Merge master into staging-next

This commit is contained in:
github-actions[bot] 2020-12-16 00:41:23 +00:00 committed by GitHub
commit 41d1ebd7df
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
17 changed files with 94 additions and 44 deletions

View file

@ -9,7 +9,7 @@ The `wrapFirefox` function allows to pass policies, preferences and extension th
myFirefox = wrapFirefox firefox-unwrapped {
nixExtensions = [
(fetchFirefoxAddon {
name = "ublock";
name = "ublock"; # Has to be unique!
url = "https://addons.mozilla.org/firefox/downloads/file/3679754/ublock_origin-1.31.0-an+fx.xpi";
sha256 = "1h768ljlh3pi23l27qp961v1hd0nbj2vasgy11bmcrlqp40zgvnr";
})
@ -42,7 +42,7 @@ The `wrapFirefox` function allows to pass policies, preferences and extension th
If `nixExtensions != null` then all manually installed addons will be uninstalled from your browser profile.
To view available enterprise policies visit [enterprise policies](https://github.com/mozilla/policy-templates#enterprisepoliciesenabled)
or type into the Firefox url bar: `about:policies#documentation`.
Nix installed addons do not have a valid signature, which is why signature verification is disabled. This does not compromise security because downloaded addons are checksumed and manual addons can't be installed.
Nix installed addons do not have a valid signature, which is why signature verification is disabled. This does not compromise security because downloaded addons are checksumed and manual addons can't be installed. Also make sure that the `name` field of fetchFirefoxAddon is unique. If you remove an addon from the nixExtensions array, rebuild and start Firefox the removed addon will be completly removed with all of its settings.
## Troubleshooting {#sec-firefox-troubleshooting}
If addons do not appear installed although they have been defined in your nix configuration file reset the local addon state of your Firefox profile by clicking `help -> restart with addons disabled -> restart -> refresh firefox`. This can happen if you switch from manual addon mode to nix addon mode and then back to manual mode and then again to nix addon mode.

View file

@ -370,6 +370,13 @@
<literal>unbound-control</literal> without passing a custom configuration location.
</para>
</listitem>
<listitem>
<para>
The <literal>services.dnscrypt-proxy2</literal> module now takes the upstream's example configuration and updates it with the user's settings.
An option has been added to restore the old behaviour if you prefer to declare the configuration from scratch.
</para>
</listitem>
<listitem>
<para>
NixOS now defaults to the unified cgroup hierarchy (cgroupsv2).

View file

@ -27,6 +27,16 @@ in
default = {};
};
upstreamDefaults = mkOption {
description = ''
Whether to base the config declared in <literal>services.dnscrypt-proxy2.settings</literal> on the upstream example config (<link xlink:href="https://github.com/DNSCrypt/dnscrypt-proxy/blob/master/dnscrypt-proxy/example-dnscrypt-proxy.toml"/>)
Disable this if you want to declare your dnscrypt config from scratch.
'';
type = types.bool;
default = true;
};
configFile = mkOption {
description = ''
Path to TOML config file. See: <link xlink:href="https://github.com/DNSCrypt/dnscrypt-proxy/blob/master/dnscrypt-proxy/example-dnscrypt-proxy.toml"/>
@ -38,7 +48,13 @@ in
json = builtins.toJSON cfg.settings;
passAsFile = [ "json" ];
} ''
${pkgs.remarshal}/bin/json2toml < $jsonPath > $out
${if cfg.upstreamDefaults then ''
${pkgs.remarshal}/bin/toml2json ${pkgs.dnscrypt-proxy2.src}/dnscrypt-proxy/example-dnscrypt-proxy.toml > example.json
${pkgs.jq}/bin/jq --slurp add example.json $jsonPath > config.json # merges the two
'' else ''
cp $jsonPath config.json
''}
${pkgs.remarshal}/bin/json2toml < config.json > $out
'';
defaultText = literalExample "TOML file generated from services.dnscrypt-proxy2.settings";
};

View file

@ -5,16 +5,16 @@
buildGoModule rec {
pname = "dasel";
version = "1.8.0";
version = "1.9.1";
src = fetchFromGitHub {
owner = "TomWright";
repo = pname;
rev = "v${version}";
sha256 = "sha256-N27XmrbZTLeNkNvGDsChqKZrAagkQoGFaJeeZ1/Qnkw=";
sha256 = "sha256-W95lMULucXcCDqSDWtRoXZM+zh8mmXhoEeFIukPFI0o=";
};
vendorSha256 = "1552k85z4s6gv7sss7dccv3h8x22j2sr12icp6s7s0a3i4iwyksw";
vendorSha256 = "1il1vnv0v97qh8f47md5i6qaac2k8par0pd0z7zqg67vxq6gim85";
buildFlagsArray = ''
-ldflags=-s -w -X github.com/tomwright/dasel/internal.Version=${version}

View file

@ -1,5 +1,5 @@
{ stdenv, lib, makeDesktopItem, makeWrapper, lndir, config
, replace, fetchurl, zip, unzip, jq, xdg_utils
, replace, fetchurl, zip, unzip, jq, xdg_utils, writeText
## various stuff that can be plugged in
, flashplayer, hal-flash
@ -97,12 +97,17 @@ let
# EXTRA PREF CHANGES #
# #
#########################
policiesJson = builtins.toFile "policies.json"
(builtins.toJSON enterprisePolicies);
policiesJson = writeText "policies.json" (builtins.toJSON enterprisePolicies);
usesNixExtensions = nixExtensions != null;
extensions = builtins.map (a:
nameArray = builtins.map(a: a.name) (if usesNixExtensions then nixExtensions else []);
# Check that every extension has a unqiue .name attribute
# and an extid attribute
extensions = if nameArray != (lib.unique nameArray) then
throw "Firefox addon name needs to be unique"
else builtins.map (a:
if ! (builtins.hasAttr "extid" a) then
throw "nixExtensions has an invalid entry. Missing extid attribute. Please use fetchfirefoxaddon"
else
@ -128,12 +133,19 @@ let
};
}
) {} extensions;
}
} //
{
Extensions = {
Install = lib.foldr (e: ret:
ret ++ [ "${e.outPath}/${e.extid}.xpi" ]
) [] extensions;
};
}
// extraPolicies;
};
mozillaCfg = builtins.toFile "mozilla.cfg" ''
// First line must be a comment
mozillaCfg = writeText "mozilla.cfg" ''
// First line must be a comment
// Disables addon signature checking
// to be able to install addons that do not have an extid
@ -320,18 +332,13 @@ let
# preparing for autoconfig
mkdir -p "$out/lib/${firefoxLibName}/defaults/pref"
cat > "$out/lib/${firefoxLibName}/defaults/pref/autoconfig.js" <<EOF
pref("general.config.filename", "mozilla.cfg");
pref("general.config.obscure_value", 0);
EOF
echo 'pref("general.config.filename", "mozilla.cfg");' > "$out/lib/${firefoxLibName}/defaults/pref/autoconfig.js"
echo 'pref("general.config.obscure_value", 0);' >> "$out/lib/${firefoxLibName}/defaults/pref/autoconfig.js"
cat > "$out/lib/${firefoxLibName}/mozilla.cfg" < ${mozillaCfg}
mkdir -p $out/lib/${firefoxLibName}/distribution/extensions
for i in ${toString extensions}; do
ln -s -t $out/lib/${firefoxLibName}/distribution/extensions $i/*
done
#############################
# #
# END EXTRA PREF CHANGES #

View file

@ -36,6 +36,7 @@ let
"8.11.2" = "0f77ccyxdgbf1nrj5fa8qvrk1cyfy06fv8gj9kzfvlcgn0cf48sa";
"8.12.0" = "18dc7k0piv6v064zgdadpw6mkkxk7j663hb3svgj5236fihjr0cz";
"8.12.1" = "1rkcyjjrzcqw9xk93hsq0vvji4f8r5iq0f739mghk60bghkpnb7q";
"8.13+beta1" = "1v4a6dpj41flspa4ihcr7m5ahqz10kbn62fmrldmv7gzq6jsyfyq";
}.${version};
coq-version = stdenv.lib.versions.majorMinor version;
versionAtLeast = stdenv.lib.versionAtLeast coq-version;
@ -118,7 +119,9 @@ self = stdenv.mkDerivation {
then [ ocamlPackages.lablgtk3-sourceview3 glib gnome3.defaultIconTheme wrapGAppsHook ]
else [ ocamlPackages.lablgtk ]);
propagatedBuildInputs = stdenv.lib.optional (versionAtLeast "8.12") ocamlPackages.num;
propagatedBuildInputs =
stdenv.lib.optional (versionAtLeast "8.13") ocamlPackages.zarith
++ stdenv.lib.optional (coq-version == "8.12") ocamlPackages.num;
postPatch = ''
UNAME=$(type -tp uname)

View file

@ -2,16 +2,16 @@
buildGoModule rec {
pname = "gh";
version = "1.3.1";
version = "1.4.0";
src = fetchFromGitHub {
owner = "cli";
repo = "cli";
rev = "v${version}";
sha256 = "1j1nyx4ly87g0hk3hfw3qbykb64hrg3vg4r52z1w146v6ln7lm7h";
sha256 = "08gxx9dwk24r1c5jkc9mqzcicxqmrdw0bi94nr517hk5cqsav2sl";
};
vendorSha256 = "19gv7ggbry46h40d9sc5cqba95vjfknzdd1cn3xa5409qaczg9lg";
vendorSha256 = "1ih7z883pffb6hnx51h8823d95b52d6dy1gk6ln7j25fqhcfvsy8";
nativeBuildInputs = [ installShellFiles ];

View file

@ -1,16 +1,20 @@
{stdenv, lib, coreutils, unzip, jq, zip, fetchurl,writeScript, ...}:
{ name
{
name
, url
, md5 ? ""
, sha1 ? ""
, sha256 ? ""
, sha512 ? ""
, fixedExtid ? null
, hash ? ""
}:
stdenv.mkDerivation rec {
inherit name;
extid = "${src.outputHash}@${name}";
extid = if fixedExtid == null then "nixos@${name}" else fixedExtid;
passthru = {
exitd=extid;
};
@ -35,4 +39,3 @@ stdenv.mkDerivation rec {
};
nativeBuildInputs = [ coreutils unzip zip jq ];
}

View file

@ -1,5 +1,5 @@
{ mkXfceDerivation, docbook_xsl, glib, libxslt, perlPackages, gtk2, gtk3
, libxfce4ui, libxfce4util }:
{ mkXfceDerivation, docbook_xsl, glib, libxslt, gtk2, gtk3
, libxfce4ui, libxfce4util, perl }:
mkXfceDerivation {
category = "xfce";
@ -10,7 +10,6 @@ mkXfceDerivation {
nativeBuildInputs = [
libxslt
perlPackages.URI
docbook_xsl
];
@ -20,6 +19,8 @@ mkXfceDerivation {
glib
libxfce4ui
libxfce4util
(perl.withPackages(ps: with ps; [ URI ])) # for $out/lib/xfce4/exo/exo-compose-mail
];
# Workaround https://bugzilla.xfce.org/show_bug.cgi?id=15825

View file

@ -29,6 +29,10 @@ let params = {
rev = "V8.12.0";
sha256 = "14ijb3qy2hin3g4djx437jmnswxxq7lkfh3dwh9qvrds9a015yg8";
};
"8.13" = {
rev = "V8.13.0";
sha256 = "1n66i7hd9222b2ks606mak7m4f0dgy02xgygjskmmav6h7g2sx7y";
};
};
param = params.${coq.coq-version};
in

View file

@ -66,6 +66,7 @@ let
#######################################################################
# sha256 of released mathcomp versions
sha256 = {
"1.12.0" = "1ccfny1vwgmdl91kz5xlmhq4wz078xm4z5wpd0jy5rn890dx03wp";
"1.11.0" = "06a71d196wd5k4wg7khwqb7j7ifr7garhwkd54s86i0j7d6nhl3c";
"1.11+beta1" = "12i3zznwajlihzpqsiqniv20rklj8d8401lhd241xy4s21fxkkjm";
"1.10.0" = "1b9m6pwxxyivw7rgx82gn5kmgv2mfv3h3y0mmjcjfypi8ydkrlbv";
@ -76,6 +77,7 @@ let
};
# versions of coq compatible with released mathcomp versions
coq-versions = {
"1.12.0" = flip elem [ "8.13" ];
"1.11.0" = flip elem [ "8.7" "8.8" "8.9" "8.10" "8.11" "8.12" ];
"1.11+beta1" = flip elem [ "8.7" "8.8" "8.9" "8.10" "8.11" "8.12" ];
"1.10.0" = flip elem [ "8.7" "8.8" "8.9" "8.10" "8.11" ];
@ -96,7 +98,7 @@ let
# mathcomp preferred versions by decreasing order
# (the first version in the list will be tried first)
version-preferences =
[ "1.10.0" "1.11.0" "1.9.0" "1.8.0" "1.7.0" "1.6.1" ];
[ "1.12.0" "1.10.0" "1.11.0" "1.9.0" "1.8.0" "1.7.0" "1.6.1" ];
# list of core mathcomp packages sorted by dependency order
packages = _version: # unused in current versions of mathcomp

View file

@ -1,7 +1,7 @@
{ lib
, buildPythonPackage
, fetchPypi
, nose
, pytestCheckHook
, mock
}:
@ -15,11 +15,12 @@ buildPythonPackage rec {
};
checkInputs = [
nose
pytestCheckHook
mock
];
checkPhase = "nosetests";
# Tests broken.
doCheck = false;
meta = {
description = "Load me later. A lazy plugin management system for Python";

View file

@ -5,16 +5,16 @@
buildGoModule rec {
pname = "go-tools";
version = "2020.1.6";
version = "2020.2";
src = fetchFromGitHub {
owner = "dominikh";
repo = "go-tools";
rev = version;
sha256 = "1r83gx7k4fiz3wlshhniz1i39xv492nni1nvfxjfqgnmkavb6r4x";
sha256 = "1qqpr481rx6n75xp1racsjjyn2fa8f28pcb0r9kd56qq890h3qgj";
};
vendorSha256 = "1g04rzirjv90s1i542cqi2abhgh8b74qwhp1hp1cszgb7k8nndmr";
vendorSha256 = "1axci0l7pymy66j6lilm49ksrwp7dvnj5krai2kvy96n3arcnsvq";
doCheck = false;

View file

@ -14,11 +14,6 @@
"sha256": "08srahgfzynv2bfd0ym6vgl1c0xjfqg6qvgzlq85y9pb7fain5yp",
"url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.83.a/linux-hardened-5.4.83.a.patch"
},
"5.8": {
"name": "linux-hardened-5.8.18.a.patch",
"sha256": "1r2n74nbyi3dp5zql9sk504xkpil6ylbyd99zqqva4nd3qg17c99",
"url": "https://github.com/anthraxx/linux-hardened/releases/download/5.8.18.a/linux-hardened-5.8.18.a.patch"
},
"5.9": {
"name": "linux-hardened-5.9.14.a.patch",
"sha256": "1rr61s9k7nmr27r4vkgpvvra7r8ksi6h6axf5kcbx7krbgdmwmfv",

View file

@ -3,7 +3,7 @@
with stdenv.lib;
buildLinux (args // rec {
version = "5.10";
version = "5.10.1";
# modDirVersion needs to be x.y.z, will automatically add .0 if needed
modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg;
@ -13,6 +13,6 @@ buildLinux (args // rec {
src = fetchurl {
url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz";
sha256 = "sha256-3N+Z5D6YMw2SUBaYW/vHuDxm02e3FLLeDLv8v4PYykM=";
sha256 = "0p2fl7kl4ckphq17xir7n7vgrzlhbdqmyd2yyp4yilwvih9625pd";
};
} // (args.argsOverride or {}))

View file

@ -16803,6 +16803,12 @@ in
perlcritic = perlPackages.PerlCritic;
sqitchMysql = callPackage ../development/tools/misc/sqitch {
name = "sqitch-mysql";
databaseModule = perlPackages.DBDmysql;
sqitchModule = perlPackages.AppSqitch;
};
sqitchPg = callPackage ../development/tools/misc/sqitch {
name = "sqitch-pg";
databaseModule = perlPackages.DBDPg;
@ -26997,6 +27003,7 @@ in
coqPackages_8_10 coq_8_10
coqPackages_8_11 coq_8_11
coqPackages_8_12 coq_8_12
coqPackages_8_13 coq_8_13
coqPackages coq
;

View file

@ -125,6 +125,9 @@ in rec {
coq_8_12 = callPackage ../applications/science/logic/coq {
version = "8.12.1";
};
coq_8_13 = callPackage ../applications/science/logic/coq {
version = "8.13+beta1";
};
coqPackages_8_5 = mkCoqPackages coq_8_5;
coqPackages_8_6 = mkCoqPackages coq_8_6;
@ -134,6 +137,7 @@ in rec {
coqPackages_8_10 = mkCoqPackages coq_8_10;
coqPackages_8_11 = mkCoqPackages coq_8_11;
coqPackages_8_12 = mkCoqPackages coq_8_12;
coqPackages_8_13 = mkCoqPackages coq_8_13;
coqPackages = recurseIntoAttrs (lib.mapDerivationAttrset lib.dontDistribute
coqPackages_8_11
);