Merge remote-tracking branch 'origin/master' into haskell-updates
This commit is contained in:
commit
bc44680dee
|
@ -157,7 +157,36 @@ rec {
|
|||
}
|
||||
);
|
||||
|
||||
closePropagation = list: (uniqList {inputList = (innerClosePropagation [] list);});
|
||||
closePropagationSlow = list: (uniqList {inputList = (innerClosePropagation [] list);});
|
||||
|
||||
# This is an optimisation of lib.closePropagation which avoids the O(n^2) behavior
|
||||
# Using a list of derivations, it generates the full closure of the propagatedXXXBuildInputs
|
||||
# The ordering / sorting / comparison is done based on the `outPath`
|
||||
# attribute of each derivation.
|
||||
# On some benchmarks, it performs up to 15 times faster than lib.closePropagation.
|
||||
# See https://github.com/NixOS/nixpkgs/pull/194391 for details.
|
||||
closePropagationFast = list:
|
||||
builtins.map (x: x.val) (builtins.genericClosure {
|
||||
startSet = builtins.map (x: {
|
||||
key = x.outPath;
|
||||
val = x;
|
||||
}) (builtins.filter (x: x != null) list);
|
||||
operator = item:
|
||||
if !builtins.isAttrs item.val then
|
||||
[ ]
|
||||
else
|
||||
builtins.concatMap (x:
|
||||
if x != null then [{
|
||||
key = x.outPath;
|
||||
val = x;
|
||||
}] else
|
||||
[ ]) ((item.val.propagatedBuildInputs or [ ])
|
||||
++ (item.val.propagatedNativeBuildInputs or [ ]));
|
||||
});
|
||||
|
||||
closePropagation = if builtins ? genericClosure
|
||||
then closePropagationFast
|
||||
else closePropagationSlow;
|
||||
|
||||
# calls a function (f attr value ) for each record item. returns a list
|
||||
mapAttrsFlatten = f: r: map (attr: f attr r.${attr}) (attrNames r);
|
||||
|
|
|
@ -378,7 +378,7 @@ rec {
|
|||
|
||||
attr = let attrFilter = name: value: name != "_module" && value != null;
|
||||
in ind: x: libStr.concatStringsSep "\n" (lib.flatten (lib.mapAttrsToList
|
||||
(name: value: lib.optional (attrFilter name value) [
|
||||
(name: value: lib.optionals (attrFilter name value) [
|
||||
(key "\t${ind}" name)
|
||||
(expr "\t${ind}" value)
|
||||
]) x));
|
||||
|
|
|
@ -9,7 +9,7 @@ containers.database =
|
|||
{ config =
|
||||
{ config, pkgs, ... }:
|
||||
{ services.postgresql.enable = true;
|
||||
services.postgresql.package = pkgs.postgresql_10;
|
||||
services.postgresql.package = pkgs.postgresql_14;
|
||||
};
|
||||
};
|
||||
```
|
||||
|
|
|
@ -166,7 +166,7 @@ Packages
|
|||
pkgs.emacs
|
||||
];
|
||||
|
||||
services.postgresql.package = pkgs.postgresql_10;
|
||||
services.postgresql.package = pkgs.postgresql_14;
|
||||
```
|
||||
|
||||
The latter option definition changes the default PostgreSQL package
|
||||
|
|
|
@ -11,7 +11,7 @@ containers.database =
|
|||
{ config =
|
||||
{ config, pkgs, ... }:
|
||||
{ services.postgresql.enable = true;
|
||||
services.postgresql.package = pkgs.postgresql_10;
|
||||
services.postgresql.package = pkgs.postgresql_14;
|
||||
};
|
||||
};
|
||||
</programlisting>
|
||||
|
|
|
@ -217,7 +217,7 @@ environment.systemPackages =
|
|||
pkgs.emacs
|
||||
];
|
||||
|
||||
services.postgresql.package = pkgs.postgresql_10;
|
||||
services.postgresql.package = pkgs.postgresql_14;
|
||||
</programlisting>
|
||||
<para>
|
||||
The latter option definition changes the default PostgreSQL
|
||||
|
|
|
@ -155,6 +155,15 @@
|
|||
certificates by default.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
Improved performances of
|
||||
<literal>lib.closePropagation</literal> which was previously
|
||||
quadratic. This is used in e.g.
|
||||
<literal>ghcWithPackages</literal>. Please see backward
|
||||
incompatibilities notes below.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
Cinnamon has been updated to 5.4. While at it, the cinnamon
|
||||
|
@ -505,6 +514,16 @@
|
|||
future Git update without notice.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<literal>openssh</literal> was updated to version 9.1,
|
||||
disabling the generation of DSA keys when using
|
||||
<literal>ssh-keygen -A</literal> as they are insecure. Also,
|
||||
<literal>SetEnv</literal> directives in
|
||||
<literal>ssh_config</literal> and
|
||||
<literal>sshd_config</literal> are now first-match-wins
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<literal>bsp-layout</literal> no longer uses the command
|
||||
|
@ -611,6 +630,12 @@
|
|||
notes</link>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<literal>lib.closePropagation</literal> now needs that all
|
||||
gathered sets have an <literal>outPath</literal> attribute.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
lemmy module option
|
||||
|
|
|
@ -65,6 +65,8 @@ In addition to numerous new and upgraded packages, this release has the followin
|
|||
|
||||
- Perl has been updated to 5.36, and its core module `HTTP::Tiny` was patched to verify SSL/TLS certificates by default.
|
||||
|
||||
- Improved performances of `lib.closePropagation` which was previously quadratic. This is used in e.g. `ghcWithPackages`. Please see backward incompatibilities notes below.
|
||||
|
||||
- Cinnamon has been updated to 5.4. While at it, the cinnamon module now defaults to
|
||||
blueman as bluetooth manager and slick-greeter as lightdm greeter to match upstream.
|
||||
|
||||
|
@ -172,6 +174,8 @@ Available as [services.patroni](options.html#opt-services.patroni.enable).
|
|||
|
||||
- The `fetchgit` fetcher now uses [cone mode](https://www.git-scm.com/docs/git-sparse-checkout/2.37.0#_internalscone_mode_handling) by default for sparse checkouts. [Non-cone mode](https://www.git-scm.com/docs/git-sparse-checkout/2.37.0#_internalsnon_cone_problems) can be enabled by passing `nonConeMode = true`, but note that non-cone mode is deprecated and this option may be removed alongside a future Git update without notice.
|
||||
|
||||
- `openssh` was updated to version 9.1, disabling the generation of DSA keys when using `ssh-keygen -A` as they are insecure. Also, `SetEnv` directives in `ssh_config` and `sshd_config` are now first-match-wins
|
||||
|
||||
- `bsp-layout` no longer uses the command `cycle` to switch to other window layouts, as it got replaced by the commands `previous` and `next`.
|
||||
|
||||
- The Barco ClickShare driver/client package `pkgs.clickshare-csc1` and the option `programs.clickshare-csc1.enable` have been removed,
|
||||
|
@ -205,6 +209,8 @@ Available as [services.patroni](options.html#opt-services.patroni.enable).
|
|||
|
||||
- `teleport` has been upgraded to major version 10. Please see upstream [upgrade instructions](https://goteleport.com/docs/ver/10.0/management/operations/upgrading/) and [release notes](https://goteleport.com/docs/ver/10.0/changelog/#1000).
|
||||
|
||||
- `lib.closePropagation` now needs that all gathered sets have an `outPath` attribute.
|
||||
|
||||
- lemmy module option `services.lemmy.settings.database.createLocally`
|
||||
moved to `services.lemmy.database.createLocally`.
|
||||
|
||||
|
|
|
@ -122,7 +122,7 @@ in rec {
|
|||
|
||||
optionsJSON = pkgs.runCommand "options.json"
|
||||
{ meta.description = "List of NixOS options in JSON format";
|
||||
buildInputs = [
|
||||
nativeBuildInputs = [
|
||||
pkgs.brotli
|
||||
(let
|
||||
self = (pkgs.python3Minimal.override {
|
||||
|
|
|
@ -697,7 +697,7 @@ in {
|
|||
value = "[a-zA-Z0-9/+.-]+";
|
||||
options = "${id}(=${value})?(,${id}=${value})*";
|
||||
scheme = "${id}(${sep}${options})?";
|
||||
content = "${base64}${sep}${base64}";
|
||||
content = "${base64}${sep}${base64}(${sep}${base64})?";
|
||||
mcf = "^${sep}${scheme}${sep}${content}$";
|
||||
in
|
||||
if (allowsLogin user.hashedPassword
|
||||
|
|
|
@ -261,7 +261,7 @@ in
|
|||
in optional primeEnabled {
|
||||
name = igpuDriver;
|
||||
display = offloadCfg.enable;
|
||||
modules = optional (igpuDriver == "amdgpu") [ pkgs.xorg.xf86videoamdgpu ];
|
||||
modules = optionals (igpuDriver == "amdgpu") [ pkgs.xorg.xf86videoamdgpu ];
|
||||
deviceSection = ''
|
||||
BusID "${igpuBusId}"
|
||||
${optionalString (syncCfg.enable && igpuDriver != "amdgpu") ''Option "AccelMethod" "none"''}
|
||||
|
|
|
@ -421,7 +421,7 @@ let
|
|||
echo "Usage size: $usage_size"
|
||||
echo "Image size: $image_size"
|
||||
truncate --size=$image_size "$out"
|
||||
faketime "2000-01-01 00:00:00" mkfs.vfat -i 12345678 -n EFIBOOT "$out"
|
||||
mkfs.vfat --invariant -i 12345678 -n EFIBOOT "$out"
|
||||
|
||||
# Force a fixed order in mcopy for better determinism, and avoid file globbing
|
||||
for d in $(find EFI -type d | sort); do
|
||||
|
|
|
@ -224,14 +224,25 @@ in
|
|||
# Create a FAT32 /boot/firmware partition of suitable size into firmware_part.img
|
||||
eval $(partx $img -o START,SECTORS --nr 1 --pairs)
|
||||
truncate -s $((SECTORS * 512)) firmware_part.img
|
||||
faketime "1970-01-01 00:00:00" mkfs.vfat -i ${config.sdImage.firmwarePartitionID} -n ${config.sdImage.firmwarePartitionName} firmware_part.img
|
||||
|
||||
mkfs.vfat --invariant -i ${config.sdImage.firmwarePartitionID} -n ${config.sdImage.firmwarePartitionName} firmware_part.img
|
||||
|
||||
# Populate the files intended for /boot/firmware
|
||||
mkdir firmware
|
||||
${config.sdImage.populateFirmwareCommands}
|
||||
|
||||
find firmware -exec touch --date=2000-01-01 {} +
|
||||
# Copy the populated /boot/firmware into the SD image
|
||||
(cd firmware; mcopy -psvm -i ../firmware_part.img ./* ::)
|
||||
cd firmware
|
||||
# Force a fixed order in mcopy for better determinism, and avoid file globbing
|
||||
for d in $(find . -type d -mindepth 1 | sort); do
|
||||
faketime "2000-01-01 00:00:00" mmd -i ../firmware_part.img "::/$d"
|
||||
done
|
||||
for f in $(find . -type f | sort); do
|
||||
mcopy -pvm -i ../firmware_part.img "$f" "::/$f"
|
||||
done
|
||||
cd ..
|
||||
|
||||
# Verify the FAT partition before copying it.
|
||||
fsck.vfat -vn firmware_part.img
|
||||
dd conv=notrunc if=firmware_part.img of=$img seek=$START count=$SECTORS
|
||||
|
|
|
@ -0,0 +1,28 @@
|
|||
{
|
||||
"context.properties": {
|
||||
"log.level": 0
|
||||
},
|
||||
"context.spa-libs": {
|
||||
"audio.convert.*": "audioconvert/libspa-audioconvert",
|
||||
"support.*": "support/libspa-support"
|
||||
},
|
||||
"context.modules": [
|
||||
{
|
||||
"name": "libpipewire-module-rt",
|
||||
"args": {},
|
||||
"flags": [
|
||||
"ifexists",
|
||||
"nofail"
|
||||
]
|
||||
},
|
||||
{
|
||||
"name": "libpipewire-module-protocol-native"
|
||||
},
|
||||
{
|
||||
"name": "libpipewire-module-client-node"
|
||||
},
|
||||
{
|
||||
"name": "libpipewire-module-adapter"
|
||||
}
|
||||
]
|
||||
}
|
|
@ -0,0 +1,38 @@
|
|||
{
|
||||
"context.properties": {},
|
||||
"context.spa-libs": {
|
||||
"audio.convert.*": "audioconvert/libspa-audioconvert",
|
||||
"support.*": "support/libspa-support"
|
||||
},
|
||||
"context.modules": [
|
||||
{
|
||||
"name": "libpipewire-module-rt",
|
||||
"args": {
|
||||
"nice.level": -11
|
||||
},
|
||||
"flags": [
|
||||
"ifexists",
|
||||
"nofail"
|
||||
]
|
||||
},
|
||||
{
|
||||
"name": "libpipewire-module-protocol-native"
|
||||
},
|
||||
{
|
||||
"name": "libpipewire-module-client-node"
|
||||
},
|
||||
{
|
||||
"name": "libpipewire-module-adapter"
|
||||
},
|
||||
{
|
||||
"name": "libpipewire-module-avb",
|
||||
"args": {}
|
||||
}
|
||||
],
|
||||
"context.exec": [],
|
||||
"stream.properties": {},
|
||||
"avb.properties": {
|
||||
"ifname": "enp3s0",
|
||||
"vm.overrides": {}
|
||||
}
|
||||
}
|
|
@ -85,7 +85,7 @@ in
|
|||
config = mkIf cfg.enable {
|
||||
|
||||
systemd.services.ethminer = {
|
||||
path = optional (cfg.toolkit == "cuda") [ pkgs.cudaPackages.cudatoolkit ];
|
||||
path = optionals (cfg.toolkit == "cuda") [ pkgs.cudaPackages.cudatoolkit ];
|
||||
description = "ethminer ethereum mining service";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network.target" ];
|
||||
|
|
|
@ -36,7 +36,7 @@ in
|
|||
};
|
||||
serviceConfig = {
|
||||
DynamicUser = true;
|
||||
EnvironmentFile = lib.optional (cfg.passwordFile != null) [
|
||||
EnvironmentFile = lib.optionals (cfg.passwordFile != null) [
|
||||
cfg.passwordFile
|
||||
];
|
||||
ExecStart = "${pkgs.podgrab}/bin/podgrab";
|
||||
|
|
|
@ -199,7 +199,7 @@ in
|
|||
|
||||
environment.systemPackages = [ pkgs.hostapd ];
|
||||
|
||||
services.udev.packages = optional (cfg.countryCode != null) [ pkgs.crda ];
|
||||
services.udev.packages = optionals (cfg.countryCode != null) [ pkgs.crda ];
|
||||
|
||||
systemd.services.hostapd =
|
||||
{ description = "hostapd wireless AP";
|
||||
|
|
|
@ -27,7 +27,7 @@ let
|
|||
${cfg.extraConfig}
|
||||
'';
|
||||
|
||||
chronyFlags = "-n -m -u chrony -f ${configFile} ${toString cfg.extraFlags}";
|
||||
chronyFlags = [ "-n" "-m" "-u" "chrony" "-f" "${configFile}" ] ++ cfg.extraFlags;
|
||||
in
|
||||
{
|
||||
options = {
|
||||
|
@ -166,7 +166,7 @@ in
|
|||
unitConfig.ConditionCapability = "CAP_SYS_TIME";
|
||||
serviceConfig =
|
||||
{ Type = "simple";
|
||||
ExecStart = "${chronyPkg}/bin/chronyd ${chronyFlags}";
|
||||
ExecStart = "${chronyPkg}/bin/chronyd ${builtins.toString chronyFlags}";
|
||||
|
||||
ProtectHome = "yes";
|
||||
ProtectSystem = "full";
|
||||
|
|
|
@ -25,7 +25,7 @@ let
|
|||
${cfg.extraConfig}
|
||||
'';
|
||||
|
||||
ntpFlags = "-c ${configFile} -u ntp:ntp ${toString cfg.extraFlags}";
|
||||
ntpFlags = [ "-c" "${configFile}" "-u" "ntp:ntp" ] ++ cfg.extraFlags;
|
||||
|
||||
in
|
||||
|
||||
|
@ -137,7 +137,7 @@ in
|
|||
'';
|
||||
|
||||
serviceConfig = {
|
||||
ExecStart = "@${ntp}/bin/ntpd ntpd -g ${ntpFlags}";
|
||||
ExecStart = "@${ntp}/bin/ntpd ntpd -g ${builtins.toString ntpFlags}";
|
||||
Type = "forking";
|
||||
};
|
||||
};
|
||||
|
|
|
@ -816,13 +816,13 @@ in
|
|||
always create a container/VM with a separate Tor daemon instance.
|
||||
'' ++
|
||||
flatten (mapAttrsToList (n: o:
|
||||
optional (o.settings.HiddenServiceVersion == 2) [
|
||||
optionals (o.settings.HiddenServiceVersion == 2) [
|
||||
(optional (o.settings.HiddenServiceExportCircuitID != null) ''
|
||||
HiddenServiceExportCircuitID is used in the HiddenService: ${n}
|
||||
but this option is only for v3 hidden services.
|
||||
'')
|
||||
] ++
|
||||
optional (o.settings.HiddenServiceVersion != 2) [
|
||||
optionals (o.settings.HiddenServiceVersion != 2) [
|
||||
(optional (o.settings.HiddenServiceAuthorizeClient != null) ''
|
||||
HiddenServiceAuthorizeClient is used in the HiddenService: ${n}
|
||||
but this option is only for v2 hidden services.
|
||||
|
|
|
@ -46,7 +46,7 @@ let
|
|||
'';
|
||||
})).override {
|
||||
plugins = ps: ((cfg.plugins ps)
|
||||
++ optional cfg.enableLdap [ ps.django-auth-ldap ]);
|
||||
++ optionals cfg.enableLdap [ ps.django-auth-ldap ]);
|
||||
};
|
||||
netboxManageScript = with pkgs; (writeScriptBin "netbox-manage" ''
|
||||
#!${stdenv.shell}
|
||||
|
|
|
@ -290,6 +290,9 @@ in
|
|||
}
|
||||
'';
|
||||
|
||||
# https://github.com/lucas-clemente/quic-go/wiki/UDP-Receive-Buffer-Size
|
||||
boot.kernel.sysctl."net.core.rmem_max" = mkDefault 2500000;
|
||||
|
||||
systemd.packages = [ cfg.package ];
|
||||
systemd.services.caddy = {
|
||||
wants = map (hostOpts: "acme-finished-${hostOpts.useACMEHost}.target") acmeVHosts;
|
||||
|
|
|
@ -905,9 +905,11 @@ in
|
|||
{ assertion = config.boot.initrd.systemd.enable -> !luks.gpgSupport;
|
||||
message = "systemd stage 1 does not support GPG smartcards yet.";
|
||||
}
|
||||
# TODO
|
||||
{ assertion = config.boot.initrd.systemd.enable -> !luks.fido2Support;
|
||||
message = "systemd stage 1 does not support FIDO2 yet.";
|
||||
message = ''
|
||||
systemd stage 1 does not support configuring FIDO2 unlocking through `boot.initrd.luks.devices.<name>.fido2`.
|
||||
Use systemd-cryptenroll(1) to configure FIDO2 support.
|
||||
'';
|
||||
}
|
||||
# TODO
|
||||
{ assertion = config.boot.initrd.systemd.enable -> !luks.yubikeySupport;
|
||||
|
|
|
@ -151,6 +151,9 @@ let
|
|||
] ++ optionals cfg.package.withHostnamed [
|
||||
"dbus-org.freedesktop.hostname1.service"
|
||||
"systemd-hostnamed.service"
|
||||
] ++ optionals cfg.package.withPortabled [
|
||||
"dbus-org.freedesktop.portable1.service"
|
||||
"systemd-portabled.service"
|
||||
] ++ [
|
||||
"systemd-exit.service"
|
||||
"systemd-update-done.service"
|
||||
|
|
|
@ -332,7 +332,10 @@ in {
|
|||
config = mkIf (config.boot.initrd.enable && cfg.enable) {
|
||||
system.build = { inherit initialRamdisk; };
|
||||
|
||||
boot.initrd.availableKernelModules = [ "autofs4" ]; # systemd needs this for some features
|
||||
boot.initrd.availableKernelModules = [
|
||||
"autofs4" # systemd needs this for some features
|
||||
"tpm-tis" "tpm-crb" # systemd-cryptenroll
|
||||
];
|
||||
|
||||
boot.initrd.systemd = {
|
||||
initrdBin = [pkgs.bash pkgs.coreutils cfg.package.kmod cfg.package] ++ config.system.fsPackages;
|
||||
|
@ -403,6 +406,17 @@ in {
|
|||
|
||||
# so NSS can look up usernames
|
||||
"${pkgs.glibc}/lib/libnss_files.so.2"
|
||||
] ++ optionals cfg.package.withCryptsetup [
|
||||
# tpm2 support
|
||||
"${cfg.package}/lib/cryptsetup/libcryptsetup-token-systemd-tpm2.so"
|
||||
pkgs.tpm2-tss
|
||||
|
||||
# fido2 support
|
||||
"${cfg.package}/lib/cryptsetup/libcryptsetup-token-systemd-fido2.so"
|
||||
"${pkgs.libfido2}/lib/libfido2.so.1"
|
||||
|
||||
# the unwrapped systemd-cryptsetup executable
|
||||
"${cfg.package}/lib/systemd/.systemd-cryptsetup-wrapped"
|
||||
] ++ jobScripts;
|
||||
|
||||
targets.initrd.aliases = ["default.target"];
|
||||
|
|
|
@ -82,6 +82,8 @@ in
|
|||
"dbus-org.freedesktop.import1.service"
|
||||
] ++ optionals config.systemd.package.withMachined [
|
||||
"dbus-org.freedesktop.machine1.service"
|
||||
] ++ optionals config.systemd.package.withPortabled [
|
||||
"dbus-org.freedesktop.portable1.service"
|
||||
] ++ [
|
||||
"dbus-org.freedesktop.login1.service"
|
||||
"user@.service"
|
||||
|
|
|
@ -45,7 +45,9 @@ let
|
|||
];
|
||||
|
||||
instanceOptions = {
|
||||
options = sharedOptions // {
|
||||
options =
|
||||
(getAttrs [ "enable" ] sharedOptions)
|
||||
// {
|
||||
execConfig = mkOption {
|
||||
default = {};
|
||||
example = { Parameters = "/bin/sh"; };
|
||||
|
|
|
@ -79,6 +79,7 @@ in
|
|||
|
||||
ln -s "${systemd}/example/tmpfiles.d/home.conf"
|
||||
ln -s "${systemd}/example/tmpfiles.d/journal-nocow.conf"
|
||||
ln -s "${systemd}/example/tmpfiles.d/portables.conf"
|
||||
ln -s "${systemd}/example/tmpfiles.d/static-nodes-permissions.conf"
|
||||
ln -s "${systemd}/example/tmpfiles.d/systemd.conf"
|
||||
ln -s "${systemd}/example/tmpfiles.d/systemd-nologin.conf"
|
||||
|
|
|
@ -720,7 +720,7 @@ in
|
|||
{ config =
|
||||
{ config, pkgs, ... }:
|
||||
{ services.postgresql.enable = true;
|
||||
services.postgresql.package = pkgs.postgresql_10;
|
||||
services.postgresql.package = pkgs.postgresql_14;
|
||||
|
||||
system.stateVersion = "21.05";
|
||||
};
|
||||
|
|
|
@ -600,8 +600,10 @@ in {
|
|||
systemd-cryptenroll = handleTest ./systemd-cryptenroll.nix {};
|
||||
systemd-escaping = handleTest ./systemd-escaping.nix {};
|
||||
systemd-initrd-btrfs-raid = handleTest ./systemd-initrd-btrfs-raid.nix {};
|
||||
systemd-initrd-luks-fido2 = handleTest ./systemd-initrd-luks-fido2.nix {};
|
||||
systemd-initrd-luks-keyfile = handleTest ./systemd-initrd-luks-keyfile.nix {};
|
||||
systemd-initrd-luks-password = handleTest ./systemd-initrd-luks-password.nix {};
|
||||
systemd-initrd-luks-tpm2 = handleTest ./systemd-initrd-luks-tpm2.nix {};
|
||||
systemd-initrd-modprobe = handleTest ./systemd-initrd-modprobe.nix {};
|
||||
systemd-initrd-shutdown = handleTest ./systemd-shutdown.nix { systemdStage1 = true; };
|
||||
systemd-initrd-simple = handleTest ./systemd-initrd-simple.nix {};
|
||||
|
@ -613,8 +615,10 @@ in {
|
|||
systemd-networkd-dhcpserver-static-leases = handleTest ./systemd-networkd-dhcpserver-static-leases.nix {};
|
||||
systemd-networkd-ipv6-prefix-delegation = handleTest ./systemd-networkd-ipv6-prefix-delegation.nix {};
|
||||
systemd-networkd-vrf = handleTest ./systemd-networkd-vrf.nix {};
|
||||
systemd-no-tainted = handleTest ./systemd-no-tainted.nix {};
|
||||
systemd-nspawn = handleTest ./systemd-nspawn.nix {};
|
||||
systemd-oomd = handleTest ./systemd-oomd.nix {};
|
||||
systemd-portabled = handleTest ./systemd-portabled.nix {};
|
||||
systemd-shutdown = handleTest ./systemd-shutdown.nix {};
|
||||
systemd-timesyncd = handleTest ./systemd-timesyncd.nix {};
|
||||
systemd-misc = handleTest ./systemd-misc.nix {};
|
||||
|
|
|
@ -28,7 +28,7 @@ let
|
|||
, withX11 ? false
|
||||
|
||||
# Extra flags to pass to gnome-desktop-testing-runner.
|
||||
, testRunnerFlags ? ""
|
||||
, testRunnerFlags ? []
|
||||
|
||||
# Extra attributes to pass to makeTest.
|
||||
# They will be recursively merged into the attrset created by this function.
|
||||
|
@ -67,7 +67,7 @@ let
|
|||
'' +
|
||||
''
|
||||
machine.succeed(
|
||||
"gnome-desktop-testing-runner ${testRunnerFlags} -d '${tested.installedTests}/share'"
|
||||
"gnome-desktop-testing-runner ${escapeShellArgs testRunnerFlags} -d '${tested.installedTests}/share'"
|
||||
)
|
||||
'';
|
||||
}
|
||||
|
|
|
@ -11,5 +11,5 @@ makeInstalledTest {
|
|||
virtualisation.diskSize = 2048;
|
||||
};
|
||||
|
||||
testRunnerFlags = "--timeout 3600";
|
||||
testRunnerFlags = [ "--timeout" "3600" ];
|
||||
}
|
||||
|
|
|
@ -13,5 +13,5 @@ makeInstalledTest {
|
|||
virtualisation.diskSize = 3072;
|
||||
};
|
||||
|
||||
testRunnerFlags = "--timeout 3600";
|
||||
testRunnerFlags = [ "--timeout" "3600" ];
|
||||
}
|
||||
|
|
|
@ -9,5 +9,5 @@ makeInstalledTest {
|
|||
virtualisation.memorySize = if pkgs.stdenv.isi686 then 2047 else 4096;
|
||||
};
|
||||
|
||||
testRunnerFlags = "--timeout 1800";
|
||||
testRunnerFlags = [ "--timeout" "1800" ];
|
||||
}
|
||||
|
|
|
@ -54,15 +54,15 @@ import ../make-test-python.nix ({ pkgs, lib, ... }:
|
|||
role = "server";
|
||||
package = pkgs.k3s;
|
||||
clusterInit = true;
|
||||
extraFlags = ''
|
||||
--disable coredns \
|
||||
--disable local-storage \
|
||||
--disable metrics-server \
|
||||
--disable servicelb \
|
||||
--disable traefik \
|
||||
--node-ip 192.168.1.1 \
|
||||
--pause-image test.local/pause:local
|
||||
'';
|
||||
extraFlags = builtins.toString [
|
||||
"--disable" "coredns"
|
||||
"--disable" "local-storage"
|
||||
"--disable" "metrics-server"
|
||||
"--disable" "servicelb"
|
||||
"--disable" "traefik"
|
||||
"--node-ip" "192.168.1.1"
|
||||
"--pause-image" "test.local/pause:local"
|
||||
];
|
||||
};
|
||||
networking.firewall.allowedTCPPorts = [ 2379 2380 6443 ];
|
||||
networking.firewall.allowedUDPPorts = [ 8472 ];
|
||||
|
@ -84,15 +84,15 @@ import ../make-test-python.nix ({ pkgs, lib, ... }:
|
|||
enable = true;
|
||||
serverAddr = "https://192.168.1.1:6443";
|
||||
clusterInit = false;
|
||||
extraFlags = ''
|
||||
--disable coredns \
|
||||
--disable local-storage \
|
||||
--disable metrics-server \
|
||||
--disable servicelb \
|
||||
--disable traefik \
|
||||
--node-ip 192.168.1.3 \
|
||||
--pause-image test.local/pause:local
|
||||
'';
|
||||
extraFlags = builtins.toString [
|
||||
"--disable" "coredns"
|
||||
"--disable" "local-storage"
|
||||
"--disable" "metrics-server"
|
||||
"--disable" "servicelb"
|
||||
"--disable" "traefik"
|
||||
"--node-ip" "192.168.1.3"
|
||||
"--pause-image" "test.local/pause:local"
|
||||
];
|
||||
};
|
||||
networking.firewall.allowedTCPPorts = [ 2379 2380 6443 ];
|
||||
networking.firewall.allowedUDPPorts = [ 8472 ];
|
||||
|
@ -112,7 +112,10 @@ import ../make-test-python.nix ({ pkgs, lib, ... }:
|
|||
enable = true;
|
||||
role = "agent";
|
||||
serverAddr = "https://192.168.1.3:6443";
|
||||
extraFlags = "--pause-image test.local/pause:local --node-ip 192.168.1.2";
|
||||
extraFlags = lib.toString [
|
||||
"--pause-image" "test.local/pause:local"
|
||||
"--node-ip" "192.168.1.2"
|
||||
];
|
||||
};
|
||||
networking.firewall.allowedTCPPorts = [ 6443 ];
|
||||
networking.firewall.allowedUDPPorts = [ 8472 ];
|
||||
|
|
|
@ -40,15 +40,14 @@ import ../make-test-python.nix ({ pkgs, lib, ... }:
|
|||
services.k3s.role = "server";
|
||||
services.k3s.package = pkgs.k3s;
|
||||
# Slightly reduce resource usage
|
||||
services.k3s.extraFlags = ''
|
||||
--disable coredns \
|
||||
--disable local-storage \
|
||||
--disable metrics-server \
|
||||
--disable servicelb \
|
||||
--disable traefik \
|
||||
--pause-image \
|
||||
test.local/pause:local
|
||||
'';
|
||||
services.k3s.extraFlags = builtins.toString [
|
||||
"--disable" "coredns"
|
||||
"--disable" "local-storage"
|
||||
"--disable" "metrics-server"
|
||||
"--disable" "servicelb"
|
||||
"--disable" "traefik"
|
||||
"--pause-image" "test.local/pause:local"
|
||||
];
|
||||
|
||||
users.users = {
|
||||
noprivs = {
|
||||
|
|
|
@ -3,6 +3,8 @@ let
|
|||
password2 = "helloworld";
|
||||
password3 = "bazqux";
|
||||
password4 = "asdf123";
|
||||
hashed_bcrypt = "$2b$05$8xIEflrk2RxQtcVXbGIxs.Vl0x7dF1/JSv3cyX6JJt0npzkTCWvxK"; # fnord
|
||||
hashed_yeshash = "$y$j9T$d8Z4EAf8P1SvM/aDFbxMS0$VnTXMp/Hnc7QdCBEaLTq5ZFOAFo2/PM0/xEAFuOE88."; # fnord
|
||||
in import ./make-test-python.nix ({ pkgs, ... }: {
|
||||
name = "shadow";
|
||||
meta = with pkgs.lib.maintainers; { maintainers = [ nequissimus ]; };
|
||||
|
@ -27,6 +29,16 @@ in import ./make-test-python.nix ({ pkgs, ... }: {
|
|||
password = password4;
|
||||
shell = pkgs.bash;
|
||||
};
|
||||
users.berta = {
|
||||
isNormalUser = true;
|
||||
hashedPassword = hashed_bcrypt;
|
||||
shell = pkgs.bash;
|
||||
};
|
||||
users.yesim = {
|
||||
isNormalUser = true;
|
||||
hashedPassword = hashed_yeshash;
|
||||
shell = pkgs.bash;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -115,5 +127,23 @@ in import ./make-test-python.nix ({ pkgs, ... }: {
|
|||
shadow.wait_until_succeeds("pgrep login")
|
||||
shadow.send_chars("${password2}\n")
|
||||
shadow.wait_until_tty_matches("5", "login:")
|
||||
|
||||
with subtest("check alternate password hashes"):
|
||||
shadow.send_key("alt-f6")
|
||||
shadow.wait_until_succeeds("[ $(fgconsole) = 6 ]")
|
||||
for u in ["berta", "yesim"]:
|
||||
shadow.wait_for_unit("getty@tty6.service")
|
||||
shadow.wait_until_succeeds("pgrep -f 'agetty.*tty6'")
|
||||
shadow.wait_until_tty_matches("6", "login: ")
|
||||
shadow.send_chars(f"{u}\n")
|
||||
shadow.wait_until_tty_matches("6", f"login: {u}")
|
||||
shadow.wait_until_succeeds("pgrep login")
|
||||
shadow.sleep(2)
|
||||
shadow.send_chars("fnord\n")
|
||||
shadow.send_chars(f"whoami > /tmp/{u}\n")
|
||||
shadow.wait_for_file(f"/tmp/{u}")
|
||||
print(shadow.succeed(f"cat /tmp/{u}"))
|
||||
assert u in shadow.succeed(f"cat /tmp/{u}")
|
||||
shadow.send_chars("logout\n")
|
||||
'';
|
||||
})
|
||||
|
|
45
nixos/tests/systemd-initrd-luks-fido2.nix
Normal file
45
nixos/tests/systemd-initrd-luks-fido2.nix
Normal file
|
@ -0,0 +1,45 @@
|
|||
import ./make-test-python.nix ({ lib, pkgs, ... }: {
|
||||
name = "systemd-initrd-luks-fido2";
|
||||
|
||||
nodes.machine = { pkgs, config, ... }: {
|
||||
# Use systemd-boot
|
||||
virtualisation = {
|
||||
emptyDiskImages = [ 512 ];
|
||||
useBootLoader = true;
|
||||
useEFIBoot = true;
|
||||
qemu.package = lib.mkForce (pkgs.qemu_test.override { canokeySupport = true; });
|
||||
qemu.options = [ "-device canokey,file=/tmp/canokey-file" ];
|
||||
};
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
|
||||
boot.initrd.systemd.enable = true;
|
||||
|
||||
environment.systemPackages = with pkgs; [ cryptsetup ];
|
||||
|
||||
specialisation.boot-luks.configuration = {
|
||||
boot.initrd.luks.devices = lib.mkVMOverride {
|
||||
cryptroot = {
|
||||
device = "/dev/vdc";
|
||||
crypttabExtraOpts = [ "fido2-device=auto" ];
|
||||
};
|
||||
};
|
||||
virtualisation.bootDevice = "/dev/mapper/cryptroot";
|
||||
};
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
# Create encrypted volume
|
||||
machine.wait_for_unit("multi-user.target")
|
||||
machine.succeed("echo -n supersecret | cryptsetup luksFormat -q --iter-time=1 /dev/vdc -")
|
||||
machine.succeed("PASSWORD=supersecret SYSTEMD_LOG_LEVEL=debug systemd-cryptenroll --fido2-device=auto /dev/vdc |& systemd-cat")
|
||||
|
||||
# Boot from the encrypted disk
|
||||
machine.succeed("bootctl set-default nixos-generation-1-specialisation-boot-luks.conf")
|
||||
machine.succeed("sync")
|
||||
machine.crash()
|
||||
|
||||
# Boot and decrypt the disk
|
||||
machine.wait_for_unit("multi-user.target")
|
||||
assert "/dev/mapper/cryptroot on / type ext4" in machine.succeed("mount")
|
||||
'';
|
||||
})
|
72
nixos/tests/systemd-initrd-luks-tpm2.nix
Normal file
72
nixos/tests/systemd-initrd-luks-tpm2.nix
Normal file
|
@ -0,0 +1,72 @@
|
|||
import ./make-test-python.nix ({ lib, pkgs, ... }: {
|
||||
name = "systemd-initrd-luks-tpm2";
|
||||
|
||||
nodes.machine = { pkgs, ... }: {
|
||||
# Use systemd-boot
|
||||
virtualisation = {
|
||||
emptyDiskImages = [ 512 ];
|
||||
useBootLoader = true;
|
||||
useEFIBoot = true;
|
||||
qemu.options = ["-chardev socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock -tpmdev emulator,id=tpm0,chardev=chrtpm -device tpm-tis,tpmdev=tpm0"];
|
||||
};
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
|
||||
boot.initrd.availableKernelModules = [ "tpm_tis" ];
|
||||
|
||||
environment.systemPackages = with pkgs; [ cryptsetup ];
|
||||
boot.initrd.systemd = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
specialisation.boot-luks.configuration = {
|
||||
boot.initrd.luks.devices = lib.mkVMOverride {
|
||||
cryptroot = {
|
||||
device = "/dev/vdc";
|
||||
crypttabExtraOpts = [ "tpm2-device=auto" ];
|
||||
};
|
||||
};
|
||||
virtualisation.bootDevice = "/dev/mapper/cryptroot";
|
||||
};
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
import subprocess
|
||||
import os
|
||||
import time
|
||||
|
||||
|
||||
class Tpm:
|
||||
def __init__(self):
|
||||
os.mkdir("/tmp/mytpm1")
|
||||
self.start()
|
||||
|
||||
def start(self):
|
||||
self.proc = subprocess.Popen(["${pkgs.swtpm}/bin/swtpm", "socket", "--tpmstate", "dir=/tmp/mytpm1", "--ctrl", "type=unixio,path=/tmp/mytpm1/swtpm-sock", "--log", "level=20", "--tpm2"])
|
||||
|
||||
def wait_for_death_then_restart(self):
|
||||
while self.proc.poll() is None:
|
||||
print("waiting for tpm to die")
|
||||
time.sleep(1)
|
||||
assert self.proc.returncode == 0
|
||||
self.start()
|
||||
|
||||
tpm = Tpm()
|
||||
|
||||
|
||||
# Create encrypted volume
|
||||
machine.wait_for_unit("multi-user.target")
|
||||
machine.succeed("echo -n supersecret | cryptsetup luksFormat -q --iter-time=1 /dev/vdc -")
|
||||
machine.succeed("PASSWORD=supersecret SYSTEMD_LOG_LEVEL=debug systemd-cryptenroll --tpm2-pcrs= --tpm2-device=auto /dev/vdc |& systemd-cat")
|
||||
|
||||
# Boot from the encrypted disk
|
||||
machine.succeed("bootctl set-default nixos-generation-1-specialisation-boot-luks.conf")
|
||||
machine.succeed("sync")
|
||||
machine.crash()
|
||||
|
||||
tpm.wait_for_death_then_restart()
|
||||
|
||||
# Boot and decrypt the disk
|
||||
machine.wait_for_unit("multi-user.target")
|
||||
assert "/dev/mapper/cryptroot on / type ext4" in machine.succeed("mount")
|
||||
'';
|
||||
})
|
14
nixos/tests/systemd-no-tainted.nix
Normal file
14
nixos/tests/systemd-no-tainted.nix
Normal file
|
@ -0,0 +1,14 @@
|
|||
import ./make-test-python.nix ({ pkgs, ... }: {
|
||||
name = "systemd-no-tainted";
|
||||
|
||||
nodes.machine = { };
|
||||
|
||||
testScript = ''
|
||||
machine.wait_for_unit("multi-user.target")
|
||||
with subtest("systemctl should not report tainted with unmerged-usr"):
|
||||
output = machine.succeed("systemctl status")
|
||||
print(output)
|
||||
assert "Tainted" not in output
|
||||
assert "unmerged-usr" not in output
|
||||
'';
|
||||
})
|
51
nixos/tests/systemd-portabled.nix
Normal file
51
nixos/tests/systemd-portabled.nix
Normal file
|
@ -0,0 +1,51 @@
|
|||
import ./make-test-python.nix ({pkgs, lib, ...}: let
|
||||
demo-program = pkgs.writeShellScriptBin "demo" ''
|
||||
while ${pkgs.coreutils}/bin/sleep 3; do
|
||||
echo Hello World > /dev/null
|
||||
done
|
||||
'';
|
||||
demo-service = pkgs.writeText "demo.service" ''
|
||||
[Unit]
|
||||
Description=demo service
|
||||
Requires=demo.socket
|
||||
After=demo.socket
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
ExecStart=${demo-program}/bin/demo
|
||||
Restart=always
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
Also=demo.socket
|
||||
'';
|
||||
demo-socket = pkgs.writeText "demo.socket" ''
|
||||
[Unit]
|
||||
Description=demo socket
|
||||
|
||||
[Socket]
|
||||
ListenStream=/run/demo.sock
|
||||
SocketMode=0666
|
||||
|
||||
[Install]
|
||||
WantedBy=sockets.target
|
||||
'';
|
||||
demo-portable = pkgs.portableService {
|
||||
pname = "demo";
|
||||
version = "1.0";
|
||||
description = ''A demo "Portable Service" for a shell program built with nix'';
|
||||
units = [ demo-service demo-socket ];
|
||||
};
|
||||
in {
|
||||
|
||||
name = "systemd-portabled";
|
||||
nodes.machine = {};
|
||||
testScript = ''
|
||||
machine.succeed("portablectl")
|
||||
machine.wait_for_unit("systemd-portabled.service")
|
||||
machine.succeed("portablectl attach --now --runtime ${demo-portable}/demo_1.0.raw")
|
||||
machine.wait_for_unit("demo.service")
|
||||
machine.succeed("portablectl detach --now --runtime demo_1.0")
|
||||
machine.fail("systemctl status demo.service")
|
||||
'';
|
||||
})
|
|
@ -15,7 +15,7 @@ stdenv.mkDerivation rec {
|
|||
|
||||
buildInputs = [ libsndfile ]
|
||||
++ lib.optional (!stdenv.isDarwin) alsa-lib
|
||||
++ lib.optional stdenv.isDarwin [ AppKit Carbon CoreAudio CoreMIDI CoreServices Kernel ];
|
||||
++ lib.optionals stdenv.isDarwin [ AppKit Carbon CoreAudio CoreMIDI CoreServices Kernel ];
|
||||
|
||||
patches = [ ./darwin-limits.patch ];
|
||||
|
||||
|
|
|
@ -1,4 +1,12 @@
|
|||
{ lib, stdenv, fetchurl, fetchpatch, libogg }:
|
||||
{ lib
|
||||
, stdenv
|
||||
, fetchurl
|
||||
, cmake
|
||||
, pkg-config
|
||||
, doxygen
|
||||
, graphviz
|
||||
, libogg
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "flac";
|
||||
|
@ -10,9 +18,25 @@ stdenv.mkDerivation rec {
|
|||
sha256 = "91303c3e5dfde52c3e94e75976c0ab3ee14ced278ab8f60033a3a12db9209ae6";
|
||||
};
|
||||
|
||||
buildInputs = [ libogg ];
|
||||
nativeBuildInputs = [
|
||||
cmake
|
||||
pkg-config
|
||||
doxygen
|
||||
graphviz
|
||||
];
|
||||
|
||||
#doCheck = true; # takes lots of time
|
||||
buildInputs = [
|
||||
libogg
|
||||
];
|
||||
|
||||
cmakeFlags = lib.optionals (!stdenv.hostPlatform.isStatic) [
|
||||
"-DBUILD_SHARED_LIBS=ON"
|
||||
];
|
||||
|
||||
CFLAGS = [ "-O3" "-funroll-loops" ];
|
||||
CXXFLAGS = [ "-O3" ];
|
||||
|
||||
# doCheck = true; # takes lots of time
|
||||
|
||||
outputs = [ "bin" "dev" "out" "man" "doc" ];
|
||||
|
||||
|
|
|
@ -29,7 +29,7 @@ stdenv.mkDerivation rec {
|
|||
++ lib.optionals stdenv.isDarwin [ Cocoa ]
|
||||
++ lib.optional jackaudioSupport libjack2;
|
||||
|
||||
cmakeFlags = lib.optional (!jackaudioSupport) [
|
||||
cmakeFlags = lib.optionals (!jackaudioSupport) [
|
||||
"-DRTAUDIO_USE_JACK=OFF"
|
||||
"-DRTMIDI_USE_JACK=OFF"
|
||||
"-DGO_USE_JACK=OFF"
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ lib, stdenv, fetchFromGitHub, cmake, pkg-config, qttools, wrapQtAppsHook
|
||||
, alsa-lib, dssi, fluidsynth, ladspaH, lash, libinstpatch, libjack2, liblo
|
||||
, libsamplerate, libsndfile, lilv, lrdf, lv2, qtsvg, rtaudio, rubberband, sord
|
||||
, libsamplerate, libsndfile, lilv, lrdf, lv2, qtsvg, rtaudio, rubberband, sord, serd
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
|
@ -25,6 +25,8 @@ stdenv.mkDerivation rec {
|
|||
libsamplerate libsndfile lilv lrdf lv2 qtsvg rtaudio rubberband sord
|
||||
];
|
||||
|
||||
NIX_CFLAGS_COMPILE = [ "-I${lib.getDev serd}/include/serd-0" ];
|
||||
|
||||
meta = with lib; {
|
||||
homepage = "https://muse-sequencer.github.io/";
|
||||
description = "MIDI/Audio sequencer with recording and editing capabilities";
|
||||
|
|
|
@ -26,7 +26,7 @@ stdenv.mkDerivation rec {
|
|||
aixlog popl soxr
|
||||
] ++ lib.optional pulseaudioSupport libpulseaudio
|
||||
++ lib.optional stdenv.isLinux alsa-lib
|
||||
++ lib.optional stdenv.isDarwin [darwin.apple_sdk.frameworks.IOKit darwin.apple_sdk.frameworks.AudioToolbox];
|
||||
++ lib.optionals stdenv.isDarwin [darwin.apple_sdk.frameworks.IOKit darwin.apple_sdk.frameworks.AudioToolbox];
|
||||
|
||||
TARGET=lib.optionalString stdenv.isDarwin "MACOS";
|
||||
|
||||
|
|
|
@ -18,13 +18,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "tagger";
|
||||
version = "2022.10.3";
|
||||
version = "2022.10.4";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "nlogozzo";
|
||||
repo = "NickvisionTagger";
|
||||
rev = version;
|
||||
hash = "sha256-dyp2XzTnDs08tTTbCnjWh061UXnH4Q0Gnt0jofgVm2U=";
|
||||
hash = "sha256-I4jhlz/dmS24nszP755xlYMF6aLhmAxlv6Td4xFbr3U=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
|
|
@ -2,11 +2,11 @@
|
|||
|
||||
let
|
||||
pname = "ledger-live-desktop";
|
||||
version = "2.48.0";
|
||||
version = "2.49.0";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://download.live.ledger.com/${pname}-${version}-linux-x86_64.AppImage";
|
||||
hash = "sha256-U5QOr76OMTABVb5kteB0FP3igwpXqh9q5XL7aY92UqI=";
|
||||
hash = "sha256-5HrPeLeMPh6hc1OLZVSPWMSV+ZwjgQyUmFCW+ZyYdCA=";
|
||||
};
|
||||
|
||||
appimageContents = appimageTools.extractType2 {
|
||||
|
|
|
@ -37,7 +37,7 @@ rustPlatform.buildRustPackage rec {
|
|||
|
||||
# Exclude some tests that don't work in the sandbox
|
||||
# - Nat test requires network access
|
||||
checkFlags = "--skip configuration::tests::should_resolve_external_nat_hosts";
|
||||
checkFlags = [ "--skip" "configuration::tests::should_resolve_external_nat_hosts" ];
|
||||
|
||||
meta = with lib; {
|
||||
broken = stdenv.isDarwin;
|
||||
|
|
|
@ -34,7 +34,7 @@ rustPlatform.buildRustPackage rec {
|
|||
|
||||
cargoSha256 = "sha256-mnfA0ecfmMMAy1TZeydbep6hCIu9yZQY7/c5hb1OMGc=";
|
||||
|
||||
buildInputs = lib.optional stdenv.isDarwin [ Security ];
|
||||
buildInputs = lib.optionals stdenv.isDarwin [ Security ];
|
||||
|
||||
nativeBuildInputs = [ clang ];
|
||||
|
||||
|
|
|
@ -1,8 +1,6 @@
|
|||
{ lib
|
||||
, stdenv
|
||||
, buildVimPluginFrom2Nix
|
||||
, buildLuarocksPackage
|
||||
, lua51Packages
|
||||
, lua
|
||||
, toVimPlugin
|
||||
}:
|
||||
let
|
||||
|
@ -19,16 +17,21 @@ in
|
|||
, ...
|
||||
}@attrs:
|
||||
let
|
||||
originalLuaDrv = lua51Packages.${luaAttr};
|
||||
luaDrv = lua51Packages.luaLib.overrideLuarocks originalLuaDrv (drv: {
|
||||
originalLuaDrv = lua.pkgs.${luaAttr};
|
||||
|
||||
luaDrv = (lua.pkgs.luaLib.overrideLuarocks originalLuaDrv (drv: {
|
||||
extraConfig = ''
|
||||
-- to create a flat hierarchy
|
||||
lua_modules_path = "lua"
|
||||
'';
|
||||
})).overrideAttrs (drv: {
|
||||
version = attrs.version;
|
||||
rockspecVersion = drv.rockspecVersion;
|
||||
});
|
||||
finalDrv = toVimPlugin (luaDrv.overrideAttrs(oa: {
|
||||
|
||||
finalDrv = toVimPlugin (luaDrv.overrideAttrs(oa: attrs // {
|
||||
nativeBuildInputs = oa.nativeBuildInputs or [] ++ [
|
||||
lua51Packages.luarocksMoveDataFolder
|
||||
lua.pkgs.luarocksMoveDataFolder
|
||||
];
|
||||
}));
|
||||
in
|
||||
|
|
|
@ -1,11 +1,11 @@
|
|||
{ lib
|
||||
, buildLuarocksPackage
|
||||
, callPackage
|
||||
, vimUtils
|
||||
, nodejs
|
||||
, neovim-unwrapped
|
||||
, bundlerEnv
|
||||
, ruby
|
||||
, lua
|
||||
, python3Packages
|
||||
, writeText
|
||||
, wrapNeovimUnstable
|
||||
|
@ -193,7 +193,7 @@ in
|
|||
inherit legacyWrapper;
|
||||
|
||||
buildNeovimPluginFrom2Nix = callPackage ./build-neovim-plugin.nix {
|
||||
inherit (vimUtils) buildVimPluginFrom2Nix toVimPlugin;
|
||||
inherit buildLuarocksPackage;
|
||||
inherit (vimUtils) toVimPlugin;
|
||||
inherit lua;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -85,7 +85,7 @@ in
|
|||
makeWrapper
|
||||
pandoc
|
||||
nodejs
|
||||
] ++ lib.optional (!server) [
|
||||
] ++ lib.optionals (!server) [
|
||||
copyDesktopItems
|
||||
];
|
||||
|
||||
|
@ -118,7 +118,7 @@ in
|
|||
"-DQUARTO_ENABLED=FALSE"
|
||||
"-DPANDOC_VERSION=${pandoc.version}"
|
||||
"-DCMAKE_INSTALL_PREFIX=${placeholder "out"}/lib/rstudio"
|
||||
] ++ lib.optional (!server) [
|
||||
] ++ lib.optionals (!server) [
|
||||
"-DQT_QMAKE_EXECUTABLE=${qmake}/bin/qmake"
|
||||
];
|
||||
|
||||
|
|
|
@ -109,7 +109,7 @@ in stdenv.mkDerivation rec {
|
|||
++ lib.optionals luaSupport [
|
||||
"--with-lua-prefix=${lua}"
|
||||
"--enable-luainterp"
|
||||
] ++ lib.optional lua.pkgs.isLuaJIT [
|
||||
] ++ lib.optionals lua.pkgs.isLuaJIT [
|
||||
"--with-luajit"
|
||||
]
|
||||
++ lib.optionals pythonSupport [
|
||||
|
|
|
@ -8,6 +8,12 @@
|
|||
}:
|
||||
|
||||
rec {
|
||||
addRtp = drv:
|
||||
drv // {
|
||||
rtp = lib.warn "`rtp` attribute is deprecated, use `outPath` instead." drv.outPath;
|
||||
overrideAttrs = f: addRtp (drv.overrideAttrs f);
|
||||
};
|
||||
|
||||
buildVimPlugin = attrs@{
|
||||
name ? "${attrs.pname}-${attrs.version}",
|
||||
namePrefix ? "vimplugin-",
|
||||
|
@ -36,9 +42,7 @@ rec {
|
|||
runHook postInstall
|
||||
'';
|
||||
});
|
||||
in toVimPlugin(drv.overrideAttrs(oa: {
|
||||
rtp = "${drv}";
|
||||
}));
|
||||
in addRtp (toVimPlugin drv);
|
||||
|
||||
buildVimPluginFrom2Nix = attrs: buildVimPlugin ({
|
||||
# vim plugins may override this
|
||||
|
|
|
@ -676,8 +676,6 @@ self: super: {
|
|||
|
||||
inherit parinfer-rust;
|
||||
|
||||
# plenary-nvim = super.toVimPlugin(luaPackages.plenary-nvim);
|
||||
|
||||
plenary-nvim = super.plenary-nvim.overrideAttrs (old: {
|
||||
postPatch = ''
|
||||
sed -Ei lua/plenary/curl.lua \
|
||||
|
|
|
@ -243,10 +243,10 @@ let
|
|||
*/
|
||||
plugImpl =
|
||||
''
|
||||
source ${vimPlugins.vim-plug.rtp}/plug.vim
|
||||
source ${vimPlugins.vim-plug}/plug.vim
|
||||
silent! call plug#begin('/dev/null')
|
||||
|
||||
'' + (lib.concatMapStringsSep "\n" (pkg: "Plug '${pkg.rtp}'") plug.plugins) + ''
|
||||
'' + (lib.concatMapStringsSep "\n" (pkg: "Plug '${pkg}'") plug.plugins) + ''
|
||||
|
||||
call plug#end()
|
||||
'';
|
||||
|
|
|
@ -17,7 +17,7 @@ stdenv.mkDerivation rec {
|
|||
--replace '-gvim}' '-@bin@/bin/vim -g}' \
|
||||
--replace '--cmd "let g:VM_Enabled = 1"' \
|
||||
'--cmd "let g:VM_Enabled = 1" --cmd "set rtp^=@rtp@" ${vimacsExtraArgs}' \
|
||||
--replace @rtp@ ${vimPlugins.vimacs.rtp} \
|
||||
--replace @rtp@ ${vimPlugins.vimacs} \
|
||||
--replace @bin@ ${vimPackage}
|
||||
for prog in vm gvm gvimacs vmdiff vimacsdiff
|
||||
do
|
||||
|
|
|
@ -65,7 +65,7 @@ let
|
|||
buildInputs = [ libsecret libXScrnSaver libxshmfence ]
|
||||
++ lib.optionals (!stdenv.isDarwin) ([ at-spi2-atk ] ++ atomEnv.packages);
|
||||
|
||||
runtimeDependencies = lib.optional stdenv.isLinux [ (lib.getLib systemd) fontconfig.lib libdbusmenu ];
|
||||
runtimeDependencies = lib.optionals stdenv.isLinux [ (lib.getLib systemd) fontconfig.lib libdbusmenu ];
|
||||
|
||||
nativeBuildInputs = [ unzip ]
|
||||
++ lib.optionals stdenv.isLinux [
|
||||
|
|
|
@ -676,7 +676,7 @@ in
|
|||
description = "Fast MegaDrive/MegaCD/32X emulator";
|
||||
license = "MAME";
|
||||
dontConfigure = true;
|
||||
makeFlags = lib.optional stdenv.hostPlatform.isAarch64 [ "platform=aarch64" ];
|
||||
makeFlags = lib.optionals stdenv.hostPlatform.isAarch64 [ "platform=aarch64" ];
|
||||
};
|
||||
|
||||
play = mkLibRetroCore {
|
||||
|
|
|
@ -9,10 +9,10 @@
|
|||
|
||||
let
|
||||
# Keep these separate so the update script can regex them
|
||||
rpcs3GitVersion = "14263-0737c788f";
|
||||
rpcs3Version = "0.0.24-14263-0737c788f";
|
||||
rpcs3Revision = "0737c788fc8b8b33d79c620065c5fc4990dbed80";
|
||||
rpcs3Sha256 = "1r7ibbzdmm5ikk0856hy46c8466liz5jsiqzcqvbdr8jbwdcdmg9";
|
||||
rpcs3GitVersion = "14289-0da81d22d";
|
||||
rpcs3Version = "0.0.24-14289-0da81d22d";
|
||||
rpcs3Revision = "0da81d22d340dca1ac098a9de5274641bdc77869";
|
||||
rpcs3Sha256 = "0qblfsdyngj8bb7g49am0q0mq5llwx3g4x4gi6h0jynk0d9j0ir0";
|
||||
|
||||
ittapi = fetchFromGitHub {
|
||||
owner = "intel";
|
||||
|
|
|
@ -40,8 +40,8 @@ stdenv.mkDerivation rec {
|
|||
NIX_LDFLAGS = lib.optionalString stdenv.hostPlatform.isMusl "-lfts";
|
||||
|
||||
makeFlags = [ "PREFIX=${placeholder "out"}" ]
|
||||
++ lib.optional withIcons [ "O_ICONS=1" ]
|
||||
++ lib.optional withNerdIcons [ "O_NERD=1" ];
|
||||
++ lib.optionals withIcons [ "O_ICONS=1" ]
|
||||
++ lib.optionals withNerdIcons [ "O_NERD=1" ];
|
||||
|
||||
binPath = lib.makeBinPath [ file which ];
|
||||
|
||||
|
|
|
@ -47,7 +47,7 @@ stdenv.mkDerivation rec {
|
|||
"-DGMT_INSTALL_MODULE_LINKS:BOOL=FALSE"
|
||||
"-DLICENSE_RESTRICTED=LGPL" # "GPL" and "no" also valid
|
||||
] ++ (with stdenv;
|
||||
lib.optional (!isDarwin) [
|
||||
lib.optionals (!isDarwin) [
|
||||
"-DFFTW3_ROOT=${fftwSinglePrec.dev}"
|
||||
"-DLAPACK_LIBRARY=${lapack}/lib/liblapack.so"
|
||||
"-DBLAS_LIBRARY=${blas}/lib/libblas.so"
|
||||
|
|
|
@ -23,7 +23,7 @@ mkDerivationWith python3Packages.buildPythonApplication rec {
|
|||
raven
|
||||
];
|
||||
|
||||
qtWrapperArgs = lib.optional archiveSupport [ "--prefix" "PATH" ":" "${ lib.makeBinPath [ p7zip ] }" ];
|
||||
qtWrapperArgs = lib.optionals archiveSupport [ "--prefix" "PATH" ":" "${ lib.makeBinPath [ p7zip ] }" ];
|
||||
|
||||
postFixup = ''
|
||||
wrapProgram $out/bin/kcc "''${qtWrapperArgs[@]}"
|
||||
|
|
|
@ -48,7 +48,7 @@ stdenv.mkDerivation rec {
|
|||
]
|
||||
++ lib.optional withLua lua;
|
||||
|
||||
buildFlags = "translations";
|
||||
buildFlags = [ "translations" ];
|
||||
|
||||
hardeningDisable = [ "format" ];
|
||||
|
||||
|
|
|
@ -47,7 +47,7 @@ stdenv.mkDerivation rec {
|
|||
nativeBuildInputs = [
|
||||
autoreconfHook
|
||||
autoconf-archive
|
||||
] ++ lib.optional enableOpusfile [
|
||||
] ++ lib.optionals enableOpusfile [
|
||||
# configure.ac uses pkg-config only to locate libopusfile
|
||||
pkg-config
|
||||
];
|
||||
|
|
|
@ -127,7 +127,7 @@ stdenv.mkDerivation rec {
|
|||
# Clang doesn't support "-export-dynamic"
|
||||
++ optional stdenv.cc.isClang "-DPYTHON_LINKFLAGS="
|
||||
++ optional jackaudioSupport "-DWITH_JACK=ON"
|
||||
++ optional cudaSupport [
|
||||
++ optionals cudaSupport [
|
||||
"-DWITH_CYCLES_CUDA_BINARIES=ON"
|
||||
"-DWITH_CYCLES_DEVICE_OPTIX=ON"
|
||||
"-DOPTIX_ROOT_DIR=${optix}"
|
||||
|
|
|
@ -1,19 +1,16 @@
|
|||
{ lib
|
||||
, buildPythonApplication
|
||||
, isPy3k
|
||||
, fetchFromGitHub
|
||||
, notmuch
|
||||
, pygobject3
|
||||
, gobject-introspection
|
||||
, libnotify
|
||||
, wrapGAppsHook
|
||||
, gtk3
|
||||
, python3
|
||||
}:
|
||||
|
||||
buildPythonApplication rec {
|
||||
python3.pkgs.buildPythonApplication rec {
|
||||
pname = "notifymuch";
|
||||
version = "0.1";
|
||||
disabled = !isPy3k;
|
||||
format = "setuptools";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "kspi";
|
||||
|
@ -24,11 +21,12 @@ buildPythonApplication rec {
|
|||
};
|
||||
|
||||
propagatedBuildInputs = [
|
||||
notmuch
|
||||
pygobject3
|
||||
libnotify
|
||||
gtk3
|
||||
];
|
||||
] ++ (with python3.pkgs; [
|
||||
notmuch
|
||||
pygobject3
|
||||
]);
|
||||
|
||||
nativeBuildInputs = [
|
||||
gobject-introspection
|
|
@ -5,6 +5,7 @@
|
|||
, ninja
|
||||
, unzip
|
||||
, wrapQtAppsHook
|
||||
, libxcrypt
|
||||
, qtbase
|
||||
, qttools
|
||||
, nixosTests
|
||||
|
@ -37,6 +38,7 @@ in gcc11Stdenv.mkDerivation {
|
|||
];
|
||||
|
||||
buildInputs = [
|
||||
libxcrypt
|
||||
qtbase
|
||||
];
|
||||
|
||||
|
|
|
@ -20,7 +20,7 @@ stdenv.mkDerivation rec {
|
|||
[ libev librsvg libpng libjpeg libtiff openssl xz bzip2 zlib ]
|
||||
++ optionals stdenv.isLinux [ gpm ]
|
||||
++ optionals enableX11 [ libX11 libXau libXt ]
|
||||
++ optional enableDirectFB [ directfb ];
|
||||
++ optionals enableDirectFB [ directfb ];
|
||||
|
||||
nativeBuildInputs = [ pkg-config bzip2 ];
|
||||
|
||||
|
|
|
@ -7,13 +7,13 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "arkade";
|
||||
version = "0.8.46";
|
||||
version = "0.8.47";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "alexellis";
|
||||
repo = "arkade";
|
||||
rev = version;
|
||||
sha256 = "sha256-ihSvhXJcvdx06Y1eET/eI/yeFx8k42yQrVEXWAkiJU8=";
|
||||
sha256 = "sha256-vKP/bexxXbhyJEa6ojLFw7ebDS+NYsZgq2jKtimbE3A=";
|
||||
};
|
||||
|
||||
CGO_ENABLED = 0;
|
||||
|
|
|
@ -2,16 +2,16 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "atmos";
|
||||
version = "1.10.2";
|
||||
version = "1.10.4";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "cloudposse";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-/rxGAfYjV5VzYs9h8eCpz5jhmW7jPdk1XB3bXHH+oQw=";
|
||||
sha256 = "sha256-ZNoucLjvj5nZxIDbzoAXtIx3TAg405+CaKBSLmC1PNM=";
|
||||
};
|
||||
|
||||
vendorSha256 = "sha256-/b764auKkZF0oMqNlXmsW9aB5gcq4WFQRFjsVhNDiB4=";
|
||||
vendorSha256 = "sha256-j4KvGLnFm3P9EUXxfRgsandKc0lJMs9ntBQacsEha2w=";
|
||||
|
||||
ldflags = [ "-s" "-w" "-X github.com/cloudposse/atmos/cmd.Version=v${version}" ];
|
||||
|
||||
|
|
|
@ -37,7 +37,7 @@ let
|
|||
doCheck = true;
|
||||
|
||||
nativeBuildInputs = [ makeWrapper ]
|
||||
++ optional (stdenv.isLinux && (nativeLibs != [ ] || libPatches != "")) [ autoPatchelfHook ];
|
||||
++ optionals (stdenv.isLinux && (nativeLibs != [ ] || libPatches != "")) [ autoPatchelfHook ];
|
||||
buildInputs = [ openssl ] ++ nativeLibs;
|
||||
|
||||
installPhase = ''
|
||||
|
|
|
@ -2,13 +2,13 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "kubeconform";
|
||||
version = "0.4.14";
|
||||
version = "0.5.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "yannh";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-iLZhd1e4i6omyGhOvRJ/VsHehpAPfPHnypXru5Ruv0o=";
|
||||
sha256 = "sha256-YLPF8tR50gtiA608TLctKX54a7qf8LXjbkMr/GPJBSc=";
|
||||
};
|
||||
|
||||
vendorSha256 = null;
|
||||
|
|
|
@ -2,13 +2,13 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "kubedb-cli";
|
||||
version = "0.28.0";
|
||||
version = "0.29.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "kubedb";
|
||||
repo = "cli";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-fSJ9IIuyOuKmpklw7uh1NKM3Pr5epJefYBJ3udeC5sE=";
|
||||
sha256 = "sha256-MVvhXvf/R7Cku8S4zbs1MlH4NuEwkxCsbbc2ASCF67c=";
|
||||
};
|
||||
|
||||
vendorSha256 = null;
|
||||
|
|
|
@ -8,16 +8,16 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "kubeone";
|
||||
version = "1.5.1";
|
||||
version = "1.5.2";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "kubermatic";
|
||||
repo = "kubeone";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-DGLbbIDX2JASre/AQ1eWStNeu4GHgRTQyzrJRTz5DyE=";
|
||||
sha256 = "sha256-8wYrDGykob1YLvtscQdL867vuRv8J83DC7AzvQVXVr8=";
|
||||
};
|
||||
|
||||
vendorSha256 = "sha256-w/uLR7wi28Ub7Nouxxg39NlD1OzyIE2oEP4D88Xbwu0=";
|
||||
vendorSha256 = "sha256-Y4eivDchnN2rtQWjFY3cFiJXRfj48UfVUKM/OLuWXGA=";
|
||||
|
||||
ldflags = [
|
||||
"-s -w"
|
||||
|
|
|
@ -2,13 +2,13 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "kubeseal";
|
||||
version = "0.19.0";
|
||||
version = "0.19.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "bitnami-labs";
|
||||
repo = "sealed-secrets";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-CQlyAgnEWeAfOn6xXeDFEGuSnaGZpGewg1tYYDCw8qE=";
|
||||
sha256 = "sha256-+WwxYnVW6rdZ+A4L2qLtXXaMWLC4ulEoP+vtdtkLvlE=";
|
||||
};
|
||||
|
||||
vendorSha256 = "sha256-505nUMuFteOfIurGYRGHqo9diTSEa56tmQZ3jIGtULQ=";
|
||||
|
|
|
@ -102,13 +102,13 @@
|
|||
"version": "2.24.1"
|
||||
},
|
||||
"aws": {
|
||||
"hash": "sha256-0oN4kbAm2j32VZhcPe62M8ILEBHxeujnTMgeToDsAe4=",
|
||||
"hash": "sha256-IWcENR7OnW2jFHsKTYLLPkZKqgeKdrQE0YceqZ9lduU=",
|
||||
"owner": "hashicorp",
|
||||
"provider-source-address": "registry.terraform.io/hashicorp/aws",
|
||||
"repo": "terraform-provider-aws",
|
||||
"rev": "v4.36.0",
|
||||
"vendorHash": "sha256-rIZUmZHeYJGdKSKjw14gbIH6mCEYbBe5VthnLXjqKJc=",
|
||||
"version": "4.36.0"
|
||||
"rev": "v4.36.1",
|
||||
"vendorHash": "sha256-CwrBNz1HzuTlmuh6fq/hLSi9bG7PUIFx6Fp8WoRdb/Q=",
|
||||
"version": "4.36.1"
|
||||
},
|
||||
"azuread": {
|
||||
"hash": "sha256-rj/ODxmuK0Ro1KVHh4onR/evtUdKzay9BpQDgrx+eNA=",
|
||||
|
@ -120,13 +120,13 @@
|
|||
"version": "2.29.0"
|
||||
},
|
||||
"azurerm": {
|
||||
"hash": "sha256-MWbw0E5TtqHaoU9nxeMVrUCPlRE73KYxvC6A6tMrjC0=",
|
||||
"hash": "sha256-ASZs5raOUCMRI+GzncADLtCtc5QJvPfGoQ67n8DiMMg=",
|
||||
"owner": "hashicorp",
|
||||
"provider-source-address": "registry.terraform.io/hashicorp/azurerm",
|
||||
"repo": "terraform-provider-azurerm",
|
||||
"rev": "v3.27.0",
|
||||
"rev": "v3.28.0",
|
||||
"vendorHash": null,
|
||||
"version": "3.27.0"
|
||||
"version": "3.28.0"
|
||||
},
|
||||
"azurestack": {
|
||||
"hash": "sha256-aSwVa7y1AJ6sExx+bO/93oLBNgSBDJjuPYPY8i3C9T0=",
|
||||
|
@ -777,13 +777,13 @@
|
|||
"version": "0.6.12"
|
||||
},
|
||||
"newrelic": {
|
||||
"hash": "sha256-Av6NIAjIfJbiOKr7y8bWCsLxToKn4eeroicWo7yu1PU=",
|
||||
"hash": "sha256-tbjb+K2QP8+MFyJLQ3ewS6ALg7MGdpBjxZIaSKSxbiw=",
|
||||
"owner": "newrelic",
|
||||
"provider-source-address": "registry.terraform.io/newrelic/newrelic",
|
||||
"repo": "terraform-provider-newrelic",
|
||||
"rev": "v3.5.1",
|
||||
"vendorHash": "sha256-1D66m18oWwuXgBIWstRWvjfy9iGrmO3gyVBucdPps2c=",
|
||||
"version": "3.5.1"
|
||||
"rev": "v3.5.2",
|
||||
"vendorHash": "sha256-lEFcR908CK4RSSO/3kbqQ/wse5HKaqveWUZbzUhUTMI=",
|
||||
"version": "3.5.2"
|
||||
},
|
||||
"nomad": {
|
||||
"hash": "sha256-oHY+jM4JQgLlE1wd+/H9H8H2g0e9ZuxI6OMlz3Izfjg=",
|
||||
|
@ -958,13 +958,13 @@
|
|||
"version": "1.7.0"
|
||||
},
|
||||
"rancher2": {
|
||||
"hash": "sha256-B+GBBjqKw+1rU8Y2SW1ly5ZXBbTxQNc0FewWKe1WaVI=",
|
||||
"hash": "sha256-TqztIk0sHevfv+BpNZJUs1XbwrbzJtcqdafGN5fTVaE=",
|
||||
"owner": "rancher",
|
||||
"provider-source-address": "registry.terraform.io/rancher/rancher2",
|
||||
"repo": "terraform-provider-rancher2",
|
||||
"rev": "v1.24.1",
|
||||
"vendorHash": "sha256-4dhDSaekq9xyhiXtzk5WL3RTL1phrMnwL66mL9ixijA=",
|
||||
"version": "1.24.1"
|
||||
"rev": "v1.24.2",
|
||||
"vendorHash": "sha256-Ntq4wxXPUGbu4+6X1pBsmQsqfJ/jccTiHDJeHVpWe8Y=",
|
||||
"version": "1.24.2"
|
||||
},
|
||||
"random": {
|
||||
"hash": "sha256-oYtvVK0OOHyLUG6amhkvmr6zlbzy0CKoS3DxztoLbdE=",
|
||||
|
@ -976,13 +976,13 @@
|
|||
"version": "3.4.3"
|
||||
},
|
||||
"remote": {
|
||||
"hash": "sha256-h6V2sd6j2HzIN1MVMBMqquM54fzmzHPcPfsP5t4bU1A=",
|
||||
"hash": "sha256-up4+W2mLii7alqdcBoMBTAWI5Vwfc1QtsDK592sAcDM=",
|
||||
"owner": "tenstad",
|
||||
"provider-source-address": "registry.terraform.io/tenstad/remote",
|
||||
"repo": "terraform-provider-remote",
|
||||
"rev": "v0.1.0",
|
||||
"vendorHash": "sha256-ckPs3iaFbmHbBnwRuYn9XdnGZsj+UoYK4OE/9B6Z6Kc=",
|
||||
"version": "0.1.0"
|
||||
"rev": "v0.1.1",
|
||||
"vendorHash": "sha256-dMT3PEYNu9NxwLmY5SHa79yeVSB8Pi3UBEHiGvGGVmU=",
|
||||
"version": "0.1.1"
|
||||
},
|
||||
"rundeck": {
|
||||
"hash": "sha256-GkX5p6hV66G45JG3aJmYD5e2LQvf6kmfa6fQK10tc68=",
|
||||
|
@ -994,13 +994,13 @@
|
|||
"version": "0.4.3"
|
||||
},
|
||||
"scaleway": {
|
||||
"hash": "sha256-MRZbVEUcjJL+leDCok1S+wsLW1N2IP76P0D7M8NzvHY=",
|
||||
"hash": "sha256-mo8zq/EdT6RrOxBAnWu1rhQpZ26DZcU7I/dMCUIHxBE=",
|
||||
"owner": "scaleway",
|
||||
"provider-source-address": "registry.terraform.io/scaleway/scaleway",
|
||||
"repo": "terraform-provider-scaleway",
|
||||
"rev": "v2.4.0",
|
||||
"vendorHash": "sha256-CEYDT2G/V+XeCwcQzJksNb4EVRzH0iiaWiaudhBiaLw=",
|
||||
"version": "2.4.0"
|
||||
"rev": "v2.5.0",
|
||||
"vendorHash": "sha256-CycLXG84Sfi1aciXn2darHIGfE6DpCYOHc7Op/0R26I=",
|
||||
"version": "2.5.0"
|
||||
},
|
||||
"secret": {
|
||||
"hash": "sha256-MmAnA/4SAPqLY/gYcJSTnEttQTsDd2kEdkQjQj6Bb+A=",
|
||||
|
@ -1275,13 +1275,13 @@
|
|||
"version": "2.11.4"
|
||||
},
|
||||
"wavefront": {
|
||||
"hash": "sha256-6hqVAg3YwkEDBpkgPQZQyrjHfKfRc8+iTZqMg2vBwJI=",
|
||||
"hash": "sha256-6uEEvTX0a+pZ9V+upBZOWH+IemEimVk9Jtfiz2UF5fI=",
|
||||
"owner": "vmware",
|
||||
"provider-source-address": "registry.terraform.io/vmware/wavefront",
|
||||
"repo": "terraform-provider-wavefront",
|
||||
"rev": "v3.2.0",
|
||||
"vendorHash": "sha256-0N2YWVnbGvD4YLdEtfdvAjhLY4zkj07GoXtFFPSD5Zk=",
|
||||
"version": "3.2.0"
|
||||
"rev": "v3.3.0",
|
||||
"vendorHash": "sha256-ib1Esx2AO7b9S+v+zzuATgSVHI3HVwbzEeyqhpBz1BQ=",
|
||||
"version": "3.3.0"
|
||||
},
|
||||
"yandex": {
|
||||
"hash": "sha256-WdiJD1gt56VDFe2qVKwiYOvneixaGRie6mrxdOCklQY=",
|
||||
|
|
|
@ -42,7 +42,7 @@ stdenv.mkDerivation rec {
|
|||
configureFlags = [ "--localstatedir=/var"
|
||||
"--disable-doc" "--disable-man"
|
||||
"--disable-update-ipsets" ] ++
|
||||
lib.optional onlyQOS [ "--disable-firehol" ];
|
||||
lib.optionals onlyQOS [ "--disable-firehol" ];
|
||||
|
||||
meta = with lib; {
|
||||
description = "A firewall for humans";
|
||||
|
|
|
@ -5,14 +5,14 @@
|
|||
|
||||
python3Packages.buildPythonApplication rec {
|
||||
pname = "flexget";
|
||||
version = "3.3.38";
|
||||
version = "3.3.39";
|
||||
|
||||
# Fetch from GitHub in order to use `requirements.in`
|
||||
src = fetchFromGitHub {
|
||||
owner = "flexget";
|
||||
repo = "flexget";
|
||||
rev = "refs/tags/v${version}";
|
||||
hash = "sha256-mOjI2pN/KEY//+i+2YmLjUqQwv223jYhu+KjPMRPAaw=";
|
||||
hash = "sha256-UJOV/KRJgy4r7iKWdlA8k51OLzMcfMHgFSvII/D5erA=";
|
||||
};
|
||||
|
||||
postPatch = ''
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
{ branch ? "stable", callPackage, fetchurl, lib, stdenv }:
|
||||
let
|
||||
versions = if stdenv.isLinux then {
|
||||
stable = "0.0.20";
|
||||
stable = "0.0.21";
|
||||
ptb = "0.0.29";
|
||||
canary = "0.0.140";
|
||||
} else {
|
||||
|
@ -14,7 +14,7 @@ let
|
|||
x86_64-linux = {
|
||||
stable = fetchurl {
|
||||
url = "https://dl.discordapp.net/apps/linux/${version}/discord-${version}.tar.gz";
|
||||
sha256 = "3f7yuxigEF3e8qhCetCHKBtV4XUHsx/iYiaCCXjspYw=";
|
||||
sha256 = "KDKUssPRrs/D10s5GhJ23hctatQmyqd27xS9nU7iNaM=";
|
||||
};
|
||||
ptb = fetchurl {
|
||||
url = "https://dl-ptb.discordapp.net/apps/linux/${version}/discord-ptb-${version}.tar.gz";
|
||||
|
|
|
@ -34,7 +34,7 @@ buildPythonApplication rec {
|
|||
peewee
|
||||
prompt-toolkit
|
||||
setuptools
|
||||
] ++ lib.optional enableDbusUi [
|
||||
] ++ lib.optionals enableDbusUi [
|
||||
dbus-python
|
||||
notify2
|
||||
pygobject3
|
||||
|
|
|
@ -16,7 +16,7 @@ perlPackages.buildPerlPackage rec {
|
|||
};
|
||||
|
||||
nativeBuildInputs = [ makeWrapper ]
|
||||
++ optional stdenv.isDarwin [ shortenPerlShebang ];
|
||||
++ optionals stdenv.isDarwin [ shortenPerlShebang ];
|
||||
|
||||
buildInputs = with perlPackages; [
|
||||
CryptPassphrase CryptPassphraseArgon2 CryptPassphraseBcrypt
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ lib, stdenv, fetchurl, openssl, ncurses, libiconv, tcl, coreutils, fetchpatch }:
|
||||
{ lib, stdenv, fetchurl, openssl, ncurses, libiconv, tcl, coreutils, fetchpatch, libxcrypt }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "epic5";
|
||||
|
@ -10,7 +10,7 @@ stdenv.mkDerivation rec {
|
|||
};
|
||||
|
||||
# Darwin needs libiconv, tcl; while Linux build don't
|
||||
buildInputs = [ openssl ncurses ]
|
||||
buildInputs = [ openssl ncurses libxcrypt ]
|
||||
++ lib.optionals stdenv.isDarwin [ libiconv tcl ];
|
||||
|
||||
patches = [
|
||||
|
|
|
@ -36,21 +36,21 @@ let
|
|||
in
|
||||
assert lib.all (p: p.enabled -> ! (builtins.elem null p.buildInputs)) plugins;
|
||||
stdenv.mkDerivation rec {
|
||||
version = "3.7";
|
||||
version = "3.7.1";
|
||||
pname = "weechat";
|
||||
|
||||
hardeningEnable = [ "pie" ];
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://weechat.org/files/src/weechat-${version}.tar.bz2";
|
||||
hash = "sha256-n5kvC//h85c4IvkrCVTz+F0DcCC5rdRkvj8W3fUPXI8=";
|
||||
hash = "sha256-ZtJi1NhE1agZWnAv6FCUeO1GDtuQnLTraA5nkwWiCqs=";
|
||||
};
|
||||
|
||||
outputs = [ "out" "man" ] ++ map (p: p.name) enabledPlugins;
|
||||
|
||||
cmakeFlags = with lib; [
|
||||
"-DENABLE_MAN=ON"
|
||||
"-DENABLE_DOC=OFF" # TODO(@ncfavier): Documentation fails to build, was deactivated to push through security update
|
||||
"-DENABLE_DOC=ON"
|
||||
"-DENABLE_TESTS=${if enableTests then "ON" else "OFF"}"
|
||||
]
|
||||
++ optionals stdenv.isDarwin ["-DICONV_LIBRARY=${libiconv}/lib/libiconv.dylib"]
|
||||
|
|
|
@ -15,7 +15,7 @@ with python3.pkgs; buildPythonApplication rec {
|
|||
|
||||
outputs = [
|
||||
"out"
|
||||
] ++ lib.optional withManpage [
|
||||
] ++ lib.optionals withManpage [
|
||||
"man"
|
||||
];
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
{lib, stdenv, fetchurl, ncurses, tcl, openssl, pam, libkrb5
|
||||
, openldap
|
||||
, openldap, libxcrypt
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
|
@ -12,7 +12,7 @@ stdenv.mkDerivation rec {
|
|||
};
|
||||
|
||||
buildInputs = [
|
||||
ncurses tcl openssl pam libkrb5 openldap
|
||||
ncurses tcl openssl pam libkrb5 openldap libxcrypt
|
||||
];
|
||||
|
||||
hardeningDisable = [ "format" ];
|
||||
|
|
|
@ -31,7 +31,7 @@ rustPlatform.buildRustPackage rec {
|
|||
|
||||
checkInputs = [ file ];
|
||||
|
||||
buildFeatures = lib.optional withNotmuch [ "notmuch" ];
|
||||
buildFeatures = lib.optionals withNotmuch [ "notmuch" ];
|
||||
|
||||
postInstall = ''
|
||||
mkdir -p $out/share/man/man1
|
||||
|
|
|
@ -25,11 +25,11 @@ stdenv.mkDerivation rec {
|
|||
gnutls
|
||||
gsasl
|
||||
libidn
|
||||
] ++ lib.optional stdenv.isDarwin [
|
||||
] ++ lib.optionals stdenv.isDarwin [
|
||||
Security
|
||||
];
|
||||
|
||||
configureFlags = lib.optional stdenv.isDarwin [
|
||||
configureFlags = lib.optionals stdenv.isDarwin [
|
||||
"--with-macosx-keyring"
|
||||
];
|
||||
|
||||
|
|
|
@ -2,16 +2,16 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "nali";
|
||||
version = "0.6.0";
|
||||
version = "0.7.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "zu1k";
|
||||
repo = "nali";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-WAYNSIv4/eJfjJLej7msgat8nRm4r+xidHrFvL/OocA=";
|
||||
sha256 = "sha256-NHTS9YajVjyAjSEQxMqyyY2Hwd30pjnIthZ+1jroqTE=";
|
||||
};
|
||||
|
||||
vendorSha256 = "sha256-YTzuOhJQN/BCgGQnA9sKNz0OIut/mCj1eXwfEh9gxTA=";
|
||||
vendorSha256 = "sha256-1sXG/xEzPVN1aRCsYqUee9aidT+ognZszOC7SR8YArw=";
|
||||
subPackages = [ "." ];
|
||||
|
||||
meta = with lib; {
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ lib, stdenv, fetchFromGitHub, libconfig, pkg-config, libevent, openssl }:
|
||||
{ lib, stdenv, fetchFromGitHub, libconfig, pkg-config, libevent, openssl, libxcrypt }:
|
||||
|
||||
stdenv.mkDerivation {
|
||||
pname = "nntp-proxy";
|
||||
|
@ -12,7 +12,7 @@ stdenv.mkDerivation {
|
|||
};
|
||||
|
||||
nativeBuildInputs = [ pkg-config ];
|
||||
buildInputs = [ libconfig libevent openssl ];
|
||||
buildInputs = [ libconfig libevent openssl libxcrypt ];
|
||||
|
||||
installFlags = [ "INSTALL_DIR=$(out)/bin/" ];
|
||||
|
||||
|
|
|
@ -4,6 +4,7 @@
|
|||
, gitUpdater
|
||||
, makeWrapper
|
||||
, openssh
|
||||
, libxcrypt
|
||||
}:
|
||||
|
||||
buildGoModule rec {
|
||||
|
@ -31,6 +32,7 @@ buildGoModule rec {
|
|||
};
|
||||
|
||||
nativeBuildInputs = [ makeWrapper ];
|
||||
buildInputs = [ libxcrypt ];
|
||||
|
||||
postInstall = ''
|
||||
wrapProgram $out/bin/agent --prefix PATH : ${lib.makeBinPath [ openssh ]}
|
||||
|
|
|
@ -27,7 +27,7 @@ stdenv.mkDerivation rec {
|
|||
|
||||
# Special flags needed on Darwin:
|
||||
# https://github.com/axkibe/lsyncd/blob/42413cabbedca429d55a5378f6e830f191f3cc86/INSTALL#L51
|
||||
cmakeFlags = lib.optional stdenv.isDarwin [ "-DWITH_INOTIFY=OFF" "-DWITH_FSEVENTS=ON" ];
|
||||
cmakeFlags = lib.optionals stdenv.isDarwin [ "-DWITH_INOTIFY=OFF" "-DWITH_FSEVENTS=ON" ];
|
||||
|
||||
dontUseCmakeBuildDir = true;
|
||||
|
||||
|
|
|
@ -5,16 +5,16 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "rclone";
|
||||
version = "1.59.2";
|
||||
version = "1.60.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = pname;
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-2/CwqjlVa5g4DAAc2v0KarqbsXCTSrzQKRzCHF72X+I=";
|
||||
sha256 = "sha256-UFA4mPzpHnyx6+tVw0QwhTlALdu8YLNAleWxXuFJczs=";
|
||||
};
|
||||
|
||||
vendorSha256 = "sha256-MZ5RtB4UGHPlMxyQ0VbX5iPpZw98oUuEhuMBDZcYiw8=";
|
||||
vendorSha256 = "sha256-si5fzyPQUUTKkm/UVt8xfpJGK/4F6GM4HuAg1R0hzqQ=";
|
||||
|
||||
subPackages = [ "." ];
|
||||
|
||||
|
|
|
@ -20,12 +20,12 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "rsync";
|
||||
version = "3.2.5";
|
||||
version = "3.2.6";
|
||||
|
||||
src = fetchurl {
|
||||
# signed with key 0048 C8B0 26D4 C96F 0E58 9C2F 6C85 9FB1 4B96 A8C5
|
||||
url = "mirror://samba/rsync/src/rsync-${version}.tar.gz";
|
||||
sha256 = "sha256-KsTSFjXN95GGe8N3w1ym3af1DZGaWL5FBX/VFgDGmro=";
|
||||
sha256 = "sha256-+zNlurJ4N9Qf6vQulnxXvTpHvI8Qdlo2ce/Wo4NUVNM=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ perl ];
|
||||
|
|
|
@ -36,8 +36,8 @@ stdenv.mkDerivation rec {
|
|||
(lib.enableFeature withTcl "tcl")
|
||||
(lib.withFeatureAs withTcl "tcl" "${tcl}/lib")
|
||||
(lib.enableFeature withCyrus "cyrus")
|
||||
] ++ optional (!withIPv6) [ "--disable-ipv6" ]
|
||||
++ optional withDebug [ "--enable-debug" ];
|
||||
] ++ optionals (!withIPv6) [ "--disable-ipv6" ]
|
||||
++ optionals withDebug [ "--enable-debug" ];
|
||||
|
||||
enableParallelBuilding = true;
|
||||
|
||||
|
|
|
@ -1,10 +1,11 @@
|
|||
{ lib, runCommand
|
||||
, libreoffice, dbus, bash, substituteAll
|
||||
, coreutils, gnugrep
|
||||
, dolphinTemplates ? true
|
||||
}:
|
||||
runCommand libreoffice.name {
|
||||
inherit (libreoffice) jdk meta;
|
||||
inherit dbus libreoffice bash;
|
||||
inherit coreutils dbus gnugrep libreoffice bash;
|
||||
} (''
|
||||
mkdir -p "$out/bin"
|
||||
substituteAll "${./wrapper.sh}" "$out/bin/soffice"
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
export JAVA_HOME="${JAVA_HOME:-@jdk@}"
|
||||
#export SAL_USE_VCLPLUGIN="${SAL_USE_VCLPLUGIN:-gen}"
|
||||
|
||||
if uname | grep Linux > /dev/null &&
|
||||
if "@coreutils@"/bin/uname | "@gnugrep@"/bin/grep Linux > /dev/null &&
|
||||
! ( test -n "$DBUS_SESSION_BUS_ADDRESS" ); then
|
||||
dbus_tmp_dir="/run/user/$(id -u)/libreoffice-dbus"
|
||||
if ! test -d "$dbus_tmp_dir" && test -d "/run"; then
|
||||
|
@ -25,7 +25,7 @@ for PROFILE in $NIX_PROFILES; do
|
|||
fi
|
||||
done
|
||||
|
||||
"@libreoffice@/bin/$(basename "$0")" "$@"
|
||||
"@libreoffice@/bin/$("@coreutils@"/bin/basename "$0")" "$@"
|
||||
code="$?"
|
||||
|
||||
test -n "$dbus_socket_dir" && { rm -rf "$dbus_socket_dir"; kill $dbus_pid; }
|
||||
|
|
|
@ -6,13 +6,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "limesuite";
|
||||
version = "22.09.0";
|
||||
version = "22.09.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "myriadrf";
|
||||
repo = "LimeSuite";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-HV0ejx7ImJ7GvAyCi0a7OPB0/2UiLQxxhYR2bc2uYCA=";
|
||||
sha256 = "sha256-t3v2lhPZ1L/HRRBwA3k1KfIpih6R4TUmBWaIm8sVGdY=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake ];
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue