $builder
- ->select('rolname')
- ->from('pg_roles')
- ->where($builder->expr()->eq('rolcreaterole', new Literal('TRUE')))
- ->andWhere($builder->expr()->eq('rolname', $builder->createNamedParameter($this->dbUser)));
-
- try {
- $result = $query->execute();
- $canCreateRoles = $result->rowCount() > 0;
- } catch (DatabaseException $e) {
- $canCreateRoles = false;
- }
-
- if ($canCreateRoles) {
- $connectionMainDatabase = $this->connect();
- //use the admin login data for the new database user
-
- //add prefix to the postgresql user name to prevent collisions
- $this->dbUser = 'oc_' . strtolower($username);
- //create a new password so we don't need to store the admin config in the config file
- $this->dbPassword = \OC::$server->getSecureRandom()->generate(30, ISecureRandom::CHAR_ALPHANUMERIC);
-
- $this->createDBUser($connection);
-
- // Go to the main database and grant create on the public schema
- // The code below is implemented to make installing possible with PostgreSQL version 15:
- // https://www.postgresql.org/docs/release/15.0/
- // From the release notes: For new databases having no need to defend against insider threats, granting CREATE permission will yield the behavior of prior releases
- // Therefore we assume that the database is only used by one user/service which is Nextcloud
- // Additional services should get installed in a separate database in order to stay secure
- // Also see https://www.postgresql.org/docs/15/ddl-schemas.html#DDL-SCHEMAS-PATTERNS
- $connectionMainDatabase->executeQuery('GRANT CREATE ON SCHEMA public TO ' . addslashes($this->dbUser));
- $connectionMainDatabase->close();
- }
$this->config->setValues([
'dbuser' => $this->dbUser,
--
2.38.1

6
pkgs/servers/rtsp-simple-server/default.nix
View file

@ -5,16 +5,16 @@
buildGoModule rec {
pname = "rtsp-simple-server";
version = "0.20.2";
version = "0.20.3";
src = fetchFromGitHub {
owner = "aler9";
repo = pname;
rev = "v${version}";
hash = "sha256-diBMOVEZYKQlGBTU6pZpc1pG71Ad0qbXc+NLLxTczFk=";
hash = "sha256-InuOHVhqh/MWBzE5xSQLP1/WWI/ayVFqOlA1ZjgNyVE=";
};
vendorSha256 = "sha256-62Jayh1blz5tbRtYxpPaSCJkRgpaTIcmw7lCuJ0JtIU=";
vendorSha256 = "sha256-Egv9MCGSMd8RWjcXFKSU7LuoRgVwxiwzeSso9cuZ+ds=";
# Tests need docker
doCheck = false;

21
pkgs/tools/backup/tsm-client/default.nix
View file

@ -53,17 +53,14 @@
# going to the `downloadPage` (see `meta` below).
# Find the "Backup-archive client" table on that page.
# Look for "Download Documents" of the latest release.
# Here, two links must be checked if existing:
# * "IBM Spectrum Protect Client ... Downloads and READMEs":
# In the table at the page's bottom,
# check the date of the "Linux x86_64 client"
# * "IBM Spectrum Protect BA client ... interim fix downloads"
# Look for the "Linux x86_64 client ..." rows
# in the table at the bottom of each page.
# Follow the "HTTPS" link of the row with the latest date stamp.
# In the directory listing to show up, pick the big `.tar` file.
# Follow the "Download Information" link.
# Look for the "Linux x86_64 client ..." rows in the table at
# the bottom of the page and follow their "HTTPS" links (one
# link per row -- each link might point to the latest release).
# In the directory listings to show up,
# check the big `.tar` file.
#
# (as of 2022-09-29)
# (as of 2022-12-10)
let
@ -108,10 +105,10 @@ let
unwrapped = stdenv.mkDerivation rec {
name = "tsm-client-${version}-unwrapped";
version = "8.1.15.2";
version = "8.1.17.0";
src = fetchurl {
url = mkSrcUrl version;
hash = "sha512-ljygVoW7zR+LVHf4LSoBn3qEHISobsxheLxs9NyKWQiwPWpfhSgJO+bX4QRzAmrpSTNrETxHkuXqzGSHaaBlzg==";
hash = "sha512-MP8BjnESFoEzl6jdhtuwX9PolDF7o4QL7i1NeDV0ltIJMUOqSeAULpTJ1bbErJokJSbrj41kDwMVI+ZuAUb1eA==";
};
inherit meta passthru;

13
pkgs/tools/misc/mpdscribble/default.nix
View file

@ -1,6 +1,7 @@
{ lib
, stdenv
, fetchurl
, fetchpatch
, pkg-config
, meson
, ninja
@ -20,20 +21,26 @@ stdenv.mkDerivation rec {
sha256 = "sha256-9rTLp0izuH5wUnC0kjyOI+lMLgD+3VC+sUaNvi+yqOc=";
};
# Fix build issue on darwin; to be removed after the next release
patches = [(fetchpatch {
name = "remove-empty-static-lib.patch";
url = "https://github.com/MusicPlayerDaemon/mpdscribble/commit/0dbcea25c81f3fdc608f71ef71a9784679fee17f.patch";
sha256 = "sha256-3wLfQvbwx+OFrCl5vMV7Zps4e4iEYFhqPiVCo5hDqgw=";
})];
nativeBuildInputs = [ pkg-config meson ninja ];
buildInputs = [
libmpdclient
curl
boost
libgcrypt
systemd
];
] ++ lib.optional stdenv.isLinux systemd;
meta = with lib; {
description = "A MPD client which submits info about tracks being played to a scrobbler";
homepage = "https://www.musicpd.org/clients/mpdscribble/";
license = licenses.gpl2Plus;
maintainers = [ maintainers.sohalt ];
platforms = platforms.linux;
platforms = platforms.unix;
};
}

4
pkgs/tools/misc/phrase-cli/default.nix
View file

@ -2,13 +2,13 @@
buildGoModule rec {
pname = "phrase-cli";
version = "2.6.0";
version = "2.6.1";
src = fetchFromGitHub {
owner = "phrase";
repo = "phrase-cli";
rev = version;
sha256 = "sha256-ykCkdx14owRZ3WMrAJWLMXuNWrHATw4OphbDVMyB5h0=";
sha256 = "sha256-wHMypCMSfv4OXpZvqhVfQeuGRTNuI6WlCwY2e3L3XFs=";
};
vendorSha256 = "sha256-LlMBV52CG1uYW7I/e0VwoIIr0wk3ysc5gqrAlFRPsvE=";

6
pkgs/tools/networking/hysteria/default.nix
View file

@ -4,16 +4,16 @@
}:
buildGoModule rec {
pname = "hysteria";
version = "1.3.1";
version = "1.3.2";
src = fetchFromGitHub {
owner = "HyNetwork";
repo = pname;
rev = "v${version}";
sha256 = "sha256-va/2eCi7wu8YMKf/I0ZiDFAY/shaHA/boF1PCYFolwM=";
sha256 = "sha256-9ib/29yCfI4oS2yZQUePzZ+5FVTevvJCPjpTXmKnKeA=";
};
vendorSha256 = "sha256-a24NyJDatyM+j29vyY5zbPRhRTOGfa2c1FkZdKpDvxk=";
vendorSha256 = "sha256-sRPnPKVuvcUHEldKVpgmGFGpwOSK5qh4EfeUQMFdMw8=";
proxyVendor = true;
ldflags = [

29
pkgs/tools/security/cyclonedx-gomod/default.nix Normal file
View file

@ -0,0 +1,29 @@
{ lib
, buildGoModule
, fetchFromGitHub
}:
buildGoModule rec {
pname = "cyclonedx-gomod";
version = "1.3.0";
src = fetchFromGitHub {
owner = "CycloneDX";
repo = pname;
rev = "v${version}";
hash = "sha256-jUTSPsnGStP4aPfYS4kWiFiIEDnGkfg1Zm4EX+eD4Wo=";
};
vendorHash = "sha256-ZiIift8On6vpu8IKI/GD3WFaFb2Xd54t8FJJqwR4tsM=";
# Tests require network access and cyclonedx executable
doCheck = false;
meta = with lib; {
description = "Tool to create CycloneDX Software Bill of Materials (SBOM) from Go modules";
homepage = "https://github.com/CycloneDX/cyclonedx-gomod";
changelog = "https://github.com/CycloneDX/cyclonedx-gomod/releases/tag/v${version}";
license = licenses.asl20;
maintainers = with maintainers; [ fab ];
};
}

6
pkgs/tools/security/tlsx/default.nix
View file

@ -5,16 +5,16 @@
buildGoModule rec {
pname = "tlsx";
version = "0.0.9";
version = "1.0.0";
src = fetchFromGitHub {
owner = "projectdiscovery";
repo = pname;
rev = "v${version}";
hash = "sha256-DcC08KmSXYOk4jlU0KIdu5zziWZLYlWetN+/ZGaY4RQ=";
hash = "sha256-IkN7AhfQ998eH50DcvTsSg9x2QwC7Ccpx+sZNa8nlSA=";
};
vendorHash = "sha256-MC7mS+GMfQUZPW6i/lDPW8qAHzT1Cr7gYYG9V4CTCM0=";
vendorHash = "sha256-cDKifPNXXMSRKtl0yWTJj5FwBt545eYAlbgJbgEj6L8=";
# Tests require network access
doCheck = false;

4
pkgs/top-level/all-packages.nix
View file

@ -2938,6 +2938,8 @@ with pkgs;
cyclone-scheme = callPackage ../development/interpreters/cyclone { };
cyclonedx-gomod = callPackage ../tools/security/cyclonedx-gomod { };
cyclonedx-python = callPackage ../tools/misc/cyclonedx-python { };
dcap = callPackage ../tools/networking/dcap { };
@ -30079,6 +30081,8 @@ with pkgs;
kiln = callPackage ../applications/misc/kiln { };
kubernetes-code-generator = callPackage ../development/tools/kubernetes-code-generator {};
kubernetes-controller-tools = callPackage ../development/tools/kubernetes-controller-tools { };
kubernetes-helm = callPackage ../applications/networking/cluster/helm { };

1
pkgs/top-level/python-aliases.nix
View file

@ -109,6 +109,7 @@ mapAliases ({
Keras = keras; # added 2021-11-25
ldap = python-ldap; # added 2022-09-16
lammps-cython = throw "lammps-cython no longer builds and is unmaintained"; # added 2021-07-04
logilab_astng = throw "logilab-astng has not been released since 2013 and is unmaintained"; # added 2022-11-29
logilab_common = logilab-common; # added 2022-11-21
loo-py = loopy; # added 2022-05-03
Markups = markups; # added 2022-02-14

8
pkgs/top-level/python-packages.nix
View file

@ -244,6 +244,8 @@ self: super: with self; {
aiolip = callPackage ../development/python-modules/aiolip { };
aiolivisi = callPackage ../development/python-modules/aiolivisi { };
aiolyric = callPackage ../development/python-modules/aiolyric { };
aiomisc = callPackage ../development/python-modules/aiomisc { };
@ -546,6 +548,8 @@ self: super: with self; {
arabic-reshaper = callPackage ../development/python-modules/arabic-reshaper { };
aranet4 = callPackage ../development/python-modules/aranet4 { };
arc4 = callPackage ../development/python-modules/arc4 { };
arcam-fmj = callPackage ../development/python-modules/arcam-fmj { };
@ -5409,8 +5413,6 @@ self: super: with self; {
logical-unification = callPackage ../development/python-modules/logical-unification { };
logilab_astng = callPackage ../development/python-modules/logilab_astng { };
logilab-common = callPackage ../development/python-modules/logilab/common.nix { };
logilab-constraint = callPackage ../development/python-modules/logilab/constraint.nix { };
@ -11207,6 +11209,8 @@ self: super: with self; {
todoist = callPackage ../development/python-modules/todoist { };
todoist-api-python = callPackage ../development/python-modules/todoist-api-python { };
toggl-cli = callPackage ../development/python-modules/toggl-cli { };
token-bucket = callPackage ../development/python-modules/token-bucket { };