b12f/nixpkgs
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Merge branch 'master' into f/activation

Browse source
This commit is contained in:
Peter Hoeg 2018-10-05 10:08:56 +08:00 committed by GitHub
parent 4dada63a17 8a4a732e99
commit c81d370bb9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
532 changed files with 8380 additions and 6182 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
doc/Makefile
View file

@ -69,7 +69,7 @@ highlightjs:
cp -r "$$HIGHLIGHTJS/loader.js" highlightjs/
manual-full.xml: ${MD_TARGETS} .version *.xml
manual-full.xml: ${MD_TARGETS} .version *.xml **/*.xml
xmllint --nonet --xinclude --noxincludenode manual.xml --output manual-full.xml
.version:

7
doc/cross-compilation.xml
View file

@ -47,9 +47,10 @@
<para>
In Nixpkgs, these three platforms are defined as attribute sets under the
names <literal>buildPlatform</literal>, <literal>hostPlatform</literal>, and
<literal>targetPlatform</literal>. They are always defined as attributes in
the standard environment. That means one can access them like:
names <literal>buildPlatform</literal>, <literal>hostPlatform</literal>,
and <literal>targetPlatform</literal>. They are always defined as
attributes in the standard environment. That means one can access them
like:
<programlisting>{ stdenv, fooDep, barDep, .. }: ...stdenv.buildPlatform...</programlisting>
.
</para>

1017
doc/functions.xml
View file

File diff suppressed because it is too large Load diff

21
doc/functions/debug.xml Normal file
View file

@ -0,0 +1,21 @@
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xml:id="sec-debug">
<title>Debugging Nix Expressions</title>
<para>
Nix is a unityped, dynamic language, this means every value can potentially
appear anywhere. Since it is also non-strict, evaluation order and what
ultimately is evaluated might surprise you. Therefore it is important to be
able to debug nix expressions.
</para>
<para>
In the <literal>lib/debug.nix</literal> file you will find a number of
functions that help (pretty-)printing values while evaluation is runnnig. You
can even specify how deep these values should be printed recursively, and
transform them on the fly. Please consult the docstrings in
<literal>lib/debug.nix</literal> for usage information.
</para>
</section>

564
doc/functions/dockertools.xml Normal file
View file

@ -0,0 +1,564 @@
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xml:id="sec-pkgs-dockerTools">
<title>pkgs.dockerTools</title>
<para>
<varname>pkgs.dockerTools</varname> is a set of functions for creating and
manipulating Docker images according to the
<link xlink:href="https://github.com/moby/moby/blob/master/image/spec/v1.2.md#docker-image-specification-v120">
Docker Image Specification v1.2.0 </link>. Docker itself is not used to
perform any of the operations done by these functions.
</para>
<warning>
<para>
The <varname>dockerTools</varname> API is unstable and may be subject to
backwards-incompatible changes in the future.
</para>
</warning>
<section xml:id="ssec-pkgs-dockerTools-buildImage">
<title>buildImage</title>
<para>
This function is analogous to the <command>docker build</command> command,
in that can used to build a Docker-compatible repository tarball containing
a single image with one or multiple layers. As such, the result is suitable
for being loaded in Docker with <command>docker load</command>.
</para>
<para>
The parameters of <varname>buildImage</varname> with relative example values
are described below:
</para>
<example xml:id='ex-dockerTools-buildImage'>
<title>Docker build</title>
<programlisting>
buildImage {
name = "redis"; <co xml:id='ex-dockerTools-buildImage-1' />
tag = "latest"; <co xml:id='ex-dockerTools-buildImage-2' />
fromImage = someBaseImage; <co xml:id='ex-dockerTools-buildImage-3' />
fromImageName = null; <co xml:id='ex-dockerTools-buildImage-4' />
fromImageTag = "latest"; <co xml:id='ex-dockerTools-buildImage-5' />
contents = pkgs.redis; <co xml:id='ex-dockerTools-buildImage-6' />
runAsRoot = '' <co xml:id='ex-dockerTools-buildImage-runAsRoot' />
#!${stdenv.shell}
mkdir -p /data
'';
config = { <co xml:id='ex-dockerTools-buildImage-8' />
Cmd = [ "/bin/redis-server" ];
WorkingDir = "/data";
Volumes = {
"/data" = {};
};
};
}
</programlisting>
</example>
<para>
The above example will build a Docker image <literal>redis/latest</literal>
from the given base image. Loading and running this image in Docker results
in <literal>redis-server</literal> being started automatically.
</para>
<calloutlist>
<callout arearefs='ex-dockerTools-buildImage-1'>
<para>
<varname>name</varname> specifies the name of the resulting image. This is
the only required argument for <varname>buildImage</varname>.
</para>
</callout>
<callout arearefs='ex-dockerTools-buildImage-2'>
<para>
<varname>tag</varname> specifies the tag of the resulting image. By
default it's <literal>null</literal>, which indicates that the nix output
hash will be used as tag.
</para>
</callout>
<callout arearefs='ex-dockerTools-buildImage-3'>
<para>
<varname>fromImage</varname> is the repository tarball containing the base
image. It must be a valid Docker image, such as exported by
<command>docker save</command>. By default it's <literal>null</literal>,
which can be seen as equivalent to <literal>FROM scratch</literal> of a
<filename>Dockerfile</filename>.
</para>
</callout>
<callout arearefs='ex-dockerTools-buildImage-4'>
<para>
<varname>fromImageName</varname> can be used to further specify the base
image within the repository, in case it contains multiple images. By
default it's <literal>null</literal>, in which case
<varname>buildImage</varname> will peek the first image available in the
repository.
</para>
</callout>
<callout arearefs='ex-dockerTools-buildImage-5'>
<para>
<varname>fromImageTag</varname> can be used to further specify the tag of
the base image within the repository, in case an image contains multiple
tags. By default it's <literal>null</literal>, in which case
<varname>buildImage</varname> will peek the first tag available for the
base image.
</para>
</callout>
<callout arearefs='ex-dockerTools-buildImage-6'>
<para>
<varname>contents</varname> is a derivation that will be copied in the new
layer of the resulting image. This can be similarly seen as <command>ADD
contents/ /</command> in a <filename>Dockerfile</filename>. By default
it's <literal>null</literal>.
</para>
</callout>
<callout arearefs='ex-dockerTools-buildImage-runAsRoot'>
<para>
<varname>runAsRoot</varname> is a bash script that will run as root in an
environment that overlays the existing layers of the base image with the
new resulting layer, including the previously copied
<varname>contents</varname> derivation. This can be similarly seen as
<command>RUN ...</command> in a <filename>Dockerfile</filename>.
<note>
<para>
Using this parameter requires the <literal>kvm</literal> device to be
available.
</para>
</note>
</para>
</callout>
<callout arearefs='ex-dockerTools-buildImage-8'>
<para>
<varname>config</varname> is used to specify the configuration of the
containers that will be started off the built image in Docker. The
available options are listed in the
<link xlink:href="https://github.com/moby/moby/blob/master/image/spec/v1.2.md#image-json-field-descriptions">
Docker Image Specification v1.2.0 </link>.
</para>
</callout>
</calloutlist>
<para>
After the new layer has been created, its closure (to which
<varname>contents</varname>, <varname>config</varname> and
<varname>runAsRoot</varname> contribute) will be copied in the layer itself.
Only new dependencies that are not already in the existing layers will be
copied.
</para>
<para>
At the end of the process, only one new single layer will be produced and
added to the resulting image.
</para>
<para>
The resulting repository will only list the single image
<varname>image/tag</varname>. In the case of
<xref linkend='ex-dockerTools-buildImage'/> it would be
<varname>redis/latest</varname>.
</para>
<para>
It is possible to inspect the arguments with which an image was built using
its <varname>buildArgs</varname> attribute.
</para>
<note>
<para>
If you see errors similar to <literal>getProtocolByName: does not exist (no
such protocol name: tcp)</literal> you may need to add
<literal>pkgs.iana-etc</literal> to <varname>contents</varname>.
</para>
</note>
<note>
<para>
If you see errors similar to <literal>Error_Protocol ("certificate has
unknown CA",True,UnknownCa)</literal> you may need to add
<literal>pkgs.cacert</literal> to <varname>contents</varname>.
</para>
</note>
<example xml:id="example-pkgs-dockerTools-buildImage-creation-date">
<title>Impurely Defining a Docker Layer's Creation Date</title>
<para>
By default <function>buildImage</function> will use a static date of one
second past the UNIX Epoch. This allows <function>buildImage</function> to
produce binary reproducible images. When listing images with
<command>docker list images</command>, the newly created images will be
listed like this:
</para>
<screen><![CDATA[
$ docker image list
REPOSITORY TAG IMAGE ID CREATED SIZE
hello latest 08c791c7846e 48 years ago 25.2MB
]]></screen>
<para>
You can break binary reproducibility but have a sorted, meaningful
<literal>CREATED</literal> column by setting <literal>created</literal> to
<literal>now</literal>.
</para>
<programlisting><![CDATA[
pkgs.dockerTools.buildImage {
name = "hello";
tag = "latest";
created = "now";
contents = pkgs.hello;
config.Cmd = [ "/bin/hello" ];
}
]]></programlisting>
<para>
and now the Docker CLI will display a reasonable date and sort the images
as expected:
<screen><![CDATA[
$ docker image list
REPOSITORY TAG IMAGE ID CREATED SIZE
hello latest de2bf4786de6 About a minute ago 25.2MB
]]></screen>
however, the produced images will not be binary reproducible.
</para>
</example>
</section>
<section xml:id="ssec-pkgs-dockerTools-buildLayeredImage">
<title>buildLayeredImage</title>
<para>
Create a Docker image with many of the store paths being on their own layer
to improve sharing between images.
</para>
<variablelist>
<varlistentry>
<term>
<varname>name</varname>
</term>
<listitem>
<para>
The name of the resulting image.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<varname>tag</varname> <emphasis>optional</emphasis>
</term>
<listitem>
<para>
Tag of the generated image.
</para>
<para>
<emphasis>Default:</emphasis> the output path's hash
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<varname>contents</varname> <emphasis>optional</emphasis>
</term>
<listitem>
<para>
Top level paths in the container. Either a single derivation, or a list
of derivations.
</para>
<para>
<emphasis>Default:</emphasis> <literal>[]</literal>
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<varname>config</varname> <emphasis>optional</emphasis>
</term>
<listitem>
<para>
Run-time configuration of the container. A full list of the options are
available at in the
<link xlink:href="https://github.com/moby/moby/blob/master/image/spec/v1.2.md#image-json-field-descriptions">
Docker Image Specification v1.2.0 </link>.
</para>
<para>
<emphasis>Default:</emphasis> <literal>{}</literal>
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<varname>created</varname> <emphasis>optional</emphasis>
</term>
<listitem>
<para>
Date and time the layers were created. Follows the same
<literal>now</literal> exception supported by
<literal>buildImage</literal>.
</para>
<para>
<emphasis>Default:</emphasis> <literal>1970-01-01T00:00:01Z</literal>
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<varname>maxLayers</varname> <emphasis>optional</emphasis>
</term>
<listitem>
<para>
Maximum number of layers to create.
</para>
<para>
<emphasis>Default:</emphasis> <literal>24</literal>
</para>
</listitem>
</varlistentry>
</variablelist>
<section xml:id="dockerTools-buildLayeredImage-arg-contents">
<title>Behavior of <varname>contents</varname> in the final image</title>
<para>
Each path directly listed in <varname>contents</varname> will have a
symlink in the root of the image.
</para>
<para>
For example:
<programlisting><![CDATA[
pkgs.dockerTools.buildLayeredImage {
name = "hello";
contents = [ pkgs.hello ];
}
]]></programlisting>
will create symlinks for all the paths in the <literal>hello</literal>
package:
<screen><![CDATA[
/bin/hello -> /nix/store/h1zb1padqbbb7jicsvkmrym3r6snphxg-hello-2.10/bin/hello
/share/info/hello.info -> /nix/store/h1zb1padqbbb7jicsvkmrym3r6snphxg-hello-2.10/share/info/hello.info
/share/locale/bg/LC_MESSAGES/hello.mo -> /nix/store/h1zb1padqbbb7jicsvkmrym3r6snphxg-hello-2.10/share/locale/bg/LC_MESSAGES/hello.mo
]]></screen>
</para>
</section>
<section xml:id="dockerTools-buildLayeredImage-arg-config">
<title>Automatic inclusion of <varname>config</varname> references</title>
<para>
The closure of <varname>config</varname> is automatically included in the
closure of the final image.
</para>
<para>
This allows you to make very simple Docker images with very little code.
This container will start up and run <command>hello</command>:
<programlisting><![CDATA[
pkgs.dockerTools.buildLayeredImage {
name = "hello";
config.Cmd = [ "${pkgs.hello}/bin/hello" ];
}
]]></programlisting>
</para>
</section>
<section xml:id="dockerTools-buildLayeredImage-arg-maxLayers">
<title>Adjusting <varname>maxLayers</varname></title>
<para>
Increasing the <varname>maxLayers</varname> increases the number of layers
which have a chance to be shared between different images.
</para>
<para>
Modern Docker installations support up to 128 layers, however older
versions support as few as 42.
</para>
<para>
If the produced image will not be extended by other Docker builds, it is
safe to set <varname>maxLayers</varname> to <literal>128</literal>. However
it will be impossible to extend the image further.
</para>
<para>
The first (<literal>maxLayers-2</literal>) most "popular" paths will have
their own individual layers, then layer #<literal>maxLayers-1</literal>
will contain all the remaining "unpopular" paths, and finally layer
#<literal>maxLayers</literal> will contain the Image configuration.
</para>
<para>
Docker's Layers are not inherently ordered, they are content-addressable
and are not explicitly layered until they are composed in to an Image.
</para>
</section>
</section>
<section xml:id="ssec-pkgs-dockerTools-fetchFromRegistry">
<title>pullImage</title>
<para>
This function is analogous to the <command>docker pull</command> command, in
that can be used to pull a Docker image from a Docker registry. By default
<link xlink:href="https://hub.docker.com/">Docker Hub</link> is used to pull
images.
</para>
<para>
Its parameters are described in the example below:
</para>
<example xml:id='ex-dockerTools-pullImage'>
<title>Docker pull</title>
<programlisting>
pullImage {
imageName = "nixos/nix"; <co xml:id='ex-dockerTools-pullImage-1' />
imageDigest = "sha256:20d9485b25ecfd89204e843a962c1bd70e9cc6858d65d7f5fadc340246e2116b"; <co xml:id='ex-dockerTools-pullImage-2' />
finalImageTag = "1.11"; <co xml:id='ex-dockerTools-pullImage-3' />
sha256 = "0mqjy3zq2v6rrhizgb9nvhczl87lcfphq9601wcprdika2jz7qh8"; <co xml:id='ex-dockerTools-pullImage-4' />
os = "linux"; <co xml:id='ex-dockerTools-pullImage-5' />
arch = "x86_64"; <co xml:id='ex-dockerTools-pullImage-6' />
}
</programlisting>
</example>
<calloutlist>
<callout arearefs='ex-dockerTools-pullImage-1'>
<para>
<varname>imageName</varname> specifies the name of the image to be
downloaded, which can also include the registry namespace (e.g.
<literal>nixos</literal>). This argument is required.
</para>
</callout>
<callout arearefs='ex-dockerTools-pullImage-2'>
<para>
<varname>imageDigest</varname> specifies the digest of the image to be
downloaded. Skopeo can be used to get the digest of an image, with its
<varname>inspect</varname> subcommand. Since a given
<varname>imageName</varname> may transparently refer to a manifest list of
images which support multiple architectures and/or operating systems,
supply the `--override-os` and `--override-arch` arguments to specify
exactly which image you want. By default it will match the OS and
architecture of the host the command is run on.
<programlisting>
$ nix-shell --packages skopeo jq --command "skopeo --override-os linux --override-arch x86_64 inspect docker://docker.io/nixos/nix:1.11 | jq -r '.Digest'"
sha256:20d9485b25ecfd89204e843a962c1bd70e9cc6858d65d7f5fadc340246e2116b
</programlisting>
This argument is required.
</para>
</callout>
<callout arearefs='ex-dockerTools-pullImage-3'>
<para>
<varname>finalImageTag</varname>, if specified, this is the tag of the
image to be created. Note it is never used to fetch the image since we
prefer to rely on the immutable digest ID. By default it's
<literal>latest</literal>.
</para>
</callout>
<callout arearefs='ex-dockerTools-pullImage-4'>
<para>
<varname>sha256</varname> is the checksum of the whole fetched image. This
argument is required.
</para>
</callout>
<callout arearefs='ex-dockerTools-pullImage-5'>
<para>
<varname>os</varname>, if specified, is the operating system of the
fetched image. By default it's <literal>linux</literal>.
</para>
</callout>
<callout arearefs='ex-dockerTools-pullImage-6'>
<para>
<varname>arch</varname>, if specified, is the cpu architecture of the
fetched image. By default it's <literal>x86_64</literal>.
</para>
</callout>
</calloutlist>
</section>
<section xml:id="ssec-pkgs-dockerTools-exportImage">
<title>exportImage</title>
<para>
This function is analogous to the <command>docker export</command> command,
in that can used to flatten a Docker image that contains multiple layers. It
is in fact the result of the merge of all the layers of the image. As such,
the result is suitable for being imported in Docker with <command>docker
import</command>.
</para>
<note>
<para>
Using this function requires the <literal>kvm</literal> device to be
available.
</para>
</note>
<para>
The parameters of <varname>exportImage</varname> are the following:
</para>
<example xml:id='ex-dockerTools-exportImage'>
<title>Docker export</title>
<programlisting>
exportImage {
fromImage = someLayeredImage;
fromImageName = null;
fromImageTag = null;
name = someLayeredImage.name;
}
</programlisting>
</example>
<para>
The parameters relative to the base image have the same synopsis as
described in <xref linkend='ssec-pkgs-dockerTools-buildImage'/>, except that
<varname>fromImage</varname> is the only required argument in this case.
</para>
<para>
The <varname>name</varname> argument is the name of the derivation output,
which defaults to <varname>fromImage.name</varname>.
</para>
</section>
<section xml:id="ssec-pkgs-dockerTools-shadowSetup">
<title>shadowSetup</title>
<para>
This constant string is a helper for setting up the base files for managing
users and groups, only if such files don't exist already. It is suitable for
being used in a <varname>runAsRoot</varname>
<xref linkend='ex-dockerTools-buildImage-runAsRoot'/> script for cases like
in the example below:
</para>
<example xml:id='ex-dockerTools-shadowSetup'>
<title>Shadow base files</title>
<programlisting>
buildImage {
name = "shadow-basic";
runAsRoot = ''
#!${stdenv.shell}
${shadowSetup}
groupadd -r redis
useradd -r -g redis redis
mkdir /data
chown redis:redis /data
'';
}
</programlisting>
</example>
<para>
Creating base files like <literal>/etc/passwd</literal> or
<literal>/etc/login.defs</literal> are necessary for shadow-utils to
manipulate users and groups.
</para>
</section>
</section>

142
doc/functions/fhs-environments.xml Normal file
View file

@ -0,0 +1,142 @@
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xml:id="sec-fhs-environments">
<title>buildFHSUserEnv</title>
<para>
<function>buildFHSUserEnv</function> provides a way to build and run
FHS-compatible lightweight sandboxes. It creates an isolated root with bound
<filename>/nix/store</filename>, so its footprint in terms of disk space
needed is quite small. This allows one to run software which is hard or
unfeasible to patch for NixOS -- 3rd-party source trees with FHS assumptions,
games distributed as tarballs, software with integrity checking and/or
external self-updated binaries. It uses Linux namespaces feature to create
temporary lightweight environments which are destroyed after all child
processes exit, without root user rights requirement. Accepted arguments are:
</para>
<variablelist>
<varlistentry>
<term>
<literal>name</literal>
</term>
<listitem>
<para>
Environment name.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<literal>targetPkgs</literal>
</term>
<listitem>
<para>
Packages to be installed for the main host's architecture (i.e. x86_64 on
x86_64 installations). Along with libraries binaries are also installed.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<literal>multiPkgs</literal>
</term>
<listitem>
<para>
Packages to be installed for all architectures supported by a host (i.e.
i686 and x86_64 on x86_64 installations). Only libraries are installed by
default.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<literal>extraBuildCommands</literal>
</term>
<listitem>
<para>
Additional commands to be executed for finalizing the directory structure.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<literal>extraBuildCommandsMulti</literal>
</term>
<listitem>
<para>
Like <literal>extraBuildCommands</literal>, but executed only on multilib
architectures.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<literal>extraOutputsToInstall</literal>
</term>
<listitem>
<para>
Additional derivation outputs to be linked for both target and
multi-architecture packages.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<literal>extraInstallCommands</literal>
</term>
<listitem>
<para>
Additional commands to be executed for finalizing the derivation with
runner script.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<literal>runScript</literal>
</term>
<listitem>
<para>
A command that would be executed inside the sandbox and passed all the
command line arguments. It defaults to <literal>bash</literal>.
</para>
</listitem>
</varlistentry>
</variablelist>
<para>
One can create a simple environment using a <literal>shell.nix</literal> like
that:
</para>
<programlisting><![CDATA[
{ pkgs ? import <nixpkgs> {} }:
(pkgs.buildFHSUserEnv {
name = "simple-x11-env";
targetPkgs = pkgs: (with pkgs;
[ udev
alsaLib
]) ++ (with pkgs.xorg;
[ libX11
libXcursor
libXrandr
]);
multiPkgs = pkgs: (with pkgs;
[ udev
alsaLib
]);
runScript = "bash";
}).env
]]></programlisting>
<para>
Running <literal>nix-shell</literal> would then drop you into a shell with
these libraries and binaries available. You can use this to run closed-source
applications which expect FHS structure without hassles: simply change
<literal>runScript</literal> to the application path, e.g.
<filename>./bin/start.sh</filename> -- relative paths are supported.
</para>
</section>

89
doc/functions/generators.xml Normal file
View file

@ -0,0 +1,89 @@
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xml:id="sec-generators">
<title>Generators</title>
<para>
Generators are functions that create file formats from nix data structures,
e.g. for configuration files. There are generators available for:
<literal>INI</literal>, <literal>JSON</literal> and <literal>YAML</literal>
</para>
<para>
All generators follow a similar call interface: <code>generatorName
configFunctions data</code>, where <literal>configFunctions</literal> is an
attrset of user-defined functions that format nested parts of the content.
They each have common defaults, so often they do not need to be set manually.
An example is <code>mkSectionName ? (name: libStr.escape [ "[" "]" ]
name)</code> from the <literal>INI</literal> generator. It receives the name
of a section and sanitizes it. The default <literal>mkSectionName</literal>
escapes <literal>[</literal> and <literal>]</literal> with a backslash.
</para>
<para>
Generators can be fine-tuned to produce exactly the file format required by
your application/service. One example is an INI-file format which uses
<literal>: </literal> as separator, the strings
<literal>"yes"</literal>/<literal>"no"</literal> as boolean values and
requires all string values to be quoted:
</para>
<programlisting>
with lib;
let
customToINI = generators.toINI {
# specifies how to format a key/value pair
mkKeyValue = generators.mkKeyValueDefault {
# specifies the generated string for a subset of nix values
mkValueString = v:
if v == true then ''"yes"''
else if v == false then ''"no"''
else if isString v then ''"${v}"''
# and delegats all other values to the default generator
else generators.mkValueStringDefault {} v;
} ":";
};
# the INI file can now be given as plain old nix values
in customToINI {
main = {
pushinfo = true;
autopush = false;
host = "localhost";
port = 42;
};
mergetool = {
merge = "diff3";
};
}
</programlisting>
<para>
This will produce the following INI file as nix string:
</para>
<programlisting>
[main]
autopush:"no"
host:"localhost"
port:42
pushinfo:"yes"
str\:ange:"very::strange"
[mergetool]
merge:"diff3"
</programlisting>
<note>
<para>
Nix store paths can be converted to strings by enclosing a derivation
attribute like so: <code>"${drv}"</code>.
</para>
</note>
<para>
Detailed documentation for each generator can be found in
<literal>lib/generators.nix</literal>.
</para>
</section>

203
doc/functions/overrides.xml Normal file
View file

@ -0,0 +1,203 @@
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xml:id="sec-overrides">
<title>Overriding</title>
<para>
Sometimes one wants to override parts of <literal>nixpkgs</literal>, e.g.
derivation attributes, the results of derivations or even the whole package
set.
</para>
<section xml:id="sec-pkg-override">
<title>&lt;pkg&gt;.override</title>
<para>
The function <varname>override</varname> is usually available for all the
derivations in the nixpkgs expression (<varname>pkgs</varname>).
</para>
<para>
It is used to override the arguments passed to a function.
</para>
<para>
Example usages:
<programlisting>pkgs.foo.override { arg1 = val1; arg2 = val2; ... }</programlisting>
<programlisting>
import pkgs.path { overlays = [ (self: super: {
foo = super.foo.override { barSupport = true ; };
})]};
</programlisting>
<programlisting>
mypkg = pkgs.callPackage ./mypkg.nix {
mydep = pkgs.mydep.override { ... };
}
</programlisting>
</para>
<para>
In the first example, <varname>pkgs.foo</varname> is the result of a
function call with some default arguments, usually a derivation. Using
<varname>pkgs.foo.override</varname> will call the same function with the
given new arguments.
</para>
</section>
<section xml:id="sec-pkg-overrideAttrs">
<title>&lt;pkg&gt;.overrideAttrs</title>
<para>
The function <varname>overrideAttrs</varname> allows overriding the
attribute set passed to a <varname>stdenv.mkDerivation</varname> call,
producing a new derivation based on the original one. This function is
available on all derivations produced by the
<varname>stdenv.mkDerivation</varname> function, which is most packages in
the nixpkgs expression <varname>pkgs</varname>.
</para>
<para>
Example usage:
<programlisting>
helloWithDebug = pkgs.hello.overrideAttrs (oldAttrs: rec {
separateDebugInfo = true;
});
</programlisting>
</para>
<para>
In the above example, the <varname>separateDebugInfo</varname> attribute is
overridden to be true, thus building debug info for
<varname>helloWithDebug</varname>, while all other attributes will be
retained from the original <varname>hello</varname> package.
</para>
<para>
The argument <varname>oldAttrs</varname> is conventionally used to refer to
the attr set originally passed to <varname>stdenv.mkDerivation</varname>.
</para>
<note>
<para>
Note that <varname>separateDebugInfo</varname> is processed only by the
<varname>stdenv.mkDerivation</varname> function, not the generated, raw Nix
derivation. Thus, using <varname>overrideDerivation</varname> will not work
in this case, as it overrides only the attributes of the final derivation.
It is for this reason that <varname>overrideAttrs</varname> should be
preferred in (almost) all cases to <varname>overrideDerivation</varname>,
i.e. to allow using <varname>sdenv.mkDerivation</varname> to process input
arguments, as well as the fact that it is easier to use (you can use the
same attribute names you see in your Nix code, instead of the ones
generated (e.g. <varname>buildInputs</varname> vs
<varname>nativeBuildInputs</varname>, and involves less typing.
</para>
</note>
</section>
<section xml:id="sec-pkg-overrideDerivation">
<title>&lt;pkg&gt;.overrideDerivation</title>
<warning>
<para>
You should prefer <varname>overrideAttrs</varname> in almost all cases, see
its documentation for the reasons why.
<varname>overrideDerivation</varname> is not deprecated and will continue
to work, but is less nice to use and does not have as many abilities as
<varname>overrideAttrs</varname>.
</para>
</warning>
<warning>
<para>
Do not use this function in Nixpkgs as it evaluates a Derivation before
modifying it, which breaks package abstraction and removes error-checking
of function arguments. In addition, this evaluation-per-function
application incurs a performance penalty, which can become a problem if
many overrides are used. It is only intended for ad-hoc customisation, such
as in <filename>~/.config/nixpkgs/config.nix</filename>.
</para>
</warning>
<para>
The function <varname>overrideDerivation</varname> creates a new derivation
based on an existing one by overriding the original's attributes with the
attribute set produced by the specified function. This function is available
on all derivations defined using the <varname>makeOverridable</varname>
function. Most standard derivation-producing functions, such as
<varname>stdenv.mkDerivation</varname>, are defined using this function,
which means most packages in the nixpkgs expression,
<varname>pkgs</varname>, have this function.
</para>
<para>
Example usage:
<programlisting>
mySed = pkgs.gnused.overrideDerivation (oldAttrs: {
name = "sed-4.2.2-pre";
src = fetchurl {
url = ftp://alpha.gnu.org/gnu/sed/sed-4.2.2-pre.tar.bz2;
sha256 = "11nq06d131y4wmf3drm0yk502d2xc6n5qy82cg88rb9nqd2lj41k";
};
patches = [];
});
</programlisting>
</para>
<para>
In the above example, the <varname>name</varname>, <varname>src</varname>,
and <varname>patches</varname> of the derivation will be overridden, while
all other attributes will be retained from the original derivation.
</para>
<para>
The argument <varname>oldAttrs</varname> is used to refer to the attribute
set of the original derivation.
</para>
<note>
<para>
A package's attributes are evaluated *before* being modified by the
<varname>overrideDerivation</varname> function. For example, the
<varname>name</varname> attribute reference in <varname>url =
"mirror://gnu/hello/${name}.tar.gz";</varname> is filled-in *before* the
<varname>overrideDerivation</varname> function modifies the attribute set.
This means that overriding the <varname>name</varname> attribute, in this
example, *will not* change the value of the <varname>url</varname>
attribute. Instead, we need to override both the <varname>name</varname>
*and* <varname>url</varname> attributes.
</para>
</note>
</section>
<section xml:id="sec-lib-makeOverridable">
<title>lib.makeOverridable</title>
<para>
The function <varname>lib.makeOverridable</varname> is used to make the
result of a function easily customizable. This utility only makes sense for
functions that accept an argument set and return an attribute set.
</para>
<para>
Example usage:
<programlisting>
f = { a, b }: { result = a+b; };
c = lib.makeOverridable f { a = 1; b = 2; };
</programlisting>
</para>
<para>
The variable <varname>c</varname> is the value of the <varname>f</varname>
function applied with some default arguments. Hence the value of
<varname>c.result</varname> is <literal>3</literal>, in this example.
</para>
<para>
The variable <varname>c</varname> however also has some additional
functions, like <link linkend="sec-pkg-override">c.override</link> which can
be used to override the default arguments. In this example the value of
<varname>(c.override { a = 4; }).result</varname> is 6.
</para>
</section>
</section>

26
doc/functions/shell.xml Normal file
View file

@ -0,0 +1,26 @@
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xml:id="sec-pkgs-mkShell">
<title>pkgs.mkShell</title>
<para>
<function>pkgs.mkShell</function> is a special kind of derivation that is
only useful when using it combined with <command>nix-shell</command>. It will
in fact fail to instantiate when invoked with <command>nix-build</command>.
</para>
<section xml:id="sec-pkgs-mkShell-usage">
<title>Usage</title>
<programlisting><![CDATA[
{ pkgs ? import <nixpkgs> {} }:
pkgs.mkShell {
# this will make all the build inputs from hello and gnutar
# available to the shell environment
inputsFrom = with pkgs; [ hello gnutar ];
buildInputs = [ pkgs.gnumake ];
}
]]></programlisting>
</section>
</section>

81
doc/package-notes.xml
View file

@ -413,11 +413,8 @@ packageOverrides = pkgs: {
in your <filename>/etc/nixos/configuration.nix</filename>. You'll also need
<programlisting>hardware.pulseaudio.support32Bit = true;</programlisting>
if you are using PulseAudio - this will enable 32bit ALSA apps integration.
To use the Steam controller, you need to add
<programlisting>services.udev.extraRules = ''
SUBSYSTEM=="usb", ATTRS{idVendor}=="28de", MODE="0666"
KERNEL=="uinput", MODE="0660", GROUP="users", OPTIONS+="static_node=uinput"
'';</programlisting>
To use the Steam controller or other Steam supported controllers such as the DualShock 4 or Nintendo Switch Pro, you need to add
<programlisting>hardware.steam-hardware.enable = true;</programlisting>
to your configuration.
</para>
</section>
@ -671,8 +668,9 @@ overrides = self: super: rec {
plugins = with availablePlugins; [ python perl ];
}
}</programlisting>
If the <literal>configure</literal> function returns an attrset without the <literal>plugins</literal>
attribute, <literal>availablePlugins</literal> will be used automatically.
If the <literal>configure</literal> function returns an attrset without the
<literal>plugins</literal> attribute, <literal>availablePlugins</literal>
will be used automatically.
</para>
<para>
@ -706,9 +704,11 @@ overrides = self: super: rec {
}; }
</programlisting>
</para>
<para>
WeeChat allows to set defaults on startup using the <literal>--run-command</literal>.
The <literal>configure</literal> method can be used to pass commands to the program:
WeeChat allows to set defaults on startup using the
<literal>--run-command</literal>. The <literal>configure</literal> method
can be used to pass commands to the program:
<programlisting>weechat.override {
configure = { availablePlugins, ... }: {
init = ''
@ -717,12 +717,14 @@ overrides = self: super: rec {
'';
};
}</programlisting>
Further values can be added to the list of commands when running
<literal>weechat --run-command "your-commands"</literal>.
Further values can be added to the list of commands when running
<literal>weechat --run-command "your-commands"</literal>.
</para>
<para>
Additionally it's possible to specify scripts to be loaded when starting <literal>weechat</literal>.
These will be loaded before the commands from <literal>init</literal>:
Additionally it's possible to specify scripts to be loaded when starting
<literal>weechat</literal>. These will be loaded before the commands from
<literal>init</literal>:
<programlisting>weechat.override {
configure = { availablePlugins, ... }: {
scripts = with pkgs.weechatScripts; [
@ -734,11 +736,13 @@ overrides = self: super: rec {
};
}</programlisting>
</para>
<para>
In <literal>nixpkgs</literal> there's a subpackage which contains derivations for
WeeChat scripts. Such derivations expect a <literal>passthru.scripts</literal> attribute
which contains a list of all scripts inside the store path. Furthermore all scripts
have to live in <literal>$out/share</literal>. An exemplary derivation looks like this:
In <literal>nixpkgs</literal> there's a subpackage which contains
derivations for WeeChat scripts. Such derivations expect a
<literal>passthru.scripts</literal> attribute which contains a list of all
scripts inside the store path. Furthermore all scripts have to live in
<literal>$out/share</literal>. An exemplary derivation looks like this:
<programlisting>{ stdenv, fetchurl }:
stdenv.mkDerivation {
@ -817,20 +821,26 @@ citrix_receiver.override {
<section xml:id="sec-ibus-typing-booster">
<title>ibus-engines.typing-booster</title>
<para>This package is an ibus-based completion method to speed up typing.</para>
<para>
This package is an ibus-based completion method to speed up typing.
</para>
<section xml:id="sec-ibus-typing-booster-activate">
<title>Activating the engine</title>
<para>
IBus needs to be configured accordingly to activate <literal>typing-booster</literal>. The configuration
depends on the desktop manager in use. For detailed instructions, please refer to the
<link xlink:href="https://mike-fabian.github.io/ibus-typing-booster/documentation.html">upstream docs</link>.
IBus needs to be configured accordingly to activate
<literal>typing-booster</literal>. The configuration depends on the desktop
manager in use. For detailed instructions, please refer to the
<link xlink:href="https://mike-fabian.github.io/ibus-typing-booster/documentation.html">upstream
docs</link>.
</para>
<para>
On NixOS you need to explicitly enable <literal>ibus</literal> with given engines
before customizing your desktop to use <literal>typing-booster</literal>. This can be achieved
using the <literal>ibus</literal> module:
On NixOS you need to explicitly enable <literal>ibus</literal> with given
engines before customizing your desktop to use
<literal>typing-booster</literal>. This can be achieved using the
<literal>ibus</literal> module:
<programlisting>{ pkgs, ... }: {
i18n.inputMethod = {
enabled = "ibus";
@ -844,17 +854,20 @@ citrix_receiver.override {
<title>Using custom hunspell dictionaries</title>
<para>
The IBus engine is based on <literal>hunspell</literal> to support completion in many languages.
By default the dictionaries <literal>de-de</literal>, <literal>en-us</literal>, <literal>es-es</literal>,
<literal>it-it</literal>, <literal>sv-se</literal> and <literal>sv-fi</literal>
are in use. To add another dictionary, the package can be overridden like this:
The IBus engine is based on <literal>hunspell</literal> to support
completion in many languages. By default the dictionaries
<literal>de-de</literal>, <literal>en-us</literal>,
<literal>es-es</literal>, <literal>it-it</literal>,
<literal>sv-se</literal> and <literal>sv-fi</literal> are in use. To add
another dictionary, the package can be overridden like this:
<programlisting>ibus-engines.typing-booster.override {
langs = [ "de-at" "en-gb" ];
}</programlisting>
</para>
<para>
<emphasis>Note: each language passed to <literal>langs</literal> must be an attribute name in
<literal>pkgs.hunspellDicts</literal>.</emphasis>
<emphasis>Note: each language passed to <literal>langs</literal> must be an
attribute name in <literal>pkgs.hunspellDicts</literal>.</emphasis>
</para>
</section>
@ -862,10 +875,12 @@ citrix_receiver.override {
<title>Built-in emoji picker</title>
<para>
The <literal>ibus-engines.typing-booster</literal> package contains a program
named <literal>emoji-picker</literal>. To display all emojis correctly,
a special font such as <literal>noto-fonts-emoji</literal> is needed:
The <literal>ibus-engines.typing-booster</literal> package contains a
program named <literal>emoji-picker</literal>. To display all emojis
correctly, a special font such as <literal>noto-fonts-emoji</literal> is
needed:
</para>
<para>
On NixOS it can be installed using the following expression:
<programlisting>{ pkgs, ... }: {

22
doc/shell.section.md
View file

@ -1,22 +0,0 @@
---
title: pkgs.mkShell
author: zimbatm
date: 2017-10-30
---
# mkShell
pkgs.mkShell is a special kind of derivation that is only useful when using
it combined with nix-shell. It will in fact fail to instantiate when invoked
with nix-build.
## Usage
```nix
{ pkgs ? import <nixpkgs> {} }:
pkgs.mkShell {
# this will make all the build inputs from hello and gnutar available to the shell environment
inputsFrom = with pkgs; [ hello gnutar ];
buildInputs = [ pkgs.gnumake ];
}
```

39
lib/options.nix
View file

@ -8,7 +8,31 @@ with lib.strings;
rec {
# Returns true when the given argument is an option
#
# Examples:
# isOption 1 // => false
# isOption (mkOption {}) // => true
isOption = lib.isType "option";
# Creates an Option attribute set. mkOption accepts an attribute set with the following keys:
#
# default: Default value used when no definition is given in the configuration.
# defaultText: Textual representation of the default, for in the manual.
# example: Example value used in the manual.
# description: String describing the option.
# type: Option type, providing type-checking and value merging.
# apply: Function that converts the option value to something else.
# internal: Whether the option is for NixOS developers only.
# visible: Whether the option shows up in the manual.
# readOnly: Whether the option can be set only once
# options: Obsolete, used by types.optionSet.
#
# All keys default to `null` when not given.
#
# Examples:
# mkOption { } // => { _type = "option"; }
# mkOption { defaultText = "foo"; } // => { _type = "option"; defaultText = "foo"; }
mkOption =
{ default ? null # Default value used when no definition is given in the configuration.
, defaultText ? null # Textual representation of the default, for in the manual.
@ -24,6 +48,10 @@ rec {
} @ attrs:
attrs // { _type = "option"; };
# Creates a Option attribute set for a boolean value option i.e an option to be toggled on or off:
#
# Examples:
# mkEnableOption "foo" // => { _type = "option"; default = false; description = "Whether to enable foo."; example = true; type = { ... }; }
mkEnableOption = name: mkOption {
default = false;
example = true;
@ -74,7 +102,18 @@ rec {
else
val) (head defs).value defs;
# Extracts values of all "value" keys of the given list
#
# Examples:
# getValues [ { value = 1; } { value = 2; } ] // => [ 1 2 ]
# getValues [ ] // => [ ]
getValues = map (x: x.value);
# Extracts values of all "file" keys of the given list
#
# Examples:
# getFiles [ { file = "file1"; } { file = "file2"; } ] // => [ "file1" "file2" ]
# getFiles [ ] // => [ ]
getFiles = map (x: x.file);
# Generate documentation template from the list of option declaration like

4
lib/sources.nix
View file

@ -26,6 +26,10 @@ rec {
(type == "symlink" && lib.hasPrefix "result" baseName)
);
# Filters a source tree removing version control files and directories using cleanSourceWith
#
# Example:
# cleanSource ./.
cleanSource = src: cleanSourceWith { filter = cleanSourceFilter; inherit src; };
# Like `builtins.filterSource`, except it will compose with itself,

25
maintainers/maintainer-list.nix
View file

@ -1135,6 +1135,11 @@
github = "dtzWill";
name = "Will Dietz";
};
dysinger = {
email = "tim@dysinger.net";
github = "dysinger";
name = "Tim Dysinger";
};
dywedir = {
email = "dywedir@protonmail.ch";
github = "dywedir";
@ -1640,6 +1645,11 @@
github = "hamhut1066";
name = "Hamish Hutchings";
};
haslersn = {
email = "haslersn@fius.informatik.uni-stuttgart.de";
github = "haslersn";
name = "Sebastian Hasler";
};
havvy = {
email = "ryan.havvy@gmail.com";
github = "havvy";
@ -2437,6 +2447,11 @@
github = "ma27";
name = "Maximilian Bosch";
};
ma9e = {
email = "sean@lfo.team";
github = "ma9e";
name = "Sean Haugh";
};
madjar = {
email = "georges.dubus@compiletoi.net";
github = "madjar";
@ -3309,6 +3324,11 @@
github = "proglodyte";
name = "Proglodyte";
};
prusnak = {
email = "stick@gk2.sk";
github = "prusnak";
name = "Pavol Rusnak";
};
pshendry = {
email = "paul@pshendry.com";
github = "pshendry";
@ -4307,6 +4327,11 @@
github = "uri-canva";
name = "Uri Baghin";
};
uskudnik = {
email = "urban.skudnik@gmail.com";
github = "uskudnik";
name = "Urban Skudnik";
};
utdemir = {
email = "me@utdemir.com";
github = "utdemir";

2
nixos/doc/manual/Makefile
View file

@ -4,7 +4,7 @@ all: manual-combined.xml format
.PHONY: debug
debug: generated manual-combined.xml
manual-combined.xml: generated *.xml
manual-combined.xml: generated *.xml **/*.xml
rm -f ./manual-combined.xml
nix-shell --packages xmloscopy \
--run "xmloscopy --docbook5 ./manual.xml ./manual-combined.xml"

48
nixos/doc/manual/installation/installing-usb.xml
View file

@ -9,13 +9,12 @@
For systems without CD drive, the NixOS live CD can be booted from a USB
stick. You can use the <command>dd</command> utility to write the image:
<command>dd if=<replaceable>path-to-image</replaceable>
of=<replaceable>/dev/sdb</replaceable></command>. Be careful about specifying
of=<replaceable>/dev/sdX</replaceable></command>. Be careful about specifying
the correct drive; you can use the <command>lsblk</command> command to get a
list of block devices.
</para>
<para>
On macOS:
<note>
<title>On macOS</title>
<para>
<programlisting>
$ diskutil list
[..]
@ -26,43 +25,16 @@ $ diskutil unmountDisk diskN
Unmount of all volumes on diskN was successful
$ sudo dd bs=1m if=nix.iso of=/dev/rdiskN
</programlisting>
Using the 'raw' <command>rdiskN</command> device instead of
<command>diskN</command> completes in minutes instead of hours. After
<command>dd</command> completes, a GUI dialog "The disk you inserted was not
readable by this computer" will pop up, which can be ignored.
Using the 'raw' <command>rdiskN</command> device instead of
<command>diskN</command> completes in minutes instead of hours. After
<command>dd</command> completes, a GUI dialog "The disk you inserted was
not readable by this computer" will pop up, which can be ignored.
</para>
</note>
</para>
<para>
The <command>dd</command> utility will write the image verbatim to the drive,
making it the recommended option for both UEFI and non-UEFI installations.
For non-UEFI installations, you can alternatively use
<link xlink:href="http://unetbootin.sourceforge.net/">unetbootin</link>. If
you cannot use <command>dd</command> for a UEFI installation, you can also
mount the ISO, copy its contents verbatim to your drive, then either:
<itemizedlist>
<listitem>
<para>
Change the label of the disk partition to the label of the ISO (visible
with the blkid command), or
</para>
</listitem>
<listitem>
<para>
Edit <filename>loader/entries/nixos-livecd.conf</filename> on the drive
and change the <literal>root=</literal> field in the
<literal>options</literal> line to point to your drive (see the
documentation on <literal>root=</literal> in
<link xlink:href="https://www.kernel.org/doc/Documentation/admin-guide/kernel-parameters.txt">
the kernel documentation</link> for more details).
</para>
</listitem>
<listitem>
<para>
If you want to load the contents of the ISO to ram after bootin (So you
can remove the stick after bootup) you can append the parameter
<literal>copytoram</literal> to the <literal>options</literal> field.
</para>
</listitem>
</itemizedlist>
</para>
</section>

709
nixos/doc/manual/installation/installing.xml
View file

@ -4,60 +4,46 @@
version="5.0"
xml:id="sec-installation">
<title>Installing NixOS</title>
<para>
NixOS can be installed on BIOS or UEFI systems. The procedure for a UEFI
installation is by and large the same as a BIOS installation. The differences
are mentioned in the steps that follow.
</para>
<orderedlist>
<listitem>
<para>
Boot from the CD.
</para>
<variablelist>
<varlistentry>
<term>
UEFI systems
</term>
<listitem>
<para>
You should boot the live CD in UEFI mode (consult your specific
hardware's documentation for instructions). You may find the
<link xlink:href="http://www.rodsbooks.com/refind">rEFInd boot
manager</link> useful.
</para>
</listitem>
</varlistentry>
</variablelist>
</listitem>
<listitem>
<para>
The CD contains a basic NixOS installation. (It also contains Memtest86+,
useful if you want to test new hardware). When its finished booting, it
should have detected most of your hardware.
</para>
</listitem>
<listitem>
<para>
The NixOS manual is available on virtual console 8 (press Alt+F8 to access)
or by running <command>nixos-help</command>.
</para>
</listitem>
<listitem>
<para>
You get logged in as <literal>root</literal> (with empty password).
</para>
</listitem>
<listitem>
<para>
If you downloaded the graphical ISO image, you can run <command>systemctl
start display-manager</command> to start KDE. If you want to continue on
the terminal, you can use <command>loadkeys</command> to switch to your
preferred keyboard layout. (We even provide neo2 via <command>loadkeys de
neo</command>!)
</para>
</listitem>
<listitem>
<section xml:id="sec-installation-booting">
<title>Booting the system</title>
<para>
NixOS can be installed on BIOS or UEFI systems. The procedure for a UEFI
installation is by and large the same as a BIOS installation. The
differences are mentioned in the steps that follow.
</para>
<para>
The installation media can be burned to a CD, or now more commonly, "burned"
to a USB drive (see <xref linkend="sec-booting-from-usb"/>).
</para>
<para>
The installation media contains a basic NixOS installation. When its
finished booting, it should have detected most of your hardware.
</para>
<para>
The NixOS manual is available on virtual console 8 (press Alt+F8 to access)
or by running <command>nixos-help</command>.
</para>
<para>
You are logged-in automatically as <literal>root</literal>. (The
<literal>root</literal> user account has an empty password.)
</para>
<para>
If you downloaded the graphical ISO image, you can run <command>systemctl
start display-manager</command> to start KDE. If you want to continue on the
terminal, you can use <command>loadkeys</command> to switch to your
preferred keyboard layout. (We even provide neo2 via <command>loadkeys de
neo</command>!)
</para>
<section xml:id="sec-installation-booting-networking">
<title>Networking in the installer</title>
<para>
The boot process should have brought up networking (check <command>ip
a</command>). Networking is necessary for the installer, since it will
@ -65,58 +51,165 @@
binaries). Its best if you have a DHCP server on your network. Otherwise
configure networking manually using <command>ifconfig</command>.
</para>
<para>
To manually configure the network on the graphical installer, first disable
network-manager with <command>systemctl stop network-manager</command>.
</para>
<para>
To manually configure the wifi on the minimal installer, run
<command>wpa_supplicant -B -i interface -c &lt;(wpa_passphrase 'SSID'
'key')</command>.
</para>
</listitem>
<listitem>
<para>
If you would like to continue the installation from a different machine you
need to activate the SSH daemon via <literal>systemctl start
sshd</literal>. In order to be able to login you also need to set a
password for <literal>root</literal> using <literal>passwd</literal>.
</para>
</listitem>
<listitem>
</section>
</section>
<section xml:id="sec-installation-partitioning">
<title>Partitioning and formatting</title>
<para>
The NixOS installer doesnt do any partitioning or formatting, so you need
to do that yourself.
</para>
<para>
The NixOS installer ships with multiple partitioning tools. The examples
below use <command>parted</command>, but also provides
<command>fdisk</command>, <command>gdisk</command>,
<command>cfdisk</command>, and <command>cgdisk</command>.
</para>
<para>
The recommended partition scheme differs depending if the computer uses
<emphasis>Legacy Boot</emphasis> or <emphasis>UEFI</emphasis>.
</para>
<section xml:id="sec-installation-partitioning-UEFI">
<title>UEFI (GPT)</title>
<para>
The NixOS installer doesnt do any partitioning or formatting yet, so you
need to do that yourself. Use the following commands:
<itemizedlist>
Here's an example partition scheme for UEFI, using
<filename>/dev/sda</filename> as the device.
<note>
<para>
You can safely ignore <command>parted</command>'s informational message
about needing to update /etc/fstab.
</para>
</note>
</para>
<para>
<orderedlist>
<listitem>
<para>
For partitioning: <command>fdisk</command>.
<screen>
# fdisk /dev/sda # <lineannotation>(or whatever device you want to install on)</lineannotation>
-- for UEFI systems only
> n # <lineannotation>(create a new partition for /boot)</lineannotation>
> 3 # <lineannotation>(make it a partition number 3)</lineannotation>
> # <lineannotation>(press enter to accept the default)</lineannotation>
> +512M # <lineannotation>(the size of the UEFI boot partition)</lineannotation>
> t # <lineannotation>(change the partition type ...)</lineannotation>
> 3 # <lineannotation>(... of the boot partition ...)</lineannotation>
> 1 # <lineannotation>(... to 'UEFI System')</lineannotation>
-- for BIOS or UEFI systems
> n # <lineannotation>(create a new partition for /swap)</lineannotation>
> 2 # <lineannotation>(make it a partition number 2)</lineannotation>
> # <lineannotation>(press enter to accept the default)</lineannotation>
> +8G # <lineannotation>(the size of the swap partition, set to whatever you like)</lineannotation>
> n # <lineannotation>(create a new partition for /)</lineannotation>
> 1 # <lineannotation>(make it a partition number 1)</lineannotation>
> # <lineannotation>(press enter to accept the default)</lineannotation>
> # <lineannotation>(press enter to accept the default and use the rest of the remaining space)</lineannotation>
> a # <lineannotation>(make the partition bootable)</lineannotation>
> x # <lineannotation>(enter expert mode)</lineannotation>
> f # <lineannotation>(fix up the partition ordering)</lineannotation>
> r # <lineannotation>(exit expert mode)</lineannotation>
> w # <lineannotation>(write the partition table to disk and exit)</lineannotation></screen>
Create a <emphasis>GPT</emphasis> partition table.
<screen language="commands"># parted /dev/sda -- mklabel gpt</screen>
</para>
</listitem>
<listitem>
<para>
Add a <emphasis>swap</emphasis> partition. The size required will vary
according to needs, here a 8GiB one is created. The space left in front
(512MiB) will be used by the boot partition.
<screen language="commands"># parted /dev/sda -- mkpart primary linux-swap 512MiB 8.5GiB</screen>
<note>
<para>
The swap partition size rules are no different than for other Linux
distributions.
</para>
</note>
</para>
</listitem>
<listitem>
<para>
Next, add the <emphasis>root</emphasis> partition. This will fill the
remainder ending part of the disk.
<screen language="commands"># parted /dev/sda -- mkpart primary 8.5GiB -1MiB</screen>
</para>
</listitem>
<listitem>
<para>
Finally, the <emphasis>boot</emphasis> partition. NixOS by default uses
the ESP (EFI system partition) as its <emphasis>/boot</emphasis>
partition. It uses the initially reserved 512MiB at the start of the
disk.
<screen language="commands"># parted /dev/sda -- mkpart ESP fat32 1M 512MiB
# parted /dev/sda -- set 3 boot on</screen>
</para>
</listitem>
</orderedlist>
</para>
<para>
Once complete, you can follow with
<xref linkend="sec-installation-partitioning-formatting"/>.
</para>
</section>
<section xml:id="sec-installation-partitioning-MBR">
<title>Legacy Boot (MBR)</title>
<para>
Here's an example partition scheme for Legacy Boot, using
<filename>/dev/sda</filename> as the device.
<note>
<para>
You can safely ignore <command>parted</command>'s informational message
about needing to update /etc/fstab.
</para>
</note>
</para>
<para>
<orderedlist>
<listitem>
<para>
Create a <emphasis>MBR</emphasis> partition table.
<screen language="commands"># parted /dev/sda -- mklabel msdos</screen>
</para>
</listitem>
<listitem>
<para>
Add a <emphasis>swap</emphasis> partition. The size required will vary
according to needs, here a 8GiB one is created.
<screen language="commands"># parted /dev/sda -- mkpart primary linux-swap 1M 8GiB</screen>
<note>
<para>
The swap partition size rules are no different than for other Linux
distributions.
</para>
</note>
</para>
</listitem>
<listitem>
<para>
Finally, add the <emphasis>root</emphasis> partition. This will fill the
remainder of the disk.
<screen language="commands"># parted /dev/sda -- mkpart primary 8GiB -1s</screen>
</para>
</listitem>
</orderedlist>
</para>
<para>
Once complete, you can follow with
<xref linkend="sec-installation-partitioning-formatting"/>.
</para>
</section>
<section xml:id="sec-installation-partitioning-formatting">
<title>Formatting</title>
<para>
Use the following commands:
<itemizedlist>
<listitem>
<para>
For initialising Ext4 partitions: <command>mkfs.ext4</command>. It is
@ -169,242 +262,249 @@
</listitem>
</itemizedlist>
</para>
</listitem>
<listitem>
<para>
Mount the target file system on which NixOS should be installed on
<filename>/mnt</filename>, e.g.
</section>
</section>
<section xml:id="sec-installation-installing">
<title>Installing</title>
<orderedlist>
<listitem>
<para>
Mount the target file system on which NixOS should be installed on
<filename>/mnt</filename>, e.g.
<screen>
# mount /dev/disk/by-label/nixos /mnt
</screen>
</para>
</listitem>
<listitem>
<variablelist>
<varlistentry>
<term>
UEFI systems
</term>
<listitem>
<para>
Mount the boot file system on <filename>/mnt/boot</filename>, e.g.
</para>
</listitem>
<listitem>
<variablelist>
<varlistentry>
<term>
UEFI systems
</term>
<listitem>
<para>
Mount the boot file system on <filename>/mnt/boot</filename>, e.g.
<screen>
# mkdir -p /mnt/boot
# mount /dev/disk/by-label/boot /mnt/boot
</screen>
</para>
</listitem>
</varlistentry>
</variablelist>
</listitem>
<listitem>
<para>
If your machine has a limited amount of memory, you may want to activate
swap devices now (<command>swapon
<replaceable>device</replaceable></command>). The installer (or rather, the
build actions that it may spawn) may need quite a bit of RAM, depending on
your configuration.
</para>
</listitem>
</varlistentry>
</variablelist>
</listitem>
<listitem>
<para>
If your machine has a limited amount of memory, you may want to activate
swap devices now (<command>swapon
<replaceable>device</replaceable></command>). The installer (or rather,
the build actions that it may spawn) may need quite a bit of RAM,
depending on your configuration.
<screen>
# swapon /dev/sda2</screen>
</para>
</listitem>
<listitem>
<para>
You now need to create a file
<filename>/mnt/etc/nixos/configuration.nix</filename> that specifies the
intended configuration of the system. This is because NixOS has a
<emphasis>declarative</emphasis> configuration model: you create or edit a
description of the desired configuration of your system, and then NixOS
takes care of making it happen. The syntax of the NixOS configuration file
is described in <xref linkend="sec-configuration-syntax"/>, while a list of
available configuration options appears in
<xref
</para>
</listitem>
<listitem>
<para>
You now need to create a file
<filename>/mnt/etc/nixos/configuration.nix</filename> that specifies the
intended configuration of the system. This is because NixOS has a
<emphasis>declarative</emphasis> configuration model: you create or edit a
description of the desired configuration of your system, and then NixOS
takes care of making it happen. The syntax of the NixOS configuration file
is described in <xref linkend="sec-configuration-syntax"/>, while a list
of available configuration options appears in
<xref
linkend="ch-options"/>. A minimal example is shown in
<xref
<xref
linkend="ex-config"/>.
</para>
<para>
The command <command>nixos-generate-config</command> can generate an
initial configuration file for you:
</para>
<para>
The command <command>nixos-generate-config</command> can generate an
initial configuration file for you:
<screen>
# nixos-generate-config --root /mnt</screen>
You should then edit <filename>/mnt/etc/nixos/configuration.nix</filename>
to suit your needs:
You should then edit <filename>/mnt/etc/nixos/configuration.nix</filename>
to suit your needs:
<screen>
# nano /mnt/etc/nixos/configuration.nix
</screen>
If youre using the graphical ISO image, other editors may be available
(such as <command>vim</command>). If you have network access, you can also
install other editors — for instance, you can install Emacs by running
<literal>nix-env -i emacs</literal>.
</para>
<variablelist>
<varlistentry>
<term>
BIOS systems
</term>
<listitem>
<para>
You <emphasis>must</emphasis> set the option
<xref linkend="opt-boot.loader.grub.device"/> to specify on which disk
the GRUB boot loader is to be installed. Without it, NixOS cannot boot.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
UEFI systems
</term>
<listitem>
<para>
You <emphasis>must</emphasis> set the option
<xref linkend="opt-boot.loader.systemd-boot.enable"/> to
<literal>true</literal>. <command>nixos-generate-config</command> should
do this automatically for new configurations when booted in UEFI mode.
</para>
<para>
You may want to look at the options starting with
<option><link linkend="opt-boot.loader.efi.canTouchEfiVariables">boot.loader.efi</link></option>
and
<option><link linkend="opt-boot.loader.systemd-boot.enable">boot.loader.systemd</link></option>
as well.
</para>
</listitem>
</varlistentry>
</variablelist>
<para>
If there are other operating systems running on the machine before
installing NixOS, the <xref linkend="opt-boot.loader.grub.useOSProber"/>
option can be set to <literal>true</literal> to automatically add them to
the grub menu.
</para>
<para>
Another critical option is <option>fileSystems</option>, specifying the
file systems that need to be mounted by NixOS. However, you typically
dont need to set it yourself, because
<command>nixos-generate-config</command> sets it automatically in
<filename>/mnt/etc/nixos/hardware-configuration.nix</filename> from your
currently mounted file systems. (The configuration file
<filename>hardware-configuration.nix</filename> is included from
<filename>configuration.nix</filename> and will be overwritten by future
invocations of <command>nixos-generate-config</command>; thus, you
generally should not modify it.)
</para>
<note>
<para>
Depending on your hardware configuration or type of file system, you may
need to set the option <option>boot.initrd.kernelModules</option> to
include the kernel modules that are necessary for mounting the root file
system, otherwise the installed system will not be able to boot. (If this
happens, boot from the CD again, mount the target file system on
<filename>/mnt</filename>, fix
<filename>/mnt/etc/nixos/configuration.nix</filename> and rerun
<filename>nixos-install</filename>.) In most cases,
<command>nixos-generate-config</command> will figure out the required
modules.
If youre using the graphical ISO image, other editors may be available
(such as <command>vim</command>). If you have network access, you can also
install other editors — for instance, you can install Emacs by running
<literal>nix-env -i emacs</literal>.
</para>
</note>
</listitem>
<listitem>
<para>
Do the installation:
<variablelist>
<varlistentry>
<term>
BIOS systems
</term>
<listitem>
<para>
You <emphasis>must</emphasis> set the option
<xref linkend="opt-boot.loader.grub.device"/> to specify on which disk
the GRUB boot loader is to be installed. Without it, NixOS cannot boot.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
UEFI systems
</term>
<listitem>
<para>
You <emphasis>must</emphasis> set the option
<xref linkend="opt-boot.loader.systemd-boot.enable"/> to
<literal>true</literal>. <command>nixos-generate-config</command>
should do this automatically for new configurations when booted in UEFI
mode.
</para>
<para>
You may want to look at the options starting with
<option><link linkend="opt-boot.loader.efi.canTouchEfiVariables">boot.loader.efi</link></option>
and
<option><link linkend="opt-boot.loader.systemd-boot.enable">boot.loader.systemd</link></option>
as well.
</para>
</listitem>
</varlistentry>
</variablelist>
<para>
If there are other operating systems running on the machine before
installing NixOS, the <xref linkend="opt-boot.loader.grub.useOSProber"/>
option can be set to <literal>true</literal> to automatically add them to
the grub menu.
</para>
<para>
Another critical option is <option>fileSystems</option>, specifying the
file systems that need to be mounted by NixOS. However, you typically
dont need to set it yourself, because
<command>nixos-generate-config</command> sets it automatically in
<filename>/mnt/etc/nixos/hardware-configuration.nix</filename> from your
currently mounted file systems. (The configuration file
<filename>hardware-configuration.nix</filename> is included from
<filename>configuration.nix</filename> and will be overwritten by future
invocations of <command>nixos-generate-config</command>; thus, you
generally should not modify it.)
</para>
<note>
<para>
Depending on your hardware configuration or type of file system, you may
need to set the option <option>boot.initrd.kernelModules</option> to
include the kernel modules that are necessary for mounting the root file
system, otherwise the installed system will not be able to boot. (If this
happens, boot from the installation media again, mount the target file
system on <filename>/mnt</filename>, fix
<filename>/mnt/etc/nixos/configuration.nix</filename> and rerun
<filename>nixos-install</filename>.) In most cases,
<command>nixos-generate-config</command> will figure out the required
modules.
</para>
</note>
</listitem>
<listitem>
<para>
Do the installation:
<screen>
# nixos-install</screen>
Cross fingers. If this fails due to a temporary problem (such as a network
issue while downloading binaries from the NixOS binary cache), you can just
re-run <command>nixos-install</command>. Otherwise, fix your
<filename>configuration.nix</filename> and then re-run
<command>nixos-install</command>.
</para>
<para>
As the last step, <command>nixos-install</command> will ask you to set the
password for the <literal>root</literal> user, e.g.
Cross fingers. If this fails due to a temporary problem (such as a network
issue while downloading binaries from the NixOS binary cache), you can
just re-run <command>nixos-install</command>. Otherwise, fix your
<filename>configuration.nix</filename> and then re-run
<command>nixos-install</command>.
</para>
<para>
As the last step, <command>nixos-install</command> will ask you to set the
password for the <literal>root</literal> user, e.g.
<screen>
setting root password...
Enter new UNIX password: ***
Retype new UNIX password: ***
</screen>
<note>
<para>
For unattended installations, it is possible to use
<command>nixos-install --no-root-passwd</command> in order to disable the
password prompt entirely.
</para>
</note>
</para>
</listitem>
<listitem>
<para>
If everything went well:
Retype new UNIX password: ***</screen>
<note>
<para>
For unattended installations, it is possible to use
<command>nixos-install --no-root-passwd</command> in order to disable
the password prompt entirely.
</para>
</note>
</para>
</listitem>
<listitem>
<para>
If everything went well:
<screen>
# reboot</screen>
</para>
</listitem>
<listitem>
<para>
You should now be able to boot into the installed NixOS. The GRUB boot menu
shows a list of <emphasis>available configurations</emphasis> (initially
just one). Every time you change the NixOS configuration (see
<link
# reboot</screen>
</para>
</listitem>
<listitem>
<para>
You should now be able to boot into the installed NixOS. The GRUB boot
menu shows a list of <emphasis>available configurations</emphasis>
(initially just one). Every time you change the NixOS configuration (see
<link
linkend="sec-changing-config">Changing Configuration</link>
), a new item is added to the menu. This allows you to easily roll back to
a previous configuration if something goes wrong.
</para>
<para>
You should log in and change the <literal>root</literal> password with
<command>passwd</command>.
</para>
<para>
Youll probably want to create some user accounts as well, which can be
done with <command>useradd</command>:
), a new item is added to the menu. This allows you to easily roll back to
a previous configuration if something goes wrong.
</para>
<para>
You should log in and change the <literal>root</literal> password with
<command>passwd</command>.
</para>
<para>
Youll probably want to create some user accounts as well, which can be
done with <command>useradd</command>:
<screen>
$ useradd -c 'Eelco Dolstra' -m eelco
$ passwd eelco</screen>
</para>
<para>
You may also want to install some software. For instance,
</para>
<para>
You may also want to install some software. For instance,
<screen>
$ nix-env -qa \*</screen>
shows what packages are available, and
shows what packages are available, and
<screen>
$ nix-env -i w3m</screen>
install the <literal>w3m</literal> browser.
</para>
</listitem>
</orderedlist>
<para>
To summarise, <xref linkend="ex-install-sequence" /> shows a typical sequence
of commands for installing NixOS on an empty hard drive (here
<filename>/dev/sda</filename>). <xref linkend="ex-config"
install the <literal>w3m</literal> browser.
</para>
</listitem>
</orderedlist>
</section>
<section xml:id="sec-installation-summary">
<title>Installation summary</title>
<para>
To summarise, <xref linkend="ex-install-sequence" /> shows a typical
sequence of commands for installing NixOS on an empty hard drive (here
<filename>/dev/sda</filename>). <xref linkend="ex-config"
/> shows a
corresponding configuration Nix expression.
</para>
<example xml:id='ex-install-sequence'>
<title>Commands for Installing NixOS on <filename>/dev/sda</filename></title>
<screen>
# fdisk /dev/sda # <lineannotation>(or whatever device you want to install on)</lineannotation>
-- for UEFI systems only
> n # <lineannotation>(create a new partition for /boot)</lineannotation>
> 3 # <lineannotation>(make it a partition number 3)</lineannotation>
> # <lineannotation>(press enter to accept the default)</lineannotation>
> +512M # <lineannotation>(the size of the UEFI boot partition)</lineannotation>
> t # <lineannotation>(change the partition type ...)</lineannotation>
> 3 # <lineannotation>(... of the boot partition ...)</lineannotation>
> 1 # <lineannotation>(... to 'UEFI System')</lineannotation>
-- for BIOS or UEFI systems
> n # <lineannotation>(create a new partition for /swap)</lineannotation>
> 2 # <lineannotation>(make it a partition number 2)</lineannotation>
> # <lineannotation>(press enter to accept the default)</lineannotation>
> +8G # <lineannotation>(the size of the swap partition)</lineannotation>
> n # <lineannotation>(create a new partition for /)</lineannotation>
> 1 # <lineannotation>(make it a partition number 1)</lineannotation>
> # <lineannotation>(press enter to accept the default)</lineannotation>
> # <lineannotation>(press enter to accept the default and use the rest of the remaining space)</lineannotation>
> a # <lineannotation>(make the partition bootable)</lineannotation>
> x # <lineannotation>(enter expert mode)</lineannotation>
> f # <lineannotation>(fix up the partition ordering)</lineannotation>
> r # <lineannotation>(exit expert mode)</lineannotation>
> w # <lineannotation>(write the partition table to disk and exit)</lineannotation>
corresponding configuration Nix expression.
</para>
<example xml:id="ex-partition-scheme-MBR">
<title>Example partition schemes for NixOS on <filename>/dev/sda</filename> (MBR)</title>
<screen language="commands">
# parted /dev/sda -- mklabel msdos
# parted /dev/sda -- mkpart primary linux-swap 1M 8GiB
# parted /dev/sda -- mkpart primary 8GiB -1s</screen>
</example>
<example xml:id="ex-partition-scheme-UEFI">
<title>Example partition schemes for NixOS on <filename>/dev/sda</filename> (UEFI)</title>
<screen language="commands">
# parted /dev/sda -- mklabel gpt
# parted /dev/sda -- mkpart primary linux-swap 512MiB 8.5GiB
# parted /dev/sda -- mkpart primary 8.5GiB -1MiB
# parted /dev/sda -- mkpart ESP fat32 1M 512MiB
# parted /dev/sda -- set 3 boot on</screen>
</example>
<example xml:id="ex-install-sequence">
<title>Commands for Installing NixOS on <filename>/dev/sda</filename></title>
<para>
With a partitioned disk.
<screen language="commands">
# mkfs.ext4 -L nixos /dev/sda1
# mkswap -L swap /dev/sda2
# swapon /dev/sda2
@ -416,9 +516,11 @@ $ nix-env -i w3m</screen>
# nano /mnt/etc/nixos/configuration.nix
# nixos-install
# reboot</screen>
</example>
<example xml:id='ex-config'>
<title>NixOS Configuration</title>
</para>
</example>
<example xml:id='ex-config'>
<title>NixOS Configuration</title>
<screen>
{ config, pkgs, ... }: {
imports = [
@ -438,10 +540,19 @@ $ nix-env -i w3m</screen>
services.sshd.enable = true;
}
</screen>
</example>
<xi:include href="installing-usb.xml" />
<xi:include href="installing-pxe.xml" />
<xi:include href="installing-virtualbox-guest.xml" />
<xi:include href="installing-from-other-distro.xml" />
<xi:include href="installing-behind-a-proxy.xml" />
</example>
</section>
<section xml:id="sec-installation-additional-notes">
<title>Additional installation notes</title>
<xi:include href="installing-usb.xml" />
<xi:include href="installing-pxe.xml" />
<xi:include href="installing-virtualbox-guest.xml" />
<xi:include href="installing-from-other-distro.xml" />
<xi:include href="installing-behind-a-proxy.xml" />
</section>
</chapter>

22
nixos/modules/hardware/opengl.nix
View file

@ -129,17 +129,17 @@ in
message = "Option driSupport32Bit only makes sense on a 64-bit system.";
};
system.activationScripts.setup-opengl =
''
ln -sfn ${package} /run/opengl-driver
${if pkgs.stdenv.isi686 then ''
ln -sfn opengl-driver /run/opengl-driver-32
'' else if cfg.driSupport32Bit then ''
ln -sfn ${package32} /run/opengl-driver-32
'' else ''
rm -f /run/opengl-driver-32
''}
'';
systemd.tmpfiles.rules = [
"L+ /run/opengl-driver - - - - ${package}"
(
if pkgs.stdenv.isi686 then
"L+ /run/opengl-driver-32 - - - - opengl-driver"
else if cfg.driSupport32Bit then
"L+ /run/opengl-driver-32 - - - - ${package32}"
else
"r /run/opengl-driver-32"
)
];
environment.sessionVariables.LD_LIBRARY_PATH =
[ "/run/opengl-driver/lib" ] ++ optional cfg.driSupport32Bit "/run/opengl-driver-32/lib";

25
nixos/modules/hardware/steam-hardware.nix Normal file
View file

@ -0,0 +1,25 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.hardware.steam-hardware;
in
{
options.hardware.steam-hardware = {
enable = mkOption {
type = types.bool;
default = false;
description = "Enable udev rules for Steam hardware such as the Steam Controller, other supported controllers and the HTC Vive";
};
};
config = mkIf cfg.enable {
services.udev.packages = [
pkgs.steamPackages.steam
];
};
}

120
nixos/modules/hardware/video/nvidia.nix
View file

@ -26,9 +26,73 @@ let
nvidia_libs32 = (nvidiaForKernel pkgs_i686.linuxPackages).override { libsOnly = true; kernel = null; };
enabled = nvidia_x11 != null;
cfg = config.hardware.nvidia;
optimusCfg = cfg.optimus_prime;
in
{
options = {
hardware.nvidia.modesetting.enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Enable kernel modesetting when using the NVIDIA proprietary driver.
Enabling this fixes screen tearing when using Optimus via PRIME (see
<option>hardware.nvidia.optimus_prime.enable</option>. This is not enabled
by default because it is not officially supported by NVIDIA and would not
work with SLI.
'';
};
hardware.nvidia.optimus_prime.enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Enable NVIDIA Optimus support using the NVIDIA proprietary driver via PRIME.
If enabled, the NVIDIA GPU will be always on and used for all rendering,
while enabling output to displays attached only to the integrated Intel GPU
without a multiplexer.
Note that this option only has any effect if the "nvidia" driver is specified
in <option>services.xserver.videoDrivers</option>, and it should preferably
be the only driver there.
If this is enabled, then the bus IDs of the NVIDIA and Intel GPUs have to be
specified (<option>hardware.nvidia.optimus_prime.nvidiaBusId</option> and
<option>hardware.nvidia.optimus_prime.intelBusId</option>).
If you enable this, you may want to also enable kernel modesetting for the
NVIDIA driver (<option>hardware.nvidia.modesetting.enable</option>) in order
to prevent tearing.
Note that this configuration will only be successful when a display manager
for which the <option>services.xserver.displayManager.setupCommands</option>
option is supported is used; notably, SLiM is not supported.
'';
};
hardware.nvidia.optimus_prime.nvidiaBusId = lib.mkOption {
type = lib.types.string;
default = "";
example = "PCI:1:0:0";
description = ''
Bus ID of the NVIDIA GPU. You can find it using lspci; for example if lspci
shows the NVIDIA GPU at "01:00.0", set this option to "PCI:1:0:0".
'';
};
hardware.nvidia.optimus_prime.intelBusId = lib.mkOption {
type = lib.types.string;
default = "";
example = "PCI:0:2:0";
description = ''
Bus ID of the Intel GPU. You can find it using lspci; for example if lspci
shows the Intel GPU at "00:02.0", set this option to "PCI:0:2:0".
'';
};
};
config = mkIf enabled {
assertions = [
@ -36,15 +100,61 @@ in
assertion = config.services.xserver.displayManager.gdm.wayland;
message = "NVidia drivers don't support wayland";
}
{
assertion = !optimusCfg.enable ||
(optimusCfg.nvidiaBusId != "" && optimusCfg.intelBusId != "");
message = ''
When NVIDIA Optimus via PRIME is enabled, the GPU bus IDs must configured.
'';
}
];
services.xserver.drivers = singleton
{ name = "nvidia"; modules = [ nvidia_x11.bin ]; libPath = [ nvidia_x11 ]; };
# If Optimus/PRIME is enabled, we:
# - Specify the configured NVIDIA GPU bus ID in the Device section for the
# "nvidia" driver.
# - Add the AllowEmptyInitialConfiguration option to the Screen section for the
# "nvidia" driver, in order to allow the X server to start without any outputs.
# - Add a separate Device section for the Intel GPU, using the "modesetting"
# driver and with the configured BusID.
# - Reference that Device section from the ServerLayout section as an inactive
# device.
# - Configure the display manager to run specific `xrandr` commands which will
# configure/enable displays connected to the Intel GPU.
services.xserver.screenSection =
services.xserver.drivers = singleton {
name = "nvidia";
modules = [ nvidia_x11.bin ];
libPath = [ nvidia_x11 ];
deviceSection = optionalString optimusCfg.enable
''
BusID "${optimusCfg.nvidiaBusId}"
'';
screenSection =
''
Option "RandRRotation" "on"
${optionalString optimusCfg.enable "Option \"AllowEmptyInitialConfiguration\""}
'';
};
services.xserver.extraConfig = optionalString optimusCfg.enable
''
Option "RandRRotation" "on"
Section "Device"
Identifier "nvidia-optimus-intel"
Driver "modesetting"
BusID "${optimusCfg.intelBusId}"
Option "AccelMethod" "none"
EndSection
'';
services.xserver.serverLayoutSection = optionalString optimusCfg.enable
''
Inactive "nvidia-optimus-intel"
'';
services.xserver.displayManager.setupCommands = optionalString optimusCfg.enable ''
# Added by nvidia configuration module for Optimus/PRIME.
${pkgs.xorg.xrandr}/bin/xrandr --setprovideroutputsource modesetting NVIDIA-0
${pkgs.xorg.xrandr}/bin/xrandr --auto
'';
environment.etc."nvidia/nvidia-application-profiles-rc" = mkIf nvidia_x11.useProfiles {
source = "${nvidia_x11.bin}/share/nvidia/nvidia-application-profiles-rc";
@ -62,6 +172,8 @@ in
boot.kernelModules = [ "nvidia-uvm" ] ++
lib.optionals config.services.xserver.enable [ "nvidia" "nvidia_modeset" "nvidia_drm" ];
# If requested enable modesetting via kernel parameter.
boot.kernelParams = optional cfg.modesetting.enable "nvidia-drm.modeset=1";
# Create /dev/nvidia-uvm when the nvidia-uvm module is loaded.
services.udev.extraRules =

8
nixos/modules/installer/tools/nix-fallback-paths.nix
View file

@ -1,6 +1,6 @@
{
x86_64-linux = "/nix/store/mxg4bbblxfns96yrz0nalxyiyjl7gj98-nix-2.1.2";
i686-linux = "/nix/store/bgjgmbwirx63mwwychpikd7yc4k4lbjv-nix-2.1.2";
aarch64-linux = "/nix/store/yi18azn4nwrcwvaiag04jnxc1qs38fy5-nix-2.1.2";
x86_64-darwin = "/nix/store/fpivmcck2qpw5plrp599iraw2x9jp18k-nix-2.1.2";
x86_64-linux = "/nix/store/cdcia67siabmj6li7vyffgv2cry86fq8-nix-2.1.3";
i686-linux = "/nix/store/6q3xi6y5qnsv7d62b8n00hqfxi8rs2xs-nix-2.1.3";
aarch64-linux = "/nix/store/2v93d0vimlm28jg0ms6v1i6lc0fq13pn-nix-2.1.3";
x86_64-darwin = "/nix/store/dkjlfkrknmxbjmpfk3dg4q3nmb7m3zvk-nix-2.1.3";
}

3
nixos/modules/installer/tools/nixos-generate-config.pl
View file

@ -277,8 +277,7 @@ if ($virt eq "qemu" || $virt eq "kvm" || $virt eq "bochs") {
# Also for Hyper-V.
if ($virt eq "microsoft") {
push @initrdAvailableKernelModules, "hv_storvsc";
$videoDriver = "fbdev";
push @attrs, "virtualisation.hypervGuest.enable = true;"
}

4
nixos/modules/installer/tools/nixos-option.sh
View file

@ -82,7 +82,7 @@ evalNix(){
set -e
if test $exit_code -eq 0; then
cat <<EOF
sed '/^warning: Nix search path/d' <<EOF
$result
EOF
return 0;
@ -90,7 +90,7 @@ EOF
sed -n '
/^error/ { s/, at (string):[0-9]*:[0-9]*//; p; };
/^warning: Nix search path/ { p; };
' <<EOF
' >&2 <<EOF
$result
EOF
exit_code=1

2
nixos/modules/module-list.nix
View file

@ -46,6 +46,7 @@
./hardware/opengl.nix
./hardware/pcmcia.nix
./hardware/raid/hpsa.nix
./hardware/steam-hardware.nix
./hardware/usb-wwan.nix
./hardware/onlykey.nix
./hardware/video/amdgpu.nix
@ -689,6 +690,7 @@
./services/web-apps/codimd.nix
./services/web-apps/frab.nix
./services/web-apps/mattermost.nix
./services/web-apps/nextcloud.nix
./services/web-apps/nexus.nix
./services/web-apps/pgpkeyserver-lite.nix
./services/web-apps/matomo.nix

7
nixos/modules/security/pam.nix
View file

@ -548,6 +548,13 @@ in
environment.etc =
mapAttrsToList (n: v: makePAMService v) config.security.pam.services;
systemd.tmpfiles.rules = optionals
(any (s: s.updateWtmp) (attrValues config.security.pam.services))
[
"f /var/log/wtmp"
"f /var/log/lastlog"
];
security.pam.services =
{ other.text =
''

10
nixos/modules/security/polkit.nix
View file

@ -88,11 +88,11 @@ in
"polkit-agent-helper-1".source = "${pkgs.polkit.out}/lib/polkit-1/polkit-agent-helper-1";
};
system.activationScripts.polkit =
''
# Probably no more needed, clean up
rm -rf /var/lib/{polkit-1,PolicyKit}
'';
systemd.tmpfiles.rules = [
# Probably no more needed, clean up
"R /var/lib/polkit-1"
"R /var/lib/PolicyKit"
];
users.users.polkituser = {
description = "PolKit daemon";

41
nixos/modules/services/networking/bitlbee.nix
View file

@ -7,9 +7,10 @@ let
cfg = config.services.bitlbee;
bitlbeeUid = config.ids.uids.bitlbee;
bitlbeePkg = if cfg.libpurple_plugins == []
then pkgs.bitlbee
else pkgs.bitlbee.override { enableLibPurple = true; };
bitlbeePkg = pkgs.bitlbee.override {
enableLibPurple = cfg.libpurple_plugins != [];
enablePam = cfg.authBackend == "pam";
};
bitlbeeConfig = pkgs.writeText "bitlbee.conf"
''
@ -20,6 +21,7 @@ let
DaemonInterface = ${cfg.interface}
DaemonPort = ${toString cfg.portNumber}
AuthMode = ${cfg.authMode}
AuthBackend = ${cfg.authBackend}
Plugindir = ${pkgs.bitlbee-plugins cfg.plugins}/lib/bitlbee
${lib.optionalString (cfg.hostName != "") "HostName = ${cfg.hostName}"}
${lib.optionalString (cfg.protocols != "") "Protocols = ${cfg.protocols}"}
@ -70,6 +72,16 @@ in
'';
};
authBackend = mkOption {
default = "storage";
type = types.enum [ "storage" "pam" ];
description = ''
How users are authenticated
storage -- save passwords internally
pam -- Linux PAM authentication
'';
};
authMode = mkOption {
default = "Open";
type = types.enum [ "Open" "Closed" "Registered" ];
@ -147,23 +159,22 @@ in
###### implementation
config = mkIf config.services.bitlbee.enable {
users.users = singleton
{ name = "bitlbee";
config = mkMerge [
(mkIf config.services.bitlbee.enable {
users.users = singleton {
name = "bitlbee";
uid = bitlbeeUid;
description = "BitlBee user";
home = "/var/lib/bitlbee";
createHome = true;
};
users.groups = singleton
{ name = "bitlbee";
users.groups = singleton {
name = "bitlbee";
gid = config.ids.gids.bitlbee;
};
systemd.services.bitlbee =
{
systemd.services.bitlbee = {
environment.PURPLE_PLUGIN_PATH = purple_plugin_path;
description = "BitlBee IRC to other chat networks gateway";
after = [ "network.target" ];
@ -172,8 +183,12 @@ in
serviceConfig.ExecStart = "${bitlbeePkg}/sbin/bitlbee -F -n -c ${bitlbeeConfig}";
};
environment.systemPackages = [ bitlbeePkg ];
environment.systemPackages = [ bitlbeePkg ];
};
})
(mkIf (config.services.bitlbee.authBackend == "pam") {
security.pam.services.bitlbee = {};
})
];
}

7
nixos/modules/services/security/clamav.nix
View file

@ -95,7 +95,7 @@ in
environment.etc."clamav/freshclam.conf".source = freshclamConfigFile;
environment.etc."clamav/clamd.conf".source = clamdConfigFile;
systemd.services.clamav-daemon = optionalAttrs cfg.daemon.enable {
systemd.services.clamav-daemon = mkIf cfg.daemon.enable {
description = "ClamAV daemon (clamd)";
after = optional cfg.updater.enable "clamav-freshclam.service";
requires = optional cfg.updater.enable "clamav-freshclam.service";
@ -116,7 +116,7 @@ in
};
};
systemd.timers.clamav-freshclam = optionalAttrs cfg.updater.enable {
systemd.timers.clamav-freshclam = mkIf cfg.updater.enable {
description = "Timer for ClamAV virus database updater (freshclam)";
wantedBy = [ "timers.target" ];
timerConfig = {
@ -125,7 +125,7 @@ in
};
};
systemd.services.clamav-freshclam = optionalAttrs cfg.updater.enable {
systemd.services.clamav-freshclam = mkIf cfg.updater.enable {
description = "ClamAV virus database updater (freshclam)";
restartTriggers = [ freshclamConfigFile ];
@ -137,6 +137,7 @@ in
serviceConfig = {
Type = "oneshot";
ExecStart = "${pkg}/bin/freshclam";
SuccessExitStatus = "1"; # if databases are up to date
PrivateTmp = "yes";
PrivateDevices = "yes";
};

463
nixos/modules/services/web-apps/nextcloud.nix Normal file
View file

@ -0,0 +1,463 @@
{ config, lib, pkgs, ... }@args:
with lib;
let
cfg = config.services.nextcloud;
toKeyValue = generators.toKeyValue {
mkKeyValue = generators.mkKeyValueDefault {} " = ";
};
phpOptionsExtensions = ''
${optionalString cfg.caching.apcu "extension=${cfg.phpPackages.apcu}/lib/php/extensions/apcu.so"}
${optionalString cfg.caching.redis "extension=${cfg.phpPackages.redis}/lib/php/extensions/redis.so"}
${optionalString cfg.caching.memcached "extension=${cfg.phpPackages.memcached}/lib/php/extensions/memcached.so"}
zend_extension = opcache.so
opcache.enable = 1
'';
phpOptions = {
upload_max_filesize = cfg.maxUploadSize;
post_max_size = cfg.maxUploadSize;
memory_limit = cfg.maxUploadSize;
} // cfg.phpOptions;
phpOptionsStr = phpOptionsExtensions + (toKeyValue phpOptions);
occ = pkgs.writeScriptBin "nextcloud-occ" ''
#! ${pkgs.stdenv.shell}
cd ${pkgs.nextcloud}
exec /run/wrappers/bin/sudo -u nextcloud \
NEXTCLOUD_CONFIG_DIR="${cfg.home}/config" \
${config.services.phpfpm.phpPackage}/bin/php \
-c ${pkgs.writeText "php.ini" phpOptionsStr}\
occ $*
'';
in {
options.services.nextcloud = {
enable = mkEnableOption "nextcloud";
hostName = mkOption {
type = types.str;
description = "FQDN for the nextcloud instance.";
};
home = mkOption {
type = types.str;
default = "/var/lib/nextcloud";
description = "Storage path of nextcloud.";
};
https = mkOption {
type = types.bool;
default = false;
description = "Enable if there is a TLS terminating proxy in front of nextcloud.";
};
maxUploadSize = mkOption {
default = "512M";
type = types.str;
description = ''
Defines the upload limit for files. This changes the relevant options
in php.ini and nginx if enabled.
'';
};
skeletonDirectory = mkOption {
default = "";
type = types.str;
description = ''
The directory where the skeleton files are located. These files will be
copied to the data directory of new users. Leave empty to not copy any
skeleton files.
'';
};
nginx.enable = mkEnableOption "nginx vhost management";
webfinger = mkOption {
type = types.bool;
default = false;
description = ''
Enable this option if you plan on using the webfinger plugin.
The appropriate nginx rewrite rules will be added to your configuration.
'';
};
phpPackages = mkOption {
type = types.attrs;
default = pkgs.php71Packages;
defaultText = "pkgs.php71Packages";
description = ''
Overridable attribute of the PHP packages set to use. If any caching
module is enabled, it will be taken from here. Therefore it should
match the version of PHP given to
<literal>services.phpfpm.phpPackage</literal>.
'';
};
phpOptions = mkOption {
type = types.attrsOf types.str;
default = {
"short_open_tag" = "Off";
"expose_php" = "Off";
"error_reporting" = "E_ALL & ~E_DEPRECATED & ~E_STRICT";
"display_errors" = "stderr";
"opcache.enable_cli" = "1";
"opcache.interned_strings_buffer" = "8";
"opcache.max_accelerated_files" = "10000";
"opcache.memory_consumption" = "128";
"opcache.revalidate_freq" = "1";
"opcache.fast_shutdown" = "1";
"openssl.cafile" = "/etc/ssl/certs/ca-certificates.crt";
"catch_workers_output" = "yes";
};
description = ''
Options for PHP's php.ini file for nextcloud.
'';
};
config = {
dbtype = mkOption {
type = types.enum [ "sqlite" "pgsql" "mysql" ];
default = "sqlite";
description = "Database type.";
};
dbname = mkOption {
type = types.nullOr types.str;
default = "nextcloud";
description = "Database name.";
};
dbuser = mkOption {
type = types.nullOr types.str;
default = "nextcloud";
description = "Database user.";
};
dbpass = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
Database password. Use <literal>dbpassFile</literal> to avoid this
being world-readable in the <literal>/nix/store</literal>.
'';
};
dbpassFile = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
The full path to a file that contains the database password.
'';
};
dbhost = mkOption {
type = types.nullOr types.str;
default = "localhost";
description = "Database host.";
};
dbport = mkOption {
type = with types; nullOr (either int str);
default = null;
description = "Database port.";
};
dbtableprefix = mkOption {
type = types.nullOr types.str;
default = null;
description = "Table prefix in Nextcloud database.";
};
adminuser = mkOption {
type = types.str;
default = "root";
description = "Admin username.";
};
adminpass = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
Database password. Use <literal>adminpassFile</literal> to avoid this
being world-readable in the <literal>/nix/store</literal>.
'';
};
adminpassFile = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
The full path to a file that contains the admin's password.
'';
};
extraTrustedDomains = mkOption {
type = types.listOf types.str;
default = [];
description = ''
Trusted domains, from which the nextcloud installation will be
acessible. You don't need to add
<literal>services.nextcloud.hostname</literal> here.
'';
};
};
caching = {
apcu = mkOption {
type = types.bool;
default = true;
description = ''
Whether to load the APCu module into PHP.
'';
};
redis = mkOption {
type = types.bool;
default = false;
description = ''
Whether to load the Redis module into PHP.
You still need to enable Redis in your config.php.
See https://docs.nextcloud.com/server/14/admin_manual/configuration_server/caching_configuration.html
'';
};
memcached = mkOption {
type = types.bool;
default = false;
description = ''
Whether to load the Memcached module into PHP.
You still need to enable Memcached in your config.php.
See https://docs.nextcloud.com/server/14/admin_manual/configuration_server/caching_configuration.html
'';
};
};
};
config = mkIf cfg.enable (mkMerge [
{ assertions = let acfg = cfg.config; in [
{ assertion = !(acfg.dbpass != null && acfg.dbpassFile != null);
message = "Please specify no more than one of dbpass or dbpassFile";
}
{ assertion = ((acfg.adminpass != null || acfg.adminpassFile != null)
&& !(acfg.adminpass != null && acfg.adminpassFile != null));
message = "Please specify exactly one of adminpass or adminpassFile";
}
];
}
{ systemd.timers."nextcloud-cron" = {
wantedBy = [ "timers.target" ];
timerConfig.OnBootSec = "5m";
timerConfig.OnUnitActiveSec = "15m";
timerConfig.Unit = "nextcloud-cron.service";
};
systemd.services = {
"nextcloud-setup" = let
overrideConfig = pkgs.writeText "nextcloud-config.php" ''
<?php
$CONFIG = [
'apps_paths' => [
[ 'path' => '${cfg.home}/apps', 'url' => '/apps', 'writable' => false ],
[ 'path' => '${cfg.home}/store-apps', 'url' => '/store-apps', 'writable' => true ],
],
'datadirectory' => '${cfg.home}/data',
'skeletondirectory' => '${cfg.skeletonDirectory}',
${optionalString cfg.caching.apcu "'memcache.local' => '\\OC\\Memcache\\APCu',"}
'log_type' => 'syslog',
];
'';
occInstallCmd = let
c = cfg.config;
adminpass = if c.adminpassFile != null
then ''"$(<"${toString c.adminpassFile}")"''
else ''"${toString c.adminpass}"'';
dbpass = if c.dbpassFile != null
then ''"$(<"${toString c.dbpassFile}")"''
else if c.dbpass != null
then ''"${toString c.dbpass}"''
else null;
installFlags = concatStringsSep " \\\n "
(mapAttrsToList (k: v: "${k} ${toString v}") {
"--database" = ''"${c.dbtype}"'';
# The following attributes are optional depending on the type of
# database. Those that evaluate to null on the left hand side
# will be omitted.
${if c.dbname != null then "--database-name" else null} = ''"${c.dbname}"'';
${if c.dbhost != null then "--database-host" else null} = ''"${c.dbhost}"'';
${if c.dbport != null then "--database-port" else null} = ''"${toString c.dbport}"'';
${if c.dbuser != null then "--database-user" else null} = ''"${c.dbuser}"'';
${if (any (x: x != null) [c.dbpass c.dbpassFile])
then "--database-pass" else null} = dbpass;
${if c.dbtableprefix != null
then "--database-table-prefix" else null} = ''"${toString c.dbtableprefix}"'';
"--admin-user" = ''"${c.adminuser}"'';
"--admin-pass" = adminpass;
"--data-dir" = ''"${cfg.home}/data"'';
});
in ''
${occ}/bin/nextcloud-occ maintenance:install \
${installFlags}
'';
occSetTrustedDomainsCmd = concatStringsSep "\n" (imap0
(i: v: ''
${occ}/bin/nextcloud-occ config:system:set trusted_domains \
${toString i} --value="${toString v}"
'') ([ cfg.hostName ] ++ cfg.config.extraTrustedDomains));
in {
wantedBy = [ "multi-user.target" ];
before = [ "phpfpm-nextcloud.service" ];
script = ''
chmod og+x ${cfg.home}
ln -sf ${pkgs.nextcloud}/apps ${cfg.home}/
mkdir -p ${cfg.home}/config ${cfg.home}/data ${cfg.home}/store-apps
ln -sf ${overrideConfig} ${cfg.home}/config/override.config.php
chown -R nextcloud:nginx ${cfg.home}/config ${cfg.home}/data ${cfg.home}/store-apps
# Do not install if already installed
if [[ ! -e ${cfg.home}/config/config.php ]]; then
${occInstallCmd}
fi
${occ}/bin/nextcloud-occ upgrade
${occ}/bin/nextcloud-occ config:system:delete trusted_domains
${occSetTrustedDomainsCmd}
'';
serviceConfig.Type = "oneshot";
};
"nextcloud-cron" = {
environment.NEXTCLOUD_CONFIG_DIR = "${cfg.home}/config";
serviceConfig.Type = "oneshot";
serviceConfig.User = "nextcloud";
serviceConfig.ExecStart = "${pkgs.php}/bin/php -f ${pkgs.nextcloud}/cron.php";
};
};
services.phpfpm = {
phpOptions = phpOptionsExtensions;
phpPackage = pkgs.php71;
pools.nextcloud = let
phpAdminValues = (toKeyValue
(foldr (a: b: a // b) {}
(mapAttrsToList (k: v: { "php_admin_value[${k}]" = v; })
phpOptions)));
in {
listen = "/run/phpfpm/nextcloud";
extraConfig = ''
listen.owner = nginx
listen.group = nginx
user = nextcloud
group = nginx
pm = dynamic
pm.max_children = 32
pm.start_servers = 2
pm.min_spare_servers = 2
pm.max_spare_servers = 4
env[NEXTCLOUD_CONFIG_DIR] = ${cfg.home}/config
env[PATH] = /run/wrappers/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin:/usr/bin:/bin
${phpAdminValues}
'';
};
};
users.extraUsers.nextcloud = {
home = "${cfg.home}";
group = "nginx";
createHome = true;
};
environment.systemPackages = [ occ ];
}
(mkIf cfg.nginx.enable {
services.nginx = {
enable = true;
virtualHosts = {
"${cfg.hostName}" = {
root = pkgs.nextcloud;
locations = {
"= /robots.txt" = {
priority = 100;
extraConfig = ''
allow all;
log_not_found off;
access_log off;
'';
};
"/" = {
priority = 200;
extraConfig = "rewrite ^ /index.php$uri;";
};
"~ ^/store-apps" = {
priority = 201;
extraConfig = "root ${cfg.home};";
};
"= /.well-known/carddav" = {
priority = 210;
extraConfig = "return 301 $scheme://$host/remote.php/dav;";
};
"= /.well-known/caldav" = {
priority = 210;
extraConfig = "return 301 $scheme://$host/remote.php/dav;";
};
"~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/" = {
priority = 300;
extraConfig = "deny all;";
};
"~ ^/(?:\\.|autotest|occ|issue|indie|db_|console)" = {
priority = 300;
extraConfig = "deny all;";
};
"~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+)\\.php(?:$|/)" = {
priority = 500;
extraConfig = ''
include ${pkgs.nginxMainline}/conf/fastcgi.conf;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS ${if cfg.https then "on" else "off"};
fastcgi_param modHeadersAvailable true;
fastcgi_param front_controller_active true;
fastcgi_pass unix:/run/phpfpm/nextcloud;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
fastcgi_read_timeout 120s;
'';
};
"~ ^/(?:updater|ocs-provider)(?:$|/)".extraConfig = ''
try_files $uri/ =404;
index index.php;
'';
"~ \\.(?:css|js|woff|svg|gif)$".extraConfig = ''
try_files $uri /index.php$uri$is_args$args;
add_header Cache-Control "public, max-age=15778463";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
access_log off;
'';
"~ \\.(?:png|html|ttf|ico|jpg|jpeg)$".extraConfig = ''
try_files $uri /index.php$uri$is_args$args;
access_log off;
'';
};
extraConfig = ''
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
client_max_body_size ${cfg.maxUploadSize};
fastcgi_buffers 64 4K;
gzip on;
gzip_vary on;
gzip_comp_level 4;
gzip_min_length 256;
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
${optionalString cfg.webfinger ''
rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
''}
'';
};
};
};
})
]);
}

17
nixos/modules/services/web-servers/nginx/default.nix
View file

@ -245,8 +245,8 @@ let
}
''
) virtualHosts);
mkLocations = locations: concatStringsSep "\n" (mapAttrsToList (location: config: ''
location ${location} {
mkLocations = locations: concatStringsSep "\n" (map (config: ''
location ${config.location} {
${optionalString (config.proxyPass != null && !cfg.proxyResolveWhileRunning)
"proxy_pass ${config.proxyPass};"
}
@ -266,7 +266,18 @@ let
${config.extraConfig}
${optionalString (config.proxyPass != null && cfg.recommendedProxySettings) "include ${recommendedProxyConfig};"}
}
'') locations);
'') (sortProperties (mapAttrsToList (k: v: v // { location = k; }) locations)));
mkBasicAuth = vhostName: authDef: let
htpasswdFile = pkgs.writeText "${vhostName}.htpasswd" (
concatStringsSep "\n" (mapAttrsToList (user: password: ''
${user}:{PLAIN}${password}
'') authDef)
);
in ''
auth_basic secured;
auth_basic_user_file ${htpasswdFile};
'';
mkHtpasswd = vhostName: authDef: pkgs.writeText "${vhostName}.htpasswd" (
concatStringsSep "\n" (mapAttrsToList (user: password: ''
${user}:{PLAIN}${password}

10
nixos/modules/services/web-servers/nginx/location-options.nix
View file

@ -71,6 +71,16 @@ with lib;
These lines go to the end of the location verbatim.
'';
};
priority = mkOption {
type = types.int;
default = 1000;
description = ''
Order of this location block in relation to the others in the vhost.
The semantics are the same as with `lib.mkOrder`. Smaller values have
a greater priority.
'';
};
};
}

2
nixos/modules/services/x11/desktop-managers/plasma5.nix
View file

@ -64,7 +64,7 @@ in
};
security.wrappers = {
kcheckpass.source = "${lib.getBin plasma5.plasma-workspace}/lib/libexec/kcheckpass";
kcheckpass.source = "${lib.getBin plasma5.kscreenlocker}/lib/libexec/kcheckpass";
"start_kdeinit".source = "${lib.getBin pkgs.kinit}/lib/libexec/kf5/start_kdeinit";
kwin_wayland = {
source = "${lib.getBin plasma5.kwin}/bin/kwin_wayland";

11
nixos/modules/services/x11/display-managers/default.nix
View file

@ -222,6 +222,17 @@ in
description = "List of arguments for the X server.";
};
setupCommands = mkOption {
type = types.lines;
default = "";
description = ''
Shell commands executed just after the X server has started.
This option is only effective for display managers for which this feature
is supported; currently these are LightDM, GDM and SDDM.
'';
};
sessionCommands = mkOption {
type = types.lines;
default = "";

17
nixos/modules/services/x11/display-managers/gdm.nix
View file

@ -7,6 +7,13 @@ let
cfg = config.services.xserver.displayManager;
gdm = pkgs.gnome3.gdm;
xSessionWrapper = if (cfg.setupCommands == "") then null else
pkgs.writeScript "gdm-x-session-wrapper" ''
#!${pkgs.bash}/bin/bash
${cfg.setupCommands}
exec "$@"
'';
in
{
@ -112,6 +119,11 @@ in
GDM_SESSIONS_DIR = "${cfg.session.desktops}/share/xsessions";
# Find the mouse
XCURSOR_PATH = "~/.icons:${pkgs.gnome3.adwaita-icon-theme}/share/icons";
} // optionalAttrs (xSessionWrapper != null) {
# Make GDM use this wrapper before running the session, which runs the
# configured setupCommands. This relies on a patched GDM which supports
# this environment variable.
GDM_X_SESSION_WRAPPER = "${xSessionWrapper}";
};
execCmd = "exec ${gdm}/bin/gdm";
};
@ -142,7 +154,10 @@ in
systemd.user.services.dbus.wantedBy = [ "default.target" ];
programs.dconf.profiles.gdm = "${gdm}/share/dconf/profile/gdm";
programs.dconf.profiles.gdm = pkgs.writeText "dconf-gdm-profile" ''
system-db:local
${gdm}/share/dconf/profile/gdm
'';
# Use AutomaticLogin if delay is zero, because it's immediate.
# Otherwise with TimedLogin with zero seconds the prompt is still

16
nixos/modules/services/x11/display-managers/lightdm.nix
View file

@ -46,6 +46,7 @@ let
greeters-directory = ${cfg.greeter.package}
''}
sessions-directory = ${dmcfg.session.desktops}/share/xsessions
${cfg.extraConfig}
[Seat:*]
xserver-command = ${xserverWrapper}
@ -61,6 +62,12 @@ let
${optionalString hasDefaultUserSession ''
user-session=${defaultSessionName}
''}
${optionalString (dmcfg.setupCommands != "") ''
display-setup-script=${pkgs.writeScript "lightdm-display-setup" ''
#!${pkgs.bash}/bin/bash
${dmcfg.setupCommands}
''}
''}
${cfg.extraSeatDefaults}
'';
@ -113,6 +120,15 @@ in
};
};
extraConfig = mkOption {
type = types.lines;
default = "";
example = ''
user-authority-in-system-dir = true
'';
description = "Extra lines to append to LightDM section.";
};
background = mkOption {
type = types.str;
default = "${pkgs.nixos-artwork.wallpapers.simple-dark-gray-bottom}/share/artwork/gnome/nix-wallpaper-simple-dark-gray_bottom.png";

4
nixos/modules/services/x11/display-managers/sddm.nix
View file

@ -20,6 +20,7 @@ let
Xsetup = pkgs.writeScript "Xsetup" ''
#!/bin/sh
${cfg.setupScript}
${dmcfg.setupCommands}
'';
Xstop = pkgs.writeScript "Xstop" ''
@ -137,7 +138,8 @@ in
xrandr --auto
'';
description = ''
A script to execute when starting the display server.
A script to execute when starting the display server. DEPRECATED, please
use <option>services.xserver.displayManager.setupCommands</option>.
'';
};

10
nixos/modules/services/x11/xserver.nix
View file

@ -374,6 +374,12 @@ in
description = "Contents of the first Monitor section of the X server configuration file.";
};
extraConfig = mkOption {
type = types.lines;
default = "";
description = "Additional contents (sections) included in the X server configuration file";
};
xrandrHeads = mkOption {
default = [];
example = [
@ -754,6 +760,7 @@ in
Driver "${driver.driverName or driver.name}"
${if cfg.useGlamor then ''Option "AccelMethod" "glamor"'' else ""}
${cfg.deviceSection}
${driver.deviceSection or ""}
${xrandrDeviceSection}
EndSection
@ -765,6 +772,7 @@ in
''}
${cfg.screenSection}
${driver.screenSection or ""}
${optionalString (cfg.defaultDepth != 0) ''
DefaultDepth ${toString cfg.defaultDepth}
@ -794,6 +802,8 @@ in
'')}
${xrandrMonitorSections}
${cfg.extraConfig}
'';
fonts.enableDefaultFonts = mkDefault true;

8
nixos/modules/system/activation/activation-script.nix
View file

@ -174,14 +174,6 @@ in
''
# Various log/runtime directories.
mkdir -m 0755 -p /run/nix/current-load # for distributed builds
mkdir -m 0700 -p /run/nix/remote-stores
mkdir -m 0755 -p /var/log
touch /var/log/wtmp /var/log/lastlog # must exist
chmod 644 /var/log/wtmp /var/log/lastlog
mkdir -m 1777 -p /var/tmp
# Empty, immutable home directory of many system accounts.

4
nixos/modules/system/activation/switch-to-configuration.pl
View file

@ -419,8 +419,8 @@ while (my $f = <$listActiveUsers>) {
my ($uid, $name) = ($+{uid}, $+{user});
print STDERR "reloading user units for $name...\n";
system("su", "-s", "@shell@", "-l", $name, "-c", "XDG_RUNTIME_DIR=/run/user/$uid @systemd@/bin/systemctl --user daemon-reload");
system("su", "-s", "@shell@", "-l", $name, "-c", "XDG_RUNTIME_DIR=/run/user/$uid @systemd@/bin/systemctl --user start nixos-activation.service");
system("@su@", "-s", "@shell@", "-l", $name, "-c", "XDG_RUNTIME_DIR=/run/user/$uid @systemd@/bin/systemctl --user daemon-reload");
system("@su@", "-s", "@shell@", "-l", $name, "-c", "XDG_RUNTIME_DIR=/run/user/$uid @systemd@/bin/systemctl --user start nixos-activation.service");
}
close $listActiveUsers;

1
nixos/modules/system/activation/top-level.nix
View file

@ -109,6 +109,7 @@ let
inherit (pkgs) utillinux coreutils;
systemd = config.systemd.package;
shell = "${pkgs.bash}/bin/sh";
su = "${pkgs.shadow.su}/bin/su";
inherit children;
kernelParams = config.boot.kernelParams;

8
nixos/modules/system/boot/stage-2-init.sh
View file

@ -152,6 +152,14 @@ ln -sfn /run/booted-system /nix/var/nix/gcroots/booted-system
@shell@ @postBootCommands@
# Ensure systemd doesn't try to populate /etc, by forcing its first-boot
# heuristic off. It doesn't matter what's in /etc/machine-id for this purpose,
# and systemd will immediately fill in the file when it starts, so just
# creating it is enough. This `: >>` pattern avoids forking and avoids changing
# the mtime if the file already exists.
: >> /etc/machine-id
# Reset the logging file descriptors.
exec 1>&$logOutFd 2>&$logErrFd
exec {logOutFd}>&- {logErrFd}>&-

2
nixos/modules/system/boot/systemd-unit-options.nix
View file

@ -394,7 +394,7 @@ in rec {
Each attribute in this set specifies an option in the
<literal>[Timer]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.timer</refentrytitle>
<manvolnum>7</manvolnum></citerefentry> and
<manvolnum>5</manvolnum></citerefentry> and
<citerefentry><refentrytitle>systemd.time</refentrytitle>
<manvolnum>7</manvolnum></citerefentry> for details.
'';

14
nixos/modules/system/boot/systemd.nix
View file

@ -747,6 +747,7 @@ in
"systemd/journald.conf".text = ''
[Journal]
Storage=persistent
RateLimitInterval=${config.services.journald.rateLimitInterval}
RateLimitBurst=${toString config.services.journald.rateLimitBurst}
${optionalString (config.services.journald.console != "") ''
@ -783,19 +784,6 @@ in
services.dbus.enable = true;
system.activationScripts.systemd = stringAfter [ "groups" ]
''
mkdir -m 0755 -p /var/lib/udev
if ! [ -e /etc/machine-id ]; then
${systemd}/bin/systemd-machine-id-setup
fi
# Keep a persistent journal. Note that systemd-tmpfiles will
# set proper ownership/permissions.
mkdir -m 0700 -p /var/log/journal
'';
users.users.systemd-network.uid = config.ids.uids.systemd-network;
users.groups.systemd-network.gid = config.ids.gids.systemd-network;
users.users.systemd-resolve.uid = config.ids.uids.systemd-resolve;

35
nixos/modules/virtualisation/hyperv-guest.nix
View file

@ -9,20 +9,47 @@ in {
options = {
virtualisation.hypervGuest = {
enable = mkEnableOption "Hyper-V Guest Support";
videoMode = mkOption {
type = types.str;
default = "1152x864";
example = "1024x768";
description = ''
Resolution at which to initialize the video adapter.
Supports screen resolution up to Full HD 1920x1080 with 32 bit color
on Windows Server 2012, and 1600x1200 with 16 bit color on Windows
Server 2008 R2 or earlier.
'';
};
};
};
config = mkIf cfg.enable {
boot = {
initrd.kernelModules = [
"hv_balloon" "hv_netvsc" "hv_storvsc" "hv_utils" "hv_vmbus"
];
kernelParams = [
"video=hyperv_fb:${cfg.videoMode}"
];
};
environment.systemPackages = [ config.boot.kernelPackages.hyperv-daemons.bin ];
security.rngd.enable = false;
# enable hotadding memory
# enable hotadding cpu/memory
services.udev.packages = lib.singleton (pkgs.writeTextFile {
name = "hyperv-memory-hotadd-udev-rules";
destination = "/etc/udev/rules.d/99-hyperv-memory-hotadd.rules";
name = "hyperv-cpu-and-memory-hotadd-udev-rules";
destination = "/etc/udev/rules.d/99-hyperv-cpu-and-memory-hotadd.rules";
text = ''
ACTION="add", SUBSYSTEM=="memory", ATTR{state}="online"
# Memory hotadd
SUBSYSTEM=="memory", ACTION=="add", DEVPATH=="/devices/system/memory/memory[0-9]*", TEST=="state", ATTR{state}="online"
# CPU hotadd
SUBSYSTEM=="cpu", ACTION=="add", DEVPATH=="/devices/system/cpu/cpu[0-9]*", TEST=="online", ATTR{online}="1"
'';
});

1
nixos/release.nix
View file

@ -362,6 +362,7 @@ in rec {
tests.netdata = callTest tests/netdata.nix { };
tests.networking.networkd = callSubTests tests/networking.nix { networkd = true; };
tests.networking.scripted = callSubTests tests/networking.nix { networkd = false; };
tests.nextcloud = callSubTests tests/nextcloud { };
# TODO: put in networking.nix after the test becomes more complete
tests.networkingProxy = callTest tests/networking-proxy.nix {};
tests.nexus = callTest tests/nexus.nix { };

2
nixos/tests/misc.nix
View file

@ -78,6 +78,8 @@ import ./make-test.nix ({ pkgs, ...} : rec {
# Test whether we have a reboot record in wtmp.
subtest "reboot-wtmp", sub {
$machine->shutdown;
$machine->waitForUnit('multi-user.target');
$machine->succeed("last | grep reboot >&2");
};

56
nixos/tests/nextcloud/basic.nix Normal file
View file

@ -0,0 +1,56 @@
import ../make-test.nix ({ pkgs, ...}: let
adminpass = "notproduction";
adminuser = "root";
in {
name = "nextcloud-basic";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ globin eqyiel ];
};
nodes = {
# The only thing the client needs to do is download a file.
client = { ... }: {};
nextcloud = { config, pkgs, ... }: {
networking.firewall.allowedTCPPorts = [ 80 ];
services.nextcloud = {
enable = true;
nginx.enable = true;
hostName = "nextcloud";
config = {
# Don't inherit adminuser since "root" is supposed to be the default
inherit adminpass;
};
};
};
};
testScript = let
withRcloneEnv = pkgs.writeScript "with-rclone-env" ''
#!${pkgs.stdenv.shell}
export RCLONE_CONFIG_NEXTCLOUD_TYPE=webdav
export RCLONE_CONFIG_NEXTCLOUD_URL="http://nextcloud/remote.php/webdav/"
export RCLONE_CONFIG_NEXTCLOUD_VENDOR="nextcloud"
export RCLONE_CONFIG_NEXTCLOUD_USER="${adminuser}"
export RCLONE_CONFIG_NEXTCLOUD_PASS="$(${pkgs.rclone}/bin/rclone obscure ${adminpass})"
"''${@}"
'';
copySharedFile = pkgs.writeScript "copy-shared-file" ''
#!${pkgs.stdenv.shell}
echo 'hi' | ${withRcloneEnv} ${pkgs.rclone}/bin/rclone rcat nextcloud:test-shared-file
'';
diffSharedFile = pkgs.writeScript "diff-shared-file" ''
#!${pkgs.stdenv.shell}
diff <(echo 'hi') <(${pkgs.rclone}/bin/rclone cat nextcloud:test-shared-file)
'';
in ''
startAll();
$nextcloud->waitForUnit("multi-user.target");
$nextcloud->succeed("curl -sSf http://nextcloud/login");
$nextcloud->succeed("${withRcloneEnv} ${copySharedFile}");
$client->waitForUnit("multi-user.target");
$client->succeed("${withRcloneEnv} ${diffSharedFile}");
'';
})

6
nixos/tests/nextcloud/default.nix Normal file
View file

@ -0,0 +1,6 @@
{ system ? builtins.currentSystem }:
{
basic = import ./basic.nix { inherit system; };
with-postgresql-and-redis = import ./with-postgresql-and-redis.nix { inherit system; };
with-mysql-and-memcached = import ./with-mysql-and-memcached.nix { inherit system; };
}

97
nixos/tests/nextcloud/with-mysql-and-memcached.nix Normal file
View file

@ -0,0 +1,97 @@
import ../make-test.nix ({ pkgs, ...}: let
adminpass = "hunter2";
adminuser = "root";
in {
name = "nextcloud-with-mysql-and-memcached";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ eqyiel ];
};
nodes = {
# The only thing the client needs to do is download a file.
client = { ... }: {};
nextcloud = { config, pkgs, ... }: {
networking.firewall.allowedTCPPorts = [ 80 ];
services.nextcloud = {
enable = true;
hostName = "nextcloud";
nginx.enable = true;
https = true;
caching = {
apcu = true;
redis = false;
memcached = true;
};
config = {
dbtype = "mysql";
dbname = "nextcloud";
dbuser = "nextcloud";
dbhost = "127.0.0.1";
dbport = 3306;
dbpass = "hunter2";
# Don't inherit adminuser since "root" is supposed to be the default
inherit adminpass;
};
};
services.mysql = {
enable = true;
bind = "127.0.0.1";
package = pkgs.mariadb;
initialScript = pkgs.writeText "mysql-init" ''
CREATE USER 'nextcloud'@'localhost' IDENTIFIED BY 'hunter2';
CREATE DATABASE IF NOT EXISTS nextcloud;
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER,
CREATE TEMPORARY TABLES ON nextcloud.* TO 'nextcloud'@'localhost'
IDENTIFIED BY 'hunter2';
FLUSH privileges;
'';
};
systemd.services."nextcloud-setup"= {
requires = ["mysql.service"];
after = ["mysql.service"];
};
services.memcached.enable = true;
};
};
testScript = let
configureMemcached = pkgs.writeScript "configure-memcached" ''
#!${pkgs.stdenv.shell}
nextcloud-occ config:system:set memcached_servers 0 0 --value 127.0.0.1 --type string
nextcloud-occ config:system:set memcached_servers 0 1 --value 11211 --type integer
nextcloud-occ config:system:set memcache.local --value '\OC\Memcache\APCu' --type string
nextcloud-occ config:system:set memcache.distributed --value '\OC\Memcache\Memcached' --type string
'';
withRcloneEnv = pkgs.writeScript "with-rclone-env" ''
#!${pkgs.stdenv.shell}
export RCLONE_CONFIG_NEXTCLOUD_TYPE=webdav
export RCLONE_CONFIG_NEXTCLOUD_URL="http://nextcloud/remote.php/webdav/"
export RCLONE_CONFIG_NEXTCLOUD_VENDOR="nextcloud"
export RCLONE_CONFIG_NEXTCLOUD_USER="${adminuser}"
export RCLONE_CONFIG_NEXTCLOUD_PASS="$(${pkgs.rclone}/bin/rclone obscure ${adminpass})"
'';
copySharedFile = pkgs.writeScript "copy-shared-file" ''
#!${pkgs.stdenv.shell}
echo 'hi' | ${pkgs.rclone}/bin/rclone rcat nextcloud:test-shared-file
'';
diffSharedFile = pkgs.writeScript "diff-shared-file" ''
#!${pkgs.stdenv.shell}
diff <(echo 'hi') <(${pkgs.rclone}/bin/rclone cat nextcloud:test-shared-file)
'';
in ''
startAll();
$nextcloud->waitForUnit("multi-user.target");
$nextcloud->succeed("${configureMemcached}");
$nextcloud->succeed("curl -sSf http://nextcloud/login");
$nextcloud->succeed("${withRcloneEnv} ${copySharedFile}");
$client->waitForUnit("multi-user.target");
$client->succeed("${withRcloneEnv} ${diffSharedFile}");
'';
})

130
nixos/tests/nextcloud/with-postgresql-and-redis.nix Normal file
View file

@ -0,0 +1,130 @@
import ../make-test.nix ({ pkgs, ...}: let
adminpass = "hunter2";
adminuser = "custom-admin-username";
in {
name = "nextcloud-with-postgresql-and-redis";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ eqyiel ];
};
nodes = {
# The only thing the client needs to do is download a file.
client = { ... }: {};
nextcloud = { config, pkgs, ... }: {
networking.firewall.allowedTCPPorts = [ 80 ];
services.nextcloud = {
enable = true;
hostName = "nextcloud";
nginx.enable = true;
caching = {
apcu = false;
redis = true;
memcached = false;
};
config = {
dbtype = "pgsql";
dbname = "nextcloud";
dbuser = "nextcloud";
dbhost = "localhost";
dbpassFile = toString (pkgs.writeText "db-pass-file" ''
hunter2
'');
inherit adminuser;
adminpassFile = toString (pkgs.writeText "admin-pass-file" ''
${adminpass}
'');
};
};
services.redis = {
unixSocket = "/var/run/redis/redis.sock";
enable = true;
extraConfig = ''
unixsocketperm 770
'';
};
systemd.services.redis = {
preStart = ''
mkdir -p /var/run/redis
chown ${config.services.redis.user}:${config.services.nginx.group} /var/run/redis
'';
serviceConfig.PermissionsStartOnly = true;
};
systemd.services."nextcloud-setup"= {
requires = ["postgresql.service"];
after = [
"postgresql.service"
"chown-redis-socket.service"
];
};
# At the time of writing, redis creates its socket with the "nobody"
# group. I figure this is slightly less bad than making the socket world
# readable.
systemd.services."chown-redis-socket" = {
enable = true;
script = ''
until ${pkgs.redis}/bin/redis-cli ping; do
echo "waiting for redis..."
sleep 1
done
chown ${config.services.redis.user}:${config.services.nginx.group} /var/run/redis/redis.sock
'';
after = [ "redis.service" ];
requires = [ "redis.service" ];
wantedBy = [ "redis.service" ];
serviceConfig = {
Type = "oneshot";
};
};
services.postgresql = {
enable = true;
initialScript = pkgs.writeText "psql-init" ''
create role nextcloud with login password 'hunter2';
create database nextcloud with owner nextcloud;
'';
};
};
};
testScript = let
configureRedis = pkgs.writeScript "configure-redis" ''
#!${pkgs.stdenv.shell}
nextcloud-occ config:system:set redis 'host' --value '/var/run/redis/redis.sock' --type string
nextcloud-occ config:system:set redis 'port' --value 0 --type integer
nextcloud-occ config:system:set memcache.local --value '\OC\Memcache\Redis' --type string
nextcloud-occ config:system:set memcache.locking --value '\OC\Memcache\Redis' --type string
'';
withRcloneEnv = pkgs.writeScript "with-rclone-env" ''
#!${pkgs.stdenv.shell}
export RCLONE_CONFIG_NEXTCLOUD_TYPE=webdav
export RCLONE_CONFIG_NEXTCLOUD_URL="http://nextcloud/remote.php/webdav/"
export RCLONE_CONFIG_NEXTCLOUD_VENDOR="nextcloud"
export RCLONE_CONFIG_NEXTCLOUD_USER="${adminuser}"
export RCLONE_CONFIG_NEXTCLOUD_PASS="$(${pkgs.rclone}/bin/rclone obscure ${adminpass})"
"''${@}"
'';
copySharedFile = pkgs.writeScript "copy-shared-file" ''
#!${pkgs.stdenv.shell}
echo 'hi' | ${pkgs.rclone}/bin/rclone rcat nextcloud:test-shared-file
'';
diffSharedFile = pkgs.writeScript "diff-shared-file" ''
#!${pkgs.stdenv.shell}
diff <(echo 'hi') <(${pkgs.rclone}/bin/rclone cat nextcloud:test-shared-file)
'';
in ''
startAll();
$nextcloud->waitForUnit("multi-user.target");
$nextcloud->succeed("${configureRedis}");
$nextcloud->succeed("curl -sSf http://nextcloud/login");
$nextcloud->succeed("${withRcloneEnv} ${copySharedFile}");
$client->waitForUnit("multi-user.target");
$client->succeed("${withRcloneEnv} ${diffSharedFile}");
'';
})

4
nixos/tests/nix-ssh-serve.nix
View file

@ -14,8 +14,8 @@ in
keys = [ snakeOilPublicKey ];
protocol = "ssh-ng";
};
server.nix.package = pkgs.nixUnstable;
client.nix.package = pkgs.nixUnstable;
server.nix.package = pkgs.nix;
client.nix.package = pkgs.nix;
};
testScript = ''
startAll;

17
pkgs/applications/altcoins/bitcoin.nix
View file

@ -1,20 +1,21 @@
{ stdenv, fetchurl, pkgconfig, autoreconfHook, openssl, db48, boost, zeromq
, zlib, miniupnpc, qtbase ? null, qttools ? null, utillinux, protobuf, qrencode, libevent
, zlib, miniupnpc, qtbase ? null, qttools ? null, utillinux, protobuf, python3, qrencode, libevent
, withGui }:
with stdenv.lib;
stdenv.mkDerivation rec{
name = "bitcoin" + (toString (optional (!withGui) "d")) + "-" + version;
version = "0.16.3";
version = "0.17.0";
src = fetchurl {
urls = [ "https://bitcoincore.org/bin/bitcoin-core-${version}/bitcoin-${version}.tar.gz"
"https://bitcoin.org/bin/bitcoin-core-${version}/bitcoin-${version}.tar.gz"
];
sha256 = "060223dzzk2izfzhxwlzzd0fhbgglvbgps2nyc4zz767vybysvl3";
sha256 = "0pkq28d2dj22qrxyyg9kh0whmhj7ghyabnhyqldbljv4a7l3kvwq";
};
nativeBuildInputs = [ pkgconfig autoreconfHook ];
nativeBuildInputs = [ pkgconfig autoreconfHook ]
++ optionals doCheck [ python3 ];
buildInputs = [ openssl db48 boost zlib zeromq
miniupnpc protobuf libevent]
++ optionals stdenv.isLinux [ utillinux ]
@ -30,9 +31,11 @@ stdenv.mkDerivation rec{
"--with-qt-bindir=${qtbase.dev}/bin:${qttools.dev}/bin"
];
# Fails with "This application failed to start because it could not
# find or load the Qt platform plugin "minimal""
doCheck = false;
doCheck = true;
# QT_PLUGIN_PATH needs to be set when executing QT, which is needed when testing Bitcoin's GUI.
# See also https://github.com/NixOS/nixpkgs/issues/24256
checkFlags = optionals withGui [ "QT_PLUGIN_PATH=${qtbase}/lib/qt-5.${versions.minor qtbase.version}/plugins" ];
enableParallelBuilding = true;

4
pkgs/applications/altcoins/nano-wallet/default.nix
View file

@ -3,13 +3,13 @@
stdenv.mkDerivation rec {
name = "nano-wallet-${version}";
version = "16.0";
version = "16.1";
src = fetchFromGitHub {
owner = "nanocurrency";
repo = "raiblocks";
rev = "V${version}";
sha256 = "0fk8jlas3khdh3nlv40krsjdifxp9agblvzap6k93wmm9y34h41c";
sha256 = "0sk9g4fv494a5w75vs5a3s5c139lxzz1svz0cn1hkhxqlmz8w081";
fetchSubmodules = true;
};

2
pkgs/applications/audio/easytag/default.nix
View file

@ -10,7 +10,7 @@ in stdenv.mkDerivation rec {
name = "${pname}-${version}";
src = fetchurl {
url = "mirror://gnome/sources/${pname}/${gnome3.versionBranch version}/${name}.tar.xz";
url = "mirror://gnome/sources/${pname}/${stdenv.lib.versions.majorMinor version}/${name}.tar.xz";
sha256 = "1mbxnqrw1fwcgraa1bgik25vdzvf97vma5pzknbwbqq5ly9fwlgw";
};

4
pkgs/applications/audio/elisa/default.nix
View file

@ -7,13 +7,13 @@
mkDerivation rec {
name = "elisa-${version}";
version = "0.2.80";
version = "0.3.0";
src = fetchFromGitHub {
owner = "KDE";
repo = "elisa";
rev = "v${version}";
sha256 = "0wc2kkp28gp1rfgg14a769lalwd44yz7jxkrzanh91v5j2kkln07";
sha256 = "0bpkr5rp9nfa2wzm6w3xkhsfgf5dbgxbmhckjh9wkxal3mncpkg4";
};
nativeBuildInputs = [ extra-cmake-modules kdoctools wrapGAppsHook ];

21
pkgs/applications/audio/mhwaveedit/default.nix
View file

@ -1,23 +1,24 @@
{ stdenv, fetchurl, makeWrapper, SDL, alsaLib, autoreconfHook, gtk2, libjack2, ladspaH
{ stdenv, fetchFromGitHub, makeWrapper, SDL, alsaLib, autoreconfHook, gtk2, libjack2, ladspaH
, ladspaPlugins, libsamplerate, libsndfile, pkgconfig, libpulseaudio, lame
, vorbis-tools }:
stdenv.mkDerivation rec {
stdenv.mkDerivation rec {
name = "mhwaveedit-${version}";
version = "1.4.23";
version = "1.4.24";
src = fetchurl {
url = "https://github.com/magnush/mhwaveedit/archive/v${version}.tar.gz";
sha256 = "1lvd54d8kpxwl4gihhznx1b5skhibz4vfxi9k2kwqg808jfgz37l";
src = fetchFromGitHub {
owner = "magnush";
repo = "mhwaveedit";
rev = "v${version}";
sha256 = "037pbq23kh8hsih994x2sv483imglwcrqrx6m8visq9c46fi0j1y";
};
nativeBuildInputs = [ autoreconfHook ];
nativeBuildInputs = [ autoreconfHook makeWrapper pkgconfig ];
preAutoreconf = "(cd docgen && sh gendocs.sh)";
buildInputs = [
SDL alsaLib gtk2 libjack2 ladspaH libsamplerate libsndfile
pkgconfig libpulseaudio makeWrapper
SDL alsaLib gtk2 libjack2 ladspaH libsamplerate libsndfile libpulseaudio
];
configureFlags = [ "--with-default-ladspa-path=${ladspaPlugins}/lib/ladspa" ];
@ -30,7 +31,7 @@ stdenv.mkDerivation rec {
meta = with stdenv.lib; {
description = "Graphical program for editing, playing and recording sound files";
homepage = https://gna.org/projects/mhwaveedit;
homepage = https://github.com/magnush/mhwaveedit;
license = licenses.gpl2Plus;
platforms = platforms.linux;
maintainers = [ maintainers.goibhniu ];

4
pkgs/applications/audio/pulseeffects/default.nix
View file

@ -44,13 +44,13 @@ let
];
in stdenv.mkDerivation rec {
name = "pulseeffects-${version}";
version = "4.3.5";
version = "4.3.7";
src = fetchFromGitHub {
owner = "wwmm";
repo = "pulseeffects";
rev = "v${version}";
sha256 = "01jxkz4s3m8cqsn6wcbrw7bzr7sr7hqsp9950018riilpni7k4bd";
sha256 = "1x1jnbpbc9snya9k2xq39gssf0k4lnd1hr4cjrnwscg5rqybxqsk";
};
nativeBuildInputs = [

8
pkgs/applications/audio/puredata/default.nix
View file

@ -4,11 +4,11 @@
stdenv.mkDerivation rec {
name = "puredata-${version}";
version = "0.48-2";
version = "0.49-0";
src = fetchurl {
url = "http://msp.ucsd.edu/Software/pd-${version}.src.tar.gz";
sha256 = "0p86hncgzkrl437v2wch2fg9iyn6mnrgbn811sh9pwmrjj2f06v8";
sha256 = "18rzqbpgnnvyslap7k0ly87aw1bbxkb0rk5agpr423ibs9slxq6j";
};
nativeBuildInputs = [ autoreconfHook gettext makeWrapper ];
@ -20,11 +20,9 @@ stdenv.mkDerivation rec {
"--enable-jack"
"--enable-fftw"
"--disable-portaudio"
"--disable-oss"
];
# https://github.com/pure-data/pure-data/issues/188
# --disable-oss
postInstall = ''
wrapProgram $out/bin/pd --prefix PATH : ${tk}/bin
'';

2
pkgs/applications/audio/rhythmbox/default.nix
View file

@ -20,7 +20,7 @@ in stdenv.mkDerivation rec {
name = "${pname}-${version}";
src = fetchurl {
url = "mirror://gnome/sources/${pname}/${gnome3.versionBranch version}/${name}.tar.xz";
url = "mirror://gnome/sources/${pname}/${stdenv.lib.versions.majorMinor version}/${name}.tar.xz";
sha256 = "0hzcns8gf5yb0rm4ss8jd8qzarcaplp5cylk6plwilsqfvxj4xn2";
};

2
pkgs/applications/audio/sound-juicer/default.nix
View file

@ -9,7 +9,7 @@ in stdenv.mkDerivation rec{
name = "${pname}-${version}";
src = fetchurl {
url = "mirror://gnome/sources/${pname}/${gnome3.versionBranch version}/${name}.tar.xz";
url = "mirror://gnome/sources/${pname}/${stdenv.lib.versions.majorMinor version}/${name}.tar.xz";
sha256 = "0mx6n901vb97hsv0cwaafjffj75s1kcp8jsqay90dy3099849dyz";
};

32
pkgs/applications/audio/zita-njbridge/default.nix Normal file
View file

@ -0,0 +1,32 @@
{ stdenv, fetchurl, libjack2, zita-resampler }:
stdenv.mkDerivation rec {
version = "0.4.4";
name = "zita-njbridge-${version}";
src = fetchurl {
url = "https://kokkinizita.linuxaudio.org/linuxaudio/downloads/${name}.tar.bz2";
sha256 = "1l8rszdjhp0gq7mr54sdgfs6y6cmw11ssmqb1v9yrkrz5rmwzg8j";
};
buildInputs = [ libjack2 zita-resampler ];
preConfigure = ''
cd ./source/
'';
makeFlags = [
"PREFIX=$(out)"
"MANDIR=$(out)"
"SUFFIX=''"
];
meta = with stdenv.lib; {
description = "command line Jack clients to transmit full quality multichannel audio over a local IP network";
homepage = http://kokkinizita.linuxaudio.org/linuxaudio/index.html;
license = licenses.gpl3;
maintainers = [ maintainers.magnetophon ];
platforms = platforms.linux;
};
}

6
pkgs/applications/editors/android-studio/default.nix
View file

@ -14,9 +14,9 @@ let
};
betaVersion = stableVersion;
latestVersion = { # canary & dev
version = "3.3.0.11"; # "Android Studio 3.3 Canary 12"
build = "182.5026711";
sha256Hash = "0k1f8yw3gdil78iqxlwhbz71w1307hwwf8z9m7hs0v9b4ri6x2wk";
version = "3.3.0.12"; # "Android Studio 3.3 Canary 13"
build = "182.5035453";
sha256Hash = "0f2glxm41ci016dv9ygr12s72lc5mh0zsxhpmx0xswg9mdwrvwa7";
};
in rec {
# Old alias

2
pkgs/applications/editors/flpsed/default.nix
View file

@ -1,4 +1,4 @@
{ stdenv, fetchurl, fltk13, ghostscript, xlibs }:
{ stdenv, fetchurl, fltk13, ghostscript }:
stdenv.mkDerivation rec {
name = "flpsed-${version}";

2
pkgs/applications/editors/gnome-builder/default.nix
View file

@ -37,7 +37,7 @@ in stdenv.mkDerivation {
name = "${pname}-${version}";
src = fetchurl {
url = "mirror://gnome/sources/${pname}/${gnome3.versionBranch version}/${pname}-${version}.tar.xz";
url = "mirror://gnome/sources/${pname}/${stdenv.lib.versions.majorMinor version}/${pname}-${version}.tar.xz";
sha256 = "0ibb74jlyrl5f6rj1b74196zfg2qaf870lxgi76qzpkgwq0iya05";
};

3
pkgs/applications/editors/jetbrains/common.nix
View file

@ -1,5 +1,5 @@
{ stdenv, makeDesktopItem, makeWrapper, patchelf, p7zip
, coreutils, gnugrep, which, git, unzip, libsecret
, coreutils, gnugrep, which, git, unzip, libsecret, libnotify
}:
{ name, product, version, src, wmClass, jdk, meta }:
@ -67,6 +67,7 @@ with stdenv; lib.makeOverridable mkDerivation rec {
--prefix LD_LIBRARY_PATH : "${stdenv.lib.makeLibraryPath [
# Some internals want libstdc++.so.6
stdenv.cc.cc.lib libsecret
libnotify
]}" \
--set JDK_HOME "$jdk" \
--set ${hiName}_JDK "$jdk" \

3
pkgs/applications/editors/jetbrains/default.nix
View file

@ -130,7 +130,8 @@ let
longDescription = ''
IDE for Java SE, Groovy & Scala development Powerful
environment for building Google Android apps Integration
with JUnit, TestNG, popular SCMs, Ant & Maven.
with JUnit, TestNG, popular SCMs, Ant & Maven. Also known
as IntelliJ.
'';
maintainers = with maintainers; [ edwtjo ];
platforms = platforms.linux;

4
pkgs/applications/editors/tiled/default.nix
View file

@ -3,13 +3,13 @@
stdenv.mkDerivation rec {
name = "tiled-${version}";
version = "1.1.6";
version = "1.2.0";
src = fetchFromGitHub {
owner = "bjorn";
repo = "tiled";
rev = "v${version}";
sha256 = "09qnlinm3q9xwp6b6cajs49fx8y6pkpixhji68bhs53m5hpvfg4s";
sha256 = "15apv81c5h17ljrxvm7hlyqg5bw58dzgik8gfhmh97wpwnbz1bl9";
};
nativeBuildInputs = [ pkgconfig qmake ];

2
pkgs/applications/graphics/shotwell/default.nix
View file

@ -12,7 +12,7 @@ in stdenv.mkDerivation rec {
name = "${pname}-${version}";
src = fetchurl {
url = "mirror://gnome/sources/${pname}/${gnome3.versionBranch version}/${name}.tar.xz";
url = "mirror://gnome/sources/${pname}/${stdenv.lib.versions.majorMinor version}/${name}.tar.xz";
sha256 = "0pa7lb33i4hdnz7hr7x938d48ilrnj47jzb99la79rmm08yyin8n";
};

1
pkgs/applications/misc/electron-cash/default.nix
View file

@ -34,6 +34,7 @@ python3Packages.buildPythonApplication rec {
# plugins
keepkey
trezor
btchip
];
nativeBuildInputs = [ makeWrapper ];

2
pkgs/applications/misc/electrum/default.nix
View file

@ -41,10 +41,10 @@ python3Packages.buildPythonApplication rec {
# plugins
keepkey
trezor
btchip
# TODO plugins
# amodem
# btchip
];
preBuild = ''

34
pkgs/applications/misc/fllog/default.nix Normal file
View file

@ -0,0 +1,34 @@
{ stdenv
, fetchurl
, fltk13
, libjpeg
, pkgconfig
}:
stdenv.mkDerivation rec {
version = "1.2.5";
pname = "fllog";
name = "${pname}-${version}";
src = fetchurl {
url = "mirror://sourceforge/fldigi/${name}.tar.gz";
sha256 = "042j1g035338vfbl4i9laai8af8iakavar05xn2m4p7ww6x76zzl";
};
buildInputs = [
fltk13
libjpeg
];
nativeBuildInputs = [
pkgconfig
];
meta = {
description = "Digital modem log program";
homepage = https://sourceforge.net/projects/fldigi/;
license = stdenv.lib.licenses.gpl3Plus;
maintainers = with stdenv.lib.maintainers; [ dysinger ];
platforms = stdenv.lib.platforms.linux;
};
}

34
pkgs/applications/misc/flmsg/default.nix Normal file
View file

@ -0,0 +1,34 @@
{ stdenv
, fetchurl
, fltk13
, libjpeg
, pkgconfig
}:
stdenv.mkDerivation rec {
version = "4.0.7";
pname = "flmsg";
name = "${pname}-${version}";
src = fetchurl {
url = "mirror://sourceforge/fldigi/${name}.tar.gz";
sha256 = "1kdlwhxsw02pas9d0kakkq2713wj1m4q881f6am5aq4x8n01f4xw";
};
buildInputs = [
fltk13
libjpeg
];
nativeBuildInputs = [
pkgconfig
];
meta = {
description = "Digital modem message program";
homepage = https://sourceforge.net/projects/fldigi/;
license = stdenv.lib.licenses.gpl3Plus;
maintainers = with stdenv.lib.maintainers; [ dysinger ];
platforms = stdenv.lib.platforms.linux;
};
}

34
pkgs/applications/misc/flrig/default.nix Normal file
View file

@ -0,0 +1,34 @@
{ stdenv
, fetchurl
, fltk13
, libjpeg
, pkgconfig
}:
stdenv.mkDerivation rec {
version = "1.3.40";
pname = "flrig";
name = "${pname}-${version}";
src = fetchurl {
url = "mirror://sourceforge/fldigi/${name}.tar.gz";
sha256 = "1wr7bb2577gha7y3a8m5w60m4xdv8m0199cj2c6349sgbds373w9";
};
buildInputs = [
fltk13
libjpeg
];
nativeBuildInputs = [
pkgconfig
];
meta = {
description = "Digital modem rig control program";
homepage = https://sourceforge.net/projects/fldigi/;
license = stdenv.lib.licenses.gpl3Plus;
maintainers = with stdenv.lib.maintainers; [ dysinger ];
platforms = stdenv.lib.platforms.linux;
};
}

34
pkgs/applications/misc/flwrap/default.nix Normal file
View file

@ -0,0 +1,34 @@
{ stdenv
, fetchurl
, fltk13
, libjpeg
, pkgconfig
}:
stdenv.mkDerivation rec {
version = "1.3.5";
pname = "flwrap";
name = "${pname}-${version}";
src = fetchurl {
url = "mirror://sourceforge/fldigi/${name}.tar.gz";
sha256 = "0qqivqkkravcg7j45740xfky2q3k7czqpkj6y364qff424q2pppg";
};
buildInputs = [
fltk13
libjpeg
];
nativeBuildInputs = [
pkgconfig
];
meta = {
description = "Digital modem file transfer program";
homepage = https://sourceforge.net/projects/fldigi/;
license = stdenv.lib.licenses.gpl3Plus;
maintainers = with stdenv.lib.maintainers; [ dysinger ];
platforms = stdenv.lib.platforms.linux;
};
}

4
pkgs/applications/misc/girara/default.nix
View file

@ -3,11 +3,11 @@
stdenv.mkDerivation rec {
name = "girara-${version}";
version = "0.3.0";
version = "0.3.1";
src = fetchurl {
url = "https://pwmt.org/projects/girara/download/${name}.tar.xz";
sha256 = "18j1gv8pi4cpndvnap88pcfacdz3lnw6pxmw7dvzm359y1gzllmp";
sha256 = "1ddwap5q5cnfdr1q1b110wy7mw1z3khn86k01jl8lqmn02n9nh1w";
};
nativeBuildInputs = [ meson ninja pkgconfig gettext ];

2
pkgs/applications/misc/gnome-usage/default.nix
View file

@ -9,7 +9,7 @@ in stdenv.mkDerivation rec {
name = "${pname}-${version}";
src = fetchurl {
url = "mirror://gnome/sources/${pname}/${gnome3.versionBranch version}/${name}.tar.xz";
url = "mirror://gnome/sources/${pname}/${stdenv.lib.versions.majorMinor version}/${name}.tar.xz";
sha256 = "0130bwinpkz307nalw6ndi5mk38k5g6jna4gbw2916d54df6a4nq";
};

10
pkgs/applications/misc/gollum/Gemfile.lock
View file

@ -11,22 +11,22 @@ GEM
diff-lcs (~> 1.1)
mime-types (>= 1.16)
posix-spawn (~> 0.3)
gollum (4.1.3)
gollum (4.1.4)
gemojione (~> 3.2)
gollum-lib (>= 4.2.9)
gollum-lib (~> 4.2, >= 4.2.10)
kramdown (~> 1.9.0)
mustache (>= 0.99.5, < 1.0.0)
sinatra (~> 1.4, >= 1.4.4)
useragent (~> 0.16.2)
gollum-grit_adapter (1.0.1)
gitlab-grit (~> 2.7, >= 2.7.1)
gollum-lib (4.2.9)
gollum-lib (4.2.10)
gemojione (~> 3.2)
github-markup (~> 1.6)
gollum-grit_adapter (~> 1.0)
nokogiri (>= 1.6.1, < 2.0)
rouge (~> 2.1)
sanitize (~> 2.1)
sanitize (~> 2.1.1, >= 2.1.1)
stringex (~> 2.6)
twitter-text (= 1.14.7)
json (2.1.0)
@ -43,7 +43,7 @@ GEM
rack-protection (1.5.5)
rack
rouge (2.2.1)
sanitize (2.1.0)
sanitize (2.1.1)
nokogiri (>= 1.4.4)
sinatra (1.4.8)
rack (~> 1.5)

12
pkgs/applications/misc/gollum/gemset.nix
View file

@ -45,10 +45,10 @@
dependencies = ["gemojione" "gollum-lib" "kramdown" "mustache" "sinatra" "useragent"];
source = {
remotes = ["https://rubygems.org"];
sha256 = "1146irmnm0xyzjzw8k14wvb6h4cqh4q53ds92wk6jpsfs6r1pjq6";
sha256 = "0ik1b0f73lcxfwfml1h84dp6br79g0z9v6x54wvl46n9d1ndrhl7";
type = "gem";
};
version = "4.1.3";
version = "4.1.4";
};
gollum-grit_adapter = {
dependencies = ["gitlab-grit"];
@ -63,10 +63,10 @@
dependencies = ["gemojione" "github-markup" "gollum-grit_adapter" "nokogiri" "rouge" "sanitize" "stringex" "twitter-text"];
source = {
remotes = ["https://rubygems.org"];
sha256 = "1w48mrjgy4ykd1ix421n96nx0w15iid2aj3sgglpl3bdkizxhfqj";
sha256 = "1699wiir6f2a8yawk3qg0xn3zdc10mz783v53ri1ivfnzdrm3dvf";
type = "gem";
};
version = "4.2.9";
version = "4.2.10";
};
json = {
source = {
@ -163,10 +163,10 @@
dependencies = ["nokogiri"];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0xsv6xqrlz91rd8wifjknadbl3z5h6qphmxy0hjb189qbdghggn3";
sha256 = "12ip1d80r0dgc621qn7c32bk12xxgkkg3w6q21s1ckxivcd7r898";
type = "gem";
};
version = "2.1.0";
version = "2.1.1";
};
sinatra = {
dependencies = ["rack" "rack-protection" "tilt"];

2
pkgs/applications/misc/khard/default.nix
View file

@ -41,7 +41,7 @@ in with python.pkgs; buildPythonApplication rec {
];
postInstall = ''
install -D misc/zsh/_khard $out/share/zsh/site-functions/
install -D misc/zsh/_khard $out/share/zsh/site-functions/_khard
'';
# Fails; but there are no tests anyway.

8
pkgs/applications/misc/kitty/default.nix
View file

@ -7,7 +7,7 @@
with python3Packages;
buildPythonApplication rec {
version = "0.12.0";
version = "0.12.3";
name = "kitty-${version}";
format = "other";
@ -15,7 +15,7 @@ buildPythonApplication rec {
owner = "kovidgoyal";
repo = "kitty";
rev = "v${version}";
sha256 = "1n2pi9pc903inls1fvz257q7wpif76rj394qkgq7pixpisijdyjm";
sha256 = "1nhk8pbwr673gw9qjgca4lzjgp8rw7sf99ra4wsh8jplf3kvgq5c";
};
buildInputs = [
@ -33,8 +33,8 @@ buildPythonApplication rec {
--replace "find_library('startup-notification-1')" "'${libstartup_notification}/lib/libstartup-notification-1.so'"
substituteInPlace docs/Makefile \
--replace 'python3 .. +launch $(shell which sphinx-build)' \
'PYTHONPATH=$PYTHONPATH:.. HOME=$TMPDIR/nowhere $(shell which sphinx-build)'
--replace 'python3 .. +launch :sphinx-build' \
'PYTHONPATH=$PYTHONPATH:.. HOME=$TMPDIR/nowhere sphinx-build'
'';
buildPhase = ''

4
pkgs/applications/misc/lxterminal/default.nix
View file

@ -2,14 +2,14 @@
, libxslt, docbook_xml_dtd_412, docbook_xsl, libxml2, findXMLCatalogs
}:
let version = "0.3.1"; in
let version = "0.3.2"; in
stdenv.mkDerivation rec {
name = "lxterminal-${version}";
src = fetchurl {
url = "https://github.com/lxde/lxterminal/archive/${version}.tar.gz";
sha256 = "e91f15c8a726d5c13227263476583137a2639d4799c021ca0726c9805021b54c";
sha256 = "1iafqmccsm3nnzwp6pb2c04iniqqnscj83bq1rvf58ppzk0bvih3";
};
configureFlags = [

43
pkgs/applications/misc/makeself/Use-rm-from-PATH.patch Normal file
View file

@ -0,0 +1,43 @@
From 81cf57e4653360af7f1718391e424fa05d8ea000 Mon Sep 17 00:00:00 2001
From: Keshav Kini <keshav.kini@gmail.com>
Date: Thu, 9 Aug 2018 18:36:15 -0700
Subject: [PATCH] Use `rm` from PATH
On NixOS (a Linux distribution), there is no `/bin/rm`, but an `rm`
command will generally be available in one's path when running shell
scripts. Here, I change a couple of invocations of `/bin/rm` into
invocations of `rm` to deal with this issue.
Since `rm` is already called elsewhere in the script without an
absolute path, I assume this change will not cause any
regressions. Still, I've tested this on a CentOS machine and a NixOS
machine, though not other platforms.
---
makeself-header.sh | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/makeself-header.sh b/makeself-header.sh
index 4d2c005..2babf34 100755
--- a/makeself-header.sh
+++ b/makeself-header.sh
@@ -515,7 +515,7 @@ if test x"\$quiet" = xn; then
fi
res=3
if test x"\$keep" = xn; then
- trap 'echo Signal caught, cleaning up >&2; cd \$TMPROOT; /bin/rm -rf "\$tmpdir"; eval \$finish; exit 15' 1 2 3 15
+ trap 'echo Signal caught, cleaning up >&2; cd \$TMPROOT; rm -rf "\$tmpdir"; eval \$finish; exit 15' 1 2 3 15
fi
if test x"\$nodiskspace" = xn; then
@@ -581,7 +581,7 @@ if test x"\$script" != x; then
fi
if test x"\$keep" = xn; then
cd "\$TMPROOT"
- /bin/rm -rf "\$tmpdir"
+ rm -rf "\$tmpdir"
fi
eval \$finish; exit \$res
EOF
--
2.14.1

5
pkgs/applications/misc/makeself/default.nix
View file

@ -11,7 +11,10 @@ stdenv.mkDerivation rec {
sha256 = "1lw3gx1zpzp2wmzrw5v7k31vfsrdzadqha9ni309fp07g8inrr9n";
};
patchPhase = ''
# backported from https://github.com/megastep/makeself/commit/77156e28ff21231c400423facc7049d9c60fd1bd
patches = [ ./Use-rm-from-PATH.patch ];
postPatch = ''
sed -e "s|^HEADER=.*|HEADER=$out/share/${name}/makeself-header.sh|" -i makeself.sh
'';

7
pkgs/applications/misc/orca/default.nix
View file

@ -1,4 +1,4 @@
{ lib, pkgconfig, fetchurl, buildPythonApplication
{ stdenv, pkgconfig, fetchurl, buildPythonApplication
, autoreconfHook, wrapGAppsHook, gobjectIntrospection
, intltool, yelp-tools, itstool, libxmlxx3
, python, pygobject3, gtk3, gnome3, substituteAll
@ -7,7 +7,6 @@
, speechd, brltty, setproctitle, gst_all_1, gst-python
}:
with lib;
let
pname = "orca";
version = "3.28.2";
@ -17,7 +16,7 @@ in buildPythonApplication rec {
format = "other";
src = fetchurl {
url = "mirror://gnome/sources/${pname}/${gnome3.versionBranch version}/${name}.tar.xz";
url = "mirror://gnome/sources/${pname}/${stdenv.lib.versions.majorMinor version}/${name}.tar.xz";
sha256 = "08rh6ji680g5nrw2n7jrxrw7nwg04sj52jxffcfasgss2f51d38q";
};
@ -54,7 +53,7 @@ in buildPythonApplication rec {
};
};
meta = {
meta = with stdenv.lib; {
homepage = https://wiki.gnome.org/Projects/Orca;
description = "Screen reader";
longDescription = ''

9
pkgs/applications/misc/st/default.nix
View file

@ -1,5 +1,5 @@
{ stdenv, fetchurl, pkgconfig, writeText, makeWrapper, libX11, ncurses, libXext
, libXft, fontconfig, dmenu, conf ? null, patches ? [], extraLibs ? []}:
{ stdenv, fetchurl, pkgconfig, writeText, libX11, ncurses
, libXft, conf ? null, patches ? [], extraLibs ? []}:
with stdenv.lib;
@ -16,12 +16,11 @@ stdenv.mkDerivation rec {
configFile = optionalString (conf!=null) (writeText "config.def.h" conf);
preBuild = optionalString (conf!=null) "cp ${configFile} config.def.h";
nativeBuildInputs = [ pkgconfig makeWrapper ];
buildInputs = [ libX11 ncurses libXext libXft fontconfig ] ++ extraLibs;
nativeBuildInputs = [ pkgconfig ncurses ];
buildInputs = [ libX11 libXft ] ++ extraLibs;
installPhase = ''
TERMINFO=$out/share/terminfo make install PREFIX=$out
wrapProgram "$out/bin/st" --prefix PATH : "${dmenu}/bin"
'';
meta = {

4
pkgs/applications/misc/xterm/default.nix
View file

@ -3,14 +3,14 @@
}:
stdenv.mkDerivation rec {
name = "xterm-335";
name = "xterm-337";
src = fetchurl {
urls = [
"ftp://ftp.invisible-island.net/xterm/${name}.tgz"
"https://invisible-mirror.net/archives/xterm/${name}.tgz"
];
sha256 = "15nbgys4s2idhx6jzzc24g9bb1s6yps5fyg2bafvs0gkkcm1ggz0";
sha256 = "19ygmswikbwa633bxf24cvk7qdxjz2nq3cv9zdgqvrs7sgg7gb6c";
};
buildInputs =

794
pkgs/applications/networking/browsers/firefox-bin/release_sources.nix
View file

File diff suppressed because it is too large Load diff

8
pkgs/applications/networking/browsers/firefox/packages.nix
View file

@ -20,10 +20,10 @@ rec {
firefox = common rec {
pname = "firefox";
version = "62.0.2";
version = "62.0.3";
src = fetchurl {
url = "mirror://mozilla/firefox/releases/${version}/source/firefox-${version}.source.tar.xz";
sha512 = "0j5q1aa7jhq4pydaywp8ymibc319wv3gw2q15qp14i069qk3fpn33zb5z86lhb6z864f88ikx3zxv6phqs96qvzj25yqbh7nxmzwhvv";
sha512 = "0kvb664s47bmmdq2ppjsnyqy8yaiig1xj81r25s36c3i8igfq3zxvws10k2dlmmmrwyc5k4g9i9imgkxj7r3xwwqxc72dl429wvfys8";
};
patches = nixpkgsPatches ++ [
@ -70,10 +70,10 @@ rec {
firefox-esr-60 = common rec {
pname = "firefox-esr";
version = "60.2.1esr";
version = "60.2.2esr";
src = fetchurl {
url = "mirror://mozilla/firefox/releases/${version}/source/firefox-${version}.source.tar.xz";
sha512 = "2mklws09haki91w3js2i5pv8g3z5ck4blnzxvdbk5qllqlv465hn7rvns78hbcbids55mqx50fsn0161la73v25zs04bf8xdhbkcpsm";
sha512 = "2h2naaxx4lv90bjpcrsma4sdhl4mvsisx3zi09vakjwv2lad91gy41cmcpqprpcbsmlvpqf8yiv52ah4d02a8d9335xhw2ajw6asjc1";
};
patches = nixpkgsPatches ++ [

8
pkgs/applications/networking/cluster/flink/default.nix
View file

@ -4,12 +4,12 @@
let
versionMap = {
"1.5" = {
flinkVersion = "1.5.3";
sha256 = "1fq7pd5qpchkkwhh30h3l9rhf298jfcfv2dc50z39qmwwijdjajk";
flinkVersion = "1.5.4";
sha256 = "193cgiykzbsm6ygnr1h45504xp2qxjikq188wkgivdj9a4wa04il";
};
"1.6" = {
flinkVersion = "1.6.0";
sha256 = "18fnpldzs36qx7myr9rmym9g9p3qkgnd1z3lfkpbaw590ddaqr9i";
flinkVersion = "1.6.1";
sha256 = "1z4795va15qnnhk2qx3gzimzgfd9nqchfgn759fnqfmcxh6n9vw3";
};
};
in

6
pkgs/applications/networking/cluster/helm/default.nix
View file

@ -5,10 +5,10 @@ let
then "linux-amd64"
else "darwin-amd64";
checksum = if isLinux
then "1zig6ihmxcaw2wsbdd85yf1zswqcifw0hvbp1zws7r5ihd4yv8hg"
else "1l8y9i8vhibhwbn5kn5qp722q4dcx464kymlzy2bkmhiqbxnnkkw";
then "18bk4zqdxdrdcl34qay5mpzzywy9srmpz3mm91l0za6nhqapb902"
else "03xb73769awc6dpvz86nqm9fbgp3yrw30kf5lphf76klk2ii66sm";
pname = "helm";
version = "2.10.0";
version = "2.11.0";
in
stdenv.mkDerivation {
name = "${pname}-${version}";

8
pkgs/applications/networking/cluster/minikube/default.nix
View file

@ -14,7 +14,9 @@ let
in buildGoPackage rec {
pname = "minikube";
name = "${pname}-${version}";
version = "0.28.1";
version = "0.29.0";
kubernetesVersion = "1.11.2";
goPackagePath = "k8s.io/minikube";
@ -22,7 +24,7 @@ in buildGoPackage rec {
owner = "kubernetes";
repo = "minikube";
rev = "v${version}";
sha256 = "0c36rzsdzxf9q6l4hl506bsd4qwmw033i0k1xhqszv9agg7qjlmm";
sha256 = "09px8pxml7xrnfhyjvlhf1hw7zdj9sw47a0fv5wj5aard54lhs1l";
};
buildInputs = [ go-bindata makeWrapper gpgme ] ++ stdenv.lib.optional stdenv.hostPlatform.isDarwin vmnet;
@ -35,7 +37,7 @@ in buildGoPackage rec {
ISO_VERSION=$(grep "^ISO_VERSION" Makefile | sed "s/^.*\s//")
ISO_BUCKET=$(grep "^ISO_BUCKET" Makefile | sed "s/^.*\s//")
KUBERNETES_VERSION=$(${python}/bin/python hack/get_k8s_version.py --k8s-version-only 2>&1) || true
KUBERNETES_VERSION=${kubernetesVersion}
export buildFlagsArray="-ldflags=\
-X k8s.io/minikube/pkg/version.version=v${version} \

25
pkgs/applications/networking/cluster/stern/default.nix Normal file
View file

@ -0,0 +1,25 @@
{ lib, buildGoPackage, fetchFromGitHub }:
buildGoPackage rec {
name = "stern-${version}";
version = "1.8.0";
goPackagePath = "github.com/wercker/stern";
src = fetchFromGitHub {
owner = "wercker";
repo = "stern";
rev = "${version}";
sha256 = "14ccgb41ca2gym7wab0q02ap8g94nhfaihs41qky4wnsfv6j1zc8";
};
goDeps = ./deps.nix;
meta = with lib; {
description = "Multi pod and container log tailing for Kubernetes";
homepage = "https://github.com/wercker/stern";
license = licenses.asl20;
maintainers = with maintainers; [ mbode ];
platforms = platforms.unix;
};
}

345
pkgs/applications/networking/cluster/stern/deps.nix generated Normal file
View file

@ -0,0 +1,345 @@
# file generated from Gopkg.lock using dep2nix (https://github.com/nixcloud/dep2nix)
[
{
goPackagePath = "cloud.google.com/go";
fetch = {
type = "git";
url = "https://code.googlesource.com/gocloud";
rev = "97efc2c9ffd9fe8ef47f7f3203dc60bbca547374";
sha256 = "1zf8imq0hgba13rbn260pqf2qd41cg3i4wzzq2i0li3lxnjglkv1";
};
}
{
goPackagePath = "github.com/Azure/go-autorest";
fetch = {
type = "git";
url = "https://github.com/Azure/go-autorest";
rev = "1ff28809256a84bb6966640ff3d0371af82ccba4";
sha256 = "0sxvj2j1833bqwxvhq3wq3jgq73rnb81pnzvl0x3y1m0hzpaf2zv";
};
}
{
goPackagePath = "github.com/dgrijalva/jwt-go";
fetch = {
type = "git";
url = "https://github.com/dgrijalva/jwt-go";
rev = "06ea1031745cb8b3dab3f6a236daf2b0aa468b7e";
sha256 = "08m27vlms74pfy5z79w67f9lk9zkx6a9jd68k3c4msxy75ry36mp";
};
}
{
goPackagePath = "github.com/fatih/color";
fetch = {
type = "git";
url = "https://github.com/fatih/color";
rev = "2d684516a8861da43017284349b7e303e809ac21";
sha256 = "1fcfmz4wji3gqmmsdx493r7d101s58hwjalqps6hy25nva5pvmfs";
};
}
{
goPackagePath = "github.com/ghodss/yaml";
fetch = {
type = "git";
url = "https://github.com/ghodss/yaml";
rev = "73d445a93680fa1a78ae23a5839bad48f32ba1ee";
sha256 = "0pg53ky4sy3sp9j4n7vgf1p3gw4nbckwqfldcmmi9rf13kjh0mr7";
};
}
{
goPackagePath = "github.com/gogo/protobuf";
fetch = {
type = "git";
url = "https://github.com/gogo/protobuf";
rev = "c0656edd0d9eab7c66d1eb0c568f9039345796f7";
sha256 = "0b943dhx571lhgcs3rqzy0092mi2x5mwy2kl7g8rryhy3r5rzrz9";
};
}
{
goPackagePath = "github.com/golang/glog";
fetch = {
type = "git";
url = "https://github.com/golang/glog";
rev = "23def4e6c14b4da8ac2ed8007337bc5eb5007998";
sha256 = "0jb2834rw5sykfr937fxi8hxi2zy80sj2bdn9b3jb4b26ksqng30";
};
}
{
goPackagePath = "github.com/golang/protobuf";
fetch = {
type = "git";
url = "https://github.com/golang/protobuf";
rev = "b4deda0973fb4c70b50d226b1af49f3da59f5265";
sha256 = "0ya4ha7m20bw048m1159ppqzlvda4x0vdprlbk5sdgmy74h3xcdq";
};
}
{
goPackagePath = "github.com/google/btree";
fetch = {
type = "git";
url = "https://github.com/google/btree";
rev = "4030bb1f1f0c35b30ca7009e9ebd06849dd45306";
sha256 = "0ba430m9fbnagacp57krgidsyrgp3ycw5r7dj71brgp5r52g82p6";
};
}
{
goPackagePath = "github.com/google/gofuzz";
fetch = {
type = "git";
url = "https://github.com/google/gofuzz";
rev = "24818f796faf91cd76ec7bddd72458fbced7a6c1";
sha256 = "0cq90m2lgalrdfrwwyycrrmn785rgnxa3l3vp9yxkvnv88bymmlm";
};
}
{
goPackagePath = "github.com/googleapis/gnostic";
fetch = {
type = "git";
url = "https://github.com/googleapis/gnostic";
rev = "0c5108395e2debce0d731cf0287ddf7242066aba";
sha256 = "0jf3cp5clli88gpjf24r6wxbkvngnc1kf59d4cgjczsn2wasvsfc";
};
}
{
goPackagePath = "github.com/gregjones/httpcache";
fetch = {
type = "git";
url = "https://github.com/gregjones/httpcache";
rev = "787624de3eb7bd915c329cba748687a3b22666a6";
sha256 = "1zqlg9pkj7r6fqw7wv3ywvbz3bh0hvzifs2scgcraj812q5189w5";
};
}
{
goPackagePath = "github.com/imdario/mergo";
fetch = {
type = "git";
url = "https://github.com/imdario/mergo";
rev = "6633656539c1639d9d78127b7d47c622b5d7b6dc";
sha256 = "1fffbq1l17i0gynmvcxypl7d9h4v81g5vlimiph5bfgf4sp4db7g";
};
}
{
goPackagePath = "github.com/inconshreveable/mousetrap";
fetch = {
type = "git";
url = "https://github.com/inconshreveable/mousetrap";
rev = "76626ae9c91c4f2a10f34cad8ce83ea42c93bb75";
sha256 = "1mn0kg48xkd74brf48qf5hzp0bc6g8cf5a77w895rl3qnlpfw152";
};
}
{
goPackagePath = "github.com/json-iterator/go";
fetch = {
type = "git";
url = "https://github.com/json-iterator/go";
rev = "0ac74bba4a81211b28e32ef260c0f16ae41f1377";
sha256 = "07aa3jz9rmhn3cfv06z9549kfpsx4i85qbi3j7q60z2pvasjxqv5";
};
}
{
goPackagePath = "github.com/mattn/go-colorable";
fetch = {
type = "git";
url = "https://github.com/mattn/go-colorable";
rev = "167de6bfdfba052fa6b2d3664c8f5272e23c9072";
sha256 = "1nwjmsppsjicr7anq8na6md7b1z84l9ppnlr045hhxjvbkqwalvx";
};
}
{
goPackagePath = "github.com/mattn/go-isatty";
fetch = {
type = "git";
url = "https://github.com/mattn/go-isatty";
rev = "6ca4dbf54d38eea1a992b3c722a76a5d1c4cb25c";
sha256 = "0zs92j2cqaw9j8qx1sdxpv3ap0rgbs0vrvi72m40mg8aa36gd39w";
};
}
{
goPackagePath = "github.com/mitchellh/go-homedir";
fetch = {
type = "git";
url = "https://github.com/mitchellh/go-homedir";
rev = "b8bc1bf767474819792c23f32d8286a45736f1c6";
sha256 = "13ry4lylalkh4g2vny9cxwvryslzyzwp9r92z0b10idhdq3wad1q";
};
}
{
goPackagePath = "github.com/modern-go/concurrent";
fetch = {
type = "git";
url = "https://github.com/modern-go/concurrent";
rev = "bacd9c7ef1dd9b15be4a9909b8ac7a4e313eec94";
sha256 = "0s0fxccsyb8icjmiym5k7prcqx36hvgdwl588y0491gi18k5i4zs";
};
}
{
goPackagePath = "github.com/modern-go/reflect2";
fetch = {
type = "git";
url = "https://github.com/modern-go/reflect2";
rev = "05fbef0ca5da472bbf96c9322b84a53edc03c9fd";
sha256 = "1jc7xba9v3scsc8fg5nb9g6lrxxgiaaykx8q817arq9b737y90gm";
};
}
{
goPackagePath = "github.com/petar/GoLLRB";
fetch = {
type = "git";
url = "https://github.com/petar/GoLLRB";
rev = "53be0d36a84c2a886ca057d34b6aa4468df9ccb4";
sha256 = "01xp3lcamqkvl91jg6ly202gdsgf64j39rkrcqxi6v4pbrcv7hz0";
};
}
{
goPackagePath = "github.com/peterbourgon/diskv";
fetch = {
type = "git";
url = "https://github.com/peterbourgon/diskv";
rev = "5f041e8faa004a95c88a202771f4cc3e991971e6";
sha256 = "1mxpa5aad08x30qcbffzk80g9540wvbca4blc1r2qyzl65b8929b";
};
}
{
goPackagePath = "github.com/pkg/errors";
fetch = {
type = "git";
url = "https://github.com/pkg/errors";
rev = "816c9085562cd7ee03e7f8188a1cfd942858cded";
sha256 = "1ws5crb7c70wdicavl6qr4g03nn6m92zd6wwp9n2ygz5c8rmxh8k";
};
}
{
goPackagePath = "github.com/spf13/cobra";
fetch = {
type = "git";
url = "https://github.com/spf13/cobra";
rev = "a114f312e075f65bf30d6d9a1430113f857e543b";
sha256 = "10lmi5ni06yijxg02fcic5b7ycjkia12yma4a4lz8a56j30wykx1";
};
}
{
goPackagePath = "github.com/spf13/pflag";
fetch = {
type = "git";
url = "https://github.com/spf13/pflag";
rev = "3ebe029320b2676d667ae88da602a5f854788a8a";
sha256 = "11yxs0wqy70wj106fkz8r923yg4ncnc2mbw33v48zmlg4a1rasgp";
};
}
{
goPackagePath = "github.com/v2pro/plz";
fetch = {
type = "git";
url = "https://github.com/v2pro/plz";
rev = "10fc95fad3224a032229e59f6e7023137d82b526";
sha256 = "0p04pjrz55zn6dbi6l0705prjmhqnmvsvrxzc74hl12wi6r35drp";
};
}
{
goPackagePath = "golang.org/x/crypto";
fetch = {
type = "git";
url = "https://go.googlesource.com/crypto";
rev = "49796115aa4b964c318aad4f3084fdb41e9aa067";
sha256 = "0pcq2drkzsw585xi6rda8imd7a139prrmvgmv8nz0zgzk6g4dy59";
};
}
{
goPackagePath = "golang.org/x/net";
fetch = {
type = "git";
url = "https://go.googlesource.com/net";
rev = "1c05540f6879653db88113bc4a2b70aec4bd491f";
sha256 = "0h8yqb0vcqgllgydrf9d3rzp83w8wlr8f0nm6r1rwf2qg30pq1pd";
};
}
{
goPackagePath = "golang.org/x/oauth2";
fetch = {
type = "git";
url = "https://go.googlesource.com/oauth2";
rev = "a6bd8cefa1811bd24b86f8902872e4e8225f74c4";
sha256 = "151in8qcf5y97ziavl6b03vgw4r87zqx5kg4vjhjszjbh60cfswp";
};
}
{
goPackagePath = "golang.org/x/sys";
fetch = {
type = "git";
url = "https://go.googlesource.com/sys";
rev = "e4b3c5e9061176387e7cea65e4dc5853801f3fb7";
sha256 = "1ijx254fycsnr16m24k7lqvkmdkkrqxsl9mr1kz4mf61a8n0arf9";
};
}
{
goPackagePath = "golang.org/x/text";
fetch = {
type = "git";
url = "https://go.googlesource.com/text";
rev = "f21a4dfb5e38f5895301dc265a8def02365cc3d0";
sha256 = "0r6x6zjzhr8ksqlpiwm5gdd7s209kwk5p4lw54xjvz10cs3qlq19";
};
}
{
goPackagePath = "golang.org/x/time";
fetch = {
type = "git";
url = "https://go.googlesource.com/time";
rev = "f51c12702a4d776e4c1fa9b0fabab841babae631";
sha256 = "07wc6g2fvafkr6djsscm0jpbpl4135khhb6kpyx1953hi5d1jvyy";
};
}
{
goPackagePath = "google.golang.org/appengine";
fetch = {
type = "git";
url = "https://github.com/golang/appengine";
rev = "ae0ab99deb4dc413a2b4bd6c8bdd0eb67f1e4d06";
sha256 = "1iabxnqgxvvn1239i6fvfl375vlbvhfrc03m1x2rvalmx4d6w9c7";
};
}
{
goPackagePath = "gopkg.in/inf.v0";
fetch = {
type = "git";
url = "https://github.com/go-inf/inf";
rev = "3887ee99ecf07df5b447e9b00d9c0b2adaa9f3e4";
sha256 = "0rf3vwyb8aqnac9x9d6ax7z5526c45a16yjm2pvkijr6qgqz8b82";
};
}
{
goPackagePath = "gopkg.in/yaml.v2";
fetch = {
type = "git";
url = "https://github.com/go-yaml/yaml";
rev = "5420a8b6744d3b0345ab293f6fcba19c978f1183";
sha256 = "0dwjrs2lp2gdlscs7bsrmyc5yf6mm4fvgw71bzr9mv2qrd2q73s1";
};
}
{
goPackagePath = "k8s.io/api";
fetch = {
type = "git";
url = "https://github.com/kubernetes/api";
rev = "8be2a0b24ed0dac9cfc1ac2d987ea16cfcdbecb6";
sha256 = "1dpmd59jlkxgrp5aaf8420344c6nq4kjlc1avgcp7690yrzc50v6";
};
}
{
goPackagePath = "k8s.io/apimachinery";
fetch = {
type = "git";
url = "https://github.com/kubernetes/apimachinery";
rev = "594fc14b6f143d963ea2c8132e09e73fe244b6c9";
sha256 = "0xykhpmjgagyb0ac4y0ps4v1s9bd2b1sc0simh48c41a9fk3yvr7";
};
}
{
goPackagePath = "k8s.io/client-go";
fetch = {
type = "git";
url = "https://github.com/kubernetes/client-go";
rev = "739dd8f9d4801eb23e2bc43423c0b4acaaded29a";
sha256 = "15psjmb14rz4kwysim9vfbbylx0khkw29b195rziv1vk202lh28k";
};
}
]

4
pkgs/applications/networking/cluster/terraform-landscape/Gemfile.lock
View file

@ -7,7 +7,7 @@ GEM
diffy (3.2.1)
highline (1.7.10)
polyglot (0.3.5)
terraform_landscape (0.2.0)
terraform_landscape (0.2.1)
colorize (~> 0.7)
commander (~> 4.4)
diffy (~> 3.0)
@ -22,4 +22,4 @@ DEPENDENCIES
terraform_landscape
BUNDLED WITH
1.14.6
1.16.3

18
pkgs/applications/networking/cluster/terraform-landscape/gemset.nix
View file

@ -1,7 +1,5 @@
{
colorize = {
groups = ["default"];
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "133rqj85n400qk6g3dhf2bmfws34mak1wqihvh3bgy9jhajw580b";
@ -11,8 +9,6 @@
};
commander = {
dependencies = ["highline"];
groups = ["default"];
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "11sd2sb0id2dbxkv4pvymdiia1xxhms45kh4nr8mryqybad0fwwf";
@ -21,8 +17,6 @@
version = "4.4.6";
};
diffy = {
groups = ["default"];
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "119imrkn01agwhx5raxhknsi331y5i4yda7r0ws0an6905ximzjg";
@ -31,8 +25,6 @@
version = "3.2.1";
};
highline = {
groups = ["default"];
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "01ib7jp85xjc4gh4jg0wyzllm46hwv8p0w1m4c75pbgi41fps50y";
@ -41,8 +33,6 @@
version = "1.7.10";
};
polyglot = {
groups = ["default"];
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "1bqnxwyip623d8pr29rg6m8r0hdg08fpr2yb74f46rn1wgsnxmjr";
@ -52,19 +42,15 @@
};
terraform_landscape = {
dependencies = ["colorize" "commander" "diffy" "treetop"];
groups = ["default"];
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "1mlpbsmysyhhbjx40gbwxr4mx7d3qpblbf5ms2v607b8a3saapzj";
sha256 = "1i93pih7r6zcqpjhsmvkpfkgbh0l66c60i6fkiymq7vy2xd6wnns";
type = "gem";
};
version = "0.2.0";
version = "0.2.1";
};
treetop = {
dependencies = ["polyglot"];
groups = ["default"];
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0g31pijhnv7z960sd09lckmw9h8rs3wmc8g4ihmppszxqm99zpv7";

7
pkgs/applications/networking/cluster/terraform-providers/data.nix
View file

@ -609,6 +609,13 @@
version = "1.8.1";
sha256 = "0y6n7mvv1f3jqsxlvf68iq85k69fj7a333203vkvc83dba84aqki";
};
matchbox =
{
owner = "coreos";
repo = "terraform-provider-matchbox";
version = "0.2.2";
sha256 = "07lzslbl41i3h84bpsmxhvchm5kqk87yzin2yvpbq0m3m7r2f547";
};
nixos =
{
owner = "tweag";

3
pkgs/applications/networking/cluster/terraform-providers/providers.txt
View file

@ -9,5 +9,8 @@
# include all terraform-providers
terraform-providers terraform-provider- terraform-provider-\\(azure-classic\\|scaffolding\\|google-beta\\)
# include terraform-provider-matchbox
coreos/terraform-provider-matchbox
# include terraform-provider-nixos
tweag/terraform-provider-nixos

23
pkgs/applications/networking/cluster/terraform/default.nix
View file

@ -4,6 +4,8 @@
, buildGoPackage
, fetchFromGitHub
, makeWrapper
, runCommand
, writeText
, terraform-providers
}:
@ -118,4 +120,25 @@ in rec {
});
terraform_0_11-full = terraform_0_11.withPlugins lib.attrValues;
# Tests that the plugins are being used. Terraform looks at the specific
# file pattern and if the plugin is not found it will try to download it
# from the Internet. With sandboxing enable this test will fail if that is
# the case.
terraform_plugins_test = let
mainTf = writeText "main.tf" ''
resource "random_id" "test" {}
'';
terraform = terraform_0_11.withPlugins (p: [ p.random ]);
test = runCommand "terraform-plugin-test" { buildInputs = [terraform]; }
''
set -e
# make it fail outside of sandbox
export HTTP_PROXY=http://127.0.0.1:0 HTTPS_PROXY=https://127.0.0.1:0
cp ${mainTf} main.tf
terraform init
touch $out
'';
in test;
}

18
pkgs/applications/networking/instant-messengers/bitlbee/default.nix
View file

@ -1,5 +1,7 @@
{ fetchurl, stdenv, gnutls, glib, pkgconfig, check, libotr, python,
enableLibPurple ? false, pidgin ? null }:
{ fetchurl, stdenv, gnutls, glib, pkgconfig, check, libotr, python
, enableLibPurple ? false, pidgin ? null
, enablePam ? false, pam ? null
}:
with stdenv.lib;
stdenv.mkDerivation rec {
@ -13,19 +15,23 @@ stdenv.mkDerivation rec {
nativeBuildInputs = [ pkgconfig ] ++ optional doCheck check;
buildInputs = [ gnutls glib libotr python ]
++ optional enableLibPurple pidgin;
++ optional enableLibPurple pidgin
++ optional enablePam pam;
configureFlags = [
"--gcov=1"
"--otr=1"
"--ssl=gnutls"
"--pidfile=/var/lib/bitlbee/bitlbee.pid"
]
++ optional enableLibPurple "--purple=1";
] ++ optional enableLibPurple "--purple=1"
++ optional enablePam "--pam=1";
installTargets = [ "install" "install-dev" ];
doCheck = !enableLibPurple; # Checks fail with libpurple for some reason
checkPhase = ''
# check flags set VERBOSE=y which breaks the build due overriding a command
make check
'';
enableParallelBuilding = true;

4
pkgs/applications/networking/instant-messengers/telegram/tdesktop/default.nix
View file

@ -7,8 +7,8 @@ let
version = "1.4.0";
sha256Hash = "1zlsvbk9vgsqwplcswh2q0mqjdqf5md1043paab02wy3qg2x37d8";
# svn log svn://svn.archlinux.org/community/telegram-desktop/trunk
archPatchesRevision = "388448";
archPatchesHash = "06a1j7fxg55d3wgab9rnwv93dvwdwkx7mvsxaywwwiz7ng20rgs1";
archPatchesRevision = "388730";
archPatchesHash = "1gvisz36bc6bl4zcpjyyk0a2dl6ixp65an8wgm2lkc9mhkl783q7";
};
in {
stable = mkTelegram stableVersion;

Some files were not shown because too many files have changed in this diff Show more