diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix
index c35d0df8f05..f5ec01fab6b 100644
--- a/maintainers/maintainer-list.nix
+++ b/maintainers/maintainer-list.nix
@@ -1273,6 +1273,12 @@
githubId = 1217745;
name = "Aldwin Vlasblom";
};
+ aveltras = {
+ email = "romain.viallard@outlook.fr";
+ github = "aveltras";
+ githubId = 790607;
+ name = "Romain Viallard";
+ };
avery = {
email = "averyl+nixos@protonmail.com";
github = "AveryLychee";
@@ -11462,6 +11468,12 @@
githubId = 107703;
name = "Samuel Rivas";
};
+ samw = {
+ email = "sam@wlcx.cc";
+ github = "wlcx";
+ githubId = 3065381;
+ name = "Sam Willcocks";
+ };
samyak = {
name = "Samyak Sarnayak";
email = "samyak201@gmail.com";
diff --git a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml
index aaa85138dfa..87066e6cdf2 100644
--- a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml
+++ b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml
@@ -124,6 +124,13 @@
virtualisation.appvm.
+
+
+ syncstorage-rs,
+ a self-hostable sync server for Firefox. Available as
+ services.firefox-syncserver.
+
+
dragonflydb,
diff --git a/nixos/doc/manual/release-notes/rl-2211.section.md b/nixos/doc/manual/release-notes/rl-2211.section.md
index e1253d46190..be0d17f9054 100644
--- a/nixos/doc/manual/release-notes/rl-2211.section.md
+++ b/nixos/doc/manual/release-notes/rl-2211.section.md
@@ -55,6 +55,7 @@ In addition to numerous new and upgraded packages, this release has the followin
## New Services {#sec-release-22.11-new-services}
- [appvm](https://github.com/jollheef/appvm), Nix based app VMs. Available as [virtualisation.appvm](options.html#opt-virtualisation.appvm.enable).
+- [syncstorage-rs](https://github.com/mozilla-services/syncstorage-rs), a self-hostable sync server for Firefox. Available as [services.firefox-syncserver](options.html#opt-services.firefox-syncserver.enable).
- [dragonflydb](https://dragonflydb.io/), a modern replacement for Redis and Memcached. Available as [services.dragonflydb](#opt-services.dragonflydb.enable).
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix
index 4c51210bc20..6e979561fa0 100644
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@@ -783,6 +783,7 @@
./services/networking/expressvpn.nix
./services/networking/fakeroute.nix
./services/networking/ferm.nix
+ ./services/networking/firefox-syncserver.nix
./services/networking/fireqos.nix
./services/networking/firewall.nix
./services/networking/flannel.nix
diff --git a/nixos/modules/services/networking/firefox-syncserver.md b/nixos/modules/services/networking/firefox-syncserver.md
new file mode 100644
index 00000000000..3ee863343ec
--- /dev/null
+++ b/nixos/modules/services/networking/firefox-syncserver.md
@@ -0,0 +1,55 @@
+# Firefox Sync server {#module-services-firefox-syncserver}
+
+A storage server for Firefox Sync that you can easily host yourself.
+
+## Quickstart {#module-services-firefox-syncserver-quickstart}
+
+The absolute minimal configuration for the sync server looks like this:
+
+```nix
+services.mysql.package = pkgs.mariadb;
+
+services.firefox-syncserver = {
+ enable = true;
+ secrets = builtins.toFile "sync-secrets" ''
+ SYNC_MASTER_SECRET=this-secret-is-actually-leaked-to-/nix/store
+ '';
+ singleNode = {
+ enable = true;
+ hostname = "localhost";
+ url = "http://localhost:5000";
+ };
+};
+```
+
+This will start a sync server that is only accessible locally. Once the services is
+running you can navigate to `about:config` in your Firefox profile and set
+`identity.sync.tokenserver.uri` to `http://localhost:5000/1.0/sync/1.5`. Your browser
+will now use your local sync server for data storage.
+
+::: {.warning}
+This configuration should never be used in production. It is not encrypted and
+stores its secrets in a world-readable location.
+:::
+
+## More detailed setup {#module-services-firefox-syncserver-configuration}
+
+The `firefox-syncserver` service provides a number of options to make setting up
+small deployment easier. These are grouped under the `singleNode` element of the
+option tree and allow simple configuration of the most important parameters.
+
+Single node setup is split into two kinds of options: those that affect the sync
+server itself, and those that affect its surroundings. Options that affect the
+sync server are `capacity`, which configures how many accounts may be active on
+this instance, and `url`, which holds the URL under which the sync server can be
+accessed. The `url` can be configured automatically when using nginx.
+
+Options that affect the surroundings of the sync server are `enableNginx`,
+`enableTLS` and `hostnam`. If `enableNginx` is set the sync server module will
+automatically add an nginx virtual host to the system using `hostname` as the
+domain and set `url` accordingly. If `enableTLS` is set the module will also
+enable ACME certificates on the new virtual host and force all connections to
+be made via TLS.
+
+For actual deployment it is also recommended to store the `secrets` file in a
+secure location.
diff --git a/nixos/modules/services/networking/firefox-syncserver.nix b/nixos/modules/services/networking/firefox-syncserver.nix
new file mode 100644
index 00000000000..254d5c1dc67
--- /dev/null
+++ b/nixos/modules/services/networking/firefox-syncserver.nix
@@ -0,0 +1,328 @@
+{ config, pkgs, lib, options, ... }:
+
+let
+ cfg = config.services.firefox-syncserver;
+ opt = options.services.firefox-syncserver;
+ defaultDatabase = "firefox_syncserver";
+ defaultUser = "firefox-syncserver";
+
+ dbIsLocal = cfg.database.host == "localhost";
+ dbURL = "mysql://${cfg.database.user}@${cfg.database.host}/${cfg.database.name}";
+
+ format = pkgs.formats.toml {};
+ settings = {
+ database_url = dbURL;
+ human_logs = true;
+ tokenserver = {
+ node_type = "mysql";
+ database_url = dbURL;
+ fxa_email_domain = "api.accounts.firefox.com";
+ fxa_oauth_server_url = "https://oauth.accounts.firefox.com/v1";
+ run_migrations = true;
+ } // lib.optionalAttrs cfg.singleNode.enable {
+ # Single-node mode is likely to be used on small instances with little
+ # capacity. The default value (0.1) can only ever release capacity when
+ # accounts are removed if the total capacity is 10 or larger to begin
+ # with.
+ # https://github.com/mozilla-services/syncstorage-rs/issues/1313#issuecomment-1145293375
+ node_capacity_release_rate = 1;
+ };
+ };
+ configFile = format.generate "syncstorage.toml" (lib.recursiveUpdate settings cfg.settings);
+in
+
+{
+ options = {
+ services.firefox-syncserver = {
+ enable = lib.mkEnableOption ''
+ the Firefox Sync storage service.
+
+ Out of the box this will not be very useful unless you also configure at least
+ one service and one nodes by inserting them into the mysql database manually, e.g.
+ by running
+
+
+ INSERT INTO `services` (`id`, `service`, `pattern`) VALUES ('1', 'sync-1.5', '{node}/1.5/{uid}');
+ INSERT INTO `nodes` (`id`, `service`, `node`, `available`, `current_load`,
+ `capacity`, `downed`, `backoff`)
+ VALUES ('1', '1', 'https://mydomain.tld', '1', '0', '10', '0', '0');
+
+
+ does this automatically when enabled
+ '';
+
+ package = lib.mkOption {
+ type = lib.types.package;
+ default = pkgs.syncstorage-rs;
+ defaultText = lib.literalExpression "pkgs.syncstorage-rs";
+ description = ''
+ Package to use.
+ '';
+ };
+
+ database.name = lib.mkOption {
+ # the mysql module does not allow `-quoting without resorting to shell
+ # escaping, so we restrict db names for forward compaitiblity should this
+ # behavior ever change.
+ type = lib.types.strMatching "[a-z_][a-z0-9_]*";
+ default = defaultDatabase;
+ description = ''
+ Database to use for storage. Will be created automatically if it does not exist
+ and config.${opt.database.createLocally} is set.
+ '';
+ };
+
+ database.user = lib.mkOption {
+ type = lib.types.str;
+ default = defaultUser;
+ description = ''
+ Username for database connections.
+ '';
+ };
+
+ database.host = lib.mkOption {
+ type = lib.types.str;
+ default = "localhost";
+ description = ''
+ Database host name. localhost is treated specially and inserts
+ systemd dependencies, other hostnames or IP addresses of the local machine do not.
+ '';
+ };
+
+ database.createLocally = lib.mkOption {
+ type = lib.types.bool;
+ default = true;
+ description = ''
+ Whether to create database and user on the local machine if they do not exist.
+ This includes enabling unix domain socket authentication for the configured user.
+ '';
+ };
+
+ logLevel = lib.mkOption {
+ type = lib.types.str;
+ default = "error";
+ description = ''
+ Log level to run with. This can be a simple log level like error
+ or trace, or a more complicated logging expression.
+ '';
+ };
+
+ secrets = lib.mkOption {
+ type = lib.types.path;
+ description = ''
+ A file containing the various secrets. Should be in the format expected by systemd's
+ EnvironmentFile directory. Two secrets are currently available:
+ SYNC_MASTER_SECRET and
+ SYNC_TOKENSERVER__FXA_METRICS_HASH_SECRET.
+ '';
+ };
+
+ singleNode = {
+ enable = lib.mkEnableOption "auto-configuration for a simple single-node setup";
+
+ enableTLS = lib.mkEnableOption "automatic TLS setup";
+
+ enableNginx = lib.mkEnableOption "nginx virtualhost definitions";
+
+ hostname = lib.mkOption {
+ type = lib.types.str;
+ description = ''
+ Host name to use for this service.
+ '';
+ };
+
+ capacity = lib.mkOption {
+ type = lib.types.ints.unsigned;
+ default = 10;
+ description = ''
+ How many sync accounts are allowed on this server. Setting this value
+ equal to or less than the number of currently active accounts will
+ effectively deny service to accounts not yet registered here.
+ '';
+ };
+
+ url = lib.mkOption {
+ type = lib.types.str;
+ default = "${if cfg.singleNode.enableTLS then "https" else "http"}://${cfg.singleNode.hostname}";
+ defaultText = lib.literalExpression ''
+ ''${if cfg.singleNode.enableTLS then "https" else "http"}://''${config.${opt.singleNode.hostname}}
+ '';
+ description = ''
+ URL of the host. If you are not using the automatic webserver proxy setup you will have
+ to change this setting or your sync server may not be functional.
+ '';
+ };
+ };
+
+ settings = lib.mkOption {
+ type = lib.types.submodule {
+ freeformType = format.type;
+
+ options = {
+ port = lib.mkOption {
+ type = lib.types.port;
+ default = 5000;
+ description = ''
+ Port to bind to.
+ '';
+ };
+
+ tokenserver.enabled = lib.mkOption {
+ type = lib.types.bool;
+ default = true;
+ description = ''
+ Whether to enable the token service as well.
+ '';
+ };
+ };
+ };
+ default = { };
+ description = ''
+ Settings for the sync server. These take priority over values computed
+ from NixOS options.
+
+ See the doc comments on the Settings structs in
+
+ and
+
+ for available options.
+ '';
+ };
+ };
+ };
+
+ config = lib.mkIf cfg.enable {
+ services.mysql = lib.mkIf cfg.database.createLocally {
+ enable = true;
+ ensureDatabases = [ cfg.database.name ];
+ ensureUsers = [{
+ name = cfg.database.user;
+ ensurePermissions = {
+ "${cfg.database.name}.*" = "all privileges";
+ };
+ }];
+ };
+
+ systemd.services.firefox-syncserver = {
+ wantedBy = [ "multi-user.target" ];
+ requires = lib.mkIf dbIsLocal [ "mysql.service" ];
+ after = lib.mkIf dbIsLocal [ "mysql.service" ];
+ environment.RUST_LOG = cfg.logLevel;
+ serviceConfig = {
+ User = defaultUser;
+ Group = defaultUser;
+ ExecStart = "${cfg.package}/bin/syncstorage --config ${configFile}";
+ Stderr = "journal";
+ EnvironmentFile = lib.mkIf (cfg.secrets != null) "${cfg.secrets}";
+
+ # hardening
+ RemoveIPC = true;
+ CapabilityBoundingSet = [ "" ];
+ DynamicUser = true;
+ NoNewPrivileges = true;
+ PrivateDevices = true;
+ ProtectClock = true;
+ ProtectKernelLogs = true;
+ ProtectControlGroups = true;
+ ProtectKernelModules = true;
+ SystemCallArchitectures = "native";
+ # syncstorage-rs uses python-cffi internally, and python-cffi does not
+ # work with MemoryDenyWriteExecute=true
+ MemoryDenyWriteExecute = false;
+ RestrictNamespaces = true;
+ RestrictSUIDSGID = true;
+ ProtectHostname = true;
+ LockPersonality = true;
+ ProtectKernelTunables = true;
+ RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" ];
+ RestrictRealtime = true;
+ ProtectSystem = "strict";
+ ProtectProc = "invisible";
+ ProcSubset = "pid";
+ ProtectHome = true;
+ PrivateUsers = true;
+ PrivateTmp = true;
+ SystemCallFilter = [ "@system-service" "~ @privileged @resources" ];
+ UMask = "0077";
+ };
+ };
+
+ systemd.services.firefox-syncserver-setup = lib.mkIf cfg.singleNode.enable {
+ wantedBy = [ "firefox-syncserver.service" ];
+ requires = [ "firefox-syncserver.service" ] ++ lib.optional dbIsLocal "mysql.service";
+ after = [ "firefox-syncserver.service" ] ++ lib.optional dbIsLocal "mysql.service";
+ path = [ config.services.mysql.package ];
+ script = ''
+ set -euo pipefail
+ shopt -s inherit_errexit
+
+ schema_configured() {
+ mysql ${cfg.database.name} -Ne 'SHOW TABLES' | grep -q services
+ }
+
+ services_configured() {
+ [ 1 != $(mysql ${cfg.database.name} -Ne 'SELECT COUNT(*) < 1 FROM `services`') ]
+ }
+
+ create_services() {
+ mysql ${cfg.database.name} <<"EOF"
+ BEGIN;
+
+ INSERT INTO `services` (`id`, `service`, `pattern`)
+ VALUES (1, 'sync-1.5', '{node}/1.5/{uid}');
+ INSERT INTO `nodes` (`id`, `service`, `node`, `available`, `current_load`,
+ `capacity`, `downed`, `backoff`)
+ VALUES (1, 1, '${cfg.singleNode.url}', ${toString cfg.singleNode.capacity},
+ 0, ${toString cfg.singleNode.capacity}, 0, 0);
+
+ COMMIT;
+ EOF
+ }
+
+ update_nodes() {
+ mysql ${cfg.database.name} <<"EOF"
+ UPDATE `nodes`
+ SET `capacity` = ${toString cfg.singleNode.capacity}
+ WHERE `id` = 1;
+ EOF
+ }
+
+ for (( try = 0; try < 60; try++ )); do
+ if ! schema_configured; then
+ sleep 2
+ elif services_configured; then
+ update_nodes
+ exit 0
+ else
+ create_services
+ exit 0
+ fi
+ done
+
+ echo "Single-node setup failed"
+ exit 1
+ '';
+ };
+
+ services.nginx.virtualHosts = lib.mkIf cfg.singleNode.enableNginx {
+ ${cfg.singleNode.hostname} = {
+ enableACME = cfg.singleNode.enableTLS;
+ forceSSL = cfg.singleNode.enableTLS;
+ locations."/" = {
+ proxyPass = "http://localhost:${toString cfg.settings.port}";
+ # source mentions that this header should be set
+ extraConfig = ''
+ add_header X-Content-Type-Options nosniff;
+ '';
+ };
+ };
+ };
+ };
+
+ meta = {
+ maintainers = with lib.maintainers; [ pennae ];
+ # Don't edit the docbook xml directly, edit the md and generate it:
+ # `pandoc firefox-syncserver.md -t docbook --top-level-division=chapter --extract-media=media -f markdown+smart > firefox-syncserver.xml`
+ doc = ./firefox-syncserver.xml;
+ };
+}
diff --git a/nixos/modules/services/networking/firefox-syncserver.xml b/nixos/modules/services/networking/firefox-syncserver.xml
new file mode 100644
index 00000000000..66c81226695
--- /dev/null
+++ b/nixos/modules/services/networking/firefox-syncserver.xml
@@ -0,0 +1,77 @@
+
+ Firefox Sync server
+
+ A storage server for Firefox Sync that you can easily host yourself.
+
+
+ Quickstart
+
+ The absolute minimal configuration for the sync server looks like
+ this:
+
+
+services.mysql.package = pkgs.mariadb;
+
+services.firefox-syncserver = {
+ enable = true;
+ secrets = builtins.toFile "sync-secrets" ''
+ SYNC_MASTER_SECRET=this-secret-is-actually-leaked-to-/nix/store
+ '';
+ singleNode = {
+ enable = true;
+ hostname = "localhost";
+ url = "http://localhost:5000";
+ };
+};
+
+
+ This will start a sync server that is only accessible locally.
+ Once the services is running you can navigate to
+ about:config in your Firefox profile and set
+ identity.sync.tokenserver.uri to
+ http://localhost:5000/1.0/sync/1.5. Your
+ browser will now use your local sync server for data storage.
+
+
+
+ This configuration should never be used in production. It is not
+ encrypted and stores its secrets in a world-readable location.
+
+
+
+
+ More detailed setup
+
+ The firefox-syncserver service provides a
+ number of options to make setting up small deployment easier.
+ These are grouped under the singleNode element
+ of the option tree and allow simple configuration of the most
+ important parameters.
+
+
+ Single node setup is split into two kinds of options: those that
+ affect the sync server itself, and those that affect its
+ surroundings. Options that affect the sync server are
+ capacity, which configures how many accounts
+ may be active on this instance, and url, which
+ holds the URL under which the sync server can be accessed. The
+ url can be configured automatically when using
+ nginx.
+
+
+ Options that affect the surroundings of the sync server are
+ enableNginx, enableTLS and
+ hostnam. If enableNginx is
+ set the sync server module will automatically add an nginx virtual
+ host to the system using hostname as the domain
+ and set url accordingly. If
+ enableTLS is set the module will also enable
+ ACME certificates on the new virtual host and force all
+ connections to be made via TLS.
+
+
+ For actual deployment it is also recommended to store the
+ secrets file in a secure location.
+
+
+
diff --git a/nixos/modules/services/networking/yggdrasil.nix b/nixos/modules/services/networking/yggdrasil.nix
index 7a0b5b4d3d4..81ed6d1dd56 100644
--- a/nixos/modules/services/networking/yggdrasil.nix
+++ b/nixos/modules/services/networking/yggdrasil.nix
@@ -4,16 +4,23 @@ let
keysPath = "/var/lib/yggdrasil/keys.json";
cfg = config.services.yggdrasil;
- configProvided = cfg.config != { };
+ settingsProvided = cfg.settings != { };
configFileProvided = cfg.configFile != null;
+ format = pkgs.formats.json { };
in {
+ imports = [
+ (mkRenamedOptionModule
+ [ "services" "yggdrasil" "config" ]
+ [ "services" "yggdrasil" "settings" ])
+ ];
+
options = with types; {
services.yggdrasil = {
enable = mkEnableOption "the yggdrasil system service";
- config = mkOption {
- type = attrs;
+ settings = mkOption {
+ type = format.type;
default = {};
example = {
Peers = [
@@ -138,11 +145,11 @@ in {
wantedBy = [ "multi-user.target" ];
preStart =
- (if configProvided || configFileProvided || cfg.persistentKeys then
+ (if settingsProvided || configFileProvided || cfg.persistentKeys then
"echo "
- + (lib.optionalString configProvided
- "'${builtins.toJSON cfg.config}'")
+ + (lib.optionalString settingsProvided
+ "'${builtins.toJSON cfg.settings}'")
+ (lib.optionalString configFileProvided "$(cat ${cfg.configFile})")
+ (lib.optionalString cfg.persistentKeys "$(cat ${keysPath})")
+ " | ${pkgs.jq}/bin/jq -s add | ${binYggdrasil} -normaliseconf -useconf"
diff --git a/nixos/tests/yggdrasil.nix b/nixos/tests/yggdrasil.nix
index b409d9ed785..b60a0e6b06c 100644
--- a/nixos/tests/yggdrasil.nix
+++ b/nixos/tests/yggdrasil.nix
@@ -42,7 +42,7 @@ in import ./make-test-python.nix ({ pkgs, ...} : {
services.yggdrasil = {
enable = true;
- config = {
+ settings = {
Listen = ["tcp://0.0.0.0:12345"];
MulticastInterfaces = [ ];
};
@@ -112,7 +112,7 @@ in import ./make-test-python.nix ({ pkgs, ...} : {
services.yggdrasil = {
enable = true;
denyDhcpcdInterfaces = [ "ygg0" ];
- config = {
+ settings = {
IfTAPMode = true;
IfName = "ygg0";
MulticastInterfaces = [ "eth1" ];
diff --git a/pkgs/applications/blockchains/bisq-desktop/default.nix b/pkgs/applications/blockchains/bisq-desktop/default.nix
index d91f201f66b..f7d186ffeab 100644
--- a/pkgs/applications/blockchains/bisq-desktop/default.nix
+++ b/pkgs/applications/blockchains/bisq-desktop/default.nix
@@ -34,11 +34,11 @@ let
in
stdenv.mkDerivation rec {
pname = "bisq-desktop";
- version = "1.9.1";
+ version = "1.9.4";
src = fetchurl {
url = "https://github.com/bisq-network/bisq/releases/download/v${version}/Bisq-64bit-${version}.deb";
- sha256 = "0gzfcp255z542adk1g6gsmfpp5zpivv6n1f5kzqgwgm5qmr24049";
+ sha256 = "sha256-8CgbJ5gfzIEh5ppwvQxYz1IES7Dd4MZCac0uVLh/YaY=";
};
nativeBuildInputs = [ makeWrapper copyDesktopItems imagemagick dpkg zip xz ];
diff --git a/pkgs/applications/misc/lscolors/default.nix b/pkgs/applications/misc/lscolors/default.nix
index fcb1fc78c26..e39ef723df8 100644
--- a/pkgs/applications/misc/lscolors/default.nix
+++ b/pkgs/applications/misc/lscolors/default.nix
@@ -2,14 +2,14 @@
rustPlatform.buildRustPackage rec {
pname = "lscolors";
- version = "0.11.1";
+ version = "0.12.0";
src = fetchCrate {
inherit version pname;
- sha256 = "sha256-RU5DhrfB4XlrI4fHUw0/88Ib6H6xvDlRwUNPPwgVKE0=";
+ sha256 = "sha256-1tLI+M2hpXWsiO/x27ncs8zn8dBDx18AgsSbN/YE2Ic=";
};
- cargoSha256 = "sha256-COWvR7B9tXGuPaD311bFzuoqkISDlIOD6GDQdFa6wT4=";
+ cargoSha256 = "sha256-4bFzFztaD9jV3GXpZwCowAhvszedM5ion5/h3D26EY8=";
# setid is not allowed in the sandbox
checkFlags = [ "--skip=tests::style_for_setid" ];
diff --git a/pkgs/applications/networking/instant-messengers/cinny-desktop/default.nix b/pkgs/applications/networking/instant-messengers/cinny-desktop/default.nix
new file mode 100644
index 00000000000..c6d135a0289
--- /dev/null
+++ b/pkgs/applications/networking/instant-messengers/cinny-desktop/default.nix
@@ -0,0 +1,46 @@
+{ stdenv
+, lib
+, dpkg
+, fetchurl
+, autoPatchelfHook
+, glib-networking
+, openssl
+, webkitgtk
+, wrapGAppsHook
+}:
+
+stdenv.mkDerivation rec {
+ name = "cinny-desktop";
+ version = "2.1.1";
+
+ src = fetchurl {
+ url = "https://github.com/cinnyapp/cinny-desktop/releases/download/v${version}/Cinny_desktop-x86_64.deb";
+ sha256 = "sha256-4jd+N3a+u+c+XLwgr8BvvdkVLzo+xTBKFdjiQeu7NJU=";
+ };
+
+ nativeBuildInputs = [
+ autoPatchelfHook
+ dpkg
+ ];
+
+ buildInputs = [
+ glib-networking
+ openssl
+ webkitgtk
+ wrapGAppsHook
+ ];
+
+ unpackCmd = "dpkg-deb -x $curSrc source";
+
+ installPhase = "mv usr $out";
+
+ meta = with lib; {
+ description = "Yet another matrix client for desktop";
+ homepage = "https://github.com/cinnyapp/cinny-desktop";
+ maintainers = [ maintainers.aveltras ];
+ license = licenses.mit;
+ sourceProvenance = with sourceTypes; [ binaryNativeCode ];
+ platforms = platforms.linux;
+ mainProgram = "cinny";
+ };
+}
diff --git a/pkgs/applications/networking/sync/rclone/default.nix b/pkgs/applications/networking/sync/rclone/default.nix
index c93f35bff92..cdef1fdab51 100644
--- a/pkgs/applications/networking/sync/rclone/default.nix
+++ b/pkgs/applications/networking/sync/rclone/default.nix
@@ -5,16 +5,16 @@
buildGoModule rec {
pname = "rclone";
- version = "1.59.0";
+ version = "1.59.1";
src = fetchFromGitHub {
owner = pname;
repo = pname;
rev = "v${version}";
- sha256 = "sha256-SHUAEjdcqzNiIxSsmYb71JiOhWPoi8Z2nJAReRw2M5k=";
+ sha256 = "sha256-eblCMe9ywJztjsWmngUkB/IE2ePI9Yin2jkxBW0tTbQ=";
};
- vendorSha256 = "sha256-ajOUvZ/0D8QL4MY6xO+hZziyUtIB0WQERU6Ov06K9I8=";
+ vendorSha256 = "sha256-MZ5RtB4UGHPlMxyQ0VbX5iPpZw98oUuEhuMBDZcYiw8=";
subPackages = [ "." ];
diff --git a/pkgs/data/icons/kora-icon-theme/default.nix b/pkgs/data/icons/kora-icon-theme/default.nix
index ea321a76359..4c02e9943c2 100644
--- a/pkgs/data/icons/kora-icon-theme/default.nix
+++ b/pkgs/data/icons/kora-icon-theme/default.nix
@@ -1,14 +1,22 @@
-{ lib, stdenvNoCC, fetchFromGitHub , gtk3, adwaita-icon-theme, breeze-icons, hicolor-icon-theme }:
+{ lib
+, stdenvNoCC
+, fetchFromGitHub
+, gtk3
+, adwaita-icon-theme
+, breeze-icons
+, hicolor-icon-theme
+, gitUpdater
+}:
stdenvNoCC.mkDerivation rec {
pname = "kora-icon-theme";
- version = "1.5.2";
+ version = "1.5.3";
src = fetchFromGitHub {
owner = "bikass";
repo = "kora";
rev = "v${version}";
- sha256 = "sha256-OwuePPn4seHbzv81pnTEP1Q0Tp1ywZIEmw+dx3bDoXw=";
+ sha256 = "sha256-j4W9w/icGjfkbbb0xYF3NfSFsp5RkNCc805E089JaFQ=";
};
nativeBuildInputs = [
@@ -27,7 +35,8 @@ stdenvNoCC.mkDerivation rec {
runHook preInstall
mkdir -p $out/share/icons
- mv kora* $out/share/icons/
+ cp -a kora* $out/share/icons/
+ rm $out/share/icons/kora*/create-new-icon-theme.cache.sh
for theme in $out/share/icons/*; do
gtk-update-icon-cache -f $theme
@@ -36,11 +45,16 @@ stdenvNoCC.mkDerivation rec {
runHook postInstall
'';
+ passthru.updateScript = gitUpdater {
+ inherit pname version;
+ rev-prefix = "v";
+ };
+
meta = with lib; {
description = "An SVG icon theme in four variants";
homepage = "https://github.com/bikass/kora";
license = with licenses; [ gpl3Only ];
platforms = platforms.linux;
- maintainers = with maintainers; [ ];
+ maintainers = with maintainers; [ romildo ];
};
}
diff --git a/pkgs/data/themes/catppuccin-gtk/default.nix b/pkgs/data/themes/catppuccin-gtk/default.nix
index ec8c9310024..b9bc042dd09 100644
--- a/pkgs/data/themes/catppuccin-gtk/default.nix
+++ b/pkgs/data/themes/catppuccin-gtk/default.nix
@@ -6,22 +6,22 @@
, gtk-engine-murrine
, sassc
, which
-, tweaks ? [ ] # can be "nord" "black" "rimless". cannot mix "nord" and "black"
-, size ? "standard" # can be "standard" "compact"
+, tweaks ? [ ]
+, size ? "standard"
}:
let
validSizes = [ "standard" "compact" ];
- validTweaks = [ "nord" "black" "rimless" ];
+ validTweaks = [ "nord" "dracula" "black" "rimless" "normal" ];
unknownTweaks = lib.subtractLists validTweaks tweaks;
- illegalMix = !(lib.elem "nord" tweaks) && !(lib.elem "black" tweaks);
+ illegalMix = !(lib.elem "nord" tweaks) && !(lib.elem "dracula" tweaks);
assertIllegal = lib.assertMsg illegalMix ''
- Tweaks "nord" and "black" cannot be mixed. Tweaks: ${toString tweaks}
+ Tweaks "nord" and "dracula" cannot be mixed. Tweaks: ${toString tweaks}
'';
assertSize = lib.assertMsg (lib.elem size validSizes) ''
- You entered wrong size: ${size}
+ You entered a wrong size: ${size}
Valid sizes are: ${toString validSizes}
'';
@@ -37,13 +37,13 @@ assert assertUnknown;
stdenvNoCC.mkDerivation rec {
pname = "catppuccin-gtk";
- version = "unstable-2022-02-24";
+ version = "unstable-2022-08-01";
src = fetchFromGitHub {
repo = "gtk";
owner = "catppuccin";
- rev = "359c584f607c021fcc657ce77b81c181ebaff6de";
- sha256 = "sha256-AVhFw1XTnkU0hoM+UyjT7ZevLkePybBATJUMLqRytpk=";
+ rev = "87a79fd2bf07accc694455df30a32a82b1b31f4f";
+ sha256 = "sha256-dKHTQva0BYkO6VPNfY/pzRn/V1ghX+tYqbnM9hTAMeE=";
};
nativeBuildInputs = [ gtk3 sassc which ];
@@ -52,25 +52,17 @@ stdenvNoCC.mkDerivation rec {
propagatedUserEnvPkgs = [ gtk-engine-murrine ];
- patches = [
- # Allows installing with `-t all`. Works around missing grey assets.
- # https://github.com/catppuccin/gtk/issues/17
- ./grey-fix.patch
- ];
-
postPatch = ''
- patchShebangs --build scripts/*
- substituteInPlace Makefile \
- --replace '$(shell git rev-parse --show-toplevel)' "$PWD"
- substituteInPlace 'scripts/install.sh' \
- --replace '$(git rev-parse --show-toplevel)' "$PWD"
+ patchShebangs --build clean-old-theme.sh install.sh
'';
installPhase = ''
runHook preInstall
+ export HOME=$(mktemp -d)
+
mkdir -p $out/share/themes
- bash scripts/install.sh -d $out/share/themes -t all \
+ bash install.sh -d $out/share/themes -t all \
${lib.optionalString (size != "") "-s ${size}"} \
${lib.optionalString (tweaks != []) "--tweaks " + builtins.toString tweaks}
@@ -78,7 +70,7 @@ stdenvNoCC.mkDerivation rec {
'';
meta = with lib; {
- description = "Soothing pastel theme for GTK3";
+ description = "Soothing pastel theme for GTK";
homepage = "https://github.com/catppuccin/gtk";
license = licenses.gpl3Plus;
platforms = platforms.linux;
diff --git a/pkgs/data/themes/catppuccin-gtk/grey-fix.patch b/pkgs/data/themes/catppuccin-gtk/grey-fix.patch
deleted file mode 100644
index 73f7d8fa65d..00000000000
--- a/pkgs/data/themes/catppuccin-gtk/grey-fix.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-diff --git a/scripts/install.sh b/scripts/install.sh
-index d2a2b86..bd05c93 100755
---- a/scripts/install.sh
-+++ b/scripts/install.sh
-@@ -20,7 +20,7 @@ fi
- SASSC_OPT="-M -t expanded"
-
- THEME_NAME=Catppuccin
--THEME_VARIANTS=('' '-purple' '-pink' '-red' '-orange' '-yellow' '-green' '-teal' '-grey')
-+THEME_VARIANTS=('' '-purple' '-pink' '-red' '-orange' '-yellow' '-green' '-teal')
- COLOR_VARIANTS=('' '-light' '-dark')
- SIZE_VARIANTS=('' '-compact')
diff --git a/pkgs/development/compilers/hare/hare/setup-hook.sh b/pkgs/development/compilers/hare/hare/setup-hook.sh
index 999b91df122..d2d2c34354d 100644
--- a/pkgs/development/compilers/hare/hare/setup-hook.sh
+++ b/pkgs/development/compilers/hare/hare/setup-hook.sh
@@ -1,5 +1,3 @@
-export HARECACHE="$NIX_BUILD_TOP/.harecache"
-
addHarepath () {
for haredir in third-party stdlib; do
if [[ -d "$1/src/hare/$haredir" ]]; then
diff --git a/pkgs/development/libraries/librealsense/default.nix b/pkgs/development/libraries/librealsense/default.nix
index 5b1673ae372..135969210d3 100644
--- a/pkgs/development/libraries/librealsense/default.nix
+++ b/pkgs/development/libraries/librealsense/default.nix
@@ -8,8 +8,14 @@
, ninja
, pkg-config
, gcc
+, mesa
+, gtk3
+, glfw
+, libGLU
+, curl
, cudaSupport ? config.cudaSupport or false, cudaPackages ? {}
, enablePython ? false, pythonPackages ? null
+, enableGUI ? false,
}:
assert cudaSupport -> (cudaPackages?cudatoolkit && cudaPackages.cudatoolkit != null);
@@ -32,7 +38,8 @@ stdenv.mkDerivation rec {
libusb1
gcc.cc.lib
] ++ lib.optional cudaSupport cudaPackages.cudatoolkit
- ++ lib.optionals enablePython (with pythonPackages; [python pybind11 ]);
+ ++ lib.optionals enablePython (with pythonPackages; [ python pybind11 ])
+ ++ lib.optionals enableGUI [ mesa gtk3 glfw libGLU curl ];
patches = [
# fix build on aarch64-darwin
@@ -53,8 +60,9 @@ stdenv.mkDerivation rec {
cmakeFlags = [
"-DBUILD_EXAMPLES=ON"
- "-DBUILD_GRAPHICAL_EXAMPLES=OFF"
- "-DBUILD_GLSL_EXTENSIONS=OFF"
+ "-DBUILD_GRAPHICAL_EXAMPLES=${lib.boolToString enableGUI}"
+ "-DBUILD_GLSL_EXTENSIONS=${lib.boolToString enableGUI}"
+ "-DCHECK_FOR_UPDATES=OFF" # activated by BUILD_GRAPHICAL_EXAMPLES, will make it download and compile libcurl
] ++ lib.optionals enablePython [
"-DBUILD_PYTHON_BINDINGS:bool=true"
"-DXXNIX_PYTHON_SITEPACKAGES=${placeholder "out"}/${pythonPackages.python.sitePackages}"
@@ -72,7 +80,7 @@ stdenv.mkDerivation rec {
description = "A cross-platform library for IntelĀ® RealSenseā¢ depth cameras (D400 series and the SR300)";
homepage = "https://github.com/IntelRealSense/librealsense";
license = licenses.asl20;
- maintainers = with maintainers; [ brian-dawn ];
+ maintainers = with maintainers; [ brian-dawn pbsds ];
platforms = platforms.unix;
};
}
diff --git a/pkgs/development/node-packages/node-packages.nix b/pkgs/development/node-packages/node-packages.nix
index 59afda3b500..b59709a3850 100644
--- a/pkgs/development/node-packages/node-packages.nix
+++ b/pkgs/development/node-packages/node-packages.nix
@@ -118873,10 +118873,10 @@ in
pnpm = nodeEnv.buildNodePackage {
name = "pnpm";
packageName = "pnpm";
- version = "7.8.0";
+ version = "7.9.1";
src = fetchurl {
- url = "https://registry.npmjs.org/pnpm/-/pnpm-7.8.0.tgz";
- sha512 = "jzb9/gto4nwuVA2itTRk0PJhuaZcA1NBRB298UzXhqKZQMjtHCS+KLzh7RWk5n3g+KnMg5FHr6Mwg1L62dBz1A==";
+ url = "https://registry.npmjs.org/pnpm/-/pnpm-7.9.1.tgz";
+ sha512 = "5vyV+FwZj5y31UDDsiq9xcVzF+mvS+IPdgAgkZ9rVxYPNKCCVwVn5LsHh9jcfuApiKYVgpyisAMcuSDbe1/C0Q==";
};
buildInputs = globalBuildInputs;
meta = {
diff --git a/pkgs/development/python-modules/asyncssh/default.nix b/pkgs/development/python-modules/asyncssh/default.nix
index 1bb50960846..086bf0371ae 100644
--- a/pkgs/development/python-modules/asyncssh/default.nix
+++ b/pkgs/development/python-modules/asyncssh/default.nix
@@ -20,14 +20,14 @@
buildPythonPackage rec {
pname = "asyncssh";
- version = "2.11.0";
+ version = "2.12.0";
format = "setuptools";
disabled = pythonOlder "3.6";
src = fetchPypi {
inherit pname version;
- sha256 = "sha256-WcNs53up3ajdV62HV3bnEF3bH6hRvAObs66t6sT2e1Y=";
+ sha256 = "sha256-J0EBMixLlBgjru2OGrbnvlGRaGxtstK9Na/rowUF54A=";
};
propagatedBuildInputs = [
diff --git a/pkgs/development/python-modules/colormath/default.nix b/pkgs/development/python-modules/colormath/default.nix
index b749761da06..7f9f9f1a9ce 100644
--- a/pkgs/development/python-modules/colormath/default.nix
+++ b/pkgs/development/python-modules/colormath/default.nix
@@ -8,20 +8,26 @@
buildPythonPackage rec {
pname = "colormath";
- version = "3.0.0";
+ # Switch to unstable which fixes an deprecation issue with newer numpy
+ # versions, should be included in versions > 3.0
+ # https://github.com/gtaylor/python-colormath/issues/104
+ version = "unstable-2021-04-17";
src = fetchFromGitHub {
owner = "gtaylor";
- rev = "3.0.0";
repo = "python-colormath";
- sha256 = "1nqf5wy8ikx2g684khzvjc4iagkslmbsxxwilbv4jpaznr9lahdl";
+ rev = "4a076831fd5136f685aa7143db81eba27b2cd19a";
+ sha256 = "sha256-eACVPIQFgiGiVmQ/PjUxP/UH/hBOsCywz5PlgpA4dk4=";
};
propagatedBuildInputs = [ networkx numpy ];
checkInputs = [ nose ];
+
checkPhase = "nosetests";
+ pythonImportsCheck = [ "colormath" ];
+
meta = with lib; {
description = "Color math and conversion library";
homepage = "https://github.com/gtaylor/python-colormath";
diff --git a/pkgs/development/python-modules/datashader/default.nix b/pkgs/development/python-modules/datashader/default.nix
index cb93ceb2b20..82f0851b1ab 100644
--- a/pkgs/development/python-modules/datashader/default.nix
+++ b/pkgs/development/python-modules/datashader/default.nix
@@ -25,14 +25,14 @@
buildPythonPackage rec {
pname = "datashader";
- version = "0.14.1";
+ version = "0.14.2";
format = "setuptools";
disabled = pythonOlder "3.7";
src = fetchPypi {
inherit pname version;
- hash = "sha256-VGF6351lVCBat68EY9IY9lHk1hDMcjBcrVdPSliFq4Y=";
+ hash = "sha256-q8aOpuJD6aX9m9jPm9PY5vZGBJL6Jpf+pPHbcQVOJLg=";
};
propagatedBuildInputs = [
diff --git a/pkgs/development/python-modules/db-dtypes/default.nix b/pkgs/development/python-modules/db-dtypes/default.nix
index d8f5913acc6..acd258c8456 100644
--- a/pkgs/development/python-modules/db-dtypes/default.nix
+++ b/pkgs/development/python-modules/db-dtypes/default.nix
@@ -11,7 +11,7 @@
buildPythonPackage rec {
pname = "db-dtypes";
- version = "1.0.2";
+ version = "1.0.3";
format = "setuptools";
disabled = pythonOlder "3.7";
@@ -20,14 +20,9 @@ buildPythonPackage rec {
owner = "googleapis";
repo = "python-db-dtypes-pandas";
rev = "refs/tags/v${version}";
- hash = "sha256-LLKhYLzGUQRx4ciWv1TilYvTOO0sj6rdkPlJLPZ8VXA=";
+ hash = "sha256-KkwXmJ9KwmslBPhBApm+bcY7Tu/J2ZK4sszBaMMDcpY=";
};
- postPatch = ''
- substituteInPlace setup.py \
- --replace 'pyarrow>=3.0.0, <9.0dev' 'pyarrow>=3.0.0, <10.0dev'
- '';
-
propagatedBuildInputs = [
numpy
packaging
diff --git a/pkgs/development/python-modules/elastic-apm/default.nix b/pkgs/development/python-modules/elastic-apm/default.nix
index 67195732e2d..6ef09febb6e 100644
--- a/pkgs/development/python-modules/elastic-apm/default.nix
+++ b/pkgs/development/python-modules/elastic-apm/default.nix
@@ -28,7 +28,7 @@
buildPythonPackage rec {
pname = "elastic-apm";
- version = "6.10.2";
+ version = "6.11.0";
format = "setuptools";
disabled = pythonOlder "3.8";
@@ -37,7 +37,7 @@ buildPythonPackage rec {
owner = "elastic";
repo = "apm-agent-python";
rev = "v${version}";
- hash = "sha256-Ru/yGND7xkpO3QH/cTMu4rxWUXSMsFx5u/V/rHY8k1E=";
+ hash = "sha256-ZmvOyEkXp0PEDHWcuGT91mhXwV2E6SPlrWBY/sNiRmc=";
};
propagatedBuildInputs = [
diff --git a/pkgs/development/python-modules/mistune/common.nix b/pkgs/development/python-modules/mistune/common.nix
index 9610b735c79..24508372d9a 100644
--- a/pkgs/development/python-modules/mistune/common.nix
+++ b/pkgs/development/python-modules/mistune/common.nix
@@ -1,4 +1,12 @@
-{ lib, buildPythonPackage, fetchPypi, nose, version, sha256, format ? "setuptools" }:
+{ lib
+, buildPythonPackage
+, fetchPypi
+, nose
+, version
+, sha256
+, format ? "setuptools"
+, extraMeta ? {}
+}:
buildPythonPackage rec {
inherit version format;
@@ -15,5 +23,5 @@ buildPythonPackage rec {
description = "The fastest markdown parser in pure Python";
homepage = "https://github.com/lepture/mistune";
license = licenses.bsd3;
- };
+ } // extraMeta;
}
diff --git a/pkgs/development/python-modules/mistune/default.nix b/pkgs/development/python-modules/mistune/default.nix
index 537a3e9859e..515844443f1 100644
--- a/pkgs/development/python-modules/mistune/default.nix
+++ b/pkgs/development/python-modules/mistune/default.nix
@@ -2,6 +2,9 @@ self: rec {
mistune_0_8 = self.callPackage ./common.nix {
version = "0.8.4";
sha256 = "59a3429db53c50b5c6bcc8a07f8848cb00d7dc8bdb431a4ab41920d201d4756e";
+ extraMeta = {
+ knownVulnerabilities = [ "CVE-2022-34749" ];
+ };
};
mistune_2_0 = self.callPackage ./common.nix {
version = "2.0.4";
diff --git a/pkgs/development/python-modules/openai/default.nix b/pkgs/development/python-modules/openai/default.nix
index 40645c19373..a95d63b830b 100644
--- a/pkgs/development/python-modules/openai/default.nix
+++ b/pkgs/development/python-modules/openai/default.nix
@@ -21,7 +21,7 @@
buildPythonPackage rec {
pname = "openai";
- version = "0.22.0";
+ version = "0.22.1";
disabled = pythonOlder "3.7.1";
@@ -30,7 +30,7 @@ buildPythonPackage rec {
owner = "openai";
repo = "openai-python";
rev = "v${version}";
- sha256 = "sha256-4FKFcUiY17hEiOGFP1fPBtcvcM19hFrHXX3ZLxgdJHI=";
+ sha256 = "sha256-QUnsm0ui1BFlLqAlH1bp7uDbhiRigePrAPAkSRjftM4=";
};
propagatedBuildInputs = [
diff --git a/pkgs/development/python-modules/sphinx-fortran/default.nix b/pkgs/development/python-modules/sphinx-fortran/default.nix
new file mode 100644
index 00000000000..748e4c6948b
--- /dev/null
+++ b/pkgs/development/python-modules/sphinx-fortran/default.nix
@@ -0,0 +1,44 @@
+{ lib
+, buildPythonPackage
+, fetchFromGitHub
+, pytestCheckHook
+, future
+, numpy
+, sphinx
+, six
+}:
+
+buildPythonPackage rec {
+ pname = "sphinx-fortran";
+ version = "unstable-2022-03-02";
+
+ src = fetchFromGitHub {
+ owner = "VACUMM";
+ repo = pname;
+ rev = "394ae990b43ed43fcff8beb048632f5e99794264";
+ sha256 = "sha256-IVKu5u9gqs7/9EZrf4ZYd12K6J31u+/B8kk4+8yfohM=";
+ };
+
+ propagatedBuildInputs = [
+ future
+ numpy
+ sphinx
+ six
+ ];
+
+ pythonImportsCheck = [ "sphinxfortran" ];
+
+ # Tests are failing because reference files are not updated
+ doCheck = false;
+
+ checkInputs = [
+ pytestCheckHook
+ ];
+
+ meta = with lib; {
+ description = "Fortran domain and autodoc extensions to Sphinx";
+ homepage = "http://sphinx-fortran.readthedocs.org/";
+ license = licenses.cecill21;
+ maintainers = with maintainers; [ loicreynier ];
+ };
+}
diff --git a/pkgs/development/tools/continuous-integration/jenkins/default.nix b/pkgs/development/tools/continuous-integration/jenkins/default.nix
index 9a7dd92a5bb..4384345c9ab 100644
--- a/pkgs/development/tools/continuous-integration/jenkins/default.nix
+++ b/pkgs/development/tools/continuous-integration/jenkins/default.nix
@@ -70,7 +70,8 @@ stdenv.mkDerivation rec {
homepage = "https://jenkins-ci.org";
sourceProvenance = with sourceTypes; [ binaryBytecode ];
license = licenses.mit;
- maintainers = with maintainers; [ coconnor earldouglas nequissimus ];
+ maintainers = with maintainers; [ coconnor earldouglas nequissimus ajs124 ];
+ changelog = "https://www.jenkins.io/changelog-stable/#v${version}";
mainProgram = "jenkins-cli";
platforms = platforms.all;
};
diff --git a/pkgs/development/tools/gopls/default.nix b/pkgs/development/tools/gopls/default.nix
index 405cb6141d4..130176591e2 100644
--- a/pkgs/development/tools/gopls/default.nix
+++ b/pkgs/development/tools/gopls/default.nix
@@ -2,17 +2,17 @@
buildGoModule rec {
pname = "gopls";
- version = "0.9.1";
+ version = "0.9.3";
src = fetchFromGitHub {
owner = "golang";
repo = "tools";
rev = "gopls/v${version}";
- sha256 = "sha256-+9NOQRu7cwEkRMB+HFEVrF7Z8y5UCxdUL005vZFPUHk=";
+ sha256 = "sha256-WpSF3HnSjCqUkD1PVvtYXoWSyjYnasr85AK8wMULPBI=";
};
modRoot = "gopls";
- vendorSha256 = "sha256-V5HQAKRFtHfJJzdQ8eutCpVmnOWe0yYKKnlGxphulAc=";
+ vendorSha256 = "sha256-8NhZD7ImvsBGw0xi9NR7AB9SdHkwjsA+jV7UTjVF4wM=";
doCheck = false;
diff --git a/pkgs/os-specific/darwin/pngpaste/default.nix b/pkgs/os-specific/darwin/pngpaste/default.nix
new file mode 100644
index 00000000000..99ae8048f7f
--- /dev/null
+++ b/pkgs/os-specific/darwin/pngpaste/default.nix
@@ -0,0 +1,37 @@
+{ lib, stdenv, fetchFromGitHub, AppKit, Cocoa }:
+
+let
+ pname = "pngpaste";
+ version = "0.2.3";
+in stdenv.mkDerivation {
+ inherit pname version;
+ src = fetchFromGitHub {
+ owner = "jcsalterego";
+ repo = pname;
+ rev = version;
+ sha256 = "uvajxSelk1Wfd5is5kmT2fzDShlufBgC0PDCeabEOSE=";
+ };
+
+ buildInputs = [ AppKit Cocoa ];
+
+ installPhase = ''
+ mkdir -p $out/bin
+ cp pngpaste $out/bin
+ '';
+
+ meta = with lib; {
+ description = "Paste image files from clipboard to file on MacOS";
+ longDescription = ''
+ Paste PNG into files on MacOS, much like pbpaste does for text.
+ Supported input formats are PNG, PDF, GIF, TIF, JPEG.
+ Supported output formats are PNG, GIF, JPEG, TIFF. Output
+ formats are determined by the provided filename extension,
+ falling back to PNG.
+ '';
+ homepage = "https://github.com/jcsalterego/pngpaste";
+ changelog = "https://github.com/jcsalterego/pngpaste/raw/${version}/CHANGELOG.md";
+ platforms = platforms.darwin;
+ license = licenses.bsd2;
+ maintainers = with maintainers; [ samw ];
+ };
+}
diff --git a/pkgs/os-specific/solo5/default.nix b/pkgs/os-specific/solo5/default.nix
index d51219e69ae..d781f1c503a 100644
--- a/pkgs/os-specific/solo5/default.nix
+++ b/pkgs/os-specific/solo5/default.nix
@@ -2,7 +2,7 @@
, pkg-config, qemu, syslinux, util-linux }:
let
- version = "0.6.9";
+ version = "0.7.3";
# list of all theoretically available targets
targets = [
"genode"
@@ -21,14 +21,16 @@ in stdenv.mkDerivation {
src = fetchurl {
url = "https://github.com/Solo5/solo5/releases/download/v${version}/solo5-v${version}.tar.gz";
- sha256 = "03lvk9mab3yxrmi73wrvvhykqcydjrsda0wj6aasnjm5lx9jycpr";
+ sha256 = "sha256-8LftT22XzmmWxgYez+BAHDX4HOyl5DrwrpuO2+bqqcY=";
};
+ patches = [ ./test_sleep.patch ];
+
hardeningEnable = [ "pie" ];
configurePhase = ''
runHook preConfigure
- sh configure.sh
+ sh configure.sh --prefix=/
runHook postConfigure
'';
@@ -38,15 +40,7 @@ in stdenv.mkDerivation {
runHook preInstall
export DESTDIR=$out
export PREFIX=$out
- make install-tools
-
- # get CONFIG_* vars from Makeconf which also parse in sh
- grep '^CONFIG_' Makeconf > nix_tmp_targetconf
- source nix_tmp_targetconf
- # install opam / pkg-config files for all enabled targets
- ${lib.concatMapStrings (bind: ''
- [ -n "$CONFIG_${lib.toUpper bind}" ] && make install-opam-${bind}
- '') targets}
+ make install
substituteInPlace $out/bin/solo5-virtio-mkimage \
--replace "/usr/lib/syslinux" "${syslinux}/share/syslinux" \
diff --git a/pkgs/os-specific/solo5/test_sleep.patch b/pkgs/os-specific/solo5/test_sleep.patch
new file mode 100644
index 00000000000..f86a83d09de
--- /dev/null
+++ b/pkgs/os-specific/solo5/test_sleep.patch
@@ -0,0 +1,22 @@
+diff --git a/tests/test_time/test_time.c b/tests/test_time/test_time.c
+index 931500b..cde64ad 100644
+--- a/tests/test_time/test_time.c
++++ b/tests/test_time/test_time.c
+@@ -110,7 +110,8 @@ int solo5_app_main(const struct solo5_start_info *si __attribute__((unused)))
+ /*
+ * Verify that we did not sleep less than requested (see above).
+ */
+- if (delta < NSEC_PER_SEC) {
++ const solo5_time_t slack = 100000000ULL;
++ if (delta < NSEC_PER_SEC - slack) {
+ printf("[%d] ERROR: slept too little (expected at least %llu ns)\n",
+ iters, (unsigned long long)NSEC_PER_SEC);
+ failed = true;
+@@ -120,7 +121,6 @@ int solo5_app_main(const struct solo5_start_info *si __attribute__((unused)))
+ * Verify that we did not sleep more than requested, within reason
+ * (scheduling delays, general inaccuracy of the current timing code).
+ */
+- const solo5_time_t slack = 100000000ULL;
+ if (delta > (NSEC_PER_SEC + slack)) {
+ printf("[%d] ERROR: slept too much (expected at most %llu ns)\n",
+ iters, (unsigned long long)slack);
diff --git a/pkgs/servers/syncstorage-rs/default.nix b/pkgs/servers/syncstorage-rs/default.nix
new file mode 100644
index 00000000000..17a7bb799fd
--- /dev/null
+++ b/pkgs/servers/syncstorage-rs/default.nix
@@ -0,0 +1,63 @@
+{ fetchFromGitHub
+, rustPlatform
+, pkg-config
+, python3
+, openssl
+, cmake
+, libmysqlclient
+, makeBinaryWrapper
+, lib
+}:
+
+let
+ pyFxADeps = python3.withPackages (p: [
+ p.setuptools # imports pkg_resources
+ # remainder taken from requirements.txt
+ p.pyfxa
+ p.tokenlib
+ p.cryptography
+ ]);
+in
+
+rustPlatform.buildRustPackage rec {
+ pname = "syncstorage-rs";
+ version = "0.12.0";
+
+ src = fetchFromGitHub {
+ owner = "mozilla-services";
+ repo = pname;
+ rev = version;
+ hash = "sha256-VfIpjpBS7LXe32fxIFp7xmbm40VwxUdHIEm5PnMpd4s=";
+ };
+
+ nativeBuildInputs = [
+ cmake
+ makeBinaryWrapper
+ pkg-config
+ python3
+ ];
+
+ buildInputs = [
+ libmysqlclient
+ openssl
+ ];
+
+ preFixup = ''
+ wrapProgram $out/bin/syncstorage \
+ --prefix PATH : ${lib.makeBinPath [ pyFxADeps ]}
+ '';
+
+ cargoSha256 = "sha256-JXxArKA/2SIYJvjNA1yZHR9xDKt3N2U7HVMP/6M3BxE=";
+
+ buildFeatures = [ "grpcio/openssl" ];
+
+ # almost all tests need a DB to test against
+ doCheck = false;
+
+ meta = {
+ description = "Mozilla Sync Storage built with Rust";
+ homepage = "https://github.com/mozilla-services/syncstorage-rs";
+ license = lib.licenses.mpl20;
+ maintainers = with lib.maintainers; [ pennae ];
+ };
+}
diff --git a/pkgs/servers/web-apps/snipe-it/default.nix b/pkgs/servers/web-apps/snipe-it/default.nix
index 9da05a269c4..8023da77477 100644
--- a/pkgs/servers/web-apps/snipe-it/default.nix
+++ b/pkgs/servers/web-apps/snipe-it/default.nix
@@ -1,4 +1,4 @@
-{ pkgs, stdenv, lib, fetchFromGitHub, dataDir ? "/var/lib/snipe-it" }:
+{ pkgs, stdenv, lib, fetchFromGitHub, dataDir ? "/var/lib/snipe-it", mariadb }:
let
package = (import ./composition.nix {
@@ -13,6 +13,7 @@ let
ln -s ${dataDir}/public/uploads $out/public/uploads
ln -s ${dataDir}/bootstrap/cache $out/bootstrap/cache
chmod +x $out/artisan
+ substituteInPlace config/database.php --replace "env('DB_DUMP_PATH', '/usr/local/bin')" "env('DB_DUMP_PATH', '${mariadb}/bin')"
'';
});
diff --git a/pkgs/tools/misc/smenu/default.nix b/pkgs/tools/misc/smenu/default.nix
index 3ee4de082bd..a56978e0728 100644
--- a/pkgs/tools/misc/smenu/default.nix
+++ b/pkgs/tools/misc/smenu/default.nix
@@ -1,14 +1,14 @@
{ lib, stdenv, fetchFromGitHub, ncurses }:
stdenv.mkDerivation rec {
- version = "0.9.19";
+ version = "1.0.0";
pname = "smenu";
src = fetchFromGitHub {
owner = "p-gen";
repo = "smenu";
rev = "v${version}";
- sha256 = "sha256-0ZA8Op1IMZMJ7g1waK2uOYOCDfqPfiqnnjopGtBW1w8=";
+ sha256 = "sha256-jmQ5QLsy0T2ytq1xYJkLBlEw5NxVTsAN+wckyV+68zg=";
};
buildInputs = [ ncurses ];
diff --git a/pkgs/tools/security/webanalyze/default.nix b/pkgs/tools/security/webanalyze/default.nix
index b61afb16fb6..1cbc22b1482 100644
--- a/pkgs/tools/security/webanalyze/default.nix
+++ b/pkgs/tools/security/webanalyze/default.nix
@@ -5,13 +5,13 @@
buildGoModule rec {
pname = "webanalyze";
- version = "0.3.6";
+ version = "0.3.7";
src = fetchFromGitHub {
owner = "rverton";
repo = pname;
rev = "v${version}";
- hash = "sha256-r5HIXh0mKCZmzOOAKThNUPtJLsTYvnVE8FYA6vV5xjg=";
+ hash = "sha256-W7NgV50r/MNSF6+e0IR9C1dcg/k0w67GcTs0NTbhKBc=";
};
vendorSha256 = "sha256-kXtWYGsZUUhBNvkTOah3Z+ta118k6PXfpBx6MLr/pq0=";
diff --git a/pkgs/tools/system/systeroid/default.nix b/pkgs/tools/system/systeroid/default.nix
index 25d1a534277..39cca93b988 100644
--- a/pkgs/tools/system/systeroid/default.nix
+++ b/pkgs/tools/system/systeroid/default.nix
@@ -7,13 +7,13 @@
rustPlatform.buildRustPackage rec {
pname = "systeroid";
- version = "0.1.1";
+ version = "0.2.0";
src = fetchFromGitHub {
owner = "orhun";
repo = pname;
rev = "v${version}";
- sha256 = "0xf81wyp5qg67r0vyqg0209pcabx70vvxx4nrg2y7qa0mhvf6p94";
+ sha256 = "sha256-o72tjYc+1dBLAIG75Fyt2UubjeK6j/nufjiz3wn2SdI=";
};
postPatch = ''
@@ -21,7 +21,7 @@ rustPlatform.buildRustPackage rec {
--replace '"/usr/share/doc/kernel-doc-*/Documentation/*",' '"${linux-doc}/share/doc/linux-doc/*",'
'';
- cargoSha256 = "sha256-D/sSeMR1Zg3OH1fdSVKdxdIcoP4OLp3T8mwQ28O8rfk=";
+ cargoSha256 = "sha256-8DGAiPAq+L1aWleeWEl95+hcgT+PHsxdg118U8IDyOA=";
buildInputs = [
xorg.libxcb
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 63fee4f653c..ccc6dad6f18 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -3186,6 +3186,8 @@ with pkgs;
cinny = callPackage ../applications/networking/instant-messengers/cinny { stdenv = stdenvNoCC; };
+ cinny-desktop = callPackage ../applications/networking/instant-messengers/cinny-desktop { };
+
ckbcomp = callPackage ../tools/X11/ckbcomp { };
clac = callPackage ../tools/misc/clac {};
@@ -9823,6 +9825,10 @@ with pkgs;
libpng = libpng12;
};
+ pngpaste = callPackage ../os-specific/darwin/pngpaste {
+ inherit (darwin.apple_sdk.frameworks) AppKit Cocoa;
+ };
+
pngtools = callPackage ../tools/graphics/pngtools { };
pngpp = callPackage ../development/libraries/png++ { };
@@ -22793,6 +22799,8 @@ with pkgs;
sympa = callPackage ../servers/mail/sympa { };
+ syncstorage-rs = callPackage ../servers/syncstorage-rs { };
+
system-sendmail = lowPrio (callPackage ../servers/mail/system-sendmail { });
# PulseAudio daemons
@@ -24030,6 +24038,10 @@ with pkgs;
cudaSupport = false;
};
+ librealsense-gui = callPackage ../development/libraries/librealsense {
+ enableGUI = true;
+ };
+
libsass = callPackage ../development/libraries/libsass { };
libsepol = callPackage ../os-specific/linux/libsepol { };
diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix
index 3f94580e266..b3baadb27cd 100644
--- a/pkgs/top-level/python-packages.nix
+++ b/pkgs/top-level/python-packages.nix
@@ -10129,6 +10129,8 @@ in {
sphinx-external-toc = callPackage ../development/python-modules/sphinx-external-toc { };
+ sphinx-fortran = callPackage ../development/python-modules/sphinx-fortran { };
+
sphinx-jupyterbook-latex = callPackage ../development/python-modules/sphinx-jupyterbook-latex { };
sphinx-multitoc-numbering = callPackage ../development/python-modules/sphinx-multitoc-numbering { };