b12f/nixpkgs
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Merge branch 'master' into tt-rss-2021-06-21

Browse source
This commit is contained in:
Milo Gertjejansen 2021-07-28 21:06:44 -04:00 committed by GitHub
parent 7aa2bf302a d0044b0e7d
commit f3b660014d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
385 changed files with 7555 additions and 3387 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.github/labeler.yml vendored
View file

@ -70,6 +70,7 @@
"6.topic: nixos":
- nixos/**/*
- pkgs/os-specific/linux/nixos-rebuild/**/*
"6.topic: ocaml":
- doc/languages-frameworks/ocaml.section.md

30
doc/contributing/coding-conventions.chapter.md
View file

@ -520,7 +520,7 @@ If you do need to do create this sort of patch file, one way to do so is with gi
4. Use git to create a diff, and pipe the output to a patch file:
```ShellSession
$ git diff > nixpkgs/pkgs/the/package/0001-changes.patch
$ git diff -a > nixpkgs/pkgs/the/package/0001-changes.patch
```
If a patch is available online but does not cleanly apply, it can be modified in some fixed ways by using additional optional arguments for `fetchpatch`:
@ -537,7 +537,13 @@ Note that because the checksum is computed after applying these effects, using o
Tests are important to ensure quality and make reviews and automatic updates easy.
Nix package tests are a lightweight alternative to [NixOS module tests](https://nixos.org/manual/nixos/stable/#sec-nixos-tests). They can be used to create simple integration tests for packages while the module tests are used to test services or programs with a graphical user interface on a NixOS VM. Unittests that are included in the source code of a package should be executed in the `checkPhase`.
The following types of tests exists:
* [NixOS **module tests**](https://nixos.org/manual/nixos/stable/#sec-nixos-tests), which spawn one or more NixOS VMs. They exercise both NixOS modules and the packaged programs used within them. For example, a NixOS module test can start a web server VM running the `nginx` module, and a client VM running `curl` or a graphical `firefox`, and test that they can talk to each other and display the correct content.
* Nix **package tests** are a lightweight alternative to NixOS module tests. They should be used to create simple integration tests for packages, but cannot test NixOS services, and some programs with graphical user interfaces may also be difficult to test with them.
* The **`checkPhase` of a package**, which should execute the unit tests that are included in the source code of a package.
Here in the nixpkgs manual we describe mostly _package tests_; for _module tests_ head over to the corresponding [section in the NixOS manual](https://nixos.org/manual/nixos/stable/#sec-nixos-tests).
### Writing package tests {#ssec-package-tests-writing}
@ -602,3 +608,23 @@ Here are examples of package tests:
- [Spacy annotation test](https://github.com/NixOS/nixpkgs/blob/master/pkgs/development/python-modules/spacy/annotation-test/default.nix)
- [Libtorch test](https://github.com/NixOS/nixpkgs/blob/master/pkgs/development/libraries/science/math/libtorch/test/default.nix)
- [Multiple tests for nanopb](https://github.com/NixOS/nixpkgs/blob/master/pkgs/development/libraries/nanopb/default.nix)
### Linking NixOS module tests to a package {#ssec-nixos-tests-linking}
Like [package tests](#ssec-package-tests-writing) as shown above, [NixOS module tests](https://nixos.org/manual/nixos/stable/#sec-nixos-tests) can also be linked to a package, so that the tests can be easily run when changing the related package.
For example, assuming we're packaging `nginx`, we can link its module test via `passthru.tests`:
```nix
{ stdenv, lib, nixosTests }:
stdenv.mkDerivation {
...
passthru.tests = {
nginx = nixosTests.nginx;
};
...
}
```

8
lib/attrsets.nix
View file

@ -5,7 +5,7 @@ let
inherit (builtins) head tail length;
inherit (lib.trivial) and;
inherit (lib.strings) concatStringsSep sanitizeDerivationName;
inherit (lib.lists) fold concatMap concatLists;
inherit (lib.lists) fold foldr concatMap concatLists;
in
rec {
@ -152,8 +152,8 @@ rec {
=> { a = [ 2 3 ]; }
*/
foldAttrs = op: nul: list_of_attrs:
fold (n: a:
fold (name: o:
foldr (n: a:
foldr (name: o:
o // { ${name} = op n.${name} (a.${name} or nul); }
) a (attrNames n)
) {} list_of_attrs;
@ -455,7 +455,7 @@ rec {
=> true
*/
matchAttrs = pattern: attrs: assert isAttrs pattern;
fold and true (attrValues (zipAttrsWithNames (attrNames pattern) (n: values:
foldr and true (attrValues (zipAttrsWithNames (attrNames pattern) (n: values:
let pat = head values; val = head (tail values); in
if length values == 1 then false
else if isAttrs pat then isAttrs val && matchAttrs pat val

10
lib/deprecated.nix
View file

@ -77,11 +77,11 @@ rec {
# Output : are reqs satisfied? It's asserted.
checkReqs = attrSet: argList: condList:
(
fold lib.and true
foldr lib.and true
(map (x: let name = (head x); in
((checkFlag attrSet name) ->
(fold lib.and true
(foldr lib.and true
(map (y: let val=(getValue attrSet argList y); in
(val!=null) && (val!=false))
(tail x))))) condList));
@ -177,7 +177,7 @@ rec {
# merge attributes with custom function handling the case that the attribute
# exists in both sets
mergeAttrsWithFunc = f: set1: set2:
fold (n: set: if set ? ${n}
foldr (n: set: if set ? ${n}
then setAttr set n (f set.${n} set2.${n})
else set )
(set2 // set1) (attrNames set2);
@ -196,7 +196,7 @@ rec {
mergeAttrsNoOverride = { mergeLists ? ["buildInputs" "propagatedBuildInputs"],
overrideSnd ? [ "buildPhase" ]
}: attrs1: attrs2:
fold (n: set:
foldr (n: set:
setAttr set n ( if set ? ${n}
then # merge
if elem n mergeLists # attribute contains list, merge them by concatenating
@ -224,7 +224,7 @@ rec {
mergeAttrBy2 = { mergeAttrBy = lib.mergeAttrs; }
// (maybeAttr "mergeAttrBy" {} x)
// (maybeAttr "mergeAttrBy" {} y); in
fold lib.mergeAttrs {} [
foldr lib.mergeAttrs {} [
x y
(mapAttrs ( a: v: # merge special names using given functions
if x ? ${a}

2
lib/trivial.nix
View file

@ -308,7 +308,7 @@ rec {
info = msg: builtins.trace "INFO: ${msg}";
showWarnings = warnings: res: lib.fold (w: x: warn w x) res warnings;
showWarnings = warnings: res: lib.foldr (w: x: warn w x) res warnings;
## Function annotations

12
maintainers/maintainer-list.nix
View file

@ -4255,6 +4255,12 @@
githubId = 131599;
name = "Martin Weinelt";
};
hexagonal-sun = {
email = "dev@mattleach.net";
github = "hexagonal-sun";
githubId = 222664;
name = "Matthew Leach";
};
hh = {
email = "hh@m-labs.hk";
github = "HarryMakes";
@ -4933,6 +4939,12 @@
fingerprint = "7EB1 C02A B62B B464 6D7C E4AE D1D0 9DE1 69EA 19A0";
}];
};
jgart = {
email = "jgart@dismail.de";
github = "jgarte";
githubId = 47760695;
name = "Jorge Gomez";
};
jgeerds = {
email = "jascha@geerds.org";
github = "jgeerds";

7
maintainers/scripts/haskell/mark-broken.sh
View file

@ -30,9 +30,10 @@ EOF
# clear environment here to avoid things like allowing broken builds in
sort -iu "$tmpfile" >> "$broken_config"
env -i maintainers/scripts/haskell/regenerate-hackage-packages.sh
env -i maintainers/scripts/haskell/regenerate-transitive-broken-packages.sh
env -i maintainers/scripts/haskell/regenerate-hackage-packages.sh
clear="env -u HOME -u NIXPKGS_CONFIG"
$clear maintainers/scripts/haskell/regenerate-hackage-packages.sh
$clear maintainers/scripts/haskell/regenerate-transitive-broken-packages.sh
$clear maintainers/scripts/haskell/regenerate-hackage-packages.sh
if [[ "${1:-}" == "--do-commit" ]]; then
git add $broken_config

21
maintainers/scripts/haskell/upload-nixos-package-list-to-hackage.sh Executable file
View file

@ -0,0 +1,21 @@
#! /usr/bin/env nix-shell
#! nix-shell -i bash -p nix curl gnused -I nixpkgs=.
# On Hackage every package description shows a category "Distributions" which
# lists a "NixOS" version.
# This script uploads a csv to hackage which will update the displayed versions
# based on the current versions in nixpkgs. This happens with a simple http
# request.
# For authorization you just need to have any valid hackage account. This
# script uses the `username` and `password-command` field from your
# ~/.cabal/config file.
# e.g. username: maralorn
# password-command: pass hackage.haskell.org (this can be any command, but not an arbitrary shell expression.)
# Those fields are specified under `upload` on the `cabal` man page.
package_list="$(nix-build -A haskell.package-list)/nixos-hackage-packages.csv"
username=$(grep "^username:" ~/.cabal/config | sed "s/^username: //")
password_command=$(grep "^password-command:" ~/.cabal/config | sed "s/^password-command: //")
curl -u "$username:$($password_command)" --digest -H "Content-type: text/csv" -T "$package_list" http://hackage.haskell.org/distro/NixOS/packages.csv

3
maintainers/team-list.nix
View file

@ -114,8 +114,9 @@ with lib.maintainers; {
haskell = {
members = [
maralorn
cdepillabout
expipiplus1
maralorn
sternenseemann
];
scope = "Maintain Haskell packages and infrastructure.";

2
nixos/doc/manual/default.nix
View file

@ -12,7 +12,7 @@ let
# E.g. if some `options` came from modules in ${pkgs.customModules}/nix,
# you'd need to include `extraSources = [ pkgs.customModules ]`
prefixesToStrip = map (p: "${toString p}/") ([ ../../.. ] ++ extraSources);
stripAnyPrefixes = lib.flip (lib.fold lib.removePrefix) prefixesToStrip;
stripAnyPrefixes = lib.flip (lib.foldr lib.removePrefix) prefixesToStrip;
optionsDoc = buildPackages.nixosOptionsDoc {
inherit options revision;

6
nixos/doc/manual/development/linking-nixos-tests-to-packages.section.md Normal file
View file

@ -0,0 +1,6 @@
# Linking NixOS tests to packages {#sec-linking-nixos-tests-to-packages}
You can link NixOS module tests to the packages that they exercised,
so that the tests can be run automatically during code review when the package gets changed.
This is
[described in the nixpkgs manual](https://nixos.org/manual/nixpkgs/stable/#ssec-nixos-tests-linking).

1
nixos/doc/manual/development/nixos-tests.xml
View file

@ -16,4 +16,5 @@ xlink:href="https://github.com/NixOS/nixpkgs/tree/master/nixos/tests">nixos/test
<xi:include href="../from_md/development/writing-nixos-tests.section.xml" />
<xi:include href="../from_md/development/running-nixos-tests.section.xml" />
<xi:include href="../from_md/development/running-nixos-tests-interactively.section.xml" />
<xi:include href="../from_md/development/linking-nixos-tests-to-packages.section.xml" />
</chapter>

10
nixos/doc/manual/from_md/development/linking-nixos-tests-to-packages.section.xml Normal file
View file

@ -0,0 +1,10 @@
<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-linking-nixos-tests-to-packages">
<title>Linking NixOS tests to packages</title>
<para>
You can link NixOS module tests to the packages that they exercised,
so that the tests can be run automatically during code review when
the package gets changed. This is
<link xlink:href="https://nixos.org/manual/nixpkgs/stable/#ssec-nixos-tests-linking">described
in the nixpkgs manual</link>.
</para>
</section>

54
nixos/doc/manual/from_md/release-notes/rl-2111.section.xml
View file

@ -125,6 +125,21 @@
<link linkend="opt-services.prometheus.exporters.buildkite-agent.enable">services.prometheus.exporters.buildkite-agent</link>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/prometheus/influxdb_exporter">influxdb-exporter</link>
a Prometheus exporter that exports metrics received on an
InfluxDB compatible endpoint is now available as
<link linkend="opt-services.prometheus.exporters.influxdb.enable">services.prometheus.exporters.influxdb</link>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/matrix-discord/mx-puppet-discord">mx-puppet-discord</link>,
a discord puppeting bridge for matrix. Available as
<link linkend="opt-services.mx-puppet-discord.enable">services.mx-puppet-discord</link>.
</para>
</listitem>
</itemizedlist>
</section>
<section xml:id="sec-release-21.11-incompatibilities">
@ -566,6 +581,32 @@
Discourse post</link> in the tt-rss forums for more details.
</para>
</listitem>
<listitem>
<para>
The following Visual Studio Code extensions were renamed to
keep the naming convention uniform.
</para>
<itemizedlist spacing="compact">
<listitem>
<para>
<literal>bbenoist.Nix</literal> -&gt;
<literal>bbenoist.nix</literal>
</para>
</listitem>
<listitem>
<para>
<literal>CoenraadS.bracket-pair-colorizer</literal> -&gt;
<literal>coenraads.bracket-pair-colorizer</literal>
</para>
</listitem>
<listitem>
<para>
<literal>golang.Go</literal> -&gt;
<literal>golang.go</literal>
</para>
</listitem>
</itemizedlist>
</listitem>
</itemizedlist>
</section>
<section xml:id="sec-release-21.11-notable-changes">
@ -713,6 +754,19 @@
option.
</para>
</listitem>
<listitem>
<para>
The
<link xlink:href="options.html#opt-services.syncoid.enable">services.syncoid.enable</link>
module now properly drops ZFS permissions after usage. Before
it delegated permissions to whole pools instead of datasets
and didnt clean up after execution. You can manually look
this up for your pools by running
<literal>zfs allow your-pool-name</literal> and use
<literal>zfs unallow syncoid your-pool-name</literal> to clean
this up.
</para>
</listitem>
</itemizedlist>
</section>
</section>

11
nixos/doc/manual/release-notes/rl-2111.section.md
View file

@ -39,6 +39,10 @@ pt-services.clipcat.enable).
- [buildkite-agent-metrics](https://github.com/buildkite/buildkite-agent-metrics), a command-line tool for collecting Buildkite agent metrics, now has a Prometheus exporter available as [services.prometheus.exporters.buildkite-agent](#opt-services.prometheus.exporters.buildkite-agent.enable).
- [influxdb-exporter](https://github.com/prometheus/influxdb_exporter) a Prometheus exporter that exports metrics received on an InfluxDB compatible endpoint is now available as [services.prometheus.exporters.influxdb](#opt-services.prometheus.exporters.influxdb.enable).
- [mx-puppet-discord](https://github.com/matrix-discord/mx-puppet-discord), a discord puppeting bridge for matrix. Available as [services.mx-puppet-discord](#opt-services.mx-puppet-discord.enable).
## Backward Incompatibilities {#sec-release-21.11-incompatibilities}
- The `staticjinja` package has been upgraded from 1.0.4 to 3.0.1
@ -144,6 +148,11 @@ pt-services.clipcat.enable).
- `tt-rss` was upgraded to the commit on 2021-06-21, which has breaking changes. If you use `services.tt-rss.extraConfig` you should migrate to the `putenv`-style configuration. See [this Discourse post](https://community.tt-rss.org/t/rip-config-php-hello-classes-config-php/4337) in the tt-rss forums for more details.
- The following Visual Studio Code extensions were renamed to keep the naming convention uniform.
- `bbenoist.Nix` -> `bbenoist.nix`
- `CoenraadS.bracket-pair-colorizer` -> `coenraads.bracket-pair-colorizer`
- `golang.Go` -> `golang.go`
## Other Notable Changes {#sec-release-21.11-notable-changes}
- The setting [`services.openssh.logLevel`](options.html#opt-services.openssh.logLevel) `"VERBOSE"` `"INFO"`. This brings NixOS in line with upstream and other Linux distributions, and reduces log spam on servers due to bruteforcing botnets.
@ -185,3 +194,5 @@ pt-services.clipcat.enable).
- NSS modules which should come after `dns` should use mkAfter.
- The [networking.wireless.iwd](options.html#opt-networking.wireless.iwd.enable) module has a new [networking.wireless.iwd.settings](options.html#opt-networking.wireless.iwd.settings) option.
- The [services.syncoid.enable](options.html#opt-services.syncoid.enable) module now properly drops ZFS permissions after usage. Before it delegated permissions to whole pools instead of datasets and didn't clean up after execution. You can manually look this up for your pools by running `zfs allow your-pool-name` and use `zfs unallow syncoid your-pool-name` to clean this up.

2
nixos/modules/config/users-groups.nix
View file

@ -396,7 +396,7 @@ let
};
};
idsAreUnique = set: idAttr: !(fold (name: args@{ dup, acc }:
idsAreUnique = set: idAttr: !(foldr (name: args@{ dup, acc }:
let
id = builtins.toString (builtins.getAttr idAttr (builtins.getAttr name set));
exists = builtins.hasAttr id acc;

12
nixos/modules/hardware/all-firmware.nix
View file

@ -35,6 +35,14 @@ in {
'';
};
hardware.wirelessRegulatoryDatabase = mkOption {
default = false;
type = types.bool;
description = ''
Load the wireless regulatory database at boot.
'';
};
};
@ -58,6 +66,7 @@ in {
++ optionals (versionOlder config.boot.kernelPackages.kernel.version "4.13") [
rtl8723bs-firmware
];
hardware.wirelessRegulatoryDatabase = true;
})
(mkIf cfg.enableAllFirmware {
assertions = [{
@ -75,5 +84,8 @@ in {
b43FirmwareCutter
] ++ optional (pkgs.stdenv.hostPlatform.isi686 || pkgs.stdenv.hostPlatform.isx86_64) facetimehd-firmware;
})
(mkIf cfg.wirelessRegulatoryDatabase {
hardware.firmware = [ pkgs.wireless-regdb ];
})
];
}

6
nixos/modules/installer/cd-dvd/iso-image.nix
View file

@ -654,7 +654,11 @@ in
];
fileSystems."/" =
{ fsType = "tmpfs";
# This module is often over-layed onto an existing host config
# that defines `/`. We use mkOverride 60 to override standard
# values, but at the same time leave room for mkForce values
# targeted at the image build.
{ fsType = mkOverride 60 "tmpfs";
options = [ "mode=0755" ];
};

6
nixos/modules/installer/netboot/netboot.nix
View file

@ -30,7 +30,11 @@ with lib;
else [ pkgs.grub2 pkgs.syslinux ]);
fileSystems."/" =
{ fsType = "tmpfs";
# This module is often over-layed onto an existing host config
# that defines `/`. We use mkOverride 60 to override standard
# values, but at the same time leave room for mkForce values
# targeted at the image build.
{ fsType = mkOverride 60 "tmpfs";
options = [ "mode=0755" ];
};

10
nixos/modules/installer/tools/nix-fallback-paths.nix
View file

@ -1,7 +1,7 @@
{
x86_64-linux = "/nix/store/qsgz2hhn6mzlzp53a7pwf9z2pq3l5z6h-nix-2.3.14";
i686-linux = "/nix/store/1yw40bj04lykisw2jilq06lir3k9ga4a-nix-2.3.14";
aarch64-linux = "/nix/store/32yzwmynmjxfrkb6y6l55liaqdrgkj4a-nix-2.3.14";
x86_64-darwin = "/nix/store/06j0vi2d13w4l0p3jsigq7lk4x6gkycj-nix-2.3.14";
aarch64-darwin = "/nix/store/77wi7vpbrghw5rgws25w30bwb8yggnk9-nix-2.3.14";
x86_64-linux = "/nix/store/jhbxh1jwjc3hjhzs9y2hifdn0rmnfwaj-nix-2.3.15";
i686-linux = "/nix/store/9pspwnkdrgzma1l4xlv7arhwa56y16di-nix-2.3.15";
aarch64-linux = "/nix/store/72aqi5g7f4fhgvgafbcqwcpqjgnczj48-nix-2.3.15";
x86_64-darwin = "/nix/store/6p6qwp73dgfkqhynmxrzbx1lcfgfpqal-nix-2.3.15";
aarch64-darwin = "/nix/store/dmq2vksdhssgfl822shd0ky3x5x0klh4-nix-2.3.15";
}

2
nixos/modules/misc/nixpkgs.nix
View file

@ -39,7 +39,7 @@ let
if c x then true
else lib.traceSeqN 1 x false;
in traceXIfNot isConfig;
merge = args: fold (def: mergeConfig def.value) {};
merge = args: foldr (def: mergeConfig def.value) {};
};
overlayType = mkOptionType {

1
nixos/modules/module-list.nix
View file

@ -529,6 +529,7 @@
./services/misc/mediatomb.nix
./services/misc/metabase.nix
./services/misc/mwlib.nix
./services/misc/mx-puppet-discord.nix
./services/misc/n8n.nix
./services/misc/nix-daemon.nix
./services/misc/nix-gc.nix

215
nixos/modules/services/backup/sanoid.nix
View file

@ -52,7 +52,7 @@ let
use_template = mkOption {
description = "Names of the templates to use for this dataset.";
type = types.listOf (types.enum (attrNames cfg.templates));
default = [];
default = [ ];
};
useTemplate = use_template;
@ -70,116 +70,127 @@ let
processChildrenOnly = process_children_only;
};
# Extract pool names from configured datasets
pools = unique (map (d: head (builtins.match "([^/]+).*" d)) (attrNames cfg.datasets));
# Extract unique dataset names
datasets = unique (attrNames cfg.datasets);
configFile = let
mkValueString = v:
if builtins.isList v then concatStringsSep "," v
else generators.mkValueStringDefault {} v;
# Function to build "zfs allow" and "zfs unallow" commands for the
# filesystems we've delegated permissions to.
buildAllowCommand = zfsAction: permissions: dataset: lib.escapeShellArgs [
# Here we explicitly use the booted system to guarantee the stable API needed by ZFS
"-+/run/booted-system/sw/bin/zfs"
zfsAction
"sanoid"
(concatStringsSep "," permissions)
dataset
];
mkKeyValue = k: v: if v == null then ""
else if k == "processChildrenOnly" then ""
else if k == "useTemplate" then ""
else generators.mkKeyValueDefault { inherit mkValueString; } "=" k v;
in generators.toINI { inherit mkKeyValue; } cfg.settings;
configFile =
let
mkValueString = v:
if builtins.isList v then concatStringsSep "," v
else generators.mkValueStringDefault { } v;
in {
mkKeyValue = k: v:
if v == null then ""
else if k == "processChildrenOnly" then ""
else if k == "useTemplate" then ""
else generators.mkKeyValueDefault { inherit mkValueString; } "=" k v;
in
generators.toINI { inherit mkKeyValue; } cfg.settings;
# Interface
in
{
options.services.sanoid = {
enable = mkEnableOption "Sanoid ZFS snapshotting service";
# Interface
interval = mkOption {
type = types.str;
default = "hourly";
example = "daily";
description = ''
Run sanoid at this interval. The default is to run hourly.
options.services.sanoid = {
enable = mkEnableOption "Sanoid ZFS snapshotting service";
The format is described in
<citerefentry><refentrytitle>systemd.time</refentrytitle>
<manvolnum>7</manvolnum></citerefentry>.
'';
};
interval = mkOption {
type = types.str;
default = "hourly";
example = "daily";
description = ''
Run sanoid at this interval. The default is to run hourly.
datasets = mkOption {
type = types.attrsOf (types.submodule ({config, options, ...}: {
freeformType = datasetSettingsType;
options = commonOptions // datasetOptions;
config.use_template = mkAliasDefinitions (mkDefault options.useTemplate or {});
config.process_children_only = mkAliasDefinitions (mkDefault options.processChildrenOnly or {});
}));
default = {};
description = "Datasets to snapshot.";
};
templates = mkOption {
type = types.attrsOf (types.submodule {
freeformType = datasetSettingsType;
options = commonOptions;
});
default = {};
description = "Templates for datasets.";
};
settings = mkOption {
type = types.attrsOf datasetSettingsType;
description = ''
Free-form settings written directly to the config file. See
<link xlink:href="https://github.com/jimsalterjrs/sanoid/blob/master/sanoid.defaults.conf"/>
for allowed values.
'';
};
extraArgs = mkOption {
type = types.listOf types.str;
default = [];
example = [ "--verbose" "--readonly" "--debug" ];
description = ''
Extra arguments to pass to sanoid. See
<link xlink:href="https://github.com/jimsalterjrs/sanoid/#sanoid-command-line-options"/>
for allowed options.
'';
};
The format is described in
<citerefentry><refentrytitle>systemd.time</refentrytitle>
<manvolnum>7</manvolnum></citerefentry>.
'';
};
# Implementation
config = mkIf cfg.enable {
services.sanoid.settings = mkMerge [
(mapAttrs' (d: v: nameValuePair ("template_" + d) v) cfg.templates)
(mapAttrs (d: v: v) cfg.datasets)
];
systemd.services.sanoid = {
description = "Sanoid snapshot service";
serviceConfig = {
ExecStartPre = map (pool: lib.escapeShellArgs [
"+/run/booted-system/sw/bin/zfs" "allow"
"sanoid" "snapshot,mount,destroy" pool
]) pools;
ExecStart = lib.escapeShellArgs ([
"${pkgs.sanoid}/bin/sanoid"
"--cron"
"--configdir" (pkgs.writeTextDir "sanoid.conf" configFile)
] ++ cfg.extraArgs);
ExecStopPost = map (pool: lib.escapeShellArgs [
"+/run/booted-system/sw/bin/zfs" "unallow" "sanoid" pool
]) pools;
User = "sanoid";
Group = "sanoid";
DynamicUser = true;
RuntimeDirectory = "sanoid";
CacheDirectory = "sanoid";
};
# Prevents missing snapshots during DST changes
environment.TZ = "UTC";
after = [ "zfs.target" ];
startAt = cfg.interval;
};
datasets = mkOption {
type = types.attrsOf (types.submodule ({ config, options, ... }: {
freeformType = datasetSettingsType;
options = commonOptions // datasetOptions;
config.use_template = mkAliasDefinitions (mkDefault options.useTemplate or { });
config.process_children_only = mkAliasDefinitions (mkDefault options.processChildrenOnly or { });
}));
default = { };
description = "Datasets to snapshot.";
};
meta.maintainers = with maintainers; [ lopsided98 ];
}
templates = mkOption {
type = types.attrsOf (types.submodule {
freeformType = datasetSettingsType;
options = commonOptions;
});
default = { };
description = "Templates for datasets.";
};
settings = mkOption {
type = types.attrsOf datasetSettingsType;
description = ''
Free-form settings written directly to the config file. See
<link xlink:href="https://github.com/jimsalterjrs/sanoid/blob/master/sanoid.defaults.conf"/>
for allowed values.
'';
};
extraArgs = mkOption {
type = types.listOf types.str;
default = [ ];
example = [ "--verbose" "--readonly" "--debug" ];
description = ''
Extra arguments to pass to sanoid. See
<link xlink:href="https://github.com/jimsalterjrs/sanoid/#sanoid-command-line-options"/>
for allowed options.
'';
};
};
# Implementation
config = mkIf cfg.enable {
services.sanoid.settings = mkMerge [
(mapAttrs' (d: v: nameValuePair ("template_" + d) v) cfg.templates)
(mapAttrs (d: v: v) cfg.datasets)
];
systemd.services.sanoid = {
description = "Sanoid snapshot service";
serviceConfig = {
ExecStartPre = (map (buildAllowCommand "allow" [ "snapshot" "mount" "destroy" ]) datasets);
ExecStopPost = (map (buildAllowCommand "unallow" [ "snapshot" "mount" "destroy" ]) datasets);
ExecStart = lib.escapeShellArgs ([
"${pkgs.sanoid}/bin/sanoid"
"--cron"
"--configdir"
(pkgs.writeTextDir "sanoid.conf" configFile)
] ++ cfg.extraArgs);
User = "sanoid";
Group = "sanoid";
DynamicUser = true;
RuntimeDirectory = "sanoid";
CacheDirectory = "sanoid";
};
# Prevents missing snapshots during DST changes
environment.TZ = "UTC";
after = [ "zfs.target" ];
startAt = cfg.interval;
};
};
meta.maintainers = with maintainers; [ lopsided98 ];
}

416
nixos/modules/services/backup/syncoid.nix
View file

@ -5,226 +5,243 @@ with lib;
let
cfg = config.services.syncoid;
# Extract the pool name of a local dataset (any dataset not containing "@")
localPoolName = d: optionals (d != null) (
let m = builtins.match "([^/@]+)[^@]*" d; in
optionals (m != null) m);
# Extract local dasaset names (so no datasets containing "@")
localDatasetName = d: optionals (d != null) (
let m = builtins.match "([^/@]+[^@]*)" d; in
optionals (m != null) m
);
# Escape as required by: https://www.freedesktop.org/software/systemd/man/systemd.unit.html
escapeUnitName = name:
lib.concatMapStrings (s: if lib.isList s then "-" else s)
(builtins.split "[^a-zA-Z0-9_.\\-]+" name);
in {
(builtins.split "[^a-zA-Z0-9_.\\-]+" name);
# Interface
# Function to build "zfs allow" and "zfs unallow" commands for the
# filesystems we've delegated permissions to.
buildAllowCommand = zfsAction: permissions: dataset: lib.escapeShellArgs [
# Here we explicitly use the booted system to guarantee the stable API needed by ZFS
"-+/run/booted-system/sw/bin/zfs"
zfsAction
cfg.user
(concatStringsSep "," permissions)
dataset
];
in
{
options.services.syncoid = {
enable = mkEnableOption "Syncoid ZFS synchronization service";
# Interface
interval = mkOption {
type = types.str;
default = "hourly";
example = "*-*-* *:15:00";
description = ''
Run syncoid at this interval. The default is to run hourly.
options.services.syncoid = {
enable = mkEnableOption "Syncoid ZFS synchronization service";
The format is described in
<citerefentry><refentrytitle>systemd.time</refentrytitle>
<manvolnum>7</manvolnum></citerefentry>.
'';
};
interval = mkOption {
type = types.str;
default = "hourly";
example = "*-*-* *:15:00";
description = ''
Run syncoid at this interval. The default is to run hourly.
user = mkOption {
type = types.str;
default = "syncoid";
example = "backup";
description = ''
The user for the service. ZFS privilege delegation will be
automatically configured for any local pools used by syncoid if this
option is set to a user other than root. The user will be given the
"hold" and "send" privileges on any pool that has datasets being sent
and the "create", "mount", "receive", and "rollback" privileges on
any pool that has datasets being received.
'';
};
The format is described in
<citerefentry><refentrytitle>systemd.time</refentrytitle>
<manvolnum>7</manvolnum></citerefentry>.
'';
};
group = mkOption {
type = types.str;
default = "syncoid";
example = "backup";
description = "The group for the service.";
};
user = mkOption {
type = types.str;
default = "syncoid";
example = "backup";
description = ''
The user for the service. ZFS privilege delegation will be
automatically configured for any local pools used by syncoid if this
option is set to a user other than root. The user will be given the
"hold" and "send" privileges on any pool that has datasets being sent
and the "create", "mount", "receive", and "rollback" privileges on
any pool that has datasets being received.
'';
};
sshKey = mkOption {
type = types.nullOr types.path;
# Prevent key from being copied to store
apply = mapNullable toString;
default = null;
description = ''
SSH private key file to use to login to the remote system. Can be
overridden in individual commands.
'';
};
group = mkOption {
type = types.str;
default = "syncoid";
example = "backup";
description = "The group for the service.";
};
commonArgs = mkOption {
type = types.listOf types.str;
default = [];
example = [ "--no-sync-snap" ];
description = ''
Arguments to add to every syncoid command, unless disabled for that
command. See
<link xlink:href="https://github.com/jimsalterjrs/sanoid/#syncoid-command-line-options"/>
for available options.
'';
};
sshKey = mkOption {
type = types.nullOr types.path;
# Prevent key from being copied to store
apply = mapNullable toString;
default = null;
description = ''
SSH private key file to use to login to the remote system. Can be
overridden in individual commands.
'';
};
service = mkOption {
type = types.attrs;
default = {};
description = ''
Systemd configuration common to all syncoid services.
'';
};
commonArgs = mkOption {
type = types.listOf types.str;
default = [ ];
example = [ "--no-sync-snap" ];
description = ''
Arguments to add to every syncoid command, unless disabled for that
command. See
<link xlink:href="https://github.com/jimsalterjrs/sanoid/#syncoid-command-line-options"/>
for available options.
'';
};
commands = mkOption {
type = types.attrsOf (types.submodule ({ name, ... }: {
options = {
source = mkOption {
type = types.str;
example = "pool/dataset";
description = ''
Source ZFS dataset. Can be either local or remote. Defaults to
the attribute name.
'';
};
service = mkOption {
type = types.attrs;
default = { };
description = ''
Systemd configuration common to all syncoid services.
'';
};
target = mkOption {
type = types.str;
example = "user@server:pool/dataset";
description = ''
Target ZFS dataset. Can be either local
(<replaceable>pool/dataset</replaceable>) or remote
(<replaceable>user@server:pool/dataset</replaceable>).
'';
};
recursive = mkEnableOption ''the transfer of child datasets'';
sshKey = mkOption {
type = types.nullOr types.path;
# Prevent key from being copied to store
apply = mapNullable toString;
description = ''
SSH private key file to use to login to the remote system.
Defaults to <option>services.syncoid.sshKey</option> option.
'';
};
sendOptions = mkOption {
type = types.separatedString " ";
default = "";
example = "Lc e";
description = ''
Advanced options to pass to zfs send. Options are specified
without their leading dashes and separated by spaces.
'';
};
recvOptions = mkOption {
type = types.separatedString " ";
default = "";
example = "ux recordsize o compression=lz4";
description = ''
Advanced options to pass to zfs recv. Options are specified
without their leading dashes and separated by spaces.
'';
};
useCommonArgs = mkOption {
type = types.bool;
default = true;
description = ''
Whether to add the configured common arguments to this command.
'';
};
service = mkOption {
type = types.attrs;
default = {};
description = ''
Systemd configuration specific to this syncoid service.
'';
};
extraArgs = mkOption {
type = types.listOf types.str;
default = [];
example = [ "--sshport 2222" ];
description = "Extra syncoid arguments for this command.";
};
commands = mkOption {
type = types.attrsOf (types.submodule ({ name, ... }: {
options = {
source = mkOption {
type = types.str;
example = "pool/dataset";
description = ''
Source ZFS dataset. Can be either local or remote. Defaults to
the attribute name.
'';
};
config = {
source = mkDefault name;
sshKey = mkDefault cfg.sshKey;
target = mkOption {
type = types.str;
example = "user@server:pool/dataset";
description = ''
Target ZFS dataset. Can be either local
(<replaceable>pool/dataset</replaceable>) or remote
(<replaceable>user@server:pool/dataset</replaceable>).
'';
};
}));
default = {};
example = literalExample ''
{
"pool/test".target = "root@target:pool/test";
}
'';
description = "Syncoid commands to run.";
recursive = mkEnableOption ''the transfer of child datasets'';
sshKey = mkOption {
type = types.nullOr types.path;
# Prevent key from being copied to store
apply = mapNullable toString;
description = ''
SSH private key file to use to login to the remote system.
Defaults to <option>services.syncoid.sshKey</option> option.
'';
};
sendOptions = mkOption {
type = types.separatedString " ";
default = "";
example = "Lc e";
description = ''
Advanced options to pass to zfs send. Options are specified
without their leading dashes and separated by spaces.
'';
};
recvOptions = mkOption {
type = types.separatedString " ";
default = "";
example = "ux recordsize o compression=lz4";
description = ''
Advanced options to pass to zfs recv. Options are specified
without their leading dashes and separated by spaces.
'';
};
useCommonArgs = mkOption {
type = types.bool;
default = true;
description = ''
Whether to add the configured common arguments to this command.
'';
};
service = mkOption {
type = types.attrs;
default = { };
description = ''
Systemd configuration specific to this syncoid service.
'';
};
extraArgs = mkOption {
type = types.listOf types.str;
default = [ ];
example = [ "--sshport 2222" ];
description = "Extra syncoid arguments for this command.";
};
};
config = {
source = mkDefault name;
sshKey = mkDefault cfg.sshKey;
};
}));
default = { };
example = literalExample ''
{
"pool/test".target = "root@target:pool/test";
}
'';
description = "Syncoid commands to run.";
};
};
# Implementation
config = mkIf cfg.enable {
users = {
users = mkIf (cfg.user == "syncoid") {
syncoid = {
group = cfg.group;
isSystemUser = true;
# For syncoid to be able to create /var/lib/syncoid/.ssh/
# and to use custom ssh_config or known_hosts.
home = "/var/lib/syncoid";
createHome = false;
};
};
groups = mkIf (cfg.group == "syncoid") {
syncoid = { };
};
};
# Implementation
config = mkIf cfg.enable {
users = {
users = mkIf (cfg.user == "syncoid") {
syncoid = {
group = cfg.group;
isSystemUser = true;
# For syncoid to be able to create /var/lib/syncoid/.ssh/
# and to use custom ssh_config or known_hosts.
home = "/var/lib/syncoid";
createHome = false;
};
};
groups = mkIf (cfg.group == "syncoid") {
syncoid = {};
};
};
systemd.services = mapAttrs' (name: c:
systemd.services = mapAttrs'
(name: c:
nameValuePair "syncoid-${escapeUnitName name}" (mkMerge [
{ description = "Syncoid ZFS synchronization from ${c.source} to ${c.target}";
{
description = "Syncoid ZFS synchronization from ${c.source} to ${c.target}";
after = [ "zfs.target" ];
startAt = cfg.interval;
# syncoid may need zpool to get feature@extensible_dataset
path = [ "/run/booted-system/sw/bin/" ];
serviceConfig = {
ExecStartPre =
map (pool: lib.escapeShellArgs [
"+/run/booted-system/sw/bin/zfs" "allow"
cfg.user "bookmark,hold,send,snapshot,destroy" pool
# Permissions snapshot and destroy are in case --no-sync-snap is not used
]) (localPoolName c.source) ++
map (pool: lib.escapeShellArgs [
"+/run/booted-system/sw/bin/zfs" "allow"
cfg.user "create,mount,receive,rollback" pool
]) (localPoolName c.target);
# Permissions snapshot and destroy are in case --no-sync-snap is not used
(map (buildAllowCommand "allow" [ "bookmark" "hold" "send" "snapshot" "destroy" ]) (localDatasetName c.source)) ++
(map (buildAllowCommand "allow" [ "create" "mount" "receive" "rollback" ]) (localDatasetName c.target));
ExecStopPost =
# Permissions snapshot and destroy are in case --no-sync-snap is not used
(map (buildAllowCommand "unallow" [ "bookmark" "hold" "send" "snapshot" "destroy" ]) (localDatasetName c.source)) ++
(map (buildAllowCommand "unallow" [ "create" "mount" "receive" "rollback" ]) (localDatasetName c.target));
ExecStart = lib.escapeShellArgs ([ "${pkgs.sanoid}/bin/syncoid" ]
++ optionals c.useCommonArgs cfg.commonArgs
++ optional c.recursive "-r"
++ optionals (c.sshKey != null) [ "--sshkey" c.sshKey ]
++ c.extraArgs
++ [ "--sendoptions" c.sendOptions
"--recvoptions" c.recvOptions
"--no-privilege-elevation"
c.source c.target
]);
++ [
"--sendoptions"
c.sendOptions
"--recvoptions"
c.recvOptions
"--no-privilege-elevation"
c.source
c.target
]);
User = cfg.user;
Group = cfg.group;
StateDirectory = [ "syncoid" ];
@ -240,7 +257,7 @@ in {
# systemd-analyze security | grep syncoid-'*'
AmbientCapabilities = "";
CapabilityBoundingSet = "";
DeviceAllow = ["/dev/zfs"];
DeviceAllow = [ "/dev/zfs" ];
LockPersonality = true;
MemoryDenyWriteExecute = true;
NoNewPrivileges = true;
@ -266,7 +283,7 @@ in {
BindPaths = [ "/dev/zfs" ];
BindReadOnlyPaths = [ builtins.storeDir "/etc" "/run" "/bin/sh" ];
# Avoid useless mounting of RootDirectory= in the own RootDirectory= of ExecStart='s mount namespace.
InaccessiblePaths = ["-+/run/syncoid/${escapeUnitName name}"];
InaccessiblePaths = [ "-+/run/syncoid/${escapeUnitName name}" ];
MountAPIVFS = true;
# Create RootDirectory= in the host's mount namespace.
RuntimeDirectory = [ "syncoid/${escapeUnitName name}" ];
@ -277,8 +294,14 @@ in {
# perf stat -x, 2>perf.log -e 'syscalls:sys_enter_*' syncoid …
# awk >perf.syscalls -F "," '$1 > 0 {sub("syscalls:sys_enter_","",$3); print $3}' perf.log
# systemd-analyze syscall-filter | grep -v -e '#' | sed -e ':loop; /^[^ ]/N; s/\n //; t loop' | grep $(printf ' -e \\<%s\\>' $(cat perf.syscalls)) | cut -f 1 -d ' '
"~@aio" "~@chown" "~@keyring" "~@memlock" "~@privileged"
"~@resources" "~@setuid" "~@sync" "~@timer"
"~@aio"
"~@chown"
"~@keyring"
"~@memlock"
"~@privileged"
"~@resources"
"~@setuid"
"~@timer"
];
SystemCallArchitectures = "native";
# This is for BindPaths= and BindReadOnlyPaths=
@ -288,8 +311,9 @@ in {
}
cfg.service
c.service
])) cfg.commands;
};
]))
cfg.commands;
};
meta.maintainers = with maintainers; [ julm lopsided98 ];
}
meta.maintainers = with maintainers; [ julm lopsided98 ];
}

2
nixos/modules/services/backup/znapzend.nix
View file

@ -279,7 +279,7 @@ let
src_plan = plan;
tsformat = timestampFormat;
zend_delay = toString sendDelay;
} // fold (a: b: a // b) {} (
} // foldr (a: b: a // b) {} (
map mkDestAttrs (builtins.attrValues destinations)
);

2
nixos/modules/services/cluster/kubernetes/pki.nix
View file

@ -189,7 +189,7 @@ in
# manually paste it in place. Just symlink.
# otherwise, create the target file, ready for users to insert the token
mkdir -p $(dirname ${certmgrAPITokenPath})
mkdir -p "$(dirname "${certmgrAPITokenPath}")"
if [ -f "${cfsslAPITokenPath}" ]; then
ln -fs "${cfsslAPITokenPath}" "${certmgrAPITokenPath}"
else

4
nixos/modules/services/mail/postfix.nix
View file

@ -194,7 +194,7 @@ let
# We need to handle the last column specially here, because it's
# open-ended (command + args).
lines = [ labels labelDefaults ] ++ (map (l: init l ++ [""]) masterCf);
in fold foldLine (genList (const 0) (length labels)) lines;
in foldr foldLine (genList (const 0) (length labels)) lines;
# Pad a string with spaces from the right (opposite of fixedWidthString).
pad = width: str: let
@ -203,7 +203,7 @@ let
in str + optionalString (padWidth > 0) padding;
# It's + 2 here, because that's the amount of spacing between columns.
fullWidth = fold (width: acc: acc + width + 2) 0 maxWidths;
fullWidth = foldr (width: acc: acc + width + 2) 0 maxWidths;
formatLine = line: concatStringsSep " " (zipListsWith pad maxWidths line);

120
nixos/modules/services/misc/mx-puppet-discord.nix Normal file
View file

@ -0,0 +1,120 @@
{ config, pkgs, lib, ... }:
with lib;
let
dataDir = "/var/lib/mx-puppet-discord";
registrationFile = "${dataDir}/discord-registration.yaml";
cfg = config.services.mx-puppet-discord;
settingsFormat = pkgs.formats.json {};
settingsFile = settingsFormat.generate "mx-puppet-discord-config.json" cfg.settings;
in {
options = {
services.mx-puppet-discord = {
enable = mkEnableOption ''
mx-puppet-discord is a discord puppeting bridge for matrix.
It handles bridging private and group DMs, as well as Guilds (servers)
'';
settings = mkOption rec {
apply = recursiveUpdate default;
inherit (settingsFormat) type;
default = {
bridge.port = 8434;
presence = {
enabled = true;
interval = 500;
};
provisioning.whitelist = [ ];
relay.whitelist = [ ];
# variables are preceded by a colon.
namePatterns = {
user = ":name";
userOverride = ":displayname";
room = ":name";
group = ":name";
};
#defaults to sqlite but can be configured to use postgresql with
#connstring
database.filename = "${dataDir}/mx-puppet-discord/database.db";
logging = {
console = "info";
lineDateFormat = "MMM-D HH:mm:ss.SSS";
};
};
example = literalExample ''
{
bridge = {
bindAddress = "localhost";
domain = "example.com";
homeserverUrl = "https://example.com";
};
provisioning.whitelist = [ "@admin:example.com" ];
relay.whitelist = [ "@.*:example.com" ];
}
'';
description = ''
<filename>config.yaml</filename> configuration as a Nix attribute set.
Configuration options should match those described in
<link xlink:href="https://github.com/matrix-discord/mx-puppet-discord/blob/master/sample.config.yaml">
sample.config.yaml</link>.
'';
};
serviceDependencies = mkOption {
type = with types; listOf str;
default = optional config.services.matrix-synapse.enable "matrix-synapse.service";
description = ''
List of Systemd services to require and wait for when starting the application service.
'';
};
};
};
config = mkIf cfg.enable {
systemd.services.mx-puppet-discord = {
description = ''
mx-puppet-discord is a discord puppeting bridge for matrix.
It handles bridging private and group DMs, as well as Guilds (servers).
'';
wantedBy = [ "multi-user.target" ];
wants = [ "network-online.target" ] ++ cfg.serviceDependencies;
after = [ "network-online.target" ] ++ cfg.serviceDependencies;
preStart = ''
# generate the appservice's registration file if absent
if [ ! -f '${registrationFile}' ]; then
${pkgs.mx-puppet-discord}/bin/mx-puppet-discord -r -c ${settingsFile} \
-f ${registrationFile}
fi
'';
serviceConfig = {
Type = "simple";
Restart = "always";
ProtectSystem = "strict";
ProtectHome = true;
ProtectKernelTunables = true;
ProtectKernelModules = true;
ProtectControlGroups = true;
DynamicUser = true;
PrivateTmp = true;
WorkingDirectory = pkgs.mx-puppet-discord;
StateDirectory = baseNameOf dataDir;
UMask = 0027;
ExecStart = ''
${pkgs.mx-puppet-discord}/bin/mx-puppet-discord -c ${settingsFile}
'';
};
};
};
meta.maintainers = with maintainers; [ govanify ];
}

1
nixos/modules/services/monitoring/prometheus/exporters.nix
View file

@ -33,6 +33,7 @@ let
"domain"
"dovecot"
"fritzbox"
"influxdb"
"json"
"jitsi"
"kea"

34
nixos/modules/services/monitoring/prometheus/exporters/influxdb.nix Normal file
View file

@ -0,0 +1,34 @@
{ config, lib, pkgs, options }:
with lib;
let
cfg = config.services.prometheus.exporters.influxdb;
in
{
port = 9122;
extraOpts = {
sampleExpiry = mkOption {
type = types.str;
default = "5m";
example = "10m";
description = "How long a sample is valid for";
};
udpBindAddress = mkOption {
type = types.str;
default = ":9122";
example = "192.0.2.1:9122";
description = "Address on which to listen for udp packets";
};
};
serviceOpts = {
serviceConfig = {
RuntimeDirectory = "prometheus-influxdb-exporter";
ExecStart = ''
${pkgs.prometheus-influxdb-exporter}/bin/influxdb_exporter \
--web.listen-address ${cfg.listenAddress}:${toString cfg.port} \
--influxdb.sample-expiry ${cfg.sampleExpiry} ${concatStringsSep " " cfg.extraFlags}
'';
};
};
}

2
nixos/modules/services/networking/autossh.nix
View file

@ -79,7 +79,7 @@ in
systemd.services =
lib.fold ( s : acc : acc //
lib.foldr ( s : acc : acc //
{
"autossh-${s.name}" =
let

3
nixos/modules/services/networking/networkmanager.nix
View file

@ -6,7 +6,6 @@ let
cfg = config.networking.networkmanager;
basePackages = with pkgs; [
crda
modemmanager
networkmanager
networkmanager-fortisslvpn
@ -404,6 +403,8 @@ in {
}
];
hardware.wirelessRegulatoryDatabase = true;
environment.etc = with pkgs; {
"NetworkManager/NetworkManager.conf".source = configFile;

2
nixos/modules/services/networking/nylon.nix
View file

@ -160,7 +160,7 @@ in
users.groups.nylon.gid = config.ids.gids.nylon;
systemd.services = fold (a: b: a // b) {} nylonUnits;
systemd.services = foldr (a: b: a // b) {} nylonUnits;
};
}

2
nixos/modules/services/networking/quicktun.nix
View file

@ -87,7 +87,7 @@ with lib;
};
config = mkIf (cfg != []) {
systemd.services = fold (a: b: a // b) {} (
systemd.services = foldr (a: b: a // b) {} (
mapAttrsToList (name: qtcfg: {
"quicktun-${name}" = {
wantedBy = [ "multi-user.target" ];

92
nixos/modules/services/networking/syncthing.nix
View file

@ -25,41 +25,43 @@ let
folder.enable
) cfg.declarative.folders);
# get the api key by parsing the config.xml
getApiKey = pkgs.writers.writeDash "getAPIKey" ''
${pkgs.libxml2}/bin/xmllint \
--xpath 'string(configuration/gui/apikey)'\
${cfg.configDir}/config.xml
'';
updateConfig = pkgs.writers.writeDash "merge-syncthing-config" ''
set -efu
# wait for syncthing port to open
until ${pkgs.curl}/bin/curl -Ss ${cfg.guiAddress} -o /dev/null; do
sleep 1
done
API_KEY=$(${getApiKey})
OLD_CFG=$(${pkgs.curl}/bin/curl -Ss \
-H "X-API-Key: $API_KEY" \
${cfg.guiAddress}/rest/system/config)
# get the api key by parsing the config.xml
while
! api_key=$(${pkgs.libxml2}/bin/xmllint \
--xpath 'string(configuration/gui/apikey)' \
${cfg.configDir}/config.xml)
do sleep 1; done
# generate the new config by merging with the nixos config options
NEW_CFG=$(echo "$OLD_CFG" | ${pkgs.jq}/bin/jq -s '.[] as $in | $in * {
"devices": (${builtins.toJSON devices}${optionalString (! cfg.declarative.overrideDevices) " + $in.devices"}),
"folders": (${builtins.toJSON folders}${optionalString (! cfg.declarative.overrideFolders) " + $in.folders"})
}')
curl() {
while
${pkgs.curl}/bin/curl -Ss -H "X-API-Key: $api_key" \
--retry 100 --retry-delay 1 --retry-connrefused "$@"
status=$?
[ "$status" -eq 52 ] # retry on empty reply from server
do sleep 1; done
return "$status"
}
# POST the new config to syncthing
echo "$NEW_CFG" | ${pkgs.curl}/bin/curl -Ss \
-H "X-API-Key: $API_KEY" \
${cfg.guiAddress}/rest/system/config -d @-
# query the old config
old_cfg=$(curl ${cfg.guiAddress}/rest/config)
# restart syncthing after sending the new config
${pkgs.curl}/bin/curl -Ss \
-H "X-API-Key: $API_KEY" \
-X POST \
${cfg.guiAddress}/rest/system/restart
# generate the new config by merging with the NixOS config options
new_cfg=$(echo "$old_cfg" | ${pkgs.jq}/bin/jq -c '. * {
"devices": (${builtins.toJSON devices}${optionalString (! cfg.declarative.overrideDevices) " + .devices"}),
"folders": (${builtins.toJSON folders}${optionalString (! cfg.declarative.overrideFolders) " + .folders"})
} * ${builtins.toJSON cfg.declarative.extraOptions}')
# send the new config
curl -X PUT -d "$new_cfg" ${cfg.guiAddress}/rest/config
# restart Syncthing if required
if curl ${cfg.guiAddress}/rest/config/restart-required |
${pkgs.jq}/bin/jq -e .requiresRestart > /dev/null; then
curl -X POST ${cfg.guiAddress}/rest/system/restart
fi
'';
in {
###### interface
@ -77,7 +79,7 @@ in {
type = types.nullOr types.str;
default = null;
description = ''
Path to users cert.pem file, will be copied into the syncthing's
Path to users cert.pem file, will be copied into Syncthing's
<literal>configDir</literal>
'';
};
@ -86,7 +88,7 @@ in {
type = types.nullOr types.str;
default = null;
description = ''
Path to users key.pem file, will be copied into the syncthing's
Path to users key.pem file, will be copied into Syncthing's
<literal>configDir</literal>
'';
};
@ -105,7 +107,7 @@ in {
devices = mkOption {
default = {};
description = ''
Peers/devices which syncthing should communicate with.
Peers/devices which Syncthing should communicate with.
'';
example = {
bigbox = {
@ -168,7 +170,7 @@ in {
folders = mkOption {
default = {};
description = ''
folders which should be shared by syncthing.
Folders which should be shared by Syncthing.
'';
example = literalExample ''
{
@ -227,7 +229,7 @@ in {
versioning = mkOption {
default = null;
description = ''
How to keep changed/deleted files with syncthing.
How to keep changed/deleted files with Syncthing.
There are 4 different types of versioning with different parameters.
See https://docs.syncthing.net/users/versioning.html
'';
@ -335,10 +337,21 @@ in {
upstream's docs</link>.
'';
};
};
}));
};
extraOptions = mkOption {
type = types.addCheck (pkgs.formats.json {}).type isAttrs;
default = {};
description = ''
Extra configuration options for Syncthing.
'';
example = {
options.localAnnounceEnabled = false;
gui.theme = "black";
};
};
};
guiAddress = mkOption {
@ -378,7 +391,7 @@ in {
default = null;
example = "socks5://address.com:1234";
description = ''
Overwrites all_proxy environment variable for the syncthing process to
Overwrites all_proxy environment variable for the Syncthing process to
the given value. This is normaly used to let relay client connect
through SOCKS5 proxy server.
'';
@ -412,7 +425,7 @@ in {
Open the default ports in the firewall:
- TCP 22000 for transfers
- UDP 21027 for discovery
If multiple users are running syncthing on this machine, you will need to manually open a set of ports for each instance and leave this disabled.
If multiple users are running Syncthing on this machine, you will need to manually open a set of ports for each instance and leave this disabled.
Alternatively, if are running only a single instance on this machine using the default ports, enable this.
'';
};
@ -431,7 +444,7 @@ in {
imports = [
(mkRemovedOptionModule ["services" "syncthing" "useInotify"] ''
This option was removed because syncthing now has the inotify functionality included under the name "fswatcher".
This option was removed because Syncthing now has the inotify functionality included under the name "fswatcher".
It can be enabled on a per-folder basis through the webinterface.
'')
];
@ -516,8 +529,9 @@ in {
};
};
syncthing-init = mkIf (
cfg.declarative.devices != {} || cfg.declarative.folders != {}
cfg.declarative.devices != {} || cfg.declarative.folders != {} || cfg.declarative.extraOptions != {}
) {
description = "Syncthing configuration updater";
after = [ "syncthing.service" ];
wantedBy = [ "multi-user.target" ];

2
nixos/modules/services/networking/tinc.nix
View file

@ -351,7 +351,7 @@ in
config = mkIf (cfg.networks != { }) {
environment.etc = fold (a: b: a // b) { }
environment.etc = foldr (a: b: a // b) { }
(flip mapAttrsToList cfg.networks (network: data:
flip mapAttrs' data.hosts (host: text: nameValuePair
("tinc/${network}/hosts/${host}")

2
nixos/modules/services/networking/wakeonlan.nix
View file

@ -19,7 +19,7 @@ let
${ethtool} -s ${interface} ${methodParameter {inherit method password;}}
'';
concatStrings = fold (x: y: x + y) "";
concatStrings = foldr (x: y: x + y) "";
lines = concatStrings (map (l: line l) interfaces);
in

3
nixos/modules/services/networking/wpa_supplicant.nix
View file

@ -241,7 +241,8 @@ in {
environment.systemPackages = [ package ];
services.dbus.packages = [ package ];
services.udev.packages = [ pkgs.crda ];
hardware.wirelessRegulatoryDatabase = true;
# FIXME: start a separate wpa_supplicant instance per interface.
systemd.services.wpa_supplicant = let

2
nixos/modules/system/activation/top-level.nix
View file

@ -125,7 +125,7 @@ let
else showWarnings config.warnings baseSystem;
# Replace runtime dependencies
system = fold ({ oldDependency, newDependency }: drv:
system = foldr ({ oldDependency, newDependency }: drv:
pkgs.replaceDependency { inherit oldDependency newDependency drv; }
) baseSystemAssertWarn config.system.replaceRuntimeDependencies;

2
nixos/modules/system/boot/loader/grub/grub.nix
View file

@ -75,7 +75,7 @@ let
else "${convertedFont}");
});
bootDeviceCounters = fold (device: attr: attr // { ${device} = (attr.${device} or 0) + 1; }) {}
bootDeviceCounters = foldr (device: attr: attr // { ${device} = (attr.${device} or 0) + 1; }) {}
(concatMap (args: args.devices) cfg.mirroredBoots);
convertedFont = (pkgs.runCommand "grub-font-converted.pf2" {}

2
nixos/modules/tasks/encrypted-devices.nix
View file

@ -8,7 +8,7 @@ let
keyedEncDevs = filter (dev: dev.encrypted.keyFile != null) encDevs;
keylessEncDevs = filter (dev: dev.encrypted.keyFile == null) encDevs;
anyEncrypted =
fold (j: v: v || j.encrypted.enable) false encDevs;
foldr (j: v: v || j.encrypted.enable) false encDevs;
encryptedFSOptions = {

6
nixos/modules/tasks/filesystems.nix
View file

@ -333,15 +333,15 @@ in
set -eu
# if the pstore module is builtin it will have mounted the persistent store automatically. it may also be already mounted for other reasons.
${pkgs.util-linux}/bin/mountpoint -q /sys/fs/pstore || ${pkgs.util-linux}/bin/mount -t pstore -o nosuid,noexec,nodev pstore /sys/fs/pstore
# wait up to five seconds (arbitrary, happened within one in testing) for the backend to be registered and the files to appear. a systemd path unit cannot detect this happening; and succeeding after a restart would not start dependent units.
TRIES=50
# wait up to 1.5 seconds for the backend to be registered and the files to appear. a systemd path unit cannot detect this happening; and succeeding after a restart would not start dependent units.
TRIES=15
while [ "$(cat /sys/module/pstore/parameters/backend)" = "(null)" ]; do
if (( $TRIES )); then
sleep 0.1
TRIES=$((TRIES-1))
else
echo "Persistent Storage backend was not registered in time." >&2
exit 1
break
fi
done
'';

20
nixos/tests/prometheus-exporters.nix
View file

@ -273,6 +273,26 @@ let
'';
};
influxdb = {
exporterConfig = {
enable = true;
sampleExpiry = "3s";
};
exporterTest = ''
wait_for_unit("prometheus-influxdb-exporter.service")
succeed(
"curl -XPOST http://localhost:9122/write --data-binary 'influxdb_exporter,distro=nixos,added_in=21.09 value=1'"
)
succeed(
"curl -sSf http://localhost:9122/metrics | grep 'nixos'"
)
execute("sleep 5")
fail(
"curl -sSf http://localhost:9122/metrics | grep 'nixos'"
)
'';
};
jitsi = {
exporterConfig = {
enable = true;

12
nixos/tests/sanoid.nix
View file

@ -85,10 +85,18 @@ in {
"chown -R syncoid:syncoid /var/lib/syncoid/",
)
assert len(source.succeed("zfs allow pool")) == 0, "Pool shouldn't have delegated permissions set before snapshotting"
assert len(source.succeed("zfs allow pool/sanoid")) == 0, "Sanoid dataset shouldn't have delegated permissions set before snapshotting"
assert len(source.succeed("zfs allow pool/syncoid")) == 0, "Syncoid dataset shouldn't have delegated permissions set before snapshotting"
# Take snapshot with sanoid
source.succeed("touch /mnt/pool/sanoid/test.txt")
source.systemctl("start --wait sanoid.service")
assert len(source.succeed("zfs allow pool")) == 0, "Pool shouldn't have delegated permissions set after snapshotting"
assert len(source.succeed("zfs allow pool/sanoid")) == 0, "Sanoid dataset shouldn't have delegated permissions set after snapshotting"
assert len(source.succeed("zfs allow pool/syncoid")) == 0, "Syncoid dataset shouldn't have delegated permissions set after snapshotting"
# Sync snapshots
target.wait_for_open_port(22)
source.succeed("touch /mnt/pool/syncoid/test.txt")
@ -96,5 +104,9 @@ in {
target.succeed("cat /mnt/pool/sanoid/test.txt")
source.systemctl("start --wait syncoid-pool-syncoid.service")
target.succeed("cat /mnt/pool/syncoid/test.txt")
assert len(source.succeed("zfs allow pool")) == 0, "Pool shouldn't have delegated permissions set after syncing snapshots"
assert len(source.succeed("zfs allow pool/sanoid")) == 0, "Sanoid dataset shouldn't have delegated permissions set after syncing snapshots"
assert len(source.succeed("zfs allow pool/syncoid")) == 0, "Syncoid dataset shouldn't have delegated permissions set after syncing snapshots"
'';
})

2
nixos/tests/syncthing-init.nix
View file

@ -17,6 +17,7 @@ in {
path = "/tmp/test";
devices = [ "testDevice" ];
};
extraOptions.gui.user = "guiUser";
};
};
};
@ -27,5 +28,6 @@ in {
assert "testFolder" in config
assert "${testId}" in config
assert "guiUser" in config
'';
})

4
nixos/tests/syncthing.nix
View file

@ -25,7 +25,7 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: {
"xmllint --xpath 'string(configuration/gui/apikey)' %s/config.xml" % confdir
).strip()
oldConf = host.succeed(
"curl -Ssf -H 'X-API-Key: %s' 127.0.0.1:8384/rest/system/config" % APIKey
"curl -Ssf -H 'X-API-Key: %s' 127.0.0.1:8384/rest/config" % APIKey
)
conf = json.loads(oldConf)
conf["devices"].append({"deviceID": deviceID, "id": name})
@ -39,7 +39,7 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: {
)
newConf = json.dumps(conf)
host.succeed(
"curl -Ssf -H 'X-API-Key: %s' 127.0.0.1:8384/rest/system/config -d %s"
"curl -Ssf -H 'X-API-Key: %s' 127.0.0.1:8384/rest/config -X PUT -d %s"
% (APIKey, shlex.quote(newConf))
)

13
pkgs/applications/audio/axoloti/libusb1.nix
View file

@ -1,19 +1,19 @@
{ stdenv, lib, fetchurl, pkg-config, systemd ? null, libobjc, IOKit, fetchpatch }:
{ stdenv, lib, fetchurl, pkg-config, systemd, libobjc, IOKit, fetchpatch }:
stdenv.mkDerivation rec {
name = "libusb-1.0.19";
pname = "libusb";
version = "1.0.19";
src = fetchurl {
url = "mirror://sourceforge/libusb/${name}.tar.bz2";
url = "mirror://sourceforge/libusb/libusb-${version}.tar.bz2";
sha256 = "0h38p9rxfpg9vkrbyb120i1diq57qcln82h5fr7hvy82c20jql3c";
};
outputs = [ "out" "dev" ]; # get rid of propagating systemd closure
buildInputs = [ pkg-config ];
propagatedBuildInputs =
lib.optional stdenv.isLinux systemd ++
lib.optionals stdenv.isDarwin [ libobjc IOKit ];
propagatedBuildInputs = lib.optional stdenv.isLinux systemd
++ lib.optionals stdenv.isDarwin [ libobjc IOKit ];
patches = [
(fetchpatch {
@ -32,6 +32,7 @@ stdenv.mkDerivation rec {
meta = with lib; {
homepage = "http://www.libusb.info";
description = "User-space USB library";
maintainers = with maintainers; [ ];
platforms = platforms.unix;
license = licenses.lgpl21;
};

7
pkgs/applications/audio/gpodder/default.nix
View file

@ -29,8 +29,14 @@ python3Packages.buildPythonApplication rec {
glibcLocales
];
# as of 2021-07, the gobject-introspection setup hook does not
# work with `strictDeps` enabled, thus for proper `wrapGAppsHook`
# it needs to be disabled explicitly. https://github.com/NixOS/nixpkgs/issues/56943
strictDeps = false;
buildInputs = [
python3
gtk3
gobject-introspection
gnome.adwaita-icon-theme
];
@ -49,7 +55,6 @@ python3Packages.buildPythonApplication rec {
eyeD3
podcastparser
html5lib
gtk3
];
makeFlags = [

6
pkgs/applications/audio/ncspot/default.nix
View file

@ -14,16 +14,16 @@ let
in
rustPlatform.buildRustPackage rec {
pname = "ncspot";
version = "0.7.3";
version = "0.8.1";
src = fetchFromGitHub {
owner = "hrkfdn";
repo = "ncspot";
rev = "v${version}";
sha256 = "0lfly3d8pag78pabmna4i6xjwzi65dx1mwfmsk7nx64brq3iypbq";
sha256 = "0sgnd6n8j8lygmb9qvv6i2ir28fdsrpmzlviz7d0gbx684qj0zkc";
};
cargoSha256 = "0a6d41ll90fza6k3lixjqzwxim98q6zbkqa3zvxvs7q5ydzg8nsp";
cargoSha256 = "0piipqf5y5bczbwkaplv6niqh3rp2di1gn7wwpd0gaa2cw7ylbb1";
cargoBuildFlags = [ "--no-default-features" "--features" "${lib.concatStringsSep "," features}" ];

36
pkgs/applications/audio/rosegarden/default.nix
View file

@ -1,22 +1,40 @@
{ lib, stdenv, fetchurl, cmake, makedepend, perl, pkg-config, qttools, wrapQtAppsHook
, dssi, fftwSinglePrec, ladspaH, ladspaPlugins, libjack2, alsa-lib
, liblo, libsamplerate, libsndfile, lirc ? null, lrdf, qtbase }:
{ lib
, stdenv
, fetchurl
, cmake
, makedepend
, perl
, pkg-config
, qttools
, wrapQtAppsHook
, dssi
, fftwSinglePrec
, ladspaH
, ladspaPlugins
, libjack2
, alsa-lib
, liblo
, libsamplerate
, libsndfile
, lirc
, lrdf
, qtbase
}:
stdenv.mkDerivation (rec {
version = "20.12";
stdenv.mkDerivation rec {
pname = "rosegarden";
version = "20.12";
src = fetchurl {
url = "mirror://sourceforge/rosegarden/${pname}-${version}.tar.bz2";
sha256 = "sha256-iGaEr8WFipV4I00fhFGI2xMBFPf784IIxNXs2hUTHFs=";
};
patchPhase = ''
postPhase = ''
substituteInPlace src/CMakeLists.txt --replace svnheader svnversion
'';
nativeBuildInputs =
[ cmake makedepend perl pkg-config qttools wrapQtAppsHook ];
nativeBuildInputs = [ cmake makedepend perl pkg-config qttools wrapQtAppsHook ];
buildInputs = [
dssi
@ -49,4 +67,4 @@ stdenv.mkDerivation (rec {
license = licenses.lgpl2Plus;
platforms = platforms.linux;
};
})
}

52
pkgs/applications/blockchains/bitcoin-abc.nix → pkgs/applications/blockchains/bitcoin-abc/default.nix
View file

@ -1,12 +1,28 @@
{ lib, stdenv, mkDerivation, fetchFromGitHub, pkg-config, cmake, openssl, db53, boost
, zlib, miniupnpc, qtbase ? null , qttools ? null, util-linux, protobuf, qrencode, libevent
, withGui, python3, jemalloc, zeromq4 }:
with lib;
{ lib
, stdenv
, mkDerivation
, fetchFromGitHub
, pkg-config
, cmake
, openssl
, db53
, boost
, zlib
, miniupnpc
, qtbase ? null
, qttools ? null
, util-linux
, protobuf
, qrencode
, libevent
, withGui
, python3
, jemalloc
, zeromq4
}:
mkDerivation rec {
name = "bitcoin" + (toString (optional (!withGui) "d")) + "-abc-" + version;
pname = "bitcoin" + lib.optionalString (!withGui) "d" + "-abc";
version = "0.21.13";
src = fetchFromGitHub {
@ -19,11 +35,21 @@ mkDerivation rec {
patches = [ ./fix-bitcoin-qt-build.patch ];
nativeBuildInputs = [ pkg-config cmake ];
buildInputs = [ openssl db53 boost zlib python3 jemalloc zeromq4
miniupnpc util-linux protobuf libevent ]
++ optionals withGui [ qtbase qttools qrencode ];
buildInputs = [
openssl
db53
boost
zlib
python3
jemalloc
zeromq4
miniupnpc
util-linux
protobuf
libevent
] ++ lib.optionals withGui [ qtbase qttools qrencode ];
cmakeFlags = optionals (!withGui) [
cmakeFlags = lib.optionals (!withGui) [
"-DBUILD_BITCOIN_QT=OFF"
];
@ -32,9 +58,9 @@ mkDerivation rec {
find ./. -type f -iname "*.sh" -exec chmod +x {} \;
'';
meta = {
meta = with lib; {
description = "Peer-to-peer electronic cash system (Cash client)";
longDescription= ''
longDescription = ''
Bitcoin ABC is the name of open source software which enables the use of Bitcoin.
It is designed to facilite a hard fork to increase Bitcoin's block size limit.
"ABC" stands for "Adjustable Blocksize Cap".

0
pkgs/applications/blockchains/fix-bitcoin-qt-build.patch → pkgs/applications/blockchains/bitcoin-abc/fix-bitcoin-qt-build.patch
View file

50
pkgs/applications/blockchains/bitcoin-classic.nix → pkgs/applications/blockchains/bitcoin-classic/default.nix
View file

@ -1,12 +1,24 @@
{ lib, stdenv, fetchFromGitHub, pkg-config, autoreconfHook, openssl, db48, boost
, zlib, miniupnpc, qtbase ? null, qttools ? null, util-linux, protobuf, qrencode, libevent
, withGui }:
with lib;
{ lib
, stdenv
, fetchFromGitHub
, pkg-config
, autoreconfHook
, openssl
, db48
, boost
, zlib
, miniupnpc
, qtbase ? null
, qttools ? null
, util-linux
, protobuf
, qrencode
, libevent
, withGui
}:
stdenv.mkDerivation rec {
name = "bitcoin" + (toString (optional (!withGui) "d")) + "-classic-" + version;
pname = "bitcoin" + lib.optionalString (!withGui) "d" + "-classic";
version = "1.3.8uahf";
src = fetchFromGitHub {
@ -17,22 +29,30 @@ stdenv.mkDerivation rec {
};
nativeBuildInputs = [ pkg-config autoreconfHook ];
buildInputs = [ openssl db48 boost zlib
miniupnpc util-linux protobuf libevent ]
++ optionals withGui [ qtbase qttools qrencode ];
buildInputs = [
openssl
db48
boost
zlib
miniupnpc
util-linux
protobuf
libevent
] ++ lib.optionals withGui [ qtbase qttools qrencode ];
configureFlags = [ "--with-boost-libdir=${boost.out}/lib" ]
++ optionals withGui [ "--with-gui=qt5"
"--with-qt-bindir=${qtbase.dev}/bin:${qttools.dev}/bin"
];
++ lib.optionals withGui [
"--with-gui=qt5"
"--with-qt-bindir=${qtbase.dev}/bin:${qttools.dev}/bin"
];
enableParallelBuilding = true;
dontWrapQtApps = true;
meta = {
meta = with lib; {
description = "Peer-to-peer electronic cash system (Classic client)";
longDescription= ''
longDescription = ''
Bitcoin is a free open source peer-to-peer electronic cash system that is
completely decentralized, without the need for a central server or trusted
parties. Users hold the crypto keys to their own money and transact directly

0
pkgs/applications/blockchains/bitcoin-gold.nix → pkgs/applications/blockchains/bitcoin-gold/default.nix
View file

0
pkgs/applications/blockchains/bitcoin-knots.nix → pkgs/applications/blockchains/bitcoin-knots/default.nix
View file

0
pkgs/applications/blockchains/bitcoin-unlimited.nix → pkgs/applications/blockchains/bitcoin-unlimited/default.nix
View file

0
pkgs/applications/blockchains/bitcoin.nix → pkgs/applications/blockchains/bitcoin/default.nix
View file

4
pkgs/applications/blockchains/chia/default.nix
View file

@ -6,13 +6,13 @@
python3Packages.buildPythonApplication rec {
pname = "chia";
version = "1.2.2";
version = "1.2.3";
src = fetchFromGitHub {
owner = "Chia-Network";
repo = "chia-blockchain";
rev = version;
sha256 = "sha256-ZYncyaX9gqBhDKiC87A2xI7VeU0zGsmm3Sx45lwgnrg=";
sha256 = "sha256-yS0/Fy2dj8VIbwv2J9sehP0VN0f/YDxu1k9WkaeEz8M=";
};
patches = [

0
pkgs/applications/blockchains/clightning.nix → pkgs/applications/blockchains/clightning/default.nix
View file

0
pkgs/applications/blockchains/crypto-org-wallet.nix → pkgs/applications/blockchains/crypto-org-wallet/default.nix
View file

0
pkgs/applications/blockchains/dashpay.nix → pkgs/applications/blockchains/dashpay/default.nix
View file

0
pkgs/applications/blockchains/dcrd.nix → pkgs/applications/blockchains/dcrd/default.nix
View file

0
pkgs/applications/blockchains/dcrwallet.nix → pkgs/applications/blockchains/dcrwallet/default.nix
View file

0
pkgs/applications/blockchains/dero.nix → pkgs/applications/blockchains/dero/default.nix
View file

0
pkgs/applications/blockchains/digibyte.nix → pkgs/applications/blockchains/digibyte/default.nix
View file

0
pkgs/applications/blockchains/dogecoin.nix → pkgs/applications/blockchains/dogecoin/default.nix
View file

0
pkgs/applications/blockchains/eclair.nix → pkgs/applications/blockchains/eclair/default.nix
View file

0
pkgs/applications/blockchains/electrs.nix → pkgs/applications/blockchains/electrs/default.nix
View file

0
pkgs/applications/blockchains/elements.nix → pkgs/applications/blockchains/elements/default.nix
View file

0
pkgs/applications/blockchains/go-ethereum.nix → pkgs/applications/blockchains/go-ethereum/default.nix
View file

0
pkgs/applications/blockchains/litecoin.nix → pkgs/applications/blockchains/litecoin/default.nix
View file

0
pkgs/applications/blockchains/lnd.nix → pkgs/applications/blockchains/lnd/default.nix
View file

4
pkgs/applications/blockchains/lndmanage.nix → pkgs/applications/blockchains/lndmanage/default.nix
View file

@ -2,13 +2,13 @@
python3Packages.buildPythonApplication rec {
pname = "lndmanage";
version = "0.11.0";
version = "0.12.0";
src = fetchFromGitHub {
owner = "bitromortac";
repo = pname;
rev = "v${version}";
sha256 = "19sqf7cjslwpfzcdbyq182dx7gnn9hii77sahbnh88v69qxgwzvb";
sha256 = "1p73wdxv3fca2ga4nqpjk5lig7bj2v230lh8niw490p5y7hhnggl";
};
propagatedBuildInputs = with python3Packages; [

0
pkgs/applications/blockchains/masari.nix → pkgs/applications/blockchains/masari/default.nix
View file

0
pkgs/applications/blockchains/namecoin.nix → pkgs/applications/blockchains/namecoin/default.nix
View file

0
pkgs/applications/blockchains/particl/particl-core.nix → pkgs/applications/blockchains/particl-core/default.nix
View file

0
pkgs/applications/blockchains/pivx.nix → pkgs/applications/blockchains/pivx/default.nix
View file

0
pkgs/applications/blockchains/quorum.nix → pkgs/applications/blockchains/quorum/default.nix
View file

0
pkgs/applications/blockchains/stellar-core.nix → pkgs/applications/blockchains/stellar-core/default.nix
View file

0
pkgs/applications/blockchains/sumokoin.nix → pkgs/applications/blockchains/sumokoin/default.nix
View file

0
pkgs/applications/blockchains/tessera.nix → pkgs/applications/blockchains/tessera/default.nix
View file

0
pkgs/applications/blockchains/turbo-geth.nix → pkgs/applications/blockchains/turbo-geth/default.nix
View file

0
pkgs/applications/blockchains/vertcoin.nix → pkgs/applications/blockchains/vertcoin/default.nix
View file

0
pkgs/applications/blockchains/wownero.nix → pkgs/applications/blockchains/wownero/default.nix
View file

4
pkgs/applications/graphics/feh/default.nix
View file

@ -7,11 +7,11 @@ with lib;
stdenv.mkDerivation rec {
pname = "feh";
version = "3.7";
version = "3.7.1";
src = fetchurl {
url = "https://feh.finalrewind.org/${pname}-${version}.tar.bz2";
sha256 = "0hdvlrlpjxvmhnjvr32nxgpsw0366higg0gh9h37fxrvdh3v3k87";
sha256 = "sha256-V6scph9XyWWVh4Bp9VDTb1GFMPiPoxt0zDnNc5+SWLY=";
};
outputs = [ "out" "man" "doc" ];

13
pkgs/applications/graphics/geeqie/default.nix
View file

@ -5,11 +5,11 @@
stdenv.mkDerivation rec {
pname = "geeqie";
version = "1.5.1";
version = "1.6.0";
src = fetchurl {
url = "http://geeqie.org/${pname}-${version}.tar.xz";
sha256 = "02m1vqaasin249xx792cdj11xyag8lnanwzxd108y7y34g9xam28";
url = "https://github.com/BestImageViewer/geeqie/archive/refs/tags/v1.6.tar.gz";
sha256 = "0ky248j6n8hszkwwi949i1ypm2l5444byaspaa6564d9rpij01aj";
};
patches = [
@ -23,9 +23,10 @@ stdenv.mkDerivation rec {
preConfigure = "./autogen.sh";
nativeBuildInputs = [ pkg-config autoconf automake gettext intltool
wrapGAppsHook
];
nativeBuildInputs =
[ pkg-config autoconf automake gettext intltool
wrapGAppsHook
];
buildInputs = [
gtk3 lcms2 exiv2 libchamplain clutter-gtk ffmpegthumbnailer fbida

11
pkgs/applications/misc/calibre/default.nix
View file

@ -1,6 +1,7 @@
{ lib
, mkDerivation
, fetchurl
, fetchFromGitHub
, poppler_utils
, pkg-config
, libpng
@ -94,7 +95,15 @@ mkDerivation rec {
python
regex
sip
zeroconf
(zeroconf.overrideAttrs (oldAttrs: rec {
version = "0.31.0";
src = fetchFromGitHub {
owner = "jstasiak";
repo = "python-zeroconf";
rev = version;
sha256 = "158dqay74zvnz6kmpvip4ml0kw59nf2aaajwgaamx0zc8ci1p5pj";
};
}))
# the following are distributed with calibre, but we use upstream instead
odfpy
] ++ lib.optional (unrarSupport) unrardll

41
pkgs/applications/misc/coreaction/default.nix Normal file
View file

@ -0,0 +1,41 @@
{ mkDerivation, lib, fetchFromGitLab, fetchpatch, qtsvg, qtbase, libcsys, libcprime, cmake, ninja, }:
mkDerivation rec {
pname = "coreaction";
version = "4.2.0";
src = fetchFromGitLab {
owner = "cubocore/coreapps";
repo = pname;
rev = "v${version}";
sha256 = "sha256-5qEZNLvbgLoAOXij0wXoVw2iyvytsYZikSJDm6F6ddc=";
};
patches = [
## Fix Plugin Error: "The shared library was not found." "libbatery.so"
(fetchpatch {
url = "https://gitlab.com/cubocore/coreapps/coreaction/-/commit/1d1307363614a117978723eaad2332e6e8c05b28.patch";
sha256 = "039x19rsm23l9vxd5mnbl6gvc3is0igahf47kv54v6apz2q72l3f";
})
];
nativeBuildInputs = [
cmake
ninja
];
buildInputs = [
qtsvg
qtbase
libcsys
libcprime
];
meta = with lib; {
description = "A side bar for showing widgets from the C Suite";
homepage = "https://gitlab.com/cubocore/coreapps/coreaction";
license = licenses.gpl3Plus;
maintainers = with maintainers; [ dan4ik605743 ];
platforms = platforms.linux;
};
}

4
pkgs/applications/misc/corectrl/default.nix
View file

@ -21,13 +21,13 @@
stdenv.mkDerivation rec{
pname = "corectrl";
version = "1.1.3";
version = "1.1.4";
src = fetchFromGitLab {
owner = "corectrl";
repo = "corectrl";
rev = "v${version}";
sha256 = "sha256-xRyc7FYzG8MnhQ8DjIUHYLeUZCZQdi4j1v1fG7F0+G8=";
sha256 = "sha256-o8u9WnkK/6VZ+wlJ9I5Ti6ADjV9VXraRGpSWkDQv5JQ=";
};
nativeBuildInputs = [

32
pkgs/applications/misc/corefm/default.nix Normal file
View file

@ -0,0 +1,32 @@
{ mkDerivation, lib, fetchFromGitLab, qtbase, libcprime, libcsys, cmake, ninja }:
mkDerivation rec {
pname = "corefm";
version = "4.2.0";
src = fetchFromGitLab {
owner = "cubocore/coreapps";
repo = pname;
rev = "v${version}";
sha256 = "sha256-PczKIKY9uCD+cAzAC6Gkb+g+cn9KKCQYd3epoZK8bvA=";
};
nativeBuildInputs = [
cmake
ninja
];
buildInputs = [
qtbase
libcprime
libcsys
];
meta = with lib; {
description = "A lightwight filemanager from the C Suite";
homepage = "https://gitlab.com/cubocore/coreapps/corefm";
license = licenses.gpl3Plus;
maintainers = with maintainers; [ dan4ik605743 ];
platforms = platforms.linux;
};
}

33
pkgs/applications/misc/coregarage/default.nix Normal file
View file

@ -0,0 +1,33 @@
{ mkDerivation, lib, fetchFromGitLab, qtbase, libarchive, libarchive-qt, libcprime, cmake, ninja }:
mkDerivation rec {
pname = "coregarage";
version = "4.2.0";
src = fetchFromGitLab {
owner = "cubocore/coreapps";
repo = pname;
rev = "v${version}";
sha256 = "sha256-2pOQwSj+QKwpHVJp7VCyq6QpVW5wLUf/BE7ReXrJ78s=";
};
nativeBuildInputs = [
cmake
ninja
];
buildInputs = [
qtbase
libcprime
libarchive
libarchive-qt
];
meta = with lib; {
description = "A settings manager for the C Suite";
homepage = "https://gitlab.com/cubocore/coreapps/coregarage";
license = licenses.gpl3Plus;
maintainers = with maintainers; [ dan4ik605743 ];
platforms = platforms.linux;
};
}

8
pkgs/applications/misc/coretoppings/0001-fix-install-phase.patch Normal file
View file

@ -0,0 +1,8 @@
--- a/corepkit/CMakeLists.txt
+++ b/corepkit/Cmakelists.txt
@@ -32,4 +32,4 @@
target_link_libraries( corepkit Qt5::Core )
install( TARGETS corepkit DESTINATION libexec/coreapps/ )
-install( FILES org.cubocore.coreapps.policy DESTINATION /usr/share/polkit-1/actions/ )
+install( FILES org.cubocore.coreapps.policy DESTINATION ${CMAKE_INSTALL_PREFIX}/usr/share/polkit-1/actions/ )

62
pkgs/applications/misc/coretoppings/default.nix Normal file
View file

@ -0,0 +1,62 @@
{ mkDerivation, lib, fetchFromGitLab, libcprime, cmake, ninja
, ffmpeg, qtbase, qtx11extras, qtconnectivity, v4l-utils, grim, wf-recorder
, libdbusmenu, playerctl, xorg, iio-sensor-proxy, inotify-tools
, bluez, networkmanager, connman, redshift, gawk
, polkit, libnotify, systemd, xdg-utils }:
mkDerivation rec {
pname = "coretoppings";
version = "4.2.0";
src = fetchFromGitLab {
owner = "cubocore/coreapps";
repo = pname;
rev = "v${version}";
sha256 = "sha256-DpmzGqjW1swLirRLzd5nblAb40LHAmf8nL+VykQNL3E=";
};
nativeBuildInputs = [
cmake
ninja
];
patches = [
# Fix file cannot create directory: /var/empty/share/polkit-1/actions
./0001-fix-install-phase.patch
];
buildInputs = [
qtbase
qtx11extras
qtconnectivity
libdbusmenu
libcprime
ffmpeg
v4l-utils
grim
wf-recorder
playerctl
xorg.xrandr
xorg.xinput
xorg.libXdamage
iio-sensor-proxy
inotify-tools
bluez
networkmanager
connman
redshift
gawk
polkit
libnotify
systemd
xdg-utils
];
meta = with lib; {
description = "Additional features,plugins etc for CuboCore Application Suite";
homepage = "https://gitlab.com/cubocore/coreapps/coretoppings";
license = licenses.gpl3Plus;
maintainers = with maintainers; [ dan4ik605743 ];
platforms = platforms.linux;
};
}

21
pkgs/applications/misc/electrum/default.nix
View file

@ -43,6 +43,20 @@ let
mv ./all/electrum/tests $out
'';
};
py = python3.override {
packageOverrides = self: super: {
aiorpcx = super.aiorpcx.overridePythonAttrs (oldAttrs: rec {
version = "0.18.7";
src = oldAttrs.src.override {
inherit version;
sha256 = "1rswrspv27x33xa5bnhrkjqzhv0sknv5kd7pl1vidw9d2z4rx2l0";
};
});
};
};
in
python3.pkgs.buildPythonApplication {
@ -66,7 +80,7 @@ python3.pkgs.buildPythonApplication {
nativeBuildInputs = lib.optionals enableQt [ wrapQtAppsHook ];
propagatedBuildInputs = with python3.pkgs; [
propagatedBuildInputs = with py.pkgs; [
aiohttp
aiohttp-socks
aiorpcx
@ -87,7 +101,10 @@ python3.pkgs.buildPythonApplication {
ckcc-protocol
keepkey
trezor
] ++ lib.optionals enableQt [ pyqt5 qdarkstyle ];
] ++ lib.optionals enableQt [
pyqt5
qdarkstyle
];
preBuild = ''
sed -i 's,usr_share = .*,usr_share = "'$out'/share",g' setup.py

4
pkgs/applications/misc/gallery-dl/default.nix
View file

@ -2,11 +2,11 @@
buildPythonApplication rec {
pname = "gallery_dl";
version = "1.18.1";
version = "1.18.2";
src = fetchPypi {
inherit pname version;
sha256 = "1e231ed7122a753430d92f8c6240a99defa2b307d57f1a4cc3e48910269331a9";
sha256 = "786772ce774929ef1ba64d8394dbab329a72447fd8b930968bc1fb0aacdba567";
};
propagatedBuildInputs = [ requests ];

2
pkgs/applications/misc/nix-tour/default.nix
View file

@ -12,8 +12,6 @@ stdenv.mkDerivation rec {
sha256 = "09b1vxli4zv1nhqnj6c0vrrl51gaira94i8l7ww96fixqxjgdwvb";
};
phases = [ "unpackPhase" "installPhase" ];
installPhase = ''
mkdir -p $out/bin
mkdir -p $out/share

8
pkgs/applications/networking/browsers/brave/default.nix
View file

@ -90,11 +90,11 @@ in
stdenv.mkDerivation rec {
pname = "brave";
version = "1.26.77";
version = "1.27.108";
src = fetchurl {
url = "https://github.com/brave/brave-browser/releases/download/v${version}/brave-browser_${version}_amd64.deb";
sha256 = "tV/VseU+IncvM3gdrmqkYLPClbsf2kSvIAZj0Ylz2Rw=";
sha256 = "Lz6rNTRoxt/UQFMQ9vurFhXWUshLDfWMxFON4nXfIiY=";
};
dontConfigure = true;
@ -124,9 +124,11 @@ stdenv.mkDerivation rec {
ln -sf $BINARYWRAPPER $out/bin/brave
for exe in $out/opt/brave.com/brave/{brave,crashpad_handler}; do
patchelf \
--set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" \
--set-rpath "${rpath}" $out/opt/brave.com/brave/brave
--set-rpath "${rpath}" $exe
done
# Fix paths
substituteInPlace $out/share/applications/brave-browser.desktop \

5
pkgs/applications/networking/browsers/chromium/common.nix
View file

@ -75,15 +75,16 @@ let
in attrs: concatStringsSep " " (attrValues (mapAttrs toFlag attrs));
# https://source.chromium.org/chromium/chromium/src/+/master:build/linux/unbundle/replace_gn_files.py
gnSystemLibraries = [
gnSystemLibraries = lib.optionals (!chromiumVersionAtLeast "93") [
"ffmpeg"
"snappy"
] ++ [
"flac"
"libjpeg"
"libpng"
"libwebp"
"libxslt"
"opus"
"snappy"
"zlib"
];

6
pkgs/applications/networking/browsers/chromium/upstream-info.json
View file

@ -31,9 +31,9 @@
}
},
"dev": {
"version": "93.0.4577.8",
"sha256": "1x6i5bmcnj8bkpcb9gcyd1m9nzpq206yyprxrnpak117k7abr2b1",
"sha256bin64": "0qjfb9jxr2gmwb1dsvl6yzz06vsjny2l3icrsdcm0pl6r6davk2w",
"version": "93.0.4577.15",
"sha256": "07gbpa1z6cnbmv8008y92ldg53w48rjx0slvgsrw4gk9cnvmnpz0",
"sha256bin64": "0sb3m2mbq6g3mnps7g6xziziwv6sng34410ww5jyx82mw0q0sxig",
"deps": {
"gn": {
"version": "2021-07-08",

3
pkgs/applications/networking/browsers/icecat-bin/default.nix
View file

@ -4,6 +4,7 @@
, autoPatchelfHook
, wrapGAppsHook
, gnome2
, gtk2
, nss
, xdg-utils
, xorg
@ -77,7 +78,7 @@ stdenv.mkDerivation rec {
gdk-pixbuf
glib
gnome2.GConf
gnome2.gtk
gtk2
gtk3
libX11
libXScrnSaver

Some files were not shown because too many files have changed in this diff Show more