Merge master into staging-next
This commit is contained in:
commit
ca03e913ca
|
@ -1273,6 +1273,12 @@
|
||||||
githubId = 1217745;
|
githubId = 1217745;
|
||||||
name = "Aldwin Vlasblom";
|
name = "Aldwin Vlasblom";
|
||||||
};
|
};
|
||||||
|
aveltras = {
|
||||||
|
email = "romain.viallard@outlook.fr";
|
||||||
|
github = "aveltras";
|
||||||
|
githubId = 790607;
|
||||||
|
name = "Romain Viallard";
|
||||||
|
};
|
||||||
avery = {
|
avery = {
|
||||||
email = "averyl+nixos@protonmail.com";
|
email = "averyl+nixos@protonmail.com";
|
||||||
github = "AveryLychee";
|
github = "AveryLychee";
|
||||||
|
@ -11462,6 +11468,12 @@
|
||||||
githubId = 107703;
|
githubId = 107703;
|
||||||
name = "Samuel Rivas";
|
name = "Samuel Rivas";
|
||||||
};
|
};
|
||||||
|
samw = {
|
||||||
|
email = "sam@wlcx.cc";
|
||||||
|
github = "wlcx";
|
||||||
|
githubId = 3065381;
|
||||||
|
name = "Sam Willcocks";
|
||||||
|
};
|
||||||
samyak = {
|
samyak = {
|
||||||
name = "Samyak Sarnayak";
|
name = "Samyak Sarnayak";
|
||||||
email = "samyak201@gmail.com";
|
email = "samyak201@gmail.com";
|
||||||
|
|
|
@ -124,6 +124,13 @@
|
||||||
<link xlink:href="options.html#opt-virtualisation.appvm.enable">virtualisation.appvm</link>.
|
<link xlink:href="options.html#opt-virtualisation.appvm.enable">virtualisation.appvm</link>.
|
||||||
</para>
|
</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
|
<listitem>
|
||||||
|
<para>
|
||||||
|
<link xlink:href="https://github.com/mozilla-services/syncstorage-rs">syncstorage-rs</link>,
|
||||||
|
a self-hostable sync server for Firefox. Available as
|
||||||
|
<link xlink:href="options.html#opt-services.firefox-syncserver.enable">services.firefox-syncserver</link>.
|
||||||
|
</para>
|
||||||
|
</listitem>
|
||||||
<listitem>
|
<listitem>
|
||||||
<para>
|
<para>
|
||||||
<link xlink:href="https://dragonflydb.io/">dragonflydb</link>,
|
<link xlink:href="https://dragonflydb.io/">dragonflydb</link>,
|
||||||
|
|
|
@ -55,6 +55,7 @@ In addition to numerous new and upgraded packages, this release has the followin
|
||||||
## New Services {#sec-release-22.11-new-services}
|
## New Services {#sec-release-22.11-new-services}
|
||||||
|
|
||||||
- [appvm](https://github.com/jollheef/appvm), Nix based app VMs. Available as [virtualisation.appvm](options.html#opt-virtualisation.appvm.enable).
|
- [appvm](https://github.com/jollheef/appvm), Nix based app VMs. Available as [virtualisation.appvm](options.html#opt-virtualisation.appvm.enable).
|
||||||
|
- [syncstorage-rs](https://github.com/mozilla-services/syncstorage-rs), a self-hostable sync server for Firefox. Available as [services.firefox-syncserver](options.html#opt-services.firefox-syncserver.enable).
|
||||||
|
|
||||||
- [dragonflydb](https://dragonflydb.io/), a modern replacement for Redis and Memcached. Available as [services.dragonflydb](#opt-services.dragonflydb.enable).
|
- [dragonflydb](https://dragonflydb.io/), a modern replacement for Redis and Memcached. Available as [services.dragonflydb](#opt-services.dragonflydb.enable).
|
||||||
|
|
||||||
|
|
|
@ -783,6 +783,7 @@
|
||||||
./services/networking/expressvpn.nix
|
./services/networking/expressvpn.nix
|
||||||
./services/networking/fakeroute.nix
|
./services/networking/fakeroute.nix
|
||||||
./services/networking/ferm.nix
|
./services/networking/ferm.nix
|
||||||
|
./services/networking/firefox-syncserver.nix
|
||||||
./services/networking/fireqos.nix
|
./services/networking/fireqos.nix
|
||||||
./services/networking/firewall.nix
|
./services/networking/firewall.nix
|
||||||
./services/networking/flannel.nix
|
./services/networking/flannel.nix
|
||||||
|
|
55
nixos/modules/services/networking/firefox-syncserver.md
Normal file
55
nixos/modules/services/networking/firefox-syncserver.md
Normal file
|
@ -0,0 +1,55 @@
|
||||||
|
# Firefox Sync server {#module-services-firefox-syncserver}
|
||||||
|
|
||||||
|
A storage server for Firefox Sync that you can easily host yourself.
|
||||||
|
|
||||||
|
## Quickstart {#module-services-firefox-syncserver-quickstart}
|
||||||
|
|
||||||
|
The absolute minimal configuration for the sync server looks like this:
|
||||||
|
|
||||||
|
```nix
|
||||||
|
services.mysql.package = pkgs.mariadb;
|
||||||
|
|
||||||
|
services.firefox-syncserver = {
|
||||||
|
enable = true;
|
||||||
|
secrets = builtins.toFile "sync-secrets" ''
|
||||||
|
SYNC_MASTER_SECRET=this-secret-is-actually-leaked-to-/nix/store
|
||||||
|
'';
|
||||||
|
singleNode = {
|
||||||
|
enable = true;
|
||||||
|
hostname = "localhost";
|
||||||
|
url = "http://localhost:5000";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
```
|
||||||
|
|
||||||
|
This will start a sync server that is only accessible locally. Once the services is
|
||||||
|
running you can navigate to `about:config` in your Firefox profile and set
|
||||||
|
`identity.sync.tokenserver.uri` to `http://localhost:5000/1.0/sync/1.5`. Your browser
|
||||||
|
will now use your local sync server for data storage.
|
||||||
|
|
||||||
|
::: {.warning}
|
||||||
|
This configuration should never be used in production. It is not encrypted and
|
||||||
|
stores its secrets in a world-readable location.
|
||||||
|
:::
|
||||||
|
|
||||||
|
## More detailed setup {#module-services-firefox-syncserver-configuration}
|
||||||
|
|
||||||
|
The `firefox-syncserver` service provides a number of options to make setting up
|
||||||
|
small deployment easier. These are grouped under the `singleNode` element of the
|
||||||
|
option tree and allow simple configuration of the most important parameters.
|
||||||
|
|
||||||
|
Single node setup is split into two kinds of options: those that affect the sync
|
||||||
|
server itself, and those that affect its surroundings. Options that affect the
|
||||||
|
sync server are `capacity`, which configures how many accounts may be active on
|
||||||
|
this instance, and `url`, which holds the URL under which the sync server can be
|
||||||
|
accessed. The `url` can be configured automatically when using nginx.
|
||||||
|
|
||||||
|
Options that affect the surroundings of the sync server are `enableNginx`,
|
||||||
|
`enableTLS` and `hostnam`. If `enableNginx` is set the sync server module will
|
||||||
|
automatically add an nginx virtual host to the system using `hostname` as the
|
||||||
|
domain and set `url` accordingly. If `enableTLS` is set the module will also
|
||||||
|
enable ACME certificates on the new virtual host and force all connections to
|
||||||
|
be made via TLS.
|
||||||
|
|
||||||
|
For actual deployment it is also recommended to store the `secrets` file in a
|
||||||
|
secure location.
|
328
nixos/modules/services/networking/firefox-syncserver.nix
Normal file
328
nixos/modules/services/networking/firefox-syncserver.nix
Normal file
|
@ -0,0 +1,328 @@
|
||||||
|
{ config, pkgs, lib, options, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
cfg = config.services.firefox-syncserver;
|
||||||
|
opt = options.services.firefox-syncserver;
|
||||||
|
defaultDatabase = "firefox_syncserver";
|
||||||
|
defaultUser = "firefox-syncserver";
|
||||||
|
|
||||||
|
dbIsLocal = cfg.database.host == "localhost";
|
||||||
|
dbURL = "mysql://${cfg.database.user}@${cfg.database.host}/${cfg.database.name}";
|
||||||
|
|
||||||
|
format = pkgs.formats.toml {};
|
||||||
|
settings = {
|
||||||
|
database_url = dbURL;
|
||||||
|
human_logs = true;
|
||||||
|
tokenserver = {
|
||||||
|
node_type = "mysql";
|
||||||
|
database_url = dbURL;
|
||||||
|
fxa_email_domain = "api.accounts.firefox.com";
|
||||||
|
fxa_oauth_server_url = "https://oauth.accounts.firefox.com/v1";
|
||||||
|
run_migrations = true;
|
||||||
|
} // lib.optionalAttrs cfg.singleNode.enable {
|
||||||
|
# Single-node mode is likely to be used on small instances with little
|
||||||
|
# capacity. The default value (0.1) can only ever release capacity when
|
||||||
|
# accounts are removed if the total capacity is 10 or larger to begin
|
||||||
|
# with.
|
||||||
|
# https://github.com/mozilla-services/syncstorage-rs/issues/1313#issuecomment-1145293375
|
||||||
|
node_capacity_release_rate = 1;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
configFile = format.generate "syncstorage.toml" (lib.recursiveUpdate settings cfg.settings);
|
||||||
|
in
|
||||||
|
|
||||||
|
{
|
||||||
|
options = {
|
||||||
|
services.firefox-syncserver = {
|
||||||
|
enable = lib.mkEnableOption ''
|
||||||
|
the Firefox Sync storage service.
|
||||||
|
|
||||||
|
Out of the box this will not be very useful unless you also configure at least
|
||||||
|
one service and one nodes by inserting them into the mysql database manually, e.g.
|
||||||
|
by running
|
||||||
|
|
||||||
|
<programlisting>
|
||||||
|
INSERT INTO `services` (`id`, `service`, `pattern`) VALUES ('1', 'sync-1.5', '{node}/1.5/{uid}');
|
||||||
|
INSERT INTO `nodes` (`id`, `service`, `node`, `available`, `current_load`,
|
||||||
|
`capacity`, `downed`, `backoff`)
|
||||||
|
VALUES ('1', '1', 'https://mydomain.tld', '1', '0', '10', '0', '0');
|
||||||
|
</programlisting>
|
||||||
|
|
||||||
|
<option>${opt.singleNode.enable}</option> does this automatically when enabled
|
||||||
|
'';
|
||||||
|
|
||||||
|
package = lib.mkOption {
|
||||||
|
type = lib.types.package;
|
||||||
|
default = pkgs.syncstorage-rs;
|
||||||
|
defaultText = lib.literalExpression "pkgs.syncstorage-rs";
|
||||||
|
description = ''
|
||||||
|
Package to use.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
database.name = lib.mkOption {
|
||||||
|
# the mysql module does not allow `-quoting without resorting to shell
|
||||||
|
# escaping, so we restrict db names for forward compaitiblity should this
|
||||||
|
# behavior ever change.
|
||||||
|
type = lib.types.strMatching "[a-z_][a-z0-9_]*";
|
||||||
|
default = defaultDatabase;
|
||||||
|
description = ''
|
||||||
|
Database to use for storage. Will be created automatically if it does not exist
|
||||||
|
and <literal>config.${opt.database.createLocally}</literal> is set.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
database.user = lib.mkOption {
|
||||||
|
type = lib.types.str;
|
||||||
|
default = defaultUser;
|
||||||
|
description = ''
|
||||||
|
Username for database connections.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
database.host = lib.mkOption {
|
||||||
|
type = lib.types.str;
|
||||||
|
default = "localhost";
|
||||||
|
description = ''
|
||||||
|
Database host name. <literal>localhost</literal> is treated specially and inserts
|
||||||
|
systemd dependencies, other hostnames or IP addresses of the local machine do not.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
database.createLocally = lib.mkOption {
|
||||||
|
type = lib.types.bool;
|
||||||
|
default = true;
|
||||||
|
description = ''
|
||||||
|
Whether to create database and user on the local machine if they do not exist.
|
||||||
|
This includes enabling unix domain socket authentication for the configured user.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
logLevel = lib.mkOption {
|
||||||
|
type = lib.types.str;
|
||||||
|
default = "error";
|
||||||
|
description = ''
|
||||||
|
Log level to run with. This can be a simple log level like <literal>error</literal>
|
||||||
|
or <literal>trace</literal>, or a more complicated logging expression.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
secrets = lib.mkOption {
|
||||||
|
type = lib.types.path;
|
||||||
|
description = ''
|
||||||
|
A file containing the various secrets. Should be in the format expected by systemd's
|
||||||
|
<literal>EnvironmentFile</literal> directory. Two secrets are currently available:
|
||||||
|
<literal>SYNC_MASTER_SECRET</literal> and
|
||||||
|
<literal>SYNC_TOKENSERVER__FXA_METRICS_HASH_SECRET</literal>.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
singleNode = {
|
||||||
|
enable = lib.mkEnableOption "auto-configuration for a simple single-node setup";
|
||||||
|
|
||||||
|
enableTLS = lib.mkEnableOption "automatic TLS setup";
|
||||||
|
|
||||||
|
enableNginx = lib.mkEnableOption "nginx virtualhost definitions";
|
||||||
|
|
||||||
|
hostname = lib.mkOption {
|
||||||
|
type = lib.types.str;
|
||||||
|
description = ''
|
||||||
|
Host name to use for this service.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
capacity = lib.mkOption {
|
||||||
|
type = lib.types.ints.unsigned;
|
||||||
|
default = 10;
|
||||||
|
description = ''
|
||||||
|
How many sync accounts are allowed on this server. Setting this value
|
||||||
|
equal to or less than the number of currently active accounts will
|
||||||
|
effectively deny service to accounts not yet registered here.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
url = lib.mkOption {
|
||||||
|
type = lib.types.str;
|
||||||
|
default = "${if cfg.singleNode.enableTLS then "https" else "http"}://${cfg.singleNode.hostname}";
|
||||||
|
defaultText = lib.literalExpression ''
|
||||||
|
''${if cfg.singleNode.enableTLS then "https" else "http"}://''${config.${opt.singleNode.hostname}}
|
||||||
|
'';
|
||||||
|
description = ''
|
||||||
|
URL of the host. If you are not using the automatic webserver proxy setup you will have
|
||||||
|
to change this setting or your sync server may not be functional.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
settings = lib.mkOption {
|
||||||
|
type = lib.types.submodule {
|
||||||
|
freeformType = format.type;
|
||||||
|
|
||||||
|
options = {
|
||||||
|
port = lib.mkOption {
|
||||||
|
type = lib.types.port;
|
||||||
|
default = 5000;
|
||||||
|
description = ''
|
||||||
|
Port to bind to.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
tokenserver.enabled = lib.mkOption {
|
||||||
|
type = lib.types.bool;
|
||||||
|
default = true;
|
||||||
|
description = ''
|
||||||
|
Whether to enable the token service as well.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
default = { };
|
||||||
|
description = ''
|
||||||
|
Settings for the sync server. These take priority over values computed
|
||||||
|
from NixOS options.
|
||||||
|
|
||||||
|
See the doc comments on the <literal>Settings</literal> structs in
|
||||||
|
<link xlink:href="https://github.com/mozilla-services/syncstorage-rs/blob/master/syncstorage/src/settings.rs" />
|
||||||
|
and
|
||||||
|
<link xlink:href="https://github.com/mozilla-services/syncstorage-rs/blob/master/syncstorage/src/tokenserver/settings.rs" />
|
||||||
|
for available options.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = lib.mkIf cfg.enable {
|
||||||
|
services.mysql = lib.mkIf cfg.database.createLocally {
|
||||||
|
enable = true;
|
||||||
|
ensureDatabases = [ cfg.database.name ];
|
||||||
|
ensureUsers = [{
|
||||||
|
name = cfg.database.user;
|
||||||
|
ensurePermissions = {
|
||||||
|
"${cfg.database.name}.*" = "all privileges";
|
||||||
|
};
|
||||||
|
}];
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.firefox-syncserver = {
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
requires = lib.mkIf dbIsLocal [ "mysql.service" ];
|
||||||
|
after = lib.mkIf dbIsLocal [ "mysql.service" ];
|
||||||
|
environment.RUST_LOG = cfg.logLevel;
|
||||||
|
serviceConfig = {
|
||||||
|
User = defaultUser;
|
||||||
|
Group = defaultUser;
|
||||||
|
ExecStart = "${cfg.package}/bin/syncstorage --config ${configFile}";
|
||||||
|
Stderr = "journal";
|
||||||
|
EnvironmentFile = lib.mkIf (cfg.secrets != null) "${cfg.secrets}";
|
||||||
|
|
||||||
|
# hardening
|
||||||
|
RemoveIPC = true;
|
||||||
|
CapabilityBoundingSet = [ "" ];
|
||||||
|
DynamicUser = true;
|
||||||
|
NoNewPrivileges = true;
|
||||||
|
PrivateDevices = true;
|
||||||
|
ProtectClock = true;
|
||||||
|
ProtectKernelLogs = true;
|
||||||
|
ProtectControlGroups = true;
|
||||||
|
ProtectKernelModules = true;
|
||||||
|
SystemCallArchitectures = "native";
|
||||||
|
# syncstorage-rs uses python-cffi internally, and python-cffi does not
|
||||||
|
# work with MemoryDenyWriteExecute=true
|
||||||
|
MemoryDenyWriteExecute = false;
|
||||||
|
RestrictNamespaces = true;
|
||||||
|
RestrictSUIDSGID = true;
|
||||||
|
ProtectHostname = true;
|
||||||
|
LockPersonality = true;
|
||||||
|
ProtectKernelTunables = true;
|
||||||
|
RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" ];
|
||||||
|
RestrictRealtime = true;
|
||||||
|
ProtectSystem = "strict";
|
||||||
|
ProtectProc = "invisible";
|
||||||
|
ProcSubset = "pid";
|
||||||
|
ProtectHome = true;
|
||||||
|
PrivateUsers = true;
|
||||||
|
PrivateTmp = true;
|
||||||
|
SystemCallFilter = [ "@system-service" "~ @privileged @resources" ];
|
||||||
|
UMask = "0077";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.firefox-syncserver-setup = lib.mkIf cfg.singleNode.enable {
|
||||||
|
wantedBy = [ "firefox-syncserver.service" ];
|
||||||
|
requires = [ "firefox-syncserver.service" ] ++ lib.optional dbIsLocal "mysql.service";
|
||||||
|
after = [ "firefox-syncserver.service" ] ++ lib.optional dbIsLocal "mysql.service";
|
||||||
|
path = [ config.services.mysql.package ];
|
||||||
|
script = ''
|
||||||
|
set -euo pipefail
|
||||||
|
shopt -s inherit_errexit
|
||||||
|
|
||||||
|
schema_configured() {
|
||||||
|
mysql ${cfg.database.name} -Ne 'SHOW TABLES' | grep -q services
|
||||||
|
}
|
||||||
|
|
||||||
|
services_configured() {
|
||||||
|
[ 1 != $(mysql ${cfg.database.name} -Ne 'SELECT COUNT(*) < 1 FROM `services`') ]
|
||||||
|
}
|
||||||
|
|
||||||
|
create_services() {
|
||||||
|
mysql ${cfg.database.name} <<"EOF"
|
||||||
|
BEGIN;
|
||||||
|
|
||||||
|
INSERT INTO `services` (`id`, `service`, `pattern`)
|
||||||
|
VALUES (1, 'sync-1.5', '{node}/1.5/{uid}');
|
||||||
|
INSERT INTO `nodes` (`id`, `service`, `node`, `available`, `current_load`,
|
||||||
|
`capacity`, `downed`, `backoff`)
|
||||||
|
VALUES (1, 1, '${cfg.singleNode.url}', ${toString cfg.singleNode.capacity},
|
||||||
|
0, ${toString cfg.singleNode.capacity}, 0, 0);
|
||||||
|
|
||||||
|
COMMIT;
|
||||||
|
EOF
|
||||||
|
}
|
||||||
|
|
||||||
|
update_nodes() {
|
||||||
|
mysql ${cfg.database.name} <<"EOF"
|
||||||
|
UPDATE `nodes`
|
||||||
|
SET `capacity` = ${toString cfg.singleNode.capacity}
|
||||||
|
WHERE `id` = 1;
|
||||||
|
EOF
|
||||||
|
}
|
||||||
|
|
||||||
|
for (( try = 0; try < 60; try++ )); do
|
||||||
|
if ! schema_configured; then
|
||||||
|
sleep 2
|
||||||
|
elif services_configured; then
|
||||||
|
update_nodes
|
||||||
|
exit 0
|
||||||
|
else
|
||||||
|
create_services
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
echo "Single-node setup failed"
|
||||||
|
exit 1
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
services.nginx.virtualHosts = lib.mkIf cfg.singleNode.enableNginx {
|
||||||
|
${cfg.singleNode.hostname} = {
|
||||||
|
enableACME = cfg.singleNode.enableTLS;
|
||||||
|
forceSSL = cfg.singleNode.enableTLS;
|
||||||
|
locations."/" = {
|
||||||
|
proxyPass = "http://localhost:${toString cfg.settings.port}";
|
||||||
|
# source mentions that this header should be set
|
||||||
|
extraConfig = ''
|
||||||
|
add_header X-Content-Type-Options nosniff;
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
meta = {
|
||||||
|
maintainers = with lib.maintainers; [ pennae ];
|
||||||
|
# Don't edit the docbook xml directly, edit the md and generate it:
|
||||||
|
# `pandoc firefox-syncserver.md -t docbook --top-level-division=chapter --extract-media=media -f markdown+smart > firefox-syncserver.xml`
|
||||||
|
doc = ./firefox-syncserver.xml;
|
||||||
|
};
|
||||||
|
}
|
77
nixos/modules/services/networking/firefox-syncserver.xml
Normal file
77
nixos/modules/services/networking/firefox-syncserver.xml
Normal file
|
@ -0,0 +1,77 @@
|
||||||
|
<chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="module-services-firefox-syncserver">
|
||||||
|
<title>Firefox Sync server</title>
|
||||||
|
<para>
|
||||||
|
A storage server for Firefox Sync that you can easily host yourself.
|
||||||
|
</para>
|
||||||
|
<section xml:id="module-services-firefox-syncserver-quickstart">
|
||||||
|
<title>Quickstart</title>
|
||||||
|
<para>
|
||||||
|
The absolute minimal configuration for the sync server looks like
|
||||||
|
this:
|
||||||
|
</para>
|
||||||
|
<programlisting language="nix">
|
||||||
|
services.mysql.package = pkgs.mariadb;
|
||||||
|
|
||||||
|
services.firefox-syncserver = {
|
||||||
|
enable = true;
|
||||||
|
secrets = builtins.toFile "sync-secrets" ''
|
||||||
|
SYNC_MASTER_SECRET=this-secret-is-actually-leaked-to-/nix/store
|
||||||
|
'';
|
||||||
|
singleNode = {
|
||||||
|
enable = true;
|
||||||
|
hostname = "localhost";
|
||||||
|
url = "http://localhost:5000";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
</programlisting>
|
||||||
|
<para>
|
||||||
|
This will start a sync server that is only accessible locally.
|
||||||
|
Once the services is running you can navigate to
|
||||||
|
<literal>about:config</literal> in your Firefox profile and set
|
||||||
|
<literal>identity.sync.tokenserver.uri</literal> to
|
||||||
|
<literal>http://localhost:5000/1.0/sync/1.5</literal>. Your
|
||||||
|
browser will now use your local sync server for data storage.
|
||||||
|
</para>
|
||||||
|
<warning>
|
||||||
|
<para>
|
||||||
|
This configuration should never be used in production. It is not
|
||||||
|
encrypted and stores its secrets in a world-readable location.
|
||||||
|
</para>
|
||||||
|
</warning>
|
||||||
|
</section>
|
||||||
|
<section xml:id="module-services-firefox-syncserver-configuration">
|
||||||
|
<title>More detailed setup</title>
|
||||||
|
<para>
|
||||||
|
The <literal>firefox-syncserver</literal> service provides a
|
||||||
|
number of options to make setting up small deployment easier.
|
||||||
|
These are grouped under the <literal>singleNode</literal> element
|
||||||
|
of the option tree and allow simple configuration of the most
|
||||||
|
important parameters.
|
||||||
|
</para>
|
||||||
|
<para>
|
||||||
|
Single node setup is split into two kinds of options: those that
|
||||||
|
affect the sync server itself, and those that affect its
|
||||||
|
surroundings. Options that affect the sync server are
|
||||||
|
<literal>capacity</literal>, which configures how many accounts
|
||||||
|
may be active on this instance, and <literal>url</literal>, which
|
||||||
|
holds the URL under which the sync server can be accessed. The
|
||||||
|
<literal>url</literal> can be configured automatically when using
|
||||||
|
nginx.
|
||||||
|
</para>
|
||||||
|
<para>
|
||||||
|
Options that affect the surroundings of the sync server are
|
||||||
|
<literal>enableNginx</literal>, <literal>enableTLS</literal> and
|
||||||
|
<literal>hostnam</literal>. If <literal>enableNginx</literal> is
|
||||||
|
set the sync server module will automatically add an nginx virtual
|
||||||
|
host to the system using <literal>hostname</literal> as the domain
|
||||||
|
and set <literal>url</literal> accordingly. If
|
||||||
|
<literal>enableTLS</literal> is set the module will also enable
|
||||||
|
ACME certificates on the new virtual host and force all
|
||||||
|
connections to be made via TLS.
|
||||||
|
</para>
|
||||||
|
<para>
|
||||||
|
For actual deployment it is also recommended to store the
|
||||||
|
<literal>secrets</literal> file in a secure location.
|
||||||
|
</para>
|
||||||
|
</section>
|
||||||
|
</chapter>
|
|
@ -4,16 +4,23 @@ let
|
||||||
keysPath = "/var/lib/yggdrasil/keys.json";
|
keysPath = "/var/lib/yggdrasil/keys.json";
|
||||||
|
|
||||||
cfg = config.services.yggdrasil;
|
cfg = config.services.yggdrasil;
|
||||||
configProvided = cfg.config != { };
|
settingsProvided = cfg.settings != { };
|
||||||
configFileProvided = cfg.configFile != null;
|
configFileProvided = cfg.configFile != null;
|
||||||
|
|
||||||
|
format = pkgs.formats.json { };
|
||||||
in {
|
in {
|
||||||
|
imports = [
|
||||||
|
(mkRenamedOptionModule
|
||||||
|
[ "services" "yggdrasil" "config" ]
|
||||||
|
[ "services" "yggdrasil" "settings" ])
|
||||||
|
];
|
||||||
|
|
||||||
options = with types; {
|
options = with types; {
|
||||||
services.yggdrasil = {
|
services.yggdrasil = {
|
||||||
enable = mkEnableOption "the yggdrasil system service";
|
enable = mkEnableOption "the yggdrasil system service";
|
||||||
|
|
||||||
config = mkOption {
|
settings = mkOption {
|
||||||
type = attrs;
|
type = format.type;
|
||||||
default = {};
|
default = {};
|
||||||
example = {
|
example = {
|
||||||
Peers = [
|
Peers = [
|
||||||
|
@ -138,11 +145,11 @@ in {
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
|
||||||
preStart =
|
preStart =
|
||||||
(if configProvided || configFileProvided || cfg.persistentKeys then
|
(if settingsProvided || configFileProvided || cfg.persistentKeys then
|
||||||
"echo "
|
"echo "
|
||||||
|
|
||||||
+ (lib.optionalString configProvided
|
+ (lib.optionalString settingsProvided
|
||||||
"'${builtins.toJSON cfg.config}'")
|
"'${builtins.toJSON cfg.settings}'")
|
||||||
+ (lib.optionalString configFileProvided "$(cat ${cfg.configFile})")
|
+ (lib.optionalString configFileProvided "$(cat ${cfg.configFile})")
|
||||||
+ (lib.optionalString cfg.persistentKeys "$(cat ${keysPath})")
|
+ (lib.optionalString cfg.persistentKeys "$(cat ${keysPath})")
|
||||||
+ " | ${pkgs.jq}/bin/jq -s add | ${binYggdrasil} -normaliseconf -useconf"
|
+ " | ${pkgs.jq}/bin/jq -s add | ${binYggdrasil} -normaliseconf -useconf"
|
||||||
|
|
|
@ -42,7 +42,7 @@ in import ./make-test-python.nix ({ pkgs, ...} : {
|
||||||
|
|
||||||
services.yggdrasil = {
|
services.yggdrasil = {
|
||||||
enable = true;
|
enable = true;
|
||||||
config = {
|
settings = {
|
||||||
Listen = ["tcp://0.0.0.0:12345"];
|
Listen = ["tcp://0.0.0.0:12345"];
|
||||||
MulticastInterfaces = [ ];
|
MulticastInterfaces = [ ];
|
||||||
};
|
};
|
||||||
|
@ -112,7 +112,7 @@ in import ./make-test-python.nix ({ pkgs, ...} : {
|
||||||
services.yggdrasil = {
|
services.yggdrasil = {
|
||||||
enable = true;
|
enable = true;
|
||||||
denyDhcpcdInterfaces = [ "ygg0" ];
|
denyDhcpcdInterfaces = [ "ygg0" ];
|
||||||
config = {
|
settings = {
|
||||||
IfTAPMode = true;
|
IfTAPMode = true;
|
||||||
IfName = "ygg0";
|
IfName = "ygg0";
|
||||||
MulticastInterfaces = [ "eth1" ];
|
MulticastInterfaces = [ "eth1" ];
|
||||||
|
|
|
@ -34,11 +34,11 @@ let
|
||||||
in
|
in
|
||||||
stdenv.mkDerivation rec {
|
stdenv.mkDerivation rec {
|
||||||
pname = "bisq-desktop";
|
pname = "bisq-desktop";
|
||||||
version = "1.9.1";
|
version = "1.9.4";
|
||||||
|
|
||||||
src = fetchurl {
|
src = fetchurl {
|
||||||
url = "https://github.com/bisq-network/bisq/releases/download/v${version}/Bisq-64bit-${version}.deb";
|
url = "https://github.com/bisq-network/bisq/releases/download/v${version}/Bisq-64bit-${version}.deb";
|
||||||
sha256 = "0gzfcp255z542adk1g6gsmfpp5zpivv6n1f5kzqgwgm5qmr24049";
|
sha256 = "sha256-8CgbJ5gfzIEh5ppwvQxYz1IES7Dd4MZCac0uVLh/YaY=";
|
||||||
};
|
};
|
||||||
|
|
||||||
nativeBuildInputs = [ makeWrapper copyDesktopItems imagemagick dpkg zip xz ];
|
nativeBuildInputs = [ makeWrapper copyDesktopItems imagemagick dpkg zip xz ];
|
||||||
|
|
|
@ -2,14 +2,14 @@
|
||||||
|
|
||||||
rustPlatform.buildRustPackage rec {
|
rustPlatform.buildRustPackage rec {
|
||||||
pname = "lscolors";
|
pname = "lscolors";
|
||||||
version = "0.11.1";
|
version = "0.12.0";
|
||||||
|
|
||||||
src = fetchCrate {
|
src = fetchCrate {
|
||||||
inherit version pname;
|
inherit version pname;
|
||||||
sha256 = "sha256-RU5DhrfB4XlrI4fHUw0/88Ib6H6xvDlRwUNPPwgVKE0=";
|
sha256 = "sha256-1tLI+M2hpXWsiO/x27ncs8zn8dBDx18AgsSbN/YE2Ic=";
|
||||||
};
|
};
|
||||||
|
|
||||||
cargoSha256 = "sha256-COWvR7B9tXGuPaD311bFzuoqkISDlIOD6GDQdFa6wT4=";
|
cargoSha256 = "sha256-4bFzFztaD9jV3GXpZwCowAhvszedM5ion5/h3D26EY8=";
|
||||||
|
|
||||||
# setid is not allowed in the sandbox
|
# setid is not allowed in the sandbox
|
||||||
checkFlags = [ "--skip=tests::style_for_setid" ];
|
checkFlags = [ "--skip=tests::style_for_setid" ];
|
||||||
|
|
|
@ -0,0 +1,46 @@
|
||||||
|
{ stdenv
|
||||||
|
, lib
|
||||||
|
, dpkg
|
||||||
|
, fetchurl
|
||||||
|
, autoPatchelfHook
|
||||||
|
, glib-networking
|
||||||
|
, openssl
|
||||||
|
, webkitgtk
|
||||||
|
, wrapGAppsHook
|
||||||
|
}:
|
||||||
|
|
||||||
|
stdenv.mkDerivation rec {
|
||||||
|
name = "cinny-desktop";
|
||||||
|
version = "2.1.1";
|
||||||
|
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://github.com/cinnyapp/cinny-desktop/releases/download/v${version}/Cinny_desktop-x86_64.deb";
|
||||||
|
sha256 = "sha256-4jd+N3a+u+c+XLwgr8BvvdkVLzo+xTBKFdjiQeu7NJU=";
|
||||||
|
};
|
||||||
|
|
||||||
|
nativeBuildInputs = [
|
||||||
|
autoPatchelfHook
|
||||||
|
dpkg
|
||||||
|
];
|
||||||
|
|
||||||
|
buildInputs = [
|
||||||
|
glib-networking
|
||||||
|
openssl
|
||||||
|
webkitgtk
|
||||||
|
wrapGAppsHook
|
||||||
|
];
|
||||||
|
|
||||||
|
unpackCmd = "dpkg-deb -x $curSrc source";
|
||||||
|
|
||||||
|
installPhase = "mv usr $out";
|
||||||
|
|
||||||
|
meta = with lib; {
|
||||||
|
description = "Yet another matrix client for desktop";
|
||||||
|
homepage = "https://github.com/cinnyapp/cinny-desktop";
|
||||||
|
maintainers = [ maintainers.aveltras ];
|
||||||
|
license = licenses.mit;
|
||||||
|
sourceProvenance = with sourceTypes; [ binaryNativeCode ];
|
||||||
|
platforms = platforms.linux;
|
||||||
|
mainProgram = "cinny";
|
||||||
|
};
|
||||||
|
}
|
|
@ -5,16 +5,16 @@
|
||||||
|
|
||||||
buildGoModule rec {
|
buildGoModule rec {
|
||||||
pname = "rclone";
|
pname = "rclone";
|
||||||
version = "1.59.0";
|
version = "1.59.1";
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = pname;
|
owner = pname;
|
||||||
repo = pname;
|
repo = pname;
|
||||||
rev = "v${version}";
|
rev = "v${version}";
|
||||||
sha256 = "sha256-SHUAEjdcqzNiIxSsmYb71JiOhWPoi8Z2nJAReRw2M5k=";
|
sha256 = "sha256-eblCMe9ywJztjsWmngUkB/IE2ePI9Yin2jkxBW0tTbQ=";
|
||||||
};
|
};
|
||||||
|
|
||||||
vendorSha256 = "sha256-ajOUvZ/0D8QL4MY6xO+hZziyUtIB0WQERU6Ov06K9I8=";
|
vendorSha256 = "sha256-MZ5RtB4UGHPlMxyQ0VbX5iPpZw98oUuEhuMBDZcYiw8=";
|
||||||
|
|
||||||
subPackages = [ "." ];
|
subPackages = [ "." ];
|
||||||
|
|
||||||
|
|
|
@ -1,14 +1,22 @@
|
||||||
{ lib, stdenvNoCC, fetchFromGitHub , gtk3, adwaita-icon-theme, breeze-icons, hicolor-icon-theme }:
|
{ lib
|
||||||
|
, stdenvNoCC
|
||||||
|
, fetchFromGitHub
|
||||||
|
, gtk3
|
||||||
|
, adwaita-icon-theme
|
||||||
|
, breeze-icons
|
||||||
|
, hicolor-icon-theme
|
||||||
|
, gitUpdater
|
||||||
|
}:
|
||||||
|
|
||||||
stdenvNoCC.mkDerivation rec {
|
stdenvNoCC.mkDerivation rec {
|
||||||
pname = "kora-icon-theme";
|
pname = "kora-icon-theme";
|
||||||
version = "1.5.2";
|
version = "1.5.3";
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "bikass";
|
owner = "bikass";
|
||||||
repo = "kora";
|
repo = "kora";
|
||||||
rev = "v${version}";
|
rev = "v${version}";
|
||||||
sha256 = "sha256-OwuePPn4seHbzv81pnTEP1Q0Tp1ywZIEmw+dx3bDoXw=";
|
sha256 = "sha256-j4W9w/icGjfkbbb0xYF3NfSFsp5RkNCc805E089JaFQ=";
|
||||||
};
|
};
|
||||||
|
|
||||||
nativeBuildInputs = [
|
nativeBuildInputs = [
|
||||||
|
@ -27,7 +35,8 @@ stdenvNoCC.mkDerivation rec {
|
||||||
runHook preInstall
|
runHook preInstall
|
||||||
|
|
||||||
mkdir -p $out/share/icons
|
mkdir -p $out/share/icons
|
||||||
mv kora* $out/share/icons/
|
cp -a kora* $out/share/icons/
|
||||||
|
rm $out/share/icons/kora*/create-new-icon-theme.cache.sh
|
||||||
|
|
||||||
for theme in $out/share/icons/*; do
|
for theme in $out/share/icons/*; do
|
||||||
gtk-update-icon-cache -f $theme
|
gtk-update-icon-cache -f $theme
|
||||||
|
@ -36,11 +45,16 @@ stdenvNoCC.mkDerivation rec {
|
||||||
runHook postInstall
|
runHook postInstall
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
passthru.updateScript = gitUpdater {
|
||||||
|
inherit pname version;
|
||||||
|
rev-prefix = "v";
|
||||||
|
};
|
||||||
|
|
||||||
meta = with lib; {
|
meta = with lib; {
|
||||||
description = "An SVG icon theme in four variants";
|
description = "An SVG icon theme in four variants";
|
||||||
homepage = "https://github.com/bikass/kora";
|
homepage = "https://github.com/bikass/kora";
|
||||||
license = with licenses; [ gpl3Only ];
|
license = with licenses; [ gpl3Only ];
|
||||||
platforms = platforms.linux;
|
platforms = platforms.linux;
|
||||||
maintainers = with maintainers; [ ];
|
maintainers = with maintainers; [ romildo ];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -6,22 +6,22 @@
|
||||||
, gtk-engine-murrine
|
, gtk-engine-murrine
|
||||||
, sassc
|
, sassc
|
||||||
, which
|
, which
|
||||||
, tweaks ? [ ] # can be "nord" "black" "rimless". cannot mix "nord" and "black"
|
, tweaks ? [ ]
|
||||||
, size ? "standard" # can be "standard" "compact"
|
, size ? "standard"
|
||||||
}:
|
}:
|
||||||
let
|
let
|
||||||
validSizes = [ "standard" "compact" ];
|
validSizes = [ "standard" "compact" ];
|
||||||
validTweaks = [ "nord" "black" "rimless" ];
|
validTweaks = [ "nord" "dracula" "black" "rimless" "normal" ];
|
||||||
|
|
||||||
unknownTweaks = lib.subtractLists validTweaks tweaks;
|
unknownTweaks = lib.subtractLists validTweaks tweaks;
|
||||||
illegalMix = !(lib.elem "nord" tweaks) && !(lib.elem "black" tweaks);
|
illegalMix = !(lib.elem "nord" tweaks) && !(lib.elem "dracula" tweaks);
|
||||||
|
|
||||||
assertIllegal = lib.assertMsg illegalMix ''
|
assertIllegal = lib.assertMsg illegalMix ''
|
||||||
Tweaks "nord" and "black" cannot be mixed. Tweaks: ${toString tweaks}
|
Tweaks "nord" and "dracula" cannot be mixed. Tweaks: ${toString tweaks}
|
||||||
'';
|
'';
|
||||||
|
|
||||||
assertSize = lib.assertMsg (lib.elem size validSizes) ''
|
assertSize = lib.assertMsg (lib.elem size validSizes) ''
|
||||||
You entered wrong size: ${size}
|
You entered a wrong size: ${size}
|
||||||
Valid sizes are: ${toString validSizes}
|
Valid sizes are: ${toString validSizes}
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
@ -37,13 +37,13 @@ assert assertUnknown;
|
||||||
|
|
||||||
stdenvNoCC.mkDerivation rec {
|
stdenvNoCC.mkDerivation rec {
|
||||||
pname = "catppuccin-gtk";
|
pname = "catppuccin-gtk";
|
||||||
version = "unstable-2022-02-24";
|
version = "unstable-2022-08-01";
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
repo = "gtk";
|
repo = "gtk";
|
||||||
owner = "catppuccin";
|
owner = "catppuccin";
|
||||||
rev = "359c584f607c021fcc657ce77b81c181ebaff6de";
|
rev = "87a79fd2bf07accc694455df30a32a82b1b31f4f";
|
||||||
sha256 = "sha256-AVhFw1XTnkU0hoM+UyjT7ZevLkePybBATJUMLqRytpk=";
|
sha256 = "sha256-dKHTQva0BYkO6VPNfY/pzRn/V1ghX+tYqbnM9hTAMeE=";
|
||||||
};
|
};
|
||||||
|
|
||||||
nativeBuildInputs = [ gtk3 sassc which ];
|
nativeBuildInputs = [ gtk3 sassc which ];
|
||||||
|
@ -52,25 +52,17 @@ stdenvNoCC.mkDerivation rec {
|
||||||
|
|
||||||
propagatedUserEnvPkgs = [ gtk-engine-murrine ];
|
propagatedUserEnvPkgs = [ gtk-engine-murrine ];
|
||||||
|
|
||||||
patches = [
|
|
||||||
# Allows installing with `-t all`. Works around missing grey assets.
|
|
||||||
# https://github.com/catppuccin/gtk/issues/17
|
|
||||||
./grey-fix.patch
|
|
||||||
];
|
|
||||||
|
|
||||||
postPatch = ''
|
postPatch = ''
|
||||||
patchShebangs --build scripts/*
|
patchShebangs --build clean-old-theme.sh install.sh
|
||||||
substituteInPlace Makefile \
|
|
||||||
--replace '$(shell git rev-parse --show-toplevel)' "$PWD"
|
|
||||||
substituteInPlace 'scripts/install.sh' \
|
|
||||||
--replace '$(git rev-parse --show-toplevel)' "$PWD"
|
|
||||||
'';
|
'';
|
||||||
|
|
||||||
installPhase = ''
|
installPhase = ''
|
||||||
runHook preInstall
|
runHook preInstall
|
||||||
|
|
||||||
|
export HOME=$(mktemp -d)
|
||||||
|
|
||||||
mkdir -p $out/share/themes
|
mkdir -p $out/share/themes
|
||||||
bash scripts/install.sh -d $out/share/themes -t all \
|
bash install.sh -d $out/share/themes -t all \
|
||||||
${lib.optionalString (size != "") "-s ${size}"} \
|
${lib.optionalString (size != "") "-s ${size}"} \
|
||||||
${lib.optionalString (tweaks != []) "--tweaks " + builtins.toString tweaks}
|
${lib.optionalString (tweaks != []) "--tweaks " + builtins.toString tweaks}
|
||||||
|
|
||||||
|
@ -78,7 +70,7 @@ stdenvNoCC.mkDerivation rec {
|
||||||
'';
|
'';
|
||||||
|
|
||||||
meta = with lib; {
|
meta = with lib; {
|
||||||
description = "Soothing pastel theme for GTK3";
|
description = "Soothing pastel theme for GTK";
|
||||||
homepage = "https://github.com/catppuccin/gtk";
|
homepage = "https://github.com/catppuccin/gtk";
|
||||||
license = licenses.gpl3Plus;
|
license = licenses.gpl3Plus;
|
||||||
platforms = platforms.linux;
|
platforms = platforms.linux;
|
||||||
|
|
|
@ -1,12 +0,0 @@
|
||||||
diff --git a/scripts/install.sh b/scripts/install.sh
|
|
||||||
index d2a2b86..bd05c93 100755
|
|
||||||
--- a/scripts/install.sh
|
|
||||||
+++ b/scripts/install.sh
|
|
||||||
@@ -20,7 +20,7 @@ fi
|
|
||||||
SASSC_OPT="-M -t expanded"
|
|
||||||
|
|
||||||
THEME_NAME=Catppuccin
|
|
||||||
-THEME_VARIANTS=('' '-purple' '-pink' '-red' '-orange' '-yellow' '-green' '-teal' '-grey')
|
|
||||||
+THEME_VARIANTS=('' '-purple' '-pink' '-red' '-orange' '-yellow' '-green' '-teal')
|
|
||||||
COLOR_VARIANTS=('' '-light' '-dark')
|
|
||||||
SIZE_VARIANTS=('' '-compact')
|
|
|
@ -1,5 +1,3 @@
|
||||||
export HARECACHE="$NIX_BUILD_TOP/.harecache"
|
|
||||||
|
|
||||||
addHarepath () {
|
addHarepath () {
|
||||||
for haredir in third-party stdlib; do
|
for haredir in third-party stdlib; do
|
||||||
if [[ -d "$1/src/hare/$haredir" ]]; then
|
if [[ -d "$1/src/hare/$haredir" ]]; then
|
||||||
|
|
|
@ -8,8 +8,14 @@
|
||||||
, ninja
|
, ninja
|
||||||
, pkg-config
|
, pkg-config
|
||||||
, gcc
|
, gcc
|
||||||
|
, mesa
|
||||||
|
, gtk3
|
||||||
|
, glfw
|
||||||
|
, libGLU
|
||||||
|
, curl
|
||||||
, cudaSupport ? config.cudaSupport or false, cudaPackages ? {}
|
, cudaSupport ? config.cudaSupport or false, cudaPackages ? {}
|
||||||
, enablePython ? false, pythonPackages ? null
|
, enablePython ? false, pythonPackages ? null
|
||||||
|
, enableGUI ? false,
|
||||||
}:
|
}:
|
||||||
|
|
||||||
assert cudaSupport -> (cudaPackages?cudatoolkit && cudaPackages.cudatoolkit != null);
|
assert cudaSupport -> (cudaPackages?cudatoolkit && cudaPackages.cudatoolkit != null);
|
||||||
|
@ -32,7 +38,8 @@ stdenv.mkDerivation rec {
|
||||||
libusb1
|
libusb1
|
||||||
gcc.cc.lib
|
gcc.cc.lib
|
||||||
] ++ lib.optional cudaSupport cudaPackages.cudatoolkit
|
] ++ lib.optional cudaSupport cudaPackages.cudatoolkit
|
||||||
++ lib.optionals enablePython (with pythonPackages; [python pybind11 ]);
|
++ lib.optionals enablePython (with pythonPackages; [ python pybind11 ])
|
||||||
|
++ lib.optionals enableGUI [ mesa gtk3 glfw libGLU curl ];
|
||||||
|
|
||||||
patches = [
|
patches = [
|
||||||
# fix build on aarch64-darwin
|
# fix build on aarch64-darwin
|
||||||
|
@ -53,8 +60,9 @@ stdenv.mkDerivation rec {
|
||||||
|
|
||||||
cmakeFlags = [
|
cmakeFlags = [
|
||||||
"-DBUILD_EXAMPLES=ON"
|
"-DBUILD_EXAMPLES=ON"
|
||||||
"-DBUILD_GRAPHICAL_EXAMPLES=OFF"
|
"-DBUILD_GRAPHICAL_EXAMPLES=${lib.boolToString enableGUI}"
|
||||||
"-DBUILD_GLSL_EXTENSIONS=OFF"
|
"-DBUILD_GLSL_EXTENSIONS=${lib.boolToString enableGUI}"
|
||||||
|
"-DCHECK_FOR_UPDATES=OFF" # activated by BUILD_GRAPHICAL_EXAMPLES, will make it download and compile libcurl
|
||||||
] ++ lib.optionals enablePython [
|
] ++ lib.optionals enablePython [
|
||||||
"-DBUILD_PYTHON_BINDINGS:bool=true"
|
"-DBUILD_PYTHON_BINDINGS:bool=true"
|
||||||
"-DXXNIX_PYTHON_SITEPACKAGES=${placeholder "out"}/${pythonPackages.python.sitePackages}"
|
"-DXXNIX_PYTHON_SITEPACKAGES=${placeholder "out"}/${pythonPackages.python.sitePackages}"
|
||||||
|
@ -72,7 +80,7 @@ stdenv.mkDerivation rec {
|
||||||
description = "A cross-platform library for Intel® RealSense™ depth cameras (D400 series and the SR300)";
|
description = "A cross-platform library for Intel® RealSense™ depth cameras (D400 series and the SR300)";
|
||||||
homepage = "https://github.com/IntelRealSense/librealsense";
|
homepage = "https://github.com/IntelRealSense/librealsense";
|
||||||
license = licenses.asl20;
|
license = licenses.asl20;
|
||||||
maintainers = with maintainers; [ brian-dawn ];
|
maintainers = with maintainers; [ brian-dawn pbsds ];
|
||||||
platforms = platforms.unix;
|
platforms = platforms.unix;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
6
pkgs/development/node-packages/node-packages.nix
generated
6
pkgs/development/node-packages/node-packages.nix
generated
|
@ -118873,10 +118873,10 @@ in
|
||||||
pnpm = nodeEnv.buildNodePackage {
|
pnpm = nodeEnv.buildNodePackage {
|
||||||
name = "pnpm";
|
name = "pnpm";
|
||||||
packageName = "pnpm";
|
packageName = "pnpm";
|
||||||
version = "7.8.0";
|
version = "7.9.1";
|
||||||
src = fetchurl {
|
src = fetchurl {
|
||||||
url = "https://registry.npmjs.org/pnpm/-/pnpm-7.8.0.tgz";
|
url = "https://registry.npmjs.org/pnpm/-/pnpm-7.9.1.tgz";
|
||||||
sha512 = "jzb9/gto4nwuVA2itTRk0PJhuaZcA1NBRB298UzXhqKZQMjtHCS+KLzh7RWk5n3g+KnMg5FHr6Mwg1L62dBz1A==";
|
sha512 = "5vyV+FwZj5y31UDDsiq9xcVzF+mvS+IPdgAgkZ9rVxYPNKCCVwVn5LsHh9jcfuApiKYVgpyisAMcuSDbe1/C0Q==";
|
||||||
};
|
};
|
||||||
buildInputs = globalBuildInputs;
|
buildInputs = globalBuildInputs;
|
||||||
meta = {
|
meta = {
|
||||||
|
|
|
@ -20,14 +20,14 @@
|
||||||
|
|
||||||
buildPythonPackage rec {
|
buildPythonPackage rec {
|
||||||
pname = "asyncssh";
|
pname = "asyncssh";
|
||||||
version = "2.11.0";
|
version = "2.12.0";
|
||||||
format = "setuptools";
|
format = "setuptools";
|
||||||
|
|
||||||
disabled = pythonOlder "3.6";
|
disabled = pythonOlder "3.6";
|
||||||
|
|
||||||
src = fetchPypi {
|
src = fetchPypi {
|
||||||
inherit pname version;
|
inherit pname version;
|
||||||
sha256 = "sha256-WcNs53up3ajdV62HV3bnEF3bH6hRvAObs66t6sT2e1Y=";
|
sha256 = "sha256-J0EBMixLlBgjru2OGrbnvlGRaGxtstK9Na/rowUF54A=";
|
||||||
};
|
};
|
||||||
|
|
||||||
propagatedBuildInputs = [
|
propagatedBuildInputs = [
|
||||||
|
|
|
@ -8,20 +8,26 @@
|
||||||
|
|
||||||
buildPythonPackage rec {
|
buildPythonPackage rec {
|
||||||
pname = "colormath";
|
pname = "colormath";
|
||||||
version = "3.0.0";
|
# Switch to unstable which fixes an deprecation issue with newer numpy
|
||||||
|
# versions, should be included in versions > 3.0
|
||||||
|
# https://github.com/gtaylor/python-colormath/issues/104
|
||||||
|
version = "unstable-2021-04-17";
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "gtaylor";
|
owner = "gtaylor";
|
||||||
rev = "3.0.0";
|
|
||||||
repo = "python-colormath";
|
repo = "python-colormath";
|
||||||
sha256 = "1nqf5wy8ikx2g684khzvjc4iagkslmbsxxwilbv4jpaznr9lahdl";
|
rev = "4a076831fd5136f685aa7143db81eba27b2cd19a";
|
||||||
|
sha256 = "sha256-eACVPIQFgiGiVmQ/PjUxP/UH/hBOsCywz5PlgpA4dk4=";
|
||||||
};
|
};
|
||||||
|
|
||||||
propagatedBuildInputs = [ networkx numpy ];
|
propagatedBuildInputs = [ networkx numpy ];
|
||||||
|
|
||||||
checkInputs = [ nose ];
|
checkInputs = [ nose ];
|
||||||
|
|
||||||
checkPhase = "nosetests";
|
checkPhase = "nosetests";
|
||||||
|
|
||||||
|
pythonImportsCheck = [ "colormath" ];
|
||||||
|
|
||||||
meta = with lib; {
|
meta = with lib; {
|
||||||
description = "Color math and conversion library";
|
description = "Color math and conversion library";
|
||||||
homepage = "https://github.com/gtaylor/python-colormath";
|
homepage = "https://github.com/gtaylor/python-colormath";
|
||||||
|
|
|
@ -25,14 +25,14 @@
|
||||||
|
|
||||||
buildPythonPackage rec {
|
buildPythonPackage rec {
|
||||||
pname = "datashader";
|
pname = "datashader";
|
||||||
version = "0.14.1";
|
version = "0.14.2";
|
||||||
format = "setuptools";
|
format = "setuptools";
|
||||||
|
|
||||||
disabled = pythonOlder "3.7";
|
disabled = pythonOlder "3.7";
|
||||||
|
|
||||||
src = fetchPypi {
|
src = fetchPypi {
|
||||||
inherit pname version;
|
inherit pname version;
|
||||||
hash = "sha256-VGF6351lVCBat68EY9IY9lHk1hDMcjBcrVdPSliFq4Y=";
|
hash = "sha256-q8aOpuJD6aX9m9jPm9PY5vZGBJL6Jpf+pPHbcQVOJLg=";
|
||||||
};
|
};
|
||||||
|
|
||||||
propagatedBuildInputs = [
|
propagatedBuildInputs = [
|
||||||
|
|
|
@ -11,7 +11,7 @@
|
||||||
|
|
||||||
buildPythonPackage rec {
|
buildPythonPackage rec {
|
||||||
pname = "db-dtypes";
|
pname = "db-dtypes";
|
||||||
version = "1.0.2";
|
version = "1.0.3";
|
||||||
format = "setuptools";
|
format = "setuptools";
|
||||||
|
|
||||||
disabled = pythonOlder "3.7";
|
disabled = pythonOlder "3.7";
|
||||||
|
@ -20,14 +20,9 @@ buildPythonPackage rec {
|
||||||
owner = "googleapis";
|
owner = "googleapis";
|
||||||
repo = "python-db-dtypes-pandas";
|
repo = "python-db-dtypes-pandas";
|
||||||
rev = "refs/tags/v${version}";
|
rev = "refs/tags/v${version}";
|
||||||
hash = "sha256-LLKhYLzGUQRx4ciWv1TilYvTOO0sj6rdkPlJLPZ8VXA=";
|
hash = "sha256-KkwXmJ9KwmslBPhBApm+bcY7Tu/J2ZK4sszBaMMDcpY=";
|
||||||
};
|
};
|
||||||
|
|
||||||
postPatch = ''
|
|
||||||
substituteInPlace setup.py \
|
|
||||||
--replace 'pyarrow>=3.0.0, <9.0dev' 'pyarrow>=3.0.0, <10.0dev'
|
|
||||||
'';
|
|
||||||
|
|
||||||
propagatedBuildInputs = [
|
propagatedBuildInputs = [
|
||||||
numpy
|
numpy
|
||||||
packaging
|
packaging
|
||||||
|
|
|
@ -28,7 +28,7 @@
|
||||||
|
|
||||||
buildPythonPackage rec {
|
buildPythonPackage rec {
|
||||||
pname = "elastic-apm";
|
pname = "elastic-apm";
|
||||||
version = "6.10.2";
|
version = "6.11.0";
|
||||||
format = "setuptools";
|
format = "setuptools";
|
||||||
|
|
||||||
disabled = pythonOlder "3.8";
|
disabled = pythonOlder "3.8";
|
||||||
|
@ -37,7 +37,7 @@ buildPythonPackage rec {
|
||||||
owner = "elastic";
|
owner = "elastic";
|
||||||
repo = "apm-agent-python";
|
repo = "apm-agent-python";
|
||||||
rev = "v${version}";
|
rev = "v${version}";
|
||||||
hash = "sha256-Ru/yGND7xkpO3QH/cTMu4rxWUXSMsFx5u/V/rHY8k1E=";
|
hash = "sha256-ZmvOyEkXp0PEDHWcuGT91mhXwV2E6SPlrWBY/sNiRmc=";
|
||||||
};
|
};
|
||||||
|
|
||||||
propagatedBuildInputs = [
|
propagatedBuildInputs = [
|
||||||
|
|
|
@ -1,4 +1,12 @@
|
||||||
{ lib, buildPythonPackage, fetchPypi, nose, version, sha256, format ? "setuptools" }:
|
{ lib
|
||||||
|
, buildPythonPackage
|
||||||
|
, fetchPypi
|
||||||
|
, nose
|
||||||
|
, version
|
||||||
|
, sha256
|
||||||
|
, format ? "setuptools"
|
||||||
|
, extraMeta ? {}
|
||||||
|
}:
|
||||||
|
|
||||||
buildPythonPackage rec {
|
buildPythonPackage rec {
|
||||||
inherit version format;
|
inherit version format;
|
||||||
|
@ -15,5 +23,5 @@ buildPythonPackage rec {
|
||||||
description = "The fastest markdown parser in pure Python";
|
description = "The fastest markdown parser in pure Python";
|
||||||
homepage = "https://github.com/lepture/mistune";
|
homepage = "https://github.com/lepture/mistune";
|
||||||
license = licenses.bsd3;
|
license = licenses.bsd3;
|
||||||
};
|
} // extraMeta;
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,6 +2,9 @@ self: rec {
|
||||||
mistune_0_8 = self.callPackage ./common.nix {
|
mistune_0_8 = self.callPackage ./common.nix {
|
||||||
version = "0.8.4";
|
version = "0.8.4";
|
||||||
sha256 = "59a3429db53c50b5c6bcc8a07f8848cb00d7dc8bdb431a4ab41920d201d4756e";
|
sha256 = "59a3429db53c50b5c6bcc8a07f8848cb00d7dc8bdb431a4ab41920d201d4756e";
|
||||||
|
extraMeta = {
|
||||||
|
knownVulnerabilities = [ "CVE-2022-34749" ];
|
||||||
|
};
|
||||||
};
|
};
|
||||||
mistune_2_0 = self.callPackage ./common.nix {
|
mistune_2_0 = self.callPackage ./common.nix {
|
||||||
version = "2.0.4";
|
version = "2.0.4";
|
||||||
|
|
|
@ -21,7 +21,7 @@
|
||||||
|
|
||||||
buildPythonPackage rec {
|
buildPythonPackage rec {
|
||||||
pname = "openai";
|
pname = "openai";
|
||||||
version = "0.22.0";
|
version = "0.22.1";
|
||||||
|
|
||||||
disabled = pythonOlder "3.7.1";
|
disabled = pythonOlder "3.7.1";
|
||||||
|
|
||||||
|
@ -30,7 +30,7 @@ buildPythonPackage rec {
|
||||||
owner = "openai";
|
owner = "openai";
|
||||||
repo = "openai-python";
|
repo = "openai-python";
|
||||||
rev = "v${version}";
|
rev = "v${version}";
|
||||||
sha256 = "sha256-4FKFcUiY17hEiOGFP1fPBtcvcM19hFrHXX3ZLxgdJHI=";
|
sha256 = "sha256-QUnsm0ui1BFlLqAlH1bp7uDbhiRigePrAPAkSRjftM4=";
|
||||||
};
|
};
|
||||||
|
|
||||||
propagatedBuildInputs = [
|
propagatedBuildInputs = [
|
||||||
|
|
44
pkgs/development/python-modules/sphinx-fortran/default.nix
Normal file
44
pkgs/development/python-modules/sphinx-fortran/default.nix
Normal file
|
@ -0,0 +1,44 @@
|
||||||
|
{ lib
|
||||||
|
, buildPythonPackage
|
||||||
|
, fetchFromGitHub
|
||||||
|
, pytestCheckHook
|
||||||
|
, future
|
||||||
|
, numpy
|
||||||
|
, sphinx
|
||||||
|
, six
|
||||||
|
}:
|
||||||
|
|
||||||
|
buildPythonPackage rec {
|
||||||
|
pname = "sphinx-fortran";
|
||||||
|
version = "unstable-2022-03-02";
|
||||||
|
|
||||||
|
src = fetchFromGitHub {
|
||||||
|
owner = "VACUMM";
|
||||||
|
repo = pname;
|
||||||
|
rev = "394ae990b43ed43fcff8beb048632f5e99794264";
|
||||||
|
sha256 = "sha256-IVKu5u9gqs7/9EZrf4ZYd12K6J31u+/B8kk4+8yfohM=";
|
||||||
|
};
|
||||||
|
|
||||||
|
propagatedBuildInputs = [
|
||||||
|
future
|
||||||
|
numpy
|
||||||
|
sphinx
|
||||||
|
six
|
||||||
|
];
|
||||||
|
|
||||||
|
pythonImportsCheck = [ "sphinxfortran" ];
|
||||||
|
|
||||||
|
# Tests are failing because reference files are not updated
|
||||||
|
doCheck = false;
|
||||||
|
|
||||||
|
checkInputs = [
|
||||||
|
pytestCheckHook
|
||||||
|
];
|
||||||
|
|
||||||
|
meta = with lib; {
|
||||||
|
description = "Fortran domain and autodoc extensions to Sphinx";
|
||||||
|
homepage = "http://sphinx-fortran.readthedocs.org/";
|
||||||
|
license = licenses.cecill21;
|
||||||
|
maintainers = with maintainers; [ loicreynier ];
|
||||||
|
};
|
||||||
|
}
|
|
@ -70,7 +70,8 @@ stdenv.mkDerivation rec {
|
||||||
homepage = "https://jenkins-ci.org";
|
homepage = "https://jenkins-ci.org";
|
||||||
sourceProvenance = with sourceTypes; [ binaryBytecode ];
|
sourceProvenance = with sourceTypes; [ binaryBytecode ];
|
||||||
license = licenses.mit;
|
license = licenses.mit;
|
||||||
maintainers = with maintainers; [ coconnor earldouglas nequissimus ];
|
maintainers = with maintainers; [ coconnor earldouglas nequissimus ajs124 ];
|
||||||
|
changelog = "https://www.jenkins.io/changelog-stable/#v${version}";
|
||||||
mainProgram = "jenkins-cli";
|
mainProgram = "jenkins-cli";
|
||||||
platforms = platforms.all;
|
platforms = platforms.all;
|
||||||
};
|
};
|
||||||
|
|
|
@ -2,17 +2,17 @@
|
||||||
|
|
||||||
buildGoModule rec {
|
buildGoModule rec {
|
||||||
pname = "gopls";
|
pname = "gopls";
|
||||||
version = "0.9.1";
|
version = "0.9.3";
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "golang";
|
owner = "golang";
|
||||||
repo = "tools";
|
repo = "tools";
|
||||||
rev = "gopls/v${version}";
|
rev = "gopls/v${version}";
|
||||||
sha256 = "sha256-+9NOQRu7cwEkRMB+HFEVrF7Z8y5UCxdUL005vZFPUHk=";
|
sha256 = "sha256-WpSF3HnSjCqUkD1PVvtYXoWSyjYnasr85AK8wMULPBI=";
|
||||||
};
|
};
|
||||||
|
|
||||||
modRoot = "gopls";
|
modRoot = "gopls";
|
||||||
vendorSha256 = "sha256-V5HQAKRFtHfJJzdQ8eutCpVmnOWe0yYKKnlGxphulAc=";
|
vendorSha256 = "sha256-8NhZD7ImvsBGw0xi9NR7AB9SdHkwjsA+jV7UTjVF4wM=";
|
||||||
|
|
||||||
doCheck = false;
|
doCheck = false;
|
||||||
|
|
||||||
|
|
37
pkgs/os-specific/darwin/pngpaste/default.nix
Normal file
37
pkgs/os-specific/darwin/pngpaste/default.nix
Normal file
|
@ -0,0 +1,37 @@
|
||||||
|
{ lib, stdenv, fetchFromGitHub, AppKit, Cocoa }:
|
||||||
|
|
||||||
|
let
|
||||||
|
pname = "pngpaste";
|
||||||
|
version = "0.2.3";
|
||||||
|
in stdenv.mkDerivation {
|
||||||
|
inherit pname version;
|
||||||
|
src = fetchFromGitHub {
|
||||||
|
owner = "jcsalterego";
|
||||||
|
repo = pname;
|
||||||
|
rev = version;
|
||||||
|
sha256 = "uvajxSelk1Wfd5is5kmT2fzDShlufBgC0PDCeabEOSE=";
|
||||||
|
};
|
||||||
|
|
||||||
|
buildInputs = [ AppKit Cocoa ];
|
||||||
|
|
||||||
|
installPhase = ''
|
||||||
|
mkdir -p $out/bin
|
||||||
|
cp pngpaste $out/bin
|
||||||
|
'';
|
||||||
|
|
||||||
|
meta = with lib; {
|
||||||
|
description = "Paste image files from clipboard to file on MacOS";
|
||||||
|
longDescription = ''
|
||||||
|
Paste PNG into files on MacOS, much like pbpaste does for text.
|
||||||
|
Supported input formats are PNG, PDF, GIF, TIF, JPEG.
|
||||||
|
Supported output formats are PNG, GIF, JPEG, TIFF. Output
|
||||||
|
formats are determined by the provided filename extension,
|
||||||
|
falling back to PNG.
|
||||||
|
'';
|
||||||
|
homepage = "https://github.com/jcsalterego/pngpaste";
|
||||||
|
changelog = "https://github.com/jcsalterego/pngpaste/raw/${version}/CHANGELOG.md";
|
||||||
|
platforms = platforms.darwin;
|
||||||
|
license = licenses.bsd2;
|
||||||
|
maintainers = with maintainers; [ samw ];
|
||||||
|
};
|
||||||
|
}
|
|
@ -2,7 +2,7 @@
|
||||||
, pkg-config, qemu, syslinux, util-linux }:
|
, pkg-config, qemu, syslinux, util-linux }:
|
||||||
|
|
||||||
let
|
let
|
||||||
version = "0.6.9";
|
version = "0.7.3";
|
||||||
# list of all theoretically available targets
|
# list of all theoretically available targets
|
||||||
targets = [
|
targets = [
|
||||||
"genode"
|
"genode"
|
||||||
|
@ -21,14 +21,16 @@ in stdenv.mkDerivation {
|
||||||
|
|
||||||
src = fetchurl {
|
src = fetchurl {
|
||||||
url = "https://github.com/Solo5/solo5/releases/download/v${version}/solo5-v${version}.tar.gz";
|
url = "https://github.com/Solo5/solo5/releases/download/v${version}/solo5-v${version}.tar.gz";
|
||||||
sha256 = "03lvk9mab3yxrmi73wrvvhykqcydjrsda0wj6aasnjm5lx9jycpr";
|
sha256 = "sha256-8LftT22XzmmWxgYez+BAHDX4HOyl5DrwrpuO2+bqqcY=";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
patches = [ ./test_sleep.patch ];
|
||||||
|
|
||||||
hardeningEnable = [ "pie" ];
|
hardeningEnable = [ "pie" ];
|
||||||
|
|
||||||
configurePhase = ''
|
configurePhase = ''
|
||||||
runHook preConfigure
|
runHook preConfigure
|
||||||
sh configure.sh
|
sh configure.sh --prefix=/
|
||||||
runHook postConfigure
|
runHook postConfigure
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
@ -38,15 +40,7 @@ in stdenv.mkDerivation {
|
||||||
runHook preInstall
|
runHook preInstall
|
||||||
export DESTDIR=$out
|
export DESTDIR=$out
|
||||||
export PREFIX=$out
|
export PREFIX=$out
|
||||||
make install-tools
|
make install
|
||||||
|
|
||||||
# get CONFIG_* vars from Makeconf which also parse in sh
|
|
||||||
grep '^CONFIG_' Makeconf > nix_tmp_targetconf
|
|
||||||
source nix_tmp_targetconf
|
|
||||||
# install opam / pkg-config files for all enabled targets
|
|
||||||
${lib.concatMapStrings (bind: ''
|
|
||||||
[ -n "$CONFIG_${lib.toUpper bind}" ] && make install-opam-${bind}
|
|
||||||
'') targets}
|
|
||||||
|
|
||||||
substituteInPlace $out/bin/solo5-virtio-mkimage \
|
substituteInPlace $out/bin/solo5-virtio-mkimage \
|
||||||
--replace "/usr/lib/syslinux" "${syslinux}/share/syslinux" \
|
--replace "/usr/lib/syslinux" "${syslinux}/share/syslinux" \
|
||||||
|
|
22
pkgs/os-specific/solo5/test_sleep.patch
Normal file
22
pkgs/os-specific/solo5/test_sleep.patch
Normal file
|
@ -0,0 +1,22 @@
|
||||||
|
diff --git a/tests/test_time/test_time.c b/tests/test_time/test_time.c
|
||||||
|
index 931500b..cde64ad 100644
|
||||||
|
--- a/tests/test_time/test_time.c
|
||||||
|
+++ b/tests/test_time/test_time.c
|
||||||
|
@@ -110,7 +110,8 @@ int solo5_app_main(const struct solo5_start_info *si __attribute__((unused)))
|
||||||
|
/*
|
||||||
|
* Verify that we did not sleep less than requested (see above).
|
||||||
|
*/
|
||||||
|
- if (delta < NSEC_PER_SEC) {
|
||||||
|
+ const solo5_time_t slack = 100000000ULL;
|
||||||
|
+ if (delta < NSEC_PER_SEC - slack) {
|
||||||
|
printf("[%d] ERROR: slept too little (expected at least %llu ns)\n",
|
||||||
|
iters, (unsigned long long)NSEC_PER_SEC);
|
||||||
|
failed = true;
|
||||||
|
@@ -120,7 +121,6 @@ int solo5_app_main(const struct solo5_start_info *si __attribute__((unused)))
|
||||||
|
* Verify that we did not sleep more than requested, within reason
|
||||||
|
* (scheduling delays, general inaccuracy of the current timing code).
|
||||||
|
*/
|
||||||
|
- const solo5_time_t slack = 100000000ULL;
|
||||||
|
if (delta > (NSEC_PER_SEC + slack)) {
|
||||||
|
printf("[%d] ERROR: slept too much (expected at most %llu ns)\n",
|
||||||
|
iters, (unsigned long long)slack);
|
63
pkgs/servers/syncstorage-rs/default.nix
Normal file
63
pkgs/servers/syncstorage-rs/default.nix
Normal file
|
@ -0,0 +1,63 @@
|
||||||
|
{ fetchFromGitHub
|
||||||
|
, rustPlatform
|
||||||
|
, pkg-config
|
||||||
|
, python3
|
||||||
|
, openssl
|
||||||
|
, cmake
|
||||||
|
, libmysqlclient
|
||||||
|
, makeBinaryWrapper
|
||||||
|
, lib
|
||||||
|
}:
|
||||||
|
|
||||||
|
let
|
||||||
|
pyFxADeps = python3.withPackages (p: [
|
||||||
|
p.setuptools # imports pkg_resources
|
||||||
|
# remainder taken from requirements.txt
|
||||||
|
p.pyfxa
|
||||||
|
p.tokenlib
|
||||||
|
p.cryptography
|
||||||
|
]);
|
||||||
|
in
|
||||||
|
|
||||||
|
rustPlatform.buildRustPackage rec {
|
||||||
|
pname = "syncstorage-rs";
|
||||||
|
version = "0.12.0";
|
||||||
|
|
||||||
|
src = fetchFromGitHub {
|
||||||
|
owner = "mozilla-services";
|
||||||
|
repo = pname;
|
||||||
|
rev = version;
|
||||||
|
hash = "sha256-VfIpjpBS7LXe32fxIFp7xmbm40VwxUdHIEm5PnMpd4s=";
|
||||||
|
};
|
||||||
|
|
||||||
|
nativeBuildInputs = [
|
||||||
|
cmake
|
||||||
|
makeBinaryWrapper
|
||||||
|
pkg-config
|
||||||
|
python3
|
||||||
|
];
|
||||||
|
|
||||||
|
buildInputs = [
|
||||||
|
libmysqlclient
|
||||||
|
openssl
|
||||||
|
];
|
||||||
|
|
||||||
|
preFixup = ''
|
||||||
|
wrapProgram $out/bin/syncstorage \
|
||||||
|
--prefix PATH : ${lib.makeBinPath [ pyFxADeps ]}
|
||||||
|
'';
|
||||||
|
|
||||||
|
cargoSha256 = "sha256-JXxArKA/2SIYJvjNA1yZHR9xDKt3N2U7HVMP/6M3BxE=";
|
||||||
|
|
||||||
|
buildFeatures = [ "grpcio/openssl" ];
|
||||||
|
|
||||||
|
# almost all tests need a DB to test against
|
||||||
|
doCheck = false;
|
||||||
|
|
||||||
|
meta = {
|
||||||
|
description = "Mozilla Sync Storage built with Rust";
|
||||||
|
homepage = "https://github.com/mozilla-services/syncstorage-rs";
|
||||||
|
license = lib.licenses.mpl20;
|
||||||
|
maintainers = with lib.maintainers; [ pennae ];
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,4 +1,4 @@
|
||||||
{ pkgs, stdenv, lib, fetchFromGitHub, dataDir ? "/var/lib/snipe-it" }:
|
{ pkgs, stdenv, lib, fetchFromGitHub, dataDir ? "/var/lib/snipe-it", mariadb }:
|
||||||
|
|
||||||
let
|
let
|
||||||
package = (import ./composition.nix {
|
package = (import ./composition.nix {
|
||||||
|
@ -13,6 +13,7 @@ let
|
||||||
ln -s ${dataDir}/public/uploads $out/public/uploads
|
ln -s ${dataDir}/public/uploads $out/public/uploads
|
||||||
ln -s ${dataDir}/bootstrap/cache $out/bootstrap/cache
|
ln -s ${dataDir}/bootstrap/cache $out/bootstrap/cache
|
||||||
chmod +x $out/artisan
|
chmod +x $out/artisan
|
||||||
|
substituteInPlace config/database.php --replace "env('DB_DUMP_PATH', '/usr/local/bin')" "env('DB_DUMP_PATH', '${mariadb}/bin')"
|
||||||
'';
|
'';
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
|
@ -1,14 +1,14 @@
|
||||||
{ lib, stdenv, fetchFromGitHub, ncurses }:
|
{ lib, stdenv, fetchFromGitHub, ncurses }:
|
||||||
|
|
||||||
stdenv.mkDerivation rec {
|
stdenv.mkDerivation rec {
|
||||||
version = "0.9.19";
|
version = "1.0.0";
|
||||||
pname = "smenu";
|
pname = "smenu";
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "p-gen";
|
owner = "p-gen";
|
||||||
repo = "smenu";
|
repo = "smenu";
|
||||||
rev = "v${version}";
|
rev = "v${version}";
|
||||||
sha256 = "sha256-0ZA8Op1IMZMJ7g1waK2uOYOCDfqPfiqnnjopGtBW1w8=";
|
sha256 = "sha256-jmQ5QLsy0T2ytq1xYJkLBlEw5NxVTsAN+wckyV+68zg=";
|
||||||
};
|
};
|
||||||
|
|
||||||
buildInputs = [ ncurses ];
|
buildInputs = [ ncurses ];
|
||||||
|
|
|
@ -5,13 +5,13 @@
|
||||||
|
|
||||||
buildGoModule rec {
|
buildGoModule rec {
|
||||||
pname = "webanalyze";
|
pname = "webanalyze";
|
||||||
version = "0.3.6";
|
version = "0.3.7";
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "rverton";
|
owner = "rverton";
|
||||||
repo = pname;
|
repo = pname;
|
||||||
rev = "v${version}";
|
rev = "v${version}";
|
||||||
hash = "sha256-r5HIXh0mKCZmzOOAKThNUPtJLsTYvnVE8FYA6vV5xjg=";
|
hash = "sha256-W7NgV50r/MNSF6+e0IR9C1dcg/k0w67GcTs0NTbhKBc=";
|
||||||
};
|
};
|
||||||
|
|
||||||
vendorSha256 = "sha256-kXtWYGsZUUhBNvkTOah3Z+ta118k6PXfpBx6MLr/pq0=";
|
vendorSha256 = "sha256-kXtWYGsZUUhBNvkTOah3Z+ta118k6PXfpBx6MLr/pq0=";
|
||||||
|
|
|
@ -7,13 +7,13 @@
|
||||||
|
|
||||||
rustPlatform.buildRustPackage rec {
|
rustPlatform.buildRustPackage rec {
|
||||||
pname = "systeroid";
|
pname = "systeroid";
|
||||||
version = "0.1.1";
|
version = "0.2.0";
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "orhun";
|
owner = "orhun";
|
||||||
repo = pname;
|
repo = pname;
|
||||||
rev = "v${version}";
|
rev = "v${version}";
|
||||||
sha256 = "0xf81wyp5qg67r0vyqg0209pcabx70vvxx4nrg2y7qa0mhvf6p94";
|
sha256 = "sha256-o72tjYc+1dBLAIG75Fyt2UubjeK6j/nufjiz3wn2SdI=";
|
||||||
};
|
};
|
||||||
|
|
||||||
postPatch = ''
|
postPatch = ''
|
||||||
|
@ -21,7 +21,7 @@ rustPlatform.buildRustPackage rec {
|
||||||
--replace '"/usr/share/doc/kernel-doc-*/Documentation/*",' '"${linux-doc}/share/doc/linux-doc/*",'
|
--replace '"/usr/share/doc/kernel-doc-*/Documentation/*",' '"${linux-doc}/share/doc/linux-doc/*",'
|
||||||
'';
|
'';
|
||||||
|
|
||||||
cargoSha256 = "sha256-D/sSeMR1Zg3OH1fdSVKdxdIcoP4OLp3T8mwQ28O8rfk=";
|
cargoSha256 = "sha256-8DGAiPAq+L1aWleeWEl95+hcgT+PHsxdg118U8IDyOA=";
|
||||||
|
|
||||||
buildInputs = [
|
buildInputs = [
|
||||||
xorg.libxcb
|
xorg.libxcb
|
||||||
|
|
|
@ -3186,6 +3186,8 @@ with pkgs;
|
||||||
|
|
||||||
cinny = callPackage ../applications/networking/instant-messengers/cinny { stdenv = stdenvNoCC; };
|
cinny = callPackage ../applications/networking/instant-messengers/cinny { stdenv = stdenvNoCC; };
|
||||||
|
|
||||||
|
cinny-desktop = callPackage ../applications/networking/instant-messengers/cinny-desktop { };
|
||||||
|
|
||||||
ckbcomp = callPackage ../tools/X11/ckbcomp { };
|
ckbcomp = callPackage ../tools/X11/ckbcomp { };
|
||||||
|
|
||||||
clac = callPackage ../tools/misc/clac {};
|
clac = callPackage ../tools/misc/clac {};
|
||||||
|
@ -9823,6 +9825,10 @@ with pkgs;
|
||||||
libpng = libpng12;
|
libpng = libpng12;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
pngpaste = callPackage ../os-specific/darwin/pngpaste {
|
||||||
|
inherit (darwin.apple_sdk.frameworks) AppKit Cocoa;
|
||||||
|
};
|
||||||
|
|
||||||
pngtools = callPackage ../tools/graphics/pngtools { };
|
pngtools = callPackage ../tools/graphics/pngtools { };
|
||||||
|
|
||||||
pngpp = callPackage ../development/libraries/png++ { };
|
pngpp = callPackage ../development/libraries/png++ { };
|
||||||
|
@ -22793,6 +22799,8 @@ with pkgs;
|
||||||
|
|
||||||
sympa = callPackage ../servers/mail/sympa { };
|
sympa = callPackage ../servers/mail/sympa { };
|
||||||
|
|
||||||
|
syncstorage-rs = callPackage ../servers/syncstorage-rs { };
|
||||||
|
|
||||||
system-sendmail = lowPrio (callPackage ../servers/mail/system-sendmail { });
|
system-sendmail = lowPrio (callPackage ../servers/mail/system-sendmail { });
|
||||||
|
|
||||||
# PulseAudio daemons
|
# PulseAudio daemons
|
||||||
|
@ -24030,6 +24038,10 @@ with pkgs;
|
||||||
cudaSupport = false;
|
cudaSupport = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
librealsense-gui = callPackage ../development/libraries/librealsense {
|
||||||
|
enableGUI = true;
|
||||||
|
};
|
||||||
|
|
||||||
libsass = callPackage ../development/libraries/libsass { };
|
libsass = callPackage ../development/libraries/libsass { };
|
||||||
|
|
||||||
libsepol = callPackage ../os-specific/linux/libsepol { };
|
libsepol = callPackage ../os-specific/linux/libsepol { };
|
||||||
|
|
|
@ -10129,6 +10129,8 @@ in {
|
||||||
|
|
||||||
sphinx-external-toc = callPackage ../development/python-modules/sphinx-external-toc { };
|
sphinx-external-toc = callPackage ../development/python-modules/sphinx-external-toc { };
|
||||||
|
|
||||||
|
sphinx-fortran = callPackage ../development/python-modules/sphinx-fortran { };
|
||||||
|
|
||||||
sphinx-jupyterbook-latex = callPackage ../development/python-modules/sphinx-jupyterbook-latex { };
|
sphinx-jupyterbook-latex = callPackage ../development/python-modules/sphinx-jupyterbook-latex { };
|
||||||
|
|
||||||
sphinx-multitoc-numbering = callPackage ../development/python-modules/sphinx-multitoc-numbering { };
|
sphinx-multitoc-numbering = callPackage ../development/python-modules/sphinx-multitoc-numbering { };
|
||||||
|
|
Loading…
Reference in a new issue