Merge master into haskell-updates
This commit is contained in:
commit
4404ed785e
|
@ -0,0 +1,11 @@
|
|||
--[[
|
||||
Converts some HTML elements commonly used in Markdown to corresponding DocBook elements.
|
||||
]]
|
||||
|
||||
function RawInline(elem)
|
||||
if elem.format == 'html' and elem.text == '<kbd>' then
|
||||
return pandoc.RawInline('docbook', '<keycap>')
|
||||
elseif elem.format == 'html' and elem.text == '</kbd>' then
|
||||
return pandoc.RawInline('docbook', '</keycap>')
|
||||
end
|
||||
end
|
|
@ -22,6 +22,7 @@ with pkgs; stdenv.mkDerivation {
|
|||
docgen lists 'List manipulation functions'
|
||||
docgen debug 'Debugging functions'
|
||||
docgen options 'NixOS / nixpkgs option handling'
|
||||
docgen filesystem 'Filesystem functions'
|
||||
docgen sources 'Source filtering functions'
|
||||
'';
|
||||
}
|
||||
|
|
|
@ -26,5 +26,7 @@
|
|||
|
||||
<xi:include href="./library/generated/options.xml" />
|
||||
|
||||
<xi:include href="./library/generated/filesystem.xml" />
|
||||
|
||||
<xi:include href="./library/generated/sources.xml" />
|
||||
</section>
|
||||
|
|
|
@ -1,9 +1,23 @@
|
|||
# Functions for copying sources to the Nix store.
|
||||
{ lib }:
|
||||
{ # haskellPathsInDir : Path -> Map String Path
|
||||
# A map of all haskell packages defined in the given path,
|
||||
# identified by having a cabal file with the same name as the
|
||||
# directory itself.
|
||||
haskellPathsInDir = root:
|
||||
|
||||
let
|
||||
inherit (lib.strings)
|
||||
hasPrefix
|
||||
;
|
||||
in
|
||||
|
||||
{
|
||||
/*
|
||||
A map of all haskell packages defined in the given path,
|
||||
identified by having a cabal file with the same name as the
|
||||
directory itself.
|
||||
|
||||
Type: Path -> Map String Path
|
||||
*/
|
||||
haskellPathsInDir =
|
||||
# The directory within to search
|
||||
root:
|
||||
let # Files in the root
|
||||
root-files = builtins.attrNames (builtins.readDir root);
|
||||
# Files with their full paths
|
||||
|
@ -17,15 +31,18 @@
|
|||
builtins.pathExists (value + "/${name}.cabal")
|
||||
) root-files-with-paths;
|
||||
in builtins.listToAttrs cabal-subdirs;
|
||||
# locateDominatingFile : RegExp
|
||||
# -> Path
|
||||
# -> Nullable { path : Path;
|
||||
# matches : [ MatchResults ];
|
||||
# }
|
||||
# Find the first directory containing a file matching 'pattern'
|
||||
# upward from a given 'file'.
|
||||
# Returns 'null' if no directories contain a file matching 'pattern'.
|
||||
locateDominatingFile = pattern: file:
|
||||
/*
|
||||
Find the first directory containing a file matching 'pattern'
|
||||
upward from a given 'file'.
|
||||
Returns 'null' if no directories contain a file matching 'pattern'.
|
||||
|
||||
Type: RegExp -> Path -> Nullable { path : Path; matches : [ MatchResults ]; }
|
||||
*/
|
||||
locateDominatingFile =
|
||||
# The pattern to search for
|
||||
pattern:
|
||||
# The file to start searching upward from
|
||||
file:
|
||||
let go = path:
|
||||
let files = builtins.attrNames (builtins.readDir path);
|
||||
matches = builtins.filter (match: match != null)
|
||||
|
@ -44,10 +61,15 @@
|
|||
in go (if isDir then file else parent);
|
||||
|
||||
|
||||
# listFilesRecursive: Path -> [ Path ]
|
||||
#
|
||||
# Given a directory, return a flattened list of all files within it recursively.
|
||||
listFilesRecursive = dir: lib.flatten (lib.mapAttrsToList (name: type:
|
||||
/*
|
||||
Given a directory, return a flattened list of all files within it recursively.
|
||||
|
||||
Type: Path -> [ Path ]
|
||||
*/
|
||||
listFilesRecursive =
|
||||
# The path to recursively list
|
||||
dir:
|
||||
lib.flatten (lib.mapAttrsToList (name: type:
|
||||
if type == "directory" then
|
||||
lib.filesystem.listFilesRecursive (dir + "/${name}")
|
||||
else
|
||||
|
|
|
@ -326,10 +326,10 @@
|
|||
name = "Maxwell Huang-Hobbs";
|
||||
};
|
||||
adjacentresearch = {
|
||||
email = "nate@adjacentresearch.xyz";
|
||||
github = "0xperp";
|
||||
githubId = 96147421;
|
||||
name = "0xperp";
|
||||
email = "nate@adjacentresearch.xyz";
|
||||
github = "0xperp";
|
||||
githubId = 96147421;
|
||||
name = "0xperp";
|
||||
};
|
||||
adnelson = {
|
||||
email = "ithinkican@gmail.com";
|
||||
|
@ -528,10 +528,10 @@
|
|||
name = "Aksh Gupta";
|
||||
};
|
||||
alapshin = {
|
||||
email = "alapshin@fastmail.com";
|
||||
github = "alapshin";
|
||||
githubId = 321946;
|
||||
name = "Andrei Lapshin";
|
||||
email = "alapshin@fastmail.com";
|
||||
github = "alapshin";
|
||||
githubId = 321946;
|
||||
name = "Andrei Lapshin";
|
||||
};
|
||||
albakham = {
|
||||
email = "dev@geber.ga";
|
||||
|
@ -5760,7 +5760,7 @@
|
|||
githubId = 40234257;
|
||||
name = "ilkecan bozdogan";
|
||||
};
|
||||
not-my-segfault = {
|
||||
not-my-segfault = {
|
||||
email = "michal@tar.black";
|
||||
matrix = "@michal:tar.black";
|
||||
github = "not-my-segfault";
|
||||
|
@ -10755,6 +10755,15 @@
|
|||
fingerprint = "B00F E582 FD3F 0732 EA48 3937 F558 14E4 D687 4375";
|
||||
}];
|
||||
};
|
||||
PlayerNameHere = {
|
||||
name = "Dixon Sean Low Yan Feng";
|
||||
email = "dixonseanlow@protonmail.com";
|
||||
github = "PlayerNameHere";
|
||||
githubId = 56017218;
|
||||
keys = [{
|
||||
fingerprint = "E6F4 BFB4 8DE3 893F 68FC A15F FF5F 4B30 A41B BAC8";
|
||||
}];
|
||||
};
|
||||
plchldr = {
|
||||
email = "mail@oddco.de";
|
||||
github = "plchldr";
|
||||
|
@ -10767,6 +10776,12 @@
|
|||
githubId = 358550;
|
||||
name = "Philip Lykke Carlsen";
|
||||
};
|
||||
pleshevskiy = {
|
||||
email = "dmitriy@pleshevski.ru";
|
||||
github = "pleshevskiy";
|
||||
githubId = 7839004;
|
||||
name = "Dmitriy Pleshevskiy";
|
||||
};
|
||||
plumps = {
|
||||
email = "maks.bronsky@web.de";
|
||||
github = "plumps";
|
||||
|
@ -14076,11 +14091,11 @@
|
|||
name = "Urban Skudnik";
|
||||
};
|
||||
usrfriendly = {
|
||||
name = "Arin Lares";
|
||||
email = "arinlares@gmail.com";
|
||||
github = "usrfriendly";
|
||||
githubId = 2502060;
|
||||
};
|
||||
name = "Arin Lares";
|
||||
email = "arinlares@gmail.com";
|
||||
github = "usrfriendly";
|
||||
githubId = 2502060;
|
||||
};
|
||||
utdemir = {
|
||||
email = "me@utdemir.com";
|
||||
github = "utdemir";
|
||||
|
|
|
@ -63,7 +63,7 @@ luaepnf,,,,,,
|
|||
luaevent,,,,,,
|
||||
luaexpat,,,,1.4.1-1,,arobyn flosse
|
||||
luaffi,,,http://luarocks.org/dev,,,
|
||||
luafilesystem,,,,1.7.0-2,,flosse
|
||||
luafilesystem,,,,1.8.0-1,,flosse
|
||||
lualogging,,,,,,
|
||||
luaossl,,,,,5.1,
|
||||
luaposix,,,,34.1.1-1,,vyp lblasc
|
||||
|
|
|
|
@ -1,35 +1,135 @@
|
|||
<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-booting-from-usb">
|
||||
<title>Booting from a USB Drive</title>
|
||||
<title>Booting from a USB flash drive</title>
|
||||
<para>
|
||||
For systems without CD drive, the NixOS live CD can be booted from a
|
||||
USB stick. You can use the <literal>dd</literal> utility to write
|
||||
the image: <literal>dd if=path-to-image of=/dev/sdX</literal>. Be
|
||||
careful about specifying the correct drive; you can use the
|
||||
<literal>lsblk</literal> command to get a list of block devices.
|
||||
The image has to be written verbatim to the USB flash drive for it
|
||||
to be bootable on UEFI and BIOS systems. Here are the recommended
|
||||
tools to do that.
|
||||
</para>
|
||||
<note>
|
||||
<title>On macOS</title>
|
||||
<section xml:id="sec-booting-from-usb-graphical">
|
||||
<title>Creating bootable USB flash drive with a graphical
|
||||
tool</title>
|
||||
<para>
|
||||
Etcher is a popular and user-friendly tool. It works on Linux,
|
||||
Windows and macOS.
|
||||
</para>
|
||||
<para>
|
||||
Download it from
|
||||
<link xlink:href="https://www.balena.io/etcher/">balena.io</link>,
|
||||
start the program, select the downloaded NixOS ISO, then select
|
||||
the USB flash drive and flash it.
|
||||
</para>
|
||||
<warning>
|
||||
<para>
|
||||
Etcher reports errors and usage statistics by default, which can
|
||||
be disabled in the settings.
|
||||
</para>
|
||||
</warning>
|
||||
<para>
|
||||
An alternative is
|
||||
<link xlink:href="https://bztsrc.gitlab.io/usbimager">USBImager</link>,
|
||||
which is very simple and does not connect to the internet.
|
||||
Download the version with write-only (wo) interface for your
|
||||
system. Start the program, select the image, select the USB flash
|
||||
drive and click <quote>Write</quote>.
|
||||
</para>
|
||||
</section>
|
||||
<section xml:id="sec-booting-from-usb-linux">
|
||||
<title>Creating bootable USB flash drive from a Terminal on
|
||||
Linux</title>
|
||||
<orderedlist numeration="arabic" spacing="compact">
|
||||
<listitem>
|
||||
<para>
|
||||
Plug in the USB flash drive.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
Find the corresponding device with <literal>lsblk</literal>.
|
||||
You can distinguish them by their size.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
Make sure all partitions on the device are properly unmounted.
|
||||
Replace <literal>sdX</literal> with your device (e.g.
|
||||
<literal>sdb</literal>).
|
||||
</para>
|
||||
</listitem>
|
||||
</orderedlist>
|
||||
<programlisting>
|
||||
$ diskutil list
|
||||
[..]
|
||||
/dev/diskN (external, physical):
|
||||
#: TYPE NAME SIZE IDENTIFIER
|
||||
[..]
|
||||
$ diskutil unmountDisk diskN
|
||||
Unmount of all volumes on diskN was successful
|
||||
$ sudo dd if=nix.iso of=/dev/rdiskN bs=1M
|
||||
sudo umount /dev/sdX*
|
||||
</programlisting>
|
||||
<orderedlist numeration="arabic" spacing="compact">
|
||||
<listitem override="4">
|
||||
<para>
|
||||
Then use the <literal>dd</literal> utility to write the image
|
||||
to the USB flash drive.
|
||||
</para>
|
||||
</listitem>
|
||||
</orderedlist>
|
||||
<programlisting>
|
||||
sudo dd if=<path-to-image> of=/dev/sdX bs=4M conv=fsync
|
||||
</programlisting>
|
||||
</section>
|
||||
<section xml:id="sec-booting-from-usb-macos">
|
||||
<title>Creating bootable USB flash drive from a Terminal on
|
||||
macOS</title>
|
||||
<orderedlist numeration="arabic" spacing="compact">
|
||||
<listitem>
|
||||
<para>
|
||||
Plug in the USB flash drive.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
Find the corresponding device with
|
||||
<literal>diskutil list</literal>. You can distinguish them by
|
||||
their size.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
Make sure all partitions on the device are properly unmounted.
|
||||
Replace <literal>diskX</literal> with your device (e.g.
|
||||
<literal>disk1</literal>).
|
||||
</para>
|
||||
</listitem>
|
||||
</orderedlist>
|
||||
<programlisting>
|
||||
diskutil unmountDisk diskX
|
||||
</programlisting>
|
||||
<orderedlist numeration="arabic" spacing="compact">
|
||||
<listitem override="4">
|
||||
<para>
|
||||
Then use the <literal>dd</literal> utility to write the image
|
||||
to the USB flash drive.
|
||||
</para>
|
||||
</listitem>
|
||||
</orderedlist>
|
||||
<programlisting>
|
||||
sudo dd if=<path-to-image> of=/dev/rdiskX bs=4m
|
||||
</programlisting>
|
||||
<para>
|
||||
Using the 'raw' <literal>rdiskN</literal> device instead of
|
||||
<literal>diskN</literal> completes in minutes instead of hours.
|
||||
After <literal>dd</literal> completes, a GUI dialog "The disk
|
||||
you inserted was not readable by this computer" will pop up,
|
||||
which can be ignored.
|
||||
</para>
|
||||
</note>
|
||||
<para>
|
||||
The <literal>dd</literal> utility will write the image verbatim to
|
||||
the drive, making it the recommended option for both UEFI and
|
||||
non-UEFI installations.
|
||||
</para>
|
||||
<note>
|
||||
<para>
|
||||
Using the 'raw' <literal>rdiskX</literal> device instead of
|
||||
<literal>diskX</literal> with dd completes in minutes instead of
|
||||
hours.
|
||||
</para>
|
||||
</note>
|
||||
<orderedlist numeration="arabic" spacing="compact">
|
||||
<listitem override="5">
|
||||
<para>
|
||||
Eject the disk when it is finished.
|
||||
</para>
|
||||
</listitem>
|
||||
</orderedlist>
|
||||
<programlisting>
|
||||
diskutil eject /dev/diskX
|
||||
</programlisting>
|
||||
</section>
|
||||
</section>
|
||||
|
|
File diff suppressed because it is too large
Load diff
|
@ -2,16 +2,15 @@
|
|||
<title>Obtaining NixOS</title>
|
||||
<para>
|
||||
NixOS ISO images can be downloaded from the
|
||||
<link xlink:href="https://nixos.org/nixos/download.html">NixOS
|
||||
download page</link>. There are a number of installation options. If
|
||||
you happen to have an optical drive and a spare CD, burning the
|
||||
image to CD and booting from that is probably the easiest option.
|
||||
Most people will need to prepare a USB stick to boot from.
|
||||
<xref linkend="sec-booting-from-usb" /> describes the preferred
|
||||
method to prepare a USB stick. A number of alternative methods are
|
||||
presented in the
|
||||
<link xlink:href="https://nixos.wiki/wiki/NixOS_Installation_Guide#Making_the_installation_media">NixOS
|
||||
Wiki</link>.
|
||||
<link xlink:href="https://nixos.org/download.html#nixos-iso">NixOS
|
||||
download page</link>. Follow the instructions in
|
||||
<xref linkend="sec-booting-from-usb" /> to create a bootable USB
|
||||
flash drive.
|
||||
</para>
|
||||
<para>
|
||||
If you have a very old system that can’t boot from USB, you can burn
|
||||
the image to an empty CD. NixOS might not work very well on such
|
||||
systems.
|
||||
</para>
|
||||
<para>
|
||||
As an alternative to installing NixOS yourself, you can get a
|
||||
|
@ -23,16 +22,16 @@
|
|||
Using virtual appliances in Open Virtualization Format (OVF)
|
||||
that can be imported into VirtualBox. These are available from
|
||||
the
|
||||
<link xlink:href="https://nixos.org/nixos/download.html">NixOS
|
||||
<link xlink:href="https://nixos.org/download.html#nixos-virtualbox">NixOS
|
||||
download page</link>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
Using AMIs for Amazon’s EC2. To find one for your region and
|
||||
instance type, please refer to the
|
||||
<link xlink:href="https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/virtualisation/ec2-amis.nix">list
|
||||
of most recent AMIs</link>.
|
||||
Using AMIs for Amazon’s EC2. To find one for your region, please
|
||||
refer to the
|
||||
<link xlink:href="https://nixos.org/download.html#nixos-amazon">download
|
||||
page</link>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
|
|
|
@ -312,6 +312,14 @@
|
|||
<link linkend="opt-services.endlessh-go.enable">services.endlessh-go</link>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<link xlink:href="https://garagehq.deuxfleurs.fr/">Garage</link>,
|
||||
a simple object storage server for geodistributed deployments,
|
||||
alternative to MinIO. Available as
|
||||
<link linkend="opt-services.garage.enable">services.garage</link>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<link xlink:href="https://netbird.io">netbird</link>, a zero
|
||||
|
@ -761,6 +769,14 @@
|
|||
for vim).
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
The <literal>adguardhome</literal> module no longer uses
|
||||
<literal>host</literal> and <literal>port</literal> options,
|
||||
use <literal>settings.bind_host</literal> and
|
||||
<literal>settings.bind_port</literal> instead.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
The default <literal>kops</literal> version is now 1.25.1 and
|
||||
|
@ -885,6 +901,15 @@
|
|||
<literal>~/.local/share/PrismLauncher/prismlauncher.cfg</literal>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
The <literal>bloat</literal> package has been updated from
|
||||
unstable-2022-03-31 to unstable-2022-10-25, which brings a
|
||||
breaking change. See
|
||||
<link xlink:href="https://git.freesoftwareextremist.com/bloat/commit/?id=887ed241d64ba5db3fd3d87194fb5595e5ad7d73">this
|
||||
upstream commit message</link> for details.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
The <literal>services.matrix-synapse</literal> systemd unit
|
||||
|
|
|
@ -1,31 +1,72 @@
|
|||
# Booting from a USB Drive {#sec-booting-from-usb}
|
||||
# Booting from a USB flash drive {#sec-booting-from-usb}
|
||||
|
||||
For systems without CD drive, the NixOS live CD can be booted from a USB
|
||||
stick. You can use the `dd` utility to write the image:
|
||||
`dd if=path-to-image of=/dev/sdX`. Be careful about specifying the correct
|
||||
drive; you can use the `lsblk` command to get a list of block devices.
|
||||
The image has to be written verbatim to the USB flash drive for it to be
|
||||
bootable on UEFI and BIOS systems. Here are the recommended tools to do that.
|
||||
|
||||
::: {.note}
|
||||
::: {.title}
|
||||
On macOS
|
||||
## Creating bootable USB flash drive with a graphical tool {#sec-booting-from-usb-graphical}
|
||||
|
||||
Etcher is a popular and user-friendly tool. It works on Linux, Windows and macOS.
|
||||
|
||||
Download it from [balena.io](https://www.balena.io/etcher/), start the program,
|
||||
select the downloaded NixOS ISO, then select the USB flash drive and flash it.
|
||||
|
||||
::: {.warning}
|
||||
Etcher reports errors and usage statistics by default, which can be disabled in
|
||||
the settings.
|
||||
:::
|
||||
|
||||
```ShellSession
|
||||
$ diskutil list
|
||||
[..]
|
||||
/dev/diskN (external, physical):
|
||||
#: TYPE NAME SIZE IDENTIFIER
|
||||
[..]
|
||||
$ diskutil unmountDisk diskN
|
||||
Unmount of all volumes on diskN was successful
|
||||
$ sudo dd if=nix.iso of=/dev/rdiskN bs=1M
|
||||
```
|
||||
An alternative is [USBImager](https://bztsrc.gitlab.io/usbimager),
|
||||
which is very simple and does not connect to the internet. Download the version
|
||||
with write-only (wo) interface for your system. Start the program,
|
||||
select the image, select the USB flash drive and click "Write".
|
||||
|
||||
Using the \'raw\' `rdiskN` device instead of `diskN` completes in
|
||||
minutes instead of hours. After `dd` completes, a GUI dialog \"The disk
|
||||
you inserted was not readable by this computer\" will pop up, which can
|
||||
be ignored.
|
||||
:::
|
||||
## Creating bootable USB flash drive from a Terminal on Linux {#sec-booting-from-usb-linux}
|
||||
|
||||
The `dd` utility will write the image verbatim to the drive, making it
|
||||
the recommended option for both UEFI and non-UEFI installations.
|
||||
1. Plug in the USB flash drive.
|
||||
2. Find the corresponding device with `lsblk`. You can distinguish them by
|
||||
their size.
|
||||
3. Make sure all partitions on the device are properly unmounted. Replace `sdX`
|
||||
with your device (e.g. `sdb`).
|
||||
|
||||
```ShellSession
|
||||
sudo umount /dev/sdX*
|
||||
```
|
||||
|
||||
4. Then use the `dd` utility to write the image to the USB flash drive.
|
||||
|
||||
```ShellSession
|
||||
sudo dd if=<path-to-image> of=/dev/sdX bs=4M conv=fsync
|
||||
```
|
||||
|
||||
## Creating bootable USB flash drive from a Terminal on macOS {#sec-booting-from-usb-macos}
|
||||
|
||||
1. Plug in the USB flash drive.
|
||||
2. Find the corresponding device with `diskutil list`. You can distinguish them
|
||||
by their size.
|
||||
3. Make sure all partitions on the device are properly unmounted. Replace `diskX`
|
||||
with your device (e.g. `disk1`).
|
||||
|
||||
```ShellSession
|
||||
diskutil unmountDisk diskX
|
||||
```
|
||||
|
||||
4. Then use the `dd` utility to write the image to the USB flash drive.
|
||||
|
||||
```ShellSession
|
||||
sudo dd if=<path-to-image> of=/dev/rdiskX bs=4m
|
||||
```
|
||||
|
||||
After `dd` completes, a GUI dialog \"The disk
|
||||
you inserted was not readable by this computer\" will pop up, which can
|
||||
be ignored.
|
||||
|
||||
::: {.note}
|
||||
Using the \'raw\' `rdiskX` device instead of `diskX` with dd completes in
|
||||
minutes instead of hours.
|
||||
:::
|
||||
|
||||
5. Eject the disk when it is finished.
|
||||
|
||||
```ShellSession
|
||||
diskutil eject /dev/diskX
|
||||
```
|
||||
|
|
|
@ -1,30 +1,143 @@
|
|||
# Installing NixOS {#sec-installation}
|
||||
|
||||
## Booting the system {#sec-installation-booting}
|
||||
## Booting from the install medium {#sec-installation-booting}
|
||||
|
||||
To begin the installation, you have to boot your computer from the install drive.
|
||||
|
||||
1. Plug in the install drive. Then turn on or restart your computer.
|
||||
|
||||
2. Open the boot menu by pressing the appropriate key, which is usually shown
|
||||
on the display on early boot.
|
||||
Select the USB flash drive (the option usually contains the word "USB").
|
||||
If you choose the incorrect drive, your computer will likely continue to
|
||||
boot as normal. In that case restart your computer and pick a
|
||||
different drive.
|
||||
|
||||
::: {.note}
|
||||
The key to open the boot menu is different across computer brands and even
|
||||
models. It can be <kbd>F12</kbd>, but also <kbd>F1</kbd>,
|
||||
<kbd>F9</kbd>, <kbd>F10</kbd>, <kbd>Enter</kbd>, <kbd>Del</kbd>,
|
||||
<kbd>Esc</kbd> or another function key. If you are unsure and don't see
|
||||
it on the early boot screen, you can search online for your computers
|
||||
brand, model followed by "boot from usb".
|
||||
The computer might not even have that feature, so you have to go into the
|
||||
BIOS/UEFI settings to change the boot order. Again, search online for
|
||||
details about your specific computer model.
|
||||
|
||||
For Apple computers with Intel processors press and hold the <kbd>⌥</kbd>
|
||||
(Option or Alt) key until you see the boot menu. On Apple silicon press
|
||||
and hold the power button.
|
||||
:::
|
||||
|
||||
::: {.note}
|
||||
If your computer supports both BIOS and UEFI boot, choose the UEFI option.
|
||||
:::
|
||||
|
||||
::: {.note}
|
||||
If you use a CD for the installation, the computer will probably boot from
|
||||
it automatically. If not, choose the option containing the word "CD" from
|
||||
the boot menu.
|
||||
:::
|
||||
|
||||
3. Shortly after selecting the appropriate boot drive, you should be
|
||||
presented with a menu with different installer options. Leave the default
|
||||
and wait (or press <kbd>Enter</kbd> to speed up).
|
||||
|
||||
4. The graphical images will start their corresponding desktop environment
|
||||
and the graphical installer, which can take some time. The minimal images
|
||||
will boot to a command line. You have to follow the instructions in
|
||||
[](#sec-installation-manual) there.
|
||||
|
||||
## Graphical Installation {#sec-installation-graphical}
|
||||
|
||||
The graphical installer is recommended for desktop users and will guide you
|
||||
through the installation.
|
||||
|
||||
1. In the "Welcome" screen, you can select the language of the Installer and
|
||||
the installed system.
|
||||
|
||||
::: {.tip}
|
||||
Leaving the language as "American English" will make it easier to search for
|
||||
error messages in a search engine or to report an issue.
|
||||
:::
|
||||
|
||||
2. Next you should choose your location to have the timezone set correctly.
|
||||
You can actually click on the map!
|
||||
|
||||
::: {.note}
|
||||
The installer will use an online service to guess your location based on
|
||||
your public IP address.
|
||||
:::
|
||||
|
||||
3. Then you can select the keyboard layout. The default keyboard model should
|
||||
work well with most desktop keyboards. If you have a special keyboard or
|
||||
notebook, your model might be in the list. Select the language you are most
|
||||
comfortable typing in.
|
||||
|
||||
4. On the "Users" screen, you have to type in your display name, login name
|
||||
and password. You can also enable an option to automatically login to the
|
||||
desktop.
|
||||
|
||||
5. Then you have the option to choose a desktop environment. If you want to
|
||||
create a custom setup with a window manager, you can select "No desktop".
|
||||
|
||||
::: {.tip}
|
||||
If you don't have a favorite desktop and don't know which one to choose,
|
||||
you can stick to either GNOME or Plasma. They have a quite different
|
||||
design, so you should choose whichever you like better.
|
||||
They are both popular choices and well tested on NixOS.
|
||||
:::
|
||||
|
||||
6. You have the option to allow unfree software in the next screen.
|
||||
|
||||
7. The easiest option in the "Partitioning" screen is "Erase disk", which will
|
||||
delete all data from the selected disk and install the system on it.
|
||||
Also select "Swap (with Hibernation)" in the dropdown below it.
|
||||
You have the option to encrypt the whole disk with LUKS.
|
||||
|
||||
::: {.note}
|
||||
At the top left you see if the Installer was booted with BIOS or UEFI. If
|
||||
you know your system supports UEFI and it shows "BIOS", reboot with the
|
||||
correct option.
|
||||
:::
|
||||
|
||||
::: {.warning}
|
||||
Make sure you have selected the correct disk at the top and that no
|
||||
valuable data is still on the disk! It will be deleted when
|
||||
formatting the disk.
|
||||
:::
|
||||
|
||||
8. Check the choices you made in the "Summary" and click "Install".
|
||||
|
||||
::: {.note}
|
||||
The installation takes about 15 minutes. The time varies based on the
|
||||
selected desktop environment, internet connection speed and disk write speed.
|
||||
:::
|
||||
|
||||
9. When the install is complete, remove the USB flash drive and
|
||||
reboot into your new system!
|
||||
|
||||
## Manual Installation {#sec-installation-manual}
|
||||
|
||||
NixOS can be installed on BIOS or UEFI systems. The procedure for a UEFI
|
||||
installation is by and large the same as a BIOS installation. The
|
||||
differences are mentioned in the steps that follow.
|
||||
installation is broadly the same as for a BIOS installation. The differences
|
||||
are mentioned in the following steps.
|
||||
|
||||
The installation media can be burned to a CD, or now more commonly,
|
||||
"burned" to a USB drive (see [](#sec-booting-from-usb)).
|
||||
The NixOS manual is available by running `nixos-help` in the command line
|
||||
or from the application menu in the desktop environment.
|
||||
|
||||
The installation media contains a basic NixOS installation. When it's
|
||||
finished booting, it should have detected most of your hardware.
|
||||
|
||||
The NixOS manual is available by running `nixos-help`.
|
||||
To have access to the command line on the graphical images, open
|
||||
Terminal (GNOME) or Konsole (Plasma) from the application menu.
|
||||
|
||||
You are logged-in automatically as `nixos`. The `nixos` user account has
|
||||
an empty password so you can use `sudo` without a password:
|
||||
|
||||
```ShellSession
|
||||
$ sudo -i
|
||||
```
|
||||
|
||||
If you downloaded the graphical ISO image, you can run `systemctl
|
||||
start display-manager` to start the desktop environment. If you want
|
||||
to continue on the terminal, you can use `loadkeys` to switch to your
|
||||
preferred keyboard layout. (We even provide neo2 via `loadkeys de
|
||||
neo`!)
|
||||
You can use `loadkeys` to switch to your preferred keyboard layout.
|
||||
(We even provide neo2 via `loadkeys de neo`!)
|
||||
|
||||
If the text is too small to be legible, try `setfont ter-v32n` to
|
||||
increase the font size.
|
||||
|
@ -33,7 +146,8 @@ To install over a serial port connect with `115200n8` (e.g.
|
|||
`picocom -b 115200 /dev/ttyUSB0`). When the bootloader lists boot
|
||||
entries, select the serial console boot entry.
|
||||
|
||||
### Networking in the installer {#sec-installation-booting-networking}
|
||||
### Networking in the installer {#sec-installation-manual-networking}
|
||||
[]{#sec-installation-booting-networking} <!-- legacy anchor -->
|
||||
|
||||
The boot process should have brought up networking (check `ip
|
||||
a`). Networking is necessary for the installer, since it will
|
||||
|
@ -100,7 +214,8 @@ placed by mounting the image on a different machine). Alternatively you
|
|||
must set a password for either `root` or `nixos` with `passwd` to be
|
||||
able to login.
|
||||
|
||||
## Partitioning and formatting {#sec-installation-partitioning}
|
||||
### Partitioning and formatting {#sec-installation-manual-partitioning}
|
||||
[]{#sec-installation-partitioning} <!-- legacy anchor -->
|
||||
|
||||
The NixOS installer doesn't do any partitioning or formatting, so you
|
||||
need to do that yourself.
|
||||
|
@ -112,7 +227,8 @@ below use `parted`, but also provides `fdisk`, `gdisk`, `cfdisk`, and
|
|||
The recommended partition scheme differs depending if the computer uses
|
||||
*Legacy Boot* or *UEFI*.
|
||||
|
||||
### UEFI (GPT) {#sec-installation-partitioning-UEFI}
|
||||
#### UEFI (GPT) {#sec-installation-manual-partitioning-UEFI}
|
||||
[]{#sec-installation-partitioning-UEFI} <!-- legacy anchor -->
|
||||
|
||||
Here\'s an example partition scheme for UEFI, using `/dev/sda` as the
|
||||
device.
|
||||
|
@ -158,9 +274,10 @@ update /etc/fstab.
|
|||
```
|
||||
|
||||
Once complete, you can follow with
|
||||
[](#sec-installation-partitioning-formatting).
|
||||
[](#sec-installation-manual-partitioning-formatting).
|
||||
|
||||
### Legacy Boot (MBR) {#sec-installation-partitioning-MBR}
|
||||
#### Legacy Boot (MBR) {#sec-installation-manual-partitioning-MBR}
|
||||
[]{#sec-installation-partitioning-MBR} <!-- legacy anchor -->
|
||||
|
||||
Here\'s an example partition scheme for Legacy Boot, using `/dev/sda` as
|
||||
the device.
|
||||
|
@ -202,9 +319,10 @@ update /etc/fstab.
|
|||
:::
|
||||
|
||||
Once complete, you can follow with
|
||||
[](#sec-installation-partitioning-formatting).
|
||||
[](#sec-installation-manual-partitioning-formatting).
|
||||
|
||||
### Formatting {#sec-installation-partitioning-formatting}
|
||||
#### Formatting {#sec-installation-manual-partitioning-formatting}
|
||||
[]{#sec-installation-partitioning-formatting} <!-- legacy anchor -->
|
||||
|
||||
Use the following commands:
|
||||
|
||||
|
@ -239,7 +357,8 @@ Use the following commands:
|
|||
|
||||
- For creating software RAID devices, use `mdadm`.
|
||||
|
||||
## Installing {#sec-installation-installing}
|
||||
### Installing {#sec-installation-manual-installing}
|
||||
[]{#sec-installation-installing} <!-- legacy anchor -->
|
||||
|
||||
1. Mount the target file system on which NixOS should be installed on
|
||||
`/mnt`, e.g.
|
||||
|
@ -410,7 +529,8 @@ Use the following commands:
|
|||
You may also want to install some software. This will be covered in
|
||||
[](#sec-package-management).
|
||||
|
||||
## Installation summary {#sec-installation-summary}
|
||||
### Installation summary {#sec-installation-manual-summary}
|
||||
[]{#sec-installation-summary} <!-- legacy anchor -->
|
||||
|
||||
To summarise, [Example: Commands for Installing NixOS on `/dev/sda`](#ex-install-sequence)
|
||||
shows a typical sequence of commands for installing NixOS on an empty hard
|
||||
|
|
|
@ -1,24 +1,21 @@
|
|||
# Obtaining NixOS {#sec-obtaining}
|
||||
|
||||
NixOS ISO images can be downloaded from the [NixOS download
|
||||
page](https://nixos.org/nixos/download.html). There are a number of
|
||||
installation options. If you happen to have an optical drive and a spare
|
||||
CD, burning the image to CD and booting from that is probably the
|
||||
easiest option. Most people will need to prepare a USB stick to boot
|
||||
from. [](#sec-booting-from-usb) describes the preferred method to
|
||||
prepare a USB stick. A number of alternative methods are presented in
|
||||
the [NixOS Wiki](https://nixos.wiki/wiki/NixOS_Installation_Guide#Making_the_installation_media).
|
||||
page](https://nixos.org/download.html#nixos-iso). Follow the instructions in
|
||||
[](#sec-booting-from-usb) to create a bootable USB flash drive.
|
||||
|
||||
If you have a very old system that can't boot from USB, you can burn the image
|
||||
to an empty CD. NixOS might not work very well on such systems.
|
||||
|
||||
As an alternative to installing NixOS yourself, you can get a running
|
||||
NixOS system through several other means:
|
||||
|
||||
- Using virtual appliances in Open Virtualization Format (OVF) that
|
||||
can be imported into VirtualBox. These are available from the [NixOS
|
||||
download page](https://nixos.org/nixos/download.html).
|
||||
download page](https://nixos.org/download.html#nixos-virtualbox).
|
||||
|
||||
- Using AMIs for Amazon's EC2. To find one for your region and
|
||||
instance type, please refer to the [list of most recent
|
||||
AMIs](https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/virtualisation/ec2-amis.nix).
|
||||
- Using AMIs for Amazon's EC2. To find one for your region, please refer
|
||||
to the [download page](https://nixos.org/download.html#nixos-amazon).
|
||||
|
||||
- Using NixOps, the NixOS-based cloud deployment tool, which allows
|
||||
you to provision VirtualBox and EC2 NixOS instances from declarative
|
||||
|
|
|
@ -19,6 +19,7 @@ pandoc_flags=(
|
|||
"--lua-filter=$DIR/../../../doc/build-aux/pandoc-filters/myst-reader/roles.lua"
|
||||
"--lua-filter=$DIR/../../../doc/build-aux/pandoc-filters/link-unix-man-references.lua"
|
||||
"--lua-filter=$DIR/../../../doc/build-aux/pandoc-filters/docbook-writer/rst-roles.lua"
|
||||
"--lua-filter=$DIR/../../../doc/build-aux/pandoc-filters/docbook-writer/html-elements.lua"
|
||||
"--lua-filter=$DIR/../../../doc/build-aux/pandoc-filters/docbook-writer/labelless-link-is-xref.lua"
|
||||
-f "commonmark${pandoc_commonmark_enabled_extensions}+smart"
|
||||
-t docbook
|
||||
|
|
|
@ -108,6 +108,8 @@ In addition to numerous new and upgraded packages, this release has the followin
|
|||
|
||||
- [endlessh-go](https://github.com/shizunge/endlessh-go), an SSH tarpit that exposes Prometheus metrics. Available as [services.endlessh-go](#opt-services.endlessh-go.enable).
|
||||
|
||||
- [Garage](https://garagehq.deuxfleurs.fr/), a simple object storage server for geodistributed deployments, alternative to MinIO. Available as [services.garage](#opt-services.garage.enable).
|
||||
|
||||
- [netbird](https://netbird.io), a zero configuration VPN.
|
||||
Available as [services.netbird](options.html#opt-services.netbird.enable).
|
||||
|
||||
|
@ -242,6 +244,8 @@ Available as [services.patroni](options.html#opt-services.patroni.enable).
|
|||
Use `configure.packages` instead.
|
||||
- Neovim can not be configured with plug anymore (still works for vim).
|
||||
|
||||
- The `adguardhome` module no longer uses `host` and `port` options, use `settings.bind_host` and `settings.bind_port` instead.
|
||||
|
||||
- The default `kops` version is now 1.25.1 and support for 1.22 and older has been dropped.
|
||||
|
||||
- `k3s` no longer supports docker as runtime due to upstream dropping support.
|
||||
|
@ -283,6 +287,8 @@ Available as [services.patroni](options.html#opt-services.patroni.enable).
|
|||
from `~/.local/share/polymc/polymc.cfg` to
|
||||
`~/.local/share/PrismLauncher/prismlauncher.cfg`.
|
||||
|
||||
- The `bloat` package has been updated from unstable-2022-03-31 to unstable-2022-10-25, which brings a breaking change. See [this upstream commit message](https://git.freesoftwareextremist.com/bloat/commit/?id=887ed241d64ba5db3fd3d87194fb5595e5ad7d73) for details.
|
||||
|
||||
- The `services.matrix-synapse` systemd unit has been hardened.
|
||||
|
||||
- The `services.grafana` options were converted to a [RFC 0042](https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md) configuration.
|
||||
|
|
|
@ -125,7 +125,11 @@ in rec {
|
|||
nativeBuildInputs = [
|
||||
pkgs.brotli
|
||||
(let
|
||||
self = (pkgs.python3Minimal.override {
|
||||
# python3Minimal can't be overridden with packages on Darwin, due to a missing framework.
|
||||
# Instead of modifying stdenv, we take the easy way out, since most people on Darwin will
|
||||
# just be hacking on the Nixpkgs manual (which also uses make-options-doc).
|
||||
python = if pkgs.stdenv.isDarwin then pkgs.python3 else pkgs.python3Minimal;
|
||||
self = (python.override {
|
||||
inherit self;
|
||||
includeSiteCustomize = true;
|
||||
});
|
||||
|
|
|
@ -979,6 +979,7 @@
|
|||
./services/video/rtsp-simple-server.nix
|
||||
./services/networking/uptermd.nix
|
||||
./services/networking/v2ray.nix
|
||||
./services/networking/vdirsyncer.nix
|
||||
./services/networking/vsftpd.nix
|
||||
./services/networking/wasabibackend.nix
|
||||
./services/networking/websockify.nix
|
||||
|
@ -1146,6 +1147,7 @@
|
|||
./services/web-servers/caddy/default.nix
|
||||
./services/web-servers/darkhttpd.nix
|
||||
./services/web-servers/fcgiwrap.nix
|
||||
./services/web-servers/garage.nix
|
||||
./services/web-servers/hitch/default.nix
|
||||
./services/web-servers/hydron.nix
|
||||
./services/web-servers/jboss/default.nix
|
||||
|
@ -1253,6 +1255,7 @@
|
|||
./system/boot/systemd/user.nix
|
||||
./system/boot/timesyncd.nix
|
||||
./system/boot/tmp.nix
|
||||
./system/boot/uvesafb.nix
|
||||
./system/etc/etc-activation.nix
|
||||
./tasks/auto-upgrade.nix
|
||||
./tasks/bcache.nix
|
||||
|
|
|
@ -14,6 +14,8 @@ in
|
|||
|
||||
security.polkit.enable = mkEnableOption (lib.mdDoc "polkit");
|
||||
|
||||
security.polkit.debug = mkEnableOption (lib.mdDoc "debug logs from polkit. This is required in order to see log messages from rule definitions.");
|
||||
|
||||
security.polkit.extraConfig = mkOption {
|
||||
type = types.lines;
|
||||
default = "";
|
||||
|
@ -21,6 +23,7 @@ in
|
|||
''
|
||||
/* Log authorization checks. */
|
||||
polkit.addRule(function(action, subject) {
|
||||
// Make sure to set { security.polkit.debug = true; } in configuration.nix
|
||||
polkit.log("user " + subject.user + " is attempting action " + action.id + " from PID " + subject.pid);
|
||||
});
|
||||
|
||||
|
@ -58,6 +61,11 @@ in
|
|||
|
||||
systemd.packages = [ pkgs.polkit.out ];
|
||||
|
||||
systemd.services.polkit.serviceConfig.ExecStart = [
|
||||
""
|
||||
"${pkgs.polkit.out}/lib/polkit-1/polkitd ${optionalString (!cfg.debug) "--no-debug"}"
|
||||
];
|
||||
|
||||
systemd.services.polkit.restartTriggers = [ config.system.path ];
|
||||
systemd.services.polkit.stopIfChanged = false;
|
||||
|
||||
|
|
|
@ -106,6 +106,8 @@ in {
|
|||
"-Dcruise.config.file=${cfg.workDir}/conf/cruise-config.xml"
|
||||
"-Dcruise.server.port=${toString cfg.port}"
|
||||
"-Dcruise.server.ssl.port=${toString cfg.sslPort}"
|
||||
"--add-opens=java.base/java.lang=ALL-UNNAMED"
|
||||
"--add-opens=java.base/java.util=ALL-UNNAMED"
|
||||
];
|
||||
defaultText = literalExpression ''
|
||||
[
|
||||
|
@ -119,6 +121,8 @@ in {
|
|||
"-Dcruise.config.file=''${config.${opt.workDir}}/conf/cruise-config.xml"
|
||||
"-Dcruise.server.port=''${toString config.${opt.port}}"
|
||||
"-Dcruise.server.ssl.port=''${toString config.${opt.sslPort}}"
|
||||
"--add-opens=java.base/java.lang=ALL-UNNAMED"
|
||||
"--add-opens=java.base/java.util=ALL-UNNAMED"
|
||||
]
|
||||
'';
|
||||
|
||||
|
@ -199,7 +203,7 @@ in {
|
|||
${pkgs.git}/bin/git config --global --add http.sslCAinfo /etc/ssl/certs/ca-certificates.crt
|
||||
${pkgs.jre}/bin/java -server ${concatStringsSep " " cfg.startupOptions} \
|
||||
${concatStringsSep " " cfg.extraOptions} \
|
||||
-jar ${pkgs.gocd-server}/go-server/go.jar
|
||||
-jar ${pkgs.gocd-server}/go-server/lib/go.jar
|
||||
'';
|
||||
|
||||
serviceConfig = {
|
||||
|
|
|
@ -202,7 +202,7 @@ in {
|
|||
NoNewPrivileges = true;
|
||||
CapabilityBoundingSet = "";
|
||||
SystemCallArchitecture = "native";
|
||||
SystemCallFilter = [ "@system-service" "~@privileged" "@resources" ];
|
||||
SystemCallFilter = [ "@system-service" "~@privileged" ];
|
||||
ProtectDevices = true;
|
||||
ProtectControlGroups = true;
|
||||
ProtectKernelTunables = true;
|
||||
|
|
|
@ -212,9 +212,9 @@ in
|
|||
|
||||
staticClients = forEach cfg.dex.oidcClients (client: {
|
||||
inherit (client) id;
|
||||
redirectURIs = [ client.callbackURI ];
|
||||
redirectURIs = [ client.callbackURL ];
|
||||
name = "OIDC for ${client.id}";
|
||||
secret = "$DEX_CLIENT_${client.id}";
|
||||
secretEnv = "DEX_CLIENT_${client.id}";
|
||||
});
|
||||
};
|
||||
};
|
||||
|
|
|
@ -852,7 +852,7 @@ in {
|
|||
};
|
||||
|
||||
contactPoints = mkOption {
|
||||
description = lib.mdDoc "List of contact points to import or update.";
|
||||
description = lib.mdDoc "List of contact points to import or update. Please note that sensitive data will end up in world-readable Nix store.";
|
||||
default = [];
|
||||
type = types.listOf (types.submodule {
|
||||
freeformType = provisioningSettingsFormat.type;
|
||||
|
@ -1158,17 +1158,23 @@ in {
|
|||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
warnings = flatten [
|
||||
warnings = let
|
||||
usesFileProvider = opt: defaultValue: builtins.match "^${defaultValue}$|^\\$__file\\{.*}$" opt != null;
|
||||
in flatten [
|
||||
(optional (
|
||||
cfg.settings.database.password != "" ||
|
||||
cfg.settings.security.admin_password != "admin"
|
||||
! usesFileProvider cfg.settings.database.password "" ||
|
||||
! usesFileProvider cfg.settings.security.admin_password "admin"
|
||||
) "Grafana passwords will be stored as plaintext in the Nix store! Use file provider instead.")
|
||||
(optional (
|
||||
let
|
||||
checkOpts = opt: any (x: x.password != null || x.basicAuthPassword != null || x.secureJsonData != null) opt;
|
||||
datasourcesUsed = if (cfg.provision.datasources.settings == null) then [] else cfg.provision.datasources.settings.datasources;
|
||||
in if (builtins.isList cfg.provision.datasources) then checkOpts cfg.provision.datasources else checkOpts datasourcesUsed
|
||||
) "Datasource passwords will be stored as plaintext in the Nix store! Use file provider instead.")
|
||||
) ''
|
||||
Datasource passwords will be stored as plaintext in the Nix store!
|
||||
It is not possible to use file provider in provisioning; please provision
|
||||
datasources via `services.grafana.provision.datasources.path` instead.
|
||||
'')
|
||||
(optional (
|
||||
any (x: x.secure_settings != null) cfg.provision.notifiers
|
||||
) "Notifier secure settings will be stored as plaintext in the Nix store! Use file provider instead.")
|
||||
|
|
|
@ -12,37 +12,26 @@ let
|
|||
"--config /var/lib/AdGuardHome/AdGuardHome.yaml"
|
||||
] ++ cfg.extraArgs);
|
||||
|
||||
baseConfig = {
|
||||
bind_host = cfg.host;
|
||||
bind_port = cfg.port;
|
||||
};
|
||||
|
||||
configFile = pkgs.writeTextFile {
|
||||
name = "AdGuardHome.yaml";
|
||||
text = builtins.toJSON (recursiveUpdate cfg.settings baseConfig);
|
||||
text = builtins.toJSON cfg.settings;
|
||||
checkPhase = "${pkgs.adguardhome}/bin/adguardhome -c $out --check-config";
|
||||
};
|
||||
|
||||
in {
|
||||
in
|
||||
{
|
||||
|
||||
imports =
|
||||
let cfgPath = [ "services" "adguardhome" ];
|
||||
in
|
||||
[
|
||||
(mkRenamedOptionModuleWith { sinceRelease = 2211; from = cfgPath ++ [ "host" ]; to = cfgPath ++ [ "settings" "bind_host" ]; })
|
||||
(mkRenamedOptionModuleWith { sinceRelease = 2211; from = cfgPath ++ [ "port" ]; to = cfgPath ++ [ "settings" "bind_port" ]; })
|
||||
];
|
||||
|
||||
options.services.adguardhome = with types; {
|
||||
enable = mkEnableOption (lib.mdDoc "AdGuard Home network-wide ad blocker");
|
||||
|
||||
host = mkOption {
|
||||
default = "0.0.0.0";
|
||||
type = str;
|
||||
description = lib.mdDoc ''
|
||||
Host address to bind HTTP server to.
|
||||
'';
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
default = 3000;
|
||||
type = port;
|
||||
description = lib.mdDoc ''
|
||||
Port to serve HTTP pages on.
|
||||
'';
|
||||
};
|
||||
|
||||
openFirewall = mkOption {
|
||||
default = false;
|
||||
type = bool;
|
||||
|
@ -62,8 +51,35 @@ in {
|
|||
};
|
||||
|
||||
settings = mkOption {
|
||||
type = (pkgs.formats.yaml { }).type;
|
||||
default = { };
|
||||
type = submodule {
|
||||
freeformType = (pkgs.formats.yaml { }).type;
|
||||
options = {
|
||||
schema_version = mkOption {
|
||||
default = pkgs.adguardhome.schema_version;
|
||||
defaultText = literalExpression "pkgs.adguardhome.schema_version";
|
||||
type = int;
|
||||
description = lib.mdDoc ''
|
||||
Schema version for the configuration.
|
||||
Defaults to the `schema_version` supplied by `pkgs.adguardhome`.
|
||||
'';
|
||||
};
|
||||
bind_host = mkOption {
|
||||
default = "0.0.0.0";
|
||||
type = str;
|
||||
description = lib.mdDoc ''
|
||||
Host address to bind HTTP server to.
|
||||
'';
|
||||
};
|
||||
bind_port = mkOption {
|
||||
default = 3000;
|
||||
type = port;
|
||||
description = lib.mdDoc ''
|
||||
Port to serve HTTP pages on.
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
description = lib.mdDoc ''
|
||||
AdGuard Home configuration. Refer to
|
||||
<https://github.com/AdguardTeam/AdGuardHome/wiki/Configuration#configuration-file>
|
||||
|
@ -135,6 +151,6 @@ in {
|
|||
};
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ cfg.port ];
|
||||
networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ cfg.settings.bind_port ];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -72,7 +72,7 @@ in
|
|||
RuntimeDirectoryMode = "700";
|
||||
SystemCallFilter = [
|
||||
"@system-service"
|
||||
"~@aio" "~@keyring" "~@memlock" "~@privileged" "~@resources" "~@setuid" "~@sync" "~@timer"
|
||||
"~@aio" "~@keyring" "~@memlock" "~@privileged" "~@setuid" "~@sync" "~@timer"
|
||||
];
|
||||
SystemCallArchitectures = "native";
|
||||
SystemCallErrorNumber = "EPERM";
|
||||
|
|
|
@ -71,7 +71,7 @@ in
|
|||
RestrictNamespaces = true;
|
||||
RestrictRealtime = true;
|
||||
SystemCallArchitectures = "native";
|
||||
SystemCallFilter = "~@clock @cpu-emulation @debug @mount @obsolete @reboot @swap @privileged @resources";
|
||||
SystemCallFilter = [ "@system-service" "~@privileged" ];
|
||||
UMask = "0077";
|
||||
};
|
||||
};
|
||||
|
|
214
nixos/modules/services/networking/vdirsyncer.nix
Normal file
214
nixos/modules/services/networking/vdirsyncer.nix
Normal file
|
@ -0,0 +1,214 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
cfg = config.services.vdirsyncer;
|
||||
|
||||
toIniJson = with generators; toINI {
|
||||
mkKeyValue = mkKeyValueDefault {
|
||||
mkValueString = builtins.toJSON;
|
||||
} "=";
|
||||
};
|
||||
|
||||
toConfigFile = name: cfg':
|
||||
if
|
||||
cfg'.configFile != null
|
||||
then
|
||||
cfg'.configFile
|
||||
else
|
||||
pkgs.writeText "vdirsyncer-${name}.conf" (toIniJson (
|
||||
{
|
||||
general = cfg'.config.general // (lib.optionalAttrs (cfg'.config.statusPath == null) {
|
||||
status_path = "/var/lib/vdirsyncer/${name}";
|
||||
});
|
||||
} // (
|
||||
mapAttrs' (name: nameValuePair "pair ${name}") cfg'.config.pairs
|
||||
) // (
|
||||
mapAttrs' (name: nameValuePair "storage ${name}") cfg'.config.storages
|
||||
)
|
||||
));
|
||||
|
||||
userUnitConfig = name: cfg': {
|
||||
serviceConfig = {
|
||||
User = if cfg'.user == null then "vdirsyncer" else cfg'.user;
|
||||
Group = if cfg'.group == null then "vdirsyncer" else cfg'.group;
|
||||
} // (optionalAttrs (cfg'.user == null) {
|
||||
DynamicUser = true;
|
||||
}) // (optionalAttrs (cfg'.additionalGroups != []) {
|
||||
SupplementaryGroups = cfg'.additionalGroups;
|
||||
}) // (optionalAttrs (cfg'.config.statusPath == null) {
|
||||
StateDirectory = "vdirsyncer/${name}";
|
||||
StateDirectoryMode = "0700";
|
||||
});
|
||||
};
|
||||
|
||||
commonUnitConfig = {
|
||||
after = [ "network.target" ];
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
# Sandboxing
|
||||
PrivateTmp = true;
|
||||
NoNewPrivileges = true;
|
||||
ProtectSystem = "strict";
|
||||
ProtectHome = true;
|
||||
ProtectKernelTunables = true;
|
||||
ProtectKernelModules = true;
|
||||
ProtectControlGroups = true;
|
||||
RestrictNamespaces = true;
|
||||
MemoryDenyWriteExecute = true;
|
||||
RestrictRealtime = true;
|
||||
RestrictSUIDSGID = true;
|
||||
RestrictAddressFamilies = "AF_INET AF_INET6";
|
||||
LockPersonality = true;
|
||||
};
|
||||
};
|
||||
|
||||
in
|
||||
{
|
||||
options = {
|
||||
services.vdirsyncer = {
|
||||
enable = mkEnableOption (mdDoc "vdirsyncer");
|
||||
|
||||
package = mkPackageOption pkgs "vdirsyncer" {};
|
||||
|
||||
jobs = mkOption {
|
||||
description = mdDoc "vdirsyncer job configurations";
|
||||
type = types.attrsOf (types.submodule {
|
||||
options = {
|
||||
enable = (mkEnableOption (mdDoc "this vdirsyncer job")) // {
|
||||
default = true;
|
||||
example = false;
|
||||
};
|
||||
|
||||
user = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
description = mdDoc ''
|
||||
User account to run vdirsyncer as, otherwise as a systemd
|
||||
dynamic user
|
||||
'';
|
||||
};
|
||||
|
||||
group = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
description = mdDoc "group to run vdirsyncer as";
|
||||
};
|
||||
|
||||
additionalGroups = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [];
|
||||
description = mdDoc "additional groups to add the dynamic user to";
|
||||
};
|
||||
|
||||
forceDiscover = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = literalMD ''
|
||||
Run `yes | vdirsyncer discover` prior to `vdirsyncer sync`
|
||||
'';
|
||||
};
|
||||
|
||||
timerConfig = mkOption {
|
||||
type = types.attrs;
|
||||
default = {
|
||||
OnBootSec = "1h";
|
||||
OnUnitActiveSec = "6h";
|
||||
};
|
||||
description = mdDoc "systemd timer configuration";
|
||||
};
|
||||
|
||||
configFile = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
default = null;
|
||||
description = mdDoc "existing configuration file";
|
||||
};
|
||||
|
||||
config = {
|
||||
statusPath = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
defaultText = literalExpression "/var/lib/vdirsyncer/\${attrName}";
|
||||
description = mdDoc "vdirsyncer's status path";
|
||||
};
|
||||
|
||||
general = mkOption {
|
||||
type = types.attrs;
|
||||
default = {};
|
||||
description = mdDoc "general configuration";
|
||||
};
|
||||
|
||||
pairs = mkOption {
|
||||
type = types.attrsOf types.attrs;
|
||||
default = {};
|
||||
description = mdDoc "vdirsyncer pair configurations";
|
||||
example = literalExpression ''
|
||||
{
|
||||
my_contacts = {
|
||||
a = "my_cloud_contacts";
|
||||
b = "my_local_contacts";
|
||||
collections = [ "from a" ];
|
||||
conflict_resolution = "a wins";
|
||||
metadata = [ "color" "displayname" ];
|
||||
};
|
||||
};
|
||||
'';
|
||||
};
|
||||
|
||||
storages = mkOption {
|
||||
type = types.attrsOf types.attrs;
|
||||
default = {};
|
||||
description = mdDoc "vdirsyncer storage configurations";
|
||||
example = literalExpression ''
|
||||
{
|
||||
my_cloud_contacts = {
|
||||
type = "carddav";
|
||||
url = "https://dav.example.com/";
|
||||
read_only = true;
|
||||
username = "user";
|
||||
"password.fetch" = [ "command" "cat" "/etc/vdirsyncer/cloud.passwd" ];
|
||||
};
|
||||
my_local_contacts = {
|
||||
type = "carddav";
|
||||
url = "https://localhost/";
|
||||
username = "user";
|
||||
"password.fetch" = [ "command" "cat" "/etc/vdirsyncer/local.passwd" ];
|
||||
};
|
||||
}
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
});
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
systemd.services = mapAttrs' (name: cfg': nameValuePair "vdirsyncer@${name}" (
|
||||
foldr recursiveUpdate {} [
|
||||
commonUnitConfig
|
||||
(userUnitConfig name cfg')
|
||||
{
|
||||
description = "synchronize calendars and contacts (${name})";
|
||||
environment.VDIRSYNCER_CONFIG = toConfigFile name cfg';
|
||||
serviceConfig.ExecStart =
|
||||
(optional cfg'.forceDiscover (
|
||||
pkgs.writeShellScript "vdirsyncer-discover-yes" ''
|
||||
set -e
|
||||
yes | ${cfg.package}/bin/vdirsyncer discover
|
||||
''
|
||||
)) ++ [ "${cfg.package}/bin/vdirsyncer sync" ];
|
||||
}
|
||||
]
|
||||
)) (filterAttrs (name: cfg': cfg'.enable) cfg.jobs);
|
||||
|
||||
systemd.timers = mapAttrs' (name: cfg': nameValuePair "vdirsyncer@${name}" {
|
||||
wantedBy = [ "timers.target" ];
|
||||
description = "synchronize calendars and contacts (${name})";
|
||||
inherit (cfg') timerConfig;
|
||||
}) cfg.jobs;
|
||||
};
|
||||
}
|
|
@ -180,7 +180,7 @@ in {
|
|||
RestrictNamespaces = true;
|
||||
RestrictRealtime = true;
|
||||
SystemCallArchitectures = "native";
|
||||
SystemCallFilter = "~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @raw-io @resources";
|
||||
SystemCallFilter = [ "@system-service" "~@privileged @keyring" ];
|
||||
} // (if (cfg.group != null) then {
|
||||
Group = cfg.group;
|
||||
} else {});
|
||||
|
|
|
@ -58,7 +58,7 @@ in
|
|||
'';
|
||||
description = lib.mdDoc ''
|
||||
The available options can be found in
|
||||
[the example configuration](https://github.com/dexidp/dex/blob/v${pkgs.dex.version}/config.yaml.dist).
|
||||
[the example configuration](https://github.com/dexidp/dex/blob/v${pkgs.dex-oidc.version}/config.yaml.dist).
|
||||
|
||||
It's also possible to refer to environment variables (defined in [services.dex.environmentFile](#opt-services.dex.environmentFile))
|
||||
using the syntax `$VARIABLE_NAME`.
|
||||
|
@ -119,7 +119,7 @@ in
|
|||
RestrictRealtime = true;
|
||||
RestrictSUIDSGID = true;
|
||||
SystemCallArchitectures = "native";
|
||||
SystemCallFilter = [ "@system-service" "~@privileged @resources @setuid @keyring" ];
|
||||
SystemCallFilter = [ "@system-service" "~@privileged @setuid @keyring" ];
|
||||
TemporaryFileSystem = "/:ro";
|
||||
# Does not work well with the temporary root
|
||||
#UMask = "0066";
|
||||
|
|
|
@ -191,7 +191,7 @@ in
|
|||
RestrictRealtime = true;
|
||||
RestrictSUIDSGID = true;
|
||||
SystemCallArchitectures = "native";
|
||||
SystemCallFilter = [ "@system-service" "~@privileged" "~@resources" ];
|
||||
SystemCallFilter = [ "@system-service" "~@privileged" ];
|
||||
UMask = "0077";
|
||||
}
|
||||
];
|
||||
|
|
|
@ -475,7 +475,6 @@ in {
|
|||
} // cfgService;
|
||||
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
};
|
||||
|
||||
systemd.services.mastodon-init-db = lib.mkIf cfg.automaticMigrations {
|
||||
|
@ -500,16 +499,21 @@ in {
|
|||
# System Call Filtering
|
||||
SystemCallFilter = [ ("~" + lib.concatStringsSep " " (systemCallsList ++ [ "@resources" ])) "@chown" "pipe" "pipe2" ];
|
||||
} // cfgService;
|
||||
after = [ "mastodon-init-dirs.service" "network.target" ] ++ (if databaseActuallyCreateLocally then [ "postgresql.service" ] else []);
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network.target" "mastodon-init-dirs.service" ]
|
||||
++ lib.optional databaseActuallyCreateLocally "postgresql.service";
|
||||
requires = [ "mastodon-init-dirs.service" ]
|
||||
++ lib.optional databaseActuallyCreateLocally "postgresql.service";
|
||||
};
|
||||
|
||||
systemd.services.mastodon-streaming = {
|
||||
after = [ "network.target" ]
|
||||
++ (if databaseActuallyCreateLocally then [ "postgresql.service" ] else [])
|
||||
++ (if cfg.automaticMigrations then [ "mastodon-init-db.service" ] else [ "mastodon-init-dirs.service" ]);
|
||||
description = "Mastodon streaming";
|
||||
after = [ "network.target" "mastodon-init-dirs.service" ]
|
||||
++ lib.optional databaseActuallyCreateLocally "postgresql.service"
|
||||
++ lib.optional cfg.automaticMigrations "mastodon-init-db.service";
|
||||
requires = [ "mastodon-init-dirs.service" ]
|
||||
++ lib.optional databaseActuallyCreateLocally "postgresql.service"
|
||||
++ lib.optional cfg.automaticMigrations "mastodon-init-db.service";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
description = "Mastodon streaming";
|
||||
environment = env // (if cfg.enableUnixSocket
|
||||
then { SOCKET = "/run/mastodon-streaming/streaming.socket"; }
|
||||
else { PORT = toString(cfg.streamingPort); }
|
||||
|
@ -529,11 +533,14 @@ in {
|
|||
};
|
||||
|
||||
systemd.services.mastodon-web = {
|
||||
after = [ "network.target" ]
|
||||
++ (if databaseActuallyCreateLocally then [ "postgresql.service" ] else [])
|
||||
++ (if cfg.automaticMigrations then [ "mastodon-init-db.service" ] else [ "mastodon-init-dirs.service" ]);
|
||||
description = "Mastodon web";
|
||||
after = [ "network.target" "mastodon-init-dirs.service" ]
|
||||
++ lib.optional databaseActuallyCreateLocally "postgresql.service"
|
||||
++ lib.optional cfg.automaticMigrations "mastodon-init-db.service";
|
||||
requires = [ "mastodon-init-dirs.service" ]
|
||||
++ lib.optional databaseActuallyCreateLocally "postgresql.service"
|
||||
++ lib.optional cfg.automaticMigrations "mastodon-init-db.service";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
description = "Mastodon web";
|
||||
environment = env // (if cfg.enableUnixSocket
|
||||
then { SOCKET = "/run/mastodon-web/web.socket"; }
|
||||
else { PORT = toString(cfg.webPort); }
|
||||
|
@ -554,11 +561,14 @@ in {
|
|||
};
|
||||
|
||||
systemd.services.mastodon-sidekiq = {
|
||||
after = [ "network.target" ]
|
||||
++ (if databaseActuallyCreateLocally then [ "postgresql.service" ] else [])
|
||||
++ (if cfg.automaticMigrations then [ "mastodon-init-db.service" ] else [ "mastodon-init-dirs.service" ]);
|
||||
description = "Mastodon sidekiq";
|
||||
after = [ "network.target" "mastodon-init-dirs.service" ]
|
||||
++ lib.optional databaseActuallyCreateLocally "postgresql.service"
|
||||
++ lib.optional cfg.automaticMigrations "mastodon-init-db.service";
|
||||
requires = [ "mastodon-init-dirs.service" ]
|
||||
++ lib.optional databaseActuallyCreateLocally "postgresql.service"
|
||||
++ lib.optional cfg.automaticMigrations "mastodon-init-db.service";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
description = "Mastodon sidekiq";
|
||||
environment = env // {
|
||||
PORT = toString(cfg.sidekiqPort);
|
||||
DB_POOL = toString cfg.sidekiqThreads;
|
||||
|
|
|
@ -79,7 +79,7 @@ in {
|
|||
LockPersonality = true;
|
||||
RemoveIPC = true;
|
||||
RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ];
|
||||
SystemCallFilter = [ "@system-service" "~@privileged" "~@resources" ];
|
||||
SystemCallFilter = [ "@system-service" "~@privileged" ];
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
|
@ -454,25 +454,43 @@ in {
|
|||
|
||||
# migrate db
|
||||
${pkgs.php}/bin/php artisan migrate --force
|
||||
|
||||
# A placeholder file for invalid barcodes
|
||||
invalid_barcode_location="${cfg.dataDir}/public/uploads/barcodes/invalid_barcode.gif"
|
||||
[ ! -e "$invalid_barcode_location" ] \
|
||||
&& cp ${snipe-it}/share/snipe-it/invalid_barcode.gif "$invalid_barcode_location"
|
||||
'';
|
||||
};
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d ${cfg.dataDir} 0710 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/bootstrap 0750 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/bootstrap/cache 0750 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/public 0750 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/public/uploads 0750 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/storage 0700 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/storage/app 0700 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/storage/fonts 0700 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/storage/framework 0700 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/storage/framework/cache 0700 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/storage/framework/sessions 0700 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/storage/framework/views 0700 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/storage/logs 0700 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/storage/uploads 0700 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/storage/private_uploads 0700 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir} 0710 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/bootstrap 0750 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/bootstrap/cache 0750 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/public 0750 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/public/uploads 0750 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/public/uploads/accessories 0750 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/public/uploads/assets 0750 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/public/uploads/avatars 0750 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/public/uploads/barcodes 0750 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/public/uploads/categories 0750 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/public/uploads/companies 0750 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/public/uploads/components 0750 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/public/uploads/consumables 0750 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/public/uploads/departments 0750 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/public/uploads/locations 0750 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/public/uploads/manufacturers 0750 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/public/uploads/models 0750 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/public/uploads/suppliers 0750 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/storage 0700 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/storage/app 0700 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/storage/fonts 0700 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/storage/framework 0700 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/storage/framework/cache 0700 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/storage/framework/sessions 0700 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/storage/framework/views 0700 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/storage/logs 0700 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/storage/uploads 0700 ${user} ${group} - -"
|
||||
"d ${cfg.dataDir}/storage/private_uploads 0700 ${user} ${group} - -"
|
||||
];
|
||||
|
||||
users = {
|
||||
|
|
91
nixos/modules/services/web-servers/garage.nix
Normal file
91
nixos/modules/services/web-servers/garage.nix
Normal file
|
@ -0,0 +1,91 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.garage;
|
||||
toml = pkgs.formats.toml {};
|
||||
configFile = toml.generate "garage.toml" cfg.settings;
|
||||
in
|
||||
{
|
||||
meta.maintainers = [ maintainers.raitobezarius ];
|
||||
|
||||
options.services.garage = {
|
||||
enable = mkEnableOption (lib.mdDoc "Garage Object Storage (S3 compatible)");
|
||||
|
||||
extraEnvironment = mkOption {
|
||||
type = types.attrsOf types.str;
|
||||
description = lib.mdDoc "Extra environment variables to pass to the Garage server.";
|
||||
default = {};
|
||||
example = { RUST_BACKTRACE="yes"; };
|
||||
};
|
||||
|
||||
logLevel = mkOption {
|
||||
type = types.enum (["info" "debug" "trace"]);
|
||||
default = "info";
|
||||
example = "debug";
|
||||
description = lib.mdDoc "Garage log level, see <https://garagehq.deuxfleurs.fr/documentation/quick-start/#launching-the-garage-server> for examples.";
|
||||
};
|
||||
|
||||
settings = mkOption {
|
||||
type = types.submodule {
|
||||
freeformType = toml.type;
|
||||
|
||||
options = {
|
||||
metadata_dir = mkOption {
|
||||
default = "/var/lib/garage/meta";
|
||||
type = types.path;
|
||||
description = lib.mdDoc "The metadata directory, put this on a fast disk (e.g. SSD) if possible.";
|
||||
};
|
||||
|
||||
data_dir = mkOption {
|
||||
default = "/var/lib/garage/data";
|
||||
type = types.path;
|
||||
description = lib.mdDoc "The main data storage, put this on your large storage (e.g. high capacity HDD)";
|
||||
};
|
||||
|
||||
replication_mode = mkOption {
|
||||
default = "none";
|
||||
type = types.enum ([ "none" "1" "2" "3" 1 2 3 ]);
|
||||
apply = v: toString v;
|
||||
description = lib.mdDoc "Garage replication mode, defaults to none, see: <https://garagehq.deuxfleurs.fr/reference_manual/configuration.html#replication_mode> for reference.";
|
||||
};
|
||||
};
|
||||
};
|
||||
description = lib.mdDoc "Garage configuration, see <https://garagehq.deuxfleurs.fr/reference_manual/configuration.html> for reference.";
|
||||
};
|
||||
|
||||
package = mkOption {
|
||||
default = pkgs.garage;
|
||||
defaultText = literalExpression "pkgs.garage";
|
||||
type = types.package;
|
||||
description = lib.mdDoc "Garage package to use.";
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
environment.etc."garage.toml" = {
|
||||
source = configFile;
|
||||
};
|
||||
|
||||
environment.systemPackages = [ cfg.package ]; # For administration
|
||||
|
||||
systemd.services.garage = {
|
||||
description = "Garage Object Storage (S3 compatible)";
|
||||
after = [ "network.target" "network-online.target" ];
|
||||
wants = [ "network.target" "network-online.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
ExecStart = "${cfg.package}/bin/garage server";
|
||||
|
||||
StateDirectory = mkIf (hasPrefix "/var/lib/garage" cfg.settings.data_dir && hasPrefix "/var/lib/garage" cfg.settings.metadata_dir) "garage";
|
||||
DynamicUser = lib.mkDefault true;
|
||||
ProtectHome = true;
|
||||
NoNewPrivileges = true;
|
||||
};
|
||||
environment = {
|
||||
RUST_LOG = lib.mkDefault "garage=${cfg.logLevel}";
|
||||
} // cfg.extraEnvironment;
|
||||
};
|
||||
};
|
||||
}
|
39
nixos/modules/system/boot/uvesafb.nix
Normal file
39
nixos/modules/system/boot/uvesafb.nix
Normal file
|
@ -0,0 +1,39 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
cfg = config.boot.uvesafb;
|
||||
inherit (lib) mkIf mkEnableOption mkOption mdDoc types;
|
||||
in {
|
||||
options = {
|
||||
boot.uvesafb = {
|
||||
enable = mkEnableOption (mdDoc "uvesafb");
|
||||
|
||||
gfx-mode = mkOption {
|
||||
type = types.str;
|
||||
default = "1024x768-32";
|
||||
description = mdDoc "Screen resolution in modedb format. See [uvesafb](https://docs.kernel.org/fb/uvesafb.html) and [modedb](https://docs.kernel.org/fb/modedb.html) documentation for more details. The default value is a sensible default but may be not ideal for all setups.";
|
||||
};
|
||||
|
||||
v86d.package = mkOption {
|
||||
type = types.package;
|
||||
description = mdDoc "Which v86d package to use with uvesafb";
|
||||
defaultText = ''config.boot.kernelPackages.v86d.overrideAttrs (old: {
|
||||
hardeningDisable = [ "all" ];
|
||||
})'';
|
||||
default = config.boot.kernelPackages.v86d.overrideAttrs (old: {
|
||||
hardeningDisable = [ "all" ];
|
||||
});
|
||||
};
|
||||
};
|
||||
};
|
||||
config = mkIf cfg.enable {
|
||||
boot.initrd = {
|
||||
kernelModules = [ "uvesafb" ];
|
||||
extraFiles."/usr/v86d".source = cfg.v86d.package;
|
||||
};
|
||||
|
||||
boot.kernelParams = [
|
||||
"video=uvesafb:mode:${cfg.gfx-mode},mtrr:3,ywrap"
|
||||
''uvesafb.v86d="${cfg.v86d.package}/bin/v86d"''
|
||||
];
|
||||
};
|
||||
}
|
|
@ -2,16 +2,13 @@
|
|||
name = "adguardhome";
|
||||
|
||||
nodes = {
|
||||
minimalConf = { ... }: {
|
||||
services.adguardhome = { enable = true; };
|
||||
};
|
||||
|
||||
declarativeConf = { ... }: {
|
||||
services.adguardhome = {
|
||||
enable = true;
|
||||
|
||||
mutableSettings = false;
|
||||
settings = {
|
||||
schema_version = 0;
|
||||
dns = {
|
||||
bind_host = "0.0.0.0";
|
||||
bootstrap_dns = "127.0.0.1";
|
||||
|
@ -26,6 +23,7 @@
|
|||
|
||||
mutableSettings = true;
|
||||
settings = {
|
||||
schema_version = 0;
|
||||
dns = {
|
||||
bind_host = "0.0.0.0";
|
||||
bootstrap_dns = "127.0.0.1";
|
||||
|
@ -36,10 +34,6 @@
|
|||
};
|
||||
|
||||
testScript = ''
|
||||
with subtest("Minimal config test"):
|
||||
minimalConf.wait_for_unit("adguardhome.service")
|
||||
minimalConf.wait_for_open_port(3000)
|
||||
|
||||
with subtest("Declarative config test, DNS will be reachable"):
|
||||
declarativeConf.wait_for_unit("adguardhome.service")
|
||||
declarativeConf.wait_for_open_port(53)
|
||||
|
|
|
@ -214,6 +214,7 @@ in {
|
|||
fsck = handleTest ./fsck.nix {};
|
||||
ft2-clone = handleTest ./ft2-clone.nix {};
|
||||
mimir = handleTest ./mimir.nix {};
|
||||
garage = handleTest ./garage.nix {};
|
||||
gerrit = handleTest ./gerrit.nix {};
|
||||
geth = handleTest ./geth.nix {};
|
||||
ghostunnel = handleTest ./ghostunnel.nix {};
|
||||
|
|
|
@ -1,4 +1,6 @@
|
|||
import ./make-test-python.nix ({ pkgs, ... }: {
|
||||
import ./make-test-python.nix ({ pkgs, ... }: let
|
||||
localProxyPort = 43;
|
||||
in {
|
||||
name = "dnscrypt-proxy2";
|
||||
meta = with pkgs.lib.maintainers; {
|
||||
maintainers = [ joachifm ];
|
||||
|
@ -9,7 +11,6 @@ import ./make-test-python.nix ({ pkgs, ... }: {
|
|||
# for a caching DNS client.
|
||||
client =
|
||||
{ ... }:
|
||||
let localProxyPort = 43; in
|
||||
{
|
||||
security.apparmor.enable = true;
|
||||
|
||||
|
@ -32,5 +33,6 @@ import ./make-test-python.nix ({ pkgs, ... }: {
|
|||
testScript = ''
|
||||
client.wait_for_unit("dnsmasq")
|
||||
client.wait_for_unit("dnscrypt-proxy2")
|
||||
client.wait_until_succeeds("ss --numeric --udp --listening | grep -q ${toString localProxyPort}")
|
||||
'';
|
||||
})
|
||||
|
|
169
nixos/tests/garage.nix
Normal file
169
nixos/tests/garage.nix
Normal file
|
@ -0,0 +1,169 @@
|
|||
import ./make-test-python.nix ({ pkgs, ...} :
|
||||
let
|
||||
mkNode = { replicationMode, publicV6Address ? "::1" }: { pkgs, ... }: {
|
||||
networking.interfaces.eth1.ipv6.addresses = [{
|
||||
address = publicV6Address;
|
||||
prefixLength = 64;
|
||||
}];
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 3901 3902 ];
|
||||
|
||||
services.garage = {
|
||||
enable = true;
|
||||
settings = {
|
||||
replication_mode = replicationMode;
|
||||
|
||||
rpc_bind_addr = "[::]:3901";
|
||||
rpc_public_addr = "[${publicV6Address}]:3901";
|
||||
rpc_secret = "5c1915fa04d0b6739675c61bf5907eb0fe3d9c69850c83820f51b4d25d13868c";
|
||||
|
||||
s3_api = {
|
||||
s3_region = "garage";
|
||||
api_bind_addr = "[::]:3900";
|
||||
root_domain = ".s3.garage";
|
||||
};
|
||||
|
||||
s3_web = {
|
||||
bind_addr = "[::]:3902";
|
||||
root_domain = ".web.garage";
|
||||
index = "index.html";
|
||||
};
|
||||
};
|
||||
};
|
||||
environment.systemPackages = [ pkgs.minio-client ];
|
||||
|
||||
# Garage requires at least 1GiB of free disk space to run.
|
||||
virtualisation.diskSize = 2 * 1024;
|
||||
};
|
||||
|
||||
|
||||
in {
|
||||
name = "garage";
|
||||
meta = {
|
||||
maintainers = with pkgs.lib.maintainers; [ raitobezarius ];
|
||||
};
|
||||
|
||||
nodes = {
|
||||
single_node = mkNode { replicationMode = "none"; };
|
||||
node1 = mkNode { replicationMode = 3; publicV6Address = "fc00:1::1"; };
|
||||
node2 = mkNode { replicationMode = 3; publicV6Address = "fc00:1::2"; };
|
||||
node3 = mkNode { replicationMode = 3; publicV6Address = "fc00:1::3"; };
|
||||
node4 = mkNode { replicationMode = 3; publicV6Address = "fc00:1::4"; };
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
from typing import List
|
||||
from dataclasses import dataclass
|
||||
import re
|
||||
start_all()
|
||||
|
||||
cur_version_regex = re.compile('Current cluster layout version: (?P<ver>\d*)')
|
||||
key_creation_regex = re.compile('Key name: (?P<key_name>.*)\nKey ID: (?P<key_id>.*)\nSecret key: (?P<secret_key>.*)')
|
||||
|
||||
@dataclass
|
||||
class S3Key:
|
||||
key_name: str
|
||||
key_id: str
|
||||
secret_key: str
|
||||
|
||||
@dataclass
|
||||
class GarageNode:
|
||||
node_id: str
|
||||
host: str
|
||||
|
||||
def get_node_fqn(machine: Machine) -> GarageNode:
|
||||
node_id, host = machine.succeed("garage node id").split('@')
|
||||
return GarageNode(node_id=node_id, host=host)
|
||||
|
||||
def get_node_id(machine: Machine) -> str:
|
||||
return get_node_fqn(machine).node_id
|
||||
|
||||
def get_layout_version(machine: Machine) -> int:
|
||||
version_data = machine.succeed("garage layout show")
|
||||
m = cur_version_regex.search(version_data)
|
||||
if m and m.group('ver') is not None:
|
||||
return int(m.group('ver')) + 1
|
||||
else:
|
||||
raise ValueError('Cannot find current layout version')
|
||||
|
||||
def apply_garage_layout(machine: Machine, layouts: List[str]):
|
||||
for layout in layouts:
|
||||
machine.succeed(f"garage layout assign {layout}")
|
||||
version = get_layout_version(machine)
|
||||
machine.succeed(f"garage layout apply --version {version}")
|
||||
|
||||
def create_api_key(machine: Machine, key_name: str) -> S3Key:
|
||||
output = machine.succeed(f"garage key new --name {key_name}")
|
||||
m = key_creation_regex.match(output)
|
||||
if not m or not m.group('key_id') or not m.group('secret_key'):
|
||||
raise ValueError('Cannot parse API key data')
|
||||
return S3Key(key_name=key_name, key_id=m.group('key_id'), secret_key=m.group('secret_key'))
|
||||
|
||||
def get_api_key(machine: Machine, key_pattern: str) -> S3Key:
|
||||
output = machine.succeed(f"garage key info {key_pattern}")
|
||||
m = key_creation_regex.match(output)
|
||||
if not m or not m.group('key_name') or not m.group('key_id') or not m.group('secret_key'):
|
||||
raise ValueError('Cannot parse API key data')
|
||||
return S3Key(key_name=m.group('key_name'), key_id=m.group('key_id'), secret_key=m.group('secret_key'))
|
||||
|
||||
def test_bucket_writes(node):
|
||||
node.succeed("garage bucket create test-bucket")
|
||||
s3_key = create_api_key(node, "test-api-key")
|
||||
node.succeed("garage bucket allow --read --write test-bucket --key test-api-key")
|
||||
other_s3_key = get_api_key(node, 'test-api-key')
|
||||
assert other_s3_key.secret_key == other_s3_key.secret_key
|
||||
node.succeed(
|
||||
f"mc alias set test-garage http://[::1]:3900 {s3_key.key_id} {s3_key.secret_key} --api S3v4"
|
||||
)
|
||||
node.succeed("echo test | mc pipe test-garage/test-bucket/test.txt")
|
||||
assert node.succeed("mc cat test-garage/test-bucket/test.txt").strip() == "test"
|
||||
|
||||
def test_bucket_over_http(node, bucket='test-bucket', url=None):
|
||||
if url is None:
|
||||
url = f"{bucket}.web.garage"
|
||||
|
||||
node.succeed(f'garage bucket website --allow {bucket}')
|
||||
node.succeed(f'echo hello world | mc pipe test-garage/{bucket}/index.html')
|
||||
assert (node.succeed(f"curl -H 'Host: {url}' http://localhost:3902")).strip() == 'hello world'
|
||||
|
||||
with subtest("Garage works as a single-node S3 storage"):
|
||||
single_node.wait_for_unit("garage.service")
|
||||
single_node.wait_for_open_port(3900)
|
||||
# Now Garage is initialized.
|
||||
single_node_id = get_node_id(single_node)
|
||||
apply_garage_layout(single_node, [f'-z qemutest -c 1 "{single_node_id}"'])
|
||||
# Now Garage is operational.
|
||||
test_bucket_writes(single_node)
|
||||
test_bucket_over_http(single_node)
|
||||
|
||||
with subtest("Garage works as a multi-node S3 storage"):
|
||||
nodes = ('node1', 'node2', 'node3', 'node4')
|
||||
rev_machines = {m.name: m for m in machines}
|
||||
def get_machine(key): return rev_machines[key]
|
||||
for key in nodes:
|
||||
node = get_machine(key)
|
||||
node.wait_for_unit("garage.service")
|
||||
node.wait_for_open_port(3900)
|
||||
|
||||
# Garage is initialized on all nodes.
|
||||
node_ids = {key: get_node_fqn(get_machine(key)) for key in nodes}
|
||||
|
||||
for key in nodes:
|
||||
for other_key in nodes:
|
||||
if other_key != key:
|
||||
other_id = node_ids[other_key]
|
||||
get_machine(key).succeed(f"garage node connect {other_id.node_id}@{other_id.host}")
|
||||
|
||||
# Provide multiple zones for the nodes.
|
||||
zones = ["nixcon", "nixcon", "paris_meetup", "fosdem"]
|
||||
apply_garage_layout(node1,
|
||||
[
|
||||
f'{ndata.node_id} -z {zones[index]} -c 1'
|
||||
for index, ndata in enumerate(node_ids.values())
|
||||
])
|
||||
# Now Garage is operational.
|
||||
test_bucket_writes(node1)
|
||||
for node in nodes:
|
||||
test_bucket_over_http(get_machine(node))
|
||||
'';
|
||||
})
|
|
@ -50,7 +50,7 @@ let
|
|||
|
||||
kafka.wait_until_succeeds(
|
||||
"${kafkaPackage}/bin/kafka-topics.sh --create "
|
||||
+ "--zookeeper zookeeper1:2181 --partitions 1 "
|
||||
+ "--bootstrap-server localhost:9092 --partitions 1 "
|
||||
+ "--replication-factor 1 --topic testtopic"
|
||||
)
|
||||
kafka.succeed(
|
||||
|
@ -58,19 +58,12 @@ let
|
|||
+ "${kafkaPackage}/bin/kafka-console-producer.sh "
|
||||
+ "--broker-list localhost:9092 --topic testtopic"
|
||||
)
|
||||
'' + (if name == "kafka_0_9" then ''
|
||||
assert "test 1" in kafka.succeed(
|
||||
"${kafkaPackage}/bin/kafka-console-consumer.sh "
|
||||
+ "--zookeeper zookeeper1:2181 --topic testtopic "
|
||||
+ "--from-beginning --max-messages 1"
|
||||
)
|
||||
'' else ''
|
||||
assert "test 1" in kafka.succeed(
|
||||
"${kafkaPackage}/bin/kafka-console-consumer.sh "
|
||||
+ "--bootstrap-server localhost:9092 --topic testtopic "
|
||||
+ "--from-beginning --max-messages 1"
|
||||
)
|
||||
'');
|
||||
'';
|
||||
}) { inherit system; });
|
||||
|
||||
in with pkgs; {
|
||||
|
|
|
@ -14,15 +14,18 @@ import ./make-test-python.nix ({ pkgs, ... }: {
|
|||
patches = oa.patches or [] ++ [
|
||||
# change the prefix from /usr/bin to /run to find nix processes
|
||||
../../pkgs/tools/security/tracee/test-EventFilters-prefix-nix-friendly.patch
|
||||
# skip magic_write test that currently fails
|
||||
../../pkgs/tools/security/tracee/test-EventFilters-magic_write-skip.patch
|
||||
];
|
||||
buildPhase = ''
|
||||
runHook preBuild
|
||||
# just build the static lib we need for the go test binary
|
||||
make $makeFlags ''${enableParallelBuilding:+-j$NIX_BUILD_CORES -l$NIX_BUILD_CORES} bpf-core ./dist/btfhub ./dist/libbpf/libbpf.a
|
||||
make $makeFlags ''${enableParallelBuilding:+-j$NIX_BUILD_CORES -l$NIX_BUILD_CORES} bpf-core ./dist/btfhub
|
||||
|
||||
# remove the /usr/bin prefix to work with the patch above
|
||||
substituteInPlace tests/integration/integration_test.go \
|
||||
--replace "/usr/bin/ls" "ls"
|
||||
|
||||
# then compile the tests to be ran later
|
||||
CGO_CFLAGS="-I$PWD/dist/libbpf" CGO_LDFLAGS="-lelf -lz $PWD/dist/libbpf/libbpf.a" go test -tags core,ebpf,integration -p 1 -c -o $GOPATH/tracee-integration ./tests/integration/...
|
||||
CGO_LDFLAGS="$(pkg-config --libs libbpf)" go test -tags core,ebpf,integration -p 1 -c -o $GOPATH/tracee-integration ./tests/integration/...
|
||||
runHook postBuild
|
||||
'';
|
||||
doCheck = false;
|
||||
|
|
|
@ -81,7 +81,7 @@ stdenv.mkDerivation rec {
|
|||
description = "Native Spotify client for the GNOME desktop";
|
||||
homepage = "https://github.com/xou816/spot";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ jtojnar tomfitzhenry ];
|
||||
maintainers = with maintainers; [ tomfitzhenry ];
|
||||
platforms = platforms.linux;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -8,9 +8,10 @@
|
|||
, capstone
|
||||
, jansson
|
||||
, libunistring
|
||||
, wxGTK31
|
||||
, wxGTK32
|
||||
, lua53Packages
|
||||
, perlPackages
|
||||
, gtk3
|
||||
, Carbon
|
||||
, Cocoa
|
||||
, IOKit
|
||||
|
@ -18,21 +19,22 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "rehex";
|
||||
version = "0.5.3";
|
||||
version = "0.5.4";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "solemnwarning";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
hash = "sha256-VBHNrOVIz7UM9tY1V7Ykwt4Cv0fY++8gXc2og4sLDk8=";
|
||||
hash = "sha256-UgwCfy2ssaPuSWeN2SXHBDXv/uLdrDoGr/Q9wXiuCnc=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ pkg-config which zip ]
|
||||
++ lib.optionals stdenv.isDarwin [ libicns ];
|
||||
|
||||
buildInputs = [ capstone jansson libunistring wxGTK31 ]
|
||||
buildInputs = [ capstone jansson libunistring wxGTK32 ]
|
||||
++ (with lua53Packages; [ lua busted ])
|
||||
++ (with perlPackages; [ perl TemplateToolkit ])
|
||||
++ lib.optionals stdenv.isLinux [ gtk3 ]
|
||||
++ lib.optionals stdenv.isDarwin [ Carbon Cocoa IOKit ];
|
||||
|
||||
makeFlags = [ "prefix=${placeholder "out"}" ]
|
||||
|
|
File diff suppressed because it is too large
Load diff
|
@ -459,6 +459,7 @@ https://github.com/ojroques/nvim-bufdel/,,
|
|||
https://github.com/roxma/nvim-cm-racer/,,
|
||||
https://github.com/hrsh7th/nvim-cmp/,,
|
||||
https://github.com/weilbith/nvim-code-action-menu/,,
|
||||
https://github.com/noib3/nvim-cokeline/,HEAD,
|
||||
https://github.com/nvchad/nvim-colorizer.lua/,,
|
||||
https://github.com/terrortylor/nvim-comment/,,
|
||||
https://github.com/hrsh7th/nvim-compe/,,
|
||||
|
@ -496,6 +497,7 @@ https://github.com/yamatsum/nvim-nonicons/,,
|
|||
https://github.com/rcarriga/nvim-notify/,,
|
||||
https://github.com/gennaro-tedesco/nvim-peekup/,,
|
||||
https://github.com/olrtg/nvim-rename-state/,HEAD,
|
||||
https://github.com/petertriho/nvim-scrollbar/,HEAD,
|
||||
https://github.com/dstein64/nvim-scrollview/,,
|
||||
https://github.com/dcampos/nvim-snippy/,HEAD,
|
||||
https://github.com/ishan9299/nvim-solarized-lua/,,
|
||||
|
@ -622,6 +624,7 @@ https://github.com/keith/swift.vim/,,
|
|||
https://github.com/AndrewRadev/switch.vim/,,
|
||||
https://github.com/simrat39/symbols-outline.nvim/,,
|
||||
https://github.com/vim-syntastic/syntastic/,,
|
||||
https://github.com/nanozuki/tabby.nvim/,HEAD,
|
||||
https://github.com/kdheepak/tabline.nvim/,,
|
||||
https://github.com/vim-scripts/tabmerge/,,
|
||||
https://github.com/codota/tabnine-vim/,,
|
||||
|
@ -740,6 +743,7 @@ https://github.com/gioele/vim-autoswap/,,
|
|||
https://github.com/bazelbuild/vim-bazel/,,
|
||||
https://github.com/moll/vim-bbye/,,
|
||||
https://github.com/nathangrigg/vim-beancount/,,
|
||||
https://github.com/sheoak/vim-bepoptimist/,HEAD,
|
||||
https://github.com/ntpeters/vim-better-whitespace/,,
|
||||
https://github.com/MattesGroeger/vim-bookmarks/,,
|
||||
https://github.com/gyim/vim-boxdraw/,,
|
||||
|
|
|
@ -2178,8 +2178,8 @@ let
|
|||
mktplcRef = {
|
||||
name = "metals";
|
||||
publisher = "scalameta";
|
||||
version = "1.12.18";
|
||||
sha256 = "104h3qfdn0y4138g3mdw1209qqh3mj3jsdsbzpnw2plk1cmr3nx5";
|
||||
version = "1.20.0";
|
||||
sha256 = "3EjXzSMBIim13dRP1fBmbV/OtLmBjvcmjDXwYoeGfLA=";
|
||||
};
|
||||
meta = {
|
||||
license = lib.licenses.asl20;
|
||||
|
|
|
@ -71,7 +71,7 @@ stdenv.mkDerivation rec {
|
|||
description = "Strictly validating, near WYSIWYG, XML editor with DocBook support";
|
||||
homepage = "https://www.xmlmind.com/xmleditor/";
|
||||
license = licenses.unfree;
|
||||
maintainers = [ maintainers.jtojnar ];
|
||||
maintainers = [ ];
|
||||
platforms = [ "x86_64-linux" ];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -9,10 +9,10 @@
|
|||
|
||||
let
|
||||
# Keep these separate so the update script can regex them
|
||||
rpcs3GitVersion = "14289-0da81d22d";
|
||||
rpcs3Version = "0.0.24-14289-0da81d22d";
|
||||
rpcs3Revision = "0da81d22d340dca1ac098a9de5274641bdc77869";
|
||||
rpcs3Sha256 = "0qblfsdyngj8bb7g49am0q0mq5llwx3g4x4gi6h0jynk0d9j0ir0";
|
||||
rpcs3GitVersion = "14337-5210df688";
|
||||
rpcs3Version = "0.0.24-14337-5210df688";
|
||||
rpcs3Revision = "5210df688262ec7fd8c21230d30e568d98724c8f";
|
||||
rpcs3Sha256 = "1m0j53xl6g01s27bi2p9j23m724gq7a3hss7kqhc239a5m9akqdg";
|
||||
|
||||
ittapi = fetchFromGitHub {
|
||||
owner = "intel";
|
||||
|
|
|
@ -29,13 +29,13 @@
|
|||
|
||||
buildDotnetModule rec {
|
||||
pname = "ryujinx";
|
||||
version = "1.1.257"; # Based off of the official github actions builds: https://github.com/Ryujinx/Ryujinx/actions/workflows/release.yml
|
||||
version = "1.1.327"; # Based off of the official github actions builds: https://github.com/Ryujinx/Ryujinx/actions/workflows/release.yml
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "Ryujinx";
|
||||
repo = "Ryujinx";
|
||||
rev = "81f1a4dc3161882b0385c9d4752fbba84b9eca96";
|
||||
sha256 = "1p4c8k8pc47hl32bml050fvxyhdjcd002xx60rwvzlgvdgw6b3xq";
|
||||
rev = "9719b6a1129c017d96532ff026e2bb933c0b2d0b";
|
||||
sha256 = "1vm1zwjm02jp64gjcfn923lxc4hqwgw44w9rspjy97q2z6r9vwjh";
|
||||
};
|
||||
|
||||
nugetDeps = ./deps.nix;
|
||||
|
|
2
pkgs/applications/emulators/ryujinx/deps.nix
generated
2
pkgs/applications/emulators/ryujinx/deps.nix
generated
|
@ -159,7 +159,7 @@
|
|||
(fetchNuGet { pname = "SkiaSharp.NativeAssets.WebAssembly"; version = "2.88.1-preview.1"; sha256 = "0mwj2yl4gn40lry03yqkj7sbi1drmm672dv88481sgah4c21lzrq"; })
|
||||
(fetchNuGet { pname = "SkiaSharp.NativeAssets.Win32"; version = "2.88.0"; sha256 = "135ni4rba4wy4wyzy9ip11f3dwb1ipn38z9ps1p9xhw8jc06y5vp"; })
|
||||
(fetchNuGet { pname = "SkiaSharp.NativeAssets.Win32"; version = "2.88.1-preview.1"; sha256 = "1k50abd147pif9z9lkckbbk91ga1vv6k4skjz2n7wpll6fn0fvlv"; })
|
||||
(fetchNuGet { pname = "SPB"; version = "0.0.4-build24"; sha256 = "13wfjx5n540mlxlvys39g2rajrqbycdkyci2pcp3wygkqn4d87hm"; })
|
||||
(fetchNuGet { pname = "SPB"; version = "0.0.4-build27"; sha256 = "16i10lp4w7gi5rzjs9v9vns858n735ixcb83kl2qqq9qwyrnv8mw"; })
|
||||
(fetchNuGet { pname = "Svg.Custom"; version = "0.5.14"; sha256 = "1wjghs2n5hk7zszzk2p2a8m6ga2gc8sfd5mdqi15sbfkmwg2nbw7"; })
|
||||
(fetchNuGet { pname = "Svg.Model"; version = "0.5.14"; sha256 = "1xilk95bmnsl93sbr7pah0jrjrnccf1ikcn8s7rkm0yjkj382hc8"; })
|
||||
(fetchNuGet { pname = "Svg.Skia"; version = "0.5.14"; sha256 = "02wv040wi8ijw9mwg3c84f8bfyfv9n99ji8q1v2bs11b463zsyd1"; })
|
||||
|
|
|
@ -61,7 +61,7 @@ stdenv.mkDerivation rec {
|
|||
homepage = "http://www.openimageio.org";
|
||||
description = "A library and tools for reading and writing images";
|
||||
license = licenses.bsd3;
|
||||
maintainers = with maintainers; [ goibhniu jtojnar ];
|
||||
maintainers = with maintainers; [ goibhniu ];
|
||||
platforms = platforms.unix;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -25,12 +25,13 @@
|
|||
, zlib
|
||||
|
||||
, withKeePassBrowser ? true
|
||||
, withKeePassKeeShare ? true
|
||||
, withKeePassSSHAgent ? true
|
||||
, withKeePassNetworking ? true
|
||||
, withKeePassTouchID ? true
|
||||
, withKeePassYubiKey ? true
|
||||
, withKeePassFDOSecrets ? true
|
||||
, withKeePassKeeShare ? true
|
||||
, withKeePassNetworking ? true
|
||||
, withKeePassSSHAgent ? true
|
||||
, withKeePassTouchID ? true
|
||||
, withKeePassX11 ? true
|
||||
, withKeePassYubiKey ? true
|
||||
|
||||
, nixosTests
|
||||
}:
|
||||
|
@ -39,13 +40,13 @@ with lib;
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "keepassxc";
|
||||
version = "2.7.1";
|
||||
version = "2.7.3";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "keepassxreboot";
|
||||
repo = "keepassxc";
|
||||
rev = version;
|
||||
sha256 = "sha256-BOtehDzlWhhfXj8TOFvFN4f86Hl2EC3rO4qUIl9fqq4=";
|
||||
sha256 = "sha256-mtOnUB6+iBBqgPT5KKhEX4M7UUM3s5fT0OTePE6THXw=";
|
||||
};
|
||||
|
||||
NIX_CFLAGS_COMPILE = optionalString stdenv.cc.isClang [
|
||||
|
@ -65,11 +66,12 @@ stdenv.mkDerivation rec {
|
|||
"-DWITH_GUI_TESTS=ON"
|
||||
"-DWITH_XC_UPDATECHECK=OFF"
|
||||
]
|
||||
++ (optional (!withKeePassX11) "-DWITH_XC_X11=OFF")
|
||||
++ (optional (withKeePassFDOSecrets && stdenv.isLinux) "-DWITH_XC_FDOSECRETS=ON")
|
||||
++ (optional (withKeePassYubiKey && stdenv.isLinux) "-DWITH_XC_YUBIKEY=ON")
|
||||
++ (optional withKeePassBrowser "-DWITH_XC_BROWSER=ON")
|
||||
++ (optional withKeePassKeeShare "-DWITH_XC_KEESHARE=ON")
|
||||
++ (optional withKeePassNetworking "-DWITH_XC_NETWORKING=ON")
|
||||
++ (optional (withKeePassYubiKey && stdenv.isLinux) "-DWITH_XC_YUBIKEY=ON")
|
||||
++ (optional (withKeePassFDOSecrets && stdenv.isLinux) "-DWITH_XC_FDOSECRETS=ON")
|
||||
++ (optional withKeePassSSHAgent "-DWITH_XC_SSHAGENT=ON");
|
||||
|
||||
doCheck = true;
|
||||
|
@ -103,13 +105,13 @@ stdenv.mkDerivation rec {
|
|||
qrencode
|
||||
qtbase
|
||||
qtsvg
|
||||
qtx11extras
|
||||
readline
|
||||
zlib
|
||||
]
|
||||
++ optional stdenv.isLinux libusb1
|
||||
++ optional (stdenv.isDarwin && withKeePassTouchID) darwin.apple_sdk.frameworks.LocalAuthentication
|
||||
++ optional stdenv.isDarwin qtmacextras
|
||||
++ optional (stdenv.isDarwin && withKeePassTouchID) darwin.apple_sdk.frameworks.LocalAuthentication;
|
||||
++ optional stdenv.isLinux libusb1
|
||||
++ optional withKeePassX11 qtx11extras;
|
||||
|
||||
passthru.tests = nixosTests.keepassxc;
|
||||
|
||||
|
|
|
@ -2,16 +2,16 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "limesctl";
|
||||
version = "3.0.2";
|
||||
version = "3.0.3";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "sapcc";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-+KOtGf+WgI2PhfFJnNyx5ycekRmfbqjSqvWOEhG65Oo=";
|
||||
sha256 = "sha256-2eB+VpMrhzs0Dg+X1sf7TVW7uK/URETUuWO82jQl57k=";
|
||||
};
|
||||
|
||||
vendorSha256 = "sha256-LzLUz6diWva2HaxlhEGElbwUvUhCR0Tjsk/G/n5N3+k=";
|
||||
vendorSha256 = "sha256-VKxwdlyQUYmxubl4Y2uKvekuHd62GcGaoPeUBC+lcJU=";
|
||||
|
||||
subPackages = [ "." ];
|
||||
|
||||
|
|
|
@ -2,17 +2,17 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "mangal";
|
||||
version = "3.14.0";
|
||||
version = "3.14.2";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "metafates";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
hash = "sha256-IQSRPjtMaxwJuiKGjOYQ7jp0mAPS/V6fA1/Ek/K5yqk=";
|
||||
hash = "sha256-W3oToI7frUfd3zwtr3UpbwAWzCVxDaZY9zhn8dO/4wA=";
|
||||
};
|
||||
|
||||
proxyVendor = true;
|
||||
vendorSha256 = "sha256-XslNMrFCI+dGaSw7ro1vBMamFukbMA3m0I3hOl9QccM=";
|
||||
vendorSha256 = null;
|
||||
|
||||
ldflags = [ "-s" "-w" ];
|
||||
|
||||
|
|
|
@ -1,10 +1,12 @@
|
|||
{ stdenv, lib
|
||||
{ stdenv
|
||||
, lib
|
||||
, alsa-utils
|
||||
, at-spi2-core
|
||||
, cmake
|
||||
, curl
|
||||
, dbus
|
||||
, fetchFromGitHub
|
||||
, fetchpatch
|
||||
, flac
|
||||
, gtk3
|
||||
, jasper
|
||||
|
@ -26,6 +28,7 @@
|
|||
, libxkbcommon
|
||||
, lsb-release
|
||||
, lz4
|
||||
, makeWrapper
|
||||
, pcre
|
||||
, pkg-config
|
||||
, portaudio
|
||||
|
@ -33,7 +36,7 @@
|
|||
, tinyxml
|
||||
, udev
|
||||
, util-linux
|
||||
, wxGTK31-gtk3
|
||||
, wxGTK32
|
||||
, xorg
|
||||
}:
|
||||
|
||||
|
@ -48,9 +51,32 @@ stdenv.mkDerivation rec {
|
|||
hash = "sha256-sNZYf/2gtjRrrGPuazVnKTgcuIQpKPazhexqlK21T4g=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake lsb-release pkg-config ];
|
||||
patches = [
|
||||
(fetchpatch {
|
||||
url = "https://github.com/OpenCPN/OpenCPN/commit/30fa16850ba97d3df0622273947e3e3975b8e6c0.patch";
|
||||
sha256 = "sha256-Sb4FE9QJA5kMJi52/x1Az6rMTS3WSURPx4QAhcv2j9E=";
|
||||
})
|
||||
];
|
||||
|
||||
postPatch = lib.optionalString stdenv.isDarwin ''
|
||||
substituteInPlace cmake/TargetSetup.cmake \
|
||||
--replace '"sw_vers" "-productVersion"' '"echo" "1"'
|
||||
sed -i '/fixup_bundle/d' CMakeLists.txt
|
||||
'' + lib.optionalString (stdenv.isDarwin && stdenv.isx86_64) ''
|
||||
substituteInPlace CMakeLists.txt \
|
||||
--replace 'DARWIN_VERSION LESS 16' 'TRUE'
|
||||
'';
|
||||
|
||||
nativeBuildInputs = [
|
||||
cmake
|
||||
pkg-config
|
||||
] ++ lib.optionals stdenv.isLinux [
|
||||
lsb-release
|
||||
] ++ lib.optionals stdenv.isDarwin [
|
||||
makeWrapper
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
alsa-utils
|
||||
at-spi2-core
|
||||
curl
|
||||
dbus
|
||||
|
@ -65,8 +91,6 @@ stdenv.mkDerivation rec {
|
|||
libexif
|
||||
libogg
|
||||
libopus
|
||||
libselinux
|
||||
libsepol
|
||||
libsndfile
|
||||
libthai
|
||||
libunarr
|
||||
|
@ -78,23 +102,36 @@ stdenv.mkDerivation rec {
|
|||
portaudio
|
||||
sqlite
|
||||
tinyxml
|
||||
wxGTK32
|
||||
] ++ lib.optionals stdenv.isLinux [
|
||||
alsa-utils
|
||||
libselinux
|
||||
libsepol
|
||||
udev
|
||||
util-linux
|
||||
wxGTK31-gtk3
|
||||
xorg.libXdmcp
|
||||
xorg.libXtst
|
||||
];
|
||||
|
||||
|
||||
cmakeFlags = [ "-DOCPN_BUNDLE_DOCS=true" ];
|
||||
|
||||
NIX_CFLAGS_COMPILE = lib.optionals (!stdenv.hostPlatform.isx86) [
|
||||
"-DSQUISH_USE_SSE=0"
|
||||
];
|
||||
|
||||
postInstall = lib.optionals stdenv.isDarwin ''
|
||||
mkdir -p $out/Applications
|
||||
mv $out/bin/OpenCPN.app $out/Applications
|
||||
makeWrapper $out/Applications/OpenCPN.app/Contents/MacOS/OpenCPN $out/bin/opencpn
|
||||
'';
|
||||
|
||||
doCheck = true;
|
||||
|
||||
meta = with lib; {
|
||||
description = "A concise ChartPlotter/Navigator";
|
||||
maintainers = with maintainers; [ kragniz lovesegfault ];
|
||||
platforms = [ "x86_64-linux" ];
|
||||
license = licenses.gpl2;
|
||||
platforms = platforms.unix;
|
||||
license = licenses.gpl2Plus;
|
||||
homepage = "https://opencpn.org/";
|
||||
};
|
||||
}
|
||||
|
|
|
@ -4,13 +4,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "xmrig";
|
||||
version = "6.18.0";
|
||||
version = "6.18.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "xmrig";
|
||||
repo = "xmrig";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-vYXDQSEhPi/jxCO6pxOJ1q0AoBVVRU9vErtJLq90ltk=";
|
||||
sha256 = "sha256-aTyJhPVqq3jGNVozD39RJ4n0FmAKAtPttW9ecoanEzg=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake ];
|
||||
|
|
|
@ -1,21 +1,21 @@
|
|||
{
|
||||
"stable": {
|
||||
"version": "106.0.5249.119",
|
||||
"sha256": "14niglj8q6mfkmgbbjhaipmyhv6vryx93crswb1xa871a14in28g",
|
||||
"sha256bin64": "1kcf8l6ivqzx6qaiy7vx2l6mhfqn4lq93dkgcx1bdadikwcpq0dd",
|
||||
"version": "107.0.5304.68",
|
||||
"sha256": "0k5qrmby1k2gw3lj96x3qag20kka61my578pv0zyrqqj5sdz3i5a",
|
||||
"sha256bin64": "1x9svz5s8fm2zhnpzjpqckzfp37hjni3nf3pm63rwnvbd06y48ja",
|
||||
"deps": {
|
||||
"gn": {
|
||||
"version": "2022-08-11",
|
||||
"version": "2022-09-14",
|
||||
"url": "https://gn.googlesource.com/gn",
|
||||
"rev": "0bcd37bd2b83f1a9ee17088037ebdfe6eab6d31a",
|
||||
"sha256": "13zks2z65kg7fzzsysq4mswd4bhhy3h7ycdrpxfilcvixx2n2gac"
|
||||
"rev": "fff29c1b3f9703ea449f720fe70fa73575ef24e5",
|
||||
"sha256": "1c0dvpp4im1hf277bs5w7rgqxz3g2bax266i2g6smi3pl7a8jpnp"
|
||||
}
|
||||
},
|
||||
"chromedriver": {
|
||||
"version": "106.0.5249.61",
|
||||
"sha256_linux": "0l2270d5az46pc6icpn3zx7yr8ilkszsrfy3qmwrx3cyc4xnmznj",
|
||||
"sha256_darwin": "07k76i9m3j34h6ybn1wafy39d2ngf06bhp24qzwvv45rks714hqa",
|
||||
"sha256_darwin_aarch64": "1nvid0s44nlzy46cgxzsyyb3jfpyl3xy7aqafwskmbxdczx7bdap"
|
||||
"version": "107.0.5304.62",
|
||||
"sha256_linux": "13s0kl0k8c6q6h548ay2qssv8j4bmm5b4p3h8bgby30nj9014bsh",
|
||||
"sha256_darwin": "0awd59xz4cllkbd9r5hhk6sinf291ii81chi361nw67aj5vmj7is",
|
||||
"sha256_darwin_aarch64": "01fr6518qycwsn6js64k7727jmp3hxmj70jcghmw1cgxam59nh7w"
|
||||
}
|
||||
},
|
||||
"beta": {
|
||||
|
|
File diff suppressed because it is too large
Load diff
|
@ -3,10 +3,10 @@
|
|||
rec {
|
||||
firefox = buildMozillaMach rec {
|
||||
pname = "firefox";
|
||||
version = "106.0.1";
|
||||
version = "106.0.2";
|
||||
src = fetchurl {
|
||||
url = "mirror://mozilla/firefox/releases/${version}/source/firefox-${version}.source.tar.xz";
|
||||
sha512 = "15f5a65a69e11dd0c463b358cafb5ad0f31db93619b9ec3f89e8c5e14d4d319d9423fe4dcd0dbbcbedc1ad444dcbd8e5e30e483220277f5b550bff6124b66519";
|
||||
sha512 = "2aad75c05c3398c19842be46dcde275581344b09f0c65b51a630cef201545996ee00f8020f52a0d7b6416d9ad52cbd5c71b8f1cdf47cd18e4abf1ba21f7cdb93";
|
||||
};
|
||||
|
||||
# This patch could be applied anywhere (just rebuild, no effect)
|
||||
|
|
|
@ -87,7 +87,7 @@ let
|
|||
fteLibPath = makeLibraryPath [ stdenv.cc.cc gmp ];
|
||||
|
||||
# Upstream source
|
||||
version = "11.5.4";
|
||||
version = "11.5.5";
|
||||
|
||||
lang = "en-US";
|
||||
|
||||
|
@ -99,7 +99,7 @@ let
|
|||
"https://tor.eff.org/dist/torbrowser/${version}/tor-browser-linux64-${version}_${lang}.tar.xz"
|
||||
"https://tor.calyxinstitute.org/dist/torbrowser/${version}/tor-browser-linux64-${version}_${lang}.tar.xz"
|
||||
];
|
||||
sha256 = "sha256-23P8Ew0asOptDYVJ0xA+ATOOT92nz/I2F2+CsAejfKo=";
|
||||
sha256 = "sha256-AOt0PFot6Qh9voqvi5bagW0HLk2kP8b6A2c8Jdv5vkQ=";
|
||||
};
|
||||
|
||||
i686-linux = fetchurl {
|
||||
|
@ -109,7 +109,7 @@ let
|
|||
"https://tor.eff.org/dist/torbrowser/${version}/tor-browser-linux32-${version}_${lang}.tar.xz"
|
||||
"https://tor.calyxinstitute.org/dist/torbrowser/${version}/tor-browser-linux32-${version}_${lang}.tar.xz"
|
||||
];
|
||||
sha256 = "sha256-ye4qq+zH1AlDItP8lKfA9YIJ7AMg1Roc4itpr0kWNtY=";
|
||||
sha256 = "sha256-MQrJgdAsNvG+WCx4eeb2UHZp/0LoOIhZZQUKESNIGZY=";
|
||||
};
|
||||
};
|
||||
in
|
||||
|
|
|
@ -2,13 +2,13 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "civo";
|
||||
version = "1.0.40";
|
||||
version = "1.0.41";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "civo";
|
||||
repo = "cli";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-rsO7vGPr80/ChoNtRGuJDnVDzxwBgLD//iMZEfvxvHc=";
|
||||
sha256 = "sha256-dvbxxW+UyTA+EzBV6g9JRao8D6ZE5hhXLX4q/mmPIQg=";
|
||||
};
|
||||
|
||||
vendorSha256 = "sha256-gBVSpjoAfbxlJnlrFrsBupJgVQ59sh1ipOry0Mgppig=";
|
||||
|
|
32
pkgs/applications/networking/cluster/kluctl/default.nix
Normal file
32
pkgs/applications/networking/cluster/kluctl/default.nix
Normal file
|
@ -0,0 +1,32 @@
|
|||
{ lib, stdenv, buildGoModule, fetchFromGitHub, testers, kluctl }:
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "kluctl";
|
||||
version = "2.16.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "kluctl";
|
||||
repo = "kluctl";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-NwjPClD3P9EP7gKPPgKXI3h+kLeGPd7Gf6gZXMCCLHk=";
|
||||
};
|
||||
|
||||
vendorHash = "sha256-IC+sjctDqd0lQD5labl+UYWsRiptQKSjSHYf2SGkp14=";
|
||||
|
||||
ldflags = [ "-s" "-w" "-X main.version=v${version}" ];
|
||||
|
||||
# Depends on docker
|
||||
doCheck = false;
|
||||
|
||||
passthru.tests.version = testers.testVersion {
|
||||
package = kluctl;
|
||||
version = "v${version}";
|
||||
};
|
||||
|
||||
meta = with lib; {
|
||||
description = "The missing glue to put together large Kubernetes deployments";
|
||||
homepage = "https://kluctl.io/";
|
||||
license = licenses.asl20;
|
||||
maintainers = with maintainers; [ sikmir ];
|
||||
};
|
||||
}
|
|
@ -2,13 +2,13 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "kyverno";
|
||||
version = "1.8.0";
|
||||
version = "1.8.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "kyverno";
|
||||
repo = "kyverno";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-VJhn3z/utbcZdJjmVzsjyqPfpKMmDXSKUcoALSmawqs=";
|
||||
sha256 = "sha256-pwT+fzFzJBkQkWmeHlqbTVSmmh7p3h7M4p5Wrrq+vJM=";
|
||||
};
|
||||
|
||||
ldflags = [
|
||||
|
@ -18,7 +18,7 @@ buildGoModule rec {
|
|||
"-X github.com/kyverno/kyverno/pkg/version.BuildTime=1970-01-01_00:00:00"
|
||||
];
|
||||
|
||||
vendorSha256 = "sha256-8Sk36IFk3tL/wqDnKJw/K1MtKBZuVRRFkyMl4b/XwDI=";
|
||||
vendorSha256 = "sha256-QE2OWymT/ke/5+f3Sw5MBadorcn/vXJXvwOaFNqhxWQ=";
|
||||
|
||||
subPackages = [ "cmd/cli/kubectl-kyverno" ];
|
||||
|
||||
|
|
|
@ -138,13 +138,13 @@
|
|||
"version": "1.0.0"
|
||||
},
|
||||
"baiducloud": {
|
||||
"hash": "sha256-9r9Y1iegVgaZk+2bKB0uHy6w0JotDuNUXemOqtJSAeg=",
|
||||
"hash": "sha256-7dNFy3UJ20HbacmaZDxv3IRxsDHGgJdMJFa4/pJIYdw=",
|
||||
"owner": "baidubce",
|
||||
"provider-source-address": "registry.terraform.io/baidubce/baiducloud",
|
||||
"repo": "terraform-provider-baiducloud",
|
||||
"rev": "v1.16.0",
|
||||
"rev": "v1.16.1",
|
||||
"vendorHash": null,
|
||||
"version": "1.16.0"
|
||||
"version": "1.16.1"
|
||||
},
|
||||
"bigip": {
|
||||
"hash": "sha256-uSe+J4AlW8Dt96BVF1ZI/yrgWUbZsl64b/D+k5ysHC0=",
|
||||
|
@ -349,13 +349,13 @@
|
|||
"version": "2.22.0"
|
||||
},
|
||||
"elasticsearch": {
|
||||
"hash": "sha256-7sMF7LBM5tnOtERufh7LaJlfcJ5WHIynpzlTg/05u3I=",
|
||||
"hash": "sha256-+cktPArBOysc4V+uR3KWsVlxtxSIbuVMCmPSU21xF/U=",
|
||||
"owner": "phillbaker",
|
||||
"provider-source-address": "registry.terraform.io/phillbaker/elasticsearch",
|
||||
"repo": "terraform-provider-elasticsearch",
|
||||
"rev": "v2.0.5",
|
||||
"rev": "v2.0.6",
|
||||
"vendorHash": "sha256-oVTanZpCWs05HwyIKW2ajiBPz1HXOFzBAt5Us+EtTRw=",
|
||||
"version": "2.0.5"
|
||||
"version": "2.0.6"
|
||||
},
|
||||
"equinix": {
|
||||
"hash": "sha256-gvI9awkKiWWnw6O/KvskFTHZfvajGfgYu8DGsT34Siw=",
|
||||
|
|
|
@ -10,16 +10,16 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "werf";
|
||||
version = "1.2.180";
|
||||
version = "1.2.184";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "werf";
|
||||
repo = "werf";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-6I1Elq5tA7Vh+FaPYNVfEynTbw35WM/UuruqArGhsz4=";
|
||||
hash = "sha256-u3Mf7a+IGLWYvAt/Db/BwvtGc66SnYz5Qx2BkCCLKPg=";
|
||||
};
|
||||
|
||||
vendorHash = "sha256-rdrIJ1knarb7tEXl4BxYckHdX5oS2yvfcuRAI16ThU4=";
|
||||
vendorHash = "sha256-T9xGLQcnO9xyRVNX3xCwsOOXWvBbhhw9dH8gW7aBUjE=";
|
||||
|
||||
proxyVendor = true;
|
||||
|
||||
|
@ -36,16 +36,18 @@ buildGoModule rec {
|
|||
"-s"
|
||||
"-w"
|
||||
"-X github.com/werf/werf/pkg/werf.Version=${src.rev}"
|
||||
] ++ lib.optionals stdenv.isLinux [
|
||||
"-extldflags '-static'"
|
||||
] ++ lib.optionals (CGO_ENABLED == 1) [
|
||||
"-extldflags=-static"
|
||||
"-linkmode external"
|
||||
];
|
||||
|
||||
tags = [
|
||||
"containers_image_openpgp"
|
||||
"dfrunmount"
|
||||
"dfrunnetwork"
|
||||
"dfrunsecurity"
|
||||
"dfssh"
|
||||
] ++ lib.optionals stdenv.isLinux [
|
||||
] ++ lib.optionals (CGO_ENABLED == 1) [
|
||||
"exclude_graphdriver_devicemapper"
|
||||
"netgo"
|
||||
"no_devmapper"
|
||||
|
|
|
@ -5,14 +5,14 @@
|
|||
|
||||
python3Packages.buildPythonApplication rec {
|
||||
pname = "flexget";
|
||||
version = "3.3.39";
|
||||
version = "3.4.1";
|
||||
|
||||
# Fetch from GitHub in order to use `requirements.in`
|
||||
src = fetchFromGitHub {
|
||||
owner = "flexget";
|
||||
repo = "flexget";
|
||||
rev = "refs/tags/v${version}";
|
||||
hash = "sha256-UJOV/KRJgy4r7iKWdlA8k51OLzMcfMHgFSvII/D5erA=";
|
||||
hash = "sha256-OfRbkMIqusfiHyBPnPnbOPwYo7lF5bg46MEM8V5nGq4=";
|
||||
};
|
||||
|
||||
postPatch = ''
|
||||
|
|
|
@ -13,13 +13,13 @@
|
|||
|
||||
gcc12Stdenv.mkDerivation rec {
|
||||
pname = "freefilesync";
|
||||
version = "11.26";
|
||||
version = "11.27";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "hkneptune";
|
||||
repo = "FreeFileSync";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-MKs9PfxKVxfDYYB8Dqop9dUd757ajjgvIdMtKJX5dNw=";
|
||||
sha256 = "sha256-ZIWqCR5/8qaK9Qcb0Uzi/wu3Do8nZ5DGAw8sfwUhCZg=";
|
||||
};
|
||||
|
||||
# Patches from ROSA Linux
|
||||
|
|
|
@ -71,10 +71,14 @@ rec {
|
|||
sha256 = "sha256-ENRfQh/HCXqInTV0tu8tGQO7+vTbST6XXpptERXMACE=";
|
||||
};
|
||||
|
||||
patches = old.patches ++ (map (x: patch-src + x) (readLinesToList ./config/pjsip_patches));
|
||||
patches = (map (x: patch-src + x) (readLinesToList ./config/pjsip_patches));
|
||||
|
||||
configureFlags = (readLinesToList ./config/pjsip_args_common)
|
||||
++ lib.optionals stdenv.isLinux (readLinesToList ./config/pjsip_args_linux);
|
||||
|
||||
meta = {
|
||||
knownVulnerabilities = [ "CVE-2022-39269" "CVE-2022-39244" ];
|
||||
} // old.meta;
|
||||
});
|
||||
|
||||
opendht-jami = opendht.override {
|
||||
|
|
|
@ -30,7 +30,7 @@ stdenv.mkDerivation rec {
|
|||
description = "Logger service for Telepathy framework";
|
||||
homepage = "https://telepathy.freedesktop.org/components/telepathy-logger/";
|
||||
license = licenses.lgpl21;
|
||||
maintainers = with maintainers; [ jtojnar ];
|
||||
maintainers = with maintainers; [ ];
|
||||
platforms = platforms.gnu ++ platforms.linux; # Arbitrary choice
|
||||
};
|
||||
}
|
||||
|
|
|
@ -47,7 +47,7 @@ stdenv.mkDerivation rec {
|
|||
description = "An account manager and channel dispatcher for the Telepathy framework";
|
||||
homepage = "https://telepathy.freedesktop.org/components/telepathy-mission-control/";
|
||||
license = licenses.lgpl21Only;
|
||||
maintainers = with maintainers; [ jtojnar ];
|
||||
maintainers = with maintainers; [ ];
|
||||
platforms = platforms.unix;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,27 +1,40 @@
|
|||
{ lib, fetchFromGitHub, buildGoModule, go-bindata }:
|
||||
{ lib
|
||||
, fetchFromGitHub
|
||||
, nixosTests
|
||||
, buildGoModule
|
||||
}:
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "magnetico";
|
||||
version = "0.12.0";
|
||||
version = "unstable-2022-08-10";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "boramalper";
|
||||
owner = "ireun";
|
||||
repo = "magnetico";
|
||||
rev = "v${version}";
|
||||
sha256 = "1avqnfn4llmc9xmpsjfc9ivki0cfvd8sljfzd9yac94xcj581s83";
|
||||
rev = "828e230d3b3c0759d3274e27f5a7b70400f4d6ea";
|
||||
sha256 = "sha256-V1pBzillWTk9iuHAhFztxYaq4uLL3U3HYvedGk6ffbk=";
|
||||
};
|
||||
|
||||
vendorSha256 = "087kikj6sjhjxqymnj7bpxawfmwckihi6mbmi39w0bn2040aflx5";
|
||||
vendorSha256 = "sha256-ngYkTtBEZSyYYnfBHi0VrotwKGvMOiowbrwigJnjsuU=";
|
||||
|
||||
nativeBuildInputs = [ go-bindata ];
|
||||
buildPhase = ''
|
||||
runHook preBuild
|
||||
|
||||
make magneticow magneticod
|
||||
|
||||
runHook postBuild
|
||||
'';
|
||||
|
||||
checkPhase = ''
|
||||
runHook preBuild
|
||||
|
||||
make test
|
||||
|
||||
runHook postBuild
|
||||
'';
|
||||
|
||||
passthru.tests = { inherit (nixosTests) magnetico; };
|
||||
|
||||
meta = with lib; {
|
||||
description = "Autonomous (self-hosted) BitTorrent DHT search engine suite";
|
||||
homepage = "https://github.com/boramalper/magnetico";
|
||||
|
|
|
@ -13,6 +13,16 @@ stdenv.mkDerivation rec {
|
|||
|
||||
patches = [
|
||||
./fix-aarch64.patch
|
||||
(fetchpatch {
|
||||
name = "CVE-2022-39269.patch";
|
||||
url = "https://github.com/pjsip/pjproject/commit/d2acb9af4e27b5ba75d658690406cec9c274c5cc.patch";
|
||||
sha256 = "sha256-bKE/MrRAqN1FqD2ubhxIOOf5MgvZluHHeVXPjbR12iQ=";
|
||||
})
|
||||
(fetchpatch {
|
||||
name = "CVE-2022-39244.patch";
|
||||
url = "https://github.com/pjsip/pjproject/commit/c4d34984ec92b3d5252a7d5cddd85a1d3a8001ae.patch";
|
||||
sha256 = "sha256-hTUMh6bYAizn6GF+sRV1vjKVxSf9pnI+eQdPOqsdJI4=";
|
||||
})
|
||||
];
|
||||
|
||||
buildInputs = [ openssl libsamplerate ]
|
||||
|
|
|
@ -271,11 +271,11 @@ stdenv.mkDerivation rec {
|
|||
# order to build, see https://github.com/qradiolink/qradiolink/issues/67
|
||||
++ lib.optionals (hasFeature "gr-vocoder") [
|
||||
"-DLIBCODEC2_FOUND=TRUE"
|
||||
"-DLIBCODEC2_LIBRARIES=${codec2}/lib/libcodec2.so"
|
||||
"-DLIBCODEC2_LIBRARIES=${codec2}/lib/libcodec2${stdenv.hostPlatform.extensions.sharedLibrary}"
|
||||
"-DLIBCODEC2_INCLUDE_DIRS=${codec2}/include"
|
||||
"-DLIBCODEC2_HAS_FREEDV_API=ON"
|
||||
"-DLIBGSM_FOUND=TRUE"
|
||||
"-DLIBGSM_LIBRARIES=${gsm}/lib/libgsm.so"
|
||||
"-DLIBGSM_LIBRARIES=${gsm}/lib/libgsm${stdenv.hostPlatform.extensions.sharedLibrary}"
|
||||
"-DLIBGSM_INCLUDE_DIRS=${gsm}/include/gsm"
|
||||
]
|
||||
++ lib.optionals (hasFeature "volk" && volk != null) [
|
||||
|
|
|
@ -296,7 +296,7 @@ stdenv.mkDerivation rec {
|
|||
# This is the only python reference worth removing, if needed.
|
||||
+ lib.optionalString (!hasFeature "python-support") ''
|
||||
${removeReferencesTo}/bin/remove-references-to -t ${python} $out/lib/cmake/gnuradio/GnuradioConfig.cmake
|
||||
${removeReferencesTo}/bin/remove-references-to -t ${python} $(readlink -f $out/lib/libgnuradio-runtime.so)
|
||||
${removeReferencesTo}/bin/remove-references-to -t ${python} $(readlink -f $out/lib/libgnuradio-runtime${stdenv.hostPlatform.extensions.sharedLibrary})
|
||||
${removeReferencesTo}/bin/remove-references-to -t ${python.pkgs.pybind11} $out/lib/cmake/gnuradio/gnuradio-runtimeTargets.cmake
|
||||
''
|
||||
;
|
||||
|
|
|
@ -317,7 +317,7 @@ stdenv.mkDerivation rec {
|
|||
# This is the only python reference worth removing, if needed.
|
||||
+ lib.optionalString (!hasFeature "python-support") ''
|
||||
${removeReferencesTo}/bin/remove-references-to -t ${python} $out/lib/cmake/gnuradio/GnuradioConfig.cmake
|
||||
${removeReferencesTo}/bin/remove-references-to -t ${python} $(readlink -f $out/lib/libgnuradio-runtime.so)
|
||||
${removeReferencesTo}/bin/remove-references-to -t ${python} $(readlink -f $out/lib/libgnuradio-runtime${stdenv.hostPlatform.extensions.sharedLibrary})
|
||||
${removeReferencesTo}/bin/remove-references-to -t ${python.pkgs.pybind11} $out/lib/cmake/gnuradio/gnuradio-runtimeTargets.cmake
|
||||
''
|
||||
;
|
||||
|
|
|
@ -84,7 +84,11 @@ rec {
|
|||
postInstall = ""
|
||||
# Gcc references
|
||||
+ lib.optionalString (hasFeature "gnuradio-runtime") ''
|
||||
${removeReferencesTo}/bin/remove-references-to -t ${stdenv.cc} $(readlink -f $out/lib/libgnuradio-runtime.so)
|
||||
${removeReferencesTo}/bin/remove-references-to -t ${stdenv.cc} $(readlink -f $out/lib/libgnuradio-runtime${stdenv.hostPlatform.extensions.sharedLibrary})
|
||||
''
|
||||
# Clang references in InstalledDir
|
||||
+ lib.optionalString (hasFeature "gnuradio-runtime" && stdenv.isDarwin) ''
|
||||
${removeReferencesTo}/bin/remove-references-to -t ${stdenv.cc.cc} $(readlink -f $out/lib/libgnuradio-runtime${stdenv.hostPlatform.extensions.sharedLibrary})
|
||||
''
|
||||
;
|
||||
# NOTE: Outputs are disabled due to upstream not using GNU InstallDIrs cmake
|
||||
|
@ -112,7 +116,6 @@ rec {
|
|||
doCheck = false;
|
||||
|
||||
meta = with lib; {
|
||||
broken = stdenv.isDarwin;
|
||||
description = "Software Defined Radio (SDR) software";
|
||||
longDescription = ''
|
||||
GNU Radio is a free & open-source software development toolkit that
|
||||
|
@ -126,6 +129,6 @@ rec {
|
|||
homepage = "https://www.gnuradio.org";
|
||||
license = licenses.gpl3;
|
||||
platforms = platforms.unix;
|
||||
maintainers = with maintainers; [ doronbehar bjornfor fpletz ];
|
||||
maintainers = with maintainers; [ doronbehar bjornfor fpletz jiegec ];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -98,19 +98,21 @@ let
|
|||
"${
|
||||
lib.makeSearchPath
|
||||
unwrapped.qt.qtbase.qtPluginPrefix
|
||||
(builtins.map lib.getBin [
|
||||
(builtins.map lib.getBin ([
|
||||
unwrapped.qt.qtbase
|
||||
] ++ lib.optionals stdenv.isLinux [
|
||||
unwrapped.qt.qtwayland
|
||||
])
|
||||
]))
|
||||
}"
|
||||
"--prefix" "QML2_IMPORT_PATH" ":"
|
||||
"${
|
||||
lib.makeSearchPath
|
||||
unwrapped.qt.qtbase.qtQmlPrefix
|
||||
(builtins.map lib.getBin [
|
||||
(builtins.map lib.getBin ([
|
||||
unwrapped.qt.qtbase
|
||||
] ++ lib.optionals stdenv.isLinux [
|
||||
unwrapped.qt.qtwayland
|
||||
])
|
||||
]))
|
||||
}"
|
||||
]
|
||||
else
|
||||
|
|
|
@ -4,13 +4,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "git-repo";
|
||||
version = "2.29.3";
|
||||
version = "2.29.4";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "android";
|
||||
repo = "tools_repo";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-hZoiljARTEhsuaM7QEFl+XqLq4RksLfxDpht5V1aC2M=";
|
||||
sha256 = "sha256-oUPY10B6JHixdfgi5BHzrg9nZ1DlFUhQyuXJj2fCSM4=";
|
||||
};
|
||||
|
||||
# Fix 'NameError: name 'ssl' is not defined'
|
||||
|
|
|
@ -4,11 +4,11 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "got";
|
||||
version = "0.76";
|
||||
version = "0.77";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://gameoftrees.org/releases/portable/got-portable-${version}.tar.gz";
|
||||
sha256 = "sha256-05VUIHUqXnES4CmgopzQ2LQ0uldSffsGF5ExedEO+yA=";
|
||||
sha256 = "sha256-/O9u7Ei6f0rGr7LRWcG9FUQd7Z+qpq2/6H01jNR1C7o=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ pkg-config bison ];
|
||||
|
|
|
@ -16,6 +16,7 @@
|
|||
, xkeyboard_config
|
||||
, glib
|
||||
, libarchive
|
||||
, libxcrypt
|
||||
, python2
|
||||
}:
|
||||
|
||||
|
@ -154,6 +155,7 @@ buildFHSUserEnv {
|
|||
ocl-icd
|
||||
glib
|
||||
libarchive
|
||||
libxcrypt # provides libcrypt.so.1
|
||||
xdg-utils # xdg-open needed to open URLs
|
||||
python2
|
||||
# currently they want python 3.6 which is EOL
|
||||
|
|
|
@ -238,19 +238,19 @@ rec {
|
|||
# Get revisions from
|
||||
# https://github.com/moby/moby/tree/${version}/hack/dockerfile/install/*
|
||||
docker_20_10 = callPackage dockerGen rec {
|
||||
version = "20.10.20";
|
||||
version = "20.10.21";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-hzD4p0cunU21n0eXuMPRz37T+KSvQ583cs64f51CxLM=";
|
||||
sha256 = "sha256-hPQ1t7L2fqoFWoinqIrDwFQ1bo9TzMb4l3HmAotIUS8=";
|
||||
moby-src = fetchFromGitHub {
|
||||
owner = "moby";
|
||||
repo = "moby";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-BfFnG0cR0FyQvX683RPsY0gC5w2wvgvmDZgKnDJsnG4=";
|
||||
sha256 = "sha256-BcYDh/UEmmURt7hWLWdPTKVu/Nzoeq/shE+HnUoh8b4=";
|
||||
};
|
||||
runcRev = "v1.1.4";
|
||||
runcSha256 = "sha256-ougJHW1Z+qZ324P8WpZqawY1QofKnn8WezP7orzRTdA=";
|
||||
containerdRev = "v1.6.8";
|
||||
containerdSha256 = "sha256-0UiPhkTWV61DnAF5kWd1FctX8i0sXaJ1p/xCMznY/A8=";
|
||||
containerdRev = "v1.6.9";
|
||||
containerdSha256 = "sha256-KvQdYQLzgt/MKPsA/mO5un6nE3/xcvVYwIveNn/uDnU=";
|
||||
tiniRev = "v0.19.0";
|
||||
tiniSha256 = "sha256-ZDKu/8yE5G0RYFJdhgmCdN3obJNyRWv6K/Gd17zc1sI=";
|
||||
};
|
||||
|
|
|
@ -128,7 +128,7 @@ stdenv.mkDerivation rec {
|
|||
description = "A pure Wayland shell prototype for GNOME on mobile devices";
|
||||
homepage = "https://gitlab.gnome.org/World/Phosh/phosh";
|
||||
license = licenses.gpl3Plus;
|
||||
maintainers = with maintainers; [ jtojnar masipcat zhaofengli ];
|
||||
maintainers = with maintainers; [ masipcat zhaofengli ];
|
||||
platforms = platforms.linux;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -28,7 +28,7 @@ let
|
|||
# which is a free license, legally equivalent to the LaTeX Project Public
|
||||
# License (LPPL), version 1.3c or later." - GUST website
|
||||
license = licenses.lppl13c;
|
||||
maintainers = with maintainers; [ jtojnar ];
|
||||
maintainers = with maintainers; [ ];
|
||||
platforms = platforms.all;
|
||||
};
|
||||
};
|
||||
|
|
81
pkgs/data/icons/catppuccin-cursors/default.nix
Normal file
81
pkgs/data/icons/catppuccin-cursors/default.nix
Normal file
|
@ -0,0 +1,81 @@
|
|||
{ lib
|
||||
, stdenvNoCC
|
||||
, fetchFromGitHub
|
||||
, inkscape
|
||||
, xcursorgen
|
||||
, makeFontsConf
|
||||
}:
|
||||
|
||||
let
|
||||
dimensions = {
|
||||
palette = [ "Frappe" "Latte" "Macchiato" "Mocha" ];
|
||||
color = [ "Blue" "Dark" "Flamingo" "Green" "Lavender" "Light" "Maroon" "Mauve" "Peach" "Pink" "Red" "Rosewater" "Sapphire" "Sky" "Teal" "Yellow" ];
|
||||
};
|
||||
product = lib.attrsets.cartesianProductOfSets dimensions;
|
||||
variantName = { palette, color }: (lib.strings.toLower palette) + color;
|
||||
variants = map variantName product;
|
||||
in
|
||||
stdenvNoCC.mkDerivation {
|
||||
pname = "catppuccin-cursors";
|
||||
version = "unstable-2022-08-23";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "catppuccin";
|
||||
repo = "cursors";
|
||||
rev = "3d3023606939471c45cff7b643bffc5d5d4ff29c";
|
||||
sha256 = "1z9cjxxsj3vrmhsw1k05b31zmncz1ksaswc4r1k3vd2mmpigq1nk";
|
||||
};
|
||||
|
||||
outputs = variants ++ [ "out" ]; # dummy "out" output to prevent breakage
|
||||
|
||||
outputsToInstall = [];
|
||||
|
||||
nativeBuildInputs = [
|
||||
inkscape
|
||||
xcursorgen
|
||||
];
|
||||
|
||||
postPatch = ''
|
||||
patchShebangs ./build.sh
|
||||
'';
|
||||
|
||||
# Make fontconfig stop warning about being unable to load config
|
||||
FONTCONFIG_FILE = makeFontsConf { fontDirectories = [ ]; };
|
||||
|
||||
# Make inkscape stop warning about being unable to create profile directory
|
||||
preBuild = ''
|
||||
export HOME="$NIX_BUILD_ROOT"
|
||||
'';
|
||||
|
||||
installPhase = ''
|
||||
runHook preInstall
|
||||
|
||||
for output in $outputs; do
|
||||
if [ "$output" != "out" ]; then
|
||||
local outputDir="''${!output}"
|
||||
local iconsDir="$outputDir"/share/icons
|
||||
|
||||
mkdir -p "$iconsDir"
|
||||
|
||||
# Convert to kebab case with the first letter of each word capitalized
|
||||
local variant=$(sed 's/\([A-Z]\)/-\1/g' <<< "$output")
|
||||
local variant=''${variant^}
|
||||
|
||||
cp -r dist/Catppuccin-"$variant"-Cursors "$iconsDir"
|
||||
fi
|
||||
done
|
||||
|
||||
# Needed to prevent breakage
|
||||
mkdir -p "$out"
|
||||
|
||||
runHook postInstall
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
description = "Catppuccin cursor theme based on Volantes";
|
||||
homepage = "https://github.com/catppuccin/cursors";
|
||||
license = licenses.gpl2;
|
||||
platforms = platforms.linux;
|
||||
maintainers = with maintainers; [ PlayerNameHere ];
|
||||
};
|
||||
}
|
File diff suppressed because one or more lines are too long
|
@ -45,7 +45,7 @@ stdenv.mkDerivation rec {
|
|||
meta = with lib; {
|
||||
description = "GNOME Shell extension adding audio device chooser to panel";
|
||||
license = licenses.gpl3Plus;
|
||||
maintainers = with maintainers; [ jtojnar ];
|
||||
maintainers = with maintainers; [ ];
|
||||
homepage = "https://github.com/kgshank/gse-sound-output-device-chooser";
|
||||
};
|
||||
}
|
||||
|
|
|
@ -28,7 +28,7 @@ stdenv.mkDerivation rec {
|
|||
meta = with lib; {
|
||||
description = "GNOME Shell extension showing a video preview on the corner of the screen";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ jtojnar ];
|
||||
maintainers = with maintainers; [ ];
|
||||
homepage = "https://github.com/medenagan/window-corner-preview";
|
||||
broken = lib.versionAtLeast gnome.gnome-shell.version "3.32"; # Doesn't support 3.34
|
||||
};
|
||||
|
|
|
@ -15,13 +15,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "switchboard-plug-display";
|
||||
version = "2.3.2";
|
||||
version = "2.3.3";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "elementary";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
sha256 = "sha256-3sYZCazGnTjIi3Iry5673TMI13sD0GuY+46AK+NJH70=";
|
||||
sha256 = "sha256-d25++3msaS9dg2Rsl7mrAezDn8Lawd3/X0XPH5Zy6Rc=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
|
|
@ -21,13 +21,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "switchboard-plug-security-privacy";
|
||||
version = "2.4.0";
|
||||
version = "2.4.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "elementary";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
sha256 = "sha256-jT8aYE36ZAeB9ng3RojVqxzmLtzpbsNRHPuDQ03XKcI=";
|
||||
sha256 = "sha256-k8IQumV8rjV3U4ACm5FxCqzSdwqKBaGAqsv45hsP/7c=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
|
|
@ -41,6 +41,8 @@ stdenv.mkDerivation {
|
|||
|
||||
nativeBuildInputs = [
|
||||
makeWrapper
|
||||
] ++ lib.optionals (stdenv.isDarwin && stdenv.isAarch64) [
|
||||
darwin.autoSignDarwinBinariesHook
|
||||
];
|
||||
|
||||
buildInputs = lib.optionals (bootstrap-chicken != null) [
|
||||
|
|
|
@ -34,6 +34,8 @@ stdenv.mkDerivation rec {
|
|||
|
||||
nativeBuildInputs = [
|
||||
makeWrapper
|
||||
] ++ lib.optionals (stdenv.isDarwin && stdenv.isAarch64) [
|
||||
darwin.autoSignDarwinBinariesHook
|
||||
];
|
||||
|
||||
buildInputs = lib.optionals (bootstrap-chicken != null) [
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
{ lib
|
||||
, mkDerivation
|
||||
, fetchFromGitHub
|
||||
, fetchpatch
|
||||
, gnuradio
|
||||
, cmake
|
||||
, pkg-config
|
||||
|
@ -54,6 +55,16 @@ mkDerivation {
|
|||
inherit src;
|
||||
disabledForGRafter = "3.10";
|
||||
|
||||
patches = [
|
||||
# Use cross platform struct ip instead of iphdr
|
||||
# https://github.com/ghostop14/gr-grnet/pull/19
|
||||
(fetchpatch {
|
||||
name = "fix-compilation-on-darwin.patch";
|
||||
url = "https://github.com/ghostop14/gr-grnet/commit/52c07daa9ba595b76ffa5dd90c0c96694d95d140.patch";
|
||||
sha256 = "sha256-1gJaYLIn09blOhALMfBPROt5YBXaosG41Vsd3+5h518=";
|
||||
})
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
boost
|
||||
log4cpp
|
||||
|
|
|
@ -1,4 +1,6 @@
|
|||
{ lib
|
||||
, stdenv
|
||||
, darwin
|
||||
, mkDerivation
|
||||
, fetchgit
|
||||
, gnuradio
|
||||
|
@ -58,6 +60,9 @@ in mkDerivation {
|
|||
] ++ lib.optionals (gnuradio.hasFeature "gr-ctrlport") [
|
||||
thrift
|
||||
python.pkgs.thrift
|
||||
] ++ lib.optionals stdenv.isDarwin [
|
||||
darwin.apple_sdk.frameworks.IOKit
|
||||
darwin.apple_sdk.frameworks.Security
|
||||
];
|
||||
cmakeFlags = [
|
||||
(if (gnuradio.hasFeature "python-support") then
|
||||
|
|
44
pkgs/development/guile-modules/guile-sqlite3/default.nix
Normal file
44
pkgs/development/guile-modules/guile-sqlite3/default.nix
Normal file
|
@ -0,0 +1,44 @@
|
|||
{ lib
|
||||
, stdenv
|
||||
, fetchFromGitea
|
||||
, guile
|
||||
, autoreconfHook
|
||||
, pkg-config
|
||||
, texinfo
|
||||
, sqlite
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "guile-sqlite3";
|
||||
version = "0.1.3";
|
||||
|
||||
src = fetchFromGitea {
|
||||
domain = "notabug.org";
|
||||
owner = pname;
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-C1a6lMK4O49043coh8EQkTWALrPolitig3eYf+l+HmM=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
autoreconfHook
|
||||
pkg-config
|
||||
texinfo
|
||||
];
|
||||
buildInputs = [
|
||||
guile
|
||||
sqlite
|
||||
];
|
||||
|
||||
doCheck = true;
|
||||
makeFlags = [ "GUILE_AUTO_COMPILE=0" ];
|
||||
enableParallelBuilding = true;
|
||||
|
||||
meta = with lib; {
|
||||
description = "Guile bindings for the SQLite3 database engine";
|
||||
homepage = "https://notabug.org/guile-sqlite3/guile-sqlite3";
|
||||
license = licenses.gpl3Plus;
|
||||
maintainers = with maintainers; [ miangraham ];
|
||||
platforms = guile.meta.platforms;
|
||||
};
|
||||
}
|
|
@ -11,13 +11,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "guile-ssh";
|
||||
version = "0.15.1";
|
||||
version = "0.16.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "artyom-poptsov";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-+BhyaBieqMwTgsSLci3HJdCrNQmfPN/jK2Od5DQs9n8=";
|
||||
sha256 = "sha256-3h4U/h6cVgHTJOyliw1gTYtgzQcatRLX6NrP87JXRc0=";
|
||||
};
|
||||
|
||||
configureFlags = [ "--with-guilesitedir=\${out}/share/guile/site" ];
|
||||
|
|
|
@ -2,12 +2,12 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "clojure";
|
||||
version = "1.11.1.1177";
|
||||
version = "1.11.1.1182";
|
||||
|
||||
src = fetchurl {
|
||||
# https://clojure.org/releases/tools
|
||||
url = "https://download.clojure.org/install/clojure-tools-${version}.tar.gz";
|
||||
sha256 = "sha256-Axutyw+f7TPObxcw8llbu3r0zxYIKxFnBuUp+trR9eI=";
|
||||
sha256 = "sha256-u6qTQwtoN47UedSsxsyV0ej3C6Ta5ncbP3lZzTmvPr8=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
|
43
pkgs/development/interpreters/luau/default.nix
Normal file
43
pkgs/development/interpreters/luau/default.nix
Normal file
|
@ -0,0 +1,43 @@
|
|||
{ lib, stdenv, fetchFromGitHub, cmake }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "luau";
|
||||
version = "0.550";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "Roblox";
|
||||
repo = "luau";
|
||||
rev = version;
|
||||
sha256 = "sha256-bCZ1V3ygN6+6IHWxT8VPi7vWVk711fki9aIPUUsjiQA=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake ];
|
||||
|
||||
installPhase = ''
|
||||
runHook preInstall
|
||||
|
||||
install -Dm755 -t $out/bin luau
|
||||
install -Dm755 -t $out/bin luau-analyze
|
||||
|
||||
runHook postInstall
|
||||
'';
|
||||
|
||||
doCheck = true;
|
||||
|
||||
checkPhase = ''
|
||||
runHook preCheck
|
||||
|
||||
./Luau.UnitTest
|
||||
./Luau.Conformance
|
||||
|
||||
runHook postCheck
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
homepage = "https://luau-lang.org/";
|
||||
description = "A fast, small, safe, gradually typed embeddable scripting language derived from Lua";
|
||||
license = licenses.mit;
|
||||
platforms = platforms.all;
|
||||
maintainers = [ maintainers.marsam ];
|
||||
};
|
||||
}
|
|
@ -14,13 +14,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "aws-c-auth";
|
||||
version = "0.6.16";
|
||||
version = "0.6.18";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "awslabs";
|
||||
repo = "aws-c-auth";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-JUCnrnJnXDCsdw9UcmujoxZ+cE9PDmqQNHYyvjSVBpw=";
|
||||
sha256 = "sha256-id4PrPK40yG7DDVh5QWwq2PP7QAso47vgWT8TxIVYXY=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
|
|
@ -2,13 +2,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "aws-c-cal";
|
||||
version = "0.5.19";
|
||||
version = "0.5.20";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "awslabs";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-VEjefo+y8bizCxvJmzx+dZ1BE9eT1cR3Tkfn1eVQI/0=";
|
||||
sha256 = "sha256-YBZrOyianmD0E5WcklLkud1WGF/t08XIbfu5qbEo+g4=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake ];
|
||||
|
|
|
@ -7,13 +7,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "aws-c-common";
|
||||
version = "0.7.4";
|
||||
version = "0.8.4";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "awslabs";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-9k+/yvvQmq/aX4c3vmfZNtKD1PuYo27IUoNUQw0Adgc=";
|
||||
sha256 = "sha256-8RKx3OPb53hCquFcT+AbtX+LDNEvzLHuqtkbvXewqRs=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake ];
|
||||
|
|
|
@ -2,13 +2,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "aws-c-event-stream";
|
||||
version = "0.2.14";
|
||||
version = "0.2.15";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "awslabs";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-QUrDIeQjsmf8TKu4UoSZi0eNw7Yg/2HIvXo7Y0FLY6w=";
|
||||
sha256 = "sha256-X0ExfVop/YjFmR8TrIejg76MOTMngdUruT7uy0BibrU=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake ];
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue