Merge master into staging-next

This commit is contained in:
Frederik Rietdijk 2020-08-24 11:50:58 +02:00
commit 0a874ff2a6
139 changed files with 1638 additions and 845 deletions

1
.github/CODEOWNERS vendored
View file

@ -198,6 +198,7 @@
/nixos/modules/virtualisation/containers.nix @NixOS/podman @zowoq
/nixos/modules/virtualisation/cri-o.nix @NixOS/podman @zowoq
/nixos/modules/virtualisation/podman.nix @NixOS/podman @zowoq
/nixos/tests/cri-o.nix @NixOS/podman @zowoq
/nixos/tests/podman.nix @NixOS/podman @zowoq
# Blockchains

View file

@ -472,6 +472,12 @@
githubId = 858965;
name = "Andrew Morsillo";
};
andehen = {
email = "git@andehen.net";
github = "andehen";
githubId = 754494;
name = "Anders Asheim Hennum";
};
andersk = {
email = "andersk@mit.edu";
github = "andersk";
@ -3349,6 +3355,12 @@
githubId = 131599;
name = "Martin Weinelt";
};
hh = {
email = "hh@m-labs.hk";
github = "HarryMakes";
githubId = 66358631;
name = "Harry Ho";
};
hhm = {
email = "heehooman+nixpkgs@gmail.com";
github = "hhm0";
@ -8547,6 +8559,12 @@
githubId = 699403;
name = "Tomas Vestelind";
};
tviti = {
email = "tviti@hawaii.edu";
github = "tviti";
githubId = 2251912;
name = "Taylor Viti";
};
tvorog = {
email = "marszaripov@gmail.com";
github = "tvorog";
@ -9438,4 +9456,10 @@
github = "fzakaria";
githubId = 605070;
};
yevhenshymotiuk = {
name = "Yevhen Shymotiuk";
email = "yevhenshymotiuk@gmail.com";
github = "yevhenshymotiuk";
githubId = 44244245;
};
}

View file

@ -128,7 +128,7 @@ GRANT ALL PRIVILEGES ON *.* TO 'mysql'@'localhost' WITH GRANT OPTION;
</listitem>
<listitem>
<para>
Two new option <link linkend="opt-documentation.man.generateCaches">documentation.man.generateCaches</link>
The new option <link linkend="opt-documentation.man.generateCaches">documentation.man.generateCaches</link>
has been added to automatically generate the <literal>man-db</literal> caches, which are needed by utilities
like <command>whatis</command> and <command>apropos</command>. The caches are generated during the build of
the NixOS configuration: since this can be expensive when a large number of packages are installed, the
@ -195,6 +195,15 @@ GRANT ALL PRIVILEGES ON *.* TO 'mysql'@'localhost' WITH GRANT OPTION;
The NixOS module system now supports freeform modules as a mix between <literal>types.attrsOf</literal> and <literal>types.submodule</literal>. These allow you to explicitly declare a subset of options while still permitting definitions without an associated option. See <xref linkend='sec-freeform-modules'/> for how to use them.
</para>
</listitem>
<listitem>
<para>
The GRUB module gained support for basic password protection, which
allows to restrict non-default entries in the boot menu to one or more
users. The users and passwords are defined via the option
<option>boot.loader.grub.users</option>.
Note: Password support is only avaiable in GRUB version 2.
</para>
</listitem>
</itemizedlist>
</section>

View file

@ -24,11 +24,11 @@
check ? true
, prefix ? []
, lib ? import ../../lib
, extraModules ? let e = builtins.getEnv "NIXOS_EXTRA_MODULE_PATH";
in if e == "" then [] else [(import e)]
}:
let extraArgs_ = extraArgs; pkgs_ = pkgs;
extraModules = let e = builtins.getEnv "NIXOS_EXTRA_MODULE_PATH";
in if e == "" then [] else [(import e)];
in
let

View file

@ -424,15 +424,18 @@ class Machine:
output += out
return output
def fail(self, *commands: str) -> None:
def fail(self, *commands: str) -> str:
"""Execute each command and check that it fails."""
output = ""
for command in commands:
with self.nested("must fail: {}".format(command)):
status, output = self.execute(command)
(status, out) = self.execute(command)
if status == 0:
raise Exception(
"command `{}` unexpectedly succeeded".format(command)
)
output += out
return output
def wait_until_succeeds(self, command: str) -> str:
"""Wait until a command returns success and return its output.

View file

@ -29,13 +29,15 @@ in {
config = mkIf cfg.enable {
systemd.services.ssm-agent = {
users.extraUsers.ssm-user = {};
inherit (cfg.package.meta) description;
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
path = [ fake-lsb-release ];
path = [ fake-lsb-release pkgs.coreutils ];
serviceConfig = {
ExecStart = "${cfg.package}/bin/agent";
ExecStart = "${cfg.package}/bin/amazon-ssm-agent";
KillMode = "process";
Restart = "on-failure";
RestartSec = "15min";

View file

@ -46,7 +46,7 @@ let
cmdlineArgs = cfg.extraFlags ++ [
"--storage.tsdb.path=${workingDir}/data/"
"--config.file=${prometheusYml}"
"--web.listen-address=${cfg.listenAddress}"
"--web.listen-address=${cfg.listenAddress}:${builtins.toString cfg.port}"
"--alertmanager.notification-queue-capacity=${toString cfg.alertmanagerNotificationQueueCapacity}"
"--alertmanager.timeout=${toString cfg.alertmanagerTimeout}s"
] ++
@ -489,9 +489,17 @@ in {
'';
};
port = mkOption {
type = types.port;
default = 9090;
description = ''
Port to listen on.
'';
};
listenAddress = mkOption {
type = types.str;
default = "0.0.0.0:9090";
default = "0.0.0.0";
description = ''
Address to listen on for the web interface, API, and telemetry.
'';
@ -619,6 +627,21 @@ in {
};
config = mkIf cfg.enable {
assertions = [
( let
legacy = builtins.match "(.*):(.*)" cfg.listenAddress;
in {
assertion = legacy == null;
message = ''
Do not specify the port for Prometheus to listen on in the
listenAddress option; use the port option instead:
services.prometheus.listenAddress = ${builtins.elemAt legacy 0};
services.prometheus.port = ${builtins.elemAt legacy 1};
'';
}
)
];
users.groups.prometheus.gid = config.ids.gids.prometheus;
users.users.prometheus = {
description = "Prometheus daemon user";

View file

@ -1,134 +0,0 @@
{ config, lib, pkgs, ... }:
with lib;
with builtins;
let
cfg = config.virtualisation;
sanitizeImageName = image: replaceStrings ["/"] ["-"] image.imageName;
hash = drv: head (split "-" (baseNameOf drv.outPath));
# The label of an ext4 FS is limited to 16 bytes
labelFromImage = image: substring 0 16 (hash image);
# The Docker image is loaded and some files from /var/lib/docker/
# are written into a qcow image.
preload = image: pkgs.vmTools.runInLinuxVM (
pkgs.runCommand "docker-preload-image-${sanitizeImageName image}" {
buildInputs = with pkgs; [ docker e2fsprogs utillinux curl kmod ];
preVM = pkgs.vmTools.createEmptyImage {
size = cfg.dockerPreloader.qcowSize;
fullName = "docker-deamon-image.qcow2";
};
}
''
mkfs.ext4 /dev/vda
e2label /dev/vda ${labelFromImage image}
mkdir -p /var/lib/docker
mount -t ext4 /dev/vda /var/lib/docker
modprobe overlay
# from https://github.com/tianon/cgroupfs-mount/blob/master/cgroupfs-mount
mount -t tmpfs -o uid=0,gid=0,mode=0755 cgroup /sys/fs/cgroup
cd /sys/fs/cgroup
for sys in $(awk '!/^#/ { if ($4 == 1) print $1 }' /proc/cgroups); do
mkdir -p $sys
if ! mountpoint -q $sys; then
if ! mount -n -t cgroup -o $sys cgroup $sys; then
rmdir $sys || true
fi
fi
done
dockerd -H tcp://127.0.0.1:5555 -H unix:///var/run/docker.sock &
until $(curl --output /dev/null --silent --connect-timeout 2 http://127.0.0.1:5555); do
printf '.'
sleep 1
done
docker load -i ${image}
kill %1
find /var/lib/docker/ -maxdepth 1 -mindepth 1 -not -name "image" -not -name "overlay2" | xargs rm -rf
'');
preloadedImages = map preload cfg.dockerPreloader.images;
in
{
options.virtualisation.dockerPreloader = {
images = mkOption {
default = [ ];
type = types.listOf types.package;
description =
''
A list of Docker images to preload (in the /var/lib/docker directory).
'';
};
qcowSize = mkOption {
default = 1024;
type = types.int;
description =
''
The size (MB) of qcow files.
'';
};
};
config = mkIf (cfg.dockerPreloader.images != []) {
assertions = [{
# If docker.storageDriver is null, Docker choose the storage
# driver. So, in this case, we cannot be sure overlay2 is used.
assertion = cfg.docker.storageDriver == "overlay2"
|| cfg.docker.storageDriver == "overlay"
|| cfg.docker.storageDriver == null;
message = "The Docker image Preloader only works with overlay2 storage driver!";
}];
virtualisation.qemu.options =
map (path: "-drive if=virtio,file=${path}/disk-image.qcow2,readonly,media=cdrom,format=qcow2")
preloadedImages;
# All attached QCOW files are mounted and their contents are linked
# to /var/lib/docker/ in order to make image available.
systemd.services.docker-preloader = {
description = "Preloaded Docker images";
wantedBy = ["docker.service"];
after = ["network.target"];
path = with pkgs; [ mount rsync jq ];
script = ''
mkdir -p /var/lib/docker/overlay2/l /var/lib/docker/image/overlay2
echo '{}' > /tmp/repositories.json
for i in ${concatStringsSep " " (map labelFromImage cfg.dockerPreloader.images)}; do
mkdir -p /mnt/docker-images/$i
# The ext4 label is limited to 16 bytes
mount /dev/disk/by-label/$(echo $i | cut -c1-16) -o ro,noload /mnt/docker-images/$i
find /mnt/docker-images/$i/overlay2/ -maxdepth 1 -mindepth 1 -not -name l\
-exec ln -s '{}' /var/lib/docker/overlay2/ \;
cp -P /mnt/docker-images/$i/overlay2/l/* /var/lib/docker/overlay2/l/
rsync -a /mnt/docker-images/$i/image/ /var/lib/docker/image/
# Accumulate image definitions
cp /tmp/repositories.json /tmp/repositories.json.tmp
jq -s '.[0] * .[1]' \
/tmp/repositories.json.tmp \
/mnt/docker-images/$i/image/overlay2/repositories.json \
> /tmp/repositories.json
done
mv /tmp/repositories.json /var/lib/docker/image/overlay2/repositories.json
'';
serviceConfig = {
Type = "oneshot";
};
};
};
}

View file

@ -264,7 +264,6 @@ in
{
imports = [
../profiles/qemu-guest.nix
./docker-preloader.nix
];
options = {

View file

@ -66,11 +66,13 @@ in
containers-macvlans = handleTest ./containers-macvlans.nix {};
containers-physical_interfaces = handleTest ./containers-physical_interfaces.nix {};
containers-portforward = handleTest ./containers-portforward.nix {};
containers-reloadable = handleTest ./containers-reloadable.nix {};
containers-restart_networking = handleTest ./containers-restart_networking.nix {};
containers-tmpfs = handleTest ./containers-tmpfs.nix {};
convos = handleTest ./convos.nix {};
corerad = handleTest ./corerad.nix {};
couchdb = handleTest ./couchdb.nix {};
cri-o = handleTestOn ["x86_64-linux"] ./cri-o.nix {};
deluge = handleTest ./deluge.nix {};
dhparams = handleTest ./dhparams.nix {};
dnscrypt-proxy2 = handleTestOn ["x86_64-linux"] ./dnscrypt-proxy2.nix {};
@ -79,15 +81,13 @@ in
docker = handleTestOn ["x86_64-linux"] ./docker.nix {};
oci-containers = handleTestOn ["x86_64-linux"] ./oci-containers.nix {};
docker-edge = handleTestOn ["x86_64-linux"] ./docker-edge.nix {};
docker-preloader = handleTestOn ["x86_64-linux"] ./docker-preloader.nix {};
docker-registry = handleTest ./docker-registry.nix {};
docker-tools = handleTestOn ["x86_64-linux"] ./docker-tools.nix {};
docker-tools-overlay = handleTestOn ["x86_64-linux"] ./docker-tools-overlay.nix {};
documize = handleTest ./documize.nix {};
dokuwiki = handleTest ./dokuwiki.nix {};
dovecot = handleTest ./dovecot.nix {};
# ec2-config doesn't work in a sandbox as the simulated ec2 instance needs network access
#ec2-config = (handleTestOn ["x86_64-linux"] ./ec2.nix {}).boot-ec2-config or {};
ec2-config = (handleTestOn ["x86_64-linux"] ./ec2.nix {}).boot-ec2-config or {};
ec2-nixops = (handleTestOn ["x86_64-linux"] ./ec2.nix {}).boot-ec2-nixops or {};
ecryptfs = handleTest ./ecryptfs.nix {};
ejabberd = handleTest ./xmpp/ejabberd.nix {};

View file

@ -20,30 +20,44 @@ with pkgs.lib;
in makeTest {
name = "ec2-" + name;
nodes = {};
testScript =
''
my $imageDir = ($ENV{'TMPDIR'} // "/tmp") . "/vm-state-machine";
mkdir $imageDir, 0700;
my $diskImage = "$imageDir/machine.qcow2";
system("qemu-img create -f qcow2 -o backing_file=${image} $diskImage") == 0 or die;
system("qemu-img resize $diskImage 10G") == 0 or die;
testScript = ''
import os
import subprocess
# Note: we use net=169.0.0.0/8 rather than
# net=169.254.0.0/16 to prevent dhcpcd from getting horribly
# confused. (It would get a DHCP lease in the 169.254.*
# range, which it would then configure and prompty delete
# again when it deletes link-local addresses.) Ideally we'd
# turn off the DHCP server, but qemu does not have an option
# to do that.
my $startCommand = "qemu-kvm -m 1024";
$startCommand .= " -device virtio-net-pci,netdev=vlan0";
$startCommand .= " -netdev 'user,id=vlan0,net=169.0.0.0/8,guestfwd=tcp:169.254.169.254:80-cmd:${pkgs.micro-httpd}/bin/micro_httpd ${metaData}'";
$startCommand .= " -drive file=$diskImage,if=virtio,werror=report";
$startCommand .= " \$QEMU_OPTS";
image_dir = os.path.join(
os.environ.get("TMPDIR", tempfile.gettempdir()), "tmp", "vm-state-machine"
)
os.makedirs(image_dir, mode=0o700, exist_ok=True)
disk_image = os.path.join(image_dir, "machine.qcow2")
subprocess.check_call(
[
"qemu-img",
"create",
"-f",
"qcow2",
"-o",
"backing_file=${image}",
disk_image,
]
)
subprocess.check_call(["qemu-img", "resize", disk_image, "10G"])
my $machine = createMachine({ startCommand => $startCommand });
# Note: we use net=169.0.0.0/8 rather than
# net=169.254.0.0/16 to prevent dhcpcd from getting horribly
# confused. (It would get a DHCP lease in the 169.254.*
# range, which it would then configure and prompty delete
# again when it deletes link-local addresses.) Ideally we'd
# turn off the DHCP server, but qemu does not have an option
# to do that.
start_command = (
"qemu-kvm -m 1024"
+ " -device virtio-net-pci,netdev=vlan0"
+ " -netdev 'user,id=vlan0,net=169.0.0.0/8,guestfwd=tcp:169.254.169.254:80-cmd:${pkgs.micro-httpd}/bin/micro_httpd ${metaData}'"
+ f" -drive file={disk_image},if=virtio,werror=report"
+ " $QEMU_OPTS"
)
${script}
'';
machine = create_machine({"startCommand": start_command})
'' + script;
};
}

View file

@ -9,13 +9,13 @@ let
};
};
# prevent make-test.nix to change IP
# prevent make-test-python.nix to change IP
networking.interfaces = {
eth1.ipv4.addresses = lib.mkOverride 0 [ ];
};
};
in {
name = "cotnainers-reloadable";
name = "containers-reloadable";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ danbst ];
};

19
nixos/tests/cri-o.nix Normal file
View file

@ -0,0 +1,19 @@
# This test runs CRI-O and verifies via critest
import ./make-test-python.nix ({ pkgs, ... }: {
name = "cri-o";
maintainers = with pkgs.stdenv.lib.maintainers; teams.podman.members;
nodes = {
crio = {
virtualisation.cri-o.enable = true;
};
};
testScript = ''
start_all()
crio.wait_for_unit("crio.service")
crio.succeed(
"critest --ginkgo.focus='Runtime info' --runtime-endpoint unix:///var/run/crio/crio.sock"
)
'';
})

View file

@ -1,27 +0,0 @@
import ./make-test.nix ({ pkgs, ...} : {
name = "docker-preloader";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ lewo ];
};
nodes = {
docker =
{ pkgs, ... }:
{
virtualisation.docker.enable = true;
virtualisation.dockerPreloader.images = [ pkgs.dockerTools.examples.nix pkgs.dockerTools.examples.bash ];
services.openssh.enable = true;
services.openssh.permitRootLogin = "yes";
services.openssh.extraConfig = "PermitEmptyPasswords yes";
users.extraUsers.root.password = "";
};
};
testScript = ''
startAll;
$docker->waitForUnit("sockets.target");
$docker->succeed("docker run nix nix-store --version");
$docker->succeed("docker run bash bash --version");
'';
})

View file

@ -3,58 +3,58 @@
pkgs ? import ../.. { inherit system config; }
}:
with import ../lib/testing.nix { inherit system pkgs; };
with import ../lib/testing-python.nix { inherit system pkgs; };
with pkgs.lib;
with import common/ec2.nix { inherit makeTest pkgs; };
let
imageCfg =
(import ../lib/eval-config.nix {
inherit system;
modules = [
../maintainers/scripts/ec2/amazon-image.nix
../modules/testing/test-instrumentation.nix
../modules/profiles/qemu-guest.nix
{ ec2.hvm = true;
imageCfg = (import ../lib/eval-config.nix {
inherit system;
modules = [
../maintainers/scripts/ec2/amazon-image.nix
../modules/testing/test-instrumentation.nix
../modules/profiles/qemu-guest.nix
{
ec2.hvm = true;
# Hack to make the partition resizing work in QEMU.
boot.initrd.postDeviceCommands = mkBefore
''
ln -s vda /dev/xvda
ln -s vda1 /dev/xvda1
'';
# Hack to make the partition resizing work in QEMU.
boot.initrd.postDeviceCommands = mkBefore ''
ln -s vda /dev/xvda
ln -s vda1 /dev/xvda1
'';
# Needed by nixos-rebuild due to the lack of network
# access. Determined by trial and error.
system.extraDependencies =
with pkgs; (
[
# Needed for a nixos-rebuild.
busybox
stdenv
stdenvNoCC
mkinitcpio-nfs-utils
unionfs-fuse
cloud-utils
desktop-file-utils
texinfo
libxslt.bin
xorg.lndir
# Needed by nixos-rebuild due to the lack of network
# access. Determined by trial and error.
system.extraDependencies = with pkgs; ( [
# Needed for a nixos-rebuild.
busybox
cloud-utils
desktop-file-utils
libxslt.bin
mkinitcpio-nfs-utils
stdenv
stdenvNoCC
texinfo
unionfs-fuse
xorg.lndir
# These are used in the configure-from-userdata tests
# for EC2. Httpd and valgrind are requested by the
# configuration.
apacheHttpd apacheHttpd.doc apacheHttpd.man valgrind.doc
]
);
}
];
}).config;
# These are used in the configure-from-userdata tests
# for EC2. Httpd and valgrind are requested by the
# configuration.
apacheHttpd
apacheHttpd.doc
apacheHttpd.man
valgrind.doc
]);
}
];
}).config;
image = "${imageCfg.system.build.amazonImage}/${imageCfg.amazonImage.name}.vhd";
sshKeys = import ./ssh-keys.nix pkgs;
snakeOilPrivateKey = sshKeys.snakeOilPrivateKey.text;
snakeOilPrivateKeyFile = pkgs.writeText "private-key" snakeOilPrivateKey;
snakeOilPublicKey = sshKeys.snakeOilPublicKey;
in {
@ -68,43 +68,47 @@ in {
SSH_HOST_ED25519_KEY:${replaceStrings ["\n"] ["|"] snakeOilPrivateKey}
'';
script = ''
$machine->start;
$machine->waitForFile("/etc/ec2-metadata/user-data");
$machine->waitForUnit("sshd.service");
machine.start()
machine.wait_for_file("/etc/ec2-metadata/user-data")
machine.wait_for_unit("sshd.service")
$machine->succeed("grep unknown /etc/ec2-metadata/ami-manifest-path");
machine.succeed("grep unknown /etc/ec2-metadata/ami-manifest-path")
# We have no keys configured on the client side yet, so this should fail
$machine->fail("ssh -o BatchMode=yes localhost exit");
machine.fail("ssh -o BatchMode=yes localhost exit")
# Let's install our client private key
$machine->succeed("mkdir -p ~/.ssh");
machine.succeed("mkdir -p ~/.ssh")
$machine->succeed("echo '${snakeOilPrivateKey}' > ~/.ssh/id_ed25519");
$machine->succeed("chmod 600 ~/.ssh/id_ed25519");
machine.copy_from_host_via_shell(
"${snakeOilPrivateKeyFile}", "~/.ssh/id_ed25519"
)
machine.succeed("chmod 600 ~/.ssh/id_ed25519")
# We haven't configured the host key yet, so this should still fail
$machine->fail("ssh -o BatchMode=yes localhost exit");
machine.fail("ssh -o BatchMode=yes localhost exit")
# Add the host key; ssh should finally succeed
$machine->succeed("echo localhost,127.0.0.1 ${snakeOilPublicKey} > ~/.ssh/known_hosts");
$machine->succeed("ssh -o BatchMode=yes localhost exit");
machine.succeed(
"echo localhost,127.0.0.1 ${snakeOilPublicKey} > ~/.ssh/known_hosts"
)
machine.succeed("ssh -o BatchMode=yes localhost exit")
# Test whether the root disk was resized.
my $blocks = $machine->succeed("stat -c %b -f /");
my $bsize = $machine->succeed("stat -c %S -f /");
my $size = $blocks * $bsize;
die "wrong free space $size" if $size < 9.7 * 1024 * 1024 * 1024 || $size > 10 * 1024 * 1024 * 1024;
blocks, block_size = map(int, machine.succeed("stat -c %b:%S -f /").split(":"))
GB = 1024 ** 3
assert 9.7 * GB <= blocks * block_size <= 10 * GB
# Just to make sure resizing is idempotent.
$machine->shutdown;
$machine->start;
$machine->waitForFile("/etc/ec2-metadata/user-data");
machine.shutdown()
machine.start()
machine.wait_for_file("/etc/ec2-metadata/user-data")
'';
};
boot-ec2-config = makeEc2Test {
name = "config-userdata";
meta.broken = true; # amazon-init wants to download from the internet while building the system
inherit image;
sshPublicKey = snakeOilPublicKey;
@ -133,17 +137,17 @@ in {
}
'';
script = ''
$machine->start;
machine.start()
# amazon-init must succeed. if it fails, make the test fail
# immediately instead of timing out in waitForFile.
$machine->waitForUnit('amazon-init.service');
# immediately instead of timing out in wait_for_file.
machine.wait_for_unit("amazon-init.service")
$machine->waitForFile("/etc/testFile");
$machine->succeed("cat /etc/testFile | grep -q 'whoa'");
machine.wait_for_file("/etc/testFile")
assert "whoa" in machine.succeed("cat /etc/testFile")
$machine->waitForUnit("httpd.service");
$machine->succeed("curl http://localhost | grep Valgrind");
machine.wait_for_unit("httpd.service")
assert "Valgrind" in machine.succeed("curl http://localhost")
'';
};
}

View file

@ -23,6 +23,13 @@ import ./make-test-python.nix ({ pkgs, lib, ...} : {
services.xserver.desktopManager.gnome3.enable = true;
services.xserver.desktopManager.gnome3.debug = true;
environment.systemPackages = [
(pkgs.makeAutostartItem {
name = "org.gnome.Terminal";
package = pkgs.gnome3.gnome-terminal;
})
];
virtualisation.memorySize = 1024;
};
@ -65,9 +72,6 @@ import ./make-test-python.nix ({ pkgs, lib, ...} : {
)
with subtest("Open Gnome Terminal"):
machine.succeed(
"${gnomeTerminalCommand}"
)
# correct output should be (true, '"gnome-terminal-server"')
machine.wait_until_succeeds(
"${wmClass} | grep -q 'gnome-terminal-server'"

View file

@ -1,4 +1,4 @@
import ./make-test.nix ({ pkgs, latestKernel ? false, ... } : {
import ./make-test-python.nix ({ pkgs, latestKernel ? false, ... } : {
name = "hardened";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ joachifm ];
@ -47,84 +47,88 @@ import ./make-test.nix ({ pkgs, latestKernel ? false, ... } : {
};
in
''
$machine->waitForUnit("multi-user.target");
machine.wait_for_unit("multi-user.target")
with subtest("AppArmor profiles are loaded"):
machine.succeed("systemctl status apparmor.service")
subtest "apparmor-loaded", sub {
$machine->succeed("systemctl status apparmor.service");
};
# AppArmor securityfs
subtest "apparmor-securityfs", sub {
$machine->succeed("mountpoint -q /sys/kernel/security");
$machine->succeed("cat /sys/kernel/security/apparmor/profiles");
};
with subtest("AppArmor securityfs is mounted"):
machine.succeed("mountpoint -q /sys/kernel/security")
machine.succeed("cat /sys/kernel/security/apparmor/profiles")
# Test loading out-of-tree modules
subtest "extra-module-packages", sub {
$machine->succeed("grep -Fq wireguard /proc/modules");
};
with subtest("Out-of-tree modules can be loaded"):
machine.succeed("grep -Fq wireguard /proc/modules")
# Test hidepid
subtest "hidepid", sub {
$machine->succeed("grep -Fq hidepid=2 /proc/mounts");
with subtest("hidepid=2 option is applied and works"):
machine.succeed("grep -Fq hidepid=2 /proc/mounts")
# cannot use pgrep -u here, it segfaults when access to process info is denied
$machine->succeed("[ `su - sybil -c 'ps --no-headers --user root | wc -l'` = 0 ]");
$machine->succeed("[ `su - alice -c 'ps --no-headers --user root | wc -l'` != 0 ]");
};
machine.succeed("[ `su - sybil -c 'ps --no-headers --user root | wc -l'` = 0 ]")
machine.succeed("[ `su - alice -c 'ps --no-headers --user root | wc -l'` != 0 ]")
# Test kernel module hardening
subtest "lock-modules", sub {
with subtest("No more kernel modules can be loaded"):
# note: this better a be module we normally wouldn't load ...
$machine->fail("modprobe dccp");
};
machine.fail("modprobe dccp")
# Test userns
subtest "userns", sub {
$machine->succeed("unshare --user true");
$machine->fail("su -l alice -c 'unshare --user true'");
};
with subtest("User namespaces are restricted"):
machine.succeed("unshare --user true")
machine.fail("su -l alice -c 'unshare --user true'")
# Test dmesg restriction
subtest "dmesg", sub {
$machine->fail("su -l alice -c dmesg");
};
with subtest("Regular users cannot access dmesg"):
machine.fail("su -l alice -c dmesg")
# Test access to kcore
subtest "kcore", sub {
$machine->fail("cat /proc/kcore");
};
with subtest("Kcore is inaccessible as root"):
machine.fail("cat /proc/kcore")
# Test deferred mount
subtest "mount", sub {
$machine->fail("mountpoint -q /efi"); # was deferred
$machine->execute("mkdir -p /efi");
$machine->succeed("mount /dev/disk/by-label/EFISYS /efi");
$machine->succeed("mountpoint -q /efi"); # now mounted
};
with subtest("Deferred mounts work"):
machine.fail("mountpoint -q /efi") # was deferred
machine.execute("mkdir -p /efi")
machine.succeed("mount /dev/disk/by-label/EFISYS /efi")
machine.succeed("mountpoint -q /efi") # now mounted
# Test Nix dæmon usage
subtest "nix-daemon", sub {
$machine->fail("su -l nobody -s /bin/sh -c 'nix ping-store'");
$machine->succeed("su -l alice -c 'nix ping-store'") =~ "OK";
};
with subtest("nix-daemon cannot be used by all users"):
machine.fail("su -l nobody -s /bin/sh -c 'nix ping-store'")
machine.succeed("su -l alice -c 'nix ping-store'")
# Test kernel image protection
subtest "kernelimage", sub {
$machine->fail("systemctl hibernate");
$machine->fail("systemctl kexec");
};
with subtest("The kernel image is protected"):
machine.fail("systemctl hibernate")
machine.fail("systemctl kexec")
# Test hardened memory allocator
sub runMallocTestProg {
my ($progName, $errorText) = @_;
my $text = "fatal allocator error: " . $errorText;
$machine->fail("${hardened-malloc-tests}/bin/" . $progName) =~ $text;
};
def runMallocTestProg(prog_name, error_text):
text = "fatal allocator error: " + error_text
if not text in machine.fail(
"${hardened-malloc-tests}/bin/"
+ prog_name
+ " 2>&1"
):
raise Exception("Hardened malloc does not work for {}".format(error_text))
subtest "hardenedmalloc", sub {
runMallocTestProg("double_free_large", "invalid free");
runMallocTestProg("unaligned_free_small", "invalid unaligned free");
runMallocTestProg("write_after_free_small", "detected write after free");
};
with subtest("The hardened memory allocator works"):
runMallocTestProg("double_free_large", "invalid free")
runMallocTestProg("unaligned_free_small", "invalid unaligned free")
runMallocTestProg("write_after_free_small", "detected write after free")
'';
})

View file

@ -1,15 +1,16 @@
import ../make-test.nix ({ pkgs, ...} : {
import ../make-test-python.nix ({ pkgs, ...} : {
name = "test-hocker-fetchdocker";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ ixmatus ];
broken = true; # tries to download from registry-1.docker.io - how did this ever work?
};
machine = import ./machine.nix;
testScript = ''
startAll;
start_all()
$machine->waitForUnit("sockets.target");
$machine->waitUntilSucceeds("docker run registry-1.docker.io/v2/library/hello-world:latest");
machine.wait_for_unit("sockets.target")
machine.wait_until_succeeds("docker run registry-1.docker.io/v2/library/hello-world:latest")
'';
})

View file

@ -799,7 +799,7 @@ in {
"btrfs subvol create /mnt/badpath/boot",
"btrfs subvol create /mnt/nixos",
"btrfs subvol set-default "
+ "$(btrfs subvol list /mnt | grep 'nixos' | awk '{print \$2}') /mnt",
+ "$(btrfs subvol list /mnt | grep 'nixos' | awk '{print $2}') /mnt",
"umount /mnt",
"mount -o defaults LABEL=root /mnt",
"mkdir -p /mnt/badpath/boot", # Help ensure the detection mechanism

View file

@ -3,30 +3,30 @@
pkgs ? import ../.. { inherit system config; }
}:
with import ../lib/testing.nix { inherit system pkgs; };
with import ../lib/testing-python.nix { inherit system pkgs; };
with pkgs.lib;
with import common/ec2.nix { inherit makeTest pkgs; };
let
image =
(import ../lib/eval-config.nix {
inherit system;
modules = [
../maintainers/scripts/openstack/openstack-image.nix
../modules/testing/test-instrumentation.nix
../modules/profiles/qemu-guest.nix
{
# Needed by nixos-rebuild due to lack of network access.
system.extraDependencies = with pkgs; [
stdenv
];
}
];
}).config.system.build.openstackImage + "/nixos.qcow2";
image = (import ../lib/eval-config.nix {
inherit system;
modules = [
../maintainers/scripts/openstack/openstack-image.nix
../modules/testing/test-instrumentation.nix
../modules/profiles/qemu-guest.nix
{
# Needed by nixos-rebuild due to lack of network access.
system.extraDependencies = with pkgs; [
stdenv
];
}
];
}).config.system.build.openstackImage + "/nixos.qcow2";
sshKeys = import ./ssh-keys.nix pkgs;
snakeOilPrivateKey = sshKeys.snakeOilPrivateKey.text;
snakeOilPrivateKeyFile = pkgs.writeText "private-key" snakeOilPrivateKey;
snakeOilPublicKey = sshKeys.snakeOilPublicKey;
in {
@ -39,32 +39,36 @@ in {
SSH_HOST_ED25519_KEY:${replaceStrings ["\n"] ["|"] snakeOilPrivateKey}
'';
script = ''
$machine->start;
$machine->waitForFile("/etc/ec2-metadata/user-data");
$machine->waitForUnit("sshd.service");
machine.start()
machine.wait_for_file("/etc/ec2-metadata/user-data")
machine.wait_for_unit("sshd.service")
$machine->succeed("grep unknown /etc/ec2-metadata/ami-manifest-path");
machine.succeed("grep unknown /etc/ec2-metadata/ami-manifest-path")
# We have no keys configured on the client side yet, so this should fail
$machine->fail("ssh -o BatchMode=yes localhost exit");
machine.fail("ssh -o BatchMode=yes localhost exit")
# Let's install our client private key
$machine->succeed("mkdir -p ~/.ssh");
machine.succeed("mkdir -p ~/.ssh")
$machine->succeed("echo '${snakeOilPrivateKey}' > ~/.ssh/id_ed25519");
$machine->succeed("chmod 600 ~/.ssh/id_ed25519");
machine.copy_from_host_via_shell(
"${snakeOilPrivateKeyFile}", "~/.ssh/id_ed25519"
)
machine.succeed("chmod 600 ~/.ssh/id_ed25519")
# We haven't configured the host key yet, so this should still fail
$machine->fail("ssh -o BatchMode=yes localhost exit");
machine.fail("ssh -o BatchMode=yes localhost exit")
# Add the host key; ssh should finally succeed
$machine->succeed("echo localhost,127.0.0.1 ${snakeOilPublicKey} > ~/.ssh/known_hosts");
$machine->succeed("ssh -o BatchMode=yes localhost exit");
machine.succeed(
"echo localhost,127.0.0.1 ${snakeOilPublicKey} > ~/.ssh/known_hosts"
)
machine.succeed("ssh -o BatchMode=yes localhost exit")
# Just to make sure resizing is idempotent.
$machine->shutdown;
$machine->start;
$machine->waitForFile("/etc/ec2-metadata/user-data");
machine.shutdown()
machine.start()
machine.wait_for_file("/etc/ec2-metadata/user-data")
'';
};
@ -86,9 +90,9 @@ in {
}
'';
script = ''
$machine->start;
$machine->waitForFile("/etc/testFile");
$machine->succeed("cat /etc/testFile | grep -q 'whoa'");
machine.start()
machine.wait_for_file("/etc/testFile")
assert "whoa" in machine.succeed("cat /etc/testFile")
'';
};
}

View file

@ -4,11 +4,11 @@
with stdenv.lib;
stdenv.mkDerivation rec {
pname = "clightning";
version = "0.9.0";
version = "0.9.0-1";
src = fetchurl {
url = "https://github.com/ElementsProject/lightning/releases/download/v${version}/clightning-v${version}.zip";
sha256 = "11ig5bqxvhx82gq9nl7c5iqaf3x8xbwfx7cf2318pyqdimz4r1v6";
sha256 = "01cwcrqysqsrf96bbbj0grm8j5m46a3acgwy0kzxdx05jdzld9sc";
};
enableParallelBuilding = true;

View file

@ -0,0 +1,32 @@
{ stdenv, fetchurl }:
stdenv.mkDerivation rec {
pname = "dcw-gmt";
version = "1.1.4";
src = fetchurl {
url = "ftp://ftp.soest.hawaii.edu/gmt/dcw-gmt-${version}.tar.gz";
sha256 = "8d47402abcd7f54a0f711365cd022e4eaea7da324edac83611ca035ea443aad3";
};
installPhase = ''
mkdir -p $out/share/dcw-gmt
cp -rv ./* $out/share/dcw-gmt
'';
meta = with stdenv.lib; {
homepage = "https://www.soest.hawaii.edu/pwessel/dcw/";
description = "Vector basemap of the world, for use with GMT";
longDescription = ''
DCW-GMT is an enhancement to the original 1:1,000,000 scale vector basemap
of the world, available from the Princeton University Digital Map and
Geospatial Information Center. It contains more state boundaries (the
largest 8 countries are now represented) than the original data
source. Information about DCW can be found on Wikipedia
(https://en.wikipedia.org/wiki/Digital_Chart_of_the_World). This data is
for use by GMT, the Generic Mapping Tools.
'';
license = licenses.lgpl3Plus;
maintainers = with maintainers; [ tviti ];
};
}

View file

@ -0,0 +1,73 @@
{ stdenv, fetchurl, cmake, curl, Accelerate, CoreGraphics, CoreVideo
, fftwSinglePrec, netcdf, pcre, gdal, blas, lapack, glibc, ghostscript, dcw-gmt
, gshhg-gmt }:
/* The onus is on the user to also install:
- ffmpeg for webm or mp4 output
- graphicsmagick for gif output
*/
stdenv.mkDerivation rec {
pname = "gmt";
version = "6.1.0";
src = fetchurl {
url = "https://github.com/GenericMappingTools/gmt/releases/download/${version}/gmt-${version}-src.tar.gz";
sha256 = "0vzxzpvbf1sqma2airsibxvqb9m4sajm7jsfr7rrv6q7924c7ijw";
};
nativeBuildInputs = [ cmake ];
buildInputs = [ curl gdal netcdf pcre dcw-gmt gshhg-gmt ]
++ (if stdenv.isDarwin then [
Accelerate
CoreGraphics
CoreVideo
] else [
glibc
fftwSinglePrec
blas
lapack
]);
propagatedBuildInputs = [ ghostscript ];
cmakeFlags = [
"-DGMT_DOCDIR=share/doc/gmt"
"-DGMT_MANDIR=share/man"
"-DGMT_LIBDIR=lib"
"-DCOPY_GSHHG:BOOL=FALSE"
"-DGSHHG_ROOT=${gshhg-gmt.out}/share/gshhg-gmt"
"-DCOPY_DCW:BOOL=FALSE"
"-DDCW_ROOT=${dcw-gmt.out}/share/dcw-gmt"
"-DGDAL_ROOT=${gdal.out}"
"-DNETCDF_ROOT=${netcdf.out}"
"-DPCRE_ROOT=${pcre.out}"
"-DGMT_INSTALL_TRADITIONAL_FOLDERNAMES:BOOL=FALSE"
"-DGMT_ENABLE_OPENMP:BOOL=TRUE"
"-DGMT_INSTALL_MODULE_LINKS:BOOL=FALSE"
"-DLICENSE_RESTRICTED=LGPL" # "GPL" and "no" also valid
] ++ (with stdenv;
lib.optional (!isDarwin) [
"-DFFTW3_ROOT=${fftwSinglePrec.dev}"
"-DLAPACK_LIBRARY=${lapack}/lib/liblapack.so"
"-DBLAS_LIBRARY=${blas}/lib/libblas.so"
]);
meta = with stdenv.lib; {
homepage = "https://www.generic-mapping-tools.org";
description = "Tools for manipulating geographic and cartesian data sets";
longDescription = ''
GMT is an open-source collection of command-line tools for manipulating
geographic and Cartesian data sets (including filtering, trend fitting,
gridding, projecting, etc.) and producing high-quality illustrations
ranging from simple xy plots via contour maps to artificially illuminated
surfaces and 3D perspective views. It supports many map projections and
transformations and includes supporting data such as coastlines, rivers,
and political boundaries and optionally country polygons.
'';
platforms = [ "x86_64-linux" "x86_64-darwin" ];
license = licenses.lgpl3Plus;
maintainers = with maintainers; [ tviti ];
};
}

View file

@ -0,0 +1,31 @@
{ stdenv, fetchurl }:
stdenv.mkDerivation rec {
pname = "gshhg-gmt";
version = "2.3.7";
src = fetchurl {
url = "ftp://ftp.soest.hawaii.edu/gmt/gshhg-gmt-${version}.tar.gz";
sha256 = "9bb1a956fca0718c083bef842e625797535a00ce81f175df08b042c2a92cfe7f";
};
installPhase = ''
mkdir -p $out/share/gshhg-gmt
cp -rv ./* $out/share/gshhg-gmt
'';
meta = with stdenv.lib; {
homepage = "https://www.soest.hawaii.edu/pwessel/gshhg/";
description = "High-resolution shoreline data set, for use with GMT";
longDescription = ''
GSHHG is a high-resolution shoreline data set amalgamated from two
databases: Global Self-consistent Hierarchical High-resolution Shorelines
(GSHHS) and CIA World Data Bank II (WDBII). GSHHG contains vector
descriptions at five different resolutions of land outlines, lakes,
rivers, and political boundaries. This data is for use by GMT, the Generic
Mapping Tools.
'';
license = licenses.lgpl3Plus;
maintainers = with maintainers; [ tviti ];
};
}

View file

@ -1,29 +1,22 @@
{ mkDerivation, stdenv, lib, qtbase, qtsvg, libglvnd, libX11, libXi, fetchurl, makeDesktopItem }:
let
# taken from: https://www.iconfinder.com/icons/50835/edit_pencil_write_icon
# license: Free for commercial use
desktopIcon = fetchurl {
url = "https://www.iconfinder.com/icons/50835/download/png/256";
sha256 = "0abdya42yf9alxbsmc2nf8jwld50zfria6z3d4ncvp1zw2a9jhb8";
desktopItem = makeDesktopItem {
name = "Write";
exec = "Write";
comment = "A word processor for handwriting";
icon = "write_stylus";
desktopName = "Write";
genericName = "Write";
categories = "Office;Graphics";
};
in
mkDerivation rec {
pname = "write_stylus";
version = "300";
desktopItem = makeDesktopItem {
name = "Write";
exec = "Write";
comment = "A word processor for handwriting";
icon = desktopIcon;
desktopName = "Write";
genericName = "Write";
categories = "Office;Graphics";
};
src = fetchurl {
url = "http://www.styluslabs.com/write/write${version}.tar.gz";
sha256 = "1kg4qqxgg7iyxl13hkbl3j27dykra56dj67hbv0392mwdcgavihq";
sha256 = "0h1wf3af7jzp3f3l8mlnshi83d7a4v4y8nfqfai4lmskyicqlz7c";
};
sourceRoot = ".";
@ -36,8 +29,11 @@ mkDerivation rec {
# symlink the binary to bin/
ln -s $out/Write/Write $out/bin/Write
# Create desktop item
mkdir -p $out/share/applications
ln -s ${desktopItem}/share/applications/* $out/share/applications/
mkdir -p $out/share/icons
ln -s $out/Write/Write144x144.png $out/share/icons/write_stylus.png
'';
preFixup = let
libPath = lib.makeLibraryPath [

View file

@ -0,0 +1,25 @@
{ buildPythonApplication, fetchFromGitHub, nose, openjdk, lib }:
buildPythonApplication rec {
pname = "html5validator";
version = "0.3.3";
src = fetchFromGitHub {
owner = "svenkreiss";
repo = "html5validator";
rev = "v${version}";
sha256 = "130acqi0dsy3midg7hwslykzry6crr4ln6ia0f0avyywkz4bplsv";
};
propagatedBuildInputs = [ openjdk ];
checkInputs = [ nose ];
checkPhase = "PATH=$PATH:$out/bin nosetests";
meta = with lib; {
homepage = "https://github.com/svenkreiss/html5validator";
description = "Command line tool that tests files for HTML5 validity";
license = licenses.mit;
maintainers = [ maintainers.phunehehe ];
};
}

View file

@ -0,0 +1,50 @@
{ stdenv
, fetchurl
, rpmextract
, patchelf
, makeWrapper
, openssl
}:
stdenv.mkDerivation rec {
pname = "snowsql";
version = "1.2.5";
src = fetchurl {
url = "https://sfc-repo.snowflakecomputing.com/snowsql/bootstrap/1.2/linux_x86_64/snowflake-snowsql-1.2.5-1.x86_64.rpm";
sha256 = "c66e2044640197f4a5b5a16b89e8e7c6a816aa539004a0fb016aab185795f2d5";
};
nativeBuildInputs = [ rpmextract makeWrapper ];
libPath =
stdenv.lib.makeLibraryPath
[
openssl
];
buildCommand = ''
mkdir -p $out/bin/
cd $out
rpmextract $src
rm -R usr/bin
mv usr/* $out
rmdir usr
${patchelf}/bin/patchelf \
--set-interpreter $(cat $NIX_CC/nix-support/dynamic-linker) \
lib64/snowflake/snowsql/snowsql
makeWrapper $out/lib64/snowflake/snowsql/snowsql $out/bin/snowsql \
--set LD_LIBRARY_PATH "${libPath}":"${placeholder "out"}"/lib64/snowflake/snowsql \
'';
meta = with stdenv.lib; {
description = "Command line client for the Snowflake database";
homepage = "https://www.snowflake.com";
license = licenses.unfree;
maintainers = with maintainers; [ andehen ];
platforms = [ "x86_64-linux" ];
};
}

View file

@ -1,32 +0,0 @@
{ mkDerivation, fetchgit, aeson, aeson-pretty, base, bytestring, directory
, filepath, hspec, hspec-core, HUnit, mtl, optparse-applicative
, parsec, process, pureMD5, QuickCheck, shelly, stdenv, text
, transformers, unix
}:
mkDerivation {
pname = "super-user-spark";
version = "0.3.2.0-dev";
src = fetchgit {
url = "https://github.com/NorfairKing/super-user-spark";
sha256 = "0akyc51bghzkk8j75n0i8v8rrsklidwvljhx3aibxfbkqp33372g";
rev = "ab8635682d67842b9e6d909cf3c618014e4157f2";
};
isLibrary = true;
isExecutable = true;
libraryHaskellDepends = [
aeson aeson-pretty base bytestring directory filepath mtl
optparse-applicative parsec process pureMD5 shelly text
transformers unix
];
executableHaskellDepends = [ base ];
testHaskellDepends = [
aeson aeson-pretty base bytestring directory filepath hspec
hspec-core HUnit mtl optparse-applicative parsec process pureMD5
QuickCheck shelly text transformers unix
];
jailbreak = true;
description = "Configure your dotfile deployment with a DSL";
license = stdenv.lib.licenses.mit;
homepage = "https://github.com/NorfairKing/super-user-spark";
maintainers = [ stdenv.lib.maintainers.badi ];
}

View file

@ -47,11 +47,11 @@ let
in stdenv.mkDerivation rec {
pname = "opera";
version = "67.0.3575.31";
version = "68.0.3618.63";
src = fetchurl {
url = "${mirror}/${version}/linux/${pname}-stable_${version}_amd64.deb";
sha256 = "1ghygin7xf5lwd77s8f6bag339di4alwlkqwjzlq20wzwx4lns4w";
sha256 = "1643043ywz94x2yr7xyw7krfq53iwkr8qxlbydzq6zb2zina7jxd";
};
unpackCmd = "${dpkg}/bin/dpkg-deb -x $curSrc .";

View file

@ -19,16 +19,16 @@ let
in
buildGoModule rec {
pname = "argo";
version = "2.9.5";
version = "2.10.0";
src = fetchFromGitHub {
owner = "argoproj";
repo = "argo";
rev = "v${version}";
sha256 = "1x44mgvnbn47a33xnhnh9bxxvj1vsr32lvh9bq6w5hpmxb7qbq4f";
sha256 = "19z1v6p59pcl8smywn1b5igqpv9wj48n6500wjxx5ayhc4mg00h2";
};
vendorSha256 = "1vqmzz76lcwwnw89n4lyg4jjf7wbdgn9sdzwsgrjwkj8ax7d48cv";
vendorSha256 = "0fqdxs3r4249qxlc9cac0lpbqf2aifkcah07v0cckb9rxfyiwhjz";
doCheck = false;

View file

@ -38,7 +38,7 @@ buildGoModule rec {
"plugins/meta/tuning"
];
passthru.tests.podman = nixosTests.podman;
passthru.tests = { inherit (nixosTests) cri-o podman; };
meta = with lib; {
description = "Some standard networking plugins, maintained by the CNI team";

View file

@ -2,16 +2,16 @@
buildGoModule rec {
pname = "helmfile";
version = "0.125.5";
version = "0.125.7";
src = fetchFromGitHub {
owner = "roboll";
repo = "helmfile";
rev = "v${version}";
sha256 = "00c1sppvdnsqay8zk6fz5xz8yw74zv30hq54r4sf1a5rb84nd05h";
sha256 = "1m030gjrd98z4vbj7l927qi55vgr11czrb8wmw56ifkqwfi6h9hi";
};
vendorSha256 = "04mga3jc2c01daygjcn245mv30lc2ibax0mpb1wjk3s8lkl4cxcz";
vendorSha256 = "0w72nlf26k64cq1hrqycks0pyp18y4wh3h40jpn5qnysi5pb2ndj";
doCheck = false;

View file

@ -1,22 +1,56 @@
{ stdenv, fetchFromGitHub, buildGoPackage }:
{ stdenv, fetchFromGitHub, buildGoPackage, bash, makeWrapper }:
buildGoPackage rec {
pname = "amazon-ssm-agent";
version = "2.0.633.0";
version = "2.3.1319.0";
goPackagePath = "github.com/aws/${pname}";
subPackages = [ "agent" ];
subPackages = [
"agent"
"agent/framework/processor/executer/outofproc/worker"
"agent/framework/processor/executer/outofproc/worker"
"agent/framework/processor/executer/outofproc/sessionworker"
"agent/session/logging"
"agent/cli-main"
];
buildInputs = [ makeWrapper ];
src = fetchFromGitHub {
rev = "v${version}";
rev = version;
owner = "aws";
repo = pname;
sha256 = "10arshfn2k3m3zzgw8b3xc6ywd0ss73746nq5srh2jir7mjzi4xv";
sha256 = "1yiyhj7ckqa32b1rnbwn7zx89rsj00m5imn1xlpsw002ywxsxbnv";
};
preBuild = ''
mv go/src/${goPackagePath}/vendor strange-vendor
mv strange-vendor/src go/src/${goPackagePath}/vendor
cd go/src/${goPackagePath}
echo ${version} > VERSION
substituteInPlace agent/plugins/inventory/gatherers/application/dataProvider.go \
--replace '"github.com/aws/amazon-ssm-agent/agent/plugins/configurepackage/localpackages"' ""
go run agent/version/versiongenerator/version-gen.go
substituteInPlace agent/appconfig/constants_unix.go \
--replace /usr/bin/ssm-document-worker $bin/bin/ssm-document-worker \
--replace /usr/bin/ssm-session-worker $bin/bin/ssm-session-worker \
--replace /usr/bin/ssm-session-logger $bin/bin/ssm-session-logger
cd -
'';
postBuild = ''
mv go/bin/agent go/bin/amazon-ssm-agent
mv go/bin/worker go/bin/ssm-document-worker
mv go/bin/sessionworker go/bin/ssm-session-worker
mv go/bin/logging go/bin/ssm-session-logger
mv go/bin/cli-main go/bin/ssm-cli
'';
postInstall = ''
wrapProgram $out/bin/amazon-ssm-agent --prefix PATH : ${bash}/bin
'';
meta = with stdenv.lib; {
@ -24,7 +58,6 @@ buildGoPackage rec {
homepage = "https://github.com/aws/amazon-ssm-agent";
license = licenses.asl20;
platforms = platforms.unix;
maintainers = with maintainers; [ copumpkin ];
maintainers = with maintainers; [ copumpkin manveru ];
};
}

View file

@ -0,0 +1,21 @@
{ stdenv, fetchurl, ncurses }:
stdenv.mkDerivation rec {
pname = "ytalk";
version = "3.3.0";
src = fetchurl {
url = "ftp://ftp.ourproject.org/pub/ytalk/${pname}-${version}.tar.gz";
sha256 = "1d3jhnj8rgzxyxjwfa22vh45qwzjvxw1qh8fz6b7nfkj3zvk9jvf";
};
buildInputs = [ ncurses ];
meta = {
homepage = "http://ytalk.ourproject.org";
description = "A terminal based talk client";
platforms = stdenv.lib.platforms.unix;
maintainers = with stdenv.lib.maintainers; [ taeer ];
license = stdenv.lib.licenses.gpl2Plus;
};
}

View file

@ -2,13 +2,13 @@
buildGoModule rec {
pname = "nextdns";
version = "1.7.0";
version = "1.7.1";
src = fetchFromGitHub {
owner = "nextdns";
repo = "nextdns";
rev = "v${version}";
sha256 = "15xw8d6b9rv0lalzfllixm8n89clz9j8ag1gk4r16k7yv5l6xrpd";
sha256 = "001swxmf7ga2g0ri3gsnwvgjcarwdhfg476ymblg34kk9wclidmy";
};
vendorSha256 = "09whpzsn16znyrknfm5zlhla253r69j6d751czza4c83m4r36swj";

View file

@ -14,16 +14,16 @@
rustPlatform.buildRustPackage rec {
pname = "espanso";
version = "0.6.3";
version = "0.7.0";
src = fetchFromGitHub {
owner = "federico-terzi";
repo = pname;
rev = "v${version}";
sha256 = "1x5p7hniapggqd18rx26mjvdf33z7rm7zz5vsqm2siv3mcl19033";
sha256 = "11xdnn1iwpx58s3wvjb6dkgfc6dzsblzb6fngc0np5vx8r2pccpg";
};
cargoSha256 = "0liwwdncymjql5dw7rwhhimcr7qdbyvfgmsd0bawvi0ym7m1v408";
cargoSha256 = "1yjpqjfrixscg52yhalybgp734w3sdqg5hxka8ppcvz7lp3w5b1s";
nativeBuildInputs = [
extra-cmake-modules

View file

@ -1,32 +1,34 @@
{ stdenv, fetchurl, unzip, jre }:
{ stdenv, fetchzip, jdk11 }:
stdenv.mkDerivation rec {
pname = "igv";
version = "2.4.19";
src = fetchurl {
url = "https://data.broadinstitute.org/igv/projects/downloads/2.4/IGV_${version}.zip";
sha256 = "048dgrhxcb854d24kyjkqz12bw04bsv49i5jawb75yzkswwfkb0z";
version = "2.8.9";
src = fetchzip {
url = "https://data.broadinstitute.org/igv/projects/downloads/2.8/IGV_${version}.zip";
sha256 = "1874w1xprv91caz1ymfxilq6inhj36xzx8j9m0mcyp0qfvfvyjp7";
};
buildInputs = [ unzip jre ];
installPhase = ''
mkdir -pv $out/{share,bin}
cp -Rv * $out/share/
sed -i "s#prefix=.*#prefix=$out/share#g" $out/share/igv.sh
sed -i 's#java#${jre}/bin/java#g' $out/share/igv.sh
sed -i 's#java#${jdk11}/bin/java#g' $out/share/igv.sh
sed -i "s#prefix=.*#prefix=$out/share#g" $out/share/igvtools
sed -i 's#java#${jdk11}/bin/java#g' $out/share/igvtools
ln -s $out/share/igv.sh $out/bin/igv
ln -s $out/share/igvtools $out/bin/igvtools
chmod +x $out/bin/igv
chmod +x $out/bin/igvtools
'';
meta = with stdenv.lib; {
homepage = "https://www.broadinstitute.org/igv/";
description = "A visualization tool for interactive exploration of genomic datasets";
license = licenses.lgpl21;
license = licenses.mit;
platforms = platforms.unix;
maintainers = [ maintainers.mimame ];
};

View file

@ -32,7 +32,7 @@ stdenv.mkDerivation rec {
i18n = libraries.i18n;
pname = "kicad-base";
version = "${versions.${baseName}.kicadVersion.version}";
version = "${builtins.substring 0 10 versions.${baseName}.kicadVersion.src.rev}";
src = fetchFromGitLab (
{

View file

@ -9,7 +9,7 @@
, oceSupport ? false, opencascade
, withOCCT ? true, opencascade-occt
, ngspiceSupport ? true, libngspice
, scriptingSupport ? false, swig, python3
, scriptingSupport ? true, swig, python3
, debug ? false, valgrind
, with3d ? true
, withI18n ? true

View file

@ -15,7 +15,9 @@ let
mkLib = name:
stdenv.mkDerivation {
pname = "kicad-${name}";
version = "${version}";
# Use the revision instead of `version` (which is an ISO 8601 date)
# to prevent duplicating the library when just the date changed
version = "${builtins.substring 0 10 libSources.${name}.rev}";
src = fetchFromGitHub (
{
owner = "KiCad";
@ -50,7 +52,7 @@ in
i18n = let name = "i18n"; in
stdenv.mkDerivation {
pname = "kicad-${name}";
version = "${version}";
version = "${builtins.substring 0 10 libSources.${name}.rev}";
src = fetchFromGitLab (
{
group = "kicad";

View file

@ -27,25 +27,25 @@
};
"kicad-unstable" = {
kicadVersion = {
version = "2020-07-21";
version = "2020-08-22";
src = {
rev = "9a801d8b72f24e297a7d9d6e8cee2eef6cab2988";
sha256 = "0yilmmng7y3rz1bxw2b0s0aqs8hdqr7ach2r45bx8v1f4bih4ka9";
rev = "a2341f0f335b0abb9fc8cb86d19cbe6f9b38fade";
sha256 = "0167yb39f800xarq3khn7sbdkgcx9j2ayhy8c7lhhks6kh7459g0";
};
};
libVersion = {
version = "2020-07-21";
version = "2020-08-22";
libSources = {
i18n.rev = "a311975d139caf8be9848dd613a9800570adc245";
i18n.sha256 = "1bkn2hhwcg8xdpn9yfm9nnqsg02c1nizhpxd4yhpxgifhh4psz1g";
symbols.rev = "18572c4c118fe8ef779edf3131eebf2c33c6fa46";
symbols.sha256 = "0hqx0aznzrnlbdkpsnl8mbs9bdgiv029d6zjh10nyjzcw27q3hxz";
i18n.rev = "cbbb1efd940094bf0c3168280698b2b059a8c509";
i18n.sha256 = "1q4jakn6m8smnr2mg7jgb520nrb6fag9mdvlcpx3smp3qbxka818";
symbols.rev = "9ca6a5348cdeb88e699582d4ed051ff7303b44d3";
symbols.sha256 = "13w6pb34rhz96rnar25z7kiscy6q1fm8l39hq1bpb8g9yn86ssz4";
templates.rev = "ae16953b81055855bcede4a33305413599d86a15";
templates.sha256 = "1pkv90p3liy3bj4nklxsvpzh9m56p0k5ldr22armvgqfaqaadx9v";
footprints.rev = "4835f80b4a52256aa7a3eb650e6e0fef33a77d0d";
footprints.sha256 = "00rc6phxmkry35i0xzry14axvh2akvvkly45s3xxi06vaydaw7i5";
packages3d.rev = "9b560cf94a35b692ca516d37bdaf392ce10e549d";
packages3d.sha256 = "0b9jglf77fy0n0r8xs4yqkv6zvipyfvp0z5dnqlzp32csy5aqpi1";
footprints.rev = "f94c2d5d619d16033f69a555b449f59604d97865";
footprints.sha256 = "1g71sk77jvqaf9xvgq6dkyvd9pij2lb4n0bn0dqnwddhwam935db";
packages3d.rev = "f699b0e3c13fe75618086913e39279c85da14cc7";
packages3d.sha256 = "0m5rb5axa946v729z35ga84in76y4zpk32qzi0hwqx957zy72hs9";
};
};
};

View file

@ -1,22 +1,29 @@
{ stdenv, fetchurl, perl, flex, bison }:
{ stdenv, fetchurl
, perl, flex, bison
}:
stdenv.mkDerivation rec {
pname = "verilator";
version = "4.036";
version = "4.040";
src = fetchurl {
url = "https://www.veripool.org/ftp/${pname}-${version}.tgz";
sha256 = "1sy02pgq3kvk8548l57hsh08vfbqdg8dghj8mwlybdi8fdjz4z1h";
sha256 = "1qy0wllsmxva3c838spxwmacxx36r3njxwhgp172m4l3829785bf";
};
enableParallelBuilding = true;
buildInputs = [ perl flex bison ];
buildInputs = [ perl ];
nativeBuildInputs = [ flex bison ];
meta = {
# these tests need some interpreter paths patched early on...
doCheck = false;
checkTarget = "test";
meta = with stdenv.lib; {
description = "Fast and robust (System)Verilog simulator/compiler";
homepage = "https://www.veripool.org/wiki/verilator";
license = stdenv.lib.licenses.lgpl3;
platforms = stdenv.lib.platforms.unix;
maintainers = with stdenv.lib.maintainers; [ thoughtpolice ];
license = licenses.lgpl3;
platforms = platforms.unix;
maintainers = with maintainers; [ thoughtpolice ];
};
}

View file

@ -3,18 +3,18 @@
stdenv.mkDerivation rec {
pname = "isabelle";
version = "2018";
version = "2020";
dirname = "Isabelle${version}";
src = if stdenv.isDarwin
then fetchurl {
url = "http://isabelle.in.tum.de/website-${dirname}/dist/${dirname}.dmg";
sha256 = "0jwnvsf5whklq14ihaxs7b9nbic94mm56nvxljrdbvl6y628j9r5";
url = "https://isabelle.in.tum.de/website-${dirname}/dist/${dirname}_macos.tar.gz";
sha256 = "1sfr5filsaqj93g5y4p9n8g5652dhr4whj25x4lifdxr2pp560xx";
}
else fetchurl {
url = "https://isabelle.in.tum.de/website-${dirname}/dist/${dirname}_linux.tar.gz";
sha256 = "1928lwrw1v1p9s23kix30ncpqm8djmrnjixj82f3ni2a8sc3hrsp";
sha256 = "1bibabhlsvf6qsjjkgxcpq3cvl1z7r8yfcgqbhbvsiv69n3gyfk3";
};
buildInputs = [ perl polyml z3 ]
@ -42,14 +42,14 @@ stdenv.mkDerivation rec {
ML_SOURCES="\$POLYML_HOME/src"
EOF
cat >contrib/jdk/etc/settings <<EOF
cat >contrib/jdk*/etc/settings <<EOF
ISABELLE_JAVA_PLATFORM=${stdenv.system}
ISABELLE_JDK_HOME=${java}
EOF
echo ISABELLE_LINE_EDITOR=${rlwrap}/bin/rlwrap >>etc/settings
for comp in contrib/jdk contrib/polyml-* contrib/z3-*; do
for comp in contrib/jdk* contrib/polyml-* contrib/z3-*; do
rm -rf $comp/x86*
done
'' + (if ! stdenv.isLinux then "" else ''
@ -66,7 +66,7 @@ stdenv.mkDerivation rec {
bin/isabelle install $out/bin
'';
meta = {
meta = with stdenv.lib; {
description = "A generic proof assistant";
longDescription = ''
@ -74,9 +74,9 @@ stdenv.mkDerivation rec {
to be expressed in a formal language and provides tools for proving those
formulas in a logical calculus.
'';
homepage = "http://isabelle.in.tum.de/";
license = "LGPL";
maintainers = [ stdenv.lib.maintainers.jwiegley ];
platforms = stdenv.lib.platforms.linux;
homepage = "https://isabelle.in.tum.de/";
license = licenses.bsd3;
maintainers = [ maintainers.jwiegley ];
platforms = platforms.linux;
};
}

View file

@ -7,13 +7,13 @@ let
in
stdenv.mkDerivation {
pname = "mcy";
version = "2020.07.06";
version = "2020.08.03";
src = fetchFromGitHub {
owner = "YosysHQ";
repo = "mcy";
rev = "6e8433ed9acbface5e080719110a957d89d849df";
sha256 = "1vbzg0rgmf7kp735m6p4msxc51vpsrdwk24ir7z0zxsb8lv53gg7";
rev = "62048e69df13f8e03670424626755ae8ef4c36ff";
sha256 = "15xxgzx1zxzx5kshqyrxnfx33cz6cjzxcdcn6z98jhs9bwyvf96f";
};
buildInputs = [ python ];

View file

@ -1,20 +1,20 @@
{ stdenv, fetchFromGitHub
, bash, python3, yosys
, yices, boolector, aiger
, yices, boolector, z3, aiger
}:
stdenv.mkDerivation {
pname = "symbiyosys";
version = "2020.07.03";
version = "2020.08.22";
src = fetchFromGitHub {
owner = "YosysHQ";
repo = "SymbiYosys";
rev = "06e80194c77f5cc38c6999b1d3047a2d6ca82e15";
sha256 = "1hl03qy98pgq24ijyimf9pf7qxp42l7cki66wx48jys4m1s6n8v9";
rev = "33b0bb7d836fe2a73dc7b10587222f2a718beef4";
sha256 = "03rbrbwsji1sqcp2yhgbc0fca04zsryv2g4izjhdzv64nqjzjyhn";
};
buildInputs = [ python3 ];
buildInputs = [ ];
patchPhase = ''
patchShebangs .
@ -26,14 +26,15 @@ stdenv.mkDerivation {
# Fix various executable references
substituteInPlace sbysrc/sby_core.py \
--replace '"/usr/bin/env", "bash"' '"${bash}/bin/bash"' \
--replace ': "btormc"' ': "${boolector}/bin/btormc"' \
--replace ': "yosys"' ': "${yosys}/bin/yosys"' \
--replace ': "yosys-smtbmc"' ': "${yosys}/bin/yosys-smtbmc"' \
--replace ': "yosys-abc"' ': "${yosys}/bin/yosys-abc"' \
--replace ': "aigbmc"' ': "${aiger}/bin/aigbmc"' \
--replace ', "btormc"' ', "${boolector}/bin/btormc"' \
--replace ', "aigbmc"' ', "${aiger}/bin/aigbmc"'
substituteInPlace sbysrc/sby_core.py \
--replace '##yosys-program-prefix##' '"${yosys}/bin/"'
'';
buildPhase = "true";
installPhase = ''
mkdir -p $out/bin $out/share/yosys/python3
@ -43,6 +44,10 @@ stdenv.mkDerivation {
chmod +x $out/bin/sby
'';
doCheck = false; # not all provers are yet packaged...
checkInputs = [ python3 yosys boolector yices z3 aiger ];
checkPhase = "make test";
meta = {
description = "Tooling for Yosys-based verification flows";
homepage = "https://symbiyosys.readthedocs.io/";

View file

@ -12,7 +12,11 @@ stdenv.mkDerivation rec {
};
patchPhase = ''
# The gnome-search-provider2.c file generated by gdbus-codegen depends
# on gio-unix-2.0, which is a Requires.private of gtk+-3.0,
# and private dependencies are dropped in our default patched pkg-config.
# https://github.com/Qalculate/qalculate-gtk/pull/178
# https://github.com/NixOS/nixpkgs/issues/292
substituteInPlace configure.ac --replace 'libxml-2.0' 'libxml-2.0 gio-unix-2.0'
# https://github.com/Qalculate/qalculate-gtk/pull/179

View file

@ -98,7 +98,7 @@ let
git-fame = callPackage ./git-fame {};
git-fast-export = callPackage ./fast-export { };
git-fast-export = callPackage ./fast-export { mercurial = mercurial_4; };
git-filter-repo = callPackage ./git-filter-repo {
pythonPackages = python3Packages;

View file

@ -1,13 +1,14 @@
{stdenv, fetchgit, mercurial, makeWrapper}:
{stdenv, fetchFromGitHub, git, mercurial, makeWrapper}:
stdenv.mkDerivation rec {
pname = "fast-export";
version = "190107";
version = "200213";
src = fetchgit {
url = "git://repo.or.cz/fast-export.git";
src = fetchFromGitHub {
owner = "frej";
repo = pname;
rev = "v${version}";
sha256 = "14azfps9jd5anivcvfwflgsvqdyy6gm9jy284kzx2ng9f7871d14";
sha256 = "0hzyh66rlawxip4n2pvz7pbs0cq82clqv1d6c7hf60v1drjxw287";
};
buildInputs = [mercurial.python mercurial makeWrapper];
@ -27,11 +28,34 @@ stdenv.mkDerivation rec {
for script in $out/bin/*.sh; do
wrapProgram $script \
--prefix PATH : "${mercurial.python}/bin":$libexec \
--prefix PATH : "${git}/bin":"${mercurial.python}/bin":$libexec \
--prefix PYTHONPATH : "${mercurial}/${mercurial.python.sitePackages}":$sitepackagesPath
done
'';
doInstallCheck = true;
# deliberately not adding git or hg into installCheckInputs - package should
# be able to work without them in runtime env
installCheckPhase = ''
mkdir repo-hg
pushd repo-hg
${mercurial}/bin/hg init
echo foo > bar
${mercurial}/bin/hg add bar
${mercurial}/bin/hg commit --message "baz"
popd
mkdir repo-git
pushd repo-git
${git}/bin/git init
${git}/bin/git config core.ignoreCase false # for darwin
$out/bin/hg-fast-export.sh -r ../repo-hg/ --hg-hash
for s in "foo" "bar" "baz" ; do
(${git}/bin/git show | grep $s > /dev/null) && echo $s found
done
popd
'';
meta = with stdenv.lib; {
description = "Import mercurial into git";
homepage = "https://repo.or.cz/w/fast-export.git";

View file

@ -24,7 +24,7 @@ stdenv.mkDerivation rec {
installFlags = [ "PREFIX=$(out)" ];
passthru.tests.podman = nixosTests.podman;
passthru.tests = { inherit (nixosTests) cri-o podman; };
meta = with stdenv.lib; {
homepage = "https://github.com/containers/conmon";

View file

@ -4,7 +4,7 @@ with lib;
buildGoPackage rec {
pname = "containerd";
version = "1.2.13";
version = "1.4.0";
# git commit for the above version's tag
commit = "7ad184331fa3e55e52b890ea95e65ba581ae3429";
@ -12,7 +12,7 @@ buildGoPackage rec {
owner = "containerd";
repo = "containerd";
rev = "v${version}";
sha256 = "1rac3iak3jpz57yarxc72bxgxvravwrl0j6s6w2nxrmh2m3kxqzn";
sha256 = "1ajns679ck5yp6vmf39pyshzf8jijw5fcg5biixkj54jhj3bv1sq";
};
goPackagePath = "github.com/containerd/containerd";

View file

@ -10,6 +10,7 @@
, libselinux
, lvm2
, pkg-config
, nixosTests
}:
buildGoModule rec {
@ -57,6 +58,8 @@ buildGoModule rec {
installManPage docs/*.[1-9]
'';
passthru.tests = { inherit (nixosTests) cri-o; };
meta = with stdenv.lib; {
homepage = "https://cri-o.io";
description = ''

View file

@ -27,7 +27,7 @@ let
in runCommand cri-o.name {
name = "${cri-o.pname}-wrapper-${cri-o.version}";
inherit (cri-o) pname version;
inherit (cri-o) pname version passthru;
meta = builtins.removeAttrs cri-o.meta [ "outputsToInstall" ];

View file

@ -63,7 +63,7 @@ stdenv.mkDerivation rec {
doCheck = true;
passthru.tests.podman = nixosTests.podman;
passthru.tests = { inherit (nixosTests) podman; };
meta = with lib; {
description = "A fast and lightweight fully featured OCI runtime and C library for running containers";

View file

@ -60,7 +60,7 @@ buildGoModule rec {
MANDIR=$man/share/man make install.man-nobuild
'';
passthru.tests.podman = nixosTests.podman;
passthru.tests = { inherit (nixosTests) podman; };
meta = with stdenv.lib; {
homepage = "https://podman.io/";

View file

@ -18,6 +18,7 @@
, openGLSupport ? sdlSupport, mesa, epoxy, libdrm
, virglSupport ? openGLSupport, virglrenderer
, smbdSupport ? false, samba
, tpmSupport ? true
, hostCpuOnly ? false
, hostCpuTargets ? (if hostCpuOnly
then (stdenv.lib.optional stdenv.isx86_64 "i386-softmmu"
@ -127,6 +128,7 @@ stdenv.mkDerivation rec {
++ optional cephSupport "--enable-rbd"
++ optional openGLSupport "--enable-opengl"
++ optional virglSupport "--enable-virglrenderer"
++ optional tpmSupport "--enable-tpm"
++ optional smbdSupport "--smbd=${samba}/bin/smbd";
doCheck = false; # tries to access /dev

View file

@ -45,7 +45,7 @@ buildGoPackage rec {
installManPage man/*/*.[1-9]
'';
passthru.tests.podman = nixosTests.podman;
passthru.tests = { inherit (nixosTests) cri-o podman; };
meta = with lib; {
homepage = "https://github.com/opencontainers/runc";

View file

@ -20,19 +20,12 @@ stdenv.mkDerivation rec {
'';
installPhase = ''
# install bdf fonts
# install otb and bdf fonts
fontDir="$out/share/fonts"
install -m 644 -D *.bdf -t "$fontDir"
mkfontdir "$fontDir"
# install otb fonts
fontDir="$otb/share/fonts"
install -m 644 -D *.otb -t "$fontDir"
install -m 644 -D *.bdf *.otb -t "$fontDir"
mkfontdir "$fontDir"
'';
outputs = [ "out" "otb" ];
meta = with stdenv.lib; {
description = "A Unicode font";
license = licenses.mit;

View file

@ -20,14 +20,10 @@ stdenv.mkDerivation rec {
'';
installPhase = ''
install -D -m644 creep.bdf "$out/share/fonts/misc/creep.bdf"
install -D -m644 creep.otb creep.bdf -t "$out/share/fonts/misc/"
mkfontdir "$out/share/fonts/misc"
install -D -m644 creep.otb "$otb/share/fonts/misc/creep.otb"
mkfontdir "$otb/share/fonts/misc"
'';
outputs = [ "out" "otb" ];
meta = with stdenv.lib; {
description = "A pretty sweet 4px wide pixel font";
homepage = "https://github.com/romeovs/creep";

View file

@ -41,15 +41,13 @@ stdenv.mkDerivation {
'';
installPhase = ''
install -D -m 644 -t "$out/share/fonts/misc" *.pcf.gz
install -D -m 644 -t "$out/share/fonts/misc" *.pcf.gz *.otb
install -D -m 644 -t "$bdf/share/fonts/misc" *.bdf
install -D -m 644 -t "$otb/share/fonts/misc" *.otb
mkfontdir "$out/share/fonts/misc"
mkfontdir "$bdf/share/fonts/misc"
mkfontdir "$otb/share/fonts/misc"
'';
outputs = [ "out" "bdf" "otb" ];
outputs = [ "out" "bdf" ];
meta = with stdenv.lib; {
description = "A monospace bitmap font aimed at programmers";

View file

@ -25,14 +25,10 @@ stdenv.mkDerivation {
'';
installPhase = ''
install -D -m 644 -t "$out/share/fonts/misc" *.pcf.gz
install -D -m 644 -t "$otb/share/fonts/misc" *.otb
install -D -m 644 -t "$out/share/fonts/misc" *.otb *.pcf.gz
mkfontdir "$out/share/fonts/misc"
mkfontdir "$otb/share/fonts/misc"
'';
outputs = [ "out" "otb" ];
meta = with stdenv.lib; {
description = ''
Readable bitmap font inspired by Envy Code R

View file

@ -52,19 +52,12 @@ stdenv.mkDerivation rec {
fontDir="$out/share/consolefonts"
install -D -m 644 -t "$fontDir" psf/*.psf
# install the pcf fonts (for xorg applications)
# install the pcf and otb fonts (for X11,GTK applications)
fontDir="$out/share/fonts/misc"
install -D -m 644 -t "$fontDir" *.pcf
mkfontdir "$fontDir"
# install the otb fonts (for gtk applications)
fontDir="$otb/share/fonts/misc"
install -D -m 644 -t "$fontDir" *.otb
install -D -m 644 -t "$fontDir" *.pcf *.otb
mkfontdir "$fontDir"
'';
outputs = [ "out" "otb" ];
meta = with stdenv.lib; {
description = ''
A monospace bitmap font well suited for programming and terminal use

View file

@ -28,15 +28,10 @@ stdenv.mkDerivation {
gzip -n -9 -c "$f" > "$out/share/fonts/misc/$f.gz"
done
install -D -m 644 LICENSE -t "$out/share/doc/$pname"
install -D -m 644 "$srcOtb/profontn.otb" -t $out/share/fonts/misc
mkfontdir "$out/share/fonts/misc"
cd $srcOtb
install -D -m 644 profontn.otb -t $otb/share/fonts/misc
mkfontdir "$otb/share/fonts/misc"
'';
outputs = [ "out" "otb" ];
meta = with stdenv.lib; {
homepage = "https://tobiasjung.name/profont/";
description = "A monospaced font created to be a most readable font for programming";

View file

@ -24,15 +24,13 @@ stdenv.mkDerivation rec {
'';
postInstall = ''
install -m 644 -D pcf/* -t "$out/share/fonts/misc"
install -m 644 -D *.otb pcf/* -t "$out/share/fonts/misc"
install -m 644 -D bdf/* -t "$bdf/share/fonts/misc"
install -m 644 -D *.otb -t "$otb/share/fonts/misc"
mkfontdir "$out/share/fonts/misc"
mkfontdir "$bdf/share/fonts/misc"
mkfontdir "$otb/share/fonts/misc"
'';
outputs = [ "out" "bdf" "otb" ];
outputs = [ "out" "bdf" ];
meta = with stdenv.lib; {
homepage = "https://github.com/stark/siji";

View file

@ -29,15 +29,11 @@ in stdenv.mkDerivation {
'';
installPhase = ''
install -m 644 -D *.pcf.gz -t "$out/share/fonts/misc"
install -m 644 -D *.otb *.pcf.gz -t "$out/share/fonts/misc"
install -m 644 -D *.psf.gz -t "$out/share/consolefonts"
install -m 644 -D *.otb -t "$otb/share/fonts/misc"
mkfontdir "$out/share/fonts/misc"
mkfontdir "$otb/share/fonts/misc"
'';
outputs = [ "out" "otb" ];
meta = with stdenv.lib; {
description = "A monospace bitmap font aimed at programmers";
longDescription = ''Tamsyn is a monospace bitmap font, primarily aimed at

View file

@ -14,15 +14,11 @@ stdenv.mkDerivation rec {
nativeBuildInputs = [ mkfontscale ];
installPhase = ''
install -m 644 -D pcf/*.pcf -t "$out/share/fonts/misc"
install -m 644 -D otb/*.otb pcf/*.pcf -t "$out/share/fonts/misc"
install -m 644 -D psf/*.psf -t "$out/share/consolefonts"
install -m 644 -D otb/*.otb -t "$otb/share/fonts/misc"
mkfontdir "$out/share/fonts/misc"
mkfontdir "$otb/share/fonts/misc"
'';
outputs = [ "out" "otb" ];
meta = with stdenv.lib; {
description = "Bitmapped programming font based on Tamsyn";
longDescription = ''

View file

@ -35,14 +35,12 @@ stdenv.mkDerivation rec {
postInstall = ''
# install otb fonts (for GTK applications)
install -m 644 -D *.otb -t "$otb/share/fonts/misc";
mkfontdir "$otb/share/fonts/misc"
install -m 644 -D *.otb -t "$out/share/fonts/misc";
mkfontdir "$out/share/fonts/misc"
'';
installTargets = [ "install" "fontdir" ];
outputs = [ "out" "otb" ];
meta = with stdenv.lib; {
description = "A clean fixed width font";
longDescription = ''

View file

@ -38,16 +38,10 @@ stdenv.mkDerivation rec {
installPhase = ''
fontDir="$out/share/fonts/misc"
install -m 644 -D out/* -t "$fontDir"
mkfontdir "$fontDir"
fontDir="$otb/share/fonts/misc"
install -m 644 -D *.otb -t "$fontDir"
install -m 644 -D *.otb out/* -t "$fontDir"
mkfontdir "$fontDir"
'';
outputs = [ "out" "otb" ];
meta = with stdenv.lib; {
description = "A nice bitmap font, readable even at small sizes";
longDescription = ''

View file

@ -42,16 +42,14 @@ stdenv.mkDerivation {
'';
installPhase = ''
install -m 644 -D *.pcf.gz -t "$out/share/fonts/misc"
install -m 644 -D *.bdf -t "$bdf/share/fonts/misc"
install -m 644 -D *.otb -t "$otb/share/fonts/misc"
install -m 644 -D *.otb *.pcf.gz -t "$out/share/fonts/misc"
install -m 644 -D *.bdf -t "$bdf/share/fonts/misc"
mkfontdir "$out/share/fonts/misc"
mkfontdir "$bdf/share/fonts/misc"
mkfontdir "$otb/share/fonts/misc"
'';
outputs = [ "out" "bdf" "otb" ];
outputs = [ "out" "bdf" ];
meta = with stdenv.lib; {
homepage = "https://www.cl.cam.ac.uk/~mgk25/ucs-fonts.html";

View file

@ -1,12 +1,12 @@
{ lib, fetchzip }:
let
version = "1.0";
version = "2.0";
in
fetchzip {
name = "ultimate-oldschool-pc-font-pack-${version}";
url = "https://int10h.org/oldschool-pc-fonts/download/ultimate_oldschool_pc_font_pack_v${version}.zip";
sha256 = "0hid4dgqfy2w26734vcw2rxmpacd9vd1r2qpdr9ww1n3kgc92k9y";
url = "https://int10h.org/oldschool-pc-fonts/download/oldschool_pc_font_pack_v${version}_ttf.zip";
sha256 = "0z0fw6ni7iq806y4m83xrfx46r14xxxql09ch2gxjqi062awqyh8";
postFetch= ''
mkdir -p $out/share/fonts/truetype

View file

@ -34,23 +34,20 @@ stdenv.mkDerivation {
'';
installPhase = ''
# install pcf (for X11 applications)
install -m 644 -D *.pcf.gz -t "$out/share/fonts"
# install pcf and otb (for X11 and GTK applications)
install -m 644 -D *.otb *.pcf.gz -t "$out/share/fonts"
mkfontdir "$out/share/fonts"
# install bdf font
install -m 644 -D *.bdf -t "$bdf/share/fonts"
mkfontdir "$bdf/share/fonts"
# install otb font (for GTK applications)
install -m 644 -D *.otb -t "$otb/share/fonts"
mkfontdir "$otb/share/fonts"
'' + optionalString stdenv.isLinux ''
# install psf (for linux virtual terminal)
install -m 644 -D *.psf.gz -t "$out/share/consolefonts"
'';
outputs = [ "out" "bdf" "otb" ];
outputs = [ "out" "bdf" ];
meta = {
description = "Unicode VGA font";

View file

@ -30,8 +30,8 @@ stdenv.mkDerivation rec {
installPhase =
''
# install otb fonts
install -m 644 -D unifont.otb "$otb/share/fonts/unifont.otb"
mkfontdir "$otb/share/fonts"
install -m 644 -D unifont.otb "$out/share/fonts/unifont.otb"
mkfontdir "$out/share/fonts"
# install pcf and ttf fonts
install -m 644 -D ${pcf} $out/share/fonts/unifont.pcf.gz
@ -41,8 +41,6 @@ stdenv.mkDerivation rec {
mkfontscale
'';
outputs = [ "out" "otb" ];
meta = with stdenv.lib; {
description = "Unicode font for Base Multilingual Plane";
homepage = "http://unifoundry.com/unifont.html";

View file

@ -67,7 +67,7 @@ stdenv.mkDerivation rec {
install -m 644 -D psf/*.psf -t "$fontDir"
# install otb fonts
fontDir="$otb/share/fonts/X11/misc"
fontDir="$out/share/fonts/X11/misc"
install -m 644 -D otb/*.otb -t "$fontDir"
mkfontdir "$fontDir"
'';
@ -80,8 +80,6 @@ stdenv.mkDerivation rec {
runHook postConfigure
'';
outputs = [ "out" "otb" ];
meta = with stdenv.lib; {
description = "Monospace bitmap screen fonts for X11";
homepage = "https://people.mpi-inf.mpg.de/~uwe/misc/uw-ttyp0/";

View file

@ -67,13 +67,13 @@ let
in
stdenv.mkDerivation rec {
pname = "gnome-shell";
version = "3.36.4";
version = "3.36.5";
outputs = [ "out" "devdoc" ];
src = fetchurl {
url = "mirror://gnome/sources/gnome-shell/${stdenv.lib.versions.majorMinor version}/${pname}-${version}.tar.xz";
sha256 = "1nyibrr98ijn65z9ki0k7xzcwcliwy2jqssz0l0jalpbkhnr751d";
url = "mirror://gnome/sources/${pname}/${stdenv.lib.versions.majorMinor version}/${pname}-${version}.tar.xz";
sha256 = "1hj7gmjmy92xndlgw7pzk5m6j2fbzcgfd1pxc32k38gml8qg19d4";
};
patches = [

View file

@ -1,26 +1,24 @@
{ stdenv, fetchFromGitLab }:
{ stdenv, fetchFromGitLab, glib, gnome3, unzip }:
stdenv.mkDerivation rec {
pname = "gnome-shell-extension-night-theme-switcher";
version = "19";
version = "36";
src = fetchFromGitLab {
owner = "rmnvgr";
repo = "nightthemeswitcher-gnome-shell-extension";
rev = "v${version}";
sha256 = "1ll0yf1skf51wa10mlrajd1dy459w33kx0i3vhfcx2pdk7mw5a3c";
sha256 = "1c88979qprwb5lj0v7va017w7rdr89a648anhw4k5q135jwyskpz";
};
# makefile tries to do install in home directory using
# `gnome-extensions install`
dontBuild = true;
buildInputs = [ glib gnome3.gnome-shell unzip ];
uuid = "nightthemeswitcher@romainvigier.fr";
installPhase = ''
runHook preInstall
mkdir -p $out/share/gnome-shell/extensions/
cp -r src/ $out/share/gnome-shell/extensions/${uuid}
unzip build/${uuid}.shell-extension.zip -d $out/share/gnome-shell/extensions/${uuid}
runHook postInstall
'';

View file

@ -1,52 +0,0 @@
{ stdenv, fetchurl, pkgconfig, makeWrapper
, gstreamer, gtk2, gst-plugins-base, libnotify
, keybinder, xfconf, xfce
}:
let
category = "apps";
# The usual Gstreamer plugins package has a zillion dependencies
# that we don't need for a simple mixer, so build a minimal package.
gst_plugins_minimal = gst-plugins-base.override {
minimalDeps = true;
};
in
stdenv.mkDerivation rec {
pname = "xfce4-volumed";
version = "0.1.13";
src = fetchurl {
url = "mirror://xfce/src/${category}/${pname}/${stdenv.lib.versions.majorMinor version}/${pname}-${version}.tar.bz2";
sha256 = "1aa0a1sbf9yzi7bc78kw044m0xzg1li3y4w9kf20wqv5kfjs7v2c";
};
buildInputs =
[ gstreamer gst_plugins_minimal gtk2
keybinder xfconf libnotify
];
nativeBuildInputs = [ pkgconfig makeWrapper ];
postInstall =
''
wrapProgram "$out/bin/xfce4-volumed" \
--prefix GST_PLUGIN_SYSTEM_PATH : "$GST_PLUGIN_SYSTEM_PATH"
'';
passthru.updateScript = xfce.updateScript {
inherit pname version;
attrPath = "xfce.${pname}";
versionLister = xfce.archiveLister category pname;
};
meta = with stdenv.lib; {
homepage = "https://www.xfce.org/projects/xfce4-volumed"; # referenced but inactive
description = "A volume keys control daemon for the Xfce desktop environment";
license = licenses.gpl3;
platforms = platforms.linux;
maintainers = [ maintainers.abbradar ];
};
}

View file

@ -88,9 +88,6 @@ lib.makeScope pkgs.newScope (self: with self; {
xfdashboard = callPackage ./applications/xfdashboard {};
# TODO: this repo is inactive for many years. Remove?
xfce4-volumed = callPackage ./applications/xfce4-volumed { };
xfce4-volumed-pulse = callPackage ./applications/xfce4-volumed-pulse { };
xfce4-notifyd = callPackage ./applications/xfce4-notifyd { };
@ -175,7 +172,6 @@ lib.makeScope pkgs.newScope (self: with self; {
xfce4notifyd = xfce4-notifyd;
xfce4taskmanager = xfce4-taskmanager;
xfce4terminal = xfce4-terminal;
xfce4volumed = xfce4-volumed;
xfce4volumed_pulse = xfce4-volumed-pulse;
xfce4icontheme = xfce4-icon-theme;
xfwm4themes = xfwm4-themes;

View file

@ -14,14 +14,14 @@ let
in
with stdenv; mkDerivation rec {
pname = "nextpnr";
version = "2020.07.08";
version = "2020.08.22";
srcs = [
(fetchFromGitHub {
owner = "YosysHQ";
repo = "nextpnr";
rev = "3cafb16aa634d2bc369077d8d36760d23973a35b";
sha256 = "0z6q8f2f97jr037d51h097vck9jspidjn0pb5irlj0xdnb5si0js";
rev = "c8ecb8341ca766e1e7565cc2b652b63eaba67508";
sha256 = "1cf9ad7w5x452qdc6m9c3in6v9yzip3n1as978lbdh76f5mc00fv";
name = "nextpnr";
})
(fetchFromGitHub {

View file

@ -16,13 +16,13 @@
stdenv.mkDerivation rec {
pname = "yosys";
version = "2020.07.07";
version = "2020.08.22";
src = fetchFromGitHub {
owner = "YosysHQ";
repo = "yosys";
rev = "000fd08198487cd1d36e65e4470f4b0269c23a2b";
sha256 = "01s252vwh4g1f4y99nfrkpf6hgvh9k63nz8hvpmjza5z8x6zf4i1";
rev = "12132b6850747aec99715fdfa3184fe3ebefa015";
sha256 = "1v6x1y2f3r8vi7pnkgx374rrv02xgmg9yg23f61n7d1v2rd6y5cc";
};
enableParallelBuilding = true;

View file

@ -6,6 +6,10 @@ let
version = "8.8";
sha256 = "075yjczk79pf1hd3lgdjiz84ilkzfxjh18lgzrhhqp7d3kz5lxp5";
};
v_8_10 = {
version = "8.10";
sha256 = "0r9gnh5a5ykiiz5h1i8xnzgiydpwc4z9qhndxyya85xq0f910qaz";
};
in
{
"8.7" = {
@ -14,10 +18,8 @@ let
};
"8.8" = v_8_8;
"8.9" = v_8_8;
"8.10" = {
version = "8.10";
sha256 = "0r9gnh5a5ykiiz5h1i8xnzgiydpwc4z9qhndxyya85xq0f910qaz";
};
"8.10" = v_8_10;
"8.11" = v_8_10;
};
param = params.${coq.coq-version};
in

View file

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
pname = "clojure";
version = "1.10.1.590";
version = "1.10.1.645";
src = fetchurl {
url = "https://download.clojure.org/install/clojure-tools-${version}.tar.gz";
sha256 = "18x8xkxsqwnv3k1mf42ylfv7zzjllm7yiagq16b2gkq62j5sm1k7";
sha256 = "1z6a9an8ls992y4japmzdxay7c5d2z9s2q1xl4g615r23jwpcsf9";
};
nativeBuildInputs = [
@ -23,6 +23,7 @@ stdenv.mkDerivation rec {
cp clojure-tools-${version}.jar $out/libexec
cp example-deps.edn $out
cp deps.edn $out
cp clj_exec.clj $out
substituteInPlace clojure --replace PREFIX $out

View file

@ -4,11 +4,11 @@
stdenv.mkDerivation rec {
pname = "groovy";
version = "3.0.2";
version = "3.0.3";
src = fetchurl {
url = "http://dl.bintray.com/groovy/maven/apache-groovy-binary-${version}.zip";
sha256 = "1ddw3fqrmwh4w6z6xgck4jhmq33rwgbmpjw07g12ri1vgw4xks9w";
sha256 = "0xdm70b61pdj8z3g08az16y9b6cpz5hv7iwvwfyfyxrjdi47h419";
};
buildInputs = [ unzip makeWrapper ];

View file

@ -59,7 +59,7 @@
# "libgcc_s.so.1 must be installed for pthread_cancel to work".
# don't have "libgcc_s.so.1" on darwin
LDFLAGS = stdenv.lib.optionalString (!stdenv.isDarwin) "-lgcc_s";
LDFLAGS = stdenv.lib.optionalString (!stdenv.isDarwin && !stdenv.hostPlatform.isMusl) "-lgcc_s";
configureFlags = [ "--with-libreadline-prefix" ]
++ stdenv.lib.optionals stdenv.isSunOS [

View file

@ -1,6 +1,6 @@
{ stdenv, fetchurl, pkgconfig, autoreconfHook, makeWrapper
, ncurses, cpio, gperf, cdrkit, flex, bison, qemu, pcre, augeas, libxml2
, acl, libcap, libcap_ng, libconfig, systemd, fuse, yajl, libvirt, hivex
, acl, libcap, libcap_ng, libconfig, systemd, fuse, yajl, libvirt, hivex, db
, gmp, readline, file, numactl, xen, libapparmor, jansson
, getopt, perlPackages, ocamlPackages
, appliance ? null
@ -22,7 +22,7 @@ stdenv.mkDerivation rec {
buildInputs = [
ncurses cpio gperf jansson
cdrkit flex bison qemu pcre augeas libxml2 acl libcap libcap_ng libconfig
systemd fuse yajl libvirt gmp readline file hivex
systemd fuse yajl libvirt gmp readline file hivex db
numactl xen libapparmor getopt perlPackages.ModuleBuild
] ++ (with perlPackages; [ perl libintl_perl GetoptLong SysVirt ])
++ (with ocamlPackages; [ ocaml findlib ocamlbuild ocaml_libvirt gettext-stub ounit ])

View file

@ -5,13 +5,13 @@
# https://github.com/oneapi-src/oneDNN#oneapi-deep-neural-network-library-onednn
stdenv.mkDerivation rec {
pname = "oneDNN";
version = "1.6";
version = "1.6.1";
src = fetchFromGitHub {
owner = "oneapi-src";
repo = "oneDNN";
rev = "v${version}";
sha256 = "0w2rgr3zgk7a3cql12dpddyhz2isyqqaks4vm8p45y426pd5m64b";
sha256 = "1rdq2rb4f9xbk2a07fpqgvd9mx1r5gwpm0jr8rra815bzddam8zh";
};
outputs = [ "out" "dev" "doc" ];

View file

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "openxr-loader";
version = "1.0.10";
version = "1.0.11";
src = fetchFromGitHub {
owner = "KhronosGroup";
repo = "OpenXR-SDK-Source";
rev = "release-${version}";
sha256 = "1igxyji2ab3gki1hlndvws1b2868mk1n3c4c3y5z0h3g713zw9ap";
sha256 = "0f3x5h0hdjiqgjf5mzzlprbhrbyabxllrjmlzgc9fv5rgqyyphj5";
};
nativeBuildInputs = [ cmake python3 ];

View file

@ -1,19 +1,21 @@
{ stdenv, fetchurl, cmake, gfortran, cudatoolkit, libpthreadstubs, lapack, blas }:
{ stdenv, fetchurl, cmake, gfortran, ninja, cudatoolkit, libpthreadstubs, lapack, blas }:
with stdenv.lib;
let version = "2.5.0";
let version = "2.5.3";
in stdenv.mkDerivation {
pname = "magma";
inherit version;
src = fetchurl {
url = "https://icl.cs.utk.edu/projectsfiles/magma/downloads/magma-${version}.tar.gz";
sha256 = "0czspk93cv1fy37zyrrc9k306q4yzfxkhy1y4lj937dx8rz5rm2g";
sha256 = "1xjy3irdx0w1zyhvn4x47zni5fwsh6z97xd4yqldz8zrm5lx40n6";
name = "magma-${version}.tar.gz";
};
buildInputs = [ gfortran cudatoolkit libpthreadstubs cmake lapack blas ];
nativeBuildInputs = [ gfortran cmake ninja ];
buildInputs = [ cudatoolkit libpthreadstubs lapack blas ];
doCheck = false;
@ -32,7 +34,7 @@ in stdenv.mkDerivation {
mkdir -p $out/lib/pkgconfig
cp -a ../include/*.h $out/include
#cp -a sparse-iter/include/*.h $out/include
cp -a lib/*.a $out/lib
cp -a lib/*.so $out/lib
cat ../lib/pkgconfig/magma.pc.in | \
sed -e s:@INSTALL_PREFIX@:"$out": | \
sed -e s:@CFLAGS@:"-I$out/include": | \

View file

@ -19,7 +19,7 @@ stdenv.mkDerivation {
postInstall = ''
ln -s $out/bin/wish* $out/bin/wish
cp ../{unix,generic}/*.h $out/include
ln -s $out/lib/libtk${tcl.release}.so $out/lib/libtk.so
ln -s $out/lib/libtk${tcl.release}${stdenv.hostPlatform.extensions.sharedLibrary} $out/lib/libtk${stdenv.hostPlatform.extensions.sharedLibrary}
''
+ stdenv.lib.optionalString (stdenv.isDarwin) ''
cp ../macosx/*.h $out/include

View file

@ -17,6 +17,12 @@ stdenv.mkDerivation rec {
"-DBUILD_SHARED_LIBS=ON"
];
# the pkg-config file is not created in the cmake installation
# process, so we use the Makefile and install it manually
# see https://github.com/JuliaStrings/utf8proc/issues/198
preConfigure = "make libutf8proc.pc prefix=$out";
postInstall = "install -Dm644 ../libutf8proc.pc -t $out/lib/pkgconfig/";
meta = with stdenv.lib; {
description = "A clean C library for processing UTF-8 Unicode data";
homepage = "https://juliastrings.github.io/utf8proc/";

View file

@ -0,0 +1,18 @@
{ buildDunePackage, containers
, gen, iter, mdx, ounit, qcheck
}:
buildDunePackage {
pname = "containers-data";
inherit (containers) src version;
doCheck = true;
checkInputs = [ gen iter mdx.bin ounit qcheck ];
propagatedBuildInputs = [ containers ];
meta = containers.meta // {
description = "A set of advanced datatypes for containers";
};
}

View file

@ -1,24 +1,22 @@
{ lib, fetchFromGitHub, buildDunePackage, ocaml
, iter, result, uchar
, gen, mdx, ounit, qcheck, uutf
, seq
, gen, iter, ounit, qcheck, uutf
}:
buildDunePackage rec {
version = "2.7";
version = "3.0";
pname = "containers";
src = fetchFromGitHub {
owner = "c-cube";
repo = "ocaml-containers";
rev = "v${version}";
sha256 = "1nsxfgn1g1vpqihb9gd6gsab0bcm70nf9z84cp441c8wsc57hi6a";
sha256 = "0c75d5csgc68qqbsdz4279nlin111zrjbg4d47k32ska28myvpqn";
};
buildInputs = [ iter ];
propagatedBuildInputs = [ seq ];
checkInputs = lib.optionals doCheck [ gen mdx.bin ounit qcheck uutf ];
propagatedBuildInputs = [ result uchar ];
checkInputs = [ gen iter ounit qcheck uutf ];
doCheck = true;

View file

@ -0,0 +1,19 @@
{ lib, buildDunePackage, dune_2, dune-glob, dune-private-libs }:
buildDunePackage rec {
pname = "dune-action-plugin";
inherit (dune_2) src version;
useDune2 = true;
dontAddPrefix = true;
propagatedBuildInputs = [ dune-glob dune-private-libs ];
meta = with lib; {
inherit (dune_2.meta) homepage;
description = "API for writing dynamic Dune actions";
maintainers = [ maintainers.marsam ];
license = licenses.mit;
};
}

View file

@ -0,0 +1,19 @@
{ lib, buildDunePackage, dune_2, dune-private-libs }:
buildDunePackage rec {
pname = "dune-glob";
inherit (dune_2) src version;
useDune2 = true;
dontAddPrefix = true;
propagatedBuildInputs = [ dune-private-libs ];
meta = with lib; {
inherit (dune_2.meta) homepage;
description = "Glob string matching language supported by dune";
maintainers = [ maintainers.marsam ];
license = licenses.mit;
};
}

View file

@ -7,7 +7,7 @@ buildDunePackage rec {
inherit (dune_2) src version;
minimumOCamlVersion = "4.07";
minimumOCamlVersion = "4.08";
dontAddPrefix = true;

View file

@ -0,0 +1,27 @@
{ pkgs, lib, fetchurl, buildDunePackage, pkg-config
, bigstring,
}:
buildDunePackage rec {
pname = "hidapi";
version = "1.1.1";
src = fetchurl {
url = "https://github.com/vbmithr/ocaml-hidapi/releases/download/${version}/${pname}-${version}.tbz";
sha256 = "1j7rd7ajrzla76r3sxljx6fb18f4f4s3jd7vhv59l2ilxyxycai2";
};
minimumOCamlVersion = "4.03";
buildInputs = [ pkgs.hidapi pkg-config ];
propagatedBuildInputs = [ bigstring ];
doCheck = true;
meta = with lib; {
homepage = https://github.com/vbmithr/ocaml-hidapi;
description = "Bindings to Signal11's hidapi library";
license = licenses.isc;
maintainers = [ maintainers.alexfmpe ];
};
}

View file

@ -1,4 +1,7 @@
{stdenv, fetchurl, ocaml, findlib, lablgtk ? null}:
{ stdenv, fetchurl, ocaml, findlib
, gtkSupport ? true
, lablgtk
}:
stdenv.mkDerivation rec {
pname = "ocamlgraph";
@ -9,22 +12,19 @@ stdenv.mkDerivation rec {
sha256 = "0m9g16wrrr86gw4fz2fazrh8nkqms0n863w7ndcvrmyafgxvxsnr";
};
buildInputs = [ ocaml findlib lablgtk ];
patches = ./destdir.patch;
postPatch = ''
sed -i 's@$(DESTDIR)$(OCAMLLIB)/ocamlgraph@$(DESTDIR)/lib/ocaml/${ocaml.version}/site-lib/ocamlgraph@' Makefile.in
sed -i 's@OCAMLFINDDEST := -destdir $(DESTDIR)@@' Makefile.in
${stdenv.lib.optionalString (lablgtk != null)
"sed -i 's@+lablgtk2@${lablgtk}/lib/ocaml/${ocaml.version}/site-lib/lablgtk2 -I ${lablgtk}/lib/ocaml/${ocaml.version}/site-lib/stublibs@' configure Makefile.in editor/Makefile"}
'';
buildInputs = [ ocaml findlib ]
++ stdenv.lib.optional gtkSupport lablgtk
;
createFindlibDestdir = true;
buildPhase = ''
make all
make install-findlib
buildFlags = [ "all" ];
installTargets = [ "install-findlib" ];
postInstall = stdenv.lib.optionalString gtkSupport ''
mkdir -p $out/bin
cp dgraph/dgraph.opt $out/bin/graph-viewer
cp editor/editor.opt $out/bin/graph-editor
'';
meta = {

View file

@ -1,13 +0,0 @@
diff -Naur -x '*~' ocamlgraph-1.8.1/Makefile.in ocamlgraph-1.8.1-new//Makefile.in
--- ocamlgraph-1.8.1/Makefile.in 2011-10-17 09:57:03.000000000 -0430
+++ ocamlgraph-1.8.1-new//Makefile.in 2011-11-24 13:01:22.626004819 -0430
@@ -16,8 +16,8 @@
##########################################################################
# Where to install the binaries
-DESTDIR =
prefix =@prefix@
+DESTDIR=$(prefix)
exec_prefix=@exec_prefix@
datarootdir=@datarootdir@
BINDIR =$(DESTDIR)@bindir@

View file

@ -10,11 +10,11 @@
buildPythonPackage rec {
pname = "awkward1";
version = "0.2.27";
version = "0.2.33";
src = fetchPypi {
inherit pname version;
sha256 = "c868437aabb2e95efbc522c43d47cac42e1c61904c7ddbebf2f41c6b63bb9c6f";
sha256 = "bf3de210d0a88fb14a97c296f54ed2d5b686a785bb5fd7a31277f22b8daa9513";
};
nativeBuildInputs = [ cmake ];

View file

@ -3,6 +3,7 @@
, fetchPypi
, requests
, google_auth
, google-auth-oauthlib
}:
buildPythonPackage rec {
@ -14,14 +15,12 @@ buildPythonPackage rec {
sha256 = "e04f1a6267b3929fc1600424c5ec83906d439672cafdd61a9d5b916a139f841c";
};
propagatedBuildInputs = [ requests ];
propagatedBuildInputs = [ requests google_auth google-auth-oauthlib ];
meta = with stdenv.lib; {
description = "Google Spreadsheets client library";
homepage = "https://github.com/burnash/gspread";
license = licenses.mit;
# missing multiple google libraries
broken = true; # 2020-08-15
};
# No tests included

View file

@ -58,6 +58,10 @@ in buildPythonPackage rec {
xlwt
];
# doesn't work with -Werror,-Wunused-command-line-argument
# https://github.com/NixOS/nixpkgs/issues/39687
hardeningDisable = optional stdenv.cc.isClang "strictoverflow";
# For OSX, we need to add a dependency on libcxx, which provides
# `complex.h` and other libraries that pandas depends on to build.
postPatch = optionalString isDarwin ''

View file

@ -1,18 +1,20 @@
{ stdenv, buildPythonPackage, fetchFromGitHub
{ stdenv, buildPythonPackage, fetchFromGitHub, isPy27
, glibcLocales, git
, mock, nose, markdown, lxml, typogrify
, jinja2, pygments, docutils, pytz, unidecode, six, dateutil, feedgenerator
, blinker, pillow, beautifulsoup4, markupsafe }:
, blinker, pillow, beautifulsoup4, markupsafe, pandoc }:
buildPythonPackage rec {
pname = "pelican";
version = "4.2.0";
version = "4.5.0";
disabled = isPy27;
src = fetchFromGitHub {
owner = "getpelican";
repo = "pelican";
rev = version;
sha256 = "0w9nqdw2jmqc6kqwg4rh6irr5k6j7hk8axg6vgd137rs50v62yv5";
sha256 = "0p8p84fcpkr19d54dhxvldd8ijbg334wmrmkr99pnbrdl1gf64qi";
# Remove unicode file names which leads to different checksums on HFS+
# vs. other filesystems because of unicode normalisation.
extraPostFetch = ''
@ -24,15 +26,15 @@ buildPythonPackage rec {
# Exclude custom locale test, which files were removed above to fix the source checksum
checkPhase = ''
nosetests -sv --exclude=test_custom_locale_generation_works pelican
nosetests -s \
--exclude=test_custom_locale_generation_works \
--exclude=test_log_filter \
pelican
'';
buildInputs = [
glibcLocales
# Note: Pelican has to adapt to a changed CLI of pandoc before enabling this
# again. Compare https://github.com/getpelican/pelican/pull/2252.
# Version 4.2.0 is incompatible with our current pandoc version.
# pandoc
pandoc
git
mock
markdown
@ -46,21 +48,16 @@ buildPythonPackage rec {
checkInputs = [
nose
pandoc
];
postPatch= ''
substituteInPlace pelican/tests/test_pelican.py \
--replace "'git'" "'${git}/bin/git'"
# Markdown-3.1 changed footnote separator to colon
# https://github.com/getpelican/pelican/issues/2493#issuecomment-491723744
sed -i '/test_article_with_footnote/i\
@unittest.skip("")' pelican/tests/test_readers.py
'';
LC_ALL="en_US.UTF-8";
# We only want to patch shebangs in /bin, and not those
# of the project scripts that are created by Pelican.
# See https://github.com/NixOS/nixpkgs/issues/30116

Some files were not shown because too many files have changed in this diff Show more