Merge staging-next into staging
This commit is contained in:
commit
8aaf2e60e5
6
.github/CODEOWNERS
vendored
6
.github/CODEOWNERS
vendored
|
@ -206,6 +206,12 @@
|
||||||
/nixos/tests/cri-o.nix @NixOS/podman @zowoq
|
/nixos/tests/cri-o.nix @NixOS/podman @zowoq
|
||||||
/nixos/tests/podman.nix @NixOS/podman @zowoq
|
/nixos/tests/podman.nix @NixOS/podman @zowoq
|
||||||
|
|
||||||
|
# Docker tools
|
||||||
|
/pkgs/build-support/docker @roberth @utdemir
|
||||||
|
/nixos/tests/docker-tools-overlay.nix @roberth
|
||||||
|
/nixos/tests/docker-tools.nix @roberth
|
||||||
|
/doc/builders/images/dockertools.xml @roberth
|
||||||
|
|
||||||
# Blockchains
|
# Blockchains
|
||||||
/pkgs/applications/blockchains @mmahut
|
/pkgs/applications/blockchains @mmahut
|
||||||
|
|
||||||
|
|
|
@ -8,7 +8,7 @@
|
||||||
</p>
|
</p>
|
||||||
|
|
||||||
[Nixpkgs](https://github.com/nixos/nixpkgs) is a collection of over
|
[Nixpkgs](https://github.com/nixos/nixpkgs) is a collection of over
|
||||||
40,000 software packages that can be installed with the
|
60,000 software packages that can be installed with the
|
||||||
[Nix](https://nixos.org/nix/) package manager. It also implements
|
[Nix](https://nixos.org/nix/) package manager. It also implements
|
||||||
[NixOS](https://nixos.org/nixos/), a purely-functional Linux distribution.
|
[NixOS](https://nixos.org/nixos/), a purely-functional Linux distribution.
|
||||||
|
|
||||||
|
|
|
@ -32,7 +32,7 @@ nativeBuildInputs = [ jdk ];
|
||||||
</para>
|
</para>
|
||||||
|
|
||||||
<para>
|
<para>
|
||||||
If your Java package provides a program, you need to generate a wrapper script to run it using the OpenJRE. You can use <literal>makeWrapper</literal> for this:
|
If your Java package provides a program, you need to generate a wrapper script to run it using a JRE. You can use <literal>makeWrapper</literal> for this:
|
||||||
<programlisting>
|
<programlisting>
|
||||||
nativeBuildInputs = [ makeWrapper ];
|
nativeBuildInputs = [ makeWrapper ];
|
||||||
|
|
||||||
|
@ -43,7 +43,21 @@ installPhase =
|
||||||
--add-flags "-cp $out/share/java/foo.jar org.foo.Main"
|
--add-flags "-cp $out/share/java/foo.jar org.foo.Main"
|
||||||
'';
|
'';
|
||||||
</programlisting>
|
</programlisting>
|
||||||
Note the use of <literal>jre</literal>, which is the part of the OpenJDK package that contains the Java Runtime Environment. By using <literal>${jre}/bin/java</literal> instead of <literal>${jdk}/bin/java</literal>, you prevent your package from depending on the JDK at runtime.
|
Since the introduction of the Java Platform Module System in Java 9, Java distributions typically no longer ship with a general-purpose JRE: instead, they allow generating a JRE with only the modules required for your application(s). Because we can't predict what modules will be needed on a general-purpose system, the default <package>jre</package> package is the full JDK. When building a minimal system/image, you can override the <literal>modules</literal> parameter on <literal>jre_minimal</literal> to build a JRE with only the modules relevant for you:
|
||||||
|
<programlisting>
|
||||||
|
let
|
||||||
|
my_jre = pkgs.jre_minimal.override {
|
||||||
|
modules = [
|
||||||
|
# The modules used by 'something' and 'other' combined:
|
||||||
|
"java.base"
|
||||||
|
"java.logging"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
something = (pkgs.something.override { jre = my_jre; });
|
||||||
|
other = (pkgs.other.override { jre = my_jre; });
|
||||||
|
in
|
||||||
|
...
|
||||||
|
</programlisting>
|
||||||
</para>
|
</para>
|
||||||
|
|
||||||
<para>
|
<para>
|
||||||
|
|
|
@ -16,9 +16,9 @@ cargo
|
||||||
into the `environment.systemPackages` or bring them into
|
into the `environment.systemPackages` or bring them into
|
||||||
scope with `nix-shell -p rustc cargo`.
|
scope with `nix-shell -p rustc cargo`.
|
||||||
|
|
||||||
For daily builds (beta and nightly) use either rustup from
|
For other versions such as daily builds (beta and nightly),
|
||||||
nixpkgs or use the [Rust nightlies
|
use either `rustup` from nixpkgs (which will manage the rust installation in your home directory),
|
||||||
overlay](#using-the-rust-nightlies-overlay).
|
or use Mozilla's [Rust nightlies overlay](#using-the-rust-nightlies-overlay).
|
||||||
|
|
||||||
## Compiling Rust applications with Cargo
|
## Compiling Rust applications with Cargo
|
||||||
|
|
||||||
|
@ -478,8 +478,15 @@ Mozilla provides an overlay for nixpkgs to bring a nightly version of Rust into
|
||||||
This overlay can _also_ be used to install recent unstable or stable versions
|
This overlay can _also_ be used to install recent unstable or stable versions
|
||||||
of Rust, if desired.
|
of Rust, if desired.
|
||||||
|
|
||||||
To use this overlay, clone
|
### Rust overlay installation
|
||||||
[nixpkgs-mozilla](https://github.com/mozilla/nixpkgs-mozilla),
|
|
||||||
|
You can use this overlay by either changing your local nixpkgs configuration,
|
||||||
|
or by adding the overlay declaratively in a nix expression, e.g. in `configuration.nix`.
|
||||||
|
For more information see [#sec-overlays-install](the manual on installing overlays).
|
||||||
|
|
||||||
|
#### Imperative rust overlay installation
|
||||||
|
|
||||||
|
Clone [nixpkgs-mozilla](https://github.com/mozilla/nixpkgs-mozilla),
|
||||||
and create a symbolic link to the file
|
and create a symbolic link to the file
|
||||||
[rust-overlay.nix](https://github.com/mozilla/nixpkgs-mozilla/blob/master/rust-overlay.nix)
|
[rust-overlay.nix](https://github.com/mozilla/nixpkgs-mozilla/blob/master/rust-overlay.nix)
|
||||||
in the `~/.config/nixpkgs/overlays` directory.
|
in the `~/.config/nixpkgs/overlays` directory.
|
||||||
|
@ -488,7 +495,34 @@ in the `~/.config/nixpkgs/overlays` directory.
|
||||||
$ mkdir -p ~/.config/nixpkgs/overlays
|
$ mkdir -p ~/.config/nixpkgs/overlays
|
||||||
$ ln -s $(pwd)/nixpkgs-mozilla/rust-overlay.nix ~/.config/nixpkgs/overlays/rust-overlay.nix
|
$ ln -s $(pwd)/nixpkgs-mozilla/rust-overlay.nix ~/.config/nixpkgs/overlays/rust-overlay.nix
|
||||||
|
|
||||||
The latest version can be installed with the following command:
|
### Declarative rust overlay installation
|
||||||
|
|
||||||
|
Add the following to your `configuration.nix`, `home-configuration.nix`, `shell.nix`, or similar:
|
||||||
|
|
||||||
|
```
|
||||||
|
nixpkgs = {
|
||||||
|
overlays = [
|
||||||
|
(import (builtins.fetchTarball https://github.com/mozilla/nixpkgs-mozilla/archive/master.tar.gz))
|
||||||
|
# Further overlays go here
|
||||||
|
];
|
||||||
|
};
|
||||||
|
```
|
||||||
|
|
||||||
|
Note that this will fetch the latest overlay version when rebuilding your system.
|
||||||
|
|
||||||
|
### Rust overlay usage
|
||||||
|
|
||||||
|
The overlay contains attribute sets corresponding to different versions of the rust toolchain, such as:
|
||||||
|
|
||||||
|
* `latest.rustChannels.stable`
|
||||||
|
* `latest.rustChannels.nightly`
|
||||||
|
* a function `rustChannelOf`, called as `(rustChannelOf { date = "2018-04-11"; channel = "nightly"; })`, or...
|
||||||
|
* `(nixpkgs.rustChannelOf { rustToolchain = ./rust-toolchain; })` if you have a local `rust-toolchain` file (see https://github.com/mozilla/nixpkgs-mozilla#using-in-nix-expressions for an example)
|
||||||
|
|
||||||
|
Each of these contain packages such as `rust`, which contains your usual rust development tools with the respective toolchain chosen.
|
||||||
|
For example, you might want to add `latest.rustChannels.stable.rust` to the list of packages in your configuration.
|
||||||
|
|
||||||
|
Imperatively, the latest stable version can be installed with the following command:
|
||||||
|
|
||||||
$ nix-env -Ai nixos.latest.rustChannels.stable.rust
|
$ nix-env -Ai nixos.latest.rustChannels.stable.rust
|
||||||
|
|
||||||
|
|
|
@ -514,6 +514,12 @@
|
||||||
githubId = 69135;
|
githubId = 69135;
|
||||||
name = "Andrea Bedini";
|
name = "Andrea Bedini";
|
||||||
};
|
};
|
||||||
|
andreasfelix = {
|
||||||
|
email = "fandreas@physik.hu-berlin.de";
|
||||||
|
github = "andreasfelix";
|
||||||
|
githubId = 24651767;
|
||||||
|
name = "Felix Andreas";
|
||||||
|
};
|
||||||
andres = {
|
andres = {
|
||||||
email = "ksnixos@andres-loeh.de";
|
email = "ksnixos@andres-loeh.de";
|
||||||
github = "kosmikus";
|
github = "kosmikus";
|
||||||
|
@ -3487,6 +3493,12 @@
|
||||||
email = "t@larkery.com";
|
email = "t@larkery.com";
|
||||||
name = "Tom Hinton";
|
name = "Tom Hinton";
|
||||||
};
|
};
|
||||||
|
hjones2199 = {
|
||||||
|
email = "hjones2199@gmail.com";
|
||||||
|
github = "hjones2199";
|
||||||
|
githubId = 5525217;
|
||||||
|
name = "Hunter Jones";
|
||||||
|
};
|
||||||
hkjn = {
|
hkjn = {
|
||||||
email = "me@hkjn.me";
|
email = "me@hkjn.me";
|
||||||
name = "Henrik Jonsson";
|
name = "Henrik Jonsson";
|
||||||
|
@ -4007,6 +4019,12 @@
|
||||||
githubId = 2502736;
|
githubId = 2502736;
|
||||||
name = "James Hillyerd";
|
name = "James Hillyerd";
|
||||||
};
|
};
|
||||||
|
jiehong = {
|
||||||
|
email = "nixos@majiehong.com";
|
||||||
|
github = "Jiehong";
|
||||||
|
githubId = 1061229;
|
||||||
|
name = "Jiehong Ma";
|
||||||
|
};
|
||||||
jirkamarsik = {
|
jirkamarsik = {
|
||||||
email = "jiri.marsik89@gmail.com";
|
email = "jiri.marsik89@gmail.com";
|
||||||
github = "jirkamarsik";
|
github = "jirkamarsik";
|
||||||
|
@ -4278,6 +4296,12 @@
|
||||||
githubId = 16374374;
|
githubId = 16374374;
|
||||||
name = "Joshua Campbell";
|
name = "Joshua Campbell";
|
||||||
};
|
};
|
||||||
|
jshholland = {
|
||||||
|
email = "josh@inv.alid.pw";
|
||||||
|
github = "jshholland";
|
||||||
|
githubId = 107689;
|
||||||
|
name = "Josh Holland";
|
||||||
|
};
|
||||||
jtcoolen = {
|
jtcoolen = {
|
||||||
email = "jtcoolen@pm.me";
|
email = "jtcoolen@pm.me";
|
||||||
name = "Julien Coolen";
|
name = "Julien Coolen";
|
||||||
|
@ -4816,6 +4840,12 @@
|
||||||
githubId = 20250323;
|
githubId = 20250323;
|
||||||
name = "Lucio Delelis";
|
name = "Lucio Delelis";
|
||||||
};
|
};
|
||||||
|
ldenefle = {
|
||||||
|
email = "ldenefle@gmail.com";
|
||||||
|
github = "ldenefle";
|
||||||
|
githubId = 20558127;
|
||||||
|
name = "Lucas Denefle";
|
||||||
|
};
|
||||||
ldesgoui = {
|
ldesgoui = {
|
||||||
email = "ldesgoui@gmail.com";
|
email = "ldesgoui@gmail.com";
|
||||||
github = "ldesgoui";
|
github = "ldesgoui";
|
||||||
|
@ -5268,6 +5298,12 @@
|
||||||
githubId = 1238350;
|
githubId = 1238350;
|
||||||
name = "Matthias Herrmann";
|
name = "Matthias Herrmann";
|
||||||
};
|
};
|
||||||
|
majesticmullet = {
|
||||||
|
email = "hoccthomas@gmail.com.au";
|
||||||
|
github = "MajesticMullet";
|
||||||
|
githubId = 31056089;
|
||||||
|
name = "Tom Ho";
|
||||||
|
};
|
||||||
makefu = {
|
makefu = {
|
||||||
email = "makefu@syntax-fehler.de";
|
email = "makefu@syntax-fehler.de";
|
||||||
github = "makefu";
|
github = "makefu";
|
||||||
|
@ -5520,6 +5556,12 @@
|
||||||
fingerprint = "D709 03C8 0BE9 ACDC 14F0 3BFB 77BF E531 397E DE94";
|
fingerprint = "D709 03C8 0BE9 ACDC 14F0 3BFB 77BF E531 397E DE94";
|
||||||
}];
|
}];
|
||||||
};
|
};
|
||||||
|
meatcar = {
|
||||||
|
email = "nixpkgs@denys.me";
|
||||||
|
github = "meatcar";
|
||||||
|
githubId = 191622;
|
||||||
|
name = "Denys Pavlov";
|
||||||
|
};
|
||||||
meditans = {
|
meditans = {
|
||||||
email = "meditans@gmail.com";
|
email = "meditans@gmail.com";
|
||||||
github = "meditans";
|
github = "meditans";
|
||||||
|
@ -6439,6 +6481,12 @@
|
||||||
githubId = 167209;
|
githubId = 167209;
|
||||||
name = "Masanori Ogino";
|
name = "Masanori Ogino";
|
||||||
};
|
};
|
||||||
|
omgbebebe = {
|
||||||
|
email = "omgbebebe@gmail.com";
|
||||||
|
github = "omgbebebe";
|
||||||
|
githubId = 588167;
|
||||||
|
name = "Sergey Bubnov";
|
||||||
|
};
|
||||||
omnipotententity = {
|
omnipotententity = {
|
||||||
email = "omnipotententity@gmail.com";
|
email = "omnipotententity@gmail.com";
|
||||||
github = "omnipotententity";
|
github = "omnipotententity";
|
||||||
|
@ -7065,6 +7113,12 @@
|
||||||
fingerprint = "7573 56D7 79BB B888 773E 415E 736C CDF9 EF51 BD97";
|
fingerprint = "7573 56D7 79BB B888 773E 415E 736C CDF9 EF51 BD97";
|
||||||
}];
|
}];
|
||||||
};
|
};
|
||||||
|
r-burns = {
|
||||||
|
email = "rtburns@protonmail.com";
|
||||||
|
github = "r-burns";
|
||||||
|
githubId = 52847440;
|
||||||
|
name = "Ryan Burns";
|
||||||
|
};
|
||||||
raboof = {
|
raboof = {
|
||||||
email = "arnout@bzzt.net";
|
email = "arnout@bzzt.net";
|
||||||
github = "raboof";
|
github = "raboof";
|
||||||
|
|
|
@ -6,7 +6,7 @@
|
||||||
<title>Service Management</title>
|
<title>Service Management</title>
|
||||||
<para>
|
<para>
|
||||||
In NixOS, all system services are started and monitored using the systemd
|
In NixOS, all system services are started and monitored using the systemd
|
||||||
program. Systemd is the “init” process of the system (i.e. PID 1), the
|
program. systemd is the “init” process of the system (i.e. PID 1), the
|
||||||
parent of all other processes. It manages a set of so-called “units”,
|
parent of all other processes. It manages a set of so-called “units”,
|
||||||
which can be things like system services (programs), but also mount points,
|
which can be things like system services (programs), but also mount points,
|
||||||
swap files, devices, targets (groups of units) and more. Units can have
|
swap files, devices, targets (groups of units) and more. Units can have
|
||||||
|
@ -16,10 +16,17 @@
|
||||||
dependencies of this unit cause all system services to be started, file
|
dependencies of this unit cause all system services to be started, file
|
||||||
systems to be mounted, swap files to be activated, and so on.
|
systems to be mounted, swap files to be activated, and so on.
|
||||||
</para>
|
</para>
|
||||||
<para>
|
<section xml:id="sect-nixos-systemd-general">
|
||||||
The command <command>systemctl</command> is the main way to interact with
|
<title>Interacting with a running systemd</title>
|
||||||
<command>systemd</command>. Without any arguments, it shows the status of
|
<para>
|
||||||
active units:
|
The command <command>systemctl</command> is the main way to interact with
|
||||||
|
<command>systemd</command>. The following paragraphs demonstrate ways to
|
||||||
|
interact with any OS running systemd as init system. NixOS is of no
|
||||||
|
exception. The <link xlink:href="#sect-nixos-systemd-nixos">next section
|
||||||
|
</link> explains NixOS specific things worth knowing.
|
||||||
|
</para>
|
||||||
|
<para>
|
||||||
|
Without any arguments, <literal>systmctl</literal> the status of active units:
|
||||||
<screen>
|
<screen>
|
||||||
<prompt>$ </prompt>systemctl
|
<prompt>$ </prompt>systemctl
|
||||||
-.mount loaded active mounted /
|
-.mount loaded active mounted /
|
||||||
|
@ -28,10 +35,10 @@ sshd.service loaded active running SSH Daemon
|
||||||
graphical.target loaded active active Graphical Interface
|
graphical.target loaded active active Graphical Interface
|
||||||
<replaceable>...</replaceable>
|
<replaceable>...</replaceable>
|
||||||
</screen>
|
</screen>
|
||||||
</para>
|
</para>
|
||||||
<para>
|
<para>
|
||||||
You can ask for detailed status information about a unit, for instance, the
|
You can ask for detailed status information about a unit, for instance, the
|
||||||
PostgreSQL database service:
|
PostgreSQL database service:
|
||||||
<screen>
|
<screen>
|
||||||
<prompt>$ </prompt>systemctl status postgresql.service
|
<prompt>$ </prompt>systemctl status postgresql.service
|
||||||
postgresql.service - PostgreSQL Server
|
postgresql.service - PostgreSQL Server
|
||||||
|
@ -62,11 +69,72 @@ Jan 07 15:55:57 hagbard systemd[1]: Started PostgreSQL Server.
|
||||||
<prompt># </prompt>systemctl start postgresql.service
|
<prompt># </prompt>systemctl start postgresql.service
|
||||||
<prompt># </prompt>systemctl restart postgresql.service
|
<prompt># </prompt>systemctl restart postgresql.service
|
||||||
</screen>
|
</screen>
|
||||||
These operations are synchronous: they wait until the service has finished
|
These operations are synchronous: they wait until the service has finished
|
||||||
starting or stopping (or has failed). Starting a unit will cause the
|
starting or stopping (or has failed). Starting a unit will cause the
|
||||||
dependencies of that unit to be started as well (if necessary).
|
dependencies of that unit to be started as well (if necessary).
|
||||||
</para>
|
</para>
|
||||||
<!-- - cgroups: each service and user session is a cgroup
|
<!-- TODO: document cgroups, draft:
|
||||||
|
each service and user session is a cgroup
|
||||||
|
|
||||||
- cgroup resource management -->
|
- cgroup resource management -->
|
||||||
|
</section>
|
||||||
|
<section xml:id="sect-nixos-systemd-nixos">
|
||||||
|
<title>systemd in NixOS</title>
|
||||||
|
<para>
|
||||||
|
Packages in Nixpkgs sometimes provide systemd units with them, usually in
|
||||||
|
e.g <literal>#pkg-out#/lib/systemd/</literal>. Putting such a package in
|
||||||
|
<literal>environment.systemPackages</literal> doesn't make the service
|
||||||
|
available to users or the system.
|
||||||
|
</para>
|
||||||
|
<para>
|
||||||
|
In order to enable a systemd <emphasis>system</emphasis> service with
|
||||||
|
provided upstream package, use (e.g):
|
||||||
|
<programlisting>
|
||||||
|
<xref linkend="opt-systemd.packages"/> = [ pkgs.packagekit ];
|
||||||
|
</programlisting>
|
||||||
|
</para>
|
||||||
|
<para>
|
||||||
|
Usually NixOS modules written by the community do the above, plus take care of
|
||||||
|
other details. If a module was written for a service you are interested in,
|
||||||
|
you'd probably need only to use
|
||||||
|
<literal>services.#name#.enable = true;</literal>. These services are defined
|
||||||
|
in Nixpkgs'
|
||||||
|
<link xlink:href="https://github.com/NixOS/nixpkgs/tree/master/nixos/modules">
|
||||||
|
<literal>nixos/modules/</literal> directory </link>. In case the service is
|
||||||
|
simple enough, the above method should work, and start the service on boot.
|
||||||
|
</para>
|
||||||
|
<para>
|
||||||
|
<emphasis>User</emphasis> systemd services on the other hand, should be
|
||||||
|
treated differently. Given a package that has a systemd unit file at
|
||||||
|
<literal>#pkg-out#/lib/systemd/user/</literal>, using
|
||||||
|
<xref linkend="opt-systemd.packages"/> will make you able to start the service via
|
||||||
|
<literal>systemctl --user start</literal>, but it won't start automatically on login.
|
||||||
|
<!-- TODO: Document why systemd.packages doesn't work for user services or fix this.
|
||||||
|
https://github.com/NixOS/nixpkgs/blob/2cd6594a8710a801038af2b72348658f732ce84a/nixos/modules/system/boot/systemd-lib.nix#L177-L198
|
||||||
|
|
||||||
|
This has been talked over at https://discourse.nixos.org/t/how-to-enable-upstream-systemd-user-services-declaratively/7649/5
|
||||||
|
-->
|
||||||
|
However, You can imperatively enable it by adding the package's attribute to
|
||||||
|
<link linkend="opt-environment.systemPackages">
|
||||||
|
<literal>systemd.packages</literal></link> and then do this (e.g):
|
||||||
|
<screen>
|
||||||
|
<prompt>$ </prompt>mkdir -p ~/.config/systemd/user/default.target.wants
|
||||||
|
<prompt>$ </prompt>ln -s /run/current-system/sw/lib/systemd/user/syncthing.service ~/.config/systemd/user/default.target.wants/
|
||||||
|
<prompt>$ </prompt>systemctl --user daemon-reload
|
||||||
|
<prompt>$ </prompt>systemctl --user enable syncthing.service
|
||||||
|
</screen>
|
||||||
|
If you are interested in a timer file, use <literal>timers.target.wants</literal>
|
||||||
|
instead of <literal>default.target.wants</literal> in the 1st and 2nd command.
|
||||||
|
</para>
|
||||||
|
<para>
|
||||||
|
Using <literal>systemctl --user enable syncthing.service</literal> instead of
|
||||||
|
the above, will work, but it'll use the absolute path of
|
||||||
|
<literal>syncthing.service</literal> for the symlink, and this path is in
|
||||||
|
<literal>/nix/store/.../lib/systemd/user/</literal>. Hence
|
||||||
|
<link xlink:href="#sec-nix-gc">garbage collection</link> will remove that file
|
||||||
|
and you will wind up with a broken symlink in your systemd configuration, which
|
||||||
|
in turn will not make the service / timer start on login.
|
||||||
|
</para>
|
||||||
|
</section>
|
||||||
</chapter>
|
</chapter>
|
||||||
|
|
||||||
|
|
|
@ -879,12 +879,23 @@ php.override {
|
||||||
<listitem>
|
<listitem>
|
||||||
<para>
|
<para>
|
||||||
Nginx web server now starting with additional sandbox/hardening options. By default, write access
|
Nginx web server now starting with additional sandbox/hardening options. By default, write access
|
||||||
to <literal>services.nginx.stateDir</literal> is allowed. To allow writing to other folders,
|
to <literal>/var/log/nginx</literal> and <literal>/var/cache/nginx</literal> is allowed. To allow writing to other folders,
|
||||||
use <literal>systemd.services.nginx.serviceConfig.ReadWritePaths</literal>
|
use <literal>systemd.services.nginx.serviceConfig.ReadWritePaths</literal>
|
||||||
<programlisting>
|
<programlisting>
|
||||||
systemd.services.nginx.serviceConfig.ReadWritePaths = [ "/var/www" ];
|
systemd.services.nginx.serviceConfig.ReadWritePaths = [ "/var/www" ];
|
||||||
</programlisting>
|
</programlisting>
|
||||||
</para>
|
</para>
|
||||||
|
<para>
|
||||||
|
Nginx is also started with the systemd option <literal>ProtectHome = mkDefault true;</literal>
|
||||||
|
which forbids it to read anything from <literal>/home</literal>, <literal>/root</literal>
|
||||||
|
and <literal>/run/user</literal> (see
|
||||||
|
<link xlink:href="https://www.freedesktop.org/software/systemd/man/systemd.exec.html#ProtectHome=">ProtectHome docs</link>
|
||||||
|
for details).
|
||||||
|
If you require serving files from home directories, you may choose to set e.g.
|
||||||
|
<programlisting>
|
||||||
|
systemd.services.nginx.serviceConfig.ProtectHome = "read-only";
|
||||||
|
</programlisting>
|
||||||
|
</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
<listitem>
|
<listitem>
|
||||||
<para>
|
<para>
|
||||||
|
|
|
@ -139,6 +139,13 @@
|
||||||
<package>stanchion</package> package removed along with <varname>services.stanchion</varname> module.
|
<package>stanchion</package> package removed along with <varname>services.stanchion</varname> module.
|
||||||
</para>
|
</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
|
<listitem>
|
||||||
|
<para>
|
||||||
|
<package>mutt</package> has been updated to a new major version (2.x), which comes with
|
||||||
|
some backward incompatible changes that are described in the
|
||||||
|
<link xlink:href="http://www.mutt.org/relnotes/2.0/">release notes for Mutt 2.0</link>.
|
||||||
|
</para>
|
||||||
|
</listitem>
|
||||||
</itemizedlist>
|
</itemizedlist>
|
||||||
</section>
|
</section>
|
||||||
|
|
||||||
|
@ -162,6 +169,11 @@
|
||||||
to <package>nextcloud20</package>.
|
to <package>nextcloud20</package>.
|
||||||
</para>
|
</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
|
<listitem>
|
||||||
|
<para>
|
||||||
|
The setting <xref linkend="opt-services.redis.bind" /> defaults to <literal>127.0.0.1</literal> now, making Redis listen on the loopback interface only, and not all public network interfaces.
|
||||||
|
</para>
|
||||||
|
</listitem>
|
||||||
<listitem>
|
<listitem>
|
||||||
<para>
|
<para>
|
||||||
NixOS now emits a deprecation warning if systemd's <literal>StartLimitInterval</literal> setting is used in a <literal>serviceConfig</literal> section instead of in a <literal>unitConfig</literal>; that setting is deprecated and now undocumented for the service section by systemd upstream, but still effective and somewhat buggy there, which can be confusing. See <link xlink:href="https://github.com/NixOS/nixpkgs/issues/45785">#45785</link> for details.
|
NixOS now emits a deprecation warning if systemd's <literal>StartLimitInterval</literal> setting is used in a <literal>serviceConfig</literal> section instead of in a <literal>unitConfig</literal>; that setting is deprecated and now undocumented for the service section by systemd upstream, but still effective and somewhat buggy there, which can be confusing. See <link xlink:href="https://github.com/NixOS/nixpkgs/issues/45785">#45785</link> for details.
|
||||||
|
@ -170,6 +182,62 @@
|
||||||
All services should use <xref linkend="opt-systemd.services._name_.startLimitIntervalSec" /> or <literal>StartLimitIntervalSec</literal> in <xref linkend="opt-systemd.services._name_.unitConfig" /> instead.
|
All services should use <xref linkend="opt-systemd.services._name_.startLimitIntervalSec" /> or <literal>StartLimitIntervalSec</literal> in <xref linkend="opt-systemd.services._name_.unitConfig" /> instead.
|
||||||
</para>
|
</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
|
<listitem>
|
||||||
|
<para>
|
||||||
|
The Unbound DNS resolver service (<literal>services.unbound</literal>) has been refactored to allow reloading, control sockets and to fix startup ordering issues.
|
||||||
|
</para>
|
||||||
|
|
||||||
|
<para>
|
||||||
|
It is now possible to enable a local UNIX control socket for unbound by setting the <xref linkend="opt-services.unbound.localControlSocketPath" />
|
||||||
|
option.
|
||||||
|
</para>
|
||||||
|
|
||||||
|
<para>
|
||||||
|
Previously we just applied a very minimal set of restrictions and
|
||||||
|
trusted unbound to properly drop root privs and capabilities.
|
||||||
|
</para>
|
||||||
|
|
||||||
|
<para>
|
||||||
|
As of this we are (for the most part) just using the upstream
|
||||||
|
example unit file for unbound. The main difference is that we start
|
||||||
|
unbound as <literal>unbound</literal> user with the required capabilities instead of
|
||||||
|
letting unbound do the chroot & uid/gid changes.
|
||||||
|
</para>
|
||||||
|
|
||||||
|
<para>
|
||||||
|
The upstream unit configuration this is based on is a lot stricter with
|
||||||
|
all kinds of permissions then our previous variant. It also came with
|
||||||
|
the default of having the <literal>Type</literal> set to <literal>notify</literal>, therefore we are now also
|
||||||
|
using the <literal>unbound-with-systemd</literal> package here. Unbound will start up,
|
||||||
|
read the configuration files and start listening on the configured ports
|
||||||
|
before systemd will declare the unit <literal>active (running)</literal>.
|
||||||
|
This will likely help with startup order and the occasional race condition during system
|
||||||
|
activation where the DNS service is started but not yet ready to answer
|
||||||
|
queries. Services depending on <literal>nss-lookup.target</literal> or <literal>unbound.service</literal>
|
||||||
|
are now be able to use unbound when those targets have been reached.
|
||||||
|
</para>
|
||||||
|
|
||||||
|
<para>
|
||||||
|
Aditionally to the much stricter runtime environmet the
|
||||||
|
<literal>/dev/urandom</literal> mount lines we previously had in the code (that would
|
||||||
|
randomly failed during the stop-phase) have been removed as systemd will take care of those for us.
|
||||||
|
</para>
|
||||||
|
|
||||||
|
<para>
|
||||||
|
The <literal>preStart</literal> script is now only required if we enabled the trust
|
||||||
|
anchor updates (which are still enabled by default).
|
||||||
|
</para>
|
||||||
|
|
||||||
|
<para>
|
||||||
|
Another benefit of the refactoring is that we can now issue reloads via
|
||||||
|
either <literal>pkill -HUP unbound</literal> and <literal>systemctl reload unbound</literal> to reload the
|
||||||
|
running configuration without taking the daemon offline. A prerequisite
|
||||||
|
of this was that unbound configuration is available on a well known path
|
||||||
|
on the file system. We are using the path <literal>/etc/unbound/unbound.conf</literal> as that is the
|
||||||
|
default in the CLI tooling which in turn enables us to use
|
||||||
|
<literal>unbound-control</literal> without passing a custom configuration location.
|
||||||
|
</para>
|
||||||
|
</listitem>
|
||||||
</itemizedlist>
|
</itemizedlist>
|
||||||
</section>
|
</section>
|
||||||
</section>
|
</section>
|
||||||
|
|
|
@ -680,6 +680,7 @@
|
||||||
./services/networking/murmur.nix
|
./services/networking/murmur.nix
|
||||||
./services/networking/mxisd.nix
|
./services/networking/mxisd.nix
|
||||||
./services/networking/namecoind.nix
|
./services/networking/namecoind.nix
|
||||||
|
./services/networking/nar-serve.nix
|
||||||
./services/networking/nat.nix
|
./services/networking/nat.nix
|
||||||
./services/networking/ndppd.nix
|
./services/networking/ndppd.nix
|
||||||
./services/networking/networkmanager.nix
|
./services/networking/networkmanager.nix
|
||||||
|
|
|
@ -87,9 +87,12 @@ in
|
||||||
|
|
||||||
bind = mkOption {
|
bind = mkOption {
|
||||||
type = with types; nullOr str;
|
type = with types; nullOr str;
|
||||||
default = null; # All interfaces
|
default = "127.0.0.1";
|
||||||
description = "The IP interface to bind to.";
|
description = ''
|
||||||
example = "127.0.0.1";
|
The IP interface to bind to.
|
||||||
|
<literal>null</literal> means "all interfaces".
|
||||||
|
'';
|
||||||
|
example = "192.0.2.1";
|
||||||
};
|
};
|
||||||
|
|
||||||
unixSocket = mkOption {
|
unixSocket = mkOption {
|
||||||
|
|
|
@ -87,6 +87,8 @@ in {
|
||||||
bluetooth = {
|
bluetooth = {
|
||||||
wantedBy = [ "bluetooth.target" ];
|
wantedBy = [ "bluetooth.target" ];
|
||||||
aliases = [ "dbus-org.bluez.service" ];
|
aliases = [ "dbus-org.bluez.service" ];
|
||||||
|
# restarting can leave people without a mouse/keyboard
|
||||||
|
unitConfig.X-RestartIfChanged = false;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -204,6 +204,11 @@ in
|
||||||
};
|
};
|
||||||
systemd.services.phpfpm-roundcube.after = [ "roundcube-setup.service" ];
|
systemd.services.phpfpm-roundcube.after = [ "roundcube-setup.service" ];
|
||||||
|
|
||||||
|
# Restart on config changes.
|
||||||
|
systemd.services.phpfpm-roundcube.restartTriggers = [
|
||||||
|
config.environment.etc."roundcube/config.inc.php".source
|
||||||
|
];
|
||||||
|
|
||||||
systemd.services.roundcube-setup = mkMerge [
|
systemd.services.roundcube-setup = mkMerge [
|
||||||
(mkIf (cfg.database.host == "localhost") {
|
(mkIf (cfg.database.host == "localhost") {
|
||||||
requires = [ "postgresql.service" ];
|
requires = [ "postgresql.service" ];
|
||||||
|
|
|
@ -68,7 +68,7 @@ in
|
||||||
plugins = mkOption {
|
plugins = mkOption {
|
||||||
default = plugins: [];
|
default = plugins: [];
|
||||||
defaultText = "plugins: []";
|
defaultText = "plugins: []";
|
||||||
example = literalExample "plugins: with plugins; [ m33-fio stlviewer ]";
|
example = literalExample "plugins: with plugins; [ themeify stlviewer ]";
|
||||||
description = "Additional plugins to be used. Available plugins are passed through the plugins input.";
|
description = "Additional plugins to be used. Available plugins are passed through the plugins input.";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -45,6 +45,7 @@ let
|
||||||
"rspamd"
|
"rspamd"
|
||||||
"rtl_433"
|
"rtl_433"
|
||||||
"snmp"
|
"snmp"
|
||||||
|
"sql"
|
||||||
"surfboard"
|
"surfboard"
|
||||||
"tor"
|
"tor"
|
||||||
"unifi"
|
"unifi"
|
||||||
|
@ -218,6 +219,14 @@ in
|
||||||
Please specify either 'services.prometheus.exporters.mail.configuration'
|
Please specify either 'services.prometheus.exporters.mail.configuration'
|
||||||
or 'services.prometheus.exporters.mail.configFile'.
|
or 'services.prometheus.exporters.mail.configFile'.
|
||||||
'';
|
'';
|
||||||
|
} {
|
||||||
|
assertion = cfg.sql.enable -> (
|
||||||
|
(cfg.sql.configFile == null) != (cfg.sql.configuration == null)
|
||||||
|
);
|
||||||
|
message = ''
|
||||||
|
Please specify either 'services.prometheus.exporters.sql.configuration' or
|
||||||
|
'services.prometheus.exporters.sql.configFile'
|
||||||
|
'';
|
||||||
} ];
|
} ];
|
||||||
}] ++ [(mkIf config.services.minio.enable {
|
}] ++ [(mkIf config.services.minio.enable {
|
||||||
services.prometheus.exporters.minio.minioAddress = mkDefault "http://localhost:9000";
|
services.prometheus.exporters.minio.minioAddress = mkDefault "http://localhost:9000";
|
||||||
|
|
104
nixos/modules/services/monitoring/prometheus/exporters/sql.nix
Normal file
104
nixos/modules/services/monitoring/prometheus/exporters/sql.nix
Normal file
|
@ -0,0 +1,104 @@
|
||||||
|
{ config, lib, pkgs, options }:
|
||||||
|
with lib;
|
||||||
|
let
|
||||||
|
cfg = config.services.prometheus.exporters.sql;
|
||||||
|
cfgOptions = {
|
||||||
|
options = with types; {
|
||||||
|
jobs = mkOption {
|
||||||
|
type = attrsOf (submodule jobOptions);
|
||||||
|
default = { };
|
||||||
|
description = "An attrset of metrics scraping jobs to run.";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
jobOptions = {
|
||||||
|
options = with types; {
|
||||||
|
interval = mkOption {
|
||||||
|
type = str;
|
||||||
|
description = ''
|
||||||
|
How often to run this job, specified in
|
||||||
|
<link xlink:href="https://golang.org/pkg/time/#ParseDuration">Go duration</link> format.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
connections = mkOption {
|
||||||
|
type = listOf str;
|
||||||
|
description = "A list of connection strings of the SQL servers to scrape metrics from";
|
||||||
|
};
|
||||||
|
startupSql = mkOption {
|
||||||
|
type = listOf str;
|
||||||
|
default = [];
|
||||||
|
description = "A list of SQL statements to execute once after making a connection.";
|
||||||
|
};
|
||||||
|
queries = mkOption {
|
||||||
|
type = attrsOf (submodule queryOptions);
|
||||||
|
description = "SQL queries to run.";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
queryOptions = {
|
||||||
|
options = with types; {
|
||||||
|
help = mkOption {
|
||||||
|
type = nullOr str;
|
||||||
|
default = null;
|
||||||
|
description = "A human-readable description of this metric.";
|
||||||
|
};
|
||||||
|
labels = mkOption {
|
||||||
|
type = listOf str;
|
||||||
|
default = [ ];
|
||||||
|
description = "A set of columns that will be used as Prometheus labels.";
|
||||||
|
};
|
||||||
|
query = mkOption {
|
||||||
|
type = str;
|
||||||
|
description = "The SQL query to run.";
|
||||||
|
};
|
||||||
|
values = mkOption {
|
||||||
|
type = listOf str;
|
||||||
|
description = "A set of columns that will be used as values of this metric.";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
configFile =
|
||||||
|
if cfg.configFile != null
|
||||||
|
then cfg.configFile
|
||||||
|
else
|
||||||
|
let
|
||||||
|
nameInline = mapAttrsToList (k: v: v // { name = k; });
|
||||||
|
renameStartupSql = j: removeAttrs (j // { startup_sql = j.startupSql; }) [ "startupSql" ];
|
||||||
|
configuration = {
|
||||||
|
jobs = map renameStartupSql
|
||||||
|
(nameInline (mapAttrs (k: v: (v // { queries = nameInline v.queries; })) cfg.configuration.jobs));
|
||||||
|
};
|
||||||
|
in
|
||||||
|
builtins.toFile "config.yaml" (builtins.toJSON configuration);
|
||||||
|
in
|
||||||
|
{
|
||||||
|
extraOpts = {
|
||||||
|
configFile = mkOption {
|
||||||
|
type = with types; nullOr path;
|
||||||
|
default = null;
|
||||||
|
description = ''
|
||||||
|
Path to configuration file.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
configuration = mkOption {
|
||||||
|
type = with types; nullOr (submodule cfgOptions);
|
||||||
|
default = null;
|
||||||
|
description = ''
|
||||||
|
Exporter configuration as nix attribute set. Mutually exclusive with 'configFile' option.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
port = 9237;
|
||||||
|
serviceOpts = {
|
||||||
|
serviceConfig = {
|
||||||
|
ExecStart = ''
|
||||||
|
${pkgs.prometheus-sql-exporter}/bin/sql_exporter \
|
||||||
|
-web.listen-address ${cfg.listenAddress}:${toString cfg.port} \
|
||||||
|
-config.file ${configFile} \
|
||||||
|
${concatStringsSep " \\\n " cfg.extraFlags}
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
55
nixos/modules/services/networking/nar-serve.nix
Normal file
55
nixos/modules/services/networking/nar-serve.nix
Normal file
|
@ -0,0 +1,55 @@
|
||||||
|
{ config, pkgs, lib, ... }:
|
||||||
|
|
||||||
|
with lib;
|
||||||
|
let
|
||||||
|
cfg = config.services.nar-serve;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
meta = {
|
||||||
|
maintainers = [ maintainers.rizary ];
|
||||||
|
};
|
||||||
|
options = {
|
||||||
|
services.nar-serve = {
|
||||||
|
enable = mkEnableOption "Serve NAR file contents via HTTP";
|
||||||
|
|
||||||
|
port = mkOption {
|
||||||
|
type = types.int;
|
||||||
|
default = 8383;
|
||||||
|
description = ''
|
||||||
|
Port number where nar-serve will listen on.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
cacheURL = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
default = "https://cache.nixos.org/";
|
||||||
|
description = ''
|
||||||
|
Binary cache URL to connect to.
|
||||||
|
|
||||||
|
The URL format is compatible with the nix remote url style, such as:
|
||||||
|
- http://, https:// for binary caches via HTTP or HTTPS
|
||||||
|
- s3:// for binary caches stored in Amazon S3
|
||||||
|
- gs:// for binary caches stored in Google Cloud Storage
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = mkIf cfg.enable {
|
||||||
|
systemd.services.nar-serve = {
|
||||||
|
description = "NAR server";
|
||||||
|
after = [ "network.target" ];
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
|
||||||
|
environment.PORT = toString cfg.port;
|
||||||
|
environment.NAR_CACHE_URL = cfg.cacheURL;
|
||||||
|
|
||||||
|
serviceConfig = {
|
||||||
|
Restart = "always";
|
||||||
|
RestartSec = "5s";
|
||||||
|
ExecStart = "${pkgs.nar-serve}/bin/nar-serve";
|
||||||
|
DynamicUser = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -18,30 +18,10 @@ in {
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
environment.systemPackages = [ pkgs.tailscale ]; # for the CLI
|
environment.systemPackages = [ pkgs.tailscale ]; # for the CLI
|
||||||
systemd.services.tailscale = {
|
systemd.packages = [ pkgs.tailscale ];
|
||||||
description = "Tailscale client daemon";
|
systemd.services.tailscaled = {
|
||||||
|
|
||||||
after = [ "network-pre.target" ];
|
|
||||||
wants = [ "network-pre.target" ];
|
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
serviceConfig.Environment = "PORT=${toString cfg.port}";
|
||||||
startLimitIntervalSec = 0;
|
|
||||||
|
|
||||||
serviceConfig = {
|
|
||||||
ExecStart =
|
|
||||||
"${pkgs.tailscale}/bin/tailscaled --port ${toString cfg.port}";
|
|
||||||
|
|
||||||
RuntimeDirectory = "tailscale";
|
|
||||||
RuntimeDirectoryMode = 755;
|
|
||||||
|
|
||||||
StateDirectory = "tailscale";
|
|
||||||
StateDirectoryMode = 750;
|
|
||||||
|
|
||||||
CacheDirectory = "tailscale";
|
|
||||||
CacheDirectoryMode = 750;
|
|
||||||
|
|
||||||
Restart = "on-failure";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,9 +1,7 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
with lib;
|
with lib;
|
||||||
|
|
||||||
let
|
let
|
||||||
|
|
||||||
cfg = config.services.unbound;
|
cfg = config.services.unbound;
|
||||||
|
|
||||||
stateDir = "/var/lib/unbound";
|
stateDir = "/var/lib/unbound";
|
||||||
|
@ -17,12 +15,12 @@ let
|
||||||
forward =
|
forward =
|
||||||
optionalString (any isLocalAddress cfg.forwardAddresses) ''
|
optionalString (any isLocalAddress cfg.forwardAddresses) ''
|
||||||
do-not-query-localhost: no
|
do-not-query-localhost: no
|
||||||
'' +
|
''
|
||||||
optionalString (cfg.forwardAddresses != []) ''
|
+ optionalString (cfg.forwardAddresses != []) ''
|
||||||
forward-zone:
|
forward-zone:
|
||||||
name: .
|
name: .
|
||||||
'' +
|
''
|
||||||
concatMapStringsSep "\n" (x: " forward-addr: ${x}") cfg.forwardAddresses;
|
+ concatMapStringsSep "\n" (x: " forward-addr: ${x}") cfg.forwardAddresses;
|
||||||
|
|
||||||
rootTrustAnchorFile = "${stateDir}/root.key";
|
rootTrustAnchorFile = "${stateDir}/root.key";
|
||||||
|
|
||||||
|
@ -31,19 +29,25 @@ let
|
||||||
|
|
||||||
confFile = pkgs.writeText "unbound.conf" ''
|
confFile = pkgs.writeText "unbound.conf" ''
|
||||||
server:
|
server:
|
||||||
|
ip-freebind: yes
|
||||||
directory: "${stateDir}"
|
directory: "${stateDir}"
|
||||||
username: unbound
|
username: unbound
|
||||||
chroot: "${stateDir}"
|
chroot: ""
|
||||||
pidfile: ""
|
pidfile: ""
|
||||||
|
# when running under systemd there is no need to daemonize
|
||||||
|
do-daemonize: no
|
||||||
${interfaces}
|
${interfaces}
|
||||||
${access}
|
${access}
|
||||||
${trustAnchor}
|
${trustAnchor}
|
||||||
|
${lib.optionalString (cfg.localControlSocketPath != null) ''
|
||||||
|
remote-control:
|
||||||
|
control-enable: yes
|
||||||
|
control-interface: ${cfg.localControlSocketPath}
|
||||||
|
''}
|
||||||
${cfg.extraConfig}
|
${cfg.extraConfig}
|
||||||
${forward}
|
${forward}
|
||||||
'';
|
'';
|
||||||
|
|
||||||
in
|
in
|
||||||
|
|
||||||
{
|
{
|
||||||
|
|
||||||
###### interface
|
###### interface
|
||||||
|
@ -55,8 +59,8 @@ in
|
||||||
|
|
||||||
package = mkOption {
|
package = mkOption {
|
||||||
type = types.package;
|
type = types.package;
|
||||||
default = pkgs.unbound;
|
default = pkgs.unbound-with-systemd;
|
||||||
defaultText = "pkgs.unbound";
|
defaultText = "pkgs.unbound-with-systemd";
|
||||||
description = "The unbound package to use";
|
description = "The unbound package to use";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -69,11 +73,14 @@ in
|
||||||
interfaces = mkOption {
|
interfaces = mkOption {
|
||||||
default = [ "127.0.0.1" ] ++ optional config.networking.enableIPv6 "::1";
|
default = [ "127.0.0.1" ] ++ optional config.networking.enableIPv6 "::1";
|
||||||
type = types.listOf types.str;
|
type = types.listOf types.str;
|
||||||
description = "What addresses the server should listen on.";
|
description = ''
|
||||||
|
What addresses the server should listen on. This supports the interface syntax documented in
|
||||||
|
<citerefentry><refentrytitle>unbound.conf</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
|
||||||
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
forwardAddresses = mkOption {
|
forwardAddresses = mkOption {
|
||||||
default = [ ];
|
default = [];
|
||||||
type = types.listOf types.str;
|
type = types.listOf types.str;
|
||||||
description = "What servers to forward queries to.";
|
description = "What servers to forward queries to.";
|
||||||
};
|
};
|
||||||
|
@ -84,6 +91,28 @@ in
|
||||||
description = "Use and update root trust anchor for DNSSEC validation.";
|
description = "Use and update root trust anchor for DNSSEC validation.";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
localControlSocketPath = mkOption {
|
||||||
|
default = null;
|
||||||
|
# FIXME: What is the proper type here so users can specify strings,
|
||||||
|
# paths and null?
|
||||||
|
# My guess would be `types.nullOr (types.either types.str types.path)`
|
||||||
|
# but I haven't verified yet.
|
||||||
|
type = types.nullOr types.str;
|
||||||
|
example = "/run/unbound/unbound.ctl";
|
||||||
|
description = ''
|
||||||
|
When not set to <literal>null</literal> this option defines the path
|
||||||
|
at which the unbound remote control socket should be created at. The
|
||||||
|
socket will be owned by the unbound user (<literal>unbound</literal>)
|
||||||
|
and group will be <literal>nogroup</literal>.
|
||||||
|
|
||||||
|
Users that should be permitted to access the socket must be in the
|
||||||
|
<literal>unbound</literal> group.
|
||||||
|
|
||||||
|
If this option is <literal>null</literal> remote control will not be
|
||||||
|
configured at all. Unbounds default values apply.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
extraConfig = mkOption {
|
extraConfig = mkOption {
|
||||||
default = "";
|
default = "";
|
||||||
type = types.lines;
|
type = types.lines;
|
||||||
|
@ -106,43 +135,85 @@ in
|
||||||
users.users.unbound = {
|
users.users.unbound = {
|
||||||
description = "unbound daemon user";
|
description = "unbound daemon user";
|
||||||
isSystemUser = true;
|
isSystemUser = true;
|
||||||
|
group = lib.mkIf (cfg.localControlSocketPath != null) (lib.mkDefault "unbound");
|
||||||
|
};
|
||||||
|
|
||||||
|
# We need a group so that we can give users access to the configured
|
||||||
|
# control socket. Unbound allows access to the socket only to the unbound
|
||||||
|
# user and the primary group.
|
||||||
|
users.groups = lib.mkIf (cfg.localControlSocketPath != null) {
|
||||||
|
unbound = {};
|
||||||
};
|
};
|
||||||
|
|
||||||
networking.resolvconf.useLocalResolver = mkDefault true;
|
networking.resolvconf.useLocalResolver = mkDefault true;
|
||||||
|
|
||||||
|
|
||||||
|
environment.etc."unbound/unbound.conf".source = confFile;
|
||||||
|
|
||||||
systemd.services.unbound = {
|
systemd.services.unbound = {
|
||||||
description = "Unbound recursive Domain Name Server";
|
description = "Unbound recursive Domain Name Server";
|
||||||
after = [ "network.target" ];
|
after = [ "network.target" ];
|
||||||
before = [ "nss-lookup.target" ];
|
before = [ "nss-lookup.target" ];
|
||||||
wants = [ "nss-lookup.target" ];
|
wantedBy = [ "multi-user.target" "nss-lookup.target" ];
|
||||||
wantedBy = [ "multi-user.target" ];
|
|
||||||
|
|
||||||
preStart = ''
|
preStart = lib.mkIf cfg.enableRootTrustAnchor ''
|
||||||
mkdir -m 0755 -p ${stateDir}/dev/
|
${cfg.package}/bin/unbound-anchor -a ${rootTrustAnchorFile} || echo "Root anchor updated!"
|
||||||
cp ${confFile} ${stateDir}/unbound.conf
|
|
||||||
${optionalString cfg.enableRootTrustAnchor ''
|
|
||||||
${cfg.package}/bin/unbound-anchor -a ${rootTrustAnchorFile} || echo "Root anchor updated!"
|
|
||||||
chown unbound ${stateDir} ${rootTrustAnchorFile}
|
|
||||||
''}
|
|
||||||
touch ${stateDir}/dev/random
|
|
||||||
${pkgs.utillinux}/bin/mount --bind -n /dev/urandom ${stateDir}/dev/random
|
|
||||||
'';
|
'';
|
||||||
|
|
||||||
serviceConfig = {
|
restartTriggers = [
|
||||||
ExecStart = "${cfg.package}/bin/unbound -d -c ${stateDir}/unbound.conf";
|
confFile
|
||||||
ExecStopPost="${pkgs.utillinux}/bin/umount ${stateDir}/dev/random";
|
];
|
||||||
|
|
||||||
ProtectSystem = true;
|
serviceConfig = {
|
||||||
ProtectHome = true;
|
ExecStart = "${cfg.package}/bin/unbound -p -d -c /etc/unbound/unbound.conf";
|
||||||
|
ExecReload = "+/run/current-system/sw/bin/kill -HUP $MAINPID";
|
||||||
|
|
||||||
|
NotifyAccess = "main";
|
||||||
|
Type = "notify";
|
||||||
|
|
||||||
|
# FIXME: Which of these do we actualy need, can we drop the chroot flag?
|
||||||
|
AmbientCapabilities = [
|
||||||
|
"CAP_NET_BIND_SERVICE"
|
||||||
|
"CAP_NET_RAW"
|
||||||
|
"CAP_SETGID"
|
||||||
|
"CAP_SETUID"
|
||||||
|
"CAP_SYS_CHROOT"
|
||||||
|
"CAP_SYS_RESOURCE"
|
||||||
|
];
|
||||||
|
|
||||||
|
User = "unbound";
|
||||||
|
Group = lib.mkIf (cfg.localControlSocketPath != null) (lib.mkDefault "unbound");
|
||||||
|
|
||||||
|
MemoryDenyWriteExecute = true;
|
||||||
|
NoNewPrivileges = true;
|
||||||
PrivateDevices = true;
|
PrivateDevices = true;
|
||||||
Restart = "always";
|
PrivateTmp = true;
|
||||||
RestartSec = "5s";
|
ProtectHome = true;
|
||||||
|
ProtectControlGroups = true;
|
||||||
|
ProtectKernelModules = true;
|
||||||
|
ProtectSystem = "strict";
|
||||||
|
RuntimeDirectory = "unbound";
|
||||||
|
ConfigurationDirectory = "unbound";
|
||||||
|
StateDirectory = "unbound";
|
||||||
|
RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" ];
|
||||||
|
RestrictRealtime = true;
|
||||||
|
SystemCallArchitectures = "native";
|
||||||
|
SystemCallFilter = [
|
||||||
|
"~@clock"
|
||||||
|
"@cpu-emulation"
|
||||||
|
"@debug"
|
||||||
|
"@keyring"
|
||||||
|
"@module"
|
||||||
|
"mount"
|
||||||
|
"@obsolete"
|
||||||
|
"@resources"
|
||||||
|
];
|
||||||
|
RestrictNamespaces = true;
|
||||||
|
LockPersonality = true;
|
||||||
|
RestrictSUIDSGID = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# If networkmanager is enabled, ask it to interface with unbound.
|
# If networkmanager is enabled, ask it to interface with unbound.
|
||||||
networking.networkmanager.dns = "unbound";
|
networking.networkmanager.dns = "unbound";
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -236,6 +236,7 @@ in
|
||||||
# an AppArmor profile is provided to get a confinement based upon paths and rights.
|
# an AppArmor profile is provided to get a confinement based upon paths and rights.
|
||||||
builtins.storeDir
|
builtins.storeDir
|
||||||
"/etc"
|
"/etc"
|
||||||
|
"/run"
|
||||||
] ++
|
] ++
|
||||||
optional (cfg.settings.script-torrent-done-enabled &&
|
optional (cfg.settings.script-torrent-done-enabled &&
|
||||||
cfg.settings.script-torrent-done-filename != "")
|
cfg.settings.script-torrent-done-filename != "")
|
||||||
|
@ -408,6 +409,7 @@ in
|
||||||
#r @{PROC}/@{pid}/environ,
|
#r @{PROC}/@{pid}/environ,
|
||||||
r @{PROC}/@{pid}/mounts,
|
r @{PROC}/@{pid}/mounts,
|
||||||
rwk /tmp/tr_session_id_*,
|
rwk /tmp/tr_session_id_*,
|
||||||
|
r /run/systemd/resolve/stub-resolv.conf,
|
||||||
|
|
||||||
r ${pkgs.openssl.out}/etc/**,
|
r ${pkgs.openssl.out}/etc/**,
|
||||||
r ${config.systemd.services.transmission.environment.CURL_CA_BUNDLE},
|
r ${config.systemd.services.transmission.environment.CURL_CA_BUNDLE},
|
||||||
|
|
|
@ -227,7 +227,7 @@ in
|
||||||
"xhci_pci"
|
"xhci_pci"
|
||||||
"usbhid"
|
"usbhid"
|
||||||
"hid_generic" "hid_lenovo" "hid_apple" "hid_roccat"
|
"hid_generic" "hid_lenovo" "hid_apple" "hid_roccat"
|
||||||
"hid_logitech_hidpp" "hid_logitech_dj"
|
"hid_logitech_hidpp" "hid_logitech_dj" "hid_microsoft"
|
||||||
|
|
||||||
] ++ optionals (pkgs.stdenv.isi686 || pkgs.stdenv.isx86_64) [
|
] ++ optionals (pkgs.stdenv.isi686 || pkgs.stdenv.isx86_64) [
|
||||||
# Misc. x86 keyboard stuff.
|
# Misc. x86 keyboard stuff.
|
||||||
|
|
|
@ -404,7 +404,7 @@ let
|
||||||
echo "Please move your mouse to create needed randomness."
|
echo "Please move your mouse to create needed randomness."
|
||||||
''}
|
''}
|
||||||
echo "Waiting for your FIDO2 device..."
|
echo "Waiting for your FIDO2 device..."
|
||||||
fido2luks -i open ${device} ${name} ${fido2.credential} --await-dev ${toString fido2.gracePeriod} --salt string:$passphrase
|
fido2luks open ${device} ${name} ${fido2.credential} --await-dev ${toString fido2.gracePeriod} --salt string:$passphrase
|
||||||
if [ $? -ne 0 ]; then
|
if [ $? -ne 0 ]; then
|
||||||
echo "No FIDO2 key found, falling back to normal open procedure"
|
echo "No FIDO2 key found, falling back to normal open procedure"
|
||||||
open_normally
|
open_normally
|
||||||
|
|
|
@ -35,4 +35,4 @@ int main(int argc, char** argv)
|
||||||
fwrite(key, 1, key_length, stdout);
|
fwrite(key, 1, key_length, stdout);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
|
@ -9,7 +9,7 @@ let
|
||||||
|
|
||||||
cfg = config.boot.plymouth;
|
cfg = config.boot.plymouth;
|
||||||
|
|
||||||
nixosBreezePlymouth = pkgs.breeze-plymouth.override {
|
nixosBreezePlymouth = pkgs.plasma5.breeze-plymouth.override {
|
||||||
logoFile = cfg.logo;
|
logoFile = cfg.logo;
|
||||||
logoName = "nixos";
|
logoName = "nixos";
|
||||||
osName = "NixOS";
|
osName = "NixOS";
|
||||||
|
|
|
@ -136,7 +136,7 @@ in
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
users.users.resolved.group = "systemd-resolve";
|
users.users.systemd-resolve.group = "systemd-resolve";
|
||||||
|
|
||||||
# add resolve to nss hosts database if enabled and nscd enabled
|
# add resolve to nss hosts database if enabled and nscd enabled
|
||||||
# system.nssModules is configured in nixos/modules/system/boot/systemd.nix
|
# system.nssModules is configured in nixos/modules/system/boot/systemd.nix
|
||||||
|
|
|
@ -329,24 +329,24 @@ let self = {
|
||||||
"20.03".ap-east-1.hvm-ebs = "ami-0d18fdd309cdefa86";
|
"20.03".ap-east-1.hvm-ebs = "ami-0d18fdd309cdefa86";
|
||||||
"20.03".sa-east-1.hvm-ebs = "ami-09859378158ae971d";
|
"20.03".sa-east-1.hvm-ebs = "ami-09859378158ae971d";
|
||||||
|
|
||||||
# 20.09.1465.9a0b14b097d
|
# 20.09.1632.a6a3a368dda
|
||||||
"20.09".eu-west-1.hvm-ebs = "ami-0d90f16418e3c364c";
|
"20.09".eu-west-1.hvm-ebs = "ami-01a79d5ce435f4db3";
|
||||||
"20.09".eu-west-2.hvm-ebs = "ami-0635ec0780ea57cfe";
|
"20.09".eu-west-2.hvm-ebs = "ami-0cbe14f32904e6331";
|
||||||
"20.09".eu-west-3.hvm-ebs = "ami-0714e94352f2eabb9";
|
"20.09".eu-west-3.hvm-ebs = "ami-07f493412d6213de6";
|
||||||
"20.09".eu-central-1.hvm-ebs = "ami-0979d39762a4d2a02";
|
"20.09".eu-central-1.hvm-ebs = "ami-01d4a0c2248cbfe38";
|
||||||
"20.09".eu-north-1.hvm-ebs = "ami-0b14e273185c66e9b";
|
"20.09".eu-north-1.hvm-ebs = "ami-0003f54dd99d68e0f";
|
||||||
"20.09".us-east-1.hvm-ebs = "ami-0f8b063ac3f2d9645";
|
"20.09".us-east-1.hvm-ebs = "ami-068a62d478710462d";
|
||||||
"20.09".us-east-2.hvm-ebs = "ami-0959202a0393fdd0c";
|
"20.09".us-east-2.hvm-ebs = "ami-01ac677ff61399caa";
|
||||||
"20.09".us-west-1.hvm-ebs = "ami-096d50833b785478b";
|
"20.09".us-west-1.hvm-ebs = "ami-04befdb203b4b17f6";
|
||||||
"20.09".us-west-2.hvm-ebs = "ami-0fc31031df0df6104";
|
"20.09".us-west-2.hvm-ebs = "ami-0fb7bd4a43261c6b2";
|
||||||
"20.09".ca-central-1.hvm-ebs = "ami-0787786a38cde3905";
|
"20.09".ca-central-1.hvm-ebs = "ami-06d5ee429f153f856";
|
||||||
"20.09".ap-southeast-1.hvm-ebs = "ami-0b3f693d3a2a0b9ae";
|
"20.09".ap-southeast-1.hvm-ebs = "ami-0db0304e23c535b2a";
|
||||||
"20.09".ap-southeast-2.hvm-ebs = "ami-02471872bc876b610";
|
"20.09".ap-southeast-2.hvm-ebs = "ami-045983c4db7e36447";
|
||||||
"20.09".ap-northeast-1.hvm-ebs = "ami-06505fd2bf44a59a7";
|
"20.09".ap-northeast-1.hvm-ebs = "ami-0beb18d632cf64e5a";
|
||||||
"20.09".ap-northeast-2.hvm-ebs = "ami-0754b4c014eea1e8a";
|
"20.09".ap-northeast-2.hvm-ebs = "ami-0dd0316af578862db";
|
||||||
"20.09".ap-south-1.hvm-ebs = "ami-05100e32242ae65a6";
|
"20.09".ap-south-1.hvm-ebs = "ami-008d15ced81c88aed";
|
||||||
"20.09".ap-east-1.hvm-ebs = "ami-045288859a39de009";
|
"20.09".ap-east-1.hvm-ebs = "ami-071f49713f86ea965";
|
||||||
"20.09".sa-east-1.hvm-ebs = "ami-0a937748db48fb00d";
|
"20.09".sa-east-1.hvm-ebs = "ami-05ded1ae35209b5a8";
|
||||||
|
|
||||||
latest = self."20.09";
|
latest = self."20.09";
|
||||||
}; in self
|
}; in self
|
||||||
|
|
|
@ -71,7 +71,6 @@ in rec {
|
||||||
(onFullSupported "nixos.tests.fontconfig-default-fonts")
|
(onFullSupported "nixos.tests.fontconfig-default-fonts")
|
||||||
(onFullSupported "nixos.tests.gnome3")
|
(onFullSupported "nixos.tests.gnome3")
|
||||||
(onFullSupported "nixos.tests.gnome3-xorg")
|
(onFullSupported "nixos.tests.gnome3-xorg")
|
||||||
(onFullSupported "nixos.tests.hardened")
|
|
||||||
(onSystems ["x86_64-linux"] "nixos.tests.hibernate")
|
(onSystems ["x86_64-linux"] "nixos.tests.hibernate")
|
||||||
(onFullSupported "nixos.tests.i3wm")
|
(onFullSupported "nixos.tests.i3wm")
|
||||||
(onSystems ["x86_64-linux"] "nixos.tests.installer.btrfsSimple")
|
(onSystems ["x86_64-linux"] "nixos.tests.installer.btrfsSimple")
|
||||||
|
@ -93,7 +92,6 @@ in rec {
|
||||||
(onFullSupported "nixos.tests.keymap.dvp")
|
(onFullSupported "nixos.tests.keymap.dvp")
|
||||||
(onFullSupported "nixos.tests.keymap.neo")
|
(onFullSupported "nixos.tests.keymap.neo")
|
||||||
(onFullSupported "nixos.tests.keymap.qwertz")
|
(onFullSupported "nixos.tests.keymap.qwertz")
|
||||||
(onFullSupported "nixos.tests.latestKernel.hardened")
|
|
||||||
(onFullSupported "nixos.tests.latestKernel.login")
|
(onFullSupported "nixos.tests.latestKernel.login")
|
||||||
(onFullSupported "nixos.tests.lightdm")
|
(onFullSupported "nixos.tests.lightdm")
|
||||||
(onFullSupported "nixos.tests.login")
|
(onFullSupported "nixos.tests.login")
|
||||||
|
|
|
@ -225,6 +225,7 @@ in
|
||||||
mysql-backup = handleTest ./mysql/mysql-backup.nix {};
|
mysql-backup = handleTest ./mysql/mysql-backup.nix {};
|
||||||
mysql-replication = handleTest ./mysql/mysql-replication.nix {};
|
mysql-replication = handleTest ./mysql/mysql-replication.nix {};
|
||||||
nagios = handleTest ./nagios.nix {};
|
nagios = handleTest ./nagios.nix {};
|
||||||
|
nar-serve = handleTest ./nar-serve.nix {};
|
||||||
nat.firewall = handleTest ./nat.nix { withFirewall = true; };
|
nat.firewall = handleTest ./nat.nix { withFirewall = true; };
|
||||||
nat.firewall-conntrack = handleTest ./nat.nix { withFirewall = true; withConntrackHelpers = true; };
|
nat.firewall-conntrack = handleTest ./nat.nix { withFirewall = true; withConntrackHelpers = true; };
|
||||||
nat.standalone = handleTest ./nat.nix { withFirewall = false; };
|
nat.standalone = handleTest ./nat.nix { withFirewall = false; };
|
||||||
|
@ -255,6 +256,7 @@ in
|
||||||
novacomd = handleTestOn ["x86_64-linux"] ./novacomd.nix {};
|
novacomd = handleTestOn ["x86_64-linux"] ./novacomd.nix {};
|
||||||
nsd = handleTest ./nsd.nix {};
|
nsd = handleTest ./nsd.nix {};
|
||||||
nzbget = handleTest ./nzbget.nix {};
|
nzbget = handleTest ./nzbget.nix {};
|
||||||
|
oh-my-zsh = handleTest ./oh-my-zsh.nix {};
|
||||||
openarena = handleTest ./openarena.nix {};
|
openarena = handleTest ./openarena.nix {};
|
||||||
openldap = handleTest ./openldap.nix {};
|
openldap = handleTest ./openldap.nix {};
|
||||||
opensmtpd = handleTest ./opensmtpd.nix {};
|
opensmtpd = handleTest ./opensmtpd.nix {};
|
||||||
|
@ -313,6 +315,7 @@ in
|
||||||
samba = handleTest ./samba.nix {};
|
samba = handleTest ./samba.nix {};
|
||||||
sanoid = handleTest ./sanoid.nix {};
|
sanoid = handleTest ./sanoid.nix {};
|
||||||
sbt = handleTest ./sbt.nix {};
|
sbt = handleTest ./sbt.nix {};
|
||||||
|
scala = handleTest ./scala.nix {};
|
||||||
sddm = handleTest ./sddm.nix {};
|
sddm = handleTest ./sddm.nix {};
|
||||||
service-runner = handleTest ./service-runner.nix {};
|
service-runner = handleTest ./service-runner.nix {};
|
||||||
shadowsocks = handleTest ./shadowsocks {};
|
shadowsocks = handleTest ./shadowsocks {};
|
||||||
|
@ -366,6 +369,7 @@ in
|
||||||
trezord = handleTest ./trezord.nix {};
|
trezord = handleTest ./trezord.nix {};
|
||||||
trickster = handleTest ./trickster.nix {};
|
trickster = handleTest ./trickster.nix {};
|
||||||
tuptime = handleTest ./tuptime.nix {};
|
tuptime = handleTest ./tuptime.nix {};
|
||||||
|
unbound = handleTest ./unbound.nix {};
|
||||||
udisks2 = handleTest ./udisks2.nix {};
|
udisks2 = handleTest ./udisks2.nix {};
|
||||||
unit-php = handleTest ./web-servers/unit-php.nix {};
|
unit-php = handleTest ./web-servers/unit-php.nix {};
|
||||||
upnp = handleTest ./upnp.nix {};
|
upnp = handleTest ./upnp.nix {};
|
||||||
|
|
48
nixos/tests/nar-serve.nix
Normal file
48
nixos/tests/nar-serve.nix
Normal file
|
@ -0,0 +1,48 @@
|
||||||
|
import ./make-test-python.nix (
|
||||||
|
{ pkgs, lib, ... }:
|
||||||
|
{
|
||||||
|
name = "nar-serve";
|
||||||
|
meta.maintainers = [ lib.maintainers.rizary ];
|
||||||
|
nodes =
|
||||||
|
{
|
||||||
|
server = { pkgs, ... }: {
|
||||||
|
services.nginx = {
|
||||||
|
enable = true;
|
||||||
|
virtualHosts.default.root = "/var/www";
|
||||||
|
};
|
||||||
|
services.nar-serve = {
|
||||||
|
enable = true;
|
||||||
|
# Connect to the localhost nginx instead of the default
|
||||||
|
# https://cache.nixos.org
|
||||||
|
cacheURL = "http://localhost/";
|
||||||
|
};
|
||||||
|
environment.systemPackages = [
|
||||||
|
pkgs.hello
|
||||||
|
pkgs.curl
|
||||||
|
];
|
||||||
|
|
||||||
|
networking.firewall.allowedTCPPorts = [ 8383 ];
|
||||||
|
|
||||||
|
# virtualisation.diskSize = 2 * 1024;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
testScript = ''
|
||||||
|
start_all()
|
||||||
|
|
||||||
|
# Create a fake cache with Nginx service the static files
|
||||||
|
server.succeed(
|
||||||
|
"nix copy --to file:///var/www ${pkgs.hello}"
|
||||||
|
)
|
||||||
|
server.wait_for_unit("nginx.service")
|
||||||
|
server.wait_for_open_port(80)
|
||||||
|
|
||||||
|
# Check that nar-serve can return the content of the derivation
|
||||||
|
drvName = os.path.basename("${pkgs.hello}")
|
||||||
|
drvHash = drvName.split("-")[0]
|
||||||
|
server.wait_for_unit("nar-serve.service")
|
||||||
|
server.succeed(
|
||||||
|
"curl -o hello -f http://localhost:8383/nix/store/{}/bin/hello".format(drvHash)
|
||||||
|
)
|
||||||
|
'';
|
||||||
|
}
|
||||||
|
)
|
18
nixos/tests/oh-my-zsh.nix
Normal file
18
nixos/tests/oh-my-zsh.nix
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
import ./make-test-python.nix ({ pkgs, ... }: {
|
||||||
|
name = "oh-my-zsh";
|
||||||
|
|
||||||
|
machine = { pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
programs.zsh = {
|
||||||
|
enable = true;
|
||||||
|
ohMyZsh.enable = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
testScript = ''
|
||||||
|
start_all()
|
||||||
|
machine.succeed("touch ~/.zshrc")
|
||||||
|
machine.succeed("zsh -c 'source /etc/zshrc && echo $ZSH | grep oh-my-zsh-${pkgs.oh-my-zsh.version}'")
|
||||||
|
'';
|
||||||
|
})
|
|
@ -609,6 +609,50 @@ let
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
sql = {
|
||||||
|
exporterConfig = {
|
||||||
|
configuration.jobs.points = {
|
||||||
|
interval = "1m";
|
||||||
|
connections = [
|
||||||
|
"postgres://prometheus-sql-exporter@/data?host=/run/postgresql&sslmode=disable"
|
||||||
|
];
|
||||||
|
queries = {
|
||||||
|
points = {
|
||||||
|
labels = [ "name" ];
|
||||||
|
help = "Amount of points accumulated per person";
|
||||||
|
values = [ "amount" ];
|
||||||
|
query = "SELECT SUM(amount) as amount, name FROM points GROUP BY name";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
enable = true;
|
||||||
|
user = "prometheus-sql-exporter";
|
||||||
|
};
|
||||||
|
metricProvider = {
|
||||||
|
services.postgresql = {
|
||||||
|
enable = true;
|
||||||
|
initialScript = builtins.toFile "init.sql" ''
|
||||||
|
CREATE DATABASE data;
|
||||||
|
\c data;
|
||||||
|
CREATE TABLE points (amount INT, name TEXT);
|
||||||
|
INSERT INTO points(amount, name) VALUES (1, 'jack');
|
||||||
|
INSERT INTO points(amount, name) VALUES (2, 'jill');
|
||||||
|
INSERT INTO points(amount, name) VALUES (3, 'jack');
|
||||||
|
|
||||||
|
CREATE USER "prometheus-sql-exporter";
|
||||||
|
GRANT ALL PRIVILEGES ON DATABASE data TO "prometheus-sql-exporter";
|
||||||
|
GRANT SELECT ON points TO "prometheus-sql-exporter";
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
systemd.services.prometheus-sql-exporter.after = [ "postgresql.service" ];
|
||||||
|
};
|
||||||
|
exporterTest = ''
|
||||||
|
wait_for_unit("prometheus-sql-exporter.service")
|
||||||
|
wait_for_open_port(9237)
|
||||||
|
succeed("curl http://localhost:9237/metrics | grep -c 'sql_points{' | grep -q 2")
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
surfboard = {
|
surfboard = {
|
||||||
exporterConfig = {
|
exporterConfig = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
33
nixos/tests/scala.nix
Normal file
33
nixos/tests/scala.nix
Normal file
|
@ -0,0 +1,33 @@
|
||||||
|
{ system ? builtins.currentSystem,
|
||||||
|
config ? {},
|
||||||
|
pkgs ? import ../.. { inherit system config; }
|
||||||
|
}:
|
||||||
|
|
||||||
|
with pkgs.lib;
|
||||||
|
|
||||||
|
let
|
||||||
|
common = name: package: (import ./make-test-python.nix ({
|
||||||
|
inherit name;
|
||||||
|
meta = with pkgs.stdenv.lib.maintainers; {
|
||||||
|
maintainers = [ nequissimus ];
|
||||||
|
};
|
||||||
|
|
||||||
|
nodes = {
|
||||||
|
scala = { ... }: {
|
||||||
|
environment.systemPackages = [ package ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
testScript = ''
|
||||||
|
start_all()
|
||||||
|
|
||||||
|
scala.succeed("scalac -version 2>&1 | grep '^Scala compiler version ${package.version}'")
|
||||||
|
'';
|
||||||
|
}) { inherit system; });
|
||||||
|
|
||||||
|
in with pkgs; {
|
||||||
|
scala_2_10 = common "scala_2_10" scala_2_10;
|
||||||
|
scala_2_11 = common "scala_2_11" scala_2_11;
|
||||||
|
scala_2_12 = common "scala_2_12" scala_2_12;
|
||||||
|
scala_2_13 = common "scala_2_13" scala_2_13;
|
||||||
|
}
|
278
nixos/tests/unbound.nix
Normal file
278
nixos/tests/unbound.nix
Normal file
|
@ -0,0 +1,278 @@
|
||||||
|
/*
|
||||||
|
Test that our unbound module indeed works as most users would expect.
|
||||||
|
There are a few settings that we must consider when modifying the test. The
|
||||||
|
ususal use-cases for unbound are
|
||||||
|
* running a recursive DNS resolver on the local machine
|
||||||
|
* running a recursive DNS resolver on the local machine, forwarding to a local DNS server via UDP/53 & TCP/53
|
||||||
|
* running a recursive DNS resolver on the local machine, forwarding to a local DNS server via TCP/853 (DoT)
|
||||||
|
* running a recursive DNS resolver on a machine in the network awaiting input from clients over TCP/53 & UDP/53
|
||||||
|
* running a recursive DNS resolver on a machine in the network awaiting input from clients over TCP/853 (DoT)
|
||||||
|
|
||||||
|
In the below test setup we are trying to implement all of those use cases.
|
||||||
|
|
||||||
|
Another aspect that we cover is access to the local control UNIX socket. It
|
||||||
|
can optionally be enabled and users can optionally be in a group to gain
|
||||||
|
access. Users that are not in the group (except for root) should not have
|
||||||
|
access to that socket. Also, when there is no socket configured, users
|
||||||
|
shouldn't be able to access the control socket at all. Not even root.
|
||||||
|
*/
|
||||||
|
import ./make-test-python.nix ({ pkgs, lib, ... }:
|
||||||
|
let
|
||||||
|
# common client configuration that we can just use for the multitude of
|
||||||
|
# clients we are constructing
|
||||||
|
common = { lib, pkgs, ... }: {
|
||||||
|
config = {
|
||||||
|
environment.systemPackages = [ pkgs.knot-dns ];
|
||||||
|
|
||||||
|
# disable the root anchor update as we do not have internet access during
|
||||||
|
# the test execution
|
||||||
|
services.unbound.enableRootTrustAnchor = false;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
cert = pkgs.runCommandNoCC "selfSignedCerts" { buildInputs = [ pkgs.openssl ]; } ''
|
||||||
|
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -nodes -subj '/CN=dns.example.local'
|
||||||
|
mkdir -p $out
|
||||||
|
cp key.pem cert.pem $out
|
||||||
|
'';
|
||||||
|
in
|
||||||
|
{
|
||||||
|
name = "unbound";
|
||||||
|
meta = with pkgs.stdenv.lib.maintainers; {
|
||||||
|
maintainers = [ andir ];
|
||||||
|
};
|
||||||
|
|
||||||
|
nodes = {
|
||||||
|
|
||||||
|
# The server that actually serves our zones, this tests unbounds authoriative mode
|
||||||
|
authoritative = { lib, pkgs, config, ... }: {
|
||||||
|
imports = [ common ];
|
||||||
|
networking.interfaces.eth1.ipv4.addresses = lib.mkForce [
|
||||||
|
{ address = "192.168.0.1"; prefixLength = 24; }
|
||||||
|
];
|
||||||
|
networking.interfaces.eth1.ipv6.addresses = lib.mkForce [
|
||||||
|
{ address = "fd21::1"; prefixLength = 64; }
|
||||||
|
];
|
||||||
|
networking.firewall.allowedTCPPorts = [ 53 ];
|
||||||
|
networking.firewall.allowedUDPPorts = [ 53 ];
|
||||||
|
|
||||||
|
services.unbound = {
|
||||||
|
enable = true;
|
||||||
|
interfaces = [ "192.168.0.1" "fd21::1" "::1" "127.0.0.1" ];
|
||||||
|
allowedAccess = [ "192.168.0.0/24" "fd21::/64" "::1" "127.0.0.0/8" ];
|
||||||
|
extraConfig = ''
|
||||||
|
server:
|
||||||
|
local-data: "example.local. IN A 1.2.3.4"
|
||||||
|
local-data: "example.local. IN AAAA abcd::eeff"
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
# The resolver that knows that fowards (only) to the authoritative server
|
||||||
|
# and listens on UDP/53, TCP/53 & TCP/853.
|
||||||
|
resolver = { lib, nodes, ... }: {
|
||||||
|
imports = [ common ];
|
||||||
|
networking.interfaces.eth1.ipv4.addresses = lib.mkForce [
|
||||||
|
{ address = "192.168.0.2"; prefixLength = 24; }
|
||||||
|
];
|
||||||
|
networking.interfaces.eth1.ipv6.addresses = lib.mkForce [
|
||||||
|
{ address = "fd21::2"; prefixLength = 64; }
|
||||||
|
];
|
||||||
|
networking.firewall.allowedTCPPorts = [
|
||||||
|
53 # regular DNS
|
||||||
|
853 # DNS over TLS
|
||||||
|
];
|
||||||
|
networking.firewall.allowedUDPPorts = [ 53 ];
|
||||||
|
|
||||||
|
services.unbound = {
|
||||||
|
enable = true;
|
||||||
|
allowedAccess = [ "192.168.0.0/24" "fd21::/64" "::1" "127.0.0.0/8" ];
|
||||||
|
interfaces = [ "::1" "127.0.0.1" "192.168.0.2" "fd21::2" "192.168.0.2@853" "fd21::2@853" "::1@853" "127.0.0.1@853" ];
|
||||||
|
forwardAddresses = [
|
||||||
|
(lib.head nodes.authoritative.config.networking.interfaces.eth1.ipv6.addresses).address
|
||||||
|
(lib.head nodes.authoritative.config.networking.interfaces.eth1.ipv4.addresses).address
|
||||||
|
];
|
||||||
|
extraConfig = ''
|
||||||
|
server:
|
||||||
|
tls-service-pem: ${cert}/cert.pem
|
||||||
|
tls-service-key: ${cert}/key.pem
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
# machine that runs a local unbound that will be reconfigured during test execution
|
||||||
|
local_resolver = { lib, nodes, config, ... }: {
|
||||||
|
imports = [ common ];
|
||||||
|
networking.interfaces.eth1.ipv4.addresses = lib.mkForce [
|
||||||
|
{ address = "192.168.0.3"; prefixLength = 24; }
|
||||||
|
];
|
||||||
|
networking.interfaces.eth1.ipv6.addresses = lib.mkForce [
|
||||||
|
{ address = "fd21::3"; prefixLength = 64; }
|
||||||
|
];
|
||||||
|
networking.firewall.allowedTCPPorts = [
|
||||||
|
53 # regular DNS
|
||||||
|
];
|
||||||
|
networking.firewall.allowedUDPPorts = [ 53 ];
|
||||||
|
|
||||||
|
services.unbound = {
|
||||||
|
enable = true;
|
||||||
|
allowedAccess = [ "::1" "127.0.0.0/8" ];
|
||||||
|
interfaces = [ "::1" "127.0.0.1" ];
|
||||||
|
localControlSocketPath = "/run/unbound/unbound.ctl";
|
||||||
|
extraConfig = ''
|
||||||
|
include: "/etc/unbound/extra*.conf"
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
users.users = {
|
||||||
|
# user that is permitted to access the unix socket
|
||||||
|
someuser.extraGroups = [
|
||||||
|
config.users.users.unbound.group
|
||||||
|
];
|
||||||
|
|
||||||
|
# user that is not permitted to access the unix socket
|
||||||
|
unauthorizeduser = {};
|
||||||
|
};
|
||||||
|
|
||||||
|
environment.etc = {
|
||||||
|
"unbound-extra1.conf".text = ''
|
||||||
|
forward-zone:
|
||||||
|
name: "example.local."
|
||||||
|
forward-addr: ${(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv6.addresses).address}
|
||||||
|
forward-addr: ${(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv4.addresses).address}
|
||||||
|
'';
|
||||||
|
"unbound-extra2.conf".text = ''
|
||||||
|
auth-zone:
|
||||||
|
name: something.local.
|
||||||
|
zonefile: ${pkgs.writeText "zone" ''
|
||||||
|
something.local. IN A 3.4.5.6
|
||||||
|
''}
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
# plain node that only has network access and doesn't run any part of the
|
||||||
|
# resolver software locally
|
||||||
|
client = { lib, nodes, ... }: {
|
||||||
|
imports = [ common ];
|
||||||
|
networking.nameservers = [
|
||||||
|
(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv6.addresses).address
|
||||||
|
(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv4.addresses).address
|
||||||
|
];
|
||||||
|
networking.interfaces.eth1.ipv4.addresses = [
|
||||||
|
{ address = "192.168.0.10"; prefixLength = 24; }
|
||||||
|
];
|
||||||
|
networking.interfaces.eth1.ipv6.addresses = [
|
||||||
|
{ address = "fd21::10"; prefixLength = 64; }
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
testScript = { nodes, ... }: ''
|
||||||
|
import typing
|
||||||
|
import json
|
||||||
|
|
||||||
|
zone = "example.local."
|
||||||
|
records = [("AAAA", "abcd::eeff"), ("A", "1.2.3.4")]
|
||||||
|
|
||||||
|
|
||||||
|
def query(
|
||||||
|
machine,
|
||||||
|
host: str,
|
||||||
|
query_type: str,
|
||||||
|
query: str,
|
||||||
|
expected: typing.Optional[str] = None,
|
||||||
|
args: typing.Optional[typing.List[str]] = None,
|
||||||
|
):
|
||||||
|
"""
|
||||||
|
Execute a single query and compare the result with expectation
|
||||||
|
"""
|
||||||
|
text_args = ""
|
||||||
|
if args:
|
||||||
|
text_args = " ".join(args)
|
||||||
|
|
||||||
|
out = machine.succeed(
|
||||||
|
f"kdig {text_args} {query} {query_type} @{host} +short"
|
||||||
|
).strip()
|
||||||
|
machine.log(f"{host} replied with {out}")
|
||||||
|
if expected:
|
||||||
|
assert expected == out, f"Expected `{expected}` but got `{out}`"
|
||||||
|
|
||||||
|
|
||||||
|
def test(machine, remotes, /, doh=False, zone=zone, records=records, args=[]):
|
||||||
|
"""
|
||||||
|
Run queries for the given remotes on the given machine.
|
||||||
|
"""
|
||||||
|
for query_type, expected in records:
|
||||||
|
for remote in remotes:
|
||||||
|
query(machine, remote, query_type, zone, expected, args)
|
||||||
|
query(machine, remote, query_type, zone, expected, ["+tcp"] + args)
|
||||||
|
if doh:
|
||||||
|
query(
|
||||||
|
machine,
|
||||||
|
remote,
|
||||||
|
query_type,
|
||||||
|
zone,
|
||||||
|
expected,
|
||||||
|
["+tcp", "+tls"] + args,
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
client.start()
|
||||||
|
authoritative.wait_for_unit("unbound.service")
|
||||||
|
|
||||||
|
# verify that we can resolve locally
|
||||||
|
with subtest("test the authoritative servers local responses"):
|
||||||
|
test(authoritative, ["::1", "127.0.0.1"])
|
||||||
|
|
||||||
|
resolver.wait_for_unit("unbound.service")
|
||||||
|
|
||||||
|
with subtest("root is unable to use unbounc-control when the socket is not configured"):
|
||||||
|
resolver.succeed("which unbound-control") # the binary must exist
|
||||||
|
resolver.fail("unbound-control list_forwards") # the invocation must fail
|
||||||
|
|
||||||
|
# verify that the resolver is able to resolve on all the local protocols
|
||||||
|
with subtest("test that the resolver resolves on all protocols and transports"):
|
||||||
|
test(resolver, ["::1", "127.0.0.1"], doh=True)
|
||||||
|
|
||||||
|
resolver.wait_for_unit("multi-user.target")
|
||||||
|
|
||||||
|
with subtest("client should be able to query the resolver"):
|
||||||
|
test(client, ["${(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv6.addresses).address}", "${(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv4.addresses).address}"], doh=True)
|
||||||
|
|
||||||
|
# discard the client we do not need anymore
|
||||||
|
client.shutdown()
|
||||||
|
|
||||||
|
local_resolver.wait_for_unit("multi-user.target")
|
||||||
|
|
||||||
|
# link a new config file to /etc/unbound/extra.conf
|
||||||
|
local_resolver.succeed("ln -s /etc/unbound-extra1.conf /etc/unbound/extra1.conf")
|
||||||
|
|
||||||
|
# reload the server & ensure the forwarding works
|
||||||
|
with subtest("test that the local resolver resolves on all protocols and transports"):
|
||||||
|
local_resolver.succeed("systemctl reload unbound")
|
||||||
|
print(local_resolver.succeed("journalctl -u unbound -n 1000"))
|
||||||
|
test(local_resolver, ["::1", "127.0.0.1"], args=["+timeout=60"])
|
||||||
|
|
||||||
|
with subtest("test that we can use the unbound control socket"):
|
||||||
|
out = local_resolver.succeed(
|
||||||
|
"sudo -u someuser -- unbound-control list_forwards"
|
||||||
|
).strip()
|
||||||
|
|
||||||
|
# Thank you black! Can't really break this line into a readable version.
|
||||||
|
expected = "example.local. IN forward ${(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv6.addresses).address} ${(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv4.addresses).address}"
|
||||||
|
assert out == expected, f"Expected `{expected}` but got `{out}` instead."
|
||||||
|
local_resolver.fail("sudo -u unauthorizeduser -- unbound-control list_forwards")
|
||||||
|
|
||||||
|
|
||||||
|
# link a new config file to /etc/unbound/extra.conf
|
||||||
|
local_resolver.succeed("ln -sf /etc/unbound-extra2.conf /etc/unbound/extra2.conf")
|
||||||
|
|
||||||
|
# reload the server & ensure the new local zone works
|
||||||
|
with subtest("test that we can query the new local zone"):
|
||||||
|
local_resolver.succeed("unbound-control reload")
|
||||||
|
r = [("A", "3.4.5.6")]
|
||||||
|
test(local_resolver, ["::1", "127.0.0.1"], zone="something.local.", records=r)
|
||||||
|
'';
|
||||||
|
})
|
|
@ -12,17 +12,14 @@
|
||||||
, fftw
|
, fftw
|
||||||
, fftwSinglePrec
|
, fftwSinglePrec
|
||||||
, flac
|
, flac
|
||||||
, fluidsynth
|
|
||||||
, glibc
|
, glibc
|
||||||
, glibmm
|
, glibmm
|
||||||
, graphviz
|
, graphviz
|
||||||
, gtkmm2
|
, gtkmm2
|
||||||
, hidapi
|
|
||||||
, itstool
|
, itstool
|
||||||
, libarchive
|
, libarchive
|
||||||
, libjack2
|
, libjack2
|
||||||
, liblo
|
, liblo
|
||||||
, libltc
|
|
||||||
, libogg
|
, libogg
|
||||||
, libpulseaudio
|
, libpulseaudio
|
||||||
, librdf_raptor
|
, librdf_raptor
|
||||||
|
@ -42,11 +39,11 @@
|
||||||
, perl
|
, perl
|
||||||
, pkg-config
|
, pkg-config
|
||||||
, python3
|
, python3
|
||||||
, qm-dsp
|
|
||||||
, readline
|
, readline
|
||||||
, rubberband
|
, rubberband
|
||||||
, serd
|
, serd
|
||||||
, sord
|
, sord
|
||||||
|
, soundtouch
|
||||||
, sratom
|
, sratom
|
||||||
, suil
|
, suil
|
||||||
, taglib
|
, taglib
|
||||||
|
@ -55,13 +52,13 @@
|
||||||
}:
|
}:
|
||||||
stdenv.mkDerivation rec {
|
stdenv.mkDerivation rec {
|
||||||
pname = "ardour";
|
pname = "ardour";
|
||||||
version = "6.2";
|
version = "6.3";
|
||||||
|
|
||||||
# don't fetch releases from the GitHub mirror, they are broken
|
# don't fetch releases from the GitHub mirror, they are broken
|
||||||
src = fetchgit {
|
src = fetchgit {
|
||||||
url = "git://git.ardour.org/ardour/ardour.git";
|
url = "git://git.ardour.org/ardour/ardour.git";
|
||||||
rev = version;
|
rev = version;
|
||||||
sha256 = "17jxbqavricy01x4ymq6d302djsqfnv84m7dm4fd8cpka0dqjp1y";
|
sha256 = "050p1adgyirr790a3xp878pq3axqwzcmrk3drgm9z6v753h0xhcd";
|
||||||
};
|
};
|
||||||
|
|
||||||
patches = [
|
patches = [
|
||||||
|
@ -91,15 +88,12 @@ stdenv.mkDerivation rec {
|
||||||
fftw
|
fftw
|
||||||
fftwSinglePrec
|
fftwSinglePrec
|
||||||
flac
|
flac
|
||||||
fluidsynth
|
|
||||||
glibmm
|
glibmm
|
||||||
gtkmm2
|
gtkmm2
|
||||||
hidapi
|
|
||||||
itstool
|
itstool
|
||||||
libarchive
|
libarchive
|
||||||
libjack2
|
libjack2
|
||||||
liblo
|
liblo
|
||||||
libltc
|
|
||||||
libogg
|
libogg
|
||||||
libpulseaudio
|
libpulseaudio
|
||||||
librdf_raptor
|
librdf_raptor
|
||||||
|
@ -118,11 +112,11 @@ stdenv.mkDerivation rec {
|
||||||
pango
|
pango
|
||||||
perl
|
perl
|
||||||
python3
|
python3
|
||||||
qm-dsp
|
|
||||||
readline
|
readline
|
||||||
rubberband
|
rubberband
|
||||||
serd
|
serd
|
||||||
sord
|
sord
|
||||||
|
soundtouch
|
||||||
sratom
|
sratom
|
||||||
suil
|
suil
|
||||||
taglib
|
taglib
|
||||||
|
@ -136,11 +130,11 @@ stdenv.mkDerivation rec {
|
||||||
"--no-phone-home"
|
"--no-phone-home"
|
||||||
"--optimize"
|
"--optimize"
|
||||||
"--ptformat"
|
"--ptformat"
|
||||||
"--qm-dsp-include=${qm-dsp}/include/qm-dsp"
|
|
||||||
"--run-tests"
|
"--run-tests"
|
||||||
"--test"
|
"--test"
|
||||||
"--use-external-libs"
|
|
||||||
];
|
];
|
||||||
|
# removed because it fixes https://tracker.ardour.org/view.php?id=8161 and https://tracker.ardour.org/view.php?id=8437
|
||||||
|
# "--use-external-libs"
|
||||||
|
|
||||||
# Ardour's wscript requires git revision and date to be available.
|
# Ardour's wscript requires git revision and date to be available.
|
||||||
# Since they are not, let's generate the file manually.
|
# Since they are not, let's generate the file manually.
|
||||||
|
|
|
@ -7,6 +7,7 @@
|
||||||
, python3
|
, python3
|
||||||
, gtk3
|
, gtk3
|
||||||
, gst_all_1
|
, gst_all_1
|
||||||
|
, libhandy
|
||||||
, libsecret
|
, libsecret
|
||||||
, libsoup
|
, libsoup
|
||||||
, appstream-glib
|
, appstream-glib
|
||||||
|
@ -24,7 +25,7 @@
|
||||||
|
|
||||||
python3.pkgs.buildPythonApplication rec {
|
python3.pkgs.buildPythonApplication rec {
|
||||||
pname = "lollypop";
|
pname = "lollypop";
|
||||||
version = "1.3.2";
|
version = "1.4.5";
|
||||||
|
|
||||||
format = "other";
|
format = "other";
|
||||||
doCheck = false;
|
doCheck = false;
|
||||||
|
@ -33,7 +34,7 @@ python3.pkgs.buildPythonApplication rec {
|
||||||
url = "https://gitlab.gnome.org/World/lollypop";
|
url = "https://gitlab.gnome.org/World/lollypop";
|
||||||
rev = "refs/tags/${version}";
|
rev = "refs/tags/${version}";
|
||||||
fetchSubmodules = true;
|
fetchSubmodules = true;
|
||||||
sha256 = "14854j1dhq67s1vzs0lqy345vbl6f5w8nb36n4i33fmpva2flsk3";
|
sha256 = "1i5qcpp3fpkda08g6nkiiff8lsjmv5xsvpa0512kigq5z0lsagrx";
|
||||||
};
|
};
|
||||||
|
|
||||||
nativeBuildInputs = [
|
nativeBuildInputs = [
|
||||||
|
@ -57,6 +58,7 @@ python3.pkgs.buildPythonApplication rec {
|
||||||
gst-plugins-ugly
|
gst-plugins-ugly
|
||||||
gstreamer
|
gstreamer
|
||||||
gtk3
|
gtk3
|
||||||
|
libhandy
|
||||||
libsoup
|
libsoup
|
||||||
pango
|
pango
|
||||||
totem-pl-parser
|
totem-pl-parser
|
||||||
|
|
|
@ -2,13 +2,13 @@
|
||||||
|
|
||||||
let
|
let
|
||||||
pname = "plexamp";
|
pname = "plexamp";
|
||||||
version = "3.2.0";
|
version = "3.3.1";
|
||||||
name = "${pname}-${version}";
|
name = "${pname}-${version}";
|
||||||
|
|
||||||
src = fetchurl {
|
src = fetchurl {
|
||||||
url = "https://plexamp.plex.tv/plexamp.plex.tv/desktop/Plexamp-${version}.AppImage";
|
url = "https://plexamp.plex.tv/plexamp.plex.tv/desktop/Plexamp-${version}.AppImage";
|
||||||
sha256 = "R1BhobnwoU7oJ7bNes8kH2neXqHlMPbRCNjcHyzUPqo=";
|
|
||||||
name="${pname}-${version}.AppImage";
|
name="${pname}-${version}.AppImage";
|
||||||
|
sha256 = "6/asP8VR+rJ52lKKds46gSw1or9suUEmyR75pjdWHIQ=";
|
||||||
};
|
};
|
||||||
|
|
||||||
appimageContents = appimageTools.extractType2 {
|
appimageContents = appimageTools.extractType2 {
|
||||||
|
|
|
@ -7,13 +7,13 @@ let
|
||||||
|
|
||||||
in stdenv.mkDerivation rec {
|
in stdenv.mkDerivation rec {
|
||||||
name = "${pname}-${version}";
|
name = "${pname}-${version}";
|
||||||
version = "1.67";
|
version = "1.68";
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "graysky2";
|
owner = "graysky2";
|
||||||
repo = pname;
|
repo = pname;
|
||||||
rev = "v${version}";
|
rev = "v${version}";
|
||||||
sha256 = "1mf5r7x6aiqmx9mz7gpckrqvvzxnr5gs2q1k4m42rjk6ldkpdb46";
|
sha256 = "0wrzfanwy18wyawpg8rfvfgjh3lwngqwmfpi4ww3530rfmi84cf0";
|
||||||
};
|
};
|
||||||
|
|
||||||
postPatch = ''
|
postPatch = ''
|
||||||
|
|
|
@ -42,7 +42,7 @@ stdenv.mkDerivation rec {
|
||||||
description = "Decentralized open source information registration and transfer system based on the Bitcoin cryptocurrency";
|
description = "Decentralized open source information registration and transfer system based on the Bitcoin cryptocurrency";
|
||||||
homepage = "https://namecoin.org";
|
homepage = "https://namecoin.org";
|
||||||
license = licenses.mit;
|
license = licenses.mit;
|
||||||
maintainers = with maintainers; [ doublec infinisil ];
|
maintainers = with maintainers; [ infinisil ];
|
||||||
platforms = platforms.linux;
|
platforms = platforms.linux;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -7,18 +7,16 @@
|
||||||
}:
|
}:
|
||||||
rustPlatform.buildRustPackage rec {
|
rustPlatform.buildRustPackage rec {
|
||||||
pname = "polkadot";
|
pname = "polkadot";
|
||||||
version = "0.8.25";
|
version = "0.8.26";
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "paritytech";
|
owner = "paritytech";
|
||||||
repo = "polkadot";
|
repo = "polkadot";
|
||||||
rev = "v${version}";
|
rev = "v${version}";
|
||||||
sha256 = "1jdklmysr25rlwgx7pz0jw66j1w60h98kqghzjhr90zhynzh39lz";
|
sha256 = "1bvma6k3gsjqh8w76k4kf52sjg8wxn1b7a409kmnmmvmd9j6z5ia";
|
||||||
};
|
};
|
||||||
|
|
||||||
cargoSha256 = "08yfafrspkd1g1mhlfwngbknkxjkyymbcga8n2rdsk7mz0hm0vgy";
|
cargoSha256 = "0pacmmvvjgzmaxgg47qbfhqwl02jxj3i6vnmkjbj9npzqfmqf72d";
|
||||||
|
|
||||||
cargoPatches = [ ./substrate-wasm-builder-runner.patch ];
|
|
||||||
|
|
||||||
nativeBuildInputs = [ clang ];
|
nativeBuildInputs = [ clang ];
|
||||||
|
|
||||||
|
|
|
@ -1,25 +0,0 @@
|
||||||
diff --git a/Cargo.lock b/Cargo.lock
|
|
||||||
index 5e7c4a14..bb67aada 100644
|
|
||||||
--- a/Cargo.lock
|
|
||||||
+++ b/Cargo.lock
|
|
||||||
@@ -8642,8 +8642,7 @@ dependencies = [
|
|
||||||
[[package]]
|
|
||||||
name = "substrate-wasm-builder-runner"
|
|
||||||
version = "1.0.6"
|
|
||||||
-source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
||||||
-checksum = "d2a965994514ab35d3893e9260245f2947fd1981cdd4fffd2c6e6d1a9ce02e6a"
|
|
||||||
+source = "git+https://github.com/paritytech/substrate#647ad15565d7c35ecf00b73b12cccad9858780b9"
|
|
||||||
|
|
||||||
[[package]]
|
|
||||||
name = "subtle"
|
|
||||||
diff --git a/Cargo.toml b/Cargo.toml
|
|
||||||
index 78047a1a..2d571f8e 100644
|
|
||||||
--- a/Cargo.toml
|
|
||||||
+++ b/Cargo.toml
|
|
||||||
@@ -112,3 +112,6 @@ polkadot = { path = "/usr/bin/polkadot" }
|
|
||||||
|
|
||||||
[package.metadata.rpm.files]
|
|
||||||
"../scripts/packaging/polkadot.service" = { path = "/usr/lib/systemd/system/polkadot.service", mode = "644" }
|
|
||||||
+
|
|
||||||
+[patch.crates-io]
|
|
||||||
+substrate-wasm-builder-runner = { git = "https://github.com/paritytech/substrate", branch = "master" }
|
|
|
@ -1,14 +1,17 @@
|
||||||
{ stdenv, fetchFromGitHub }:
|
{ stdenv, fetchFromGitHub, writeScript, nixosTests, common-updater-scripts
|
||||||
|
, coreutils, git, gnused, nix, nixfmt }:
|
||||||
|
|
||||||
stdenv.mkDerivation {
|
let
|
||||||
|
owner = "scopatz";
|
||||||
|
repo = "nanorc";
|
||||||
|
in stdenv.mkDerivation rec {
|
||||||
pname = "nanorc";
|
pname = "nanorc";
|
||||||
version = "2020-01-25";
|
version = "2020-10-10";
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "scopatz";
|
inherit owner repo;
|
||||||
repo = "nanorc";
|
rev = builtins.replaceStrings [ "-" ] [ "." ] version;
|
||||||
rev = "2020.1.25";
|
sha256 = "3B2nNFYkwYHCX6pQz/hMO/rnVqlCiw1BSNmGmJ6KCqE=";
|
||||||
sha256 = "1y8jk3jsl4bd6r4hzmxzcf77hv8bwm0318yv7y2npkkd3a060z8d";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
dontBuild = true;
|
dontBuild = true;
|
||||||
|
@ -19,6 +22,32 @@ stdenv.mkDerivation {
|
||||||
install *.nanorc $out/share/
|
install *.nanorc $out/share/
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
passthru.updateScript = writeScript "update.sh" ''
|
||||||
|
#!${stdenv.shell}
|
||||||
|
set -o errexit
|
||||||
|
PATH=${
|
||||||
|
stdenv.lib.makeBinPath [
|
||||||
|
common-updater-scripts
|
||||||
|
coreutils
|
||||||
|
git
|
||||||
|
gnused
|
||||||
|
nix
|
||||||
|
nixfmt
|
||||||
|
]
|
||||||
|
}
|
||||||
|
oldVersion="$(nix-instantiate --eval -E "with import ./. {}; lib.getVersion ${pname}" | tr -d '"' | sed 's|\\.|-|g')"
|
||||||
|
latestTag="$(git -c 'versionsort.suffix=-' ls-remote --exit-code --refs --sort='version:refname' --tags git@github.com:${owner}/${repo} '*.*.*' | tail --lines=1 | cut --delimiter='/' --fields=3)"
|
||||||
|
if [ "$oldVersion" != "$latestTag" ]; then
|
||||||
|
nixpkgs="$(git rev-parse --show-toplevel)"
|
||||||
|
default_nix="$nixpkgs/pkgs/applications/editors/nano/nanorc/default.nix"
|
||||||
|
newTag=$(echo $latestTag | sed 's|\.|-|g')
|
||||||
|
update-source-version ${pname} "$newTag" --version-key=version --print-changes
|
||||||
|
nixfmt "$default_nix"
|
||||||
|
else
|
||||||
|
echo "${pname} is already up-to-date"
|
||||||
|
fi
|
||||||
|
'';
|
||||||
|
|
||||||
meta = {
|
meta = {
|
||||||
description = "Improved Nano Syntax Highlighting Files";
|
description = "Improved Nano Syntax Highlighting Files";
|
||||||
homepage = "https://github.com/scopatz/nanorc";
|
homepage = "https://github.com/scopatz/nanorc";
|
||||||
|
|
|
@ -23,9 +23,7 @@ stdenv.mkDerivation {
|
||||||
cp -r '${gnvim-unwrapped}/share/applications' "$out/share/applications"
|
cp -r '${gnvim-unwrapped}/share/applications' "$out/share/applications"
|
||||||
# Sed needs a writable directory to do inplace modifications
|
# Sed needs a writable directory to do inplace modifications
|
||||||
chmod u+rw "$out/share/applications"
|
chmod u+rw "$out/share/applications"
|
||||||
for file in $out/share/applications/*.desktop; do
|
sed -e "s|Exec=.\\+gnvim\\>|Exec=gnvim|" -i $out/share/applications/*.desktop
|
||||||
sed -e "s|Exec=.\\+gnvim\\>|Exec=$out/bin/gnvim|" -i "$file"
|
|
||||||
done
|
|
||||||
'';
|
'';
|
||||||
|
|
||||||
preferLocalBuild = true;
|
preferLocalBuild = true;
|
||||||
|
|
|
@ -43,7 +43,6 @@ let
|
||||||
postBuild = lib.optionalString stdenv.isLinux ''
|
postBuild = lib.optionalString stdenv.isLinux ''
|
||||||
rm $out/share/applications/nvim.desktop
|
rm $out/share/applications/nvim.desktop
|
||||||
substitute ${neovim}/share/applications/nvim.desktop $out/share/applications/nvim.desktop \
|
substitute ${neovim}/share/applications/nvim.desktop $out/share/applications/nvim.desktop \
|
||||||
--replace 'TryExec=nvim' "TryExec=$out/bin/nvim" \
|
|
||||||
--replace 'Name=Neovim' 'Name=WrappedNeovim'
|
--replace 'Name=Neovim' 'Name=WrappedNeovim'
|
||||||
''
|
''
|
||||||
+ optionalString withPython2 ''
|
+ optionalString withPython2 ''
|
||||||
|
|
|
@ -4,13 +4,13 @@
|
||||||
|
|
||||||
stdenv.mkDerivation rec {
|
stdenv.mkDerivation rec {
|
||||||
pname = "quilter";
|
pname = "quilter";
|
||||||
version = "2.5.0";
|
version = "2.5.1";
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "lainsce";
|
owner = "lainsce";
|
||||||
repo = pname;
|
repo = pname;
|
||||||
rev = version;
|
rev = version;
|
||||||
sha256 = "0622mh46z3fi6zvipmgj8k4d4gj1c2781l10frk7wqq1sysjrxps";
|
sha256 = "0ya1iwzfzvrci083zyrjj6ac4ys25j90slpk8yydw9n99kb750rk";
|
||||||
};
|
};
|
||||||
|
|
||||||
nativeBuildInputs = [
|
nativeBuildInputs = [
|
||||||
|
|
|
@ -3,4 +3,4 @@
|
||||||
"repo": "qxmledit",
|
"repo": "qxmledit",
|
||||||
"rev": "6136dca50ceb3b4447c91a7a18dcf84785ea11d1",
|
"rev": "6136dca50ceb3b4447c91a7a18dcf84785ea11d1",
|
||||||
"sha256": "1wcnphalwf0a5gz9r44jgk8wcv1w2qipbwjkbzkra2kxanxns834"
|
"sha256": "1wcnphalwf0a5gz9r44jgk8wcv1w2qipbwjkbzkra2kxanxns834"
|
||||||
}
|
}
|
||||||
|
|
|
@ -16,7 +16,7 @@
|
||||||
|
|
||||||
let
|
let
|
||||||
pname = "TeXmacs";
|
pname = "TeXmacs";
|
||||||
version = "1.99.13";
|
version = "1.99.14";
|
||||||
common = callPackage ./common.nix {
|
common = callPackage ./common.nix {
|
||||||
inherit tex extraFonts chineseFonts japaneseFonts koreanFonts;
|
inherit tex extraFonts chineseFonts japaneseFonts koreanFonts;
|
||||||
};
|
};
|
||||||
|
@ -26,22 +26,9 @@ mkDerivation {
|
||||||
|
|
||||||
src = fetchurl {
|
src = fetchurl {
|
||||||
url = "https://www.texmacs.org/Download/ftp/tmftp/source/TeXmacs-${version}-src.tar.gz";
|
url = "https://www.texmacs.org/Download/ftp/tmftp/source/TeXmacs-${version}-src.tar.gz";
|
||||||
sha256 = "Aq0cS47QqmFQHelxRjANeJlgXCXagnYRykpAq7wHqbQ=";
|
sha256 = "1zbl1ddhppgnn3j213jl1b9mn8zmwnknxiqswm25p4llj0mqcgna";
|
||||||
};
|
};
|
||||||
|
|
||||||
patches = [
|
|
||||||
# Minor patch for Qt 5.15 support, should be included in next release.
|
|
||||||
(fetchpatch {
|
|
||||||
url = "https://github.com/texmacs/texmacs/commit/3cf56af92326b74538f5e943928199ba6e963d0b.patch";
|
|
||||||
sha256 = "+OBQmnKgvQZZkLx6ea773Dwq0o7L92Sex/kcVUhmg6Q=";
|
|
||||||
})
|
|
||||||
# Fix returned version, lets hope they remember to bump the version next release.
|
|
||||||
(fetchpatch {
|
|
||||||
url = "https://github.com/texmacs/texmacs/commit/da5b67005d2fc31bb32ea1ead882c26af12d8cbb.patch";
|
|
||||||
sha256 = "czMgdraQErrdvN83jY76P673L52BpQkDwntmKvF0Ykg=";
|
|
||||||
})
|
|
||||||
];
|
|
||||||
|
|
||||||
enableParallelBuilding = true;
|
enableParallelBuilding = true;
|
||||||
|
|
||||||
nativeBuildInputs = [ cmake pkgconfig ];
|
nativeBuildInputs = [ cmake pkgconfig ];
|
||||||
|
|
53
pkgs/applications/editors/textadept/11/default.nix
Normal file
53
pkgs/applications/editors/textadept/11/default.nix
Normal file
|
@ -0,0 +1,53 @@
|
||||||
|
{ lib, stdenv, fetchhg, fetchFromGitHub, fetchurl, gtk2, glib, pkgconfig, unzip, ncurses, zip }:
|
||||||
|
|
||||||
|
stdenv.mkDerivation rec {
|
||||||
|
version = "11.0_beta";
|
||||||
|
pname = "textadept11";
|
||||||
|
|
||||||
|
nativeBuildInputs = [ pkgconfig ];
|
||||||
|
buildInputs = [
|
||||||
|
gtk2 ncurses glib unzip zip
|
||||||
|
];
|
||||||
|
|
||||||
|
src = fetchFromGitHub {
|
||||||
|
name = "textadept11";
|
||||||
|
owner = "orbitalquark";
|
||||||
|
repo = "textadept";
|
||||||
|
rev = "8da5f6b4a13f14b9dd3cb9dc23ad4f7bf41e91c1";
|
||||||
|
sha256 = "0v11v3x8g6v696m3l1bm52zy2g9xzz7hlmn912sn30nhcag3raxs";
|
||||||
|
};
|
||||||
|
|
||||||
|
preConfigure =
|
||||||
|
lib.concatStringsSep "\n" (lib.mapAttrsToList (name: params:
|
||||||
|
"ln -s ${fetchurl params} $PWD/src/${name}"
|
||||||
|
) (import ./deps.nix)) + ''
|
||||||
|
|
||||||
|
cd src
|
||||||
|
make deps
|
||||||
|
'';
|
||||||
|
|
||||||
|
postBuild = ''
|
||||||
|
make curses
|
||||||
|
'';
|
||||||
|
|
||||||
|
preInstall = ''
|
||||||
|
mkdir -p $out/share/applications
|
||||||
|
mkdir -p $out/share/pixmaps
|
||||||
|
'';
|
||||||
|
|
||||||
|
postInstall = ''
|
||||||
|
make curses install PREFIX=$out MAKECMDGOALS=curses
|
||||||
|
'';
|
||||||
|
|
||||||
|
makeFlags = [
|
||||||
|
"PREFIX=$(out) WGET=true PIXMAPS_DIR=$(out)/share/pixmaps"
|
||||||
|
];
|
||||||
|
|
||||||
|
meta = with stdenv.lib; {
|
||||||
|
description = "An extensible text editor based on Scintilla with Lua scripting. Version 11_beta";
|
||||||
|
homepage = "http://foicica.com/textadept";
|
||||||
|
license = licenses.mit;
|
||||||
|
maintainers = with maintainers; [ raskin mirrexagon ];
|
||||||
|
platforms = platforms.linux;
|
||||||
|
};
|
||||||
|
}
|
50
pkgs/applications/editors/textadept/11/deps.nix
generated
Normal file
50
pkgs/applications/editors/textadept/11/deps.nix
generated
Normal file
|
@ -0,0 +1,50 @@
|
||||||
|
{
|
||||||
|
"scintilla445.tgz" = {
|
||||||
|
url = "https://www.scintilla.org/scintilla445.tgz";
|
||||||
|
sha256 = "1v1kyxj7rv5rxadbg8gl8wh1jafpy7zj0wr6dcyxq9209dl6h8ag";
|
||||||
|
};
|
||||||
|
"9e2ffa159299899c9345aea15c17ba1941953871.zip" = {
|
||||||
|
url = "https://github.com/orbitalquark/scinterm/archive/9e2ffa159299899c9345aea15c17ba1941953871.zip";
|
||||||
|
sha256 = "12h7prgp689w45p4scxd8vvsyw8fkv27g6gvgis55xr44daa6122";
|
||||||
|
};
|
||||||
|
"scintillua_4.4.5-1.zip" = {
|
||||||
|
url = "https://github.com/orbitalquark/scintillua/archive/scintillua_4.4.5-1.zip";
|
||||||
|
sha256 = "095wpbid2kvr5xgkhd5bd4sd7ljgk6gd9palrjkmdcwfgsf1lp04";
|
||||||
|
};
|
||||||
|
"lua-5.3.5.tar.gz" = {
|
||||||
|
url = "http://www.lua.org/ftp/lua-5.3.5.tar.gz";
|
||||||
|
sha256 = "1b2qn2rv96nmbm6zab4l877bd4zq7wpwm8drwjiy2ih4jqzysbhc";
|
||||||
|
};
|
||||||
|
"lpeg-1.0.2.tar.gz" = {
|
||||||
|
url = "http://www.inf.puc-rio.br/~roberto/lpeg/lpeg-1.0.2.tar.gz";
|
||||||
|
sha256 = "1zjzl7acvcdavmcg5l7wi12jd4rh95q9pl5aiww7hv0v0mv6bmj8";
|
||||||
|
};
|
||||||
|
"v1_7_0_2.zip" = {
|
||||||
|
url = "https://github.com/keplerproject/luafilesystem/archive/v1_7_0_2.zip";
|
||||||
|
sha256 = "0y44ymc7higz5dd2w3c6ib7mwmpr6yvszcl7lm12nf8x3y4snx4i";
|
||||||
|
};
|
||||||
|
"64587546482a1a6324706d75c80b77d2f87118a4.zip" = {
|
||||||
|
url = "https://github.com/orbitalquark/gtdialog/archive/64587546482a1a6324706d75c80b77d2f87118a4.zip";
|
||||||
|
sha256 = "10mglbnn8r1cakqn9h285pwfnh7kfa98v7j8qh83c24n66blyfh9";
|
||||||
|
};
|
||||||
|
"cdk-5.0-20150928.tgz" = {
|
||||||
|
url = "http://invisible-mirror.net/archives/cdk/cdk-5.0-20150928.tgz";
|
||||||
|
sha256 = "0j74l874y33i26y5kjg3pf1vswyjif8k93pqhi0iqykpbxfsg382";
|
||||||
|
};
|
||||||
|
"libtermkey-0.20.tar.gz" = {
|
||||||
|
url = "http://www.leonerd.org.uk/code/libtermkey/libtermkey-0.20.tar.gz";
|
||||||
|
sha256 = "1xfj6lchhfljmbcl6dz8dpakppyy13nbl4ykxiv5x4dr9b4qf3bc";
|
||||||
|
};
|
||||||
|
"pdcurs39.zip" = {
|
||||||
|
url = "https://github.com/wmcbrine/PDCurses/archive/3.9.zip";
|
||||||
|
sha256 = "0ydsa15d6fgk15zcavbxsi4vj3knlr2495dc5v4f5xzvv2qwlb2w";
|
||||||
|
};
|
||||||
|
"bombay.zip" = {
|
||||||
|
url = "http://foicica.com/hg/bombay/archive/b25520cc76bb.zip";
|
||||||
|
sha256 = "07spq7jmkfyq20gv67yffara3ln3ns2xi0k02m2mxdms3xm1q36h";
|
||||||
|
};
|
||||||
|
"cloc-1.60.pl" = {
|
||||||
|
url = "http://prdownloads.sourceforge.net/cloc/cloc-1.60.pl";
|
||||||
|
sha256 = "0p504bi19va3dh274v7lb7giqrydwa5yyry60f7jpz84y6z71a2a";
|
||||||
|
};
|
||||||
|
}
|
|
@ -94,6 +94,19 @@ stdenv.mkDerivation {
|
||||||
+ ''
|
+ ''
|
||||||
unset LD
|
unset LD
|
||||||
''
|
''
|
||||||
|
# When building with nix-daemon, we need to pass -derivedDataPath or else it tries to use
|
||||||
|
# a folder rooted in /var/empty and fails. Unfortunately we can't just pass -derivedDataPath
|
||||||
|
# by itself as this flag requires the use of -scheme or -xctestrun (not sure why), but MacVim
|
||||||
|
# by default just runs `xcodebuild -project src/MacVim/MacVim.xcodeproj`, relying on the default
|
||||||
|
# behavior to build the first target in the project. Experimentally, there seems to be a scheme
|
||||||
|
# called MacVim, so we'll explicitly select that. We also need to specify the configuration too
|
||||||
|
# as the scheme seems to have the wrong default.
|
||||||
|
+ ''
|
||||||
|
configureFlagsArray+=(
|
||||||
|
XCODEFLAGS="-scheme MacVim -derivedDataPath $NIX_BUILD_TOP/derivedData"
|
||||||
|
--with-xcodecfg="Release"
|
||||||
|
)
|
||||||
|
''
|
||||||
;
|
;
|
||||||
|
|
||||||
# Because we're building with system clang, this means we're building against Xcode's SDK and
|
# Because we're building with system clang, this means we're building against Xcode's SDK and
|
||||||
|
|
|
@ -11,8 +11,8 @@ let
|
||||||
archive_fmt = if system == "x86_64-darwin" then "zip" else "tar.gz";
|
archive_fmt = if system == "x86_64-darwin" then "zip" else "tar.gz";
|
||||||
|
|
||||||
sha256 = {
|
sha256 = {
|
||||||
x86_64-linux = "0mpb4641icr3z89y2rlh5anli40p1f48sl5xagr7h3nb5c84k10x";
|
x86_64-linux = "18fx2nsgn09l2gzgr1abi0cp4g8z2v9177sdl2rqr0yvmwk5i3p0";
|
||||||
x86_64-darwin = "1azmc79zf72007qc1xndp9wdkd078mvqgv35hf231q7kdi6wzxcp";
|
x86_64-darwin = "14qdfz8q1dz0skkcgpamksgdvgsid2mcm9h09cvkh4z3v458100r";
|
||||||
}.${system};
|
}.${system};
|
||||||
in
|
in
|
||||||
callPackage ./generic.nix rec {
|
callPackage ./generic.nix rec {
|
||||||
|
@ -21,7 +21,7 @@ in
|
||||||
|
|
||||||
# Please backport all compatible updates to the stable release.
|
# Please backport all compatible updates to the stable release.
|
||||||
# This is important for the extension ecosystem.
|
# This is important for the extension ecosystem.
|
||||||
version = "1.50.1";
|
version = "1.51.0";
|
||||||
pname = "vscode";
|
pname = "vscode";
|
||||||
|
|
||||||
executableName = "code" + lib.optionalString isInsiders "-insiders";
|
executableName = "code" + lib.optionalString isInsiders "-insiders";
|
||||||
|
|
|
@ -11,8 +11,8 @@ let
|
||||||
archive_fmt = if system == "x86_64-darwin" then "zip" else "tar.gz";
|
archive_fmt = if system == "x86_64-darwin" then "zip" else "tar.gz";
|
||||||
|
|
||||||
sha256 = {
|
sha256 = {
|
||||||
x86_64-linux = "1sarih1yah69ympp12bmgyb0y9ybrxasppb47l58w05iz1wpn6v0";
|
x86_64-linux = "0qims8qypx6aackw1b47pb7hkf0lffh94c69bm5rld2swzczcfnj";
|
||||||
x86_64-darwin = "1pj041kccj2i77v223i86xxqj9bg88k0sfbshm7qiynwyj9p05ji";
|
x86_64-darwin = "1i96qhynjl1ihycq25xjakqlyvszindg5g8kgyhd6ab0q0zhmxqy";
|
||||||
}.${system};
|
}.${system};
|
||||||
|
|
||||||
sourceRoot = {
|
sourceRoot = {
|
||||||
|
@ -27,7 +27,7 @@ in
|
||||||
|
|
||||||
# Please backport all compatible updates to the stable release.
|
# Please backport all compatible updates to the stable release.
|
||||||
# This is important for the extension ecosystem.
|
# This is important for the extension ecosystem.
|
||||||
version = "1.50.1";
|
version = "1.51.0";
|
||||||
pname = "vscodium";
|
pname = "vscodium";
|
||||||
|
|
||||||
executableName = "codium";
|
executableName = "codium";
|
||||||
|
|
|
@ -10,7 +10,7 @@ let
|
||||||
[ qscintilla-qt5 gdal jinja2 numpy psycopg2
|
[ qscintilla-qt5 gdal jinja2 numpy psycopg2
|
||||||
chardet dateutil pyyaml pytz requests urllib3 pygments pyqt5 sip owslib six ];
|
chardet dateutil pyyaml pytz requests urllib3 pygments pyqt5 sip owslib six ];
|
||||||
in mkDerivation rec {
|
in mkDerivation rec {
|
||||||
version = "3.10.10";
|
version = "3.10.11";
|
||||||
pname = "qgis";
|
pname = "qgis";
|
||||||
name = "${pname}-unwrapped-${version}";
|
name = "${pname}-unwrapped-${version}";
|
||||||
|
|
||||||
|
@ -18,7 +18,7 @@ in mkDerivation rec {
|
||||||
owner = "qgis";
|
owner = "qgis";
|
||||||
repo = "QGIS";
|
repo = "QGIS";
|
||||||
rev = "final-${lib.replaceStrings ["."] ["_"] version}";
|
rev = "final-${lib.replaceStrings ["."] ["_"] version}";
|
||||||
sha256 = "yZBG+bpJA7iKkUEjVo45d+bmRp9WS7mk8z96FLf0ZQ0=";
|
sha256 = "157hwi9sgnsf0csbfg4x3c7vh0zgf1hnqgn04lhg9xa1n8jjbv2q";
|
||||||
};
|
};
|
||||||
|
|
||||||
passthru = {
|
passthru = {
|
||||||
|
|
31
pkgs/applications/graphics/photoflare/default.nix
Normal file
31
pkgs/applications/graphics/photoflare/default.nix
Normal file
|
@ -0,0 +1,31 @@
|
||||||
|
{ mkDerivation, stdenv, graphicsmagick, fetchFromGitHub, qmake, qtbase, qttools
|
||||||
|
}:
|
||||||
|
|
||||||
|
mkDerivation rec {
|
||||||
|
pname = "photoflare";
|
||||||
|
version = "1.6.5";
|
||||||
|
|
||||||
|
src = fetchFromGitHub {
|
||||||
|
owner = "PhotoFlare";
|
||||||
|
repo = "photoflare";
|
||||||
|
rev = "v${version}";
|
||||||
|
sha256 = "0a394324h7ds567z3i3pw6kkii78n4qwdn129kgkkm996yh03q89";
|
||||||
|
};
|
||||||
|
|
||||||
|
nativeBuildInputs = [ qmake qttools ];
|
||||||
|
buildInputs = [ qtbase graphicsmagick ];
|
||||||
|
|
||||||
|
qmakeFlags = [ "PREFIX=${placeholder "out"}" ];
|
||||||
|
|
||||||
|
NIX_CFLAGS_COMPILE = "-I${graphicsmagick}/include/GraphicsMagick";
|
||||||
|
|
||||||
|
enableParallelBuilding = true;
|
||||||
|
|
||||||
|
meta = with stdenv.lib; {
|
||||||
|
description = "A cross-platform image editor with a powerful features and a very friendly graphical user interface";
|
||||||
|
homepage = "https://photoflare.io";
|
||||||
|
maintainers = [ maintainers.omgbebebe ];
|
||||||
|
license = licenses.gpl3;
|
||||||
|
platforms = platforms.linux;
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,4 +1,4 @@
|
||||||
{ stdenv, fetchzip, makeWrapper, unzip, jre }:
|
{ stdenv, fetchzip, makeWrapper, unzip, jre, wrapGAppsHook }:
|
||||||
|
|
||||||
stdenv.mkDerivation rec {
|
stdenv.mkDerivation rec {
|
||||||
pname = "yEd";
|
pname = "yEd";
|
||||||
|
@ -9,16 +9,25 @@ stdenv.mkDerivation rec {
|
||||||
sha256 = "0sd73s700f3gqq5zq1psrqjg6ff2gv49f8vd37v6bv65vdxqxryq";
|
sha256 = "0sd73s700f3gqq5zq1psrqjg6ff2gv49f8vd37v6bv65vdxqxryq";
|
||||||
};
|
};
|
||||||
|
|
||||||
nativeBuildInputs = [ makeWrapper unzip ];
|
nativeBuildInputs = [ makeWrapper unzip wrapGAppsHook ];
|
||||||
|
# For wrapGAppsHook setup hook
|
||||||
|
buildInputs = [ jre.gtk3 ];
|
||||||
|
|
||||||
installPhase = ''
|
dontConfigure = true;
|
||||||
|
dontBuild = true;
|
||||||
|
dontInstall = true;
|
||||||
|
|
||||||
|
preFixup = ''
|
||||||
mkdir -p $out/yed
|
mkdir -p $out/yed
|
||||||
cp -r * $out/yed
|
cp -r * $out/yed
|
||||||
mkdir -p $out/bin
|
mkdir -p $out/bin
|
||||||
|
|
||||||
|
makeWrapperArgs+=("''${gappsWrapperArgs[@]}")
|
||||||
makeWrapper ${jre}/bin/java $out/bin/yed \
|
makeWrapper ${jre}/bin/java $out/bin/yed \
|
||||||
|
''${makeWrapperArgs[@]} \
|
||||||
--add-flags "-jar $out/yed/yed.jar --"
|
--add-flags "-jar $out/yed/yed.jar --"
|
||||||
'';
|
'';
|
||||||
|
dontWrapGApps = true;
|
||||||
|
|
||||||
meta = with stdenv.lib; {
|
meta = with stdenv.lib; {
|
||||||
license = licenses.unfree;
|
license = licenses.unfree;
|
||||||
|
|
|
@ -3,6 +3,7 @@
|
||||||
, lib
|
, lib
|
||||||
, extra-cmake-modules
|
, extra-cmake-modules
|
||||||
, kdoctools
|
, kdoctools
|
||||||
|
, qtbase
|
||||||
, qtmultimedia
|
, qtmultimedia
|
||||||
, qtquickcontrols2
|
, qtquickcontrols2
|
||||||
, qtwebsockets
|
, qtwebsockets
|
||||||
|
@ -42,5 +43,6 @@ mkDerivation rec {
|
||||||
description = "A simple media player for KDE";
|
description = "A simple media player for KDE";
|
||||||
license = licenses.gpl3;
|
license = licenses.gpl3;
|
||||||
maintainers = with maintainers; [ peterhoeg ];
|
maintainers = with maintainers; [ peterhoeg ];
|
||||||
|
broken = lib.versionOlder qtbase.version "5.14";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,14 +1,17 @@
|
||||||
{ mkDerivation, lib, extra-cmake-modules, kdoctools, qtmultimedia, kcompletion, kconfig, kcrash, kiconthemes, kio, audiofile, libsamplerate
|
{ mkDerivation, lib, extra-cmake-modules, kdoctools, qtmultimedia, kcompletion, kconfig
|
||||||
, alsaLib, libpulseaudio, flac, id3lib, libogg, libmad, libopus, libvorbis, fftw, librsvg }:
|
, kcrash, kiconthemes, kio, audiofile, libsamplerate, alsaLib, libpulseaudio, flac, id3lib
|
||||||
|
, libogg, libmad, libopus, libvorbis, fftw, librsvg, qtbase }:
|
||||||
|
|
||||||
mkDerivation {
|
mkDerivation {
|
||||||
name = "kwave";
|
name = "kwave";
|
||||||
|
|
||||||
meta = with lib; {
|
meta = with lib; {
|
||||||
homepage = "https://kde.org/applications/en/multimedia/org.kde.kwave";
|
homepage = "https://kde.org/applications/en/multimedia/org.kde.kwave";
|
||||||
description = "A simple media player";
|
description = "A simple media player";
|
||||||
maintainers = with maintainers; [ freezeboy ];
|
maintainers = with maintainers; [ freezeboy ];
|
||||||
license = licenses.gpl2Plus;
|
license = licenses.gpl2Plus;
|
||||||
platforms = platforms.linux;
|
platforms = platforms.linux;
|
||||||
|
broken = lib.versionOlder qtbase.version "5.14";
|
||||||
};
|
};
|
||||||
nativeBuildInputs = [
|
nativeBuildInputs = [
|
||||||
extra-cmake-modules
|
extra-cmake-modules
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
{ mkDerivation
|
{ mkDerivation, qtbase
|
||||||
, lib, extra-cmake-modules, gettext, python
|
, lib, extra-cmake-modules, gettext, python
|
||||||
, drumstick, fluidsynth
|
, drumstick, fluidsynth
|
||||||
, kcoreaddons, kcrash, kdoctools
|
, kcoreaddons, kcrash, kdoctools
|
||||||
|
@ -10,6 +10,7 @@ mkDerivation {
|
||||||
meta = with lib; {
|
meta = with lib; {
|
||||||
license = with licenses; [ lgpl21 gpl3 ];
|
license = with licenses; [ lgpl21 gpl3 ];
|
||||||
maintainers = with maintainers; [ peterhoeg HaoZeke ];
|
maintainers = with maintainers; [ peterhoeg HaoZeke ];
|
||||||
|
broken = lib.versionOlder qtbase.version "5.14";
|
||||||
};
|
};
|
||||||
|
|
||||||
nativeBuildInputs = [ extra-cmake-modules gettext kdoctools python qtdeclarative ];
|
nativeBuildInputs = [ extra-cmake-modules gettext kdoctools python qtdeclarative ];
|
||||||
|
|
|
@ -5,16 +5,16 @@
|
||||||
|
|
||||||
buildGoModule rec {
|
buildGoModule rec {
|
||||||
pname = "archiver";
|
pname = "archiver";
|
||||||
version = "3.4.0";
|
version = "3.5.0";
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "mholt";
|
owner = "mholt";
|
||||||
repo = pname;
|
repo = pname;
|
||||||
rev = "v${version}";
|
rev = "v${version}";
|
||||||
sha256 = "16jawybywqfkp68035bnf206a2w4khjw239saa429a21lxrfyk4a";
|
sha256 = "0fdkqfs87svpijccz8m11gvby8pvmznq6fs9k94vbzak0kxhw1wg";
|
||||||
};
|
};
|
||||||
|
|
||||||
vendorSha256 = "0m89ibj3dm58j49d99dhkn0ryivnianxz7lkpkvhs0cdbzzc02az";
|
vendorSha256 = "0avnskay23mpl3qkyf1h75rr7szpsxis2bj5pplhwf8q8q0212xf";
|
||||||
|
|
||||||
buildFlagsArray = [ "-ldflags=-s -w -X main.version=${version} -X main.commit=${src.rev} -X main.date=unknown" ];
|
buildFlagsArray = [ "-ldflags=-s -w -X main.version=${version} -X main.commit=${src.rev} -X main.date=unknown" ];
|
||||||
|
|
||||||
|
|
|
@ -2,16 +2,16 @@
|
||||||
|
|
||||||
buildGoModule rec {
|
buildGoModule rec {
|
||||||
pname = "charm";
|
pname = "charm";
|
||||||
version = "0.8.3";
|
version = "0.8.4";
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "charmbracelet";
|
owner = "charmbracelet";
|
||||||
repo = "charm";
|
repo = "charm";
|
||||||
rev = "v${version}";
|
rev = "v${version}";
|
||||||
sha256 = "1nbix7fi6g9jadak5zyx7fdz7d6367aly6fnrs0v98zsl1kxyvx3";
|
sha256 = "0wsh83kchqakvx7kgs2s31rzsvnfr47jk6pbmqzjv1kqmnlhc3rh";
|
||||||
};
|
};
|
||||||
|
|
||||||
vendorSha256 = "0lhml6m0j9ksn09j7z4d9pix5aszhndpyqajycwj3apvi3ic90il";
|
vendorSha256 = "1lg4bbdzgnw50v6m6p7clibwm8m82kdr1jizgbmhfmzy15d5sfll";
|
||||||
|
|
||||||
doCheck = false;
|
doCheck = false;
|
||||||
|
|
||||||
|
|
|
@ -5,13 +5,13 @@
|
||||||
|
|
||||||
buildGoModule rec {
|
buildGoModule rec {
|
||||||
pname = "dasel";
|
pname = "dasel";
|
||||||
version = "1.1.0";
|
version = "1.2.0";
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "TomWright";
|
owner = "TomWright";
|
||||||
repo = pname;
|
repo = pname;
|
||||||
rev = "v${version}";
|
rev = "v${version}";
|
||||||
sha256 = "sha256:11xm47p7n79mq2zkv9q9m5v4a1gga01pkzi2j42gq1ma9hwz4idz";
|
sha256 = "sha256-Un9tqODwiWsaw66t2m8NyaDF0+hq/e0tmRFi3/T4LMI=";
|
||||||
};
|
};
|
||||||
|
|
||||||
vendorSha256 = "sha256:1552k85z4s6gv7sss7dccv3h8x22j2sr12icp6s7s0a3i4iwyksw";
|
vendorSha256 = "sha256:1552k85z4s6gv7sss7dccv3h8x22j2sr12icp6s7s0a3i4iwyksw";
|
||||||
|
|
26
pkgs/applications/misc/elf-dissector/default.nix
Normal file
26
pkgs/applications/misc/elf-dissector/default.nix
Normal file
|
@ -0,0 +1,26 @@
|
||||||
|
{ mkDerivation, fetchgit, lib, cmake, extra-cmake-modules, kitemmodels
|
||||||
|
, libiberty, libelf, libdwarf, libopcodes }:
|
||||||
|
|
||||||
|
mkDerivation rec {
|
||||||
|
pname = "elf-dissector";
|
||||||
|
version = "unstable-2020-11-14";
|
||||||
|
|
||||||
|
src = fetchgit {
|
||||||
|
url = "https://invent.kde.org/sdk/elf-dissector.git";
|
||||||
|
rev = "d1700e76e3f60aff0a2a9fb63bc001251d2be522";
|
||||||
|
sha256 = "1h1xr3ag1sbf005drcx8g8dc5mk7fb2ybs73swrld7clcawhxnk8";
|
||||||
|
};
|
||||||
|
|
||||||
|
nativeBuildInputs = [ cmake extra-cmake-modules ];
|
||||||
|
|
||||||
|
buildInputs = [ kitemmodels libiberty libelf libdwarf libopcodes ];
|
||||||
|
|
||||||
|
enableParallelBuilding = true;
|
||||||
|
|
||||||
|
meta = with lib; {
|
||||||
|
homepage = "https://invent.kde.org/sdk/elf-dissector";
|
||||||
|
description = "Tools for inspecting, analyzing and optimizing ELF files";
|
||||||
|
license = licenses.gpl2;
|
||||||
|
maintainers = with maintainers; [ ehmry ];
|
||||||
|
};
|
||||||
|
}
|
|
@ -16,6 +16,8 @@ buildPythonApplication rec {
|
||||||
pname = "kupfer";
|
pname = "kupfer";
|
||||||
version = "319";
|
version = "319";
|
||||||
|
|
||||||
|
format = "other";
|
||||||
|
|
||||||
src = fetchurl {
|
src = fetchurl {
|
||||||
url = "https://github.com/kupferlauncher/kupfer/releases/download/v${version}/kupfer-v${version}.tar.xz";
|
url = "https://github.com/kupferlauncher/kupfer/releases/download/v${version}/kupfer-v${version}.tar.xz";
|
||||||
sha256 = "0c9xjx13r8ckfr4az116bhxsd3pk78v04c3lz6lqhraak0rp4d92";
|
sha256 = "0c9xjx13r8ckfr4az116bhxsd3pk78v04c3lz6lqhraak0rp4d92";
|
||||||
|
@ -33,13 +35,9 @@ buildPythonApplication rec {
|
||||||
# see https://github.com/NixOS/nixpkgs/issues/56943 for details
|
# see https://github.com/NixOS/nixpkgs/issues/56943 for details
|
||||||
strictDeps = false;
|
strictDeps = false;
|
||||||
|
|
||||||
postInstall = let
|
postInstall = ''
|
||||||
pythonPath = (stdenv.lib.concatMapStringsSep ":"
|
|
||||||
(m: "${m}/lib/${python.libPrefix}/site-packages")
|
|
||||||
propagatedBuildInputs);
|
|
||||||
in ''
|
|
||||||
gappsWrapperArgs+=(
|
gappsWrapperArgs+=(
|
||||||
"--prefix" "PYTHONPATH" : "${pythonPath}"
|
"--prefix" "PYTHONPATH" : "${makePythonPath propagatedBuildInputs}"
|
||||||
"--set" "PYTHONNOUSERSITE" "1"
|
"--set" "PYTHONNOUSERSITE" "1"
|
||||||
)
|
)
|
||||||
'';
|
'';
|
||||||
|
|
|
@ -1,17 +1,40 @@
|
||||||
{ stdenv, autoconf, automake, c-ares, cryptopp, curl, doxygen, fetchFromGitHub
|
{ stdenv
|
||||||
, fetchpatch, ffmpeg_3, libmediainfo, libraw, libsodium, libtool, libuv, libzen
|
, autoconf
|
||||||
, lsb-release, mkDerivation, pkgconfig, qtbase, qttools, sqlite, swig, unzip
|
, automake
|
||||||
, wget }:
|
, c-ares
|
||||||
|
, cryptopp
|
||||||
|
, curl
|
||||||
|
, doxygen
|
||||||
|
, fetchFromGitHub
|
||||||
|
, fetchpatch
|
||||||
|
, ffmpeg_3
|
||||||
|
, libmediainfo
|
||||||
|
, libraw
|
||||||
|
, libsodium
|
||||||
|
, libtool
|
||||||
|
, libuv
|
||||||
|
, libzen
|
||||||
|
, lsb-release
|
||||||
|
, mkDerivation
|
||||||
|
, pkgconfig
|
||||||
|
, qtbase
|
||||||
|
, qttools
|
||||||
|
, qtx11extras
|
||||||
|
, sqlite
|
||||||
|
, swig
|
||||||
|
, unzip
|
||||||
|
, wget
|
||||||
|
}:
|
||||||
|
|
||||||
mkDerivation rec {
|
mkDerivation rec {
|
||||||
pname = "megasync";
|
pname = "megasync";
|
||||||
version = "4.3.1.0";
|
version = "4.3.5.0";
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "meganz";
|
owner = "meganz";
|
||||||
repo = "MEGAsync";
|
repo = "MEGAsync";
|
||||||
rev = "v${version}_Linux";
|
rev = "v${version}_Linux";
|
||||||
sha256 = "0b68wpif8a0wf1vfn1nr19dmz8f31dprb27jpldxrxhyfslc43yj";
|
sha256 = "0rr1jjy0n5bj1lh6xi3nbbcikvq69j3r9qnajp4mhywr5izpccvs";
|
||||||
fetchSubmodules = true;
|
fetchSubmodules = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -29,6 +52,7 @@ mkDerivation rec {
|
||||||
libuv
|
libuv
|
||||||
libzen
|
libzen
|
||||||
qtbase
|
qtbase
|
||||||
|
qtx11extras
|
||||||
sqlite
|
sqlite
|
||||||
unzip
|
unzip
|
||||||
wget
|
wget
|
||||||
|
|
|
@ -12,13 +12,13 @@
|
||||||
|
|
||||||
stdenv.mkDerivation rec {
|
stdenv.mkDerivation rec {
|
||||||
pname = "nwg-launchers";
|
pname = "nwg-launchers";
|
||||||
version = "0.4.0";
|
version = "0.4.2";
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "nwg-piotr";
|
owner = "nwg-piotr";
|
||||||
repo = pname;
|
repo = pname;
|
||||||
rev = "v${version}";
|
rev = "v${version}";
|
||||||
sha256 = "0r0wj4w3jj3l56z1lx6ypkzz4fsgx4vzqbvs95661l8q362pndzw";
|
sha256 = "0flp7mwj1pgcwx3k9pzc8pmqlkhbddj0maimdnvlazk87kzxpfd0";
|
||||||
};
|
};
|
||||||
|
|
||||||
nativeBuildInputs = [
|
nativeBuildInputs = [
|
||||||
|
|
|
@ -1,175 +0,0 @@
|
||||||
From 314bcebfcd1759981ce12255be29d8ae68cd400b Mon Sep 17 00:00:00 2001
|
|
||||||
From: Nikolay Amiantov <ab@fmap.me>
|
|
||||||
Date: Wed, 23 Nov 2016 00:40:48 +0300
|
|
||||||
Subject: [PATCH] Build and use one version of preprocessor library
|
|
||||||
|
|
||||||
---
|
|
||||||
octoprint_m33fio/__init__.py | 73 ++----------------------------------------
|
|
||||||
shared library source/Makefile | 62 +++--------------------------------
|
|
||||||
2 files changed, 6 insertions(+), 129 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/octoprint_m33fio/__init__.py b/octoprint_m33fio/__init__.py
|
|
||||||
index 054870a..4d5ecc1 100755
|
|
||||||
--- a/octoprint_m33fio/__init__.py
|
|
||||||
+++ b/octoprint_m33fio/__init__.py
|
|
||||||
@@ -1189,78 +1189,9 @@ class M33FioPlugin(
|
|
||||||
# Check if using shared library or checking if it is usable
|
|
||||||
if self._settings.get_boolean(["UseSharedLibrary"]) or isUsable :
|
|
||||||
|
|
||||||
- # Check if running on Linux
|
|
||||||
- if platform.uname()[0].startswith("Linux") :
|
|
||||||
-
|
|
||||||
- # Check if running on a Raspberry Pi 1
|
|
||||||
- if platform.uname()[4].startswith("armv6l") and self.getCpuHardware() == "BCM2708" :
|
|
||||||
-
|
|
||||||
- # Set shared library
|
|
||||||
- self.sharedLibrary = ctypes.cdll.LoadLibrary(self._basefolder.replace("\\", "/") + "/static/libraries/preprocessor_arm1176jzf-s.so")
|
|
||||||
-
|
|
||||||
- # Otherwise check if running on a Raspberry Pi 2 or Raspberry Pi 3
|
|
||||||
- elif platform.uname()[4].startswith("armv7l") and self.getCpuHardware() == "BCM2709" :
|
|
||||||
-
|
|
||||||
- # Set shared library
|
|
||||||
- self.sharedLibrary = ctypes.cdll.LoadLibrary(self._basefolder.replace("\\", "/") + "/static/libraries/preprocessor_arm_cortex-a7.so")
|
|
||||||
-
|
|
||||||
- # Otherwise check if running on an ARM7 device
|
|
||||||
- elif platform.uname()[4].startswith("armv7") :
|
|
||||||
-
|
|
||||||
- # Set shared library
|
|
||||||
- self.sharedLibrary = ctypes.cdll.LoadLibrary(self._basefolder.replace("\\", "/") + "/static/libraries/preprocessor_arm7.so")
|
|
||||||
-
|
|
||||||
- # Otherwise check if using an i386 or x86-64 device
|
|
||||||
- elif platform.uname()[4].endswith("86") or platform.uname()[4].endswith("64") :
|
|
||||||
-
|
|
||||||
- # Check if Python is running as 32-bit
|
|
||||||
- if platform.architecture()[0].startswith("32") :
|
|
||||||
-
|
|
||||||
- # Set shared library
|
|
||||||
- self.sharedLibrary = ctypes.cdll.LoadLibrary(self._basefolder.replace("\\", "/") + "/static/libraries/preprocessor_i386.so")
|
|
||||||
-
|
|
||||||
- # Otherwise check if Python is running as 64-bit
|
|
||||||
- elif platform.architecture()[0].startswith("64") :
|
|
||||||
-
|
|
||||||
- # Set shared library
|
|
||||||
- self.sharedLibrary = ctypes.cdll.LoadLibrary(self._basefolder.replace("\\", "/") + "/static/libraries/preprocessor_x86-64.so")
|
|
||||||
-
|
|
||||||
- # Otherwise check if running on Windows and using an i386 or x86-64 device
|
|
||||||
- elif platform.uname()[0].startswith("Windows") and (platform.uname()[4].endswith("86") or platform.uname()[4].endswith("64")) :
|
|
||||||
+ # Set shared library
|
|
||||||
+ self.sharedLibrary = ctypes.cdll.LoadLibrary(self._basefolder.replace('\\', '/') + "/static/libraries/libpreprocessor.so")
|
|
||||||
|
|
||||||
- # Check if Python is running as 32-bit
|
|
||||||
- if platform.architecture()[0].startswith("32") :
|
|
||||||
-
|
|
||||||
- # Set shared library
|
|
||||||
- self.sharedLibrary = ctypes.cdll.LoadLibrary(self._basefolder.replace("\\", "/") + "/static/libraries/preprocessor_i386.dll")
|
|
||||||
-
|
|
||||||
- # Otherwise check if Python is running as 64-bit
|
|
||||||
- elif platform.architecture()[0].startswith("64") :
|
|
||||||
-
|
|
||||||
- # Set shared library
|
|
||||||
- self.sharedLibrary = ctypes.cdll.LoadLibrary(self._basefolder.replace("\\", "/") + "/static/libraries/preprocessor_x86-64.dll")
|
|
||||||
-
|
|
||||||
- # Otherwise check if running on macOS and using an i386 or x86-64 device
|
|
||||||
- elif platform.uname()[0].startswith("Darwin") and (platform.uname()[4].endswith("86") or platform.uname()[4].endswith("64")) :
|
|
||||||
-
|
|
||||||
- # Check if Python is running as 32-bit
|
|
||||||
- if platform.architecture()[0].startswith("32") :
|
|
||||||
-
|
|
||||||
- # Set shared library
|
|
||||||
- self.sharedLibrary = ctypes.cdll.LoadLibrary(self._basefolder.replace("\\", "/") + "/static/libraries/preprocessor_i386.dylib")
|
|
||||||
-
|
|
||||||
- # Otherwise check if Python is running as 64-bit
|
|
||||||
- elif platform.architecture()[0].startswith("64") :
|
|
||||||
-
|
|
||||||
- # Set shared library
|
|
||||||
- self.sharedLibrary = ctypes.cdll.LoadLibrary(self._basefolder.replace("\\", "/") + "/static/libraries/preprocessor_x86-64.dylib")
|
|
||||||
-
|
|
||||||
- # Otherwise check if running FreeBSD
|
|
||||||
- elif platform.uname()[0].startswith("FreeBSD") :
|
|
||||||
-
|
|
||||||
- # TODO: Compile FreeBSD shared library pre-processors
|
|
||||||
- pass
|
|
||||||
-
|
|
||||||
# Check if shared library was set
|
|
||||||
if self.sharedLibrary :
|
|
||||||
|
|
||||||
diff --git a/shared library source/Makefile b/shared library source/Makefile
|
|
||||||
index 792b4f4..4c74f5c 100755
|
|
||||||
--- a/shared library source/Makefile
|
|
||||||
+++ b/shared library source/Makefile
|
|
||||||
@@ -1,68 +1,14 @@
|
|
||||||
-# Target platform options: LINUX32, LINUX64, WINDOWS32, WINDOWS64, PI, PI2, ARM7, MACOS32, MACOS64
|
|
||||||
-LIBRARY_NAME = preprocessor
|
|
||||||
-TARGET_PLATFORM = LINUX64
|
|
||||||
+LIBRARY_NAME = libpreprocessor
|
|
||||||
VER = .1
|
|
||||||
|
|
||||||
-ifeq ($(TARGET_PLATFORM), LINUX32)
|
|
||||||
- PROG = $(LIBRARY_NAME)_i386.so
|
|
||||||
- CC = g++
|
|
||||||
- CFLAGS = -fPIC -m32 -static-libgcc -O3 -Wl,-soname,$(PROG)$(VER) -static-libstdc++
|
|
||||||
-endif
|
|
||||||
-
|
|
||||||
-ifeq ($(TARGET_PLATFORM), LINUX64)
|
|
||||||
- PROG = $(LIBRARY_NAME)_x86-64.so
|
|
||||||
- CC = g++
|
|
||||||
- CFLAGS = -fPIC -m64 -static-libgcc -O3 -Wl,-soname,$(PROG)$(VER) -static-libstdc++
|
|
||||||
-endif
|
|
||||||
-
|
|
||||||
-ifeq ($(TARGET_PLATFORM), WINDOWS32)
|
|
||||||
- PROG = $(LIBRARY_NAME)_i386.dll
|
|
||||||
- CC = i686-w64-mingw32-g++
|
|
||||||
- CFLAGS = -static-libgcc -O3 -Wl,-soname,$(PROG)$(VER) -static-libstdc++
|
|
||||||
-endif
|
|
||||||
-
|
|
||||||
-ifeq ($(TARGET_PLATFORM), WINDOWS64)
|
|
||||||
- PROG = $(LIBRARY_NAME)_x86-64.dll
|
|
||||||
- CC = x86_64-w64-mingw32-g++
|
|
||||||
- CFLAGS = -static-libgcc -O3 -Wl,-soname,$(PROG)$(VER) -static-libstdc++
|
|
||||||
-endif
|
|
||||||
-
|
|
||||||
-ifeq ($(TARGET_PLATFORM), PI)
|
|
||||||
- PROG = $(LIBRARY_NAME)_arm1176jzf-s.so
|
|
||||||
- CC = /opt/arm-toolchain/arm-bcm2708/arm-rpi-4.9.3-linux-gnueabihf/bin/arm-linux-gnueabihf-g++
|
|
||||||
- CFLAGS = -fPIC -mcpu=arm1176jzf-s -mfpu=vfp -mfloat-abi=hard -static-libgcc -O3 -Wl,-soname,$(PROG)$(VER) -static-libstdc++
|
|
||||||
-endif
|
|
||||||
-
|
|
||||||
-ifeq ($(TARGET_PLATFORM), PI2)
|
|
||||||
- PROG = $(LIBRARY_NAME)_arm_cortex-a7.so
|
|
||||||
- CC = /opt/arm-toolchain/arm-bcm2708/arm-rpi-4.9.3-linux-gnueabihf/bin/arm-linux-gnueabihf-g++
|
|
||||||
- CFLAGS = -fPIC -mcpu=cortex-a7 -mfpu=neon-vfpv4 -mfloat-abi=hard -static-libgcc -O3 -Wl,-soname,$(PROG)$(VER) -static-libstdc++
|
|
||||||
-endif
|
|
||||||
-
|
|
||||||
-ifeq ($(TARGET_PLATFORM), ARM7)
|
|
||||||
- PROG = $(LIBRARY_NAME)_arm7.so
|
|
||||||
- CC = /opt/arm-toolchain/arm-bcm2708/gcc-linaro-arm-linux-gnueabihf-raspbian-x64/bin/arm-linux-gnueabihf-g++
|
|
||||||
- CFLAGS = -fPIC -mcpu=generic-armv7-a -mfpu=vfp -mfloat-abi=hard -static-libgcc -O3 -Wl,-soname,$(PROG)$(VER) -static-libstdc++
|
|
||||||
-endif
|
|
||||||
-
|
|
||||||
-ifeq ($(TARGET_PLATFORM), MACOS32)
|
|
||||||
- PROG = $(LIBRARY_NAME)_i386.dylib
|
|
||||||
- CC = clang++
|
|
||||||
- CFLAGS = -fPIC -m32 -stdlib=libc++ -O3 -Wl,-install_name,$(PROG)$(VER)
|
|
||||||
-
|
|
||||||
-endif
|
|
||||||
-
|
|
||||||
-ifeq ($(TARGET_PLATFORM), MACOS64)
|
|
||||||
- PROG = $(LIBRARY_NAME)_x86-64.dylib
|
|
||||||
- CC = clang++
|
|
||||||
- CFLAGS = -fPIC -m64 -stdlib=libc++ -O3 -Wl,-install_name,$(PROG)$(VER)
|
|
||||||
-endif
|
|
||||||
+PROG = $(LIBRARY_NAME).so
|
|
||||||
+CFLAGS = -fPIC -O3 -Wl,-soname,$(PROG)$(VER)
|
|
||||||
|
|
||||||
SRCS = preprocessor.cpp gcode.cpp vector.cpp
|
|
||||||
CFLAGS += -Wall -std=c++11 -fvisibility=hidden -shared
|
|
||||||
|
|
||||||
all:
|
|
||||||
- $(CC) $(CFLAGS) -o ../octoprint_m33fio/static/libraries/$(PROG) $(SRCS)
|
|
||||||
+ $(CXX) $(CFLAGS) -o ../octoprint_m33fio/static/libraries/$(PROG) $(SRCS)
|
|
||||||
|
|
||||||
clean:
|
|
||||||
rm -f ../octoprint_m33fio/static/libraries/$(PROG)
|
|
||||||
--
|
|
||||||
2.14.1
|
|
||||||
|
|
|
@ -109,6 +109,25 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
marlingcodedocumentation = buildPlugin rec {
|
||||||
|
pname = "MarlinGcodeDocumentation";
|
||||||
|
version = "0.11.0";
|
||||||
|
|
||||||
|
src = fetchFromGitHub {
|
||||||
|
owner = "costas-basdekis";
|
||||||
|
repo = pname;
|
||||||
|
rev = "v${version}";
|
||||||
|
sha256 = "0vx06w9hqwy0k4r8g67y8gdckfdx7wl8ghfx6hmxc1s8fgkghfkc";
|
||||||
|
};
|
||||||
|
|
||||||
|
meta = with stdenv.lib; {
|
||||||
|
description = "Displays GCode documentation for Marlin in the Octoprint terminal command line";
|
||||||
|
homepage = "https://github.com/costas-basdekis/MarlinGcodeDocumentation";
|
||||||
|
license = licenses.agpl3;
|
||||||
|
maintainers = with maintainers; [ lovesegfault ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
mqtt = buildPlugin rec {
|
mqtt = buildPlugin rec {
|
||||||
pname = "MQTT";
|
pname = "MQTT";
|
||||||
version = "0.8.7";
|
version = "0.8.7";
|
||||||
|
|
61
pkgs/applications/misc/pass-secret-service/default.nix
Normal file
61
pkgs/applications/misc/pass-secret-service/default.nix
Normal file
|
@ -0,0 +1,61 @@
|
||||||
|
{ stdenv, fetchFromGitHub, python3, dbus, gnupg }:
|
||||||
|
|
||||||
|
python3.pkgs.buildPythonApplication rec {
|
||||||
|
pname = "pass-secret-service";
|
||||||
|
# PyPI has old alpha version. Since then the project has switched from using a
|
||||||
|
# seemingly abandoned D-Bus package pydbus and started using maintained
|
||||||
|
# dbus-next. So let's use latest from GitHub.
|
||||||
|
version = "unstable-2020-04-12";
|
||||||
|
|
||||||
|
src = fetchFromGitHub {
|
||||||
|
owner = "mdellweg";
|
||||||
|
repo = "pass_secret_service";
|
||||||
|
rev = "f6fbca6ac3ccd16bfec407d845ed9257adf74dfa";
|
||||||
|
sha256 = "0rm4pbx1fiwds1v7f99khhh7x3inv9yniclwd95mrbgljk3cc6a4";
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
# Need to specify session.conf file for tests because it won't be found under
|
||||||
|
# /etc/ in check phase.
|
||||||
|
postPatch = ''
|
||||||
|
substituteInPlace Makefile \
|
||||||
|
--replace \
|
||||||
|
"dbus-run-session" \
|
||||||
|
"dbus-run-session --config-file=${dbus}/share/dbus-1/session.conf"
|
||||||
|
'';
|
||||||
|
|
||||||
|
propagatedBuildInputs = with python3.pkgs; [
|
||||||
|
click
|
||||||
|
cryptography
|
||||||
|
dbus-next
|
||||||
|
decorator
|
||||||
|
pypass
|
||||||
|
secretstorage
|
||||||
|
];
|
||||||
|
|
||||||
|
checkInputs =
|
||||||
|
let
|
||||||
|
ps = python3.pkgs;
|
||||||
|
in
|
||||||
|
[
|
||||||
|
dbus
|
||||||
|
gnupg
|
||||||
|
ps.pytest
|
||||||
|
ps.pytest-asyncio
|
||||||
|
ps.pypass
|
||||||
|
];
|
||||||
|
|
||||||
|
checkPhase = ''
|
||||||
|
runHook preCheck
|
||||||
|
make test
|
||||||
|
runHook postCheck
|
||||||
|
'';
|
||||||
|
|
||||||
|
meta = {
|
||||||
|
description = "Libsecret D-Bus API with pass as the backend";
|
||||||
|
homepage = "https://github.com/mdellweg/pass_secret_service/";
|
||||||
|
license = stdenv.lib.licenses.gpl3Only;
|
||||||
|
platforms = stdenv.lib.platforms.all;
|
||||||
|
maintainers = with stdenv.lib.maintainers; [ jluttine ];
|
||||||
|
};
|
||||||
|
}
|
30
pkgs/applications/misc/plater/default.nix
Normal file
30
pkgs/applications/misc/plater/default.nix
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
{ mkDerivation
|
||||||
|
, cmake
|
||||||
|
, fetchFromGitHub
|
||||||
|
, lib
|
||||||
|
, libGLU
|
||||||
|
, qtbase
|
||||||
|
}:
|
||||||
|
|
||||||
|
mkDerivation rec {
|
||||||
|
pname = "plater";
|
||||||
|
version = "2020-07-30";
|
||||||
|
|
||||||
|
src = fetchFromGitHub {
|
||||||
|
owner = "Rhoban";
|
||||||
|
repo = "Plater";
|
||||||
|
rev = "f8de6d038f95a9edebfcfe142c8e9783697d5b47";
|
||||||
|
sha256 = "0r20mbzd16zv1aiadjqdy7z6sp09rr6lgfxhvir4ll3cpakkynr4";
|
||||||
|
};
|
||||||
|
|
||||||
|
nativeBuildInputs = [ cmake ];
|
||||||
|
buildInputs = [ libGLU qtbase ];
|
||||||
|
|
||||||
|
meta = with lib; {
|
||||||
|
description = "3D-printer parts placer and plate generator";
|
||||||
|
homepage = "https://github.com/Rhoban/Plater";
|
||||||
|
maintainers = with maintainers; [ lovesegfault ];
|
||||||
|
platforms = platforms.linux;
|
||||||
|
license = licenses.cc-by-nc-30;
|
||||||
|
};
|
||||||
|
}
|
27
pkgs/applications/misc/tiv/default.nix
Normal file
27
pkgs/applications/misc/tiv/default.nix
Normal file
|
@ -0,0 +1,27 @@
|
||||||
|
{ stdenv, fetchFromGitHub, imagemagick }:
|
||||||
|
|
||||||
|
stdenv.mkDerivation rec {
|
||||||
|
pname = "tiv";
|
||||||
|
version = "1.1.0";
|
||||||
|
|
||||||
|
src = fetchFromGitHub {
|
||||||
|
owner = "stefanhaustein";
|
||||||
|
repo = "TerminalImageViewer";
|
||||||
|
rev = "v${version}";
|
||||||
|
sha256 = "17zqbwj2imk6ygyc142mw6v4fh7h4rd5vzn5wxr9gs0g8qdc6ixn";
|
||||||
|
};
|
||||||
|
|
||||||
|
buildInputs = [ imagemagick ];
|
||||||
|
|
||||||
|
makeFlags = [ "prefix=$(out)" ];
|
||||||
|
|
||||||
|
preConfigure = "cd src/main/cpp";
|
||||||
|
|
||||||
|
meta = with stdenv.lib; {
|
||||||
|
homepage = "https://github.com/stefanhaustein/TerminalImageViewer";
|
||||||
|
description = "Small C++ program to display images in a (modern) terminal using RGB ANSI codes and unicode block graphics characters";
|
||||||
|
license = licenses.asl20;
|
||||||
|
maintainers = with maintainers; [ magnetophon ];
|
||||||
|
platforms = [ "x86_64-linux" ];
|
||||||
|
};
|
||||||
|
}
|
|
@ -8,16 +8,16 @@
|
||||||
|
|
||||||
buildGoModule rec {
|
buildGoModule rec {
|
||||||
pname = "wtf";
|
pname = "wtf";
|
||||||
version = "0.33.0";
|
version = "0.34.0";
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "wtfutil";
|
owner = "wtfutil";
|
||||||
repo = pname;
|
repo = pname;
|
||||||
rev = "v${version}";
|
rev = "v${version}";
|
||||||
sha256 = "0dszc3igfvlb6dgf5whyhw72id39lqqmgpd42kyqx5yjf5dw2wg7";
|
sha256 = "01zydr1w8byjhxf4xj6z001q4ynq0452cn332ap1l1w0dmx9mxyr";
|
||||||
};
|
};
|
||||||
|
|
||||||
vendorSha256 = "1wcqk8lfv3jq7dfaj9dj8bzsmq2qislzs1m38gx1hh4jwg1rn2cn";
|
vendorSha256 = "1xyai417l8q44b562ssp5qqw04klrhg5397ahr4pc3i30csz8a7a";
|
||||||
|
|
||||||
doCheck = false;
|
doCheck = false;
|
||||||
|
|
||||||
|
|
|
@ -1,32 +1,30 @@
|
||||||
{ stdenv, fetchurl, xorg, pkgconfig
|
{ stdenv, fetchFromGitHub, xorg, pkg-config
|
||||||
, gtkSupport ? true, gtk2
|
, cmake, libevdev
|
||||||
, qtSupport ? true, qt4
|
, gtkSupport ? true, gtk3, pcre, glib, wrapGAppsHook
|
||||||
|
, fltkSupport ? true, fltk
|
||||||
|
, qtSupport ? true, qt5
|
||||||
}:
|
}:
|
||||||
|
|
||||||
stdenv.mkDerivation {
|
stdenv.mkDerivation rec {
|
||||||
version = "0.31";
|
|
||||||
pname = "xautoclick";
|
pname = "xautoclick";
|
||||||
src = fetchurl {
|
version = "0.34";
|
||||||
url = "mirror://sourceforge/project/xautoclick/xautoclick/xautoclick-0.31/xautoclick-0.31.tar.gz";
|
|
||||||
sha256 = "0h522f12a7v2b89411xm51iwixmjp2mp90rnizjgiakx9ajnmqnm";
|
src = fetchFromGitHub {
|
||||||
|
owner = "qarkai";
|
||||||
|
repo = "xautoclick";
|
||||||
|
rev = "v${version}";
|
||||||
|
sha256 = "GN3zI5LQnVmRC0KWffzUTHKrxcqnstiL55hopwTTwpE=";
|
||||||
};
|
};
|
||||||
nativeBuildInputs = [ pkgconfig ];
|
|
||||||
buildInputs = [ xorg.libX11 xorg.libXtst xorg.xinput xorg.libXi xorg.libXext ]
|
nativeBuildInputs = [ cmake pkg-config ];
|
||||||
++ stdenv.lib.optionals gtkSupport [ gtk2 ]
|
buildInputs = [ libevdev xorg.libXtst ]
|
||||||
++ stdenv.lib.optionals qtSupport [ qt4 ];
|
++ stdenv.lib.optionals gtkSupport [ gtk3 pcre glib wrapGAppsHook ]
|
||||||
patchPhase = ''
|
++ stdenv.lib.optionals fltkSupport [ fltk ]
|
||||||
substituteInPlace configure --replace /usr/X11R6 ${xorg.libX11.dev}
|
++ stdenv.lib.optionals qtSupport [ qt5.qtbase qt5.wrapQtAppsHook ];
|
||||||
'';
|
|
||||||
preConfigure = stdenv.lib.optional qtSupport ''
|
|
||||||
mkdir .bin
|
|
||||||
ln -s ${qt4}/bin/moc .bin/moc-qt4
|
|
||||||
addToSearchPath PATH .bin
|
|
||||||
sed -i -e "s@LD=\$_cc@LD=\$_cxx@" configure
|
|
||||||
'';
|
|
||||||
|
|
||||||
meta = with stdenv.lib; {
|
meta = with stdenv.lib; {
|
||||||
description = "Autoclicker application, which enables you to automatically click the left mousebutton";
|
description = "Autoclicker application, which enables you to automatically click the left mousebutton";
|
||||||
homepage = "http://xautoclick.sourceforge.net";
|
homepage = "https://github.com/qarkai/xautoclick";
|
||||||
license = licenses.gpl2;
|
license = licenses.gpl2;
|
||||||
platforms = platforms.linux;
|
platforms = platforms.linux;
|
||||||
};
|
};
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
let
|
let
|
||||||
pname = "Sylk";
|
pname = "Sylk";
|
||||||
version = "2.9.1";
|
version = "2.9.2";
|
||||||
in
|
in
|
||||||
|
|
||||||
appimageTools.wrapType2 rec {
|
appimageTools.wrapType2 rec {
|
||||||
|
@ -10,7 +10,7 @@ appimageTools.wrapType2 rec {
|
||||||
|
|
||||||
src = fetchurl {
|
src = fetchurl {
|
||||||
url = "http://download.ag-projects.com/Sylk/Sylk-${version}-x86_64.AppImage";
|
url = "http://download.ag-projects.com/Sylk/Sylk-${version}-x86_64.AppImage";
|
||||||
hash = "sha256-Y1FR1tYZTxhMFn6NL578otitmOsngMJBPK/9cpCqE/Q=";
|
hash = "sha256-pfzTeKxY2fs98mgvhzaI/uBbYYkxfnQ+6jQ+gTSeEkA=";
|
||||||
};
|
};
|
||||||
|
|
||||||
profile = ''
|
profile = ''
|
||||||
|
|
|
@ -22,7 +22,7 @@
|
||||||
# optional dependencies
|
# optional dependencies
|
||||||
, libgcrypt ? null # gnomeSupport || cupsSupport
|
, libgcrypt ? null # gnomeSupport || cupsSupport
|
||||||
, libva ? null # useVaapi
|
, libva ? null # useVaapi
|
||||||
, libdrm ? null, wayland ? null, mesa_drivers ? null, libxkbcommon ? null # useOzone
|
, libdrm ? null, wayland ? null, mesa ? null, libxkbcommon ? null # useOzone
|
||||||
|
|
||||||
# package customization
|
# package customization
|
||||||
, useOzone ? false
|
, useOzone ? false
|
||||||
|
@ -146,7 +146,7 @@ let
|
||||||
++ optionals gnomeSupport [ gnome.GConf libgcrypt ]
|
++ optionals gnomeSupport [ gnome.GConf libgcrypt ]
|
||||||
++ optionals cupsSupport [ libgcrypt cups ]
|
++ optionals cupsSupport [ libgcrypt cups ]
|
||||||
++ optional pulseSupport libpulseaudio
|
++ optional pulseSupport libpulseaudio
|
||||||
++ optionals useOzone [ libdrm wayland mesa_drivers libxkbcommon ];
|
++ optionals useOzone [ libdrm wayland mesa.drivers libxkbcommon ];
|
||||||
|
|
||||||
patches = [
|
patches = [
|
||||||
./patches/no-build-timestamps.patch # Optional patch to use SOURCE_DATE_EPOCH in compute_build_timestamp.py (should be upstreamed)
|
./patches/no-build-timestamps.patch # Optional patch to use SOURCE_DATE_EPOCH in compute_build_timestamp.py (should be upstreamed)
|
||||||
|
|
|
@ -9,7 +9,7 @@
|
||||||
, hunspell, libXdamage, libevent, libstartup_notification
|
, hunspell, libXdamage, libevent, libstartup_notification
|
||||||
, libvpx_1_8
|
, libvpx_1_8
|
||||||
, icu67, libpng, jemalloc, glib
|
, icu67, libpng, jemalloc, glib
|
||||||
, autoconf213, which, gnused, cargo, rustc
|
, autoconf213, which, gnused, rustPackages, rustPackages_1_45
|
||||||
, rust-cbindgen, nodejs, nasm, fetchpatch
|
, rust-cbindgen, nodejs, nasm, fetchpatch
|
||||||
, gnum4
|
, gnum4
|
||||||
, debugBuild ? false
|
, debugBuild ? false
|
||||||
|
@ -102,6 +102,10 @@ let
|
||||||
buildStdenv = if ltoSupport
|
buildStdenv = if ltoSupport
|
||||||
then overrideCC stdenv llvmPackages.lldClang
|
then overrideCC stdenv llvmPackages.lldClang
|
||||||
else stdenv;
|
else stdenv;
|
||||||
|
|
||||||
|
# 78 ESR won't build with rustc 1.47
|
||||||
|
inherit (if lib.versionAtLeast ffversion "82" then rustPackages else rustPackages_1_45)
|
||||||
|
rustc cargo;
|
||||||
in
|
in
|
||||||
|
|
||||||
buildStdenv.mkDerivation ({
|
buildStdenv.mkDerivation ({
|
||||||
|
|
|
@ -403,7 +403,7 @@ stdenv.mkDerivation rec {
|
||||||
homepage = "https://www.torproject.org/";
|
homepage = "https://www.torproject.org/";
|
||||||
changelog = "https://gitweb.torproject.org/builders/tor-browser-build.git/plain/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt?h=maint-${version}";
|
changelog = "https://gitweb.torproject.org/builders/tor-browser-build.git/plain/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt?h=maint-${version}";
|
||||||
platforms = attrNames srcs;
|
platforms = attrNames srcs;
|
||||||
maintainers = with maintainers; [ offline matejc doublec thoughtpolice joachifm hax404 cap KarlJoad ];
|
maintainers = with maintainers; [ offline matejc thoughtpolice joachifm hax404 cap KarlJoad ];
|
||||||
hydraPlatforms = [];
|
hydraPlatforms = [];
|
||||||
# MPL2.0+, GPL+, &c. While it's not entirely clear whether
|
# MPL2.0+, GPL+, &c. While it's not entirely clear whether
|
||||||
# the compound is "libre" in a strict sense (some components place certain
|
# the compound is "libre" in a strict sense (some components place certain
|
||||||
|
|
|
@ -13,7 +13,7 @@ mkChromiumDerivation (base: rec {
|
||||||
|
|
||||||
installPhase = ''
|
installPhase = ''
|
||||||
mkdir -p "$libExecPath"
|
mkdir -p "$libExecPath"
|
||||||
cp -v "$buildPath/"*.pak "$buildPath/"*.bin "$libExecPath/"
|
cp -v "$buildPath/"*.so "$buildPath/"*.pak "$buildPath/"*.bin "$libExecPath/"
|
||||||
cp -v "$buildPath/icudtl.dat" "$libExecPath/"
|
cp -v "$buildPath/icudtl.dat" "$libExecPath/"
|
||||||
cp -vLR "$buildPath/locales" "$buildPath/resources" "$libExecPath/"
|
cp -vLR "$buildPath/locales" "$buildPath/resources" "$libExecPath/"
|
||||||
cp -v "$buildPath/chrome" "$libExecPath/$packageName"
|
cp -v "$buildPath/chrome" "$libExecPath/$packageName"
|
||||||
|
@ -78,17 +78,10 @@ mkChromiumDerivation (base: rec {
|
||||||
'';
|
'';
|
||||||
homepage = "https://github.com/Eloston/ungoogled-chromium";
|
homepage = "https://github.com/Eloston/ungoogled-chromium";
|
||||||
maintainers = with maintainers; [ squalus ];
|
maintainers = with maintainers; [ squalus ];
|
||||||
# Overview of the maintainer roles:
|
|
||||||
# nixos-unstable:
|
|
||||||
# - TODO: Need a new maintainer for x86_64 [0]
|
|
||||||
# - @thefloweringash: aarch64
|
|
||||||
# - @primeos: Provisional maintainer (x86_64)
|
|
||||||
# Stable channel:
|
|
||||||
# - TODO (need someone to test backports [0])
|
|
||||||
# [0]: https://github.com/NixOS/nixpkgs/issues/78450
|
|
||||||
license = if enableWideVine then licenses.unfree else licenses.bsd3;
|
license = if enableWideVine then licenses.unfree else licenses.bsd3;
|
||||||
platforms = platforms.linux;
|
platforms = platforms.linux;
|
||||||
hydraPlatforms = if channel == "stable" then ["aarch64-linux" "x86_64-linux"] else [];
|
hydraPlatforms = if channel == "stable" then ["aarch64-linux" "x86_64-linux"] else [];
|
||||||
timeout = 172800; # 48 hours
|
timeout = 172800; # 48 hours (increased from the Hydra default of 10h)
|
||||||
|
broken = channel == "dev"; # Blocked on https://bugs.chromium.org/p/chromium/issues/detail?id=1141896
|
||||||
};
|
};
|
||||||
})
|
})
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
, libevent, expat, libjpeg, snappy
|
, libevent, expat, libjpeg, snappy
|
||||||
, libpng, libcap
|
, libpng, libcap
|
||||||
, xdg_utils, yasm, nasm, minizip, libwebp
|
, xdg_utils, yasm, nasm, minizip, libwebp
|
||||||
, libusb1, pciutils, nss, re2, zlib
|
, libusb1, pciutils, nss, re2
|
||||||
|
|
||||||
, python2Packages, perl, pkgconfig
|
, python2Packages, perl, pkgconfig
|
||||||
, nspr, systemd, kerberos
|
, nspr, systemd, kerberos
|
||||||
|
@ -13,17 +13,16 @@
|
||||||
, bison, gperf
|
, bison, gperf
|
||||||
, glib, gtk3, dbus-glib
|
, glib, gtk3, dbus-glib
|
||||||
, glibc
|
, glibc
|
||||||
, xorg
|
|
||||||
, libXScrnSaver, libXcursor, libXtst, libGLU, libGL
|
, libXScrnSaver, libXcursor, libXtst, libGLU, libGL
|
||||||
, protobuf, speechd, libXdamage, cups
|
, protobuf, speechd, libXdamage, cups
|
||||||
, ffmpeg_3, libxslt, libxml2, at-spi2-core
|
, ffmpeg, libxslt, libxml2, at-spi2-core
|
||||||
, jre8
|
, jre8
|
||||||
, pipewire_0_2
|
, pipewire_0_2
|
||||||
|
|
||||||
# optional dependencies
|
# optional dependencies
|
||||||
, libgcrypt ? null # gnomeSupport || cupsSupport
|
, libgcrypt ? null # gnomeSupport || cupsSupport
|
||||||
, libva ? null # useVaapi
|
, libva ? null # useVaapi
|
||||||
, libdrm ? null, wayland ? null, mesa_drivers ? null, libxkbcommon ? null # useOzone
|
, libdrm ? null, wayland ? null, mesa ? null, libxkbcommon ? null # useOzone
|
||||||
|
|
||||||
# package customization
|
# package customization
|
||||||
, useOzone ? false
|
, useOzone ? false
|
||||||
|
@ -49,8 +48,6 @@ buildFun:
|
||||||
|
|
||||||
with stdenv.lib;
|
with stdenv.lib;
|
||||||
|
|
||||||
# see http://www.linuxfromscratch.org/blfs/view/cvs/xsoft/chromium.html
|
|
||||||
|
|
||||||
let
|
let
|
||||||
jre = jre8; # TODO: remove override https://github.com/NixOS/nixpkgs/pull/89731
|
jre = jre8; # TODO: remove override https://github.com/NixOS/nixpkgs/pull/89731
|
||||||
|
|
||||||
|
@ -66,7 +63,7 @@ let
|
||||||
mkGnFlags =
|
mkGnFlags =
|
||||||
let
|
let
|
||||||
# Serialize Nix types into GN types according to this document:
|
# Serialize Nix types into GN types according to this document:
|
||||||
# https://chromium.googlesource.com/chromium/src/+/master/tools/gn/docs/language.md
|
# https://source.chromium.org/gn/gn/+/master:docs/language.md
|
||||||
mkGnString = value: "\"${escape ["\"" "$" "\\"] value}\"";
|
mkGnString = value: "\"${escape ["\"" "$" "\\"] value}\"";
|
||||||
sanitize = value:
|
sanitize = value:
|
||||||
if value == true then "true"
|
if value == true then "true"
|
||||||
|
@ -78,14 +75,17 @@ let
|
||||||
toFlag = key: value: "${key}=${sanitize value}";
|
toFlag = key: value: "${key}=${sanitize value}";
|
||||||
in attrs: concatStringsSep " " (attrValues (mapAttrs toFlag attrs));
|
in attrs: concatStringsSep " " (attrValues (mapAttrs toFlag attrs));
|
||||||
|
|
||||||
|
# https://source.chromium.org/chromium/chromium/src/+/master:build/linux/unbundle/replace_gn_files.py
|
||||||
gnSystemLibraries = [
|
gnSystemLibraries = [
|
||||||
"flac" "libwebp" "libxslt" "opus" "snappy" "libpng"
|
"ffmpeg"
|
||||||
# "zlib" # version 77 reports unresolved dependency on //third_party/zlib:zlib_config
|
"flac"
|
||||||
# "libjpeg" # fails with multiple undefined references to chromium_jpeg_*
|
"libjpeg"
|
||||||
# "re2" # fails with linker errors
|
"libpng"
|
||||||
# "ffmpeg" # https://crbug.com/731766
|
"libwebp"
|
||||||
# "harfbuzz-ng" # in versions over 63 harfbuzz and freetype are being built together
|
"libxslt"
|
||||||
# so we can't build with one from system and other from source
|
"opus"
|
||||||
|
"snappy"
|
||||||
|
"zlib"
|
||||||
];
|
];
|
||||||
|
|
||||||
opusWithCustomModes = libopus.override {
|
opusWithCustomModes = libopus.override {
|
||||||
|
@ -97,11 +97,9 @@ let
|
||||||
libevent expat libjpeg snappy
|
libevent expat libjpeg snappy
|
||||||
libpng libcap
|
libpng libcap
|
||||||
xdg_utils minizip libwebp
|
xdg_utils minizip libwebp
|
||||||
libusb1 re2 zlib
|
libusb1 re2
|
||||||
ffmpeg_3 libxslt libxml2
|
ffmpeg libxslt libxml2
|
||||||
nasm
|
nasm
|
||||||
# harfbuzz # in versions over 63 harfbuzz and freetype are being built together
|
|
||||||
# so we can't build with one from system and other from source
|
|
||||||
];
|
];
|
||||||
|
|
||||||
# build paths and release info
|
# build paths and release info
|
||||||
|
@ -135,10 +133,10 @@ let
|
||||||
};
|
};
|
||||||
|
|
||||||
nativeBuildInputs = [
|
nativeBuildInputs = [
|
||||||
|
llvmPackages.lldClang.bintools
|
||||||
ninja which python2Packages.python perl pkgconfig
|
ninja which python2Packages.python perl pkgconfig
|
||||||
python2Packages.ply python2Packages.jinja2 nodejs
|
python2Packages.ply python2Packages.jinja2 nodejs
|
||||||
gnutar python2Packages.setuptools
|
gnutar python2Packages.setuptools
|
||||||
(xorg.xcbproto.override { python = python2Packages.python; })
|
|
||||||
];
|
];
|
||||||
|
|
||||||
buildInputs = defaultDependencies ++ [
|
buildInputs = defaultDependencies ++ [
|
||||||
|
@ -155,36 +153,37 @@ let
|
||||||
++ optionals gnomeSupport [ gnome.GConf libgcrypt ]
|
++ optionals gnomeSupport [ gnome.GConf libgcrypt ]
|
||||||
++ optionals cupsSupport [ libgcrypt cups ]
|
++ optionals cupsSupport [ libgcrypt cups ]
|
||||||
++ optional pulseSupport libpulseaudio
|
++ optional pulseSupport libpulseaudio
|
||||||
++ optionals useOzone [ libdrm wayland mesa_drivers libxkbcommon ];
|
++ optionals useOzone [ libdrm wayland mesa.drivers libxkbcommon ];
|
||||||
|
|
||||||
patches = optionals (versionRange "68" "86") [
|
patches = [
|
||||||
./patches/nix_plugin_paths_68.patch
|
./patches/no-build-timestamps.patch # Optional patch to use SOURCE_DATE_EPOCH in compute_build_timestamp.py (should be upstreamed)
|
||||||
] ++ [
|
./patches/widevine-79.patch # For bundling Widevine (DRM), might be replaceable via bundle_widevine_cdm=true in gnFlags
|
||||||
./patches/remove-webp-include-69.patch
|
|
||||||
./patches/no-build-timestamps.patch
|
|
||||||
./patches/widevine-79.patch
|
|
||||||
./patches/dont-use-ANGLE-by-default.patch
|
|
||||||
# Unfortunately, chromium regularly breaks on major updates and
|
|
||||||
# then needs various patches backported in order to be compiled with GCC.
|
|
||||||
# Good sources for such patches and other hints:
|
|
||||||
# - https://gitweb.gentoo.org/repo/gentoo.git/plain/www-client/chromium/
|
|
||||||
# - https://git.archlinux.org/svntogit/packages.git/tree/trunk?h=packages/chromium
|
|
||||||
# - https://github.com/chromium/chromium/search?q=GCC&s=committer-date&type=Commits
|
|
||||||
#
|
|
||||||
# ++ optionals (channel == "dev") [ ( githubPatch "<patch>" "0000000000000000000000000000000000000000000000000000000000000000" ) ]
|
|
||||||
# ++ optional (versionRange "68" "72") ( githubPatch "<patch>" "0000000000000000000000000000000000000000000000000000000000000000" )
|
# ++ optional (versionRange "68" "72") ( githubPatch "<patch>" "0000000000000000000000000000000000000000000000000000000000000000" )
|
||||||
] ++ optionals (useVaapi && versionRange "68" "86") [ # Improvements for the VA-API build:
|
] ++ optionals (useVaapi && versionRange "86" "87") [
|
||||||
./patches/enable-vdpau-support-for-nvidia.patch # https://aur.archlinux.org/cgit/aur.git/tree/vdpau-support.patch?h=chromium-vaapi
|
# Check for enable-accelerated-video-decode on Linux:
|
||||||
./patches/enable-video-acceleration-on-linux.patch # Can be controlled at runtime (i.e. without rebuilding Chromium)
|
(githubPatch "54deb9811ca9bd2327def5c05ba6987b8c7a0897" "11jvxjlkzz1hm0pvfyr88j7z3zbwzplyl5idkx92l2lzv4459c8d")
|
||||||
];
|
];
|
||||||
|
|
||||||
postPatch = optionalString (!versionRange "0" "86") ''
|
postPatch = ''
|
||||||
|
# remove unused third-party
|
||||||
|
for lib in ${toString gnSystemLibraries}; do
|
||||||
|
if [ -d "third_party/$lib" ]; then
|
||||||
|
find "third_party/$lib" -type f \
|
||||||
|
\! -path "third_party/$lib/chromium/*" \
|
||||||
|
\! -path "third_party/$lib/google/*" \
|
||||||
|
\! -path "third_party/harfbuzz-ng/utils/hb_scoped.h" \
|
||||||
|
\! -regex '.*\.\(gn\|gni\|isolate\)' \
|
||||||
|
-delete
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
# Required for patchShebangs (unsupported interpreter directive, basename: invalid option -- '*', etc.):
|
# Required for patchShebangs (unsupported interpreter directive, basename: invalid option -- '*', etc.):
|
||||||
substituteInPlace native_client/SConstruct \
|
substituteInPlace native_client/SConstruct --replace "#! -*- python -*-" ""
|
||||||
--replace "#! -*- python -*-" ""
|
if [ -e third_party/harfbuzz-ng/src/src/update-unicode-tables.make ]; then
|
||||||
substituteInPlace third_party/harfbuzz-ng/src/src/update-unicode-tables.make \
|
substituteInPlace third_party/harfbuzz-ng/src/src/update-unicode-tables.make \
|
||||||
--replace "/usr/bin/env -S make -f" "/usr/bin/make -f"
|
--replace "/usr/bin/env -S make -f" "/usr/bin/make -f"
|
||||||
'' + ''
|
fi
|
||||||
|
|
||||||
# We want to be able to specify where the sandbox is via CHROME_DEVEL_SANDBOX
|
# We want to be able to specify where the sandbox is via CHROME_DEVEL_SANDBOX
|
||||||
substituteInPlace sandbox/linux/suid/client/setuid_sandbox_host.cc \
|
substituteInPlace sandbox/linux/suid/client/setuid_sandbox_host.cc \
|
||||||
--replace \
|
--replace \
|
||||||
|
@ -202,11 +201,6 @@ let
|
||||||
'/usr/share/locale/' \
|
'/usr/share/locale/' \
|
||||||
'${glibc}/share/locale/'
|
'${glibc}/share/locale/'
|
||||||
|
|
||||||
substituteInPlace ui/gfx/x/BUILD.gn \
|
|
||||||
--replace \
|
|
||||||
'/usr/share/xcb' \
|
|
||||||
'${xorg.xcbproto}/share/xcb/'
|
|
||||||
|
|
||||||
sed -i -e 's@"\(#!\)\?.*xdg-@"\1${xdg_utils}/bin/xdg-@' \
|
sed -i -e 's@"\(#!\)\?.*xdg-@"\1${xdg_utils}/bin/xdg-@' \
|
||||||
chrome/browser/shell_integration_linux.cc
|
chrome/browser/shell_integration_linux.cc
|
||||||
|
|
||||||
|
@ -216,42 +210,20 @@ let
|
||||||
sed -i -e '/libpci_loader.*Load/s!"\(libpci\.so\)!"${pciutils}/lib/\1!' \
|
sed -i -e '/libpci_loader.*Load/s!"\(libpci\.so\)!"${pciutils}/lib/\1!' \
|
||||||
gpu/config/gpu_info_collector_linux.cc
|
gpu/config/gpu_info_collector_linux.cc
|
||||||
|
|
||||||
sed -i -re 's/([^:])\<(isnan *\()/\1std::\2/g' \
|
|
||||||
chrome/browser/ui/webui/engagement/site_engagement_ui.cc
|
|
||||||
|
|
||||||
sed -i -e '/#include/ {
|
|
||||||
i #include <algorithm>
|
|
||||||
:l; n; bl
|
|
||||||
}' gpu/config/gpu_control_list.cc
|
|
||||||
|
|
||||||
# Allow to put extensions into the system-path.
|
# Allow to put extensions into the system-path.
|
||||||
sed -i -e 's,/usr,/run/current-system/sw,' chrome/common/chrome_paths.cc
|
sed -i -e 's,/usr,/run/current-system/sw,' chrome/common/chrome_paths.cc
|
||||||
|
|
||||||
patchShebangs .
|
patchShebangs .
|
||||||
# use our own nodejs
|
# use our own nodejs
|
||||||
mkdir -p third_party/node/linux/node-linux-x64/bin
|
mkdir -p third_party/node/linux/node-linux-x64/bin
|
||||||
ln -s $(which node) third_party/node/linux/node-linux-x64/bin/node
|
ln -s "$(command -v node)" third_party/node/linux/node-linux-x64/bin/node
|
||||||
|
|
||||||
|
# Allow building against system libraries in official builds
|
||||||
|
sed -i 's/OFFICIAL_BUILD/GOOGLE_CHROME_BUILD/' tools/generate_shim_headers/generate_shim_headers.py
|
||||||
|
|
||||||
# remove unused third-party
|
|
||||||
# in third_party/crashpad third_party/zlib contains just a header-adapter
|
|
||||||
for lib in ${toString gnSystemLibraries}; do
|
|
||||||
find -type f -path "*third_party/$lib/*" \
|
|
||||||
\! -path "*third_party/crashpad/crashpad/third_party/zlib/*" \
|
|
||||||
\! -path "*third_party/$lib/chromium/*" \
|
|
||||||
\! -path "*third_party/$lib/google/*" \
|
|
||||||
\! -path "*base/third_party/icu/*" \
|
|
||||||
\! -path "*base/third_party/libevent/*" \
|
|
||||||
\! -regex '.*\.\(gn\|gni\|isolate\|py\)' \
|
|
||||||
-delete
|
|
||||||
done
|
|
||||||
'' + optionalString stdenv.isAarch64 ''
|
'' + optionalString stdenv.isAarch64 ''
|
||||||
substituteInPlace build/toolchain/linux/BUILD.gn \
|
substituteInPlace build/toolchain/linux/BUILD.gn \
|
||||||
--replace 'toolprefix = "aarch64-linux-gnu-"' 'toolprefix = ""'
|
--replace 'toolprefix = "aarch64-linux-gnu-"' 'toolprefix = ""'
|
||||||
'' + optionalString stdenv.cc.isClang ''
|
|
||||||
mkdir -p third_party/llvm-build/Release+Asserts/bin
|
|
||||||
ln -s ${stdenv.cc}/bin/clang third_party/llvm-build/Release+Asserts/bin/clang
|
|
||||||
ln -s ${stdenv.cc}/bin/clang++ third_party/llvm-build/Release+Asserts/bin/clang++
|
|
||||||
ln -s ${llvmPackages.llvm}/bin/llvm-ar third_party/llvm-build/Release+Asserts/bin/llvm-ar
|
|
||||||
'' + optionalString ungoogled ''
|
'' + optionalString ungoogled ''
|
||||||
${ungoogler}/utils/prune_binaries.py . ${ungoogler}/pruning.list || echo "some errors"
|
${ungoogler}/utils/prune_binaries.py . ${ungoogler}/pruning.list || echo "some errors"
|
||||||
${ungoogler}/utils/patches.py . ${ungoogler}/patches
|
${ungoogler}/utils/patches.py . ${ungoogler}/patches
|
||||||
|
@ -259,9 +231,9 @@ let
|
||||||
'';
|
'';
|
||||||
|
|
||||||
gnFlags = mkGnFlags ({
|
gnFlags = mkGnFlags ({
|
||||||
use_lld = false;
|
custom_toolchain = "//build/toolchain/linux/unbundle:default";
|
||||||
use_gold = true;
|
host_toolchain = "//build/toolchain/linux/unbundle:default";
|
||||||
gold_path = "${stdenv.cc}/bin";
|
is_official_build = true;
|
||||||
is_debug = false;
|
is_debug = false;
|
||||||
|
|
||||||
proprietary_codecs = false;
|
proprietary_codecs = false;
|
||||||
|
@ -283,6 +255,7 @@ let
|
||||||
is_clang = stdenv.cc.isClang;
|
is_clang = stdenv.cc.isClang;
|
||||||
clang_use_chrome_plugins = false;
|
clang_use_chrome_plugins = false;
|
||||||
blink_symbol_level = 0;
|
blink_symbol_level = 0;
|
||||||
|
symbol_level = 0;
|
||||||
fieldtrial_testing_like_official_build = true;
|
fieldtrial_testing_like_official_build = true;
|
||||||
|
|
||||||
# Google API keys, see:
|
# Google API keys, see:
|
||||||
|
@ -336,8 +309,7 @@ let
|
||||||
|
|
||||||
# This is to ensure expansion of $out.
|
# This is to ensure expansion of $out.
|
||||||
libExecPath="${libExecPath}"
|
libExecPath="${libExecPath}"
|
||||||
python build/linux/unbundle/replace_gn_files.py \
|
python build/linux/unbundle/replace_gn_files.py --system-libraries ${toString gnSystemLibraries}
|
||||||
--system-libraries ${toString gnSystemLibraries}
|
|
||||||
${gnChromium}/bin/gn gen --args=${escapeShellArg gnFlags} out/Release | tee gn-gen-outputs.txt
|
${gnChromium}/bin/gn gen --args=${escapeShellArg gnFlags} out/Release | tee gn-gen-outputs.txt
|
||||||
|
|
||||||
# Fail if `gn gen` contains a WARNING.
|
# Fail if `gn gen` contains a WARNING.
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
{ newScope, config, stdenv, fetchurl, makeWrapper
|
{ newScope, config, stdenv, fetchurl, makeWrapper
|
||||||
, llvmPackages_10, llvmPackages_11, ed, gnugrep, coreutils, xdg_utils
|
, llvmPackages_11, ed, gnugrep, coreutils, xdg_utils
|
||||||
, glib, gtk3, gnome3, gsettings-desktop-schemas, gn, fetchgit
|
, glib, gtk3, gnome3, gsettings-desktop-schemas, gn, fetchgit
|
||||||
, libva ? null
|
, libva ? null
|
||||||
, pipewire_0_2
|
, pipewire_0_2
|
||||||
|
@ -14,8 +14,7 @@
|
||||||
, proprietaryCodecs ? true
|
, proprietaryCodecs ? true
|
||||||
, enablePepperFlash ? false
|
, enablePepperFlash ? false
|
||||||
, enableWideVine ? false
|
, enableWideVine ? false
|
||||||
, useVaapi ? false # Deprecated, use enableVaapi instead!
|
, enableVaapi ? false # Disabled by default due to unofficial support
|
||||||
, enableVaapi ? false # Disabled by default due to unofficial support and issues on radeon
|
|
||||||
, ungoogled ? true
|
, ungoogled ? true
|
||||||
, useOzone ? false
|
, useOzone ? false
|
||||||
, cupsSupport ? true
|
, cupsSupport ? true
|
||||||
|
@ -24,7 +23,7 @@
|
||||||
}:
|
}:
|
||||||
|
|
||||||
let
|
let
|
||||||
llvmPackages = llvmPackages_10;
|
llvmPackages = llvmPackages_11;
|
||||||
stdenv = llvmPackages.stdenv;
|
stdenv = llvmPackages.stdenv;
|
||||||
|
|
||||||
callPackage = newScope chromium;
|
callPackage = newScope chromium;
|
||||||
|
@ -39,16 +38,6 @@ let
|
||||||
cupsSupport pulseSupport useOzone;
|
cupsSupport pulseSupport useOzone;
|
||||||
inherit ungoogled;
|
inherit ungoogled;
|
||||||
# TODO: Remove after we can update gn for the stable channel (backward incompatible changes):
|
# TODO: Remove after we can update gn for the stable channel (backward incompatible changes):
|
||||||
gnChromium = gn.overrideAttrs (oldAttrs: {
|
|
||||||
version = "2020-05-19";
|
|
||||||
src = fetchgit {
|
|
||||||
url = "https://gn.googlesource.com/gn";
|
|
||||||
rev = "d0a6f072070988e7b038496c4e7d6c562b649732";
|
|
||||||
sha256 = "0197msabskgfbxvhzq73gc3wlr3n9cr4bzrhy5z5irbvy05lxk17";
|
|
||||||
};
|
|
||||||
});
|
|
||||||
} // lib.optionalAttrs (lib.versionAtLeast upstream-info.version "86") {
|
|
||||||
llvmPackages = llvmPackages_11;
|
|
||||||
gnChromium = gn.overrideAttrs (oldAttrs: {
|
gnChromium = gn.overrideAttrs (oldAttrs: {
|
||||||
version = "2020-07-20";
|
version = "2020-07-20";
|
||||||
src = fetchgit {
|
src = fetchgit {
|
||||||
|
@ -58,8 +47,8 @@ let
|
||||||
};
|
};
|
||||||
});
|
});
|
||||||
} // lib.optionalAttrs (lib.versionAtLeast upstream-info.version "87") {
|
} // lib.optionalAttrs (lib.versionAtLeast upstream-info.version "87") {
|
||||||
llvmPackages = llvmPackages_11;
|
|
||||||
useOzone = true; # YAY: https://chromium-review.googlesource.com/c/chromium/src/+/2382834 \o/
|
useOzone = true; # YAY: https://chromium-review.googlesource.com/c/chromium/src/+/2382834 \o/
|
||||||
|
useVaapi = !stdenv.isAarch64; # TODO: Might be best to not set use_vaapi anymore (default is fine)
|
||||||
gnChromium = gn.overrideAttrs (oldAttrs: {
|
gnChromium = gn.overrideAttrs (oldAttrs: {
|
||||||
version = "2020-08-17";
|
version = "2020-08-17";
|
||||||
src = fetchgit {
|
src = fetchgit {
|
||||||
|
@ -162,13 +151,6 @@ let
|
||||||
''
|
''
|
||||||
else browser;
|
else browser;
|
||||||
|
|
||||||
optionalVaapiFlags = if useVaapi # TODO: Remove after 20.09:
|
|
||||||
then throw ''
|
|
||||||
Chromium's useVaapi was replaced by enableVaapi and you don't need to pass
|
|
||||||
"--ignore-gpu-blacklist" anymore (also no rebuilds are required anymore).
|
|
||||||
'' else lib.optionalString
|
|
||||||
(!enableVaapi)
|
|
||||||
"--add-flags --disable-accelerated-video-decode --add-flags --disable-accelerated-video-encode";
|
|
||||||
in stdenv.mkDerivation {
|
in stdenv.mkDerivation {
|
||||||
name = "ungoogled-chromium${suffix}-${version}";
|
name = "ungoogled-chromium${suffix}-${version}";
|
||||||
inherit version;
|
inherit version;
|
||||||
|
@ -195,7 +177,7 @@ in stdenv.mkDerivation {
|
||||||
|
|
||||||
eval makeWrapper "${browserBinary}" "$out/bin/chromium" \
|
eval makeWrapper "${browserBinary}" "$out/bin/chromium" \
|
||||||
--add-flags ${escapeShellArg (escapeShellArg commandLineArgs)} \
|
--add-flags ${escapeShellArg (escapeShellArg commandLineArgs)} \
|
||||||
${optionalVaapiFlags} \
|
${lib.optionalString enableVaapi "--add-flags --enable-accelerated-video-decode"} \
|
||||||
${concatMapStringsSep " " getWrapperFlags chromium.plugins.enabled}
|
${concatMapStringsSep " " getWrapperFlags chromium.plugins.enabled}
|
||||||
|
|
||||||
ed -v -s "$out/bin/chromium" << EOF
|
ed -v -s "$out/bin/chromium" << EOF
|
||||||
|
|
|
@ -1,26 +0,0 @@
|
||||||
A field trial currently enables the passthrough command decoder, which causes
|
|
||||||
gl_factory.cc to try kGLImplementationEGLANGLE first, which causes Chromium to fail
|
|
||||||
to load libGLESv2.so on NixOS. It somehow does not try kGLImplementationDesktopGL,
|
|
||||||
and so there is no GL support at all.
|
|
||||||
|
|
||||||
Revert to using the validating command decoder, which prevents gl_factory.cc
|
|
||||||
from touching allowed_impls, allowing it to successfully use kGLImplementationDesktopGL.
|
|
||||||
|
|
||||||
diff --git a/ui/gl/gl_utils.cc b/ui/gl/gl_utils.cc
|
|
||||||
index 697cbed5fe2d..8419bdb21a2f 100644
|
|
||||||
--- a/ui/gl/gl_utils.cc
|
|
||||||
+++ b/ui/gl/gl_utils.cc
|
|
||||||
@@ -71,9 +71,10 @@ bool UsePassthroughCommandDecoder(const base::CommandLine* command_line) {
|
|
||||||
} else if (switch_value == kCmdDecoderValidatingName) {
|
|
||||||
return false;
|
|
||||||
} else {
|
|
||||||
- // Unrecognized or missing switch, use the default.
|
|
||||||
- return base::FeatureList::IsEnabled(
|
|
||||||
- features::kDefaultPassthroughCommandDecoder);
|
|
||||||
+ // Ignore the field trial that enables it; disable it until
|
|
||||||
+ // gl_factory.cc kGLImplementationEGLANGLE issues are sorted
|
|
||||||
+ // out on NixOS.
|
|
||||||
+ return false;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,65 +0,0 @@
|
||||||
--- a/media/gpu/vaapi/vaapi_video_decode_accelerator.cc
|
|
||||||
+++ b/media/gpu/vaapi/vaapi_video_decode_accelerator.cc
|
|
||||||
@@ -641,6 +641,7 @@ void VaapiVideoDecodeAccelerator::AssignPictureBuffers(
|
|
||||||
// |vpp_vaapi_wrapper_| for VaapiPicture to DownloadFromSurface() the VA's
|
|
||||||
// internal decoded frame.
|
|
||||||
if (buffer_allocation_mode_ != BufferAllocationMode::kNone &&
|
|
||||||
+ buffer_allocation_mode_ != BufferAllocationMode::kWrapVdpau &&
|
|
||||||
!vpp_vaapi_wrapper_) {
|
|
||||||
vpp_vaapi_wrapper_ = VaapiWrapper::Create(
|
|
||||||
VaapiWrapper::kVideoProcess, VAProfileNone,
|
|
||||||
@@ -665,7 +666,8 @@ void VaapiVideoDecodeAccelerator::AssignPictureBuffers(
|
|
||||||
PictureBuffer buffer = buffers[i];
|
|
||||||
buffer.set_size(requested_pic_size_);
|
|
||||||
std::unique_ptr<VaapiPicture> picture = vaapi_picture_factory_->Create(
|
|
||||||
- (buffer_allocation_mode_ == BufferAllocationMode::kNone)
|
|
||||||
+ ((buffer_allocation_mode_ == BufferAllocationMode::kNone) ||
|
|
||||||
+ (buffer_allocation_mode_ == BufferAllocationMode::kWrapVdpau))
|
|
||||||
? vaapi_wrapper_
|
|
||||||
: vpp_vaapi_wrapper_,
|
|
||||||
make_context_current_cb_, bind_image_cb_, buffer);
|
|
||||||
@@ -1093,6 +1095,12 @@ VaapiVideoDecodeAccelerator::GetSupportedProfiles() {
|
|
||||||
|
|
||||||
VaapiVideoDecodeAccelerator::BufferAllocationMode
|
|
||||||
VaapiVideoDecodeAccelerator::DecideBufferAllocationMode() {
|
|
||||||
+ // NVIDIA blobs use VDPAU
|
|
||||||
+ if (VaapiWrapper::GetImplementationType() == VAImplementation::kNVIDIAVDPAU) {
|
|
||||||
+ LOG(INFO) << "VA-API driver on VDPAU backend";
|
|
||||||
+ return BufferAllocationMode::kWrapVdpau;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
// TODO(crbug.com/912295): Enable a better BufferAllocationMode for IMPORT
|
|
||||||
// |output_mode_| as well.
|
|
||||||
if (output_mode_ == VideoDecodeAccelerator::Config::OutputMode::IMPORT)
|
|
||||||
--- a/media/gpu/vaapi/vaapi_video_decode_accelerator.h
|
|
||||||
+++ b/media/gpu/vaapi/vaapi_video_decode_accelerator.h
|
|
||||||
@@ -204,6 +204,7 @@ class MEDIA_GPU_EXPORT VaapiVideoDecodeAccelerator
|
|
||||||
// Using |client_|s provided PictureBuffers and as many internally
|
|
||||||
// allocated.
|
|
||||||
kNormal,
|
|
||||||
+ kWrapVdpau,
|
|
||||||
};
|
|
||||||
|
|
||||||
// Decides the concrete buffer allocation mode, depending on the hardware
|
|
||||||
--- a/media/gpu/vaapi/vaapi_wrapper.cc
|
|
||||||
+++ b/media/gpu/vaapi/vaapi_wrapper.cc
|
|
||||||
@@ -131,6 +131,9 @@ media::VAImplementation VendorStringToImplementationType(
|
|
||||||
} else if (base::StartsWith(va_vendor_string, "Intel iHD driver",
|
|
||||||
base::CompareCase::SENSITIVE)) {
|
|
||||||
return media::VAImplementation::kIntelIHD;
|
|
||||||
+ } else if (base::StartsWith(va_vendor_string, "Splitted-Desktop Systems VDPAU",
|
|
||||||
+ base::CompareCase::SENSITIVE)) {
|
|
||||||
+ return media::VAImplementation::kNVIDIAVDPAU;
|
|
||||||
}
|
|
||||||
return media::VAImplementation::kOther;
|
|
||||||
}
|
|
||||||
--- a/media/gpu/vaapi/vaapi_wrapper.h
|
|
||||||
+++ b/media/gpu/vaapi/vaapi_wrapper.h
|
|
||||||
@@ -79,6 +79,7 @@ enum class VAImplementation {
|
|
||||||
kIntelIHD,
|
|
||||||
kOther,
|
|
||||||
kInvalid,
|
|
||||||
+ kNVIDIAVDPAU,
|
|
||||||
};
|
|
||||||
|
|
||||||
// This class handles VA-API calls and ensures proper locking of VA-API calls
|
|
|
@ -1,48 +0,0 @@
|
||||||
From b2144fd28e09cd52e7a88a62a9d9b54cf9922f9f Mon Sep 17 00:00:00 2001
|
|
||||||
From: Michael Weiss <dev.primeos@gmail.com>
|
|
||||||
Date: Tue, 14 Apr 2020 14:16:10 +0200
|
|
||||||
Subject: [PATCH] Enable accelerated video decode on Linux
|
|
||||||
|
|
||||||
This will enable accelerated video decode on Linux by default (i.e.
|
|
||||||
without "--ignore-gpu-blacklist"), but on NixOS we'll provide
|
|
||||||
"--disable-accelerated-video-decode" and
|
|
||||||
"--disable-accelerated-video-encode" by default to avoid regressions
|
|
||||||
(e.g. VA-API doesn't work properly for some radeon drivers).
|
|
||||||
|
|
||||||
Video acceleration can then be enabled via:
|
|
||||||
chromium.override { enableVaapi = true; }
|
|
||||||
without rebuilding Chromium.
|
|
||||||
---
|
|
||||||
gpu/config/software_rendering_list.json | 16 ----------------
|
|
||||||
1 file changed, 16 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/gpu/config/software_rendering_list.json b/gpu/config/software_rendering_list.json
|
|
||||||
index 22712bdbf38f..a06dd19a50e4 100644
|
|
||||||
--- a/gpu/config/software_rendering_list.json
|
|
||||||
+++ b/gpu/config/software_rendering_list.json
|
|
||||||
@@ -336,22 +336,6 @@
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
- "id": 48,
|
|
||||||
- "description": "Accelerated video decode is unavailable on Linux",
|
|
||||||
- "cr_bugs": [137247, 1032907],
|
|
||||||
- "os": {
|
|
||||||
- "type": "linux"
|
|
||||||
- },
|
|
||||||
- "exceptions": [
|
|
||||||
- {
|
|
||||||
- "machine_model_name": ["Chromecast"]
|
|
||||||
- }
|
|
||||||
- ],
|
|
||||||
- "features": [
|
|
||||||
- "accelerated_video_decode"
|
|
||||||
- ]
|
|
||||||
- },
|
|
||||||
- {
|
|
||||||
"id": 50,
|
|
||||||
"description": "Disable VMware software renderer on older Mesa",
|
|
||||||
"cr_bugs": [145531, 332596, 571899, 629434],
|
|
||||||
--
|
|
||||||
2.11.0
|
|
||||||
|
|
|
@ -1,61 +0,0 @@
|
||||||
diff --git a/chrome/common/chrome_paths.cc b/chrome/common/chrome_paths.cc
|
|
||||||
index f4e119d..d9775bd 100644
|
|
||||||
--- a/chrome/common/chrome_paths.cc
|
|
||||||
+++ b/chrome/common/chrome_paths.cc
|
|
||||||
@@ -68,21 +68,14 @@ static base::LazyInstance<base::FilePath>
|
|
||||||
g_invalid_specified_user_data_dir = LAZY_INSTANCE_INITIALIZER;
|
|
||||||
|
|
||||||
// Gets the path for internal plugins.
|
|
||||||
-bool GetInternalPluginsDirectory(base::FilePath* result) {
|
|
||||||
-#if defined(OS_MACOSX)
|
|
||||||
- // If called from Chrome, get internal plugins from a subdirectory of the
|
|
||||||
- // framework.
|
|
||||||
- if (base::mac::AmIBundled()) {
|
|
||||||
- *result = chrome::GetFrameworkBundlePath();
|
|
||||||
- DCHECK(!result->empty());
|
|
||||||
- *result = result->Append("Internet Plug-Ins");
|
|
||||||
- return true;
|
|
||||||
- }
|
|
||||||
- // In tests, just look in the module directory (below).
|
|
||||||
-#endif
|
|
||||||
-
|
|
||||||
- // The rest of the world expects plugins in the module directory.
|
|
||||||
- return base::PathService::Get(base::DIR_MODULE, result);
|
|
||||||
+bool GetInternalPluginsDirectory(base::FilePath* result,
|
|
||||||
+ const std::string& ident) {
|
|
||||||
+ std::string full_env = std::string("NIX_CHROMIUM_PLUGIN_PATH_") + ident;
|
|
||||||
+ const char* value = getenv(full_env.c_str());
|
|
||||||
+ if (value == NULL)
|
|
||||||
+ return base::PathService::Get(base::DIR_MODULE, result);
|
|
||||||
+ else
|
|
||||||
+ *result = base::FilePath(value);
|
|
||||||
}
|
|
||||||
|
|
||||||
// Gets the path for bundled implementations of components. Note that these
|
|
||||||
@@ -272,7 +265,7 @@ bool PathProvider(int key, base::FilePath* result) {
|
|
||||||
create_dir = true;
|
|
||||||
break;
|
|
||||||
case chrome::DIR_INTERNAL_PLUGINS:
|
|
||||||
- if (!GetInternalPluginsDirectory(&cur))
|
|
||||||
+ if (!GetInternalPluginsDirectory(&cur, "ALL"))
|
|
||||||
return false;
|
|
||||||
break;
|
|
||||||
case chrome::DIR_COMPONENTS:
|
|
||||||
@@ -280,7 +273,7 @@ bool PathProvider(int key, base::FilePath* result) {
|
|
||||||
return false;
|
|
||||||
break;
|
|
||||||
case chrome::DIR_PEPPER_FLASH_PLUGIN:
|
|
||||||
- if (!GetInternalPluginsDirectory(&cur))
|
|
||||||
+ if (!GetInternalPluginsDirectory(&cur, "PEPPERFLASH"))
|
|
||||||
return false;
|
|
||||||
cur = cur.Append(kPepperFlashBaseDirectory);
|
|
||||||
break;
|
|
||||||
@@ -358,7 +351,7 @@ bool PathProvider(int key, base::FilePath* result) {
|
|
||||||
cur = cur.DirName();
|
|
||||||
}
|
|
||||||
#else
|
|
||||||
- if (!GetInternalPluginsDirectory(&cur))
|
|
||||||
+ if (!GetInternalPluginsDirectory(&cur, "PNACL"))
|
|
||||||
return false;
|
|
||||||
#endif
|
|
||||||
cur = cur.Append(FILE_PATH_LITERAL("pnacl"));
|
|
|
@ -1,11 +0,0 @@
|
||||||
--- a/third_party/blink/renderer/platform/image-encoders/image_encoder.cc
|
|
||||||
+++ b/third_party/blink/renderer/platform/image-encoders/image_encoder.cc
|
|
||||||
@@ -13,7 +13,7 @@
|
|
||||||
|
|
||||||
#include "jpeglib.h" // for JPEG_MAX_DIMENSION
|
|
||||||
|
|
||||||
-#include "third_party/libwebp/src/webp/encode.h" // for WEBP_MAX_DIMENSION
|
|
||||||
+#define WEBP_MAX_DIMENSION 16383
|
|
||||||
|
|
||||||
namespace blink {
|
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
{
|
{
|
||||||
"85.0.4183.102" = {
|
"86.0.4240.111" = {
|
||||||
rev = "85.0.4183.102-1";
|
rev = "86.0.4240.111-1";
|
||||||
sha256 = "1mdx4a5zcs3an9yx1jxx4amq8p9rcj0hv76r8y7nz6cpsfgd9n3y";
|
sha256 = "0fkk0lxbvik8q8d5njxmwiam64qz5g74hlb56w24nh5mh1jm59a8";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,17 +1,17 @@
|
||||||
{
|
{
|
||||||
"stable": {
|
"stable": {
|
||||||
"version": "85.0.4183.102",
|
"version": "86.0.4240.111",
|
||||||
"sha256": "032yh1mfwins7a62zw8kwwq8xw1n52a0a93lqz7qlyjaf9sd8s4a",
|
"sha256": "05y7lwr89awkhvgmwkx3br9j4ap2aypg2wsc0nz8mi7kxc1dnyzj",
|
||||||
"sha256bin64": "1i8xaxxnmg80vsia8hxnq58qi9k5nnbrl80d6d23g9lb7dbc9cpm"
|
"sha256bin64": "10aqiiydw4i3jxnw8xxdgkgcqbfqc67n1fbrg40y54kg0v5dz8l6"
|
||||||
},
|
},
|
||||||
"beta": {
|
"beta": {
|
||||||
"version": "86.0.4240.30",
|
"version": "87.0.4280.27",
|
||||||
"sha256": "1isj0zngb72k1hhn3h0s8mccg1cdmppz1mjmg19f2h306farzmzl",
|
"sha256": "0w0asxj7jlsw69cssfia8km4q9cx1c2mliks2rmhf4jk0hsghasm",
|
||||||
"sha256bin64": "10d8im2adqqnkd6265gngv6xlm5qsz6r13z6cbbchsss0ssr8fxa"
|
"sha256bin64": "1lsx4mhy8nachfb8c9f3mrx5nqw2bi046dqirb4lnv7y80jjjs1k"
|
||||||
},
|
},
|
||||||
"dev": {
|
"dev": {
|
||||||
"version": "87.0.4252.0",
|
"version": "88.0.4298.4",
|
||||||
"sha256": "1lxlsdni63zh79hxvpwgmnfn67kgfzhz3yg9bkxghqchqykkz92y",
|
"sha256": "0ka11gmpkyrmifajaxm66c16hrj3xakdvhjqg04slyp2sv0nlhrl",
|
||||||
"sha256bin64": "130hf7b35wcxpw05ddbqq89x10c0kays1vb9qg6xhq3zx2mk6ijw"
|
"sha256bin64": "0768y31jqbl1znp7yp6mvl5j12xl1nwjkh2l8zdga81q0wz52hh6"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,24 +2,22 @@
|
||||||
|
|
||||||
buildGoModule rec {
|
buildGoModule rec {
|
||||||
pname = "argocd";
|
pname = "argocd";
|
||||||
version = "1.4.2";
|
version = "1.7.8";
|
||||||
commit = "48cced9d925b5bc94f6aa9fa4a8a19b2a59e128a";
|
commit = "ef5010c3a0b5e027fd642732d03c5b0391b1e574";
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "argoproj";
|
owner = "argoproj";
|
||||||
repo = "argo-cd";
|
repo = "argo-cd";
|
||||||
rev = "v${version}";
|
rev = "v${version}";
|
||||||
sha256 = "01vsyrks1k5yfvrarv8ia0isr7snilr21b7lfiy860si82r2r8hj";
|
sha256 = "1pwk6mzmlsx43c75wl5lglpxgc2jkgzra4443hwp6n0wfgzajfp4";
|
||||||
};
|
};
|
||||||
|
|
||||||
vendorSha256 = "0r2nh7v00m6zbdnhsgjn01q9pkiz41ckkqgfnpqmkxaqmjz31iyj";
|
vendorSha256 = "0c5gykijwjrq3cx9qg9hm5j7axccngc1kp5qj3429a2ilw80l8pl";
|
||||||
|
|
||||||
doCheck = false;
|
doCheck = false;
|
||||||
|
|
||||||
nativeBuildInputs = [ packr ];
|
nativeBuildInputs = [ packr ];
|
||||||
|
|
||||||
patches = [ ./use-go-module.patch ];
|
|
||||||
|
|
||||||
buildFlagsArray = ''
|
buildFlagsArray = ''
|
||||||
-ldflags=
|
-ldflags=
|
||||||
-X github.com/argoproj/argo-cd/common.version=${version}
|
-X github.com/argoproj/argo-cd/common.version=${version}
|
||||||
|
|
File diff suppressed because it is too large
Load diff
|
@ -222,6 +222,7 @@ let
|
||||||
in
|
in
|
||||||
stdenv.mkDerivation rec {
|
stdenv.mkDerivation rec {
|
||||||
name = "k3s";
|
name = "k3s";
|
||||||
|
version = k3sVersion;
|
||||||
|
|
||||||
# Important utilities used by the kubelet, see
|
# Important utilities used by the kubelet, see
|
||||||
# https://github.com/kubernetes/kubernetes/issues/26093#issuecomment-237202494
|
# https://github.com/kubernetes/kubernetes/issues/26093#issuecomment-237202494
|
||||||
|
|
|
@ -11,7 +11,7 @@
|
||||||
|
|
||||||
buildGoModule rec {
|
buildGoModule rec {
|
||||||
pname = "minikube";
|
pname = "minikube";
|
||||||
version = "1.14.1";
|
version = "1.14.2";
|
||||||
|
|
||||||
vendorSha256 = "057mlmja3mygfdf0cp0bcm0chq7s30bjcs5hqacwl6c79ivrjf89";
|
vendorSha256 = "057mlmja3mygfdf0cp0bcm0chq7s30bjcs5hqacwl6c79ivrjf89";
|
||||||
|
|
||||||
|
@ -21,7 +21,7 @@ buildGoModule rec {
|
||||||
owner = "kubernetes";
|
owner = "kubernetes";
|
||||||
repo = "minikube";
|
repo = "minikube";
|
||||||
rev = "v${version}";
|
rev = "v${version}";
|
||||||
sha256 = "000i30qsjx1h2x6b8vb5piq9lhjrz5hj9wza7gxsrzsf2z9rhryg";
|
sha256 = "1fidvfm9x3rbqfjn9zm5kx9smk94dmjm4gb98rrdmgsld5fg99xj";
|
||||||
};
|
};
|
||||||
|
|
||||||
nativeBuildInputs = [ go-bindata installShellFiles pkg-config which ];
|
nativeBuildInputs = [ go-bindata installShellFiles pkg-config which ];
|
||||||
|
|
|
@ -2,6 +2,6 @@
|
||||||
|
|
||||||
callPackage ./generic.nix {
|
callPackage ./generic.nix {
|
||||||
inherit buildGoPackage;
|
inherit buildGoPackage;
|
||||||
version = "0.11.4";
|
version = "0.11.6";
|
||||||
sha256 = "1sykp9sji6f564s7bz0cvnr9w5x92n0l1r1djf1bl7jvv2mi1mcb";
|
sha256 = "09ym9fd4fp2461ddhrb5nlz8l24iq4hsbqikzc21ainagq2g1azf";
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,6 +2,6 @@
|
||||||
|
|
||||||
callPackage ./generic.nix {
|
callPackage ./generic.nix {
|
||||||
inherit buildGoPackage;
|
inherit buildGoPackage;
|
||||||
version = "0.12.3";
|
version = "0.12.7";
|
||||||
sha256 = "100ynhc4nm4mmjxx1jhq2kjbqshxvi5x8y482520j8gsyn40g6zc";
|
sha256 = "0y1nwmpc4fqgjyb19n1f2w4y5k7fy4p68v2vnnry11nj3im7ia14";
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,16 +2,18 @@
|
||||||
|
|
||||||
buildGoModule rec {
|
buildGoModule rec {
|
||||||
pname = "starboard";
|
pname = "starboard";
|
||||||
version = "0.5.0";
|
version = "0.6.0";
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "aquasecurity";
|
owner = "aquasecurity";
|
||||||
repo = pname;
|
repo = pname;
|
||||||
rev = "v${version}";
|
rev = "v${version}";
|
||||||
sha256 = "12vfxnny3giirdf1xhacy24dvy5zm7iil6h019s0l63876vingnc";
|
sha256 = "00d3cnd3n6laa6rphw5w9xk8slpp4a603vzhixzg01sghq26gy22";
|
||||||
};
|
};
|
||||||
|
|
||||||
vendorSha256 = "0hj7h58j0v98plrqfldq59d084j76aiy82mfm8zi0vcqg6gxf4pb";
|
vendorSha256 = "0y816r75rp1a4rp7j0a8wzrfi2mdf4ji1vz2vaj5s7x9ik6rc13r";
|
||||||
|
|
||||||
|
subPackages = [ "cmd/starboard" ];
|
||||||
|
|
||||||
doCheck = false;
|
doCheck = false;
|
||||||
|
|
||||||
|
|
|
@ -7,7 +7,7 @@ let
|
||||||
|
|
||||||
# Please keep the version x.y.0.z and do not update to x.y.76.z because the
|
# Please keep the version x.y.0.z and do not update to x.y.76.z because the
|
||||||
# source of the latter disappears much faster.
|
# source of the latter disappears much faster.
|
||||||
version = "8.65.0.78";
|
version = "8.66.0.74";
|
||||||
|
|
||||||
rpath = stdenv.lib.makeLibraryPath [
|
rpath = stdenv.lib.makeLibraryPath [
|
||||||
alsaLib
|
alsaLib
|
||||||
|
@ -65,7 +65,7 @@ let
|
||||||
"https://mirror.cs.uchicago.edu/skype/pool/main/s/skypeforlinux/skypeforlinux_${version}_amd64.deb"
|
"https://mirror.cs.uchicago.edu/skype/pool/main/s/skypeforlinux/skypeforlinux_${version}_amd64.deb"
|
||||||
"https://web.archive.org/web/https://repo.skype.com/deb/pool/main/s/skypeforlinux/skypeforlinux_${version}_amd64.deb"
|
"https://web.archive.org/web/https://repo.skype.com/deb/pool/main/s/skypeforlinux/skypeforlinux_${version}_amd64.deb"
|
||||||
];
|
];
|
||||||
sha256 = "04qcpz3w2clpa23axh0xx68rm792d2l029r3wy1hfzbxd51z09lh";
|
sha256 = "11bpzr3j6fa5x62xrx2q2sr1wxjrn0a37053j4prxjcvdrc5in8f";
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
throw "Skype for linux is not supported on ${stdenv.hostPlatform.system}";
|
throw "Skype for linux is not supported on ${stdenv.hostPlatform.system}";
|
||||||
|
|
|
@ -39,9 +39,16 @@ let
|
||||||
throwSystem = throw "Unsupported system: ${system}";
|
throwSystem = throw "Unsupported system: ${system}";
|
||||||
|
|
||||||
pname = "slack";
|
pname = "slack";
|
||||||
|
|
||||||
|
x86_64-darwin-version = "4.10.3";
|
||||||
|
x86_64-darwin-sha256 = "0r77l57vr603xamich4h4gbdd5vdcj0sjs6yjpymfx9s0f98v8bb";
|
||||||
|
|
||||||
|
x86_64-linux-version = "4.10.3";
|
||||||
|
x86_64-linux-sha256 = "1gnjj2iyk8cwjajg8h9qpmzx10j4qjxjzciq8csg45qfzwkr3drf";
|
||||||
|
|
||||||
version = {
|
version = {
|
||||||
x86_64-darwin = "4.10.3";
|
x86_64-darwin = x86_64-darwin-version;
|
||||||
x86_64-linux = "4.10.3";
|
x86_64-linux = x86_64-linux-version;
|
||||||
}.${system} or throwSystem;
|
}.${system} or throwSystem;
|
||||||
|
|
||||||
src = let
|
src = let
|
||||||
|
@ -49,11 +56,11 @@ let
|
||||||
in {
|
in {
|
||||||
x86_64-darwin = fetchurl {
|
x86_64-darwin = fetchurl {
|
||||||
url = "${base}/releases/macos/${version}/prod/x64/Slack-${version}-macOS.dmg";
|
url = "${base}/releases/macos/${version}/prod/x64/Slack-${version}-macOS.dmg";
|
||||||
sha256 = "0r77l57vr603xamich4h4gbdd5vdcj0sjs6yjpymfx9s0f98v8bb";
|
sha256 = x86_64-darwin-sha256;
|
||||||
};
|
};
|
||||||
x86_64-linux = fetchurl {
|
x86_64-linux = fetchurl {
|
||||||
url = "${base}/linux_releases/slack-desktop-${version}-amd64.deb";
|
url = "${base}/linux_releases/slack-desktop-${version}-amd64.deb";
|
||||||
sha256 = "1gnjj2iyk8cwjajg8h9qpmzx10j4qjxjzciq8csg45qfzwkr3drf";
|
sha256 = x86_64-linux-sha256;
|
||||||
};
|
};
|
||||||
}.${system} or throwSystem;
|
}.${system} or throwSystem;
|
||||||
|
|
||||||
|
@ -68,6 +75,8 @@ let
|
||||||
linux = stdenv.mkDerivation rec {
|
linux = stdenv.mkDerivation rec {
|
||||||
inherit pname version src meta;
|
inherit pname version src meta;
|
||||||
|
|
||||||
|
passthru.updateScript = ./update.sh;
|
||||||
|
|
||||||
rpath = stdenv.lib.makeLibraryPath [
|
rpath = stdenv.lib.makeLibraryPath [
|
||||||
alsaLib
|
alsaLib
|
||||||
at-spi2-atk
|
at-spi2-atk
|
||||||
|
@ -152,6 +161,8 @@ let
|
||||||
darwin = stdenv.mkDerivation {
|
darwin = stdenv.mkDerivation {
|
||||||
inherit pname version src meta;
|
inherit pname version src meta;
|
||||||
|
|
||||||
|
passthru.updateScript = ./update.sh;
|
||||||
|
|
||||||
nativeBuildInputs = [ undmg ];
|
nativeBuildInputs = [ undmg ];
|
||||||
|
|
||||||
sourceRoot = "Slack.app";
|
sourceRoot = "Slack.app";
|
||||||
|
|
41
pkgs/applications/networking/instant-messengers/slack/update.sh
Executable file
41
pkgs/applications/networking/instant-messengers/slack/update.sh
Executable file
|
@ -0,0 +1,41 @@
|
||||||
|
#!/usr/bin/env nix-shell
|
||||||
|
#! nix-shell -i bash -p curl gnused
|
||||||
|
|
||||||
|
set -eou pipefail
|
||||||
|
|
||||||
|
latest_linux_version=$(curl --silent https://slack.com/downloads/linux | sed -n 's/.*Version \([0-9\.]\+\).*/\1/p')
|
||||||
|
latest_mac_version=$(curl --silent https://slack.com/downloads/mac | sed -n 's/.*Version \([0-9\.]\+\).*/\1/p')
|
||||||
|
|
||||||
|
# Double check that the latest mac and linux versions are in sync.
|
||||||
|
if [[ "$latest_linux_version" != "$latest_mac_version" ]]; then
|
||||||
|
echo "the latest linux ($latest_linux_version) and mac ($latest_mac_version) versions are not the same"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
nixpkgs="$(git rev-parse --show-toplevel)"
|
||||||
|
slack_nix="$nixpkgs/pkgs/applications/networking/instant-messengers/slack/default.nix"
|
||||||
|
nixpkgs_linux_version=$(cat "$slack_nix" | sed -n 's/.*x86_64-linux-version = \"\([0-9\.]\+\)\";.*/\1/p')
|
||||||
|
nixpkgs_mac_version=$(cat "$slack_nix" | sed -n 's/.*x86_64-darwin-version = \"\([0-9\.]\+\)\";.*/\1/p')
|
||||||
|
|
||||||
|
if [[ "$nixpkgs_linux_version" == "$latest_linux_version" && "$nixpkgs_mac_version" == "$latest_mac_version" ]]; then
|
||||||
|
echo "nixpkgs versions are all up to date!"
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
linux_url="https://downloads.slack-edge.com/linux_releases/slack-desktop-${latest_linux_version}-amd64.deb"
|
||||||
|
mac_url="https://downloads.slack-edge.com/releases/macos/${latest_mac_version}/prod/x64/Slack-${latest_mac_version}-macOS.dmg"
|
||||||
|
linux_sha256=$(nix-prefetch-url ${linux_url})
|
||||||
|
mac_sha256=$(nix-prefetch-url ${mac_url})
|
||||||
|
|
||||||
|
sed -i "s/x86_64-linux-version = \".*\"/x86_64-linux-version = \"${latest_linux_version}\"/" "$slack_nix"
|
||||||
|
sed -i "s/x86_64-darwin-version = \".*\"/x86_64-darwin-version = \"${latest_mac_version}\"/" "$slack_nix"
|
||||||
|
sed -i "s/x86_64-linux-sha256 = \".*\"/x86_64-linux-sha256 = \"${linux_sha256}\"/" "$slack_nix"
|
||||||
|
sed -i "s/x86_64-darwin-sha256 = \".*\"/x86_64-darwin-sha256 = \"${mac_sha256}\"/" "$slack_nix"
|
||||||
|
|
||||||
|
if ! nix-build -A slack "$nixpkgs"; then
|
||||||
|
echo "The updated slack failed to build."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "Successfully updated"
|
||||||
|
echo "slack: $nixpkgs_linux_version -> $latest_linux_version"
|
|
@ -47,7 +47,7 @@ stdenv.mkDerivation rec {
|
||||||
mv share $out/share
|
mv share $out/share
|
||||||
|
|
||||||
substituteInPlace $out/share/applications/teams.desktop \
|
substituteInPlace $out/share/applications/teams.desktop \
|
||||||
--replace /usr/bin/ $out/bin/
|
--replace /usr/bin/ ""
|
||||||
|
|
||||||
ln -s $out/opt/teams/teams $out/bin/
|
ln -s $out/opt/teams/teams $out/bin/
|
||||||
|
|
||||||
|
|
|
@ -22,12 +22,12 @@ let
|
||||||
|
|
||||||
in mkDerivation rec {
|
in mkDerivation rec {
|
||||||
pname = "telegram-desktop";
|
pname = "telegram-desktop";
|
||||||
version = "2.4.6";
|
version = "2.4.7";
|
||||||
|
|
||||||
# Telegram-Desktop with submodules
|
# Telegram-Desktop with submodules
|
||||||
src = fetchurl {
|
src = fetchurl {
|
||||||
url = "https://github.com/telegramdesktop/tdesktop/releases/download/v${version}/tdesktop-${version}-full.tar.gz";
|
url = "https://github.com/telegramdesktop/tdesktop/releases/download/v${version}/tdesktop-${version}-full.tar.gz";
|
||||||
sha256 = "190k9ik678br5k892gj26bx4rbj5rn5ks4qgf2nrlgww0z59fvrc";
|
sha256 = "1j2v29952l0am357pqvvgzm2zghmwhlr833kgp85hssxpr9xy4vv";
|
||||||
};
|
};
|
||||||
|
|
||||||
postPatch = ''
|
postPatch = ''
|
||||||
|
|
|
@ -22,13 +22,13 @@ let
|
||||||
pname = "wire-desktop";
|
pname = "wire-desktop";
|
||||||
|
|
||||||
version = {
|
version = {
|
||||||
x86_64-darwin = "3.20.3912";
|
x86_64-darwin = "3.21.3959";
|
||||||
x86_64-linux = "3.20.2934";
|
x86_64-linux = "3.21.2936";
|
||||||
}.${system} or throwSystem;
|
}.${system} or throwSystem;
|
||||||
|
|
||||||
sha256 = {
|
sha256 = {
|
||||||
x86_64-darwin = "1crkdqzq3iccxbrqlrar4ai43qzjsgd4hvcajgzmz2y33f30xgqr";
|
x86_64-darwin = "0fgzzqf1wnkjbcr0j0vjn6sggkz0z1kx6w4gi7gk4c4markdicm1";
|
||||||
x86_64-linux = "0z6vrhzrhrrnl3swjbxrbl1dhk2fx86s45n2z2in2shdlv08dcx7";
|
x86_64-linux = "033804nkz1fdmq3p8iplrlx708x1fjlr09bmrpy36lqg5h7m3yd6";
|
||||||
}.${system} or throwSystem;
|
}.${system} or throwSystem;
|
||||||
|
|
||||||
meta = with stdenv.lib; {
|
meta = with stdenv.lib; {
|
||||||
|
|
|
@ -0,0 +1,76 @@
|
||||||
|
{ lib
|
||||||
|
, fetchFromGitLab
|
||||||
|
, gettext
|
||||||
|
, gtk3
|
||||||
|
, python3Packages
|
||||||
|
, gdk-pixbuf
|
||||||
|
, libnotify
|
||||||
|
, gst_all_1
|
||||||
|
, libsecret
|
||||||
|
, wrapGAppsHook
|
||||||
|
, gsettings-desktop-schemas
|
||||||
|
, gnome-online-accounts
|
||||||
|
, glib
|
||||||
|
, gobject-introspection
|
||||||
|
, folks
|
||||||
|
}:
|
||||||
|
|
||||||
|
python3Packages.buildPythonApplication rec {
|
||||||
|
pname = "bubblemail";
|
||||||
|
version = "1.3";
|
||||||
|
|
||||||
|
src = fetchFromGitLab {
|
||||||
|
domain = "framagit.org";
|
||||||
|
owner = "razer";
|
||||||
|
repo = "bubblemail";
|
||||||
|
rev = "v${version}";
|
||||||
|
sha256 = "FEIdEoZBlM28F5kSMoln7KACwetb8hp+qix1P+DIE8k=";
|
||||||
|
};
|
||||||
|
|
||||||
|
buildInputs = [
|
||||||
|
gtk3
|
||||||
|
gdk-pixbuf
|
||||||
|
glib
|
||||||
|
libnotify
|
||||||
|
gst_all_1.gstreamer
|
||||||
|
gst_all_1.gst-plugins-base
|
||||||
|
gst_all_1.gst-plugins-good
|
||||||
|
gst_all_1.gst-plugins-bad
|
||||||
|
libsecret
|
||||||
|
gnome-online-accounts
|
||||||
|
folks
|
||||||
|
];
|
||||||
|
|
||||||
|
nativeBuildInputs = [
|
||||||
|
gettext
|
||||||
|
wrapGAppsHook
|
||||||
|
python3Packages.pillow
|
||||||
|
# For setup-hook
|
||||||
|
gobject-introspection
|
||||||
|
];
|
||||||
|
|
||||||
|
propagatedBuildInputs = with python3Packages; [
|
||||||
|
gsettings-desktop-schemas
|
||||||
|
pygobject3
|
||||||
|
dbus-python
|
||||||
|
pyxdg
|
||||||
|
];
|
||||||
|
|
||||||
|
# See https://nixos.org/nixpkgs/manual/#ssec-gnome-common-issues-double-wrapped
|
||||||
|
dontWrapGApps = true;
|
||||||
|
|
||||||
|
# https://github.com/NixOS/nixpkgs/issues/56943
|
||||||
|
strictDeps = false;
|
||||||
|
|
||||||
|
preFixup = ''
|
||||||
|
makeWrapperArgs+=("''${gappsWrapperArgs[@]}")
|
||||||
|
'';
|
||||||
|
|
||||||
|
meta = with lib; {
|
||||||
|
description = "An extensible mail notification service.";
|
||||||
|
homepage = "http://bubblemail.free.fr/";
|
||||||
|
license = licenses.gpl2Plus;
|
||||||
|
platforms = platforms.linux;
|
||||||
|
maintainers = with maintainers; [ doronbehar ];
|
||||||
|
};
|
||||||
|
}
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue