Merge staging-next into staging

This commit is contained in:
github-actions[bot] 2022-01-05 00:02:28 +00:00 committed by GitHub
commit a738715d80
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
79 changed files with 756 additions and 196 deletions

View file

@ -177,7 +177,7 @@ rec {
docOption = rec {
loc = opt.loc;
name = showOption opt.loc;
description = opt.description or (lib.warn "Option `${name}' has no description." "This option has no description.");
description = opt.description or null;
declarations = filter (x: x != unknownModule) opt.declarations;
internal = opt.internal or false;
visible =

View file

@ -11617,6 +11617,12 @@
githubId = 2389333;
name = "Andy Tockman";
};
techknowlogick = {
email = "techknowlogick@gitea.io";
github = "techknowlogick";
githubId = 164197;
name = "techknowlogick";
};
Technical27 = {
email = "38222826+Technical27@users.noreply.github.com";
github = "Technical27";
@ -12671,6 +12677,12 @@
email = "tim.williams.public@gmail.com";
name = "Tim Philip Williams";
};
willcohen = {
email = "willcohen@users.noreply.github.com";
github = "willcohen";
githubId = 5185341;
name = "Will Cohen";
};
winden = {
email = "windenntw@gmail.com";
name = "Antonio Vargas Gonzalez";

View file

@ -1,4 +1,13 @@
{ pkgs, options, config, version, revision, extraSources ? [] }:
{ pkgs
, options
, config
, version
, revision
, extraSources ? []
, baseOptionsJSON ? null
, warningsAreErrors ? true
, prefix ? ../../..
}:
with pkgs;
@ -11,11 +20,11 @@ let
#
# E.g. if some `options` came from modules in ${pkgs.customModules}/nix,
# you'd need to include `extraSources = [ pkgs.customModules ]`
prefixesToStrip = map (p: "${toString p}/") ([ ../../.. ] ++ extraSources);
prefixesToStrip = map (p: "${toString p}/") ([ prefix ] ++ extraSources);
stripAnyPrefixes = lib.flip (lib.foldr lib.removePrefix) prefixesToStrip;
optionsDoc = buildPackages.nixosOptionsDoc {
inherit options revision;
inherit options revision baseOptionsJSON warningsAreErrors;
transformOptions = opt: opt // {
# Clean up declaration sites to not refer to the NixOS source tree.
declarations = map stripAnyPrefixes opt.declarations;
@ -161,7 +170,7 @@ let
in rec {
inherit generatedSources;
inherit (optionsDoc) optionsJSON optionsDocBook;
inherit (optionsDoc) optionsJSON optionsNix optionsDocBook;
# Generate the NixOS manual.
manualHTML = runCommand "nixos-manual-html"

View file

@ -5,7 +5,7 @@ extra information. Module meta attributes are defined in the `meta.nix`
special module.
`meta` is a top level attribute like `options` and `config`. Available
meta-attributes are `maintainers` and `doc`.
meta-attributes are `maintainers`, `doc`, and `buildDocsInSandbox`.
Each of the meta-attributes must be defined at most once per module
file.
@ -24,6 +24,7 @@ file.
meta = {
maintainers = with lib.maintainers; [ ericsagnes ];
doc = ./default.xml;
buildDocsInSandbox = true;
};
}
```
@ -38,3 +39,28 @@ file.
```ShellSession
$ nix-build nixos/release.nix -A manual.x86_64-linux
```
- `buildDocsInSandbox` indicates whether the option documentation for the
module can be built in a derivation sandbox. This option is currently only
honored for modules shipped by nixpkgs. User modules and modules taken from
`NIXOS_EXTRA_MODULE_PATH` are always built outside of the sandbox, as has
been the case in previous releases.
Building NixOS option documentation in a sandbox allows caching of the built
documentation, which greatly decreases the amount of time needed to evaluate
a system configuration that has NixOS documentation enabled. The sandbox also
restricts which attributes may be referenced by documentation attributes
(such as option descriptions) to the `options` and `lib` module arguments and
the `pkgs.formats` attribute of the `pkgs` argument, `config` and the rest of
`pkgs` are disallowed and will cause doc build failures when used. This
restriction is necessary because we cannot reproduce the full nixpkgs
instantiation with configuration and overlays from a system configuration
inside the sandbox. The `options` argument only includes options of modules
that are also built inside the sandbox, referencing an option of a module
that isn't built in the sandbox is also forbidden.
The default is `true` and should usually not be changed; set it to `false`
only if the module requires access to `pkgs` in its documentation (e.g.
because it loads information from a linked package to build an option type)
or if its documentation depends on other modules that also aren't sandboxed
(e.g. by using types defined in the other module).

View file

@ -8,8 +8,8 @@
<para>
<literal>meta</literal> is a top level attribute like
<literal>options</literal> and <literal>config</literal>. Available
meta-attributes are <literal>maintainers</literal> and
<literal>doc</literal>.
meta-attributes are <literal>maintainers</literal>,
<literal>doc</literal>, and <literal>buildDocsInSandbox</literal>.
</para>
<para>
Each of the meta-attributes must be defined at most once per module
@ -29,6 +29,7 @@
meta = {
maintainers = with lib.maintainers; [ ericsagnes ];
doc = ./default.xml;
buildDocsInSandbox = true;
};
}
</programlisting>
@ -51,5 +52,44 @@
$ nix-build nixos/release.nix -A manual.x86_64-linux
</programlisting>
</listitem>
<listitem>
<para>
<literal>buildDocsInSandbox</literal> indicates whether the
option documentation for the module can be built in a derivation
sandbox. This option is currently only honored for modules
shipped by nixpkgs. User modules and modules taken from
<literal>NIXOS_EXTRA_MODULE_PATH</literal> are always built
outside of the sandbox, as has been the case in previous
releases.
</para>
<para>
Building NixOS option documentation in a sandbox allows caching
of the built documentation, which greatly decreases the amount
of time needed to evaluate a system configuration that has NixOS
documentation enabled. The sandbox also restricts which
attributes may be referenced by documentation attributes (such
as option descriptions) to the <literal>options</literal> and
<literal>lib</literal> module arguments and the
<literal>pkgs.formats</literal> attribute of the
<literal>pkgs</literal> argument, <literal>config</literal> and
the rest of <literal>pkgs</literal> are disallowed and will
cause doc build failures when used. This restriction is
necessary because we cannot reproduce the full nixpkgs
instantiation with configuration and overlays from a system
configuration inside the sandbox. The <literal>options</literal>
argument only includes options of modules that are also built
inside the sandbox, referencing an option of a module that isnt
built in the sandbox is also forbidden.
</para>
<para>
The default is <literal>true</literal> and should usually not be
changed; set it to <literal>false</literal> only if the module
requires access to <literal>pkgs</literal> in its documentation
(e.g. because it loads information from a linked package to
build an option type) or if its documentation depends on other
modules that also arent sandboxed (e.g. by using types defined
in the other module).
</para>
</listitem>
</itemizedlist>
</section>

View file

@ -0,0 +1,53 @@
{ libPath
, pkgsLibPath
, nixosPath
, modules
, stateVersion
, release
}:
let
lib = import libPath;
modulesPath = "${nixosPath}/modules";
# dummy pkgs set that contains no packages, only `pkgs.lib` from the full set.
# not having `pkgs.lib` causes all users of `pkgs.formats` to fail.
pkgs = import pkgsLibPath {
inherit lib;
pkgs = null;
};
utils = import "${nixosPath}/lib/utils.nix" {
inherit config lib;
pkgs = null;
};
# this is used both as a module and as specialArgs.
# as a module it sets the _module special values, as specialArgs it makes `config`
# unusable. this causes documentation attributes depending on `config` to fail.
config = {
_module.check = false;
_module.args = {};
system.stateVersion = stateVersion;
};
eval = lib.evalModules {
modules = (map (m: "${modulesPath}/${m}") modules) ++ [
config
];
specialArgs = {
inherit config pkgs utils;
};
};
docs = import "${nixosPath}/doc/manual" {
pkgs = pkgs // {
inherit lib;
# duplicate of the declaration in all-packages.nix
buildPackages.nixosOptionsDoc = attrs:
(import "${nixosPath}/lib/make-options-doc")
({ inherit pkgs lib; } // attrs);
};
config = config.config;
options = eval.options;
version = release;
revision = "release-${release}";
prefix = modulesPath;
};
in
docs.optionsNix

View file

@ -21,6 +21,13 @@
, options
, transformOptions ? lib.id # function for additional tranformations of the options
, revision ? "" # Specify revision for the options
# a set of options the docs we are generating will be merged into, as if by recursiveUpdate.
# used to split the options doc build into a static part (nixos/modules) and a dynamic part
# (non-nixos modules imported via configuration.nix, other module sources).
, baseOptionsJSON ? null
# instead of printing warnings for eg options with missing descriptions (which may be lost
# by nix build unless -L is given), emit errors instead and fail the build
, warningsAreErrors ? true
}:
let
@ -51,10 +58,15 @@ let
# ../../../lib/options.nix influences.
#
# Each element of `relatedPackages` can be either
# - a string: that will be interpreted as an attribute name from `pkgs`,
# - a list: that will be interpreted as an attribute path from `pkgs`,
# - an attrset: that can specify `name`, `path`, `package`, `comment`
# - a string: that will be interpreted as an attribute name from `pkgs` and turned into a link
# to search.nixos.org,
# - a list: that will be interpreted as an attribute path from `pkgs` and turned into a link
# to search.nixos.org,
# - an attrset: that can specify `name`, `path`, `comment`
# (either of `name`, `path` is required, the rest are optional).
#
# NOTE: No checks against `pkgs` are made to ensure that the referenced package actually exists.
# Such checks are not compatible with option docs caching.
genRelatedPackages = packages: optName:
let
unpack = p: if lib.isString p then { name = p; }
@ -64,16 +76,16 @@ let
let
title = args.title or null;
name = args.name or (lib.concatStringsSep "." args.path);
path = args.path or [ args.name ];
package = args.package or (lib.attrByPath path (throw "Invalid package attribute path `${toString path}' found while evaluating `relatedPackages' of option `${optName}'") pkgs);
in "<listitem>"
+ "<para><literal>${lib.optionalString (title != null) "${title} aka "}pkgs.${name} (${package.meta.name})</literal>"
+ lib.optionalString (!package.meta.available) " <emphasis>[UNAVAILABLE]</emphasis>"
+ ": ${package.meta.description or "???"}.</para>"
+ lib.optionalString (args ? comment) "\n<para>${args.comment}</para>"
# Lots of `longDescription's break DocBook, so we just wrap them into <programlisting>
+ lib.optionalString (package.meta ? longDescription) "\n<programlisting>${package.meta.longDescription}</programlisting>"
+ "</listitem>";
in ''
<listitem>
<para>
<link xlink:href="https://search.nixos.org/packages?show=${name}&amp;sort=relevance&amp;query=${name}">
<literal>${lib.optionalString (title != null) "${title} aka "}pkgs.${name}</literal>
</link>
</para>
${lib.optionalString (args ? comment) "<para>${args.comment}</para>"}
</listitem>
'';
in "<itemizedlist>${lib.concatStringsSep "\n" (map (p: describe (unpack p)) packages)}</itemizedlist>";
# Remove invisible and internal options.
@ -99,13 +111,24 @@ in rec {
optionsJSON = pkgs.runCommand "options.json"
{ meta.description = "List of NixOS options in JSON format";
buildInputs = [ pkgs.brotli ];
options = builtins.toFile "options.json"
(builtins.unsafeDiscardStringContext (builtins.toJSON optionsNix));
}
''
# Export list of options in different format.
dst=$out/share/doc/nixos
mkdir -p $dst
cp ${builtins.toFile "options.json" (builtins.unsafeDiscardStringContext (builtins.toJSON optionsNix))} $dst/options.json
${
if baseOptionsJSON == null
then "cp $options $dst/options.json"
else ''
${pkgs.python3Minimal}/bin/python ${./mergeJSON.py} \
${lib.optionalString warningsAreErrors "--warnings-are-errors"} \
${baseOptionsJSON} $options \
> $dst/options.json
''
}
brotli -9 < $dst/options.json > $dst/options.json.br

View file

@ -0,0 +1,86 @@
import collections
import json
import sys
from typing import Any, Dict, List
JSON = Dict[str, Any]
class Key:
def __init__(self, path: List[str]):
self.path = path
def __hash__(self):
result = 0
for id in self.path:
result ^= hash(id)
return result
def __eq__(self, other):
return type(self) is type(other) and self.path == other.path
Option = collections.namedtuple('Option', ['name', 'value'])
# pivot a dict of options keyed by their display name to a dict keyed by their path
def pivot(options: Dict[str, JSON]) -> Dict[Key, Option]:
result: Dict[Key, Option] = dict()
for (name, opt) in options.items():
result[Key(opt['loc'])] = Option(name, opt)
return result
# pivot back to indexed-by-full-name
# like the docbook build we'll just fail if multiple options with differing locs
# render to the same option name.
def unpivot(options: Dict[Key, Option]) -> Dict[str, JSON]:
result: Dict[str, Dict] = dict()
for (key, opt) in options.items():
if opt.name in result:
raise RuntimeError(
'multiple options with colliding ids found',
opt.name,
result[opt.name]['loc'],
opt.value['loc'],
)
result[opt.name] = opt.value
return result
warningsAreErrors = sys.argv[1] == "--warnings-are-errors"
optOffset = 1 if warningsAreErrors else 0
options = pivot(json.load(open(sys.argv[1 + optOffset], 'r')))
overrides = pivot(json.load(open(sys.argv[2 + optOffset], 'r')))
# fix up declaration paths in lazy options, since we don't eval them from a full nixpkgs dir
for (k, v) in options.items():
v.value['declarations'] = list(map(lambda s: f'nixos/modules/{s}', v.value['declarations']))
# merge both descriptions
for (k, v) in overrides.items():
cur = options.setdefault(k, v).value
for (ok, ov) in v.value.items():
if ok == 'declarations':
decls = cur[ok]
for d in ov:
if d not in decls:
decls += [d]
elif ok == "type":
# ignore types of placeholder options
if ov != "_unspecified" or cur[ok] == "_unspecified":
cur[ok] = ov
elif ov is not None or cur.get(ok, None) is None:
cur[ok] = ov
# check that every option has a description
hasWarnings = False
for (k, v) in options.items():
if v.value.get('description', None) is None:
severity = "error" if warningsAreErrors else "warning"
hasWarnings = True
print(f"\x1b[1;31m{severity}: option {v.name} has no description\x1b[0m", file=sys.stderr)
v.value['description'] = "This option has no description."
if hasWarnings and warningsAreErrors:
print(
"\x1b[1;31m" +
"Treating warnings as errors. Set documentation.nixos.options.warningsAreErrors " +
"to false to ignore these warnings." +
"\x1b[0m",
file=sys.stderr)
sys.exit(1)
json.dump(unpivot(options), fp=sys.stdout)

View file

@ -40,4 +40,7 @@ in
};
services.xserver.displayManager.sessionCommands = "${fcitxPackage}/bin/fcitx";
};
# uses attributes of the linked package
meta.buildDocsInSandbox = false;
}

View file

@ -80,4 +80,7 @@ in
ibusPackage
];
};
# uses attributes of the linked package
meta.buildDocsInSandbox = false;
}

View file

@ -45,5 +45,7 @@ in
environment.etc."xdg/kime/config.yaml".text = replaceStrings [ "\\\\" ] [ "\\" ] (builtins.toJSON cfg.config);
};
}
# uses attributes of the linked package
meta.buildDocsInSandbox = false;
}

View file

@ -1,19 +1,35 @@
{ config, lib, pkgs, extendModules, noUserModules, ... }:
{ config, options, lib, pkgs, utils, modules, baseModules, extraModules, modulesPath, ... }:
with lib;
let
cfg = config.documentation;
allOpts = options;
/* Modules for which to show options even when not imported. */
extraDocModules = [ ../virtualisation/qemu-vm.nix ];
/* For the purpose of generating docs, evaluate options with each derivation
in `pkgs` (recursively) replaced by a fake with path "\${pkgs.attribute.path}".
It isn't perfect, but it seems to cover a vast majority of use cases.
Caveat: even if the package is reached by a different means,
the path above will be shown and not e.g. `${config.services.foo.package}`. */
canCacheDocs = m:
let
f = import m;
instance = f (mapAttrs (n: _: abort "evaluating ${n} for `meta` failed") (functionArgs f));
in
cfg.nixos.options.splitBuild
&& builtins.isPath m
&& isFunction f
&& instance ? options
&& instance.meta.buildDocsInSandbox or true;
docModules =
let
p = partition canCacheDocs (baseModules ++ extraDocModules);
in
{
lazy = p.right;
eager = p.wrong ++ optionals cfg.nixos.includeAllModules (extraModules ++ modules);
};
manual = import ../../doc/manual rec {
inherit pkgs config;
version = config.system.nixos.release;
@ -21,10 +37,17 @@ let
extraSources = cfg.nixos.extraModuleSources;
options =
let
extendNixOS = if cfg.nixos.includeAllModules then extendModules else noUserModules.extendModules;
scrubbedEval = extendNixOS {
modules = extraDocModules;
specialArgs.pkgs = scrubDerivations "pkgs" pkgs;
scrubbedEval = evalModules {
modules = [ {
_module.check = false;
} ] ++ docModules.eager;
specialArgs = {
pkgs = scrubDerivations "pkgs" pkgs;
# allow access to arbitrary options for eager modules, eg for getting
# option types from lazy modules
options = allOpts;
inherit modulesPath utils;
};
};
scrubDerivations = namePrefix: pkgSet: mapAttrs
(name: value:
@ -36,6 +59,53 @@ let
)
pkgSet;
in scrubbedEval.options;
baseOptionsJSON =
let
filter =
builtins.filterSource
(n: t:
(t == "directory" -> baseNameOf n != "tests")
&& (t == "file" -> hasSuffix ".nix" n)
);
pull = dir:
if isStorePath pkgs.path
then "${builtins.storePath pkgs.path}/${dir}"
else filter "${toString pkgs.path}/${dir}";
in
pkgs.runCommand "lazy-options.json" {
libPath = pull "lib";
pkgsLibPath = pull "pkgs/pkgs-lib";
nixosPath = pull "nixos";
modules = map (p: ''"${removePrefix "${modulesPath}/" (toString p)}"'') docModules.lazy;
} ''
export NIX_STORE_DIR=$TMPDIR/store
export NIX_STATE_DIR=$TMPDIR/state
${pkgs.nix}/bin/nix-instantiate \
--show-trace \
--eval --json --strict \
--argstr libPath "$libPath" \
--argstr pkgsLibPath "$pkgsLibPath" \
--argstr nixosPath "$nixosPath" \
--arg modules "[ $modules ]" \
--argstr stateVersion "${options.system.stateVersion.default}" \
--argstr release "${config.system.nixos.release}" \
$nixosPath/lib/eval-cacheable-options.nix > $out \
|| {
echo -en "\e[1;31m"
echo 'Cacheable portion of option doc build failed.'
echo 'Usually this means that an option attribute that ends up in documentation (eg' \
'`default` or `description`) depends on the restricted module arguments' \
'`config` or `pkgs`.'
echo
echo 'Rebuild your configuration with `--show-trace` to find the offending' \
'location. Remove the references to restricted arguments (eg by escaping' \
'their antiquotations or adding a `defaultText`) or disable the sandboxed' \
'build for the failing module by setting `meta.buildDocsInSandbox = false`.'
echo -en "\e[0m"
exit 1
} >&2
'';
inherit (cfg.nixos.options) warningsAreErrors;
};
@ -178,6 +248,25 @@ in
'';
};
nixos.options.splitBuild = mkOption {
type = types.bool;
default = true;
description = ''
Whether to split the option docs build into a cacheable and an uncacheable part.
Splitting the build can substantially decrease the amount of time needed to build
the manual, but some user modules may be incompatible with this splitting.
'';
};
nixos.options.warningsAreErrors = mkOption {
type = types.bool;
default = true;
description = ''
Treat warning emitted during the option documentation build (eg for missing option
descriptions) as errors.
'';
};
nixos.includeAllModules = mkOption {
type = types.bool;
default = false;

View file

@ -54,6 +54,21 @@ in
'';
};
buildDocsInSandbox = mkOption {
type = types.bool // {
merge = loc: defs: defs;
};
internal = true;
default = true;
description = ''
Whether to include this module in the split options doc build.
Disable if the module references `config`, `pkgs` or other module
arguments that cannot be evaluated as constants.
This option should be defined at most once per module.
'';
};
};
};

View file

@ -248,4 +248,7 @@ in
)
];
};
# needs a full nixpkgs path to import nixpkgs
meta.buildDocsInSandbox = false;
}

View file

@ -119,4 +119,6 @@ in
};
# uses version info nixpkgs, which requires a full nixpkgs path
meta.buildDocsInSandbox = false;
}

View file

@ -149,4 +149,6 @@ in
];
};
# uses attributes of the linked package
meta.buildDocsInSandbox = false;
}

View file

@ -51,7 +51,10 @@ let
datasetOptions = rec {
use_template = mkOption {
description = "Names of the templates to use for this dataset.";
type = types.listOf (types.enum (attrNames cfg.templates));
type = types.listOf (types.str // {
check = (types.enum (attrNames cfg.templates)).check;
description = "configured template name";
});
default = [ ];
};
useTemplate = use_template;

View file

@ -6,6 +6,7 @@ let
top = config.services.kubernetes;
otop = options.services.kubernetes;
cfg = top.controllerManager;
klib = options.services.kubernetes.lib.default;
in
{
imports = [
@ -56,7 +57,7 @@ in
type = int;
};
kubeconfig = top.lib.mkKubeConfigOptions "Kubernetes controller manager";
kubeconfig = klib.mkKubeConfigOptions "Kubernetes controller manager";
leaderElect = mkOption {
description = "Whether to start leader election before executing main loop.";
@ -129,7 +130,7 @@ in
"--cluster-cidr=${cfg.clusterCidr}"} \
${optionalString (cfg.featureGates != [])
"--feature-gates=${concatMapStringsSep "," (feature: "${feature}=true") cfg.featureGates}"} \
--kubeconfig=${top.lib.mkKubeConfig "kube-controller-manager" cfg.kubeconfig} \
--kubeconfig=${klib.mkKubeConfig "kube-controller-manager" cfg.kubeconfig} \
--leader-elect=${boolToString cfg.leaderElect} \
${optionalString (cfg.rootCaFile!=null)
"--root-ca-file=${cfg.rootCaFile}"} \
@ -156,7 +157,7 @@ in
path = top.path;
};
services.kubernetes.pki.certs = with top.lib; {
services.kubernetes.pki.certs = with klib; {
controllerManager = mkCert {
name = "kube-controller-manager";
CN = "kube-controller-manager";

View file

@ -193,12 +193,17 @@ in {
inherit mkKubeConfigOptions;
};
type = types.attrs;
readOnly = true;
internal = true;
};
secretsPath = mkOption {
description = "Default location for kubernetes secrets. Not a store location.";
type = types.path;
default = cfg.dataDir + "/secrets";
defaultText = literalExpression ''
config.${opt.dataDir} + "/secrets"
'';
};
};

View file

@ -6,6 +6,7 @@ let
top = config.services.kubernetes;
otop = options.services.kubernetes;
cfg = top.kubelet;
klib = options.services.kubernetes.lib.default;
cniConfig =
if cfg.cni.config != [] && cfg.cni.configDir != null then
@ -27,7 +28,7 @@ let
config.Cmd = ["/bin/pause"];
};
kubeconfig = top.lib.mkKubeConfig "kubelet" cfg.kubeconfig;
kubeconfig = klib.mkKubeConfig "kubelet" cfg.kubeconfig;
manifestPath = "kubernetes/manifests";
@ -177,7 +178,7 @@ in
type = str;
};
kubeconfig = top.lib.mkKubeConfigOptions "Kubelet";
kubeconfig = klib.mkKubeConfigOptions "Kubelet";
manifests = mkOption {
description = "List of manifests to bootstrap with kubelet (only pods can be created as manifest entry)";
@ -358,7 +359,7 @@ in
services.kubernetes.kubelet.hostname = with config.networking;
mkDefault (hostName + optionalString (domain != null) ".${domain}");
services.kubernetes.pki.certs = with top.lib; {
services.kubernetes.pki.certs = with klib; {
kubelet = mkCert {
name = "kubelet";
CN = top.kubelet.hostname;

View file

@ -1,10 +1,11 @@
{ config, lib, pkgs, ... }:
{ config, options, lib, pkgs, ... }:
with lib;
let
top = config.services.kubernetes;
cfg = top.pki;
klib = options.services.kubernetes.lib;
csrCA = pkgs.writeText "kube-pki-cacert-csr.json" (builtins.toJSON {
key = {
@ -29,7 +30,7 @@ let
cfsslAPITokenLength = 32;
clusterAdminKubeconfig = with cfg.certs.clusterAdmin;
top.lib.mkKubeConfig "cluster-admin" {
klib.mkKubeConfig "cluster-admin" {
server = top.apiserverAddress;
certFile = cert;
keyFile = key;
@ -250,7 +251,7 @@ in
# - it would be better with a more Nix-oriented way of managing addons
systemd.services.kube-addon-manager = mkIf top.addonManager.enable (mkMerge [{
environment.KUBECONFIG = with cfg.certs.addonManager;
top.lib.mkKubeConfig "addon-manager" {
klib.mkKubeConfig "addon-manager" {
server = top.apiserverAddress;
certFile = cert;
keyFile = key;
@ -343,7 +344,7 @@ in
'';
services.flannel = with cfg.certs.flannelClient; {
kubeconfig = top.lib.mkKubeConfig "flannel" {
kubeconfig = klib.mkKubeConfig "flannel" {
server = top.apiserverAddress;
certFile = cert;
keyFile = key;

View file

@ -6,6 +6,7 @@ let
top = config.services.kubernetes;
otop = options.services.kubernetes;
cfg = top.proxy;
klib = options.services.kubernetes.lib.default;
in
{
imports = [
@ -43,7 +44,7 @@ in
type = str;
};
kubeconfig = top.lib.mkKubeConfigOptions "Kubernetes proxy";
kubeconfig = klib.mkKubeConfigOptions "Kubernetes proxy";
verbosity = mkOption {
description = ''
@ -72,7 +73,7 @@ in
${optionalString (cfg.featureGates != [])
"--feature-gates=${concatMapStringsSep "," (feature: "${feature}=true") cfg.featureGates}"} \
--hostname-override=${cfg.hostname} \
--kubeconfig=${top.lib.mkKubeConfig "kube-proxy" cfg.kubeconfig} \
--kubeconfig=${klib.mkKubeConfig "kube-proxy" cfg.kubeconfig} \
${optionalString (cfg.verbosity != null) "--v=${toString cfg.verbosity}"} \
${cfg.extraOpts}
'';
@ -88,7 +89,7 @@ in
services.kubernetes.proxy.hostname = with config.networking; mkDefault hostName;
services.kubernetes.pki.certs = {
kubeProxyClient = top.lib.mkCert {
kubeProxyClient = klib.mkCert {
name = "kube-proxy-client";
CN = "system:kube-proxy";
action = "systemctl restart kube-proxy.service";

View file

@ -6,6 +6,7 @@ let
top = config.services.kubernetes;
otop = options.services.kubernetes;
cfg = top.scheduler;
klib = options.services.kubernetes.lib.default;
in
{
###### interface
@ -32,7 +33,7 @@ in
type = listOf str;
};
kubeconfig = top.lib.mkKubeConfigOptions "Kubernetes scheduler";
kubeconfig = klib.mkKubeConfigOptions "Kubernetes scheduler";
leaderElect = mkOption {
description = "Whether to start leader election before executing main loop.";
@ -69,7 +70,7 @@ in
--address=${cfg.address} \
${optionalString (cfg.featureGates != [])
"--feature-gates=${concatMapStringsSep "," (feature: "${feature}=true") cfg.featureGates}"} \
--kubeconfig=${top.lib.mkKubeConfig "kube-scheduler" cfg.kubeconfig} \
--kubeconfig=${klib.mkKubeConfig "kube-scheduler" cfg.kubeconfig} \
--leader-elect=${boolToString cfg.leaderElect} \
--port=${toString cfg.port} \
${optionalString (cfg.verbosity != null) "--v=${toString cfg.verbosity}"} \
@ -87,7 +88,7 @@ in
};
services.kubernetes.pki.certs = {
schedulerClient = top.lib.mkCert {
schedulerClient = klib.mkCert {
name = "kube-scheduler-client";
CN = "system:kube-scheduler";
action = "systemctl restart kube-scheduler.service";

View file

@ -1,9 +1,10 @@
{ config, lib, pkgs, ... }:
{ config, options, lib, pkgs, ... }:
with lib;
let
cfg = config.services.couchdb;
opt = options.services.couchdb;
configFile = pkgs.writeText "couchdb.ini" (
''
[couchdb]
@ -153,6 +154,7 @@ in {
argsFile = mkOption {
type = types.path;
default = "${cfg.package}/etc/vm.args";
defaultText = literalExpression ''"config.${opt.package}/etc/vm.args"'';
description = ''
vm.args configuration. Overrides Couchdb's Erlang VM parameters file.
'';

View file

@ -54,7 +54,7 @@ in
systemd.packages = [ cfg.package ];
services.udev.packages = [ pkgs.libmtp ];
services.udev.packages = [ pkgs.libmtp.out ];
# Needed for unwrapped applications
environment.variables.GIO_EXTRA_MODULES = [ "${cfg.package}/lib/gio/modules" ];

View file

@ -29,6 +29,8 @@ in {
meta = {
maintainers = teams.freedesktop.members;
# uses attributes of the linked package
buildDocsInSandbox = false;
};
###### interface

View file

@ -40,6 +40,8 @@ in {
meta = {
maintainers = teams.freedesktop.members;
# uses attributes of the linked package
buildDocsInSandbox = false;
};
###### interface

View file

@ -226,4 +226,7 @@ in {
isSystemUser = true;
};
};
# uses attributes of the linked package
meta.buildDocsInSandbox = false;
}

View file

@ -678,7 +678,7 @@ in
rev = "ff96a0fa5635770390b184ae74debea75c3fd534";
ref = "nixos-unstable";
};
image_from_nixpkgs = (import ("${pkgs.sourcehut.buildsrht}/lib/images/nixos/image.nix") {
image_from_nixpkgs = (import ("''${pkgs.sourcehut.buildsrht}/lib/images/nixos/image.nix") {
pkgs = (import pkgs_unstable {});
});
in
@ -696,6 +696,7 @@ in
package = mkOption {
type = types.package;
default = pkgs.git;
defaultText = literalExpression "pkgs.git";
example = literalExpression "pkgs.gitFull";
description = ''
Git package for git.sr.ht. This can help silence collisions.
@ -712,6 +713,7 @@ in
package = mkOption {
type = types.package;
default = pkgs.mercurial;
defaultText = literalExpression "pkgs.mercurial";
description = ''
Mercurial package for hg.sr.ht. This can help silence collisions.
'';

View file

@ -118,4 +118,7 @@ in
};
};
};
# uses attributes of the linked package
meta.buildDocsInSandbox = false;
}

View file

@ -378,4 +378,6 @@ in
]);
meta.maintainers = with maintainers; [ hexa ];
# uses attributes of the linked package
meta.buildDocsInSandbox = false;
}

View file

@ -228,5 +228,4 @@ in
};
meta.maintainers = with maintainers; [ rnhmjoj ];
}

View file

@ -100,6 +100,7 @@ in
confDir = mkOption {
type = types.path;
default = confDir;
defaultText = literalDocBook "generated from configuration";
description = "The location of the config files for xrdp.";
};
};

View file

@ -1,7 +1,8 @@
{ config, pkgs, lib, ... }:
{ config, options, pkgs, lib, ... }:
with lib;
let
cfg = config.services.aesmd;
opt = options.services.aesmd;
sgx-psw = pkgs.sgx-psw.override { inherit (cfg) debug; };
@ -43,6 +44,9 @@ in
options.proxyType = mkOption {
type = with types; nullOr (enum [ "default" "direct" "manual" ]);
default = if (cfg.settings.proxy != null) then "manual" else null;
defaultText = literalExpression ''
if (config.${opt.settings}.proxy != null) then "manual" else null
'';
example = "default";
description = ''
Type of proxy to use. The <literal>default</literal> uses the system's default proxy.

View file

@ -179,4 +179,7 @@ in {
wantedBy = [ "multi-user.target" ];
};
};
# uses attributes of the linked package
meta.buildDocsInSandbox = false;
}

View file

@ -112,4 +112,7 @@ in
};
};
};
# uses attributes of the linked package
meta.buildDocsInSandbox = false;
}

View file

@ -237,4 +237,6 @@ in
};
meta.maintainers = with lib.maintainers; [ edef zimbatm ];
# uses attributes of the linked package
meta.buildDocsInSandbox = false;
}

View file

@ -167,4 +167,7 @@ in
"d ${cfg.dataDir}/async/ 0750 ${user} ${group} - -"
];
};
# uses attributes of the linked package
meta.buildDocsInSandbox = false;
}

View file

@ -146,4 +146,7 @@ in
group = "powerdnsadmin";
};
};
# uses attributes of the linked package
meta.buildDocsInSandbox = false;
}

View file

@ -865,4 +865,6 @@ in
};
# uses relatedPackages
meta.buildDocsInSandbox = false;
}

View file

@ -317,4 +317,6 @@ in
};
# uses extendModules to generate a type
meta.buildDocsInSandbox = false;
}

View file

@ -999,4 +999,7 @@ in
];
};
# uses types of services/x11/xserver.nix
meta.buildDocsInSandbox = false;
}

View file

@ -450,5 +450,4 @@ in
};
};
}

View file

@ -73,7 +73,7 @@ in
machine.fail('su - test1 -c "sudo -n -u root true"')
with subtest("users in group 'foobar' should be able to use sudo with password"):
machine.succeed("sudo -u test2 echo ${password} | sudo -S -u root true")
machine.succeed('su - test2 -c "echo ${password} | sudo -S -u root true"')
with subtest("users in group 'barfoo' should be able to use sudo without password"):
machine.succeed("sudo -u test3 sudo -n -u root true")

View file

@ -37,13 +37,13 @@ in
stdenv.mkDerivation rec {
pname = "snapcast";
version = "0.25.0";
version = "0.26.0";
src = fetchFromGitHub {
owner = "badaix";
repo = "snapcast";
rev = "v${version}";
sha256 = "064pcpr5dsv9hncqkrnxriva4xjv1vcxhvc69h1an8x8vn4dwgmf";
sha256 = "sha256-CCifn9OEFM//Hk1PJj8T3MXIV8pXCTdBBXPsHuZwLyQ=";
};
nativeBuildInputs = [ cmake pkg-config ];

View file

@ -82,5 +82,6 @@ buildDotnetModule rec {
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ thiagokokada ];
platforms = with lib.platforms; linux;
mainProgram = "pinta";
};
}

View file

@ -1,21 +1,21 @@
{
"stable": {
"version": "96.0.4664.110",
"sha256": "1s3ilq0ik36qgqp7l88gfd1yx97zscn8yr2kprsrjfp9q8lrva9n",
"sha256bin64": "17cyj1jx47fz6y26f196xhlngrw5gnjgcvapvgkgswlwd7y67jcb",
"version": "97.0.4692.71",
"sha256": "0z7ximvm4a78kxyp4j0i2jzklxazpw6jcqi9jkaf8bvq9ga8kqca",
"sha256bin64": "1z1d50i5pvqaw6hjdxwasbznzgqwrnd1z8jmy2x05b6i49vd7r9j",
"deps": {
"gn": {
"version": "2021-09-24",
"version": "2021-11-03",
"url": "https://gn.googlesource.com/gn",
"rev": "0153d369bbccc908f4da4993b1ba82728055926a",
"sha256": "0y4414h8jqsbz5af6pn91c0vkfp4s281s85g992xfyl785c5zbsi"
"rev": "90294ccdcf9334ed25a76ac9b67689468e506342",
"sha256": "0n0jml8s00ayy186jzrf207hbz70pxiq426znxwxd4gjcp60scsa"
}
},
"chromedriver": {
"version": "96.0.4664.45",
"sha256_linux": "15wybxlh38sw7f2bzalf9ivfp8262cpcvhq08nw9d2cj3j39f13m",
"sha256_darwin": "0r3b8wgbd8xjb09f4vc402gp77y2aqjk9hpqvvr6xgdr7nqym20f",
"sha256_darwin_aarch64": "1yynw8ngs2655blnf1s6r9flbxlwgaybdvgl6r6h7ppl974dl7rm"
"version": "97.0.4692.36",
"sha256_linux": "11x28m31bsfq1flqrsa5mawss39kznia2ig5ams5qkm2v5p3y39d",
"sha256_darwin": "1ysnfvj0795yc3g8sbz7g9mhc5j0sxm2r3ad2fh13sarnhn6wrs4",
"sha256_darwin_aarch64": "09m1qpk6901gqs4c7isgryffhb92szfzbxfybxhn2g5i4wrns6j7"
}
},
"beta": {

View file

@ -1,4 +1,8 @@
{ lib, stdenv, fetchzip, fetchurl, xorg, gnused }:
{ lib, stdenv, fetchzip, fetchurl, xorg, gnused
, withBigAtlas ? true
, withEphemeris ? true
, withMoonsEphemeris ? true
}:
stdenv.mkDerivation rec {
pname = "astrolog";
version = "7.30";
@ -23,15 +27,30 @@ stdenv.mkDerivation rec {
sha256 = "1mwvpvfk3lxjcc79zvwl4ypqzgqzipnc01cjldxrmx56xkc35zn7";
stripRoot = false;
};
moonsEphemeris = fetchzip {
url = "https://www.astrolog.org/ftp/ephem/moons/sepm.zip";
sha256 = "0labcidm8mrwvww93nwpp5738m9ff9q48cqzbgd18xny1jf6f8xd";
stripRoot = false;
};
atlas = fetchurl {
url = "http://astrolog.org/ftp/atlas/atlasbig.as";
sha256 = "1k8cy8gpcvkwkhyz248qhvrv5xiwp1n1s3b7rlz86krh7vzz01mp";
sha256 = "001bmqyldsbk4bdliqfl4a9ydrh1ff13wccvfniwaxlmvkridx2q";
};
in ''
mkdir -p $out/bin $out/astrolog
cp -r ${ephemeris}/*.se1 $out/astrolog
cp *.as $out/astrolog
install astrolog $out/bin
${lib.optionalString withBigAtlas "cp ${atlas} $out/astrolog/atlas.as"}
${lib.optionalString withEphemeris ''
sed -i "/-Yi1/s#\".*\"#\"$out/ephemeris\"#" $out/astrolog/astrolog.as
mkdir -p $out/ephemeris
cp -r ${ephemeris}/*.se1 $out/ephemeris
''}
${lib.optionalString withMoonsEphemeris ''
sed -i "/-Yi1/s#\".*\"#\"$out/ephemeris\"#" $out/astrolog/astrolog.as
mkdir -p $out/ephemeris
cp -r ${moonsEphemeris}/*.se1 $out/ephemeris
''}
'';
meta = with lib; {

View file

@ -2,7 +2,7 @@
stdenv.mkDerivation rec {
pname = "lean";
version = "3.35.1";
version = "3.36.0";
src = fetchFromGitHub {
owner = "leanprover-community";
@ -11,8 +11,8 @@ stdenv.mkDerivation rec {
# from. this is then used to check whether an olean file should be
# rebuilt. don't use a tag as rev because this will get replaced into
# src/githash.h.in in preConfigure.
rev = "4887d8a30621941c883f208e151e61ab268c006d";
sha256 = "0xmiysmq80dnzq1lw9jmprc85kfimw0sl8m5rbi05z8f782gzv1z";
rev = "e948149d3d1bbdb8eac9cd103d58626a59fae3b9";
sha256 = "1lcjif29lfj3myc6j63ifk8fdvylyv8g82g2dv0d85nz7mpbq47b";
};
nativeBuildInputs = [ cmake ];

View file

@ -0,0 +1,79 @@
{ lib
, stdenv
, fetchurl
, babashka
, cacert
, clojure
, git
, jdk
, callPackage
, makeWrapper
, runCommand }:
stdenv.mkDerivation rec {
pname = "obb";
version = "0.0.1";
src = fetchurl {
url = "https://github.com/babashka/${pname}/archive/refs/tags/v${version}.tar.gz";
sha256 = "sha256-ZVd3VCJ7vdQGQ7iY5v2b+gRX/Ni0/03hzqBElqpPvpI=";
};
nativeBuildInputs = [ makeWrapper ];
buildInputs = [ babashka cacert git jdk ];
configurePhase = ''
runHook preConfigure
mkdir -p .m2
substituteInPlace deps.edn --replace ':paths' ':mvn/local-repo "./.m2" :paths'
substituteInPlace bb.edn --replace ':paths' ':mvn/local-repo "./.m2" :paths'
echo deps.edn
runHook postConfigure
'';
buildPhase = ''
runHook preBuild
export DEPS_CLJ_TOOLS_DIR=${clojure}
export DEPS_CLJ_TOOLS_VERSION=${clojure.version}
mkdir -p .gitlibs
mkdir -p .cpcache
export GITLIBS=.gitlibs
export CLJ_CACHE=.cpcache
bb build
runHook postBuild
'';
installPhase = ''
runHook preInstall
mkdir -p $out/bin
ln -s /usr/bin/osascript $out/bin/osascript
install -Dm755 "out/bin/obb" "$out/bin/obb"
wrapProgram $out/bin/obb --prefix PATH : $out/bin
runHook postInstall
'';
doInstallCheck = true;
installCheckPhase = ''
[ $($out/bin/obb -e '(+ 1 2)') = '3' ]
'';
meta = with lib; {
description = "Ad-hoc ClojureScript scripting of Mac applications via Apple's Open Scripting Architecture";
homepage = "https://github.com/babashka/obb";
license = licenses.epl10;
maintainers = with maintainers; [
willcohen
];
platforms = platforms.darwin;
};
}

View file

@ -56,7 +56,7 @@ stdenv.mkDerivation {
meta = with lib; {
homepage = "https://www.dartlang.org/";
maintainers = with maintainers; [ grburst thiagokokada flexagoon ];
maintainers = with maintainers; [ grburst flexagoon ];
description = "Scalable programming language, with robust libraries and runtimes, for building web, server, and mobile apps";
longDescription = ''
Dart is a class-based, single inheritance, object-oriented language

View file

@ -19,7 +19,7 @@
stdenv.mkDerivation rec {
pname = "libfprint";
version = "1.92.1";
version = "1.94.1";
outputs = [ "out" "devdoc" ];
src = fetchFromGitLab {
@ -27,7 +27,7 @@ stdenv.mkDerivation rec {
owner = "libfprint";
repo = pname;
rev = "v${version}";
sha256 = "0dpwzmwl9jjpaz44znvy3v8s9sln0c71b756rs1knk0zx8sa1qbc";
sha256 = "sha256-xFmby1x2TRZqXrV9Einqu3002qMAN5tQga2mIAHfC9c=";
};
nativeBuildInputs = [

View file

@ -1,7 +1,6 @@
{ lib
, stdenv
, fetchFromGitHub
, fetchpatch
, cmake
, pkg-config
, sqlite
@ -12,23 +11,15 @@
stdenv.mkDerivation rec {
pname = "proj";
version = "8.2.0";
version = "8.2.1";
src = fetchFromGitHub {
owner = "OSGeo";
repo = "PROJ";
rev = version;
sha256 = "sha256-YXZ3txBWW5vUcdYLISJPxdFGCQpKi1vvJlX8rntujg8=";
hash = "sha256-tnaIqYKgYHY1Tg33jsKYn9QL8YUobgXKbQsodoCXNys=";
};
patches = [
(fetchpatch {
name = "Make-CApi-test-cross-platform.patch";
url = "https://github.com/OSGeo/PROJ/commit/ac113a8898cded7f5359f1edd3abc17a78eee9b4.patch";
sha256 = "0gz2xa5nxzck5c0yr7cspv3kw4cz3fxb2yic76w7qfvxidi7z1s1";
})
];
outputs = [ "out" "dev"];
nativeBuildInputs = [ cmake pkg-config ];

View file

@ -6,13 +6,13 @@
buildPythonPackage rec {
pname = "adafruit-platformdetect";
version = "3.18.0";
version = "3.19.1";
format = "setuptools";
src = fetchPypi {
pname = "Adafruit-PlatformDetect";
inherit version;
sha256 = "593f3719580b31b3dffab0817414a3aa548ed609659ad216ceb8cf31cc51ec9b";
sha256 = "sha256-mJ121SSoO7v2p+qCF5Va5+ppHQsHcFuyJDpyc6lykRI=";
};
nativeBuildInputs = [

View file

@ -10,7 +10,7 @@ buildPythonPackage rec {
version = lib.getVersion capstone;
src = capstone.src;
sourceRoot = "${capstone.name}/bindings/python";
sourceRoot = "source/bindings/python";
postPatch = ''
ln -s ${capstone}/lib/libcapstone${stdenv.targetPlatform.extensions.sharedLibrary} prebuilt/

View file

@ -13,6 +13,7 @@
, pyjwt
, pyquil
, python-dateutil
, pythonOlder
, qcs-api-client
, retrying
, rfc3339
@ -26,6 +27,8 @@ buildPythonPackage rec {
pname = "cirq-rigetti";
inherit (cirq-core) version src meta;
disabled = pythonOlder "3.7";
sourceRoot = "source/${pname}";
postPatch = ''
@ -36,9 +39,10 @@ buildPythonPackage rec {
--replace "httpcore~=0.11.1" "httpcore" \
--replace "httpx~=0.15.5" "httpx" \
--replace "idna~=2.10" "idna" \
--replace "requests~=2.18" "requests" \
--replace "pyjwt~=1.7.1" "pyjwt" \
--replace "qcs-api-client~=0.8.0" "qcs-api-client"
# Remove outdated test
rm cirq_rigetti/service_test.py
'';
propagatedBuildInputs = [

View file

@ -12,11 +12,11 @@ buildPythonPackage (rec {
# there's a clear path forward. See
# https://github.com/elastic/elasticsearch-py/issues/1639 for more
# info.
version = "7.16.1";
version = "7.16.2";
src = fetchPypi {
inherit pname version;
sha256 = "c024ee2e7e2509c842c4e3c5e2b99a92ceecfde06d6dac2d32a19bf566c3e175";
sha256 = "23ac0afb4398c48990e359ac73ab6963741bd05321345299c62d9d23e209eee2";
};
# Check is disabled because running them destroy the content of the local cluster!

View file

@ -8,7 +8,7 @@
buildPythonPackage rec {
pname = "flux-led";
version = "0.27.32";
version = "0.27.36";
format = "setuptools";
disabled = pythonOlder "3.7";
@ -17,7 +17,7 @@ buildPythonPackage rec {
owner = "Danielhiversen";
repo = "flux_led";
rev = version;
sha256 = "sha256-7EBZN4Nb3iVieTZvYlbN+CwgVxOwFatle0e6gFwcdwM=";
sha256 = "sha256-Q84hDb7YnYU5L2IyL3aZ/16yRxViGlt8VX4vlMcykDA=";
};
propagatedBuildInputs = [

View file

@ -1,23 +1,24 @@
{ lib
, buildPythonPackage
, fetchFromGitHub
, fetchpatch
, poetry-core
, pytest
, pythonOlder
, setuptoolsBuildHook
}:
buildPythonPackage rec {
pname = "pytest-socket";
version = "0.4.0";
disabled = pythonOlder "3.6";
version = "0.5.0";
format = "pyproject";
disabled = pythonOlder "3.7";
src = fetchFromGitHub {
owner = "miketheman";
repo = pname;
rev = version;
sha256 = "sha256-cFYtJqZ/RjFbn9XlEy6ffxZ2djisajQAwjV/YR2f59Q=";
hash = "sha256-HdGkpIHFsoAG2+8UyL9jSb3Dm8bWkYzREdY3i15ls/Q=";
};
nativeBuildInputs = [
@ -28,23 +29,12 @@ buildPythonPackage rec {
pytest
];
checkInputs = [
pytest
];
patches = [
# Switch to poetry-core, https://github.com/miketheman/pytest-socket/pull/74
(fetchpatch {
name = "switch-to-poetry-core.patch";
url = "https://github.com/miketheman/pytest-socket/commit/32519170e656e731d24b81770a170333d3efa6a8.patch";
sha256 = "19ksgx77rsa6ijcbml74alwc5052mdqr4rmvqhlzvfcvv3676ig2";
})
];
# pytest-socket require network for majority of tests
doCheck = false;
pythonImportsCheck = [ "pytest_socket" ];
pythonImportsCheck = [
"pytest_socket"
];
meta = with lib; {
description = "Pytest Plugin to disable socket calls during tests";

View file

@ -18,14 +18,14 @@
buildPythonPackage rec {
pname = "qcs-api-client";
version = "0.20.5";
version = "0.20.7";
format = "setuptools";
disabled = pythonOlder "3.7";
src = fetchPypi {
inherit pname version;
sha256 = "sha256-nSkCARZk6K5JMgiXunRBrb3pn5Ti6f493OOFzJYaW0M=";
sha256 = "64f3ee91cb9424ac1f27a2e13a4d03090a57d2e0e5edf6981a0b4e5295844c81";
};
propagatedBuildInputs = [

View file

@ -18,14 +18,14 @@
buildPythonPackage rec {
pname = "sfepy";
version = "2021.2";
version = "2021.4";
disabled = pythonOlder "3.8";
src = fetchFromGitHub {
owner = "sfepy";
repo = "sfepy";
rev = "release_${version}";
sha256 = "sha256-zFtm4KrpqjYfxVHcMrTU4tMyHYnD9VPEvuId2lR1MHU=";
sha256 = "sha256-+wvFcME02la5JwzD5bvPgBBlkQKF5LWz5MC3+0s5jSs=";
};
propagatedBuildInputs = [

View file

@ -1,8 +1,8 @@
{ lib
, buildPythonPackage
, fetchFromGitHub
, poetry
, pytest-cov
, fetchpatch
, poetry-core
, pytest-flakes
, pytest-mock
, pytest-socket
@ -19,22 +19,41 @@ buildPythonPackage rec {
owner = "niksite";
repo = pname;
rev = version;
sha256 = "09nac5nh94x0n4bfazjfxk96b20mfsx6r1fnvqv85gkzs0rwqkaq";
hash = "sha256-WE3MM9B/voI23taFbLp2FYhl0uxOfuUWsaCTBG1hyiY=";
};
nativeBuildInputs = [ poetry ];
nativeBuildInputs = [
poetry-core
];
propagatedBuildInputs = [ six ];
propagatedBuildInputs = [
six
];
checkInputs = [
pytest-cov
pytest-flakes
pytest-mock
pytest-socket
pytestCheckHook
];
pythonImportsCheck = [ "url_normalize" ];
patches = [
# Switch to poetry-core, https://github.com/niksite/url-normalize/pull/28
(fetchpatch {
name = "switch-to-poetry-core.patch";
url = "https://github.com/niksite/url-normalize/commit/b8557b10c977b191cc9d37e6337afe874a24ad08.patch";
sha256 = "sha256-SVCQATV9V6HbLmjOHs7V7eBagO0PuqZLubIJghBYfQQ=";
})
];
postPatch = ''
sed -i "/--cov/d" tox.ini
sed -i "/--flakes/d" tox.ini
'';
pythonImportsCheck = [
"url_normalize"
];
meta = with lib; {
description = "URL normalization for Python";

View file

@ -48,5 +48,6 @@ stdenv.mkDerivation rec {
license = lib.licenses.epl10;
platforms = lib.platforms.linux ++ lib.platforms.darwin;
maintainers = with lib.maintainers; [ thiagokokada ];
mainProgram = "lein";
};
}

View file

@ -64,6 +64,5 @@ stdenv.mkDerivation rec {
license = licenses.asl20;
maintainers = with maintainers; [ AndersonTorres ];
platforms = platforms.unix;
broken = stdenv.isDarwin;
};
}

View file

@ -54,7 +54,7 @@ let
, description
# Check https://github.com/libretro/libretro-core-info for license information
, license
, src ? null
, src ? (getCoreSrc core)
, broken ? false
, version ? "unstable-2021-12-06"
, platforms ? retroarch.meta.platforms
@ -63,15 +63,13 @@ let
, normalizeCore ? true
, ...
}@args:
lib.makeOverridable stdenv.mkDerivation (
stdenv.mkDerivation (
let
d2u = if normalizeCore then (lib.replaceChars [ "-" ] [ "_" ]) else (x: x);
finalSrc = if src == null then getCoreSrc core else src;
in
(rec {
pname = "libretro-${core}";
inherit version;
src = finalSrc;
inherit version src;
buildInputs = [ zlib ] ++ args.extraBuildInputs or [ ];
nativeBuildInputs = [ makeWrapper ] ++ args.extraNativeBuildInputs or [ ];
@ -308,13 +306,6 @@ in
citra = mkLibRetroCore {
core = "citra";
# `nix-prefetch-github` doesn't support `deepClone`, necessary for citra
# https://github.com/seppeljordan/nix-prefetch-github/issues/41
src = fetchFromGitHub {
inherit (hashesFile.citra) owner repo rev fetchSubmodules;
deepClone = true;
sha256 = "sha256-bwnYkMvbtRF5bGZRYVtMWxnCu9P45qeX4+ntOj9eRds=";
};
description = "Port of Citra to libretro";
license = lib.licenses.gpl2Plus;
extraNativeBuildInputs = [ cmake pkg-config ];

View file

@ -122,8 +122,10 @@
"owner": "libretro",
"repo": "citra",
"rev": "b1959d07a340bfd9af65ad464fd19eb6799a96ef",
"sha256": "Tw6Niba9gsZOMKGaXF9AZ5gdigB0mmFyqoRTMElM/Ps=",
"fetchSubmodules": true
"sha256": "bwnYkMvbtRF5bGZRYVtMWxnCu9P45qeX4+ntOj9eRds=",
"fetchSubmodules": true,
"leaveDotGit": true,
"deepClone": true
},
"desmume": {
"owner": "libretro",

View file

@ -1,12 +1,11 @@
#!/usr/bin/env nix-shell
#!nix-shell -i python3 -p "python3.withPackages (ps: with ps; [ requests nix-prefetch-github ])" -p "git"
#!nix-shell -I nixpkgs=../../../../ -i python3 -p "python3.withPackages (ps: with ps; [ requests nix-prefetch-github ])" -p "git"
import json
import sys
import subprocess
from pathlib import Path
from nix_prefetch_github import nix_prefetch_github
SCRIPT_PATH = Path(__file__).absolute().parent
HASHES_PATH = SCRIPT_PATH / "hashes.json"
CORES = {
@ -27,7 +26,7 @@ CORES = {
"bsnes": {"repo": "bsnes-libretro"},
"bsnes-hd": {"repo": "bsnes-hd", "owner": "DerKoun"},
"bsnes-mercury": {"repo": "bsnes-mercury"},
"citra": {"repo": "citra", "fetch_submodules": True},
"citra": {"repo": "citra", "fetch_submodules": True, "deep_clone": True, "leave_dot_git": True},
"desmume": {"repo": "desmume"},
"desmume2015": {"repo": "desmume2015"},
"dolphin": {"repo": "dolphin"},
@ -97,19 +96,27 @@ def info(*msg):
print(*msg, file=sys.stderr)
def get_repo_hash_fetchFromGitHub(repo, owner="libretro", fetch_submodules=False):
assert repo is not None, "Parameter 'repo' can't be None."
repo_hash = nix_prefetch_github(
owner=owner, repo=repo, fetch_submodules=fetch_submodules
def get_repo_hash_fetchFromGitHub(
repo,
owner="libretro",
deep_clone=False,
fetch_submodules=False,
leave_dot_git=False,
):
extra_args = []
if deep_clone:
extra_args.append("--deep-clone")
if fetch_submodules:
extra_args.append("--fetch-submodules")
if leave_dot_git:
extra_args.append("--leave-dot-git")
result = subprocess.run(
["nix-prefetch-github", owner, repo, *extra_args],
check=True,
capture_output=True,
text=True,
)
return {
"owner": repo_hash.repository.owner,
"repo": repo_hash.repository.name,
"rev": repo_hash.rev,
"sha256": repo_hash.sha256,
"fetchSubmodules": repo_hash.fetch_submodules,
}
return json.loads(result.stdout)
def get_repo_hash(fetcher="fetchFromGitHub", **kwargs):

View file

@ -40,5 +40,6 @@ pythonPackages.buildPythonApplication rec {
homepage = "https://github.com/lpechacek/cpuset";
license = licenses.gpl2;
maintainers = with maintainers; [ thiagokokada wykurz ];
mainProgram = "cset";
};
}

View file

@ -2,7 +2,7 @@
buildGoModule rec {
pname = "consul";
version = "1.10.3";
version = "1.11.1";
rev = "v${version}";
# Note: Currently only release tags are supported, because they have the Consul UI
@ -17,7 +17,7 @@ buildGoModule rec {
owner = "hashicorp";
repo = pname;
inherit rev;
sha256 = "sha256-Jn8cF+8Wf4zZ/PFXvjCGpomSa/DvraBGW0LsZQ+Zy+4=";
sha256 = "0x374capaz6h8mzvq2pfz4zg3gz27fjbqax65f23zqyl46haj01p";
};
passthru.tests.consul = nixosTests.consul;
@ -26,12 +26,10 @@ buildGoModule rec {
# has a split module structure in one repo
subPackages = ["." "connect/certgen"];
vendorSha256 = "sha256-cQP1po9LGunFVocl4+HPs67oae2KpgyfRRB+xGVySUY=";
vendorSha256 = "09rz2xv407ym71dap7f6bbqhdnqvylvbd9zg6f6h7qsb88nvyzsp";
doCheck = false;
deleteVendor = true;
ldflags = [
"-X github.com/hashicorp/consul/version.GitDescribe=v${version}"
"-X github.com/hashicorp/consul/version.Version=${version}"
@ -43,6 +41,6 @@ buildGoModule rec {
homepage = "https://www.consul.io/";
platforms = platforms.linux ++ platforms.darwin;
license = licenses.mpl20;
maintainers = with maintainers; [ pradeepchhetri vdemeester nh2 ];
maintainers = with maintainers; [ pradeepchhetri vdemeester nh2 techknowlogick];
};
}

View file

@ -22,15 +22,15 @@ buildDotnetModule rec {
version = "0.5.3.3";
src = fetchFromGitHub {
owner = "InfinityGhost";
owner = "OpenTabletDriver";
repo = "OpenTabletDriver";
rev = "v${version}";
sha256 = "k4SoOMKAwHeYSQ80M8Af1DiiDSZIi3gS7lGr2ZrXrEI=";
sha256 = "sha256-k4SoOMKAwHeYSQ80M8Af1DiiDSZIi3gS7lGr2ZrXrEI=";
};
debPkg = fetchurl {
url = "https://github.com/InfinityGhost/OpenTabletDriver/releases/download/v${version}/OpenTabletDriver.deb";
sha256 = "0v03qiiz28k1yzgxf5qc1mdg2n7kjx6h8vpx9dxz342wwbgqg6ic";
url = "https://github.com/OpenTabletDriver/OpenTabletDriver/releases/download/v${version}/OpenTabletDriver.deb";
sha256 = "sha256-LJqH3+JckPF7S/1uBE2X81jxWg0MF9ff92Ei8WPEA2w=";
};
dotnet-sdk = dotnetCorePackages.sdk_5_0;
@ -103,9 +103,10 @@ buildDotnetModule rec {
meta = with lib; {
description = "Open source, cross-platform, user-mode tablet driver";
homepage = "https://github.com/InfinityGhost/OpenTabletDriver";
homepage = "https://github.com/OpenTabletDriver/OpenTabletDriver";
license = licenses.lgpl3Plus;
maintainers = with maintainers; [ thiagokokada ];
platforms = platforms.linux;
mainProgram = "otd";
};
}

View file

@ -25,7 +25,7 @@
stdenv.mkDerivation rec {
pname = "fprintd";
version = "1.92.0";
version = "1.94.1";
outputs = [ "out" "devdoc" ];
src = fetchFromGitLab {
@ -33,7 +33,7 @@ stdenv.mkDerivation rec {
owner = "libfprint";
repo = pname;
rev = "v${version}";
sha256 = "0bqzxxb5iq3pdwdv1k8wsx3alirbjla6zgcki55b5p6mzrvk781x";
sha256 = "sha256-XHfHPffVp0jV3Md9Gui9v/nyOJ/bTWM3+hiR7WdEsgQ=";
};
nativeBuildInputs = [

View file

@ -0,0 +1,30 @@
{ lib
, buildGoModule
, fetchFromGitHub
}:
buildGoModule rec {
pname = "jaeles";
version = "0.17";
src = fetchFromGitHub {
owner = "jaeles-project";
repo = pname;
rev = "beta-v${version}";
hash = "sha256-IGB+TYMOOO7fvRfDe9y+JSXuDSMDVJK+N4hS+kezG48=";
};
vendorSha256 = "sha256-3CKDkxvr7egHui6d8+25t9Zq2ePMUOULr+1NjEm4GXA=";
runVend = true;
# Tests want to download signatures
doCheck = false;
meta = with lib; {
description = "Tool for automated Web application testing";
homepage = "https://github.com/jaeles-project/jaeles";
license = licenses.mit;
maintainers = with maintainers; [ fab ];
};
}

View file

@ -6,20 +6,20 @@
buildGoModule rec {
pname = "kubescape";
version = "1.0.136";
version = "1.0.137";
src = fetchFromGitHub {
owner = "armosec";
repo = pname;
rev = "v${version}";
sha256 = "sha256-g7gM+fZIDb6YK3QDiBqiQaTEyFtIQ30mTe6AAR3S3iw=";
sha256 = "sha256-2VjC5icIKF7VO7Tli/mk/gXbIzZxkFm7Aigwl+BVQ6g=";
};
nativeBuildInputs = [
installShellFiles
];
vendorSha256 = "sha256-hEj69RsYj+KxfZPri2j+vFxUU2S8wuK85EYGND5wtWg=";
vendorSha256 = "sha256-nUMbHoF7xqSpyfb+v7+ZaKzYOalpNcrFxcaRUw2W49s=";
ldflags = [
"-s"

View file

@ -1,4 +1,4 @@
# frozen_string_literal: true
source "https://rubygems.org"
gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.1.21"
gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.1.22"

View file

@ -1,9 +1,9 @@
GIT
remote: https://github.com/rapid7/metasploit-framework
revision: 0b16a2cd771a6afd286188da1c60c9fd772ab0f1
ref: refs/tags/6.1.21
revision: 3bfd2d8eeab3f8ab7efd7a46f8125a7a3bb5f2f0
ref: refs/tags/6.1.22
specs:
metasploit-framework (6.1.21)
metasploit-framework (6.1.22)
actionpack (~> 6.0)
activerecord (~> 6.0)
activesupport (~> 6.0)
@ -214,7 +214,7 @@ GEM
httpclient (2.8.3)
i18n (1.8.11)
concurrent-ruby (~> 1.0)
io-console (0.5.9)
io-console (0.5.11)
irb (1.3.6)
reline (>= 0.2.5)
jmespath (1.4.0)
@ -288,7 +288,7 @@ GEM
pcaprub
patch_finder (1.0.2)
pcaprub (0.12.4)
pdf-reader (2.7.0)
pdf-reader (2.8.0)
Ascii85 (~> 1.0)
afm (~> 0.2.1)
hashery (~> 2.0)
@ -375,7 +375,7 @@ GEM
ruby-macho (2.5.1)
ruby-rc4 (0.1.5)
ruby2_keywords (0.0.5)
ruby_smb (2.0.12)
ruby_smb (2.0.13)
bindata
openssl-ccm
openssl-cmac
@ -433,7 +433,7 @@ GEM
activesupport (>= 4.2, < 7.0)
xmlrpc (0.3.2)
webrick
zeitwerk (2.5.1)
zeitwerk (2.5.3)
PLATFORMS
ruby

View file

@ -15,13 +15,13 @@ let
};
in stdenv.mkDerivation rec {
pname = "metasploit-framework";
version = "6.1.21";
version = "6.1.22";
src = fetchFromGitHub {
owner = "rapid7";
repo = "metasploit-framework";
rev = version;
sha256 = "sha256-43abc6XUmLZZ+KuaAqyT/fJT+79JWKeRRA41NJOWoPY=";
sha256 = "sha256-D3OmkXEqOgDOf1fvMtWiFT4bLw38SNHp2A25xAkq7Ew=";
};
nativeBuildInputs = [ makeWrapper ];

View file

@ -554,10 +554,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0pmafwxh8z1apnk7bb1ibnbhfrgb1jgilxm4j8d0fcqlc2ggmbja";
sha256 = "0r9kxrf9jccrr329pa3s37rf16vy426cbqmfwxkav1fidwvih93y";
type = "gem";
};
version = "0.5.9";
version = "0.5.11";
};
irb = {
groups = ["default"];
@ -664,12 +664,12 @@
platforms = [];
source = {
fetchSubmodules = false;
rev = "0b16a2cd771a6afd286188da1c60c9fd772ab0f1";
sha256 = "1xm0js9k8d8f8j8sfn29pzxm7wpxjfn056mbz1cvd66llmrrnxp3";
rev = "3bfd2d8eeab3f8ab7efd7a46f8125a7a3bb5f2f0";
sha256 = "0k7c584w9f8dv3lx2j7w1lpinghmlbak5vspgz700fiaf68scwqg";
type = "git";
url = "https://github.com/rapid7/metasploit-framework";
};
version = "6.1.21";
version = "6.1.22";
};
metasploit-model = {
groups = ["default"];
@ -947,10 +947,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0c8s9p3s7z39zv9s6avaf5ddqncpglraqpqn50yhb1lrnna3akgi";
sha256 = "18vsmybpvyi0favlabjipznpc8hgprsm7jpw3s7xr01c3lpjli7y";
type = "gem";
};
version = "2.7.0";
version = "2.8.0";
};
pg = {
groups = ["default"];
@ -1337,10 +1337,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "103rm0p44w8q2gyw3yigb6k2v12hi7gkj71b2wkj4859jzi96vyb";
sha256 = "1bjsh4qi6ii4zl0g0na004ylk991ar9rg5kz9rq1q7r5crxy2rw7";
type = "gem";
};
version = "2.0.12";
version = "2.0.13";
};
rubyntlm = {
groups = ["default"];
@ -1607,9 +1607,9 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "18l4r6layck0d80ydc692mv1lxak5xbf6w2paj1x7m2ggbggzxgj";
sha256 = "0lmg9x683gr9mkrbq9df2m0zb0650mdfxqna0bs10js44inv7znx";
type = "gem";
};
version = "2.5.1";
version = "2.5.3";
};
}

View file

@ -1,6 +1,7 @@
{ lib
, stdenv
, fetchurl
, buildPackages
, coreutils
, pam
, groff
@ -13,11 +14,11 @@
stdenv.mkDerivation rec {
pname = "sudo";
version = "1.9.7p2";
version = "1.9.8p2";
src = fetchurl {
url = "https://www.sudo.ws/dist/${pname}-${version}.tar.gz";
sha256 = "sha256-KLXucl2/iaeFL0LzCcqHfSgQqVMbTuz+WfOoS2tK/Kg=";
sha256 = "sha256-njuLjafe9DtuYMJXq+gEZyBWcP0PfAgd4UI8QUtoDy0=";
};
prePatch = ''
@ -56,6 +57,7 @@ stdenv.mkDerivation rec {
installFlags="sudoers_uid=$(id -u) sudoers_gid=$(id -g) sysconfdir=$out/etc rundir=$TMPDIR/dummy vardir=$TMPDIR/dummy DESTDIR=/"
'';
depsBuildBuild = [ buildPackages.stdenv.cc ];
nativeBuildInputs = [ groff ];
buildInputs = [ pam ];

View file

@ -13582,6 +13582,8 @@ with pkgs;
ngn-k = callPackage ../development/interpreters/ngn-k { };
obb = callPackage ../development/interpreters/clojure/obb.nix { };
octave = callPackage ../development/interpreters/octave {
python = python3;
mkDerivation = stdenv.mkDerivation;
@ -26470,6 +26472,8 @@ with pkgs;
jackmix = libsForQt5.callPackage ../applications/audio/jackmix { };
jackmix_jack1 = jackmix.override { jack = jack1; };
jaeles = callPackage ../tools/security/jaeles { };
jalv = callPackage ../applications/audio/jalv { };
jameica = callPackage ../applications/office/jameica {