Merge branch 'master' into option-docs-md

This commit is contained in:
pennae 2022-09-01 16:10:09 +02:00 committed by GitHub
commit 3bddcf5f90
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
727 changed files with 14743 additions and 11803 deletions

View file

@ -308,7 +308,44 @@ The parameters relative to the base image have the same synopsis as described in
The `name` argument is the name of the derivation output, which defaults to `fromImage.name`.
## shadowSetup {#ssec-pkgs-dockerTools-shadowSetup}
## Environment Helpers {#ssec-pkgs-dockerTools-helpers}
Some packages expect certain files to be available globally.
When building an image from scratch (i.e. without `fromImage`), these files are missing.
`pkgs.dockerTools` provides some helpers to set up an environment with the necessary files.
You can include them in `copyToRoot` like this:
```nix
buildImage {
name = "environment-example";
copyToRoot = with pkgs.dockerTools; [
usrBinEnv
binSh
caCertificates
fakeNss
];
}
```
### usrBinEnv {#sssec-pkgs-dockerTools-helpers-usrBinEnv}
This provides the `env` utility at `/usr/bin/env`.
### binSh {#sssec-pkgs-dockerTools-helpers-binSh}
This provides `bashInteractive` at `/bin/sh`.
### caCertificates {#sssec-pkgs-dockerTools-helpers-caCertificates}
This sets up `/etc/ssl/certs/ca-certificates.crt`.
### fakeNss {#sssec-pkgs-dockerTools-helpers-fakeNss}
Provides `/etc/passwd` and `/etc/group` that contain root and nobody.
Useful when packaging binaries that insist on using nss to look up
username/groups (like nginx).
### shadowSetup {#ssec-pkgs-dockerTools-shadowSetup}
This constant string is a helper for setting up the base files for managing users and groups, only if such files don't exist already. It is suitable for being used in a [`buildImage` `runAsRoot`](#ex-dockerTools-buildImage-runAsRoot) script for cases like in the example below:

View file

@ -80,7 +80,7 @@ Right: `"A library for decoding PNG images"`
### `longDescription` {#var-meta-longDescription}
An arbitrarily long description of the package.
An arbitrarily long description of the package in [CommonMark](https://commonmark.org) Markdown.
### `branch` {#var-meta-branch}

View file

@ -399,7 +399,9 @@ rec {
# modules recursively. It returns the final list of unique-by-key modules
filterModules = modulesPath: { disabled, modules }:
let
moduleKey = m: if isString m then toString modulesPath + "/" + m else toString m;
moduleKey = m: if isString m && (builtins.substring 0 1 m != "/")
then toString modulesPath + "/" + m
else toString m;
disabledKeys = map moduleKey disabled;
keyFilter = filter (attrs: ! elem attrs.key disabledKeys);
in map (attrs: attrs.module) (builtins.genericClosure {

View file

@ -96,7 +96,9 @@ in {
++ filterDoubles (matchAttrs { kernel = parse.kernels.linux; abi = parse.abis.gnueabi; })
++ filterDoubles (matchAttrs { kernel = parse.kernels.linux; abi = parse.abis.gnueabihf; })
++ filterDoubles (matchAttrs { kernel = parse.kernels.linux; abi = parse.abis.gnuabin32; })
++ filterDoubles (matchAttrs { kernel = parse.kernels.linux; abi = parse.abis.gnuabi64; });
++ filterDoubles (matchAttrs { kernel = parse.kernels.linux; abi = parse.abis.gnuabi64; })
++ filterDoubles (matchAttrs { kernel = parse.kernels.linux; abi = parse.abis.gnuabielfv1; })
++ filterDoubles (matchAttrs { kernel = parse.kernels.linux; abi = parse.abis.gnuabielfv2; });
illumos = filterDoubles predicates.isSunOS;
linux = filterDoubles predicates.isLinux;
netbsd = filterDoubles predicates.isNetBSD;

View file

@ -22,12 +22,11 @@ rec {
};
ppc64 = {
config = "powerpc64-unknown-linux-gnu";
gcc = { abi = "elfv2"; }; # for gcc configuration
config = "powerpc64-unknown-linux-gnuabielfv2";
};
ppc64-musl = {
config = "powerpc64-unknown-linux-musl";
gcc = { abi = "elfv2"; }; # for gcc configuration
gcc = { abi = "elfv2"; };
};
sheevaplug = {

View file

@ -13,6 +13,13 @@ rec {
isx86_64 = { cpu = { family = "x86"; bits = 64; }; };
isPower = { cpu = { family = "power"; }; };
isPower64 = { cpu = { family = "power"; bits = 64; }; };
# This ABI is the default in NixOS PowerPC64 BE, but not on mainline GCC,
# so it sometimes causes issues in certain packages that makes the wrong
# assumption on the used ABI.
isAbiElfv2 = [
{ abi = { abi = "elfv2"; }; }
{ abi = { name = "musl"; }; cpu = { family = "power"; bits = 64; }; }
];
isx86 = { cpu = { family = "x86"; }; };
isAarch32 = { cpu = { family = "arm"; bits = 32; }; };
isAarch64 = { cpu = { family = "arm"; bits = 64; }; };
@ -65,7 +72,7 @@ rec {
isNone = { kernel = kernels.none; };
isAndroid = [ { abi = abis.android; } { abi = abis.androideabi; } ];
isGnu = with abis; map (a: { abi = a; }) [ gnuabi64 gnu gnueabi gnueabihf ];
isGnu = with abis; map (a: { abi = a; }) [ gnuabi64 gnu gnueabi gnueabihf gnuabielfv1 gnuabielfv2 ];
isMusl = with abis; map (a: { abi = a; }) [ musl musleabi musleabihf muslabin32 muslabi64 ];
isUClibc = with abis; map (a: { abi = a; }) [ uclibc uclibceabi uclibceabihf ];

View file

@ -353,6 +353,11 @@ rec {
The "gnu" ABI is ambiguous on 32-bit ARM. Use "gnueabi" or "gnueabihf" instead.
'';
}
{ assertion = platform: with platform; !(isPower64 && isBigEndian);
message = ''
The "gnu" ABI is ambiguous on big-endian 64-bit PowerPC. Use "gnuabielfv2" or "gnuabielfv1" instead.
'';
}
];
};
gnuabi64 = { abi = "64"; };
@ -364,6 +369,9 @@ rec {
gnuabin32 = { abi = "n32"; };
muslabin32 = { abi = "n32"; };
gnuabielfv2 = { abi = "elfv2"; };
gnuabielfv1 = { abi = "elfv1"; };
musleabi = { float = "soft"; };
musleabihf = { float = "hard"; };
musl = {};
@ -467,6 +475,8 @@ rec {
if lib.versionAtLeast (parsed.cpu.version or "0") "6"
then abis.gnueabihf
else abis.gnueabi
# Default ppc64 BE to ELFv2
else if isPower64 parsed && isBigEndian parsed then abis.gnuabielfv2
else abis.gnu
else abis.unknown;
};

View file

@ -130,6 +130,7 @@ checkConfigOutput '^true$' "$@" ./define-enable.nix ./define-attrsOfSub-foo-enab
set -- config.enable ./define-enable.nix ./declare-enable.nix
checkConfigOutput '^true$' "$@"
checkConfigOutput '^false$' "$@" ./disable-define-enable.nix
checkConfigOutput '^false$' "$@" ./disable-define-enable-string-path.nix
checkConfigError "The option .*enable.* does not exist. Definition values:\n\s*- In .*: true" "$@" ./disable-declare-enable.nix
checkConfigError "attribute .*enable.* in selection path .*config.enable.* not found" "$@" ./disable-define-enable.nix ./disable-declare-enable.nix
checkConfigError "attribute .*enable.* in selection path .*config.enable.* not found" "$@" ./disable-enable-modules.nix

View file

@ -0,0 +1,5 @@
{ lib, ... }:
{
disabledModules = [ (toString ./define-enable.nix) ];
}

View file

@ -1423,6 +1423,12 @@
githubId = 35324;
name = "Badi' Abdul-Wahid";
};
baitinq = {
email = "manuelpalenzuelamerino@gmail.com";
name = "Baitinq";
github = "Baitinq";
githubId = 30861839;
};
balodja = {
email = "balodja@gmail.com";
github = "balodja";
@ -4428,6 +4434,12 @@
githubId = 74379;
name = "Florian Pester";
};
fmoda3 = {
email = "fmoda3@mac.com";
github = "fmoda3";
githubId = 1746471;
name = "Frank Moda III";
};
fmthoma = {
email = "f.m.thoma@googlemail.com";
github = "fmthoma";
@ -5781,6 +5793,16 @@
github = "jacg";
githubId = 2570854;
};
jakehamilton = {
name = "Jake Hamilton";
email = "jake.hamilton@hey.com";
matrix = "@jakehamilton:matrix.org";
github = "jakehamilton";
githubId = 7005773;
keys = [{
fingerprint = "B982 0250 1720 D540 6A18 2DA8 188E 4945 E85B 2D21";
}];
};
jasoncarr = {
email = "jcarr250@gmail.com";
github = "jasoncarr0";
@ -8046,11 +8068,11 @@
name = "Michael Fellinger";
};
maralorn = {
email = "malte.brandy@maralorn.de";
email = "mail@maralorn.de";
matrix = "@maralorn:maralorn.de";
github = "maralorn";
githubId = 1651325;
name = "Malte Brandy";
name = "maralorn";
};
marcweber = {
email = "marco-oweber@gmx.de";
@ -15099,4 +15121,13 @@
github = "yisuidenghua";
githubId = 102890144;
};
macalinao = {
email = "me@ianm.com";
name = "Ian Macalinao";
github = "macalinao";
githubId = 401263;
keys = [{
fingerprint = "1147 43F1 E707 6F3E 6F4B 2C96 B9A8 B592 F126 F8E8";
}];
};
}

View file

@ -258,6 +258,14 @@
<link xlink:href="options.html#opt-services.patroni.enable">services.patroni</link>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://writefreely.org">WriteFreely</link>,
a simple blogging platform with ActivityPub support. Available
as
<link xlink:href="options.html#opt-services.writefreely.enable">services.writefreely</link>.
</para>
</listitem>
</itemizedlist>
</section>
<section xml:id="sec-release-22.11-incompatibilities">
@ -428,6 +436,12 @@
due to upstream dropping support.
</para>
</listitem>
<listitem>
<para>
<literal>k3s</literal> supports <literal>clusterInit</literal>
option, and it is enabled by default, for servers.
</para>
</listitem>
</itemizedlist>
</section>
<section xml:id="sec-release-22.11-notable-changes">

View file

@ -92,6 +92,8 @@ In addition to numerous new and upgraded packages, this release has the followin
- [Patroni](https://github.com/zalando/patroni), a template for PostgreSQL HA with ZooKeeper, etcd or Consul.
Available as [services.patroni](options.html#opt-services.patroni.enable).
- [WriteFreely](https://writefreely.org), a simple blogging platform with ActivityPub support. Available as [services.writefreely](options.html#opt-services.writefreely.enable).
<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->
## Backward Incompatibilities {#sec-release-22.11-incompatibilities}
@ -150,6 +152,8 @@ Use `configure.packages` instead.
- `k3s` no longer supports docker as runtime due to upstream dropping support.
- `k3s` supports `clusterInit` option, and it is enabled by default, for servers.
<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->
## Other Notable Changes {#sec-release-22.11-notable-changes}

View file

@ -4,29 +4,61 @@
let
zeroPad = n:
lib.optionalString (n < 16) "0" +
(if n > 255
then throw "Can't have more than 255 nets or nodes!"
else lib.toHexString n);
(if n > 255
then throw "Can't have more than 255 nets or nodes!"
else lib.toHexString n);
in
rec {
qemuNicMac = net: machine: "52:54:00:12:${zeroPad net}:${zeroPad machine}";
qemuNICFlags = nic: net: machine:
[ "-device virtio-net-pci,netdev=vlan${toString nic},mac=${qemuNicMac net machine}"
[
"-device virtio-net-pci,netdev=vlan${toString nic},mac=${qemuNicMac net machine}"
''-netdev vde,id=vlan${toString nic},sock="$QEMU_VDE_SOCKET_${toString net}"''
];
qemuSerialDevice = if pkgs.stdenv.hostPlatform.isx86 || pkgs.stdenv.hostPlatform.isRiscV then "ttyS0"
else if (with pkgs.stdenv.hostPlatform; isAarch || isPower) then "ttyAMA0"
else throw "Unknown QEMU serial device for system '${pkgs.stdenv.hostPlatform.system}'";
qemuSerialDevice =
if pkgs.stdenv.hostPlatform.isx86 || pkgs.stdenv.hostPlatform.isRiscV then "ttyS0"
else if (with pkgs.stdenv.hostPlatform; isAarch || isPower) then "ttyAMA0"
else throw "Unknown QEMU serial device for system '${pkgs.stdenv.hostPlatform.system}'";
qemuBinary = qemuPkg: {
x86_64-linux = "${qemuPkg}/bin/qemu-kvm -cpu max";
armv7l-linux = "${qemuPkg}/bin/qemu-system-arm -machine virt,accel=kvm:tcg -cpu max";
aarch64-linux = "${qemuPkg}/bin/qemu-system-aarch64 -machine virt,gic-version=max,accel=kvm:tcg -cpu max";
powerpc64le-linux = "${qemuPkg}/bin/qemu-system-ppc64 -machine powernv";
powerpc64-linux = "${qemuPkg}/bin/qemu-system-ppc64 -machine powernv";
x86_64-darwin = "${qemuPkg}/bin/qemu-kvm -cpu max";
}.${pkgs.stdenv.hostPlatform.system} or "${qemuPkg}/bin/qemu-kvm";
qemuBinary = qemuPkg:
let
hostStdenv = qemuPkg.stdenv;
hostSystem = hostStdenv.system;
guestSystem = pkgs.stdenv.hostPlatform.system;
linuxHostGuestMatrix = {
x86_64-linux = "${qemuPkg}/bin/qemu-kvm -cpu max";
armv7l-linux = "${qemuPkg}/bin/qemu-system-arm -machine virt,accel=kvm:tcg -cpu max";
aarch64-linux = "${qemuPkg}/bin/qemu-system-aarch64 -machine virt,gic-version=max,accel=kvm:tcg -cpu max";
powerpc64le-linux = "${qemuPkg}/bin/qemu-system-ppc64 -machine powernv";
powerpc64-linux = "${qemuPkg}/bin/qemu-system-ppc64 -machine powernv";
x86_64-darwin = "${qemuPkg}/bin/qemu-kvm -cpu max";
};
otherHostGuestMatrix = {
aarch64-darwin = {
aarch64-linux = "${qemuPkg}/bin/qemu-system-aarch64 -machine virt,gic-version=2,accel=hvf:tcg -cpu max";
};
x86_64-darwin = {
x86_64-linux = "${qemuPkg}/bin/qemu-system-x86_64 -machine type=q35,accel=hvf:tcg -cpu max";
};
};
throwUnsupportedHostSystem =
let
supportedSystems = [ "linux" ] ++ (lib.attrNames otherHostGuestMatrix);
in
throw "Unsupported host system ${hostSystem}, supported: ${lib.concatStringsSep ", " supportedSystems}";
throwUnsupportedGuestSystem = guestMap:
throw "Unsupported guest system ${guestSystem} for host ${hostSystem}, supported: ${lib.concatStringsSep ", " (lib.attrNames guestMap)}";
in
if hostStdenv.isLinux then
linuxHostGuestMatrix.${guestSystem} or "${qemuPkg}/bin/qemu-kvm"
else
let
guestMap = (otherHostGuestMatrix.${hostSystem} or throwUnsupportedHostSystem);
in
(guestMap.${guestSystem} or (throwUnsupportedGuestSystem guestMap));
}

View file

@ -1,7 +1,7 @@
{
x86_64-linux = "/nix/store/3af6g226v4hsv6x7xzh23d6wqyq0nzjp-nix-2.10.3";
i686-linux = "/nix/store/43xxh2jip6rpdhylc5z9a5fxx54dw206-nix-2.10.3";
aarch64-linux = "/nix/store/6qw3r57nra08ars8j8zyj3fl8lz4cvnd-nix-2.10.3";
x86_64-darwin = "/nix/store/3b7qrm0qjw57fmznrsvm0ai568i89hc2-nix-2.10.3";
aarch64-darwin = "/nix/store/gp7k17iy1n7hgf97qwnxw28c6v9nhb1i-nix-2.10.3";
x86_64-linux = "/nix/store/nmq5zcd93qb1yskx42rs910ff0247nn2-nix-2.11.0";
i686-linux = "/nix/store/ja6im1sw9a8lzczi10lc0iddffl9kzmn-nix-2.11.0";
aarch64-linux = "/nix/store/myr6fcqa9y4y2fb83zz73dck52vcn81z-nix-2.11.0";
x86_64-darwin = "/nix/store/2pfjz9b22k9997gh7cb0hjk1qa4lxrvy-nix-2.11.0";
aarch64-darwin = "/nix/store/lr32i0bdarx1iqsch4sy24jj1jkfw9vf-nix-2.11.0";
}

View file

@ -204,6 +204,7 @@
./programs/plotinus.nix
./programs/proxychains.nix
./programs/qt5ct.nix
./programs/rust-motd.nix
./programs/screen.nix
./programs/sedutil.nix
./programs/seahorse.nix
@ -1119,6 +1120,7 @@
./services/web-apps/wiki-js.nix
./services/web-apps/whitebophir.nix
./services/web-apps/wordpress.nix
./services/web-apps/writefreely.nix
./services/web-apps/youtrack.nix
./services/web-apps/zabbix.nix
./services/web-servers/agate.nix

View file

@ -129,12 +129,14 @@ in
environment.interactiveShellInit = ''
# Bind gpg-agent to this TTY if gpg commands are used.
export GPG_TTY=$(tty)
'';
'' + (optionalString cfg.agent.enableSSHSupport ''
# SSH agent protocol doesn't support changing TTYs, so bind the agent
# to every new TTY.
${cfg.package}/bin/gpg-connect-agent --quiet updatestartuptty /bye > /dev/null
'');
programs.ssh.extraConfig = optionalString cfg.agent.enableSSHSupport ''
# The SSH agent protocol doesn't have support for changing TTYs; however we
# can simulate this with the `exec` feature of openssh (see ssh_config(5))
# that hooks a command to the shell currently running the ssh program.
Match host * exec "${cfg.package}/bin/gpg-connect-agent --quiet updatestartuptty /bye > /dev/null"
'';
environment.extraInit = mkIf cfg.agent.enableSSHSupport ''
if [ -z "$SSH_AUTH_SOCK" ]; then

View file

@ -0,0 +1,92 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.programs.rust-motd;
format = pkgs.formats.toml { };
in {
options.programs.rust-motd = {
enable = mkEnableOption "rust-motd";
enableMotdInSSHD = mkOption {
default = true;
type = types.bool;
description = mdDoc ''
Whether to let `openssh` print the
result when entering a new `ssh`-session.
By default either nothing or a static file defined via
[](#opt-users.motd) is printed. Because of that,
the latter option is incompatible with this module.
'';
};
refreshInterval = mkOption {
default = "*:0/5";
type = types.str;
description = mdDoc ''
Interval in which the {manpage}`motd(5)` file is refreshed.
For possible formats, please refer to {manpage}`systemd.time(7)`.
'';
};
settings = mkOption {
type = types.submodule {
freeformType = format.type;
};
description = mdDoc ''
Settings on what to generate. Please read the
[upstream documentation](https://github.com/rust-motd/rust-motd/blob/main/README.md#configuration)
for further information.
'';
};
};
config = mkIf cfg.enable {
assertions = [
{ assertion = config.users.motd == null;
message = ''
`programs.rust-motd` is incompatible with `users.motd`!
'';
}
];
systemd.services.rust-motd = {
path = with pkgs; [ bash ];
documentation = [ "https://github.com/rust-motd/rust-motd/blob/v${pkgs.rust-motd.version}/README.md" ];
description = "motd generator";
serviceConfig = {
ExecStart = "${pkgs.writeShellScript "update-motd" ''
${pkgs.rust-motd}/bin/rust-motd ${format.generate "motd.conf" cfg.settings} > motd
''}";
CapabilityBoundingSet = [ "" ];
LockPersonality = true;
MemoryDenyWriteExecute = true;
NoNewPrivileges = true;
PrivateDevices = true;
PrivateTmp = true;
ProtectClock = true;
ProtectControlGroups = true;
ProtectHome = true;
ProtectHostname = true;
ProtectKernelModules = true;
ProtectKernelLogs = true;
ProtectKernelTunables = true;
ProtectSystem = "full";
StateDirectory = "rust-motd";
RestrictAddressFamilies = "none";
RestrictNamespaces = true;
RestrictRealtime = true;
RestrictSUIDSGID = true;
RemoveIPC = true;
WorkingDirectory = "/var/lib/rust-motd";
};
};
systemd.timers.rust-motd = {
wantedBy = [ "timers.target" ];
timerConfig.OnCalendar = cfg.refreshInterval;
};
security.pam.services.sshd.text = mkIf cfg.enableMotdInSSHD (mkDefault (mkAfter ''
session optional ${pkgs.pam}/lib/security/pam_motd.so motd=/var/lib/rust-motd/motd
''));
services.openssh.extraConfig = mkIf (cfg.settings ? last_login && cfg.settings.last_login != {}) ''
PrintLastLog no
'';
};
meta.maintainers = with maintainers; [ ma27 ];
}

View file

@ -25,7 +25,17 @@ in
role = mkOption {
description = lib.mdDoc ''
Whether k3s should run as a server or agent.
Note that the server, by default, also runs as an agent.
If it's a server:
- By default it also runs workloads as an agent.
- Starts by default as a standalone server using an embedded sqlite datastore.
- Configure `clusterInit = true` to switch over to embedded etcd datastore and enable HA mode.
- Configure `serverAddr` to join an already-initialized HA cluster.
If it's an agent:
- `serverAddr` is required.
'';
default = "server";
type = types.enum [ "server" "agent" ];
@ -33,15 +43,44 @@ in
serverAddr = mkOption {
type = types.str;
description = lib.mdDoc "The k3s server to connect to. This option only makes sense for an agent.";
description = lib.mdDoc ''
The k3s server to connect to.
Servers and agents need to communicate each other. Read
[the networking docs](https://rancher.com/docs/k3s/latest/en/installation/installation-requirements/#networking)
to know how to configure the firewall.
'';
example = "https://10.0.0.10:6443";
default = "";
};
clusterInit = mkOption {
type = types.bool;
default = false;
description = lib.mdDoc ''
Initialize HA cluster using an embedded etcd datastore.
If this option is `false` and `role` is `server`
On a server that was using the default embedded sqlite backend,
enabling this option will migrate to an embedded etcd DB.
If an HA cluster using the embedded etcd datastore was already initialized,
this option has no effect.
This option only makes sense in a server that is not connecting to another server.
If you are configuring an HA cluster with an embedded etcd,
the 1st server must have `clusterInit = true`
and other servers must connect to it using `serverAddr`.
'';
};
token = mkOption {
type = types.str;
description = lib.mdDoc ''
The k3s token to use when connecting to the server. This option only makes sense for an agent.
The k3s token to use when connecting to a server.
WARNING: This option will expose store your token unencrypted world-readable in the nix store.
If this is undesired use the tokenFile option instead.
'';
@ -50,7 +89,7 @@ in
tokenFile = mkOption {
type = types.nullOr types.path;
description = lib.mdDoc "File path containing k3s token to use when connecting to the server. This option only makes sense for an agent.";
description = lib.mdDoc "File path containing k3s token to use when connecting to the server.";
default = null;
};
@ -86,6 +125,14 @@ in
assertion = cfg.role == "agent" -> cfg.configPath != null || cfg.tokenFile != null || cfg.token != "";
message = "token or tokenFile or configPath (with 'token' or 'token-file' keys) should be set if role is 'agent'";
}
{
assertion = cfg.role == "agent" -> !cfg.disableAgent;
message = "disableAgent must be false if role is 'agent'";
}
{
assertion = cfg.role == "agent" -> !cfg.clusterInit;
message = "clusterInit must be false if role is 'agent'";
}
];
environment.systemPackages = [ config.services.k3s.package ];
@ -111,6 +158,7 @@ in
[
"${cfg.package}/bin/k3s ${cfg.role}"
]
++ (optional cfg.clusterInit "--cluster-init")
++ (optional cfg.disableAgent "--disable-agent")
++ (optional (cfg.serverAddr != "") "--server ${cfg.serverAddr}")
++ (optional (cfg.token != "") "--token ${cfg.token}")

View file

@ -298,7 +298,7 @@ in
];
serviceConfig = {
ExecStart = "${package}/bin/kea-ctrl-agent -c /etc/kea/ctrl-agent.conf ${lib.escapeShellArgs cfg.dhcp4.extraArgs}";
ExecStart = "${package}/bin/kea-ctrl-agent -c /etc/kea/ctrl-agent.conf ${lib.escapeShellArgs cfg.ctrl-agent.extraArgs}";
KillMode = "process";
Restart = "on-failure";
} // commonServiceConfig;

View file

@ -264,6 +264,19 @@ in
'';
};
secretFile = mkOption {
type = types.nullOr types.path;
default = null;
example = "/run/keys/keepalived.env";
description = ''
Environment variables from this file will be interpolated into the
final config file using envsubst with this syntax: <literal>$ENVIRONMENT</literal>
or <literal>''${VARIABLE}</literal>.
The file should contain lines formatted as <literal>SECRET_VAR=SECRET_VALUE</literal>.
This is useful to avoid putting secrets into the nix store.
'';
};
};
};
@ -282,7 +295,9 @@ in
};
};
systemd.services.keepalived = {
systemd.services.keepalived = let
finalConfigFile = if cfg.secretFile == null then keepalivedConf else "/run/keepalived/keepalived.conf";
in {
description = "Keepalive Daemon (LVS and VRRP)";
after = [ "network.target" "network-online.target" "syslog.target" ];
wants = [ "network-online.target" ];
@ -290,8 +305,15 @@ in
Type = "forking";
PIDFile = pidFile;
KillMode = "process";
RuntimeDirectory = "keepalived";
EnvironmentFile = lib.optional (cfg.secretFile != null) cfg.secretFile;
ExecStartPre = lib.optional (cfg.secretFile != null)
(pkgs.writeShellScript "keepalived-pre-start" ''
umask 077
${pkgs.envsubst}/bin/envsubst -i "${keepalivedConf}" > ${finalConfigFile}
'');
ExecStart = "${pkgs.keepalived}/sbin/keepalived"
+ " -f ${keepalivedConf}"
+ " -f ${finalConfigFile}"
+ " -p ${pidFile}"
+ optionalString cfg.snmp.enable " --snmp";
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";

View file

@ -192,7 +192,10 @@ in
ExecStart = "${cfg.package}/bin/searx-run";
} // optionalAttrs (cfg.environmentFile != null)
{ EnvironmentFile = builtins.toPath cfg.environmentFile; };
environment.SEARX_SETTINGS_PATH = cfg.settingsFile;
environment = {
SEARX_SETTINGS_PATH = cfg.settingsFile;
SEARXNG_SETTINGS_PATH = cfg.settingsFile;
};
};
systemd.services.uwsgi = mkIf (cfg.runInUwsgi)

View file

@ -268,10 +268,10 @@ in {
{
versioning = {
type = "staggered";
fsPath = "/syncthing/backup";
params = {
cleanInterval = "3600";
maxAge = "31536000";
versionsPath = "/syncthing/backup";
};
};
}
@ -296,6 +296,14 @@ in {
See <https://docs.syncthing.net/users/versioning.html>.
'';
};
fsPath = mkOption {
default = "";
type = either str path;
description = mdDoc ''
Path to the versioning folder.
See <https://docs.syncthing.net/users/versioning.html>.
'';
};
params = mkOption {
type = attrsOf (either str path);
description = mdDoc ''

View file

@ -196,6 +196,7 @@ in {
ProtectSystem = "strict";
AmbientCapabilities = "CAP_NET_BIND_SERVICE";
StateDirectory = "bitwarden_rs";
StateDirectoryMode = "0700";
};
wantedBy = [ "multi-user.target" ];
};

View file

@ -25,6 +25,7 @@ let
catAttrs
collect
splitString
hasPrefix
;
inherit (builtins)
@ -312,8 +313,9 @@ in
http-relative-path = mkOption {
type = str;
default = "";
default = "/";
example = "/auth";
apply = x: if !(hasPrefix "/") x then "/" + x else x;
description = lib.mdDoc ''
The path relative to `/` for serving
resources.
@ -636,7 +638,7 @@ in
'' + ''
export KEYCLOAK_ADMIN=admin
export KEYCLOAK_ADMIN_PASSWORD=${cfg.initialAdminPassword}
kc.sh start
kc.sh start --optimized
'';
};

View file

@ -0,0 +1,485 @@
{ config, lib, pkgs, ... }:
let
inherit (builtins) toString;
inherit (lib) types mkIf mkOption mkDefault;
inherit (lib) optional optionals optionalAttrs optionalString;
inherit (pkgs) sqlite;
format = pkgs.formats.ini {
mkKeyValue = key: value:
let
value' = if builtins.isNull value then
""
else if builtins.isBool value then
if value == true then "true" else "false"
else
toString value;
in "${key} = ${value'}";
};
cfg = config.services.writefreely;
isSqlite = cfg.database.type == "sqlite3";
isMysql = cfg.database.type == "mysql";
isMysqlLocal = isMysql && cfg.database.createLocally == true;
hostProtocol = if cfg.acme.enable then "https" else "http";
settings = cfg.settings // {
app = cfg.settings.app or { } // {
host = cfg.settings.app.host or "${hostProtocol}://${cfg.host}";
};
database = if cfg.database.type == "sqlite3" then {
type = "sqlite3";
filename = cfg.settings.database.filename or "writefreely.db";
database = cfg.database.name;
} else {
type = "mysql";
username = cfg.database.user;
password = "#dbpass#";
database = cfg.database.name;
host = cfg.database.host;
port = cfg.database.port;
tls = cfg.database.tls;
};
server = cfg.settings.server or { } // {
bind = cfg.settings.server.bind or "localhost";
gopher_port = cfg.settings.server.gopher_port or 0;
autocert = !cfg.nginx.enable && cfg.acme.enable;
templates_parent_dir =
cfg.settings.server.templates_parent_dir or cfg.package.src;
static_parent_dir = cfg.settings.server.static_parent_dir or assets;
pages_parent_dir =
cfg.settings.server.pages_parent_dir or cfg.package.src;
keys_parent_dir = cfg.settings.server.keys_parent_dir or cfg.stateDir;
};
};
configFile = format.generate "config.ini" settings;
assets = pkgs.stdenvNoCC.mkDerivation {
pname = "writefreely-assets";
inherit (cfg.package) version src;
nativeBuildInputs = with pkgs.nodePackages; [ less ];
buildPhase = ''
mkdir -p $out
cp -r static $out/
'';
installPhase = ''
less_dir=$src/less
css_dir=$out/static/css
lessc $less_dir/app.less $css_dir/write.css
lessc $less_dir/fonts.less $css_dir/fonts.css
lessc $less_dir/icons.less $css_dir/icons.css
lessc $less_dir/prose.less $css_dir/prose.css
'';
};
withConfigFile = text: ''
db_pass=${
optionalString (cfg.database.passwordFile != null)
"$(head -n1 ${cfg.database.passwordFile})"
}
cp -f ${configFile} '${cfg.stateDir}/config.ini'
sed -e "s,#dbpass#,$db_pass,g" -i '${cfg.stateDir}/config.ini'
chmod 440 '${cfg.stateDir}/config.ini'
${text}
'';
withMysql = text:
withConfigFile ''
query () {
local result=$(${config.services.mysql.package}/bin/mysql \
--user=${cfg.database.user} \
--password=$db_pass \
--database=${cfg.database.name} \
--silent \
--raw \
--skip-column-names \
--execute "$1" \
)
echo $result
}
${text}
'';
withSqlite = text:
withConfigFile ''
query () {
local result=$(${sqlite}/bin/sqlite3 \
'${cfg.stateDir}/${settings.database.filename}'
"$1" \
)
echo $result
}
${text}
'';
in {
options.services.writefreely = {
enable =
lib.mkEnableOption "Writefreely, build a digital writing community";
package = lib.mkOption {
type = lib.types.package;
default = pkgs.writefreely;
defaultText = lib.literalExpression "pkgs.writefreely";
description = "Writefreely package to use.";
};
stateDir = mkOption {
type = types.path;
default = "/var/lib/writefreely";
description = "The state directory where keys and data are stored.";
};
user = mkOption {
type = types.str;
default = "writefreely";
description = "User under which Writefreely is ran.";
};
group = mkOption {
type = types.str;
default = "writefreely";
description = "Group under which Writefreely is ran.";
};
host = mkOption {
type = types.str;
default = "";
description = "The public host name to serve.";
example = "example.com";
};
settings = mkOption {
default = { };
description = ''
Writefreely configuration (<filename>config.ini</filename>). Refer to
<link xlink:href="https://writefreely.org/docs/latest/admin/config" />
for details.
'';
type = types.submodule {
freeformType = format.type;
options = {
app = {
theme = mkOption {
type = types.str;
default = "write";
description = "The theme to apply.";
};
};
server = {
port = mkOption {
type = types.port;
default = if cfg.nginx.enable then 18080 else 80;
defaultText = "80";
description = "The port WriteFreely should listen on.";
};
};
};
};
};
database = {
type = mkOption {
type = types.enum [ "sqlite3" "mysql" ];
default = "sqlite3";
description = "The database provider to use.";
};
name = mkOption {
type = types.str;
default = "writefreely";
description = "The name of the database to store data in.";
};
user = mkOption {
type = types.nullOr types.str;
default = if cfg.database.type == "mysql" then "writefreely" else null;
defaultText = "writefreely";
description = "The database user to connect as.";
};
passwordFile = mkOption {
type = types.nullOr types.path;
default = null;
description = "The file to load the database password from.";
};
host = mkOption {
type = types.str;
default = "localhost";
description = "The database host to connect to.";
};
port = mkOption {
type = types.port;
default = 3306;
description = "The port used when connecting to the database host.";
};
tls = mkOption {
type = types.bool;
default = false;
description =
"Whether or not TLS should be used for the database connection.";
};
migrate = mkOption {
type = types.bool;
default = true;
description =
"Whether or not to automatically run migrations on startup.";
};
createLocally = mkOption {
type = types.bool;
default = false;
description = ''
When <option>services.writefreely.database.type</option> is set to
<code>"mysql"</code>, this option will enable the MySQL service locally.
'';
};
};
admin = {
name = mkOption {
type = types.nullOr types.str;
description = "The name of the first admin user.";
default = null;
};
initialPasswordFile = mkOption {
type = types.path;
description = ''
Path to a file containing the initial password for the admin user.
If not provided, the default password will be set to <code>nixos</code>.
'';
default = pkgs.writeText "default-admin-pass" "nixos";
defaultText = "/nix/store/xxx-default-admin-pass";
};
};
nginx = {
enable = mkOption {
type = types.bool;
default = false;
description =
"Whether or not to enable and configure nginx as a proxy for WriteFreely.";
};
forceSSL = mkOption {
type = types.bool;
default = false;
description = "Whether or not to force the use of SSL.";
};
};
acme = {
enable = mkOption {
type = types.bool;
default = false;
description =
"Whether or not to automatically fetch and configure SSL certs.";
};
};
};
config = mkIf cfg.enable {
assertions = [
{
assertion = cfg.host != "";
message = "services.writefreely.host must be set";
}
{
assertion = isMysqlLocal -> cfg.database.passwordFile != null;
message =
"services.writefreely.database.passwordFile must be set if services.writefreely.database.createLocally is set to true";
}
{
assertion = isSqlite -> !cfg.database.createLocally;
message =
"services.writefreely.database.createLocally has no use when services.writefreely.database.type is set to sqlite3";
}
];
users = {
users = optionalAttrs (cfg.user == "writefreely") {
writefreely = {
group = cfg.group;
home = cfg.stateDir;
isSystemUser = true;
};
};
groups =
optionalAttrs (cfg.group == "writefreely") { writefreely = { }; };
};
systemd.tmpfiles.rules =
[ "d '${cfg.stateDir}' 0750 ${cfg.user} ${cfg.group} - -" ];
systemd.services.writefreely = {
after = [ "network.target" ]
++ optional isSqlite "writefreely-sqlite-init.service"
++ optional isMysql "writefreely-mysql-init.service"
++ optional isMysqlLocal "mysql.service";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "simple";
User = cfg.user;
Group = cfg.group;
WorkingDirectory = cfg.stateDir;
Restart = "always";
RestartSec = 20;
ExecStart =
"${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' serve";
AmbientCapabilities =
optionalString (settings.server.port < 1024) "cap_net_bind_service";
};
preStart = ''
if ! test -d "${cfg.stateDir}/keys"; then
mkdir -p ${cfg.stateDir}/keys
# Key files end up with the wrong permissions by default.
# We need to correct them so that Writefreely can read them.
chmod -R 750 "${cfg.stateDir}/keys"
${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' keys generate
fi
'';
};
systemd.services.writefreely-sqlite-init = mkIf isSqlite {
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "oneshot";
User = cfg.user;
Group = cfg.group;
WorkingDirectory = cfg.stateDir;
ReadOnlyPaths = optional (cfg.admin.initialPasswordFile != null)
cfg.admin.initialPasswordFile;
};
script = let
migrateDatabase = optionalString cfg.database.migrate ''
${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' db migrate
'';
createAdmin = optionalString (cfg.admin.name != null) ''
if [[ $(query "SELECT COUNT(*) FROM users") == 0 ]]; then
admin_pass=$(head -n1 ${cfg.admin.initialPasswordFile})
${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' --create-admin ${cfg.admin.name}:$admin_pass
fi
'';
in withSqlite ''
if ! test -f '${settings.database.filename}'; then
${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' db init
fi
${migrateDatabase}
${createAdmin}
'';
};
systemd.services.writefreely-mysql-init = mkIf isMysql {
wantedBy = [ "multi-user.target" ];
after = optional isMysqlLocal "mysql.service";
serviceConfig = {
Type = "oneshot";
User = cfg.user;
Group = cfg.group;
WorkingDirectory = cfg.stateDir;
ReadOnlyPaths = optional isMysqlLocal cfg.database.passwordFile
++ optional (cfg.admin.initialPasswordFile != null)
cfg.admin.initialPasswordFile;
};
script = let
updateUser = optionalString isMysqlLocal ''
# WriteFreely currently *requires* a password for authentication, so we
# need to update the user in MySQL accordingly. By default MySQL users
# authenticate with auth_socket or unix_socket.
# See: https://github.com/writefreely/writefreely/issues/568
${config.services.mysql.package}/bin/mysql --skip-column-names --execute "ALTER USER '${cfg.database.user}'@'localhost' IDENTIFIED VIA unix_socket OR mysql_native_password USING PASSWORD('$db_pass'); FLUSH PRIVILEGES;"
'';
migrateDatabase = optionalString cfg.database.migrate ''
${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' db migrate
'';
createAdmin = optionalString (cfg.admin.name != null) ''
if [[ $(query 'SELECT COUNT(*) FROM users') == 0 ]]; then
admin_pass=$(head -n1 ${cfg.admin.initialPasswordFile})
${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' --create-admin ${cfg.admin.name}:$admin_pass
fi
'';
in withMysql ''
${updateUser}
if [[ $(query "SELECT COUNT(*) FROM information_schema.tables WHERE table_schema = '${cfg.database.name}'") == 0 ]]; then
${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' db init
fi
${migrateDatabase}
${createAdmin}
'';
};
services.mysql = mkIf isMysqlLocal {
enable = true;
package = mkDefault pkgs.mariadb;
ensureDatabases = [ cfg.database.name ];
ensureUsers = [{
name = cfg.database.user;
ensurePermissions = {
"${cfg.database.name}.*" = "ALL PRIVILEGES";
# WriteFreely requires the use of passwords, so we need permissions
# to `ALTER` the user to add password support and also to reload
# permissions so they can be used.
"*.*" = "CREATE USER, RELOAD";
};
}];
};
services.nginx = lib.mkIf cfg.nginx.enable {
enable = true;
recommendedProxySettings = true;
virtualHosts."${cfg.host}" = {
enableACME = cfg.acme.enable;
forceSSL = cfg.nginx.forceSSL;
locations."/" = {
proxyPass = "http://127.0.0.1:${toString settings.server.port}";
};
};
};
};
}

View file

@ -311,7 +311,6 @@ in
home = "/var/lib/lightdm";
group = "lightdm";
uid = config.ids.uids.lightdm;
shell = pkgs.bash;
};
systemd.tmpfiles.rules = [

View file

@ -6,7 +6,7 @@ let
cfg = config.services.xserver.windowManager.awesome;
awesome = cfg.package;
getLuaPath = lib : dir : "${lib}/${dir}/lua/${pkgs.luaPackages.lua.luaversion}";
getLuaPath = lib: dir: "${lib}/${dir}/lua/${awesome.lua.luaversion}";
makeSearchPath = lib.concatMapStrings (path:
" --search " + (getLuaPath path "share") +
" --search " + (getLuaPath path "lib")

View file

@ -240,11 +240,11 @@ def main() -> None:
if "@graceful@" == "1":
flags.append("--graceful")
subprocess.check_call(["@systemd@/bin/bootctl", "--path=@efiSysMountPoint@"] + flags + ["install"])
subprocess.check_call(["@systemd@/bin/bootctl", "--esp-path=@efiSysMountPoint@"] + flags + ["install"])
else:
# Update bootloader to latest if needed
available_out = subprocess.check_output(["@systemd@/bin/bootctl", "--version"], universal_newlines=True).split()[2]
installed_out = subprocess.check_output(["@systemd@/bin/bootctl", "--path=@efiSysMountPoint@", "status"], universal_newlines=True)
installed_out = subprocess.check_output(["@systemd@/bin/bootctl", "--esp-path=@efiSysMountPoint@", "status"], universal_newlines=True)
# See status_binaries() in systemd bootctl.c for code which generates this
installed_match = re.search(r"^\W+File:.*/EFI/(?:BOOT|systemd)/.*\.efi \(systemd-boot ([\d.]+[^)]*)\)$",
@ -263,7 +263,7 @@ def main() -> None:
if installed_version < available_version:
print("updating systemd-boot from %s to %s" % (installed_version, available_version))
subprocess.check_call(["@systemd@/bin/bootctl", "--path=@efiSysMountPoint@", "update"])
subprocess.check_call(["@systemd@/bin/bootctl", "--esp-path=@efiSysMountPoint@", "update"])
mkdir_p("@efiSysMountPoint@/efi/nixos")
mkdir_p("@efiSysMountPoint@/loader/entries")

View file

@ -879,6 +879,15 @@ let
(assertValueOneOf "OnLink" boolValues)
];
sectionIPv6RoutePrefix = checkUnitConfig "IPv6RoutePrefix" [
(assertOnlyFields [
"Route"
"LifetimeSec"
])
(assertHasField "Route")
(assertInt "LifetimeSec")
];
sectionDHCPServerStaticLease = checkUnitConfig "DHCPServerStaticLease" [
(assertOnlyFields [
"MACAddress"
@ -1242,6 +1251,22 @@ let
};
};
ipv6RoutePrefixOptions = {
options = {
ipv6RoutePrefixConfig = mkOption {
default = {};
example = { Route = "fd00::/64"; };
type = types.addCheck (types.attrsOf unitOption) check.network.sectionIPv6RoutePrefix;
description = ''
Each attribute in this set specifies an option in the
<literal>[IPv6RoutePrefix]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
};
};
dhcpServerStaticLeaseOptions = {
options = {
dhcpServerStaticLeaseConfig = mkOption {
@ -1384,6 +1409,17 @@ let
'';
};
ipv6RoutePrefixes = mkOption {
default = [];
example = [ { Route = "fd00::/64"; LifetimeSec = 3600; } ];
type = with types; listOf (submodule ipv6RoutePrefixOptions);
description = ''
A list of ipv6RoutePrefix sections to be added to the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
name = mkOption {
type = types.nullOr types.str;
default = null;
@ -1775,6 +1811,10 @@ let
[IPv6Prefix]
${attrsToSection x.ipv6PrefixConfig}
'')
+ flip concatMapStrings def.ipv6RoutePrefixes (x: ''
[IPv6RoutePrefix]
${attrsToSection x.ipv6RoutePrefixConfig}
'')
+ flip concatMapStrings def.dhcpServerStaticLeases (x: ''
[DHCPServerStaticLease]
${attrsToSection x.dhcpServerStaticLeaseConfig}

View file

@ -11,20 +11,6 @@ in
maintainers = [ ] ++ lib.teams.podman.members;
};
imports = [
(
lib.mkRemovedOptionModule
[ "virtualisation" "containers" "users" ]
"All users with `isNormalUser = true` set now get appropriate subuid/subgid mappings."
)
(
lib.mkRemovedOptionModule
[ "virtualisation" "containers" "containersConf" "extraConfig" ]
"Use virtualisation.containers.containersConf.settings instead."
)
];
options.virtualisation.containers = {
enable =

View file

@ -11,10 +11,6 @@ let
cfgFile = format.generate "00-default.conf" cfg.settings;
in
{
imports = [
(mkRenamedOptionModule [ "virtualisation" "cri-o" "registries" ] [ "virtualisation" "containers" "registries" "search" ])
];
meta = {
maintainers = teams.podman.members;
};

View file

@ -46,7 +46,6 @@ in
imports = [
./dnsname.nix
./network-socket.nix
(lib.mkRenamedOptionModule [ "virtualisation" "podman" "libpod" ] [ "virtualisation" "containers" "containersConf" ])
];
meta = {

View file

@ -102,7 +102,9 @@ let
# Shell script to start the VM.
startVM =
''
#! ${pkgs.runtimeShell}
#! ${cfg.host.pkgs.runtimeShell}
export PATH=${makeBinPath [ cfg.host.pkgs.coreutils ]}''${PATH:+:}$PATH
set -e
@ -575,11 +577,24 @@ in
description = lib.mdDoc "Primary IP address used in /etc/hosts.";
};
virtualisation.host.pkgs = mkOption {
type = options.nixpkgs.pkgs.type;
default = pkgs;
defaultText = "pkgs";
example = literalExpression ''
import pkgs.path { system = "x86_64-darwin"; }
'';
description = ''
pkgs set to use for the host-specific packages of the vm runner.
Changing this to e.g. a Darwin package set allows running NixOS VMs on Darwin.
'';
};
virtualisation.qemu = {
package =
mkOption {
type = types.package;
default = pkgs.qemu_kvm;
default = cfg.host.pkgs.qemu_kvm;
example = "pkgs.qemu_test";
description = lib.mdDoc "QEMU package to use.";
};
@ -1076,14 +1091,14 @@ in
services.qemuGuest.enable = cfg.qemu.guestAgent.enable;
system.build.vm = pkgs.runCommand "nixos-vm" {
system.build.vm = cfg.host.pkgs.runCommand "nixos-vm" {
preferLocalBuild = true;
meta.mainProgram = "run-${config.system.name}-vm";
}
''
mkdir -p $out/bin
ln -s ${config.system.build.toplevel} $out/system
ln -s ${pkgs.writeScript "run-nixos-vm" startVM} $out/bin/run-${config.system.name}-vm
ln -s ${cfg.host.pkgs.writeScript "run-nixos-vm" startVM} $out/bin/run-${config.system.name}-vm
'';
# When building a regular system configuration, override whatever

View file

@ -621,6 +621,7 @@ in {
wmderland = handleTest ./wmderland.nix {};
wpa_supplicant = handleTest ./wpa_supplicant.nix {};
wordpress = handleTest ./wordpress.nix {};
writefreely = handleTest ./web-apps/writefreely.nix {};
xandikos = handleTest ./xandikos.nix {};
xautolock = handleTest ./xautolock.nix {};
xfce = handleTest ./xfce.nix {};

View file

@ -53,9 +53,10 @@ import ../make-test-python.nix ({ pkgs, ... }:
enable = true;
role = "server";
package = pkgs.k3s;
clusterInit = true;
extraFlags = "--no-deploy coredns,servicelb,traefik,local-storage,metrics-server --pause-image test.local/pause:local --node-ip 192.168.1.1";
};
networking.firewall.allowedTCPPorts = [ 6443 ];
networking.firewall.allowedTCPPorts = [ 2379 2380 6443 ];
networking.firewall.allowedUDPPorts = [ 8472 ];
networking.firewall.trustedInterfaces = [ "flannel.1" ];
networking.useDHCP = false;
@ -65,6 +66,28 @@ import ../make-test-python.nix ({ pkgs, ... }:
];
};
server2 = { pkgs, ... }: {
environment.systemPackages = with pkgs; [ gzip jq ];
virtualisation.memorySize = 1536;
virtualisation.diskSize = 4096;
services.k3s = {
inherit tokenFile;
enable = true;
serverAddr = "https://192.168.1.1:6443";
clusterInit = false;
extraFlags = "--no-deploy coredns,servicelb,traefik,local-storage,metrics-server --pause-image test.local/pause:local --node-ip 192.168.1.3";
};
networking.firewall.allowedTCPPorts = [ 2379 2380 6443 ];
networking.firewall.allowedUDPPorts = [ 8472 ];
networking.firewall.trustedInterfaces = [ "flannel.1" ];
networking.useDHCP = false;
networking.defaultGateway = "192.168.1.3";
networking.interfaces.eth1.ipv4.addresses = pkgs.lib.mkForce [
{ address = "192.168.1.3"; prefixLength = 24; }
];
};
agent = { pkgs, ... }: {
virtualisation.memorySize = 1024;
virtualisation.diskSize = 2048;
@ -72,7 +95,7 @@ import ../make-test-python.nix ({ pkgs, ... }:
inherit tokenFile;
enable = true;
role = "agent";
serverAddr = "https://192.168.1.1:6443";
serverAddr = "https://192.168.1.3:6443";
extraFlags = "--pause-image test.local/pause:local --node-ip 192.168.1.2";
};
networking.firewall.allowedTCPPorts = [ 6443 ];
@ -91,9 +114,9 @@ import ../make-test-python.nix ({ pkgs, ... }:
};
testScript = ''
start_all()
machines = [server, agent]
machines = [server, server2, agent]
for m in machines:
m.start()
m.wait_for_unit("k3s")
# wait for the agent to show up

View file

@ -0,0 +1,44 @@
{ system ? builtins.currentSystem, config ? { }
, pkgs ? import ../../.. { inherit system config; } }:
with import ../../lib/testing-python.nix { inherit system pkgs; };
with pkgs.lib;
let
writefreelyTest = { name, type }:
makeTest {
name = "writefreely-${name}";
nodes.machine = { config, pkgs, ... }: {
services.writefreely = {
enable = true;
host = "localhost:3000";
admin.name = "nixos";
database = {
inherit type;
createLocally = type == "mysql";
passwordFile = pkgs.writeText "db-pass" "pass";
};
settings.server.port = 3000;
};
};
testScript = ''
start_all()
machine.wait_for_unit("writefreely.service")
machine.wait_for_open_port(3000)
machine.succeed("curl --fail http://localhost:3000")
'';
};
in {
sqlite = writefreelyTest {
name = "sqlite";
type = "sqlite3";
};
mysql = writefreelyTest {
name = "mysql";
type = "mysql";
};
}

View file

@ -19,20 +19,20 @@
stdenv.mkDerivation rec {
pname = "amberol";
version = "0.9.0";
version = "0.9.1";
src = fetchFromGitLab {
domain = "gitlab.gnome.org";
owner = "World";
repo = pname;
rev = version;
hash = "sha256-/kZYzUzycHKre6/dvZgeqXu6mrkblftV51Z7866fZVY=";
hash = "sha256-UZFOQw9eXSyCey4YQ4pWV91BIo+5tFw1N8es5H03+fc=";
};
cargoDeps = rustPlatform.fetchCargoTarball {
inherit src;
name = "${pname}-${version}";
hash = "sha256-1+RWL9MD6aX+zI2rtQUQCqemCephLKGEAf5xNCb+jo4=";
hash = "sha256-ebo718+HAZFd7Pjy06jAzmaLdjR3o4Hn0xEeO7yiIC0=";
};
postPatch = ''

View file

@ -4,13 +4,13 @@
stdenv.mkDerivation rec {
pname = "flacon";
version = "9.1.0";
version = "9.2.0";
src = fetchFromGitHub {
owner = "flacon";
repo = "flacon";
rev = "v${version}";
sha256 = "sha256-gchFd3yL0ni0PJ4+mWwR8XCKPpyQOajtO+/A7fnwoeE=";
sha256 = "sha256-qnjWpsgCRAi09o9O7CBc0R9MN1EpXVmCoxB2npc9qpM=";
};
nativeBuildInputs = [ cmake pkg-config wrapQtAppsHook ];

View file

@ -1,4 +1,4 @@
{ lib, stdenv, fetchurl, cmake }:
{ lib, stdenv, fetchurl, cmake, removeReferencesTo }:
stdenv.mkDerivation rec {
version = "0.6.3";
@ -9,13 +9,21 @@ stdenv.mkDerivation rec {
sha256 = "07857vdkak306d9s5g6fhmjyxk7vijzjhkmqb15s7ihfxx9lx8xb";
};
cmakeFlags = lib.optionals stdenv.isDarwin [ "-DENABLE_UBSAN=OFF" ];
nativeBuildInputs = [ cmake ];
nativeBuildInputs = [ cmake removeReferencesTo ];
# It used to reference it, in the past, but thanks to the postFixup hook, now
# it doesn't.
disallowedReferences = [ stdenv.cc.cc ];
postFixup = lib.optionalString stdenv.isLinux ''
remove-references-to -t ${stdenv.cc.cc} "$(readlink -f $out/lib/libgme.so)"
'';
meta = with lib; {
homepage = "https://bitbucket.org/mpyne/game-music-emu/wiki/Home";
description = "A collection of video game music file emulators";
license = licenses.lgpl21Plus;
platforms = platforms.all;
maintainers = with maintainers; [ luc65r ];
maintainers = with maintainers; [ luc65r lheckemann ];
};
}

View file

@ -15,13 +15,13 @@
python3Packages.buildPythonApplication rec {
pname = "indicator-sound-switcher";
version = "2.3.7";
version = "2.3.9";
src = fetchFromGitHub {
owner = "yktoo";
repo = pname;
rev = "v${version}";
sha256 = "sha256-agzU3Z3E6NvCnlsz9L719LqMTm8EmYg3TY/2lWTYgKs=";
rev = "refs/tags/v${version}";
sha256 = "sha256-qJ1lg9A1aCM+/v/JbQAVpYGX25qA5ULqsM8k7uH1uvQ=";
};
postPatch = ''

View file

@ -15,13 +15,13 @@
stdenv.mkDerivation rec {
pname = "mympd";
version = "9.5.2";
version = "9.5.3";
src = fetchFromGitHub {
owner = "jcorporation";
repo = "myMPD";
rev = "v${version}";
sha256 = "sha256-WmGaZXITvrp7ml7s7FPyp3Q3072KU/P6UombBj99fX0=";
sha256 = "sha256-0plbOBTrEOjfVbyfrQ8mNByJb6XygIPTrwGfY6+0DHo=";
};
nativeBuildInputs = [

View file

@ -1,5 +1,6 @@
{ lib
, stdenv
, fetchpatch
, fetchFromGitHub
, rustPlatform
, meson
@ -21,20 +22,26 @@
stdenv.mkDerivation rec {
pname = "netease-cloud-music-gtk";
version = "2.0.1";
version = "2.0.2";
src = fetchFromGitHub {
owner = "gmg137";
repo = pname;
rev = version;
hash = "sha256-dlJZvmfw9+cavAysxVzCekgPdygg5zbU3ZR5BOjPk08=";
hash = "sha256-0pmuzdRQBdUS4ORh3zJQWb/hbhk7SY3P4QMwoy4Mgp8=";
};
patches = [ ./cargo-lock.patch ];
patches = [
(fetchpatch {
name = "add-cargo-lock-for-2.0.2.patch";
url = "https://github.com/gmg137/netease-cloud-music-gtk/commit/21b5d40d49e661fe7bd35ed10bb8b883ef7fcd9f.patch";
hash = "sha256-pSgc+yJQMNyLPYUMc1Kp/Kr+++2tH8srIM5PgVeoZ+E=";
})
];
cargoDeps = rustPlatform.fetchCargoTarball {
inherit src patches;
hash = "sha256-mJyjWEBsLhHwJCeZyRdby/K/jse0F9UBwfQxkNtZito=";
hash = "sha256-7Z5i5Xqtk4ZbBXSVYg1e05ENa2swC88Ctd2paE60Yyo=";
};
nativeBuildInputs = [

View file

@ -1,20 +0,0 @@
#!/usr/bin/env nix-shell
#!nix-shell -i bash -p coreutils ripgrep git cargo
# Ref: https://github.com/NixOS/nixpkgs/blob/nixos-21.05/pkgs/applications/audio/netease-music-tui/update-cargo-lock.sh
set -eu -vx
here=$PWD
version=$(rg '^ version = "' default.nix | cut -d '"' -f 2)
checkout=$(mktemp -d)
git clone -b "$version" --depth=1 https://github.com/gmg137/netease-cloud-music-gtk "$checkout"
cd "$checkout"
cargo generate-lockfile
git add -f Cargo.lock
git diff HEAD -- Cargo.lock > "$here"/cargo-lock.patch
cd "$here"
rm -rf "$checkout"

View file

@ -1,5 +1,17 @@
{ lib, fetchFromGitHub, rustPlatform, alsa-lib, atk, cairo, dbus, gdk-pixbuf, glib, gtk3, pango, pkg-config }:
{ lib, fetchFromGitHub, rustPlatform, alsa-lib, atk, cairo, dbus, gdk-pixbuf, glib, gtk3, pango, pkg-config, makeDesktopItem }:
let
desktopItem = makeDesktopItem {
name = "Psst";
exec = "psst-gui";
comment = "Fast and multi-platform Spotify client with native GUI";
desktopName = "Psst";
type = "Application";
categories = [ "Audio" "AudioVideo" ];
icon = "psst";
terminal = false;
};
in
rustPlatform.buildRustPackage rec {
pname = "psst";
version = "unstable-2022-05-19";
@ -29,7 +41,10 @@ rustPlatform.buildRustPackage rec {
];
postInstall = ''
install -Dm444 psst-gui/assets/logo_512.png $out/share/icons/${pname}.png
mkdir -pv $out/share/icons/hicolor/512x512/apps
install -Dm444 psst-gui/assets/logo_512.png $out/share/icons/hicolor/512x512/apps/${pname}.png
mkdir -pv $out/share/applications
ln -s ${desktopItem}/share/applications/* $out/share/applications
'';
meta = with lib; {

View file

@ -42,13 +42,13 @@ let
in
stdenv.mkDerivation rec {
pname = "strawberry";
version = "1.0.7";
version = "1.0.8";
src = fetchFromGitHub {
owner = "jonaski";
repo = pname;
rev = version;
hash = "sha256-TAt/P9nykUtOoHmprFiUJnip8mAnJlvkufD0v9ZWrp4=";
hash = "sha256-NhouAHr5fKdH62rtCIHlr8ennixIf9YQrf4zRIGjfxs=";
};
# the big strawberry shown in the context menu is *very* much in your face, so use the grey version instead

View file

@ -6,13 +6,13 @@
buildDotnetModule rec {
pname = "btcpayserver";
version = "1.6.9";
version = "1.6.10";
src = fetchFromGitHub {
owner = pname;
repo = pname;
rev = "v${version}";
sha256 = "sha256-kN+/TQCc35iI8gr9pYlW4B3B6WasGyKQffkJ8rMffVk=";
sha256 = "sha256-fy8mIGVij6rjaGEWE6700gbiFnH741hIuvg26W1dBlw=";
};
projectFile = "BTCPayServer/BTCPayServer.csproj";

View file

@ -3,11 +3,11 @@
, darwin
, fetchurl
, autoconf
, automake
, autogen
, automake
, gettext
, libtool
, pkg-config
, protobuf
, unzip
, which
, gmp
@ -17,25 +17,34 @@
, zlib
}:
let
py3 = python3.withPackages (p: [ p.Mako p.mrkd ]);
py3 = python3.withPackages (p: [ p.Mako ]);
in
stdenv.mkDerivation rec {
pname = "clightning";
version = "0.11.2";
version = "0.12.0";
src = fetchurl {
url = "https://github.com/ElementsProject/lightning/releases/download/v${version}/clightning-v${version}.zip";
sha256 = "09qqfnj809dpwar9ijm3ic5cv4019hsnvh2h6sfpdqp1smf9igxs";
sha256 = "1ff400339db3d314b459e1a3e973f1213783e814faa21f2e1b18917693cabfd9";
};
manpages = fetchurl {
url = "https://github.com/ElementsProject/lightning/releases/download/v${version}/clightning-v${version}-manpages.tar.xz";
sha256 = "sha256-7EohXp0/gIJwlMsTHwlcLNBzZb8LwF9n0eXkQhOnY7g=";
};
# when building on darwin we need dawin.cctools to provide the correct libtool
# as libwally-core detects the host as darwin and tries to add the -static
# option to libtool, also we have to add the modified gsed package.
nativeBuildInputs = [ autogen autoconf automake gettext pkg-config py3 unzip which ]
++ lib.optionals stdenv.isDarwin [ darwin.cctools darwin.autoSignDarwinBinariesHook ] ++ [ libtool ];
nativeBuildInputs = [ autoconf autogen automake gettext libtool protobuf py3 unzip which ]
++ lib.optionals stdenv.isDarwin [ darwin.cctools darwin.autoSignDarwinBinariesHook ];
buildInputs = [ gmp libsodium sqlite zlib ];
postUnpack = ''
tar -xf $manpages -C $sourceRoot
'';
# this causes some python trouble on a darwin host so we skip this step.
# also we have to tell libwally-core to use sed instead of gsed.
postPatch = if !stdenv.isDarwin then ''

View file

@ -2,17 +2,17 @@
buildGoModule rec {
pname = "erigon";
version = "2022.08.02";
version = "2022.08.03";
src = fetchFromGitHub {
owner = "ledgerwatch";
repo = pname;
rev = "v${version}";
sha256 = "sha256-JXVVfhR7XQKPLpH9F+78+y5hLBGdq/qSA2wniM/sf5s=";
sha256 = "sha256-Z+YghJjJfeGO/LuwcLb5A9ghZUcL1OoppMZPsa38ahQ=";
fetchSubmodules = true;
};
vendorSha256 = "sha256-Muksput9s0I9AeQNG+QSbfz0/s14EmSERFg8h0rqaJ8=";
vendorSha256 = "sha256-2+9oXLIDYZfWzQfnjwJet4QT01tGzLlQJFjN4ZbG6uw=";
proxyVendor = true;
# Build errors in mdbx when format hardening is enabled:

View file

@ -6,23 +6,24 @@
, withGui ? true, libevent
, qtbase, qttools
, zeromq
, fmt
}:
with lib;
mkDerivation rec {
pname = "litecoin" + optionalString (!withGui) "d";
version = "0.18.1";
version = "0.21.2.1";
src = fetchFromGitHub {
owner = "litecoin-project";
repo = "litecoin";
rev = "v${version}";
sha256 = "11753zhyx1kmrlljc6kbjwrcb06dfcrsqvmw3iaki9a132qk6l5c";
sha256 = "sha256-WJFdac5hGrHy9o3HzjS91zH+4EtJY7kUJAQK+aZaEyo=";
};
nativeBuildInputs = [ pkg-config autoreconfHook ];
buildInputs = [ openssl db48 boost zlib zeromq
buildInputs = [ openssl db48 boost zlib zeromq fmt
miniupnpc glib protobuf util-linux libevent ]
++ optionals stdenv.isDarwin [ AppKit ]
++ optionals withGui [ qtbase qttools qrencode ];
@ -34,6 +35,11 @@ mkDerivation rec {
enableParallelBuilding = true;
doCheck = true;
checkPhase = ''
./src/test/test_litecoin
'';
meta = {
broken = (stdenv.isLinux && stdenv.isAarch64) || stdenv.isDarwin;
description = "A lite version of Bitcoin using scrypt as a proof-of-work algorithm";

View file

@ -6,16 +6,16 @@
buildGoModule rec {
pname = "lnd";
version = "0.15.0-beta";
version = "0.15.1-beta";
src = fetchFromGitHub {
owner = "lightningnetwork";
repo = "lnd";
rev = "v${version}";
sha256 = "sha256-v8nLsnd6dus+og75U9VIO1K5IuyNh+VYdQfbfbYeox0=";
sha256 = "sha256-E1RxFy7eRCTnzTg2B0llRt+r41K6V4VQH7Edh1As4cY=";
};
vendorSha256 = "sha256-fx3WsyLyES+ezJGDe3SjFTeGlPMmqKEtWlYGkWpxODc=";
vendorSha256 = "sha256-e72HIsS1fftJEOvjr1RQMo3+gjlBxXPHq2olGWfurJk=";
subPackages = [ "cmd/lncli" "cmd/lnd" ];

View file

@ -4,7 +4,7 @@
}:
rustPlatform.buildRustPackage rec {
pname = "nearcore";
version = "1.28.0";
version = "1.28.1";
# https://github.com/near/nearcore/tags
src = fetchFromGitHub {
@ -13,10 +13,10 @@ rustPlatform.buildRustPackage rec {
# there is also a branch for this version number, so we need to be explicit
rev = "refs/tags/${version}";
sha256 = "sha256-DRVlD74XTYgy3GeUd/7OIl2aie8nEJLmrmmkwPRkrA8=";
sha256 = "sha256-lAbVcmr8StAZAII++21xiBd4tRcdprefvcGzPLIjl74=";
};
cargoSha256 = "sha256-hTqje17EdVkgqReuLnizaK3cBJuqXJXC6x5NuoKJLbs=";
cargoSha256 = "sha256-1aoL5fbKZ4XZ1ELVDWNDFHDL2FyNuoX/DVb0h8RWBxI=";
cargoPatches = [ ./0001-make-near-test-contracts-optional.patch ];
postPatch = ''

View file

@ -10,13 +10,13 @@
}:
rustPlatform.buildRustPackage rec {
pname = "polkadot";
version = "0.9.27";
version = "0.9.28";
src = fetchFromGitHub {
owner = "paritytech";
repo = "polkadot";
rev = "v${version}";
sha256 = "sha256-abDkDkFXBG4C7lvE9g6cvUYTfQt7ObZ+Ya8V0W7ASBE=";
sha256 = "sha256-PYPNbysk9jHGtAUGr8O/Ah0ArTNKQYYToR5djG+XujI=";
# the build process of polkadot requires a .git folder in order to determine
# the git commit hash that is being built and add it to the version string.
@ -32,7 +32,7 @@ rustPlatform.buildRustPackage rec {
'';
};
cargoSha256 = "sha256-xDjHu6JARIFy2fVQMGhkdU9Qcz/aqumBFe4MjlH0TCY=";
cargoSha256 = "sha256-Dqcjt3yvZdaHp6sIQFo9wYH/icIInyXqKHE1Q/JjrwY=";
buildInputs = lib.optional stdenv.isDarwin [ Security ];

View file

@ -31,20 +31,20 @@ let
(name: spec:
fetchFromGitHub {
repo = name;
inherit (spec) owner rev sha256;
inherit (spec) owner rev hash;
}
)
(lib.importJSON ./deps.json);
in
stdenv.mkDerivation rec {
pname = "cudatext";
version = "1.168.0";
version = "1.169.2";
src = fetchFromGitHub {
owner = "Alexey-T";
repo = "CudaText";
rev = version;
sha256 = "sha256-/06eZ79Zeq6jtcfq+lOcumBgP59bqCX/Km7k21FroSc=";
hash = "sha256-EQAoKft/L4sbdY8hOvyu+Cy+3I8Lt4g1KTxTlSYALac=";
};
postPatch = ''

View file

@ -2,56 +2,56 @@
"EncConv": {
"owner": "Alexey-T",
"rev": "2022.06.19",
"sha256": "sha256-M00rHH3dG6Vx6MEALxRNlnLLfX/rRI+rdTS7riOhgeg="
"hash": "sha256-M00rHH3dG6Vx6MEALxRNlnLLfX/rRI+rdTS7riOhgeg="
},
"ATBinHex-Lazarus": {
"owner": "Alexey-T",
"rev": "2022.06.14",
"sha256": "sha256-3QhARraYURW5uCf2f4MZfUbxdbsg9h7BlXUxKcz4jwA="
"hash": "sha256-3QhARraYURW5uCf2f4MZfUbxdbsg9h7BlXUxKcz4jwA="
},
"ATFlatControls": {
"owner": "Alexey-T",
"rev": "2022.07.17",
"sha256": "sha256-KMGmimbtUQHa8i5wt4KLA/HotLbb/ISzdznmdqPXkNU="
"rev": "2022.08.28",
"hash": "sha256-jkVHwPQGPtLeSRy502thPIrDWzkkwvlnyGcTzjgFgIc="
},
"ATSynEdit": {
"owner": "Alexey-T",
"rev": "2022.07.27",
"sha256": "sha256-SGozuk0pvp0+PwAFbGG+QMUhQ2A6mXKr31u10WIveh0="
"rev": "2022.08.28",
"hash": "sha256-U/UD3vPnIdQUe/1g/mKgs5yGirsIB/uHTjD0MOouAyI="
},
"ATSynEdit_Cmp": {
"owner": "Alexey-T",
"rev": "2022.05.04",
"sha256": "sha256-6O4RijSejPogokLSBuC6pKrOpihMi/ykS06YyV64Sak="
"rev": "2022.08.28",
"hash": "sha256-/MWC4BoU/4kflvbly0phh+cfIR8rNwgWFtrXnmxk0Ks="
},
"EControl": {
"owner": "Alexey-T",
"rev": "2022.07.20",
"sha256": "sha256-pCIt21m34BuDbWLn+CQwqsMQHVWHtctME63Bjx1B9hE="
"rev": "2022.08.22",
"hash": "sha256-o87V32HhFpCeSxhgkfKiL69oCcmpiReVmiNBPyv1kc4="
},
"ATSynEdit_Ex": {
"owner": "Alexey-T",
"rev": "2022.07.20",
"sha256": "sha256-f/BdOMcx7NTpKgaFTz4MbK3O0GcUepyMPyRdhnZImjU="
"hash": "sha256-f/BdOMcx7NTpKgaFTz4MbK3O0GcUepyMPyRdhnZImjU="
},
"Python-for-Lazarus": {
"owner": "Alexey-T",
"rev": "2021.10.27",
"sha256": "sha256-ikXdDUMJ9MxRejEVAhwUsXYVh0URVFHzEpnXuN5NGpA="
"hash": "sha256-ikXdDUMJ9MxRejEVAhwUsXYVh0URVFHzEpnXuN5NGpA="
},
"Emmet-Pascal": {
"owner": "Alexey-T",
"rev": "2022.01.17",
"sha256": "sha256-5yqxRW7xFJ4MwHjKnxYL8/HrCDLn30a1gyQRjGMx/qw="
"hash": "sha256-5yqxRW7xFJ4MwHjKnxYL8/HrCDLn30a1gyQRjGMx/qw="
},
"CudaText-lexers": {
"owner": "Alexey-T",
"rev": "2021.07.09",
"sha256": "sha256-OyC85mTMi9m5kbtx8TAK2V4voL1i+J+TFoLVwxlHiD4="
"hash": "sha256-OyC85mTMi9m5kbtx8TAK2V4voL1i+J+TFoLVwxlHiD4="
},
"bgrabitmap": {
"owner": "bgrabitmap",
"rev": "v11.5",
"sha256": "sha256-Pevh+yhtN3oSSvbQfnO7SM6UHBVe0sSpbK8ss98XqcU="
"rev": "v11.5.2",
"hash": "sha256-aGNKkLDbGTeFgFEhuX7R2BXhnllsanJmk4k+1muiSD8="
}
}

View file

@ -20,7 +20,7 @@ hash=$(nix-prefetch-url --quiet --unpack --type sha256 $url)
sriHash=$(nix hash to-sri --type sha256 $hash)
sed -i "s#version = \".*\"#version = \"$version\"#" default.nix
sed -i "s#sha256 = \".*\"#sha256 = \"$sriHash\"#" default.nix
sed -i "s#hash = \".*\"#hash = \"$sriHash\"#" default.nix
while IFS=$'\t' read repo owner rev; do
latest=$(curl -s https://api.github.com/repos/${owner}/${repo}/releases/latest | jq -r '.tag_name')
@ -28,6 +28,6 @@ while IFS=$'\t' read repo owner rev; do
url="https://github.com/${owner}/${repo}/archive/refs/tags/${latest}.tar.gz"
hash=$(nix-prefetch-url --quiet --unpack --type sha256 $url)
sriHash=$(nix hash to-sri --type sha256 $hash)
jq ".\"${repo}\".rev = \"${latest}\" | .\"${repo}\".sha256 = \"${sriHash}\"" deps.json | sponge deps.json
jq ".\"${repo}\".rev = \"${latest}\" | .\"${repo}\".hash = \"${sriHash}\"" deps.json | sponge deps.json
fi
done <<< $(jq -r 'to_entries[]|[.key,.value.owner,.value.rev]|@tsv' deps.json)

View file

@ -2,11 +2,11 @@
trivialBuild rec {
pname = "ebuild-mode";
version = "1.55";
version = "1.60";
src = fetchurl {
url = "https://dev.gentoo.org/~ulm/emacs/${pname}-${version}.tar.xz";
sha256 = "1bs2s5g79vrbk8544lvp388cdbig0s121kwk0h10hif4kp56ka9w";
sha256 = "sha256-XN+RLVff4yvxjaAuNjUgSOzU0KdnVGMt9B78rfW389g=";
};
meta = with lib; {

View file

@ -2,17 +2,17 @@
rustPlatform.buildRustPackage rec {
pname = "helix";
version = "22.05";
version = "22.08";
# This release tarball includes source code for the tree-sitter grammars,
# which is not ordinarily part of the repository.
src = fetchzip {
url = "https://github.com/helix-editor/helix/releases/download/${version}/helix-${version}-source.tar.xz";
sha256 = "sha256-MVHfj9iVC8rFGFU+kpRcH0qX9kQ+scFsRgSw7suC5RU=";
sha256 = "sha256-PSTsPt+OQhYQ/m/hm5PgHWrQXtbooT+tG0767KyiJJw=";
stripRoot = false;
};
cargoSha256 = "sha256-9jkSZ2yW0Pca1ats7Mgv7HprpjoZWLpsbuwMjYOKlmk=";
cargoSha256 = "sha256-5Ap/PU8IjAPKKiFxzHqWQMspWkbTYIwTNiSMWIceUPc=";
nativeBuildInputs = [ makeWrapper ];

View file

@ -5,13 +5,13 @@
stdenv.mkDerivation rec {
pname = "oed";
version = "6.7";
version = "7.1";
src = fetchFromGitHub {
owner = "ibara";
repo = "oed";
rev = "oed-${version}";
hash = "sha256-Z8B1RIFve3UPj+9G/WJX0BNc2ynG/qtoGfoesarYGz8=";
hash = "sha256-ySfw8Xo/dCBd3K3dxWsdPz8gQ+KeXyReIlUo4q5SFCc=";
};
postPatch = lib.optionalString (stdenv.buildPlatform != stdenv.hostPlatform) ''

View file

@ -6,33 +6,22 @@
}:
let
pname = "sublimetext4";
pnameBase = "sublimetext4";
packageAttribute = "sublime4${lib.optionalString dev "-dev"}";
binaries = [ "sublime_text" "plugin_host-3.3" "plugin_host-3.8" "crash_reporter" ];
primaryBinary = "sublime_text";
primaryBinaryAliases = [ "subl" "sublime" "sublime4" ];
downloadUrl = "https://download.sublimetext.com/sublime_text_build_${buildVersion}_${arch}.tar.xz";
downloadUrl = arch: "https://download.sublimetext.com/sublime_text_build_${buildVersion}_${arch}.tar.xz";
versionUrl = "https://download.sublimetext.com/latest/${if dev then "dev" else "stable"}";
versionFile = builtins.toString ./packages.nix;
archSha256 = {
"aarch64-linux" = aarch64sha256;
"x86_64-linux" = x64sha256;
}.${stdenv.hostPlatform.system};
arch = {
"aarch64-linux" = "arm64";
"x86_64-linux" = "x64";
}.${stdenv.hostPlatform.system};
libPath = lib.makeLibraryPath [ xorg.libX11 xorg.libXtst glib libglvnd openssl gtk3 cairo pango curl ];
in let
binaryPackage = stdenv.mkDerivation {
pname = "${pname}-bin";
binaryPackage = stdenv.mkDerivation rec {
pname = "${pnameBase}-bin";
version = buildVersion;
src = fetchurl {
url = downloadUrl;
sha256 = archSha256;
};
src = passthru.sources.${stdenv.hostPlatform.system};
dontStrip = true;
dontPatchELF = true;
@ -95,9 +84,22 @@ in let
--set LOCALE_ARCHIVE "${glibcLocales.out}/lib/locale/locale-archive" \
"''${gappsWrapperArgs[@]}"
'';
passthru = {
sources = {
"aarch64-linux" = fetchurl {
url = downloadUrl "arm64";
sha256 = aarch64sha256;
};
"x86_64-linux" = fetchurl {
url = downloadUrl "x64";
sha256 = x64sha256;
};
};
};
};
in stdenv.mkDerivation (rec {
inherit pname;
pname = pnameBase;
version = buildVersion;
dontUnpack = true;
@ -119,24 +121,30 @@ in stdenv.mkDerivation (rec {
done
'';
passthru.updateScript = writeShellScript "${pname}-update-script" ''
set -o errexit
PATH=${lib.makeBinPath [ common-updater-scripts curl ]}
passthru = {
updateScript =
let
script = writeShellScript "${packageAttribute}-update-script" ''
set -o errexit
PATH=${lib.makeBinPath [ common-updater-scripts curl ]}
latestVersion=$(curl -s ${versionUrl})
versionFile=$1
latestVersion=$(curl -s "${versionUrl}")
if [[ "${buildVersion}" = "$latestVersion" ]]; then
echo "The new version same as the old version."
exit 0
fi
if [[ "${buildVersion}" = "$latestVersion" ]]; then
echo "The new version same as the old version."
exit 0
fi
for platform in ${lib.concatStringsSep " " meta.platforms}; do
# The script will not perform an update when the version attribute is up to date from previous platform run
# We need to clear it before each run
update-source-version ${packageAttribute}.${primaryBinary} 0 0000000000000000000000000000000000000000000000000000000000000000 --file=${versionFile} --version-key=buildVersion --system=$platform
update-source-version ${packageAttribute}.${primaryBinary} $latestVersion --file=${versionFile} --version-key=buildVersion --system=$platform
done
'';
for platform in ${lib.escapeShellArgs meta.platforms}; do
# The script will not perform an update when the version attribute is up to date from previous platform run
# We need to clear it before each run
update-source-version "${packageAttribute}.${primaryBinary}" 0 "${lib.fakeSha256}" --file="$versionFile" --version-key=buildVersion --source-key="sources.$platform"
update-source-version "${packageAttribute}.${primaryBinary}" "$latestVersion" --file="$versionFile" --version-key=buildVersion --source-key="sources.$platform"
done
'';
in [ script versionFile ];
};
meta = with lib; {
description = "Sophisticated text editor for code, markup and prose";

View file

@ -11,9 +11,9 @@ in
} {};
sublime4-dev = common {
buildVersion = "4125";
buildVersion = "4134";
dev = true;
x64sha256 = "sha256-+WvLkA7sltJadfm704rOECU4LNoVsv8rDmoAlO/M6Jo=";
aarch64sha256 = "11rbdy9rsn5b39qykbws4dqss89snrik7c2vdiw9cj0kibglsc3f";
x64sha256 = "rd3EG8e13FsPKihSM9qjUMRsEA6joMwVqhj1NZlwIaE=";
aarch64sha256 = "gdfEDd2E1sew08sVmcmw21zyil8JuJJMpG2T/9Pi81E=";
} {};
}

View file

@ -1,6 +1,6 @@
{
"TrueZen-nvim": {
"date": "2022-08-21",
"date": "2022-08-31",
"new": "true-zen-nvim"
},
"compe-tmux": {

File diff suppressed because it is too large Load diff

View file

@ -53,7 +53,6 @@
, zsh
# command-t dependencies
, rake
, ruby
# cpsm dependencies
@ -240,9 +239,11 @@ self: super: {
};
command-t = super.command-t.overrideAttrs (old: {
buildInputs = [ ruby rake ];
buildInputs = [ ruby ];
buildPhase = ''
rake make
substituteInPlace lua/wincent/commandt/lib/Makefile \
--replace '/bin/bash' 'bash'
make build
rm ruby/command-t/ext/command-t/*.o
'';
});
@ -979,7 +980,7 @@ self: super: {
libiconv
];
cargoSha256 = "sha256-prqS4cx5T+EiilXf3v7ResNBtgst0Kpgvayknf0QDXA=";
cargoSha256 = "sha256-QAfHhpXABuOPaHCfQQZYhBERGXMaJPFipWHt/MeSc3c=";
};
in
''
@ -1102,7 +1103,7 @@ self: super: {
vim-isort = super.vim-isort.overrideAttrs (old: {
postPatch = ''
substituteInPlace ftplugin/python_vimisort.vim \
--replace 'import vim' 'import vim; import sys; sys.path.append("${python2.pkgs.isort}/${python2.sitePackages}")'
--replace 'import vim' 'import vim; import sys; sys.path.append("${python3.pkgs.isort}/${python3.sitePackages}")'
'';
});

View file

@ -475,6 +475,7 @@ https://github.com/dstein64/nvim-scrollview/,,
https://github.com/dcampos/nvim-snippy/,HEAD,
https://github.com/ishan9299/nvim-solarized-lua/,,
https://github.com/nvim-pack/nvim-spectre/,,
https://github.com/kylechui/nvim-surround/,main,
https://github.com/norcalli/nvim-terminal.lua/,,
https://github.com/kyazdani42/nvim-tree.lua/,,
https://github.com/nvim-treesitter/nvim-treesitter/,,

View file

@ -2507,8 +2507,8 @@ let
mktplcRef = {
name = "errorlens";
publisher = "usernamehw";
version = "3.5.1";
sha256 = "17xbbr5hjrs67yazicb9qillbkp3wnaccjpnl1jlp07s0n7q4f8f";
version = "3.6.0";
sha256 = "sha256-oNzB81mPZjEwrqbeFMvTlXERXrYBpF03EH9ZXz/daOs=";
};
meta = with lib; {
changelog = "https://marketplace.visualstudio.com/items/usernamehw.errorlens/changelog";

View file

@ -12,14 +12,14 @@
mkDerivation rec {
pname = "ripes";
version = "2.2.4";
version = "2.2.5";
src = fetchFromGitHub {
owner = "mortbopet";
repo = "Ripes";
rev = "v${version}";
fetchSubmodules = true;
sha256 = "sha256-Aal2A4xypzaY7Oa+boIrXk7ITNKnh5OZIP7DkJjcGu4=";
sha256 = "sha256-HdvLi3OKJmr+U/dxCGmq6JR91dWpUL3uoPumH2/B46k=";
};
nativeBuildInputs = [

View file

@ -1,24 +1,45 @@
{ lib
, stdenv
, fetchFromGitHub
, fetchzip
, srcOnly
, cmake
, unzip
}:
stdenv.mkDerivation rec {
pname = "wibo";
version = "0.2.0";
version = "0.2.4";
src = fetchFromGitHub {
owner = "decompals";
repo = "WiBo";
repo = "wibo";
rev = version;
sha256 = "sha256-zv+FiordPo7aho3RJqDEe/1sJtjVt6Vy665VeNul/Kw=";
hash = "sha256-dpfKSiIWE9L5BLPH2t8RsUz7Ufkdo/5zn1dewaEgJl0=";
};
nativeBuildInputs = [
cmake
unzip
];
doCheck = false;
# Test step from https://github.com/decompals/wibo/blob/main/.github/workflows/ci.yml
checkPhase = let
gc = srcOnly {
name = "GC_WII_COMPILERS";
src = fetchzip {
url = "https://cdn.discordapp.com/attachments/727918646525165659/917185027656286218/GC_WII_COMPILERS.zip";
hash = "sha256-o+UrmIbCsa74LxtLofT0DKrTRgT0qDK5/V7GsG2Zprc=";
stripRoot = false;
};
meta.license = lib.licenses.unfree;
};
in lib.optionalString doCheck ''
MWCIncludes=. ./wibo ${gc}/GC/2.7/mwcceppc.exe -c ../test/test.c
file test.o | grep "ELF 32-bit"
'';
meta = with lib; {
description = "Quick-and-dirty wrapper to run 32-bit windows EXEs on linux";
longDescription = ''

View file

@ -8,6 +8,7 @@
, ncurses
, readline
, which
, musl-fts
# options
, conf ? null
, withIcons ? false
@ -33,7 +34,10 @@ stdenv.mkDerivation rec {
preBuild = lib.optionalString (conf != null) "cp ${configFile} src/nnn.h";
nativeBuildInputs = [ installShellFiles makeWrapper pkg-config ];
buildInputs = [ readline ncurses ];
buildInputs = [ readline ncurses ] ++ lib.optional stdenv.hostPlatform.isMusl musl-fts;
NIX_CFLAGS_COMPILE = lib.optionalString stdenv.hostPlatform.isMusl "-I${musl-fts}/include";
NIX_LDFLAGS = lib.optionalString stdenv.hostPlatform.isMusl "-lfts";
makeFlags = [ "PREFIX=${placeholder "out"}" ]
++ lib.optional withIcons [ "O_ICONS=1" ]

View file

@ -46,13 +46,13 @@ in
stdenv.mkDerivation rec {
pname = "imagemagick";
version = "7.1.0-46";
version = "7.1.0-47";
src = fetchFromGitHub {
owner = "ImageMagick";
repo = "ImageMagick";
rev = version;
hash = "sha256-yts86tQMPgdF9Zk1vljVza21mlx1g3XcoHjvtsMoZhA=";
hash = "sha256-x5kC9nd38KgSpzJX3y6h2iBnte+UHrfZnbkRD/Dgqi8=";
};
outputs = [ "out" "dev" "doc" ]; # bin/ isn't really big

View file

@ -56,11 +56,11 @@
mkDerivation rec {
pname = "digikam";
version = "7.7.0";
version = "7.8.0";
src = fetchurl {
url = "mirror://kde/stable/${pname}/${version}/digiKam-${version}.tar.xz";
sha256 = "sha256-wMbdLqigdRSsvyRi86VFGOfoCZszN/iBM2Foz/Y9dxw=";
sha256 = "sha256-sIV3sLFe+ZhDaVcIqiwOmNVHMD2Fvio7OZBUhPLKts4=";
};
nativeBuildInputs = [ cmake doxygen extra-cmake-modules kdoctools wrapGAppsHook ];

View file

@ -16,16 +16,16 @@
rustPlatform.buildRustPackage rec {
pname = "epick";
version = "0.7.0";
version = "0.8.0";
src = fetchFromGitHub {
owner = "vv9k";
repo = pname;
rev = version;
sha256 = "sha256-BrJkG1OYpkAfBYUfLn/CNDBc0n1tW5OLnpobkPABQow=";
sha256 = "sha256-LJg68YY8PqKF7Thn181XRFsCNJA0DkYKVFbIR1UkxGU=";
};
cargoSha256 = "sha256-hFay+XL2oqA7SC+I3wlrzhUmUitO2vbeqfoArU9Jsp4=";
cargoSha256 = "sha256-j6tim6dS++ECfBMdyQlS3CqN+Tr5ozHqyZ1bPKhDKV0=";
nativeBuildInputs = lib.optional stdenv.isLinux python3;

View file

@ -1,7 +1,7 @@
{ callPackage, ... } @ args:
callPackage ./generic.nix (args // {
version = "5.0.8";
version = "5.1.0";
kde-channel = "stable";
sha256 = "sha256:7R0fpQc+4MQVDh/enhCTgpgOqU0y5YRShrv/ILa/XkU=";
sha256 = "sha256-mjs/WFhIC3CRvUhEmSbmE1OOqKTcBiSchg/+PaWs2II=";
})

View file

@ -3,7 +3,7 @@
, kguiaddons, ki18n, kitemmodels, kitemviews, kwindowsystem
, kio, kcrash, breeze-icons
, boost, libraw, fftw, eigen, exiv2, libheif, lcms2, gsl, openexr, giflib
, openjpeg, opencolorio_1, vc, poppler, curl, ilmbase, libmypaint, libwebp
, openjpeg, opencolorio_1, xsimd, poppler, curl, ilmbase, libmypaint, libwebp
, qtmultimedia, qtx11extras, quazip
, python3Packages
@ -32,7 +32,8 @@ mkDerivation rec {
openjpeg opencolorio_1 poppler curl ilmbase libmypaint libwebp
qtmultimedia qtx11extras quazip
python3Packages.pyqt5
] ++ lib.optional stdenv.hostPlatform.isx86 vc;
xsimd
];
NIX_CFLAGS_COMPILE = [ "-I${ilmbase.dev}/include/OpenEXR" ]
++ lib.optional stdenv.cc.isGNU "-Wno-deprecated-copy";

View file

@ -1,5 +1,6 @@
{ lib, stdenv
, fetchFromGitHub
, fetchpatch
, qtbase
, qtmultimedia
, qscintilla
@ -42,6 +43,19 @@ mkDerivation rec {
sha256 = "sha256-2tOLqpFt5klFPxHNONnHVzBKEFWn4+ufx/MU+eYbliA=";
};
patches = [
(fetchpatch {
name = "CVE-2022-0496.patch";
url = "https://github.com/openscad/openscad/commit/00a4692989c4e2f191525f73f24ad8727bacdf41.patch";
sha256 = "sha256-q3SLj2b5aM/IQ8vIDj4iVcwCajgyJ5juNV/KN35uxfI=";
})
(fetchpatch {
name = "CVE-2022-0497.patch";
url = "https://github.com/openscad/openscad/commit/84addf3c1efbd51d8ff424b7da276400bbfa1a4b.patch";
sha256 = "sha256-KNEVu10E2d4G2x+FJcuHo2tjD8ygMRuhUcW9NbN98bM=";
})
];
nativeBuildInputs = [ bison flex pkg-config gettext qmake ];
buildInputs = [

View file

@ -1,5 +1,5 @@
{
mkDerivation, lib, kdepimTeam,
mkDerivation, fetchpatch, lib, kdepimTeam,
extra-cmake-modules, kdoctools,
boost, gpgme, kcmutils, kdbusaddons, kiconthemes, kitemmodels, kmime,
knotifications, kwindowsystem, kxmlgui, libkleo, kcrash
@ -7,15 +7,25 @@
mkDerivation {
pname = "kleopatra";
patches = [
(fetchpatch {
url = "https://invent.kde.org/pim/kleopatra/-/commit/87d8b00d4b2286489d5fadc9cfa07f1d721cdfe3.patch";
sha256 = "sha256-s1tXB7h0KtFwwZHx8rhpI0nLZmwhWAiraHEF3KzncMc=";
})
];
nativeBuildInputs = [ extra-cmake-modules kdoctools ];
buildInputs = [
boost gpgme kcmutils kdbusaddons kiconthemes kitemmodels kmime
knotifications kwindowsystem kxmlgui libkleo kcrash
];
meta = {
homepage = "https://apps.kde.org/kleopatra/";
description = "Certificate manager and unified crypto GUI";
license = with lib.licenses; [ gpl2 lgpl21 fdl12 ];
maintainers = kdepimTeam;
};
nativeBuildInputs = [ extra-cmake-modules kdoctools ];
buildInputs = [
boost gpgme kcmutils kdbusaddons kiconthemes kitemmodels kmime
knotifications kwindowsystem kxmlgui libkleo kcrash
];
}

View file

@ -1,8 +1,8 @@
{ buildGoModule, fetchFromGitHub, installShellFiles, lib }:
let
humioCtlVersion = "0.29.2";
sha256 = "sha256-Ba3xy2hbU6Gq/TeLnNxSkJga8CqHNyqSgx2ZrFhThL4=";
humioCtlVersion = "0.30.0";
sha256 = "sha256-BwpnqaUZvttGRtsZT2xcyXfMJZ7EIsKenTPF669ktQM=";
vendorSha256 = "sha256-70QxW2nn6PS6HZWllmQ8O39fbUcbe4c/nKAygLnD4n0=";
in buildGoModule {
name = "humioctl-${humioCtlVersion}";

View file

@ -6,11 +6,11 @@ with python3.pkgs;
buildPythonApplication rec {
pname = "ablog";
version = "0.10.24";
version = "0.10.29";
src = fetchPypi {
inherit pname version;
sha256 = "sha256-bLpINvEH7B/duSRrfzvq25se0mvbbcxaEcAs8xMw6Kc=";
sha256 = "sha256-q2zoXCmnzzjXSBGFKzondOQRz7CjZp0wCiXxbgpXHIA=";
};
propagatedBuildInputs = [

View file

@ -2,13 +2,13 @@
let
pname = "anytype";
version = "0.27.0";
version = "0.28.0";
name = "Anytype-${version}";
nameExecutable = pname;
src = fetchurl {
url = "https://at9412003.fra1.digitaloceanspaces.com/Anytype-${version}.AppImage";
name = "Anytype-${version}.AppImage";
sha256 = "sha256-AcnXhilnr5ay45S30eNSDuN+Ed1TDv/Rh523LsUf3iM=";
sha256 = "sha256-tYeVz10saTJBf6DDGIVSd4IkSREDJFi/am/kg/An02E=";
};
appimageContents = appimageTools.extractType2 { inherit name src; };
in

View file

@ -3,13 +3,13 @@
buildGoModule rec {
pname = "cheat";
version = "4.3.1";
version = "4.3.3";
src = fetchFromGitHub {
owner = "cheat";
repo = "cheat";
rev = version;
sha256 = "sha256-Umbe3XoCQV+q37ROeIWQUZtTe1Nu59Z5Hxt2nc7/l64=";
sha256 = "sha256-cOryo70eJj2PIJ6R09Kx6lfoguYcduIiWiOBpYp8eqY=";
};
subPackages = [ "cmd/cheat" ];

View file

@ -1,32 +1,48 @@
{ lib, stdenv, fetchFromGitHub, cmake, pkg-config, gtk3, ncurses
, libcpuid, pciutils, procps, wrapGAppsHook, nasm, makeWrapper }:
, libcpuid, pciutils, procps, wrapGAppsHook, nasm, makeWrapper
, opencl-headers, ocl-icd
, vulkan-headers, vulkan-loader, glfw
, libXdmcp, pcre, util-linux
, libselinux, libsepol
, libthai, libdatrie, libxkbcommon, libepoxy
, dbus, at-spi2-core
, libXtst
}:
stdenv.mkDerivation rec {
pname = "cpu-x";
version = "4.3.1";
version = "4.4.0";
src = fetchFromGitHub {
owner = "X0rg";
repo = "CPU-X";
rev = "v${version}";
sha256 = "sha256-9oRNyspFmvIG63aJ8qyaVmi1GW1eW+Rg0+z8la3LuKA=";
sha256 = "sha256-PNfEiin4Hble/H8cOvSK+A7wmoeOlyITRUTwGTd3B6s=";
};
nativeBuildInputs = [ cmake pkg-config wrapGAppsHook nasm makeWrapper ];
buildInputs = [
gtk3 ncurses libcpuid pciutils procps
vulkan-headers vulkan-loader glfw
opencl-headers ocl-icd
libXdmcp pcre util-linux
libselinux libsepol
libthai libdatrie libxkbcommon libepoxy
dbus at-spi2-core
libXtst
];
postInstall = ''
wrapProgram $out/bin/cpu-x \
--prefix PATH : ${lib.makeBinPath [ stdenv.cc ]}
--prefix PATH : ${lib.makeBinPath [ stdenv.cc ]} \
--prefix LD_LIBRARY_PATH : ${vulkan-loader}/lib
'';
meta = with lib; {
description = "Free software that gathers information on CPU, motherboard and more";
homepage = src.meta.homepage;
license = licenses.gpl3;
license = licenses.gpl3Plus;
platforms = [ "x86_64-linux" ];
maintainers = with maintainers; [ ];
maintainers = with maintainers; [ viraptor ];
};
}

View file

@ -23,16 +23,16 @@
inherit maven; # use overridden maven version (see dbeaver's entry in all-packages.nix)
}) rec {
pname = "dbeaver";
version = "22.1.4"; # When updating also update mvnSha256
version = "22.1.5"; # When updating also update mvnSha256
src = fetchFromGitHub {
owner = "dbeaver";
repo = "dbeaver";
rev = version;
sha256 = "sha256-5s2SFquB0i5X2deBO0FStudReB4wGhQkhR39PHPBEAM=";
sha256 = "sha256-KMrevQ37c84UD46XygKa0Q06qacJianoYqfe4j4MfEI=";
};
mvnSha256 = "YIeKSL5scU8NxEIf+jK1g9cdFDOBVh14ruKMqUuz1Ts=";
mvnSha256 = "KVE+AYYEWN9bjAWop4mpiPq8yU3GdSGqOTmLG4pdflQ=";
mvnParameters = "-P desktop,all-platforms";
nativeBuildInputs = [

View file

@ -13,14 +13,16 @@
, tllist
, fcft
, enableCairo ? true
, withPNGBackend ? "libpng"
, withSVGBackend ? "librsvg"
# Optional dependencies
, svgSupport ? true
, pngSupport ? true
# Optional dependencies
, cairo
, librsvg
, libpng
}:
assert svgSupport -> enableCairo;
stdenv.mkDerivation rec {
pname = "fuzzel";
version = "1.7.0";
@ -49,19 +51,17 @@ stdenv.mkDerivation rec {
tllist
fcft
] ++ lib.optional enableCairo cairo
++ lib.optional (withPNGBackend == "libpng") libpng
++ lib.optional (withSVGBackend == "librsvg") librsvg;
++ lib.optional pngSupport libpng
++ lib.optional svgSupport librsvg;
mesonBuildType = "release";
mesonFlags = [
"-Denable-cairo=${if enableCairo then "enabled" else "disabled"}"
"-Dpng-backend=${withPNGBackend}"
"-Dsvg-backend=${withSVGBackend}"
"-Dpng-backend=${if pngSupport then "libpng" else "none"}"
"-Dsvg-backend=${if svgSupport then "librsvg" else "none"}"
];
CFLAGS = "-Wno-error=comment"; # https://gitlab.gnome.org/GNOME/librsvg/-/issues/856
meta = with lib; {
description = "Wayland-native application launcher, similar to rofis drun mode";
homepage = "https://codeberg.org/dnkl/fuzzel";

View file

@ -2,11 +2,11 @@
buildPythonApplication rec {
pname = "gallery_dl";
version = "1.22.4";
version = "1.23.0";
src = fetchPypi {
inherit pname version;
sha256 = "sha256-dJbzhZQIaMBXVd2r40F/fZfokkSq8pVSsRrymxrIynk=";
sha256 = "sha256-cGLtz5UPTIp0WfChKWdnrD4C+mGv+d83eHRrzpD7MIs=";
};
propagatedBuildInputs = [ requests yt-dlp ];

View file

@ -51,11 +51,11 @@ python3Packages.buildPythonApplication rec {
pkg-config
glib
wrapGAppsHook4
gobject-introspection
];
buildInputs = [
librsvg
gobject-introspection
libnotify
libadwaita
libportal

View file

@ -2,16 +2,16 @@
buildGoModule rec {
pname = "gum";
version = "0.4.0";
version = "0.5.0";
src = fetchFromGitHub {
owner = "charmbracelet";
repo = pname;
rev = "v${version}";
sha256 = "sha256-zFw2Lf+N8jxrw6JYqzsDMXIMchFc2bxAofELrgIMquk=";
sha256 = "sha256-S+sbfo7F6+bJeHywxM3jkZN+7MNQh9YRyLPHTC4wZnk=";
};
vendorSha256 = "sha256-8MqBGMcYR/kbExfXBeQrO8p7a/uawUk2hLmnQtarWEw=";
vendorSha256 = "sha256-vvNoO5eABGVwvAzK33uPelmo3BKxfqiYgEXZI7kgeSo=";
nativeBuildInputs = [
installShellFiles

View file

@ -2,13 +2,13 @@
mkDerivation rec {
pname = "heimer";
version = "3.5.0";
version = "3.6.0";
src = fetchFromGitHub {
owner = "juzzlin";
repo = pname;
rev = version;
sha256 = "sha256-rxvfBgbMVKNiv+F2fyqcieGamTUwFKScEky918oU8lc=";
sha256 = "sha256-GQf5S7mYuucJS5jsz0upe6DiniY8YXZXYQV7nyrjVmE=";
};
nativeBuildInputs = [ cmake ];

View file

@ -1,17 +1,17 @@
{ stdenv, lib, buildGoModule, fetchFromGitHub, installShellFiles }:
{ lib, buildGoModule, fetchFromGitHub, installShellFiles }:
buildGoModule rec {
pname = "hugo";
version = "0.101.0";
version = "0.102.2";
src = fetchFromGitHub {
owner = "gohugoio";
repo = pname;
rev = "v${version}";
sha256 = "sha256-Fodcefp8xdSV2tt6ZYaKdcLqVe2upEngQr6M+wV5wnw=";
sha256 = "sha256-mAkdx42JaYSSpNLssBNkX45V3VniVKVbPt2SQ/QaXmY=";
};
vendorSha256 = "sha256-tZQIKxY96G6ReegqjapJ2rLd7n92+axJ7F8UglF61eM=";
vendorSha256 = "sha256-oWOu8vmxe0a/nIgkjpx7XrB49rjcuqnnpuOMtI9bLfY=";
doCheck = false;
@ -23,6 +23,8 @@ buildGoModule rec {
nativeBuildInputs = [ installShellFiles ];
ldflags = [ "-s" "-w" "-X github.com/gohugoio/hugo/common/hugo.vendorInfo=nixpkgs" ];
postInstall = ''
$out/bin/hugo gen man
installManPage man/*

View file

@ -5,13 +5,13 @@
mkDerivation rec {
pname = "klayout";
version = "0.27.8";
version = "0.27.11";
src = fetchFromGitHub {
owner = "KLayout";
repo = "klayout";
rev = "v${version}";
hash = "sha256-t/nd7m8XpB026q/kyH16rKkw3qza19ISalB0Juzx4NU=";
hash = "sha256-w3ag+TPUrjPbPIy6N4HPsfraOyoHqBbvjwB1M6+qh60=";
};
postPatch = ''

View file

@ -13,12 +13,12 @@
let font-droid = nerdfonts.override { fonts = [ "DroidSansMono" ]; };
in stdenv.mkDerivation rec {
pname = "koreader";
version = "2022.07";
version = "2022.08";
src = fetchurl {
url =
"https://github.com/koreader/koreader/releases/download/v${version}/koreader-${version}-amd64.deb";
sha256 = "sha256-8WQFfmKgu6XPqWQsma656RWpNwNkSXmHOHs2cyVVqJU=";
sha256 = "sha256-+JBJNJTAnC5gpuo8cehfe/3YwGIW5iFA8bZ8nfz9qsk=";
};
sourceRoot = ".";

View file

@ -2,16 +2,16 @@
buildGoModule rec {
pname = "limesctl";
version = "3.0.0";
version = "3.0.2";
src = fetchFromGitHub {
owner = "sapcc";
repo = pname;
rev = "v${version}";
sha256 = "sha256-52Tq6gKozM/IFUyAy8N+YDqlbcFNQw6b2tc268Zco6g=";
sha256 = "sha256-+KOtGf+WgI2PhfFJnNyx5ycekRmfbqjSqvWOEhG65Oo=";
};
vendorSha256 = "sha256-7QEb5J5IaxisKjbulyHq5PGVeKAX022Pz+5OV5qD7Uo=";
vendorSha256 = "sha256-LzLUz6diWva2HaxlhEGElbwUvUhCR0Tjsk/G/n5N3+k=";
subPackages = [ "." ];

View file

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
pname = "logseq";
version = "0.8.2";
version = "0.8.3";
src = fetchurl {
url = "https://github.com/logseq/logseq/releases/download/${version}/logseq-linux-x64-${version}.AppImage";
sha256 = "sha256-kUBSoNs9pKnAC4OKFuvtHb0sLxNCsNOosXesMULcpgc=";
sha256 = "sha256-OJ/1SFG/UNkNSYtAQprKlc9JhT9/co4XH941mu+YsXE=";
name = "${pname}-${version}.AppImage";
};

View file

@ -9,16 +9,16 @@
buildGoModule rec {
pname = "mob";
version = "3.1.3";
version = "3.1.5";
src = fetchFromGitHub {
owner = "remotemobprogramming";
repo = pname;
rev = "v${version}";
sha256 = "sha256-FOZrwOf3IFnwtqAk0RNwvlTUidqWbo1aopSu6SmmV4k=";
sha256 = "sha256-FnAocL4Lbg/WxvLJuNR8FDBXvxqD2RMkkRvaCKvka8A=";
};
vendorSha256 = "sha256-pQpattmS9VmO3ZIQUFn66az8GSmB4IvYhTTCFn6SUmo=";
vendorSha256 = null;
nativeBuildInputs = [
makeWrapper

View file

@ -14,13 +14,13 @@
python3Packages.buildPythonApplication rec {
pname = "nwg-panel";
version = "0.7.2";
version = "0.7.4";
src = fetchFromGitHub {
owner = "nwg-piotr";
repo = "nwg-panel";
rev = "v${version}";
sha256 = "sha256-kQow8jBHxMTgtTaOvq8uT5YjWxml+GoYaoUH3hMQN8g=";
rev = "refs/tags/v${version}";
sha256 = "sha256-L5oVuoEU8DEhRttFeas5cCA0XPo5sCm1D+JUAWzZdYA=";
};
# No tests

View file

@ -2,11 +2,11 @@
buildPythonApplication rec {
pname = "remarkable-mouse";
version = "7.0.2";
version = "7.0.3";
src = fetchPypi {
inherit pname version;
sha256 = "sha256-R/sQwVt+YHENkG9U2R205+YADovB8P58eMrUD/WnPic=";
sha256 = "sha256-e6xJBZmWXAPOHNNUMOGLjbe3QmvW0SRwfMNJVZsM3gw=";
};
propagatedBuildInputs = with python3Packages; [ screeninfo paramiko pynput libevdev ];

View file

@ -8,14 +8,14 @@
rofi-unwrapped.overrideAttrs (oldAttrs: rec {
pname = "rofi-wayland-unwrapped";
version = "1.7.3+wayland1";
version = "1.7.5+wayland1";
src = fetchFromGitHub {
owner = "lbonn";
repo = "rofi";
rev = version;
fetchSubmodules = true;
sha256 = "sha256-qvIxWxiQj42VgScSsrF1Yf6ifgEbZes0flNbbwc3O8I=";
sha256 = "sha256-ddKLV7NvqgTQl5YlAEyBK0oalcJsLASK4z3qArQPUDQ=";
};
nativeBuildInputs = oldAttrs.nativeBuildInputs ++ [ wayland-protocols ];

View file

@ -0,0 +1,16 @@
diff -Nurp sigal-2.3.orig/sigal/writer.py sigal-2.3/sigal/writer.py
--- sigal-2.3.orig/sigal/writer.py 2022-08-08 19:43:10.934707194 +0200
+++ sigal-2.3/sigal/writer.py 2022-08-08 19:44:57.542382532 +0200
@@ -103,7 +103,11 @@ class AbstractWriter:
os.path.join(THEMES_PATH, 'default', 'static'),
os.path.join(self.theme, 'static'),
):
- shutil.copytree(static_path, self.theme_path, dirs_exist_ok=True)
+ # https://stackoverflow.com/a/17022146/4935114
+ orig_copystat = shutil.copystat
+ shutil.copystat = lambda x, y: x
+ shutil.copytree(static_path, self.theme_path, dirs_exist_ok=True, copy_function=shutil.copy)
+ shutil.copystat = orig_copystat
if self.settings["user_css"]:
if not os.path.exists(self.settings["user_css"]):

View file

@ -14,6 +14,8 @@ python3.pkgs.buildPythonApplication rec {
hash = "sha256-4Zsb/OBtU/jV0gThEYe8bcrb+6hW+hnzQS19q1H409Q=";
};
patches = [ ./copytree-permissions.patch ];
propagatedBuildInputs = with python3.pkgs; [
# install_requires
jinja2

View file

@ -1,16 +1,16 @@
{ lib, stdenv, fetchFromGitHub, caddy, asciidoctor
, file, lessc, sass, multimarkdown, linkchecker
, perlPackages, python27 }:
, perlPackages, python3Packages }:
stdenv.mkDerivation rec {
pname = "styx";
version = "0.7.2";
version = "0.7.5";
src = fetchFromGitHub {
owner = "styx-static";
repo = "styx";
rev = "0f0a878156eac416620a177cc030fa9f2f69b1b8";
sha256 = "0ig456j1s17w4zhhcmkrskpy6n7061v5f2isa3qhipmn0gwb91af";
rev = "v${version}";
hash = "sha256-f6iA/nHpKnm3BALoQq8SzdcSzJLCFSferEf69SpgD2Y=";
};
server = "${caddy}/bin/caddy";
@ -27,7 +27,7 @@ stdenv.mkDerivation rec {
asciidoctor
multimarkdown
perlPackages.ImageExifTool
(python27.withPackages (ps: [ ps.parsimonious ]))
python3Packages.parsimonious
];
installPhase = ''

View file

@ -5,19 +5,19 @@
rustPlatform.buildRustPackage rec {
pname = "taskwarrior-tui";
version = "0.23.5";
version = "0.23.6";
src = fetchFromGitHub {
owner = "kdheepak";
repo = "taskwarrior-tui";
rev = "v${version}";
sha256 = "sha256-/f68TlNuaEyPDSBpMmOjZkLF6Is2+oYfbWQqQOnsR4M=";
sha256 = "sha256-QHaFx6NCKZKG9/pM/h9kqoCJwl74zT2rnDGh50x8OwE=";
};
# Because there's a test that requires terminal access
doCheck = false;
cargoSha256 = "sha256-sgwT0CLFdmzh7dezVE5tcmGCXqxnGLT00IDIQJl6pHw=";
cargoSha256 = "sha256-ccR5w563NBLDl7O61lkGpmrLgzfO/F3CnOJiLL6tog8=";
meta = with lib; {
description = "A terminal user interface for taskwarrior ";

Some files were not shown because too many files have changed in this diff Show more