Merge master into staging-next

maintainers/maintainer-list.nix

@@ -10306,6 +10306,16 @@
     githubId = 16487165;
     name = "Rafael Basso";
   };
+  rbreslow = {
+    name = "Rocky Breslow";
+    email = "1774125+rbreslow@users.noreply.github.com";
+    github = "rbreslow";
+    githubId = 1774125;
+    keys = [{
+      longkeyid = "ed25519/0xA0D32ACCA38B88ED";
+      fingerprint = "B5B7 BCA0 EE6F F31E 263A  69E3 A0D3 2ACC A38B 88ED";
+    }];
+  };
   rbrewer = {
     email = "rwb123@gmail.com";
     github = "rbrewer123";

nixos/doc/manual/from_md/release-notes/rl-2205.section.xml

@@ -1422,6 +1422,15 @@
           using this default will print a warning when rebuilt.
         </para>
       </listitem>
+      <listitem>
+        <para>
+          The <literal>services.unifi-video.openPorts</literal> option
+          default value of <literal>true</literal> is now deprecated and
+          will be changed to <literal>false</literal> in 22.11.
+          Configurations using this default will print a warning when
+          rebuilt.
+        </para>
+      </listitem>
       <listitem>
         <para>
           <literal>security.acme</literal> certificates will now

nixos/doc/manual/release-notes/rl-2205.section.md

@@ -510,6 +510,9 @@ In addition to numerous new and upgraded packages, this release has the followin
 - The `services.unifi.openPorts` option default value of `true` is now deprecated and will be changed to `false` in 22.11.
   Configurations using this default will print a warning when rebuilt.
 
+- The `services.unifi-video.openPorts` option default value of `true` is now deprecated and will be changed to `false` in 22.11.
+  Configurations using this default will print a warning when rebuilt.
+
 - `security.acme` certificates will now correctly check for CA
   revokation before reaching their minimum age.
 

nixos/modules/services/video/unifi-video.nix

@@ -16,7 +16,7 @@ let
     -pidfile ${cfg.pidFile} \
     -procname unifi-video \
     -Djava.security.egd=file:/dev/./urandom \
-    -Xmx${cfg.maximumJavaHeapSize}M \
+    -Xmx${toString cfg.maximumJavaHeapSize}M \
     -Xss512K \
     -XX:+UseG1GC \
     -XX:+UseStringDeduplication \
@@ -91,98 +91,102 @@ let
   stateDir = "/var/lib/unifi-video";
 
 in
-  {
+{
 
-    options.services.unifi-video = {
-      enable = mkOption {
-        type = types.bool;
-        default = false;
-        description = ''
-          Whether or not to enable the unifi-video service.
-        '';
-      };
+  options.services.unifi-video = {
 
-      jrePackage = mkOption {
-        type = types.package;
-        default = pkgs.jre8;
-        defaultText = literalExpression "pkgs.jre8";
-        description = ''
-          The JRE package to use. Check the release notes to ensure it is supported.
-        '';
-      };
+    enable = mkOption {
+      type = types.bool;
+      default = false;
+      description = ''
+        Whether or not to enable the unifi-video service.
+      '';
+    };
 
-      unifiVideoPackage = mkOption {
-        type = types.package;
-        default = pkgs.unifi-video;
-        defaultText = literalExpression "pkgs.unifi-video";
-        description = ''
-          The unifi-video package to use.
-        '';
-      };
+    jrePackage = mkOption {
+      type = types.package;
+      default = pkgs.jre8;
+      defaultText = literalExpression "pkgs.jre8";
+      description = ''
+        The JRE package to use. Check the release notes to ensure it is supported.
+      '';
+    };
 
-      mongodbPackage = mkOption {
-        type = types.package;
-        default = pkgs.mongodb-4_0;
-        defaultText = literalExpression "pkgs.mongodb";
-        description = ''
-          The mongodb package to use.
-        '';
-      };
+    unifiVideoPackage = mkOption {
+      type = types.package;
+      default = pkgs.unifi-video;
+      defaultText = literalExpression "pkgs.unifi-video";
+      description = ''
+        The unifi-video package to use.
+      '';
+    };
 
-      logDir = mkOption {
-        type = types.str;
-        default = "${stateDir}/logs";
-        description = ''
-          Where to store the logs.
-        '';
-      };
+    mongodbPackage = mkOption {
+      type = types.package;
+      default = pkgs.mongodb-4_0;
+      defaultText = literalExpression "pkgs.mongodb";
+      description = ''
+        The mongodb package to use.
+      '';
+    };
 
-      dataDir = mkOption {
-        type = types.str;
-        default = "${stateDir}/data";
-        description = ''
-          Where to store the database and other data.
-        '';
-      };
+    logDir = mkOption {
+      type = types.str;
+      default = "${stateDir}/logs";
+      description = ''
+        Where to store the logs.
+      '';
+    };
 
-      openPorts = mkOption {
-        type = types.bool;
-        default = true;
-        description = ''
-          Whether or not to open the required ports on the firewall.
-        '';
-      };
+    dataDir = mkOption {
+      type = types.str;
+      default = "${stateDir}/data";
+      description = ''
+        Where to store the database and other data.
+      '';
+    };
 
-      maximumJavaHeapSize = mkOption {
-        type = types.nullOr types.int;
-        default = 1024;
-        example = 4096;
-        description = ''
-          Set the maximimum heap size for the JVM in MB.
-        '';
-      };
+    openFirewall = mkOption {
+      type = types.bool;
+      default = true;
+      description = ''
+        Whether or not to open the required ports on the firewall.
+      '';
+    };
 
-      pidFile = mkOption {
-        type = types.path;
-        default = "${cfg.dataDir}/unifi-video.pid";
-        defaultText = literalExpression ''"''${config.${opt.dataDir}}/unifi-video.pid"'';
-        description = "Location of unifi-video pid file.";
-      };
+    maximumJavaHeapSize = mkOption {
+      type = types.nullOr types.int;
+      default = 1024;
+      example = 4096;
+      description = ''
+        Set the maximimum heap size for the JVM in MB.
+      '';
+    };
 
-};
+    pidFile = mkOption {
+      type = types.path;
+      default = "${cfg.dataDir}/unifi-video.pid";
+      defaultText = literalExpression ''"''${config.${opt.dataDir}}/unifi-video.pid"'';
+      description = "Location of unifi-video pid file.";
+    };
 
-config = mkIf cfg.enable {
-  users = {
-    users.unifi-video = {
+  };
+
+  config = mkIf cfg.enable {
+
+    warnings = optional
+      (options.services.unifi-video.openFirewall.highestPrio >= (mkOptionDefault null).priority)
+      "The current services.unifi-video.openFirewall = true default is deprecated and will change to false in 22.11. Set it explicitly to silence this warning.";
+
+    users.users.unifi-video = {
       description = "UniFi Video controller daemon user";
       home = stateDir;
       group = "unifi-video";
       isSystemUser = true;
     };
-    groups.unifi-video = {};
-  };
+    users.groups.unifi-video = {};
 
-  networking.firewall = mkIf cfg.openPorts {
+    networking.firewall = mkIf cfg.openFirewall {
       # https://help.ui.com/hc/en-us/articles/217875218-UniFi-Video-Ports-Used
       allowedTCPPorts = [
         7080 # HTTP portal
@@ -237,7 +241,6 @@ config = mkIf cfg.enable {
       "L+ '${stateDir}/conf/server.xml' 0700 unifi-video unifi-video - ${pkgs.unifi-video}/lib/unifi-video/conf/server.xml"
       "L+ '${stateDir}/conf/tomcat-users.xml' 0700 unifi-video unifi-video - ${pkgs.unifi-video}/lib/unifi-video/conf/tomcat-users.xml"
       "L+ '${stateDir}/conf/web.xml' 0700 unifi-video unifi-video - ${pkgs.unifi-video}/lib/unifi-video/conf/web.xml"
-
     ];
 
     systemd.services.unifi-video = {
@@ -258,10 +261,11 @@ config = mkIf cfg.enable {
         WorkingDirectory = "${stateDir}";
       };
     };
-
   };
 
-  meta = {
-    maintainers = with lib.maintainers; [ rsynnest ];
-  };
+  imports = [
+    (mkRenamedOptionModule [ "services" "unifi-video" "openPorts" ] [ "services" "unifi-video" "openFirewall" ])
+  ];
+
+  meta.maintainers = with lib.maintainers; [ rsynnest ];
 }

pkgs/applications/editors/bless/default.nix

@@ -1,4 +1,5 @@
-{ lib, stdenv
+{ stdenv
+, lib
 , fetchFromGitHub
 , pkg-config
 , mono
@@ -12,6 +13,7 @@
 , libxslt
 , docbook_xsl
 , python3
+, itstool
 }:
 
 stdenv.mkDerivation rec {
@@ -25,11 +27,6 @@ stdenv.mkDerivation rec {
     hash = "sha256-rS+vJX0y9v1TiPsRfABroHiTuENQKEOxNsyKwagRuHM=";
   };
 
-  postPatch = ''
-    sed "s|get_option('tests')|false|g" -i meson.build
-    patchShebangs .
-  '';
-
   buildInputs = [
     gtk-sharp-2_0
     mono
@@ -47,8 +44,17 @@ stdenv.mkDerivation rec {
     libxslt
     docbook_xsl
     python3
+    itstool
   ];
 
+  mesonFlags = [
+    "-Dtests=false" # requires NUnit
+  ];
+
+  postPatch = ''
+    patchShebangs .
+  '';
+
   preFixup = ''
     MPATH="${gtk-sharp-2_0}/lib/mono/gtk-sharp-2.0:${glib.out}/lib:${gtk2-x11}/lib:${gtk-sharp-2_0}/lib"
     wrapProgram $out/bin/bless --prefix MONO_PATH : "$MPATH" --prefix LD_LIBRARY_PATH : "$MPATH" --prefix PATH : ${lib.makeBinPath [ mono ]}

pkgs/applications/networking/cluster/kubecolor/default.nix

@@ -13,11 +13,13 @@ buildGoModule rec {
 
   vendorSha256 = "sha256-C1K7iEugA4HBLthcOI7EZ6H4YHW6el8X6FjVN1BeJR0=";
 
+  ldflags = [ "-s" "-w" "-X main.Version=${version}" ];
+
   meta = with lib; {
     description = "Colorizes kubectl output";
     homepage = "https://github.com/hidetatz/kubecolor";
     changelog = "https://github.com/hidetatz/kubecolor/releases/tag/v${version}";
     license = licenses.mit;
-    maintainers = [ maintainers.ivankovnatsky ];
+    maintainers = with maintainers; [ ivankovnatsky SuperSandro2000 ];
   };
 }

pkgs/applications/networking/cluster/terraform-providers/providers.json

@@ -1141,6 +1141,15 @@
     "vendorSha256": null,
     "version": "1.31.0"
   },
+  "utils": {
+    "owner": "cloudposse",
+    "provider-source-address": "registry.terraform.io/cloudposse/utils",
+    "repo": "terraform-provider-utils",
+    "rev": "0.17.17",
+    "sha256": "sha256-QJtdCEw8bnVku4fqAX5MBU9tkPv5jwjra9lGPfUPGQw=",
+    "vendorSha256": "sha256-5EelFIfHVLRiRJig6EeJG6KGJuQ05LX3M5CNxUxQAas=",
+    "version": "0.17.17"
+  },
   "vault": {
     "owner": "hashicorp",
     "provider-source-address": "registry.terraform.io/hashicorp/vault",

pkgs/applications/science/biology/flywheel-cli/default.nix

@@ -0,0 +1,49 @@
+{ lib
+, stdenv
+, fetchurl
+, unzip
+}:
+
+let
+  inherit (stdenv.targetPlatform) system;
+  throwSystem = throw "Unsupported system: ${system}";
+
+  os = {
+    x86_64-darwin = "darwin";
+    x86_64-linux = "linux";
+  }.${system} or throwSystem;
+
+  sha256 = {
+    x86_64-darwin = "sha256-OIyEu3Hsobui9s5+T9nC10SxMw0MhgmTA4SN9Ridyzo=";
+    x86_64-linux = "sha256-SxBjRd95hoh2zwX6IDnkZnTWVduQafPHvnWw8qTuM78=";
+  }.${system} or throwSystem;
+in
+stdenv.mkDerivation rec {
+  pname = "flywheel-cli";
+  version = "16.2.0";
+
+  src = fetchurl {
+    url = "https://storage.googleapis.com/flywheel-dist/cli/${version}/fw-${os}_amd64-${version}.zip";
+    inherit sha256;
+  };
+
+  nativeBuildInputs = [ unzip ];
+
+  unpackPhase = ''
+    unzip ${src}
+  '';
+
+  installPhase = ''
+    runHook preInstall
+    install -Dt $out/bin ./${os}_amd64/fw
+    runHook postInstall
+  '';
+
+  meta = with lib; {
+    description = "Library and command line interface for interacting with a Flywheel site";
+    homepage = "https://gitlab.com/flywheel-io/public/python-cli";
+    license = licenses.mit;
+    maintainers = with maintainers; [ rbreslow ];
+    platforms = [ "x86_64-darwin" "x86_64-linux" ];
+  };
+}

pkgs/desktops/mate/mate-backgrounds/default.nix

@@ -1,4 +1,4 @@
-{ lib, stdenv, fetchurl, meson, ninja, gettext, mateUpdateScript }:
+{ lib, stdenv, fetchurl, fetchpatch, meson, ninja, gettext, mateUpdateScript }:
 
 stdenv.mkDerivation rec {
   pname = "mate-backgrounds";
@@ -9,6 +9,15 @@ stdenv.mkDerivation rec {
     sha256 = "0379hngy3ap1r5kmqvmzs9r710k2c9nal2ps3hq765df4ir15j8d";
   };
 
+  patches = [
+    # Fix build with meson 0.61, can be removed on next update.
+    # https://github.com/mate-desktop/mate-backgrounds/pull/39
+    (fetchpatch {
+      url = "https://github.com/mate-desktop/mate-backgrounds/commit/0096e237d420e6247a75a1c6940a818e309ac2a7.patch";
+      sha256 = "HEF8VWunFO+NCG18fZA7lbE2l8pc6Z3jcD+rSZ1Jsqg=";
+    })
+  ];
+
   nativeBuildInputs = [
     gettext
     meson

pkgs/development/python-modules/scmrepo/default.nix

@@ -14,7 +14,7 @@
 
 buildPythonPackage rec {
   pname = "scmrepo";
-  version = "0.0.13";
+  version = "0.0.14";
   format = "pyproject";
 
   disabled = pythonOlder "3.7";
@@ -23,7 +23,7 @@ buildPythonPackage rec {
     owner = "iterative";
     repo = pname;
     rev = version;
-    hash = "sha256-VWdewy4sfnM5zwDmeL8PdNZINN07rBosg4+GOWkkhVE=";
+    hash = "sha256-/J8cCcGAWGrJmUvznOKXtNiHasdOJ3CzsGMeakgL0sY=";
   };
 
   propagatedBuildInputs = [

pkgs/top-level/all-packages.nix

@@ -32277,6 +32277,8 @@ with pkgs;
 
   febio-studio = libsForQt5.callPackage ../applications/science/biology/febio-studio { };
 
+  flywheel-cli = callPackage ../applications/science/biology/flywheel-cli { };
+
   hisat2 = callPackage ../applications/science/biology/hisat2 { };
 
   htslib = callPackage ../development/libraries/science/biology/htslib { };